Notable changes:
* Fixes PR 34268.
* Separates the code from gif(4) (which is more cleaner).
* Allows the usage of STP (Spanning Tree Protocol).
* Removed EtherIP implementation from gif(4)/tap(4).
Some input from Christos.
XXX: We still install rmd160.h and sha2.h in /usr/include/crypto, unlike
the other hash functions which get installed in /usr/include for compatibility.
subsystems, based on work by YAMAMOTO Takashi. This is intended to
be used by other subsystems (such as the proc_*() or lwp_*() routines)
rather than directly by consumers.
- if allocated in the MI range, it breaks the builds for ports that do
not use it
- if allocated in the MD range, 3ware's tw_cli tool will break because it
hardcodes the major
remove pseudo-device btdev(4) and inherent limitations
add bthub(4) which autoconfigures at bluetooth controllers as they
are enabled. bluetooth devices now attach here.
btdevctl(8) and its cache is updated to handle new semantics
etc/rc.d/btdevctl is updated to configure devices from a list
in /etc/bluetooth/btdevctl.conf
- Add a few scopes to the kernel: system, network, and machdep.
- Add a few more actions/sub-actions (requests), and start using them as
opposed to the KAUTH_GENERIC_ISSUSER place-holders.
- Introduce a basic set of listeners that implement our "traditional"
security model, called "bsd44". This is the default (and only) model we
have at the moment.
- Update all relevant documentation.
- Add some code and docs to help folks who want to actually use this stuff:
* There's a sample overlay model, sitting on-top of "bsd44", for
fast experimenting with tweaking just a subset of an existing model.
This is pretty cool because it's *really* straightforward to do stuff
you had to use ugly hacks for until now...
* And of course, documentation describing how to do the above for quick
reference, including code samples.
All of these changes were tested for regressions using a Python-based
testsuite that will be (I hope) available soon via pkgsrc. Information
about the tests, and how to write new ones, can be found on:
http://kauth.linbsd.org/kauthwiki
NOTE FOR DEVELOPERS: *PLEASE* don't add any code that does any of the
following:
- Uses a KAUTH_GENERIC_ISSUSER kauth(9) request,
- Checks 'securelevel' directly,
- Checks a uid/gid directly.
(or if you feel you have to, contact me first)
This is still work in progress; It's far from being done, but now it'll
be a lot easier.
Relevant mailing list threads:
http://mail-index.netbsd.org/tech-security/2006/01/25/0011.htmlhttp://mail-index.netbsd.org/tech-security/2006/03/24/0001.htmlhttp://mail-index.netbsd.org/tech-security/2006/04/18/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/05/15/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/08/01/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/08/25/0000.html
Many thanks to YAMAMOTO Takashi, Matt Thomas, and Christos Zoulas for help
stablizing kauth(9).
Full credit for the regression tests, making sure these changes didn't break
anything, goes to Matt Fleming and Jaime Fournier.
Happy birthday Randi! :)
is defined. if this option is present in the Makefile CFLAGS and we are
using GCC4, build kern_synch.c with -fno-reorder-blocks, so that this
actually works.
XXX be nice if KERN_SYNCH_BPENDTSLEEP_LABEL was a normal 'defflag' option
XXX but for now take the easy way out and make it checkable in CFLAGS.
The PIOBM is used by only one driver (will be added later,
stay tuned) and intruduce an attribute "ata_piobm" so that
it will be conditionally compiled in.
The "ata_dma" (busmastering transfer using ATA DMA mode) and
"ata_udma" (busmastering transfer using ATA Ultra DMA mode)
attributes are also added for consistency, but unused for now.
Fix MOBILE encapsulation. Add many debugging printfs (mainly
concerning UDP mode). Clean up the gre(4) code a bit. Add the
capability to setup UDP tunnels to ifconfig. Update documentation.
In UDP mode, gre(4) puts a GRE header onto transmitted packets,
and hands them to a UDP socket for transmission. That is, the
encapsulation looks like this: IP+UDP+GRE+encapsulated packet.
There are two ways to set up a UDP tunnel. One way is to tell the
source and destination IP+port to gre(4), and let gre(4) create
the socket. The other way to create a UDP tunnel is for userland
to "delegate" a UDP socket to the kernel.
dev/ic/wd33c93.c. This may not be the best WD33C93 driver we've
got, but it's the most recently worked on and probably the most
portable, so it seems like a good basis for further work (and in
particular an acorn26 driver for the Acorn SCSI card). There's
no functional change in this commit, and sgimips kernels still
compile.
Change the way in which bluetooth devices attach to system. The
new way is for devices to attach directly to a btdevN device via
its own control file /dev/btdevN.
- bthub(4) is replaced by btdev(4).
- /dev/bthubctl is replaced by /dev/btdevN.
- configuration now uses proplib(3) property lists.
- btcontrol(8) updated to use new API, and now uses private
- XML config file /var/db/btdev.xml.
- adapt to NVERIEXEC in init_sysctl.c.
- we now need "veriexec.h" for NVERIEXEC.
- "opt_verified_exec.h" -> "opt_veriexec.h", and include it only where
it is needed.
commands to the controller.
Add a amrctl(8) control tool, which for now only allows to get status
from the adapter (status of adapter, logical volumes and and individual
drives).
From FreeBSD, with some adjustements by Andrew Doran and me.
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
This allows us to convert aucom to just another com attachment, and cleanup
some code in the com_arbus.c.
Additionally, we use a common com_cleanup routine rather than having a
zillion copies of it in the attachment points.
This has been tested on a number architectures, and it has been shown to get
close to comparable performance when COM_REGMAP is defined, and comparable
when it is not defined.
Approved by core@. Fixes PR port-evbmips/32362.
Merge from chap-midi branch, after
~month for review
Comments by thorpej@ drochner@ and Alexandre Ratchov
Incorporated: points by thorpej@ drochner@; preliminary support for
a stats-collecting ioctl suggested by martin@ from comments by A.R.
PR kern/32441 kern/32442 kern/32567 kern/32588 kern/32694 kern/33590
kern/33614 and one instance of kern/32651
ok martin@
2. implement solaris-like kmem_alloc/free api, using #1.
(note: this implementation is backed by kernel_map, thus can't be
used from interrupt context.)
NetBSD Foundation Membership still pending.) This stack was written by
Iain under sponsorship from Itronix Inc.
The stack includes support for rfcomm networking (networking via your
bluetooth enabled cell phone), hid devices (keyboards/mice), and headsets.
Drivers for both PCMCIA and USB bluetooth controllers are included.
- struct timeval time is gone
time.tv_sec -> time_second
- struct timeval mono_time is gone
mono_time.tv_sec -> time_uptime
- access to time via
{get,}{micro,nano,bin}time()
get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
require it. On most archs this does not change anything, but on sparc{,64}
it allows linking of kernels that have machfb as the only framebuffer.
Solution suggested by Quentin.
- add -Wno-attributes -Wno-pointer-sign to CWARNFLAGS.
- add -fno-strict-aliasing to CFLAGS [*]
our kernel again needs a bunch of work for this to be enabled.
* RFC 3542 isn't binary compatible with RFC 2292.
* RFC 2292 support is on by default but can be disabled.
* update ping6, telnet and traceroute6 to the new API.
From the KAME project (www.kame.net).
Reviewed by core.
gpioow(4), attaching a bit-banging driver via a GPIO pin. Also,
owtemp(4) which supports some of the 1-Wire temperature sensors, including
the DS18b20 and DS1920 - temperatures are returned via the envsys(4)
framework.
Original drivers by Alexander Yurchenko (grange@openbsd), with envsys(4)
support and a fix to the 1-wire search algorithm (for discovering
devices on the bus) by me.
As discussed on tech-kern earlier this week.
Use the opt_ah.h for the provided HAL to get options like AH_REGOPS_FUNC.
Add AH_REGOPS_FUNC to a few opt_ah.h that don't have it in this version
of the HAL but need it. (The next version from Sam should have this fixed
in it. If it doesn't, then we'll have to take care at import time.)
Ultimately, this should make future imports even easier, and individual ports
should not have to worry about whether AH_REGOPS_FUNC is properly defined or
not, since the opt_ah.h will just take care of it automatically.
Ok'd by dyoung@.
the rules due to needing to conditionally postprocess the HAL object file.
Macppc needs a a non-ELF HAL (EABI) object, so take care of that by default
in the atheros include file.
of digital video recorders popular in Europe and Australia.
These devices have a USB client port which can be used to upload and
download recordings (and other files, such as MIPS binaries for execution
on the DVR's CPU) to/from their internal hard disk, in addition to some
other operations on files and directories.
http://mail-index.netbsd.org/tech-net/2006/03/15/0000.html.
The new layout almost precisely matches FreeBSD, and should make
future imports much easier.
At the same time, import the current 0.9.16.16 HAL from FreeBSD. According
to sam@, this is the proper version we should be using.
and always call the simple_* locking functions. the locking functions
are compiled out if they are not needed anyway, so a separate option
for this doesn't gain anything.
this also fixes the serial console on my alpha ES40 (which doesn't make much
sense since the com driver should still be under the big lock on alpha,
but whatever).
get this makefile to execute the mkdep commands - no need for a submake
and xargs at that point.
However we do need to do something to stop the 'mkdep -d' and CLEANDEPEND
command lines being to long.
Note that 'echo ${xxx} | cmd' is ok because echo is a shell builtin, and
isn't (usually) subject to the kernel's command line limits.
an overflow occurs.
. Make this error a fatal build time error
. Move the support for dbsym into the MI Makefile.kern.inc,
conditional upon the SYMTAB_SPACE option being defined in
the kernel config file.
- rather than embedding bufq_state in driver softc,
have a pointer to the former.
- move bufq related functions from kern/subr_disk.c to kern/subr_bufq.c.
- rename method to strategy for consistency.
- move some definitions which don't need to be exposed to the rest of kernel
from sys/bufq.h to sys/bufq_impl.h.
(is it better to move it to kern/ or somewhere?)
- fix some obvious breakage in dev/qbus/ts.c. (not tested)
- Remove all NFS related stuff from file system specific code.
- Drop the vfs_checkexp hook and generalize it in the new nfs_check_export
function, thus removing redundancy from all file systems.
- Move all NFS export-related stuff from kern/vfs_subr.c to the new
file sys/nfs/nfs_export.c. The former was becoming large and its code
is always compiled, regardless of the build options. Using the latter,
the code is only compiled in when NFSSERVER is enabled. While doing this,
also make some functions in nfs_subs.c conditional to NFSSERVER.
- Add a new command in nfssvc(2), called NFSSVC_SETEXPORTSLIST, that takes a
path and a set of export entries. At the moment it can only clear the
exports list or append entries, one by one, but it is done in a way that
allows setting the whole set of entries atomically in the future (see the
comment in mountd_set_exports_list or in doc/TODO).
- Change mountd(8) to use the nfssvc(2) system call instead of mount(2) so
that it becomes file system agnostic. In fact, all this whole thing was
done to remove a 'XXX' block from this utility!
- Change the mount*, newfs and fsck* userland utilities to not deal with NFS
exports initialization; done internally by the kernel when initializing
the NFS support for each file system.
- Implement an interface for VFS (called VFS hooks) so that several kernel
subsystems can run arbitrary code upon receipt of specific VFS events.
At the moment, this only provides support for unmount and is used to
destroy NFS exports lists from the file systems being unmounted, though it
has room for extension.
Thanks go to yamt@, chs@, thorpej@, wrstuden@ and others for their comments
and advice in the development of this patch.
was developed as part of Google's Summer of Code 2005 program. This
change adds the kernel code, the mount_tmpfs utility, a regression test
suite and does all other related changes to integrate these.
The file-system is still *experimental*. Therefore, it is disabled by
default in all kernels. However, as typically done, a commented-out
entry is added in them to ease its setup.
Note that I haven't commited the required mountd(8) changes to be able
to export tmpfs file-systems because NFS support is still very unstable
and because, before enabling it, I'd like to do some other changes.
OK'ed by my project mentor, William Studenmund (wrstuden@).
system-specific values. Submitted by Chris Demetriou in Nov 1995 (!)
in PR kern/1781, modified only slighly by me.
This is enabled on a per-mount basis with the MNT_MAGICLINKS mount
flag. It can be enabled at mountroot() time by building the kernel
with the ROOTFS_MAGICLINKS option.
The following magic strings are supported by the implementation:
@machine value of MACHINE for the system
@machine_arch value of MACHINE_ARCH for the system
@hostname the system host name, as set with sethostname()
@domainname the system domain name, as set with setdomainname()
@kernel_ident the kernel config file name
@osrelease the releaes number of the OS
@ostype the name of the OS (always "NetBSD" for NetBSD)
Example usage:
mkdir /arch/i386/bin
mkdir /arch/sparc/bin
ln -s /arch/@machine_arch/bin /bin
martin