Marcel Moolenaar [Sun, 20 Oct 2002 06:00:09 +0000 (06:00 +0000)]
Define IVT_ENTRY and IVT_END as special versions of ENTRY and END
for defining vectors. As a result, each vector will be a global
function with unwind directives to notify the unwinder that we're
in an interrupt handler. In the debugger this will show up something
like:
Debugger(0xe000000000a211d8, 0xe000000000748960) at Debugger+0x31
panic(0xe000000000a36858, 0xe0000000021d32d0, 0xe000000000ae42e8, ...
trap(0x14, 0x100000, 0xe0000000021d32d0, 0x0, 0xa0000000002095f0, ...
ivt_Data_TLB(0x14, 0x100000, 0xe0000000021d32d0) at ivt_Data_TLB+0x1f0
Robert Watson [Sun, 20 Oct 2002 03:41:09 +0000 (03:41 +0000)]
If MAC_MAX_POLICIES isn't defined, don't try to define it, just let the
compile fail. MAC_MAX_POLICIES should always be defined, or we have
bigger problems at hand.
Greg Lehey [Sun, 20 Oct 2002 02:12:46 +0000 (02:12 +0000)]
Clarify holidays which apply only to the USA
Clarify that the USSR no longer exists, but some of the holidays are
celebrated anyway.
Reviewed in part by: ru
Remove Jewish and most Muslim holidays. They're all wrong, since they
don't apply to the Western calendar. The much more complete Jewish
holidays are in calendar.judaic. The Muslim holidays need to be
collected into a file, but there's not much point in having the wrong
date.
Remove many Fiji holidays. They change every year by Government
decree, and some were duplicated as a result.
Remove some duplicates.
There's still a lot to be done; in particular, I think the Japanese
and British holidays are very inaccurate. This file needs checking by
people who know the details.
Alexander Kabaev [Sat, 19 Oct 2002 23:03:35 +0000 (23:03 +0000)]
Change the symbol lookup order to search RTLD_GLOBAL objects
before referencing object's DAG. This makes it possible for
C++ exceptions to work across shared libraries and brings
us closer to the search order used by Solaris/Linux.
Peter Wemm [Sat, 19 Oct 2002 22:09:23 +0000 (22:09 +0000)]
Grab 416/417 real estate before I get burned while testing again.
This is for the not-quite-ready signal/fpu abi stuff. It may not see
the light of day, but I'm certainly not going to be able to validate it
when getting shot in the foot due to syscall number conflicts.
Robert Watson [Sat, 19 Oct 2002 21:25:51 +0000 (21:25 +0000)]
Add a new 'NOMACCHECK' flag to namei() NDINIT flags, which permits the
caller to indicate that MAC checks are not required for the lookup.
Similar to IO_NOMACCHECK for vn_rdwr(), this indicates that the caller
has already performed all required protections and that this is an
internally generated operation. This will be used by the NFS server
code, as we don't currently enforce MAC protections against requests
delivered via NFS.
While here, add NOCROSSMOUNT to PARAMASK; apparently this was used at
one point for name lookup flag checking, but isn't any longer or it
would have triggered from the NFS server code passing it to indicate
that mountpoints shouldn't be crossed in lookups.
Robert Watson [Sat, 19 Oct 2002 21:06:57 +0000 (21:06 +0000)]
Add a placeholder for the execve_mac() system call, similar to SELinux's
execve_secure() system call, which permits a process to pass in a label
for a label change during exec. This permits SELinux to change the
label for the resulting exec without a race following a manual label
change on the process. Because this interface uses our general purpose
MAC label abstraction, we call it execve_mac(), and wrap our port of
SELinux's execve_secure() around it with appropriate sid mappings.
Robert Watson [Sat, 19 Oct 2002 20:30:12 +0000 (20:30 +0000)]
Make sure to clear the 'registered' flag for MAC policies when they
unregister. Under some obscure (perhaps demented) circumstances,
this can result in a panic if a policy is unregistered, and then someone
foolishly unregisters it again.
Robert Watson [Sat, 19 Oct 2002 20:25:57 +0000 (20:25 +0000)]
Hook up most of the MAC entry points relating to file/directory/node
creation, deletion, and rename. There are one or two other stray
cases I'll catch in follow-up commits (such as unix domain socket
creation); this permits MAC policy modules to limit the ability to
perform these operations based on existing UNIX credential / vnode
attributes, extended attributes, and security labels. In the rename
case using MAC, we now have to lock the from directory and file
vnodes for the MAC check, but this is done only in the MAC case,
and the locks are immediately released so that the remainder of the
rename implementation remains the same. Because the create check
takes a vattr to know object type information, we now initialize
additional fields in the VATTR passed to VOP_SYMLINK() in the MAC
case.
Marcel Moolenaar [Sat, 19 Oct 2002 19:30:38 +0000 (19:30 +0000)]
Update the unwind information when modules are loaded and unloaded
by using the linker hooks. Since these hooks are called for the
kernel as well, we don't need to deal with that with a special
SYSINIT. The initialization implicitly performed on the first
update of the unwind information is made explicit with a SYSINIT.
We now don't need the _ia64_unwind_{start|end} symbols.
Marcel Moolenaar [Sat, 19 Oct 2002 19:16:03 +0000 (19:16 +0000)]
Add two hooks to signal module load and module unload to MD code.
The primary reason for this is to allow MD code to process machine
specific attributes, segments or sections in the ELF file and
update machine specific state accordingly. An immediate use of this
is in the ia64 port where unwind information is updated to allow
debugging and tracing in/across modules. Note that this commit
does not add the functionality to the ia64 port. See revision 1.9
of ia64/ia64/elf_machdep.c.
Marcel Moolenaar [Sat, 19 Oct 2002 18:59:33 +0000 (18:59 +0000)]
Reduce code duplication by moving the common actions in
link_elf_init(), link_elf_link_preload_finish() and
link_elf_load_file() to link_elf_link_common_finish().
Since link_elf_init() did initializations as a side-effect
of doing the common actions, keep the initialization in
that function. Consequently, link_elf_add_gdb() is now also
called to insert the very first link_map() (ie the kernel).
Marcel Moolenaar [Sat, 19 Oct 2002 18:43:37 +0000 (18:43 +0000)]
Non-functional change in preparation of the next commit:
Move link_elf_add_gdb(), link_elf_delete_gdb() and link_elf_error()
near the top of the file. The *_gdb() functions are moved inside
the #ifdef DDB already present there.
Alan Cox [Sat, 19 Oct 2002 18:34:39 +0000 (18:34 +0000)]
Complete the page queues locking needed for the page-based copy-
on-write (COW) mechanism. (This mechanism is used by the zero-copy
TCP/IP implementation.)
- Extend the scope of the page queues lock in vm_fault()
to cover vm_page_cowfault().
- Modify vm_page_cowfault() to release the page queues lock
if it sleeps.
This is an encryption module designed for to secure denial of access
to the contents of "cold disks" with or without destruction activation.
Major features:
* Based on AES, MD5 and ARC4 algorithms.
* Four cryptographic barriers:
1) Pass-phrase encrypts the master key.
2) Pass-phrase + Lock data locates master key.
3) 128 bit key derived from 2048 bit master key protects sector key.
3) 128 bit random single-use sector keys protect data payload.
* Up to four different changeable pass-phrases.
* Blackening feature for provable destruction of master key material.
* Isotropic disk contents offers no information about sector contents.
* Configurable destination sector range allows steganographic deployment.
This commit adds the kernel part, separate commits will follow for the
userland utility and documentation.
This software was developed for the FreeBSD Project by Poul-Henning Kamp and
NAI Labs, the Security Research Division of Network Associates, Inc. under
DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS
research program.
Many thanks to Robert Watson, CBOSS Principal Investigator for making this
possible.
Robert Watson [Sat, 19 Oct 2002 16:54:15 +0000 (16:54 +0000)]
Permits UFS ACLs to be used with the GENERIC kernel. Due to recent
ACL configuration changes, this shouldn't result in different code paths
for file systems not explicitly configured for ACLs by the system
administrator. For UFS1, administrators must still recompile their
kernel to add support for extended attributes; for UFS2, it's sufficient
to enable ACLs using tunefs or at mount-time (tunefs preferred for
reliability reasons). UFS2, for a variety of reasons, including
performance and reliability, is the preferred file system for use with
ACLs.
Maxime Henrion [Sat, 19 Oct 2002 16:47:13 +0000 (16:47 +0000)]
- Remove ${NORMAL_C_NOWERROR}, it is not used anymore. To build
without -Werror, we do "make WERROR=", which doesn't need this
variable.
- Use ${.IMPSRC} instead of $< in ${NORMAL_M} for consistency with
the rest of the file.
- Add ${WERROR} for the ${NORMAL_M} case.
Sam Leffler [Sat, 19 Oct 2002 16:44:16 +0000 (16:44 +0000)]
Fixups to get make release going again for i386:
o mount (and unmount) devfs in the chroot'd filesystem
o handle umounting devfs in case of a keyboard interrupt
o remove MAKEDEV from the fixit floppy so things fit again (mount_devfs was
added in a separate commit)
o explicitly remove mfsroot.gz and loader.conf when building the cd-rom area
as otherwice cp -Rp aborts when a previous run left identical files around
o increase the number of inodes on the drivers floppy; moving drivers from
the kernel there (to shrink it's size) caused things to overflow
o while we're increasing the driver's floppy inode config, separate out all
parameters from the boot floppy
Sam Leffler [Sat, 19 Oct 2002 16:39:28 +0000 (16:39 +0000)]
o since you can't use DIOCGDINFO and DIOCGSLICEINFO on drive nodes with geom,
get the xml configuration for the devices and "parse" the information to
get what's needed
o replace #ifdef DEBUG constructs with DPRINT/DPRINTX to make the code more
readable
Note the xml "parser" is very very hackish and should be replaced with a
real one. This one was done to be very small and special-purpose; don't
think about copying it elsewhere.
Thomas Moestl [Sat, 19 Oct 2002 15:54:34 +0000 (15:54 +0000)]
Explicitely specify an alignment for struct pcb. While all regular pcb's
are positioned and aligned by md code, dumppcb is just a static
variable and requires this.
Maxime Henrion [Sat, 19 Oct 2002 11:31:50 +0000 (11:31 +0000)]
Several malloc() calls were passing the M_DONTWAIT flag
which is an mbuf allocation flag. Use the correct
M_NOWAIT malloc() flag. Fortunately, both were defined
to 1, so this commit is a no-op.
Maxim Sobolev [Sat, 19 Oct 2002 10:18:29 +0000 (10:18 +0000)]
Fix a problem with RTLD_TRACE flag to dlopen(3), which sometimes can return
even if there was no error occured (when trying to dlopen(3) object that
already linked into executable which does dlopen(3) call). This is more
proper fix for `ldd /usr/lib/libc.so' problem, because the new behaviour
conforms to documentation.
Kirk McKusick [Sat, 19 Oct 2002 05:36:48 +0000 (05:36 +0000)]
Clear the pending counts in the superblock after a successful run
of fsck so that the kernel does not complain about them being
non-zero when the filesystem is mounted.
Marcel Moolenaar [Sat, 19 Oct 2002 05:01:54 +0000 (05:01 +0000)]
In link_elf_load_file(), when SPARSE_MAPPING is defined and we
cannot allocate ef->object, we freed ef before bailing out with
an error. This is wrong because ef=lf and when we have an error
and lf is non-NULL (which holds if we try to alloc ef->object),
we free lf and thus ef as part of the bailing-out.
Matthew Dillon [Fri, 18 Oct 2002 22:52:41 +0000 (22:52 +0000)]
Fix a file-rewrite performance case for UFS[2]. When rewriting portions
of a file in chunks that are less then the filesystem block size, if the
data is not already cached the system will perform a read-before-write.
The problem is that it does this on a block-by-block basis, breaking up the
I/Os and making clustering impossible for the writes. Programs such
as INN using cyclic file buffers suffer greatly. This problem is only going
to get worse as we use larger and larger filesystem block sizes.
The solution is to extend the sequential heuristic so UFS[2] can perform
a far larger read and readahead when dealing with this case.
(note: maximum disk write bandwidth is 27MB/sec thru filesystem)
(note: filesystem blocksize in test is 8K (1K frag))
dd if=/dev/zero of=test.dat bs=1k count=2m conv=notrunc
Before: (note half of these are reads)
tty da0 da1 acd0 cpu
tin tout KB/t tps MB/s KB/t tps MB/s KB/t tps MB/s us ni sy in id
0 76 14.21 598 8.30 0.00 0 0.00 0.00 0 0.00 0 0 7 1 92
0 76 14.09 813 11.19 0.00 0 0.00 0.00 0 0.00 0 0 9 5 86
0 76 14.28 821 11.45 0.00 0 0.00 0.00 0 0.00 0 0 8 1 91
After: (note half of these are reads)
tty da0 da1 acd0 cpu
tin tout KB/t tps MB/s KB/t tps MB/s KB/t tps MB/s us ni sy in id
0 76 63.62 434 26.99 0.00 0 0.00 0.00 0 0.00 0 0 18 1 80
0 76 63.58 424 26.30 0.00 0 0.00 0.00 0 0.00 0 0 17 2 82
0 76 63.82 438 27.32 0.00 0 0.00 0.00 0 0.00 1 0 19 2 79
Reviewed by: mckusick
Approved by: re
X-MFC after: immediately (was heavily tested in -stable for 4 months)
Nate Lawson [Fri, 18 Oct 2002 22:03:39 +0000 (22:03 +0000)]
* Add CDRIOC{READ,WRITE}SPEED ioctls to cd(4). Units are in KB/sec.
* Change atapi-cd ioctls to use the same units.
* Change burncd, cdcontrol to convert CDROM speed to KB/sec before
calling the ioctl. Add a "max" speed option for their command lines.
This change does not break ABI but does change the units passed through
the ioctl so 3rd party software that uses cdrio.h will have to convert
(most likely by multiplying CDROM speed by 177 to get KB/s).
PR: kern/36845
Submitted by: Philipp Mergenthaler <p@i609a.hadiko.de> (CAM ioctls)
Reviewed by: sos, ken
MFC after: 1 month
Bruce Evans [Fri, 18 Oct 2002 21:41:41 +0000 (21:41 +0000)]
MFufs 1.33:
In the 'found' case for ext2_lookup() the underlying bp's data was
being accessed after the bp had been releaed. A simple move of the
brelse() solves the problem.
The PR reports that this caused panics running the GDB testsuite unless
NO_GEOM is configured.
PR: 44060
Reported by: Mark Kettenis <kettenis@chello.nl>
MFC after: 3 days
Eric Moore [Fri, 18 Oct 2002 21:29:14 +0000 (21:29 +0000)]
(1) added LSI Logic copyright, and legal line 3 in license, and string
changes for "LSILogic"
(2) enabled non-disk support through CAM interface
(3) HA_INQ (a) enabled tagged queuing (b) disable reset during
driver loading (b) renamed BSDi string to LSI
(4) disabled detecting disk devices during SCSI INQUIRY
(5) changed dcdb single element sglist to send one entire buffer chunk
(6) nsgelem not set in sglist
(7) ap_data_transfer_length not set for dcdb
(8) changed "struct thread" to "d_thread_t" for compatibliity { xxx_open,
xxx_close, xxx_ioctl }
(9) miscellaneous compatiblity fixes
(10) bug fix for 0x0409/0x1000 card
(11) added compiling amr_cam.c in sys/conf/files
(12) added compiling amr_cam.c in sys/modules/amr/Makefile
Robert Watson [Fri, 18 Oct 2002 21:11:36 +0000 (21:11 +0000)]
Update extended attribute readme file to note that no special configuration
is required to use EAs with UFS2, and that UFS2 is recommend for EA use
for a variety of reasons.
Robert Watson [Fri, 18 Oct 2002 21:09:57 +0000 (21:09 +0000)]
Update instructions for ACLs given recent tunefs, mount changes. Also
note that UFS2 doesn't require explicit extended attribute configuration,
and is recommends for this and other reasons if you plan to use ACLs.
John Baldwin [Fri, 18 Oct 2002 17:45:41 +0000 (17:45 +0000)]
Do not lock the process when calling fdfree() (this would have recursed on
a non-recursive lock, the proc lock, before) since we don't need it to
change p_fd.
Matthew Dillon [Fri, 18 Oct 2002 17:24:30 +0000 (17:24 +0000)]
Replace the vm_page hash table with a per-vmobject splay tree. There should
be no major change in performance from this change at this time but this
will allow other work to progress: Giant lock removal around VM system
in favor of per-object mutexes, ranged fsyncs, more optimal COMMIT rpc's for
NFS, partial filesystem syncs by the syncer, more optimal object flushing,
etc. Note that the buffer cache is already using a similar splay tree
mechanism.
Note that a good chunk of the old hash table code is still in the tree.
Alan or I will remove it prior to the release if the new code does not
introduce unsolvable bugs, else we can revert more easily.
Submitted by: alc (this is Alan's code)
Approved by: re
Thomas Moestl [Fri, 18 Oct 2002 15:37:15 +0000 (15:37 +0000)]
Add a utility to examine the OpenFirmware device tree (on sparc64). This
allows access to detailed machine configuration information, and should
be especially useful to gather information for driver-related bug
reports.
Thomas Moestl [Fri, 18 Oct 2002 15:23:43 +0000 (15:23 +0000)]
Add a pseudo device which allows to access the OpenFirmware device tree
via ioctl()s. This was ported from NetBSD and adapted a bit to better
match our OpenFirmware support code.