mav [Tue, 18 Mar 2008 17:39:42 +0000 (17:39 +0000)]
MFC:
Improve apply callback error reporting:
Before this patch callback returned result of the last finished call chain.
Now it returns last nonzero result from all call chain results in this request.
As soon as this improvement gives reliable error reporting, it is now possible
to remove dirty workaround in ng_socket, made to return ENOBUFS error statuses
of request-response operations. That workaround was responsible for returning
ENOBUFS errors to completely unrelated requests working at the same time
on socket.
mav [Tue, 18 Mar 2008 17:33:03 +0000 (17:33 +0000)]
MFC rev. 1.25
Add session ID hashing to speedup incoming packets dispatch in case
of many connections working via the same tunnel. For example, in case
of full "client <-> LAC <-> LNS" setup.
yongari [Tue, 18 Mar 2008 02:17:36 +0000 (02:17 +0000)]
MFC if_bfe.c rev 1.44, if_bfereg.h rev 1.11 to RELENG_6:
Fix link state handling in bfe(4).
o conversion to callout(9) API.
o add a missing driver lock in bfe_ifmedia_sts().
o use our callout to drive watchdog timer.
o restart Tx routine if pending queued packets are present in
watchdog handler.
o unarm watchdog timer only if there are no queued packets.
o don't blindly reset phy and let phy driver handle link change
request in bfe_init_locked().
o return the status of mii_mediachg() to caller in
bfe_ifmedia_upd(). Previously it always returned 0 to caller.
o add check for IFF_DRV_RUNNING flag as well as IFF_DRV_OACTIVE
in bfe_start_locked().
o implement miibus_statchg method that keeps track of current
link state changes as well as negotiated speed/duplex/
flow-control configuration.
Reprogram MAC to appropriate duplex state. Flow-control
configuration was also implemented but commented out at the
moment. The flow-control configuration will be enabled again
after we have general flow-control framework in mii layer.
yongari [Tue, 18 Mar 2008 02:01:21 +0000 (02:01 +0000)]
MFC if_lge.c rev 1.53 to RELENG_6:
Plug memory leak in jumbo buffer allocation failure path.
Patch in the PR was modified to check active jumbo buffers in use
and other possible jumbo buffer leak.
Jumbo buffer usage in lge(4) still wouldn't be reliable due to lack
of driver lock in local jumbo buffer allocator. Either introduce
a new lock to protect jumbo buffer or switch to UMA backed page
allocator for jumbo frame is required.
I've removed informational device_printf in lge_free_jumbo_mem as
lge_dev member variable in softc does not exist on RELENG_6.
if_printf can't be used as sc->lge_ifp could be NULL.
yongari [Tue, 18 Mar 2008 01:33:47 +0000 (01:33 +0000)]
MFC: if_msk.c 1.30, if_msk.c 1.31 to RELENG_6
To overcome hardware checksum offload bug msk(4) used to compute
TCP/UDP checksum in driver for short frames. For frames that requires
hardware VLAN tag insertion, the checksum offload trick does not
work due to changes of checksum offset in mbuf after the VLAN tag.
Disable hardware checksum offload for VLAN interface to fix the bug.
yongari [Tue, 18 Mar 2008 01:27:15 +0000 (01:27 +0000)]
MFC: if_msk.c 1.29, if_mskreg.h 1.12 to RELENG_6
Workaround GMAC hardware hang of Yukon II on the receipt of pause
frames. This bug seems to happen on certain hardware model/revision
(e.g. 88E8053) but it's not identified which hardwares are affected.
Revision 1.4 of if_mskreg.h was not enough to workaround the bug.
To workaround it, inrease GMAC FIFO threshold by one FIFO word to
flush received pause frames.
emax [Tue, 18 Mar 2008 00:29:26 +0000 (00:29 +0000)]
MFC:
Add support for the NAP, GN and PANU profiles to the sdpd(8).
It should be mentioned that a somewhat similar patch was
submitted by Rako < rako29 at gmail dot com >
emax [Tue, 18 Mar 2008 00:26:01 +0000 (00:26 +0000)]
MFC:
Add structures to hold SDP parameters for the NAP, GN and PANU profiles.
It should be mentioned that a somewhat similar patch was submitted by
Rako < rako29 at gmail dot com >
rpaulo [Mon, 17 Mar 2008 19:57:21 +0000 (19:57 +0000)]
MFC r1.71:
Some PIIX4 chipsets need to be told to generate Stop Breaks by
setting
the appropriate bit in the DEVACTB register.
This change allows the C2 state on those systems to work as expected.
Reviewed by: njl
Submitted by: Andriy Gapon <avg at icyb.net.ua>
antoine [Mon, 17 Mar 2008 19:08:32 +0000 (19:08 +0000)]
MFC to RELENG_6
- Make Disk_Names() behave as documented in libdisk(3): return an array
of disk names, where you must free each pointer, as well as the array
by hand. [1]
- Destaticize "disks" in Disk_Names, it has no reasons to be static.
alfred [Sat, 15 Mar 2008 03:20:53 +0000 (03:20 +0000)]
In calcru, we make sure the thread's state is correct, however we
do not emit the thread or proc information making debugging this
assertion difficult.
Emit the thread/proc that caused the KASSERT to fail to ease debugging.
Note: this assert does not exist in later branches of FreeBSD.
emax [Fri, 14 Mar 2008 16:11:20 +0000 (16:11 +0000)]
MFC:
Add an option to register DUN (Dial-Up Networking) service on the same
RFCOMM channel if needed. There is really no good reason to not to support
this. AT-command exchange can be faked with chat script in ppp.conf.
emaste [Fri, 14 Mar 2008 15:25:44 +0000 (15:25 +0000)]
Honour mpsafe_vfs=0 in softdep_flush. This is basically a MFC of revision
1.206, except that Giant remains unconditionally acquired in the #ifdef
QUOTA case here (as QUOTA-enabled UFS on RELENG_6 is not MPSAFE).
> Change sysinstall's handling of X11 stuff. Doing it in pieces was
> probably the right thing to do a while ago but xorg has progressed
> to the point that for novice users (who are the ones expected to think
> installing X11 during an install...) it's best to just install the
> whole x11/xorg metaport for them. This removes the X11 sub-menus
> and sets it up so you just select whether or not you want X11. While
> here garbage collect an X11 configuration menu I missed removing when
> I removed support for attempting xorg configuration from inside sysinstall
> a while ago.
wollman [Thu, 13 Mar 2008 02:33:20 +0000 (02:33 +0000)]
MFC rev. 1.26:
stdio is currently limited to file descriptors not greater than
{SHRT_MAX}, so {STREAM_MAX} should be no greater than that. (This
does not exactly meet the letter of POSIX but comes reasonably close
to it in spirit.)
brooks [Wed, 12 Mar 2008 17:41:37 +0000 (17:41 +0000)]
Sync with current merging revs 1.27 and 1.31.
1.27:
Use get_if_var() to retrieve interface specific values of dhclient_flags
and background_dhclient. This allows interfaces who's names are not
valid parts of shell variables and shortens the code.
1.31:
When the state of the interface changes rapidly enough there is a race
where dhclient is in the process of exiting due to the link going down
when the link coming up causes devd to try and start a new one. This
results is the link being up, but no dhclient running.
Work around this race by checking a second time after a one second delay
before refusing to start a dhclient instance due to one already being
running.
mav [Tue, 11 Mar 2008 19:14:10 +0000 (19:14 +0000)]
MFC rev. 1.23-1.24
To avoid control data losses, do not acknowledge recieving of control packet
if netgraph reported error while delivering to destination.
Reset 'next send' counter to the last requested by peer on ack timeout,
to resend all subsequest packets after lost one again without additional hints.
mav [Tue, 11 Mar 2008 19:04:42 +0000 (19:04 +0000)]
MFC rev. 1.61
Send only one incoming notification at a time to reduce queue
trashing and improve performance.
Remove waitflag argument from ng_ksocket_incoming2(), it means nothing
as function call was queued by netgraph.
Remove node validity check, as node validity guarantied by netgraph.
Update comments.
mav [Mon, 10 Mar 2008 20:38:56 +0000 (20:38 +0000)]
MFC: rev. 1.148-1.149
Implement 128 items node name hash for faster name search.
Increase node ID hash size from 32 to 128 items.
Increase default queue items allocation limit from 512 to 4096 items
to avoid terrible unpredicted effects for netgraph operation of their
exhaustion while allocating control messages.
Add separate configurable 512 items limit for data items allocation
for DoS/overload protection.
Add pc98 specific code to adjust the firmware geometry when it differs
from the actual geometry. This enables support of disks larger than
~120GB on pc98 boxes.
rwatson [Mon, 10 Mar 2008 10:23:37 +0000 (10:23 +0000)]
Merge db_input.c:1.39 from HEAD to RELENG_6:
Reserve two bytes at the end of the DDB input line in db_readline() to
hold the newline and nul terminator. Otherwise, there are cases where
garbage may end up in the command history due to a lack of a nul
terminator, or input may end up without room for a newline.
PR: 119079
Submitted by: Michael Plass <mfp49_freebsd@plass-family.net>
mav [Sun, 9 Mar 2008 20:05:39 +0000 (20:05 +0000)]
MFC rev. 1.93-1.94
Make session ID generator to use session ID hash.
Make session ID generator thread-safe.
Use more compact LIST instead of TAILQ for session hash.
Add all listening hooks into LIST to simplify searches.
Use ng_findhook() instead of own equal implementation.
rwatson [Sun, 9 Mar 2008 14:50:28 +0000 (14:50 +0000)]
Merge db_input.c:1.38 from HEAD to RELENG_6:
When redrawing an input line, count backspaces to get to the beginning of
the input field from the current cursor location, rather than the end of
the input line, as the cursor may not be at the end of the line.
Otherwise, we may overshoot, overwriting a bit of the previous line and
failing to fully overwrite the current line.
PR: 119079
Submitted by: Michael Plass <mfp49_freebsd@plass-family.net>
'spi' and the return value of ntohl are unsigned. Remove the extra >=0
check which was always true.
Document the special meaning of spi values of 0 and 1-255 with a comment.
In case of failure we can directly return ENOBUFS because
'result' is still NULL and we do not need to free anything.
That allows us to gc the entire goto parts and a now unused variable.
Add a missing return so that we drop out in case of an error and
do not continue with a NULL pointer. [1]
While here change the return of the error handling code path above.
I cannot see why we should always return 0 there. Neither does KAME
nor do we in here for the similar check in all the other functions.
Looking at {ah,esp}_input_cb it seems we might be able to end up
without an mtag in ipsec4_common_input_cb.
So in case of !IPCOMP (AH,ESP) only change the m_tag_id if an mtag
was passed to ipsec4_common_input_cb.
MFC rev. 1.15 ipsec_input.c
Though we are only called for the three security protocols we can
handle, document those sprotos using an IPSEC_ASSERT so that it will
be clear that 'spi' will always be initialized when used the first time.
Implement ICMPv6 support in ipsec6_get_ulp().
This is needed to make security policies work correctly if ICMPv6 type
and/or code are given. See setkey(8) 'upperspec' para. for details.
rafan [Sat, 8 Mar 2008 05:42:52 +0000 (05:42 +0000)]
MFC termcap changes for the END/ENTER keys
Log:
- Remove kH and *6 from xterm. They are defined to the same key as @7 (kp_end)
As ncurses has the limitation that it returns the first matched key symbol,
you can not use END in ncurses based program, like mutt, with xterm.
- Add @8 (kp_enter) definition for xterm so you can use ENTER in xterm with
ncurses based program.
I also found that NetBSD's xterm does the same thing.
PR: 100150
Reported by: Arseny Nasokin <tarc at tarc.po.cs.msu.su>
Discussed with: Thomas Dickey, Ulrich Spoerlein <uspoerlein at gmail.com>
Reviewed by: freebsd-arch@
jhb [Fri, 7 Mar 2008 20:19:33 +0000 (20:19 +0000)]
MFC: VIA Padlock changes:
- Read the brand string from VIA/IDT CPUs.
- Add a VIA Padlock feature line in dmesg.
- Support the newer Via C7 core (0x6d0).
mtm [Thu, 6 Mar 2008 14:13:11 +0000 (14:13 +0000)]
MFC: rev. 1.32
Add the -M command-line option, which will set home directory
permissions. Works both in interactive or batch mode. This is
a heavily modified version of the patch submitted in the PR.
delphij [Thu, 6 Mar 2008 01:05:30 +0000 (01:05 +0000)]
MFC revision 1.5
date: 2008/02/16 00:16:49; author: delphij; state: Exp; lines: +2 -1
Allow underscore in domain names while resolving. While having underscore
is a violation of RFC 1034 [STD 13], it is accepted by certain name servers
as well as other popular operating systems' resolver library.
rwatson [Sun, 2 Mar 2008 14:54:48 +0000 (14:54 +0000)]
Conditionally acquire Giant based on debug.mpsafenet around entry points
from if_re taskqueue and other potentially Giant-free spots. If we don't
do this, Giant may not be held entering KAME IPSEC, etc.
This problem appeared in FreeBSD 6.2 as a result of a move to fast
interrupts, and does not exist in 7.x due to not having debug.mpsafenet.
PR: 118719
Reported by: Dan Lukes <dan at obluda dot cz>
Reviwed by: yongari
rwatson [Sat, 1 Mar 2008 14:52:06 +0000 (14:52 +0000)]
Merge mac_mls.c:1.99 from HEAD to RELENG_6:
Properly return the error from mls_subject_privileged() in the ifnet
relabel check for MLS rather than returning 0 directly.
This problem didn't result in a vulnerability currently as the central
implementation of ifnet relabeling also checks for UNIX privilege, and
we currently don't guarantee containment for the root user in mac_mls,
but we should be using the MLS definition of privilege as well as the
UNIX definition in anticipation of supporting root containment at some
point.
Submitted by: Zhouyi Zhou <zhouzhouyi at gmail dot com>
Sponsored by: Google SoC 2007
rwatson [Sat, 1 Mar 2008 11:45:14 +0000 (11:45 +0000)]
Merge netisr.h:1.34 from HEAD to RELENG_6:
Update netisr comment for the SMPng world order: netisr is no longer
implemented using the ISR facility, and cannot be triggered by calling
splnet()/splx().
rwatson [Sat, 1 Mar 2008 11:33:22 +0000 (11:33 +0000)]
Merge nfs_vnops.c:1.277 from HEAD to RELENG_6:
Remove hacks from the NFSv2/3 client intended to handle a lack of a
server-side RPC retranmission cache for non-idempotent operations: these
hacks substituted 0 (success) for the expected EEXIST in the event that
a target name already existed for LINK, SYMLINK, and MKDIR operations,
under the assumption that EEXIST represented a second application of the
original RPC rather than a true failure.
Background: certain NFS operations (in this case, LINK, SYMLINK, and
MKDIR) are not idempotent, as they leave behind persisting state on the
server that prevents them from being replayed without an error;if an UDP
RPC reply is lost leading to a retransmission by theclient, the second
reply will return EEXIST rather than success, asthe new object has
already been created. The NFS client previouslysilently mapped the
EEXIST return into success to paper over thisproblem.
However, in all modern NFS server implementations, a reply cache is kept
in order to retransmit the original reply to a retransmitted request,
rather than performing the operation a second time, allowing this hack
to be avoided. This allows link()-based filelocking over NFS to operate
correctly, as an application requestingthe creation of a new link for a
file to tell if it succeededatomically or not.
Other NFS clients, including Solaris and Linux, generally follow this
behavior for the same reasons. Most clients also now default to TCP,
which also helps avoid the issue of retransmitted but non-idempotent
requests in most cases.
Reported by: Adam McDougall <mcdouga9 at egr dot msu dot edu>,
Timo Sirainen <tss at iki dot fi>
Reviewed by: mohans
obrien [Tue, 26 Feb 2008 18:19:49 +0000 (18:19 +0000)]
Back out MFC of "eradicate caddr_t".
Turn's out Kris' suspisions were right - from a suttle code compatability
point of view. Robert Watson found that ARLA code had something like this:
typedef int (*foo_t)(caddr_t); ... foo_t fred;
The compile gets all snarky when it finds int fred(void *) { .. }.