New features:
- Add a veriexec_report() routine to make most reporting consistent and
remove some common code.
- Add 'strict' mode that controls how veriexec behaves.
- Add sysctl knobs:
o kern.veriexec.verbose controls verbosity levels. Value: 0, 1.
o kern.veriexec.strict controls strict level. Values: 0, 1, 2. See
documentation in sysctl(3) for details.
o kern.veriexec.algorithms returns a string with a space separated
list of supported hashing algorithms in veriexec.
- Updated documentation in man pages for sysctl(3) and sysctl(8).
Bug fixes:
- veriexec_removechk(): Code cleanup + handle FINGERPRINT_NOTEVAL
correctly.
- exec_script(): Don't pass 0 as flag when executing a script; use the
defined VERIEXEC_INDIRECT - which is 1. Makes indirect execution
enforcement work.
- Fix some printing formats and types..
so BUS_DMASYNC_POSTREAD should follow a device->memory transfer (like for
the rx packet data.
Also, it would be good to do a BUS_DMASYNC_PREWRITE to ensure that packet
data is flushed to memory before the chip tries to transmit data.
Tested on a PowerPC system.
netmask value of 0xffffffff (INADDR_NONE). Fix by using inet_aton(3).
Note it was possible to specify the same mask as the dotted quad
255.255.255.255 because of a later call to gethostbyname(3).
[From FreeBSD]
to open(). Previously only one call to open() was allowed.
This change should allow some Linux derived programs to work unaltered.
XXX This isn't really possible to implement correctly in a simple way.
So this implementation is incorrect: It is not until device has been closed
by both the reader and writer that it is possible to open it at all again.
event not to be sent when one is needed. Fixing this would require
one hypercall per packet, instead of one per NB_XMIT_PAGES_BATCH pages.
It's not worth it, so always send an event at the end of xennetback_ifstart()
- there is no callback mechanism to notify us when a guest has handled
packets we sent. If we stop transmitting because the ring is full or we're
out of pages when the ifq is also full, nothing will call
xennetback_ifstart() again and transmit is stalled. Abuse the watchdog
to kick the transmit queue once second after an out of ressources
condition.
manu