Commit Graph

82647 Commits

Author SHA1 Message Date
Robert Watson
bf139e9706 License: update, remove clause three of BSD license per approval of
NAI.

Add cautionary notes on the experimental status of the MAC Framework
in FreeBSD 5.0.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-04 18:11:17 +00:00
Robert Watson
743d9c6a2d Implement mpo_check_system_acct and mpo_check_system_settime() for Biba:
require Biba privilege to configure either, and require that accounting
files be high integrity.  Note that this does allow implicit information
flow from low to high integrity, but it also protects the integrity
of accounting data.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-04 17:50:52 +00:00
Gordon Tetlow
e2b57789f8 Hook the new nextboot(8) manpage up to the build. 2002-11-04 17:39:54 +00:00
Robert Watson
1980cf9b79 Correct use of mac_biba_subject_privileged() in swapon() code.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-04 17:36:47 +00:00
Gordon Tetlow
b277773de2 Add a nextboot manual page.
Spotted by:	brandt@fokus.gmd.de
2002-11-04 17:35:22 +00:00
John Baldwin
70accddf26 Move the modules in the mfsroot to /modules instead of /stand/modules so
that they aren't copied over into /stand of new installations.

Submitted by:	matusita
Tested on:	i386
2002-11-04 15:44:57 +00:00
Robert Watson
e5e820fd1f Permit MAC policies to instrument the access control decisions for
system accounting configuration and for nfsd server thread attach.
Policies might use this to protect the integrity or confidentiality
of accounting data, limit the ability to turn on or off accounting,
as well as to prevent inappropriately labeled threads from becoming nfs
server threads.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-04 15:13:36 +00:00
Peter Pentchev
d5e4b2427a Update the list of FTP mirrors to reflect the current situation.
Reviewed by:    -doc, -hubs
Approved by:    silence on -doc, -hubs
2002-11-04 15:06:09 +00:00
Robert Watson
3da87a65c7 Remove mac_cache_fslabel_in_vnode sysctl -- with the new VFS/MAC
construction, labels are always cached.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-04 14:55:14 +00:00
Yoshihiro Takahashi
977a68cc93 Use ${RD}/trees/base/boot/loader for kern.flp instead of /boot/loader. 2002-11-04 12:26:44 +00:00
Poul-Henning Kamp
a9ed5e1173 Polish a bit here and there.
Reenable the geom.ctl device so people can play with gbde.

Sponsored by:	DARPA & NAI Labs
2002-11-04 09:31:02 +00:00
Poul-Henning Kamp
5afa461402 Run a revision on the GBDE encryption facility.
Replace ARC4 with SHA2-512.
Change lock-structure encoding to use random ordering rather for obscurity.
Encrypt lock-structure with AES/256 instead of AES/128.
Change kkey derivation to be MD5 hash based.
Watch for malloc(M_NOWAIT) failures and ditch our cache when they happen.
Remove clause 3 of the license with NAI Labs consent.

Many thanks to "Lucky Green" <shamrock@cypherpunks.to> and "David
Wagner" <daw@cs.berkeley.edu>, for code reading, inputs and
suggestions.

This code has still not been stared at for 10 years by a gang of
hard-core cryptographers.  Discretion advised.

NB: These changes result in the on-disk format changing: dump/restore needed.

Sponsored by:   DARPA & NAI Labs.
2002-11-04 09:27:01 +00:00
Maxim Konovalov
0bd7c043ab Add OpenBSD 3.2.
Submitted by:	Sergey A. Osokin <osa@freebsd.org.ru>
MFC after:	1 week
2002-11-04 09:19:24 +00:00
Yoshihiro Takahashi
491c738485 Added install documentation for pc98. 2002-11-04 08:45:31 +00:00
Mark Murray
44b308453a Restore /var/games; lots of ports' games use it. 2002-11-04 07:50:48 +00:00
Kirk McKusick
5878393060 Add debug.doslowdown to enable/disable niced slowdown on I/O. Default
to off until locking interference issues get sorted out.

Sponsored by:   DARPA & NAI Labs.
2002-11-04 07:29:20 +00:00
Tim J. Robbins
e30609f0b6 Add descriptions for some _PC_* variables from <sys/unistd.h> that
were missing.
2002-11-04 07:21:44 +00:00
Tim J. Robbins
745d94fc5f Cross-reference setfacl(1). 2002-11-04 06:46:53 +00:00
Poul-Henning Kamp
4b787a3959 Reject slices where begin == end.
Remove clause 3 from the license with NAI Labs consent.

Sponsored by:	DARPA & NAI Labs
2002-11-04 06:30:38 +00:00
Poul-Henning Kamp
a5b0a0ca37 Remove clause 3 in the license with NAI's consent.
Reject slices with type==0.
Diddle the bootverbose printfs.

Sponsored by:	DARPA & NAI Labs
2002-11-04 06:29:05 +00:00
Alfred Perlstein
ac1cc6ee11 Backout "compatibility hack" for __sF.
Requested by: Steve Kargl <sgk@troutmask.apl.washington.edu> (submitter)
2002-11-04 03:23:56 +00:00
Warner Losh
518792d85c Detach the pccard bus children when we eject a 16-bit card, not the
32-bit ones.  This was introduced in the last commit.
2002-11-04 03:01:56 +00:00
Robert Watson
372360693d Update licenses and wording: NAI has authorized the removal of clause three
of their BSD-style license; also, carry out the NAI Labs -> Network
Associates Laboratories renaming in these files.
2002-11-04 02:35:46 +00:00
Robert Watson
dc858fcabe License and wording updates: NAI has authorized the removal of clause
three from their BSD-style license.  Also, s/NAI Labs/Network Associates
Laboratories/.
2002-11-04 01:53:12 +00:00
Robert Watson
6201265be7 License clarification and wording changes: NAI has approved removal of
clause three, and NAI Labs now goes by the name Network Associates
Laboratories.
2002-11-04 01:42:39 +00:00
Marcel Moolenaar
710d4ca371 Add the necessary tweaks for FreeBSD/ia64 releases. Note that this is
in no way final. A typical ia64 wart is that there are no boot blocks.
Instead, we need to create disks with EFI partitions if we want auto
boot to work. All this functionality is not present yet.
2002-11-04 00:50:01 +00:00
Marcel Moolenaar
fb584e4841 Add GPT entry types for partitions we're likely to encounter in the
wild. These include MS partitions and Linux partitions. At this time
there's no evidence that HP-UX uses GPT.
2002-11-03 23:53:42 +00:00
Scott Long
fb404d6fcf Hook the aic7xxx modules up. This requires some extra care since aicasm
is a compiler tool and needs to be compiled by the host compiler.  I've
tested this in i386->sparc cross-build, 4.7->current upgrade, normal
buildkernel target, and normal /sys/i386/compile/GENERIC configurations.

Submitted by:	ru
2002-11-03 23:48:14 +00:00
Tim J. Robbins
4e65ab954d - Consistent use of warn() vs. perror().
- Gracefully handle the case where standard input is missing
  a newline at EOF.
- Exit with status 1 instead of -1 (really 255) on error.
- Add a Diagnostics section to the manual page documenting
  exit status.

Approved by:	rwatson
2002-11-03 23:22:34 +00:00
Alan Cox
c71f01affe - Remove the memory allocation for the object/offset hash table
because it's no longer used.  (See revision 1.215.)
 - Fix a harmless bug: the number of vm_page structures allocated wasn't
   properly adjusted when uma_bootstrap() was introduced.  Consequently,
   we were allocating 30 unused vm_page structures.
 - Wrap a long line.
2002-11-03 22:20:42 +00:00
Ceri Davies
26bfc47f86 Improve some questionable grammar. 2002-11-03 22:06:48 +00:00
Poul-Henning Kamp
fb8b107e52 Correctly recognize both bogus and genuine BSD disklabels.
Don't expect me to participate in a discussion which is which.

Sponsored by:	DARPA & NAI Labs.
2002-11-03 21:47:55 +00:00
John Baldwin
da58ad34ef Remove unused MBR gunk leftover from i386. 2002-11-03 21:18:17 +00:00
Udo Erdelhoff
727f6793dd early-adopter/article.sgml: translation fixes
relnotes/common/new.sgml:   1.446 -> 1.448
2002-11-03 12:32:43 +00:00
Mitsuru IWASAKI
9bb04eb483 Add status initialization code for acpi_cmbat and acpi_acad,
acpi_cmbat_init_battery() and acpi_cmbat_init_acline() respectively.
Call acpi_cmbat_init_battery() from acpi_cmbat_resume() too just in
case.
This is a workaround for embedded controller operations which is
unstable for about a minute (typically 30 or 40 sec.) at boot time.
2002-11-03 10:49:24 +00:00
Hidetoshi Shimokawa
3592796a98 Enable if_fwe. 2002-11-03 10:41:30 +00:00
Yoshihiro Takahashi
676777ed92 - Added the MenuIPLType menu for selecting pc98 boot IPL.
- Disabled 'Syscons, Font', 'Syscons, Screenmap' and 'Syscons, Ttys' menus
  on pc98.
- Fixed the MenuMouseType and MenuMousePort menus for pc98.
- Fixed some comments for pc98.
2002-11-03 10:06:22 +00:00
Yoshihiro Takahashi
0932c866b6 Fix to compile for pc98. 2002-11-03 09:35:08 +00:00
Scott Long
d702a8542a Bring newfs_msdos into the GEOM world. Totally rewrite and simplify
getdiskinfo().  For the fixed-disk case, bpb->hid probably isn't
handled correctly, but I'm not sure if this is a serious problem since
the primary use of this program is to format floppy disks.

Reviewed by:    phk
2002-11-03 08:54:46 +00:00
Tim J. Robbins
dd9aaeb0f7 Print a `+' character after the standard UNIX permission fields in long
listings if the file has an extended ACL (more than the required 3 entries).
This is what Solaris and IRIX do, and what the withdrawn POSIX.2c standard
required.

Reviewed by:	rwatson (an earlier version of the patch)
2002-11-03 07:29:08 +00:00
Yoshihiro Takahashi
7fa62ecb09 Add hints for wd1, wd2 and wd3. 2002-11-03 06:52:43 +00:00
Robert Watson
4b8d5f2d97 Introduce mac_check_system_settime(), a MAC check allowing policies to
augment the system policy for changing the system time.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-03 02:39:42 +00:00
Marcel Moolenaar
62b693d7db Initialize d->bios_cyl. We know the media size in sectors, the number
of heads end the number of sectors per track. If there's an obvious
insanity (heads and sectors are both zero or the media size is not
an integral multiple of heads times sector) we set the number of
cylinders to zero.
2002-11-03 01:37:08 +00:00
Robert Watson
0d89ccd7d5 Change privilege model for mac_partition such that BSD superuser can change
the partition once a partition has been set.  This is required for correct
operation of sendmail between partitions.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-03 00:53:03 +00:00
Greg Lehey
9aba5a2cdb Remove entry for All Saints' in Portugal. While it's correct, All
Saints' is celebrated in all Christian countries, and there's already
another entry.
2002-11-03 00:37:04 +00:00
Robert Watson
bcedbf7819 X-ref clock_gettime(2). 2002-11-02 23:59:02 +00:00
Robert Watson
fabb3caa9e Sync to src/sys/kern/syscalls.master 2002-11-02 23:55:30 +00:00
Robert Watson
01ce3b5661 Regen from yesterday's system call placeholder rename. 2002-11-02 23:54:36 +00:00
Warner Losh
bcaa6b0541 MFp4:
o Always release the resources on device detach.
o Attach resources the same with driver added as we do we do in the insert
  case (maybe this should be a routine).
o signal the wakeup of the thread on resume instead of trying to force an
  interrupt.
o Minor debug hacks.
o use 0xffffffff instead of -1 for uint32_t items.
o Don't complain when we're asked to detach no cards.  This is normal.
o Eliminate the now worthless second parameter to card_detach_card.
o minor style(9)isms

Some of these patches may be from: iwasaki-san, jhb, iadowse
2002-11-02 23:00:28 +00:00
Alan Cox
151113a946 Catch up with the removal of the vm page buckets spin mutex. 2002-11-02 22:42:18 +00:00