luigi [Tue, 26 Nov 2002 19:51:40 +0000 (19:51 +0000)]
Update documentation to match the behaviour of ipfw with respect
to net.inet.ip.fw.one_pass.
Add to notes to explain the exact behaviour of "prob xxx" and "log"
options.
Virtually approved by: re (mentioned in rev.1.19 of ip_fw2.c)
obrien [Tue, 26 Nov 2002 18:25:20 +0000 (18:25 +0000)]
Remove our custom mixed ELF/a.out support. This means the base compiler
now only produce ELF objects. It also makes us closer to stock GCC, and
simplifies the set of changes we still need from stock GCC on every import.
ru [Tue, 26 Nov 2002 17:55:41 +0000 (17:55 +0000)]
mdoc(7) police:
Revert to using the .Tn POSIX and .Tn ANSI instead of \*[Px] and \*[Ai]
strings; using these strings is unsafe in troff mode, as they include a
change in a font size.
robert [Tue, 26 Nov 2002 17:30:55 +0000 (17:30 +0000)]
To avoid sleeping with all sorts of resources acquired (the reported
problem was a locked directory vnode), do not give the process a chance
to sleep in state "stopevent" (depends on the S_EXEC bit being set in
p_stops) until most resources have been released again.
rwatson [Tue, 26 Nov 2002 17:26:06 +0000 (17:26 +0000)]
Import an implementation of LOMAC (Low-Watermark Mandatory Access
Control) as a MAC Framework policy module. Unlike the existing
src/sys/security/lomac implementation, this one has its fingers out
of the kernel lock order and doesn't make use of flags in existing
kernel structures. This greatly reduces the quantity of replicated
code with src/sys/kern, simplifies the implementation (3000 vs 8500
lines), and correctes a number of known stability problems with
the existing LOMAC implementation, which will be removed. A bit
more hooking up to do here.
jhb [Tue, 26 Nov 2002 17:22:15 +0000 (17:22 +0000)]
If the file descriptors passed into do_dup() are negative, return EBADF
instead of panicing. Also, perform some of the simpler sanity checks on
the fds before acquiring the filedesc lock.
Approved by: re
Reported by: Dan Nelson <dan@emsphone.com> and others
rwatson [Tue, 26 Nov 2002 17:11:57 +0000 (17:11 +0000)]
Un-staticize mac_cred_mmapped_drop_perms() so that it may be used
by policy modules making use of downgrades in the MAC AST event. This
is required by the mac_lomac port of LOMAC to the MAC Framework.
ru [Tue, 26 Nov 2002 11:22:59 +0000 (11:22 +0000)]
mdoc(7) police: back out unproved changes in previous revision;
descriptions in the FILES section should be full sentences, as
demonstrated in mdoc(7) and /usr/share/examples/mdoc/.
gad [Mon, 25 Nov 2002 22:59:52 +0000 (22:59 +0000)]
Add back the "\ No newline at end of file" marker that is printed when
comparing two files, where only one file is missing the final newline
character. This undoes revisions 1.3 and 1.4, returning 'diff' to how
it behaved before July 2000. We can do this now because our version of
'patch' was modified (just before 4.6-release) to understand what to do
with that line. This marker is the same one generated by 'diff' under
netbsd, openbsd, darwin, and linux (and any OS with "gnu-diff" installed).
Reviewed by: imp freebsd-standards (back in april)
Approved by: re (bmah)
MFC after: 1 week
jhb [Mon, 25 Nov 2002 21:55:04 +0000 (21:55 +0000)]
- Assume a bus number of zero if evaluating _BBN fails, not if it succeeds.
This was effectively rendering _BBN useless.
- Cleanup handling of the busok variable a bit.
Submitted by: marcel (1)
Approved by: re (rwatson)
jhb [Mon, 25 Nov 2002 21:53:14 +0000 (21:53 +0000)]
Fix a couple of bugs in host_pcib_get_busno():
- If a PCI device is not present, then a 32-bit read_config() is going to
return 0xffffffff not 0xffff.
- For the 82454NX chipset, the MIOC that we read the bus numbers of the
various host-PCI bridges from is at function (slot) 0x10 not 0x0.
bmah [Mon, 25 Nov 2002 21:12:52 +0000 (21:12 +0000)]
In several instances, adjacent, related release notes were combined.
A useless entry was removed, as per its comment.
Fixed a number of typos and grammos.
Old (pre-4.6) security advisories were marked as historic. Hyperlinks
were removed from these release notes to work around a buglet in
footnote numbering for printed output. These changes eliminated three
pages of only marginally-useful utility.
Clarify a note on procfs(5) mounts.
The games/freebsd-games port now exists, so refer to it when talking
about the removal of the traditional BSD games.
lukemftpd was deactivated, so remove its release note.
ru [Mon, 25 Nov 2002 14:18:42 +0000 (14:18 +0000)]
mdoc(7) police: In DESCRIPTION, list the options in pure alphabetical
order, as required by style(9). Document the effect of the -f option
on exit status. Fixed some spacing.
silby [Mon, 25 Nov 2002 05:15:27 +0000 (05:15 +0000)]
Import some relevant changes from Via's if_fet driver:
1. Detect the revision of the Rhine chip we're using.
2. Use the force reset command on revisions which support
it whenever the normal reset command fails.
This should solve a wide range of "my vr0 locks up with reset
failed messages" problems. (Although the root causes should
be eventually tracked down.)
Tested by: grenville armitage <garmitage@swin.edu.au>
Obtained from: Via's if_fet driver
MFC after: 3 days
Approved by: re
julian [Sun, 24 Nov 2002 21:41:42 +0000 (21:41 +0000)]
Fsck needs to check each CG's rotor values to ensure thay are not -ve.
It seems a common corruption to have them -ve (I've seen it several times)
and if fsck doesn't fix it, it leads to a kernel pagefault.
Reviewd by: kirk
Submitted by: Eric Jacobs <eaja@erols.com> and me independently.
MFC in: 2 days
PR: bin/40967
Approved by: re
alc [Sun, 24 Nov 2002 21:37:02 +0000 (21:37 +0000)]
Add page queues locking to vunmapbuf(); reduce differences with respect
to the sparc64 implementation. (Note: With modest effort on the alpha and
ia64 this function could migrate to the MI part of the kernel.)
marcel [Sun, 24 Nov 2002 20:15:08 +0000 (20:15 +0000)]
MFp4:
Add function map_port_space() to map the memory mapped I/O port
range as uncacheable virtual memory and call it prior to probing
for a console. This removes the dependency on the loader to have
done this for us. Note that this change does not include doing
the same for APs.
marcel [Sun, 24 Nov 2002 19:45:05 +0000 (19:45 +0000)]
MFp4:
o Show the contents of the AP wakeup descriptor when dumping SAL
information.
o Increase S/N ratio when listing the itr and dtr. Only show valid
mappings and give the total number of TRs.
iwasaki [Sun, 24 Nov 2002 02:27:07 +0000 (02:27 +0000)]
Add `if (!cold)' checkings for functions which is called via SYSINIT.
Loading acpi.ko with kldload is disallowed, however some
functions were executed unexpectedly.
njl [Sat, 23 Nov 2002 22:51:50 +0000 (22:51 +0000)]
Allow acd(4) and cd(4) to support old behavior for CDRIOC*SPEED ioctls.
If the value from the user is less than 177, assume it is a multiple of
a single speed CDROM and convert to KB/sec.
No complaints from: sos
Reviewed by: ken
Approved by: re
MFC after: 1 day
alc [Sat, 23 Nov 2002 04:48:13 +0000 (04:48 +0000)]
- Assert that the page queues lock is held in pmap_remove_all().
- Fix a diagnostic message and comment in pmap_remove_all().
- Eliminate excessive white space from pmap_remove_all().
mux [Fri, 22 Nov 2002 23:57:02 +0000 (23:57 +0000)]
Under certain circumstances, we were calling kmem_free() from
i386 cpu_thread_exit(). This resulted in a panic with WITNESS
since we need to hold Giant to call kmem_free(), and we weren't
helding it anymore in cpu_thread_exit(). We now do this from a
new MD function, cpu_thread_dtor(), called by thread_dtor().
njl [Fri, 22 Nov 2002 22:55:51 +0000 (22:55 +0000)]
New SCSI target emulator code
This code allows a user program to enable target mode on a SIM and
then emulate any number of devices (disks, tape drives, etc.) All
decisions about device behavior (UA, CA, inquiry response) are left
to the usermode program and the kernel driver is merely a conduit
for CCBs. This enables multiple concurrent target emulators, each
using its own backing store and IO model.
Also included is a user program that emulates a disk (RBC) using a
file as a backing store. This provides functionality similar to
md(4) at the CAM layer.
Code has been tested on ahc(4) and should also work on isp(4) (and
other SIMs that gain target mode support). It is a complete rewrite
of /sys/cam/scsi_target* and /usr/share/examples/scsi_target.
Design, comments from: gibbs
Supported by: Cryptography Research
Approved by: re