The client manager (venus) blocks in sys_mount() before entering its
event loop answering requests from the kernel device (cfs). sys_mount()
calls VFS_STATFS() internally which caused an upcall through cfs,
which was never answered.
Now don't consider the fs fully mounted before the VFS_START() was
called at the vey end of sys_mount(). So VFS_STATFS() will return
an error which is ignored.
and the subsequent namei(): inform the kernel portion of
valid filenames and then disallow symlink lookups for
those filenames by means of a hook in namei().
with suggestions from provos@
also, add (currently unused) seqnr field to struct
systrace_replace, from provos@
and make the stack and heap non-executable by default. the changes
fall into two basic catagories:
- pmap and trap-handler changes. these are all MD:
= alpha: we already track per-page execute permission with the (software)
PG_EXEC bit, so just have the trap handler pay attention to it.
= i386: use a new GDT segment for %cs for processes that have no
executable mappings above a certain threshold (currently the
bottom of the stack). track per-page execute permission with
the last unused PTE bit.
= powerpc/ibm4xx: just use the hardware exec bit.
= powerpc/oea: we already track per-page exec bits, but the hardware only
implements non-exec mappings at the segment level. so track the
number of executable mappings in each segment and turn on the no-exec
segment bit iff the count is 0. adjust the trap handler to deal.
= sparc (sun4m): fix our use of the hardware protection bits.
fix the trap handler to recognize text faults.
= sparc64: split the existing unified TSB into data and instruction TSBs,
and only load TTEs into the appropriate TSB(s) for the permissions.
fix the trap handler to check for execute permission.
= not yet implemented: amd64, hppa, sh5
- changes in all the emulations that put a signal trampoline on the stack.
instead, we now put the trampoline into a uvm_aobj and map that into
the process separately.
originally from openbsd, adapted for netbsd by me.
descriptions of WinCE behavior from Ge'rard Gambaro (jornada.free.fr).
Not tested on an actual ABF unit.
Hidden under #if 0, as we don't have a platform id for French Jornadas yet.
But I think it's better off committed before it's got lost.
- use file buffer for all block reads
- only save a small amount of the indirect block list
Allows i386 bootxx_ufs code to load /boot from a filesystem with 32k blocks
while still fitting inside 64k of memory.
Code size reduced as well (by ~1k on i386).
It ought to be possible to use a buffer that is smaller than a filesystem
block. This might be needed in order to boot from filesystems with larger
block sizes.
replace the set_socket() method of passing an extra struct socket*
argument to ip6_output() with a new explicit struct in6pcb* argument.
(The underlying socket can be obtained via in6pcb->inp6_socket.)
In preparation for fast-ipsec. Reviewed by itojun.
argument to ip6_output() with a new explicit struct in6pcb* argument.
(The underlying socket can be obtained via in6pcb->inp6_socket.)
In preparation for fast-ipsec. Reviewed by itojun.
observation is that some 570x devices can get themselves into a state
where they miscompute off-loaded TCP or UDP checksums on packets so
small that Ethernet padding is required. Further obsevation suggests
that the bge checksum-offload hardware is adding those padding bytes
into its TCP checksum computation. (Once a 5700 gets in this state,
even a warm boot won't fix it: it needs a hard powerdown.)
Work around the problem by padding such runts with zeros: even if the
checksum-offload adds in extra zeros, the resulting sum will be correct.
Also, dont trust the checksum-offload on received packets smaller than
the minimum ethernet frame, in case the Rx-side has a similar bug.
Finally, on packets where we do trust the outboard Rx-side TCP or UDP
checksum, the bge did not include the pseudo-header. Set the
M_CSUM_NO_PSEUDOHDR bit as well as M_CSUM_DATA, and rely on
udp_input() or tcp_input() adding in the sum via in_cksum_phdr().
if we m_dup() a packet to compactify it, and later run out of DMA
descriptors, bge_encap() will return ENOBUFS, hoping the driver will
try again later. But we have just m_freem()'d the original chain
which was m_dup()'d, leaving a pointer to the just-freed packet header
in the tx queue.
Fix by always walking the chain, shuffling data towards the head;
except if we find a runt in the very last mbuf, we must borrow data
from its predecessor.
(Patch is verbatim from a third-party tree, apologies for any style woes.)
Sam Leffler's FreeBSD commit message was
``to eliminate context switch when returning results from the
software crypto driver''
but the patch also contains the CRYPTO_SESID*() macros used in newer
ubsec and hifn drivers.
as argument passed by value' trick, as gcc 3.3.x makes (valid) assumptions
about the stack that will not be true. Costs 2 instructions per trap/syscall
on i386, 4 per interrupt for MP. One instruction per trap/syscall on amd64,
2 per interrupt for MP. I expect gcc 3.3.1 to make up for this by better
optimization (it'd better..)
While here, make amd64 compile again by using subr_mbr_disk.c