prevent individual transactions from crossing a 4GB address boundary. Due
to bus_size_t type limitations, the driver uses a 2GB boundary in PAE
kernels.
Reviewed by: scottl
MFC after: 1 week
the rtld hints file. This environment variable would be unset if the
process is considered as tainted with setuid/setgid. This feature gives
a convenient way of using a custom set of shared library that is not
located in the default location and switch back.
Feature requested by: iXsystems
Original patch by: John Hixson
MFC after: 2 weeks
quirk requiring it to be enabled even when using MSI. This makes
the latter work again after r189285.
- Remove a comment which no longer applies since r190194.
filtering handle this. Introduce a new function msk_rxfilter that
handles Rx filter configuration and multicast setup as well as
promiscuous mode. This simplifies code a lot.
Promiscuous mode always have preference to any other Rx
filtering so don't disable the mode when ALLMULTI is set.
to the devctl notification queue. Empty strings cause devctl read
call to return 0 and result in devd exiting prematurely.
The actual offender (ugen notes for root hubs) will be fixed
by separate commit.
Limit the size of malloced buffer when dumping environment
variables. [EN-09:01]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-09:06.ktimer
Errata: FreeBSD-EN-09:01.kenv
provider. The NFS client exposes 'start' and 'done' probes for NFSv2
and NFSv3 RPCs when using the new RPC implementation, passing in the
vnode, mbuf chain, credential, and NFSv2 or NFSv3 procedure number.
For 'done' probes, the error number is also available.
Probes are named in the following way:
...
nfsclient:nfs2:write:start
nfsclient:nfs2:write:done
...
nfsclient:nfs3:access:start
nfsclient:nfs3:access:done
...
Access to the unmarshalled arguments is not easily available at this
point in the stack, but the passed probe arguments are sufficient to
to a lot of interesting things in practice. Technically, these probes
may cover multiple RPC retransmits, and even transactions if the
transaction ID change as a result of authentication failure or a
jukebox error from the server, but usefully capture the intent of a
single NFS request, such as access, getattr, write, etc.
Typical use might involve profiling RPC latency by system call, number
of RPCs, how often a getattr leads to a call to access, when failed
access control checks occur, etc. More detailed RPC information might
best be provided by adding a krpc provider. It would also be useful
to add NFS client probes for events such as the access cache or
attribute cache satisfying requests without an RPC.
Sponsored by: Google, Inc.
MFC after: 1 month
Badly formed ELF note may cause the caclulated pointer to the next note
to point both after the note region, that was checked in the code, but
also to point before the region, that was not checked [1]. Remember the
first note location in note0 and leap out if the note is not between
note0 and note_end.
In the similar way, badly formed note may cause infinite loop by
pointing next note into the same or previous note. Guard against this by
limiting amount of loop iterations by arbitrary choosen big number.
For clarity, check the calculated note alignment in each iteration.
Reported by: Chris Palmer <chris noncombatant org> [1]
PR: kern/132886
Reviewed and tested by: dchagin
MFC after: 3 days
it is right for only a tiny fraction of these devices and this
wild-card entry is too broad.
# I run a kernel without this entry at all without ill effects...
stored in the pmap is from the direct map region. The two exceptions have
been the kernel pmap and the swapper's pmap. These pmaps have used a
kernel virtual address established by pmap_bootstrap() for their shared
pml4 page table page. However, there is no reason not to use the direct
map for these pmaps as well.
they were passed uninitialized to in6_pcblookup_hash. Instead, do as is done
for IPv4 and use the addresses within the sockaddr structure, which are
correctly populated.
This fixes tcpdrop(8) for IPv6 address pairs.
Reviewed by: bz
definitely doing an NFSv2 or NFSv3 RPC, rather than sometimes doing
so and sometimes not. This makes it easier to add a DTrace return
probe at a single point in the function.
MFC after: 1 week