NAI.
Add cautionary notes on the experimental status of the MAC Framework
in FreeBSD 5.0.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
largely submitted by bde. Return our exemption of the #ifdef lint
comments since the exemption is intended to handle a particularly
common current case without mandating change. Improve language and
spelling, and slightly clarify the notions associated specifically
with #elif.
Obtained from: bde
The closing comment is required only for long conditionally defined
code sections, with the exception of lint cases. Attempt to document
also the logic for using '!' before the SOMETIMESSOMETHGINGHERE.
The goal of these comments is to make complex cases more
comprehensible, not to require them in all cases. The rules here are
derived from behavior used in 90+% of the kernel source code.
Reviewed by and discussed with: jhb, bde, mike
associated with the TrustedBSD MAC Framework, as well as some credits
to developers and contributors.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
which may surprise developers coming from Solaris, or other platforms
which have a similar interface, but slightly different rules.
Reviewed by: jhb, ru
o describe additional argument in driver callbacks
o describe flow-control mechanism for processing crypto requests
o remove old cruft
o remove openbsd-specific cruft
o fixup some references
o yada yada ...
One bug fixed: Use getmicrouptime() to trigger reseeds so that we
cannot be tricked by a clock being stepped backwards.
Express parameters in natural units and with natural names.
Don't use struct timeval more than we need to.
Various stylistic and readability polishing.
Introduce arc4rand(void *ptr, u_int len, int reseed) function which
returns a stream of pseudo-random bytes, observing the automatic
reseed criteria as well as allowing forced reseeds.
Rewrite arc4random() in terms of arc4rand().
Sponsored by: DARPA & NAI Labs.
Capitalize the first letter of the descriptions for the entries in the ERRORS
section if they are complete sentences and end the sentences with periods.
and adjacent tokens in declarations.
The added text was originally a single sentence I wrote and which
was heavily modified and extended by Bruce Evans.
This clarification attempt originates from differing usage of the
'restrict' type-qualifier.
Although various documents documents dicussing the C Programming
Language put a space between an asterisk and the 'restrict' keyword,
including the C99 standard (at least the n869.txt draft) and other
ISO/IEC JTC1/SC22/WG14 documents, the IEEE Std 1003.1-2001 document
does not separate them.
Discussed with: bde
Requested by: tjr
Separation using a single space also liked by: mike
which became wrong after using do { } while (0) became recommended.
Move the definition of what braces are to their new first occurrence.
Reviewed by: bde
since apparently people were missing that you aren't supposed to access
the name buffer following namei() unless you specify one of these flags.
Pointed out by: green
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
including documenting that ucreds must not be pulled out of thin air,
when to use td_cred vs. p_ucred, how to avoid race conditions in
credential updates, and why to use p_ucred when targetting a thread
or process in an access control operation involving two processes.
Reviewed by: julian, jhb (earlier revision)