Commit Graph

101673 Commits

Author SHA1 Message Date
Mike Silbersack
fa126c2954 Add the bad reset statistic (corresponds to tcp_input.c rev 1.235) 2004-04-26 02:57:33 +00:00
Mike Silbersack
80dd2a81fb Tighten up reset handling in order to make reset attacks as difficult as
possible while maintaining compatibility with the widest range of TCP stacks.

The algorithm is as follows:

---
For connections in the ESTABLISHED state, only resets with
sequence numbers exactly matching last_ack_sent will cause a reset,
all other segments will be silently dropped.

For connections in all other states, a reset anywhere in the window
will cause the connection to be reset.  All other segments will be
silently dropped.
---

The necessity of accepting all in-window resets was discovered
by jayanth and jlemon, both of whom have seen TCP stacks that
will respond to FIN-ACK packets with resets not meeting the
strict last_ack_sent check.

Idea by:        Darren Reed
Reviewed by:    truckman, jlemon, others(?)
2004-04-26 02:56:31 +00:00
Warner Losh
1c168bb710 Fix two typos from PR: 65694
1) In pci.c, we need to check the child device's state, not the parent
   device's state.
2) In acpi_pci.c, we have to run the power state change after the acpi
   method when the old_state is > new state, not the other way around.

Submitted by: Dmitry Remesov
PR: 65694
2004-04-26 02:11:38 +00:00
David E. O'Brien
a606451bd2 Use a more compact syntax for passing the "binary" options to 'ld'. 2004-04-25 20:36:44 +00:00
Andrey A. Chernov
28aec5a68c Rewrite split_lines() to operate safely
PR:             62694
Submitted by:   moulin p <moulin.p@calyopea.com>
2004-04-25 19:56:50 +00:00
David E. O'Brien
a50d1c0876 Simplify the building of our i386 'binary' boot components by directly
producing them using 'ld' options rather than post-processing with 'objcopy'.

Idea by:	Ryan Sommers <ryans@gamersimpact.com>
2004-04-25 19:50:20 +00:00
Simon L. B. Nielsen
a8abffed54 - Update description of watchdogd_enable to reflect current reality.
- Document watchdogd_flags.
2004-04-25 17:13:22 +00:00
Luigi Rizzo
b2a8ac7ca5 Another small set of changes to reduce diffs with the new arp code. 2004-04-25 15:00:17 +00:00
Simon L. B. Nielsen
42dfa03d2a mdoc(7) janitor:
- Sort SEE ALSO by section number.
- Remove redundant ','.
2004-04-25 14:13:48 +00:00
Simon L. B. Nielsen
990ca63847 mdoc(7) janitor:
- Remove EOL whitespace.
- Expand contracted words.
- Correct usage of .Fl macro.
- Use complete argument to -width.
- Remove redundant ','.
2004-04-25 14:09:38 +00:00
Luigi Rizzo
491522eade remove a stale comment on the behaviour of arpresolve 2004-04-25 14:06:23 +00:00
Luigi Rizzo
cfff63f1b8 Start the arp timer at init time.
It runs so rarely that it makes no sense to wait until the first request.
2004-04-25 12:50:14 +00:00
Yoshihiro Takahashi
944d807245 Merged from sys/isa/fd.c revision 1.270. 2004-04-25 12:43:44 +00:00
MIHIRA Sanpei Yoshiro
67f266bab9 Add support Buffalo(MELCO) USB-Key Lan Adaptor(LUA-U2-KTX) 2004-04-25 11:39:47 +00:00
MIHIRA Sanpei Yoshiro
6dc98d2539 Sync to 1.171 of usbdevs 2004-04-25 11:24:40 +00:00
MIHIRA Sanpei Yoshiro
e9d1d719e0 Add support Buffalo(MELCO) USB-Key Lan Adaptor(LUA-U2-KTX)
Submitted by:	KAWAI Kenichi <kawai.kenichi@canon.co.jp>
2004-04-25 11:21:30 +00:00
Luigi Rizzo
cd46a114fc This commit does two things:
1. rt_check() cleanup:
    rt_check() is only necessary for some address families to gain access
    to the corresponding arp entry, so call it only in/near the *resolve()
    routines where it is actually used -- at the moment this is
    arpresolve(), nd6_storelladdr() (the call is embedded here),
    and atmresolve() (the call is just before atmresolve to reduce
    the number of changes).
    This change will make it a lot easier to decouple the arp table
    from the routing table.

    There is an extra call to rt_check() in if_iso88025subr.c to
    determine the routing info length. I have left it alone for
    the time being.

    The interface of arpresolve() and nd6_storelladdr() now changes slightly:
     + the 'rtentry' parameter (really a hint from the upper level layer)
       is now passed unchanged from *_output(), so it becomes the route
       to the final destination and not to the gateway.
     + the routines will return 0 if resolution is possible, non-zero
       otherwise.
     + arpresolve() returns EWOULDBLOCK in case the mbuf is being held
       waiting for an arp reply -- in this case the error code is masked
       in the caller so the upper layer protocol will not see a failure.

2. arpcom untangling
    Where possible, use 'struct ifnet' instead of 'struct arpcom' variables,
    and use the IFP2AC macro to access arpcom fields.
    This mostly affects the netatalk code.

=== Detailed changes: ===
net/if_arcsubr.c
   rt_check() cleanup, remove a useless variable

net/if_atmsubr.c
   rt_check() cleanup

net/if_ethersubr.c
   rt_check() cleanup, arpcom untangling

net/if_fddisubr.c
   rt_check() cleanup, arpcom untangling

net/if_iso88025subr.c
   rt_check() cleanup

netatalk/aarp.c
   arpcom untangling, remove a block of duplicated code

netatalk/at_extern.h
   arpcom untangling

netinet/if_ether.c
   rt_check() cleanup (change arpresolve)

netinet6/nd6.c
   rt_check() cleanup (change nd6_storelladdr)
2004-04-25 09:24:52 +00:00
Roman Kurakin
8cd65c072e Add ng_sppp(4) to the modules build process. 2004-04-25 08:56:46 +00:00
Roman Kurakin
ca0225140d Add ng_sppp.4. 2004-04-25 08:52:26 +00:00
Alan Cox
8a3ef85721 Zero the physical page only if it is invalid and not prezeroed. 2004-04-25 07:58:59 +00:00
Bruce Evans
a3a10d1c3c Fixed breakage of the formatting operation in rev.1.266. The wrong
clause of an if-else statement was removed.

Reviewed by:	no response from maintainer in 12 days
2004-04-25 04:33:56 +00:00
Marcel Moolenaar
b4f00e0bb7 Don't mask TCD in IMR0 when we initialize the channel. Doing so makes
it impossible to check the interrupt status bit when we try to get a
character in the low level console code.
2004-04-25 04:30:40 +00:00
Hiten Pandya
024035e822 The paper "Hashed Timers and Hierarchical Wheels: Data Structures for the
Efficient Implementation of a Timer Facility" was co-author'ed by T. Lauk,
not A. Lauk.

Adjust nearby whitespace.
2004-04-25 04:10:17 +00:00
David Schultz
be3930682a Hide FLT_EVAL_METHOD and DECIMAL_DIG in pre-C99 compilation
environments.

PR:		63935
Submitted by:	Stefan Farfeleder <stefan@fafoe.narf.at>
2004-04-25 02:36:29 +00:00
David Schultz
8f3f7c66d0 Make sure that symbols are declared in math.h iff the appropriate
namespaces are visible.  Previously, math.h failed to hide some C99-,
XSI-, and BSD-specific symbols in certain compilation environments.

The referenced PR has a nice listing of the appropriate conditions for
making symbols visible in math.h.  The only non-stylistic difference
between the patch in the PR and this commit is that I superfluously
test for __BSD_VISIBLE in a few places to be more explicit about which
symbols have historically been part of the FreeBSD environment.

PR:		65939
Submitted by:	Stefan Farfeleder <stefan@fafoe.narf.at>
2004-04-25 02:35:42 +00:00
David Schultz
334c760eea Remove a stale comment referring to values.h, which has never been
part of FreeBSD.

PR:		65939
2004-04-25 02:32:46 +00:00
Luigi Rizzo
490b9d88fa fix one typo and remove one wrong line 2004-04-25 01:39:00 +00:00
Thomas Moestl
2699b91e48 Some code cleanup:
- Fix some comments; remove numerous superfluous or outdated ones.
- Correctly pass on the requesting device when handing requests up
  to the parent bus.
- Use the complete device name, including unit number, to build the
  IOMMU instance name.
- Inline a function that was only used once, and was trivial.
2004-04-25 00:30:28 +00:00
Thomas Moestl
1822d00dc3 Prefix a printf with the device name. 2004-04-25 00:08:15 +00:00
Lukas Ertl
4e72cdbdc6 Plug a mem leak in vinum_scandisk().
Approved by:    grog (mentor)
2004-04-24 23:41:21 +00:00
Luigi Rizzo
769270223c Correct and extend the description of the behaviour of rt_check(). 2004-04-24 23:34:56 +00:00
Luigi Rizzo
3916ebe8f0 document the locking behaviour of the functions that access
the routing table.
2004-04-24 23:34:04 +00:00
Alan Cox
e265f05414 Add a VM_OBJECT_LOCK_ASSERT() call. Remove splvm() and splx() calls. Move
a comment.
2004-04-24 23:23:36 +00:00
Luigi Rizzo
3fefbff0c2 arpcom untangling:
consistently with the rest of the code, use IFP2AC(ifp) to access
the arpcom structure given the ifp.

In this case also fix a difference in assumptions WRT the rest of
the net/ sources: it is not the 'struct *softc' that starts with a
'struct arpcom', but a 'struct arpcom' that starts with a
'struct ifnet'
2004-04-24 22:24:48 +00:00
Luigi Rizzo
56f7062728 arpcom untangling:
do not use struct arpcom directly, rather use IFP2AC(ifp).
2004-04-24 22:11:13 +00:00
Roman Kurakin
0a6818e29c Connect ng_sppp to the build process. 2004-04-24 22:03:02 +00:00
Luigi Rizzo
49572c5b0d arpcom untangling:
- use ifp instead if &ac->ac_if in a couple of nd6* calls;
   this removes a useless dependency.

 - use IFP2AC(ifp) instead of an extra variable to point to the struct arpcom;
   this does not remove the nesting dependency between arpcom and ifnet but
   makes it more evident.
2004-04-24 21:59:41 +00:00
Alan Cox
2ec91846fd Update the comment describing vm_page_grab() to reflect the previous
revision and correct some of its style errors.
2004-04-24 21:36:23 +00:00
Alan Cox
7ef6ba5d27 Push down the responsibility for zeroing a physical page from the
caller to vm_page_grab().  Although this gives VM_ALLOC_ZERO a
different meaning for vm_page_grab() than for vm_page_alloc(), I feel
such change is necessary to accomplish other goals.  Specifically, I
want to make the PG_ZERO flag immutable between the time it is
allocated by vm_page_alloc() and freed by vm_page_free() or
vm_page_free_zero() to avoid locking overheads.  Once we gave up on
the ability to automatically recognize a zeroed page upon entry to
vm_page_free(), the ability to mutate the PG_ZERO flag became useless.
Instead, I would like to say that "Once a page becomes valid, its
PG_ZERO flag must be ignored."
2004-04-24 20:53:55 +00:00
Poul-Henning Kamp
63224f60c3 Add a FreeBSD MIB with a few branches we can hang things from. 2004-04-24 19:54:55 +00:00
Hiroki Sato
c5d76ff8a6 New release note:
acpi_asus(4) added,
	versrcreach option of ipfw(4), and
	Israel Hebrew locale he_IL.UTF-8 added.

Update release note:
	The random ephemeral port allocation can be disabled using
	the net.inet.ip.portrange.randomized sysctl.

MFC:
	ng_hub(4),
	vr(4) polling support,
	per-interface polling(4) support, and
	random ephemeral port allocation.
2004-04-24 17:30:32 +00:00
Søren Schmidt
494377df3d Try the simplify determining what is ata0 and ata1.
Remove the PCI native addressing code, it eed to be run before we even
have control in the ATA driver and should be moved to the pci code.
2004-04-24 16:32:06 +00:00
Nate Lawson
c0b9a6de4a Disable interrupts while testing the timer. Not doing this unnecessarily
added an arbitrary delay to our readings, causing us to use the ACPI-safe
read method when not necessary.  Submitted by: bde

Old:
ACPI timer looks GOOD min = 3, max = 5, width = 2
ACPI timer looks BAD  min = 3, max = 19, width = 16
ACPI timer looks GOOD min = 3, max = 5, width = 2
ACPI timer looks GOOD min = 3, max = 5, width = 2
ACPI timer looks GOOD min = 3, max = 5, width = 2
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 5, width = 2
ACPI timer looks BAD  min = 3, max = 19, width = 16
ACPI timer looks GOOD min = 3, max = 5, width = 2
ACPI timer looks GOOD min = 3, max = 4, width = 1
Timecounter "ACPI-safe" frequency 3579545 Hz quality 1000

New:
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
ACPI timer looks GOOD min = 3, max = 4, width = 1
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000

Also, reduce unnecesary overhead in ACPI-fast by remove the barrier for
reads.  The timer in the ACPI-fast case is known to increase monotonically
so there is no need to serialize access to it.
2004-04-24 16:25:00 +00:00
Søren Schmidt
3b53326f69 Change setup for SiS device to allow PCI native mode. 2004-04-24 15:54:20 +00:00
Maxim Sobolev
f6520c9c48 Add IC Book Labs Gunboat x2 and x4 series of serial adapters.
Hardware provided by:	IC Book Labs
MFC After:	2 weeks
2004-04-24 13:04:00 +00:00
Simon L. B. Nielsen
6ff58bbd12 Add Sandberg USB to Network Link to the list of supported devices. 2004-04-24 12:30:59 +00:00
Mike Makonnen
afa647196b Unconditionaly initialize any spin lock passed to pthread_spin_init(). While
makeing sure the spinlock isn't already in use might be a nice feature to
have in theory, it's hard to implement in practice since the passed in
pointer may not be NULL, but still be an invalid value (i.e. 1..2..3.. etc).
2004-04-24 09:38:41 +00:00
Bruce Evans
97d114726d Fixed some style bugs (useless forward declarations of structs and
misplaced forward declarations of structs).  This also reduces namespace
pollution (the misplaced declarations were declared in the !_KERNEL case
when they are not used).
2004-04-24 06:44:33 +00:00
Marcel Moolenaar
c050455eac Fix build for non-COMPAT_FREEBSD4 configurations. Make the FreeBSD 4
statfs functions conditional upon the option.
2004-04-24 04:31:59 +00:00
Alan Cox
4da4d293df In cases where a file was resident in memory mmap(..., PROT_NONE, ...)
would actually map the file with read access enabled.  According to
http://www.opengroup.org/onlinepubs/007904975/functions/mmap.html this is
an error.  Similarly, an madvise(..., MADV_WILLNEED) would enable read
access on a virtual address range that was PROT_NONE.

The solution implemented herein is (1) to pass a vm_prot_t to
vm_map_pmap_enter() describing the allowed access and (2) to make
vm_map_pmap_enter() responsible for understanding the limitations of
pmap_enter_quick().

Submitted by:	"Mark W. Krentel" <krentel@dreamscape.com>
PR:		kern/64573
2004-04-24 03:46:44 +00:00