msdosfs_lookup() did no validation to see if the caller was validated
to delete/rename/create files. msdosfs_setattr() did no validation
to see if the caller was allowed to change the file permissions (turn
on/off the write bit) or update the file modification time (utimes).
The routines were fixed to validate the calls just like ufs does.
On Tue, 09 May 1995 04:35:27 PDT, Richard Stevens wrote:
> In tcp_dooptions() under the case TCPOPT_CC there is an assignment
>
> to->to_flag |= TCPOPT_CC;
>
> that should be
>
> to->to_flag |= TOF_CC;
>
> I haven't thought through the ramifications of what's been happening ...
>
> Rich Stevens
Submitted by: rstevens@noao.edu (Richard Stevens)
It closed the wrong device (usually the B partition instead of the C
partition).
It closed a device without having opened it.
It didn't open a device often enough. This caused swap partitions on
slices other than the first slice looked at to be unavailable for swapping.
It didn't check the device number sufficiently.
Reopen the bdev for the raw partition and not the cdev if only the bdev
was open.
Don't use a bogus limit for the number of partitions to possibly reopen
(bug found by Julian).
Add function dssize() to help fix wdsize() and sdsize(). The slice
layer knows more about (un)open partitions and partition sizes than
the driver layer.
Remove silly "Naffy, the Wonder Porpoise" attribution and add more
justifiable (and overdue) attribution to Bruce Evans. Look at it
as a delete and add operation batched together, not a substitution. :-)
notice, performed all of the structural changes necessary to get this thing
to work with the unidirectional-DMA version of voxware.
This work is -not- complete, but it's in far better shape than it was, and
I may not touch it again for another few months.
in read() and write(). FNONBLOCK is valid in ioctl() and close().
The bug caused hung ptys when a process talked to itself using nonblocking
i/o and exited while the slave pty had output to flush. ttywait() was
called and hung. Signals didn't work because the process was exiting.
`comcontrol /dev/ttyp0 drainwait 1' worked to terminate the wait. This
shows that comcontrol is not limited to hardware control. It has no i386
or driver dependencies and doesn't belong in src/sbin/i386.
Bruce
to emit spurious page outside of object type messages. It is not
a fatal condition anyway, so the message will be omitted for
release. Also, the code that "clips" the allocation size, associated
with the above problem, was fixed.
The ``flags 1'' in the fdc line is now only needed for owners of an
Insight tape (perhaps there aren't any? Mine is disfunctional). All
other probes are safe wrt. to the motor-control line of floppy disk
drives. Document the flag in LINT finally.
fragmented.
Added support for Cogent em100 boards.
Fixed bug that caused BPF to toggle the card to UTP.
Various other improvements.
Submitted by: Matt Thomas and David Greenman
Change IPTOS_PREC_ROUTINE to 0 (was conflict with IPTOS_LOWDELAY) according
to RFC 791 (unchanged since it) and BSDI 2.0 style
Submitted by: Igor Sviridov <siac@ua.net>
initializing proc0's frame base, too, using cpu_set_init_frame(). It's
a kludge because that macro is intended to be used only for init, but
does what we want nonetheless.
loading kernel
worm.o: Undefined symbol `_STUNIT' referenced from text segment
I copied the STUNIT definition from the old scsiconf.c into this file to
work around this problem.
if the 'time on a node is 0,..
tell the world it is the same as 'boottime'.
This is becasue 'time' is not set up when we create the nodes,
so we can't set them then.
Added CONTROL device that only does user-ioctl and nothing else;
Added protection so user-ioctl requires write access;
Clean up scsiconf.h a little. It needs more work.
the lookup fails. Updated callers to deal with this. Call in_pcblookuphash
instead of in_pcblookup() in in_pcbconnect; this improves performance of
UDP output by about 17% in the standard case.
space for the hash list buckets and is a little faster. The features
of tailq aren't needed. Increased the size of the object hash table
to improve performance. In the future, this will be changed so that
the table is sized dynamically.
as side-effect, removed some legacy code that was necessary
when we called vm_fault inside of vm_fault_quick instead of using
the kernel/user space byte move routines.
(2GB). If this limit is not imposed, then filesystem corruption will
ensue when files larger than 2GB are created. This is temporary,
and the underlying limitation will be removed later.
algorithm is used on aic7770 Rev E or higher chips to improve perfomance.
This required a hardware change but we don't know exactly what (most
likely some special register to do fast SCB indexing into host memory),
and we are not at all sure that there are more than 4 SCBs on these
chips. This probe will still classify the revision of the aic7xxx, but
we now default to 4 SCBs (at least until we know more of what was done).
This also fixes a bug in the timeout routine where we cleared a flag
too soon making it imposible to enter one section of the routine.
Submitted by: Timeout bug - Dan Eischen <deischen@iworks.InterWorks.org>
interrupts to zero to start with. This is the value we return in
most cases. The sense code then outbs the apropriate value to cause
sense retrieval. The return value was uninitialized before this
change (something that was an okay thing with the old sequencer code,
but not with the semantics of the new).
This problem caused us to always retrieve sense upon recieving a non
zero status byte. This is exactly what was happening for the "target
busy" status returned by exabyte tape drives when they rewind or
power on with a tape installed. The request sense proved fatal.
This should fix the tape problems.
but it outlines what I'm GOING to do to this file.
It's sort of an unignorable notification of coming changes..
This is a bit rude I understand.. but I can't afford to haqve the
diskslice code drifting off too much further from a workable system
and I think I need to jump in now to make it obvious what has to be done
before it's too late.
appologies to bruce in advance.
bin/stty. Define alias CCAR_OFLOW for MDMBUF.
Declare speeds as having type speed_t instead of long. speed_t is
long, which is wrong (POSIX specifies it to be unsigned integral),
but fixing it might introduce more serious bugs.
user-level part has already been commited.)
Note that i've lost the "official" code for this; it went into the
system after 1.1.5.1. The commited code is my own version, but it has
proven to work for me for more than a year now.
if an invalid ioctl is done on /dev/klog. logioctl() needs to return
an errno instead of -1 on a failed ioctl.
Submitted by: Mike Pritchard <mpp@mpp.com>
This submission was done by hand-applying FreeBSD local modifications on
top of the UCB code, rather than trying to patch the UCB code in on top
of the FreeBSD code due to the extensive changes.
Reviewed by: pst (been handling 30k routes for 4+ months)
Obtained from: Sklower/Woody/Honing/Traina (8.4 UCB release)
It is the kernel driver's responsibility to do the list manipulation whenever
a selection timeout or a request sense occurs.
Print out the interrupt type that the device has been set to. It seems that
one of the Asus motherboards botches this and David thought a diagnostic would
be nice.
Fix a bug in my diagnostic code that David found.
Reviewed by: Wcarchive and David Greenman
the adapter's selections. Many fast periferals were getting upset when
the sequencer decided to rearbitrate after the device had already won
arbitration. This also forced the creation of a list threaded through
the SCBs (since we don't have enough space anywhere else) of commands that
are awaiting reselection. This list is run down before any new transactions
from the input queue are allowed. The list is appened to whenever we begin
a selection (simple case since the selecting device is always at the head)
and by the kernel driver whenever a request sense occurs. In the common
case, the list is only one element long, but when a reselection wins out
over a selection and that reselection generates a request sense, the
outstanding selection required for the retreval of the sense code grows
the list. On machines with many targets, this might cause the list to grow
large, so this solution, which will allow up to the maximum number of I/O
requests capible of the card elements in the list, was chosen. The list
manipulation is trivial and adds three sequencer instructions of overhead
to the selection phase.
This fixes the "target busy" errors from micropolis drives and the bursty
I/O problem when performing I/O between a Quantum Grand Prix and any other
device. I anticipate that this will correct many of the problems that
have been reported with this driver.
Reviewed by: Wcarchive and David Greenman
go away whenever a clone's parent is changed, or a route is added in a
certain set of circumstances.
This also includes code to forbid setting a route's gateway to an
address which can only be reached through that route, thus (hopefully)
eliminating one class of cloning bottomless-recursion bugs.
to be `int' or smaller and some functions returned `int' instead
of `void'. The first bug was detected when console functions were
defined in a place central enough for type checking to actually
work and the second bug was introduced when the interface was
changed to match what the console functions in other drivers actually
return.
through the use of the config file flags as opposed to the option
"NSECS_MULTI". "NSECS_MULTI" has been removed from the driver.
The new capability allows boot-time modification of the config.
I made the changes I sent you before. In the interests of cleanliness, I made
modifications to /sys/i386/isa/tw.c to kill the warnings and make it compile
clean. While I was at it, I also made a bunch of internal functions static.
Submitted by: Gene Stark <gene@starkhome.cs.sunysb.edu>
flags parameter to all xxstart routines so that the correct information can
be passed down into the device specific routines. This is needed to ensure
that ccb/scb allocation routines don't hang.
Submitted by: John Dyson
higher level scsi code.
Spls should never be conditionalized, so don't do so here.
Restructure the get_scb routine so that we can't get into an infinite
loop if the ccbs are exhausted and we are are called with SCSI_NOSLEEP set.
Other driver maintainer's that based their scb allocation routines on Julian's
code should look at these changes and implement them for their driver.
The aic7xxx driver inspired these changes because early revs of the
aic7770 chips have so few SCBs that you can actually run out. If you
have a rev C or aic7770 (as is reported by the driver probe) and had more
than 2 drives, you could get into an infinite loop when using up all of
the SCBs. Since the driver will only allow two SCBs per device and I
only had two devices, I never saw this problem on my Rev C card.
Bzero only 19 bytes of the scb instead of 2k (ack!). This was a hold
over from when a struct SCB only contained the information downloaded
to the board, but we now store kernel driver data in there as well. This
greatly lowers the overhead for small transactions (I get ~1MB/sec for
dds with a 512 byte block size).
Submitted by: John Dyson with the aic7xxx specific optimization by me
higher level scsi code.
Spls should never be conditionalized, so don't do so here.
Restructure the get_ccb routine so that we can't get into an infinite
loop if the ccbs are exhausted and we are are called with SCSI_NOSLEEP set.
Other driver maintainer's that based their ccb allocation routines on Julian's
code should look at these changes and implement them for their driver.
Submitted by: John Dyson
incomplete declarations here any more. Some things depend on
incomplete declarations elsewhere. The `offset' arg to d_mmap_t is
bogus (it is `int' but should be `vm_offset_t') but it is what the
driver mmap functions actually accept, although they are passed a
`vm_offset_t'.
Function declararions in headers should always be complete to avoid
warnings from `gcc -Wstrict-prototypes' for compiling modules that
don't even use the offending declarations.
don't expect this to work yet.. but at least they're here..
(hey this cvs stuff is fun!)
activate with a line exactly like the isa line in the config file,
(but specifying eisa :)
patches to come..
Headers should always use `__inline' for inline functions to avoid
syntax errors when modules that don't even use the offending functions
are compiled with `gcc -ansi'.
We now have RELEASE=CURRENT in the CVS-tree.
If this hasn't been edited, we will use "BUILT-yyyymmdd" where the time is
that of the compile, and leave it at that, we can't do any better.
If there is no serious objections, I will modify the "cvs co" script on
freefall to fiddle this file after checkout so that it becomes
CURRENT-yyyymmdd, where the time is that of the checkout.
Change the interfaces of these functions to save space. The code
that takes the least amount of space is often the opposite to what
you might expect. E.g., it helps to waste a few bytes passing
pointers so that the compiler can't see that certain addresses
are identical (gcc likes to waste space by reloading fat constants
even when the constant is already in a register).
Rewrite getbootdev() to save 80 bytes of space and to make it less
ugly. 32 bytes were saved simply by omitting the continue statements
in the pseudo-switch.
recently introduced bloat in just 2 calls to biosread(), although
very little in calls to putc() and serial_putc(). Gcc produces
amazingly bad code for unnecessary conversions. E.g., if it has
`int x' in register %edx and wants to pass a char, then it could
simply push %edx and access only one byte in the callee. Instead,
it sometimes unnecessarily spills %edx; it always sign extends
%edx and pushes the result.
Remove useless `extern' in function prototypes.
Remove unused declaration of `end'.
Declare pbzero() and pcpy() like the library bzero and bcopy().
Declare printf() properly.
do fit, and beeping in case of an overflow.
. Drop a comment about the ``FORCE_COMCONSOLE'' option into
README.serial.
. Increase the name buffer for the root directory from 100 bytes
to 8 KB; this is in no way ideal, but (IMHO) the best that can
be done by now. People did encounter problems with their root
dir name listing overflowing the allocated buffer space. Once
we've got the three-stage boot, we should implement some basic
malloc(). Swap space is already getting tight now, perhaps the
swap should go into another 64 KB segment instead.
. Make the keyboard probe less paranoid. It should not give up in
case of a keyboard that's continuously demanding RESEND's. Even
though the keyboard reset apparently has not been reported to be
complete, it's at the very least proven that there IS something
like a keyboard available.
This solves problems with the ``Gateway-2000 AllKey programmable''
(sp?) keyboard, that experienced a total hang with the previous
probe.
Thanks goes to Scott Blachowicz <scott@statsci.com> for his
extensive testing of my various interim (debugging) bootblocks
to get this working.
some (hopefully) less offensive stupidity:
If we detect that a user has loaded a module that fails to initialize
itself correctly, panic. There really isn't a safe way to recover from
something like this; we can't know that the module is bad until after
the entry point is called, by which time it's too late to do anything
about it.
- Add $Id$ string.
- Fix comment ("we might *not* be able to unload the
module afterwards without panicking...")
- Get rid of variable 'j' that I used in name checking
for(;;) loop and use 'i' instead (I thought there'd be
a problem with this, but there isn't).
got a 2.2 version DC21040 chip in my SMC ethernet card! He suggests bumping
the check all the way down to 2.0 since it's pre-2.0 we're actually guarding
against.
Submitted by: Matt Thomas <matt@lkg.dec.com>
if_tun_mod, etc...) from crashing the system. These modules are useful,
but because they don't yet have proper load()/unload() functions,
they can lead to panics: if, for example, you load the if_ppp module,
any user can panic the system by running modstat.
You can also hang the system outright if you try to unload the PPP
module too.
Changes are as follows:
- Save the name passed to us during the RESERVE stage for name matching
(we can't load if_ppp_mod twice: we've have two ppp0's and two ppp1's,
which is beyond strange). This makes the lkmexists() cheks somewhat
redundant, but there's no way around it that I can see.
- If we call the module entry point and find that we have no lkm_any
structure in our 'private' section, create a fake one. This keeps
modstat happy. We mark such modules as LM_UNKNOWN.
- Don't allow LM_UNLOAD modules to be unloaded: it just ain't
possible. (Unless someone wants to write a pppunattach() function. :( )
- In lkmunreserve(), mark private.lkm_any as NULL so we don't get
confused later. I think this is bogus, but I can't prove it.
XXX: the name matching used to keep the user from loading two
instances of the same module can easily be defeated simply by
changing the module name or, in the case of the oddball modules,
simply by renaming the module files. I haven't found a nice simple
way to tell one module from another.
interested parties.
Make the loader refuse to load anything below 1 MB -- we didn't
support it since FreeBSD 2.0R. Avoid gratuitously wiping out the BIOS
variables or the loader.
the kernel at 0-640k; we haven't had the ability to do that since before
2.0R. Furthermore, I fail to see how putting an instruction at 0 and then
doing a .org 0x500 is going to prevent the stuff from getting clobbered
in the first place; a.out is just too stupid to know about sparse address
spaces.
is necessary in order for panic+sync to work. Will also gloss over a panic
that Jordan was having with the install floppies that remains unexplainable.
2) Handle "bogus_page" a little better.
3) Set page protection to VM_PROT_NONE if the entire page has become !valid.
Submitted by: John Dyson (2&3), me (1).
1) Rewrote screwy code that uses an incore buffer without making it busy.
2) Use B_CACHE instead of B_DONE in cases where it is appropriate.
3) Minor code optimization.
This *might* fix kern/345 submitted by Heikki Suonsivu.
pages that are in FS buffers. This fixes the (believed to already have been
fixed) problem with msync() not doing it's job...in other words, the
stuff that Andrew has continuously been complaining about.
Submitted by: John Dyson, w/minor changes by me.
is identical to the older version, just the copyright has changed. Many
thanks go to Dean Gehnert of the Linux camp who went the extra mile to make
this happen.
Other changes:
Update assembler man page to include the -v and -D options
Merge in Dean's latest changes to the assembler
Have the sequencer do a MSG_REJECT when the negotiated syncronous rate
is lower than the adapter supports. This forces asyncronous mode which
is faster at these rates anyway.
This code will be moved shortly to the non-gpld portion of the tree.