Commit Graph

125545 Commits

Author SHA1 Message Date
Pawel Jakub Dawidek
5362e27b6d Set ses_ictx and ses_octx to NULL after freeing them, so we won't free
them twice.
This is possible for example in situation when session is used in
authentication context, then freed and then used in encryption context
and freed - in encryption context ses_ictx and ses_octx are not touched
at newsession time, but padlock_freesession could still try to free them
when they are not NULL.
2006-07-22 10:04:47 +00:00
George V. Neville-Neil
87b4dfd5b2 Fix build breakage from previous commit which confused key_abort and key_close. 2006-07-22 09:18:02 +00:00
Yaroslav Tykhiy
525388396e The month name in .Dd should be spelled in full.
Pointed out by:	ru
2006-07-22 07:23:46 +00:00
George V. Neville-Neil
c6af35ee0e The KAME project ceased work on IPv6 and IPSec in March of 2006.
Remove the README file which warns against cosmetic or local only
changes.  FreeBSD committers should now feel free to work on the
IPv6 and IPSec code without fetters.  The KAME mailing lists still
exist and it is always a good idea to ask questions about this code
on the snap-users@kame.net mailing list.

Reviewed by:	rwatson, brooks
2006-07-22 02:32:32 +00:00
Alan Cox
2cf139527c Retire debug.mpsafevm. None of the architectures supported in CVS require
it any longer.
2006-07-21 23:22:49 +00:00
Maxim Sobolev
7697c5e483 Remove mention of the `W' flag, which has been turned to no-op by the
neworder change. Keep the option in a config file parser, to not
violate POLA.

MFC after:	2 weeks
2006-07-21 22:13:06 +00:00
John Baldwin
3ce72960e8 Regen. 2006-07-21 20:41:33 +00:00
John Baldwin
e0569c0798 Clean up the svr4 socket cache and streams code some to make it more easily
locked.
- Move all the svr4 socket cache code into svr4_socket.c, specifically
  move svr4_delete_socket() over from streams.c.  Make the socket cache
  entry structure and svr4_head private to svr4_socket.c as a result.
- Add a mutex to protect the svr4 socket cache.
- Change svr4_find_socket() to copy the sockaddr_un struct into a
  caller-supplied sockaddr_un rather than giving the caller a pointer to
  our internal one.  This removes the one case where code outside of
  svr4_socket.c could access data in the cache.
- Add an eventhandler for process_exit and process_exec to purge the cache
  of any entries for the exiting or execing process.
- Add methods to init and destroy the socket cache and call them from the
  svr4 ABI module's event handler.
- Conditionally grab Giant around socreate() in streamsopen().
- Use fdclose() instead of inlining it in streamsopen() when handling
  socreate() failure.
- Only allocate a stream structure and attach it to a socket in
  streamsopen().  Previously, if a svr4 program performed a stream
  operation on an arbitrary socket not opened via the streams device,
  we would attach streams state data to it and change f_ops of the
  associated struct file while it was in use.  The latter was especially
  not safe, and if a program wants a stream object it should open it via
  the streams device anyway.
- Don't bother locking so_emuldata in the streams code now that we only
  touch it right after creating a socket (in streamsopen()) or when
  tearing it down when the file is closed.
- Remove D_NEEDGIANT from the streams device as it is no longer needed.
2006-07-21 20:40:13 +00:00
John Baldwin
52d639a953 Add conditional VFS Giant locking to svr4_sys_fchroot() and mark it MPSAFE.
Also, call change_dir() instead of doing part of it inline (this now adds
a mac_check_vnode_chdir() call) to match fchdir() and call
mac_check_vnode_chroot() to match chroot().  Also, use the change_root()
function to do the actual change root to match chroot().

Reviewed by:	rwatson
2006-07-21 20:28:56 +00:00
John Baldwin
b04aff773e Add a comment to explain what fdclose() does and what it's purpose is
since the subtlety eluded me when I looked at it last week.
2006-07-21 20:24:00 +00:00
John Baldwin
b4c63329d5 - Pass the MPSAFE flag to namei() in linux_uselib() and handle conditional
Giant VFS locking in that function.
- Remove bogus code to handle the case where namei() returns success but a
  NULL vnode pointer.
- Note that this code duplicates exec_check_permissions() and annotate
  where it differs.
- Hold the vnode lock longer to protect the write to set VV_TEXT in
  v_vflag.
- Mark linux_uselib() MPSAFE.

Reviewed by:	rwatson
2006-07-21 20:22:13 +00:00
Warner Losh
8fcb4ef1cf If we get an error w/o atapi sense information, just print a newline
to terminate the message we started.  I get non-terminated messages
when reading audio tracks w/o this patch.
2006-07-21 19:13:05 +00:00
Hajimu UMEMOTO
da83bf18e4 simplification in explore_numeric: unified the post-process with
GET_AI and GET_PORT.  Commented on an impossible case.

Obtained from:	KAME
MFC after:	1 week
2006-07-21 19:02:28 +00:00
Hajimu UMEMOTO
0cf41987df RFC3493 requires use of inet_aton for AF_INET.
Obtained from:	KAME
MFC after:	1 week
2006-07-21 19:00:22 +00:00
Hajimu UMEMOTO
0aceddcef7 clean-up: rewrote explore_null and explore_numeric without using sentinel.
we do not need it since we make (at most) a single addrinfo entry in these
cases.

Obtained from:	KAME
MFC after:	1 week
2006-07-21 18:57:44 +00:00
Hajimu UMEMOTO
b88ad6b5d6 - draft-ietf-ipngwg-icmp-namelookups-09
- make it compilable

It still requires root privilege and is experimental.

Obtained from:	KAME
MFC after:	1 week
2006-07-21 18:55:51 +00:00
Robert Watson
a152f8a361 Change semantics of socket close and detach. Add a new protocol switch
function, pru_close, to notify protocols that the file descriptor or
other consumer of a socket is closing the socket.  pru_abort is now a
notification of close also, and no longer detaches.  pru_detach is no
longer used to notify of close, and will be called during socket
tear-down by sofree() when all references to a socket evaporate after
an earlier call to abort or close the socket.  This means detach is now
an unconditional teardown of a socket, whereas previously sockets could
persist after detach of the protocol retained a reference.

This faciliates sharing mutexes between layers of the network stack as
the mutex is required during the checking and removal of references at
the head of sofree().  With this change, pru_detach can now assume that
the mutex will no longer be required by the socket layer after
completion, whereas before this was not necessarily true.

Reviewed by:	gnn
2006-07-21 17:11:15 +00:00
Yaroslav Tykhiy
05a7329cba Touch document date (Dd). 2006-07-21 15:57:12 +00:00
Yaroslav Tykhiy
9f8b57f078 Since Alpha support isn't in HEAD anymore, remove Alpha-specific
rc.conf(5) knobs, too: osf1_enable, unaligned_print.
2006-07-21 15:55:18 +00:00
Olivier Houchard
838ab6b670 Grr we also need to set -mbig-endian to LDFLAGS. Now I can build a
big-endian arm world.
2006-07-21 14:07:48 +00:00
Max Laier
cff1b3389b Import from OpenBSD 1.168, dhartmei:
fix a bug in the input sanity check of DIOCCHANGERULE (not used by pfctl,
  but third-party tools). a rule must have a non-empty replacement address
  list when it's a translation rule but not an anchor call (i.e. "nat ...
  ->" needs a replacement address, but "nat-anchor ..." doesn't). the check
  confused "rule is an anchor call" with "rule is defined within an anchor".
  report from Michal Mertl, Max Laier.

Obtained from:	OpenBSD
MFC after:	2 weeks
2006-07-21 09:48:13 +00:00
Xin LI
12c4ea9abd The contents pointed by ssi_cables[] is never changed so explicitly
declare it as const char * instead of char *.

This change have no side impact to the code itself, and is a step
forward to WARNS=6 truss(1).
2006-07-21 08:45:00 +00:00
Alan Cox
af51d7bf57 Eliminate OBJ_WRITEABLE. It hasn't been used in a long time. 2006-07-21 06:40:29 +00:00
Alan Cox
7e8041d356 Implement pmap_clear_write().
Discussed with: cognet@
2006-07-20 23:26:22 +00:00
Warner Losh
35ef2e4849 Remove ALPHA optimization pointer for gcc flags.
Add ARM optimization pointer for gcc flags.
2006-07-20 22:42:48 +00:00
Olivier Houchard
220e6313cb Oops LDFLAGS can be used to invoke gcc, so directly add -EB to {LD}. 2006-07-20 22:13:59 +00:00
Olivier Houchard
b72f5c0f35 Honor ARM_BIG_ENDIAN by adding -mbig-endian to CFLAGS and -EB to LDFLAGS if
it is defined.
2006-07-20 21:28:07 +00:00
Olivier Houchard
bba93a0066 Fix ALT_BREAK_TO_DEBUGGER on the AT91 :
The core uart code expects the receive method to actually puts the
characters read into its buffers. For AT91, it's done in the ipend routine,
so also check if we have the alternate break sequence here.

MFC after:	3 days
2006-07-20 21:03:43 +00:00
John Baldwin
12d08f315b Expand locking coverage slightly to cover if_drv_flags in a few places
where it wasn't locked.

MFC after:	3 days
Reviewed by:	davidch
2006-07-20 18:41:00 +00:00
Alan Cox
3cad40e517 Add pmap_clear_write() to the interface between the virtual memory
system's machine-dependent and machine-independent layers.  Once
pmap_clear_write() is implemented on all of our supported
architectures, I intend to replace all calls to pmap_page_protect() by
calls to pmap_clear_write().  Why?  Both the use and implementation of
pmap_page_protect() in our virtual memory system has subtle errors,
specifically, the management of execute permission is broken on some
architectures.  The "prot" argument to pmap_page_protect() should
behave differently from the "prot" argument to other pmap functions.
Instead of meaning, "give the specified access rights to all of the
physical page's mappings," it means "don't take away the specified
access rights from all of the physical page's mappings, but do take
away the ones that aren't specified."  However, owing to our i386
legacy, i.e., no support for no-execute rights, all but one invocation
of pmap_page_protect() specifies VM_PROT_READ only, when the intent
is, in fact, to remove only write permission.  Consequently, a
faithful implementation of pmap_page_protect(), e.g., ia64, would
remove execute permission as well as write permission.  On the other
hand, some architectures that support execute permission have
basically ignored whether or not VM_PROT_EXECUTE is passed to
pmap_page_protect(), e.g., amd64 and sparc64.  This change represents
the first step in replacing pmap_page_protect() by the less subtle
pmap_clear_write() that is already implemented on amd64, i386, and
sparc64.

Discussed with: grehan@ and marcel@
2006-07-20 17:48:41 +00:00
Florent Thoumie
ca3a4056ad - Remove hardcoded /etc/ntp.conf configuration file from ntpdate rc.d script
and replace it with a new ntpdate_config variable.
- Document it in defaults/rc.conf and rc.conf.5.
- Document ntpdate_hosts in defaults/rc.conf.

Requested by:	Chris Timmons <cwt@networks.cwu.edu>
Approved by:	cperciva (mentor, implicit)
MFC after:	1 week
2006-07-20 10:07:34 +00:00
Stefan Farfeleder
a68654e647 Convert macros to use C99's syntax for macros with a variable number of
arguments.
2006-07-20 09:47:15 +00:00
Stefan Farfeleder
347a5ee76c Remove unused variables. 2006-07-20 09:38:46 +00:00
Stefan Farfeleder
531c70a642 Don't use "implicit int". Move the opening { of the functions to the next
line while there.
2006-07-20 09:11:08 +00:00
Pyun YongHyeon
da84b3961f Since resetting hardware takes a very long time and results in link
renegotiation, we only initialize the hardware only when it is
absolutely required. Process SIOCGIFADDR ioctl in em(4) when we know
an IPv4 address is added. Handling SIOCGIFADDR in a driver is
layering violation but it seems that there is no easy way without
rewritting hardware initialization code to reduce settle time after
reset.

This should fix a long standing bug which didn't send ARP packet when
interface address is changed or an alias address is added. Another
effect of this fix is it doesn't need additional delays anymore when
adding an alias address to the interface.
While I'm here add a new if_flags into softc which remembers current
prgroammed interface flags and make use of it when we have to program
promiscuous mode.

Tested by:	Atanas <atanas AT asd DOT aplus DOT net>
Analyzed by:	rwatson
Discussed with:	-stable
2006-07-20 04:18:45 +00:00
Pyun YongHyeon
693d469eee Protect EEPROM access with the driver lock. 2006-07-20 04:01:54 +00:00
Pyun YongHyeon
fa799a4e7e Honor IFF_DRV_OACTIVE in em_start_locked(). 2006-07-20 03:57:58 +00:00
John Baldwin
7cf6a457ea Regen. 2006-07-19 19:03:21 +00:00
John Baldwin
a1ca3e0ba7 Add conditional VFS Giant locking to svr4_sys_resolvepath() and mark it
MPSAFE.
2006-07-19 19:03:03 +00:00
John Baldwin
a3616b117c Make svr4_sys_waitsys() a lot less ugly and mark it MPSAFE.
- If the WNOWAIT flag isn't specified and either of WEXITED or WTRAPPED is
  set, then just call kern_wait() and let it do all the work.  This means
  that this function no longer has to duplicate the work to teardown
  zombies that is done in kern_wait().  Instead, if the above conditions
  aren't true, then it uses a simpler loop to implement WNOWAIT and/or
  tracing for only stopped or continued processes.  This function still
  has to duplicate code from kern_wait() for the latter two cases, but
  those are much simpler.
- Sync the code to handle the WCONTINUED and WSTOPPED cases with the
  equivalent code in kern_wait().
- Fix several places that would return with the proctree lock still held.
- Lock the current process to prevent lost wakeup races when blocking.
2006-07-19 19:01:10 +00:00
John Baldwin
9079458ad2 Add a mutex to protect the list of interrupt config hooks. We do assume
that the only remove hook operation that can occur while processing the
hooks is to remove the currently executing hook.  This should be safe as
the existing code has assumed this already for a long time now.

Reviewed by:	scottl
MFC after:	1 week
2006-07-19 18:53:56 +00:00
John Baldwin
9c2dc11465 Whitespace fix after s/dev_t/struct cdev */. 2006-07-19 18:52:33 +00:00
John Baldwin
2f198e899a Call change_dir() instead of duplicating the code in fchdir(). 2006-07-19 18:30:33 +00:00
John Baldwin
b33887ea31 Don't free the sockaddr in kern_bind() and kern_connect() as not all
callers pass a sockaddr allocated via malloc() from M_SONAME anymore.
Instead, free it in the callers when necessary.
2006-07-19 18:28:52 +00:00
John Baldwin
15cc91d345 Disable the pager for 'panic' and 'call' to be paranoid. 2006-07-19 18:26:53 +00:00
John Baldwin
a02f5c6204 Initialize svr4_head during MOD_LOAD rather than on demand. 2006-07-19 18:26:09 +00:00
Michael Reifenberger
93a73e5a00 Reflect the additional support of C7 CPU's in padlock(4).
Submitted by:	brueffer
MFC after:	1 day
2006-07-19 16:31:09 +00:00
Robert Watson
13496464e5 Add a test case for closing a UDPv6 socket that has been connected to
the IPv6 loopback address.

Warns ?= 2.
2006-07-19 12:54:14 +00:00
Robert Watson
9b498b31a9 Add very basic regression test for netinet6: create and close raw,
UDP, and TCP IPv6 sockets.
2006-07-19 12:10:33 +00:00
Yoshihiro Takahashi
adb4f1aa0f The pcn does not work on NEC SV-98/2-B05 and B06.
Submitted by:	Chiharu Shibata
MFC after:	3 days
2006-07-19 11:49:22 +00:00