Commit Graph

135734 Commits

Author SHA1 Message Date
yamt
01c07ef7bd fix unreasonably frequent "killed: out of swap" on systems which have
little or no swap.
- even on a severe swap shortage, if we have some amount of file-backed pages,
  don't bother to kill processes.
- if all pages in queue will be likely reactivated, just give up
  page type balancing rather than spinning unnecessarily.
2005-04-12 13:11:45 +00:00
itohy
1bf2f3ae6e Add usb_find_desc_if(), which is similar to usb_find_desc(),
but searches only in the specified interface rather than
in whole configuration.
2005-04-12 13:10:14 +00:00
martin
9edc493234 When creating an int hash value from pointer, go via intptr_t.
Fixes PR 29953.
2005-04-12 12:42:02 +00:00
wiz
5c35c1667a Improve formatting. 2005-04-12 11:50:29 +00:00
drochner
10e5ded54b add definition for "security freeze" 2005-04-12 11:45:40 +00:00
drochner
e69243d0ea document the "security" command 2005-04-12 11:41:14 +00:00
drochner
48eac6e41a Implement a "security" command with subcommands to query the status of
the "security" extension and to "freeze" it. With the security extension
frozen, disk passwords cannot be set anymore, until the next hard reset.
Normally, this is the business of the BIOS, but older/buggy/embedded
BIOSes don't care. This leaves the (theoretical) possibility that a
malicious program in posession of superuser rights sets a disk password,
rendering the disk useless (or at least uneconomical to recover from).
Inspired by an article in the german "ct" magazine.
Being here, consolidate the implementations of IDENTIFY into one, and
fix an obvious alignment problem.
2005-04-12 11:40:46 +00:00
perseant
4c0e96afd6 Use the buffer cache improvements from fsck_lfs. Make it build again. 2005-04-12 01:06:39 +00:00
jwise
ed335360d1 Provide obsolete list entries for old names of pfspamd et al. 2005-04-11 23:39:12 +00:00
perseant
1d4cc6a17b Be more efficient with the hash tables for the buffer and vnode caches.
Note that roll-forward can add more inodes to the filesystem; don't overflow
the tables but reallocate them.
2005-04-11 23:19:24 +00:00
jwise
d4a770bc93 spamd (et al) man pages have also changed to pfspamd (et al). 2005-04-11 22:42:47 +00:00
jwise
d757dd5564 spamd (et al) -> pfspamd (et al). 2005-04-11 22:35:45 +00:00
jwise
d32dabfd88 Per discussion on tech-userlevel and tech-security, install `spamd',
`spamd-setup', and `spamdb' as `pfspamd', `pfspamd-setup', and `pfspamdb'.

To quote Steven M. Bellovin:

  This [having a program in basesrc with the same name as a widely used and
  completely different program in pkgsrc] is a seriously bad idea; it
  violates the rule of least surprise.  That's bad enough in normal
  situations; here, we're talking about security.  You do *not* want to
  confuse people about security features; they're hard enough to get right
  as is.
2005-04-11 22:34:18 +00:00
yamt
a69d29a9d9 mention pf mailing list. 2005-04-11 22:22:58 +00:00
nathanw
1e16e443e6 Rewrite the inner loop of vcopypage() and vzeropage() to be entirely
in inline asm and include turning the DMMU off and back on. This
prevents the compiler (especially gcc -O0) from inserting accesses to
locations in virtual address space when such accesses would fail.
2005-04-11 18:35:38 +00:00
jmcneill
c674ab7b1d Add ac97_attach_type(), to allow the hw driver to skip probes for audio or
modem devices. ac97_attach now calls ac97_attach_type() with
AC97_CODEC_TYPE_AUDIO, for backwords compatibility.
2005-04-11 18:26:48 +00:00
jmcneill
89a6dc2733 Add ICH_CODEC_OFFSET definition 2005-04-11 18:25:38 +00:00
peter
271ad04cd9 Allow an underscore as first character and embedded underscores & dots
for login and group names.

Fixes PR misc/29913 from Arto Selonen.
2005-04-11 15:46:42 +00:00
cube
7f25e48562 Add a note into 20050325 entry that the speaker might not even play any
sound if you don't add an attimer(4) device, as pointed out by Steven M.
Bellovin.
2005-04-11 15:36:46 +00:00
wiz
f5d4b0a380 Remove duplicate word, from Wojciech A. Koszek in PR 29938. 2005-04-11 12:19:16 +00:00
yamt
f12efb9990 fix a bug which corrupts runqueue.
when dealing with events, which are handed to xenevt pseudo device,
don't call wakeup(9)/selnotify(9) at too high IPL.  PR/29792.
2005-04-11 12:10:31 +00:00
jmcneill
cc976626a7 i82801CA is an ICH3, not ICH2. Fix typo in auich_modem_devices. Pointed out
by Nicolas Joly.
2005-04-11 11:20:45 +00:00
yamt
108d62f302 xencons_start: retry when queue is full. 2005-04-11 10:48:14 +00:00
enami
fa07a48b77 Don't put a space before function call operator. 2005-04-11 10:39:06 +00:00
enami
e61e3e0913 byte offset and line count shouldn't be initialized inside the loop. 2005-04-11 09:41:02 +00:00
enami
168f415563 Fix indent and wrap long lines. 2005-04-11 09:40:15 +00:00
yamt
e73431068c don't stamp soft interrupts. 2005-04-11 09:24:04 +00:00
perseant
8d71ddbc4d Ensure that "align" is a power of two before passing it as an argument
to uvm_map().  Approved by pk@.
2005-04-11 05:56:11 +00:00
lukem
b7856deff5 typo in previous 2005-04-11 05:47:56 +00:00
matt
2d8931a849 Fix mode printing. (don't panic on unmatched devices) 2005-04-11 04:24:54 +00:00
lukem
a2fc7ddaf6 gratuitous whitespace cleanup (before someone else jumps the gun...) 2005-04-11 01:49:31 +00:00
lukem
50ff8d4548 Implement a timeout on the accept(2) in dataconn() and the
connect(2) in xconnect() by temporarily setting O_NONBLOCK
on the socket and using xpoll() to wait for the operation
to succeed.
The timeout used is the '-q quittime' argument (defaults to
60s for accept(2), and the system default for connect(2)).
Idea inspired by discussion with Chuck Cranor.
This may (indirectly) fix various problems with timeouts
in active mode through broken firewalls.

Implement xpoll() as a wrapper around poll(2), to make it
easier to replace on systems without a functional poll(2).
Unconditionally use xpoll() instead of conditionally using
select(2) or poll(2).
2005-04-11 01:43:31 +00:00
perry
47e0ea84da change a set of spaces to " \t" 2005-04-10 23:02:01 +00:00
manu
5a6c417352 Resurrect TCP-MD5 support. This fixes bin/29915 2005-04-10 21:20:55 +00:00
itohy
34088139ab The definition of IRFRAMEDISC (10) is incorrect since the value is dynamic.
The *DISC definition is only for backward compatibility with deprecated
TIOC[GS]ETD ioctls, and not needed for new TIOC[GS]LINED ioctls.
The value of IRFRAMEDISC has never been correct, so we don't have any
compatibility to be kept.
Just remove the IRFRAMEDISC defintion.
2005-04-10 14:28:11 +00:00
christos
857a611be2 s/getpwnam/sgetpwnam/ Found by John Nemeth. 2005-04-10 08:21:36 +00:00
christos
c4402ab05e Use getpwnam_r; from John Nemeth 2005-04-10 08:05:40 +00:00
tron
7b5f51876d Comment out options for PPP compression and active filtering. They are not
necessary in an installation kernel but increase the size considerably.
This fixes PR port-amd64/29928.
2005-04-10 07:53:06 +00:00
lukem
ec95ee57f7 In fetch_url(), don't call freeaddrinfo(res0) too early, as we use pointers
to its contents later in the function.
Problem found by Onno van der Linden.
2005-04-10 03:13:23 +00:00
nakayama
78fc87188c Add "skey" tag to pam_skey.[08]. 2005-04-10 02:48:45 +00:00
christos
382db3eda9 Use getpwnam_r. From john nemeth. 2005-04-09 22:43:51 +00:00
matt
38b7b2fcde Merge updates to algorithms from i386 switch code. 2005-04-09 20:53:19 +00:00
matt
7fa678813d Add STACKSPACE 2005-04-09 20:50:27 +00:00
matt
e722e50c79 Rework and cleanup. Don't use REI, fake a call frame instead. 2005-04-09 20:49:02 +00:00
matt
17a5fd3419 Start the args after the argc. Return to resumecontext after the entry mask. 2005-04-09 20:46:56 +00:00
matt
246a055522 Remove upcall trampoline. We don't need it anymore. 2005-04-09 20:44:56 +00:00
matt
a557cac030 Rework cpu_upcall. Actually build a stack frame and argument list and
don't use a trampoline.
2005-04-09 20:44:24 +00:00
christos
2f3bdfce80 Don't ignore SIGCHLD, because we are not going to get kqueue notifications
about it if we do.
2005-04-09 20:14:55 +00:00
tron
d1aaf206df We don't need to link hardware independent X11 servers with the "i386"
library under NetBSD-i386.
2005-04-09 18:00:01 +00:00
jschauma
0351658cc8 Some improvements and fixes.
From Mirko Thiesen in private mail.
2005-04-09 17:24:43 +00:00