in the future in a backward compatible (API and ABI) way.
The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.
The structure definition looks like this:
struct cap_rights {
uint64_t cr_rights[CAP_RIGHTS_VERSION + 2];
};
The initial CAP_RIGHTS_VERSION is 0.
The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.
The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.
To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.
#define CAP_PDKILL CAPRIGHT(1, 0x0000000000000800ULL)
We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:
#define CAP_LOOKUP CAPRIGHT(0, 0x0000000000000400ULL)
#define CAP_FCHMOD CAPRIGHT(0, 0x0000000000002000ULL)
#define CAP_FCHMODAT (CAP_FCHMOD | CAP_LOOKUP)
There is new API to manage the new cap_rights_t structure:
cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
void cap_rights_set(cap_rights_t *rights, ...);
void cap_rights_clear(cap_rights_t *rights, ...);
bool cap_rights_is_set(const cap_rights_t *rights, ...);
bool cap_rights_is_valid(const cap_rights_t *rights);
void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);
Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:
cap_rights_t rights;
cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);
There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:
#define cap_rights_set(rights, ...) \
__cap_rights_set((rights), __VA_ARGS__, 0ULL)
void __cap_rights_set(cap_rights_t *rights, ...);
Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:
cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);
Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.
This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.
Sponsored by: The FreeBSD Foundation
(sys/dev/iscsi_initiator/ instead of sys/dev/iscsi/initiator/), to make
room for the new one. This is also more logical location (kernel module
being named iscsi_initiator.ko, for example). There is no ongoing work
on this I know of, so it shouldn't make life harder for anyone.
There are no functional changes, apart from "svn mv" and adjusting paths.
being defined in <sys/diskmbr.h>. Instead give the symbols here a
"PC98_" prefix. This way, both <sys/diskmbr.h> and <sys/diskpc98.h>
can be included in the same C source file.
The renaming is trivial. The only gotcha is that DOSBBSECTOR is
also redefined from 0 to 1. This because DOSBBSECTOR was always
used in conjunction with an addition of 1. The PC98_BBSECTOR symbol
is defined as 1 and the expression is simplified.
Note: it is not believed that ports are seriously impacted; or at
all for that matter.
Approved by: nyan@
This fix the case when etherswitch is printing the information of port 0
vlan group (in port based vlan mode) with no member ports.
Add the ETHERSWITCH_VID_VALID support to ip17x driver.
Add the ETHERSWITCH_VID_VALID support to rt8366 driver.
arswitch doesn't need to be updated as it doesn't support vlans management
yet.
Approved by: adrian (mentor)
- Display a AF_LINK address in #linkN when sdl_{nlen,alen,slen) == 0 and
sdl_index != 0.
- Reduce unnecessary loop in pmsg_addrs().
- Remove iso_ntoa(). This is not used.
As part of this commit, add an nvme_strvis() function which borrows
heavily from cam_strvis(). This will allow stripping of
leading/trailing whitespace and also handle unprintable characters
in model/serial numbers. This function goes into a new nvme_util.c
file which is used by both the driver and nvmecontrol.
Sponsored by: Intel
Reviewed by: carl
MFC after: 3 days
Recent testing with QEMU that has variable sector size support for
NVMe uncovered some of these issues. Chatham prototype boards supported
only 512 byte sectors.
Sponsored by: Intel
Reviewed by: carl
MFC after: 3 days
Also remove stat() call and just rely on errno from open() call to discern
whether dev node exists or not.
Sponsored by: Intel
Reviewed by: kib, carl
MFC after: 3 days
and firmware revision in the controller's identify structure.
Also modify consumers of these fields to ensure they only use the
specified number of bytes for their respective fields.
Sponsored by: Intel
Reviewed by: carl
MFC after: 3 days
the root file system on bootup:
|------------------------------------------------------------------------
|r214006 | marcel | 2010-10-17 22:01:53 -0700 (Sun, 17 Oct 2010) | 20 lines
|
| Re-implement the root mount logic using a recursive approach, whereby each
|root file system (starting with devfs and a synthesized configuration) can
|contain directives for mounting another file system as root.
|------------------------------------------------------------------------
This commit adds a mount.conf(8) man page which documents
the root mount logic. mount.conf(8) also provides some examples
for the /.mount.conf file, which can be used to change the root mount behavior.
Reviewed by: marcel bjk
- Fix a bug in sodump() which prevented struct sockaddr_in6 from displaying.
- Fix a bug in in fiboptlist_csv() which could cause free() of uninitialized
pointer.
- Style cleanups:
. Add missing "static" keywords.
. Use an array of struct sockaddr_storage instead of sockunion for rtmsg.
. Use err() and errx() instead of pair of fprintf(stderr, "...") + exit(1).
. Use nitems() macro.
. Various style(9) fixes.
an empty firmware slot, as long as the user has specified a firmware
image to download into the empty firmware slot.
Sponsored by: Intel
Reported by: Joe Golio <joseph.golio@emc.com>
MFC after: 3 days
are processed as admin commands, not I/O commands.
As part of this change, pull out the code for parsing a namespace node
string into a separate function, since it is used for both identify and
logpage commands.
Sponsored by: Intel
MFC after: 3 days
firmware download. This correctly prints an error and exits for
an incorrect firmware image name before prompting the user to
confirm the download.
Sponsored by: Intel
MFC after: 3 days
* Use 0/1 instead of sysexits. Man pages are confusing on this topic,
but 0/1 is sufficient for nvmecontrol.
* Use err function family where possible instead of fprintf/exit.
* Fix some typing errors.
* Clean up some error message inconsistencies.
Sponsored by: Intel
Submitted by: bde (parts of firmware.c changes)
MFC after: 3 days
