Commit Graph

148450 Commits

Author SHA1 Message Date
Konstantin Belousov
e0c161b89c Add another flags argument to vn_open_cred. Use it to specify that some
vn_open_cred invocations shall not audit namei path.

In particular, specify VN_OPEN_NOAUDIT for dotdot lookup performed by
default implementation of vop_vptocnp, and for the open done for core
file. vn_fullpath is called from the audit code, and vn_open there need
to disable audit to avoid infinite recursion. Core file is created on
return to user mode, that, in particular, happens during syscall return.
The creation of the core file is audited by direct calls, and we do not
want to overwrite audit information for syscall.

Reported, reviewed and tested by: rwatson
2009-06-21 13:41:32 +00:00
Stanislav Sedov
c61860f8a6 - Eliminate extra subcs instruction. I have not noticed before that we
always perform substraction now, so no instruction could be rordered
  to eliminate the conditional substraction.
2009-06-21 13:15:56 +00:00
Remko Lodder
b24516038c use PROTO_DEFAULT.
Requested by:	hps
2009-06-21 13:13:13 +00:00
Stanislav Sedov
aa79fe245d - Fix strncmp on arm. Return 0 as result without performing the
main cycle only if the len passed is equal to 0. If end address
  overflows use last possible address as the end address.

Based on:	discussion on arm@
MFC after:	1 month
2009-06-21 12:58:56 +00:00
Remko Lodder
2088cbe832 Add support for the Myson Heden 8813.
Note that I also added the usbdev to the list, because the 8813 version
is not yet known there. I might have twisted the sorting there but because
8813 comes before 8818, I added it before that (with _8813 to differentiate)
the item.

PR:		135628
Submitted by:	Yoshikazu GOTO <goto at on-link dot jp>
Approved by:	imp (mentor, implicit)
2009-06-21 11:21:16 +00:00
Roman Divacky
e40bae9a45 Switch cmd argument to u_long. This matches what if_ethersubr.c does and
allows the code to compile cleanly on amd64 with clang.

Reviewed by:	rwatson
Approved by:	ed (mentor)
2009-06-21 10:29:31 +00:00
Robert Watson
941c2e1cd1 Remove historical support for capturing IPX packets in the output path
using raw IPX sockets.  While functional, this support is disabled
using a flag that can't be changed from userspace, and google reveals
no documentation or use of that flag anywhere.  This eliminates a
potential lock order reversal and code reentrance issue in which the
output path reentered the input path in IPX.

An alternative to removal would be to use the netisr, as a comment I
added in 2005 suggests.  While this change is fairly straight-forward,
the lack of any consumers or the easy possibility of consumers (kernel
modification and recompile required) suggests that this is simply an
unused feature.

Update README to remove this TODO, and a TODO regarding IPX/IP
encapsulation which was also removed a few years ago.

MFC after:	1 week
2009-06-21 10:10:44 +00:00
Xin LI
4ca8a62bb3 Add support for uncompressing pack(1)'ed files. Pack(1) is a program found
in some commercial Unix systems, which utilizes Huffman minimum redundancy
code tree to compress files.  This implementation supports the "new" pack
format only, just like GNU gzip did.

Thanks for oliver@'s archive set which I can test against, and Mingyan Guo
for providing helpful review of my code.

PR:		bin/109567
MFC after:	1 month
2009-06-21 09:39:43 +00:00
Roman Divacky
20a0556c59 In non-debugging mode make this define (void)0 instead of nothing. This
helps to catch bugs like the below with clang.

	if (cond);		<--- note the trailing ;
	   something();

Approved by:	ed (mentor)
Discussed on:	current@
2009-06-21 09:01:12 +00:00
Roman Divacky
2b7d10c225 In non-debugging mode make this define (void)0 instead of nothing. This
helps to catch bugs like the below with clang.

	if (cond);		<--- note the trailing ;
	   something();

Approved by:	ed (mentor)
Discussed on:	current@
2009-06-21 08:49:06 +00:00
Roman Divacky
23057f089b In non-debugging mode make this define (void)0 instead of nothing. This
helps to catch bugs like the below with clang.

	if (cond);		<--- note the trailing ;
	   something();

Approved by:	ed (mentor)
Discussed on:	current@
2009-06-21 08:36:30 +00:00
Roman Divacky
f7490cfe01 In non-debugging mode make this define (void)0 instead of nothing. This
helps to catch bugs like the below with clang.

	if (cond);		<--- note the trailing ;
	   something();

Approved by:	ed (mentor)
Discussed on:	current@
2009-06-21 07:54:47 +00:00
Pyun YongHyeon
b96ad4b205 For ICH based fxp(4) controllers treat them as 82559 compatibles.
To detect which controller is ICH based one, add a new member
variable ich to struct fxp_ident and move the struct to
if_fxpvar.h. Since I've faked controller revision, don't allow
microcode loading for ICH based controllers.
With this change all ICH based controllers will have WOL and Rx
checksum offload capability.

PR:		kern/135451
Tested by:	Alexey Shuvaev ( shuvaev <> physik dot uni-wuerzburg dot de ),
		pluknet ( pluknet <> gmail dot com ),
		Gary Jennejohn ( gary.jennejohn <> freenet dot de )
2009-06-21 07:34:12 +00:00
Pyun YongHyeon
6b24912cd9 Overhaul fxp(4) multicast filter programming. fxp(4) hardwares do
not allow multicast filter programming when controller is busy to
send/receive frames. So it used to mark need_mcsetup bit and defer
multicast filter programming until controller becomes idle state.
To detect when the controller is idle fxp(4) relied on Tx
completion interrupt with NOP command and fxp_start_body and
fxp_intr_body had to see whether pending multicast filter
programming was requested. This resulted in very complex logic and
sometimes it did not work as expected.
Since the controller should be in idle state before any multicast
filter modifications I changed it to reinitialize the controller
whenever multicast filter programming is required. This is the same
way what OpenBSD and NetBSD does. Also I added IFF_DRV_RUNNING
check in ioctl handler so controller would be reinitialized only if
it is absolutely needed.
With this change I guess we can remove fxp(4) DELAY hack in ifioctl
for IPv6 case.
2009-06-21 07:17:49 +00:00
Pyun YongHyeon
c109e385f6 Always check fxp(4) is running, see if it can accept frames from
upper stack in fxp_start_body().
fxp(4) drops driver lock in Rx path so check the fxp(4) is still
running after reacquiring driver lock in Rx path. Also don't
invoke fxp_intr_body if fxp(4) is not running. With this change
there is no need to set suspend bit in device attach phase.
2009-06-21 06:46:32 +00:00
Pyun YongHyeon
43d8b117e4 Don't blindly enable Rx lock-up workaround. Newer chips do not need
the Rx lock-up workaround.

Obtained from:	NetBSD
2009-06-21 06:27:35 +00:00
Pyun YongHyeon
a996f02399 Due to possible PCI bus lock-up issues fxp(4) didn't perform full
hardware reset in attach phase. Selective reset does not clear
configured parameters so I think full hardware reset is required.
To prevent PCI bus lock-up, do selective reset first which will get
off the controller from PCI bus and request software reset after
selective reset. Software reset will unmask interrupts so disable
it after the reset.
2009-06-21 06:18:19 +00:00
Pyun YongHyeon
a2057a72e9 Introduce Rx mbuf dma tag and use it in Rx path. Previously it used
common mbuf dma tag for both Tx and Rx path but Rx buffer should
have single DMA segment and maximum buffer size of the segment
should be less than MCLBYTES.
fxp(4) also have to check Tx completion status which was updated by
DMA so we need BUS_DMASYNC_PREREAD and BUS_DMASYNC_POSTWRITE
synchronization in Tx path. Fix all misuse of bus_dmamap_sync(9) in
fxp(4). I guess this change shall fix occasional driver breakage in
PAE environments.

While I'm here add error messages of dma tag/buffer creation and
correct messages.
2009-06-21 06:06:43 +00:00
Alexander Kabaev
c78339e9d8 Compile static gcov library with -fPIC to match what stock GCC builds
are doing. This is required for libgcov.a to be usable on amd64.

Reported by:	stas
2009-06-21 01:54:47 +00:00
Kip Macy
e321e16bfb fix !x86 cxgb compile 2009-06-21 01:17:38 +00:00
Alan Cox
6f0489c670 Strive for greater consistency among the places that implement real,
fictious, and contiguous page allocation.  Eliminate unnecessary
reinitialization of a page's fields.
2009-06-21 00:21:33 +00:00
Robert Watson
c0a8cee371 Implement socket delivery MAC checks for IPX/SPX.
Obtained from:	TrustedBSD Project
MFC after:	3 days
2009-06-20 23:38:21 +00:00
Jilles Tjoelker
deb090cba3 Fix race condition in noclobber option.
Formerly, it was possible for the file to be created between the check if it
existed and the open; the contents would then be lost.

Because this must use O_EXCL, noclobber > will not create a file through a
symlink anymore. This agrees with behaviour of other shells.

Approved by:	ed (mentor) (implicit)
2009-06-20 20:44:27 +00:00
Remko Lodder
556de497fa Add architecture support for TinyBSD
PR:		135301
Submitted by:	Olivier Cochard-Labbe <olivier at cochard dot me>
Reviewed by:	Jean Milanez Melo <jmelo at freebsdbrasil dot com dot br> (maintainer)
Approved by:	imp (mentor, implicit)
MFC after:	1 week
2009-06-20 20:35:50 +00:00
Brooks Davis
7f92e57820 Change crsetgroups_locked() (called by crsetgroups()) to sort the
supplemental groups using insertion sort.  Use this property in
groupmember() to let us use a binary search instead of the previous
linear search.
2009-06-20 20:29:21 +00:00
Robert Watson
5e1f7b807d If the label being printed by getpmac(8) is empty, then don't print a
carriage return.

Obtained from:	TrustedBSD Project
MFC after:	3 days
2009-06-20 20:22:11 +00:00
Kip Macy
8b6dccee61 fix typo in conditional 2009-06-20 19:09:41 +00:00
Kip Macy
75417d6de3 - fix dma map handling for !x86 case
- fix allocation failure handing in refill_fl
2009-06-20 18:57:14 +00:00
Brooks Davis
87ecedf4f8 Use NGROUPS instead of NGROUPS_MAX as the limits on setgroups and
getgroups for ibcs emulation.  It seems vanishingly likely any
programs will actually be affected since they probably assume a much
lower value and use a static array size.
2009-06-20 18:52:02 +00:00
Robert Watson
395262b517 Remove definition of dtom(), which converted a data pointer into a
pointer to the containing mbuf.  This eliminates a strong assumption
about the layout of network buffer memory, giving us greater
flexibility to revise mbuf semantics in the future.
2009-06-20 18:27:19 +00:00
Brooks Davis
5255c009dd Restore the check against running as root that I accidentally removed in
r194493.
2009-06-20 18:24:29 +00:00
Robert Watson
c28aedefd8 Rework SPX segment reassembly, which was originally based on our TCP
reassembly but failed to be modernized over time:

- Use queue(9).
- Specifically allocate queue entries of type M_SPXREASSQ to point at
  member mbufs, rather than casting mbuf data to 'spx_q'.
- Maintain the mbuf pointer as part of the queue entry so that we can
  later free the mbuf without using dtom().
2009-06-20 18:24:25 +00:00
Robert Watson
046a577d69 Up the scale of the SPX loopback check a bit: use much larger data sizes
so that we need to do segmentation.
2009-06-20 18:13:20 +00:00
Robert Watson
11dd0af11d Invoke the MAC Framework's mac_socket_create_mbuf() entry point when
generating IPX output for SPX sockets.

Obtained from:	TrustedBSD Project
2009-06-20 17:44:04 +00:00
Robert Watson
3b9fec2ed0 Invoke the MAC Framework's mac_socket_create_mbuf() entry point when
generating IPX output for raw and datagram IPX sockets.

Obtained from:	TrustedBSD Project
2009-06-20 17:42:53 +00:00
Robert Watson
4211da4eb6 Don't lock sockets around calls to mac_socket_create_mbuf() -- policies
are now expected to acquire the socket lock if they require them.

Obtained from:	TrustedBSD Project
2009-06-20 17:28:38 +00:00
Rick Macklem
73c8b6d377 Delete the declaration of an unused variable so that it will build.
Approved by:	rwatson (mentor)
2009-06-20 17:16:29 +00:00
Rick Macklem
65cc6600c5 Replace RPCAUTH_UNIXGIDS with NFS_MAXGRPS so that nfscbd.c will build.
Approved by:	kib (mentor)
2009-06-20 17:11:07 +00:00
Robert Noland
e23637d17b The G45 docs indicate that all G4X chips use the new framecount register.
Intel agrees with my reading of the docs, make it so for all G4X chips.

The new register also has a 32 bit width as opposed to 24 bits.  Fix
things up so that the counters roll over properly.

MFC after:	3 days
2009-06-20 16:45:14 +00:00
Robert Noland
e8ca7a9956 realloc() behaves identically to malloc when passed a NULL object pointer
If an error does occur we would have left max_context with an incorrect
value.

MFC after:	3 days
2009-06-20 16:40:48 +00:00
Ed Schouten
148747c2b7 Add placeholder to prevent reuse of privilege 254.
Requested by:	rwatson
2009-06-20 16:39:25 +00:00
Robert Noland
4949d88192 Don't panic if drm_rmmap is called with a NULL map pointer.
MFC after:	3 days
2009-06-20 16:37:24 +00:00
Ed Schouten
6c9e1a22ef Improve sentence and add reference to openpty(3). Add missing newlines. 2009-06-20 16:30:32 +00:00
Ed Schouten
fbbbf5d135 Chase the removal of PRIV_TTY_PRISON in the mac(9) modules.
Reported by:	kib
Pointy hat to:	me
2009-06-20 15:54:35 +00:00
Ed Schouten
f8f6146082 Improve nested jail awareness of devfs by handling credentials.
Now that we start to use credentials on character devices more often
(because of MPSAFE TTY), move the prison-checks that are in place in the
TTY code into devfs.

Instead of strictly comparing the prisons, use the more common
prison_check() function to compare credentials. This means that
pseudo-terminals are only visible in devfs by processes within the same
jail and parent jails.

Even though regular users in parent jails can now interact with
pseudo-terminals from child jails, this seems to be the right approach.
These processes are also capable of interacting with the jailed
processes anyway, through signals for example.

Reviewed by:	kib, rwatson (older version)
2009-06-20 14:50:32 +00:00
Alexander Kabaev
6c3154f6a1 Allow order of initialization of loaded shared objects to be
altered through their .init code. This might happen if init
vector calls dlopen on its own and that dlopen causes some not
yet initialized object to be initialized earlier as part of that
dlopened DAG.

Do not reset module reference counts to zero on final fini vector
run when process is exiting. Just add an additional parameter to
force fini vector invocation regardless of current reference count
value if object was not destructed yet. This allows dlclose called
from fini vector to proceed normally instead of failing with handle
validation error.

Reviewed by:	kib
Reported by:	venki kaps
2009-06-20 14:16:41 +00:00
Dag-Erling Smørgrav
84e3202f58 Rewrap; this was getting painful. Translators can ignore this.
MFC after:	1 week
2009-06-20 10:09:59 +00:00
Dag-Erling Smørgrav
e83105d1d9 Reword.
MFC after:	1 week
2009-06-20 10:06:10 +00:00
Stanislav Sedov
65a570613a - Include rpcv2.h before other NFS includes. That allows nfscbd to
compile.
2009-06-20 08:46:40 +00:00
Tim Kientzle
e8d60260d7 Fix "tar --options=iso9660:joliet" and other uses
of format-specific options.
2009-06-20 06:02:21 +00:00