874 Commits

Author SHA1 Message Date
Marcel Moolenaar
2ae4f1fd16 Introduce the hw.uart.console and hw.uart.dbgport environment variables
to select a serial console and debug port (resp). On ia64 these replace
the use of hints completely and take precedence over hints on alpha,
amd64 and i386. On sparc64 these variables are not yet recognised.

The reasons for introducing these variables are:
1.  Hints have side-effects. They reserve the unit number for use by
    isa or acpi devices and therefore cannot be used to select a pci
    device. Also, the use of a unit number to select a device prior
    to bus enumeration is nonsense. The new variables have no side-
    effects and are not based on unit numbers.
2.  Hints don't have the expression power to allow the sysadmin to
    select UARTs that are not legacy PC devices and need the support
    of compile-time constants to give the sysadmin some level of
    flexibility.

The hw.uart.console and hw.uart.dbgport variables specify a list of
attributes. An attribute is a tag-value pair, seperated by a colon.
Attributes are seperated by a comma. Where possible, tags are the
same as those in /etc/remote (only br and pa in practice). Details
can be found in the manpage (not part of this commit).

Not tested on: amd64, pc98
2004-03-20 02:14:02 +00:00
Robert Watson
909d5c6308 Isolate PCB-specific ethertalk DDP functions in ddp_pcb.c, removing them
from ddp_usrreq.c.  Functions moved are:

  at_pcballoc()
  at_pcbconnect()
  at_pcbdetach()
  at_pcbdisconnect()
  at_pcbsetaddr()
  at_sockaddr()

Also moved are ddp_ports and ddpcb, global variables associated with DDP
pcbs.  This makes PCB implementation more parallel to inet, inet6, and
ipx.
2004-03-19 07:21:22 +00:00
Scott Long
846ca5d04f Remove RAIDFrame. It hasn't worked since GEOM replaced the old disk
mini-layer.  I don't have time to bing it forward into the GEOM world, and
no one else has stepped forward to claim it.  It'll be in the Attic for safe
keeping for now.
2004-03-16 12:23:43 +00:00
Tom Rhodes
06d6e4fcfe This are the build infrastructure changes to allow to use the
Intel C/C++ compiler (lang/icc) to build the kernel.

The icc CPUTYPE CFLAGS use icc v7 syntax, icc v8 moans about them, but
doesn't abort. They also produce CPU specific code (new instructions
of the CPU, not only CPU specific scheduling), so if you get coredumps
with signal 4 (SIGILL, illegal instruction) you've used the wrong
CPUTYPE.

Incarnations of this patch survive gcc compiles and my make universe.
I use it on my desktop.

To use it update share/mk, add
	/usr/local/intel/compiler70/ia32/bin	(icc v7, works)
or
	/usr/local/intel_cc_80/bin		(icc v8, doesn't work)
to your PATH, make sure you have a new kernel compile directory
(e.g. MYKERNEL_icc) and run
	CFLAGS="-O2 -ip" CC=icc make depend
	CFLAGS="-O2 -ip" CC=icc make
in it.

Don't compile with -ipo, the build infrastructure uses ld directly to
link the kernel and the modules, but -ipo needs the link step to be
performed with Intel's linker.

Problems with icc v8:
 - panic: npx0 cannot be emulated on an SMP system
 - UP: first start of /bin/sh results in a FP exception

Parts of this commit contains suggestions or submissions from
Marius Strobl <marius@alchemy.franken.de>.

Reviewed by:	silence on -arch
Submitted by:	netchild
2004-03-12 21:36:12 +00:00
Benno Rice
bde778e9f2 Add a netgraph node to handle ATM LLC encapsulation. This currently handles
ethernet (tested) and FDDI (not tested).  The main use for this is on ADSL (or
other ATM) connections where bridged ethernet is used, PPPoE being a prime
example.

There is no manual page as yet, I will write one shortly.

Reviewed by:	harti
2004-03-08 10:54:35 +00:00
David E. O'Brien
5af0827e0f mga_state & r128_state need an inline-limit larger than amd64's default
in order to compile.  AMD64's default could be reduced below 8k, if
dev/aic7xxx/aic79xx.c got this same treatment.
2004-03-03 09:33:03 +00:00
Nate Lawson
7592c288eb Add the ACPI standard video extensions driver. I've done some style cleanup
but a bit more reamins to be done.  For now, it is usable.

PR:
Submitted by:	Taku YAMAMOTO <taku@cent.saitama-u.ac.jp>
Reviewed by:
Approved by:
Obtained from:
MFC after:
2004-03-01 08:12:55 +00:00
Bernd Walter
7de8778318 add driver for BWCT console management serials 2004-03-01 02:34:49 +00:00
Marcel Moolenaar
b55a929477 uteval.c gained a warning (cast discards qualifiers from pointer target
type) after vendor import of ACPICA 20040220. Add nowerror.
2004-02-28 23:04:45 +00:00
Poul-Henning Kamp
3e2c971172 Add a generic watchdog facility which through a single device entry
in /dev controls all available watchdog implementations.
2004-02-28 20:06:59 +00:00
MIHIRA Sanpei Yoshiro
cdd40f3bd6 add support DM9601(DAVICOM USB to Ethernet MAC Controller with Integrated 10/100 PHY)
- Corega FEther USB-TXC

PR:		kern/62932
Submitted by:	HASHI Hiroaki <hashiz@tomba.cskk-sv.co.jp>
Obtained from:	NetBSD
2004-02-28 00:12:47 +00:00
John Baldwin
44f3b09204 Switch the sleep/wakeup and condition variable implementations to use the
sleep queue interface:
- Sleep queues attempt to merge some of the benefits of both sleep queues
  and condition variables.  Having sleep qeueus in a hash table avoids
  having to allocate a queue head for each wait channel.  Thus, struct cv
  has shrunk down to just a single char * pointer now.  However, the
  hash table does not hold threads directly, but queue heads.  This means
  that once you have located a queue in the hash bucket, you no longer have
  to walk the rest of the hash chain looking for threads.  Instead, you have
  a list of all the threads sleeping on that wait channel.
- Outside of the sleepq code and the sleep/cv code the kernel no longer
  differentiates between cv's and sleep/wakeup.  For example, calls to
  abortsleep() and cv_abort() are replaced with a call to sleepq_abort().
  Thus, the TDF_CVWAITQ flag is removed.  Also, calls to unsleep() and
  cv_waitq_remove() have been replaced with calls to sleepq_remove().
- The sched_sleep() function no longer accepts a priority argument as
  sleep's no longer inherently bump the priority.  Instead, this is soley
  a propery of msleep() which explicitly calls sched_prio() before
  blocking.
- The TDF_ONSLEEPQ flag has been dropped as it was never used.  The
  associated TDF_SET_ONSLEEPQ and TDF_CLR_ON_SLEEPQ macros have also been
  dropped and replaced with a single explicit clearing of td_wchan.
  TD_SET_ONSLEEPQ() would really have only made sense if it had taken
  the wait channel and message as arguments anyway.  Now that that only
  happens in one place, a macro would be overkill.
2004-02-27 18:52:44 +00:00
Max Laier
cc5934f5af Tweak existing header and other build infrastructure to be able to build
pf/pflog/pfsync as modules. Do not list them in NOTES or modules/Makefile
(i.e. do not connect it to any (automatic) builds - yet).

Approved by: bms(mentor)
2004-02-26 03:53:54 +00:00
Robert Watson
c66b4d8d26 Move inet and inet6 related MAC Framework entry points from mac_net.c
to a new mac_inet.c.  This code is now conditionally compiled based
on inet support being compiled into the kernel.

Move socket related MAC Framework entry points from mac_net.c to a new
mac_socket.c.

To do this, some additional _enforce MIB variables are now non-static.
In addition, mbuf_to_label() is now mac_mbuf_to_label() and non-static.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, McAfee Research
2004-02-26 03:51:04 +00:00
Bruce M Simpson
1cfd4b5326 Initial import of RFC 2385 (TCP-MD5) digest support.
This is the first of two commits; bringing in the kernel support first.
This can be enabled by compiling a kernel with options TCP_SIGNATURE
and FAST_IPSEC.

For the uninitiated, this is a TCP option which provides for a means of
authenticating TCP sessions which came into being before IPSEC. It is
still relevant today, however, as it is used by many commercial router
vendors, particularly with BGP, and as such has become a requirement for
interconnect at many major Internet points of presence.

Several parts of the TCP and IP headers, including the segment payload,
are digested with MD5, including a shared secret. The PF_KEY interface
is used to manage the secrets using security associations in the SADB.

There is a limitation here in that as there is no way to map a TCP flow
per-port back to an SPI without polluting tcpcb or using the SPD; the
code to do the latter is unstable at this time. Therefore this code only
supports per-host keying granularity.

Whilst FAST_IPSEC is mutually exclusive with KAME IPSEC (and thus IPv6),
TCP_SIGNATURE applies only to IPv4. For the vast majority of prospective
users of this feature, this will not pose any problem.

This implementation is output-only; that is, the option is honoured when
responding to a host initiating a TCP session, but no effort is made
[yet] to authenticate inbound traffic. This is, however, sufficient to
interwork with Cisco equipment.

Tested with a Cisco 2501 running IOS 12.0(27), and Quagga 0.96.4 with
local patches. Patches for tcpdump to validate TCP-MD5 sessions are also
available from me upon request.

Sponsored by:	sentex.net
2004-02-11 04:26:04 +00:00
Peter Wemm
0ec876a2f0 Attempt to clean up the emu10k1-alsa.h stuff so that config doesn't
delete it each time its run and have it regenerated each time by make.
I used a quick hackish script rather than putting it in the files file
and used the before-depend rule to avoid the depend/no-depend hacks.
2004-02-05 22:51:16 +00:00
Atsushi Onoe
d148e81e76 Use generic net80211 framework for awi driver.
Restore awi to be workable again; it was broken..
XXX: The initialization is still unreliable yet, it sometimes fails on
     some card.
2004-01-15 10:04:21 +00:00
David E. O'Brien
4239793589 Add emu10k1-alsa%diked.h dependancies. 2004-01-12 19:02:37 +00:00
Bruce M Simpson
37621fd5d9 Push m_apply() and m_getptr() up into the colleciton of standard mbuf
routines, and purge them from opencrypto.

Reviewed by:	sam
Obtained from:	NetBSD
Sponsored by:	spc.org
2003-12-15 21:49:41 +00:00
Warner Losh
65b4a1b917 Remote meteor driver. It hasn't compiled in over 3 years. If someone
makes it compile again, and can test it, we can restore the driver to
the tree.
2003-12-07 04:41:11 +00:00
Warner Losh
1da8b3b984 Now that we have the en(4) driver, we no longer need the hea driver.
Approved by: harti@
2003-12-07 04:27:08 +00:00
Warner Losh
29b4184577 Continue to remove drivers that don't compile and haven't compiled in
a long time: lmc The LAN Media Corp PCI WAN driver based on tulip.
This driver hasn't compiled for 3 years since the PCI compat shims
were removed, and Lan Media appears to have gone out of business.
These cards appear to be rare (a recent search of ebay had no hits).

Should someone wish to revive this driver, submitting patches to make
it compile plus a testing report will bring it back.
2003-12-07 04:05:19 +00:00
John Baldwin
45c1c90f6a Export a few SMP related symbols in UP kernels as well. This is needed to
aid other kernel code, especially code which can be in a module such as
the acpi_cpu(4) driver, to work properly with both SMP and UP kernels.
The exported symbols include mp_ncpus, all_cpus, mp_maxid, smp_started, and
the smp_rendezvous() function.  This also means that CPU_ABSENT() is now
always implemented the same on all kernels.

Approved by:	re (scottl)
2003-12-03 14:55:31 +00:00
Andre Oppermann
97d8d152c2 Introduce tcp_hostcache and remove the tcp specific metrics from
the routing table.  Move all usage and references in the tcp stack
from the routing table metrics to the tcp hostcache.

It caches measured parameters of past tcp sessions to provide better
initial start values for following connections from or to the same
source or destination.  Depending on the network parameters to/from
the remote host this can lead to significant speedups for new tcp
connections after the first one because they inherit and shortcut
the learning curve.

tcp_hostcache is designed for multiple concurrent access in SMP
environments with high contention and is hash indexed by remote
ip address.

It removes significant locking requirements from the tcp stack with
regard to the routing table.

Reviewed by:	sam (mentor), bms
Reviewed by:	-net, -current, core@kame.net (IPv6 parts)
Approved by:	re (scottl)
2003-11-20 20:07:39 +00:00
Nate Lawson
6b74f9b7f5 Implement Cx CPU idle states and updated throttling support.
* Use the cpu_idle_hook() to do idling for C1-C3.
* Use both _CST and the FADT to detect Cx states.
* Use both _PTC and P_CNT for controlling throttling.
* Add a notify handler to detect changes in _CST and _PSS
* Call the _INI function for each processor if present.  This will be
  done by ACPI-CA in the future.
* Fix a bug on SMP systems where CPUs will attach multiple times if the
  bus is rescan.
* Document new sysctls for controlling idling.
2003-11-15 19:26:06 +00:00
Andre Oppermann
9188b4a169 Introduce ip_fastforward and remove ip_flow.
Short description of ip_fastforward:

 o adds full direct process-to-completion IPv4 forwarding code
 o handles ip fragmentation incl. hw support (ip_flow did not)
 o sends icmp needfrag to source if DF is set (ip_flow did not)
 o supports ipfw and ipfilter (ip_flow did not)
 o supports divert, ipfw fwd and ipfilter nat (ip_flow did not)
 o returns anything it can't handle back to normal ip_input

Enable with sysctl -w net.inet.ip.fastforwarding=1

Reviewed by:	sam (mentor)
2003-11-14 21:02:22 +00:00
Alfred Perlstein
1bf8720450 University of Michigan's Citi NFSv4 kernel client code.
Submitted by: Jim Rees <rees@umich.edu>
2003-11-14 20:54:10 +00:00
Hajimu UMEMOTO
543729cf93 avoid module name conflict with opencrypto/rijndael.c.
Reported by:	tinderbox
2003-11-12 04:22:37 +00:00
Robert Watson
eca8a663d4 Modify the MAC Framework so that instead of embedding a (struct label)
in various kernel objects to represent security data, we embed a
(struct label *) pointer, which now references labels allocated using
a UMA zone (mac_label.c).  This allows the size and shape of struct
label to be varied without changing the size and shape of these kernel
objects, which become part of the frozen ABI with 5-STABLE.  This opens
the door for boot-time selection of the number of label slots, and hence
changes to the bound on the number of simultaneous labeled policies
at boot-time instead of compile-time.  This also makes it easier to
embed label references in new objects as required for locking/caching
with fine-grained network stack locking, such as inpcb structures.

This change also moves us further in the direction of hiding the
structure of kernel objects from MAC policy modules, not to mention
dramatically reducing the number of '&' symbols appearing in both the
MAC Framework and MAC policy modules, and improving readability.

While this results in minimal performance change with MAC enabled, it
will observably shrink the size of a number of critical kernel data
structures for the !MAC case, and should have a small (but measurable)
performance benefit (i.e., struct vnode, struct socket) do to memory
conservation and reduced cost of zeroing memory.

NOTE: Users of MAC must recompile their kernel and all MAC modules as a
result of this change.  Because this is an API change, third party
MAC modules will also need to be updated to make less use of the '&'
symbol.

Suggestions from:	bmilekic
Obtained from:		TrustedBSD Project
Sponsored by:		DARPA, Network Associates Laboratories
2003-11-12 03:14:31 +00:00
John Baldwin
961a7b244d Add an implementation of turnstiles and change the sleep mutex code to use
turnstiles to implement blocking isntead of implementing a thread queue
directly.  These turnstiles are somewhat similar to those used in Solaris 7
as described in Solaris Internals but are also different.

Turnstiles do not come out of a fixed-sized pool.  Rather, each thread is
assigned a turnstile when it is created that it frees when it is destroyed.
When a thread blocks on a lock, it donates its turnstile to that lock to
serve as queue of blocked threads.  The queue associated with a given lock
is found by a lookup in a simple hash table.  The turnstile itself is
protected by a lock associated with its entry in the hash table.  This
means that sched_lock is no longer needed to contest on a mutex.  Instead,
sched_lock is only used when manipulating run queues or thread priorities.
Turnstiles also implement priority propagation inherently.

Currently turnstiles only support mutexes.  Eventually, however, turnstiles
may grow two queue's to support a non-sleepable reader/writer lock
implementation.  For more details, see the comments in sys/turnstile.h and
kern/subr_turnstile.c.

The two primary advantages from the turnstile code include: 1) the size
of struct mutex shrinks by four pointers as it no longer stores the
thread queue linkages directly, and 2) less contention on sched_lock in
SMP systems including the ability for multiple CPUs to contend on different
locks simultaneously (not that this last detail is necessarily that much of
a big win).  Note that 1) means that this commit is a kernel ABI breaker,
so don't mix old modules with a new kernel and vice versa.

Tested on:	i386 SMP, sparc64 SMP, alpha SMP
2003-11-11 22:07:29 +00:00
Hajimu UMEMOTO
34d78ec3f1 cleanup rijndael API.
since there are naming conflicts with opencrypto, #define was
added to rename functions intend to avoid conflicts.

Obtained from:	KAME
2003-11-11 18:58:54 +00:00
Hajimu UMEMOTO
db54001806 enable aes-xcbc-mac and aes-ctr, again. 2003-11-10 10:39:14 +00:00
Hartmut Brandt
ed91f9a547 Allow the ng_uni node (NgATM signalling layer) to be built into the
kernel via options NGATM_UNI.
2003-11-07 09:18:53 +00:00
Scott Long
126f0dfa3a Hook the udf_iconv module up to the kernel build.
Submitted by: imura@ryu16.org
2003-11-05 06:38:14 +00:00
Hartmut Brandt
ec7ceac96a Put address handling, traffic descriptor handling and message encoding
and decoding into the atmbase module when compiled directly into the kernel.
2003-11-03 12:05:58 +00:00
Poul-Henning Kamp
5843f50d9b Change /dev/soekris-errled to be /dev/led/error and make it conditional
on CPU_SOEKRIS.

Note the subtle change in semantfics for 'f%d' flash instruction and the
new morse facility (see details in dev/led/led.c)
2003-11-03 11:03:40 +00:00
Hartmut Brandt
027ebd2f39 Allow building the NgATM SAAL layer directly into the kernel. 2003-10-27 11:19:08 +00:00
Hidetoshi Shimokawa
ffbfc256fc Revert previous change.
We have to put dcons_crom at first after 'optional' and
dcons and firewire are necessary and not optional for dcons_crom anyway.

Reported by: brooks
2003-10-26 07:42:32 +00:00
Hidetoshi Shimokawa
b604f6e80f dcons_crom.c needs dcons and firewire. 2003-10-25 12:59:22 +00:00
Hidetoshi Shimokawa
869093b15d Add dumb console driver and related bits.
dcons(4): very simple console and gdb port driver
dcons_crom(4): FireWire attachment
dconschat(8): User interface to dcons

Tested with: i386, i386-PAE, and sparc64.
2003-10-24 15:44:10 +00:00
Robert Watson
5d79de444b Hook up to the build for options MAC:
security/mac/mac_net.c
	security/mac/mac_pipe.c
	security/mac/mac_process.c
	security/mac/mac_system.c
	security/mac/mac_vfs.c

Note: Here begins a period of NOTES/LINT build breakage due to duplicate
symbols that will shortly be removed from kern_mac.c.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:39:33 +00:00
Hajimu UMEMOTO
9132d5071c - revert to old rijndael code. new rijndael code broke gbde.
- since aes-xcbc-mac and aes-ctr require functions in new
  rijndael code, aes-xcbc-mac and aes-ctr are disabled for now.
2003-10-19 21:28:34 +00:00
Hidetoshi Shimokawa
e9e688e243 Add SBP-II target mode driver.
Though this is still incomplete and has some missing features such as
exclusive login and event notification, it may be enough for someone
who wants to play with it.

This driver is supposed to work with firewire(4), targ(4) of CAM(4)
and scsi_target(8) which can be found in /usr/share/example/scsi_target.
This driver doesn't require sbp(4) which implements initiator mode.

Sample configuration:

Kernel: (you can use modules as well)
device	firewire
device	scbus
device	targ
device	sbp_targ

After reboot:
# mdconfig -a -t malloc -s 10m
md0
# scsi_target 0:0:0 /dev/md0
(Assuming sbp_targ0 on scbus0)

You should find the 10MB HDD on FreeBSD/MacOS X/WinXP or whatever connected
to the target using FireWire.

Manpage is not finished yet.
2003-10-18 05:41:31 +00:00
Poul-Henning Kamp
db25ce18d8 Make sure to pull in all relevant crypto for GEOM_BDE 2003-10-15 08:53:04 +00:00
Hajimu UMEMOTO
66c7fe4056 use BF_ecb_encrypt().
Obtained from:	KAME
2003-10-13 19:26:08 +00:00
Hajimu UMEMOTO
b42ac57f4f - support AES counter mode for ESP.
- use size_t as return type of schedlen(), as there's no error
  check needed.
- clear key schedule buffer before freeing.

Obtained from:	KAME
2003-10-13 14:57:41 +00:00
Hajimu UMEMOTO
c65ee7c758 - support AES XCBC MAC for AH
- correct SADB_X_AALG_RIPEMD160HMAC to 8

Obtained from:	KAME
2003-10-13 04:54:51 +00:00
Hajimu UMEMOTO
3dbacd2651 use opencrypto for RMD160.
Requested by:	sam
2003-10-12 18:25:38 +00:00
Hajimu UMEMOTO
492528c051 - RIPEMD160 support
- pass size arg to ah->result (avoid assuming result buffer size)

Obtained from:	KAME
2003-10-12 09:41:42 +00:00
Hajimu UMEMOTO
8373d51d4b randomize IPv6 fragment ID.
Obtained from:	KAME
2003-10-01 15:13:29 +00:00