occurs when mounting the filesystem. The problem is that venus issues
the mount() syscall, which calls vfs_mount(), which calls coda_root()
which attempts to communicate with venus.
check, mac_check_sysarch_ioperm(), permitting MAC security policy
modules to control access to these interfaces. Currently, they
protect access to IOPL on i386, and setting HAE on Alpha.
Additional checks might be required on other platforms to prevent
bypass of kernel security protections by unauthorized processes.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
modules to authorize disabling of swap against a particular vnode.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
before the MAC check so that we pass the flags field into the MAC
check properly initialized. This didn't affect any current MAC
modules since they didn't care what the flags argument was (as
they were primarily interested in the fact that it was a meta-data
write, not the contents of the write), but would be relevant to
future modules relying on that field.
Submitted by: Mike Halderman <mrh@spawar.navy.mil>
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Submitted by Hiroyuki Aizu <eyes@navi.org>
(refer to [FreeBSD-users-jp 65061])
Tested by Hiroharu Tamaru <tamaru@myn.rcast.u-tokyo.ac.jp>
(refer to [bsd-usb:689])
an administrative limit on the size of tty/pty input buffers, this is
mostly an inconsequential change. (slti(4) will allocate an 8 kB
static buffer instead of a 1 kB buffer due to a hack in the driver.)
The increase happens to kludge around a lame limitation of syscons,
which does not allow one to paste more than TTYHOG bytes.
PR: 42031
Reviewed by: mike (mentor)
not save (restore) the global pointer (GP) in the jmpbuf in setjmp
(longjmp) because it's not needed in general. GP is considered a
scratch register at callsites and hence is always restored after a
call (when it's possible that the call resolves to a symbol in a
different loadmodule; otherwise GP does not have to be saved and
restored at all), including calls to setjmp/longjmp. There's just
one problem with this now that we use setjmp/longjmp for context
switching: A new context must have GP defined properly for the
thread's entry point. This means that we need to put GP in the
jmpbuf and consequently that we have to restore is in longjmp.
This automaticly requires us to save it as well.
When setjmp/longjmp isn't used for context switching, this can be
reverted again.
integral type to the size of a pointer type when it's known that the
cast is valid. On ia64 such casts are generally bad news and has led
us (=peter :-) to make such casts fatal. By casting to intptr_t
before casting to a pointer type, this now compiles cleanly in LP64
architectures. Note that the final cast has been changed to void*
(instead of siginfo_t*) to make it explicit that we're not trying to
pass a siginfo_t pointer but rather trying to pass an int when the
prototype says it should be a pointer.
the J_SIG0 field. While here, rename J_SIG0 to J_SIGSET and
remove J_SIG1. The main reason for this change is that the
128-bit sigset_t is now aligned on a 16-byte boundary, which
allows us to use 16-byte atomic loads and stores on CPUs that
support it. The removal of J_SIG1 is done to avoid confusion:
it is never accessed and should not be. Renaming J_SIG0 to
J_SIGSET is the icing on the cake that's better done now than
later.
