freebsd-dev/sys
Jonathan T. Looney 2ceeacbe71 Lower the default limits on the IPv6 reassembly queue.
Currently, the limits are quite high. On machines with millions of
mbuf clusters, the reassembly queue limits can also run into
the millions. Lower these values.

Also, try to ensure that no bucket will have a reassembly
queue larger than approximately 100 items. This limits the cost to
find the correct reassembly queue when processing an incoming
fragment.

Due to the low limits on each bucket's length, increase the size of
the hash table from 64 to 1024.

Reviewed by:	jhb
Security:	FreeBSD-SA-18:10.ip
Security:	CVE-2018-6923
2018-08-14 17:32:07 +00:00
..
amd64 Provide part of the mitigation for L1TF-VMM. 2018-08-14 17:29:41 +00:00
arm Remove cpu_pfr from arm. It's unused. 2018-08-14 16:01:25 +00:00
arm64 Add support to the Marvell Xenon SDHCI controller. 2018-08-14 16:33:30 +00:00
bsm
cam Create xpt_sim_poll and refactor a bit using it. 2018-08-13 19:59:32 +00:00
cddl MFV/ZoL: Add dbuf hash and dbuf cache kstats 2018-08-12 03:15:30 +00:00
compat Use atomic_fcmpset_XXX() instead of atomic_cmpset_XXX() when possible 2018-08-09 09:39:32 +00:00
conf Add support to the Marvell Xenon SDHCI controller. 2018-08-14 16:33:30 +00:00
contrib Merge ACPICA 20180810. 2018-08-13 16:26:26 +00:00
crypto libmd: Always erase context in _Final method, and when doing 2018-07-20 07:01:28 +00:00
ddb add an option for ddb ps command to print process arguments 2018-08-09 11:21:31 +00:00
dev Add support to the Marvell Xenon SDHCI controller. 2018-08-14 16:33:30 +00:00
dts Remove Atmel AT91RM9200 and AT91SAM9 support. 2018-07-27 18:28:22 +00:00
fs Assorted fixes to handling of LayoutRecall callbacks, mostly error handling. 2018-08-08 20:21:45 +00:00
gdb
geom OpenCrypto: Convert sessions to opaque handles instead of integers 2018-07-18 00:56:25 +00:00
gnu Import DTS files from Linux 4.18 2018-08-13 06:40:20 +00:00
i386 Implement kernel support for early loading of Intel microcode updates. 2018-08-13 17:13:09 +00:00
isa Revert r330780, it was improperly tested and results in taking a spin 2018-03-11 20:13:15 +00:00
kern Eliminate a redundant assignment. 2018-08-11 19:21:53 +00:00
kgssapi OpenCrypto: Convert sessions to opaque handles instead of integers 2018-07-18 00:56:25 +00:00
libkern Sync strlcpy with userland version, again 2018-06-21 17:35:13 +00:00
mips Query MVPConf0.PVPE for number of CPUs. 2018-08-14 16:29:10 +00:00
modules uep(4): add evdev support 2018-08-05 11:14:13 +00:00
net lagg: allow lacp to manage the link state 2018-08-13 14:13:25 +00:00
net80211 Fix misspellings of transmitter/transmitted 2018-08-10 20:37:32 +00:00
netgraph Use if_tunnel_check_nesting() for ng_iface(4). 2018-08-03 22:55:58 +00:00
netinet Lower the default limits on the IPv4 reassembly queue. 2018-08-14 17:30:46 +00:00
netinet6 Lower the default limits on the IPv6 reassembly queue. 2018-08-14 17:32:07 +00:00
netipsec Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
netpfil pf: Take the IF_ADDR_RLOCK() when iterating over the group list 2018-08-11 16:37:55 +00:00
netsmb Make timespecadd(3) and friends public 2018-07-30 15:46:40 +00:00
nfs Switch RIB and RADIX_NODE_HEAD lock from rwlock(9) to rmlock(9). 2018-06-16 08:26:23 +00:00
nfsclient
nfsserver
nlm
ofed Only NULL check the VNET pointer when VIMAGE is enabled in ibcore. 2018-07-31 11:23:44 +00:00
opencrypto Make timespecadd(3) and friends public 2018-07-30 15:46:40 +00:00
powerpc powerpc: Add lwsync and ptesync 'sync' opcode variants to ddb disassembler 2018-08-10 03:28:40 +00:00
riscv Remove unused code. 2018-08-14 16:22:14 +00:00
rpc Set SO_SNDTIMEO in the client side krpc when CLSET_TIMEOUT is done. 2018-07-20 12:03:16 +00:00
security Require that MAC label buffers be able to store a non-empty string. 2018-08-01 03:46:07 +00:00
sparc64 Add pmap_is_valid_memattr(9). 2018-08-01 18:45:51 +00:00
sys Bring in timespce_get form NetBSD. 2018-08-10 15:16:30 +00:00
teken teken: Fix sequences header which was crossing the 80-col boundary 2018-05-29 08:41:44 +00:00
tests epoch_test: fix compile 2018-07-15 00:31:17 +00:00
tools Add dtb overlays support 2018-03-24 21:30:24 +00:00
ufs Put in place the framework for consolodating contiguous blocks into 2018-08-06 21:09:11 +00:00
vm Prevent some parallel swap-ins, rate-limit swapper swap-ins. 2018-08-13 16:48:46 +00:00
x86 Add definitions related to the L1D flush operation capability and MSR. 2018-08-14 17:19:11 +00:00
xdr
xen xen: add missing file from r336474 2018-07-19 10:14:52 +00:00
Makefile