keramida [Tue, 30 Oct 2007 15:52:55 +0000 (15:52 +0000)]
Remove duplicate (but commented out) .Sh HISTORY section heading.
It almost "shadows" the ending .El request of a list, which seems
to have caused mdoc buglets in some gss_*.3 manpages.
darrenr [Tue, 30 Oct 2007 15:23:27 +0000 (15:23 +0000)]
Apply a few changes from ipfilter-current:
* Do not hold any locks over calls to copyin/copyout.
* Clean up some #ifdefs
* fix a possible mbuf leak when NAT fails on policy routed packets
rrs [Tue, 30 Oct 2007 14:09:24 +0000 (14:09 +0000)]
- Change the Time Wait of vtags value to match the cookie-life
- Select a tag gains ability to optionally save new tags
off in the timewait system.
- When looking up associations do not give back a stcb that
is in the about-to-be-freed state, and instead continue
looking for other candiates.
- New function to query to see if value is in time-wait.
- Timewait had a time comparison error that caused very
few vtags to actually stay in time-wait.
- When setting tags in time-wait, we now use the time
requested NOT a fixed constant value.
- sstat now gets the proper associd when we do the query.
- When we process an association, we expect the tag chosen
(if we have one from a cookie) to be in time-wait. Before
we would NOT allow the assoc up by checking if its good.
In theory this should have caused almost all assoc not
to come up except for the time-comparison bug above (this
bug was hidden by the time comparison bug :-D).
- Don't save tags for nonce values in the time-wait cache
since these are used only during cookie collisions and do
not matter if they are unique or not.
MFC after: 1 week
davidxu [Tue, 30 Oct 2007 05:57:37 +0000 (05:57 +0000)]
Add my recent work of adaptive spin mutex code. Use two environments variable
to tune pthread mutex performance:
1. LIBPTHREAD_SPINLOOPS
If a pthread mutex is being locked by another thread, this environment
variable sets total number of spin loops before the current thread
sleeps in kernel, this saves a syscall overhead if the mutex will be
unlocked very soon (well written application code).
2. LIBPTHREAD_YIELDLOOPS
If a pthread mutex is being locked by other threads, this environment
variable sets total number of sched_yield() loops before the currrent
thread sleeps in kernel. if a pthread mutex is locked, the current thread
gives up cpu, but will not sleep in kernel, this means, current thread
does not set contention bit in mutex, but let lock owner to run again
if the owner is on kernel's run queue, and when lock owner unlocks the
mutex, it does not need to enter kernel and do lots of work to resume
mutex waiters, in some cases, this saves lots of syscall overheads for
mutex owner.
In my practice, sometimes LIBPTHREAD_YIELDLOOPS can massively improve performance
than LIBPTHREAD_SPINLOOPS, this depends on application. These two environments
are global to all pthread mutex, there is no interface to set them for each
pthread mutex, the default values are zero, this means spinning is turned off
by default.
kensmith [Tue, 30 Oct 2007 05:03:37 +0000 (05:03 +0000)]
Selecting amd and a few other things in the Networking config section
caused a segfault. It turns out that in pre-7.0 systems if you do
getenv("amd_enable=YES") it will return the setting of the environment
variable "amd_enable" but now it returns NULL. I think I found the
places where sysinstall was potentially relying on that old behavior.
Fix is to make a copy of the string to be used for the getenv(3) call,
look for a '=' character in it, and replace it with '\0' if one is
found. Stuck to sysinstall's typical coding standards despite urges
to do otherwise.
peter [Mon, 29 Oct 2007 22:19:08 +0000 (22:19 +0000)]
Move nvram out of DEFAULTS. There really isn't a lot of justification
for consuming the memory. The module works just fine in the unlikely
case that this is needed. It can still be compiled into a custom kernel.
marius [Mon, 29 Oct 2007 21:11:55 +0000 (21:11 +0000)]
- Remove MIIF_NOISOLATE; there's generally no reason to let gentbi(4)
set this flag and it was more or less just copied and pasted from
another FreeBSD driver while porting this driver from NetBSD, whose
gentbi(4) doesn't set MIIF_NOISOLATE either.
- Fix spelling in a comment.
kris [Mon, 29 Oct 2007 21:01:47 +0000 (21:01 +0000)]
Add a new "non-portable" mutex type, PTHREAD_MUTEX_ADAPTIVE_NP. This
is also implemented in glibc and is used by a number of existing
applications (mysql, firefox, etc).
This mutex type is a default mutex with the additional property that
it spins briefly when attempting to acquire a contested lock, doing
trylock operations in userland before entering the kernel to block if
eventually unsuccessful.
The expectation is that applications requesting this mutex type know
that the mutex is likely to be only held for very brief periods, so it
is faster to spin in userland and probably succeed in acquiring the
mutex, than to enter the kernel and sleep, only to be woken up almost
immediately. This can help significantly in certain cases when
pthread mutexes are heavily contended and held for brief durations
(such as mysql).
Spin up to 200 times before entering the kernel, which represents only
a few us on modern CPUs. No performance degradation was observed with
this value and it is sufficient to avoid a large performance drop in
mysql performance in the heavily contended pthread mutex case.
emax [Mon, 29 Oct 2007 19:06:47 +0000 (19:06 +0000)]
Allow RFCOMM servers to bind to a ''wildcard'' RFCOMM channel
zero (0). Actual RFCOMM channel will be assigned after listen(2)
call is done on a RFCOMM socket bound to a ''wildcard'' RFCOMM
channel zero (0).
Address locking issues in ng_btsocket_rfcomm_bind()
Submitted by: Heiko Wundram (Beenic) < wundram at beenic dot net >
MFC after: 1 week
rwatson [Mon, 29 Oct 2007 18:40:24 +0000 (18:40 +0000)]
Vendor import TrustedBSD OpenBSM 1.0, with the following change history
since the last import:
OpenBSM 1.0
- Fix bug in auditreduce(8) which resulted in a memory fault/crash when
the user specified an event name with -m.
- Remove AU_.* hard-coded audit class constants, as udit classes are now
entirely dynamically configured using /etc/security/audit_class.
MFC after: 3 days
Obtained from: TrustedBSD Project
rwatson [Mon, 29 Oct 2007 18:07:48 +0000 (18:07 +0000)]
Replace use of AU_NULL with 0 when no audit classes are in use; this
supports the removal of hard-coded audit class constants in OpenBSM
1.0. All audit classes are now dynamically configured via the
audit_class database.
rwatson [Mon, 29 Oct 2007 14:19:32 +0000 (14:19 +0000)]
Merge Neterion if_nxge driver version 2.0.9.11230 with the following
changes:
01 - Enhanced LRO:
LRO feature is extended to support multi-buffer mode. Previously,
Ethernet frames received in contiguous buffers were offloaded.
Now, frames received in multiple non-contiguous buffers can be
offloaded, as well. The driver now supports LRO for jumbo frames.
02 - Locks Optimization:
The driver code was re-organized to limit the use of locks.
Moreover, lock contention was reduced by replacing wait locks
with try locks.
03 - Code Optimization:
The driver code was re-factored to eliminate some memcpy
operations. Fast path loops were optimized.
04 - Tag Creations:
Physical Buffer Tags are now optimized based upon frame size.
For better performance, Physical Memory Maps are now re-used.
05 - Configuration:
Features such as TSO, LRO, and Interrupt Mode can be configured
either at load or at run time. Rx buffer mode (mode 1 or mode 2)
can be configured at load time through kenv.
06 - Driver Statistics:
Run time statistics are enhanced to provide better visibility
into the driver performance.
07 - Bug Fixes:
The driver contains fixes for the problems discovered and
reported since last submission.
08 - MSI support:
Added Message Signaled Interrupt feature which currently uses 1
message.
09 Removed feature:
Rx 3 buffer mode feature has been removed. Driver now supports 1,
2 and 5 buffer modes of which 2 and 5 buffer modes can be used
for header separation.
10 Compiler warning:
Fixed compiler warning when compiled for 32 bit system.
11 Copyright notice:
Source files are updated with the proper copyright notice.
MFC after: 3 days
Submitted by: Alicia Pena <Alicia dot Pena at neterion dot com>,
Muhammad Shafiq <Muhammad dot Shafiq at neterion dot com>
yar [Mon, 29 Oct 2007 07:37:08 +0000 (07:37 +0000)]
Add support for `make -nn' dry runs to this makefile. Basically,
it's just a matter of adding a `${_+_}' prefix before each submake
invokation. This allows a dry run to proceed down to, but not
including, leaf commands. (See <sys.mk> for how ${_+_} is set
depending on the number of -n flags.)
yongari [Mon, 29 Oct 2007 02:17:07 +0000 (02:17 +0000)]
Add support for RealTek RTL8211B(L) PHY. It's based on the patch
made by Michael Eisele and the patch was slightly modified by me.
With this change several NVIDIA ethernet controllers(e.g. MCP61)
works.
RTL8211B(L) is RealTek's new gigabit PHY. The PHY has several
features including crossover correction, polarity correction as
well as supporting triple speed(10/100/1000bps). Data transfer
between MAC and PHY is via RGMII for 1000baseT, MII for
10baseT/100baseTX.
Unfortunately, RealTek used the same model number for RTL8211B(L)
PHY so there is no way to discriminate between RTL8211B(L) and its
predecessors. ATM RTL8211B uses revision number 2 so checking the
revision number seems to be only way to identify it.
Obtained from: Michael Eisele [1]
Tested by: clemens fischer < ino-qc AT spotteswoode DOT de DOT eu DOT org >
yongari [Mon, 29 Oct 2007 02:06:15 +0000 (02:06 +0000)]
o RTL8169S/8110S integrated PHY and RTL8211B are gigabit PHYs so set
mii_anegticks to MII_ANEGTICKS_GIGE and use it. Previously it used
to MII_ANEGTICKS which may not be enough to wait before retrying
autonegotiation process at 1000bps.
o Reset autonegotation timer if media option is not IFM_AUTO or we
got a valid link.
o Announce link loss right after it happends.
o Autonegiation is retried every mii_anegticks seconds.
o Report link state changes right after setting autonegotiation.
mtm [Mon, 29 Oct 2007 00:08:24 +0000 (00:08 +0000)]
Fix an error in bit shifting logic for network addresses. The route
command would add incorrect routing entries if network numbers weren't
fully "spelled" out according to their class. For example:
# route add 128.0/16 (works)
# route add 128/16 (doesn't work)
# route add 193.0.0/24 (works)
# route add 193/24 (doesn't work)
Also, rework the way a netmask is deduced from network number if
it [netmask] is not specified.
marius [Sun, 28 Oct 2007 22:08:37 +0000 (22:08 +0000)]
- Make failure to route a ISA interrupt non fatal. Apparently the
Blade 1500/SX1500 boards have inherited the firmware bug of the
AX1105 mainboards to not include an interrupt map entry for the
parallel port controller (for the AX1105 the heuristic code for
E450s probably erroneously kicks in and guesses an interrupt).
- Take advantage of bus_generic_setup_intr(9).
- Fix some whitespace bugs.
jhb [Sun, 28 Oct 2007 21:23:49 +0000 (21:23 +0000)]
- Add constants for the different memory types in the SMAP table.
- Use the SMAP types and constants from <machine/pc/bios.h> in the boot
code rather than duplicating it.
rwatson [Sun, 28 Oct 2007 17:55:57 +0000 (17:55 +0000)]
Garbage collect mac_mbuf_create_multicast_encap TrustedBSD MAC Framework
entry point, which is no longer required now that we don't support
old-style multicast tunnels. This removes the last mbuf object class
entry point that isn't init/copy/destroy.
rwatson [Sun, 28 Oct 2007 17:12:48 +0000 (17:12 +0000)]
Continue to move from generic network entry points in the TrustedBSD MAC
Framework by moving from mac_mbuf_create_netlayer() to more specific
entry points for specific network services:
- mac_netinet_firewall_reply() to be used when replying to in-bound TCP
segments in pf and ipfw (etc).
- Rename mac_netinet_icmp_reply() to mac_netinet_icmp_replyinplace() and
add mac_netinet_icmp_reply(), reflecting that in some cases we overwrite
a label in place, but in others we apply the label to a new mbuf.
rwatson [Sun, 28 Oct 2007 15:55:23 +0000 (15:55 +0000)]
Move towards more explicit support for various network protocol stacks
in the TrustedBSD MAC Framework:
- Add mac_atalk.c and add explicit entry point mac_netatalk_aarp_send()
for AARP packet labeling, rather than using a generic link layer
entry point.
- Add mac_inet6.c and add explicit entry point mac_netinet6_nd6_send()
for ND6 packet labeling, rather than using a generic link layer entry
point.
- Add expliict entry point mac_netinet_arp_send() for ARP packet
labeling, and mac_netinet_igmp_send() for IGMP packet labeling,
rather than using a generic link layer entry point.
- Remove previous genering link layer entry point,
mac_mbuf_create_linklayer() as it is no longer used.
- Add implementations of new entry points to various policies, largely
by replicating the existing link layer entry point for them; remove
old link layer entry point implementation.
- Make MAC_IFNET_LOCK(), MAC_IFNET_UNLOCK(), and mac_ifnet_mtx global
to the MAC Framework rather than static to mac_net.c as it is now
needed outside of mac_net.c.
miwi [Sun, 28 Oct 2007 13:33:25 +0000 (13:33 +0000)]
Actually the keyword tells network.subr to launch wpa_supplicant on the
selected interface. wpa_supplicant does not only handle WPA
authentication but also EAP/LEAP as well as WEP encryption or no
encryption at all. The patch clarifies this.
kientzle [Sat, 27 Oct 2007 22:45:40 +0000 (22:45 +0000)]
When skipping input data, don't overflow a 32-bit size_t.
This can only happen on 32-bit systems when you're reading
an uncompressed archive and the skip request is an exact
multiple of 4G (e.g., skipping a tar entry with an 8G body).
The symptom is that the read_ahead() ends up returning zero
bytes, and the extraction stops with a premature end-of-file.
Using '1' here is more correct anyway, as it allows read_ahead()
to function opportunistically and minimize copying.
jhb [Sat, 27 Oct 2007 22:14:17 +0000 (22:14 +0000)]
Don't return an error from resume() if execution of _DIS fails for some
reason (not all BIOSen have _DIS methods for all link devices for example).
This matches the behavior of attach() with respect to _DIS as well.
jhb [Sat, 27 Oct 2007 22:07:40 +0000 (22:07 +0000)]
Change the roundrobin implementation in the 4BSD scheduler to trigger a
userland preemption directly from hardclock() via sched_clock() when a
thread uses up a full quantum instead of using a periodic timeout to cause
a userland preemption every so often. This fixes a potential deadlock
when IPI_PREEMPTION isn't enabled where softclock blocks on a lock held
by a thread pinned or bound to another CPU. The current thread on that
CPU will never be preempted while softclock is blocked.
Note that ULE already drives its round-robin userland preemption from
sched_clock() as well and always enables IPI_PREEMPT.
yar [Sat, 27 Oct 2007 19:57:41 +0000 (19:57 +0000)]
Add a comment explaining why disc(4) bears the IFF_LOOPBACK flag.
It should be the final follow-up to an old yet unfinished discussion
on whether IFF_LOOPBACK is necessary for disc(4) and why.
yar [Sat, 27 Oct 2007 18:40:34 +0000 (18:40 +0000)]
Allow the shell used by make(1) to be changed early via the
__MAKE_SHELL variable. This feature isn't supposed to be in wide
use, but it's needed now to make `installworld' independent of the
stock binaries and libs so that radical ABI changes can go in safely.
yar [Sat, 27 Oct 2007 18:25:53 +0000 (18:25 +0000)]
if_loop doesn't need to keep the list of lo(4) interfaces. Today
a private softc list is needed neither for tracking clones in general
nor for destroying all clones before the module unload -- if_clone
takes care of all that. (Note that some other interface drivers do
need a softc list to be able to scan it for their private purposes.)
yar [Sat, 27 Oct 2007 18:18:58 +0000 (18:18 +0000)]
Add some essential tools to rescue(8) in order to make it
a versatile emergency tool:
o sed(1) as a multi-purpose text filter -- can do grep's job and much more.
o head(1), tail(1), and tee(1) as idiomatic text filters.
o mt(1) to control tape drives (PR misc/98383).
o chown(8) aka chgrp(8) to complement the ch* subset.
o pkill(1) aka pgrep(1) to control running processes easily and thus to be
able to recover from a serious problem or a fatal typo in an otherwise live
system w/o a reboot. (It also deserves adding to rescue(8) for its having
triggered a latent bug in crunchgen(1), but we had better add a regression
test for that. :-)
The resulting change in rescue(8) size has the following order of magnitude
on i386: 3787656 - 3727872 = 59784, i.e. just a tad.
Discussed on: -hackers (I seem to have wearied all opponents :-)
PR: misc/98383
rodrigc [Sat, 27 Oct 2007 16:28:05 +0000 (16:28 +0000)]
Add the following mount options to the nfs_opts array:
noatime, noexec, suiddir, nosuid, nosymfollow, union,
noclusterr, noclusterw, multilabel, acls, force, update,
async. These options correspond to MOPT_STDOPTS, MOPT_FORCE, MOPT_UPDATE,
and MOPT_ASYNC.
Currently, mount_nfs converts these "-o" options from strings
to MNT_ flags via getmntopts(),
and passes the flags from userspace to the kernel.
This change will allow us in future to pass these mount options
as strings directly to the kernel via nmount() when doing NFS mounts.
yar [Sat, 27 Oct 2007 16:13:31 +0000 (16:13 +0000)]
Set the program name if the crunched program is selected through
argv[1] to mimic crt0 behaviour. Do the job by a direct assignment
to __progname in order to stay compatible with NetBSD, whose
setprogname() is a deliberate no-op.
The reason for this change is that some programs (usually those
imported from NetBSD) use getprogname() to distinguish between their
aliases. (See pkill aka pgrep for example.)
This change can be useful, and applicable, to NetBSD, too.
rodrigc [Sat, 27 Oct 2007 15:59:18 +0000 (15:59 +0000)]
In nmount(), if MNT_ROOT is in the mount flags, filter it
out instead of returning an error.
(1) This makes the behavior consistent with mount(2).
(2) This makes update mounts on the root file system work properly.
(3) The explicit checks for MNT_ROOTFS in src/sbin/fsck_ffs/main.c
and src/usr.sbin/mountd/mountd.c which were put in to
eliminate errors during update mounts on the root file system
can be removed.
The only place were MNT_ROOTFS can be validly set
is inside the kernel, i.e. with vfs_mountroot_try().
jhb [Sat, 27 Oct 2007 14:54:43 +0000 (14:54 +0000)]
Don't destroy an ACPI device_t for a PCI device and reassign the ACPI
handle to the PCI device_t if the ACPI device_t is already attached to a
driver. This happens on the Tablet TC1000 which for some reason includes
two PCI-ISA bridges and treats the second bridge as an ACPI system resource
device.
jhb [Sat, 27 Oct 2007 13:34:53 +0000 (13:34 +0000)]
Don't test the APIC flag in the cpuid features for amd64 to see if a
local APIC is present or not. All amd64 CPUs have a local APIC and some
BIOSen don't set the CPUID_APIC flag.
rwatson [Sat, 27 Oct 2007 10:38:57 +0000 (10:38 +0000)]
Give each posixsem MAC Framework entry point its own counter and test case
in the mac_test policy, rather than sharing a single function for all of
the access control checks.
julian [Sat, 27 Oct 2007 00:42:40 +0000 (00:42 +0000)]
Initialise the initial process pointer to NULL so that we know we don't
have an idle process yet.
I'm guessing that on my system this was always 0 already.
alc [Sat, 27 Oct 2007 00:09:30 +0000 (00:09 +0000)]
Change vm_page_cache_transfer() such that it does not transfer pages
that would have an offset beyond the end of the target object. Such
pages should remain in the source object.
MFC after: 3 days
Diagnosed and reviewed by: Kostik Belousov
Reported and tested by: Peter Holm
julian [Fri, 26 Oct 2007 22:18:20 +0000 (22:18 +0000)]
If kthread_exit() is called on the last kthread in a kproc, then
all the work in kproc_exit must be done.
We don't actually have a user of this yet but why leave it to chance.
jhb [Fri, 26 Oct 2007 21:02:31 +0000 (21:02 +0000)]
Use the smaller cgbase() macro in ufsread.c if UFS_SMALL_CGBASE is
defined. This lets each boot program choose which version of cgbase() it
wants to use rather than forcing ufsread.c to have that knowledge.
imp [Fri, 26 Oct 2007 15:00:34 +0000 (15:00 +0000)]
The arm boot code uses this function as well. Redefining cgbase()
saves about 500 bytes in the boot code. While the AT91RM9200 has 12k
of space for the boot loader, which is more than i386's 8k, the code
generated by gcc is a bit bigger.