157668 Commits

Author SHA1 Message Date
rwatson
3e2e3a5984 Don't lock sockets around calls to mac_socket_create_mbuf() -- policies
are now expected to acquire the socket lock if they require them.

Obtained from:	TrustedBSD Project
2009-06-20 17:28:38 +00:00
rmacklem
b892ccc414 Delete the declaration of an unused variable so that it will build.
Approved by:	rwatson (mentor)
2009-06-20 17:16:29 +00:00
rmacklem
7dbb188309 Replace RPCAUTH_UNIXGIDS with NFS_MAXGRPS so that nfscbd.c will build.
Approved by:	kib (mentor)
2009-06-20 17:11:07 +00:00
rnoland
4f053b7460 The G45 docs indicate that all G4X chips use the new framecount register.
Intel agrees with my reading of the docs, make it so for all G4X chips.

The new register also has a 32 bit width as opposed to 24 bits.  Fix
things up so that the counters roll over properly.

MFC after:	3 days
2009-06-20 16:45:14 +00:00
rnoland
36023fcd02 realloc() behaves identically to malloc when passed a NULL object pointer
If an error does occur we would have left max_context with an incorrect
value.

MFC after:	3 days
2009-06-20 16:40:48 +00:00
ed
97ecde77c2 Add placeholder to prevent reuse of privilege 254.
Requested by:	rwatson
2009-06-20 16:39:25 +00:00
rnoland
4b0b98bba1 Don't panic if drm_rmmap is called with a NULL map pointer.
MFC after:	3 days
2009-06-20 16:37:24 +00:00
ed
ed4bbcb2e7 Improve sentence and add reference to openpty(3). Add missing newlines. 2009-06-20 16:30:32 +00:00
ed
902364f29d Chase the removal of PRIV_TTY_PRISON in the mac(9) modules.
Reported by:	kib
Pointy hat to:	me
2009-06-20 15:54:35 +00:00
ed
63a4c7f522 Improve nested jail awareness of devfs by handling credentials.
Now that we start to use credentials on character devices more often
(because of MPSAFE TTY), move the prison-checks that are in place in the
TTY code into devfs.

Instead of strictly comparing the prisons, use the more common
prison_check() function to compare credentials. This means that
pseudo-terminals are only visible in devfs by processes within the same
jail and parent jails.

Even though regular users in parent jails can now interact with
pseudo-terminals from child jails, this seems to be the right approach.
These processes are also capable of interacting with the jailed
processes anyway, through signals for example.

Reviewed by:	kib, rwatson (older version)
2009-06-20 14:50:32 +00:00
kan
51b981d72b Allow order of initialization of loaded shared objects to be
altered through their .init code. This might happen if init
vector calls dlopen on its own and that dlopen causes some not
yet initialized object to be initialized earlier as part of that
dlopened DAG.

Do not reset module reference counts to zero on final fini vector
run when process is exiting. Just add an additional parameter to
force fini vector invocation regardless of current reference count
value if object was not destructed yet. This allows dlclose called
from fini vector to proceed normally instead of failing with handle
validation error.

Reviewed by:	kib
Reported by:	venki kaps
2009-06-20 14:16:41 +00:00
des
65fed99c3c Rewrap; this was getting painful. Translators can ignore this.
MFC after:	1 week
2009-06-20 10:09:59 +00:00
des
c336f71c8f Reword.
MFC after:	1 week
2009-06-20 10:06:10 +00:00
stas
609c925aa4 - Include rpcv2.h before other NFS includes. That allows nfscbd to
compile.
2009-06-20 08:46:40 +00:00
kientzle
19f69f425d Fix "tar --options=iso9660:joliet" and other uses
of format-specific options.
2009-06-20 06:02:21 +00:00
marcel
1c7681de49 Drop the high FP state of an exiting thread in cpu_thread_exit() and
not in cpu_exit(). The latter is called after td_md.md_highfp_mtx
has been destroyed, which results in a race condition when another
thread wants to use the high FP registers on the CPU that still has
the high FP registers in question.
2009-06-20 05:36:53 +00:00
rmacklem
40e33db11b Change the size of the nfsc_groups[] array in the experimental nfs
client to RPCAUTH_UNIXGIDS + 1 (17), since that is what can go on
the wire for AUTH_SYS authentication.

Reviewed by:	brooks
Approved by:	kib (mentor)
2009-06-20 00:54:57 +00:00
np
5bbf1e2151 Make puc(4) aware of this 2 port serial card based on NetMos 9835:
puc0@pci0:4:1:0:       class=0x070002 card=0x00021000 chip=0x98359710 rev=0x01 hdr=0x00

Reviewed by:	marcel@
Approved by:	gnn (mentor)
2009-06-20 00:04:48 +00:00
kmacy
473a60e6d2 Greatly simplify cxgb by removing almost all of the custom mbuf management logic
- remove mbuf iovec - useful, but adds too much complexity when isolated to
   the driver

- remove driver private caching - insufficient benefit over UMA to justify
  the added complexity and maintenance overhead

- remove separate logic for managing multiple transmit queues, with the
  new drbr routines the control flow can be made to much more closely resemble
  legacy drivers

- remove dedicated service threads, with per-cpu callouts one can get the same
  benefit much more simply by registering a callout 1 tick in the future if there
  are still buffered packets

- remove embedded mbuf usage - Jeffr's changes will (I hope) soon be integrated
  greatly reducing the overhead of using kernel APIs for reference counting
  clusters

- add hysteresis to descriptor coalescing logic

- add coalesce threshold sysctls to allow users to decide at run-time
  between optimizing for forwarding / UDP or optimizing for TCP

- add once per second watchdog to effectively close the very rare races
  occurring from coalescing

- incorporate Navdeep's changes to the initialization path required to
  convert port and adapter locks back to ordinary mutexes (silencing BPF
  LOR complaints)

- enable prefetches in get_packet and tx cleaning

Reviewed by:	navdeep@
MFC after:	2 weeks
2009-06-19 23:34:32 +00:00
kmacy
6154623e0c add helper function for flushing software queues 2009-06-19 23:11:20 +00:00
jilles
4466baff5e Add tests for r194406 and r194516.
Approved by:	ed (mentor)
2009-06-19 22:15:59 +00:00
jilles
1ebc51d79b Fix some issues with quoted output and shorten it in some cases.
Output quoted suitable for re-input to the shell occurs in
various cases such as 'set', 'trap'.

Bugfix: *, ? and [ must be quoted (except sole [)
Bugfix: ~ and # must be quoted (really only sometimes, but keep it simple)
Bugfix: space, tab and newline must always be quoted
Shortening: other IFS characters do not need quoting
Bugfix: send to correct output file, not hard-coded stdout
Shortening: avoid unnecessary '' with \'

Approved by:	ed (mentor)
2009-06-19 22:09:55 +00:00
kmacy
573bf49614 define helper routines for deferred mbuf initialization 2009-06-19 21:14:39 +00:00
bz
55f6868044 Move setting of ports from NAT-T below key_getsah() and actually
below key_setsaval().
Without that, the lookup for the SA had failed as we were looking for
a SA with the new, updated port numbers instead of the old ones and
were comparing the ports in key_cmpsaidx().
This makes updating the remote -> local SA on the initiator work again.

Problem introduced with:	p4 changeset 152114
2009-06-19 21:01:55 +00:00
csjp
888867acdc Implement the -z (zero counters) option for the various bpf counters.
Add necessary changes to the kernel for this (basically introduce a
bpf_zero_counters() function).  As well, update the man page.

MFC after:	1 month
Discussed with:	rwatson
2009-06-19 20:31:44 +00:00
delphij
aed2d90f26 Two fixes for SMALL case when compiling with WARNS=6:
- Reduce scope where return value can be referenced.
 - Add a dummy access to timestamp to silence warning.

Submitted by:	Mingyan Guo <guomingyan gmail com>
2009-06-19 19:28:21 +00:00
brooks
e271e202d0 Document crcopysafe() and crsetgroups().
Reminded by:	julian
2009-06-19 19:16:35 +00:00
brooks
f53c1c309d Rework the credential code to support larger values of NGROUPS and
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively.  (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)

The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer.  Do the equivalent in
kinfo_proc.

Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively.  Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary.  In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.

Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups.  When feasible, truncate
the group list rather than generating an error.

Minor changes:
  - Reduce the number of hand rolled versions of groupmember().
  - Do not assign to both cr_gid and cr_groups[0].
  - Modify ipfw to cache ucreds instead of part of their contents since
    they are immutable once referenced by more than one entity.

Submitted by:	Isilon Systems (initial implementation)
X-MFC after:	never
PR:		bin/113398 kern/133867
2009-06-19 17:10:35 +00:00
brian
0202202343 When running pkg_add -r, check & install our dependencies for each
package rather than expecting our top level package to get all of
the dependencies correct.

Previously, the code depended on the top level package having all
of the pkgdep lines in +CONTENTS correct and in the right order,
but that doesn't always happen due to code such as this (in
security/gnutls/Makefile):

    .if (defined(WITH_LZO) || exists(${LOCALBASE}/lib/liblzo2.so)) && !defined(WITHOUT_LZO)
    LIB_DEPENDS+=           lzo2:${PORTSDIR}/archivers/lzo2
    ....

With such conditional dependencies, my 'sophox-packages' package won't
install.  The dependency tree looks like this:

    sophox-packages
      ...
      x11/gnome2
        x11/gnome-applets
          net/libgweather
            devel/libsoup
              security/gnutls
                security/libgcrypt
                  security/libgpg-error
      ...
      x11/gnome2
        archivers/file-roller
          archivers/gtar
            archivers/lzop
              archivers/lzo2
      ...

gnutls doesn't depend on lzo2 initially, but lzo2 is dragged into the
mix via other dependencies and is built by the initial 'make'.  The
subsequent package generation for gnutls adds a pkgdep line for lzo2
to gnutls' +CONTENTS but the pkgdeps in sophox-packages' +CONTENTS
has gnutls *before* lzo2.

As a result, sophox-packages cannot install; gnutls fails because lzo2
is missing, 82 more packages fail because gnutls is missing and the
whole thing spirals into a super-confusing mess!

MFC after:	3 weeks
2009-06-19 17:07:38 +00:00
brooks
da4e70cf9a In preparation for raising NGROUPS and NGROUPS_MAX, change base
system callers of getgroups(), getgrouplist(), and setgroups() to
allocate buffers dynamically.  Specifically, allocate a buffer of size
sysconf(_SC_NGROUPS_MAX)+1 (+2 in a few cases to allow for overflow).

This (or similar gymnastics) is required for the code to actually follow
the POSIX.1-2008 specification where {NGROUPS_MAX} may differ at runtime
and where getgroups may return {NGROUPS_MAX}+1 results on systems like
FreeBSD which include the primary group.

In id(1), don't pointlessly add the primary group to the list of all
groups, it is always the first result from getgroups().  In principle
the old code was more portable, but this was only done in one of the two
places where getgroups() was called to the overall effect was pointless.

Document the actual POSIX requirements in the getgroups(2) and
setgroups(2) manpages.  We do not yet support a dynamic NGROUPS, but we
may in the future.

MFC after:	2 weeks
2009-06-19 15:58:24 +00:00
brooks
384550a386 When checking if we can write to a file, use access() instead of a
manual permission check based on stat output.  Also, get rid of the
executability check since it is not used.

MFC after:	2 weeks
2009-06-19 15:52:35 +00:00
edwin
c6677455d5 MFV of r194480
- Official start of Bangladesh DST.
2009-06-19 11:52:07 +00:00
edwin
ca2678266b The "original" PR said that there were two issues with the motd
(Eyes of the daemon not synced and the motd not displayed properly
on black-on-white screens): The first one was not valid anymore
since the text and logo were swapped already, the second one is
fixed by resetting the whole colourscheme instead of only the
background colour.

(also removed svn:keywords from motd since it doesn't have the
 string $FreeBSD$ in it)

PR:		misc/15876
Submitted by:	peter.jeremy@ALCATEL.COM.AU
MFC after:	1 week
2009-06-19 07:18:45 +00:00
rpaulo
ef4801a240 ieee80211_dwds_mcast(): check the correct mbuf ptr after encap. 2009-06-18 21:15:41 +00:00
jhb
b74ac99a51 Fix a deadlock in the getpeername() method for UNIX domain sockets.
Instead of locking the local unp followed by the remote unp, use the same
locking model as accept() and read lock the global link lock followed by
the remote unp while fetching the remote sockaddr.

Reported by:	Mel Flynn  mel.flynn of mailing.thruhere.net
Reviewed by:	rwatson
MFC after:	1 week
2009-06-18 20:56:22 +00:00
thompsa
f3a1b951fc Track the kernel mapping of a physical page by a new entry in vm_page
structure. When the page is shared, the kernel mapping becomes a special
type of managed page to force the cache off the page mappings. This is
needed to avoid stale entries on all ARM VIVT caches, and VIPT caches
with cache color issue.

Submitted by:	Mark Tinguely
Reviewed by:	alc
Tested by:	Grzegorz Bernacki, thompsa
2009-06-18 20:42:37 +00:00
alc
32a3828c70 Utilize the new function kmem_alloc_contig() to implement the UMA back-end
allocator for the jumbo frames zones.  This change has two benefits: (1) a
custom back-end deallocator is no longer required.  UMA's standard
deallocator suffices. (2) It eliminates a potentially confusing artifact
of using contigmalloc(): The malloc(9) statistics contain bogus information
about the usage of jumbo frames.  Specifically, the malloc(9) statistics
report all jumbo frames in use whereas the UMA zone statistics report the
"truth" about the number in use vs. the number free.
2009-06-18 17:59:04 +00:00
kan
ee4de3e44a Re-do r192913 in less intrusive way. Only do IP_RECVDSTADDR/IP_SENDSRCADDR
dace for UPDv4 sockets bound to INADDR_ANY. Move the code to set
IP_RECVDSTADDR/IP_SENDSRCADDR into svc_dg.c, so that both TLI and non-TLI
users will be using it.

Back out my previous commit to mountd. Turns out the problem was affecting
more than one binary so it needs to me addressed in generic rpc code in
libc in order to fix them all.

Reported by:	lstewart
Tested by:	lstewart
2009-06-18 17:10:43 +00:00
ume
1df3802387 Since the width is always 2, it is enough to put just one
trailing space is enough.

MFC after:	1 week
2009-06-18 16:40:00 +00:00
n_hibma
d9764744f9 - Don't hard code _.disk.full. Use the variable.
- _.bk should be created in MAKEOBJDIRPREFIX as well
- Remove a misplaced and unnecessary message.
2009-06-18 13:56:10 +00:00
n_hibma
0e44c0c1a4 Reverse some stuff I accidentally committed in the previous commit:
- creation of sparse files to speed up the build process. This was
  discussed with phk 2 years ago and he disagreed with this change.
- handling of negative data partition sizes.

Can I have the ... green pointy hat, please?
2009-06-18 11:35:29 +00:00
ivoras
23d60df09c Fix tabs, slightly improve comments.
Approved by:	gnn (mentor) (original)
Noticed by:	stas
2009-06-18 11:12:11 +00:00
cokane
0707fa3c0b Replace use of ic->ic_flags with vap->iv_flags to operate on per-vap flags
for ndis 802.11 work.

Submitted by:	Paul B. Mahol <onemda@gmail.com>
2009-06-18 11:12:10 +00:00
n_hibma
ef1ac86590 Allow building world into a separate dir (for reuse in multiple images):
- buildworld and buildkernel are built into MAKEOBJDIRPREFIX
- installworld and installkernel are performed on NANO_OBJ.

No change of functionality if MAKEOBJDIRPREFIX is not set. If it is sea,t
clean_world deletes NANO_OBJ instead of NANO_WORLDDIR. By starting nanobsd.sh
with the -b option the existing world can be reused to build a new world
reducing time and disk space considerably.

While there:
- Fix two cases where (in comments) MAKEOBJDIRPREFIX should have been
  NANO_DISKIMGDIR.
- Simplify an 'if (not wrong); then true; else action; fi' into
  'if wrong; then action; fi'. 'if ! false; then echo hello; fi' produces hello.

Note: Make sure you use NANO_OBJ were you use MAKEOBJDIRPREFIX now in your
nanobsd.conf files if you want to split out.
2009-06-18 10:39:08 +00:00
alc
d26e62824b Add support for UMA_SLAB_KERNEL to page_free(). (While I'm here remove an
unnecessary newline character from the end of two panic messages.)
2009-06-18 07:27:11 +00:00
alc
f0cb2be073 Fix some of the style errors in *getpages(). 2009-06-18 05:56:24 +00:00
rmacklem
08a5e53744 Add the SVC_RELEASE(xprt), as required by r194407.
Approved by:	kib (mentor)
2009-06-17 22:55:59 +00:00
rmacklem
d88296a89f Since svc_[dg|vc|tli|tp]_create() did not hold a reference count on the
SVCXPTR structure returned by them, it was possible for the structure
to be free'd before svc_reg() had been completed using the structure.
This patch acquires a reference count on the newly created structure
that is returned by svc_[dg|vc|tli|tp]_create(). It also
adds the appropriate SVC_RELEASE() calls to the callers, except the
experimental nfs subsystem. The latter will be committed separately.

Submitted by:	dfr
Tested by:	pho
Approved by:	kib (mentor)
2009-06-17 22:50:26 +00:00
jilles
8f12a6bcc5 Properly flush input after an error in backquotes in interactive mode.
For parsing an old-style backquote substitution (`...`),
a string "file" is used to store the contents of the
substitution (with the special backslash processing done).
If an error occurs, the shell cleans up all these files
(returning to the top level) and flush the top level
file. Erroneously, it first flushed the current file and
then cleaned up all extra files, so that the top level
file (i.e. the terminal) was not flushed.

Example (in interactive mode):
  echo `for` echo This should not be printed

Also noticeable in (in interactive mode):
  echo `(`
The old version prints an extraneous prompt.

Approved by:	ed (mentor)
2009-06-17 21:58:32 +00:00
alc
31dc96eed0 Eliminate unnecessary forward declarations. 2009-06-17 20:12:23 +00:00