1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-19 10:53:58 +00:00
Commit Graph

849 Commits

Author SHA1 Message Date
Andre Oppermann
9188b4a169 Introduce ip_fastforward and remove ip_flow.
Short description of ip_fastforward:

 o adds full direct process-to-completion IPv4 forwarding code
 o handles ip fragmentation incl. hw support (ip_flow did not)
 o sends icmp needfrag to source if DF is set (ip_flow did not)
 o supports ipfw and ipfilter (ip_flow did not)
 o supports divert, ipfw fwd and ipfilter nat (ip_flow did not)
 o returns anything it can't handle back to normal ip_input

Enable with sysctl -w net.inet.ip.fastforwarding=1

Reviewed by:	sam (mentor)
2003-11-14 21:02:22 +00:00
Alfred Perlstein
1bf8720450 University of Michigan's Citi NFSv4 kernel client code.
Submitted by: Jim Rees <rees@umich.edu>
2003-11-14 20:54:10 +00:00
Hajimu UMEMOTO
543729cf93 avoid module name conflict with opencrypto/rijndael.c.
Reported by:	tinderbox
2003-11-12 04:22:37 +00:00
Robert Watson
eca8a663d4 Modify the MAC Framework so that instead of embedding a (struct label)
in various kernel objects to represent security data, we embed a
(struct label *) pointer, which now references labels allocated using
a UMA zone (mac_label.c).  This allows the size and shape of struct
label to be varied without changing the size and shape of these kernel
objects, which become part of the frozen ABI with 5-STABLE.  This opens
the door for boot-time selection of the number of label slots, and hence
changes to the bound on the number of simultaneous labeled policies
at boot-time instead of compile-time.  This also makes it easier to
embed label references in new objects as required for locking/caching
with fine-grained network stack locking, such as inpcb structures.

This change also moves us further in the direction of hiding the
structure of kernel objects from MAC policy modules, not to mention
dramatically reducing the number of '&' symbols appearing in both the
MAC Framework and MAC policy modules, and improving readability.

While this results in minimal performance change with MAC enabled, it
will observably shrink the size of a number of critical kernel data
structures for the !MAC case, and should have a small (but measurable)
performance benefit (i.e., struct vnode, struct socket) do to memory
conservation and reduced cost of zeroing memory.

NOTE: Users of MAC must recompile their kernel and all MAC modules as a
result of this change.  Because this is an API change, third party
MAC modules will also need to be updated to make less use of the '&'
symbol.

Suggestions from:	bmilekic
Obtained from:		TrustedBSD Project
Sponsored by:		DARPA, Network Associates Laboratories
2003-11-12 03:14:31 +00:00
John Baldwin
961a7b244d Add an implementation of turnstiles and change the sleep mutex code to use
turnstiles to implement blocking isntead of implementing a thread queue
directly.  These turnstiles are somewhat similar to those used in Solaris 7
as described in Solaris Internals but are also different.

Turnstiles do not come out of a fixed-sized pool.  Rather, each thread is
assigned a turnstile when it is created that it frees when it is destroyed.
When a thread blocks on a lock, it donates its turnstile to that lock to
serve as queue of blocked threads.  The queue associated with a given lock
is found by a lookup in a simple hash table.  The turnstile itself is
protected by a lock associated with its entry in the hash table.  This
means that sched_lock is no longer needed to contest on a mutex.  Instead,
sched_lock is only used when manipulating run queues or thread priorities.
Turnstiles also implement priority propagation inherently.

Currently turnstiles only support mutexes.  Eventually, however, turnstiles
may grow two queue's to support a non-sleepable reader/writer lock
implementation.  For more details, see the comments in sys/turnstile.h and
kern/subr_turnstile.c.

The two primary advantages from the turnstile code include: 1) the size
of struct mutex shrinks by four pointers as it no longer stores the
thread queue linkages directly, and 2) less contention on sched_lock in
SMP systems including the ability for multiple CPUs to contend on different
locks simultaneously (not that this last detail is necessarily that much of
a big win).  Note that 1) means that this commit is a kernel ABI breaker,
so don't mix old modules with a new kernel and vice versa.

Tested on:	i386 SMP, sparc64 SMP, alpha SMP
2003-11-11 22:07:29 +00:00
Hajimu UMEMOTO
34d78ec3f1 cleanup rijndael API.
since there are naming conflicts with opencrypto, #define was
added to rename functions intend to avoid conflicts.

Obtained from:	KAME
2003-11-11 18:58:54 +00:00
Hajimu UMEMOTO
db54001806 enable aes-xcbc-mac and aes-ctr, again. 2003-11-10 10:39:14 +00:00
Hartmut Brandt
ed91f9a547 Allow the ng_uni node (NgATM signalling layer) to be built into the
kernel via options NGATM_UNI.
2003-11-07 09:18:53 +00:00
Scott Long
126f0dfa3a Hook the udf_iconv module up to the kernel build.
Submitted by: imura@ryu16.org
2003-11-05 06:38:14 +00:00
Hartmut Brandt
ec7ceac96a Put address handling, traffic descriptor handling and message encoding
and decoding into the atmbase module when compiled directly into the kernel.
2003-11-03 12:05:58 +00:00
Poul-Henning Kamp
5843f50d9b Change /dev/soekris-errled to be /dev/led/error and make it conditional
on CPU_SOEKRIS.

Note the subtle change in semantfics for 'f%d' flash instruction and the
new morse facility (see details in dev/led/led.c)
2003-11-03 11:03:40 +00:00
Hartmut Brandt
027ebd2f39 Allow building the NgATM SAAL layer directly into the kernel. 2003-10-27 11:19:08 +00:00
Hidetoshi Shimokawa
ffbfc256fc Revert previous change.
We have to put dcons_crom at first after 'optional' and
dcons and firewire are necessary and not optional for dcons_crom anyway.

Reported by: brooks
2003-10-26 07:42:32 +00:00
Hidetoshi Shimokawa
b604f6e80f dcons_crom.c needs dcons and firewire. 2003-10-25 12:59:22 +00:00
Hidetoshi Shimokawa
869093b15d Add dumb console driver and related bits.
dcons(4): very simple console and gdb port driver
dcons_crom(4): FireWire attachment
dconschat(8): User interface to dcons

Tested with: i386, i386-PAE, and sparc64.
2003-10-24 15:44:10 +00:00
Robert Watson
5d79de444b Hook up to the build for options MAC:
security/mac/mac_net.c
	security/mac/mac_pipe.c
	security/mac/mac_process.c
	security/mac/mac_system.c
	security/mac/mac_vfs.c

Note: Here begins a period of NOTES/LINT build breakage due to duplicate
symbols that will shortly be removed from kern_mac.c.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:39:33 +00:00
Hajimu UMEMOTO
9132d5071c - revert to old rijndael code. new rijndael code broke gbde.
- since aes-xcbc-mac and aes-ctr require functions in new
  rijndael code, aes-xcbc-mac and aes-ctr are disabled for now.
2003-10-19 21:28:34 +00:00
Hidetoshi Shimokawa
e9e688e243 Add SBP-II target mode driver.
Though this is still incomplete and has some missing features such as
exclusive login and event notification, it may be enough for someone
who wants to play with it.

This driver is supposed to work with firewire(4), targ(4) of CAM(4)
and scsi_target(8) which can be found in /usr/share/example/scsi_target.
This driver doesn't require sbp(4) which implements initiator mode.

Sample configuration:

Kernel: (you can use modules as well)
device	firewire
device	scbus
device	targ
device	sbp_targ

After reboot:
# mdconfig -a -t malloc -s 10m
md0
# scsi_target 0:0:0 /dev/md0
(Assuming sbp_targ0 on scbus0)

You should find the 10MB HDD on FreeBSD/MacOS X/WinXP or whatever connected
to the target using FireWire.

Manpage is not finished yet.
2003-10-18 05:41:31 +00:00
Poul-Henning Kamp
db25ce18d8 Make sure to pull in all relevant crypto for GEOM_BDE 2003-10-15 08:53:04 +00:00
Hajimu UMEMOTO
66c7fe4056 use BF_ecb_encrypt().
Obtained from:	KAME
2003-10-13 19:26:08 +00:00
Hajimu UMEMOTO
b42ac57f4f - support AES counter mode for ESP.
- use size_t as return type of schedlen(), as there's no error
  check needed.
- clear key schedule buffer before freeing.

Obtained from:	KAME
2003-10-13 14:57:41 +00:00
Hajimu UMEMOTO
c65ee7c758 - support AES XCBC MAC for AH
- correct SADB_X_AALG_RIPEMD160HMAC to 8

Obtained from:	KAME
2003-10-13 04:54:51 +00:00
Hajimu UMEMOTO
3dbacd2651 use opencrypto for RMD160.
Requested by:	sam
2003-10-12 18:25:38 +00:00
Hajimu UMEMOTO
492528c051 - RIPEMD160 support
- pass size arg to ah->result (avoid assuming result buffer size)

Obtained from:	KAME
2003-10-12 09:41:42 +00:00
Hajimu UMEMOTO
8373d51d4b randomize IPv6 fragment ID.
Obtained from:	KAME
2003-10-01 15:13:29 +00:00
Poul-Henning Kamp
b294143142 Introduce no_poll() default method for device drivers. Have it
do exactly the same as vop_nopoll() for consistency and put a
comment in the two pointing at each other.

Retire seltrue() in favour of no_poll().

Create private default functions in kern_conf.c instead of public
ones.

Change default strategy to return the bio with ENODEV instead of
doing nothing which would lead the bio stranded.

Retire public nullopen() and nullclose() as well as the entire band
of public no{read,write,ioctl,mmap,kqfilter,strategy,poll,dump}
funtions, they are the default actions now.

Move the final two trivial functions from subr_xxx.c to kern_conf.c
and retire the now empty subr_xxx.c
2003-09-27 12:53:33 +00:00
Max Khon
c4f02a891f - Support for multibyte charsets in LIBICONV.
- CD9660_ICONV, NTFS_ICONV and MSDOSFS_ICONV kernel options
(with corresponding modules).
- kiconv(3) for loadable charset conversion tables support.

Submitted by:	Ryuichiro Imura <imura@ryu16.org>
2003-09-26 20:26:25 +00:00
Takanori Watanabe
0d62746979 Add uart pccard attachment decription on conf/files, too.
Pointed out by: ru
2003-09-14 17:02:59 +00:00
Bill Paul
9bac70b851 Add a PHY driver to support the built-in gigE PHY in the 8169S/8110S
ethernet chips. This driver is pretty simple, however it contains
special DSP initialization code which is needed in order to get
the chip to negotiate a gigE link. (This special initialization
may not be needed in subsequent chip revs.) Also:

- Fix typo in if_rlreg.h (RL_GMEDIASTAT_1000MPS -> RL_GMEDIASTAT_1000MBPS)

- Deal with shared interrupts in re_intr(): if interface isn't up,
  return.

- Fix another bug in re_gmii_writereg() (properly apply data field mask)

- Allow PHY driver to read the RL_GMEDIASTAT register via the
  re_gmii_readreg() register (this is register needed to determine
  real time link/media status).
2003-09-11 03:53:46 +00:00
Bill Paul
b9f78d2b4a Add a device driver for the Broadcom BCM4401 ethernet controller,
written by Stuart Walsh and Duncan Barclay (with some kibbitzing by
me). I'm checking it in on Stuart's behalf.

The BCM4401 is built into several x86 laptop and desktop systems. For the
moment, I have only enabled it in the x86 kernel config because although
it's a PCI device, I haven't heard of any standalone NICs that use it. If
somebody knows of one, we can easily add it to the other arches.

This driver uses register/structure data gleaned from the Linux
driver released by Broadcom, but does not contain any of the code
from the Linux driver itself. It uses busdma.
2003-09-09 18:17:23 +00:00
Eric Anholt
a1810e1513 Hook the SiS DRM up to the build
Sponsored by:	LinuxFund
2003-09-09 00:29:02 +00:00
Bill Paul
a94100fa9b Take the support for the 8139C+/8169/8169S/8110S chips out of the
rl(4) driver and put it in a new re(4) driver. The re(4) driver shares
the if_rlreg.h file with rl(4) but is a separate module. (Ultimately
I may change this. For now, it's convenient.)

rl(4) has been modified so that it will never attach to an 8139C+
chip, leaving it to re(4) instead. Only re(4) has the PCI IDs to
match the 8169/8169S/8110S gigE chips. if_re.c contains the same
basic code that was originally bolted onto if_rl.c, with the
following updates:

- Added support for jumbo frames. Currently, there seems to be
  a limit of approximately 6200 bytes for jumbo frames on transmit.
  (This was determined via experimentation.) The 8169S/8110S chips
  apparently are limited to 7.5K frames on transmit. This may require
  some more work, though the framework to handle jumbo frames on RX
  is in place: the re_rxeof() routine will gather up frames than span
  multiple 2K clusters into a single mbuf list.

- Fixed bug in re_txeof(): if we reap some of the TX buffers,
  but there are still some pending, re-arm the timer before exiting
  re_txeof() so that another timeout interrupt will be generated, just
  in case re_start() doesn't do it for us.

- Handle the 'link state changed' interrupt

- Fix a detach bug. If re(4) is loaded as a module, and you do
  tcpdump -i re0, then you do 'kldunload if_re,' the system will
  panic after a few seconds. This happens because ether_ifdetach()
  ends up calling the BPF detach code, which notices the interface
  is in promiscuous mode and tries to switch promisc mode off while
  detaching the BPF listner. This ultimately results in a call
  to re_ioctl() (due to SIOCSIFFLAGS), which in turn calls re_init()
  to handle the IFF_PROMISC flag change. Unfortunately, calling re_init()
  here turns the chip back on and restarts the 1-second timeout loop
  that drives re_tick(). By the time the timeout fires, if_re.ko
  has been unloaded, which results in a call to invalid code and
  blows up the system.

  To fix this, I cleared the IFF_UP flag before calling ether_ifdetach(),
  which stops the ioctl routine from trying to reset the chip.

- Modified comments in re_rxeof() relating to the difference in
  RX descriptor status bit layout between the 8139C+ and the gigE
  chips. The layout is different because the frame length field
  was expanded from 12 bits to 13, and they got rid of one of the
  status bits to make room.

- Add diagnostic code (re_diag()) to test for the case where a user
  has installed a broken 32-bit 8169 PCI NIC in a 64-bit slot. Some
  NICs have the REQ64# and ACK64# lines connected even though the
  board is 32-bit only (in this case, they should be pulled high).
  This fools the chip into doing 64-bit DMA transfers even though
  there is no 64-bit data path. To detect this, re_diag() puts the
  chip into digital loopback mode and sets the receiver to promiscuous
  mode, then initiates a single 64-byte packet transmission. The
  frame is echoed back to the host, and if the frame contents are
  intact, we know DMA is working correctly, otherwise we complain
  loudly on the console and abort the device attach. (At the moment,
  I don't know of any way to work around the problem other than
  physically modifying the board, so until/unless I can think of a
  software workaround, this will have do to.)

- Created re(4) man page

- Modified rlphy.c to allow re(4) to attach as well as rl(4).

Note that this code works for the sample 8169/Marvell 88E1000 NIC
that I have, but probably won't work for the 8169S/8110S chips.
RealTek has sent me some sample NICs, but they haven't arrived yet.
I will probably need to add an rlgphy driver to handle the on-board
PHY in the 8169S/8110S (it needs special DSP initialization).
2003-09-08 02:11:25 +00:00
Warner Losh
4d60276b05 Add proper pc98 MD files. Add a commented out cbus attachment for
uart because that depends on the cbus implementation that nyan-san and
I came up with after the CBUG meeting and not yet ready for the tree.
2003-09-07 05:05:40 +00:00
Marcel Moolenaar
2bec1c8919 Hook-up the uart(4) driver to the build. For a detailed description
of what uart(4) is and/or is not see the initial commit log of one
of the files in sys/dev/uart (or see share/man/man4/uart.4).

Note that currently pc98 shares the MD file with i386. This needs
to change when pc98 support is fleshed-out to properly support the
various UARTs. A good example is sparc64 in this respect.

We build uart(4) as a module on all platforms. This may break
the ppc port. That depends on whether they do actually build
modules.

To use uart(4) on alpha, one must use the NO_SIO option.
2003-09-06 23:23:26 +00:00
Marcel Moolenaar
dc7d0dea12 Enhance puc(4) to support uart(4). This includes:
o  Introduce PUC_PORT_TYPE_UART so that we can attach to uart(4),
o  Introduce port sub-types (eg PUC_PORT_UART_NS8250, PUC_PORT_UART_Z8530)
   to handle different hardware and determine resource sizes.
o  Introduce two new IVARs: PUC_IVAR_SUBTYPE and PUC_IVAR_REGSHFT. Both
   are used by uart(4) to get sufficient information to talk to the HW.
o  Introduce PUC_FLAGS_ALTRES to tell puc(4) to try memory mapped I/O
   if I/O port space cannot be allocated, or vice versa.
o  Have ports of type PUC_PORT_TYPE_COM attach to uart(1) if attaching
   to sio(4) fails (due to not having the sio driver).
o  Put struct puc_device_description in struct puc_softc instead of
   having a pointer to a device description in the softc. This allows
   us to create device descriptions on the fly without having to use
   malloc() or otherwise have them staticly defined.
o  Move puc_find_description() from puc.c to puc_pci.c as it's specific
   to PCI.
o  Add EBUS and SBUS frontends for use on sparc64. Note that the P in
   puc stands for PCI, so we kinda mess things up here. It's too soon
   to worry about it though. We'll know what to do about it in time.

NOTE: This commit changes the behaviour of puc(4) to not quieten the
device probe and attach for child devices. The uart(4) driver provides
additional device description that is valuable to have.
2003-09-06 21:48:50 +00:00
Nate Lawson
ad1fdf57d2 Use the ACPICA AcpiEnterSleepStateS4bios instead of rolling our own. This
change also disables interrupts around non-S4 suspends whereas before we
did not do this.  Our version of AcpiEnterSleepStateS4bios was almost
identical to the ACPICA version.
2003-08-29 04:02:19 +00:00
Søren Schmidt
5fdbb0d222 This is a major rework of the ATA driver (ATAng)
Restructure the way ATA/ATAPI commands are processed, use a common
ata_request structure for both. This centralises the way requests
are handled so locking is much easier to handle.

The driver is now layered much more cleanly to seperate the lowlevel
HW access so it can be tailored to specific controllers without touching
the upper layers. This is needed to support some of the newer
semi-intelligent ATA controllers showing up.

The top level drivers (disk, ATAPI devices) are more or less still
the same with just corrections to use the new interface.

Pull ATA out from under Gaint now that locking can be done in a sane way.

Add support for a the National Geode SC1100. Thanks to Soekris engineering
for sponsoring a Soekris 4801 to make this support.

Fixed alot of small bugs in the chipset code for various chips now
we are around in that corner anyways.
2003-08-24 09:22:26 +00:00
Robert Watson
782f725560 Hook up mac_stub to the modules Makefile.
Hook up mac_stub in files and options.
Reference mac_stub in NOTES.
2003-08-21 16:48:39 +00:00
Alexander Langer
30e27d9623 Add a overhaul of the soundchip initialization for the MSP34xx chipsets
found only many tv-cards.

We currently use more ore less evil hacks (slow_msp_audio sysctl) to
configure the various variants of these chips in order to have
stereo autodetection work.  Nevertheless, this doesn't always work
even though it _should_, according to the specs.
This is, for example, the case for some popular Hauppauge models sold
sold in Germany.

However, the Linux driver always worked for me and others.  Looking at
the sourcecode you will find that the linux-driver uses a very much
enhanced approach to program the various msp34xx chipset variants,
which is also found in the specs for these chips.

This is a port of the Linux MSP34xx code, written by Gerd Knorr
<kraxel@bytesex.org>, who agreed to re-release his code under a
BSD license for this port.

A new config option "BKTR_NEW_MSP34XX_DRIVER" is added, which is required
to enable the new driver.  Otherwise the old code is used.

The msp34xx.c file is diff-reduced to the linux-driver to make later
modifications easier, thus it doesn't follow style(9) in most cases.

Approved by:	roger (committing this, no time to test/review),
		keichii (code review)
2003-08-12 09:45:34 +00:00
Hartmut Brandt
ee4080d424 Add ng_atmpif: a HARP physical interface emulation. This allows one
to run the HARP ATM stack without real hardware.

Submitted by:	Vincent Jardin <vjardin@wanadoo.fr>
2003-08-11 08:40:02 +00:00
Nate Lawson
327f90d8cc Remove nowerror from some files that no longer generate warnings. 2003-08-07 15:51:35 +00:00
Bernd Walter
c4aebdb06c relocate eisa into MI files.
Suggested by:	jhb
2003-07-22 11:41:15 +00:00
Sam Leffler
fc66b6e994 safenet driver config glue
Sponsored by:   Global Technology Associates, Inc.
2003-07-21 21:50:41 +00:00
Hartmut Brandt
58aa55efa5 This is a pseudo physical interface for the HARP ATM stack. When loaded
it attaches to all existing NATM network interfaces in the system
and creates a HARP physical interface for each of them. This allows
us to use the same set of ATM drivers for all ATM stuff. It is
possible to use the same interface for HARP, NATM and netgraph at the
same time.
2003-07-21 13:56:22 +00:00
Poul-Henning Kamp
e9c0cc157b Merge swap_pager.c and vm_swap.c into swap_pager.c, the separation
is not natural and needlessly exposes a lot of dirty laundry.

Move private interfaces between the two from swap_pager.h to swap_pager.c
and staticize as much as possible.

No functional change.
2003-07-18 10:02:44 +00:00
John-Mark Gurney
45dd937507 make usb bus_dma aware.
Reviewed by:	joe among others
2003-07-15 22:42:37 +00:00
Hartmut Brandt
8dd4275c36 This is a driver for IDT77252 based ATM interfaces. It has been tested
with a ProATM-155 and an IDT evaluation board and should also work
with a ProATM-25 (it seems to work at least, I cannot really measure
what the card emits). The driver has been tested on i386 and sparc64,
but should work an other archs also. It supports UBR, CBR, ABR and VBR;
AAL0, AAL5 and AALraw. As an additional feature VCI/VPI 0/0 can be
opened for receiving in AALraw mode and receives all cells not claimed
by other open VCs (even cells with invalid GFC, VPI and VCI fields and
OAM cells).

Thanks to Christian Bucari from ProSum for lending two cards and answering
my questions.
2003-07-15 11:57:24 +00:00
Hartmut Brandt
7e9024cdd9 Add a facility for devices, specifically network interfaces, that require
large to huge amounts of small or medium sized receive buffers. The problem
with these situations is that they eat up the available DMA address space
very quickly when using mbufs or even mbuf clusters. Additionally this
facility provides a direct mapping between 32-bit integers and these buffers.
This is needed for devices originally designed for 32-bit systems. Ususally
the virtual address of the buffer is used as a handle to find the buffer as
soon as it is returned by the card. This does not work for 64-bit machines
and hence this mapping is needed.
2003-07-15 08:59:38 +00:00
Nate Lawson
1fd53fb949 Add dmobject.c to sys/conf/files also. While I'm here, remove unnecessary
nowerror options for the ACPI_DEBUG build case.
2003-07-14 17:43:09 +00:00
John Baldwin
2c8b8ff8cf - Fix the kernel build for configurations that include pci but not isa by
having the PCI-ISA bridge driver depend on both pci and isa.
- Have the PCI-EISA bridge driver depend on both pci and eisa as well.
- Make acpi_isab.c depend on acpi and isa.

Submitted by:	Marius Strobl <marius@alchemy.franken.de> (1,2)
2003-07-09 16:14:10 +00:00