Commit Graph

823 Commits

Author SHA1 Message Date
Chris Costello
2699228f1e Activate mac_biba.9
Approved by:	re
Sponsored by:	DARPA, Network Associates Labs
2002-11-20 22:28:20 +00:00
Chris Costello
36e4f12d71 Document the Biba MAC policy.
Approved by:	re
Sponsored by:	DARPA, NAI Labs
Obtained from:	TrustedBSD Project
2002-11-20 22:26:58 +00:00
Alfred Perlstein
4919e8cbe9 Flesh out the description of the uma_zcreate callback function arguements
a bit.  As there may be changes soon we're still a bit vague unfortunatly.
2002-11-18 01:11:58 +00:00
Robert Watson
bf139e9706 License: update, remove clause three of BSD license per approval of
NAI.

Add cautionary notes on the experimental status of the MAC Framework
in FreeBSD 5.0.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-04 18:11:17 +00:00
Robert Watson
efbc63a783 Further clarifications of the #ifdef/#if/#elif/#endif style information,
largely submitted by bde.  Return our exemption of the #ifdef lint
comments since the exemption is intended to handle a particularly
common current case without mandating change.  Improve language and
spelling, and slightly clarify the notions associated specifically
with #elif.

Obtained from:	bde
2002-11-01 16:20:31 +00:00
Chris Costello
2c26594d26 o Change .Nd to be less redundant and more consistent with upcoming policy
man pages.
o Move a misplaced comment.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Labs
2002-10-29 00:21:03 +00:00
Robert Watson
5ab0c4ceeb Clarify style(9) WRT comments following #endif, #else.
The closing comment is required only for long conditionally defined
code sections, with the exception of lint cases.  Attempt to document
also the logic for using '!' before the SOMETIMESSOMETHGINGHERE.
The goal of these comments is to make complex cases more
comprehensible, not to require them in all cases.  The rules here are
derived from behavior used in 90+% of the kernel source code.

Reviewed by and discussed with:	jhb, bde, mike
2002-10-28 19:33:22 +00:00
Robert Watson
64027e4d85 Add mac(9), a man page providing a basic introduction to the concepts
associated with the TrustedBSD MAC Framework, as well as some credits
to developers and contributors.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-10-21 23:51:18 +00:00
Andrew Gallatin
777bca5e20 Add some documentation of FreeBSD's special synchronization quirks
which may surprise developers coming from Solaris, or other platforms
which have a similar interface, but slightly different rules.

Reviewed by: jhb, ru
2002-10-21 12:54:13 +00:00
Chris Costello
19eec4135d Move .Os to its proper location in the document. 2002-10-20 19:44:36 +00:00
Benno Rice
6771685b7a Update the documentation for kthread_create to include the pages argument.
Reviewed by:	sheldonh
Forgotten by:	scottl
2002-10-19 01:39:44 +00:00
Chris Costello
6bc41f415a Add a new man page describing the mac_bsdextended policy.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-10-18 05:40:48 +00:00
Ruslan Ermilov
7621fdab1a mdoc(7) police: markup and spelling fixes.
Prodded by:	phk
2002-10-16 16:46:58 +00:00
Mike Barcroft
31cfc49a4e Remove the posix4(9) manual. It no longer contains relevant
information.
2002-10-16 14:24:41 +00:00
Sam Leffler
1403a8c73e update to better reflect reality:
o describe additional argument in driver callbacks
o describe flow-control mechanism for processing crypto requests
o remove old cruft
o remove openbsd-specific cruft
o fixup some references
o yada yada ...
2002-10-14 20:23:41 +00:00
Jeff Roberson
d627754a07 - Add a reference to ktrdump(8)
- Remove the stale comments about ktr extend.
2002-10-12 03:01:11 +00:00
John Baldwin
a3672eee7a SWI_SWITCH and SWI_NOSWITCH were OBE a long time ago. 2002-10-11 19:45:19 +00:00
Mike Barcroft
2b7f24d210 Change iov_base's type from char *' to the standard void *'. All
uses of iov_base which assume its type is `char *' (in order to do
pointer arithmetic) have been updated to cast iov_base to `char *'.
2002-10-11 14:58:34 +00:00
Poul-Henning Kamp
2c38619b52 Slight overhaul of arc4random() and friends.
One bug fixed:  Use getmicrouptime() to trigger reseeds so that we
cannot be tricked by a clock being stepped backwards.

Express parameters in natural units and with natural names.

Don't use struct timeval more than we need to.

Various stylistic and readability polishing.

Introduce arc4rand(void *ptr, u_int len, int reseed) function which
returns a stream of pseudo-random bytes, observing the automatic
reseed criteria as well as allowing forced reseeds.

Rewrite arc4random() in terms of arc4rand().

Sponsored by:   DARPA & NAI Labs.
2002-10-11 13:13:08 +00:00
Alfred Perlstein
9e9715e9c0 de-__P() 2002-10-10 00:32:55 +00:00
Sam Leffler
f4bf433552 manual pages for the new kernel crypto support (need work)
Obtained from:	openbsd
2002-10-04 20:43:30 +00:00
Poul-Henning Kamp
c5f9218b48 Add the new function "sbuf_done()" which returns non-zero if the sbuf is
finished.

This allows sbufs to be used for request/response scenarioes without
needing additional communication flags.

Sponsored by:	DARPA & NAI Labs.
2002-10-04 09:58:17 +00:00
Dima Dorfman
e767e97d74 Correct minor errors in the code examples.
PR:		41993
Submitted by:	David Lay <dsl@foozle.org>
2002-10-01 23:35:33 +00:00
Poul-Henning Kamp
97c662f817 Document that ENOTTY is the correct "default" error return; 2002-09-26 14:10:21 +00:00
John Baldwin
660e41d37f Remove all mention of MTX_NOSWITCH. It was obsoleted a long time ago. 2002-09-24 20:45:58 +00:00
Don Lewis
394739140c The file vnode passed to VOP_LINK() should now be locked before the call. 2002-09-19 13:34:50 +00:00
Don Lewis
81f8d226f9 Convert descriptions in the ERRORS section to full sentences if they
were not full sentences, elaborating as necessary.
2002-09-18 22:12:43 +00:00
Poul-Henning Kamp
0b1c0994a5 Add m_fixhdr() and m_length(). 2002-09-18 20:04:30 +00:00
Don Lewis
cc25845767 Style and markup changes only.
Capitalize the first letter of the descriptions for the entries in the ERRORS
section if they are complete sentences and end the sentences with periods.
2002-09-18 09:34:01 +00:00
Don Lewis
4f0ef11192 Update man page to reflect current implementation.
List all of the error returns shown in the example code in the ERRORS
section.
2002-09-17 08:31:43 +00:00
Don Lewis
691d7d0915 Fix a hard sentence break. 2002-09-17 08:24:15 +00:00
Nate Lawson
8723b451f9 Start new sentence with newline.
Suggested by: jhb
2002-09-16 19:53:51 +00:00
Nate Lawson
8c3308035a Update man page for enum -> const char * change for v_tag 2002-09-16 18:16:07 +00:00
Robert Watson
58616b1c69 s/VOP_NULL/VATTR_NULL/ 2002-09-14 03:32:57 +00:00
Robert Drehmel
3b12885314 Add a paragraph which should clarify the separation of asterisks
and adjacent tokens in declarations.
The added text was originally a single sentence I wrote and which
was heavily modified and extended by Bruce Evans.

This clarification attempt originates from differing usage of the
'restrict' type-qualifier.
Although various documents documents dicussing the C Programming
Language put a space between an asterisk and the 'restrict' keyword,
including the C99 standard (at least the n869.txt draft) and other
ISO/IEC JTC1/SC22/WG14 documents, the IEEE Std 1003.1-2001 document
does not separate them.

Discussed with:		bde
Requested by:		tjr
Separation using a single space also liked by:	mike
2002-09-10 14:48:38 +00:00
Tony Finch
3e30ca7b1c Remove a sentence about wrapping macro definitions in bare braces,
which became wrong after using do { } while (0) became recommended.
Move the definition of what braces are to their new first occurrence.

Reviewed by:	bde
2002-09-10 10:54:39 +00:00
Chad David
78ae381517 Note that siginit() does not cause every signal to be ignored only the
ones with a default property of SA_IGNORE, and that it acquires and
releases the processes lock.
2002-09-07 06:07:55 +00:00
Robert Drehmel
00f9b68295 Expand a contraction in the text of style(9) for consistency.
Do not touch contractions in comments of code examples because
their usage seems to be justified by space contraints.
2002-09-06 10:53:57 +00:00
Maxim Sobolev
d1831a621a Last missed bit of user-setable promisc mode.
Pointy hat to:  sobomax
MFC after:      1 day
2002-08-28 07:24:20 +00:00
Chris Costello
4e1e73eb94 Remove a repeated word.
Submitted by:	horikawa
2002-08-25 07:13:05 +00:00
Warner Losh
f46ccb5625 Suggest that function prototypes in kernel headers be alphabetical,
unless there's a compelling reason to deviate.

Submitted by: Don Lewis
Suggestion not objected to by: developers@
2002-08-21 06:58:21 +00:00
Maxim Sobolev
62f7648682 Increase size of ifnet.if_flags from 16 bits (short) to 32 bits (int). To avoid
breaking application ABI use unused ifreq.ifru_flags[1] for upper 16 bits in
SIOCSIFFLAGS and SIOCGIFFLAGS ioctl's.

Reviewed by:	-hackers, -net
2002-08-18 07:05:00 +00:00
Maxime Henrion
9ca5db2fe1 Fix typo. 2002-08-15 13:11:35 +00:00
Ruslan Ermilov
75aee0b96c mdoc(7) police: nits. 2002-08-13 15:01:26 +00:00
Ruslan Ermilov
6c8c60988b mdoc(7) police: typos. 2002-08-13 14:57:33 +00:00
Ruslan Ermilov
635e2e682b mdoc(7) police: nit. 2002-08-13 14:52:41 +00:00
Ruslan Ermilov
e6d3dae8cd mdoc(7) police: tidy up formatting. 2002-08-13 14:51:17 +00:00
Warner Losh
b294c6a39a Clarify the sizeof(var) rule. This is the result of the consensus in
arch@ between myself, bde and markm.  I kept the parts that all of us
agreed to, and omitted some more extensive text that I'd originally
wanted.
2002-07-25 00:30:24 +00:00
Robert Watson
060c42c3d2 Mention SAVENAME and SAVESTART in the namei(9) operation flag description
since apparently people were missing that you aren't supposed to access
the name buffer following namei() unless you specify one of these flags.

Pointed out by:	green
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, NAI Labs
2002-07-23 13:16:36 +00:00
Robert Watson
fd3083e0f8 Update ucred.9 to talk a bit more about correct use of credentials,
including documenting that ucreds must not be pulled out of thin air,
when to use td_cred vs. p_ucred, how to avoid race conditions in
credential updates, and why to use p_ucred when targetting a thread
or process in an access control operation involving two processes.

Reviewed by:	julian, jhb (earlier revision)
2002-07-23 13:09:24 +00:00