Re: CVS commit: src/sys/net
On 24.06.2011 08:45, YAMAMOTO Takashi wrote: hi, Module Name:src Committed By: kefren Date: Tue Jun 21 14:30:20 UTC 2011 Modified Files: src/sys/net: if_mpls.c Log Message: learn mpls interface how to prepend multiple shims by using a vector of smpls_addrs in sockaddr_mpls. The number of smpls_addrs is found from smpls_len. First label encountered is BoS. XXX: need to do the same for LSE and this feature needs to be documented. what will use this? (just curious) YAMAMOTO Takashi To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/sys/net/if_mpls.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Hi, Hopefully a future implementation of BGP/MPLS IP VPN. -- Mihai
Re: CVS commit: src/sys/net
hi, > Module Name: src > Committed By: kefren > Date: Tue Jun 21 14:30:20 UTC 2011 > > Modified Files: > src/sys/net: if_mpls.c > > Log Message: > learn mpls interface how to prepend multiple shims by using a vector of > smpls_addrs in sockaddr_mpls. The number of smpls_addrs is found from > smpls_len. First label encountered is BoS. > XXX: need to do the same for LSE and this feature needs to be documented. what will use this? (just curious) YAMAMOTO Takashi > > > To generate a diff of this commit: > cvs rdiff -u -r1.5 -r1.6 src/sys/net/if_mpls.c > > Please note that diffs are not public domain; they are subject to the > copyright notices on the relevant files.
Re: CVS commit: src/sys/arch/evbppc/conf
On Jun 23, 2011, at 6:50 PM, Christos Zoulas wrote: > In article <20110624004847.8a0ce17...@cvs.netbsd.org>, > Matt Thomas wrote: >> -=-=-=-=-=- >> >> Module Name: src >> Committed By:matt >> Date:Fri Jun 24 00:48:47 UTC 2011 >> >> Modified Files: >> src/sys/arch/evbppc/conf: RB800 >> >> Log Message: >> Turn on PAX_ASLR > > I am fine with that, just 2 comments. > - to fully take advantage of ASLR you need MKPIE=yes so that the text > and data segments get randomized too. Already doing that. Pretty certain I'm the only one using RB800 so ... I want to do some timings to compare MKPIE=yes against MKPIE=no. > - just using options PAX_ASLR is probably safer and you can then enable > it with: sysctl -w security.pax.aslr.enabled=1 PAX_ASLR requires a value.
Re: CVS commit: src/sys/uvm
"YAMAMOTO Takashi" wrote: > Module Name: src > Committed By: yamt > Date: Fri Jun 24 01:23:05 UTC 2011 > > Modified Files: > src/sys/uvm: uvm_anon.c > > Log Message: > uvm_anon_release: fix a locking error after the rmind-uvmplock merge > Thanks a lot! I have been hunting this for a while without positive result (apparently, just adding more regressions). -- Mindaugas
Re: CVS commit: src/sys/arch/evbppc/conf
In article <20110624004847.8a0ce17...@cvs.netbsd.org>, Matt Thomas wrote: >-=-=-=-=-=- > >Module Name: src >Committed By: matt >Date: Fri Jun 24 00:48:47 UTC 2011 > >Modified Files: > src/sys/arch/evbppc/conf: RB800 > >Log Message: >Turn on PAX_ASLR I am fine with that, just 2 comments. - to fully take advantage of ASLR you need MKPIE=yes so that the text and data segments get randomized too. - just using options PAX_ASLR is probably safer and you can then enable it with: sysctl -w security.pax.aslr.enabled=1 christos
Re: CVS commit: src/sys/uvm
tsugutomo.en...@jp.sony.com wrote: > > Modified Files: > > src/sys/uvm: uvm_amap.c > > > > Log Message: > > Clean-up, add asserts, slightly simplify. > > > > > > To generate a diff of this commit: > > cvs rdiff -u -r1.95 -r1.96 src/sys/uvm/uvm_amap.c > > In amap_copy(), I guess map entry may be clipped and need to recompute > entry->end - entry->start after that. Yes.. fixed. Thanks! -- Mindaugas
Re: CVS commit: src/sys/uvm
Mindaugas Rasiukevicius writes: > Module Name: src > Committed By: rmind > Date: Thu Jun 23 18:15:30 UTC 2011 > > Modified Files: > src/sys/uvm: uvm_amap.c > > Log Message: > Clean-up, add asserts, slightly simplify. > > > To generate a diff of this commit: > cvs rdiff -u -r1.95 -r1.96 src/sys/uvm/uvm_amap.c In amap_copy(), I guess map entry may be clipped and need to recompute entry->end - entry->start after that. enami.
Re: CVS commit: src/sys/miscfs/procfs
On Thu, Jun 23, 2011 at 07:55:49PM +, Christos Zoulas wrote: > >...as opposed to, say, running /usr/bin/pmap? > > > >(I've long thought that should be restricted to root, or at least only > >to one's own non-setugid processes.) > > I am in the process of fixing that too, stay tuned. Yay :-) -- David A. Holland dholl...@netbsd.org
Re: CVS commit: src/sys/miscfs/procfs
In article <20110623190949.gb4...@netbsd.org>, David Holland wrote: >On Thu, Jun 23, 2011 at 01:06:38PM -0400, Christos Zoulas wrote: > > Modified Files: > > src/sys/miscfs/procfs: procfs_vnops.c > > > > Log Message: > > From Aleksey Cheusov: Don't make it easy for compromised systems to bypass > > ASLR protections by providing the mapping addresses of programs to everyone. > >...as opposed to, say, running /usr/bin/pmap? > >(I've long thought that should be restricted to root, or at least only >to one's own non-setugid processes.) I am in the process of fixing that too, stay tuned. christos
Re: CVS commit: src/sys/miscfs/procfs
On Thu, Jun 23, 2011 at 01:06:38PM -0400, Christos Zoulas wrote: > Modified Files: > src/sys/miscfs/procfs: procfs_vnops.c > > Log Message: > From Aleksey Cheusov: Don't make it easy for compromised systems to bypass > ASLR protections by providing the mapping addresses of programs to everyone. ...as opposed to, say, running /usr/bin/pmap? (I've long thought that should be restricted to root, or at least only to one's own non-setugid processes.) -- David A. Holland dholl...@netbsd.org
Re: CVS commit: src/sys
On Thu, Jun 23, 2011 at 09:00:37PM +1000, matthew green wrote: > > > Switch to using the common > > > > Erm, do we really want to use "src/sys/common" for this, given that > > the prior art for "common" (src/common) means something entirely > > different? > > > > (also, there's been some loose talk about moving src/common to > > src/sys/common) > > indeed, i'd rather that the MI pmap code lived under sys/uvm somewhere. yes, that. -- David A. Holland dholl...@netbsd.org
re: CVS commit: src/sys
> On Thu, Jun 23, 2011 at 01:27:21AM +, Matt Thomas wrote: > > Modified Files: > >src/sys/arch/evbppc/mpc85xx: machdep.c > >src/sys/arch/powerpc/booke: booke_stubs.c e500_tlb.c > >src/sys/arch/powerpc/include: types.h > >src/sys/arch/powerpc/include/booke: cpuvar.h pte.h > >src/sys/common/pmap/tlb: pmap_tlb.c > > > > Log Message: > > Switch to using the common > > Erm, do we really want to use "src/sys/common" for this, given that > the prior art for "common" (src/common) means something entirely > different? > > (also, there's been some loose talk about moving src/common to > src/sys/common) indeed, i'd rather that the MI pmap code lived under sys/uvm somewhere. .mrg.
