98018 Commits

Author SHA1 Message Date
Tim J. Robbins
835fb61618 Restore closing of SMB find handle in smbfs_close(). 2004-01-10 03:45:30 +00:00
Doug Ambrisko
e2297e59c8 Remove the HACK section it breaks the older firmware and doesn't totally
fix the new firmware so remove it.
2004-01-10 03:02:04 +00:00
Alfred Perlstein
3f5c95f772 Fix a panic when attempting a v4 op against a v3/v2-only server.
It happens because rpcclnt_request is incorrectly returning 0 in the case
of an rpc mismatch or auth error.

Submitted by: Jim Rees <rees@umich.edu>
2004-01-10 02:59:54 +00:00
Alan Cox
37d44833d5 Unmanage pages allocated by kmem_alloc(). (There is no point in having PV
entries for these pages.)
2004-01-10 00:22:33 +00:00
Olivier Houchard
5cded90454 Prevent a race condition between fork1() and whatever changes the pgrp by
setting the new process' p_pgrp again before inserting it in the p_pglist.
Without it we can get the new process to be inserted in a different p_pglist
than the one p2->p_pgrp points to, and this is not something we want to happen.
This is not a fix, merely a bandaid, but it will work until someone finds a
better way to do it.

Discussed with: 	jhb (a long time ago)
2004-01-09 23:42:36 +00:00
Olivier Houchard
63bfa8ba2c Remove duplicate __FBSDID().
Mark trm as depending on cam.
2004-01-09 23:30:31 +00:00
Maksim Yevmenkin
a4b187fa33 Change sdp_open_local(3) API. It now takes a path to a control socket
Teach sdpcontrol(8) how to talk to the local SDP server
Update man pages
s/u_int/uint

Reviewed by:	imp (mentor), ru
2004-01-09 22:44:28 +00:00
Dag-Erling Smørgrav
91c9d24e52 Move the description of sbuf_delete() closer to the description of
sbuf_new(), and try to make them both a little clearer.
2004-01-09 21:16:31 +00:00
Nate Lawson
2ccd1cac95 Clean up the acpi announce message of trailing spaces. 2004-01-09 21:04:28 +00:00
Simon L. B. Nielsen
d42944a1b8 Add missing manual page links for rman(9) and sysctl_add_oid(9).
Submitted by:	Lukas Ertl <l.ertl@univie.ac.at>
PR:		docs/60088
2004-01-09 20:15:51 +00:00
Bruce A. Mah
0e6a6f18a1 First 5.2-RELEASE errata, documenting some known issues in the
release: xdm(1) black-and-white-ness, ACPI problems, ATA device
problems, NFS floppy install requirements, pcm(4) vchan instabilities.

Submitted by:	scottl, truckman
2004-01-09 20:10:20 +00:00
Nate Lawson
d11a4e603f Update man page for \_OS* changes. 2004-01-09 20:06:04 +00:00
Nate Lawson
25611cfe97 Expand the check for overriding the OS name to override _OS* (including
_OS_, _OS, and _OSI).  This should fix this option for people who reported
it not changing anything.
2004-01-09 20:01:42 +00:00
Nate Lawson
f381ebd8a8 Note that REPORT_LUNS should be implemented to work better with Linux
and Windows as initiators.
2004-01-09 19:33:21 +00:00
Nate Lawson
4c1cc94ee3 Enable autosense by default. This shouldn't hurt SPI and is required
for FC.
2004-01-09 19:27:18 +00:00
Nate Lawson
daa66c2c60 Bump the max number of initiators to 256 from 16. This is appropriate for
fibre channel and shouldn't hurt SPI.
2004-01-09 19:26:30 +00:00
Scott Long
6d38a06c85 Disable the APIC when selecting the 'Safe Mode' option of the loader. This
will disable both APIC interrupt routing and SMP.
2004-01-09 19:20:47 +00:00
Maksim Yevmenkin
6aae6f7e7a Prepare libsdp(3) for the upcoming sdpd import
Also while i'm here s/u_int/uint

Reviewed by:	imp (mentor), ru
2004-01-09 18:19:12 +00:00
Christian Brueffer
c8885b4b8f Add MLINK:
ndis.4 -> if_ndis.4
2004-01-09 17:55:48 +00:00
Christian Brueffer
bd675dd3a9 Correct typo in MLINK 2004-01-09 17:49:03 +00:00
Christian Brueffer
130b84f512 Add reference to miibus.4
MFC after:	5 days
2004-01-09 17:43:37 +00:00
Christian Brueffer
a376b5ff08 device uhci0 -> device uhci
Remove reference to miibus.4, the driver doesn't use it.

MFC after:	5 days
2004-01-09 17:39:08 +00:00
Christian Brueffer
484d662c34 kue(4) doesn't use miibus either
MFC after:	5 days
2004-01-09 17:31:33 +00:00
Christian Brueffer
d2c7a11844 Remove drivers that don't need miibus(4):
o an
o awi

Add missing drivers:
o axe
o bfe
o gx
o lge
o nge
o re
o sk

MFC after:	5 days
2004-01-09 17:17:57 +00:00
Jacques Vidrine
e4dc8baa84 Provide sysarch(2) prototypes in the MD sysarch.h headers. While I'm
at it, use the ANSI C generic pointer type for the second argument,
thus matching the documentation.

Remove the now extraneous (and now conflicting) function declarations
in various libc sources.  Remove now unnecessary casts.

Reviewed by:	bde
2004-01-09 16:52:09 +00:00
Poul-Henning Kamp
cfa35456ca KASSERT against no-op access requests.
Submitted by:	Pawel Jakub Dawidek <nick@garage.freebsd.pl>
2004-01-09 16:10:32 +00:00
Simon L. B. Nielsen
a3d2cb0998 - Add the HP hn210e to the devices list.
- Make the device list compact.

MFC after:	1 week
2004-01-09 15:47:54 +00:00
Jacques Vidrine
ede6693b54 Re-add the FreeBSD RCS keyword for the benefit of mergemaster.
PR:		conf/50040
Requested by:	Dimitry Andric <dim@xs4all.nl>
2004-01-09 14:46:11 +00:00
Andre Oppermann
1ddc17c1d5 Reduce TCP_MINMSS default to 216. The AX.25 protocol (packet radio)
is frequently used with an MTU of 256 because of slow speeds and a
high packet loss rate.
2004-01-09 14:14:10 +00:00
Jacques Vidrine
c849849d06 It was reported that when using nss_ldap, getgrent(3) would behave
incorrectly when encountering `large' groups (many members and/or many
long member names).  The reporter tracked this down to the glibc NSS
module compatibility code (nss_compat.c): it would prematurely record
that a NSS module was finished iterating through its database in some
cases.

Two aspects are corrected:

1. nss_compat.c recorded that a NSS module was finished iterating
   whenever the module reported something other than SUCCESS.  The
   correct logic is to continue iteration when the module reports
   either SUCCESS or RETURN.  The __nss_compat_getgrent_r and
   __nss_compat_getpwent_r routines are updated to reflect this.

2. An internal helper macro __nss_compat_result is used to map glibc
   NSS status codes to BSD NSS status codes (e.g. NSS_STATUS_SUCCESS ->
   NS_SUCCESS).  It provided the obvious mapping.

   When a NSS routine is called with a too-small buffer, the
   convention in the BSD NSS code is to report RETURN.  (This is used
   to implement reentrant APIs such as getpwnam_r(3).)  However, the
   convention in glibc for this case is to set errno = ERANGE and
   overload TRYAGAIN.  __nss_compat_result is updated to handle this
   case.

PR:		bin/60287
Reported by:	Lachlan O'Dea <odela01@ca.com>
2004-01-09 13:43:49 +00:00
Dag-Erling Smørgrav
2735d723cb This commit was generated by cvs2svn to compensate for changes in r124287,
which included commits to RCS files with non-trunk default branches.
2004-01-09 12:57:36 +00:00
Dag-Erling Smørgrav
002696701b Don't output the terminating '\0' (already fixed in OpenSSH CVS) 2004-01-09 12:57:36 +00:00
Hartmut Brandt
5361744dfa Fix a warning when NATM is not defined. In this case s is not used. 2004-01-09 11:25:14 +00:00
Dag-Erling Smørgrav
f0477b2653 Egg on my face: UsePAM was off by default.
Pointed out by:	Sean McNeil <sean@mcneil.com>
2004-01-09 08:07:12 +00:00
Bill Paul
e6003d0862 The private data section of ndis_packets has a 'packet flags' byte
which has two important flags in it: the 'allocated by NDIS' flag
and the 'media specific info present' flag. There are two Windows macros
for getting/setting media specific info fields within the ndis_packet
structure which can behave improperly if these flags are not initialized
correctly when a packet is allocated. It seems the correct thing
to do is always set the NDIS_PACKET_ALLOCATED_BY_NDIS flag on
all newly allocated packets.

This fixes the crashes with the Intel Centrino wireless driver.
My sample card now seems to work correctly.

Also, fix a potential LOR involving ndis_txeof() in if_ndis.c.
2004-01-09 06:53:49 +00:00
David E. O'Brien
2511c244ad Sync with Creative's 8010.h rev 1.51. 2004-01-09 06:38:11 +00:00
David E. O'Brien
a554deb2a8 Dike out some very Linux-specific parts that we can't compile with.
Also protect AC97_MUTE which is also defined in our own ac97.h.
2004-01-09 05:08:32 +00:00
David E. O'Brien
fca6c85647 Vendor import revision 1.9 of ac97_codec.h (we renamed the file) from
http://cvs.sourceforge.net/viewcvs.py/emu10k1/emu10k1/ac97_codec.h
2004-01-09 05:05:04 +00:00
David E. O'Brien
03adcebca3 This commit was generated by cvs2svn to compensate for changes in r124273,
which included commits to RCS files with non-trunk default branches.
2004-01-09 05:05:04 +00:00
Bill Paul
431b5bd6e7 Implement NdisOpenFile()/NdisCloseFile()/NdisMapFile()/NdisUnmapFile().
By default, we search for files in /compat/ndis. This can be changed with
a systcl. These routines are used by some drivers which need to download
firmware or microcode into their respective devices during initialization.

Also, remove extraneous newlines from the 'built-in' sysctl/registry
variables.
2004-01-09 03:57:00 +00:00
Brian Feldman
bbd6d60a85 Add a GraphViz-exporting ngctl(8) "dot" command. You can now create
very useful .dot files of your netgraph(4) to quickly visualize the
nodes, hooks and edges.  An example of this can be found here:
	http://people.freebsd.org/~green/sample-netgraph-dot.ps
If anyone would like to refine the output further, please do so.
2004-01-09 03:19:40 +00:00
Brian Feldman
b712e9ec66 Also, don't crash in the netgraph disconnect node if the interface is
detached from the other direction.
2004-01-09 02:03:24 +00:00
Brian Feldman
018df1c369 Don't try to ifpromisc() on an interface that's deleted already. 2004-01-09 00:41:45 +00:00
Robert Watson
07eacae0d2 Improve the expressiveness of ttyinfo (^T) when dealing with threads
in slightly less usual states:

  If the thread is on a run queue, display "running" if the thread is
  actually running, otherwise, "runnable".

  If the thread is sleeping, and it's on a sleep queue, display the
  name of the queue, otherwise "unknown" -- previously, in this situation
  we would display "iowait".

  If the thread is waiting on a lock, display *lockname.

  If the thread is suspended, display "suspended" -- previously, in
  this situation we would display "iowait".

  If the thread is waiting for an interrupt, display "intrwait" --
  previously, in this situation we would display "iowait".

  If the thread is in a state not handled by the above, display
  "unknown" -- previously, we would print "iowait".

Among other things, this avoids displaying "iowait" when the foreground
process turns out to be suspended waiting for a debugger to properly
attach.
2004-01-08 22:49:23 +00:00
Robert Watson
047aa39b25 Drop the sigacts mutex around calls to stopevent() to avoid sleeping
holding the mutex.  Because the sigacts pointer can't change while
the process is "live" (proc locking (x)), we know our pointer is still
valid.

In communication with:	truckman
Reviewed by:		jhb
2004-01-08 22:44:54 +00:00
Poul-Henning Kamp
ed283fb506 Do not emit comments when -n is specified. 2004-01-08 22:21:45 +00:00
Alan Cox
65bae14d77 - Enable recursive acquisition of the mutex synchronizing access to the
free pages queue.  This is presently needed by contigmalloc1().
 - Move a sanity check against attempted double allocation of two pages
   to the same vm object offset from vm_page_alloc() to vm_page_insert().
   This provides better protection because double allocation could occur
   through a direct call to vm_page_insert(), such as that by
   vm_page_rename().
 - Modify contigmalloc1() to hold the mutex synchronizing access to the
   free pages queue while it scans vm_page_array in search of free pages.
 - Correct a potential leak of pages by contigmalloc1() that I introduced
   in revision 1.20: We must convert all cache queue pages to free pages
   before we begin removing free pages from the free queue.  Otherwise,
   if we have to restart the scan because we are unable to acquire the
   vm object lock that is necessary to convert a cache queue page to a
   free page, we leak those free pages already removed from the free queue.
2004-01-08 20:48:26 +00:00
Søren Schmidt
986a964900 Use the saved params for LBA-CHS conversion. Fixes PC98 bug. 2004-01-08 19:17:16 +00:00
Maxime Henrion
ec6a729924 Some integrated Davicom cards in sparc64 boxes have an all zeros
MAC address in the EEPROM, and we need to get it from OpenFirmware.
This isn't very pretty but time is lacking to do this in a better
way this near 5.2-RELEASE.  This is a RELENG_5_2 candidate.

Original version by:	Marius Strobl <marius@alchemy.franken.de>
Tested by:		Pete Bentley <pete@sorted.org>
Reviewed by:		jake
2004-01-08 19:08:27 +00:00
Andre Oppermann
53369ac9bb Limiters and sanity checks for TCP MSS (maximum segement size)
resource exhaustion attacks.

For network link optimization TCP can adjust its MSS and thus
packet size according to the observed path MTU.  This is done
dynamically based on feedback from the remote host and network
components along the packet path.  This information can be
abused to pretend an extremely low path MTU.

The resource exhaustion works in two ways:

 o during tcp connection setup the advertized local MSS is
   exchanged between the endpoints.  The remote endpoint can
   set this arbitrarily low (except for a minimum MTU of 64
   octets enforced in the BSD code).  When the local host is
   sending data it is forced to send many small IP packets
   instead of a large one.

   For example instead of the normal TCP payload size of 1448
   it forces TCP payload size of 12 (MTU 64) and thus we have
   a 120 times increase in workload and packets. On fast links
   this quickly saturates the local CPU and may also hit pps
   processing limites of network components along the path.

   This type of attack is particularly effective for servers
   where the attacker can download large files (WWW and FTP).

   We mitigate it by enforcing a minimum MTU settable by sysctl
   net.inet.tcp.minmss defaulting to 256 octets.

 o the local host is reveiving data on a TCP connection from
   the remote host.  The local host has no control over the
   packet size the remote host is sending.  The remote host
   may chose to do what is described in the first attack and
   send the data in packets with an TCP payload of at least
   one byte.  For each packet the tcp_input() function will
   be entered, the packet is processed and a sowakeup() is
   signalled to the connected process.

   For example an attack with 2 Mbit/s gives 4716 packets per
   second and the same amount of sowakeup()s to the process
   (and context switches).

   This type of attack is particularly effective for servers
   where the attacker can upload large amounts of data.
   Normally this is the case with WWW server where large POSTs
   can be made.

   We mitigate this by calculating the average MSS payload per
   second.  If it goes below 'net.inet.tcp.minmss' and the pps
   rate is above 'net.inet.tcp.minmssoverload' defaulting to
   1000 this particular TCP connection is resetted and dropped.

MITRE CVE:	CAN-2004-0002
Reviewed by:	sam (mentor)
MFC after:	1 day
2004-01-08 17:40:07 +00:00