Commit Graph

135468 Commits

Author SHA1 Message Date
keramida
6404330211 Remove extraneous .Ef request.
MFC after:	3 days
2007-10-30 15:26:20 +00:00
darrenr
e94bd5ada2 Apply a few changes from ipfilter-current:
* Do not hold any locks over calls to copyin/copyout.
* Clean up some #ifdefs
* fix a possible mbuf leak when NAT fails on policy routed packets

PR:		117216
2007-10-30 15:23:27 +00:00
remko
5d7d5a6a8a Correct a copy and paste'o in phys_pager.c, we are talking about phys here
and not about devices.

PR:		93755
Approved by:	imp (mentor, implicit when re-assigning the ticket to me).
2007-10-30 14:48:13 +00:00
rrs
814ed57392 - Change the Time Wait of vtags value to match the cookie-life
- Select a tag gains ability to optionally save new tags
  off in the timewait system.
- When looking up associations do not give back a stcb that
  is in the about-to-be-freed state, and instead continue
  looking for other candiates.
- New function to query to see if value is in time-wait.
- Timewait had a time comparison error that caused very
  few vtags to actually stay in time-wait.
- When setting tags in time-wait, we now use the time
  requested NOT a fixed constant value.
- sstat now gets the proper associd when we do the query.
- When we process an association, we expect the tag chosen
  (if we have one from a cookie) to be in time-wait. Before
  we would NOT allow the assoc up by checking if its good.
  In theory this should have caused almost all assoc not
  to come up except for the time-comparison bug above (this
  bug was hidden by the time comparison bug :-D).
- Don't save tags for nonce values in the time-wait cache
  since these are used only during cookie collisions and do
  not matter if they are unique or not.
MFC after:	1 week
2007-10-30 14:09:24 +00:00
bushman
d0be68189d Adding recently removed etc/cached.conf to the list of obsolete files.
Approved by:	brooks (mentor)
2007-10-30 11:37:37 +00:00
kris
9e91eb96b8 Adaptive mutexes should have the same deadlock detection properties that
default (errorcheck) mutexes do.

Noticed by:          davidxu
2007-10-30 09:24:23 +00:00
davidxu
97a20b1db7 Add my recent work of adaptive spin mutex code. Use two environments variable
to tune pthread mutex performance:
1. LIBPTHREAD_SPINLOOPS
	If a pthread mutex is being locked by another thread, this environment
	variable sets total number of spin loops before the current thread
	sleeps in kernel, this saves a syscall overhead if the mutex will be
	unlocked very soon (well written application code).
2. LIBPTHREAD_YIELDLOOPS
	If a pthread mutex is being locked by other threads, this environment
	variable sets total number of sched_yield() loops before the currrent
	thread sleeps in kernel. if a pthread mutex is locked, the current thread
	gives up cpu, but will not sleep in kernel, this means, current thread
	does not set contention bit in mutex, but let lock owner to run again
	if the owner is on kernel's run queue, and when lock owner unlocks the
	mutex, it does not need to enter kernel and do lots of work to resume
	mutex waiters, in some cases, this saves lots of syscall overheads for
	mutex owner.

In my practice, sometimes LIBPTHREAD_YIELDLOOPS can massively improve performance
than LIBPTHREAD_SPINLOOPS, this depends on application. These two environments
are global to all pthread mutex, there is no interface to set them for each
pthread mutex, the default values are zero, this means spinning is turned off
by default.
2007-10-30 05:57:37 +00:00
kensmith
9a82deac9e Selecting amd and a few other things in the Networking config section
caused a segfault.  It turns out that in pre-7.0 systems if you do
getenv("amd_enable=YES") it will return the setting of the environment
variable "amd_enable" but now it returns NULL.  I think I found the
places where sysinstall was potentially relying on that old behavior.
Fix is to make a copy of the string to be used for the getenv(3) call,
look for a '=' character in it, and replace it with '\0' if one is
found.  Stuck to sysinstall's typical coding standards despite urges
to do otherwise.

PR:		117642
MFC after:	2 days
2007-10-30 05:03:37 +00:00
kevlo
9a9592dceb Never use getenv("HOME") without checking for NULL and non-zero
Obtained from: OpenBSD
2007-10-30 03:44:10 +00:00
yongari
b5d104ba4d Setting sc->mii_anegticks to MII_ANEGTICKS_GIGE in rgephy_attach()
is redundant. mii_phy_add_media() already takes care of that.

Pointed out by:	marius
2007-10-30 00:37:35 +00:00
rwatson
aaad69006f Implement per-object type consistency checks for labels passed to
'internalize' operations rather than using a single common check.

Obtained from:	TrustedBSD Project
2007-10-30 00:01:28 +00:00
peter
e93fa6ca81 Move nvram out of DEFAULTS. There really isn't a lot of justification
for consuming the memory.  The module works just fine in the unlikely
case that this is needed.  It can still be compiled into a custom kernel.
2007-10-29 22:19:08 +00:00
marius
da852afdbd - Remove MIIF_NOISOLATE; there's generally no reason to let gentbi(4)
set this flag and it was more or less just copied and pasted from
  another FreeBSD driver while porting this driver from NetBSD, whose
  gentbi(4) doesn't set MIIF_NOISOLATE either.
- Fix spelling in a comment.

OK'ed by:	yongari
MFC after:	3 months
2007-10-29 21:11:55 +00:00
imp
b1a850ab26 kill commented out line of code. 2007-10-29 21:01:50 +00:00
kris
bbfd76f872 Add a new "non-portable" mutex type, PTHREAD_MUTEX_ADAPTIVE_NP. This
is also implemented in glibc and is used by a number of existing
applications (mysql, firefox, etc).

This mutex type is a default mutex with the additional property that
it spins briefly when attempting to acquire a contested lock, doing
trylock operations in userland before entering the kernel to block if
eventually unsuccessful.

The expectation is that applications requesting this mutex type know
that the mutex is likely to be only held for very brief periods, so it
is faster to spin in userland and probably succeed in acquiring the
mutex, than to enter the kernel and sleep, only to be woken up almost
immediately.  This can help significantly in certain cases when
pthread mutexes are heavily contended and held for brief durations
(such as mysql).

Spin up to 200 times before entering the kernel, which represents only
a few us on modern CPUs.  No performance degradation was observed with
this value and it is sufficient to avoid a large performance drop in
mysql performance in the heavily contended pthread mutex case.

The libkse implementation is a NOP.

Reviewed by:      jeff
MFC after:        3 days
2007-10-29 21:01:47 +00:00
julian
03284e6e08 fix typo in code normally not compiled in. 2007-10-29 20:45:31 +00:00
emax
0cf18b2c7c Allow RFCOMM servers to bind to a ''wildcard'' RFCOMM channel
zero (0). Actual RFCOMM channel will be assigned after listen(2)
call is done on a RFCOMM socket bound to a ''wildcard'' RFCOMM
channel zero (0).

Address locking issues in ng_btsocket_rfcomm_bind()

Submitted by:	Heiko Wundram (Beenic) < wundram at beenic dot net >
MFC after:	1 week
2007-10-29 19:06:47 +00:00
rwatson
374fe7d761 Merge OpenBSM 1.0 changes to src/sys/bsm:
- Remove AU_.* hard-coded audit class constants, as udit classes are now
  entirely dynamically configured using /etc/security/audit_class.

Obtained from:	TrustedBSD Project
2007-10-29 18:47:25 +00:00
rwatson
6643c1fc37 Regenerate config.h after import of OpenBSM 1.0.
Obtained from:	TrustedBSD Project
2007-10-29 18:45:40 +00:00
rwatson
7e612564be Resolve conflicts from import of OpenBSM 1.0: maintain $FreeBSD$ tags in
/etc/security audit configuration files.
2007-10-29 18:43:05 +00:00
rwatson
700aedf09a This commit was generated by cvs2svn to compensate for changes in r173143,
which included commits to RCS files with non-trunk default branches.
2007-10-29 18:40:24 +00:00
rwatson
280c179095 Vendor import TrustedBSD OpenBSM 1.0, with the following change history
since the last import:

OpenBSM 1.0

- Fix bug in auditreduce(8) which resulted in a memory fault/crash when
  the user specified an event name with -m.
- Remove AU_.* hard-coded audit class constants, as udit classes are now
  entirely dynamically configured using /etc/security/audit_class.

MFC after:	3 days
Obtained from:	TrustedBSD Project
2007-10-29 18:40:24 +00:00
rwatson
21a7ea24a4 Replace use of AU_NULL with 0 when no audit classes are in use; this
supports the removal of hard-coded audit class constants in OpenBSM
1.0.  All audit classes are now dynamically configured via the
audit_class database.

Obtained from:	TrustedBSD Project
2007-10-29 18:07:48 +00:00
rwatson
d0482ebdae Canonicalize names of local variables.
Add some missing label checks in mac_test.

Obtained from:	TrustedBSD Project
2007-10-29 15:30:47 +00:00
brueffer
4afdd10b5e Clean up after the previous commit. 2007-10-29 14:55:46 +00:00
rwatson
df4d502619 Merge Neterion if_nxge driver version 2.0.9.11230 with the following
changes:

  01 -  Enhanced LRO:
  LRO feature is extended to support multi-buffer mode. Previously,
  Ethernet frames received in contiguous buffers were offloaded.
  Now, frames received in multiple non-contiguous buffers can be
  offloaded, as well. The driver now supports LRO for jumbo frames.

  02 - Locks Optimization:
  The driver code was re-organized to limit the use of locks.
  Moreover, lock contention was reduced by replacing wait locks
  with try locks.

  03 - Code Optimization:
  The driver code was re-factored  to eliminate some memcpy
  operations.  Fast path loops were optimized.

  04 - Tag Creations:
  Physical Buffer Tags are now optimized based upon frame size.
  For better performance, Physical Memory Maps are now re-used.

  05 - Configuration:
  Features such as TSO, LRO, and Interrupt Mode can be configured
  either at load or at run time. Rx buffer mode (mode 1 or mode 2)
  can be configured at load time through kenv.

  06 - Driver Statistics:
  Run time statistics are enhanced to provide better visibility
  into the driver performance.

  07 - Bug Fixes:
  The driver contains fixes for the problems discovered and
  reported since last submission.

  08 - MSI support:
  Added Message Signaled Interrupt feature which currently uses 1
  message.

  09  Removed feature:
  Rx 3 buffer mode feature has been removed. Driver now supports 1,
  2 and 5 buffer modes of which 2 and 5 buffer modes can be used
  for header separation.

  10  Compiler warning:
  Fixed compiler warning when compiled for 32 bit system.

  11 Copyright notice:
  Source files are updated with the proper copyright notice.

MFC after:	3 days
Submitted by:	Alicia Pena <Alicia dot Pena at neterion dot com>,
		Muhammad Shafiq <Muhammad dot Shafiq at neterion dot com>
2007-10-29 14:19:32 +00:00
rwatson
a426571905 Resort TrustedBSD MAC Framework policy entry point implementations and
declarations to match the object, operation sort order in the framework
itself.

Obtained from:	TrustedBSD Project
2007-10-29 13:33:06 +00:00
yar
17e940f736 Add support for `make -nn' dry runs to this makefile. Basically,
it's just a matter of adding a `${_+_}' prefix before each submake
invokation.  This allows a dry run to proceed down to, but not
including, leaf commands.  (See <sys.mk> for how ${_+_} is set
depending on the number of -n flags.)
2007-10-29 07:37:08 +00:00
yongari
f66e89284c Add 88E1116/88E1116R PHY support code that takes the PHY out of
power-down mode.

PR:	kern/114086
MFC after:	3 days
2007-10-29 05:50:22 +00:00
yongari
1770a41b68 Add a newer RTL8211B(L) PHY. 2007-10-29 02:17:44 +00:00
yongari
b8393ec546 Add support for RealTek RTL8211B(L) PHY. It's based on the patch
made by Michael Eisele and the patch was slightly modified by me.
With this change several NVIDIA ethernet controllers(e.g. MCP61)
works.

RTL8211B(L) is RealTek's new gigabit PHY. The PHY has several
features including crossover correction, polarity correction as
well as supporting triple speed(10/100/1000bps). Data transfer
between MAC and PHY is via RGMII for 1000baseT, MII for
10baseT/100baseTX.
Unfortunately, RealTek used the same model number for RTL8211B(L)
PHY so there is no way to discriminate between RTL8211B(L) and its
predecessors. ATM RTL8211B uses revision number 2 so checking the
revision number seems to be only way to identify it.

Obtained from:	Michael Eisele [1]
Tested by:	clemens fischer < ino-qc AT spotteswoode DOT de DOT eu DOT org >
2007-10-29 02:17:07 +00:00
yongari
991131f8d8 o RTL8169S/8110S integrated PHY and RTL8211B are gigabit PHYs so set
mii_anegticks to MII_ANEGTICKS_GIGE and use it. Previously it used
  to MII_ANEGTICKS which may not be enough to wait before retrying
  autonegotiation process at 1000bps.
o Reset autonegotation timer if media option is not IFM_AUTO or we
  got a valid link.
o Announce link loss right after it happends.
o Autonegiation is retried every mii_anegticks seconds.
o Report link state changes right after setting autonegotiation.
2007-10-29 02:06:15 +00:00
imp
9fa2da8164 Remove 3rd clause and renumber after getting permission from the
author (quite some time ago).
2007-10-29 00:31:54 +00:00
benjsc
0d25fa823c Regen:
* Hart:         rev 652 of pcidevs.txt (2007-09-24)
* Boemler:      vendors.txt (2007-10-25)

Approved by: 	mlaier (mentor)
MFC after:	5 days
2007-10-29 00:31:09 +00:00
mtm
13c20f2c7d Fix an error in bit shifting logic for network addresses. The route
command would add incorrect routing entries if network numbers weren't
fully "spelled" out according to their class. For example:
  # route add 128.0/16   (works)
  # route add 128/16     (doesn't work)
  # route add 193.0.0/24 (works)
  # route add 193/24     (doesn't work)

Also, rework the way a netmask is deduced from network number if
it [netmask] is not specified.

Submitted by:	Nuno Antunes <nuno.antunes@gmail.com> (mostly)
MFC after:	1 week
2007-10-29 00:08:24 +00:00
julian
5d7e7a3ea7 Fix typo in code obviously not being compiled on any of my machines.
found by: rdivacky@
2007-10-28 23:11:57 +00:00
marius
03771327ba - Make failure to route a ISA interrupt non fatal. Apparently the
Blade 1500/SX1500 boards have inherited the firmware bug of the
  AX1105 mainboards to not include an interrupt map entry for the
  parallel port controller (for the AX1105 the heuristic code for
  E450s probably erroneously kicks in and guesses an interrupt).
- Take advantage of bus_generic_setup_intr(9).
- Fix some whitespace bugs.
2007-10-28 22:08:37 +00:00
jhb
ae8e7ec2a3 - Add constants for the different memory types in the SMAP table.
- Use the SMAP types and constants from <machine/pc/bios.h> in the boot
  code rather than duplicating it.
2007-10-28 21:23:49 +00:00
rwatson
80e186726f Add missing mac_test labeling and sleep checks for the syncache.
Discussed with:	csjp
Obtained from:	TrustedBSD Project
2007-10-28 18:33:31 +00:00
mav
a7fd7284ec Minor debug message fix. 2007-10-28 18:05:59 +00:00
rwatson
54102acdd3 Garbage collect mac_mbuf_create_multicast_encap TrustedBSD MAC Framework
entry point, which is no longer required now that we don't support
old-style multicast tunnels.  This removes the last mbuf object class
entry point that isn't init/copy/destroy.

Obtained from:	TrustedBSD Project
2007-10-28 17:55:57 +00:00
rwatson
369fd04f48 Continue to move from generic network entry points in the TrustedBSD MAC
Framework by moving from mac_mbuf_create_netlayer() to more specific
entry points for specific network services:

- mac_netinet_firewall_reply() to be used when replying to in-bound TCP
  segments in pf and ipfw (etc).

- Rename mac_netinet_icmp_reply() to mac_netinet_icmp_replyinplace() and
  add mac_netinet_icmp_reply(), reflecting that in some cases we overwrite
  a label in place, but in others we apply the label to a new mbuf.

Obtained from:	TrustedBSD Project
2007-10-28 17:12:48 +00:00
julian
6b31aa449c fix sorting of 'tdnam' keyword in keyword list. 2007-10-28 17:10:36 +00:00
rwatson
2bca3d4001 Move towards more explicit support for various network protocol stacks
in the TrustedBSD MAC Framework:

- Add mac_atalk.c and add explicit entry point mac_netatalk_aarp_send()
  for AARP packet labeling, rather than using a generic link layer
  entry point.

- Add mac_inet6.c and add explicit entry point mac_netinet6_nd6_send()
  for ND6 packet labeling, rather than using a generic link layer entry
  point.

- Add expliict entry point mac_netinet_arp_send() for ARP packet
  labeling, and mac_netinet_igmp_send() for IGMP packet labeling,
  rather than using a generic link layer entry point.

- Remove previous genering link layer entry point,
  mac_mbuf_create_linklayer() as it is no longer used.

- Add implementations of new entry points to various policies, largely
  by replicating the existing link layer entry point for them; remove
  old link layer entry point implementation.

- Make MAC_IFNET_LOCK(), MAC_IFNET_UNLOCK(), and mac_ifnet_mtx global
  to the MAC Framework rather than static to mac_net.c as it is now
  needed outside of mac_net.c.

Obtained from:	TrustedBSD Project
2007-10-28 15:55:23 +00:00
rwatson
5b4c0a83ff Perform explicit label type checks for externalize entry points, rather than
a generic initialized test.

Obtained from:	TrustedBSD Project
2007-10-28 14:28:33 +00:00
miwi
3bce611192 Actually the keyword tells network.subr to launch wpa_supplicant on the
selected interface. wpa_supplicant does not only handle WPA
authentication but also EAP/LEAP as well as WEP encryption or no
encryption at all. The patch clarifies this.

PR:		117046
Submitted by:	lme
Reviewed by:	bruffer
Approved by:	jkois (mentor)
2007-10-28 13:33:25 +00:00
dougb
3a538b738e Correct, add or improve attributions for, and add to quotations from
"The Wizard of Oz"

One duplicate was also removed that wasn't the right quote anyway
2007-10-28 07:02:10 +00:00
kientzle
7fc8683d7c When skipping input data, don't overflow a 32-bit size_t.
This can only happen on 32-bit systems when you're reading
an uncompressed archive and the skip request is an exact
multiple of 4G (e.g., skipping a tar entry with an 8G body).

The symptom is that the read_ahead() ends up returning zero
bytes, and the extraction stops with a premature end-of-file.

Using '1' here is more correct anyway, as it allows read_ahead()
to function opportunistically and minimize copying.

MFC after: 5 days
2007-10-27 22:45:40 +00:00
ache
8e5ba8950a Micro-optimization of prev. commit, change
(_c < 0 || _c >= 128) to (_c & ~0x7F)
2007-10-27 22:32:27 +00:00
csjp
eaecf9354f Make sure we are incrementing the read count for each audit pipe read.
MFC after:	1 week
2007-10-27 22:28:01 +00:00