PRISON_ROOT to the suser_xxx() check. Since securelevels may now
be raised in specific jails, use of system flags can still be
restricted in jail(), but in a more configurable way.
o Users of jail() expecting system flags (such as schg) to restrict
jail()'s should be sure to set the securelevel appropriately in
jail()'s.
o This fixes activities involving automated system flag removal in
jail(), including installkernel and friends.
Obtained from: TrustedBSD Project
securelevel_gt(), determine first if a local securelevel exists --
if so, perform the check based on imax(local, global). Otherwise,
simply use the global value.
o Note: even though local securelevels might lag below the global one,
if the global value is updated to higher than local values, maximum
will still be used, making the global dominant even if there is local
lag.
Obtained from: TrustedBSD Project
one is present in the current jail, otherwise, to return the global
securelevel.
o If the securelevel is being updated, require that it be greater than
the maximum of local and global, if a local securelevel exists,
otherwise, just maximum of the global. If there is a local
securelevel, update the local one instead of the global one.
o Note: this does allow local securelevels to lag behind the global one
as long as the local one is not updated following a global increase.
Obtained from: TrustedBSD Project
a time change, and callers so that they provide td->td_proc.
o Modify settime() to use securevel_gt() for securelevel checking.
Obtained from: TrustedBSD Project
in vn_rdwr_inchunks(), allowing other processes to gain an exclusive
lock on the vnode. Specifically: directory scanning, to avoid a race to the
root directory, and multiple child processes coring simultaniously so they
can figure out that some other core'ing child has an exclusive adv lock and
just exit instead.
This completely fixes performance problems when large programs core. You
can have hundreds of copies (forked children) of the same binary core all
at once and not notice.
MFC after: 3 days
We still have to account for a copyin. Make sure the copyin will
succeed by passing the FreeBSD syscall a pointer to userspace,
albeit one that's automagically mapped into kernel space.
Reported by: mr, Mitsuru IWASAKI <iwasaki@jp.FreeBSD.org>
Tested by: Mitsuru IWASAKI <iwasaki@jp.FreeBSD.org>
with weird PCI-PCI bridge configurations to work. Defining
PCI_ALLOW_UNSUPPORTED_IO_RANGE causes the sanity checks to pass even
with out of range values.
Reviewed by: msmith
for securelevel_ge() and securelevel_gt(), I was a little surprised,
but fixed it. Turns out that it was the code that was inverted, during
a whitespace cleanup in my commit tree. This commit inverts the
checks, and restores the comment.
This fixed the problem on the 3 platforms I've been able to test on.
I'm still of the oppinion that the BIOS should take care of this,
however some board makers only apply this when they spot a
SBLive! soundcard, but the problem exists even without a SBLive!.
This fix should probably go somewhere else, but for now I'll
keep it here since we havn't got a central place to put
such things.
problems currently experienced in -CURRENT.
This should fix the problem that the PS/2 mouse is detected
twice if the acpi module is not loaded on some systems.
refering to securelevels; also, update the unprivileged process text
to better indicate the scope of actions permittable when any system
flags are already set (limited).
Submitted by: Udo Schweigert <udo.schweigert@siemens.com>
sizeof(struct inode) into a new malloc bucket on the i386. This
didn't happen in -current due to the removal of i_lock, but it does
no harm to apply the workaround to -current first.
Reduce the size of the i_spare[] array in struct inode from 4 to
3 entries, and change ext2fs to use i_din.di_spare[1] so that it
does not need i_spare[3].
Reviewed by: bde
MFC after: 3 days
we're at least consistent with what tcsendbreak(3) is documented
to do.
MFC after: 2 weeks
Note, the MFC will be to sys/dev/dgb/dgm.c on the RELENG_4 branch
I am not sure if this is absolutely necessary on all systems. Yet,
there certainly are motherboards and notebook systems which require
this, although there are other systems which just don't. I hope we
shall know when to do this on which systems, as the development of our
ACPI subsystem progresses... (I know we didn't need this for the APM
resume.)
all the debugging code into the function versions of the mutex operations
in kern_mutex.c. This reduced the __mtx_* macros to simply wrappers of
the _{get,rel}_lock_* macros, so the __mtx_* macros were also abolished in
favor of just calling the _{get,rel}_lock_* macros. The tangled hairy mass
of macros calling macros is at least a bit more sane now.
* Don't get confused when memory regions don't lie on page boundaries -
remember our page size is typically larger than the firmware's page size.
* Add a function ia64_running_in_simulator() which is intended to detect
whether the kernel is running in SKI or on real hardware.
ppc to go into EPP mode. These 8 inputs are timestamped in polled
loop so their resolution will be nanoseconds but their granularity
will only be 1/hz.
selrecord() in ptcpoll(). The pre-KSE code used the passed in proc pointer
rather than curproc, and an earlier seltrue() call uses the passed in
thread and not curthread.
was locked by the proc lock and td_flags is locked by the sched_lock.
The places that read, set, and cleared TDF_SELECT weren't updated, so they
read and modified td_flags w/o holding the sched_lock, meaning that they
could corrupt the per-thread flags field. As an immediate band-aid,
grab sched_lock while reading and manipulating td_flags in relation to
TDF_SELECT. This will probably be cleaned up some later on.
credentials rather than the real credentials. This is useful for
implementing GUI's which need to modify icons based on access rights,
but where use of open(2) is too expensive, use of stat(2) doesn't
reflect the file system's real protection model, and use of
access() suffers from real/effective credential confusion. This
implementation provides the same semantics as the call of the same
name on SCO OpenServer. Note: using this call improperly can
leave you subject to some of the same races present in the
access(2) call.
o To implement this, break out the basic logic of access(2) into
vpaccess(), which accepts a passed credential to perform the
invocation of VOP_ACCESS(). Add eaccess(2) to invoke vpaccess(),
and modify access(2) to use vpaccess().
Obtained from: TrustedBSD Project
- SC_CUT_SPACES2TABS - when copying text into the cut buffer convert leading
spaces into the tabs;
- SC_CUT_SEPCHARS="XYZ" - treat supplied characters as possible words
separators when the driver searches for words boundaries when doing cut
operation.
Also unify cut code a bit to decrease amount of duplicated code. This fixes
line cut mode, so that it is no longer pads line with useless spaces.
Approved by: ru
as a physical atomic operation. That would require the code to use the
atomic API, which it does not. Instead, the operation is made psuedo
atomic (hence the quotes) by use of the lock to protect clearing all of the
flags in question.
NAT in extended passive mode if the server's public IP address was
different from the main NAT address. This caused a wrong aliasing
link to be created that did not route the incoming packets back to
the original IP address of the server.
natd -v -n pub0 -redirect_address localFTP publicFTP
Note that even if localFTP == publicFTP, one still needs to supply
the -redirect_address directive. It is needed as a helper because
extended passive mode's 229 reply does not contain the IP address.
MFC after: 1 week
o Move initialization of the slot bst and bsh to inside the for loop.
o move sc there as well.
o Remove debug printf that prints the ID of the first slot twice.
o Use the sp for the relevant slot in getb, rather than for the 0th slot.
the size of the kernel virtual address space relatively painlessly.
Userland will adapt via the exported kernbase symbol. Increasing
this causes the user part of address space to reduce.
and speed. No new functionality added (yet) apart from a bugfix.
MFC will occur in due time and probably in stages.
BUGFIX: fix a problem in old code which prevented reallocation of
the hash table for dynamic rules (there is a PR on this).
OTHER CHANGES: minor changes to the internal struct for static and dynamic rules.
Requires rebuild of ipfw binary.
Add comments to show how data structures are linked together.
(It probably makes no sense to keep the chain pointers separate
from actual rule descriptors. They will be hopefully merged soon.
keep a (sysctl-readable) counter for the number of static rules,
to speed up IP_FW_GET operations
initial support for a "grace time" for expired connections, so we
can set timeouts for closing connections to much shorter times.
merge zero_entry() and resetlog_entry(), they use basically the
same code.
clean up and reduce replication of code for removing rules,
both for readability and code size.
introduce a separate lifetime for dynamic UDP rules.
fix a problem in old code which prevented reallocation of
the hash table for dynamic rules (PR ...)
restructure dynamic rule descriptors
introduce some local variables to avoid multiple dereferencing of
pointer chains (reduces code size and hopefully increases speed).
seems to set up memory spaces correctly. This change actually did work for
me using -STABLE, XFree86 4.0.3 ~ some snapshot of DRI awhile back. I sent
mail to dfr to no avail, perhaps someone else would like to test it with
DRI.
Anyway, people have been nagging me about this change for awhile, so here's
the commit.
of the rxeoc handler for now. The rxeoc handler will reset the link,
and the NatSemi chip's RX FIFO will overflow on a 32-bit bus once you
start hitting it with 500Mbps or more of traffic.
Also increase the size of the RX ring to 128 descriptors (was 64).
a vm86trapframe for switching to vm86 [unlikely] while exiting.
I lost this when doing the pcb move that went in with the KSE commit.
Reviewed by: jake
Yes this really is rather silly and the implementation is overkill given
that you are only allowed one of them, but NetBSD implements cloning on
this device and it's a less cluttered example of cloning then most.
will be private to each CPU.
- Re-style(9) the globaldata structures. There really needs to be a MI
struct pcpu that has a MD struct mdpcpu member at some point.
needlessly repeating the indirection in several places. Half of the places
used td->td_proc, and half used p. They are now consistent with each other
and all use p.
abstract the securelevel implementation details from the checking
code. The call in -CURRENT accepts a struct ucred--in -STABLE, it
will accept struct proc. This facilitates the upcoming commit of
per-jail securelevel support. The calls will also generate a
kernel printf if the calls are made with NULL ucred/proc pointers:
generally speaking, there are few instances of this, and they should
be fixed.
o Update p_candebug() to use securelevel_gt(); future updates to the
remainder of the kernel tree will be committed soon.
Obtained from: TrustedBSD Project
will pass NULL as the struct proc when td is NULL. This has stopped
crashing on my machine.
Note: The passing of NULL may be bogus, but I'll let others fix that
problem.
Reviewed by: jhb
is turned off by default and could be enabled by defining LOADER_BZIP2_SUPPORT
make variable. Also make gzip support optional (turned on by default) -
it could be turned off via LOADER_NO_GZIP_SUPPORT make variable.
Please note, that due to limit on the amount of memory available to the
loader(8), it is possible to load modules/kernels compressed with the smallest
block size supported by the bzip2 - 100k (`-1' bzip2(1) option), however
even in this mode bzip2(1) usually provides better compression ratio than
gzip(1) in its best compression mode.
MFC after: 1 month
