Commit Graph

125572 Commits

Author SHA1 Message Date
Robert Watson
fb6d736d14 Update and reformat comments for POSIX.1e ACL utility routines. 2006-07-23 19:35:10 +00:00
Robert Watson
07b1b82e55 Comment extended attribute name space constants. 2006-07-23 19:26:54 +00:00
Robert Watson
ba68fd5b2f Improve comments for label data structure. 2006-07-23 19:26:32 +00:00
Norikatsu Shigemura
27a9d57fed Add missing ;.
Pointy hat to:	myself
Approved by:	deischen (implicitly)
2006-07-23 15:53:12 +00:00
Hajimu UMEMOTO
e24e9d9988 do not overload the port number on to the return value of
str2number().  this could result in an unexpected code path.

Obtained from:	KAME
MFC after:	1 week
2006-07-23 15:31:03 +00:00
Norikatsu Shigemura
e257c93bbc Add missing syscalls.
Reviewed by:	deischen
Approved by:	deischen
2006-07-23 13:08:54 +00:00
Robert Watson
c9db0fad09 Align IPv6 socket locking with IPv4 locking: lock socket buffer explicitly
and use _locked variants to avoid extra lock and unlock operations.

Reviewed by:	gnn
MFC after:	1 week
2006-07-23 12:24:22 +00:00
Robert Watson
4f1f0ef523 Add two new unpcb flags, UNP_BINDING and UNP_CONNECTING, which will be
used to mark UNIX domain sockets as being in the process of binding or
connecting.  Use these to prevent simultaneous bind or connect
operations by multiple threads or processes on the same socket at the
same time, which closes race conditions present in the UNIX domain
socket implementation since inception.
2006-07-23 12:01:14 +00:00
Robert Watson
dd47f5ca9c Merge unp_bind() into uipc_bind(), as it is called only from uipc_bind(). 2006-07-23 11:02:12 +00:00
Robert Watson
6d32873c29 Since unp_attach() and unp_detach() are now called only from uipc_attach()
and uipc_detach(), merge them into their calling functions.
2006-07-23 10:25:28 +00:00
Robert Watson
7e711c3aae Move various UNIX socket global variables and sysctls from the middle of
the file to the top.
2006-07-23 10:19:04 +00:00
Hajimu UMEMOTO
18d2f53d00 stop use of mutex lock in ICMP lookup.
MFC after:	1 week
2006-07-23 07:07:49 +00:00
Alan Cox
604c2bbc34 Export the number of object bypasses and collapses through sysctl. 2006-07-22 22:31:57 +00:00
Robert Watson
f3f49bbbe8 In uipc_send() and uipc_rcvd(), store unp->unp_conn pointer in unp2
while working with the second unpcb to make the code more clear.
2006-07-22 18:41:42 +00:00
Robert Watson
1c381b19ff Re-wrap and other minor formatting and punctuation fixes for UNIX domain
socket comments.
2006-07-22 17:24:55 +00:00
Pawel Jakub Dawidek
5333bd4763 Implement support for HMAC/SHA1 and HMAC/SHA256 acceleration found in
new VIA CPUs.
For older CPUs HMAC/SHA1 and HMAC/SHA256 (and others) will still be done
in software.

Move symmetric cryptography (currently only AES-CBC 128/192/256) to
padlock_cipher.c file. Move HMAC cryptography to padlock_hash.c file.

Hardware from:	Centaur Technologies
2006-07-22 16:18:47 +00:00
David E. O'Brien
ff0c6b70eb Add initial platform support.
Submitted by:	cognet
2006-07-22 15:27:18 +00:00
David E. O'Brien
6b16916db1 Add ARM platform Makefile for building disassembler.
(rev 1.1 was an accidental commit)
2006-07-22 14:59:50 +00:00
David E. O'Brien
1acfb1b180 Add ARM platform Makefile for building BFD. We include the New ARM ABI only.
(rev 1.1 was an accidental commit)
2006-07-22 14:55:55 +00:00
David E. O'Brien
dbff1be7a8 Be consistent in quoting. 2006-07-22 14:37:17 +00:00
Hajimu UMEMOTO
816dc28540 remove obsolete comments.
MFC after:	3 days
2006-07-22 14:36:56 +00:00
David E. O'Brien
0b47627195 Create a genscripts driver based on the PowerPC one. 2006-07-22 14:36:15 +00:00
David E. O'Brien
9c82c2e2b6 The platform name is ARM not StrongARM.
Submitted by:	cognet
2006-07-22 14:12:02 +00:00
David E. O'Brien
38a1ab4173 Tell when a .include is processed with '-dd'. 2006-07-22 14:00:31 +00:00
Pawel Jakub Dawidek
9f5dc73906 Correct few bzero()s.
MFC after:	3 days
2006-07-22 13:14:11 +00:00
Yaroslav Tykhiy
f9207803a8 Note the overhaul of asf(8). 2006-07-22 12:52:51 +00:00
Pawel Jakub Dawidek
8cfab1debb Don't forget to initialize crp_olen field, which is used to calculate
bio_completed value.
2006-07-22 10:05:55 +00:00
Pawel Jakub Dawidek
5362e27b6d Set ses_ictx and ses_octx to NULL after freeing them, so we won't free
them twice.
This is possible for example in situation when session is used in
authentication context, then freed and then used in encryption context
and freed - in encryption context ses_ictx and ses_octx are not touched
at newsession time, but padlock_freesession could still try to free them
when they are not NULL.
2006-07-22 10:04:47 +00:00
George V. Neville-Neil
87b4dfd5b2 Fix build breakage from previous commit which confused key_abort and key_close. 2006-07-22 09:18:02 +00:00
Yaroslav Tykhiy
525388396e The month name in .Dd should be spelled in full.
Pointed out by:	ru
2006-07-22 07:23:46 +00:00
George V. Neville-Neil
c6af35ee0e The KAME project ceased work on IPv6 and IPSec in March of 2006.
Remove the README file which warns against cosmetic or local only
changes.  FreeBSD committers should now feel free to work on the
IPv6 and IPSec code without fetters.  The KAME mailing lists still
exist and it is always a good idea to ask questions about this code
on the snap-users@kame.net mailing list.

Reviewed by:	rwatson, brooks
2006-07-22 02:32:32 +00:00
Alan Cox
2cf139527c Retire debug.mpsafevm. None of the architectures supported in CVS require
it any longer.
2006-07-21 23:22:49 +00:00
Maxim Sobolev
7697c5e483 Remove mention of the `W' flag, which has been turned to no-op by the
neworder change. Keep the option in a config file parser, to not
violate POLA.

MFC after:	2 weeks
2006-07-21 22:13:06 +00:00
John Baldwin
3ce72960e8 Regen. 2006-07-21 20:41:33 +00:00
John Baldwin
e0569c0798 Clean up the svr4 socket cache and streams code some to make it more easily
locked.
- Move all the svr4 socket cache code into svr4_socket.c, specifically
  move svr4_delete_socket() over from streams.c.  Make the socket cache
  entry structure and svr4_head private to svr4_socket.c as a result.
- Add a mutex to protect the svr4 socket cache.
- Change svr4_find_socket() to copy the sockaddr_un struct into a
  caller-supplied sockaddr_un rather than giving the caller a pointer to
  our internal one.  This removes the one case where code outside of
  svr4_socket.c could access data in the cache.
- Add an eventhandler for process_exit and process_exec to purge the cache
  of any entries for the exiting or execing process.
- Add methods to init and destroy the socket cache and call them from the
  svr4 ABI module's event handler.
- Conditionally grab Giant around socreate() in streamsopen().
- Use fdclose() instead of inlining it in streamsopen() when handling
  socreate() failure.
- Only allocate a stream structure and attach it to a socket in
  streamsopen().  Previously, if a svr4 program performed a stream
  operation on an arbitrary socket not opened via the streams device,
  we would attach streams state data to it and change f_ops of the
  associated struct file while it was in use.  The latter was especially
  not safe, and if a program wants a stream object it should open it via
  the streams device anyway.
- Don't bother locking so_emuldata in the streams code now that we only
  touch it right after creating a socket (in streamsopen()) or when
  tearing it down when the file is closed.
- Remove D_NEEDGIANT from the streams device as it is no longer needed.
2006-07-21 20:40:13 +00:00
John Baldwin
52d639a953 Add conditional VFS Giant locking to svr4_sys_fchroot() and mark it MPSAFE.
Also, call change_dir() instead of doing part of it inline (this now adds
a mac_check_vnode_chdir() call) to match fchdir() and call
mac_check_vnode_chroot() to match chroot().  Also, use the change_root()
function to do the actual change root to match chroot().

Reviewed by:	rwatson
2006-07-21 20:28:56 +00:00
John Baldwin
b04aff773e Add a comment to explain what fdclose() does and what it's purpose is
since the subtlety eluded me when I looked at it last week.
2006-07-21 20:24:00 +00:00
John Baldwin
b4c63329d5 - Pass the MPSAFE flag to namei() in linux_uselib() and handle conditional
Giant VFS locking in that function.
- Remove bogus code to handle the case where namei() returns success but a
  NULL vnode pointer.
- Note that this code duplicates exec_check_permissions() and annotate
  where it differs.
- Hold the vnode lock longer to protect the write to set VV_TEXT in
  v_vflag.
- Mark linux_uselib() MPSAFE.

Reviewed by:	rwatson
2006-07-21 20:22:13 +00:00
Warner Losh
8fcb4ef1cf If we get an error w/o atapi sense information, just print a newline
to terminate the message we started.  I get non-terminated messages
when reading audio tracks w/o this patch.
2006-07-21 19:13:05 +00:00
Hajimu UMEMOTO
da83bf18e4 simplification in explore_numeric: unified the post-process with
GET_AI and GET_PORT.  Commented on an impossible case.

Obtained from:	KAME
MFC after:	1 week
2006-07-21 19:02:28 +00:00
Hajimu UMEMOTO
0cf41987df RFC3493 requires use of inet_aton for AF_INET.
Obtained from:	KAME
MFC after:	1 week
2006-07-21 19:00:22 +00:00
Hajimu UMEMOTO
0aceddcef7 clean-up: rewrote explore_null and explore_numeric without using sentinel.
we do not need it since we make (at most) a single addrinfo entry in these
cases.

Obtained from:	KAME
MFC after:	1 week
2006-07-21 18:57:44 +00:00
Hajimu UMEMOTO
b88ad6b5d6 - draft-ietf-ipngwg-icmp-namelookups-09
- make it compilable

It still requires root privilege and is experimental.

Obtained from:	KAME
MFC after:	1 week
2006-07-21 18:55:51 +00:00
Robert Watson
a152f8a361 Change semantics of socket close and detach. Add a new protocol switch
function, pru_close, to notify protocols that the file descriptor or
other consumer of a socket is closing the socket.  pru_abort is now a
notification of close also, and no longer detaches.  pru_detach is no
longer used to notify of close, and will be called during socket
tear-down by sofree() when all references to a socket evaporate after
an earlier call to abort or close the socket.  This means detach is now
an unconditional teardown of a socket, whereas previously sockets could
persist after detach of the protocol retained a reference.

This faciliates sharing mutexes between layers of the network stack as
the mutex is required during the checking and removal of references at
the head of sofree().  With this change, pru_detach can now assume that
the mutex will no longer be required by the socket layer after
completion, whereas before this was not necessarily true.

Reviewed by:	gnn
2006-07-21 17:11:15 +00:00
Yaroslav Tykhiy
05a7329cba Touch document date (Dd). 2006-07-21 15:57:12 +00:00
Yaroslav Tykhiy
9f8b57f078 Since Alpha support isn't in HEAD anymore, remove Alpha-specific
rc.conf(5) knobs, too: osf1_enable, unaligned_print.
2006-07-21 15:55:18 +00:00
Olivier Houchard
838ab6b670 Grr we also need to set -mbig-endian to LDFLAGS. Now I can build a
big-endian arm world.
2006-07-21 14:07:48 +00:00
Max Laier
cff1b3389b Import from OpenBSD 1.168, dhartmei:
fix a bug in the input sanity check of DIOCCHANGERULE (not used by pfctl,
  but third-party tools). a rule must have a non-empty replacement address
  list when it's a translation rule but not an anchor call (i.e. "nat ...
  ->" needs a replacement address, but "nat-anchor ..." doesn't). the check
  confused "rule is an anchor call" with "rule is defined within an anchor".
  report from Michal Mertl, Max Laier.

Obtained from:	OpenBSD
MFC after:	2 weeks
2006-07-21 09:48:13 +00:00
Xin LI
12c4ea9abd The contents pointed by ssi_cables[] is never changed so explicitly
declare it as const char * instead of char *.

This change have no side impact to the code itself, and is a step
forward to WARNS=6 truss(1).
2006-07-21 08:45:00 +00:00
Alan Cox
af51d7bf57 Eliminate OBJ_WRITEABLE. It hasn't been used in a long time. 2006-07-21 06:40:29 +00:00