137298 Commits

Author SHA1 Message Date
delphij
653069d327 Allow underscore in domain names while resolving. While having underscore
is a violation of RFC 1034 [STD 13], it is accepted by certain name servers
as well as other popular operating systems' resolver library.

Bugs are mine.

Obtained from:	ume
MFC after:	2 weeks
2008-02-16 00:16:49 +00:00
danger
0841980fe6 - fix typo
Submitted by:	Constantine A. Murenin <cnst@FreeBSD.org>
MFC after:	3 days
2008-02-15 23:56:33 +00:00
antoine
ab8945769a Remove a superfluous line in run_interrupt_driven_config_hooks(),
next_entry is already initialized during TAILQ_FOREACH_SAFE().

PR:		kern/119604
Approved by:	rwatson (mentor)
MFC after:	1 month
2008-02-15 21:54:21 +00:00
antoine
719cf15a1b - Make Disk_Names() behave as documented in libdisk(3): return an array
of disk names, where you must free each pointer, as well as the array
by hand. [1]
- Destaticize "disks" in Disk_Names, it has no reasons to be static.

PR:		kern/96077 [1]
PR:		kern/114110 [1]
MFC after:	1 month
Approved by:	rwatson (mentor)
2008-02-15 21:19:15 +00:00
attilio
110048ac4f Bump __FreeBSD_version in order to signal introduction of lockmgr_args()
and LK_INTERNAL removal.
2008-02-15 21:08:18 +00:00
attilio
265cb5fb91 - Introduce lockmgr_args() in the lockmgr space. This function performs
the same operation of lockmgr() but accepting a custom wmesg, prio and
  timo for the particular lock instance, overriding default values
  lkp->lk_wmesg, lkp->lk_prio and lkp->lk_timo.
- Use lockmgr_args() in order to implement BUF_TIMELOCK()
- Cleanup BUF_LOCK()
- Remove LK_INTERNAL as it is nomore used in the lockmgr namespace

Tested by:	Andrea Barberio <insomniac at slackware dot it>
2008-02-15 21:04:36 +00:00
rwatson
827638d449 Add privilege PRIV_NNPFS_DEBUG for use with Arla/nnpfs. This privilege
will authorize debugging system calls.

MFC after:	1 month
2008-02-15 20:26:17 +00:00
olli
e0ac1516ce Add myself and the mentorship relation of des.
Approved by:	des (mentor)
2008-02-15 18:40:45 +00:00
rwatson
8009d6be3e The possibly interruptible msleep in coda_call() means well, but is
fundamentally fairly confused about how signals work and when it is
appropriate for upcalls to be interrupted.  In particular, we should
be exempting certain upcalls from interruption, we should not always
eventually time out sleeping on a upcall, and we should not be
interrupting the sleep for certain signals that we currently are
(including SIGINFO).  This code needs to be reworked in the style of
NFS interruptible mounts.

MFC after:	1 month
2008-02-15 13:31:35 +00:00
rwatson
860deb0bbc Spell replys as replies.
MFC after:	1 month
2008-02-15 12:11:45 +00:00
rwatson
ac6e0fc083 Reorder and clean up make_coda_node(), annotate weaknesses in the
implementation.

MFC after:	1 month
2008-02-15 11:58:11 +00:00
bde
febd0ab45e Sigh, the weak reference for ceill(), floorl() and truncl() was in
unreachable code due to a missing include.  This kept arm and powerpc
broken.

Reported by:	sam, grehan
2008-02-15 07:01:40 +00:00
scottl
7163c9c1fc Teach the dump and minidump code to respect the maxioszie attribute of
the disk; the hard-coded assumption of 64K doesn't work in all cases.
2008-02-15 06:26:25 +00:00
rwatson
e71de3c9ad Add open_to_operation, a security regression test that opens files with
various open flags and then tests various operations to make sure that
they are properly constrained by open flags.  Various I/O mechansms
are tried, including aio if compiled into the kernel or loaded as a
module.  There's more to be done here but it's a useful start, running
about 220 individual tests.

This is in support of FreeBSD-SA-08:03.sendfile.
2008-02-14 20:57:38 +00:00
yar
8249be02c2 No network addresses in the system isn't a good excuse
for rpcbind(8) to crash.

The crash was due to a boolean variable initialized
improperly.  Besides fixing the initialization, pick
a better name for the variable so that its meaning is
clear and no more coding errors appear around it.
2008-02-14 20:12:23 +00:00
jhb
0d1deccf8c Make netstat -rn more resilient to having the routing table change out from
under it while running.  Note that this is still not perfect:
- Try to do something intelligent if kvm_read() fails to read a routing
  table structure such as an rtentry, radix_node, or ifnet.
- Don't follow left and right node pointers in radix_nodes unless
  RNF_ACTIVE is set in rn_flags.  This avoids walking through freed
  radix_nodes.

MFC after:	1 week
2008-02-14 20:01:52 +00:00
brueffer
ecd7efd241 Some language and mdoc style improvements. 2008-02-14 19:39:09 +00:00
marcel
257f2d8fc2 On Montecito processors, the instruction cache is in fact not
coherent with the data caches. Implement a quick fix to allow
us to boot on Montecito, while I'm working on a better fix in
the mean time.

Commit made on Montecito-based Itanium...
2008-02-14 18:46:50 +00:00
yar
9713f1f445 In the new order of things dictated by nmount(2), a read-only mount
is to be requested via a "ro" option.  At the same time, MNT_RDONLY
is gradually becoming an indicator of the current state of the FS
instead of a command flag.  Today passing MNT_RDONLY alone to the
kernel's mount machinery will lead to various glitches.  (See the
PRs for examples.)

Therefore mount the root FS with a "ro" option instead of the
MNT_RDONLY flag.  (Note that MNT_RDONLY still is added to the mount
flags internally, by vfs_donmount(), if "ro" was specified.)

To be able to pass "ro" cleanly to kernel_vmount(), teach the latter
function to accept options with NULL values.

Also correct the comment explaining how mount_arg() handles length
of -1.

PR:		bin/106636 kern/120319
Submitted by:	Jaakko Heinonen <see PR kern/120319 for email> (originally)
2008-02-14 17:04:31 +00:00
gallatin
0e60a1b33c Now that mxge supports MSI-X interrupts, reverse the logic and flag
legacy interrupts rather than MSI as a special case.  Prior to this
commit, the interrupt handler was doing the slow handshaking with
the device to ensure the legacy interrupt was lowered in both
the legacy and MSI-X case.  This handshaking was not
required for MSI-X.
2008-02-14 16:24:14 +00:00
bde
d3836a4dd2 Oops, the weak reference for ceill(), floorl() and truncl() was in the
wrong file.  This broke arm and powerpc.

Reported by:	grehan
2008-02-14 15:10:34 +00:00
rpaulo
6137f591ed Don't attach to non Core CPUs. This is needed because on the PIII,
querying the number of sensors returns > 0.

PR:		120541
Approved by:	njl (mentor)
2008-02-14 14:14:59 +00:00
bde
fda3d327bb Use the expression fabs(x+0.0)+fabs(y+0.0) instad of a+b (where a is
|x| or |y| and b is |y| or |x|) when mixing NaN arg(s).

hypot*() had its own foot shooting for mixing NaNs -- it swaps the
args so that |x| in bits is largest, but does this before quieting
signaling NaNs, so on amd64 (where the result of adding NaNs depends
on the order) it gets inconsistent results if setting the quiet bit
makes a difference, just like a similar ia64 and i387 hardware comparison.
The usual fix (see e_powf.c 1.13 for more details) of mixing using
(a+0.0)+-(b+0.0) doesn't work on amd64 if the args are swapped (since
the rder makes a difference with SSE). Fortunately, the original args
are unchanged and don't need to be swapped when we let the hardware
decide the mixing after quieting them, but we need to take their
absolute value.

hypotf() doesn't seem to have any real bugs masked by this non-bug.
On amd64, its maximum error in 2^32 trials on amd64 is now 0.8422 ulps,
and on i386 the maximum error is unchanged and about the same, except
with certain CFLAGS it magically drops to 0.5 (perfect rounding).

Convert to __FBSDID().
2008-02-14 13:44:03 +00:00
bde
419234714f Forced commit to note that the minus sign in the fancy expression
(x+0.0)-(y+0.0) for mixing NaNs documented in a previous log message
didn't actually get committed.  Apparently, adding 0.0 uniformizes
the order enough to give consistent results.
2008-02-14 12:56:35 +00:00
des
c5334cac08 _pthread_mutex_isowned_np(): use a more reliable method; the current code
will work in simple cases, but may fail in more complicated ones.

Reviewed by:	davidxu
2008-02-14 12:37:58 +00:00
simon
49aa39283b Fix sendfile(2) write-only file permission bypass.
Security:	FreeBSD-SA-08:03.sendfile
Submitted by:	kib
2008-02-14 11:44:31 +00:00
bde
30aa45f24b Fix the hi+lo decomposition for 2/(3ln2). The decomposition needs to
be into 12+24 bits of precision for extra-precision multiplication,
but was into 13+24 bits.  On i386 with -O1 the bug was hidden by
accidental extra precision, but on amd64, in 2^32 trials the bug
caused about 200000 errors of more than 1 ulp, with a maximum error
of about 80 ulps.  Now the maximum error in 2^32 trials on amd64
is 0.8573 ulps.  It is still 0.8316 ulps on i386 with -O1.

The nearby decomposition of 1/ln2 and the decomposition of 2/(3ln2) in
the double precision version seem to be sub-optimal but not broken.
2008-02-14 10:23:51 +00:00
brueffer
73c193c7ba Document the hw.skc.jumbo_disable tunable. While here, correct some things
in the SYSCTLS section.

Submitted by:	yongari
2008-02-14 10:01:48 +00:00
bde
dba8069abd Use the expression (x+0.0)-(y+0.0) instead of x+y when mixing NaN arg(s).
This uses 2 tricks to improve consistency so that more serious problems
aren't hidden in simple regression tests by noise for the NaNs:

- for a signaling NaN, adding 0.0 generates the invalid exception and
  converts to a quiet NaN, and doesn't have too many effects for other
  types of args (it converts -0 to +0 in some rounding modes, but that
  hopefully doesn't change the result after adding the NaN arg).  This
  avoids some inconsistencies on i386 and ia64.  On these arches, the
  result of an operation on 2 NaNs is apparently the largest or the
  smallest of the NaNs as bits (consistently largest or smallest for
  each arch, but the opposite).  I forget which way the comparison
  goes and if the sign bit affects it.  The quiet bit is is handled
  poorly by not always setting it before the comparision or ignoring
  it.  Thus if one of the args was originally a signaling NaN and the
  other was originally a quiet NaN, then the result depends too much
  on whether the signaling NaN has been quieted at this point, which
  in turn depends on optimizations and promotions.  E.g., passing float
  signaling NaNs to double functions must quiet them on conversion;
  on i387, loading a signaling NaN of type float or double (but not
  long double) into a register involves a conversion, so it quiets
  signaling NaNs, so if the addition has 2 register operands than it
  only sees quiet NaNs, but if the addition has a memory operand then
  it sees a signaling NaN iff it is in the memory operand.

- subtraction instead of addition is used to avoid a dubious optimization
  in old versions of gcc.  For SSE operations, mixing of NaNs apparently
  always gives the target operand.  This is not as good as the i387
  and ia64 behaviour.  It doesn't mix NaNs at all, and makes addition
  not quite commutative.  Old versions of gcc sometimes rewrite x+y
  to y+x and thus give different results (in bits) for NaNs.  gcc-3.3.3
  rewrites x+y to y+x for one of pow() and powf() but not the other,
  so starting from float NaN args x and y, powf(x, y) was almost always
  different from pow(x, y).

These tricks won't give consistency of 2-arg float and double functions
with long double ones on amd64, since long double ones use the i387
which has different semantics from SSE.

Convert to __FBSDID().
2008-02-14 09:42:24 +00:00
yongari
df40a22dd2 Prefer NULL over integer 0 for pointer type. 2008-02-14 01:25:01 +00:00
yongari
182a7cea0b Nuke local jumbo allocator and switch to use of UMA backed page
allocator for jumbo frame.
 o Removed unneeded jlist lock which was used to manage jumbo
   buffers.
 o Don't reinitialize hardware if MTU was not changed.
 o Added additional check for minimal MTU size.
 o Added a new tunable hw.skc.jumbo_disable to disable jumbo frame
   support for the driver. The tunable could be set for systems that
   do not need to use jumbo frames and it would save
   (9K * number of Rx descriptors) bytes kernel memory.
 o Jumbo buffer allocation failure is no longer critical error for
   the operation of sk(4). If sk(4) encounter the allocation failure
   it just disables jumbo frame support and continues to work without
   user intervention.

With these changes jumbo frame performance of sk(4) was slightly
increased and users should not encounter jumbo buffer allocation
failure. Previously sk(4) tried to allocate physically contiguous
memory, 3388KB for 256 Rx descriptors. Sometimes that amount of
contiguous memory region could not be available for running systems
which in turn resulted in failure of loading the driver.

Tested by:	Cy Schubert < Cy.Schubert () komquats dot com >
2008-02-14 01:10:48 +00:00
rwatson
021108eeb6 Remove debugging code under OLD_DIAGNOSTIC; this is all >10 years old and
hasn't been used in that time.

MFC after:	1 month
2008-02-14 00:55:03 +00:00
rwatson
0cf10cfc00 In Coda, flush the attribute cache for a cnode when its fid is
changed, as its synthesized inode number may have changed and we
want stat(2) to pick up the new inode number.

MFC after:	1 month
2008-02-14 00:30:06 +00:00
gallatin
960266ca30 Add minimally invasive shims to ease MFCs of mxge back as far
as RELENG_6

Sponsored by: Myricom, Inc.
2008-02-14 00:09:59 +00:00
jhb
fd8332efc0 Add KASSERT()'s to catch attempts to recurse on spin mutexes that aren't
marked recursable either via mtx_lock_spin() or thread_lock().

MFC after:	1 week
2008-02-13 23:39:05 +00:00
jhb
b518019544 Mark the syscons video spin mutex as recursable since it is currently
recursed in a few places.

MFC after:	1 week
2008-02-13 23:38:08 +00:00
jhb
32100bd15f Mark sleepqueue chain spin mutexes are recursable since the sleepq code
now recurses on them in sleepq_broadcast() and sleepq_signal() when
resuming threads that are fully asleep.

MFC after:	1 week
2008-02-13 23:36:56 +00:00
jhb
64735ffb5f Add a couple of assertions and KTR logging to thread_lock_flags() to
match mtx_lock_spin_flags().

MFC after:	1 week
2008-02-13 23:33:50 +00:00
gallatin
f8f681d2a2 Make the type of the firmware arrays match those
in the other eth*_z8e.h files.
2008-02-13 21:58:46 +00:00
attilio
588d2ab6cc Update manpage with lockmgr_assert() description. 2008-02-13 21:54:16 +00:00
jhb
e8b1d791b2 Add an automatic kernel module version dependency to prevent loading
modules using invalid ABI versions (e.g. a 7.x module with an 8.x kernel)
for a given kernel:
- Add a 'kernel' module version whose value is __FreeBSD_version.
- Add a version dependency on 'kernel' in every module that has an
  acceptable version range of __FreeBSD_version up to the end of the
  branch __FreeBSD_version is part of.  E.g. a module compiled on 701000
  would work on kernels with versions between 701000 and 799999 inclusive.

Discussed on:	arch@
MFC after:	1 week
2008-02-13 21:34:06 +00:00
attilio
784af2e88a Bump __FreeBSD_version after the introduction of:
- lockmgr_assert()
- BUF_ASSERT_*() family functions

which enriched the KPI.
2008-02-13 20:59:28 +00:00
cperciva
5525e95af0 Improve conformance to the HTTP specification by using case-insensitive
comparisons for header keywords.  Apparently some proxies use creative
capitalization.

Weird proxy found by:	brooks
MFC after:		3 days
2008-02-13 20:46:23 +00:00
attilio
456bfb1f0f - Add real assertions to lockmgr locking primitives.
A couple of notes for this:
  * WITNESS support, when enabled, is only used for shared locks in order
    to avoid problems with the "disowned" locks
  * KA_HELD and KA_UNHELD only exists in the lockmgr namespace in order
    to assert for a generic thread (not curthread) owning or not the
    lock.  Really, this kind of check is bogus but it seems very
    widespread in the consumers code.  So, for the moment, we cater this
    untrusted behaviour, until the consumers are not fixed and the
    options could be removed (hopefully during 8.0-CURRENT lifecycle)
  * Implementing KA_HELD and KA_UNHELD (not surported natively by
    WITNESS) made necessary the introduction of LA_MASKASSERT which
    specifies the range for default lock assertion flags
  * About other aspects, lockmgr_assert() follows exactly what other
    locking primitives offer about this operation.

- Build real assertions for buffer cache locks on the top of
  lockmgr_assert().  They can be used with the BUF_ASSERT_*(bp)
  paradigm.

- Add checks at lock destruction time and use a cookie for verifying
  lock integrity at any operation.

- Redefine BUF_LOCKFREE() in order to not use a direct assert but
  let it rely on the aforementioned destruction time check.

KPI results evidently broken, so __FreeBSD_version bumping and
manpage update result necessary and will be committed soon.

Side note: lockmgr_assert() will be used soon in order to implement
real assertions in the vnode namespace replacing the legacy and still
bogus "VOP_ISLOCKED()" way.

Tested by:      kris (earlier version)
Reviewed by:    jhb
2008-02-13 20:44:19 +00:00
rwatson
5e4721882e Update cache flushing behavior in light of recent namecache and
access cache improvements:

- Flush just access control state on CODA_PURGEUSER, not the full
  namecache for /coda.

- When replacing a fid on a cnode as a result of, e.g.,
  reintegration after offline operation, we no longer need to
  purge the namecache entries associated with its vnode.

MFC after:	1 month
2008-02-13 19:50:17 +00:00
brueffer
3184363ac3 The hptrr driver first appeared in 6.3, not 5.3.
PR:		120616
Submitted by:	Josh Paetzel <josh@tcbug.org>
MFC after:	3 days
2008-02-13 18:32:44 +00:00
bde
9dd3000124 Forced commit to note that the lost log message for the previous commit
said that the previous commit was almost a null forced commit too.  It
just converted to __FBSDID().  I was going to change `huge' from its
double precision value of 1e300, but that seems to be unnecessary since
`huge' is only used to set FE_INEXACT, and any value with an exponent
larger than LDBL_MANT_DIG will do for that, while initializing a really
huge value in a portable way would require more code.
2008-02-13 18:16:43 +00:00
bde
5f2db8f916 s_ceill.c
s_floorl.c
s_truncl.c
2008-02-13 17:38:16 +00:00
jhb
f3a2cbebdb Use RTFREE_LOCKED() instead of rtfree() when releasing a reference on the
'rt' route in rtredirect() as 'rt' is always locked.

MFC after:	1 week
PR:		kern/117913
Submitted by:	Stefan Lambrev  stefan.lambrev of moneybookers.com
2008-02-13 16:57:58 +00:00
bde
234b4ba1f7 On arches where long double is the same as double, alias ceil(), floor()
and trunc() to the corresponding long double functions.  This is not
just an optimization for these arches.  The full long double functions
have a wrong value for `huge', and the arches without full long doubles
depended on it being wrong.
2008-02-13 16:56:52 +00:00