| Age | Commit message (Collapse) | Author |
|---|
|
usrreq functions move the mbuf m_freem() logic to the release block
instead of distributing it over the switch statement. Then the
goto release in the initial check, whether the pcb still exists,
will not free the mbuf for the PRU_RCVD, PRU_RVCOOB, PRU_SENSE
command.
OK claudio@ mpi@ visa@
Reported-by: syzbot+8e7997d4036ae523c79c@syzkaller.appspotmail.com
|
|
the system priority level to IPL_HIGH. This simplifies the code a bit
relative to calling from witness_lock() and witness_unlock().
OK mpi@
|
|
allocate a cluster if the message is larger than that. Fixes a panic
on shutdown on my Asus X205TA.
ok patrick@, stsp@
|
|
caller supplied pointer. Otherwise, the caller is left with a dangling
pointer that could lead to a use-after-free panic.
ok millert@ visa@
Reported-by: syzbot+ac1d7685deab53b95ace@syzkaller.appspotmail.com
Reported-by: syzbot+dbe8f002f8051f26f6fe@syzkaller.appspotmail.com
|
|
|
|
allows triggering SPI interrupts by doing memory transactions. This was
already partially implemented in mvicu(4) and is now outsourced into its
own driver since we need better initialization when booting using u-boot.
Also implement new and legacy bindings in mvicu(4), relying on the new
mvgicp(4) driver.
ok kettenis@
|
|
this allows us to provide actual arguments in functions in ddb traces.
deraadt@ helped me figure out that a new clang has been in snaps
for days now, so it's easy for people to get a new compiler if
they're building current.
|
|
introduced with __MAP_NOFAULT. The regression let uvm_fault() run
without proper locking and rechecking of state after map version change
if page zero-fill was chosen.
OK kettenis@ deraadt@
Reported-by: syzbot+9972088c1026668c6c5c@syzkaller.appspotmail.com
|
|
ok mlarkin@
|
|
* Replace unnecessary use of db_get_value() with direct access of
f_retaddr. The trace function assumes that the chain of frames
is good in terms of alignment and content.
* Replace the for loop with a while loop and drop the check
"frame != NULL" from the loop condition. The check is redundant with
the "!INKERNEL(frame)" condition. The code already assumes that the
initial frame is valid.
* Stop iteration if f_retaddr is a non-kernel address in order to
not save a user address at the end of the trace. This additionally
fixes a kernel crash that would happen if the user thread had
a broken frame pointer.
OK mpi@
|
|
* Replace unnecessary use of db_get_value() with direct access of
f_retaddr. The trace function assumes that the chain of frames
is good in terms of alignment and content.
* Replace the for loop with a while loop and drop the check
"frame != NULL" from the loop condition. The check is redundant with
the "!INKERNEL(frame)" condition. The code already assumes that the
initial frame is valid.
* Stop iteration if f_retaddr is a non-kernel address in order to
not save a user address at the end of the trace. This additionally
fixes a kernel crash that would happen if the user thread had
a broken frame pointer.
* Fix erroneous skipping of the second stack frame.
OK mpi@
|
|
This change fixes a regress test failure noticed by bluhm@.
ok deraadt
|
|
|
|
Update default/min/max noisefloor values to those used by Linux ath9k.
Tested by jmc, juanfra, kn, and myself, on 9280 and 9271 devices.
|
|
This time add the counter extention to SADB_GET's whitelist.
ok bluhm@, visa@
|
|
ok bluhm@, visa@
|
|
|
|
this fixes an issue found by a regress test on sparc64 by claudio,
and between us took about half a day of work to understand and fix
at a2k19.
ok claudio@
|
|
the device was opened in write-only mode. Relying on me_evar being NULL
does not work if the wskbd device was opened first followed by opening a
wsmux device. Closing the wskbd device first at this stage would cause
the wscons_event queue inherited from the wsmux device to be freed. This
in turn could cause a panic if an ioctl(WSMUXIO_INJECTEVENT) command is
issued to the wsmux device.
ok deraadt@ visa@
Reported-by: syzbot+ed88256423ae8d882b8b@syzkaller.appspotmail.com
|
|
on dual port cards work much better.
ok dlg@
|
|
phy to check the media status did not only ack the MII interrupt, but
also all the others. Thus it could happen that the TX completion was
not seen by the interrupt handler, leading to full TX queues. Also,
the fec(4) interrupt handler acked more than it handles, thus possibly
also acking the MII interrupt.
Found with bluhm@ on his new arm64 regression setup.
ok bluhm@
|
|
support.
|
|
add locking in clock_gettime where needed.
ok cheloha matthew
|
|
C99 inline semantics resulted in undefined symbols.
OK deraadt@ mpi@ dlg@
|
|
list of available block devices, so we can also boot from another block
device than the one that efiboot was loaded from. Softraid will then
create a list of volumes by checking the partition table for RAID and
matching softraid metadata. If efiboot was loaded from the same
physical drive as a softraid volume, it will use the soft- raid volume
as boot device and it will ask you to unlock it. The UUID and key of
that boot volume will be passed as FDT properties to the kernel. Those
FDT properties will be zeroed explicitly by the kernel after they have
been passed to the softraid stack.
ok kettenis@
|
|
Code for this was already present, it was just not being called yet.
Tested on AR9280 and AR9271 by jmc@, kevlo@, jmatthew@, juanfra@, and myself.
|
|
|
|
When we come back from suspend/hibernate the BIOS/firmware/whatever can
hand us *any* TOD, so we need to check that the given TOD doesn't set our
boot offset backwards, breaking the monotonicity of e.g. CLOCK_MONOTONIC.
This is trivial to do from the BIOS on most PCs before unhibernating.
There might be other ways it can happen, accidentally or otherwise.
This is a bit messy but it can be made prettier later with a "bintimecmp"
macro or something like that.
Problem confirmed by jmatthew@.
"you are very likely right" deraadt@
|
|
while there, assign int when declaring the sc variable so the ioctl
paths do less.
|
|
introduction of struct lockf_state.
ok bluhm@ visa@
|
|
ifconfig asks for such information.
ok patrick@
|
|
|
|
|
|
|
|
based on advice seen from mpi@
|
|
ok deraadt@
|
|
on the console.
Issue reported by deraadt@.
ok deraadt@, mpi@
|
|
- Do checks that do not access shared data structures first, they don't
need locking and save us some dances.
- Use the common !ETHER_IS_MULTICAST() idiom and move some code that won't
be executed if the bridge(4) is down.
ok bluhm@, visa@
|
|
The new node contains the subsystem's main control variable,
kern.witness.watch. It is aliased by the old name, kern.witnesswatch.
The alias will be removed in the future.
OK anton@ mpi@
|
|
Based on a diff from Jesper Wallin.
ok jmatthew@, stsp@
|
|
|
|
|
|
ok deraadt@ jmatthew@
|
|
suggested by jmatthew@
|
|
ok jmatthew@
|
|
|
|
Idle threads are never placed on the runqueue so their priority doesn't
matter.
This fixes an accounting bug where top(1) would report a high CPU usage
for Idle threads of secondary CPUs right after booting. That's because
schedcpu() would give 100% CPU time to the Idle thread until "real"
threads get scheduled on the corresponding CPU.
Issue reported by bluhm@, ok visa@, kettenis@
|
|
a flag in the upper byte of the 2-byte-wide receive register is set.
ok kettenis@
|
|
|
|
shuffle mpe_output while here.
|
