and signal the root hub interrupt only once we are succesfully able
to open the device node. This makes it possible to insert a device
after the rump kernel was booted and have it succesfully attach
(does not make detach possible yet, though, as there are some
ugen and host kernel uhci/ohci/ehci evil crashies with that).
XXX: optimally, match would fail if there is a permanent error in
opening. However, it is difficult to figure out the difference
between the device backing ugen not being present, a transient
error in opening and a permanent error in opening. For example,
which of the latter two would EPERM be? And, ugen returns ENXIO
if the device is not present, but how would be know that's really
the case and not some other ENXIO from elsewhere in the stack?
This blocks an easy exploit of kernel bugs leading to dereference
of a NULL pointer on some architectures (eg i386).
The check can be disabled in various ways:
-by CPP definitions in machine/types.h (portmaster's choice)
-by a kernel config option USER_VA0_DISABLED_DEFAULT=0
-at runtime by sysctl vm.user_va0_disabled (cannot be cleared
at securelevel>0)
if the timezone file fails to load, due to late initialization of sp->goahead
to false in tzload, causing localsub to return NULL in the "cannot happen"
case. The fix is belt and suspenders:
- initialize sp->goback and sp->goahead very early in tzload
- replace all malloc calls with callocs, and remove the bogus
casts (it is not the 70's anymore!)
after readdir is called for the root dir the first time (yes,
there's still a window of wrong link count after the fs is mounted.
it's currently quite difficult to call sftp_readdir() from outside
the main loop).
Should fix "find /mnt" problem for a mountpoint with more than the
"guessed" amount of subdirectories, as reported by dyoung.
They will cause unnecessary non-equiv alias handling on PA1.x machines if
PA2.0 cpu support is compiled into the kernel. GENERIC currently doesn't
have this support enabled.
The performance hit of this needs testing.