validating the offset within a given memory buffer before handing the
real work off to uiomove(9).
Use uiomove_frombuf in procfs to correct several issues with
integer arithmetic that could result in underflows/overflows. As a
side-effect, the code is significantly simplified.
Add additional sanity checks when computing a memory allocation size
in pfs_read.
Submitted by: rwatson (original uiomove_frombuf -- bugs are mine :-)
Reported by: Joost Pol <joost@pine.nl> (integer underflows/overflows)
And many changes.
* all
- Major change of struct fw_xfer.
o {send,recv}.buf is splitted into hdr and payload.
o Remove unnecessary fields.
o spd is moved under send and recv.
- Remove unnecessary 'volatile' keyword.
- Add definition of rtcode and extcode.
* firewire.c
- Ignore FWDEVINVAL devices in fw_noderesolve_nodeid().
- Check the existance of the bind before call STAILQ_REMOVE().
- Fix bug in the fw_bindadd().
- Change element of struct fw_bind for simplicity.
- Check rtcode of response packet.
- Reduce split transaction timeout to 200 msec.
(100msec is the default value in the spec.)
- Set watchdog timer cycle to 10 Hz.
- Set xfer->tv just before calling fw_get_tlabel().
* fwohci.c
- Simplifies fwohci_get_plen().
* sbp.c
- Fix byte order of multibyte scsi_status informations.
- Split sbp.c and sbp.h.
- Unit number is not necessary for FIFO¤ address.
- Reduce LOGIN_DELAY and SCAN_DELAY to 1 sec.
- Add some constants defineded in SBP-2 spec.
* fwmem.c
- Introduce fwmem_strategy() and reduce memory copy.
fd_cmask field in the file descriptor structure for the first process
indirectly from CMASK, and when an fd structure is initialized before
being filled in, and instead just use CMASK. This appears to be an
artifact left over from the initial integration of quotas into BSD.
Suggested by: peter
avoid problems with some Pentium 4 cpus and some older PPro/Pentium2
cpus. There are several problems, some documented in Intel errata.
This patch:
1) moves the kernel to the second page in the PSE case. There is an
errata that says that you Must Not point a 4MB page at physical
address zero on older cpus. We avoided bugs here due to sheer luck.
2) sets up PSE page tables right from the start in locore, rather than
trying to switch from 4K to 4M (or 2M) pages part way through the boot
sequence at the same time that we're messing with PG_G.
For some reason, the pmap work over the last 18 months seems to tickle
the problems, and the PAE infrastructure changes disturb the cpu
bugs even more.
A couple of people have reported a problem with APM bios calls during
boot. I'll work with people to get this resolved.
Obtained from: bmilekic
callout lock while the callout is happening. So the serialization
that I thought was happening isn't. Therefore, remove the part of the
bugs that says this. Leave in the other bug as it is very hard to
work around (impossible?).
Fix various typos.
Also note that timeout/untimeout are considered to be the old interface and
the callout interface should be used insetad.
Submitted by: bde (first two) and wollman (third)
(direct dispatch) in interrupt threads when the netisr in question
isn't already active. If a netisr is already active, or direct
dispatch is already in progress, we queue the packet for later
delivery. Previously, this option was disabled by default. I have
measured 20%+ performance improvements in IP packet forwarding with
this enabled.
Please report any problems ASAP, especially relating to stack depth or
out-of-order packet processing.
Discussed with: jlemon, peter
Sponsored by: DARPA, Network Associates Laboratories
was that accessing the status reg could occour too fast, confusing
the logic in the flash part. Could not have been located without:
HW donated by: Jonas Bülow <jonas@servicefactory.se>
callout has finished or is in progress. Also document that the
locking of the callout code for FreeBSD 5 has eliminated the 'or is in
progress' clause as a possibility and that such elimination is an
accident of the implementation and shouldn't be relied upon.
prior to invalidating the TLB to be certain that the processor doesn't
keep a cached copy.
Discussed with: pete
Paniced: tegge
Pointy Hat: The usual spot
