| Age | Commit message (Collapse) | Author |
|---|
|
|
|
Fix build without PF, PIPEX nor IPSEC.
|
|
|
|
from deraadt@
|
|
|
|
ok stsp@
|
|
to enable PF_LOCK(), you must add 'option WITH_PF_LOCK' to your kernel
configuration. The code does not do much currently it's just the very
small step towards MP.
O.K. henning@, mikeb@, mpi@
|
|
run so that this locore0.o is always at the start of the executable.
But randomize the link order of all other .o files in the kernel, so
that their exec/rodata/data/bss segments land all over the place.
The bootstrap code will need smashing because it is mapped by BLTB,
but this is a bit involved so not done yet.
As a result, the internal layout of every newly build bsd kernel is
different from past kernels. Internal relative offsets are not known
to an outside attacker. The only known offsets are in the startup code
(which will be gone when it is smashed).
Ramdisk kernels cannot be compiled like this, because they are gzip'd.
When the internal pointer references change, the compression dictionary
bloats and results in poorer compression.
|
|
This seems to satisfy the BTLB granularity. Good enough for now.
ok kettenis
|
|
run so that this locore0.o is always at the start of the executable.
But randomize the link order of all other .o files in the kernel, so
that their exec/rodata/data/bss segments land all over the place.
Late during kernel boot, smash the startup code with traps so that
it does not point to the other randomly placed code. It has be smashed,
because alpha (insecurely in my view) runs in the KSEG0 space.
As a result, the internal layout of every newly build bsd kernel is
different from past kernels. Internal relative offsets are not known
to an outside attacker. The only known offsets are in the startup code,
which is gone.
Ramdisk kernels cannot be compiled like this, because they are gzip'd.
When the internal pointer references change, the compression dictionary
bloats and results in poorer compression.
|
|
|
|
|
|
|
|
Unlike on some other architectures, it is not possible to unmap
the early boot code. Instead, the code is smashed during boot.
Input from deraadt@
|
|
And anyways, everything is ELF now.
|
|
directories. Copy it in the same way on other architectures, for the same
effect. Something upcoming will want that file there anyways.
|
|
shrinks the code a bit on sparc64.
ok jmatthew@
|
|
Generating mixed 16-bit/32-bit/64-bit code with clang's integrated
assembler is a bit tricky. It supports the .code16, .code32 and
.code64 directives. But it doesn't know about the data16/data32 and
addr16/addr32 instruction prefixes. Instead it tries to determine
those from the instruction opcode. It mostly succeeds, but there are
a couple of corner cases where clang will generate the "addr32" form
where gas generates the "addr16" form in .code16 segments. That
should be no problem (and just waste a couple of bytes), but it makes
comparing the generated code a bit difficult.
Allow the trampoline code to be compiled with both. For clang #define
away the addr32 prefix and avoid using the data32 prefix by using a
mnemonic that explicitly encodes the size of the operand. Add a few
addr32 prefixes in .code16 blocks to reduce the differences between
code generated by clang and gas.
ok deraadt@
|
|
|
|
|
|
make release work without prior cleanup.
discussed with deraadt
|
|
ok jsg@
|
|
bootloader anymore, so it doesn't matter where it is stored. While
there do some whitespace cleanup.
|
|
run so that this locore0.o is always at the start of the executable.
But randomize the link order of all other .o files in the kernel, so
that their exec/rodata/data/bss segments land all over the place.
Late during kernel boot, unmap the early startup code.
As a result, the internal layout of every newly build bsd kernel is
different from past kernels. Internal relative offsets are not known
to an outside attacker. The only known offsets are in the startup code,
which has been unmapped.
Ramdisk kernels cannot be compiled like this, because they are gzip'd.
When the internal pointer references change, the compression dictionary
bloats and results in poorer compression.
With guidance and ok deraadt@
|
|
ok jsg@
|
|
pointed out by kettenis
|
|
|
|
to make it more readable.
help, many explanations and ok stsp
|
|
This reduces holes/padding and makes the struct smaller by 8 bytes.
ok kettenis@
|
|
from Seth Jackson
|
|
saves about half a k on sparc64.
|
|
Prying eyes cannot look at the kernels in the compile directory.
ok tb rpe, kernel developers seem unimpacted
|
|
|
|
discussed with patrick
|
|
Input, help & ok stsp
|
|
Found by jmc@
|
|
ok stsp
|
|
This reduces holes/padding and makes the structs smaller.
|
|
prohibited sysctl.
ok deraadt
|
|
witness(4) has found that km_alloc will trigger an rw_enter via uvm_map
and vm_map_lock. While rw_enter is called with RW_SLEEPFAIL, there's
also an msleep in there, so it's easier to avoid getting in the middle
of that.
|
|
|
|
|
|
This should make fading APs time out consistently regardless of what the
beacon interval is set to (range is 1 to 2^16 TU, though in practice 100 TU
seems to be a common value).
Print the beacon interval and missed beacon counter threshold to dmesg
if the DEBUG flag was set on the wireless interface with ifconfig(8).
This should help with diagnosing any issues that pop up.
Requested and diff eye-balled by kettenis@
help & ok tb@ phessler@
|
|
ok stsp@
|
|
|
|
if ic_mgt_timer indicates that we're not already waiting for a response.
Fixes a flood of probe requests sent out while the interrupt kept firing.
Also, byteswap the missed beacon counter value when reading it.
ok mpi@
|
|
if ic_mgt_timer indicates that we're not already waiting for a response.
Fixes a flood of probe requests sent out while the interrupt kept firing.
Also, read the missed beacon counter value after DMA sync.
ok mpi@
|
|
|
|
|
|
this should effectively double (or restore?) the number of packets that
can be fit on the tx ring.
tested on an od1000.
|
