1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-27 11:55:06 +00:00
Commit Graph

130046 Commits

Author SHA1 Message Date
Robert Watson
1f837c4753 Push UNIX domain socket locking further into uipc_ctloutput() in order to
avoid holding the UNIX domain socket subsystem lock over soooptcopyin()
and sooptcopyout().  This problem was introduced when LOCAL_CREDS, and
LOCAL_CONNWAIT support were added.

Reviewed by:	mdodd
2007-02-06 14:31:37 +00:00
Robert Watson
0142affc77 Introduce accessor functions mac_label_get() and mac_label_set() to replace
LABEL_TO_SLOT() macro used by policy modules to query and set label data
in struct label.  Instead of using a union, store an intptr_t, simplifying
the API.

Update policies: in most cases this required only small tweaks to current
wrapper macros.  In two cases, a single wrapper macros had to be split into
separate get and set macros.

Move struct label definition from _label.h to mac_internal.h and remove
_label.h.  With this change, policies may now treat struct label * as
opaque, allowing us to change the layout of struct label without breaking
the policy module ABI.  For example, we could make the maximum number of
policies with labels modifiable at boot-time rather than just at
compile-time.

Obtained from:	TrustedBSD Project
2007-02-06 14:19:25 +00:00
Warner Losh
21389c94d9 at91_twi depends on the iicbus module to satisfy its symbols when
loaded, so make that explicit.  Works for the monolithic kernel case,
won't work for the kldload case.
2007-02-06 12:07:14 +00:00
Robert Watson
c96ae1968a Continue 7-CURRENT MAC Framework rearrangement and cleanup:
Don't perform a nested include of _label.h in mac.h, as mac.h now
describes only  the user API to MAC, and _label.h defines the in-kernel
representation of MAC labels.

Remove mac.h includes from policies and MAC framework components that do
not use userspace MAC API definitions.

Add _KERNEL inclusion checks to mac_internal.h and mac_policy.h, as these
are kernel-only include files

Obtained from:	TrustedBSD Project
2007-02-06 10:59:23 +00:00
Christian Brueffer
cebf4a4ed6 Document NetCell NC3000 and NC5000 support. 2007-02-06 09:50:17 +00:00
Kevin Lo
9c20ad30e0 getopt(3) returns -1, not EOF. 2007-02-06 08:48:28 +00:00
Ruslan Ermilov
6a290a48ca - Bump document date.
- Kill whitespace at EOL.
- Add missing markup bit.
2007-02-06 08:46:20 +00:00
Craig Rodrigues
5b54856414 Print warning that "-t msdos" is deprecated and being converted to
"-t msdosfs".  The conversion has been happening since 1.43, but
no equivalent conversion happens in "umount -t", which led to some
confusion with some users.

PR:		79296
Submitted by:	Nobuhiro Yasutomi <nobuhiro yasutomi nifty ne jp>
2007-02-06 05:57:40 +00:00
Mike Pritchard
af7a34173d The change to the vm_page_queue_freelist lock from a spin lock to a
sleep lock missed the witness code, and the system will panic
immediately on boot if WITNESS is enabled.

Changed the witness definition to the new type.
2007-02-06 05:51:55 +00:00
Craig Rodrigues
8a4cab026b Eliminate some dead code which was introduced in 1.23, yet was always
commented out.
2007-02-06 03:30:58 +00:00
Doug Ambrisko
a4a522fa7b s/Feb/February/
Reminded by:	ru
2007-02-05 22:45:58 +00:00
John Baldwin
c632517124 Change GDB_BUFSZ to be large enough to hold a register dump where each
register takes 16 characters (64-bit register in hex).  In practice this
is a slight bit of overkill as 7 of the 56 registers are only 32-bit, but
having the buffer too small results in remote kgdb trashing kernel memory
when it connects.

PR:		amd64/108673
Submitted by:	Ravi Murty, Nikhil Rao @ Intel
MFC after:	3 days
2007-02-05 21:48:32 +00:00
John Polstra
bd4dbd7879 Use egrep instead of grep so that reporting of login failures (broken
by revision 1.6) works again.  This fix is already in RELENG_6, but was
never committed to HEAD.
2007-02-05 16:36:25 +00:00
Colin Percival
a16b1c1fd9 If (a == NULL), don't dereference (a) to record an error message. [1]
Fallout from changing the skip API to use off_t instead of size_t: Print
the skip length using %jd and cast to (intmax_t) instead of %d / (int),
and if ARCHIVE_API_VERSION >= 2, allow the client skipper to be called
for requests longer than SSIZE_MAX. [2]

Approved by:	kientzle
Pointy hats to:	kientzle [1], cperciva [2]
MFC after:	3 days
2007-02-05 16:30:40 +00:00
Bruce M Simpson
e9077dd658 Fix devfs cloning for non-superusers when net.link.tap.user_open is non-zero.
Note: 'ifconfig tapX create' still requires PRIV_NET_IFCREATE privilege.

Reviewed by:	rwatson
2007-02-05 11:29:08 +00:00
Bruce M Simpson
0f919a6720 Forced commit; Vim ate my homework^Wkeystroke.
Fix an incorrect TCP-MD5 key length check for the !FAST_IPSEC case.

PR:		104422, 107520
MFC after:	3 days
2007-02-05 11:18:47 +00:00
Bruce M Simpson
cc67c657e0 Clean up after tun(4) properly; remove routes whose ifp is set to
that of the tun instance even for the !AF_INET case, and properly
remove configured addresses by calling if_purgeaddrs().

Maintain the TUN_DSTADDR behaviour for compatibility with the OS/390
emulator.

MFC after:	3 weeks
PR:		100080
Reviewed by:	bz
2007-02-05 11:15:52 +00:00
Bruce M Simpson
6ede684320 MFC after: 3 days 2007-02-05 11:05:41 +00:00
Kevin Lo
e4d87be479 <sys/sx.h> is unneeded. 2007-02-05 10:33:39 +00:00
Kevin Lo
1c6adfcfdf getopt(3) returns -1, not EOF when out of args. 2007-02-05 07:35:23 +00:00
Alan Cox
3ae3919d0b Change the free page queue lock from a spin mutex to a default (blocking)
mutex.  With the demise of Alpha support, there is no longer a reason for
it to be a spin mutex.
2007-02-05 06:02:55 +00:00
Bruce M Simpson
64e740a352 When fast-forwarding is enabled, do not forward directed IPv4 broadcasts
to locally attached broadcast networks.

Note well: This relies on the layer 2 route cloning behaviour in BSD.

PR:		98799
Tested by:	Dmitry Sergienko
MFC after:	1 week
2007-02-05 00:15:40 +00:00
Tor Egge
0d86a7f7c2 Call pbgetvp() and pbrelvp() instead of setting b_vp directly.
PR:		kern/108151
2007-02-04 23:42:02 +00:00
Lukas Ertl
92fb2d84f5 Add support for another 3G card and update man page accordingly.
The patch from the PR was a little outdated w/regards to the
Vodafone vendor string.

PR:            kern/106033
Submitted by:  Volker Werth <volker_AT_vwsoft.com>
MFC in:        3 days
2007-02-04 22:14:18 +00:00
Ralf S. Engelschall
3181f5556f cleanup code: remove superfluous comma at end of enumeration
declaration, remove useless "break" after exit(3) call, and add a
missing va_end(3) call.
2007-02-04 20:52:57 +00:00
Ralf S. Engelschall
865b0cf06c cleanup code: remove unnecessary and useless void cast
from void-function skip_string().
2007-02-04 20:07:07 +00:00
Ralf S. Engelschall
0c9dffd3af Correct parser by using intended C equality ("==") instead of
assignment ("=") operator.
2007-02-04 20:06:10 +00:00
Ralf S. Engelschall
f615552554 fix bug: avoid dereferencing content of an already free(3)'ed chunk 2007-02-04 20:04:29 +00:00
Philip Paeps
586386f70c Fix hr.iso syscons keymap, making it possible to type < and >.
PR:		conf/105642
Submitted by:	ivoras
MFC after:	3 days
2007-02-04 17:10:18 +00:00
Bruce M Simpson
6501ffa0c1 Typo.
(Oh well, I guess that's the danger of updating two three-letter-named
entities at the same time.)

Submitted by:	Simon L. Nielsen
MFC after:	4 weeks
2007-02-04 16:59:50 +00:00
Bruce M Simpson
9bb9973c66 Be explicit in examples about the correct grammar for 'alias' and
'-alias', and that 'add' and 'delete are in fact synonyms for these
in the ifconfig(8) grammar.

Use network prefixes explicitly specified in IETF RFCs for
documentation purposes. (bz)

PR:		102701
MFC after:	1 day
See also:	RFC 3330, RFC 3849
Submitted by:	bz
2007-02-04 16:48:56 +00:00
Bruce M Simpson
cd83bbd2aa Implement ifnet cloning for tun(4)/tap(4).
Make devfs cloning a sysctl/tunable which defaults to on.

If devfs cloning is enabled, only the super-user may create
tun(4)/tap(4)/vmnet(4) instances. Devfs cloning is still enabled by
default; it may be disabled from the loader or via sysctl with
"net.link.tap.devfs_cloning" and "net.link.tun.devfs_cloning".

Disabling its use affects potentially all tun(4)/tap(4) consumers
including OpenSSH, OpenVPN and VMware.

PR:		105228 (potentially also 90413, 105570)
Submitted by:	Landon Fuller
Tested by:	Andrej Tobola
Approved by:	core (rwatson)
MFC after:	4 weeks
2007-02-04 16:32:46 +00:00
Mike Pritchard
aecf742ea2 Document that quotas must be turned off on a file system and
then turned back on in order for grace time changes to take
effect.
2007-02-04 14:26:01 +00:00
Mike Pritchard
f5374712ce If a user is over both the soft block limit and soft i-node
limit, quota will report one of the grace times incorrectly.
This is due to it storing the result in a static buffer, and the
routine being called like:
	printf("....", ..., timeprnt(btime), timeprnt(itime), ...)

The problem becomes very obvious if you change one of the default
grace periods to be much larger than the other one.

Changed timeprnt to dynamically allocate the string to be displayed.
2007-02-04 14:06:58 +00:00
Shteryana Shopova
ffdddc92b4 Remove all #if __FreeBSD_version checks now that RSTP support has been
MFCed to RELENG_6. We no longer need that to compile the bridge module
under both RELENG_6 and CURRENT.

Approved by:	bz (mentor)
2007-02-04 13:31:05 +00:00
Jean-Sébastien Pédron
5a10830e1a Synaptics TouchPad seems to go back to Relative Mode after the call
to set_controller_command_byte() call; by issueing a Read Mode Byte
command, the touchpad is in Absolute Mode again.

This problem occursed at least on Asus V6V laptops.
2007-02-04 12:47:52 +00:00
Mike Pritchard
f4bce9c11d Expand this man page to provide some details on the structure
of the quota data files and how they are maintained.
2007-02-04 07:44:40 +00:00
Joel Dahl
5bcbb3c5e8 Orion originally wrote and added these files in 2002/2003, so with his
approval, change the copyright statement to point at him instead of
"FreeBSD, Inc".

Encouraged by:	rwatson
Reviewed by:	imp
Discussed with and approved by:	orion
2007-02-04 06:52:33 +00:00
Mike Pritchard
522883b87f If quotacheck or edquota reset the block or inode grace time for
a user or group, when the kernel first sees this, it will update
the grace time value.  However, it never flags the quota as modified
and the updated value never makes it to the quota data file unless
the user actually makes some other change that would write the
data out.

Fixed to flag the quota as modified if the soft limit has actually
been reached and should be now enforced.
2007-02-04 06:46:57 +00:00
Warner Losh
6ae9968c9a Document the init_chroot and init_script variables.
# I didn't check the markup too closely, so doc people, please check

Submitted by: Oliver Fromme
2007-02-04 06:35:10 +00:00
Mike Pritchard
fbb42904c4 If two files systems, /a and /b are marked as having quotas enabled
in fstab and they are normally mounted as /a/b, if /b is not mounted,
the various quota utilities will incorrectly operate with the quotas on
/a (silently) when operations are attemted on /b.

Sync up all the hasquota() routines between all the different
quota utilities and change it to detect if the file system we are
attempting to perform quota operations on is not currently mounted
and warn the user accordingly.

PR:	bin/38918
2007-02-04 06:33:15 +00:00
Warner Losh
1a7bec91fb Patches to allow one to allow one to specify a directory to chroot to.
This includes support for running a script to setup that directory.
The kenv variables init_chroot and init_script control this behavior,
and are documented in loader(8) that's about to be committed (along
with the other variables like init_path...).

Submitted by: Oliver Fromme
Reviewed by: myself, jhb (earlier versions)
2007-02-04 06:33:13 +00:00
Sam Leffler
f3b179a4b1 clear/reclaim challenge text when switching auth mode and operating as an ap
Obtained from:	Atheros
2007-02-04 05:49:16 +00:00
Mike Pritchard
dbbc0c8312 If quotas are not currently enabled for a file system, edquota -p
will operate directly on the quota file.  It will incorrectly write
the prototype user's usage information for each new quota it sets.

Fixed to read in the current quota information and update the
file correctly.

If quotas are enabled the kernel handles this case fine.

PR:	bin/15410
2007-02-04 01:41:32 +00:00
Alan Cox
055867a06c Include opt_ipdivert.h so that the message announcing ipfw correctly
describes the state of IPDIVERT.
2007-02-03 22:11:53 +00:00
Florent Thoumie
2b5fb13e20 Fix build (sc->dev => sc->sc_dev). 2007-02-03 21:11:11 +00:00
Rink Springer
cece26a63a Add support for the NetCell NC3000/5000 series SATA RAID cards.
Reviewed by:	sos
Approved by:	imp (mentor)
MFC after:	1 week
2007-02-03 20:12:00 +00:00
Christian Brueffer
18d68737c0 Xref altq(4). 2007-02-03 20:02:29 +00:00
Christian Brueffer
a10696f6ba Xref altq(4). 2007-02-03 19:29:31 +00:00
Warner Losh
df96f93d49 It turns out we were mallocing too early, so move the allocation so we
don't leak.
2007-02-03 19:11:09 +00:00