rwatson [Mon, 3 May 2004 20:53:05 +0000 (20:53 +0000)]
Add MAC_STATIC, a kernel option that disables internal MAC Framework
synchronization protecting against dynamic load and unload of MAC
policies, and instead simply blocks load and unload. In a static
configuration, this allows you to avoid the synchronization costs
associated with introducing dynamicism.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, McAfee Research
pjd [Mon, 3 May 2004 18:29:54 +0000 (18:29 +0000)]
Add regression tests for GEOM Gate:
- test-1.sh - Tests ggatec(8) and ggated(8) on lo0.
- test-2.sh - Tests ggatel(8) on a regular file.
- test-3.sh - Tests ggatel(8) on a md(4) device.
pjd [Mon, 3 May 2004 18:24:41 +0000 (18:24 +0000)]
Don't repeat handshake.
This little thing can cause a deadlock, because taste mechanism start
to work after creation of ggate provider and I/O requests are sent from
other classes from the g_event thread, so number of pending events isn't 0.
Now ggatec(8) start second handshake and ggated(8) is trying to open
GEOM provider (for example md(4)) and it can't, because it hangs on
g_waitidle() in g_dev_open(). g_waitidle() cannot finish because
there is a pending read on event queue, and this read can't be
finished, because ggated(8) can't open target device.
GEOM Gate will recover from this deadlock, because requests will
timeout, but it of course isn't the best solution and I don't know
better one for now, so we should avoid opening GEOM providers while
there are pending requests in event queue.
pjd [Mon, 3 May 2004 18:06:24 +0000 (18:06 +0000)]
- Hold g_gate_list_mtx lock while generating/checking unit number.
Found by: mtx_assert() g_gate.c:273
- Set command before returning to userland with ENOMEM error value.
Found by: assert() ggatel.c:108
jhb [Mon, 3 May 2004 14:52:41 +0000 (14:52 +0000)]
- Add an IMEN_MASK macro that returns the 8-bit bitmask of an atpic
interrupt source.
- Only do an outb() to the PIC to clear a bit in imen if the bit is set.
- Add a NUM_ISA_IRQS macro to replace uglier
'sizeof(array) / sizeof(member)' expressions along with a CTASSERT() to
ensure that the macro is correct.
jhb [Mon, 3 May 2004 14:49:10 +0000 (14:49 +0000)]
Use a private attach method for the MP Table host-PCI bridge driver rather
than using legacy_pcib_attach(). The MP Table drivers don't use the $PIR,
and the legacy_pcib_attach() function probes and parses the $PIR in
addition to adding the pci bus child device.
andre [Mon, 3 May 2004 13:52:47 +0000 (13:52 +0000)]
Optimize IP fastforwarding some more:
o New function ip_findroute() to reduce code duplication for the
route lookup cases. (luigi)
o Store ip_len in host byte order on the stack instead of using
it via indirection from the mbuf. This allows to defer the host
byte conversion to a later point and makes a quicker fallback to
normal ip_input() processing. (luigi)
o Check if route is dampned with RTF_REJECT flag and drop packet
already here when ARP is unable to resolve destination address.
An ICMP unreachable is sent to inform the sender.
o Check if interface output queue is full and drop packet already
here. No ICMP notification is sent because signalling source quench
is depreciated.
o Check if media_state is down (used for ethernet type interfaces)
and drop the packet already here. An ICMP unreachable is sent to
inform the sender.
o Do not account sent packets to the interface address counters. They
are only for packets with that 'ia' as source address.
andre [Mon, 3 May 2004 13:48:35 +0000 (13:48 +0000)]
Link state change notification of ethernet media to the routing socket.
o Extend the if_data structure with an ifi_link_state field and
provide the corresponding defines for the valid states.
o The mii_linkchg() callback updates the ifi_link_state field
and calls rt_ifmsg() to notify listeners on the routing socket
in addition to the kqueue KNOTE.
o If vlans are configured on a physical interface notify and update
all vlan pseudo devices as well with the vlan_link_state() callback.
No objections by: sam, wpaul, ru, bms
Brucification by: bde
thomas [Mon, 3 May 2004 12:03:15 +0000 (12:03 +0000)]
Add 'device ata' to the kernel configuration excerpt in EXAMPLE section.
Update mount example to use /dev/cd0 instead of /dev/cd0c.
Update copyright notice.
marcel [Mon, 3 May 2004 00:10:59 +0000 (00:10 +0000)]
Catch- and cleanup:
o Fix and improve comments and references,
o Add PFIL_HOOKS, UFS_ACL and UFS_DIRHASH,
o Switch from SCHED_4BSD to SCHED_ULE,
o Remove SCSI_DELAY (there's no SCSI support),
obrien [Sun, 2 May 2004 23:07:49 +0000 (23:07 +0000)]
Gzip assumes 'unsigned long' is 32-bits wide and depends on this.
One thing Gzip does is implicitly by store the size of a file into an
'unsigned long' rather than explicitly compute the remainder modulo 2^32
(see RFC 1952 section 2.3.1 "ISIZE"). Thus an extracted file size is
does not equal the original size (mod 2^32) for files larger than 4GB.
This manifests itself in errors such as:
zcat: bigfile.gz: invalid compressed data--length error
dhartmei [Sun, 2 May 2004 20:47:24 +0000 (20:47 +0000)]
Commit three imported bugfixes from OpenBSD 3.4-stable:
- change pf_get_pool() argument rule_number type from u_int32_t
to u_int8_t, fixes corruption of address pools with large
rulesets (mcbride@)
- prevent endless loops with route-to (dhartmei@)
- limit option length to 2 octets max (frantzen@)
marcel [Sun, 2 May 2004 17:38:27 +0000 (17:38 +0000)]
Fix release builds (release.3 target). We also need to rebuild libradius,
because otherwise it will remain having a dependency upon libssl. This
breaks the non-crypto build that happens for release.3
While here, order the list of programs and libraries.
darrenr [Sun, 2 May 2004 15:07:37 +0000 (15:07 +0000)]
oops, I forgot this file in a prior commit (change was still sitting here,
uncommitted):
Rename ip_claim_next_hop() to m_claim_next_hop(), give it an extra arg
(the type of tag to claim) and push it out of ip_var.h into mbuf.h
alongside all of the other macros that work ok mbuf's and tag's.
tjr [Sun, 2 May 2004 11:25:37 +0000 (11:25 +0000)]
Treat filenames as multibyte character strings (according to the current
LC_CTYPE setting) when determining which characters are printable.
This is an often-requested feature.
Use wcwidth() to determine the number of column positions a character
takes up, although there are still a few places left where we assume
1 byte = 1 column position, e.g. line-wrapping when handling the -m option.
The error handling here is somewhat more complicated than usual: we do
our best to show what we can of a filename in the presence of conversion
errors, instead of simply aborting.
das [Sun, 2 May 2004 10:55:07 +0000 (10:55 +0000)]
Add option NO_FP_LIBC, which disables floating-point support in
*printf() and *scanf(). Currently, this reduces the size of libc.so
by 9K on i386. But the real savings are for static binaries that use
*printf() or *scanf() but not strtod(); with an FP-disabled libc,
these binaries will not depend on the gdtoa routines, making each
binary about 22K smaller.
das [Sun, 2 May 2004 10:55:06 +0000 (10:55 +0000)]
- To make it easier to compile *printf() and *scanf() without
floating-point support, remove default definition of FLOATING_POINT
from the source, and change the compile-time option to
NO_FLOATING_POINT.
- Remove the HEXFLOAT option. It saves an insignificant amount of
space (<0.1% of the size of libc on i386) and complicates vfprintf()
and checkfmt().
das [Sun, 2 May 2004 10:55:05 +0000 (10:55 +0000)]
When *printf() and *scanf() are compiled without floating-point
support, fmtcheck() should not accept format strings that contain
floating-point formats.
smkelly [Sun, 2 May 2004 07:07:54 +0000 (07:07 +0000)]
- style(9) improvements courtesy of bde.
- Revise the former commit to behave nicer on filenames containing
multiple '.' characters.
- Prevent the generation of macros starting with "__".
darrenr [Sun, 2 May 2004 06:36:30 +0000 (06:36 +0000)]
Rename ip_claim_next_hop() to m_claim_next_hop(), give it an extra arg
(the type of tag to claim) and push it out of ip_var.h into mbuf.h alongside
all of the other macros that work ok mbuf's and tag's.
bde [Sun, 2 May 2004 05:21:29 +0000 (05:21 +0000)]
Switch to using the moved cy driver (adjust pathnames and remove "count"
parameter).
Keep using it only in the i386 NOTES for now. It is fairly MI, but it
doesn't use bus-space and has a couple of i386 i/o instructions in pci
intitialization.
scottl [Sun, 2 May 2004 03:33:18 +0000 (03:33 +0000)]
Remove the defAlignLong and getAlignLong macros. I guess that the original
intent was to make sure that message structs allocated off of the stack were
4-byte aligned. However, the macros as defined did absolutely nothing.
And since I2O forces you to manually copy messages down to the hardware, there
really is no point of enforced alignment anyways.
kientzle [Sun, 2 May 2004 00:43:02 +0000 (00:43 +0000)]
A security issue: An archive containing a symlink to another
directory, then a file with that symlink as a prefix can drop a file
outside of the current directory, which can be a security hole.
Plug this hole by refusing to extract files if a prefix of the
pathname is a symlink. The -P option disables this check.
scottl [Sun, 2 May 2004 00:27:54 +0000 (00:27 +0000)]
Remove the bogus printing of the asr control device major number. Also
rename the control device from rasr%d to asr%d. This starts us down the
path of divorcing ourselves from a very bogus design in the management
apps. Since the apps are open source now, they will likely be updated
and fixed before 5.3.
marcel [Sat, 1 May 2004 18:17:23 +0000 (18:17 +0000)]
Build gpt(8) on all platforms, except sparc64. Currently gpt(8) is
not endian agnostic and thus will create big-endian GPTs on sparc64.
This we don't support. So, before gpt(8) can be used on a big-endian
machine, it has to deal with the endianness.
bde [Sat, 1 May 2004 18:09:16 +0000 (18:09 +0000)]
Adjust pathnames for the move from i386/isa to dev/cy.
Adjust staticness and a variable name for the split of cy.c into cy.c and
cy_isa.c. Use the new header required for the split to avoid repeating
declarations in cy_pci.c.
bde [Sat, 1 May 2004 17:44:03 +0000 (17:44 +0000)]
New header for exporting declarations of things not closely related to
hardware. A couple of the declarations were misplaced in cy_pci.c, and
cy_isa.c needs a couple more. The exported interfaces should be cleaner.
bde [Sat, 1 May 2004 17:21:07 +0000 (17:21 +0000)]
Removed bits related to isa configuration. These have been moved to
cy_isa.c via a repo-copy of this file (except for some static declarations
which will become non-static in a new header).
scottl [Sat, 1 May 2004 05:56:57 +0000 (05:56 +0000)]
Remove ASR_get_sc() and reference the softc in the dev_t. For some nefarious
reason, the I2O protocol requires knowledge of all I2O devices in the system,
so we can't get rid of the evil linked-list of softc's yet.