o Drop all broadcast and multicast source addresses in tcp_input.
o Enable ICMP_BANDLIM in GENERIC.
o Change default to 200/s from 100/s. This will still stop the attack, but
is conservative enough to do this close to code freeze.
This is not the optimal patch for the problem, but is likely the least
intrusive patch that can be made for this.
Obtained from: Don Lewis and Matt Dillon.
Reviewed by: freebsd-security
USB-EL1202A chipset. Between this and the other two drivers, we should
have support for pretty much every USB ethernet adapter on the market.
The only other USB chip that I know of is the SMC USB97C196, and right
now I don't know of any adapters that use it (including the ones made
by SMC :/ ).
Note that the CATC chip supports a nifty feature: read and write combining.
This allows multiple ethernet packets to be transfered in a single USB
bulk in/out transaction. However I'm again having trouble with large
bulk in transfers like I did with the ADMtek chip, which leads me to
believe that our USB stack needs some work before we can really make
use of this feature. When/if things improve, I intend to revisit the
aue and cue drivers. For now, I've lost enough sanity points.
hinted at in the previous config(8) commits. I've spoken about this with
a few people and after the initial suprise wore off they thought it wasn't
a bad idea. The upshot of it is that all the files*, Makefile*, options*
files are all right next to each other in the hope that people making
changes to one set will remember the others.
Note, config(8) looks to sys/conf first, and falls back to sys/$mach/conf
still, so this doesn't stop people working in subdirs for new platforms.
But once it's in the tree it can be moved next to the other files so that
the non-i386 platforms are (hopefully) treated a little better than as if
they were "second class" ports.
This does not change any user editable files. the config program is
still run in the same directory as before, the per-platform files
(GENERIC, LINT etc) are still in the same place.
it's always true on these platforms (and is likely to be on others as
well since loader is the one that is configured for whatever the boot
requirements are)
\begin{quote}
Compile genassym.c with ordinary ${CFLAGS}. The (small) needs for
${GEN_CFLAGS} and -U_KERNEL became negative when all all the
genassym.c's were converted to be cross-built.
Makefile.*:
- Cleanups associated with the old genassym.
- Fixed deprecated spelling of ${.IMPSRC} as "$<".
\end{quote}
Submitted by: bde
Kawasaki LSI KL5KUSB101B chip, including the LinkSys USB10T, the
Entrega NET-USB-E45, the Peracom USB Ethernet Adapter, the 3Com
3c19250 and the ADS Technologies USB-10BT. This device is 10mbs
half-duplex only, so there's miibus or ifmedia support. This device
also requires firmware to be loaded into it, however KLSI allows
redistribution of the firmware images (I specifically asked about
this; they said it was ok).
Special thanks to Annelise Anderson for getting me in touch with
KLSI (eventually) and thanks to KLSI for providing the necessary
programming info.
Highlights:
- Add driver files to /sys/dev/usb
- update usbdevs and regenerate attendate files
- update usb_quirks.c
- Update HARDWARE.TXT and RELNOTES.TXT for i386 and alpha
- Update LINT, GENERIC and others for i386, alpha and pc98
- Add man page
- Add module
- Update sysinstall and userconfig.c
USB ethernet chip. Adapters that use this chip include the LinkSys
USB100TX. There are a few others, but I'm not certain of their
availability in the U.S. I used an ADMtek eval board for development.
Note that while the ADMtek chip is a 100Mbps device, you can't really
get 100Mbps speeds over USB. Regardless, this driver uses miibus to
allow speed and duplex mode selection as well as autonegotiation.
Building and kldloading the driver as a module is also supported.
Note that in order to make this driver work, I had to make what some
may consider an ugly hack to sys/dev/usb/usbdi.c. The usbd_transfer()
function will use tsleep() for synchronous transfers that don't complete
right away. This is a problem since there are times when we need to
do sync transfers from an interrupt context (i.e. when reading registers
from the MAC via the control endpoint), where tsleep() us a no-no.
My hack allows the driver to have the code poll for transfer completion
subject to the xfer->timeout timeout rather that calling tsleep().
This hack is controlled by a quirk entry and is only enabled for the
ADMtek device.
Now, I'm sure there are a few of you out there ready to jump on me
and suggest some other approach that doesn't involve a busy wait. The
only solution that might work is to handle the interrupts in a kernel
thread, where you may have something resembling a process context that
makes it okay to tsleep(). This is lovely, except we don't have any
mechanism like that now, and I'm not about to implement such a thing
myself since it's beyond the scope of driver development. (Translation:
I'll be damned if I know how to do it.) If FreeBSD ever aquires such
a mechanism, I'll be glad to revisit the driver to take advantage of
it. In the meantime, I settled for what I perceived to be the solution
that involved the least amount of code changes. In general, the hit
is pretty light.
Also note that my only USB test box has a UHCI controller: I haven't
I don't have a machine with an OHCI controller available.
Highlights:
- Updated usb_quirks.* to add UQ_NO_TSLEEP quirk for ADMtek part.
- Updated usbdevs and regenerated generated files
- Updated HARDWARE.TXT and RELNOTES.TXT files
- Updated sysinstall/device.c and userconfig.c
- Updated kernel configs -- device aue0 is commented out by default
- Updated /sys/conf/files
- Added new kld module directory
rev.1.168 should have been committed concurrently:
Fixed some style bugs (always use precisely 1 space after `:' in
dependency specifications).
Removed bogus dependency of ${FULLKERNEL} on ${BEFORE_DEPEND}.
Reminded by: peter
now. On one machine with <825a> and <875> controllers, `sym' correctly
attached. On another one with only a <ncr 53c810 fast10 scsi>, the `ncr'
driver correctly attached.
kernel builds so as not to confuse with perl4 when bootstrapping from old
systems. I don't know if this is still applicable but it shouldn't hurt
to be consistant at least.
Also copy vnode_if.sh to vnode_if.pl. Doing a 'sh vnode_if.sh' when it
was a perl script was kinda silly.
the kernel while the vnode_if.h header is a bunch of inlines to call the
code that is in the kernel. Generating the .h file on the fly is kinda
bogus because it has to match the one compiled into the kernel.
IMHO we should have kern/vnode_if.c and sys/vnode_if.h committed in the
tree but that's another battle.
which it replaces. The new driver supports all of the chips supported
by the ones it replaces, as well as many DEC/Intel 21143 10/100 cards.
This also completes my quest to convert things to miibus and add
Alpha support.
Angelini for allowing me to use his AS1000 to do the port.
Note that this is untested on AlphaServer 1000A hardware.
Reviewed by: dfr
Tested by: Cristian Angelini <chr.ang@biella.alpcom.it>
Obtained From: NetBSD