Commit Graph

70161 Commits

Author SHA1 Message Date
Robert Watson
7a0a89d2cb Merge OpenBSM alpha 4 from OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge).  Add libauditd build parts and add to auditd's linkage;
force libbsm to build before libauditd.

OpenBSM history for imported revisions below for reference.

MFC after:      1 month
Sponsored by:   Apple Inc.
Obtained from:  TrustedBSD Project

OpenBSM 1.1 alpha 4

- With the addition of BSM error number mapping, we also need to map the
  local error number passed to audit_submit(3) to a BSM error number,
  rather than have the caller perform that conversion.
- Reallocate user audit events to avoid collisions with Solaris; adopt a
  more formal allocation scheme, and add some events allocated in Solaris
  that will be of immediate use on other platforms.
- Add an event for Calife.
- Add au_strerror(3), which allows generating strings for BSM errors
  directly, rather than requiring applications to map to the local error
  space, which might not be able to entirely represent the BSM error
  number space.
- Major auditd rewrite for launchd(8) support.  Add libauditd library
  that is shared between launchd and auditd.
- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for
  (re)starting auditing under launchd(8) on Mac OS X.
- Add 'current' symlink to active audit trail.
- Add crash recovery of previous audit trail file when detected on audit
  startup that it has not been properly terminated.
- Add the event AUE_audit_recovery to indicated when an audit trail file
  has been recovered from not being properly terminated.  This event is
  stored in the new audit trail file and includes the path of recovered
  audit trail file.
- Mac OS X and FreeBSD dependent code in auditd.c is separated into
  auditd_darwin.c and auditd_fbsd.c files.
- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system
  calls.
- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
- Add support for NOTICE level logging.

OpenBSM 1.1 alpha 3

- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
  between BSM error numbers (largely the Solaris definitions) and local
  errno(2) values for 32-bit and 64-bit return tokens.  This is required
  as operating systems don't agree on some of the values of more recent
  error numbers.
- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the
  total size for the token.  This buge.
- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.
2008-12-31 11:12:24 +00:00
Warner Losh
a84736bdf6 When no driver attaches to a card, don't power down the card. We can
now read config registers of cardbus cards that are inserted, but
aren't attached to a driver.
Also, add a power related comment...
2008-12-31 07:41:42 +00:00
Warner Losh
703b345233 First pass at 64-bit elf support 2008-12-31 07:38:04 +00:00
Alan Cox
e2abaaaa2b Update or eliminate some stale comments. 2008-12-31 05:44:05 +00:00
Ivan Voras
98a4431181 Document the relationship between enum VM_GUEST and the vm_guest_sysctl_names
array.

Approved by:	gnn (original version)
2008-12-30 23:49:54 +00:00
Alan Cox
7438d60b4b Avoid an unnecessary memory dereference in vm_map_entry_splay(). 2008-12-30 21:52:18 +00:00
Joe Marcus Clarke
e7f54c1b71 Add a VOP_VPTOCNP implementation for pseudofs which covers file systems
such as procfs and linprocfs.

This implementation's locking was enhanced by kib.

Reviewed by:	kib
		des
Approved by:	des
		kib
Tested by:	pho
2008-12-30 21:49:39 +00:00
Alan Cox
095104ac36 Style change to vm_map_lookup(): Eliminate a macro of dubious value. 2008-12-30 20:51:07 +00:00
Peter Holm
1d347f061f Added missing second part of cleaning j->ip[46] as requested by bz
Approved by:	kib (mentor)
Pointy hat:	pho
2008-12-30 20:39:47 +00:00
Rui Paulo
8a20da1c71 Disable USB bluetooth (needs netgraph built in) and USB audio (doesn't
compile).
2008-12-30 20:25:49 +00:00
Rui Paulo
e287cc5d31 Disable USB bluetooth (needs netgraph built in) and USB audio (doesn't
compile).
2008-12-30 20:13:20 +00:00
Alan Cox
4c3ef59e3d Move the implementation of the vm map's fast path on address lookup from
vm_map_lookup{,_locked}() to vm_map_lookup_entry().  Having the fast path
in vm_map_lookup{,_locked}() limits its benefits to page faults.  Moving
it to vm_map_lookup_entry() extends its benefits to other operations on
the vm map.
2008-12-30 19:48:03 +00:00
Rui Paulo
0b8454a9a0 Add a kernel config file so that users have less difficulty testing
USBng.

If it makes sense, it could be done for arm/mips too.
2008-12-30 19:46:06 +00:00
Peter Holm
bc971b2c82 Make sure that unused j->ip[46] are cleared
Reviewed by:	bz
Approved by:	kib (mentor)
2008-12-30 17:54:25 +00:00
Robert Watson
a9f3c7d2ff Rename mbcnt to mbcnt_delta in uipc_send() -- unlike other local
variables named mbcnt in uipc_usrreq.c, this instance is a delta
rather than a cache of sb_mbcnt.

MFC after:	3 weeks
2008-12-30 16:09:57 +00:00
Konstantin Belousov
7efa697d80 Clear the pointers to the file in the struct filedesc before file is closed
in fdfree. Otherwise, sysctl_kern_proc_filedesc may dereference stale
struct file * values.

Reported and tested by:	pho
MFC after:	1 month
2008-12-30 12:51:56 +00:00
Konstantin Belousov
83e73926ad In r185557, the check for existing negative entry for the given name
did not compared nc_dvp with supplied parent directory vnode pointer.
Add the check and note that now branches for vp != NULL and vp == NULL
are the same, thus can be merged.

Reported and reviewed by:	kan
Tested by:	pho
MFC after:	2 weeks
2008-12-30 12:51:14 +00:00
Luigi Rizzo
df52a87993 A number of small changes to make the 'save choice to disk' safer,
and re-enable it as default.

In particular:

+ re-enable the 'update' flag in the Makefile (of course!);

+ commit Warner's patch "orb $NOUPDATE,_FLAGS(%bp)"
  to avoid writing to disk in case of a timeout/default choice;

+ fix an off-by-one count in the partition scan code that would
  print the wrong name for unknown partitions;

+ unconditionally change the boot prompt to 'Boot:' instead of 'Default:'
  to make room for the extra code/checks/messages. Some of the changes
  listed below are also made to save space;

+ rearrange and fix comments for known partition types. Right now we
  explicitly recognise *BSD, Linux, FAT16 (type 6, used on many USB keys),
  NTFS (type 7), FAT32 (type 11).
  Depending on other options we also recognise Extended (type 5),
  FAT12 (type 1) and FAT16 < 32MB (type 4).

+ Add an entry "F6 PXE" when the code is built with -DPXE (which is
  a default now). Technically, F6 boots through INT18, so the prompt 'PXE'
  is a bit misleading. Unfortunately the name INT18
  is too long and does not fit in - we could use ROM perhaps.
  The reason I picked 'PXE' is that on many (I believe) new systems
  INT18 calls PXE.

Apart from the choice of the name for PXE/ROM/INT18, this should close
pending issues on the 1-sector boot0 code and we should be able to
move the code to RELENG_7 when it reopens.

No boot0cfg changes are necessary.

MFC after:	3 weeks
2008-12-30 09:40:50 +00:00
Warner Losh
a26b1f3d06 Bump the odometer of the years, this time a bit early for 7.1R. 2008-12-30 04:48:59 +00:00
Ed Schouten
71b6d504c1 Fix compilation. Also move ogetkerninfo() to kern_xxx.c.
It seems I forgot to remove `int error' from a single piece of code. I'm
also moving ogetkerninfo() to kern_xxx.c, because it belongs to the
class of compat system information system calls, not the generic sysctl
code.
2008-12-29 19:24:00 +00:00
Konstantin Belousov
78e4cea909 When the insmntque() in the pfs_vncache_alloc() fails, vop_reclaim calls
pfs_vncache_free() that removes pvd from the list, while it is not yet
put on the list.

Prevent the invalid removal from the list by clearing pvd_next and
pvd_prev for the newly allocated pvd, and only move pfs_vncache list
head when the pvd was at the head.

Suggested and approved by:	des
MFC after:	2 weeks
2008-12-29 13:25:58 +00:00
Ed Schouten
ddf9d24349 Push down Giant inside sysctl. Also add some more assertions to the code.
In the existing code we didn't really enforce that callers hold Giant
before calling userland_sysctl(), even though there is no guarantee it
is safe. Fix this by just placing Giant locks around the call to the oid
handler. This also means we only pick up Giant for a very short period
of time. Maybe we should add MPSAFE flags to sysctl or phase it out all
together.

I've also added SYSCTL_LOCK_ASSERT(). We have to make sure sysctl_root()
and name2oid() are called with the sysctl lock held.

Reviewed by:	Jille Timmermans <jille quis cx>
2008-12-29 12:58:45 +00:00
Konstantin Belousov
22a448c4d9 vm_map_lock_read() does not increment map->timestamp, so we should
compare map->timestamp with saved timestamp after map read lock is
reacquired, not with saved timestamp + 1. The only consequence of the +1
was unconditional lookup of the next map entry, though.

Tested by:	pho
Approved by:	des
MFC after:	2 weeks
2008-12-29 12:45:11 +00:00
Konstantin Belousov
c990bf0896 Use curproc->p_sysent->sv_flags bit SV_ILP32 for detection of the 32 bit
caller, instead of direct comparision with ia32_freebsd_sysvec.

Tested by:	pho
Approved by:	des
MFC after:	2 weeks
2008-12-29 12:41:32 +00:00
Konstantin Belousov
505d02eebe Drop the pseudofs vnode lock around call to pfs_read handler. The handler
may need to lock arbitrary vnodes, causing either lock order reversal or
recursive vnode lock acquisition.

Tested by:	pho
Approved by:	des
MFC after:	2 weeks
2008-12-29 12:12:23 +00:00
Konstantin Belousov
99ec92c962 After the pfs_vncache_mutex is dropped, another thread may attempt to
do pfs_vncache_alloc() for the same pfs_node and pid. In this case, we
could end up with two vnodes for the pair. Recheck the cache under the
locked pfs_vncache_mutex after all sleeping operations are done [1].

This case mostly cannot happen now because pseudofs uses exclusive vnode
locking for lookup. But it does drop the vnode lock for dotdot lookups,
and Marcus' pseudofs_vptocnp implementation is vulnerable too.

Do not call free() on the struct pfs_vdata after insmntque() failure,
because vp->v_data points to the structure, and pseudofs_reclaim()
frees it by the call to pfs_vncache_free().

Tested by:	pho [1]
Approved by:	des
MFC after:	2 weeks
2008-12-29 12:07:18 +00:00
Kip Macy
3a6d1fcf9c merge 186535, 186537, and 186538 from releng_7_xen
Log:
 - merge in latest xenbus from dfr's xenhvm
 - fix race condition in xs_read_reply by converting tsleep to mtx_sleep

Log:
 unmask evtchn in bind_{virq, ipi}_to_irq

Log:
 - remove code for handling case of not being able to sleep
 - eliminate tsleep - make sleeps atomic
2008-12-29 06:31:03 +00:00
Robert Watson
980b6e45aa Vendor import of OpenBSM 1.1 alpha4, which incorporates the following
changes since the last imported OpenBSM release:

OpenBSM 1.1 alpha 4

- With the addition of BSM error number mapping, we also need to map the
  local error number passed to audit_submit(3) to a BSM error number,
  rather than have the caller perform that conversion.
- Reallocate user audit events to avoid collisions with Solaris; adopt a
  more formal allocation scheme, and add some events allocated in Solaris
  that will be of immediate use on other platforms.
- Add an event for Calife.
- Add au_strerror(3), which allows generating strings for BSM errors
  directly, rather than requiring applications to map to the local error
  space, which might not be able to entirely represent the BSM error
  number space.
- Major auditd rewrite for launchd(8) support.  Add libauditd library
  that is shared between launchd and auditd.
- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for
  (re)starting auditing under launchd(8) on Mac OS X.
- Add 'current' symlink to active audit trail.
- Add crash recovery of previous audit trail file when detected on audit
  startup that it has not been properly terminated.
- Add the event AUE_audit_recovery to indicated when an audit trail file
  has been recovered from not being properly terminated.  This event is
  stored in the new audit trail file and includes the path of recovered
  audit trail file.
- Mac OS X and FreeBSD dependent code in auditd.c is separated into
  auditd_darwin.c and auditd_fbsd.c files.
- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system
  calls.
- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
- Add support for NOTICE level logging.

OpenBSM 1.1 alpha 3

- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
  between BSM error numbers (largely the Solaris definitions) and local
  errno(2) values for 32-bit and 64-bit return tokens.  This is required
  as operating systems don't agree on some of the values of more recent
  error numbers.
- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the
  total size for the token.  This bug resulted in "unknown" tokens being
  printed after the exec args/env tokens.
- Support for AUT_SOCKET_EX extended socket tokens, which describe a
  socket using a pair of IPv4/IPv6 and port tuples.
- OpenBSM BSM file header version bumped for 1.1 release.
- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.

Obtained from:	TrustedBSD Project
Sponsored by:	Apple Inc.
2008-12-28 22:40:42 +00:00
Bjoern A. Zeeb
42d866dd69 For consistency use LLE_IS_VALID() in this 4th place that is actually
interested in the (void *)-1 return value hack.
This way we can easily identify those special parts of the code.
2008-12-28 21:18:01 +00:00
Kip Macy
08a2459ee1 drop rnh lock before destroying it 2008-12-28 14:32:27 +00:00
Ganbold Tsagaankhuu
dff1491c74 Remove unused variable.
Found with:     Coverity Prevent(tm)
CID: 542

Approved by: weongyo
2008-12-28 13:50:58 +00:00
Bjoern A. Zeeb
767f578ae3 Include std.ixp425 for "cpu" and comment out duplicate memory map
options. Using the already included std.avila is not considered
to be entirely right (and the options slightly differ) but the best
match we currently have. Upcoming work should fit better.

Reorder another variable to match the layout of other configs.

Reviewed by:	sam, warner (earlier version with options removed)
2008-12-28 11:04:24 +00:00
Bjoern A. Zeeb
1f8bd75e77 Like in the rest of the file and the network stack use inp as
variable name for the inpcb.
For consistency with the other *_hdrsiz functions use 'size'
instead of 'siz' as variable name.

No functional change.

MFC after:	4 weeks
2008-12-27 23:24:59 +00:00
Bjoern A. Zeeb
de47c3909d Non-functional (style) changes:
- Always use round brackets with return ().
- Add empty line to beginning of functions without local variables.
- Comments start with a capital letter and end in a '.'.
  While there adapt a few comments.

Reviewed by:	rwatson
MFC after:	4 weeks
2008-12-27 22:58:16 +00:00
Bjoern A. Zeeb
cd1a38f58a Convert function definitions to constantly use ANSI-style
parameter declarations.

Reviewed by:	rwatson
MFC after:	4 weeks
2008-12-27 21:20:34 +00:00
Stanislav Sedov
d85f3935ec - Fix incorrect array declaration that was causing the stack overflow
on some (most?) Asus laptops.

Discussed with:	rpaulo
Approved by:	kib (mentor)
MFC after:	2 weeks
2008-12-27 20:48:11 +00:00
Bjoern A. Zeeb
b63904a132 Rewrite ipsec6_setspidx_inpcb() to match the logic in the
(now) equivalent IPv4 counterpart.

MFC after:	4 weeks
2008-12-27 20:37:53 +00:00
Bjoern A. Zeeb
1a12375fe5 For consistency with ipsec4_setspidx_inpcb() rename file local function
ipsec6_setspidx_in6pcb() to ipsec6_setspidx_inpcb().

MFC after:	4 weeks
2008-12-27 19:42:59 +00:00
Bjoern A. Zeeb
28097b18e7 Change the in6p variable names to inp to be able to diff
the v4 to the v6 implementations.

MFC after:	4 weeks
2008-12-27 19:37:46 +00:00
Bjoern A. Zeeb
60de54d283 In additions to the configs from r185478, which also enabled the
use of modules for arm, disable them by adding MODULES_OVERRIDE=""
here as well.

Reviewed by:	sam
MFC after:	3 weeks
2008-12-27 19:03:57 +00:00
Sam Leffler
db90f779c1 arm is in DEFAULTS; remove dup
Submitted by:	bz
2008-12-27 19:02:01 +00:00
Bjoern A. Zeeb
2a497de19f Removed duplicate
makeoptions    MODULES_OVERRIDE=""
2008-12-27 17:22:17 +00:00
Bjoern A. Zeeb
34820bbf06 Hide detect_virtual() along with the accompanying string
arrays under #ifndef XEN to make XEN config compile again.
In case of Xen vm_guest is hard coded.

Move the list for the vm_guest sysctl out of the restictive
bounds as the sysctl is there in either case.
2008-12-27 17:19:16 +00:00
Alexander Kabaev
7d376cbce3 Minor style(9) compliance change. 2008-12-27 16:03:34 +00:00
Roman Kurakin
11a12794a9 Add support for the Oxford OX16PCI958-based card.
Note, that the patch provided with this card for the Linux states that
the card uses DEFAULT_RCLK * 2, while in fact it is '* 10'.  So probably
we should also use the subdevice/subvendord here. For now just ignore
that fact.

PR:		kern/129665
Submitted by:	bsam
Obtained from:	united efforst with bsam
2008-12-27 15:22:22 +00:00
Ulf Lilleengen
2155338ac1 - Fix an issue with access permissions to underlying disks used by a gvinum
plex. If the plex is a raid5 plex, and is being written to, parity data might
  have to be read from the underlying disks, requiring them to be opened for
  reading as well as writing.

MFC after:	1 week
2008-12-27 14:32:39 +00:00
Weongyo Jeong
0454f8732e unbreak the build. Decoupled the USB2's NDIS build from the default
build.

Pointy hat to:  me
2008-12-27 12:23:22 +00:00
Bjoern A. Zeeb
44a2eb509f Remove an unused variable to make the SENTRY5 mips kernel compile
(though with some asm warning).
2008-12-27 11:38:41 +00:00
Alexander Motin
f496eee7e3 Add some found NVidia MCP7x HDA controller IDs. 2008-12-27 11:00:20 +00:00
Peter Holm
ab62a2d023 Prevent overflow of uio_resid.
Approved by:	kib
2008-12-27 10:13:43 +00:00