1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-26 11:47:31 +00:00
Commit Graph

146616 Commits

Author SHA1 Message Date
Bjoern A. Zeeb
0fb550caba While we currently still seem to have a gateway address, for future
stability, check for gw to be set before adding the flag and the address
to the routing message.

r186308, backed out in r191305, already tried to do that, and in addition
ignore AF_LINK types of gateway addresses to work around a problem that
r167797 had introduced on the kernel side always setting RTF_GATEWAY if a
gateway address was passed into the kernel.
The proper solution for this is still under discussion so I am hesitant to
re-add the special AF_LINK treatment for now.

MFC after:	3 days
2009-04-20 11:51:35 +00:00
Bjoern A. Zeeb
16f37cbd72 Back out r186308:
in case of AF_LINK, which the kernel still returns for an RTAX_GATEWAY
as an empty sockaddr_dl in the classic tun<n> case.
Copying the address into the message payload, but not the RTA_GATEWAY
flag results in rt_xaddrs() in the kernel tripping over that and parsing
the next attribute set with a flag, i.e. RTA_NETMASK, with the gateway
address, resulting in bogus route entry.

MFC after:	3 days
2009-04-20 11:22:51 +00:00
Ed Schouten
2cbf101b17 Get rid of the device index number stored in the sa(4) unit number.
The device index number stored in the unit number of sa(4) devices is
only used to print debug messages. Get rid of this index number and use
devtoname() to just print the entire device name.
2009-04-20 10:40:42 +00:00
Robert Watson
3f2f85a6de Prefer <sys/param.h> to <machine/param.h> for the definition of
CACHE_LINE_SIZE.

Submitted by:	bde
MFC after:	2 weeks
2009-04-20 10:35:50 +00:00
Ollivier Robert
0963cc7dac Merge r191298 into HEAD.
Prevent a buffer overflow in ntpq.  Patch taken from the PR database
after being committed to the official ntp tree and present in 4.2.4p7-rc2.

It will be MFH to the upcoming 7.2 pending re approval.

Obtained from:  https://support.ntp.org/bugs/show_bug.cgi?id=1144
MFC after:      3 days
Security:       http://www.securityfocus.com/bid/34481
                CVE-2009-0159
2009-04-20 09:59:08 +00:00
Pyun YongHyeon
f2e491c9c5 For RTL8139C+ controllers, have controller handle padding short
checksum offload frames. Software workaround used for broken
controllers(RTL8169, RTL8168, RTL8168B) seem to cause watchdog
timeouts on RTL8139C+.
Introduce a new flag RL_FLAG_AUTOPAD to mark automatic padding
feature of controller and set it for RTL8139C+ and controllers that
use new descriptor format. This fixes watchdog timeouts seen on
RTL8139C+.

Reported by:	Dimitri Rodis < DimitriR <> integritasystems dot com >
Tested by:	Dimitri Rodis < DimitriR <> integritasystems dot com >
2009-04-20 07:13:04 +00:00
Alan Cox
1c951556bc MFamd64/i386
Introduce pmap_try_insert_pv_entry(), a function that conditionally
  creates a pv entry if the number of entries is below the high water mark
  for pv entries.

  Introduce pmap_enter_quick_locked() and use it to reimplement
  pmap_enter_object().  The old implementation was broken.  For example,
  it could block while holding a mutex lock.

  Change pmap_enter_quick_locked() to fail rather than wait if it is
  unable to allocate a page table page.  This prevents a race between
  pmap_enter_object() and the page daemon.  Specifically, an inactive
  page that is a successor to the page that was given to
  pmap_enter_quick_locked() might become a cache page while
  pmap_enter_quick_locked() waits and later pmap_enter_object() maps
  the cache page violating the invariant that cache pages are never
  mapped.  Similarly, change
  pmap_enter_quick_locked() to call pmap_try_insert_pv_entry() rather
  than pmap_insert_entry().  Generally speaking,
  pmap_enter_quick_locked() is used to create speculative mappings.  So,
  it should not try hard to allocate memory if free memory is scarce.

Tested by:	gonzo
2009-04-20 03:44:54 +00:00
Warner Losh
472dfd2aeb Cleanup resource allocation code a bit. Store the rids on the
resources rather than on the softc.  When we allocate resources for PC
Card, if we only get 16 ports, try again to get the others.
2009-04-20 01:19:59 +00:00
Ollivier Robert
8c0610b960 Prevent a buffer overflow in ntpq. Patch taken from the PR database
after being committed to the official ntp tree and present in 4.2.4p7-rc2.

It will be MFH to the upcoming 7.2 pending re approval.

Obtained from:	https://support.ntp.org/bugs/show_bug.cgi?id=1144
MFC after:	    3 days
Security:	    http://www.securityfocus.com/bid/34481
                CVE-2009-0159
2009-04-19 23:34:52 +00:00
Robert Watson
781202d7fd Pass int arguments to auditon(2)'s A_GETCOND API rather than long
arguments.  This change should be MFC'd with OpenBSM 1.1 since they
are interdependent.

MFC after:	2 weeks
Obtained from:	TrustedBSD Project
Sponsored by:	Apple, Inc.
2009-04-19 23:34:22 +00:00
Robert Watson
2a5058a3ed Temporarily relax the constraints on argument size checking for A_GETCOND;
login(1) isn't quite ready for them yet on 64-bit systems as it continues
to use the conventions of the old version of the API.

Reported by:	stas, Jakub Lach <jakub_lach at mailplus.pl>
2009-04-19 23:28:08 +00:00
Robert Watson
d9d845a99c Explicitly include machine/param.h for CACHE_LINE_SIZE.
MFC after:	2 weeks
2009-04-19 23:03:57 +00:00
Robert Watson
d1f2f1c3f3 Now that the kernel defines CACHE_LINE_SIZE in machine/param.h, use
that definition in the custom locking code for the run-time linker
rather than local definitions.

Pointed out by:	tinderbox
MFC after:	2 weeks
2009-04-19 23:02:50 +00:00
Robert Watson
072b8f8ea7 Lock the interface address list when searching for a matching interface
by address, or when implementing 'me' rules on IPv6.  Prefer the field
name if_addrhead to the macro if_addrlist.

MFC after:	2 weeks
2009-04-19 22:34:35 +00:00
Robert Watson
b132600ab2 In divert_packet(), lock the interface address list before iterating over
it in search of an address.

MFC after:	2 weeks
2009-04-19 22:29:16 +00:00
Robert Watson
9317b04e46 Lock interface address lists in in_pcbladdr() when searching for a
source address for a connection and there's no route or now interface
for the route.

MFC after:	2 weeks
2009-04-19 22:25:09 +00:00
Robert Watson
8021456a24 Protect against some writer-writer races in in_control() by acquiring
the interface address list lock around interface address list
modifications.  More to do here.

MFC after:	2 weeks
2009-04-19 22:16:19 +00:00
Robert Watson
3fd5c685f7 Lock the interface address list while building replies to
NGM_CISCO_COOKIE messages in ng_iface.

MFC after:	2 weeks
2009-04-19 22:05:39 +00:00
Robert Watson
315a0b84cc Lock interface address list when building a reply to NGM_EIFACE_GET_IFADDRS
messages in ng_eiface.

MFC after:	2 weeks
2009-04-19 22:04:29 +00:00
Robert Watson
f25cc1d0d9 Lock interface address list lock around ifaddr inserts and deletes
in at_control().  This locking is not yet complete but should prevent
some classes of race conditions.

MFC after:	2 weeks
2009-04-19 22:01:38 +00:00
Nathan Whitehorn
37dd6c71ca Build sound modules on PowerPC. 2009-04-19 21:37:45 +00:00
Robert Watson
e5a9a8ead8 Lock the interface address list while iterating a network interface's
address list when searching for a link-layer address to use during uuid
generation.

MFC after:	2 weeks
2009-04-19 21:36:18 +00:00
Robert Watson
22037b2d2c Add description and cautionary note regarding CACHE_LINE_SIZE.
MFC after:	2 weeks
Suggested by:	alc
2009-04-19 21:26:36 +00:00
Konstantin Belousov
6bed074cd2 In both pageout oom handler and vm_daemon, acquire the reference to
the vmspace of the examined process instead of directly accessing its
vmspace, that may change. Also, as an optimization, check for P_INEXEC
flag before examining the process.

Reported and tested by:	pho (previous version)
Reviewed by:	alc
MFC after:	3 week
2009-04-19 20:53:47 +00:00
Robert Watson
a93fa8f2bb For each architecture, define CACHE_LINE_SHIFT and a derived
CACHE_LINE_SIZE constant.  These constants are intended to
over-estimate the cache line size, and be used at compile-time
when a run-time tuning alternative isn't appropriate or
available.

Defaults for all architectures are 64 bytes, except powerpc
where it is 128 bytes (used on G5 systems).

MFC after:	2 weeks
Discussed on:   arch@
2009-04-19 20:19:13 +00:00
Poul-Henning Kamp
99d67eca50 A script for plucking packages and their runtime dependencies for
nanobsd images.
2009-04-19 18:23:23 +00:00
Robert Noland
8f6d3bf7a2 Don't try to setup interrupts for drivers that don't support them.
This causes sis and probably a couple of other driver to panic and fail.

Tested by:	cpghost <cpghost@cordula.ws>
PR:		133554
MFC after:	3 days
2009-04-19 16:54:33 +00:00
Robert Watson
c0020399a6 Merge OpenBSM 1.1 from OpenBSM vendor branch to head.
OpenBSM history for imported revision below for reference.

MFC after:      2 weeks
Sponsored by:   Apple, Inc.
Obtained from:  TrustedBSD Project

OpenBSM 1.1

- Change auditon(2) parameters and data structures to be 32/64-bit architecture
  independent.  Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
  commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
  the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
  added:  au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
  definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
  generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page.  Also, make it clear that we want
  the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
  authorization events, has been added.
2009-04-19 16:17:13 +00:00
Robert Watson
a751bb7470 Vendor import of OpenBSM 1.1, which incorporates the following changes
since the last imported OpenBSM release:

OpenBSM 1.1

- Change auditon(2) parameters and data structures to be 32/64-bit architecture
  independent.  Add more information to man page about auditon(2) parameters.
- Add wrapper functions for auditon(2) to use legacy commands when the new
  commands are not supported.
- Add default for 'expire-after' in audit_control to expire trail files when
  the audit directory is more than 10 megabytes ('10M').
- Interface to convert between local and BSM fcntl(2) command values has been
  added:  au_bsm_to_fcntl_cmd(3) and au_fcntl_cmd_to_bsm(3), along with
  definitions of constants in audit_fcntl.h.
- A bug, introduced in OpenBSM 1.1 alpha 4, in which AUT_RETURN32 tokens
  generated by audit_submit(3) were improperly encoded has been fixed.
- Fix example in audit_submit(3) man page.  Also, make it clear that we want
  the audit ID as the argument.
- A new audit event class 'aa', for post-login authentication and
  authorization events, has been added.

Obtained from:	TrustedBSD Project
Sponsored by:	Apple, Inc.
2009-04-19 15:18:16 +00:00
Robert Watson
4df4e33572 Merge OpenBSM 1.1 changes to the FreeBSD 8.x kernel:
- Add and use mapping of fcntl(2) commands to new BSM constant space.
- Adopt (int) rather than (long) arguments to a number of auditon(2)
  commands, as has happened in Solaris, and add compatibility code to
  handle the old comments.

Note that BSM_PF_IEEE80211 is partially but not fully removed, as the
userspace OpenBSM 1.1alpha5 code still depends on it.  Once userspace
is updated, I'll GCC the kernel constant.

MFC after:		2 weeks
Sponsored by:		Apple, Inc.
Obtained from:		TrustedBSD Project
Portions submitted by:	sson
2009-04-19 14:53:17 +00:00
Dmitry Chagin
b1121623d2 Remove support for FUTEX_REQUEUE operation.
Glibc does not use this operation since 2.3.3 version (Jun 2004),
as it is racy and replaced by FUTEX_CMP_REQUEUE operation.
Glibc versions prior to 2.3.3 fall back to FUTEX_WAKE when
FUTEX_REQUEUE returned EINVAL.

Any application directly using FUTEX_REQUEUE without return
value checking are definitely broken.

Limit quantity of messages per process about unsupported
operation.

Approved by:	kib (mentor)
MFC after:	1 month
2009-04-19 13:48:42 +00:00
Robert Watson
bb1c7df80f struct malloc_type has had a 'magic' field statically initialized to
M_MAGIC by MALLOC_DEFINE() for a long time; add assertions that
malloc_type's passed to malloc(), free(), etc have that magic set.

MFC after:	2 weeks
2009-04-19 12:41:37 +00:00
Robert Watson
eb7bba19c5 Garbage collect now-unused struct malloc_type fields, bump __FreeBSD_version
as kernel modules will need to be rebuilt.  These fields existed to support
binary compatibility with kernel modules from before the introduction of
libmemstat(3) in FreeBSD 6.x, so they are no longer required.
2009-04-19 11:20:57 +00:00
Edward Tomasz Napierala
e0ee758989 When allocating 'struct acl' instances, use malloc(9) instead of uma(9).
This struct will get much bigger soon, and we don't want to waste too much
memory on UMA caches.

Reviewed by:	rwatson
2009-04-19 09:56:30 +00:00
Marc Fonvieille
019dfcf65e Add docs category.
MFC after:	3 days
2009-04-19 08:31:55 +00:00
Bruce M Simpson
b5fbc0b98f Now that IFF_NEEDSGIANT has been removed from the network
stack, catch up with this in IGMPv3 and remove dead code.
This has the side-effect of not being back-portable to RELENG_7
w/o further changes.
2009-04-19 08:14:21 +00:00
Alan Cox
f4b0c119c0 Calling pmap_clear_modify() after calling pmap_remove_write() is pointless.
The latter function already clears the modified status from each of the
page's mappings.
2009-04-19 07:18:08 +00:00
Tim Kientzle
4f6b15547b When compiled for the release crunches, be a bit
more selective about what libarchive features we pull in:
 * No compression support
 * Only cpio and ustar writing
 * Only cpio and tar/pax readers
This reduces a statically linked, stripped binary from 900k to 680k
and completely eliminates the dependency on libcrypto.
2009-04-19 06:59:12 +00:00
Nathan Whitehorn
55fba05bf5 Fix a typo in the SRR1 comparison for program exceptions. While here,
replace magic numbers with constants to keep this from happening again.

Without this fix, some programs would occasionally get SIGTRAP instead
of SIGILL on an illegal instruction. This affected Altivec detection
in pixman, and possibly other software.

Reported by:	Andreas Tobler
MFC after:	1 week
2009-04-19 06:30:00 +00:00
Konstantin Belousov
f2cc3668fc When verifying '..' after VFS_VGET() in ufs_lookup(), do not return
error if '..' is still there but changed between lookup and check.
Start relookup instead. Rename is supposed to change '..' reference
atomically, so transient failures introduced by r191137 are wrong.

While rearranging the code to allow lookup restart in ufs_lookup(),
remove the comment that only distracts the reader.

Noted and reviewed by:	tegge
Also reported by:	pho
MFC after:	1 month
2009-04-19 05:34:07 +00:00
Kip Macy
65111ec7aa - Allocate a small flowtable in ip_input.c (changeable by tuneable)
- Use for accelerating ip_output
2009-04-19 04:44:05 +00:00
Kip Macy
7a134b0e42 update TODO list 2009-04-19 04:39:42 +00:00
Kip Macy
94681960d9 - put larger flowtable members at the end
- fix bug where tail pointer of the free list would not get advanced
- clear entry's next pointer when it is added to the freelist to avoid freeing
  an entry that it still points to
2009-04-19 04:24:56 +00:00
Alan Cox
f9855e177d Allow valid pages to be mapped for read access when they have a non-zero
busy count.  Only mappings that allow write access should be prevented by
a non-zero busy count.

(The prohibition on mapping pages for read access when they have a non-
zero busy count originated in revision 1.202 of i386/i386/pmap.c when
this code was a part of the pmap.)

Reviewed by:	tegge
2009-04-19 00:34:34 +00:00
Kip Macy
34b07340ff - Import infrastructure for caching flows as a means of accelerating L3 and L2 lookups
as well as providing stateful load balancing when used with RADIX_MPATH.
- Currently compiled in to i386 and amd64 but disabled by default, it can be enabled at
  runtime with 'sysctl net.inet.flowtable.enable=1'.

- Embedded users can remove it entirely from the kernel by adding 'nooption FLOWTABLE' to
  their kernel config files.

- A minimal hookup will be added to ip_output in a subsequent commit. I would like to see
  more review before bringing in changes that require more churn.

Supported by: Bitgravity Inc.
2009-04-19 00:16:04 +00:00
Antoine Brodin
c42ddf78f3 usbdevs(8) is not obsoleted, just temporarily disconnected from the build
Noticed by:	ru@
2009-04-18 22:16:46 +00:00
Robert Watson
04ac2960c4 Remove IFF_NEEDSGIANT interface flag: we no longer provide ifnet-layer
infrastructure to support non-MPSAFE network device drivers.
2009-04-18 20:39:17 +00:00
Robert Watson
31b2ac28c9 ifconfig(8) no longer needs to know how to print the IFF_NEEDSGIANT flag,
since it shortly won't be defined at all.
2009-04-18 20:10:39 +00:00
Robert Watson
78fc60e401 Garbage collect man page reference to IFF_NEEDSGIANT. 2009-04-18 20:09:43 +00:00
Antoine Brodin
41c0e77598 Add more obsolete files, usb related. 2009-04-18 18:21:42 +00:00