| Age | Commit message (Collapse) | Author |
|---|
|
arbitrary sleeps. Should hopefully make these tests more stable.
|
|
|
|
Before only UDP was tested.
|
|
help, pointers and OK bluhm@
|
|
|
|
|
|
|
|
|
|
Reducing the risk tests conflicting with each other.
ok bluhm@
|
|
|
|
tests.
|
|
in regress already does.
|
|
assume vnd0 is available.
|
|
bailing out if any loopback interface is skipped other than lo0.
|
|
regress/sys/net already does. No functional change as the defaults
remains the same.
|
|
pipe_read().
|
|
unique mount point and vnd device.
|
|
|
|
That means the IPv6 header chain contains two fragment header that
spawn the whole packet. Such packets are illegal and pf drops them.
Otherwise they could bypass pf rules as described in CVE-2023-4809.
OpenBSD is not affected as pf_walk_header6() drops them with "IPv6
multiple fragment" log message. This check exists since 2013 when
special support for atomic fragments was added to pf.
If pf is disabled, the IPv6 stack accepts such packets. I do not
consider this a security issue.
|
|
|
|
|
|
in 'stamp-setup' target. Found by anton@.
|
|
Add timer precision flags NOTE_SECONDS, NOTE_MSECONDS, NOTE_USECONDS
and NOTE_NSECONDS for EVFILT_TIMER. Also, add an initial implementation
of NOTE_ABSTIME timers.
Similar kevent(2) flags exist on FreeBSD, NetBSD and XNU.
Initial diff by and OK aisha@
OK mpi@
|
|
by ioctl(2) operation if table exists already. The issue
has been noticed by Giannis Kapetanakis (_at_) edu.physics.uoc.gr.
Giannis noticed relayd(8) aborts unexpectedly when 'relay host'
gets disabled by 'relayctl host dis ...' command. To understand
what's going on we must look at the way how relayd(8) manages
its firewall configuration. If relay-host 'example' is enabled relayd(8)
inserts rule to anchor relayd/example. The rule looks somewhat
like this:
pass in from ... to ... rdr-to <example>
When the rule gets inserted to pf(4) the table 'example' is
created with flags:
lumpy# pfctl -a relayd/example -vg -sT
----r-- example relayd/example
r-flag indicates table is referred by rule only. In the next
step relayd(8) creates and populates table example. It asks
pf(4) to add a persistent flag (PFR_TFLAG_PERSIST), so table
survives flush operation of relayd/example ruleset on behalf
of 'relayctl host dis ...' command. relayd(8) exits via abort()
when table is gone with disable operation.
Giannis was patient enough so we could debug and fix issue.
The committed change has been tested by Giannis too.
OK kn@, bluhm@
|
|
|
|
kern.maxproc limit.
|
|
hopefully make these tests more stable on my slow^W regress machines.
ok sashan@
|
|
* The colon space separator is already appended by err/warn.
* Favor err(1, NULL) for malloc errors.
|
|
after free. There was confusion between size of struct and size
of pointer.
|
|
This allows to change rtable implementation in kernel without
breaking test.
|
|
to verify limit on tickets progam can retrieve
by DIOCXGETRULES. Ad
tests which verify DIOCXEND works as expected, that program
can release ticket obtained by earlier call to DIOCGETRULES
improvements from anton@
OK anton@, bluhm@
|
|
userland. This test should have been written with a signal handler to
be accurate.. Anyways, stop using syscall() to work around that
ok kettenis
|
|
ok kettenis
|
|
of the results based on that. Also, the system now enforces
unreadability in copyin() of ld.so, libc, and application text,
even when PKU isn't enabled, so adjust those results to match.
ok deraadt@ anton@
|
|
|
|
Use "block; pass" instead.
|
|
While splitting out emulated virtio network and block devices into
separate processes, I originally used named mappings via shm_mkstemp(3).
While this functionally achieved the desired result, it had two
unintended consequences:
1) tearing down a vm process and its child processes required
excessive locking as the guest memory was tied into the VFS layer.
2) it was observed by mlarkin@ that actions in other parts of the
VFS layer could cause some of the guest memory to flush to storage,
possibly filling /tmp.
This commit adds a new vmm(4) ioctl dedicated to allowing a process
request the kernel share a mapping of guest memory into its own vm
space. This requires an open fd to /dev/vmm (requiring root) and
both the "vmm" and "proc" pledge(2) promises. In addition, the caller
must know enough about the original memory ranges to reconstruct them
to make the vm's ranges.
Tested with help from Mischa Peters.
ok mlarkin@
|
|
|
|
|
|
|
|
|
|
ok miod@ millert@
|
|
ok miod@ millert@
|
|
|
|
ok kn@
|
|
section.
|
|
the regress framework and allowing the expected outcome to be enumerated
per architecture. Currently limited to amd64 and arm64.
|
|
in pf_state/Makefile.
discussed with anton@
OK anton@
|
|
|
|
introduction of mimmutable(2) and also needs to cope with xonly on some
architectures by now. There's already the syscallwx target in
regress/usr.bin/lastcomm which does the same thing but also ensures that
the expected code path is reached by looking at accounting records.
|
