===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/74.html,v
retrieving revision 1.90
retrieving revision 1.91
diff -c -r1.90 -r1.91
*** www/74.html 2023/10/15 11:13:48 1.90
--- www/74.html 2023/10/15 11:40:11 1.91
***************
*** 134,141 ****
of pf(4) and with
parallelisation of the network stack in the future.
The protocol remains compatible with the older version.
! Removed kernel locks from the ARP input path.
! Pulled MP-safe arprequest() out of kernel lock.
Remove the kernel lock from IPv6 neighbor discovery.
Unlock more parts of ioctl(2) and the pf(4) and with
parallelisation of the network stack in the future.
The protocol remains compatible with the older version.
! Remove kernel locks from the ARP input path.
! Pull MP-safe arprequest() out of kernel lock.
Remove the kernel lock from IPv6 neighbor discovery.
Unlock more parts of ioctl(2) and the Direct Rendering Manager and graphics drivers
! - Updated drm(4)
! to Linux 6.1.55
- Don't change end marker in sg_set_page(). Caused bad memory accesses
when using page flipping on Alder Lake and Raptor Lake.
--- 145,152 ----
Direct Rendering Manager and graphics drivers
! - Update drm(4)
! to Linux 6.1.55.
- Don't change end marker in sg_set_page(). Caused bad memory accesses
when using page flipping on Alder Lake and Raptor Lake.
***************
*** 485,494 ****
work on a Banana Pi BPI-R2 Pro.
In umcs(4), set
parity bits correctly.
! Enabled the caps lock LED on modern Apple laptop keyboards.
Add support for Rockchip "cryptov2-rng" random number generator in
rkrng(4).
! Fixed cpuperf on the Apple M2 Pro/Max.
Add support for the PCIe controller found on Apple M2 Pro/Max SoCs.
Add support for enabling both the USB2 and USB3 PHYs in
xhci(4) with device tree.
--- 485,494 ----
work on a Banana Pi BPI-R2 Pro.
In umcs(4), set
parity bits correctly.
! Enable the caps lock LED on modern Apple laptop keyboards.
Add support for Rockchip "cryptov2-rng" random number generator in
rkrng(4).
! Fix cpuperf on the Apple M2 Pro/Max.
Add support for the PCIe controller found on Apple M2 Pro/Max SoCs.
Add support for enabling both the USB2 and USB3 PHYs in
xhci(4) with device tree.
***************
*** 784,801 ****
lo(4) interfaces.
Convert the tcp_now() time counter to 64 bits to avoid 32 bits
wrap around after changing tcp_now() ticks to milliseconds.
! Added initial support for route-based ipsec vpns.
! Rather than use ipsec flows (aka, entries in the ipsec security
policy database) to decide which traffic should be encapsulated in
! ipsec and sent to a peer, this changes security associations (SAs)
! so they can also refer to a tunnel interface. When traffic is routed
! over that tunnel interface, an ipsec SA is looked up and used to
encapsulate traffic before being sent to the peer on the SA. When
! traffic is received from a peer using an interface SA, the specified
interface is looked up and the packet is handed to it so it looks
like packets come out of the tunnel.
Add sec(4) to support
! route based ipsec vpns.
Introduce reference counting for TCP syn cache entries.
Have wg(4) copy the
priority from the inner packet to the outer encrypted packet, so that
--- 784,801 ----
lo(4) interfaces.
Convert the tcp_now() time counter to 64 bits to avoid 32 bits
wrap around after changing tcp_now() ticks to milliseconds.
! Add initial support for route-based IPsec VPNs.
! Rather than use IPsec flows (aka, entries in the IPsec security
policy database) to decide which traffic should be encapsulated in
! IPsec and sent to a peer, this changes security associations (SAs)
! so they can also refer to a tunnel interface. When traffic is routed
! over that tunnel interface, an IPsec SA is looked up and used to
encapsulate traffic before being sent to the peer on the SA. When
! traffic is received from a peer using an interface SA, the specified
interface is looked up and the packet is handed to it so it looks
like packets come out of the tunnel.
Add sec(4) to support
! route based IPsec VPNs.
Introduce reference counting for TCP syn cache entries.
Have wg(4) copy the
priority from the inner packet to the outer encrypted packet, so that
***************
*** 825,834 ****
i2d_ECDSA_SIG(3).
In ipsecctl(8),
! support route-based IPSec VPN negotiation with
sec(4).
In isakmpd(8),
! support configuring interface SAs for route-based IPSec VPNs.
In isakmpd(8)
quick mode, do not crash with a NULL pointer
access when a group description is specified but it is invalid,
--- 825,834 ----
i2d_ECDSA_SIG(3).
In ipsecctl(8),
! support route-based IPsec VPN negotiation with
sec(4).
In isakmpd(8),
! support configuring interface SAs for route-based IPsec VPNs.
In isakmpd(8)
quick mode, do not crash with a NULL pointer
access when a group description is specified but it is invalid,
***************
*** 864,870 ****
Limit the socket buffer size to 64k for all sessions.
Limiting the buffer size to a reasonable size ensures that not
too many updates end up queued in the TCP stack.
! Adjusted example GRACEFUL_SHUTDOWN filter rule in
the example config to only match on ebgp sessions.
--- 864,870 ----
Limit the socket buffer size to 64k for all sessions.
Limiting the buffer size to a reasonable size ensures that not
too many updates end up queued in the TCP stack.
! Adjust example GRACEFUL_SHUTDOWN filter rule in
the example config to only match on ebgp sessions.