- added sysctls to if_enc(4) to control whether the firewalls or
bpf will see inner and outer headers or just inner headers
for incoming and outgoing IPsec packets.
- if_enc work with IPv6 now as well.
Reviewed by: brueffer
bpf will see inner and outer headers or just inner or outer
headers for incoming and outgoing IPsec packets.
This is useful in bpf to not have over long lines for debugging
or selcting packets based on the inner headers.
It also properly defines the behavior of what the firewalls see.
Last but not least it gives you if_enc(4) for IPv6 as well.
[ As some auxiliary state was not available in the later
input path we save it in the tdbi. That way tcpdump can give a
consistent view of either of (authentic,confidential) for both
before and after states. ]
Discussed with: thompsa (2007-04-25, basic idea of unifying paths)
Reviewed by: thompsa, gnn
- On amd64, just assume type #1 is always used. PCI 2.0 mandated
deprecated type #2 and required type #1 for all future bridges which
was well before amd64 existed.
- For i386, ignore whatever value was in 0xcf8 before testing for type #1
and instead rely on the other tests to determine if type #1 works. Some
newer machines leave garbage in 0xcf8 during boot and as a result the
kernel doesn't find PCI at all (which greatly confuses ACPI which expects
PCI to exist when PCI busses are in the namespace).
MFC after: 3 days
Discussed with: scottl
ZFS porting style didn't extend this, instead using a heap of additional
header files that don't get installed.
My intention had been to allow OpenSolaris external code to build on
FreeBSD out of the box (i.e. without a src tree).
Make clear that this is not a good idea when called from
tcp_output()->ipsec_hdrsiz_tcp()->ipsec4_hdrsize_tcp()
as we do not know if IPsec processing is needed at that point.
Add README.tcpmd5 to describe how to build a simple test setup
and run tests.
Convert compile time options to run time options [1].
Discussed with: rwatson
Suggested by: rwatson [1]
T_DIRECT filtering so that disk drives can be attached via the
pass driver. Add CAM locking. Don't mark CAM commands as SG64
since the hardware isn't designed to deal with 64-bit passthru
commands. Hopefully the bounce buffer changes that were done
for the management/ioctl interface are robust enough to handle
this deficiency for CAM as well.
.ICE-unix, .font-unix, .XIM-unix) when purging files from /tmp via the
daily 100.clean-tmps job. If you are logged into an X session longer
than the timeout period (default of 3 days), then this job can delete
the X11 sockets out from under the session without this fix.
MFC after: 3 days
- Enable pcbeep control for Acer + ALC268 (nid 29). Give enough (fake)
hints so the parser will grab it and allocate "speaker" control.
- Fix regression while preparing DAC and ADC for multichannel
format. Since playback policy is to output to every possible path,
ensure that each DAC is started.
Reported / Tested by: Guy Brand
return -1 on error while any other return value from it can
indicate success. (See RETURN VALUE in our ioctl(2) manpage
and the POSIX spec.)
- Avoid assumptions about the state of the data buffer after
ioctl(2) failure.
Add a new option to newfs(8), -r, to specify reserved space at the
end of the device. It can be useful, e.g., when the device is to
become a member of a gmirror array later w/o losing the file system
on it.
Document the new option in the manpage.
While I'm here, improve error handling for -s option, which is
syntactically similar to -r; and document the fact that -s0 selects
the default fs size explicitly, which can be useful, e.g., in a
menu-based wrapper around newfs(8) requiring some value be entered
for the fs size.
Also fix a small typo in the help line for -s (missing space).
Idea and initial implementation by: marck
Discussed on: -fs
Critical review by: bde
Tested with: cmp(1)
Currently, Giant is not too much contented so that it is ok to treact it
like any other mutexes.
Please don't forget to update your own custom config kernel files.
Approved by: cognet, marcel (maintainers of arches where option is
not enabled at the moment)
of some old programs. Since sigval is union type, this change will not have
binary compatibility problem.
MFC: after 3 days
Discussed with: rwatson, glebius
It should just contain the value we want to add, as if we're interrupted
between the add and the str, we will restart from the beginning. Just use
a register we can scratch instead.
MFC After: 1 week
routine. It is not needed as the existing tests for segment coalescing
already handle bounced addresses and it prevents legal segment coalescing
in certain edge cases.
MFC after: 1 week
Reviewed by: scottl
