Age | Commit message (Collapse) | Author |
|
The driver for the AMD platform security processor did use a bunch
of EINVAL error codes. It is better to propagate the error up from
the subsystem or use more specific values. Rename the variable
"ret" to "error" to make clear where we deal with an actual errno(2).
Document where and why the error code is ignored.
OK hshoexer@
|
|
OK mpi@
|
|
|
|
reported by and fix tested by afresh@
|
|
ifq_deq_set_oactive is a variation on ifq_set_oactive that can be
called inside an if_deq_begin "transaction".
afresh@ found de(4) was calling ifq_set_oactive while holding the
ifq mutex via ifq_deq_begin, which led to a panic because ifq_set_oactive
also tries to take the ifq mutex. ifq_deq_set_oactive assumes the
caller is already holding the mutex.
de(4) is confusing, so it seemed simpler to add a small tweak to
ifqs than try and do major surgery on such a hairy driver.
tested by afresh@
|
|
this replaces a hand rolled list that's been here since 1.1.
ok claudio@ kn@ tb@
|
|
|
|
ok mlarkin@
|
|
|
|
|
|
unneeded after uvm_vnp_sync() prototype moved to vnode.h in 2014
|
|
|
|
userspace.
|
|
With input on prefix handling and ok jsg@
|
|
dlg concurs
|
|
after the last rewrite i was showing bpf ip packets, not the pfsync
payload like the PFSYNC DLT expected.
this also lets bpf see packets being processed by pfsync input
handling, so if you want to see only what's being sent you'll need
to filter by direction.
reported by Marc Boisis
|
|
|
|
The return value of atomic_load_int(9) is unsigned so needs a cast,
otherwise securelevel=-1 gets misrepresented.
From Paul Fertser.
|
|
assignment, not just the most recent.
|
|
|
|
Also fix some trailing whitespace in comments.
From Christian Schulte, thanks
|
|
From Philip Yang
4c332037fcbb9bb53c46ba4f156951429acc4d97 in linux-6.6.y/6.6.62
68d26c10ef503175df3142db6fcd75dd94860592 in mainline linux
|
|
there's no reason to limit tun/tap to small packets.
ok claudio@
|
|
|
|
ok patrick@
|
|
when bpfsdetach is called by an interface being destroyed, it
iterates over the bpf descriptors using the interface and calls
vdevgone and klist_invalidate against them. however, i'm not sure
the reference the interface holds against the bpf_d is accounted
for properly, so vdevgone might drop it to 0 and free it, which
makes the klist_invalidate a use after free.
avoid this by taking a bpf_d ref before calling vdevgone and
klist_invalidate so the memory can't be freed out from under the
feet of bpfsdetach.
Reported-by: syzbot+b3927f8ad162452a2f39@syzkaller.appspotmail.com
i wasn't able to reproduce whatever syzkaller did. it's possible
this is a double free, but we'll wait and see if it pops up again.
ok mpi@
|
|
|
|
|
|
|
|
|
|
Use better variable names (cf. https://jmilne.org/math/tips.html#4) and
avoid the weird style of assigning to r (what does r stand for anyway?)
and short circuiting subsequent tests using if (r || ...). Also, do not
reuse the variables for order and cofactor that were previously used for
the curve coefficients.
ok jsing
|
|
|
|
the ioctls are here, the offload header is next.
|
|
userland can request that network packets that are read from or
written to the device special file get prepended with a "tun_hdr"
struct. this struct contains bits which say what offloads are
requested for the packet, including things like ip/tcp/udp/icmp
checksums, tcp segmentation offloads, or ethernet vlan tags.
userland can write a packet with any of these offloads requested
into the kernel at any time, but has to request which ones it's
able to handle coming from the kernel. enabling the tun_hdr struct
and which offloads userland can handle is done with a new TUNSCAP
ioctl.
this is based on the virtio_net_hdr in linux, which jan@ actually
implemented and had working with vmd. however, claudio@ and i
strongly opposed to what feels like a layer violation by pulling
virtio structures into the tun driver, and then trying to emulate
virtio/linux semantics in our network stack, and playing catch up
when the "upstream" projects decide to change the shape or meaning
of these bits. tun_hdr is specific to the openbsd network stack and
it's semantics, which simplifies our kernel implementation. jan has
been pretty gracious about the extra work on the vmd side of things.
tested by and ok jan@
ok claudio@
sthen@ backed this out cos of confusion with the ioctl numbers i
picked to controlling this feature. i've picked new numbers that
don't conflict this time.
|
|
controller. It is used as doorbell for the arm-scmi perf protocol and
a prerequisite for cpu frequency management on X Elite chips.
ok patrick@
|
|
|
|
The only caller passes in num = 1 and is itself called in a path that
ensures that the multiplier of the generator is != NULL. Consequently
we don't need to deal with an array of points and an array of scalars
so rename them accordingly.
In addition, the change implies that numblocks and num_scalar are now
always 1, so inline this information and take a first step towards
disentangling this gordian knot.
ok jsing
|
|
This provides a SHA-256 assembly implementation for amd64, which uses
the Intel SHA Extensions (aka SHA New Instructions or SHA-NI). This
provides a 3-5x performance gain on some Intel CPUs and many AMD CPUs.
ok tb@
|
|
Now that we have replacement SHA-256 and SHA-512 assembly implementations
for amd64, sha512-x86_64.pl can go the way of the dodo.
|
|
Replace the perlasm generated SHA-512 assembly with a more readable
version and the same C wrapper introduced for SHA-256. As for SHA-256,
on a modern CPU the performance is largely the same.
ok tb@
|
|
If any other signal is pending the stop signal should be deferred.
Now cursig() uses ffs() to select the signal and so higher numbered
signals like SIGUSR1 would be ignored when going to sleep.
So handle default stop signals specially in the deep case, stash them
and only use them if no other signal is pending.
Fix for signal-stress regress (problem reported by anton@)
With and OK mpi@
|
|
This also provides a crypto_cpu_caps_amd64 variable that can be checked
for CRYPTO_CPU_CAPS_AMD64_SHA.
ok tb@
|
|
setsigctx() now does this check and clears sig_stop in that case and
instead set sig_ignore. So the check in cursig that is based on sig_stop
can never be true.
OK mpi@
|
|
Missing sizes spotted by guenther@
|
|
|
|
|
|
|
|
Prevent a race where anything can happen on `pve' resultint in an incorrect
locking of a given pmap. Found the hardway by sthen@.
ok jsg@, miod@, kettenis@, jca@
|
|
(Many examples in this directory are really bad. This is no exception.)
|
|
This codes runs under IPL_NET. Interrupt processing would get delayed
until the ioctl handler was done which is probably not what the device
is expecting.
|