PDU larger then 48k will result in a session reset while ASPA records
with more than 10'000 entries will be implicitly withdrawn.
Also truncate RTR error PDUs to only include 256 bytes of the faulty PDU.
It makes no sense to include more to identify the issue.
OK tb@
record over to RTR or the RDE.
The long term goal is to increase the IMSG size considerably but that
requires some additional API changes to the imsg API.
OK tb@
If no struct route is passed to ip_output() or ip6_output(), it
uses its own iproute on the stack. In that case any route entry
in the local route cache has to be freed. After pf decides to
reroute, struct route is reset to NULL. Then the route reference
counter has to be released. Call rtfree() without needless NULL
check.
OK mvs@
For simple capabilities this just adds enforce to the yes/no option of the
announce statement. For multi-protocol capabilities and add-path there is
an extra keyword. On top of this for add-path the enforcement requires the
neighbor to send a matching capability, e.g
'announce add-path recv enforce' requires the other side to send any
'announce add-path send XYZ' capability.
This is mainly to enforce as-4byte and extra multi-protocol capabilities.
OK denis@ tb@
This cache was added because our time conversion used timegm()
and gmtime() which aren't very cheap. These calls were noticably
expensive when profiling things like rpki-client which do many
X.509 validations.
Now that we convert times using julien seconds from the unix
epoch, BoringSSL style, instead of a julien days from a
Byzantine date, we no longer use timegm() and gmtime().
Since the julien seconds calculaitons are cheap for conversion,
we don't need to bother caching this, it doesn't have a noticable
performance impact.
While we are at this correct a bug where
x509_verify_asn1_time_to_time_t was not NULL safe.
Tested for performance regressions by tb@ and job@
ok tb@ job@
This code was #if 0, except for instruction misses where it had been enabled
probably by mistake... and was demapping in the data mmu anyway...
(#include <facepalm.h>)
ok kettenis@
it had sense in the early days of the sparc64 port, this code has bitrotten
and is getting in the way. Time for a visit to the Attic.
This removes:
- interrupt handling debug code (forcing hz = 1, probably broken since years).
- unused or too invasive DEBUG code which noone will ever use in this state.
- #if 0 code blocks which have been this way since locore.s revision 1.1 and
will never get enabled.
ok kettenis@
- one macro for the inline pseg_get logic used in various MMU trap handlers.
- one macro for the TSB locking logic in various PTE update routines.
- one macro for the sun4v rwindow content saving.
ok kettenis@
This makes it where people can't put dumb values in certs without
trying harder, and changes the regress to test this.
GENERALIZED times outside of the RFC5280 spec are required for OCSP
but these should be constructed with the GENERALIZED time string
setters.
ok tb@
The previous approach introduced a cap, but it might not always be hit as
intended (I missed this on review). Fix this to check the cap after merging
an ASPA into an already existing VAP. Also free the list of providers since
nothing should be looking at it anymore.
Count VAPs that hit the limit with a new overflowed counter. There are
still a few aspects of the accounting that probably aren't entirely right.
This will be fixed at another point. It's just statistics after all.
with/ok claudio, ok job
is indicated by a "dma-noncoherent" property on the bus or device nodes
in the device tree. Set the BUS_DMA_COHERENT flag on the DMA tag for
mainbus(4) and modify the flags based on the presence of "dma-coherent"
and "dma-noncoherent" properties where appropriate.
ok patrick@
This is an API to add an OID attribute to the set of SMIMECapabilities.
While attributes are complicated in general, this only supports simple
capabilities encoded as an OID with an optional integer parameter (e.g.,
the key size of a cipher).
Make this API transactional, i.e., don't leave a new empty set behind on
failure or leak the key size if setting the parameter on the X509_ALGOR
fails.
Also convert to single exit and add a doc comment with a reference.
ok beck
attributes, the "direct map" becomes problematic as it results in
mappings for the same physical memory pages with different cachability
addresses. The RISC-V specification of the "Svpbmt" extension doesn't
outright state that this is "verboten" like on some other
architectures that we support. But it does say that it may result in
access with the wrong attributes. So restrict the use of the direct
map to just mapping the 64MB block that the bootloader loaded us into.
To make this possible map the device tree later like we do on arm64.
This allows us to get rid of some assembly code in locore.S as a bonus!
ok miod@, jca@
Reading sysctl mrt_sysctl_mfc() allocates memory to be copied back
to user. Chunks of struct mfcinfo are copied from routing table
to linear heap memory. If the allocated memory was not a multiple
the struct size, a struct mfcinfo could be copied to a partially
unallocated destination. Check that the end of the struct is within
the allocation.
From Alfredo Ortega; OK claudio@
All events are currently exported to userland in order to support complex
filters. If this becomes a bottleneck it should be possible to translate
(some) user-land filters to in-kernel fitlers.
Prodded by a diff from Christian Ludwig to also trace the tracing program.
ok claudio@
uvm_anon_release() is always called for anon that have an associated page so
decrementing `uvmexp.swpgonly' is incorrect. This happened because the page
was cleared before calling uvm_anfree().
Reported by many including mvs@, miod@ and robert@
ok kettenis@, miod@
The number of providers in a single ASPA object already was limited to
MAX_ASPA_PROVIDERS, now also impose a limit on the total number of providers
across multiple ASPA objects. If the MAX_ASPA_PROVIDERS limit is hit, omit
the Customer ASID's entry from OpenBGPD and JSON output.
OK tb@
