which is invoked from socket() and socketpair(), permitting MAC
policy modules to control the creation of sockets by domain, type, and
protocol.
Obtained from: TrustedBSD Project
Sponsored by: SPARTA, SPAWAR
Approved by: re (scottl)
Requested by: SCC
copied and pasted. I had actually tested without this change in my
trees as had the other testers.
Reported by: bde, Rostislav Krasny rosti dot bsd at gmail dot com
Approved by: re (scottl)
Pointy hat to: jhb
PPPoE modes. The interface was declared obsoleted before 5.3-RELEASE.
When running as access concentrator ng_pppoe(4) supports both modes
simultanously. When running as client mode can be swicthed in ppp(8)
configuration.
Approved by: re (scottl)
o use proper api for setting/deleting keys instead of depending
on key indices
o check mac address to decide whether a key is unicast or group/global
o check set_tx on key set to decide whether a group/global key should
also be marked as default
o explicitly set IEEE80211_KEY_GROUP flag for group keys instead of
depending on kernel auto-add kludge
With the above changes static wep key handling works.
Reviewed by: avatar
Approved by: re (scottl)
fixes a ref cnt leak
o make unicast key handling on delete identical to set
o change legacy wep key api to reset the 802.11 state
machine for backwards compatibility
Reviewed by: avatar
Approved by: re (scottl)
an item may be queued and processed later. While this is OK for mbufs,
this is a problem for control messages.
In the framework:
- Add optional callback function pointer to an item. When item gets
applied the callback is executed from ng_apply_item().
- Add new flag NG_PROGRESS. If this flag is supplied, then return
EINPROGRESS instead of 0 in case if item failed to deliver
synchronously and was queued.
- Honor NG_PROGRESS in ng_snd_item().
In ng_socket:
- When userland sends control message add callback to the item.
- If ng_snd_item() returns EINPROGRESS, then sleep.
This change fixes possible races in ngctl(8) scripts.
Reviewed by: julian
Approved by: re (scottl)
This case is triggered with ptrace(2) and the PT_SETREGS function.
Change the return type of the function to int so that errors can be
passed on to the caller.
Approved by: re (scottl)
packet filter. This would cause a panic on architectures that require strict
alignment such as sparc64, ia64 and ppc.
This uses the code block from if_bridge and the newly added macro
IP_HDR_ALIGNED_P().
This /might/ be a temporary messure before all NIC drivers are educated
to align the header themself.
PR: ia64/81284
Obtained from: NetBSD (if_bridge)
Approved by: re (dwhite), mlaier (mentor)
- Allow libpmc(3) to support P4/EMT64 PMCs on the amd64 architecture
and AMD K8 PMCs on the i386. [2]
Submitted by: ps [1]
Pointy hat: myself [2]
Approved by: re (scottl)
o Indent usb ids properly
o Check the return value of if_alloc()
o Call if_free() in ural_detach()
Reviewed by: silby (mentor)
Approved by: re (scottl)
Using ISO-10646-UCS-2 will cause a problem when we use our own
iconv functions in the future, or port iconv other than GNU
libiconv.
Each vendors treat "UCS-2" as follows, and endian issue is
vendor specific:
- Solaris 8 iconv
Little Endian with BOM
- HP-UX iconv
Big Endian
- NetBSD/i386 1.6 iconv
Little Endian
- GNU libiconv
Big Endian
- glibc(RedHat AS 2.1 x86) iconv
Little Endian
- IANA
Name: ISO-10646-UCS-2
MIBenum: 1000
Source: the 2-octet Basic Multilingual Plane, aka Unicode
this needs to specify network byte order: the standard
does not specify (it is a 16-bit integer space)
Alias: csUnicode
- MSDN
Little Endian
http://msdn.microsoft.com/library/en-us/cpref/html/frlrfsystemtextencodingclassgetencodingtopic2.asp
Now using UTF-16BE is harmless, because
- same as UCS-2 with 2 byte range (U+0000 - U+FFFF)
- kernel code of each file systems(cd9660, msdosfs, ntfs) believes
Unicode is a 2 byte character at this time.
- UDF has only 2 byte range of Unicode filenames.
- It's defined at RFC2781.
So I believe it's time to change before starting new RELENG_6. :)
Approved by: re (scottl)
pointer doesn't point to the first instruction of that function, but
rather to a descriptor. The descriptor has the address of the first
instruction, as well as the value of the global pointer. The symbol
table doesn't know anything about descriptors, so if you lookup the
name of a function you get the address of the first instruction. The
cast from the address, which is the result of the symbol lookup, to a
function pointer as is done in db_fncall is therefore invalid.
Abstract this detail behind the DB_CALL macro. By default DB_CALL is
defined as db_fncall_generic, which yields the old behaviour. On ia64
the macro is defined as db_fncall_ia64, in which a descriptor is
constructed to yield a valid function pointer.
While here, introduce DB_MAXARGS. DB_MAXARGS replaces the existing
(local) MAXARGS. The DB_MAXARGS macro can be defined by platforms to
create a convenient maximum. By default this will be the legacy 10.
On ia64 we define this macro to be 8, for 8 is the maximum number of
arguments that can be passed in registers. This avoids having to
implement spilling of arguments on the memory stack.
Approved by: re (dwhite)
packet filter. This would cause a panic on architectures that require strict
alignment such as sparc64 (tier1) and ia64/ppc (tier2).
This adds two new macros that check the alignment, these are compile time
dependent on __NO_STRICT_ALIGNMENT which is set for i386 and amd64 where
alignment isn't need so the cost is avoided.
IP_HDR_ALIGNED_P()
IP6_HDR_ALIGNED_P()
Move bridge_ip_checkbasic()/bridge_ip6_checkbasic() up so that the alignment
is checked for ipfw and dummynet too.
PR: ia64/81284
Obtained from: NetBSD
Approved by: re (dwhite), mlaier (mentor)
as they are already default for I686_CPU for almost 3 years, and
CPU_DISABLE_SSE always disables it. On the other hand, CPU_ENABLE_SSE
does not work for I486_CPU and I586_CPU.
This commit has:
- Removed the option from conf/options.*
- Removed the option and comments from MD NOTES files
- Simplified the CPU_ENABLE_SSE ifdef's so they don't
deal with CPU_ENABLE_SSE from kernel configuration. (*)
For most users, this commit should be largely no-op. If you used to
place CPU_ENABLE_SSE into your kernel configuration for some reason,
it is time to remove it.
(*) The ifdef's of CPU_ENABLE_SSE are not removed at this point, since
we need to change it to !defined(CPU_DISABLE_SSE) && defined(I686_CPU),
not just !defined(CPU_DISABLE_SSE), if we really want to do so.
Discussed on: -arch
Approved by: re (scottl)
by amd64 and i386: For buffered writes we collect data and write it
out a ${DEV_BSIZE}-sized block at a time. The fragsz variable is used
to keep track of how much data we have collected in the buffer so far
and it's reset to zero immediately after writing a block to the dump
device.
When the last, possibly partially filled buffer is flushed, we didn't
reset fragsz to 0 and as such would stop reflecting reality. Since we
currently only need to do buffered writes once, this isn't a problem.
However, when kernel dumps are made by hand (say by callling doadump
from within DDB), the improperly cleared state from the first call to
dumpsys causes the next call to dumpsys to create an invalid code file.
This change resets fragsz after flushing the partially filled buffer so
that it fixes the two problems at once.
Approved by: re (scottl)
after PAWS checks. The symptom of this is an inconsistency in the cached
sack state, caused by the fact that the sack scoreboard was not being
updated for an ACK handled in the header prediction path.
Found by: Andrey Chernov.
Submitted by: Noritoshi Demizu, Raja Mukerji.
Approved by: re
does not clear tlen and frees the mbuf (leaving th pointing at
freed memory), if the data segment is a complete duplicate.
This change works around that bug. A fix for the tcp_reass() bug
will appear later (that bug is benign for now, as neither th nor
tlen is referenced in tcp_input() after the call to tcp_reass()).
Found by: Pawel Jakub Dawidek.
Submitted by: Raja Mukerji, Noritoshi Demizu.
Approved by: re
- Introducing the possibility of using locks different than mutexes
for the knlist locking. In order to do this, we add three arguments to
knlist_init() to specify the functions to use to lock, unlock and
check if the lock is owned. If these arguments are NULL, we assume
mtx_lock, mtx_unlock and mtx_owned, respectively.
- Using the vnode lock for the knlist locking, when doing kqueue operations
on a vnode. This way, we don't have to lock the vnode while holding a
mutex, in filt_vfsread.
Reviewed by: jmg
Approved by: re (scottl), scottl (mentor override)
Pointyhat to: ssouhlal
Will be happy: everyone
of USB2 "duplicate" psuedo busses, it is not at all uncommon for machines
to have more than 4 USB busses nowadays.
PR: bin/81533
Submitted by: Darren Pilgrim dmp at bitfreak dot org
Approved by: re (scottl)
MFC after: 1 week
timer since irq0 isn't being driven at hz in that case and we don't need to
try to handle edge cases with rollover, etc. that require irq0 to be firing
for the timecounter to actually work.
Submitted by: phk
Tested by: schweikh
Approved by: re (scottl)
and stop trying to play cute games so that sccs[] shares space with
version[].
Reported by: Jilles Tjoelker jilles at stack dot nl
Discussed with: bde, "R. Imura" imura at ryu16 dot org
Idea from: NetBSD (via bde)
Approved by: re (scottl)
MFC after: 1 week
We removed the corresponding code long time ago and the historically
interested can find this paper in the cvs repo, there is no point
in installing it any more.
Approved by: re@
a cosmetic change. m_uiotombuf() produces a packet header mbuf, while
original implementation did not. When kernel is compiled with MAC
support, headerless mbuf will cause panic.
Reported by: Alexander Nikiforenko <asn rambler-co.ru>
Approved by: re (scottl)
MFC After: 2 weeks
module-specific malloc types. These should help us to pinpoint the
possible memory leakage in the future.
- Implementing xpt_alloc_ccb_nowait() and replacing all malloc/free based
CCB memory management with xpt_alloc_ccb[_nowait]/xpt_free_ccb. Hopefully
this would be helpful if someday we move the CCB allocator to use UMA
instead of malloc().
Encouraged by: jeffr, rwatson
Reviewed by: gibbs, scottl
Approved by: re (scottl)
starts with an ifatm which in turns has an ifnet. Remove also a couple
of unneccessary casts that could hide such things in the future.
Approved by: re
so residue of division for all hosts on net is the same, and thus only
one VHID answers. Change source IP in host byte order.
Reviewed by: mlaier
Approved by: re (scottl)
