cvs-src summary for January 10-17

Thu Jan 20 09:51:34 PST 2005

Sorry that this is late and a little sparse; I've been way too busy lately.

Mark

FreeBSD cvs-src summary for 2005-01-11 to 2005-01-17
++++++++++++++++++++++++++++++++++++++++++++++++++++
This is a regular weekly summary of FreeBSD's cutting-edge development.
It is intended to help the FreeBSD community keep up with the fast-paced
work going on in FreeBSD-CURRENT by distilling the deluge of data from the
CVS mailing list into a (hopefully) easy-to-read newsletter.

You can get old summaries, and an HTML version of this one, at
http://www.xl0.org/FreeBSD/.  An RSS feed is available from
http://excel.xl0.org/cgi-bin/rss.py.  If you would like to receive
the summary without subscribing to current@, send a blank message to
freebsd-cvs-summary-subscribe at lists.enderunix.org; thanks to Omer Faruk
Sen and EnderUNIX for hosting this list.  Please send any comments to Mark
Johnston (mark at xl0.org).

============
New Features
============
GEOM Shared Secret class added
------------------------------
Pawel Jakub Dawidek (pjd) committed a new GEOM class, named SHSEC, that
configures a group of GEOM devices with a shared secret.  If any of the
providers is missing, no useful data can be gotten from any of the others.

This work was sponsored by Wheel Sp. z o.o. (http://www.wheel.pl).

http://www.freebsd.org/cgi/mid.cgi?200501111806.j0BI6iv3095929

IBM/Adaptec ServeRAID driver merged to 4.x
------------------------------------------
Scott Long (scottl) MFC'ed to 4.x the ips[1] driver, which supports the
IBM/Adaptec ServeRAID series of SCSI controllers.  This supports the
ServeRAID 3H as well as most 4, 5, and 6 series cards.

[1] http://www.freebsd.org/cgi/man.cgi?query=ips&apropos=0&sektion=4&manpath=FreeBSD+6.0-current&format=html

http://www.freebsd.org/cgi/mid.cgi?200501130046.j0D0keNs023032

===============
Notable Changes
===============
Abbreviations of ipfw options deprecated
----------------------------------------
Brooks Davis (brooks) changed the ipfw[1] command-line utility to
remove support for abbreviating command-line options, which was causing
major maintenance headaches in the code.  Old abbreviations are still
accepted, but warnings will be produced.  Brooks may add a few specific
abbreviations based on user feedback.

[1] http://www.freebsd.org/cgi/man.cgi?query=ipfw&apropos=0&sektion=8&manpath=FreeBSD+6.0-current&format=html

http://www.freebsd.org/cgi/mid.cgi?200501150146.j0F1kfXf026648

=================
Discussion Topics
=================
Setuid checks for various kinds of filesystems
----------------------------------------------
Gleb Smirnoff (glebius) changed the security checks to bypass setuid
checks on filesystems mounted with the noexec (no executables
allowed) option.  This spurred a discussion about what should and
shouldn't be checked, covering noexec as well as nosuid filesystems
and remotely-mounted ones.  In the end, it was suggested that special
provisions for excluding given filesystems should be added to the
configuration.

http://www.freebsd.org/cgi/mid.cgi?200501131507.j0DF7ZAr081525

===================
Important Bug Fixes
===================
ACL bypass on the root filesystem corrected
-------------------------------------------
Pawel Jakub Dawidek (pjd) fixed a bug that would cause ACLs on the root
filesystem, when set with tunefs[1] to be ignored on system boot.  This
was a result of the way mount[2] was called.  With the change, it is no
longer possible to remove ACLs configured with tunefs by using mount -a or
mount -o noacls.

[1] http://www.freebsd.org/cgi/man.cgi?query=tunefs&apropos=0&sektion=8&manpath=FreeBSD+6.0-current&format=html
[2] http://www.freebsd.org/cgi/man.cgi?query=mount&apropos=0&sektion=8&manpath=FreeBSD+6.0-current&format=html

Reported by: Lech Lorens

http://www.freebsd.org/cgi/mid.cgi?200501151709.j0FH9rL5084363

===============
Other Bug Fixes
===============
Paul Saab (ps) fixed a possible crash in the TCP Selective ACK code.  The
bug was due to a GCC optimization issue.

http://www.freebsd.org/cgi/mid.cgi?200501122140.j0CLepDJ011394

Bill Paul (wpaul) fixed a possible panic in the NDIS support code when the
INVARIANTS kernel option is enabled.

http://www.freebsd.org/cgi/mid.cgi?200501142239.j0EMdidD013684

Alan Cox (alc) fixed a VM race condition that could result in a panic.
This bug was uncovered by Peter Holm's stress testing[1] of the kernel.

[1] http://www.holm.cc/stress/

Reported by: Peter Holm

http://www.freebsd.org/cgi/mid.cgi?200501152112.j0FLClQx099793