vio: recover from missed RX interrupts
It seems at least on Oracle Cloud (arm64, KVM) and on vmd, sometimes rx
interrupts get lost. As a workaround, check the virtqueues in vio_rxtick(),
which allows to recover from this situation.
Diff from renaud@
tested by mbuhl@
ok stsp@
The struct kfino_vmentry copied to userland is 80, and (depending
on architecture?) has 7 bytes of padding at the end, which is
uninitialized. Use M_ZERO.
from tgs
don't lowercase K_AUTH lookups
this diff has circulated for a while, being written and re-written by
different people. In this case, I'm taking Pietro Cerutti's version.
Avoid undefined behaviour in the community code by checking nentries to
be not 0 before memcmp, bsearch or siphash calls.
Calling these functions with a NULL pointer is UB even with a zero len.
While I did fix some code already during a review of all such possible
NULL, 0 calls I missed the bsearch one and introduced the community_equal
memcmp after that.
Reported by Synmac Oliver
OK tb@ deraadt@
Prevent buffer overflow by checking the correct counter.
An attacker on the same layer 2 network can send rogue router
advertisements, potentially crashing slaacd.
From Maurice Hieronymus (mhi AT mailbox.org), thanks!
OK deraadt
Update ietf-cli 1.31pre0, ok job kn sthen (with a tweak)
This updates the tool to the latest commit which includes version 1.31,
but isn't tagged: https://github.com/paulehoffman/ietf-cli/issues/8
1.30 adds an index subcommand for bcp and std (just like for rfc)
1.31 prints the current document status on exit
sys/octeon: cleanup all interrupts
octciu_next_irq() operates on a uint64_t pending interrupt bitmap, and
irq spans the full 0..63 range. Using 1u << irq therefore builds a 32
bit mask for a 64 bit word; once irq >= 32, the selected pending bit is
no longer cleared correctly.
The immediate consequence is loss of forward progress in the dispatcher
loop: the same interrupt can remain logically pending in the local copy
of isr, the loop can revisit it indefinitely, and the CPU can remain
trapped in interrupt handling.
OK: kettenis@, jca@, deraadt@
Properly handle the FIN flag in tcp_flush_queue.
Once a FIN packet is received all following data should simply be
discarded. Normally this is done in tcp_input but once traffic
needs reassembly the FIN handling in the reassembly queue was not
quite correct. Data directly following the FIN packet was also
reassembled and the FIN was actually lost. The check if packets
should be dropped only checked for SS_CANTRCVMORE which is only
set after tcp_flush_queue returned TH_FIN.
Reported by Xint Code
OK sashan@ deraadt@
For sysctl({CTL_KERN, KERN_TTY, KERN_TTY_INFO), only export the
t_session kernel address pointer if the caller is root.
Reported by Bruce Dang of Calif.io
ok claudio
Make ffmpeg a RUN_DEPENDS so firefox-esr can play html5 audio and video
right after install.
Previously, users had to read the README and install ffmpeg themselves
or else wonder why firefox-esr wouldn't play video.
ok landry, tb, rsadowski, phessler
Make ffmpeg a RUN_DEPENDS so firefox can play html5 audio and video
right after install.
Previously, users had to read the README and install ffmpeg themselves
or else wonder why firefox wouldn't play video.
ok landry, tb, rsadowski, phessler
libtls: consistently handle allocation failures
Use tls_set_errorx() or tls_error_setx() rather than the versions without
x for TLS_ERROR_OUT_OF_MEMORY. ENOMEM adds no further info.
From Michael Forney
ok bcook
libtls: use TLS_ERROR_OUT_OF_MEMORY after malloc failure
tls_config_load_file() hat a spot that used TLS_ERROR_UNKNOWN, so switch
that to the usual error code. Use tls_error_setx() since strerror(ENOMEM)
adds nothing.
From Michael Forney
ok bcook
