Control) as a MAC Framework policy module. Unlike the existing
src/sys/security/lomac implementation, this one has its fingers out
of the kernel lock order and doesn't make use of flags in existing
kernel structures. This greatly reduces the quantity of replicated
code with src/sys/kern, simplifies the implementation (3000 vs 8500
lines), and correctes a number of known stability problems with
the existing LOMAC implementation, which will be removed. A bit
more hooking up to do here.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
instead of panicing. Also, perform some of the simpler sanity checks on
the fds before acquiring the filedesc lock.
Approved by: re
Reported by: Dan Nelson <dan@emsphone.com> and others
by policy modules making use of downgrades in the MAC AST event. This
is required by the mac_lomac port of LOMAC to the MAC Framework.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
for the -static flag instead when constructing LIBPAM.
(This fixes false warnings from ``make checkdpadd -DNOSHARED'' in
lib/libpam/modules/.)
Submitted by: bde, ru
Approved by: re
comparing two files, where only one file is missing the final newline
character. This undoes revisions 1.3 and 1.4, returning 'diff' to how
it behaved before July 2000. We can do this now because our version of
'patch' was modified (just before 4.6-release) to understand what to do
with that line. This marker is the same one generated by 'diff' under
netbsd, openbsd, darwin, and linux (and any OS with "gnu-diff" installed).
Reviewed by: imp freebsd-standards (back in april)
Approved by: re (bmah)
MFC after: 1 week
- If a PCI device is not present, then a 32-bit read_config() is going to
return 0xffffffff not 0xffff.
- For the 82454NX chipset, the MIOC that we read the bus numbers of the
various host-PCI bridges from is at function (slot) 0x10 not 0x0.
Approved by: re (rwatson)
A useless entry was removed, as per its comment.
Fixed a number of typos and grammos.
Old (pre-4.6) security advisories were marked as historic. Hyperlinks
were removed from these release notes to work around a buglet in
footnote numbering for printed output. These changes eliminated three
pages of only marginally-useful utility.
Clarify a note on procfs(5) mounts.
The games/freebsd-games port now exists, so refer to it when talking
about the removal of the traditional BSD games.
lukemftpd was deactivated, so remove its release note.
Add text on the demise of pkg_version -c.
Approved by: re (implicitly)
Properly sort options, spell "file system" correctly, expand contraction.
Catch up to the src/etc/syslog.conf,v 1.23 change: ftpd(8) session logs
are now by default get logged to /var/log/xferlog.
Approved by: re
device ppc
and
hint.ppc.0.at="isa"
hint.ppc.0.irq="7"
in /boot/device.hints to configure the ppc device.
Reviewed by: trhodes, ru
Approved by: re@ (rwatson)
1. Detect the revision of the Rhine chip we're using.
2. Use the force reset command on revisions which support
it whenever the normal reset command fails.
This should solve a wide range of "my vr0 locks up with reset
failed messages" problems. (Although the root causes should
be eventually tracked down.)
Tested by: grenville armitage <garmitage@swin.edu.au>
Obtained from: Via's if_fet driver
MFC after: 3 days
Approved by: re
