point to mac_check_vnode_unlink(), reflecting UNIX naming conventions.
This is the first of several commits to synchronize the MAC Framework
in FreeBSD 7.0 with the MAC Framework as it will appear in Mac OS X
Leopard.
Reveiwed by: csjp, Samy Bahra <sbahra at gwu dot edu>
Submitted by: Jacques Vidrine <nectar at apple dot com>
Obtained from: Apple Computer, Inc.
Sponsored by: SPARTA, SPAWAR
Approved by: re (bmah)
work present in FreeBSD 7.0 to refine the kernel privilege model:
- Introduce support for jail as a testing variable, in order to
confirm that privileges are properly restricted in the jail
environment.
- Restructure overall testing approach so that privilege and jail
conditions are set in the testing infrastructure before tests
are invoked, and done so in a custom-created process to isolate
the impact of tests from each other in a more consistent way.
- Tests now provide setup and cleanup hooks that occur before and
after the test runs.
- New privilege tests are now present for several audit
privileges, several credential management privileges, dmesg
buffer reading privilege, and netinet raw socket creation.
- Other existing tests are restructured and generally improved as
a result of better framework structure and jail as a variable.
For exampe, we now test that certain sysctls are writable only
outside jail, while others are writable within jail. On a
similar note, privileges relating to setting UFS file flags are
now better exercised, as with the right to chmod and utimes
files.
Approved by: re (bmah)
Obtained from: TrustedBSD Project
- fix the use after free seen when sending packets small enough to fit as an immediate
and bpf peers are present
- update to firmware rev 4.7 along with various small vendor fixes
Supported by: Chelsio
Approved by: re (blanket)
MFC after: 3 days
unusability of OFW consoles. [1]
Try to use trademark entities where appropriate in the "Supported
Processors" section.
Submitted by: kris [1]
Approved by: re (implicitly)
will automatically issue the 16 byte verison of read capacity if the device
in question is larger than 2TB.
There are also a number of output options here (last block, number of
blocks, human readable) that should meet most needs, and also aid in
scripting.
Approved by: re (bmah)
MFC after: 1 week
the recent send code, but uio may be NULL on sendfile
calls. Change to use sndlen variable.
- EMSGSIZE is not being returned in non-blocking mode
and needs a small tweak to look if the msg would
ever fit when returning EWOULDBLOCK.
- FWD-TSN has a bug in stream processing which could
cause a panic. This is a follow on to the codenomicon
fix.
- PDAPI level 1 and 2 do not work unless the reader
gets his returned buffer full. Fix so we can break
out when at level 1 or 2.
- Fix fast-handoff features to copy across properly on
accepted sockets
- Fix sctp_peeloff() system call when no true system call
exists to screen arguments for errors. In cases where a
real system call exists the system call itself does this.
- Fix raddr leak in recent add-ip code change for bundled
asconfs (even when non-bundled asconfs are received)
- Make sure ipi_addr lock is held when walking global addr
list. Need to change this lock type to a rwlock().
- Add don't wake flag on both input and output when the
socket is closing.
- When deleting an address verify the interface is correct
before allowing the delete to process. This protects panda
and unnumbered.
- Clean up old sysctl stuff and get rid of the old Open/Net
BSD structures.
- Add a function to watch the ranges in the sysctl sets.
- When appending in the reassembly queue, validate that
the assoc has not gone to about to be freed. If so
(in the middle) abort out. Note this especially effects
MAC I think due to the lock/unlock they do (or with
LOCK testing in place).
- Netstat patch to get rid of warnings.
- Make sure that no data gets queued to inactive/unconfirmed
destinations. This especially effect CMT but also makes a
impact on regular SCTP as well.
- During init collision when we detect seq number out
of sync we need to treat it like Case C and discard
the cookie (no invarient needed here).
- Atomic access to the random store.
- When we declare a vtag good, we need to shove it
into the time wait hash to prevent further use. When
the tag is put into the assoc hash, we need to remove it
from the twait hash (where it will surely be). This prevents
duplicate tag assignments.
- Move decr-ref count to better protect sysctl out of
data.
- ltrace error corrections in sctp6_usrreq.c
- Add hook for interface up/down to be sent to us.
- Make sysctl() exported structures independent of processor
architecture.
- Fix route and src addr cache clearing for delete address case.
- Make sure address marked SCTP_DEL_IP_ADDRESS is never selected
as src addr.
- in icmp handling fixed so we actually look at the icmp codes
to figure out what to do.
- Modified mobility code.
Reception of DELETE IP ADDRESS for a primary destination and
SET PRIMARY for a new primary destination is used for
retransmission trigger to the new primary destination.
Also, in this case, destination of chunks in send_queue are
changed to the new primary destination.
- Fix so that we disallow sending by mbuf to ever have EEOR
mode set upon it.
Approved by: re@freebsd.org (B Mah)
additional flags to many function calls. The flags only
get used in BSD when we compile with lock testing. These
flags allow apple to escape the "giant" lock it holds on
the socket and have more fine-grained locking in the NKE.
It also allows us to test (with witness) the locking used
by apple via a compile switch (manually applied).
Approved by: re@freebsd.org(B Mah)
with section header tables residing in between other sections.
Introduce additional checks for overlaps between section data and
the section header table when the application is performing section
layout.
Document additional error returns.
Reported by: Kai Wang <kaiw27 at gmail dot com>
Approved by: re (rwatson)
- Fix copyrights, comments in UDPv6.
- Remove macro defines for in6pcb and udp6stat.
- Consistently refer to inpcbs as 'inp' and not also 'in6p'.
Reviewed by: gnn, jinmei, bz
Approved by: re (bmah)
TCP timers as a single timer, but retain the API changes necessary to
reintroduce this change. This will back out the source of at least two
reported problems: lock leaks in certain timer edge cases, and TCP timers
continuing to fire after a connection has closed (a bug previously fixed and
then reintroduced with the timer rewrite).
In a follow-up commit, some minor restylings and comment changes performed
after the TCP timer rewrite will be reapplied, and a further change to allow
the TCP timer rewrite to be added back without disturbing the ABI. The new
design is believed to be a good thing, but the outstanding issues are
leading to significant stability/correctness problems that are holding
up 7.0.
This patch was generated by silby, but is being committed by proxy due to
poor network connectivity for silby this week.
Approved by: re (kensmith)
Submitted by: silby
Tested by: rwatson, kris
Problems reported by: peter, kris, others
that can lead to a panic when the stick is yanked.
- make sure that zyd_attach() returns 0 or errno.
Submitted by: Weongyo Jeong <weongyo.jeong@gmail.com>
Reported by: Ted Lindgreen <ted@tednet.nl>
Reviewed by: sam
Approved by: re (blanket wireless)
- ng_h4(4) MPSAFE
- ng_ppp(4) MPSAFE + MFC
- zyd(4) added
- cpufreq(4) in GENERIC
Modified release notes:
- cached(8) renamed to nscd(8), also moved entry to now correct place
- Camellia is now supported in geli(8) as well
Approved by: re (blanket)
with the INTR_FILTER-enabled MI code. Basically this consists of
registering an interrupt controller (of which there can be multiple
and optionally different ones either per host-to-foo bridge or shared
amongst host-to-foo bridges in any one machine) along with an interrupt
vector as specific argument for all the interrupt vectors used by a
given host-to-foo bridge (roughly similar to registering interrupt
sources on amd64 and i386), providing functions to enable, clear and
disable the interrupts of the children beneath the bridge.
This also includes:
- No longer entering a critical section in tl0_intr() and tl1_intr()
for executing interrupt handlers but rather let the handlers enter
it themselves so in the case of intr_event_handle() we don't enter
a nested critical section.
- Adding infrastructure for binding delivery of interrupt vectors to
specific CPUs which later on can be interfaced with the code from
amd64/i386 for binding interrupts to specific CPUs.
- Getting rid of the wrapper hack introduced along the lines of the
API changes for INTR_FILTER which as a side-effect caused interrupts
associated with ithread handlers only to get the elevated priority
of those associated with filters ("fast handlers") (this removes the
hack also in the non-INTR_FILTER case).
- Disabling (by not clearing) an interrupt in the interrupt controller
until all associated handlers have been executed, which is crucial
for the typical locking strategy of NIC drivers in order to work
correctly in case of shared interrupts. This was a more or less
theoretical problem on sparc64 though, as shared interrupts are
rather uncommon there except for the on-board SCCs and UARTs.
Note that due to the behavior of at least of some of the interrupt
controllers used on sparc64 an enable+EOI instead of a disable+EOI
approach (as implied by the INTR_FILTER MI code and implemented on
other architectures) is used as the latter can cause lost interrupts
or in the worst case interrupt starvation.
o Correct a typo in sbus_alloc_resource() which caused (pass-through)
allocations to only work down to the grandchildren of the bus, which
wasn't a real problem so far as we don't support any devices which are
great-grandchildren or greater of a U2S bridge, yet.
o In fhc(4) use bus_{read,write}_4() instead of bus_space_{read,write}_4()
in order to get rid of sc_bh and sc_bt in the fhc_softc. Also get rid
of some other unneeded members in fhc_softc.
Reviewed by: marcel (earlier version)
Approved by: re (kensmith)
o reset ni_inact when ni_inact_reload is changed so we're
assured a valid setting
o never let ni_inact go negative
o add a knob to disable hostap sta idle handling (e.g. so it can be done
by a user application)
o remove bogus reload on associate
Reviewed by: avatar
Approved by: re (blanket wireless)
o update ic_lastdata to reflect time of last outbound frame
o outbound traffic must preempt/cancel bg scanning to avoid delays
This stuff was somehow missed in the initial import.
Reviewed by: thompsa, avatar, sephe (earlier version)
Approved by: re (blanket wireless)
o add ic_extieee to hold the HT40 extension channel number
o add ic_state to track dynamic channel state for DFS
o add flags to mark regulatory channel requirements
o add state defs for DFS/radar support
Reviewed by: avatar
Approved by: re (blanket wireless)
o update 11n definitions to D2.0 spec
o add IEEE80211_CAPINFO_SPECTRUM_MGMT for DFS support
o add CSA ie definition for DFS support
o purge some unused definitions
o correct 802.11 reason and status codes
o correct reason code returned when a sta tries to associate to an
ap operating with WPA/RSN but without a WPA/RSN ie
Reviewed by: thompsa, avatar
Approved by: re (blanket wireless)
device and have had the crypto bits stripped from the 802.11 header
o strip mbuf flags in the rx path before passing up the stack
Reviewed by: thompsa, sephe, avatar
Approved by: re (blanket wireless)