Commit Graph

158039 Commits

Author SHA1 Message Date
rwatson
4aa2654586 Define missing audit argument macro AUDIT_ARG_SOCKET(), and
capture the domain, type, and protocol arguments to socket(2)
and socketpair(2).

Approved by:	re (audit argument blanket)
MFC after:	3 days
2009-07-01 18:54:49 +00:00
dfr
880189b32b Clarify the node about removing NFS_LEGACYRPC
Approved by: re
2009-07-01 18:12:50 +00:00
jhb
76256698a1 Improve the handling of cpuset with interrupts.
- For x86, change the interrupt source method to assign an interrupt source
  to a specific CPU to return an error value instead of void, thus allowing
  it to fail.
- If moving an interrupt to a CPU fails due to a lack of IDT vectors in the
  destination CPU, fail the request with ENOSPC rather than panicing.
- For MSI interrupts on x86 (but not MSI-X), only allow cpuset to be used
  on the first interrupt in a group.  Moving the first interrupt in a group
  moves the entire group.
- Use the icu_lock to protect intr_next_cpu() on x86 instead of the
  intr_table_lock to fix a LOR introduced in the last set of MSI changes.
- Add a new privilege PRIV_SCHED_CPUSET_INTR for using cpuset with
  interrupts.  Previously, binding an interrupt to a CPU only performed a
  privilege check if the interrupt had an interrupt thread.  Interrupts
  without a thread could be bound by non-root users as a result.
- If an interrupt event's assign_cpu method fails, then restore the original
  cpuset mask for the associated interrupt thread.

Approved by:	re (kib)
2009-07-01 17:20:07 +00:00
rwatson
9f2c78b3f9 When auditing unmount(2), capture FSID arguments as regular text strings
rather than as paths, which would lead to them being treated as relative
pathnames and hence confusingly converted into absolute pathnames.

Capture flags to unmount(2) via an argument token.

Approved by:	re (audit argument blanket)
MFC after:	3 days
2009-07-01 16:56:56 +00:00
rmacklem
53a5aa36f7 When unmounting an NFS mount using sec=krb5[ip], the umount system
call could get hung sleeping on "gsssta" if the credentials for a user
that had been accessing the mount point have expired. This happened
because rpc_gss_destroy_context() would end up calling itself when the
"destroy context" RPC was attempted, trying to refresh the credentials.
This patch just checks for this case in rpc_gss_refresh() and returns
without attempting the refresh, which avoids the recursive call to
rpc_gss_destroy_context() and the subsequent hang.

Reviewed by:	dfr
Approved by:	re (Ken Smith), kib (mentor)
2009-07-01 16:42:03 +00:00
rmacklem
bad77de856 Make sure that cr_error is set to ESHUTDOWN when closing the connection.
This is normally done by a loop in clnt_dg_close(), but requests that aren't
in the pending queue at the time of closing, don't get set. This avoids a
panic in xdrmbuf_create() when it is called with a NULL cr_mrep if
cr_error doesn't get set to ESHUTDOWN while closing.

Reviewed by:	dfr
Approved by:	re (Ken Smith), kib (mentor)
2009-07-01 16:38:18 +00:00
jfv
15ba859ce2 Multiqueue RX is not correctly enabled on the new 82599
adapter, the SRRCTL register needs to be setup per queue.

Approved by: re
2009-07-01 16:13:01 +00:00
trasz
c51532aa9e With NFSv4 ACLs, it is possible that applying a mode to an ACL which
is identical to the mode computed from that ACL will modify the ACL.
For example, mode computed from the following ACL is 0600:

   user:kamila:rwx--------C--:------:allow
        owner@:--x-----------:------:deny
        owner@:rw-p---A-W-Co-:------:allow
        group@:rwxp----------:------:deny
        group@:--------------:------:allow
     everyone@:rwxp---A-W-Co-:------:deny
     everyone@:------a-R-c--s:------:allow

However, applying that mode (chmod 0600) changes the ACL into this:

   user:kamila:rwx-----------:------:deny
   user:kamila:rwx--------C--:------:allow
        owner@:--x-----------:------:deny
        owner@:rw-p---A-W-Co-:------:allow
        group@:rwxp----------:------:deny
        group@:--------------:------:allow
     everyone@:rwxp---A-W-Co-:------:deny
     everyone@:------a-R-c--s:------:allow

In chmod(1) utility, there is an optimisation, which makes it not
call chmod(2) if the mode of the file is the same as the new mode.
Disable that optimisation for files which may have NFSv4 ACLs.

Reviewed by:	rwatson
Approved by:	re (kib)
2009-07-01 15:52:19 +00:00
rwatson
f90eaa96d0 Audit the file descriptor number passed to lseek(2).
Approved by:	re (kib)
MFC after:	3 days
2009-07-01 15:37:23 +00:00
rwatson
0e50a12ccd Fix link(2) auditing: use the second audit record path for the new object
name.

Approved by:	re (kib)
MFC after:	3 days
2009-07-01 13:22:08 +00:00
stas
39f3d3385b - Fix the bug in write(2) called with incorrect parameters resulting in writes
always started from the start of the packet.
- Fix usage string (multiple addresses can be specified).
- Make the source more style(9) compliant.
- Improve error reporting (do not silently fail if something goes
  wrong).
- Make functions static.
- Use warns level 6.

Approved by:	re (kib)
Discussed with:	Marc Balmer <marc@msys.ch>, brian, mbr
2009-07-01 13:07:02 +00:00
rwatson
dff449105c udit the 'options' argument to wait4(2).
Approved by:	re (kib)
MFC after:	3 days
2009-07-01 12:36:10 +00:00
mav
7efd755635 Fix infinite loop in ng_iface, that happens when packet passes out via
two different ng interfaces sequentially due to tunnelling.

PR:		kern/134557
Submitted by:	Mikolaj Golub
Approved by:	re (kensmith)
MFC after:	3 days
2009-07-01 08:08:56 +00:00
dfr
609bc8c9f9 Add usr/include/nfs/rpcv2.h
Submitted by: pluknet at gmail dot com
Approved by: re
2009-07-01 07:37:21 +00:00
dfr
64e7107dab Add an entry documenting removal of the NFS_LEGACYRPC option.
Submitted by: Steve Kargl
Approved by: re
2009-07-01 07:35:57 +00:00
dfr
7786c98bf1 Don't include rpcv2.h - it has been removed.
Submitted by: ed@
Approved by: re
2009-07-01 07:34:28 +00:00
mbr
a69e28b858 Compiles without higher warn level
M    wake/Makefile

Approved by: re (previous commit)
2009-06-30 22:09:47 +00:00
brian
d36008e70c Don't imply that only FTP urls are supported when we can't fetch
a package.

Approved by:	re (kib)
MFC after:	3 weeks
2009-06-30 20:53:57 +00:00
trasz
666e7ae4b7 Make it clear where to look for for protocol-specific socket options.
Reviewed by:	rwatson
Approved by:	re (kib)
2009-06-30 20:53:56 +00:00
alc
45ba0262c0 Remove a stale comment. The very same revision (r85511) that introduced
this comment also implemented the proposed change to the code.

Approved by:	re (kib)
2009-06-30 19:39:17 +00:00
dfr
836bf4cc58 Adjust the internal NFS KPI to avoid the last traces of NFS_LEGACYRPC.
Approved by: re
2009-06-30 19:10:17 +00:00
dfr
5d248bb05f Remove the old kernel RPC implementation and the NFS_LEGACYRPC option.
Approved by: re
2009-06-30 19:03:27 +00:00
mbr
92b2f15118 Add wake, a tool to send Wake on LAN frames to hosts on a local Ethernet network
Submitted by:   Marc Balmer <marc@msys.ch>
Reviewed by:    rwatson
Approved by:	re

M    usr.sbin/Makefile
A    usr.sbin/wake
AM   usr.sbin/wake/wake.c
AM   usr.sbin/wake/Makefile
AM   usr.sbin/wake/wake.8
2009-06-30 18:51:22 +00:00
trasz
669f7d9712 Make gjournal work with kernel compiled with "options DIAGNOSTIC".
Previously, it would panic immediately.

Reviewed by:	pjd
Approved by:	re (kib)
2009-06-30 14:34:06 +00:00
emaste
02a0b3a839 Add FIONSPACE from NetBSD. FIONSPACE is provided so that programs may
easily determine how much space is left in the send queue; they do not
need to know the send queue size.

NetBSD revisions:
  sys_socket.c r1.41, 1.42
  filio.h r1.9

Obtained from:	NetBSD
Approved by:	re (kensmith)
2009-06-30 13:38:49 +00:00
stas
9a7ae64d55 - Add support to atomically set/clear individual bits of a MSR register
via cpuctl(4) driver.  Two new CPUCTL_MSRSBIT and CPUCTL_MSRCBIT ioctl(2)
  calls treat the data field of the argument struct passed as a mask
  and set/clear bits of the MSR register according to the mask value.
- Allow user to perform atomic bitwise AND and OR operaions on MSR registers
  via cpucontrol(8) utility.  Two new operations ("&=" and "|=") have been
  added.  The first one applies bitwise AND operaion between the current
  contents of the MSR register and the mask, and the second performs bitwise
  OR.  The argument can be optionally prefixed with "~" inversion operator.
  This allows one to mimic the "clear bit" behavior by using the command
  like this:
      cpucontrol -m 0x10&=~0x02		# clear the second bit of TSC MSR

  Inversion operator support in all modes (assignment, OR, AND).

Approved by:	re (kib)
MFC after:	1 month
2009-06-30 12:35:47 +00:00
avg
19735eeae0 remove unused/unneeded extern declarations
This should result in no changes to compiled code.

Reviewed by:	alc
Approved by:	re (kib)
MFC after:	1 day
2009-06-30 11:16:32 +00:00
kib
4cf230ed17 For SU mounts, softdep_fsync() might drop vnode lock, allowing other
threads to put dirty buffers on the vnode bufobj list. For regular files
and synchronous fsync requests, check for the condition and restart the
fsync vop if a new dirty buffer arrived.

Tested by:	pho
Approved by:	re (kensmith)
MFC after:	1 month
2009-06-30 10:07:33 +00:00
kib
c424611d79 Softdep_fsync() may need to lock parent directory of the synced vnode.
Use inlined (due to FFSV_FORCEINSMQ) version of vn_vget_ino() to prevent
mountpoint from being unmounted and freed while no vnodes are locked.

Tested by:	pho
Approved by:	re (kensmith)
MFC after:	1 month
2009-06-30 10:07:00 +00:00
rpaulo
905d9397a0 acpi_wmi_if:
- Document different semantics for ACPI_WMI_PROVIDES_GUID_STRING_METHOD

acpi_wmi.c:
- Modify acpi_wmi_provides_guid_string_method to return absolut number of
  instances known for the given GUID.

acpi_hp.c:
- sysctl dev.acpi_hp.0.verbose to toggle debug output
- A modification so this can deal with different array lengths
  when reading the CMI BIOS - now it works ok on HP Compaq nx7300
  as well.
- Change behaviour to query only max_instance-1 CMI BIOS instances,
  because all HPs seen so far are broken in that respect
  (or there is a fundamental misunderstanding on my side, possible
  as well). This way a disturbing ACPI Error Field exceeds Buffer
  message is avoided.
- New bit to set on dev.acpi_hp.0.cmi_detail (0x8) to
  also query the highest guid instance of CMI bios

acpi_hp.4:
- Document dev.acpi_hp.0.verbose sysctl in man page
- Document new bit for dev.acpi_hp.0.cmi_detail
- Add a section to manpage about hardware that has been reported
  to work ok

Submitted by:	Michael Gmelin, freebsdusb at bindone.de
Approved by:	re (kib)
MFC after:	2 weeks
2009-06-30 09:51:41 +00:00
bz
f236086095 In case we cannot queue a packet reaching the queue limit, retain the
semantics netisr_queue() always had and free the mbuf along with
returning the error.

Reviewed by:	rwatson
Approved by:	re (kensmith)
2009-06-30 05:21:00 +00:00
jhb
ccb2608d06 Fix build with NFS_LEGACYRPC enabled after the socket upcall locking
changes.

Approved by:	re (kensmith)
2009-06-30 03:18:51 +00:00
sson
3de2232b43 Dynamically allocate the gidset field in audit record.
This fixes a problem created by the recent change that allows a large
number of groups per user.  The gidset field in struct kaudit_record
is now dynamically allocated to the size needed rather than statically
(using NGROUPS).

Approved by:	re@ (kensmith, rwatson), gnn (mentor)
2009-06-29 20:19:19 +00:00
brooks
0cabaf8791 Remove support for the /dev/net/* per-interface devices. They serve
little purpose and are unused in the base system.

The IOCTL functionality is entirely duplicated and routing sockets
provide a richer interface than the kqueue functionality.

Further, it is not practical for these devices to be made sensible in
the face of VIMAGE.

Bump __FreeBSD_version on the off chance that there is any code out
there that actually uses this stuff.

Reviewed by:	rwatson
Discussed with:	bz, zec
Approved by:	re@ (kensmith)
2009-06-29 19:46:29 +00:00
kib
8eb4412c3f Make the structure definitions in the man pages match the real code, and
remove no longer valid caution.

Approved by:	re (kensmith)
2009-06-29 18:54:17 +00:00
sam
49f1934625 Update to 3.6.2.2 firmware (latest w/o host-based power save support):
o new tx ack queue (not used right now)
o proxy-sta related changes (no proxy sta in driver)
o explicit dwds ena/dis (needed only with proxy sta)
o cleanup BA policy handling
o new ampdu aggressive mode support
o CFEnd use now controllable

Approved by:	re (kensmith)
2009-06-29 18:42:54 +00:00
jfv
a0406a1253 Type problem when FreeBSD is in a virtualized environment, the
result was when the RX index wrapped it was converted into some
sort of gibberish and written into the RDT register, effectively
killing the RX side of the thing :)

Approved by: re
2009-06-29 18:17:10 +00:00
kib
242d1f11af Free struct ucreds allocated in vfs_hang_addrlist() when deleting
the export element.
While there, remove register storage-class specifiers.

Reported and tested by:	pho
Reviewed by:	kan
Approved by:	re (kensmith)
2009-06-29 18:09:07 +00:00
imp
0e6117f221 Fix copyrights to reflect the origin of these files.
Approved by:	re@ (rwatson)
2009-06-29 16:45:50 +00:00
attilio
84c65084a0 Don't assume a default (currently 15) value for preloaded klds when
loading hwpmc, but calculate at runtime and allocate the necessary space.
Also the current logic is wrong as it can lead to an endless loop.

Sponsored by:   Sandvine Incorporated
Reported by:    Ryan Stone <rstone at sandvine dot com>
Tested by:      Giovanni Trematerra
                <giovanni dot trematerra at gmail dot com>
Approved by:	re (kib)
2009-06-29 16:03:18 +00:00
rwatson
0734bf13fc Fix "options VIMAGE_GLOBALS" build following introduction of
in6_ifaddrhead.

Approved by:	re (kib)
2009-06-29 15:23:50 +00:00
jamie
fa263a2ed1 Add libjail to the boot_crunch binaries (for ifconfig).
PR:		136071
Submitted by:	Scot Hetzel
Approved by:	re (kensmith), bz (mentor)
2009-06-29 13:59:30 +00:00
yongari
f21ccb87b0 Disable Rx checksum offload until I find more clue why it breaks
under certain environments. However give users chance to override
it when he/she surely knows his/her hardware works with Rx checksum
offload.

Reported by:	Ulrich Spoerlein ( uqs <> spoerlein dot net )
MFC after:	1 week
Approved by:	re (kensmith)
2009-06-29 05:12:21 +00:00
kan
a3faeb1b41 Back out previous revision until better tested fix is ready.
Approved by: re (impliciti, by approving previos check-in)
2009-06-29 01:33:59 +00:00
kan
f780ef8f19 Eliminate .text relocations in shared libraries compiled with stack protector.
Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC generates
local calls to this function which result in absolute relocations put into
position-independent code segment, making dynamic loader do extra work everys
time given shared library is being relocated and making affected text pages
non-shareable.

Reviewed by:        kib
Approved by:        re (kensmith)
2009-06-28 23:51:39 +00:00
marius
54f24c117a - Work around the broken loader behavior of not demapping no longer
used kernel TLB slots when unloading the kernel or modules, which
  results in havoc when loading a kernel and modules which take up
  less TLB slots afterwards as the unused but locked ones aren't
  accounted for in virtual_avail. Eventually this should be fixed
  in the loader which isn't straight forward though and the kernel
  should be robust against this anyway. [1]
- Ensure that the addresses allocated directly from phys_avail[] by
  pmap_bootstrap_alloc() are always colored properly. This implicit
  assumption was broken in r194784 as unlike the other consumers the
  DPCPU area allocated for the BSP isn't a multiple of PAGE_SIZE *
  DCACHE_COLORS. [2]
- Remove the no longer used global msgbuf_phys.
- Remove the redundant ekva parameter of pmap_bootstrap_alloc().
- Correct some outdated function names in ktr(9) invocations.

Requested by:	jhb [1]
Reported by:	gavin [2]
Approved by:	re (kib)
MFC after:	2 weeks
2009-06-28 22:42:51 +00:00
stas
c61e1d6988 - Turn the third (islocked) argument of the knote call into flags parameter.
Introduce the new flag KNF_NOKQLOCK to allow event callers to be called
  without KQ_LOCK mtx held.
- Modify VFS knote calls to always use KNF_NOKQLOCK flag.  This is required
  for ZFS as its getattr implementation may sleep.

Approved by:	re (rwatson)
Reviewed by:	kib
MFC after:	2 weeks
2009-06-28 21:49:43 +00:00
ed
66973f6d46 Don't pick up Giant inside ucom(4).
Giant was only used here to lock down a bit mask of allocated unit
numbers. Change the code to use its own mutex.

Reviewed by:	hselasky
Approved by:	re (kib)
2009-06-28 20:52:11 +00:00
ed
fda6c6ecf4 Add FIONWRITE support to TTYs.
TTYs already supported TIOCOUTQ, but FIONWRITE seems to be a more
generic name for this.

Approved by:	re (kib)
2009-06-28 12:02:15 +00:00
phk
ee7f38d0ae Revert a local change that should not have been in the last commit.
Approved by:	re (kib)
2009-06-28 11:32:52 +00:00