jkoshy [Mon, 22 Jun 1998 06:34:12 +0000 (06:34 +0000)]
Add rc.conf option to set kernel security level and modify "/etc/rc" to
use this.
Requested by: max, andreas
Note: This change just provides a convenient way to exercise existing
functionality. Whether `kern.securelevel' is effective in increasing
system security is another issue, and one that has been well thrashed
out in the lists.
bde [Sun, 21 Jun 1998 21:06:04 +0000 (21:06 +0000)]
Fixed (?) races in mark_buffer_dirty(). We abuse the buffer cache
by hacking on locked buffers without getblk()ing them, and we didn't
even use splbio() to prevent biodone() changing the buffer underneath
use when a write completes. I think there was no problem in practice
on i386's because the operations on b_flags and numdirtybufs happen to
be atomic. We still depend on biodone()'s operations on b_flags not
interfering with ours. I think there is only interference for B_ERROR,
and this is harmless because errors for async writes are ignored anyway.
Don't use mark_buffer_dirty() except for superblock-related metadata.
It was used in just one case where ordinary BSD buffering is more
natural.
bde [Sun, 21 Jun 1998 19:56:31 +0000 (19:56 +0000)]
Removed unused function ll_w_block(). It has always had races due
to not using splbio(), and has rotted a little. The races were
probably harmless in practice because this function was only used
for superblock updates, and separate superblock updates are probably
prevented from running into each other by doing part of the update
synchronously.
mckay [Sun, 21 Jun 1998 14:22:29 +0000 (14:22 +0000)]
Since I got no objections to this patch, and no one has offered any
alternative, I present .. ta! da! .. the __error() hack.
This patch to the a.out dynamic loader provides old a.out binaries
with __error() if they are linked with an older libc that lacks it,
but are also linked against a library that needs it.
There is a smaller, tricker hack that takes advantage of the fact
that ld.so has __error() too, courtesy of the new libc, but this
hack is the straightforward version.
bde [Sun, 21 Jun 1998 12:22:35 +0000 (12:22 +0000)]
Round tickadj up. This prevents tickadj from being 0 when HZ > 500,
which makes adjtime(2) useless and confuses xntpd(8) into refusing
to start even when it would use the kernel PLL instead of adjtime().
The result is the same as recommended by tickadj(8), at least when
HZ divides 10^6. Of course, you wouldn't want to actually use
adjtime() when HZ is large. In the silly boundary case of HZ == 10^6,
tickadj == tick == 1 so the clock stops while adjtime() is active.
bde [Sun, 21 Jun 1998 11:33:32 +0000 (11:33 +0000)]
Converted add_interrupt_randomness() to take a `void *' arg. Rewrote
mmioctl() to fix hundreds of style bugs and a few error handling bugs
(don't check for superuser privilege for inappropriate ioctls, don't
check the input arg for the output-only MEM_RETURNIRQ ioctl, and don't
return EPERM for null changes).
brian [Sat, 20 Jun 1998 01:55:28 +0000 (01:55 +0000)]
Do an InitRestartCounter when we get a TerminateReq
in Opened state..... I have no idea why this never
caused problems in the past - maybe the restart
counter was bogusly initialised somewhere else :-/
jkoshy [Fri, 19 Jun 1998 08:34:52 +0000 (08:34 +0000)]
Fixes per PR 2850:
(a) Note that the default securelevel value is -1, in -current and -stable.
(b) Mention kernel sysctl variable that controls securelevel.
(c) Add warning the `fsck' will fail if securelevel >= 2.
(d) Suggest end of /etc/rc as the right place to raise securelevel.
brian [Thu, 18 Jun 1998 22:43:18 +0000 (22:43 +0000)]
Don't assume that all ttys support carrier detect. If we're
passing our controlling terminal, always record our pid so
that the receiving ppp knows who to HUP.
peter [Thu, 18 Jun 1998 18:35:04 +0000 (18:35 +0000)]
ELF versions of __warn_references() and __weak_reference(). Note that this
doesn't work with libc/net/res_stubs.c since gas wants the weak reference
to take place in the same context as the real definition, presumably so
that it can get hold of the symbol typing etc.
However, this doesn't matter for libc/elf since we don't have binaries
that use the old symbol names.
bde [Thu, 18 Jun 1998 15:32:09 +0000 (15:32 +0000)]
Changed the type of an isa/general interrupt handler to take a
`void *' arg. Fixed or hid most of the resulting type mismatches.
Handlers can now be updated locally (except for reworking their
global declarations in isa_device.h).
jb [Wed, 17 Jun 1998 22:29:12 +0000 (22:29 +0000)]
Don't allow a SIGCHLD to wake up a thread if the process has the default
signal handler installed for SIGCHLD. The ACE MT_SOCK_Test was hanging
as the result of being interrupted when it didn't expect to be.
bde [Wed, 17 Jun 1998 16:59:30 +0000 (16:59 +0000)]
Renambed sbintr to sb_intr to avoid a conflict with the (now
unconditionally declared although it can't be configured together
with snd) extern function sbintr.
bde [Wed, 17 Jun 1998 15:16:53 +0000 (15:16 +0000)]
Don't generate declarations for isa device structs in "ioconf.h".
Don't generate declarations for isa interrupt handlers at all.
Isa interrupt handlers are now declared in <i386/isa/isa_device.h>
but should be converted take a `void *' arg and staticized as
soon as possible.
Updated CONFIGVERS. New configs are very incompatible with
previous versions.
bde [Wed, 17 Jun 1998 14:58:04 +0000 (14:58 +0000)]
Don't declare isa device structs or isa interrupt handlers in <sys/conf>,
and don't depend on them being declared there. This will cause lots of
warnings for a few minutes until config is updated. Interrupt handlers
should never have been configured by config, and the machine generated
declarations get in the way of changing the arg type from int to void *.
bde [Wed, 17 Jun 1998 14:13:15 +0000 (14:13 +0000)]
Added used include of "ioconf.h" - don't depend on pollution in
<sys/conf.h>. I'm fixing isa interrupt handler configuration and
this is just a quick fix to keep SCSI configuration unharmed.
bde [Wed, 17 Jun 1998 14:01:00 +0000 (14:01 +0000)]
Include <i386/isa/pnp.h> after including its prerequisite
<i386/isa/isa_device.h> - don't depend on pollution in <sys/conf.h>
including the prerequisite earlier.
bde [Wed, 17 Jun 1998 09:34:42 +0000 (09:34 +0000)]
Added yacc to the bootstrap tools. It is needed very early to
build at least compile_et and lex, and although almost any version
of yacc could work, the version in -stable doesn't actually work
with -current makefiles because it doesn't support -o.
jb [Wed, 17 Jun 1998 03:53:16 +0000 (03:53 +0000)]
If a thread is waiting on a child process to complete, the SIGCHLD
signal can arrive before the thread is woken from it's wait4. In this
case, don't return an EINTR, just set the thread state to running and
the wait4 wrapper will loop and get the exit status of the process.
brian [Tue, 16 Jun 1998 19:40:42 +0000 (19:40 +0000)]
Change some log levels. ALERTs are only logged when
something that can't happen happens or when everyone
needs to know. ERRORs are only logged when something
unexpected happens.
bde [Tue, 16 Jun 1998 14:55:27 +0000 (14:55 +0000)]
Backed out rev.1.183, which had nothing to do with its log message.
It was to support a half-baked optimization of certain long long
divisions in gcc-2.8 and/or egcs. We now avoid these divisions.
bde [Tue, 16 Jun 1998 14:36:40 +0000 (14:36 +0000)]
Use copyout() instead of bcopy() to copy the image to user space.
bcopy() caused panics under heavy paging (not quite as suspected -
the kernel stack seemed to get corrupted).
bde [Tue, 16 Jun 1998 11:05:59 +0000 (11:05 +0000)]
Don't log "unexpected" events on never-opened devices. Events left
over from the probe are now expected for incompatible UARTs that
deliver IRQs as a strobe (low) instead of a level (high).
Discard events on going-away devices too. Endless loops may have
been possible when an active pccard was removed.
brian [Tue, 16 Jun 1998 07:15:11 +0000 (07:15 +0000)]
o Don't dump core with ~m in term mode.
o Always put a '\r' before a '\n' at the end of a line
in prompt_vPrintf() in term mode, and make prompt_Printf()
use prompt_vPrintf().
o Fix ~? message.
brian [Mon, 15 Jun 1998 19:06:58 +0000 (19:06 +0000)]
o De-staticise things that don't need to be static.
o Bring the static ``ttystate'' into struct prompt so that
the tilde context is per prompt and not global.
o Comment the remaining static variables so that it's
clear why they're static.
o Add some XXX comments suggesting that our interface list
and our hostname should be re-generated after a signal
(say SIGUSR1) so that a machine with PCCARDs has a chance.
brian [Mon, 15 Jun 1998 19:06:25 +0000 (19:06 +0000)]
Fix a rather nasty use of `static'. This caused a SEGV
when running ``link * load label'' as we ended up recursing
back into command_Interpret after nuking our command arg list.
brian [Mon, 15 Jun 1998 19:05:27 +0000 (19:05 +0000)]
Make `close lcp' just close the LCP layer and not hangup. This is
useful for slirp users that wish to get their shell back after the
ppp session. `close' with no args still hangs up as expected.
Required by: jmz
charnier [Mon, 15 Jun 1998 07:12:20 +0000 (07:12 +0000)]
Correct use of .Nm. Use .Bl/.El for enumerating options. Use .An. Correct
formatting of rcsid. Remove unused #includes. Do not use memory after
freeing it.