Commit Graph

144120 Commits

Author SHA1 Message Date
Maxim Konovalov
d65e5ff8d1 o Sort .Xr. 2009-01-12 07:45:03 +00:00
Xin LI
46714885b3 o Language improvements from OpenBSD;
o Use an ISC-style license as did by the author.

Obtained from:	OpenBSD
2009-01-12 06:10:48 +00:00
Xin LI
ba840c782f o ANSIfy.
o Use ISC style copyright as did by the author.

Obtained from:	OpenBSD
2009-01-12 06:09:34 +00:00
Xin LI
07580acce5 Fix typo.
Submitted by:	Ben Kaduk <minimarmot gmail com>
MFC after:	3 days
2009-01-12 03:33:48 +00:00
Nathan Whitehorn
48ed71b9e3 Some early Macintosh GPIO controllers don't provide reg properties for
interrupt-only GPIOs. Honor this, and allow interrupt attachment, but not
read/write access for such devices.

Reported by:	Niels Eliasen
2009-01-12 01:36:01 +00:00
Daniel Gerzo
7f220ecf72 - improve readability
Reviewed by:	trhodes, keramida
MFC after:	3 days
2009-01-11 22:36:45 +00:00
Tom Rhodes
7818cb2ab9 Quote the "u" as it's the name of the union, this may prevent
some confusion when reading the manual page.

PR:		117798
Discussed with:	keramida, brueffer
Recommended by:	phk
2009-01-11 21:59:42 +00:00
Robert Watson
a4bd134433 Vendor import of OpenBSM 1.1 alpha5, which incorporates the following
changes since the last imported OpenBSM release:

OpenBSM 1.1 alpha 5

- Stub libauditd(3) man page added.
- All BSM error number constants with BSM_ERRNO_.
- Interfaces to convert between local and BSM socket types and protocol
  families have been added: au_bsm_to_domain(3), au_bsm_to_socket_type(3),
  au_domain_to_bsm(3), and au_socket_type_to_bsm(3), along with definitions
  of constants in audit_domain.h and audit_socket_type.h.  This improves
  interoperability by converting local constant spaces, which vary by OS, to
  and from Solaris constants (where available) or OpenBSM constants for
  protocol domains not present in Solaris (a fair number).  These routines
  should be used when generating and interpreting extended socket tokens.
- Fix build warnings with full gcc warnings enabled on most supported
  platforms.
- Don't compile error strings into bsm_errno.c when building it in the kernel
  environment.
- When started by launchd, use the label com.apple.auditd rather than
  org.trustedbsd.auditd.

Obtained from:    TrustedBSD Project
Sponsored by:     Apple Inc.
2009-01-11 21:24:07 +00:00
Robert Watson
87e0451806 Since we allow conditional allocation of labels on syncache entries,
remove historic assertion that labels are always present.
2009-01-11 20:01:43 +00:00
Andrew Thompson
304764936f Remove unneeded includes. 2009-01-11 19:41:38 +00:00
Sam Leffler
8d092df91a add missing return that broke WPA1+2 support
Submitted by:	"Jared Go" <jared@hobnob.com>
2009-01-11 18:59:14 +00:00
Bjoern A. Zeeb
0bd0dfaad0 Add a short section talking about jails and file systems; mention the
mountand jail-aware file systems as well as quota.

PR:		kern/68192
Reviewed by:	simon
MFC after:	2 weeks
2009-01-11 18:40:56 +00:00
Edward Tomasz Napierala
f99f675d5a Fix msdosfs_print(), which in turn fixes "show lockedvnods" for msdosfs
vnodes.

Reviewed by:	kib
Approved by:	rwatson (mentor)
Sponsored by:	FreeBSD Foundation
2009-01-11 17:11:01 +00:00
Chin-San Huang
1ce9d649ec Use full name (noticed by: ru@ 2009-01-11 13:56:55 +00:00
Edward Tomasz Napierala
38153e80f7 Prevent a panic that happens on SMP machines when removing a disk with
many writes queued up.

Reviewed by:	phk, scottl
Approved by:	rwatson (mentor)
Sponsored by:	FreeBSD Foundation
2009-01-11 13:51:04 +00:00
Alexander Motin
56035520b7 Fix unwanted crosschannel mixing, possible on some codecs like
VIA VT1708B and Realtek ALC268.
2009-01-11 12:04:18 +00:00
Maxim Konovalov
94a6c9f8ed o Tweak comments a bit. 2009-01-11 11:36:00 +00:00
Robert Watson
3dc85f8d63 Do invoke mac_ifnet_check_transmit() and mac_ifnet_create_mbuf()
in the loopback and synthetic loopback code so that packets are
access control checked and relabeled.  Previously, the MAC
Framework enforced that packets sent over the loopback weren't
relabeled, but this will allow policies to make explicit choices
about how and whether to relabel packets on the loopback.  Also,
for SIMPLEX devices, this produces more consistent behavior for
looped back packets to the local MAC address by labeling those
packets as coming from the interface.

Discussed with:	csjp
Obtained from:	TrustedBSD Project
2009-01-10 23:50:23 +00:00
Ruslan Ermilov
82d383bc96 Fix usage() with SYNOPSIS. 2009-01-10 22:49:02 +00:00
Ruslan Ermilov
8bee8d8961 Fix markup and spelling. 2009-01-10 22:48:12 +00:00
Alexander Motin
530a1aa636 OSS tools expect EINVAL for unsupported ioctls, but not ENXIO. 2009-01-10 21:38:37 +00:00
David E. O'Brien
a86de99566 Explicitly check each mount argv building assignment for buffer over flowing.
Reviewed by:	imp (earlier version of patch)
2009-01-10 20:54:47 +00:00
Alexander Motin
609c69b731 Make devnode include full device path.
This makes OSSv4 osstest tool work.
2009-01-10 20:49:15 +00:00
Alexander Motin
ccaaa74562 Remove debug slipped with the previous commit. 2009-01-10 19:01:29 +00:00
Alexander Motin
52f6e09e09 Import some new constants and structures fields from OSSv4.
Implement some OSSv4 ioctls to make ossinfo tool work and print
something reasonable.
2009-01-10 18:19:22 +00:00
Edward Tomasz Napierala
5f3fed855c Don't call destroy_dev(9) with a mutex held. While here, shuffle
things around so the periph destructors look alike.  Based on a patch
by Jaakko Heinonen.

Submitted by:	Jaakko Heinonen
Reviewed by:	scottl
Approved by:	rwatson (mentor)
Sponsored by:	FreeBSD Foundation
2009-01-10 17:22:49 +00:00
Edward Tomasz Napierala
a9ebb31183 Add the possibility to specify "-o force" with "mdconfig -du".
Reviewed by:	scottl
Approved by:	rwatson (mentor)
Sponsored by:	FreeBSD Foundation
2009-01-10 17:17:18 +00:00
Konstantin Belousov
4c72a09f02 Correct description for the Marvell 88SE6101.
Submitted by:	Andriy Gapon <avg icyb net ua>
MFC after:	3 days
2009-01-10 16:24:58 +00:00
Alexander Motin
7f7de27152 Add one more bunch of controller and codec IDs. 2009-01-10 14:14:00 +00:00
Tom Rhodes
514262dd44 A bit of rewording for clarity, taken from OpenBSD.
Submitted by:	jmc@OpenBSD.org
2009-01-10 12:47:22 +00:00
Ruslan Ermilov
83708764a7 Fix crash with "netstat -m -N foo".
PR:		bin/124724
MFC after:	3 days
2009-01-10 12:39:12 +00:00
Robert Watson
9162f64b58 Rather than having MAC policies explicitly declare what object types
they label, derive that information implicitly from the set of label
initializers in their policy operations set.  This avoids a possible
class of programmer errors, while retaining the structure that
allows us to avoid allocating labels for objects that don't need
them.  As before, we regenerate a global mask of labeled objects
each time a policy is loaded or unloaded, stored in mac_labeled.

Discussed with:   csjp
Suggested by:     Jacques Vidrine <nectar at apple.com>
Obtained from:    TrustedBSD Project
Sponsored by:     Apple, Inc.
2009-01-10 10:58:41 +00:00
Robert Watson
dbdcb99498 Use MPC_OBJECT_IP6Q to indicate labeling of struct ip6q rather than
MPC_OBJECT_IPQ; it was already defined, just not used.

Obtained from:	TrustedBSD Project
Sponsored by:	Apple, Inc.
2009-01-10 09:17:16 +00:00
Bjoern A. Zeeb
c2ded8aefb Rather than using the cred from curthread, take it from the thread
referenced in the sysctl req argument.

Reviewed by:	rwatson
MFC after:	2 weeks
2009-01-09 23:57:59 +00:00
Sam Leffler
ff7bdcae4c remove license ack requirement; this was never needed
Reviewed by:	core
2009-01-09 22:35:25 +00:00
Joe Marcus Clarke
4424c9d053 Fix a deadlock which can occur due to a pseudofs vnode not getting unlocked.
Reported by:	Richard Todd <rmtodd@ichotolot.servalan.com>
Reviewed by:	kib
Approved by:	kib
2009-01-09 22:06:48 +00:00
Bjoern A. Zeeb
813dd6ae5e Restrict arp, ndp and theoretically the FIB listing (if not
read with libkvm) to the addresses of a prison, when inside a
jail. [1]
As the patch from the PR was pre-'new-arp', add checks to the
llt_dump handlers as well.

While touching RTM_GET in route_output(), consistently use
curthread credentials rather than the creds from the socket
there. [2]

PR:		kern/68189
Submitted by:	Mark Delany <sxcg2-fuwxj@qmda.emu.st> [1]
Discussed with:	rwatson [2]
Reviewed by:	rwatson
MFC after:	4 weeks
2009-01-09 21:57:49 +00:00
Sam Leffler
edb72ce895 example configurations for cross-building to Gateworks 2348 and 2358 boards;
probably needs cleanups to be less specific to my needs/uses

MFC after:	2 weeks
2009-01-09 21:39:44 +00:00
Christian Brueffer
1f58cdc233 Recognize et(4), igb(4), iwn(4), ixgbe(4) and nxge(4) devices.
Correct some minor whitespace in the ae(4) entry.

Reported by:	Mars G Miro
Approved by:	rwatson (mentor)
MFC after:	1 week
2009-01-09 19:49:32 +00:00
Adrian Chadd
8696873dae Fix fat-fingered comment.
Noticed-by: julian
2009-01-09 18:38:57 +00:00
Adrian Chadd
cef2729493 Fix indentation; add FALLTHROUGH.
Thanks Max!
2009-01-09 17:21:22 +00:00
Adrian Chadd
4f2e6bfdd8 Better comment what the socket option does. Thanks to Sam Leffler
for suggesting this.
2009-01-09 17:18:17 +00:00
Adrian Chadd
4209e01ad7 Comment some potentially confusing logic.
Nitpicking by: mlaier

MFC after:	2 weeks
2009-01-09 17:16:18 +00:00
Ruslan Ermilov
efad698c19 Sort MLINKS. 2009-01-09 16:24:10 +00:00
Bjoern A. Zeeb
ebda3fc380 Take the cred from curthread rather than curproc as curproc would need
locking but the credential from curthread (usually) never changes.

Discussed with:	jhb
MFC after:	2 weeks
2009-01-09 16:22:32 +00:00
Adrian Chadd
be9347e3fe Implement a new IP option (not compiled/enabled by default) to allow
applications to specify a non-local IP address when bind()'ing a socket
to a local endpoint.

This allows applications to spoof the client IP address of connections
if (obviously!) they somehow are able to receive the traffic normally
destined to said clients.

This patch doesn't include any changes to ipfw or the bridging code to
redirect the client traffic through the PCB checks so TCP gets a shot
at it. The normal behaviour is that packets with a non-local destination
IP address are not handled locally. This can be dealth with some IPFW hackery;
modifications to IPFW to make this less hacky will occur in subsequent
commmits.

Thanks to Julian Elischer and others at Ironport. This work was approved
and donated before Cisco acquired them.

Obtained from:	Julian Elischer and others
MFC after:	2 weeks
2009-01-09 16:02:19 +00:00
Christian Brueffer
b9a2c48954 DEBUG_REDZONE needs DDB which needs KDB.
PR:		130324
Submitted by:	Jaakko Heinonen <jh@saunalahti.fi>
MFC after:	3 days
2009-01-09 14:41:36 +00:00
Bjoern A. Zeeb
5ce0eb7f08 Make SIOCGIFADDR and related, as well as SIOCGIFADDR_IN6 and related
jail-aware. Up to now we returned the first address of the interface
for SIOCGIFADDR w/o an ifr_addr in the query. This caused problems for
programs querying for an address but running inside a jail, as the
address returned usually did not belong to the jail.
Like for v6, if there was an ifr_addr given on v4, you could probe
for more addresses on the interfaces that you were not allowed to see
from inside a jail. Return an error (EADDRNOTAVAIL) in that case
now unless the address is on the given interface and valid for the
jail.

PR:		kern/114325
Reviewed by:	rwatson
MFC after:	4 weeks
2009-01-09 13:06:56 +00:00
Rafal Jaworowski
4e883c81d0 Check PCIE link status before accessing the bus.
Some 88F5182-based systems (Linkstation) have problems when PCIE is
accessed without any peripherals present.
2009-01-09 12:38:41 +00:00
Doug Barton
990eddd5b7 Merge from vendor/bind9/dist as of the 9.4.3-P1 import 2009-01-09 11:45:45 +00:00