82190 Commits

Author SHA1 Message Date
jhb
49204cfd7f No need for pmtimer hint anymore. 2002-10-22 17:32:27 +00:00
jhb
5dc5449f4b Add an identify method that creates a pmtimer0 device if it doesn't alreedy
exist.  Hints are no longer needed to instantiate a pmtimer(4) device.
2002-10-22 17:30:52 +00:00
rwatson
7b35ce62ba Remove the mac_te policy bits from 'struct oldmac' -- we're not going
to merge mac_te, since the SEBSD port of SELinux/FLASK provides a much
more mature Type Enforcement implementation.  This changes the size
of the on-disk 'struct oldmac' EA labels, which may require regeneration.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 17:19:06 +00:00
fjoe
a5a8d4e8e0 remove unused __sys_sigaltstack() declaration
Approved by:	deischen
2002-10-22 17:13:32 +00:00
fjoe
4c61e16b27 fix pthread_suspend/resume_all_np() declarations
Approved by:	deischen
2002-10-22 17:11:49 +00:00
rwatson
a069ca3e04 opt_mac.h is no longer required for any of these modules, remove from
the dependencies.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 17:10:15 +00:00
bmah
ba7568999c Add Sun type 6 USB keyboard and mouse to supported device list.
PR:		43974
Submitted by:	Hendrik Scholz <hendrik@scholz.net>
2002-10-22 17:09:23 +00:00
bmah
4e7d2b0c8d New release notes: devctl, gbde(8), RAIDframe/raid(4), devd(8),
removal of many (but not all) games.
2002-10-22 17:05:36 +00:00
rwatson
3d192c6f03 Don't enforce MAC Biba policy for socket visibility if Biba is not
explicitly enabled.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 17:02:42 +00:00
mdodd
3397b88e7e Reserve a major number for NVIDIA. 2002-10-22 16:42:16 +00:00
alfred
4a01787436 Explain to users that they may want to kldload aio.
Move Xref sections.

Submitted by: Craig Rodrigues <rodrigc@attbi.com>
2002-10-22 16:12:27 +00:00
robert
dedc53fcbe Change the `mutex_prof' structure to use three variables contained
in an anonymous structure as counters, instead of an array with
preprocessor-defined names for indices.  Remove the associated XXX-
comment.
2002-10-22 16:06:28 +00:00
rwatson
2beb20db79 Invoke mac_check_vnode_mmap() during mmap operations on vnodes,
permitting policies to restrict access to memory mapping based on
the credential requesting the mapping, the target vnode, the
requested rights, or other policy considerations.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 15:56:44 +00:00
rwatson
e40371a8f9 Introduce MAC_CHECK_VNODE_SWAPON, which permits MAC policies to
perform authorization checks during swapon() events; policies
might choose to enforce protections based on the credential
requesting the swap configuration, the target of the swap operation,
or other factors such as internal policy state.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 15:53:43 +00:00
rwatson
9fe777b3e6 Missed in previous merge: export sizeof(struct oldmac) rather than
sizeof(struct mac).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 15:33:33 +00:00
nyan
1e375d38c6 MFi386: revision 1.543. 2002-10-22 15:25:25 +00:00
phk
81502b2227 Remove more private MAKEDEV kludges. 2002-10-22 15:25:19 +00:00
luigi
f3f6ee7e03 List some of the Compact Flash readers known to work with this driver.
MFC after: 3 days
2002-10-22 15:23:13 +00:00
nyan
617ebb340b Merged from sys/isa/syscons_isa.c revision 1.20. 2002-10-22 15:22:49 +00:00
phk
260859f738 No longer needed. 2002-10-22 15:22:36 +00:00
nyan
8970451e15 MFi386: revisions 1.189 and 1.190. 2002-10-22 15:19:46 +00:00
jake
675ba849a8 Rename the libc signal trampoline to __sigtramp to match netbsd. This
should allow gdb to detect when we're executing in a signal trampoline.
2002-10-22 15:15:39 +00:00
phk
35c355e2f2 Remove the last traces of bogus MAKEDEV functionality. 2002-10-22 15:07:50 +00:00
phk
6bcf9ad3c5 Give a real error on failure to mount DEVFS. 2002-10-22 15:07:17 +00:00
phk
3ef2ff6c9d Don't use NO_MAKEDEV* option, its the default now. 2002-10-22 15:04:32 +00:00
phk
5a6e603c6a Fix example, we do not need NO_MAKEDEV_RUN any more.
XXX: this example should be updated with a good example of devfs(8) rules.
2002-10-22 15:03:51 +00:00
phk
c7cdb5c4c1 Change to match NO_MAKEDEV* -> MAKEDEV*. 2002-10-22 15:02:53 +00:00
phk
a3930efa79 Invert the logic of the NO_MAKEDEV options to match the 5.0-R default install. 2002-10-22 15:01:50 +00:00
rwatson
d8ee04e4a3 Hook up a sample mac.conf to the install. The sample basically
tells applications to print labels for all of the TrustedBSD-
generated policies, if they are present.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 14:38:49 +00:00
rwatson
9337dcd3d7 Reflect MAC kernel/user API changes into the libc MAC implementation.
This removes a lot of complexity, since we basically just reserve
space on a retrieval of a label, and pass around strings.  Two new
elements: (1) consumers of the API must now declare what label
elements they are interested in retrieving, or (2) rely on the default
provided in a new configuration file, mac.conf.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 14:36:11 +00:00
rwatson
72a45c8fa6 Move the label initialized flag into _label.h: it's no longer
exported to userspace.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 14:32:54 +00:00
rwatson
433e63644a Adapt MAC policies for the new user API changes; teach policies how
to parse their own label elements (some cleanup to occur here in the
future to use the newly added kernel strsep()).  Policies now
entirely encapsulate their notion of label in the policy module.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 14:31:34 +00:00
jhb
fdfbfa99f4 - Check that a process isn't a new process (p_state == PRS_NEW) before
trying to acquire it's proc lock since the proc lock may not have been
  constructed yet.
- Split up the one big comment at the top of the loop and put the pieces
  in the right order above the various checks.

Reported by:	kris (1)
2002-10-22 14:31:32 +00:00
rwatson
4651fb3eba Support the new MAC user API in kernel: modify existing system calls
to use a modified notion of 'struct mac', and flesh out the new variation
system calls (almost identical to existing ones except that they permit
a pid to be specified for process label retrieval, and don't follow
symlinks).  This generalizes the label API so that the framework is
now almost entirely policy-agnostic.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 14:29:47 +00:00
rwatson
a60c645b42 Revised APIs for user process label management; the existing APIs relied
on all label parsing occuring in userland, and knowledge of the loaded
policies in the user libraries.  This revision of the API pushes that
parsing into the kernel, avoiding the need for shared library support
of policies in userland, permitting statically linked binaries (such
as ls, ps, and ifconfig) to use MAC labels.  In these API revisions,
high level parsing of the MAC label is done in the MAC Framework,
and interpretation of label elements is delegated to the MAC policy
modules.  This permits modules to export zero or more label elements
to user space if desired, and support them in the manner they want
and with the semantics they want.  This is believed to be the final
revision of this interface: from the perspective of user applications,
the API has actually not changed, although the ABI has.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 14:27:44 +00:00
rwatson
d560423432 Regen. 2002-10-22 14:23:52 +00:00
rwatson
a3ad68f14a Flesh out prototypes for __mac_get_pid, __mac_get_link, and
__mac_set_link, based on __mac_get_proc() except with a pid,
and __mac_get_file(), __mac_set_file() except that they do
not follow symlinks.  First in a series of commits to flesh
out the user API.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-22 14:22:24 +00:00
mike
96b853f537 Note that id_t can also hold a gid_t. Realign comments. 2002-10-22 13:26:35 +00:00
sheldonh
6a5bf67574 Fix typo in comments (misspelled "necessary"). 2002-10-22 12:10:27 +00:00
phk
aa430888dc Live with it: I had hoped to find a neat way to deal with all the magic
numbers, but so far havn't come up with anything:  Add an #ifdef PC98.
2002-10-22 11:55:27 +00:00
keramida
ae34f90c7e Typo: loose -> lose.
Submitted by:	trevor
2002-10-22 11:46:06 +00:00
phk
875a5f0d85 Chunk functions in libdisk take an extra arguement for all archs to accomodate
PC98 with less ifdef madness.
2002-10-22 10:52:53 +00:00
phk
1bc5baf5c9 Avoid a lot of #ifdef PC98 code by giving a couple of the Chunk functions
an extra argument for all archs.
2002-10-22 10:51:58 +00:00
tmm
92fdfeb044 Update for BSD.include.dist r1.60 (addition of include/dev/ofw).
Forgotten by:	tmm
Prodded by:	ru
2002-10-22 10:37:07 +00:00
tjr
b7e70b66c9 Add back the typedefs for in_addr_t and in_port_t; some broken autoconf
scripts expect <sys/types.h> to define them.
2002-10-22 09:57:34 +00:00
phk
0d693d8f22 Pick up a prototyp from libdisk.h instead of having our own. 2002-10-22 09:13:27 +00:00
phk
43441f1d03 Swing the weed-whacker around libdisk:
Constify some things.
Staticize some things.
Remove some unused things.
Prototype some things.
Don't install a gazillion man-pages links.
Drop support for ON-TRACK disk-manager.
2002-10-22 09:13:02 +00:00
ru
0cb4cfe3c6 _games is gone in rev. 1.305. 2002-10-22 08:30:31 +00:00
jake
1e5391da25 Start tick at the correct time (cpu_init_clocks), instead of cpu_startup. 2002-10-22 07:10:15 +00:00
silby
2189f14fb7 Add some magic bits necessary to turn the transmitter on for some
(newer) 556B chips.

Requested & tested by:	Dinesh Nambisan <dinesh@nambisan.net>
Magic bits found by:	Dave Dribin & Donald Becker

MFC After:	3 days
2002-10-22 02:33:50 +00:00