summaryrefslogtreecommitdiffstats
path: root/sys/contrib
Commit message (Collapse)AuthorAgeFilesLines
* Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.hrwatson2006-10-221-1/+1
| | | | | | | | | | | | | begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now contains the userspace and user<->kernel API and definitions, with all in-kernel interfaces moved to mac_framework.h, which is now included across most of the kernel instead. This change is the first step in a larger cleanup and sweep of MAC Framework interfaces in the kernel, and will not be MFC'd. Obtained from: TrustedBSD Project Sponsored by: SPARTA
* Workaround bad locking design:oleg2006-10-051-3/+9
| | | | | | | | | | do not try to lock/unlock destroyed/non-existsing mutex. PR: kern/103569 Reviewed by: guido Approved by: glebius (mentor) Silence from: darrenr MFC: 2 week
* remove this from HEAD too since it got taken off the vendor branchsam2006-09-181-444/+0
|
* This commit was generated by cvs2svn to compensate for changes in r162413,sam2006-09-182-217/+0
| | | | which included commits to RCS files with non-trunk default branches.
* Introduce a new entry point, mac_create_mbuf_from_firewall. This entry pointcsjp2006-09-121-0/+55
| | | | | | | | | | | | | | | | | | | | | | exists to allow the mandatory access control policy to properly initialize mbufs generated by the firewall. An example where this might happen is keep alive packets, or ICMP error packets in response to other packets. This takes care of kernel panics associated with un-initialize mbuf labels when the firewall generates packets. [1] I modified this patch from it's original version, the initial patch introduced a number of entry points which were programmatically equivalent. So I introduced only one. Instead, we should leverage mac_create_mbuf_netlayer() which is used for similar situations, an example being icmp_error() This will minimize the impact associated with the MFC Submitted by: mlaier [1] MFC after: 1 week This is a RELENG_6 candidate
* Fix stateful filtering of loopback IPv6 traffic to an address not configuredmlaier2006-09-061-2/+8
| | | | | | | | | on lo0. While here fix a comment. PR: kern/102647 Reported by: Frank Steinborn Submitted by: suz (earlier version) MFC after: 3 days
* Resolve conflictsguido2006-08-1616-361/+501
| | | | MFC after: 2 weeks
* This commit was generated by cvs2svn to compensate for changes in r161351,guido2006-08-163-10/+23
|\ | | | | | | which included commits to RCS files with non-trunk default branches.
| * Import IP Filter 4.1.13guido2006-08-1621-402/+557
| |
* | The strstr() function is in the libkern now.pjd2006-08-121-22/+0
| |
* | Import from OpenBSD 1.168, dhartmei:mlaier2006-07-211-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | fix a bug in the input sanity check of DIOCCHANGERULE (not used by pfctl, but third-party tools). a rule must have a non-empty replacement address list when it's a translation rule but not an anchor call (i.e. "nat ... ->" needs a replacement address, but "nat-anchor ..." doesn't). the check confused "rule is an anchor call" with "rule is defined within an anchor". report from Michal Mertl, Max Laier. Obtained from: OpenBSD MFC after: 2 weeks
* | Revise network interface cloning to take an optional opaquesam2006-07-092-2/+10
| | | | | | | | | | | | | | | | | | parameter that can specify configuration parameters: o rev cloner api's to add optional parameter block o add SIOCCREATE2 that accepts parameter data o rev vlan support to use new api (maintain old code) Reviewed by: arch@
* | Make in-kernel multicast protocols for pfsync and carp work after enablingmlaier2006-07-081-0/+5
| | | | | | | | | | | | | | | | dynamic resizing of multicast membership array. Reported and testing by: Maxim Konovalov, Scott Ullrich Reminded by: thompsa MFC after: 2 weeks
* | Apply local modifications to make Unwind Express BETA 10 buildable andmarcel2006-07-0712-20/+92
| | | | | | | | usable in the FreeBSD kernel.
* | This commit was generated by cvs2svn to compensate for changes in r160160,marcel2006-07-074-1121/+0
| | | | | | | | which included commits to RCS files with non-trunk default branches.
* | This commit was generated by cvs2svn to compensate for changes in r160157,marcel2006-07-0728-347/+1908
|\ \ | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | Import BETA 10 of HP's Unwind Express. This import does not containmarcel2006-07-0728-347/+1908
| | | | | | | | | | | | | | | | | | | | | any modifications to make it build as part of the FreeBSD kernel. Now that the source appears to have stabilized, local changes will happen on HEAD and will therefore cause affected files to be pulled from the vendor branch.
* | | Fix pfsync w/o carp compilation.mlaier2006-06-161-0/+2
| | | | | | | | | | | | Submitted by: yar
* | | Fix byteorder of syncpeer and make it actually work.mlaier2006-06-141-6/+23
| | | | | | | | | | | | | | | Submitted by: glebius MFC after: 1 week
* | | reposition defines so things build on architectures where AH_REGOPS_FUNCsam2006-06-071-14/+14
| | | | | | | | | | | | is defined
* | | resolve merge conflictssam2006-06-051-9/+36
| | | | | | | | | | | | MFC after: 1 month
* | | This commit was generated by cvs2svn to compensate for changes in r159285,sam2006-06-0574-102663/+127118
|\ \ \ | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Version 0.9.17.2:sam2006-06-0575-102672/+127154
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | o define HAL_SOFTC, HAL_BUS_TAG, and HAL_BUS_HANDLE to be machine independent; this fixes portability issues with bsd systems o add ah_disable api for turning off operation of both MAC and PHY o add ah_getAntennaSwitch and ah_setAntennaSwitch api's for better control of antenna usage and diversity o add ah_setAckCTSRate and ah_setAckCTSRate for controlling tx rate of h/w generated frames o add ah_setBeaconTimers api for simpler setting of the beacon timer registers o remove ah_waitForBeaconDone api o add HAL_TXDESC_DURENA flag to enable h/w duration setting in tx descriptor o correct documentation of min/max tx power units (.5 dBm) o switch arm, mips, and powerpc builds to use functions for register read/write operations o fix sparc builds to not reference %g2 and %g3 registers o add public builds for SoC's MFC after: 1 month
* | | | Since DELAY() was moved, most <machine/clock.h> #includes have beenphk2006-05-161-1/+0
| | | | | | | | | | | | | | | | unnecessary.
* | | | Put debugging messages related to inconsistent ticket numbers under misc andmlaier2006-05-121-4/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | wrap it __FreeBSD__ specific as I couldn't figure out which version of OpenBSD I got it from. Reported by: Scott Ullrich
* | | | fix "ipf -Z" reporting rubbish and possibly panic'ing boxdarrenr2006-04-181-1/+1
| | | | | | | | | | | | | | | | MFC after: 4 days
* | | | Loopback pf_norm.c rev. 1.106 from OpenBSD:mlaier2006-03-251-4/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixup IP checksum when modifying IP header fields PR: kern/93849 Obtained from: OpenBSD MFC after: 3 days
* | | | Avoid pulling in the whole <net/pfvar.h> by opaquely declaringyar2006-03-091-2/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | the structs pflog_packet() takes pointers to. Approved by: mlaier MFC after: 3 days
* | | | Do not use the TSC where its known to be broken, this will cause the queuethompsa2006-03-021-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | speeds to perform below the desired bitrate and throughput will be erratic. This makes queueing work on the Geode SC1100, K5 model 0 and IDT WinChip C6 processors. MFC after: 3 days
* | | | resolve merge conflictssam2006-02-101-4/+6
| | | | | | | | | | | | | | | | MFC after: 2 weeks
* | | | This commit was generated by cvs2svn to compensate for changes in r155511,sam2006-02-1065-69379/+109156
|\ \ \ \ | |/ / / | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Version 0.9.16.16:sam2006-02-1066-69383/+109162
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | o new chip support o new platforms: powerpc-be-elf, sparc64-be-elf, and alpha-elf (alpha is untested, others are known to work) o many fixes and improvements MFC after: 2 weeks
* | | | Make pflog a seperate module. As a result pflog_packet() becomes a functionmlaier2006-02-053-0/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pointer that is declared in pf_ioctl.c Requested by: yar (as part of the module build reorg) MFC after: 1 week X-MFC with: yar's module reorg
* | | | fix a bug in the fragment cache (used for 'scrub fragment crop/drop-ovl',dhartmei2006-01-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | but not 'fragment reassemble'), which can cause some fragments to get inserted into the cache twice, thereby violating an invariant, and panic- ing the system subsequently. Reviewed by: mlaier MFC after: 1 day
* | | | Move m_adj after checking that m_dup succeeded.mlaier2006-01-141-3/+4
| | | | | | | | | | | | | | | | | | | | Found with: Coverity Prevent(tm) MFC after: 3 days
* | | | Add mcopywrap prototype to ip_compat.hguido2005-12-302-1/+1
| | | | | | | | | | | | | | | | Remove h323 proxy from ip_proxy (copyright issue)
* | | | Resolve conflictsguido2005-12-3021-509/+916
| | | |
* | | | This commit was generated by cvs2svn to compensate for changes in r153872,guido2005-12-3013-64/+41
|\ \ \ \ | | |_|/ | |/| | | | | | which included commits to RCS files with non-trunk default branches.
| * | | Import IP Filter version 4.1.10guido2005-12-3035-651/+1053
| | | |
* | | | Only decrement the max-src-conn counter for tcp connections that reachedmlaier2005-12-252-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | "established" state. Similar to OpenBSD's rev. 1.499 by joel but not breaking ABI. Obtained from: OpenBSD (with changes) Reported by: Bruno Afonso MFC after: 3 days X-MFC: together with local_flags
* | | | Fix build after timeval.tv_sec changed from long to time_t.mlaier2005-12-251-2/+5
| | | |
* | | | Move PFSTATE_EXPIRING from sync_flags to a new local_flags. sync_flags hasmlaier2005-12-202-4/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | special handling when zero. This caused no PFSYNC_ACT_DEL message and thus disfunction of pfflowd and state synchronisation in general. Discovered by: thompsa Good catch by: thompsa MFC after: 7 days
* | | | This commit was generated by cvs2svn to compensate for changes in r153200,obrien2005-12-074-630/+671
|\ \ \ \ | | | | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches.
| * | | | Update the nForce MCP NIC bits. This is version 1.0-0310 23-Nov-2005.obrien2005-12-074-630/+671
| | | | |
* | | | | Fix -Wundef warnings found when compiling i386 LINT, GENERIC andru2005-12-055-0/+58
| | | | | | | | | | | | | | | | | | | | custom kernels.
* | | | | Fix -Wundef from compiling the amd64 LINT.ru2005-12-045-21/+26
| | | | |
* | | | | - Store pointer to the link-level address right in "struct ifnet"ru2005-11-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rather than in ifindex_table[]; all (except one) accesses are through ifp anyway. IF_LLADDR() works faster, and all (except one) ifaddr_byindex() users were converted to use ifp->if_addr. - Stop storing a (pointer to) Ethernet address in "struct arpcom", and drop the IFP2ENADDR() macro; all users have been converted to use IF_LLADDR() instead.
* | | | | - Make IFP2ENADDR() a pointer to IF_LLADDR() rather than anotherru2005-11-111-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | copy of Ethernet address. - Change iso88025_ifattach() and fddi_ifattach() to accept MAC address as an argument, similar to ether_ifattach(), to make this work.
* | | | | Move the cloned interface list management in to if_clone. For some drivers thethompsa2005-11-082-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | softc lists and associated mutex are now unused so these have been removed. Calling if_clone_detach() will now destroy all the cloned interfaces for the driver and in most cases is all thats needed to unload. Idea by: brooks Reviewed by: brooks
* | | | | This commit was generated by cvs2svn to compensate for changes in r152069,jkim2005-11-042-8/+5
|\ \ \ \ \ | | | | | | | | | | | | | | | | | | which included commits to RCS files with non-trunk default branches.
OpenPOWER on IntegriCloud