o Add jexec(8) to execute a command in an existing jail.
o Add -j option for killall(1) to kill all processes in a specified
jail.
o Add -i option to jail(8) to output jail ID of newly created jail.
by allprison_mtx), a unique prison/jail identifier field, two path
fields (pr_path for reporting and pr_root vnode instance) to store
the chroot() point of each jail.
o Add jail_attach(2) to allow a process to bind to an existing jail.
o Add change_root() to perform the chroot operation on a specified
vnode.
o Generalize change_dir() to accept a vnode, and move namei() calls
to callers of change_dir().
o Add a new sysctl (security.jail.list) which is a group of
struct xprison instances that represent a snapshot of active jails.
Reviewed by: rwatson, tjr
- Don't bother setting OACTIVE when the descriptors are all full
or there's a vr_encap failure, it doesn't help anything.
- Correctly roll back on the descriptor list after a failure
so as not to corrupt the list.
- Add a missing VR_UNLOCK().
Without these changes, vr_encap failure (which is assured during
a low mbuf situation) would result in the card locking until
the watchdog could fire.
MFC after: 1 week
- Bump shared library version on libusbhid.
- Retire libusbhid.h; it is called usbhid.h now.
- hid_start_parse() takes a third argument.
- hid_locate() takes a fifth argument.
- hid_report_size() order of arguments changes.
- Other changes, including formatting and whitespace.
Bump __FreeBSD_version.
This change will break all third party applications that rely on previous
FreeBSD specific behavior.
Boost sample rate to 1.25 MSPS since that allows us to use a 5Mhz
(/4) or 10Mhz (/8) external clock.
Make the interrupt both MPSAFE and FAST, at 610 interrupts a second,
and a max time to service of 5 msec, we brake for nobody.
Use kernel thread to accumulate into the 25 possible wave signals.
Use #ifdef _KERNEL to let .c file double as .h file defining the ioctls.
proper way to fix this. The way this works is to prepend "exec " to
the editor command to eliminate the "shell in the middle" which prevents
us from properly reawakening the editor after a SIGTSTP.
PR: bin/50679
- if operating "as them" (su -l), use pam_{open,close}_session()
- allow PAM to override $HOME (pam_chroot needs this)
- chdir early, because later on we may be chrooted and chdir will fail
Also use pid_t instead of int where applicable.
of the entries have a description, we'll use that to override the
description that the pccard layer generates for us.
This saves about 930 bytes in the module, so I feel it won't hurt the
crowded boot disks....
# other modules to follow
of asserting that an mbuf has a packet header. Use it instead of hand-
rolled versions wherever applicable.
Submitted by: Hiten Pandya <hiten@unixdaemons.com>
o Only complain about detached children that aren't pccard/cardbus.
o Don't NULL out the pccarddev and cbdev devices. detach just
disassociates the device and driver. It doesn't delete the child.
o on driver added, just probe_and_attach the children. If there's
any children attached, wakeup the device add/delete thread.
o wakeup the add/delete thread with the correct cv_signal() rather
than the bogus wakeup(sc). It used to be that we did a tsleep on
sc in this thread, but switched to the more reliable cv stuff a while
ago w/o changing this.
o Remove bogus checks when reallocating memory for the registers. They
weren't needed and turned out to be completely bogus.
This lets me load/unload pccard with a pccard in a slot and have the
child correctly detach/attach. This should help people that have wi
in their kernel, but that kldload cbb and pccard, for example.
properly (likely due to mbuf exhaustion.) Previously, the driver
got somewhat wedged.
Also, remove the annoying messages printed every time xl_encap
couldn't allocate a mbuf; they served no useful purpose, and just made
an mbuf exhaustion situation more annoying.
MFC after: 1 week
mechanism, and then excludes device drivers which have not been tested or
are known to not work with more than 4G of ram.
Sponsored by: DARPA, Network Associates Laboratories
This is an optional feature, disabled by default.
This will be useful to people testing the various POSIX threading
libraries under -CURRENT but can easily serve other needs.
backend for bus_dmamap_load_mbuf and bus_dmamap_load_uio.
- Increaes MAX_BPAGES to 512. Less than this causes fxp to quickly runs out
of bounce pages.
- Add an argument to reserve_bounce_pages indicating wether this operation
should fail or be queued for later processing if we run out of memory.
The EINPROGRESS return value is not handled properly by consumers of
bus_dmamap_load_mbuf.
- If bounce buffers are required allocate minimum 1 bounce page at map
creation time. If maxsize was small previously this could get truncated
to 0 and the drivers would quickly run out of bounce pages.
- Fix a bug handling the return value of alloc_bounce_pages at map creation
time. It returns the number of pages allocated, not 0 on success.
- Use bus_addr_t for physical addresses to avoid truncation.
- Assert that the map is non-null and not the no bounce map in
add_bounce_pages.
Sponsored by: DARPA, Network Associates Laboratories
the top of the address space to be reclaimed. The problem is that with
the APTD gone the mapable kernel address space runs right to the end of
the 32 bit address space. As a max this is 0x100000000, which can't be
represented in 32 bits, so we have to use ptd entry n-1 and pte offset
n-1, instead of ptd entry n and pte offset 0. There's still 1 page we
can't use, but we gain just under 4 megs of kva (8 megs with PAE).
Sponsored by: DARPA, Network Associates Laboratories
Echo-Request and Echo-Reply packets may only be sent in the LCP
Opened state. Echo-Request and Echo-Reply packets received in any
state other than the LCP Opened state SHOULD be silently discarded.
PR: 45760
Submitted by: Eugene Grosbein
MFC after: 2 weeks