Commit Graph

61463 Commits

Author SHA1 Message Date
Matt Jacob
804625ee9c Play it safe and make MSI and MSI-X an option you have to turn on for MPT. 2006-11-19 23:15:42 +00:00
Matt Jacob
21167708e8 If a TMF request fails to start, make sure that we pull it off the
pending list and set the state back to free prior to calling mpt_reset
so we don't panic at a later point.
2006-11-19 23:13:12 +00:00
Andrew Thompson
36dac7e26d Do not call bstp_stop() internally as it clears the running flag which causes
the timer to never be restarted.

Reported by:	bz
2006-11-19 23:08:35 +00:00
Alan Cox
da44960498 The global variable avail_end is redundant and only used once. Eliminate
it.  Make avail_start static to the pmap on amd64.  (It no longer exists
on other architectures.)
2006-11-19 20:54:58 +00:00
Marcel Moolenaar
56d881b917 Remove LDR_LOG2_PGSZ, ia64_pgtbl and ia64_pgtblsz. They are part of
a WIP and not used yet.
2006-11-19 20:04:11 +00:00
Christian S.J. Peron
fa5c72f583 Fix typo in comment
Pointed out by:	ru
2006-11-18 23:38:31 +00:00
Christian S.J. Peron
90d4d36094 Implement new ETHER_BPF_MTAP macro. Roll back the various changes
made to accommodate the chip being in promiscuous mode while
offloading VLAN tag processing to the hardware.  We can now
properly handle the absence of VLAN tags from hardware stripping.

Reviewed by:	rwatson, andre
MFC after:	1 month
2006-11-18 23:18:43 +00:00
Christian S.J. Peron
52f1277eea Currently, drivers that support hardware offload of VLAN tag
processing are forced to toggle this functionality when the card
is put in and out of promiscuous mode.  The main reason for this
is because the hardware strips the VLAN tag, making it impossible
for the tag information to show up in network diagnostic tools like
tcpdump(1).

This change introduces ether_vlan_mtap(), which is called if the
mbuf has M_VLANTAG set.  VLAN information is extracted from the
mbuf and inserted into a stack allocated ether vlan header which
is then inserted through the bpf machinery via bpf_mtap2(). The
original mbuf's data pointer and lengths are temporarily adjusted
to eliminate the original Ethernet header for the duration of the
tap operation. This should have no long term effects on the mbuf.

Also, define a new macro, ETHER_BPF_MTAP which should be used
by drivers which support hardware offload of VLAN tag processing.

The fixes for the relevant drivers will follow shortly.

Discussed with:		rwatson, andre, jhb (and others)
Much feedback from:	sam, ru
MFC after:	1 month [1]

[1] The version that is eventually MFCed will be somewhat
    different then this, as there has been significant work
    done to the VLAN code in HEAD.
2006-11-18 23:17:22 +00:00
Marcel Moolenaar
a602be7b07 Since printf also has at least one critical section, we need to
initialize pc_curthread. While here, rename early_pcpu to pcpu0
to be conistent (compare thread0 and proc0).
2006-11-18 23:15:25 +00:00
Marcel Moolenaar
77121031e7 Now that printf() needs the PCPU, set it up before we call printf().
Change the pc_pcb field from a pointer to struct pcb to struct pcb
so that sizeof(struct pcb) includes the PCB we use for IPI_STOP.
Statically declare early_pcb so that we don't have to allocate the
PCB for thread0. This way we can setup the PCPU before cninit()
and thus before we use printf().
2006-11-18 21:52:26 +00:00
Marcel Moolenaar
2fd31a5e0d Revert previous commit. PC_CONS_BUFR is not used nor needed by
assembly.
2006-11-18 21:48:13 +00:00
Kip Macy
3ad9c2127b remove unused fields
Approved by: scottl (standing in for mentor rwatson)
2006-11-18 19:23:37 +00:00
Craig Rodrigues
ba8e255297 Previously, the mount_ext2fs binary listed the acceptable mount
options for ext2fs.  Now that we use nmount() directly from the mount
binary to access ext2fs filesystems, add the list of acceptable mount
options to ext2_ops, so that vfs_filteropts() will accept
options like "noatime" for ext2fs.

PR:		105483
Noticed by:	Dr. Markus Waldeck <waldeck gmx de>
MFC after:	1 month
2006-11-18 18:22:11 +00:00
Konstantin Belousov
bdaee9ef4e Add missed ")". Fix the build.
Pointy hat to:	kib
2006-11-18 17:27:39 +00:00
Kip Macy
1a667f5b30 eeprom has been removed from sun4v - remove from NOTES 2006-11-18 17:16:02 +00:00
Sam Leffler
fdc6354580 mark struct ether_header packed so gcc honors alignment
constratins on arm; this fixes bridging when packets are
rx'd so ip headers are 32-bit aligned

Reviewed by:	imp (and discussed elsewhere)
MFC after:	2 weeks
2006-11-18 15:50:24 +00:00
Konstantin Belousov
cce1514679 Sync struct sysinfo with real one from linux.
Submitted by:	rdivacky
2006-11-18 14:37:54 +00:00
Konstantin Belousov
0c00520b93 Use standard debugging facilities in linux_getcwd().
Submitted by:	rdivacky
2006-11-18 13:31:03 +00:00
Konstantin Belousov
d559d18183 Add debuging printfs to syscalls that do not contain it yet. In
sethostname do not print the hostname because it would require to copyin
the string. Sethostname is not very frequently used.

Submitted by:	rdivacky
2006-11-18 13:00:59 +00:00
Konstantin Belousov
f472c6e35a Remove unecessary locking of process in linux_getpid.
Suggested by:	jhb
Submitted by:	rdivacky
2006-11-18 10:12:43 +00:00
Scott Long
3c77cee1ba Change the internal API for polled commands. Calling mfi_polled_command
after calling mfi_mapcmd is no longer needed, so long as the MFI_CMD_POLLED
flag is set.  This change eliminates the possibility of a polled command
getting posted twice to the driver.  This is turn fixes panics on shutdown
when INVARIANTS is set.

Sponsored by: Ironport
2006-11-18 07:33:53 +00:00
Kip Macy
8c8a01d714 Remove two completely unused files
Reviewed by: jb (mentor rwatson)
2006-11-18 07:28:47 +00:00
Kip Macy
fda40eb204 Remove two more duplicated files
Reviewed by: jb (mentor is rwatson)
2006-11-18 07:24:56 +00:00
Kip Macy
1eea142b6f remove 13 (largely) redundant files and switch to the sparc64/sparc64 version
Reviewed by: jb (mentor rwatson)
2006-11-18 07:10:52 +00:00
Matt Jacob
04697f7aa3 Make the SAN login/logout stuff more common between different chipsets
and provied an isp_control entry point so that the outer layers can
do PLOGI/LOGO explicitly. Add MS IOCB support. This completes the cycle
for base support for SMI-S.
2006-11-18 03:53:16 +00:00
Jung-uk Kim
e22291430e Fix msgsnd(3)/msgrcv(3) deadlock under heavy resource pressure by timing out
msgsnd and rechecking resources.  This problem was found while I was running
Linux Test Project test suite (test cases: msgctl08, msgctl09).
Change `msgwait' to `msgsnd' and `msgrcv' to distinguish its sleeping
conditions.  Few cosmetic changes to debugging messages.
2006-11-17 20:43:01 +00:00
John Baldwin
81efc3d94c Add support for 8 byte hardware watches in long mode. Kernel hardware
watches support 8 byte watches.  For userland, we disallow 8 byte watches
for 32-bit tasks.
2006-11-17 20:27:01 +00:00
John Baldwin
7693afca4e - Add macro constants for the various fields in %dr7 and use them in place
of various scattered magic values.
- Pretty print the address of hardware watchpoints in 'show watch' rather
  than just displaying hex.
- Expand address field width on amd64 for 64-bit pointers.
2006-11-17 19:20:32 +00:00
Matt Jacob
6301ffe515 Disable code to set max read byte count on the 2400.
It caused a panic in writing the config register on a system. Turn
it off until we take the time to understand it.

Reported by and Testing by: Anton
2006-11-17 17:32:45 +00:00
David E. O'Brien
9ae2249db2 Missed two nits in rev 1.7. 2006-11-17 16:49:40 +00:00
John Baldwin
e6337905e5 Fix the output format of MI ddb watches in 'show watch' on 64-bit
platforms.
2006-11-17 16:41:56 +00:00
John Baldwin
5527d3ed75 Trim some noise from bootverbose:
- Drop the printf in intr_machdep.c when we assign an interrupt souce to
  a CPU.  Each source already has a more detailed printf.
- Don't output a line for each ioapic pin showing its initial state, this
  has outlived its usefulness.
- When an APIC enumerator sets the bus, polarity, or trigger mode of an
  ioapic pin, just return success without printing anything if the new
  value matches the current one.

MFC after:	2 weeks
2006-11-17 16:41:03 +00:00
John Baldwin
5d346a567c A few more style fixes. 2006-11-17 16:37:35 +00:00
Konstantin Belousov
dbf989ea6a Wake up PIOCWAIT handler on the process exit in addition to the stop
events. &p->p_stype is explicitely woken up on process exit for us.

Now, truss /nonexistent exits with error instead of waiting until killed
by signal.

Reported by:	Nikos Vassiliadis nvass at teledomenet gr
Reviewed by:	jhb
MFC after:	1 week
2006-11-17 14:52:38 +00:00
Olivier Houchard
1ea7de37f9 Erm we really want to mask all interrupts in the range, just not the first
one.

Submitted by:	ru
2006-11-17 11:56:56 +00:00
Søren Schmidt
72a426ba26 Deal more generically with the byteswap needed on !littleendian HW.
Account for the odd layout on ARM bigendian HW.
2006-11-17 11:13:47 +00:00
Kevin Lo
f43f0196a9 Compile -- remove an unused global variable avail_end.
Approved by: cognet
2006-11-17 00:53:39 +00:00
Matt Jacob
52c008534d *smack* - forgot to do i386 compile, so last
commit broke things.
2006-11-17 00:19:55 +00:00
Matt Jacob
757cabc30b Finally fix local command responses to set residual correctly.
This allows us to play nicely on SANs when we have target mode
enabled in f/w but have neither the scsi_targbh enabled or
scsi_targ with a target enabled.
2006-11-16 23:47:16 +00:00
Mohan Srinivasan
3c2fcc3c92 vfs_hash_insert() vputs() the losing vnode before returning, in the event of
a race where a duplicate vnode is entered into the vfs hash. nfs_nget() shouldn't
be releasing the vnode in that case.
2006-11-16 23:03:46 +00:00
Mohan Srinivasan
87c125cecc Fix to readdir+ reply handling. When inserting an entry into the namecache,
initialize the nfsnode's ctime. Otherwise a subsequent lookup purges the
just entered namecache entry.
2006-11-16 23:02:37 +00:00
John Baldwin
3bea4efeb1 Look for capabilities in PCI-PCI bridges using the same CAP PTR register
as for type 0 devices.

Submitted by:	grehan
MFC after:	1 week
2006-11-16 17:31:33 +00:00
Ruslan Ermilov
8d594a3fb5 Remove an unused variable. 2006-11-16 13:32:30 +00:00
Ruslan Ermilov
5a66b66324 Replace magic numbers for console bell types with defines. 2006-11-16 12:27:51 +00:00
Maxim Konovalov
79ba24ca87 o Make pv_maxchunks no less than maxproc. This helps to survive a
forkbomb explosion.

Reviewed by:	alc
Security:	local DoS
X-MFC atfer:	RELENG_6 is not affected due to a different pv_entry
		allocation code.
2006-11-16 11:46:24 +00:00
Kip Macy
4570c1c11b Resize the hash table upwards if the number of collision entries is greater than 1/4 of the
total
it is possible that the resize threshold should be revised upwards

Approved by: scottl (standing in for mentor rwatson)
2006-11-16 07:50:33 +00:00
Scott Long
46222d084a Due to an incorrect macro, it appears that this driver has always been
accidentally truncating off the VLAN tag field in the TX descriptor.  Fix
this by splitting up the vlan_tag and flags fields into separate fields,
and handling them appropriately.

Sponsored by: Ironport
MFC After: 3 days
2006-11-16 06:28:54 +00:00
John Polstra
6e7b2160a4 In bce_start_locked, check the used_tx_bd count rather than the
descriptor's mbuf pointer to see if the transmit ring is full.  The
mbuf pointer is set only in the last descriptor of a
multi-descriptor packet.  By relying on the mbuf pointers of the
earlier descriptors, the driver would sometimes overwrite a
descriptor belonging to a packet that wasn't completed yet.  Also,
tx_chain_prod wasn't updated inside the loop, causing the wrong
descriptor to be checked after the first iteration.  The upshot of
all this was the loss of some transmitted packets at medium to high
packet rates.

In bce_tx_encap, remove a couple of old statements that shuffled
around the tx_mbuf_map pointers.  These now correspond 1-to-1 with
the transmit descriptors, and they are not supposed to be changed.

Correct a couple of inaccurate comments.

MFC after:	1 month
2006-11-16 04:04:07 +00:00
Matt Jacob
eba891af5b After tests on 2 different AMD platforms with several
different cards (SAS, 4Gb FC), MSI seems to work with
the cards.

This was of some concern because some  PCI cards
claim to work with MSI but don't.
2006-11-16 02:40:18 +00:00
Pawel Jakub Dawidek
7ee07175af Change sleepq_add(9) argument from 'struct mtx *' to 'struct lock_object *',
which allows to use it with different kinds of locks. For example it allows
to implement Solaris conditions variables which will be used in ZFS port on
top of sx(9) locks.

Reviewed by:	jhb
2006-11-16 01:02:00 +00:00
Warner Losh
f358fbffa9 Mfp4: Remove mci_device.c. It should have been removed when it was
merged ito sd-card.c, but this is an imperfect world.
2006-11-16 00:55:24 +00:00
Warner Losh
e2302bcc3d Move to using a common arm_init.S. These things are more similar than
different at this point.
2006-11-16 00:53:28 +00:00
Warner Losh
a2288572aa MFp4: Don't fix the size at 8k, and some minor cleanups. andre@ contributed
to fixing this problem.
2006-11-16 00:49:50 +00:00
Warner Losh
b9f3efc87a MFp4: Improvements, including the ability to download to an arbitrary
part of the spi flash.
2006-11-16 00:48:53 +00:00
Warner Losh
1920635c8e Tweaks for better boot flavor support. 2006-11-16 00:48:04 +00:00
Warner Losh
88009adfcf Mfp4: We no longer need ee.h included here. 2006-11-16 00:47:31 +00:00
Matt Jacob
2cad1d9857 Increase the timeout for some SAN commands.
Only complain about FC Reponse errors if they're nonzero.

Shorten some PortID printouts for local loop.

Add an internal isp_xcmd_t data structure which we'll use for some
CT-Passthru support as part of adding SMI-S.
2006-11-16 00:39:56 +00:00
Matt Jacob
e49f99cd9f minor change to reduce some diff noise 2006-11-16 00:31:46 +00:00
John Birrell
3f970273b1 Add big endian support.
Submitted by:	scottl
Reviewed by:	mjacob
2006-11-15 21:46:36 +00:00
John Birrell
c686bf2237 Get the parent dma tag if one exists. This is required on sun4v. Other
arches will default to NULL if they have no parent.

Reviewed by: mjacob
2006-11-15 21:41:59 +00:00
John Baldwin
7eefbf10c8 Adjust assertions to allow for magical properties of the 'lbolt' wait
channel for tsleep():
- Allow tsleep() on &lbolt without Giant with a timeout 0 since &lbolt has
  an implied timeout.
- If &lbolt is used with msleep() pass NULL to sleepq_add() for the lock
  object.  Unlike other sleepq channels, &lbolt doesn't have an associated
  owning lock.
2006-11-15 20:44:07 +00:00
Matt Jacob
4f914ffd1d Turn off MSI until some testing is done. 2006-11-15 20:18:09 +00:00
John Baldwin
280388afe5 Add MSI support to em(4), bce(4), and mpt(4). For now, we only support
devices that support a maximum of 1 message, and we use that 1 message
instead of the INTx rid 0 IRQ with the same interrupt handler, etc.
2006-11-15 20:04:57 +00:00
John Baldwin
71f4007710 Various whitespace and style fixes. 2006-11-15 19:53:48 +00:00
John Baldwin
15f266289d Fix a typo that broke MSI (MSI-X worked fine) in the later revisions of
the MSI patches.
2006-11-15 18:40:00 +00:00
Konstantin Belousov
292a85f4a8 Group pid and parent are shared in a case of CLONE_THREAD not CLONE_VM.
This fix lets clone02 LTP test pass with 2.6 emulation. In reality 99%
of the cases are that CLONE_VM and CLONE_THREAD are both set so it
seemed to work.

Submitted by: rdivacky
2006-11-15 11:04:37 +00:00
Konstantin Belousov
0132096dfd In rev 1.188 of linux_misc.c the added check for valid options ommited
__WCLONE. This fixes it thus fixing skype/teamspeak to not keep zombies
after exit.

Submitted by: rdivacky
Reported by: Bakul Shah (bakul at bitblocks com)
2006-11-15 10:01:06 +00:00
Maxim Konovalov
9aab0d96da o Add uark(4), a driver for Arkmicro Technologies ARK3116 based serial
adapters.

Submitted by:	Alex Rodin
Obtained from:	OpenBSD
Reviewed by:	-usb
MFC after:	6 weeks
2006-11-15 09:13:25 +00:00
Kip Macy
827686013d Heavily re-factor tte_hash to remove redundant code
Add hash resizing support - doesn't quite work yet
2006-11-15 06:29:52 +00:00
Kip Macy
e5cedd89dc add trap trace to tl1 trap 2006-11-15 03:53:27 +00:00
Kip Macy
33719d6b50 add trap tracing to dev_mondo 2006-11-15 03:20:12 +00:00
Kip Macy
f30d482097 add trap tracing to cpu mondo handler and tsb miss handler 2006-11-15 03:16:30 +00:00
Rink Springer
597d4fe47d Added yet another extra fxp(4) PCI ID.
PR:		kern/104896
Submitted by:	Yoshihiko Sarumaru <mistral@imasy.or.jp>
Reviewed by:	imp (mentor), jfv
Approved by:	imp (mentor)
MFC after:	3 days
2006-11-14 18:54:31 +00:00
John Baldwin
60b9b19721 Fix a couple of comment typos.
Reported by:	ru
2006-11-14 17:54:55 +00:00
Doug Ambrisko
c2be47f25f - Add in FreeBSD native ioctl that models the Linux version.
- Add a translation so the Linux ioctl's don't conflict with
  the FreeBSD definition.
- Assume Linux 32bit emulation on amd64.
This was tested on i386 and amd64 with the 32bit Linux MegaCli.
Eventually we should do a 32bit native FreeBSD translation app.
2006-11-14 16:48:00 +00:00
Ruslan Ermilov
dfc67ec476 Unbreak pc98. 2006-11-14 14:28:09 +00:00
Joseph Koshy
55e1e0b08d Add `PN_XNUM', for supporting ELF objects with a large number of program
header table entries.
2006-11-14 12:10:39 +00:00
Pawel Jakub Dawidek
d842db2073 Use tabs instead of spaces. 2006-11-14 11:40:45 +00:00
Bjoern A. Zeeb
b1cbf7cf58 Correct a typo. 2006-11-14 11:16:34 +00:00
Matt Jacob
f7c631bcf0 Push things closer to path failover by implementing loop down and
gone device timers and zombie state entries. There are tunables
that can be used to select a number of parameters.

loop_down_limit - how long to wait for loop to come back up before
declaring
all devices dead (default 300 seconds)

gone_device_time- how long to wait for a device that has appeared
to leave the loop or fabric to reappear (default 30 seconds)

Internal tunables include (which should be externalized):

quick_boot_time- how long to wait when booting for loop to come up

change_is_bad- whether or not to accept devices with the same
WWNN/WWPN that reappear at a different PortID as being the 'same'
device.

Keen students of some of the subtle issues here will ask how
one can keep devices from being re-accepted at all (the answer
is to set a gone_device_time to zero- that effectively would
be the same thing).
2006-11-14 08:45:48 +00:00
Kip Macy
e855410696 Add Kris Kennaway to reflect his performance improvements to
the lock profiling code
2006-11-14 07:57:19 +00:00
David Xu
653385756c Fix a copy-paste bug in NON-KSE case. 2006-11-14 05:48:27 +00:00
John Baldwin
4184900911 MD support for PCI Message Signalled Interrupts on amd64 and i386:
- Add a new apic_alloc_vectors() method to the local APIC support code
  to allocate N contiguous IDT vectors (aligned on a M >= N boundary).
  This function is used to allocate IDT vectors for a group of MSI
  messages.
- Add MSI and MSI-X PICs.  The PIC code here provides methods to manage
  edge-triggered MSI messages as x86 interrupt sources.  In addition to
  the PIC methods, msi.c also includes methods to allocate and release
  MSI and MSI-X messages.  For x86, we allow for up to 128 different
  MSI IRQs starting at IRQ 256 (IRQs 0-15 are reserved for ISA IRQs,
  16-254 for APIC PCI IRQs, and IRQ 255 is reserved).
- Add pcib_(alloc|release)_msi[x]() methods to the MD x86 PCI bridge
  drivers to bubble the request up to the nexus driver.
- Add pcib_(alloc|release)_msi[x]() methods to the x86 nexus drivers that
  ask the MSI PIC code to allocate resources and IDT vectors.

MFC after:	2 months
2006-11-13 22:23:34 +00:00
John Baldwin
9bf4c9c1b0 First cut at MI support for PCI Message Signalled Interrupts (MSI):
- Add 3 new functions to the pci_if interface along with suitable wrappers
  to provide the device driver visible API:
  - pci_alloc_msi(dev, int *count) backed by PCI_ALLOC_MSI().  '*count'
    here is an in and out parameter.  The driver stores the desired number
    of messages in '*count' before calling the function.  On success,
    '*count' holds the number of messages allocated to the device.  Also on
    success, the driver can access the messages as SYS_RES_IRQ resources
    starting at rid 1.  Note that the legacy INTx interrupt resource will
    not be available when using MSI.  Note that this function will allocate
    either MSI or MSI-X messages depending on the devices capabilities and
    the 'hw.pci.enable_msix' and 'hw.pci.enable_msi' tunables.  Also note
    that the driver should activate the memory resource that holds the
    MSI-X table and pending bit array (PBA) before calling this function
    if the device supports MSI-X.
  - pci_release_msi(dev) backed by PCI_RELEASE_MSI().  This function
    releases the messages allocated for this device.  All of the
    SYS_RES_IRQ resources need to be released for this function to succeed.
  - pci_msi_count(dev) backed by PCI_MSI_COUNT().  This function returns
    the maximum number of MSI or MSI-X messages supported by this device.
    MSI-X is preferred if present, but this function will honor the
    'hw.pci.enable_msix' and 'hw.pci.enable_msi' tunables.  This function
    should return the largest value that pci_alloc_msi() can return
    (assuming the MD code is able to allocate sufficient backing resources
    for all of the messages).
- Add default implementations for these 3 methods to the pci_driver generic
  PCI bus driver.  (The various other PCI bus drivers such as for ACPI and
  OFW will inherit these default implementations.)  This default
  implementation depends on 4 new pcib_if methods that bubble up through
  the PCI bridges to the MD code to allocate IRQ values and perform any
  needed MD setup code needed:
  - PCIB_ALLOC_MSI() attempts to allocate a group of MSI messages.
  - PCIB_RELEASE_MSI() releases a group of MSI messages.
  - PCIB_ALLOC_MSIX() attempts to allocate a single MSI-X message.
  - PCIB_RELEASE_MSIX() releases a single MSI-X message.
- Add default implementations for these 4 methods that just pass the
  request up to the parent bus's parent bridge driver and use the
  default implementation in the various MI PCI bridge drivers.
- Add MI functions for use by MD code when managing MSI and MSI-X
  interrupts:
  - pci_enable_msi(dev, address, data) programs the MSI capability address
    and data registers for a group of MSI messages
  - pci_enable_msix(dev, index, address, data) initializes a single MSI-X
    message in the MSI-X table
  - pci_mask_msix(dev, index) masks a single MSI-X message
  - pci_unmask_msix(dev, index) unmasks a single MSI-X message
  - pci_pending_msix(dev, index) returns true if the specified MSI-X
    message is currently pending
- Save the MSI capability address and data registers in the pci_cfgreg
  block in a PCI devices ivars and restore the values when a device is
  resumed.  Note that the MSI-X table is not currently restored during
  resume.
- Add constants for MSI-X register offsets and fields.
- Record interesting data about any MSI-X capability blocks we come
  across in the pci_cfgreg block in the ivars for PCI devices.

Tested on:	em (i386, MSI), bce (amd64/i386, MSI), mpt (amd64, MSI-X)
Reviewed by:	scottl, grehan, jfv
MFC after:	2 months
2006-11-13 21:47:30 +00:00
John Baldwin
818b0b4bdf Various fixes:
- Remove an extra entry from the array for 0x0f prefixed instruction groups.
  This fixes decoding of instructions where the second opcode >= 0x80.
- Add support for the 64-bit immediate mov instructions.
- When short_addr is enabled, don't parse the modr/m byte for a 16-bit
  address, but as a 32-bit address.
- Support %rip relative addressing.
- Don't print a displacement of 0 if there is a base or index register.

MFC after:	3 days
2006-11-13 21:14:54 +00:00
Ruslan Ermilov
d77f5882e7 Fix NKPT comments to match reality. Note that the current value
of NKPT is no longer enough to run amd64 with 16G of RAM, as it
doesn't have space for mapping a kernel (16M kernel would require
additionally 8 page tables).
2006-11-13 20:33:54 +00:00
Bjoern A. Zeeb
89e7e7e32a Add SCTP as a known upper layer protocol over v6.
We are not yet aware of the protocol internals but this way
SCTP traffic over v6 will not be discarded.

Reported by: Peter Lei via rrs
Tested by:   Peter Lei <peterlei cisco.com>
2006-11-13 19:07:32 +00:00
Ruslan Ermilov
26af9ac7d0 Fix a comment. 2006-11-13 06:26:57 +00:00
Kip Macy
2f6a774be4 change vop_lock handling to allowing tracking of callers' file and line for
acquisition of lockmgr locks

Approved by: scottl (standing in for mentor rwatson)
2006-11-13 05:51:22 +00:00
Kip Macy
61bd5e21b3 track lock class name in a way that doesn't break WITNESS 2006-11-13 05:41:46 +00:00
Christian S.J. Peron
430e6e77f0 Enable syscall auditing for sun4v the arch by implementing the
AUDIT_SYSCALL_ENTER/EXIT macros.

Discussed with:	kmacy
2006-11-13 04:38:57 +00:00
Kip Macy
f719846d36 Add time-of-day support to sun4v 2006-11-13 01:02:18 +00:00
Alan Cox
0f3b612a06 There is no point in setting PG_REFERENCED on kmem_object pages because
they are "unmanaged", i.e., non-pageable, pages.

Remove a stale comment.
2006-11-13 00:27:02 +00:00
Kip Macy
44a96b46bd Unbreak witness 2006-11-12 23:23:38 +00:00
Ceri Davies
a0cf75fb60 Correct typos in comments. 2006-11-12 23:16:31 +00:00
Alan Cox
44b8bd66f9 Make pmap_enter() responsible for setting PG_WRITEABLE instead
of its caller.  (As a beneficial side-effect, a high-contention
acquisition of the page queues lock in vm_fault() is eliminated.)
2006-11-12 21:48:34 +00:00
Andre Oppermann
3e932ca715 In kern_sendfile() fix the calculation of sbytes (the total number of bytes
written to the socket).  The rewrite in revision 1.240 got confused by the
FreeBSD 4.x bug compatibility code.

For some reason lighttpd, that was used for testing the new sendfile code,
was not affected by the problem but apache and others using headers/trailers
in the sendfile call received incorrect sbytes values after return from non-
blocking sockets.  This then lead to restarts with wrong offsets and thus
mixed up file contents when the socket was writeable again.  All programs
not using headers/trailers, like ftpd, were not affected by the bug.

Reported by:	Pawel Worach <pawel.worach-at-gmail.com>
Tested by:	Pawel Worach <pawel.worach-at-gmail.com>
2006-11-12 20:57:00 +00:00
David Xu
60d4823594 Copy base user priority in NO_KSE case. 2006-11-12 11:48:37 +00:00
Kip Macy
c975898ccb GRRRRR - missed this in the last commit 2006-11-12 05:16:28 +00:00
Tom Rhodes
bedc1c9c96 Fix mispatch of includes list; allows my kernel to build successfully. 2006-11-12 03:34:03 +00:00
Kip Macy
54e57f7613 show lock class in profiling output for default case where type is not specified when initializing the lock
Approved by: scottl (standing in for mentor rwatson)
2006-11-12 03:30:01 +00:00
David Xu
812fb4a89f Use mi_switch, this should fix loadavg calculation problem in NO_KSE case. 2006-11-12 03:18:22 +00:00
Kip Macy
9d6220e622 Support up to 4 nucleus mappings to workaround issue hit by jb@ when booted
off of CD
2006-11-12 01:21:15 +00:00
Florent Thoumie
a47ca15be9 Fix USB printer Xerox WorkCentre M15 adding a quirk to bypass
reported bidirectional functionality.

PR:		usb/104704
Submitted by:	Eygene <rea-fbsd@codelabs.ru>
X-MFC after:	6.2-RELEASE
2006-11-11 23:53:25 +00:00
Ruslan Ermilov
cf31ff2692 More MUTEX_PROFILING -> LOCK_PROFILING. 2006-11-11 23:37:52 +00:00
Randall Stewart
7f34832b95 In a true restart case, the send_lock was
not being aquired. This meant that when we cleanup
the outbound we may have one in transit to be
added with the old sequence number. This is bad
since then we loose a message :(

Also the report_outbound needed to have the right
lock when its called which it did not.. I added
the lock with of course a flag since we want to
have the lock before we call it in the restart
case.

This also fixed the FIX ME case where, in the cookie
collision case, we mark for retransmit any that
were bundled with the cookie that was dropped.
This also means changes to the output routine
so we can assure getting the COOKIE-ACK sent
BEFORE we retransmit the Data.

Approved by:	gnn
2006-11-11 22:44:12 +00:00
Ruslan Ermilov
564739a2ef Regen (cosmetics in sys/sysproto.h). 2006-11-11 22:01:25 +00:00
Ruslan Ermilov
9f70620442 Regen.
Forgotten by:	trhodes
2006-11-11 21:49:08 +00:00
Alan Cox
cc0d48ffb6 Eliminate unused global variables. 2006-11-11 20:57:52 +00:00
Joseph Koshy
3eb1a62e69 MFP4: Add an implementation of the ELF(3) and GELF(3) API set.
Bump __FreeBSD_version.

Reviewed by:	jb
2006-11-11 17:16:35 +00:00
Tom Rhodes
5416cda829 Re-enable module build for POSIX semaphores.
Update the manual page describe loading the sem module.

Approved by:	silence on -arch and -standards
2006-11-11 16:49:29 +00:00
Tom Rhodes
c4f7f0fd4a Update includes for sys/posix4 move.
Approved by:	silence on -arch and -standards
2006-11-11 16:46:31 +00:00
Tom Rhodes
5d02334f97 These files have been repo-copied to the "normal" kernel hierarchy. 2006-11-11 16:29:38 +00:00
Tom Rhodes
1877aa1aa7 Merge sys/posix4/sched.h into sys/sched.h.
Approved by:	silence on -arch and -standards
2006-11-11 16:27:52 +00:00
Tom Rhodes
6aeb05d7be Merge posix4/* into normal kernel hierarchy.
Reviewed by:	glanced at by jhb
Approved by:	silence on -arch@ and -standards@
2006-11-11 16:26:58 +00:00
Tom Rhodes
bdd04ab184 Update #includes list. 2006-11-11 16:19:12 +00:00
Randall Stewart
6a91f103b6 Turns out we would reset the TSN seq counter during
a colliding INIT. This if fine except when we have
data outstanding... we basically reset it to the
previous value it was.. so then we end up assigning
the same TSN to two different data chunks.
This patch:

1) Finds a missing lock for when we change the stream
   numbers during COOKIE and INIT-ACK processing.. we
   were NOT locking the send_buffer.. which COULD cause
   problems (found by inspection looking for <2>)

2) Fixes a case during a colliding INIT where we incorrectly
   reset the sending Sequence thus in some cases duplicately
   assigning a TSN.

3) Additional enhancments to logging so we can see strm/tsn in
   the receiver AND new tracking to watch what the sender
   is doing with TSN and STRM seq's.

Approved by:	gnn
2006-11-11 15:59:01 +00:00
Hajimu UMEMOTO
9f3b75b7b4 Teach an IPv6 to ppp(4).
Obtained from:	NetBSD
MFC after:	1 week
2006-11-11 15:02:04 +00:00
David Xu
d8efa3cc8c define UMUTEX_CONTESTED as an unsigned integer. 2006-11-11 14:00:39 +00:00
David Xu
5a21514727 Unbreak userland priority inheriting in NO_KSE case. 2006-11-11 13:11:29 +00:00
Kip Macy
b10430af6b fix messup in last fix 2006-11-11 07:52:38 +00:00
Kip Macy
ed6a7c42f6 tinderbox fix 2006-11-11 07:38:48 +00:00
Kip Macy
ed002394a6 declare nanoseconds for other architectures 2006-11-11 07:35:54 +00:00
Kip Macy
cf2c39e7a2 remove lingering call to rd(tick) 2006-11-11 07:28:45 +00:00
Kip Macy
83b72e3e25 missed nits replacing mutex with lock 2006-11-11 06:28:47 +00:00
Kip Macy
07dba9373e fix tinderbox 2006-11-11 05:35:39 +00:00
Kip Macy
7c0435b933 MUTEX_PROFILING has been generalized to LOCK_PROFILING. We now profile
wait (time waited to acquire) and hold times for *all* kernel locks. If
the architecture has a system synchronized TSC, the profiling code will
use that - thereby minimizing profiling overhead. Large chunks of profiling
code have been moved out of line, the overhead measured on the T1 for when
it is compiled in but not enabled is < 1%.

Approved by: scottl (standing in for mentor rwatson)
Reviewed by: des and jhb
2006-11-11 03:18:07 +00:00
Ed Maste
6d6da6898a Clarify the error message when trying to build an ACPI module on amd64
or ia64.

The old message implied to me that ACPI can't be compiled in on platforms
other than amd64 and ia64.  The amd64@ mailing list archive has messages
from users with the same confusion.

Approved by:	scottl
2006-11-10 20:06:03 +00:00
Randall Stewart
de0e935b29 This patch fixes a LOR that happens during INIT-ACK collision.
We were calling select_a_tag() inside sctp_send_initate_ack().
During collision cases we have a stcb and thus a SCTP_LOCK. When
we call select_a_tag it (below it) locks the INFO lock. We now
1) pre-select the nonce-tie-tags in sctputil.c during setup of
   a tcb.
2) In the other case where we have to select tags, we unlock after
   incr the ref cnt (so assoc won't go away0 and then do the
   tag selection followed by a relock and decr the refcnt.
Approved by:	gnn
2006-11-10 13:34:55 +00:00
Andrew Thompson
c25789cc22 MFp4
- Each stp port is added sequentially so it was possible for our bridgeid to
   change every time because the new port has a lower MAC address.  Instead
   just find the lowest MAC address from all Ethernet adapters in the machine
   as the value only needs to be unique, this stops a lot of churn on the
   protocol.
 - Update the states after enabling or disabling a port.
 - Keep tabs if we have been stopped or started by our parent bridge.
 - The callout only needs to be drained before destroying the mutex, move it to
   bstp_detach.
2006-11-09 22:50:49 +00:00
John-Mark Gurney
ee03a332df fix hanging on invalid data... (This doesn't fix hanging due to broken
hardware)...

Tested by:	Ian Dowse, Adam K Kirchhoff and Vladimir Kushnir
2006-11-09 21:05:32 +00:00
Randall Stewart
08598d7067 Fixes an issue with handling of stream reset. When a
reset comes in we need to calculate the length and
therefore the number of listed streams (if any) based
on the TLV type. Otherwise if we get a retran we could
in theory panic by sending a notification to a user with
a incorrect list and thus no memory listing the streams.
Found in IOS by devtest :-)
Approved by:	gnn
2006-11-09 21:01:07 +00:00
Warner Losh
f31202e5dd MFp4: boot2 should now build 2006-11-09 20:45:22 +00:00
Warner Losh
338cfe36cf MFp4: boot on KB9202 correctly. Also, reduce the size of the SD/MMC driver
somewhat.
2006-11-09 20:32:36 +00:00
Warner Losh
ee9a71cdf5 MFp4: Support KB9202 booting better 2006-11-09 20:23:51 +00:00
Warner Losh
9b1ab45dc1 Fix typo 2006-11-09 20:08:46 +00:00
Warner Losh
e2a7a4c11c MFp4: Make boot2 work on Kwikbyte KB9202 boards. 2006-11-09 20:07:26 +00:00
Warner Losh
c2c2926f9e MFp4: Merge a slightly more generic build infrastructure. 2006-11-09 19:58:14 +00:00
Warner Losh
728ba3929d MFp4: Remove bogus \r 2006-11-09 19:55:25 +00:00
John Baldwin
2604383634 Don't try to print a NULL string during boot. If a device doesn't have a
valid name yet, just omit the name during the bootverbose printfs.

MFC after:	1 week
2006-11-09 18:04:53 +00:00
John Baldwin
fdaac72fcd Don't dump the $PIR table under bootverbose. The pirtool program in
src/tools/tools works fine, and dumping this table can add a lot of noise.

MFC after:	1 week
2006-11-09 18:03:36 +00:00
John Baldwin
67b712deec Reformat the bootverbose messages that dump out the status of pci_link
devices during attach to be more compact.

MFC after:	1 week
2006-11-09 18:01:20 +00:00
Gleb Smirnoff
c1a9c63621 Instead of using the legacy if_timer/if_watchdog interface create
our own watchdog that piggybacks on the em_local_timer() routine.

We suppose that the if_timer/if_watchdog interface should be
obsoleted, since it doesn't fit the modern SMP network stack.
NIC drivers should create their own watchdogs, that check and
clear the timers always holding driver's lock.

In collaboration with:	jfv, scottl
2006-11-09 16:00:18 +00:00
John Birrell
8328fa1871 Enable ata and atapicd now those work on sun4v. 2006-11-09 08:49:13 +00:00
Yoshihiro Takahashi
9c412a61a0 Add a stub of bios_addsmapdata(). PC98 does not have BIOS SMAP. 2006-11-09 08:28:02 +00:00
Yoshihiro Takahashi
0765091d0e MFi386: revisions from 1.39 to 1.43. 2006-11-09 08:05:51 +00:00
Yoshihiro Takahashi
14a2c27d00 MFi386: revisions 1.634 and 1.639. 2006-11-09 08:03:37 +00:00
Andrew Thompson
3df7fad0cf Add a new address cache type called sticky. On an interface marked sticky any
address learned by the bridge is made permanent, the address will not age out
and most importantly will not migrate to another interface.

This can be used to stop mac address poisoning or clients roaming in much the
same way as static entries without the hassle of preloading the table.
2006-11-09 06:32:38 +00:00
Kevin Lo
afe898bca2 Remove unused structures.
Reviewed by: cognet and imp
Approved by: cognet and imp
2006-11-09 02:19:30 +00:00
Kip Macy
42013c462c move panic_bad_hcall to its use site in support.S in attempt to un-break the
tinderbox
2006-11-08 22:16:05 +00:00
Kip Macy
dc4468ed17 Fix for ithread interrupt handling. Don't reset the interrupt vector until
after the interrupt has been handled. Also move panic_bad_hcall to local to
avoid complaints from the linker on the tinderbox.

Approved by: scottl (substituting for mentor rwatson)
2006-11-08 22:09:58 +00:00
Ruslan Ermilov
13039ada97 The NETSMBCRYPTO option has long gone. 2006-11-08 21:45:45 +00:00
Sam Leffler
4c2511374b add missing bits for crypto support
MFC after:	1 week
2006-11-08 20:51:01 +00:00
Alan Cox
49c3b92531 I misplaced the assertion that was added to vm_page_startup() in the
previous change.  Correct its placement.
2006-11-08 19:11:54 +00:00
Alan Cox
9ad3296a25 Simplify the construction of the free queues in vm_page_startup(). Add
an assertion to test a hypothesis concerning other redundant computation
in vm_page_startup().
2006-11-08 18:43:47 +00:00
Maxim Konovalov
f645b5da88 o Fix a couple of obvious typos. 2006-11-08 09:09:07 +00:00
Alan Cox
e288d71672 MFamd64/ia64/i386/sun4v
Use cnt.v_page_count, the actual count of available physical pages,
  instead of vm_page_array_size to compute the maximum number of pv
  entries.
2006-11-08 06:31:28 +00:00
Alan Cox
815bc69fb0 Ensure that the page's oflags field is initialized by contigmalloc(). 2006-11-08 06:23:29 +00:00
Olivier Houchard
c162ce855c Increate cnt.v_intr on interrupt. 2006-11-08 01:32:24 +00:00
Randall Stewart
03b0b02163 -Fixes first of all the getcred on IPv6 and V4. The
copy's were incorrect and so was the locking.
-A bug was also found that would create a race and
 panic when an abort arrived on a socket being read
 from.
-Also fix the reader to get MSG_TRUNC when a partial
 delivery is aborted.
-Also addresses a couple of coverity caught error path
 memory leaks and a couple of other valid complaints
Approved by:	gnn
2006-11-08 00:21:13 +00:00
Matt Jacob
0a480cf034 XPT_GET_TRAN_SETTINGS can fail- so check for an error and
don't blindly assume it succeeded.
2006-11-07 23:06:00 +00:00
Olivier Houchard
676b1fbdbf Identify the xscale 81342. 2006-11-07 22:36:57 +00:00
Olivier Houchard
08b91759f3 In the ARM_USE_SMALL_ALLOC case, vm_page_t may have an address < KERNBASE,
so adjust the KASSERT to reflect this.
2006-11-07 22:35:30 +00:00
Ruslan Ermilov
7eae4829bf Spelling. 2006-11-07 21:57:18 +00:00
Ruslan Ermilov
81490cbe6f Line up memory amount reporting that got broken when s/real/usable/. 2006-11-07 21:55:39 +00:00
Andre Oppermann
62b36a7fc2 Style cleanups to the sctp_* syscall functions. 2006-11-07 21:28:12 +00:00
Joe Marcus Clarke
1bc3d4c1d1 Fix TFTP NAT support by making sure the appropriate fingerprinting checks
are done.

Reviewed by:	piso
2006-11-07 21:06:48 +00:00
John Baldwin
6b8de13ab4 Simplify operations with sync_mtx in sched_sync():
- Don't drop the lock just to reacquire it again to check rushjob, this
  only wastes time.
- Use msleep() to drop the mutex while sleeping instead of explicitly
  unlocking around tsleep.

Reviewed by:	pjd
2006-11-07 19:45:05 +00:00
Marius Strobl
2d58d44651 - Don't bother to include IDs of PCnet chips which are not supported
by this driver and largely are not even PCI devices in pcn_chipid.
- Use device_printf(9)/if_printf(9) rather than implementing their
  functionality with printf(9).
- Sprinkle some const.
2006-11-07 19:44:41 +00:00
John Baldwin
8064e5d71f Fix comment typo and function declaration. 2006-11-07 19:07:33 +00:00
John Baldwin
fa6f748fe3 Fix some edge cases in detach (including attach failures):
- Only call iwi_stop() if we got far enough along in iwi_attach() to
  alloc an ifnet.
- Release the firmware after stopping the interface and detaching the
  ifnet.

MFC after:	1 month
Reviewed by:	sam
2006-11-07 19:03:42 +00:00
John Baldwin
fe754f8f07 Remove extra forward declare of 'struct sem'.
Requested by:	bde
2006-11-07 18:56:48 +00:00
John Baldwin
d65926888d Various whitespace cleanups. 2006-11-07 18:55:51 +00:00
John Baldwin
6ddd7e6a5a Add a new 'union l_sigval' to use in place of 'union sigval' in the
linux siginfo structure.  l_sigval uses a l_uintptr_t for sival_ptr so
that sival_ptr is the right size for linux32 on amd64.  Since no code
currently uses 'lsi_ptr' this is just a cosmetic nit rather than a bug
fix.
2006-11-07 18:53:49 +00:00
John Baldwin
203886d93c Remove old XXX comment about possibly adding a print_Intel_info() function
to dump CPUID level=2 stuff.  A print_INTEL_info() function that does just
that was added a while ago.
2006-11-07 18:48:18 +00:00
John Baldwin
3900a3be21 Remove duplicate IDTVEC macro definition, it's already defined in
<machine/intr_machdep.h>.
2006-11-07 18:46:33 +00:00
Sam Leffler
83cc6b9ad2 honor nolockd flag in root mount options
MFC after:	2 weeks
2006-11-07 18:02:45 +00:00
Olivier Houchard
2c7b82c9dd Add atomic_cmpset_acq_32. 2006-11-07 11:53:44 +00:00
Robert Watson
46ee43b2ca Add priv.h include required to build FAST_IPSEC, which is not present in
LINT due to a conflict with KAME IPSEC.

Submitted by:	Pawel Worach <pawel dot worach at gmail dot com>
2006-11-07 08:58:06 +00:00
Matt Jacob
c144ae3e58 Fix the hanging chad if the NEW_TRAN_CODE change and change the
qualifier to force async from cur_spi to spi.
2006-11-07 05:51:40 +00:00
Tor Egge
40dee3da29 Don't drop reference to tty in tty_close() if TS_ISOPEN is already cleared.
Reviewed by:	bde
2006-11-06 22:12:43 +00:00
Andre Oppermann
bda8b1f3b8 Handle early errors in kern_sendfile() by introducing a new goto 'out'
label after the sbunlock() part.

This correctly handles calls to sendfile(2) without valid parameters
that was broken in rev. 1.240.

Coverity error:	272162
2006-11-06 21:53:19 +00:00
Ruslan Ermilov
4f32adad48 Sometimes the vty switching has to be delayed; the vty
to be switched to is saved in sc->delayed_next_scr and
the actual switch is performed later.  It was possible
to get into the endless loop when attempting to switch
to a closed vty (which is not allowed and beep-alerted
when attempted) and when the visual beep was in effect.
This caused sc->delayed_next_scr to never be reset and
endless attempts to switch to a closed vty and endless
visual beeping.  How to repeat:

- boot into single-user
- run "kbdcontrol -b visual"
- quickly press Alt+F2 two times

PR:		kern/68016
X-MFC after:	6.2-RELEASE
2006-11-06 19:06:07 +00:00
Robert Watson
43593547a3 Add missing includes of priv.h. 2006-11-06 17:43:10 +00:00
Robert Watson
b96fbb37da Convert three new suser(9) calls introduced between when the priv(9)
patch was prepared and committed to priv(9) calls.  Add XXX comments
as, in each case, the semantics appear to differ from the TCP/UDP
versions of the calls with respect to jail, and because cr_canseecred()
is not used to validate the query.

Obtained from:	TrustedBSD Project
2006-11-06 14:54:06 +00:00
Randall Stewart
f4ad963c9f This changes tracks down the EEOR->NonEEOR mode failure
to wakeup on close of the sender. It basically moves
the return (when the asoc has a reader/writer) further
down and gets the wakeup and assoc appending (of the
PD-API event) moved up before the return.  It also
moves the flag set right before the return so we can
assure only once adding the PD-API events.

Approved by:	gnn
2006-11-06 14:34:21 +00:00
Robert Watson
403b781e2d Add stub entry point implementations of mpo_priv_check and mpo_priv_grant to
the mac_stub policy.

Obtained from:	TrustedBSD Project
2006-11-06 13:45:45 +00:00
Robert Watson
acd3428b7d Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges.  These may
require some future tweaking.

Sponsored by:           nCircle Network Security, Inc.
Obtained from:          TrustedBSD Project
Discussed on:           arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
                        Alex Lyashkov <umka at sevcity dot net>,
                        Skip Ford <skip dot ford at verizon dot net>,
                        Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:42:10 +00:00
Robert Watson
800c940832 Add a new priv(9) kernel interface for checking the availability of
privilege for threads and credentials.  Unlike the existing suser(9)
interface, priv(9) exposes a named privilege identifier to the privilege
checking code, allowing more complex policies regarding the granting of
privilege to be expressed.  Two interfaces are provided, replacing the
existing suser(9) interface:

suser(td)                 ->   priv_check(td, priv)
suser_cred(cred, flags)   ->   priv_check_cred(cred, priv, flags)

A comprehensive list of currently available kernel privileges may be
found in priv.h.  New privileges are easily added as required, but the
comments on adding privileges found in priv.h and priv(9) should be read
before doing so.

The new privilege interface exposed sufficient information to the
privilege checking routine that it will now be possible for jail to
determine whether a particular privilege is granted in the check routine,
rather than relying on hints from the calling context via the
SUSER_ALLOWJAIL flag.  For now, the flag is maintained, but a new jail
check function, prison_priv_check(), is exposed from kern_jail.c and used
by the privilege check routine to determine if the privilege is permitted
in jail.  As a result, a centralized list of privileges permitted in jail
is now present in kern_jail.c.

The MAC Framework is now also able to instrument privilege checks, both
to deny privileges otherwise granted (mac_priv_check()), and to grant
privileges otherwise denied (mac_priv_grant()), permitting MAC Policy
modules to implement privilege models, as well as control a much broader
range of system behavior in order to constrain processes running with
root privilege.

The suser() and suser_cred() functions remain implemented, now in terms
of priv_check() and the PRIV_ROOT privilege, for use during the transition
and possibly continuing use by third party kernel modules that have not
been updated.  The PRIV_DRIVER privilege exists to allow device drivers to
check privilege without adopting a more specific privilege identifier.

This change does not modify the actual security policy, rather, it
modifies the interface for privilege checks so changes to the security
policy become more feasible.

Sponsored by:		nCircle Network Security, Inc.
Obtained from:		TrustedBSD Project
Discussed on:		arch@
Reviewed (at least in part) by:	mlaier, jmg, pjd, bde, ceri,
			Alex Lyashkov <umka at sevcity dot net>,
			Skip Ford <skip dot ford at verizon dot net>,
			Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:37:19 +00:00
Rink Springer
42a4336a90 Added PCI ID's for:
- 0x1065: Intel 82562ET/EZ/GT/GZ PRO/100 VE Ethernet [1], as found on
  Tyan GS14 barebones.
- 0x1094: Intel Pro/100 946GZ (ICH7) Network Connection [2], as found on
  Intel 946GZis motherboards.

[1] Submitted by:	myself
[2] Submitted by:	Mike Tancsa <mike@sentex.net>
Reviewed by:		imp (mentor), jfv
Approved by:		imp (mentor)
MFC after:		3 days
2006-11-06 12:19:43 +00:00
Takanori Watanabe
7687221959 Prevent freeing wild pointer when bailing out. 2006-11-06 12:14:27 +00:00
Konstantin Belousov
a0396f2797 Set up the context for the dbbe_trace callback in the ddb. Otherwise,
trap caused by backtracing would lead to panic.

Noted and reviewed by:	bde
2006-11-06 11:10:57 +00:00
Christian S.J. Peron
130b146814 Change the type of ar_arg_sockaddr from struct sockaddr to struct
sockaddr_storage.  This structure is defined in RFC 2553 and is a more
semantically correct structure for holding IP and IP6 sockaddr information.
struct sockaddr is not big enough to hold all the required information for
IP6, resulting in truncated addresses et al when auditing IP6 sockaddr
information.

We also need to assume that the sa->sa_len has been validated before the call to
audit_arg_sockaddr() is made, otherwise it could result in a buffer overflow.
This is being done to accommodate auditing of network related arguments (like
connect, bind et al) that will be added soon.

Discussed with:	rwatson
Obtained from:	TrustedBSD Project
MFC after:	2 weeks
2006-11-06 00:15:44 +00:00
Marcel Moolenaar
0463b4a2fb Major rework of the ia64 loaders. The two primary objectives are:
1. Make libefi portable by removing ia64 specific code and build
   it on i386 and amd64 by default to prevent regressions. These
   changes include fixes and improvements over previous code to
   establish or improve APIs where none existed or when the amount
   of kluging was unacceptably high.
2. Increase the amount of sharing between the efi and ski loaders
   to improve maintainability of the loaders and simplify making
   changes to the loader-kernel handshaking in the future.

The version of the efi and ski loaders are now both changed to 1.2
as user visible improvements and changes have been made.
2006-11-05 22:03:04 +00:00
Christian S.J. Peron
67be76c039 Fix possible leak when bridge is in monitor mode. Use m_freem() which will
free the entire chain, instead of using m_free() which will free just the
mbuf that was passed.

Discussed with:	thompsa
MFC after:	3 days
2006-11-05 17:56:25 +00:00
Ruslan Ermilov
9274ba8a1f Revert previous commit, and instead make the expression in rev. 1.2
match the style of this file.

OK'ed by:	rrs
2006-11-05 14:36:59 +00:00
Randall Stewart
50cec91936 Tons of fixes to get all the 64bit issues removed.
This also moves two 16 bit int's to become 32 bit
values so we do not have to use atomic_add_16.
Most of the changes are %p, casts and other various
nasty's that were in the orignal code base. With this
commit my machine will now do a build universe.. however
I as yet have not tested on a 64bit machine .. it may not work :-(
2006-11-05 13:25:18 +00:00
Boris Popov
fb8e9ead37 Create a bidirectional mapping of the DOS 'read only' attribute
to the 'w' flag.

PR:		kern/77958
Submitted by:	ghozzy gmail com
MFC after:	1 month
2006-11-05 06:38:42 +00:00
Boris Popov
834340ae9a It seems to be safe to ignore 'file not locked' error
from server.  This effectively suppresses 'Unmapped error 1:158'.

MFC after:	1 month
2006-11-05 06:31:08 +00:00
Pawel Jakub Dawidek
a2ca03b3ad Typo, 'from' vnode is locked here, not 'to' vnode. 2006-11-04 23:57:02 +00:00