cvs-src summary for August 30 - September 6

Mark Johnston mjohnston at
Tue Sep 7 15:53:24 PDT 2004

Here's the summary, slightly delayed to avoid unduly laboring on Labor Day.

FreeBSD cvs-src summary for 30/08/04 to 06/09/04
This is a regular weekly summary of FreeBSD's cutting-edge development.
It is intended to help the FreeBSD community keep up with the fast-paced
work going on in FreeBSD-CURRENT by distilling the deluge of data from
the CVS mailing list into a (hopefully) easy-to-read newsletter.  This
newsletter is marked up in reStructuredText_, so any odd punctuation
that you see is likely intended for the reST parser.

.. _reStructuredText:

You can get old summaries, and an HTML version of this one, at  Please send any comments to Mark Johnston
(mark at

For Lukasz Dudek and Szymon Roczniak's Polish translations of these
summaries, which may lag the English ones slightly, please see

.. contents::

New features
VM subsystem now runs without Giant by default on i386 and amd64
Alan Cox (alc) changed the value of the sysctl debug.mpsafevm to
1 by default on i386 and amd64.  This means that the VM subsystem
(specifically, copy-on-write and zero-fill faults) can run without
the Giant system lock.  You can disable this behavior by setting
debug.mpsafevm to 0 in loader.conf.

AutoFS automounting support added
Alfred Perlstein (alfred) committed autofs, which offers better system
integration for automounting.  The Amd automounting daemon usually uses a
loopback NFS mount to communicate with the operating system; autofs gives
it a faster, safer, and better-defined interface.

Alfred is working with the developers of Amd to arrange for FreeBSD's
autofs to be supported, as Linux's and Sun's are.

Cypress CY7C637xx and CY7C640/1xx (DeLorme Earthmate GPS) support added
Dag-Erling Smorgrav (des) added a driver for the Cypress CY7C637xx and
CY7C640/1xx families of USB to serial bridges.  Currently, the driver
supports only the DeLorme Earthmate USB GPS.  There is no support for flow
control yet, and output does not work, although Dag-Erling notes that this
may simply be because the Earthmate is a read-only device.

Notable changes
WITNESS gains its own sysctl branch
John-Mark Gurney (jmg) moved the sysctls for the WITNESS debugging
code into a new branch, debug.witness.  Previously, the sysctls had
been named similarly to debug.witness_example; they will now be

Discussion topics

Trouble with the CVS scripts
This discussion spread across numerous commits, starting with Sheldon
Hearn (sheldonh) committing a PCI vendor information file to 5.x.

Scott Long (scottl) replied to Sheldon's commit, saying, "I'm quite
surprised that the CVS scripts didn't require you to put an 'Approved
by' line here.  Is something broken?"  Usually, the scripts require an
"Approved by" line when committing to a restricted branch like 5.x, but
Sheldon's commit had not had that line and was not rejected.

Jun Kuriyama (kuriyama) replied, "Hmm, I checked with same file, branch
and log message in my repo, but it worked as I suppose.  But the commit
log proves something broken..."

Scott suggested, "Maybe committing directly from freefall circumvents the
checks?"  freefall is the main shell login server for committers.

Jun answered, "I understand freefall mounts /home/ncvs as readonly and
we are allowed to commit via over ssh only.  So I think we have only one
commit method."

Later on, Ken Smith (kensmith) tried a couple of test commits,
demonstrating the problem.  After trying a couple of things, he asked,
"[My last fix] was my best guess at why the approval checks weren't
working.  Anyone else got any ideas?"

Ruslan Ermilov (ru) replied, "I played with this a bit, setting up a local
repository with FreeBSD CVSROOT scripts, and I cannot reproduce it.
[ . . . ] I think that CVSROOT/approvecheck needs to have some debugging
until the problem is resolved."

Dag-Erling Smorgrav (des) offered, "just a shot in the dark: could the
login name be related somehow? it works fine for you [Ruslan] and me, and
we both have short login names; it doesn't work for sheldonh and kensmith,
who both have 8-character login names."

Ken tried again, after Jun had done some work on the code.  The problem
was still present, and Ken noted, "no error messages generated that I
could see[.]"

Jun asked, "could you test with debug option in"

Ken replied, "Ok, we can take this offline if it's just you and me working
on this so we're not spam-ing the list."

A few hours later, Ken followed up to the thread with this explanation:
"We think we found it.  The script that checks the acl's was using the
CVS/Tag file to get the branch name from.  It turns out if you check out
just one file (either remotely or from a local repo, doesn't matter) then
that file isn't created.  It only gets created if you check out more than
one file."

Ruslan confirmed, "Yes, indeed!  I can confirm this by trying locally[.]"

Ken concluded, "once Jun noticed the CVS/Tag file was missing from a
commit I did I had tried it from a location with the whole src/sys/conf
directory checked out and I got the 'You need approved by ...' message.
When I decided the other day to start looking into it I had checked out
just the file."

(many threads involved)

Important bug fixes
Security flaws in prison root raw socket access fixed
Christian S. J. Peron (csjp) fixed several security holes when a root
user in a prison is given access to raw sockets.  This access is given by
setting the sysctl security.jail.allow_raw_sockets to 1.  The security
holes fixed allowed the imprisoned root user to modify various network
parameters and affect the host system.

Though a number of security holes have been corrected, more may be
present, and security.jail.allow_raw_sockets should be used with care.

Sharing CDROMs over NFS fixed
Tim J. Robbins (tjr) fixed a problem in the CD-ROM code that was causing
files on CD-ROMs that use the cd9660 filesystem to show up as zero-byte
files when shared via NFS.  This closes `PR 63446`_.

.. _`PR 63446`:

Other bug fixes
Brooks Davis (brooks) fixed the keyboard support so that a USB keyboard
will be used as the default when it is plugged into a machine that already
had a keyboard connected.

Prafulla Deuskar (pdeuskar) fixed a few issues with the em driver for
Intel PRO/1000 gigabit Ethernet cards.  He fixed a problem with jumbo
frames on cards with the 82547 chip, fixed VLAN-tagged frames' not being
bridged, and corrected the incorrect operation of the cards' LEDs.

More information about the freebsd-current mailing list