Correct the cleanup of the alias dev_t for /dev/urandom: being an
alias it depends on the aliased dev_t and disappears automatically
when that is removed.
Submitted by: "Bjoern A. Zeeb" <bzeeb+freebsd@zabbadoz.net>
Bruce Evans [Thu, 12 Feb 2004 16:52:24 +0000 (16:52 +0000)]
Fixed some minor style bugs (English usage and formatting of binary
operators) in and near revs.1.169-1.170 (open mode bandaid). This
(or better a proper fix) should have been done before cloning the
bandaid to many other file systems.
Bruce Evans [Thu, 12 Feb 2004 16:25:12 +0000 (16:25 +0000)]
Only indent once for continuation lines when not lining up with
parentheses if the continuation indent is exactly half of the main
indent. Indenting one contination indent for every level of
parentheses gives bad results in most cases and is not what is done
in about 90% of properly hand-formatted KNF code (sys/kern/*.c,
nvi/common/*.c). The main advantage of the non-default KNF options
-nlp -ci4 is that continuation lines don't accidentally line up with
the next main indentation level or march to the right, and increasing
their indentation defeats this.
This behaviour change is limited to when the continuation indent is
exactly half of the main indent to avoid adding yet another option.
Peter Grehan [Thu, 12 Feb 2004 09:17:16 +0000 (09:17 +0000)]
Work-in-progress for the 'Kauai' ATA device in Mac notebooks. The
device seems to be the macio ATA cell with a PCI front-end, and
has no relation to PIIX-style ATA/PCI devices.
Brian Feldman [Thu, 12 Feb 2004 01:48:40 +0000 (01:48 +0000)]
Always socantsendmore() before deallocating a socket. This, in turn,
calls selwakeup() if necessary (which it is, if you don't want freed
memory hanging around on your td->td_selq).
Don Lewis [Wed, 11 Feb 2004 22:06:02 +0000 (22:06 +0000)]
When reparenting a process to init, make sure that p_sigparent is
set to SIGCHLD. This avoids the creation of orphaned Linux-threaded
zombies that init is unable to reap. This can occur when the parent
process sets its SIGCHLD to SIG_IGN. Fix a similar situation in the
PT_DETACH code.
Tested by: "Steven Hartland" <killing AT multiplay.co.uk>
Bill Paul [Wed, 11 Feb 2004 21:53:40 +0000 (21:53 +0000)]
Add yet more bulletproofing. This is to guard against the case that
ndis_init_nic() works one during attach, but fails later. Many things
will blow up if ndis_init_nic() fails and we aren't careful.
Bruce Evans [Wed, 11 Feb 2004 15:27:26 +0000 (15:27 +0000)]
Removed more vestiges of vfs_ioopt:
- rev.1.42 of ffs_readwrite.c added a special case in ffs_read() for reads
that are initially at EOF, and rev.1.62 of ufs_readwrite.c fixed
timestamp bugs in it. Removal of most of vfs_ioopt made it just and
optimization, and removal of the vm object reference calls made it less
than an optimization. It was cloned in rev.1.94 of ufs_readwrite.c as
part of cloning ffs_extwrite() although it was always less than an
optimization in ffs_extwrite().
- some comments, compound statements and vertical whitespace were vestiges
of dead code.
Thomas Quinot [Wed, 11 Feb 2004 10:14:08 +0000 (10:14 +0000)]
(atapi_cb): Reenable automatic retrieve of sense data on error, making
it asynchronous to avoid incorrect use of ata_atapicmd within an
ATAPI callback.
Added first part of GEOM kernel API manuals pages.
Documented function and macros are:
- DECLARE_GEOM_CLASS(),
- g_attach(),
- g_detach(),
- g_new_bio(),
- g_clone_bio(),
- g_destroy_bio(),
- g_new_consumer(),
- g_destroy_consumer(),
- g_read_data(),
- g_write_data(),
- g_post_event(),
- g_waitfor_event(),
- g_cancel_event(),
- g_new_geomf(),
- g_destroy_geom(),
- g_new_providerf(),
- g_destroy_provider(),
- g_error_provider(),
- g_provider_by_name(),
- g_wither_geom().
and more to come.
I want to thanks following people for help with those documents:
Slawek Zak <zaks@prioris.mini.pw.edu.pl>
Simon L. Nielsen <simon@FreeBSD.org>
Pieter de Boer <g.p.de.boer@st.hanze.nl>
and of course
Poul-Henning Kamp <phk@FreeBSD.org>
When restarting a transfer that has already completed, the server will
reply with a 416 error code (requested range not satisfiable) because
we ask it to start at the end of the file. Handle this gracefully by
considering a 416 reply a success if the requested offset exactly
matches the length of the file and the requested length is zero.
Ruslan Ermilov [Wed, 11 Feb 2004 08:42:38 +0000 (08:42 +0000)]
Get rid of unnecessary use of m4(1) by using cpp(1) instead.
(John tells me there were problems when trying this before,
but it appears to be safe these day.)
Peter Grehan [Wed, 11 Feb 2004 07:27:34 +0000 (07:27 +0000)]
Cleaned up param.h:
- culled long-dead #define's
- segment register defs moved to sr.h
- NPMAPS moved to pmap.h
- KERNBASE moved to vmparam.h
- removed include of <machine/cpu.h> and fixed src files that
relied on this.
Modifying segment register code no longer causes gcc rebuilds :-)
Tim Kientzle [Wed, 11 Feb 2004 05:44:20 +0000 (05:44 +0000)]
GNU tar in the base system is now called "gtar"
"tar" is now just a link to "gtar".
This lays the groundwork for an orderly migration
from GNU tar to some other tar. (First, we introduce
the new tar program, then we migrate the 'tar' name,
then we remove gtar, with intervals of months between
these steps.)
Bruce M Simpson [Wed, 11 Feb 2004 04:34:34 +0000 (04:34 +0000)]
Initial import of RFC 2385 (TCP-MD5) digest support.
This is the second of two commits; bring in the userland support to finish.
Teach libipsec and setkey about the tcp-md5 class of security associations,
thus allowing administrators to add per-host keys to the SADB for use by
the tcpsignature_compute() function.
Document that a single SPI must be used until such time as the code which
adds support to the SPD to specify flows for tcp-md5 treatment is suitable
for production.
Bruce M Simpson [Wed, 11 Feb 2004 04:26:04 +0000 (04:26 +0000)]
Initial import of RFC 2385 (TCP-MD5) digest support.
This is the first of two commits; bringing in the kernel support first.
This can be enabled by compiling a kernel with options TCP_SIGNATURE
and FAST_IPSEC.
For the uninitiated, this is a TCP option which provides for a means of
authenticating TCP sessions which came into being before IPSEC. It is
still relevant today, however, as it is used by many commercial router
vendors, particularly with BGP, and as such has become a requirement for
interconnect at many major Internet points of presence.
Several parts of the TCP and IP headers, including the segment payload,
are digested with MD5, including a shared secret. The PF_KEY interface
is used to manage the secrets using security associations in the SADB.
There is a limitation here in that as there is no way to map a TCP flow
per-port back to an SPI without polluting tcpcb or using the SPD; the
code to do the latter is unstable at this time. Therefore this code only
supports per-host keying granularity.
Whilst FAST_IPSEC is mutually exclusive with KAME IPSEC (and thus IPv6),
TCP_SIGNATURE applies only to IPv4. For the vast majority of prospective
users of this feature, this will not pose any problem.
This implementation is output-only; that is, the option is honoured when
responding to a host initiating a TCP session, but no effort is made
[yet] to authenticate inbound traffic. This is, however, sufficient to
interwork with Cisco equipment.
Tested with a Cisco 2501 running IOS 12.0(27), and Quagga 0.96.4 with
local patches. Patches for tcpdump to validate TCP-MD5 sessions are also
available from me upon request.
Nate Lawson [Wed, 11 Feb 2004 02:57:33 +0000 (02:57 +0000)]
Prefer buttons defined in the AML over the ones in the FADT. Some
systems define power/sleep buttons in both places but only deliver
notifies to the ones defined in the AML.
Also, reduce length of various function handler names.
Peter Grehan [Tue, 10 Feb 2004 23:57:35 +0000 (23:57 +0000)]
Correctly create interrupt key for PCI, which is the OpenFirmware
pci-hi/med/lo + node 'interrupts' property. This worked by
accident until recent notebooks required correct operation.
Bill Paul [Tue, 10 Feb 2004 23:01:53 +0000 (23:01 +0000)]
Add some bulletproofing: don't allow the ndis_get_info() or ndis_set_info()
routines to do anything except return error if the miniport adapter context
is not set (meaning we either having init'ed the driver yet, or the
initialization failed).
Also, be sure to NULL out the adapter context along with the
miniport characteristics pointers if calling the MiniportInitialize()
method fails.
Alan Cox [Tue, 10 Feb 2004 18:34:27 +0000 (18:34 +0000)]
Correct a long-standing race condition in the inactive queue scan. (See
the added comment for low-level details.) The effect of this race
condition is a panic "vm_page_cache: caching a dirty page, ..."
Peter Pentchev [Tue, 10 Feb 2004 15:12:01 +0000 (15:12 +0000)]
Document the '-h hostname' option, which seems to have been present
ever since rev. 1.1 of bootpd.c.
While I'm here, rearrange the synopsis a bit: sort the options and
clarify that -i and -s are mutually exclusive.
Reported by: Atanas Buchvarov <nasko@nove.bg>
MFC after: 3 days