Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
255,696 Commits 606 Branches 0 Tags 3.1 GiB
60be410ca6
Commit Graph

255696 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
knakahara
60be410ca6 Improve ipsecif.4. Default port ipsec(4) NAT-T is tested now. 
pointed out by wiz@n.o and suggested by ozaki-r@n.o, thanks.
 2018-01-11 06:38:05 +00:00
maxv
a8a9f7108d Restrict the check: SMAP faults are always protection violations, as the 
SDM points out, so make sure we have PGEX_P. This way NULL dereferences -
which are caused by an unmapped VA, and therefore are not protection
violations - don't take this branch, and don't display a misleading
"SMAP" in ddb.

Adding a PGEX_P check, or not, does not essentially change anything from
a security point of view, it's just a matter of what gets displayed when
a fatal fault comes in.

I didn't put PGEX_P until now, because initially when I wrote the SMAP
implementation Qemu did not always receive the fault if the PGEX_P check
was there, while a native i5 would. I'm unable to reproduce this issue
with a recent Qemu, so I assume I did something wrong when testing in the
first place.
 2018-01-10 20:51:11 +00:00
jakllsch
64389df5f7 Revert previous. I misunderstood how it now works. 2018-01-10 19:56:47 +00:00
jakllsch
6ca4e6b8f9 Add COMPAT_70 via compat_netbsd70.conf. 2018-01-10 19:51:04 +00:00
christos
fc005591f5 from ozaki-r: use the proper ifp. 
XXX: perhaps push the lock in in_delmulti()?
 2018-01-10 18:51:31 +00:00
mlelstv
e792951e0d Match Intel Dual Band Wireless AC 3168. The code already supports it. 2018-01-10 18:39:50 +00:00
uwe
383ae5e1e3 When we ask make about MACHINE_CPU and TARGET_ENDIANNESS make sure we 
use the right bsd.*.mk files.
 2018-01-10 18:15:18 +00:00
maxv
ba54a6dd4e Add KASLR and SVS. 2018-01-10 18:13:29 +00:00
christos
dcbd947bf6 - this is not python, we need braces 
- protect ifp locking against NULL
 2018-01-10 17:36:06 +00:00
jakllsch
56c110fb9b Use correct type with CTLTYPE_BOOL. 
Fixes this sysctl on big endian.
 2018-01-10 15:58:40 +00:00
wiz
54273bc36d Improve wording and macro use. 
Some parts are not clear to me, so someone with knowledge of ipsecif(4)
should improve this some more.
 2018-01-10 12:18:22 +00:00
wiz
3fc211eb1d Spell IPsec that way. Simplify macro usage. Sort SEE ALSO. Bump 
date for previous.
 2018-01-10 12:16:39 +00:00
msaitoh
efd09fd648 Print intel_pt in /proc/cpuinfo. 2018-01-10 11:46:02 +00:00
jmcneill
7e86de097f add pseudo-device ipsecif 2018-01-10 11:33:48 +00:00
jmcneill
da793789d3 Comment out AUTOFS until it compiles 2018-01-10 11:32:29 +00:00
knakahara
fe5d98860a apply in{,6}_tunnel_validate() to gif(4). 2018-01-10 11:13:26 +00:00
knakahara
f88602eb7b add ipsec(4) interface to amd64/GENERIC and amd64/ALL configs. 2018-01-10 11:11:20 +00:00
knakahara
732fa19c41 add ipsec(4) interface man as ipsecif.4. 2018-01-10 11:08:55 +00:00
knakahara
b8f54fc79b add ipsec(4) interface ATF. 2018-01-10 11:06:06 +00:00
knakahara
085daa5b79 ipsec(4) interface supports rump now. 2018-01-10 11:02:41 +00:00
knakahara
4ab3af3e3e add ipsec(4) interface, which is used for route-based VPN. 
man and ATF are added later, please see man for details.

reviewed by christos@n.o, joerg@n.o and ozaki-r@n.o, thanks.
https://mail-index.netbsd.org/tech-net/2017/12/18/msg006557.html
 2018-01-10 10:56:30 +00:00
pgoyette
0de97cd56d Add SVS - Separate Virtual Space 2018-01-10 08:47:30 +00:00
ozaki-r
62fd3b8c8a Get rid of unnecessary ifdef for IFT_IEEE80211 2018-01-10 07:34:31 +00:00
ozaki-r
013cd23759 Fix a deadlock on callout_halt of nd6_dad_timer 
We must not call callout_halt of nd6_dad_timer with holding nd6_dad_lock because
the lock is taken in nd6_dad_timer. Once softnet_lock goes away, we can pass the
lock to callout_halt, but for now we cannot.
 2018-01-10 07:11:38 +00:00
msaitoh
5bd8e5c45d Print Intel cpuid 7 %edx. 
Example output of cpuctl -v identify 0:

+cpu0: 00000007: 00000000 000027ab 00000000 0c000000
(snip)
+cpu0: SEF edx 0xc000000<IBRS,STIBP>
 2018-01-10 07:08:35 +00:00
msaitoh
bef4c2149e Add Intel cpuid 7 %edx IBRS(IBPB Speculation Control) and 
STIBP(STIBP Speculation Control) from OpenBSD.
 2018-01-10 07:04:54 +00:00
msaitoh
b2bedf14b6 Add comment. 2018-01-10 04:45:24 +00:00
ozaki-r
5f7710ea35 Don't start callouts for domains before attaching domains on rump kernels 
On rump kernels, the callouts for domains, pffasttimo and pfslowtimo, started
before domains were attached. Normally the callouts were dispatched after
domain attaches (initializations) finished, however, under load the callouts
could be executed prior to the attaches, resulting in that the callouts accessed
unallocated or uninitialized resources.
 2018-01-10 02:50:26 +00:00
mrg
78dff00194 s/level 25/level 15/ -- there's nothing higher than 15 on sparc, and 
this is talking about NMI.
 2018-01-10 01:49:05 +00:00
ozaki-r
9aa00be0ba Check MP-safety in ifa_insert and ifa_remove only for IFEF_MPSAFE drivers 
Eventually the assertions should pass for all drivers, however, at this point
it's too eager.

Fix PR kern/52895
 2018-01-10 01:22:26 +00:00
pgoyette
fcca9c80d6 KASSERT() that kthread_join()'s target is expecting to be joined. 
As discussed on IRC.
 2018-01-09 22:58:45 +00:00
kamil
dab4556f43 Correct the signature of kvm_getproc2(3) in the man-page. 
The elemsize argument is of type "size_t", not "int".

Sponsored by <The NetBSD Foundation>
 2018-01-09 21:17:45 +00:00
kamil
c5ed1004cc Correct the signature of kvm_getlwps(3) in the man-page. 
The elemsize argument is of type "size_t", not "int *".

Sponsored by <The NetBSD Foundation>
 2018-01-09 21:13:59 +00:00
maya
45b55008a4 remove struct emul's e_fault. 
It used to be used by COMPAT_IRIX for the purpose of overriding
uvm_fault (only implemented in MIPS), now removed.

Ride 8.99.12 version bump.
 2018-01-09 20:55:42 +00:00
christos
219bb927fe Use a queue of deferred entries to delete routes instead of a fixed stack 
of 10. Otherwise we can overflow in route deletions from the rexmit timer.
XXX: pullup-8
 2018-01-09 19:52:29 +00:00
christos
cdd509fe61 tidy up debugging (make it compile with the 'ALL' kernel) 2018-01-09 17:58:09 +00:00
martin
cea0645f8c Add EVFILT_FS 2018-01-09 17:35:29 +00:00
christos
0d40f5669e fix module attachment and cdevsw 2018-01-09 16:19:39 +00:00
christos
63d9fe88a0 fix autofs pseudo device 2018-01-09 16:18:35 +00:00
martin
ddaa1d089b Skip the test on non-modular kernels 2018-01-09 15:16:02 +00:00
martin
602913a78d Include <sys/atomic.h> for the atomic funtions used in here. 2018-01-09 13:56:00 +00:00
martin
1e774d3bb5 Use fseeko instead of fseek to fix the build on some 32bit architectures 2018-01-09 10:47:57 +00:00
wiz
f24dbfeb68 File system police. Add RCS Id. Improve SYNOPSIS. Use more markup. 2018-01-09 09:41:29 +00:00
wiz
2df58e1698 File system police. Sort options. Add RCS Id. Use more markup. Wording. 2018-01-09 09:39:07 +00:00
wiz
67dee3c787 Mostly formatting improvements. 2018-01-09 09:33:00 +00:00
wiz
3d7c11903b file system police. 2018-01-09 09:27:41 +00:00
wiz
e7721e081a Stop using Tn. New sentence, new line. 2018-01-09 09:24:22 +00:00
wiz
21a1a45729 Use Pa for paths. 2018-01-09 09:22:25 +00:00
wiz
c8d49655fe Remove superfluous Pp. 2018-01-09 09:21:41 +00:00
wiz
13b39a37b6 Stop using Tn. 2018-01-09 09:20:23 +00:00