process is a non-prison root. The security.jail.allow_raw_sockets
sysctl variable is disabled by default, however if the user enables
raw sockets in prisons, prison-root should not be able to interact
with firewall rule sets.
Approved by: rwatson, bmilekic (mentor)
WRT manipulating capabilities of the parent interface:
- use ioctl(SIOCSIFCAP) to toggle VLAN_MTU (the way that was done
before was just wrong);
- use the right order of conditional clauses to set the MTU fudge
(that is logically independent from toggling VLAN_MTU.)
This splits the driver into a bus-independant backend, plus bus-specific
frontends. The old pcf(4) (i386/ISA) frontend is now in pcf_isa.c, the
frontend in envctrl.c is for sparc64/Ebus2 (Sun device name: SUNW,envctrl
from Sun E450 machines). More frontends are expected to appear in future.
This is not yet ready for public consumption, but it basically works.
Nicolas will bring over his ISA-specific fixes soon.
Reviewed by: nsouch
repo-copied over from src/sys/i386/isa/pcf.c which will be removed
from the old location as soon as the new stuff here is ready for the
masses.
The intention is to work up the old pcf(4) driver to become machine
independant, so it can be used for any PCF8584-controller I2C bus.
1. Contrary to the Single Unix Specification our implementation of
munlock(2) when performed on an unwired virtual address range has
returned an error. Correct this. Note, however, that the behavior
of "system" unwiring is unchanged, only "user" unwiring is changed.
If "system" unwiring is performed on an unwired virtual address
range, an error is still returned.
2. Performing an errant "system" unwiring on a virtual address range
that was "user" (i.e., mlock(2)) but not "system" wired would
incorrectly undo the "user" wiring instead of returning an error.
Correct this.
Discussed with: green@
Reviewed by: tegge@
* Add calls to AcpiSetGpeType. We use wake/run as the type for lid and
button switches since wake-only causes Thinkpads to immediately wake on
the second suspend. Note that with wake/run, some systems return both
wake and device-specific notifies so we don't register for system notifies
for lid and button switches.
* Remove the hw.acpi.osi_method tunable since it is not needed.
* Always print unknown notifies for all types.
* Add more cleanup for the EC if it fails to attach.
* Use the GPE handle now that we parse it. This allows GPEs to be defined
in AML GPE blocks.
* Always use ACPI_NOT_ISR since it's ok to acquire a mutex in our thread
which processes queued requests.
