Commit Graph

79009 Commits

Author SHA1 Message Date
Maxime Henrion
44b4810fbe Typo fix.
Reviewed by:	tmm
2002-08-19 22:57:32 +00:00
Maxime Henrion
258682384f style(9) nit. 2002-08-19 22:51:23 +00:00
Maxime Henrion
e9cf2ddb50 Use the __BUS_ACCESSOR macro for PCIB_ACCESSOR instead of
reimplementing it.

Reviewed by:	tmm
2002-08-19 22:50:08 +00:00
Andrey A. Chernov
57788f25b3 Sort unsorted prototypes 2002-08-19 21:00:13 +00:00
Warner Losh
84bbb6cab3 When login tries to do the chmod/chflags on a read only file system,
it complains that it can't do it because the filesystem is readonly.
Assume that when the user has a readonly /dev that they don't care if
login can't change the permissions/flags.  While this does break a few
things like msgs, we'll assume that the user setting up the read only
system knows what they are doing.

All this change does is to stop the complaint when the file system is
read only.  It also adds comments as to why EROFS and EOPNOTSUPP are
ignored.

This allows one to have a read-only / w/o a /dev MFS and have a
relatively warning-free existence.  /etc/rc still complains when it
can't chown/chflags/chmod things, but that's easy to ignore/tweak.

Reviewed by: roberto, phk
Sponsored by: Timing Solutions
2002-08-19 20:54:00 +00:00
Andrey A. Chernov
38eb24cc31 Activate (uncomment) wcwidth() and wcswidth() now implemented 2002-08-19 20:48:18 +00:00
Andrey A. Chernov
f999b4ba69 Implement wcswidth() 2002-08-19 20:46:10 +00:00
Semen Ustimenko
c5844e091c Stop trying to align malloc()ed memory. Rely on malloc() instead, just like
others.
2002-08-19 20:36:08 +00:00
Andrey A. Chernov
1da6b56aca Use modern-style arguments declaration 2002-08-19 20:32:27 +00:00
Robert Watson
e5cb5e37d4 Close a race in process label changing opened due to dropping the
proc locking when revoking access to mmaps.  Instead, perform this
later once we've changed the process label (hold onto a reference
to the new cred so that we don't lose it when we release the
process lock if another thread changes the credential).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 20:26:32 +00:00
Semen Ustimenko
714087a2ac Do not reset card in epic_freebsd_attach() as reset is done in
epic_common_attach().
2002-08-19 20:24:13 +00:00
Andrey A. Chernov
853c779d87 Write null wide-character as L'\0' like in other places 2002-08-19 20:12:38 +00:00
Robert Watson
8815d2e899 Regen. 2002-08-19 20:02:29 +00:00
Robert Watson
f61b85492c mac_syscall is now implemented, switch to MSTD.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 20:01:31 +00:00
Juli Mallett
ded7008a07 Enclose IPv6 addresses in brackets when they are displayed printable with a
TCP/UDP port seperated by a colon.  This is for the log_in_vain facility.

Pointed out by:	Edward J. M. Brocklesby
Reviewed by:	ume
MFC after:	2 weeks
2002-08-19 19:47:13 +00:00
Brooks Davis
51e2390d61 Fix a couple of bogus return values in previous commit.
Submitted by:	"Vladimir B. " Grebenschikov <vova@sw.ru>
Pointy hat to:	brooks
2002-08-19 19:22:41 +00:00
Robert Watson
177142e458 Pass active_cred and file_cred into the MAC framework explicitly
for mac_check_vnode_{poll,read,stat,write}().  Pass in fp->f_cred
when calling these checks with a struct file available.  Otherwise,
pass NOCRED.  All currently MAC policies use active_cred, but
could now offer the cached credential semantic used for the base
system security model.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 19:04:53 +00:00
Søren Schmidt
8ba0fd9c32 Fix buffer length.
PR: 41063
2002-08-19 18:52:23 +00:00
Søren Schmidt
f6137a0df1 Fix typo. 2002-08-19 18:47:51 +00:00
Andrey A. Chernov
1e2cd54448 According to SUSv2, always return 0 for null wide-character code 2002-08-19 18:06:18 +00:00
Robert Watson
27f2eac7f3 Provide an implementation of mac_syscall() so that security modules
can offer new services without reserving system call numbers, or
augmented versions of existing services.  User code requests a
target policy by name, and specifies the policy-specific API plus
target.  This is required in particular for our port of SELinux/FLASK
to the MAC framework since it offers additional security services.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 17:59:48 +00:00
Gordon Tetlow
806fb7f53b Update manpage to reflect reality:
xntpd -> ntpd
single_mountd_enable -> mountd_enable
portmap -> rpcbind
2002-08-19 17:57:38 +00:00
Juli Mallett
6e82956c21 Clean up a comment talking about C strings, which are terminated with the
ASCII NUL character (0, or '\0' in C).
2002-08-19 17:20:03 +00:00
Juli Mallett
a10a751f68 s/trailing NULL/trailing NUL/ 2002-08-19 17:14:58 +00:00
Bruce A. Mah
94d4e7b64f New release note: SA-02:38. 2002-08-19 17:13:08 +00:00
Robert Watson
c024c3eeb1 Break out mac_check_pipe_op() into component check entry points:
mac_check_pipe_poll(), mac_check_pipe_read(), mac_check_pipe_stat(),
and mac_check_pipe_write().  This is improves consistency with other
access control entry points and permits security modules to only
control the object methods that they are interested in, avoiding
switch statements.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 16:59:37 +00:00
Doug Ambrisko
740f8a4472 Don't read the PCI config space during mii operations. Instead save whether
or not we have to limit the PHY detection in the softc structure.  Then
just check the flag.

Suggested by:	jdp
Reviewed by:	jdp
MFC after:	3 days
2002-08-19 16:54:26 +00:00
Robert Watson
7f724f8b51 Break out mac_check_vnode_op() into three seperate checks:
mac_check_vnode_poll(), mac_check_vnode_read(), mac_check_vnode_write().
This improves the consistency with other existing vnode checks, and
allows policies to avoid implementing switch statements to determine
what operations they do and do not want to authorize.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 16:43:25 +00:00
Maxim Sobolev
c449db6ab2 Add a new -H' modifier, which when combined with -p' or `-P' allows to dump
full console history.
2002-08-19 16:33:23 +00:00
Maxim Sobolev
41a2a5c1c6 1. Allow information about current history size be retrieved using ioctl(2);
2. modify screen dumpung routine, so that in addition to visible area, it
   allows to grab any portion of history buffer as well.
2002-08-19 16:32:09 +00:00
Orion Hodson
14213e7d3e Cater for ich4 quirks.
Reported by: Jacob Rhoden
Tested by: Jacob Rhoden, mp
2002-08-19 16:03:56 +00:00
Robert Watson
b12baf55a4 Assert process locks in proces-related access control checks.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 15:30:30 +00:00
Robert Watson
851704bbd0 Add a missing vnode assertion for the exec() check.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-08-19 15:28:39 +00:00
Maxim Sobolev
f44fbeca9b Previous deltas (promisc mode) were a subject of:
MFC after:	1 week
2002-08-19 15:18:25 +00:00
Maxim Sobolev
ffb079be0c Implement user-setable promiscuous mode (a new `promisc' flag for ifconfig(8)).
Also, for all interfaces in this mode pass all ethernet frames to upper layer,
even those not addressed to our own MAC, which allows packets encapsulated
in those frames be processed with packet filters (ipfw(8) et al).

Emphatically requested by:	Anton Turygin <pa3op@ukr-link.net>
Valuable suggestions by:	fenner
2002-08-19 15:16:38 +00:00
Luigi Rizzo
5a155b405e One more (hopefully the last one) step in cleaning up the syntax,
following Julian's good suggestion: since you can specify any match
pattern as an option, rules now have the following format:

	[<proto> from <src> to <dst>] [options]

i.e. the first part is now entirely optional (and left there just
for compatibility with ipfw1 rulesets).

Add a "-c" flag to show/list rules in the compact form
(i.e. without the "ip from any to any" part) when possible.
The default is to include it so that scripts processing ipfw's
canonical output will still work.
Note that as part of this cleanup (and to remove ambiguity), MAC
fields now can only be specified in the options part.

Update the manpage to reflect the syntax.

Clarify the behaviour when a match is attempted on fields which
are not present in the packet, e.g. port numbers on non TCP/UDP
packets, and the "not" operator is specified. E.g.

	ipfw add allow not src-port 80

will match also ICMP packets because they do not have port numbers, so
"src-port 80" will fail and "not src-port 80" will succeed. For such
cases it is advised to insert further options to prevent undesired results
(e.g. in the case above, "ipfw add allow proto tcp not src-port 80").

We definitely need to rewrite the parser using lex and yacc!
2002-08-19 12:36:54 +00:00
Maxim Konovalov
cb4abe67ef Forced commit to correct a PR number in the previous commit. It is bin/40177.
Pointed out by: obrien
2002-08-19 09:19:31 +00:00
Andrey A. Chernov
9424df445a Move internal defines from ctype.h here 2002-08-19 09:02:49 +00:00
Maxim Sobolev
3471c917ec Fix last-minute typo which breaks the world.
Submitted by:	many
2002-08-19 08:59:20 +00:00
Andrey A. Chernov
153bb33daf Move internal defines from here to libc/locale/wcwidth.c 2002-08-19 08:58:51 +00:00
Andrey A. Chernov
dcc3da5862 Properly define SWIDTH1, add autowidth (was SWIDTH1) 2002-08-19 08:50:41 +00:00
Ruslan Ermilov
84a0a0eeac mdoc(7) police: fixed the document date.
Submitted by:	iedowse
2002-08-19 07:15:20 +00:00
Poul-Henning Kamp
0176455bc8 First snapshot of UFS2 EA support.
Sponsored by: DARPA & NAI Labs.
2002-08-19 07:01:55 +00:00
Poul-Henning Kamp
bd86d22c62 Remove the SIS_LOCK/SIS_UNLOCK from sis_attach(). It makes WITNESS
barf and there seem to be little room for contention during attach.
2002-08-19 06:56:50 +00:00
Poul-Henning Kamp
fee7d450d8 Keep a copy of the credential used to mount filesystems around so
we can check and use it later on.

Change the pieces of code which relied on mount->mnt_stat.f_owner
to check which user mounted the filesystem.

This became needed as the EA code needs to be able to allocate
blocks for "system" EA users like ACLs.

There seems to be some half-baked (probably only quarter- actually)
notion that the superuser for a given filesystem is the user who
mounted it, but this has far from been carried through.  It is
unclear if it should be.

Sponsored by: DARPA & NAI Labs.
2002-08-19 06:52:21 +00:00
Luigi Rizzo
e706181ba6 Major cleanup of the parser and printing routines in an attempt to
render the syntax less ambiguous.

Now rules can be in one of these two forms

	<action> <protocol> from <src> to <dst> [options]
	<action> MAC dst-mac src-mac mac-type [options]

however you can now specify MAC and IP header fields as options e.g.

	ipfw add allow all from any to any mac-type arp
	ipfw add allow all from any to any { dst-ip me or src-ip me }

which makes complex expressions a lot easier to write and parse.
The "all from any to any" part is there just for backward compatibility.

Manpage updated accordingly.
2002-08-19 04:52:15 +00:00
Luigi Rizzo
306fe283a1 Raise limit for port lists to 30 entries/ranges.
Remove a duplicate "logging" message, and identify the firewall
as ipfw2 in the boot message.
2002-08-19 04:45:01 +00:00
Juli Mallett
6879bea818 Leave room for a trailing NUL not a NULL, that's not an ASCII character. 2002-08-19 03:52:36 +00:00
Juli Mallett
3a7fc8ce59 Remove local prototypes for main(). 2002-08-19 03:07:56 +00:00
Juli Mallett
4a0193d39e Add a unary -not operator ala -false and !, for sake of completeness.
Obtained from:	OpenDarwin
MFC after:	1 week
2002-08-19 02:27:33 +00:00