Commit Graph

64902 Commits

Author SHA1 Message Date
Robert Watson
1851c8fd41 o Modify device open access control for /dev/mem and friends to use
securelevel_gt() instead of direct securelevel variable checks.

Obtained from:	TrustedBSD Project
2001-09-26 20:08:02 +00:00
Robert Watson
785f9ffca3 o Modify IPFW and DUMMYNET administrative setsockopt() calls to use
securelevel_gt() to check the securelevel, rather than direct access
  to the securelevel variable.

Obtained from:	TrustedBSD Project
2001-09-26 19:58:29 +00:00
Robert Watson
d501d04b9e o Modify static settime() to accept the proc * for the process requesting
a time change, and callers so that they provide td->td_proc.
o Modify settime() to use securevel_gt() for securelevel checking.

Obtained from:	TrustedBSD Project
2001-09-26 19:53:57 +00:00
Robert Watson
c2f413af19 o Modify sysctl access control check to use securelevel_gt(), and
clarify sysctl access control logic.

Obtained from:	TrustedBSD Project
2001-09-26 19:51:25 +00:00
Jeroen Ruigrok van der Werven
99e8131545 Change standards compliancy order so that C and POSIX are grouped. 2001-09-26 19:42:39 +00:00
Matthew Dillon
46cad5761c Enable vmiodirenable by default. Remove incorrect comment from sysctl.conf.
MFC after:	1 week
2001-09-26 19:35:04 +00:00
Guido van Rooij
775b007440 Redo patch in 1.22 such that the header printing is reset when the
process gets a SIGCONT

Reviewed by:	kris@freebs.org
MFC after:	2 weeks
2001-09-26 19:35:03 +00:00
Doug Rabson
fa129a40db Tidy up and fix a runtime warning. 2001-09-26 16:15:20 +00:00
Ruslan Ermilov
43e09ab2db WARNSify. 2001-09-26 11:34:14 +00:00
Ruslan Ermilov
1b00c916a1 The "cat - -" feature was broken by the last commit.
Restore the code that avoided closing and reopening
stdin.  This is also required by POSIX.  As a bonus,
enable multiple stdin reads with the -benstv flags,
by resetting the EOF condition on stdin.
2001-09-26 11:32:23 +00:00
Matthew Dillon
3418ebebfe Make uio_yield() a global. Call uio_yield() between chunks
in vn_rdwr_inchunks(), allowing other processes to gain an exclusive
lock on the vnode.  Specifically: directory scanning, to avoid a race to the
root directory, and multiple child processes coring simultaniously so they
can figure out that some other core'ing child has an exclusive adv lock and
just exit instead.

This completely fixes performance problems when large programs core.  You
can have hundreds of copies (forked children) of the same binary core all
at once and not notice.

MFC after:	3 days
2001-09-26 06:54:32 +00:00
Poul-Henning Kamp
c36b0a4edb Give people a chance to do things before fsck is run.
MFC after:	2 weeks
2001-09-26 06:17:25 +00:00
David E. O'Brien
364f9ab989 Run rc.devfs a little bit earlier.
Many people like to use generic devices in rc.syscons, etc..
So rc.devfs needs to run before those rc files.

Requested by:	Jos Backus <josb@cncdsl.com>
2001-09-26 06:01:40 +00:00
Marcel Moolenaar
b18013f823 The arg parameter is passed by value in Linux, but not in FreeBSD.
We still have to account for a copyin. Make sure the copyin will
succeed by passing the FreeBSD syscall a pointer to userspace,
albeit one that's automagically mapped into kernel space.

Reported by: mr, Mitsuru IWASAKI <iwasaki@jp.FreeBSD.org>
Tested by: Mitsuru IWASAKI <iwasaki@jp.FreeBSD.org>
2001-09-26 05:39:59 +00:00
Paul Saab
88b1d98f31 Lock the vnode while truncating the corefile. This fixes a panic
with softupdates dangling deps.

Submitted by:	peter
MFC:		ASAP :)
2001-09-26 01:24:07 +00:00
Brooks Davis
9efaa0ae62 Add a standard hack in the spirit of PCI_ENABLE_IO_MODES to allow systems
with weird PCI-PCI bridge configurations to work.  Defining
PCI_ALLOW_UNSUPPORTED_IO_RANGE causes the sanity checks to pass even
with out of range values.

Reviewed by:	msmith
2001-09-26 01:11:33 +00:00
Bill Fenner
bd5b9e17b0 Fix (typo? pasteo?): panic("ffs_mountroot..." -> panic("ntfs_mountroot...") 2001-09-26 00:36:33 +00:00
Peter Wemm
4d7552180d Make this 'make obj' safe 2001-09-26 00:13:08 +00:00
John Baldwin
21377ce065 Remove superflous parens after de-macroizing. 2001-09-26 00:05:18 +00:00
John Baldwin
6b12d30f28 Include sys/ktr.h before sys/_lock.h to ensure LOCK_DEBUG is set to its
proper value.
2001-09-25 23:52:30 +00:00
John Baldwin
9ba567a07c Move the definition of LOCK_DEBUG from sys/lock.h to sys/_lock.h. 2001-09-25 23:51:54 +00:00
Scott Long
a3484cc54c Clarify how to determine the firmware version.
Submitted by:	Anders Andersson <anders@codefactory.se>
MFC after:	3 days
2001-09-25 22:33:53 +00:00
Robert Watson
75bc5b3f22 o So, when <dd> e-mailed me and said that the comment was inverted
for securelevel_ge() and securelevel_gt(), I was a little surprised,
  but fixed it.  Turns out that it was the code that was inverted, during
  a whitespace cleanup in my commit tree.  This commit inverts the
  checks, and restores the comment.
2001-09-25 21:08:33 +00:00
Ian Dowse
3f48bf186f RFC2132 is not clear about whether the "Maximum DHCP Message Size"
refers to the size of the whole ethernet packet, just the DHCP
message within the UDP payload, or something else. bootpd interpreted
it as a maximum UDP payload size, so it could end up sending
fragmented packets to clients (such as some versions of Etherboot)
that used different interpretations of the maximum message size.

Switch to the most conservative interpretation: ensure that the
ethernet packet containing the response is no larger than the
specified maximum message size. This matches the behaviour of
the ISC dhcpd.

MFC after:	1 week
2001-09-25 21:02:10 +00:00
Ian Dowse
2510719736 The -A option (beep when packets are dropped) didn't work quite
right; after a single packet was dropped it beeped after every
transmission.

Change its implementation to only output a bell when there is an
increase in the maximum value of the number of packets that were
sent but not yet received. This has the benefit that even for very
long round-trip times, ping -A will do roughly the right thing
after a few inital false-positives.

Reviewed by:	ru
2001-09-25 20:22:33 +00:00
Doug Rabson
5f802bfc9f Calculate the valid flag for ITRs and DTRs correctly. Also fix a couple
of minor problems and remove some debugging code.
2001-09-25 19:44:19 +00:00
Bruce A. Mah
99a7ea5c0e New release notes: aac(4) update, Yahoo! coredump patch, touch(1) -h. 2001-09-25 19:09:24 +00:00
Brooks Davis
2f65332817 The faith(4) device is no longer a count device so don't specify a count. 2001-09-25 18:56:40 +00:00
Wilko Bulte
7bdd46e6a1 Clarify that it is the SRM console that disables onboard USB on DS10.
Applies to newer SRM versions only. Verified by checking various SRM
revs.
2001-09-25 18:44:31 +00:00
Brooks Davis
9494d5968f Make faith loadable, unloadable, and clonable. 2001-09-25 18:40:52 +00:00
Ruslan Ermilov
0ec8be8404 mdoc(7) police: fixed markup. 2001-09-25 18:10:18 +00:00
Søren Schmidt
72c2f499ce Add a fix for the VIA82C686B data corruption bug.
This fixed the problem on the 3 platforms I've been able to test on.

I'm still of the oppinion that the BIOS should take care of this,
however some board makers only apply this when they spot a
SBLive! soundcard, but the problem exists even without a SBLive!.

This fix should probably go somewhere else, but for now I'll
keep it here since we havn't got a central place to put
such things.
2001-09-25 17:10:39 +00:00
Kazutaka YOKOTA
d4b248f23e Yet another turn of workaround for psm/ACPI/PnP BIOS
problems currently experienced in -CURRENT.

This should fix the problem that the PS/2 mouse is detected
twice if the acpi module is not loaded on some systems.
2001-09-25 16:59:28 +00:00
Bill Paul
9aa35f2391 Add some definitions for the DSP programming registers in the BCM5400
and BCM5401 PHYs.
2001-09-25 16:41:56 +00:00
Ruslan Ermilov
fb2473d217 - Only use sig_atomic_t objects in signal handlers.
- Use getopt() to parse command line.
- Add usage().
- WARNSify.
- Convert manpage to mdoc(7).

PR:		bin/30641
Submitted by:	Andrey Simonenko <simon@simon.org.ua>, ru
MFC after:	1 week
2001-09-25 13:45:46 +00:00
Dag-Erling Smørgrav
8712e867e1 Clean up my source tree to avoid getting hit too badly by the next KSE or
whatever mega-commit.  This goes some way towards adding support for
writeable files (needed by procfs).
2001-09-25 13:25:30 +00:00
Dag-Erling Smørgrav
689364858e Clean up my source tree to avoid getting hit too badly by the next KSE or
whatever mega-commit.  No real functional changes, just some experiments /
work in progress.
2001-09-25 13:24:24 +00:00
Ruslan Ermilov
b4e13f7b2b Removed touch(1) from the list of installworld tools that
was added in previous revision for no apparent reason.

Submitted by:	bde
2001-09-25 12:17:52 +00:00
Robert Watson
aaef1c3934 o Further clarify comment: ad Udo's request, re-insert the 'if'
refering to securelevels; also, update the unprivileged process text
  to better indicate the scope of actions permittable when any system
  flags are already set (limited).

Submitted by:	Udo Schweigert <udo.schweigert@siemens.com>
2001-09-25 12:02:44 +00:00
Andrey A. Chernov
e36b245ca8 1) Back out ~/.login_conf disable
2) Pick only "me" class from ~/.login_conf as documented
2001-09-25 11:07:26 +00:00
Mike Barcroft
3273a63ed9 A process name may contain whitespace and unprintable characters,
so convert those characters to octal notation.  Also convert
backslashes to octal notation to avoid confusion.

Reviewed by:	des
MFC after:	1 week
2001-09-25 04:42:40 +00:00
Mike Heffner
9ba6d8e420 Improve the description on how to construct ~ftp/pub. Specifically,
don't instruct users to set the directory mode 777.

PR:		30690
Obtained from:	NetBSD (with modification)
MFC after:	2 weeks
2001-09-25 02:43:45 +00:00
Robert Watson
82e83c60b3 o Parallelize the comment on the relationship between privileged un-jailed
processes and the actual securelevel check: make the comment use '> 0'
  instead of inverted '<= 0'.
2001-09-25 02:26:10 +00:00
Robert Watson
f5ef42be31 s/securelvel/securelevel/ 2001-09-25 02:15:00 +00:00
David E. O'Brien
2e78f3945a Let people know when a startup script is skipped because it is not
executable.

Suggested by:	gad
2001-09-25 01:55:21 +00:00
Murray Stokely
f784e0d137 Back out rev 1.74. This functionality causes a panic on 4.4-RELEASE
floppies if you try to actually use it.  This code will work fine if
you build and use sysinstall on a running system, since you have the
benefit of an installed termcap file.  However, this code does not
work on an MFSROOT, where you must set the TERMCAP environment
variable properly.  Unfortunately the quick fix of setting the TERMCAP
variable doesn't seem to fix the problem either.  olgeni will add this
functionality back once it's been fully implemented (hopefully using
the working code in termcap.c).

PR:		bin/30739
Submitted by:	Alexey V. Neyman <alex.neyman@auriga.ru>
Discussed with / Pointy hat to:  olgeni
MFC after:	3 days
2001-09-25 00:28:26 +00:00
Ian Dowse
1782e17d6f Add a missing dereference level. This caused nfsm_postop_attr_xx()
to try and extract node attributes from an RPC reply even if none
were present.

Reviewed by:	peter
2001-09-25 00:00:33 +00:00
Doug Rabson
3dc2c2d530 Use b6 instead of b1 - b1 is supposed to be preserved and b6 is scratch. 2001-09-24 22:50:20 +00:00
Doug Rabson
f8c1540f3d Make the Alternate {I,D} TLB vector code actually work for virtual
addresses greater than 256M (the page size for region 6 and 7).
2001-09-24 22:49:20 +00:00
Bruce A. Mah
5312a8def5 ghostscript6 has been replaced by ghostscript-gnu in the Ports
Collection, so we need to change the ports we need for a release.
2001-09-24 20:15:04 +00:00