IPv6. Initialize it only once in def_policy_init(). Remove its
initialization from key_init() and make it static.
Remove several fields from struct secpolicy:
* lock - it isn't so useful having mutex in the structure, but the only
thing we do with it is initialization and destroying.
* state - it has only two values - DEAD and ALIVE. Instead of take a lock
and change the state to DEAD, then take lock again in GC function and
delete policy from the chain - keep in the chain only ALIVE policies.
* scangen - it was used in GC function to protect from sending several
SADB_SPDEXPIRE messages for one SPD entry. Now we don't keep DEAD entries
in the chain and there is no need to have scangen variable.
Use TAILQ to implement SPD entries chain. Use rmlock to protect access
to SPD entries chain. Protect all SP lookup with RLOCK, and use WLOCK
when we are inserting (or removing) SP entry in the chain.
Instead of using pattern "LOCK(); refcnt++; UNLOCK();", use refcount(9)
API to implement refcounting in SPD. Merge code from key_delsp() and
_key_delsp() into _key_freesp(). And use KEY_FREESP() macro in all cases
when we want to release reference or just delete SP entry.
Obtained from: Yandex LLC
Sponsored by: Yandex LLC
Fix the following issues:
- Removed revision from device softc, it isn't used anywhere else out of
device attach routine;
- Move the duplicated code for verification of valid banks (and pins) to
a single function;
- Use some macros to simplify the handling of some constants;
- Update some stale comments.
The SAMPLE message and notes where tab seperated for some parts and hence
displayed incorrectly unless tabstop was set to 8. Switch to spaces to it
displays correctly independent of the tabstop setting.
Sponsored by: Multiplay
AR5416 and later NICs have more than 8 (Well, more than 6) GPIO pins.
So to support rfkill on these NICs we need to bump this up or the
rfkill GPIO pin may get reset to the wrong value.
Noticed by: Anthony Jenkins <scoobi_doo@yahoo.com>
According to objcopy(1) --target is for use where the input and output
formats are the same ("no translation"). In practice it does detect the
input format in any case, but be explicit that we're specifying the
output format as we are translating from ELF to EFI PE format.
Sponsored by: The FreeBSD Foundation
It's redundant at the moment since it can be obtained from the trapframe
on the architectures where DTrace is supported, but this won't be the case
with ARM.
protocol and facility boundaries. However, now it cleans up only the
first mbuf, while intent clearly means all mbufs in a possible chain.
Differential Revision: https://reviews.freebsd.org/D1352
Reviewed by: rpaulo, gnn, adrian
Sponsored by: Nginx, Inc.
Recent binutils considered the .gnu.warning.symbol section as a fatal error when
run with --fatal-warnings which makes any users of "insecure" functions from
libc failing to build with recent binutils.
Introduce a new macro: LD_FATAL_WARNINGS=no to run ld(1) with
--no-fatal-warnings for the users of "insecure" functions
Differential Revision: https://reviews.freebsd.org/D1320
deselect it after setting the block size. This is a similar bug that
was fixed elsewhere, but not here. This makes sure that we leave the
card deselected at the end of the loop, and we don't send any commands
to the card without it selected.
Reviewed by: ian@
"hw.vmm.trace_guest_exceptions". To enable this feature set the tunable
to "1" before loading vmm.ko.
Tracing the guest exceptions can be useful when debugging guest triple faults.
Note that there is a performance impact when exception tracing is enabled
since every exception will now trigger a VM-exit.
Also, handle machine check exceptions that happen during guest execution
by vectoring to the host's machine check handler via "int $18".
Discussed with: grehan
MFC after: 2 weeks
which means that the NFSCLIENT and NFSSERVER
kernel options will no longer work. This commit
only removes the kernel components. Removal of
unused code in the user utilities will be done
later. This commit does not include an addition
to UPDATING, but that will be committed in a
few minutes.
Discussed on: freebsd-fs
output frequency of the "twiddle" IO progress indicator. The default
value is 1. For larger values N, the next stage of the animation is only
output on every Nth call to the output routine. A sufficiently large N
effectively disables the animation completely.
just "directory" entries.
Prior to this commit, if / was added as part of a security update (how? In
the most recent case, because lib32 was accidentally omitted and was then
re-added, and every installer distribution set gets its own paths) then
the code which was supposed to filter out updates to deleted parts of the
base system (if someone decides to delete / then we shouldn't re-create it
for them) would instead get confused and decided that while / should exist,
// should not exist and needs to be removed.
This fixes the bug which caused freebsd-update to want to delete / (which is
harmless, since `rm /` fails, but scary nonetheless). A workaround is being
applied to the update bits in order to avoid triggering the bug on unpatched
systems.
PR: 196055, 196091, 196147
only happen on every Nth call. Update the existing twiddle() calls done in
various IO loops to roughly reflect the relative IO sizes. That is, tftp
and nfs call twiddle() on every 1K block, ufs on every filesystem block,
so the network calls now use a much larger divisor than disk IO calls.
Also add a new twiddle_divisor() function that allows an application to set
a global divisor that is applied on top of the per-call divisors. Nothing
calls this yet, but loader(8) will be using it to further throttle the
cursor for slow serial consoles.
Resizing a ZFS ZVOL with debug enabled would result in a panic due to
recursion on dp_config_rwlock.
The upstream change "3464 zfs synctask code needs restructuring" changed
zvol_set_volsize to avoid the recursion on dp_config_rwlock, but this was
missed when originally merged in by r248571 due to significant differences
in our codebases in this area.
These changes also relied on bring in changes from upstream:
3557 dumpvp_size is not updated correctly when a dump zvol's size is
changed, which where also not present.
In order to help prevent future issues in this area a direct comparison
and diff minimisation from current upstream version (b515258) of zvol.c.
Differential Revision: https://reviews.freebsd.org/D1302
MFC after: 1 month
X-MFC-With: r276063 & r276066
Sponsored by: Multiplay
Use #define zfsdev_state_lock spa_namespace_lock instead of replacing all
zfsdev_state_lock with spa_namespace_lock to minimise changes from upstream.
Differential Revision: D1302
MFC after: 1 month
X-MFC-With r276063
Sponsored by: Multiplay
Current VT drivers don't register the memory regions they use with the
nexus. This patch makes vt_vga and vt_efifb register the memory regions they
use.
This is needed (at least) for Xen support, since the FreeBSD kernel will try
to use the holes in the memory map to map memory from other domains and
setup it's grant table.
Sponsored by: Citrix Systems R&D
Reported by: sbruno
Tested by: emaste
Reviewed by: ray
PR: 195537
Differential Revision: https://reviews.freebsd.org/D1291
Also correct as per style(9) on the use of #ifdef comments.
This is a no-op change as pre-cursor to a full cleanup and merge with
upstream zvol changes.
Sponsored by: Multiplay