Robert Watson [Tue, 20 Feb 2007 10:20:03 +0000 (10:20 +0000)]
Rename two identically named log_in_vain variables: tcp_input.c's static
log_in_vain to tcp_log_in_vain, and udp_usrreq's global log_in_vain to
udp_log_in_vain.
Robert Watson [Tue, 20 Feb 2007 00:06:59 +0000 (00:06 +0000)]
Sync up PRIV_IPC_{ADMIN,READ,WRITE} priv checks in ipcperm() with
kern_jail.c: allow jailed root these privileges. This only has an
effect if System V IPC is administratively enabled for the jail.
Robert Watson [Mon, 19 Feb 2007 22:59:23 +0000 (22:59 +0000)]
Restore sysv_ipc.c:1.30, which was backed out due to interactions with
System V shared memory, now believed fixed in sysv_shm.c:1.109:
date: 2006/11/06 13:42:01; author: rwatson; state: Exp; lines: +65 -37
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges. These may
require some future tweaking.
Sponsored by: nCircle Network Security, Inc.
Obtained from: TrustedBSD Project
Discussed on: arch@
Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri,
Alex Lyashkov <umka at sevcity dot net>,
Skip Ford <skip dot ford at verizon dot net>,
Antoine Brodin <antoine dot brodin at laposte dot net>
This restores fine-grained privilege support to System V IPC.
Robert Watson [Mon, 19 Feb 2007 22:56:10 +0000 (22:56 +0000)]
Remove call to ipcperm() in shmget_existing(). The flags argument is
ignored on other systems I investigated when accessing an existing
memory segment rather than creating a new one. This call to ipcperm()
is the only one to pass in a complete mode flag to the permission
checks rather than a simple access request mask, and caused problems
for the revised ipcperm() based on the priv(9) interface, which can
now be restored.
Nate Lawson [Mon, 19 Feb 2007 22:49:43 +0000 (22:49 +0000)]
Note problems I had with bsnmpd while updating from an older -current.
There may be better ways to fix/work around these issues but this worked
for me.
Robert Watson [Mon, 19 Feb 2007 13:33:10 +0000 (13:33 +0000)]
Rename three quota privileges from the UFS privilege namespace to the
VFS privilege namespace: exceedquota, getquota, and setquota. Leave
UFS-specific quota configuration privileges in the UFS name space.
This renumbers VFS and UFS privileges, so requires rebuilding modules
if you are using security policies aware of privilege identifiers.
This is likely no one at this point since none of the committed MAC
policies use the privilege checks.
Robert Watson [Mon, 19 Feb 2007 13:25:17 +0000 (13:25 +0000)]
Do allow bypass of mac_seeotheruids in jail in order to be consistent
with other uses of PRIV_SEEOTHERUIDS. This will automatically be
scoped to the jail by the jail policy.
Robert Watson [Mon, 19 Feb 2007 13:22:36 +0000 (13:22 +0000)]
Use priv_check(9) instead of suser(9) for checking the privilege to
set real-time priority on a thread. It looks like this suser(9)
call was introduced after my first pass through replacing superuser
checks with named privilege checks.
Robert Watson [Mon, 19 Feb 2007 13:04:25 +0000 (13:04 +0000)]
Do allow PIOCSFL in jail for setguid processes; this is more consistent
with other debugging checks elsewhere. XXX comment on the fact that
p_candebug() is not being used here remains.
Remove union_dircheckp hook, it is not needed by new unionfs code anymore.
As consequence, getdirentries() no longer needs to drop/reacquire
directory vnode lock, that would allow it to be reclaimed in between.
Reported and tested by: Peter Holm
Approved by: rodrigc (unionfs)
MFC after: 1 week
MFi386 rev. 1.544 of i386/i386/pmap.c:
Rounding addr upwards to next 2M boundary in pmap_growkernel() could
cause addr to become 0, resulting in an early return without populating
the last PDE.
Olivier Houchard [Mon, 19 Feb 2007 01:03:08 +0000 (01:03 +0000)]
Add two new options, FLASHADDR, which defines the address the flash is
mapped at, and LOADERRAMADDR, the address at which the loader maps the ram at
at the time the kernel is booted.
They are used to detect if the kernel is booted from the onboard flash.
Define those for the IQ31244
Alan Cox [Sun, 18 Feb 2007 05:54:42 +0000 (05:54 +0000)]
Enable vm_page_free() and vm_page_free_zero() to be called on some pages
without the page queues lock being held, specifically, pages that are not
contained in a vm object and not a member of a page queue.
Søren Schmidt [Sat, 17 Feb 2007 16:56:39 +0000 (16:56 +0000)]
Add support for chipsets that has NULL'd BAR's for legacy ports.
This allows DMA to be used on a fine little geode system I got here and
most like on lots of older systems like that.
Kirk McKusick [Sat, 17 Feb 2007 08:25:43 +0000 (08:25 +0000)]
This README file is obsolete. The cited problems were fixed long ago
and the code is installed by default so no longer requires action by
the administrator to be included.
Warner Losh [Fri, 16 Feb 2007 05:36:59 +0000 (05:36 +0000)]
Two changes:
(1) change debounce period from 1s to 250ms. This appears to be fine and
speeds things up a little.
(2) In the middle of cbb_pcic_power_disable_socket we write 0 to the EXCA_INTR
register to put the card into reset. However, this turns off CSC
interrupts for TI bridges (and maybe others). So no further card
insertion events would be noticed. To compensate, after we've gone
through the entire power down sequence, turn on EXCA_INTR_ENABLE so
that CSC events happen.
#2 should fix the 'dead slot' problem that has been reported after
card ejection (but only 16-bit cards).
Mohan Srinivasan [Fri, 16 Feb 2007 03:46:55 +0000 (03:46 +0000)]
Backing out an earlier change. It seems harmless for NFS to miss the "force
unmount" flag, making the acquisition of the MNT_ILOCK in nfs_request() and
nfs_sigintr() unnecessary. Pointed out by tegge@.
Bruce A. Mah [Fri, 16 Feb 2007 02:20:11 +0000 (02:20 +0000)]
Switch to unified MI hardware notes. The hardware notes are
now contained entirely in a single DocBook article, which has
information pertinent to all architectures. This will improve
the maintainability of the hardware notes going forward by
reducing complexity of the build process, improving the visibiilty
of the architecture-specific text, and removing the need to generate
an extra version of the document for every architecture.
Remove all of the MD hardware notes stuff; all relevant content
has been folded into hardware/article.sgml.
Bruce A. Mah [Fri, 16 Feb 2007 02:10:12 +0000 (02:10 +0000)]
Add support for auto-generating hardware notes entries in a
manner consistent with the new MI-style hardware notes document.
man2hwnotes.pl now defaults to generating entities for the MI-style
hardware notes (i.e. hardware/article.sgml). A new -c
option causes it to generate entities for the older MD-style
hardware notes (i.e. hardware/common/dev.sgml).
The Makefile infrastructure supplies the -c option to man2hwnotes.pl
now unless the HWNOTES_MI Makefile variable is defined, so
compatiblity is preserved for hardware notes translations that
aren't converted to the new organization yet. As translations
convert, they should define HWNOTES_MI in their hardware/Makefile.
When all the relevant translations catch up, the compatibility goop
in share/mk/doc.relnotes.mk and share/sgml/Makefile can be removed.
Thanks go to simon@ for help with the backwards compatiblity
mechanism.
Move vnode-to-file-handle translation from vfs_vptofh to vop_vptofh method.
This way we may support multiple structures in v_data vnode field within
one file system without using black magic.
Vnode-to-file-handle should be VOP in the first place, but was made VFS
operation to keep interface as compatible as possible with SUN's VFS.
BTW. Now Solaris also implements vnode-to-file-handle as VOP operation.
VFS_VPTOFH() was left for API backward compatibility, but is marked for
removal before 8.0-RELEASE.
Approved by: mckusick
Discussed with: many (on IRC)
Tested with: ufs, msdosfs, cd9660, nullfs and zfs
Søren Schmidt [Thu, 15 Feb 2007 21:51:42 +0000 (21:51 +0000)]
Support AHCI chips where the ports are not consecutively numbered as in
some incarnations of the ICH8 chip.
Also fix the panic introduced by the last commit.
Bruce A. Mah [Thu, 15 Feb 2007 19:33:47 +0000 (19:33 +0000)]
First step in consolidating the various MD bits of the hardware notes.
Convert MD references in the supported devices section from arch=""
attributes for conditional compilation to entities that will just
print architecture names. (The entities aren't defined yet...this
will happen in a future commit.)
Luigi Rizzo [Thu, 15 Feb 2007 17:21:31 +0000 (17:21 +0000)]
Cleanup and document the implementation of firmware(9) based on
a version that i posted earlier on the -current mailing list,
and subsequent feedback received.
The core of the change is just in sys/firmware.h and kern/subr_firmware.c,
while other files are just adaptation of the clients to the ABI change
(const-ification of some parameters and hiding of internal info,
so this is fully compatible at the binary level).
In detail:
- reduce the amount of information exported to clients in struct firmware,
and constify the pointer;
- internally, document and simplify the implementation of the various
functions, and make sure error conditions are dealt with properly.
The diffs are large, but the code is really straightforward now (i hope).
Note also that there is a subtle issue with the implementation of
firmware_register(): currently, as in the previous version, we just
store a reference to the 'imagename' argument, but we should rather
copy it because there is no guarantee that this is a static string.
I realised this while testing this code, but i prefer to fix it in
a later commit -- there is no regression with respect to the past.
Note, too, that the version in RELENG_6 has various bugs including
missing locks around the module release calls, mishandling of modules
loaded by /boot/loader, and so on, so an MFC is absolutely necessary
there. I was just postponing it until this cleanup to avoid doing
things twice.
Robert Watson [Thu, 15 Feb 2007 14:44:46 +0000 (14:44 +0000)]
Expand history and authors section of mbuf.9 man page to discuss recent
transition to mbuma (FreeBSD 5.3) and the fact that mbufs are now limited
almost entirely to packet storage, with straight UMA zones being used for
most other network data types.
Robert Watson [Thu, 15 Feb 2007 10:50:48 +0000 (10:50 +0000)]
Break file descriptor printing logic out of db_show_files() into
db_print_file(), and add a new "show file <ptr>" DDB command, which can
be used to print out file descriptors referenced in stack traces.
If both ISDOTDOT and NOCROSSMOUNT are set then lookup() might breaks out
of the special handling for ".." and perform an ISDOTDOT VOP_LOOKUP()
for a filesystem root vnode. Handle this case inside lookup().
Warner Losh [Thu, 15 Feb 2007 07:22:27 +0000 (07:22 +0000)]
It turns out that it is easier to not NULL out pccard and cardbus
device pointers. They don't change as the children device drivers
come and go. Rather, check to see if the device is attached where we
would have checked ! NULL. This solves many asymmetries in the code
that likely could lead to crashes when loading/unloading cbb without
one or more of the expected children's driver not present.
Warner Losh [Thu, 15 Feb 2007 07:13:38 +0000 (07:13 +0000)]
Fix three bugs:
o When detaching all children, try really hard to get all the children
list before giving up. This is based on an observation by hans petter
selasky in his usb p4 branch.
o When rescanning devices after a driver is added, abort if we can't get
the child list with a message.
o when rescanning devices, if the reprobe/attach is successful, save the
device for cardbus/pccard.
Pyun YongHyeon [Thu, 15 Feb 2007 06:21:34 +0000 (06:21 +0000)]
Unbreak non-H/W VLAN extraction case.
Unlike other GigEs Yukon II always set VLAN bit when it detects VLAN
tagged packet regardless of H/W VLAN processing configuration state.
So it need to check IFCAP_VLAN_HWTAGGING bit to know whether driver
is configured to take advantage of H/W VLAN processing. If H/W VLAN
processing was disabled don't adjust received packet length such that
subsequent validation logic works for software VLAN processing.
Alan Cox [Thu, 15 Feb 2007 05:43:38 +0000 (05:43 +0000)]
Relax the page queue lock assertions in vm_page_remove() and
vm_page_free_toq() to account for recent changes that allow
vm_page_free_toq() to be called on some pages without the page queues lock
being held, specifically, pages that are not contained in a vm object and
not a member of a page queue. (Examples of such pages include page table
pages, pv entry pages, and uma small alloc pages.)
- PROT_READ, PROT_WRITE, or PROT_EXEC implies PROT_READ and PROT_EXEC.
Linux/ia64's i386 emulation layer does this and it complies with Linux
header files. This fixes mmap05 LTP test case on amd64.
- Do not adjust stack size when failure has occurred.
- Synchronize i386 mmap/mprotect with amd64.