Commit Graph

126510 Commits

Author SHA1 Message Date
rwatson
0e87efb2f4 Update kernel OpenBSM parts, especially src/sys/bsm, for the OpenBSM
1.0 alpha 9 import.  See the OpenBSM import commit message for a
detailed summary of changes.

Obtained from:  TrustedBSD Project
2006-08-26 08:17:58 +00:00
rwatson
8846902a40 Update for OpenBSM 1.0 alpha 9.
Obtained from:	TrustedBSD Project
2006-08-26 08:12:17 +00:00
rwatson
8eb051b933 Resolove conflicts from OpenBSM 1.0 alpha 9 into audit_event.
Obtained from:	TrustedBSD Project
2006-08-26 08:08:47 +00:00
rwatson
d2770d13ee This commit was generated by cvs2svn to compensate for changes in r161630,
which included commits to RCS files with non-trunk default branches.
2006-08-26 08:04:15 +00:00
rwatson
3dabba580b Vendor import of OpenBSM 1.0 alpha 9, with the following change history
notes since the last import:

OpenBSM 1.0 alpha 9

- Rename many OpenBSM-specific constants and API elements containing the
  strings "BSM" and "bsm" to "AUDIT" and "audit", observing that this is true
  for almost all existing constants and APIs.
- Instead of passing a per-instance cookie directly into all audit filter
  APIs, pass in the audit filter daemon state pointer, which is then used by
  the module using an audit_filter_{get,set}cookie() API.  This will allow
  future service APIs provided by the filter daemon to maintain their own
  state -- for example, per-module preselection state.

OpenBSM 1.0 alpha 8

- Correct typo in definition of AUR_INT.
- Adopt OpenSolaris constant values for AUDIT_* configuration flags.
- Arguments to au_to_exec_args() and au_to_exec_env() no longer const.
- Add kernel versions of au_to_exec_args() and au_to_exec_env().
- Fix exec argument type that is printed for env strings from 'arg' to 'env'.
- New OpenBSM token version number assigned, constants added for other
  commonly seen version numbers.
- OpenBSM-specific events assigned numbers in the 43xxx range to avoid future
  collisions with Solaris.  Darwin events renamed to AUE_DARWIN_foo, as they
  are now deprecated numberings.
- autoconf now detects clock_gettime(), which is not available on Darwin.
- praudit output fixes relating to arg32 and arg64 tokens.
- Maximum record size updated to 64k-1 to match Solaris record size limit.
- Various style and comment cleanups in include files.

This is an MFC candidate to RELENG_6.

Obtained from:	TrustedBSD Project
2006-08-26 08:04:15 +00:00
alc
8f32cfe8b1 Prevent a call to contigmalloc() that asks for more physical memory than
the machine has from causing a panic.

Submitted by: Michael Plass
PR: 101668
MFC after: 3 days
2006-08-26 02:43:23 +00:00
alc
72ff1a9186 Eliminate unused definitions. (They came from NetBSD.)
Discussed with: cognet, grehan, marcel
2006-08-25 23:51:11 +00:00
imp
67e2676521 Pass whatever the value of NM down to lorder. This allows one to
override NM in Makefiles when, for example, cross compiling and have
that value be used by lorder.  NM normally isn't defined, so we pass a
null value to lorder.  lorder says 'NM=${NM-nm}' which causes it to
pickup the default value.
2006-08-25 23:50:05 +00:00
thompsa
6e3cd0c979 Move the bridge hook after the loopback check so that IFF_SIMPLEX is honoured
on member interfaces. This makes us the same as OpenBSD/NetBSD.

MFC after:	3 days
2006-08-25 20:16:39 +00:00
thompsa
3289f04db9 The bridge cant hear its own transmissions so set IFF_SIMPLEX.
PR:		kern/102361
Tested by:	Radim Kolar <hsn@netmag.cz>
MFC after:	3 days
2006-08-25 20:11:56 +00:00
pav
f58a78e801 - Talk about memory allocation in interrupt context
- Add uam to see also

Submitted by:	Devon H. O'Dell <devon.odell@coyotepoint.com>
2006-08-25 19:04:42 +00:00
emax
06408c929f - Catch up with ongoing rwatson's socket work;
- Fix a couple of LORs and panics;

- Temporarily remove the code that tries to cleanup sockets that stuck
  on accepting queues (both complete and incomplete). I'm taking an ostrich
  approach here until I find a better way to deal with sockets that were
  disconnected before accepting (i.e. while socket was on complete or
  incomplete accept queue).
2006-08-25 17:53:13 +00:00
jhb
3bdf41a5e4 Use the pcb in stoppcbs[] if it is present for threads that were running
on other CPUs in system when a dump is written.

Submitted by:	ups
Reviewed by:	marcel
MFC after:	3 days
2006-08-25 16:20:17 +00:00
ceri
0db75312ec Note that the system only allows a maximum of kern.kq_calloutmax timers.
PR:		docs/102353
Submitted by:	phk
MFC after:	1 week
2006-08-25 15:19:47 +00:00
pjd
a2a865527b Fix comment. 2006-08-25 15:13:49 +00:00
cognet
53e0a06a26 Explicitely set the "allocbuffer" field to NULL when creating a new dmamap. 2006-08-25 15:10:45 +00:00
cognet
3748f87bf1 Do not create dma maps with bus_dmamap_create, as we call
bus_dmamem_alloc later which will overwrite the value, leading to a small
memory leak.
2006-08-25 13:38:42 +00:00
netchild
fedc5604a0 Emulate what vfork does instead of using it in linux_vfork. This way
we can do the stuff we need to do with linux processes at fork and
don't panic the kernel at exit of the child.

Submitted by:	rdivacky
Tested with:	tst-vfork* (glibc regression tests)
Tested by:	netchild
2006-08-25 11:59:56 +00:00
rwatson
cd0b41ad37 Don't call suser_cred() directly from linux_sethostname(), as it just
wraps userland_sysctl(), which performs necessary privilege checks as
part of its normal operation.

MFC after:	1 week
2006-08-25 11:02:42 +00:00
davidxu
fa0e6a0558 Same as previous change, the user provided priority should be reversed
too.
2006-08-25 10:05:30 +00:00
ru
a48b0e1228 - Fix options order.
- Touch manpage's document date.
2006-08-25 09:58:13 +00:00
ru
1f50dbf4f2 Remove a stray -a option that probably sneaked in from julian's
attempt to enter append mode twice in vi(1).  :-)
2006-08-25 09:42:16 +00:00
sos
632c97e1f1 Properly initialize and destroy the RAID lock.
Also dont mess with RAID's thats not attached yet and avoid panic.
2006-08-25 09:33:56 +00:00
maxim
12a681a764 o Fix style(9) for previous. 2006-08-25 09:14:23 +00:00
thompsa
e1f848cfb4 Fix spelling. 2006-08-25 08:25:35 +00:00
trhodes
f21ca27dec Add login.conf checking to periodic security scripts. If the login.conf file
is not UID/GID 0, limits will be ignored and a strange error sent to auth.log.

Head nod:	ru, rwatson
2006-08-25 07:34:36 +00:00
rwatson
31d250192d Remove $P4$ from this file; other then temporarily P4-local work in
progress the kernel audit code in CVS is considered authoritative.
This will ease $P4$-related merging issues during the CVS loopback.

Obtained from:	TrustedBSD Project
2006-08-25 07:30:23 +00:00
davidxu
e2f7e9cc95 Initialize kg_base_user_pri. 2006-08-25 06:29:16 +00:00
davidxu
8e3f035b3f Add user priority loaning code to support priority propagation for
1:1 threading's POSIX priority mutexes, the code is no-op unless
priority-aware umtx code is committed.
2006-08-25 06:12:53 +00:00
maxim
73837f2df4 A bunch of fixes from NetBSD:
o Restore owner/group/mode/atime/mtime of symbolic links, rev. 1.30.
o Extract file flags of symbolic link, rev. 1.42.
o Call getfile() before altering file attributes.
  Open file with mode 0600 instead of 0666 so that file won't remain
  group or world readable/writable even if getfile() terminated.
  Move skipfile() before altering file attributes in IF{CHR,BLK} and
  IFIFO case for symmetry, rev. 1.32.
o Use file mode 0600 when creating special file or fifo, revs. 1.33, 1.34.

o Remove redundant -N check.

PR:		bin/101660
Submitted by:	Andrey V. Elsukov
Obtained from:	NetBSD, enami@netbsd
MFC after:	6 weeks
2006-08-25 05:46:47 +00:00
alc
d108c1d6d1 The return value from vm_pageq_add_new_page() is not used. Eliminate it. 2006-08-25 04:36:19 +00:00
davidxu
dd7f1d7e06 Add member kg_base_user_pri and flag TDF_UBORROWING, they will be used
to support userland priority propagation for 1:1 threading.
2006-08-25 03:15:27 +00:00
trhodes
e3d91b1fd3 Send more Alpha bits to the bin. 2006-08-25 00:36:59 +00:00
grehan
9053cfbe6a Remove file that snuck in accidentally in Marcel's gdb commit. 2006-08-25 00:21:48 +00:00
cognet
d4600e67df Finally bring it support for the i80219 XScale processor.
Submitted by:	Max M. Boyarov <m.boyarov bsd by>
2006-08-24 23:51:28 +00:00
cognet
ccd457af25 Use ELFDATA2MSB if we're building big endian.
Noticed by:	Oleksandr Tymoshenko <gonzo freebsd org>
2006-08-24 23:00:03 +00:00
marius
5e65c8cd9e Remove the DPMS code in creator_blank_display(), as it causes some
LCDs to blink in the V_DISPLAY_ON case, at least in combination with
some 13W3-VGA-adaptors (what's exactly going on is unclear though,
as it happens when all of H-sync, V-sync and video output are enabled
and not touching the sync bits from the preset fixes it). Thus
creator_blank_display() now is reduced to turning the video output
on/off.
Although that DPMS code did what the XFree86/Xorg sunffb(4x) does,
it was questionable in the first place, as both implementations
also turn(ed) off the video output on standby and suspend, thus most
likely causing the monitor to turn off instead of entering standby
or suspend as intended (at least my monitors don't).

Reported and tested by:	Patrick Reich
MFC after:		3 days
2006-08-24 22:00:24 +00:00
marcel
693fc69022 Add initial support for kgdb(1) on PowerPC. 2006-08-24 21:53:49 +00:00
marcel
3aec95aaac Add skeletal support for GDB. In particular gdb_cpu_getreg() needs
implementing to make GDB support usable.
2006-08-24 21:52:11 +00:00
rik
4e1573f953 Fix typo in a comment: DEFINE_CLASSx => DEFINE_CLASS_x.
MFC after: 1 week
2006-08-24 21:09:39 +00:00
julian
b0fd0e6925 Add an option to allow copying of a hierarchy while linking he regular files.
Bikeshedded to death on: hackers
Submitted by:andersonatcenttech.com
MFC in: 1 month
2006-08-24 20:45:38 +00:00
ru
e574350b77 Fix another fallout from the IF_LLADDR() type change.
Spotted by:	mwlucas
2006-08-24 19:50:00 +00:00
marius
604b84193c Fix a bug introduced with rev. 1.204; in vfs_donmount() use
copyout(9) instead of copystr(9) for copying the errmsg from
kernel- to user-space. This fixes a panic on sparc64 when
using the nmount(2)-converted mountd(8).
While at it, use bcopy(3) instead of strncpy(3) in the kernel-
to kernel-space case for consistency with vfs_buildopts() and
between kernel- to user-space and kernel- to kernel-space case.
2006-08-24 18:52:28 +00:00
obrien
1b5c41598b Don't read in /etc/src.conf when building ports.
Reported by:	obrien
Submitted by:	ru
2006-08-24 18:04:49 +00:00
rwatson
1e4f4abfce Add kqueue support to audit pipe pseudo-devices.
Obtained from:	TrustedBSD Project
2006-08-24 17:42:38 +00:00
danger
9c7584b81f - add note about IPSEC_FILTERGIF to fast_ipsec(4) and let the users know
that it is not possible to use Fast IPsec in conjuction with KAME IPsec
- add available kernel options to ipsec(4)
- add reference for fast_ipsec(4) to ipsec(4)

Reviewed by: trhodes (mentor), keramida (mentor)
Approved by: keramida (mentor)
2006-08-24 17:07:19 +00:00
imp
bf45440613 Always make obj when building the libraries. This never hurts, and
helps some cross-architecture building tool installation patches that
I'm developing.
2006-08-24 17:02:26 +00:00
emax
2b65f3157a Define mtu as u_int16_t not as int. This should fix problem with rfcomm
on sparc64.

Reported by:	Andrew Belashov <bel at orel dot ru>
Tested by:	Andrew Belashov <bel at orel dot ru>
MFC after:	3 days
2006-08-24 16:51:02 +00:00
marcel
06caf42da4 Build gdb on PowerPC. 2006-08-24 15:46:29 +00:00
bmah
b3006313bd New release notes: IPFIREWALL_FORWARD_EXTENDED removed (+MFC),
fsdb(8) btime.

Modified release notes: Changed Xbox note to only point to the
platforms page (there are pointers to additional information
there)...note MFC.

MFCs noted:  IPFilter 4.1.13.
2006-08-24 14:45:56 +00:00