ƒ° 147605 140 210 307 424 422 284 342 1128 223 373 339 316 420 148 459 154 154 200 166 690 149 312 238 335 214 288 166 186 193 369 325 479 295 460 154 319 1280 232 167 265 168 451 245 172 506 634 691 223 590 267 395 171 209 190 141 202 394 208 495 263 477 272 1105 693 981 861 866 1211 898 353 171 131 605 485 185 243 210 365 271 180 666 247 591 498 187 264 147 774 1072 493 214 222 223 174 172 152 172 183 367 200 273 195 303 181 1192 169 181 1199 178 380 217 1610 240 183 341 186 290 316 226 605 442 298 425 423 395 277 773 135 241 184 570 451 220 425 161 249 1010 1000 297 166 735 K 10 svn:author V 3 ups K 8 svn:date V 27 2005-06-25T22:24:45.000000Z K 7 svn:log V 117 Fix a timer ticks wrap around bug for minmssoverload processing. Approved by: re (scottl,dwhite) MFC after: 4 weeks END K 10 svn:author V 6 anholt K 8 svn:date V 27 2005-06-26T04:01:11.000000Z K 7 svn:log V 211 Make the initialization in the AGPv3 case match that of Linux. Fixes hangs on X startup with DRI enabled, with a v3-capable card. Tested by: Tom McLaughlin Approved by: re (scottl) END K 10 svn:author V 3 imp K 8 svn:date V 27 2005-06-26T04:19:45.000000Z K 7 svn:log V 331 o When calling ep_get_macaddr(), provide it a local buffer. Add a comment that says why we do this (or rather, explains that it is some voodoo magic that's poorly understood). The local buffer fixes the crash on attach. o Rename get_e() to ep_get_e() to avoid namespace pollution. Submitted by: mux Approved by: re (scottl) END K 10 svn:author V 5 maxim K 8 svn:date V 27 2005-06-26T06:59:50.000000Z K 7 svn:log V 327 MFC rev. 1.19 sys/kern/uipc_accf.c to sys/kern/uipc_accf.c and sys/kern/uipc_socket.c, bug fixes for: setsockopt(2) cannot remove accept filter, getsockopt(SO_ACCEPTFILTER) always returns success on listen socket. MFC rev. 1.4 tools/regression/sockets/accf_data_attach/accf_data_attach.c: Add regression tests for these bugs. END K 10 svn:author V 5 maxim K 8 svn:date V 27 2005-06-26T07:04:23.000000Z K 7 svn:log V 189 MFC rev. 1.19 sys/kern/uipc_accf.c to sys/kern/uipc_socket.c, bug fixes for: setsockopt(2) cannot remove accept filter, getsockopt(SO_ACCEPTFILTER) always returns success on listen socket. END K 10 svn:author V 3 pjd K 8 svn:date V 27 2005-06-26T16:30:20.000000Z K 7 svn:log V 249 Introduce new per-jail variable jail__flags, which allows to specify jail(8) flags (before the change we had hardcoded "-l -U root"). Submitted by: Frank Behrens PR: conf/80244 Approved by: re (scottl) MFC after: 1 week END K 10 svn:author V 8 dwmalone K 8 svn:date V 27 2005-06-26T18:11:11.000000Z K 7 svn:log V 1029 Fix some long standing bugs in writing to the BPF device attached to a DLT_NULL interface. In particular: 1) Consistently use type u_int32_t for the header of a DLT_NULL device - it continues to represent the address family as always. 2) In the DLT_NULL case get bpf_movein to store the u_int32_t in a sockaddr rather than in the mbuf, to be consistent with all the DLT types. 3) Consequently fix a bug in bpf_movein/bpfwrite which only permitted packets up to 4 bytes less than the MTU to be written. 4) Fix all DLT_NULL devices to have the code required to allow writing to their bpf devices. 5) Move the code to allow writing to if_lo from if_simloop to looutput, because it only applies to DLT_NULL devices but was being applied to other devices that use if_simloop possibly incorrectly. PR: 82157 Submitted by: Matthew Luckie Approved by: re (scottl) END K 10 svn:author V 8 dwmalone K 8 svn:date V 27 2005-06-26T18:19:14.000000Z K 7 svn:log V 125 Add a quirk for a motherboard whose acpi timer runs too fast. Approved by: re (scottl) Approved by: nate MFC after: 2 weeks END K 10 svn:author V 6 anholt K 8 svn:date V 27 2005-06-26T20:51:17.000000Z K 7 svn:log V 277 MFC r1.24, which should fix failure to probe for many: Backout the code which tries to use undocumented way to determine if fm801 has sound capabilities or not. Unfortunately this code doesn't work as expected. PR: kern/45182, kern/48738, kern/82107 Submitted by: many END K 10 svn:author V 6 mlaier K 8 svn:date V 27 2005-06-26T21:00:52.000000Z K 7 svn:log V 243 Properly initialize ifq_maxlen for the defered send queue and make it actually work. Also use the right semantics for IF_HANDOFF to get correct stats. Reported and tested by: Sascha Luck Approved by: re (blanket) END K 10 svn:author V 5 silby K 8 svn:date V 27 2005-06-26T23:44:07.000000Z K 7 svn:log V 221 Change the panic in trash_ctor into just a printf for now. Once the reports of panics in trash_ctor relating to mbufs have been examined and a fix found, this will be turned back into a panic. Approved by: re (rwatson) END K 10 svn:author V 5 green K 8 svn:date V 27 2005-06-26T23:55:50.000000Z K 7 svn:log V 325 MFC: fix for NFS client deadlock with exceptionally large write sizes. src/sys/kern/vfs_bio.c r1.489, src/sys/nfsclient/nfs_bio.c r1.151-152, src/sys/nfsclient/nfs_vfsops.c r1.177, src/sys/nfsclient/nfsargs.h r1.68, src/sys/nfsclient/nfsmount.h r1.30, src/sys/sys/buf.h r1.186, src/sys/sys/bufobj.h r1.15 END K 10 svn:author V 7 trhodes K 8 svn:date V 27 2005-06-27T00:04:24.000000Z K 7 svn:log V 52 Sync up to CURRENT, effectively closing: PR: 76981 END K 10 svn:author V 7 trhodes K 8 svn:date V 27 2005-06-27T01:54:40.000000Z K 7 svn:log V 362 MFC: According to the information on: http://www.opengroup.org/onlinepubs/009695399/functions/swab.html the prototype for swab() should be in and not in . Move it, and update to match SUS. Leave the prototype in string.h for now, for backwards compat. PR: 74751 Submitted by: Craig Rodrigues Discussed with: das END K 10 svn:author V 6 avatar K 8 svn:date V 27 2005-06-27T02:51:03.000000Z K 7 svn:log V 59 MFC: (1.154) Fixing a memory leak in xpt_release_device(). END K 10 svn:author V 6 avatar K 8 svn:date V 27 2005-06-27T03:07:08.000000Z K 7 svn:log V 59 MFC: (1.154) Fixing a memory leak in xpt_release_device(). END K 10 svn:author V 2 ru K 8 svn:date V 27 2005-06-27T06:40:43.000000Z K 7 svn:log V 108 Tidy up the markup (fixing some nearby content bugs). Timeout from: sam Approved by: re (blanket manpages) END K 10 svn:author V 2 ru K 8 svn:date V 27 2005-06-27T07:07:55.000000Z K 7 svn:log V 75 Fix markup in local FreeBSD additions. Approved by: re (blanket manpages) END K 10 svn:author V 7 glebius K 8 svn:date V 27 2005-06-27T07:36:02.000000Z K 7 svn:log V 593 Disable checksum processing in LibAlias, when it works as a kernel module. LibAlias is not aware about checksum offloading, so the caller should provide checksum calculation. (The only current consumer is ng_nat(4)). When TCP packet internals has been changed and it requires checksum recalculation, a cookie is set in th_x2 field of TCP packet, to inform caller that it needs to recalculate checksum. This ugly hack would be removed when LibAlias is made more kernel friendly. Incremental checksum updates are left as is, since they don't conflict with offloading. Approved by: re (scottl) END K 10 svn:author V 2 ru K 8 svn:date V 27 2005-06-27T07:37:01.000000Z K 7 svn:log V 58 Fixed troff warnings. Approved by: re (blanket manpages) END K 10 svn:author V 7 glebius K 8 svn:date V 27 2005-06-27T07:39:13.000000Z K 7 svn:log V 215 - After LibAlias processing check for TCP packet with th_x2 field set. If found, then recalculate its checksum. - Remove debugging printfs. - Slightly rearrange code in ng_nat_rcvdata(). Approved by: re (scottl) END K 10 svn:author V 7 glebius K 8 svn:date V 27 2005-06-27T07:43:57.000000Z K 7 svn:log V 141 Implement suspend/resume operation for snd_csa(4) PR: kern/82243 Submitted by: Serge Semenenko Approved by: re (scottl) MFC after: 1 month END K 10 svn:author V 3 sos K 8 svn:date V 27 2005-06-27T09:12:11.000000Z K 7 svn:log V 242 Dont call ata_finish in ad_dump as that is no longer needed and causes panic. Dont try to enable read/write caching on devices that doesn't support it, this reduces the noise from ATA on flash devices and the like. Approved by: re@ (scottl) END K 10 svn:author V 7 thompsa K 8 svn:date V 27 2005-06-27T10:58:22.000000Z K 7 svn:log V 117 Fix a type-o in a bridging example. Submitted by: Niki Denev Approved by: mlaier (mentor) Approved by: re (blanket) END K 10 svn:author V 7 delphij K 8 svn:date V 27 2005-06-27T11:07:48.000000Z K 7 svn:log V 191 MFC revision 1.20 date: 2005/06/14 10:56:02; author: ru; state: Exp; lines: +3 -3 When IPC_NOWAIT is set and there is no message, msgrcv() fails with errno set to ENOMSG. PR: docs/82217 END K 10 svn:author V 6 cognet K 8 svn:date V 27 2005-06-27T14:33:32.000000Z K 7 svn:log V 71 Use -mno-apcs-frame if DEBUG isn't defined. Approved by: re (blanket) END K 10 svn:author V 7 rushani K 8 svn:date V 27 2005-06-27T14:54:49.000000Z K 7 svn:log V 90 bs driver was already removed. Approved by: re (hrs) Reviewed by: nyan MFC after: 1 week END K 10 svn:author V 3 jmg K 8 svn:date V 27 2005-06-27T17:10:22.000000Z K 7 svn:log V 100 remove a few uses of the word `really' Reviewed by: hrs Approved by: re (scottl) MFC after: 1 week END K 10 svn:author V 7 rushani K 8 svn:date V 27 2005-06-27T17:48:20.000000Z K 7 svn:log V 272 Merge the following from the English version: 1.5 -> 1.7 hardware/common/artheader.sgml 1.269 -> 1.281 hardware/common/dev.sgml Update a Japanese override of dev-auto.sgml. Approved by: re (hrs) Based on work by: Ryusuke Suzuki END K 10 svn:author V 7 thompsa K 8 svn:date V 27 2005-06-27T21:58:12.000000Z K 7 svn:log V 228 Fix a panic when bringing up the bridge interface. We were casting a ifnet pointer to a softc which is no longer valid since the ifnet struct was split out from the softc. Approved by: mlaier (mentor) Approved by: re (blanket) END K 10 svn:author V 2 ps K 8 svn:date V 27 2005-06-27T22:21:08.000000Z K 7 svn:log V 387 Merge a whole slew of stability fixes from RELENG_5/CURRENT. - amr should now work reliably on systems with more than 4GB of ram. - Assign a static slot number to each command instead of doing a linear search for free slots each time a command is needed. - Fixes for the ioctl path. A good portition of these changes were submitted by David Sze END K 10 svn:author V 3 phk K 8 svn:date V 27 2005-06-27T22:21:42.000000Z K 7 svn:log V 202 Libalias incorrectly applies proxy rules to the global divert socket: it should only look for existing translation entries, not create new ones (no matter how it got the idea). Approved by: re(scottl) END K 10 svn:author V 2 ps K 8 svn:date V 27 2005-06-27T22:27:42.000000Z K 7 svn:log V 368 - Postpone SACK option processing until after PAWS checks. SACK option processing is now done in the ACK processing case. - Merge tcp_sack_option() and tcp_del_sackholes() into a new function called tcp_sack_doack(). - Test (SEG.ACK < SND.MAX) before processing the ACK. Submitted by: Noritoshi Demizu Reveiewed by: Mohan Srinivasan, Raja Mukerji Approved by: re END K 10 svn:author V 6 marcel K 8 svn:date V 27 2005-06-27T23:29:06.000000Z K 7 svn:log V 59 Cosmetic: s/u_int64_t/uint64_t/g Approved by: re (scottl) END K 10 svn:author V 6 marcel K 8 svn:date V 27 2005-06-27T23:34:35.000000Z K 7 svn:log V 223 Replace the existing copyright notice with my own. Over the years I've changed this file so much that it's equivalent to a rewrite, and I'm not talking about any of the cosmetic changes of course. Approved by: re (scottl) END K 10 svn:author V 6 marcel K 8 svn:date V 27 2005-06-27T23:51:38.000000Z K 7 svn:log V 1183 Handle B-unit break instructions. The break.b is unique in that the immediate is not saved by the architecture. Any of the break.{mifx} instructions have their immediate saved in cr.iim on interruption. Consequently, when we handle the break interrupt, we end up with a break value of 0 when it was a break.b. The immediate is important because it distinguishes between different uses of the break and which are defined by the runtime specification. The bottomline is that when the GNU debugger replaces a B-unit instruction with a break instruction in the inferior, we would not send the process a SIGTRAP when we encounter it, because the value is not one we recognize as a debugger breakpoint. This change adds logic to decode the bundle in which the break instruction lives whenever the break value is 0. The assumption being that it's a break.b and we fetch the immediate directly out of the instruction. If the break instruction was not a break.b, but any of break.{mifx} with an immediate of 0, we would be doing unnecessary work. But since a break 0 is invalid, this is not a problem and it will still result in a SIGILL being sent to the process. Approved by: re (scottl) END K 10 svn:author V 7 delphij K 8 svn:date V 27 2005-06-28T02:23:56.000000Z K 7 svn:log V 135 Correct a comment in ucred.h. Submitted by: Wojciech A. Koszek PR: kern/82708 Approved by: re (scottl) END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2005-06-28T05:46:49.000000Z K 7 svn:log V 71 MFC Revision 1.123: Fix off-by-one nanosecond in macro TIMESPEC_ADD. END K 10 svn:author V 2 bz K 8 svn:date V 27 2005-06-28T06:55:45.000000Z K 7 svn:log V 173 Fix panic after ifnet changes in rev. 1.30. sc->sc_ifp is a pointer now and needs to be allocated before using. Reviewed by: gnn Approved by: re (scottl), rwatson (mentor) END K 10 svn:author V 3 sos K 8 svn:date V 27 2005-06-28T09:06:52.000000Z K 7 svn:log V 76 Zero donecount on auto request sense. PR: 81450 Approved by: re@ (scottl) END K 10 svn:author V 7 rushani K 8 svn:date V 27 2005-06-28T15:57:30.000000Z K 7 svn:log V 354 Merge the following from the English version: 1.5 -> 1.5.2.1 hardware/common/artheader.sgml 1.256 -> 1.227.2.26.2.2 hardware/common/dev.sgml 1.7 -> 1.9 hardware/ia64/proc-ia64.sgml Update a Japanese override of dev-auto.sgml. Submitted by: Ryusuke Suzuki Reference: [doc-jp-work 1116, 1158] END K 10 svn:author V 7 rushani K 8 svn:date V 27 2005-06-28T16:46:19.000000Z K 7 svn:log V 148 Merge the following from the English version: 1.227.2.26.2.2 -> 1.227.2.31 hardware/common/dev.sgml Update a Japanese override of dev-auto.sgml. END K 10 svn:author V 3 hmp K 8 svn:date V 27 2005-06-28T20:15:19.000000Z K 7 svn:log V 80 Use 'manual page' instead of 'man page' for consistency. Approved by: re (hrs) END K 10 svn:author V 6 anholt K 8 svn:date V 27 2005-06-28T21:38:08.000000Z K 7 svn:log V 410 Disable the drm_initmap calls in radeon_cp.c, due to them resulting in improper handling of pci resources, and mapping framebuffer leading to panics on X startup. The proper solution involves use of bus_alloc_resource without RF_ACTIVE, but this code is being rewritten in DRM CVS currently, and disabling for now doesn't remove any features, so take the easy route. PR: kern/80718 Approved by: re (scottl) END K 10 svn:author V 3 imp K 8 svn:date V 27 2005-06-28T21:56:04.000000Z K 7 svn:log V 541 Add a chipset field to the lookup. Use this chipset type to determine which command to use to read the eeprom and which devices have an MII. Simplify code by no longer using the OLDCARD compat rouintes (I don't know if this breaks OLDCARD on pc98 or not, but OLDCARD on pc98 days are numbered, I hope). This also removes a number of kludges that we had before because they are OBE. Add a convenience routine to lookup the device to avoid many casts in many places. Tested with: 3C589D-TP, 3CCSH572BT Approved by: re (scottl, blanket ep) END K 10 svn:author V 6 qingli K 8 svn:date V 27 2005-06-28T23:32:22.000000Z K 7 svn:log V 595 Require gateways for routes to be of the same address family as the route itself. It fixes a bug where an IPv4 route for example has an IPv6 gateway specified: route add 10.1.1.1 -inet6 fe80::1%fxp0 Destination Gateway Flags Refs Use Netif Expire 10.1.1.1 fe80::1%fxp0 UGHS 0 0 fxp0 The fix rejects these illegal combinations: route: writing to routing socket: Invalid argument add host 10.1.1.1: gateway fe80::1%fxp0: Invalid argument Reviewed by: KAME jinmei@isl.rdc.toshiba.co.jp Reviewed by: andre (mentor) Approved by: re MFC after: 5 END K 10 svn:author V 6 brooks K 8 svn:date V 27 2005-06-29T01:46:40.000000Z K 7 svn:log V 127 Remove isc-dhcp files from HEAD now that we're using the OpenBSD dhclient. Reminded by: ru Approved by: re (blanket dhclient) END K 10 svn:author V 5 silby K 8 svn:date V 27 2005-06-29T08:18:26.000000Z K 7 svn:log V 495 Fix the false memory modified after free messages some users have been reporting - in my previous change, I missed the case where a mbuf from the packet zone was freed back to the mbuf/packet keg, where it was subsequently put into the mbuf zone and found not to contain the expected trash. This change adds the necessary trash_dtor call inside mb_fini_pack so that everything is correct. Thanks for Bosko for finding the bug and showing me how secondary zones work. Approved by: re (dwhite) END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-06-29T15:13:25.000000Z K 7 svn:log V 174 Increase MAXCPU to 16 in SMP kernels so that APIC IDs from 0 to 15 are allowed for CPUs. Tested by: amd64 at cybernetwork dot org Approved by: re (scottl) MFC after: 1 week END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-06-29T15:16:20.000000Z K 7 svn:log V 302 - Change the commented out freebsd32_xxx() example to use kern_xxx() along with a single copyin() + translate and translate + copyout() rather than using the stackgap. - Remove implementation of the stackgap for freebsd32 since it is no longer used for that compat ABI. Approved by: re (scottl) END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-06-29T15:20:05.000000Z K 7 svn:log V 79 MFC revs 1.18 and 1.19 to fix random(6) on 64-bit platforms. PR: amd64/81279 END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-06-29T15:25:01.000000Z K 7 svn:log V 116 MFC revs 1.290 and 1.291: Don't enable I/O or memory mode in a device's command register for BARs with a base of 0. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-06-29T15:33:23.000000Z K 7 svn:log V 98 MFC 1.50: Don't ignore VESA devices that claim to be non-VGA devices. This fixes VESA on vmware. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-06-29T15:37:01.000000Z K 7 svn:log V 49 MFC: Clear devinfo_generation in devinfo_free(). END K 10 svn:author V 2 ps K 8 svn:date V 27 2005-06-29T15:57:10.000000Z K 7 svn:log V 110 Avoid a panic in the swizzle code by checking to see if the parent of the pci bus is NULL. Submitted by: jhb END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2005-06-29T17:27:40.000000Z K 7 svn:log V 297 During the system call table format change adding audit record event fields for each system call, I missed two system call files because they weren't named syscalls.master. Catch up with this last two, mapping the system calls to the NULL event for now. Spotted by: jhb Approved by: re (scottl) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2005-06-29T17:29:06.000000Z K 7 svn:log V 111 Regenerate after addition of audit event type number to syscalls.master file format. Approved by: re (scottl) END K 10 svn:author V 6 damien K 8 svn:date V 27 2005-06-29T17:54:01.000000Z K 7 svn:log V 399 o Fix a write mbuf-after-free bug. The duration field of the 802.11 header was written in the old fragmented mbuf chain instead of the defragmented one. Thus, the duration field of outgoing frames was incorrect. o Only call m_defrag() if the mbuf fragmentation threshold is greater than what is currently supported by the driver. Reviewed by: silby (mentor) Approved by: re (scottl) END K 10 svn:author V 2 ps K 8 svn:date V 27 2005-06-29T18:08:31.000000Z K 7 svn:log V 171 MFC: Wrap copyin/copyout for kevent so the 32bit wrapper does not have to malloc nchanges * sizeof(struct kevent) AND/OR nevents * sizeof(struct kevent) on every syscall. END K 10 svn:author V 6 mlaier K 8 svn:date V 27 2005-06-29T19:12:14.000000Z K 7 svn:log V 381 MFC: pf_ioctl.c, 1.20 if_pfsync.h, 1.7 and if_pfsync.c, 1.16-1.19 Defer ip_output of pfsync updates to an independent callout thread instead of just dropping the lock around the ip_output call. This used to cause corrupted state tree walks for some call-paths. Mark pf callouts as NET_MPSAFE. Tested by: Sascha Luck, Matthew Grooms and pfsense.org (via Scott Ullrich) END K 10 svn:author V 7 thompsa K 8 svn:date V 27 2005-06-29T19:23:32.000000Z K 7 svn:log V 175 Sync if_bridge to NetBSD r1.31 Rename conflicting variables when handling SNAP Ethernet frames. Obtained from: NetBSD Approved by: mlaier (mentor) Approved by: re (blanket) END K 10 svn:author V 5 simon K 8 svn:date V 27 2005-06-29T21:36:49.000000Z K 7 svn:log V 1009 Fix ipfw packet matching errors with address tables. The ipfw tables lookup code caches the result of the last query. The kernel may process multiple packets concurrently, performing several concurrent table lookups. Due to an insufficient locking, a cached result can become corrupted that could cause some addresses to be incorrectly matched against a lookup table. Submitted by: ru Reviewed by: csjp, mlaier Security: CAN-2005-2019 Security: FreeBSD-SA-05:13.ipfw Correct bzip2 permission race condition vulnerability. Obtained from: Steve Grubb via RedHat Security: CAN-2005-0953 Security: FreeBSD-SA-05:14.bzip2 Approved by: obrien Correct TCP connection stall denial of service vulnerability. A TCP packets with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options. Submitted by: Noritoshi Demizu Reviewed by: andre, Mohan Srinivasan Security: CAN-2005-2068 Security: FreeBSD-SA-05:15.tcp Approved by: re (security blanket), cperciva END K 10 svn:author V 5 simon K 8 svn:date V 27 2005-06-29T21:38:48.000000Z K 7 svn:log V 598 Correct ipfw packet matching errors with address tables. Security: CAN-2005-2019 Security: FreeBSD-SA-05:13.ipfw Correct bzip2 denial of service and permission race vulnerabilities. Obtained from: Redhat, Steve Grubb via RedHat Security: CAN-2005-0953, CAN-2005-1260 Security: FreeBSD-SA-05:14.bzip2 Approved by: obrien Correct TCP connection stall denial of service vulnerability. A TCP packets with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options. Security: CAN-2005-2068 Security: FreeBSD-SA-05:15.tcp Approved by: cperciva END K 10 svn:author V 5 simon K 8 svn:date V 27 2005-06-29T21:41:03.000000Z K 7 svn:log V 886 Correct ipfw packet matching errors with address tables. Security: CAN-2005-2019 Security: FreeBSD-SA-05:13.ipfw Correct bzip2 denial of service and permission race vulnerabilities. Obtained from: Redhat, Steve Grubb via RedHat Security: CAN-2005-0953, CAN-2005-1260 Security: FreeBSD-SA-05:14.bzip2 Approved by: obrien Correct TCP connection stall denial-of-service vulnerabilities. MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. A TCP packets with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options. Security: CAN-2005-0356, CAN-2005-2068 Security: FreeBSD-SA-05:15.tcp Approved by: so (cperciva) END K 10 svn:author V 5 simon K 8 svn:date V 27 2005-06-29T21:43:42.000000Z K 7 svn:log V 766 Correct bzip2 denial of service and permission race vulnerabilities. Obtained from: Redhat, Steve Grubb via RedHat Security: CAN-2005-0953, CAN-2005-1260 Security: FreeBSD-SA-05:14.bzip2 Approved by: obrien Correct TCP connection stall denial-of-service vulnerabilities. MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. A TCP packets with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options. Security: CAN-2005-0356, CAN-2005-2068 Security: FreeBSD-SA-05:15.tcp Approved by: cperciva END K 10 svn:author V 5 simon K 8 svn:date V 27 2005-06-29T21:46:15.000000Z K 7 svn:log V 771 Correct bzip2 denial of service and permission race vulnerabilities. Obtained from: Redhat, Steve Grubb via RedHat Security: CAN-2005-0953, CAN-2005-1260 Security: FreeBSD-SA-05:14.bzip2 Approved by: obrien Correct TCP connection stall denial-of-service vulnerabilities. MFC: rev 1.270 of tcp_input.c, rev 1.25 of tcp_seq.h by ps: When a TCP packets containing a timestamp is received, inadequate checking of sequence numbers is performed, allowing an attacker to artificially increase the internal "recent" timestamp for a connection. A TCP packets with the SYN flag set is accepted for established connections, allowing an attacker to overwrite certain TCP options. Security: CAN-2005-0356, CAN-2005-2068 Security: FreeBSD-SA-05:15.tcp Approved by: so (cperciva) END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-29T22:28:46.000000Z K 7 svn:log V 1115 Switch AMD64 and i386 platforms to using ELF as their kernel crash dump format. The key reason to do this is so that we can dump sparse address space. For example, we need to be able to skip the PCI hole just below the 4GB boundary. Trying to destructively dump MMIO device registers is Really Bad(TM). The frequent result of trying to do a crash dump on a machine with 4GB or more ram was ugly (lockup or reboot). This code has been taken directly from the IA64 dump_machdep.c code, with just a few (mostly minor) mods. Introduce a dump_avail[] array in the machdep.c code so that we have a source of truth for what memory is present in a machine that needs to be dumped. We can't use phys_avail[] because all sorts of things slice memory out of it that we really need to dump. eg: the vm page array and the dmesg buffer. dump_avail[] is pretty much an unmolested version of phys_avail[]. It does have Maxmem correction. Bump the i386 and amd64 dump format to version 2, but nothing actually uses this. amd64 was actually using the i386 dump version number. libkvm support to follow. Approved by: re END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-29T22:39:41.000000Z K 7 svn:log V 803 Support crash dumps > 4GB in size on 32 bit platforms. _kvm_kvatop() returned an lseek offset in a "u_long *" value, which can't express >4GB offsets on 32 bit machines (eg: PAE). Change to "off_t *" for all. Support ELF crashdumps on i386 and amd64. Support PAE crashdumps on i386. This is done by auto-detecting the presence of the IdlePDPT which means that PAE is active. I used Marcel's _kvm_pa2off strategy and ELF header reader for ELF support on amd64. Paul Saab ported the amd64 changes to i386 and we implemented the PAE support from there. Note that gdb6 in the src tree uses whatever libkvm supports. If you want to debug an old crash dump, you might want to keep an old libkvm.so handy and use LD_PRELOAD or the like. This does not detect the old raw dump format. Approved by: re END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-29T23:15:36.000000Z K 7 svn:log V 258 Clean out the leftovers from the i386_set_gsbase() TLS conversion. Like on libthr, there is an i386_set_gsbase() stub implementation here to avoid libc.so.5 issues. This should likely be a weak symbol and I expect this will be fixed soon. Approved by: re END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-29T23:23:16.000000Z K 7 svn:log V 77 Move the KDB_STOP_NMI option from opt_global.h to opt_kdb.h Approved by: re END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-30T00:09:18.000000Z K 7 svn:log V 37 Add COMPAT_FREEBSD5 Approved by: re END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-30T00:19:08.000000Z K 7 svn:log V 510 Conditionally weaken sys_generic.c rev 1.136 to allow certain dubious ioctl numbers in backwards compatability mode. eg: an IOC_IN ioctl with a size of zero. Traditionally this was what you did before IOC_VOID existed, and we had some established users of this in the tree, namely procfs. Certain 3rd party drivers with binary userland components also have this too. This is necessary to have 4.x and 5.x binaries use these ioctl's. We found this at work when trying to run 4.x binaries. Approved by: re END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-30T00:26:54.000000Z K 7 svn:log V 390 Add a special-case handler for general protection faults. It appears to be possible to get the swapgs state reversed if doreti traps during the iretq. Attempt to handle this. load_gs() might need special handling too. Running the kernel with the user's TLS and the kernel's PCPU space interchanged would be bad(TM). Discovered as a result of a conversation with: bde Approved by: re END K 10 svn:author V 2 ps K 8 svn:date V 27 2005-06-30T01:25:21.000000Z K 7 svn:log V 94 Match _kvm_kvatop to it's prototype in kvm_i386.c. This unbreaks the build. Approved by: re END K 10 svn:author V 6 jkoshy K 8 svn:date V 27 2005-06-30T02:38:46.000000Z K 7 svn:log V 147 Fix markup, correct typos, improve grammar, move the BUGS section to the end of the manual page. Submitted by: ru Approved by: re (blanket hwpmc) END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-30T03:38:10.000000Z K 7 svn:log V 115 Second part of commit for moving KDB_STOP_NMI from opt_global.h to opt_kdb.h. Found by: kris Approved by: re END K 10 svn:author V 6 brooks K 8 svn:date V 27 2005-06-30T04:46:21.000000Z K 7 svn:log V 269 When interfaces are given on the command line, don't attempt to filter them. Just try to run the given command on them. We need to be able to run stop functions on interfaces that have been deleted to stop wpa_supplicant. Approved by: re (interface startup blanket) END K 10 svn:author V 6 brooks K 8 svn:date V 27 2005-06-30T04:52:47.000000Z K 7 svn:log V 175 Add support for starting wpa_supplicant by adding the WPA keyword to an interface's ifconfig_ entry in /etc/rc.conf. Approved by: re (network interface startup blanket) END K 10 svn:author V 4 bmah K 8 svn:date V 27 2005-06-30T04:55:46.000000Z K 7 svn:log V 87 Fix grammar and markup nits, do some wordsmithing. Approved by: re (blanket relnotes) END K 10 svn:author V 6 brooks K 8 svn:date V 27 2005-06-30T05:02:34.000000Z K 7 svn:log V 570 - Remove the pccard_ifconfig variable in favor of a new ifconfig_DEFAULT variable. Unlike pccard_ifconfig, ifconfig_DEFAULT applies to all interfaces that do not specify an ifconfig_ variable rather than just those listed in removable_interfaces. - Correct the list of interfaces when network_interfaces and removable_interfaces are both set by including removable_interfaces in the list of canidates. - When listing dhcp interfaces, include those with other ifconfig options so nat works. Approved by: re (network interface startup blanket) END K 10 svn:author V 2 ru K 8 svn:date V 27 2005-06-30T05:31:01.000000Z K 7 svn:log V 155 Fixed two bugs in Perl to C conversion that prevented locale name from being parsed correctly. OK'ed by: markm Approved by: re (scottl) MFC after: 3 days END K 10 svn:author V 6 brooks K 8 svn:date V 27 2005-06-30T05:32:42.000000Z K 7 svn:log V 495 People like to do RFC violating things with the domain-name option and include a space seperated list of domains instead of the domain of the host. This is supported on too many platforms to break for now so, remove validation of this option for the moment. The correct solution longer term is to implement RFC 3397 support and then treat domain-name options containing space seperated lists of domains as domain-search options for backwards compatability. Approved by: re (dhclient blanket) END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-30T05:33:26.000000Z K 7 svn:log V 403 Sync i386->amd64. * Add ichwd (The Intel EM64T folks have an ICH) * Cosmetic comment syncs * Merge cpufreq change over to NOTES * add pbio (it compiles, but isn't useful since no boxes have ISA slots) * copy ath settings (note: wlan disabled here since its in global NOTES) * copy profiling, including fixing a previous i386->amd64 merge typo. Approved by: re (blanket i386 <-> amd64 sync/convergence) END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-30T05:37:48.000000Z K 7 svn:log V 93 i386->amd64 sync Add ath_hal and ichwd modules Approved by: re (blanked i386<->amd64 sync) END K 10 svn:author V 6 brooks K 8 svn:date V 27 2005-06-30T05:50:52.000000Z K 7 svn:log V 168 Don't complain when we receive smtp, pop, nntp, www, finger, and irc server options. Reported by: Max Boyarov Approved by: re (dhclient blanket) END K 10 svn:author V 2 ru K 8 svn:date V 27 2005-06-30T06:35:51.000000Z K 7 svn:log V 56 Tidy up the markup. Approved by: re (blanket manpages) END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-30T06:44:34.000000Z K 7 svn:log V 679 Begin promoting the AMD-originated feature flags to first class flags, now that newer Intel cpu hardware implements them too. This includes things like the NX (pte no-execute) flag for execute protection. We'll need to reference this for implementing no-exec in pmap.c at some point. Some feature flags are duplicated in both the Intel-orignated bits and the AMD bits. Suppress the the duplicates correctly - the old code assumed they were a 1:1 mapping which is not correct. We can't just mask off the bits present in cpu_feature. Converge with amd64 where this originated from. Intel cpu's that implement any AMD features will report them in dmesg now. Approved by: re END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-06-30T07:49:22.000000Z K 7 svn:log V 977 Jumbo-commit to enhance 32 bit application support on 64 bit kernels. This is good enough to be able to run a RELENG_4 gdb binary against a RELENG_4 application, along with various other tools (eg: 4.x gcore). We use this at work. ia32_reg.[ch]: handle the 32 bit register file format, used by ptrace, procfs and core dumps. procfs_*regs.c: vary the format of proc/XXX/*regs depending on the client and target application. procfs_map.c: Don't print a 64 bit value to 32 bit consumers, or their sscanf fails. They expect an unsigned long. imgact_elf.c: produce a valid 32 bit coredump for 32 bit apps. sys_process.c: handle 32 bit consumers debugging 32 bit targets. Note that 64 bit consumers can still debug 32 bit targets. IA64 has got stubs for ia32_reg.c. Known limitations: a 5.x/6.x gdb uses get/setcontext(), which isn't implemented in the 32/64 wrapper yet. We also make a tiny patch to gdb pacify it over conflicting formats of ld-elf.so.1. Approved by: re END K 10 svn:author V 3 den K 8 svn:date V 27 2005-06-30T11:35:03.000000Z K 7 svn:log V 400 Merge the following from the English version: 1.278 -> 1.282 hardware/common/dev.sgml 1.31 -> 1.32 installation/common/install.sgml 1.17 -> 1.19 installation/common/trouble.sgml 1.6 -> 1.7 installation/common/artheader.sgml 1.845 -> 1.879 relnotes/common/new.sgml 1.36 -> 1.37 readme/article.sgml Obtained from: The FreeBSD Russian Documentation Project Approved by: re (blanket) END K 10 svn:author V 5 johan K 8 svn:date V 27 2005-06-30T11:56:31.000000Z K 7 svn:log V 119 Our bsd.*.mk only supports 6 WARNS levels and we should not use higher values until it does. Approved by: re (dwhite) END K 10 svn:author V 3 den K 8 svn:date V 27 2005-06-30T12:07:29.000000Z K 7 svn:log V 129 Update Russian override of dev-auto.sgml Obtained from: The FreeBSD Russian Documentation Project Approved by: re (blanket) END K 10 svn:author V 7 rushani K 8 svn:date V 27 2005-06-30T12:54:30.000000Z K 7 svn:log V 126 Merge the following from the English version: 1.3 -> 1.7 Makefile 1.65 -> 1.73 errata/article.sgml Approved by: re (hrs) END K 10 svn:author V 7 rushani K 8 svn:date V 27 2005-06-30T12:54:57.000000Z K 7 svn:log V 78 Use consistent translation for the word ``interface''. Approved by: re (hrs) END K 10 svn:author V 3 hmp K 8 svn:date V 27 2005-06-30T13:04:25.000000Z K 7 svn:log V 80 Use 'manual page' instead of 'man page' for consistency. Approved by: re (hrs) END K 10 svn:author V 3 mtm K 8 svn:date V 27 2005-06-30T13:11:48.000000Z K 7 svn:log V 60 MFC: Sync description of IP portrange sysctls with reality. END K 10 svn:author V 3 hmp K 8 svn:date V 27 2005-06-30T13:18:15.000000Z K 7 svn:log V 80 Use 'manual page' instead of 'man page' for consistency. Approved by: re (hrs) END K 10 svn:author V 4 nyan K 8 svn:date V 27 2005-06-30T15:26:03.000000Z K 7 svn:log V 90 MFi386: revision 1.615 (change kernel crashdump format to ELF). Approved by: re (scottl) END K 10 svn:author V 7 rushani K 8 svn:date V 27 2005-06-30T16:26:24.000000Z K 7 svn:log V 270 - Retire the Early Adopter's Guide in HEAD. - Remove following files since their contents are merged into relnotes/common/new.sgml years ago. relnotes/common/artheader.sgml relnotes/common/intro.sgml relnotes/common/upgrading.sgml Approved by: re (hrs) END K 10 svn:author V 2 ps K 8 svn:date V 27 2005-06-30T17:17:29.000000Z K 7 svn:log V 108 Use SCTL_MASK32 to determine that the sysctl call is from a 32bit binary for kern.cp_time. Approved by: re END K 10 svn:author V 6 brooks K 8 svn:date V 27 2005-06-30T17:50:34.000000Z K 7 svn:log V 177 Remove REQUIRE and BEFORE lines since this script is not run by rcorder at startup. Instead it is called by other scripts. Approved by: re (network interface startup blanket) END K 10 svn:author V 4 bmah K 8 svn:date V 27 2005-06-30T18:17:09.000000Z K 7 svn:log V 101 New release notes: SA-05:13.ipfw, SA-05:14.bzip2, SA-05:15.tcp. Approved by: re (blanket relnotes) END K 10 svn:author V 4 bmah K 8 svn:date V 27 2005-06-30T18:40:37.000000Z K 7 svn:log V 209 MFC: SA-05:10.tcpdump, SA-05:11.gzip, SA-05:13.ipfw, SA-05:14.bzip2, SA-05:15.tcp. (Basically make sure all applicable security advisories are listed.) While here, also add a missing word in autoboot note. END K 10 svn:author V 4 bmah K 8 svn:date V 27 2005-06-30T18:41:55.000000Z K 7 svn:log V 88 MFC: SA-05:11.gzip, SA-05:14.bzip2, SA-05:15.tcp. (General security advisory resync.) END K 10 svn:author V 6 jkoshy K 8 svn:date V 27 2005-06-30T19:01:26.000000Z K 7 svn:log V 1095 MFP4: - pmcstat(8) gprof output mode fixes: lib/libpmc/pmclog.{c,h}, sys/sys/pmclog.h: + Add a 'is_usermode' field to the PMCLOG_PCSAMPLE event + Add an 'entryaddr' field to the PMCLOG_PROCEXEC event, so that pmcstat(8) can determine where the runtime loader /libexec/ld-elf.so.1 is getting loaded. sys/kern/kern_exec.c: + Use a local struct to group the entry address of the image being exec()'ed and the process credential changed flag to the exec handling hook inside hwpmc(4). usr.sbin/pmcstat/*: + Support "-k kernelpath", "-D sampledir". + Implement the ELF bits of 'gmon.out' profile generation in a new file "pmcstat_log.c". Move all log related functions to this file. + Move local definitions and prototypes to "pmcstat.h" - Other bug fixes: + lib/libpmc/pmclog.c: correctly handle EOF in pmclog_read(). + sys/dev/hwpmc_mod.c: unconditionally log a PROCEXIT event to all attached PMCs when a process exits. + sys/sys/pmc.h: correct a function prototype. + Improve usage checks in pmcstat(8). Approved by: re (blanket hwpmc) END K 10 svn:author V 4 bmah K 8 svn:date V 27 2005-06-30T19:39:45.000000Z K 7 svn:log V 76 List new security advisories: SA-05:13.ipfw, SA-05:14.bzip2, SA-05:15.tcp. END K 10 svn:author V 3 pjd K 8 svn:date V 27 2005-07-01T00:30:50.000000Z K 7 svn:log V 89 MFC: kern_ktrace.c 1.100,1.101 Fix information leaks from ktrace(2). OK'ed by: rwatson END K 10 svn:author V 3 imp K 8 svn:date V 27 2005-07-01T03:40:28.000000Z K 7 svn:log V 1105 Add a much-requested feature: The ability for pccard attachments to scan the CIS for interesting tuples. 95% of what can be obtained from the CIS is harvested by the pccard layer and presented to the user in standard function calls. However, there are special needs at times where the standard stuff doesn't suffice. This is for those special cases. CARD_SCAN_CIS(device_get_parent(dev), function, argp) scans the CIS of the card, passing each tuple to function with the tuple and argp as its arguments. Returning 0 continues the scan, while returning 1 terminates the scan. The value of the last invocation of function is returned from this function. int (*pccard_scan_t)(struct pccard_tuple *tuple, void *argp) function called for each tuple. Elements of the CIS tuple can be read with pccard_tuple_read_{1,2,3,4,n}(). You are reading the actual tuple memory each time, in case your card has registers in the CIS. # I suppose these things should be documented in pccard(4) or something like # that. # I plan on unifying cardbus CIS support in a similar way. Approved by: re (scottl) END K 10 svn:author V 6 jkoshy K 8 svn:date V 27 2005-07-01T03:45:01.000000Z K 7 svn:log V 83 Unbreak tinderbox builds. Remove a debug printf. Approved by: re (blanket hwpmc) END K 10 svn:author V 6 jkoshy K 8 svn:date V 27 2005-07-01T03:50:30.000000Z K 7 svn:log V 284 Add examples illustrating how to record system-wide profiles and how to convert these to gprof(1) flat profiles. Augment description for the '-g' option. Remove superfluous quotes around a macro argument, bump document date [1]. Reminded by: ru [1] Approved by: re (blanket hwpmc) END K 10 svn:author V 7 yongari K 8 svn:date V 27 2005-07-01T04:12:42.000000Z K 7 svn:log V 120 Use correct pointer type. This should fix non-functional re(4) driver on 64bit architectures. Approved by: re (scottl) END K 10 svn:author V 3 imp K 8 svn:date V 27 2005-07-01T04:23:32.000000Z K 7 svn:log V 1516 Minor cleanup of ep driver and pccard attachment: o Grab the MAC address out of the CIS if the card has the special 3Com 0x88 tuple. Most 3Com cards don't have this tuple, but we prefer it to the eeprom since it only appears to be present when the eeprom doesn't have the info. So far, I've only observed this on my 3C362 and 3C362B cards, but the NetBSD driver implies that the 3C362C also has this tuple, and that some 3C574 cards do too (none of mine do). ep_pccard_mac was written after looking at the NetBSD code. o Store the enet addr in the softc for this device, so we can use the overridden MAC to set the station address. o Create a routine to set the station address and use it where we need it. o setup the cmd shitfs and such before we call ep_alloc(), and remove setting up the cmd shift value there. It initializes to 0, and those attachments that need to frob it do so before calling ep_alloc. o Remove some obsolete comments o No longer a need to export ep_get_macaddr, so make it static o ep_alloc already grabs the EEPROM id, so we don't need to grab it again in ep_pccard_attach. o eliminate unit, it isn't needed, fix some printfs to be device_printf instead. # All my pccards except the 3C1 work now. Didn't test ISA or cbus cards # that I have: 3C509B-TP or 3C569B-J-TPO Tested on: 3C589B, 3C589C, 3C589D, 3C589D-TP, 3C562, 3C562B/3C563B, 3C562D/3C563D, 3CCFE574BT, 3CXEM556, 3CCSH572BT, 3C574-TX, 3CCE589EC, 3CXE589EC, 3CCFEM556, 3C1 Approved by: re (scottl) END K 10 svn:author V 3 imp K 8 svn:date V 27 2005-07-01T05:28:55.000000Z K 7 svn:log V 147 Update the diagnostics section with all the messages from the driver as of this date. Bump the date as well. Approved by: re (scottl) blanket ep END K 10 svn:author V 3 imp K 8 svn:date V 27 2005-07-01T05:31:23.000000Z K 7 svn:log V 91 Make a pass and cleanup the printfs from this driver. Approved by: re (scottl) blanket ep END K 10 svn:author V 7 glebius K 8 svn:date V 27 2005-07-01T08:22:13.000000Z K 7 svn:log V 244 When doing ARP load balancing source IP is taken in network byte order, so residue of division for all hosts on net is the same, and thus only one VHID answers. Change source IP in host byte order. Reviewed by: mlaier Approved by: re (scottl) END K 10 svn:author V 8 cperciva K 8 svn:date V 27 2005-07-01T09:51:10.000000Z K 7 svn:log V 89 Document some limitations of uid/gid rules. Approved by: re (rwatson) MFC after: 3 days END K 10 svn:author V 8 cperciva K 8 svn:date V 27 2005-07-01T10:04:33.000000Z K 7 svn:log V 192 Bump document date. Remove EOL whitespace introduced in previous commit. Start new line at sentence break in previous commit. Approved by: re (implicit, fixing a commit made 5 minutes ago) END K 10 svn:author V 5 harti K 8 svn:date V 27 2005-07-01T10:45:02.000000Z K 7 svn:log V 221 Fix another fallout from the ifnet change that assumed that a softc starts with an ifatm which in turns has an ifnet. Remove also a couple of unneccessary casts that could hide such things in the future. Approved by: re END K 10 svn:author V 3 des K 8 svn:date V 27 2005-07-01T15:12:09.000000Z K 7 svn:log V 133 Add an entry about absolute PAM module paths, backdated to when the change happened. Submitted by: rwatson Approved by: re (scottl) END K 10 svn:author V 6 avatar K 8 svn:date V 27 2005-07-01T15:21:30.000000Z K 7 svn:log V 509 - Providing fine-grained malloc statistic by replacing M_DEVBUF with module-specific malloc types. These should help us to pinpoint the possible memory leakage in the future. - Implementing xpt_alloc_ccb_nowait() and replacing all malloc/free based CCB memory management with xpt_alloc_ccb[_nowait]/xpt_free_ccb. Hopefully this would be helpful if someday we move the CCB allocator to use UMA instead of malloc(). Encouraged by: jeffr, rwatson Reviewed by: gibbs, scottl Approved by: re (scottl) END K 10 svn:author V 7 glebius K 8 svn:date V 27 2005-07-01T15:22:47.000000Z K 7 svn:log V 345 Use m_uiotombuf() instead of own implementation. This is not just a cosmetic change. m_uiotombuf() produces a packet header mbuf, while original implementation did not. When kernel is compiled with MAC support, headerless mbuf will cause panic. Reported by: Alexander Nikiforenko Approved by: re (scottl) MFC After: 2 weeks END K 10 svn:author V 3 phk K 8 svn:date V 27 2005-07-01T15:33:08.000000Z K 7 svn:log V 205 Remove the NQNFS paper. We removed the corresponding code long time ago and the historically interested can find this paper in the cvs repo, there is no point in installing it any more. Approved by: re@ END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-07-01T15:43:09.000000Z K 7 svn:log V 332 Fix what(1) on kernel binaries by duplicating part of version[] in sccs[] and stop trying to play cute games so that sccs[] shares space with version[]. Reported by: Jilles Tjoelker jilles at stack dot nl Discussed with: bde, "R. Imura" imura at ryu16 dot org Idea from: NetBSD (via bde) Approved by: re (scottl) MFC after: 1 week END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-07-01T15:47:27.000000Z K 7 svn:log V 330 Use a simpler implementation for the i8254 timecounter when using the lapic timer since irq0 isn't being driven at hz in that case and we don't need to try to handle edge cases with rollover, etc. that require irq0 to be firing for the timecounter to actually work. Submitted by: phk Tested by: schweikh Approved by: re (scottl) END K 10 svn:author V 3 jhb K 8 svn:date V 27 2005-07-01T15:49:52.000000Z K 7 svn:log V 302 Up the count of busses supported by usbd(8) from 4 to 40. With the advent of USB2 "duplicate" psuedo busses, it is not at all uncommon for machines to have more than 4 USB busses nowadays. PR: bin/81533 Submitted by: Darren Pilgrim dmp at bitfreak dot org Approved by: re (scottl) MFC after: 1 week END K 10 svn:author V 3 imp K 8 svn:date V 27 2005-07-01T15:52:50.000000Z K 7 svn:log V 184 Upon relection, we shouldn't allow the tuple structs to be modified by the functor, so make it a const pointer, and chase down the resulting const-poisoning. Approved by: re (scottl) END K 10 svn:author V 8 ssouhlal K 8 svn:date V 27 2005-07-01T16:28:32.000000Z K 7 svn:log V 675 Fix the recent panics/LORs/hangs created by my kqueue commit by: - Introducing the possibility of using locks different than mutexes for the knlist locking. In order to do this, we add three arguments to knlist_init() to specify the functions to use to lock, unlock and check if the lock is owned. If these arguments are NULL, we assume mtx_lock, mtx_unlock and mtx_owned, respectively. - Using the vnode lock for the knlist locking, when doing kqueue operations on a vnode. This way, we don't have to lock the vnode while holding a mutex, in filt_vfsread. Reviewed by: jmg Approved by: re (scottl), scottl (mentor override) Pointyhat to: ssouhlal Will be happy: everyone END K 10 svn:author V 7 stefanf K 8 svn:date V 27 2005-07-01T16:55:50.000000Z K 7 svn:log V 39 MFC 1.7: Add _Qp_cmp() and _Qp_cmpe(). END K 10 svn:author V 8 ssouhlal K 8 svn:date V 27 2005-07-01T17:13:59.000000Z K 7 svn:log V 143 Mistakingly undefined VN_KNOTE_LOCKED in my previous commit. Noticed by: Antoine Brodin Approved by: re (scottl) END K 10 svn:author V 5 peter K 8 svn:date V 27 2005-07-01T20:13:19.000000Z K 7 svn:log V 90 MFi386: r1.221: use simple timecounter that is aware of irq0 being off. Approved by: re END K 10 svn:author V 2 ps K 8 svn:date V 27 2005-07-01T22:52:46.000000Z K 7 svn:log V 478 Fix for a SACK crash caused by a bug in tcp_reass(). tcp_reass() does not clear tlen and frees the mbuf (leaving th pointing at freed memory), if the data segment is a complete duplicate. This change works around that bug. A fix for the tcp_reass() bug will appear later (that bug is benign for now, as neither th nor tlen is referenced in tcp_input() after the call to tcp_reass()). Found by: Pawel Jakub Dawidek. Submitted by: Raja Mukerji, Noritoshi Demizu. Approved by: re END K 10 svn:author V 2 ps K 8 svn:date V 27 2005-07-01T22:54:18.000000Z K 7 svn:log V 359 Fix for a bug in the change that defers sack option processing until after PAWS checks. The symptom of this is an inconsistency in the cached sack state, caused by the fact that the sack scoreboard was not being updated for an ACK handled in the header prediction path. Found by: Andrey Chernov. Submitted by: Noritoshi Demizu, Raja Mukerji. Approved by: re END K 10 svn:author V 6 scottl K 8 svn:date V 27 2005-07-02T05:49:29.000000Z K 7 svn:log V 124 Fix the alpha build by using the correct argument types for _kvm_kvatop(). Submitted by: marcel Approved by: re (implicit) END K 10 svn:author V 8 truckman K 8 svn:date V 27 2005-07-02T07:22:12.000000Z K 7 svn:log V 327 Populate /R/ftp/ports explicitly and copy this to /R/cdrom/disc1/ports instead of attempting the reverse, because the ftp.1 target is executed before the cdrom.1 target, which is optional. This has been broken ever since the order of the targets was swapped and cdrom.1 was made optional, which happened a very long time ago. END K 10 svn:author V 5 maxim K 8 svn:date V 27 2005-07-02T08:29:27.000000Z K 7 svn:log V 67 Merge SA-05:14.bzip2 and SA-05:15.tcp. Approved by: so (cperciva) END K 10 svn:author V 8 dannyboy K 8 svn:date V 27 2005-07-02T19:51:11.000000Z K 7 svn:log V 151 Add a missing ** to the 'command' command. PR: 79877 Submitted by: Kazuaki Oda Reviewed by: ru Approved by: re MFC after: 1 day END K 10 svn:author V 6 marcel K 8 svn:date V 27 2005-07-02T19:57:31.000000Z K 7 svn:log V 914 Fix a buglet that was present in the ia64 code and that got inherited by amd64 and i386: For buffered writes we collect data and write it out a ${DEV_BSIZE}-sized block at a time. The fragsz variable is used to keep track of how much data we have collected in the buffer so far and it's reset to zero immediately after writing a block to the dump device. When the last, possibly partially filled buffer is flushed, we didn't reset fragsz to 0 and as such would stop reflecting reality. Since we currently only need to do buffered writes once, this isn't a problem. However, when kernel dumps are made by hand (say by callling doadump from within DDB), the improperly cleared state from the first call to dumpsys causes the next call to dumpsys to create an invalid code file. This change resets fragsz after flushing the partially filled buffer so that it fixes the two problems at once. Approved by: re (scottl) END K 10 svn:author V 7 delphij K 8 svn:date V 27 2005-07-02T20:06:44.000000Z K 7 svn:log V 903 Remove the CPU_ENABLE_SSE option from the i386 and pc98 architectures, as they are already default for I686_CPU for almost 3 years, and CPU_DISABLE_SSE always disables it. On the other hand, CPU_ENABLE_SSE does not work for I486_CPU and I586_CPU. This commit has: - Removed the option from conf/options.* - Removed the option and comments from MD NOTES files - Simplified the CPU_ENABLE_SSE ifdef's so they don't deal with CPU_ENABLE_SSE from kernel configuration. (*) For most users, this commit should be largely no-op. If you used to place CPU_ENABLE_SSE into your kernel configuration for some reason, it is time to remove it. (*) The ifdef's of CPU_ENABLE_SSE are not removed at this point, since we need to change it to !defined(CPU_DISABLE_SSE) && defined(I686_CPU), not just !defined(CPU_DISABLE_SSE), if we really want to do so. Discussed on: -arch Approved by: re (scottl) END K 10 svn:author V 7 delphij K 8 svn:date V 27 2005-07-02T20:14:18.000000Z K 7 svn:log V 200 MFC revision 1.52 date: 2005/06/28 02:23:56; author: delphij; state: Exp; lines: +1 -1 Correct a comment in ucred.h. Submitted by: Wojciech A. Koszek PR: kern/82708 END K 10 svn:author V 6 dwhite K 8 svn:date V 27 2005-07-02T22:34:22.000000Z K 7 svn:log V 71 Don't ask about CD numbers if not installing from CD. Approved by: re END K 10 svn:author V 7 thompsa K 8 svn:date V 27 2005-07-02T23:13:31.000000Z K 7 svn:log V 638 Check the alignment of the IP header before passing the packet up to the packet filter. This would cause a panic on architectures that require strict alignment such as sparc64 (tier1) and ia64/ppc (tier2). This adds two new macros that check the alignment, these are compile time dependent on __NO_STRICT_ALIGNMENT which is set for i386 and amd64 where alignment isn't need so the cost is avoided. IP_HDR_ALIGNED_P() IP6_HDR_ALIGNED_P() Move bridge_ip_checkbasic()/bridge_ip6_checkbasic() up so that the alignment is checked for ipfw and dummynet too. PR: ia64/81284 Obtained from: NetBSD Approved by: re (dwhite), mlaier (mentor) END