Maxime Henrion [Tue, 30 Sep 2003 20:34:57 +0000 (20:34 +0000)]
Define a new __GNUC_PREREQ__(maj, min) to test if we have a specific
version of GCC or later and use it where appropriate. It makes this
file more readable.
Revert 1.24. It causes a hang on shutdown for Marcel. This is due to
AcpiEnterSleepState() calling a long AcpiOsStall() with interrupts
disabled. This fix will instead be added to ACPI-CA.
Jeff Roberson [Tue, 30 Sep 2003 08:11:36 +0000 (08:11 +0000)]
- On my Pentium4-M laptop, invalpg takes ~1100 cycles if the page is found in
the TLB and ~1600 if it is not. Therefore, it is more effecient to
invalidate the TLB after operations that use CMAP rather than before.
- So that the tlb is invalidated prior to switching off of a processor, we
must change the switchin functions to switchout functions.
- Remove td_switchout from the thread and move it to the x86 pcb.
- Move the code that calls switchout into swtch.s. These changes make this
optimization truely x86 specific.
Sam Leffler [Tue, 30 Sep 2003 04:46:08 +0000 (04:46 +0000)]
Correct pfil_run_hooks return handling: if the return value is non-zero
then the mbuf has been consumed by a hook; otherwise beware of a null
mbuf return (gack). In particular the bridge was doing the wrong thing.
While in the ipv6 code make it's handling of pfil_run_hooks identical
to netbsd.
Pointed out by: Pyun YongHyeon <yongari@kt-is.co.kr>
Sam Leffler [Mon, 29 Sep 2003 22:57:43 +0000 (22:57 +0000)]
MFp4: portability work, general cleanup, locking fixes
change 38496
o add ipsec_osdep.h that holds os-specific definitions for portability
o s/KASSERT/IPSEC_ASSERT/ for portability
o s/SPLASSERT/IPSEC_SPLASSERT/ for portability
o remove function names from ASSERT strings since line#+file pinpints
the location
o use __func__ uniformly to reduce string storage
o convert some random #ifdef DIAGNOSTIC code to assertions
o remove some debuggging assertions no longer needed
change 38498
o replace numerous bogus panic's with equally bogus assertions
that at least go away on a production system
change 38502 + 38530
o change explicit mtx operations to #defines to simplify
future changes to a different lock type
change 38531
o hookup ipv4 ctlinput paths to a noop routine; we should be
handling path mtu changes at least
o correct potential null pointer deref in ipsec4_common_input_cb
chnage 38685
o fix locking for bundled SA's and for when key exchange is required
change 38770
o eliminate recursion on the SAHTREE lock
change 38804
o cleanup some types: long -> time_t
o remove refrence to dead #define
change 38805
o correct some types: long -> time_t
o add scan generation # to secpolicy to deal with locking issues
change 38806
o use LIST_FOREACH_SAFE instead of handrolled code
o change key_flush_spd to drop the sptree lock before purging
an entry to avoid lock recursion and to avoid holding the lock
over a long-running operation
o misc cleanups of tangled and twisty code
There is still much to do here but for now things look to be
working again.
Robert Watson [Mon, 29 Sep 2003 20:53:19 +0000 (20:53 +0000)]
Add a new column to the procfs map to hold the name of the mapped
file for vnode mappings. Note that this uses vn_fullpath() and may
be somewhat unreliable, although not too unreliable for shared
libraries. For non-vnode mappings, just print "-" for the field.
Robert Watson [Mon, 29 Sep 2003 18:35:17 +0000 (18:35 +0000)]
If the struct mac copied into the kernel has a negative length, return
EINVAL rather than failing the following malloc due to the value being
too large.
If we fail to complete configuring a subdisk because of some error,
make sure we return any allocated space to the drive. This should get
rid of a number of inconsistencies (hopefully all) that have been seen
after configuration errors.
If asked to stall for more than 100 us (which is specified as the max in
the ACPI standard), call sleep instead since that is probably what the
caller meant.
According to information from the Ministry of Health, Labour and Welfare,
Japanese national holidays have been revised, and Respect-for-the-Aged Day
will be on the third Monday of September from 2003 on.
I don't know from where the notion that device driver should or
even could call VOP_REVOKE() on vnodes associated with its dev_t's
has originated, but it stops right here.
If there are things people belive destroy_dev() needs to learn how to
do, please tell me about it, preferably with a reproducible test case.
Include <sys/uio.h> in bluetooth code rather than rely on <sys/vnode.h>
to do so.
The fact that some of the USB code needs to include <sys/vnode.h>
still disturbs me greatly, but I do not have time to chase that.
Don't explicitly initialize d_maj in the cdevsw with MAJOR_AUTO, as
per the intentions of conf.h, rev 1.176. This change is a no-op as
MAJOR_AUTO equals to 0.
Bruce Evans [Sun, 28 Sep 2003 13:12:26 +0000 (13:12 +0000)]
Removed some nearly dead code in comparam(). We don't need to recover
from fiddling with CS_TTGO since fiddling with CS_TTGO was removed in
rev.1.218 of the i386/isa version (which was merged with loss of history
in rev.1.223 of this version).
Bruce Evans [Sun, 28 Sep 2003 06:02:33 +0000 (06:02 +0000)]
Reworked rev.1.14. Use the ELF symbol type again to summarily reject
some symbols in X_db_search_symbol(). Reject the same symbols that
rev.1.13 did (all except STT_OBJECT and STT_FUNC), except don't reject
typeless symbols. This keeps the typeless symbols in non-verbosely
written assembler code visible, but makes file symbols invisible. ELF
file symbols have type STT_FILE and value 0, so this stops small values
and offsets sometimes being displayed in terms of the first file symbol
in the kernel (usually device_if.c). I think it rejects some other
unwanted symbols (small absolute symbols for things like struct offsets).
It may reject some wanted symbols (large absolute symbols for addresses
like PTmap).
Add a "low" console priority. This specifies that the console device
may have limited functionality and should only be used as a last resort,
perhaps only to tell the user that they should be using something else.
Drop any and all support for varargs. There's no history to worry
about because we're still tier 2 and our current compiler, as well
as future compilers will not support varargs. This is mostly a
no-op in practice, because <sys/varargs.h> should already cause
compile failures.
Robert Watson [Sun, 28 Sep 2003 05:21:23 +0000 (05:21 +0000)]
Tweak "system security profiles:
(1) Don't modify the configuration of the NFS server as a result of
selecting a profile. We already explicitly prompt for the NFS
server configuration during install, and the user may not get
much advance notice that we're turning it off again. Instead,
use profiles (for better or for worse) only for security tuning.
(2) Don't modify the sendmail setting as part of the security profile:
use the default from /etc/defaults/rc.conf rather than explicitly
specifying. Note that the default in /etc/defaults/rc.conf is
more conservative than the explicit rc.conf entry added by
sysinstall during install, as it does not permit SMTP delivery.
(3) Update "congratulations on your profile" text to reflect these
changes.
Note that security profiles now affect only the securelevel and sshd
settings. My leaning would be to make sshd an explicit configuration
option, move securelevels to the security menu, and drop security
profiles entirely. However, that requires more plumbing of sendmail
than I'm currently willing to invest.
We may want to add a "permit SMTP delivery" question to the install
process.
Having had to spend several hours today figuring out just what it is that
VOP_GETPAGES() is supposed to do, share the results with everyone who isn't
Alan Cox.
Relink libc_r.a, libc_r.so and libc_r_p.so from libthr to libkse.
On ia64, where there's no libc_r at all, libkse is now the default
thread library by virtue of these links.
The reasons for this change are:
1. libkse is slated to become the default thread library anyway,
2. active development and maintenance is only present for libkse,
3. GNOME and KDE, both in the process of being supported on ia64,
work better with KSE; even on ia64.
Part 2 of implementing rstacks: add the ability to create rstacks and
use the ability on ia64 to map the register stack. The orientation of
the stack (i.e. its grow direction) is passed to vm_map_stack() in the
overloaded cow argument. Since the grow direction is represented by
bits, it is possible and allowed to create bi-directional stacks.
This is not an advertised feature, more of a side-effect.
Fix a bug in vm_map_growstack() that's specific to rstacks and which
we could only find by having the ability to create rstacks: when
the mapped stack ends at the faulting address, we have not actually
mapped the faulting address. we need to include or cover the faulting
address.
Note that at this time mmap(2) has not been extended to allow the
creation of rstacks by processes. If such a need arises, this can
be done.
Warner Losh [Sat, 27 Sep 2003 22:17:37 +0000 (22:17 +0000)]
Two minor fixes:
o It is the /usr/include files, not the /usr include files.
o Document the practice of converting to the c99 standard uintXX_t
form from the older, but non-standard, BSD-style u_intXX_t. This
has been going on in the tree for a while now, and I've heard other
developers also state that this conversion is happening. Note also
that this is a slow process and should be treated like whitespace
changes.
- Add the Dell PERC 4/Di to the list of supported devices; it
has been supported for the last 10 months. [1]
- Make the device list compact, since it is getting rather large.
Reported by: David Magda <dmagda@magda.ca> [1]
MFC after: 2 weeks
Robert Watson [Sat, 27 Sep 2003 17:44:41 +0000 (17:44 +0000)]
Disable #define DEBUG in libdisk by default: since libdisk is primarily
there to support sysinstall, and enabling DEBUG creates spurious
console output that can't be read anyway... This slightly cleans up
the visual impression of the system install by not spamming the console
during the labeling of the disks.
Maxime Henrion [Sat, 27 Sep 2003 13:50:47 +0000 (13:50 +0000)]
A number of fixes/enhancements for the ipfilter rc script:
- Use a more robust check to determine if we need to load ipl.ko.
- Don't try to run ipf -E if ipfilter is already enabled. Look at
the net.inet.ipf.fr_running sysctl to figure this out. This fixes
a warning message about ipfilter being already initialized.
- Only one ipf -E command is needed. We don't need an extra one for
the -6 case which would only print a warning message about ipfilter
being already initialized.
- Fix one occurence where we were running /sbin/ipf directly without
using the ${ipfilter_program} variable if set.
- In ipfilter_stop(), don't try to save the firewall state tables if
ipfilter is disabled. Similarly, don't try to disable it if it's
already disabled. This fixes some more error messages.
Introduce no_poll() default method for device drivers. Have it
do exactly the same as vop_nopoll() for consistency and put a
comment in the two pointing at each other.
Retire seltrue() in favour of no_poll().
Create private default functions in kern_conf.c instead of public
ones.
Change default strategy to return the bio with ENODEV instead of
doing nothing which would lead the bio stranded.
Retire public nullopen() and nullclose() as well as the entire band
of public no{read,write,ioctl,mmap,kqfilter,strategy,poll,dump}
funtions, they are the default actions now.
Move the final two trivial functions from subr_xxx.c to kern_conf.c
and retire the now empty subr_xxx.c
Bruce Evans [Sat, 27 Sep 2003 12:40:23 +0000 (12:40 +0000)]
MFsio (sio.c 1.413: cleaned up and fixed setting of speeds in comparam()).
This is just a cleanup here (modulo rev.1.108 of kern/tty.c), since the
input speed can be different from to output speed and extra code to
handle both speeds naturally handled all cases.
Bruce Evans [Sat, 27 Sep 2003 11:13:59 +0000 (11:13 +0000)]
Cleaned up and fixed setting of speeds in comparam():
- Removed conversion of a zero input speed to the output speed. This
has been done better in ttioctl() since rev.1.108 of kern/tty.c
almost 5 years ago. comparam() did the conversion incompletely for
the case where the output speed is also zero. It had complications
to avoid using zero speeds, but would still have used a zero input
speed for setting watermarks if kern/tty.c had passed one.
- Never permit the input speed to be different from the output speed.
There was no validity check on the input speed for the case of a zero
output speed. Then we didn't change the physical speeds, but we used
the unvalidated input speed for setting watermarks and didn't return
an error, so ttioctl() stored the unvalidated input speed in the tty
struct where it could cause problems later.
- Removed complications that were to avoid using a divisor of 0. The
divisor is now always valid if the speed is accepted.
Bruce Evans [Sat, 27 Sep 2003 10:30:03 +0000 (10:30 +0000)]
Quick fix for bitrot in locking in the SMP case. cd_getreg() and
cd_setreg() were still using !(read_eflags() & PSL_I) as the condition
for the lock hidden by COM_LOCK() (if any) being held. This worked
when spin mutexes and/or critical_enter() used hard interrupt disablement,
but it has caused recursion on the non-recursive mutex com_mtx since
all relevant interrupt disablement became soft. The recursion is
harmless unless there are other bugs, but it breaks an invariant so
it is fatal if spinlocks are witnessed.