| Age | Commit message (Collapse) | Author |
|---|
|
OK deraadt@
|
|
haven't crossed over the ABI break as easily as expected.
|
|
|
|
|
|
|
|
|
|
rwsleep(9) with PCATCH and rw_enter(9) with RW_INTR without the kernel
lock. In addition, now tsleep(9) with PCATCH should be safe to use
without the kernel lock if the sleep is purely time-based.
Tested by anton@, cheloha@, chris@
OK anton@, cheloha@
|
|
ok guenther@ kettenis@
|
|
Use this in the buffer cache to free all the pages from a buffer,
resulting in a considerable speedup when throwing away pages from
the buffer cache.
Lots of work done with mlarkin and kettenis
ok kettinis@ deraadt@
|
|
isakmpd and iked to REQUIRE. Filter policy violations earlier.
ok sashan@ bluhm@
|
|
check for the quirk that makes sure we don't try to change the voltage
to anything else. Configure the eMMC Core's clock, register ourselves
as clock driver for rkemmcphy(4) to use, and enable the PHY.
Tested by kurt@
ok kettenis@
|
|
|
|
to its subnodes, which are some PHYs.
Tested by kurt@
ok kettenis@
|
|
Tested by kurt@
ok kettenis@
|
|
proc, so they don't need to be explicitly initialized in thread_new()
suggested by anton@
ok kettenis@
|
|
take a struct proc* instead of a struct process*, and vice versa making
unveil_lookup() take a process* instead of a proc*.
ok beck@
|
|
entry point.
ok mlarkin@, deraadt@
|
|
ok anton@
|
|
into a separate uvm_pageclean() function and call it from uvm_pagefree().
ok mpi@, guenther@, beck@
|
|
ok guenther@
|
|
ok benno@ mortimer@
|
|
ok deraadt@
|
|
|
|
do the same check before invoking it.
|
|
rwlock. This lock is shared among all pipes for simplicity. In the
future, the lock will probably be replaced with one lock per pipe pair,
just like FreeBSD and NetBSD does.
While here, extract the common rundown wakeup logic into a dedicated
function.
Thanks to cheloha@ for testing and feedback.
ok mpi@ visa@
|
|
nestle amoung its friends.
|
|
- CIRCQ_APPEND -> CIRCQ_CONCAT
- Flip argument order of CIRCQ_INSERT to match e.g. TAILQ_INSERT_TAIL
- CIRCQ_INSERT -> CIRCQ_INSERT_TAIL
- Add CIRCQ_FOREACH, use it in ddb(4) when printing buckets
- While here, use tabs for indentation like we do with other macros
ok visa@
|
|
Match FreeBSD and NetBSD.
ok bluhm@, deraadt@, kettenis@
|
|
Suggested by and ok sashan@
|
|
enforce a new policy: system calls must be in pre-registered regions.
We have discussed more strict checks than this, but none satisfy the
cost/benefit based upon our understanding of attack methods, anyways
let's see what the next iteration looks like.
This is intended to harden (translation: attackers must put extra
effort into attacking) against a mixture of W^X failures and JIT bugs
which allow syscall misinterpretation, especially in environments with
polymorphic-instruction/variable-sized instructions. It fits in a bit
with libc/libcrypto/ld.so random relink on boot and no-restart-at-crash
behaviour, particularily for remote problems. Less effective once on-host
since someone the libraries can be read.
For static-executables the kernel registers the main program's
PIE-mapped exec section valid, as well as the randomly-placed sigtramp
page. For dynamic executables ELF ld.so's exec segment is also
labelled valid; ld.so then has enough information to register libc's
exec section as valid via call-once msyscall(2)
For dynamic binaries, we continue to to permit the main program exec
segment because "go" (and potentially a few other applications) have
embedded system calls in the main program. Hopefully at least go gets
fixed soon.
We declare the concept of embedded syscalls a bad idea for numerous
reasons, as we notice the ecosystem has many of
static-syscall-in-base-binary which are dynamically linked against
libraries which in turn use libc, which contains another set of
syscall stubs. We've been concerned about adding even one additional
syscall entry point... but go's approach tends to double the entry-point
attack surface.
This was started at a nano-hackathon in Bob Beck's basement 2 weeks
ago during a long discussion with mortimer trying to hide from the SSL
scream-conversations, and finished in more comfortable circumstances
next to a wood-stove at Elk Lakes cabin with UVM scream-conversations.
ok guenther kettenis mortimer, lots of feedback from others
conversations about go with jsing tb sthen
|
|
track the process (and not the original thread of the process).
ok jsg@ kettenis@
|
|
ensure we handle the uvm_objects of bread_cluster buffers correctly.
Original commit message:
Fix the buffer cache code to not use a giant uvm obj of all pages
when a small one on each buf is all that is needed. reduces the
cost of large frees by about 25%.
Again, lots of assistence from kettenis and mlarkin
still ok kettenis@
|
|
ok kettenis@
|
|
One on the TRB that went short, and one for the last TRB in a TD.
We already set actlen only once so that the last TRB in a TD does
not override it, but some controllers throw another short event
instead of a success event, so we have to add the same check there
as well.
ok gerhard@ mglocker@
|
|
the bread_cluster code has confused even me and mark,
we need to handle the buffer slice and dice case better
for bread_cluster.
|
|
|
|
No code change.
|
|
|
|
Sets up some simplifications.
|
|
"show malloc" output
ok deraadt@ mpi@
|
|
to determine if the buffer has pages to free. we have to
set this pointer only after we could sleep allocating pages.
setting it before creates the potential for a race to free
us while we are sleeping
ok kettenis@
|
|
ok deraadt@
|
|
when a small one on each buf is all that is needed. reduces the
cost of large frees by about 25%.
ok kettenis@
|
|
netmask in the kernel.
OK visa@
|
|
inspect the memory layout that the firmware has created. It is
especially useful for UEFI debugging.
OK deraadt@ kettenis@
|
|
ok kettenis@
|
|
that represent various header fields. One place where OXMs are used is in
the sef_field action, which contains one OXM representing the header field
to set, followed by padding to align the action in the OpenFlow message to
64 bits. Currently, we assume that a set_field action can contain multiple
OXMs and that they do not need to be padded.
This matches the way we handle OpenFlow messages that contain set_field
actions so that we follow the specs.
OK ori claudio
|
|
Monitor mode depends on support for multiple frames per Rx buffer.
|
|
Tested by florian on 7260, claudio and myself on 8265, and mlarkin on 9560.
This time even florian's 7260 device seems to be happy.
ok claudio@
|
|
Ensure that io to a file backing a vnd is IO_SYNC, so IO to a
vnd device is both synchronous and not cached in the buffer cache.
This allows the "mount" regress to work repeatably, and avoids
a situation where when the buffer cache cleaner runs to clear
dirty buffers while people are waiting, it actually increases the
dirty buffers when the writes to the underlying vnd are also
delayed.
ok bluhm@
|
