Age | Commit message (Collapse) | Author |
|
|
|
Ok mlarkin@ jsg@
|
|
|
|
|
|
describe how an inner-region is found for applying MAP_STACK, and that
currently MAP_STACK remains set when the sigaltstack is disabled.
ok kettenis guenther schwarze
|
|
|
|
Michael W. Bombardieri. Thanks.
|
|
Michael W. Bombardieri. Thanks.
|
|
problem reported by TJ
|
|
The early freeing has become possible because aesni_process() and
crypto_freesession() are no longer serialized by the kernel lock.
The flaw has caused kernel panics with IPsec traffic.
Issue seen by some, fix tested by mabi on bugs@
OK mikeb@, mpi@
|
|
|
|
|
|
Correct reference to RFC.
Disambiguate section names.
Lowercase the "using" in Network Virtualization using Generic Routing
Encapsulation.
ok jmc@ schwarze@
|
|
|
|
from matt schwartz
ok claudio
|
|
|
|
|
|
uses the O32 calling convention. Such firmware comes at least on some
Loongson 3A development boards. This differs from the LS2F-based
machines made by Lemote whose PMON uses the GCC O64 calling convention.
|
|
ok hackroom@
|
|
when indicating the boot device to the kernel. This should reduce
ambiguity in root device selection.
|
|
afterwards.
crash reported by Piotr Isajew
ok stsp@
|
|
ok guenther, jmc, tom, millert, deraadt
|
|
|
|
|
|
ok kettenis@ jmatthew@
|
|
|
|
the hardware provides crypto offload, zlib offload, and an rng.
this code only supports the rng at the moment.
this device is present on their amd seatlle platforms, and very
present on their epyc stuff.
ok kettenis@ jmatthew@
|
|
|
|
|
|
Avoid the misunderstanding that the essential purpose of -l is
similar to the purpose of the -a option in mandoc(1), which is not
the point: the fact that -l implies -a is merely a minor detail.
The point of -l is to make man(1) behave like mandoc(1).
Move the mention of -a to the end to de-emphasize it.
Nate Bargmann reported that this seriously confused him,
and i can see why.
|
|
this started when looking for function prototypes not in the SYNOPSIS
section and fixing that, but ingo argues that it doesn't make sense
to document 30 unrelated functions in one manpage anyway.
ok deraadt@ mpi@ schwarze@
|
|
this is the same check that's done when adding normal members to
the bridge. it prevents things like gif(4) being added to the bridge,
which in turn prevents panics when shoving ethernet packets down a
layer 3 interface.
reported and tested by jasper@
|
|
While here, include a patch from tb@
adding the missing return type to ENGINE_ctrl() in the SYNOPSIS.
|
|
In page name mode (= man(1) default mode), also try to interpret
names containing slashes as absolute or relative file names.
Missing feature reported by Nate Bargmann on <groff at gnu dot org>,
and the man-db maintainer Colin Watson <cjwatson at debian dot org>
explained to me how this is supposed to work.
|
|
|
|
encapsulating IPv4 and IPv6 packets in IPv4 and IPv6 gif tunnels.
|
|
move all the function prototypes to the SYNOPSIS section, rather
than having them underneath sections later in the page. make those
sections subheaders rather than full section headers while im here.
ok schwarze@
|
|
|
|
cannot handle the larger firmwares, so we must place them somewhere
else where the kernel can read them. Let's use 1MB. And pay attention
if someone gets burned by this decision. Other solutions get a lot
more hairy
ok mlarkin jsing
|
|
stack buffer. With a page-aligned buffer, creating a MAP_STACK sub-region
would undo the PROT_NONE guard. Ignore that last page.
(We could check if the last page is non-RW before choosing to skip it. But
we've already elected to grow STK sizes to compensate. Always ignoring the
last page makes it a non-MAP_STACK guard page which can be opportunistically
discovered)
ok semarie stefan kettenis
|
|
intended as the target client where the message should be displayed but
at some point (perhaps when -p was added), it was used for format
expansion too. This means it can get a bit weird where you have client
formats expanding for a client with a different current session than the
target session.
However, it is nice that display-message can be used to show information
about a specific client. So change so that the -c client will be used if
the session matches the target session (-t or default), otherwise the
best client will be chosen.
|
|
|
|
pointer in the IP protocol loop. Reset the loop's mbuf when the
mbuf is freed. The latter is not necessary, but clearing a pointer
to freed data is safer.
OK dlg@
|
|
|
|
|
|
to 1024 session per process (esp. with keep-alive). Now the fd limit is
the new maximum and relayd will make sure to not accept too many sessions.
The tcp backlog config maximum is now 512, adjust manpage accordingly.
OK benno@ deraadt@
|
|
Alloc the containing struct with M_ZERO so if loadfirmware() fails and
doesn't set the pointer we won't try to free an address based on
uninitialised memory.
Use M_DEVBUF not M_DRM when freeing the buffer allocated by
loadfirmware().
|
|
operations. This resolves one of the failures frequently seen
on QEMU where spawning processes while another process is working
can lead to crashes.
Committing on behalf of drahn@
ok kettenis@ jsg@
|
|
applications will crash without this lock as other threads attempt
to walk the tree while another thread is adding/removing mappings.
Committing on behalf of drahn@
ok kettenis@
|
|
keyboard late.
This makes keyboard re-attaching due to the machdep.forceukbd sysctl(2)
respect /etc/kbdtype.
Issue reported by Artturi Alm, jmc@ and landry@.
ok kettenis@
|