| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
sysctl after unloading pf.
Submitted by: Earl Lapus
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
semantics.
- Stop testing bpf pointers for NULL. In some cases use
bpf_peers_present() and then call the function directly inside the
conditional block instead of the macro.
- For places where the entire conditional block is the macro, remove the
test and make the macro unconditional.
- Use BPF_MTAP() in if_pfsync on FreeBSD instead of an expanded version of
the old semantics.
Reviewed by: csjp (older version)
|
| |
|
|
|
|
|
|
|
|
| |
lookup early. This has some performance implications and should not be
enabled by default, but might help greatly in certain setups. After some
more testing this could be turned into a sysctl.
Tested by: avatar
LOR ids: 17, 24, 32, 46, 191 (conceptual)
MFC after: 6 weeks
|
| |
|
|
|
|
| |
clobbered and thus effectively disabled.
MFC after: 7 days
|
| |\
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
o remove os-specific glue code; it's now the responsibility of
the driver
o add wackelf utility for patching the ELF magic number on arm
builds since noone can agree on how to mark a .o file as not
having any floating point instructions
o remove radar/dfs-related entry points; folks have finally
decided how to support dfs w/o polluting the hal
o properly recognize AR2424 chips (they were being rejected on
attach despite being fully supported)
o add HAL_CAP_RXORN_FATAL capability to control how RXORN errors
are handled; previously RXORN was always treated as fatal because
older chips required a reset; now we do not treat it as fatal
for "newer chips" (noone seems to know what the cutoff is so
this capability can be used to override the current guestimate)
o HAL_CAP_RXTSTAMP_PREC capability to export the number of bits
of precision for timestamp data returned in the rx descriptor
o remove public exposure of the compression buffer; it is chip
specific and never belonged in the public view
o change definition of HAL_INT_GLOBAL from an enum member to a
#define to workaround compilers that bitch about enum values
that appear overflow 31 bits
o add support for newer chips that can store the tkip mic key
together with the cipher key in a single key cache entry
o split tx/rx descriptor into a h/w section and a s/w portion;
this permits storing the s/w area in cached memory when the
h/w area is stored in uncached memory; this also shrinks
memory use since only one status block is needed while multiple
tx/rx descriptors may be required per frame
o add final transmit series index to the transmit descriptor status
so rate control algorithms don't need to grovel through h/w state
to find it
o remove ds_vdata field from the descriptor state as part of the
radar changes
o fix excessive stack usage for some 5212 rf backends
o correct rfkill handling when the pin polarity is 0 true
o correct handling of tsf wrap when reading 64-bit values
MFC after: 1 month
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
part of the hal distribution early on when the hal was built for
each os but it's been portable for a long time so move the os-specific
code out (and off the vendor branch)
o correct the copyright on ah_osdep.?; it was mistakenly given a
restricted license and not a dual-bsd/gpl license
o remove the module api definition as it was never used
o fixup include paths for move of ah_osdep.h
MFC after: 2 weeks
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
specific privilege names to a broad range of privileges. These may
require some future tweaking.
Sponsored by: nCircle Network Security, Inc.
Obtained from: TrustedBSD Project
Discussed on: arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
Alex Lyashkov <umka at sevcity dot net>,
Skip Ford <skip dot ford at verizon dot net>,
Antoine Brodin <antoine dot brodin at laposte dot net>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now
contains the userspace and user<->kernel API and definitions, with all
in-kernel interfaces moved to mac_framework.h, which is now included
across most of the kernel instead.
This change is the first step in a larger cleanup and sweep of MAC
Framework interfaces in the kernel, and will not be MFC'd.
Obtained from: TrustedBSD Project
Sponsored by: SPARTA
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
do not try to lock/unlock destroyed/non-existsing mutex.
PR: kern/103569
Reviewed by: guido
Approved by: glebius (mentor)
Silence from: darrenr
MFC: 2 week
|
| | | |
|
| | |
| |
| |
| | |
which included commits to RCS files with non-trunk default branches.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
exists to allow the mandatory access control policy to properly initialize
mbufs generated by the firewall. An example where this might happen is keep
alive packets, or ICMP error packets in response to other packets.
This takes care of kernel panics associated with un-initialize mbuf labels
when the firewall generates packets.
[1] I modified this patch from it's original version, the initial patch
introduced a number of entry points which were programmatically
equivalent. So I introduced only one. Instead, we should leverage
mac_create_mbuf_netlayer() which is used for similar situations,
an example being icmp_error()
This will minimize the impact associated with the MFC
Submitted by: mlaier [1]
MFC after: 1 week
This is a RELENG_6 candidate
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
on lo0. While here fix a comment.
PR: kern/102647
Reported by: Frank Steinborn
Submitted by: suz (earlier version)
MFC after: 3 days
|
| | |
| |
| |
| | |
MFC after: 2 weeks
|
| |\ \
| | |
| | |
| | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
fix a bug in the input sanity check of DIOCCHANGERULE (not used by pfctl,
but third-party tools). a rule must have a non-empty replacement address
list when it's a translation rule but not an anchor call (i.e. "nat ...
->" needs a replacement address, but "nat-anchor ..." doesn't). the check
confused "rule is an anchor call" with "rule is defined within an anchor".
report from Michal Mertl, Max Laier.
Obtained from: OpenBSD
MFC after: 2 weeks
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
parameter that can specify configuration parameters:
o rev cloner api's to add optional parameter block
o add SIOCCREATE2 that accepts parameter data
o rev vlan support to use new api (maintain old code)
Reviewed by: arch@
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
dynamic resizing of multicast membership array.
Reported and testing by: Maxim Konovalov, Scott Ullrich
Reminded by: thompsa
MFC after: 2 weeks
|
| | | |
| | |
| | |
| | | |
usable in the FreeBSD kernel.
|
| | | |
| | |
| | |
| | | |
which included commits to RCS files with non-trunk default branches.
|
| |\ \ \
| | | |
| | | |
| | | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
any modifications to make it build as part of the FreeBSD kernel.
Now that the source appears to have stabilized, local changes will
happen on HEAD and will therefore cause affected files to be pulled
from the vendor branch.
|
| | | | |
| | | |
| | | |
| | | | |
Submitted by: yar
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Submitted by: glebius
MFC after: 1 week
|
| | | | |
| | | |
| | | |
| | | | |
is defined
|
| | | | |
| | | |
| | | |
| | | | |
MFC after: 1 month
|
| |\ \ \ \
| | |_|/
| |/| |
| | | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
o define HAL_SOFTC, HAL_BUS_TAG, and HAL_BUS_HANDLE to be machine
independent; this fixes portability issues with bsd systems
o add ah_disable api for turning off operation of both MAC and PHY
o add ah_getAntennaSwitch and ah_setAntennaSwitch api's for better control
of antenna usage and diversity
o add ah_setAckCTSRate and ah_setAckCTSRate for controlling tx rate of
h/w generated frames
o add ah_setBeaconTimers api for simpler setting of the beacon timer registers
o remove ah_waitForBeaconDone api
o add HAL_TXDESC_DURENA flag to enable h/w duration setting in tx descriptor
o correct documentation of min/max tx power units (.5 dBm)
o switch arm, mips, and powerpc builds to use functions for register
read/write operations
o fix sparc builds to not reference %g2 and %g3 registers
o add public builds for SoC's
MFC after: 1 month
|
| | | | |
| | | |
| | | |
| | | | |
unnecessary.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
wrap it __FreeBSD__ specific as I couldn't figure out which version of
OpenBSD I got it from.
Reported by: Scott Ullrich
|
| | | | |
| | | |
| | | |
| | | | |
MFC after: 4 days
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
fixup IP checksum when modifying IP header fields
PR: kern/93849
Obtained from: OpenBSD
MFC after: 3 days
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
the structs pflog_packet() takes pointers to.
Approved by: mlaier
MFC after: 3 days
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
speeds to perform below the desired bitrate and throughput will be erratic.
This makes queueing work on the Geode SC1100, K5 model 0 and IDT WinChip C6
processors.
MFC after: 3 days
|
| | | | |
| | | |
| | | |
| | | | |
MFC after: 2 weeks
|
| |\ \ \ \
| |/ / /
| | | |
| | | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
o new chip support
o new platforms: powerpc-be-elf, sparc64-be-elf, and alpha-elf
(alpha is untested, others are known to work)
o many fixes and improvements
MFC after: 2 weeks
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
pointer that is declared in pf_ioctl.c
Requested by: yar (as part of the module build reorg)
MFC after: 1 week
X-MFC with: yar's module reorg
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
but not 'fragment reassemble'), which can cause some fragments to get
inserted into the cache twice, thereby violating an invariant, and panic-
ing the system subsequently.
Reviewed by: mlaier
MFC after: 1 day
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Found with: Coverity Prevent(tm)
MFC after: 3 days
|
| | | | |
| | | |
| | | |
| | | | |
Remove h323 proxy from ip_proxy (copyright issue)
|
| | | | | |
|
| |\ \ \ \
| | |_|/
| |/| |
| | | | |
which included commits to RCS files with non-trunk default branches.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
"established" state.
Similar to OpenBSD's rev. 1.499 by joel but not breaking ABI.
Obtained from: OpenBSD (with changes)
Reported by: Bruno Afonso
MFC after: 3 days
X-MFC: together with local_flags
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
special handling when zero. This caused no PFSYNC_ACT_DEL message and thus
disfunction of pfflowd and state synchronisation in general.
Discovered by: thompsa
Good catch by: thompsa
MFC after: 7 days
|
