Commit Graph

1488 Commits

Author SHA1 Message Date
Warner Losh
1dfbd9c2f9 Make it clear that the device name may contain '/' characters to place
a device in a subdirectory.  Also explicitly state that the name is
constructed using fmt like printf would print it.

MFC After: 3 days
2006-11-24 13:10:30 +00:00
Yaroslav Tykhiy
91f3a6db54 Add a guideline for naming new sysctl nodes.
Discussed in:	cvs-src (some time ago)
2006-11-23 14:28:19 +00:00
Ceri Davies
9698be466e Add .Xr to p_cansee.9, remove .Xr to intro.2.
Reviewed by:	ru
Approved by:	ru
2006-11-19 13:36:04 +00:00
Ceri Davies
9bda7d940b Add manuals for cr_cansee(9) and p_cansee(9).
Thanks to Ruslan for the time he spent reviewing these.

Reviewed by:	ru
Approved by:	ru
2006-11-19 13:35:03 +00:00
Ceri Davies
5140328ad3 Have the synopsis compile.
Pointed out by:	ru
2006-11-18 17:56:59 +00:00
Pawel Jakub Dawidek
7ee07175af Change sleepq_add(9) argument from 'struct mtx *' to 'struct lock_object *',
which allows to use it with different kinds of locks. For example it allows
to implement Solaris conditions variables which will be used in ZFS port on
top of sx(9) locks.

Reviewed by:	jhb
2006-11-16 01:02:00 +00:00
Ruslan Ermilov
cd852a2996 Fix build (forgotten MUTEX_PROFILING.9 -> LOCK_PROFILING.9). 2006-11-11 08:59:34 +00:00
Ruslan Ermilov
cbdbe9c47c Replace a reference to no longer existing MUTEX_PROFILING(9) with
a LOCK_PROFILING(9).
2006-11-11 08:41:39 +00:00
Kip Macy
3246dd49fc remove man page for no longer extant option 2006-11-11 06:31:27 +00:00
Kip Macy
d3a96a51cc man page for new option 2006-11-11 06:29:36 +00:00
Ruslan Ermilov
e045a8e698 Fix markup. 2006-11-06 14:28:09 +00:00
Ruslan Ermilov
99c0121e05 Bump document date. 2006-11-06 14:26:43 +00:00
Robert Watson
800c940832 Add a new priv(9) kernel interface for checking the availability of
privilege for threads and credentials.  Unlike the existing suser(9)
interface, priv(9) exposes a named privilege identifier to the privilege
checking code, allowing more complex policies regarding the granting of
privilege to be expressed.  Two interfaces are provided, replacing the
existing suser(9) interface:

suser(td)                 ->   priv_check(td, priv)
suser_cred(cred, flags)   ->   priv_check_cred(cred, priv, flags)

A comprehensive list of currently available kernel privileges may be
found in priv.h.  New privileges are easily added as required, but the
comments on adding privileges found in priv.h and priv(9) should be read
before doing so.

The new privilege interface exposed sufficient information to the
privilege checking routine that it will now be possible for jail to
determine whether a particular privilege is granted in the check routine,
rather than relying on hints from the calling context via the
SUSER_ALLOWJAIL flag.  For now, the flag is maintained, but a new jail
check function, prison_priv_check(), is exposed from kern_jail.c and used
by the privilege check routine to determine if the privilege is permitted
in jail.  As a result, a centralized list of privileges permitted in jail
is now present in kern_jail.c.

The MAC Framework is now also able to instrument privilege checks, both
to deny privileges otherwise granted (mac_priv_check()), and to grant
privileges otherwise denied (mac_priv_grant()), permitting MAC Policy
modules to implement privilege models, as well as control a much broader
range of system behavior in order to constrain processes running with
root privilege.

The suser() and suser_cred() functions remain implemented, now in terms
of priv_check() and the PRIV_ROOT privilege, for use during the transition
and possibly continuing use by third party kernel modules that have not
been updated.  The PRIV_DRIVER privilege exists to allow device drivers to
check privilege without adopting a more specific privilege identifier.

This change does not modify the actual security policy, rather, it
modifies the interface for privilege checks so changes to the security
policy become more feasible.

Sponsored by:		nCircle Network Security, Inc.
Obtained from:		TrustedBSD Project
Discussed on:		arch@
Reviewed (at least in part) by:	mlaier, jmg, pjd, bde, ceri,
			Alex Lyashkov <umka at sevcity dot net>,
			Skip Ford <skip dot ford at verizon dot net>,
			Antoine Brodin <antoine dot brodin at laposte dot net>
2006-11-06 13:37:19 +00:00
Pawel Jakub Dawidek
162ce1a75f When the source and destination objects for VOP_RENAME() are the same,
POSIX advice to just ignore the operation and return 0.
We already handle this case in kern_rename(), but don't give bad example -
the source is not removed.
2006-11-04 23:59:51 +00:00
Pawel Jakub Dawidek
479a8f8dd7 VOP_REMOVE() doesn't unlock vnodes nor decrease reference counts. 2006-11-04 23:58:15 +00:00
Pawel Jakub Dawidek
89780ffb72 Better English.
Submitted by:	ru
2006-11-01 12:44:28 +00:00
Pawel Jakub Dawidek
2c0ea12df5 - Document two new function g_alloc_bio() and g_duplicate_bio().
- Bump modification date.
- Update copyright years.
2006-11-01 12:42:14 +00:00
Pawel Jakub Dawidek
c4639cb3d8 Document BIO_FLUSH request. 2006-11-01 12:34:35 +00:00
Pawel Jakub Dawidek
1d2aee20b8 Add a new disk flag - DISKFLAG_CANFLUSHCACHE, which indicates that the disk
can handle BIO_FLUSH requests.

Sponsored by:	home.pl
2006-10-31 21:12:43 +00:00
Maxim Konovalov
efc7cb843b o Fix incorrect function name (kobj_free -> kobj_delete).
Obtained from:	DragonFlyBSD
MFC after:	1 week
2006-10-28 10:57:35 +00:00
Ruslan Ermilov
aa7331bf20 Bump document date for the previous change. 2006-10-21 16:08:21 +00:00
Ruslan Ermilov
a341ab7170 Add missing "const" qualifiers.
Submitted by:	bde
2006-10-19 11:03:44 +00:00
Daniel Gerzo
627a09e3c1 Expand "don't".
Approved by: trhodes (mentor), keramida (mentor)
MFC after: 3 days
2006-10-16 07:59:05 +00:00
Pawel Jakub Dawidek
a1a72ac75a Explain that using 64bit arguments on 32bit architectures with CTRx()
macros is a bad idea.
2006-10-15 12:40:27 +00:00
Ruslan Ermilov
72377e4c4b Sort MAN and MLINKS lists. 2006-10-05 12:40:44 +00:00
John-Mark Gurney
32d5d9ffc9 sort MLINKS properly
Pointed out by:	ru
2006-10-05 08:55:35 +00:00
Ruslan Ermilov
74a603eb00 Polish markup and some wording.
Discussed with:	jmg (also reviewed by him)
2006-10-05 08:42:07 +00:00
John-Mark Gurney
b5cc2eb72f forgot to update the date... 2006-10-04 20:17:14 +00:00
John-Mark Gurney
90db62aca6 add man page talking about how to interface w/ the kqueue system so others
can write additional filters...

mdoc police please!
2006-10-04 20:16:23 +00:00
Andre Oppermann
b2c1b09193 Connect hash(9) to the build and add MLINKS for all functions.
Pointed out by:	ru
2006-10-02 11:51:25 +00:00
Konstantin Belousov
7251f55777 Remove long untrue note about storing state information inside free items.
OKed by:	rwatson, tegge
Approved by:	pjd (mentor)
MFC after:	1 week
2006-10-02 07:27:00 +00:00
Ruslan Ermilov
bd84dd2f8f Revise markup. 2006-09-30 17:09:59 +00:00
Warner Losh
fa81ece897 Document config_intrhook.
MFC After: 250 millifortnights
2006-09-25 20:12:13 +00:00
Ruslan Ermilov
81ae4b8da9 Markup fixes. 2006-09-18 15:24:20 +00:00
Ruslan Ermilov
a3a57e81b3 Correct the list of bus_space_*_stream_[1248] functions in the
STREAM FUNCTIONS section:

- Really list only and all *_stream_* functions.
- Don't list their arguments (it's pointless).
2006-09-18 14:31:03 +00:00
Warner Losh
32494417a8 Bump date, per ru@ 2006-09-12 15:48:22 +00:00
Warner Losh
788de9d472 Add note about identify routines needing to use BUS_ADD_CHILD rather
than device_add_child.  The latter is only for busses adding children,
not children drivers telling a bus that they have an instance...
2006-09-11 22:17:18 +00:00
Ruslan Ermilov
590fd053c0 Document that bits are numbered from 1 in the %b format argument. 2006-09-08 14:05:03 +00:00
John-Mark Gurney
d1c32d02b6 now that we have bus_get_dma_tag, document it's requirement in
bus_dma_tag_create
2006-09-03 00:31:21 +00:00
Ruslan Ermilov
07bf564cab - Fix some bugs in the descriptions of DMA sync operations.
- Tweak some text so it's less likely to confuse the reader.

OK'ed by:	scottl
2006-08-31 19:38:52 +00:00
Pawel Jakub Dawidek
44689dc087 Update. 2006-08-26 11:32:40 +00:00
Pav Lucistnik
2eec31dfb4 - Talk about memory allocation in interrupt context
- Add uam to see also

Submitted by:	Devon H. O'Dell <devon.odell@coyotepoint.com>
2006-08-25 19:04:42 +00:00
Konstantin Belousov
653ed924e4 Note that LK_UPGRADE may drop the shared lock before taking the
exclusive one.

Reviewed and edited by:	tegge
MFC after:	3 days
Approved by:	pjd (mentor)
2006-08-21 12:45:19 +00:00
David E. O'Brien
c157a036a9 Add an extension to the UINT & ULONG types. The XINT & XLONG types behave
the same, except sysctl(8) will print out the values in hex.
2006-08-12 23:33:10 +00:00
David E. O'Brien
b470b929f3 Fix bug preventing the proper displaying of the CTLFLAG_WR option. 2006-08-12 20:09:33 +00:00
Maxim Konovalov
1cb58a0783 o GC MT_FTABLE removed in rev. 1.192 mbuf.h.
o Correct MT_HEADER define.
2006-07-24 07:32:23 +00:00
Florent Thoumie
f1acac210b Fix typo (s/writeer/writer/). 2006-07-17 10:39:20 +00:00
Maxim Konovalov
533baf579b o Sort sx(9) MLINKS. 2006-07-12 19:12:16 +00:00
Pawel Jakub Dawidek
d8e7058159 Document sx_xlocked(9).
Submitted by:	ssouhlal
2006-07-12 15:40:35 +00:00
Joel Dahl
b4b4e2e0fe Gah. Replace another instance of "Developer's Handbook" with
"Architecture Handbook".
2006-07-11 16:26:40 +00:00