ipsec_output.c - OpenGrok history log for /freebsd/sys/netipsec/ipsec

Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments
Revision tags: vendor/file/3.40, vendor/ipfilter/3.4.31, vendor/ipfilter-sys/3-4-31, vendor/sendmail/8.12.7-protofix, vendor/gcc/3.2.2-20030205, vendor/sendmail/8.12.7, vendor/NetBSD/lukemftpd/20030122, vendor/openssl/0.9.7-stable-1, vendor/openssl/0.9.7, vendor/bind/8.3.4, vendor/misc-GNU/cvs/1.11.5, vendor/heimdal/0.5.1-patch
# 44956c98	21-Jan-2003	Alfred Perlstein <alfred@FreeBSD.org>	Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
Revision tags: release/5.0.0_cvs, release/5.0.0, vendor/isc-dhcp/3.0.1rc11, vendor/isc-dhcp/3.0.1rc10, vendor/openpam/DAFFODIL, vendor/NetBSD/lukemftpd/20030105
# 9967cafc	30-Dec-2002	Sam Leffler <sam@FreeBSD.org>	Correct mbuf packet header propagation. Previously, packet headers were sometimes propagated using M_COPY_PKTHDR which actually did something between a "move" and a "copy" operation. This is repla Correct mbuf packet header propagation. Previously, packet headers were sometimes propagated using M_COPY_PKTHDR which actually did something between a "move" and a "copy" operation. This is replaced by M_MOVE_PKTHDR (which copies the pkthdr contents and "removes" it from the source mbuf) and m_dup_pkthdr which copies the packet header contents including any m_tag chain. This corrects numerous problems whereby mbuf tags could be lost during packet manipulations. These changes also introduce arguments to m_tag_copy and m_tag_copy_chain to specify if the tag copy work should potentially block. This introduces an incompatibility with openbsd which we may want to revisit. Note that move/dup of packet headers does not handle target mbufs that have a cluster bound to them. We may want to support this; for now we watch for it with an assert. Finally, M_COPYFLAGS was updated to include M_FIRSTFRAG\|M_LASTFRAG. Supported by: Vernier Networks Reviewed by: Robert Watson <rwatson@FreeBSD.org> show more ...
Revision tags: vendor/one-true-awk/20021213, vendor/openpam/CYCLAMEN, vendor/one-true-awk/20021129, vendor/gcc/3.2.1, vendor/binutils/2.13.2_20021127, vendor/misc-GNU/cvs/1.11.2.1-20021201, vendor/acpica/20021118, vendor/heimdal/0.5.1, vendor/bind/8.3.3.patched, vendor/NetBSD/lukemftpd/1.2-beta2, vendor/ntp/4.1.1b, vendor/ntp/4.1.1a, vendor/openssh/3.5p1
# 88768458	16-Oct-2002	Sam Leffler <sam@FreeBSD.org>	"Fast IPsec": this is an experimental IPsec implementation that is derived from the KAME IPsec implementation, but with heavy borrowing and influence of openbsd. A key feature of this implementation "Fast IPsec": this is an experimental IPsec implementation that is derived from the KAME IPsec implementation, but with heavy borrowing and influence of openbsd. A key feature of this implementation is that it uses the kernel crypto framework to do all crypto work so when h/w crypto support is present IPsec operation is automatically accelerated. Otherwise the protocol implementations are rather differet while the SADB and policy management code is very similar to KAME (for the moment). Note that this implementation is enabled with a FAST_IPSEC option. With this you get all protocols; i.e. there is no FAST_IPSEC_ESP option. FAST_IPSEC and IPSEC are mutually exclusive; you cannot build both into a single system. This software is well tested with IPv4 but should be considered very experimental (i.e. do not deploy in production environments). This software does NOT currently support IPv6. In fact do not configure FAST_IPSEC and INET6 in the same system. Obtained from: KAME + openbsd Supported by: Vernier Networks show more ...
Revision tags: vendor/less/v643, vendor/NetBSD/libc-vis/20230813, vendor/openssh/9.4p1, vendor/device-tree/6.4, vendor/device-tree/6.3, vendor/device-tree/6.2, vendor/device-tree/6.1, vendor/krb5/1.21.1, vendor/xz/5.4.4, vendor/openssl/3.0.10, vendor/openssl/1.1.1v, vendor/llvm-project/llvmorg-17-init-19311-gbc849e525f80, vendor/llvm-project/llvmorg-17-init-19304-gd0b54bb50e51, vendor/openssh/9.3p2, vendor/lua/5.4.6, vendor/NetBSD/bmake/20230622, vendor/openpam/XIMENIA, vendor/heimdal/7.8.0-2023-06-10-f62e2f278, vendor/openssl/3.0.9, vendor/llvm-project/llvmorg-16.0.6-0-g7cbf1a259152, vendor/ntp/4.2.8p17, vendor/llvm-project/llvmorg-16.0.5-0-g185b81e034ba, vendor/spleen/2.0.0, vendor/ntp/4.2.8p16, vendor/openssl/1.1.1u, vendor/sqlite3/sqlite-3420000, vendor/bc/6.6.0, vendor/llvm-project/llvmorg-16.0.4-0-gae42196bc493, vendor/NetBSD/bmake/20230510, vendor/xz/5.4.3
# 4d846d26	10-May-2023	Warner Losh <imp@FreeBSD.org>	spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch up to that fact and revert to their recommended match of spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch up to that fact and revert to their recommended match of BSD-2-Clause. Discussed with: pfg MFC After: 3 days Sponsored by: Netflix show more ...
Revision tags: vendor/tcpdump/4.99.4, vendor/llvm-project/llvmorg-16.0.3-0-gda3cd333bea5, vendor/ldns/1.8.3, vendor/spleen/1.9.3, vendor/libpcap/1.10.4, vendor/spleen/1.6.0, vendor/less/v632, vendor/bc/6.5.0, vendor/libfido2/1.13.0, vendor/libfido2/1.12.0, vendor/libfido2/1.11.0, vendor/libfido2/1.10.0, vendor/libfido2/1.9.0, vendor/NetBSD/bmake/20230414, vendor/llvm-project/llvmorg-16.0.2-0-g18ddebe1a1a9, vendor/libcbor/0.10.2, vendor/tzcode/tzcode2023c, vendor/tzcode/tzcode2023b, vendor/tzcode/tzcode2023a, vendor/sqlite3/sqlite-3410200, vendor/llvm-project/llvmorg-16.0.1-0-gcd89023f7979, release/13.2.0, vendor/llvm-project/llvmorg-16.0.0-45-g42d1b276f779, vendor/llvm-project/llvmorg-16.0.0-0-g08d094a0e457, vendor/tzdata/tzdata2023c, vendor/libpcap/1.10.3, vendor/opencsd/v1.4.0, vendor/arm-optimized-routines/v23.01, vendor/tzdata/tzdata2023b, vendor/tzdata/tzdata2023a, vendor/xz/5.4.2, vendor/openssh/9.3p1, vendor/openssl/3.0.8, vendor/bc/6.4.0, vendor/sqlite3/sqlite-3410000, vendor/bc/6.3.1, vendor/bearssl/20230220, vendor/zlib/1.2.13, vendor/llvm-project/llvmorg-16.0.0-rc2-10-g073506d8c15c, vendor/llvm-project/llvmorg-16-init-18548-gb0daacf58f41, vendor/NetBSD/bmake/20230208, vendor/byacc/20230201, vendor/openssl/1.1.1t, vendor/NetBSD/libedit/2023-01-06, vendor/openssh/9.2p1, vendor/tcsh/6.24.07, vendor/bc/6.2.2, vendor/bc/6.2.1, vendor/bc/6.2.0, vendor/bc/6.1.0, vendor/bc/6.0.4, vendor/NetBSD/bmake/20230126, vendor/Juniper/libxo/1.6.0, vendor/zstd/1.5.2, vendor/xz/5.4.1, vendor/sendmail/8.17.1, vendor/llvm-project/llvmorg-15.0.7-0-g8dfdcc7b7bf6, vendor/heimdal/7.8.0, vendor/sqlite3/sqlite-3400100, vendor/xz/5.4.0, vendor/tzcode/tzcode2022g, vendor/tzcode/tzcode2022f, vendor/tzcode/tzcode2022e, vendor/tzcode/tzcode2022d, vendor/xz/5.2.9
# e68b3792	07-Dec-2022	Gleb Smirnoff <glebius@FreeBSD.org>	tcp: embed inpcb into tcpcb For the TCP protocol inpcb storage specify allocation size that would provide space to most of the data a TCP connection needs, embedding into struct tcpcb several struct tcp: embed inpcb into tcpcb For the TCP protocol inpcb storage specify allocation size that would provide space to most of the data a TCP connection needs, embedding into struct tcpcb several structures, that previously were allocated separately. The most import one is the inpcb itself. With embedding we can provide strong guarantee that with a valid TCP inpcb the tcpcb is always valid and vice versa. Also we reduce number of allocs/frees per connection. The embedded inpcb is placed in the beginning of the struct tcpcb, since in_pcballoc() requires that. However, later we may want to move it around for cache line efficiency, and this can be done with a little effort. The new intotcpcb() macro is ready for such move. The congestion algorithm data, the TCP timers and osd(9) data are also embedded into tcpcb, and temprorary struct tcpcb_mem goes away. There was no extra allocation here, but we went through extra pointer every time we accessed this data. One interesting side effect is that now TCP data is allocated from SMR-protected zone. Potentially this allows the TCP stacks or other TCP related modules to utilize that for their own synchronization. Large part of the change was done with sed script: s/tp->ccv->/tp->t_ccv./g s/tp->ccv/\&tp->t_ccv/g s/tp->cc_algo/tp->t_cc/g s/tp->t_timers->tt_/tp->tt_/g s/CCV\(ccv, osd\)/\&CCV(ccv, t_osd)/g Dependency side effect is that code that needs to know struct tcpcb should also know struct inpcb, that added several <netinet/in_pcb.h>. Differential revision: https://reviews.freebsd.org/D37127 show more ...
Revision tags: vendor/llvm-project/llvmorg-15.0.6-0-g088f33605d8a, vendor/tzdata/tzdata2022g, release/12.4.0, vendor/sqlite3/sqlite-3400000, vendor/expat/2.5.0, vendor/xz/5.2.8, vendor/device-tree/6.0, vendor/device-tree/5.19, vendor/openssl/1.1.1s, vendor/wireguard-tools/v1.0.20210914, vendor/tzdata/tzdata2022f, vendor/acpica/20221020, vendor/unbound/1.17.0, vendor/llvm-project/llvmorg-15.0.2-10-gf3c5289e7846, vendor/llvm-project/llvmorg-15.0.2-0-g4bd3f3759259, vendor/llvm-project/llvmorg-15.0.1-0-gb73d2c8c720a, vendor/tzdata/tzdata2022e, vendor/openssh/9.1p1
# 809fef29	04-Oct-2022	Gleb Smirnoff <glebius@FreeBSD.org>	netipsec: move specific ipsecmethods declarations to ipsec_support.h where struct ipsec_methods is defined. Not a functional change. Allows further modification of method prototypes without breakin netipsec: move specific ipsecmethods declarations to ipsec_support.h where struct ipsec_methods is defined. Not a functional change. Allows further modification of method prototypes without breaking compilation of other ipsec compilation units. Differential revision: https://reviews.freebsd.org/D36730 show more ...
Revision tags: vendor/unbound/1.16.3, vendor/bsddialog/0.4, vendor/tzdata/tzdata2022d, vendor/file/5.43, vendor/expat/2.4.9, vendor/sqlite3/sqlite-3390300, vendor/llvm-project/llvmorg-15.0.0-9-g1c73596d3454, vendor/llvm-project/llvmorg-15.0.0-0-g4ba6a9c9f65b, vendor/less/v608, vendor/bsddialog/0.3, vendor/lua/5.4.4, vendor/lua/5.4.3, vendor/sqlite3/sqlite-3390200, vendor/bc/6.0.2, verndor/bc/6.0.2, vendor/dhcpcd/9.4.1, vendor/tzcode/tzcode2022c, vendor/tzcode/unsplit, vendor/tzdata/tzdata2022c, vendor/llvm-project/llvmorg-15.0.0-rc2-40-gfbd2950d8d0d, vendor/tzdata/tzdata2022b, vendor/arm-optimized-routines/20220210-89ca9c3, vendor/device-tree/5.18, vendor/device-tree/5.17, vendor/device-tree/5.16, vendor/device-tree/5.15, vendor/device-tree/5.14, vendor/unbound/1.16.2, vendor/llvm-project/llvmorg-15-init-17826-g1f8ae9d7e7e4, vendor/llvm-project/llvmorg-15-init-17827-gd77882e66779, vendor/NetBSD/bmake/20220726, vendor/NetBSD/bmake/20220724, vendor/llvm-project/llvmorg-15-init-17485-ga3e38b4a206b, vendor/llvm-project/llvmorg-15-init-16436-g18a6ab5b8d1f, vendor/unbound/1.16.1, vendor/sqlite3/sqlite-3390000, vendor/openssl/1.1.1q, vendor/file/5.42, vendor/llvm-project/llvmorg-15-init-15358-g53dc0f107877, vendor/openssl/1.1.1p, vendor/bc/5.3.3, vendor/bc/5.3.2, vendor/llvm-project/llvmorg-14.0.5-0-gc12386ae247c, vendor/bc/5.3.1, vendor/bc/5.3.0, vendor/unbound/1.16.0, vendor/llvm-project/llvmorg-14.0.4-0-g29f1039a7285, vendor/sqlite3/sqlite-3380500, release/13.1.0, upstream/13.1.0, vendor/bc/5.2.5, vendor/openssl/1.1.1o, vendor/llvm-project/llvmorg-14.0.2-0-g0e27d08cdeb3, vendor/llvm-project/llvmorg-14.0.3-0-g1f9140064dfb, vendor/NetBSD/bmake/20220418, vendor/bearssl/20220418, vendor/bc/5.2.4, vendor/NetBSD/libedit/2022-04-11
# 40461785	13-Apr-2022	John Baldwin <jhb@FreeBSD.org>	ipsec_encap: setdf is only used for INET.
Revision tags: vendor/openssh/9.0p1, vendor/NetBSD/bmake/20220330, vendor/acpica/20220331, vendor/zlib/1.2.12, vendor/llvm-project/llvmorg-14.0.0-2-g3f43d803382d, vendor/heimdal/7.7.0, vendor/expat/2.4.7, vendor/llvm-project/llvmorg-14.0.0-rc4-2-gadd3ab7f4c8a, vendor/tzdata/tzdata2022a, vendor/openssl/1.1.1n, vendor/bsddialog/0.2, vendor/libcxxrt/2022-03-09-fd484be8d1e94a1fcf6bc5c67e5c07b65ada19b6, vendor/bc/5.2.3, vendor/llvm-project/llvmorg-14.0.0-rc2-12-g09546e1b5103, vendor/expat/2.4.6, vendor/openssh/8.9p1, vendor/llvm-project/llvmorg-13.0.1-0-g75e33f71c2da, vendor/llvm-project/llvmorg-14.0.0-rc1-74-g4dc3cb8e3255, vendor/unbound/1.15.0, vendor/NetBSD/bmake/20220208, vendor/bc/5.2.2, vendor/NetBSD/bmake/20220204, vendor/llvm-project/llvmorg-14-init-18315-g190be5457c90, vendor/llvm-project/llvmorg-14-init-18294-gdb01b123d012, vendor/terminus/terminus-font-4.49.1, vendor/bsddialog/0.1, vendor/llvm-project/llvmorg-14-init-17616-g024a1fab5c35, vendor/dma/2022-01-27, vendor/ena-com/2.5.0, vendor/wpa/2.10, vendor/expat/2.4.3, vendor/sqlite3/sqlite-3370200, vendor/wpa/gb26f5c0fe, vendor/sqlite3/sqlite-3370100, vendor/file/5.41, vendor/llvm-project/llvmorg-14-init-13186-g0c553cc1af2e, vendor/bsddialog/0.0.2, vendor/NetBSD/bmake/20211212, vendor/openssl/1.1.1m, vendor/unbound/1.14.0, vendor/bsddialog/0.0.1, vendor/unbound/1.14.0rc1, vendor/llvm-project/llvmorg-14-init-11187-g222442ec2d71, release/12.3.0, upstream/12.3.0, vendor/wpa/g14ab4a816, vendor/bc/5.2.1, vendor/bc/5.2.0
# 44775b16	24-Nov-2021	Mark Johnston <markj@FreeBSD.org>	netinet: Remove unneeded mb_unmapped_to_ext() calls in_cksum_skip() now handles unmapped mbufs on platforms where they're permitted. Reviewed by: glebius, jhb MFC after: 1 week Sponsored by: The Fr netinet: Remove unneeded mb_unmapped_to_ext() calls in_cksum_skip() now handles unmapped mbufs on platforms where they're permitted. Reviewed by: glebius, jhb MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D33097 show more ...
Revision tags: vendor/bsddialog/2021-11-24, vendor/llvm-project/llvmorg-14-init-10223-g401b76fdf2b3, vendor/llvm-project/llvmorg-14-init-10186-gff7f2cfa959b
# 756bb50b	16-Nov-2021	Mark Johnston <markj@FreeBSD.org>	sctp: Remove now-unneeded mb_unmapped_to_ext() calls sctp_delayed_checksum() now handles unmapped mbufs, thanks to m_apply(). No functional change intended. Reviewed by: tuexen MFC after: 2 weeks sctp: Remove now-unneeded mb_unmapped_to_ext() calls sctp_delayed_checksum() now handles unmapped mbufs, thanks to m_apply(). No functional change intended. Reviewed by: tuexen MFC after: 2 weeks Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D32942 show more ...
Revision tags: vendor/mandoc/1.14.6, vendor/openssh/8.8p1, vendor/ck/2021029, vendor/tzdata/tzdata2021e, vendor/tzdata/tzdata2021d, vendor/bc/5.1.1, vendor/bc/5.1.0, vendor/tzdata/tzdata2021c, vendor/libfido2/1.8.0, vendor/libcbor/0.8.0, vendor/acpica/20210930
# 8deba29c	27-Sep-2021	Wojciech Macek <wma@FreeBSD.org>	ipsec: fix typo part2
# c27214f0	27-Sep-2021	Wojciech Macek <wma@FreeBSD.org>	ipsec: fix typo in comment
Revision tags: vendor/llvm-project/llvmorg-13.0.0-0-gd7b669b3a303, vendor/llvm-project/llvmorg-13.0.0-rc4-0-gd7b669b3a303, vendor/tzdata/tzdata2021b
# 9dfc8606	24-Sep-2021	Bartlomiej Grzesik <bag@semihalf.com>	ipsec: Add support for PMTUD for IPv6 tunnels Discard and send ICMPv6 Packet Too Big to sender when we try to encapsulate and forward a packet which total length exceeds the PMTU. Logic is based on ipsec: Add support for PMTUD for IPv6 tunnels Discard and send ICMPv6 Packet Too Big to sender when we try to encapsulate and forward a packet which total length exceeds the PMTU. Logic is based on the IPv4 implementation. Common code was moved to a separate function. Differential revision: https://reviews.freebsd.org/D31771 Obtained from: Semihalf Sponsored by: Stormshield show more ...
# b4220bf3	24-Sep-2021	Bartlomiej Grzesik <bag@semihalf.com>	ipsec: If no PMTU in hostcache assume it's equal to link's MTU If we fail to find to PMTU in hostcache, we assume it's equal to link's MTU. This patch prevents packets larger then link's MTU to be ipsec: If no PMTU in hostcache assume it's equal to link's MTU If we fail to find to PMTU in hostcache, we assume it's equal to link's MTU. This patch prevents packets larger then link's MTU to be dropped silently if there is no PMTU in hostcache. Differential revision: https://reviews.freebsd.org/D31770 Obtained from: Semihalf Sponsored by: Stormshield show more ...
# 4f337695	24-Sep-2021	Bartlomiej Grzesik <bag@semihalf.com>	ipsec: Add PMTUD support for IPsec IPv4 over IPv6 tunnel Add support for checking PMTU for IPv4 packets encapsulated in IPv6 tunnels. Differential revision: https://reviews.freebsd.org/D31769 Spons ipsec: Add PMTUD support for IPsec IPv4 over IPv6 tunnel Add support for checking PMTU for IPv4 packets encapsulated in IPv6 tunnels. Differential revision: https://reviews.freebsd.org/D31769 Sponsored by: Stormshield Obtained from: Semihalf show more ...
Revision tags: vendor/dma/2021-07-10, vendor/NetBSD/libedit/2021-09-10, vendor/bc/5.0.2, vendor/llvm-project/llvmorg-13.0.0-rc3-8-g08642a395f23, vendor/llvm-project/llvmorg-13.0.0-rc2-43-gf56129fe78d5, vendor/openssl/1.1.1l, vendor/openssh/8.7p1, vendor/llvm-project/llvmorg-13.0.0-rc1-97-g23ba3732246a, vendor/llvm-project/llvmorg-13.0.0-rc1-0-gd6974c010878, vendor/unbound/1.13.2
# a16771de	13-Aug-2021	Kornel Duleba <mindal@semihalf.com>	ipsec: Return error code if no matching SA was found If we matched SP to a packet, but no associated SA was found ipsec4_allocsa will return NULL while setting error=0. This resulted in use after fr ipsec: Return error code if no matching SA was found If we matched SP to a packet, but no associated SA was found ipsec4_allocsa will return NULL while setting error=0. This resulted in use after free and potential kernel panic. Return EINPROGRESS if the case described above instead. Obtained from: Semihalf Sponsored by: Stormshield Differential revision: https://reviews.freebsd.org/D30994 show more ...
# 6b66194b	13-Aug-2021	Kornel Duleba <mindal@semihalf.com>	ipsec: Check PMTU before sending a frame. If an encapsulated frame is going to have DF bit set check its desitnitions' PMTU and if it won't fit drop it and: Generate ICMP 3/4 message if the packet ipsec: Check PMTU before sending a frame. If an encapsulated frame is going to have DF bit set check its desitnitions' PMTU and if it won't fit drop it and: Generate ICMP 3/4 message if the packet was to be forwarded. Return EMSGSIZE error otherwise. Obtained from: Semihalf Sponsored by: Stormshield Differential revision: https://reviews.freebsd.org/D30993 show more ...
Revision tags: vendor/one-true-awk/0592de4a, vendor/acpica/20210730, vendor/llvm-project/llvmorg-13-init-16854-g6b2e4c5a58d7, vendor/llvm-project/llvmorg-12.0.1-0-gfed41342a82f, vendor/llvm-project/llvmorg-12.0.1-rc2-0-ge7dac564cd0e, vendor/llvm-project/llvmorg-13-init-16847-g88e66fa60ae5, vendor/less/v590, llvmorg-12.0.1-0-gfed41342a82f, vendor/one-true-awk/1e4bc42c53a1, vendor/device-tree/5.13, vendor/device-tree/5.12, vendor/NetBSD/bmake/20210621, vendor/ena-com/2.4.0, vendor/NetBSD/vis/20210621, llvmorg-12.0.1-rc2-0-ge7dac564cd0e, vendor/acpica/20210604, vendor/nvi/2.2.0-3bbdfe4, vendor/tcsh/6.22.04, vendor/bc/4.0.2, vendor/sqlite3/sqlite-3350500, vendor/less/v581.2, vendor/bc/4.0.1, vendor/openssh/8.6p1, vendor/openssh/8.5p1, vendor/llvm-project/llvmorg-12.0.0-0-gd28af7c654d8, vendor/less/v581, vendor/google/capsicum-test/ea66424d921bb393539b298c108a46edee5c3051, release/13.0.0, upstream/13.0.0, vendor/bc/4.0.0, vendor/acpica/20210331, vendor/NetBSD/libedit/2021-03-28, vendor/openssl/1.1.1k, vendor/device-tree/5.11, vendor/NetBSD/libedit/2020-07-10, vendor/libucl/20210314, vendor/bc/3.3.4, vendor/wpa/g9d9b42306541, vendor/tcsh/6.22.03-ceccc7f, bc/3.3.3, vendor/google/capsicum-test/20210302, vendor/dialog/1.3-20210117, vendor/ncurses/6.2-20210220, vendor/arm-optimized-routines/v21.02, vendor/libcxxrt/2021-02-18-8049924686b8414d8e652cbd2a52c763b48e8456, vendor/bc/bc-3.3.0, vendor/llvm-project/llvmorg-12.0.0-rc1-109-gd5d089bf08c9, vendor/llvm-project/llvmorg-12-init-17869-g8e464dd76bef, vendor/openssl/1.1.1j, vendor/google/capsicum-test/7707222b46abe52d18fd4fbb76115ffdb3e6f74b, vendor/openssh/8.4p1, vendor/openssh/8.3p1, vendor/openssh/8.2p1, vendor/openssh/8.1p1, vendor/openzfs/20210210, vendor/subversion/subversion-1.14.1, vendor/NetBSD/bmake/20210206, vendor/unbound/1.13.1, vendor/bc/3.2.6, vendor/atf/20210128, vendor/sqlite3/sqlite-3340100, vendor/tzdata/tzdata2021a
# 8e9313ca	19-Jan-2021	John Baldwin <jhb@FreeBSD.org>	Convert unmapped mbufs before computing checksums in IPsec. This is similar to the logic used in ip_output() to convert mbufs prior to computing checksums. Unmapped mbufs can be sent when using sen Convert unmapped mbufs before computing checksums in IPsec. This is similar to the logic used in ip_output() to convert mbufs prior to computing checksums. Unmapped mbufs can be sent when using sendfile() over IPsec or using KTLS over IPsec. Reported by: Sony Arpita Das @ Chelsio QA Reviewed by: np Sponsored by: Chelsio Differential Revision: https://reviews.freebsd.org/D28187 show more ...
Revision tags: vendor/device-tree/5.10, vendor/device-tree/5.9, vendor/NetBSD/bmake/20210110, vendor/openzfs/20210107, vendor/acpica/20210105, vendor/acpica/20201217, vendor/llvm-project/llvmorg-11.0.1-0-g43ff75f2c3fe, vendor/llvm-project/llvmorg-11.0.1-rc2-0-g43ff75f2c3f, vendor/pnglite/20130820, vendor/terminus/terminus-font-4.48, vendor/tzdata/tzdata2020f, vendor/libarchive/3.5.1, vendor/bc/3.2.4, vendor/lua/5.4.2, vendor/zstd/1.4.8, vendor/tzdata/tzdata2020e, vendor/unbound/1.13.0, vendor/openssl/1.1.1i, vendor/bc/3.2.3, vendor/libarchive/3.5.0, vendor/bc/3.2.0, vendor/NetBSD/bmake/20201117, vendor/ena-com/2.3.0, vendor/ena-com/2.2.1, vendor/acpica/20201113, vendor/NetBSD/bmake/20201101, vendor/unbound/1.12.0, vendor/less/v563, release/12.2.0, upstream/12.2.0, vendor/tzdata/tzdata2020d, vendor/tzdata/tzdata2020c, vendor/openzfs/2.0.0-rc3-gfc5966, vendor/lua/5.3.6, vendor/llvm-project/llvmorg-11.0.0-0-g176249bd673, vendor/acpica/20200925, vendor/tzdata/tzdata2020b, vendor/openzfs/2.0-rc3-gfc5966, vendor/llvm-project/llvmorg-11.0.0-rc5-0-g60a25202a7d, vendor/bc/3.1.6, vendor/nvi/2.2.0-05ed8b9, vendor/openssl/1.1.1h, vendor/openzfs/2.0-rc2-g4ce06f, vendor/llvm-project/llvmorg-11.0.0-rc2-91-g6e042866c30, vendor/lib9p/9d5aee77bcc1bf0e79b0a3bfefff5fdf2146283c, vendor/nvi/2.2.0, vendor/NetBSD/bmake/20200902, vendor/openzfs/2.0-rc1-gfd20a8
# 662c1305	01-Sep-2020	Mateusz Guzik <mjg@FreeBSD.org>	net: clean up empty lines in .c and .h files
Revision tags: vendor/openzfs/2.0-rc1-ga00c61, vendor/openzfs/2.0-rc0-g184df27, vendor/llvm-project/llvmorg-11.0.0-rc2-0-g414f32a9e86, vendor/unbound/1.11.0, vendor/sqlite3/sqlite-3330000, vendor/llvm-project/llvmorg-11.0.0-rc1-47-gff47911ddfc, vendor/bc/3.1.5, vendor/device-tree/5.8, vendor/bc/3.1.4, vendor/llvm-project/llvmorg-11.0.0-rc1-25-g903c872b169, vendor/pcg-c/20190718-83252d9, vendor/llvm-project/llvmorg-11-init-20933-g3c1fca803bc, vendor/llvm-project/llvmorg-11-init-20887-g2e10b7a39b9, vendor/acpica/20200717, vendor/sendmail/8.16.1, vendor/NetBSD/bmake/20200710, vendor/bc/3.1.3, vendor/NetBSD/bmake/20200704, vendor/sqlite3/sqlite-3320300, vendor/bc/3.1.1, vendor/NetBSD/bmake/20200629, vendor/llvm-project/llvmorg-10.0.1-0-gef32c611aa2, vendor/llvm-project/llvmorg-10.0.1-rc2-0-g77d76b71d7d, vendor/bc/3.0.2
# f82eb2a6	25-Jun-2020	John Baldwin <jhb@FreeBSD.org>	Enter and exit the network epoch for async IPsec callbacks. When an IPsec packet has been encrypted or decrypted, the next step in the packet's traversal through the network stack is invoked from a Enter and exit the network epoch for async IPsec callbacks. When an IPsec packet has been encrypted or decrypted, the next step in the packet's traversal through the network stack is invoked from a crypto worker thread, not from the original calling thread. These threads need to enter the network epoch before passing packets down to IP output routines or up to transport protocols. Reviewed by: ae Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D25444 show more ...
Revision tags: vendor/llvm-project/llvmorg-10.0.0-129-gd24d5c8e308, vendor/ntp/4.2.8p15, vendor/byacc/20200330, vendor/llvm-project/llvmorg-10.0.0-97-g6f71678ecd2
# 95033af9	18-Jun-2020	Mark Johnston <markj@FreeBSD.org>	Add the SCTP_SUPPORT kernel option. This is in preparation for enabling a loadable SCTP stack. Analogous to IPSEC/IPSEC_SUPPORT, the SCTP_SUPPORT kernel option must be configured in order to suppor Add the SCTP_SUPPORT kernel option. This is in preparation for enabling a loadable SCTP stack. Analogous to IPSEC/IPSEC_SUPPORT, the SCTP_SUPPORT kernel option must be configured in order to support a loadable SCTP implementation. Discussed with: tuexen MFC after: 2 weeks Sponsored by: The FreeBSD Foundation show more ...
Revision tags: vendor/flex/2.6.4, vendor/file/5.39, vendor/blocklist/20200615, vendor/opencsd/v0.14.2, vendor/sqlite3/sqlite-3320200, release/11.4.0, upstream/11.4.0, vendor/sqlite3/sqlite-3320000, vendor/NetBSD/bmake/20200606, vendor/device-tree/5.7, vendor/edk2/ca407c7246bf405da6d9b1b9d93e5e7f17b4b1f9, vendor/subversion/subversion-1.14.0, vendor/apr/apr-1.7.0, vendor/acpica/20200528, vendor/ena-com/2.2.0, vendor/zstd/1.4.5, vendor/llvm-project/llvmorg-10.0.1-rc1-0-gf79cd71e145, vendor/unbound/1.10.1, vendor/NetBSD/bmake/20200517, vendor/libarchive/3.4.3, vendor/acpica/20200430, vendor/lib9p/7ddb1164407da19b9b1afb83df83ae65a71a9a66, vendor/tzdata/tzdata2020a, vendor/openssl/1.1.1g, vendor/sqlite3/sqlite-3310100, vendor/device-tree/5.6, vendor/google/googletest/1.10.0, vendor/llvm-project/llvmorg-10.0.0-0-gd32170dbd5b, vendor/bsnmp/1.14, vendor/openssl/1.1.1f, vendor/acpica/20200326, vendor/xz/5.2.5, vendor/llvm-project/llvmorg-10.0.0-rc4-5-g52c365aa9ca, vendor/openssl/1.1.1e, vendor/kyua/0.13-a685f91, vendor/lutok/0.4-8f8eaef, vendor/llvm-project/llvmorg-10.0.0-rc3-1-gc290cb61fdc, vendor/ntp/4.2.8p14, vendor/device-tree/5.5, vendor/llvm-project/llvmorg-10.0.0-rc2-70-ge5cb70267e7, vendor/ncurses/6.2-20200215, vendor/llvm-project/llvmorg-10.0.0-rc2-0-g90c78073f73, vendor/openssh/8.0p1, vendor/acpica/20200214, vendor/libarchive/3.4.2, vendor/file/5.38, vendor/ncurses/6.1-20200118, vendor/sqlite3/sqlite-3310000, vendor/Juniper/libxo/1.4.0, vendor/llvm-project/llvmorg-10-init-17538-gd11abddb32f, vendor/llvm-project/llvmorg-10-init-17468-gc4a134a5107, vendor/llvm-project/llvmorg-10-init-17466-ge26a78e7085, vendor/acpica/20200110, vendor/openssl/1.0.2u, vendor/libarchive/3.4.1, vendor/unbound/1.9.6, vendor/llvm-project/llvmorg-9.0.1, vendor/llvm-project/llvmorg-10-init-8157-g186155b89c2, vendor/llvm-project/trunk-r375505, vendor/acpica/20191213, vendor/device-tree/5.4, vendor/openresolv/3.9.2, vendor/file/5.37, vendor/Juniper/libxo/1.3.1, vendor/Juniper/libxo/1.3.0, vendor/NetBSD/blacklist/20191106, vendor/zstd/1.4.4, vendor/sqlite3/sqlite-3300100, release/12.1.0, upstream/12.1.0, vendor/llvm-openmp/openmp-trunk-r375505, vendor/lldb/lldb-trunk-r375505, vendor/lld/lld-trunk-r375505, vendor/llvm-libunwind/libunwind-trunk-r375505, vendor/libc++/libc++-trunk-r375505, vendor/compiler-rt/compiler-rt-trunk-r375505, vendor/clang/clang-trunk-r375505, vendor/llvm/llvm-trunk-r375505, vendor/tcsh/6.21.00-83c5be0, vendor/acpica/20191018, vendor/opencsd/a1961c91b02a92f3c6ed8b145c636ac4c5565aca, vendor/processor-trace/892e12c5a27bda5806d1e63269986bb4171b5a8b, vendor/tcsh/6.21.00, vendor/tcpdump/4.9.3, vendor/libpcap/1.9.1, vendor/device-tree/5.3, vendor/device-tree/5.2, vendor/lldb/lldb-release_900-r372316, vendor/clang/clang-release_900-r372316, vendor/llvm/llvm-release_900-r372316, vendor/tzdata/tzdata2019c, vendor/openssl/1.0.2t, vendor/openssl/1.1.1d, vendor/NetBSD/libedit/2019-09-10, vendor/lld/lld-release_90-r371301, vendor/lld/lld-release_900-r372316, vendor/clang/clang-release_90-r371301, vendor/llvm/llvm-release_90-r371301, vendor/lld/lld-release_90-r370514, vendor/libc++/libc++-release_90-r370514, vendor/libc++/libc++-release_90-r371301, vendor/libc++/libc++-release_900-r372316, vendor/compiler-rt/compiler-rt-release_90-r370514, vendor/compiler-rt/compiler-rt-release_90-r371301, vendor/compiler-rt/compiler-rt-release_900-r372316, vendor/clang/clang-release_90-r370514, vendor/llvm/llvm-release_90-r370514, vendor/lldb/lldb-trunk-r366426, vendor/wpa/2.9, vendor/lldb/lldb-release_90-r369369, vendor/lldb/lldb-release_90-r370514, vendor/lldb/lldb-release_90-r371301, vendor/lld/lld-release_90-r369369, vendor/libc++/libc++-release_90-r369369, vendor/compiler-rt/compiler-rt-release_90-r369369, vendor/clang/clang-release_90-r369369, vendor/llvm/llvm-release_90-r369369, vendor/llvm-openmp/openmp-release_90-r369369, vendor/llvm-openmp/openmp-release_90-r370514, vendor/llvm-openmp/openmp-release_90-r371301, vendor/llvm-openmp/openmp-release_900-r372316, vendor/llvm-openmp/openmp-trunk-r366426, vendor/lld/lld-trunk-r366426, vendor/llvm-libunwind/libunwind-release_90-r369369, vendor/llvm-libunwind/libunwind-release_90-r370514, vendor/llvm-libunwind/libunwind-release_90-r371301, vendor/llvm-libunwind/libunwind-release_900-r372316, vendor/llvm-libunwind/libunwind-trunk-r366426, vendor/libc++/libc++-trunk-r366426, vendor/compiler-rt/compiler-rt-trunk-r366426, vendor/clang/clang-trunk-r366426, vendor/llvm/llvm-trunk-r366426, vendor/acpica/20190816, vendor/bzip2/1.0.8, vendor/zstd/1.4.2, vendor/zstd/1.4.1, vendor/mandoc/20190723, vendor/libcxxrt/2019-07-26-f96846efbfd508f66d91fcbbef5dd808947c7f6d, vendor/llvm-libunwind/libunwind-release_801-r366581, vendor/clang/clang-release_801-r366581, vendor/sqlite3/sqlite-3290000, vendor/acpica/20190703, vendor/llvm-openmp/openmp-release_80-r364487, vendor/llvm-openmp/openmp-release_801-r366581, vendor/lldb/lldb-release_80-r364487, vendor/lldb/lldb-release_801-r366581, vendor/lld/lld-release_80-r364487, vendor/lld/lld-release_801-r366581, vendor/llvm-libunwind/libunwind-release_80-r364487, vendor/clang/clang-release_80-r364487, release/11.3.0, upstream/11.3.0, vendor/tzdata/tzdata2019b, vendor/unbound/1.9.2, vendor/unbound/1.9.1, vendor/elftoolchain/elftoolchain-r3769, vendor/less/v551, vendor/bzip2/1.0.7, vendor/libarchive/3.4.0, vendor/lldb/lldb-release_80-r363030, vendor/lld/lld-release_80-r363030, vendor/llvm-libunwind/libunwind-release_80-r363030, vendor/libc++/libc++-release_80-r363030, vendor/libc++/libc++-release_80-r364487, vendor/libc++/libc++-release_801-r366581, vendor/compiler-rt/compiler-rt-release_80-r363030, vendor/compiler-rt/compiler-rt-release_80-r364487, vendor/compiler-rt/compiler-rt-release_801-r366581, vendor/clang/clang-release_80-r363030, vendor/llvm/llvm-release_80-r363030, vendor/llvm/llvm-release_80-r364487, vendor/llvm/llvm-release_801-r366581, vendor/one-true-awk/4189ef5d, vendor/ena-com/2.0.0, vendor/openssl/1.0.2s, vendor/openssl/1.1.1c, vendor/libfdt/1.5.0, zfs-0.8.0, vendor/netcat/6.5, vendor/netcat/6.4, vendor/netcat/6.3, vendor/netcat/6.2, vendor/netcat/6.1, vendor/netcat/6.0, vendor/acpica/20190509, zfs-0.8.0-rc5, vendor/device-tree/5.1, vendor/Juniper/libxo/1.0.4, vendor/sqlite3/sqlite-3280000, vendor/wpa/2.8, vendor/sqlite3/sqlite-3270200, vendor/zstd/1.4.0, zfs-0.8.0-rc4, vendor/device-tree/5.0, vendor/sqlite3/sqlite-3270100, vendor/acpica/20190405, vendor/Juniper/libxo/1.0.2, vendor/acpica/20190329, vendor/mandoc/1.14.5, vendor/tzdata/tzdata2019a, vendor/clang/clang-release_800-r356365, vendor/llvm-openmp/openmp-release_80-r356034, vendor/llvm-openmp/openmp-release_80-r363030, vendor/llvm-openmp/openmp-release_800-r356365, vendor/llvm-openmp/openmp-trunk-r351319, vendor/clang/clang-release_80-r356034, vendor/llvm/llvm-release_80-r356034, vendor/llvm/llvm-release_800-r356365, vendor/llvm-libunwind/libunwind-release_80-r355677, vendor/llvm-libunwind/libunwind-release_80-r356034, vendor/llvm-libunwind/libunwind-release_800-r356365, vendor/clang/clang-release_80-r355677, vendor/llvm/llvm-release_80-r355677, vendor/llvm-libunwind/libunwind-trunk-r351319, vendor/ntp/4.2.8p13, vendor/libc++/libc++-release_80-r355313, vendor/libc++/libc++-release_80-r355677, vendor/libc++/libc++-release_80-r356034, vendor/libc++/libc++-release_800-r356365, vendor/clang/clang-release_80-r355313, vendor/llvm/llvm-release_80-r355313, vendor/openssl/1.0.2r, vendor/openssl/1.1.1b, vendor/lldb/lldb-release_80-r354799, vendor/lldb/lldb-release_80-r355313, vendor/lldb/lldb-release_80-r355677, vendor/lldb/lldb-release_80-r356034, vendor/lldb/lldb-release_800-r356365, vendor/lld/lld-release_80-r354799, vendor/lld/lld-release_80-r355313, vendor/lld/lld-release_80-r355677, vendor/lld/lld-release_80-r356034, vendor/lld/lld-release_800-r356365, vendor/libc++/libc++-release_80-r354799, vendor/compiler-rt/compiler-rt-release_80-r354799, vendor/compiler-rt/compiler-rt-release_80-r355313, vendor/compiler-rt/compiler-rt-release_80-r355677, vendor/compiler-rt/compiler-rt-release_80-r356034, vendor/compiler-rt/compiler-rt-release_800-r356365, vendor/clang/clang-release_80-r354799, vendor/llvm/llvm-release_80-r354799, vendor/openpam/TABEBUIA, vendor/acpica/20190215, vendor/lld/lld-release_80-r354130, vendor/compiler-rt/compiler-rt-release_80-r354130, vendor/clang/clang-release_80-r354130, vendor/llvm/llvm-release_80-r354130, vendor/google/googletest/1.8.1, vendor/unbound/1.9.0, vendor/lldb/lldb-release_80-r353167, vendor/lldb/lldb-release_80-r354130, vendor/lld/lld-release_80-r353167, vendor/libc++/libc++-release_80-r353167, vendor/libc++/libc++-release_80-r354130, vendor/compiler-rt/compiler-rt-release_80-r353167, vendor/clang/clang-release_80-r353167, vendor/llvm/llvm-release_80-r353167, vendor/openssh/7.9p1, vendor/bearssl/6433cc2, vendor/lldb/lldb-release_80-r351543, vendor/lld/lld-release_80-r351543, vendor/libc++/libc++-release_80-r351543, vendor/clang/clang-release_80-r351543, vendor/llvm/llvm-release_80-r351543, vendor/lldb/lldb-trunk-r351319, vendor/lld/lld-trunk-r351319, vendor/libc++/libc++-trunk-r351319, vendor/compiler-rt/compiler-rt-release_80-r351543, vendor/compiler-rt/compiler-rt-trunk-r351319, vendor/clang/clang-trunk-r351319, vendor/llvm/llvm-trunk-r351319, vendor/ena-com/1.1.4.6, zfs-0.8.0-rc3, vendor/device-tree/4.20, vendor/elftoolchain/elftoolchain-r3668, vendor/acpica/20190108, vendor/tzdata/tzdata2018i, vendor/tzdata/tzdata2018h, vendor/zstd/1.3.8, vendor/NetBSD/bmake/20181221, vendor/sqlite3/sqlite-3260000, vendor/clang/clang-release_701-r349250, vendor/acpica/20181213, vendor/libc++/libc++-release_70-r348686, vendor/libc++/libc++-release_701-r349250, vendor/clang/clang-release_70-r348686, vendor/llvm/llvm-release_70-r348686, vendor/llvm/llvm-release_701-r349250, release/12.0.0, upstream/12.0.0, vendor/wpa/2.7, vendor/NetBSD/bmake/20180919, vendor/lldb/lldb-release_70-r348011, vendor/lldb/lldb-release_70-r348686, vendor/lldb/lldb-release_701-r349250, vendor/clang/clang-release_70-r348011, vendor/llvm/llvm-release_70-r348011, vendor/ck/20181120, vendor/openssl/1.0.2q, vendor/openssl/1.1.1a, zfs-0.8.0-rc2, vendor/device-tree/4.19, vendor/lld/lld-release_70-r346007, vendor/lld/lld-release_70-r348011, vendor/lld/lld-release_70-r348686, vendor/lld/lld-release_701-r349250, vendor/clang/clang-release_70-r346007, vendor/llvm/llvm-release_70-r346007, vendor/expat/2.2.6, vendor/acpica/20181031, vendor/tzdata/tzdata2018g, vendor/zstd/1.3.7, vendor/zstd/1.3.4, vendor/zstd/1.3.3, vendor/dialog/1.3-20180621, vendor/tzdata/tzdata2018f, vendor/ck/20181014, vendor/unbound/1.8.1, vendor/subversion/subversion-1.10.2, vendor/apr-util/apr-util-1.6.1, vendor/apr/apr-1.6.5, vendor/serf/serf-1.3.9, vendor/acpica/20181003, vendor/acpica/20180927, vendor/libevent/2.1.18, vendor/libevent/2.1.8, vendor/mandoc/1.14.4, vendor/lld/lld-release_700-r342383, vendor/clang/clang-release_700-r342383, vendor/openssl/1.1.1, vendor/lld/lld-release_70-r341916, vendor/libc++/libc++-release_70-r341916, vendor/libc++/libc++-release_70-r346007, vendor/libc++/libc++-release_70-r348011, vendor/libc++/libc++-release_700-r342383, vendor/compiler-rt/compiler-rt-release_70-r341916, vendor/compiler-rt/compiler-rt-release_70-r346007, vendor/compiler-rt/compiler-rt-release_70-r348011, vendor/compiler-rt/compiler-rt-release_70-r348686, vendor/compiler-rt/compiler-rt-release_700-r342383, vendor/compiler-rt/compiler-rt-release_701-r349250, vendor/clang/clang-release_70-r341916, vendor/llvm/llvm-release_70-r341916, vendor/llvm/llvm-release_700-r342383, vendor/unbound/1.8.0, vendor/unbound/1.7.3, vendor/unbound/1.7.2, zfs-0.8.0-rc1, vendor/libarchive/3.3.3, vendor/lld/lld-release_70-r340910, vendor/libc++/libc++-release_70-r340910, vendor/compiler-rt/compiler-rt-release_70-r340910, vendor/clang/clang-release_70-r340910, vendor/llvm/llvm-release_70-r340910, vendor/openssh/7.8p1, vendor/ntp/4.2.8p12, vendor/lldb/lldb-release_70-r339999, vendor/lldb/lldb-release_70-r340910, vendor/lldb/lldb-release_70-r341916, vendor/lldb/lldb-release_70-r346007, vendor/lldb/lldb-release_700-r342383, vendor/lld/lld-release_70-r339999, vendor/libc++/libc++-release_70-r339999, vendor/clang/clang-release_70-r339999, vendor/llvm/llvm-release_70-r339999, vendor/openssl/1.0.2p, vendor/device-tree/4.18, vendor/tzdb/tzcode2018e, vendor/lldb/lldb-release_70-r339355, vendor/lld/lld-release_70-r339355, vendor/compiler-rt/compiler-rt-release_70-r339355, vendor/compiler-rt/compiler-rt-release_70-r339999, vendor/clang/clang-release_70-r339355, vendor/llvm/llvm-release_70-r339355, vendor/lua/5.3.5, vendor/acpica/20180810, vendor/ck/20180809, vendor/libc++/libc++-release_70-r338892, vendor/libc++/libc++-release_70-r339355, vendor/compiler-rt/compiler-rt-release_70-r338892, vendor/clang/clang-release_70-r338892, vendor/llvm/llvm-release_70-r338892, vendor/lldb/lldb-release_70-r338892, vendor/lldb/lldb-trunk-r338536, vendor/lld/lld-release_70-r338892, vendor/lld/lld-trunk-r338536, vendor/libc++/libc++-trunk-r338536, vendor/compiler-rt/compiler-rt-trunk-r338536, vendor/clang/clang-trunk-r338536, vendor/llvm/llvm-trunk-r338536, vendor/file/5.34, vendor/lldb/lldb-trunk-r338150, vendor/lld/lld-trunk-r338150, vendor/libc++/libc++-trunk-r338150, vendor/compiler-rt/compiler-rt-trunk-r338150, vendor/clang/clang-trunk-r338150, vendor/llvm/llvm-trunk-r338150, vendor/bsnmp/1.13, vendor/libfdt/1.4.7, vendor/ck/20180711, vendor/acpica/20180629, vendor/lldb/lldb-release_601-r335540, vendor/lld/lld-release_601-r335540, vendor/libc++/libc++-release_601-r335540, vendor/compiler-rt/compiler-rt-release_601-r335540, vendor/clang/clang-release_601-r335540, vendor/llvm/llvm-release_601-r335540, release/11.2.0, upstream/11.2.0, vendor/device-tree/4.17, vendor/acpica/20180531, vendor/ck/20180524, vendor/Juniper/libxo/0.9.0, vendor/file/5.33, vendor/NetBSD/bmake/20180512, vendor/xz/5.2.4, vendor/ck/20180517, vendor/unbound/1.7.1, vendor/unbound/1.7.0, vendor/unbound/1.6.8, vendor/unbound/1.6.7, vendor/unbound/1.6.6, vendor/unbound/1.6.5, vendor/unbound/1.6.4, vendor/unbound/1.6.3, vendor/unbound/1.6.2, vendor/unbound/1.6.1, vendor/ena-com/1.1.4.5, vendor/acpica/20180508, vendor/sqlite3/sqlite-3230100, vendor/subversion/subversion-1.10.0, vendor/openssh/7.7p1, vendor/openssh/7.6p1, vendor/tzdata/tzdata2018e, vendor/acpica/20180427, vendor/elftoolchain/elftoolchain-r3614, vendor/device-tree/4.16, vendor/opencsd/900407e9d6400f6541138d6c2e483a9fc2d699a4, vendor/heimdal/7.5.0, vendor/krb5/1.16, vendor/ck/20180304, vendor/openssl/1.0.2o, vendor/tzdata/tzdata2018d, vendor/processor-trace/24982c1a6fce48f1e416461d42899805f74fbb26, vendor/acpica/20180313, vendor/lld/lld-release_600-r326565, vendor/clang/clang-release_600-r326565, vendor/llvm/llvm-release_600-r326565, vendor/NetBSD/bmake/20180222, vendor/ntp/4.2.8p11, vendor/lldb/lldb-release_60-r325932, vendor/lldb/lldb-release_600-r326565, vendor/lld/lld-release_60-r325932, vendor/clang/clang-release_60-r325932, vendor/llvm/llvm-release_60-r325932, vendor/less/v530, vendor/lldb/lldb-release_60-r325330, vendor/lld/lld-release_60-r325330, vendor/libc++/libc++-release_60-r325330, vendor/libc++/libc++-release_60-r325932, vendor/libc++/libc++-release_600-r326565, vendor/compiler-rt/compiler-rt-release_60-r325330, vendor/compiler-rt/compiler-rt-release_60-r325932, vendor/compiler-rt/compiler-rt-release_600-r326565, vendor/clang/clang-release_60-r325330, vendor/llvm/llvm-release_60-r325330, vendor/device-tree/4.15, vendor/acpica/20180209, vendor/lld/lld-release_60-r324090, vendor/clang/clang-release_60-r324090, vendor/llvm/llvm-release_60-r324090, vendor/lld/lld-release_60-r323948, vendor/compiler-rt/compiler-rt-release_60-r323948, vendor/compiler-rt/compiler-rt-release_60-r324090, vendor/clang/clang-release_60-r323948, vendor/llvm/llvm-release_60-r323948, vendor/lldb/lldb-release_60-r323338, vendor/lldb/lldb-release_60-r323948, vendor/lldb/lldb-release_60-r324090, vendor/lld/lld-release_60-r323338, vendor/libc++/libc++-release_60-r323338, vendor/libc++/libc++-release_60-r323948, vendor/libc++/libc++-release_60-r324090, vendor/compiler-rt/compiler-rt-release_60-r323338, vendor/clang/clang-release_60-r323338, vendor/llvm/llvm-release_60-r323338, vendor/tzdata/tzdata2018c, vendor/libfdt/1.4.6, vendor/tzdata/tzdata2018a, vendor/dtc/1.4.6, vendor/lldb/lldb-release_60-r321788, vendor/lld/lld-release_60-r321788, vendor/libc++/libc++-release_60-r321788, vendor/compiler-rt/compiler-rt-release_60-r321788, vendor/clang/clang-release_60-r321788, vendor/llvm/llvm-release_60-r321788, vendor/acpica/20180105, vendor/compiler-rt/compiler-rt-trunk-r321545, vendor/llvm/llvm-trunk-r321545, vendor/lldb/lldb-trunk-r321530, vendor/lldb/lldb-trunk-r321545, vendor/lld/lld-trunk-r321530, vendor/lld/lld-trunk-r321545, vendor/libc++/libc++-trunk-r321530, vendor/libc++/libc++-trunk-r321545, vendor/compiler-rt/compiler-rt-trunk-r321530, vendor/clang/clang-trunk-r321530, vendor/clang/clang-trunk-r321545, vendor/llvm/llvm-trunk-r321530, vendor/lld/lld-trunk-r321426, vendor/clang/clang-trunk-r321426, vendor/llvm/llvm-trunk-r321426, vendor/lldb/lldb-trunk-r321414, vendor/lldb/lldb-trunk-r321426, vendor/lld/lld-trunk-r321414, vendor/libc++/libc++-trunk-r321414, vendor/libc++/libc++-trunk-r321426, vendor/compiler-rt/compiler-rt-trunk-r321414, vendor/compiler-rt/compiler-rt-trunk-r321426, vendor/clang/clang-trunk-r321414, vendor/llvm/llvm-trunk-r321414, vendor/lldb/lldb-trunk-r321017, vendor/lld/lld-trunk-r321017, vendor/libc++/libc++-trunk-r321017, vendor/compiler-rt/compiler-rt-trunk-r321017, vendor/clang/clang-trunk-r321017, vendor/llvm/llvm-trunk-r321017, vendor/lld/lld-release_501-r320880, vendor/clang/clang-release_501-r320880, vendor/llvm/llvm-release_501-r320880, vendor/acpica/20171214, vendor/openssl/1.0.2n, vendor/lldb/lldb-release_50-r319231, vendor/lldb/lldb-release_501-r320880, vendor/lld/lld-release_50-r319231, vendor/libc++/libc++-release_50-r319231, vendor/libc++/libc++-release_501-r320880, vendor/clang/clang-release_50-r319231, vendor/llvm/llvm-release_50-r319231, vendor/lua/5.3.4, vendor/NetBSD/libc-vis/20171127
# fe267a55	27-Nov-2017	Pedro F. Giffuni <pfg@FreeBSD.org>	sys: general adoption of SPDX licensing ID tags. Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error pro sys: general adoption of SPDX licensing ID tags. Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts. No functional change intended. show more ...
Revision tags: vendor/less/v529, vendor/device-tree/4.14, vendor/acpica/20171110, vendor/zstd/1.3.2, vendor/ena-com/1.1.4.4, vendor/openssl/1.0.2m, vendor/NetBSD/bmake/20171028, vendor/ena-com/1.1.4.3, vendor/tzdata/tzdata2017c, vendor/device-tree/4.13, vendor/wpa/2.6, vendor/mandoc/1.14.3, vendor/acpica/20170929, release/10.4.0, upstream/10.4.0, vendor/tcpdump/4.9.2, vendor/file/5.32, vendor/NetBSD/libedit/2017-09-05, vendor/clang/clang-release_500-r312559, vendor/llvm/llvm-release_500-r312559, vendor/lldb/lldb-release_50-r312293, vendor/lldb/lldb-release_500-r312559, vendor/lld/lld-release_50-r312293, vendor/lld/lld-release_500-r312559, vendor/libc++/libc++-release_50-r312293, vendor/libc++/libc++-release_500-r312559, vendor/compiler-rt/compiler-rt-release_50-r312293, vendor/compiler-rt/compiler-rt-release_50-r319231, vendor/compiler-rt/compiler-rt-release_500-r312559, vendor/compiler-rt/compiler-rt-release_501-r320880, vendor/clang/clang-release_50-r312293, vendor/llvm/llvm-release_50-r312293, vendor/ctfdump/20170831, vendor/acpica/20170831, vendor/lldb/lldb-release_50-r311606, vendor/compiler-rt/compiler-rt-release_50-r311606, vendor/clang/clang-release_50-r311606, vendor/llvm/llvm-release_50-r311606, vendor/zstd/1.3.1
# 22bbefb2	21-Aug-2017	Andrey V. Elsukov <ae@FreeBSD.org>	Fix the regression introduced in r275710. When a security policy should match TCP connection with specific ports, the SYN+ACK segment send by syncache_respond() is considered as forwarded packet, be Fix the regression introduced in r275710. When a security policy should match TCP connection with specific ports, the SYN+ACK segment send by syncache_respond() is considered as forwarded packet, because at this moment TCP connection does not have PCB structure, and ip_output() is called without inpcb pointer. In this case SPIDX filled for SP lookup will not contain TCP ports and security policy will not be found. This can lead to unencrypted SYN+ACK on the wire. This patch restores the old behavior, when ports will not be filled only for forwarded packets. Reported by: Dewayne Geraghty <dewayne.geraghty at heuristicsystems.com.au> MFC after: 1 week show more ...
Revision tags: vendor/lld/lld-release_50-r311219, vendor/lld/lld-release_50-r311606, vendor/libc++/libc++-release_50-r311219, vendor/libc++/libc++-release_50-r311606, vendor/clang/clang-release_50-r311219, vendor/llvm/llvm-release_50-r311219, vendor/sqlite3/sqlite-3200000, vendor/subversion/subversion-1.9.7, vendor/libc++/libc++-release_50-r310316, vendor/clang/clang-release_50-r310316, vendor/llvm/llvm-release_50-r310316, vendor/Juniper/libxo/0.8.4, vendor/openssh/7.5p1, vendor/ena-com/1.1.4.2, vendor/mandoc/1.14.2
# 1a01e0e7	31-Jul-2017	Andrey V. Elsukov <ae@FreeBSD.org>	Add inpcb pointer to struct ipsec_ctx_data and pass it to the pfil hook from enc_hhook(). This should solve the problem when pf is used with if_enc(4) interface, and outbound packet with existing PC Add inpcb pointer to struct ipsec_ctx_data and pass it to the pfil hook from enc_hhook(). This should solve the problem when pf is used with if_enc(4) interface, and outbound packet with existing PCB checked by pf, and this leads to deadlock due to pf does its own PCB lookup and tries to take rlock when wlock is already held. Now we pass PCB pointer if it is known to the pfil hook, this helps to avoid extra PCB lookup and thus rlock acquiring is not needed. For inbound packets it is safe to pass NULL, because we do not held any PCB locks yet. PR: 220217 MFC after: 3 weeks Sponsored by: Yandex LLC show more ...
Revision tags: vendor/lldb/lldb-release_50-r309439, vendor/lldb/lldb-release_50-r310316, vendor/lldb/lldb-release_50-r311219, vendor/lld/lld-release_50-r309439, vendor/lld/lld-release_50-r310316, vendor/libc++/libc++-release_50-r309439, vendor/clang/clang-release_50-r309439, vendor/llvm/llvm-release_50-r309439, vendor/acpica/20170728, zfs-0.7.0, vendor/NetBSD/bmake/20170720, release/11.1.0, upstream/11.1.0, vendor/lldb/lldb-trunk-r308421, vendor/lld/lld-trunk-r308421, vendor/libc++/libc++-trunk-r308421, vendor/compiler-rt/compiler-rt-release_50-r309439, vendor/compiler-rt/compiler-rt-release_50-r310316, vendor/compiler-rt/compiler-rt-release_50-r311219, vendor/compiler-rt/compiler-rt-trunk-r308421, vendor/clang/clang-trunk-r308421, vendor/llvm/llvm-trunk-r308421, vendor/NetBSD/bmake/20170711, vendor/zstd/1.3.0, vendor/lldb/lldb-trunk-r307894, vendor/lld/lld-trunk-r307894, vendor/libc++/libc++-trunk-r307894, vendor/compiler-rt/compiler-rt-trunk-r307894, vendor/clang/clang-trunk-r307894, vendor/llvm/llvm-trunk-r307894, zfs-0.7.0-rc5, vendor/libarchive/3.3.2, vendor/device-tree/4.12, vendor/krb5/1.15.1, vendor/lldb/lldb-trunk-r306956, vendor/lld/lld-trunk-r306956, vendor/libc++/libc++-trunk-r306956, vendor/compiler-rt/compiler-rt-trunk-r306956, vendor/clang/clang-trunk-r306956, vendor/llvm/llvm-trunk-r306956, vendor/acpica/20170629, vendor/pjdfstest/0.1, vendor/lldb/lldb-trunk-r306325, vendor/lld/lld-trunk-r306325, vendor/libc++/libc++-trunk-r306325, vendor/compiler-rt/compiler-rt-trunk-r306325, vendor/clang/clang-trunk-r306325, vendor/llvm/llvm-trunk-r306325, vendor/elftoolchain/elftoolchain-r3561, vendor/device-tree/4.11, vendor/lldb/lldb-trunk-r305575, vendor/lld/lld-trunk-r305575, vendor/libc++/libc++-trunk-r305575, vendor/compiler-rt/compiler-rt-trunk-r305575, vendor/clang/clang-trunk-r305575, vendor/llvm/llvm-trunk-r305575, vendor/Juniper/libxo/0.8.2, vendor/lldb/lldb-trunk-r305145, vendor/lld/lld-trunk-r305145, vendor/libc++/libc++-trunk-r305145, vendor/compiler-rt/compiler-rt-trunk-r305145, vendor/clang/clang-trunk-r305145, vendor/llvm/llvm-trunk-r305145, vendor/Juniper/libxo/0.8.1, vendor/mandoc/20170608, vendor/Juniper/libxo/0.8.0, vendor/lldb/lldb-trunk-r304659, vendor/lld/lld-trunk-r304659, vendor/libc++/libc++-trunk-r304659, vendor/compiler-rt/compiler-rt-trunk-r304659, vendor/clang/clang-trunk-r304659, vendor/llvm/llvm-trunk-r304659, vendor/lldb/lldb-trunk-r304460, vendor/lld/lld-trunk-r304460, vendor/libc++/libc++-trunk-r304460, vendor/compiler-rt/compiler-rt-trunk-r304460, vendor/clang/clang-trunk-r304460, vendor/llvm/llvm-trunk-r304460, vendor/acpica/20170531, vendor/byacc/20170430, vendor/lldb/lldb-trunk-r304222, vendor/lld/lld-trunk-r304222, vendor/libc++/libc++-trunk-r304222, vendor/clang/clang-trunk-r304222, vendor/llvm/llvm-trunk-r304222, vendor/lldb/lldb-trunk-r304149, vendor/lld/lld-trunk-r304149, vendor/libc++/libc++-trunk-r304149, vendor/compiler-rt/compiler-rt-trunk-r304149, vendor/compiler-rt/compiler-rt-trunk-r304222, vendor/clang/clang-trunk-r304149, vendor/llvm/llvm-trunk-r304149
# 7f1f6591	29-May-2017	Andrey V. Elsukov <ae@FreeBSD.org>	Disable IPsec debugging code by default when IPSEC_DEBUG kernel option is not specified. Due to the long call chain IPsec code can produce the kernel stack exhaustion on the i386 architecture. The d Disable IPsec debugging code by default when IPSEC_DEBUG kernel option is not specified. Due to the long call chain IPsec code can produce the kernel stack exhaustion on the i386 architecture. The debugging code usually is not used, but it requires a lot of stack space to keep buffers for strings formatting. This patch conditionally defines macros to disable building of IPsec debugging code. IPsec currently has two sysctl variables to configure debug output: * net.key.debug variable is used to enable debug output for PF_KEY protocol. Such debug messages are produced by KEYDBG() macro and usually they can be interesting for developers. * net.inet.ipsec.debug variable is used to enable debug output for DPRINTF() macro and ipseclog() function. DPRINTF() macro usually is used for development debugging. ipseclog() function is used for debugging by administrator. The patch disables KEYDBG() and DPRINTF() macros, and formatting buffers declarations when IPSEC_DEBUG is not present in kernel config. This reduces stack requirement for up to several hundreds of bytes. The net.inet.ipsec.debug variable still can be used to enable ipseclog() messages by administrator. PR: 219476 Reported by: eugen No objection from: #network MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D10869 show more ...
Revision tags: vendor/openssl/1.0.2l
# 3aee7099	23-May-2017	Andrey V. Elsukov <ae@FreeBSD.org>	Fix possible double releasing for SA and SP references. There are two possible ways how crypto callback are called: directly from caller and deffered from crypto thread. For outbound packets the di Fix possible double releasing for SA and SP references. There are two possible ways how crypto callback are called: directly from caller and deffered from crypto thread. For outbound packets the direct call chain is the following: IPSEC_OUTPUT() method -> ipsec[46]_common_output() -> -> ipsec[46]_perform_request() -> xform_output() -> -> crypto_dispatch() -> crypto_invoke() -> crypto_done() -> -> xform_output_cb() -> ipsec_process_done() -> ip[6]_output(). The SA and SP references are held while crypto processing is not finished. The error handling code wrongly expected that crypto callback always called from the crypto thread context, and it did references releasing in xform_output_cb(). But when the crypto callback called directly, in case of error the error handling code in ipsec[46]_perform_request() also did references releasing. To fix this, remove error handling from ipsec[46]_perform_request() and do it in xform_output() before crypto_dispatch(). MFC after: 10 days show more ...
1 2 3 4 5 6 789 10 >>...26