| Age | Commit message (Collapse) | Author |
|---|
|
indefinitely and cannot be interrupted or killed. This is consistent
with how VFS system calls should behave. If the file system becomes
unresponsive then the only sane solution is for the user to kill the
file system daemon.
Implementing the equivalent of nfs -osoft or -ointr to either timeout
or allow the blocking FUSE operation to be interrupted can be considered
in a future patch.
ok mpi@
|
|
implementations. Rely on the VFS layer to do the checking.
OK mpi@, helg@
|
|
to make crfree() and crhold() MP-safe. Make crhold() a proper function.
Put the definition into file kern_prot.c to constrain the need of the
<sys/atomic.h> header.
While there, adjust the IPL of ucred_pool to avoid lock order problems
with the kernel lock (pointed out by kettenis@).
OK mpi@
|
|
removing unused uvmexp fields. Reduces number of lines as well.
|
|
This also fixes the _url functions that was previously #ifdef'ed out.
OK claudio@
|
|
only uses that
|
|
|
|
it in the piglet during unhibernate. Missed this block during the previous
commit. We'll panic, which will likely just reboot the machine, but that's
better than trashing a chunk and causing mystery errors later.
|
|
Prevent a panic now that some syscall are running unlocked.
Found the hardway by Gregor Best.
|
|
original retguard data to the piglet and bcopys it back in place
immediately before resuming via the ACPI Sx trampoline.
ok deraadt, guenther, tested by many.
|
|
ok deraadt@
|
|
to detect smt cores. As there's no "smt id" on these like there is on Intel
parts, check against other already-id'd cpus to detect which are additional
smt threads on a core.
jmatthew noticed some unusual (non-contiguous) numbering on an single
socket EPYC 7551p but there's no indication that the actual ID numbers
need to be sequential.
"As long as we treat ci_core_id as just a number, that shouldn't be an
issue" and OK kettenis@
ref: 54945 rev 1.14 - PPR for AMD Family 17h Models 00h-0Fh
|
|
We have an ldapd(8) server and ypldap in base, so it makes sense to
have a simple LDAP client without depending on the OpenLDAP package.
This tool can be used in an ssh(1) AuthorizedKeysCommand script.
With feedback from many including millert@ schwarze@ gilles@ dlg@ jsing@
OK deraadt@
|
|
|
|
For example:
location match "/page/(%d+)/.*" {
request rewrite "/static/index.php?id=%1&$QUERY_STRING"
}
Requested by many.
Ok benno@
|
|
@define-tag sthg
|
|
the compiler is probably better at unrolling loops.
style nit fcambus
OK phessler
|
|
we can probably get away without doing it if no tags exist (to do later)
|
|
|
|
which involved doing a write_option_db() call at a different point in
bind_lease().
However one of the parameters was in a variable that was also used for
iterating a TAILQ so this did not have the intended contents (it was
always NULL at the end of TAILQ_FOREACH*, resulting in a null deref
when dhclient -L is used).
Fix by using a new temporary variable. ok krw@
|
|
|
|
|
|
These syscalls can now be executed w/o the KERNEL_LOCK() depending on
the kind of socket.
The current solution uses a single global mutex to serialize access to,
and reference count, 'struct file'.
ok visa@, kettenis@
|
|
This is required to run network syscall mostly without the KERNEL_LOCK().
ok visa@, kettenis@ as part of a larger diff.
|
|
|
|
|
|
so let the handle do the heavy lifting of plist loading all the
time (this is also what tag solver will need)
|
|
able to use it.
|
|
inputs & ok visa@
|
|
|
|
|
|
From Ondrej Zary
e88640adf6fe0709466f814a26753d78184a598c in linux 4.4.y/4.4.136
b3fb22733ae61050f8d10a1d6a8af176c5c5db1a in mainline linux
|
|
unusedNN.
Missing man page bits pointed out by
jmc@. Ports source scan by sthen@.
ok deraadt@ guenther@
|
|
|
|
TLBs and L1 caches between threads. This can make cache timing
attacks a lot easier and we strongly suspect that this will make
several spectre-class bugs exploitable. Especially on Intel's SMT
implementation which is better known as Hypter-threading. We really
should not run different security domains on different processor
threads of the same core. Unfortunately changing our scheduler to
take this into account is far from trivial. Since many modern
machines no longer provide the ability to disable Hyper-threading in
the BIOS setup, provide a way to disable the use of additional
processor threads in our scheduler. And since we suspect there are
serious risks, we disable them by default. This can be controlled
through a new hw.smt sysctl. For now this only works on Intel CPUs
when running OpenBSD/amd64. But we're planning to extend this feature
to CPUs from other vendors and other hardware architectures.
Note that SMT doesn't necessarily have a posive effect on performance;
it highly depends on the workload. In all likelyhood it will actually
slow down most workloads if you have a CPU with more than two cores.
ok deraadt@
|
|
OK jca
|
|
|
|
|
|
|
|
|
|
|
|
|
|
definitions)
|
|
OK deraadt@
|
|
DependOnly
|
|
file system can access it unless the allow_other mount options is
specified. The allow_other mount option makes the file system
available to other users just like any other mounted file system.
ok mpi@
|
|
|
|
choose_server() calls getaddrinfo(3) but never frees the result.
Minimal fix that relies on getaddrinfo(3) only updating the "res"
pointer if the call was successful.
While here, call freeaddrinfo(3) earlier in whois(), less code and less
overall memory used since whois() can recurse.
ok millert@ tb@ benno@
|
|
FUSE file system. fuse_get_context(3) will now return the correct
values.
ok mpi@
|
|
|
