rule itself, not in verbose_limit sysctl. [1]
- Do check rules, even if verbose_limit is set 0. Rules may have
their own log limits.
PR: conf/77929
Submitted by: Andriy Gapon [1]
Reviewed by: matteo
to the offensive file.
The other Hitler quotes/references stay in the unoffensive file, as
they offer more historical perspective than this one.
Approved by: core
does not return a list of ASCII NUL terminated strings.
Instead, a list of attribute names is returned, where each
list entry consists of one byte for the name length, followed
by the name, without a terminating ASCII NUL.
This in similar to change 1.17 to extattr_get_file.2
Reviewed by: rwatson, ru
to override the BRANCH specified in newvers.sh via a BRANCH_OVERRIDE
environment variable. This is useful for my FreeBSD Update builds, and
might possibly be useful for someone else at some point.
128 bytes, 256 bytes, and 32 bytes respectively. This makes it much
easier to identify when two kernels are identical apart from a version
number bump (as often happens on security branches).
Discussed on: freebsd-arch, in May 2005
- Remove a lot of superfluous locking during attach. There is no need
to lock access to the driver until some other thread has a way of getting
to it. For ethernet drivers the other ways include registering an
interrupt handler via bus_setup_intr(), calling ether_ifattach() to hook
into the network stack, and kicking off a callout-driven timer via
callout_reset().
- Use callout_* rather than timeout/untimeout.
- Break out of xl_rxeof() if IFF_DRV_RUNNING is clear after ifp->if_input
returns to handle the case where the interface was stopped while we were
passing a packet up the stack. Don't call xl_rxeof() in xl_rxeof_task()
unless IFF_DRV_RUNNING is set. With these fixes in place, any
outstanding task will gracefully terminate as soon as it gets a chance to
run after the interface has been stopped via xl_stop(). As a result,
taskqueue_drain() is no longer required in xl_stop(). The task is still
drained in detach() however to make sure that detach() can safely destroy
the driver mutex at the end of the function.
- Lock the driver lock in the ifmedia callouts and don't lock across
ifmedia_ioctl() in xl_ioctl().
Note: glebius came up with most of (3) as well independently. I took a
rather roundabout way of arriving at the same conclusion.
MFC after: 3 days
- Add locked versions of start and init. The SRM_MEDIA code in dc_init()
stayed in dc_init() instead of moving to dc_init_locked() to make the
locking saner.
- Use callout_init_mtx().
- Fixup locking in detach and ioctl.
- Lock the driver in the ifmedia callouts.
- Don't recurse on the driver lock.
- De-spl.
MFC after: 3 days
researched by glebius, and incorporated by ISC into the next
version of BIND. Unfortunately, it looks like their release
will come after the release of FreeBSD 6, so we will bring
this in now.
The patch addresses a problem with high-load resolvers which
hit memory barriers. Without this patch, running the resolving
name server out of memory would lead to "unpredictable results."
Of course, the canonical answer to this problem is to put more
memory into the system, however that is not always possible, and
the code should be able to handle this situation gracefully in
any case.
struct ifnet most of if_findindex() become a complex no-op. Remove it
and replace it with a corrected version of the four line for loop it
devolved to plus some error handling. This should probably be replaced
with subr_unit at some point.
Switch from checking ifaddr_byindex to ifnet_byindex when looking for
empty indexes. Since we're doing this from if_alloc/if_free, we can
only be sure that ifnet_byindex will be correct. This fixes panics when
loading the ef(4) module. The panics were caused by the fact that
if_alloc was called four time before if_attach was called and thus
ifaddr_byindex was not set and the same unit was allocated again. This
in turn caused the first if_attach to fail because the ifp was not the
one in ifnet_byindex(ifp->if_index).
Reported by: "Wojciech A. Koszek" <dunstan at freebsd dot czest dot pl>
PR: kern/84987
MFC After: 1 day
- Add locked variants of start, init, and ifmedia_upd.
- Use callout_* instead of timeout/untimeout.
- Don't recurse on the driver lock.
- Fixup locking in ioctl.
- Lock the driver lock in the ifmedia handlers rather than across
ifmedia_ioctl().
Tested by: brueffer
MFC after: 3 days
is not defined, so that the module will get the
compatibility options from the current kernel configuration
if built with the latter, not with the world.
[Some other modules seem in need of fixing WRT this, too.]
Add more compatibility options found in GENERIC to the default
opt_compat.h. While not all of them are used in the procfs code,
we can't tell for sure if the system .h files don't need them either,
so let's stay on the safe side.
Submitted by: kensmith
Reviewed by: ru
interrupt comes in later on, which can happen in some uncommon cases.
Another possible fix is to call re_detach() instead of re_stop(), like
ve(4) does, but I am not sure if the latter is really RTTD, so that stick
with this one-liner for now.
PR: kern/80005
Approved by: silence on -arch, no reply from selected network gurus
This is actually a local DoS, as every user can use /dev/crypto if there
is crypto hardware in the system and cryptodev.ko is loaded (or compiled
into the kernel).
Reported by: Mike Tancsa <mike@sentex.net>
MFC after: 1 day
Trim trailing whitespace and comments before parsing, and skip empty lines.
Skip subvendor / subdevice entries (which start with two tab characters).
Change the scanf() format string to match any amount and type of whitespace
between the device ID and the description text.
MFC after: 3 weeks
than one interface in one subnet. However, some userland apps rely on
the believe that this configuration is impossible.
Add a sysctl switch net.inet.ip.same_prefix_carp_only. If the switch
is on, then kernel will refuse to add an additional interface to
already connected subnet unless the interface is CARP. Default
value is off.
PR: bin/82306
In collaboration with: mlaier