brucec [Wed, 16 Feb 2011 21:41:44 +0000 (21:41 +0000)]
MFC r218620:
If the pf.conf(5) example file is copied when setting up a firewall it's
easy to forget about icmp. Update the file to show allowing icmp through
the firewall.
zack [Tue, 15 Feb 2011 20:53:01 +0000 (20:53 +0000)]
MFC: 217336
In the experimental NFS server, when converting an open-owner to a lock-owner,
start at sequence id 1 instead of 0, to match up with both Solaris and Linux.
keramida [Tue, 15 Feb 2011 06:33:35 +0000 (06:33 +0000)]
MFC 217746 from /head/usr.bin/top
Touch up the sample memory usage numbers a bit, to avoid wrapping
on terminal boundary. While here add definition for 'G' and fix
the indentation of 'K' units.
bz [Mon, 14 Feb 2011 16:54:03 +0000 (16:54 +0000)]
MFC r216466:
Bring back (most of) NATM to avoid further bitrot after r186119.
Keep three lines disabled which I am unsure if they had been used at all.
This will allow us to seek testers and possibly bring it all back.
ed [Sun, 13 Feb 2011 19:37:05 +0000 (19:37 +0000)]
Partially merge a change made in r200166.
It seems the utmpx fixes for who(1) also contained a small change to
make it work properly with the pts/%u naming. Unfortunately, this change
was never merged to FreeBSD 8. Properly remove the /dev/ part of the TTY
name instead of stripping until the last /.
Reported by: Eivind E <eivinde terraplane org>
Tested by: uqs@
jpaetzel [Sun, 13 Feb 2011 15:15:47 +0000 (15:15 +0000)]
MFC 218523:
Netgear renamed the WG311 to the WG311v1 after they released a second
version of it. There is also a WG311v3 which uses a chipset covered by
malo(4). Along the way add the WG311T to the list which is also an
atheros chipset.
simon [Sun, 13 Feb 2011 10:22:43 +0000 (10:22 +0000)]
MFC 218625:
Fix Incorrectly formatted ClientHello SSL/TLS handshake messages could
cause OpenSSL to parse past the end of the message.
Note: Applications are only affected if they act as a server and call
SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. This includes
Apache httpd >= 2.3.3, if configured with "SSLUseStapling On".
The very quick MFC is done to get this fix into 7.4 / 8.2.
Discussed with: re
Approved by: so (simon, for "instant" MFC)
Obtained from: OpenSSL CVS
Security: http://www.openssl.org/news/secadv_20110208.txt
Security: CVE-2011-0014
ae [Fri, 11 Feb 2011 05:56:14 +0000 (05:56 +0000)]
MFC r218278:
vdev's sectorsize should not be greater than 8 Kbytes and also
it should be power of 2. This prevents non-aligned access while
probing vdev's labels.
ae [Fri, 11 Feb 2011 05:37:05 +0000 (05:37 +0000)]
MFC r218014:
Add new user-friendly aliases for partition types for the MBR and
EBR schemes: fat32, ebr, linux-data, linux-raid, linux-swap and
linux-lvm. Add bios-boot GUID and alias for the GPT scheme. It used by
GRUB 2 loader. Also do sorting definitions of types in diskmbr.h
and in g_part.c.
marius [Tue, 8 Feb 2011 22:08:00 +0000 (22:08 +0000)]
MFC: r216961
Reserve INTR_MD[1-4] similarly to what BUS_DMA_BUS[1-4] are intended for
and switch sparc64 to use the first one for bus error filter handlers of
bridge drivers instead of (ab)using INTR_FAST for that so we eventually
can get rid of the latter.
kib [Tue, 8 Feb 2011 09:25:32 +0000 (09:25 +0000)]
MFC r218168:
Only process as much array elements as we find the sockets during
second phase of gc. Take linkage lock and recheck the eligibility
of the socket for gc, as well as call fhold() under the linkage lock.
For the ZFS kernel module, change the type of clock_t to int64_t.
The clock_t type in OpenSolaris is long (int64_t on amd64).
On FreeBSD clock_t is int32_t. The clock_t type is used in several places
in the ZFS code to store system uptime in milliseconds ("seconds * hz").
With hz=1000 we have a 32-bit integer overflow in 24 days, 20 hours,
31 minutes and 23.648 seconds. This has a user reported negative impact
on l2arc_feed_thread() and may cause unexpected results from other functions
using clock_t.
Reported by: Artem Belevich <fbsdlist@src.cx> on freebsd-fs@
brooks [Sun, 6 Feb 2011 13:59:03 +0000 (13:59 +0000)]
MFC r215213:
Add an (off by default) check for negative permissions (where the
group on a object has less permissions than everyone). These
permissions will not work reliably over NFS if you have more than
14 supplemental groups and are usually not what you mean.
emaste [Sun, 6 Feb 2011 01:13:10 +0000 (01:13 +0000)]
MFC r218207:
Revert part of r173264. Both aac_ioctl_sendfib and aac_ioctl_send_raw_srb
make use of the aac_ioctl_event callback, if acc_alloc_command fails.
This can end up in an infinite loop in the while loop in
aac_release_command.
kib [Sat, 5 Feb 2011 22:57:14 +0000 (22:57 +0000)]
MFC r217819:
Allow debugger to specify that children of the traced process should be
automatically traced. Extend the ptrace(PL_LWPINFO) to report that child
just forked.
To not change the struct thread layout, td_dbg_forked was placed at the
end of the structure.
jilles [Sat, 5 Feb 2011 21:47:04 +0000 (21:47 +0000)]
MFC r216019: sh: Make the test for cd/pwd with long pathnames more useful:
* Use $(getconf PATH_MAX /) to make sure we actually exercise the hard part
* Delete our test area even if the test fails
mav [Sat, 5 Feb 2011 21:34:26 +0000 (21:34 +0000)]
MFC r217774:
ICH7 SATA controller in legacy mode can provide access to SATA registers
via AHCI-like memory resource at BAR(5). Use it if BIOS was so kind to
allocate memory for that BAR. This allows hot-plug support and connection
speed reporting.
jilles [Sat, 5 Feb 2011 21:00:35 +0000 (21:00 +0000)]
MFC r216168: sh(1): Clean up documentation of built-in commands.
Make sure all built-in commands are in the subsection named such, except
exp, let and wordexp which are deliberately undocumented. The text said only
built-ins that really need to be a built-in were documented there but in
fact almost all of them were already documented.
mav [Sat, 5 Feb 2011 20:57:01 +0000 (20:57 +0000)]
MFC r217875:
In addition to r217444, ignore also ATA status errors on DMA Auto-Activation
enabling request. Some HP disks reported to return ABORT error there while
declaring support for this feature.
mav [Sat, 5 Feb 2011 20:52:43 +0000 (20:52 +0000)]
MFC r217444:
Some old WD SATA disks report supported and enabled device-initiated
interface power management, but return ABORT error on attempt to disable
it. Make CAM SATA probe sequence ignore this error, as it is not fatal.
jilles [Sat, 5 Feb 2011 20:48:45 +0000 (20:48 +0000)]
MFC r208505: sh(1): Rework documentation of shell variables.
* Move the "environment variables" that do not need exporting to be
effective or that are set by the shell without exporting to a new section
"Special Variables".
* Add special variables LINENO and PPID.
* Add environment variables LANG, LC_* and PWD; also describe ENV under
environment variables.
jilles [Sat, 5 Feb 2011 20:25:17 +0000 (20:25 +0000)]
MFC r217557: sh: Fix signal messages being sent to the wrong file sometimes.
When a foreground job exits on a signal, a message is printed to stdout
about this. The buffer was not flushed after this which could result in the
message being written to the wrong file if the next command was a builtin
and had stdout redirected.
dougb [Sat, 5 Feb 2011 19:13:34 +0000 (19:13 +0000)]
Update to BIND 9.6.3, the latest from ISC on the 9.6 branch.
All 9.6 users with DNSSEC validation enabled should upgrade to this
version, or the latest version in the 9.7 branch, prior to 2011-03-31
in order to avoid validation failures for names in .COM as described
here:
In addition the fixes for this and other bugs, there are also the
following:
* Various fixes to kerberos support, including GSS-TSIG
* Various fixes to avoid leaking memory, and to problems that could
prevent a clean shutdown of named
jilles [Sat, 5 Feb 2011 15:09:55 +0000 (15:09 +0000)]
MFC r217847: sh: Clean up some old comments:
* There is no plan for an alternative to the command "set".
* Attempting to unset a readonly variable has not raised an error for quite
a while, so the order of unsetting a variable and a function with the same
name does not matter.
yongari [Fri, 4 Feb 2011 20:32:52 +0000 (20:32 +0000)]
MFC r216829,216833:
rr216829:
Add driver for DM&P Vortex86 RDC R6040 Fast Ethernet.
The controller is commonly found on DM&P Vortex86 x86 SoC. The
driver supports all hardware features except flow control. The
flow control was intentionally disabled due to silicon bug.
DM&P Electronics, Inc. provided all necessary information including
sample board to write driver and answered many questions I had.
Many thanks for their support of FreeBSD.
__assert() is called when an assertion fails. After printing an error
message, it will call abort(). abort() never returns, hence it has the
__dead2 attribute. Also add this attribute to __assert().
jhb [Fri, 4 Feb 2011 17:11:37 +0000 (17:11 +0000)]
MFC 217351:
Introduce two new helper macros to define the priority ranges used for
interactive timeshare threads (PRI_*_INTERACTIVE) and non-interactive
timeshare threads (PRI_*_BATCH) and use these instead of PRI_*_REALTIME
and PRI_*_TIMESHARE. No functional change.
jhb [Fri, 4 Feb 2011 16:30:13 +0000 (16:30 +0000)]
MFC 217292:
- Retire some unused ithread priorities: PI_TTYHIGH, PI_TAPE, and
PI_DISKLOW. While here, rename PI_TTYLOW to PI_TTY.
- Add a macro PI_SWI() that takes a SWI_* constant as an argument and
returns the suitable thread priority.
To preserve the KBI, I did not renumber priorities but simply removed
unused ones.
jhb [Fri, 4 Feb 2011 14:29:05 +0000 (14:29 +0000)]
MFC 218171:
Output an appropriate amount of padding to line up per-CPU state columns
rather than using a terminal sequence to move the cursor when drawing the
initial screen.
brucec [Fri, 4 Feb 2011 10:19:56 +0000 (10:19 +0000)]
MFC r216873:
There can be more than 0x20000000 swap meta blocks allocated if a swap-backed
md(4) device is used. Don't panic when deallocating such a device if swap
has been used.
kib [Fri, 4 Feb 2011 09:15:23 +0000 (09:15 +0000)]
MFC r218026:
If more than one thread allocated sf buffers for sendfile(2), and
each of the threads needs more while current pool of the buffers is
exhausted, then neither thread can make progress.
Switch to nowait allocations after we got first buffer already.
MFC r217924:
While inspecting the disklabel check that start offset of partition is
within provider's bounds. If not then reject this disklabel.
Mark bbarea as NULL to do not free it again in destroy method.
yongari [Wed, 2 Feb 2011 18:42:53 +0000 (18:42 +0000)]
MFC r216925,217331,217349,217542:
r216925:
Add a 'locked' variant of the foo_start() routine and call it directly
from interrupt handlers and watchdog routines instead of queueing a task
to call foo_start().
r217331:
Make sure to invoke unlocked foo_start since the taskqueue does not
hold a driver lock. This should fix a regression introduced in
r216925.
r217349:
Forgot to remove unlock of the driver lock from age_start_locked() when
converting it to a locked variant.
r217542:
Fix some bugs in my last set of changes to ale(4):
- Remove extra unlock from end of ale_start_locked().
- Expand scope of locking in interrupt handler.
- Move ether_ifdetach() earlier and retire now-unneeded DETACH flag.
kib [Wed, 2 Feb 2011 12:24:53 +0000 (12:24 +0000)]
MFC r217880:
Treat async buffer writes from the gjournal switcher thread the same as
from syncer. We shall not sleep on running buffer space when suspending.
kib [Tue, 1 Feb 2011 10:20:31 +0000 (10:20 +0000)]
MFC r217824:
When vtruncbuf() iterates over the vnode buffer list, lock buffer object
before checking the validity of the next buffer pointer. Otherwise, the
buffer might be reclaimed after the check, causing iteration to run into
wrong buffer.
MFC r217531:
Limit maximum number of GPT entries to 4k. It is most realistic value
and can prevent kernel memory exhausting when big value is specified
from command line.
Split reading and writing operation to several iterations to do not
trigger KASSERT when data length is greater than MAXPHYS.