committer filter by committer.
@path/to/ filter by path in repository.
committer@path/to/ filter by committer AND path in repository.
abdef0123 filter by commit's SHA hash.
rNNN filter by SVN revision.
rNNN-rMMM filter by SVN revisions range (inclusive).
Multiple filters can be specified separated by spaces or comas in which case they'll be combined using OR operator.
|15dc713c||vmaffione||April 7, 2021, 9:32 p.m.||netmap: vtnet: add support for netmap offsets
Follow-up change to a6d768d845c173823785c71bb18b40074e7a8998. This change adds support for netmap offsets.cgit
|f689cb23||vangyzen||April 7, 2021, 8:05 p.m.||ipmi,smbios: move smbios_walk_table to smbios.h|
|a29bff7a||vangyzen||April 7, 2021, 7:46 p.m.||smbios: support getting address from EFI
On some systems (e.g. Lenovo ThinkPad X240, Apple MacBookPro12,1) the SMBIOS entry point is not found in the <0xFFFFF space. Follow the SMBIOS spec and use the EFI Configuration Table for locating the entry point on EFI systems. Reviewed by: rpokala, dab MFC after: 1 week Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D29276cgit
|13d4f961||rlibby||April 7, 2021, 7:39 p.m.||shared shadow vm object invalidation regression test
Add a regression test for a scenario where a shadow vm object is shared by multiple mappings. If a page COW occurs through one of the mappings, then the virtual-to-physical mapping may become invalidated. This tests the scenario from CVE-2021-29626 which was fixed by 982693bb729badac4e65ecd59772979f2849a2b2. Reviewed by: markj Sponsored by: Dell EMC Isiloncgit
|2b1d0c00||oshogbo||April 7, 2021, 7:16 p.m.||fileargs: fix double caching of the same file
In situations when the current file name wasn't the first element on the list we were cleaning the current name too early. This might cause us to pre-cache the same file twice.cgit
|5a8d32b5||mav||April 7, 2021, 7:09 p.m.||Add IDs for ASMedia ASM116x PCIe 3.0 AHCI controllers.
MFC after: 1 weekcgit
|5984246f||vangyzen||April 7, 2021, 6:40 p.m.||Loader: support booting OS from memory disk (MD)
Until now, the boot image can be embedded into the loader with /sys/tools/embed_mfs.sh, and memory disk (MD) is already supported in loader source. But due to memory disk (MD) driver isn't registered to the loader yet, the boot image can't be boot from embedded memory disk. Reviewed by: dab, tsoome MFC after: 1 week Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D29512cgit
|0f07c234||markj||April 7, 2021, 6:33 p.m.||Remove more remnants of sio(4)|
|27457983||markj||April 7, 2021, 6:32 p.m.||capsicum: Limit socket operations in capability mode
Capsicum did not prevent certain privileged networking operations, specifically creation of raw sockets and network configuration ioctls. However, these facilities can be used to circumvent some of the restrictions that capability mode is supposed to enforce. Add capability mode checks to disallow network configuration ioctls and creation of sockets other than PF_LOCAL and SOCK_DGRAM/STREAM/SEQPACKET internet sockets. Reviewed by: oshogbo Discussed with: emaste Reported by: manu Sponsored by: The FreeBSD Foundation MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D29423cgit
|12db51d2||vangyzen||April 7, 2021, 4:23 p.m.||uefisign: handle empty sections
loader.efi has an empty set_Xfic section. Handle it correctly. ``` Sections: Idx Name Size VMA LMA File off Algn [...] 3 set_Xcom 00000168 00000000000d4000 00000000000d4000 000d0e00 2**2 CONTENTS, ALLOC, LOAD, DATA 4 set_Xfic 00000000 00000000000d4168 00000000000d4168 00000000 2**2 ALLOC, LOAD, DATA 5 .sdata 00000448 00000000000d5000 00000000000d5000 000d1000 2**2 CONTENTS, ALLOC, LOAD, DATA [...] ``` Reviewed by: trasz, dab Reported by: firstname.lastname@example.org Tested by: email@example.com MFC after: 1 week Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D29606cgit
|066a576c||allanjude||April 7, 2021, 3:37 p.m.||ipfw: update man page example for nat show log
In d6164b77f8b779cd7357387dcfcd3407f1457579 the ability to show ranges of nat log entries was removed. PR: 254192 Reviewed by: allanjudecgit
|f37667e2||kp||April 7, 2021, 3:03 p.m.||pf tests: Test multi-wan rdr
This replicates an issue observed on pfSense: https://redmine.pfsense.org/issues/11436 In essence, reply-to is needed to ensure that connections always leave the WAN interface they came in on, but this confused the state tracking. MFC after: 2 week Sponsored by: Rubicon Communications, LLC ("Netgate")cgit
|6d786845||kp||April 7, 2021, 3:03 p.m.||pf: Do not short-circuit processing for REPLY_TO
When we find a state for packets that was created by a reply-to rule we still need to process the packet. The state may require us to modify the packet (e.g. in rdr or nat cases), which we won't do with the shortcut. MFC after: 2 week Sponsored by: Rubicon Communications, LLC ("Netgate")cgit
|ab8d2588||kp||April 7, 2021, 1:54 p.m.||libnv: Allow use in non-sleepable contexts
44c125c4cebc2fd87c6260b90eddae11201f5232 switched the nvlist allocations to be M_WAITOK, but this precludes the use in non-sleepable contexts. (E.g. with a nonsleepable lock held). All callers for these allocation functions already cope with memory alloation failures, so there's no reason to allow sleeping during allocations. Reviewed by: melifaro, oshogbo MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D29556cgit
|5a562339||kp||April 7, 2021, 11:05 a.m.||pf tests: make synproxy and nat work correctly even if inetd is running
tests/sys/netfil/pf/synproxy fails if inetd has been running outside of the jail because pidfile_open() fails with EEXIST. tests/sys/netfil/pf/nat has the same problem but the test succeeds because whether inetd is running is not so important. Fix the problem by changing the pidfile path from the default location. Reviewed by: kp MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D29622cgit