d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
64,988 Commits 4 Branches 49 Tags
Commit Graph

27919 Commits

Author SHA1 Message Date
Robert Watson
ce3a32b6da o Modify pcvt ioctl() security checks to use securelevel_gt() instead 
of direct securelevel variable checks.  (Yet another API to perform
  direct hardware I/O using KDENABIO.)

Obtained from:	TrustedBSD Project
 2001-09-26 20:21:28 +00:00
Robert Watson
9997f52470 o Modify spigot_open() to use securelevel_gt() instead of direct 
securelevel variable checks.

Obtained from:	TrustedBSD Project
 2001-09-26 20:20:05 +00:00
Robert Watson
f86cf763ef o Modify generic specfs device open access control checks to use 
securelevel_ge() instead of direct securelevel variable checks.

Obtained from:	TrustedBSD Project
 2001-09-26 20:18:26 +00:00
Robert Watson
8c7cc7234e o Modify syscons ioctl securelevel checks to use securelevel_gt() (oh look, 
yet another API to do direct hardware I/O access.)

Obtained from:	TrustedBSD Project
 2001-09-26 20:17:15 +00:00
Robert Watson
19f1565901 o Modify open() and close() for /dev/random to use securelevel_gt() instead 
of direct securelevel variable checks.

Obtained from:	TrustedBSD Project
 2001-09-26 20:15:42 +00:00
Robert Watson
8002488bd9 o Modify access control code for /dev/pci device to use securelevel_gt() 
instead of direct securelevel variable test.

Obtained from:	TrustedBSD Project
 2001-09-26 20:14:03 +00:00
Robert Watson
f7312ca2a9 o Modify access control code for the CAM SCSI pass-through device to 
use securelevel_gt() instead of direct securelevel variable test.

Obtained from:	TrustedBSD Project
 2001-09-26 20:13:16 +00:00
Robert Watson
330e78897a o Modify i386_set_ioperm() to use securelevel_gt() instead of 
direct securelevel variable checks.

Obtained from:	TrustedBSD Project
 2001-09-26 20:08:15 +00:00
Robert Watson
1851c8fd41 o Modify device open access control for /dev/mem and friends to use 
securelevel_gt() instead of direct securelevel variable checks.

Obtained from:	TrustedBSD Project
 2001-09-26 20:08:02 +00:00
Robert Watson
785f9ffca3 o Modify IPFW and DUMMYNET administrative setsockopt() calls to use 
securelevel_gt() to check the securelevel, rather than direct access
  to the securelevel variable.

Obtained from:	TrustedBSD Project
 2001-09-26 19:58:29 +00:00
Robert Watson
d501d04b9e o Modify static settime() to accept the proc * for the process requesting 
a time change, and callers so that they provide td->td_proc.
o Modify settime() to use securevel_gt() for securelevel checking.

Obtained from:	TrustedBSD Project
 2001-09-26 19:53:57 +00:00
Robert Watson
c2f413af19 o Modify sysctl access control check to use securelevel_gt(), and 
clarify sysctl access control logic.

Obtained from:	TrustedBSD Project
 2001-09-26 19:51:25 +00:00
Matthew Dillon
46cad5761c Enable vmiodirenable by default. Remove incorrect comment from sysctl.conf. 
MFC after:	1 week
 2001-09-26 19:35:04 +00:00
Doug Rabson
fa129a40db Tidy up and fix a runtime warning. 2001-09-26 16:15:20 +00:00
Matthew Dillon
3418ebebfe Make uio_yield() a global. Call uio_yield() between chunks 
in vn_rdwr_inchunks(), allowing other processes to gain an exclusive
lock on the vnode.  Specifically: directory scanning, to avoid a race to the
root directory, and multiple child processes coring simultaniously so they
can figure out that some other core'ing child has an exclusive adv lock and
just exit instead.

This completely fixes performance problems when large programs core.  You
can have hundreds of copies (forked children) of the same binary core all
at once and not notice.

MFC after:	3 days
 2001-09-26 06:54:32 +00:00
Marcel Moolenaar
b18013f823 The arg parameter is passed by value in Linux, but not in FreeBSD. 
We still have to account for a copyin. Make sure the copyin will
succeed by passing the FreeBSD syscall a pointer to userspace,
albeit one that's automagically mapped into kernel space.

Reported by: mr, Mitsuru IWASAKI <iwasaki@jp.FreeBSD.org>
Tested by: Mitsuru IWASAKI <iwasaki@jp.FreeBSD.org>
 2001-09-26 05:39:59 +00:00
Paul Saab
88b1d98f31 Lock the vnode while truncating the corefile. This fixes a panic 
with softupdates dangling deps.

Submitted by:	peter
MFC:		ASAP :)
 2001-09-26 01:24:07 +00:00
Brooks Davis
9efaa0ae62 Add a standard hack in the spirit of PCI_ENABLE_IO_MODES to allow systems 
with weird PCI-PCI bridge configurations to work.  Defining
PCI_ALLOW_UNSUPPORTED_IO_RANGE causes the sanity checks to pass even
with out of range values.

Reviewed by:	msmith
 2001-09-26 01:11:33 +00:00
Bill Fenner
bd5b9e17b0 Fix (typo? pasteo?): panic("ffs_mountroot..." -> panic("ntfs_mountroot...") 2001-09-26 00:36:33 +00:00
Peter Wemm
4d7552180d Make this 'make obj' safe 2001-09-26 00:13:08 +00:00
John Baldwin
21377ce065 Remove superflous parens after de-macroizing. 2001-09-26 00:05:18 +00:00
John Baldwin
6b12d30f28 Include sys/ktr.h before sys/_lock.h to ensure LOCK_DEBUG is set to its 
proper value.
 2001-09-25 23:52:30 +00:00
John Baldwin
9ba567a07c Move the definition of LOCK_DEBUG from sys/lock.h to sys/_lock.h. 2001-09-25 23:51:54 +00:00
Robert Watson
75bc5b3f22 o So, when <dd> e-mailed me and said that the comment was inverted 
for securelevel_ge() and securelevel_gt(), I was a little surprised,
  but fixed it.  Turns out that it was the code that was inverted, during
  a whitespace cleanup in my commit tree.  This commit inverts the
  checks, and restores the comment.
 2001-09-25 21:08:33 +00:00
Doug Rabson
5f802bfc9f Calculate the valid flag for ITRs and DTRs correctly. Also fix a couple 
of minor problems and remove some debugging code.
 2001-09-25 19:44:19 +00:00
Brooks Davis
2f65332817 The faith(4) device is no longer a count device so don't specify a count. 2001-09-25 18:56:40 +00:00
Brooks Davis
9494d5968f Make faith loadable, unloadable, and clonable. 2001-09-25 18:40:52 +00:00
Søren Schmidt
72c2f499ce Add a fix for the VIA82C686B data corruption bug. 
This fixed the problem on the 3 platforms I've been able to test on.

I'm still of the oppinion that the BIOS should take care of this,
however some board makers only apply this when they spot a
SBLive! soundcard, but the problem exists even without a SBLive!.

This fix should probably go somewhere else, but for now I'll
keep it here since we havn't got a central place to put
such things.
 2001-09-25 17:10:39 +00:00
Kazutaka YOKOTA
d4b248f23e Yet another turn of workaround for psm/ACPI/PnP BIOS 
problems currently experienced in -CURRENT.

This should fix the problem that the PS/2 mouse is detected
twice if the acpi module is not loaded on some systems.
 2001-09-25 16:59:28 +00:00
Bill Paul
9aa35f2391 Add some definitions for the DSP programming registers in the BCM5400 
and BCM5401 PHYs.
 2001-09-25 16:41:56 +00:00
Dag-Erling Smørgrav
8712e867e1 Clean up my source tree to avoid getting hit too badly by the next KSE or 
whatever mega-commit.  This goes some way towards adding support for
writeable files (needed by procfs).
 2001-09-25 13:25:30 +00:00
Dag-Erling Smørgrav
689364858e Clean up my source tree to avoid getting hit too badly by the next KSE or 
whatever mega-commit.  No real functional changes, just some experiments /
work in progress.
 2001-09-25 13:24:24 +00:00
Robert Watson
aaef1c3934 o Further clarify comment: ad Udo's request, re-insert the 'if' 
refering to securelevels; also, update the unprivileged process text
  to better indicate the scope of actions permittable when any system
  flags are already set (limited).

Submitted by:	Udo Schweigert <udo.schweigert@siemens.com>
 2001-09-25 12:02:44 +00:00
Mike Barcroft
3273a63ed9 A process name may contain whitespace and unprintable characters, 
so convert those characters to octal notation.  Also convert
backslashes to octal notation to avoid confusion.

Reviewed by:	des
MFC after:	1 week
 2001-09-25 04:42:40 +00:00
Robert Watson
82e83c60b3 o Parallelize the comment on the relationship between privileged un-jailed 
processes and the actual securelevel check: make the comment use '> 0'
  instead of inverted '<= 0'.
 2001-09-25 02:26:10 +00:00
Robert Watson
f5ef42be31 s/securelvel/securelevel/ 2001-09-25 02:15:00 +00:00
Ian Dowse
1782e17d6f Add a missing dereference level. This caused nfsm_postop_attr_xx() 
to try and extract node attributes from an RPC reply even if none
were present.

Reviewed by:	peter
 2001-09-25 00:00:33 +00:00
Doug Rabson
3dc2c2d530 Use b6 instead of b1 - b1 is supposed to be preserved and b6 is scratch. 2001-09-24 22:50:20 +00:00
Doug Rabson
f8c1540f3d Make the Alternate {I,D} TLB vector code actually work for virtual 
addresses greater than 256M (the page size for region 6 and 7).
 2001-09-24 22:49:20 +00:00
Doug Rabson
588154e27b Don't try to access external files from SKI unless we are actually running 
in SKI.
 2001-09-24 20:01:29 +00:00
Doug Rabson
40aef04652 Increase the number of bootstrap PVs. 2001-09-24 20:00:20 +00:00
Doug Rabson
9324a7e743 Include <machine/pte.h> instead of <machine/pmap.h> 2001-09-24 19:58:15 +00:00
Doug Rabson
32956c3d49 We need different call stubs for static and stacked calling conventions. 2001-09-24 19:41:16 +00:00
Doug Rabson
9164a3125a Add commands to dump the itrs and dtrs. 2001-09-24 19:39:34 +00:00
Doug Rabson
bc14d41c7e Return the mapkey which EFI gave us when we read the memory map - we need 
it to call ExitBootServices.
 2001-09-24 19:37:44 +00:00
Doug Rabson
6544e18249 Tidy up a little - don't try to print anything or enable interrupts after 
we start changing translation registers. Also, call ExitBootServices
before we jump into the kernel.
 2001-09-24 19:36:45 +00:00
Doug Rabson
6dd44dacaa Pick up pal.s from the kernel sources. 2001-09-24 19:31:44 +00:00
Doug Rabson
378482865e Factor out PTE and related definitions from pmap.h - they are useful in 
the loader.
 2001-09-24 19:27:38 +00:00
Ian Dowse
5d76690a7f The addition of i_dirhash to struct inode pushed RELENG_4's 
sizeof(struct inode) into a new malloc bucket on the i386. This
didn't happen in -current due to the removal of i_lock, but it does
no harm to apply the workaround to -current first.

Reduce the size of the i_spare[] array in struct inode from 4 to
3 entries, and change ext2fs to use i_din.di_spare[1] so that it
does not need i_spare[3].

Reviewed by:	bde
MFC after:	3 days
 2001-09-24 18:29:20 +00:00
Doug Rabson
cdb0e1b453 Fix a few comment typos from the last commit. 2001-09-24 17:38:58 +00:00