Commit Graph

134351 Commits

Author SHA1 Message Date
andre
90c73e9aec Fix comments in tcp_do_segment().
Approved by:	re (kensmith)
2007-07-25 18:48:24 +00:00
jhb
e447c8529b Require 'cleanvar' so that files and sockets created in /var/run by
wpa_supplicant and other programs started by 'netif' don't get erased
by a subsequent 'cleanvar'.

Approved by:	re (bmah)
Reviewed by:	dougb
MFC after:	1 week
2007-07-25 18:08:01 +00:00
bmah
59919178d9 New release note: iscsi_initiator(8).
Updated release notes:  BIND 9.4.1-p1, OpenBSM 1.0alpha15.

Approved by:	re (implicit)
2007-07-25 15:19:37 +00:00
scottl
d8e6f45dcb Fix a whitespace mistake from the last commit.
Submitted by: far too many to list
Approved by: re
2007-07-25 13:37:33 +00:00
dougb
94603158a3 This commit was generated by cvs2svn to compensate for changes in r171577,
which included commits to RCS files with non-trunk default branches.
2007-07-25 08:12:36 +00:00
dougb
e9f5980a15 Vendor import of 9.4.1-P1, which has fixes for the following:
1. The default access control lists (acls) are not being
correctly set. If not set anyone can make recursive queries
and/or query the cache contents.

See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2925

2. The DNS query id generation is vulnerable to cryptographic
analysis which provides a 1 in 8 chance of guessing the next
query id for 50% of the query ids. This can be used to perform
cache poisoning by an attacker.

This bug only affects outgoing queries, generated by BIND 9 to
answer questions as a resolver, or when it is looking up data
for internal uses, such as when sending NOTIFYs to slave name
servers.

All users are encouraged to upgrade.

See also:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2926

Approved by:	re (kensmith, implicit)
2007-07-25 08:12:36 +00:00
imp
83f7b6d2a5 Start to converge on standard ways of saying some things like
Ethernet and Adapter.

Obtained from: NetBSD (kinda)
Approved by: re (blanket)
2007-07-25 07:11:08 +00:00
imp
254cc6132e Fix absolutely maddening autorepeat bug that would cause the last key
to repeat if you had more than two keys down at any given time (which
happened to me all the time with emacs).

This is taken from PR 110681, although what URATAN Shigenobu describes
there is different than the pathology that I have been seeing.  I'm
seeing this only in X, while he sees it on his console, yet I think
the two problems are related.  I've also reworked the patch slightly
to conform to the coding standards of adjacent code.

It is unclear to me if this merely masks the maddening bug that I have
seen, or if this is a real fix.  I typically see the problem when I'm
typing fast in emacs and using lots of motion keys (meta and control).
In either case, my workstation at work again is finally useful with
this patch.

PR:		110681
Submitted by:	URATAN Shigenobu
Approved by: 	re (blanket)
2007-07-25 06:48:33 +00:00
imp
dcccc748ff ums(4) does not work if the mouse defaults to boot protocol. Force
the protocol to be report on each open, but ignore any errors as set
protocol for mice that don't implement the boot protocol can generate
an error.  Evidentally, the Gyration GyroPoint RF Technology Receiver
(Gyration Ultra Cordless) device has this problem.

Submitted by: Eugene M. Kim
PR: 106565
Approved by: re (blanket)
2007-07-25 06:43:06 +00:00
rrs
1db8ba2474 - take out a needless panic under invariants for sctp_output.c
- Fix addrs's error checking of sctp_sendx(3) when addrcnt is less than
   SCTP_SMALL_IOVEC_SIZE
 - re-add back inpcb_bind local address check bypass capability
 - Fix it so sctp_opt_info is independant of assoc_id postion.
 - Fix cookie life set to use MSEC_TO_TICKS() macro.
 - asconf changes
   o More comment changes/clarifications related to the old local address
    "not" list which is now an explicit restricted list.

   o Rename some functions for clarity:
     - sctp_add/del_local_addr_assoc to xxx_local_addr_restricted()
     - asconf related iterator functions to sctp_asconf_iterator_xxx()

   o Fix bug when the same address is deleted and added (and removed from
     the asconf queue) where the ifa is "freed" twice refcount wise,
     possibly freeing it completely.

   o Fix bug in output where the first ASCONF would not go out after the
     last address is changed (e.g. only goes out when retransmitted).

   o Fix bug where multiple ASCONFs can be bundled in the same packet with
     the and with the same serial numbers.

   o Fix asconf stcb iterator to not send ASCONF until after all work
     queue entries have been processed.

   o Change behavior so that when the last address is deleted (auto asconf
     on a bound all endpoint) no action is taken until an address is
     added; at that time, an ASCONF add+delete is sent (if the assoc
     is still up).

   o Fix local address counting so that address scoping is taken into
     account.

   o #ifdef SCTP_TIMER_BASED_ASCONF the old timer triggered sending
     of ASCONF (after an RTO).  The default now is to send
     ASCONF immediately (except for the case of changing/deleting the
     last usable address).
Approved by:	re(ken smith)@freebsd.org
2007-07-24 20:06:02 +00:00
brueffer
4177278d87 First round of cleanups.
Approved by:	re (blanket)
2007-07-24 18:08:16 +00:00
delphij
41fd4384d1 MFp4: Force 64-bit arithmatic when caculating the maximum file size.
This fixes tmpfs caculations on 32-bit systems equipped with more than
4GB swap.

Reported by:	Craig Boston <craig xfoil gank org>
PR:		kern/114870
Approved by:	re (tmpfs blanket)
2007-07-24 17:14:53 +00:00
scottl
5ae7469904 Attach the iscsi module build.
Approved by: re
2007-07-24 16:58:18 +00:00
scottl
08b4d87cfe Introduce Danny Braniss' iSCSI initiator, version 2.0.99. Please read the
included man pages on how to use it.  This code is still somewhat experimental
but has been successfully tested on a number of targets.  Many thanks to
Danny for contributing this.

Approved by: re
2007-07-24 15:35:02 +00:00
pjd
67705357ae Update assertion after revision 1.23.
Reviewed by:	dfr
Approved by:	re (rwatson)
2007-07-24 15:00:43 +00:00
imp
6efbeeeff5 Add some additional cross references.
Approved by: re@ (blanket)
2007-07-24 14:51:21 +00:00
imp
28d05b4684 Add ChanTou ST268 USB NIC
PR: 114860
Approved by: re@ (blanket)
2007-07-24 14:49:25 +00:00
imp
88f6afd212 Add support for ShanTou ST268 usb nic. This is from a patch for NetBSD
the PR pointed to.  This appears to have been written by Julian Suschlik.

Submitted by: Kuan-Chung Chiu
Obtained from: http://www.nabble.com/Patch-for-udav(4)-t4070804.html
PR: 114860
Approved by: re@ (blanket)
2007-07-24 14:44:23 +00:00
simon
9760782042 Set timeout for all NIS RPC requests to 1 second and not just for
yp_next as revision 1.50 did.  This should fix, or at least very much
reduce the risk of, NIS timing out due to UDP packet loss for NIS
functions.

See also revision 1.50 for more details about the general problem.

Tested by:	nosedive, freefall, hub, mx1, brooks
MFC after:	1 week
Approved by:	re (mux)
2007-07-24 13:06:08 +00:00
delphij
90cc29c58c Stop mentioning /usr/X11R6.
Approved by:	re (hrs)
2007-07-24 06:41:07 +00:00
yongari
f01a448638 Add MSI support.
Ever since switching to adaptive polling re(4) occasionally spews
watchdog timeouts on systems with MSI capability. This change is
minimal one for supporting MSI and re(4) also needs MSIX support
for RTL8111C in future. Because softc structure of re(4) is shared
with rl(4), rl(4) was touched to use the modified softc.

Reported by:	cnst
Tested by:	cnst
Approved by:	re (kensmith)
2007-07-24 01:24:03 +00:00
yongari
1ad992a983 Don't fail on device attach if jumbo frame support was unsuccessful.
Because nfe(4) hardware doesn't support SG on Rx path, supporting
jumbo frame requires very large contiguous kernel memory(i.e. several
mega bytes). In case of lack of contiguous kernel memory that
allocation request may always fail. However nfe(4) can operate on normal
sized MTU frames, so go ahead and just disable jumbo frame support.
While I'm here add a new tunable "hw.nfe.jumbo_disable" to disable
jumbo frame support.
In nfe_poll, make sure to invoke correct Rx handler.

Approved by:	re (kensmith)
2007-07-24 01:11:00 +00:00
attilio
0986b6b87f upcall_free() was only used in kse_GC() which has been removed so it now
results unused; this, with -Werror option of gcc, rise a warning for gcc
which let the buildkernel to be busted.
Fix this removing upcall_free().

Reported by: various
Approved by: jeff
Approved by: re
Pointy hat to: attilio
2007-07-23 23:16:53 +00:00
attilio
ad75d346f7 Actually, KSE kernel bits locking is broken and can lead likely to
dangerous races.
Fix this problems adding correct locking for the members of 'struct
kse_upcall' and other struct proc/struct thread related members.
For the moment, just leave ku_mflag and ku_flags "lazy" locked.
While here, cleanup the code removing the function kse_GC() (unused),
and merging upcall_link(), upcall_unlink(), upcall_stash() in their
respective callers (static functions, very short and only called in one
place).

Reported by: pav
Tested by: pav (on some pointyhat cluster nodes)
Approved by: jeff
Approved by: re
Sponsorized by: NGX Italy (http://www.ngx.it)
2007-07-23 14:52:22 +00:00
rwatson
4d894bfc82 When checking labels during a vnode link operation in MLS, use the file
vnode label for a check rather than the directory vnode label a second
time.

MFC after:	3 days
Submitted by:	Zhouyi ZHOU <zhouzhouyi at FreeBSD dot org>
Reviewed by:	csjp
Sponsored by:	Google Summer of Code 2007
Approved by:	re (bmah)
2007-07-23 13:28:54 +00:00
dwmalone
e8276674f3 If clock_ct_to_ts fails to convert time time from the real time clock,
print a one line error message. Add some comments on not being able to
trust the day of week field (I'll act on these comments in a follow up
commit).

Approved by:	re
MFC after:	3 weeks
2007-07-23 09:42:32 +00:00
rwatson
9f42d6219f Continue effort to align UDPv4 and UDPv6 implementations by merging
udp6_output() from udp6_output.c to udp6_usrreq.c, matching the UDPv4
structure, and allowing us to remove udp6_output.c.

Reviewed by:	bz, gnn
Approved by:	re (bmah)
2007-07-23 07:58:58 +00:00
bde
3a5cb59d83 Make using msdosfs as the root file system sort of work:
o Initialize ownerships and permissions.  They were garbage (0) for
  root mounts since vfs_mountroot_try() doesn't ask for them to be set
  and msdosfs's old incomplete code to set them was removed.  The
  garbage happened to give the correct ownerships root:wheel, but it
  gave permissions 000 so init could not be execed.  Use the macros
  for root: wheel and 0755.  (The removed code gave 0:0 and 0777.  0755
  is more normal and secure, thought wrong for /tmp.)

o Check the readonly flag for initial (non-MNT_UPDATE) mounts in the
  correct place, as in ffs.  For root mounts, it is only passed in
  mp->mnt_flags, since vfs_mountroot_try() only passes it as a flag
  and nothing translates the flag to the "ro" option string.  msdosfs
  only looked for it in the string, so it gave a rw mount for root
  mounts without even clearing the flag in mp->mnt_flags, so the final
  state was inconsistent.  Checking the flag only in mp->mnt_flags
  works for initial userland mounts too.  The MNT_UPDATE case is
  messier.

The main point that should work but doesn't is fsck of msdosfs root
while it is mounted ro.  This needs mainly MNT_RELOAD support to work.
It should be possible to run fsck -p and succeed provided the fs is
consistent, not just for msdosfs, but this fails because fsck -p always
tries to open the device rw.  The hack that allows open for writing
in ffs is not implemented in msdosfs, since without MNT_RELOAD support
writing could only be harmful.  So fsck must be turned off to use
msdosfs as root.  This is quite dangerous, since msdosfs is still missing
actually using its fs-dirty flag internally, so it is happy to mount
dirty fileystems rw.

Unrelated changes:
- Fix missing error handling for MNT_UPDATE from rw to ro.
- Catch up with renaming msdos to msdosfs in a string.

Approved by:	re (kensmith)
2007-07-23 07:10:17 +00:00
delphij
0321a712a7 MFp4: When swapping is not enabled, allow creating files by taking
physical memory pages into account for tm_maxfilesize.

Reported by:	Dominique Goncalves <dominique.goncalves gmail.com>
Submitted by:	Howard Su
Approved by:	re (tmpfs blanket)
2007-07-23 06:54:58 +00:00
attilio
43113ba612 Preprocessing stub "KSE" breaks ABI either with modules and userspace
consumers.
This patch makes KSE no more an optionally stub for kernel structures
fixing the breakage.
As a tail note, this bug has broken kqemu for a long period now.

Tested by: Ulf Lilleengen <lulf@FreeBSD.org>
Discussed with: rwatson, jeff
Approved by: jeff (mentor)
Approved by: re
2007-07-22 21:35:44 +00:00
thompsa
c60c38c413 ndis will signal the kthread to exit and then sleep on the proc pointer to
be woken up by kthread_exit. This is racey and in some cases the kthread will
exit before ndis gets around to sleep so it will be stuck indefinitely. This
change reuses the kq_exit variable to indicate that the thread has gone and
will loop on tsleep with a timeout waiting for it. If the kthread has already
exited then it will not sleep at all.

Approved by:	re (rwatson)
2007-07-22 20:53:28 +00:00
njl
7e21c85784 The HPET appears to be broken on silby's Acer Pentium M system, never
advancing.  Read from the timer before attaching to be sure it advances
in 1 us.  Since the slowest rate allowed by the spec is 10 MHz, the
timer is guaranteed to change in this interval if it is working.

Tested by:	Rui Paulo
Approved by:	re
MFC after:	3 days
2007-07-22 20:45:27 +00:00
imp
c11be72a80 Change new Wi-Spy device name to Wi-Spy 2.4x.
Submitted by: Brix Andersen
Approved by: re@ (blanket)
PR: 114807
2007-07-22 18:29:18 +00:00
imp
6c9242923f WISPY added an X.
Approved by: re
2007-07-22 15:59:45 +00:00
des
c81c3fef7a Apply the same error checks to PAM_TTY in pam_sm_close_session() as in
pam_sm_open_session(), avoiding false negatives when no tty is present.

Submitted by:	Todd C. Miller <millert@courtesan.com>
Approved by:	re (rwatson)
MFC after:	2 weeks
2007-07-22 15:17:29 +00:00
des
54314403b7 Whitespace cleanup
Approved by:	re (rwatson)
2007-07-22 15:14:40 +00:00
rwatson
0b34555b1b Merge OpenBSM 1.0 alpha 15 changes to src/sys/bsm:
- Synchronized audit event list to Solaris, picking up the *at(2) system call
  definitions, now required for FreeBSD and Linux.  Added additional events
  for *at(2) system calls not present in Solaris.

Obtained from:	TrustedBSD Project
Approved by:	re (hrs)
2007-07-22 12:28:13 +00:00
rwatson
ade9d77a89 Update generated OpenBSM config.h for OpenBSM 1.0 alpha15 update.
Approved by:	re (hrs)
2007-07-22 12:22:25 +00:00
rwatson
41ed46ace0 Resolve conflicts from import of OpenBSM 1.0 alpha15 ($FreeBSD$/$P4$
conflict).

Approved by:	re (hrs)
2007-07-22 12:20:42 +00:00
rwatson
9b9afcf242 This commit was generated by cvs2svn to compensate for changes in r171537,
which included commits to RCS files with non-trunk default branches.
2007-07-22 12:18:31 +00:00
rwatson
2f3a6f61b3 Vendor import TrustedBSD OpenBSM 1.0 alpha 15, with the following change
history since the last import:

OpenBSM 1.0 alpha 15

- Fix bug when processing in_addr_ex tokens.
- Restore the behavior of printing the string/text specified while
  auditing arg32 tokens.
- Synchronized audit event list to Solaris, picking up the *at(2) system call
  definitions, now required for FreeBSD and Linux.  Added additional events
  for *at(2) system calls not present in Solaris.
- Bugs in auditreduce(8) fixed allowing partial date strings to be used in
  filtering events.

Approved by:	re (hrs)
MFC after:	3 weeks
Obtained from:	TrustedBSD Project
2007-07-22 12:18:31 +00:00
kevlo
413e0853c2 Include the <sys/sysproto.h> header which includes the prerequisite header
for AUE_NULL.

Approved by: re (kensmith)
2007-07-22 06:48:34 +00:00
kevlo
1b8c5aa248 Use bus_get_dma_tag() to obtain the parent DMA tag.
Reviewed by: sam, sephe, thompsa
Approved by: re (kensmith)
2007-07-22 06:44:10 +00:00
imp
4980b890ef Add some additional devices.
Submitted by: HPS hselasky at c2i dot net
Approved by: re (blanket)
2007-07-22 03:45:35 +00:00
rrs
1918b8aea1 - remove duplicate code from sctp_asconf.c
- remove duplicate #include <sys/priv.h> that is not under
   #ifdef FreeBSD version to allow compile on 6.1
- static analysis changes per the cisco SA tool including:
    o some SA_IGNORE comments
    o some checks for NULL before unlock.
    o type corrections int -> size_t
- Fix it so sctp_alloc_asoc takes a thread/proc argument. Without this
   we pass a NULL in to bind on implicit assoc setup and crash  :-(
Approved by:	re@freebsd.org(Ken Smith)
2007-07-21 21:41:32 +00:00
kan
5eb246dfe4 Put local symbol suppression rule into most recent (e.g. last) version
block.

Approved by:	re (kensmith)
2007-07-21 20:52:32 +00:00
kan
d137611353 Do not forget to cam_periph_unhold the peripheral before exiting
due to error.

PR:		kern/114636
Submitted by:	Tijl Coosemans
Approved by:	re (hrs)
2007-07-21 18:07:45 +00:00
rafan
bfde2cbba6 - Correctly substitute variables like @NCURSES_MAJOR@ in manual pages
PR:		doc/114711
Submitted by:	Yuri Pankov <yuri at darklight.org.ru>
Approved by:	re (bmah)
MFC after:	3 days
2007-07-21 00:27:17 +00:00
scf
8db32e8a1e Added environ-replacement detection. For programs that "clean" (i.e., su)
or replace (i.e., zdump) the environment after a call to setenv(), putenv()
or unsetenv() has been made, a few changes were made.
  - getenv() will return the value from the new environ array.
  - setenv() was split into two functions:  __setenv() which is most of the
    previous setenv() without checks on the name and setenv() which
    contains the checks before calling __setenv().
  - setenv(), putenv() and unsetenv() will unset all previous values and
    call __setenv() on all entries in the new environ array which in turn
    adds them to the end of the envVars array.  Calling __setenv() instead
    of setenv() is done to avoid the temporary replacement of the '=' in a
    string with a NUL byte.  Some strings may be read-only data.

Added more regression checks for clearing the environment array.

Replaced gettimeofday() with getrusage() in timing regression check for
better accuracy.

Fixed an off-by-one bug in __remove_putenv() in the use of memmove().  This
went unnoticed due to the allocation of double the number of environ
entries when building envVars.

Fixed a few spelling mistakes in the comments.

Reviewed by:	ache
Approved by:	wes
Approved by:	re (kensmith)
2007-07-20 23:30:13 +00:00
se
192b957360 Fix Symbios driver on amd64: Since amd64 has 64 bit pointers but the same
4KB pages as i386, data structures that just fit in one page on i386 (and
on 64 bit architectures with 8KB pages) can be distributed over two pages
on amd64. This is a porblem in the case of the Symbios driver, since the
SCRIPTS engine in the SCSI chip operates on physical addresses and needs
physically contiguous memory. Earlier patches used contigmalloc on amd64,
but this version replaces part of a structure by a pointer to that data.
In order to not introduce an extra indirection for other architectures,
the change has been made conditional on __amd64__.

Earlier attempts to repair this problem are removed (i.e. the macros that
made amd64 use contigmalloc). The fix was submitted by Jan Mikkelsen and
modified by me to only affect amd64.

PR:		89550
Submitted by:	janm at transactionware dot com (Jan Mikkelsen)
Approved by:	re (Hiroki Sato)
MFC after:	2 weeks
2007-07-20 23:02:01 +00:00