http://ftp.netbsd.org/pub/NetBSD/misc/mlelstv/vmparam.diff
after a discussion on port-m68k. I tested them on several Amiga models
and they seem to work fine.
This gives us the maximum virtual memory space for a process under the
current 512MB pmap limitation.
Also bump VM_KERNEL_PT_PAGES to allow up to 2 GB RAM.
* Allocate the correct buffer for the VGA BIOS image.
* Abort if buffer allocation failed, not if buffer allocation succeeded.
Not directly tested, but I can't imagine this makes anything worse.
is written by me. It's disabled by default. If you'd like to use, define
WM_MSI_MSIX.
Tested with:
8254[3405617] (INTx even if it has MSI CAP because of a errata)
8257[12], 82583 ICH8, ICH10, PCH2, PCH_LPT(I21[78]) (MSI)
8257[456], 82580, I35[04], I21[01] (MSI-X)
Not tested:
82542, 82573, 80003, ICH9, PCH,
output to drain to five seconds so that exiting processes with
buffered output for a serial port blocked by flow control do not
hang indefinitely. Should fix PR kern/12534. OK christos.
*) Malformed ECParameters causes infinite loop
When processing an ECParameters structure OpenSSL enters an infinite loop
if the curve specified is over a specially malformed binary polynomial
field.
This can be used to perform denial of service against any
system which processes public keys, certificate requests or
certificates. This includes TLS clients and TLS servers with
client authentication enabled.
This issue was reported to OpenSSL by Joseph Barr-Pixton.
(CVE-2015-1788)
[Andy Polyakov]
*) Exploitable out-of-bounds read in X509_cmp_time
X509_cmp_time does not properly check the length of the ASN1_TIME
string and can read a few bytes out of bounds. In addition,
X509_cmp_time accepts an arbitrary number of fractional seconds in the
time string.
An attacker can use this to craft malformed certificates and CRLs of
various sizes and potentially cause a segmentation fault, resulting in
a DoS on applications that verify certificates or CRLs. TLS clients
that verify CRLs are affected. TLS clients and servers with client
authentication enabled may be affected if they use custom verification
callbacks.
This issue was reported to OpenSSL by Robert Swiecki (Google), and
independently by Hanno Böck.
(CVE-2015-1789)
[Emilia Käsper]
*) PKCS7 crash with missing EnvelopedContent
The PKCS#7 parsing code does not handle missing inner EncryptedContent
correctly. An attacker can craft malformed ASN.1-encoded PKCS#7 blobs
with missing content and trigger a NULL pointer dereference on parsing.
Applications that decrypt PKCS#7 data or otherwise parse PKCS#7
structures from untrusted sources are affected. OpenSSL clients and
servers are not affected.
This issue was reported to OpenSSL by Michal Zalewski (Google).
(CVE-2015-1790)
[Emilia Käsper]
*) CMS verify infinite loop with unknown hash function
When verifying a signedData message the CMS code can enter an infinite loop
if presented with an unknown hash function OID. This can be used to perform
denial of service against any system which verifies signedData messages using
the CMS code.
This issue was reported to OpenSSL by Johannes Bauer.
(CVE-2015-1792)
[Stephen Henson]
*) Race condition handling NewSessionTicket
If a NewSessionTicket is received by a multi-threaded client when attempting to
reuse a previous ticket then a race condition can occur potentially leading to
a double free of the ticket data.
(CVE-2015-1791)
[Matt Caswell]
*) Reject DH handshakes with parameters shorter than 768 bits.
[Kurt Roeckx and Emilia Kasper]
store avail_start, avail_end, virtual_start, and virtual_end.
Remove iospace and let emips just bump pmap_limits.virtual_start to get the
VA space it needs.
pmap_segtab.c is almost identical to uvm/pmap/pmap_segtab.c now. It won't
be long until we switch to the uvm/pmap one.
