Commit Graph

126546 Commits

Author SHA1 Message Date
Robert Watson
22ccb20de4 Vendor import of OpenBSM 1.0 alpha 9, with the following change history
notes since the last import:

OpenBSM 1.0 alpha 9

- Rename many OpenBSM-specific constants and API elements containing the
  strings "BSM" and "bsm" to "AUDIT" and "audit", observing that this is true
  for almost all existing constants and APIs.
- Instead of passing a per-instance cookie directly into all audit filter
  APIs, pass in the audit filter daemon state pointer, which is then used by
  the module using an audit_filter_{get,set}cookie() API.  This will allow
  future service APIs provided by the filter daemon to maintain their own
  state -- for example, per-module preselection state.

OpenBSM 1.0 alpha 8

- Correct typo in definition of AUR_INT.
- Adopt OpenSolaris constant values for AUDIT_* configuration flags.
- Arguments to au_to_exec_args() and au_to_exec_env() no longer const.
- Add kernel versions of au_to_exec_args() and au_to_exec_env().
- Fix exec argument type that is printed for env strings from 'arg' to 'env'.
- New OpenBSM token version number assigned, constants added for other
  commonly seen version numbers.
- OpenBSM-specific events assigned numbers in the 43xxx range to avoid future
  collisions with Solaris.  Darwin events renamed to AUE_DARWIN_foo, as they
  are now deprecated numberings.
- autoconf now detects clock_gettime(), which is not available on Darwin.
- praudit output fixes relating to arg32 and arg64 tokens.
- Maximum record size updated to 64k-1 to match Solaris record size limit.
- Various style and comment cleanups in include files.

This is an MFC candidate to RELENG_6.

Obtained from:	TrustedBSD Project
2006-08-26 08:04:15 +00:00
Robert Watson
c9965e710d This commit was generated by cvs2svn to compensate for changes in r161630,
which included commits to RCS files with non-trunk default branches.
2006-08-26 08:04:15 +00:00
Alan Cox
1f081553cc Prevent a call to contigmalloc() that asks for more physical memory than
the machine has from causing a panic.

Submitted by: Michael Plass
PR: 101668
MFC after: 3 days
2006-08-26 02:43:23 +00:00
Alan Cox
b554f899bd Eliminate unused definitions. (They came from NetBSD.)
Discussed with: cognet, grehan, marcel
2006-08-25 23:51:11 +00:00
Warner Losh
b608b4520b Pass whatever the value of NM down to lorder. This allows one to
override NM in Makefiles when, for example, cross compiling and have
that value be used by lorder.  NM normally isn't defined, so we pass a
null value to lorder.  lorder says 'NM=${NM-nm}' which causes it to
pickup the default value.
2006-08-25 23:50:05 +00:00
Andrew Thompson
3f7d13964e Move the bridge hook after the loopback check so that IFF_SIMPLEX is honoured
on member interfaces. This makes us the same as OpenBSD/NetBSD.

MFC after:	3 days
2006-08-25 20:16:39 +00:00
Andrew Thompson
4ec528c7a4 The bridge cant hear its own transmissions so set IFF_SIMPLEX.
PR:		kern/102361
Tested by:	Radim Kolar <hsn@netmag.cz>
MFC after:	3 days
2006-08-25 20:11:56 +00:00
Pav Lucistnik
2eec31dfb4 - Talk about memory allocation in interrupt context
- Add uam to see also

Submitted by:	Devon H. O'Dell <devon.odell@coyotepoint.com>
2006-08-25 19:04:42 +00:00
Maksim Yevmenkin
7c3808562a - Catch up with ongoing rwatson's socket work;
- Fix a couple of LORs and panics;

- Temporarily remove the code that tries to cleanup sockets that stuck
  on accepting queues (both complete and incomplete). I'm taking an ostrich
  approach here until I find a better way to deal with sockets that were
  disconnected before accepting (i.e. while socket was on complete or
  incomplete accept queue).
2006-08-25 17:53:13 +00:00
John Baldwin
63ed2c123d Use the pcb in stoppcbs[] if it is present for threads that were running
on other CPUs in system when a dump is written.

Submitted by:	ups
Reviewed by:	marcel
MFC after:	3 days
2006-08-25 16:20:17 +00:00
Ceri Davies
d2b2ccea4c Note that the system only allows a maximum of kern.kq_calloutmax timers.
PR:		docs/102353
Submitted by:	phk
MFC after:	1 week
2006-08-25 15:19:47 +00:00
Pawel Jakub Dawidek
bebabf24bb Fix comment. 2006-08-25 15:13:49 +00:00
Olivier Houchard
5bbbbe1b2a Explicitely set the "allocbuffer" field to NULL when creating a new dmamap. 2006-08-25 15:10:45 +00:00
Olivier Houchard
223d2768ad Do not create dma maps with bus_dmamap_create, as we call
bus_dmamem_alloc later which will overwrite the value, leading to a small
memory leak.
2006-08-25 13:38:42 +00:00
Alexander Leidinger
40f734dd0d Emulate what vfork does instead of using it in linux_vfork. This way
we can do the stuff we need to do with linux processes at fork and
don't panic the kernel at exit of the child.

Submitted by:	rdivacky
Tested with:	tst-vfork* (glibc regression tests)
Tested by:	netchild
2006-08-25 11:59:56 +00:00
Robert Watson
3e8df637c0 Don't call suser_cred() directly from linux_sethostname(), as it just
wraps userland_sysctl(), which performs necessary privilege checks as
part of its normal operation.

MFC after:	1 week
2006-08-25 11:02:42 +00:00
David Xu
fd4a6d10a4 Same as previous change, the user provided priority should be reversed
too.
2006-08-25 10:05:30 +00:00
Ruslan Ermilov
cbae88b901 - Fix options order.
- Touch manpage's document date.
2006-08-25 09:58:13 +00:00
Ruslan Ermilov
d9c7237d04 Remove a stray -a option that probably sneaked in from julian's
attempt to enter append mode twice in vi(1).  :-)
2006-08-25 09:42:16 +00:00
Søren Schmidt
9e34f8233b Properly initialize and destroy the RAID lock.
Also dont mess with RAID's thats not attached yet and avoid panic.
2006-08-25 09:33:56 +00:00
Maxim Konovalov
0e6d65d1fd o Fix style(9) for previous. 2006-08-25 09:14:23 +00:00
Andrew Thompson
ad38702878 Fix spelling. 2006-08-25 08:25:35 +00:00
Tom Rhodes
b5aea37f80 Add login.conf checking to periodic security scripts. If the login.conf file
is not UID/GID 0, limits will be ignored and a strange error sent to auth.log.

Head nod:	ru, rwatson
2006-08-25 07:34:36 +00:00
Robert Watson
568b77a439 Remove $P4$ from this file; other then temporarily P4-local work in
progress the kernel audit code in CVS is considered authoritative.
This will ease $P4$-related merging issues during the CVS loopback.

Obtained from:	TrustedBSD Project
2006-08-25 07:30:23 +00:00
David Xu
4386313871 Initialize kg_base_user_pri. 2006-08-25 06:29:16 +00:00
David Xu
3db720fdce Add user priority loaning code to support priority propagation for
1:1 threading's POSIX priority mutexes, the code is no-op unless
priority-aware umtx code is committed.
2006-08-25 06:12:53 +00:00
Maxim Konovalov
ac5cc9e9bc A bunch of fixes from NetBSD:
o Restore owner/group/mode/atime/mtime of symbolic links, rev. 1.30.
o Extract file flags of symbolic link, rev. 1.42.
o Call getfile() before altering file attributes.
  Open file with mode 0600 instead of 0666 so that file won't remain
  group or world readable/writable even if getfile() terminated.
  Move skipfile() before altering file attributes in IF{CHR,BLK} and
  IFIFO case for symmetry, rev. 1.32.
o Use file mode 0600 when creating special file or fifo, revs. 1.33, 1.34.

o Remove redundant -N check.

PR:		bin/101660
Submitted by:	Andrey V. Elsukov
Obtained from:	NetBSD, enami@netbsd
MFC after:	6 weeks
2006-08-25 05:46:47 +00:00
Alan Cox
09ef0d6e0c The return value from vm_pageq_add_new_page() is not used. Eliminate it. 2006-08-25 04:36:19 +00:00
David Xu
31135ac304 Add member kg_base_user_pri and flag TDF_UBORROWING, they will be used
to support userland priority propagation for 1:1 threading.
2006-08-25 03:15:27 +00:00
Tom Rhodes
c24e5339e5 Send more Alpha bits to the bin. 2006-08-25 00:36:59 +00:00
Peter Grehan
9302d5e0d5 Remove file that snuck in accidentally in Marcel's gdb commit. 2006-08-25 00:21:48 +00:00
Olivier Houchard
11d1528ce0 Finally bring it support for the i80219 XScale processor.
Submitted by:	Max M. Boyarov <m.boyarov bsd by>
2006-08-24 23:51:28 +00:00
Olivier Houchard
ba282be9f3 Use ELFDATA2MSB if we're building big endian.
Noticed by:	Oleksandr Tymoshenko <gonzo freebsd org>
2006-08-24 23:00:03 +00:00
Marius Strobl
2afacffb3a Remove the DPMS code in creator_blank_display(), as it causes some
LCDs to blink in the V_DISPLAY_ON case, at least in combination with
some 13W3-VGA-adaptors (what's exactly going on is unclear though,
as it happens when all of H-sync, V-sync and video output are enabled
and not touching the sync bits from the preset fixes it). Thus
creator_blank_display() now is reduced to turning the video output
on/off.
Although that DPMS code did what the XFree86/Xorg sunffb(4x) does,
it was questionable in the first place, as both implementations
also turn(ed) off the video output on standby and suspend, thus most
likely causing the monitor to turn off instead of entering standby
or suspend as intended (at least my monitors don't).

Reported and tested by:	Patrick Reich
MFC after:		3 days
2006-08-24 22:00:24 +00:00
Marcel Moolenaar
8788b6eb7a Add initial support for kgdb(1) on PowerPC. 2006-08-24 21:53:49 +00:00
Marcel Moolenaar
512b2fb1b5 Add skeletal support for GDB. In particular gdb_cpu_getreg() needs
implementing to make GDB support usable.
2006-08-24 21:52:11 +00:00
Roman Kurakin
9eb5ad2319 Fix typo in a comment: DEFINE_CLASSx => DEFINE_CLASS_x.
MFC after: 1 week
2006-08-24 21:09:39 +00:00
Julian Elischer
6fa363774d Add an option to allow copying of a hierarchy while linking he regular files.
Bikeshedded to death on: hackers
Submitted by:andersonatcenttech.com
MFC in: 1 month
2006-08-24 20:45:38 +00:00
Ruslan Ermilov
a819085b87 Fix another fallout from the IF_LLADDR() type change.
Spotted by:	mwlucas
2006-08-24 19:50:00 +00:00
Marius Strobl
3a30d178fe Fix a bug introduced with rev. 1.204; in vfs_donmount() use
copyout(9) instead of copystr(9) for copying the errmsg from
kernel- to user-space. This fixes a panic on sparc64 when
using the nmount(2)-converted mountd(8).
While at it, use bcopy(3) instead of strncpy(3) in the kernel-
to kernel-space case for consistency with vfs_buildopts() and
between kernel- to user-space and kernel- to kernel-space case.
2006-08-24 18:52:28 +00:00
David E. O'Brien
489ffb7126 Don't read in /etc/src.conf when building ports.
Reported by:	obrien
Submitted by:	ru
2006-08-24 18:04:49 +00:00
Robert Watson
0fff4cde9d Add kqueue support to audit pipe pseudo-devices.
Obtained from:	TrustedBSD Project
2006-08-24 17:42:38 +00:00
Daniel Gerzo
354a23892f - add note about IPSEC_FILTERGIF to fast_ipsec(4) and let the users know
that it is not possible to use Fast IPsec in conjuction with KAME IPsec
- add available kernel options to ipsec(4)
- add reference for fast_ipsec(4) to ipsec(4)

Reviewed by: trhodes (mentor), keramida (mentor)
Approved by: keramida (mentor)
2006-08-24 17:07:19 +00:00
Warner Losh
1bb2049ec1 Always make obj when building the libraries. This never hurts, and
helps some cross-architecture building tool installation patches that
I'm developing.
2006-08-24 17:02:26 +00:00
Maksim Yevmenkin
231e95561a Define mtu as u_int16_t not as int. This should fix problem with rfcomm
on sparc64.

Reported by:	Andrew Belashov <bel at orel dot ru>
Tested by:	Andrew Belashov <bel at orel dot ru>
MFC after:	3 days
2006-08-24 16:51:02 +00:00
Marcel Moolenaar
e6fcb75d5f Build gdb on PowerPC. 2006-08-24 15:46:29 +00:00
Bruce A. Mah
6d247f1c08 New release notes: IPFIREWALL_FORWARD_EXTENDED removed (+MFC),
fsdb(8) btime.

Modified release notes: Changed Xbox note to only point to the
platforms page (there are pointers to additional information
there)...note MFC.

MFCs noted:  IPFilter 4.1.13.
2006-08-24 14:45:56 +00:00
Oleg Bulyzhin
67d5e043d2 Properly lock ifmedia callbacks. This should prevent concurrent access to PHY.
Following issues should be resolved:
- random watchdog timeouts (caused by concurrent phy access)
- some link state issues
- non working TX if media type was set explicitly

PR:		kern/98738
Approved by:	glebius (mentor)
MFC after:	2 weeks
2006-08-24 14:41:16 +00:00
Ceri Davies
c4c6a6c2b5 Add a note that the btime command only works on UFS2.
Suggested by: maxim (who had also done the btime patch independently).
2006-08-24 09:14:02 +00:00
Ruslan Ermilov
1c9c6382df Spellcheck. 2006-08-24 08:00:02 +00:00