pjd [Tue, 16 Aug 2005 08:45:11 +0000 (08:45 +0000)]
MFC: sbin/geom/core/geom.c 1.23
Unfortunately dlerror(3) returns string, so there is no clean way to
ignore "no such file" errors only, which I wanted to do.
Because of this I ignored all other errors on dlopen(3) failure as well,
which isn't good.
Fix this situation by calling access(2) on library file first and ignore
only ENOENT error. This allows to report all the rest of dlopen(3) errors.
pjd [Tue, 16 Aug 2005 08:43:06 +0000 (08:43 +0000)]
MFC: etc/rc.d/jail 1.25
Skip jails which are already running and inform why.
We're checking for /var/run/jail_<name>.id file and if it exists, we don't
start the jail. It should be also safe in case of reboot(8), because
rc.d/cleanvar script is going to remove /var/run/jail_* files.
It helps to avoid potential mess when the same jail is started twice,
because of an administrator mistake (been there, done that).
marcel [Tue, 16 Aug 2005 03:29:22 +0000 (03:29 +0000)]
Partial MFC rev 1.3:
o Remove the obscure tid command, because it does what the thread
command does, but worse.
o Move the PID to the extra thread info, where it makes sense and
where it doesn't confuse users. The extra thread info holds some
process information, to which the PID belongs.
o Implement the to_find_new_threads target method by having it call
the target beneath us if we're not using KVM. This makes sure that
new threads are found when using the remote target.
o Fix various core dump scenarios:
- Implement the to_files_info target method. Previously the
'info target' command would cause a NULL pointer dereference.
- Don't assume there's a current thread. We're not initialized
in all cases. This prevents a NULL pointer dereference.
- When we're not ussing KVM, have the to_xfer_memory target
method call the target beneath us. This avoids calling into
KVM with a NULL pointer.
marcel [Tue, 16 Aug 2005 00:29:26 +0000 (00:29 +0000)]
MFC 1.8:
o As mentioned in the previous commit: make the KVM error buffer
static.
o Register a function with atexit(3) to close the KVM object if
we have one open.
o Show the unread portion of the kernel's message buffer before
presenting the prompt. It's bound to provide some useful info.
o Don't call kgdb_target() twice. It results in having all threads
listed twice.
Fail the module loading process if the currently executing kernel
was not compiled with 'options HWPMC_HOOKS' or if the compiled-in
version numbers of the kernel and module are not in sync.
kan [Mon, 15 Aug 2005 14:04:47 +0000 (14:04 +0000)]
MFC: Do not use vm_pager_init() to initialize vnode_pbuf_freecnt variable.
vm_pager_init() is run before required nswbuf variable has been set
to correct value. This caused system to run with single pbuf available
for vnode_pager. Handle both cluster_pbuf_freecnt and vnode_pbuf_freecnt
variableis in the same way.
kan [Mon, 15 Aug 2005 13:50:38 +0000 (13:50 +0000)]
MFC r1.639: Do not drop the vnode interlock if vdropl is called on already
doomed vnode. vdropl callers expect it to return with interlock still being
held.
rwatson [Mon, 15 Aug 2005 09:54:00 +0000 (09:54 +0000)]
Merge if_atm.c:1.20 from HEAD to RELENG_6:
Add NATM_LOCK() and NATM_UNLOCK() in places where npcb_add() and
npcb_free() are called, in order to eliminate witness panics.
This was overlooked in removal of GIANT from ATM.
rwatson [Mon, 15 Aug 2005 09:51:15 +0000 (09:51 +0000)]
Merge if_atmsubr.c:1.38, natm.c:1.38, natm.h:1.11, natm_pcb.c:1.16,
natm_proto.c:1.16 from HEAD to RELENG_6:
Lock down netnatm and mark as MPSAFE:
- Introduce a subsystem mutex, natm_mtx, manipulated with accessor macros
NATM_LOCK_INIT(), NATM_LOCK(), NATM_UNLOCK(), NATM_LOCK_ASSERT(). It
protects the consistency of pcb-related data structures. Finer grained
locking is possible, but should be done in the context of specific
measurements (as very little work is done in netnatm -- most is in the
ATM device driver or socket layer, so there's probably not much
contention).
- Remove GIANT_REQUIRED, mark as NETISR_MPSAFE, remove
NET_NEEDS_GIANT("netnatm").
- Conditionally acquire Giant when entering network interfaces for
ifp->if_ioctl() using IFF_LOCKGIANT(ifp)/IFF_UNLOCKGIANT(ifp) in order
to coexist with non-MPSAFE atm ifnet drivers..
rwatson [Mon, 15 Aug 2005 09:03:50 +0000 (09:03 +0000)]
Merge mac_policy.h:1.69 from HEAD to RELENG_6:
Insert a series of place-holder function pointers in mac_policy.h for
entry points that will be inserted over the life-time of the 6.x branch,
including for:
- New struct file labeling (void * already added to struct file), events,
access control checks.
- Additional struct mount access control checks, internalization/
externalization.
- mac_check_cap()
- System call enter/exit check and event.
- Socket and vnode ioctl entry points.
rwatson [Mon, 15 Aug 2005 09:02:01 +0000 (09:02 +0000)]
Merge vm_page.h:1.137 from HEAD to RELENG_6:
Don't perform a nested include of opt_vmpage.h if LIBMEMSTAT is defined,
as opt_vmpage.h will not be available to user space library builds. A
similar existing check is present for KLD_MODULE for similar reasons.
rwatson [Mon, 15 Aug 2005 09:01:11 +0000 (09:01 +0000)]
Merge uma_int.h:1.37 from HEAD to RELENG_6:
Wrap inlines in uma_int.h in #ifdef _KERNEL so that uma_int.h can be
used from memstat_uma.c for the purposes of kvm access without lots
of additional unsafe includes.
ssouhlal [Mon, 15 Aug 2005 06:01:36 +0000 (06:01 +0000)]
MFC:
Holding a vnode doesn't prevent v_mount from disappearing (when the
vnode is inactivated), possibly leading to a NULL dereference when
checking if the mount wants knotes to be activated in the VOP hooks.
So, we add a new vnode flag VV_NOKNOTE that is only set in getnewvnode(),
if necessary, and check it when activating knotes.
Since the flags are not erased when a vnode is being held, we can safely
read them.
rwatson [Sat, 13 Aug 2005 21:24:18 +0000 (21:24 +0000)]
Merge two sets of changes relating to devfs device node cloning from
HEAD to RELENG_6: changes to introduce a credentialed version of the
clone event handler, and then changes to merge the regular and
credentialed versions into a single interface (along with updates to
existing consumers). With this merge, 6.x and 7.x are in sync.
First batch merges devfs_devs.c:1.37, devfs_vnops.c:1.115,
kern_conf.c:1.187, tty_pty.c:1.138, mac_vfs.c:1.109, mac_biba.c:1.36,
mac_lomac.c:1.36, mac_mls.c:1.73, mac_stub.c:1.53, mac_test.c:1.61,
conf.h:1.223, mac.h:1.68, mac_policy.h:1.67 from HEAD to RELENG_6:
When devfs cloning takes place, provide access to the credential of the
process that caused the clone event to take place for the device driver
creating the device. This allows cloned device drivers to adapt the
device node based on security aspects of the process, such as the uid,
gid, and MAC label.
- Add a cred reference to struct cdev, so that when a device node is
instantiated as a vnode, the cloning credential can be exposed to
MAC.
- Add make_dev_cred(), a version of make_dev() that additionally
accepts the credential to stick in the struct cdev. Implement it and
make_dev() in terms of a back-end make_dev_credv().
- Add a new event handler, dev_clone_cred, which can be registered to
receive the credential instead of dev_clone, if desired.
- Modify the MAC entry point mac_create_devfs_device() to accept an
optional credential pointer (may be NULL), so that MAC policies can
inspect and act on the label or other elements of the credential
when initializing the skeleton device protections.
- Modify tty_pty.c to register clone_dev_cred and invoke make_dev_cred(),
so that the pty clone credential is exposed to the MAC Framework.
While currently primarily focussed on MAC policies, this change is also
a prerequisite for changes to allow ptys to be instantiated with the UID
of the process looking up the pty. This requires further changes to the
pty driver -- in particular, to immediately recycle pty nodes on last
close so that the credential-related state can be recreated on next
lookup.
Second batch merges scsi_target.c:1.68, coda_fbsd.c:1.43,
firewirereg.h:1.38, fwdev.c:1.47, nmdm.c:1.36, snp.c:1.100, dsp.c:1.82,
mixer.c:1.45, vkbd.c:1.9, devfs_vnops.c:1.117, tty_pty.c:1.139,
tty_tty.c:1.57, bpf.c:1.156, if_tap.c:1.56, if_tun.c:1.153,
smb_dev.c:1.28, conf.h:1.224 from HEAD to RELENG_6:
Merge the dev_clone and dev_clone_cred event handlers into a single
event handler, dev_clone, which accepts a credential argument.
Implementors of the event can ignore it if they're not interested,
and most do. This avoids having multiple event handler types and
fall-back/precedence logic in devfs.
This changes the kernel API for /dev cloning, and may affect third
party packages containg cloning kernel modules.
Requested by: phk
These changes modifies the kernel device driver API for device cloning,
and might require minor modifications to third party device drivers that
make use of devfs cloning. It will not be merged to RELENG_5.
thompsa [Thu, 11 Aug 2005 20:57:59 +0000 (20:57 +0000)]
MFC: if_bridge.c, r.1.5
> Use m_copypacket() which is an optimization of the common case
> m_copym(m, 0, M_COPYALL, how).
>
> This is required for strict alignment architectures where we align the
> IP header in the input path but m_copym() will create an unaligned copy
> in bridge_broadcast(). m_copypacket() preserves alignment of the first
> mbuf.
>
> Noticed by: Petri Simolin
> Approved by: mlaier (mentor)
Add support for IPv6 over GRE [1]. PR kern/80340 includes the
FreeBSD specific ip_newid() changes NetBSD does not have.
Correct handling of non AF_INET packets passed to bpf [2].
PR: kern/80340[1], NetBSD PRs 29150[1], 30844[2]
Obtained from: NetBSD ip_gre.c rev. 1.34,1.35, if_gre.c rev. 1.56
Submitted by: Gert Doering <gert at greenie.muc.de>[2]
Approved by: re (kensmith)
ups [Wed, 10 Aug 2005 14:09:25 +0000 (14:09 +0000)]
MFC ffs_softdep.c 1.182, softdep.h 1.18
Delay freeing disk space for file system blocks until all
dirty buffers are safely released. This fixes softdep
problems on truncation (deletion) of files with dirty
buffers.
Temporary band-aid to fix hang when a process exec's Altivec
instructions.
trap_subr.S: declare a stub for the a-unavailable trap
that does an absolute jump to the vector-assist trap.
This is due to the fact that the vec-unavail trap
doesn't start at a 256-byte boundary, so the trick of
masking the bottom 8 bits of the link register to identify
the interrupt doesn't work, so let the vec-assist
case handle Altivec-disabled for the time being.
Note that this will be fixed in the future with a much
smaller vector code-stub (< 16 bytes) that will allow
use of strange vector offsets that are also present in
4xx processors, and also allow smaller differences in
vector codepaths on the G5.
trap.c: Treat altivec-unavailable/assist process traps as SIGILL.
Not quite correct, since altivec-assist should really
be a panic,
but it is fine for the moment due to the above measure.
machdep.c Install the stub code for the altivec-unavailable trap, and
the standard trap code at the altivec-assist.
sos [Sun, 7 Aug 2005 11:20:28 +0000 (11:20 +0000)]
MFC:
Remove stale struct ata_channel declaration
Add support for the ITE IT8211F controller
Dont limit all transfers to DEV_BSIZE (stale dbug code)
Hide the loaded/unloaded message behind bootverbose
csjp [Sat, 6 Aug 2005 22:26:51 +0000 (22:26 +0000)]
MFC revision 1.61 to RELENG_6
date: 2005/07/30 20:00:13; author: csjp; state: Exp; lines: +16 -4
Introduce kdevtoname, which when given the kernel address of a
cdev structure, returns the device name associated with it through
the __si_namebuf member. This un-breaks the processing of devices.
davidxu [Sat, 6 Aug 2005 03:06:25 +0000 (03:06 +0000)]
MFC Revision 1.117:
In adjustrunqueue(), add code to handle thread migrating case for
ULE scheduler. In original code, local run queue of threaded ksegrp
is corrupted if adjustrunqueue() is called while thread is migrating.
mlaier [Sat, 6 Aug 2005 01:52:35 +0000 (01:52 +0000)]
MFC: pf.c, 1.35 pfvar.h, 1.12
Prevent a race condition. As pf_send_tcp() - called for expired synproxy
states - has to drop the lock when calling back to ip_output(), the state
purge timeout might run and gc the state. This results in a rb-tree
inconsistency. With this change we flag expiring states while holding the
lock and back off if the flag is already set.
thompsa [Fri, 5 Aug 2005 20:33:21 +0000 (20:33 +0000)]
MFC: if_bridge.c, r1.14
> We check that all the member interfaces have the same MTU on attach to the
> bridge but the interface can still be changed afterwards.
>
> This falls under the 'dont do that' category but log an warning when INVARIANTS
> is defined.
>
> Approved by: mlaier (mentor)
>
> Revision Changes Path
> 1.14 +8 -0 src/sys/net/if_bridge.c
jhb [Fri, 5 Aug 2005 19:46:13 +0000 (19:46 +0000)]
MFC: Add extra constraints to inform the compiler that the memory being
modified is an input and output rather than just the register holding the
pointer being the input and output.
pjd [Fri, 5 Aug 2005 19:43:29 +0000 (19:43 +0000)]
MFC: g_raid3.c 1.41
g_raid3.h 1.12
Use root_mount KPI for RAID3 to delay root file system mount.
Actually, one cannot setup root file system on RAID3 device, but when
other file system exist in /etc/fstab which are placed on RAID3 device,
boot process will be interrupted when these devices are missing.
emax [Thu, 4 Aug 2005 21:12:22 +0000 (21:12 +0000)]
MFC if_an.c v1.69 to RELENG_6
Reorganize an_detach() a bit. Make sure ether_ifdetach() and if_free()
are called outside of AN_LOCK()/AN_UNLOCK. This fixes the following
WITNESS warning (produced when an(4) PCMCIA card is detached).
taskqueue_drain with the following non-sleepable locks held:
exclusive sleep mutex an0 (network driver) r = 0 (0xc59af168) locked @ /usr/src/
sys/dev/an/if_an.c:2836
Do not lock an to check gone flag. Only need to hold the lock to set
the gone flag.