Commit Graph

78979 Commits

Author SHA1 Message Date
Orion Hodson
14213e7d3e Cater for ich4 quirks.
Reported by: Jacob Rhoden
Tested by: Jacob Rhoden, mp
2002-08-19 16:03:56 +00:00
Robert Watson
b12baf55a4 Assert process locks in proces-related access control checks.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 15:30:30 +00:00
Robert Watson
851704bbd0 Add a missing vnode assertion for the exec() check.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 15:28:39 +00:00
Maxim Sobolev
f44fbeca9b Previous deltas (promisc mode) were a subject of:
MFC after:	1 week
2002-08-19 15:18:25 +00:00
Maxim Sobolev
ffb079be0c Implement user-setable promiscuous mode (a new `promisc' flag for ifconfig(8)).
Also, for all interfaces in this mode pass all ethernet frames to upper layer,
even those not addressed to our own MAC, which allows packets encapsulated
in those frames be processed with packet filters (ipfw(8) et al).

Emphatically requested by:	Anton Turygin <pa3op@ukr-link.net>
Valuable suggestions by:	fenner
2002-08-19 15:16:38 +00:00
Luigi Rizzo
5a155b405e One more (hopefully the last one) step in cleaning up the syntax,
following Julian's good suggestion: since you can specify any match
pattern as an option, rules now have the following format:

	[<proto> from <src> to <dst>] [options]

i.e. the first part is now entirely optional (and left there just
for compatibility with ipfw1 rulesets).

Add a "-c" flag to show/list rules in the compact form
(i.e. without the "ip from any to any" part) when possible.
The default is to include it so that scripts processing ipfw's
canonical output will still work.
Note that as part of this cleanup (and to remove ambiguity), MAC
fields now can only be specified in the options part.

Update the manpage to reflect the syntax.

Clarify the behaviour when a match is attempted on fields which
are not present in the packet, e.g. port numbers on non TCP/UDP
packets, and the "not" operator is specified. E.g.

	ipfw add allow not src-port 80

will match also ICMP packets because they do not have port numbers, so
"src-port 80" will fail and "not src-port 80" will succeed. For such
cases it is advised to insert further options to prevent undesired results
(e.g. in the case above, "ipfw add allow proto tcp not src-port 80").

We definitely need to rewrite the parser using lex and yacc!
2002-08-19 12:36:54 +00:00
Maxim Konovalov
cb4abe67ef Forced commit to correct a PR number in the previous commit. It is bin/40177.
Pointed out by: obrien
2002-08-19 09:19:31 +00:00
Andrey A. Chernov
9424df445a Move internal defines from ctype.h here 2002-08-19 09:02:49 +00:00
Maxim Sobolev
3471c917ec Fix last-minute typo which breaks the world.
Submitted by:	many
2002-08-19 08:59:20 +00:00
Andrey A. Chernov
153bb33daf Move internal defines from here to libc/locale/wcwidth.c 2002-08-19 08:58:51 +00:00
Andrey A. Chernov
dcc3da5862 Properly define SWIDTH1, add autowidth (was SWIDTH1) 2002-08-19 08:50:41 +00:00
Ruslan Ermilov
84a0a0eeac mdoc(7) police: fixed the document date.
Submitted by:	iedowse
2002-08-19 07:15:20 +00:00
Poul-Henning Kamp
0176455bc8 First snapshot of UFS2 EA support.
Sponsored by: DARPA & NAI Labs.
2002-08-19 07:01:55 +00:00
Poul-Henning Kamp
bd86d22c62 Remove the SIS_LOCK/SIS_UNLOCK from sis_attach(). It makes WITNESS
barf and there seem to be little room for contention during attach.
2002-08-19 06:56:50 +00:00
Poul-Henning Kamp
fee7d450d8 Keep a copy of the credential used to mount filesystems around so
we can check and use it later on.

Change the pieces of code which relied on mount->mnt_stat.f_owner
to check which user mounted the filesystem.

This became needed as the EA code needs to be able to allocate
blocks for "system" EA users like ACLs.

There seems to be some half-baked (probably only quarter- actually)
notion that the superuser for a given filesystem is the user who
mounted it, but this has far from been carried through.  It is
unclear if it should be.

Sponsored by: DARPA & NAI Labs.
2002-08-19 06:52:21 +00:00
Luigi Rizzo
e706181ba6 Major cleanup of the parser and printing routines in an attempt to
render the syntax less ambiguous.

Now rules can be in one of these two forms

	<action> <protocol> from <src> to <dst> [options]
	<action> MAC dst-mac src-mac mac-type [options]

however you can now specify MAC and IP header fields as options e.g.

	ipfw add allow all from any to any mac-type arp
	ipfw add allow all from any to any { dst-ip me or src-ip me }

which makes complex expressions a lot easier to write and parse.
The "all from any to any" part is there just for backward compatibility.

Manpage updated accordingly.
2002-08-19 04:52:15 +00:00
Luigi Rizzo
306fe283a1 Raise limit for port lists to 30 entries/ranges.
Remove a duplicate "logging" message, and identify the firewall
as ipfw2 in the boot message.
2002-08-19 04:45:01 +00:00
Juli Mallett
6879bea818 Leave room for a trailing NUL not a NULL, that's not an ASCII character. 2002-08-19 03:52:36 +00:00
Juli Mallett
3a7fc8ce59 Remove local prototypes for main(). 2002-08-19 03:07:56 +00:00
Juli Mallett
4a0193d39e Add a unary -not operator ala -false and !, for sake of completeness.
Obtained from:	OpenDarwin
MFC after:	1 week
2002-08-19 02:27:33 +00:00
Bruce Evans
49b2349b41 Added rules to generate .c files from .m files. Run mkdep on these .c
files.  This fixes at least "make" (without -j) after "make clean".
2002-08-19 01:00:37 +00:00
Johan Karlsson
83ca56da18 New release notes: chmod(1) -v -v; od(1) -A, -N, -j, -s, -t
MFCs noted: biff(1) b; cp(1) -n; mv(1) -n; od(1) -A, -N, -j, -s, -t

Release note modified: mv(1) -n

Reviewed by: bmah
2002-08-19 00:35:58 +00:00
Johan Karlsson
124a12c09d Last commit should also have said
PR:		bin/39816
Submitted by:	Dan Lukes <dan@obluda.cz>
2002-08-18 21:48:38 +00:00
Johan Karlsson
0319a6a43b Remove unused variable. camcontrol is now WARNS=2 clean on i386.
Approved by: 	ken, sheldonh (mentor)
2002-08-18 21:46:32 +00:00
Poul-Henning Kamp
91afe0874d A side effect of some debugging: prototypify and deregister. 2002-08-18 21:24:22 +00:00
Bruce Evans
0f64e446fe Finished removing env(1) commands, as in rev.1.13 but non-broken. Set
the environment for the last command of the pipeline (xargs) instead
of too early in the broken version or using an extra env process for
each command spawned by xargs as in rev.1.12.  Fixed a nearby English
error.
2002-08-18 20:41:19 +00:00
Johan Karlsson
ad23c58318 Correctly handle empty path arguments, e.g., whereis -S -f biff.
Approved by:	joerg, sheldonh (mentor)
2002-08-18 18:21:18 +00:00
John Polstra
92fd901869 Clarify the explanation of the behavior for setuid programs by
noting that the restrictions do not apply if the user invoking the
program is also the owner of the program.

Also, capitalize a section header properly.

PR:		misc/41180
2002-08-18 18:11:38 +00:00
Bruce Evans
7309e024bf Include <nlist.h> for nlist interfaces instead of depending on namespace
pollution in <kvm.h>.
2002-08-18 17:57:08 +00:00
Bruce Evans
8fa6b8a8b6 Use essentially the same formatting of the CPU stats percentages as in
vmstat so that they never coalesce.  Both iostat and vmstat need larger
fixes to prevent wide fields from unnecessarily messing up the alignment
of all subsequent fields.

PR:		41674
MFC-after:	3 days
2002-08-18 17:51:14 +00:00
Bruce Evans
2757068e4f Include <nlist.h> for nlist interfaces instead of depending on namespace
pollution in <kvm.h>.
2002-08-18 17:35:55 +00:00
Jens Schweikhardt
dc7fb8d2ce Provide an iso8859 table similar to share/misc/ascii.
PR:		misc/11553
Submitted by:	Oliver Fromme <olli@fromme.com>
MFC after:	1 week
2002-08-18 16:57:45 +00:00
Orion Hodson
42e67fd3e7 Apply reference counting patch. Fixes problem of two applications
opening the device, eg one read only and one write only, and the
reference count being non-zero when both exit rendering device
permanently busy.

PR:		kern/35004
Submitted by:	Bill Wells
MFC after:	3 days
2002-08-18 14:17:06 +00:00
Søren Schmidt
1652b7bde4 Fix args for contigmalloc, cosmetics. 2002-08-18 12:20:33 +00:00
Søren Schmidt
e3ffd6e93f Add dev# for pst driver 2002-08-18 12:19:32 +00:00
Josef Karthauser
24177c6cb0 Use uhci_pci_match to return the device description and rework the
vendor description code.
2002-08-18 11:52:47 +00:00
Josef Karthauser
f992fafdd7 Add a comment to remind that uhci_pci_match will never return NULL.
Don't display the "New UHCI DeviceId" message unless booting verbosely.
Use a switch statement for the vendor match code.
2002-08-18 11:42:11 +00:00
Maxim Sobolev
62f7648682 Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoid
breaking application ABI use unused ifreq.ifru_flags[1] for upper 16 bits in
SIOCSIFFLAGS and SIOCGIFFLAGS ioctl's.

Reviewed by:	-hackers, -net
2002-08-18 07:05:00 +00:00
Tim J. Robbins
4f8fa749f0 Avoid accessing the current job's process table in the child part of
forkshell() after it has been freed. This caused mysterious behaviour
when anything but the first command in a pipeline tried to access the
terminal when the `junk' malloc() option was enabled (which is the default).
2002-08-18 06:43:44 +00:00
Tim J. Robbins
e92a3d83fc Implement the ISO C90 Amd.1 restartable wide and multibyte character
manipulation functions mbrlen(), mbrtowc(), mbsinit(), mbsrtowcs(),
wcrtomb(), wcsrtombs().
2002-08-18 06:30:10 +00:00
Mike Barcroft
b9414ee6bc Catch up to rev 1.8 of sys/alpha/osf1/osf1_mount.c. 2002-08-18 05:45:10 +00:00
Bruce A. Mah
4002ffd8f4 Whitespace fix.
PR:		41587
Submitted by:	David "Siebörger" <drs@rucus.ru.ac.za>
2002-08-18 04:08:04 +00:00
Bruce A. Mah
bc67d0e03b Misc fixups.
PR:		41587
Submitted by:	David "Siebörger" <drs@rucus.ru.ac.za>
2002-08-18 04:06:35 +00:00
Bruce A. Mah
19a4777efa MFCs noted: tcsh-6.12, top 3.5b12, OpenSSL-0.9.6g. 2002-08-18 04:00:06 +00:00
Jake Burkholder
6d9acb27b1 Fix warning. These structs should probably be removed altogether. 2002-08-18 03:05:55 +00:00
Jake Burkholder
789573a63e Forgot this in last commit. 2002-08-18 02:33:52 +00:00
Alan Cox
fe04760439 o Simplify the ptphint test in pmap_release_free_page(). In other words,
make it just like the test in _pmap_unwire_pte_hold().
2002-08-18 02:13:50 +00:00
Jake Burkholder
8b53c815ec Add pmap support for user mappings of multiple page sizes (super pages).
This supports all hardware page sizes (8K, 64K, 512K, 4MB), but only 8k
pages are actually used as of yet.
2002-08-18 02:09:27 +00:00
Orion Hodson
b383a8478c Fix VRA configuration.
Reported and fixed by: Grzybowski Rafal <grzybek@inferno.mikrus.pw.edu.pl>
2002-08-18 00:29:08 +00:00
Josef Karthauser
8f5fc1b728 Consolidate the device recognition code. 2002-08-18 00:24:03 +00:00