1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
floppy types (in fact, we have only one left!)
Also cleanup some code, using || and && in some places, and
using "export VAR=value" instead of two separate lines.
- use proper make configuration for the build, using
${BINMAKE} as evaluated by ${VERSION}/src/Makefile
- remove -lmytinfo from crunch.conf
- remove support for login_access in tinyware/login
- remove "machine i386" from the kernel config file
It might actually be interesting to extend the script to do
a cross build for !i386 ...
MFC after: 3 days
them unsigned I made the possible overflows hard to detect,
and it only saved 1 bit which isn't principal, even less now
that the underlying issue with the total of virtual memory has
been fixed. (For the record, it will overflow with >=2T of
VM total, with 32-bit ints used to keep counters in pages.)
- While here, fix printing of other "struct vmtotal" members
such as t_rq, t_dw, t_pw, and t_sw as they are also signed.
Reviewed by: bde
MFC after: 3 days
- Fix overflow bugs in sysctl(8), systat(1), and vmstat(8)
when printing values of "struct vmmeter" in kilobytes as
they don't necessarily fit into 32 bits. (Fix sysctl(8)
reporting of a total virtual memory; it's in pages too.)
- <netipx> headers [1]
- IPX library (libipx)
- IPX support in ifconfig(8)
- IPXrouted(8)
- new MK_NCP option
New MK_NCP build option controls:
- <netncp> and <fs/nwfs> headers
- NCP library (libncp)
- ncplist(1) and ncplogin(1)
- mount_nwfs(8)
- ncp and nwfs kernel modules
User knobs: WITHOUT_IPX, WITHOUT_IPX_SUPPORT, WITHOUT_NCP.
[1] <netsmb/netbios.h> unconditionally uses <netipx> headers
so they are still installed. This needs to be dealt with.
- add -lgeom
- use bsdlabel instead of disklabel
- increase image size to 2.88M (plenty of free space left)
note, this is not really a bridge because the old-style
bridging code is not in 7.0 anymore, so the kernel config
file should be changed.
replacement and has additional features which make it superior.
Discussed on: -arch
Reviewed by: thompsa
X-MFC-after: never (RELENG_6 as transition period)
to PRECIOUSLIB from bsd.lib.mk. The side effect of this
is making installing the world under jail(8) possible by
using another knob, NOFSCHG.
Reviewed by: oliver
with the following changes:
1) Don't make a mime_types.h 'cos we should avoid creating variables
in header files,
2) Use strrchr to find the extension, rather than strchr,
3) Slightly simplify the mime-type matching loop.
any goof are likely to be mine. Note that there are links to more
improvements by Eugene in the PR.
PR: 29725
Submitted by: Eugene Grosbein <eugen@kuzbass.ru>
+ declare some shell variables as 'local'
+ add a missing ';;' in a 'case' statement
+ centralize newfs options
+ properly override GID and UID when installing include files and libraries
+ add a missing '-r' in disklabel commands (maybe not necessary, but it
does not harm and it was used in the RELENG_4 version)
+ no more require 'perl' when installing the secondary loader
+ use '-t rsa1' when invoking ssh-keygen
These files had tags after the copyright notice,
inside the comment block (incorrect, removed),
and outside the comment block (correct).
Approved by: rwatson (mentor)
and does not fit into a floppy anymore (1403kb available).
There is not much you can do now except bumping up the image size
(by uncommenting the "fd_size=2880" line in ./config),
at which point you can uncomment sshd, the associated library,
and all the good stuff such as tcpdump and natd and ppp that
you might want on such a box.
A similar change should be applied to other picobsd image types.
1) Make fetch_mode a pointer 'cos we can just use the optarg.
2) Constness.
3) Add/complete prototypes.
4) Change an int to a socklen_t.
5) Don't use C++ style comments.
6) Check return values from read and fork a little more carefully.
7) Avoid closing an uninitialised int.
8) Get rid of unneeded extern declarations.