From owner-p4-projects@FreeBSD.ORG Fri Jul 25 13:41:10 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 2C38D1065674; Fri, 25 Jul 2008 13:41:10 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E29811065672 for ; Fri, 25 Jul 2008 13:41:09 +0000 (UTC) (envelope-from ed@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id CB20F8FC0A for ; Fri, 25 Jul 2008 13:41:09 +0000 (UTC) (envelope-from ed@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.2/8.14.2) with ESMTP id m6PDf9K2080001 for ; Fri, 25 Jul 2008 13:41:09 GMT (envelope-from ed@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m6PDf9uA079999 for perforce@freebsd.org; Fri, 25 Jul 2008 13:41:09 GMT (envelope-from ed@FreeBSD.org) Date: Fri, 25 Jul 2008 13:41:09 GMT Message-Id: <200807251341.m6PDf9uA079999@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to ed@FreeBSD.org using -f From: Ed Schouten To: Perforce Change Reviews Cc: Subject: PERFORCE change 145888 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 25 Jul 2008 13:41:10 -0000 http://perforce.freebsd.org/chv.cgi?CH=145888 Change 145888 by ed@ed_dull on 2008/07/25 13:40:29 IFC. Affected files ... .. //depot/projects/mpsafetty/ObsoleteFiles.inc#4 integrate .. //depot/projects/mpsafetty/UPDATING#3 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/ip_fil.c#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/ipsend/iptests.c#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/ipsend/sock.c#3 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/lib/printnat.c#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/test/regress/n12#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/test/regress/n2#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/test/regress/n5#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/test/regress/ni1.nat#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/test/regress/ni2.nat#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/test/regress/ni4.nat#2 integrate .. //depot/projects/mpsafetty/contrib/ipfilter/tools/ipnat_y.y#2 integrate .. //depot/projects/mpsafetty/include/Makefile#2 integrate .. //depot/projects/mpsafetty/include/sgtty.h#2 delete .. //depot/projects/mpsafetty/lib/libc/sys/setfib.2#2 integrate .. //depot/projects/mpsafetty/sbin/ipfw/ipfw.8#2 integrate .. //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_compat.h#2 integrate .. //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_fil.h#2 integrate .. //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_nat.c#2 integrate .. //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_nat.h#2 integrate .. //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_state.c#2 integrate .. //depot/projects/mpsafetty/sys/contrib/pf/net/pf_ioctl.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/hwpmc/hwpmc_mod.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/usb/ehci_pci.c#2 integrate .. //depot/projects/mpsafetty/sys/kern/kern_exec.c#3 integrate .. //depot/projects/mpsafetty/sys/kern/kern_lock.c#2 integrate .. //depot/projects/mpsafetty/sys/kern/kern_proc.c#3 integrate .. //depot/projects/mpsafetty/sys/modules/mem/Makefile#3 integrate .. //depot/projects/mpsafetty/sys/nfsclient/nfs_vfsops.c#3 integrate .. //depot/projects/mpsafetty/sys/sys/proc.h#3 integrate .. //depot/projects/mpsafetty/usr.sbin/setfib/setfib.c#2 integrate Differences ... ==== //depot/projects/mpsafetty/ObsoleteFiles.inc#4 (text+ko) ==== @@ -1,5 +1,5 @@ # -# $FreeBSD: src/ObsoleteFiles.inc,v 1.153 2008/07/19 18:21:52 marcel Exp $ +# $FreeBSD: src/ObsoleteFiles.inc,v 1.154 2008/07/25 12:37:46 ed Exp $ # # This file lists old files (OLD_FILES), libraries (OLD_LIBS) and # directories (OLD_DIRS) which should get removed at an update. Recently @@ -14,6 +14,8 @@ # The file is partitioned: OLD_FILES first, then OLD_LIBS and OLD_DIRS last. # +# 20080725: sgtty.h removed +OLD_FILES+=usr/include/sgtty.h # 20080719: sade(8) removed on all but amd64, i386 and sparc64 .if ${TARGET_ARCH} != "amd64" && ${TARGET_ARCH} != "i386" && \ ${TARGET_ARCH} != "sparc64" ==== //depot/projects/mpsafetty/UPDATING#3 (text+ko) ==== @@ -26,7 +26,7 @@ The sio(4) driver has been removed from the i386 and amd64 kernel configuration files. This means uart(4) is now the default serial port driver on those platforms as well. - + To prevent collisions with the sio(4) driver, the uart(4) driver uses different names for its device nodes. This means the onboard serial port will now most likely be called "ttyu0" @@ -40,7 +40,7 @@ 20080603: The version that Linuxulator emulates was changed from 2.4.2 to 2.6.16. If you experience any problems with Linux binaries - please try to set sysctl compat.linux.osrelease to 2.4.2 and + please try to set sysctl compat.linux.osrelease to 2.4.2 and if it fixes the problem contact emulation mailing list. 20080525: @@ -49,7 +49,7 @@ 20080509: I have checked in code to support multiple routing tables. - see the man pages setfib(1) and setfib(2). + See the man pages setfib(1) and setfib(2). This is a hopefully backwards compatible version, but to make use of it you need to compile your kernel with options ROUTETABLES=2 (or more up to 16). @@ -343,9 +343,9 @@ replace it as a more portable (and re-entrant) API. 20070224: - To support interrupt filtering a modification to the newbus API + To support interrupt filtering a modification to the newbus API has occurred, ABI was broken and __FreeBSD_version was bumped - to 700031. Please make sure that your kernel and modules are in + to 700031. Please make sure that your kernel and modules are in sync. For more info: http://docs.freebsd.org/cgi/mid.cgi?20070221233124.GA13941 @@ -404,8 +404,8 @@ 'hw.pci.enable_msix' tunables to 0 in the loader. 20061205: - The removal of several facets of the experimental Threading - system from the kernel means that the proc and thread structures + The removal of several facets of the experimental Threading + system from the kernel means that the proc and thread structures have changed quite a bit. I suggest all kernel modules that might reference these structures be recompiled.. Especially the linux module. @@ -457,7 +457,7 @@ The MUTEX_PROFILING option has been renamed to LOCK_PROFILING. The lockmgr object layout has been changed as a result of having a lock_object embedded in it. As a consequence all file system - kernel modules must be re-compiled. The mutex profiling man page + kernel modules must be re-compiled. The mutex profiling man page has not yet been updated to reflect this change. 20061026: @@ -506,7 +506,7 @@ after updating the kernel sources and compiling a new kernel, the i4b user space tools in "/usr/src/usr.sbin/i4b" must also be rebuilt, and vice versa. - + 20060627: The XBOX kernel now defaults to the nfe(4) driver instead of the nve(4) driver. Please update your configuration @@ -588,7 +588,7 @@ 20060201: The kernel ABI to file system modules was changed on i386. Please make sure that your kernel and modules are in sync. - + 20060118: This actually occured some time ago, but installing the kernel now also installs a bunch of symbol files for the kernel modules. @@ -1078,4 +1078,4 @@ Contact Warner Losh if you have any questions about your use of this document. -$FreeBSD: src/UPDATING,v 1.535 2008/07/13 07:20:14 ed Exp $ +$FreeBSD: src/UPDATING,v 1.537 2008/07/25 09:30:53 maxim Exp $ ==== //depot/projects/mpsafetty/contrib/ipfilter/ip_fil.c#2 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/contrib/ipfilter/ip_fil.c,v 1.6 2007/10/18 21:52:11 darrenr Exp $ */ +/* $FreeBSD: src/contrib/ipfilter/ip_fil.c,v 1.7 2008/07/24 12:35:05 darrenr Exp $ */ /* * Copyright (C) 1993-2001 by Darren Reed. @@ -801,3 +801,18 @@ { return 0; } + + +u_32_t ipf_random() +{ + static int seeded = 0; + + /* + * Choose a non-random seed so that "randomness" can be "tested." + */ + if (seeded == 0) { + srand(0); + seeded = 1; + } + return rand(); +} ==== //depot/projects/mpsafetty/contrib/ipfilter/ipsend/iptests.c#2 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/contrib/ipfilter/ipsend/iptests.c,v 1.14 2007/10/18 21:52:12 darrenr Exp $ */ +/* $FreeBSD: src/contrib/ipfilter/ipsend/iptests.c,v 1.15 2008/07/24 12:35:05 darrenr Exp $ */ /* * Copyright (C) 1993-1998 by Darren Reed. @@ -24,6 +24,7 @@ #if !defined(__osf__) # ifdef __NetBSD__ # include +# include # endif # define _KERNEL # define KERNEL ==== //depot/projects/mpsafetty/contrib/ipfilter/ipsend/sock.c#3 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/contrib/ipfilter/ipsend/sock.c,v 1.20 2008/07/23 16:34:53 des Exp $ */ +/* $FreeBSD: src/contrib/ipfilter/ipsend/sock.c,v 1.21 2008/07/24 12:35:05 darrenr Exp $ */ /* * sock.c (C) 1995-1998 Darren Reed * @@ -32,6 +32,7 @@ #if !defined(__osf__) # ifdef __NetBSD__ # include +# include # endif # ifdef __FreeBSD__ # define _WANT_FILE ==== //depot/projects/mpsafetty/contrib/ipfilter/lib/printnat.c#2 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/contrib/ipfilter/lib/printnat.c,v 1.5 2007/10/18 21:52:12 darrenr Exp $ */ +/* $FreeBSD: src/contrib/ipfilter/lib/printnat.c,v 1.6 2008/07/24 12:35:05 darrenr Exp $ */ /* * Copyright (C) 2002-2005 by Darren Reed. @@ -217,6 +217,8 @@ putchar(' '); printproto(pr, np->in_p, np); } + if (np->in_flags & IPN_SEQUENTIAL) + printf(" sequential"); printf("\n"); if (opts & OPT_DEBUG) { struct in_addr nip; ==== //depot/projects/mpsafetty/contrib/ipfilter/test/regress/n12#2 (text+ko) ==== @@ -1,1 +1,1 @@ -map le0 192.168.126.0/24 -> 0/32 portmap tcp/udp 10000:20000 +map le0 192.168.126.0/24 -> 0/32 portmap tcp/udp 10000:20000 sequential ==== //depot/projects/mpsafetty/contrib/ipfilter/test/regress/n2#2 (text+ko) ==== @@ -1,4 +1,4 @@ -map zx0 10.1.1.1/32 -> 10.2.2.2/32 portmap tcp 10000:20000 -map zx0 10.1.1.0/24 -> 10.3.4.5/32 portmap udp 10000:20000 -map zx0 10.1.0.0/16 -> 10.3.4.0/24 portmap tcp/udp 10000:20000 -map zx0 10.1.1.0/24 -> 10.3.4.5/32 portmap tcp/udp 40000:40001 +map zx0 10.1.1.1/32 -> 10.2.2.2/32 portmap tcp 10000:20000 sequential +map zx0 10.1.1.0/24 -> 10.3.4.5/32 portmap udp 10000:20000 sequential +map zx0 10.1.0.0/16 -> 10.3.4.0/24 portmap tcp/udp 10000:20000 sequential +map zx0 10.1.1.0/24 -> 10.3.4.5/32 portmap tcp/udp 40000:40001 sequential ==== //depot/projects/mpsafetty/contrib/ipfilter/test/regress/n5#2 (text+ko) ==== @@ -1,6 +1,6 @@ map zx0 10.1.1.1/32 -> 10.2.2.2/32 map zx0 from 10.1.1.0/24 to 10.1.0.0/16 -> 10.3.4.5/32 map zx0 from 10.1.1.0/24 ! to 10.1.0.0/16 -> 10.3.4.0/24 -map zx0 10.1.1.0/24 -> 10.3.4.5/32 portmap udp 10000:20000 -map zx0 10.1.0.0/16 -> 10.3.4.0/24 portmap tcp/udp 10000:20000 -map zx0 10.1.1.0/24 -> 10.3.4.5/32 portmap tcp/udp 40000:40001 +map zx0 10.1.1.0/24 -> 10.3.4.5/32 portmap udp 10000:20000 sequential +map zx0 10.1.0.0/16 -> 10.3.4.0/24 portmap tcp/udp 10000:20000 sequential +map zx0 10.1.1.0/24 -> 10.3.4.5/32 portmap tcp/udp 40000:40001 sequential ==== //depot/projects/mpsafetty/contrib/ipfilter/test/regress/ni1.nat#2 (text+ko) ==== @@ -1,3 +1,3 @@ -map df0 from 2.2.2.2/32 port 20000 >< 25000 to any -> 6.6.6.8/32 portmap udp 2000:2500 -map df0 from 2.2.2.2/32 port 2000 >< 2500 to any -> 6.6.6.7/32 portmap udp 20000:25000 +map df0 from 2.2.2.2/32 port 20000 >< 25000 to any -> 6.6.6.8/32 portmap udp 2000:2500 sequential +map df0 from 2.2.2.2/32 port 2000 >< 2500 to any -> 6.6.6.7/32 portmap udp 20000:25000 sequential map df0 from 2.2.2.2/32 to any -> 6.6.6.6/32 ==== //depot/projects/mpsafetty/contrib/ipfilter/test/regress/ni2.nat#2 (text+ko) ==== @@ -1,1 +1,1 @@ -map xl0 10.0.0.0/8 -> 1.1.1.1/32 portmap tcp/udp 40000:60000 +map xl0 10.0.0.0/8 -> 1.1.1.1/32 portmap tcp/udp 40000:60000 sequential ==== //depot/projects/mpsafetty/contrib/ipfilter/test/regress/ni4.nat#2 (text+ko) ==== @@ -1,1 +1,1 @@ -map df0 2.2.2.2/32 -> 6.6.6.6/32 portmap tcp/udp 40000:60000 +map df0 2.2.2.2/32 -> 6.6.6.6/32 portmap tcp/udp 40000:60000 sequential ==== //depot/projects/mpsafetty/contrib/ipfilter/tools/ipnat_y.y#2 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/contrib/ipfilter/tools/ipnat_y.y,v 1.6 2007/10/18 21:52:13 darrenr Exp $ */ +/* $FreeBSD: src/contrib/ipfilter/tools/ipnat_y.y,v 1.7 2008/07/24 12:35:05 darrenr Exp $ */ /* * Copyright (C) 2001-2006 by Darren Reed. @@ -95,7 +95,7 @@ %token IPNY_MAP IPNY_BIMAP IPNY_FROM IPNY_TO IPNY_MASK IPNY_PORTMAP IPNY_ANY %token IPNY_ROUNDROBIN IPNY_FRAG IPNY_AGE IPNY_ICMPIDMAP IPNY_PROXY %token IPNY_TCP IPNY_UDP IPNY_TCPUDP IPNY_STICKY IPNY_MSSCLAMP IPNY_TAG -%token IPNY_TLATE +%token IPNY_TLATE IPNY_SEQUENTIAL %type portspec %type hexnumber compare range proto %type hostname ipv4 @@ -422,11 +422,11 @@ ; mapport: - IPNY_PORTMAP tcpudp portspec ':' portspec + IPNY_PORTMAP tcpudp portspec ':' portspec randport { nat->in_pmin = htons($3); nat->in_pmax = htons($5); } - | IPNY_PORTMAP tcpudp IPNY_AUTO + | IPNY_PORTMAP tcpudp IPNY_AUTO randport { nat->in_flags |= IPN_AUTOPORTMAP; nat->in_pmin = htons(1024); nat->in_pmax = htons(65535); @@ -446,6 +446,10 @@ } ; +randport: + | IPNY_SEQUENTIAL { nat->in_flags |= IPN_SEQUENTIAL; } + ; + sobject: saddr | saddr port portstuff { nat->in_sport = $3.p1; @@ -519,6 +523,7 @@ nattag: | IPNY_TAG YY_STR { strncpy(nat->in_tag.ipt_tag, $2, sizeof(nat->in_tag.ipt_tag)); } + rr: | IPNY_ROUNDROBIN { nat->in_flags |= IPN_ROUNDR; } ; @@ -647,6 +652,7 @@ { "range", IPNY_RANGE }, { "rdr", IPNY_RDR }, { "round-robin",IPNY_ROUNDROBIN }, + { "sequential", IPNY_SEQUENTIAL }, { "sticky", IPNY_STICKY }, { "tag", IPNY_TAG }, { "tcp", IPNY_TCP }, ==== //depot/projects/mpsafetty/include/Makefile#2 (text+ko) ==== @@ -1,5 +1,5 @@ # @(#)Makefile 8.2 (Berkeley) 1/4/94 -# $FreeBSD: src/include/Makefile,v 1.280 2008/06/17 06:26:29 davidxu Exp $ +# $FreeBSD: src/include/Makefile,v 1.281 2008/07/25 12:37:46 ed Exp $ # # Doing a "make install" builds /usr/include. @@ -18,7 +18,7 @@ netdb.h nl_types.h nlist.h nss.h nsswitch.h paths.h \ printf.h proc_service.h pthread.h \ pthread_np.h pwd.h ranlib.h readpassphrase.h regex.h regexp.h \ - res_update.h resolv.h runetype.h search.h setjmp.h sgtty.h \ + res_update.h resolv.h runetype.h search.h setjmp.h \ signal.h spawn.h stab.h \ stdbool.h stddef.h stdio.h stdlib.h string.h stringlist.h \ strings.h sysexits.h tar.h tgmath.h \ ==== //depot/projects/mpsafetty/lib/libc/sys/setfib.2#2 (text+ko) ==== @@ -22,7 +22,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD: src/lib/libc/sys/setfib.2,v 1.2 2008/05/10 07:31:34 brueffer Exp $ +.\" $FreeBSD: src/lib/libc/sys/setfib.2,v 1.3 2008/07/25 01:09:36 julian Exp $ .\" .Dd May 9, 2008 .Dt SETFIB 2 @@ -58,7 +58,7 @@ .Rv -std setfib .Sh ERRORS The -.Fn kill +.Fn setfib system call will fail and no action will be taken and return .Er EINVAL ==== //depot/projects/mpsafetty/sbin/ipfw/ipfw.8#2 (text+ko) ==== @@ -1,5 +1,5 @@ .\" -.\" $FreeBSD: src/sbin/ipfw/ipfw.8,v 1.212 2008/05/09 23:02:54 julian Exp $ +.\" $FreeBSD: src/sbin/ipfw/ipfw.8,v 1.213 2008/07/24 18:39:36 julian Exp $ .\" .Dd November 26, 2007 .Dt IPFW 8 @@ -850,7 +850,8 @@ .Ar fibnum in any subsequent forwarding decisions. Initially this is limited to the values 0 through 15. See -.Xr setfib 8 +.Xr setfib 8 . +Processing continues at the next rule. .El .Ss RULE BODY The body of a rule contains zero or more patterns (such as ==== //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_compat.h#2 (text+ko) ==== @@ -4,7 +4,7 @@ * See the IPFILTER.LICENCE file for details on licencing. * * @(#)ip_compat.h 1.8 1/14/96 - * $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_compat.h,v 1.35 2007/10/30 15:23:26 darrenr Exp $ + * $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_compat.h,v 1.36 2008/07/24 12:35:05 darrenr Exp $ * Id: ip_compat.h,v 2.142.2.57 2007/10/10 09:51:42 darrenr Exp $ */ @@ -204,6 +204,8 @@ # define U_32_T 1 # ifdef _KERNEL +# define NEED_LOCAL_RAND 1 +# define ipf_random arc4random # define KRWLOCK_T krwlock_t # define KMUTEX_T kmutex_t @@ -334,6 +336,7 @@ typedef struct uio uio_t; # endif typedef int ioctlcmd_t; +typedef uint8_t u_int8_t; # define OS_RECOGNISED 1 @@ -564,6 +567,8 @@ # endif # ifdef _KERNEL +# define NEED_LOCAL_RAND 1 +# define ipf_random arc4random # define ATOMIC_INC(x) { MUTEX_ENTER(&ipf_rw); \ (x)++; MUTEX_EXIT(&ipf_rw); } # define ATOMIC_DEC(x) { MUTEX_ENTER(&ipf_rw); \ @@ -660,6 +665,8 @@ # include # ifdef _KERNEL +# define NEED_LOCAL_RAND 1 +# define ipf_random arc4random # define KMUTEX_T simple_lock_data_t # define KRWLOCK_T lock_data_t # include @@ -781,6 +788,8 @@ typedef char * caddr_t; # endif +# define ipf_random arc4random + # ifdef _KERNEL # if (__NetBSD_Version__ >= 399001400) # define KMALLOCS(a, b, c) (a) = (b)malloc((c), _M_IPF, M_NOWAIT) @@ -820,6 +829,11 @@ /* F R E E B S D */ /* ----------------------------------------------------------------------- */ #ifdef __FreeBSD__ +# if (__FreeBSD_version < 400000) +# define NEED_LOCAL_RAND 1 +# else +# define ipf_random arc4random +# endif # if defined(_KERNEL) # if (__FreeBSD_version >= 500000) # include "opt_bpf.h" ==== //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_fil.h#2 (text+ko) ==== @@ -4,7 +4,7 @@ * See the IPFILTER.LICENCE file for details on licencing. * * @(#)ip_fil.h 1.35 6/5/96 - * $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_fil.h,v 1.36 2007/10/18 21:52:13 darrenr Exp $ + * $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_fil.h,v 1.37 2008/07/24 12:35:05 darrenr Exp $ * Id: ip_fil.h,v 2.170.2.51 2007/10/10 09:48:03 darrenr Exp $ */ @@ -1523,6 +1523,12 @@ extern int ipf_deltoken __P((int,int, void *)); extern int ipfsync __P((void)); extern int ipf_genericiter __P((void *, int, void *)); +#ifndef ipf_random +extern u_32_t ipf_random __P((void)); +#endif +#ifdef NEED_LOCAL_RAND +extern void ipf_rand_push __P((void *, int)); +#endif extern int fr_running; extern u_long fr_frouteok[2]; ==== //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_nat.c#2 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_nat.c,v 1.44 2007/10/30 15:23:26 darrenr Exp $ */ +/* $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_nat.c,v 1.45 2008/07/24 12:35:05 darrenr Exp $ */ /* * Copyright (C) 1995-2003 by Darren Reed. @@ -117,7 +117,7 @@ #if !defined(lint) static const char sccsid[] = "@(#)ip_nat.c 1.11 6/5/96 (C) 1995 Darren Reed"; -static const char rcsid[] = "@(#)$FreeBSD: src/sys/contrib/ipfilter/netinet/ip_nat.c,v 1.44 2007/10/30 15:23:26 darrenr Exp $"; +static const char rcsid[] = "@(#)$FreeBSD: src/sys/contrib/ipfilter/netinet/ip_nat.c,v 1.45 2008/07/24 12:35:05 darrenr Exp $"; /* static const char rcsid[] = "@(#)$Id: ip_nat.c,v 2.195.2.102 2007/10/16 10:08:10 darrenr Exp $"; */ #endif @@ -1678,6 +1678,9 @@ if (logtype != 0 && nat_logging != 0) nat_log(nat, logtype); +#if defined(NEED_LOCAL_RAND) && defined(_KERNEL) + ipf_rand_push(nat, sizeof(*nat)); +#endif /* * Take it as a general indication that all the pointers are set if @@ -2029,7 +2032,13 @@ /* * Standard port translation. Select next port. */ - port = htons(np->in_pnext++); + if (np->in_flags & IPN_SEQUENTIAL) { + port = htons(np->in_pnext); + } else { + port = ipf_random() % (ntohs(np->in_pmax) - + ntohs(np->in_pmin)); + } + np->in_pnext++; if (np->in_pnext > ntohs(np->in_pmax)) { np->in_pnext = ntohs(np->in_pmin); @@ -3793,7 +3802,7 @@ READ_ENTER(&ipf_nat); - if ((fin->fin_p == IPPROTO_ICMP) && !(nflags & IPN_ICMPQUERY) && + if (((fin->fin_flx & FI_ICMPERR) != 0) && (nat = nat_icmperror(fin, &nflags, NAT_OUTBOUND))) /*EMPTY*/; else if ((fin->fin_flx & FI_FRAG) && (nat = fr_nat_knownfrag(fin))) @@ -4088,7 +4097,7 @@ READ_ENTER(&ipf_nat); - if ((fin->fin_p == IPPROTO_ICMP) && !(nflags & IPN_ICMPQUERY) && + if (((fin->fin_flx & FI_ICMPERR) != 0) && (nat = nat_icmperror(fin, &nflags, NAT_INBOUND))) /*EMPTY*/; else if ((fin->fin_flx & FI_FRAG) && (nat = fr_nat_knownfrag(fin))) ==== //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_nat.h#2 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_nat.h,v 1.27 2007/10/18 21:52:14 darrenr Exp $ */ +/* $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_nat.h,v 1.28 2008/07/24 12:35:05 darrenr Exp $ */ /* * Copyright (C) 1995-2001, 2003 by Darren Reed. @@ -6,7 +6,7 @@ * See the IPFILTER.LICENCE file for details on licencing. * * @(#)ip_nat.h 1.5 2/4/96 - * $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_nat.h,v 1.27 2007/10/18 21:52:14 darrenr Exp $ + * $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_nat.h,v 1.28 2008/07/24 12:35:05 darrenr Exp $ * Id: ip_nat.h,v 2.90.2.20 2007/09/25 08:27:32 darrenr Exp $ */ @@ -256,9 +256,11 @@ #define IPN_FIXEDDPORT 0x200000 #define IPN_FINDFORWARD 0x400000 #define IPN_IN 0x800000 +#define IPN_SEQUENTIAL 0x1000000 #define IPN_USERFLAGS (IPN_TCPUDP|IPN_AUTOPORTMAP|IPN_IPRANGE|IPN_SPLIT|\ IPN_ROUNDR|IPN_FILTER|IPN_NOTSRC|IPN_NOTDST|\ - IPN_FRAG|IPN_STICKY|IPN_FIXEDDPORT|IPN_ICMPQUERY) + IPN_FRAG|IPN_STICKY|IPN_FIXEDDPORT|IPN_ICMPQUERY|\ + IPN_SEQUENTIAL) /* * Values for in_redir ==== //depot/projects/mpsafetty/sys/contrib/ipfilter/netinet/ip_state.c#2 (text+ko) ==== @@ -1,4 +1,4 @@ -/* $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_state.c,v 1.41 2007/10/30 15:23:27 darrenr Exp $ */ +/* $FreeBSD: src/sys/contrib/ipfilter/netinet/ip_state.c,v 1.42 2008/07/24 12:35:05 darrenr Exp $ */ /* * Copyright (C) 1995-2003 by Darren Reed. @@ -195,6 +195,9 @@ /* ------------------------------------------------------------------------ */ int fr_stateinit() { +#if defined(NEED_LOCAL_RAND) || !defined(_KERNEL) + struct timeval tv; +#endif int i; KMALLOCS(ips_table, ipstate_t **, fr_statesize * sizeof(ipstate_t *)); @@ -205,20 +208,27 @@ KMALLOCS(ips_seed, u_long *, fr_statesize * sizeof(*ips_seed)); if (ips_seed == NULL) return -2; +#if defined(NEED_LOCAL_RAND) || !defined(_KERNEL) + tv.tv_sec = 0; + GETKTIME(&tv); +#endif for (i = 0; i < fr_statesize; i++) { /* * XXX - ips_seed[X] should be a random number of sorts. */ -#if (__FreeBSD_version >= 400000) +#if !defined(NEED_LOCAL_RAND) && defined(_KERNEL) ips_seed[i] = arc4random(); #else ips_seed[i] = ((u_long)ips_seed + i) * fr_statesize; - ips_seed[i] ^= 0xa5a55a5a; + ips_seed[i] += tv.tv_sec; ips_seed[i] *= (u_long)ips_seed; ips_seed[i] ^= 0x5a5aa5a5; ips_seed[i] *= fr_statemax; #endif } +#if defined(NEED_LOCAL_RAND) && defined(_KERNEL) + ipf_rand_push(ips_seed, fr_statesize * sizeof(*ips_seed)); +#endif /* fill icmp reply type table */ for (i = 0; i <= ICMP_MAXTYPE; i++) @@ -3028,6 +3038,10 @@ (void) fr_derefrule(&is->is_rule); } +#if defined(NEED_LOCAL_RAND) && defined(_KERNEL) + ipf_rand_push(is, sizeof(*is)); +#endif + MUTEX_DESTROY(&is->is_lock); KFREE(is); ips_num--; ==== //depot/projects/mpsafetty/sys/contrib/pf/net/pf_ioctl.c#2 (text+ko) ==== @@ -40,7 +40,7 @@ #include "opt_inet6.h" #include -__FBSDID("$FreeBSD: src/sys/contrib/pf/net/pf_ioctl.c,v 1.33 2008/06/05 19:30:20 mlaier Exp $"); +__FBSDID("$FreeBSD: src/sys/contrib/pf/net/pf_ioctl.c,v 1.34 2008/07/24 19:05:58 julian Exp $"); #endif #ifdef __FreeBSD__ @@ -1531,7 +1531,7 @@ pfi_kif_ref(rule->kif, PFI_KIF_REF_RULE); } -#ifdef __FreeBSD__ /* ROUTEING */ +#ifdef __FreeBSD__ /* ROUTING */ if (rule->rtableid > 0 && rule->rtableid > rt_numfibs) #else if (rule->rtableid > 0 && !rtable_exists(rule->rtableid)) ==== //depot/projects/mpsafetty/sys/dev/hwpmc/hwpmc_mod.c#2 (text+ko) ==== @@ -30,7 +30,7 @@ */ #include -__FBSDID("$FreeBSD: src/sys/dev/hwpmc/hwpmc_mod.c,v 1.32 2008/01/13 14:44:02 attilio Exp $"); +__FBSDID("$FreeBSD: src/sys/dev/hwpmc/hwpmc_mod.c,v 1.33 2008/07/25 05:49:48 jeff Exp $"); #include #include @@ -966,7 +966,11 @@ /* issue an attach event to a configured log file */ if (pm->pm_owner->po_flags & PMC_PO_OWNS_LOGFILE) { pmc_getfilename(p->p_textvp, &fullpath, &freepath); - pmclog_process_pmcattach(pm, p->p_pid, fullpath); + if (p->p_flag & P_KTHREAD) { + fullpath = kernelname; + freepath = NULL; + } else + pmclog_process_pmcattach(pm, p->p_pid, fullpath); if (freepath) FREE(freepath, M_TEMP); if (PMC_IS_SAMPLING_MODE(PMC_TO_MODE(pm))) ==== //depot/projects/mpsafetty/sys/dev/usb/ehci_pci.c#2 (text+ko) ==== @@ -36,7 +36,7 @@ */ #include -__FBSDID("$FreeBSD: src/sys/dev/usb/ehci_pci.c,v 1.32 2008/04/11 05:50:53 benno Exp $"); +__FBSDID("$FreeBSD: src/sys/dev/usb/ehci_pci.c,v 1.33 2008/07/24 23:22:19 ivoras Exp $"); /* * USB Enhanced Host Controller Driver, a.k.a. USB 2.0 controller. @@ -99,6 +99,8 @@ /* AMD */ #define PCI_EHCI_DEVICEID_8111 0x10227463 static const char *ehci_device_8111 = "AMD 8111 USB 2.0 controller"; +#define PCI_EHCI_DEVICEID_CS5536 0x20951022 +static const char *ehci_device_cs5536 = "AMD CS5536 (Geode) USB 2.0 controller"; /* ATI */ #define PCI_EHCI_DEVICEID_SB200 0x43451002 @@ -221,6 +223,8 @@ return (ehci_device_m5239); case PCI_EHCI_DEVICEID_8111: return (ehci_device_8111); + case PCI_EHCI_DEVICEID_CS5536: + return (ehci_device_cs5536); case PCI_EHCI_DEVICEID_SB200: return (ehci_device_sb200); case PCI_EHCI_DEVICEID_SB400: @@ -305,8 +309,13 @@ case PCI_USBREV_PRE_1_0: case PCI_USBREV_1_0: case PCI_USBREV_1_1: + device_printf(self, "pre-2.0 USB rev\n"); + if (pci_get_devid(self) == PCI_EHCI_DEVICEID_CS5536) { + sc->sc_bus.usbrev = USBREV_2_0; + device_printf(self, "Quirk for CS5536 USB 2.0 enabled\n"); + break; + } sc->sc_bus.usbrev = USBREV_UNKNOWN; - device_printf(self, "pre-2.0 USB rev\n"); return ENXIO; case PCI_USBREV_2_0: sc->sc_bus.usbrev = USBREV_2_0; ==== //depot/projects/mpsafetty/sys/kern/kern_exec.c#3 (text+ko) ==== @@ -25,7 +25,7 @@ */ #include -__FBSDID("$FreeBSD: src/sys/kern/kern_exec.c,v 1.319 2008/07/17 16:44:07 kib Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/kern_exec.c,v 1.320 2008/07/25 11:55:32 kib Exp $"); #include "opt_hwpmc_hooks.h" #include "opt_kdtrace.h" @@ -832,10 +832,8 @@ crfree(tracecred); #endif vn_lock(imgp->vp, LK_EXCLUSIVE | LK_RETRY); - if (oldargs != NULL) - pargs_drop(oldargs); - if (newargs != NULL) - pargs_drop(newargs); + pargs_drop(oldargs); + pargs_drop(newargs); if (oldsigacts != NULL) sigacts_free(oldsigacts); ==== //depot/projects/mpsafetty/sys/kern/kern_lock.c#2 (text+ko) ==== @@ -29,7 +29,7 @@ #include "opt_ddb.h" #include -__FBSDID("$FreeBSD: src/sys/kern/kern_lock.c,v 1.133 2008/05/25 16:11:27 attilio Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/kern_lock.c,v 1.134 2008/07/25 11:22:25 kib Exp $"); #include #include @@ -392,12 +392,12 @@ &contested, &waittime); /* - * If the lock is alredy held by curthread in + * If the lock is already held by curthread in * exclusive way avoid a deadlock. */ if (LK_HOLDER(x) == tid) { LOCK_LOG2(lk, - "%s: %p alredy held in exclusive mode", + "%s: %p already held in exclusive mode", __func__, lk); error = EDEADLK; break; @@ -504,7 +504,7 @@ LOP_EXCLUSIVE, file, line); /* - * If curthread alredy holds the lock and this one is + * If curthread already holds the lock and this one is * allowed to recurse, simply recurse on it. */ if (lockmgr_xlocked(lk)) { @@ -722,7 +722,7 @@ LOP_EXCLUSIVE, file, line); /* - * Trying to drain a lock we alredy own will result in a + * Trying to drain a lock we already own will result in a * deadlock. */ if (lockmgr_xlocked(lk)) { @@ -863,7 +863,7 @@ _lockmgr_assert(lk, KA_XLOCKED | KA_NOTRECURSED, file, line); /* - * If the owner is alredy LK_KERNPROC just skip the whole operation. + * If the owner is already LK_KERNPROC just skip the whole operation. */ if (LK_HOLDER(lk->lk_lock) != tid) return; ==== //depot/projects/mpsafetty/sys/kern/kern_proc.c#3 (text+ko) ==== @@ -30,7 +30,7 @@ */ #include -__FBSDID("$FreeBSD: src/sys/kern/kern_proc.c,v 1.264 2008/05/24 06:22:16 jb Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/kern_proc.c,v 1.265 2008/07/25 11:55:32 kib Exp $"); #include "opt_ddb.h" #include "opt_kdtrace.h" @@ -123,6 +123,7 @@ static void proc_dtor(void *mem, int size, void *arg); static int proc_init(void *mem, int size, int flags); static void proc_fini(void *mem, int size); +static void pargs_free(struct pargs *pa); /* * Other process lists @@ -1180,7 +1181,7 @@ return (pa); } -void +static void pargs_free(struct pargs *pa) { ==== //depot/projects/mpsafetty/sys/modules/mem/Makefile#3 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/modules/mem/Makefile,v 1.6 2008/07/22 09:56:45 marius Exp $ +# $FreeBSD: src/sys/modules/mem/Makefile,v 1.7 2008/07/24 14:07:52 marius Exp $ .PATH: ${.CURDIR}/../../dev/mem .PATH: ${.CURDIR}/../../${MACHINE}/${MACHINE} @@ -19,11 +19,16 @@ .if ${MACHINE} == "sun4v" SRCS+= opt_global.h + +.if defined(KERNBUILDDIR) +MKDEP= -include ${KERNBUILDDIR}/opt_global.h +.else CFLAGS+= -include opt_global.h MKDEP= -include opt_global.h opt_global.h: echo "#define SUN4V 1" > ${.TARGET} .endif +.endif .include ==== //depot/projects/mpsafetty/sys/nfsclient/nfs_vfsops.c#3 (text+ko) ==== @@ -33,7 +33,7 @@ */ #include -__FBSDID("$FreeBSD: src/sys/nfsclient/nfs_vfsops.c,v 1.208 2008/07/22 21:27:22 ed Exp $"); +__FBSDID("$FreeBSD: src/sys/nfsclient/nfs_vfsops.c,v 1.210 2008/07/24 14:02:03 dfr Exp $"); #include "opt_bootp.h" @@ -105,7 +105,7 @@ downdelayinterval, CTLFLAG_RW, &nfs_tprintf_delay, 0, ""); static void nfs_decode_args(struct mount *mp, struct nfsmount *nmp, - struct nfs_args *argp); + struct nfs_args *argp, const char *hostname); static int mountnfs(struct nfs_args *, struct mount *, struct sockaddr *, char *, struct vnode **, struct ucred *cred); @@ -540,7 +540,8 @@ } static void -nfs_decode_args(struct mount *mp, struct nfsmount *nmp, struct nfs_args *argp) +nfs_decode_args(struct mount *mp, struct nfsmount *nmp, struct nfs_args *argp, + const char *hostname) { int s; int adjsock; @@ -706,10 +707,13 @@ } } - strlcpy(nmp->nm_hostname, argp->hostname, sizeof(nmp->nm_hostname)); - p = strchr(nmp->nm_hostname, ':'); - if (p) - *p = '\0'; + if (hostname) { + strlcpy(nmp->nm_hostname, hostname, + sizeof(nmp->nm_hostname)); + p = strchr(nmp->nm_hostname, ':'); + if (p) + *p = '\0'; + } } static const char *nfs_opts[] = { "from", "nfs_args", @@ -799,7 +803,7 @@ ~(NFSMNT_NFSV3 | NFSMNT_NOLOCKD /*|NFSMNT_XLATECOOKIE*/)) | (nmp->nm_flag & (NFSMNT_NFSV3 | NFSMNT_NOLOCKD /*|NFSMNT_XLATECOOKIE*/)); - nfs_decode_args(mp, nmp, &args); + nfs_decode_args(mp, nmp, &args, NULL); goto out; } @@ -937,7 +941,7 @@ nmp->nm_soproto = argp->proto; nmp->nm_rpcops = &nfs_rpcops; - nfs_decode_args(mp, nmp, argp); + nfs_decode_args(mp, nmp, argp, hst); /* * For Connection based sockets (TCP,...) defer the connect until ==== //depot/projects/mpsafetty/sys/sys/proc.h#3 (text+ko) ==== @@ -32,7 +32,7 @@ * SUCH DAMAGE. * * @(#)proc.h 8.15 (Berkeley) 5/19/95 - * $FreeBSD: src/sys/sys/proc.h,v 1.515 2008/05/21 09:31:44 kib Exp $ + * $FreeBSD: src/sys/sys/proc.h,v 1.516 2008/07/25 11:55:32 kib Exp $ */ #ifndef _SYS_PROC_H_ @@ -795,7 +795,6 @@ int p_canwait(struct thread *td, struct proc *p); struct pargs *pargs_alloc(int len); void pargs_drop(struct pargs *pa); -void pargs_free(struct pargs *pa); void pargs_hold(struct pargs *pa); void procinit(void); void proc_linkup0(struct proc *p, struct thread *td); ==== //depot/projects/mpsafetty/usr.sbin/setfib/setfib.c#2 (text+ko) ==== @@ -31,7 +31,7 @@ */ #include -__FBSDID("$FreeBSD: src/usr.sbin/setfib/setfib.c,v 1.3 2008/06/04 23:31:53 mlaier Exp $"); +__FBSDID("$FreeBSD: src/usr.sbin/setfib/setfib.c,v 1.4 2008/07/24 18:01:50 julian Exp $"); #include @@ -87,7 +87,7 @@ usage(); errno = 0; - if (syscall(175, (int)fib)) + if (setfib((int)fib)) warn("setfib"); execvp(*argv, argv); err(errno == ENOENT ? 127 : 126, "%s", *argv);