summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | Fixed #7634 Remove rrddata from usb backup config during PFI.Stephen Jones2018-11-121-0/+2
| | | | | | | | | | | | config with rrddata takes up a lot of space and does not work when backed up from a USB. This data will now be removed when restoring a config from usb during install.
* | Look for config.xml on / of recovery media as wellRenato Botelho2018-11-121-3/+10
| |
* | Fix syntaxRenato Botelho2018-11-121-1/+1
| |
* | Add a 3rd optional parameter to make-memstick.sh to add a FAT32 partition to ↵Renato Botelho2018-11-091-2/+8
| | | | | | | | memstick image
* | Revert "Add a FAT32 partition to installer memstick. It'll be used by ↵Renato Botelho2018-11-091-7/+0
| | | | | | | | | | | | installer in the future" This reverts commit bf7098bbfdbcb7d495276054f9afa50ed61b8e25.
* | Add a FAT32 partition to installer memstick. It'll be used by installer in ↵Renato Botelho2018-11-091-0/+7
| | | | | | | | the future
* | MFC: 339585whu2018-11-061-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | r339585: Do not drop UDP traffic when TXCSUM_IPV6 flag is on PR: 231797 Submitted by: whu Reviewed by: dexuan Obtained from: Kevin Morse Sponsored by: Microsoft Differential Revision: https://bugs.freebsd.org/bugzilla/attachment.cgi?id=198333&action=diff (cherry picked from commit a3c2e0b86eeebc0b685c74ba2318413d71b526a6)
* | Revert "hyperv/hn: Enable transparent VF by default."Renato Botelho2018-11-011-1/+1
| | | | | | | | | | | | Fix broken ALTQ support on hn0 This reverts commit 74acc5b16c2f2a31aef02e84914301a738a54a92.
* | Increase the MFS root size for the factory netboot images.Luiz Souza2018-10-221-1/+1
| | | | | | | | (cherry picked from commit b9a4da2d9f212606e04cf8a7a1f74fc9a65f8c3a)
* | Increase the MD root size for the SG-3100.Luiz Souza2018-10-221-1/+1
| |
* | Fix a typo, add a missing bracket.Luiz Souza2018-09-291-1/+1
| | | | | | | | (cherry picked from commit 2d47c84a295e615ff5006eb4558480f6f1d907af)
* | Fix a warning in growfs. gpart commit is supposed to be called on disk device.Luiz Souza2018-09-291-1/+20
| | | | | | | | (cherry picked from commit 33976174adbd3f9d8ba61b2dbe904adb4a16f4ae)
* | Merge remote-tracking branch 'origin/releng/11.2' into RELENG_2_4_4Renato Botelho2018-09-278-13/+84
|\ \ | |/
| * Fix small kernel memory disclosures. [EN-18:12.mem]gordon2018-09-271-0/+2
| | | | | | | | | | | | | | Reported by: Thomas Barabosch, Fraunhofer FKIE Approved by: so Security: FreeBSD-EN-18:12.mem Security: CVE-2018-17155
| * Fix DoS in listen syscall over IPv6 socket. [EN-18:11.listen]gordon2018-09-273-11/+63
| | | | | | | | | | | | | | Reported by: Jakub Jirasek, Secunia Research at Flexera Approved by: so Security: FreeBSD-EN-18:11.listen Security: CVE-2018-6925
| * Fix NULL pointer dereference in freebsd4_getfsstat. [EN-18:10.syscall]gordon2018-09-271-0/+2
| | | | | | | | | | | | | | Reported by: Thomas Barabosch, Fraunhofer FKIE Approved by: so Security: FreeBSD-EN-18:10.syscall Security: CVE-2018-17154
| * Fix regression in IPv6 fragment reassembly. [EN-18:09.ip]gordon2018-09-273-2/+17
| | | | | | | | | | Approved by: so Security: FreeBSD-EN-18:09.ip
* | Detect MBT-* and populate loader.conf.local for HDMI HotpluggingRenato Botelho2018-09-131-0/+10
| |
* | Merge remote-tracking branch 'origin/releng/11.2' into RELENG_2_4_4Renato Botelho2018-09-124-2/+17
|\ \ | |/
| * Fix regression in Lazy FPU remediation. [EN-18:08.lazyfpu]gordon2018-09-124-35/+43
| | | | | | | | | | Approved by: so Security: FreeBSD-EN-18:08.lazyfpu
| * Fix improper elf header parsing. [SA-18:12.elf]gordon2018-09-124-2/+17
| | | | | | | | | | | | Approved by: so Security: FreeBSD-SA-18:12.elf Security: CVE-2018-6924
* | Add GSSAPI to installer build.Luiz Souza2018-08-271-1/+0
| | | | | | | | (cherry picked from commit 3c4cc37c1aece09f8bb98e14ea935e267180cced)
* | Add kerberos back to installer image, it is used by curl.Luiz Souza2018-08-271-1/+0
| | | | | | | | (cherry picked from commit b10063a67560e2ed80f0847b06e88d76bc3f8660)
* | Add inetd and KVM support to installer images.Luiz Souza2018-08-251-2/+0
| | | | | | | | | | | | They will be used by the x86 Thoth provisioning VM image. (cherry picked from commit 014c937442a9c374488c4616ab6984f4d7a6f1bf)
* | Enable the pkg bootstrap on net installer images.Luiz Souza2018-08-231-1/+0
| | | | | | | | (cherry picked from commit 97bfd2e8785a1f315fa820c6726e4c20fdfcd3c6)
* | Add a ioctl to set the VLAN Priority on packets sent by bpf.Luiz Souza2018-08-218-0/+63
| | | | | | | | | | | | | | | | This allows the use of VLAN PCP in dhclient. Ticket #7425 (cherry picked from commit f22c29d90e15667cd92c3a0b7b99fdb7c482014a)
* | MFC r336683:kib2018-08-214-35/+43
| | | | | | | | | | | | | | Extend ranges of the critical sections to ensure that context switch code never sees FPU pcb flags not consistent with the hardware state. (cherry picked from commit e0245aeafd4d0ab7073f8d616840077f69e15a2a)
* | pf: Limit the maximum number of fragments per packetkp2018-08-201-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Similar to the network stack issue fixed in r337782 pf did not limit the number of fragments per packet, which could be exploited to generate high CPU loads with a crafted series of packets. Limit each packet to no more than 64 fragments. This should be sufficient on typical networks to allow maximum-sized IP frames. This addresses the issue for both IPv4 and IPv6. MFC after: 3 days Security: CVE-2018-5391 Sponsored by: Klara Systems (cherry picked from commit 282d17bf4b021cbee621d435f9b0f2722208585c)
* | Cherry-pick the upstrem OpenSSH-portable commit: ↵Luiz Souza2018-08-203-14/+24
| | | | | | | | | | | | | | | | | | | | | | 74287f5df9966a0648b4a68417451dd18f079ab8 delay bailout for invalid authenticating user until after the packet containing the request has been fully parsed. Reported by Dariusz Tytko and Michał Sajdak; ok deraadt (cherry picked from commit 1a0a92b8e0a7b260e4efe28cb3a417a3188194b4) (cherry picked from commit 541de26ca237556b457420f18724599e3f791c52)
* | Accordinlgy with the AM335x TRM, the 10Mbit operation over RGMII requires ↵Luiz Souza2018-08-182-0/+7
| | | | | | | | | | | | | | | | | | in-band signaling for correct operation. Submitted by: Dmitry Ticket: #7532 (cherry picked from commit 35353c79953ab3dd45435737adeff4396e8121e9)
* | Set the interface pointer in all v6 fragments.Luiz Otavio O Souza2018-08-171-0/+1
| | | | | | | | | | | | | | | | Fix a crash in ip6_forward() caused by a NULL m->m_pkthdr.rcvif. Issue: #5428 (cherry picked from commit 4204c9f01d2ab439f6e0b9454ab22d4ffcca8cc4) (cherry picked from commit 6fecd5e077c8d9964b59cd632e3028e398e80900)
* | The interface name must be sanitized before the search to match the existingloos2018-08-171-2/+2
| | | | | | | | | | | | | | | | | | | | | | netgraph node. Fixes the search (and use) of VLANs with dot notation. Obtained from: pfSense Sponsored by: Rubicon Communications, LLC (Netgate) (cherry picked from commit 81979a6755f342a76754a21e9530630abfdb11b1)
* | Merge remote-tracking branch 'origin/releng/11.2' into RELENG_2_4_4Renato Botelho2018-08-1516-165/+575
|\ \ | |/
| * Revis manual pages. [SA-18:08.tcp]delphij2018-08-1516-165/+575
| | | | | | | | | | | | | | | | | | | | | | | | Fix L1 Terminal Fault (L1TF) kernel information disclosure. [SA-18:09.l1tf] Fix resource exhaustion in IP fragment reassembly. [SA-18:10.ip] Fix unauthenticated EAPOL-Key decryption vulnerability. [SA-18:11.hostapd] Approved by: so
* | Automatically chose vt100 on SG-5100Renato Botelho2018-08-081-0/+2
| |
* | Merge remote-tracking branch 'origin/releng/11.2' into RELENG_2_4_4Renato Botelho2018-08-074-2/+30
|\ \ | |/
| * Bump patch level and document them.delphij2018-08-062-1/+5
| | | | | | | | Approved by: so
| * Address concerns about CPU usage while doing TCP reassembly.jtl2018-08-062-1/+25
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, the per-queue limit is a function of the receive buffer size and the MSS. In certain cases (such as connections with large receive buffers), the per-queue segment limit can be quite large. Because we process segments as a linked list, large queues may not perform acceptably. The better long-term solution is to make the queue more efficient. But, in the short-term, we can provide a way for a system administrator to set the maximum queue size. We set the default queue limit to 100. This is an effort to balance performance with a sane resource limit. Depending on their environment, goals, etc., an administrator may choose to modify this limit in either direction. Approved by: so Security: FreeBSD-SA-18:08.tcp Security: CVE-2018-6922
* | Revert "Revert "Use MBR by default on BIOS systems. An increasing number of ↵Renato Botelho2018-07-191-1/+4
| | | | | | | | | | | | motherboards"" This reverts commit 19b31289ee2c5a37cf6545693734a4f7dc792e9a.
* | Do not build radeon kms modulesRenato Botelho2018-07-121-0/+4
| |
* | Add the MBT PCI ID to the modules ID table.Luiz Souza2018-07-121-0/+1
| | | | | | | | | | | | | | Fixes the loading as module. (cherry picked from commit 1256b30394ef9765ec4345c9155b76bed155b37a) (cherry picked from commit 5c20c6c7afd7572658311bc1173def97c49349b2)
* | Load the OpenSSL configuration at startup, if any.Luiz Souza2018-06-281-0/+1
| | | | | | | | (cherry picked from commit 57393411cdc509145e77aaefa57b642252125a49)
* | Merge remote-tracking branch 'origin/releng/11.2' into RELENG_2_4_4Renato Botelho2018-06-257-12/+33
|\ \ | |/
| * - Switch releng/11.2 to -RELEASE.gjb2018-06-213-2/+5
| | | | | | | | | | | | | | | | - Add the anticipated 11.2-RELEASE date to UPDATING. - Set a static __FreeBSD_version. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
| * Final touches to 11.2-RELEASE release notes:gjb2018-06-214-10/+28
| | | | | | | | | | | | | | | | | | | | | | | | - Remove an empty section that was left over from a previous commit to prune empty sections. - Add a note about a late discovered issue with zfsd(8) (Bugzilla 228750). Fix a sentence stop while here. - Document SA-18:07, which had been included in RC3. - Fix FreeBSD versions in the installation.html page. Approved by: re (implicit, relnotes) Sponsored by: The FreeBSD Foundation
* | Merge remote-tracking branch 'origin/releng/11.2' into RELENG_2_4_4Renato Botelho2018-06-219-97/+168
|\ \ | |/
| * Update releng/11.2 to RC3 as part of the 11.2-RELEASE cycle.gjb2018-06-151-1/+1
| | | | | | | | | | Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
| * MFC rr335072, r335089:kib2018-06-154-90/+156
| | | | | | | | | | | | | | | | | | | | | | | | | | Enable eager FPU context switch on i386 and amd64. CVE: CVE-2018-3665 MFC r335131 Remove printf() in #NM handler. MFC r335132: Reorganize code flow in fpudna()/npxdna(). Approved by: re (gjb)
| * MFS11 r335088 (dim):gjb2018-06-142-3/+8
| | | | | | | | | | | | | | | | | | | | | | MFC rr334886: Add missed libc++ entries to (Optional)ObsoleteFiles.inc Some of these were removed during the libc++ 5.0.0 import, others were added in the libc++ 6.0.0 import. Approved by: re (marius) Sponsored by: The FreeBSD Foundation
| * MFS11 r334872 (ram):gjb2018-06-141-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | MFC r334657: Issue: Utility hangs when OCS_IOCTL_CMD_MGMT_GET_ALL called in parallel on port 0 and port 1. Fix: Using static structure for results is corrupting the second ioctl request. Removed static for results structure. Approved by: re (marius) Sponsored by: The FreeBSD Foundation
OpenPOWER on IntegriCloud