sysctl, net.inet.ip.fw.permanent_rules.
This allows you to install rules that are persistent across flushes,
which is very useful if you want a default set of rules that
maintains your access to remote machines while you're reconfiguring
the other rules.
Reviewed by: Mark Murray <markm@FreeBSD.org>
(as is done in unmount).
Remove a snapshot inode from the superblock list when its last
name goes away rather than when its last reference goes away.
That way it will be properly reclaimed by fsck after a crash
rather than reenabled when the filesystem is mounted.
I was hanging after sending a xfer CTIO and a status CTIO for a non-discon
INQUIRY- the xfer CTIO was returned as completed OK, but the status CTIO
was dropped on the floor. All the fields looked good. I don't know why
it got dropped. But allowing status to go back with data xfer seemed to
work. I also noticed that with a non-disconnecting command that the
firmware handle in the ATIO is zero- this leads me to believe that the
f/w really can only handle one CTIO at a time in the discon case, and
it had no idea what to do with the second (status) CTIO.
CAM_SEND_STATUS. Set a timeout of 2 seconds per CTIO. Make sure
that the 'real' tag value is being checked against- not the
one that also carries the firmware handle.
routine instead of pccard_event(). This avoids spurious extra calls
to pccard_insert_beep() at insert or remove time which could occur
due to noise on the card-present lines.
Clean up some code in pccard_beep.c; we were depending on the order
of evaluation of function arguments, which is undefined in C. Also,
use `0' rather than `NULL' for integer values.
Reviewed by: sanpei, imp
In our idle loop, use an or instruction to set PRELOADEN rather
than rewriting the contents of DMAPARAMS to DFCNTRL. The later
may re-enable the DMA engine if the idle loop is called to complete
the preload of at least one segment when a target disconnects on
an S/G segment boundary but before we have completed fetching the
next segment. This correts a hang, usually in message out phase,
when this situation occurs. This bug has been here for a long
time, so the situation is rare, but not impossible to reproduce.
It only affected Ultra2/U160 controllers.
Correct a few comments.
Extra Sanity. Make sure that SCSIEN is also turned off, along with
HDMAEN, at the end of the data phase.
Allow the initial hash value to be passed in, as the examples do.
Incrementally hash in the dvp->v_id (using the official api) rather than
add it. This seems to help power-of-two predictable filename trees
where the filenames repeat on a power-of-two cycle and the directory trees
have power-of-two components in it. The simple add then mask was causing
things like 12000+ entry collision chains while most other entries have
between 0 and 3 entries each. This way seems to improve things.
very specific scenarios, and now that we have had net.inet.tcp.blackhole for
quite some time there is really no reason to use it any more.
(last of three commits)
very specific scenarios, and now that we have had net.inet.tcp.blackhole for
quite some time there is really no reason to use it any more.
(first of three commits)
associated changes that had to happen to make this possible as well as
bugs fixed along the way.
Bring in required TLI library routines to support this.
Since we don't support TLI we've essentially copied what NetBSD
has done, adding a thin layer to emulate direct the TLI calls
into BSD socket calls.
This is mostly from Sun's tirpc release that was made in 1994,
however some fixes were backported from the 1999 release (supposedly
only made available after this porting effort was underway).
The submitter has agreed to continue on and bring us up to the
1999 release.
Several key features are introduced with this update:
Client calls are thread safe. (1999 code has server side thread
safe)
Updated, a more modern interface.
Many userland updates were done to bring the code up to par with
the recent RPC API.
There is an update to the pthreads library, a function
pthread_main_np() was added to emulate a function of Sun's threads
library.
While we're at it, bring in NetBSD's lockd, it's been far too
long of a wait.
New rpcbind(8) replaces portmap(8) (supporting communication over
an authenticated Unix-domain socket, and by default only allowing
set and unset requests over that channel). It's much more secure
than the old portmapper.
Umount(8), mountd(8), mount_nfs(8), nfsd(8) have also been upgraded
to support TI-RPC and to support IPV6.
Umount(8) is also fixed to unmount pathnames longer than 80 chars,
which are currently truncated by the Kernel statfs structure.
Submitted by: Martin Blapp <mb@imp.ch>
Manpage review: ru
Secure RPC implemented by: wpaul
o Attempt to disable the slot when we detect that there are problems with
it in our ISR. This should make polling mode work better for more cards,
but more work may be needed. This "disabling" sets the card interrupt
register to 0. This worked for me for lots of tests in polling mode.
o Now that I've found datasheets, fix a boatload of magic numbers in the
source to make it easier to understand.
o Use a table of names rather than a big case statement.
o Cull a few of the "unused" controller types that we map to other times
that were a vestiage of PAO code that we never merged in the same way.
o Enforce legal IRQs. You are no longer allowed to try to use IRQs that
will fail on all known ISA/PCI <-> PCMCIA bridges. The bridges do not
have pins for these illegal interrupts, and all of them are listed as
reserved and/or illegeal in the datasheets depending on which one you
look at.
o Add comments about how IBM-AT based computers and NEC PC-98 based computers
map these interrupts and which ones are valid.
o Always clear the bit that steers the management interrupt either to the
value listed in the PCIC_STAT_INT register. I've seen this bit get set
on suspend/resume and after windows boot, and it does't hurt to clear it.
NOTE: this might mean we can share this interrupt in the future.
is under-tested, and that MFS appears to be in the process of being
deprecated in favor of FFS over md. Note also that UFS_EXTATTR_AUTOSTART
doesn't make much sense on MFS unless the MFSROOT is compiled in, so
manual configuration is generally required.
Obtained from: TrustedBSD Project
aic7xxx.c:
Correct code that traverses the phase table. A much too quick
push to staticize this structure resulted in non-functional
lookup code. This corrects the printing of the phase where
a timeout occurred.
aic7xxx.reg:
Use FIFOQWDEMP as the name for bit 5 of DFSTATUS just like
the Adaptec data books.
aic7xxx.seq:
Refine the 2.1 PCI retry bug workaround for certain, non-ULTRA2,
controllers. When the DMA of an SCB completes, it can take
some time for HDONE to come true after MREQPEN (PCI memory request
pending) falls. If HDONE never comes true, we are in the hung
state and must manually drain the FIFO. We used to test HDONE for
3 clock cycles to detect this condition. This works on all of the
hardware I can personally test. Some controllers were reported
to take 4 clock cycles, so the last version of this code waited
4 clock cycles. This still didn't work for everyone. To fix this,
I've adjusted the work around so that even if the hardware hasn't
hung, but we run the work-around code, the result is a long winded
way to complete the transfer, rather than a hang.
options UFS_EXTATTR and UFS_EXTATTR_AUTOSTART respectively. This change
reflects the fact that our EA support is implemented entirely at the
UFS layer (modulo FFS start/stop/autostart hooks for mount and unmount
events). This also better reflects the fact that [shortly] MFS will also
support EAs, as well as possibly IFS.
o Consumers of the EA support in FFS are reminded that as a result, they
must change kernel config files to reflect the new option names.
Obtained from: TrustedBSD Project
o acl_calc_mask(): calculates the ACL mask entry associated with
the given ACL.
o acl_delete_entry(): remove a specified ACL entry from the given
ACL.
Approved by: rwatson
of long and int64_t; and print the result as an unsigned long. This should
make the output from the bzero() test more readable, and avoid printing a
negative bandwidth. Note that this doesn't change the decision process,
since that is based on time elapsed, not on computed bandwidth.
the driver. Doing this breaks the ability to unload the unneeded
parts of the driver (e.g unload the PCI section when using an ISA
card), but currently ifconfig(8) expects an interface `XXX' to have
a driver name of `if_XXX'.
PR: kern/25582
Submitted by: Alexander N. Kabaev <kabaev@mail.ru>, imp (apparently
Warner suggested a similar fix some time ago).
Reviewed by: paul (who would prefer to see ifconfig changed instead)
using it. Not checking this may have caused the wrong IP address to be
used when processing certain IP options (see example below). This also
caused the wrong route to be passed to ip_output() when forwarding, but
fortunately ip_output() is smart enough to detect this.
This example demonstrates the wrong behavior of the Record Route option
observed with this bug. Host ``freebsd'' is acting as the gateway for
the ``sysv''.
1. On the gateway, we add the route to the destination. The new route
will use the primary address of the loopback interface, 127.0.0.1:
: freebsd# route add 10.0.0.66 -iface lo0 -reject
: add host 10.0.0.66: gateway lo0
2. From the client, we ping the destination. We see the correct replies.
Please note that this also causes the relevant route on the ``freebsd''
gateway to be cached in ipforward_rt variable:
: sysv# ping -snv 10.0.0.66
: PING 10.0.0.66: 56 data bytes
: ICMP Host Unreachable from gateway 192.168.0.115
: ICMP Host Unreachable from gateway 192.168.0.115
: ICMP Host Unreachable from gateway 192.168.0.115
:
: ----10.0.0.66 PING Statistics----
: 3 packets transmitted, 0 packets received, 100% packet loss
3. On the gateway, we delete the route to the destination, thus making
the destination reachable through the `default' route:
: freebsd# route delete 10.0.0.66
: delete host 10.0.0.66
4. From the client, we ping destination again, now with the RR option
turned on. The surprise here is the 127.0.0.1 in the first reply.
This is caused by the bug in ip_rtaddr() not checking the cached
route is still up befor use. The debug code also shows that the
wrong (down) route is further passed to ip_output(). The latter
detects that the route is down, and replaces the bogus route with
the valid one, so we see the correct replies (192.168.0.115) on
further probes:
: sysv# ping -snRv 10.0.0.66
: PING 10.0.0.66: 56 data bytes
: 64 bytes from 10.0.0.66: icmp_seq=0. time=10. ms
: IP options: <record route> 127.0.0.1, 10.0.0.65, 10.0.0.66,
: 192.168.0.65, 192.168.0.115, 192.168.0.120,
: 0.0.0.0(Current), 0.0.0.0, 0.0.0.0
: 64 bytes from 10.0.0.66: icmp_seq=1. time=0. ms
: IP options: <record route> 192.168.0.115, 10.0.0.65, 10.0.0.66,
: 192.168.0.65, 192.168.0.115, 192.168.0.120,
: 0.0.0.0(Current), 0.0.0.0, 0.0.0.0
: 64 bytes from 10.0.0.66: icmp_seq=2. time=0. ms
: IP options: <record route> 192.168.0.115, 10.0.0.65, 10.0.0.66,
: 192.168.0.65, 192.168.0.115, 192.168.0.120,
: 0.0.0.0(Current), 0.0.0.0, 0.0.0.0
:
: ----10.0.0.66 PING Statistics----
: 3 packets transmitted, 3 packets received, 0% packet loss
: round-trip (ms) min/avg/max = 0/3/10
- Use explicit sizes for header structure fields.
- Use __attribute__ ((__packed__)) for header structures.
- Define struct iso88025_rif; for future use.
- Prototype upcoming iso88025_ifdetach()
- Get rid of __P() constructs in prototypes.
off of the file system root: "user" for user attributes, and "system"
for system attributes. When the scan occurs, attribute backing files
discovered in those directories will be started in the respective
namespaces. This re-introduces support for auto-starting of user
attributes, which was removed when the "$" prefix for system attributes
was replaced with explicit namespacing.
For users of the TrustedBSD UFS POSIX.1e ACL code, you'll need to:
mv ${FSROOT}/'$posix1e.acl_access' ${FSROOT}/system/posix1e.acl_access
mv ${FSROOT}/'$posix1e.acl_default' ${FSROOT}/system/posix1e.acl_default
For users of the TrustedBSD POSIX.1e Capability code, you'll need to:
mv ${FSROOT}/'$posix1e.cap' ${FSROOT}/system/posix1e.cap
For users of the TrustedBSD MAC code, you'll need to:
mv ${FSROOT}/'$freebsd.mac' ${FSROOT}/system/freebsd.mac
Updated versions of relevant patches will be released in the near
future.
Obtained from: TrustedBSD Project
- Make sure that m_mballoc() really doesn't allow over nmbufs mbufs to
be allocated from mb_map. In the case where nmbufs-reserved space is not
an exact multiple of PAGE_SIZE (which it should be, but anyway...), we
hold nmbufs as an absolute maximum which need not ever be reached.
- Clean up m_clalloc(); make it more consistent in the sense that the first
argument `ncl' really means "the number of clusters ensured to be allocated"
and not "the number of pages worth of clusters to be allocated," as was
previously the case. This also makes it consistent with m_mballoc() as well
as the comment that preceeds it.
Reviewed by: jlemon