95346 Commits

Author SHA1 Message Date
Robert Watson
5d79de444b Hook up to the build for options MAC:
security/mac/mac_net.c
	security/mac/mac_pipe.c
	security/mac/mac_process.c
	security/mac/mac_system.c
	security/mac/mac_vfs.c

Note: Here begins a period of NOTES/LINT build breakage due to duplicate
symbols that will shortly be removed from kern_mac.c.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:39:33 +00:00
Robert Watson
6cc24dcbb4 Remove non-VFS related code from mac_vfs.c. Leave:
Extended attribute transaction warning flag if transactions aren't
  supported on the EA implementation being used.

  Debug fallback flag to permit a less conservative fallback if reading
  an on-disk label fails.

  Enforce_fs toggle to enforce file systme access control.

  Debugging counters for file system objects: mounts, vnodes, devfs_dirents.

  Object initialization, destruction, copying, internalization,
  externalization, relabeling for file system objects.

  Life cycle operations for devfs entries.

  Generic extended attribute label implementation for use by UFS, UFS2 in
  multilabel mode.

  Generic single-level label implementation for use by all file systems
  when in singlelabel mode.

  Exec-time transition based on file label entry points.

  Vnode operation access control checks (many).

  Mount operation access control checks (few).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:29:41 +00:00
Poul-Henning Kamp
d55b513f6e Fix a braino memory leak.
Found by:	Pawel Jakub Dawidek <nick@garage.freebsd.pl>
2003-10-22 20:28:46 +00:00
Tom Rhodes
b0e30de9d8 Make WARNS=2 build without error. 2003-10-22 20:11:42 +00:00
Robert Watson
6bd1173258 Remove non-system bits from mac_system.c. Leave:
Enforce_kld, enforce_system access control toggles.
  Access control checks for: kenv operation, kld operations,
    sysarch_ioperm(), acct(), nfsd(), reboot(), settime(), swapon(),
    swapoff(), sysctl().

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:09:12 +00:00
Robert Watson
5a9c1aaac5 Remove non-credential/process-related bits from mac_process.c. Leave:
Enforce_process, enforce_vm access control enforcement twiddles.
  Credential, process label counters.
  VM revocation sysctls/tunables.
  Credential label management, internalization/externalization/relabel
    code.
  Process label management.
  Proc0, proc1 creation, cred creation.
  Thread userret.
  mac_execve_enter(), _exit(), transition at exec-time.
  VM revocation on process label change.
  Process-related access control checks (visibility, debug, signal, sched).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:02:04 +00:00
Tom Rhodes
5c9124b23e Add back the commas ',' in usage to avoid a garbled usage message.
They were erroneously removed in revision 1.27.
2003-10-22 19:50:57 +00:00
Robert Watson
73275908f7 Remove non-pipe code from mac_pipe.c. Leave:
Pipe enforcement flag.
  Pipe object debugging counters.
  MALLOC type for MAC label storage.
  Pipe MAC label management routines, externalize/internalization/change
    routines.
  Pipe MAC access control checks.

Un-staticize functions called from mac_set_fd() when operating on a
pipe.  Abstraction improvements in this space seem likely.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 19:31:57 +00:00
Hajimu UMEMOTO
86b51224d4 we have ppsratecheck(). 2003-10-22 19:23:51 +00:00
Robert Watson
28e65e3d2b Remove non-network related contents from mac_net.c. Leave:
Network and socket enforcement toggles.
  Counters for network objects (mbufs, ifnets, bpfdecs, sockets, and ipqs).
  Label management routines for network objects.
  Life cycle events for network objects.
  Label internalization/externalization/relabel for ifnets, sockets,
    including ioctl implementations for sockets, ifnets.
  Access control checks relating to network obejcts.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 19:15:34 +00:00
Hajimu UMEMOTO
9bcf770ca8 IP6Q_LOCK_CHECK -> IP6Q_LOCK_ASSERT.
Sugested by:	sam
2003-10-22 19:03:49 +00:00
Tor Egge
f0da6ec99b Initialize bp->b_offset to the physical offset in partition
so GEOM knows where to read from disk.
2003-10-22 18:57:59 +00:00
Hajimu UMEMOTO
66bb118edd drop the code of HAVE_NRL_INPCB part. our system doesn't
use NRL style INPCB.
2003-10-22 18:52:57 +00:00
Robert Watson
86ea834c58 The following shared types/constants/interfaces/... are required
in mac_internal.h:

  Sysctl tree declarations.

  Policy list structure definition.

  Policy list variables (static, dynamic).

  mac_late flag.

  Enforcement flags for process, vm, which have checks in multiple files.

  mac_labelmbufs variable to drive conditional mbuf labeling.

  M_MACTEMP malloc type.

  Debugging counter macros.

  MAC Framework infrastructure primitives, including policy locking
    primitives, kernel label initialization/destruction, userland
    label consistency checks, policy slot allocation.

  Per-object interfaces for objects that are internalized and externalized
    using system calls that will remain centrally defined: credentials,
    pipes, vnodes.

  MAC policy composition macros: MAC_CHECK, MAC_BOOLEAN, MAC_EXTERNALIZE,
    MAC_INTERNALIZE, MAC_PERFORM.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 18:49:29 +00:00
Alan Cox
ab42316c2f - Retire vm_pageout_page_free(). Instead, use vm_page_select_cache() from
vm_pageout_scan().  Rationale: I don't like leaving a busy page in the
   cache queue with neither the vm object nor the vm page queues lock held.
 - Assert that the page is active in vm_pageout_page_stats().
2003-10-22 18:41:32 +00:00
Robert Watson
bdf26406e9 Forced commit to recognize repo-copy from src/sys/kern/kern_mac.c to
src/sys/security/mac/mac_{internal.h,net.c,pipe.c,process.c,system.c,
vfs.c}.  kern_mac.c has rapidly become the second-largest file in
src/sys/kern, and was not well organized.  In follow-up commits,
components of the MAC Framework will be broken out into different
mac_* files.

Thanks Joe!
2003-10-22 18:32:42 +00:00
Sean Chittenden
c80f12d0af Reduce fstab(5)/mount(8) confusion by changing the man pages to say "ro"
instead of "rdonly".  "rdonly" works for mount(8) and mount_std(8) but
not from /etc/fstab, whereas "ro" works for all mount_*(8) commands.
2003-10-22 18:25:49 +00:00
Hajimu UMEMOTO
3b1a779723 oops, gai_strerror must return default value when error code
isn't found in ai_errlist.
2003-10-22 16:53:21 +00:00
Hajimu UMEMOTO
b29ec00b70 make ai_errlist struct. this is preparation for RFC3493
(EAI_NODATA is depricated).

Obtained from:	KAME
2003-10-22 15:41:38 +00:00
Hajimu UMEMOTO
31e8f7e530 pretect ip6 reassemble queue by use of mutex.
Submitted by:	rwatson (with modification)
2003-10-22 15:32:56 +00:00
Hajimu UMEMOTO
9888c40195 - implement lock around IPv6 reassembly, to avoid panic due to
frag6_drain (mutex version will come later).
- limit number of fragments (not fragment queues) in kernel.

Obtained from:	KAME
2003-10-22 15:29:42 +00:00
Hajimu UMEMOTO
1ab976cb03 protect sid_default and sid.
Submitted by:	rwatson (with modification)
2003-10-22 15:13:36 +00:00
Hajimu UMEMOTO
65b01ff848 reduce calling in6_addr2zoneid(). 2003-10-22 15:12:06 +00:00
Hajimu UMEMOTO
e115574c1d protect by IFNET_RLOCK. 2003-10-22 15:10:39 +00:00
Hartmut Brandt
9e9dbe0430 Link libngatm to the build (unless NOATM is set). 2003-10-22 15:01:16 +00:00
Hartmut Brandt
a25f8a3d51 Add a sub-directory to netnatm for the SAAL headers. 2003-10-22 13:15:09 +00:00
Hartmut Brandt
216cf9f739 Makefile for the NgATM user space library. 2003-10-22 11:52:35 +00:00
SUZUKI Shinsuke
b18521ee3b more strict sanity check for ESP tail
Obtained from: KAME
2003-10-22 10:44:59 +00:00
Hiten Pandya
e229cfa536 Fix the include path of rijndael.h.
PR:		docs/58437
Submitted by:	Joachim Strombergson
2003-10-22 10:00:09 +00:00
Hartmut Brandt
477b11e5a6 Some upgrade instructions. 2003-10-22 09:28:49 +00:00
Marcel Moolenaar
b32428bbc5 The FP status register allows for 6 traps to be masked. One of them,
the denormal/unnormal trap, is not a standard IEEE trap. We did
not exclude it from being returned by fpgetmask(), nor did we make
sure that fpsetmask() didn't clobber it. Since the non-IEEE trap
is not part of fp_except_t, users of ifpgetmask()/fpsetmask() would
be confronted with unexpected behaviour, one of which is a SIGFPE
for denormal/unnormal FP results.

This commit makes sure that we don't leak the denormal/unnormal mask
bit in fp_except_t and also that we don't clobber it.
2003-10-22 09:00:07 +00:00
Hartmut Brandt
552b83803a This commit was generated by cvs2svn to compensate for changes in r121330,
which included commits to RCS files with non-trunk default branches.
2003-10-22 08:09:00 +00:00
Hartmut Brandt
e869973eec Virgin import of the NgATM SAAL layer user part v0.9. 2003-10-22 08:09:00 +00:00
Hartmut Brandt
a919999bd9 Some upgrade instructions. 2003-10-22 07:44:45 +00:00
Hartmut Brandt
8711ce79a7 Virgin import of the NgATM SAAL layer shared kernel/user part v0.9. 2003-10-22 07:41:16 +00:00
Hartmut Brandt
9d5fb541c6 This commit was generated by cvs2svn to compensate for changes in r121326,
which included commits to RCS files with non-trunk default branches.
2003-10-22 07:41:16 +00:00
Hartmut Brandt
0eecad8da7 Remove a gcc-ism: declaring a variable array at the end of a structure
as [0] and replace it with the ISO way of writing []. This has caused
warnings with WARNS=6.
2003-10-22 07:35:05 +00:00
Hidetoshi Shimokawa
cfa42d3692 Add '0x' in front of EUI64 to avoid confusion. 2003-10-22 07:23:27 +00:00
Poul-Henning Kamp
43bff1a7ab Forgotten commit: If a provider has zero sectorsize, it is an
indication of lack of media.

Tripped up:	peter
2003-10-22 06:32:20 +00:00
Sam Leffler
04e22a026d terminate the rx descriptor list with a self-linked entry
so high phy error rates on a 5212 don't cause rx overruns
2003-10-22 04:37:34 +00:00
Alan Cox
d3c09dd7db - Assert that every page found in the active queue is an active page. 2003-10-22 03:08:24 +00:00
Simon L. B. Nielsen
923959c28f Reflect the fact that fxtv is now found in ports/multimedia/fxtv.
PR:		docs/58355
Submitted by:	Simon Barner <barner@in.tum.de>
2003-10-21 23:36:46 +00:00
Matt Jacob
081a1c2536 Turn off ISP_SMPLOCK- not to be turned on again.
Until we can have perfect knowledge that all callers above us think it's okay
for us to sleep, releasing *our* locks of course, we don't dare try and sleep.
2003-10-21 21:52:23 +00:00
Hajimu UMEMOTO
d24cb2490d stop use of NI_WITHSCOPEID. it was deprecated.
Obtained from:	KAME
2003-10-21 20:11:47 +00:00
Hajimu UMEMOTO
9a4f9608ad - change scope to zone.
- change node-local to interface-local.
- better error handling of address-to-scope mapping.
- use in6_clearscope().

Obtained from:	KAME
2003-10-21 20:05:32 +00:00
Sergei Kolobov
8ffdadcf4a Add myself.
Approved by:	krion (mentor)
2003-10-21 19:56:23 +00:00
Alan Cox
0d42c05ff4 - Assert that the containing vm object is locked in
vm_page_set_validclean().  (This function reads and modifies the
   vm page's valid field, which is synchronized by the lock on the
   containing vm object.)
2003-10-21 19:36:51 +00:00
Hiroki Sato
bbda0368ba Merge the following from the English version:
1.183 -> 1.184	hardware/common/dev.sgml
	1.640 -> 1.644	relnotes/common/new.sgml
2003-10-21 19:29:10 +00:00
Søren Schmidt
4788059c5e Properly unload the DMA SG list on errors. 2003-10-21 19:25:20 +00:00
Søren Schmidt
80344be509 Fix the DMA problem that most severely hit on the DS3112a SATA chip
in connection with Marvell based SATA->PATA dongles.

The problem was caused by a combination of things working
together to make it hard to spot...

The ATA driver has always started the ATA command, then build
the SG list for DMA and then finally started the DMA engine.
While this is according to specs, it poses a potential
problem as some controllers apparently do not allow for unlimitted
time between starting the ATA command and starting the DMA engine.

At about the same time as ATAng was committed there were lots
of other changes applied, some of which was locking in parts
that causes the busdma load functions to take significantly
longer to load the SG list.

This pushed the time spent between starting the ATA command and
starting the DMA engine over the hill for some controllers
(especially the Silicon Image DS3112a) and caused what looked
like lost interrupts.

The solution is to get all the SG list work or rather all
busdma related stuff done before we even try to start anything.

This has the nice side effect of seperating busdma out the
way it should be, so the working of the ATA machinery is not
cluttered up with busdma droppings, making the code easier
to read and understand.
2003-10-21 19:20:37 +00:00