Jake Burkholder [Mon, 24 Feb 2003 20:29:52 +0000 (20:29 +0000)]
- Removed UMAXPTDI and UMAXPTEOFF.
- Changed VM_MAXUSER_ADDRESS to be defined in terms of PTDPTDI. In order for
assumptions about the recursive page table map to work it must be the base
of the recursive map. Any pte offset that's not NPTEPG will break these
assumptions.
Ruslan Ermilov [Mon, 24 Feb 2003 20:09:16 +0000 (20:09 +0000)]
Ensure that build-tools end up in the object directory different
from the source directory. (This mostly affects the RELENG_4's
``make release'' release.5 target, where "rtermcap" build-tool
for release/sysinstall ends up in the source directory and later
steps of release.5 wipe it out.)
David Schultz [Mon, 24 Feb 2003 08:51:31 +0000 (08:51 +0000)]
- Add a clearer error message for the case where swapon hits the
NSWAPDEV limit.
- Don't warn about devices that are not in use in 'swapoff -a'.
- Re-add behavior mistakenly removed in revision 1.44:
If using 'swapon -a', do not warn if the device is already in use.
PR: 46633
Submitted by: Andy Farkas <andyf@speednet.com.au> (in part)
Reviewed by: mike (mentor)
David Schultz [Mon, 24 Feb 2003 08:49:59 +0000 (08:49 +0000)]
Expand the reference count on struct dquot to 32 bits.
This fixes a panic on large systems where a single user
may have more than 64K active or inactive vnodes.
Marcel Moolenaar [Mon, 24 Feb 2003 08:07:05 +0000 (08:07 +0000)]
Third attempt at removing machdep.h and using ALIGN from <sys/param.h>.
The initial stack_block is staticly allocated and will be aligned
according to the alignment requirements of pointers, which does not
necessarily match the alignment enforced by ALIGN. To solve this a
more involved change is required: remove the static initial stack
and deal with an initial condition of not having a stack at all. This
change is therefore more risky than the previous ones, but unavoidable
(other than not using the platform default alignment).
Discussed with: tjr
Approved and reviewed by: tjr
Tested on: alpha, i386, ia64 and sparc64
Sam Leffler [Mon, 24 Feb 2003 06:10:50 +0000 (06:10 +0000)]
o add -b option to enable batching
o add #ifdef __FreeBSD__'s around the profiling so the code compiles on openbsd
o update a comment about expected performance for Broadcom hardware
Sam Leffler [Mon, 24 Feb 2003 06:03:13 +0000 (06:03 +0000)]
o instead of applying arbitrary tunables, just honor the COP_F_BATCH
flag that can be marked on each symmetric op
o eliminate hw.ubsec.maxbatch and hw.ubsec.maxaggr since they are not
needed anymore
o change ubsec_feed to return void instead of int since zero is always
returned and noone ever looked at the return value
Scott Long [Mon, 24 Feb 2003 05:46:55 +0000 (05:46 +0000)]
Don't NULL out p_fd until after closefd() has been called. This isn't
totally correct, but it has caused breakage for too long. I welcome
someone with more fd fu to fix it correctly.
1) Fix so -a honors the -n ("do nothing") option. Before, if the directory
given for -a did not exist, then newsyslog would always try to create
it, even if -n was specified.
2) When -a processing *does* create the directory, have it check the result
from mkdir(), and immediately error-out if that failed.
Add the idea of a "default rotate action", which will be used if a file is
specified at runtime, but that filename is not listed in the newsyslog.conf
file. This default-action can be changed by having a line in newsyslog.conf
with the filename of "<default>". Before this change, the program would
quietly ignore the given file. An update to the man page will be written
after I finish some other updates to newsyslog.c.
Reviewed by: no objections from freebsd-arch
MFC after: 3 weeks
Jake Burkholder [Mon, 24 Feb 2003 00:39:50 +0000 (00:39 +0000)]
Use the direct mapping of IdlePTD setup in locore for proc0's page directory,
instead of allocating another page of kva and mapping it in again. This was
likely an oversight in revision 1.174 (cut and paste from pmap_pinit).
Marcel Moolenaar [Sun, 23 Feb 2003 23:09:17 +0000 (23:09 +0000)]
Use the correct size for reading and writing the PCI config space.
Reading the PCI config space with the wrong (larger) size is not
a problem in this case, but writing can be as it clobbers unrelated
registers. In this case the clobbering is for reserved fields, which
too is mostly harmless... for now. Hence, this change is mostly
preventive in nature.
Chris Costello [Sun, 23 Feb 2003 21:47:03 +0000 (21:47 +0000)]
o Improve vocabulary/wording
o Expand on MAC policy enforcement on network interfaces
o Add cross-references to su(1) and setfsmac(8) where appropriate
o Comment out mmap revocation sysctls as they are a bit too experimental
o Add the standard BUGS section
If more than one argument were given on the command line, interpret the
additional arguments as a series of architectures to build. This is
useful for running subsets of a particular configuration.
Jake Burkholder [Sun, 23 Feb 2003 21:20:00 +0000 (21:20 +0000)]
- Added macros NPGPTD, NBPTD, and NPDEPTD, for dealing with the size of the
page directory.
- Use these instead of the magic constants 1 or PAGE_SIZE where appropriate.
There are still numerous assumptions that the page directory is exactly
1 page.
Brian Feldman [Sun, 23 Feb 2003 20:49:45 +0000 (20:49 +0000)]
It seems that sound(4)'s feeder routines don't need to allocate memory
without waiting, since they are called from a system-call context only.
This appears to fix all sorts of problems with open("/dev/dsp", O_WRONLY)
randomly returning ENXIO.
Mike Silbersack [Sun, 23 Feb 2003 19:04:23 +0000 (19:04 +0000)]
Improve the security and performance of syncookies:
Security improvements:
- Increase the size of each syncookie secret from 32 to 128 bits
in order to make brute force attacks on the secrets much more
difficult.
- Always return the lowest order dword from the MD5 hash; this
allows us to expose 2 more bits of the cookie and makes ACK
floods which seek to guess the cookie value more difficult.
Performance improvements:
- Increase the lifetime of each syncookie from 4 seconds to 16
seconds. This increases the usefulness of syncookies during
an attack.
- From Yahoo!: Reduce the number of calls to MD5Update; this
results in a ~17% increase in cookie generation time here.
David Malone [Sun, 23 Feb 2003 16:54:19 +0000 (16:54 +0000)]
Under some unusual conditions, inetd can leak a open file discriptor
into a child process. Rather than closing the discriptors manually,
mark all discriptors as close-on-exec.
David Malone [Sun, 23 Feb 2003 16:49:14 +0000 (16:49 +0000)]
After calling login_getclass, be sure to call login_close so that
we don't leak memory. Only one of these two cases (reconfig) actually
causes a leak because the other is usually followed by an exec.
PR: 46845
Reviewed by: David Wang <dsw@juniper.net>
MFC after: 2 weeks
Robert Watson [Sun, 23 Feb 2003 14:30:17 +0000 (14:30 +0000)]
Add an implementation of strdup() to libkern. Allocated memory is of
type M_STRING, now defined in malloc.h. Useful when string parsing
must occur using the kernel strsep() and we want to avoid toasting
the source string.