Age | Commit message (Collapse) | Author |
|
changes:
- Support for intel 4 series chipsets (i'll do any relavent agp bits for
these as soon as i grab the datasheet and find a testcase)
- fix scheduled buffer swaps on non 965 chipsets
- major reorder, dedup and general cleanup of register definition and
the header file
Tested by a few, no regressions
|
|
adds:
- support for RS400 chips
- some cleanup of a few things
- fixes a hard lockup for r3-500 cards.
Tested by a few
|
|
report and testing by david@; ok millert@ jaredy@
|
|
ok deraadt@
|
|
ok henning
|
|
when we first do a pcb lookup and we have a pointer to a pf state key
in the mbuf header, store the state key pointer in the pcb and a pointer
to the pcb we just found in the state key. when either the state key
or the pcb is removed, clear the pointers.
on subsequent packets inbound we can skip the pcb lookup and just use the
pointer from the state key.
on subsequent packets outbound we can skip the state key lookup and use
the pointer from the pcb.
about 8% speedup with 100 concurrent tcp sessions, should help much more
with more tcp sessions.
ok markus ryan
|
|
|
|
OK deraadt
|
|
identical to the one above it.
OK deraadt
|
|
ok deraadt@
|
|
ok marco@
|
|
ok deraadt@
|
|
|
|
|
|
1. When checking if the pagedaemon should be awakened and to see how
much work it should do, consider the buffer cache deficit
(how much pages the buffer cache can eat max vs. how much it has
now) as pages that are not free. They are actually still usable by
the allocator, but the presure on the pagedaemon is increased when
we starting to chew into the memory that the buffer cache wants to
use.
2. Remove the stupid 512kB limit of how much memory should be our
free target. That maybe made sense on 68k, but on modern systems
512k is just a joke. Keep it at 3% of physical memory just like
it was meant to be.
3. When doing allocations for the pagedaemon, always let it use the
reserve. the whole UVM_OBJ_IS_KERN_OBJECT is silly and doesn't
work in most cases anyway. We still don't have a reserve for
the pagedaemon in the km_page allocator, but this seems to help
enough. (yes, there are still bad cases in that code and the comment
is only half-true, the whole section needs a massage, but that will
happen later, this diff only touches pagedaemon parts)
Testing by many, prodded by theo.
|
|
the native ubsa device, the patch notifies when it finds such a kind of
device.
ok jsg@
|
|
ok deraadt@
|
|
enabled, delay the fork until after replies for any -R forwards have
been seen. Allows for robust detection of -R forward failure when
using -f (similar to bz#92); ok dtucker@
|
|
|
|
Check whether client has exceeded MaxAuthTries before running
an authentication method and skip it if they have, previously it
would always allow one try (for "none" auth).
Preincrement failure count before post-auth test - previously this
checked and postincremented, also to allow one "none" try.
Together, these two changes always count the "none" auth method
which could be skipped by a malicious client (e.g. an SSH worm)
to get an extra attempt at a real auth method. They also make
MaxAuthTries=0 a useful way to block users entirely (esp. in a
sshd_config Match block).
Also, move sending of any preauth banner from "none" auth method
to the first call to input_userauth_request(), so worms that skip
the "none" method get to see it too.
|
|
Holland via bz #1348 . Also checks for non-regular files during protocol
1 RSA auth. ok djm@
|
|
Report and fix from Matthew Dempsky.
|
|
many high speed modem devices use CDC-like notify message protocol
in there intr pipe rather than ubsa(4) compatible protocol.
now umsm(4) interrupt message will be treated as CDC notify.
And, this patch contains "verbose message patch" to find incompatible
device in umsm(4).
|
|
|
|
|
|
suspend/resume. eventually it will also manage output switching and
brightness where supported. prodded by marco@
|
|
|
|
ok deraadt@
|
|
* For amd64, remove pcibios traces.
* make RBUS_IO_START, RBUS_IO_SIZE, RBUS_MIN_START and RBUS_MEM_SIZE
(on i386) configurable via kernel options.
* Remove unneeded headers.
* Some cleanups.
originally reported in pr/5829 and tested by viq <viq at viq dot ath dot cx>.
fixes ian@ laptop too.
kettenis@ and miod@ agrees that although not perfect, this is the right
direction.
|
|
|
|
bits; prodded by & ok dtucker@ ok deraadt@
|
|
|
|
|
|
|
|
|
|
ok brad@
|
|
ok deraadt@
|
|
ipsec.conf. The config created by isakmpd dynamically was different
from the config that ipsecctl generated out of ipsec.conf.
Both config formats are changed so that they match. One needs a
passive ike line and a require flow line with the same parameters
in the ipsec.conf. Then the acquire message generated by the kernel
will trigger isakmpd to generate a config that matches the one that
ipsecctl generated from the ike line.
ok hshoexer, 'sounds good' todd
|
|
of all possible addresses from DNS and not only the first one. So
during expansion, the right address family can be chosen and
regression test ike56 passes again. There localhost resolves to
127.0.0.1 and ::1.
ok hshoexer
|
|
ok deraadt@
|
|
rule, the current to address is taken as peer during expansion.
This makes the broken regress test ikefail7 obsolete as address
family mismatch cannot happen anymore.
ok hshoexer
|
|
ensure that the packet gets rewritten correctly first.
As usual, problem pointed out by david
ok henning
|
|
ok henning
|
|
|
|
it is an AMD Geode LX before reading the GLD_MSR_CAP register.
Problem reported by Paul Irofti, thanks. Tested by me and sthen. ok sthen.
|
|
used. Instead use MHLEN and MLEN acordingly because MINCLSIZE is bigger than
a single mbuf now.
OK mglocker@
|
|
|
|
in order to comply with RFC 4253. bz #1443, ok djm@
|
|
host key check. ok djm@
|
|
ok deraadt@
|