Commit Graph

1153 Commits

Author SHA1 Message Date
Attilio Rao
22db15c06f VOP_LOCK1() (and so VOP_LOCK()) and VOP_UNLOCK() are only used in
conjuction with 'thread' argument passing which is always curthread.
Remove the unuseful extra-argument and pass explicitly curthread to lower
layer functions, when necessary.

KPI results broken by this change, which should affect several ports, so
version bumping and manpage update will be further committed.

Tested by: kris, pho, Diego Sardina <siarodx at gmail dot com>
2008-01-13 14:44:15 +00:00
Nate Lawson
265ed03ff5 Fix GPE livelock that occurs on HP/Compaq laptops, mostly in the thermal
zone code.  The GPE handler method (i.e. _L00) generates various Notify
events that need to be run to completion before the GPE is re-enabled.
In ACPI-CA, we queue an asynch callback at the same priority as a Notify
so that it will only run after all Notify handlers have completed.  The
callback re-enables the GPE afterwards.  We also changed the priority of
Notifies to be the same as GPEs, given the possibility that another GPE
could arrive before the Notifies have completed and we don't want it to
get queued ahead of the rest.

The ACPI-CA change was submitted by Alexey Starikovskiy (SUSE) and will
appear in a later release.  Special thanks to him for helping track this
bug down.

MFC after:	1 week
Tested by:	jhb, Yousif Hassan <yousif / alumni.jmu.edu>
2008-01-12 22:13:12 +00:00
Nate Lawson
814cc347e1 This commit was generated by cvs2svn to compensate for changes in r175256,
which included commits to RCS files with non-trunk default branches.
2008-01-12 22:13:12 +00:00
Attilio Rao
cb05b60a89 vn_lock() is currently only used with the 'curthread' passed as argument.
Remove this argument and pass curthread directly to underlying
VOP_LOCK1() VFS method. This modify makes the code cleaner and in
particular remove an annoying dependence helping next lockmgr() cleanup.
KPI results, obviously, changed.

Manpage and FreeBSD_version will be updated through further commits.

As a side note, would be valuable to say that next commits will address
a similar cleanup about VFS methods, in particular vop_lock1 and
vop_unlock.

Tested by:	Diego Sardina <siarodx at gmail dot com>,
		Andrea Di Pasquale <whyx dot it at gmail dot com>
2008-01-10 01:10:58 +00:00
John Birrell
b468fe2bce * Check endianness the FreeBSD way.
* Use LBOLT rather than lbolt to avoid a clash with a FreeBSD global
  variable.
2007-11-28 22:16:00 +00:00
John Birrell
9587fed572 Fix a prototype definition. 2007-11-28 22:13:28 +00:00
John Birrell
da9085a1c0 Check endianness the FreeBSD way. 2007-11-28 22:12:21 +00:00
John Birrell
47b288c152 Include an extra header to get this to compile cleanly. 2007-11-28 22:11:39 +00:00
Darren Reed
b351a3c4b3 Fix 3 issues relating to the use of "auth" rules in IPFilter, from sourceforge:
1837014 Kernel panics after authentication of an outgoing packet
1836992 Potential bugs in packet auth code (w/patches)
1836967 Kernel panic when using auth rule with keep state
and another reported only to FreeBSD by Andiry (see PR)

PR:		kern/118251
Submitted by:	Andriy Syrovenko <andriys@gmail.com>
Reviewed by:	darrenr
MFC after:	5 days
2007-11-26 08:18:19 +00:00
Max Laier
228f6ee12e Bring back pf_if.c revs 1.8 and 1.6 also lost during last import:
- Use correct time for tzero when compiled in
 - Don't use bogus interface addresses on ptp-interfaces with :0

MFC after:	3 days
2007-11-21 16:08:06 +00:00
Max Laier
b7484bf1b9 Cleanup pf interface mangement - esp. remove EVENTHANDLER before unloading
the coresponding code.  This was lost during 4.1 import.

Reported by:	ru
MFC after:	3 days
2007-11-21 14:18:14 +00:00
Max Laier
fb63048c8a Reloop OpenBSD rev. 1.563:
In pf_test_fragment(), ignore protocol-specific criteria for packets of
  different protocols.

Reported by:	des
Obtained from:	OpenBSD
MFC after:	3 days
2007-11-21 10:12:52 +00:00
Pawel Jakub Dawidek
4d4daf5901 Warn if kmem_map size is set to less than 512MB. Previous warning was a bit
pointless, because default is set to something around 300MB and also
insufficient.

MFC after:	3 days
2007-11-07 14:44:31 +00:00
Pawel Jakub Dawidek
232a80f675 Remove unused header.
MFC after:	3 days
2007-11-05 22:18:34 +00:00
Pawel Jakub Dawidek
a33b7a8f5f If setting a state to anything but open state, close access to vdev.
This fixes replacing drive in place, eg. zpool replace tank da1 da1.
Before it complained that device is already open.

MFC after:	1 week
2007-11-05 21:30:48 +00:00
Benjamin Close
6607310b74 Initial Import of wpi driver based on p4 changeset 128641.
This import includes:
   o wpi Wireless driver for the Intel 3945 Wireless Lan Controller (802.11abg) (sys/dev/wpi)
   o Intel firmware revision 2.14.4 & associated LICENSE (sys/dev/contrib/wpi, sys/contrib/dev/wpi/LICENSE)
   o wpifw Firmware driver (sys/modules/wpifw)

Approved by: mlaier, sam (co-mentors)
2007-11-05 11:47:19 +00:00
Ulf Lilleengen
6509baf851 - Add sysctl for sizeof(znode_t), which will be used by fstat(1).
Approved by:	pjd (mentor)
2007-11-02 00:35:05 +00:00
Pawel Jakub Dawidek
ef2d58b58f Call zil_commit() (if ZIL is not disabled) after every non-read request
(BIO_WRITE and BIO_FLUSH) as it is done is Solaris. The difference is
that Solaris calls it only for sync requests, but we can't say in GEOM
is the request is sync or async, so we do it for every request.

MFC after:	1 week
2007-11-01 11:04:21 +00:00
Darren Reed
782218e851 Apply a few changes from ipfilter-current:
* Do not hold any locks over calls to copyin/copyout.
* Clean up some #ifdefs
* fix a possible mbuf leak when NAT fails on policy routed packets

PR:		117216
2007-10-30 15:23:27 +00:00
Robert Watson
a13e21f7bc Continue to move from generic network entry points in the TrustedBSD MAC
Framework by moving from mac_mbuf_create_netlayer() to more specific
entry points for specific network services:

- mac_netinet_firewall_reply() to be used when replying to in-bound TCP
  segments in pf and ipfw (etc).

- Rename mac_netinet_icmp_reply() to mac_netinet_icmp_replyinplace() and
  add mac_netinet_icmp_reply(), reflecting that in some cases we overwrite
  a label in place, but in others we apply the label to a new mbuf.

Obtained from:	TrustedBSD Project
2007-10-28 17:12:48 +00:00
Robert Watson
8640764682 Rename 'mac_mbuf_create_from_firewall' to 'mac_netinet_firewall_send' as
we move towards netinet as a pseudo-object for the MAC Framework.

Rename 'mac_create_mbuf_linklayer' to 'mac_mbuf_create_linklayer' to
reflect general object-first ordering preference.

Sponsored by:	SPARTA (original patches against Mac OS X)
Obtained from:	TrustedBSD Project, Apple Computer
2007-10-26 13:18:38 +00:00
Max Laier
32d5438214 Properly drop the pf mutex around all copyout (consistency still protected
by the sx) and avoid a WITNESS panic.  Overlooked during last import.

Reported and tested by:	Max N. Boyarov
MFC after:		3 days
2007-10-24 20:57:17 +00:00
Robert Watson
30d239bc4c Merge first in a series of TrustedBSD MAC Framework KPI changes
from Mac OS X Leopard--rationalize naming for entry points to
the following general forms:

  mac_<object>_<method/action>
  mac_<object>_check_<method/action>

The previous naming scheme was inconsistent and mostly
reversed from the new scheme.  Also, make object types more
consistent and remove spaces from object types that contain
multiple parts ("posix_sem" -> "posixsem") to make mechanical
parsing easier.  Introduce a new "netinet" object type for
certain IPv4/IPv6-related methods.  Also simplify, slightly,
some entry point names.

All MAC policy modules will need to be recompiled, and modules
not updates as part of this commit will need to be modified to
conform to the new KPI.

Sponsored by:	SPARTA (original patches against Mac OS X)
Obtained from:	TrustedBSD Project, Apple Computer
2007-10-24 19:04:04 +00:00
Julian Elischer
3745c395ec Rename the kthread_xxx (e.g. kthread_create()) calls
to kproc_xxx as they actually make whole processes.
Thos makes way for us to add REAL kthread_create() and friends
that actually make theads. it turns out that most of these
calls actually end up being moved back to the thread version
when it's added. but we need to make this cosmetic change first.

I'd LOVE to do this rename in 7.0  so that we can eventually MFC the
new kthread_xxx() calls.
2007-10-20 23:23:23 +00:00
Darren Reed
e86e344222 Pullup IPFilter 4.1.28 from the vendor branch into HEAD.
MFC after:	7 days
2007-10-18 21:52:14 +00:00
Darren Reed
9a214eca1f This commit was generated by cvs2svn to compensate for changes in r172771,
which included commits to RCS files with non-trunk default branches.
2007-10-18 21:42:51 +00:00
Darren Reed
e8e48c1c7b Import IPFilter 4.1.28 2007-10-18 21:42:51 +00:00
Andrew Thompson
1fe1be1535 ZFS_LOG adds a newline by itself.
Pointed out by:	pjd
2007-10-14 16:14:32 +00:00
Andrew Thompson
9528621759 Print the ZFS ereport to the console if vfs.zfs.debug is set to help diagnose
problems with zfs-on-root since devd isnt running yet.

Reviewed by:	pjd
2007-10-14 07:58:50 +00:00
Pawel Jakub Dawidek
e8bd23b460 Fix lock leak leading to the 'System call <name> returning with 1 locks held'
panic.

Reported by:	kris
Approved by:	re (kensmith)
2007-10-04 17:51:59 +00:00
Olivier Houchard
f530d4f06d Ok I hope I got it right this time.
After discussion with Sam, switch back to use firmware(9) instead of
having the firmware in hex format.
Put the binary firmware uuencoded into sys/contrib/dev/npe, and slap a
LICENSE file, as found on the Intel website.

Approved by:	re (blanket), mux (mentor)
MFC After:	1 week
2007-09-27 22:39:49 +00:00
Jung-uk Kim
66244a7bdd Fix global lock recursion bug.
This patch was part of ACPI-CA 20070508 release and the
following is excerpt from its change log:

Fixed a problem where the Global Lock handle was not properly
updated if a thread that acquired the Global Lock via executing
AML code then attempted to acquire the lock via the
AcpiAcquireGlobalLock interface. Reported by Joe Liu.

Approved by:	re (kensmith)
Tested by:	ambrisko
Obtained from:	Intel
2007-09-24 17:12:36 +00:00
Jung-uk Kim
26c31003af This commit was generated by cvs2svn to compensate for changes in r172314,
which included commits to RCS files with non-trunk default branches.
2007-09-24 17:12:36 +00:00
Pawel Jakub Dawidek
a95a61fc19 Now that we have CDDLed code in the tree, add CDDL license.
Discussed with:	core
Approved by:	re (kensmith)
2007-09-23 07:04:50 +00:00
Pawel Jakub Dawidek
a3c8c2e60f Reduce the limit of vnodes on i386 when ZFS is loaded to 3/4 of the original
value, so we don't run out of KVA. The default vnodes limit fits better for
UFS, but ZFS allocated more file system specific memory for a vnode than UFS.

Don't touch vnodes limit if we detect it was tuned by system administrator
and restore original value when ZFS is unloaded.

This isn't final fix, but before we implement something better, this will
help to stabilize ZFS under heavy load on i386.

Approved by:	re (bmah)
2007-09-10 19:58:14 +00:00
Pawel Jakub Dawidek
ef0ffc1c6f After dfr@ vnode leak fix, we can allow ARC to consume more memory.
Tested by:	kris
Approved by:	re (bmah)
2007-09-10 18:12:27 +00:00
Pawel Jakub Dawidek
6bc581fcf0 Use CTLFLAG_RDTUN for tunable sysctls.
Approved by:	re (bmah)
2007-09-01 06:23:42 +00:00
Daniel Hartmeier
7f368082ad When checking the sequence number of a TCP header embedded in an
ICMP error message, do not access th_flags. The field is beyond
the first eight bytes of the header that are required to be present
and were pulled up in the mbuf.

A random value of th_flags can have TH_SYN set, which made the
sequence number comparison not apply the window scaling factor,
which led to legitimate ICMP(v6) packets getting blocked with
"BAD ICMP" debug log messages (if enabled with pfctl -xm), thus
breaking PMTU discovery.

Triggering the bug requires TCP window scaling to be enabled
(sysctl net.inet.tcp.rfc1323, enabled by default) on both end-
points of the TCP connection. Large scaling factors increase
the probability of triggering the bug.

PR:		kern/115413: [ipv6] ipv6 pmtu not working
Tested by:	Jacek Zapala
Reviewed by:	mlaier
Approved by:	re (kensmith)
2007-08-23 09:30:58 +00:00
Robert Watson
c6b2899785 Replace references to NET_CALLOUT_MPSAFE with CALLOUT_MPSAFE, and remove
definition of NET_CALLOUT_MPSAFE, which is no longer required now that
debug.mpsafenet has been removed.

The once over:	bz
Approved by:	re (kensmith)
2007-07-28 07:31:30 +00:00
Pawel Jakub Dawidek
aa222db26f Update assertion after revision 1.23.
Reviewed by:	dfr
Approved by:	re (rwatson)
2007-07-24 15:00:43 +00:00
Nate Lawson
f1172c58e5 Fix a bug where the callout might not be initialized before being used.
Rev 1.9 introduced another path where machclk_freq would be initialized
before the rest of setup was done (i.e. initializing the callout).  Make
the one-time initialization a separate function and make init_machclk()
able to be called multiple times, any time.  We depend on tsc_freq first
being updated from the highest priority eventhandler, thus we run last
and call init_machclk() to set machclk_freq.  Also, don't initialize
static variables to 0.

Tested by:	Eygene Ryabinkin
Approved by:	re
2007-07-12 17:00:51 +00:00
Hartmut Brandt
2125877649 This commit was generated by cvs2svn to compensate for changes in r171364,
which included commits to RCS files with non-trunk default branches.
2007-07-11 14:41:54 +00:00
Hartmut Brandt
e52e259e88 Vendor patch to remove some __inline qualifiers on non-static functions
because they seem to cause warnings in gcc-4.2.

Submitted by:	mjacob
Approved by:	re
2007-07-11 14:41:54 +00:00
Doug Rabson
2dc26b36c8 Correct a reference-counting mistake in the ZFS code which led to abnormal
memory usage and pessimal cache performance.

Reviewed by: pjd
Approved by: re (rwatson)
2007-07-09 09:03:49 +00:00
Max Laier
e22a271eeb Remove unused variable from pf_subr.c to make it -Werror buildable.
Approved by:	re (kensmith)
2007-07-05 15:28:59 +00:00
Max Laier
44e0d5a8df Add two place holders in struct pf_rule for future netgraph integration.
Submitted by:	Ermal Luçi
Approved by:	re (kensmith)
2007-07-03 12:58:33 +00:00
Max Laier
60ee384760 Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
Max Laier
c9a03d91ad Commit resolved import of OpenBSD 4.1 pf from perforce.
Approved by:	re (kensmith)
2007-07-03 12:16:07 +00:00
Max Laier
42247cbcaf Import pf from OpenBSD 4.1 2007-07-03 12:06:01 +00:00
Max Laier
25929d7851 This commit was generated by cvs2svn to compensate for changes in r171164,
which included commits to RCS files with non-trunk default branches.
2007-07-03 12:06:01 +00:00
Max Laier
d786f620df Fix hardware checksum verification on fragments.
MFC after:		7 days
Reported/tested by: 	Hugo Koji Kobayashi, Vadym Chepkov
Reviewed/help by:	yongari
Approved by:		re (kensmith)
2007-07-03 11:50:02 +00:00
Doug Rabson
7761242694 In zfs_vget, if we fail to translate an inode number to the corresponding
vnode, make sure we return an error code to the caller.

Reviewed by: pjd
Approved by: re
2007-06-27 12:00:24 +00:00
Darren Reed
a2ba8029c8 Pointer to an ICMP header was getting left behind after doing a pullup. 2007-06-09 09:28:36 +00:00
Marcel Moolenaar
6d63683c41 Add my copyright.
Requested by: pjd@
2007-06-08 16:20:03 +00:00
Pawel Jakub Dawidek
3b7917d766 - Reduce number of atomic operations needed to be implemented in asm by
implementing some of them using existing ones.
- Allow to compile ZFS on all archs and use atomic operations surrounded
  by global mutex on archs we don't have or can't have all atomic
  operations needed by ZFS.
2007-06-08 12:35:47 +00:00
Pawel Jakub Dawidek
083c4dd695 Missing atomic operations for ZFS/ia64.
Submitted by:	marcel
2007-06-08 12:26:30 +00:00
Pawel Jakub Dawidek
b166b92692 Reimplement traverse() helper function:
1. Pass locking flags to VFS_ROOT().
2. Check v_mountedhere while the vnode is locked.
3. Always return locked vnode on success.

Change 1 fixes problem reported by Stephen M. Rumble - after
zfs_vfsops.c,1.9 change, zfs_root() no longer locks the vnode
unconditionally and traverse() didn't pass right lock type to
VFS_ROOT(). The result was that kernel paniced when .zfs/ directory
was accessed via NFS.
2007-06-04 11:31:46 +00:00
Darren Reed
d7eeb25225 Merge IPFilter 4.1.23 back to HEAD
See src/contrib/ipfilter/HISTORY for details of changes since 4.1.13
2007-06-04 02:54:36 +00:00
Darren Reed
103b406762 Import IPFilter 4.1.23 to vendor branch.
See src/contrib/ipfilter/HISTORY for details of changes since 4.1.13
2007-06-04 02:50:28 +00:00
Darren Reed
2bf2a702cc This commit was generated by cvs2svn to compensate for changes in r170263,
which included commits to RCS files with non-trunk default branches.
2007-06-04 02:50:28 +00:00
Pawel Jakub Dawidek
5750956634 Adjust va_mask for setattr. FreeBSD doesn't have va_mask, so we initialize it
based on individual fields beeing set. This doesn't work for setattr replay,
because va_type is set there, so we add AT_TYPE flag to va_mask, which won't
be accepted by zfs_setattr().

Reported by:	kris
2007-05-28 02:37:43 +00:00
Pawel Jakub Dawidek
a906fff9c5 Because we allocate componentname structures on stack, bzero() them before
use just in case.
2007-05-28 00:26:20 +00:00
Pawel Jakub Dawidek
f92dd5c2d9 Initialize ZFS a bit earlier and block root mounting until
initialization is complete. This fixes some root-on-ZFS
configurations.

Reported by:	Bruno Damour <freebsd.ruomad@free.fr>
Tested by:	Bruno Damour <freebsd.ruomad@free.fr>
2007-05-24 07:43:00 +00:00
Pawel Jakub Dawidek
d4c4dfe96f FreeBSD's namecache works quite well with ZFS, so remove DNLC. 2007-05-23 21:33:02 +00:00
Pawel Jakub Dawidek
4282c449dc All objects we create using GFS are directories, so initialize d_type
properly, but add XXX comment saying that it can eventually change in
the future.
2007-05-23 21:27:47 +00:00
Pawel Jakub Dawidek
124427f96d Lock vnode on lookup. This fixes ZIL replay for rmdir/unlink/rename.
Reported by:	des
2007-05-22 21:22:25 +00:00
Daniel Hartmeier
67debc100c From OpenBSD, rev. 1.524, 1.528, 1.529
Deal with IPv6 routing headers (see FreeBSD-SA-07:03.ipv6 for background)
Block IPv6 packets with routing headers by default, unless 'allow-opts'
is specified. Block RH0 unconditionally. Deal with ip6_plen 0.

MFC after:	1 week
Discussed with:	mlaier
2007-05-21 20:08:59 +00:00
Pawel Jakub Dawidek
68e752c31c Increase debug level - this message is not that important. 2007-05-09 22:32:49 +00:00
Pawel Jakub Dawidek
6a7309390f - Add missing lock destruction and remove duplicate initializations.
With this change it is possible to unload zfs.ko module from
  WITNESS-enabled kernel.
- Remove bogus comment.
2007-05-06 19:05:37 +00:00
Pawel Jakub Dawidek
7baf73a6c2 Use provider's ident to handle situations when disks are moved around
and show up with different names: first try to open provider using
remembered name and compare its ident, if equal, this is our provider,
if not equal or there is no provider with such name, find provider with
remembered ident and don't care about the name.
2007-05-06 01:39:39 +00:00
Pawel Jakub Dawidek
fab3f4465e MFp4: We don't need to cover vnode_pager_setsize() with the z_map_lock. 2007-05-06 01:27:54 +00:00
Pawel Jakub Dawidek
57504dcfaf Share-lock a vnode where possible. 2007-05-02 01:03:10 +00:00
Pawel Jakub Dawidek
5bec66402b When parent directory has to be unlocked, lock it back with the same lock
type. Before this change, if directory was shared-locked, it was relocked
exclusively.
2007-05-02 00:41:44 +00:00
Pawel Jakub Dawidek
9167141244 Lock vnode using cn_lkflags in case the caller wants the vnode to be
shared-locked.
2007-05-02 00:39:52 +00:00
Pawel Jakub Dawidek
04748b1b2e The getnewvnode() function sets LK_NOSHARE by default, so if we want to
support shared vnodes locking, we need to remove that flag.
Also add LK_CANRECURSE flag as found in nfsclient.
2007-05-02 00:22:12 +00:00
Pawel Jakub Dawidek
0775674bbc ZFS should update timestamps upon the creat() of an existing file.
Obtained from:	OpenSolaris
Bug:		http://bugs.opensolaris.org/view_bug.do?bug_id=6465105
2007-05-02 00:18:22 +00:00
Pawel Jakub Dawidek
6de6bff649 - Lock vnode with flags passed in as argument in zfs_vget() and zfs_root().
Pointed out by:	ups
  Also reported by:	kris

- Add comments where I'm not sure if LK_RETRY should be used.
2007-05-02 00:09:34 +00:00
Pawel Jakub Dawidek
d1d7399da5 MFp4: Remove LK_RETRY flag when locking vnode in zfs_lookup, we don't want
dead vnodes here.

Suggested by:	kib
2007-05-01 13:58:56 +00:00
Pawel Jakub Dawidek
80ae748326 White space fixes. 2007-05-01 13:32:22 +00:00
Pawel Jakub Dawidek
7555fddd83 Add a comment explaining why we call dmu_write() unconditionally, even if
uiomove() fails, especially that it is different from what OpenSolaris
does (I'm not entirely sure they are right).

Suggested by:	darrenr
2007-05-01 12:09:45 +00:00
Pawel Jakub Dawidek
2f51d93626 - Define d_type for ".", ".." and ".zfs" directories.
- Add a TODO comment where d_type is still noe defined.
2007-04-29 23:28:07 +00:00
Pawel Jakub Dawidek
b9f28e4a35 Oops, correct important typo in last commit. 2007-04-29 23:12:00 +00:00
Pawel Jakub Dawidek
2c965e1956 Avoid freeing NULL pointer in case of an error. 2007-04-29 23:08:24 +00:00
Pawel Jakub Dawidek
f2c9356328 Fix two use-after-free cases. 2007-04-29 00:41:29 +00:00
Pawel Jakub Dawidek
c28672efcc MFp4: Optimize mappedwrite() and mappedread() functions to write/read as much
non-mapped data as possible at once and not page-by-page. Which this change we
combain I/Os, but also saves many VM_OBJECT_UNLOCK()/VM_OBJECT_LOCK()
operations.

Simple 'fsx -l 33554432 -o 524288 -N 10000 /tank/fsx' test shows ~23%
performance increase.
2007-04-26 17:07:50 +00:00
Pawel Jakub Dawidek
171c4b21e2 - Always try to write one whole page at a time.
- vm_page_undirty() is enough (instead of vm_page_set_validclean()), but it has
  to be called before we write the data in case someone makes page dirty after
  our write, but before our vm_page_undirty() call.
- Always dmu_write, not matter if uiomove() succeeded, because it could
  partially be ok and we would lose some changes.

All good ideas from:	ups
2007-04-26 12:58:17 +00:00
Pawel Jakub Dawidek
caa93cc3a0 MFV: Free znodes immediatelly, allowing the ARC to hold onto less memory.
Full description at:	http://bugs.opensolaris.org/view_bug.do?bug_id=6543706
2007-04-26 10:08:54 +00:00
Pawel Jakub Dawidek
5da1b1ed71 MFV: Functions name change. 2007-04-26 09:38:20 +00:00
Pawel Jakub Dawidek
1e788bd7e5 ZIL (ZFS Intent Log) can be safely turned on and off at run time, because
it is only used when dataset is beeing mounted to decide if log should also
be opened.
2007-04-24 19:02:51 +00:00
Pawel Jakub Dawidek
8b384c52c0 MFp4: Now that ZFS can use FreeBSD's namecache, turn it off by default and
turn off DNLC, but don't remove DNLC yet just in case.
2007-04-24 16:59:20 +00:00
Pawel Jakub Dawidek
f13f738876 MFp4: Rearange the code so vobject is destroyed from reclaim() method like
in all other file system on FreeBSD (instead from inactive() method).

A nice side-effect of this change, except that it speedups file system
when mmaped file are often open/closed, is that it makes FreeBSD's
namecache work:)
2007-04-24 16:57:53 +00:00
Pawel Jakub Dawidek
0cdad5e228 MFp4: Once page is written successfully, we should clear the dirty bits.
This fixes slow operations on mmaped files, because without this fix,
pages were written to disk multiple times.

If one is looking for even greater speed up for such operation, he should
disable ZIL (by setting vfs.zfs.zil_disable to 1 in /boot/loader.conf).
Disabling ZIL makes fsx run ~9 times faster.
2007-04-24 16:53:01 +00:00
Pawel Jakub Dawidek
71ce4c9c10 MFp4: Reduce diff against vendor. 2007-04-24 16:49:01 +00:00
Pawel Jakub Dawidek
692fd5a7b9 MFp4: We have stronger 'lock already initialized' check now, so we can
reduce diff against the vendor by removing bzero of this mutex.
2007-04-24 16:45:42 +00:00
Bruce A. Mah
9100d31299 Mostly-cosmetic fixes in low-memory warning messages:
o Fix linewrap issues.

o Fix two typos (s/Recomended/Recommended/ and s/tunning/tuning/)

o Remove a couple of extra instances of the word "of".

o Update names of kmem_size variables.

Approved by:	pjd
2007-04-23 21:52:14 +00:00
Pawel Jakub Dawidek
cfda925270 Too much diff reduction. 'cmd' has to be u_long.
Reported by:	delphij
2007-04-23 13:47:49 +00:00
Pawel Jakub Dawidek
cc7cd831b2 MFp4: Reduce diff against vendor code:
- Move FreeBSD-specific code to zfs_freebsd_*() functions in zfs_vnops.c
  and keep original functions as similar to vendor's code as possible.
- Add various includes back, now that we have them.
2007-04-23 00:52:07 +00:00
Pawel Jakub Dawidek
3698384259 Fix 'zpool status -v'. To get object number we should use ZFS_DIRENT_OBJ()
macro, as za_first_integer field also contains type. This should be fixed in
ZFS itself, but this bug is not visible on Solaris, because there, type is
not stored in za_first_integer. On the other hand it will be visible on
MacOS X.

Reported by:	Barry Pederson <bp@barryp.org>
2007-04-22 21:18:40 +00:00
Pawel Jakub Dawidek
77128a226d Fix st_rdev handling (implement it, actually).
Reported by:	gj
2007-04-22 21:16:15 +00:00
Pawel Jakub Dawidek
9de81c7273 MFp4:
@118370	Correct typo.

@118371	Integrate changes from vendor.

@118491	Show backtrace on unexpected code paths.

@118494	Integrate changes from vendor.

@118504	Fix sendfile(2). I had two ways of fixing it:
	1. Fixing sendfile(2) itself to use VOP_GETPAGES() instead of
	   hacking around with vn_rdwr(UIO_NOCOPY), which was suggested
	   by ups.
	2. Modify ZFS behaviour to handle this special case.

	Although 1 is more correct, I've choosen 2, because hack from 1
	have a side-effect of beeing faster - it reads ahead MAXBSIZE
	bytes instead of reading page by page. This is not easy to implement
	with VOP_GETPAGES(), at least not for me in this very moment.

	Reported by:	Andrey V. Elsukov <bu7cher@yandex.ru>

@118525	Reorganize the code to reduce diff.

@118526	This code path is expected. It is simply when file is opened with
	O_FSYNC flag.

	Reported by:	kris
	Reported by:	Michal Suszko <dry@dry.pl>
2007-04-21 12:02:57 +00:00
Pawel Jakub Dawidek
f2c9a576db MFp4: We check for PRIV_VFS_MOUNT already in mount(2) syscall and we don't
want to do the check when snapshot is automatically mounted by an
      unprivileged user doing lookup on a snapshot directory.
2007-04-18 15:22:07 +00:00
Pawel Jakub Dawidek
35e8a7fad7 Simplify. 2007-04-17 21:58:34 +00:00
Pawel Jakub Dawidek
39db4c6e0f Ignore hostid check for root-on-ZFS configurations. Making hostid available
before the root is mounted is tricky and having it in /boot/ is not really
desire.

Reported by:	Zephiris <zephiris@gmail.com>
2007-04-17 17:57:34 +00:00
Pawel Jakub Dawidek
8cb195f758 Uncomment forgotten check. Without this check in-place, ZFS will panic on
unload instead of returning EBUSY. This check tells if there are mounted
ZFS file systems or not. We can't unload if there are mounted file systems.

Reported by:	Andrey V. Elsukov <bu7cher@yandex.ru>
2007-04-16 10:23:24 +00:00
Pawel Jakub Dawidek
7ae6548e62 MFp4: Start DNLC after desiredvnodes variable is initialized.
Before this change if zfs.ko was loaded by the loader, DNLC was
      automatically disabled.

Reported by:	Zephiris <zephiris@gmail.com>
2007-04-15 09:10:17 +00:00
Pawel Jakub Dawidek
87e89536f1 Fix RAID-Z resilvering.
Obtained from:	OpenSolaris
2007-04-14 20:50:14 +00:00
Pawel Jakub Dawidek
d48078479c MFp4: Hmm, it seems to work now. 2007-04-14 15:01:50 +00:00
Pawel Jakub Dawidek
8aff52ca4e MFp4: Use max_ncpus, which is used in other places in the code. 2007-04-14 12:33:47 +00:00
Pawel Jakub Dawidek
8870baf005 MFp4: Add more debug, so we can see if zpool.cache was loaded or why it
wasn't loaded.
2007-04-14 12:23:03 +00:00
Pawel Jakub Dawidek
dbd490e0e2 MFp4: Allow to tune vfs.zfs.debug from loader.conf. 2007-04-14 12:21:06 +00:00
Pawel Jakub Dawidek
c98fbf0418 MFp4: - Allow to tune number of spa_zio_* threads.
- Reduce default number of spa_zio_* threads to N*spa_zio_issue
	  plus N*spa_zio_intr threads per ZIO type, where N is the number
	  of CPUs.
	- Put ZIO type number in thread's name.
2007-04-14 12:20:06 +00:00
Bruce M Simpson
05d91e4363 In member interface detach event handler, do not attempt to free state
which has already been freed by in_ifdetach(). With this cumulative change,
the removal of a member interface will not cause a panic in pfsync(4).

Requested by:	yar
PR:		86848
2007-04-14 01:01:46 +00:00
Pawel Jakub Dawidek
bd59d85850 Fix overflow, which was causing endless loops when 32bit machine had more
than 2GB of RAM. This was because our physmem is long and 'physmem*PAGESIZE'
can be negative for more than 2GB of memory.

Reported by:	Andrey V. Elsukov <bu7cher@yandex.ru>

It is not yet tested by Andrey, so there can be other problems, but this
was definiately a bug, so I'm committing a fix now.
2007-04-13 18:50:03 +00:00
Pawel Jakub Dawidek
f0bc5ac3e1 Fix vnodes starvation caused by DNLC (ZFS name cache):
- Tune number of namecache entires better (based on desiredvnodes).
- Handle vfs_lowvnodes event by releasing requested number of name cache
  entries, but no less than 5%.

Reported by:	simokawa
2007-04-13 08:42:01 +00:00
Pawel Jakub Dawidek
6704017a15 MFp4: Synchronize with vendor (mostly 'zfs rename -r'). 2007-04-12 23:16:02 +00:00
Pawel Jakub Dawidek
1da61b3665 MFp4: Bring back comments.
Requested by:	jhb
2007-04-12 23:14:25 +00:00
Ruslan Ermilov
1859f337c4 Unbreak world build. 2007-04-11 11:09:18 +00:00
Ruslan Ermilov
9fd6e3d4a4 This commit was generated by cvs2svn to compensate for changes in r168616,
which included commits to RCS files with non-trunk default branches.
2007-04-11 11:09:18 +00:00
Nate Lawson
1b96d500fb Put some overly verbose prints under bootverbose. This is on the vendor
branch but we need to work out a different interface with the vendor.
2007-04-11 02:03:36 +00:00
Nate Lawson
c1149e97bb This commit was generated by cvs2svn to compensate for changes in r168609,
which included commits to RCS files with non-trunk default branches.
2007-04-11 02:03:36 +00:00
Pawel Jakub Dawidek
1b6e2c02fe MFp4: Allow to set zfs_recover via vfs.zfs.recover from /boot/loader.conf. 2007-04-10 12:54:19 +00:00
Pawel Jakub Dawidek
5b9528e2d4 MFp4: Hide under '#ifdef _KERNEL' only what's really needed. 2007-04-10 12:52:14 +00:00
Pawel Jakub Dawidek
2d03e33170 Try to stabilize ZFS with regard to memory consumption:
- Allow to shrink ARC down to 16MB (instead of 64MB).
- Set arc_max to 1/2 of kmem_map by default.
- Start freeing things earlier when low memory situation is detected.
- Serialize execution of arc_lowmem().

I decided to setup minimum ZFS memory requirements to 512MB of RAM and 256MB of
kmem_map size. If there is less RAM or kmem_map, a warning will be printed.
World is cruel, be no better. In other words: modern file system requires
modern hardware:)

From ZFS administration guide:

"Currently the minimum amount of memory recommended to install a Solaris
 system is 512 Mbytes. However, for good ZFS performance, at least one
 Gbyte or more of memory is recommended."
2007-04-10 02:35:57 +00:00
Pawel Jakub Dawidek
52124c7f1c Reduce diff against vendor - we have now stronger check for "mutex already
initialized", so we can go back to kmem_alloc().
2007-04-10 02:19:12 +00:00
Pawel Jakub Dawidek
0404b7791b Remove unused #define. 2007-04-09 23:30:28 +00:00
Pawel Jakub Dawidek
33fc425c85 We don't have to wait for the root file system to be mounted anymore, now that
kobj KPI supports operating on files loaded by the loader.
2007-04-09 00:03:45 +00:00
Pawel Jakub Dawidek
5fc5d6ed61 Drop the Giant lock before calling zfs_domount(), which is held when
mounting root file system.
2007-04-09 00:02:11 +00:00
Pawel Jakub Dawidek
f92cb15e7b Move zpool.cache from /etc/zfs/ to /boot/zfs/, so we can keep it on
dedicated /boot/ file system and use ZFS for the root file system.
2007-04-08 23:59:39 +00:00
Pawel Jakub Dawidek
ffe54ff0ec MFp4: Synchronize with recent OpenSolaris changes. 2007-04-08 16:29:25 +00:00
Pawel Jakub Dawidek
425d75486e - Use 'name=value' so it can be properly recognized by devd(8).
- Use only subclass as devd's type.
2007-04-08 15:55:48 +00:00
Pawel Jakub Dawidek
61cfeccd58 Take vnode pointer and hold it under znode lock, so we won't race with
zfs_reclaim(). This may or may not fix problem reported by kris, but it's
definiatelly better that way.
2007-04-08 10:29:14 +00:00
Pawel Jakub Dawidek
3dc4488c91 Move atomic.S files to directories that better fit OpenSolaris directory
layout.
2007-04-07 23:54:54 +00:00
Pawel Jakub Dawidek
e321494eca Fix libzpool compilation.
Reported by:	des
2007-04-07 23:47:14 +00:00
Pawel Jakub Dawidek
9a691cb33a Limit the number of system taskq threads to the number of CPUs.
They are only used when there is a need for reducing namecache.

Observed by:	kris, csjp
2007-04-07 21:41:11 +00:00
Dag-Erling Smørgrav
29665eac3f Fix some type mismatches.
Reviewed by:	pjd@
2007-04-07 19:11:41 +00:00
Pawel Jakub Dawidek
639fdcd852 Allow to tune maximum and minimum memory used by ARC. 2007-04-07 19:10:50 +00:00
Pawel Jakub Dawidek
a583dae953 Add missing mutex_init() which was causing assertion panic when on clone
destruction.

Reported by:	kris
2007-04-07 11:04:37 +00:00
Pawel Jakub Dawidek
f0a75d274a Please welcome ZFS - The last word in file systems.
ZFS file system was ported from OpenSolaris operating system. The code in under
CDDL license.

I'd like to thank all SUN developers that created this great piece of software.

Supported by:	Wheel LTD (http://www.wheel.pl/)
Supported by:	The FreeBSD Foundation (http://www.freebsdfoundation.org/)
Supported by:	Sentex (http://www.sentex.net/)
2007-04-06 01:09:06 +00:00
Nate Lawson
0d4ac62a35 Add an interface for drivers to be notified of changes to CPU frequency.
cpufreq_pre_change is called before the change, giving each driver a chance
to revoke the change.  cpufreq_post_change provides the results of the
change (success or failure).  cpufreq_levels_changed gives the unit number
of the cpufreq device whose number of available levels has changed.  Hook
in all the drivers I could find that needed it.

* TSC: update TSC frequency value.  When the available levels change, take the
highest possible level and notify the timecounter set_cputicker() of that
freq.  This gets rid of the "calcru: runtime went backwards" messages.
* identcpu: updates the sysctl hw.clockrate value
* Profiling: if profiling is active when the clock changes, let the user
know the results may be inaccurate.

Reviewed by:	bde, phk
MFC after:	1 month
2007-03-26 18:03:29 +00:00
Jung-uk Kim
a19b8275ad Merge from vendor branch to fix tinderbox breakage. 2007-03-22 21:23:29 +00:00
Jung-uk Kim
6e6ecbd187 Fix tinderbox build breakage.
Note that it is committed on the vendor branch because it will be
submitted to the vendor.
2007-03-22 21:14:43 +00:00
Jung-uk Kim
1178769589 This commit was generated by cvs2svn to compensate for changes in r167817,
which included commits to RCS files with non-trunk default branches.
2007-03-22 21:14:43 +00:00
Jung-uk Kim
df6b852a3a Update to reflect import of ACPI-CA 20070320. 2007-03-22 18:08:11 +00:00
Jung-uk Kim
566829f919 Resolve conflicts from import of Intel ACPI-CA 20070320. 2007-03-22 18:02:34 +00:00
Jung-uk Kim
676ba8b815 Resolve conflicts of unchanged files that are off the vendor branch. 2007-03-22 17:58:27 +00:00
Jung-uk Kim
58bffa15c2 Remove files that removed on the vendor branch. 2007-03-22 17:47:41 +00:00
Jung-uk Kim
471dd6b2d7 Remove files that are no longer needed or removed by vendor. 2007-03-22 17:43:38 +00:00
Jung-uk Kim
73d8e290c6 This commit was generated by cvs2svn to compensate for changes in r167807,
which included commits to RCS files with non-trunk default branches.
2007-03-22 17:43:38 +00:00
Jung-uk Kim
6976fc7f02 Add fixes for FreeBSD build that were submitted upstream. 2007-03-22 17:36:29 +00:00
Jung-uk Kim
b8377236a6 This commit was generated by cvs2svn to compensate for changes in r167805,
which included commits to RCS files with non-trunk default branches.
2007-03-22 17:36:29 +00:00
Jung-uk Kim
1a39cfb03c Vendor import of Intel ACPI-CA 20070320 2007-03-22 17:24:05 +00:00
Jung-uk Kim
70f0d34262 This commit was generated by cvs2svn to compensate for changes in r167802,
which included commits to RCS files with non-trunk default branches.
2007-03-22 17:24:05 +00:00
Bruce M Simpson
6b47cca2a7 Teach pfsync(4) that its member interfaces may go away.
This change partially resolves the issue in the PR. Further architectural
fixes, in the form of reference counting, are needed.

PR:		86848
Reviewed by:	yar
MFC after:	1 month
2007-03-19 17:52:15 +00:00
Florent Thoumie
7bd6fde395 - Add Intel firmwares for Intel PRO/Wireless LAN 2100/2200/2915 cards in a
uuencoded format along with their respective LICENSE files.
- Add new share/doc/legal directory to BSD.usr.dist mtree file. This is the
place we install LICENSE files for restricted firmwares.
- Teach firmware(9) and kmod.mk about licensed firmwares. Restricted firmwares
won't load properly unless legal.<name>.license_ack is set to 1, either
via kenv(1) or /boot/loader.conf.

Reviewed by:	mlaier, sam
Permitted by:	Intel (via Andrew Wilson)
MFC after:	1 month
2007-03-02 11:42:56 +00:00
Paolo Pisati
ef544f6312 o break newbus api: add a new argument of type driver_filter_t to
bus_setup_intr()

o add an int return code to all fast handlers

o retire INTR_FAST/IH_FAST

For more info: http://docs.freebsd.org/cgi/getmsg.cgi?fetch=465712+0+current/freebsd-current

Reviewed by: many
Approved by: re@
2007-02-23 12:19:07 +00:00
Max Laier
191c6e1310 Clean up pfr_kentry_pl2 as well. This fixes a kernel panic in the vm.zone
sysctl after unloading pf.

Submitted by:	Earl Lapus
MFC after:	3 days
2007-01-01 16:51:11 +00:00
John Baldwin
0dea849ae9 Various bpf(4) related fixes to catch places up to the new bpf(4)
semantics.
- Stop testing bpf pointers for NULL.  In some cases use
  bpf_peers_present() and then call the function directly inside the
  conditional block instead of the macro.
- For places where the entire conditional block is the macro, remove the
  test and make the macro unconditional.
- Use BPF_MTAP() in if_pfsync on FreeBSD instead of an expanded version of
  the old semantics.

Reviewed by:	csjp (older version)
2006-12-29 13:59:50 +00:00
Max Laier
240589a9fe Work around a long standing LOR with user/group rules by doing the socket
lookup early.  This has some performance implications and should not be
enabled by default, but might help greatly in certain setups.  After some
more testing this could be turned into a sysctl.

Tested by:	avatar
LOR ids:	17, 24, 32, 46, 191 (conceptual)
MFC after:	6 weeks
2006-12-29 13:59:03 +00:00
Darren Reed
4012ba6ec7 TCP Window scaling was being recognised but the recorded settings were being
clobbered and thus effectively disabled.

MFC after:	7 days
2006-12-24 02:18:36 +00:00
Sam Leffler
0f3ff68694 Version 0.9.20.3:
o remove os-specific glue code; it's now the responsibility of
  the driver
o add wackelf utility for patching the ELF magic number on arm
  builds since noone can agree on how to mark a .o file as not
  having any floating point instructions
o remove radar/dfs-related entry points; folks have finally
  decided how to support dfs w/o polluting the hal
o properly recognize AR2424 chips (they were being rejected on
  attach despite being fully supported)
o add HAL_CAP_RXORN_FATAL capability to control how RXORN errors
  are handled; previously RXORN was always treated as fatal because
  older chips required a reset; now we do not treat it as fatal
  for "newer chips" (noone seems to know what the cutoff is so
  this capability can be used to override the current guestimate)
o HAL_CAP_RXTSTAMP_PREC capability to export the number of bits
  of precision for timestamp data returned in the rx descriptor
o remove public exposure of the compression buffer; it is chip
  specific and never belonged in the public view
o change definition of HAL_INT_GLOBAL from an enum member to a
  #define to workaround compilers that bitch about enum values
  that appear overflow 31 bits
o add support for newer chips that can store the tkip mic key
  together with the cipher key in a single key cache entry
o split tx/rx descriptor into a h/w section and a s/w portion;
  this permits storing the s/w area in cached memory when the
  h/w area is stored in uncached memory; this also shrinks
  memory use since only one status block is needed while multiple
  tx/rx descriptors may be required per frame
o add final transmit series index to the transmit descriptor status
  so rate control algorithms don't need to grovel through h/w state
  to find it
o remove ds_vdata field from the descriptor state as part of the
  radar changes
o fix excessive stack usage for some 5212 rf backends
o correct rfkill handling when the pin polarity is 0 true
o correct handling of tsf wrap when reading 64-bit values

MFC after:	1 month
2006-12-13 19:26:37 +00:00
Sam Leffler
8b33360649 This commit was generated by cvs2svn to compensate for changes in r165182,
which included commits to RCS files with non-trunk default branches.
2006-12-13 19:26:37 +00:00
Robert Watson
acd3428b7d Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges.  These may
require some future tweaking.

Sponsored by:           nCircle Network Security, Inc.
Obtained from:          TrustedBSD Project
Discussed on:           arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
                        Alex Lyashkov <umka at sevcity dot net>,
                        Skip Ford <skip dot ford at verizon dot net>,
                        Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:42:10 +00:00
Robert Watson
aed5570872 Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h
begun with a repo-copy of mac.h to mac_framework.h.  sys/mac.h now
contains the userspace and user<->kernel API and definitions, with all
in-kernel interfaces moved to mac_framework.h, which is now included
across most of the kernel instead.

This change is the first step in a larger cleanup and sweep of MAC
Framework interfaces in the kernel, and will not be MFC'd.

Obtained from:	TrustedBSD Project
Sponsored by:	SPARTA
2006-10-22 11:52:19 +00:00
Oleg Bulyzhin
29453026ea Workaround bad locking design:
do not try to lock/unlock destroyed/non-existsing mutex.

PR:		kern/103569
Reviewed by:	guido
Approved by:	glebius (mentor)
Silence from:	darrenr
MFC:		2 week
2006-10-05 09:48:25 +00:00
Sam Leffler
d9994d8bb4 remove this from HEAD too since it got taken off the vendor branch 2006-09-18 17:01:35 +00:00
Sam Leffler
313ae6522b o move ath hal os glue code from the hal to the driver: this code was
part of the hal distribution early on when the hal was built for
  each os but it's been portable for a long time so move the os-specific
  code out (and off the vendor branch)
o correct the copyright on ah_osdep.?; it was mistakenly given a
  restricted license and not a dual-bsd/gpl license
o remove the module api definition as it was never used
o fixup include paths for move of ah_osdep.h

MFC after:	2 weeks
2006-09-18 16:49:15 +00:00
Sam Leffler
6432da677c This commit was generated by cvs2svn to compensate for changes in r162413,
which included commits to RCS files with non-trunk default branches.
2006-09-18 16:49:15 +00:00
Christian S.J. Peron
d94f2a68f8 Introduce a new entry point, mac_create_mbuf_from_firewall. This entry point
exists to allow the mandatory access control policy to properly initialize
mbufs generated by the firewall. An example where this might happen is keep
alive packets, or ICMP error packets in response to other packets.

This takes care of kernel panics associated with un-initialize mbuf labels
when the firewall generates packets.

[1] I modified this patch from it's original version, the initial patch
    introduced a number of entry points which were programmatically
    equivalent. So I introduced only one. Instead, we should leverage
    mac_create_mbuf_netlayer() which is used for similar situations,
    an example being icmp_error()

    This will minimize the impact associated with the MFC

Submitted by:	mlaier [1]
MFC after:	1 week

This is a RELENG_6 candidate
2006-09-12 04:25:13 +00:00
Max Laier
a7c4fe03a8 Fix stateful filtering of loopback IPv6 traffic to an address not configured
on lo0.  While here fix a comment.

PR:		kern/102647
Reported by:	Frank Steinborn
Submitted by:	suz (earlier version)
MFC after:	3 days
2006-09-06 17:19:45 +00:00
Guido van Rooij
4160f4c64e Resolve conflicts
MFC after:	2 weeks
2006-08-16 12:06:35 +00:00
Guido van Rooij
0be1832174 Import IP Filter 4.1.13 2006-08-16 11:51:32 +00:00
Guido van Rooij
2b8b5c44fc This commit was generated by cvs2svn to compensate for changes in r161351,
which included commits to RCS files with non-trunk default branches.
2006-08-16 11:51:32 +00:00
Pawel Jakub Dawidek
dbb78f2906 The strstr() function is in the libkern now. 2006-08-12 15:29:12 +00:00
Max Laier
cff1b3389b Import from OpenBSD 1.168, dhartmei:
fix a bug in the input sanity check of DIOCCHANGERULE (not used by pfctl,
  but third-party tools). a rule must have a non-empty replacement address
  list when it's a translation rule but not an anchor call (i.e. "nat ...
  ->" needs a replacement address, but "nat-anchor ..." doesn't). the check
  confused "rule is an anchor call" with "rule is defined within an anchor".
  report from Michal Mertl, Max Laier.

Obtained from:	OpenBSD
MFC after:	2 weeks
2006-07-21 09:48:13 +00:00
Sam Leffler
6b7330e2d4 Revise network interface cloning to take an optional opaque
parameter that can specify configuration parameters:
o rev cloner api's to add optional parameter block
o add SIOCCREATE2 that accepts parameter data
o rev vlan support to use new api (maintain old code)

Reviewed by:	arch@
2006-07-09 06:04:01 +00:00
Max Laier
05206588f2 Make in-kernel multicast protocols for pfsync and carp work after enabling
dynamic resizing of multicast membership array.

Reported and testing by:	Maxim Konovalov, Scott Ullrich
Reminded by:			thompsa
MFC after:			2 weeks
2006-07-08 00:01:01 +00:00
Marcel Moolenaar
b6352de96c Apply local modifications to make Unwind Express BETA 10 buildable and
usable in the FreeBSD kernel.
2006-07-07 23:56:34 +00:00
Marcel Moolenaar
870376755a This commit was generated by cvs2svn to compensate for changes in r160160,
which included commits to RCS files with non-trunk default branches.
2006-07-07 23:04:49 +00:00
Marcel Moolenaar
50074ddd37 This commit was generated by cvs2svn to compensate for changes in r160157,
which included commits to RCS files with non-trunk default branches.
2006-07-07 22:59:01 +00:00
Marcel Moolenaar
924c6192ce Import BETA 10 of HP's Unwind Express. This import does not contain
any modifications to make it build as part of the FreeBSD kernel.
Now that the source appears to have stabilized, local changes will
happen on HEAD and will therefore cause affected files to be pulled
from the vendor branch.
2006-07-07 22:59:01 +00:00
Max Laier
a6831e7e3a Fix pfsync w/o carp compilation.
Submitted by:	yar
2006-06-16 10:25:06 +00:00
Max Laier
c0e9fdd321 Fix byteorder of syncpeer and make it actually work.
Submitted by:	glebius
MFC after:	1 week
2006-06-14 11:11:54 +00:00
Sam Leffler
a08db7182a reposition defines so things build on architectures where AH_REGOPS_FUNC
is defined
2006-06-07 18:09:33 +00:00
Sam Leffler
93057fddc1 resolve merge conflicts
MFC after:	1 month
2006-06-05 17:46:41 +00:00
Sam Leffler
7937397e81 Version 0.9.17.2:
o define HAL_SOFTC, HAL_BUS_TAG, and HAL_BUS_HANDLE to be machine
  independent; this fixes portability issues with bsd systems
o add ah_disable api for turning off operation of both MAC and PHY
o add ah_getAntennaSwitch and ah_setAntennaSwitch api's for better control
  of antenna usage and diversity
o add ah_setAckCTSRate and ah_setAckCTSRate for controlling tx rate of
  h/w generated frames
o add ah_setBeaconTimers api for simpler setting of the beacon timer registers
o remove ah_waitForBeaconDone api
o add HAL_TXDESC_DURENA flag to enable h/w duration setting in tx descriptor
o correct documentation of min/max tx power units (.5 dBm)
o switch arm, mips, and powerpc builds to use functions for register
  read/write operations
o fix sparc builds to not reference %g2 and %g3 registers
o add public builds for SoC's

MFC after:	1 month
2006-06-05 17:43:51 +00:00
Sam Leffler
a46aeff755 This commit was generated by cvs2svn to compensate for changes in r159285,
which included commits to RCS files with non-trunk default branches.
2006-06-05 17:43:51 +00:00
Poul-Henning Kamp
c40da00ca3 Since DELAY() was moved, most <machine/clock.h> #includes have been
unnecessary.
2006-05-16 14:37:58 +00:00
Max Laier
210c3cc4c3 Put debugging messages related to inconsistent ticket numbers under misc and
wrap it __FreeBSD__ specific as I couldn't figure out which version of
OpenBSD I got it from.

Reported by:	Scott Ullrich
2006-05-12 16:15:34 +00:00
Darren Reed
649a43212c fix "ipf -Z" reporting rubbish and possibly panic'ing box
MFC after:	4 days
2006-04-18 13:24:14 +00:00
Max Laier
94f2dfdd76 Loopback pf_norm.c rev. 1.106 from OpenBSD:
fixup IP checksum when modifying IP header fields

PR:		kern/93849
Obtained from:	OpenBSD
MFC after:	3 days
2006-03-25 21:15:25 +00:00
Yaroslav Tykhiy
3546dc71f0 Avoid pulling in the whole <net/pfvar.h> by opaquely declaring
the structs pflog_packet() takes pointers to.

Approved by:	mlaier
MFC after:	3 days
2006-03-09 15:54:01 +00:00
Andrew Thompson
95d4af215e Do not use the TSC where its known to be broken, this will cause the queue
speeds to perform below the desired bitrate and throughput will be erratic.

This makes queueing work on the Geode SC1100, K5 model 0 and IDT WinChip C6
processors.

MFC after:	3 days
2006-03-02 00:51:39 +00:00
Sam Leffler
1be92ea1ca resolve merge conflicts
MFC after:	2 weeks
2006-02-10 19:01:02 +00:00
Sam Leffler
c6f3555125 Version 0.9.16.16:
o new chip support
o new platforms: powerpc-be-elf, sparc64-be-elf, and alpha-elf
  (alpha is untested, others are known to work)
o many fixes and improvements

MFC after:	2 weeks
2006-02-10 18:57:38 +00:00
Sam Leffler
07c5770b96 This commit was generated by cvs2svn to compensate for changes in r155511,
which included commits to RCS files with non-trunk default branches.
2006-02-10 18:57:38 +00:00
Max Laier
5bba2114d0 Make pflog a seperate module. As a result pflog_packet() becomes a function
pointer that is declared in pf_ioctl.c

Requested by:	yar (as part of the module build reorg)
MFC after:	1 week
X-MFC with:	yar's module reorg
2006-02-05 17:17:32 +00:00
Daniel Hartmeier
31f9d10a77 fix a bug in the fragment cache (used for 'scrub fragment crop/drop-ovl',
but not 'fragment reassemble'), which can cause some fragments to get
inserted into the cache twice, thereby violating an invariant, and panic-
ing the system subsequently.

Reviewed by:	mlaier
MFC after:	1 day
2006-01-19 11:46:45 +00:00
Max Laier
4cd9957a80 Move m_adj after checking that m_dup succeeded.
Found with:	Coverity Prevent(tm)
MFC after:	3 days
2006-01-14 22:19:17 +00:00
Guido van Rooij
ecdad7e688 Add mcopywrap prototype to ip_compat.h
Remove h323 proxy from ip_proxy (copyright issue)
2005-12-30 11:55:37 +00:00
Guido van Rooij
9088f4e67b Resolve conflicts 2005-12-30 11:32:23 +00:00
Guido van Rooij
fc79eaf127 Import IP Filter version 4.1.10 2005-12-30 11:22:11 +00:00
Guido van Rooij
a311d8fc4c This commit was generated by cvs2svn to compensate for changes in r153872,
which included commits to RCS files with non-trunk default branches.
2005-12-30 11:22:11 +00:00
Max Laier
6ae8d74a9e Only decrement the max-src-conn counter for tcp connections that reached
"established" state.

Similar to OpenBSD's rev. 1.499 by joel but not breaking ABI.

Obtained from:	OpenBSD (with changes)
Reported by:	Bruno Afonso
MFC after:	3 days
X-MFC:		together with local_flags
2005-12-25 23:52:00 +00:00
Max Laier
8d13037cda Fix build after timeval.tv_sec changed from long to time_t. 2005-12-25 22:57:08 +00:00
Max Laier
602d8f4030 Move PFSTATE_EXPIRING from sync_flags to a new local_flags. sync_flags has
special handling when zero.  This caused no PFSYNC_ACT_DEL message and thus
disfunction of pfflowd and state synchronisation in general.

Discovered by:	thompsa
Good catch by:	thompsa
MFC after:	7 days
2005-12-20 00:33:33 +00:00
David E. O'Brien
d5d59bade9 This commit was generated by cvs2svn to compensate for changes in r153200,
which included commits to RCS files with non-trunk default branches.
2005-12-07 17:32:13 +00:00
David E. O'Brien
b734606dff Update the nForce MCP NIC bits. This is version 1.0-0310 23-Nov-2005. 2005-12-07 17:32:13 +00:00
Ruslan Ermilov
342ed5d948 Fix -Wundef warnings found when compiling i386 LINT, GENERIC and
custom kernels.
2005-12-05 11:58:35 +00:00
Ruslan Ermilov
3238c6bd33 Fix -Wundef from compiling the amd64 LINT. 2005-12-04 10:06:06 +00:00
Ruslan Ermilov
4a0d6638b3 - Store pointer to the link-level address right in "struct ifnet"
rather than in ifindex_table[]; all (except one) accesses are
  through ifp anyway.  IF_LLADDR() works faster, and all (except
  one) ifaddr_byindex() users were converted to use ifp->if_addr.

- Stop storing a (pointer to) Ethernet address in "struct arpcom",
  and drop the IFP2ENADDR() macro; all users have been converted
  to use IF_LLADDR() instead.
2005-11-11 16:04:59 +00:00
Ruslan Ermilov
d09ed26fd8 - Make IFP2ENADDR() a pointer to IF_LLADDR() rather than another
copy of Ethernet address.

- Change iso88025_ifattach() and fddi_ifattach() to accept MAC
  address as an argument, similar to ether_ifattach(), to make
  this work.
2005-11-11 07:36:14 +00:00
Andrew Thompson
4e7e0183e1 Move the cloned interface list management in to if_clone. For some drivers the
softc lists and associated mutex are now unused so these have been removed.

Calling if_clone_detach() will now destroy all the cloned interfaces for the
driver and in most cases is all thats needed to unload.

Idea by:	brooks
Reviewed by:	brooks
2005-11-08 20:08:34 +00:00
Jung-uk Kim
e9bfb92a8e - Fix more resource parsing problems. The previous commit was imcomplete.
- Fix a typo in rsmisc.c and a style change for consistency.

This patch will also appear in future ACPI-CA release.

Submitted by:	Robert Moore <robert dot moore at intel dot com>
Tested by:	ru
2005-11-04 21:29:41 +00:00
Jung-uk Kim
45e7d2e745 This commit was generated by cvs2svn to compensate for changes in r152069,
which included commits to RCS files with non-trunk default branches.
2005-11-04 21:29:41 +00:00
Nate Lawson
ce60eb2a14 Account for the minimum resource size when parsing the end tag resource
descriptor.  This should fix the "memory modified after free" panics.  This
patch will appear in a future acpi-ca distribution.

Submitted by:	Robert Moore <robert.moore / intel.com>
Tested by:	Peter Holm
2005-11-04 20:15:09 +00:00
Nate Lawson
d4d37d2fc9 This commit was generated by cvs2svn to compensate for changes in r152058,
which included commits to RCS files with non-trunk default branches.
2005-11-04 20:15:09 +00:00
Jung-uk Kim
2a74e7368d Fix build breakage on tinderbox. 2005-11-03 20:27:38 +00:00
Jung-uk Kim
6eb081af76 Update to reflect import of ACPI-CA 20051021 with includes fixups 2005-11-01 22:38:50 +00:00
Jung-uk Kim
5475ddb73a Local change: remove unnecessary __cdecl 2005-11-01 22:33:32 +00:00
Jung-uk Kim
0dd793f645 Local change: remove compilation warnings 2005-11-01 22:30:52 +00:00
Jung-uk Kim
b56f6e1fd7 Fix conflicts from import of Intel ACPI-CA 20051021 2005-11-01 22:28:49 +00:00
Jung-uk Kim
775a51a92f Unchanged files that are off the vendor branch 2005-11-01 22:23:25 +00:00
Jung-uk Kim
5e41bc61d8 Fix few compilation problems on vendor branch.
These fixes will be submitted vendor.
2005-11-01 22:18:47 +00:00
Jung-uk Kim
43ea53ef1f This commit was generated by cvs2svn to compensate for changes in r151940,
which included commits to RCS files with non-trunk default branches.
2005-11-01 22:18:47 +00:00
Jung-uk Kim
fba7fc7e34 Vendor import of Intel ACPI-CA 20051021 2005-11-01 22:11:18 +00:00
Jung-uk Kim
ff4eaaff6b This commit was generated by cvs2svn to compensate for changes in r151937,
which included commits to RCS files with non-trunk default branches.
2005-11-01 22:11:18 +00:00
Robert Watson
5bb84bc84b Normalize a significant number of kernel malloc type names:
- Prefer '_' to ' ', as it results in more easily parsed results in
  memory monitoring tools such as vmstat.

- Remove punctuation that is incompatible with using memory type names
  as file names, such as '/' characters.

- Disambiguate some collisions by adding subsystem prefixes to some
  memory types.

- Generally prefer lower case to upper case.

- If the same type is defined in multiple architecture directories,
  attempt to use the same name in additional cases.

Not all instances were caught in this change, so more work is required to
finish this conversion.  Similar changes are required for UMA zone names.
2005-10-31 15:41:29 +00:00
John Baldwin
28f22a242b Remove old ACPICA files from the INTEL vendor branch. They were removed
from HEAD about 4 years ago when we started flattening out the ACPICA
distribution.
2005-10-27 20:48:05 +00:00
David E. O'Brien
c33a1f33c8 Add a commented out version of what was done for the r20041119sysinc import. 2005-10-24 04:36:14 +00:00
David E. O'Brien
3e50df5a3e Fix conflicts of import of Intel ACPI-CA 20041119 with system includes fixups. 2005-10-24 04:35:20 +00:00
David E. O'Brien
27f081c52f Vendor import of Intel ACPI-CA 20041119 with system includes fixups. 2005-10-24 04:31:06 +00:00
David E. O'Brien
763384f7cd This commit was generated by cvs2svn to compensate for changes in r151600,
which included commits to RCS files with non-trunk default branches.
2005-10-24 04:31:06 +00:00
Ruslan Ermilov
e019908ee7 In detach method, move if_free() after bus_teardown_intr(). 2005-10-13 21:11:20 +00:00
Andrew Thompson
febd0759f3 Change the reference counting to count the number of cloned interfaces for each
cloner. This ensures that ifc->ifc_units is not prematurely freed in
if_clone_detach() before the clones are destroyed, resulting in memory modified
after free. This could be triggered with if_vlan.

Assert that all cloners have been destroyed when freeing the memory.

Change all simple cloners to destroy their clones with ifc_simple_destroy() on
module unload so the reference count is properly updated. This also cleans up
the interface destroy routines and allows future optimisation.

Discussed with:	brooks, pjd, -current
Reviewed by:	brooks
2005-10-12 19:52:16 +00:00
Ruslan Ermilov
fead0681ed Fix "struct ifnet" leak if attach() fails in the middle. 2005-09-16 12:49:06 +00:00
David E. O'Brien
1aa7b020d7 Per a request from Nick Triantos of nVidia, nVidia's legal department asked
that we provide their license document beside their nForce MCP object code.
2005-09-11 17:50:20 +00:00
Max Laier
922e338183 Stop leaking a lock. This used to cause a propagate_priority() page fault
when setting syncdev and syncpeer.

Reported by:	Dominic Marks
2005-09-11 11:55:39 +00:00
Max Laier
82f0cb7f33 Unbreak the build. Committed from the wrong directory. 2005-09-08 17:42:42 +00:00
Max Laier
5e11e6c096 Commit imported changes to HEAD:
pf_ioctl.c Revision 1.153 Sun Aug 7 11:37:33 2005 UTC by dhartmei
 | verify ticket in DIOCADDADDR, from Boris Polevoy, ok deraadt@

 pf_ioctl.c Revision 1.158 Mon Sep 5 14:51:08 2005 UTC by dhartmei
 | in DIOCCHANGERULE, properly initialize table, if used in NAT rule.
 | from Boris Polevoy <vapcom at mail dot ru>, ok mcbride@

 pf.c Revision 1.502 Mon Aug 22 11:54:25 2005 UTC by dhartmei
 | when nat'ing icmp 'connections', replace icmp id with proxy values
 | (similar to proxy ports for tcp/udp). not all clients use
 | per-invokation random ids, this allows multiple concurrent
 | connections from such clients.
 | thanks for testing to Rod Whitworth, "looks ok" markus@

 pf.c Revision 1.501 Mon Aug 22 09:48:05 2005 UTC by dhartmei
 | fix rdr to bitmask replacement address pool. patch from Max Laier,
 | reported by Boris Polevoy, tested by Jean Debogue, ok henning@

Obtained from:	OpenBSD
MFC after:	3 days
2005-09-08 15:06:52 +00:00
Max Laier
9e34bd388c Loopback four fixes from OpenBSD for problems reported to the freebsd-pf
mailing list onto the vendor branch:
 pf_ioctl.c Revision 1.153 Sun Aug 7 11:37:33 2005 UTC by dhartmei
 | verify ticket in DIOCADDADDR, from Boris Polevoy, ok deraadt@

 pf_ioctl.c Revision 1.158 Mon Sep 5 14:51:08 2005 UTC by dhartmei
 | in DIOCCHANGERULE, properly initialize table, if used in NAT rule.
 | from Boris Polevoy <vapcom at mail dot ru>, ok mcbride@

 pf.c Revision 1.502 Mon Aug 22 11:54:25 2005 UTC by dhartmei
 | when nat'ing icmp 'connections', replace icmp id with proxy values
 | (similar to proxy ports for tcp/udp). not all clients use
 | per-invokation random ids, this allows multiple concurrent
 | connections from such clients.
 | thanks for testing to Rod Whitworth, "looks ok" markus@

 pf.c Revision 1.501 Mon Aug 22 09:48:05 2005 UTC by dhartmei
 | fix rdr to bitmask replacement address pool. patch from Max Laier,
 | reported by Boris Polevoy, tested by Jean Debogue, ok henning@
2005-09-08 14:59:36 +00:00
Max Laier
ef2e5f06f2 Wrap the new world order in __FreeBSD__ to ease future imports. 2005-08-09 11:59:02 +00:00
Robert Watson
13f4c340ae Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and
IFF_DRV_RUNNING, as well as the move from ifnet.if_flags to
ifnet.if_drv_flags.  Device drivers are now responsible for
synchronizing access to these flags, as they are in if_drv_flags.  This
helps prevent races between the network stack and device driver in
maintaining the interface flags field.

Many __FreeBSD__ and __FreeBSD_version checks maintained and continued;
some less so.

Reviewed by:	pjd, bz
MFC after:	7 days
2005-08-09 10:20:02 +00:00
Max Laier
ffe93c0d25 Prevent a race condition. As pf_send_tcp() - called for expired synproxy
states - has to drop the lock when calling back to ip_output(), the state
purge timeout might run and gc the state. This results in a rb-tree
inconsistency.  With this change we flag expiring states while holding the
lock and back off if the flag is already set.

Reported by:	glebius
MFC after:	2 weeks
2005-07-20 18:58:27 +00:00
Hajimu UMEMOTO
6c4eaa873f move RFC3542 related definitions into ip6.h.
Submitted by:	Keiichi SHIMA <keiichi__at__iijlab.net>
Reviewed by:	mlaier
Obtained from:	KAME
2005-07-20 10:30:52 +00:00
Max Laier
6de8d9dc52 Export pfsyncstats via sysctl "net.inet.pfsync" in order to print them with
netstat (seperate commit).

Requested by:	glebius
MFC after:	1 week
2005-07-14 22:22:51 +00:00
Max Laier
889ad0384e Properly initialize ifq_maxlen for the defered send queue and make it
actually work.  Also use the right semantics for IF_HANDOFF to get correct
stats.

Reported and tested by:	Sascha Luck <sascha at c4inet dot net>
Approved by:		re (blanket)
2005-06-26 21:00:52 +00:00
Darren Reed
721c3c7cc6 Fix some minor problems before release:
(1) "ipf -T" is broken for fetching single entries and
(2) loading rules with numbered collections does not order insertion right.
(3) stats aren't accumulated for hash table memory failures

Approved by: re (dwhite)
2005-06-23 14:19:02 +00:00
Darren Reed
ebcef7d42b locking on exit of reading from ip_sync is not correct for all instances
Approved by:	re (dwhite)
2005-06-14 09:18:26 +00:00
Max Laier
c8d1dc8cc8 Mark pf callouts as NET_MPSAFE.
Requested by:	yongari (serveral times)
Approved by:	re (blanket)
MFC after:	1 week
2005-06-12 16:46:20 +00:00
Max Laier
fe2f7b3b0d Defer ip_output of pfsync updates to an independent callout thread instead
of just dropping the lock around the ip_output call.  This used to cause
corrupted state tree walks for some call-paths.

In a second stage all callouts will be marked MPSAFE according to the
setting of mpsafenet.

Reported and tested by:	Matthew Grooms <mgrooms at seton dot org>
MFC after:		3 days
X-MFC after:		Marking callouts MPSAFE + 1 week
2005-06-10 17:23:49 +00:00
Brooks Davis
fc74a9f93a Stop embedding struct ifnet at the top of driver softcs. Instead the
struct ifnet or the layer 2 common structure it was embedded in have
been replaced with a struct ifnet pointer to be filled by a call to the
new function, if_alloc(). The layer 2 common structure is also allocated
via if_alloc() based on the interface type. It is hung off the new
struct ifnet member, if_l2com.

This change removes the size of these structures from the kernel ABI and
will allow us to better manage them as interfaces come and go.

Other changes of note:
 - Struct arpcom is no longer referenced in normal interface code.
   Instead the Ethernet address is accessed via the IFP2ENADDR() macro.
   To enforce this ac_enaddr has been renamed to _ac_enaddr.
 - The second argument to ether_ifattach is now always the mac address
   from driver private storage rather than sometimes being ac_enaddr.

Reviewed by:	sobomax, sam
2005-06-10 16:49:24 +00:00
Hartmut Brandt
d32729f62c Virgin import of NgATM kernel part 1.2 2005-05-23 13:08:32 +00:00
Hartmut Brandt
9fb7e9cad1 This commit was generated by cvs2svn to compensate for changes in r146539,
which included commits to RCS files with non-trunk default branches.
2005-05-23 13:08:32 +00:00
Darren Reed
051adc35a2 Enable building /sbin/ipf (but not the rescue version) with the ability to
parse bpf strings for filter rules in ipf.conf
2005-05-16 16:22:55 +00:00
Darren Reed
05793fcbf0 Enable IPFilter to correctly determine if BPF has been optioned into the
kernel it is being compiled against and subsequently enable using BPF for
packet matching in ipf rules.
2005-05-15 03:34:17 +00:00
Max Laier
ac9dfc9061 if_mtu not ifp_mtu. 2005-05-04 19:51:06 +00:00
Max Laier
69d9333494 Bring back fix from rev. 1.28 which was lost during the import. 2005-05-04 16:03:01 +00:00
Max Laier
8398e1894d Combine rev. 1.29 and 1.30 to something that will make sense for future
imports.
2005-05-04 15:55:29 +00:00
Max Laier
10ca483be0 Make LINT happy. 2005-05-04 15:29:28 +00:00
Andre Oppermann
c773494edd Pass icmp_error() the MTU argument directly instead of
an interface pointer.  This simplifies a couple of uses
and removes some XXX workarounds.
2005-05-04 13:09:19 +00:00
Max Laier
b01933e6bf Resolve conflicts created during the import of pf 3.7 Some features are
missing and will be implemented in a second step.  This is functional as is.

Tested by:	freebsd-pf, pfsense.org
Obtained from:	OpenBSD
X-MFC after:	never (breaks API/ABI)
2005-05-03 16:43:32 +00:00
Max Laier
f0d663ded8 Import pf from OpenBSD 3.7 (OPENBSD_3_7 as of today) 2005-05-03 16:34:36 +00:00
Ruslan Ermilov
f9067637f7 Fix the following warnings on amd64:
/usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c: In function `fr_ipid_newfrag':
/usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c:397: warning: cast to pointer from integer of different size
/usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c: In function `fr_ipid_knownfrag':
/usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c:582: warning: cast from pointer to integer of different size
2005-04-29 05:57:17 +00:00
Darren Reed
e01de6cda3 Don't use quad_t on FreeBSD (deprecated) so use "long long" instead.
Someday this should be converted to uint64_t and printstate.c changed to
use those horrid PRiud64 things.
2005-04-28 21:36:30 +00:00
Darren Reed
caec4e7746 The current H.323 proxy source has a license that isn't suitable for inclusion
with FreeBSD so we shouldn't be trying to include it here.
2005-04-27 05:53:12 +00:00
Darren Reed
b1660bb30d - Comment out duplicate rcsid strings in *.c files
- Move SIOCPROXY from ip_nat.h to ip_proxy.h and fix ip_proxy.h so that it
  can be easily compiled into kdump, et al.
2005-04-27 03:48:10 +00:00
Darren Reed
c81e55a2df Add an include for netinet/ip_compat.h directly so that we don't need to
add another special file in the creation of ioctls.c for kdump.
2005-04-26 17:58:05 +00:00
Darren Reed
6eab6ed50f Merge the changes from 3.4.35 to 4.1.8 into the kernel source tree 2005-04-25 18:43:14 +00:00
Darren Reed
8158c4468d import ipfilter 4.1.8 into the kernel source tree 2005-04-25 18:15:41 +00:00
Darren Reed
d607092b37 This commit was generated by cvs2svn to compensate for changes in r145516,
which included commits to RCS files with non-trunk default branches.
2005-04-25 18:15:41 +00:00
Gleb Smirnoff
2fa088e969 Fix error in synproxy connection completion. Source and
destination windows were confused, one instead of other.
This error was masked, because first segment of just
established connection is usually smaller than initially
announced window, and it was successfully passed. First
window reannouncement corrected erroneous 'seqhi' value.
The error showed up when client connected to synproxy
with zero initial window, and reannounced it after
session establishment.

In collaboration with:	dhartmei [we came to same patch independtly]
Reviewed by:		mlaier
Sponsored by:		Rambler
MFC after:		3 days
2005-04-22 09:53:46 +00:00
Robert Watson
e551d45211 Modify the alq(9) alq_open() API to accept a file creation mode, rather
than defaulting the cmode argument to vn_open() to 0.  Supply a default
argument of ALQ_DEFAULT_CMODE (0600) in current callers.

Discussed with/pointed out by:	hmp
Reveiwed by:	jeff, hmp
MFC after:	3 days
2005-04-16 12:12:27 +00:00
Gleb Smirnoff
699df192d9 Fix mss byte order, only affects synproxy code path.
Submitted by:	John L. Scarfone via OpenBSD
Reviewed by:	mlaier
Obtained from:	OpenBSD, rev. 1.483
MFC after:	2 days
2005-04-13 21:05:55 +00:00
David E. O'Brien
1e5fec6b15 Import the nForce MCP NIC bits. This is version 1.0-0301.
Demanded by:	DES
Encouraged by:	scottl
2005-03-12 00:17:37 +00:00
David E. O'Brien
0587a1ea34 This commit was generated by cvs2svn to compensate for changes in r143439,
which included commits to RCS files with non-trunk default branches.
2005-03-12 00:17:37 +00:00
Scott Long
d38d9c9e5e Move all of the hptmv files to /sys/dev/hptmv so that they won't be mistaken
for being on a CVS vendor branch.  The files were moved via a repo-copy.
2005-03-02 05:14:28 +00:00
David E. O'Brien
bb4e63066a Add FreeBSD ID. 2005-02-28 00:53:29 +00:00
Poul-Henning Kamp
4db0fda84e Use dynamic major number allocation. 2005-02-27 22:19:35 +00:00
Sam Leffler
c01f36ef0c avoid sneaky double free
Noticed by:	Coverity Prevent analysis tool
Reviewed by:	scottl
2005-02-25 00:16:53 +00:00
Brian Feldman
d011a9158c Do not fail to initialize callouts (on SMP only) -- it leads to crashing. 2005-02-22 04:27:05 +00:00
Max Laier
93d6cddf05 Fix a terrible braino in pfi_maybe_destroy() and unbreak "$pfctl -Fall" with
renamed interfaces.

PR:		kern/77645
Reported by:	Harald Schmalzbauer <harryNOschmalzbauerSPAMde>
Reviewed by:	yongari
MFC after:	3 days
2005-02-21 17:20:00 +00:00
Max Laier
0df559602c Don't use the static CALLOUT_INITIALIZER for __FreeBSD_version >= 600000. It
was a bad idea, but since it is done like this in the vendor source we keep
it around for older versions. As a safe guard against future misuse we don't
even define CALLOUT_INITIALIZER anymore.

This fixes ALTQ after callout_init_mtx() and takes altq_var.h off the vendor
branch.

Submitted by:	Divacky Roman <xdivac02NOstud.fit.vutbrSPAMcz> (w/ changes)
2005-02-21 17:11:09 +00:00
Pyun YongHyeon
a94f16f4fa Fix inteface clear time. pf printed "Thu Jan 1 09:00:01 1970"
in "pfctl -vvsI" output when pf was statically linked to kernel.

Discussed with:	mlaier
2005-02-17 03:36:31 +00:00
Max Laier
68198dedf8 Access softc embedded struct ifnet via function macro to make it easier to
untangle struct ifnet and softc/arpcom in the future.

Requested by:	brooks
2005-02-09 19:29:13 +00:00
Matthew N. Dodd
1f005b6723 - Split out PCI support.
- Add previously removed ISA support.

Submitted by:	David S. Madole <david AT madole.net>
2005-02-03 23:01:01 +00:00
Daniel Hartmeier
d4f925e4df Use the packet's address family instead of the rule's when selecting a
replacement address for an rdr rule. Some rdr rules have no address family
(when the replacement is a table and no other criterion implies one AF).
In this case, pf would fail to select a replacement address and drop the
packet due to translation failure.

Found by:	Gustavo A. Baratto
2005-01-20 18:07:35 +00:00
Daniel Hartmeier
9624b04d64 Prohibit ruleset changes at securelevel > 2, not > 1. It's documented
like this in init(8), but the code didn't match the documentation.

Submitted by:	Juraj Lutter <otis at sk dot FreeBSD dot org>
Agrees:		mlaier
2005-01-19 21:37:00 +00:00
Nate Lawson
edd973a013 Clean up a small memory leak introduced with the previous commit to
dsutils.c.  We need to GC the implicitly-returned object.

Submitted by:	Robert.Moore at Intel
MFC after:	1 day
2005-01-14 06:37:43 +00:00
Nate Lawson
d26e4b9a02 This commit was generated by cvs2svn to compensate for changes in r140216,
which included commits to RCS files with non-trunk default branches.
2005-01-14 06:37:43 +00:00
Nate Lawson
4802655124 Fix handling of the implicit return case for methods called from an
external source (i.e., _STA).  The previous case only handled calls
occurring within AML.  This should fix Toshibas, among others.  Thanks
to Robert Moore of Intel for the fix.

MFC after:	2 days
2005-01-12 00:52:40 +00:00
Nate Lawson
6023610d63 This commit was generated by cvs2svn to compensate for changes in r140094,
which included commits to RCS files with non-trunk default branches.
2005-01-12 00:52:40 +00:00
Darren Reed
4d7cb202f1 Elminate 1 LOR (actually a recursive mutex grab) involving ipfilter where
we loop through all the list of NICs (struct ifnet), holding the lock on
it and then do a name lookup with ifunit() whilst holding it.
2005-01-08 04:32:02 +00:00
Darren Reed
4541c49f79 * Remove some code that's in a #ifndef FreeBSD that's no longer used. 2004-12-26 09:09:29 +00:00
Darren Reed
2fb1eb06a7 * The #ifdef's to cause mutex's for freebsd to be declared were meant to pick
up on USE_MUTEX being defined, but this patch
* Remove some code that's in a #ifndef FreeBSD that's no longer used.
2004-12-26 09:08:42 +00:00
Scott Long
98331badc2 Darnit, through a maze of twisty passages, ipfilter needs to have PFIL_HOOKS
defined.  Revert part of the previous commit to fix this.
2004-12-25 00:48:27 +00:00
Scott Long
0ca8ae1641 Sprinkle in some __FreeBSD_version checks so that this compiles again. Don't
define PFIL_HOOKS anymore.

Submitted by: keramida
2004-12-25 00:22:25 +00:00
Darren Reed
77bb8ca4a3 Enable fine grained locking within IPFilter, using mtx(9) and sx(9) allowing
the the "needs giant" flag to be removed from the driver.
2004-12-24 09:14:26 +00:00
Daniel Hartmeier
2726bbe221 Initialise init_addr in pf_map_addr() in the PF_POOL_ROUNDROBIN,
prevents a possible endless loop in pf_get_sport() with 'static-port'

ICMP state entries use the ICMP ID as port for the unique state key. When
checking for a usable key, construct the key in the same way. Otherwise,
a colliding key might be missed or a state insertion might be refused even
though it could be inserted. The second case triggers the endless loop,
possibly allowing a NATed LAN client to lock up the kernel.

PR:			kern/74930
Reported and tested by:	Hugo Silva, Srebrenko Sehic
MFC after:		3 days
2004-12-19 19:43:04 +00:00
Max Laier
905c6b87b7 Make ip_nat compile again. Should read #if->n<-def LARGE_NAT as in ipf 4.x 2004-12-18 03:47:54 +00:00
Darren Reed
f42b5dbebb Move two variables that are unused if LARGE_NAT is defined inside an #ifdef
to keep them out of harms way when compiling.

PR:	72783
2004-12-17 15:59:16 +00:00
Darren Reed
8a377db272 Allow ipnat redirect rules to work for non-TCP/UDP packets.
PR:             70038
Submitted by:   fming@borderware.com
Reviewed by:    darrenr
Obtained from:  fming@borderware.com
2004-12-17 02:29:34 +00:00
Darren Reed
6de0f6c8b8 Using just m_pullup to get all of the interesting bits in packet into one
buffer doesn't work for ipv6 packets, so use m_defrag() here instead as an
easy drop-in replacement.

PR:	70399
2004-12-16 21:02:16 +00:00
Max Laier
7cadbe4109 Compile pfsync w/o bpf.
Noticed by:	"Jayel Villamin" <jarthel operamail com>
2004-12-10 17:42:47 +00:00
Sam Leffler
8c489f7420 clear old files now in public 2004-12-08 18:27:44 +00:00
Sam Leffler
7a4700cda9 resolve merge conflict 2004-12-08 18:18:39 +00:00
Sam Leffler
31801f0d36 Version 0.9.14.12:
[Changes listed only since last public release 0.9.12.14; for changes
 prior to that consult the CVS logs at http://madwifi.sourceforge.net]

o reorg directory structure to have a single set of public binary builds
  shared by all systems
o support for new parts (all shipping pci/cardbus parts to this date work)
o new capabilities for identifying various chip features
o set/get tx power cap for supporting 802.11h information element
o revised api for set/get tx queue properties
o support for updating CTS in frames when doing packet bursting
o support for querying which tx queues have pending interrupts
2004-12-08 18:06:09 +00:00
Sam Leffler
230d5663fc This commit was generated by cvs2svn to compensate for changes in r138583,
which included commits to RCS files with non-trunk default branches.
2004-12-08 18:06:09 +00:00
Daniel Hartmeier
8092705059 IPv6 packets can contain headers (like options) before the TCP/UDP/ICMP6
header. pf finds the first TCP/UDP/ICMP6 header to filter by traversing
the header chain. In the case where headers are skipped, the protocol
checksum verification used the wrong length (included the skipped headers),
leading to incorrectly mismatching checksums. Such IPv6 packets with
headers were silently dropped.

Discovered by:	Bernhard Schmidt
MFC after:	1 week
2004-12-05 12:15:43 +00:00
Mark Santcroos
697831d611 Oops, remove unnecessary cast in original, out-commented code.
This was a debug leftover.

MFC after:	1 week
2004-12-02 00:12:19 +00:00
Mark Santcroos
cdb35b24fe This commit was generated by cvs2svn to compensate for changes in r138298,
which included commits to RCS files with non-trunk default branches.
2004-12-02 00:12:19 +00:00
Mark Santcroos
f42941d3ec Local change: Supporting code not yet available, use previous behavior
instead for the time being. Intel should fix this.

Note that if this commit is correct, it is made on the vendor branch.
We expect the Intel folks to fix it, and we don't want to unnecessarily
take files off the vendor branch.

Approved by:	njl
MFC after:	1 week
2004-12-02 00:05:02 +00:00
Mark Santcroos
cc50c2376d This commit was generated by cvs2svn to compensate for changes in r138296,
which included commits to RCS files with non-trunk default branches.
2004-12-02 00:05:02 +00:00
Mark Santcroos
3e5f2bd199 Local change: Remove warnings from vendor files.
Approved by:	njl
MFC after:	1 week
2004-12-01 23:42:21 +00:00
Mark Santcroos
0f190207e6 Local change: In the resume path, give up after waiting for a while
for WAK_STS to be set.  Some BIOSs never set it.

Approved by:	njl
MFC after:	1 week
2004-12-01 23:40:48 +00:00
Mark Santcroos
40047a89b4 Local change: Put various debugging options under ACPI_DISASSEMBLER.
Approved by:	njl
MFC after:	1 week
2004-12-01 23:39:45 +00:00
Mark Santcroos
8baa584183 Unchanged files that are off the vendor branch.
Approved by:	njl
MFC after:	1 week
2004-12-01 23:34:39 +00:00
Mark Santcroos
c846686064 Vendor import of Intel ACPI-CA 20041119 2004-12-01 23:14:10 +00:00
Mark Santcroos
3a36dacc92 This commit was generated by cvs2svn to compensate for changes in r138287,
which included commits to RCS files with non-trunk default branches.
2004-12-01 23:14:10 +00:00
Daniel Hartmeier
1a4a376387 fix a bug that leads to a crash when binat rules of the form
'binat from ... to ... -> (if)' are used, where the interface
is dynamic.

Discovered by:	kos(at)bastard(dot)net
Analyzed by:	Pyun YongHyeon
Approved by:	mlaier (mentor)
MFC after:	1 week
2004-11-24 00:43:34 +00:00
Ruslan Ermilov
9528cdfa6e Removed the remnants of gx(4). 2004-11-08 20:24:52 +00:00
Max Laier
a9052a1691 Improved interface handling. This should fix the use of renamed interfaces
(ifconfig xl0 name foo) as well as some special interfaces such as the 6to4
tunnel.

Reported by:	Ed Schouten <ed (at) il ! fontys , nl>
Tested by:	freebsd-pf
PR:		kern/72444
MFC after:	3 weeks
2004-11-03 17:21:12 +00:00
Max Laier
b6b3698c8e Fix a panic discovered with some apache2 configure test (that seemed to
trigger a socket creation race some some kind). Checking for non-NULL socket
and credential is not a bad idea anyway. Unfortunatly too late for the
release.

Reported & tested by:	Gilbert Cao
MFC after:		2 weeks
2004-10-24 19:35:02 +00:00
Scott Long
7d9aed9c4c Fix some warnings that only triggered in LINT. 2004-10-24 09:23:07 +00:00
Scott Long
f01be89133 Embed the correct name. 2004-10-24 08:48:32 +00:00
Scott Long
1713e81b9c Import the HighPoint RocketRAID 182x driver. Thanks to HighPoint for
providing the original driver, and thanks to IronSystems for providing
hardware for testing.
2004-10-24 05:37:23 +00:00
Max Laier
d6a8d58875 Add an additional struct inpcb * argument to pfil(9) in order to enable
passing along socket information. This is required to work around a LOR with
the socket code which results in an easy reproducible hard lockup with
debug.mpsafenet=1. This commit does *not* fix the LOR, but enables us to do
so later. The missing piece is to turn the filter locking into a leaf lock
and will follow in a seperate (later) commit.

This will hopefully be MT5'ed in order to fix the problem for RELENG_5 in
forseeable future.

Suggested by:		rwatson
A lot of work by:	csjp (he'd be even more helpful w/o mentor-reviews ;)
Reviewed by:		rwatson, csjp
Tested by:		-pf, -ipfw, LINT, csjp and myself
MFC after:		3 days

LOR IDs:		14 - 17 (not fixed yet)
2004-09-29 04:54:33 +00:00
Max Laier
7ea7663ca4 Protect sockaddr_union definitions with a protecting define. This allows to
build kernels with FAST_IPSEC and PF. This is the least disruptive fix.

PR:		kern/71836
Reviewed by:	bms, various mailing lists
MFC after:	3 days
2004-09-23 12:44:40 +00:00
Max Laier
abd627ebb7 Break out altq_enable/disable from DIOC{START,STOP}ALTQ into seprate
functions that can be called from enable/disable pf as well. This improves
switching from non-altq ruleset to altq ruleset (and the other way 'round)
by a great deal and makes pfctl act like the user would except it to.

PR:		kern/71746
Tested by:	Aurilien "beorn" Rougemont (PR submitter)
MFC after:	3 days
2004-09-17 02:15:05 +00:00
Max Laier
4758aa2bd4 Reactivate skipping over bogus IPCP addresses on ppp interfaces. Be more
careful with the skip condition this time. Addresses are only not taken into
account if:
	- The interface is POINTTOPOINT
	- There is no route installed for the address
	- The user specified noalias (:0)
and	- We are looking at an IPv4 address.

This should be enough paranoia to not cause any false positives.

PR:	 	misc/69954
Discussed with:	yongari
MFC after:	4 days
2004-09-14 15:20:24 +00:00
Max Laier
f78086efb6 Move pf* init from SI_SUB_PSEUDO to SI_SUB_PROTO_IFATTACHDOMAIN where it is
save to call if_attachdomain from if_attach() (as done for if_loop.c). We
will now end up with a properly initialized if_afdata array and the nd6
callout will no longer try to deref a NULL pointer.

Still this is a temp workaround and the locking for if_afdata should be
revisited at a later point.

Requested by:			rwatson
Discussed with and tested by:	yongari (a while ago)
PR:				kern/70393
MFC after:			5 days
2004-09-14 03:12:01 +00:00
Max Laier
c9f6794e2e One more round on the H/W supported checksum code: Fix NICs that can't do
the pseudo header. We really need the TCP packet length here. This happens
to end up in ip->ip_len in tcp_input.c, but here we should get it from the
len function variable instead.

Submitted by:	yongari
Tested by:	Nicolas Linard, yongari (sparc64 + hme)
MFC after:	5 days
2004-09-11 11:18:25 +00:00
Andre Oppermann
5f56967319 From __FreeBSD_version 600001 on PFIL_HOOKS is permanently in the kernel and
doesn't require to include opt_pfil_hooks.h.
2004-08-27 20:01:08 +00:00
Max Laier
7fff37fc15 Use securelevel_gt instead of reading global securelevel unprotected.
Submitted by:	yongari
MFC after:	3 days
2004-08-22 15:23:48 +00:00
Nate Lawson
aaff1d4cfa Add a padding member to the header overlaid on data allocated in the
ACPI_DEBUG case.  Without this, use of allocated memory is unaligned and
causes a trap on ia64.  Intel may fix this differently in a subsequent
release but this is adequate for now.

Submitted by:	marcel
MFC after:	2 days
2004-08-18 05:41:21 +00:00
Nate Lawson
ca36a5dc0d This commit was generated by cvs2svn to compensate for changes in r133931,
which included commits to RCS files with non-trunk default branches.
2004-08-18 05:41:21 +00:00
Max Laier
e89d8405c7 Comment out rev. 1.4 after problems w/ IPv6, a better solution must be
found.
2004-08-16 17:58:12 +00:00
David Malone
1f44b0a1b5 Get rid of the RANDOM_IP_ID option and make it a sysctl. NetBSD
have already done this, so I have styled the patch on their work:

        1) introduce a ip_newid() static inline function that checks
        the sysctl and then decides if it should return a sequential
        or random IP ID.

        2) named the sysctl net.inet.ip.random_id

        3) IPv6 flow IDs and fragment IDs are now always random.
        Flow IDs and frag IDs are significantly less common in the
        IPv6 world (ie. rarely generated per-packet), so there should
        be smaller performance concerns.

The sysctl defaults to 0 (sequential IP IDs).

Reviewed by:	andre, silby, mlaier, ume
Based on:	NetBSD
MFC after:	2 months
2004-08-14 15:32:40 +00:00
Robert Watson
9baf5f2da1 Since if_oltr doesn't contain locking or run with INTR_MPSAFE, mark
the interface as IFF_NEEDSGIANT so if_start is run holding Giant.
2004-08-14 00:19:07 +00:00
Max Laier
571065e55f Loopback fix from Mathieu Sauve-Frankel:
Add missing check for NULL in DIOCCHANGERULE. This prevents a crash
	in certain rare cases.
2004-08-12 14:15:42 +00:00
Max Laier
61ba182027 Import a fix from the OpenBSD-stable branch, that slipped by my previous
import. Sorry.
2004-08-12 14:09:56 +00:00
Max Laier
01105bbf3b Loopback fix from Daniel Hartmeier:
pf_cksum_fixup() was called without last argument from
	normalization, also fixup checksum when random-id modifies ip_id.
	This would previously lead to incorrect checksums for packets
	modified by scrub random-id.

(Originally) Submitted by:	yongari
2004-08-12 13:59:44 +00:00
Max Laier
91a9e0b42b Loopback fix from Henning Brauer:
skip over interface addresses without IFA_ROUTE, fixes some issue
	with pppd

PR:	misc/69954
2004-08-12 13:54:50 +00:00
Max Laier
bf47a23754 Import a couple of fixes from OpenBSD-current, which did not make -stable in
OpenBSD for various reasons.

Discussed with:	yongari
2004-08-12 13:46:21 +00:00
Hartmut Brandt
63fa1c3303 Exclusion list for easier import. 2004-08-11 12:25:09 +00:00
Hartmut Brandt
e42ab7cde1 Virgin import of NgATM shared kernel/user part 1.1 2004-08-11 12:21:36 +00:00
Hartmut Brandt
f3e103df9f This commit was generated by cvs2svn to compensate for changes in r133492,
which included commits to RCS files with non-trunk default branches.
2004-08-11 12:21:36 +00:00
Max Laier
8de5b6f306 Use in_cksum_skip() to calculate in4_cksum instead of doing handrolled magic
(that does not compile with !gcc). Moreover we get the benefit for all archs
that have a hand optimized in_cksum_skip().

Submitted by:	yongari
Tested by:	me (i386, extensivly), pf4freebsd ML (various)
2004-08-05 20:41:38 +00:00
Alexander Kabaev
7e86873d5c Initialize s variable early to shut up GCC warnings.
Do not declare inline functions without body as this is useless in
general and generates a warning with GCC 3.4.x.

Glanced over by:	dhartmei
2004-07-28 06:14:44 +00:00
Max Laier
c99c1da589 Fix the following LOR on pf module unload:
1st ifnet (ifnet) @/usr/src/sys/contrib/pf/net/pf_if.c:191
2nd pf task mtx (pf task mtx) @/usr/src/sys/contrib/pf/net/pf_if.c:197

Reported by:	Pyun YongHyeon (a long time ago)
2004-07-23 03:37:05 +00:00
Max Laier
bb73d87a1e Refine pf_check_proto_cksum() a bit in order to avoid additional in_pseudo()
calls further down the stack. If we find the cksum to be okay we pretend
that the hardware did all the work and hence keep the upper layers from
checking again.

Submitted by:	Pyun YongHyeon
2004-07-23 03:31:42 +00:00