Matt Jacob [Sat, 5 Dec 1998 00:47:25 +0000 (00:47 +0000)]
Roll to 1.15 f/w level for Qlogic 2100. Leave all flavors in, but control which
one gets compiled in by default. The default is private loop, non-expanded lun.
Archie Cobbs [Fri, 4 Dec 1998 22:54:57 +0000 (22:54 +0000)]
Examine all occurrences of sprintf(), strcat(), and str[n]cpy()
for possible buffer overflow problems. Replaced most sprintf()'s
with snprintf(); for others cases, added terminating NUL bytes where
appropriate, replaced constants like "16" with sizeof(), etc.
These changes include several bug fixes, but most changes are for
maintainability's sake. Any instance where it wasn't "immediately
obvious" that a buffer overflow could not occur was made safer.
Reviewed by: Bruce Evans <bde@zeta.org.au>
Reviewed by: Matthew Dillon <dillon@apollo.backplane.com>
Reviewed by: Mike Spengler <mks@networkcs.com>
Bill Paul [Fri, 4 Dec 1998 21:48:12 +0000 (21:48 +0000)]
Put back some missing chip identification code that got lost somehow
during a trek through RCS. The Macronix 98713 and 98713A both have the
same PCI device ID but different revision numbers, and we need to be
able to tell one from the other. The 98715 and 98715A chips have the
same device ID as the 98725 chip but different revision numbers, however
we lump them into the same category except when identifying them during
the PCI probe output.
The main reason we need tell the chips apart is that the Macronix app
notes say you have to write a special magic number into one of the
registers in order to put the chip in normal operating mode. The 98713
requires one magic value, while all the others require a different one.
Archie Cobbs [Fri, 4 Dec 1998 21:28:39 +0000 (21:28 +0000)]
Fix typo: "==" should have been "="
PR: 8280 (1/3 patches contained in this PR)
Reviewed by: Nate Williams <nate@mt.sri.com>
Submitted by: Sakari Jalovaara <sja@tekla.fi>
Bill Paul [Fri, 4 Dec 1998 18:01:24 +0000 (18:01 +0000)]
An early Christmas present: add driver support for a whole bunch of
PCI fast ethernet adapters, plus man pages.
if_pn.c: Netgear FA310TX model D1, LinkSys LNE100TX, Matrox FastNIC 10/100,
various other PNIC devices
if_mx.c: NDC Communications SOHOware SFA100 (Macronix 98713A), various
other boards based on the Macronix 98713, 98713A, 98715, 98715A
and 98725 chips
if_vr.c: D-Link DFE530-TX, other boards based on the VIA Rhine and
Rhine II chips (note: the D-Link and certain other cards
that actually use a Rhine II chip still return the PCI
device ID of the Rhine I. I don't know why, and it doesn't
really matter since the driver treats both chips the same
anyway.)
if_wb.c: Trendware TE100-PCIE and various other cards based on the
Winbond W89C840F chip (the Trendware card is identical to
the sample boards Winbond sent me, so who knows how many
clones there are running around)
All drivers include support for ifmedia, BPF and hardware multicast
filtering.
Also updated GENERIC, LINT, RELNOTES.TXT, userconfig and
sysinstall device list.
I also have a driver for the ASIX AX88140A in the works.
Doug Rabson [Fri, 4 Dec 1998 10:52:48 +0000 (10:52 +0000)]
Implement 'software completion' for floating point arithmetic. On the
alpha, operations involving non-finite numbers or denormalised numbers
or operations which should generate such numbers will cause an arithmetic
exception. For programs which follow some strict code generation rules,
the kernel trap handler can then 'complete' the operation by emulating
the faulting instruction.
To use software completion, a program must be compiled with the arguments
'-mtrap-precision=i' and '-mfp-trap-mode=su' or '-mfp-trap-mode=sui'.
Programs compiled in this way can use non-finite and denormalised numbers
at the expense of slightly less efficient code generation of floating
point instructions. Programs not compiled with these options will receive
a SIGFPE signal when non-finite or denormalised numbers are used or
generated.
John Birrell [Thu, 3 Dec 1998 23:02:03 +0000 (23:02 +0000)]
Add __attribute__ ((unused)) to the SYSINIT etc macros which declare
static structures that are used with the data set magic. This allows
kernel modules, for example, to be compiled with -Wall -Werror.
Matthew Dillon [Thu, 3 Dec 1998 20:23:21 +0000 (20:23 +0000)]
Reviewed by: freebsd-current
Add ICMP_BANDLIM option and 'net.inet.icmp.icmplim' sysctl. If option
is specified in kernel config, icmplim defaults to 100 pps. Setting it
to 0 will disable the feature. This feature limits ICMP error responses
for packets sent to bad tcp or udp ports, which does a lot to help the
machine handle network D.O.S. attacks.
The kernel will report packet rates that exceed the limit at a rate of
one kernel printf per second. There is one issue in regards to the
'tail end' of an attack... the kernel will not output the last report
until some unrelated and valid icmp error packet is return at some
point after the attack is over. This is a minor reporting issue only.
Matthew Dillon [Thu, 3 Dec 1998 07:22:44 +0000 (07:22 +0000)]
Reviewed by: "Jordan K. Hubbard" <jkh@zippy.cdrom.com>, cvs-all@freebsd.org
Add '-g' main option to cvs to better support shared-group access
to a common checked-out *working* set by multiple users. See manual
page for details.
Julian Elischer [Thu, 3 Dec 1998 02:27:35 +0000 (02:27 +0000)]
Reviewed by: Don Lewis <Don.Lewis@tsc.tdk.com>
Submitted by: Kirk McKusick <mckusick@McKusick.COM>
Obtained from: Mckusick, BSDI and a host of others
This exactly matches Kirks sources imported under the
Tag MCKUSICK2. These are as supplied by kirk with one small
change needed to compile under freeBSD.
Some FreeBSD patches will be added back, though many have been
added to Kirk's sources already.
Julian Elischer [Wed, 2 Dec 1998 20:53:40 +0000 (20:53 +0000)]
Latest version of fsck from the folks at EX-CSRG specifically Kirk Mckusick.
Don Lewis and Kirk have merges nearly all FreeBSD Fixes into Kirks sources
so there is very little that needs to be re-merged.
Matthew Dillon [Wed, 2 Dec 1998 19:59:24 +0000 (19:59 +0000)]
Since we do not pre-create /etc/namedb/s, add additional documentation
to the comments in named.conf to describe to the user how to create it.
(named.conf does not use /etc/namedb/s by default anyway so us not
pre-created it in the mtree does not hurt us terribly).
"Fix" a problem with the Quantum Viking. It appears that this drive does
not like the 6-byte read and write commands! It returns illegal request,
with the field pointer pointing to byte 9 of a 6 byte CDB.
In any case, the work around is to put in a quirk mechanism that makes sure
that we don't send 6-byte reads or writes to this device. It's rather sad
that this is necessary. You'd think that they would be able to get
something that basic to work right in their firmware...
Reviewed by: gibbs
Reported by: Adam McDougall <bsdx@spawnet.com>
Use /sbin/nologin as shell for operator
Replace non-existent directory for operator with /
Supply by default operator with non-existent but can be created directory
and /bin/csh is kinda security risk
Doug Rabson [Wed, 2 Dec 1998 10:24:56 +0000 (10:24 +0000)]
Restore the user HAE all the time, not just when returning to usermode.
This closes a very small window where the use HAE might not be restored
at all. This only happens when switching to a process which has used the
HAE.
KATO Takenori [Wed, 2 Dec 1998 08:15:17 +0000 (08:15 +0000)]
- For some old Cyrix CPUs, %cr2 is clobbered by interrupts. This
problem is worked around by using an interrupt gate for the page
fault handler. This code was originally made for NetBSD/pc98 by
Naofumi Honda <honda@kururu.math.sci.hokudai.ac.jp> and has already
been in PC98 tree. Because of this bug, trap_fatal cannot show
correct page fault address if %cr2 is obtained in this function.
Therefore, trap_fatal uses the value from trap() function.
- The trap handler always enables interruption when buggy application
or kernel code has disabled interrupts and then trapped. This code
was prepared by Bruce Evans <bde@FreeBSD.org>.
Submitted by: Bruce Evans <bde@FreeBSD.org>
Naofumi Honda <honda@kururu.math.sci.hokudai.ac.jp>
*thwap* - move id driver to blkdev from cdev list; it's obviously
going to want a major number from that list instead. Also use the
same preallocated local range (500-600) for blkdevs as well as cdevs,
just to be orthogonal. The latter was for Brian, who has a *lot*
of local device drivers and needs more than just a single reserved
number.
Matthew Dillon [Tue, 1 Dec 1998 22:01:59 +0000 (22:01 +0000)]
comsat sandbox prevents biff/comsat from being able to print partial
mailbox contents. comsat instead simply prints that new mail is
available. Add appropriate comment to inetd.conf but leave comsat in
sandbox.
Matthew Dillon [Tue, 1 Dec 1998 21:36:33 +0000 (21:36 +0000)]
Reviewed by: freebsd-current, freebsd-security
Adjust rc.conf to run named in sandbox, adjust mtree to add /etc/namedb/s
subdirectory (user bind, group bind) to hold secondaries, adjust
comments in named.conf to reflect new secondary scheme. (Note that
core read-only zone files are left owned by root, increasing security even
more).
Matthew Dillon [Tue, 1 Dec 1998 21:19:49 +0000 (21:19 +0000)]
Added group bind(53), added sandbox users tty(4), kmem(5), and bind(53),
adjustd inetd.conf to run comsat and ntalk from tty sandbox, and
the (commented out) ident from the kmem sandbox.
Note that it is necessary to give each group access it's own uid to
prevent programs running under a single uid from being able to gdb
or otherwise mess with other programs (with different group perms) running
under the same uid.
Matthew Dillon [Tue, 1 Dec 1998 21:12:57 +0000 (21:12 +0000)]
Reviewed by: freebsd-current, freebsd-security
Removed getuid() root check so ntalkd can be run from a tty sandbox.
It isn't suid root anyway, who knows why the getuid() check was even
in there in the first place!
Matthew Dillon [Tue, 1 Dec 1998 06:35:06 +0000 (06:35 +0000)]
Added reference to mdoc(7) and mdoc.samples(7) to the bottom of
man(1). The man manual page is the obvious first place that people
who are trying to write manual pages look.
Nate Williams [Mon, 30 Nov 1998 20:25:37 +0000 (20:25 +0000)]
- Fix modulo bug that was masked by the correct code in libgcc.a which is
used in almost all programs unless a shared library specifically
ignores libgcc.a.
Make the previous behaviour the default, add a sysctl which you
can set if your hw/sw produces the "calcru negative..." message.
Setting the alternate method (sysctl -w kern.timecounter.method=1)
makes the the get{nano|micro}*() functions call the real thing at
resulting in a measurable but minor overhead.
I decided to NOT have the "calcru" change the method automatically
because you should be aware of this problem if you have it.
The problems currently seen, related to usleep and a few other corners
are fixed for both methods.
Robert Nordier [Sun, 29 Nov 1998 14:09:00 +0000 (14:09 +0000)]
Drop EDD support detection, though retain configurable use of disk
packet interface. Add booteasy-style F5 support. Add no-update
option. Implement various space optimizations and consistency fixes.
Bruce Evans [Sun, 29 Nov 1998 12:00:06 +0000 (12:00 +0000)]
Fixed English in previous commit. Clarify "lexicographical order".
Don't format paragraphs manually (new sentences not beginning on new
lines give hard-formatted line breaks).