Commit Graph

150054 Commits

Author SHA1 Message Date
Bjoern A. Zeeb
52bf2041ac Make sure that the primary native brandinfo always gets added
first and the native ia32 compat as middle (before other things).
o(ld)brandinfo as well as third party like linux, kfreebsd, etc.
stays on SI_ORDER_ANY coming last.

The reason for this is only to make sure that even in case we would
overflow the MAX_BRANDS sized array, the native FreeBSD brandinfo
would still be there and the system would be operational.

Reviewed by:	kib
MFC after:	1 month
2009-10-03 11:57:21 +00:00
Rui Paulo
4011f96514 Add OpenVPN IANA assigned port number. 2009-10-03 11:02:36 +00:00
Bjoern A. Zeeb
db44ff4047 Put #ifdef INET around parts of the FLOWTABLE code, to unbreak
nooptions INET kernel builds.

MFC after:	3 days
X-MFC:		with r197687
2009-10-03 10:56:03 +00:00
Bjoern A. Zeeb
925c8b5b04 Print a warning in case we cannot add more brandinfo because
we would overflow the MAX_BRANDS sized array.

Reviewed by:	kib
MFC After:	1 month
2009-10-03 10:50:00 +00:00
Doug Barton
85f67d6972 The 6bone was decommissioned on 6/6/06, so remove references to it. 2009-10-03 02:37:21 +00:00
Weongyo Jeong
1db9493a64 TRENDnet TEW-424UB has multiple revisions so clarify zyd(4) man page and
adds a device to urtw(4).  The revision informations are as follows:

    rev A       ZD1211
    V2          SiS163U
    V2.1R       SiS163U
    V3.xR       RTL8187B

and bump date.

Obtained from:	OpenBSD
Reported by:	Albert Shih <Albert.Shih at obspm.fr>
2009-10-03 02:28:28 +00:00
Marcel Moolenaar
0acb3c4aac Fix RTS/CTS flow control, broken by the TTY overhaul. The new TTY
interface is fairly simple WRT dealing with flow control, but
needed 2 new RX buffer functions with "get-char-from-buf" separated
from "advance-buf-pointer" so that the pointer could be advanced
only when ttydisc_rint() succeeded.

MFC after:	1 week
2009-10-02 22:30:44 +00:00
Robert Watson
afd8e45b45 Don't comment on stream socket handling in sosend_dgram, since that's
not handled.

MFC after:	3 weeks
2009-10-02 21:31:15 +00:00
Hiroki Sato
df2b25f6ee - Enable an afexists() check only when no AF argument is specified.
- Simplify helper functions.

Discussed with:	ume
2009-10-02 20:19:53 +00:00
Bjoern A. Zeeb
492ffed1e3 Replace the name of the sysctl to security.bsd.map_at_zero and to be
consistent updated the name of the variable as well, after the change
in r197711.
2009-10-02 17:53:48 +00:00
Bjoern A. Zeeb
fc50832731 Back out the functional parts from r197537. After r197711, affecting all
user mappings, mmap no longer needs special treatment.
2009-10-02 17:51:46 +00:00
Bjoern A. Zeeb
878adb8517 Add a mitigation feature that will prevent user mappings at
virtual address 0, limiting the ability to convert a kernel
NULL pointer dereference into a privilege escalation attack.

If the sysctl is set to 0 a newly started process will not be able
to map anything in the address range of the first page (0 to PAGE_SIZE).
This is the default. Already running processes are not affected by this.

You can either change the sysctl or the tunable from loader in case
you need to map at a virtual address of 0, for example when running
any of the extinct species of a set of a.out binaries, vm86 emulation, ..
In that case set security.bsd.map_at_zero="1".

Superseeds:		r197537
In collaboration with:	jhb, kib, alc
2009-10-02 17:48:51 +00:00
Yoshihiro Takahashi
a38f6f86d2 Fix build nfscl and/or nfsd.
MFC after:	3 days
2009-10-02 12:47:01 +00:00
Rui Paulo
f49e371d3b Reserve numbers for XScale.
Reviewed by:	jkoshy
2009-10-02 11:14:12 +00:00
Rui Paulo
f143a35bf1 Remove performance counter headers. This code came from NetBSD, but our
hardware perf. counter support is different, so we don't need these
files.

Reviewed by:	freebsd-arm (no comments)
2009-10-02 11:10:05 +00:00
Hiroki Sato
d7caaef2e5 Enable adding a link-local address even if ND6_IFF_IFDISABLED.
Note that when the interface has ND6_IFF_IFDISABLED, a newly-added
address is always marked as IN6_IFF_TENTATIVE so that the interface
can perform DAD after the ND6_IFF_IFDISABLED is cleared.
2009-10-02 07:00:20 +00:00
Hiroki Sato
b5a70c98b2 The net.inet.tcp.log_in_vain accepts 0, 1 or 2, not Y/N. 2009-10-02 06:51:39 +00:00
Hiroki Sato
ccbc06d893 Revert the previous afexists() change. Knobs configured explicitly by
the user should not be ignored if possible even if the kernel does not
support the prerequisite feature.

Discussed with:	ume
2009-10-02 06:19:34 +00:00
Hiroki Sato
e248dc09a8 - Split routing_*() and option_*() to *_AF() and add afexists() check
for each address family.  Replace AF_static() with static_AF() for
  consistency.

- Display a message only if the user sets a non-default value, and set
  a sysctl explicitly even if it is the default value.
2009-10-02 02:28:59 +00:00
Hiroki Sato
01ce5591ad - Fix logic inversion bug of net.inet.tcp.rfc1323[*].
- Split netoptions_start() to netoptions_AF() and add afexists() check
  for each address family.

- Display a message only if the user sets a non-default value, and set
  a sysctl explicitly even if it is the default value.

Spotted by:	Pegasus Mc Cleaft[*]
2009-10-02 02:27:49 +00:00
Hiroki Sato
b558571de6 - Add AF_IPX and AF_NATM to afexists().
- Add afexists() check to address family specific rc.d scripts.  A
  script for an AF will be silently ignored if the kernel has no
  support for the AF.
2009-10-02 02:24:25 +00:00
Qing Li
b4a22c365c Remove a log message from production code. This log message can be
triggered by a misconfigured host that is sending out gratuious ARPs.
This log message can also be triggered during a network renumbering
event when multiple prefixes co-exist on a single network segment.

MFC after:	immediately
2009-10-02 01:45:11 +00:00
Qing Li
fa3cfd39ff Previously, if an address alias is configured on an interface, and
this address alias has a prefix matching that of another address
configured on the same interface, then the ARP entry for the alias
is not deleted from the ARP table when that address alias is removed.
This patch fixes the aforementioned issue.

PR:		kern/139113
MFC after:	3 days
2009-10-02 01:34:55 +00:00
Kip Macy
46aba52a50 make read_eflags and write_eflags accomplish the same effect on PVM as native,
simplifying interrupt handling
2009-10-01 22:05:38 +00:00
Ed Maste
e380cc73ed In fill_kinfo_thread, copy the thread's name into struct kinfo_proc even
if it is empty.  Otherwise the previous thread's name would remain in the
struct and then be reported for this thread.

Submitted by:	Ryan Stone
MFC after:	1 week
2009-10-01 21:44:30 +00:00
Jilles Tjoelker
47e5ae08a1 sh: Disallow mismatched quotes in backticks (...).
Due to the amount of code removed by this, it seems that allowing unmatched
quotes was a deliberate imitation of System V sh and real ksh. Most other
shells do not allow unmatched quotes (e.g. bash, zsh, pdksh, NetBSD /bin/sh,
dash).

PR:		bin/137657
2009-10-01 21:40:08 +00:00
Jung-uk Kim
165a00d1de Compile ACPI debugger and disassembler for kernel modules unconditionally.
These files will generate almost empty object files without ACPI_DEBUG/DDB
options.  As a result, size of acpi.ko will increase slightly.
2009-10-01 20:56:15 +00:00
Qing Li
e5c610d659 The flow-table associates TCP/UDP flows and IP destinations with
specific routes. When the routing table changes, for example,
when a new route with a more specific prefix is inserted into the
routing table, the flow-table is not updated to reflect that change.
As such existing connections cannot take advantage of the new path.
In some cases the path is broken. This patch will update the affected
flow-table entries when a more specific route is added. The route
entry is properly marked when a route is deleted from the table.
In this case, when the flow-table performs a search, the stale
entry is updated automatically. Therefore this patch is not
necessary for route deletion.

Submitted by:	simon, phk
Reviewed by:	bz, kmacy
MFC after:	3 days
2009-10-01 20:32:29 +00:00
John Baldwin
3538cf0cbe Put square backets ([]) around process names for system processes to patch
the behavior of ps(1).
2009-10-01 19:12:14 +00:00
Xin LI
6f62807611 Return EOPNOTSUPP instead of EINVAL when doing chflags(2) over an old
format ZFS, as defined in the manual page.

Submitted by:	pjd (response of my original patch but bugs are mine)
MFC after:	3 days
2009-10-01 18:58:26 +00:00
Andrew Thompson
c8a14b9124 EHCI Hardware BUG workaround
The EHCI HW can use the qtd_next field instead of qtd_altnext when a short
packet is received. This contradicts what is stated in the EHCI datasheet.
Also the total-bytes field in the status field of the following TD gets
corrupted upon reception of a short packet!  We work this around in software by
not queueing more than one job/TD at a time of up to 16Kbytes! The bug has been
seen on multiple INTEL based EHCI chips.  Other vendors have not been tested
yet.

- Applications using /dev/usb/X.Y.Z, where Z is non-zero are affected, but not
  applications using LibUSB v0.1, v1.2 and v2.0.
- Mass Storage (umass) is affected.

Submitted by:	Hans Petter Selasky
MFC after:	3 days
2009-10-01 18:37:16 +00:00
Joe Marcus Clarke
ad1e5416ab Correct the pthread stub prototype for pthread_mutexattr_settype to allow for
the type argument.  This is known to fix some pthread_mutexattr_settype()
invocations, especially when it comes to pulseaudio.

Approved by:	kib
		deischen (threads)
MFC after:	3 days
2009-10-01 18:23:50 +00:00
Edward Tomasz Napierala
2c29cfa083 Provide default implementation for VOP_ACCESS(9), so that filesystems which
want to provide VOP_ACCESSX(9) don't have to implement both.  Note that
this commit makes implementation of either of these two mandatory.

Reviewed by:	kib
2009-10-01 17:22:03 +00:00
Dag-Erling Smørgrav
7aee6ffee0 Upgrade to OpenSSH 5.3p1. 2009-10-01 17:12:52 +00:00
VANHULLEBUS Yvan
a45bff047c Changed an IPSEC_ASSERT to a simple test, as such invalid packets
may come from outside without being discarded before.

Submitted by:	aurelien.ansel@netasq.com
Reviewed by:	bz (secteam)
Obtained from:	NETASQ
MFC after:	1m
2009-10-01 15:33:53 +00:00
Dag-Erling Smørgrav
e5e752b5a7 Vendor import of OpenSSH 5.3p1 2009-10-01 15:19:37 +00:00
Konstantin Belousov
b02395c64d As a workaround, for Intel CPUs, do not use CLFLUSH in
pmap_invalidate_cache_range() when self-snoop is apparently not reported
in cpu features. We get a reserved trap when clflushing APIC registers
window.

XEN in full system virtualization mode removes self-snoop from CPU
features, making this a problem.

Tested by:	csjp
Reviewed by:	alc
MFC after:	3 days
2009-10-01 12:52:48 +00:00
Konstantin Belousov
75ffdc4049 Do not dereference vp->v_mount without holding vnode lock and checking
that the vnode is not reclaimed.

Noted by:	Igor Sysoev <is rambler-co ru>
MFC after:	1 week
2009-10-01 12:50:26 +00:00
Konstantin Belousov
6fecb26b6b Move the annotation for vm_map_startup() immediately before the function.
MFC after:	3 days
2009-10-01 12:48:35 +00:00
Konstantin Belousov
15b7a831df Fix typo.
MFC after:	3 days
2009-10-01 12:46:58 +00:00
Coleman Kane
00e6b158be Fix a bad use of NULL instead of zero for int comparison. Sorry for the
breakage.

Submitted by:	bz, des, onemda
MFC after:	3 days
2009-10-01 11:52:06 +00:00
Andriy Gapon
7e936cef34 print machine in kernel boot version string
Discussed with:	gavin, kib, jhb
PR:		kern/126926
MFC after:	2 weeks
2009-10-01 10:53:12 +00:00
Yoshihiro Takahashi
eb8d03079d MFi386: revision 197653
Improve 802.11s comment.

MFC after:	1 day
2009-10-01 10:46:22 +00:00
Coleman Kane
ed44e7ec7d style(9) fixes (always compare pointers to NULL)
Also, the previous commit to sys/dev/if_ndis/if_ndis.c also included the
removal of a call to ndis_setstate_80211 that is no longer needed.

Submitted by:	sam
MFC after:	3 days
2009-10-01 02:43:51 +00:00
Rui Paulo
c16c6b65da Improve 802.11s comment.
Spotted by:	dougb
MFC after:	1 day
2009-10-01 02:08:42 +00:00
Edward Tomasz Napierala
5aea82db46 Fix typo in the comment. 2009-09-30 18:50:50 +00:00
John Baldwin
146672474f Do not hold the ACPI A/C adapter lock when changing the power profile.
MFC after:	2 weeks
2009-09-30 17:07:49 +00:00
John Baldwin
0032eb1acb Split the 'video' ACPI lock up into two locks to resolve a LOR with the
sysctl lock.  The 'video' lock now protects the 'bus' of video output
devices attached to a graphics adapter.  It is used when iterating over
the list of outputs, etc.  The 'video_output' lock is used to lock the
output-specific data similar to a driver lock for the individual video
outputs.

MFC after:	2 weeks
2009-09-30 17:05:26 +00:00
Andriy Gapon
beb2c1f3e9 cpufunc.h: unify/correct style of c extension names
i386 and amd64 archs only.
inline => __inline. [1]
__asm__ => __asm. [2]

Reviewed by:	kib, jhb [1]
Suggested by:	kib [2]
MFC after:	1 week
2009-09-30 16:34:50 +00:00
Hajimu UMEMOTO
db4abd60a3 Don't do an IPv6 operation when the kernel doesn't have
an IPv6 support.

Reported by:	Alexander Best <alexbestms__at__math.uni-muenster.de>
Confirmed by:	Paul B. Mahol <onemda__at__gmail.com>,
		Alexander Best <alexbestms__at__math.uni-muenster.de>
2009-09-30 14:58:10 +00:00