the vfs.read_max default. For most systems this means going from 128 KiB
to 256 KiB, which is still very conservative and lower than what most
other operating systems use, but as a sane default should not
interfere much with existing systems.
For systems with RAID volumes and/or virtualization envirnments, where
read performance is very important, increasing this sysctl tunable to 32
or even more will demonstratively yield additional performance benefits.
If MAXPHYS ever gets bumped up, it will probably be a good idea to slave
read_max to it.
SOCK_DGRAM socket. MSG_TRUNC was only returned when some mbufs could
not be copied to the application. If some data was left in the last
mbuf, it was correctly discarded, but MSG_TRUNC was not set.
Reviewed by: bz
MFC after: 3 weeks
standard ports, but it can't *receive* them (port 514 is
hardcoded). This commit adds that missing feature.
(NB: I actually needed this feature for a server farm where
multiple jails run with shared IP addresses, and every jail
should have its own syslogd process.)
As a side effect, syslogd now compiles with WARNS=6.
Approved by: des (mentor)
MFC after: 3 weeks
and BeOS. The devices supported by uslcom(4) are now in sync with:
NetBSD src/sys/dev/usb/uslsa.c 1.11
OpenBSD src/sys/dev/usb/uslcom.c 1.20
Linux source/drivers/usb/serial/cp210x.c from kernel 2.6.35
BeOS usb_serial/driver.c 1.32
Two vendor/product IDs from Linux have not been added to uslcom(4):
SILABS SAEL - This device has special code in u3g to support it
SILABS GSM2228 - I suspect this should also be covered by u3g(4).
MFC after: 1 week
vendor ID in the vendor section, and by symbolic name in the product
section. Products are sorted by product ID. While here, get rid of a
duplicate Microsoft Mouse entry, revealed by sorting.
MFC after: 1 week
1. Use unsigned rather than signed lengths
2. Bound messages to/from Venus to VC_MAXMSGSIZE
3. Bound messages to/from general user processes to VC_MAXDATASIZE
4. Update comment regarding data limits for pioctl
Without (1) and (3), it may be possible for unprivileged user processes to
read sensitive portions of kernel memory. This issue is only present if
the Coda kernel module is loaded and venus (the userspace Coda daemon) is
running and has /coda mounted.
As Coda is considered experimental and production use is warned against in
the coda(4) man page, and because Coda must be explicitly configured for a
configuration to be vulnerable, we won't be issuing a security advisory.
However, if you are using Coda, then you are advised to apply these fixes.
Reported by: Dan J. Rosenberg <drosenberg at vsecurity.com>
Obtained from: NetBSD (Christos Zoulas)
Security: Kernel memory disclosure; no advisory as feature experimental
MFC after: 3 days
Erwin fired up a ports build a couple of weeks ago and it seems the
following functions are not used by any of the 20k ports we have, which
makes me believe they don't have any purpose. Just remove them.
