Add new #ifdef. By defining BKTR_NO_MSP_RESET you can prevent the
MSP34xx being reset by the bt848 driver. This is handy
if you pre-initialise the MSP34xx stereo audio chip in another
operating system first (eg MS Windows).
Suggested by: Randal Hopper<aa8vb@ipass.net>
Suggested by: Yuri Gindin <yuri@xpert.com>
PV_TABLE_REF cleared before PV_TABLE_MOD, the page may get fault on read again.
On fault on write, pmap_emulate_reference mark the page dirty with
vm_page_dirty. That decrease ill effects of the bug.
The problem probably become more serious after my rev.1.18 a week ago.
This is a seriously beefed up chroot kind of thing. The process
is jailed along the same lines as a chroot does it, but with
additional tough restrictions imposed on what the superuser can do.
For all I know, it is safe to hand over the root bit inside a
prison to the customer living in that prison, this is what
it was developed for in fact: "real virtual servers".
Each prison has an ip number associated with it, which all IP
communications will be coerced to use and each prison has its own
hostname.
Needless to say, you need more RAM this way, but the advantage is
that each customer can run their own particular version of apache
and not stomp on the toes of their neighbors.
It generally does what one would expect, but setting up a jail
still takes a little knowledge.
A few notes:
I have no scripts for setting up a jail, don't ask me for them.
The IP number should be an alias on one of the interfaces.
mount a /proc in each jail, it will make ps more useable.
/proc/<pid>/status tells the hostname of the prison for
jailed processes.
Quotas are only sensible if you have a mountpoint per prison.
There are no privisions for stopping resource-hogging.
Some "#ifdef INET" and similar may be missing (send patches!)
If somebody wants to take it from here and develop it into
more of a "virtual machine" they should be most welcome!
Tools, comments, patches & documentation most welcome.
Have fun...
Sponsored by: http://www.rndassociates.com/
Run for almost a year by: http://www.servetheweb.com/
that doesn't have it. This is achieved by having minimal do-nothing stubs
enabled when there are no bpfilter devices configured.
Driver modules should be built with BPF enabled for maximum
convenience (but can be built without it for maximum performance).
- %fs register is added to trapframe and saved/restored upon kernel entry/exit.
- Per-cpu pages are no longer mapped at the same virtual address.
- Each cpu now has a separate gdt selector table. A new segment selector
is added to point to per-cpu pages, per-cpu global variables are now
accessed through this new selector (%fs). The selectors in gdt table are
rearranged for cache line optimization.
- fask_vfork is now on as default for both UP and SMP.
- Some aio code cleanup.
Reviewed by: Alan Cox <alc@cs.rice.edu>
John Dyson <dyson@iquest.net>
Julian Elischer <julian@whistel.com>
Bruce Evans <bde@zeta.org.au>
David Greenman <dg@root.com>
so that the list of drivers is correct. This is a slightly
simplified version of the patch from the PR.
PR: misc/10544
Submitted by: Christophe Colle <colle@krtkg1.rug.ac.be>
1:
s/suser/suser_xxx/
2:
Add new function: suser(struct proc *), prototyped in <sys/proc.h>.
3:
s/suser_xxx(\([a-zA-Z0-9_]*\)->p_ucred, \&\1->p_acflag)/suser(\1)/
The remaining suser_xxx() calls will be scrutinized and dealt with
later.
There may be some unneeded #include <sys/cred.h>, but they are left
as an exercise for Bruce.
More changes to the suser() API will come along with the "jail" code.
able to expand the zeros, ones etc masks on the fly. It seems a good
number of domains don't set the rn_maxkey variable anyway, and because
this is a domain itself, there is no guarantee we've been called after
a protocol that actually has set it (ie: inet), so start with a maxkey
of a relatively sane size as a base point until it can adapt on the fly.
it used to be that way. I'm not sure that it's needed, but it does
walk the ifp list..
Incidently, there's nothing to sanity check the ifq_maxlen on loaded
interfaces..
Get rid of the spl wrapper kludge, it doesn't seem to be needed between
init calls since all that's running is the domain/protocol timers and they
are safe since domain list modifications are splnet() protected (which
blocks the timers)
Conditionally compile 386-specific code.
pmap_enter:
Eliminate unnecessary TLB shootdowns.
pmap_zero_page and pmap_zero_page_area:
Use invltlb_1pg instead of duplicating the code.
was only looking at old style drivers in the pcidevice_set, which doesn't
exist any more.. Ultimately, the pci and eisa bus drivers will check for
hints for wiring, flags and enable/disable etc as well.
style pci drivers with a simple one-line change to use a module that
registers itself under new-bus and should in theory enable just about all
of the pci drivers to be loadable (kldload and loader(8)) but without
having the impact of converting the APIs yet.
This also fixes the problem of having undefined variables when only
new-style pci drivers are present.
