106888 Commits

Author SHA1 Message Date
marcel
cc3398a62e Part 2 of fixing the boot code: gcc 3.4 fixes.
The whole problem seems to be size. Which is odd, because it is said
that size doesn't matter. Anyway... Add -Os to strategic places in the
makefile to have the final loader be as mall as possible. This seems
to be enough to make it work. For now... I think something is more
fundamentally wrong; or something more fundamental is wrong. Potato,
potaato.
2004-08-22 06:24:59 +00:00
davidxu
9ffe386e73 Add code to support statically linked binary and .core file of threaded
program.
2004-08-22 05:53:38 +00:00
kensmith
55f7c69395 Found another one. Why does mdconfig hate me? Add a "sleep 5" to
this script, without it sparc64 ISO building was consistently failing
because the /dev/md0 device name was not present when the commands
following mdconfig ran.  Apparently there is the possibility of a delay
between when mdconfig finishes and the names become visible in /dev.
Yes, we could code this better than an unconditional call to "sleep 5"
but IMHO we should fix the underlying problem instead.

MFC after: 3 days
2004-08-22 05:34:07 +00:00
julian
9349236b6f diff reduction for upcoming patch. Use a macro that masks
some of the odd goings on with sub-structures, because they will
go away anyhow.
2004-08-22 05:21:41 +00:00
anholt
5dba7e9faa Add support for Intel E7205 AGP.
PR:		kern/69858
Submitted by:	Jacobo Arvelo <unix4all at gulic dot org>
2004-08-22 03:55:04 +00:00
csjp
d0350352a9 Currently, if the secure level is low enough, system flags can
be manipulated by prison root. In 4.x prison root can not manipulate
system flags, regardless of the security level. This behavior
should remain consistent to avoid any surprises which could lead
to security problems for system administrators which give out
privileged access to jails.

This commit changes suser_cred's flag argument from SUSER_ALLOWJAIL
to 0. This will prevent prison root from being able to manipulate
system flags on files.

This may be a MFC candidate for RELENG_5.

Discussed with:	cperciva
Reviewed by:	rwatson
Approved by:	bmilekic (mentor)
PR:		kern/70298
2004-08-22 02:03:41 +00:00
rwatson
2989f4181e When sliding the m_data pointer forward, update m_pktrhdr.len as well
as m_len, or the pkthdr length will be inconsistent with the actual
length of data in the mbuf chain.  The symptom of this occuring was
"out of data" warnings from in_cksum_skip() on large UDP packets sent
via the loopback interface.

Foot shot:	green
2004-08-22 01:32:48 +00:00
marcel
ac18cb2a92 Part 1 of fixing the boot code: binutils 2.15 fixes.
The binutils 2.15 assembler now automaticly and non-optionally adds
the .eh_frame section for unwind information. This section appears
to wreck havoc to the final boot code. Fix this by using a special
linker script that discards the .eh_frame sections, but is otherwise
identical to the linker internal script used for -N.

Compiler used: gcc 3.3.5
Verified with: binutils 2.14 & binutils 2.15 (stock and in-tree)
Tested with: /boot/loader & /boot/netboot
2004-08-22 00:26:01 +00:00
alc
069d1661bd In the previous revision, I failed to condition an early release of Giant
in vm_fault() on debug_mpsafevm.  If debug_mpsafevm was not set, the result
was an assertion failure early in the boot process.

Reported by: green@
2004-08-22 00:08:43 +00:00
rwatson
5a65579e60 If a tunable for the routing socket netisr queue max is defined, allow it
to override the default value, rather than the default value overriding
the tunable.
2004-08-21 21:45:40 +00:00
rwatson
e40f2287d8 Allow the size of the routing socket netisr queue to be configured using
the tunable or sysctl 'net.route.netisr_maxqlen'.  Default the maximum
depth to 256 rather than IFQ_MAXLEN due to the downsides of dropping
routing messages.

MT5 candidate.

Discussed with:	mdodd, mlaier, Vincent Jardin <jardin at 6wind.com>
2004-08-21 21:20:06 +00:00
pjd
2acdd880f4 Add version history. 2004-08-21 21:15:03 +00:00
trhodes
6eaad9248d Protect the period! And add a new line.
Guilty of bad merge:	trhodes
2004-08-21 20:40:51 +00:00
trhodes
10880df265 Document recently added features and bump the doc date. 2004-08-21 20:26:03 +00:00
thomas
a4418fa3a8 Fix positional parameter reference to ${10}.
Fix target location for generation of fstab.

PR:	bin/70795
2004-08-21 20:21:49 +00:00
trhodes
e8f5fe7524 Allow mac_bsdextended(4) to log failed attempts to syslog's AUTHPRIV
facility.  This is disabled by default but may be turned on by using
the mac_bsdextended_logging sysctl.

Reviewed by:	re (jhb)
Approved by:	re (jhb)
2004-08-21 20:19:19 +00:00
trhodes
1e23f58a1d Give the mac_bsdextended(4) policy the ability to match and apply on a first
rule only in place of all rules match.  This is similar to how ipfw(8) works.

Provide a sysctl, mac_bsdextended_firstmatch_enabled, to enable this
feature.

Reviewed by:	re (jhb)
Aprroved by:	re (jhb)
2004-08-21 20:15:08 +00:00
obrien
0b0dadfcef Clarify __FreeBSD_version scheme.
Submitted by:	ru
2004-08-21 20:05:33 +00:00
obrien
7e4379230d Hit people over the head so they realize run-time errors of the form
/libexec/ld-elf.so.1: Undefined symbol "_ZNSs20_S_empty_rep_storageE"
does mean they are hitting the GCC 3.4 ABI change issue.
2004-08-21 19:44:43 +00:00
alc
bdaf27d7e6 Further reduce the use of Giant by vm_fault(): Giant is held only when
manipulating a vnode, e.g., calling vput().  This reduces contention for
Giant during many copy-on-write faults, resulting in some additional
speedup on SMPs.

Note: debug_mpsafevm must be enabled for this optimization to take effect.
2004-08-21 19:20:21 +00:00
alc
d421a19d6e Properly free the temporary sf_buf in uiomove_fromphys() if a copyin or
copyout fails.

Obtained from: DragonFlyBSD
2004-08-21 18:50:34 +00:00
njl
6234ef46ca Fix PCI link irq programming on resume. A logic bug prevented a device
match, inverting which links actually got resumed.

Submitted by:	Hiroyuki Aizu <eyes_at_navi.org>
MFC after:	3 days
2004-08-21 18:18:32 +00:00
pjd
6ac179d92c Add regression test for the new "round-robin reading" feature. 2004-08-21 18:14:55 +00:00
pjd
c3c6740d1a Implement new reading algorithm, which will use parity component for reading
as well, even if device is in complete state.
I observe 40% of speed-up with this option for random read operations,
but slowdown for sequential reads.
Basically, without this option reading from a RAID3 device built from 5
components (c0-c4) looks like this:

	Request no.	Used components
	1		c0+c1+c2+c3
	2		c0+c1+c2+c3
	3		c0+c1+c2+c3

With the new feature:

	Request no.	Used components
	1		c0+c1+c2+c3
	2		(c1^c2^c3^c4)+c1+c2+c3
	3		c0+(c0^c2^c3^c4)+c2+c3
	4		c0+c1+(c0^c1^c3^c4)+c3
	5		c0+c1+c2+(c0^c1^c2^c4)
	6		c0+c1+c2+c3
	[...]
2004-08-21 18:11:46 +00:00
obrien
fbfced34e4 Fix where my automated script blew the SCM ID format conversion. 2004-08-21 17:44:57 +00:00
csjp
657b6f650c When a prison is given the ability to create raw sockets (when the
security.jail.allow_raw_sockets sysctl MIB is set to 1) where privileged
access to jails is given out, it is possible for prison root to manipulate
various network parameters which effect the host environment. This commit
plugs a number of security holes associated with the use of raw sockets
and prisons.

This commit makes the following changes:

- Add a comment to rtioctl warning developers that if they add
  any ioctl commands, they should use super-user checks where necessary,
  as it is possible for PRISON root to make it this far in execution.
- Add super-user checks for the execution of the SIOCGETVIFCNT
  and SIOCGETSGCNT IP multicast ioctl commands.
- Add a super-user check to rip_ctloutput(). If the calling cred
  is PRISON root, make sure the socket option name is IP_HDRINCL,
  otherwise deny the request.

Although this patch corrects a number of security problems associated
with raw sockets and prisons, the warning in jail(8) should still
apply, and by default we should keep the default value of
security.jail.allow_raw_sockets MIB to 0 (or disabled) until
we are certain that we have tracked down all the problems.

Looking forward, we will probably want to eliminate the
references to curthread.

This may be a MFC candidate for RELENG_5.

Reviewed by:	rwatson
Approved by:	bmilekic (mentor)
2004-08-21 17:38:57 +00:00
rwatson
56ad5a3d5e When notifying protocol components of an event on an in6pcb, use the
result of the notify() function to decide if we need to unlock the
in6pcb or not, rather than always unlocking.  Otherwise, we may unlock
and already unlocked in6pcb.

Reported by:	kuriyama, Gordon Bergling <gbergling at 0xfce3.net>
Tested by:	kuriyama, Gordon Bergling <gbergling at 0xfce3.net>
Discussed with:	mdodd
2004-08-21 17:38:48 +00:00
rwatson
51b320a56b When prepending space onto outgoing UDP datagram payloads to hold the
UDP/IP header, make sure that space is also allocated for the link
layer header.  If an mbuf must be allocated to hold the UDP/IP header
(very likely), then this will avoid an additional mbuf allocation at
the link layer.  This trick is also used by TCP and other protocols to
avoid extra calls to the mbuf allocator in the ethernet (and related)
output routines.
2004-08-21 16:14:04 +00:00
hrs
a5550b6452 Add &release.type.current; to unbreak the build. 2004-08-21 14:27:21 +00:00
simon
dbcc99d05d mdoc(7) janitor:
- Fix hard sentence breaks.

MFC after:	3 days
2004-08-21 12:58:09 +00:00
hrs
ea849c279d Add &release.type.current; to unbreak the build. 2004-08-21 12:34:42 +00:00
davidxu
f62c438c72 Pull debug symbols in for statically linked binary.
Reviewed by: desichen
2004-08-21 11:49:19 +00:00
hrs
bbb9789bc5 Bump version numbers for 6.0-CURRENT and fix some sentences. 2004-08-21 08:59:53 +00:00
phk
55a12076a9 Attempt to make the probe for hardware more specific. 2004-08-21 08:40:00 +00:00
dfr
febc176986 Back out the call to _init_tls() - something is broken there and it
prevents all static binaries from running.
2004-08-21 08:22:00 +00:00
tjr
6ad9afc94f The UTF2 encoding and the INVALID keyword are now obsolete. 2004-08-21 08:16:36 +00:00
tjr
9cf5fdf194 Re-word warning about the UTF2 encoding, taking care to use the word
"obsolete" instead of "deprecated".
2004-08-21 08:08:29 +00:00
tjr
7c805bebcd Bump document date for previous. 2004-08-21 08:03:18 +00:00
tjr
4fe778a081 Re-word warning about the rune interface, taking care to use the word
"obsolete" instead of "deprecated".
2004-08-21 08:00:31 +00:00
tjr
0950eb6cba Change "deprecated" in link-time warnings about various rune functions
to "obsolete".
2004-08-21 07:48:06 +00:00
tjr
a8cee78a82 Re-word compatibility section, taking care to use the word "obsolete" to
describe the 4.4BSD extension of accepting characters (runes) outside of
the range of unsigned char.
2004-08-21 07:37:08 +00:00
maxim
6c3a896977 Avoid accidental use of ANSI C trigraphs.
Spotted by:	Pawel Worach
Obtained from:	NetBSD (rev. 1.11, 1.13)
2004-08-21 07:23:41 +00:00
tjr
690161113f Let GCC know that ___runetype(), ___tolower() and ___toupper() are pure
functions, allowing it to generate better code for the <ctype.h> and
<wctype.h> functions. For example, it can now keep _CurrentRuneLocale
in a register across calls to these functions, and can delete calls to
___runetype() if the result is already known or not used.
2004-08-21 07:00:40 +00:00
anholt
1095443edb Fix aperture size detection on some ALi chipsets by only using the lowest 4 bits
to check aperture size, avoiding hangs.  Maintain the rest of the bits when
setting/unsetting ATTBASE.  This essentially matches Linux's AGP driver as well.

PR:		kern/70037
Submitted by:	Mark Tinguely <tinguely at casselton dot net>
Obtained from:	NetBSD
2004-08-21 06:24:21 +00:00
anholt
bab63472f8 Apply some stylistic changes based off of kern/70037 (content changes to
follow).
2004-08-21 06:18:11 +00:00
obrien
84cd481c4b Enter the long awaited start of FreeBSD 6.0! 2004-08-21 03:58:39 +00:00
obrien
22dcfa59a7 Add some details about our wonderful system. 2004-08-21 03:36:47 +00:00
obrien
f850188f63 Document when this function came into FreeBSD. 2004-08-21 03:31:17 +00:00
truckman
f36627bd56 Don't bother calling the module event handlers from module_shutdown()
in the shutdown_final state if the RB_NOSYNC flag is set.

The specific motivation in this case is that a system panic in an
interrupt context results in a call to module_shutdown(), which
calls g_modevent(), which calls g_malloc(..., M_WAITOK), which
results in a second panic.   While g_modevent() could be fixed to
not call malloc() for MOD_SHUTDOWN events (which it doesn't handle
in any case), it is probably also a good idea to entirely skip the
execution of the module shutdown handlers after a panic.

This may be a MFC candidate for RELENG_5.
2004-08-20 21:47:48 +00:00
truckman
54d23a34f6 Don't attempt to trigger the syncer thread final sync code in the
shutdown_pre_sync state if the RB_NOSYNC flag is set.  This is the
likely cause of hangs after a system panic that are keeping crash
dumps from being done.

This is a MFC candidate for RELENG_5.

MFC after:	3 days
2004-08-20 19:21:47 +00:00