Commit Graph

81140 Commits

Author SHA1 Message Date
Robert Watson
b497ca81d6 Make sure that the accounting credential is saved along with the vp
when accounting is suspended--otherwise when accounting is restored,
we may incorrectly assume the credential is valid.

Panics experienced by:	juli
2002-10-05 20:05:23 +00:00
Robert Watson
eea8ea3108 Implement mac_create_devfs_symlink() for policies that interact with
vnode labels.  Sync from MAC tree.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 18:56:25 +00:00
Poul-Henning Kamp
5f79a2e33a Fix argument order mistake when decoding disklabels from on-disk format.
Detected by:	jhay
Sponsored by:	DARPA & NAI Labs.
2002-10-05 18:52:06 +00:00
Robert Watson
74e62b1b75 Integrate a devfs/MAC fix from the MAC tree: avoid a race condition during
devfs VOP symlink creation by introducing a new entry point to determine
the label of the devfs_dirent prior to allocation of a vnode for the
symlink.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 18:40:10 +00:00
Scott Long
e8890ccc51 Remove matcd from MAKEDEV.
X-MFC after:	ASAP
2002-10-05 18:28:48 +00:00
Robert Watson
c27b50f5b4 Merge implementation of mpo_check_vnode_link() for various appropriate
file-system aware MAC policies.  Sync to MAC tree.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 18:25:48 +00:00
Robert Watson
0a69419678 Merge support for mac_check_vnode_link(), a MAC framework/policy entry
point that instruments the creation of hard links.  Policy implementations
to follow.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 18:11:36 +00:00
Robert Watson
56c1541237 While the MAC API has supported the ability to handle M_NOWAIT passed
to mbuf label initialization, that functionality was never merged to
the main tree.  Go ahead and merge that functionality now.  Note that
this requires policy modules to accept the case where the label
element may be destroyed even if init has not succeeded on it (in
the event that policy failed the init).  This will shortly also
apply to sockets.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 17:44:49 +00:00
Robert Watson
87807196f8 Rearrange object and label init/destroy functions to match the
order used in mac_policy.h and elsewhere.  Sort order is basically
"by operation category", then "alphabetically by object". Sync to
MAC tree.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 17:38:45 +00:00
Bruce A. Mah
b3a2c0c074 Add hifn(4) and ubsec(4) devices for i386/pc98. 2002-10-05 17:23:18 +00:00
Bruce A. Mah
b409af0287 New release notes: crypto(4) and related info
Updated release notes:  Update KSE info and add cross-reference to
kse(2) manpage.

Fix a couple of minor typos while I'm here.
2002-10-05 17:22:22 +00:00
Robert Watson
a931e345a9 Sync to MAC tree: use 'flag' instead of 'how' for mac_init_mbuf();
remove a slightly less than useful comment.
2002-10-05 17:18:43 +00:00
Brian Feldman
dab3d85fd7 Don't allow dev_stdclone(9) to accept minors larger than the system is
able to handle (0xffffff).
2002-10-05 17:10:28 +00:00
Robert Watson
69bbb5b1c7 Another big diff, little functional change: move label internalization,
externalization, and cred label life cycle events to entirely above
devfs and vnode events.  Sync from MAC tree.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 16:57:16 +00:00
Robert Watson
08bcdc586e Move all object label init/destroy routines to the head of the
entry points to better match the entry point ordering in mac_policy.h.
Big diff, no functional change; merge from the MAC tree.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 16:54:59 +00:00
Robert Watson
ea599aa018 Synch from TrustedBSD MAC tree:
- If a policy isn't registered when a policy module unloads, silently
  succeed.

- Hold the policy list lock across more of the validity tests to avoid
  races.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 16:46:03 +00:00
Poul-Henning Kamp
3bd6561289 NB: This commit does *NOT* make GEOM the default in FreeBSD
NB: But it will enable it in all kernels not having options "NO_GEOM"

Put the GEOM related options into the intended order.

Add "options NO_GEOM" to all kernel configs apart from NOTES.

In some order of controlled fashion, the NO_GEOM options will be
removed, architecture by architecture in the coming days.

There are currently three known issues which may force people to
need the NO_GEOM option:

boot0cfg/fdisk:
        Tries to update the MBR while it is being used to control
        slices.  GEOM does not allow this as a direct operation.

SCSI floppy drives:
        Appearantly the scsi-da driver return "EBUSY" if no media
        is inserted.  This is wrong, it should return ENXIO.

PC98:
        It is unclear if GEOM correctly recognizes all variants of
        PC98 disklabels.  (Help Wanted!  I have neither docs nor HW)

These issues are all being worked.

Sponsored by:	DARPA & NAI Labs.
2002-10-05 16:35:33 +00:00
Robert Watson
226b96fb6d Cosmetic line wrap synchronization. 2002-10-05 16:33:46 +00:00
Robert Watson
b2f0927ad6 Push the debugging obect label counters into security.mac.debug.counters
rather than directly under security.mac.debug.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 16:30:53 +00:00
Poul-Henning Kamp
d98ce6902e Don't use dkunit() to find our softc when we can hang it off the dev_t.
This removes yet a dependency on the old disklabel stuff.

Sponsored by:	DARPA & NAI Labs.
2002-10-05 15:49:39 +00:00
Poul-Henning Kamp
953afc438f Merge the last couple of my changes to fd.c into the pc98 version.
Sponsored by:	DARPA & NAI Labs
2002-10-05 15:15:43 +00:00
Robert Watson
96adb90996 Begin another merge from the TrustedBSD MAC branch:
- Change mpo_init_foo(obj, label) and mpo_destroy_foo(obj, label) policy
  entry points to mpo_init_foo_label(label) and
  mpo_destroy_foo_label(label).  This will permit the use of the same
  entry points for holding temporary type-specific label during
  internalization and externalization, as well as for caching purposes.
- Because of this, break out mpo_{init,destroy}_socket() and
  mpo_{init,destroy}_mount() into seperate entry points for socket
  main/peer labels and mount main/fs labels.
- Since the prototype for label initialization is the same across almost
  all entry points, implement these entry points using common
  implementations for Biba, MLS, and Test, reducing the number of
  almost identical looking functions.

This simplifies policy implementation, as well as preparing us for the
merge of the new flexible userland API for managing labels on objects.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-05 15:10:00 +00:00
Daniel Eischen
ef795b8f41 Fix building of minimal kernels without npx by rearranging ifdefs.
Also fix some style bugs in surrounding code, and add a comment
about FP state restoral that seems questionable.

Submitted by:	bde
2002-10-05 14:36:14 +00:00
Poul-Henning Kamp
5624b2d4d3 Use in-tree libbsdxml instead of ports based libexpat.
Sponsored by:	DARPA & NAI Labs.
2002-10-05 13:16:07 +00:00
Poul-Henning Kamp
af65c5b73f Match the new g_io_deliver() API in the kernel.
Sponsored by:	DARPA & NAI Labs.
2002-10-05 13:12:10 +00:00
Poul-Henning Kamp
a05c5b8c1a Pass sbuf to the kernel routines to match new kernel code.
Sponsored by:	DARPA & NAI Labs
2002-10-05 13:11:01 +00:00
Maxim Sobolev
790a8088d0 Fix problem introduced in rev.1.406, which can cause already unlocked
mutex being unlocked again causing system panic.
2002-10-05 12:56:10 +00:00
Poul-Henning Kamp
00ab1355ab Plug memoryleaks detected by FlexeLint. 2002-10-05 12:00:11 +00:00
Brian Somers
52ae0b7fb5 If dsgetlabel() returns a label with a size of zero in diskdumpconf(),
treat it as an invalid partition.

This fixes a bug where ``dumpon <device>'' will configure the dump
device at a random offset on the disk if <device> isn't a valid
partition.

Reviewed by: phk
2002-10-05 11:24:21 +00:00
Mike Barcroft
4b96f22259 Fix namespace issues by using visibility conditionals from
<sys/cdefs.h>.  Sort function prototypes.
2002-10-05 05:48:50 +00:00
Mike Barcroft
e61d3b10d7 Fix namespace issues by using visibility conditionals from
<sys/cdefs.h>.
2002-10-05 05:47:56 +00:00
Mike Barcroft
229aeecbbf Change <sys/_sigset.h> to typedef __sigset_t instead of sigset_t, so
that headers that include it can conditionalize sigset_t's visibility.
2002-10-05 05:40:48 +00:00
Juli Mallett
0d29446006 Put an easy-to-miss assignment into the proper place. It was stray in the
middle of a block of code, with no clear assignment.  While here, move one
nearby assignment out of declaration.
2002-10-05 04:49:46 +00:00
Juli Mallett
ecafb24b41 Remove bogus duplicate assignment of local variables. 2002-10-05 04:35:59 +00:00
Robert Watson
6d4d944e33 Get Vinum up and running with GEOM:
(1) Use namei() and devfs to discover devices rather than a hard-coded
    MAKEDEV implementation.  Once rootfs is in place, this will allow
    Vinum to be used for the root file system partition.

(2) Pass FREAD to device opens so that GEOM will return sector size
    rather than an error on attempts to read label data.

(3) Avoid clobbering return values from close_drive() and masking this
    failure, resulting in a later divide by zero due to not having
    updated the Vinum-cached sector size.

(4) Ignore failures from DIOCWLABEL as that appears not to be required
    in the GEOM environment.

We've done testing in simple Vinum environments, but those with more
complex environments might want to give this a spin in DP2 and make
sure everything is up to speed.

Fixes in collaboration with:	iedowse
Reviewed by:			grog
2002-10-05 03:44:00 +00:00
Robert Watson
0c0d4e17e4 Refinement on previous fix for mutex destruction: make sure we don't
release the mutex multiple times for multi-plex volumes.

Following further consultation with:	grog
2002-10-05 03:33:38 +00:00
Robert Watson
96364d6806 Remove a panic on vinum module unload: make sure to destroy all mutexes
before freeing so that WITNESS doesn't dereference mutex data pointers
and page fault.  It's now possible to unload vinum.ko with a GENERIC
kernel on 5.0-CURRENT without panic.

Debugged/fixed with the aid of:	jake, grog
2002-10-05 03:07:23 +00:00
Juli Mallett
e6abe47dbf Define _MACHINE. 2002-10-05 02:56:49 +00:00
Daniel Eischen
be779e1ae2 Once again, remove the i386-specific hacks to save and restore
the FPU state on receiving and returning from a signal.
The FPU save and restore macros are no longer needed, but
remain defined in case we need to use them again (something
else breaks).  They'll be removed permanently once new
syscalls are added to handle the new i386 ucontext size.
2002-10-05 02:22:26 +00:00
Mitsuru IWASAKI
5e0ca5771b Make sure that ACPI PCI driver probe routine call pci_cfgregopen()
before start accessing PCI config space.

Reviewed by:	jhb
2002-10-05 02:16:49 +00:00
Mitsuru IWASAKI
9063802340 Oops, forgot to add main file for my previous commit :-) 2002-10-05 02:06:00 +00:00
Mitsuru IWASAKI
ba835e3fe6 Add code for ACPI PCI link object manipulation.
This allocate the best IRQ to boot-disable devices (have IRQ 0).
Allocated IRQ will be used for PCI interrupt routing when ACPI is
enabled.

Note that verbose messaging enabled for the time being so that
people can easily notice the strange behavior if it happened.
2002-10-05 02:01:05 +00:00
Mike Barcroft
085f8416a2 style(9) <machine/setjmp.h> headers so they look mostly the same. 2002-10-04 22:10:06 +00:00
Mike Barcroft
ddb4fb5b44 Add restrict type-qualifier to sem_getvalue(). 2002-10-04 21:32:00 +00:00
Mike Barcroft
696fbe6b05 o Adjust the SEM_VALUE_MAX macro so that <machine/limits.h> isn't
needed.
o Remove unneeded includes which only add namespace pollution.
o Sort function prototypes.
o Add restrict type-qualifier to sem_getvalue().
2002-10-04 21:31:33 +00:00
Sam Leffler
b18fda4edd add support for /dev/crypto 2002-10-04 20:44:46 +00:00
Sam Leffler
3feb456215 install sys/opencrypto include files in /usr/include/crypto 2002-10-04 20:44:28 +00:00
Sam Leffler
f4bf433552 manual pages for the new kernel crypto support (need work)
Obtained from:	openbsd
2002-10-04 20:43:30 +00:00
Sam Leffler
8b7ce2ff52 hookup new crypto support to the config/build process 2002-10-04 20:42:36 +00:00
Sam Leffler
14c17bd293 New bus_dma interfaces for use by crypto device drivers:
o bus_dmamap_load_mbuf
o bus_dmamap_load_uio

Test on i386.  Known to compile on alpha and sparc64, but not tested.
Otherwise untried.
2002-10-04 20:40:39 +00:00