Revision tags: release/4.1.0, vendor/libpcap/1.26, vendor/isc-dhcp/2.0pl3_fix, vendor/isc-dhcp/2.0pl3, vendor/ipfilter-sys/v3-4-8, vendor/ipfilter/3.4.8, vendor/less/v358, vendor/isc-dhcp/2.0pl2, vendor/ncurses/5.1-20000701, vendor/isc-dhcp/2.0pl1, vendor/perl5/5.006, release/3.5.0 |
|
#
c6362551 |
| 22-Jun-2000 |
Alfred Perlstein <alfred@FreeBSD.org> |
fix races in the uidinfo subsystem, several problems existed:
1) while allocating a uidinfo struct malloc is called with M_WAITOK, it's possible that while asleep another process by the same user
fix races in the uidinfo subsystem, several problems existed:
1) while allocating a uidinfo struct malloc is called with M_WAITOK, it's possible that while asleep another process by the same user could have woken up earlier and inserted an entry into the uid hash table. Having redundant entries causes inconsistancies that we can't handle.
fix: do a non-waiting malloc, and if that fails then do a blocking malloc, after waking up check that no one else has inserted an entry for us already.
2) Because many checks for sbsize were done as "test then set" in a non atomic manner it was possible to exceed the limits put up via races.
fix: instead of querying the count then setting, we just attempt to set the count and leave it up to the function to return success or failure.
3) The uidinfo code was inlining and repeating, lookups and insertions and deletions needed to be in their own functions for clarity.
Reviewed by: green
show more ...
|
#
a79b7128 |
| 20-Jun-2000 |
Alfred Perlstein <alfred@FreeBSD.org> |
return of the accept filter part II
accept filters are now loadable as well as able to be compiled into the kernel.
two accept filters are provided, one that returns sockets when data arrives the o
return of the accept filter part II
accept filters are now loadable as well as able to be compiled into the kernel.
two accept filters are provided, one that returns sockets when data arrives the other when an http request is completed (doesn't work with 0.9 requests)
Reviewed by: jmg
show more ...
|
#
a72fda71 |
| 18-Jun-2000 |
Alfred Perlstein <alfred@FreeBSD.org> |
backout accept optimizations.
Requested by: jmg, dcs, jdp, nate
|
#
8f4e4aa5 |
| 15-Jun-2000 |
Alfred Perlstein <alfred@FreeBSD.org> |
add socketoptions DELAYACCEPT and HTTPACCEPT which will not allow an accept() until the incoming connection has either data waiting or what looks like a HTTP request header already in the socketbuffe
add socketoptions DELAYACCEPT and HTTPACCEPT which will not allow an accept() until the incoming connection has either data waiting or what looks like a HTTP request header already in the socketbuffer. This ought to reduce the context switch time and overhead for processing requests.
The initial idea and code for HTTPACCEPT came from Yahoo engineers and has been cleaned up and a more lightweight DELAYACCEPT for non-http servers has been added
Reviewed by: silence on hackers.
show more ...
|
Revision tags: vendor/tcsh/6.09.01-20000610, vendor/gcc/cvs-20000603, vendor/openssh/2.1.0-2000-05-30, vendor/openssh/2.1.0-2000-06-03, vendor/gcc/2.95-20000526, vendor/bind/8.2.3.t5b, vendor/ncurses/5.0-19991023, vendor/ipfilter-sys/v3_4_4, vendor/ipfilter/3.4.4, vendor/less/v354, vendor/openssh/2.1, vendor/binutils/sourceware_binutils_anoncvs_20000512, vendor/binutils/sourceware_binutils-2_10-branch_anoncvs_20000512, vendor/tcsh/6.09.01-fix-history, vendor/tcsh/6.09.01-fix-20000418, vendor/tcsh/6.09.01, vendor/binutils/sourceware_binutils_anoncvs_19990502, vendor/binutils/sourceware_binutils_anoncvs_20000414, vendor/binutils/anoncvs_20000414, vendor/libgmp/2.0.2 |
|
#
cb679c38 |
| 16-Apr-2000 |
Jonathan Lemon <jlemon@FreeBSD.org> |
Introduce kqueue() and kevent(), a kernel event notification facility.
|
Revision tags: vendor/openssl/0.9.5a, vendor/tcsh/6.09, vendor/opie/2.32, vendor/binutils/2.9.1, vendor/gcc/2.95-20000329, vendor/tzdata/tzdata2000d, vendor/gcc/2.95.2, vendor/gcc/2.95.1, vendor/openssh/1.2.3-2000-03-25, vendor/gperf/2.7, release/4.0.0, vendor/libreadline/4.1, vendor/gcc/2.95-20000307, vendor/libpcap/0.5 |
|
#
7d0d8dc3 |
| 03-Mar-2000 |
Yoshinobu Inoue <shin@FreeBSD.org> |
CMSG_XXX macros alignment fixes to follow RFC2292.
Approved by: jkh
Submitted by: Partly from tech@openbsd Reviewed by: itojun
|
#
0b97e97c |
| 24-Feb-2000 |
Yoshinobu Inoue <shin@FreeBSD.org> |
Add length check to sbcreatecontrol().
Now this check is necessary because IPv6 source routing might use control data bigger than MLEN. (e.g. 16bytes IPv6 addr x 23 hops) Actually mbuf cluster
Add length check to sbcreatecontrol().
Now this check is necessary because IPv6 source routing might use control data bigger than MLEN. (e.g. 16bytes IPv6 addr x 23 hops) Actually mbuf cluster should be used in uipc_socket.c:sbcreatecontrol() and uipc_syscalls.c:sockargs() when data size is bigger then MLEN, and such patches were already in KAME environment and have been confirmed to work well. I just forgot to merge them into 4.0, sorry.
For safety, I'll postpone such patches until after 4.0 release. The effect of postponement is followings. -Ping6 source routing hops are limitted to around 6 or so. -If some apps do setsockopt IPV6_RTHDR and try to receive incoming IPv6 source routing info, it can't receive more than 6 hops source routing info. (But currently, no apps seems to be doing it.)
Approved by: jkh
show more ...
|
Revision tags: vendor/openssh/1.2-2000-02-24, vendor/heimdal/0.2p, vendor/heimdal/0.2o, vendor/heimdal/0.2n, vendor/ipfilter/3.3.8, vendor/binutils/cygnus_sourceware_anoncvs_19990502, vendor/misc-GNU/grep/2.4d, vendor/tcpdump/3.5, vendor/ntp/4.0.99b, vendor/ncurses/5.0, vendor/gcc/2.95-20000120, vendor/misc-GNU/grep/2.4a, vendor/misc-GNU/texinfo/4.0, vendor/misc-GNU/bc/1.0.5a, vendor/openssl/0.9.4 |
|
#
bfbbc4aa |
| 14-Jan-2000 |
Jason Evans <jasone@FreeBSD.org> |
Add aio_waitcomplete(). Make aio work correctly for socket descriptors. Make gratuitous style(9) fixes (me, not the submitter) to make the aio code more readable.
PR: kern/12053 Submitted by: Chri
Add aio_waitcomplete(). Make aio work correctly for socket descriptors. Make gratuitous style(9) fixes (me, not the submitter) to make the aio code more readable.
PR: kern/12053 Submitted by: Chris Sedore <cmsedore@maxwell.syr.edu>
show more ...
|
Revision tags: vendor/ipfilter/3.3.6, vendor/groff/1.15, vendor/heimdal/0.2m, vendor/kerberosIV/1.0, vendor/misc-GNU/grep/2.4, vendor/misc-GNU/grep/2.3, vendor/ext2fs/2.3.35, release/3.4.0, vendor/NetBSD/fparseln_19990920, vendor/NetBSD/mailwrapper_19990529, vendor/OpenBSD/openbsd_fts_v1_22, vendor/sym/1.0.0-19991205_deo, vendor/misc-GNU/cvs/1.10.7, vendor/ntp/4.0.98f, vendor/bind/8.2.2p5, vendor/sym/0.12.0-19991127_deo, vendor/sym/0.11.0-19991120_deo, vendor/sym/0.11.0-19991120, vendor/sym/0.10.0-19991111, vendor/sym/0.9.0-19991024, vendor/gcc/egcs-1.1.2, vendor/gcc/2.7.2.3, vendor/ipfilter/3.3.3, vendor/amd/6.0.3s1, vendor/flex/2.5.4 |
|
#
ecf72308 |
| 09-Oct-1999 |
Brian Feldman <green@FreeBSD.org> |
Implement RLIMIT_SBSIZE in the kernel. This is a per-uid sockbuf total usage limit.
|
#
23f84772 |
| 28-Sep-1999 |
Pierre Beyssac <pb@FreeBSD.org> |
In sbflush(), don't exit the while loop too early: this can cause an empty mbuf to stay in the queue, then causing a needless panic because sb_cc == 0 and sb_mbcnt != 0.
But we still need to panic r
In sbflush(), don't exit the while loop too early: this can cause an empty mbuf to stay in the queue, then causing a needless panic because sb_cc == 0 and sb_mbcnt != 0.
But we still need to panic rather than endlessly looping if, for some reason, sb_cc == 0 and there are non-empty mbufs in the queue.
PR: kern/11988 Reviewed by: fenner
show more ...
|
Revision tags: vendor/misc-GNU/awk/3.0.4, vendor/amd/6.0.2s2, vendor/kerberosIV/0.10.1 |
|
#
2f9a2132 |
| 19-Sep-1999 |
Brian Feldman <green@FreeBSD.org> |
Change so_cred's type to a ucred, not a pcred. THis makes more sense, actually. Make a sonewconn3() which takes an extra argument (proc) so new sockets created with sonewconn() from a user's system
Change so_cred's type to a ucred, not a pcred. THis makes more sense, actually. Make a sonewconn3() which takes an extra argument (proc) so new sockets created with sonewconn() from a user's system call get the correct credentials, not just the parent's credentials.
show more ...
|
Revision tags: release/3.3.0, vendor/amd/6.0.1, vendor/ssleay/openssl_0_9_4, vendor/libdes/0.9.4, vendor/com_err/0.1, vendor/ssleay/kth_0_1, vendor/libdes/0.1 |
|
#
c3aac50f |
| 28-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
Revision tags: vendor/ncurses/5.0-19990821, vendor/misc-GNU/bison/1.28, vendor/NetBSD/v990809 |
|
#
134c934c |
| 05-Jul-1999 |
Mike Smith <msmith@FreeBSD.org> |
Move the initialisation/tuning of nmbclusters from param.c/machdep.c into uipc_mbuf.c. This reduces three sets of identical tunable code to one set, and puts the initialisation with the mbuf code pr
Move the initialisation/tuning of nmbclusters from param.c/machdep.c into uipc_mbuf.c. This reduces three sets of identical tunable code to one set, and puts the initialisation with the mbuf code proper.
Make NMBUFs tunable as well.
Move the nmbclusters sysctl here as well.
Move the initialisation of maxsockets from param.c to uipc_socket2.c, next to its corresponding sysctl.
Use the new tunable macros for the kern.vm.kmem.size tunable (this should have been in a separate commit, whoops).
show more ...
|
Revision tags: vendor/isc-dhcp/2.0, vendor/xe/1.20 |
|
#
f29be021 |
| 17-Jun-1999 |
Brian Feldman <green@FreeBSD.org> |
Reviewed by: the cast of thousands
This is the change to struct sockets that gets rid of so_uid and replaces it with a much more useful struct pcred *so_cred. This is here to be able to do socket-le
Reviewed by: the cast of thousands
This is the change to struct sockets that gets rid of so_uid and replaces it with a much more useful struct pcred *so_cred. This is here to be able to do socket-level credential checks (i.e. IPFW uid/gid support, to be added to HEAD soon). Along with this comes an update to pidentd which greatly simplifies the code necessary to get a uid from a socket. Soon to come: a sysctl() interface to finding individual sockets' credentials.
show more ...
|
Revision tags: vendor/libreadline/4.0, release/3.2.0, vendor/xe/1.19, vendor/xe/1.18, vendor/xe/1.17, vendor/xe/1.16, vendor/xe/1.15, vendor/xe/1.14, vendor/xe/1.13 |
|
#
dc97381e |
| 10-May-1999 |
Peter Wemm <peter@FreeBSD.org> |
Update one set of comments.. s/so_q0/so_incomp/ and s/so_q/so_comp/ (that's incomplete and complete connections I think)
|
#
3d177f46 |
| 03-May-1999 |
Bill Fumerola <billf@FreeBSD.org> |
Add sysctl descriptions to many SYSCTL_XXXs
PR: kern/11197 Submitted by: Adrian Chadd <adrian@FreeBSD.org> Reviewed by: billf(spelling/style/minor nits) Looked at by: bde(style)
|
Revision tags: vendor/perl5/5.005.03, vendor/SGI/v_2_17, vendor/SGI/vjs_990324, vendor/gdb/4.18, vendor/isc-dhcp/2.0b1-pl.27, vendor/isc-dhcp/2.0b1-pl.18, vendor/misc-GNU/cvs/1.10, vendor/groff/1.11, vendor/tcp_wrappers/7.6, vendor/NetBSD/v990310, vendor/isc-dhcp/2.0b1-pl.17, release/3.1.0_cvs, vendor/isc-dhcp/2.0b1-pl.11, vendor/OpenBSD/dhclient_1_0, vendor/isc-dhcp/2.0b1-pl.6, vendor/sendmail/8.9.3, vendor/tzdata/tzdata1999b |
|
#
527b7a14 |
| 25-Jan-1999 |
Bill Fenner <fenner@FreeBSD.org> |
Port NetBSD's 19990120-accept bug fix. This works around the race condition where select(2) can return that a listening socket has a connected socket queued, the connection is broken, and the user c
Port NetBSD's 19990120-accept bug fix. This works around the race condition where select(2) can return that a listening socket has a connected socket queued, the connection is broken, and the user calls accept(2), which then blocks because there are no connections queued.
Reviewed by: wollman Obtained from: NetBSD (ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/patches/19990120-accept)
show more ...
|
Revision tags: vendor/sendmail/8.9.2-header, vendor/tzdata/tzdata1999a, vendor/tzcode/tzcode1999a, release/3.0.0_cvs, release/2.2.8, vendor/mrouted/3.9-beta3, vendor/mrouted/mtrace-5.2, vendor/global/3.4.2, vendor/misc-GNU/texinfo/3.12, vendor/amd/6.0, vendor/sendmail/8.9.2, vendor/zlib/1.1.3 |
|
#
f1d19042 |
| 07-Dec-1998 |
Archie Cobbs <archie@FreeBSD.org> |
The "easy" fixes for compiling the kernel -Wunused: remove unreferenced static and local variables, goto labels, and functions declared but not defined.
|
#
9d2b0909 |
| 23-Nov-1998 |
Don Lewis <truckman@FreeBSD.org> |
We can't call fsetown() from sonewconn() because sonewconn() is be called from an interrupt context and fsetown() wants to peek at curproc, call malloc(..., M_WAITOK), and fiddle with various unprote
We can't call fsetown() from sonewconn() because sonewconn() is be called from an interrupt context and fsetown() wants to peek at curproc, call malloc(..., M_WAITOK), and fiddle with various unprotected data structures. The fix is to move the code that duplicates the F_SETOWN/FIOSETOWN state of the original socket to the new socket from sonewconn() to accept1(), since accept1() runs in the correct context. Deferring this until the process calls accept() is harmless since the process can't do anything useful with SIGIO on the new socket until it has the descriptor for that socket.
One could make the case for not bothering to duplicate the F_SETOWN/FIOSETOWN state and requiring the process to explicitly make the fcntl() or ioctl() call on the new socket, but this would be incompatible with the previous implementation and might break programs which rely on the old semantics.
This bug was discovered by Andrew Gallatin <gallatin@cs.duke.edu>.
show more ...
|
Revision tags: vendor/libpam/unpruned, vendor/libpam/0.65, vendor/amd/6.0b1 |
|
#
831d27a9 |
| 11-Nov-1998 |
Don Lewis <truckman@FreeBSD.org> |
Installed the second patch attached to kern/7899 with some changes suggested by bde, a few other tweaks to get the patch to apply cleanly again and some improvements to the comments.
This change clo
Installed the second patch attached to kern/7899 with some changes suggested by bde, a few other tweaks to get the patch to apply cleanly again and some improvements to the comments.
This change closes some fairly minor security holes associated with F_SETOWN, fixes a few bugs, and removes some limitations that F_SETOWN had on tty devices. For more details, see the description on the PR.
Because this patch increases the size of the proc and pgrp structures, it is necessary to re-install the includes and recompile libkvm, the vinum lkm, fstat, gcore, gdb, ipfilter, ps, top, and w.
PR: kern/7899 Reviewed by: bde, elvind
show more ...
|
#
0931333f |
| 04-Nov-1998 |
Bill Fenner <fenner@FreeBSD.org> |
Fix sbcheck() to check all packets on socket buffer. Also fix data types and printf formats while I'm here.
PR: misc/8494
Panic instead of looping forever in sbflush(). If sb_mbcnt counts more mbu
Fix sbcheck() to check all packets on socket buffer. Also fix data types and printf formats while I'm here.
PR: misc/8494
Panic instead of looping forever in sbflush(). If sb_mbcnt counts more mbufs than sb_cc counts bytes, the original code can turn into an infinite loop of removing 0 bytes from the socket buffer until it's empty.
show more ...
|
Revision tags: vendor/NetBSD/v981011, vendor/tcpdump/3.4, vendor/libpcap/0.4, vendor/perl5/5.005.02 |
|
#
a8b8bc07 |
| 05-Sep-1998 |
Bruce Evans <bde@FreeBSD.org> |
Fixed recently perpetrated printf format errors.
|
#
253ab668 |
| 04-Sep-1998 |
Andrey A. Chernov <ache@FreeBSD.org> |
make sbflush panic messages more descriptive
|
Revision tags: vendor/amd/6.0a16, vendor/sendmail/8.9.1, release/2.2.7_cvs, vendor/NetBSD/v980708, vendor/pppd/2.3.5, vendor/ipfilter/3.2.7, vendor/ipfilter-sys/v3_2_7, vendor/NetBSD/v980608, vendor/bind/8.1.2 |
|
#
ecbb00a2 |
| 07-Jun-1998 |
Doug Rabson <dfr@FreeBSD.org> |
This commit fixes various 64bit portability problems required for FreeBSD/alpha. The most significant item is to change the command argument to ioctl functions from int to u_long. This change bring
This commit fixes various 64bit portability problems required for FreeBSD/alpha. The most significant item is to change the command argument to ioctl functions from int to u_long. This change brings us inline with various other BSD versions. Driver writers may like to use (__FreeBSD_version == 300003) to detect this change.
The prototype FreeBSD/alpha machdep will follow in a couple of days time.
show more ...
|
#
4dc75870 |
| 31-May-1998 |
Peter Wemm <peter@FreeBSD.org> |
Have the wakeup routine do the upcall if needed.
Obtained from: NetBSD
|