Commit Graph

54642 Commits

Author SHA1 Message Date
John Baldwin
bcd9e0dd20 - Add two new system calls: preadv() and pwritev() which are like readv()
and writev() except that they take an additional offset argument and do
  not change the current file position.  In SAT speak:
  preadv:readv::pread:read and pwritev:writev::pwrite:write.
- Try to reduce code duplication some by merging most of the old
  kern_foov() and dofilefoo() functions into new dofilefoo() functions
  that are called by kern_foov() and kern_pfoov().  The non-v functions
  now all generate a simple uio on the stack from the passed in arguments
  and then call kern_foov().  For example, read() now just builds a uio and
  calls kern_readv() and pwrite() just builds a uio and calls kern_pwritev().

PR:		kern/80362
Submitted by:	Marc Olzheim marcolz at stack dot nl (1)
Approved by:	re (scottl)
MFC after:	1 week
2005-07-07 18:17:55 +00:00
Jeff Roberson
8b3676f1a1 - Since we don't hold a usecount in pfs_exit we have to get a holdcnt
prior to calling vgone() to prevent any races.

Sponsored by:	Isilon Systems, Inc.
Approved by:	re (vfs blanket)
2005-07-07 07:33:10 +00:00
Sam Leffler
82145663e3 reclaim mbuf when ieee80211_crypto_encap fails
Approved by:	re (scottl)
Obtained from:	netbsd
2005-07-07 02:55:04 +00:00
Scott Long
8225bf4c36 Fix ifnet fallout in if_ti.
Reviewed by: brooks
Approved by: re
2005-07-07 01:05:45 +00:00
Sam Leffler
8f40943151 only invoke ath_rate_tx_complete to update rate control state when the
frame being sent is to be ack'd and hasn't been filtered by the h/w;
this insures we don't pass in tx descriptors that have no meaningful
state (e.g. mcast/bcast frames are not acked and so have no tx retry
counts)

Approved by:	re (scottl)
Obtained from:	Atheros
2005-07-07 00:04:50 +00:00
Warner Losh
dc1206ea0f Add support for Farallon EtherMAC PC Card.
Move ethernet MAC address setting into pccard attachment
Fix panic from IFP2ENADDR() use prior to if_alloc
Remove OLDCARD compat support.  This should work still on oldcard, however.
sn_attach now requires that the resources be activated now, so adjust.

Approved by: re (scottl)
2005-07-06 15:59:47 +00:00
Warner Losh
ce44283887 Add device entry for a Farallon EtherMac PC Card that I won on ebay. This
one is supported by the sn driver.

Approved by: re (scottl)
2005-07-06 15:56:16 +00:00
Sam Leffler
c4f040c3f3 add "pureg" mode for ap operation: reject association requests from
11b-only stations when operating in 11g

Reviewed by:	avatar
Approved by:	re (scottl)
2005-07-06 15:38:27 +00:00
Sam Leffler
bc5627d91f Fix handling of data frames queued for a station in power save mode:
don't mark the MORE_DATA bit when taking it off the ps queue, there's
no 802.11 header then; we must wait to do this at encap time so
mark the mbuf instead.

Reviewed by:	avatar
Approved by:	re (scottl)
Obtained from:	Atheros
2005-07-06 01:55:17 +00:00
Sam Leffler
ebdda46c84 Fix race condition in handling node reference counts for authenticating
stations in ap mode.  Track when a node's first auth frame is
received and use this to decide whether or not to bump the refcnt.
This insures we only ever bump the refcnt once.

Reviewed by:	avatar
Approved by:	re (scottl)
2005-07-06 01:51:44 +00:00
Tai-hwa Liang
720bd46e9f Only update the scan entry state based on newly received frames.
This fixes duplicative BSS entries(memory leaks as well) listed in
"ifconfig dev list scan" when a station fails to associate with an AP.

Reviewed by:	sam
Approved by:	re (scottl)
2005-07-06 01:31:34 +00:00
Andrew Thompson
ea32e73208 - Previously when broadcasting to N number of interfaces we would run pfil
hooks for each outgoing interface but also run pfil hooks _N times_ on the
  bridge interface. This is changed so pfil hooks are run once for the bridge
  interface (bridge0) and then only on the outgoing interfaces in the broadcast
  loop.

- Simplify bridge_enqueue() by moving bridge_pfil() to the callers.

- Check (inet6_pfil_hook.ph_busy_count >= 0), it may be possible to have a
  packet filter hooked for only ipv6 but we were only checking if ipv4 hooks
  were busy.

- Minor optimisation for null mbuf check after bridge_pfil(), move it into the
  if-block as it couldnt possibly be null outside.

Prodded by:	mlaier
Approved by:	re (scottl), mlaier (mentor)
2005-07-06 01:24:45 +00:00
Robert Watson
3c308b091f Eliminate MAC entry point mac_create_mbuf_from_mbuf(), which is
redundant with respect to existing mbuf copy label routines.  Expose
a new mac_copy_mbuf() routine at the top end of the Framework and
use that; use the existing mpo_copy_mbuf_label() routine on the
bottom end.

Obtained from:	TrustedBSD Project
Sponsored by:	SPARTA, SPAWAR
Approved by:	re (scottl)
2005-07-05 23:39:51 +00:00
Robert Watson
6758f88ea4 Add MAC Framework and MAC policy entry point mac_check_socket_create(),
which is invoked from socket() and socketpair(), permitting MAC
policy modules to control the creation of sockets by domain, type, and
protocol.

Obtained from:	TrustedBSD Project
Sponsored by:	SPARTA, SPAWAR
Approved by:	re (scottl)
Requested by:	SCC
2005-07-05 22:49:10 +00:00
John Baldwin
623b1a868e Remove a || 1 that crept into the i8254 commit and was subsequently
copied and pasted.  I had actually tested without this change in my
trees as had the other testers.

Reported by:	bde, Rostislav Krasny rosti dot bsd at gmail dot com
Approved by:	re (scottl)
Pointy hat to:	jhb
2005-07-05 20:13:12 +00:00
Paul Saab
d758711729 Fix for a bug in newreno partial ack handling where if a large amount
of data is partial acked, snd_cwnd underflows, causing a burst.

Found, Submitted by:	Noritoshi Demizu
Approved by:		re
2005-07-05 19:23:02 +00:00
Sam Leffler
e5f9856fd5 remove auto-add of IEEE80211_KEY_GROUP; all the apps that need to
set it have been fixed

Reviewed by:	avatar
Approved by:	re (scottl)
2005-07-05 18:05:25 +00:00
Gleb Smirnoff
ae1ff8e34f Remove obsoleted sysctl interface for switching between standard and 3Com
PPPoE modes. The interface was declared obsoleted before 5.3-RELEASE.

When running as access concentrator ng_pppoe(4) supports both modes
simultanously. When running as client mode can be swicthed in ppp(8)
configuration.

Approved by:	re (scottl)
2005-07-05 17:51:02 +00:00
Sam Leffler
b5d4660f64 o when setting a wpa key, hold a ref on the bss node;
fixes a ref cnt leak
o make unicast key handling on delete identical to set
o change legacy wep key api to reset the 802.11 state
  machine for backwards compatibility

Reviewed by:	avatar
Approved by:	re (scottl)
2005-07-05 17:35:35 +00:00
Gleb Smirnoff
8afe16d57b In the splnet times, netgraph was functional and synchronous. Nowadays,
an item may be queued and processed later. While this is OK for mbufs,
this is a problem for control messages.

In the framework:
- Add optional callback function pointer to an item. When item gets
  applied the callback is executed from ng_apply_item().
- Add new flag NG_PROGRESS. If this flag is supplied, then return
  EINPROGRESS instead of 0 in case if item failed to deliver
  synchronously and was queued.
- Honor NG_PROGRESS in ng_snd_item().

In ng_socket:
- When userland sends control message add callback to the item.
- If ng_snd_item() returns EINPROGRESS, then sleep.

This change fixes possible races in ngctl(8) scripts.

Reviewed by:	julian
Approved by:	re (scottl)
2005-07-05 17:35:20 +00:00
Marcel Moolenaar
7906787a5f Enhance ia64_flush_dirty() to handle the case in which td != curthread.
This case is triggered with ptrace(2) and the PT_SETREGS function.
Change the return type of the function to int so that errors can be
passed on to the caller.

Approved by: re (scottl)
2005-07-05 17:12:18 +00:00
Pawel Jakub Dawidek
c23c87bd93 Fix one "wrong b_bufobj" panic in reassignbuf() by moving VI_UNLOCK(vp)
below KASSERT()s, which means there was no real problem here, we just
needed better locking for assertions.

OK'ed by:	jeff
Approved by:	re (scottl)
2005-07-05 15:57:55 +00:00
Sam Leffler
7edb8cf9c7 when operating in ap mode, explicitly drop associated/authenticated
stations when transitioning to INIT state (e.g. as a result of
changing state at the 802.11 level)

Approved by:	re (scottl)
2005-07-04 01:29:41 +00:00
Hiroki Sato
c88f124134 Add support for IODATA USB-RSAQ3 USB-Serial Adapter.
Reported by:	Tomokazu Hirai
Approved by:	re (scottl)
MFC after:	3 days
2005-07-03 23:51:16 +00:00
Andrew Thompson
ede3a2773d Check the alignment of the IP header before passing the packet up to the
packet filter. This would cause a panic on architectures that require strict
alignment such as sparc64, ia64 and ppc.

This uses the code block from if_bridge and the newly added macro
IP_HDR_ALIGNED_P().

This /might/ be a temporary messure before all NIC drivers are educated
to align the header themself.

PR:		ia64/81284
Obtained from:	NetBSD (if_bridge)
Approved by:	re (dwhite), mlaier (mentor)
2005-07-03 18:24:03 +00:00
Joseph Koshy
86a655492a - Update the CPU version check to recognize P4/EMT64 CPUs. [1]
- Allow libpmc(3) to support P4/EMT64 PMCs on the amd64 architecture
  and AMD K8 PMCs on the i386. [2]

Submitted by:	ps [1]
Pointy hat:	myself [2]
Approved by:	re (scottl)
2005-07-03 16:33:22 +00:00
Max Laier
b4373150d9 Remove ambiguity from hlen. IPv4 is now indicated by is_ipv4 and we need a
proper hlen value for IPv6 to implement O_REJECT and O_LOG.

Reviewed by:	glebius, brooks, gnn
Approved by:	re (scottl)
2005-07-03 15:42:22 +00:00
Damien Bergamini
09137879a5 o Make ipw(4) more robust against frames received with a bad length.
o Minor consistency tweaks.

Reviewed by:	silby (mentor)
Approved by:	re (scottl)
2005-07-03 15:42:18 +00:00
Damien Bergamini
7f5ea03de8 o Add new ids for the Belkin F5D7050
o Indent usb ids properly
o Check the return value of if_alloc()
o Call if_free() in ural_detach()

Reviewed by:	silby (mentor)
Approved by:	re (scottl)
2005-07-03 15:38:41 +00:00
Damien Bergamini
3dde707f68 Add another ural(4) device (Belkin F5D7050)
Reviewed by:	silby (mentor)
Approved by:	re (scottl)
2005-07-03 15:34:32 +00:00
Yoshihiro Takahashi
811d79106f MFi386: r1.221 (Use a simpler implementation for the i8254 timecounter).
Approved by:	re (scottl)
2005-07-03 14:19:29 +00:00
R. Imura
fc1bbc7527 Switch Unicode charset name from "ISO-10646-UCS-2" to "UTF-16BE".
Using ISO-10646-UCS-2 will cause a problem when we use our own
iconv functions in the future, or port iconv other than GNU
libiconv.

Each vendors treat "UCS-2" as follows, and endian issue is
vendor specific:

 - Solaris 8 iconv
  Little Endian with BOM

 - HP-UX iconv
  Big Endian

 - NetBSD/i386 1.6 iconv
  Little Endian

 - GNU libiconv
  Big Endian

 - glibc(RedHat AS 2.1 x86) iconv
  Little Endian

 - IANA
  Name: ISO-10646-UCS-2
  MIBenum: 1000
  Source: the 2-octet Basic Multilingual Plane, aka Unicode
          this needs to specify network byte order: the standard
          does not specify (it is a 16-bit integer space)
  Alias: csUnicode

 - MSDN
  Little Endian
  http://msdn.microsoft.com/library/en-us/cpref/html/frlrfsystemtextencodingclassgetencodingtopic2.asp

Now using UTF-16BE is harmless, because
- same as UCS-2 with 2 byte range (U+0000 - U+FFFF)
- kernel code of each file systems(cd9660, msdosfs, ntfs) believes
  Unicode is a 2 byte character at this time.
- UDF has only 2 byte range of Unicode filenames.
- It's defined at RFC2781.

So I believe it's time to change before starting new RELENG_6. :)

Approved by:	re (scottl)
2005-07-03 01:12:37 +00:00
Marcel Moolenaar
a2aeb24eff Implement functions calls from within DDB on ia64. On ia64 a function
pointer doesn't point to the first instruction of that function, but
rather to a descriptor. The descriptor has the address of the first
instruction, as well as the value of the global pointer. The symbol
table doesn't know anything about descriptors, so if you lookup the
name of a function you get the address of the first instruction. The
cast from the address, which is the result of the symbol lookup, to a
function pointer as is done in db_fncall is therefore invalid.
Abstract this detail behind the DB_CALL macro. By default DB_CALL is
defined as db_fncall_generic, which yields the old behaviour. On ia64
the macro is defined as db_fncall_ia64, in which a descriptor is
constructed to yield a valid function pointer.

While here, introduce DB_MAXARGS. DB_MAXARGS replaces the existing
(local) MAXARGS. The DB_MAXARGS macro can be defined by platforms to
create a convenient maximum. By default this will be the legacy 10.
On ia64 we define this macro to be 8, for 8 is the maximum number of
arguments that can be passed in registers. This avoids having to
implement spilling of arguments on the memory stack.

Approved by: re (dwhite)
2005-07-02 23:52:37 +00:00
Andrew Thompson
2fcb030ad5 Check the alignment of the IP header before passing the packet up to the
packet filter. This would cause a panic on architectures that require strict
alignment such as sparc64 (tier1) and ia64/ppc (tier2).

This adds two new macros that check the alignment, these are compile time
dependent on __NO_STRICT_ALIGNMENT which is set for i386 and amd64 where
alignment isn't need so the cost is avoided.

 IP_HDR_ALIGNED_P()
 IP6_HDR_ALIGNED_P()

Move bridge_ip_checkbasic()/bridge_ip6_checkbasic() up so that the alignment
is checked for ipfw and dummynet too.

PR:		ia64/81284
Obtained from:	NetBSD
Approved by:	re (dwhite), mlaier (mentor)
2005-07-02 23:13:31 +00:00
Xin LI
60baed3742 Remove the CPU_ENABLE_SSE option from the i386 and pc98 architectures,
as they are already default for I686_CPU for almost 3 years, and
CPU_DISABLE_SSE always disables it.  On the other hand, CPU_ENABLE_SSE
does not work for I486_CPU and I586_CPU.

This commit has:
	- Removed the option from conf/options.*
	- Removed the option and comments from MD NOTES files
	- Simplified the CPU_ENABLE_SSE ifdef's so they don't
	  deal with CPU_ENABLE_SSE from kernel configuration. (*)

For most users, this commit should be largely no-op.  If you used to
place CPU_ENABLE_SSE into your kernel configuration for some reason,
it is time to remove it.

(*) The ifdef's of CPU_ENABLE_SSE are not removed at this point, since
    we need to change it to !defined(CPU_DISABLE_SSE) && defined(I686_CPU),
    not just !defined(CPU_DISABLE_SSE), if we really want to do so.

Discussed on:	-arch
Approved by:	re (scottl)
2005-07-02 20:06:44 +00:00
Marcel Moolenaar
5116398a06 Fix a buglet that was present in the ia64 code and that got inherited
by amd64 and i386: For buffered writes we collect data and write it
out a ${DEV_BSIZE}-sized block at a time. The fragsz variable is used
to keep track of how much data we have collected in the buffer so far
and it's reset to zero immediately after writing a block to the dump
device.
When the last, possibly partially filled buffer is flushed, we didn't
reset fragsz to 0 and as such would stop reflecting reality. Since we
currently only need to do buffered writes once, this isn't a problem.
However, when kernel dumps are made by hand (say by callling doadump
from within DDB), the improperly cleared state from the first call to
dumpsys causes the next call to dumpsys to create an invalid code file.
This change resets fragsz after flushing the partially filled buffer so
that it fixes the two problems at once.

Approved by: re (scottl)
2005-07-02 19:57:31 +00:00
Paul Saab
482ac96888 Fix for a bug in the change that defers sack option processing until
after PAWS checks. The symptom of this is an inconsistency in the cached
sack state, caused by the fact that the sack scoreboard was not being
updated for an ACK handled in the header prediction path.

Found by:	Andrey Chernov.
Submitted by:	Noritoshi Demizu, Raja Mukerji.
Approved by:	re
2005-07-01 22:54:18 +00:00
Paul Saab
69e0362019 Fix for a SACK crash caused by a bug in tcp_reass(). tcp_reass()
does not clear tlen and frees the mbuf (leaving th pointing at
freed memory), if the data segment is a complete duplicate.
This change works around that bug. A fix for the tcp_reass() bug
will appear later (that bug is benign for now, as neither th nor
tlen is referenced in tcp_input() after the call to tcp_reass()).

Found by:	Pawel Jakub Dawidek.
Submitted by:	Raja Mukerji, Noritoshi Demizu.
Approved by:	re
2005-07-01 22:52:46 +00:00
Peter Wemm
27e11adbbb MFi386: r1.221: use simple timecounter that is aware of irq0 being off.
Approved by:  re
2005-07-01 20:13:19 +00:00
Suleiman Souhlal
2b0f687b5d Mistakingly undefined VN_KNOTE_LOCKED in my previous commit.
Noticed by: Antoine Brodin <antoine.brodin@laposte.net>
Approved by:	re (scottl)
2005-07-01 17:13:59 +00:00
Suleiman Souhlal
571dcd15e2 Fix the recent panics/LORs/hangs created by my kqueue commit by:
- Introducing the possibility of using locks different than mutexes
for the knlist locking. In order to do this, we add three arguments to
knlist_init() to specify the functions to use to lock, unlock and
check if the lock is owned. If these arguments are NULL, we assume
mtx_lock, mtx_unlock and mtx_owned, respectively.

- Using the vnode lock for the knlist locking, when doing kqueue operations
on a vnode. This way, we don't have to lock the vnode while holding a
mutex, in filt_vfsread.

Reviewed by:	jmg
Approved by:	re (scottl), scottl (mentor override)
Pointyhat to:	ssouhlal
Will be happy:	everyone
2005-07-01 16:28:32 +00:00
Warner Losh
5af5f40c75 Upon relection, we shouldn't allow the tuple structs to be modified by
the functor, so make it a const pointer, and chase down the resulting
const-poisoning.

Approved by: re (scottl)
2005-07-01 15:52:50 +00:00
John Baldwin
7df0015945 Use a simpler implementation for the i8254 timecounter when using the lapic
timer since irq0 isn't being driven at hz in that case and we don't need to
try to handle edge cases with rollover, etc. that require irq0 to be firing
for the timecounter to actually work.

Submitted by:	phk
Tested by:	schweikh
Approved by:	re (scottl)
2005-07-01 15:47:27 +00:00
John Baldwin
e00515799d Fix what(1) on kernel binaries by duplicating part of version[] in sccs[]
and stop trying to play cute games so that sccs[] shares space with
version[].

Reported by:	Jilles Tjoelker jilles at stack dot nl
Discussed with:	bde, "R. Imura" imura at ryu16 dot org
Idea from:	NetBSD (via bde)
Approved by:	re (scottl)
MFC after:	1 week
2005-07-01 15:43:09 +00:00
Gleb Smirnoff
82dd5411d9 Use m_uiotombuf() instead of own implementation. This is not just
a cosmetic change. m_uiotombuf() produces a packet header mbuf, while
original implementation did not. When kernel is compiled with MAC
support, headerless mbuf will cause panic.

Reported by:	Alexander Nikiforenko <asn rambler-co.ru>
Approved by:	re (scottl)
MFC After:	2 weeks
2005-07-01 15:22:47 +00:00
Tai-hwa Liang
362abc449c - Providing fine-grained malloc statistic by replacing M_DEVBUF with
module-specific malloc types.  These should help us to pinpoint the
  possible memory leakage in the future.
- Implementing xpt_alloc_ccb_nowait() and replacing all malloc/free based
  CCB memory management with xpt_alloc_ccb[_nowait]/xpt_free_ccb.  Hopefully
  this would be helpful if someday we move the CCB allocator to use UMA
  instead of malloc().

Encouraged by:	jeffr, rwatson
Reviewed by:	gibbs, scottl
Approved by:	re (scottl)
2005-07-01 15:21:30 +00:00
Hartmut Brandt
4df70a92b5 Fix another fallout from the ifnet change that assumed that a softc
starts with an ifatm which in turns has an ifnet. Remove also a couple
of unneccessary casts that could hide such things in the future.

Approved by:	re
2005-07-01 10:45:02 +00:00
Gleb Smirnoff
a196a3c8aa When doing ARP load balancing source IP is taken in network byte order,
so residue of division for all hosts on net is the same, and thus only
one VHID answers. Change source IP in host byte order.

Reviewed by:	mlaier
Approved by:	re (scottl)
2005-07-01 08:22:13 +00:00
Warner Losh
96d951d396 Make a pass and cleanup the printfs from this driver.
Approved by: re (scottl) blanket ep
2005-07-01 05:31:23 +00:00
Warner Losh
880266e041 Minor cleanup of ep driver and pccard attachment:
o Grab the MAC address out of the CIS if the card has the special
  3Com 0x88 tuple.  Most 3Com cards don't have this tuple, but we
  prefer it to the eeprom since it only appears to be present when
  the eeprom doesn't have the info.  So far, I've only observed this
  on my 3C362 and 3C362B cards, but the NetBSD driver implies that
  the 3C362C also has this tuple, and that some 3C574 cards do too (none
  of mine do).  ep_pccard_mac was written after looking at the NetBSD
  code.
o Store the enet addr in the softc for this device, so we can use the
  overridden MAC to set the station address.
o Create a routine to set the station address and use it where we need it.
o setup the cmd shitfs and such before we call ep_alloc(), and remove
  setting up the cmd shift value there.  It initializes to 0, and those
  attachments that need to frob it do so before calling ep_alloc.
o Remove some obsolete comments
o No longer a need to export ep_get_macaddr, so make it static
o ep_alloc already grabs the EEPROM id, so we don't need to grab it again
  in ep_pccard_attach.
o eliminate unit, it isn't needed, fix some printfs to be device_printf
  instead.

# All my pccards except the 3C1 work now.  Didn't test ISA or cbus cards
# that I have: 3C509B-TP or 3C569B-J-TPO

Tested on: 3C589B, 3C589C, 3C589D, 3C589D-TP, 3C562, 3C562B/3C563B,
	3C562D/3C563D, 3CCFE574BT, 3CXEM556, 3CCSH572BT, 3C574-TX,
	3CCE589EC, 3CXE589EC, 3CCFEM556, 3C1
Approved by: re (scottl)
2005-07-01 04:23:32 +00:00
Pyun YongHyeon
8fd99e38e0 Use correct pointer type. This should fix non-functional re(4)
driver on 64bit architectures.

Approved by:	re (scottl)
2005-07-01 04:12:42 +00:00
Warner Losh
26db48b9b2 Add a much-requested feature: The ability for pccard attachments to
scan the CIS for interesting tuples.  95% of what can be obtained from
the CIS is harvested by the pccard layer and presented to the user in
standard function calls.  However, there are special needs at times
where the standard stuff doesn't suffice.  This is for those special
cases.

CARD_SCAN_CIS(device_get_parent(dev), function, argp)
	scans the CIS of the card, passing each tuple to function with
	the tuple and argp as its arguments.  Returning 0 continues the scan,
	while returning 1 terminates the scan.  The value of the last
	invocation of function is returned from this function.

int (*pccard_scan_t)(struct pccard_tuple *tuple, void *argp)
	function called for each tuple.  Elements of the CIS tuple can be
	read with pccard_tuple_read_{1,2,3,4,n}().  You are reading
	the actual tuple memory each time, in case your card has
	registers in the CIS.

# I suppose these things should be documented in pccard(4) or something like
# that.

# I plan on unifying cardbus CIS support in a similar way.

Approved by: re (scottl)
2005-07-01 03:40:28 +00:00
Joseph Koshy
151392465f MFP4:
- pmcstat(8) gprof output mode fixes:

  lib/libpmc/pmclog.{c,h}, sys/sys/pmclog.h:
  + Add a 'is_usermode' field to the PMCLOG_PCSAMPLE event
  + Add an 'entryaddr' field to the PMCLOG_PROCEXEC event,
    so that pmcstat(8) can determine where the runtime loader
    /libexec/ld-elf.so.1 is getting loaded.

  sys/kern/kern_exec.c:
  + Use a local struct to group the entry address of the image being
    exec()'ed and the process credential changed flag to the exec
    handling hook inside hwpmc(4).

  usr.sbin/pmcstat/*:
  + Support "-k kernelpath", "-D sampledir".
  + Implement the ELF bits of 'gmon.out' profile generation in a new
    file "pmcstat_log.c".  Move all log related functions to this
    file.
  + Move local definitions and prototypes to "pmcstat.h"

- Other bug fixes:
  + lib/libpmc/pmclog.c: correctly handle EOF in pmclog_read().
  + sys/dev/hwpmc_mod.c: unconditionally log a PROCEXIT event to all
    attached PMCs when a process exits.
  + sys/sys/pmc.h: correct a function prototype.
  + Improve usage checks in pmcstat(8).

Approved by:	re (blanket hwpmc)
2005-06-30 19:01:26 +00:00
Paul Saab
cff2e749e2 Use SCTL_MASK32 to determine that the sysctl call is from a 32bit
binary for kern.cp_time.

Approved by:	re
2005-06-30 17:17:29 +00:00
Yoshihiro Takahashi
aa6218d73b MFi386: revision 1.615 (change kernel crashdump format to ELF).
Approved by:	re (scottl)
2005-06-30 15:26:03 +00:00
Peter Wemm
62919d788b Jumbo-commit to enhance 32 bit application support on 64 bit kernels.
This is good enough to be able to run a RELENG_4 gdb binary against
a RELENG_4 application, along with various other tools (eg: 4.x gcore).
We use this at work.

ia32_reg.[ch]: handle the 32 bit register file format, used by ptrace,
	procfs and core dumps.
procfs_*regs.c: vary the format of proc/XXX/*regs depending on the client
	and target application.
procfs_map.c: Don't print a 64 bit value to 32 bit consumers, or their
	sscanf fails.  They expect an unsigned long.
imgact_elf.c: produce a valid 32 bit coredump for 32 bit apps.
sys_process.c: handle 32 bit consumers debugging 32 bit targets.  Note
	that 64 bit consumers can still debug 32 bit targets.

IA64 has got stubs for ia32_reg.c.

Known limitations: a 5.x/6.x gdb uses get/setcontext(), which isn't
implemented in the 32/64 wrapper yet.  We also make a tiny patch to
gdb pacify it over conflicting formats of ld-elf.so.1.

Approved by:	re
2005-06-30 07:49:22 +00:00
Peter Wemm
d14b395392 Begin promoting the AMD-originated feature flags to first class flags, now
that newer Intel cpu hardware implements them too.  This includes things
like the NX (pte no-execute) flag for execute protection.  We'll need to
reference this for implementing no-exec in pmap.c at some point.

Some feature flags are duplicated in both the Intel-orignated bits and
the AMD bits.  Suppress the the duplicates correctly - the old code
assumed they were a 1:1 mapping which is not correct.  We can't just mask
off the bits present in cpu_feature.

Converge with amd64 where this originated from.

Intel cpu's that implement any AMD features will report them in dmesg now.

Approved by:	re
2005-06-30 06:44:34 +00:00
Peter Wemm
0ed48524c1 i386->amd64 sync
Add ath_hal and ichwd modules

Approved by:  re (blanked i386<->amd64 sync)
2005-06-30 05:37:48 +00:00
Peter Wemm
80a110932e Sync i386->amd64.
* Add ichwd (The Intel EM64T folks have an ICH)
* Cosmetic comment syncs
* Merge cpufreq change over to NOTES
* add pbio (it compiles, but isn't useful since no boxes have ISA slots)
* copy ath settings (note: wlan disabled here since its in global NOTES)
* copy profiling, including fixing a previous i386->amd64 merge typo.

Approved by:	re (blanket i386 <-> amd64 sync/convergence)
2005-06-30 05:33:26 +00:00
Peter Wemm
48033188a6 Second part of commit for moving KDB_STOP_NMI from opt_global.h to
opt_kdb.h.

Found by:     kris
Approved by:  re
2005-06-30 03:38:10 +00:00
Peter Wemm
2bdfd0d814 Add a special-case handler for general protection faults. It appears to
be possible to get the swapgs state reversed if doreti traps during
the iretq.  Attempt to handle this.  load_gs() might need special
handling too.  Running the kernel with the user's TLS and the
kernel's PCPU space interchanged would be bad(TM).

Discovered as a result of a conversation with:  bde
Approved by:  re
2005-06-30 00:26:54 +00:00
Peter Wemm
2de92a386e Conditionally weaken sys_generic.c rev 1.136 to allow certain dubious
ioctl numbers in backwards compatability mode.  eg: an IOC_IN ioctl with
a size of zero.  Traditionally this was what you did before IOC_VOID
existed, and we had some established users of this in the tree, namely
procfs.  Certain 3rd party drivers with binary userland components also
have this too.

This is necessary to have 4.x and 5.x binaries use these ioctl's.  We
found this at work when trying to run 4.x binaries.

Approved by:	re
2005-06-30 00:19:08 +00:00
Peter Wemm
b107fcf877 Add COMPAT_FREEBSD5
Approved by:	re
2005-06-30 00:09:18 +00:00
Peter Wemm
f0c6706de9 Move the KDB_STOP_NMI option from opt_global.h to opt_kdb.h
Approved by:	re
2005-06-29 23:23:16 +00:00
Peter Wemm
235a54de9d Switch AMD64 and i386 platforms to using ELF as their kernel crash
dump format.  The key reason to do this is so that we can dump sparse
address space.  For example, we need to be able to skip the PCI hole
just below the 4GB boundary.  Trying to destructively dump MMIO device
registers is Really Bad(TM).  The frequent result of trying to do a
crash dump on a machine with 4GB or more ram was ugly (lockup or reboot).

This code has been taken directly from the IA64 dump_machdep.c code,
with just a few (mostly minor) mods.

Introduce a dump_avail[] array in the machdep.c code so that we have a
source of truth for what memory is present in a machine that needs to be
dumped.  We can't use phys_avail[] because all sorts of things slice
memory out of it that we really need to dump.  eg: the vm page array
and the dmesg buffer.  dump_avail[] is pretty much an unmolested version
of phys_avail[].  It does have Maxmem correction.

Bump the i386 and amd64 dump format to version 2, but nothing actually
uses this.  amd64 was actually using the i386 dump version number.

libkvm support to follow.

Approved by:	re
2005-06-29 22:28:46 +00:00
Simon L. B. Nielsen
0a389eab22 Fix ipfw packet matching errors with address tables.
The ipfw tables lookup code caches the result of the last query.  The
kernel may process multiple packets concurrently, performing several
concurrent table lookups.  Due to an insufficient locking, a cached
result can become corrupted that could cause some addresses to be
incorrectly matched against a lookup table.

Submitted by:	ru
Reviewed by:	csjp, mlaier
Security:	CAN-2005-2019
Security:	FreeBSD-SA-05:13.ipfw

Correct bzip2 permission race condition vulnerability.

Obtained from:	Steve Grubb via RedHat
Security:	CAN-2005-0953
Security:	FreeBSD-SA-05:14.bzip2
Approved by:	obrien

Correct TCP connection stall denial of service vulnerability.

A TCP packets with the SYN flag set is accepted for established
connections, allowing an attacker to overwrite certain TCP options.

Submitted by:	Noritoshi Demizu
Reviewed by:	andre, Mohan Srinivasan
Security:	CAN-2005-2068
Security:	FreeBSD-SA-05:15.tcp

Approved by:	re (security blanket), cperciva
2005-06-29 21:36:49 +00:00
Andrew Thompson
49808fa4fc Sync if_bridge to NetBSD r1.31
Rename conflicting variables when handling SNAP Ethernet frames.

Obtained from:	NetBSD
Approved by:	mlaier (mentor)
Approved by:	re (blanket)
2005-06-29 19:23:32 +00:00
Damien Bergamini
0e8975d715 o Fix a write mbuf-after-free bug. The duration field of the 802.11 header
was written in the old fragmented mbuf chain instead of the defragmented
  one.  Thus, the duration field of outgoing frames was incorrect.

o Only call m_defrag() if the mbuf fragmentation threshold is greater
  than what is currently supported by the driver.

Reviewed by:    silby (mentor)
Approved by:    re (scottl)
2005-06-29 17:54:01 +00:00
Robert Watson
269c49d31b Regenerate after addition of audit event type number to syscalls.master
file format.

Approved by:	re (scottl)
2005-06-29 17:29:06 +00:00
Robert Watson
e099829817 During the system call table format change adding audit record event
fields for each system call, I missed two system call files because
they weren't named syscalls.master.  Catch up with this last two,
mapping the system calls to the NULL event for now.

Spotted by:	jhb
Approved by:	re (scottl)
2005-06-29 17:27:40 +00:00
John Baldwin
19042f9cce - Change the commented out freebsd32_xxx() example to use kern_xxx() along
with a single copyin() + translate and translate + copyout() rather than
  using the stackgap.
- Remove implementation of the stackgap for freebsd32 since it is no longer
  used for that compat ABI.

Approved by:	re (scottl)
2005-06-29 15:16:20 +00:00
John Baldwin
014693eb89 Increase MAXCPU to 16 in SMP kernels so that APIC IDs from 0 to 15 are
allowed for CPUs.

Tested by:	amd64 at cybernetwork dot org
Approved by:	re (scottl)
MFC after:	1 week
2005-06-29 15:13:25 +00:00
Mike Silbersack
a7b844d2be Fix the false memory modified after free messages some users have been
reporting - in my previous change, I missed the case where a mbuf
from the packet zone was freed back to the mbuf/packet keg, where
it was subsequently put into the mbuf zone and found not to contain
the expected trash.  This change adds the necessary trash_dtor call inside
mb_fini_pack so that everything is correct.

Thanks for Bosko for finding the bug and showing me how secondary zones
work.

Approved by:	re (dwhite)
2005-06-29 08:18:26 +00:00
Qing Li
16a2e0a6c8 Require gateways for routes to be of the same address family as the
route itself.

It fixes a bug where an IPv4 route for example has an IPv6 gateway
specified:

     route add 10.1.1.1 -inet6 fe80::1%fxp0

     Destination  Gateway       Flags  Refs  Use  Netif Expire
     10.1.1.1     fe80::1%fxp0  UGHS   0     0    fxp0

The fix rejects these illegal combinations:

     route: writing to routing socket: Invalid argument
     add host 10.1.1.1: gateway fe80::1%fxp0: Invalid argument

Reviewed by:	KAME jinmei@isl.rdc.toshiba.co.jp
Reviewed by:	andre (mentor)
Approved by:	re
MFC after:	5
2005-06-28 23:32:22 +00:00
Warner Losh
cdcf928a55 Add a chipset field to the lookup. Use this chipset type to determine
which command to use to read the eeprom and which devices have an MII.
Simplify code by no longer using the OLDCARD compat rouintes (I don't
know if this breaks OLDCARD on pc98 or not, but OLDCARD on pc98 days
are numbered, I hope).  This also removes a number of kludges that we
had before because they are OBE.  Add a convenience routine to lookup
the device to avoid many casts in many places.

Tested with: 3C589D-TP, 3CCSH572BT
Approved by: re (scottl, blanket ep)
2005-06-28 21:56:04 +00:00
Eric Anholt
324f92b9af Disable the drm_initmap calls in radeon_cp.c, due to them resulting in improper
handling of pci resources, and mapping framebuffer leading to panics on X
startup.  The proper solution involves use of bus_alloc_resource without
RF_ACTIVE, but this code is being rewritten in DRM CVS currently, and disabling
for now doesn't remove any features, so take the easy route.

PR:		kern/80718
Approved by:	re (scottl)
2005-06-28 21:38:08 +00:00
Søren Schmidt
c782b027b4 Zero donecount on auto request sense.
PR:		81450
Approved by:	re@ (scottl)
2005-06-28 09:06:52 +00:00
Bjoern A. Zeeb
066b192e3b Fix panic after ifnet changes in rev. 1.30. sc->sc_ifp is a
pointer now and needs to be allocated before using.

Reviewed by:	gnn
Approved by:	re (scottl), rwatson (mentor)
2005-06-28 06:55:45 +00:00
Xin LI
67c7ede6d2 Correct a comment in ucred.h.
Submitted by:	Wojciech A. Koszek <dunstan at freebsd czest pl>
PR:		kern/82708
Approved by:	re (scottl)
2005-06-28 02:23:56 +00:00
Marcel Moolenaar
c31450b00d Handle B-unit break instructions. The break.b is unique in that the
immediate is not saved by the architecture. Any of the break.{mifx}
instructions have their immediate saved in cr.iim on interruption.
Consequently, when we handle the break interrupt, we end up with a
break value of 0 when it was a break.b. The immediate is important
because it distinguishes between different uses of the break and
which are defined by the runtime specification.
The bottomline is that when the GNU debugger replaces a B-unit
instruction with a break instruction in the inferior, we would not
send the process a SIGTRAP when we encounter it, because the value
is not one we recognize as a debugger breakpoint.

This change adds logic to decode the bundle in which the break
instruction lives whenever the break value is 0. The assumption
being that it's a break.b and we fetch the immediate directly out
of the instruction. If the break instruction was not a break.b,
but any of break.{mifx} with an immediate of 0, we would be doing
unnecessary work. But since a break 0 is invalid, this is not a
problem and it will still result in a SIGILL being sent to the
process.

Approved by: re (scottl)
2005-06-27 23:51:38 +00:00
Marcel Moolenaar
fc37111e5d Replace the existing copyright notice with my own. Over the years I've
changed this file so much that it's equivalent to a rewrite, and I'm not
talking about any of the cosmetic changes of course.

Approved by: re (scottl)
2005-06-27 23:34:35 +00:00
Marcel Moolenaar
9701d67eb8 Cosmetic: s/u_int64_t/uint64_t/g
Approved by: re (scottl)
2005-06-27 23:29:06 +00:00
Paul Saab
5a53ca1627 - Postpone SACK option processing until after PAWS checks. SACK option
processing is now done in the ACK processing case.
- Merge tcp_sack_option() and tcp_del_sackholes() into a new function
  called tcp_sack_doack().
- Test (SEG.ACK < SND.MAX) before processing the ACK.

Submitted by:	Noritoshi Demizu
Reveiewed by:	Mohan Srinivasan, Raja Mukerji
Approved by:	re
2005-06-27 22:27:42 +00:00
Poul-Henning Kamp
dca9c930da Libalias incorrectly applies proxy rules to the global divert
socket: it should only look for existing translation entries,
not create new ones (no matter how it got the idea).

Approved by:	re(scottl)
2005-06-27 22:21:42 +00:00
Andrew Thompson
ca6c404ce3 Fix a panic when bringing up the bridge interface. We were casting a ifnet
pointer to a softc which is no longer valid since the ifnet struct was split
out from the softc.

Approved by:	mlaier (mentor)
Approved by:	re (blanket)
2005-06-27 21:58:12 +00:00
Olivier Houchard
63825b2f74 Use -mno-apcs-frame if DEBUG isn't defined.
Approved by:	re (blanket)
2005-06-27 14:33:32 +00:00
Søren Schmidt
4c2d9f25f3 Dont call ata_finish in ad_dump as that is no longer needed and causes panic.
Dont try to enable read/write caching on devices that doesn't support it,
this reduces the noise from ATA on flash devices and the like.

Approved by: re@ (scottl)
2005-06-27 09:12:11 +00:00
Gleb Smirnoff
961478afd1 Implement suspend/resume operation for snd_csa(4)
PR:		kern/82243
Submitted by:	Serge Semenenko
Approved by:	re (scottl)
MFC after:	1 month
2005-06-27 07:43:57 +00:00
Gleb Smirnoff
3a48a9fac9 - After LibAlias processing check for TCP packet with th_x2 field
set. If found, then recalculate its checksum.
- Remove debugging printfs.
- Slightly rearrange code in ng_nat_rcvdata().

Approved by:	re (scottl)
2005-06-27 07:39:13 +00:00
Gleb Smirnoff
59dde15e82 Disable checksum processing in LibAlias, when it works as a
kernel module. LibAlias is not aware about checksum offloading,
so the caller should provide checksum calculation. (The only
current consumer is ng_nat(4)). When TCP packet internals has
been changed and it requires checksum recalculation, a cookie
is set in th_x2 field of TCP packet, to inform caller that it
needs to recalculate checksum. This ugly hack would be removed
when LibAlias is made more kernel friendly.

Incremental checksum updates are left as is, since they don't
conflict with offloading.

Approved by:	re (scottl)
2005-06-27 07:36:02 +00:00
Mike Silbersack
cb6e5c1aba Change the panic in trash_ctor into just a printf for now. Once the reports
of panics in trash_ctor relating to mbufs have been examined and a fix
found, this will be turned back into a panic.

Approved by: re (rwatson)
2005-06-26 23:44:07 +00:00
Max Laier
889ad0384e Properly initialize ifq_maxlen for the defered send queue and make it
actually work.  Also use the right semantics for IF_HANDOFF to get correct
stats.

Reported and tested by:	Sascha Luck <sascha at c4inet dot net>
Approved by:		re (blanket)
2005-06-26 21:00:52 +00:00
David Malone
d446f3569c Add a quirk for a motherboard whose acpi timer runs too fast.
Approved by:	re (scottl)
Approved by:	nate
MFC after:	2 weeks
2005-06-26 18:19:14 +00:00
David Malone
01399f34a5 Fix some long standing bugs in writing to the BPF device attached to
a DLT_NULL interface. In particular:

        1) Consistently use type u_int32_t for the header of a
           DLT_NULL device - it continues to represent the address
           family as always.
        2) In the DLT_NULL case get bpf_movein to store the u_int32_t
           in a sockaddr rather than in the mbuf, to be consistent
           with all the DLT types.
        3) Consequently fix a bug in bpf_movein/bpfwrite which
           only permitted packets up to 4 bytes less than the MTU
           to be written.
        4) Fix all DLT_NULL devices to have the code required to
           allow writing to their bpf devices.
        5) Move the code to allow writing to if_lo from if_simloop
           to looutput, because it only applies to DLT_NULL devices
           but was being applied to other devices that use if_simloop
           possibly incorrectly.

PR:		82157
Submitted by:	Matthew Luckie <mjl@luckie.org.nz>
Approved by:	re (scottl)
2005-06-26 18:11:11 +00:00
Warner Losh
c4af929fb7 o When calling ep_get_macaddr(), provide it a local buffer. Add a comment
that says why we do this (or rather, explains that it is some voodoo magic
  that's poorly understood).  The local buffer fixes the crash on attach.
o Rename get_e() to ep_get_e() to avoid namespace pollution.

Submitted by: mux
Approved by: re (scottl)
2005-06-26 04:19:45 +00:00
Eric Anholt
11b0d58251 Make the initialization in the AGPv3 case match that of Linux. Fixes hangs on
X startup with DRI enabled, with a v3-capable card.

Tested by:	Tom McLaughlin <tmclaugh@sdf.lonestar.org>
Approved by:	re (scottl)
2005-06-26 04:01:11 +00:00
Stephan Uphoff
68d376254c Fix a timer ticks wrap around bug for minmssoverload processing.
Approved by:	re (scottl,dwhite)
MFC after:	4 weeks
2005-06-25 22:24:45 +00:00
Stephan Uphoff
769c6708cb Disable the interrupts in trap_fatal before calling kdb_trap.
(required now that critical sections no longer block interrupts)

Reviewed by:	jhb@
Approved by:	re (scottl)
Tested by:	kris@,glebius@
2005-06-25 22:14:42 +00:00
Dima Dorfman
1ee6b74603 Fix fdcheckstd to pass the file descriptor along through vn_open. When
opening a device, devfs_open needs the file descriptor to install its
own fileops. Failing to pass the file descriptor causes the vnode to
be returned with the regular vnops, which will cause a panic on the
first read or write because devfs_specops is not meant to support
those operations.

This bug caused a panic after exec'ing any set[ug]id program with
fds 0..2 closed (i.e., if any action had to be taken by fdcheckstd, we
would panic if the exec'd program ever tried to use any of those
descriptors).

Reviewed by:	phk
Approved by:	re (scottl)
2005-06-25 03:34:49 +00:00
Olivier Houchard
758c41b8cc - Use a TAILQ instead of parsing the array to find a free dmamap.
- Inline busdma_alloc_dmamap, busdma_free_dmamap and bus_dmamap_sync_buf.

Approved by:	re (blanket)
2005-06-24 23:57:27 +00:00