1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-24 11:29:10 +00:00
Commit Graph

34309 Commits

Author SHA1 Message Date
David Greenman
9e63574ea4 Moved sf_buf_alloc and sf_buf_free function declarations to sys/socketvar.h
so that they can be seen by external callers.
2002-08-13 19:03:19 +00:00
David Greenman
a370c70055 Remove obsolete comment about sf_buf_* functions being static. They were
made un-static in rev 1.114.
2002-08-13 18:20:08 +00:00
Maxime Henrion
bf20c7a3f2 Forward define struct iovec instead of including
sys/uio.h and polluting the namespace even more.
2002-08-13 16:20:12 +00:00
Robert Watson
f6d4af7c72 Define 'struct label' in _label.h rather than mac.h, which will permit
us to reduce namespace pollution by doing a nested include of _label.h
rather than mac.h.  mac.h contains lots of baggage, whereas _label.h
contains much less.  A follow-up sweep to change nested inclusion will
follow.  The problem regarding exporting 'struct label' to userland
due to excessive exporting of kernel structures to userland still
needs to be resolved.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
Suggested by:	bde
2002-08-13 15:54:28 +00:00
Ruslan Ermilov
8d2987d91e mdoc(7) police: Get rid of hard sentence breaks. 2002-08-13 15:09:33 +00:00
Ruslan Ermilov
be0056cdab mdoc(7) police: revert unapproved changes in rev. 1.43, added missing markup bits in rev. 1.45. 2002-08-13 15:06:48 +00:00
Yoshihiro Takahashi
335794c03b MFi386: revisions 1.354 and 1.356.
Remove the mpt driver entry.
2002-08-13 12:25:01 +00:00
Poul-Henning Kamp
18280bc653 Expand the arguments to ffs_ext{read,write}() to their component
parts rather than use vop_{read,write}_args.  Access to these
functions will ultimately not be available through the
"vop_{read,write}+IO_EXT" API but this functionality is retained
for debugging purposes for now.

Sponsored by: DARPA & NAI Labs.
2002-08-13 11:33:01 +00:00
Poul-Henning Kamp
6f21160218 Remember to unlock the (optional) vnode in vfs_stdextattrctl(). Failing
to do this made the following script hang:

	#!/bin/sh
	set -ex

	extattrctl start /tmp
	extattrctl initattr 64 /tmp/EA00
	extattrctl enable /tmp user ea00 /tmp/EA00
	extattrctl showattr /tmp/EA00

if the filesystem backing /tmp did not support EAs.

The real solution is probably to have the extattrctl syscall do the
unlocking rather than depend on the filesystem to do it.  Considering
that extattrctl is going to be made obsolete anyway, this has dogwash
priority.

Sponsored by:	DARPA & NAI Labs.
2002-08-13 11:11:51 +00:00
Poul-Henning Kamp
8ede8cbc50 Realign columns in DDB's ps output. Don't waste more horizontal space than
necessary.
2002-08-13 11:06:54 +00:00
Poul-Henning Kamp
d6fe88e475 Unravel the UFS_EXTATTR incest between FFS and UFS: UFS_EXTATTR is an
UFS only thing, and FFS should in principle not know if it is enabled
or not.

This commit cleans ffs_vnops.c for such knowledge, but not ffs_vfsops.c

Sponsored by: DARPA and NAI Labs.
2002-08-13 10:33:57 +00:00
Poul-Henning Kamp
7f52a691f0 Add a #include for <sys/mount.h> 2002-08-13 10:07:05 +00:00
Poul-Henning Kamp
9bf1a75697 Introduce typedefs for the member functions of struct vfsops and employ
these in the main filesystems.  This does not change the resulting code
but makes the source a little bit more grepable.

Sponsored by:	DARPA and NAI Labs.
2002-08-13 10:05:50 +00:00
Alfred Perlstein
149004e99d Make SYSVSEM mpsafe. Each semaphore set gets its own lock, however
there is a global lock over the undo structures because of the way
they are managed.

Switch to using SLIST instead of rolling our own linked list.

Fix several races where a permission check was done before a
copyin/copyout, if the copy happened to fault it may have been
possible to race for access to a semaphore set that one shouldn't
have access to.

Requested by: rwatson
Tested by: NetBSD regression suite.
2002-08-13 08:47:17 +00:00
Alfred Perlstein
4b6ef3a176 Make SYSVMSG mpsafe. Right now there is a global lock over the
entire subsystem, we could move to per-message queue locks, however
the messages themselves seem to come from a global pool and to avoid
over-locking this code (locking individual queues, then the global
pool) I've opted to just do it this way.

Requested by: rwatson
Tested by: NetBSD's regression suite.
2002-08-13 08:00:36 +00:00
Jeff Roberson
619eb6e579 - Hold the vnode lock throughout execve.
- Set VV_TEXT in the top level execve code.
 - Fixup the image activators to deal with the newly locked vnode.
2002-08-13 06:55:28 +00:00
Alan Cox
e9ed460af2 o Remove an unnecessary vm_page_flash() from _pmap_unwire_pte_hold().
Reviewed by:	peter
2002-08-13 06:22:11 +00:00
Jeff Roberson
055c012332 - Extend the vnode_free_list_mtx to cover numvnodes and freevnodes. This
was done only some of the time before, and now it is uniformly applied.
2002-08-13 05:29:48 +00:00
Robert Watson
925860774d Introduce support for labeling and access control of pipe objects
as part of the TrustedBSD MAC framework.  Instrument the creation
and destruction of pipes, as well as relevant operations, with
necessary calls to the MAC framework.  Note that the locking
here is probably not quite right yet, but fixes will be forthcoming.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-13 02:47:13 +00:00
Warner Losh
2ab060eebb don't include redunant \n in panic message 2002-08-12 22:36:18 +00:00
Warner Losh
db64ac4457 Don't redundantly include \n in panic messages 2002-08-12 22:34:12 +00:00
Josef Karthauser
48b68edf14 Update for recent changes in the usb code. 2002-08-12 21:25:06 +00:00
Søren Schmidt
242d59f390 Shut up warning in debug code. 2002-08-12 20:08:00 +00:00
Alan Cox
d837b36904 o Convert three instances of vm_page_sleep_busy() into vm_page_sleep_if_busy()
with page queue locking.
2002-08-12 18:40:18 +00:00
Robert Watson
5c5384fe80 Use the credential authorizing the socket creation operation to perform
the jail check and the MAC socket labeling in socreate().  This handles
socket creation using a cached credential better (such as in the NFS
client code when rebuilding a socket following a disconnect: the new
socket should be created using the nfsmount cached cred, not the cred
of the thread causing the socket to be rebuilt).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 16:49:03 +00:00
Robert Watson
818d7e6d8a Enforce MAC policy in cttyread() as well as the other operations
already instrumented.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 16:45:19 +00:00
Robert Watson
c08b677fb5 Pass IO_NOMACCHECK to vn_rdwr() in the following checks to prevent
enforcement of MAC policy on the read or write operations:

- In ext2fs, don't enforce MAC on loop-back reads and writes supporting
  directory read operations in lookup(), directory modifications in
  rename(), directory write operations in mkdir(), symlink write
  operations in symlink().

- In the NFS client locking code, perform vn_rdwr() on the NFS locking
  socket without enforcing MAC, since the write is done on behalf of
  the kernel NFS implementation rather than the user process.

- In UFS, don't enforce MAC on loop-back reads and writes supporting
  directory read operations in lookup(), and symlink write operations
  in symlink().

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 16:43:04 +00:00
Mark Peek
99c027ed09 Add PCI ID for ICH4 SMBus controller. 2002-08-12 16:22:12 +00:00
Robert Watson
0231c03df4 Implement IO_NOMACCHECK in vn_rdwr() -- perform MAC checks (assuming
'options MAC') as long as IO_NOMACCHECK is not set in the IO flags.
If IO_NOMACCHECK is set, bypass MAC checks in vn_rdwr().  This allows
vn_rdwr() to be used as a utility function inside of file systems
where MAC checks have already been performed, or where the operation
is being done on behalf of the kernel not the user.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI LAbs
2002-08-12 16:15:34 +00:00
Robert Watson
e0852ce2de Correct error handling during MAC transmission check for if_gif.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 16:08:23 +00:00
Mark Peek
eabc182e02 Add PCI ID for the ICH4 AC97 controller. 2002-08-12 15:45:12 +00:00
Robert Watson
4d4c1c5ca2 Depend on opt_mac.h. 2002-08-12 15:27:17 +00:00
Ian Dowse
d8a0d0795b Use roundup2() to avoid a problem where pmap_growkernel was unable
to extend the kernel VM to the maximum possible address of 4G-4M.

PR:		i386/22441
Submitted by:	Bill Carpenter <carp@world.std.com>
Reviewed by:	alc
2002-08-12 10:35:32 +00:00
Poul-Henning Kamp
e179b40f14 Stop pretending that the FFS file ufs_readwrite.c is a UFS file.
Instead of #including it, pull it into ffs_vnops.c and name things
correctly.

Sponsored by:	DARPA & NAI Labs.
2002-08-12 10:32:56 +00:00
Poul-Henning Kamp
851da5d6cf Fix a comment. 2002-08-12 09:22:11 +00:00
Hellmuth Michaelis
866a3fa2bf add support properly displaying and logging incoming telephone numbers (MSNs)
by looking at the "type of number" field and providing configurable hooks
to correct the numbers accordingly. See keywords add-prefix, prefix-national
and prefix-international in isdnd.rc(5).
This feature was implemented by Christian Ullrich <chris@chrullrich.de>
2002-08-12 07:53:55 +00:00
Alfred Perlstein
d7567ff763 add opt_mac.h to SRCS to unbreak module build. 2002-08-12 07:20:15 +00:00
Jennifer Yang
3d6ade3a03 Assert that the inpcb lock is held when calling tcp_output().
Approved by:	hsu
2002-08-12 03:22:46 +00:00
Robert Watson
7ba28492c5 Declare a module service "kernel_mac_support" when MAC support is
enabled and the kernel provides the MAC registration and entry point
service.  Declare a dependency on that module service for any
MAC module registered using mac_policy.h.  For now, hard code the
version as 1, but once we've come up with a versioning policy, we'll
move to a #define of some sort.  In the mean time, this will prevent
loading a MAC module when 'options MAC' isn't present, which (due to
a bug in the kernel linker) can result if the MAC module is preloaded
via loader.conf.

This particular evil recommended by:	peter
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI LAbs
2002-08-12 02:00:21 +00:00
Robert Watson
62c0c26325 Introduce IO_NOMACCHECK, a flag that will be passed to vn_rdwr() to
indicate that the calling code has already performed necessary MAC
checks (if any) for this operation.  This flag will help resolve
layering problems that existing because vn_rdwr() is called both
on behalf of user processes directly (such as in system calls of
various sorts, during core dumps, etc), as well as deep in the file
system code on behalf of the file system (such as in UFS, ext2fs,
etc).  Code that is acting on behalf of a kernel service rather
than explicitly on behalf of a user process will specify this flag.
By default, MAC checks will be performed (and generally should
be performed).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:54:10 +00:00
Robert Watson
22f1120fb6 Add necessary instrumentation to IBCS2 emulation support for mandatory
access control: as with SVR4, very few changes required since almost
all services are implemented by wrapping existing native FreeBSD
system calls.  Only readdir() calls need additional instrumentation.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:45:40 +00:00
Robert Watson
7d834ce78d Enforce MAC policies for the locally implemented vnode services in
SVR4 emulation relating to readdir() and fd_revoke().  All other
services appear to be implemented by simply wrapping existing
FreeBSD native system call implementations, so don't require local
instrumentation in the emulator module.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:42:21 +00:00
Robert Watson
d6b71299d2 Add opt_mac.h to dependencies for svr4 module, since I'm about to
commit the MAC checks for it.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:36:20 +00:00
Robert Watson
9702d65212 Another fix that wasn't pulled in from the MAC branch: the
struct mount is not cached as *mp at this point, so use
vp->v_mount directly, following the check that it's non-NULL.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:24:26 +00:00
Robert Watson
64844747f0 Fix missing parens in MAC readdir() check. This fix was in the MAC
branch, but apparently didn't get moved over when it was made.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:18:33 +00:00
Robert Watson
34a762e335 Teach the OSF/1 emulation layer a little more about mandatory access
control: perform checks during OSF/1 statfs()-related calls by
invoking mac_check_mount_stat().

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-12 01:16:55 +00:00
Matt Jacob
9b63136347 Add support for the LSI-Logic Fusion/MP architecture.
This is an architecture that present a thing message passing interface
to the OS. You can query as to how many ports and what kind are attached
and enable them and so on.

A less grand view is that this is just another way to package SCSI (SPI or
FC) and FC-IP into a one-driver interface set.

This driver support the following hardware:

LSI FC909:	Single channel, 1Gbps, Fibre Channel (FC-SCSI only)
LSI FC929:	Dual Channel, 1-2Gbps, Fibre Channel (FC-SCSI only)
LSI 53c1020:	Single Channel, Ultra4 (320M) (Untested)
LSI 53c1030:	Dual Channel, Ultra4 (320M)

Currently it's in fair shape, but expect a lot of changes over the
next few weeks as it stabilizes.

Credits:

The driver is mostly from some folks from Jeff Roberson's company- I've
been slowly migrating it to broader support that I it came to me as.

The hardware used in developing support came from:

	FC909: LSI-Logic, Advansys (now Connetix)
	FC929: LSI-Logic
	53c1030: Antares Microsystems (they make a very fine board!)

MFC after:	3 weeks
2002-08-11 23:34:20 +00:00
Josef Karthauser
31f48889ad Add the uftdi ucom driver which supports the following adapters:
Inland UAS111
	QVS USC-1000
	HP USB-Serial adapter shipped with some HP laptops

Submitted by:	takawata
MFC After:	7 days
2002-08-11 23:32:33 +00:00
Josef Karthauser
0d7655be61 Regen 2002-08-11 21:19:18 +00:00
Josef Karthauser
4910ddcf3f Add Palm M515.
Submitted by:	Luiz Eduardo Roncato Cordeiro <cordeiro@nic.br>
2002-08-11 21:11:14 +00:00
Robert Drehmel
f6273f8529 - Call a SHT_REL 'relocation section' rather than
'relation section'.
 - Put a space between a word and the end of comment delimiter.
2002-08-11 21:07:50 +00:00
Semen Ustimenko
87df4f8f18 Fix sendfile(), who was calling vn_rdwr() without aresid parameter and
thus hiting EIO at the end of file. This is believed to be a feature
(not a bug) of vn_rdwr(), so we turn it off by supplying aresid param.

Reviewed by:	rwatson, dg
2002-08-11 20:33:11 +00:00
Alan Cox
ad49abc087 o Make a correction to the last change: In aio_cancel(2) return AIO_ALLDONE
instead of EINVAL if p->p_aioinfo is NULL.
2002-08-11 19:04:17 +00:00
David Malone
af338bea64 Make kern.log_console_output a tuneable aswell as a sysctl.
MFC after:	1 week
2002-08-11 18:47:42 +00:00
Hellmuth Michaelis
9ed6ae76c7 add experimental support for Data over Voice (DoV) outgoing calls.
based on patches received from Guy Ellis (guy@traverse.com.au),
Chris Collins (xfire@xware.cx) and Phillip Musumeci (phillip@cs.jcu.edu.au).
2002-08-11 15:47:26 +00:00
Jens Schweikhardt
2b239dd118 Fix typos; each file has at least one s/seperat/separat/
(I skipped those in contrib/, gnu/ and crypto/)
While I was at it, fixed a lot more found by ispell that I
could identify with certainty to be errors. All of these
were in comments or text, not in actual code.

Suggested by:	bde
MFC after:	3 days
2002-08-11 13:05:30 +00:00
Warner Losh
6854d13abc Follow NetBSD's lead and use WI_PORTTYPE_HOSTAP instead of _AP, since
_AP might be used in the future for cards with firmware that does AP in
firmware.
2002-08-11 08:51:08 +00:00
Alan Cox
b6c1f1efa2 o In aio_cancel(2), make sure that p->p_aioinfo isn't NULL before
dereferencing it.

Submitted by:	saureen <sshah@apple.com>
2002-08-11 04:09:14 +00:00
Maxime Henrion
4033e07e8d Don't #ifdef _KERNEL struct vfsconf, mount_smbfs(8)
still uses it.

Submitted by:	jake
2002-08-11 02:03:44 +00:00
Maxime Henrion
136be7151c One declaration for struct xvfsconf is enough. I have
no idea how this happened. :-)

Reported by:	Norman C. Rice <nrice@emu.sourcee.com>
2002-08-11 01:59:11 +00:00
Alan Cox
60582cbe6d o Assert that the page queues lock is held in vm_page_activate(). 2002-08-11 00:21:40 +00:00
Alan Cox
99cb3c4c0f o Lock page queue accesses by vm_page_activate(). 2002-08-11 00:14:10 +00:00
Alan Cox
67ef391e00 o Lock page queue accesses by vm_page_activate(). 2002-08-10 23:53:59 +00:00
Alan Cox
a9911f9a0f o Move a call to vm_page_wakeup() inside the scope of the page queues lock. 2002-08-10 23:27:06 +00:00
Jake Burkholder
5aebb40291 Auto size available kernel virtual address space based on phsyical memory
size.  This avoids blowing out kva in kmeminit() on large memory machines
(4 gigs or more).

Reviewed by:	tmm
2002-08-10 22:14:16 +00:00
Maxime Henrion
5965373e69 - Introduce a new struct xvfsconf, the userland version of struct vfsconf.
- Make getvfsbyname() take a struct xvfsconf *.
- Convert several consumers of getvfsbyname() to use struct xvfsconf.
- Correct the getvfsbyname.3 manpage.
- Create a new vfs.conflist sysctl to dump all the struct xvfsconf in the
  kernel, and rewrite getvfsbyname() to use this instead of the weird
  existing API.
- Convert some {set,get,end}vfsent() consumers to use the new vfs.conflist
  sysctl.
- Convert a vfsload() call in nfsiod.c to kldload() and remove the useless
  vfsisloadable() and endvfsent() calls.
- Add a warning printf() in vfs_sysctl() to tell people they are using
  an old userland.

After these changes, it's possible to modify struct vfsconf without
breaking the binary compatibility.  Please note that these changes don't
break this compatibility either.

When bp will have updated mount_smbfs(8) with the patch I sent him, there
will be no more consumers of the {set,get,end}vfsent(), vfsisloadable()
and vfsload() API, and I will promptly delete it.
2002-08-10 20:19:04 +00:00
Maxime Henrion
306e6b8393 Introduce a new sysctl flag, CTLFLAG_SKIP, which will cause
sysctl_sysctl_next() to skip this sysctl.  The sysctl is
still available, but doesn't appear in a "sysctl -a".

This is especially useful when you want to deprecate a sysctl,
and add a warning into it to warn users that they are using
an old interface.  Without this flag, the warning would get
echoed when running "sysctl -a" (which happens at boot).
2002-08-10 19:56:45 +00:00
Scott Long
2f4bfb29bb Fix GET_TRAN_SETTINGS to be more correct.
Don't allow SCSI resets on the 5400S card, it seems to cause problems with
certain backplanes.

Submitted by:	lnb@freebsdsystems.com
MFC after:	3 days
2002-08-10 19:55:00 +00:00
Scott Long
5fd988a2d7 Fix the GET_TRAN_SETTINGS and SET_TRAN_SETTINGS ops to be more correct. 2002-08-10 19:48:27 +00:00
Alan Cox
fab965bf7e o Use the VM_ALLOC_WIRED flag instead of calling vm_page_wire(). 2002-08-10 18:42:13 +00:00
Alan Cox
38f612e053 o Remove the setting and clearing of the PG_MAPPED flag from the alpha and
ia64 pmap.
 o Remove the PG_MAPPED flag's declaration.
2002-08-10 18:01:39 +00:00
Alan Cox
10864380ab o Remove the setting and clearing of the PG_MAPPED flag. (This flag is
obsolete.)
2002-08-10 17:14:14 +00:00
Søren Schmidt
9da322c8aa Minor corrections.
Suggested by: scottl <Scott Long>
2002-08-10 11:56:03 +00:00
Alan Cox
0da7370593 o Remove the setting and clearing of the PG_MAPPED flag. (This flag is
obsolete.)
2002-08-10 07:40:30 +00:00
Alan Cox
db44450b11 o Remove the setting and clearing of the PG_MAPPED flag. (This flag is
obsolete.)
2002-08-10 07:11:16 +00:00
Warner Losh
673cffefc7 When we allocate our bus address via the kludge that we have in the
code to do it when the bios doesn't do it for us, flag it.  Then, when
we dealloc, do an equal kludge to get rid of the address.  This should
address the can't get IRQ and panic bug in a more graceful way.

# really should write a dealloc routine and just call it instead, since
# this might not fix things in the kldunload case.
2002-08-10 06:37:32 +00:00
Warner Losh
44d0da39f0 confirmed OZ6912 and 6972 share same pci ID 2002-08-10 06:35:03 +00:00
Luigi Rizzo
43405724ec One bugfix and one new feature.
The bugfix (ipfw2.c) makes the handling of port numbers with
a dash in the name, e.g. ftp-data, consistent with old ipfw:
use \\ before the - to consider it as part of the name and not
a range separator.

The new feature (all this description will go in the manpage):

each rule now belongs to one of 32 different sets, which can
be optionally specified in the following form:

	ipfw add 100 set 23 allow ip from any to any

If "set N" is not specified, the rule belongs to set 0.

Individual sets can be disabled, enabled, and deleted with the commands:

	ipfw disable set N
	ipfw enable set N
	ipfw delete set N

Enabling/disabling of a set is atomic. Rules belonging to a disabled
set are skipped during packet matching, and they are not listed
unless you use the '-S' flag in the show/list commands.
Note that dynamic rules, once created, are always active until
they expire or their parent rule is deleted.
Set 31 is reserved for the default rule and cannot be disabled.

All sets are enabled by default. The enable/disable status of the sets
can be shown with the command

	ipfw show sets

Hopefully, this feature will make life easier to those who want to
have atomic ruleset addition/deletion/tests. Examples:

To add a set of rules atomically:

	ipfw disable set 18
	ipfw add ... set 18 ...		# repeat as needed
	ipfw enable set 18

To delete a set of rules atomically

	ipfw disable set 18
	ipfw delete set 18
	ipfw enable set 18

To test a ruleset and disable it and regain control if something
goes wrong:

	ipfw disable set 18
	ipfw add ... set 18 ...         # repeat as needed
	ipfw enable set 18 ; echo "done "; sleep 30 && ipfw disable set 18

    here if everything goes well, you press control-C before
    the "sleep" terminates, and your ruleset will be left
    active. Otherwise, e.g. if you cannot access your box,
    the ruleset will be disabled after the sleep terminates.

I think there is only one more thing that one might want, namely
a command to assign all rules in set X to set Y, so one can
test a ruleset using the above mechanisms, and once it is
considered acceptable, make it part of an existing ruleset.
2002-08-10 04:37:32 +00:00
Peter Wemm
ba1d9b20f4 My quad cpu itanium2 box has its cpu's numbered with a lid starting
at 192.  Masking off bottom 4 bits is not very good here.
2002-08-10 03:36:42 +00:00
Søren Schmidt
fd4b4ecc73 Add the ability to use ATAPI devices via CAM.
The CAM<>ATAPI layer was submitted by "Thomas Quinot <thomas@cuivre.fr.eu.org>"
changes form the version on the net by me (formatting, ability to be used
alone without the ATAPI native device driver, proper speed reporting...)

See /sys/conf/NOTES for usage.

Submitted by: Thomas Quinot <thomas@cuivre.fr.eu.org>
2002-08-09 20:54:06 +00:00
Mitsuru IWASAKI
27d18856c9 Add help about hint.acpi.0.disable. 2002-08-09 20:07:51 +00:00
Brooks Davis
05c872ad62 Make ppp(4) devices clonable and unloadable. 2002-08-09 15:30:48 +00:00
Poul-Henning Kamp
190c0c27be Update ELAST. 2002-08-09 14:54:33 +00:00
Jacques Vidrine
5b770403b5 While we're at it, add range checks similar to those in previous commit to
getsockname() and getpeername(), too.
2002-08-09 12:58:11 +00:00
Poul-Henning Kamp
9d6d1ee63e Introduce a new error return code:
#define EDOFUS          88              /* Programming error */
This can be used to signal error situations which indicate that the
program logic or assumptions is deficient.
2002-08-09 10:15:48 +00:00
Mitsuru IWASAKI
27c7af4d02 Fix wrong member variable ordering of struct acpi_bif. 2002-08-09 07:08:53 +00:00
David E. O'Brien
ac03993585 Restore autoloading of ACPI module.
Document the approved ways of disabling it.
Submitted by:	Daniel O'Connor <doconnor@gsoft.com.au>
2002-08-09 06:07:33 +00:00
Robert Watson
82d9ad331a Add additional range checks for copyout targets.
Submitted by:	Silvio Cesare <silvio@qualys.com>
2002-08-09 05:50:32 +00:00
David E. O'Brien
438b0be9fa Don't auto load ACPI -- it causes trouble with my laptop and is TOTALLY
undocumented how to control its loading and queries to freebsd-current
go unanswered.
2002-08-09 05:21:01 +00:00
Luigi Rizzo
fd9430fea6 use the new interface to ether_input(), with eh = NULL and
the MAC header in the mbuf.

MFC after: 3 days
2002-08-09 01:48:28 +00:00
Alan Cox
06ec58b740 o Use pmap_page_is_mapped() in vm_page_protect() rather than the PG_MAPPED
flag.  (This is the only place in the entire kernel where the PG_MAPPED
   flag is tested.  It will be removed soon.)
2002-08-08 19:12:36 +00:00
Doug Ambrisko
1f5488043d Add support for SX cards using TBI such as Netgear GA621.
Sponsored by:	Vernier Networks.
MFC after:	1 week
2002-08-08 18:33:28 +00:00
Warner Losh
fd78f7e0f3 Don't bogusly depend on pcic. pccard should be enough.
Noticed by: jhay
Forgotten  about for two years by: imp
2002-08-08 15:52:55 +00:00
Bosko Milekic
850be9af25 Only my brain can fart while fixing a previous brain fart. 2002-08-08 13:31:57 +00:00
Bosko Milekic
0584320e56 YIKES, I take the pointy-hat for a really big braino here. I
appologize to those of you who may have been seeing crashes in
code that uses sendfile(2) or other types of external buffers
with mbufs.

Pointed out by, and provided trace:
    Niels Chr. Bank-Pedersen <ncbp at bank-pedersen.dk>
2002-08-08 13:29:32 +00:00
Robert Watson
92e35b6006 Due to layering problems, remove the MAC checks from vn_rdwr() -- this
VOP wrapper is called from within file systems so can result in odd
loopback effects when MAC enforcement is use with the active (as
opposed to saved) credential.  These checks will be moved elsewhere.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-08 12:45:30 +00:00
Josef Karthauser
3b7efc56d0 Use the hw.usb sysctl tree instead of debug.usb.
Requested by:	imp
2002-08-08 12:05:51 +00:00
Søren Schmidt
b2e73852e5 Add DVD+RW support to the ATA driver and burncd. This also closes
PR40430 by "Peter Haight <peterh@sapros.com>" that has semilar patches
included and which I merged with my own work.

HW sponsored by: FreeBSD Foundation & FreeBSD Mall Inc

Enjoy!
2002-08-08 07:59:24 +00:00
Julian Elischer
6933e3c12b Do some work on keeping better track of stopped/continued state.
I'm not sure what happenned to the original setting of the P_CONTINUED
flag. it appears to have been lost in the paper shuffling...

Submitted by:	David Xu <bsddiy@yahoo.com>
2002-08-08 06:18:41 +00:00
Julian Elischer
0f2fe5396f EAK! two status flags in teh proc structure were defined to the
same value!

Picked up by: David Xu <bsddiy@yahoo.com>
2002-08-08 06:09:32 +00:00
Doug Ambrisko
d44ef39e51 Fixes for the D-Link DFE-580 card.
This is pretty much fixes any issue I can find:
     -  Watchdog timeouts were due to starting the TX DMA engine
        before we had a packet ready for it.  So the first packet
        sent never got out only if we sent more then one packet
        at a time did the others make it out and not blow up.
        Of course reseting the chip then caused us not to transmit
        the first packet again ie. catch-22.  This required logic changes.
     -  Combine interrupts on TX packets being queued up.
     -  Don't keep running around the RX ring since we might get
        out of sync so only go around once per receive
     -  Let the RX engine recover via the poll interface which is
        similar to the TX interface.  This way the chip wakes
        up with no effort when we read enough packets.
     -  Do better hand-shaking on RX & TX packets so they don't
        start of to soon.
     -  Force a duplex setting when the link comes up after
        an ste_init or it will default to half-duplex and be
        really slow.  This only happens on subsequent ste_init.
        The first one worked.
     -  Don't call stat_update for every overflow.  We only monitor
        the collisions so the tick interval is good enough for that.
        Just read in the collision stats to minimize bus reads.
     -  Don't read the miibus every tick since it uses delays and
        delays are not good for performance.
     -  Tie link events directly to the miibus code so the port
        gets set correctly if someone changes the port settings.
     -  Reduce the extreme number of {R,T}FD's.  They would consume
        130K of kernel memory for each NIC.
     -  Set the TX_THRESH to wait for the DMA engine to complete
        before running the TX FIFO.  This hurts peak TX performance
        but under bi-directional load the DMA engine can't keep up
        with the FIFO.  Testing shows that we end up in the case
        anyways (a la dc(4) issues but worse since the RX engine hogs
	everything).
     -  When stopping the card do a reset since the reset verifies the
	card has stopped.  Otherwise on heavy RX load the RX DMA engine
	is still stuffing packets into memory.  If that happens after
	we free the DMA area memory bits get scribled in memory and
	bad things happen.

This card still has seemingly unfixable issues under heavy RX load in
which the card takes over the PCI bus.

Sponsored by:	Vernier Networks
MFC after:	1 week
2002-08-07 22:31:27 +00:00
Doug Ambrisko
130be1f120 Only attach one PHY device to a controller. NetBSD has similar code.
The D-Link DFE-580 card will otherwise show 2 miibuses for each controller
and therefore 2 ukphy's.

Sponsored by:	Vernier Networks
MFC after:	1 week
2002-08-07 22:18:33 +00:00
Jeff Roberson
780bb93d31 - Adjust locking markup to match the proc markup.
- Add a comment about the current, unfinished, state of vnode locking.

Suggested by:	bde
2002-08-07 22:05:34 +00:00
Robert Watson
55ac5e1861 Correct a bug introduced in 1.26: M_PKTHDR is set in the 'flags'
argument, not the 'type' argument.  As a result of the buf, the
MAC label on some packet header mbufs might not be set in mbufs
allocated using m_getcl(), resulting in a page fault.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-07 20:15:29 +00:00
Thomas Moestl
d88d37d604 Use the CPU_* OID constants instead of OID_AUTO for the clock-related
sysctls for compatability with old applications.
2002-08-07 19:43:54 +00:00
Alan Cox
dde5f1949f o Introduce pmap_page_is_mapped(). Its purpose is to obsolete
the PG_MAPPED flag.
2002-08-07 19:37:22 +00:00
Robert Watson
2d70161756 Cache the credential provided during accton() for use in later accounting
vnode operations.  This permits the rights of the user (typically root)
used to turn on accounting to be used when writing out accounting entries,
rather than the credentials of the process generating the accounting
record.  This fixes accounting in a number of environments, including
file systems that offer revocation support, MAC environments, some
securelevel scenarios, and in some NFS environments.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-07 19:30:16 +00:00
Alan Cox
33559722db o Introduce pmap_page_is_mapped(). Its purpose is to obsolete
the PG_MAPPED flag.
2002-08-07 18:03:00 +00:00
Robert Watson
4d1a4bb79f Refresh the credential on the first initproc thread following divorcing
the initproc credential from the proc0 credential.  Otherwise, the
proc0 credential is used instead of initproc's credentil when authorizing
start_init() activities prior to initproc hitting userland for the
first time.  This could result in the incorrect credential being used
to authorize mounting of the root file system, which could in turn cause
problems for NFS when used in combination with uid/gid ipfw rules, or
with MAC.

Discussed with:	julian
2002-08-07 17:53:31 +00:00
Luigi Rizzo
ffe4fbf0fd Use new interface for ether_input().
Remove some unnecessary assignments to mbuf fields in sis_newbuf(),
the "length" fields are of no use while the mbuf is in the receive ring.

MFC after: 3 days
2002-08-07 16:08:54 +00:00
Mitsuru IWASAKI
be14b8e7ea Improve stack manipulation code of ACPI wakeup routine.
The new code just override stack top value with saved return address
rather than pop/push operation.

Submitted by:	jhb
2002-08-07 12:48:28 +00:00
Matthew N. Dodd
df95311a10 Move code block added in 1.157 to a safer part of fork1().
Submitted by:	 jake
2002-08-07 11:31:45 +00:00
Warner Losh
6690540821 Add Intersil and Symbol as vendors for 802.11 cards that the wi driver
supports.

Obtained from: NetBSD
2002-08-07 05:40:34 +00:00
Ian Dowse
ab6fc18e52 Our awk does not implement the ARGIND variable, so we were attempting
to parse the binary .kld file as a list of symbols. Fix this by
simply deleting the unwanted argument from the ARGV[] array instead
of trying to skip over it.
2002-08-06 19:31:04 +00:00
Alan Cox
b46f1c55f9 Set the ident field of the struct kevent that is registered by _aio_aqueue()
to the address of the user's aiocb rather than the kernel's aiocb.  (In other
words, prior to this change, the ident field returned by kevent(2) on
completion of an AIO was effectively garbage.)

Submitted by:	Romer Gil <rgil@cs.rice.edu>
2002-08-06 19:01:08 +00:00
Jake Burkholder
a520b73cdc Remove new console devices with cnremove before initializing them in
cninit.  This allows a console driver to replace the existing console
by calling cninit again, eg during the device probe.  Otherwise the
multiple console code sends output to both, which is unfortunate if
they're using the same hardware.
2002-08-06 18:56:41 +00:00
Max Khon
ae9e184e5e printf() formats fixes 2002-08-06 17:00:02 +00:00
Bruce Evans
1c530be49c Try harder to "set signal flags proprly [sic] for ast()". See rev.1.154. 2002-08-06 15:22:09 +00:00
Robert Watson
d2118dfaba Regen. 2002-08-06 15:16:55 +00:00
Robert Watson
280f0785e8 Rename mac_policy() to mac_syscall() to be more reflective of its
purpose.

Submitted by:	cvance@tislabs.com
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-06 15:15:53 +00:00
Don Lewis
b74f2c1878 Don't automagically call vslock() from SYSCTL_OUT(). Instead, complain
about calls to SYSCTL_OUT() made with locks held if the buffer has not
been pre-wired.  SYSCTL_OUT() should not be called while holding locks,
but if this is not possible, the buffer should be wired by calling
sysctl_wire_old_buffer() before grabbing any locks.
2002-08-06 11:28:09 +00:00
Benno Rice
0c1b03065b Connect bmtphy to the mii module build.
Forgotten a long time ago by:	benno
2002-08-06 06:09:47 +00:00
Mike Silbersack
a9ce5e05b5 Handle PMTU discovery in syn-ack packets slightly differently;
rely on syncache flags instead of directly accessing the route
entry.

MFC after:	3 days
2002-08-05 22:34:15 +00:00
Pierre Beyssac
f7a91b49b7 Fix typo in vnode flags causing deadlock in msdosfs_fsync().
Reviewed by:	jeff
2002-08-05 21:07:30 +00:00
Alan Cox
20fb589d13 o The introduction of kevent() broke lio_listio(): _aio_aqueue() thought
that LIO_READ and LIO_WRITE were requests for kevent()-based
   notification of completion.  Modify _aio_aqueue() to recognize LIO_READ
   and LIO_WRITE.

Notes: (1) The patch provided by the PR perpetuates a second bug in this
code, a direct access to user-space memory.  This change fixes that bug
as well. (2) This change is to code that implements a deprecated interface.
It should probably be removed after an MFC.

PR:		kern/39556
2002-08-05 19:14:27 +00:00
Max Khon
0d13f401f4 Make driver portable:
- bus_space'ify
- generate fake ethernet address using read_random() instead of reading
from timer i/o ports

Other minor fixes:
- remove "hack" in connect_to_master()
- use M_ZERO
- remove unused variable in sbni_ioctl()
- properly release irq in sbni_attach_isa() on attach errors
2002-08-05 18:14:16 +00:00
Ian Dowse
98caa2e4e9 Don't call softdep_slowdown() if soft updates are not active on the
filesystem. This causes a panic for kernels compiled without
softupdates.

Reported by:	luigi
2002-08-05 17:59:20 +00:00
Max Khon
2fb48d6c87 back out one change that crept in (will be committed later) 2002-08-05 17:32:16 +00:00
Max Khon
cc99b6cf41 style fixes 2002-08-05 17:20:17 +00:00
Dag-Erling Smørgrav
ea4c8f8ca1 Check the far end before registering an EVFILT_WRITE filter on a pipe. 2002-08-05 15:03:03 +00:00
Mike Silbersack
aff8da7074 Make sure to set the DMA transfer length register, plus one
small style fix.

Submitted by:	Thomas Nystrom <thn@saeab.se>
2002-08-05 13:24:06 +00:00
Jeff Roberson
973a3f4b94 - Document more of the struct vnode locking protocol.
- Slightly reformat a comment block.
2002-08-05 10:25:56 +00:00
Jeff Roberson
8947be9ba0 - Move some logic from getnewvnode() to a new function vcanrecycle()
- Unlock the free list mutex around vcanrecycle to prevent a lock order
   reversal.
2002-08-05 10:15:56 +00:00
Jeff Roberson
18c6acee26 - Move a VOP assert to the right place.
Spotted by:	i386 tinderbox
2002-08-05 08:55:53 +00:00
Jeff Roberson
be12d7a61d - Add a missing VI_UNLOCK to an error case in nfs_flush. 2002-08-05 08:54:29 +00:00
Warner Losh
6edfb9d7cb Fix minor typo in ID number in last commit 2002-08-05 07:48:31 +00:00
Warner Losh
cb642e2945 A definition of regulatory domains that matches the docs. 2002-08-05 07:45:57 +00:00
Warner Losh
b04a43c87c Differentiate between AT45DB011 compatible large serial flash parts
and the AT24C08 small serial flash parts.  We still report these as
the same part (since we group things already), but now we recognize
the small serial versions as well.
2002-08-05 07:24:02 +00:00
Warner Losh
ae06c30e2b Add a comment that says it looks like lucent cards have a primary
firmware revision as well (not sure which firmware versions are needed
for this, but the 6.x and 8.x 'software' versions that I have seem to
support it).

Add dBm comm quality RID.  This is like the normal comm quality rid,
except the signal and noise numbers are normalized to dBm.  Some
revisions of the prism firmware, however, don't support this RID, and
some that do support it return 0 for quality and/or noise.  Your
milage may vary.
2002-08-05 07:19:27 +00:00
Peter Wemm
c679b309f1 Revert rev 1.356 and 1.352 (pmap_mapdev hacks). It wasn't worth the
pain.
2002-08-05 06:10:03 +00:00
Alfred Perlstein
a4be7ce2dd Add a macro for SLIST traversal 'SLIST_FOREACH_PREVPTR',
this macro keeps a pointer to the previous element's next
pointer to allow for search and O(1) removal.
2002-08-05 05:18:43 +00:00
Alfred Perlstein
4442e4a436 Cleanup:
Fix line wrapping.
Remove 'register'.
malloc(9) with M_WAITOK can't fail, so remove checks for that.
2002-08-05 05:16:09 +00:00
Alan Cox
8365d52166 o Introduce pmap_page_is_mapped(). Its purpose is to obsolete
the PG_MAPPED flag.
2002-08-05 03:40:28 +00:00
Luigi Rizzo
9e2518582d Use m_getcl() to allocate buffers for the receive ring.
MFC after: 3 days
2002-08-05 00:21:24 +00:00
Alan Cox
7ffcf9ec77 o Don't set PG_MAPPED or PG_WRITEABLE when a page is mapped
using pmap_kenter() or pmap_qenter().
 o Use VM_ALLOC_WIRED in pmap_new_thread().
2002-08-05 00:04:18 +00:00
Luigi Rizzo
c939f1aee7 Extend the interface to ether_input(): a NULL eh pointer means that
the mbuf contains the ethernet header (eh) as well, which ether_input()
will strip off as needed.

This permits the removal (in a backward compatible way) of the
header removal code which right now is replicated in all drivers,
sometimes in an inconsistent way. Also, because many functions
called after ether_input() require the eh in the mbuf, eventually
we can propagate the interface and handle outdated drivers just
in ether_input().

Individual driver changes to use the new interface will follow as
we have a chance to touch them.

NOTE THAT THIS CHANGE IS FULLY BACKWARD COMPATIBLE AND DOES NOT BREAK
BINARY COMPATIBILITY FOR DRIVERS.

MFC after: 3 days
2002-08-04 23:55:06 +00:00
Luigi Rizzo
2b5989e943 Fix handling of Receiver Not Ready errors when doing polling.
Also take this chance to cleanup the code in fxp_intr_body.

Add a missing block of code to disable interrupts when
reinitializing the interface while doing polling (the RELENG_4
version was correct).

MFC after: 3 days
2002-08-04 22:33:28 +00:00
Luigi Rizzo
32d273402d Use m_getcl() to allocate mbuf+cluster for the receive ring.
Remove the sis_quick variable, as it was there for testing purposes
only.

MFC after: 3 days
2002-08-04 21:52:05 +00:00
Luigi Rizzo
fc1c73c21a Temporarily disable polling when no processes are active, while I
investigate the problem described below.

I am seeing some strange livelock on recent -current sources with
a slow box under heavy load, which disappears with this change.
This might suggest some kind of problem (either insufficient locking,
or mishandling of priorities) in the poll_idle thread.
2002-08-04 21:00:49 +00:00
Poul-Henning Kamp
e26ebcce25 Repond properly to NGM_TEXT_CONFIG messages. 2002-08-04 20:50:50 +00:00
Luigi Rizzo
1cbd978e96 bugfix: move check for udp_blackhole before the one for icmp_bandlim.
MFC after: 3 days
2002-08-04 20:50:13 +00:00
Mike Barcroft
2dd3656781 Fix typo in the last revision.
Noticed by:	i386 tinderbox
2002-08-04 19:34:38 +00:00
Jake Burkholder
ab1cee3d3d se -> sab. 2002-08-04 19:07:15 +00:00
Alan Cox
24c28f1ad6 o Acquire the page queues lock before checking the page's busy status
in vm_page_grab().  Also, replace the nearby tsleep() with an msleep()
   on the page queues lock.
2002-08-04 19:05:20 +00:00
Jake Burkholder
d5e6ffe8d2 Ported to FreeBSD. 2002-08-04 18:41:27 +00:00
Jake Burkholder
47029a19ea Add Jason L. Wright's driver for the SAB82532 serial chip, found in many
sun ultras.

Obtained from:	OpenBSD
2002-08-04 18:36:36 +00:00
Eric Anholt
2690c0bb32 Add device agp to GENERIC, filter it out of floppy builds
Approved by:	des (mentor)
2002-08-04 18:35:02 +00:00
Jake Burkholder
ab9d7ec432 Remove this abortive attempt. 2002-08-04 18:24:09 +00:00
Peter Wemm
3f3655b092 Fix a mistake in 1.352 - I was returning a pointer to the rounded down
address.  I expect this will fix acpica.
2002-08-04 18:11:38 +00:00
Warner Losh
35e58ed326 Remove commented out PCI_ENABLE_IO_MODES. It is gone now. 2002-08-04 18:06:15 +00:00
Scott Long
2bbe0d3617 Simplify the handling of a fragmented file_id descriptor. Also
de-obfuscate the file_char flags.
2002-08-04 16:42:20 +00:00
Jeff Roberson
e6e370a7fe - Replace v_flag with v_iflag and v_vflag
- v_vflag is protected by the vnode lock and is used when synchronization
   with VOP calls is needed.
 - v_iflag is protected by interlock and is used for dealing with vnode
   management issues.  These flags include X/O LOCK, FREE, DOOMED, etc.
 - All accesses to v_iflag and v_vflag have either been locked or marked with
   mp_fixme's.
 - Many ASSERT_VOP_LOCKED calls have been added where the locking was not
   clear.
 - Many functions in vfs_subr.c were restructured to provide for stronger
   locking.

Idea stolen from:	BSD/OS
2002-08-04 10:29:36 +00:00
Alan Cox
7f0bf36a2e o Extend the scope of the page queues lock in contigmalloc1().
o Replace vm_page_sleep_busy() with vm_page_sleep_if_busy()
   in vm_contig_launder().
2002-08-04 07:07:34 +00:00
Alan Cox
4453ada654 o Convert a vm_page_sleep_busy() into a vm_page_sleep_if_busy()
with appropriate page queue locking.
2002-08-04 06:27:37 +00:00
Alan Cox
ea5e5b13f8 o Request a wired page from vm_page_grab() in _pmap_allocpte(). 2002-08-04 04:55:31 +00:00
Jake Burkholder
7746cd480a Print out the strings in vers.o instead of hardcoding the loader banner. 2002-08-04 01:30:26 +00:00
Matthew N. Dodd
9ccba881d9 Kernel modifications necessary to allow to follow fork()ed children.
PR:		 bin/25587 (in part)
MFC after:	 3 weeks
2002-08-04 01:07:02 +00:00
Alan Cox
b9c51c912e o Ask for a prezeroed page in pmap_pinit() for the page directory page. 2002-08-03 20:24:51 +00:00
Alan Cox
3327872297 o Convert two instances of vm_page_sleep_busy() to vm_page_sleep_if_busy()
with appropriate page queue locking.
2002-08-03 18:59:19 +00:00
Luigi Rizzo
ea779ff36c Fix handling of packets which matched an "ipfw fwd" rule on the input side. 2002-08-03 14:59:45 +00:00
Alan Cox
5da2d6a46d o Don't set PG_MAPPED on the page allocated and mapped in _pmap_allocpte().
(Only set this flag if the mapping has a corresponding pv list entry,
   which this mapping doesn't.)
2002-08-03 06:42:30 +00:00
Peter Wemm
af932613d7 Ignore memory above 4GB for now due to unpleasant pci issues. 2002-08-03 03:35:06 +00:00
Alan Cox
aa9b1d9412 o Remove the setting of PG_MAPPED from vm_page_wire() and
vm_page_alloc(VM_ALLOC_WIRED).
2002-08-03 01:29:52 +00:00
Peter Wemm
8f1586dd65 Take advantage of the fact that there is a small 1MB direct mapped region
on x86 in between KERNBASE and the kernel load address.  pmap_mapdev()
can return pointers to this for devices operating in the isa "hole".
2002-08-03 01:02:37 +00:00
Peter Wemm
1af04fadd1 Take a shot at fixing a nasty bug in the pmap changes that I did. I
missed the pmap_kenter/kremove in this file, which leads to read()/write()
of /dev/mem using stale TLB entries. (gah!)  Fortunately, mmap of /dev/mem
wasn't affected, so it wasn't as bad as it could have been.  This throws
some light on the 'X server affects stability' thread....

Pointed out by:	bde
2002-08-03 00:59:15 +00:00
Warner Losh
a0cd6004a9 We now have opt_wi.h, so go ahead and add it. Default it to 1. 2002-08-03 00:21:29 +00:00
Warner Losh
073eef8ca2 Add code that will download firmware to a Symbol LA4100-series of CF
cards.  Since the firmware is hard coded into the kernel, I've made it
a kernel option (WI_SYMBOL_FIRMWARE).

Note: This only downloads into the RAM of these cards.  It doesn't
download into FLASH, and is somewhat limited.  There needs to be a
better way to deal, but this works for now.  My Symbol LA4132 CF card
works now.

Obtained from: NetBSD
2002-08-03 00:19:58 +00:00
Warner Losh
b8182b24d7 While PCI interrupts are shareable, this should not have been committed just
yet.
2002-08-02 22:26:03 +00:00
Maxime Henrion
f2b17113cf Make the consumers of the linker_load_file() function use
linker_load_module() instead.

This fixes a bug where the kernel was unable to properly locate and
load a kernel module in vfs_mount() (and probably in the netgraph
code as well since it was using the same function).  This is because
the linker_load_file() does not properly search the module path.

Problem found by:	peter
Reviewed by:		peter
Thanks to:		peter
2002-08-02 20:56:07 +00:00
Robert Watson
4b32dfdcd7 Introduce support for Mandatory Access Control and extensible
kernel access control.

When generating nd6 output on an interface, label the packet
appropriately.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-02 20:49:14 +00:00
Robert Watson
e316463a86 When preserving the IP header in extra mbuf in the IP forwarding
case, also preserve the MAC label.  Note that this mbuf allocation
is fairly non-optimal, but not my fault.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-02 20:45:27 +00:00
Robert Watson
01e990be89 Improve ordering of MAC entry points in mac_policy_op structure.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-02 20:33:05 +00:00
Alan Cox
00f9e8b421 o Convert two instances of vm_page_sleep_busy() into vm_page_sleep_if_busy()
with appropriate page queue locking.
2002-08-02 18:55:29 +00:00
Poul-Henning Kamp
14a3a6ea0b Move a prototype to the least wrong place.
Suggested by:	bde
2002-08-02 18:45:43 +00:00
Peter Wemm
6a905efed3 ptvmmap does not exist on alpha. 2002-08-02 18:40:01 +00:00
Robert Watson
09a555cbf9 Work to fix LINT build.
Reported by:	phk
2002-08-02 18:08:14 +00:00
Poul-Henning Kamp
5f9dcc4468 SYSINIT needs to be SI_SUB_PSEUDO. Add a printf to tell we are here. 2002-08-02 16:47:29 +00:00
Poul-Henning Kamp
007054391b typo. 2002-08-02 15:55:18 +00:00
Poul-Henning Kamp
927b6b099d Add the minimalist elan-mmcr device driver.
This driver allows a userland program to mmap the MMCR of the AMD
Elan sc520 CPU.
2002-08-02 15:53:04 +00:00
Mark Murray
052c7c89c2 Modernise the cdevsw WRT to (unused) kqueue. 2002-08-02 11:24:43 +00:00
Scott Long
8db4c2f20c Calculate the correct physical block number for files that are
embedded into their file_entry descriptor.  This is more for
correctness, since these files cannot be bmap'ed/mmap'ed anyways.
Enforce this restriction.

Submitted by:	tes@sgi.com
2002-08-02 06:22:20 +00:00
Scott Long
678d5effd3 Check for deleted files in udf_lookup(), not just udf_readdir().
Submitted by:	tes@sgi.com
2002-08-02 06:19:43 +00:00
Alan Cox
1e7ce68ff4 o Lock page queue accesses in nwfs and smbfs.
o Assert that the page queues lock is held in vm_page_deactivate().
2002-08-02 05:23:58 +00:00
Alan Cox
e5b95b1209 o Lock page queue accesses by vm_page_deactivate(). 2002-08-02 04:40:10 +00:00
Alan Cox
64a1b85efa o Lock page queue accesses by vm_page_deactivate(). 2002-08-02 04:14:19 +00:00
Alan Cox
91bb74a88c o Lock page queue accesses by vm_page_deactivate(). 2002-08-02 03:56:31 +00:00
Robert Watson
67d722ed73 Introduce support for Mandatory Access Control and extensible
kernel access control.

Teach devfs how to respond to pathconf() _POSIX_MAC_PRESENT queries,
allowing it to indicate to user processes that individual vnode labels
are available.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-02 03:12:40 +00:00
Robert Watson
bdc2cd1318 Hook up devfs_pathconf() for specfs devfs nodes, not just regular
devfs nodes.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 22:27:57 +00:00
Robert Watson
1dbad969fe Demonstrate that MAC modules can also be linked statically as
well as loaded as modules by hooking up mac_none if
'options MAC_NONE' is defined.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 22:26:38 +00:00
Robert Watson
eddc160e00 Introduce support for Mandatory Access Control and extensible
kernel access control.

Invoke appropriate MAC entry points for a number of VFS-related
operations in the Linux ABI module.  In particular, handle uselib
in a manner similar to open() (more work is probably needed here),
as well as handle statfs(), and linux readdir()-like calls.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 22:23:02 +00:00
Robert Watson
85bb40473a Sample loader.conf lines for various MAC modules. 2002-08-01 22:03:19 +00:00
Jake Burkholder
4fbe520926 Forgot to commit this.
Spotted by:	scottl
2002-08-01 21:39:54 +00:00
Robert Watson
bdb3fa1832 Introduce support for Mandatory Access Control and extensible
kernel access control.

Add MAC support for the UDP protocol.  Invoke appropriate MAC entry
points to label packets that are generated by local UDP sockets,
and to authorize delivery of mbufs to local sockets both in the
multicast/broadcast case and the unicast case.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 21:37:34 +00:00
Robert Watson
8f293a63ce Introduce support for Mandatory Access Control and extensible
kernel access control.

Introduce two ioctls, SIOCGIFMAC, SIOCSIFMAC, which permit user
processes to manage the MAC labels on network interfaces.  Note
that this is part of the user process API/ABI that will be revised
prior to 5.0-RELEASE.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 21:15:53 +00:00
Robert Watson
64c2d84570 Introduce support for Mandatory Access Control and extensible
kernel access control.

Add MAC support for if_ppp.  Label packets as they are removed from
the raw PPP mbuf queue.  Preserve the mbuf MAC label across various
PPP data-munging and reconstitution operations.  Perform access
control checks on mbufs to be transmitted via the interface.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 21:13:47 +00:00
Robert Watson
10722b852b Introduce support for Mandatory Access Control and extensible
kernel access control.

Label packets generated by the gif virtual interface.

Perform access control on packets delivered to gif virtual interfaces.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 21:00:05 +00:00
Robert Watson
18b770b2fb Introduce support for Mandatory Access Control and extensible
kernel access control.

Invoke appropriate MAC framework entry points to authorize readdir()
operations in the native ABI.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 20:44:52 +00:00
Julian Elischer
67759b33f6 Fix a comment. 2002-08-01 19:10:40 +00:00
Julian Elischer
04774f2357 Slight cleanup of some comments/whitespace.
Make idle process state more consistant.
Add an assert on thread state.
Clean up idleproc/mi_switch() interaction.
Use a local instead of referencing curthread 7 times in a row
(I've been told curthread can be expensive on some architectures)
Remove some commented out code.
Add a little commented out code (completion coming soon)

Reviewed by:	jhb@freebsd.org
2002-08-01 18:45:10 +00:00
Robert Watson
ee0812f320 Since we have the struct file data pointer cached in vp, use that
instead when invoking VOP_POLL().
2002-08-01 18:29:30 +00:00
Alan Cox
46086ddf91 o Acquire the page queues lock before calling vm_page_io_finish().
o Assert that the page queues lock is held in vm_page_io_finish().
2002-08-01 17:57:42 +00:00
Robert Watson
f9d0d52459 Include file cleanup; mac.h and malloc.h at one point had ordering
relationship requirements, and no longer do.

Reminded by:	bde
2002-08-01 17:47:56 +00:00
Robert Watson
ebbd4fa8c8 Introduce support for Mandatory Access Control and extensible
kernel access control.

Hook up various policy modules to the kernel build.

Note that a number of these modules require futher entry point commits
in the remainder of the kernel to become fully functional, but enough
of the pieces are in place to allow experimentation.

Note also that it would be desirable to not build the mac_*.ko modules
if 'options MAC' is not defined in the kernel configuration, because
the resulting modules are not useful without the kernel option.  There
doesn't appear to be precedent for a way to do this -- for example,
we allow ipfw.ko to be built even if 'options NETINET' isn't defined.
Suggests welcomed on the "best" way to do this.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 17:41:27 +00:00
Robert Watson
4b826b4cfc Change macop_t to const, use macop_t in MAC policy entry point definition
structure.  This prevents a boatload of warnings in the MAC modules,
so we can hook them up to the build.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 17:32:01 +00:00
Robert Watson
4a58340e98 Introduce support for Mandatory Access Control and extensible
kernel access control

Invoke appropriate MAC framework entry points to authorize a number
of vnode operations, including read, write, stat, poll.  This permits
MAC policies to revoke access to files following label changes,
and to limit information spread about the file to user processes.

Note: currently the file cached credential is used for some of
these authorization check.  We will need to expand some of the
MAC entry point APIs to permit multiple creds to be passed to
the access control check to allow diverse policy behavior.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 17:23:22 +00:00
Marc Fonvieille
c0727dcbfe Fix the link to the Handbook 2002-08-01 17:21:18 +00:00
Robert Watson
37bde6c0a3 Introduce support for Mandatory Access Control and extensible
kernel access control.

Restructure the vn_open_cred() access control checks to invoke
the MAC entry point for open authorization.  Note that MAC can
reject open requests where existing DAC code skips the open
authorization check due to O_CREAT.  However, the failure mode
here is the same as other failure modes following creation,
wherein an empty file may be left behind.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 17:14:28 +00:00
Robert Watson
f4d2cfdda6 Introduce support for Mandatory Access Control and extensible
kernel access control.

Invoke appropriate MAC entry points to authorize the following
operations:

        truncate on open()                      (write)
        access()                                (access)
        readlink()                              (readlink)
        chflags(), lchflags(), fchflags()       (setflag)
        chmod(), fchmod(), lchmod()             (setmode)
        chown(), fchown(), lchown()             (setowner)
        utimes(), lutimes(), futimes()          (setutimes)
        truncate(), ftrunfcate()                (write)
        revoke()                                (revoke)
        fhopen()                                (open)
        truncate on fhopen()                    (write)
        extattr_set_fd, extattr_set_file()      (setextattr)
        extattr_get_fd, extattr_get_file()      (getextattr)
        extattr_delete_fd(), extattr_delete_file() (setextattr)

These entry points permit MAC policies to enforce a variety of
protections on vnodes.  More vnode checks to come, especially in
non-native ABIs.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 15:37:12 +00:00
Robert Watson
339b79b939 Introduce support for Mandatory Access Control and extensible
kernel access control.

Invoke an appropriate MAC entry point to authorize execution of
a file by a process.  The check is placed slightly differently
than it appears in the trustedbsd_mac tree so that it prevents
a little more information leakage about the target of the execve()
operation.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 14:31:58 +00:00
Bosko Milekic
abc1263a51 Move the MAC label init/destroy stuff to more appropriate places so that
the inits/destroys are done without the cache locks held even in the
persistent-lock calls.  I may be cheating a little by using the MAC
"already initialized" flag for now.
2002-08-01 14:24:41 +00:00
John Baldwin
12240b1159 Revert previous revision which accidentally snuck in with another commit.
It just removed a comment that doesn't make sense to me personally.
2002-08-01 13:44:33 +00:00
John Baldwin
0711ca46c5 Revert previous revision which was accidentally committed and has not been
tested yet.
2002-08-01 13:39:33 +00:00
John Baldwin
fbd140c786 If we fail to write to a vnode during a ktrace write, then we drop all
other references to that vnode as a trace vnode in other processes as well
as in any pending requests on the todo list.  Thus, it is possible for a
ktrace request structure to have a NULL ktr_vp when it is destroyed in
ktr_freerequest().  We shouldn't call vrele() on the vnode in that case.

Reported by:	bde
2002-08-01 13:35:38 +00:00
Mitsuru IWASAKI
6a7ef08763 Fix a bug about stack manipulation at ACPI wakeup.
This should avoid kernel panic on kernel compiled w/o
NO_CPU_COPTFLAGS.

Suggested by:	optimized code by -mcpu=pentiumpro
2002-08-01 09:48:01 +00:00
Warner Losh
3d976872ed Don't set the IFF_PROMISC bit when in hostap mode like the previous
commit bogusly did.  Instead, don't set PROMSIC in the hardware if
we're in hostap mode.  This matches more closely what openbsd did as
well.
2002-08-01 07:37:52 +00:00
Robert Watson
d00e44fb4a Document the undocumented assumption that at least one of the PCB
pointer and incoming mbuf pointer will be non-NULL in tcp_respond().
This is relied on by the MAC code for correctness, as well as
existing code.

Obtained from:	TrustedBSD PRoject
Sponsored by:	DARPA, NAI Labs
2002-08-01 03:54:43 +00:00
Robert Watson
0070e096d7 Introduce support for Mandatory Access Control and extensible
kernel access control.

Add support for labeling most out-going ICMP messages using an
appropriate MAC entry point.  Currently, we do not explicitly
label packet reflect (timestamp, echo request) ICMP events,
implicitly using the originating packet label since the mbuf is
reused.  This will be made explicit at some point.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 03:53:04 +00:00
Robert Watson
b3e13e1c3f Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument chdir() and chroot()-related system calls to invoke
appropriate MAC entry points to authorize the two operations.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 03:50:08 +00:00
Robert Watson
b827919594 Introduce support for Mandatory Access Control and extensible
kernel access control.

Implement two IOCTLs at the socket level to retrieve the primary
and peer labels from a socket.  Note that this user process interface
will be changing to improve multi-policy support.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 03:45:40 +00:00
Peter Wemm
8fe52021c2 Remove duplicate 'modules-tags' rule 2002-08-01 03:13:10 +00:00
Robert Watson
c1ff2d9baf Introduce support for Mandatory Access Control and extensible
kernel access control.

Modify procfs so that (when mounted multilabel) it exports process MAC
labels as the vnode labels of procfs vnodes associated with processes.

Approved by:	des
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 02:03:21 +00:00
Scott Long
0d74300cae Allow the ahc and ahd drivers to be built as modules. This also
breaks the ahc driver into a core back-end and pci and eisa
front-ends.
2002-08-01 01:36:39 +00:00
Robert Watson
dee93f2c52 Introduce support for Mandatory Access Control and extensible
kernel access control.

Modify pseudofs so that it can support synthetic file systems with
the multilabel flag set.  In particular, implement vop_refreshlabel()
as pn_refreshlabel().  Implement pfs_refreshlabel() to invoke this,
and have it fall back to the mount label if the file system does
not implement pn_refreshlabel() for the node.  Otherwise, permit
the file system to determine how the service is provided.

Approved by:	des
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:33:12 +00:00
Robert Watson
b285e7f9a8 Improve formatting and variable use consistency in extattr system
calls.

Submitted by:	green
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:29:03 +00:00
Robert Watson
956fc3f8a5 Simplify the logic to enter VFS_EXTATTRCTL().
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:26:07 +00:00
Robert Watson
d03db4290d Introduce support for Mandatory Access Control and extensible
kernel access control.

Authorize vop_readlink() and vop_lookup() activities during recursive
path lookup via namei() via calls to appropriate MAC entry points.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:21:40 +00:00
Robert Watson
6ea48a903c Introduce support for Mandatory Access Control and extensible
kernel access control.

Authorize the creation of UNIX domain sockets in the file system
namespace via an appropriate invocation a MAC framework entry
point.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:18:42 +00:00
Robert Watson
b65f6f6b69 When invoking NDINIT() in preparation for CREATE, set SAVENAME since
we'll use nd.ni_cnp later.

Submitted by:	green
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:16:22 +00:00
Robert Watson
62b24bcc26 Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument ctty driver invocations of various vnode operations on the
terminal controlling tty to perform appropriate MAC framework
authorization checks.

Note: VOP_IOCTL() on the ctty appears to be authorized using NOCRED in
the existing code rather than td->td_ucred.  Why?

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:09:54 +00:00
Robert Watson
467a273ca0 Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument the ktrace write operation so that it invokes the MAC
framework's vnode write authorization check.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:07:03 +00:00
Robert Watson
c86ca022eb Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument the kernel ACL retrieval and modification system calls
to invoke MAC framework entry points to authorize these operations.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-01 01:04:16 +00:00
Jake Burkholder
256e0b2bbb Modify the cache handling code to assume 2 virtual colours, which is much
simpler and easier to get right.  Add comments.  Add more statistic
gathering on cacheable and uncacheable mappings.
2002-08-01 00:16:22 +00:00
Jake Burkholder
b519494ef1 Add some statistic gathering for cache flushes. 2002-07-31 23:39:50 +00:00
Robert Watson
5aae45c2e6 The ppp and tunnel modules now rely on opt_mac.h. Missed in a previous
commit.

Submitted by:	Anders Andersson <anders@hack.org>
2002-07-31 20:19:28 +00:00
Jake Burkholder
f739b33f57 Stash various networking paramters in the environment for the kernel
to pick up, ala pxe.
2002-07-31 20:17:06 +00:00
Warner Losh
db351cca83 Add 16-bit before bus to keep the words card and bus apart. 2002-07-31 20:01:11 +00:00
Mike Silbersack
16afddabdc Make sure to set both sets of registers which control the RX and TX buffer
sizes.  Previously, the end result was at the mercy of the card's default
setting.  This change will reduce the number of buffer underruns for
some users.

PR:		kern/37929
Submitted by:	Thomas Nystrom <thn@saeab.se>
MFC after:	7 days
2002-07-31 19:58:36 +00:00
John Baldwin
7e71ff5ea7 - Split the unaligned access check flags out of md_flags in struct mdthread
and move them into md_uac in struct mdproc.  mdproc is protected by the
  proc lock.  md_flags now is only ever modified by the current thread, so
  it doesn't need a lock.
- Rename the constants for all the per-thread MD flags to use MDTD_*
  instead of MDP_*.
2002-07-31 19:37:03 +00:00
Robert Watson
c488362e1a Introduce support for Mandatory Access Control and extensible
kernel access control.

Instrument the TCP socket code for packet generation and delivery:
label outgoing mbufs with the label of the socket, and check socket and
mbuf labels before permitting delivery to a socket.  Assign labels
to newly accepted connections when the syncache/cookie code has done
its business.  Also set peer labels as convenient.  Currently,
MAC policies cannot influence the PCB matching algorithm, so cannot
implement polyinstantiation.  Note that there is at least one case
where a PCB is not available due to the TCP packet not being associated
with any socket, so we don't label in that case, but need to handle
it in a special manner.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-31 19:06:49 +00:00
Alan Cox
239b5b9707 o Setting PG_MAPPED and PG_WRITEABLE on pages that are mapped and unmapped
by pmap_qenter() and pmap_qremove() is pointless.  In fact, it probably
   leads to unnecessary pmap_page_protect() calls if one of these pages is
   paged out after unwiring.

Note: setting PG_MAPPED asserts that the page's pv list may be
non-empty.  Since checking the status of the page's pv list isn't any
harder than checking this flag, the flag should probably be eliminated.
Alternatively, PG_MAPPED could be set by pmap_enter() exclusively
rather than various places throughout the kernel.
2002-07-31 18:46:47 +00:00