committer filter by committer.
@path/to/ filter by path in repository.
committer@path/to/ filter by committer AND path in repository.
NNN or rNNN filter by revision.
NNN-MMM or rNNN-rMMM filter by revisions range (inclusive).
Multiple filters can be specified separated by spaces or comas in which case they'll be combined using OR operator.
|r346401||tuexen||April 19, 2019, 5:21 p.m.||Avoid a buffer overwrite in rip6_output() when computing the checksum
as requested by the user via the IPPROTO_IPV6 level socket option IPV6_CHECKSUM. The check if there are enough bytes in the packet to store the checksum at the requested offset was wrong by 1. Reviewed by: bz@ MFC after: 1 week Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D19967ViewVC
|r346400||tuexen||April 19, 2019, 5:17 p.m.||Improve input validation for the socket option IPV6_CHECKSUM.|
|r346399||cem||April 19, 2019, 5:15 p.m.||random.4: Include description of knobs added in r346358
Reported by: ngie Sponsored by: Dell EMC IsilonViewVC
|r346398||thj||April 19, 2019, 5:06 p.m.||Add stat counter for ipv6 atomic fragments
Add a stat counter to track ipv6 atomic fragments. Atomic fragments can be generated in response to invalid path MTU values, but are also a potential attack vector and considered harmful (see RFC6946 and RFC8021). While here add tracking of the atomic fragment counter to netstat and systat. Reviewed by: tuexen, jtl, bz Approved by: jtl (mentor), bz (mentor) Event: Aberdeen hackathon 2019 Differential Revision: https://reviews.freebsd.org/D17511ViewVC
|r346390||mav||April 19, 2019, 3:44 p.m.||Change the way FreeBSD GID inheritance is hacked.
I believe previous ifdef caused NULL dereference in later zfs_log_create() on attempt to create file inside directory belonging to ephemeral group created on illumos, trying to write to log information about GID domain of the newly created file, inheriting the ephemeral GID. This patch reuses original illumos SGID code with exception that due to lack of ID mapping code on FreeBSD ephemeral GID will turn into GID_NOBODY by another ifdef inside zfs_fuid_map_id(). MFC after: 1 month Sponsored by: iXsystems, Inc.ViewVC
|r346386||tychon||April 19, 2019, 1:43 p.m.||remove the 4GB boundary requirement on PCI DMA segments|
|r346370||kp||April 19, 2019, 10:52 a.m.||pfctl: Fix ifgroup check
We cannot just assume that any name which ends with a letter is a group That's not been true since we allowed renaming of network interfaces. It's also not true for things like epair0a. Try to retrieve the group members for the name to check, since we'll get ENOENT if the group doesn't exist. MFC after: 1 week Event: Aberdeen hackathon 2019ViewVC
|r346369||phk||April 19, 2019, 6:49 a.m.||Close filedescriptors when done with them.|
|r346365||rmacklem||April 19, 2019, 3:36 a.m.||Fix the NFSv4.0 server so that it does not support NFSv4.1 attributes.
During inspection of a packet trace, I noticed that an NFSv4.0 mount reported that it supported attributes that are only defined for NFSv4.1. In practice, this bug appears to be benign, since NFSv4.0 clients will not use attributes that were added for NFSv4.1. However, this was not correct and this patch fixes the NFSv4.0 server so that it only supports attributes defined for NFSv4.0. It also adds a definition for NFSv4.1 attributes that can only be set, although it is only defined as 0 for now. This is anticipation of the addition of support for the NFSv4.1 mode+mask attribute soon. MFC after: 2 weeksViewVC
|r346364||cem||April 19, 2019, 2:54 a.m.||Update to Zstandard 1.4.0
The full release notes can be found on Github: https://github.com/facebook/zstd/releases/tag/v1.4.0 Relnotes: yesViewVC
|r346363||jhibbits||April 19, 2019, 2:28 a.m.||powerpc/powernv: Make erasing before writes optional
If the OPAL flash driver supports writing without erase, it adds a 'no-erase' property to the flash device node. Honor that property and don't bother erasing if it exists.ViewVC
|r346360||jhb||April 18, 2019, 11:21 p.m.||Push down INP_WLOCK slightly in tcp_ctloutput.
The inp lock is not needed for testing the V6 flag as that flag is set once when the inp is created and never changes. For non-TCP socket options the lock is immediately dropped after checking that flag. This just pushes the lock down to only be acquired for TCP socket options. This isn't a hot-path, more a cosmetic cleanup I noticed while reading the code. Reviewed by: bz MFC after: 1 month Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D19740ViewVC
|r346359||imp||April 18, 2019, 10:52 p.m.||When parsing command line stuff, treat tabs and spaces the same.
When creating complex config files, people like to use tabs to offset sections. Treat them the same as spaces for delimiters.ViewVC
|r346358||cem||April 18, 2019, 8:48 p.m.||random(4): Restore availability tradeoff prior to r346250
As discussed in that commit message, it is a dangerous default. But the safe default causes enough pain on a variety of platforms that for now, restore the prior default. Some of this is self-induced pain we should/could do better about; for example, programmatic CI systems and VM managers should introduce entropy from the host for individual VM instances. This is considered a future work item. On modern x86 and Power9 systems, this may be wholly unnecessary after D19928 lands (even in the non-ideal case where early /boot/entropy is unavailable), because they have fast hardware random sources available early in boot. But D19928 is not yet landed and we have a host of architectures which do not provide fast random sources. This change adds several tunables and diagnostic sysctls, documented thoroughly in UPDATING and sys/dev/random/random_infra.c. PR: 230875 (reopens) Reported by: adrian, jhb, imp, and probably others Reviewed by: delphij, imp (earlier version), markm (earlier version) Discussed with: adrian Approved by: secteam(delphij) Relnotes: yeah Security: related Differential Revision: https://reviews.freebsd.org/D19944ViewVC
|r346356||hselasky||April 18, 2019, 7:04 p.m.||Implement flag for telling cuse(3) clients if the peer is running in 32-bit
compat mode or not. This is useful when implementing compatibility ioctl(2) handlers in userspace. MFC after: 1 week Sponsored by: Mellanox TechnologiesViewVC