515 Commits

Author SHA1 Message Date
yar
ac1e4103b9 Our fts(3) API, as inherited from 4.4BSD, suffers from integer
fields in FTS and FTSENT structs being too narrow.  In addition,
the narrow types creep from there into fts.c.  As a result, fts(3)
consumers, e.g., find(1) or rm(1), can't handle file trees an ordinary
user can create, which can have security implications.

To fix the historic implementation of fts(3), OpenBSD and NetBSD
have already changed <fts.h> in somewhat incompatible ways, so we
are free to do so, too.  This change is a superset of changes from
the other BSDs with a few more improvements.  It doesn't touch
fts(3) functionality; it just extends integer types used by it to
match modern reality and the C standard.

Here are its points:

o For C object sizes, use size_t unless it's 100% certain that
  the object will be really small.  (Note that fts(3) can construct
  pathnames _much_ longer than PATH_MAX for its consumers.)

o Avoid the short types because on modern platforms using them
  results in larger and slower code.  Change shorts to ints as
  follows:

	- For variables than count simple, limited things like states,
	  use plain vanilla `int' as it's the type of choice in C.

	- For a limited number of bit flags use `unsigned' because signed
	  bit-wise operations are implementation-defined, i.e., unportable,
	  in C.

o For things that should be at least 64 bits wide, use long long
  and not int64_t, as the latter is an optional type.  See
  FTSENT.fts_number aka FTS.fts_bignum.  Extending fts_number `to
  satisfy future needs' is pointless because there is fts_pointer,
  which can be used to link to arbitrary data from an FTSENT.
  However, there already are fts(3) consumers that require fts_number,
  or fts_bignum, have at least 64 bits in it, so we must allow for them.

o For the tree depth, use `long'.  This is a trade-off between making
  this field too wide and allowing for 64-bit inode numbers and/or
  chain-mounted filesystems.  On the one hand, `long' is almost
  enough for 32-bit filesystems on a 32-bit platform (our ino_t is
  uint32_t now).  On the other hand, platforms with a 64-bit (or
  wider) `long' will be ready for 64-bit inode numbers, as well as
  for several 32-bit filesystems mounted one under another.  Note
  that fts_level has to be signed because -1 is a magic value for it,
  FTS_ROOTPARENTLEVEL.

o For the `nlinks' local var in fts_build(), use `long'.  The logic
  in fts_build() requires that `nlinks' be signed, but our nlink_t
  currently is uint16_t.  Therefore let's make the signed var wide
  enough to be able to represent 2^16-1 in pure C99, and even 2^32-1
  on a 64-bit platform.  Perhaps the logic should be changed just
  to use nlink_t, but it can be done later w/o breaking fts(3) ABI
  any more because `nlinks' is just a local var.

This commit also inludes supporting stuff for the fts change:

o Preserve the old versions of fts(3) functions through libc symbol
versioning because the old versions appeared in all our former releases.

o Bump __FreeBSD_version just in case.  There is a small chance that
some ill-written 3-rd party apps may fail to build or work correctly
if compiled after this change.

o Update the fts(3) manpage accordingly.  In particular, remove
references to fts_bignum, which was a FreeBSD-specific hack to work
around the too narrow types of FTSENT members.  Now fts_number is
at least 64 bits wide (long long) and fts_bignum is an undocumented
alias for fts_number kept around for compatibility reasons.  According
to Google Code Search, the only big consumers of fts_bignum are in
our own source tree, so they can be fixed easily to use fts_number.

o Mention the change in src/UPDATING.

PR:		bin/104458
Approved by:	re (quite a while ago)
Discussed with:	deischen (the symbol versioning part)
Reviewed by:	-arch (mostly silence); das (generally OK, but we didn't
		agree on some types used; assuming that no objections on
		-arch let me to stick to my opinion)
2008-01-26 17:09:40 +00:00
ru
77a6831b74 Support source upgrades from at least 6.0-RELEASE.
Reviewed by:	imp, obrien
2008-01-23 22:21:36 +00:00
trhodes
2a949074a8 Quick note on how to disable malloc debugging in the top entry in this file.
PR:		83621
Submitted by:	Scott Robbins <scottro@nyc.rr.com> (original version)
Reviewed by:	imp
2008-01-22 15:05:22 +00:00
imp
0d78b28c6e Note change in the supported upgrade path. Prior to this 5.3-release
and newer were supported upgrade paths to -current.  After today's
commits, 6.0-RELEASE and newer is supported for jumping to current.
Make that clear in the UPDATING entry.  For the pedants out there,
upgrading from FreeBSD_version 600029 and newer should still work.
This represents a point from May 29, 2005 forward.  The prior date was
October 16th 2004.
2008-01-21 22:04:37 +00:00
matteo
4bafa5f305 Mention ADAPTIVE_GIANT removal.
Reviewed by:	attilio@
2007-11-28 13:04:11 +00:00
marius
825e639df6 Let sunkbd(4) emulate an AT keyboard by default.
This has the following benefits:
- allows to use the AT keyboard maps in share/syscons/keymaps with
  sunkbd(4),
- allows to use kbdmux(4) with sunkbd(4),
- allows Sun RS232 keyboards to be configured and used the same
  way as Sun USB keyboards driven by ukbd(4) (which also does AT
  keyboard emulation) with X.Org, putting an end to the problem
  of native support for the former in X.Org being broken over and
  over again.

MFC after:	3 days
2007-11-18 18:11:16 +00:00
marius
9ce0055163 Add ABI backwards compatibility to the FreeBSD 4/5/6 versions of
the PCIOCGETCONF, PCIOCREAD and PCIOCWRITE IOCTLs, which was broken
with the introduction of PCI domain support.
As the size of struct pci_conf_io wasn't changed with that commit,
this unfortunately requires the ABI of PCIOCGETCONF to be broken
again in order to be able to provide backwards compatibility to
the old version of that IOCTL.

Requested by:	imp
Discussed with:	re (kensmith)
Reviewed by:	PCI maintainers (imp, jhb)
MFC after:	5 days
2007-10-24 20:51:44 +00:00
julian
d50ed276e8 This time to the right branch
note the renaming of the kthread_xxx calls
2007-10-21 04:27:07 +00:00
kevlo
2ef6caa7ae Note getfacl(1) changes
Submitted by: Henrik Brix Andersen <henrik at brixandersen.dk>
2007-10-12 04:48:58 +00:00
kensmith
c80a7cd238 To honor the birth of RELENG_7 bump HEAD to 8.0-CURRENT.
Approved by:	re (implicit)
2007-10-11 04:28:08 +00:00
obrien
ca55f5d319 Pulled the trigger 2hr 50min late (Pago Pago time).
Submitted by:	ru
Approved by:	re (implicit)
2007-10-09 17:51:11 +00:00
obrien
eb3f6a9e74 Repo copy libpthreads to libkse.
This introduces the WITHOUT_LIBKSE nob,
and changes WITHOUT_LIBPTHREADS to mean with neither threading libs.
Approved by:	re(kensmith)
2007-10-09 13:42:34 +00:00
marius
d60b8a3096 Make the PCI code aware of PCI domains (aka PCI segments) so we can
support machines having multiple independently numbered PCI domains
and don't support reenumeration without ambiguity amongst the
devices as seen by the OS and represented by PCI location strings.
This includes introducing a function pci_find_dbsf(9) which works
like pci_find_bsf(9) but additionally takes a domain number argument
and limiting pci_find_bsf(9) to only search devices in domain 0 (the
only domain in single-domain systems). Bge(4) and ofw_pcibus(4) are
changed to use pci_find_dbsf(9) instead of pci_find_bsf(9) in order
to no longer report false positives when searching for siblings and
dupe devices in the same domain respectively.
Along with this change the sole host-PCI bridge driver converted to
actually make use of PCI domain support is uninorth(4), the others
continue to use domain 0 only for now and need to be converted as
appropriate later on.
Note that this means that the format of the location strings as used
by pciconf(8) has been changed and that consumers of <sys/pciio.h>
potentially need to be recompiled.

Suggested by:	jhb
Reviewed by:	grehan, jhb, marcel
Approved by:	re (kensmith), jhb (PCI maintainer hat)
2007-09-30 11:05:18 +00:00
bushman
a947d50315 Finishing renaming of cached into nscd. etc/rc.d and usr.sbin/Makefile
updated. Note added to UPDATING.

Approved by:	re (kensmith, bmah), brooks (mentor)
2007-09-28 10:38:08 +00:00
yongari
16cef586fb Fix typo.
Reported by:	Danny Braniss <danny at cs dot huji dot ac dot il>
Approved by:	re (bmah)
2007-07-09 01:13:00 +00:00
yongari
b235b2a9bc Belately note default driver change for NVIDIA network adapters.
Requested by:	Michael Plass < mfp49_freebsd at plass-family dot net>
Approved by:	re (hrs)
2007-07-06 06:35:50 +00:00
gnn
923ba4a558 Document the move from FAST_IPSEC to IPSEC. Point out the need for
device crypto in the kernel configuration file when using IPSEC.

Approved by: re
2007-07-04 21:47:23 +00:00
mlaier
3b7987b2e8 Add a note about the pf update, mark libexec/ftp-proxy as obsolete and bump
__FreeBSD_version for ports.

Approved by:	re (implicit)
2007-07-03 13:06:45 +00:00
gnn
0cd74db89b Commit IPv6 support for FAST_IPSEC to the tree.
This commit includes only the kernel files, the rest of the files
will follow in a second commit.

Reviewed by:    bz
Approved by:    re
Supported by:   Secure Computing
2007-07-01 11:41:27 +00:00
thompsa
384e40af76 Remove wicontrol(8) from the base system. Using wicontrol to configure an
interface has been deprecated since 5.1, wi(4) wireless interfaces are managed
via the net80211 stack and ifconfig.

Approved by:	re (rwatson)
2007-07-01 10:25:07 +00:00
gshapiro
294e2f4e5d Spaces to tab 2007-06-12 17:33:56 +00:00
gshapiro
8487a6b582 Add a new rc.conf variable, sendmail_rebuild_aliases, which tells
/etc/rc.d/sendmail whether or not to run newaliases if the database
is missing or the aliases text file is newer than aliases.db.

In my opinion, the aliases file should never be automatically rebuilt.
The current text form could represent a work in progress.  Therefore,
in FreeBSD 7.0, this new option will default to "NO".  When this rc.d
change is MFC'ed, it will need to remain "YES" to maintain backward
compatibility.

PR:		conf/86252
Approved by:	re (kensmith)
MFC after:	3 days
2007-06-12 17:33:23 +00:00
bms
ffd77d9ba5 Import rewrite of IPv4 socket multicast layer to support source-specific
and protocol-independent host mode multicast. The code is written to
accomodate IPv6, IGMPv3 and MLDv2 with only a little additional work.

This change only pertains to FreeBSD's use as a multicast end-station and
does not concern multicast routing; for an IGMPv3/MLDv2 router
implementation, consider the XORP project.

The work is based on Wilbert de Graaf's IGMPv3 code drop for FreeBSD 4.6,
which is available at: http://www.kloosterhof.com/wilbert/igmpv3.html

Summary
 * IPv4 multicast socket processing is now moved out of ip_output.c
   into a new module, in_mcast.c.
 * The in_mcast.c module implements the IPv4 legacy any-source API in
   terms of the protocol-independent source-specific API.
 * Source filters are lazy allocated as the common case does not use them.
   They are part of per inpcb state and are covered by the inpcb lock.
 * struct ip_mreqn is now supported to allow applications to specify
   multicast joins by interface index in the legacy IPv4 any-source API.
 * In UDP, an incoming multicast datagram only requires that the source
   port matches the 4-tuple if the socket was already bound by source port.
   An unbound socket SHOULD be able to receive multicasts sent from an
   ephemeral source port.
 * The UDP socket multicast filter mode defaults to exclusive, that is,
   sources present in the per-socket list will be blocked from delivery.
 * The RFC 3678 userland functions have been added to libc: setsourcefilter,
   getsourcefilter, setipv4sourcefilter, getipv4sourcefilter.
 * Definitions for IGMPv3 are merged but not yet used.
 * struct sockaddr_storage is now referenced from <netinet/in.h>. It
   is therefore defined there if not already declared in the same way
   as for the C99 types.
 * The RFC 1724 hack (specify 0.0.0.0/8 addresses to IP_MULTICAST_IF
   which are then interpreted as interface indexes) is now deprecated.
 * A patch for the Rhyolite.com routed in the FreeBSD base system
   is available in the -net archives. This only affects individuals
   running RIPv1 or RIPv2 via point-to-point and/or unnumbered interfaces.
 * Make IPv6 detach path similar to IPv4's in code flow; functionally same.
 * Bump __FreeBSD_version to 700048; see UPDATING.

This work was financially supported by another FreeBSD committer.

Obtained from:  p4://bms_netdev
Submitted by:   Wilbert de Graaf (original work)
Reviewed by:    rwatson (locking), silence from fenner,
		net@ (but with encouragement)
2007-06-12 16:24:56 +00:00
sam
65288aec33 note 802.11 changes 2007-06-11 04:06:50 +00:00
yar
dac62e7ff2 Now pam_nologin(8) will provide an account management function
instead of an authentication function.  There are a design reason
and a practical reason for that.  First, the module belongs in
account management because it checks availability of the account
and does no authentication.  Second, there are existing and potential
PAM consumers that skip PAM authentication for good or for bad.
E.g., sshd(8) just prefers internal routines for public key auth;
OTOH, cron(8) and atrun(8) do implicit authentication when running
a job on behalf of its owner, so their inability to use PAM auth
is fundamental, but they can benefit from PAM account management.

Document this change in the manpage.

Modify /etc/pam.d files accordingly, so that pam_nologin.so is listed
under the "account" function class.

Bump __FreeBSD_version (mostly for ports, as this change should be
invisible to C code outside pam_nologin.)

PR:		bin/112574
Approved by:	des, re
2007-06-10 18:57:20 +00:00
yar
80a596eece Sync ether_ioctl() with ioctl(2) and ifnet.if_ioctl
as to the type of the command argument: int -> u_long.
These types have different widths in the 64-bit world.

Add a note to UPDATING because the change breaks KBI
on 64-bit platforms.

Discussed on:	-net, -current
Reviewed by:	bms, ru
2007-05-29 12:40:45 +00:00
wkoszek
147aff09a7 Revert config(8) version bump. It brings major pain for people working on
different versions of FreeBSD source tree.

Old config(8) can now be used unless you want to use INCLUDE_CONFIG_FILE
option.

Approved by:	imp
Reviewed by:	imp
2007-05-16 17:23:54 +00:00
deischen
c4002b69ba Add some notes about symbol versioning and the switch to libthr. 2007-05-13 14:41:48 +00:00
gshapiro
e47e836ee4 Add a new note to revoke the 20070408 note. Is is no longer necessary
to recompile milters.

MFC after:	4 days
2007-04-23 22:15:07 +00:00
dds
a88ccacb7f Back-out manual procedure for maintaining compatibility with old accounting
files.  This functionality will be built-into the corresponding tools.
2007-04-19 17:08:54 +00:00
dds
c803e9486d Notes on the acct(5) format switch. 2007-04-18 17:34:59 +00:00
thompsa
7f29f5b512 Note the renaming of trunk(4) to lagg(4). 2007-04-17 00:41:59 +00:00
gshapiro
6c1b825ce0 Include a note about recompiling ports which use the base libmilter.
Submitted by:	Matthew Seaman
2007-04-14 16:26:01 +00:00
brueffer
8fc6b66de9 Make the tunable names for Intel license agreement more obvious. 2007-04-03 10:04:54 +00:00
mlaier
a34e895c02 Note that the old firmware modules need to be removed.
Reported by:	Jeremie Le Hen
Suggested by:	Stefan Ehmann
2007-04-01 17:49:27 +00:00
flz
7de308e008 - Add missing subdirectories in BSD.usr.dist mtree file.
- Update hier(7) to reflect latest changes in mtree file.
- Add UPDATING entry following Intel firmwares inclusion.

Submitted by:	mlaier
MFC after:	1 month
2007-03-02 14:56:15 +00:00
ru
c45fdd5d9f Bump the bootstrapping requirements for gensnmptree(1) and remove
a note in UPDATING that tried to work around the build breakage.

Tested by:	jhb
OK'ed by:	njl
2007-03-01 15:42:23 +00:00
bms
30eec96c89 Document removal of addr2ascii/ascii2addr and addition of AF_LINK
support for getnameinfo.
2007-02-28 21:33:40 +00:00
simon
7706232aaa - Use a permanent URL to reference piso's mail.
- Put URL on seperate line to not get very long lines.
2007-02-24 21:59:18 +00:00
bms
7466d6dfe5 Reword addition about MROUTING.
Submitted by:	ru
2007-02-24 21:21:53 +00:00
piso
cb538c93c9 Update my previous note about newbus API breakage mentioning the
__FreeBSD_version bump.
2007-02-24 20:15:04 +00:00
piso
aac40ad798 Note newbus API & ABI breakage. 2007-02-24 19:45:09 +00:00
bms
f7d6019d71 Note that IPv6 multicast forwarding is now dynamically loadable. 2007-02-24 11:41:05 +00:00
njl
ac3a9d22a9 Note problems I had with bsnmpd while updating from an older -current.
There may be better ways to fix/work around these issues but this worked
for me.
2007-02-19 22:49:43 +00:00
bms
8e211e654f Retire most of the classful network behaviour of netstat -r output, for IPv4.
Without -n, we now only print a "network name" without the prefix length
 under the following conditions:
  1) the network address and mask matches a classful network prefix;
  2) getnetbyaddr(3) returns a network name for this network address.

 With -n, we unconditionally print the full unabbreviated CIDR network
 prefix in the form "a.b.c.d/p". 0.0.0.0/0 is still printed as "default".

This change is in preparation for changes such as equal-cost multipath, and
to more generally assist operational deployment of FreeBSD as a modern IPv4
router. There are currently no plans to backport this change.

Discussed on:	freebsd-net
2007-02-14 14:17:01 +00:00
bms
42ce6b97cf Build PIM by default as part of the IPv4 multicast forwarding path.
Make PIM dynamically loadable by using encap_attach_func().
PIM may now be loaded into a GENERIC kernel.

Tested with:	ports/net/pimdd && tcpreplay && wireshark
Reviewed by:	Pavlin Radoslavov
2007-02-10 13:59:13 +00:00
bms
61cc2fad7d Remove support for IPIP tunnels in IPv4 multicast forwarding. XORP has
never used them; with mrouted, their functionality may be replaced by
explicitly configuring gif(4) instances and specifying them with the
'phyint' keyword.

Bump __FreeBSD_version to 700030, and update UPDATING.
A doc update is forthcoming.

Discussed on:	net
Reviewed by:	fenner
MFC after:	3 months
2007-02-07 16:04:13 +00:00
jdp
b84d1808f4 Note the second coming of MSI support in the bge driver. 2006-12-22 03:03:31 +00:00
jdp
a9ea55f6c0 Note that MSI support has been disabled already in the bge driver. 2006-12-15 00:30:37 +00:00
jdp
266ea347bf Add an entry noting that MSI support has been put into the bge
driver.
2006-12-14 23:10:59 +00:00