Date: Tue, 31 Oct 2006 14:25:34 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 108821 for review Message-ID: <200610311425.k9VEPYTS014987@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=108821 Change 108821 by rwatson@rwatson_zoo on 2006/10/31 14:25:16 Integrate TrustedBSD base branch: - options KSE - linux_aio backout - CAM_NEW_TRAN_CODE Affected files ... .. //depot/projects/trustedbsd/base/UPDATING#73 integrate .. //depot/projects/trustedbsd/base/bin/cp/cp.1#14 integrate .. //depot/projects/trustedbsd/base/bin/rm/rm.1#14 integrate .. //depot/projects/trustedbsd/base/bin/rm/rm.c#19 integrate .. //depot/projects/trustedbsd/base/contrib/bsnmp/snmp_mibII/mibII.c#12 integrate .. //depot/projects/trustedbsd/base/contrib/pf/man/pf.conf.5#8 integrate .. //depot/projects/trustedbsd/base/etc/defaults/rc.conf#62 integrate .. //depot/projects/trustedbsd/base/etc/network.subr#15 integrate .. //depot/projects/trustedbsd/base/etc/rc.firewall#8 integrate .. //depot/projects/trustedbsd/base/games/fortune/datfiles/fortunes#57 integrate .. //depot/projects/trustedbsd/base/lib/libc/gmon/Makefile.inc#5 integrate .. //depot/projects/trustedbsd/base/lib/libc/net/inet.3#7 integrate .. //depot/projects/trustedbsd/base/lib/libkvm/kvm_proc.c#29 integrate .. //depot/projects/trustedbsd/base/lib/libtacplus/libtacplus.3#6 integrate .. //depot/projects/trustedbsd/base/sbin/ggate/shared/ggate.c#7 integrate .. //depot/projects/trustedbsd/base/share/man/man4/ddb.4#13 integrate .. //depot/projects/trustedbsd/base/share/man/man4/fdc.4#8 integrate .. //depot/projects/trustedbsd/base/share/man/man4/sis.4#11 integrate .. //depot/projects/trustedbsd/base/share/man/man9/kobj.9#7 integrate .. //depot/projects/trustedbsd/base/sys/amd64/amd64/machdep.c#30 integrate .. //depot/projects/trustedbsd/base/sys/amd64/amd64/prof_machdep.c#4 integrate .. //depot/projects/trustedbsd/base/sys/amd64/amd64/trap.c#29 integrate .. //depot/projects/trustedbsd/base/sys/amd64/conf/DEFAULTS#5 integrate .. //depot/projects/trustedbsd/base/sys/amd64/conf/GENERIC#27 integrate .. //depot/projects/trustedbsd/base/sys/amd64/include/asmacros.h#7 integrate .. //depot/projects/trustedbsd/base/sys/amd64/include/profile.h#10 integrate .. //depot/projects/trustedbsd/base/sys/amd64/linux32/linux.h#6 integrate .. //depot/projects/trustedbsd/base/sys/amd64/linux32/linux32_dummy.c#6 integrate .. //depot/projects/trustedbsd/base/sys/amd64/linux32/linux32_proto.h#15 integrate .. //depot/projects/trustedbsd/base/sys/amd64/linux32/linux32_syscall.h#15 integrate .. //depot/projects/trustedbsd/base/sys/amd64/linux32/linux32_sysent.c#15 integrate .. //depot/projects/trustedbsd/base/sys/amd64/linux32/syscalls.master#15 integrate .. //depot/projects/trustedbsd/base/sys/arm/arm/elf_trampoline.c#8 integrate .. //depot/projects/trustedbsd/base/sys/arm/arm/trap.c#16 integrate .. //depot/projects/trustedbsd/base/sys/arm/at91/kb920x_machdep.c#9 integrate .. //depot/projects/trustedbsd/base/sys/arm/conf/EP80219#2 integrate .. //depot/projects/trustedbsd/base/sys/arm/conf/IQ31244#8 integrate .. //depot/projects/trustedbsd/base/sys/arm/conf/KB920X#6 integrate .. //depot/projects/trustedbsd/base/sys/arm/conf/SIMICS#9 integrate .. //depot/projects/trustedbsd/base/sys/arm/conf/SKYEYE#5 integrate .. //depot/projects/trustedbsd/base/sys/arm/sa11x0/assabet_machdep.c#10 integrate .. //depot/projects/trustedbsd/base/sys/arm/xscale/i80321/ep80219_machdep.c#3 integrate .. //depot/projects/trustedbsd/base/sys/arm/xscale/i80321/iq31244_machdep.c#13 integrate .. //depot/projects/trustedbsd/base/sys/boot/common/load_elf.c#12 integrate .. //depot/projects/trustedbsd/base/sys/boot/i386/boot2/boot2.c#26 integrate .. //depot/projects/trustedbsd/base/sys/boot/i386/libi386/elf32_freebsd.c#4 integrate .. //depot/projects/trustedbsd/base/sys/boot/i386/libi386/elf64_freebsd.c#6 integrate .. //depot/projects/trustedbsd/base/sys/boot/pc98/boot2/boot.c#7 integrate .. //depot/projects/trustedbsd/base/sys/cam/scsi/scsi_low.c#13 integrate .. //depot/projects/trustedbsd/base/sys/compat/linprocfs/linprocfs.c#37 integrate .. //depot/projects/trustedbsd/base/sys/compat/linux/linux_aio.c#2 delete .. //depot/projects/trustedbsd/base/sys/compat/linux/linux_aio.h#2 delete .. //depot/projects/trustedbsd/base/sys/compat/linux/linux_emul.c#6 integrate .. //depot/projects/trustedbsd/base/sys/compat/linux/linux_emul.h#3 integrate .. //depot/projects/trustedbsd/base/sys/compat/linux/linux_misc.c#49 integrate .. //depot/projects/trustedbsd/base/sys/compat/linux/linux_misc.h#1 branch .. //depot/projects/trustedbsd/base/sys/conf/files#107 integrate .. //depot/projects/trustedbsd/base/sys/conf/files.amd64#36 integrate .. //depot/projects/trustedbsd/base/sys/conf/files.i386#69 integrate .. //depot/projects/trustedbsd/base/sys/conf/files.pc98#58 integrate .. //depot/projects/trustedbsd/base/sys/conf/kern.post.mk#51 integrate .. //depot/projects/trustedbsd/base/sys/conf/kern.pre.mk#39 integrate .. //depot/projects/trustedbsd/base/sys/ddb/db_ps.c#28 integrate .. //depot/projects/trustedbsd/base/sys/dev/aac/aac_cam.c#17 integrate .. //depot/projects/trustedbsd/base/sys/dev/acpi_support/acpi_aiboost.c#1 branch .. //depot/projects/trustedbsd/base/sys/dev/advansys/advansys.c#11 integrate .. //depot/projects/trustedbsd/base/sys/dev/advansys/advlib.c#8 integrate .. //depot/projects/trustedbsd/base/sys/dev/advansys/adwcam.c#11 integrate .. //depot/projects/trustedbsd/base/sys/dev/aha/aha.c#14 integrate .. //depot/projects/trustedbsd/base/sys/dev/ahb/ahb.c#13 integrate .. //depot/projects/trustedbsd/base/sys/dev/aic/aic.c#8 integrate .. //depot/projects/trustedbsd/base/sys/dev/amd/amd.c#13 integrate .. //depot/projects/trustedbsd/base/sys/dev/amr/amr_cam.c#13 integrate .. //depot/projects/trustedbsd/base/sys/dev/arcmsr/arcmsr.c#8 integrate .. //depot/projects/trustedbsd/base/sys/dev/asr/asr.c#29 integrate .. //depot/projects/trustedbsd/base/sys/dev/ata/atapi-cam.c#25 integrate .. //depot/projects/trustedbsd/base/sys/dev/bce/if_bce.c#9 integrate .. //depot/projects/trustedbsd/base/sys/dev/ciss/ciss.c#35 integrate .. //depot/projects/trustedbsd/base/sys/dev/dc/if_dc.c#9 integrate .. //depot/projects/trustedbsd/base/sys/dev/dpt/dpt_scsi.c#15 integrate .. //depot/projects/trustedbsd/base/sys/dev/em/if_em.c#60 integrate .. //depot/projects/trustedbsd/base/sys/dev/em/if_em.h#36 integrate .. //depot/projects/trustedbsd/base/sys/dev/em/if_em_hw.c#21 integrate .. //depot/projects/trustedbsd/base/sys/dev/em/if_em_hw.h#22 integrate .. //depot/projects/trustedbsd/base/sys/dev/em/if_em_osdep.h#19 integrate .. //depot/projects/trustedbsd/base/sys/dev/esp/ncr53c9x.c#7 integrate .. //depot/projects/trustedbsd/base/sys/dev/firewire/sbp.c#32 integrate .. //depot/projects/trustedbsd/base/sys/dev/iir/iir.c#15 integrate .. //depot/projects/trustedbsd/base/sys/dev/isp/isp_freebsd.c#32 integrate .. //depot/projects/trustedbsd/base/sys/dev/mly/mly.c#18 integrate .. //depot/projects/trustedbsd/base/sys/dev/mpt/mpt_cam.c#13 integrate .. //depot/projects/trustedbsd/base/sys/dev/pci/pci.c#51 integrate .. //depot/projects/trustedbsd/base/sys/dev/pci/pci_pci.c#27 integrate .. //depot/projects/trustedbsd/base/sys/dev/pci/pcivar.h#20 integrate .. //depot/projects/trustedbsd/base/sys/dev/sound/pcm/dsp.c#25 integrate .. //depot/projects/trustedbsd/base/sys/dev/trm/trm.c#19 integrate .. //depot/projects/trustedbsd/base/sys/dev/twa/tw_osl_cam.c#7 integrate .. //depot/projects/trustedbsd/base/sys/dev/usb/ubsa.c#14 integrate .. //depot/projects/trustedbsd/base/sys/dev/usb/umass.c#47 integrate .. //depot/projects/trustedbsd/base/sys/dev/usb/usbdevs#57 integrate .. //depot/projects/trustedbsd/base/sys/fs/procfs/procfs_status.c#19 integrate .. //depot/projects/trustedbsd/base/sys/i386/conf/DEFAULTS#5 integrate .. //depot/projects/trustedbsd/base/sys/i386/conf/GENERIC#59 integrate .. //depot/projects/trustedbsd/base/sys/i386/conf/NOTES#73 integrate .. //depot/projects/trustedbsd/base/sys/i386/i386/machdep.c#65 integrate .. //depot/projects/trustedbsd/base/sys/i386/i386/trap.c#51 integrate .. //depot/projects/trustedbsd/base/sys/i386/include/asmacros.h#8 integrate .. //depot/projects/trustedbsd/base/sys/i386/include/profile.h#15 integrate .. //depot/projects/trustedbsd/base/sys/i386/isa/prof_machdep.c#8 integrate .. //depot/projects/trustedbsd/base/sys/i386/linux/linux.h#12 integrate .. //depot/projects/trustedbsd/base/sys/i386/linux/linux_dummy.c#13 integrate .. //depot/projects/trustedbsd/base/sys/i386/linux/linux_proto.h#28 integrate .. //depot/projects/trustedbsd/base/sys/i386/linux/linux_syscall.h#28 integrate .. //depot/projects/trustedbsd/base/sys/i386/linux/linux_sysent.c#29 integrate .. //depot/projects/trustedbsd/base/sys/i386/linux/syscalls.master#27 integrate .. //depot/projects/trustedbsd/base/sys/ia64/conf/DEFAULTS#5 integrate .. //depot/projects/trustedbsd/base/sys/ia64/conf/GENERIC#40 integrate .. //depot/projects/trustedbsd/base/sys/ia64/ia64/machdep.c#61 integrate .. //depot/projects/trustedbsd/base/sys/ia64/ia64/trap.c#43 integrate .. //depot/projects/trustedbsd/base/sys/kern/init_main.c#47 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_clock.c#35 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_fork.c#58 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_idle.c#18 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_intr.c#44 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_kse.c#12 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_poll.c#20 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_proc.c#53 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_resource.c#33 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_sig.c#66 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_subr.c#29 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_switch.c#39 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_synch.c#50 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_thr.c#23 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_thread.c#55 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_umtx.c#22 integrate .. //depot/projects/trustedbsd/base/sys/kern/sched_4bsd.c#28 integrate .. //depot/projects/trustedbsd/base/sys/kern/sched_ule.c#31 integrate .. //depot/projects/trustedbsd/base/sys/kern/subr_trap.c#41 integrate .. //depot/projects/trustedbsd/base/sys/kern/sys_process.c#35 integrate .. //depot/projects/trustedbsd/base/sys/kern/tty.c#37 integrate .. //depot/projects/trustedbsd/base/sys/kern/vfs_bio.c#62 integrate .. //depot/projects/trustedbsd/base/sys/modules/acpi/Makefile#23 integrate .. //depot/projects/trustedbsd/base/sys/modules/acpi/acpi_aiboost/Makefile#1 branch .. //depot/projects/trustedbsd/base/sys/modules/linux/Makefile#17 integrate .. //depot/projects/trustedbsd/base/sys/modules/powermac_nvram/Makefile#2 integrate .. //depot/projects/trustedbsd/base/sys/netinet/ip_dummynet.c#38 integrate .. //depot/projects/trustedbsd/base/sys/pc98/conf/DEFAULTS#5 integrate .. //depot/projects/trustedbsd/base/sys/pc98/conf/GENERIC#49 integrate .. //depot/projects/trustedbsd/base/sys/pc98/pc98/machdep.c#14 integrate .. //depot/projects/trustedbsd/base/sys/pci/if_sis.c#48 integrate .. //depot/projects/trustedbsd/base/sys/pci/ncr.c#18 integrate .. //depot/projects/trustedbsd/base/sys/posix4/ksched.c#15 integrate .. //depot/projects/trustedbsd/base/sys/powerpc/conf/DEFAULTS#3 integrate .. //depot/projects/trustedbsd/base/sys/powerpc/conf/GENERIC#33 integrate .. //depot/projects/trustedbsd/base/sys/powerpc/powerpc/machdep.c#39 integrate .. //depot/projects/trustedbsd/base/sys/powerpc/powerpc/trap.c#25 integrate .. //depot/projects/trustedbsd/base/sys/sparc64/conf/DEFAULTS#3 integrate .. //depot/projects/trustedbsd/base/sys/sparc64/conf/GENERIC#56 integrate .. //depot/projects/trustedbsd/base/sys/sparc64/include/endian.h#12 integrate .. //depot/projects/trustedbsd/base/sys/sparc64/sparc64/machdep.c#50 integrate .. //depot/projects/trustedbsd/base/sys/sparc64/sparc64/trap.c#38 integrate .. //depot/projects/trustedbsd/base/sys/sun4v/conf/DEFAULTS#2 integrate .. //depot/projects/trustedbsd/base/sys/sun4v/include/endian.h#2 integrate .. //depot/projects/trustedbsd/base/sys/sun4v/sun4v/machdep.c#2 integrate .. //depot/projects/trustedbsd/base/sys/sys/mac_policy.h#50 integrate .. //depot/projects/trustedbsd/base/sys/sys/param.h#61 integrate .. //depot/projects/trustedbsd/base/sys/sys/proc.h#78 integrate .. //depot/projects/trustedbsd/base/sys/sys/rtprio.h#6 integrate .. //depot/projects/trustedbsd/base/sys/sys/sched.h#14 integrate .. //depot/projects/trustedbsd/base/sys/sys/soundcard.h#11 integrate .. //depot/projects/trustedbsd/base/sys/vm/vm_glue.c#46 integrate .. //depot/projects/trustedbsd/base/sys/vm/vm_zeroidle.c#19 integrate .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/README#2 integrate .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/conf/bridge/tinybsd.localfiles#1 branch .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/conf/default/tinybsd.localfiles#1 branch .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/conf/firewall/tinybsd.localfiles#1 branch .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/conf/minimal/tinybsd.localfiles#1 branch .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/conf/vpn/tinybsd.localfiles#1 branch .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/conf/wireless/tinybsd.localfiles#1 branch .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/conf/wrap/tinybsd.localfiles#1 branch .. //depot/projects/trustedbsd/base/tools/tools/tinybsd/tinybsd#2 integrate .. //depot/projects/trustedbsd/base/usr.sbin/fwcontrol/Makefile#4 integrate .. //depot/projects/trustedbsd/base/usr.sbin/fwcontrol/fwcontrol.8#13 integrate .. //depot/projects/trustedbsd/base/usr.sbin/fwcontrol/fwcontrol.c#13 integrate .. //depot/projects/trustedbsd/base/usr.sbin/fwcontrol/fwdv.c#3 integrate .. //depot/projects/trustedbsd/base/usr.sbin/fwcontrol/fwmethods.h#1 branch .. //depot/projects/trustedbsd/base/usr.sbin/fwcontrol/fwmpegts.c#1 branch Differences ... ==== //depot/projects/trustedbsd/base/UPDATING#73 (text+ko) ==== @@ -21,6 +21,14 @@ developers choose to disable these features on build machines to maximize performance. +20061026: + KSE in the kernel has now been made optional and turned on by + default. Use 'nooption KSE' in your kernel config to turn it + off. All kernel modules *must* be recompiled after this change. + There-after, modules from a KSE kernel should be compatible with + modules from a NOKSE kernel due to the temporary padding fields + added to 'struct proc'. + 20060929: mrouted and its utilities have been removed from the base system. @@ -631,4 +639,4 @@ Contact Warner Losh if you have any questions about your use of this document. -$FreeBSD: src/UPDATING,v 1.460 2006/09/30 20:01:15 ru Exp $ +$FreeBSD: src/UPDATING,v 1.462 2006/10/26 22:05:24 jb Exp $ ==== //depot/projects/trustedbsd/base/bin/cp/cp.1#14 (text+ko) ==== @@ -30,9 +30,9 @@ .\" SUCH DAMAGE. .\" .\" @(#)cp.1 8.3 (Berkeley) 4/18/94 -.\" $FreeBSD: src/bin/cp/cp.1,v 1.37 2006/10/24 18:42:42 trhodes Exp $ +.\" $FreeBSD: src/bin/cp/cp.1,v 1.38 2006/10/27 08:26:24 trhodes Exp $ .\" -.Dd October 24, 2006 +.Dd October 27, 2006 .Dt CP 1 .Os .Sh NAME @@ -255,23 +255,19 @@ is different from historical .Fx behavior. -Use -of this option +Use of this option is strongly discouraged as the behavior is implementation-dependent. -In this implementation of -.Nm , +In +.Fx , .Fl r -works alike +is a synonym for .Fl RL -thus all files, including special files, are copied -in a manner similar to normal files. -Data within these special files -will not be copied, only the file itself. +and works the same unless modified by other flags. Historical implemenations of .Fl r -differ as they could copy the internal contents of special +differ as they copy special files as normal files while recreating a hierarchy. .Pp The ==== //depot/projects/trustedbsd/base/bin/rm/rm.1#14 (text+ko) ==== @@ -30,9 +30,9 @@ .\" SUCH DAMAGE. .\" .\" @(#)rm.1 8.5 (Berkeley) 12/5/94 -.\" $FreeBSD: src/bin/rm/rm.1,v 1.39 2005/11/17 12:15:23 ru Exp $ +.\" $FreeBSD: src/bin/rm/rm.1,v 1.40 2006/10/30 03:32:09 delphij Exp $ .\" -.Dd September 29, 2005 +.Dd October 30, 2006 .Dt RM 1 .Os .Sh NAME @@ -88,6 +88,8 @@ Overwrite regular files before deleting them. Files are overwritten three times, first with the byte pattern 0xff, then 0x00, and then 0xff again, before they are deleted. +Files with multiple links will not be overwritten. +.Pp Specifying this flag for a read only file will cause .Nm to generate an error message and exit. ==== //depot/projects/trustedbsd/base/bin/rm/rm.c#19 (text+ko) ==== @@ -39,7 +39,7 @@ #endif /* not lint */ #endif #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/bin/rm/rm.c,v 1.56 2006/10/18 13:16:06 maxim Exp $"); +__FBSDID("$FreeBSD: src/bin/rm/rm.c,v 1.57 2006/10/30 03:32:09 delphij Exp $"); #include <sys/stat.h> #include <sys/param.h> @@ -400,6 +400,11 @@ } if (!S_ISREG(sbp->st_mode)) return (1); + if (sbp->st_nlink > 1) { + warnx("%s (inode %u): not overwritten due to multiple links", + file, sbp->st_ino); + return (1); + } if ((fd = open(file, O_WRONLY, 0)) == -1) goto err; if (fstatfs(fd, &fsb) == -1) ==== //depot/projects/trustedbsd/base/contrib/bsnmp/snmp_mibII/mibII.c#12 (text+ko) ==== @@ -26,12 +26,13 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Begemot: bsnmp/snmp_mibII/mibII.c,v 1.24 2006/02/14 09:04:18 brandt_h Exp $ + * $Begemot: mibII.c 516 2006-10-27 15:54:02Z brandt_h $ * * Implementation of the standard interfaces and ip MIB. */ #include "mibII.h" #include "mibII_oid.h" +#include <net/if.h> #include <net/if_types.h> @@ -376,16 +377,16 @@ u_int ticks; if ((ticks = mibif_force_hc_update_interval) == 0) { - if (mibif_maxspeed <= 10000000) { + if (mibif_maxspeed <= IF_Mbps(10)) { /* at 10Mbps overflow needs 3436 seconds */ ticks = 3000 * 100; /* 50 minutes */ - } else if (mibif_maxspeed <= 100000000) { + } else if (mibif_maxspeed <= IF_Mbps(100)) { /* at 100Mbps overflow needs 343 seconds */ ticks = 300 * 100; /* 5 minutes */ - } else if (mibif_maxspeed < 650000000) { + } else if (mibif_maxspeed < IF_Mbps(622)) { /* at 622Mbps overflow needs 53 seconds */ ticks = 40 * 100; /* 40 seconds */ - } else if (mibif_maxspeed <= 1000000000) { + } else if (mibif_maxspeed <= IF_Mbps(1000)) { /* at 1Gbps overflow needs 34 seconds */ ticks = 20 * 100; /* 20 seconds */ } else { ==== //depot/projects/trustedbsd/base/contrib/pf/man/pf.conf.5#8 (text+ko) ==== @@ -1,4 +1,4 @@ -.\" $FreeBSD: src/contrib/pf/man/pf.conf.5,v 1.9 2005/09/28 08:11:15 mlaier Exp $ +.\" $FreeBSD: src/contrib/pf/man/pf.conf.5,v 1.10 2006/10/30 15:15:37 mlaier Exp $ .\" $OpenBSD: pf.conf.5,v 1.292 2004/02/24 05:44:48 mcbride Exp $ .\" .\" Copyright (c) 2002, Daniel Hartmeier @@ -28,7 +28,7 @@ .\" ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd February 7, 2005 +.Dd October 30, 2006 .Dt PF.CONF 5 .Os .Sh NAME @@ -2851,6 +2851,12 @@ for the moment. This workaround will still produce the LOR, but Giant will protect from the deadlock. +.Pp +Route labels are not supported by the +.Fx +.Xr route 4 +system. +Rules with a route label do not match any traffic. .Sh SEE ALSO .Xr altq 4 , .Xr icmp 4 , ==== //depot/projects/trustedbsd/base/etc/defaults/rc.conf#62 (text+ko) ==== @@ -15,7 +15,7 @@ # For a more detailed explanation of all the rc.conf variables, please # refer to the rc.conf(5) manual page. # -# $FreeBSD: src/etc/defaults/rc.conf,v 1.300 2006/10/15 15:55:00 ceri Exp $ +# $FreeBSD: src/etc/defaults/rc.conf,v 1.301 2006/10/28 20:08:12 phk Exp $ ############################################################## ### Important initial Boot-time options #################### @@ -104,6 +104,16 @@ firewall_quiet="NO" # Set to YES to suppress rule display firewall_logging="NO" # Set to YES to enable events logging firewall_flags="" # Flags passed to ipfw when type is a file +firewall_myservices="" # List of TCP ports on which this host + # offers services +firewall_allowservices="" # List of IPs which has access to + # $firewall_myservices +firewall_trusted="" # List of IPs which has full access to this host +firewall_logdeny="NO" # Set to YES to log default denied incoming + # packets. +firewall_nologports="135-139,445 1026,1027 1433,1434" # List of TCP/UDP ports + # for which denied incoming packets are not + # logged. ip_portrange_first="NO" # Set first dynamically allocated port ip_portrange_last="NO" # Set last dynamically allocated port ike_enable="NO" # Enable IKE daemon (usually racoon or isakmpd) ==== //depot/projects/trustedbsd/base/etc/network.subr#15 (text+ko) ==== @@ -22,7 +22,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/etc/network.subr,v 1.175 2006/10/07 15:45:56 ume Exp $ +# $FreeBSD: src/etc/network.subr,v 1.176 2006/10/29 13:29:49 mlaier Exp $ # # @@ -690,7 +690,7 @@ if [ ${rtsol_available} = yes -a ${rtsol_interface} = yes ] then case ${i} in - lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*) + lo0|gif[0-9]*|stf[0-9]*|faith[0-9]*|lp[0-9]*|sl[0-9]*|tun[0-9]*|pflog[0-9]*|pfsync[0-9]*) ;; *) rtsol_interfaces="${rtsol_interfaces} ${i}" ==== //depot/projects/trustedbsd/base/etc/rc.firewall#8 (text+ko) ==== @@ -23,7 +23,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $FreeBSD: src/etc/rc.firewall,v 1.48 2005/11/18 02:23:59 ume Exp $ +# $FreeBSD: src/etc/rc.firewall,v 1.49 2006/10/28 20:08:12 phk Exp $ # # @@ -42,12 +42,14 @@ ############ # Define the firewall type in /etc/rc.conf. Valid values are: -# open - will allow anyone in -# client - will try to protect just this machine -# simple - will try to protect a whole network -# closed - totally disables IP services except via lo0 interface -# UNKNOWN - disables the loading of firewall rules. -# filename - will load the rules in the given filename (full path required) +# open - will allow anyone in +# client - will try to protect just this machine +# simple - will try to protect a whole network +# closed - totally disables IP services except via lo0 interface +# workstation - will try to protect just this machine using statefull +# firewalling. See below for rc.conf variables used +# UNKNOWN - disables the loading of firewall rules. +# filename - will load the rules in the given filename (full path required) # # For ``client'' and ``simple'' the entries below should be customized # appropriately. @@ -107,6 +109,8 @@ # ${fwcmd} -f flush +setup_loopback + ############ # Network Address Translation. All packets are passed to natd(8) # before they encounter your remaining rules. The firewall rules @@ -140,7 +144,6 @@ # case ${firewall_type} in [Oo][Pp][Ee][Nn]) - setup_loopback ${fwcmd} add 65000 pass all from any to any ;; @@ -155,8 +158,6 @@ mask="255.255.255.0" ip="192.0.2.1" - setup_loopback - # Allow any traffic to or from my own net. ${fwcmd} add pass all from ${ip} to ${net}:${mask} ${fwcmd} add pass all from ${net}:${mask} to ${ip} @@ -168,19 +169,19 @@ ${fwcmd} add pass all from any to any frag # Allow setup of incoming email - ${fwcmd} add pass tcp from any to ${ip} 25 setup + ${fwcmd} add pass tcp from any to me 25 setup # Allow setup of outgoing TCP connections only - ${fwcmd} add pass tcp from ${ip} to any setup + ${fwcmd} add pass tcp from me to any setup # Disallow setup of all other TCP connections ${fwcmd} add deny tcp from any to any setup # Allow DNS queries out in the world - ${fwcmd} add pass udp from ${ip} to any 53 keep-state + ${fwcmd} add pass udp from me to any 53 keep-state # Allow NTP queries out in the world - ${fwcmd} add pass udp from ${ip} to any 123 keep-state + ${fwcmd} add pass udp from me to any 123 keep-state # Everything else is denied by default, unless the # IPFIREWALL_DEFAULT_TO_ACCEPT option is set in your kernel @@ -206,8 +207,6 @@ imask="255.255.255.240" iip="192.0.2.17" - setup_loopback - # Stop spoofing ${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif} ${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif} @@ -289,8 +288,100 @@ # config file. ;; +[Ww][Oo][Rr][Kk][Ss][Tt][Aa][Tt][Ii][Oo][Nn]) + # Configuration: + # firewall_myservices: List of TCP ports on which this host + # offers services. + # firewall_allowservices: List of IPs which has access to + # $firewall_myservices. + # firewall_trusted: List of IPs which has full access + # to this host. Be very carefull + # when setting this. This option can + # seriously degrade the level of + # protection provided by the firewall. + # firewall_logdeny: Boolean (YES/NO) specifying if the + # default denied packets should be + # logged (in /var/log/security). + # firewall_nologports: List of TCP/UDP ports for which + # denied incomming packets are not + # logged. + + # Allow packets for which a state has been built. + ${fwcmd} add check-state + + # For services permitted below. + ${fwcmd} add pass tcp from me to any established + + # Allow any connection out, adding state for each. + ${fwcmd} add pass tcp from me to any setup keep-state + ${fwcmd} add pass udp from me to any keep-state + ${fwcmd} add pass icmp from me to any keep-state + + # Allow DHCP. + ${fwcmd} add pass udp from 0.0.0.0 68 to 255.255.255.255 67 out + ${fwcmd} add pass udp from any 67 to me 68 in + ${fwcmd} add pass udp from any 67 to 255.255.255.255 68 in + # Some servers will ping the IP while trying to decide if it's + # still in use. + ${fwcmd} add pass icmp from any to any icmptype 8 + + # Allow "mandatory" ICMP in. + ${fwcmd} add pass icmp from any to any icmptype 3,4,11 + + # Add permits for this workstations published services below + # Only IPs and nets in firewall_allowservices is allowed in. + # If you really wish to let anyone use services on your + # workstation, then set "firewall_allowservices='any'" in /etc/rc.conf + # + # Note: We don't use keep-state as that would allow DoS of + # our statetable. + # You can add 'keep-state' to the lines for slightly + # better performance if you fell that DoS of your + # workstation won't be a problem. + # + for i in ${firewall_allowservices} ; do + for j in ${firewall_myservices} ; do + ${fwcmd} add pass tcp from $i to me $j + done + done + + # Allow all connections from trusted IPs. + # Playing with the content of firewall_trusted could seriously + # degrade the level of protection provided by the firewall. + for i in ${firewall_trusted} ; do + ${fwcmd} add pass ip from $i to me + done + + ${fwcmd} add 65000 count ip from any to any + + # Drop packets to ports where we don't want logging + for i in ${firewall_nologports} ; do + ${fwcmd} add deny { tcp or udp } from any to any $i in + done + + # Broadcasts and muticasts + ${fwcmd} add deny ip from any to 255.255.255.255 + ${fwcmd} add deny ip from any to 224.0.0.0/24 in # XXX + + # Noise from routers + ${fwcmd} add deny udp from any to any 520 in + + # Noise from webbrowsing. + # The statefull filter is a bit agressive, and will cause some + # connection teardowns to be logged. + ${fwcmd} add deny tcp from any 80,443 to any 1024-65535 in + + # Deny and (if wanted) log the rest unconditionally. + log="" + if [ ${firewall_logdeny:-x} = "YES" -o ${firewall_logdeny:-x} = "yes" ] ; then + log="log logamount 500" # The default of 100 is too low. + sysctl net.inet.ip.fw.verbose=1 >/dev/null + fi + ${fwcmd} add deny $log ip from any to any + ;; + [Cc][Ll][Oo][Ss][Ee][Dd]) - setup_loopback + ${fwcmd} add 65000 deny ip from any to any ;; [Uu][Nn][Kk][Nn][Oo][Ww][Nn]) ;; ==== //depot/projects/trustedbsd/base/games/fortune/datfiles/fortunes#57 (text+ko) ==== @@ -1,5 +1,5 @@ This fortune brought to you by: -$FreeBSD: src/games/fortune/datfiles/fortunes,v 1.229 2006/10/23 13:25:17 phk Exp $ +$FreeBSD: src/games/fortune/datfiles/fortunes,v 1.230 2006/10/30 12:01:57 keramida Exp $ % ======================================================================= @@ -22147,7 +22147,7 @@ There are not stars enough in heaven. % Here at the Phone Company, we serve all kinds of people; -from President's and Kings to the scum of the earth... +from Presidents and Kings to the scum of the earth... % Here comes the orator, with his flood of words and his drop of reason. % ==== //depot/projects/trustedbsd/base/lib/libc/gmon/Makefile.inc#5 (text+ko) ==== @@ -1,5 +1,5 @@ # from @(#)Makefile.inc 8.1 (Berkeley) 6/4/93 -# $FreeBSD: src/lib/libc/gmon/Makefile.inc,v 1.11 2006/03/13 01:14:56 deischen Exp $ +# $FreeBSD: src/lib/libc/gmon/Makefile.inc,v 1.12 2006/10/28 13:34:35 bde Exp $ # gmon sources .PATH: ${.CURDIR}/gmon @@ -12,12 +12,6 @@ MLINKS+=moncontrol.3 monstartup.3 -.if ${MACHINE_ARCH} == amd64 -# mcount needs to be compiled with frame pointers and without profiling -mcount.po: mcount.c - ${CC} ${CFLAGS} -fno-omit-frame-pointer -c ${.IMPSRC} -o ${.TARGET} -.else # mcount cannot be compiled with profiling mcount.po: mcount.o cp mcount.o mcount.po -.endif ==== //depot/projects/trustedbsd/base/lib/libc/net/inet.3#7 (text+ko) ==== @@ -30,7 +30,7 @@ .\" SUCH DAMAGE. .\" .\" From: @(#)inet.3 8.1 (Berkeley) 6/4/93 -.\" $FreeBSD: src/lib/libc/net/inet.3,v 1.30 2005/02/13 22:25:12 ru Exp $ +.\" $FreeBSD: src/lib/libc/net/inet.3,v 1.31 2006/10/28 13:05:10 ru Exp $ .\" .Dd June 14, 2004 .Dt INET 3 @@ -299,5 +299,7 @@ .Fn inet_ntoa resides in a static memory area. .Pp -Inet_addr should return a +The +.Fn inet_addr +function should return a .Fa struct in_addr . ==== //depot/projects/trustedbsd/base/lib/libkvm/kvm_proc.c#29 (text+ko) ==== @@ -42,7 +42,7 @@ #endif #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/lib/libkvm/kvm_proc.c,v 1.88 2006/07/25 22:39:57 yar Exp $"); +__FBSDID("$FreeBSD: src/lib/libkvm/kvm_proc.c,v 1.89 2006/10/26 21:42:16 jb Exp $"); /* * Proc traversal interface for kvm. ps and w are (probably) the exclusive @@ -114,7 +114,7 @@ struct prison pr; struct thread mtd; /*struct kse mke;*/ - struct ksegrp mkg; + /*struct ksegrp mkg;*/ struct proc proc; struct proc pproc; struct timeval tv; @@ -137,6 +137,7 @@ TAILQ_FIRST(&proc.p_threads)); return (-1); } +#if 0 if ((proc.p_flag & P_SA) == 0) { if (KREAD(kd, (u_long)TAILQ_FIRST(&proc.p_ksegrps), @@ -146,7 +147,6 @@ TAILQ_FIRST(&proc.p_ksegrps)); return (-1); } -#if 0 if (KREAD(kd, (u_long)TAILQ_FIRST(&mkg.kg_kseq), &mke)) { _kvm_err(kd, kd->program, @@ -154,8 +154,8 @@ TAILQ_FIRST(&mkg.kg_kseq)); return (-1); } + } #endif - } } if (KREAD(kd, (u_long)proc.p_ucred, &ucred) == 0) { kp->ki_ruid = ucred.cr_ruid; @@ -425,13 +425,13 @@ kp->ki_oncpu = mtd.td_oncpu; if (!(proc.p_flag & P_SA)) { +#if 0 /* stuff from the ksegrp */ kp->ki_slptime = mkg.kg_slptime; kp->ki_pri.pri_class = mkg.kg_pri_class; kp->ki_pri.pri_user = mkg.kg_user_pri; kp->ki_estcpu = mkg.kg_estcpu; -#if 0 /* Stuff from the kse */ kp->ki_pctcpu = mke.ke_pctcpu; kp->ki_rqindex = mke.ke_rqindex; ==== //depot/projects/trustedbsd/base/lib/libtacplus/libtacplus.3#6 (text+ko) ==== @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD: src/lib/libtacplus/libtacplus.3,v 1.13 2004/07/02 23:52:19 ru Exp $ +.\" $FreeBSD: src/lib/libtacplus/libtacplus.3,v 1.14 2006/10/28 10:53:39 maxim Exp $ .\" .Dd September 2, 1998 .Dt LIBTACPLUS 3 @@ -450,7 +450,7 @@ .It .Fn tac_get_av .It -.Fn tac_get_av_pair +.Fn tac_get_av_value .It .Fn tac_get_data .It ==== //depot/projects/trustedbsd/base/sbin/ggate/shared/ggate.c#7 (text+ko) ==== @@ -23,7 +23,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/sbin/ggate/shared/ggate.c,v 1.5 2005/07/08 21:28:26 pjd Exp $ + * $FreeBSD: src/sbin/ggate/shared/ggate.c,v 1.6 2006/10/30 18:29:24 pjd Exp $ */ #include <stdio.h> @@ -250,8 +250,12 @@ ssize_t g_gate_recv(int s, void *buf, size_t len, int flags) { + ssize_t done; - return (recv(s, buf, len, flags)); + do { + done = recv(s, buf, len, flags); + } while (done == -1 && errno == EAGAIN); + return (done); } int nagle = 1; @@ -280,7 +284,7 @@ bsize = sndbuf; if (setsockopt(sfd, SOL_SOCKET, SO_SNDBUF, &bsize, sizeof(bsize)) == -1) g_gate_xlog("setsockopt(SO_SNDBUF): %s.", strerror(errno)); - tv.tv_sec = 1; + tv.tv_sec = 8; tv.tv_usec = 0; if (setsockopt(sfd, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv)) == -1) { g_gate_log(LOG_ERR, "setsockopt(SO_SNDTIMEO) error: %s.", ==== //depot/projects/trustedbsd/base/share/man/man4/ddb.4#13 (text+ko) ==== @@ -57,9 +57,9 @@ .\" Created. .\" [90/08/30 dbg] .\" -.\" $FreeBSD: src/share/man/man4/ddb.4,v 1.40 2006/10/11 07:07:31 ru Exp $ +.\" $FreeBSD: src/share/man/man4/ddb.4,v 1.41 2006/10/30 12:55:06 ru Exp $ .\" -.Dd October 10, 2006 +.Dd October 27, 2006 .Dt DDB 4 .Os .Sh NAME @@ -444,22 +444,22 @@ .Pp .It Xo .Ic trace Ns Op Li / Ns Cm u -.Op Ar frame +.Op Ar pid | tid .Op Li , Ns Ar count .Xc .It Xo .Ic t Ns Op Li / Ns Cm u -.Op Ar frame +.Op Ar pid | tid .Op Li , Ns Ar count .Xc .It Xo .Ic where Ns Op Li / Ns Cm u -.Op Ar frame +.Op Ar pid | tid .Op Li , Ns Ar count .Xc .It Xo .Ic bt Ns Op Li / Ns Cm u -.Op Ar frame +.Op Ar pid | tid .Op Li , Ns Ar count .Xc Stack trace. ==== //depot/projects/trustedbsd/base/share/man/man4/fdc.4#8 (text+ko) ==== @@ -25,9 +25,9 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $FreeBSD: src/share/man/man4/fdc.4,v 1.35 2006/05/11 17:23:03 keramida Exp $ +.\" $FreeBSD: src/share/man/man4/fdc.4,v 1.36 2006/10/30 16:43:42 keramida Exp $ .\" -.Dd July 15, 2004 +.Dd May 11, 2006 .Dt FDC 4 .Os .Sh NAME ==== //depot/projects/trustedbsd/base/share/man/man4/sis.4#11 (text+ko) ==== @@ -28,9 +28,9 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF .\" THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $FreeBSD: src/share/man/man4/sis.4,v 1.23 2006/10/21 18:04:42 ru Exp $ +.\" $FreeBSD: src/share/man/man4/sis.4,v 1.24 2006/10/28 07:26:50 brueffer Exp $ .\" -.Dd October 13, 2006 +.Dd October 28, 2006 .Dt SIS 4 .Os .Sh NAME @@ -143,7 +143,7 @@ .It SiS 630, 635, and 735 motherboard chipsets .It -Soekris Engineering net45xx, lan1621, and lan1641 +Soekris Engineering net45xx, net48xx, lan1621, and lan1641 .El .Sh DIAGNOSTICS .Bl -diag ==== //depot/projects/trustedbsd/base/share/man/man9/kobj.9#7 (text+ko) ==== @@ -26,7 +26,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $FreeBSD: src/share/man/man9/kobj.9,v 1.16 2005/06/28 20:15:18 hmp Exp $ +.\" $FreeBSD: src/share/man/man9/kobj.9,v 1.17 2006/10/28 10:57:35 maxim Exp $ .\" .Dd April 4, 2000 .Dt KOBJ 9 @@ -83,7 +83,7 @@ specified by the class and initialise it by zeroing the memory and installing a pointer to the class' method dispatch table. Objects created in this way should be freed by calling -.Fn kobj_free . +.Fn kobj_delete . .Pp Clients which would like to manage the allocation of memory themselves should call ==== //depot/projects/trustedbsd/base/sys/amd64/amd64/machdep.c#30 (text+ko) ==== @@ -39,7 +39,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/amd64/amd64/machdep.c,v 1.656 2006/10/12 12:48:21 jhb Exp $"); +__FBSDID("$FreeBSD: src/sys/amd64/amd64/machdep.c,v 1.657 2006/10/26 21:42:16 jb Exp $"); #include "opt_atalk.h" #include "opt_atpic.h" @@ -1120,7 +1120,11 @@ * This may be done better later if it gets more high level * components in it. If so just link td->td_proc here. */ +#ifdef KSE proc_linkup(&proc0, &ksegrp0, &thread0); +#else + proc_linkup(&proc0, &thread0); +#endif preload_metadata = (caddr_t)(uintptr_t)(modulep + KERNBASE); preload_bootstrap_relocate(KERNBASE); ==== //depot/projects/trustedbsd/base/sys/amd64/amd64/prof_machdep.c#4 (text+ko) ==== @@ -25,7 +25,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/amd64/amd64/prof_machdep.c,v 1.24 2005/05/14 09:10:00 nyan Exp $"); +__FBSDID("$FreeBSD: src/sys/amd64/amd64/prof_machdep.c,v 1.28 2006/10/29 09:48:44 bde Exp $"); #ifdef GUPROF #if 0 @@ -37,20 +37,15 @@ #include <sys/systm.h> #include <sys/gmon.h> #include <sys/kernel.h> +#include <sys/smp.h> #include <sys/sysctl.h> #include <machine/clock.h> #if 0 #include <machine/perfmon.h> #endif -#include <machine/profile.h> -#undef MCOUNT -#endif - -#include <machine/asmacros.h> #include <machine/timerreg.h> -#ifdef GUPROF #define CPUTIME_CLOCK_UNINITIALIZED 0 #define CPUTIME_CLOCK_I8254 1 #define CPUTIME_CLOCK_TSC 2 @@ -60,7 +55,7 @@ int cputime_bias = 1; /* initialize for locality of reference */ static int cputime_clock = CPUTIME_CLOCK_UNINITIALIZED; -#ifdef I586_PMC_GUPROF +#if defined(PERFMON) && defined(I586_PMC_GUPROF) static u_int cputime_clock_pmc_conf = I586_PMC_GUPROF; static int cputime_clock_pmc_init; static struct gmonparam saved_gmp; @@ -80,7 +75,7 @@ # \n\ # Check that we are profiling. Do it early for speed. \n\ # \n\ - cmpl $GMON_PROF_OFF," __XSTRING(CNAME(_gmonparam)) "+GM_STATE \n\ + cmpl $GMON_PROF_OFF,_gmonparam+GM_STATE \n\ je .mcount_exit \n\ # \n\ # __mcount is the same as [.]mcount except the caller \n\ @@ -98,11 +93,11 @@ jmp .got_frompc \n\ \n\ .p2align 4,0x90 \n\ - .globl " __XSTRING(HIDENAME(mcount)) " \n\ -" __XSTRING(HIDENAME(mcount)) ": \n\ + .globl .mcount \n\ +.mcount: \n\ .globl __cyg_profile_func_enter \n\ __cyg_profile_func_enter: \n\ - cmpl $GMON_PROF_OFF," __XSTRING(CNAME(_gmonparam)) "+GM_STATE \n\ >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610311425.k9VEPYTS014987>