96967 Commits

Author SHA1 Message Date
Robert Watson
b0323ea3aa Implement sockets support for __mac_get_fd() and __mac_set_fd()
system calls, and prefer these calls over getsockopt()/setsockopt()
for ABI reasons.  When addressing UNIX domain sockets, these calls
retrieve and modify the socket label, not the label of the
rendezvous vnode.

- Create mac_copy_socket_label() entry point based on
  mac_copy_pipe_label() entry point, intended to copy the socket
  label into temporary storage that doesn't require a socket lock
  to be held (currently Giant).

- Implement mac_copy_socket_label() for various policies.

- Expose socket label allocation, free, internalize, externalize
  entry points as non-static from mac_net.c.

- Use mac_socket_label_set() in __mac_set_fd().

MAC-aware applications may now use mac_get_fd(), mac_set_fd(), and
mac_get_peer() to retrieve and set various socket labels without
directly invoking the getsockopt() interface.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-16 23:31:45 +00:00
Bruce Evans
b9c29fa9ae Don't waste so much space for the latency debugging buffer. Its size
will now need editing except for spot checks.

Changed this buffer from a circular one to a linear one.  This is more
useful for some cases and the sysctl that prints it doesn't support
circular buffers.

Fixed (output) formatting bugs in this sysctl.  An off by 1 error caused
a garbage byte to be returned after annotation of large deltas, and
a race with the writer sometimes caused premature string termination.
2003-11-16 23:05:52 +00:00
Warner Losh
10b4620bf0 Gross kludge:
o when compiling lint, undefine certain things and redefine them so that the
  driver doesn't #error out.  Since lint kernels aren't supposed to be
  bootable, I'm no troubled by this breakage.

This fixes the tinderbox

Suggested by: rwatson
Approved by: bms
2003-11-16 22:33:42 +00:00
Simon L. B. Nielsen
52108daca2 Document NO_DYNAMICROOT.
Reviewed by:	gordon
2003-11-16 22:15:09 +00:00
Kris Kennaway
d5688560bf Fix build on alpha
Pointy hat to:	alfred
2003-11-16 21:53:05 +00:00
David Malone
de4aac0deb logerror is used in syslogd to log errors from syslogd itself. It
is possible for an error to occur while trying to log an error, and
this can result in infinite recursion (or at least until we run out
of stack).

Rather than this, we ignore requests to log an error while logging an
error.

PR:		51253
MFC after:	2 weeks
2003-11-16 21:51:06 +00:00
David Malone
3c453e20f9 Remove an argument to printf that is unused. 2003-11-16 21:42:00 +00:00
Gordon Tetlow
5257abea22 Invert the condition that installs the dynamic linker early, since
DYNAMICROOT is now the default. Also document -DNO_DYNAMICROOT since
that is going to be a documented feature.

Submitted by:	matusita, rushani
2003-11-16 21:17:43 +00:00
Bruce A. Mah
ab9c99bd65 Modified release note: dynamically linked /bin and /sbin is now the
default.
2003-11-16 20:34:46 +00:00
Robert Watson
237a5de859 Update mac_set.3 to account for new behavior of mac_set_fd() in the
context of sockets, and document EINVAL as a possible failure mode
based on the object selected, not just the label provided.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-16 20:21:21 +00:00
Robert Watson
920325ee1d Implement mac_get_peer(3) using getsockopt() with SOL_SOCKET and
SO_PEERLABEL.  This provides an interface to query the label of a
socket peer without embedding implementation details of mac_t in
the application.  Previously, sizeof(*mac_t) had to be specified
by an application when performing getsockopt().

Document mac_get_peer(3), and expand documentation of the other
mac_get(3) functions.  Note that it's possible to get EINVAL back
from mac_get_fd(3) when pointing it at an inappropriate object.

NOTE: mac_get_fd() and mac_set_fd() support for sockets will
follow shortly, so the documentation is slightly ahead of the
code.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-16 20:18:24 +00:00
Robert Watson
c9ea2dcf62 Abstract the label checking and setting logic from
mac_setsockopt_label() into mac_socket_label_set(); make it non-static
so that it can be invoked from kern_mac.c for mac_set_fd().

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-16 20:01:50 +00:00
Robert Watson
0196273b2d Implement mpo_copy_{mbuf,pipe,vnode}_label() entry points for
mac_stub and mac_test.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-16 18:28:58 +00:00
Robert Watson
9e71dd0feb Reduce gratuitous redundancy and length in function names:
mac_setsockopt_label_set() -> mac_setsockopt_label()
  mac_getsockopt_label_get() -> mac_getsockopt_label()
  mac_getsockopt_peerlabel_get() -> mac_getsockopt_peerlabel()

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-16 18:25:20 +00:00
Poul-Henning Kamp
5c391f4d6b When rebooting the machine jump to 0xf000:0xfff0 instead of 0xffff:0x0.
While we end up the same place, we end up with two different CS register
values after the jump and 0xf000 is compatible with the hardware reset
value.

This makes a difference if the BIOS does a near jump before a far jump.

Detective work and patch by:	 Adrian Steinmann <ast@marabu.ch>
2003-11-16 18:24:23 +00:00
Ceri Davies
ef7da08509 Add the ports/arabic category to the examples.
MFC After:	4 days
2003-11-16 17:55:54 +00:00
Ian Dowse
0ed25a9ad1 If the unmount by file system ID fails, don't warn before retrying
a non-fsid unmount if the file system ID is all zeros. This is a
temporary workaround for warnings that occur in the vfs.usermount=1
case because non-root users get a zeroed filesystem ID. I have a
more complete fix in the works, but I won't get it done for 5.2.
2003-11-16 16:48:18 +00:00
Simon L. B. Nielsen
f72375e102 mdoc(7) janitor:
- Use .Aq macro instead of <foo>.
- Kill EOL whitespace.
2003-11-16 15:16:19 +00:00
Maxim Sobolev
d09c47acd9 Pull latest changes from OpenBSD:
- improve sysinfo(2) syscall;
- add dummy fadvise64(2) syscall;
- add dummy *xattr(2) family of syscalls;
- add protos for the syscalls 222-225, 238-249 and 253-267;
- add exit_group(2) syscall, which is currently just wired to exit(2).

Obtained from:  OpenBSD
MFC after:      2 weeks
2003-11-16 15:07:10 +00:00
Daniel Eischen
5303e94607 Back out last change and go back to using KSE locks instead of thread
locks until we know why this breaks ia64.

Reported by:	marcel
2003-11-16 15:01:26 +00:00
Simon L. B. Nielsen
a013513add Add the following devices to the list of supported devices, to sync
manual page with the source code:
- HAL Corporation Crossam2+USB IR commander
- RATOC REX-USB60
- SOURCENEXT KeikaiDenwa 8 (with and without charger)
2003-11-16 14:02:37 +00:00
Bruce Evans
095ab45bde Restored the call to schedsofttty() (now spelled swi_sched(...)) again.
Its restoration in rev.1.102 was mistranslated to the equivalent of
setsofttty() in rev.1.105.  This increased overheads by causing a
context switch to the SWI handler after almost every interrupt.  The
increase was approx. 50% on a Celeron 366 (from 23 usec to 34 usec
per interrupt).
2003-11-16 13:31:45 +00:00
Shunsuke Akiyama
24ad0a6e4e Fix comment typo.
Noticed by:	simon
2003-11-16 13:13:16 +00:00
Andre Oppermann
be7e82e44a Make two casts correct for all types of 64bit platforms.
Explained by:	bde
2003-11-16 12:50:33 +00:00
Shunsuke Akiyama
565f53bbaa Make interrupt pipe interval time configurable.
- Add kernel options: {UPLCOM,UVSCOM}_INTR_INTERVAL
- Add sysctl variables: 'hw.usb.{uplcom,uvscom}.interval'

MFC after:	1 week
2003-11-16 12:26:10 +00:00
Shunsuke Akiyama
6702d85006 Apply some fixups in the driver_t's.
MFC after:	1 week
2003-11-16 12:13:39 +00:00
Shunsuke Akiyama
a6c22ecd4d Regen. 2003-11-16 12:07:01 +00:00
Shunsuke Akiyama
74745f66de Add vendor IDs, and device IDs supported by uplcom(4).
- SOURCENEXT Corp. KeikaiDenwa 8 [1]
- SOUECENEXT Corp. KeikaiDenwa 8 with charger [2]
- HAL Corp. Crossam2+USB [3]

Submitted by:	[1] Ryo ONODERA <ryo3327@netscape.net>
		[2] Masaki Mizutani <m-saki@rr.iij4u.or.jp>
		[3] FUJISHIMA Satsuki <sf@FreeBSD.org>
MFC after:	1 week
2003-11-16 12:05:11 +00:00
Shunsuke Akiyama
2fbe4b5149 Add missing ioctl functions.
MFC after:	1 week
2003-11-16 11:58:21 +00:00
Shunsuke Akiyama
6ee806e35e Add rue(4) into list of miibus-using drivers and reference.
MFC after:	1 week
2003-11-16 11:52:26 +00:00
Nate Lawson
b1df3c5e22 Remove an annoying printf that somehow leaked into rev 1.21. 2003-11-16 08:41:24 +00:00
Brian Feldman
75504450a1 As mentioned by warner, previous revision (opt_ddb.h) was just a fluke --
I'm having bad luck with different parts of the sys tree being checked
out at slightly different times.  Back it out, noting it doesn't cause
harm in any case.  Tinderbox also makes these things more fun.
2003-11-16 08:10:59 +00:00
Kirk McKusick
d46b52859a Convert the live dump command (`dump -L') to use mksnap_ffs instead
of trying to directly create the snapshot itself. This change allows
users logged into the system as operator to run live dumps.

Note that dump no longer tries to create the snapshot in the root of
the filesystem, but rather in a .snap directory in the root of the
filesystem. The reason is that the operator is usually not permitted
to write into the root of the filesystem. The newfs command and
background fsck have both been modified to create a .snap directory
in the root of the filesystem, but if neither of these have been run,
then the .snap directory must be created manually by the superuser
before a live dump can be run. The .snap directory should be owned
by user root and group operator and set to mode 770.
2003-11-16 08:01:58 +00:00
Brian Feldman
5e36d52bef It appears opt_global.h may cause opt_ddb.h to be needed. Adding it
with the full path on the command line like with -include opt_global.h
currently unbreaks tinderbox.
2003-11-16 07:50:14 +00:00
Wes Peters
0af4e34b2e Add the -E command line option to force error conditions for testing.
Sponsord by:	St. Bernard Software
2003-11-16 07:17:30 +00:00
Wes Peters
3b7e1bf6b5 Catch and report on filesystems that were interrupted during newfs,
sporting the new 'BAD' magic number.  Exit with a unique error code
(11) so callers who care about this can respond appropriately.
2003-11-16 07:10:55 +00:00
Wes Peters
ec52df8eb9 Write the UFS2 superblock with a 'BAD' magic number at the beginning
of newfs, to signify the newfs operation has not yet completed.  Re-
write the superblock with the correct magic number once all of the
cylinder groups have been created to show the operation has finished.

Sponsored by:	St. Bernard Software
2003-11-16 07:08:27 +00:00
Ken Smith
12ce12716f - Add GPT header/table recovery command
- Minor related cleanup in add command

Approved by:	marcel
2003-11-16 06:45:26 +00:00
Ken Smith
3834ba7920 - Provide default values for LABELOFFSET and LABELSECTOR so
it compiles on all architectures.

Approved by:	marcel
2003-11-16 06:43:25 +00:00
Alan Cox
e45db9b837 - Modify alpha's sf_buf implementation to use the direct virtual-to-
physical mapping.
 - Move the sf_buf API to its own header file; make struct sf_buf's
   definition machine dependent.  In this commit, we remove an
   unnecessary field from struct sf_buf on the alpha, amd64, and ia64.
   Ultimately, we may eliminate struct sf_buf on those architecures
   except as an opaque pointer that references a vm page.
2003-11-16 06:11:26 +00:00
Gordon Tetlow
78a53859a0 Bump version to indicate dynamically linked /bin and /sbin is the default. 2003-11-16 05:13:02 +00:00
Gordon Tetlow
7e83e0de77 Change the default for binaries in /bin and /sbin from statically to
dynamically linked. This has been a long time coming with the move of
critical libraries from /usr/lib to /lib. If you don't feel comfortable
with dynamically linked binaries in your root partition, now is the
time to define NO_DYNAMICROOT in your make.conf.

Approved by:	re
2003-11-16 04:57:28 +00:00
Robert Watson
5859b37843 Memory allocated by mac_to_text() must be freed using free(3) not
mac_free(3), which is used only for variables of type mac_t in
the FreeBSD implementation.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-16 04:32:46 +00:00
Tim J. Robbins
607e2cc177 Resync. struct statfs and flag definitions with sys/mount.h. 2003-11-16 04:08:16 +00:00
Robert Watson
12cbb9dc56 When implementing getsockopt() for SO_LABEL and SO_PEERLABEL, make
sure to sooptcopyin() the (struct mac) so that the MAC Framework
knows which label types are being requested.  This fixes process
queries of socket labels.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-11-16 03:53:36 +00:00
Robert Watson
5d9d409ca9 Whitespace fix. 2003-11-16 03:17:30 +00:00
Warner Losh
6b1bb55958 Fix the building of null module. In the DIAGNOSTICS case, we include
opt_ddb.h.  These changes expand green's work of including
opt_global.h to prefer opt files in the kernel directory.  Further
refinement might be needed, but I think this is good.

Note: While this is a step on the path to moving the meta information
about modules into the config files, it doesn't actually do that.  It
just pulls in the opt files in a way that allows one to build
'generic' modules outside the tree.
2003-11-16 01:41:38 +00:00
Don Lewis
95c6cd2f4b Use "fip->fi_readers == 0 && fip->fi_writers == 0" as the condition for
disposing fifo resources in fifo_cleanup() instead using of
"vp->v_usecount == 1".  There may be other references to the vnode, for
instance by nullfs, at the time fifo_open() or fifo_close() is called,
which could cause a resource leak.

Don't bother grabbing the vnode interlock in fifo_cleanup() since it no
longer accesses v_usecount.
2003-11-16 01:11:11 +00:00
Bruce Evans
416ab90e6b Localized the cy driver's locking. 2003-11-16 00:55:54 +00:00
Warner Losh
e0ce91e18b Quick hack to make the nfsclient.ko loadable again. This brings in
the nfsv4 files.  It is intended to be a short-term bridge while
alfred deals with the problem in a better way (eg, don't hesitate to
back this out when the real fix comes along).  I've not heard back
from alfred in a few hours and other people are hitting this problem.

Approved by: markm, rwatson, grog, murray
2003-11-16 00:00:06 +00:00