Robert Watson [Tue, 14 May 2002 18:57:55 +0000 (18:57 +0000)]
Modify the arguments to syncache_socket() to include the mbuf (m) that
results in the syncache entry being turned into a socket. While it's
not used in the main tree, this is required in the MAC tree so that
labels can be propagated from the mbuf to the socket. This is also
useful if you're doing things like transparent IP connection hijacking
and you want to use the syncache/cookie mechanism, but we won't go
there.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Ian Dowse [Tue, 14 May 2002 17:14:01 +0000 (17:14 +0000)]
Following a repo-copy from src/sys/ufs/ufs, rename functions and
structures etc. to ext2fs-specific names, and remove ufs-specific
code that is no longer required. As a first stage, the code will
still convert back and forth between the on-disk format and struct
inode, so the struct dinode fields have been added to struct inode
for now.
Note that these files are not yet connected to the build.
Mark Murray [Tue, 14 May 2002 16:06:50 +0000 (16:06 +0000)]
As the perl-generated assembler files have been committed, add the
perl-generated (.pod) manual pages too. This is another nail in the
perl5 coffin (for base perl, not the port or the language in general).
Robert Watson [Tue, 14 May 2002 14:36:09 +0000 (14:36 +0000)]
Strategic diff reduction against TrustedBSD MAC branch: introduce an
additional system boot ordering entry, SI_SUB_MAC_LATE, which occurs
after all MAC policies have been initialized, permitting the MAC
subsystem to take action once all "early loaded" modules are in place.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Ruslan Ermilov [Tue, 14 May 2002 13:59:33 +0000 (13:59 +0000)]
Split release.2 into two stages. release.2 now install the base
dist, while release.3 makes and installs crypto, krb4, and krb5
dists. This makes release.3 restartable (with "make rerelease").
Brian Somers [Tue, 14 May 2002 12:55:39 +0000 (12:55 +0000)]
o Clean up some #includes
o Bump version number to 3.0.4
o When talking to a RADIUS server, provide a NAS-Port-Type.
When the NAS-Port-Type is Ethernet, provide a NAS-Port value equal
to the SESSIONID from the environment in direct mode or the
NGM_PPPOE_SESSIONID message in other modes. If no SESSIONID is found,
default to the interface index in client mode or zero in server mode.
When the NAS-Port-Type is ISDN, set the NAS-Port to the minor number
of the physical device (ie, the N in /dev/i4brbchN).
This makes it easier for the RADIUS server to identify the client
WRT accounting data etc.
Kenneth D. Merry [Tue, 14 May 2002 04:32:02 +0000 (04:32 +0000)]
string cleanup:
- fix a potential overrun made worse by rev 1.5 of camlib.h
- change strncpy() and strcpy() calls to strlcpy()
- use sizeof(string[]) instead of STRING_LEN to avoid future problems
- get rid of an unused variable
Thanks to BDE for pointing out some of the problems.
Bruce Evans [Mon, 13 May 2002 14:34:47 +0000 (14:34 +0000)]
Fixed a semantic error. va_arg(ap, u_short) is nonsense except on i386's
with 16-bit ints, since u_short is promoted when it is passed to a
varargs function. gcc now warns about this. We always pass small
integers (this is well obuscated), so there are no conversion problems.
Bruce Evans [Mon, 13 May 2002 14:11:33 +0000 (14:11 +0000)]
Don't include <stddef.h> "For offsetof". This is not even wrong in
-current, since offsetof() is defined a header under /sys so that
system sources don't need to have this wrong include.
This bug was only detected because my version of <stddef.h> has some
spelling fixes (s/field/member/g) and gcc is now sensitive to the spelling
of arg names in macros as required by standards (ISO C90 6.8.3...).
Bruce Evans [Mon, 13 May 2002 12:39:46 +0000 (12:39 +0000)]
Fixed syntax errors (garbage after #endif; just editing errors in this
case). These errors and related style bugs swere cloned from ufs
shortly after they were committed to ufs. They were mostly fixed in
ufs long ago.
Ruslan Ermilov [Mon, 13 May 2002 10:53:24 +0000 (10:53 +0000)]
Major cleanup of bsd.lib.mk.
Get rid of the INTERNALSTATICLIB knob and just use plain INTERNALLIB.
INTERNALLIB now means to build static library only and don't install
anything. Added a NOINSTALLLIB knob for libpam/modules. To not
build any library at all, just do not set LIB.
Luigi Rizzo [Mon, 13 May 2002 10:37:19 +0000 (10:37 +0000)]
Add ipfw hooks to ether_demux() and ether_output_frame().
Ipfw processing of frames at layer 2 can be enabled by the sysctl variable
net.link.ether.ipfw=1
Consider this feature experimental, because right now, the firewall
is invoked in the places indicated below, and controlled by the
sysctl variables listed on the right. As a consequence, a packet
can be filtered from 1 to 4 times depending on the path it follows,
which might make a ruleset a bit hard to follow.
I will add an ipfw option to tell if we want a given rule to apply
to ether_demux() and ether_output_frame(), but we have run out of
flags in the struct ip_fw so i need to think a bit on how to implement
this.
to upper layers
| |
+----------->-----------+
^ V
[ip_input] [ip_output] net.inet.ip.fw.enable=1
| |
^ V
[ether_demux] [ether_output_frame] net.link.ether.ipfw=1
| |
+->- [bdg_forward]-->---+ net.link.ether.bridge_ipfw=1
^ V
| |
to devices
o Uncapitalize .Nd macro arguments and remove punctuation
o Minor grammar fixes.
o Sort SEE ALSO references, and add iostat(8).
o Delete punctuation at end of AUTHORS' section only line
Tim J. Robbins [Mon, 13 May 2002 08:03:20 +0000 (08:03 +0000)]
If we can't change the scheduling priority, warn but still execute
the requested utility. This is how nice(1) traditionall behaved,
and the behaviour required by SUSv3 and POSIX.2 UPE.
Submitted by: Peter Avalos <pavalos@theshell.com> (partially)
Reviewed by: mike
Alfred Perlstein [Mon, 13 May 2002 07:58:15 +0000 (07:58 +0000)]
Don't use PAGE_SIZE in userland, instead use getpagesize(), this is to
allow running on other arches when the instructions are supported but
the page size granularity is not.
Jeff Roberson [Mon, 13 May 2002 05:08:18 +0000 (05:08 +0000)]
Don't call the uz free function while the zone lock is held. This can lead
to lock order reversals. uma_reclaim now builds a list of freeable slabs and
then unlocks the zones to do all of the frees.
Jeff Roberson [Mon, 13 May 2002 04:39:28 +0000 (04:39 +0000)]
Remove the hash_free() lock order reversal. This could have happened for
several reasons before. Fixing it involved restructuring the generic hash
code to require calling code to handle locking, unlocking, and freeing hashes
on error conditions.