Commit Graph

943 Commits

Author SHA1 Message Date
sam
b3286909e2 resolve merge conflicts
MFC after:	1 month
2006-06-05 17:46:41 +00:00
sam
6fb6b7ee36 Version 0.9.17.2:
o define HAL_SOFTC, HAL_BUS_TAG, and HAL_BUS_HANDLE to be machine
  independent; this fixes portability issues with bsd systems
o add ah_disable api for turning off operation of both MAC and PHY
o add ah_getAntennaSwitch and ah_setAntennaSwitch api's for better control
  of antenna usage and diversity
o add ah_setAckCTSRate and ah_setAckCTSRate for controlling tx rate of
  h/w generated frames
o add ah_setBeaconTimers api for simpler setting of the beacon timer registers
o remove ah_waitForBeaconDone api
o add HAL_TXDESC_DURENA flag to enable h/w duration setting in tx descriptor
o correct documentation of min/max tx power units (.5 dBm)
o switch arm, mips, and powerpc builds to use functions for register
  read/write operations
o fix sparc builds to not reference %g2 and %g3 registers
o add public builds for SoC's

MFC after:	1 month
2006-06-05 17:43:51 +00:00
sam
ac90950ea1 This commit was generated by cvs2svn to compensate for changes in r159285,
which included commits to RCS files with non-trunk default branches.
2006-06-05 17:43:51 +00:00
phk
ef310efff8 Since DELAY() was moved, most <machine/clock.h> #includes have been
unnecessary.
2006-05-16 14:37:58 +00:00
mlaier
ab4970422a Put debugging messages related to inconsistent ticket numbers under misc and
wrap it __FreeBSD__ specific as I couldn't figure out which version of
OpenBSD I got it from.

Reported by:	Scott Ullrich
2006-05-12 16:15:34 +00:00
darrenr
a3ec5442cc fix "ipf -Z" reporting rubbish and possibly panic'ing box
MFC after:	4 days
2006-04-18 13:24:14 +00:00
mlaier
9a7f7e25ad Loopback pf_norm.c rev. 1.106 from OpenBSD:
fixup IP checksum when modifying IP header fields

PR:		kern/93849
Obtained from:	OpenBSD
MFC after:	3 days
2006-03-25 21:15:25 +00:00
yar
4a02e1707a Avoid pulling in the whole <net/pfvar.h> by opaquely declaring
the structs pflog_packet() takes pointers to.

Approved by:	mlaier
MFC after:	3 days
2006-03-09 15:54:01 +00:00
thompsa
02a394bf85 Do not use the TSC where its known to be broken, this will cause the queue
speeds to perform below the desired bitrate and throughput will be erratic.

This makes queueing work on the Geode SC1100, K5 model 0 and IDT WinChip C6
processors.

MFC after:	3 days
2006-03-02 00:51:39 +00:00
sam
eae8448069 resolve merge conflicts
MFC after:	2 weeks
2006-02-10 19:01:02 +00:00
sam
551acb9ac8 Version 0.9.16.16:
o new chip support
o new platforms: powerpc-be-elf, sparc64-be-elf, and alpha-elf
  (alpha is untested, others are known to work)
o many fixes and improvements

MFC after:	2 weeks
2006-02-10 18:57:38 +00:00
sam
066a4db4b4 This commit was generated by cvs2svn to compensate for changes in r155511,
which included commits to RCS files with non-trunk default branches.
2006-02-10 18:57:38 +00:00
mlaier
0c9bbeed73 Make pflog a seperate module. As a result pflog_packet() becomes a function
pointer that is declared in pf_ioctl.c

Requested by:	yar (as part of the module build reorg)
MFC after:	1 week
X-MFC with:	yar's module reorg
2006-02-05 17:17:32 +00:00
dhartmei
dcc542fe97 fix a bug in the fragment cache (used for 'scrub fragment crop/drop-ovl',
but not 'fragment reassemble'), which can cause some fragments to get
inserted into the cache twice, thereby violating an invariant, and panic-
ing the system subsequently.

Reviewed by:	mlaier
MFC after:	1 day
2006-01-19 11:46:45 +00:00
mlaier
b96a262dce Move m_adj after checking that m_dup succeeded.
Found with:	Coverity Prevent(tm)
MFC after:	3 days
2006-01-14 22:19:17 +00:00
guido
074a2ed0e4 Add mcopywrap prototype to ip_compat.h
Remove h323 proxy from ip_proxy (copyright issue)
2005-12-30 11:55:37 +00:00
guido
61382ac33f Resolve conflicts 2005-12-30 11:32:23 +00:00
guido
74f74123f3 Import IP Filter version 4.1.10 2005-12-30 11:22:11 +00:00
guido
784dda0030 This commit was generated by cvs2svn to compensate for changes in r153872,
which included commits to RCS files with non-trunk default branches.
2005-12-30 11:22:11 +00:00
mlaier
88140ea8c3 Only decrement the max-src-conn counter for tcp connections that reached
"established" state.

Similar to OpenBSD's rev. 1.499 by joel but not breaking ABI.

Obtained from:	OpenBSD (with changes)
Reported by:	Bruno Afonso
MFC after:	3 days
X-MFC:		together with local_flags
2005-12-25 23:52:00 +00:00
mlaier
74c57f2ec0 Fix build after timeval.tv_sec changed from long to time_t. 2005-12-25 22:57:08 +00:00
mlaier
db7366efc1 Move PFSTATE_EXPIRING from sync_flags to a new local_flags. sync_flags has
special handling when zero.  This caused no PFSYNC_ACT_DEL message and thus
disfunction of pfflowd and state synchronisation in general.

Discovered by:	thompsa
Good catch by:	thompsa
MFC after:	7 days
2005-12-20 00:33:33 +00:00
obrien
0136d3f8f0 This commit was generated by cvs2svn to compensate for changes in r153200,
which included commits to RCS files with non-trunk default branches.
2005-12-07 17:32:13 +00:00
obrien
206d8c0da5 Update the nForce MCP NIC bits. This is version 1.0-0310 23-Nov-2005. 2005-12-07 17:32:13 +00:00
ru
9b19d72862 Fix -Wundef warnings found when compiling i386 LINT, GENERIC and
custom kernels.
2005-12-05 11:58:35 +00:00
ru
798500dfd8 Fix -Wundef from compiling the amd64 LINT. 2005-12-04 10:06:06 +00:00
ru
f70f525b49 - Store pointer to the link-level address right in "struct ifnet"
rather than in ifindex_table[]; all (except one) accesses are
  through ifp anyway.  IF_LLADDR() works faster, and all (except
  one) ifaddr_byindex() users were converted to use ifp->if_addr.

- Stop storing a (pointer to) Ethernet address in "struct arpcom",
  and drop the IFP2ENADDR() macro; all users have been converted
  to use IF_LLADDR() instead.
2005-11-11 16:04:59 +00:00
ru
ed1132ceab - Make IFP2ENADDR() a pointer to IF_LLADDR() rather than another
copy of Ethernet address.

- Change iso88025_ifattach() and fddi_ifattach() to accept MAC
  address as an argument, similar to ether_ifattach(), to make
  this work.
2005-11-11 07:36:14 +00:00
thompsa
48c0bcb5c2 Move the cloned interface list management in to if_clone. For some drivers the
softc lists and associated mutex are now unused so these have been removed.

Calling if_clone_detach() will now destroy all the cloned interfaces for the
driver and in most cases is all thats needed to unload.

Idea by:	brooks
Reviewed by:	brooks
2005-11-08 20:08:34 +00:00
jkim
dbc8115981 - Fix more resource parsing problems. The previous commit was imcomplete.
- Fix a typo in rsmisc.c and a style change for consistency.

This patch will also appear in future ACPI-CA release.

Submitted by:	Robert Moore <robert dot moore at intel dot com>
Tested by:	ru
2005-11-04 21:29:41 +00:00
jkim
5ec246af06 This commit was generated by cvs2svn to compensate for changes in r152069,
which included commits to RCS files with non-trunk default branches.
2005-11-04 21:29:41 +00:00
njl
0032330289 Account for the minimum resource size when parsing the end tag resource
descriptor.  This should fix the "memory modified after free" panics.  This
patch will appear in a future acpi-ca distribution.

Submitted by:	Robert Moore <robert.moore / intel.com>
Tested by:	Peter Holm
2005-11-04 20:15:09 +00:00
njl
082067a133 This commit was generated by cvs2svn to compensate for changes in r152058,
which included commits to RCS files with non-trunk default branches.
2005-11-04 20:15:09 +00:00
jkim
a5b17cb66c Fix build breakage on tinderbox. 2005-11-03 20:27:38 +00:00
jkim
2e9142f013 Update to reflect import of ACPI-CA 20051021 with includes fixups 2005-11-01 22:38:50 +00:00
jkim
e93792c0d1 Local change: remove unnecessary __cdecl 2005-11-01 22:33:32 +00:00
jkim
727bb7982d Local change: remove compilation warnings 2005-11-01 22:30:52 +00:00
jkim
3f99461a39 Fix conflicts from import of Intel ACPI-CA 20051021 2005-11-01 22:28:49 +00:00
jkim
dd36e4d5eb Unchanged files that are off the vendor branch 2005-11-01 22:23:25 +00:00
jkim
7bc04cb5a9 Fix few compilation problems on vendor branch.
These fixes will be submitted vendor.
2005-11-01 22:18:47 +00:00
jkim
275739933b This commit was generated by cvs2svn to compensate for changes in r151940,
which included commits to RCS files with non-trunk default branches.
2005-11-01 22:18:47 +00:00
jkim
5f6a2493dd Vendor import of Intel ACPI-CA 20051021 2005-11-01 22:11:18 +00:00
jkim
011860e7b5 This commit was generated by cvs2svn to compensate for changes in r151937,
which included commits to RCS files with non-trunk default branches.
2005-11-01 22:11:18 +00:00
rwatson
be4f357149 Normalize a significant number of kernel malloc type names:
- Prefer '_' to ' ', as it results in more easily parsed results in
  memory monitoring tools such as vmstat.

- Remove punctuation that is incompatible with using memory type names
  as file names, such as '/' characters.

- Disambiguate some collisions by adding subsystem prefixes to some
  memory types.

- Generally prefer lower case to upper case.

- If the same type is defined in multiple architecture directories,
  attempt to use the same name in additional cases.

Not all instances were caught in this change, so more work is required to
finish this conversion.  Similar changes are required for UMA zone names.
2005-10-31 15:41:29 +00:00
jhb
50133a977c Remove old ACPICA files from the INTEL vendor branch. They were removed
from HEAD about 4 years ago when we started flattening out the ACPICA
distribution.
2005-10-27 20:48:05 +00:00
obrien
39c9d5812d Add a commented out version of what was done for the r20041119sysinc import. 2005-10-24 04:36:14 +00:00
obrien
a7339d083b Fix conflicts of import of Intel ACPI-CA 20041119 with system includes fixups. 2005-10-24 04:35:20 +00:00
obrien
0a657a32e3 Vendor import of Intel ACPI-CA 20041119 with system includes fixups. 2005-10-24 04:31:06 +00:00
obrien
a0a258e60b This commit was generated by cvs2svn to compensate for changes in r151600,
which included commits to RCS files with non-trunk default branches.
2005-10-24 04:31:06 +00:00
ru
b9c7add838 In detach method, move if_free() after bus_teardown_intr(). 2005-10-13 21:11:20 +00:00
thompsa
d6130a4703 Change the reference counting to count the number of cloned interfaces for each
cloner. This ensures that ifc->ifc_units is not prematurely freed in
if_clone_detach() before the clones are destroyed, resulting in memory modified
after free. This could be triggered with if_vlan.

Assert that all cloners have been destroyed when freeing the memory.

Change all simple cloners to destroy their clones with ifc_simple_destroy() on
module unload so the reference count is properly updated. This also cleans up
the interface destroy routines and allows future optimisation.

Discussed with:	brooks, pjd, -current
Reviewed by:	brooks
2005-10-12 19:52:16 +00:00
ru
2bc1b3a583 Fix "struct ifnet" leak if attach() fails in the middle. 2005-09-16 12:49:06 +00:00
obrien
2f74466b58 Per a request from Nick Triantos of nVidia, nVidia's legal department asked
that we provide their license document beside their nForce MCP object code.
2005-09-11 17:50:20 +00:00
mlaier
ae191726d9 Stop leaking a lock. This used to cause a propagate_priority() page fault
when setting syncdev and syncpeer.

Reported by:	Dominic Marks
2005-09-11 11:55:39 +00:00
mlaier
df3bd6cde3 Unbreak the build. Committed from the wrong directory. 2005-09-08 17:42:42 +00:00
mlaier
aa70783c83 Commit imported changes to HEAD:
pf_ioctl.c Revision 1.153 Sun Aug 7 11:37:33 2005 UTC by dhartmei
 | verify ticket in DIOCADDADDR, from Boris Polevoy, ok deraadt@

 pf_ioctl.c Revision 1.158 Mon Sep 5 14:51:08 2005 UTC by dhartmei
 | in DIOCCHANGERULE, properly initialize table, if used in NAT rule.
 | from Boris Polevoy <vapcom at mail dot ru>, ok mcbride@

 pf.c Revision 1.502 Mon Aug 22 11:54:25 2005 UTC by dhartmei
 | when nat'ing icmp 'connections', replace icmp id with proxy values
 | (similar to proxy ports for tcp/udp). not all clients use
 | per-invokation random ids, this allows multiple concurrent
 | connections from such clients.
 | thanks for testing to Rod Whitworth, "looks ok" markus@

 pf.c Revision 1.501 Mon Aug 22 09:48:05 2005 UTC by dhartmei
 | fix rdr to bitmask replacement address pool. patch from Max Laier,
 | reported by Boris Polevoy, tested by Jean Debogue, ok henning@

Obtained from:	OpenBSD
MFC after:	3 days
2005-09-08 15:06:52 +00:00
mlaier
608d90c70d Loopback four fixes from OpenBSD for problems reported to the freebsd-pf
mailing list onto the vendor branch:
 pf_ioctl.c Revision 1.153 Sun Aug 7 11:37:33 2005 UTC by dhartmei
 | verify ticket in DIOCADDADDR, from Boris Polevoy, ok deraadt@

 pf_ioctl.c Revision 1.158 Mon Sep 5 14:51:08 2005 UTC by dhartmei
 | in DIOCCHANGERULE, properly initialize table, if used in NAT rule.
 | from Boris Polevoy <vapcom at mail dot ru>, ok mcbride@

 pf.c Revision 1.502 Mon Aug 22 11:54:25 2005 UTC by dhartmei
 | when nat'ing icmp 'connections', replace icmp id with proxy values
 | (similar to proxy ports for tcp/udp). not all clients use
 | per-invokation random ids, this allows multiple concurrent
 | connections from such clients.
 | thanks for testing to Rod Whitworth, "looks ok" markus@

 pf.c Revision 1.501 Mon Aug 22 09:48:05 2005 UTC by dhartmei
 | fix rdr to bitmask replacement address pool. patch from Max Laier,
 | reported by Boris Polevoy, tested by Jean Debogue, ok henning@
2005-09-08 14:59:36 +00:00
mlaier
022c2a093b Wrap the new world order in __FreeBSD__ to ease future imports. 2005-08-09 11:59:02 +00:00
rwatson
5d770a09e8 Propagate rename of IFF_OACTIVE and IFF_RUNNING to IFF_DRV_OACTIVE and
IFF_DRV_RUNNING, as well as the move from ifnet.if_flags to
ifnet.if_drv_flags.  Device drivers are now responsible for
synchronizing access to these flags, as they are in if_drv_flags.  This
helps prevent races between the network stack and device driver in
maintaining the interface flags field.

Many __FreeBSD__ and __FreeBSD_version checks maintained and continued;
some less so.

Reviewed by:	pjd, bz
MFC after:	7 days
2005-08-09 10:20:02 +00:00
mlaier
e0e4afff1d Prevent a race condition. As pf_send_tcp() - called for expired synproxy
states - has to drop the lock when calling back to ip_output(), the state
purge timeout might run and gc the state. This results in a rb-tree
inconsistency.  With this change we flag expiring states while holding the
lock and back off if the flag is already set.

Reported by:	glebius
MFC after:	2 weeks
2005-07-20 18:58:27 +00:00
ume
c8f443708b move RFC3542 related definitions into ip6.h.
Submitted by:	Keiichi SHIMA <keiichi__at__iijlab.net>
Reviewed by:	mlaier
Obtained from:	KAME
2005-07-20 10:30:52 +00:00
mlaier
a390027dcd Export pfsyncstats via sysctl "net.inet.pfsync" in order to print them with
netstat (seperate commit).

Requested by:	glebius
MFC after:	1 week
2005-07-14 22:22:51 +00:00
mlaier
79ac1f3888 Properly initialize ifq_maxlen for the defered send queue and make it
actually work.  Also use the right semantics for IF_HANDOFF to get correct
stats.

Reported and tested by:	Sascha Luck <sascha at c4inet dot net>
Approved by:		re (blanket)
2005-06-26 21:00:52 +00:00
darrenr
22c343ffc8 Fix some minor problems before release:
(1) "ipf -T" is broken for fetching single entries and
(2) loading rules with numbered collections does not order insertion right.
(3) stats aren't accumulated for hash table memory failures

Approved by: re (dwhite)
2005-06-23 14:19:02 +00:00
darrenr
d742076594 locking on exit of reading from ip_sync is not correct for all instances
Approved by:	re (dwhite)
2005-06-14 09:18:26 +00:00
mlaier
e15084485c Mark pf callouts as NET_MPSAFE.
Requested by:	yongari (serveral times)
Approved by:	re (blanket)
MFC after:	1 week
2005-06-12 16:46:20 +00:00
mlaier
2f60aac277 Defer ip_output of pfsync updates to an independent callout thread instead
of just dropping the lock around the ip_output call.  This used to cause
corrupted state tree walks for some call-paths.

In a second stage all callouts will be marked MPSAFE according to the
setting of mpsafenet.

Reported and tested by:	Matthew Grooms <mgrooms at seton dot org>
MFC after:		3 days
X-MFC after:		Marking callouts MPSAFE + 1 week
2005-06-10 17:23:49 +00:00
brooks
567ba9b00a Stop embedding struct ifnet at the top of driver softcs. Instead the
struct ifnet or the layer 2 common structure it was embedded in have
been replaced with a struct ifnet pointer to be filled by a call to the
new function, if_alloc(). The layer 2 common structure is also allocated
via if_alloc() based on the interface type. It is hung off the new
struct ifnet member, if_l2com.

This change removes the size of these structures from the kernel ABI and
will allow us to better manage them as interfaces come and go.

Other changes of note:
 - Struct arpcom is no longer referenced in normal interface code.
   Instead the Ethernet address is accessed via the IFP2ENADDR() macro.
   To enforce this ac_enaddr has been renamed to _ac_enaddr.
 - The second argument to ether_ifattach is now always the mac address
   from driver private storage rather than sometimes being ac_enaddr.

Reviewed by:	sobomax, sam
2005-06-10 16:49:24 +00:00
harti
64a08be33a Virgin import of NgATM kernel part 1.2 2005-05-23 13:08:32 +00:00
harti
92345ef8b8 This commit was generated by cvs2svn to compensate for changes in r146539,
which included commits to RCS files with non-trunk default branches.
2005-05-23 13:08:32 +00:00
darrenr
7b001e5d5e Enable building /sbin/ipf (but not the rescue version) with the ability to
parse bpf strings for filter rules in ipf.conf
2005-05-16 16:22:55 +00:00
darrenr
2e784092b6 Enable IPFilter to correctly determine if BPF has been optioned into the
kernel it is being compiled against and subsequently enable using BPF for
packet matching in ipf rules.
2005-05-15 03:34:17 +00:00
mlaier
896129e0f9 if_mtu not ifp_mtu. 2005-05-04 19:51:06 +00:00
mlaier
eba8487d85 Bring back fix from rev. 1.28 which was lost during the import. 2005-05-04 16:03:01 +00:00
mlaier
587ccf7938 Combine rev. 1.29 and 1.30 to something that will make sense for future
imports.
2005-05-04 15:55:29 +00:00
mlaier
2383ca5b3c Make LINT happy. 2005-05-04 15:29:28 +00:00
andre
e6d10efc2a Pass icmp_error() the MTU argument directly instead of
an interface pointer.  This simplifies a couple of uses
and removes some XXX workarounds.
2005-05-04 13:09:19 +00:00
mlaier
b14e72073d Resolve conflicts created during the import of pf 3.7 Some features are
missing and will be implemented in a second step.  This is functional as is.

Tested by:	freebsd-pf, pfsense.org
Obtained from:	OpenBSD
X-MFC after:	never (breaks API/ABI)
2005-05-03 16:43:32 +00:00
mlaier
a0d335db26 Import pf from OpenBSD 3.7 (OPENBSD_3_7 as of today) 2005-05-03 16:34:36 +00:00
ru
5d1d05f88f Fix the following warnings on amd64:
/usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c: In function `fr_ipid_newfrag':
/usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c:397: warning: cast to pointer from integer of different size
/usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c: In function `fr_ipid_knownfrag':
/usr/src/sbin/ipf/ipftest/../../../sys/contrib/ipfilter/netinet/ip_frag.c:582: warning: cast from pointer to integer of different size
2005-04-29 05:57:17 +00:00
darrenr
a57939d5ce Don't use quad_t on FreeBSD (deprecated) so use "long long" instead.
Someday this should be converted to uint64_t and printstate.c changed to
use those horrid PRiud64 things.
2005-04-28 21:36:30 +00:00
darrenr
e2c005ba3b The current H.323 proxy source has a license that isn't suitable for inclusion
with FreeBSD so we shouldn't be trying to include it here.
2005-04-27 05:53:12 +00:00
darrenr
ff47a7263b - Comment out duplicate rcsid strings in *.c files
- Move SIOCPROXY from ip_nat.h to ip_proxy.h and fix ip_proxy.h so that it
  can be easily compiled into kdump, et al.
2005-04-27 03:48:10 +00:00
darrenr
fe63b8eb76 Add an include for netinet/ip_compat.h directly so that we don't need to
add another special file in the creation of ioctls.c for kdump.
2005-04-26 17:58:05 +00:00
darrenr
212987c6c2 Merge the changes from 3.4.35 to 4.1.8 into the kernel source tree 2005-04-25 18:43:14 +00:00
darrenr
28f64fe3ce import ipfilter 4.1.8 into the kernel source tree 2005-04-25 18:15:41 +00:00
darrenr
f9c93115b7 This commit was generated by cvs2svn to compensate for changes in r145516,
which included commits to RCS files with non-trunk default branches.
2005-04-25 18:15:41 +00:00
glebius
1268b440dc Fix error in synproxy connection completion. Source and
destination windows were confused, one instead of other.
This error was masked, because first segment of just
established connection is usually smaller than initially
announced window, and it was successfully passed. First
window reannouncement corrected erroneous 'seqhi' value.
The error showed up when client connected to synproxy
with zero initial window, and reannounced it after
session establishment.

In collaboration with:	dhartmei [we came to same patch independtly]
Reviewed by:		mlaier
Sponsored by:		Rambler
MFC after:		3 days
2005-04-22 09:53:46 +00:00
rwatson
04a7b2d379 Modify the alq(9) alq_open() API to accept a file creation mode, rather
than defaulting the cmode argument to vn_open() to 0.  Supply a default
argument of ALQ_DEFAULT_CMODE (0600) in current callers.

Discussed with/pointed out by:	hmp
Reveiwed by:	jeff, hmp
MFC after:	3 days
2005-04-16 12:12:27 +00:00
glebius
70458efe87 Fix mss byte order, only affects synproxy code path.
Submitted by:	John L. Scarfone via OpenBSD
Reviewed by:	mlaier
Obtained from:	OpenBSD, rev. 1.483
MFC after:	2 days
2005-04-13 21:05:55 +00:00
obrien
dd0816f21d Import the nForce MCP NIC bits. This is version 1.0-0301.
Demanded by:	DES
Encouraged by:	scottl
2005-03-12 00:17:37 +00:00
obrien
25cd568502 This commit was generated by cvs2svn to compensate for changes in r143439,
which included commits to RCS files with non-trunk default branches.
2005-03-12 00:17:37 +00:00
scottl
234c4487a0 Move all of the hptmv files to /sys/dev/hptmv so that they won't be mistaken
for being on a CVS vendor branch.  The files were moved via a repo-copy.
2005-03-02 05:14:28 +00:00
obrien
f2b675e741 Add FreeBSD ID. 2005-02-28 00:53:29 +00:00
phk
6fb2ef6eec Use dynamic major number allocation. 2005-02-27 22:19:35 +00:00
sam
95526fd399 avoid sneaky double free
Noticed by:	Coverity Prevent analysis tool
Reviewed by:	scottl
2005-02-25 00:16:53 +00:00
green
bde233c44a Do not fail to initialize callouts (on SMP only) -- it leads to crashing. 2005-02-22 04:27:05 +00:00
mlaier
1ad7875704 Fix a terrible braino in pfi_maybe_destroy() and unbreak "$pfctl -Fall" with
renamed interfaces.

PR:		kern/77645
Reported by:	Harald Schmalzbauer <harryNOschmalzbauerSPAMde>
Reviewed by:	yongari
MFC after:	3 days
2005-02-21 17:20:00 +00:00
mlaier
a448425842 Don't use the static CALLOUT_INITIALIZER for __FreeBSD_version >= 600000. It
was a bad idea, but since it is done like this in the vendor source we keep
it around for older versions. As a safe guard against future misuse we don't
even define CALLOUT_INITIALIZER anymore.

This fixes ALTQ after callout_init_mtx() and takes altq_var.h off the vendor
branch.

Submitted by:	Divacky Roman <xdivac02NOstud.fit.vutbrSPAMcz> (w/ changes)
2005-02-21 17:11:09 +00:00
yongari
13ffa2fe13 Fix inteface clear time. pf printed "Thu Jan 1 09:00:01 1970"
in "pfctl -vvsI" output when pf was statically linked to kernel.

Discussed with:	mlaier
2005-02-17 03:36:31 +00:00
mlaier
d43f99469a Access softc embedded struct ifnet via function macro to make it easier to
untangle struct ifnet and softc/arpcom in the future.

Requested by:	brooks
2005-02-09 19:29:13 +00:00
mdodd
f1d4551d87 - Split out PCI support.
- Add previously removed ISA support.

Submitted by:	David S. Madole <david AT madole.net>
2005-02-03 23:01:01 +00:00
dhartmei
77598c300e Use the packet's address family instead of the rule's when selecting a
replacement address for an rdr rule. Some rdr rules have no address family
(when the replacement is a table and no other criterion implies one AF).
In this case, pf would fail to select a replacement address and drop the
packet due to translation failure.

Found by:	Gustavo A. Baratto
2005-01-20 18:07:35 +00:00
dhartmei
82659e8246 Prohibit ruleset changes at securelevel > 2, not > 1. It's documented
like this in init(8), but the code didn't match the documentation.

Submitted by:	Juraj Lutter <otis at sk dot FreeBSD dot org>
Agrees:		mlaier
2005-01-19 21:37:00 +00:00
njl
3146a26ffd Clean up a small memory leak introduced with the previous commit to
dsutils.c.  We need to GC the implicitly-returned object.

Submitted by:	Robert.Moore at Intel
MFC after:	1 day
2005-01-14 06:37:43 +00:00
njl
4d6e248da7 This commit was generated by cvs2svn to compensate for changes in r140216,
which included commits to RCS files with non-trunk default branches.
2005-01-14 06:37:43 +00:00
njl
d724817235 Fix handling of the implicit return case for methods called from an
external source (i.e., _STA).  The previous case only handled calls
occurring within AML.  This should fix Toshibas, among others.  Thanks
to Robert Moore of Intel for the fix.

MFC after:	2 days
2005-01-12 00:52:40 +00:00
njl
393451f28c This commit was generated by cvs2svn to compensate for changes in r140094,
which included commits to RCS files with non-trunk default branches.
2005-01-12 00:52:40 +00:00
darrenr
41cf7f35b4 Elminate 1 LOR (actually a recursive mutex grab) involving ipfilter where
we loop through all the list of NICs (struct ifnet), holding the lock on
it and then do a name lookup with ifunit() whilst holding it.
2005-01-08 04:32:02 +00:00
darrenr
7138e15544 * Remove some code that's in a #ifndef FreeBSD that's no longer used. 2004-12-26 09:09:29 +00:00
darrenr
7994bf8513 * The #ifdef's to cause mutex's for freebsd to be declared were meant to pick
up on USE_MUTEX being defined, but this patch
* Remove some code that's in a #ifndef FreeBSD that's no longer used.
2004-12-26 09:08:42 +00:00
scottl
a5d798fc39 Darnit, through a maze of twisty passages, ipfilter needs to have PFIL_HOOKS
defined.  Revert part of the previous commit to fix this.
2004-12-25 00:48:27 +00:00
scottl
86ae6cb590 Sprinkle in some __FreeBSD_version checks so that this compiles again. Don't
define PFIL_HOOKS anymore.

Submitted by: keramida
2004-12-25 00:22:25 +00:00
darrenr
f49c00bce2 Enable fine grained locking within IPFilter, using mtx(9) and sx(9) allowing
the the "needs giant" flag to be removed from the driver.
2004-12-24 09:14:26 +00:00
dhartmei
b61c49cccc Initialise init_addr in pf_map_addr() in the PF_POOL_ROUNDROBIN,
prevents a possible endless loop in pf_get_sport() with 'static-port'

ICMP state entries use the ICMP ID as port for the unique state key. When
checking for a usable key, construct the key in the same way. Otherwise,
a colliding key might be missed or a state insertion might be refused even
though it could be inserted. The second case triggers the endless loop,
possibly allowing a NATed LAN client to lock up the kernel.

PR:			kern/74930
Reported and tested by:	Hugo Silva, Srebrenko Sehic
MFC after:		3 days
2004-12-19 19:43:04 +00:00
mlaier
9cf451328d Make ip_nat compile again. Should read #if->n<-def LARGE_NAT as in ipf 4.x 2004-12-18 03:47:54 +00:00
darrenr
62b778ce28 Move two variables that are unused if LARGE_NAT is defined inside an #ifdef
to keep them out of harms way when compiling.

PR:	72783
2004-12-17 15:59:16 +00:00
darrenr
bb353fef0f Allow ipnat redirect rules to work for non-TCP/UDP packets.
PR:             70038
Submitted by:   fming@borderware.com
Reviewed by:    darrenr
Obtained from:  fming@borderware.com
2004-12-17 02:29:34 +00:00
darrenr
e928230a0a Using just m_pullup to get all of the interesting bits in packet into one
buffer doesn't work for ipv6 packets, so use m_defrag() here instead as an
easy drop-in replacement.

PR:	70399
2004-12-16 21:02:16 +00:00
mlaier
5a1a81dd99 Compile pfsync w/o bpf.
Noticed by:	"Jayel Villamin" <jarthel operamail com>
2004-12-10 17:42:47 +00:00
sam
bf7a77645b clear old files now in public 2004-12-08 18:27:44 +00:00
sam
12c26fd8f2 resolve merge conflict 2004-12-08 18:18:39 +00:00
sam
bb2ee9a892 Version 0.9.14.12:
[Changes listed only since last public release 0.9.12.14; for changes
 prior to that consult the CVS logs at http://madwifi.sourceforge.net]

o reorg directory structure to have a single set of public binary builds
  shared by all systems
o support for new parts (all shipping pci/cardbus parts to this date work)
o new capabilities for identifying various chip features
o set/get tx power cap for supporting 802.11h information element
o revised api for set/get tx queue properties
o support for updating CTS in frames when doing packet bursting
o support for querying which tx queues have pending interrupts
2004-12-08 18:06:09 +00:00
sam
a1c4d74288 This commit was generated by cvs2svn to compensate for changes in r138583,
which included commits to RCS files with non-trunk default branches.
2004-12-08 18:06:09 +00:00
dhartmei
de7cd2f92a IPv6 packets can contain headers (like options) before the TCP/UDP/ICMP6
header. pf finds the first TCP/UDP/ICMP6 header to filter by traversing
the header chain. In the case where headers are skipped, the protocol
checksum verification used the wrong length (included the skipped headers),
leading to incorrectly mismatching checksums. Such IPv6 packets with
headers were silently dropped.

Discovered by:	Bernhard Schmidt
MFC after:	1 week
2004-12-05 12:15:43 +00:00
marks
fd493b6d5c Oops, remove unnecessary cast in original, out-commented code.
This was a debug leftover.

MFC after:	1 week
2004-12-02 00:12:19 +00:00
marks
56de2c5ba4 This commit was generated by cvs2svn to compensate for changes in r138298,
which included commits to RCS files with non-trunk default branches.
2004-12-02 00:12:19 +00:00
marks
128b57630d Local change: Supporting code not yet available, use previous behavior
instead for the time being. Intel should fix this.

Note that if this commit is correct, it is made on the vendor branch.
We expect the Intel folks to fix it, and we don't want to unnecessarily
take files off the vendor branch.

Approved by:	njl
MFC after:	1 week
2004-12-02 00:05:02 +00:00
marks
bc7d6d9dd2 This commit was generated by cvs2svn to compensate for changes in r138296,
which included commits to RCS files with non-trunk default branches.
2004-12-02 00:05:02 +00:00
marks
3d10c42dd0 Local change: Remove warnings from vendor files.
Approved by:	njl
MFC after:	1 week
2004-12-01 23:42:21 +00:00
marks
47a3ae4cbd Local change: In the resume path, give up after waiting for a while
for WAK_STS to be set.  Some BIOSs never set it.

Approved by:	njl
MFC after:	1 week
2004-12-01 23:40:48 +00:00
marks
64092a1d81 Local change: Put various debugging options under ACPI_DISASSEMBLER.
Approved by:	njl
MFC after:	1 week
2004-12-01 23:39:45 +00:00
marks
6a7971435d Unchanged files that are off the vendor branch.
Approved by:	njl
MFC after:	1 week
2004-12-01 23:34:39 +00:00
marks
93c2522130 Vendor import of Intel ACPI-CA 20041119 2004-12-01 23:14:10 +00:00
marks
350be3accf This commit was generated by cvs2svn to compensate for changes in r138287,
which included commits to RCS files with non-trunk default branches.
2004-12-01 23:14:10 +00:00
dhartmei
f808618fbd fix a bug that leads to a crash when binat rules of the form
'binat from ... to ... -> (if)' are used, where the interface
is dynamic.

Discovered by:	kos(at)bastard(dot)net
Analyzed by:	Pyun YongHyeon
Approved by:	mlaier (mentor)
MFC after:	1 week
2004-11-24 00:43:34 +00:00
ru
f4dd946343 Removed the remnants of gx(4). 2004-11-08 20:24:52 +00:00
mlaier
829a2496de Improved interface handling. This should fix the use of renamed interfaces
(ifconfig xl0 name foo) as well as some special interfaces such as the 6to4
tunnel.

Reported by:	Ed Schouten <ed (at) il ! fontys , nl>
Tested by:	freebsd-pf
PR:		kern/72444
MFC after:	3 weeks
2004-11-03 17:21:12 +00:00
mlaier
a18af33877 Fix a panic discovered with some apache2 configure test (that seemed to
trigger a socket creation race some some kind). Checking for non-NULL socket
and credential is not a bad idea anyway. Unfortunatly too late for the
release.

Reported & tested by:	Gilbert Cao
MFC after:		2 weeks
2004-10-24 19:35:02 +00:00
scottl
3f4ffafdb8 Fix some warnings that only triggered in LINT. 2004-10-24 09:23:07 +00:00
scottl
16c58cc2c4 Embed the correct name. 2004-10-24 08:48:32 +00:00
scottl
7a9167aadd Import the HighPoint RocketRAID 182x driver. Thanks to HighPoint for
providing the original driver, and thanks to IronSystems for providing
hardware for testing.
2004-10-24 05:37:23 +00:00
mlaier
b65eae4c19 Add an additional struct inpcb * argument to pfil(9) in order to enable
passing along socket information. This is required to work around a LOR with
the socket code which results in an easy reproducible hard lockup with
debug.mpsafenet=1. This commit does *not* fix the LOR, but enables us to do
so later. The missing piece is to turn the filter locking into a leaf lock
and will follow in a seperate (later) commit.

This will hopefully be MT5'ed in order to fix the problem for RELENG_5 in
forseeable future.

Suggested by:		rwatson
A lot of work by:	csjp (he'd be even more helpful w/o mentor-reviews ;)
Reviewed by:		rwatson, csjp
Tested by:		-pf, -ipfw, LINT, csjp and myself
MFC after:		3 days

LOR IDs:		14 - 17 (not fixed yet)
2004-09-29 04:54:33 +00:00
mlaier
83e80bafba Protect sockaddr_union definitions with a protecting define. This allows to
build kernels with FAST_IPSEC and PF. This is the least disruptive fix.

PR:		kern/71836
Reviewed by:	bms, various mailing lists
MFC after:	3 days
2004-09-23 12:44:40 +00:00
mlaier
69a40e03c1 Break out altq_enable/disable from DIOC{START,STOP}ALTQ into seprate
functions that can be called from enable/disable pf as well. This improves
switching from non-altq ruleset to altq ruleset (and the other way 'round)
by a great deal and makes pfctl act like the user would except it to.

PR:		kern/71746
Tested by:	Aurilien "beorn" Rougemont (PR submitter)
MFC after:	3 days
2004-09-17 02:15:05 +00:00
mlaier
23fe0c08ee Reactivate skipping over bogus IPCP addresses on ppp interfaces. Be more
careful with the skip condition this time. Addresses are only not taken into
account if:
	- The interface is POINTTOPOINT
	- There is no route installed for the address
	- The user specified noalias (:0)
and	- We are looking at an IPv4 address.

This should be enough paranoia to not cause any false positives.

PR:	 	misc/69954
Discussed with:	yongari
MFC after:	4 days
2004-09-14 15:20:24 +00:00
mlaier
de866b234b Move pf* init from SI_SUB_PSEUDO to SI_SUB_PROTO_IFATTACHDOMAIN where it is
save to call if_attachdomain from if_attach() (as done for if_loop.c). We
will now end up with a properly initialized if_afdata array and the nd6
callout will no longer try to deref a NULL pointer.

Still this is a temp workaround and the locking for if_afdata should be
revisited at a later point.

Requested by:			rwatson
Discussed with and tested by:	yongari (a while ago)
PR:				kern/70393
MFC after:			5 days
2004-09-14 03:12:01 +00:00
mlaier
431ad26757 One more round on the H/W supported checksum code: Fix NICs that can't do
the pseudo header. We really need the TCP packet length here. This happens
to end up in ip->ip_len in tcp_input.c, but here we should get it from the
len function variable instead.

Submitted by:	yongari
Tested by:	Nicolas Linard, yongari (sparc64 + hme)
MFC after:	5 days
2004-09-11 11:18:25 +00:00
andre
26d581a5d1 From __FreeBSD_version 600001 on PFIL_HOOKS is permanently in the kernel and
doesn't require to include opt_pfil_hooks.h.
2004-08-27 20:01:08 +00:00
mlaier
9c209cbf17 Use securelevel_gt instead of reading global securelevel unprotected.
Submitted by:	yongari
MFC after:	3 days
2004-08-22 15:23:48 +00:00
njl
f84f460530 Add a padding member to the header overlaid on data allocated in the
ACPI_DEBUG case.  Without this, use of allocated memory is unaligned and
causes a trap on ia64.  Intel may fix this differently in a subsequent
release but this is adequate for now.

Submitted by:	marcel
MFC after:	2 days
2004-08-18 05:41:21 +00:00
njl
3218429865 This commit was generated by cvs2svn to compensate for changes in r133931,
which included commits to RCS files with non-trunk default branches.
2004-08-18 05:41:21 +00:00
mlaier
c6cd25836d Comment out rev. 1.4 after problems w/ IPv6, a better solution must be
found.
2004-08-16 17:58:12 +00:00
dwmalone
5df13d37b2 Get rid of the RANDOM_IP_ID option and make it a sysctl. NetBSD
have already done this, so I have styled the patch on their work:

        1) introduce a ip_newid() static inline function that checks
        the sysctl and then decides if it should return a sequential
        or random IP ID.

        2) named the sysctl net.inet.ip.random_id

        3) IPv6 flow IDs and fragment IDs are now always random.
        Flow IDs and frag IDs are significantly less common in the
        IPv6 world (ie. rarely generated per-packet), so there should
        be smaller performance concerns.

The sysctl defaults to 0 (sequential IP IDs).

Reviewed by:	andre, silby, mlaier, ume
Based on:	NetBSD
MFC after:	2 months
2004-08-14 15:32:40 +00:00
rwatson
de1943c97f Since if_oltr doesn't contain locking or run with INTR_MPSAFE, mark
the interface as IFF_NEEDSGIANT so if_start is run holding Giant.
2004-08-14 00:19:07 +00:00
mlaier
939573c38d Loopback fix from Mathieu Sauve-Frankel:
Add missing check for NULL in DIOCCHANGERULE. This prevents a crash
	in certain rare cases.
2004-08-12 14:15:42 +00:00
mlaier
b1f9b6b2a2 Import a fix from the OpenBSD-stable branch, that slipped by my previous
import. Sorry.
2004-08-12 14:09:56 +00:00
mlaier
625a88ed36 Loopback fix from Daniel Hartmeier:
pf_cksum_fixup() was called without last argument from
	normalization, also fixup checksum when random-id modifies ip_id.
	This would previously lead to incorrect checksums for packets
	modified by scrub random-id.

(Originally) Submitted by:	yongari
2004-08-12 13:59:44 +00:00
mlaier
79a496b7d4 Loopback fix from Henning Brauer:
skip over interface addresses without IFA_ROUTE, fixes some issue
	with pppd

PR:	misc/69954
2004-08-12 13:54:50 +00:00
mlaier
80669cee06 Import a couple of fixes from OpenBSD-current, which did not make -stable in
OpenBSD for various reasons.

Discussed with:	yongari
2004-08-12 13:46:21 +00:00
harti
ecf74a0083 Exclusion list for easier import. 2004-08-11 12:25:09 +00:00
harti
222df4eab2 Virgin import of NgATM shared kernel/user part 1.1 2004-08-11 12:21:36 +00:00
harti
f199ec9d83 This commit was generated by cvs2svn to compensate for changes in r133492,
which included commits to RCS files with non-trunk default branches.
2004-08-11 12:21:36 +00:00
mlaier
3e1b10ae60 Use in_cksum_skip() to calculate in4_cksum instead of doing handrolled magic
(that does not compile with !gcc). Moreover we get the benefit for all archs
that have a hand optimized in_cksum_skip().

Submitted by:	yongari
Tested by:	me (i386, extensivly), pf4freebsd ML (various)
2004-08-05 20:41:38 +00:00
kan
81bb3b51b0 Initialize s variable early to shut up GCC warnings.
Do not declare inline functions without body as this is useless in
general and generates a warning with GCC 3.4.x.

Glanced over by:	dhartmei
2004-07-28 06:14:44 +00:00
mlaier
06a62be24a Fix the following LOR on pf module unload:
1st ifnet (ifnet) @/usr/src/sys/contrib/pf/net/pf_if.c:191
2nd pf task mtx (pf task mtx) @/usr/src/sys/contrib/pf/net/pf_if.c:197

Reported by:	Pyun YongHyeon (a long time ago)
2004-07-23 03:37:05 +00:00
mlaier
fcf16798bf Refine pf_check_proto_cksum() a bit in order to avoid additional in_pseudo()
calls further down the stack. If we find the cksum to be okay we pretend
that the hardware did all the work and hence keep the upper layers from
checking again.

Submitted by:	Pyun YongHyeon
2004-07-23 03:31:42 +00:00
mlaier
446479e8a1 Fix a stupid attemp to apply host arithmetics to network byte ordered data.
This fixes checksum for some drivers with partial H/W ckcsum offloads.

Reported by:	Simon 'corecode' Schubert, Devon H. O'Dell, hmp
Reviewed by:	Pyun YongHyeon
2004-07-18 14:25:48 +00:00
mlaier
d420de60b6 m_tag_copy takes an additional "how" parameter in FreeBSD.
Submitted by:	rwatson
2004-07-18 00:51:56 +00:00
mlaier
8206972537 Merge in a stable fix from OpenBSD:
MFC:
  Fix by dhartmei@

  change pf_route() loop detection: introduce a counter (number of times
  a packet is routed already) in the mbuf tag, allow at most four times.
  Fixes some legitimate cases broken by the previous change.

Reviewed by:	dhartmei
2004-07-17 17:15:15 +00:00
mlaier
d86bbc28a5 Import from OpenBSD stable branch 2004-07-17 17:06:41 +00:00
mlaier
512e25ff0c Define semantic of M_SKIP_FIREWALL more precisely, i.e. also pass associated
icmp_error() packets. While here retire PACKET_TAG_PF_GENERATED (which
served the same purpose) and use M_SKIP_FIREWALL in pf as well. This should
speed up things a bit as we get rid of the tag allocations.

Discussed with:	juli
2004-07-17 05:10:06 +00:00
phk
c56c18c56a Send the fla driver in the Attic 2004-07-13 17:44:17 +00:00
darrenr
592d9d0570 Clean up a bunch of white-space difference with IPFilter source as well as
remove some superfluous assignments for .d_version/.d_flags in a cdevsw
structure initialisation that never sees the light of day in FreeBSD.
2004-07-11 10:13:05 +00:00
harti
00f69125b4 Virgin import of NgATM share kernel/user part 1.0 2004-07-08 16:39:03 +00:00
harti
72f812830f This commit was generated by cvs2svn to compensate for changes in r131826,
which included commits to RCS files with non-trunk default branches.
2004-07-08 16:39:03 +00:00
marks
5d8d564126 Local change: Allow access to the field if it is within the region
size rounded up to a multiple of the access byte width.  This overcomes
"off-by-one" programming errors in the AML often found in Toshiba
laptops.
2004-07-02 08:38:55 +00:00
marks
166cdec76e Local diff: allow use of the disassembler. 2004-07-02 08:37:56 +00:00
marks
9643d091f6 Unchanged files that are off the vendor branch. 2004-07-02 08:34:19 +00:00
marks
4a971257d3 Vendor import of Intel ACPI-CA 20040527 2004-07-02 08:14:36 +00:00
marks
495d5925ec This commit was generated by cvs2svn to compensate for changes in r131440,
which included commits to RCS files with non-trunk default branches.
2004-07-02 08:14:36 +00:00
darrenr
d82c378cea Mess from update & merge - don't release the ifnet lock twice, just once
and after we're finished with it.
2004-06-29 03:39:06 +00:00
brooks
e1dd867b55 Major overhaul of pseudo-interface cloning. Highlights include:
- Split the code out into if_clone.[ch].
 - Locked struct if_clone. [1]
 - Add a per-cloner match function rather then simply matching names of
   the form <name><unit> and <name>.
 - Use the match function to allow creation of <interface>.<tag>
   vlan interfaces.  The old way is preserved unchanged!
 - Also the match function to allow creation of stf(4) interfaces named
   stf0, stf, or 6to4.  This is the only major user visible change in
   that "ifconfig stf" creates the interface stf rather then stf0 and
   does not print "stf0" to stdout.
 - Allow destroy functions to fail so they can refuse to delete
   interfaces.  Currently, we forbid the deletion of interfaces which
   were created in the init function, particularly lo0, pflog0, and
   pfsync0.  In the case of lo0 this was a panic implementation so it
   does not count as a user visiable change. :-)
 - Since most interfaces do not need the new functionality, an family of
   wrapper functions, ifc_simple_*(), were created to wrap old style
   cloner functions.
 - The IF_CLONE_INITIALIZER macro is replaced with a new incompatible
   IFC_CLONE_INITIALIZER and ifc_simple consumers use IFC_SIMPLE_DECLARE
   instead.

Submitted by:   Maurycy Pawlowski-Wieronski <maurycy at fouk.org> [1]
Reviewed by:    andre, mlaier
Discussed on:	net
2004-06-22 20:13:25 +00:00
darrenr
2d6cb6a6f5 revert section of code that calls netisr_queue() to match v1.33 of this file 2004-06-22 05:20:30 +00:00
darrenr
3194e9d627 #ifdef's for FreeBSD are wrong, causing too many variable declaractions to
disappear.
2004-06-22 05:16:29 +00:00
darrenr
663a79f78b one too many #endif's from the update broke the build 2004-06-22 02:44:06 +00:00
darrenr
2a062b2e41 Update ipfilter from 3.4.31 -> 3.4.35. Some important changes:
* block packets that fail to create state table entries
* only allow non-fragmented packets to influence whether or not a logged
  packet is the same as the one logged before.
* correct the ICMP packet checksum fixing up when processing ICMP errors for NAT
* implement a maximum for the number of entries in the NAT table (NAT_TABLE_MAX
  and ipf_nattable_max)
* frsynclist() wasn't paying attention to all the places where interface
  names are, like it should.
* fix comparing ICMP packets with established TCP state where only 8 bytes
  of header are returned in the ICMP error.

MFC after:	1 week
2004-06-21 22:46:36 +00:00
darrenr
88e219ce9d Import ipfilter 3.4.35 (destinated for RELENG_4) to vendor branch 2004-06-21 22:26:10 +00:00
phk
fd4160c6e9 Add missing <sys/module.h> include.
Approved by:	sam
2004-06-18 08:53:55 +00:00
mlaier
9acfe1e733 Import two fixes from the OpenBSD stable branch:
- prevent an endless loop with route-to lo0, fixes PR 3736 (dhartmei@)
 - The rule_number parameter for pf_get_pool() needs to be 32 bits, not 8 -
   this fixes corruption of the address pools with large rulesets.
   (mcbride@, pb@)

Reviewed-by:	dhartmei
2004-06-17 16:59:47 +00:00
mlaier
9cf281edfa Import OpenBSD stable branch. 2004-06-17 16:52:25 +00:00
mlaier
5eba798674 Commit pf version 3.5 and link additional files to the kernel build.
Version 3.5 brings:
 - Atomic commits of ruleset changes (reduce the chance of ending up in an
   inconsistent state).
 - A 30% reduction in the size of state table entries.
 - Source-tracking (limit number of clients and states per client).
 - Sticky-address (the flexibility of round-robin with the benefits of
   source-hash).
 - Significant improvements to interface handling.
 - and many more ...
2004-06-16 23:24:02 +00:00
mlaier
e31d6b9346 Import pf from OpenBSD 3.5 (OPENBSD_3_5_BASE) 2004-06-16 23:03:14 +00:00
mlaier
27ecf76342 This commit was generated by cvs2svn to compensate for changes in r130610,
which included commits to RCS files with non-trunk default branches.
2004-06-16 23:03:14 +00:00
phk
dfd1f7fd50 Do the dreaded s/dev_t/struct cdev */
Bump __FreeBSD_version accordingly.
2004-06-16 09:47:26 +00:00
mlaier
eedef68f32 Disable "bulk dequeue" when enabling ALTQ so it does not irritate the
timing.
2004-06-15 23:59:37 +00:00
mlaier
de92edb6b4 Transform tbr_dequeue into a function pointer in order to build drivers with
ALTQ enabled versions of IFQ_* macros by default, as requested by serveral
others. This is a follow-up to the quick fix I committed yesterday which
turned off the ALTQ checks for non-ALTQ kernels.
2004-06-15 01:45:19 +00:00
mlaier
0633de661d Remove some more leftover from the old pfaltq_module hack to allow for
kernels w/ pf, but w/o altq.

Reported-by:	 Xin LI
2004-06-14 16:13:05 +00:00
mlaier
8b6bc5b3c0 #if out an old leftover in the KAME code. opt_cpu.h is no longer useful here
and breaks build on some arch.

Found-by:	tinderbox
2004-06-13 22:52:38 +00:00
mlaier
b173c880aa Prepare pf for building with ALTQ:
- remove old pfaltq module linkage
 - move pfaltq_running to pf_ioctl.c It is protected by PF_LOCK()
2004-06-13 01:36:31 +00:00
mlaier
8a4d60fb93 Add an additional queue which will be "owned by the driver". This allows to
rig a PREPEND macro for ALTQ as the POLL/DEQUEUE semantic is very bad in
terms of locking. We make this a full functional queue to allow "bulk
dequeue" which will further reduce the locking overhead (for non-altq
enabled devices). Drivers will access this via the following macros, which
will show up in <net/if_var.h> once we expose ALTQ to the build:

IFQ_DRV_DEQUEUE(ifq, m)	- takes a mbuf off the queue (driver queue first)
IFQ_DRV_PREPEND(ifq, m)	- pushes a mbuf back to the driver queue
IFQ_DRV_PURGE(ifq)	- drops all packets in both queues
IFQ_DRV_IS_EMPTY(ifq)	- checks for pending mbufs in either queue

One has to make sure that the first three are protected by a driver mutex.
At the moment most network drivers still require Giant, so this is not an
issue. Even those that have thier own mutex usually hold it in if_start and
the like, so this requirement is almost always satisfied.

This evolved from a discussion with Andrew Gallatin.
2004-06-12 18:47:24 +00:00
mlaier
688a18235f FreeBSD-ify ALTQ:
- add locking
 - disable ALTQ3_COMPAT by default (do not remove the code to keep the diff
   towards KAME small)
 - put some more code under ALTQ3 conditional compilation as it should be
 - account for if_xname
 - some more minor compile fixes

As people started wondering:
The strange path layout "altq/altq" is there to avoid "-Isys/contrib" and
make it "-Isys/contrib/altq" instead, as we will need at least <altq/altq.h>
and <altq/if_altq.h> for kernel compilation.

The "freebsd4_..." in the privious commit is just the best tag name in the
KAME tree I could find to classify this in order to track its history. It
does *not* mean that this will go to 4-STABLE or anything of that kind.
2004-06-12 00:57:20 +00:00
mlaier
f63b9ad6be This commit was generated by cvs2svn to compensate for changes in r130365,
which included commits to RCS files with non-trunk default branches.
2004-06-12 00:10:21 +00:00
mlaier
095b2e5fcf Import parts of the ALTQ framework from latest KAME snapshot (which is up to
HEAD at this point). This will not exactly live in a vendor branch, but have
the vendor backing to make it easier to exchange diffs.

This will be followed by a diff which takes most of the .c files off the
vendor branch in order to:
 - add locking
 - disable ALTQ3_COMPAT code (which is outdated and "un-lockable")

There is work in progress to refine the configuration API. Import this "as
is" now to have more exposure time before 5-STABLE.

This is only the import, it will be some more days until you will actually
be able to compile ALTQ support into your kernel so don't hold your breath.
HEADUPs will be posted on current@ and net@ before this is actually enabled.

No-objection:	re(scottl), core(rwatson)
2004-06-12 00:10:21 +00:00
darrenr
10c0032386 Recognise NOINET6 as an indication to not build IPv6 enabled source even
if FreeBSD header files, etc, support it.

Submitted by:	Sergey Mokryshev <mokr@mokr.net>
2004-06-08 23:52:22 +00:00
mlaier
03517ac71a "Get rid of the nested include of <sys/module.h> from <sys/kernel.h>" or
better do no longer depend on it.

Requested-by:	phk
Approved-by:	bms(mentor)
2004-05-31 22:48:19 +00:00
phk
30a7ac8468 Add missing #include <sys/module.h> 2004-05-30 20:34:58 +00:00
njl
0d6049326d Remove a warning of a constant that is too large. Change submitted to
vendor.
2004-05-25 03:06:37 +00:00
njl
2c647855a3 This commit was generated by cvs2svn to compensate for changes in r129694,
which included commits to RCS files with non-trunk default branches.
2004-05-25 03:06:37 +00:00
njl
a714b78fea Local change: allow usermode to compile this header. Submitted to vendor. 2004-05-25 02:41:49 +00:00
njl
43f044bb8c Local change: don't hang forever if WAK_STS is never set. 2004-05-25 02:41:19 +00:00
njl
f5f00ea0ad Local change: remove warnings. 2004-05-25 02:40:48 +00:00
njl
d68881dc5f Local diff: allow use of the disassembler. 2004-05-25 02:39:46 +00:00
njl
437cac5b15 Unchanged files that are off the vendor branch. 2004-05-25 02:39:01 +00:00
njl
7dda61e34c Vendor import of Intel ACPI-CA 20040514. 2004-05-25 02:34:44 +00:00
njl
8264817ec5 This commit was generated by cvs2svn to compensate for changes in r129684,
which included commits to RCS files with non-trunk default branches.
2004-05-25 02:34:44 +00:00
marcel
19196476e4 Update to BETA 7. Besides C++ support, which is irrelevant to us,
this version mostly has bugs fixes.
2004-05-09 03:06:25 +00:00
marcel
7cd85074fc This commit was generated by cvs2svn to compensate for changes in r129059,
which included commits to RCS files with non-trunk default branches.
2004-05-09 03:06:25 +00:00
njl
394d08093f Add sys/types.h for both kernel and user compiles. 2004-05-05 20:02:02 +00:00
dhartmei
56d46e84bd Commit three imported bugfixes from OpenBSD 3.4-stable:
- change pf_get_pool() argument rule_number type from u_int32_t
    to u_int8_t, fixes corruption of address pools with large
    rulesets (mcbride@)
  - prevent endless loops with route-to (dhartmei@)
  - limit option length to 2 octets max (frantzen@)

Obtained from:	OpenBSD
Approved by:	mlaier(mentor), bms(mentor)
2004-05-02 20:47:24 +00:00
dhartmei
f3b4bd55ea Import OpenBSD 3.4-stable fixes 2004-05-02 19:43:28 +00:00
njl
7cac239792 Remove warnings from vendor files. This takes some files off the vendor
branch but they have indicated they will not fix these warnings.
2004-04-14 18:12:29 +00:00
njl
e3d67bca30 Even though the patch has been submitted to the vendor, this file is off
the vendor branch.  Once more, with feeling!
2004-04-14 16:52:19 +00:00
njl
dddb7af88f Only avoid disabling bus mastering on the sleep path. This should fix
power off for some users.  The patch has been submitted to Intel.

Bug:	http://bugme.osdl.org/show_bug.cgi?id=2109
2004-04-14 16:50:32 +00:00
njl
fcb88d0194 Check in files with local changes:
* In the resume path, give up after waiting for a while
for WAK_STS to be set.  Some BIOSs never set it.

* Allow access to the field if it is within the region size rounded
up to a multiple of the access byte width.  This overcomes "off-by-one"
programming errors in the AML often found in Toshiba laptops.
2004-04-14 02:17:00 +00:00
njl
fbcf6e9700 Check in unmodified files off the vendor branch. 2004-04-14 02:14:51 +00:00
njl
3c67c2e8d5 Import ACPI-CA 20040402 distribution. 2004-04-14 02:10:27 +00:00
njl
565e13e588 This commit was generated by cvs2svn to compensate for changes in r128212,
which included commits to RCS files with non-trunk default branches.
2004-04-14 02:10:27 +00:00
njl
ac3f2a8703 Add another cleanfile for future imports. 2004-04-14 02:03:33 +00:00
brooks
6a86b01672 Staticize <if>_clone_{create,destroy} functions.
Reviewed by:	mlaier
2004-04-14 00:57:49 +00:00
mlaier
d2fa2c987e Commit import of OpenBSD-stable fix:
Fix by dhartmei@ and mcbride@
 1.433
 Properly m_copyback() modified TCP sequence number after demodulation
 1.432
 Fix icmp checksum when sequence number modlation is being used.
 Also fix a daddr vs saddr cut-n-paste error in ICMP error handling.

 Fixes PR 3724

Obtained from:	OpenBSD
Reviewed by:	dhartmei
Approved by:	rwatson
2004-04-11 17:35:40 +00:00
mlaier
3ec847e868 Import another fix from the OpenBSD-Stable branch:
Fix by dhartmei@ and mcbride@
 1.433
 Properly m_copyback() modified TCP sequence number after demodulation
 1.432
 Fix icmp checksum when sequence number modlation is being used.
 Also fix a daddr vs saddr cut-n-paste error in ICMP error handling.

 Fixes PR 3724
2004-04-11 17:28:22 +00:00
imp
b49b7fe799 Remove advertising clause from University of California Regent's
license, per letter dated July 22, 1999 and email from Peter Wemm,
Alan Cox and Robert Watson.

Approved by: core, peter, alc, rwatson
2004-04-07 20:46:16 +00:00
njl
8b7744ab53 Unbreak the bootloader build by excluding ctype.h.
Submitted by:	Stefan Farfeleder <stefan@fafoe.narf.at>
2004-04-05 17:30:15 +00:00
njl
90325c0beb Add #include for ctype.h to cover strupr() in the !_KERNEL case.
Submitted by:	Stefan Farfeleder <stefan@fafoe.narf.at>
2004-04-05 04:03:09 +00:00
mlaier
640f7d2a9b Shut up a couple of annoying gcc warnings. Do not enclose the fixes with
#ifdefs in order to loop it back to OpenBSD after the next import. There are
a some implicit asserts involved which might be better spelled out
explicitly (af == AF_INET ...)

Approved by:	bms(mentor)
2004-03-30 18:28:30 +00:00
imp
314f26c8ec Eliminate support for FreeBSD 3.x and earlier now that we're in the
glide path for the 5.x branch.
2004-03-29 21:10:05 +00:00
mlaier
3709170070 Commit two fixes from OpenBSD's stable branch:
- Fix binat for incoming connections when a netblock (not just a single
  address) is used for source in the binat rule. closes PR 3535, reported by
  Karl O.Pinc. ok henning@, cedric@

- Fix a problem related to empty anchor rulesets, which could cause a kernel
  panic.

Approved by:	bms(mentor)
2004-03-28 20:04:12 +00:00
mlaier
9a8a4d8edb Import two fixes from OpenBSD's stable branch:
- Fix binat for incoming connections when a netblock (not just a single
  address) is used for source in the binat rule. closes PR 3535, reported by
  Karl O.Pinc. ok henning@, cedric@

- Fix a problem related to empty anchor rulesets, which could cause a kernel
  panic.

Approved by:	bms(mentor)
2004-03-28 19:31:37 +00:00
njl
9fc7ca0491 Revert 1.22. Go back to "FreeBSD" as our _OS value. Since we now support
_OSI, we can claim compatibility with MS products without claiming to BE
one.  :-)
2004-03-22 20:11:49 +00:00
njl
8060f9608c Check in files off the vendor branch as well as files with local patches. 2004-03-18 17:46:27 +00:00
njl
61c302fc07 Import of Intel ACPI-CA 20040311. 2004-03-18 17:42:14 +00:00
njl
77bf2c203e This commit was generated by cvs2svn to compensate for changes in r127175,
which included commits to RCS files with non-trunk default branches.
2004-03-18 17:42:14 +00:00
mlaier
01e7b3342e Style(9) round for the pf kernel parts. Mostly #if defined() -> #ifdef
Also set HOOK_HACK to true (remove the related #ifdef's) as we have the
hooks in the kernel this was missed during the merge from the port.

Noticed by:	Amir S.	(for the HOOK_HACK part)
Approved by:	bms(mentor)
2004-03-17 21:11:02 +00:00
njl
05a1f56fc9 Convert callers to the new bus_alloc_resource_any(9) API.
Submitted by:	Mark Santcroos <marks@ripe.net>
Reviewed by:	imp, dfr, bde
2004-03-17 17:50:55 +00:00
mlaier
08af5a76fe Remove `$Name$' leftovers from the port version reporting.
Noticed by:	Craig Rodrigues
Approved by:	bms(mentor)
2004-03-10 15:08:21 +00:00
njl
02a9c630fe Part 2 of Project Evil: Pretend to be Windows 2000 for buggy ASL that
always expects to be running on some MS OS.  A survey of ASL shows that
this is the 2nd most common expected OS value.  (1st is Win98 and we don't
emulate its buggy ACPI support.)  Our ACPI support is similar to Win2k,
also.  Put this behavior under ACPICA_PEDANTIC so we can get back to our
previous behavior for OSV testing.
2004-03-04 05:57:41 +00:00
njl
d4d5fa01f8 Remove these on the vendor branch as we no longer import them (and some
were never used).

CVS surgery credit:	joe
2004-03-03 05:47:09 +00:00
njl
670ef1b2eb This commit was generated by cvs2svn to compensate for changes in r126520,
which included commits to RCS files with non-trunk default branches.
2004-03-03 05:47:09 +00:00
mlaier
bc8fb96519 Remove __inline keyword from functions that can't be inlined according to
LINT. This fixes LINT compliation for now, but needs to be revised.
Changes do not affect the objects.

Approved by:	bms(mentor)
2004-02-29 16:34:43 +00:00