sam [Mon, 13 Oct 2003 03:39:38 +0000 (03:39 +0000)]
MFp4:
o don't grab the mutex at the top of ath_detach; it does nothing
useful
o deal with entry to ath_ioctl during detach to disable promiscuous
mode as a result of calling bpfdetach2: cannot call ath_init when
the device is marked invalid as the code isn't prepared to deal
with it (in particular by that time the hal reference may have
been yanked)
sam [Mon, 13 Oct 2003 03:37:38 +0000 (03:37 +0000)]
MFp4:
change ath_rate_ctl_reset to handle transition from station
mode to adhoc mode; was not resetting the initial xmit rate
causing outbound frames to be dicarded
alc [Mon, 13 Oct 2003 03:28:31 +0000 (03:28 +0000)]
- Modify pmap_is_current() to return FALSE when a pmap's page table is in
use because a kernel thread is borrowing it. The borrowed page table
can change spontaneously, making any dependence on its continued use
subject to a race condition.
- _pmap_unwire_pte_hold() cannot use pmap_is_current(): If a change is
made to a page table page mapping for a borrowed page table, the TLB
must be updated.
jeff [Sun, 12 Oct 2003 21:07:31 +0000 (21:07 +0000)]
- In SCHED_CURR() add holding Giant to the list of criteria that will keep
you on the current queue. In the future, it would be nice if priority
propagation could deterministicly pluck a thread off of the next queue
and put it on the current queue. Until then this hack stops us from
holding up our entire current queue, including interrupt handlers, while
a thread on the next queue is blocked while holding Giant.
- Inherit our pctcpu information from our parent.
jeff [Sun, 12 Oct 2003 21:02:55 +0000 (21:02 +0000)]
- Implement a mtx_ownedby() macro which can be used to determine if a
particular thread owns a mutex. This cannot be done without races
unless the thread is curthread.
ume [Sun, 12 Oct 2003 12:03:25 +0000 (12:03 +0000)]
- avoid hardcoded values.
- correct signedness mixups.
- log fix.
- preparation for 64bit sequence number.
introduce SA id (unique ID for SA - SPI is useless as duplicated
SPI is allowed)
- no need to malloc/free cksum buffer.
des [Sun, 12 Oct 2003 11:33:39 +0000 (11:33 +0000)]
A couple of months' worth of back-burner hacking: restructure to better
handle the minor (but significant) differences between the various
Vortex chips; add (incomplete) support for playback.
jmg [Sun, 12 Oct 2003 07:06:02 +0000 (07:06 +0000)]
fix a problem referencing free'd memory. This is only a problem for
kqueue write events on a socket and you regularly create tons of pipes
which overwrites the structure causing a panic when removing the knote
from the list. If the peer has gone away (and it's a write knote), then
don't bother trying to remove the knote from the list.
Submitted by: Brian Buchanan and myself
Obtained from: nCircle
tjr [Sun, 12 Oct 2003 04:25:26 +0000 (04:25 +0000)]
Fix a multitude of security bugs in the iBCS2 emulator:
- Return NULL instead of returning memory outside of the stackgap
in stackgap_alloc() (FreeBSD-SA-00:42.linux)
- Check for stackgap_alloc() returning NULL in ibcs2_emul_find();
other calls to stackgap_alloc() have not been changed since they
are small fixed-size allocations.
- Replace use of strcpy() with strlcpy() in exec_coff_imgact()
to avoid buffer overflow
- Use strlcat() instead of strcat() to avoid a one byte buffer
overflow in ibcs2_setipdomainname()
- Use copyinstr() instead of copyin() in ibcs2_setipdomainname()
to ensure that the string is null-terminated
- Avoid integer overflow in ibcs2_setgroups() and ibcs2_setgroups()
by checking that gidsetsize argument is non-negative and
no larger than NGROUPS_MAX.
- Range-check signal numbers in ibcs2_wait(), ibcs2_sigaction(),
ibcs2_sigsys() and ibcs2_kill() to avoid accessing array past
the end (or before the start)
se [Sat, 11 Oct 2003 22:20:34 +0000 (22:20 +0000)]
The code that was meant to test alignment of the register offset
parameter in the read and write case dereferenced an unitialized
pointer and can't possibly ever have catched an actual invalid
argument.
This was apparently true for the read/write and getconf cases. The
latter does not even receive the paramter that is to be verified.
I'm surprised that this did not cause kernel panics, but it seems
that the uninitialized local variable happens to contain data that
may be used as a pointer to memory that satisfies the test condition.
Make the code work as intended by moving the test inside the switch
case where the pointer has been properly initialized.
Since the read and write case shared just about all code (except
for the single call to PCIB_READ_CONFIG resp. PCIB_WRITE_CONFIG) I
have merged both cases.
dds [Sat, 11 Oct 2003 20:47:44 +0000 (20:47 +0000)]
Changed EINVAL constant reference from UIO_MAXIOV to IOV_MAX.
The former is a kernel-only visible constant, the latter the
POSIX-specified userland constant defined by including limits.h.
dds [Sat, 11 Oct 2003 20:34:43 +0000 (20:34 +0000)]
- Check and report write(2) errors.
- Issue a single writev(2) call instead of multiple write(2)s.
This change improves the inefficiencies introduced when echo
went on an stdio diet.
The following figures are for echoing 1000 arguments.
original stdio-based echo:
0.01 real 0.01 user 0.00 sys
before:
0.05 real 0.00 user 0.04 sys
after:
0.01 real 0.00 user 0.00 sys
iwasaki [Sat, 11 Oct 2003 15:08:32 +0000 (15:08 +0000)]
Fix some problems in linux_sendmsg() and linux_recvmsg().
- Allocate storage for uap->msg always because it is copyin()'ed in
native sendmsg().
- Convert sockopt level from Linux to FreeBSD after native recvmsg() calling.
- Some cleanups.
Tested with: Oracle 9i shared server connection mode.
sam [Fri, 10 Oct 2003 23:14:21 +0000 (23:14 +0000)]
locking fixups:
o correct recursive locking when polling and in em_82547_move_tail
o destroy mutex on detach
o add EM_LOCK_ASSERT and similar macros for creating+deleteing the mtx
bms [Fri, 10 Oct 2003 21:01:00 +0000 (21:01 +0000)]
Add the Intersil Prism2/Atmel device. These particular devices are strange
beasts which are reported to exist in both Atmel and Prism2 flavours. In
particular, Itronix branded laptops have the Atmel part with an Intersil
radio.
des [Fri, 10 Oct 2003 20:59:51 +0000 (20:59 +0000)]
Report the version number and hostname at the top of the log. Allow the
user to override the hostname on the command line (for whatever reason).
Add a comment to explain why a particular piece of code is commented out.
peter [Fri, 10 Oct 2003 17:43:42 +0000 (17:43 +0000)]
Move the pmap_kenter(KERNBASE, 0) a bit earlier so that it works for
the hasbrokenint12 tunable case too. (with some related and unrelated
style fixes)
alc [Fri, 10 Oct 2003 07:26:21 +0000 (07:26 +0000)]
- Synchronize access to a page's valid field in vfs_bio_clrbuf()
by using the lock from its containing object.
- Remove GIANT_REQUIRED from vm_hold_load_pages().
imp [Fri, 10 Oct 2003 05:15:05 +0000 (05:15 +0000)]
Be more pedantic about the model numbers of cardbus cards that are
supported by the driver. I've only used 3 or 4 of these cards, but
the cardbus cards work as well as pci cards at this point.
hmp [Thu, 9 Oct 2003 23:06:06 +0000 (23:06 +0000)]
Assorted mdoc(7) fixes:
- fix hard sentence breaks
- sprinkle a few .Vt's where neccessary
- remove incorrect use of `\-'
- proper quoting using .Dq, instead of manual ``...''
deischen [Thu, 9 Oct 2003 20:52:17 +0000 (20:52 +0000)]
Reverse the order of the first two arguments to _sparc64_enter_uts().
The first argument is the UTS function, the second argument is the
first argument to the UTS function. Who's on first.