91328 Commits

Author SHA1 Message Date
Ruslan Ermilov
a97ec0069e Bring back IPFilter headers to /usr/include, now that SHARED=symlinks
installs the per-header symlinks.

Prodded by:	many
2003-06-23 14:43:43 +00:00
Andrey A. Chernov
9625c742de Misc fixes from originator
Submitted by:   Pedro F. Giffuni <giffunip@yahoo.com>
PR:             53327
2003-06-23 13:37:07 +00:00
Andrey A. Chernov
f30d7f3d69 Remove ru_SU, we don't need it in favour to ru_RU
Submitted by:   ru
2003-06-23 13:21:15 +00:00
Andrey A. Chernov
536a12dbd6 Copy ru_SU spelling fixes to ru_RU
Submitted by:   ru
2003-06-23 13:18:42 +00:00
Andrey A. Chernov
3232f62c25 FIx catalog name I overlook in prev. obsolete locales removing
Submitted by:   ru
2003-06-23 13:08:22 +00:00
Ruslan Ermilov
6713c83ccc We use modernized version of soelim(1) shipped with Groff. 2003-06-23 12:03:22 +00:00
Matthew N. Dodd
829ecb807f Add a PCI ID for the Apollo Pro 133A.
PR:		 kern/46983
Submitted by:	 David Holm <david@realityrift.com>
2003-06-23 11:15:22 +00:00
Matthew N. Dodd
b02d3a97f8 Add PCI IDs for the i82855 and i82875P AGP bridges.
PR:		 i386/53136, i386/51802
Submitted by:	 Kyunghwan Kim <redjade@atropos.snu.ac.kr>, Norikatsu Shigemura <nork@FreeBSD.org>
2003-06-23 11:09:45 +00:00
Ruslan Ermilov
4f35cfba21 Delete keyadmin: its functionality is now provided by setkey(8). 2003-06-23 10:56:43 +00:00
Hartmut Brandt
76335e1302 Apply style(9) to this file. I'm going to touch large parts of this file
so make this beforehand.
2003-06-23 10:32:13 +00:00
Marcel Moolenaar
46559d7101 Change the definition of _ksd_curkse, _ksd_curthread and
_ksd_readandclear_tmbx to be function-like. That way we
can define them as inline functions or create prototypes
for them.

This change allows the ksd interface on ia64 to be fully
inlined.
2003-06-23 09:49:16 +00:00
Maxim Konovalov
c30afbc578 o Fix rev. 1.41, print a header. -STABLE is OK.
PR:		bin/53585
Submitted by:	Alexey Dokuchaev <danfe@regency.nsu.ru>
2003-06-23 08:43:19 +00:00
Luigi Rizzo
9ef3f16d08 syntactic sugar: support range notation such as
1.2.3.4/24{5,6,7,10-20,60-90}
for set of ip addresses.
Previously you needed to specify every address in the range, which
was unconvenient and lead to very long lines.
Internally the set is still stored in the same way, just the
input and output routines are modified.

Manpage update still missing.

Perhaps a similar preprocessing step would be useful for port ranges.

MFC after: 3 days
2003-06-23 08:20:28 +00:00
Maxim Konovalov
064d54a248 o Fix sets of rules usage example.
PR:		docs/53625
Submitted by:	Kostyuk Oleg <cub@cub.org.ua>
MFC after:	1 week
2003-06-23 07:48:32 +00:00
Tim J. Robbins
2582fc45ec Delete prefix: its functionality has been merged into ifconfig. 2003-06-23 07:36:58 +00:00
Tim J. Robbins
6aa10b9de1 Delete gifconfig: its functionality has been merged into ifconfig. 2003-06-23 07:25:54 +00:00
Alan Cox
f566a0b6ba Assert that the vm object is locked on entry to vm_pager_get_pages(). 2003-06-23 06:15:05 +00:00
Alan Cox
0183359659 MFi386
Add vm object locking to pmap_object_init_pt().
2003-06-23 06:10:52 +00:00
Marcel Moolenaar
ca4b6c293b Define THR_{G|S}ETCONTEXT to expand to {g|s}etcontext(2).
Define THR_ALIGN to align at 16-byte boundaries.
2003-06-23 04:52:09 +00:00
Marcel Moolenaar
97caaa6522 Implement atomic_swap_{int|long|ptr}. Define atomic_swap_ptr as a
macro that expands to atomic_swap_long() to avoid compiler warnings
caused by incompatible pointer passing.
2003-06-23 04:44:43 +00:00
Marcel Moolenaar
c2dac9a63d Remove _atomic_lock. It's not used. 2003-06-23 04:33:32 +00:00
Marcel Moolenaar
842728619a Move the machine specific files from sys/Makefile.inc and put them
in a machine specific makefile. While here, sort the sub-directories
in Makefile and remove _atomic_lock.S from all makefiles.
2003-06-23 04:28:31 +00:00
John-Mark Gurney
e3f932de5a prevent the number of patterns from exceeding the number of pci devices.
Submitted by:	rwatson
2003-06-23 03:17:03 +00:00
John-Mark Gurney
07e3ed79cd add verbage on various failure cases to match the /dev/pci interface. 2003-06-23 02:13:23 +00:00
John-Mark Gurney
d08239c1f7 cleanup /dev/pci code some:
read permision only required for listing, read/write required for
		read/write to registers
	fix a possible memory leak
	clean up error handling a bit

Reviewed by:	silence
2003-06-23 02:11:16 +00:00
Robert Watson
f51e58036e Redesign the externalization APIs from the MAC Framework to
the MAC policy modules to improve robustness against C string
bugs and vulnerabilities.  Following these revisions, all
string construction of labels for export to userspace (or
elsewhere) is performed using the sbuf API, which prevents
the consumer from having to perform laborious and intricate
pointer and buffer checks.  This substantially simplifies
the externalization logic, both at the MAC Framework level,
and in individual policies; this becomes especially useful
when policies export more complex label data, such as with
compartments in Biba and MLS.

Bundled in here are some other minor fixes associated with
externalization: including avoiding malloc while holding the
process mutex in mac_lomac, and hence avoid a failure mode
when printing labels during a downgrade operation due to
the removal of the M_NOWAIT case.

This has been running in the MAC development tree for about
three weeks without problems.

Obtained from:	TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
2003-06-23 01:26:34 +00:00
Greg Lehey
156bc71b92 Add the date of Turing's death.
Change the entry for Turing's birthday to be the same as in
calendar.birthday.  This enables cron jobs to uniq(1) the entry.
2003-06-23 00:16:00 +00:00
Robert Watson
6b42f0a2eb Prefer the vop_rmextattr() vnode operation for removing extended
attributes from objects over vop_setextattr() with a NULL uio; if
the file system doesn't support the vop_rmextattr() method, fall
back to the vop_setextattr() method.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-06-22 23:03:07 +00:00
Robert Watson
77533ed2aa Expose vop_rmextattr as an explicit operation at the vnode operation
interface, rather than relying on a NULL uio for the deletion
operation.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-06-22 22:45:24 +00:00
Robert Watson
4b090e41ff Add an explicit credential argument to alq_open() to allow the caller to
specify what credential to use when authorizing vn_open() and later
write operations, rather than curthread->td_ucred.

When writing KTR traces to an ALQ, specify the credential of the thread
generating the sysctl request.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-06-22 22:28:56 +00:00
Ruslan Ermilov
b31745f599 Do the upgrade checks quietly. 2003-06-22 21:56:22 +00:00
Alan Cox
f29ba63ec9 Maintain a lock on the vm object of interest throughout vm_fault(),
releasing the lock only if we are about to sleep (e.g., vm_pager_get_pages()
or vm_pager_has_pages()).  If we sleep, we have marked the vm object with
the paging-in-progress flag.
2003-06-22 21:35:41 +00:00
Don Lewis
7144b1d4bd Don't check the state of the vnode interlock if the specification says
that the lock should not be checked.

Skip the lock assertion checks for *vpp or any other pointer to a vnode
pointer if vpp (or equivalent) is NULL.
2003-06-22 21:20:06 +00:00
Ruslan Ermilov
46205431f9 Protect against .depend file somewhere else in the .PATH.
Also consolidate building rules for special files.
2003-06-22 17:57:56 +00:00
Luigi Rizzo
44c884e134 Add support for multiple values and ranges for the "iplen", "ipttl",
"ipid" options. This feature has been requested by several users.
On passing, fix some minor bugs in the parser.  This change is fully
backward compatible so if you have an old /sbin/ipfw and a new
kernel you are not in trouble (but you need to update /sbin/ipfw
if you want to use the new features).

Document the changes in the manpage.

Now you can write things like

	ipfw add skipto 1000 iplen 0-500

which some people were asking to give preferential treatment to
short packets.

The 'MFC after' is just set as a reminder, because I still need
to merge the Alpha/Sparc64 fixes for ipfw2 (which unfortunately
change the size of certain kernel structures; not that it matters
a lot since ipfw2 is entirely optional and not the default...)

PR: bin/48015

MFC after: 1 week
2003-06-22 17:33:19 +00:00
Robert Watson
16fd30bd2a Forward declare a boatload of structures referenced in the MAC
policy definition structure; this permits policies to reduce their
number of gratuitous includes for required for entry points they
don't implement.  This also facilitates building the MAC Framework
on Darwin.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-06-22 16:36:00 +00:00
Luigi Rizzo
b7850636cd comment out the 'sshd' entries as the image is now 1460KB
and does not fit into a floppy anymore (1403kb available).

There is not much you can do now except bumping up the image size
(by uncommenting the "fd_size=2880" line in ./config),
at which point you can uncomment sshd, the associated library,
and all the good stuff such as tcpdump and natd and ppp that
you might want on such a box.

A similar change should be applied to other picobsd image types.
2003-06-22 15:37:14 +00:00
Luigi Rizzo
5fe83c8acb Make this compile again: we need to specify a scheduler,
and remove the count for devices "sc" and "atkbdc"

This change does not apply to RELENG_4.
2003-06-22 15:32:09 +00:00
Hidetoshi Shimokawa
e07324646e Move KERNBASE to -2GB.
Currently, we cannot increase KVA more than 2GB.
2003-06-22 13:02:45 +00:00
Hidetoshi Shimokawa
bfcd2ec739 - Allow access to direct mapped region via /dev/kmem. This makes
'netstat -r' work.
- Use direct map for /dev/mem.
2003-06-22 12:59:43 +00:00
Hidetoshi Shimokawa
c1c1cc9c19 - Allocate a new PD Table if kernel grows beyond 1GB boundary.
Reviewed by: peter

- Use direct map in pmap_mapdev().
2003-06-22 12:55:20 +00:00
Poul-Henning Kamp
8198a1a472 Remove 256 unit limit, there is no evil minor number encoding to
deal with any more.

Spotted by:	"Darren Freestone" <df@cops.org>
2003-06-22 11:31:38 +00:00
Ruslan Ermilov
76e16c7155 FreeBSD now has the locale(1) utility. 2003-06-22 10:41:47 +00:00
David Malone
9c96ff4d54 Remove argument names from a function declaration.
Reviewed by:	phk
2003-06-22 10:34:49 +00:00
Hidetoshi Shimokawa
0147d2aa71 Allow installkernel.debug and reinstallkernel.debug. 2003-06-22 10:01:03 +00:00
Poul-Henning Kamp
3b6d965263 Add a f_vnode field to struct file.
Several of the subtypes have an associated vnode which is used for
stuff like the f*() functions.

By giving the vnode a speparate field, a number of checks for the specific
subtype can be replaced simply with a check for f_vnode != NULL, and
we can later free f_data up to subtype specific use.

At this point in time, f_data still points to the vnode, so any code I
might have overlooked will still work.
2003-06-22 08:41:43 +00:00
Alexey Zelkin
93cdc37dbf Hook locale(1) to build 2003-06-22 08:41:03 +00:00
Alexey Zelkin
64825d2991 document 'list' keyword & fix few typos 2003-06-22 08:39:29 +00:00
Alexey Zelkin
3f101ba0a5 Add FreeBSD specific keyword 'list' implementation. 'locale -k list' can
be used to retrieve list of all available keywords now.
2003-06-22 08:34:27 +00:00
Alexey Zelkin
d8dca302fb Add WARNS 2003-06-22 08:24:53 +00:00