#
0a977ede |
| 19-Mar-2010 |
Konstantin Belousov <kib@FreeBSD.org> |
Fix two style issues.
MFC after: 2 weeks
|
#
0454fe84 |
| 18-Feb-2010 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Use NULL instead of 0 when setting up pointer.
|
#
e7d829a4 |
| 17-Dec-2009 |
Matt Jacob <mjacob@FreeBSD.org> |
Fix argument order in a call to mtx_init.
MFC after: 1 week
|
#
1c89fc75 |
| 03-Nov-2009 |
Konstantin Belousov <kib@FreeBSD.org> |
If socket buffer space appears to be lower then sum of count of already prepared bytes and next portion of transfer, inner loop of kern_sendfile() aborts, not preparing next mbuf for socket buffer, a
If socket buffer space appears to be lower then sum of count of already prepared bytes and next portion of transfer, inner loop of kern_sendfile() aborts, not preparing next mbuf for socket buffer, and not modifying any outer loop invariants. The thread loops in the outer loop forever.
Instead of breaking from inner loop, prepare only bytes that fit into the socket buffer space.
In collaboration with: pho Reviewed by: bz PR: kern/138999 MFC after: 2 weeks
show more ...
|
#
7415a41f |
| 29-Oct-2009 |
Konstantin Belousov <kib@FreeBSD.org> |
Fix style issue.
|
Revision tags: vendor/openssh/5.3p1 |
|
#
75ffdc40 |
| 01-Oct-2009 |
Konstantin Belousov <kib@FreeBSD.org> |
Do not dereference vp->v_mount without holding vnode lock and checking that the vnode is not reclaimed.
Noted by: Igor Sysoev <is rambler-co ru> MFC after: 1 week
|
Revision tags: vendor/tzdata/tzdata2009n |
|
#
8518270e |
| 19-Sep-2009 |
Michael Tuexen <tuexen@FreeBSD.org> |
Get SCTP working in combination with VIMAGE. Contains code from bz. Approved by: rrs (mentor) MFC after: 1 month.
|
Revision tags: vendor/x86emu/4.6, vendor/tzdata/tzdata2009m, vendor/acpica/20090903, vendor/openssl/0.9.8k-dtls-fixes, vendor/pf-sys/4.5.002, vendor/pf/4.5, vendor/tzdata/tzdata2009l, vendor/openbsm/1.1-P-2 |
|
#
530c0060 |
| 01-Aug-2009 |
Robert Watson <rwatson@FreeBSD.org> |
Merge the remainder of kern_vimage.c and vimage.h into vnet.c and vnet.h, we now use jails (rather than vimages) as the abstraction for virtualization management, and what remained was specific to vi
Merge the remainder of kern_vimage.c and vimage.h into vnet.c and vnet.h, we now use jails (rather than vimages) as the abstraction for virtualization management, and what remained was specific to virtual network stacks. Minor cleanups are done in the process, and comments updated to reflect these changes.
Reviewed by: bz Approved by: re (vimage blanket)
show more ...
|
Revision tags: vendor/acpica/20090730, vendor/bind9/9.4.3-P3, vendor/bind9/9.6.1-P1, vendor/less/v436, vendor/tzcode/tzcode2009k, vendor/tzdata/tzdata2009k, vendor/openbsm/1.1-P-1, vendor/tcsh/6.17.00, vendor/clang/clang-r74788, vendor/llvm/llvm-r74788 |
|
#
15ca46f6 |
| 01-Jul-2009 |
Robert Watson <rwatson@FreeBSD.org> |
Audit file descriptor numbers for various socket-related system calls.
Approved by: re (audit argument blanket) MFC after: 3 days
|
#
9e4c1521 |
| 01-Jul-2009 |
Robert Watson <rwatson@FreeBSD.org> |
Define missing audit argument macro AUDIT_ARG_SOCKET(), and capture the domain, type, and protocol arguments to socket(2) and socketpair(2).
Approved by: re (audit argument blanket) MFC after: 3 days
|
Revision tags: vendor/clang/clang-r74383, vendor/llvm/llvm-r74383, vendor/acpica/20090625, vendor/bind9/9.6.1, vendor/clang/clang-r73984, vendor/llvm/llvm-r73984, vendor/clang/clang-r73954, vendor/llvm/llvm-r73954, vendor/clang/clang-r73879, vendor/llvm/llvm-r73879, vendor/tzdata/tzdata2009j, vendor/opensolaris/20080410b, vendor/clang/clang-r73340, vendor/llvm/llvm-r73340 |
|
#
c03528b6 |
| 10-Jun-2009 |
Bjoern A. Zeeb <bz@FreeBSD.org> |
SCTP needs either IPv4 or IPv6 as lower layer[1]. So properly hide the already #ifdef SCTP code with #if defined(INET) || defined(INET6) as well to get us closer to a non-INET/INET6 kernel.
Discusse
SCTP needs either IPv4 or IPv6 as lower layer[1]. So properly hide the already #ifdef SCTP code with #if defined(INET) || defined(INET6) as well to get us closer to a non-INET/INET6 kernel.
Discussed with: tuexen [1]
show more ...
|
Revision tags: vendor/tzcode/tzcode2009i, vendor/tzdata/tzdata2009i, vendor/clang/clang-r73070, vendor/llvm/llvm-r73070, vendor/openssl/0.9.8k, vendor/clang/clang-r73021, vendor/llvm/llvm-r73021, vendor/clang/clang-r72995, vendor/llvm/llvm-r72995 |
|
#
bcf11e8d |
| 05-Jun-2009 |
Robert Watson <rwatson@FreeBSD.org> |
Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERIC and used in a large number of files, but also because an increasing number of incorrect uses of MAC calls were sneaking in du
Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERIC and used in a large number of files, but also because an increasing number of incorrect uses of MAC calls were sneaking in due to copy-and-paste of MAC-aware code without the associated opt_mac.h include.
Discussed with: pjd
show more ...
|
Revision tags: vendor/clang/clang-r72805, vendor/llvm/llvm-r72805, vendor/clang/clang-r72770, vendor/llvm/llvm-r72770 |
|
#
f93bfb23 |
| 02-Jun-2009 |
Robert Watson <rwatson@FreeBSD.org> |
Add internal 'mac_policy_count' counter to the MAC Framework, which is a count of the number of registered policies.
Rather than unconditionally locking sockets before passing them into MAC, lock th
Add internal 'mac_policy_count' counter to the MAC Framework, which is a count of the number of registered policies.
Rather than unconditionally locking sockets before passing them into MAC, lock them in the MAC entry points only if mac_policy_count is non-zero.
This avoids locking overhead for a number of socket system calls when no policies are registered, eliminating measurable overhead for the MAC Framework for the socket subsystem when there are no active policies.
Possibly socket locks should be acquired by policies if they are required for socket labels, which would further avoid locking overhead when there are policies but they don't require labeling of sockets, or possibly don't even implement socket controls.
Obtained from: TrustedBSD Project
show more ...
|
Revision tags: vendor/clang/clang-r72732, vendor/llvm/llvm-r72732, vendor/acpica/20090521, vendor/acpica/20070320resync |
|
#
4202e1be |
| 31-May-2009 |
Dmitry Chagin <dchagin@FreeBSD.org> |
Split native socketpair() syscall onto kern_socketpair() which should be used by kernel consumers and socketpair() itself.
Approved by: kib (mentor) MFC after: 1 month
|
Revision tags: vendor/bind9/9.6.1rc1, vendor/netcat/4.5, vendor/tzcode/tzcode2009h, vendor/tzdata/tzdata2009h, vendor/ee/1.5.0, vendor/ee/1.4.7, vendor/ee/1.4.6, vendor/ee/1.4.5a, vendor/ee/1.4.4, vendor/ee/1.4.3, vendor/ee/1.4.2, vendor/top/3.8b1, vendor/tzcode/tzcode2009e, vendor/file/5.03 |
|
#
bf422e5f |
| 14-May-2009 |
Jeff Roberson <jeff@FreeBSD.org> |
- Implement a lockless file descriptor lookup algorithm in fget_unlocked(). - Save old file descriptor tables created on expansion until the entire descriptor table is freed so that pointers m
- Implement a lockless file descriptor lookup algorithm in fget_unlocked(). - Save old file descriptor tables created on expansion until the entire descriptor table is freed so that pointers may be followed without regard for expanders. - Mark the file zone as NOFREE so we may attempt to reference potentially freed files. - Convert several fget_locked() users to fget_unlocked(). This requires us to manage reference counts explicitly but reduces locking overhead in the common case.
show more ...
|
Revision tags: vendor/less/v429 |
|
#
2114e063 |
| 08-May-2009 |
Marko Zec <zec@FreeBSD.org> |
A NOP change: style / whitespace cleanup of the noise that slipped into r191816.
Spotted by: bz Approved by: julian (mentor) (an earlier version of the diff)
|
Revision tags: vendor/binutils/2.15-r191844-obrien |
|
#
21ca7b57 |
| 05-May-2009 |
Marko Zec <zec@FreeBSD.org> |
Change the curvnet variable from a global const struct vnet *, previously always pointing to the default vnet context, to a dynamically changing thread-local one. The currvnet context should be set
Change the curvnet variable from a global const struct vnet *, previously always pointing to the default vnet context, to a dynamically changing thread-local one. The currvnet context should be set on entry to networking code via CURVNET_SET() macros, and reverted to previous state via CURVNET_RESTORE(). Recursions on curvnet are permitted, though strongly discuouraged.
This change should have no functional impact on nooptions VIMAGE kernel builds, where CURVNET_* macros expand to whitespace.
The curthread->td_vnet (aka curvnet) variable's purpose is to be an indicator of the vnet context in which the current network-related operation takes place, in case we cannot deduce the current vnet context from any other source, such as by looking at mbuf's m->m_pkthdr.rcvif->if_vnet, sockets's so->so_vnet etc. Moreover, so far curvnet has turned out to be an invaluable consistency checking aid: it helps to catch cases when sockets, ifnets or any other vnet-aware structures may have leaked from one vnet to another.
The exact placement of the CURVNET_SET() / CURVNET_RESTORE() macros was a result of an empirical iterative process, whith an aim to reduce recursions on CURVNET_SET() to a minimum, while still reducing the scope of CURVNET_SET() to networking only operations - the alternative would be calling CURVNET_SET() on each system call entry. In general, curvnet has to be set in three typicall cases: when processing socket-related requests from userspace or from within the kernel; when processing inbound traffic flowing from device drivers to upper layers of the networking stack, and when executing timer-driven networking functions.
This change also introduces a DDB subcommand to show the list of all vnet instances.
Approved by: julian (mentor)
show more ...
|
Revision tags: vendor/file/5.00, release/7.2.0_cvs, release/7.2.0, vendor/tzdata/tzdata2009g, vendor/openbsm/1.1, vendor/tzdata/tzdata2009f, vendor/tzdata/tzdata2009e |
|
#
f0b9868d |
| 12-Apr-2009 |
Kip Macy <kmacy@FreeBSD.org> |
sendfile doesn't modify the vnode - acquire vnode lock shared
Reviewed by: ups, jeffr
|
Revision tags: vendor/tzdata/tzdata2009d, vendor/bind9/9.4.3-P2, vendor/libpcap/1.0.0, vendor/tcpdump/4.0.0, vendor/tzdata/tzdata2009c, vendor/openbsm/1.1-BETA-1, vendor/wpa/0.6.8, vendor/openssh/5.2p1, vendor/tzdata/tzdata2009b, vendor/gdtoa/20081205, vendor/tzdata/tzdata2009a, vendor/wpa_supplicant/0.5.11, vendor/wpa_supplicant/0.5.10, vendor/openbsm/1.1-ALPHA-5, vendor/bind9/9.3.6-P1, vendor/bind9/9.4.3-P1, vendor/file/4.26, release/7.1.0_cvs, release/7.1.0, vendor/openbsm/1.1-ALPHA-4, vendor/bind9/9.4.3, vendor/resolver/9.4.3, vendor/pf-sys/4.4, vendor/pf-sys/4.3, vendor/pf-sys/4.2, vendor/pf/4.4, vendor/pf/4.3, vendor/pf/4.2, release/6.4.0_cvs, release/6.4.0, vendor/openbsm/1.1-ALPHA-2, vendor/ncurses/5.7-20081102, vendor/tzdata/tzdata2008i |
|
#
1ede983c |
| 23-Oct-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Retire the MALLOC and FREE macros. They are an abomination unto style(9).
MFC after: 3 months
|
Revision tags: vendor/tzdata/tzdata2008h, vendor/tzdata/tzdata2008g, vendor/netcat/4.4, vendor/openssl/0.9.8i, vendor/tzdata/tzdata2008f, vendor/gdtoa/20080831, vendor/bind9/9.3.5-P2, vendor/bind9/9.4.2-P2, vendor/sendmail/8.14.3, vendor/ath/0.10.5.10, vendor/ntp/4.2.4p5, vendor/tzdata/tzdata2008e, vendor/tzdata/tzdata2008d, vendor/tzdata/tzdata2008c, vendor/pf-sys/4.1.001, vendor/openssh/5.1p1, vendor/openssh/5.0p1, vendor/openssh/4.9p1, vendor/openssh/4.7p1, vendor/openssh/4.6p1, vendor/bind9/9.3.5-P1, vendor/bind9/9.3.5, vendor/bind9/9.4.2-P1, vendor/misc-GNU/cpio/2.8, vendor/binutils/2.15.20040523 |
|
#
17c2fc0c |
| 22-May-2008 |
Robert Watson <rwatson@FreeBSD.org> |
When sendto(2) is called with an explicit destination address argument, call mac_socket_check_connect() on that address before proceeding with the send. Otherwise policies instrumenting the connect
When sendto(2) is called with an explicit destination address argument, call mac_socket_check_connect() on that address before proceeding with the send. Otherwise policies instrumenting the connect entry point for the purposes of checking destination addresses will not have the opportunity to check implicit connect requests.
MFC after: 3 weeks Sponsored by: nCircle Network Security, Inc.
show more ...
|
Revision tags: vendor/opensolaris/20080410, vendor/ncurses/5.6-20080503, vendor/expat/2.0.1, vendor/com_err/1.1.0, vendor/heimdal/1.1.0 |
|
#
ae11a989 |
| 27-Apr-2008 |
Robert Watson <rwatson@FreeBSD.org> |
When writing trailers in sendfile(2), don't call kern_writev() while holding the socket buffer lock. These leads to an immediate panic due to recursing the socket buffer lock. This bug was introduc
When writing trailers in sendfile(2), don't call kern_writev() while holding the socket buffer lock. These leads to an immediate panic due to recursing the socket buffer lock. This bug was introduced in uipc_syscalls.c:1.240, but masked by another bug until that was fixed in uipc_syscalls.c:1.269.
Note that the current fix isn't perfect, but better than panicking: normally we guarantee that simultaneous invocations of a system call to write on a stream socket won't be interlaced, which is ensured by use of the socket buffer sleep lock. This is guaranteed for the sendfile headers, but not trailers. In practice, this is likely not a problem, but should be fixed.
MFC after: 3 days Pointy hat to: andre (1.240), cperciva (1.269)
show more ...
|
Revision tags: vendor/opensolaris/20080410a, vendor/gcc/trunk_20080418-SVN134423, vendor/netcat/4.3 |
|
#
ea26d587 |
| 25-Mar-2008 |
Ruslan Ermilov <ru@FreeBSD.org> |
Replaced the misleading uses of a historical artefact M_TRYWAIT with M_WAIT. Removed dead code that assumed that M_TRYWAIT can return NULL; it's not true since the advent of MBUMA.
Reviewed by: arch
Replaced the misleading uses of a historical artefact M_TRYWAIT with M_WAIT. Removed dead code that assumed that M_TRYWAIT can return NULL; it's not true since the advent of MBUMA.
Reviewed by: arch
There are ongoing disputes as to whether we want to switch to directly using UMA flags M_WAITOK/M_NOWAIT for mbuf(9) allocation.
show more ...
|
Revision tags: vendor/tzdata/tzdata2008b, vendor/bzip2/1.0.5, vendor/misc-GNU/cvs/1.11-20080310, vendor/tcsh/6.15b, vendor/tzdata/tzdata2008a, vendor/bsnmp/syrinx_20080307_bugfix, release/7.0.0_cvs, release/7.0.0 |
|
#
49186916 |
| 24-Feb-2008 |
Colin Percival <cperciva@FreeBSD.org> |
After finishing sending file data in sendfile(2), don't forget to send the provided trailers. This has been broken since revision 1.240.
Submitted by: Dan Nelson PR: kern/120948 "sounds ok to me"
After finishing sending file data in sendfile(2), don't forget to send the provided trailers. This has been broken since revision 1.240.
Submitted by: Dan Nelson PR: kern/120948 "sounds ok to me" from: phk MFC after: 3 days
show more ...
|
#
60e15db9 |
| 23-Feb-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
This patch adds a new ktrace(2) record type, KTR_STRUCT, whose payload consists of the null-terminated name and the contents of any structure you wish to record. A new ktrstruct() function construct
This patch adds a new ktrace(2) record type, KTR_STRUCT, whose payload consists of the null-terminated name and the contents of any structure you wish to record. A new ktrstruct() function constructs and emits a KTR_STRUCT record. It is accompanied by convenience macros for struct stat and struct sockaddr.
In kdump(1), KTR_STRUCT records are handled by a dispatcher function that runs stringent sanity checks on its contents before handing it over to individual decoding funtions for each type of structure. Currently supported structures are struct stat and struct sockaddr for the AF_INET, AF_INET6 and AF_UNIX families; support for AF_APPLETALK and AF_IPX is present but disabled, as I am unable to test it properly.
Since 's' was already taken, the letter 't' is used by ktrace(1) to enable KTR_STRUCT trace points, and in kdump(1) to enable their decoding.
Derived from patches by Andrew Li <andrew2.li@citi.com>.
PR: kern/117836 MFC after: 3 weeks
show more ...
|
#
1b708999 |
| 14-Feb-2008 |
Simon L. B. Nielsen <simon@FreeBSD.org> |
Fix sendfile(2) write-only file permission bypass.
Security: FreeBSD-SA-08:03.sendfile Submitted by: kib
|