Andrew Gallatin [Tue, 31 Oct 2000 03:10:41 +0000 (03:10 +0000)]
fix the sigaltstack hack by lowering the stack size to the original value
if the request was for less than MINSIGSTKSZ (in which case we "round up").
discussed with: marcel
Robert Watson [Tue, 31 Oct 2000 01:34:00 +0000 (01:34 +0000)]
o Deny access to System V IPC from within jail by default, as in the
current implementation, jail neither virtualizes the Sys V IPC namespace,
nor provides inter-jail protections on IPC objects.
o Support for System V IPC can be enabled by setting jail.sysvipc_allowed=1
using sysctl.
o This is not the "real fix" which involves virtualizing the System V
IPC namespace, but prevents processes within jail from influencing those
outside of jail when not approved by the administrator.
Mike Smith [Tue, 31 Oct 2000 00:21:41 +0000 (00:21 +0000)]
Move 'tw*' after 'twe*' so that it's possible to create the control device
for the 'twe' driver. This is an expedient solution for an
actually-manifesting symptom of a major problem with MAKEDEV. Roll on
DEVFS.
Bill Paul [Mon, 30 Oct 2000 23:51:39 +0000 (23:51 +0000)]
Grrr. The 'reg' variable in dc_apply_fixup() needs to be a u_int32_t, not
a u_int8_t. Pass the conical hat. This should fix certain cardbus 21143
cards that require SROM h0h0magic in order to enable their transceivers.
Changes have been made to support a concept of VAR_FIXIT_TTY being
standard or serial. This change needs to be done to the entire system that
depends on this. This way we don't have some code using OnVTY checks
and other doing
strcmp(variable_get(VAR_FIXIT_TTY), "standard") == 0
checks. Also we need to set VAR_FIXIT_TTY to "serial" if we come up on
a serial console.
Also fixed a dialog problem in that dialog was used when dialog was
disabled causing some troubles such as not letting the cursor keys
work when exiting the fixit mode on media (ie. not the fixit shell but
for example fixit on a floppy).
Scott Long [Mon, 30 Oct 2000 23:30:28 +0000 (23:30 +0000)]
Allow XPT_PATH_INQ to be performed on the XPT device, as per the CAM spec.
Return ENOTSUP for XPT_ENG_INQ and XPT_ENG_EXEC when performed on the XPT
device.
Bruce A. Mah [Mon, 30 Oct 2000 21:43:27 +0000 (21:43 +0000)]
Note ipfilter update to 3.4.12, cd(4) support for write operations,
MFC of OpenSSH-2.2.0, MFC of chio(1) enhancements, MFC of libisc
import, mergemaster improvements.
Robert Watson [Mon, 30 Oct 2000 20:30:03 +0000 (20:30 +0000)]
o Tighten up rules for which processes can't debug which other processes
in the p_candebug() function. Synchronize with sef's CHECKIO()
macro from the old procfs, which seems to be a good source of security
checks.
Ruslan Ermilov [Mon, 30 Oct 2000 12:39:41 +0000 (12:39 +0000)]
A significant rewrite of PPTP aliasing code.
PPTP links are no longer dropped by simple (and inappropriate in this
case) "inactivity timeout" procedure, only when requested through the
control connection.
It is now possible to have multiple PPTP servers running behind NAT.
Just redirect the incoming TCP traffic to port 1723, everything else
is done transparently.
Problems were reported and the fix was tested by:
Michael Adler <Michael.Adler@compaq.com>,
David Andersen <dga@lcs.mit.edu>
Doug Barton [Mon, 30 Oct 2000 10:33:51 +0000 (10:33 +0000)]
Add several new features, reorder some code, and continue with the
process of making the script more cross platform friendly.
* Add -i option to automatically install files that do not exist
on the system already.
* Add the ability to specify DESTDIR.
* Allow the user to specify scripts to run right before the
comparison starts, and when mm is done. This will
allow the user to specify customized local behavior, and
implement features such as automatically deleting files.
* Document the above changes in the man page.
* Switch to using 'ident' for the CVS Id comparison, which
should help with portability, and makes it faster.
* Reorder, and in one case fix some code by doing things in
ways that make more sense.
* Check to see if the file exists on the system before doing
the comparisons. This saves CPU cycles, and streamlines
the auto-install process.
I used bits and pieces of suggestions and patches from various
people, ultimately too numerous to name. Which is not to say
that they were not both appreciated, and helpful in achieving
the ultimate result.
Søren Schmidt [Mon, 30 Oct 2000 09:36:40 +0000 (09:36 +0000)]
Fix the PCCARD ATA breakage..
This is due to a bug that has been in there since Warneer did the
PCCARD stuff, the altioaddr is not offset 8 its offset 14 from
the base address.
Also only probe the master device, no known PCCARD ATA thingies
has a slave AFAIK..
Bill Paul [Mon, 30 Oct 2000 07:54:38 +0000 (07:54 +0000)]
Fix support for cardbus cards:
- Add DRIVER_MODULE() declaration to make this driver a
child of cardbus
- Handle different width EEPROMs
The CIS parser still barfs when scanning this card, but it seems to
probe/attach correctly anyway. I can't do a traffic test just yet
since I don't have a proper crossover cable handy.
Kenneth D. Merry [Mon, 30 Oct 2000 07:03:00 +0000 (07:03 +0000)]
Write support for the cd(4) driver.
This allows writing to DVD-RAM, PD and similar drives that probe as CD
devices. Note that these are randomly writeable devices, not
sequential-only devices like CD-R drives, which are supported by cdrecord.
Add a new flag value for dsopen(), DSO_COMPATLABEL. The cd(4) driver now
uses this flag instead of the DSO_NOLABELS flag. The DSO_NOLABELS always
used a "fake" disklabel for the entire disk, provided by the caller.
With the DSO_COMPATLABEL flag, dsopen() will first search the media for a
label, and if it finds a label, it will use that label. Otherwise it will
use the fake disklabel provided by the caller. This provides backwards
compatibility, since we will still have labels for ISO9660 media.
It also provides new functionality, since you can now have a regular BSD
disklabel on read-only media, or on writeable media (e.g. DVD-RAM).
Bruce and I both think that we should eventually (in a few years) get
away from using disklabels for ISO9660 media, and just use the whole disk
device (/dev/cd0). At that point disklabel handling in the cd(4) driver
could follow the "normal" model, as used in the da(4) driver.
Also, clean up the path in a couple of places in cdregister(). (Thanks to
Nick Hibma for catching that bug.)
Steve Price [Sun, 29 Oct 2000 22:11:39 +0000 (22:11 +0000)]
Add two new classes of problem reports primarily for the Ports Collection:
- update: For submitting non-maintainer updates/changes
- maintainer-update: For submitting maintainer updates/changes
The intent is to make it easier to spot maintainer sactioned or submitted
updates to ports though it might also be useful for userland code that is
maintained by someone that is not a FreeBSD committer.
Steve Price [Sun, 29 Oct 2000 22:05:52 +0000 (22:05 +0000)]
Update to version 3.113. Major changes were to incorporate FreeBSD-
specific changes into the original distribution (although sometimes
with a slightly different approach) and to add two commandline
options to send-pr(1):
-c which allows you to specify an address to CC this
PR to
-s allow the severity to be specified on the commandline
Alan Cox [Sun, 29 Oct 2000 21:38:28 +0000 (21:38 +0000)]
_aio_aqueue(): Change kevent registration to use its own struct file pointer.
Otherwise, aio_read() and aio_write() on sockets are broken if a kevent is
registered. (The code after kevent registration for handling sockets assumes
that the struct file pointer "fp" still refers to the socket, not the kqueue.)
Hajimu UMEMOTO [Sun, 29 Oct 2000 19:59:05 +0000 (19:59 +0000)]
- ipv6_prefix_* and ipv6_ifconfig_* work for end node
- rtsol should be work for only one interface
- new variable ipv6_defaultrouter is added
- option name of rtadvd in comment are corrected
- ipv6_firewall_enable, ipv6_firewall_type, ipv6_firewall_script,
ipv6_firewall_logging are added to introduce rc.firewall6.
IPv6 firewall rule is just starting point and should be brushed up.
This commit includes PR18621, PR21694, PR22051.
Andrew Gallatin [Sun, 29 Oct 2000 16:27:40 +0000 (16:27 +0000)]
Unmask cypress ata controllers. This bug was hidden before
the addition of the serverworks isab support because the
cypress case was the last one in the switch
Doug Barton [Sun, 29 Oct 2000 10:19:55 +0000 (10:19 +0000)]
The previous commit had the fascinating side effect of bringing the
openssl version 0.9.5a version of this file into RELENG_5. This is
a good thing, but should be documented.