ı81000 201 108 127 108 124 154 141 119 108 124 123 140 146 108 128 203 373 138 216 108 158 1400 437 108 2047 708 200 333 204 331 423 258 319 271 182 192 331 173 267 176 181 262 112 115 268 317 158 392 259 164 215 225 117 135 195 513 149 185 162 250 173 158 146 178 149 160 240 159 164 262 404 471 265 175 156 182 137 422 118 136 366 300 197 148 129 281 153 335 223 283 466 263 247 214 206 169 174 249 102 144 184 147 114 107 163 263 210 387 983 245 409 249 246 204 250 889 304 295 158 130 308 191 292 154 354 240 168 1482 501 192 233 218 168 370 1078 399 166 254 148 137 145 110 135 134 193 255 233 173 223 287 109 170 457 158 577 389 243 248 342 169 159 142 174 135 173 1019 668 263 155 248 109 1144 1061 298 338 165 197 218 250 208 138 209 180 117 274 224 142 299 217 134 406 115 107 143 503 138 128 911 128 117 298 220 K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T00:59:28.000000Z K 7 svn:log V 13 MFC: WARNS=2 END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:01:05.000000Z K 7 svn:log V 32 MFC: update to Binutils 2.11.2. END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:07:27.000000Z K 7 svn:log V 13 MFC: WARNS=2 END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:09:06.000000Z K 7 svn:log V 29 MFC: build+install docs too. END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:11:13.000000Z K 7 svn:log V 59 MFC: Mention _POSIX_SOURCE feature test macro in man page. END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:12:55.000000Z K 7 svn:log V 46 MFC: rev 1.4 /usr/libexec/cpp -> /usr/bin/cpp END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:14:24.000000Z K 7 svn:log V 24 MFC: sync with -current END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:15:51.000000Z K 7 svn:log V 13 MFC: WARNS=2 END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:18:09.000000Z K 7 svn:log V 29 MFC: reduce diff to -current END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:21:20.000000Z K 7 svn:log V 28 MFC: sync style to -current END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:27:12.000000Z K 7 svn:log V 45 MFC: rev 1.12 (replace xmalloc with realloc) END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:32:17.000000Z K 7 svn:log V 51 MFC: rev 1.17 (yyerror() is a printflike function) END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:33:29.000000Z K 7 svn:log V 13 MFC: WARNS=2 END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:34:19.000000Z K 7 svn:log V 33 MFC: rev 1.6 (emalloc -> calloc) END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:44:09.000000Z K 7 svn:log V 107 MFC: rev 1.39 (syslogd(8) requires logs files to be created before it will logging to them) END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:45:45.000000Z K 7 svn:log V 277 MFC: o Integrate security enhancements from OpenBSD. o Integrate standards compliance from NetBSD. o Remove some FreeBSD specific access(2) cruft o Document the fact that two or more instances of nohup can append to the same file. o Constify; Staticize functions; Set WARNS?=2 END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:47:19.000000Z K 7 svn:log V 43 MFC: rev 1.20 (remove namespace pollution) END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:48:22.000000Z K 7 svn:log V 120 MFC: Prevent chpass(1) from writing -1 in the UID or GID fields in the password file by properly casting integers. END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T01:49:44.000000Z K 7 svn:log V 13 MFC: WARNS=2 END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T02:17:16.000000Z K 7 svn:log V 63 MFC: as many compiler warning quieting bits as I could stomach END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-02T02:19:56.000000Z K 7 svn:log V 1302 Default to disabling all inetd.conf entries, in particular, telnetd and ftpd. This more conservative default reduces the exposure of freshly installed machines, which is especially valuable for machines that receive minimal further configuration before being put into production. Generally speaking, SSH has superseded the use of both telnet and ftp in many environments. In light of recent remotely exploitable security holes in both telnetd and ftpd, this choice retains flexibility (both telnetd and ftpd daemons remain installed and easily enableable) while protecting users who don't need the additional risk. This change brings our configuration into line with the majority of other UNIX vendors, including OpenBSD and NetBSD. To address the concerns of those requiring remote access via telnet from first install, changes will shortly be committed to sysinstall to provide the ability to edit inetd.conf during the installation process, allowing telnetd and ftp to be re-enabled during the installation process. While I'm at it, slightly improve commenting for inetd.conf so that it's more clear to users how to enable and disable services. Further commenting to indicate the functions of various columns would probably also be useful. Reviewed by: imp, chris, jake, nate, -arch, -stable END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T02:21:24.000000Z K 7 svn:log V 341 MFC: whois.c rev 1.19-1.23 (reduce duplicated code, quiet warnings, implement recursive IP address searches based results of query to ARIN) whois.1 rev 1.19-1.20 (grammar cleanup, implement recursive IP address searches based results of query to ARIN) Makefile rev 1.4 (WARNS=2) END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T02:25:58.000000Z K 7 svn:log V 13 MFC: WARNS=2 END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-02T03:25:16.000000Z K 7 svn:log V 1949 Compensate for default disabling of network services in inetd.conf(5) by providing the opportunity to edit inetd.conf during the system installation process. The following modifications were made: (1) Expand the Anonymous FTP description dialog to indicate that inetd and ftpd must be enabled before it can be used. (2) Introduce a new configInetd() pair of dialogs, the first describing inetd, giving a couple of examples of services that require it, and hinting at potential risk, then asking the user if they wish to enable it. The second indicates that inetd.conf must be configured to enabled specific services, and asks if the user would like to load inetd.conf into the editor to modify it. Add this configuration action to the index. There are some further improvements that might be considered: (1) Provide a more inetd.conf-specific configuration tool that speaks inetd.conf(5). However, this is made difficult by the "yet another configuration format" nature of inetd.conf, as well as its use of commenting to disable services, rather than an in-syntax way to disable a service without commenting it out. Submissions here would probably be welcome. (2) There's some overlap between settings in the somewhat obtuse Security Profile mechanism and other settings, including the inetd setting, and NFS server configuration. As features become individually tunable, they should probably be removed from the security profile mechanism. Otherwise, somewhat counter-intuitively, sysinstall (in practice) queries multiple times whether inetd, nfsd, etc, should be enabled/disabled. A possible future direction might be to drive profiles not by degree of paranoia, rather, the set of services desired. Or simply to remove the Security Profile mechanism and resort to feature-driven configuration. Reviewed by: imp, chris, jake, nate, -arch, -stable END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-02T03:53:36.000000Z K 7 svn:log V 611 Add the ability to modify /etc/ttys before first reboot during the system installation process. This allows users installing via serial console to enable serial console login during the installation process using an un-customized install. The user is not prompted to modify /etc/ttys during a normal install, but is offered the opportunity during post-install configuration. - Introduce configTTYs(), which describes the benefits of editing /etc/ttys, and asks for confirmation before spawning the editor. - add configTTYs to the post-install configuration, as well as to the global configuration index. END K 10 svn:author V 5 greid K 8 svn:date V 27 2001-08-02T04:25:06.000000Z K 7 svn:log V 105 Fix thinko: FORCE_PKG_RESIDENT -> FORCE_PKG_REGISTER Submitted by: Raymond Kohler END K 10 svn:author V 4 kris K 8 svn:date V 27 2001-08-02T05:12:19.000000Z K 7 svn:log V 239 Remove the setting of -Werror. The only consequence of setting -Werror by default when WARNS is enabled (the previous case) is a broken -stable build due to compiler/header/code differences between -current and -stable. Approved by: jkh END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2001-08-02T05:22:59.000000Z K 7 svn:log V 108 MFC 1.71: Oops- don't set 'goal' twice when you mean to set 'nvrm' as well. This breaks bogus NVRAM boards. END K 10 svn:author V 3 imp K 8 svn:date V 27 2001-08-02T07:06:32.000000Z K 7 svn:log V 238 Only try to allocated properly aligned I/O segments. This should stop some of the config problems that we've been seeing (where wi0 tries to allocate 0x138-0x198, for example). Use err(1,"foo") rather than perror + exit while I'm here. END K 10 svn:author V 6 alfred K 8 svn:date V 27 2001-08-02T07:54:58.000000Z K 7 svn:log V 327 Fixups for the initial allocation by dillon: 1) allocate fewer buckets 2) when failing to allocate swap zone, keep reducing the zone by a third rather than a half in order to reduce the chance of allocating way too little. I also moved around some code for readability. Suggested by: dillon Reviewed by: dillon END K 10 svn:author V 6 yokota K 8 svn:date V 27 2001-08-02T08:30:40.000000Z K 7 svn:log V 162 Refine cursor type/shape control escape sequences and ioctls. We can now add ve, vi and vs capabilities to cons25 in termcap. Discussed with and tested by: ache END K 10 svn:author V 8 sheldonh K 8 svn:date V 27 2001-08-02T09:22:18.000000Z K 7 svn:log V 221 When building a debugging kernel with modules, build modules with debugging support as well. Debugging module support is handled identically to kernel debugging support, right down to poor choice of make variable names. END K 10 svn:author V 5 brian K 8 svn:date V 27 2001-08-02T09:28:31.000000Z K 7 svn:log V 176 Pack struct uniqtag declarations to stop our data field from being pushed 4 bytes to the right on the alpha. Tested by: Thomas Pornin MFC after: 1 week END K 10 svn:author V 5 brian K 8 svn:date V 27 2001-08-02T10:16:32.000000Z K 7 svn:log V 88 Add a ``nat punch_fw'' command for punching FTP and IRC DCC holes through the firewall. END K 10 svn:author V 5 brian K 8 svn:date V 27 2001-08-02T10:16:58.000000Z K 7 svn:log V 98 MFC: Add a ``nat punch_fw'' command for punching FTP and IRC DCC holes through the firewall. END K 10 svn:author V 7 sobomax K 8 svn:date V 27 2001-08-02T10:19:13.000000Z K 7 svn:log V 234 - Deny detaching requests until device is still open, otherwise it is possible to hang or panic kernel by detaching disk from which fs is mounted; - replace "md" with MD_NAME in yet another place. Reviewed by: phk Approved by: phk END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-02T10:35:41.000000Z K 7 svn:log V 79 Repair the get/set UID() stuff so this works in both su(1) and login(1) modes. END K 10 svn:author V 8 sheldonh K 8 svn:date V 27 2001-08-02T10:56:59.000000Z K 7 svn:log V 169 When building a debugging kernel with modules, build modules with debugging support as well. This relies on support added in rev 1.105 to kmod.mk. Requested by: peter END K 10 svn:author V 6 yokota K 8 svn:date V 27 2001-08-02T11:17:38.000000Z K 7 svn:log V 81 Add some definitions. Their actual support will be added to video drivers later. END K 10 svn:author V 6 yokota K 8 svn:date V 27 2001-08-02T11:26:30.000000Z K 7 svn:log V 86 Add FBIO_BLANK ioctl support. Return ENODEV for yet-to-be- supported ioctls for now. END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-02T12:08:10.000000Z K 7 svn:log V 170 Note MFC or Binutils 2.11.2 (what we have is close enough to that version that there's no need to talk about the snapshot business; all it would do is serve to confuse). END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-02T12:08:18.000000Z K 7 svn:log V 21 MFC: binutils 2.11.2 END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-02T12:10:21.000000Z K 7 svn:log V 24 This is 4.4-PRERELEASE. END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-02T12:16:17.000000Z K 7 svn:log V 176 When talking about new versions, use the word "updated" instead of "upgraded" for consistency. Prior to this commit, 9 of the entires used the latter, and 51 used the former. END K 10 svn:author V 7 sobomax K 8 svn:date V 27 2001-08-02T12:19:32.000000Z K 7 svn:log V 220 When there is a file that can't be deleted due to checksum mismatch print name of that file to stdout to simplify debugging. IMO it was a mistake to print this warning only when `verbose' mode is on. MFC after: 1 month END K 10 svn:author V 3 yar K 8 svn:date V 27 2001-08-02T12:38:23.000000Z K 7 svn:log V 66 Document the deprecated `-w' option in the COMPATIBILITY section. END K 10 svn:author V 7 sobomax K 8 svn:date V 27 2001-08-02T12:38:29.000000Z K 7 svn:log V 295 Usability tweak: Use '' quotes instead of `' to delimit names of files and packages in warning and error messages, because it is easier to cut-n-paste name in question that way (single click) without confusing the shell. And yes, I know that it is less eye-candy... MFC after: 1 month END K 10 svn:author V 8 dwmalone K 8 svn:date V 27 2001-08-02T12:55:37.000000Z K 7 svn:log V 161 Remove duplicate ufsd entry. This seems to go back to the Sun's version of the file. PR: 29386 Submitted by: Andre Albsmeier END K 10 svn:author V 7 sobomax K 8 svn:date V 27 2001-08-02T13:08:43.000000Z K 7 svn:log V 68 Cosmetics: kill blank lines at the end of file. MFC after: 1 month END K 10 svn:author V 7 sobomax K 8 svn:date V 27 2001-08-02T13:13:06.000000Z K 7 svn:log V 118 Cosmetics: replace dozen instances of "(tmp = getenv(PKG_DBDIR) ? tmp : DEF_LOG_DIR)" with macro. MFC after: 1 month END K 10 svn:author V 6 yokota K 8 svn:date V 27 2001-08-02T13:22:33.000000Z K 7 svn:log V 129 Use #ifdef DEV_SPLASH (from opt_splash.h) rather than #if NSPLASH > 0 (from splash.h) to test the presence of the splash driver. END K 10 svn:author V 6 yokota K 8 svn:date V 27 2001-08-02T13:23:17.000000Z K 7 svn:log V 22 Include opt_splash.h. END K 10 svn:author V 2 cg K 8 svn:date V 27 2001-08-02T14:50:59.000000Z K 7 svn:log V 44 fix memory leak on unload Approved by: jkh END K 10 svn:author V 2 cg K 8 svn:date V 27 2001-08-02T14:55:19.000000Z K 7 svn:log V 103 release resources on detach Submitted by: "Christopher N . Harrell" Approved by: jkh END K 10 svn:author V 7 sobomax K 8 svn:date V 27 2001-08-02T15:47:03.000000Z K 7 svn:log V 416 Fix a cryptoless world by disconnecting libmp from the build when there is no crypto bits installed and/or NOCRYPTO/NO_OPENSSL is defined. This unfortunately meants that usr.bin/chkey, usr.bin/newkey and usr.sbin/keyserv have also to be disconnected. IMO it is merely a workaround, the proper solution is to move libmp to src/crypto where it belongs and use libgmp for the cryptoless builds instead. Missed by: dd END K 10 svn:author V 5 chris K 8 svn:date V 27 2001-08-02T15:55:22.000000Z K 7 svn:log V 55 MFC: Add vfs_unmountall(9) man page. Approved by: jkh END K 10 svn:author V 4 ache K 8 svn:date V 27 2001-08-02T16:36:21.000000Z K 7 svn:log V 92 Allow configTtys() be called several times - set VAR_CONSTERM to "NO" after operation done. END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2001-08-02T16:57:30.000000Z K 7 svn:log V 67 MFC 1.10: strongly recommend that ispfw be used. Approved by: jkh END K 10 svn:author V 3 jon K 8 svn:date V 27 2001-08-02T18:20:27.000000Z K 7 svn:log V 157 fix for pkg_add to symlinked prefix directories that are more than 1 link deep. PR: bin/28274 Submitted by: John Hein MFC after: 1 month END K 10 svn:author V 7 sobomax K 8 svn:date V 27 2001-08-02T18:21:48.000000Z K 7 svn:log V 77 exists(../../crypto) --> exists(${.CURDIR}/../../crypto) MFC after: 1 month END K 10 svn:author V 5 greid K 8 svn:date V 27 2001-08-02T18:25:35.000000Z K 7 svn:log V 64 MFC: FORCE_PKG_RESIDENT -> FORCE_PKG_REGISTER Approved by: jkh END K 10 svn:author V 3 imp K 8 svn:date V 27 2001-08-02T18:51:38.000000Z K 7 svn:log V 54 Back out previous change. It appears to be premature END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-02T18:58:52.000000Z K 7 svn:log V 84 Add opieaccess(5) functionality under the INSECURE_OPIE .ifdef. Asked for by: ache END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-02T19:01:02.000000Z K 7 svn:log V 55 Don't try to make pam_ssh module if NO_OPENSSH is set. END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-02T19:04:20.000000Z K 7 svn:log V 66 With the S/KEY removal, this is no longer buildable or necessary. END K 10 svn:author V 3 jon K 8 svn:date V 27 2001-08-02T19:56:29.000000Z K 7 svn:log V 147 fix memory leak when error during opening of routing socket PR: kern/29336 Submitted by: Richard Andrades MFC after: 1 month END K 10 svn:author V 5 brian K 8 svn:date V 27 2001-08-02T20:12:48.000000Z K 7 svn:log V 65 The wrong-last-byte bug on win98 chap responses is also in winME END K 10 svn:author V 5 brian K 8 svn:date V 27 2001-08-02T20:13:11.000000Z K 7 svn:log V 70 MFC: The wrong-last-byte bug on win98 chap responses is also in winME END K 10 svn:author V 3 imp K 8 svn:date V 27 2001-08-02T20:35:35.000000Z K 7 svn:log V 169 Make the fmt arguments to make_dev and make_dev_alias const char *. Approved on IRC as long as it didn't cause a large number of warnings by: phk MFC After: 700 hours END K 10 svn:author V 7 iedowse K 8 svn:date V 27 2001-08-02T21:31:21.000000Z K 7 svn:log V 307 In getclnthandle(), if the address is found in the cache we need to strdup() the address string before returning it via *targaddr because the caller will free the string. Change the comment at the top of getclnthandle() to clarify that the caller is responsible for freeing *targaddr. Noticed by: sobomax END K 10 svn:author V 7 iedowse K 8 svn:date V 27 2001-08-02T21:46:21.000000Z K 7 svn:log V 374 Fix a few bugs, some of which I introduced in recent commits: - clean_mtab(): Actually use the strdup'd version of the host that we go to the trouble of creating. - do_umntall/do_umount: Don't return success if clnt_create() fails. Don't access a client pointer after it has been destroyed. Remember to destroy the authentication information we created. END K 10 svn:author V 5 greid K 8 svn:date V 27 2001-08-02T22:13:10.000000Z K 7 svn:log V 170 Set up the via_chinfo structures properly so we write to the correct registers later on; this fixes the VIA82C686 sound problems recently reported by a number of people. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2001-08-02T22:15:31.000000Z K 7 svn:log V 83 Use 'p' instead of the potentially more expensive 'curproc' inside of mi_switch(). END K 10 svn:author V 5 assar K 8 svn:date V 27 2001-08-02T22:34:17.000000Z K 7 svn:log V 62 MFC 1.4: Complete prototype for fts_compar. Approved by: jkh END K 10 svn:author V 5 assar K 8 svn:date V 27 2001-08-02T22:36:34.000000Z K 7 svn:log V 88 MFC 1.47: Build standard directory for kerberos 5 (Heimdal) database. Approved by: jkh END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T22:49:29.000000Z K 7 svn:log V 42 Update to version 3.36. Approved by: jkh END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-02T22:51:38.000000Z K 7 svn:log V 326 Update to version 3.36. This includes knowledge of the lh6 & lh7 "LHA" compression archive formats. There are also many improvements in supporting other formats such as Microsoft cabinet file (which is another popular archived format on Windows), some audio/video file formats including WAV, ASF and so on. Approved by: jkh END K 10 svn:author V 5 peter K 8 svn:date V 27 2001-08-02T23:54:23.000000Z K 7 svn:log V 24 Add a cosmetic comment. END K 10 svn:author V 5 peter K 8 svn:date V 27 2001-08-03T00:01:13.000000Z K 7 svn:log V 42 Move MKMODULESENV+= *after* MKMODULESENV= END K 10 svn:author V 5 peter K 8 svn:date V 27 2001-08-03T00:07:54.000000Z K 7 svn:log V 271 Further Makefile.* sync (from Makefile.ia64). The lint target has been commented out in the entire life of the 2.x+ branch and given the amount of gcc-specific code we have and the warning checks that gcc does I'm not sure that it is going to get us much for some time. END K 10 svn:author V 3 jon K 8 svn:date V 27 2001-08-03T00:23:37.000000Z K 7 svn:log V 207 Fixes file descriptor leak in standalone mode. Prevents simultaneous calls to updatestat() as function is not reentrant. PR: bin/24857 Submitted by: Martin Butkus MFC after: 1 month END K 10 svn:author V 6 archie K 8 svn:date V 27 2001-08-03T00:47:27.000000Z K 7 svn:log V 101 MFC: new netgraph node type for Ethernet bridging. (Somehow this MFC was forgotten for a long time.) END K 10 svn:author V 6 scottl K 8 svn:date V 27 2001-08-03T00:50:30.000000Z K 7 svn:log V 53 Reformat for 80 columns. Sorry, but I had to do it. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-03T01:00:41.000000Z K 7 svn:log V 36 Add an Elfhashelt type for sparc64. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-03T01:09:10.000000Z K 7 svn:log V 187 Add a Makefile, ldscript, and config magic for sparc64. This is tailored to build with a cross compiler alongside the standard compiler; it would be more desirable to build in a chroot. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-03T01:11:49.000000Z K 7 svn:log V 60 Define proc0paddr. Call init_param() as early as possible. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-03T01:21:24.000000Z K 7 svn:log V 241 Fix a bug translating virtual translation table entry addresses to physical addresses. It helps to use the physical address that the virtual address actually maps to (doh!). Comment out some code that crashes. Found independently by: tmm END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-03T01:27:15.000000Z K 7 svn:log V 129 Move some code related to managing pv entries from the pmap module to the pv module. It works now that vtophys for sttes works. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-03T03:31:45.000000Z K 7 svn:log V 189 Remove some code that appears to have endian problems with INVARIANTS. This is #if BIG_ENDIAN, but is only necessary if malloc types are shorts, not struct malloc_type * like they are now. END K 10 svn:author V 8 bmilekic K 8 svn:date V 27 2001-08-03T05:05:32.000000Z K 7 svn:log V 368 Rename mb_init() mbuf subsystem initialization routine to mbuf_init(), in order to avoid namespace collision with subr_mchain.c's mb_init(). This wasn't "fatal" as the mbuf initialization routine mb_init() was local to subr_mbuf.c which in turn didn't pull in subr_mchain.c's mb_init() declaration, but it should deffinately be changed now before it creates headache. END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-03T07:14:52.000000Z K 7 svn:log V 167 MFC: rev 1.3: one needs to introduce things with a `.file' directive before trying to do a .loc on it. BTW, the .loc needs to be in a .text section. Approved by: re END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-03T07:16:07.000000Z K 7 svn:log V 151 MFC: rev 1.10: one needs to introduce things with a `.file' directive before trying to do a .loc on it. BTW, the .loc needs to be in a .text section. END K 10 svn:author V 6 msmith K 8 svn:date V 27 2001-08-03T08:38:11.000000Z K 7 svn:log V 118 Move the resource pointer when we reallocate the buffer. Submitted by: "neckpain@nettaxi.com" END K 10 svn:author V 6 msmith K 8 svn:date V 27 2001-08-03T08:38:49.000000Z K 7 svn:log V 110 Shoud build resources in the _CRS buffer. Oops. Submitted by: "neckpain@nettaxi.com" END K 10 svn:author V 5 brian K 8 svn:date V 27 2001-08-03T09:28:21.000000Z K 7 svn:log V 75 Warn when a CHAP81 SUCCESS packet is invalid due to an incorrect S= value. END K 10 svn:author V 5 brian K 8 svn:date V 27 2001-08-03T09:28:43.000000Z K 7 svn:log V 80 MFC: Warn when a CHAP81 SUCCESS packet is invalid due to an incorrect S= value. END K 10 svn:author V 6 msmith K 8 svn:date V 27 2001-08-03T09:52:53.000000Z K 7 svn:log V 153 Reverse the logic here again with regards to "trusted" ACPI timer implementations. More of them seem to be broken, so only "trust" timers we know work. END K 10 svn:author V 2 tg K 8 svn:date V 27 2001-08-03T10:47:13.000000Z K 7 svn:log V 11 Sort SRCS. END K 10 svn:author V 2 tg K 8 svn:date V 27 2001-08-03T10:47:56.000000Z K 7 svn:log V 53 Fix warnings from `-Wmissing-prototypes'. Staticize. END K 10 svn:author V 8 sheldonh K 8 svn:date V 27 2001-08-03T11:31:39.000000Z K 7 svn:log V 87 Miscellaneous fixes. In particularly, the -h and -m flags were incorrectly described. END K 10 svn:author V 8 sheldonh K 8 svn:date V 27 2001-08-03T11:32:24.000000Z K 7 svn:log V 50 MFC rev 1.3: fix command line option descriptions END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-03T12:31:43.000000Z K 7 svn:log V 23 Note MFC of file 3.36. END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-03T12:31:57.000000Z K 7 svn:log V 16 MFC: file 3.36. END K 10 svn:author V 5 greid K 8 svn:date V 27 2001-08-03T12:40:13.000000Z K 7 svn:log V 69 MFC: Get the control registers the right way round Approved by: jkh END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-03T16:03:26.000000Z K 7 svn:log V 168 Revamp and diff-reduce the various secure telnets. Make sure that Kerberos5 has _a_ telnet (which is not currently K5 enabled). Incorporate BDE's static linking fixes. END K 10 svn:author V 8 gshapiro K 8 svn:date V 27 2001-08-03T16:22:47.000000Z K 7 svn:log V 112 Convert to using the same method of detecting the secure directory as other usr.sbin programs. Noted by: markm END K 10 svn:author V 6 fenner K 8 svn:date V 27 2001-08-03T16:51:53.000000Z K 7 svn:log V 291 Don't terminate the uiomove() loop on a zero-length mbuf. It's not particularly nice that IPSEC inserts a zero-length mbuf into the chain, and that bug should be fixed too, but interfaces should be robust to bad input. Print the interface name when TUNDEBUG()ing about dropping an mbuf. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-03T17:13:23.000000Z K 7 svn:log V 886 Prior to support for almost all ps activity via sysctl, ps used procfs, and so special-casing was introduced to provide extra procfs privilege to the kmem group. With the advent of non-setgid kmem ps, this code is no longer required, and in fact, can is potentially harmful as it allocates privilege to a gid that is increasingly less meaningful. Knowledge of specific gid's in kernel is also generally bad precedent, as the kernel security policy doesn't distinguish gid's specifically, only uid 0. This commit removes reference to kmem in procfs, both in terms of access control decisions, and the applying of gid kmem to the /proc/*/mem file, simplifying the associated code considerably. Processes are still permitted to access the mem file based on the debugging policy, so ps -e still works fine for normal processes and use. Reviewed by: tmm Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-03T17:15:40.000000Z K 7 svn:log V 148 Remove read permission for group on the /proc/*/mem file, since kmem no longer requires access. Reviewed by: tmm Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-03T17:20:34.000000Z K 7 svn:log V 312 Collapse a Pmem case in with the other debugging files case for procfs, as there are now "unusual" protection properties to Pmem that differ from the other files. While I'm at it, introduce proc locking for the other files, which was previously present only in the Pmem case. Obtained from: TrustedBSD Project END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-03T17:36:03.000000Z K 7 svn:log V 153 MFC: rev 1.5 introduce things with a `.file' directive before trying to do a .loc on it. BTW, the .loc needs to be in a .text section. Approved by: re END K 10 svn:author V 3 dcs K 8 svn:date V 27 2001-08-03T17:36:06.000000Z K 7 svn:log V 153 MFS: Avoid dropping fragments in the absence of an interface address. Noticed by: fenner Submitted by: iedowse Not committed to current by: iedowse ;-) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-03T17:51:05.000000Z K 7 svn:log V 107 Remove dangling prototype for the now defunct procfs_kmemaccess() call. Obtained from: TrustedBSD Project END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-03T18:01:29.000000Z K 7 svn:log V 154 MFC: rev 1.4: introduce things with a `.file' directive before trying to do a .loc on it. BTW, the .loc needs to be in a .text section. Approved by: re END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-03T18:21:06.000000Z K 7 svn:log V 792 Anton kindly pointed out (and fixed) a bug in the Jail handling of the bind() call on IPv4 sockets: Currently, if one tries to bind a socket using INADDR_LOOPBACK inside a jail, it will fail because prison_ip() does not take this possibility into account. On the other hand, when one tries to connect(), for example, to localhost, prison_remote_ip() will silently convert INADDR_LOOPBACK to the jail's IP address. Therefore, it is desirable to make bind() to do this implicit conversion as well. Apart from this, the patch also replaces 0x7f000001 in prison_remote_ip() to a more correct INADDR_LOOPBACK. This is a 4.4-RELEASE "during the freeze, thanks" MFC candidate. Submitted by: Anton Berezin Discussed with at some point: phk MFC after: 3 days END K 10 svn:author V 3 ume K 8 svn:date V 27 2001-08-03T19:10:31.000000Z K 7 svn:log V 211 When global anycast address was assigned to lo0, wrong source address was selected. Reported by: Shingo WATANABE Submitted by: JINMEI Tatuya MFC after: 3 days END K 10 svn:author V 8 gshapiro K 8 svn:date V 27 2001-08-03T20:51:50.000000Z K 7 svn:log V 197 MFC: 1.33: Perform a major cleanup of the usr.sbin Makefiles. MFC: 1.34: Convert to using the same method of detecting the secure directory as other usr.sbin programs. Approved by: jkh END K 10 svn:author V 3 jhb K 8 svn:date V 27 2001-08-03T20:54:41.000000Z K 7 svn:log V 66 Add KTR_INTR tracepoints for when clock interrupts are triggered. END K 10 svn:author V 3 bde K 8 svn:date V 27 2001-08-03T21:45:54.000000Z K 7 svn:log V 38 Don't clobber the default for CFLAGS. END K 10 svn:author V 3 bde K 8 svn:date V 27 2001-08-03T22:28:25.000000Z K 7 svn:log V 215 Link to libcipher in the usual way. `bdes' depended on a nonexistent library. This only worked because of the undocmented feature of make(1) that targets named foo.a are always up to date. Fixed some style bugs. END K 10 svn:author V 5 mikeh K 8 svn:date V 27 2001-08-04T01:27:00.000000Z K 7 svn:log V 97 MFC: 1.2: Document the -p option. Left out of previous MFC. Approved by: jkh Noticed by: obrien END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-04T01:51:22.000000Z K 7 svn:log V 196 MFC: rev 1.576: remove /boot/boot[12] from the MFS installation floppies. This saves us 8KB. Approved by: liberal interpretation of JHK's "Any ideas of what else to trim?" email. END K 10 svn:author V 3 imp K 8 svn:date V 27 2001-08-04T05:27:52.000000Z K 7 svn:log V 62 Kill debug output for sn device. It is confusing the natives END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-04T05:45:52.000000Z K 7 svn:log V 258 `kgzip' the loader in the x86 case. (too bad kgzip won't build on the Alpha) PR: 29272 Submitted by: Adrian Steinmann Approved by: liberal interpretation of JHK's "Feh, we're still out of space. Any ideas of what else to trim?" email. END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-04T09:19:31.000000Z K 7 svn:log V 145 Fix the bug where this modulke was not checking the priamry GID, only the GIDS in /etc/group or NIS's group map. Tested by: sheldonh PR: 29349 END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-04T13:12:24.000000Z K 7 svn:log V 72 Whitespace and style(9) diff reduction with -CURRENT. Approved by: jkh END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2001-08-04T16:06:44.000000Z K 7 svn:log V 1384 MFC of inetd.conf 1.49: Default to disabling all inetd.conf entries, in particular, telnetd and ftpd. This more conservative default reduces the exposure of freshly installed machines, which is especially valuable for machines that receive minimal further configuration before being put into production. Generally speaking, SSH has superseded the use of both telnet and ftp in many environments. In light of recent remotely exploitable security holes in both telnetd and ftpd, this choice retains flexibility (both telnetd and ftpd daemons remain installed and easily enableable) while protecting users who don't need the additional risk. This change brings our configuration into line with the majority of other UNIX vendors, including OpenBSD and NetBSD. To address the concerns of those requiring remote access via telnet from first install, changes will shortly be committed to sysinstall to provide the ability to edit inetd.conf during the installation process, allowing telnetd and ftp to be re-enabled during the installation process. While I'm at it, slightly improve commenting for inetd.conf so that it's more clear to users how to enable and disable services. Further commenting to indicate the functions of various columns would probably also be useful. Reviewed by: imp, chris, jake, nate, -arch, -stable Approved: jkh END K 10 svn:author V 3 ume K 8 svn:date V 27 2001-08-04T17:10:14.000000Z K 7 svn:log V 408 When running aplication joined multicast address, removing network card, and kill aplication. imo_membership[].inm_ifp refer interface pointer after removing interface. When kill aplication, release socket,and imo_membership. imo_membership use already not exist interface pointer. Then, kernel panic. PR: 29345 Submitted by: Inoue Yuichi Obtained from: KAME MFC after: 3 days END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-04T17:53:57.000000Z K 7 svn:log V 97 Sort the Alpha section the same way as -current so I can more easily find new things to cut out. END K 10 svn:author V 3 tmm K 8 svn:date V 27 2001-08-04T18:02:47.000000Z K 7 svn:log V 140 Export the head structure for the device statistics STAILQ in sys/devicestat.h, so that the queue can be walked in crashdumps using libkvm. END K 10 svn:author V 3 tmm K 8 svn:date V 27 2001-08-04T18:09:24.000000Z K 7 svn:log V 125 Export the tk_nin and tk_nout variables (number of tty input/output characters) as sysctls (kern.tty_nin and kern.tty_nout). END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-04T18:09:37.000000Z K 7 svn:log V 73 Sync ordering with -current so I can more easily find things to cut out. END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-04T18:22:08.000000Z K 7 svn:log V 274 MFC: rev 1.49 (partial) + Build with `lint' defined to cut out some of the `rcsid's (binaries' code only, the libs will still have the `rcsid's in them). + The Alpha install does not support SLIP, PCCARD or USB installs; so we do not need the associated userland utils. END K 10 svn:author V 3 tmm K 8 svn:date V 27 2001-08-04T18:25:48.000000Z K 7 svn:log V 985 Add some features to libdevstat, and overhaul the interface a bit: 1.) prefix all functions in the library with devstat_ (compatability functions are available for all functions that were chaned in an incompatible way, but are deprecated). 2.) Add a pointer to a kvm_t as the first argument to functions that used to get their information via sysctl; they behave the same as before when NULL is passed as this argument, otherwise, the information is obtained via libkvm using the supplied handle. 3.) Add a new function, devstat_compute_statistics(), that is intended to replace the old compute_stats() function. It offers more statistics data, and has a more flexible interface. libdevstat does now require libkvm; a library depedency is added, so that libkvm only needs to be explicitely specified for statically linked programs. The library major version number is bumped. Submitted by: Sergey A. Osokin , ken (3) Reviewed by: ken END K 10 svn:author V 3 tmm K 8 svn:date V 27 2001-08-04T18:30:54.000000Z K 7 svn:log V 306 Make use of the new features of libdevstat to allow iostat to work on crash dumps, and make it use sysctl for all data retrievals in the "live" case (i.e. when not using iostat on a crash dump). Remove setgid kmem for the iostat executable, it is not needed any more after these changes. Reviewed by: ken END K 10 svn:author V 3 tmm K 8 svn:date V 27 2001-08-04T18:55:15.000000Z K 7 svn:log V 74 Add floating point context switching code for sparc64. Reviewed by: jake END K 10 svn:author V 3 tmm K 8 svn:date V 27 2001-08-04T20:17:05.000000Z K 7 svn:log V 161 Add a zdestroy() function to the zone allocator. This is needed for the unload case of modules that use their own zones. It has been tested with the nfs module. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2001-08-04T20:43:48.000000Z K 7 svn:log V 56 - Fix a comment. - Whitespace fixes. Submitted by: bde END K 10 svn:author V 3 jhb K 8 svn:date V 27 2001-08-04T20:46:46.000000Z K 7 svn:log V 45 Axe unused and invalid GD_ASTPENDING symbol. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2001-08-04T20:47:54.000000Z K 7 svn:log V 53 Axe unused and invalid astpending globaldata member. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2001-08-04T20:49:29.000000Z K 7 svn:log V 18 Whitespace fixes. END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-04T21:48:18.000000Z K 7 svn:log V 41 Don't clobber CFLAGS. Submitted by: bde END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-04T21:49:30.000000Z K 7 svn:log V 40 Don't clobber CFLAGS Submitted by: bde END K 10 svn:author V 5 markm K 8 svn:date V 27 2001-08-04T21:51:14.000000Z K 7 svn:log V 99 Fix style/consistency in Makefile and repair static module building. Submitted by: bde(partially) END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-04T22:11:08.000000Z K 7 svn:log V 163 It's bad enough to capitalize the name of the executable at the beginning of the sentence, but at the very least it shouldn't be done in the middle of a sentence! END K 10 svn:author V 6 obrien K 8 svn:date V 27 2001-08-04T22:20:52.000000Z K 7 svn:log V 137 Cut more from the Alpha kernel in order to build the install floppies: DEC_3000_300, DEC_3000_500, ncr, sa, amr, plip, le, pcn, wx, sl. END K 10 svn:author V 7 iedowse K 8 svn:date V 27 2001-08-05T00:23:58.000000Z K 7 svn:log V 77 MFC: 1.172; fix client-side memory leak in nfs_flush(). Approved by: murray END K 10 svn:author V 3 tmm K 8 svn:date V 27 2001-08-05T03:47:02.000000Z K 7 svn:log V 130 Sigh. Add two files needed for the sparc64 fp contect switching code that were forgotten in the last commit. Pointy hat to: tmm END K 10 svn:author V 3 tmm K 8 svn:date V 27 2001-08-05T03:55:02.000000Z K 7 svn:log V 194 Add a missing semicolon to unbreak the kernel build with INVARIANTS (which was unfortunately turned off in the confguration I used for the last test build). Spotted by: jake Pointy hat to: tmm END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-05T05:39:16.000000Z K 7 svn:log V 18 varargs -> stdarg END K 10 svn:author V 6 scottl K 8 svn:date V 27 2001-08-05T06:15:00.000000Z K 7 svn:log V 75 Fix a couple of copyright issues and an 80 column nit that I missed before END K 10 svn:author V 6 scottl K 8 svn:date V 27 2001-08-05T06:20:13.000000Z K 7 svn:log V 361 Bugfixes. Close a race and logic bug in the timeout handling, don't call the interrupt handler from the upper half, etc. This fixes some serious stability problems that we were seeing on our production server. These patches have been tested for almost 6 months and are a highly recommended MFC candidate. Reviewed by: gibbs, merry, msmith MFC after: 4 days END K 10 svn:author V 3 imp K 8 svn:date V 27 2001-08-05T06:59:32.000000Z K 7 svn:log V 66 Order PCIC_INT_GEN bits large to small, like all other registers. END K 10 svn:author V 3 imp K 8 svn:date V 27 2001-08-05T07:02:42.000000Z K 7 svn:log V 484 Now that we are setting a bit in the PCIC_INT_GEN (0x3) register, we can't blindly write zero into it to disable the card. We must preserve this bit. This changes pcic_disable to only clear the bits we know we need to clear on card disable, thus preserving the magic bit for many TI bridges. This appears to have fixed the problems that people are reporting about the system failing to recognize cards being inserted or removed (or both). Greg: This may fix your problem too :-). END K 10 svn:author V 6 scottl K 8 svn:date V 27 2001-08-05T07:26:31.000000Z K 7 svn:log V 293 Once again throw out the calculation of si_iosize_max and set it to 64K. Although it can go higher, it is not safe to so do on arrays with many members. Compromise by adding a tunable, "hw.aac.iosize_max" that can be set at boottime. Also document in the aac(4) manpage. MFC after: 4 weeks END K 10 svn:author V 3 jon K 8 svn:date V 27 2001-08-05T08:39:58.000000Z K 7 svn:log V 150 Fix using /usr/bin/ftp as a slave process on the end of a pipe by calling fflush(stdout). This is one ancient PR... PR: bin/1589 Submitted by: imp END K 10 svn:author V 3 jon K 8 svn:date V 27 2001-08-05T09:41:20.000000Z K 7 svn:log V 155 Fix logic error resulting in incorrect calculation of login time PR: bin/4204 Submitted by: Anatoly A. Orehovsky MFC after: 4 weeks END K 10 svn:author V 8 sheldonh K 8 svn:date V 27 2001-08-05T11:15:23.000000Z K 7 svn:log V 244 Clean up previous delta: * Fix typo (defautls). * Don't use hard sentence breaks in new text. * Don't introduce the use of the second person (you). * Use the standard "IMPLEMENTATION NOTES" section name instead of the non-standard "TUNING". END K 10 svn:author V 8 sheldonh K 8 svn:date V 27 2001-08-05T13:14:46.000000Z K 7 svn:log V 72 Document the two new sysctl variables introduced in rev 1.154 of tty.c. END K 10 svn:author V 6 nsayer K 8 svn:date V 27 2001-08-05T15:45:21.000000Z K 7 svn:log V 64 Add some sample entries to illustrate battery state monitoring. END K 10 svn:author V 6 nsayer K 8 svn:date V 27 2001-08-05T16:00:40.000000Z K 7 svn:log V 47 Add a little pizzaz to the sample entries. :-) END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-05T16:01:34.000000Z K 7 svn:log V 83 Document -d in usage. Submitted by: Martin Kammerhofer END K 10 svn:author V 7 asmodai K 8 svn:date V 27 2001-08-05T16:02:30.000000Z K 7 svn:log V 39 Fix conflicts after MFC of BIND 8.2.4. END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-05T16:03:04.000000Z K 7 svn:log V 82 Correct some pastos. Submitted by: Martin Kammerhofer END K 10 svn:author V 7 iedowse K 8 svn:date V 27 2001-08-05T16:24:13.000000Z K 7 svn:log V 922 Fix a number of bugs and annoyances in fdisk, many of which were pointed out by bde: - Ask for user confirmation before adjusting to a head/cylinder boundary (only when running interactively), and separate this adjustment from the automatic calculation of c/h/s parameters. - In sanitize_partition, don't change any values in the slice until we know that the automatic adjustment will succeed. - When auto-adjusting, ignore unused slices and give an appropriate error for other zero-size slices depending on the cause. - Change dos() to do all of the c/h/s calculations for a whole slice; this fixes a bug where the ending c/h/s of an unused slice was set incorrectly. - When changing the active slice, detect the currently active slice number instead of always defaulting to slice 4. - Call fflush(stdout) before calling fgets(). - Test for fgets() returning NULL so we don't loop on EOF. Reviewed by: bde END K 10 svn:author V 4 mike K 8 svn:date V 27 2001-08-05T19:37:12.000000Z K 7 svn:log V 574 o Move APNIC flag from -p to -A. Since, -p is usually associated with specifying a port. o Add the -p flag for specifying a port. (PR: 28790) This is useful for querying rwhois servers. Example: whois -h rwhois.exodus.net -p rwhois 216.136.180.0 o Add the -c flag which allows one to get the same whois server that would normally be determined if no arguments were specified. (Concept based on work by phantom, requested by ache) Example: whois -c ru TCNET-MNT-RIPN o Deprecate -R flag in favour of -c ru. PR: 28790 Reviewed by: -audit, ache, phantom END K 10 svn:author V 7 asmodai K 8 svn:date V 27 2001-08-05T20:08:26.000000Z K 7 svn:log V 166 Add missing identifier for Epson Perfection 1240U. This now enables this model to be attached by uscanner. Works great under SANE too. Approved by: Release Engineer END K 10 svn:author V 6 nsayer K 8 svn:date V 27 2001-08-05T20:26:03.000000Z K 7 svn:log V 60 Make the sample entries actually syntactically correct. :-/ END K 10 svn:author V 4 nate K 8 svn:date V 27 2001-08-05T21:56:11.000000Z K 7 svn:log V 154 - Removed comment about ThinkPad keyboards from the PCVT line. Any ThinkPad that needs this probably won't run -current, as it's at least 5 years old. END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-05T22:07:27.000000Z K 7 svn:log V 18 can not -> cannot END K 10 svn:author V 5 gibbs K 8 svn:date V 27 2001-08-05T22:20:12.000000Z K 7 svn:log V 1048 aic7xxx.c: Correct an off by one in our critical section handling. SEQADDR always reads the next instruction to execute, so we must subtract one from its value before making comparisons with entries in the critical section table. Print a few additional registers whenever we dump card state. Show the SCB_CONTROL and SCB_TAG values for all pending SCBs in card SCB ram when dumping card state. aic7xxx.seq: Fix a bug introduced while optimizing the SDPTR path. We would ack the SDPTR message twice on Ultra2 or better chips if it occurred after all data had been transferred for a transaction. Change our workaround for the PCI2.1 retry bug on some chips. Although the previous workaround was logically correct, its faster method of draining the FIFO seemed to occassionally confuse the FIFO state. We now drain the FIFO at half the speed which avoids the problem. aic7xxx_pci.c: Chips with the PCI 2.1 retry bug can't handle a 16byte cachesize. If the cachesize is set to 16bytes, drop it to 0. END K 10 svn:author V 6 jesper K 8 svn:date V 27 2001-08-05T23:08:38.000000Z K 7 svn:log V 965 MFS src/sys/netinet/ip_input.c rev 1.130.2.22 src/sys/netinet6/frag6.c rev 1.2.2.4 src/sys/netinet6/in6_proto.c rev 1.6.2.4 Prevent denial of service using bogus fragmented IPv4 packets. A attacker sending a lot of bogus fragmented packets to the target (with different IPv4 identification field - ip_id), may be able to put the target machine into mbuf starvation state. By setting a upper limit on the number of reassembly queues we prevent this situation. This upper limit is controlled by the new sysctl net.inet.ip.maxfragpackets which defaults to nmbclusters/4 If you want old behaviour (no upper limit) set this sysctl to a negative value. If you don't want to accept any fragments (not recommended) set the sysctl to 0 (zero) Change the default value of net.inet6.ip6.maxfragpackets from 200 to nmbclusters/4 to match the IPv4 case. Approved by: security-officer (kris) Obtained from: NetBSD (partially) END K 10 svn:author V 6 msmith K 8 svn:date V 27 2001-08-05T23:20:32.000000Z K 7 svn:log V 202 The Intel 440MX ACPI timer seems to work properly, so add it to the list here. Restructure slightly so that adding more devices is easier. Submitted by: Jose Gabriel J Marcelino END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:18:39.000000Z K 7 svn:log V 244 Add code model medlow to cflags and move the kernel load address from just before the memory hole to 4 megs. Special case building exception.s like locore.s, it needs to at the beginning so the branches out from the trap table don't overflow. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:19:52.000000Z K 7 svn:log V 72 Add a vm_object and page count to struct pmap for allocating tsb pages. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:20:36.000000Z K 7 svn:log V 103 Fix macros for setting and extracting the context field in ttes and add macros for the fields in sfsr. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:21:53.000000Z K 7 svn:log V 124 Oops. Last commit to tsb.h should have gone here. Fix macros for eadling with tte contexts and add macros for sfsr fields. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:23:16.000000Z K 7 svn:log V 156 Forced commit. Last should have gone to tlb.h Move the kernel and user tsb address to the end of the first 4 gigs. Remove some stuff that's no long used. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:24:18.000000Z K 7 svn:log V 114 Fix macros for dealing with tte contexts. Add tte bits for initializing tsbs and for specifying managed mappings. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:24:52.000000Z K 7 svn:log V 45 The kernel runs at a much lower address now. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:26:04.000000Z K 7 svn:log V 115 Add trap handlers for dmmu faults from user mode, and for faults from accessing user address space in kernel mode. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:27:34.000000Z K 7 svn:log V 87 Handle managed and unmanaged mapping better. Allocate an vm object for the tsb pages. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:27:59.000000Z K 7 svn:log V 24 Remove some debug code. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:29:13.000000Z K 7 svn:log V 180 Save the primary mmu context around calls to the prom, and install nucleus context. The prom runs at trap level 0, so there's no implicit nucleus context and we have to force it. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:31:30.000000Z K 7 svn:log V 130 Handle switching switching mmu contexts and mapping the new primary tsb. Rework some register usage and code placement. Comment. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:32:38.000000Z K 7 svn:log V 49 Add page fault and high level tsb miss handlers. END K 10 svn:author V 4 jake K 8 svn:date V 27 2001-08-06T02:34:20.000000Z K 7 svn:log V 205 Handle dmmu protection faults as well as misses. Enable tracking of the modify and reference tte bits. Implementing allocating of tsb pages. Make tsb_stte_lookup do the right thing with the kernel pmap. END K 10 svn:author V 4 kris K 8 svn:date V 27 2001-08-06T03:19:22.000000Z K 7 svn:log V 123 Don't do unsafe activities inside signal handlers. Just set a flag and return. Obtained from: OpenBSD Reviewed by: audit END K 10 svn:author V 6 scottl K 8 svn:date V 27 2001-08-06T03:52:40.000000Z K 7 svn:log V 39 Missed this one in my 80-column sweep. END K 10 svn:author V 6 scottl K 8 svn:date V 27 2001-08-06T04:34:47.000000Z K 7 svn:log V 310 Put the linux compat ioctl interface on death row. Add FreeBSD definitions of all of the ioctls, plus round out all ioctl definitions to match what exists for linux. Allow ioctls to be called through either the native or linux interface, though no apps exist (yet) that can take advantage of native calling. END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-06T05:25:15.000000Z K 7 svn:log V 24 Note MFC of BIND 8.2.4. END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-06T05:25:26.000000Z K 7 svn:log V 16 MFC: BIND 8.2.4 END K 10 svn:author V 2 dd K 8 svn:date V 27 2001-08-06T05:26:06.000000Z K 7 svn:log V 52 Remove old blurb about BIND being updated to 8.2.3. END K 10 svn:author V 5 chris K 8 svn:date V 27 2001-08-06T05:56:33.000000Z K 7 svn:log V 408 Remove the fildesc_clone() function and its associated unnecessary code. It didn't implement the proper /dev/fd functionality (which would be to include in the directory listing /dev/fd/n if the process has fd n open) anyway. Anything needing access to /dev/fd/n where n > 2 can use the optional fdescfs module, which implements this properly and does not cause any trouble with devfs. Discussed with: phk END K 10 svn:author V 3 nik K 8 svn:date V 27 2001-08-06T06:52:24.000000Z K 7 svn:log V 46 Note that the doc collection is not branched. END K 10 svn:author V 8 sheldonh K 8 svn:date V 27 2001-08-06T07:42:11.000000Z K 7 svn:log V 31 MFC rev 1.17: soften a warning END K 10 svn:author V 6 jesper K 8 svn:date V 27 2001-08-06T09:20:57.000000Z K 7 svn:log V 815 MFS src/sys/netinet/ip_input.c rev 1.130.2.22 src/sys/netinet6/frag6.c rev 1.2.2.4 src/sys/netinet6/in6_proto.c rev 1.6.2.4 Prevent denial of service using bogus fragmented IPv4 packets. A attacker sending a lot of bogus fragmented packets to the target (with different IPv4 identification field - ip_id), may be able to put the target machine into mbuf starvation state. By setting a upper limit on the number of reassembly queues we prevent this situation. This upper limit is controlled by the new sysctl net.inet.ip.maxfragpackets which defaults to nmbclusters/4 If you want old behaviour (no upper limit) set this sysctl to a negative value. If you don't want to accept any fragments (not recommended) set the sysctl to 0 (zero) Obtained from: NetBSD (partially) END K 10 svn:author V 3 dfr K 8 svn:date V 27 2001-08-06T12:52:17.000000Z K 7 svn:log V 36 Remove usage of nonexistent vm_mtx. END K 10 svn:author V 3 dfr K 8 svn:date V 27 2001-08-06T12:52:55.000000Z K 7 svn:log V 25 Make this compile again. END K 10 svn:author V 2 ru K 8 svn:date V 27 2001-08-06T13:03:38.000000Z K 7 svn:log V 206 Fixed one more breakage introduced in 1.103 cleanup. ICMP types were reported incorrectly: # ipfw add allow icmp from any to any icmptypes 0,8 PR: bin/29185 Submitted by: Mike Durian END K 10 svn:author V 5 gibbs K 8 svn:date V 27 2001-08-06T13:44:33.000000Z K 7 svn:log V 125 MFC: Don't ack SDPTR messages twice on Ultra2 chips. Better PCI 2.1 retry bug workaround. Approved by: re@FreeBSD.org END