Commit Graph

91047 Commits

Author SHA1 Message Date
Poul-Henning Kamp
d5bde314e9 Duh! I misread my handwritte notes: We do _not_ want to asser that
vp == bp->b_vp in specfs, that was the entire point of VOP_SPECSTRATEGY().
2003-06-15 19:14:03 +00:00
Poul-Henning Kamp
cefb5754dd Add the same KASSERT to all VOP_STRATEGY and VOP_SPECSTRATEGY implementations
to check that the buffer points to the correct vnode.
2003-06-15 18:53:00 +00:00
Poul-Henning Kamp
76dbe2e720 Add my timecounter paper from EuroBSDcon2002 2003-06-15 18:49:46 +00:00
Poul-Henning Kamp
e5fb1850ae Remove in toto coda_strategy which incorrectly implemented vop_panic(); 2003-06-15 18:45:15 +00:00
Hiroki Sato
25e43d5c74 Merge entries from maho's USB device compatibility list.
Obtained from:	http://people.FreeBSD.org/~maho/USB/
2003-06-15 18:20:51 +00:00
Yaroslav Tykhiy
83efe35a66 Always set bio_resid properly in fdstrategy(),
as should every block device strategy routine.
There was at least one evil consequence of not doing so:
Some errors returned by fdstrategy() could be lost (EAGAIN,
in particular.)

PR:		kern/52338 (in the audit-trail)
Discussed with:	bde
2003-06-15 18:13:17 +00:00
Yaroslav Tykhiy
29ec21d1e3 Check whether the floppy type pointer has been set before trying
to access floppy parameters through it.

Note: The DIOCGSECTORSIZE and DIOCGMEDIASIZE handlers withing
fdioctl() couldn't be just moved to below the existing check
for blocking mode because fd->ft can be non-NULL while still
in non-blocking mode (fd->ft can be set with the FD_STYPE ioctl.)

PR:		kern/52338
No MFC:		Not applicable to STABLE
2003-06-15 16:18:58 +00:00
Robert Watson
2bceb0f2b2 Various cr*() calls believed to be MPSAFE, since the uidinfo
code is locked down.
2003-06-15 15:57:42 +00:00
Yaroslav Tykhiy
5d96084f89 Name a function argument "mbuf", not "buf", if it is
a pointer to struct mbuf for clarity and consistency.
2003-06-15 14:47:12 +00:00
Yaroslav Tykhiy
da72b9983c Add missing descriptions of macros M_ALIGN and MH_ALIGN.
Remove a reference to the defunct macro M_COPY_PKTHDR;
document the new functions m_dup_pkthdr() and m_move_pkthdr(),
and the macro variant of the latter, M_MOVE_PKTHDR().
2003-06-15 14:40:03 +00:00
Yaroslav Tykhiy
7b2fd1831f Add more markup to the mbuf(9) manpage. This includes:
- tagging plaintext "mbuf", "mbuf cluster", and "mbuf chain"
  with .Vt (variable type) since all of them are ways of managing
  data, i.e., they can be seen as data types;

- using .Vt/.Va instead of .Li (literal) where appropriate;

- tagging plaintext words that actually refer to function arguments
  with .Fa.

Suggested by:	ru
2003-06-15 14:14:11 +00:00
Mark Murray
1dd991a05b If lint(1) is not "lint", don't try to lint the xlint compat-libs. A
third-party lint is probably being used.
2003-06-15 13:03:37 +00:00
David Xu
cd4f6ebb13 1. Add code to support bound thread. when blocked, a bound thread never
schedules an upcall. Signal delivering to a bound thread is same as
   non-threaded process. This is intended to be used by libpthread to
   implement PTHREAD_SCOPE_SYSTEM thread.
2. Simplify kse_release() a bit, remove sleep loop.
2003-06-15 12:51:26 +00:00
Yaroslav Tykhiy
be82a0bc5a Use .Va, not .Fa, to refer to structure members.
mdoc(7) contains an ambiguous statement on the issue,
but our mdoc(7) police's opinion is solid.

Suggested by:	ru
2003-06-15 12:42:41 +00:00
Ian Dowse
688514ced0 If the device goes away during ulpt_reset(), make sure not to call
ulpt_status() afterwards. This fixes a crash that can occur if a
USB printer is power-cycled when printing is just starting. The
problem is similar to that fixed in revision 1.33, but it is much
less likely to occur.

MFC after:	1 week
2003-06-15 11:55:50 +00:00
Ian Dowse
4f1b457770 Don't overwrite the static panicstr buffer for secondary and further
panics. Before revision 1.38, we used to just point panicstr at the
format string if panicstr was NULL, but since we now use a static
buffer for the formatted panic message, we have to be careful to
only write to it during the first panic.

Pointed out by:	bde
2003-06-15 11:43:00 +00:00
Dag-Erling Smørgrav
79806b4cdc Use __builtin_alloca() on compilers that have it. Keep the prototype for
the benefit of lint and non-{GNU,Intel} compilers.
2003-06-15 11:01:52 +00:00
Dag-Erling Smørgrav
070d61acdc Remove the definition of alloca(), it does not belong here. 2003-06-15 10:59:44 +00:00
Martin Blapp
b77aeb1292 Kill prototype for __msgwrite too. It is not needed anymore. 2003-06-15 10:55:39 +00:00
Martin Blapp
dd01398df6 Fix the master yppasswd routines, so they really work
for root on ypmaster. yppasswd_local() did use YPPASSWDPROG
instead of MASTER_YPPASSWDPROG, and the domain was not set,
resulting in a coredump during xdr-encode.

Reviewed by:	des
2003-06-15 10:37:22 +00:00
Martin Blapp
ec01fc4f14 Fix the master yppasswd routines, so they really work
for root on ypmaster. Fix ypclnt_havepasswdd() to work
for AF_LOCAL connections.

Reviewed by:	des
2003-06-15 10:36:53 +00:00
Martin Blapp
9d09cc7ac8 Only call pw_mkdb if passfile == _PATH_MASTERPASSWD.
Otherwise, rename master.passwd to a temp filename, rename
the new passwd to master.passwd, and let yppwupdate update
passwd as it sees fit.

PR:		52601, 7968
Reviewed by:	des
Submitted by:	Dan Nelson <dnelson@allantgroup.com>
2003-06-15 10:34:11 +00:00
Martin Blapp
ce9bc43cb3 Replace the old SCM_CREDS cred procedures. They can now be
replaced just fine with getpeereid() and the whole code
gets a lot simpler. We don't break the ABI, since all server
programms use __rpc_get_local_uid(), and we just change library
internals.

Reviewed by:	des
2003-06-15 10:32:01 +00:00
Philippe Charnier
d005495293 err() on allocation failure. WARNS=9 compliant
use #if 0, #ifndef lint, #endif /* not lint */, #endif ordering
when a message is provided, use errx() instead of err().
2003-06-15 09:28:17 +00:00
Greg Lehey
872e095cc6 Document changes to default output. 2003-06-15 08:46:36 +00:00
Greg Lehey
a0a031aa9e Print out the current recording devices in the default printout.
Discussed with: cg

Break some particularly long lines.

Still not enough for:  bde.
2003-06-15 08:46:04 +00:00
Alan Cox
bf5f21b622 Remove an unnecessary forward declaration. 2003-06-15 07:28:33 +00:00
Robert Watson
aee1b42ab6 Now that the kernel access control for quotactl(2) appears to work
properly, clean up quota(1).  quota(1) has the ability to query
quotas either directly from the kernel, or if that fails, by reading
the quota.user or quota.group files specified for the file system
in /etc/fstab.  The setuid bit existed solely (apparently) to let
non-operator users query their quotas and consumption when quotas
weren't enabled for the file system.

o Remove the setuid bit from quota(1).

o Remove the logic used by quota(1) when running setuid to prevent
  users from querying the quotas of other users or groups.  Note
  that this papered over previously broken kernel access control;
  if you queried directly using the system call, you could access
  some of the data "restricted" by quota(1).

In the new world order, the ability to inspect the (live) quotas of
other uids and gids via the kernel is controlled by the privilege
requirement sysctl.  The ability to query via the file is controlled
by the file permissions on the quota database backing files
(root:operator, group readable by default).
2003-06-15 06:54:36 +00:00
Robert Watson
41b0d1a064 Now that the kernel access control for quotactl(2) appears to work
properly, clean up quota(1).  quota(1) has the ability to query
quotas either directly from the kernel, or if that fails, by reading
the quota.user or quota.group files specified for the file system
in /etc/fstab.  The setuid bit existed solely (apparently) to let
non-operator users query their quotas and consumption when quotas
weren't enabled for the file system.

o Remove the setuid bit from quota(1).

o Remove the logic used by quota(1) when running setuid to prevent
  users from querying the quotas of other users or groups.  Note
  that this papered over previously broken kernel access control.
2003-06-15 06:46:24 +00:00
Robert Watson
44533b1722 Re-implement kernel access control for quotactl() as found in the
UFS quota implementation.  Push some quite broken access control
logic out of ufs_quotactl() into the individual command
implementations in ufs_quota.c; fix that logic.  Pass in the thread
argument to any quotactl command that will need to perform access
control.

o quotaon() requires privilege (PRISON_ROOT).

o quotaoff() requires privilege (PRISON_ROOT).

o getquota() requires that:

    If the type is USRQUOTA, either the effective uid match the
    requested quota ID, that the unprivileged_get_quota flag be
    set, or that the thread be privileged (PRISON_ROOT).

    If the type is GRPQUOTA, require that either the thread be
    a member of the group represented by the requested quota ID,
    that the unprivileged_get_quota flag be set, or that the
    thread be privileged (PRISON_ROOT).

o setquota() requires privilege (PRISON_ROOT).

o setuse() requires privilege (PRISON_ROOT).

o qsync() requires no special privilege (consistent with what
  was present before, but probably not very useful).

Add a new sysctl, security.bsd.unprivileged_get_quota, which when
set to a non-zero value, will permit unprivileged users to query user
quotas with non-matching uids and gids.  Set this to 0 by default
to be mostly consistent with the previous behavior (the same for
USRQUOTA, but not for GRPQUOTA).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-06-15 06:36:19 +00:00
Robert Watson
a78d3eaffc Tighten up the string->integer conversion in sysctl(8):
(1) Reject zero-length strings for CTLTYPE_INT, _UINT, _LONG,
    _ULONG.  Do not silently convert to 0.

(2) When converting CTLTYPE_INT, _UINT, _LONG, and _ULONG, check the
    end pointer generated by strtol() and strtoul() rather than
    discarding it.  Reject the string if either none of the string
    was useful for conversion to an integer, or if there was
    trailing garbage.

I.e., we will not allow you to set a numeric sysctl to a value unless
we can completely convert the string argument to a numeric value.
I tripped over this when I put the following in /etc/sysctl.conf:

   kern.maxfiles="4000"

Ouch.
2003-06-15 06:26:08 +00:00
Yoshihiro Takahashi
47030ceaf2 Disable unneeded devices and options. 2003-06-15 04:31:52 +00:00
Yoshihiro Takahashi
6a6d2999d8 Remove CPU_ATHLON_SSE_HACK option. 2003-06-15 04:29:37 +00:00
Yoshihiro Takahashi
97caa42aea Include "../Makefile.inc" 2003-06-15 04:27:22 +00:00
Yoshihiro Takahashi
a252a7bf01 Most power management devices don't exist on pc98. 2003-06-15 04:24:28 +00:00
Warner Losh
e45d184c46 The en module has been broken for the last 40 hours. Disconnect it
from the tree until it is fixed.  Since it is an atm driver, it isn't
commonly used so this will not negatively impact too many people.
harti can reconnect it when he resurfaces and corrects the en module
problems.  This should allow snapshots to start succeeding again.

Reported by: lots of people
2003-06-15 04:15:29 +00:00
Jeff Roberson
3c12473229 - Increase the ksegrp's cpu time history buffer to 250ms.
- Decrease the history buffer divisor to 2 so that we remember more of the
   old behavior.
2003-06-15 04:14:25 +00:00
Hidetoshi Shimokawa
0bc666e09b - Enable support for building Configuration ROM.
- Improve probe message for S800 chips.
2003-06-15 04:09:26 +00:00
David Xu
d8406ada91 P_THREADED was renamed to P_SA, follow up. 2003-06-15 03:42:04 +00:00
Hidetoshi Shimokawa
b83977f0a4 Fix crom_add_simple_text().
Bytewap Configuration ROM image.
2003-06-15 03:22:30 +00:00
Hidetoshi Shimokawa
19fc8e7c05 Add CSRVAL_VENDOR_PRIVATE. 2003-06-15 03:19:55 +00:00
David Xu
1d5a24bec6 1. Migrate TDF_UPCALLING from td_flags to td_pflags.
2. Add a flag TDF_SA, it will be used to distinguish SA
   based thread from bound thread.
2003-06-15 03:18:58 +00:00
John-Mark Gurney
9bf69bf27a fix a couple typos in the comments
From NetBSD's bootpd (in src/usr.sbin/bootp)
2003-06-15 03:08:37 +00:00
John-Mark Gurney
b6a0d4720e fix bootpd to use fd_set. For some reason on Sparc, using int with
select is broken.
2003-06-15 03:05:14 +00:00
John-Mark Gurney
9c6bbd7d32 make rarpd use in_addr_t instead of u_long since this is neccessary
on 64bit platforms

ok'd by: silence
2003-06-15 03:00:22 +00:00
Jeff Roberson
b41f3d22cc - Cap the growth of sleep and run time in sched_exit_kse(). 2003-06-15 02:52:29 +00:00
David Schultz
3bb3827fcf Fix some style problems, some of which are old, some new, and some
inherited from UFS.

Requested by:	bde, njl
2003-06-15 02:21:13 +00:00
Jeff Roberson
210491d3d9 - Fix the maximum slice value. I accidentally checked in a value of '2'
which meant no process would run for longer than 20ms.
 - Slightly redo the interactivity scorer.  It follows the same algorithm but
   in a slightly more correct way.  Previously values above half were
   incorrect.
 - Lower the interactivity threshold to 20.  It seems that in testing non-
   interactive tasks are hardly ever near there and expensive interactive
   tasks can sometimes surpass it.  This area needs more testing.
 - Remove an unnecessary KTR.
 - Fix a case where an idle thread that had an elevated priority due to
   priority prop. would be placed back on the idle queue.
 - Delay setting NEEDRESCHED until userret() for threads that haad their
   priority elevated while in kernel.  This gives us the same context switch
   optimization as SCHED_4BSD.
 - Limit the child's slice to 1 in sched_fork_kse() so we detect its behavior
   more quickly.
 - Inhert some of the run/slp time from the child in sched_exit_ksegrp().
 - Redo some of the priority comparisons so they are more clear.
 - Throttle the frequency of sched_pctcpu_update() so that rounding errors
   do not make it invalid.
2003-06-15 02:18:29 +00:00
Hiroki Sato
1356c67ebe Merge the following from the English version:
1.158 -> 1.159	hardware/common/dev.sgml
2003-06-15 02:10:37 +00:00
Greg Lehey
be05126e24 check_drive: If the partition isn't a Vinum drive, release it again
and return NULL.

vinum_scandisk: Don't handle NULL device pointers.
	        Only look at compatibility partition for i386.  This
	        is a kludge which should go away once I have adequate
	        documentation for the New World Order.

Together, these fixes remove occasional error messages about
non-existent drives.  They may also fix a number of problems that have
been reported without a PR.

PRs: None
2003-06-15 01:42:01 +00:00