Commit Graph

81989 Commits

Author SHA1 Message Date
phk
9c61841d19 Constify input to the arc4 seed function.
Implement the lockfile hunting in sector zero.

Sponsored by:	DARPA & NAI Labs.
2002-10-20 11:09:58 +00:00
tjr
8ed112060e When recycling a cached connection, increment the reference count so that
the heap block does not get freed and reused. This should fix the
pkg_add -r crashes that have been happening for months.
2002-10-20 10:36:27 +00:00
ue
300838722e MFbed: hardware/common/dev.sgml 1.108 -> 1.110
relnotes/common/new.sgml 1.433 -> 1.437
2002-10-20 10:11:01 +00:00
phk
5a491baa51 #unifdef the code for checking blessed lock collisions until we need it.
Spotted by:	DARPA & NAI Labs.
2002-10-20 08:48:39 +00:00
phk
973cbe0d43 Fix mis-indentation.
Spotted by:	FlexeLint
2002-10-20 08:46:56 +00:00
phk
83404357e9 Don't track bio allocation in debug output.
Sponsored by:	DARPA & NAI Labs.
2002-10-20 08:45:17 +00:00
phk
7105c422c0 Style(9) and english(9) fixes.
Submitted by:	schweikh
2002-10-20 08:43:56 +00:00
phk
fd0bad29ea Make it possible to specify also via geom_t ID in the geom.ctl config ioctl.
Sponsored by:	DARPA & NAI Labs.
2002-10-20 08:42:18 +00:00
scottl
710948de69 After much delay and anticipation, welcome RAIDFrame into the FreeBSD
world.  This should be considered highly experimental.

Approved-by:	re
2002-10-20 08:17:39 +00:00
obrien
63bd46464d We HAVE_STPCPY now. 2002-10-20 07:50:20 +00:00
alc
8e471edd49 - Lock page queue accesses in pmap_release(). 2002-10-20 07:19:25 +00:00
marcel
d91408e73a Remove the special casing for IP addresses that are within the IVT
or the do_syscall() function. We have unwind directives to stop the
unwinder.
2002-10-20 06:03:05 +00:00
marcel
446c299a31 Define IVT_ENTRY and IVT_END as special versions of ENTRY and END
for defining vectors. As a result, each vector will be a global
function with unwind directives to notify the unwinder that we're
in an interrupt handler. In the debugger this will show up something
like:

Debugger(0xe000000000a211d8, 0xe000000000748960) at Debugger+0x31
panic(0xe000000000a36858, 0xe0000000021d32d0, 0xe000000000ae42e8, ...
trap(0x14, 0x100000, 0xe0000000021d32d0, 0x0, 0xa0000000002095f0, ...
ivt_Data_TLB(0x14, 0x100000, 0xe0000000021d32d0) at ivt_Data_TLB+0x1f0
2002-10-20 06:00:09 +00:00
tjr
a80071534e Cross-reference fmtcheck(3). 2002-10-20 03:56:37 +00:00
rwatson
d9307dee7e If MAC_MAX_POLICIES isn't defined, don't try to define it, just let the
compile fail.  MAC_MAX_POLICIES should always be defined, or we have
bigger problems at hand.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-20 03:41:09 +00:00
grog
0d45c270ec Sort by date. 2002-10-20 02:20:31 +00:00
grog
3ba403b020 Clarify holidays which apply only to the USA
Clarify that the USSR no longer exists, but some of the holidays are
celebrated anyway.

Reviewed in part by:	ru

Remove Jewish and most Muslim holidays.  They're all wrong, since they
don't apply to the Western calendar.  The much more complete Jewish
holidays are in calendar.judaic.  The Muslim holidays need to be
collected into a file, but there's not much point in having the wrong
date.

Remove many Fiji holidays.  They change every year by Government
decree, and some were duplicated as a result.

Remove some duplicates.

There's still a lot to be done; in particular, I think the Japanese
and British holidays are very inaccurate.  This file needs checking by
people who know the details.
2002-10-20 02:12:46 +00:00
gioria
ce97c816c1 New sections translated 2002-10-19 23:27:32 +00:00
kan
d675c525c1 Change the symbol lookup order to search RTLD_GLOBAL objects
before referencing object's DAG. This makes it possible for
C++ exceptions to work across shared libraries and brings
us closer to the search order used by Solaris/Linux.

Reviewed by:	jdp
Approved by:	obrien
MFC after:	1 month
2002-10-19 23:03:35 +00:00
peter
90a2f4ba9a Give in on the __sF stuff. I have a better fix in mind that is future
proof, but this should buy me some time for now.
2002-10-19 22:28:07 +00:00
peter
a75c662939 Stake a claim on 418 (__xstat), 419 (__xfstat), 420 (__xlstat) 2002-10-19 22:25:31 +00:00
mux
e534fcd484 Put back NORMAL_C_NOWERROR, it was actually used.
Pointy hat to:	mux
2002-10-19 22:24:43 +00:00
kan
4f485751b7 umap_sync is empty and is identical to vfs_stdsync. Remove it and
use generic function instead.

Approved by:	obrien
2002-10-19 22:22:42 +00:00
kan
5b0d8c1af4 style(9)
Approved by:	obrien
2002-10-19 22:12:19 +00:00
peter
6f9d4eb337 Grab 416/417 real estate before I get burned while testing again.
This is for the not-quite-ready signal/fpu abi stuff.  It may not see
the light of day, but I'm certainly not going to be able to validate it
when getting shot in the foot due to syscall number conflicts.
2002-10-19 22:09:23 +00:00
kan
59d5e4480c Whitespace fixes per style(9)
Approved by:	obrien
2002-10-19 21:58:11 +00:00
gioria
bc3fa32a80 New translations 2002-10-19 21:49:09 +00:00
phk
87dddbb476 Add the manual page which explains how gbde works and which bits it is
composed off.

Sponsored by:	DARPA & NAI Labs.
2002-10-19 21:44:57 +00:00
blackend
dcc30834b3 Fix the path to the make.conf example file.
PR:		docs/44278
Submitted by:	Chris Pepper <pepper@rockefeller.edu>
2002-10-19 21:34:50 +00:00
rwatson
6fe81fed62 Set the NOMACCHECK flag for namei()'s generated by the NFS server code.
We currently don't enforce protections on NFS-originated VOP's.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-19 21:27:40 +00:00
gioria
880b6632f2 New translation 2002-10-19 21:27:09 +00:00
rwatson
615a42874b Add a new 'NOMACCHECK' flag to namei() NDINIT flags, which permits the
caller to indicate that MAC checks are not required for the lookup.
Similar to IO_NOMACCHECK for vn_rdwr(), this indicates that the caller
has already performed all required protections and that this is an
internally generated operation.  This will be used by the NFS server
code, as we don't currently enforce MAC protections against requests
delivered via NFS.

While here, add NOCROSSMOUNT to PARAMASK; apparently this was used at
one point for name lookup flag checking, but isn't any longer or it
would have triggered from the NFS server code passing it to indicate
that mountpoints shouldn't be crossed in lookups.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-19 21:25:51 +00:00
rwatson
4c2d375ca4 Regen from addition of execve_mac placeholder. 2002-10-19 21:15:10 +00:00
marcel
d8d309f454 Implement the CDROMREADAUDIO ioctl. 2002-10-19 21:11:43 +00:00
rwatson
f3cd77cf07 Add a placeholder for the execve_mac() system call, similar to SELinux's
execve_secure() system call, which permits a process to pass in a label
for a label change during exec.  This permits SELinux to change the
label for the resulting exec without a race following a manual label
change on the process.  Because this interface uses our general purpose
MAC label abstraction, we call it execve_mac(), and wrap our port of
SELinux's execve_secure() around it with appropriate sid mappings.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-19 21:06:57 +00:00
rwatson
ae81971478 Drop in the MAC check for file creation as part of open().
Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-19 20:56:44 +00:00
rwatson
08f5fce118 Make sure to clear the 'registered' flag for MAC policies when they
unregister.  Under some obscure (perhaps demented) circumstances,
this can result in a panic if a policy is unregistered, and then someone
foolishly unregisters it again.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-19 20:30:12 +00:00
rwatson
91dee1ecbb Hook up most of the MAC entry points relating to file/directory/node
creation, deletion, and rename.  There are one or two other stray
cases I'll catch in follow-up commits (such as unix domain socket
creation); this permits MAC policy modules to limit the ability to
perform these operations based on existing UNIX credential / vnode
attributes, extended attributes, and security labels.  In the rename
case using MAC, we now have to lock the from directory and file
vnodes for the MAC check, but this is done only in the MAC case,
and the locks are immediately released so that the remainder of the
rename implementation remains the same.  Because the create check
takes a vattr to know object type information, we now initialize
additional fields in the VATTR passed to VOP_SYMLINK() in the MAC
case.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-19 20:25:57 +00:00
gioria
0a95b481d9 SGML-ise accents 2002-10-19 20:07:01 +00:00
marcel
c0de70c997 Remove the _ia64_unwind_start and _ia64_unwind_end symbols. We now
find the unwind table through the ELF program headers.
2002-10-19 19:32:21 +00:00
marcel
2a53e50eeb Update the unwind information when modules are loaded and unloaded
by using the linker hooks. Since these hooks are called for the
kernel as well, we don't need to deal with that with a special
SYSINIT. The initialization implicitly performed on the first
update of the unwind information is made explicit with a SYSINIT.
We now don't need the _ia64_unwind_{start|end} symbols.
2002-10-19 19:30:38 +00:00
marcel
d35d608c07 Add two hooks to signal module load and module unload to MD code.
The primary reason for this is to allow MD code to process machine
specific attributes, segments or sections in the ELF file and
update machine specific state accordingly. An immediate use of this
is in the ia64 port where unwind information is updated to allow
debugging and tracing in/across modules. Note that this commit
does not add the functionality to the ia64 port. See revision 1.9
of ia64/ia64/elf_machdep.c.

Validated on: alpha, i386, ia64
2002-10-19 19:16:03 +00:00
marcel
c5e66cd2c6 Reduce code duplication by moving the common actions in
link_elf_init(), link_elf_link_preload_finish() and
link_elf_load_file() to link_elf_link_common_finish().
Since link_elf_init() did initializations as a side-effect
of doing the common actions, keep the initialization in
that function. Consequently, link_elf_add_gdb() is now also
called to insert the very first link_map() (ie the kernel).
2002-10-19 18:59:33 +00:00
marcel
6af943a484 Non-functional change in preparation of the next commit:
Move link_elf_add_gdb(), link_elf_delete_gdb() and link_elf_error()
near the top of the file. The *_gdb() functions are moved inside
the #ifdef DDB already present there.
2002-10-19 18:43:37 +00:00
alc
22918c79b0 Complete the page queues locking needed for the page-based copy-
on-write (COW) mechanism.  (This mechanism is used by the zero-copy
TCP/IP implementation.)
 - Extend the scope of the page queues lock in vm_fault()
   to cover vm_page_cowfault().
 - Modify vm_page_cowfault() to release the page queues lock
   if it sleeps.
2002-10-19 18:34:39 +00:00
phk
1ca1d78db8 Fix a missing initialization. 2002-10-19 17:19:41 +00:00
phk
f4a1c1173b Add Geom Based Disk Encryption to the tree.
This is an encryption module designed for to secure denial of access
to the contents of "cold disks" with or without destruction activation.

Major features:

   * Based on AES, MD5 and ARC4 algorithms.
   * Four cryptographic barriers:
        1) Pass-phrase encrypts the master key.
        2) Pass-phrase + Lock data locates master key.
        3) 128 bit key derived from 2048 bit master key protects sector key.
        3) 128 bit random single-use sector keys protect data payload.
   * Up to four different changeable pass-phrases.
   * Blackening feature for provable destruction of master key material.
   * Isotropic disk contents offers no information about sector contents.
   * Configurable destination sector range allows steganographic deployment.

This commit adds the kernel part, separate commits will follow for the
userland utility and documentation.

This software was developed for the FreeBSD Project by Poul-Henning Kamp and
NAI Labs, the Security Research Division of Network Associates, Inc.  under
DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS
research program.

Many thanks to Robert Watson, CBOSS Principal Investigator for making this
possible.

Sponsored by:   DARPA & NAI Labs.
2002-10-19 17:02:17 +00:00
rwatson
b98187d339 Permits UFS ACLs to be used with the GENERIC kernel. Due to recent
ACL configuration changes, this shouldn't result in different code paths
for file systems not explicitly configured for ACLs by the system
administrator.  For UFS1, administrators must still recompile their
kernel to add support for extended attributes; for UFS2, it's sufficient
to enable ACLs using tunefs or at mount-time (tunefs preferred for
reliability reasons).  UFS2, for a variety of reasons, including
performance and reliability, is the preferred file system for use with
ACLs.

Approved by:	re
2002-10-19 16:54:15 +00:00
mux
b642891c54 - Remove ${NORMAL_C_NOWERROR}, it is not used anymore. To build
without -Werror, we do "make WERROR=", which doesn't need this
  variable.
- Use ${.IMPSRC} instead of $< in ${NORMAL_M} for consistency with
  the rest of the file.
- Add ${WERROR} for the ${NORMAL_M} case.

Tested on:	i386, sparc64
2002-10-19 16:47:13 +00:00
sam
7a49e303c4 Fixups to get make release going again for i386:
o mount (and unmount) devfs in the chroot'd filesystem
o handle umounting devfs in case of a keyboard interrupt
o remove MAKEDEV from the fixit floppy so things fit again (mount_devfs was
  added in a separate commit)
o explicitly remove mfsroot.gz and loader.conf when building the cd-rom area
  as otherwice cp -Rp aborts when a previous run left identical files around
o increase the number of inodes on the drivers floppy; moving drivers from
  the kernel there (to shrink it's size) caused things to overflow
o while we're increasing the driver's floppy inode config, separate out all
  parameters from the boot floppy

Approved by:	re
2002-10-19 16:44:16 +00:00