| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
| |
- s/addreess/address/
MFC after: 3 days
|
|
|
|
|
|
|
|
|
|
|
|
| |
The host selector is only required when the user likes to use the same
LPC device IDs as the physical LPC device. This is an uncommon use case.
For that reason, it makes no sense to exit when we don't find the host
selector.
Reviewed by: markj
MFC after: 1 week
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D39311
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Falling back to the multicast key may cause unicast traffic to leak.
Instead fail when no key is found.
For more information see the 'Framing Frames: Bypassing Wi-Fi Encryption
by Manipulating Transmit Queues' paper.
[ I updated the commit message to reference the paper and the code
comment to record historic behaviour as discussed in private email. ]
Security: CVE-2022-47522
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A machine might exist on multiple networks, all of which offer, say, default
routes or name servers. There's no easy way to indicate in the config
that those options are only valid for a single interface.
Now, we can write:
interface "lan0" {
request routers;
require routers;
}
interface "lan1" {
ignore routers;
}
And only take action on default routes offered on lan0.
Tested by: Jose Luis Duran <jlduran at gmail dot com>
MFC after: 2 months
Reviewed by: allanjude, imp
Sponsored by: Zenith Electronics LLC
Sponsored by: Klara, Inc.
Pull Request: #693
|
|
|
|
|
| |
Obtained from: NetBSD c3cb4dcc9c43
Sponsored by: The FreeBSD Foundation
|
|
|
|
| |
Obtained from: NetBSD af7bc97830ac
|
|
|
|
| |
MFC after: 3 days
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
with no LRO) does not work correctly.
Rack is capable of fixed rate or dynamic rate pacing. Both of these can get mixed up when
LRO is not available. This is because LRO will hold off waking up the tcp connection to
processing the inbound packets until the pacing timer is up. Without LRO the pacing only
sort-of works. Sometimes we pace correctly, other times not so much.
This set of changes will make it so pacing works properly in the absence of LRO.
Reviewed by: tuexen
Sponsored by: Netflix Inc
Differential Revision:https://reviews.freebsd.org/D39494
|
|
|
|
| |
Sponsored by: The FreeBSD Foundation
|
|
|
|
| |
This fixes the LINT-NOINET6 build.
|
|
|
|
|
| |
Approved by: gnn (mentor)
Differential Revision: https://reviews.freebsd.org/D39488
|
|
|
|
|
|
|
| |
It has been enabled for clang for a while now.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D39358
|
|
|
|
|
|
|
| |
Use a void cast to mark the cookie value as used in spl_fstrans_unmark.
Reported by: GCC
Differential Revision: https://reviews.freebsd.org/D39357
|
|
|
|
|
|
| |
Reviewed by: hselasky
Reported by: GCC
Differential Revision: https://reviews.freebsd.org/D39356
|
|
|
|
|
|
|
| |
This function is clearly a stub, but it seems better to leave the stub
bits in place than to remove the function entirely.
Differential Revision: https://reviews.freebsd.org/D39355
|
|
|
|
|
|
| |
Reviewed by: emaste
Reported by: GCC
Differential Revision: https://reviews.freebsd.org/D39354
|
|
|
|
|
| |
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D39353
|
|
|
|
|
| |
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D39352
|
|
|
|
|
|
| |
Reviewed by: emaste
Reported by: GCC
Differential Revision: https://reviews.freebsd.org/D39351
|
|
|
|
|
| |
Approved by: gnn (mentor)
Differential Revision: https://reviews.freebsd.org/D39484
|
|
|
|
|
|
|
|
|
|
|
| |
If all of the mirror's children have the same rotation rate, report
that. But if they have mixed rotation rates, or if any child has an
unknown rotation rate, report "Unknown".
MFC after: 2 weeks
Sponsored by: Axcient
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D39458
|
|
|
|
|
|
|
|
| |
PR: 269509
Reported by: Jaroslaw Pelczar <jarek@jpelczar.com>
Reviewed by: markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38903
|
|
|
|
|
|
|
|
|
| |
This will be used by a forthcoming port of the kinst provider.
Reviewed by: markj
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39481
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
if_bridge receives packets via a special interface, if_bridge_input,
rather than by if_input. Thus, netmap's usual hooking of ifnet routines
does not work as expected. Instead, modify bridge_input() to pass
packets directly to netmap when it is enabled. This applies to both
locally delivered packets and forwarded packets.
When a netmap application transmits a packet by writing it to the host
TX ring, the mbuf chain is passed to if_input, which ordinarily points
to ether_input(). However, when transmitting via if_bridge,
bridge_input() needs to see the packet again in order to decide whether
to deliver or forward. Thus, introduce a new protocol flag,
M_BRIDGE_INJECT, which 1) causes the packet to be passed to
bridge_input() again after Ethernet processing, and 2) avoids passing
the packet back to netmap. The source MAC address of the packet is used
to determine the original "receiving" interface.
Reviewed by: vmaffione
MFC after: 2 months
Sponsored by: Zenarmor
Sponsored by: OPNsense
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D38066
|
|
|
|
|
| |
Obtained from: OpenBSD 4095a2e01d18
Sponsored by: The FreeBSD Foundation
|
|
|
|
|
|
|
| |
PR: 270736
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D39483
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We already remove mbuf tags from packets transitting an if_epair, but we
didn't remove vlan metadata.
In certain configurations this could lead to unexpected vlan tags
turning up on the rx side.
PR: 270736
Reviewed by: markj
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D39482
|
|
|
|
|
| |
Obtained from: OpenBSD
Sponsored by: The FreeBSD Foundation
|
|
|
|
|
|
|
|
| |
It was introduced in 2d3614fb132b (bridge: Log MAC address port flapping).
Reviewed by: gbe (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D39465
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The assert_vop_locked messages are ignored, and file/line information
is not too useful. Fixing this without changing both witness and VFS
asserts KPIs is not possible.
Reviewed by: markj (previous version)
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D39464
|
|
|
|
|
|
|
|
|
|
| |
Use route destination sockaddr when the gateway is eiter AF_LINK or
has the different family (IPv4 over IPv6). This change ensures
the nexthop IFA has the same family as the destination.
Reported by: Dmitriy Smirnov <fox@sage.su>
Tested by: Dmitriy Smirnov <fox@sage.su>
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
| |
This fixes incorrect flag combinations when adding IPv4/IPv6 host
routes.
MFC after: 3 days
|
|
|
|
|
|
| |
level.
MFC after: 2 weeks
|
|
|
|
|
| |
Reported by: Gary Jennejohn <garyj@gmx.de>
MFC after: 2 weeks
|
|
|
|
| |
All known bugs have been fixed, try to enable Netlink once again.
|
|
|
|
| |
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
use-after-free for the USB FS interface.
Bad behaving user-space USB applicatoins may crash the kernel by issuing
USB FS related ioctl(2)'s out of their expected order. By default
the USB FS ioctl(2) interface is only available to the
administrator, root, and driver applications like webcamd(8) needs
to be hijacked in order for this to happen.
The issue is the fast-path code does not always see updates made
by the slow-path code, and may then work on freed memory.
This is easily fixed by using an EPOCH(9) type of synchronization
mechanism. A SX(9) lock will be used as a substitute for EPOCH(9),
due to the need for sleepability. In addition most calls going into
the fast-path originate from a single user-space process and the
need for multi-thread performance is not present.
Differential Revision: https://reviews.freebsd.org/D39373
Reviewed by: markj@
Reported by: C Turt <ecturt@gmail.com>
admbugs: 994
MFC after: 1 week
Sponsored by: NVIDIA Networking
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
mechanism.
Move code in switch cases into own functions to make later changes easier to track.
No functional change, except for removing a superfluous break statement when
range checking USB_FS_MAX_FRAMES, in the USB_FS_OPEN case.
It should not have been there at all.
Suggested by: emaste@
MFC after: 1 week
Sponsored by: NVIDIA Networking
|
|
|
|
|
| |
Extract ifindex from either gw or dst sockaddr and add it as a
dedicated RTA_OIF attribute.
|
| |
|
|
|
|
|
| |
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
|
|
|
|
|
|
|
|
|
|
|
| |
If either of vnodes is shared locked, lock must not be recursed.
Requested by: rmacklem
Reviewed by: markj, rmacklem
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D39444
|
|
|
|
|
|
|
|
|
| |
It is not implemented and causes panics on boot.
This is a temporary measure until someone(tm) sorts it out.
Reported by: many
Sponsored by: Rubicon Communications, LLC ("Netgate")
|
| |
|
| |
|
|
|
|
| |
Reported-by: syzbot+a324b64ef9a933659c1c@syzkaller.appspotmail.com
|
|
|
|
|
|
|
|
|
| |
Although the NFS client does not currently perform Null RPCs,
this fix is needed if/when it might do so.
Found during testing of experimental code that uses Null RPCs
to maintain/monitor TCP connections for "nconnect" mounts.
MFC after: 3 months
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit f4179ad46fa4 added support for operation bitmaps for
NFSv4.1/4.2. This commit uses those to implement the SP4_MACH_CRED
case for the NFSv4.1/4.2 ExchangeID operation since the Linux
NFSv4.1/4.2 client is now using this for Kerberized mounts.
The Linux Kerberized NFSv4.1/4.2 mounts currently work without
support for this because Linux will fall back to SP4_NONE,
but there is no guarantee this fallback will work forever.
This commit only affects Kerberized NFSv4.1/4.2 mounts from
Linux at this time.
MFC after: 3 months
|