svn commit: r340929 - head/sys/dev/sfxge/common
Andrew Rybchenko
arybchik at FreeBSD.org
Mon Nov 26 07:15:20 UTC 2018
Author: arybchik
Date: Mon Nov 26 07:15:19 2018
New Revision: 340929
URL: https://svnweb.freebsd.org/changeset/base/340929
Log:
sfxge(4): regenerate files with genfwdef after ID update
Add security level to image boot header.
Submitted by: Andrew Jackson <ajackson at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D18289
Modified:
head/sys/dev/sfxge/common/siena_flash.h
Modified: head/sys/dev/sfxge/common/siena_flash.h
==============================================================================
--- head/sys/dev/sfxge/common/siena_flash.h Mon Nov 26 06:20:13 2018 (r340928)
+++ head/sys/dev/sfxge/common/siena_flash.h Mon Nov 26 07:15:19 2018 (r340929)
@@ -131,7 +131,14 @@ typedef struct siena_mc_boot_hdr_s { /* GENERATED BY
/* the key, or 0xffff if unsigned. (Otherwise set to 0) */
efx_byte_t mumfw_subtype; /* MUM & SUC images: subtype. (Otherwise set to 0) */
efx_byte_t reserved_b[3]; /* (set to 0) */
- efx_dword_t reserved_c[6]; /* (set to 0) */
+ efx_dword_t security_level; /* This number increases every time a serious security flaw */
+ /* is fixed. A secure NIC may not downgrade to any image */
+ /* with a lower security level than the current image. */
+ /* Note: The number in this header should only be used for */
+ /* determining the level of new images, not to determine */
+ /* the level of the current image as this header is not */
+ /* protected by a CMAC. */
+ efx_dword_t reserved_c[5]; /* (set to 0) */
} siena_mc_boot_hdr_t;
#define SIENA_MC_BOOT_HDR_PADDING \
More information about the svn-src-all
mailing list