Commit Graph

68721 Commits

Author SHA1 Message Date
Robert Watson
f8efde8991 - Teach SIGIO code to use cr_cansignal() instead of a custom CANSIGIO()
macro.  As a result, mandatory signal delivery policies will be
  applied consistently across the kernel.

- Note that this subtly changes the protection semantics, and we should
  watch out for any resulting breakage.  Previously, delivery of SIGIO
  in this circumstance was limited to situations where the subject was
  privileged, or where one of the subject's (ruid, euid) matched one
  of the object's (ruid, euid).  In the new scenario, subject (ruid, euid)
  are matched against the object's (ruid, svuid), and the object uid's
  must be a subset of the subject uid's.  Likewise, jail now affects
  delivery, and special handling for P_SUGID of the object is present.
  This change can always be reversed or tweaked if it proves to disrupt
  application behavior substantially.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-06 00:54:46 +00:00
Robert Watson
c83f8015fa - Push much of the logic for p_cansignal() behind cr_cansignal, which
authorized based on a subject credential rather than a subject process.
  This will permit the same logic to be reused in situations where only
  the credential generating the signal is available, such as in the
  delivery of SIGIO.
- Because of two clauses, the automatic success against curproc,
  and the session semantics for SIGCONT, not all logic can be pushed
  into cr_cansignal(), but those cases should not apply for most other
  consumers of cr_cansignal().
- This brings the base system inter-process authorization code more
  into line with the MAC implementation.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-06 00:20:12 +00:00
David Malone
ee42d0a965 Release text vnode in exit() rather than wait(). Occasionally
fifesystem problems could prevent the release from completing and
this could result in init being blocked indefinitely.

This was looked over by Matt ages ago.

Approved by:	dillon
2002-01-05 21:47:58 +00:00
Chris Costello
41f91cb492 Add a new `SECURITY CONSIDERATIONS' section. Sample code similar to
the first revision of strcpy(3)'s section is included, but should be
removed as the Security Architecture document is committed and
completed.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-05 20:44:34 +00:00
Chris Costello
80080d642e Include a section cross-reference to EXAMPLES' in SECURITY
CONSIDERATIONS' as a source for relevant sample code.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-05 20:36:47 +00:00
Chris Costello
8680aaea87 Remove the example from SECURITY CONSIDERATIONS. This is mostly
duplicated code from EXAMPLES.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-01-05 20:24:38 +00:00
Chris Costello
7f0def37ec As discussed with Bruce Evans and Kirk McKusick:
o Combine ufs.7 and ffs.7 into a single ffs.7 man page.
o Remove all references to `ufs' as a file system.
o Proper (lack of) capitalization for `ffs'.

Obtained from:	TrustedBSD Project
Sposnored by:	DARPA, NAI Labs
2002-01-05 20:18:35 +00:00
David Malone
3ad920fe65 Put -Wno-uninitialized at the end of the warns flags as it may be enabeled
by several flags (in this case -W and -Wall).

Reviewed by:	bde
2002-01-05 20:17:50 +00:00
David Malone
c507cedecf Be more careful about freeing memory after parsing commands.
Hiroyuki YAMAMORI gave a patch for the EPRT command in the
PR below. Problems with the rest of the patch are my fault.

PR:		33268
Reviewed by:	iedowse, sheldonh
2002-01-05 20:13:01 +00:00
Bruce A. Mah
bcac684164 New (but very overdue) release note: ata(4) 48-bit addressing.
MFC noted:  locale renaming.
2002-01-05 18:46:03 +00:00
Bill Fenner
92bdb2fa39 Pre-calculate the checksum for multicast packets sourced on a
multicast router.  This is overkill; it should be possible to
delay to hardware interfaces and only pre-calculate when forwarding
to a tunnel.
2002-01-05 18:23:53 +00:00
David Malone
f4bd8d8deb Update Judaic for year 2002. Name Josef as maintainer.
PR:		33389
Submitted by:	Josef Grosch <jgrosch@mooseriver.com>
2002-01-05 18:10:19 +00:00
John Baldwin
b8e6bf1ed6 Fix a bug where the mutex name wasn't always displayed for processes in
SMTX in utils such as ps and top.  The KI_CTTY flag was assigned to
kinfo_proc->ki_kiflag rather than or'd into the flag, thus clobbering
any flags set earlier, including KI_MTXBLOCK.

Prodding by:	peter
2002-01-05 17:18:59 +00:00
Maxim Sobolev
42b841a9c9 In the word selection mode don't append newline if the word ends at the
screen boundary.
2002-01-05 16:52:44 +00:00
Søren Schmidt
97d35cf5f8 Write the "msinfo" result to stdout instead of stderr 2002-01-05 15:21:05 +00:00
Peter Wemm
a2e4c36a49 Put the "mtxname" keyword in alphabetical order (t comes after s) so
that the keyword is recognized.
2002-01-05 12:19:51 +00:00
Peter Wemm
ead8168ac0 Convert a bunch of 1 << PCPU_GET(cpuid) to PCPU_GET(cpumask). 2002-01-05 09:41:37 +00:00
Peter Wemm
d5c6775903 Fix forward_roundrobin(). It was mistakenly using the cpu number as
though it was a mask.  As a result, we sent AST IPI's to the wrong
cpu and/or left out some.

Spotted by: jake
2002-01-05 09:38:47 +00:00
Peter Wemm
ab8061d84c Add a per-cpu variable, cpumask, the preshifted equivalent of 1 << cpuid.
We use this around the place a lot.
2002-01-05 09:35:50 +00:00
John Baldwin
c86b6ff551 Change the preemption code for software interrupt thread schedules and
mutex releases to not require flags for the cases when preemption is
not allowed:

The purpose of the MTX_NOSWITCH and SWI_NOSWITCH flags is to prevent
switching to a higher priority thread on mutex releease and swi schedule,
respectively when that switch is not safe.  Now that the critical section
API maintains a per-thread nesting count, the kernel can easily check
whether or not it should switch without relying on flags from the
programmer.  This fixes a few bugs in that all current callers of
swi_sched() used SWI_NOSWITCH, when in fact, only the ones called from
fast interrupt handlers and the swi_sched of softclock needed this flag.
Note that to ensure that swi_sched()'s in clock and fast interrupt
handlers do not switch, these handlers have to be explicitly wrapped
in critical_enter/exit pairs.  Presently, just wrapping the handlers is
sufficient, but in the future with the fully preemptive kernel, the
interrupt must be EOI'd before critical_exit() is called.  (critical_exit()
can switch due to a deferred preemption in a fully preemptive kernel.)

I've tested the changes to the interrupt code on i386 and alpha.  I have
not tested ia64, but the interrupt code is almost identical to the alpha
code, so I expect it will work fine.  PowerPC and ARM do not yet have
interrupt code in the tree so they shouldn't be broken.  Sparc64 is
broken, but that's been ok'd by jake and tmm who will be fixing the
interrupt code for sparc64 shortly.

Reviewed by:	peter
Tested on:	i386, alpha
2002-01-05 08:47:13 +00:00
John Baldwin
422f61655f Remove brain damaged code in witness_lock(). We could have easily
just used PCPU_GET(spinlocks) w/o needing the w_mtx held.  It is more
correct to just check td_critnest now though.
2002-01-05 08:29:54 +00:00
Jun Kuriyama
e0c58e64c0 Merge the changes in the English version (1.244 --> 1.247). 2002-01-05 08:01:41 +00:00
Archie Cobbs
3a0ac99551 Add a new flag '-c' to disable repeated line compression when the output
is a pipe to another program, or, if specified twice, in all cases.

PR:	bin/32420
2002-01-05 07:34:52 +00:00
Peter Wemm
8e65260a43 GC unfinished function selected_proc_ipi(). It is a duplicate of
apic_ipi_singledest() anyway.
2002-01-05 06:44:27 +00:00
Warner Losh
99fd86af3f Move initialization of the MKMODULESENV envorinoment to kern.pre.mk
from kern.post.mk so port makefiles can augment it.

Submitted by: nyan
2002-01-05 06:21:06 +00:00
Bruce A. Mah
f2185639f7 New release notes: SA-02:01, SA-02:02. 2002-01-05 06:07:17 +00:00
John Baldwin
e5b4afac08 Fully catch up to the recent critical section API change. Update the
content of the manpage and document cpu_critical_enter/exit.
2002-01-04 23:56:17 +00:00
Bruce A. Mah
53bb974408 We were right the first time...the HPT372 is an ATA133 controller.
Pointed out by:	Kent Stewart <kstewart@owt.com>
2002-01-04 21:55:32 +00:00
Yaroslav Tykhiy
2d6a2675b3 Oops, missed one point where $pwd_mkdb had been used.
Now it should be @pwd_mkdb since we moved to Perl's
safe system() not using /bin/sh.
2002-01-04 21:28:32 +00:00
Yaroslav Tykhiy
f381837242 Minor grammar and punctuation fixes
in the SO_ACCEPTFILTER description.
2002-01-04 18:17:07 +00:00
Yaroslav Tykhiy
996d4dc275 State clearly that one should call listen(2) on a socket
at first and try to set an accept_filter(9) on it only after that.
Also document errno value that will be set if installing the
filter on a non-listening socket.
2002-01-04 18:12:38 +00:00
Robert Watson
e6658b129e o Spelling fix in comment: tcp_ouput -> tcp_output 2002-01-04 17:21:27 +00:00
Guido van Rooij
b50764b00b Argh...argv->argc 2002-01-04 13:46:57 +00:00
Guido van Rooij
57aa7d5027 Fix the coredump that occurs when, from the tfpt prompt, a 'c' command is
issued without an argument.
2002-01-04 13:42:14 +00:00
Sheldon Hearn
2f936029a4 Regen. 2002-01-04 13:11:36 +00:00
Sheldon Hearn
b50e990dde Install nsmb.conf with mode 0600, since it may be modified to include
passwords for remote shares.

Reported by:	Andre Albsmeier <andre@albsmeier.net>
2002-01-04 13:02:51 +00:00
Darren Reed
13a14b9aa9 Import this patch to address user concerns.
PR:		 27615
Submitted by:	Andria Thomas <andria@tovaris.com>
Approved by:	Me.
MFC after:	7 days
2002-01-04 12:32:34 +00:00
John Baldwin
9d234f99f7 Axe a stale comment. Holding sched_lock across both setrunqueue() and
mi_switch() is sufficient.
2002-01-04 10:55:51 +00:00
John Baldwin
db283fd6d5 Don't turn on RB_CDROM if the rootdev is a BIOS cd device for now as this
breaks when cdboot is used with an MFS root.
2002-01-04 07:59:27 +00:00
Mike Silbersack
a262ae8267 Throw the $FreeBSD$s back in, properly escaping them. 2002-01-04 05:27:47 +00:00
Mike Silbersack
91ea78c52a Remove $FreeBSD$s from previous commit; perl thinks that they're
something to be interpreted.  Urk.
2002-01-04 01:40:50 +00:00
Seigo Tanimura
5ddd093d23 Add the system default timer engine. 2002-01-04 01:16:18 +00:00
Seigo Tanimura
995231304d - Provide toggles to show debug messages. Set new sysctl variables
hw.midi.debug and hw.midi.seq.debug to 1 to enable debug log.

- Make debug messages human-frendly.

- Implement /dev/music.

- Add a timer engine required by /dev/music.

- Fix nonblocking I/O.

- Fix the numbering of midi and synth devices.
2002-01-04 01:13:49 +00:00
Seigo Tanimura
233beff278 Do not derefer null.
Reviewed by:	des
2002-01-04 01:03:46 +00:00
Julian Elischer
cd3aa54df0 unbreak -current (at least on my cvsups all today) 2002-01-03 23:33:44 +00:00
Jordan K. Hubbard
90c1249eb2 Correct the path for the stable snapshot server.
Noticed by:  "Peter Holm" <p_holm@mail.tele.dk>
2002-01-03 23:33:21 +00:00
Bruce A. Mah
e54f2d6872 Fix (I think) a typo in the hardware list (HPT372 is ATA100 instead of
ATA133?).

MFC noted:  "more" chipsets supported by ata(4).
2002-01-03 23:24:03 +00:00
Bruce A. Mah
adbd31cb47 New release notes (and hardware list updates): dc(4) support
for Xircom 3201 and Conexant LANfinity RS7112, ifpi(4).
2002-01-03 22:56:43 +00:00
Mike Silbersack
cd6fdcb9ac Solve vnode_if.pl's identity crisis; make sure that it refers to itself
as vnode_if.pl instead of vnode_if.sh.

PR:		33509
MFC after:	3 weeks
2002-01-03 21:53:09 +00:00
Andrey A. Chernov
fa041d0395 Add opie lib dir to includes list 2002-01-03 21:20:29 +00:00