| Age | Commit message (Collapse) | Author |
|---|
|
ok kettenis@
|
|
Found by LLVM/Clang Static Analyzer.
ok marco@ krw@
|
|
so stop it from trying to check itself for changes;
noticed by Mattieu Baptiste <mattieu dot b at gmail dot com>.
|
|
Found by LLVM/Clang Static Analyzer.
ok henning@
|
|
Found by LLVM/Clang Static Analyzer.
ok miod@ jsg@
|
|
Found by LLVM/Clang Static Analyzer.
ok miod@ krw@
|
|
does not require special permissions. The security(8) scripts hates
group-writeable home directories, so remove the needless permissions.
Issue noticed by Andrew Fresh <andrew at afresh1 dot com>.
If i understand naddy@ correctly, this is unlikely to harm even UUCP users.
"Just remove the group writeable bit" deraadt@.
|
|
mode when the mouse is dragged or the mouse wheel is used. Also exit
copy mode when the mouse wheel is scrolled off the bottom. Discussed
with and written by hsim at gmx dot li.
|
|
revisions; despite what the ``official'' (yet unpublished, confidential
proprietary, will cause a tree to fall on your house if you quote it, etc)
errata says, disabling data decoupling is not enough to workaround its
malfunction in processor revisions 5.x.
Enough missing-SFU instructions (each causing a `disabled SFU' trap) in a
tight loop will eventually (but quickly) trigger the (unrecoverable, not even
by NMI) processor hang.
Of course, most such instructions are not privileged, and can be easily issued
by an evil userland process; crashme happens to be a good example of this, when
invoked with the proper settings (which are left as an exercise to the reader).
Now, can I have my hair back? Come on! Please... pretty please... with sugar on
top... people are looking at my head, you know.
|
|
from Alexis Fouilhe
...and i just know cvs is gonna mess up this commit message
|
|
|
|
success.
ok nicm@
|
|
ok deraadt@, miod@
|
|
in disklabel(8)
pointed out by jmc@
|
|
|
|
ok krw@ and looks correct to jmc@
|
|
since its an int, not a long.
ok deraadt@
|
|
|
|
confusing because both addresses and broadcast addresses are put
into the tree.
there are two types of local address lookup. the first is when the
socket layer wants a local address, the second is in ip_input when
the kernel is figuring out the packet is for it to process or
forward.
ip_input considers local addresses and broadcast addresses as local,
however, the handling of broadcast addresses is different depending
on whether ip_directedbcast is set. if if ip_directbcast is unset
then a packet coming in on any interface to any of the systems
broadcast addresses is considered local, otherwise the broadcast
packet must exist on the interface it was received on.
the code also needs to consider classful broadcast addresses so we
can continue some legacy applications (eg, netbooting old sparcs
that use rarp and bootparam requests to classful broadcast addresses
as per PR6382). this diff maintains that support, but restricts it
to packets that are broadcast on the link layer (eg, ethernet
broadcasted packets), and it only looks up addresses on the local
interface. we now only support classful broadcast addresses on local
interfaces to avoid weird side effects with packets routed to us.
the ip4 socket layer does lookups for local addresses with a wrapper
around the global address tree that rejects matches against broadcast
addresses. we now no longer support bind sockets to broadcast
addresses, no matter what the value of ip_directedbcast is.
ok henning@
testing (and possibly ok) claudio@
|
|
from a USB serial number, as recommended by the umass spec.
ok dlg@
|
|
be free()ed, iterate over the file_list, and find the structure
to free. This is safer and simpler. No behaviour change
|
|
|
|
More HISTORY.
Using feedback from jmc@.
"I think that is correct.
If it isn't, someone out there will eventually moan :)" deraadt@
|
|
protocol specific code. No behaviour change
|
|
return value, not a size_t which does not grok -1.
ok matthew@
|
|
until they're zombies and then send them signals (for intr mounts). Until
that is untangled, the sigacts change is unsafe. sthen@ was the victim
for this one
|
|
ucfirst(), uc() and lc() forget to set the tainted flag if input
was marked as tainted.
http://rt.perl.org/rt3/Public/Bug/Display.html?id=87336
http://perl5.git.perl.org/perl.git/commitdiff/539689e74a3bcb04d29e4cd9396de91a81045b99
ok millert@
|
|
Rather then rewriting history, I've chosen to erase it; as it
contains only pointless trivia...
ok deraadt@
|
|
mouse-select-pane.
|
|
|
|
ok espie@
|
|
clicking on the status line, written by hsim at gmx dot li.
|
|
The problems during the hackathon were not caused by this (most likely).
prodded by deraadt@ and beck@
|
|
|
|
asked by/ok deraadt@, ajacoutot@
|
|
ok millert@
|
|
In effect, this removes the "old" vndX nodes, and renames
the svndX nodes to vndX.
Old svndX nodes will still continue to work though, for now.
Cleanup accordingly.
ok deraadt@, todd@
comments and ok on the man page bits from jmc@
|
|
this will treat vndX the same as svndX.
ok and gcc2 fixes from deraadt@
|
|
Not %d or %u. May help some of the issues reported by Richard Toohey.
Tested by Steven R. Gerber.
|
|
picks the peer from the acquire message and allows to match masked
peers in the policies like "peer any" or "peer 10.0.0.0/8" instead of
requiring exactly matching peer specifications.
ok mikeb@
|
|
matching policy and init a new IKE SA. This adds support for "acquire mode"
from static flows.
ok mikeb@
|
|
tested in bulk build.
ok millert@
|
|
occurence.
with a small tweak from an ok sthen@
|
|
when leaving. when you're handling an interrupt it is masked.
whacking the chip is work for no gain.
modify the interrupt handler so it only processes the rings once
rather than looping over them until it runs out of work to do
looping in the isr is bad for several reasons:
firstly, the chip does interrupt mitigation so you have a
decent/predictable amount of work to do in the isr. your first loop
will do that chunk of work (ie, it pulls off 50ish packets), and
then the successive looping aggressively pull one or two packets
off the rx ring. these extra loops work against the benefit that
interrupt mitigation provides.
bus space reads are slow. we should avoid doing them where possible
(but we should always do them when necessary).
doing the loop 5 times per isr works against the mclgeti semantics.
it knows a nic is busy and therefore needs more rx descriptors by
watching to see when the nic uses all of its descriptors between
interrupts. if we're aggressively pulling packets off by looping
in the isr then we're skewing this check.
ok deraadt@
|
|
eject events, then the ppb's interrupt handler can be run at IPL_BIO.
This makes a huge difference on modern server with mpi/bge/bnx.
In snapshots for about 2 weeks now...
|
|
this probably means the controller is dead -- as in, a hot plug eject
event. in that case, mark the driver dead and try harder to return -1
in the interrupt handler.
tested by many
ok dlg, miod did not object
|
|
|
|
name (though we don't actually enforce this at present). Move one up
that was out of sequence
|
|
|
|
|
