1092 Commits

Author SHA1 Message Date
Robert Watson
09daf1c828 Add support for audit pipe special devices, which allow user space
applications to insert a "tee" in the live audit event stream.  Records
are inserted into a per-clone queue so that user processes can pull
discreet records out of the queue.  Unlike delivery to disk, audit pipes
are "lossy", dropping records in low memory conditions or when the
process falls behind real-time events.  This mechanism is appropriate
for use by live monitoring systems, host-based intrusion detection, etc,
and avoids applications having to dig through active on-disk trails that
are owned by the audit daemon.

Obtained from:	TrustedBSD Project
2006-02-06 22:50:39 +00:00
Robert Watson
c9d97251e3 Alphabetize. 2006-02-06 22:34:29 +00:00
Matt Jacob
df7418f32f !$(*&!($!&$(!&$&(!$(&!&($!($
Forget to commit this.
2006-02-03 00:36:19 +00:00
Robert Watson
07881ef960 Add 'options AUDIT' and associate various .c files with the AUDIT
option.  We always build audit_syscalls.c so that the system call
stubs can return ENOSYS rather than the system call code
generating SIGSYS for the system calls.  We are not yet ready to
add AUDIT to LINT, as the prototypes for system call arguments
won't be there until after the system calls for audit are added.

Much work from:	wsalamon
Obtained from:	TrustedBSD Project
2006-02-01 21:00:16 +00:00
Andre Oppermann
1dfcf0d2a3 Move the IPSEC related code blocks to their own file to unclutter
and signifincantly improve the readability of ip_input() and
ip_output() again.

The resulting IPSEC hooks in ip_input() and ip_output() may be
used later on for making IPSEC loadable.

This move is mostly mechanical and should preserve current IPSEC
behaviour as-is.  Nothing shall prevent improvements in the way
IPSEC interacts with the IPv4 stack.

Discussed with:	bz, gnn, rwatson; (earlier version)
2006-02-01 13:55:03 +00:00
Marius Strobl
44ac0964e9 Hook up le(4) to the build. For now it's only added to the sparc64 GENERIC
in order to support the on-board LANCE in Ultra 1 and to the MI NOTES as
it should work just fine with the AMD PCnet family of chips on all archs
but is not yet meant to replace lnc(4). If a kernel includes all of le(4),
lnc(4) and pcn(4) precedence is given to lnc(4)/pcn(4) for now.
2006-01-31 22:34:13 +00:00
Pawel Jakub Dawidek
847a2a1716 Add buffer corruption protection (RedZone) for kernel's malloc(9).
It detects both: buffer underflows and buffer overflows bugs at runtime
(on free(9) and realloc(9)) and prints backtraces from where memory was
allocated and from where it was freed.

Tested by:	kris
2006-01-31 11:09:21 +00:00
Max Laier
6aec1278dc firmware(9) is a subsystem to load binary data into the kernel via a
specially crafted module.  There are several handrolled sollutions to this
problem in the tree already which will be replaced with this.  They include
iwi(4), ipw(4), ispfw(4) and digi(4).

No objection from:	arch
MFC after:		2 weeks
X-MFC after:		some drivers have been converted
2006-01-29 02:52:42 +00:00
John Baldwin
3f08bd8bce Add a basic reader/writer lock implementation to the kernel. This
implementation is by no means perfect as far as some of the algorithms
that it uses and the fact that it is missing some functionality (try
locks and upgrades/downgrades are not there yet), however it does seem
to work in my local testing.  There is more detail in the comments in the
code, but the short version follows.

A reader/writer lock is very much like a regular mutex: it cannot be held
across a voluntary sleep; it can be acquired in an interrupt thread; if
the lock is held by a writer then the priority of any threads that block
on the lock will be lent to the owner; the simple case lock operations all
are done in a single atomic op.  It also shares some similiarities
with sx locks: it supports reader/writer semantics (multiple readers,
but single writers); readers are allowed to recurse, but writers are not.

We can extend this implementation further by either improving algorithms
or adding new functionality, but this should at least give us a base to
work with now.

Reviewed by:	arch (in theory)
Tested on:	i386 (4 cpu box with a kernel module that used 4 threads
		that randomly chose between read locks and write locks
		that ran w/o panicing for over a day solid.  It usually
		panic'd within a few seconds when there were bugs during
		testing. :)  The kernel module source is available on
		request.)
2006-01-27 23:13:26 +00:00
Olivier Houchard
12af2a0f4f Bring in a sysv-style pts implementation, as found in the rwatson_pts perforce branch. It works the same as its SysV/linux counterpart : You obtain a fd to the master pseudo terminal by opening /dev/ptmx, which craetes a node for the master as /dev/pty[num] and a node for the slave as /dev/pts/[num].
It should play nicely with the existing BSD ptys.
By default, the system will use the BSD ptys, one can set the sysctl
kern.pts.enable to 1 to make it use the new pts system.
The max number of pty that can be allocated on a system can be changed with the
sysctl kern.pts.max. It defaults to 1000, and can be increased, but it is not
recommanded, as any pty with a number > 999 won't be handled by whatever uses
utmp(5).
2006-01-26 01:30:34 +00:00
Doug Ambrisko
084500bc13 Add in the Linux IOCTL shim and create the megadev0 device so
Linux LSI MegaRaid tools can run on FreeBSD until Linux emulation.

Add in the Linux IOCTL shim and create the megadev0 device so
Linux LSI MegaRaid tools can run on FreeBSD until Linux emulation.

Add glue to build the modules but don't tie it into the build
yet until I test it from the CVS repo. via the mirror on an
amd64 machine.

Tie this into the Linux32 emulation on amd64 so the tools can
run on amd64 kernel.

Cleaned up by:	ps (amr_linux.c)
2006-01-24 21:13:50 +00:00
John Baldwin
83a81bcb14 Add a new file (kern/subr_lock.c) for holding code related to struct
lock_obj objects:
- Add new lock_init() and lock_destroy() functions to setup and teardown
  lock_object objects including KTR logging and registering with WITNESS.
- Move all the handling of LO_INITIALIZED out of witness and the various
  lock init functions into lock_init() and lock_destroy().
- Remove the constants for static indices into the lock_classes[] array
  and change the code outside of subr_lock.c to use LOCK_CLASS to compare
  against a known lock class.
- Move the 'show lock' ddb function and lock_classes[] array out of
  kern_mutex.c over to subr_lock.c.
2006-01-17 16:55:17 +00:00
Poul-Henning Kamp
d3e64681d6 Move the old BSD4.3 tty compatibility from (!BURN_BRIDGES && COMPAT_43)
to COMPAT_43TTY.

Add COMPAT_43TTY to NOTES and */conf/GENERIC

Compile tty_compat.c only under the new option.

Spit out
	#warning "Old BSD tty API used, please upgrade."
if ioctl_compat.h gets #included from userland.
2006-01-10 09:19:10 +00:00
Takanori Watanabe
3db831b3d2 Add ufoma drivers in 'files', too. 2006-01-09 17:49:21 +00:00
Joel Dahl
838036242a Remove references to snd_vortex1(4).
Approved by:	tanimura, ariff
2006-01-04 17:05:19 +00:00
Warner Losh
47147ce799 Implement /dev/cardbus%d.cis, same thing as /dev/pccard%d.cis. There
are some rough edges with this still, but it seems to work well enough
to commit.
2005-12-29 01:43:47 +00:00
Ruslan Ermilov
4d5f30e06e Drivers for AMD-8111 and NVIDIA nForce2/3/4 SMBus 2.0 controllers. 2005-12-21 15:49:51 +00:00
John Baldwin
2aacedb237 Add a vgapci(4) stub device driver for VGA PCI devices. This device serves
as a bus so that other drivers such as drm(4), acpi_video(4), and agp(4)
can attach to it thus allowing multiple drivers for the same device.  It
also removes the need for the drmsub hack for the i8[13]0/i915 drm and agp
drivers.
2005-12-20 22:35:39 +00:00
John Baldwin
5b2119223e Move the hostb driver out of the i386 and amd64 PCI code (where it was
duplicated anyways) and into a single MI driver.  Extend the driver a bit
to implement the bus and PCI kobj interfaces such that other drivers can
attach to it and transparently act as if their parent device is the PCI
bus (for the most part).
2005-12-20 21:09:45 +00:00
Craig Rodrigues
e1fd210e51 Hook XFS into kernel build. 2005-12-12 01:14:59 +00:00
Scott Long
73c8420784 The if_ti Tigon I/II driver has moved to /sys/dev/ti 2005-12-10 00:38:33 +00:00
Jung-uk Kim
848c454cc1 Add BPF Just-In-Time compiler support for ng_bpf(4).
The sysctl is changed from net.bpf.jitter.enable to net.bpf_jitter.enable
and this controls both bpf(4) and ng_bpf(4) now.
2005-12-07 21:30:47 +00:00
Jung-uk Kim
ae275efcae Add experimental BPF Just-In-Time compiler for amd64 and i386.
Use the following kernel configuration option to enable:

	options BPF_JITTER

If you want to use bpf_filter() instead (e. g., debugging), do:

	sysctl net.bpf.jitter.enable=0

to turn it off.

Currently BIOCSETWF and bpf_mtap2() are unsupported, and bpf_mtap() is
partially supported because 1) no need, 2) avoid expensive m_copydata(9).

Obtained from:	WinPcap 3.1 (for i386)
2005-12-06 02:58:12 +00:00
Eric Anholt
69b9fffc84 Merge DRM CVS as of 2005-12-02, adding i915 DRM support thanks to Alexey Popov,
and a new r300 PCI ID.
2005-12-03 01:23:50 +00:00
Eric Anholt
9fb0767374 Update DRM to CVS snapshot as of 2005-11-28. Notable changes:
- S3 Savage driver ported.
- Added support for ATI_fragment_shader registers for r200.
- Improved r300 support, needed for latest r300 DRI driver.
- (possibly) r300 PCIE support, needs X.Org server from CVS.
- Added support for PCI Matrox cards.
- Software fallbacks fixed for Rage 128, which used to render badly or hang.
- Some issues reported by WITNESS are fixed.
- i915 module Makefile added, as the driver may now be working, but is untested.
- Added scripts for copying and preprocessing DRM CVS for inclusion in the
  kernel.  Thanks to Daniel Stone for getting me started on that.
2005-11-28 23:13:57 +00:00
Ruslan Ermilov
a8e06f2a52 Make config(8) understand ORed dependecies in "files*" and
improve tracking of known devices.  Bump config(8) version.
2005-11-27 21:41:58 +00:00
Ariff Abdullah
d5688b6a5b Support for ATI IXP 200 / 300 / 400 series audio controllers. 2005-11-27 03:29:59 +00:00
David Xu
655291f2ae Bring in experimental kernel support for POSIX message queue. 2005-11-26 12:42:35 +00:00
Ruslan Ermilov
20209868a2 Whitespace. 2005-11-25 22:36:40 +00:00
Marius Strobl
d03dab6576 Move zs.c from files to files.powerpc as zs(4) by now is only supported
on powerpc (more or less...). That way people updating from FreeBSD 5 to
FreeBSD 6 and beyond on sparc64 will get an error from config(8) rather
than a mysterious compile error when they have a stale 'device zs' in
their kernel config file.

MFC after:	2 weeks
2005-11-22 17:12:49 +00:00
Andre Oppermann
ef39adf007 Consolidate all IP Options handling functions into ip_options.[ch] and
include ip_options.h into all files making use of IP Options functions.

From ip_input.c rev 1.306:
  ip_dooptions(struct mbuf *m, int pass)
  save_rte(m, option, dst)
  ip_srcroute(m0)
  ip_stripoptions(m, mopt)

From ip_output.c rev 1.249:
  ip_insertoptions(m, opt, phlen)
  ip_optcopy(ip, jp)
  ip_pcbopts(struct inpcb *inp, int optname, struct mbuf *m)

No functional changes in this commit.

Discussed with:	rwatson
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-11-18 20:12:40 +00:00
Vinod Kashyap
ff1625c61d twa corresponding to the 9.3.0.1 release on the 3ware website. This driver has
support for the 9xxxSX controllers, along with the earlier 9xxxS series
controllers.
2005-11-08 22:51:43 +00:00
Jung-uk Kim
e8d472a7af Catch up with ACPI-CA 20051021 import 2005-11-01 22:44:08 +00:00
Poul-Henning Kamp
f6868f848c Tie acpi_hpet.c into the module and kernel. 2005-10-31 21:40:40 +00:00
Joerg Wunsch
9b229abc8f Finally complete some work on generalizing the PCF8584-based I2C
drivers I started quite some time before.

Retire the old i386-only pcf driver, and activate the new general
driver that has been sitting in the tree already for quite some
time.

Build the i2c modules for sparc64 architectures as well (where I've
been developing all this on).
2005-10-28 15:58:19 +00:00
Nate Lawson
71a5cd7f7d Hook acpi_smbat up to the build. 2005-10-23 00:22:02 +00:00
Ruslan Ermilov
f3f9e7ae9b Remove duplicate entry. 2005-10-20 20:51:30 +00:00
Warner Losh
d0f68000b1 Move dc sources from pci and dev/mii into dev/dc. 2005-10-18 06:11:59 +00:00
John Baldwin
021eda1d85 Remove the sx(4) driver at the request of the author. The author
originally wrote it for 4.x and hasn't really had the time to fully update
it to 5.x and later.  Also, the author doesn't use the hardware anymore as
well.  If someone does need this driver they can always resurrect it from
the Attic.

Requested by:	Frank Mayhar frank at exit dot com
2005-10-14 18:24:58 +00:00
Pawel Jakub Dawidek
24f8c87b41 Backout strtok() addition to libkern, strsep() is enough and strtok()
is not safe.

Discussed with:	stefanf, njl
2005-10-06 19:06:07 +00:00
Pawel Jakub Dawidek
5e66cbaeaf Add strtok() and strtok_r() function to libkern.
MFC after:	2 weeks
2005-10-06 11:10:09 +00:00
Warner Losh
48ce90210f Include forgotten rtl80x9 file for ed. 2005-10-05 21:56:27 +00:00
Scott Long
2bc6081c9f Reintroduce the lmc T1/E1/T3 WAN driver. This version is locked, supports
interface polling, compiles on 64-bit platforms, and compiles on NetBSD,
OpenBSD, BSD/OS, and Linux.  Woo!  Thanks to David Boggs for providing this
driver.

Altq, sppp, netgraph, and bpf are required for this driver to operate.
Userland tools and man pages will be committed next.

Submitted by: David Boggs
2005-10-03 07:05:34 +00:00
Alexander Leidinger
4406886f5e Soft volume implementation for audio devices without pcm mixer controller.
Submitted by:	Ariff Abdullah <skywizard@MyBSD.org.my>
Tested by:	multimedia@
2005-10-02 15:31:03 +00:00
Max Laier
b6de9e91bd Remove bridge(4) from the tree. if_bridge(4) is a full functional
replacement and has additional features which make it superior.

Discussed on:	-arch
Reviewed by:	thompsa
X-MFC-after:	never (RELENG_6 as transition period)
2005-09-27 18:10:43 +00:00
Warner Losh
852999de55 Add pccard_device.c 2005-09-20 06:48:55 +00:00
Poul-Henning Kamp
718039953a sample.c needs ath magic include path 2005-09-19 12:09:33 +00:00
Poul-Henning Kamp
346fa63189 Add tnt4882 driver to the build 2005-09-15 13:28:33 +00:00
David E. O'Brien
d85986ec1c Don't pollute the entire kernel build with -I$S/contrib/dev/ath and
-I$S/contrib/dev/ath/freebsd.  "ATH_BUILDING_FROM_SOURCE" can be defined to
globally get back -I$S/contrib/dev/ath.
2005-09-11 03:38:18 +00:00
David E. O'Brien
7014a50853 Don't pollute the entire kernel build with -I$S/contrib/ipfilter. 2005-09-11 02:27:34 +00:00