that device add/remove will work without usbd running. usbd is still
used for execing stuff, but that is all now. Ideally it could be replaced
by a devd some day. Until now, usbd had to be running so that the
USB_DISCOVER ioctl could be called to walk the tree when an attachment
status change was noticed.
Among the changes:
- when a detach happens, remove any pending 'attach' messages or the system
suffers from whiplash from exec moused / kill moused loops if you do lots
of attach/detach and later start usbd.
- tweaks related to kthread differences
- disable the select handler for the old interface (never return success).
I have not removed it yet or old usbd's will abort. That can get removed
later once usbd is cleaned up and things have stabilized for a few weeks.
- get Giant in the kthread.
- a couple of minor potential bug fixes (usb_nevents vs malloc failure etc)
Pre-approved by: n_hibma (ages and ages ago)
One way we can reduce the amount of traffic we send in response to a SYN
flood is to eliminate the RST we send when removing a connection from
the listen queue. Since we are being flooded, we can assume that the
majority of connections in the queue are bogus. Our RST is unwanted
by these hosts, just as our SYN-ACK was. Genuine connection attempts
will result in hosts responding to our SYN-ACK with an ACK packet. We
will automatically return a RST response to their ACK when it gets to us
if the connection has been dropped, so the early RST doesn't serve the
genuine class of connections much. In summary, we can reduce the number
of packets we send by a factor of two without any loss in functionality
by ensuring that RST packets are not sent when dropping a connection
from the listen queue.
Submitted by: Mike Silbersack <silby@silby.com>
Reviewed by: jesper
MFC after: 2 weeks
not behaving correctly. Fix by attaching to the correct socket.
Also call so{rw}wakeup in addition to the fifo wakeup, so that any
kqfilters attached to the socket buffer get poked.
is usually (always?) used in expressions like (KTR_COMPILE & KTR_FOO).
Defining it as KTR_INTR|KTR_PROC gave the wrong value in approximately
8497 places according to error output for compiling LINT.
ep driver. The rest of the patch will wait until I can put the time
into it to get it righter than the kludge it is.
This protects us against card eject problems at all times,e xecpt when
we're in the epintr ISR.
PCN_BCR_CLRBIT(sc, PCN_BCR_MIICTL, PCN_MIICTL_DANAS);
should be:
PCN_BCR_SETBIT(sc, PCN_BCR_MIICTL, PCN_MIICTL_DANAS);
Turning this bit on is what disables MII autoneg, not turning it off.
Without this, manually setting the media doesn't work.
Noticed by: Jim Browne <jbrowne@jbrowne.com>
true. This permits better interoperability with programs which register
filters on their stdin/stdout handles.
Submitted by: Niels Provos <provos@citi.umich.edu>
I think bde even reviewed it once.
Also, change the name of ActionTEC pat to more generic Lucent Kermit
chip. Add stub for Xircom card. Add cardbus attachment too.
compliant. All the variable definitions and function names are
reasonably consistent, and the functions which should be static (i.e.,
all of them) are. Other assorted fixes were made. The majority of
the delta is indentation fixes.
Partially reviewed by: bde
incorrect due to a missing check for some dependency. This change
avoids the freelist corruption (but not the temporarily inconsistent
state of the file system).
A message is printed as a reminder of the under lying problem when a
pagedep structure is not freed due to the NEWBLOCK flag being set.
Submitted by: Tor.Egge@fast.no
can be made userland-visible as <dev/ic/...>. Also, those files are
not supposed to contain any bus-specific details at all, so placing
them under .../isa/ has been a misnomer from the beginning.
The files in src/sys/dev/ic/ have been repo-copied from their old
location (this commit is a forced null commit there to record this
message).
elected to do this in the probe rather than the attach so that we don't
disturb things which this might reset. different cards have different
quirks, according to their datasheets.
This should fix the "I booted in windows and rebooted to FreeBSD and
now things don't work" problem.
PR: 4847, 20670
route in ifa_ifwithroute(), as the last resort, look up the route to
the gateway, not destination (to derive the interface from).
PR: kern/27852
Submitted by: Iasen Kostoff <tbyte@tbyte.org>
MFC after: 2 weeks
card bus bridges.
We now always use pci interrupts for pci cards. This will allow us to
more easily configure things. You must change your IRQ lines in
/etc/pccard.conf to match what we've probed. I'm not sure the right
way to deal with this right now.
Development of pci pcmcia has been funded by Monzoon Networks AG. I
am grateful for their generosity.
certain cases, and a close() by another process could potentially rip the
pipe out from under the (blocked) locking operation.
Reported-by: Alexander Viro <viro@math.psu.edu>
for card change interrupts is different than the pci stuff that's
coming soon. Set the management irq in different ways. If
pci_parallel interrutp routing, then use the PCI way of getting
interrupts. Move polling mode into pcic_isa since when we're routing
via pci polling doesn't work because many bridges (systems hang solid).
If we're routing interrupts via pci, they can be shared, so flag them
as such.
Note, this doesn't actually change anything since the pci attachment
isn't quite ready to be committed.
A attacker sending a lot of bogus fragmented packets to the target
(with different IPv4 identification field - ip_id), may be able
to put the target machine into mbuf starvation state.
By setting a upper limit on the number of reassembly queues we
prevent this situation.
This upper limit is controlled by the new sysctl
net.inet.ip.maxfragpackets which defaults to 200,
as the IPv6 case, this should be sufficient for most
systmes, but you might want to increase it if you have
lots of TCP sessions.
I'm working on making the default value dependent on
nmbclusters.
If you want old behaviour (no upper limit) set this sysctl
to a negative value.
If you don't want to accept any fragments (not recommended)
set the sysctl to 0 (zero).
Obtained from: NetBSD
MFC after: 1 week
if_up() must be called at splnet or higher.
Second, set the IFF_RUNNING flag on an interface after its
resources (i.e. tunnel source and destination addresses)
have been set. Note that we don't set IFF_UP because it is
if_up()'s job to do that.
PR: kern/27851
Submitted by: Horacio J. PeÓa <horape@compendium.com.ar>
The 3C509-TX card apparently had a slightly different version of the
chip, and has problems when this register is set. The problem does
not appear on the 3C509{BC} cards, but since only the fxp driver needs
specific bits set, conditionalize on that.
canonical: define a versioned struct xswdev, and add a sysctl node
handler that allows the user to get this structure for a certain device
index by specifying this index as last element of the MIB.
This new node handler, vm.swap_info, replaces the old vm.nswapdev
and vm.swapdevX.* (where X was the index) sysctls.
memory I/O space. Otherwise, our resource allocation system might
mistakenly assign pccard, plug and play devices or other things
addresses that conflict with ROMs.
I cleaned up his code a little from the submited driver: style(9)
issues, commentary on why something that looks incorrect really is
correct. Also noted that while a checksum field is defined for the
ROMs, enough common hardware neglects it to make it not worthwhile
checking.
Submitted by: Nikolai Saoukh <nms@otdel-1.org>
PR: 22078
the interface conversion to platform.pci_intr_route(). I've left the
platform.pci_intr_route() function pointer in place, as well as
alpha_pci_route_interrupt(), but no platform currently implements it.
To work around the removal of alpha_platform_assign_pciintr(cfg);
from the pci probe code, I've hooked in calls to platform.pci_intr_map()
in pcib_read_config (similar to the x86 APIC_IO ifdef in pci_cfgregread)
for every chipset that has a platform which needs it.
While here, I've removed the interupt mapping/routing code from the
AS2x00 platform because its not required (it has never been present in
-stable).
Tested on: UP1000, Miata(GL), XP1000, AS2100, AS500
Only tun0 -> tun32767 may now be opened as struct ifnet's if_unit
is a short.
It's now possible to open /dev/tun and get a handle back for an available
tun device (use devname to find out what you got).
The implementation uses rman by popular demand (and against my judgement)
to track opened devices and uses the new dev_depends() to ensure that
all make_dev()d devices go away before the module is unloaded.
Reviewed by: phk
- move the sysctl code to kern_intr.c
- do not use INTRCNT_COUNT, but rather eintrcnt - intrcnt to determine
the length of the intrcnt array
- move the declarations of intrnames, eintrnames, intrcnt and eintrcnt
from machine-dependent include files to sys/interrupt.h
- remove the hw.nintr sysctl, it is not needed.
- fix various style bugs
Requested by: bde
Reviewed by: bde (some time ago)
This closes a minor information leak which allows a remote observer to
determine the rate at which the machine is generating packets, since the
default behaviour is to increment a counter for each packet sent.
Reviewed by: -net
Obtained from: OpenBSD
setting the 'max packet size' register in window 3. This only
works for cards based on the cyclone or newer chipsets (i.e. it
won't work with the original 3c905/boomerang cards).
There is a trick which will work with the boomerang, which is to turn
on the 'large packets ok' bit in the MAC control register, however this
lets the chip accept any frame up to 4K in length, which is larger than
the mbuf cluster buffers we use to receive frames. If somebody sends us
such a frame and the chip DMAs it to us, it could write past the end
of the cluster buffer and clobber something.
PR: kern/27742
A attacker sending a lot of bogus fragmented packets to the target
(with different IPv4 identification field - ip_id), may be able
to put the target machine into mbuf starvation state.
By setting a upper limit on the number of reassembly queues we
prevent this situation.
This upper limit is controlled by the new sysctl
net.inet.ip.maxfragpackets which defaults to NMBCLUSTERS/4
If you want old behaviour (no upper limit) set this sysctl
to a negative value.
If you don't want to accept any fragments (not recommended)
set the sysctl to 0 (zero)
Obtained from: NetBSD (partially)
MFC after: 1 week
all alphas with devices behind ppb's. I'm working on a better solution now.
Note that all alphas that use per-platform interrupt mapping are broken
again (as they have been for several months)
gigabit ethernet controller chip. This device is used on some
fiber optic gigE cards from SMC, D-Link and Addtron. Jumbograms and
TCP/IP checksum offload on receive are supported. Hardware VLAN
filtering is not, because it doesn't play well with our existing
VLAN code. Also add manual page.
There is a 4.x version of this driver available at
http://www.freebsd.org/~wpaul/Level1/4.x if anyone feels adventurous
and wants to test it. I still need to do performance testing and
tuning with this device.
(For my next trick, I will make the 3Com 3cR990 sit up and beg.)
any response to our third SYN to work-around some broken
terminal servers (most of which have hopefully been retired)
that have bad VJ header compression code which trashes TCP
segments containing unknown-to-them TCP options.
PR: kern/1689
Submitted by: jesper
Reviewed by: wollman
MFC after: 2 weeks
this works on cs4630 chips, and should implement the clkrun hack for
thinkpads- this will display diagnostic messages when triggered until its
correctness is established.
from cpu_switch(), curproc has been changed, but the sched_lock owner will
not be updated until we return to mi_switch(), thus we deadlock against
ourselves. As a workaround, push the acquire and release of sched_lock out
to the callers of set_user_ldt(). Note that we can't use a mtx_assert() in
set_user_ldt for the same reason.
Sleuting by: tmm
Tested by: tmm, dougb
For FTP control connection, keep the CRLF end-of-line termination
status in there.
Fixed the bug when the first FTP command in a session was ignored.
PR: 24048
MFC after: 1 week
* all members of msginfo from sysv_msg.c;
* msqids from sysv_msg.c;
* sema from sysv_sem.c; and
* shmsegs from sysv_shm.c;
These will be used by ipcs(1) in non-kvm mode.
Reviewed by: tmm
they can be used with cell operators like !.
As I did this, I noticed the whole CELL thing might have problems with
big endian architectures with sizeof(int)!=sizeof(void*).
UDP checksums too, not just IP. The chip only tells us if the checksum
is ok, it does not give us a copy of the partial checksum for later
processing. We have to deal with this the right way, but we can deal
with it.
- Use __func__ instead of __FUNCTION.
- Support power-off to S3 or S5 (takawata)
- Enable ACPI debugging earlier (with a sysinit)
- Fix a deadlock in the EC code (takawata)
- Improve arithmetic and reduce the risk of spurious wakeup in
AcpiOsSleep.
- Add AcpiOsGetThreadId.
- Simplify mutex code (still disabled).
attempting to remove nonexistant exports with MNT_DELEXPORT returns
an error; before this change it always succeeded. This caused
mountd(8) to log "can't delete exports for /whatever" warnings.
Change the error code from EINVAL to a more specific ENOENT, and
make mountd ignore this error when deleting the export list. I
could have just restored the previous behaviour of returning success,
but I think an error return is a useful diagnostic.
Reviewed by: phk
----
Make a device for each ISP- really usable only with devfs and add an ioctl
entry point (this can be used to (re)set debug levels, reset the HBA,
rescan the fabric, issue lips, etc).
----
Add in a kernel thread for Fibre Channel cards. The purpose of this
thread is to be woken up to clean up after Fibre Channel events
block things. Basically, any FC event that casts doubt on the
location or identify of FC devices blocks the queues. When, and
if, we get the PORT DATABASE CHANGED or NAME SERVER DATABASE CHANGED
async event, we activate the kthread which will then, in full thread
context, re-evaluate the local loop and/or the fabric. When it's
satisfied that things are stable, it can then release the blocked
queues and let commands flow again.
The prior mechanism was a lazy evaluation. That is, the next command
to come down the pipe after change events would pay the full price
for re-evaluation. And if this was done off of a softcall, it really
could hang up the system.
These changes brings the FreeBSD port more in line with the Solaris,
Linux and NetBSD ports. It also, more importantly, gets us being
more proactive about topology changes which could then be reflected
upwards to CAM so that the periph driver can be informed sooner
rather than later when things arrive or depart.
---
Add in the (correct) usage of locking macros- we now have lock transition
macros which allow us to transition from holding the CAM lock (Giant)
and grabbing the softc lock and vice versa. Switch over to having this
HBA do real locking. Some folks claim this won't be a win. They're right.
But you have to start somewhere, and this will begin to teach us how
to DTRT for HBAs, etc.
--
Start putting in prototype 2300 support. Add back in LIP
and Loop Reset as async events that each platform will handle.
Add in another int_bogus instrumentation point.
Do some more substantial target mode cleanups.
MFC after: 8 weeks
it becomes possible to trap in ptsstop() in kern/tty_pty.c
if the slave side has never been opened during the life of a kernel.
What happens is that calls to ttyflush() done from ptyioctl() for the
controlling side end up calling ptsstop() [via (*tp->t_stop)(tp, <X>)]
which evaluates the following:
struct pt_ioctl *pti = tp->t_dev->si_drv1;
In order for tp->t_dev to be set, the slave device must first be
opened in ttyopen() [kern/tty.c].
It appears that the only problem is calls to (*tp->t_stop)(tp, <n>),
so this could also happen with other ioctls initiated by the
controlling side before the slave has been opened.
PR: 27698
Submitted by: David Bein bein@netapp.com
MFC after: 6 days
it with vfsload("msdos").
(The proper fix would be to rename the `msdos' file system to
`msdosfs' in VFS_SET(), and mount_msdos(8) to mount_msdosfs(8).
But that would break too many existing fstab(5) setups, and
would require a lot of unnecessary documentation and code
msdos -> msdosfs changes.)
Noticed by: markm
csc_route and func_route to hold the way that each interrupt is
routed. csc is Card Status Change in the datasheets and standard, but
is called "Management Interrupt" in FreeBSDese. There are three types
of interrupt routing: ISA parallel, PCI parallel and ISA serial (some
chipsets support other types as well, but I don't plan on supporting
them).
When we try to allocate an interrupt, and the type for that interrupt
is pci_parallel, allow it to be shared by oring in RF_SHAREABLE to the
flags argument. Introduce pcic_alloc_resource to allow this to
happen.
file is processed by passing its name in argv[1]:
return(mod_loadobj(typestr, argv[1]));
however, it is not tested to see if argv[1] actually is defined.
At best, mod_loadobj() near line 244 returns an error like
"can't find 'garbage'" but if the "filename" entered is sufficiently
long, some buffer gets overrun. Of course, "load -t filename" is
actually a typo because we meant to type "load -t mfs_root filename";
nevertheless, a hung machine seems like too harsh a punishment for
such a small typo...
PR: i386/27693
Submitted by: Adrian Steinmann <ast@marabu.ch>
MFC after: 1 week
breakage:
- call PCIB_ROUTE_INTERRUPT() regardless of how valid the intline looks.
Some alphas leave garbage in the intline and leave the intr mapping
to OS platform support routines that map slots/buses to intlines
- Down in the alpha pci code, first try platform.pci_intr_route() and
if it doesn't exist or returns garbage, just read the intline out of
config space.
tested on AS500 (garbage in intline) and UP1000 (PC-like, intline is valid)
Note that a nice little hack like the APIC_IO section of pci_cfgregread()
is not workable. This is because the calling interface for
alpha_pci_route_interrupt() requires us to figure out the bus/slot/etc
from a device_t. At pci_read_device() time, we don't have a device_t
for the bus/slot/func in question.
instead of using two malloced arrays for storing channel lists, use an
slist. convert the sndstat device to use sbufs and optionally provide more
detail about channel state.
vchans are software mixed playback channels. they are not enabled by this
commit. they use the feeder infrastructure to emulate normal playback
channels in a manner transparent to applications, whilst providing as many
channels are desired, especially suitable for devices with only one hardware
playback channel. in the future they will provide additional features.
those wishing to test this functionality will need to add vchan.c to
sys/conf/files and use 'sysctl -w hw.snd.pcm0.vchans' to enable it.
blocksize and auto-rate selection are not yet supported.
SC_DEV isn't NULL; if it is, evaluate to NULL and don't dereference
NULL. Callers of VIRTUAL_TTY must already check for the result being
NULL since si_tty can be NULL, so this should be safe.
This fixes a panic when trying to switch to a different vty in an
environment such as userconfig (-c option to the kernel).
PR: 26508
the saved uid and gid during execve(). Unfortunately, the optimizations
were incorrect in the case where the credential was updated, skipping
the setting of the saved uid and gid when new credentials were generated.
This change corrects that problem by handling the newcred!=NULL case
correctly.
Reported/tested by: David Malone <dwmalone@maths.tcd.ie>
Obtained from: TrustedBSD Project
despite the fact that most people want to set exactly the same settings
regardless of which card they have. It has been repeatidly suggested
that this configuration should be done via ifconfig. This patch
implements the required functionality in ifconfig and add support to the
wi and an drivers. It also provides partial, untested support for the
awi driver.
PR: 25577
Submitted by: Brooks Davis <brooks@one-eyed-alien.net>
dev_t. The dev_depends(dev_t, dev_t) function is for tying them
to each other.
When destroy_dev() is called on a dev_t, all dev_t's depending
on it will also be destroyed (depth first order).
Rewrite the make_dev_alias() to use this dependency facility.
kern/subr_disk.c:
Make the disk mini-layer use dependencies to make sure all
relevant dev_t's are removed when the disk disappears.
Make the disk mini-layer precreate some magic sub devices
which the disk/slice/label code expects to be there.
kern/subr_disklabel.c:
Remove some now unneeded variables.
kern/subr_diskmbr.c:
Remove some ancient, commented out code.
kern/subr_diskslice.c:
Minor cleanup. Use name from dev_t instead of dsname()
by both OLDCARD and NEWCARD.
# didn't make the tables the same because oldcard supports more devices than
# newcard and newcard's 16-bit stuff needs some work.
initialized on the file system before trying to grab the lock of the
per-mount extattr structure, as this lock is unitialized in that case.
This is needed because ufs_extattr_vnode_inactive is called from
ufs_inactive, which is also used by EA-unaware file systems such as
ext2fs.
Reviewed by: rwatson
real uid, saved uid, real gid, and saved gid to ucred, as well as the
pcred->pc_uidinfo, which was associated with the real uid, only rename
it to cr_ruidinfo so as not to conflict with cr_uidinfo, which
corresponds to the effective uid.
o Remove p_cred from struct proc; add p_ucred to struct proc, replacing
original macro that pointed.
p->p_ucred to p->p_cred->pc_ucred.
o Universally update code so that it makes use of ucred instead of pcred,
p->p_ucred instead of p->p_pcred, cr_ruidinfo instead of p_uidinfo,
cr_{r,sv}{u,g}id instead of p_*, etc.
o Remove pcred0 and its initialization from init_main.c; initialize
cr_ruidinfo there.
o Restruction many credential modification chunks to always crdup while
we figure out locking and optimizations; generally speaking, this
means moving to a structure like this:
newcred = crdup(oldcred);
...
p->p_ucred = newcred;
crfree(oldcred);
It's not race-free, but better than nothing. There are also races
in sys_process.c, all inter-process authorization, fork, exec, and
exit.
o Remove sigio->sio_ruid since sigio->sio_ucred now contains the ruid;
remove comments indicating that the old arrangement was a problem.
o Restructure exec1() a little to use newcred/oldcred arrangement, and
use improved uid management primitives.
o Clean up exit1() so as to do less work in credential cleanup due to
pcred removal.
o Clean up fork1() so as to do less work in credential cleanup and
allocation.
o Clean up ktrcanset() to take into account changes, and move to using
suser_xxx() instead of performing a direct uid==0 comparision.
o Improve commenting in various kern_prot.c credential modification
calls to better document current behavior. In a couple of places,
current behavior is a little questionable and we need to check
POSIX.1 to make sure it's "right". More commenting work still
remains to be done.
o Update credential management calls, such as crfree(), to take into
account new ruidinfo reference.
o Modify or add the following uid and gid helper routines:
change_euid()
change_egid()
change_ruid()
change_rgid()
change_svuid()
change_svgid()
In each case, the call now acts on a credential not a process, and as
such no longer requires more complicated process locking/etc. They
now assume the caller will do any necessary allocation of an
exclusive credential reference. Each is commented to document its
reference requirements.
o CANSIGIO() is simplified to require only credentials, not processes
and pcreds.
o Remove lots of (p_pcred==NULL) checks.
o Add an XXX to authorization code in nfs_lock.c, since it's
questionable, and needs to be considered carefully.
o Simplify posix4 authorization code to require only credentials, not
processes and pcreds. Note that this authorization, as well as
CANSIGIO(), needs to be updated to use the p_cansignal() and
p_cansched() centralized authorization routines, as they currently
do not take into account some desirable restrictions that are handled
by the centralized routines, as well as being inconsistent with other
similar authorization instances.
o Update libkvm to take these changes into account.
Obtained from: TrustedBSD Project
Reviewed by: green, bde, jhb, freebsd-arch, freebsd-audit
