55249 Commits

Author SHA1 Message Date
Colin Percival
4f9dc74288 Pad the strings sccs[], version[], and osrelease[] up to a minimum of
128 bytes, 256 bytes, and 32 bytes respectively.  This makes it much
easier to identify when two kernels are identical apart from a version
number bump (as often happens on security branches).

Discussed on:	freebsd-arch, in May 2005
2005-08-19 01:49:15 +00:00
Christian S.J. Peron
4ddfb5312a Add missing braces around bpf_filter which were missed when I
merged the bpfstat code.

Pointed out by:	iedowse
Pointy hat to:	csjp
MFC after:	3 days
2005-08-18 22:30:52 +00:00
Andrew Thompson
23e7643185 Mark the callouts as MPSAFE as if_bridge has been giant-free since day 1.
Use the SMP friendly callout_init_mtx() while we are here.

Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-18 20:17:00 +00:00
John Baldwin
997452064e Various fixups to locking:
- Remove a lot of superfluous locking during attach.  There is no need
  to lock access to the driver until some other thread has a way of getting
  to it.  For ethernet drivers the other ways include registering an
  interrupt handler via bus_setup_intr(), calling ether_ifattach() to hook
  into the network stack, and kicking off a callout-driven timer via
  callout_reset().
- Use callout_* rather than timeout/untimeout.
- Break out of xl_rxeof() if IFF_DRV_RUNNING is clear after ifp->if_input
  returns to handle the case where the interface was stopped while we were
  passing a packet up the stack.  Don't call xl_rxeof() in xl_rxeof_task()
  unless IFF_DRV_RUNNING is set.  With these fixes in place, any
  outstanding task will gracefully terminate as soon as it gets a chance to
  run after the interface has been stopped via xl_stop().  As a result,
  taskqueue_drain() is no longer required in xl_stop().  The task is still
  drained in detach() however to make sure that detach() can safely destroy
  the driver mutex at the end of the function.
- Lock the driver lock in the ifmedia callouts and don't lock across
  ifmedia_ioctl() in xl_ioctl().

Note: glebius came up with most of (3) as well independently.  I took a
rather roundabout way of arriving at the same conclusion.

MFC after:	3 days
2005-08-18 19:24:30 +00:00
John Baldwin
c8b27aca43 Fixup locking and mark MPSAFE:
- Add locked versions of start and init.  The SRM_MEDIA code in dc_init()
  stayed in dc_init() instead of moving to dc_init_locked() to make the
  locking saner.
- Use callout_init_mtx().
- Fixup locking in detach and ioctl.
- Lock the driver in the ifmedia callouts.
- Don't recurse on the driver lock.
- De-spl.

MFC after:	3 days
2005-08-18 19:10:07 +00:00
Brooks Davis
dc7c539e33 When we started calling if_findindex() from if_alloc() with an empty
struct ifnet most of if_findindex() become a complex no-op.  Remove it
and replace it with a corrected version of the four line for loop it
devolved to plus some error handling.  This should probably be replaced
with subr_unit at some point.

Switch from checking ifaddr_byindex to ifnet_byindex when looking for
empty indexes.  Since we're doing this from if_alloc/if_free, we can
only be sure that ifnet_byindex will be correct.  This fixes panics when
loading the ef(4) module.  The panics were caused by the fact that
if_alloc was called four time before if_attach was called and thus
ifaddr_byindex was not set and the same unit was allocated again.  This
in turn caused the first if_attach to fail because the ifp was not the
one in ifnet_byindex(ifp->if_index).

Reported by:	"Wojciech A. Koszek" <dunstan at freebsd dot czest dot pl>
PR:		kern/84987
MFC After:	1 day
2005-08-18 18:36:40 +00:00
John Baldwin
2a3e25a07f Fixup locking for sf(4) and mark MPSAFE:
- Add locked variants of start, init, and ifmedia_upd.
- Use callout_* instead of timeout/untimeout.
- Don't recurse on the driver lock.
- Fixup locking in ioctl.
- Lock the driver lock in the ifmedia handlers rather than across
  ifmedia_ioctl().

Tested by:	brueffer
MFC after:	3 days
2005-08-18 17:09:16 +00:00
Hajimu UMEMOTO
1fea6ce7dd - don't forget to save freqency when priority is raised.
- nuke redundant variable initialization.
2005-08-18 16:41:25 +00:00
Hajimu UMEMOTO
5f36393468 don't forget to update curr_priority. even when frequency is
not changed, priority may be changed.
2005-08-18 16:08:56 +00:00
Yaroslav Tykhiy
252b6fe8b2 Define the target for opt_compat.h only if KERNBUILDDIR
is not defined, so that the module will get the
compatibility options from the current kernel configuration
if built with the latter, not with the world.
[Some other modules seem in need of fixing WRT this, too.]

Add more compatibility options found in GENERIC to the default
opt_compat.h.  While not all of them are used in the procfs code,
we can't tell for sure if the system .h files don't need them either,
so let's stay on the safe side.

Submitted by:	kensmith
Reviewed by:	ru
2005-08-18 14:50:08 +00:00
John Baldwin
5d2f4de5da Add aliases for atomic operations on 64-bit integers just like other
64-bit platforms.

MFC after:	1 week
2005-08-18 14:36:47 +00:00
Maxim Sobolev
536fde3465 In re_shutdown() mark interface as down since otherwise we will panic if
interrupt comes in later on, which can happen in some uncommon cases.

Another possible fix is to call re_detach() instead of re_stop(), like
ve(4) does, but I am not sure if the latter is really RTTD, so that stick
with this one-liner for now.

PR:		kern/80005
Approved by:	silence on -arch, no reply from selected network gurus
2005-08-18 14:29:01 +00:00
Yaroslav Tykhiy
421298311a Don't break local style. 2005-08-18 14:28:20 +00:00
Pawel Jakub Dawidek
e6d944d7c3 Fix bogus check. It was possible to panic the kernel by giving 0 length.
This is actually a local DoS, as every user can use /dev/crypto if there
is crypto hardware in the system and cryptodev.ko is loaded (or compiled
into the kernel).

Reported by:	Mike Tancsa <mike@sentex.net>
MFC after:	1 day
2005-08-18 11:58:03 +00:00
SUZUKI Shinsuke
2af9b91993 added a missing unlock (just do the same thing as in netinet/raw_ip.c)
Obtained from: KAME
MFC after: 3 days
2005-08-18 11:11:27 +00:00
Gleb Smirnoff
1ae954096e In order to support CARP interfaces kernel was taught to handle more
than one interface in one subnet. However, some userland apps rely on
the believe that this configuration is impossible.

Add a sysctl switch net.inet.ip.same_prefix_carp_only. If the switch
is on, then kernel will refuse to add an additional interface to
already connected subnet unless the interface is CARP. Default
value is off.

PR:			bin/82306
In collaboration with:	mlaier
2005-08-18 10:34:30 +00:00
Ian Dowse
4832a19173 Add a "comconsole_speed" loader variable that can be used to change
the serial console speed (i386 and amd64 only). If the previous
stage boot loader requested a serial console (RB_SERIAL or RB_MULTIPLE)
then the default speed is determined from the current serial port
speed. Otherwise it is set to 9600 or the value of BOOT_COMCONSOLE_SPEED
at compile time.

This makes it possible to set the serial port speed once in
/boot.config and the setting will propagate to boot2, loader and
the kernel serial console.
2005-08-18 01:39:43 +00:00
Ian Dowse
a00a259113 Add the ability to specify the boot2 serial console speed in
/boot.config or on the "boot:" prompt line via a "-S<speed>" flag,
e.g. "-h -S19200". This adds about 50 bytes to the size of boot2
and required a few other small changes to limit the size impact.
This changes only affects boot2; there are further loader changes
to follow.
2005-08-18 00:42:45 +00:00
Pawel Jakub Dawidek
ef0a6e203b Add VIA/ACE "PadLock" support as a crypto(9) driver.
HW donated by:			Mike Tancsa <mike@sentex.net>
Most of the code obtained from:	OpenBSD
MFC after:			3 days
2005-08-18 00:30:22 +00:00
Craig Rodrigues
a9d726bd18 Rename variables:
r_gdt -> saved_gdt
r_idt -> saved_idt
r_ldt -> saved_ldt

in order to prevent clashes with variables with same names
defined in <machine/segments.h>.  This fixes compilation of this
file with GCC 4.0.

Reviewed by:	njl
2005-08-18 00:28:25 +00:00
Brooks Davis
d3c497e1c8 Remove an unnecessicary bzero that was zeroing the softc's struct ifnet
pointer.

Submitted by:	brueffer
Reviewed by:	dfr
2005-08-17 18:53:06 +00:00
John Baldwin
8a8573fdb2 - Use htole32() instead of using bswap32() conditional on #if BYTE_ORDER.
- Don't set IFF_ALLMULTI in our ifnet's if_flags if we end up allowing
  all multicast due to limits in the MAC receive filters in hardware.

Requested by:	rwatson (2)
2005-08-17 17:46:51 +00:00
John Baldwin
6da5b383f1 Remove the unused TULIP_CSR_{READ,WRITE}BYTE macros. 2005-08-17 17:45:19 +00:00
John Baldwin
f512b596a8 Use callout_init_mtx() to simplify the stats callout.
MFC after:	3 days
2005-08-17 17:44:58 +00:00
John Baldwin
9eda9d7ac5 Add callout_drain()'s to foo_detach() after calling foo_stop() to make sure
that if softclock is running on another CPU and is blocked on our driver
lock, we will wait until it has acquired the lock, seen that it was
cancelled, dropped the lock, and awakened us so that we can safely destroy
the mutex.

MFC after:	3 days
2005-08-17 17:44:32 +00:00
John Baldwin
c98ae70c21 Fix locking in el(4) and mark mpsafe.
- Add locked variants of el_init and el_start.
- Don't initialize the mutex and lock it during el_probe().
- Do initialize the mutex during attach.  (el_probe() did destroy the mutex
  to cleanup, so this meant the driver was always using a destroyed mutex
  when it was running.)
- Setup the interrupt handler after ether_ifattach().
- Fix locking in el_detach() and el_ioctl().

Note: Since I couldn't actually find anyone with this hardware, I'm going
ahead and committing these changes so they won't be lost.  I'll remove the
driver in a week (real purpose of the MFC after below) unless someone pipes
up to test this.

MFC after:	1 week
Tested by:	gcc(1)
2005-08-17 17:36:47 +00:00
Hajimu UMEMOTO
c219fd0c5e don't raise cpu speed over the value when passive cooling is in
effect.  since CPU speed is restored by degrees, we cannot use
the facility of saving cpu speed by CPUFREQ_set() effectively.
so, we need to save the value when passive cooling is in effect.

Repoeted by:	Kevin Oberman <oberman__at__es.net>
2005-08-17 17:01:25 +00:00
Hajimu UMEMOTO
5d52565396 - fix race condition using sx lock.
- use TAILQ_FOREACH() for readability.

Suggested by:	jhb
2005-08-17 16:46:55 +00:00
Pawel Jakub Dawidek
dddd1d537a Always run dedicated kernel thread (even when we have hardware support).
There is no performance impact, but allows to allocate memory with
M_WAITOK flag.
As a side effect this simplify code a bit.

MFC after:	3 days
2005-08-17 15:25:57 +00:00
Pawel Jakub Dawidek
bf71eaacf1 We should now return 0. 2005-08-17 15:12:34 +00:00
Søren Schmidt
85047b1b0c Add support for working around controllers that cannot do DMA in 48bit mode.
The workaround use PIO mode above ~137GB to allow using the disk.
Add the Acer chips with rev < 0xc4 as first candidate.
2005-08-17 15:00:33 +00:00
Søren Schmidt
fb235b243c Use the bio field instead of the driver field as intended. 2005-08-17 14:50:18 +00:00
John Baldwin
f68d1644f8 Use device_printf() and if_printf() and remove ste_unit from the softc. 2005-08-17 14:37:39 +00:00
Pawel Jakub Dawidek
d1dca8a818 Even if crypto_dispatch() return an error, request is not canceled and
our callback will still be called, just to tell us that requested
failed...

Reported by:	Mike Tancsa <mike@sentex.net>
MFC after:	3 days
2005-08-17 14:34:52 +00:00
John Baldwin
45f3f78ced Catch up to ic_curchan changes by making the same change here that was made
in ipw(4) in the earlier ic_curchan mega commit.

Submitted by:	Øyvind Kolbu oyvind at kolbu dot ws
Tested by:	Stefan Ehmann shoesoft at gmx dot net
2005-08-17 14:08:52 +00:00
Pawel Jakub Dawidek
2be2b2eab5 We don't need to clear allocated memory. This will speed-up things a bit.
MFC after:	3 days
2005-08-17 14:08:50 +00:00
Ian Dowse
65ed954554 In the ufsdirhash_build() failure case for corrupted directories
or unreadable blocks, make sure to destroy the mutex we created.
Also fix an unrelated typo in a comment.

Found by:	Peter Holm's stress tests
Reviewed by:	dwmalone
MFC after:	3 days
2005-08-17 08:48:42 +00:00
Poul-Henning Kamp
516ad423b1 Handle device drivers with D_NEEDGIANT in a way which does not
penalize the 'good' drivers:  Allocate a shadow cdevsw and populate
it with wrapper functions which grab Giant
2005-08-17 08:19:52 +00:00
Pawel Jakub Dawidek
12e755355b Assert proper key size also in userland by defining KASSERT in !_KERNEL case. 2005-08-17 07:59:07 +00:00
Poul-Henning Kamp
a07b0febaa In vop_stdpathconf(ap) also default for _PC_NAME_MAX and _PC_PATH_MAX. 2005-08-17 06:59:23 +00:00
Christian S.J. Peron
8677689134 Ensure that file flags such as schg, sappnd (and others) are honored
by md(4). Before this change, it was possible to by-pass these flags
by creating memory disks which used a file as a backing store and
writing to the device.

This was discussed by the security team, and although this is problematic,
it was decided that it was not critical as we never guarantee that root will
be restricted.

This change implements the following behavior changes:

-If the user specifies the readonly flag, unset write operations before
 opening the file. If the FWRITE mask is unset, the device will be
 created with the MD_READONLY mask set. (readonly)
-Add a check in g_md_access which checks to see if the MD_READONLY mask
 is set, if so return EROFS
-Do not gracefully downgrade access modes without telling the user. Instead
 make the user specify their intentions for the device (assuming the file is
 read only). This seems like the more correct way to handle things.

This is a RELENG_6 candidate.

PR:		kern/84635
Reviewed by:	phk
2005-08-17 01:24:55 +00:00
Colin Percival
751a4770f7 Unbreak the world build (in sbin/gbde). This file is used by both
kernel and world, so KASSERT() needs to be wrapped within an #ifdef
_KERNEL / #endif pair.

Reported by:	krion, tinderbox
2005-08-17 00:24:20 +00:00
John Baldwin
ca5fc32d02 Fixup locking in if_my(4) and mark it MPSAFE:
- Add locked variants of my_start() and my_init().
- Assert that the lock is held in several places rather than recursing.
- Overhaul failure case handling in my_attach() so that it will actually
  clean up completely in each of the failure cases.
- Setup the interrupt after ether_ifattach() in my_attach().
- Remove unused callout handle from softc.
- Free the metadata for the descriptors my_in detach() (we leaked it
  before).
- Fix locking in my_ioctl().
- Remove spls.

Tested by:	brueffer
MFC after:	3 days
2005-08-16 20:39:30 +00:00
Poul-Henning Kamp
52d71e1a85 remove stale comments 2005-08-16 20:03:29 +00:00
Hajimu UMEMOTO
961f7f911f Save cpu level only when priority is greater than PRIO_USER
to make CPUFREQ_SET(NULL, prio) work.
TODO: implement saved_level as stack.

Reviewed by:	njl
2005-08-16 20:03:08 +00:00
Hajimu UMEMOTO
1c44678637 avoid exclusive sleep mutex. 2005-08-16 19:49:10 +00:00
Poul-Henning Kamp
b3740d656f Remove stale comment. 2005-08-16 19:47:42 +00:00
Poul-Henning Kamp
31cc57cdbd Collect the devfs related sysctls in one place 2005-08-16 19:25:02 +00:00
Poul-Henning Kamp
9c0af1310c Create a new internal .h file to communicate very private stuff
from kern_conf.c to devfs.

For now just two prototypes, more to come.
2005-08-16 19:08:01 +00:00
Pawel Jakub Dawidek
36c51ae068 Check key size for rijndael, as invalid key size can lead to kernel panic.
It checked other algorithms against this bug and it seems they aren't
affected.

Reported by:	Mike Tancsa <mike@sentex.net>
PR:		i386/84860
Reviewed by:	phk, cperciva(x2)
2005-08-16 18:59:00 +00:00