| created | 2019-05-08T04:38:18Z |
|---|---|
| begin | 2018-01-15T00:00:00Z |
| end | 2018-01-16T00:00:00Z |
| path | src/sys |
| commits | 7 |
| date | 2018-01-15T06:53:02Z | |||
|---|---|---|---|---|
| author | mlarkin | |||
| files | src/sys/arch/amd64/amd64/identcpu.c | log | diff | annotate |
| src/sys/arch/amd64/include/specialreg.h | log | diff | annotate | |
| message |
Add some AVX512 CPUID flags. discussed with sf and kettenis |
|||
| date | 2018-01-15T12:25:03Z | |||
|---|---|---|---|---|
| author | bluhm | |||
| files | src/sys/net/pf.c | log | diff | annotate |
| message |
When pf(4) forwards incoming packets with route-to or reply-to, decrement the time-to-live or hop-limit field to prevent routing loops. Sending an ICMP time exceeded error makes traceroute work. For outgoing packets ip_forward() has already done this. OK visa@ sashan@ |
|||
| date | 2018-01-15T13:48:31Z | |||
|---|---|---|---|---|
| author | bluhm | |||
| files | src/sys/netinet/if_ether.c | log | diff | annotate |
| src/sys/netinet6/nd6.c | log | diff | annotate | |
| message |
There was an issue that dynamic path MTU discovery together with ARP or ND timeout could delete local routes. Put an assert into arptfree() and nd6_free() so this cannot happen again. OK mpi@ |
|||
| date | 2018-01-15T14:11:16Z | |||
|---|---|---|---|---|
| author | kettenis | |||
| files | src/sys/arch/arm/arm/cpu.c | log | diff | annotate |
| src/sys/arch/arm/arm/cpufunc_asm_armv7.S | log | diff | annotate | |
| src/sys/arch/arm/arm/fault.c | log | diff | annotate | |
| src/sys/arch/arm/include/cpu.h | log | diff | annotate | |
| src/sys/arch/arm/include/cpufunc.h | log | diff | annotate | |
| message |
Improve defense against branch predictor target injection (Spectre "variant 2") attacks. OpenBSD/armv7 is already in pretty good shape as we have always been flushing the branch predictor cache on context switches. This diff adds additional flushes to page faults in kernel address space. The impact on performance should be minimal as these page faults should only happen when userland (deliberately or accidentally) tries to access kernel addres space which would lead to a fatal signal (SIGSEGV or SIGBUS). Loosely based on changes made by Marc Zyngier in Linux and based on information in Arm Trusted Firmware Security Advisory TFV 6. Note that for Cortex-A15 (and Cortex-A72) you will need firmware that sets the ACTRL[0] bit for this diff to be effective. Also note that with this diff Cortex-A57 is still vulnerable. ok jsg@ |
|||
| date | 2018-01-15T18:57:59Z | |||
|---|---|---|---|---|
| author | mlarkin | |||
| files | src/sys/arch/amd64/include/specialreg.h | log | diff | annotate |
| message | tabs vs spaces | |||
| date | 2018-01-15T21:30:49Z | |||
|---|---|---|---|---|
| author | deraadt | |||
| files | src/sys/uvm/uvm_mmap.c | log | diff | annotate |
| message |
mask out (ie. ignore) the bit which will be MAP_STACK in the future, so diffs in snapshots can exercise the change in a less disruptive way idea with sthen, ok kettenis tom others |
|||
| date | 2018-01-15T22:24:17Z | |||
|---|---|---|---|---|
| author | kettenis | |||
| files | src/sys/dev/pci/drm/drm_linux.c | log | diff | annotate |
| src/sys/dev/pci/drm/drm_linux.h | log | diff | annotate | |
| src/sys/dev/pci/drm/i915/i915_drv.h | log | diff | annotate | |
| src/sys/dev/pci/drm/i915/intel_i2c.c | log | diff | annotate | |
| message |
Switch the inteldrm(4) i2c code over to the Linux code base. This gives us several quirks that wre absent in the old OpenBSD-specific reimplementation. Fixes several issues with external connectors on several generations of hardware. ok deraadt@, benno@ |
|||