Commit Graph

51472 Commits

Author SHA1 Message Date
Brian Somers
243923717a Remove libutil - setproctitle() is now in libc 2000-09-02 20:42:19 +00:00
Robert Watson
bbf0607700 Modify extended attribute protection model to authorize based on
attribute namespace and DAC protection on file:
	- Attribute names beginning with '$' are in the system namespace
	- The attribute name "$" is reserved
	- System namespace attributes may only be read/set by suser()
	  or by kernel (cred == NULL)
	- Other attribute names are in the application namespace
	- The attribute name "" is reserved
	- Application namespace attributes are protected in the manner
	  of the target file permission

o Kernel changes
	- Add ufs_extattr_valid_attrname() to check whether the requested
	  attribute "set" or "enable" is appropriate (i.e., non-reserved)
	- Modify ufs_extattr_credcheck() to accept target file vnode, not
	  to take inode uid
	- Modify ufs_extattr_credcheck() to check namespace, then enforce
	  either kernel/suser for system namespace, or vaccess() for
	  application namespace
o EA backing file format changes
	- Remove permission fields from extended attribute backing file
	  header
	- Bump extended attribute backing file header version to 3
o Update extattrctl.c and extattrctl.8
	- Remove now deprecated -r and -w arguments to initattr, as
	  permissions are now implicit
	- (unrelated) fix error reporting and unlinking during failed
	  initattr to remove duplicate/inaccurate error messages, and to
	  only unlink if the failure wasn't in the backing file open()

Obtained from:	TrustedBSD Project
2000-09-02 20:31:26 +00:00
Wilko Bulte
344c9c9981 Fix wording
Submitted by:	obrien
2000-09-02 20:30:02 +00:00
Poul-Henning Kamp
db90128160 Avoid the modules madness I inadvertently introduced by making the
cloning infrastructure standard in kern_conf.  Modules are now
the same with or without devfs support.

If you need to detect if devfs is present, in modules or elsewhere,
check the integer variable "devfs_present".

This happily removes an ugly hack from kern/vfs_conf.c.

This forces a rename of the eventhandler and the standard clone
helper function.

Include <sys/eventhandler.h> in <sys/conf.h>: it's a helper #include
like <sys/queue.h>

Remove all #includes of opt_devfs.h they no longer matter.
2000-09-02 19:17:34 +00:00
Cameron Grant
f3dcf66158 add a missing return statement, doh. 2000-09-02 18:55:01 +00:00
Mitsuru IWASAKI
09ab664412 Add ACPI_BUS_SPACE stuff definitions in acpi_machdep.h.
Change to include this file rather than acpica_osd.h to use
only ACPI_BUS_SPACE stuff.
2000-09-02 15:06:54 +00:00
Poul-Henning Kamp
0b32abca7c Bite the bullet and provde memcmp() and memset(), this will be cheaper
than all the copy&paste versions we already have :-(
2000-09-02 13:34:52 +00:00
Poul-Henning Kamp
b466fddd19 Oops, only memset() is unsupported. 2000-09-02 12:57:40 +00:00
Poul-Henning Kamp
aa1ba3e445 Purposely break kernel code which uses memset and memcpy to prevent people
from not noticing this is wrong just because they can't be bothered to
testcompile LINT.
2000-09-02 12:51:56 +00:00
Poul-Henning Kamp
339b49058a Move svr4 here as well... 2000-09-02 12:43:43 +00:00
Don Lewis
8577117cc8 access() shouldn't diddle with the contents of a potentially shared
credential.  Create a temporary copy of the current credential and
modify the copy.

Submitted by:	tegge
2000-09-02 12:31:55 +00:00
Wilko Bulte
b3f212829b - Add AS1200/Tincup description
- Add a bunch of new machine codenames
- Cleanup Miata a bit
- Update AS[56]00 description
- fix typos
2000-09-02 10:19:32 +00:00
Nick Hibma
5bfc478e32 Don't check for ohci/uhci to be loaded, check for the usb module. 2000-09-02 10:17:58 +00:00
Wilko Bulte
9f25b65fb8 Document AS1200 ("Tincup") as tested successfully. 2000-09-02 10:14:05 +00:00
Dag-Erling Smørgrav
74912943bf Don't try to set the mtime of the output file if it's not a regular file.
Pointed out by:	cwt
2000-09-02 09:48:34 +00:00
Kris Kennaway
939c32909c Err, we weren't even compiling auth1.c with LOGIN_CAP at all. Guess nobody
was using this feature.
2000-09-02 07:32:05 +00:00
Kris Kennaway
80bbcbe344 Repair a broken conflict resolution in r1.2 which had the effect of nullifying
the login_cap and login.access checks for whether a user/host is allowed
access to the system for users other than root. But since we currently don't
have a similar check in the ssh2 code path anyway, it's um, "okay".

Submitted by:	gshapiro
2000-09-02 05:40:50 +00:00
Kris Kennaway
14ef7e2794 Repair my dyslexia: s/opt/otp/ in the OPIE challenge. D'oh!
Submitted by:	gshapiro
2000-09-02 04:41:33 +00:00
Kris Kennaway
ac70abf4bc Re-add missing "break" which was lost during a previous patch
integration. This currently has no effect.

Submitted by:	gshapiro
2000-09-02 04:37:51 +00:00
Kris Kennaway
1610cd7fa6 Turn on X11Forwarding by default on the server. Any risk is to the client,
where it is already disabled by default.

Reminded by:	peter
2000-09-02 03:49:22 +00:00
Brian Somers
1357c5d3cc setproctitle() requires unistd.h and not libutil.h/-lutil 2000-09-02 02:25:34 +00:00
Brian Somers
57c94dd3bc libutil.h is no longer required for setproctitle() 2000-09-02 02:16:51 +00:00
Brian Somers
ea32742676 libutil is no longer required as setproctitle() has moved to libc 2000-09-02 02:01:18 +00:00
Brian Somers
9feac5c218 Move setproctitle() from libutil to libc (after a repo-copy)
and bump __FreeBSD_version to 500012 to mark the occasion.

setproctitle() is prototyped in unistd.h as opposed to stdlib.h
where OpenBSD and NetBSD have it.

Reviewed by: peter
2000-09-02 01:51:36 +00:00
Andrew Gallatin
72f21cf2c5 A quick fix to get around a problem (described below) with cia based
machines.  The patch uses an existing global variable in place of the
newbus accessor to get at use_bwx.

This is a quick fix to get miatas booting again; somebody
with more newbus skills than I can muster will have to correct it.

Matt Jacob's description of the problem from the -alpha list:

The IVAR accessor stuff for pcib is incompletely specified for CIA. There's
only one accessor defined, and that's to get the BUS instance number.
<..>
The device methods that try and get at the use_bwx get overriden because
there's only one ivar for CIA's pcib, and that's for hose #, and it's always
zero.
2000-09-02 01:05:37 +00:00
Bill Paul
21aff61248 Define some more bits in CSR15 needed for previous change. 2000-09-02 00:02:51 +00:00
Bill Paul
918434c883 Make the blinkylights on non-MII 21143 cards work. We need to enable
the link and activity LED control bits in CSR15 in order for the
controller to drive the LEDs correctly. This was largely done for the
ZNYX multiport cards, but should also work with the DEC DE500-BA
and other non-MII cards.
2000-09-01 23:59:54 +00:00
Mike Smith
f7c7ba14bf If a base address register has been set up by the BIOS, but the relevant
enable bit hasn't been set in the command register, set the bit and
honour the register.  It seems that quite a few lazy BIOS writers
aren't bothering to do this, which upsets the existing code and causes
us to miss out on properly-configured devices.
2000-09-01 23:09:02 +00:00
Mike Smith
444476fd62 List opt_asr.h for creation, as it's expected by the 'asr' driver in a
static kernel build.
2000-09-01 22:16:33 +00:00
Nick Sayer
4c12b435a2 Document the tap driver 2000-09-01 21:24:07 +00:00
Mike Smith
0f4c21ddfc Move the 'asr' driver to cdev major 154, since 97 is already taken. 2000-09-01 21:14:17 +00:00
Mitsuru IWASAKI
6861bd8822 Change the probing order priority of acpi so that acpi is probed after
pcib instance is initialized because accesses to PCI_Config region can
occur during ACPI initialization.
Note that this is a short term solution, more consideration will be
required in order to integrate ACPI into the newbus probe sequence.
2000-09-01 20:37:07 +00:00
Cameron Grant
33dbf14a17 change mixer api slightly
change channel interface - kobj implementation coming soonish
make pcm_makelinks not panic if modular
add pcm_unregister()

these changes support newpcm kld unloading, but this is only implemented
by ds1.c
2000-09-01 20:09:24 +00:00
Robert Watson
84a5637620 o Simplify if/then clause equating ESRCH with ENOENT when hiding a process
Submitted by:	des
2000-09-01 18:41:32 +00:00
Robert Watson
c0ea0959b8 o Synchronize linprocfs authorization with procfs authorization improvements
(better hiding of hidden processes, more access checks, use vaccess(), et
  al)

Approved by:	des
Obtained from:	TrustedBSD Project
2000-09-01 18:40:52 +00:00
Bruce A. Mah
16ffe958b9 Note in release notes that: which(1) and killall(1) are now C
programs, finger(1) now supports finger aliases.
2000-09-01 18:40:32 +00:00
Cameron Grant
51d3e31bb4 add 32bit formats and a couple of ioctls 2000-09-01 17:38:32 +00:00
Bruce A. Mah
f3956f2d03 Reflect the MFC of: Posix.1b shared memory objects, OpenSSL 0.9.5a,
routed 2.22.
2000-09-01 16:39:02 +00:00
Ruslan Ermilov
76e6ebd64e Match IPPROTO_ICMP with IP protocol field of the original IP
datagram embedded into ICMP error message, not with protocol
field of ICMP message itself (which is always IPPROTO_ICMP).

Pointed by:	Erik Salander <erik@whistle.com>
2000-09-01 16:38:53 +00:00
Robert Watson
ca94dd37a3 o Make procfs use vaccess() for procfs_access() DAC and super-user checks,
rather than implementing its own {uid,gid,other} checks against vnode
  mode.  Similar change to linprocfs currently under review.

Obtained from:	TrustedBSD Project
2000-09-01 13:41:41 +00:00
Andrey A. Chernov
56338d5acb Treat empty lang as "C" lang too 2000-09-01 13:19:18 +00:00
Sheldon Hearn
9c13074187 Add a missing article. 2000-09-01 13:06:57 +00:00
Ruslan Ermilov
03b34269aa `ip_id' now expected in host byte order when IP_HDRINCL is in use. 2000-09-01 12:37:11 +00:00
Ruslan Ermilov
04287599db Fixed broken ICMP error generation, unified conversion of IP header
fields between host and network byte order.  The details:

o icmp_error() now does not add IP header length.  This fixes the problem
  when icmp_error() is called from ip_forward().  In this case the ip_len
  of the original IP datagram returned with ICMP error was wrong.

o icmp_error() expects all three fields, ip_len, ip_id and ip_off in host
  byte order, so DTRT and convert these fields back to network byte order
  before sending a message.  This fixes the problem described in PR 16240
  and PR 20877 (ip_id field was returned in host byte order).

o ip_ttl decrement operation in ip_forward() was moved down to make sure
  that it does not corrupt the copy of original IP datagram passed later
  to icmp_error().

o A copy of original IP datagram in ip_forward() was made a read-write,
  independent copy.  This fixes the problem I first reported to Garrett
  Wollman and Bill Fenner and later put in audit trail of PR 16240:
  ip_output() (not always) converts fields of original datagram to network
  byte order, but because copy (mcopy) and its original (m) most likely
  share the same mbuf cluster, ip_output()'s manipulations on original
  also corrupted the copy.

o ip_output() now expects all three fields, ip_len, ip_off and (what is
  significant) ip_id in host byte order.  It was a headache for years that
  ip_id was handled differently.  The only compatibility issue here is the
  raw IP socket interface with IP_HDRINCL socket option set and a non-zero
  ip_id field, but ip.4 manual page was unclear on whether in this case
  ip_id field should be in host or network byte order.
2000-09-01 12:33:03 +00:00
Alexey Zelkin
a8a87cc61b Set rcsid to correct value
Resort #include files
Remove SYSV compatibility chunks
2000-09-01 12:19:00 +00:00
Alexey Zelkin
2873532b59 protect .h file contents correctly. 2000-09-01 12:13:33 +00:00
Alexey Zelkin
6b9175e062 Remove unused indirect references to cat* functions. 2000-09-01 12:10:59 +00:00
Alexey Zelkin
a367b9700f Fix memory leak introduced by kris in rev 1.22 2000-09-01 11:56:31 +00:00
KATO Takenori
d85a56345e Fixed FPU_ERROR_BROKEN code. It had old-isa code. 2000-09-01 11:47:07 +00:00
Andrey A. Chernov
460b926285 setlocale may return NULL, handle this case too by resetting to "C" 2000-09-01 11:13:38 +00:00