routing caused by stale route caches (struct route). Route caches
are sprinkled throughout PCBs, the IP fast-forwarding table, and
IP tunnel interfaces (gre, gif, stf).
Stale IPv6 and ISO route caches will be treated by separate patches.
Thank you to Christoph Badura for suggesting the general approach
to invalidating route caches that I take here.
Here are the details:
Add hooks to struct domain for tracking and for invalidating each
domain's route caches: dom_rtcache, dom_rtflush, and dom_rtflushall.
Introduce helper subroutines, rtflush(ro) for invalidating a route
cache, rtflushall(family) for invalidating all route caches in a
routing domain, and rtcache(ro) for notifying the domain of a new
cached route.
Chain together all IPv4 route caches where ro_rt != NULL. Provide
in_rtcache() for adding a route to the chain. Provide in_rtflush()
and in_rtflushall() for invalidating IPv4 route caches. In
in_rtflush(), set ro_rt to NULL, and remove the route from the
chain. In in_rtflushall(), walk the chain and remove every route
cache.
In rtrequest1(), call rtflushall() to invalidate route caches when
a route is added.
In gif(4), discard the workaround for stale caches that involves
expiring them every so often.
Replace the pattern 'RTFREE(ro->ro_rt); ro->ro_rt = NULL;' with a
call to rtflush(ro).
Update ipflow_fastforward() and all other users of route caches so
that they expect a cached route, ro->ro_rt, to turn to NULL.
Take care when moving a 'struct route' to rtflush() the source and
to rtcache() the destination.
In domain initializers, use .dom_xxx tags.
KNF here and there.
- add a ses(4) major number as the MI MAKEDEV tries to create the
nodes. hi elad.
- create audio devices.
- provide mount_kernfs and a dmesg command.
- start sysinst automagically and fix backspace key.
Mostly prompted by David H. Gutteridge on port-hp700.
sysctl.7. Remove the list of MIBs from sysctl.8 so we don't have to
maintain duplicate information, as proposed by YAMAMOTO Takashi on
tech-userlevel. Also remove references to header files from sysctl.8.
The numeric constants remain documented, they are still needed in some
cases. See the discussion on tech-userlevel. ("mib list in sysctl.8")
OK by YAMAMOTO Takashi.
Cleanup dd options accordingly to the following policy:
1) put if, of, bs, conv in this order
2) for reading/writing from/to disk don't use sync
4) reading from tape - use sync
3) writing to tape - use osync
Noted by Don Yuniskis (auryn at gci-net.com) via install/13749. Thanks!
Reviewed by <martin>. Thank you!
Notable changes:
* Fixes PR 34268.
* Separates the code from gif(4) (which is more cleaner).
* Allows the usage of STP (Spanning Tree Protocol).
* Removed EtherIP implementation from gif(4)/tap(4).
Some input from Christos.
updating. Probably to an ACPI kernel that need not fit into an 'emulated floppy'
and a 'legacy' kernel that will fit.
In any case the small/tiny kernels which are really for i386 systems with
< 16MB of memory (some are sized for a 5.25" floppy) don't need to be built.
Remove bootfloppy-small, bootfloppy-tiny, rescue-tiny and bootfloppy-ps2
and associated ramdisks.
Also, add ioctls SIOCGIFADDRPREF/SIOCSIFADDRPREF to get/set preference
numbers for addresses. Make ifconfig(8) set/display preference
numbers.
To activate source-address selection policies in your kernel, add
'options IPSELSRC' to your kernel configuration.
Miscellaneous changes in support of source-address selection:
1 Factor out some common code, producing rt_replace_ifa().
2 Abbreviate a for-loop with TAILQ_FOREACH().
3 Add the predicates on IPv4 addresses IN_LINKLOCAL() and
IN_PRIVATE(), that are true for link-local unicast
(169.254/16) and RFC1918 private addresses, respectively.
Add the predicate IN_ANY_LOCAL() that is true for link-local
unicast and multicast.
4 Add IPv4-specific interface attach/detach routines,
in_domifattach and in_domifdetach, which build #ifdef
IPSELSRC.
See in_getifa(9) for a more thorough description of source-address
selection policy.
({v,}syslog_{r,ss}) and the corresponding openlog_r/setlogmask_r/closelog_r
functions.
This should allow sparc64 to build its ramdiskbin again.
Reviewed by christos@
* simplify commands to extracts sets & pkgsrc
* add spaces around \(em - why this isn't rendered as — is far
beyond me, can someone with *roff fu have a look?
Inspired by posting by James K. Lowden on netbsd-docs.
XXX the hardware list needs real work. :(
as the bootcd* CDs just with the install sets added to
the CD as well.
XXX 1) The implementation of this is rather cludgy (copying sets around),
as our makefs(8) can't put files from multiple directories into
one image -- something that mkisofs can do with 'graft' points
XXX 2) This should be run after 'build.sh release' - It would be nice
if we had a seperate stage to add such hooks in our build framework
keys and returns them in an array. This effectively allows a caller
to mutate a dictionary while iterating over it (really, you iterate
over the array of keys instead of the dictionary itself).
- Add a slew of utility functions that make it more convenient (in some
circumstances, anyway) to get/set values in a dictionary.
newer server chipsets) to wm(4), from the FreeBSD em(4) driver.
While there, add a few other Intel Ethernet controller that should work as
is.
Properly update the RX error and TX collision counters.
Add ikphy(4), a driver for the Intel i82563 Kumeran 10/100/1000 Ethernet PHYs
necessary target system headers (<fs/unicode.h> and <fs/cd9660/iso.h>)
because system headers for the host (like <sys/stat.h>) are also pulled
from there and it causes build errors if target src tree is different
from installed one on the host.
Instead, copy the necessary system headers for host's programs into
${.OBJDIR} first.
Problem reported from Geert Hendrickx, and there is no particular comment
on tech-toolchain.
newfs and mount the target filesystem.
In Hauke's words: "Basically, the mac68k md_make_bsd_partitions() function,
which replaces the MI make_bsd_partitions() because the mac68k port does not
have an on-disk BSD disklabel, neglected to sign up BSD partitions for
newfs'ing and mounting by setting the appropriate flags."
Revert the commit to the install notes (rev. 1.14 of notes/mac68k/prep) which
added a warning and a workaround for this bug, as requested by hubertf in the
PR log.
happen in the TCP stack, this interface calls the specified callback to
handle the situation according to the currently selected congestion
control algorithm.
A new sysctl node was created: net.inet.tcp.congctl.{available,selected}
with obvious meanings.
The old net.inet.tcp.newreno MIB was removed.
The API is discussed in tcp_congctl(9).
In the near future, it will be possible to selected a congestion control
algorithm on a per-socket basis.
Discussed on tech-net and reviewed by <yamt>.
subsystems, based on work by YAMAMOTO Takashi. This is intended to
be used by other subsystems (such as the proc_*() or lwp_*() routines)
rather than directly by consumers.
instead you have config_search_{loc,ia}. Add documentation for
config_finalize_regsiter, too. Mostly fixes PR#32106 by Gavan Fantom, as I
think the cfdriver_* and cfattach_* stuff should be documented too, but I'm
not entirely sure where yet.
I have commited a different version than in the PR, it lacks a license
but if it warrants one we can stick the TNF standard on it. It's just
a main() routine that calls revoke(2).
"yes", and abort if it is "no" - not vice versa.
XXX - when returning to the utilities menu loop, the menu message should
be output again, I think. I couldn't figure out how that is supposed to
be done though.
plist-based messages and to eliminate looping previously required to
receive a plist from the kernel:
- prop_dictionary_copyin_ioctl() and prop_dictionary_copyout_ioctl()
now take the cmd argument rather than the file open flag. The
read-ness or write-ness of an ioctl command is checked by these
routines to ensure that information is being passed to/from the
userland component properly.
- prop_dictionary_copyout_ioctl() now allocates the memory for the
XML plist on behalf of the userland component by way of uvm_mmap().
The XML plist is copied out to the newly-mapped anonymous region,
and the pointer returned via the plistref.
- prop_dictionary_recv_ioctl() is responsible for munmap()'ing the
region after parsing the XML plist into internal represenatation.
- A new prop_dictionary_sendrecv_ioctl() is added, allowing user space
code to send a dictionary to the kernel and receive one back as a
reply.
Update users of prop_kern for the API changes (Bluetooth).
This constitutes an ABI / protocol change -- but this will also be put
into NetBSD 4.0 so that the first proplib release will implement the new
scheme.
on (some) OpenFirmware 2.x machines.
Current macppccd.iso image doesn't boot on Openfirmware 2.x
(and probably 1.0.5) machines because it uses pre-compiled binary
which is based on old (and customized) bootxx.
It causes version mismatch against newer ofwboot whose load address
has been changed from 0x600000 to 0xe00000, as mentioned in the
following post:
http://mail-index.netbsd.org/port-macppc/2004/12/14/0020.html
There was also an raw binary which was passed to mkisofs as -boot-hfs-file.
To fix these issue, prepare a simple mkhfsboot program which creates
a boothfs file with the Apple partition map info for mkisofs,
and modify macppc_installboot to search the secondary ofwboot from isofs
and to put and modify the primary bootxx accordingly.
See PR toolchain/30245 for more details.
There are still some machines which don't boot from an iso image created
by this method (G3 machines with OF 2.0f1 etc.), but it's still better
than to keep ugly and obsolete hacks.
Ok'ed by macallan, and there is no other particular comment about this PR.
Fleming.
This one has some nice options -- for example, an admin can run right
after installing a system:
fpgen -D
and it will fingerprint a set of "common" system directories to the
default loaction. See the man-page for more stuff.
Performance-wise, here are results for both fpgen.sh (old) and this
new tool:
474.599u 574.335s 13:53.05 125.9% 0+0k 0+307io 0pf+0w
0.424u 0.131s 0:00.56 98.2% 0+0k 0+2io 0pf+0w
...guess which is which? (that's ~1500 times *faster*)
super-user and securelevel.
The securelevel part was compiled of text from both init(8) and OpenBSD's
securelevel(7), and brought in-sync with what we really do.
- have checkflist do a second possibly case insensitive check for
files which are missing from DESTDIR
- have postinstall require exact case matches for obsolete files
remove pseudo-device btdev(4) and inherent limitations
add bthub(4) which autoconfigures at bluetooth controllers as they
are enabled. bluetooth devices now attach here.
btdevctl(8) and its cache is updated to handle new semantics
etc/rc.d/btdevctl is updated to configure devices from a list
in /etc/bluetooth/btdevctl.conf
- Add a few scopes to the kernel: system, network, and machdep.
- Add a few more actions/sub-actions (requests), and start using them as
opposed to the KAUTH_GENERIC_ISSUSER place-holders.
- Introduce a basic set of listeners that implement our "traditional"
security model, called "bsd44". This is the default (and only) model we
have at the moment.
- Update all relevant documentation.
- Add some code and docs to help folks who want to actually use this stuff:
* There's a sample overlay model, sitting on-top of "bsd44", for
fast experimenting with tweaking just a subset of an existing model.
This is pretty cool because it's *really* straightforward to do stuff
you had to use ugly hacks for until now...
* And of course, documentation describing how to do the above for quick
reference, including code samples.
All of these changes were tested for regressions using a Python-based
testsuite that will be (I hope) available soon via pkgsrc. Information
about the tests, and how to write new ones, can be found on:
http://kauth.linbsd.org/kauthwiki
NOTE FOR DEVELOPERS: *PLEASE* don't add any code that does any of the
following:
- Uses a KAUTH_GENERIC_ISSUSER kauth(9) request,
- Checks 'securelevel' directly,
- Checks a uid/gid directly.
(or if you feel you have to, contact me first)
This is still work in progress; It's far from being done, but now it'll
be a lot easier.
Relevant mailing list threads:
http://mail-index.netbsd.org/tech-security/2006/01/25/0011.htmlhttp://mail-index.netbsd.org/tech-security/2006/03/24/0001.htmlhttp://mail-index.netbsd.org/tech-security/2006/04/18/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/05/15/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/08/01/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/08/25/0000.html
Many thanks to YAMAMOTO Takashi, Matt Thomas, and Christos Zoulas for help
stablizing kauth(9).
Full credit for the regression tests, making sure these changes didn't break
anything, goes to Matt Fleming and Jaime Fournier.
Happy birthday Randi! :)
executable in the source ".tgz" files. This is necessary while
bootstrapping the toolchain which isn't done using NetBSD makefiles.
This should fix PR toolchain/34489 by Kirk Russell.
file system that covers the whole disk but marking most of it in use somehow.
Make this easier to deal with by detecting an existing RISC iX partition and
displaying its starting cylinder.
This program should really go away and its job be done by sysinst and/or
disklabel, but not today.
macros, __BIT, __BITS, SHIFTIN, SHIFTOUT, and __arraycount() from
lib/libkern/libkern.h to sys/cdefs.h. Add a __-prefix to SHIFTIN
and SHIFTOUT, and add a manual page for the bit-twiddling macros,
bits(3).
Make the __BIT and __BITS macros "widthless," as best I can, by
changing their type to uintmax_t from uint32_t. XXX The manual
page lags this change by a bit.
Define __PRIxBIT and __PRIxBITS printf(3) format strings.
- Arrays can now be externalized and internalized in the same way
dictionaries can.
- Add new "externalize to file" and "internalize from file" functions
to make reading a property list from a file and writing a property
list to a file more convenient.
- Many assertions in the object implementations are gone. Instead,
calling an accessor for one object type with a different object type
as an argument will return a suitable "invalid" value.
- prop_object_type() now returns a new PROP_TYPE_UNKNOWN value if called
with a NULL object.
- Externalized property lists now contain a reference to the Apple XML
plist DTD.
- Add a new prop_ingest(3) facility, which provides a convenient way to
translate a dictionary into an arbitrary binary representation.
While it can be made to compile, the paradigm is not quite right because
it attempts to contact the filesystem during autoconfig which sometimes
causes a panic. Even if that was fixed, there is another potential problem
in that the driver tries/sleeps/tries/sleeps and the sleep could
theoretically sleep past the rc.d/btconfig stage and the controller
would remain unconfigured.
So, I have prepared a different method for loading the firmware to
Broadcom BCM2033 chip based devices. A package 'sysutils/bcmfw' will load
the firmware files via a ugen(4) device interface.
This update removes the ubtbcmfw(4) driver and adds a table to the ubt(4)
driver so that it will not attach to Broadcom BCM2033 based devices before
the firmware was loaded.
This fixes kern/34219