Commit Graph

134297 Commits

Author SHA1 Message Date
Andrew Thompson
82056f42cf Avoid holding the softc lock when using copyout().
Reported by:	dfr
Approved by:	re (rwatson)
2007-07-26 20:30:18 +00:00
Andrew Thompson
c4dd9fb67a Fix up ndis interaction with net80211
- make NDIS_DEBUG a sysctl
 - default to IEEE80211_MODE_11B if the card doesnt tell us the channels
 - dont mess with ic_des_chan when we assosciate
 - Allow a directed scan by setting the ESSID before scanning (verified
   with wireshark). Hidden APs probably wouldnt have worked before.
 - Grab the channel type and use it to look up the correct curchan for
   the scan results (mistakenly used 11B before)
 - Fix memory leak in the ndis_scan_results

Tested by:	matteo
Reviewed by:	sam
Approved by:	re (rwatson)
2007-07-26 20:11:16 +00:00
Alexander Motin
091193febe Reduce stack usage by 256 bytes per call. It helps to avoid kernel
stack overflow in complicated traffic filtering setups.

There can be minor performance degradation for the MHLEN < len <= 256 case
due to additional buffer allocation, but it is a rare case.

Approved by:	re (rwatson), glebius (mentor)
MFC after:	1 week
2007-07-26 18:15:02 +00:00
Pawel Jakub Dawidek
57fd3d5572 When we do open, we should lock the vnode exclusively. This fixes few races:
- fifo race, where two threads assign v_fifoinfo,
- v_writecount modifications,
- v_object modifications,
- and probably more...

Discussed with:	kib, ups
Approved by:	re (rwatson)
2007-07-26 16:58:09 +00:00
Pawel Jakub Dawidek
68c1a246ae The v_mountedhere field is protected by the vnode lock, not vnode's internal
lock.

Approved by:	re (rwatson)
2007-07-26 16:52:57 +00:00
John Baldwin
de016534a8 If the trap number stored in the trapframe is corrupted into a negative
value, then we would use a negative index into the trap_msg[] array
resulting in a nested page fault.  Make the 'type' variable holding the
trap number unsigned to avoid this.

MFC after:	2 weeks
Approved by:	re (rwatson)
2007-07-26 15:32:55 +00:00
Gleb Smirnoff
bb5ba44f82 Honor the IFF_MONITOR flag.
PR:		kern/99500
Submitted by:	Craig Leres <leres ee.lbl.gov>
Approved by:	re (kensmith)
2007-07-26 10:54:33 +00:00
Andre Oppermann
564aab1fe6 Fix comments in tcp_do_segment().
Approved by:	re (kensmith)
2007-07-25 18:48:24 +00:00
John Baldwin
f2c789a923 Require 'cleanvar' so that files and sockets created in /var/run by
wpa_supplicant and other programs started by 'netif' don't get erased
by a subsequent 'cleanvar'.

Approved by:	re (bmah)
Reviewed by:	dougb
MFC after:	1 week
2007-07-25 18:08:01 +00:00
Bruce A. Mah
e99e266743 New release note: iscsi_initiator(8).
Updated release notes:  BIND 9.4.1-p1, OpenBSM 1.0alpha15.

Approved by:	re (implicit)
2007-07-25 15:19:37 +00:00
Scott Long
039886f83f Fix a whitespace mistake from the last commit.
Submitted by: far too many to list
Approved by: re
2007-07-25 13:37:33 +00:00
Doug Barton
275af6dcd5 This commit was generated by cvs2svn to compensate for changes in r171577,
which included commits to RCS files with non-trunk default branches.
2007-07-25 08:12:36 +00:00
Doug Barton
56a78b5211 Vendor import of 9.4.1-P1, which has fixes for the following:
1. The default access control lists (acls) are not being
correctly set. If not set anyone can make recursive queries
and/or query the cache contents.

See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925

2. The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.

This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.

All users are encouraged to upgrade.

See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926

Approved by:	re (kensmith, implicit)
2007-07-25 08:12:36 +00:00
Warner Losh
6dc2dedb7a Start to converge on standard ways of saying some things like
Ethernet and Adapter.

Obtained from: NetBSD (kinda)
Approved by: re (blanket)
2007-07-25 07:11:08 +00:00
Warner Losh
3b62e837c9 Fix absolutely maddening autorepeat bug that would cause the last key
to repeat if you had more than two keys down at any given time (which
happened to me all the time with emacs).

This is taken from PR 110681, although what URATAN Shigenobu describes
there is different than the pathology that I have been seeing.  I'm
seeing this only in X, while he sees it on his console, yet I think
the two problems are related.  I've also reworked the patch slightly
to conform to the coding standards of adjacent code.

It is unclear to me if this merely masks the maddening bug that I have
seen, or if this is a real fix.  I typically see the problem when I'm
typing fast in emacs and using lots of motion keys (meta and control).
In either case, my workstation at work again is finally useful with
this patch.

PR:		110681
Submitted by:	URATAN Shigenobu
Approved by: 	re (blanket)
2007-07-25 06:48:33 +00:00
Warner Losh
8a639d8fb6 ums(4) does not work if the mouse defaults to boot protocol. Force
the protocol to be report on each open, but ignore any errors as set
protocol for mice that don't implement the boot protocol can generate
an error.  Evidentally, the Gyration GyroPoint RF Technology Receiver
(Gyration Ultra Cordless) device has this problem.

Submitted by: Eugene M. Kim
PR: 106565
Approved by: re (blanket)
2007-07-25 06:43:06 +00:00
Randall Stewart
1b649582bb - take out a needless panic under invariants for sctp_output.c
- Fix addrs's error checking of sctp_sendx(3) when addrcnt is less than
   SCTP_SMALL_IOVEC_SIZE
 - re-add back inpcb_bind local address check bypass capability
 - Fix it so sctp_opt_info is independant of assoc_id postion.
 - Fix cookie life set to use MSEC_TO_TICKS() macro.
 - asconf changes
   o More comment changes/clarifications related to the old local address
    "not" list which is now an explicit restricted list.

   o Rename some functions for clarity:
     - sctp_add/del_local_addr_assoc to xxx_local_addr_restricted()
     - asconf related iterator functions to sctp_asconf_iterator_xxx()

   o Fix bug when the same address is deleted and added (and removed from
     the asconf queue) where the ifa is "freed" twice refcount wise,
     possibly freeing it completely.

   o Fix bug in output where the first ASCONF would not go out after the
     last address is changed (e.g. only goes out when retransmitted).

   o Fix bug where multiple ASCONFs can be bundled in the same packet with
     the and with the same serial numbers.

   o Fix asconf stcb iterator to not send ASCONF until after all work
     queue entries have been processed.

   o Change behavior so that when the last address is deleted (auto asconf
     on a bound all endpoint) no action is taken until an address is
     added; at that time, an ASCONF add+delete is sent (if the assoc
     is still up).

   o Fix local address counting so that address scoping is taken into
     account.

   o #ifdef SCTP_TIMER_BASED_ASCONF the old timer triggered sending
     of ASCONF (after an RTO).  The default now is to send
     ASCONF immediately (except for the case of changing/deleting the
     last usable address).
Approved by:	re(ken smith)@freebsd.org
2007-07-24 20:06:02 +00:00
Christian Brueffer
064d25a08a First round of cleanups.
Approved by:	re (blanket)
2007-07-24 18:08:16 +00:00
Xin LI
f62e5595fd MFp4: Force 64-bit arithmatic when caculating the maximum file size.
This fixes tmpfs caculations on 32-bit systems equipped with more than
4GB swap.

Reported by:	Craig Boston <craig xfoil gank org>
PR:		kern/114870
Approved by:	re (tmpfs blanket)
2007-07-24 17:14:53 +00:00
Scott Long
05a4c1c1ef Attach the iscsi module build.
Approved by: re
2007-07-24 16:58:18 +00:00
Scott Long
c5933b2086 Introduce Danny Braniss' iSCSI initiator, version 2.0.99. Please read the
included man pages on how to use it.  This code is still somewhat experimental
but has been successfully tested on a number of targets.  Many thanks to
Danny for contributing this.

Approved by: re
2007-07-24 15:35:02 +00:00
Pawel Jakub Dawidek
aa222db26f Update assertion after revision 1.23.
Reviewed by:	dfr
Approved by:	re (rwatson)
2007-07-24 15:00:43 +00:00
Warner Losh
c37e6fb302 Add some additional cross references.
Approved by: re@ (blanket)
2007-07-24 14:51:21 +00:00
Warner Losh
85b660a751 Add ChanTou ST268 USB NIC
PR: 114860
Approved by: re@ (blanket)
2007-07-24 14:49:25 +00:00
Warner Losh
0e0e91989d Add support for ShanTou ST268 usb nic. This is from a patch for NetBSD
the PR pointed to.  This appears to have been written by Julian Suschlik.

Submitted by: Kuan-Chung Chiu
Obtained from: http://www.nabble.com/Patch-for-udav(4)-t4070804.html
PR: 114860
Approved by: re@ (blanket)
2007-07-24 14:44:23 +00:00
Simon L. B. Nielsen
33e6f9c10c Set timeout for all NIS RPC requests to 1 second and not just for
yp_next as revision 1.50 did.  This should fix, or at least very much
reduce the risk of, NIS timing out due to UDP packet loss for NIS
functions.

See also revision 1.50 for more details about the general problem.

Tested by:	nosedive, freefall, hub, mx1, brooks
MFC after:	1 week
Approved by:	re (mux)
2007-07-24 13:06:08 +00:00
Xin LI
9a0e6be26a Stop mentioning /usr/X11R6.
Approved by:	re (hrs)
2007-07-24 06:41:07 +00:00
Pyun YongHyeon
5774c5ff93 Add MSI support.
Ever since switching to adaptive polling re(4) occasionally spews
watchdog timeouts on systems with MSI capability. This change is
minimal one for supporting MSI and re(4) also needs MSIX support
for RTL8111C in future. Because softc structure of re(4) is shared
with rl(4), rl(4) was touched to use the modified softc.

Reported by:	cnst
Tested by:	cnst
Approved by:	re (kensmith)
2007-07-24 01:24:03 +00:00
Pyun YongHyeon
8b590ad2d1 Don't fail on device attach if jumbo frame support was unsuccessful.
Because nfe(4) hardware doesn't support SG on Rx path, supporting
jumbo frame requires very large contiguous kernel memory(i.e. several
mega bytes). In case of lack of contiguous kernel memory that
allocation request may always fail. However nfe(4) can operate on normal
sized MTU frames, so go ahead and just disable jumbo frame support.
While I'm here add a new tunable "hw.nfe.jumbo_disable" to disable
jumbo frame support.
In nfe_poll, make sure to invoke correct Rx handler.

Approved by:	re (kensmith)
2007-07-24 01:11:00 +00:00
Attilio Rao
758b17a100 upcall_free() was only used in kse_GC() which has been removed so it now
results unused; this, with -Werror option of gcc, rise a warning for gcc
which let the buildkernel to be busted.
Fix this removing upcall_free().

Reported by: various
Approved by: jeff
Approved by: re
Pointy hat to: attilio
2007-07-23 23:16:53 +00:00
Attilio Rao
ac8094e4e3 Actually, KSE kernel bits locking is broken and can lead likely to
dangerous races.
Fix this problems adding correct locking for the members of 'struct
kse_upcall' and other struct proc/struct thread related members.
For the moment, just leave ku_mflag and ku_flags "lazy" locked.
While here, cleanup the code removing the function kse_GC() (unused),
and merging upcall_link(), upcall_unlink(), upcall_stash() in their
respective callers (static functions, very short and only called in one
place).

Reported by: pav
Tested by: pav (on some pointyhat cluster nodes)
Approved by: jeff
Approved by: re
Sponsorized by: NGX Italy (http://www.ngx.it)
2007-07-23 14:52:22 +00:00
Robert Watson
7bb9c8a05b When checking labels during a vnode link operation in MLS, use the file
vnode label for a check rather than the directory vnode label a second
time.

MFC after:	3 days
Submitted by:	Zhouyi ZHOU <zhouzhouyi at FreeBSD dot org>
Reviewed by:	csjp
Sponsored by:	Google Summer of Code 2007
Approved by:	re (bmah)
2007-07-23 13:28:54 +00:00
David Malone
6d8617d42a If clock_ct_to_ts fails to convert time time from the real time clock,
print a one line error message. Add some comments on not being able to
trust the day of week field (I'll act on these comments in a follow up
commit).

Approved by:	re
MFC after:	3 weeks
2007-07-23 09:42:32 +00:00
Robert Watson
8136d21ec0 Continue effort to align UDPv4 and UDPv6 implementations by merging
udp6_output() from udp6_output.c to udp6_usrreq.c, matching the UDPv4
structure, and allowing us to remove udp6_output.c.

Reviewed by:	bz, gnn
Approved by:	re (bmah)
2007-07-23 07:58:58 +00:00
Bruce Evans
4eb3abf0a5 Make using msdosfs as the root file system sort of work:
o Initialize ownerships and permissions.  They were garbage (0) for
  root mounts since vfs_mountroot_try() doesn't ask for them to be set
  and msdosfs's old incomplete code to set them was removed.  The
  garbage happened to give the correct ownerships root:wheel, but it
  gave permissions 000 so init could not be execed.  Use the macros
  for root: wheel and 0755.  (The removed code gave 0:0 and 0777.  0755
  is more normal and secure, thought wrong for /tmp.)

o Check the readonly flag for initial (non-MNT_UPDATE) mounts in the
  correct place, as in ffs.  For root mounts, it is only passed in
  mp->mnt_flags, since vfs_mountroot_try() only passes it as a flag
  and nothing translates the flag to the "ro" option string.  msdosfs
  only looked for it in the string, so it gave a rw mount for root
  mounts without even clearing the flag in mp->mnt_flags, so the final
  state was inconsistent.  Checking the flag only in mp->mnt_flags
  works for initial userland mounts too.  The MNT_UPDATE case is
  messier.

The main point that should work but doesn't is fsck of msdosfs root
while it is mounted ro.  This needs mainly MNT_RELOAD support to work.
It should be possible to run fsck -p and succeed provided the fs is
consistent, not just for msdosfs, but this fails because fsck -p always
tries to open the device rw.  The hack that allows open for writing
in ffs is not implemented in msdosfs, since without MNT_RELOAD support
writing could only be harmful.  So fsck must be turned off to use
msdosfs as root.  This is quite dangerous, since msdosfs is still missing
actually using its fs-dirty flag internally, so it is happy to mount
dirty fileystems rw.

Unrelated changes:
- Fix missing error handling for MNT_UPDATE from rw to ro.
- Catch up with renaming msdos to msdosfs in a string.

Approved by:	re (kensmith)
2007-07-23 07:10:17 +00:00
Xin LI
7280082944 MFp4: When swapping is not enabled, allow creating files by taking
physical memory pages into account for tm_maxfilesize.

Reported by:	Dominique Goncalves <dominique.goncalves gmail.com>
Submitted by:	Howard Su
Approved by:	re (tmpfs blanket)
2007-07-23 06:54:58 +00:00
Attilio Rao
bcfac09734 Preprocessing stub "KSE" breaks ABI either with modules and userspace
consumers.
This patch makes KSE no more an optionally stub for kernel structures
fixing the breakage.
As a tail note, this bug has broken kqemu for a long period now.

Tested by: Ulf Lilleengen <lulf@FreeBSD.org>
Discussed with: rwatson, jeff
Approved by: jeff (mentor)
Approved by: re
2007-07-22 21:35:44 +00:00
Andrew Thompson
a4e531102e ndis will signal the kthread to exit and then sleep on the proc pointer to
be woken up by kthread_exit. This is racey and in some cases the kthread will
exit before ndis gets around to sleep so it will be stuck indefinitely. This
change reuses the kq_exit variable to indicate that the thread has gone and
will loop on tsleep with a timeout waiting for it. If the kthread has already
exited then it will not sleep at all.

Approved by:	re (rwatson)
2007-07-22 20:53:28 +00:00
Nate Lawson
9bbad5af65 The HPET appears to be broken on silby's Acer Pentium M system, never
advancing.  Read from the timer before attaching to be sure it advances
in 1 us.  Since the slowest rate allowed by the spec is 10 MHz, the
timer is guaranteed to change in this interval if it is working.

Tested by:	Rui Paulo
Approved by:	re
MFC after:	3 days
2007-07-22 20:45:27 +00:00
Warner Losh
944f82cd4f Change new Wi-Spy device name to Wi-Spy 2.4x.
Submitted by: Brix Andersen
Approved by: re@ (blanket)
PR: 114807
2007-07-22 18:29:18 +00:00
Warner Losh
9fb43cb678 WISPY added an X.
Approved by: re
2007-07-22 15:59:45 +00:00
Dag-Erling Smørgrav
f0f1db2e4c Apply the same error checks to PAM_TTY in pam_sm_close_session() as in
pam_sm_open_session(), avoiding false negatives when no tty is present.

Submitted by:	Todd C. Miller <millert@courtesan.com>
Approved by:	re (rwatson)
MFC after:	2 weeks
2007-07-22 15:17:29 +00:00
Dag-Erling Smørgrav
1173d3bb33 Whitespace cleanup
Approved by:	re (rwatson)
2007-07-22 15:14:40 +00:00
Robert Watson
3f3bb0d402 Merge OpenBSM 1.0 alpha 15 changes to src/sys/bsm:
- Synchronized audit event list to Solaris, picking up the *at(2) system call
  definitions, now required for FreeBSD and Linux.  Added additional events
  for *at(2) system calls not present in Solaris.

Obtained from:	TrustedBSD Project
Approved by:	re (hrs)
2007-07-22 12:28:13 +00:00
Robert Watson
28f15ca13c Update generated OpenBSM config.h for OpenBSM 1.0 alpha15 update.
Approved by:	re (hrs)
2007-07-22 12:22:25 +00:00
Robert Watson
372e973c2e Resolve conflicts from import of OpenBSM 1.0 alpha15 ($FreeBSD$/$P4$
conflict).

Approved by:	re (hrs)
2007-07-22 12:20:42 +00:00
Robert Watson
7ed9c73527 This commit was generated by cvs2svn to compensate for changes in r171537,
which included commits to RCS files with non-trunk default branches.
2007-07-22 12:18:31 +00:00
Robert Watson
0814440e5f Vendor import TrustedBSD OpenBSM 1.0 alpha 15, with the following change
history since the last import:

OpenBSM 1.0 alpha 15

- Fix bug when processing in_addr_ex tokens.
- Restore the behavior of printing the string/text specified while
  auditing arg32 tokens.
- Synchronized audit event list to Solaris, picking up the *at(2) system call
  definitions, now required for FreeBSD and Linux.  Added additional events
  for *at(2) system calls not present in Solaris.
- Bugs in auditreduce(8) fixed allowing partial date strings to be used in
  filtering events.

Approved by:	re (hrs)
MFC after:	3 weeks
Obtained from:	TrustedBSD Project
2007-07-22 12:18:31 +00:00
Kevin Lo
282a3889eb Include the <sys/sysproto.h> header which includes the prerequisite header
for AUE_NULL.

Approved by: re (kensmith)
2007-07-22 06:48:34 +00:00
Kevin Lo
36ffd4ba6d Use bus_get_dma_tag() to obtain the parent DMA tag.
Reviewed by: sam, sephe, thompsa
Approved by: re (kensmith)
2007-07-22 06:44:10 +00:00