31059 Commits

Author SHA1 Message Date
rwatson
d8370f667d Break out the "see_other_uids" policy check from the various
method-based inter-process security checks.  To do this, introduce
a new cr_seeotheruids(u1, u2) function, which encapsulates the
"see_other_uids" logic.  Call out to this policy following the
jail security check for all of {debug,sched,see,signal} inter-process
checks.  This more consistently enforces the check, and makes the
check easy to modify.  Eventually, it may be that this check should
become a MAC policy, loaded via a module.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-03-22 02:28:26 +00:00
benno
d0f7d01438 Collect all functions for copying to and from userspace into the one file.
This allows me to reimplement [sf]u{byte,word} as separate functions and not
as calls to copy{in,out}.
2002-03-21 23:45:59 +00:00
mjacob
f871caa642 Limit fabric search to a default 256 entries. This will all go away
soon because it's just getting harder and harder to find switches
that correctly implement the GET ALL NEXT subcommands for the SNS
protocol.

Latch up result out pointer and set a busy flag when we're looking
at the response queue. This allows for a cleaner way to make sure
we don't get multiple CPUs trying to read the same response queue
entries.

Change how isp_handle_other_response returns values (clarity).

Make PORT UNAVAILABLE the same as PORT LOGOUT (force a LIP).

Do some formatting changes.

MFC after:	0 days
2002-03-21 21:10:16 +00:00
alc
f100869497 o Use the MI vm_map_growstack() instead of grow_stack() in trap_pfault()
and trapwrite().
 o On i386/pc98, remove the (now) unused grow_stack().
2002-03-21 19:27:15 +00:00
obrien
1196344bb3 Remove 'register' keyword. 2002-03-21 18:49:23 +00:00
gallatin
8ee1755c8e shut up the compiler 2002-03-21 18:48:00 +00:00
arr
68e226a99e - Fix a logic error in checking the securelevel that was introduced in the
previous commit.

Pointy hats to: arr, rwatson
2002-03-21 15:27:39 +00:00
benno
6932067f77 - Make all inlines for manipulating supervisor-level registers accept/return
register_t values.
- Implement an inline for isync.
2002-03-21 13:07:31 +00:00
benno
d99dec6eef GC some unused, bogus interrupt functions and replace them with proper
implementations of intr_disable and intr_restore.
2002-03-21 12:04:58 +00:00
dfr
0b5ce40729 Change critical_t to register_t for intr_disable/restore. 2002-03-21 09:50:11 +00:00
dfr
35064c1d50 Change cpu_critical_enter/exit to intr_disable/restore. 2002-03-21 09:35:18 +00:00
ru
dea7dd81b7 Replaced hacks in sbin/Makefile,v 1.99 and usr.sbin/Makefile,v 1.217
with the NO_IPFILTER make.conf(5) knob.

(So that we can "make the-rest-of-the-world" again.)
2002-03-21 09:15:39 +00:00
peter
b460095c1d In UP mode, the primary cpu's per-cpu current_pmap was not initialized -
this was only done as a side effect of calling cpu_mp_start().  I haven't
actually tested that this fixes UP kernels, but it feels about right.
2002-03-21 07:41:02 +00:00
imp
7ca3d3c8ba intr_disable returns register_t 2002-03-21 06:21:32 +00:00
imp
a85d713abc Fix abuses of cpu_critical_{enter,exit} by converting to
intr_{disable,restore} as well as providing an implemenation of
intr_{disable,restore}.

Reviewed by: jake, rwatson, jhb
2002-03-21 06:19:08 +00:00
imp
dd261cc76a Fix abuses of cpu_critical_{enter,exit} by converting to
intr_{disable,restore} as well as providing an implemenation of
intr_{disable,restore}.
2002-03-21 06:14:58 +00:00
imp
969e82886e Remove last two abuses of cpu_critical_{enter,exit} in the MI code.
Reviewed by: jake, jhb, rwatson
2002-03-21 06:11:09 +00:00
benno
d30ab95478 Add a change mirroring that made to kern/subr_trap.c and others.
This makes kernel builds with DIAGNOSTIC work again.

Apparently forgotten by:	jhb
Might want to be checked by:	jhb
2002-03-21 02:47:51 +00:00
jeff
2b532bd407 Remove references to vm_zone.h and switch over to the new uma API.
Approved by:	peter
2002-03-21 02:46:56 +00:00
jeff
70ff425bc3 Remove references to vm_zone.h and switch over to the new uma API.
Reviewed by:	jake
2002-03-21 02:30:27 +00:00
msmith
605075bfa9 Fix error introduced in the 20020217 update, where GetPossibleResources
was spammed with GetCurrentResources.

Submitted by:	Munehiro Matsuda <haro@h4.dion.ne.jp>
2002-03-21 02:02:31 +00:00
jeff
ec342524a2 Remove references to vm_zone.h and switch over to the new uma API. 2002-03-21 01:11:31 +00:00
jeff
9044e91f79 Remove references to vm_zone.h and switch over to the new uma API. 2002-03-21 00:48:25 +00:00
alfred
e1ec4d77dc Remove __P.
profile.h and bus.h were excluded because there is currently WIP.

Reviewed by: tmm
2002-03-21 00:06:55 +00:00
alfred
cd2525164f Remove __P.
Reviewd by: peter
2002-03-20 23:30:31 +00:00
alfred
f1b2b9896d Remove __P.
Reveiwed by: benno
2002-03-20 23:17:50 +00:00
jeff
f350069589 UMA permited us to utilize the 'waitok' flag to soalloc. 2002-03-20 21:23:26 +00:00
jhb
2e425ee2fc Change the way we ensure td_ucred is NULL if DIAGNOSTIC is defined.
Instead of caching the ucred reference, just go ahead and eat the
decerement and increment of the refcount.  Now that Giant is pushed down
into crfree(), we no longer have to get Giant in the common case.  In the
case when we are actually free'ing the ucred, we would normally free it on
the next kernel entry, so the cost there is not new, just in a different
place.  This also removse td_cache_ucred from struct thread.  This is
still only done #ifdef DIAGNOSTIC.

[ missed this file in the previous commit ]

Tested on:	i386, alpha
2002-03-20 21:12:04 +00:00
jhb
715dfdbcbe Change the way we ensure td_ucred is NULL if DIAGNOSTIC is defined.
Instead of caching the ucred reference, just go ahead and eat the
decerement and increment of the refcount.  Now that Giant is pushed down
into crfree(), we no longer have to get Giant in the common case.  In the
case when we are actually free'ing the ucred, we would normally free it on
the next kernel entry, so the cost there is not new, just in a different
place.  This also removse td_cache_ucred from struct thread.  This is
still only done #ifdef DIAGNOSTIC.

Tested on:	i386, alpha
2002-03-20 21:09:09 +00:00
jhb
64bf9fe9fa - Push down Giant into crfree() in the case that we actually free a ucred.
- Add a cred_free_thread() function (conditional on DIAGNOSTICS) that drops
  a per-thread ucred reference to be used in debugging code when leaving
  the kernel.
2002-03-20 21:00:50 +00:00
jhb
2572d3960b Add PCI ID for the SeaLevel Ultra 530.PCI single port card.
Sponsored by:	The Weather Channel
2002-03-20 19:38:26 +00:00
imp
c52f09ce3f Minor cleanups to post.mk from bde. Mostly ordering 2002-03-20 19:18:42 +00:00
imp
1cd0b5b451 No need to conditionalize on pci being in the kernel for this 2002-03-20 19:13:13 +00:00
imp
5281a9d636 Fix minor style(9) violation in de__Ping 2002-03-20 19:04:56 +00:00
imp
7dc99a3ca0 Better power code and better power diagnostics 2002-03-20 19:02:08 +00:00
imp
5cb9993cfd Define masks for the VCC an VPP voltages 2002-03-20 19:01:16 +00:00
obrien
a11b0bc7ef Remove __P(). This was tested on the GENERIC kernel. 2002-03-20 18:58:47 +00:00
alfred
f239d72864 Remove __P. 2002-03-20 18:22:19 +00:00
obrien
0a4d2c0355 Fix warnings on 64-bit hosts. 2002-03-20 18:04:11 +00:00
jhb
1d70a9fbd9 Document that MD pcpu fields are defined in PCPU_MD_FIELDS in
machine/pcpu.h.

Requested by:	dillon
2002-03-20 18:01:52 +00:00
dwmalone
246869b676 Two minor changes to dirhash, which result in some marginal benchmark
improvements.

1) If deleting an entry results in a chain of deleted slots ending in an
   empty slot, then we can be a bit more aggressive about marking slots as
   empty.

2) The last stage of the FNV hash is to xor the last byte of data
   into the hash. This means that filenames which differ only in
   the last byte will be placed close to one another in the hash
   table, which forms longer chains. To work around this common
   case, we also hash in the address of the dirhash structure.

     news/cancel = news/articles/control/cancel for a tradspool inn server
     squid2 = squid level 2 directory (dirs called 00->FF)
     squid3 = squid level 3 directory (files called 00001F00->00001FFF)

                             mean #probes for
                  home dir  mh inbox  news/cancel  tmp    squid2  squid3
old   successful  1.02      3.19      4.07         1.10    7.85   2.06
new   successful  1.04      1.32      1.27         1.04    1.93   1.17

old unsuccessful  1.08      4.50      5.37         1.17   10.76   2.69
new unsuccessful  1.08      1.73      1.64         1.17    2.89   1.37

Reviewed by:	iedowse
MFC after:	2 weeks
2002-03-20 17:58:02 +00:00
dfr
b132efc524 Change intr_enable to intr_restore for consistency with sparc64. 2002-03-20 17:28:40 +00:00
arr
fc9167c193 - Change a check of securelevel to securelevel_gt() call in order to help
against users within a jail attempting to load kernel modules.
- Add a check of securelevel_gt() to vfs_mount() in order to chop some
  low hanging fruit for the repair of securelevel checking of linking and
  unlinking files from within jails.  There is more to be done here.

Reviewed by: rwatson
2002-03-20 16:03:42 +00:00
orion
10ea87ba4b Send periodic ARP requests when ARP entries for hosts we are sending
to are about to expire.  This prevents high packet rate flows from
experiencing packet drops at the sender following ARP cache entry
timeout.

PR:		kern/25517
Reviewed by:	luigi
MFC after:	7 days
2002-03-20 15:56:36 +00:00
arr
3780b11057 - Remove a semi-colon from after SYSINIT that was introduced in rev. 1.163. 2002-03-20 14:46:38 +00:00
kato
b62f36d9ed MFi386: revision 1.65. 2002-03-20 12:28:03 +00:00
kato
471dbdd86d Remove __P. 2002-03-20 12:22:31 +00:00
kato
bb970de1a3 Remove __P. 2002-03-20 11:52:56 +00:00
kato
bb53806a04 MFi386: revision 1.505 (remove __P.) 2002-03-20 11:31:17 +00:00
kato
0e4d29dacb MFi386: revision 1.504. 2002-03-20 11:15:05 +00:00