import from p4 bms_netdev. Summary of changes:
* Connect netinet6/in6_mcast.c to build.
The legacy KAME KPIs are mostly preserved.
* Eliminate now dead code from ip6_output.c.
Don't do mbuf bingo, we are not going to do RFC 2292 style
CMSG tricks for multicast options as they are not required
by any current IPv6 normative reference.
* Refactor transports (UDP, raw_ip6) to do own mcast filtering.
SCTP, TCP unaffected by this change.
* Add ip6_msource, in6_msource structs to in6_var.h.
* Hookup mld_ifinfo state to in6_ifextra, allocate from
domifattach path.
* Eliminate IN6_LOOKUP_MULTI(), it is no longer referenced.
Kernel consumers which need this should use in6m_lookup().
* Refactor IPv6 socket group memberships to use a vector (like IPv4).
* Update ifmcstat(8) for IPv6 SSM.
* Add witness lock order for IN6_MULTI_LOCK.
* Move IN6_MULTI_LOCK out of lower ip6_output()/ip6_input() paths.
* Introduce IP6STAT_ADD/SUB/INC/DEC as per rwatson's IPv4 cleanup.
* Update carp(4) for new IPv6 SSM KPIs.
* Virtualize ip6_mrouter socket.
Changes mostly localized to IPv6 MROUTING.
* Don't do a local group lookup in MROUTING.
* Kill unused KAME prototypes in6_purgemkludge(), in6_restoremkludge().
* Preserve KAME DAD timer jitter behaviour in MLDv1 compatibility mode.
* Bump __FreeBSD_version to 800084.
* Update UPDATING.
NOTE WELL:
* This code hasn't been tested against real MLDv2 queriers
(yet), although the on-wire protocol has been verified in Wireshark.
* There are a few unresolved issues in the socket layer APIs to
do with scope ID propagation.
* There is a LOR present in ip6_output()'s use of
in6_setscope() which needs to be resolved. See comments in mld6.c.
This is believed to be benign and can't be avoided for the moment
without re-introducing an indirect netisr.
This work was mostly derived from the IGMPv3 implementation, and
has been sponsored by a third party.
so that a ppp running in `receiver' (server) mode can properly
update routes, for example to update the MTU.
Submitted by: loos.br gmail.com (Luiz Otavio O Souza)
PR: bin/130159
PR: kern/125079, kern/122068, bin/126892
MFC after: 3 days
stability, check for gw to be set before adding the flag and the address
to the routing message.
r186308, backed out in r191305, already tried to do that, and in addition
ignore AF_LINK types of gateway addresses to work around a problem that
r167797 had introduced on the kernel side always setting RTF_GATEWAY if a
gateway address was passed into the kernel.
The proper solution for this is still under discussion so I am hesitant to
re-add the special AF_LINK treatment for now.
MFC after: 3 days
in case of AF_LINK, which the kernel still returns for an RTAX_GATEWAY
as an empty sockaddr_dl in the classic tun<n> case.
Copying the address into the message payload, but not the RTA_GATEWAY
flag results in rt_xaddrs() in the kernel tripping over that and parsing
the next attribute set with a flag, i.e. RTA_NETMASK, with the gateway
address, resulting in bogus route entry.
MFC after: 3 days
registers.
- Cleanup PCI-X capability printf to not leave a dangling "supports" for
some PCI-X bridges.
- Display additional PCI express details including the negotiated and max
link width and the actual and maximum supported max payload.
MFC after: 1 month
we were not properly handling proxy arp. Make sure we (try to) add
the proxy arp entry/entries in this case as well.
PR: bin/131250
Submitted by: loos.br gmail.com (Luiz Otavio O Souza)
MFC after: 3 days
Not only did these two drivers depend on IFF_NEEDSGIANT, they were
broken 7 months ago during the MPSAFE TTY import. if_ppp(4) has been
replaced by ppp(8). There is no replacement for if_sl(4).
If we see regressions in for example the ports tree, we should just use
__FreeBSD_version 800045 to check whether if_ppp(4) and if_sl(4) are
present. Version 800045 is used to denote the import of MPSAFE TTY.
Discussed with: rwatson, but also rwatson's IFF_NEEDSGIANT emails on the
lists.
- Don't exit with a zero status code when no jails are configured
on a system.
- Style: simplify some code constructs.
- If a single jail cannot be found, let the caller print a nicer
diagnostic message.
Reviewed by: bz
MFC after: 3 days
(1) phttpget is attempting to download enough files that it can't send
all the requests at once, and
(2) the remote server forcibly closes the connection, resulting in RST
packets being sent,
phttpget will receive a SIGPIPE and terminate without downloading all
of the files.
This is probably responsible for a number of hard-to-reproduce errors
with portsnap and freebsd-update.
MFC after: 3 days
2. Sort the command line options to match how they are displayed
in usage()
3. Change references to cvs to the more generic "version control system"
and remove the .Xr for cvs
4. Consistently use ".Op Fl" to refer to command line options in the text.
5. Only use the apostrophe to indicate possession.
6. Add FREEBSD_ID (-F) to the list of variables in the example rc,
and change the DIFF_OPTIONS example to -Bb since -F now covers it.
In particular, vendor sources that aren't ready for gnu99 should
still be compiled with gnu89. (Before r189824, these would have
generated warnings if you tried to compile them in gnu99 mode,
but the warnings went unheeded due to -Wno-error.)
1. The new mtree file should be created in the "host" system /tmp
2. The existing mtree file in the "host" system should not be deleted
Submitted by: scf
Firmware upgraded to 7.1.0 (from 5.0.0).
T3C EEPROM and SRAM added; Code to update eeprom/sram fixed.
fl_empty and rx_fifo_ovfl counters can be observed via sysctl.
Two new cxgbtool commands to get uP logic analyzer info and uP IOQs
Synced up with Chelsio's "common code" (as of 03/03/09)
Submitted by: Navdeep Parhar at Chelsio
Reviewed by: gnn
MFC after: 2 weeks
IPv4 stack.
Diffs are minimized against p4.
PCS has been used for some protocol verification, more widespread
testing of recorded sources in Group-and-Source queries is needed.
sizeof(struct igmpstat) has changed.
__FreeBSD_version is bumped to 800070.
ports tree so that programs use libusb from the base by default. Thanks to
Stanislav Sedov for sorting out the ports build.
Bump __FreeBSD_version to 800069
Help and testing by: stas
Because of integer promotion, Clang doesn't allow ANSI prototypes to be
mixed with K&R declarations.
Submitted by: Pawel Worach <pawel worach gmail com>
the devfs clone handler to open the (invisible) devices on the fly.
The /dev entries are layed out as follows,
/dev/usbctl = master device
/dev/usb/0.1.0.5 = usb device, (<bus>.<dev>.<iface>.<endpoint>)
/dev/ugen0.1 -> usb/0.1.0.0 = ugen link to ctrl endpoint
This also removes the custom permissions model from USB. Bump
__FreeBSD_version to 800066.
Submitted by: rink (earlier version)
The function pow() in libmp(3) clashes with pow(3) in libm. We could
rename this single function, but we can just take the same approach as
the Solaris folks did, which is to prefix all function names with mp_.
libmp(3) isn't really popular nowadays. I suspect not a single
application in ports depends on it. There's still a chance, so I've
increased the SHLIB_MAJOR and __FreeBSD_version.
Reviewed by: deischen, rdivacky
values like 0x80 or 0x40 into a uint8_t foo:1 bitfield. This would
result in the bit always being 0. One of these caused a warning for
overflow (one that was 0x80), but the other didn't. They were both
wrong.
This is why I hate code that mixes c struct bitfields and #defines.
The rest of the fields accessed by the program should be audited.
struct passwd. This is not the case when sizeof(unsigned long) !=
sizeof(time_t). Write a dinky function to do the assignment instead
of relying on the punning. This does slow things down a little (1
extra function call, 11 pointer or int assignments), but is much safer
and machines have been fast enough since the mid 1990s that nobody
will notice the difference.
time_t is a 64-bits int on arm and mips. Before this change, arm was
silently broken. I guess there aren't that many ARM machines running
master YP domain servers. :)
The client side doesn't assume this type punning, so it doesn't need
to be fixed.
* Retire the old 'ifmcstat <kernel>' usage.
* Print AF_LINK records even if run against KVM.
This makes the KVM backend consistent with the sysctl backend.
* Suppress printing of link-layer group records by default.
* Add a -v switch to allow link-layer groups to be printed.
* If compiled without INET6 support, actually work.
* If compiled with INET6 support, print the scope ID of
all IPv6 addresses in both backends.
* Update man page.
* Update copyrights.
With this change, it is now reasonable to retire netstat -g.
Most of the SSM related gunk in this file will require later refactoring.
MFC after: 2 weeks
to print the network-layer endpoint address of the
group membership, rather than its link-layer mapping
as intended.
The KVM path is not affected.
MFC after: 1 week
Add two new functions to the libusb20 API and required kernel ioctls.
- libusb20_dev_get_iface_desc
- libusb20_dev_get_info
New command to usbconfig, "show_ifdrv", which will print out the kernel driver
attached to the given USB device aswell.
See "man libusb20" for a detailed description.
Some minor style corrections long-line wrapping.
Submitted by: Hans Petter Selasky
Just like the old TTY layer, the current MPSAFE TTY layer does not make
any attempt to serialize calls of write(). Data is copied into the
kernel in 256 (TTY_STACKBUF) byte chunks. If a write() call occurs at
the same time, the data may interleave. This is especially likely when
the TTY starts blocking, because the output queue reaches the high
watermark.
I've implemented this by adding a new flag, TTY_BUSY_OUT, which is used
to mark a TTY as having a thread stuck in write(). Because I don't want
non-blocking processes to be possibly blocked by a sleeping thread, I'm
still allowing it to bypass the protection. According to this message,
the Linux kernel returns EAGAIN in such cases, but I think that's a
little too restrictive:
http://kerneltrap.org/index.php?q=mailarchive/linux-kernel/2007/5/2/85418/thread
PR: kern/118287
When we leave the console TTY constantly open, we never reset the
termios attributes. This causes output processing, echoing, etc. not to
be reset to the proper values when going into single user mode after the
system has booted. It also causes nl-to-crnl-conversion not to take
place during shutdown, which causes a `staircase effect'.
This patch adds a new TTY flag, TF_OPENED_CONS, which is set when the
TTY is opened through /dev/console. Because the flags are only used by
the kernel and the pstat(8) utility, I've decided to renumber the TTY
flags. This shouldn't be an issue, because the TTY layer is not yet part
of a stable release.
Reported by: Mark Atkinson <atkin901 yahoo com>
Tested by: sepotvin
device. The details include the current value of the BAR (including all
the flag bits and the current base address), its length, and whether or not
it is enabled. Since this operation is not invasive, non-root users are
allowed to use it (unlike manual config register access which requires
root). The intention is that userland apps (such as Xorg) will use this
interface rather than dangerously frobbing the BARs from userland to
obtain this information.
- Add a new sub-mode to the 'list' mode of pciconf. The -b flag when used
with -l will now list all the active BARs for each device.
MFC after: 1 month
This ensures that the value written is both compatible with
older mtree versions (which expect the value after the period
to be an integer count of nanoseconds after the whole second)
and is a correct floating-point value.
Leave the parsing code unchanged so it will continue to read
older files.
Bluetooth Network Access Point (NAP), Group Ad-hoc Network (GN) and
Personal Area Network User (PANU) profiles.
Obtained from: NetBSD
MFC after: 1 month
o add net80211 support for a tdma vap that is built on top of the
existing adhoc-demo support
o add tdma scheduling of frame transmission to the ath driver; it's
conceivable other devices might be capable of this too in which case
they can make use of the 802.11 protocol additions etc.
o add minor bits to user tools that need to know: ifconfig to setup and
configure, new statistics in athstats, and new debug mask bits
While the architecture can support >2 slots in a TDMA BSS the current
design is intended (and tested) for only 2 slots.
Sponsored by: Intel
+ check a possible buffer overflow when creating a temp file,
submitted by Christoph Mallon
+ remove stale struct definitions
+ clarify the use of dflag and remove useless checks
MFC after: 3 days
typos and reference the kernel file which processes this info.
All in all, the content of this file should be moved to kldxref.c
or to the kld(4) manpage.
MFC after: 3 days
ARCHSTRING into the new MM_MAKE variable.
We only need to check for the presence of the target of $PAGER
if that variable is actually set. [1]
Pointed out by: Steve Kargl <sgk@troutmask.apl.washington.edu> [1]
====================
1. List the command line options in a more standard way
2. Improve the explanations of some of the arguments (-A, -D)
3. Add ARCHSTRING and MTREEDB to the example rc file
4. Re-sort some of the examples according to the existing distinction
of "has a command line version" vs. "does not have a command line version"
Document changes for r186678
===========================
1. /usr/src/etc -> /usr/src where needed [1]
2. Add IGNORE_FILES to the example rc [2] (and remove IGNORE_MOTD)
3. Update the EXIT STATUS section for [3] and [4]
Update Copyright and .Dd accordingly
PR: bin/96528 [1]
Submitted by: ru [1]
PR: bin/106642 [2]
Submitted by: Henrik Brix Andersen <henrik@brixandersen.dk>
PR: bin/122282 [3]
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> [3]
PR: bin/108183 [4]
Submitted by: Riccardo Torrini <riccardo@torrini.org> [4]
=======================
1. Various improvements to the mtree (-U) feature:
a. Seperate the notion of directory and file (user can override db path)
b. Only check for the existence of the mtree file if -U is set
c. Use mktemp to create the new version of the file
d. More safely install the new file
e. Standardize error messages a bit
2. Remove the last of the MAKEDEV stuff (RIP)
New Features
============
1. Switch to using the top level (e.g., /usr/src) Makefile, and specify
that we should use the *.mk files from the source directory instead of
the installed versions. [1][2] This allows easier cross builds and
simplifies (or in some cases permits) upgrading.
2. Check for the deprecated 'nodev' option in /etc/fstab [3]
3. Add support for the IGNORE_FILES variable [4] and deprecate IGNORE_MOTD
accordingly.
4. Before installing a file check to make sure that the target does not
already exist as a directory [5]
5. Check to be sure that the file installed and error out if not
PR: bin/96528 [1]
Submitted by: ru [1]
PR: bin/129639 [2]
Submitted by: sam [2]
PR: bin/122282 [3]
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> [3]
PR: bin/106642 [4]
Submitted by: Henrik Brix Andersen <henrik@brixandersen.dk> [4]
PR: bin/108183 [5]
Submitted by: Riccardo Torrini <riccardo@torrini.org> [5]
that differ only by VCS Id) for the following reasons:
1. It was added without my consent, review, or even a heads up
2. It is something that I've repeatedly said I do not want, and certainly
do not want as the default
3. It is poorly implemented (much too complex, produces false positives
e.g., /etc/mail/helpfile)
Given that this is a situation that comes up very infrequently (usually
only for a major version upgrade) and can usually be handled simply
enough on a one-off basis, I will once again point out that I think
this is a Bad Idea. I would be willing to consider a better implementation
as an option that is off by default.
is, consistently call it the boot manager, and switch the order the
options are presented so no boot manager is first in the list (and
hence more or less the default).
This area will probably be rototilled more before 8.0 comes out.
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge). Add libauditd build parts and add to auditd's linkage;
force libbsm to build before libauditd.
OpenBSM history for imported revisions below for reference.
MFC after: 1 month
Sponsored by: Apple Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1 alpha 4
- With the addition of BSM error number mapping, we also need to map the
local error number passed to audit_submit(3) to a BSM error number,
rather than have the caller perform that conversion.
- Reallocate user audit events to avoid collisions with Solaris; adopt a
more formal allocation scheme, and add some events allocated in Solaris
that will be of immediate use on other platforms.
- Add an event for Calife.
- Add au_strerror(3), which allows generating strings for BSM errors
directly, rather than requiring applications to map to the local error
space, which might not be able to entirely represent the BSM error
number space.
- Major auditd rewrite for launchd(8) support. Add libauditd library
that is shared between launchd and auditd.
- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for
(re)starting auditing under launchd(8) on Mac OS X.
- Add 'current' symlink to active audit trail.
- Add crash recovery of previous audit trail file when detected on audit
startup that it has not been properly terminated.
- Add the event AUE_audit_recovery to indicated when an audit trail file
has been recovered from not being properly terminated. This event is
stored in the new audit trail file and includes the path of recovered
audit trail file.
- Mac OS X and FreeBSD dependent code in auditd.c is separated into
auditd_darwin.c and auditd_fbsd.c files.
- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system
calls.
- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
- Add support for NOTICE level logging.
OpenBSM 1.1 alpha 3
- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
between BSM error numbers (largely the Solaris definitions) and local
errno(2) values for 32-bit and 64-bit return tokens. This is required
as operating systems don't agree on some of the values of more recent
error numbers.
- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the
total size for the token. This buge.
- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.
Now the NDISulator supports NDIS USB drivers that it've tested with
devices as follows:
- Anygate XM-142 (Conexant)
- Netgear WG111v2 (Realtek)
- U-Khan UW-2054u (Marvell)
- Shuttle XPC Accessory PN20 (Realtek)
- ipTIME G054U2 (Ralink)
- UNiCORN WL-54G (ZyDAS)
- ZyXEL G-200v2 (ZyDAS)
All of them succeeded to attach and worked though there are still some
problems that it's expected to be solved.
To use NDIS USB support, you should rebuild and install ndiscvt(8) and
if you encounter a problem to attach please set `hw.ndisusb.halt' to
0 then retry.
I expect no changes of the NDIS code for PCI, PCMCIA devices.
Obtained from: //depot/projects/ndisusb/...
1. The "route" command allows route insertion through the interface-direct
option "-iface". During if_attach(), an sockaddr_dl{} entry is created
for the interface and is part of the interface address list. This
sockaddr_dl{} entry describes the interface in detail. The "route"
command selects this entry as the "gateway" object when the "-iface"
option is present. The "arp" and "ndp" commands also interact with the
kernel through the routing socket when adding and removing static L2
entries. The static L2 information is also provided through the
"gateway" object with an AF_LINK family type, similar to what is
provided by the "route" command. In order to differentiate between
these two types of operations, a RTF_LLDATA flag is introduced. This
flag is set by the "arp" and "ndp" commands when issuing the add and
delete commands. This flag is also set in each L2 entry returned by the
kernel. The "arp" and "ndp" command follows a convention where a RTM_GET
is issued first followed by a RTM_ADD/DELETE. This RTM_GET request fills
in the fields for a "rtm" object, which is reinjected into the kernel by
a subsequent RTM_ADD/DELETE command. The entry returend from RTM_GET
is a prefix route, so the RTF_LLDATA flag must be specified when issuing
the RTM_ADD/DELETE messages.
2. Enforce the convention that NET_RT_FLAGS with a 0 w_arg is the
specification for retrieving L2 information. Also optimized the
code logic.
Reviewed by: julian
regenerated in libugidfw) rather than simply printing that the rule was
added with only the number. This makes ugidfw(8) behave a bit more like
ipfw(8), and also means that the administrator sees how the rule was
interpreted once uids/gids/etc were processed.
Obtained from: TrustedBSD Project
For example, ^C (SIGINT) may leave the drive spinning and locked.
This may also happen if you try to write a too-large image to a disc
and burncd(8) exits with an I/O error.
Add signal handling by doing a CDRIOCFLUSH ioctl to attempt to leave
burner in a sane state when burning is interrupted with SIGHUP, SIGINT,
SIGTERM, or in case an I/O error occurs during write.
Note, that blanking will still continue after interrupt but it seems to
finish correctly even after burncd(8) has quit.
Also, while I'm here bump WARNS to "6".
PR: 48730
Submitted by: Jaakko Heinonen <jh@saunalahti.fi>
install a p2p host route between the end points. The ppp module
upates this router based on user configuration later on. The
rt_Update() seems to always set the RTF_GATEWAY flag, which is
broken.
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,
The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.
Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:
- Kip Macy revised the locking code completely, thus completing
the last piece of the puzzle, Kip has also been conducting
active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
me maintaining that branch before the svn conversion
reasonable close to and in the same format as it had always.
r185435 said it would try that but I had been living with jail
patches for too long to actually remember the single-line format
when adding backwards compatibility back in p4.
Reported by: Philipp Wuensche <cryx-freebsd@h3q.com>
Tested by: Philipp Wuensche <cryx-freebsd@h3q.com>
MFC after: 4 weeks (just for me to get the mail)
Approved by: slong scottl@samsco.org
MFC after: 2 weeks
Final cleanup of fwcontrol.
NetBSD compatibility
Cleanup errors in usage() display
Finish up error handling via errx/warnx
Generate error on unparsed command line syntax
Change device(devbase) to open into the form /dev/fwX.X
outside the prison_states array.
When checking if there is a name configured for the prison, check the
first character to not be '\0' instead of checking if the char array
is present, which it always is. Note, that this is different for the
*jailname in the syscall.
Found with: Coverity Prevent(tm)
CID: 4156, 4155
MFC after: 4 weeks (just that I get the mail)
boot0.S changes:
+ import a patch from Christoph Mallon to rearrange the various
print functions and save another couple of bytes;
+ implement the suggestion in PR 70531 to enable booting from
any valid partition because even the extended partitions that
were previously in our kill list may contain a valid boot loader.
This simplifies the code and saves some bytes;
+ followwing up PR 127764, implement conditional code to preserve
the 'Volume ID' which might be used by other OS (NT, XP, Vista)
and is located at offset 0x1b8. This requires a relocation of the
parameter block within the boot sector -- there is no other
possible workaround.
To address this, boot0cfg has been updated to handle both
versions of the boot code;
+ slightly rearrange the strings printed in the menus to make
the code buildable with all options. Given the tight memory
budget, this means that with certain options we need to
shrink or remove certain labels.
and especially:
make -DVOLUME_LABEL -DPXE the default options.
This means that the newly built boot0 block will preserve the
Volume ID, and has the (hidden) option F6 to boot from INT18/PXE.
I think the extra functionality is well worth the change.
The most visible difference here is that the 'Default: ' string
now becomes 'Boot: ' (it can be reverted to the old value
but then we need to nuke 1/2 partition name or entries to
make up for the extra room).
boot0cfg changes:
+ modify the code to recognise the new boot0 structure (with the
relocated options block to make room for the Volume id).
+ add two options, '-i xxxx-xxxx' to set the volume ID, -e c
to modify the character printed in case of bad input
PR: 127764 70531
Submitted by: Christoph Mallon (portions)
MFC after: 4 weeks
contrib/openbsm (svn merge) and sys/{bsm,security/audit} (manual merge).
- Add OpenBSM contrib tree to include paths for audit(8) and auditd(8).
- Merge support for new tokens, fixes to existing token generation to
audit_bsm_token.c.
- Synchronize bsm includes and definitions.
OpenBSM history for imported revisions below for reference.
MFC after: 1 month
Sponsored by: Apple Inc.
Obtained from: TrustedBSD Project
--
OpenBSM 1.1 alpha 2
- Include files in OpenBSM are now broken out into two parts: library builds
required solely for user space, and system includes, which may also be
required for use in the kernels of systems integrating OpenBSM. Submitted
by Stacey Son.
- Configure option --with-native-includes allows forcing the use of native
include for system includes, rather than the versions bundled with OpenBSM.
This is intended specifically for platforms that ship OpenBSM, have adapted
versions of the system includes in a kernel source tree, and will use the
OpenBSM build infrastructure with an unmodified OpenBSM distribution,
allowing the customized system includes to be used with the OpenBSM build.
Submitted by Stacey Son.
- Various strcpy()'s/strcat()'s have been changed to strlcpy()'s/strlcat()'s
or asprintf(). Added compat/strlcpy.h for Linux.
- Remove compatibility defines for old Darwin token constant names; now only
BSM token names are provided and used.
- Add support for extended header tokens, which contain space for information
on the host generating the record.
- Add support for setting extended host information in the kernel, which is
used for setting host information in extended header tokens. The
audit_control file now supports a "host" parameter which can be used by
auditd to set the information; if not present, the kernel parameters won't
be set and auditd uses unextended headers for records that it generates.
OpenBSM 1.1 alpha 1
- Add option to auditreduce(1) which allows users to invert sense of
matching, such that BSM records that do not match, are selected.
- Fix bug in audit_write() where we commit an incomplete record in the
event there is an error writing the subject token. This was submitted
by Diego Giagio.
- Build support for Mac OS X 10.5.1 submitted by Eric Hall.
- Fix a bug which resulted in host XML attributes not being arguments so
that const strings can be passed as arguments to tokens. This patch was
submitted by Xin LI.
- Modify the -m option so users can select more then one audit event.
- For Mac OS X, added Mach IPC support for audit trigger messages.
- Fixed a bug in getacna() which resulted in a locking problem on Mac OS X.
- Added LOG_PERROR flag to openlog when -d option is used with auditd.
- AUE events added for Mac OS X Leopard system calls.
Bring in updated jail support from bz_jail branch.
This enhances the current jail implementation to permit multiple
addresses per jail. In addtion to IPv4, IPv6 is supported as well.
Due to updated checks it is even possible to have jails without
an IP address at all, which basically gives one a chroot with
restricted process view, no networking,..
SCTP support was updated and supports IPv6 in jails as well.
Cpuset support permits jails to be bound to specific processor
sets after creation.
Jails can have an unrestricted (no duplicate protection, etc.) name
in addition to the hostname. The jail name cannot be changed from
within a jail and is considered to be used for management purposes
or as audit-token in the future.
DDB 'show jails' command was added to aid debugging.
Proper compat support permits 32bit jail binaries to be used on 64bit
systems to manage jails. Also backward compatibility was preserved where
possible: for jail v1 syscalls, as well as with user space management
utilities.
Both jail as well as prison version were updated for the new features.
A gap was intentionally left as the intermediate versions had been
used by various patches floating around the last years.
Bump __FreeBSD_version for the afore mentioned and in kernel changes.
Special thanks to:
- Pawel Jakub Dawidek (pjd) for his multi-IPv4 patches
and Olivier Houchard (cognet) for initial single-IPv6 patches.
- Jeff Roberson (jeff) and Randall Stewart (rrs) for their
help, ideas and review on cpuset and SCTP support.
- Robert Watson (rwatson) for lots and lots of help, discussions,
suggestions and review of most of the patch at various stages.
- John Baldwin (jhb) for his help.
- Simon L. Nielsen (simon) as early adopter testing changes
on cluster machines as well as all the testers and people
who provided feedback the last months on freebsd-jail and
other channels.
- My employer, CK Software GmbH, for the support so I could work on this.
Reviewed by: (see above)
MFC after: 3 months (this is just so that I get the mail)
X-MFC Before: 7.2-RELEASE if possible
This option prints the list of sampled PCs along with the function name,
the start and end addresses of this where their live within.
Reviewed by: jkoshy
Tested by: gnn
Sponsored by: Nokia
the following syntax in the kernel config.
makeoptions MODULES_OVERRIDE=foo
makeoptions MODULES_OVERRIDE+=bar
makeoptions MODULES_OVERRIDE+=baz
Bump config minor version to 600007.
assumed it had to toggle between attribute and common memory in the
cards. The kernel is supposed to cope with that automatically and
give us a tuple list. However, there's a number of details of how
that happens that's currently, ummm, magical and/or not implemented
for 16-bit PC Cards that have CIS_LONGLINK_C tuples in them (eg, mix
both attribute memory and common memory). Also, CIS_LOGNLINK_A
entries might not be handled completely correctly either, since there
can be gaps in the attribute vs common stuff.
All this will need to be corrected in the kernel. Once it is
corrected, dumpcis can be made even simpler in some ways, a little
more complicated in others once an API for presentation of CIS to
userland in these weird cases is settled upon.
pccardc) parsed data to make decisions about stuff related to card
configuration.
The purely CIS dumping aspect of this program obviates the need for
such parsing. Save some space and don't parse the data anymore for
configuration purposes. Just parse it to print an interpreatation of
it.
src/sys/dev/usb2/core/usbdevs
src/sys/dev/usb2/include/urio2_ioctl.h
src/sys/dev/usb2/storage/ustorage2_fs.h
These files are not used any more.
src/usr.sbin/Makefile
src/etc/mtree/BSD.include.dist
src/include/Makefile
src/lib/Makefile
src/share/man/man7/hier.7
src/share/mk/bsd.libnames.mk
src/etc/mtree/BSD.include.dist
Make "usbconfig" and "libusb20" a part of the default build.
src/sys/dev/usb/rio500_usb.h
src/sys/dev/usb2/storage/urio2.c
Use common include file.
src/sys/dev/usb2/bluetooth/ng_ubt2.c
Make USB bluetooth depend on "ng_hci" module.
src/sys/dev/usb2/controller/ehci2.c
src/sys/dev/usb2/controller/ehci2.h
Patches for Marvell EHCI.
src/sys/dev/usb2/core/usb2_busdma.c
Bugfix for 64-bit platforms. Need to unload the previously loaded DMA
map and some cleanup regarding some corner cases.
src/sys/dev/usb2/core/usb2_core.h
src/sys/dev/usb2/core/usb2_dev.c
src/sys/dev/usb2/core/usb2_dev.h
Bugfix for libusb filesystem interface.
New feature: Add support for filtering device data at the expense of the
userland process.
Add some more comments.
Some minor code styling.
Remove unused function, usb2_fifo_get_data_next().
Fix an issue about "fifo_index" being used instead of "ep_index".
src/sys/dev/usb2/core/usb2_device.c
src/sys/dev/usb2/core/usb2_generic.c
Bugfix for Linux USB compat layer. Do not free non-generic FIFOs when
doing an alternate setting.
Cleanup USB IOCTL and USB reference handling.
Fix a corner case where USB-FS was left initialised after
setting a new configuration or alternate setting.
src/sys/dev/usb2/core/usb2_hub.c
Improvement: Check all USB HUB ports by default at least one time.
src/sys/dev/usb2/core/usb2_request.c
Bugfix: Make sure destination ASCII string is properly zero terminated
in all cases.
Improvement: Skip invalid characters instead of replacing with a dot.
src/sys/dev/usb2/core/usb2_util.c
src/sys/dev/usb2/image/uscanner2.c
Spelling.
src/sys/dev/usb2/include/Makefile
Share "usbdevs" with the old USB stack.
src/sys/dev/usb2/include/usb2_devid.h
src/sys/dev/usb2/include/usb2_devtable.h
Regenerate files.
Alfred: Please fix the RCS tag at the top.
src/sys/dev/usb2/include/usb2_ioctl.h
Fix compilation of "kdump".
src/sys/dev/usb2/serial/ubsa2.c
src/sys/dev/usb2/serial/ugensa2.c
Remove device ID's which will end up in a new 3G driver.
src/sys/dev/usb2/sound/uaudio2.c
Correct a debug printout.
src/sys/dev/usb2/storage/umass2.c
Sync with old USB stack.
src/lib/libusb20/libusb20.3
Add more documentation.
src/lib/libusb20/libusb20.c
Various bugfixes and improvements.
src/usr.sbin/usbconfig/dump.c
src/usr.sbin/usbconfig/usbconfig.c
New commands for dumping strings and doing custom USB requests from
the command line.
Remove keyword requirements from generated files:
"head/sys/dev/usb2/include/usb2_devid.h"
"head/sys/dev/usb2/include/usb2_devtable.h"
1. Make it more SMP polite. Previous version uses average CPU load that
often leads to load underestimation. It make powerd with default
configuration unusable on systems with more then 2 CPUs. I propose to use
summary load instead of average one. IMO this is the best we can do without
specially tuned scheduler. Also as soon as measuring total load on SMP
systems is more useful then total idle, I have switched to it.
2. Make powerd's operation independent from number and size of frequency
levels. I have added internal frequency counter which translated into real
frequencies only on a last stage and only as good as gone. Some systems may
have only several power levels, while others - many of them, so adaptation
time with previous approach was completely different.
3. As part of previous I have changed adaptive mode to rise frequency on
demand up to 2 times and fall on 1/8 per time internal.
4. For desktop (AC-powered) systems I have added one more mode - "hiadaptive".
It rises frequency twice faster, drops it 4 times slower, prefers twice
lower CPU load and has additional delay before leaving the highest frequency
after the period of maximum load. This mode was specially made to improve
interactivity of the systems where operation capabilities are more
significant then power consumption, but keeping maximum frequency all the
time is not needed.
5. I have reduced default polling interval from 1/2 to 1/4 of second.
It is not so important for algorithm math now, but gives better system
interactivity.
Discussed on: mobile@
