the default rule number but also the maximum rule number. User space
software such as ipfw and natd should be aware of its value. The
software that already includes ip_fw.h should use the defined value. All
other a expected to use sysctl (as discussed on net@).
MFC after: 5 days.
Discussed on: net@
As discussed with Robert on IRC, checking the permissions on
/dev/console to see if we can call TIOCCONS could be unreliable. When we
run a chroot() without a devfs instance mounted inside, it won't
actually check the permissions on the device node inside the devfs
instance.
Using the already existing PRIV_TTY_CONSOLE for this seems like a better
idea.
Approved by: rwatson
Initially, 'acl' (an 'acl_t *') is allocated, and its ACCESS_ACL and
DEFAULT_ACL fields are passed to the 'libc' ACL routines for subsequent
allocation. If the '-m' option (merge existing ACL with a new one) is
specified, then 'set_acl_mask()' will be called and passed one of the
two ACLs. This function, in turn, replaces this given ACL structure by
another, freshly allocated. However, the pointer in the 'acl' variable
in the caller is not updated. The caller then proceeds to free the ACL,
incurring in a double free condition.
Submitted by: Pedro Martelletto <pedro at ambientworks.net>
Approved by: rwatson (mentor)
reading from EEPROM doesn't seem to work on these controllers.
Reported by: Milan Obuch ( freebsd-net at dino dot sk )
Tested by: Milan Obuch ( freebsd-net at dino dot sk )
driver will need more serious help to work with an interrupt driven
path. There's many subtleties in driving the DMA engine with
interrupts in many configurations. Best to not "guess" what the right
way would be and mislead people.
memory allocation. It was change to include the range in the normal
memory area, so these ifdef'd out special cases are no longer useful
to keep around.
the device indicates that it wasn't able to write all the data in the
buffer out.
Ed Schouten doesn't like the idea of a panic here. I think for
production code, we need something better. For right now, while we're
trying to assess the impact of this issue, a panic is OK. So complain
to me, not him if this is hit.
that belong in a character class, and (2) one for matching all
the characters *not* in a character class.
Submitted by: Mark B, mkbucc at gmail.com
MFC after: 3 days
- The vnode has to be locked exclusively before calling insmntque().
- Until I find a way to handle insmntque() failures use VV_FORCEINSMQ flag
to force insmntque() to always succeed.
Reported by: kris, trasz, des, others
Suggested by: kib
Tested by: trasz