vn_open_cred invocations shall not audit namei path.
In particular, specify VN_OPEN_NOAUDIT for dotdot lookup performed by
default implementation of vop_vptocnp, and for the open done for core
file. vn_fullpath is called from the audit code, and vn_open there need
to disable audit to avoid infinite recursion. Core file is created on
return to user mode, that, in particular, happens during syscall return.
The creation of the core file is audited by direct calls, and we do not
want to overwrite audit information for syscall.
Reported, reviewed and tested by: rwatson
Note that I also added the usbdev to the list, because the 8813 version
is not yet known there. I might have twisted the sorting there but because
8813 comes before 8818, I added it before that (with _8813 to differentiate)
the item.
PR: 135628
Submitted by: Yoshikazu GOTO <goto at on-link dot jp>
Approved by: imp (mentor, implicit)
using raw IPX sockets. While functional, this support is disabled
using a flag that can't be changed from userspace, and google reveals
no documentation or use of that flag anywhere. This eliminates a
potential lock order reversal and code reentrance issue in which the
output path reentered the input path in IPX.
An alternative to removal would be to use the netisr, as a comment I
added in 2005 suggests. While this change is fairly straight-forward,
the lack of any consumers or the easy possibility of consumers (kernel
modification and recompile required) suggests that this is simply an
unused feature.
Update README to remove this TODO, and a TODO regarding IPX/IP
encapsulation which was also removed a few years ago.
MFC after: 1 week
To detect which controller is ICH based one, add a new member
variable ich to struct fxp_ident and move the struct to
if_fxpvar.h. Since I've faked controller revision, don't allow
microcode loading for ICH based controllers.
With this change all ICH based controllers will have WOL and Rx
checksum offload capability.
PR: kern/135451
Tested by: Alexey Shuvaev ( shuvaev <> physik dot uni-wuerzburg dot de ),
pluknet ( pluknet <> gmail dot com ),
Gary Jennejohn ( gary.jennejohn <> freenet dot de )
not allow multicast filter programming when controller is busy to
send/receive frames. So it used to mark need_mcsetup bit and defer
multicast filter programming until controller becomes idle state.
To detect when the controller is idle fxp(4) relied on Tx
completion interrupt with NOP command and fxp_start_body and
fxp_intr_body had to see whether pending multicast filter
programming was requested. This resulted in very complex logic and
sometimes it did not work as expected.
Since the controller should be in idle state before any multicast
filter modifications I changed it to reinitialize the controller
whenever multicast filter programming is required. This is the same
way what OpenBSD and NetBSD does. Also I added IFF_DRV_RUNNING
check in ioctl handler so controller would be reinitialized only if
it is absolutely needed.
With this change I guess we can remove fxp(4) DELAY hack in ifioctl
for IPv6 case.
upper stack in fxp_start_body().
fxp(4) drops driver lock in Rx path so check the fxp(4) is still
running after reacquiring driver lock in Rx path. Also don't
invoke fxp_intr_body if fxp(4) is not running. With this change
there is no need to set suspend bit in device attach phase.
hardware reset in attach phase. Selective reset does not clear
configured parameters so I think full hardware reset is required.
To prevent PCI bus lock-up, do selective reset first which will get
off the controller from PCI bus and request software reset after
selective reset. Software reset will unmask interrupts so disable
it after the reset.
common mbuf dma tag for both Tx and Rx path but Rx buffer should
have single DMA segment and maximum buffer size of the segment
should be less than MCLBYTES.
fxp(4) also have to check Tx completion status which was updated by
DMA so we need BUS_DMASYNC_PREREAD and BUS_DMASYNC_POSTWRITE
synchronization in Tx path. Fix all misuse of bus_dmamap_sync(9) in
fxp(4). I guess this change shall fix occasional driver breakage in
PAE environments.
While I'm here add error messages of dma tag/buffer creation and
correct messages.
getgroups for ibcs emulation. It seems vanishingly likely any
programs will actually be affected since they probably assume a much
lower value and use a static array size.
pointer to the containing mbuf. This eliminates a strong assumption
about the layout of network buffer memory, giving us greater
flexibility to revise mbuf semantics in the future.
reassembly but failed to be modernized over time:
- Use queue(9).
- Specifically allocate queue entries of type M_SPXREASSQ to point at
member mbufs, rather than casting mbuf data to 'spx_q'.
- Maintain the mbuf pointer as part of the queue entry so that we can
later free the mbuf without using dtom().
Intel agrees with my reading of the docs, make it so for all G4X chips.
The new register also has a 32 bit width as opposed to 24 bits. Fix
things up so that the counters roll over properly.
MFC after: 3 days
Now that we start to use credentials on character devices more often
(because of MPSAFE TTY), move the prison-checks that are in place in the
TTY code into devfs.
Instead of strictly comparing the prisons, use the more common
prison_check() function to compare credentials. This means that
pseudo-terminals are only visible in devfs by processes within the same
jail and parent jails.
Even though regular users in parent jails can now interact with
pseudo-terminals from child jails, this seems to be the right approach.
These processes are also capable of interacting with the jailed
processes anyway, through signals for example.
Reviewed by: kib, rwatson (older version)
not in cpu_exit(). The latter is called after td_md.md_highfp_mtx
has been destroyed, which results in a race condition when another
thread wants to use the high FP registers on the CPU that still has
the high FP registers in question.
- remove mbuf iovec - useful, but adds too much complexity when isolated to
the driver
- remove driver private caching - insufficient benefit over UMA to justify
the added complexity and maintenance overhead
- remove separate logic for managing multiple transmit queues, with the
new drbr routines the control flow can be made to much more closely resemble
legacy drivers
- remove dedicated service threads, with per-cpu callouts one can get the same
benefit much more simply by registering a callout 1 tick in the future if there
are still buffered packets
- remove embedded mbuf usage - Jeffr's changes will (I hope) soon be integrated
greatly reducing the overhead of using kernel APIs for reference counting
clusters
- add hysteresis to descriptor coalescing logic
- add coalesce threshold sysctls to allow users to decide at run-time
between optimizing for forwarding / UDP or optimizing for TCP
- add once per second watchdog to effectively close the very rare races
occurring from coalescing
- incorporate Navdeep's changes to the initialization path required to
convert port and adapter locks back to ordinary mutexes (silencing BPF
LOR complaints)
- enable prefetches in get_packet and tx cleaning
Reviewed by: navdeep@
MFC after: 2 weeks
below key_setsaval().
Without that, the lookup for the SA had failed as we were looking for
a SA with the new, updated port numbers instead of the old ones and
were comparing the ports in key_cmpsaidx().
This makes updating the remote -> local SA on the initiator work again.
Problem introduced with: p4 changeset 152114
Add necessary changes to the kernel for this (basically introduce a
bpf_zero_counters() function). As well, update the man page.
MFC after: 1 month
Discussed with: rwatson
NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024
and 1023 respectively. (Previously they were equal, but under a close
reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it
is the number of supplemental groups, not total number of groups.)
The bulk of the change consists of converting the struct ucred member
cr_groups from a static array to a pointer. Do the equivalent in
kinfo_proc.
Introduce new interfaces crcopysafe() and crsetgroups() for duplicating
a process credential before modifying it and for setting group lists
respectively. Both interfaces take care for the details of allocating
groups array. crsetgroups() takes care of truncating the group list
to the current maximum (NGROUPS) if necessary. In the future,
crsetgroups() may be responsible for insuring invariants such as sorting
the supplemental groups to allow groupmember() to be implemented as a
binary search.
Because we can not change struct xucred without breaking application
ABIs, we leave it alone and introduce a new XU_NGROUPS value which is
always 16 and is to be used or NGRPS as appropriate for things such as
NFS which need to use no more than 16 groups. When feasible, truncate
the group list rather than generating an error.
Minor changes:
- Reduce the number of hand rolled versions of groupmember().
- Do not assign to both cr_gid and cr_groups[0].
- Modify ipfw to cache ucreds instead of part of their contents since
they are immutable once referenced by more than one entity.
Submitted by: Isilon Systems (initial implementation)
X-MFC after: never
PR: bin/113398 kern/133867
Instead of locking the local unp followed by the remote unp, use the same
locking model as accept() and read lock the global link lock followed by
the remote unp while fetching the remote sockaddr.
Reported by: Mel Flynn mel.flynn of mailing.thruhere.net
Reviewed by: rwatson
MFC after: 1 week
structure. When the page is shared, the kernel mapping becomes a special
type of managed page to force the cache off the page mappings. This is
needed to avoid stale entries on all ARM VIVT caches, and VIPT caches
with cache color issue.
Submitted by: Mark Tinguely
Reviewed by: alc
Tested by: Grzegorz Bernacki, thompsa
allocator for the jumbo frames zones. This change has two benefits: (1) a
custom back-end deallocator is no longer required. UMA's standard
deallocator suffices. (2) It eliminates a potentially confusing artifact
of using contigmalloc(): The malloc(9) statistics contain bogus information
about the usage of jumbo frames. Specifically, the malloc(9) statistics
report all jumbo frames in use whereas the UMA zone statistics report the
"truth" about the number in use vs. the number free.
