125268 Commits

Author SHA1 Message Date
Robert Watson
258cc56708 This commit was generated by cvs2svn to compensate for changes in r159985,
which included commits to RCS files with non-trunk default branches.
2006-06-27 18:06:41 +00:00
Robert Watson
d9af45c4c8 Vendor import of OpenBSM 1.0 alpha 7, with the following change history
notes:

- Adopted Solaris-compatible format for subject32_ex and subject64_ex
  tokens, which previously did not correctly implement variable length
  address storage.
- Prefer inttypes.h to stdint.h; enhance queue.h detection to test for
  TAILQ_FOREACH_SAFE(), which is present in recent BSD queue.h's, but not
  older ones.  OpenBSM now builds on some FreeBSD 4.x version.
- New event types for extended attributes, ACLs, and scheduling.

Obtained from:	TrustedBSD Project
2006-06-27 18:06:41 +00:00
Robert Watson
21b2c802f6 Modify import instructions to include "-n" in the sample command line for
the CVS import, and suggest removing it for the real import, rather than
suggesting it for testing.  This will hopefully prevent me (and others)
from making errors.
2006-06-27 17:55:38 +00:00
John Baldwin
0cceebeeb2 Regen. 2006-06-27 14:47:08 +00:00
John Baldwin
597d608f86 - Expand the scope of Giant some in mount(2) to protect the vfsp structure
from going away.  mount(2) is now MPSAFE.
- Expand the scope of Giant some in unmount(2) to protect the mp structure
  (or rather, to handle concurrent unmount races) from going away.
  umount(2) is now MPSAFE, as well as linux_umount() and linux_oldumount().
- nmount(2) and linux_mount() were already MPSAFE.
2006-06-27 14:46:31 +00:00
Eric Anholt
806baa6401 Fix breakage of CHIP_I855 in the last revision.
Submitted by:	Ted Faber <faber@ISI.EDU>
2006-06-27 14:05:11 +00:00
Christian Brueffer
904887e254 - Convert to our new SYNOPSIS style
- Correct tcpdump reference
2006-06-27 12:48:15 +00:00
Gleb Smirnoff
d473c9d543 A netgraph node that can do different manipulations with
mbuf_tags(9) on packets.

Submitted by:		Vadim Goncharov <vadimnuclight tpu.ru>
mdoc(7) reviewed by:	ru
2006-06-27 12:45:28 +00:00
Pawel Jakub Dawidek
06c5d8fa73 - Use suser_cred(9) instead of directly comparing cr_uid.
- Compare pointer with NULL.

Reviewed by:	rwatson
2006-06-27 11:41:21 +00:00
Pawel Jakub Dawidek
5279398812 - Use suser_cred(9) instead of directly comparing cr_uid.
- Compare pointer with NULL, instead of 0.

Reviewed by:	rwatson
2006-06-27 11:40:05 +00:00
Pawel Jakub Dawidek
835d4b8924 - Use suser_cred(9) instead of directly checking cr_uid.
- Change the order of conditions to first verify that we actually need
  to check for privileges and then eventually check them.

Reviewed by:	rwatson
2006-06-27 11:35:53 +00:00
Pawel Jakub Dawidek
0bd645ae0c Compress direct cr_ruid comparsion and jailed() call to suser_cred(9).
Reviewed by:	rwatson
2006-06-27 11:32:08 +00:00
Pawel Jakub Dawidek
8838c27693 Use suser_cred(9) instead of checking cr_uid directly.
Reviewed by:	rwatson
2006-06-27 11:29:38 +00:00
Pawel Jakub Dawidek
2905ade228 - Use suser_cred(9) instead of checking cr_ruid directly.
- For privileged processes safe two mutex operations.

We may want to consider if this is good idea to use SUSER_ALLOWJAIL here,
but for now I didn't wanted to change the original behaviour.

Reviewed by:	rwatson
2006-06-27 11:28:50 +00:00
Alan Cox
9b123ca12a Make several changes to pmap_enter_quick_locked():
1. Make the caller responsible for performing pmap_install().  This reduces
the number of times that pmap_install() is performed by
pmap_enter_object() from twice per page to twice overall.

2. Don't block if pmap_find_pte() is unable to allocate a PTE.  If it did
block, then it might wind up mapping a cache page.  Specifically, if
pmap_enter_quick_locked() slept when called from pmap_enter_object(), the
page daemon could change an active or inactive page into a cache page just
before it was to be mapped.

3. Bail out of pmap_enter_quick_locked() if pv entries aren't plentiful.
In other words, don't force the allocation of a pv entry if they aren't
readily available.

Reviewed by: marcel@
2006-06-27 05:05:05 +00:00
Alan Cox
8e0e1e2239 Correct a very old and very obscure bug: vmspace_fork() calls
pmap_copy() if the mapping is VM_INHERIT_SHARE.  Suppose the mapping
is also wired.  vmspace_fork() clears the wiring attributes in the vm
map entry but pmap_copy() copies the PG_W attribute in the PTE.  I
don't think this is catastrophic.  It blocks pmap_remove_pages() from
destroying the mapping and corrupts the pmap's wiring count.

This revision fixes the problem by changing pmap_copy() to clear the
PG_W attribute.

Reviewed by: tegge@
2006-06-27 04:28:23 +00:00
Andrew Thompson
f0ac1eedd5 Simplify ipsec_bpf by using bpf_mtap2(). 2006-06-27 01:53:12 +00:00
Garance A Drosehn
a04de8fa95 Remove the "oldorder" processing. The "neworder" processing has
been the default for two years now, without any problems reported.

MFC after:	3 weeks
2006-06-27 00:18:15 +00:00
David E. O'Brien
bfc788c283 Add a pure open source nForce Ethernet driver, under BSDL.
This driver was ported from OpenBSD by Shigeaki Tagashira
<shigeaki@se.hiroshima-u.ac.jp> and posted at
http://www.se.hiroshima-u.ac.jp/~shigeaki/software/freebsd-nfe.html
It was additionally cleaned up by me.
It is still a work-in-progress and thus is purposefully not in GENERIC.
And it conflicts with nve(4), so only one should be loaded.
2006-06-26 23:41:07 +00:00
Andrew Thompson
0956028163 Hook enc(4) to the build. 2006-06-26 22:31:26 +00:00
Andrew Thompson
bdea400f3b Add a pseudo interface for packet filtering IPSec connections before or after
encryption. There are two functions, a bpf tap which has a basic header with
the SPI number which our current tcpdump knows how to display, and handoff to
pfil(9) for packet filtering.

Obtained from:	OpenBSD
Based on:	kern/94829
No objections:	arch, net
MFC after:	1 month
2006-06-26 22:30:08 +00:00
Sergey Babkin
d81175c738 Backed out the change by request from rwatson.
PR:		kern/14584
2006-06-26 22:03:22 +00:00
Bill Paul
ed510fb04f Add support for the RealTek 8169SC/8110SC and RTL8101E devices. The
latter is a PCIe 10/100 chip.

Finally fix the EEPROM reading code so that we can access the EEPROMs on all
devices. In order to access the EEPROM, we must select 'EEPROM programming'
mode, and then set the EEPROM chip select bit. Previously, we were setting
both bits simultaneously, which doesn't work: they must be set in the
right sequence.

Always obtain the station address from the EEPROM, now that EEPROM
reading works correctly.

Make the TX interrupt moderation code based on the internal timer
optional and turned off by default.

Make the re_diag() routine conditional and off by default. When it is
on, only use it for the original 8169, which was the only device that
that really needed it.

Modify interrupt handling to use a fast interrupt handler and fast
taskqeueue.

Correct the rgephy driver so that it only applies the DSP fixup for
PHY revs 0 and 1. Later chips are fixed and don't need the fixup.

Make the rgephy driver advertise both 1000_FD and 1000_HD bits in
autoneg mode. A couple of the devices don't autoneg correctly unless
configured this way.
2006-06-26 20:31:32 +00:00
John Baldwin
b820787fb3 Regen. 2006-06-26 18:37:36 +00:00
John Baldwin
b0f6106af9 Change svr4_sys_break() to just call obreak() and mark it MPSAFE.
Not objected to by:	alc
2006-06-26 18:36:57 +00:00
John Baldwin
cf837b8943 linux_brk() is MPSAFE. 2006-06-26 18:36:16 +00:00
John Baldwin
04a8728231 - Sync with master: rmdir(), mkdir(), and extattr_*() are all MPSAFE.
- freebsd32_utimes() is MPSAFE.
2006-06-26 18:35:57 +00:00
John Baldwin
c94ce032df Address a problem I missed in removing Giant from the kernel linker. Not
all of the module event handlers are MP safe yet, so always acquire Giant
for now when invoking module event handlers.  Eventually we can add an
MPSAFE flag or some such and add appropriate locking to all module event
handlers.
2006-06-26 18:34:45 +00:00
John Baldwin
322fb40cbf Remove duplicate security checks already performed in kern_kldload(). 2006-06-26 18:33:32 +00:00
Andre Oppermann
cc477a6347 In syncache_respond() do not reply with a MSS that is larger than what
the peer announced to us but make it at least tcp_minmss in size.

Sponsored by:	TCP/IP Optimization Fundraise 2005
2006-06-26 17:54:53 +00:00
David E. O'Brien
d5638eab01 This commit was generated by cvs2svn to compensate for changes in r159952,
which included commits to RCS files with non-trunk default branches.
2006-06-26 17:25:22 +00:00
David E. O'Brien
257c55772d Import the nfe (nForce Ethernet) driver from OpenBSD.
This is a pure open source NIC driver with a BSD license.
These bits were taken from the OpenBSD public CVS repository on 1-May-06.
2006-06-26 17:25:22 +00:00
Robert Watson
e83b30bdcb Trim basically unused 'unp' in uipc_connect(). 2006-06-26 16:18:22 +00:00
Andre Oppermann
8bfb19180d Some cleanups and janitorial work to tcp_syncache:
o don't assign remote/local host/port information manually between provided
   struct in_conninfo and struct syncache, bcopy() it instead
 o rename sc_tsrecent to sc_tsreflect in struct syncache to better capture
   the purpose of this field
 o rename sc_request_r_scale to sc_requested_r_scale for ditto reasons
 o fix IPSEC error case printf's to report correct function name
 o in syncache_socket() only transpose enhanced tcp options parameters to
   struct tcpcb when the inpcb doesn't has TF_NOOPT set
 o in syncache_respond() reorder stack variables
 o in syncache_respond() remove bogus KASSERT()

No functional changes.

Sponsored by:	TCP/IP Optimization Fundraise 2005
2006-06-26 16:14:19 +00:00
Andre Oppermann
f72167f4d1 Some cleanups and janitorial work to tcp_dooptions():
o redefine the parameter 'is_syn' to 'flags', add TO_SYN flag and adjust its
   usage accordingly
 o update the comments to the tcp_dooptions() invocation in
   tcp_input():after_listen to reflect reality
 o move the logic checking the echoed timestamp out of tcp_dooptions() to the
   only place that uses it next to the invocation described in the previous
   item
 o adjust parsing of TCPOPT_SACK_PERMITTED to use the same style as the others
 o add comments in to struct tcpopt.to_flags #defines

No functional changes.

Sponsored by:	TCP/IP Optimization Fundraise 2005
2006-06-26 15:35:25 +00:00
Giorgos Keramidas
57b2be8d06 Fix a minor typo in rev 1.950 2006-06-26 12:12:09 +00:00
Andre Oppermann
dfabcc1d29 Reverse the source/destination parameters to in[6]_pcblookup_hash() in
syncache_respond() for the #ifdef MAC case.

Submitted by:	Tai-hwa Liang <avatar-at-mmlab.cse.yzu.edu.tw>
2006-06-26 09:43:55 +00:00
Robert Watson
b4470c1639 In tcp6_usr_attach(), return immediately if SS_ISDISCONNECTED, to
avoid dereferencing an uninitialized inp variable.

Submitted by:	Michiel Boland <michiel at boland dot org>
MFC after:	1 month
2006-06-26 09:38:08 +00:00
Matt Jacob
8ca0124685 VMWare ESX reports > 16 targets for the LSI-Logic
U320 model it emulates. Then it crashes and burns
when you probe that high.
2006-06-26 05:44:18 +00:00
Matt Jacob
5ce1b00496 Grumble. VMWare ESX and VMWare WorkStation have *slightly* different
inquiry data (pointlessly different I might add). Pick the common
parts.

MFC after:	1 day
2006-06-26 05:41:11 +00:00
Sam Leffler
6f48c95642 enable rx of control frames when in monitor mode
Submitted by:	Andrea Bittau <a.bittau@cs.ucl.ac.uk>
MFC after:	1 week
2006-06-26 04:31:36 +00:00
Scott Long
09e19031ab Fix a memory leak and a nested 'for' loop in the spare table handling.
Submitted by: Pedro Martelletto
2006-06-26 03:21:19 +00:00
Sam Leffler
622b3fd21c Close race in handling mcast traffic when operating as an ap with
stations in power save: add a new q where mcast frames are stashed
and on beacon update (at DTIM) move frames from the mcast q to the
cabq and start it.  This ensures the cabq is only manipulated in
one place.

Sponsored by:	Hobnob
MFC after:	2 weeks
2006-06-26 03:10:45 +00:00
Maxim Sobolev
d5046da865 Improve check for protective MBR. Instead of assiming that protective
MBR should have only one entry of type 0xEE, consider protective MBR
to be one, that has at least one entry of type 0xEE covering the whole
unit. This makes GEOM_GPT compatible with disks partitioned by the
Apple's BootCamp.

Approved in principle by:       marcel
MFC After:			1 month
2006-06-26 00:32:54 +00:00
Alan Cox
feb0c348cf Eliminate a comment that became stale after revision 1.540.
Wrap a nearby line.
2006-06-25 22:22:37 +00:00
Alan Cox
031bf5ea1e Eliminate a comment that became stale after revision 1.547. 2006-06-25 22:15:02 +00:00
Alan Cox
d644a0b78a Synchronize accesses to the PTEG table.
Add many lock assertions.

Tested by: grehan@
2006-06-25 19:07:01 +00:00
Sergey Babkin
7a799f1ef0 The common UID/GID space implementation. It has been discussed on -arch
in 1999, and there are changes to the sysctl names compared to PR,
according to that discussion. The description is in sys/conf/NOTES.
Lines in the GENERIC files are added in commented-out form.
I'll attach the test script I've used to PR.

PR:		kern/14584
Submitted by:	babkin
2006-06-25 18:37:44 +00:00
Eric Anholt
92d4d9230c Replace the three copies of the list of pci ids with a single centralized list.
Add the i945 PCI IDs commented out -- I think it should just work, but it hasn't
been tested yet.
2006-06-25 14:44:43 +00:00
Robert Watson
1e0acb6801 Use suser_cred() instead of a direct comparison of cr_uid with 0 in
rip6_output().

MFC after:	1 week
2006-06-25 13:54:59 +00:00