kernel, you should expect them to do something, so now they do. This
doesn't affect users who don't load or explicitly compile in the
policies.
Approved by: re (jhb)
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
accept load options (=command line options).
The call graph changes from *entry*->efi_main->efi_init, where
efi_main is the EFI equivalent of main to *entry*->efi_main->main,
where main is what you'd expect. efi_main now is what efi_init was.
The prototype of main follows that of C. The first argument is argc
and the second is argv. There is no third argument.
Allocation of heap pages is now handled by the EFI library and it
now deallocates the pages when main() returns or when exit() is
called. This allows us to safely return to the boot manager (or
EFI shell) without leaks. EFI applications are responsible to free
all memory themselves.
Handling of the load options is a bit tricky. There are either no
load options, load options in ASCII or load options in Unicode.
The EFI library will translate the ASCII options to Unicode options
as to simplify user code. Since the load options are passed as a
single string (if present) and main() accepts argc and argv, the
startup code also has to split the string into words and build the
argv vector. Here the trickiness starts. When the loader is started
from the EFI shell, argv[0] will automaticly load the program name.
In all other cases (ie through the boot manager), this is not the
case. Unfortunately, there's no trivial way to check. Hence, a
set of conditions is checked to determine if we need to fill in
argv[0] ourselves or not. This checking is not perfect. There are
known cases where it fails to do the right thing. The logic works
for most expected cases, though. This includes the case where no
options are given.
Approved by: re (blanket)
o None: Stub policy
o Seeotheruids: The "see processes and sockets owned by other users" policy
o Test: Debugging policy
Standardize the SYNOPSIS and HISTORY sections.
Update SEE ALSO sections.
generates a file which will be installed as DRIVERS.TXT in the
floppies directory so that users know which device drivers are
included on drivers.flp, and whether or not they need to worry about
it.
Reviewed by: ru
Approved by: re
unused. Replace it with a dm_mount back-pointer to the struct mount
that the devfs_mount is associated with. Export that pointer to MAC
Framework entry points, where all current policies don't use the
pointer. This permits the SEBSD port of SELinux's FLASK/TE to compile
out-of-the-box on 5.0-CURRENT with full file system labeling support.
Approved by: re (murray)
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
it, so don't suggest it. It's likely going away soon also, so avoid
believing it's supported.
Suggested by: Sean Kelly <smkelly@zombie.org>
Approved by: re
The HCDP table is one (non-proprietary) way for the platform to
inform the OS about headless operation. This field would normally
hold the address as can be found by scanning the EFI system table,
which we also pass to the kernel. The apparent duplication allows
us to synthesize a HCDP table in the loader by whatever means we
can think of, including relocating the platform table into pre-
mapped address space. In short: it gives us more freedom.
Approved by: re (blanket)
of that, there's some nasty process corruption when running with
SMP.
Note that this was already in effect for the 5.0-RC1 kernels in
the form of a local patch.
Approved by: re (blanket)
a boot option. When the timer expires the machine is rebooted.
Disable the watchdog timer for 2 reasons:
o We're an interactive program. We cannot guarantee that we've
booted the kernel in the time available to us. There have been
situations where netbooting the right kernel took 2 tries and
more time than given. Not to speak of the normal behaviour to
have the loader sitting at the prompt while the user is off
doing other things (such as figuring out what to type next ;-)
o We may not boot a kernel at all. We may exit as the result of
the user typing quit (assuming it took less than 5 minutes to
type it :-). It is documented that loaders should have disabled
the watchdog timer if they return to the boot manager. Not doing
so would cause a reboot while in the boot manager. This appears
to be harmless, besides of course the actual reboot.
Approved by: re (weisse karte)
the signaled state of the apropriate event. As a side-effect of
checking the event, it's signaled state is cleared if it was set.
In efi_cons_getchar we used to wait for the apropriate event to be
signaled before reading a character. This however does not work if
we poll before reading the characteri, such as during autoboot. On
a more compliant EFI implementation this resulted in the behaviour
that hitting a key during autoboot would stop the countdown, but
would then wait for a new character to arrive instead of reading
the already pending key that stopped the countdown.
The correct behaviour for efi_cons_getchar is to try to read a key
and if none is pending, to wait for the apropriate event to signal
the arrival of a new key.
Note that with the previous behaviour, the second key would determine
how the autoboot was interrupted. This would indicate that the first
key got lost. This indicates that EFI does not necessarily maintain
a queue of pending keys. FWIW...
Approved by: re (carte blanche)
French corrected by: various people :-)
the same as fcntl() except that it supports the new 64-bit file
locking commands (LINUX_F_GETLK64 etc) that use the `flock64'
structure. We had been interpreting all flock structures passed to
fcntl64() as `struct flock64' instead of only the ones from F_*64
commands.
The glibc in linux_base-7 uses fcntl64() by default, but the bug
was often non-fatal since the misinterpretation typically only
causes junk to appear in the `l_len' field and most junk values are
accepted as valid range lengths. The result is occasional EINVAL
errors from F_SETLK and a few bytes after the supplied `struct
flock' getting clobbered during F_GETLK.
PR: kern/37656
Reviewed by: marcel
Approved by: re
MFC after: 1 week
that were recently disabled.
There still are several references to the now-gone userconfig; these need to
be fixed before 5.0-RELEASE.
Approved by: re (rwatson)
