compiled conditionally on options CAPABILITIES:
Add a new credential flag, CRED_FLAG_CAPMODE, which indicates that a
subject (typically a process) is in capability mode.
Add two new system calls, cap_enter(2) and cap_getmode(2), which allow
setting and querying (but never clearing) the flag.
Export the capability mode flag via process information sysctls.
Sponsored by: Google, Inc.
Reviewed by: anderson
Discussed with: benl, kris, pjd
Obtained from: Capsicum Project
MFC after: 3 months
constant to indicate that a system call (or perhaps an operation requested
via a system call) is not permitted for a capability mode process.
Submitted by: anderson
Sponsored by: Google, Inc.
Obtained from: Capsicum Project
MFC after: 1 week
the RTT that a flow will build up in buffers in
transit. It is a slight modification to RFC2581
but is more friendly i.e. less aggressive.
MFC after: 3 months
- Use vm_paddr_t for pa in pmap_steal_memory()
- Use uintmax_t and %jx to ensure that physical address are printed
correctly in cpu_startup() and pmap_bootstrap()
operation. Previously ownership was transferred to hardware before
setting address of new RX buffer such that it was possible for
hardware to use wrong RX buffer address.
While here keep compiler from re-ordering instructions by declaring
descriptor members volatile. Memory barriers would do the same job
but volatile is supposed to be cheaper than using memory barriers,
especially on MP systems.
Submitted by: marius
MFC after: 1 week
Rename ...write_bytes... to ...write_records..., that's what they do.
Move writer .h stuff into writer private .h file.
Change logic in writer to support both fifolog usage in FreeBSD and
Measured usage better, by always using an input buffer.
Various cleanups.
Few new things available from now on:
- Data deduplication.
- Triple parity RAIDZ (RAIDZ3).
- zfs diff.
- zpool split.
- Snapshot holds.
- zpool import -F. Allows to rewind corrupted pool to earlier
transaction group.
- Possibility to import pool in read-only mode.
MFC after: 1 month
It used to choke on the notation "inb (%dx),%al" for "inb %dx,%al"; GNU
as accepts both forms. Which notation is more 'correct' is an open
question. :)
There are several bugfixes in this update, but the most important one is
to ensure __start_ and __stop_ symbols for linker sets and kernel module
metadata are always emitted in object files:
http://llvm.org/bugs/show_bug.cgi?id=9292
Before this fix, if you compiled kernel modules with clang, they would
not be properly processed by kldxref, and if they had any dependencies,
the kernel would fail to load those. Another problem occurred when
attempting to mount a tmpfs filesystem, which would result in 'operation
not supported by device'.
1) Add four new points that allow you to get more information
to cc algo's
2) Fix the case where user changes module on a existing TCB, in
such a case, the initialization module needs to be called on all nets.
3) Move htcp_cc structure to a union that other modules can use.
4) Add 5th point for get/set socket options for cc_module specific options
MFC after: 2 months
