Bump the timeout for an "ordered tag" recovery action from 1 to 5 seconds.
Remove the multiple timeout panic. Its very easy to get into a situation
where a timedout command will time out a second time even though the
recovery code is working fine. A good example is:
1) Command times out during recovery
2) reset the timeout for the command
3) Recovery actions complete and all transactions are requeued
4) second timeout fires off which puts us back into recovery bogusly
5) another transaction that timedout once during the first recovery action
times out causing the panic.
In essence, the correct solution to the problem is to put every transaction
back up into the work queue and have their timeout handling done in the same
way that all commands are handled. The CAM layer makes this easy, so it
will have to wait until then.
1. imgp->image_header needs to be cleared for the bp == NULL && `goto
interpret' case, else exec_fail_dealloc would free it twice after
an error.
2. Moved the vp->v_writecount check in exec_check_permissions() to
near the end. This fixes execve("/dev/null", ...) returning the
bogus errno ETXTBSY. ETXTBSY is still returned for attempts to
exec interpreted files that are open for writing. The man page
is very old and wrong here. It says that ETXTBSY is for pure
procedure (shared text) files that are open for writing or reading.
3. Moved the setuid disabling in exec_check_permissions() to the end.
Cosmetic. It's more natural to dispose of all the error cases
first.
...plus a couple of other cosmetic changes.
Submitted by: bde
either by looking it up in the array of pending, per target, untagged
transactions, or by using the tag value passed in during the identify. The
old code only direct indexed for tagged transactions. This makes the
"findSCB" routine only necessary when SCB paging is enabled, so appropriately
conditionalize it. This greatly simplifies the non SCB paging code flow.
if all registers are 0xff.
This allows me to run with flags 0xc0ff on my IBM-DMCA-21440 disk, which
gives 5MB/sec sequential read :-)
If you have a laptop, try adding flag 0x4000 to your disk, and tell me if
it makes any difference for you.
cache lines. Removed the struct ip proto since only a couple of chars
were actually being used in it. Changed the order of compares in the
PCB hash lookup to take advantage of partial cache line fills (on PPro).
Discussed-with: wollman
by bde.
Don't return EPERM in setre[ug]id() just because the caller passes in
the current effective id in the second arg (ie: no change), as suggested
by ache.
The magic number conflicted with the rotting disabled one in ext2fs for
debug.doasyncfree.
Removed messy debugging variable/constant/sysctl debug.doreallocblks.
Lite2 removed it, and we don't use the code that it controls.
defining doff_t both here and in <ufs/ufs/dir.h> so that this file
is independent of <ufs/ufs/dir.h>. It still has old prerequisites
<sys/param.h> and <ufs/ufs/quota.h>, and a new Lite2 prerequisite of
<sys/lock.h>, sigh.
This might fix lsof, which was broken by namespace pollution giving
conflicting definitions of DIRBLKSIZ.
This is valueable for library code which needs to be able to find out
whether the current process is or *was* set[ug]id at some point in the
past, and may have a "tainted" execution environment. This is especially
a problem with the trend to immediately revoke privs at startup and regain
them for critical sections. One problem with this is that if a cracker
is able to compromise the program while it's still got a saved id, the
cracker can direct the program to regain the privs. Another problem is
that the user may be able to affect the program in some other way (eg:
setting resolver host aliases) and the library code needs to know when it
should disable these sorts of features.
Reviewed by: ache
Inspired by: OpenBSD (but with a different implementation)
that allows traditional BSD setuid/setgid behavior.
The only visible difference should be that a non-root setuid program
(eg: inn's "rnews" program) that is setuid to news, can completely
"become" uid news. (ie: setuid(geteuid()) This was allowed in
traditional 4.2/4.3BSD and is now "blessed" by Posix as a special
case of "appropriate privilige".
Also, be much more careful with the P_SUGID flag so that we can use it
for issetugid() - only set it if something changed.
Reviewed by: ache
vector except for the egid in groups[0]. There is a risk that programs
that come from SYSV/Linux that expect this to work and don't check for
error returns may accidently pass root's groups on to child processes.
We now do what is least suprising (to non BSD programs/programmers) in
this scenario, and nothing is changed for programs written with BSD groups
rules in mind.
Reviewed by: ache
to removing the connection from the queue. The problem here is that
falloc() may block and this would allow another process to accept the
connection instead. If this happens to leave the queue empty, then the
system will panic with an "accept: nothing queued".
Also changed a wakeup() to a wakeup_one() to avoid the "thundering herd"
problem on new connections in Apache (or any other application that has
multiple processes blocked in accept() for the same socket).
as shadows of their containing directory. This should solve the problem
of users not being able to delete their symlinks from /tmp once and for
all.
Symlinks do not have modes though, they are accessable to everything that
can read the directory (as before). They are made to show this fact at
lstat time (they appear as mode 0777 always, since that's how the the
lookup routines in the kernel treat them).
More commits will follow, eg: add a real lchown() syscall and man pages.
centric rather than VM-centric to fix a problem with errors not being
detectable when the header is read.
Killed exech_map as a result of these changes.
There appears to be no performance difference with this change.
Use the same value of 512 (ufs actually uses DEV_BSIZE). There are
too many versions of DIRBLKSIZ, one for ufs, one for ext2fs, one for
nfs, one for ibcs2, one for linux, one for applications, ... I think
nfs's DIRBLKSIZ needs to be a divisor of the directory blocks sizes
of all supported file systems. There is also NFS_DIRBLKSIZ, which is
different from nfs's DIRBLKSIZ but is sometimes confused with it in
comments.
Removed a bogus #ifdef KERNEL that hid the tunable constants for nfs.
This came in undocumented with the Lite2 merge although it isn't in
Lite2. It required more-bogus #define KERNEL's in fstat and pstat
to make the constants visible.
Restored a spelling fix from rev.1.17.
Removed duplicate #defines of all the the NFS mount option flags.
they were created later on. This is not the case when processing
syscalls.isc in the ibcs2 area. (It generates no declarations, it's
all either hidden (already prototyped elsewhere) or unimplemented).
Lookup isn't done every time the system goes idle now, but it can still
take > 1800 instructions in the worst case, so if cpu interrupts are kept
disabled then it might lose 20 characters of sio input at 115200 bps.
Fixed style in vm_page_zero_idle().
functions if DDB is available. The remaining occurences are usually
only inlined and thus not available in DDB.
I'm sure Bruce will have 23 additions to these 30 lines of code, but
at least it's a starting point. ;-)
change typematic rate, or the X server (XFree86 or Accelerated X)
starts up.
So far, there have been two independent reports from Dell Latitude XPi
notebook/laptop owners. The Latitude seems to be the only system which
suffers from this problem. (I don't know the problem is with the
entire Latitude line or with only some Latitude models) No problem
report has been heard about other systems (I certainly cannot
reproduce the problem in my -current and 2.2 systems).
In 3.0-CURRENT, 2.2-RELEASE and 2.2-GAMMA-970310, when programming the
keyboard LED/repeat-rate, `set_keyboard()' in `syscons' tells the
keyboard controller not to generate keyboard interrupt (IRQ1) and then
enable tty interrupts, expecting the keyboard interrupt doesn't occur.
It appears that somehow Latitude's keyboard controller still generates
the keyboard interrupt thereafter, and `set_keyboard()' doesn't see
the return code from the keyboard because it is consumed by the
keyboard interrupt handler.
The patch entirely disables tty interrupts while setting LED and
typematic rate in `set_keyboard()', making the routine behave more
like the previous versions of `syscons' (versions in 2.1.X and
2.2-ALPHA, -BETA, and some -GAMMAs). The reporter said this patch
eliminated the problem.
(I also found another typo/bug, but the reporter and I found that it
wasn't the cause of the problem...)
This should go into RELENG_2_2.
address outside of the process's address space.
Now it matches its man page :-). Closes PR# 2682.
Discussed with: bde
Submitted by: Jonathan Lemon <jlemon@americantv.com>
Randall Hopper <rhh@ct.picker.com> GHUE/GBRIGHT bug
Louis Mamakos made a new bt848 struct, including massive changes to the entire
body of code, substituting array offsets with struct members.
Randall Hopper aadded fixes of BT848_GHUE & BT848_GBRIG.
I (fsmp):
added polled hardware i2c routines,
removed all existing software i2c routines.
added eeprom support.
print "at <not configured>" for iobase == -1 (autodetect not happens)
and not print anything for iobase == -2 (none)
Old code treat this two special config numbers as big port numbers.
find an SCB still down on the card that was paged out. This only affects
error recovery.
Submitted by: Daniel M. Eischen <deischen@iworks.InterWorks.org>
<sys/ioctl.h> is included in the kernel. It still compiles.
This set of changes reduces the number of dependencies in LINT/.depend
from about 31000 to about 30000. This should make LINT kernels
compile a whole 1% faster. Further reductions to less than 20000
dependencies can easily be made. E.g., 20 headers of nested spam
from <sys/param.h> for 500 object files gives 10000 dependencies;
less than half of these are real.
<sys/filio.h>, <sys/sockio.h> and <sys/ttycom.h> instead of
<sys/ioctl.h> in a couple of files. This is still only 1/3
as spammish as <sys/ioctl.h> - 5 or 6 old tty ioctl headers
aren't needed.
<sys/ioctl_compat.h> and sometimes <sys/filio.h> instead of
<sys/ioctl.h> in tty-related files. <sys/ttycom.h> is still
usually imported bogusly via <sys/termios.h>.
<sys/ttycom.h> and sometimes <sys/filio.h> instead of <sys/ioctl.h>
in miscellaneous files. Most of these files have nothing to do
with ttys but need to include <sys/ttycom.h> to get the definitions
of TIOC[SG]PGRP which are (ab)used to convert F[SG]ETOWN fcntls into
ioctls.
doesn't happen to be included before this header.
This header was missed in previous cleanups because it didn't include
<sys/ioctl.h> or <sys/ioccom.h>. Clean it now:
- #include <sys/types.h> since it is necessary to make the header self-
sufficient (there are a couple of u_char's).
- uniformized idempotency ifdef. Copied the style in the 4.4Lite
ioctl headers.
caller is scsi_done which the controller interrupt handlers call. In the
case of a non-buffer based transaction, the xs structure is freed by the
process that initiated the transfer in scsi_scsi_cmd. In this case, an
explicit splbio/splx pair around the call to free_xs is required. Without
the splbio protection, the xs free list could be corrupted, and the type
driver's start routine might run without spl protection.
Submitted by: Tor Egge <Tor.Egge@idt.ntnu.no>
Obtained from: PR kern/2891
automatically have random generation numbers. The kenel way of handling those
also changed. Further it is advised to run fsirand on all your nfs exported
filesystems. the code is mostly copied from OpenBSD, with the randomization
chanegd to use /dev/urandom
Reviewed by: Garrett
Obtained from: OpenBSD
and fixed everything that depended on getting it from the wrong
place. Most of the broken things actually only depended on getting
the declaration of their interrupt handler from "ioconf.h".
supports All Cyrix CPUs, IBM Blue Lightning CPU and NexGen (now AMD)
Nx586 CPU, and initialize special registers of Cyrix CPU and msr of
IBM Blue Lightning CPU.
If revision of Cyrix 6x86 CPU < 2.7, CPU cache is enabled in
write-through mode. This can be disabled by kernel configuration
options.
Reviewed by: Bruce Evans <bde@freebsd.org> and
Jordan K. Hubbard <jkh@freebsd.org>
null casts. `time' is nonvolatile for accesses within a region locked
by splclock()/splx(). Accesses outside such a region are invalid, and
splx() must have the side effect of potentially changing all global
variables (since there are hundreds of sort of volatile variables like
`time'), so declaring `time' as volatile didn't have any real benefits.
form `tv = time'. Use a new function gettime(). The current version
just forces atomicicity without fixing precision or efficiency bugs.
Simplified some related valid accesses by using the central function.
Michael submitted code to activate the audio muxes.
fsmp:
extended those changes for different boards.
auto-detection of board types.
auto-detection of tuner types.
auto-detection of stereo option.
Michael submitted code to activate the audio muxes.
fsmp:
extended those changes for different boards.
auto-detection of board types.
auto-detection of tuner types.
auto-detection of stereo option
processes using AF_LOCAL sockets. This hack is going to be used with
Secure RPC to duplicate a feature of STREAMS which has no real counterpart
in sockets (with STREAMS/TLI, you can apparently use t_getinfo() to learn
UID of a local process on the other side of a transport endpoint).
What happens is this: the client sets up a sendmsg() call with ancillary
data using the SCM_CREDS socket-level control message type. It does not
need to fill in the structure. When the kernel notices the data,
unp_internalize() fills in the cmesgcred structure with the sending
process' credentials (UID, EUID, GID, and ancillary groups). This data
is later delivered to the receiving process. The receiver can then
perform the follwing tests:
- Did the client send ancillary data?
o Yes, proceed.
o No, refuse to authenticate the client.
- The the client send data of type SCM_CREDS?
o Yes, proceed.
o No, refuse to authenticate the client.
- Is the cmsgcred structure the right size?
o Yes, proceed.
o No, signal a possible error.
The receiver can now inspect the credential information and use it to
authenticate the client.
Fixed a bug in fxp_mdi_write - a hex number was missing a preceding 0x
and this was causing the routine to not wait for a PHY write to complete.
Added support for link0, link1, and link2 flags to toggle auto-
negotiation, 10/100, and half/full duplex:
link0 disable auto-negotiation
When set, these flags then have meaning:
-link1 10Mbps
link1 100Mbps
-link2 half duplex
link2 full duplex
...needs a manual page.
modern FreeBSD systems will syslog properly on older systems that
still name the logging socket "/dev/log". This includes pre-2.2
versions of FreeBSD as well as BSD/OS systems. If the connect to
"/var/run/log" fails, the function now tries to connect to
"/dev/log" as a fallback.
of setting it (compiled into vfs_conf.c), but we have a dynamic system
in place. This could probably be better done via a runtime configure
flag in the VFS_SET() VFS declaration, perhaps VFCF_LOCAL, and have the
VFS code propagate this down into MNT_LOCAL at mount time. The other FS's
would need to be updated, havinf UFS and MSDOSFS filesystems without
MNT_LOCAL breaks a few things.. the man page rebuild scans for local
filesystems and currently fails, I suspect that other tools like find
and tar with their "local filesystem only" modes might be affected.
Stick 4 more, twin channel only, instructions behind
.if ( TWIN_CHANNEL)
aic7xxx_asm.c:
Add the -O options which allows the specification of which options
to include in a program listing. This makes it possible to easily
determine the address of any instruction in the program across
different hardware/option configurations. Updated usage() as well.
I broke the cable tuning with my 'TEST_A' code. Remove TEST_A define
till I finish this change for both tuning modes. Note that this
will effectively break the new TVTUNER_SETFREQ/TVTUNER_GETFREQ ioctl()s.
These aren't used by anyone but me yet (attempt to provide full resolution
fine tuning for "fringe" stations) so it should be no problem
written:
1) Full duplex mode is now supported (and works!)
2) The 10Mbps-only PCI Pro/10 should now work (untested, however)
Thanks to Justin Gibbs for providing a PCI bus analyzer trace while the
Intel Windows driver was configuring the board...this made it possible
to figure out the mystery bit that I wasn't setting in the PHY for full
duplex to work.
devtotty(). devtotty() must check its arg carefully since the arg is
supplied as ioctl data. This should fix PR3004.
Renamed devtotty() to snpdevtotty().
enable in SCSISEQ during error recovery to deal with the way the
sequencer leaves selections enabled now. Add code to perform "patching"
during sequencer program download.
Spelling fixes obtained from NetBSD.
New sequencer assembler for the aic7xxx adapters. This assembler
performs some amount of register type checking, allows bit
manipulation of symbolic constants, and generates "patch tables"
for conditionalized downloading of portions of the program.
This makes it easier to take full advantage of the different
features of the aic7xxx cards without imposing run time penalies
or being bound to the small memory footprints of the low end
cards for features like target mode.
aic7xxx.reg:
New, assembler parsed, register definitions fo the aic7xxx cards.
This was done primarily in anticipation of 7810 support which
will have a different register layout, but should be able to use
the same assembler. The kernel aic7xxx driver consumes a generated
file in the compile directory to get the definitions of the register
locations.
aic7xxx.seq:
Convert to the slighly different syntax of the new assembler.
Conditionalize SCB_PAGING, ultra, and twin features which shaves
quite a bit of space once the program is downloaded.
Add code to leave the selection hardware enabled during reconnects
that win bus arbitration. This ensures that we will rearbitrate
as soon as the bus goes free instead of delaying for a bit.
When we expect the bus to go free, perform all of the cleanup
associated with that event "up front" and enter a loop awaiting
bus free. If we see a REQ first, complain, but attempt to
continue. This will hopefully address, or at least help diagnose,
the "target didn't send identify" messages that have been reported.
Spelling corrections obtained from NetBSD.
Restores the use of SBLOCK instead of the BSOFF/sectorsize calculation.
Using SBLOCK is bogus however in that it uses DEV_BSIZE instead of
the actual sector size, but that is taken care of in other places.
Changing the SBLOCK would be better, but it affects the system
in other places, and doing it this way makes it possible to
use filesystems that was made before the lite2 merge.
Added obsolete option GATEWAY so that kern_opt.c gets tested.
Added undocumented options LOCKF_DEBUG and SIMPLELOCK_DEBUG so
that these options get tested. The addition of LOCKF_DEBUG shows
that all of kern/kern_lockf.c shouldn't have been moved from ufs.
The debugging parts are very fs-dependent.
. properly declare the variable in in a .h file, as opposed to
using a private extern declaration in userconfig.c;
. move the definition of EISA_SLOTS and therefore the inclusion of
opt_eisa.h into eisaconf.c.
probing anytime soon, make EISA_SLOTS a fully supported option. It's
required for the HP NetServer LC series machines.
Next stop: make dset(8) aware of it as well.
can't perform overlapping commands on both of its channels.
To enable the CMD640B work-around, the kernel must be compiled with
"options CMD640". Without that option there should be no difference
in the code produced compared to the previous revision of wd.c.
Submitted by: Wolfgang Helbig <helbig@ba-stuttgart.de>
in procfs_allocvp(). This fixes at least stat() of /proc/*/mem.
stat() of /proc/*/file already worked. I think procfs_allocvp() isn't
actually called for type Pfile.
formula uses `& nchash'. This is very broken when nchash is a prime
number instead of 1 less than a power of 2, but the Lite2 formula was
merged in.
Merged some cosmetic changes from Lite2, rev.1.21 and Lite1. The merge
was difficult because the Lite2 code is essentially ours (phk's) except
where Lite2 improved or broke it.
Summary of the Lite2 changes:
- in the copyright, phk's rights have been transferred to the Regents.
This change should be reviewed.
- nchENOENT went away; the "no" vnode is now simply 0.
- comments were improved.
- style was "improved".
- goto instead of Fanatism (sic) was considered bad :-).
- there are some small changes to support whiteouts.
- new cache entries are added in more cases. More work is required
near here to change the hash table size if kern.desiredvnodes is
changed using sysctl.
- rescanning of the hash bucket in cache_purgevfs() was removed. This
change should be reviewed.
effect immediately, but required a following (normally redundant) G0
into GL mapping. This adds one layer of indirection (thus might make it
slower), but fixes the broken box character drawing in pcvt.
Hellmuth and Bruce are unfortunately too busy too review this right now,
but i wanna have it in 2.2 since it has often been asked in the past.
Warning: this won't work yet with PCVT_SCANSET=2 along in early
console mode (boot -c, or boot -d).
A big thanks to Kazutaka, and a word of apologies for delaying the
review for that long time...
Submitted by: yokota@zodiac.mech.utsunomiya-u.ac.jp (Kazutaka YOKOTA)
Many things have been changing in the kernel since mid-1996, so there's
quite some amount of diffs here already. It compiles, but i cannot
test it anywhere here.
2.2 candidate?
Closes PR # 1201.
This is some of the worst code I've had to wade through in
ages and I don't want to have to start from scratch again next time.
(I have a 2.2 version of these comments, can I commit them?)
mount. This may have been a contributor to the 'null v_mount in
fsync()' problem
This is another, perhaps slightly less urgent, 2.2 last-minute candidate.
Reviewed by: sef
