Commit Graph

1167 Commits

Author SHA1 Message Date
Gleb Smirnoff
9e6f1d3be4 Build bits for ng_deflate(4) and ng_pred1(4). 2006-12-29 13:16:43 +00:00
Robert Watson
224a974b9b Break contents of kern_mac.c out into two files following a repo-copy:
mac_framework.c   Contains basic MAC Framework functions, policy
                  registration, sysinits, etc.

mac_syscalls.c    Contains implementations of various MAC system calls,
                  including ENOSYS stubs when compiling without options
                  MAC.

Obtained from:	TrustedBSD Project
2006-12-28 20:52:02 +00:00
Robert Watson
6c5b167508 Connect vfs_extattr.c to build by default. 2006-12-23 00:11:02 +00:00
Pyun YongHyeon
c9d21ce905 Hook up msk(4) to the build. 2006-12-13 02:37:48 +00:00
Warner Losh
600313b16e As Bernd Walter points out, the rlphy is used for more things than
just the intenral phy on parts supported by the rl and re drivers, the
RTL8201BL for example.  He also sent me a nice picture of hundreds of
these chips in a tray to boulder his claim.  :-) Therefore remove a
comment that suggested that they were...
2006-12-10 01:10:08 +00:00
Warner Losh
fcf50d482e Build glue for at45d flash support. 2006-11-29 08:08:30 +00:00
Sam Leffler
74828f25db device-independent implementation of AMRR tx rate control algorithm
Obtained from:	openbsd (w/ mods)
MFC after:	1 month
2006-11-26 19:55:26 +00:00
Sam Leffler
9dbf796c4e hookup ad7418 and ds1672 drivers
MFC after:	1 month
2006-11-19 23:43:29 +00:00
Maxim Konovalov
9aab0d96da o Add uark(4), a driver for Arkmicro Technologies ARK3116 based serial
adapters.

Submitted by:	Alex Rodin
Obtained from:	OpenBSD
Reviewed by:	-usb
MFC after:	6 weeks
2006-11-15 09:13:25 +00:00
Tom Rhodes
6aeb05d7be Merge posix4/* into normal kernel hierarchy.
Reviewed by:	glanced at by jhb
Approved by:	silence on -arch@ and -standards@
2006-11-11 16:26:58 +00:00
Robert Watson
800c940832 Add a new priv(9) kernel interface for checking the availability of
privilege for threads and credentials.  Unlike the existing suser(9)
interface, priv(9) exposes a named privilege identifier to the privilege
checking code, allowing more complex policies regarding the granting of
privilege to be expressed.  Two interfaces are provided, replacing the
existing suser(9) interface:

suser(td)                 ->   priv_check(td, priv)
suser_cred(cred, flags)   ->   priv_check_cred(cred, priv, flags)

A comprehensive list of currently available kernel privileges may be
found in priv.h.  New privileges are easily added as required, but the
comments on adding privileges found in priv.h and priv(9) should be read
before doing so.

The new privilege interface exposed sufficient information to the
privilege checking routine that it will now be possible for jail to
determine whether a particular privilege is granted in the check routine,
rather than relying on hints from the calling context via the
SUSER_ALLOWJAIL flag.  For now, the flag is maintained, but a new jail
check function, prison_priv_check(), is exposed from kern_jail.c and used
by the privilege check routine to determine if the privilege is permitted
in jail.  As a result, a centralized list of privileges permitted in jail
is now present in kern_jail.c.

The MAC Framework is now also able to instrument privilege checks, both
to deny privileges otherwise granted (mac_priv_check()), and to grant
privileges otherwise denied (mac_priv_grant()), permitting MAC Policy
modules to implement privilege models, as well as control a much broader
range of system behavior in order to constrain processes running with
root privilege.

The suser() and suser_cred() functions remain implemented, now in terms
of priv_check() and the PRIV_ROOT privilege, for use during the transition
and possibly continuing use by third party kernel modules that have not
been updated.  The PRIV_DRIVER privilege exists to allow device drivers to
check privilege without adopting a more specific privilege identifier.

This change does not modify the actual security policy, rather, it
modifies the interface for privilege checks so changes to the security
policy become more feasible.

Sponsored by:		nCircle Network Security, Inc.
Obtained from:		TrustedBSD Project
Discussed on:		arch@
Reviewed (at least in part) by:	mlaier, jmg, pjd, bde, ceri,
			Alex Lyashkov <umka at sevcity dot net>,
			Skip Ford <skip dot ford at verizon dot net>,
			Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:37:19 +00:00
Ruslan Ermilov
9d1a95cd55 Nitpicking. 2006-11-03 21:09:03 +00:00
Randall Stewart
f8829a4a40 Ok, here it is, we finally add SCTP to current. Note that this
work is not just mine, but it is also the works of Peter Lei
and Michael Tuexen. They both are my two key other developers
working on the project.. and they need ata-boy's too:
****
peterlei@cisco.com
tuexen@fh-muenster.de
****
I did do a make sysent which updated the
syscall's and sysproto.. I hope that is correct... without
it you don't build since we have new syscalls for SCTP :-0

So go out and look at the NOTES, add
option SCTP (make sure inet and inet6 are present too)
and play with SCTP.

I will see about comitting some test tools I have after I
figure out where I should place them. I also have a
lib (libsctp.a) that adds some of the missing socketapi
functions that I need to put into lib's.. I will talk
to George about this :-)

There may still be some 64 bit issues in here, none of
us have a 64 bit processor to test with yet.. Michael
may have a MAC but thats another beast too..

If you have a mac and want to use SCTP contact Michael
he maintains a web site with a loadable module with
this code :-)

Reviewed by:	gnn
Approved by:	gnn
2006-11-03 15:23:16 +00:00
Pawel Jakub Dawidek
f348204c94 Hook up gjournal bits to the build.
Sponsored by:	home.pl
2006-10-31 22:22:30 +00:00
Takanori Watanabe
1cc5605910 Add conf file entries for acpi_aiboost drivers. 2006-10-30 05:51:54 +00:00
Ruslan Ermilov
837f167eb2 Move "device splash" back to MI NOTES and "files", it's MI. 2006-10-23 13:23:14 +00:00
Ruslan Ermilov
663cf7fed2 Move MI parts of syscons into MI "files". 2006-10-23 13:05:01 +00:00
Poul-Henning Kamp
b39be1b35c Add two new functions to convert FAT filesystem format timestamps
to and from struct timespec, to replace the crummy conversion
function which have been copy&pasted into three different
filesystems already.

Apart from general crummyness as indicated by code like:

	for (year = 1970;; year++) {
		inc = year & 0x03 ? 365 : 366;
		if (days < inc)
			break;
		days -= inc;
	}

They also contain specialized crummyness which tries to compensate
for the general crummyness by caching recent conversion results,
with no regard for locking or consistency.

These replacement functions are smaller, O(1) and handle the Y2.1K
leap-year correctly.

Ideally, these functions should live in a module of their own,
which the three offending filesystems would depend on, but the
size is 877 bytes of code (on i386), so that would be false
economy.
2006-10-22 18:19:08 +00:00
Warner Losh
114b4164dd Preliminary MMC stack. This stack supports SD 1.0 cards only, but
should be easily adapted to SD 2.0 (aka SDHC), SDIO, MMC and MMCplus
cards.  At the present time, there's only one bridge driver for the
ARM9 based Atmel AT91RM9200.
2006-10-20 06:39:59 +00:00
Warner Losh
bb914a52d1 Collapse the two identical emu10k1-alsa%diked.h creation rules for
snd_emu10k1 and snd_emu10kx into one line.  The 'pci' dependency here
adds no value, so I eliminted it (we don't have a snd.all file that
might make it mildly useful, and even then it wouldn't be that
useful).  With the pci optional component eliminated, I could use the
'|' operator.  I could have also include pci on both sides of the |
operator, but since it isn't a value add at all, it was better to
eliminate it.
2006-10-17 18:08:04 +00:00
Paolo Pisati
706a23745a Sort libalias files.
Approved by: glebius
Reviewed by: glebius, ru
2006-10-08 13:51:27 +00:00
Ruslan Ermilov
5d9f25dce2 Added the GEOM_CACHE option.
Reminded by:	pjd
2006-10-06 10:43:42 +00:00
Poul-Henning Kamp
b69f71eb29 Second part of a little cleanup in the calendar/timezone/RTC handling.
Split subr_clock.c in two parts (by repo-copy):
   subr_clock.c contains generic RTC and calendaric stuff. etc.
   subr_rtc.c contains the newbus'ified RTC interface.

Centralize the machdep.{adjkerntz,disable_rtc_set,wall_cmos_clock}
sysctls and associated variables into subr_clock.c.  They are
not machine dependent and we have generic code that relies on being
present so they are not even optional.
2006-10-02 15:42:02 +00:00
Ariff Abdullah
62c0702891 Unbreak build caused by recent envy24/spicds commit. 2006-10-01 11:34:54 +00:00
Ariff Abdullah
2c72e284ca Connect snd_hda(4) to build process...
Add support for Intel High Definition Audio Controller.

This driver make a special guarantee that "playback" works
on majority hardwares with minimal or without specific vendor
quirk.

This driver is a product of collaborative effort made by:

  Stephane E. Potvin <sepotvin@videotron.ca>
       Andrea Bittau <a.bittau@cs.ucl.ac.uk>
       Wesley Morgan <morganw@chemikals.org>
      Daniel Eischen <deischen@FreeBSD.org>
     Maxime Guillaud <bsd-ports@mguillaud.net>
      Ariff Abdullah <ariff@FreeBSD.org>

....and various people from freebsd-multimedia@FreeBSD.org

Refer to snd_hda(4) for features and issues.

Welcome To HDA.

Sponsored by:	Defenxis Sdn. Bhd.
2006-10-01 11:18:56 +00:00
Alexander Leidinger
9f5482400b Add spicds, envy24ht and remove ak4*. 2006-09-30 17:59:08 +00:00
Paolo Pisati
be4f3cd0d9 Summer of Code 2005: improve libalias - part 1 of 2
With the first part of my previous Summer of Code work, we get:

-made libalias modular:

 -support for 'particular' protocols (like ftp/irc/etcetc) is no more
  hardcoded inside libalias, but it's available through external
  modules loadable at runtime

 -modules are available both in kernel (/boot/kernel/alias_*.ko) and
  user land (/lib/libalias_*)

 -protocols/applications modularized are: cuseeme, ftp, irc, nbt, pptp,
  skinny and smedia

-added logging support for kernel side

-cleanup

After a buildworld, do a 'mergemaster -i' to install the file libalias.conf
in /etc or manually copy it.

During startup (and after every HUP signal) user land applications running
the new libalias will try to read a file in /etc called libalias.conf:
that file contains the list of modules to load.

User land applications affected by this commit are ppp and natd:
if libalias.conf is present in /etc you won't notice any difference.

The only kernel land bit affected by this commit is ng_nat:
if you are using ng_nat, and it doesn't correctly handle
ftp/irc/etcetc sessions anymore, remember to kldload
the correspondent module (i.e. kldload alias_ftp).

General information and details about the inner working are available
in the libalias man page under the section 'MODULAR ARCHITECTURE
(AND ipfw(4) SUPPORT)'.

NOTA BENE: this commit affects _ONLY_ libalias, ipfw in-kernel nat
support will be part of the next libalias-related commit.

Approved by: glebius
Reviewed by: glebius, ru
2006-09-26 23:26:53 +00:00
Scott Long
6b31d3f79d Add the mfi_debug.c file and MFI_DEBUG option. 2006-09-25 11:40:14 +00:00
Sam Leffler
72845968fa remove local change
Spotted by:	Gavin Atkinson
2006-09-18 17:23:35 +00:00
Sam Leffler
3da8df6081 nuke unused support for building ath hal from src code
MFC after:	1 week
2006-09-18 16:30:28 +00:00
Warner Losh
a003a6cb9a Do not include ucom as a dependency line to enable inclusion of the
serial line usb drivers that depend on it.  Instead, let the compile
fail rather than silently not including the driver.  This is more in
line with how we handle things like mii.

# I'll note: a better system for coping with missing depends is needed,
# but this dependency is clearly backwards given our current flawed
# depend system.
2006-08-14 21:09:37 +00:00
Pawel Jakub Dawidek
07ff6a18a7 Oops. Remove accidentally committed change.
Noticed by:	marck
2006-08-12 18:29:49 +00:00
Pawel Jakub Dawidek
73c0c41140 Add strstr() function to the libkern. 2006-08-12 15:28:39 +00:00
Robert Watson
e4445a031f Move definition of UNIX domain socket protosw and domain entries from
uipc_proto.c to uipc_usrreq.c, making localdomain static.  Remove
uipc_proto.c as it's no longer used.  With this change, UNIX domain
sockets are entirely encapsulated in uipc_usrreq.c.
2006-08-07 12:02:43 +00:00
Marcel Moolenaar
302981e72a Remove sio(4) and related options from MI files to amd64, i386
and pc98 MD files. Remove nodevice and nooption lines specific
to sio(4) from ia64, powerpc and sparc64 NOTES. There were no
such lines for arm yet.
sio(4) is usable on less than half the platforms, not counting
a future mips platform. Its presence in MI files is therefore
increasingly becoming a burden.
2006-07-29 18:38:54 +00:00
Alexander Leidinger
b1ff02203e Allow to configure a kernel with envy24 support as documented in the
manual page...
2006-07-28 21:20:00 +00:00
John Baldwin
22ea1bc57a Unify the checking for lock misbehavior in the various syscall()
implementations and adjust some of the checks while I'm here:
- Add a new check to make sure we don't return from a syscall in a critical
  section.
- Add a new explicit check before userret() to make sure we don't return
  with any locks held.  The advantage here is that we can include the
  syscall number and name in syscall() whereas that info is not available
  in userret().
- Drop the mtx_assert()'s of sched_lock and Giant.  They are replaced by
  the more general checks just added.

MFC after:	2 weeks
2006-07-27 22:32:30 +00:00
Robert Watson
5c985a0a94 Add uipc_sockbuf.c to standard files list; accidentally missed in earlier
commit.

Spotted by:	tinderbox
2006-07-25 02:15:28 +00:00
Pyun YongHyeon
d497bdf1da Hook up stge(4) to the build. 2006-07-25 00:45:55 +00:00
Pyun YongHyeon
3fa3f9a73e Connect gentbi, ip1000phy to the build. 2006-07-25 00:20:11 +00:00
Alexander Leidinger
0fa7ab6a31 - Connect the snd_emu10kx driver to the build. [1]
- Bump __FreeBSD_version, no need to build the port now.

Submitted by:	Yuriy Tsibizov <Yuriy.Tsibizov@gfk.ru> [1]
2006-07-15 20:22:40 +00:00
Warner Losh
a9a5ae2d62 MFp4: spibus glue 2006-07-14 22:50:46 +00:00
Robert Watson
e4256d1e8d Move POSIX.1e-specific utility routines from kern_acl.c to
subr_acl_posix1e.c, leaving kern_acl.c containing only ACL system
calls and utility routines common across ACL types.

Add subr_acl_posix1e.c to the build.

Obtained from:	TrustedBSD Project
2006-07-06 23:37:39 +00:00
Gleb Smirnoff
d473c9d543 A netgraph node that can do different manipulations with
mbuf_tags(9) on packets.

Submitted by:		Vadim Goncharov <vadimnuclight tpu.ru>
mdoc(7) reviewed by:	ru
2006-06-27 12:45:28 +00:00
Andrew Thompson
bdea400f3b Add a pseudo interface for packet filtering IPSec connections before or after
encryption. There are two functions, a bpf tap which has a basic header with
the SPI number which our current tcpdump knows how to display, and handoff to
pfil(9) for packet filtering.

Obtained from:	OpenBSD
Based on:	kern/94829
No objections:	arch, net
MFC after:	1 month
2006-06-26 22:30:08 +00:00
Marcel Moolenaar
a04f78eacc Unbreak build on platforms that don't have uart_sab82532 and uart_z8530
for uart(4) by default, but have scc(4).
2006-06-14 03:03:08 +00:00
David Xu
b41f1452d9 Add scheduler CORE, the work I have done half a year ago, recent,
I picked it up again. The scheduler is forked from ULE, but the
algorithm to detect an interactive process is almost completely
different with ULE, it comes from Linux paper "Understanding the
Linux 2.6.8.1 CPU Scheduler", although I still use same word
"score" as a priority boost in ULE scheduler.

Briefly, the scheduler has following characteristic:
1. Timesharing process's nice value is seriously respected,
   timeslice and interaction detecting algorithm are based
   on nice value.
2. per-cpu scheduling queue and load balancing.
3. O(1) scheduling.
4. Some cpu affinity code in wakeup path.
5. Support POSIX SCHED_FIFO and SCHED_RR.
Unlike scheduler 4BSD and ULE which using fuzzy RQ_PPQ, the scheduler
uses 256 priority queues. Unlike ULE which using pull and push, the
scheduelr uses pull method, the main reason is to let relative idle
cpu do the work, but current the whole scheduler is protected by the
big sched_lock, so the benefit is not visible, it really can be worse
than nothing because all other cpu are locked out when we are doing
balancing work, which the 4BSD scheduelr does not have this problem.
The scheduler does not support hyperthreading very well, in fact,
the scheduler does not make the difference between physical CPU and
logical CPU, this should be improved in feature. The scheduler has
priority inversion problem on MP machine, it is not good for
realtime scheduling, it can cause realtime process starving.
As a result, it seems the MySQL super-smack runs better on my
Pentium-D machine when using libthr, despite on UP or SMP kernel.
2006-06-13 13:12:56 +00:00
Marius Strobl
acb8c14985 Make the ISAPNP code optional and only enable it on i386 and pc98 (used
for CBUS-PNP cards there) by default, as there are no amd64 and sparc64
machines with ISA slots and which therefore could make use of this code
known to exist. For sparc64 this additionally allows to get rid of the
compat shims for in{b,w,l}()/out{b,w,l}() etc and the associated hacks.

OK'ed by:	imp, peter
2006-06-12 21:07:13 +00:00
Warner Losh
78878cef94 Add the ability to subset the devices that UART pulls in. This allows
the arm to compile without all the extras that don't appear, at least
not in the flavors of ARM I deal with.  This helps us save about 100k.

If I've botched the available devices on a platform, please let me
know and I'll correct ASAP.
2006-06-12 04:21:50 +00:00
Craig Rodrigues
f60f5239f8 Accomodate new files due to latest XFS import. 2006-06-09 06:13:45 +00:00