1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-18 10:35:55 +00:00
Commit Graph

117766 Commits

Author SHA1 Message Date
Brooks Davis
1469b42c7d MFOpenBSD rev 1.9: fix a buffer overflow when processing config file
lines that are exactly 81 characters in length.

Obtained from:	OpenBSD
MFC After:	3 days
2005-08-24 00:05:04 +00:00
Brooks Davis
8794fdbb48 Add __FBSDID to all .c files in dhclient to aid in determining file
versions when dealing with user problems.
2005-08-23 23:59:55 +00:00
Ian Dowse
f1129b105e Provide the USB device release number along with other parameters
so that devd can match on it. This field was already available to
usbd and is used by a number of usbd.conf entries, so now it is
possible to transfer those entries to devd.conf.

Submitted by:	Anish Mistry
2005-08-23 21:32:49 +00:00
Poul-Henning Kamp
fc377cca01 End the MALLOC_DEFINE macro without the semi-colon, the caller supplies
that.

Spotted by:	Flexelint
2005-08-23 20:31:21 +00:00
Andrew Thompson
dba31bdea1 The mtu check in bridge_enqueue is bogus as the maximum Ethernet frame is
actually 1514, so comparing the mbuf length which includes the Ethernet header
to the interface MTU is wrong.

The check was a little over the top so just remove it.

Approved by:	mlaier (mentor)
MFC after:	3 days
2005-08-23 19:49:00 +00:00
Pawel Jakub Dawidek
a180109fa3 Verify if we can actually read the data at given offset.
Reported by:	Martin <nakal@nurfuerspam.de>
2005-08-23 18:55:38 +00:00
Markus Brueffer
b192b1d38e - Document the led(4) interface for the Thinklight
- Bump .Dd

Approved by:	brueffer
MFC after:	3 days
2005-08-23 18:34:39 +00:00
Joseph Koshy
953adc1723 Document the diagnostic message printed at startup time. Keep the
list of diagnostic messages sorted.

Document the recently introduced EOPNOTSUPP error return.  Repair
sort ordering for the list of error descriptions.

MFC after:	3 days
2005-08-23 17:18:27 +00:00
Christian S.J. Peron
49db78b0e0 Add documentation for the BIOCLOCK and BIOCSETWF ioctl commands. Also
modify the documentation for BIOCSETF to note that it sets the read
filter.

Pointed out by:	simon
2005-08-23 17:08:59 +00:00
Andre Oppermann
ef8fd90476 Remove unnecessary IPSEC includes.
MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-23 14:42:40 +00:00
Max Laier
0bdf5171c8 Don't loop back packets that have been routed by pf. This fixes an endless
loop where the same packet is sent over and over again.

Obtained from:	OpenBSD
Reported by:	Sergey Lapin
Tested by:	Sergey Lapin
MFC after:	7 days
2005-08-23 14:13:17 +00:00
Brian Somers
e1bfde1b04 Add a -h option to tell cmp not to follow symbolic links.
MFC after:	3 weeks
Sponsored by:	Sophos/ActiveState
2005-08-23 13:13:13 +00:00
Søren Schmidt
70037ab36a Apply fix for "pr82261 DMA-support on Sparc64 broken"
The Acer chip or wiring that SUN uses has problems that this patch
tries to work around.
Original patch by Marius Strobl, hacked into shape by me..
2005-08-23 08:53:01 +00:00
Brian Somers
188a72ee1f Fix a couple of typos 2005-08-23 07:58:55 +00:00
Don Lewis
ad9f180121 Back out the removal of LK_NOWAIT from the VOP_LOCK() call in
vlrureclaim() in vfs_subr.c 1.636  because waiting for the vnode
lock aggravates an existing race condition.  It is also undesirable
according to the commit log for 1.631.

Fix the tiny race condition that remains by rechecking the vnode
state after grabbing the vnode lock and grabbing the vnode interlock.

Fix the problem of other threads being starved (which 1.636 attempted
to fix by removing LK_NOWAIT) by calling uio_yield() periodically
in vlrureclaim().  This should be more deterministic than hoping
that VOP_LOCK() without LK_NOWAIT will block, which may not happen
in this loop.

Reviewed by:	kan
MFC after:	5 days
2005-08-23 03:44:06 +00:00
Christian S.J. Peron
4d3d08301e FreeBSD unconditionally supports write filters now. 2005-08-23 01:35:38 +00:00
Maksim Yevmenkin
db37c09a49 Fix multiple typos in the mutex names. This fixes false positive (and pretty
strange looking too) LORs I have seen on my system. Pointy hat to goes to me.

MFC after:	1 day
2005-08-23 00:50:59 +00:00
Christian S.J. Peron
ae21aee6ff Add support for processing the "bd_locked" flag offered by the bpf
stats structure.
2005-08-23 00:06:04 +00:00
Christian S.J. Peron
5f305d1bf2 FreeBSD now supports BIOCLOCK. So we can use it now.
Reviewed by:	mlaier
2005-08-23 00:03:58 +00:00
Lukas Ertl
fdb9eda84f Correct the check if a plex is accessible in case it is not up.
This makes degraded RAID5 plexes actually work.
2005-08-22 23:24:26 +00:00
Andre Oppermann
23655387e9 o Fix a logic error when not doing mbuf cluster allocation.
o Change an old panic() to a clean function exit.

MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 22:13:41 +00:00
Alan Cox
7380c1acb5 Pass the PDE from pmap_remove() to pmap_remove_page() so that the latter
procedure doesn't have to recompute it.
2005-08-22 20:02:40 +00:00
Christian S.J. Peron
93e39f0b93 Introduce two new ioctl(2) commands, BIOCLOCK and BIOCSETWF. These commands
enhance the security of bpf(4) by further relinquishing the privilege of
the bpf(4) consumer (assuming the ioctl commands are being implemented).

Once BIOCLOCK is executed, the device becomes locked which prevents the
execution of ioctl(2) commands which can change the underly parameters of the
bpf(4) device. An example might be the setting of bpf(4) filter programs or
attaching to different network interfaces.

BIOCSETWF can be used to set write filters for outgoing packets. Currently if
a bpf(4) consumer is compromised, the bpf(4) descriptor can essentially be used
as a raw socket, regardless of consumer's UID. Write filters give users the
ability to constrain which packets can be sent through the bpf(4) descriptor.

These features are currently implemented by a couple programs which came from
OpenBSD, such as the new dhclient and pflogd.

-Modify bpf_setf(9) to accept a "cmd" parameter. This will be used to specify
 whether a read or write filter is to be set.
-Add a bpf(4) filter program as a parameter to bpf_movein(9) as we will run the
 filter program on the mbuf data once we move the packet in from user-space.
-Rather than execute two uiomove operations, (one for the link header and the
 other for the packet data), execute one and manually copy the linker header
 into the sockaddr structure via bcopy.
-Restructure bpf_setf to compensate for write filters, as well as read.
-Adjust bpf(4) stats structures to include a bd_locked member.

It should be noted that the FreeBSD and OpenBSD implementations differ a bit in
the sense that we unconditionally enforce the lock, where OpenBSD enforces it
only if the calling credential is not root.

Idea from:	OpenBSD
Reviewed by:	mlaier
2005-08-22 19:35:48 +00:00
Joseph Koshy
e753fde4e6 On x86 processors, turn off any 'INTERRUPT' capabilities on PMCs
if the CPU does not have its local APIC enabled.

MFC after:	3 days
2005-08-22 18:20:41 +00:00
Joseph Koshy
744d67975f Return EOPNOTSUPP instead of EINVAL if a PMC allocation request
specifies a PMC capability (e.g., sampling) that is not supported
by hardware.  Return EINVAL early if the PMC class passed in is
not recognized.

MFC after:	3 days
2005-08-22 18:18:20 +00:00
Joseph Koshy
a8eb16c5ea Print PMC capabilities at module load time.
MFC after:	3 days
2005-08-22 17:51:08 +00:00
Andre Oppermann
5090c7544f Document IP_MINTTL socket option.
MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 16:14:53 +00:00
Andre Oppermann
936cd18dad Add socketoption IP_MINTTL. May be used to set the minimum acceptable
TTL a packet must have when received on a socket.  All packets with a
lower TTL are silently dropped.  Works on already connected/connecting
and listening sockets for RAW/UDP/TCP.

This option is only really useful when set to 255 preventing packets
from outside the directly connected networks reaching local listeners
on sockets.

Allows userland implementation of 'The Generalized TTL Security Mechanism
(GTSM)' according to RFC3682.  Examples of such use include the Cisco IOS
BGP implementation command "neighbor ttl-security".

MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 16:13:08 +00:00
Andre Oppermann
6b773dff30 Always quote the entire TCP header when responding and allocate an mbuf
cluster if needed.

Fixes the TCP issues raised in I-D draft-gont-icmp-payload-00.txt.

This aids in-the-wild debugging a lot and allows the receiver to do
more elaborate checks on the validity of the response.

MFC after:	2 weeks
Sponsored by:	TCP/IP Optimization Fundraise 2005
2005-08-22 14:12:18 +00:00
Andre Oppermann
d56ea155bd Handle pure layer 2 broad- and multicasts properly and simplify related
checks.

PR:		kern/85052
Submitted by:	Dmitrij Tejblum <tejblum at yandex-team.ru>
MFC after:	3 days
2005-08-22 12:06:26 +00:00
Søren Schmidt
971846e49c Fix problem on Promise "mio" controllers and 48bit mode caused by last commit 2005-08-22 11:38:53 +00:00
Brian Somers
34c22943ec Spell powersavesleep correctly. 2005-08-22 09:59:13 +00:00
Colin Percival
d7883da19f When looking for new lines in diff output, grep for '^[>+]' instead of
'^>', in order to catch both normal and unified diffs.

Problem reported by:	volker at vwsoft dot com via -stable
MFC after:	3 days
2005-08-22 09:33:36 +00:00
Colin Percival
f46417c577 Most users probably aren't interested in locating 13000+ files named
[0-9a-f]{64}, so exclude portsnap's compressed snapshots from locate's
indexing.

Suggested by:	silby
MFC after:	3 days
2005-08-22 08:22:48 +00:00
Alan Cox
2c15852e1e Change pmap_extract() and pmap_extract_and_hold() to use PG_FRAME rather
than ~PDRMASK to extract the physical address of a superpage from a PDE.
The use of ~PDRMASK is problematic if the PDE has PG_NX set.  Specifically,
the PG_NX bit will be included in the physical address if ~PDRMASK is used.

Reviewed by:	peter
2005-08-22 07:23:51 +00:00
Hajimu UMEMOTO
b1a6f1d8a2 SADB_UPDATE did not return an error when key length is invalid.
Obtained from:	KAME
2005-08-22 07:05:14 +00:00
Greg Lehey
2fa636f5fe Add relationship between offence and beer.
Submitted by: philip
2005-08-22 06:03:40 +00:00
Joseph Koshy
d4d6be499f Turn off sampling modes on the AMD64 till the time I can track down
the reason for the double fault seen when sampling under load.

MFC after:	3 days
2005-08-22 02:59:51 +00:00
Warner Losh
fa949fc86d if_ral_pccard does not depend on pccard module directly, but rather
depends, like all other pccard drivers, indirectly through kobj on
pccard.  Therefore, it is not appropriate to force pccard to be loaded
when if_ral.ko is loaded.  This makes it possible to load if_ral w/o
loading pccard.ko on, eg, pci only systems.
2005-08-22 00:20:28 +00:00
Suleiman Souhlal
93373c422f Set the mountpoint path in the superblock (fs_fsmnt) at mount-time
so that it appears in the various messages (not cleanly unmounted,
filesystem full, etc). This has been broken since rev 1.261.
2005-08-21 22:06:41 +00:00
Gleb Smirnoff
03b25f5ddc In ng_callout() assert that supplied arguments are non-NULL. 2005-08-21 19:48:51 +00:00
Pawel Jakub Dawidek
1ec75877dc Stop callout before freeing memory, so it won't panic from softclock.
Reported by:	Jonatan B <onatan@gmail.com>
MFC after:	3 days
2005-08-21 19:16:27 +00:00
Pawel Jakub Dawidek
e5cd9375e4 Before freeing memory, assert that there is no pending callout.
MFC after:	3 days
2005-08-21 19:15:14 +00:00
Tor Egge
15da51f73c Don't set the COMPLETE flag in an inodedep structure before the related
inode has been written.
2005-08-21 18:19:06 +00:00
Pawel Jakub Dawidek
dd549194ae By default, when doing crypto work in software, start as many threads
as we have active CPUs and bind each thread to its own CPU.

MFC after:	3 days
2005-08-21 18:12:51 +00:00
Pawel Jakub Dawidek
b8db9f58da Remove stale comment (we now always start worker thread).
MFC after:	3 days
2005-08-21 18:06:35 +00:00
Pawel Jakub Dawidek
4e4aa37e75 mp_ncpus is always (properly) initialized, even on UP kernels, so just use it. 2005-08-21 18:03:31 +00:00
Andre Oppermann
bb10780f9f Commit correct version of the change and note the name of the new
sysctl: net.inet.icmp.quotelen and defaults to 8 bytes.

Pointy hat to:	andre
2005-08-21 15:18:00 +00:00
Andre Oppermann
e875dfb826 Add a sysctl to change to length of the quotation of the original
packet in an ICMP reply.  The minimum of 8 bytes is internally
enforced.  The maximum quotation is the remaining space in the
reply mbuf.

This option is added in response to the issues raised in I-D
draft-gont-icmp-payload-00.txt.

MFC after:	2 weeks
Spnsored by:	TCP/IP Optimizations Fundraise 2005
2005-08-21 15:09:07 +00:00
Damien Bergamini
30feefb1d2 Fix basic rates set for 802.11a/g operating modes. This can significantly
improve transfer rates in 802.11a/g.  Fix IFS settings in ral(4) too.

MFC after:	6 days
2005-08-21 14:16:20 +00:00