Annotate some more uvmexp.h field as [a]tomic and only manipulate them via
the atomic macros. In the near future we'll use these fields in the
pagedaemon to observe live system state and make better decisions.
discussed with beck and others, ok bluhm
rpki-client: display not PrintableString warning as part of -vv
Last time we checked end of November, it was only ~1000 ROAs below
AfriNIC that had this problem. Since knocking those out wasn't an option,
we couldn't turn this into an error, and in the last two months 15k other
products (below other TAs) joined the club. Make it easier to inspect
without recompiling. Gate it behind -vv because it's noisy.
ok job
vmd(8): reduce lowmem area in the memory map.
Some Linux guests have issues rebooting due to how vmd(8) lays out
low memory for SeaBIOS. Tweaking the boundaries of the low memory
area designating reserved vs. RAM helps some guests reboot properly.
As tested by bluhm@, it doesn't solve all Linux guest issues with
reboot.
mlarkin@ needs some headroom in the low memory area for ACPI tables,
so landing this change even though it doesn't perfectly fix the
reboot issue.
ok mlarkin@
vmd(8): don't add mmio regions in e820 map
The mmio regions shouldn't be explicitly in the e820 map. Instead
make holes for guests to identify.
Squelches some noise from Linux guests that look for 32-bit address
space for PCI mmio BARs and find none. While vmd(8) doesn't yet
emulate mmio on amd64/i386 systems, we'll want correct behavior
later.
Tested with help by bluhm@
ok mlarkin@, hshoexer@
Fix the major Rx packet-loss issue on iwx(4) MA devices and BZ devices.
Set the client.is_assoc flag in the new iwx(4) MAC context firmware command
when we are associating to the AP. Without this flag the firmware remains in
unassociated state which does not work very well for passing traffic.
Tested by kettenis@ on MA and myself on BZ
set the assoc ID field in iwx(4) firmware commands correctly
Newer firmware does not like seeing bits 0xc000 set in the assoc ID.
The AP sets these bits but they don't belong to the actual ID value.
Mask these bits out to prevent fatal firmware errors.
Thanks to Johannes Berg for deciphering firmware sysassert code 0x20103312.
I likely would have gotten stuck trying to find the solution by myself.
Create rde_filter_out() to optimise filter matching
rde_filter_match() now just uses struct filter_match data for matching
and the peer info from struct filter_peer is only used by rde_filter().
Outbound filters are per-peer and so the filter_peer check is done during
configuration of the peer. So rde_filter_out() just calls rde_filter_match().
OK tb@
Adjust the doorbell write functions to prepare for notification queues
used by newer hardware. No functional change for the already
supported generations.
also tested by stsp@ as part of a larger diff
ok dlg@
Do not write before buffer when parsing empty clipboard or palette
replies, or try to allocate zero bytes with an empty clipboard sequence.
Reported by DongHan Kim.
pfr_attach_table() needs wait flag.
Calling pool_get() without wait flag is not allowed. pf(4) ioctl
has to use PR_WAITOK in pf_sourcelim_add().
Reported-by: syzbot+45ec6dfe5d4c3a0dd374 at syzkaller.appspotmail.com
OK dlg@
Add missing algorithms to compatible list
Some of the more recent ESP algorithms are missing from the
supported list. This adds all missing algorithms that are
exposed via the pfkey API based on what iked currently
supports.
We define more code points for auth algorithms, but those are
only used internally. For AEADs (AES-GCM, CHACHA20) and GMAC
we only look at the sadb_sa_encrypt field of the SADB_SA message
and automatically assign a matching auth algorithm.
Reported by Andrew Cagney
ok hshoexer@
