Move allocation of "mmap descriptors" (UVM vnode) into uvn_attach().
Reduce waste of memory by limiting the association of such descriptors to
vnodes that are effectively mmap(2)'d.
Tested by sthen@, ok kettenis@
Use 64 bit BN_ULONG on 64 bit Windows platforms.
64 bit Windows is a special LLP snowflake and it is currently incorrectly
using 32 bit BN_ULONG, since _LP64 is not defined. Enable 64 bit BN_ULONG
if _LP64 or _WIN64 is defined.
ok tb@
it makes more sense to count ether_offload_ifcap failures as output errors
not input errors.
bluhm@ asked if i made a copy/paste mistake, and i think i did.
remove the ipsec interception code.
i wrote it cos bridge(4) allowed ipsec to apply policy to ip packets
as they traversed the bridge, but the locking and packet gymnastics
meant it was never enabled. i'm no longer interested in making veb
feature compatible with bridge(4), so this code can go. it's in the
attic if it's needed in the future though.
no functional change.
Escape SSH_AUTH_SOCK paths that are sent to the shell as setenv
commands.
Unbreaks ssh-agent for home directory paths that contain whitespace.
Based on fix from Beat Bolli via bz3884; feedback/ok dtucker@
Remove some unnecessary checks in sshkey_ec_validate_public()
Checking nQ == infinity is not needed for cofactor 1 curves.
Checking x and y coordinates against order is not needed either.
patch from Szilárd Pfeiffer, with further refinement by tb@
ok tb@
For RTL8125, there's no need to check whether RGE_CMD_STOPREQ has been
completed. As with other chip variants, RGE_CMD_STOPREQ never acknowledges
completion.
Reported by Geoff Steckel
In mrt_dump_entry() treat peers with remote_addr.aid == AID_UNSPEC the
same way as peers where the remote_addr.aid is the same as of the prefix.
This fixes dumping in the old table format from self-originated prefixes
since peerself has a AID_UNSPEC remote_addr of all 0.
Fix for mrt regress test.
Reported by anton@
OK tb@ (who had the same diff)
Use BN_ULONG in probable_prime_dh()
This was the last user of BN_LONG in code. It had no reason to do so.
BN_mod_word() returns a BN_ULONG and since the largest prime in the
small primes table primes[] is well below 20000, the only return value
that could cause 'mod' to be negative was the error sentinel (BN_ULONG)-1.
ok jsing kenjiro
replace the cas spinlock in kernel mutexes with a "parking" lock.
this is motivated because cas based locks are unfair, meaning that
no effort is made by the algorithm to try and give CPUs access to
the critical section in the order that they tried to acquire them.
cas based locks can also generate a lot of work for the cache
subsystem on a computer because every cpu ends up hammering the
same cacheline.
the combination of these effects for heavily contended mutexes can
get some systems into a situation where they don't make progress,
and are effectively livelocked.
this parking mutex mitigates against these problems.
it's called parking because it was very heavily influnced by what's
described in https://webkit.org/blog/6161/locking-in-webkit/. the
big influence is that the lock itself only has to record it's state,
but the machinery for waiting for the lock is external to the lock.
[64 lines not shown]
