Commit Graph

134467 Commits

Author SHA1 Message Date
Robert Watson
45e0f3d63d Rename mac_check_vnode_delete() MAC Framework and MAC Policy entry
point to mac_check_vnode_unlink(), reflecting UNIX naming conventions.

This is the first of several commits to synchronize the MAC Framework
in FreeBSD 7.0 with the MAC Framework as it will appear in Mac OS X
Leopard.

Reveiwed by:    csjp, Samy Bahra <sbahra at gwu dot edu>
Submitted by:   Jacques Vidrine <nectar at apple dot com>
Obtained from:  Apple Computer, Inc.
Sponsored by:   SPARTA, SPAWAR
Approved by:    re (bmah)
2007-09-10 00:00:18 +00:00
Robert Watson
d903306a26 Enhance and expand kernel privilege regression tests in support of
work present in FreeBSD 7.0 to refine the kernel privilege model:

- Introduce support for jail as a testing variable, in order to
  confirm that privileges are properly restricted in the jail
  environment.

- Restructure overall testing approach so that privilege and jail
  conditions are set in the testing infrastructure before tests
  are invoked, and done so in a custom-created process to isolate
  the impact of tests from each other in a more consistent way.

- Tests now provide setup and cleanup hooks that occur before and
  after the test runs.

- New privilege tests are now present for several audit
  privileges, several credential management privileges, dmesg
  buffer reading privilege, and netinet raw socket creation.

- Other existing tests are restructured and generally improved as
  a result of better framework structure and jail as a variable.
  For exampe, we now test that certain sysctls are writable only
  outside jail, while others are writable within jail.  On a
  similar note, privileges relating to setting UFS file flags are
  now better exercised, as with the right to chmod and utimes
  files.

Approved by:	re (bmah)
Obtained from:	TrustedBSD Project
2007-09-09 23:08:39 +00:00
Kip Macy
f4a2d780df - Remove filter support
Supported by: Chelsio
Approved by: re(blanket)
2007-09-09 20:26:02 +00:00
Olivier Houchard
4168e66b1f In __bswap16_var(), make sure the 16 upper bits are cleared; while
optimizing, gcc4 doesn't always do so.

Reported by:	Nathan Whitehorn
Approved by:	re (blanket)
2007-09-09 11:58:38 +00:00
Randall Stewart
a3a60860c8 - Netstat warning removal for 64 bit aware platforms.
Approved by:	re@freebsd.org (B Mah)
2007-09-09 11:03:56 +00:00
Kip Macy
8adc65adda Add back in support for normal mbuf chaining on RX under DISABLE_MBUF_IOVEC
Approved by: re(blanket)
Supported by: Chelsio
2007-09-09 04:34:03 +00:00
Kip Macy
a8d57f7f24 Fix last-minute typo in last commit caused by pre-commit scripts
Approved by: re(blanket)
2007-09-09 03:51:25 +00:00
Joseph Koshy
64cd6a1100 Do not generate unneeded initializers.
Approved by:	re (bmah)
2007-09-09 02:10:53 +00:00
Bruce A. Mah
1a3a04870b Make the introduction to the hardware notes at least vaguely reflect
reality.

Approved by:	re (implicitly)
2007-09-09 01:32:36 +00:00
Kip Macy
5c5df3da16 - fix qset to port binding as a proper fix for the problems encountered on the 4-port
- fix the use after free seen when sending packets small enough to fit as an immediate
   and bpf peers are present
 - update to firmware rev 4.7 along with various small vendor fixes

Supported by: Chelsio
Approved by: re (blanket)
MFC after: 3 days
2007-09-09 01:28:03 +00:00
Tim Kientzle
cd41628daf Add --posix as a synonym for --format=pax, for GNU
tar compatibility.

Approved by: re (bmah)
2007-09-09 00:07:18 +00:00
Bruce A. Mah
58e5b0de0f Add a note about sparc64 needing to use serial consoles, due to
unusability of OFW consoles.  [1]

Try to use trademark entities where appropriate in the "Supported
Processors" section.

Submitted by:	kris [1]
Approved by:	re (implicitly)
2007-09-08 22:34:44 +00:00
Kenneth D. Merry
f553b7b391 Add SCSI READ CAPACITY support to camcontrol. The new 'readcap' subcommand
will automatically issue the 16 byte verison of read capacity if the device
in question is larger than 2TB.

There are also a number of output options here (last block, number of
blocks, human readable) that should meet most needs, and also aid in
scripting.

Approved by:	re (bmah)
MFC after:	1 week
2007-09-08 20:24:12 +00:00
Olivier Houchard
18b6e4c8d2 Do not set the RTF_GATEWAY flag if RTF_LLINFO is set, it doesn't make much
sense in that context, and leads to unusable routes.
This should unbreak bootpd.

Discussed with: glebius
Submitted by:   bms
Approved by:    re (bmah)
2007-09-08 19:28:45 +00:00
Randall Stewart
851b7298b3 - send call has a reference to uio->uio_resid in
the recent send code, but uio may be NULL on sendfile
  calls. Change to use sndlen variable.
- EMSGSIZE is not being returned in non-blocking mode
  and needs a small tweak to look if the msg would
  ever fit when returning EWOULDBLOCK.
- FWD-TSN has a bug in stream processing which could
  cause a panic. This is a follow on to the codenomicon
  fix.
- PDAPI level 1 and 2 do not work unless the reader
  gets his returned buffer full. Fix so we can break
  out when at level 1 or 2.
- Fix fast-handoff features to copy across properly on
  accepted sockets
- Fix sctp_peeloff() system call when no true system call
  exists to screen arguments for errors. In cases where a
  real system call exists the system call itself does this.
- Fix raddr leak in recent add-ip code change for bundled
  asconfs (even when non-bundled asconfs are received)
- Make sure ipi_addr lock is held when walking global addr
  list. Need to change this lock type to a rwlock().
- Add don't wake flag on both input and output when the
  socket is closing.
- When deleting an address verify the interface is correct
  before allowing the delete to process. This protects panda
  and unnumbered.
- Clean up old sysctl stuff and get rid of the old Open/Net
  BSD structures.
- Add a function to watch the ranges in the sysctl sets.
- When appending in the reassembly queue, validate that
  the assoc has not gone to about to be freed. If so
  (in the middle) abort out. Note this especially effects
  MAC I think due to the lock/unlock they do (or with
  LOCK testing in place).
- Netstat patch to get rid of warnings.
- Make sure that no data gets queued to inactive/unconfirmed
  destinations. This especially effect CMT but also makes a
  impact on regular SCTP as well.
- During init collision when we detect seq number out
  of sync we need to treat it like Case C and discard
  the cookie (no invarient needed here).
- Atomic access to the random store.
- When we declare a vtag good, we need to shove it
  into the time wait hash to prevent further use. When
  the tag is put into the assoc hash, we need to remove it
  from the twait hash (where it will surely be). This prevents
  duplicate tag assignments.
- Move decr-ref count to better protect sysctl out of
  data.
- ltrace error corrections in sctp6_usrreq.c
- Add hook for interface up/down to be sent to us.
- Make sysctl() exported structures independent of processor
  architecture.
- Fix route and src addr cache clearing for delete address case.
- Make sure address marked SCTP_DEL_IP_ADDRESS is never selected
  as src addr.
- in icmp handling fixed so we actually look at the icmp codes
  to figure out what to do.
- Modified mobility code.
  Reception of DELETE IP ADDRESS for a primary destination and
  SET PRIMARY for a new primary destination is used for
  retransmission trigger to the new primary destination.
  Also, in this case, destination of chunks in send_queue are
  changed to the new primary destination.
- Fix so that we disallow sending by mbuf to ever have EEOR
  mode set upon it.

Approved by:	re@freebsd.org (B Mah)
2007-09-08 17:48:46 +00:00
Randall Stewart
ceaad40ae7 - Locking compatiability changes. This involves adding
additional flags to many function calls. The flags only
  get used in BSD when we compile with lock testing. These
  flags allow apple to escape the "giant" lock it holds on
  the socket and have more fine-grained locking in the NKE.
  It also allows us to test (with witness) the locking used
  by apple via a compile switch (manually applied).

Approved by:	re@freebsd.org(B Mah)
2007-09-08 11:35:11 +00:00
Michael Reifenberger
fadab45370 Add IANA assigned iscsi-target port as its the default port
according RFC 3720.

Approved by:	re (bmah)
2007-09-08 08:56:01 +00:00
Joseph Koshy
36c39678d6 Fix a bug that prevented applications from laying out ELF objects
with section header tables residing in between other sections.

Introduce additional checks for overlaps between section data and
the section header table when the application is performing section
layout.

Document additional error returns.

Reported by:	Kai Wang <kaiw27 at gmail dot com>
Approved by:	re (rwatson)
2007-09-08 08:20:12 +00:00
Robert Watson
ce4d8529e3 Continue UDP/UDPv6 synchronization project:
- Fix copyrights, comments in UDPv6.
- Remove macro defines for in6pcb and udp6stat.
- Consistently refer to inpcbs as 'inp' and not also 'in6p'.

Reviewed by:	gnn, jinmei, bz
Approved by:	re (bmah)
2007-09-08 08:18:24 +00:00
Joseph Koshy
6a4b42f0ce Cross reference ar(5) from elf(5).
Approved by:	re (bmah)
2007-09-08 08:12:31 +00:00
Joseph Koshy
12d64ed128 Add a manual page documenting the format of `ar' archives.
Reviewed by:	Kai Wang <kaiw27 at gmail dot com>
Approved by:	re (bmah)
2007-09-08 08:04:28 +00:00
Christian Brueffer
1a1278aecf Remove stray comma left over from previous commit.
Approved by:	re (blanket)
2007-09-07 22:19:29 +00:00
Gabor Kovesdan
5f8464cb22 - Remove info about the consumed space in base dir. This info is not
relevant any more.

PR:		docs/115335
Submitted by:	Wayne Sierke <ws@au.dyndns.ws>
Reviewed by:	keramida
Approved by:	re (bmah)
MFC after:	3 days
2007-09-07 22:01:19 +00:00
Gabor Kovesdan
9b7995f5f5 - Remove reference for unexisting ndisapi(9)
PR:		docs/113127
Submitted by:	"O. Hartmann"<ohartman@mail.zedat.fu-berlin.de>
Reviewed by:	keramida
Approved by:	re (bmah)
MFC after:	3 days
2007-09-07 21:58:58 +00:00
Gabor Kovesdan
7c34436e66 - The weekly periodic runs occur on Saturday mornings, not on Sunday mornings
PR:		docs/113975
Submitted by:	Marian Cerny <jojo@matfyz.cz>
Reviewed by:	keramida
Approved by:	re (bmah)
2007-09-07 21:54:45 +00:00
Max Laier
ff72ebb1ba Add the startup script for ftp-proxy(8) to the Makefile as well.
Approved by:	re (bmah - implicit)
Reminded by:	mtm
2007-09-07 15:44:09 +00:00
Christian Brueffer
833da4b042 Autogenerate hardware notes for rum(4).
Approved by:	re (blanket)
2007-09-07 15:30:35 +00:00
Christian Brueffer
b994da335a Prepare for automatic hardware notes generation:
- mention the driver name and supported chipsets in the HARDWARE section
- remove unnecessary Li arguments

Approved by:	re (blanket)
2007-09-07 15:28:39 +00:00
Ruslan Ermilov
6a6c4826bc We've been able to support EVFILT_VNODE filtering on non-UFS
file systems since 2005.

Submitted by:	Igor Sysoev
Approved by:	re (bmah)
MFC after:	3 days
2007-09-07 13:10:09 +00:00
Robert Watson
85d9437250 Back out tcp_timer.c:1.93 and associated changes that reimplemented the many
TCP timers as a single timer, but retain the API changes necessary to
reintroduce this change.  This will back out the source of at least two
reported problems: lock leaks in certain timer edge cases, and TCP timers
continuing to fire after a connection has closed (a bug previously fixed and
then reintroduced with the timer rewrite).

In a follow-up commit, some minor restylings and comment changes performed
after the TCP timer rewrite will be reapplied, and a further change to allow
the TCP timer rewrite to be added back without disturbing the ABI.  The new
design is believed to be a good thing, but the outstanding issues are
leading to significant stability/correctness problems that are holding
up 7.0.

This patch was generated by silby, but is being committed by proxy due to
poor network connectivity for silby this week.

Approved by:	re (kensmith)
Submitted by:	silby
Tested by:	rwatson, kris
Problems reported by:	peter, kris, others
2007-09-07 09:19:22 +00:00
Sam Leffler
2a2391c23c - fix a bug that zyd_attach() returns 0 even if it encountered errors
that can lead to a panic when the stick is yanked.
- make sure that zyd_attach() returns 0 or errno.

Submitted by:	Weongyo Jeong <weongyo.jeong@gmail.com>
Reported by:	Ted Lindgreen <ted@tednet.nl>
Reviewed by:	sam
Approved by:	re (blanket wireless)
2007-09-07 03:54:54 +00:00
Edwin Groothuis
21008fdbf9 Add misc entries communilated over the year
PR:             conf/113285, conf/113642, conf/70252 and conf/61641
Submitted by:   Edwin Groothuis <edwin@mavetju.org>, <acc107_3@acc.tula.ru>, Evan Dower <evantd@cs.washington.edu>
MFC after:      1 week
Approved by:    re (bmah@), mentor (grog@)
2007-09-07 03:23:06 +00:00
Max Laier
cb3ab5e31a Add a startup script for ftp-proxy(8) now that it is no longer started as
part of inetd(8).

Approved by:	re (bmah)
Reviewed by:	freebsd-rc (a while back)
Reminded by:	kevlo
2007-09-06 21:00:48 +00:00
Christian Brueffer
6be87061f8 Xref zyd(4).
Approved by:	re (blanket)
2007-09-06 20:15:04 +00:00
Christian Brueffer
8b9003d17a Replace OpenBSD SYNOPSIS with our standard SYNPOPSIS.
Approved by:	re (blanket)
2007-09-06 20:13:27 +00:00
Christian Brueffer
bc54cd7348 New release notes:
- ng_h4(4) MPSAFE
- ng_ppp(4) MPSAFE + MFC
- zyd(4) added
- cpufreq(4) in GENERIC

Modified release notes:
- cached(8) renamed to nscd(8), also moved entry to now correct place
- Camellia is now supported in geli(8) as well

Approved by:	re (blanket)
2007-09-06 19:53:06 +00:00
Marius Strobl
7439368f60 o Revamp the sparc64 interrupt code in order to be able to interface
with the INTR_FILTER-enabled MI code. Basically this consists of
  registering an interrupt controller (of which there can be multiple
  and optionally different ones either per host-to-foo bridge or shared
  amongst host-to-foo bridges in any one machine) along with an interrupt
  vector as specific argument for all the interrupt vectors used by a
  given host-to-foo bridge (roughly similar to registering interrupt
  sources on amd64 and i386), providing functions to enable, clear and
  disable the interrupts of the children beneath the bridge.
  This also includes:
  - No longer entering a critical section in tl0_intr() and tl1_intr()
    for executing interrupt handlers but rather let the handlers enter
    it themselves so in the case of intr_event_handle() we don't enter
    a nested critical section.
  - Adding infrastructure for binding delivery of interrupt vectors to
    specific CPUs which later on can be interfaced with the code from
    amd64/i386 for binding interrupts to specific CPUs.
  - Getting rid of the wrapper hack introduced along the lines of the
    API changes for INTR_FILTER which as a side-effect caused interrupts
    associated with ithread handlers only to get the elevated priority
    of those associated with filters ("fast handlers") (this removes the
    hack also in the non-INTR_FILTER case).
  - Disabling (by not clearing) an interrupt in the interrupt controller
    until all associated handlers have been executed, which is crucial
    for the typical locking strategy of NIC drivers in order to work
    correctly in case of shared interrupts. This was a more or less
    theoretical problem on sparc64 though, as shared interrupts are
    rather uncommon there except for the on-board SCCs and UARTs.
  Note that due to the behavior of at least of some of the interrupt
  controllers used on sparc64 an enable+EOI instead of a disable+EOI
  approach (as implied by the INTR_FILTER MI code and implemented on
  other architectures) is used as the latter can cause lost interrupts
  or in the worst case interrupt starvation.
o Correct a typo in sbus_alloc_resource() which caused (pass-through)
  allocations to only work down to the grandchildren of the bus, which
  wasn't a real problem so far as we don't support any devices which are
  great-grandchildren or greater of a U2S bridge, yet.
o In fhc(4) use bus_{read,write}_4() instead of bus_space_{read,write}_4()
  in order to get rid of sc_bh and sc_bt in the fhc_softc. Also get rid
  of some other unneeded members in fhc_softc.

Reviewed by:	marcel (earlier version)
Approved by:	re (kensmith)
2007-09-06 19:16:30 +00:00
Brooks Davis
91c0813e7d Add service entries for Sun Grid Engine's qmaster and execution service
as per IANA assignments to simplify the installation of the sysutils/sge
port.

Approved by:	re (bmah)
2007-09-06 19:04:47 +00:00
Marius Strobl
5435966282 Style(9) fix - use #define<tab> consistently.
Approved by:	re (kensmith)
2007-09-06 14:56:09 +00:00
Sam Leffler
7595008bb1 oops, add missing bit from last change
Approved by:	re (blanket wireless)
2007-09-06 00:08:02 +00:00
Sam Leffler
c066143c08 Fixup sta inactivity handling:
o reset ni_inact when ni_inact_reload is changed so we're
  assured a valid setting
o never let ni_inact go negative
o add a knob to disable hostap sta idle handling (e.g. so it can be done
  by a user application)
o remove bogus reload on associate

Reviewed by:	avatar
Approved by:	re (blanket wireless)
2007-09-06 00:04:36 +00:00
Sam Leffler
5c096cfbe5 Add missing bg scanning bits; update ic_lastdata and cancel any
bg scan when there's outbound traffic.

Approved by:	re (blanket wireless)
2007-09-05 23:40:59 +00:00
Sam Leffler
2b9411e29f Add missing bits that made bg scanning lame:
o update ic_lastdata to reflect time of last outbound frame
o outbound traffic must preempt/cancel bg scanning to avoid delays

This stuff was somehow missed in the initial import.

Reviewed by:	thompsa, avatar, sephe (earlier version)
Approved by:	re (blanket wireless)
2007-09-05 23:00:27 +00:00
Sam Leffler
14fb6b8fe2 o add 802.11 state machine states for DFS and client-side power save
o fixup drivers to ignore new states

Reviewed by:	avatar (?)
Approved by:	re (blanket wireless)
2007-09-05 21:31:32 +00:00
Sam Leffler
dc60433061 add defs just removed from ieee80211.h
Approved by:	re (blanket wireless)
2007-09-05 21:25:58 +00:00
Sam Leffler
3f87f68e74 Update channel definition:
o add ic_extieee to hold the HT40 extension channel number
o add ic_state to track dynamic channel state for DFS
o add flags to mark regulatory channel requirements
o add state defs for DFS/radar support

Reviewed by:	avatar
Approved by:	re (blanket wireless)
2007-09-05 20:37:39 +00:00
Sam Leffler
eddedabe31 Miscellaneous fixups to 802.11 defs:
o update 11n definitions to D2.0 spec
o add IEEE80211_CAPINFO_SPECTRUM_MGMT for DFS support
o add CSA ie definition for DFS support
o purge some unused definitions
o correct 802.11 reason and status codes
o correct reason code returned when a sta tries to associate to an
  ap operating with WPA/RSN but without a WPA/RSN ie

Reviewed by:	thompsa, avatar
Approved by:	re (blanket wireless)
2007-09-05 20:29:51 +00:00
Sam Leffler
b1acbdbbbb o add M_WEP mbuf flag so drivers can mark frames that are decrypted by the
device and have had the crypto bits stripped from the 802.11 header
o strip mbuf flags in the rx path before passing up the stack

Reviewed by:	thompsa, sephe, avatar
Approved by:	re (blanket wireless)
2007-09-05 20:22:59 +00:00
Robert Watson
bdec1ad988 Add MLINKS entries for various SYSCTL_*() macros documented in sysctl.9.
Approved by:	re (bmah)
Submitted by:	Constantine A. Murenin <cnst+freebsd@bugmail.mojo.ru>
Sponsored by:	Google Summer of Code 2007
2007-09-05 19:46:23 +00:00
JINMEI Tatuya
e47c82ed72 ensure the head entry of addrinfo chain has non-NULL ai_canonname to be
compliant with RFC3493.

PR: standards/114910
Approved by:   ume (mentor)
Approved by:   re
MFC after:     1 week
2007-09-05 18:08:14 +00:00