Commit Graph

124651 Commits

Author SHA1 Message Date
Robert Watson
714e68b8d2 Remove use of Giant around vn_open() in audit trail setup.
Submitted by:	jhb, wsalamon
Obtained from:	TrustedBSD Project
2006-06-05 22:36:12 +00:00
Matt Jacob
fcd9a16b1f Do some source && comment cleanup.
Clean out the abortive start to homegrown, per-mpt,
Domain Validation. This should really be done at a
higher level.

Use the PIM_SEQSCAN flag for U320- this seems to correct
cases of being unable to consistently negotiate U320 in
the cases where I'd seen this before.

Between this and other recent checkins, this driver is
pretty close to being ready for MFC.

Reviewed by:	scottl, ken, scsi@
MFC after:	1 week
2006-06-05 22:25:49 +00:00
Matt Jacob
c1c3139ed3 Add PIM_SEQSCAN for HBA misc flags and code that understands
what to do with it.

This forces us to scan targets sequentially, not in parallel.
The reason we might want to do this is that SPI negotiation
might not work right at the SIM level if we try to do it
in parallel. We *could* fix this for each SIM where this is
broken, but it's a lot harder to do that when we can simply
ask CAM to probe sequentially.

If PIM_SEQSCAN is not set (default), the original behaviour for
probing is unchanged.

LUN probing is still done in parallel for each target in either
case.

While we're at it, clean up some resource leakage for error
cases.

Reviewed by:	ken, scott, scsi@
MFC after:	1 week
2006-06-05 22:22:14 +00:00
Pawel Jakub Dawidek
198eeec116 Document geli(8) data authentication.
Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
2006-06-05 21:43:51 +00:00
Pawel Jakub Dawidek
4e98d97992 Connect new GELI files to the build.
Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
2006-06-05 21:42:26 +00:00
Pawel Jakub Dawidek
7fe923a866 Userland bits of geli(8) data authentication.
Now, encryption algorithm is given using '-e' option, not '-a'.
The '-a' option is now used to specify authentication algorithm.

Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
2006-06-05 21:40:54 +00:00
Pawel Jakub Dawidek
eaa3b91996 Implement data integrity verification (data authentication) for geli(8).
Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
2006-06-05 21:38:54 +00:00
Pawel Jakub Dawidek
05bf5e8a0a Make kern.geom.eli.overwrites sysctl a tunable as well. 2006-06-05 21:25:19 +00:00
Qing Li
1a41f91052 Assuming the interface has an address of x.x.x.195, a mask of
255.255.255.0, and a default route with gateway x.x.x.1. Now if
the address mask is changed to something more specific, e.g.,
255.255.255.128, then after the mask change the default gateway
is no longer reachable.

Since the default route is still present in the routing table,
when the output code tries to resolve the address of the default
gateway in function rt_check(), again, the default route will be
returned by rtalloc1(). Because the lock is currently held on the
rtentry structure, one more attempt to hold the lock will trigger
a crash due to "lock recursed on non-recursive mutex ..."

This is a general problem. The fix checks for the above condition
so that an existing route entry is not mistaken for a new cloned
route. Approriately, an ENETUNREACH error is returned back to the
caller

Approved by:	andre
2006-06-05 21:20:21 +00:00
Pawel Jakub Dawidek
4bec0ff1c4 Add g_duplicate_bio() function which does the same thing what g_clone_bio()
is doing, but g_duplicate_bio() allocates new bio with M_WAITOK flag.
2006-06-05 21:13:22 +00:00
Alan Cox
ce142d9ec0 Introduce the function pmap_enter_object(). It maps a sequence of resident
pages from the same object.  Use it in vm_map_pmap_enter() to reduce the
locking overhead of premapping objects.

Reviewed by: tegge@
2006-06-05 20:35:27 +00:00
Christian Brueffer
4bf452f14a Some mdoc and wording improvements. 2006-06-05 20:29:31 +00:00
Max Khon
3da2dc0763 Fix kernel panic in rt2661_tx_intr() if no frames has been sent.
Obtained from:	OpenBSD (sys/dev/ic/rt2661.c rev. 1.15)
2006-06-05 20:06:29 +00:00
Maxim Konovalov
fbec079f0d o Add missed comma. 2006-06-05 19:55:44 +00:00
Matt Jacob
19ec23bb00 Just a very quick update to get *close* to reality. 2006-06-05 19:46:55 +00:00
Xin LI
1cec70ad72 - ANSIfy.
- Remove two unnecessary casts.

These changes would help gcc4 compile.
2006-06-05 18:22:13 +00:00
Ed Maste
f4eaa4b967 Fix cut-n-pasteo: use the i386 version #define for i386 dumps, not the amd64 one. 2006-06-05 18:21:29 +00:00
Christian Brueffer
3640665627 my(4) provides support now as well. 2006-06-05 18:02:36 +00:00
Christian Brueffer
9522f75aea Add altq(4) support.
Reviewed by:	mlaier
Approved by:	rwatson (mentor)
MFC after:	2 weeks
2006-06-05 17:59:46 +00:00
Sam Leffler
f9fc583f17 move hal bus+tag externalization to the bus glue code where it belongs;
this is a noop on all current freebsd architectures

MFC after:	1 month
2006-06-05 17:51:20 +00:00
Marius Strobl
624fc6d1d9 - Declare the PnP map const.
- Add devices found in V210 to the PnP map.
- Don't leak memory if we didn't find a match for a node in the PnP map.

MFC after:	2 weeks
2006-06-05 17:48:54 +00:00
Sam Leffler
93057fddc1 resolve merge conflicts
MFC after:	1 month
2006-06-05 17:46:41 +00:00
Sam Leffler
a46aeff755 This commit was generated by cvs2svn to compensate for changes in r159285,
which included commits to RCS files with non-trunk default branches.
2006-06-05 17:43:51 +00:00
Sam Leffler
7937397e81 Version 0.9.17.2:
o define HAL_SOFTC, HAL_BUS_TAG, and HAL_BUS_HANDLE to be machine
  independent; this fixes portability issues with bsd systems
o add ah_disable api for turning off operation of both MAC and PHY
o add ah_getAntennaSwitch and ah_setAntennaSwitch api's for better control
  of antenna usage and diversity
o add ah_setAckCTSRate and ah_setAckCTSRate for controlling tx rate of
  h/w generated frames
o add ah_setBeaconTimers api for simpler setting of the beacon timer registers
o remove ah_waitForBeaconDone api
o add HAL_TXDESC_DURENA flag to enable h/w duration setting in tx descriptor
o correct documentation of min/max tx power units (.5 dBm)
o switch arm, mips, and powerpc builds to use functions for register
  read/write operations
o fix sparc builds to not reference %g2 and %g3 registers
o add public builds for SoC's

MFC after:	1 month
2006-06-05 17:43:51 +00:00
Guy Helmer
3266c22854 Upon further review, DES prefers this change over that in revision 1.13
to resolve the directory access problem for processes with P_SUGID flag
set.

Suggested by: des
2006-06-05 16:41:27 +00:00
Joel Dahl
1735925eeb Fix minor typos. 2006-06-05 16:31:57 +00:00
Pawel Jakub Dawidek
4bc8da3589 - Document that padlock(4) pretends to accelerate HMAC algorithms.
- Remove "device cryptodev" as it is not needed for compiling padlock(4)
  into the kernel. Actually it is not advisable, because padlock
  instructions can be used directly from userland, so passing the work
  through the kernel is a bad idea.
2006-06-05 16:24:31 +00:00
Pawel Jakub Dawidek
64e18040cc - Pretend to accelerate various HMAC algorithms, so padlock(4) can be used
with fast_ipsec(4) and geli(8) authentication (comming soon).
  If consumer requests only for HMAC algorithm (without encryption), return
  EINVAL.
- Add support for the CRD_F_KEY_EXPLICIT flag, for both encryption and
  authentication.
2006-06-05 16:22:04 +00:00
Robert Watson
7365463843 When generating BSM tokens for mkfifo(), include mode argument.
Submitted by:	wsalamon
Obtained from:	TrustedBSD Project
2006-06-05 16:14:49 +00:00
Robert Watson
5619113c96 When generating the process token, need to check whether the
process was sucessfully audited.  Otherwise, generate the PID
token. This change covers the pid < 0 cases, and pid lookup
failure cases.

Submitted by:	wsalamon
Obtained from:	TrustedBSD Project
2006-06-05 16:12:00 +00:00
Yaroslav Tykhiy
31ee80d88a Fix compilation of ftpcmd.y without -DINET6.
Respect MK_INET6_SUPPORT in Makefile.

Requested by:	Attila Nagy <bra at fsn dot hu>
MFC after:	1 week
2006-06-05 15:50:34 +00:00
Robert Watson
1df6229aea Consistently use audit_free() to free records, rather than
directly invoking uma_zfree().

Perforce change:	96652
Obtained from:		TrustedBSD Project
2006-06-05 15:38:12 +00:00
Robert Watson
7ebfc8df78 Audit some arguments to nmount(), mount(), umount().
Submitted by:	wsalamon
Obtained from:	TrustedBSD Project
2006-06-05 15:32:07 +00:00
Robert Watson
673937ac08 Break out description of the audit pipe facility from audit.4 into a new
man page, auditpipe.4, which describes the behavior of audit pipes, the
ioctls, preselection, etc.

Obtained from:	TrustedBSD Project
2006-06-05 15:26:09 +00:00
Marius Strobl
3a225e0b62 Revert the part of rev. 1.3 which changed the software style to be
set to ILACC rather than PCnet-PCI as VMware doesn't implement ILACC
compatibility, resulting in the VMware virtual machine to crash if
enabled. Add a comment regarding usage of ILACC vs. PCnet-PCI mode.

Reported and tested by:	gnn, wsalamon
2006-06-05 15:14:14 +00:00
Konstantin Belousov
3d5fa0356e Replace absolute addressing in the call instructions with position-independend
calls. This eliminates TEXTREL from libc, making its text segment relocatable.

PR:	i386/85242
Approved by:	kan (mentor)
MFC after:	1 month
2006-06-05 14:59:33 +00:00
Robert Watson
e257c20ec1 Introduce support for per-audit pipe preselection independent from the
global audit trail configuration.  This allows applications consuming
audit trails to specify parameters for which audit records are of
interest, including selecting records not required by the global trail.
Allowing application interest specification without changing the global
configuration allows intrusion detection systems to run without
interfering with global auditing or each other (if multiple are
present).  To implement this:

- Kernel audit records now carry a flag to indicate whether they have
  been selected by the global trail or by the audit pipe subsystem,
  set during record commit, so that this information is available
  after BSM conversion when delivering the BSM to the trail and audit
  pipes in the audit worker thread asynchronously.  Preselection by
  either record target will cause the record to be kept.

- Similar changes to preselection when the audit record is created
  when the system call is entering: consult both the global trail and
  pipes.

- au_preselect() now accepts the class in order to avoid repeatedly
  looking up the mask for each preselection test.

- Define a series of ioctls that allow applications to specify whether
  they want to track the global trail, or program their own
  preselection parameters: they may specify their own flags and naflags
  masks, similar to the global masks of the same name, as well as a set
  of per-auid masks.  They also set a per-pipe mode specifying whether
  they track the global trail, or user their own -- the door is left
  open for future additional modes.  A new ioctl is defined to allow a
  user process to flush the current audit pipe queue, which can be used
  after reprogramming pre-selection to make sure that only records of
  interest are received in future reads.

- Audit pipe data structures are extended to hold the additional fields
  necessary to support preselection.  By default, audit pipes track the
  global trail, so "praudit /dev/auditpipe" will track the global audit
  trail even though praudit doesn't program the audit pipe selection
  model.

- Comment about the complexities of potentially adding partial read
  support to audit pipes.

By using a set of ioctls, applications can select which records are of
interest, and toggle the preselection mode.

Obtained from:	TrustedBSD Project
2006-06-05 14:48:17 +00:00
Konstantin Belousov
273147358f Temporary workaround to prevent leak of Giant from nfsd when calling
lookup().

Reviewed by:	tegge
Tested by:	"Arno J. Klaassen" <arno at heho snv jussieu fr>, "Rong-en Fan" <grafan at gmail com>, Dmitriy Kirhlarov <dimma at higis ru>, Dmitry Pryanishnikov <dmitry at atlantis dp ua>
MFC after:	1 week
Approved by:	kan, pjd (mentors)
2006-06-05 14:48:02 +00:00
Ian Dowse
c62502d1f6 Fix a number of cases where ugen would panic, especially when the
device went away while open or if you tried to change the config
number while devices were open. Based on the patch from the PR with
a number of changes as discussed with the submitter.

PR:		usb/97271
Submitted by:	Anish Mistry
2006-06-05 14:44:39 +00:00
Robert Watson
b6cd2d9e08 Shorten audit record zone name.
Perforce change:	93598
Obtained from:	TrustedBSD Project
2006-06-05 14:11:28 +00:00
Robert Watson
2ca38be3bf No longer unconditionally drain the audit record queue if there is
not an active audit trail: instead, continue to iterate through
each record in case an audit pipe is interested.

Obtained from:	TrustedBSD Project
2006-06-05 14:09:59 +00:00
Robert Watson
32962122cd Pull BSM conversion logic out of audit_record_write(), as well as
knowledge of user vs. kernel audit records into
audit_worker_process_record().  This largely confines vnode
knowledge to audit_record_write(), but avoids that logic knowing
about BSM as opposed to byte streams.  This will allow us to
improve our ability to support real-time audit stream processing
by audit pipe consumers while auditing is disabled, but this
support is not yet complete.

Obtained from:	TrustedBSD Project
2006-06-05 13:50:02 +00:00
Robert Watson
62bb2e9199 Assert audit mtx in audit_worker_drain().
Break out logic to call audit_record_write() and handle error
conditions into audit_worker_process_record().  This will be the
future home of some logic now present in audit_record_write()
also.

Obtained from:	TrustedBSD Project
2006-06-05 13:46:55 +00:00
Robert Watson
b3ae6323f0 Use struct kaudit_queue instead of a hand-crafted queue type for
audit records in the audit_worker thread.

Obtained from:	TrustedBSD Project
2006-06-05 13:45:05 +00:00
Robert Watson
40c96d7279 Rename audit_cv to audit_worker_cv, as it wakes up the audit
worker.

Rename audit_commit_cv to audit_watermark_cv, since it is there to
wake up threads waiting on hitting the low watermark.  Describe
properly in comment.

Obtained from:	TrustedBSD Project
2006-06-05 13:43:57 +00:00
Robert Watson
6e79e6f805 Audit command, uid arguments for quotactl().
Audit the mode argument to mkfifo().
Audit the target path passed to symlink().

Submitted by:	wsalamon
Obtained from:	TrustedBSD Project
2006-06-05 13:34:23 +00:00
Robert Watson
4b6d6bcffd Merge OpenBSM 1.0 alpha 6 changes for BSM token creation to
src/sys/security/audit:

- Clarify and clean up AUR_ types to match Solaris.
- Clean up use of host vs. network byte order for IP addresses.
- Remove combined user/kernel implementations of some token creation
  calls, such as au_to_file(), header calls, etc.

Obtained from:	TrustedBSD Project
2006-06-05 13:13:02 +00:00
Robert Watson
d3778141bf Audit path passed to the acct() system call.
Obtained from:	TrustedBSD Project
2006-06-05 13:02:34 +00:00
Robert Watson
0f0075fb90 Merge OpenBSM 1.0 alpha 6 version of audit_record.h to src/sys:
- Cleanup of AUR_ data types.
- Comment fixes.
- au_close_token() definition.
- Break out of kernel vs. user space token interfaces for headers.

Note: this may briefly break the kernel build until other kernel files are
updated to match.

Obtained from:	TrustedBSD Project
2006-06-05 13:00:52 +00:00
Robert Watson
f6059f4510 Merge OpenBSM 1.0 alpha 6 changes to bsm/audit.h into src/sys: respell
statistics variables.

Submitted by:	Martin Fong <martin dot fong at sri dot com>
Obtained from:	TrustedBSD Project
2006-06-05 12:55:45 +00:00