some (hopefully) less offensive stupidity:
If we detect that a user has loaded a module that fails to initialize
itself correctly, panic. There really isn't a safe way to recover from
something like this; we can't know that the module is bad until after
the entry point is called, by which time it's too late to do anything
about it.
- Add $Id$ string.
- Fix comment ("we might *not* be able to unload the
module afterwards without panicking...")
- Get rid of variable 'j' that I used in name checking
for(;;) loop and use 'i' instead (I thought there'd be
a problem with this, but there isn't).
got a 2.2 version DC21040 chip in my SMC ethernet card! He suggests bumping
the check all the way down to 2.0 since it's pre-2.0 we're actually guarding
against.
Submitted by: Matt Thomas <matt@lkg.dec.com>
if_tun_mod, etc...) from crashing the system. These modules are useful,
but because they don't yet have proper load()/unload() functions,
they can lead to panics: if, for example, you load the if_ppp module,
any user can panic the system by running modstat.
You can also hang the system outright if you try to unload the PPP
module too.
Changes are as follows:
- Save the name passed to us during the RESERVE stage for name matching
(we can't load if_ppp_mod twice: we've have two ppp0's and two ppp1's,
which is beyond strange). This makes the lkmexists() cheks somewhat
redundant, but there's no way around it that I can see.
- If we call the module entry point and find that we have no lkm_any
structure in our 'private' section, create a fake one. This keeps
modstat happy. We mark such modules as LM_UNKNOWN.
- Don't allow LM_UNLOAD modules to be unloaded: it just ain't
possible. (Unless someone wants to write a pppunattach() function. :( )
- In lkmunreserve(), mark private.lkm_any as NULL so we don't get
confused later. I think this is bogus, but I can't prove it.
XXX: the name matching used to keep the user from loading two
instances of the same module can easily be defeated simply by
changing the module name or, in the case of the oddball modules,
simply by renaming the module files. I haven't found a nice simple
way to tell one module from another.
interested parties.
Make the loader refuse to load anything below 1 MB -- we didn't
support it since FreeBSD 2.0R. Avoid gratuitously wiping out the BIOS
variables or the loader.
the kernel at 0-640k; we haven't had the ability to do that since before
2.0R. Furthermore, I fail to see how putting an instruction at 0 and then
doing a .org 0x500 is going to prevent the stuff from getting clobbered
in the first place; a.out is just too stupid to know about sparse address
spaces.
is necessary in order for panic+sync to work. Will also gloss over a panic
that Jordan was having with the install floppies that remains unexplainable.
2) Handle "bogus_page" a little better.
3) Set page protection to VM_PROT_NONE if the entire page has become !valid.
Submitted by: John Dyson (2&3), me (1).
1) Rewrote screwy code that uses an incore buffer without making it busy.
2) Use B_CACHE instead of B_DONE in cases where it is appropriate.
3) Minor code optimization.
This *might* fix kern/345 submitted by Heikki Suonsivu.
pages that are in FS buffers. This fixes the (believed to already have been
fixed) problem with msync() not doing it's job...in other words, the
stuff that Andrew has continuously been complaining about.
Submitted by: John Dyson, w/minor changes by me.
is identical to the older version, just the copyright has changed. Many
thanks go to Dean Gehnert of the Linux camp who went the extra mile to make
this happen.
Other changes:
Update assembler man page to include the -v and -D options
Merge in Dean's latest changes to the assembler
Have the sequencer do a MSG_REJECT when the negotiated syncronous rate
is lower than the adapter supports. This forces asyncronous mode which
is faster at these rates anyway.
This code will be moved shortly to the non-gpld portion of the tree.
Previously, this worked right if both AUTO_EOI_1 and AUTO_EOI_2 are
defined, but not if AUTO_EOI_1 is defined and AUTO_EOI_2 is not defined.
The latter case should be the default. DUMMY_NOPS should be the default
too. Currently there are only two NOPs slowing down rtcin() (although
there are no delays in writertc()) and several FASTER_NOPs slowing down
interrupt handling in vector.s.
Fix stack offsets for the (previously) unused untested
FAST_INTR_HANDLER_USES_ES case.
through a temporary buffer instead of one character at a time. The old
method takes about 6 usec/char on a 486DX2/66. This is larger than than
the combined interrupt and PIO overhead for a 16550!
This change was first implemented in 1.1.5. It was rewritten for 2.1.
The clist access functions allow a simpler implementation at some cost
in correctness and speed. There needs to be an ungetc() function to
recover from EFAULT, and it wastes time to copy through a temporary
buffer.
Don't snoop on single characters that weren't read due to EFAULT.
Rewrite a snoop comment in my approximation to English.
Undo bogus exportation of ttnread().
OBUFSIZ should be increased to the same value as IBUFSIZE (both are
smaller than desirable because they have to fit on the stack), but
there are currently problems with magic buffer limits and watermarks.
Remove unused #define of TTMASK.
Undo bogus exportation of ttnread().
This should NOT go into 2.0.5 /phk
Support disk slices. This involves mainly replacing inline code with
function calls. Support for ST506 drives is temporarily broken since
the `setgeom' arg to dsopen() is not implemented completely enough to
use. The `setgeom' arg will go away and ST506 drives will be supported
in another way. A large amount of dead code is left in wdopen() as a
reminder of the problems here.
Close the device in wdsize(). Open tracking was broken on all drives
with a swap device.
Remove support for soft write protection. There are no ioctls to set
it. It was used to disable writing to unlabelled disks, but we want
to support writing to foreign partitions on unlabeled disks.
Use generic dkbad routines to do about 2/3 of the work for supporting
bad144.
Improve disk statistics: estimate 4MB/sec instead of 8MB/sec for
the transfer rate (ISA max is 4MB/sec, old IDE max is 3.3MB/sec);
fix dk_xfer[] (it counted sectors, not transfers); keep the estimate
dk_seek[] = dk_xfer[] (was sectors, is now transfers); only count
words actually transferred (the count is still too high after a
failed write and after retries). Remove wdxfer[].
Fix indentation in wdattach(). Fix resulting botched printing of the
disk size for ST506 drives. Print the disk geometry less cryptically.
o Fix the keyboard probe to properly wait for the ready bit before
sending a command to the keyboard controller. This should avoid the
problems some people are experiencing where the boot blocks hang the
system during keyboard probe. (It does solve it for me.)
o Fix a bug that effectively prevented the boot blocks from ever
passing control to the serial console. [while(--retries) instead of
while(retries--)]
o Gratuitously reduced the keyboard probe timeout from 500 to 5
seconds. :)
o Introduced a new option ``FORCE_COMCONSOLE'' as a commented-out
example in the Makefile, to force the usage of a serial console
regardless of a keyboard being connected or not.
o Moved all external declarations to boot.h, declared all functions
there, and ANSIfied all function declarations/definitions.
(printf() remains bogus, however -- i'm too lazy to fix this.)
We're in the ninetees, dunno why we should still support compilers
from the 70's.
and #if defined (I586_CPU) thingies into identifycpu() so that we only
compile in what's actually needed for a given CPU. So far as I can tell,
none of my 386 machines generate a cpu_vendor code, so I made the extra vendor
and feature line conditional on I486_CPU and I586_CPU. (Otherwise we
print out a blank line which looks silly.)
at least one user out there who's system won't autoboot from the
serial console because of what sounds like 'phantom keystrokes'
making the timeout timer trip. I've tried to solve this by
adding an extra call to init_serial() right before the 'Boot:'
prompt is printed (done only if RB_SERIAL is set) to hopefully
make sure that the input buffer is clear. Unfortunately, the fellow
is in Germany and I haven't heard back from him yet. I haven't
been able to duplicate this problem on my hardware, so this is
a stab in the dark. At the very least, it shouldn't hurt anything.
kernels with 'options I586_CPU.'
The declaration for pentium_mhz is hidden inside an #ifdef I586_CPU,
but machdep.c refers to it whether I586_CPU is defined or not. This
temporary hack puts the offending code inside an #ifdef I586_CPU as
well so that a kernel without it will successfully compile.
I must emphasize the word 'temporary:' somebody needs to seriously
beat on the identifycpu() function with an #ifdef stick so that
I386_CPU, I486_CPU and I586_CPU will do the right things.
Dropping into the debugger when a break comes down the serial line is a
>MISFEATURE (1st class)< and has been put under it's own #ifdef. This
should be a magic sequence of chars instead.
For those where it was easy, drivers were also fixed to call
dev_attach() during probe rather than attach (in keeping with the
new design articulated in a mail message five months ago). For
a few that were really easy, correct state tracking was added as well.
The `fd' driver was fixed to correctly fill in the description.
The CPU identify code was fixed to attach a `cpu' device. The code
was also massively reordered to fill in cpu_model with somethingremotely
resembling what identifycpu() prints out. A few bytes saved by using
%b to format the features list rather than lots of ifs.
Fix PR 303: msdosfs: moving a file into another directory causes panic.
" ... the code that does the rename already has the denode
locked when msdosfs_hashins() gets called, resulting in the panic
when the routine attempts to lock the denode again.
...
The attached patch changes the msdosfs_hashins() routine to not lock the
denode. The caller is now resposible for obtaining the lock instead
of having msdosfs_hashins() do it for them."
don't lock the vnode - it doesn't appear to ever be necessary for VCHR
vnode/inodes. This fixes a bug introduced in the previous commit that
caused tty timestamps to act strange (causing 'w' and 'finger' to show
the tty wasn't idle when it may have been for hours).
