openbsd
8 years agoProvide an API that enables server side SNI support - add the ability to
jsing [Mon, 22 Aug 2016 14:55:59 +0000 (14:55 +0000)]
Provide an API that enables server side SNI support - add the ability to
provide additional keypairs (via tls_config_add_keypair_{file,mem}()) and
allow the server to determine what servername the client requested (via
tls_conn_servername()).

ok beck@

8 years agoCreate contexts for server side SNI - these include the additional SSL_CTX
jsing [Mon, 22 Aug 2016 14:51:37 +0000 (14:51 +0000)]
Create contexts for server side SNI - these include the additional SSL_CTX
that is required for certificate switching with libssl and the certificate
itself so that we can match against the subject and SANs. Hook up the
servername callback and switch to the appropriate SSL_CTX if we find a
matching certificate.

ok beck@

8 years agoshorten the pkcs8 text;
jmc [Mon, 22 Aug 2016 13:39:52 +0000 (13:39 +0000)]
shorten the pkcs8 text;

8 years agoUse the new clock API.
kettenis [Mon, 22 Aug 2016 11:24:45 +0000 (11:24 +0000)]
Use the new clock API.

8 years agoImplement interfaces to disable clocks and add interfaces that enable or
kettenis [Mon, 22 Aug 2016 11:23:54 +0000 (11:23 +0000)]
Implement interfaces to disable clocks and add interfaces that enable or
disable all clocks for a device.  The latter interfaces are useful for
devices that have multiple clocks that don't have specific names/purposes
such as sxiahci(4).

8 years agoCall csignal() and selwakeup() from a KERNEL_LOCK'd task.
mpi [Mon, 22 Aug 2016 10:40:36 +0000 (10:40 +0000)]
Call csignal() and selwakeup() from a KERNEL_LOCK'd task.

This will allow us make bpf_tap() KERNEL_LOCK() free.

Discussed with dlg@ and input from guenther@

8 years agoSizes for free(9) from David Hill.
mpi [Mon, 22 Aug 2016 10:33:22 +0000 (10:33 +0000)]
Sizes for free(9) from David Hill.

8 years agoRefactor the uio to mbuf code out of sosend and start to make use of
claudio [Mon, 22 Aug 2016 10:23:42 +0000 (10:23 +0000)]
Refactor the uio to mbuf code out of sosend and start to make use of
MCLGETI and large mbuf clusters. This should speed up local connections
a fair bit. OK dlg@ and bluhm@ (after reverting the M_WAIT change on the
cluster allocation)

8 years agoUse the new clock API to get the clock frequency from the device tree and the
kettenis [Mon, 22 Aug 2016 09:37:27 +0000 (09:37 +0000)]
Use the new clock API to get the clock frequency from the device tree and the
actual hardware that controls the clock.  This gets rid of all the hardcoded
clock frequencies for specific hardware.

Tested by jsg@ on the BBB, mglocker@ on the C.H.I.P. and myself on the
Banana Pi and Raspberry Pi 3.

ok jsg@

8 years agoAdd code to enable the pll6 clock.
kettenis [Mon, 22 Aug 2016 06:48:38 +0000 (06:48 +0000)]
Add code to enable the pll6 clock.

8 years agofix typos
tedu [Mon, 22 Aug 2016 06:45:12 +0000 (06:45 +0000)]
fix typos

8 years agosync
deraadt [Mon, 22 Aug 2016 05:21:10 +0000 (05:21 +0000)]
sync

8 years agoSorry Andrew and Luke, I'm pretty sure we deleted your IRIX and VMS code.
deraadt [Mon, 22 Aug 2016 04:33:07 +0000 (04:33 +0000)]
Sorry Andrew and Luke, I'm pretty sure we deleted your IRIX and VMS code.

8 years agoBefore pmap7.c rev 1.35 and pmap.h rev 1.44 DMA'able memory with the
jsg [Mon, 22 Aug 2016 01:41:59 +0000 (01:41 +0000)]
Before pmap7.c rev 1.35 and pmap.h rev 1.44 DMA'able memory with the
BUS_DMA_COHERENT flag was mapped as device memory which does not use the
store buffer.  It is now mapped as normal inner and outer non-cacheable
which does.

While we drain the cpu store buffer for this case, on cortex a9 systems we
also need to explicitly drain the PL310 L2's store buffer.  With PL310
revisions r3p2 and later this is done automatically after being present in
the store buffer for 256 cycles.  On i.MX6 PL310 is rev r3p1 which does
not have this behaviour.  This issue is i.MX6 errata ERR055199 and PL310
errata 769419.

This change restores io performance with a usb flash drive attached to
my cubox.  Raw reads go from 3 MB/s to 19 MB/s for example.

Based on code written by patrick@ some time ago.
ok kettenis@ patrick@

8 years agoUse generic clock API to enable the module clock.
kettenis [Sun, 21 Aug 2016 23:02:32 +0000 (23:02 +0000)]
Use generic clock API to enable the module clock.

8 years agoAdd support for all the ahb, apb0 and apb1 clock gating devices on sun4i,
kettenis [Sun, 21 Aug 2016 23:01:57 +0000 (23:01 +0000)]
Add support for all the ahb, apb0 and apb1 clock gating devices on sun4i,
sun5i and sun7i.

8 years agoImplement some fundamental clocks using the new clock framework.
kettenis [Sun, 21 Aug 2016 21:39:59 +0000 (21:39 +0000)]
Implement some fundamental clocks using the new clock framework.

ok patrick@

8 years agoAdd a minimal clock "framework". Build it on armv7.
kettenis [Sun, 21 Aug 2016 21:38:05 +0000 (21:38 +0000)]
Add a minimal clock "framework".  Build it on armv7.

ok patrick@

8 years agointroduce a union of sockaddr types and eliminate a lot of casts.
tedu [Sun, 21 Aug 2016 21:23:48 +0000 (21:23 +0000)]
introduce a union of sockaddr types and eliminate a lot of casts.

8 years agobugfix: when fgetwc(3) fails, fgetwln(3) must fail as well;
schwarze [Sun, 21 Aug 2016 21:10:52 +0000 (21:10 +0000)]
bugfix: when fgetwc(3) fails, fgetwln(3) must fail as well;
OK jca@ martijn@ millert@

8 years agoMake lease_value() unescape quoted strings. To be fully compliant, we
halex [Sun, 21 Aug 2016 19:22:15 +0000 (19:22 +0000)]
Make lease_value() unescape quoted strings. To be fully compliant, we
should unvis() it too, but I think this is enough, at least for now.

ok krw@

8 years agotweak previous
rpe [Sun, 21 Aug 2016 18:47:01 +0000 (18:47 +0000)]
tweak previous

OK halex, krw

8 years agoFix a pasto in a comment.
kettenis [Sun, 21 Aug 2016 14:41:51 +0000 (14:41 +0000)]
Fix a pasto in a comment.

8 years agofix obvious typo in the .Dt section number
schwarze [Sun, 21 Aug 2016 13:31:21 +0000 (13:31 +0000)]
fix obvious typo in the .Dt section number

8 years agoThere are three callers of update_vattr(). Two of them don't use the
natano [Sun, 21 Aug 2016 09:23:33 +0000 (09:23 +0000)]
There are three callers of update_vattr(). Two of them don't use the
updated struct vattr afterwards, so the call can be removed. Remove both
calls and the function itself, inlining the last remaining call.

ok millert

8 years agoWhen detecting the console on attach test fa_node and stdout_node not fa_reg
jsg [Sun, 21 Aug 2016 07:08:46 +0000 (07:08 +0000)]
When detecting the console on attach test fa_node and stdout_node not fa_reg
and pl011consaddr as the pl011consaddr addresss may have been translated.
Set cn_dev at this point as well as in com(4) and imxuart(4) to handle cases
where stdout is not serial0.

8 years agoRemove the remains of a workaround to get GIC ranges for exynos.
jsg [Sun, 21 Aug 2016 06:47:47 +0000 (06:47 +0000)]
Remove the remains of a workaround to get GIC ranges for exynos.

Exynos differed from everything else by not having GIC at fixed offsets
from PERIPHBASE.  Now that ampintc/GIC attaches using FDT we get the ranges
out of the FDT instead of using offsets from PERIPHBASE.

8 years agoDynamically attach exuart using the FDT.
jsg [Sun, 21 Aug 2016 06:36:23 +0000 (06:36 +0000)]
Dynamically attach exuart using the FDT.

8 years agoChange sleep from crazy backoff to one second of sleep between retries
beck [Sun, 21 Aug 2016 03:26:04 +0000 (03:26 +0000)]
Change sleep from crazy backoff to one second of sleep between retries
ok deraadt@

8 years agosync
deraadt [Sat, 20 Aug 2016 23:05:50 +0000 (23:05 +0000)]
sync

8 years agoFix indentation.
kettenis [Sat, 20 Aug 2016 21:08:16 +0000 (21:08 +0000)]
Fix indentation.

8 years agoArgh, commit from the wrong tree. Revert previous commit.
kettenis [Sat, 20 Aug 2016 21:07:07 +0000 (21:07 +0000)]
Argh, commit from the wrong tree.  Revert previous commit.

8 years agoFix indentation.
kettenis [Sat, 20 Aug 2016 21:04:18 +0000 (21:04 +0000)]
Fix indentation.

8 years agoProperly initialize the message parser. fix a regression where the
eric [Sat, 20 Aug 2016 20:47:08 +0000 (20:47 +0000)]
Properly initialize the message parser. fix a regression where the
message headers would not be altered as expected.

ok gilles@

8 years agoadd "armv7" to the Dt line;
jmc [Sat, 20 Aug 2016 20:23:29 +0000 (20:23 +0000)]
add "armv7" to the Dt line;

8 years agoSync connect_wait() example with its real usage in ftp(1).
millert [Sat, 20 Aug 2016 20:22:28 +0000 (20:22 +0000)]
Sync connect_wait() example with its real usage in ftp(1).

8 years agoUse connect(2) + a connect_wait() function instead of connect_sync(),
millert [Sat, 20 Aug 2016 20:18:42 +0000 (20:18 +0000)]
Use connect(2) + a connect_wait() function instead of connect_sync(),
similar to the example in connect(2).  OK tedu@

8 years agosximmc(4)
kettenis [Sat, 20 Aug 2016 19:53:31 +0000 (19:53 +0000)]
sximmc(4)

8 years agoEnable sximmc(4).
kettenis [Sat, 20 Aug 2016 19:44:02 +0000 (19:44 +0000)]
Enable sximmc(4).

8 years agoIncrease MSGBUFSIZE to 8 pages.
kettenis [Sat, 20 Aug 2016 19:42:55 +0000 (19:42 +0000)]
Increase MSGBUFSIZE to 8 pages.

ok deraadt@

8 years agoVarious improvements to make this work better.
kettenis [Sat, 20 Aug 2016 19:41:14 +0000 (19:41 +0000)]
Various improvements to make this work better.

Restrict the block size to 512 bytes for now.  While Linux and NetBSD seem
to allow larger block sizes (4096 and 8192 bytes) I'm getting errors wth an
older 2G Sandisk SD card that advertises support for 1024 byte blocks.

Implement switching between the 400 KHz "discovery" clock and the 25 MHz
"operational" clock.  Enable the right clock based on the SD/MMC "unit"
number.  Don't advertise highspeed capabilities for now as I'm not sure
how the adjust the clock timing in that case.

Fix the way we calculate the number of blocks and the size of the total data
transfer to matc what we do in sdhc(4).

8 years agoAdd some code to set the SD/MMC clocks.
kettenis [Sat, 20 Aug 2016 19:34:44 +0000 (19:34 +0000)]
Add some code to set the SD/MMC clocks.

8 years agoDon't set MSGBUFSIZE here such that the setting in <machine/param.h> takes
kettenis [Sat, 20 Aug 2016 19:31:01 +0000 (19:31 +0000)]
Don't set MSGBUFSIZE here such that the setting in <machine/param.h> takes
effect.  This will let us have different settings on armv7 and zaurus and
also unconfuses this developer.

ok tom@, deraadt@

8 years agoFormat string fixes in debug code: need %llx to print 64 bit values
stefan [Sat, 20 Aug 2016 19:22:05 +0000 (19:22 +0000)]
Format string fixes in debug code: need %llx to print 64 bit values

ok kettenis@ deraadt@ mlarkin@

8 years agoDeclare all _asr_* debug functions as hidden.
jca [Sat, 20 Aug 2016 19:08:57 +0000 (19:08 +0000)]
Declare all _asr_* debug functions as hidden.

Reported by & similar diff by guenther@ some time ago, ok eric@

8 years agoalready in v2 according to http://www.tuhs.org/Archive/PDP-11/Distributions/research...
schwarze [Sat, 20 Aug 2016 18:44:07 +0000 (18:44 +0000)]
already in v2 according to tuhs.org/Archive/PDP-11/Distributions/research/1972_stuff/unix_2nd_edition_manual.pdf
patch from Sevan Janiyan <venture37 at geeklan dot co dot uk>

8 years agoWhen a mismatching end macro occurs while at least two nested blocks
schwarze [Sat, 20 Aug 2016 17:58:09 +0000 (17:58 +0000)]
When a mismatching end macro occurs while at least two nested blocks
are open, all except the innermost open block got a bogus MDOC_ENDED
marker, in some situations triggering segfaults down the road
which tb@ found with afl(1).
Fix the logic error by figuring out up front whether an end macro
has a matching body, and if it hasn't, don't mark any blocks as broken.

8 years agoWhen scanning upwards for a column list to put a .Ta macro in,
schwarze [Sat, 20 Aug 2016 15:58:16 +0000 (15:58 +0000)]
When scanning upwards for a column list to put a .Ta macro in,
ignore body end markers of lists breaking other blocks.
Fixing a logical error that caused a NULL deref found by tb@ with afl(1).

8 years agoReplace bcmmuart(4) with com(4).
kettenis [Sat, 20 Aug 2016 15:44:04 +0000 (15:44 +0000)]
Replace bcmmuart(4) with com(4).

ok patrick@

8 years agoTweak timer debug output.
jca [Sat, 20 Aug 2016 15:10:18 +0000 (15:10 +0000)]
Tweak timer debug output.

-RA timer on em0 is set to 16:0
+RA timer on em0 is set to 16.0s

8 years agoMove counters from u_quad_t to uint64_t.
jca [Sat, 20 Aug 2016 15:05:52 +0000 (15:05 +0000)]
Move counters from u_quad_t to uint64_t.

Printing is already done with %llu/(unsigned long long) casts.

8 years agofsdb(8) sucks in and is pledged by fsck(8). Since it uses editline(3),
tb [Sat, 20 Aug 2016 15:04:21 +0000 (15:04 +0000)]
fsdb(8) sucks in and is pledged by fsck(8).  Since it uses editline(3),
add a special case for the missing "rpath" and "tty" promises.
Issue found and initial analysis by Jan Stary, thanks!

ok deraadt

8 years agoIf a column list starts with implicit rows (that is, rows without .It)
schwarze [Sat, 20 Aug 2016 14:43:39 +0000 (14:43 +0000)]
If a column list starts with implicit rows (that is, rows without .It)
and roff-level nodes (e.g. tbl or eqn) follow, don't run into an
assertion.  Instead, wrap the roff-level nodes in their own row.
Issue found by tb@ with afl(1).

8 years agoRemove obsolete sxiuart(4) header.
patrick [Sat, 20 Aug 2016 14:35:28 +0000 (14:35 +0000)]
Remove obsolete sxiuart(4) header.

Noticed by mglocker@.

8 years agosxiuart(4) has been replaced with com(4).
patrick [Sat, 20 Aug 2016 13:24:38 +0000 (13:24 +0000)]
sxiuart(4) has been replaced with com(4).

ok kettenis@

8 years agoshorten pkcs7 text;
jmc [Sat, 20 Aug 2016 12:54:49 +0000 (12:54 +0000)]
shorten pkcs7 text;

8 years agoCorrectly enter a mapping as writable if no "page modified" emulation
kettenis [Sat, 20 Aug 2016 12:36:59 +0000 (12:36 +0000)]
Correctly enter a mapping as writable if no "page modified" emulation
is needed.

ok visa@, patrick@

8 years agoFiguring out the clock frequency used for a com(4) device on armv7 is hard.
kettenis [Sat, 20 Aug 2016 10:41:54 +0000 (10:41 +0000)]
Figuring out the clock frequency used for a com(4) device on armv7 is hard.
Avoid doing so for the early console and instead rely on the firmware to
set up the right baud rate and such.

ok visa@, millert@, jsg@

8 years agoPush 'field changed' guards into 'change field' functions;
procter [Sat, 20 Aug 2016 08:34:30 +0000 (08:34 +0000)]
Push 'field changed' guards into 'change field' functions;
optimise pf_patch_32(); simplify pf_match_addr()
OK mikeb@

8 years agoRetire pf_translate_ap()
procter [Sat, 20 Aug 2016 08:31:36 +0000 (08:31 +0000)]
Retire pf_translate_ap()
OK mpi@ mikeb@

8 years agoshorten the passwd text; ok jsing
jmc [Sat, 20 Aug 2016 07:56:09 +0000 (07:56 +0000)]
shorten the passwd text; ok jsing

8 years agomove mem.c to hppa directory like every other arch.
tedu [Fri, 19 Aug 2016 20:48:36 +0000 (20:48 +0000)]
move mem.c to hppa directory like every other arch.
(probably landed in dev because it has support for this viper thing,
but i like consistency for the /dev/null parts.)
ok kettenis

8 years agoMake the FSR encoding strings match the ARMv7 ARM.
kettenis [Fri, 19 Aug 2016 19:07:37 +0000 (19:07 +0000)]
Make the FSR encoding strings match the ARMv7 ARM.

8 years agoSeems we need to hold the PHY into reset a little bit longer. Without it
kettenis [Fri, 19 Aug 2016 18:25:53 +0000 (18:25 +0000)]
Seems we need to hold the PHY into reset a little bit longer.  Without it
Theo's Cubox-i comes up without working Ethernet after a warm boot.

ok deraadt@

8 years agoAdd support for arm and enable on armv7.
kettenis [Fri, 19 Aug 2016 17:39:37 +0000 (17:39 +0000)]
Add support for arm and enable on armv7.

8 years agoStart using to XN flag to enforce that mappings without PROT_EXEC are
kettenis [Fri, 19 Aug 2016 17:31:04 +0000 (17:31 +0000)]
Start using to XN flag to enforce that mappings without PROT_EXEC are
non-executable.

ok visa@, deraadt@

8 years agoMark device memory as execute-never to prevent a speculative instruction fetch
kettenis [Fri, 19 Aug 2016 15:47:27 +0000 (15:47 +0000)]
Mark device memory as execute-never to prevent a speculative instruction fetch
to access it.

8 years agomake smtpd less verbose at startup
eric [Fri, 19 Aug 2016 15:35:08 +0000 (15:35 +0000)]
make smtpd less verbose at startup

ok gilles@ sunil@ jung@ millert@

8 years agoMap kernel .text read-only.
kettenis [Fri, 19 Aug 2016 15:31:10 +0000 (15:31 +0000)]
Map kernel .text read-only.

Spotted by deraadt@

8 years agoAdjust the definitions of L1_S_COHERENT_v7, L2_L_COHERENT_v7 and
kettenis [Fri, 19 Aug 2016 14:05:23 +0000 (14:05 +0000)]
Adjust the definitions of L1_S_COHERENT_v7, L2_L_COHERENT_v7 and
L2_S_COHERENT_v7 such that bus_dmamap_sync(9) avoids unnecessary cache
flushes again for DMA'able memory mapped with the BUS_DMA_COHERENT flag.
I broke this in pmap7.c rev 1.35.

ok tom@

8 years agoUse Access Flag to do page reference emulation.
kettenis [Fri, 19 Aug 2016 13:56:08 +0000 (13:56 +0000)]
Use Access Flag to do page reference emulation.

ok visa@

8 years agoupdate man pages now that login.conf uses auto rounds
danj [Fri, 19 Aug 2016 10:57:24 +0000 (10:57 +0000)]
update man pages now that login.conf uses auto rounds

better wording/ok sthen@ ok jmc@

8 years agoReorder entries to match current multipath ordering.
mpi [Fri, 19 Aug 2016 09:40:39 +0000 (09:40 +0000)]
Reorder entries to match current multipath ordering.

8 years agocorrect a rate test introduced in rev 1.326
jsg [Fri, 19 Aug 2016 09:06:24 +0000 (09:06 +0000)]
correct a rate test introduced in rev 1.326
ok stsp@

8 years agoshorten the ocsp text; ok beck
jmc [Fri, 19 Aug 2016 08:46:38 +0000 (08:46 +0000)]
shorten the ocsp text; ok beck

8 years agoStart with a default fragsize of 2048, double it for large disks and then cap
otto [Fri, 19 Aug 2016 08:06:25 +0000 (08:06 +0000)]
Start with a default fragsize of 2048, double it for large disks and then cap
based on sector size. This avoid too large fragments on 4k disks. Problem
noted by David Vasek; ok krw@

8 years agoDo not seroize a struct needed for RTM_RESOLVE in the hot path.
mpi [Fri, 19 Aug 2016 07:12:54 +0000 (07:12 +0000)]
Do not seroize a struct needed for RTM_RESOLVE in the hot path.

ok phessler@, bluhm@, tedu@, natano@

8 years agoadd tests for matching functions
djm [Fri, 19 Aug 2016 06:44:13 +0000 (06:44 +0000)]
add tests for matching functions

8 years agoavoid using an uninitialised variable with zero length iic_exec calls
jsg [Fri, 19 Aug 2016 05:25:08 +0000 (05:25 +0000)]
avoid using an uninitialised variable with zero length iic_exec calls

8 years agoremove UseLogin option and support for having /bin/login manage
djm [Fri, 19 Aug 2016 03:18:06 +0000 (03:18 +0000)]
remove UseLogin option and support for having /bin/login manage
login sessions; ok deraadt markus dtucker

8 years agostring.h not strings.h
deraadt [Fri, 19 Aug 2016 01:37:50 +0000 (01:37 +0000)]
string.h not strings.h

8 years agoAdd an EXAMPLES section that illustrates how to deal with connect(2)
millert [Thu, 18 Aug 2016 22:29:02 +0000 (22:29 +0000)]
Add an EXAMPLES section that illustrates how to deal with connect(2)
returning EINTR.  OK jung@ deraadt@

8 years agoReset the input state completely when wsmouse is (re-)opened.
bru [Thu, 18 Aug 2016 21:12:35 +0000 (21:12 +0000)]
Reset the input state completely when wsmouse is (re-)opened.

ok mpi@

8 years agouvm_wxcheck() should only abort the process if kern.wxabort is set.
deraadt [Thu, 18 Aug 2016 19:59:16 +0000 (19:59 +0000)]
uvm_wxcheck() should only abort the process if kern.wxabort is set.
The new semantics are W^X violations are reported to the application
via ENOTSUP.  Forgot to fix this during the last change.
Spotted by kettenis

8 years agoMove connect_sync() to util.c and use it when connecting via http
millert [Thu, 18 Aug 2016 16:23:06 +0000 (16:23 +0000)]
Move connect_sync() to util.c and use it when connecting via http
too.  OK sthen@ deraadt@

8 years agouse a more standard page layout; ok mlarkin
jmc [Thu, 18 Aug 2016 16:12:05 +0000 (16:12 +0000)]
use a more standard page layout; ok mlarkin

8 years agoUpdate NVS protocol structure definitions to the 2016 version
mikeb [Thu, 18 Aug 2016 15:56:54 +0000 (15:56 +0000)]
Update NVS protocol structure definitions to the 2016 version

Microsoft has considerably cleaned up the style and it makes sense
to keep in sync with the maintained upstream version in FreeBSD.

8 years agoSplit out the TLS server SSL_CTX allocation and configuration code, so
jsing [Thu, 18 Aug 2016 15:52:03 +0000 (15:52 +0000)]
Split out the TLS server SSL_CTX allocation and configuration code, so
that it can be reused to allocate the additional SSL_CTXs needed for SNI.

ok reyk@

8 years agoRework parts of the libtls man page for clarity. Split out the connection
jsing [Thu, 18 Aug 2016 15:43:12 +0000 (15:43 +0000)]
Rework parts of the libtls man page for clarity. Split out the connection
information related functions under their own heading and dedup the text
relating to when these functions can be called.

With input from and ok jmc@

8 years agoword fix, from remi locherer; ok reyk
jmc [Thu, 18 Aug 2016 14:12:51 +0000 (14:12 +0000)]
word fix, from remi locherer; ok reyk

8 years agodocument USE_WXNEEDED, feedback/ok jca jasper
sthen [Thu, 18 Aug 2016 12:29:53 +0000 (12:29 +0000)]
document USE_WXNEEDED, feedback/ok jca jasper

8 years agoshorten the nseq text;
jmc [Thu, 18 Aug 2016 12:07:21 +0000 (12:07 +0000)]
shorten the nseq text;

8 years agoadd a missing splx in an error path
jsg [Thu, 18 Aug 2016 11:59:58 +0000 (11:59 +0000)]
add a missing splx in an error path
ok millert@ stsp@

8 years agopunctuation fix;
jmc [Thu, 18 Aug 2016 11:45:18 +0000 (11:45 +0000)]
punctuation fix;

8 years agosync
sthen [Thu, 18 Aug 2016 11:36:14 +0000 (11:36 +0000)]
sync

8 years agovarious fixes for previous;
jmc [Thu, 18 Aug 2016 11:33:48 +0000 (11:33 +0000)]
various fixes for previous;

8 years agoSeparate out the Access Flag bit from the Access Permission bits in the
kettenis [Thu, 18 Aug 2016 09:28:22 +0000 (09:28 +0000)]
Separate out the Access Flag bit from the Access Permission bits in the
armv7 pmap.

ok tom@

8 years agoClean up style and replace a magic value with a magic define
mikeb [Thu, 18 Aug 2016 09:20:01 +0000 (09:20 +0000)]
Clean up style and replace a magic value with a magic define

8 years agoinit a variable to address https://kb.isc.org/article/AA-01272
jsg [Thu, 18 Aug 2016 06:36:02 +0000 (06:36 +0000)]
init a variable to address https://kb.isc.org/article/AA-01272

Most of bind got removed and this function is not called
by any of the remaining parts.

ok deraadt@ a long time ago.

8 years agofix panics caused by replacing m_copym2 with m_dup_pkt.
dlg [Thu, 18 Aug 2016 06:01:10 +0000 (06:01 +0000)]
fix panics caused by replacing m_copym2 with m_dup_pkt.

m_copym2 is fine duplicating an arbitrary chain of mbufs, while
m_dup_pkt wants to dup a packet with proper headers in the first
mbuf. ipsec copied the tail of an mbuf if any of the clusters are
shared or readonly, and swapped that tail with the result of m_copym2.

m_dup_pkt panics cos of that.

this makes ipsec duplicate the whole packet if any of the chain is
readonly.

found by naddy@ and mlarkin@
this fix is from visa@ who told me to commit it cos he's afk (sleeping)
tested by naddy@