Commit Graph

143858 Commits

Author SHA1 Message Date
rwatson
e52e71cb6e Merge OpenBSM alpha 4 from OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge).  Add libauditd build parts and add to auditd's linkage;
force libbsm to build before libauditd.

OpenBSM history for imported revisions below for reference.

MFC after:      1 month
Sponsored by:   Apple Inc.
Obtained from:  TrustedBSD Project

OpenBSM 1.1 alpha 4

- With the addition of BSM error number mapping, we also need to map the
  local error number passed to audit_submit(3) to a BSM error number,
  rather than have the caller perform that conversion.
- Reallocate user audit events to avoid collisions with Solaris; adopt a
  more formal allocation scheme, and add some events allocated in Solaris
  that will be of immediate use on other platforms.
- Add an event for Calife.
- Add au_strerror(3), which allows generating strings for BSM errors
  directly, rather than requiring applications to map to the local error
  space, which might not be able to entirely represent the BSM error
  number space.
- Major auditd rewrite for launchd(8) support.  Add libauditd library
  that is shared between launchd and auditd.
- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for
  (re)starting auditing under launchd(8) on Mac OS X.
- Add 'current' symlink to active audit trail.
- Add crash recovery of previous audit trail file when detected on audit
  startup that it has not been properly terminated.
- Add the event AUE_audit_recovery to indicated when an audit trail file
  has been recovered from not being properly terminated.  This event is
  stored in the new audit trail file and includes the path of recovered
  audit trail file.
- Mac OS X and FreeBSD dependent code in auditd.c is separated into
  auditd_darwin.c and auditd_fbsd.c files.
- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system
  calls.
- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
- Add support for NOTICE level logging.

OpenBSM 1.1 alpha 3

- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
  between BSM error numbers (largely the Solaris definitions) and local
  errno(2) values for 32-bit and 64-bit return tokens.  This is required
  as operating systems don't agree on some of the values of more recent
  error numbers.
- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the
  total size for the token.  This buge.
- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.
2008-12-31 11:12:24 +00:00
maxim
21750937a7 o With -L flag show unix sockets listen queues stats. It is useful
to know number of not accepted connections for monitoring purposes.

PR:		bin/128871
Submitted by:	Anton Yuzhaninov
MFC after:	1 month
2008-12-31 08:56:49 +00:00
imp
c625343c9a When no driver attaches to a card, don't power down the card. We can
now read config registers of cardbus cards that are inserted, but
aren't attached to a driver.
Also, add a power related comment...
2008-12-31 07:41:42 +00:00
imp
9e74a27aaf There's no need to redundantly redefine atomicity.h. 2008-12-31 07:39:23 +00:00
imp
5d311ae349 First pass at 64-bit elf support 2008-12-31 07:38:04 +00:00
alc
81e94e0a4c Update or eliminate some stale comments. 2008-12-31 05:44:05 +00:00
ivoras
4136fd8892 Document the relationship between enum VM_GUEST and the vm_guest_sysctl_names
array.

Approved by:	gnn (original version)
2008-12-30 23:49:54 +00:00
alc
fa3b7c7db3 Avoid an unnecessary memory dereference in vm_map_entry_splay(). 2008-12-30 21:52:18 +00:00
marcus
0aba8d65ee Add a VOP_VPTOCNP implementation for pseudofs which covers file systems
such as procfs and linprocfs.

This implementation's locking was enhanced by kib.

Reviewed by:	kib
		des
Approved by:	des
		kib
Tested by:	pho
2008-12-30 21:49:39 +00:00
alc
c1be5ff444 Style change to vm_map_lookup(): Eliminate a macro of dubious value. 2008-12-30 20:51:07 +00:00
pho
2f6e82c78d Added missing second part of cleaning j->ip[46] as requested by bz
Approved by:	kib (mentor)
Pointy hat:	pho
2008-12-30 20:39:47 +00:00
brueffer
0d4d24d449 Add missing comma. 2008-12-30 20:31:37 +00:00
brueffer
ef29b651f7 Mdoc and wording improvements, also point to cpucontrol(8). 2008-12-30 20:26:16 +00:00
rpaulo
4dec0c1451 Disable USB bluetooth (needs netgraph built in) and USB audio (doesn't
compile).
2008-12-30 20:25:49 +00:00
brueffer
48216e44a5 Mdoc and wording improvements. 2008-12-30 20:16:33 +00:00
rpaulo
114967dedd Disable USB bluetooth (needs netgraph built in) and USB audio (doesn't
compile).
2008-12-30 20:13:20 +00:00
alc
96037be899 Move the implementation of the vm map's fast path on address lookup from
vm_map_lookup{,_locked}() to vm_map_lookup_entry().  Having the fast path
in vm_map_lookup{,_locked}() limits its benefits to page faults.  Moving
it to vm_map_lookup_entry() extends its benefits to other operations on
the vm map.
2008-12-30 19:48:03 +00:00
rpaulo
72636ca358 Add a kernel config file so that users have less difficulty testing
USBng.

If it makes sense, it could be done for arm/mips too.
2008-12-30 19:46:06 +00:00
kensmith
44b9b5f03e Oops, missed removing an 's' in previous rev.
Submitted by:	Jens Schweikhardt (schweikh <at> schweikhardt <dot> net)
2008-12-30 18:21:54 +00:00
pho
6e2644b311 Make sure that unused j->ip[46] are cleared
Reviewed by:	bz
Approved by:	kib (mentor)
2008-12-30 17:54:25 +00:00
kensmith
73a12ed274 Clean up this message a little bit. 2008-12-30 17:36:32 +00:00
kensmith
c23d5b4353 Clean up this message a little bit. 2008-12-30 17:16:52 +00:00
rwatson
0c0b8926ba Rename mbcnt to mbcnt_delta in uipc_send() -- unlike other local
variables named mbcnt in uipc_usrreq.c, this instance is a delta
rather than a cache of sb_mbcnt.

MFC after:	3 weeks
2008-12-30 16:09:57 +00:00
kensmith
6bb95353d1 Remove the /usr/X11R6 paths. It has been long enough since the X stuff
moved to /usr/local.

Checked with:	des (last person to have fiddled with this)
MFC after:	1 month
2008-12-30 16:00:36 +00:00
kib
2349a65923 Clear the pointers to the file in the struct filedesc before file is closed
in fdfree. Otherwise, sysctl_kern_proc_filedesc may dereference stale
struct file * values.

Reported and tested by:	pho
MFC after:	1 month
2008-12-30 12:51:56 +00:00
kib
c81ec4dc0c In r185557, the check for existing negative entry for the given name
did not compared nc_dvp with supplied parent directory vnode pointer.
Add the check and note that now branches for vp != NULL and vp == NULL
are the same, thus can be merged.

Reported and reviewed by:	kan
Tested by:	pho
MFC after:	2 weeks
2008-12-30 12:51:14 +00:00
luigi
9b90a7e39e A number of small changes to make the 'save choice to disk' safer,
and re-enable it as default.

In particular:

+ re-enable the 'update' flag in the Makefile (of course!);

+ commit Warner's patch "orb $NOUPDATE,_FLAGS(%bp)"
  to avoid writing to disk in case of a timeout/default choice;

+ fix an off-by-one count in the partition scan code that would
  print the wrong name for unknown partitions;

+ unconditionally change the boot prompt to 'Boot:' instead of 'Default:'
  to make room for the extra code/checks/messages. Some of the changes
  listed below are also made to save space;

+ rearrange and fix comments for known partition types. Right now we
  explicitly recognise *BSD, Linux, FAT16 (type 6, used on many USB keys),
  NTFS (type 7), FAT32 (type 11).
  Depending on other options we also recognise Extended (type 5),
  FAT12 (type 1) and FAT16 < 32MB (type 4).

+ Add an entry "F6 PXE" when the code is built with -DPXE (which is
  a default now). Technically, F6 boots through INT18, so the prompt 'PXE'
  is a bit misleading. Unfortunately the name INT18
  is too long and does not fit in - we could use ROM perhaps.
  The reason I picked 'PXE' is that on many (I believe) new systems
  INT18 calls PXE.

Apart from the choice of the name for PXE/ROM/INT18, this should close
pending issues on the 1-sector boot0 code and we should be able to
move the code to RELENG_7 when it reopens.

No boot0cfg changes are necessary.

MFC after:	3 weeks
2008-12-30 09:40:50 +00:00
imp
4dc7d8d63b Bump the odometer of the years, this time a bit early for 7.1R. 2008-12-30 04:48:59 +00:00
imp
18a152cccc Bump the odometer of the years. A little early this year for 7.1R. 2008-12-30 04:46:25 +00:00
obrien
1408a14247 Add gssd.h to the list of SRCS so one can build without 'make depend' first. 2008-12-30 01:33:15 +00:00
obrien
075e233c23 Sound less scary about errorousous disk geometry due to wanting to limit
to 65535 cylinders.

Submitted by:	Carlos A. M. dos Santos <unixmania@gmail.com>
2008-12-30 00:57:39 +00:00
ed
3f319ef66d Fix compilation. Also move ogetkerninfo() to kern_xxx.c.
It seems I forgot to remove `int error' from a single piece of code. I'm
also moving ogetkerninfo() to kern_xxx.c, because it belongs to the
class of compat system information system calls, not the generic sysctl
code.
2008-12-29 19:24:00 +00:00
rwatson
80663b9001 Include param.h instead of types.h before mount.h so that the nested
include of param.h can be removed from audit.h.

MFC after:	3 weeks
2008-12-29 19:00:28 +00:00
rwatson
25e9243909 Include param.h instead of types.h before mount.h so that the nested
include of param.h can be removed from audit.h.

MFC after:	3 days
2008-12-29 18:59:50 +00:00
rwatson
5d4fcd09b3 Include param.h instead of types.h before user.h so that the nested
include of param.h can be removed from audit.h.

MFC after:	3 weeks
2008-12-29 18:58:22 +00:00
simon
01b3b6ad60 Add missing -o to usage output.
MFC after:	3 days
2008-12-29 14:59:22 +00:00
kib
0deec7e423 When the insmntque() in the pfs_vncache_alloc() fails, vop_reclaim calls
pfs_vncache_free() that removes pvd from the list, while it is not yet
put on the list.

Prevent the invalid removal from the list by clearing pvd_next and
pvd_prev for the newly allocated pvd, and only move pfs_vncache list
head when the pvd was at the head.

Suggested and approved by:	des
MFC after:	2 weeks
2008-12-29 13:25:58 +00:00
ed
f3a9a195cb Push down Giant inside sysctl. Also add some more assertions to the code.
In the existing code we didn't really enforce that callers hold Giant
before calling userland_sysctl(), even though there is no guarantee it
is safe. Fix this by just placing Giant locks around the call to the oid
handler. This also means we only pick up Giant for a very short period
of time. Maybe we should add MPSAFE flags to sysctl or phase it out all
together.

I've also added SYSCTL_LOCK_ASSERT(). We have to make sure sysctl_root()
and name2oid() are called with the sysctl lock held.

Reviewed by:	Jille Timmermans <jille quis cx>
2008-12-29 12:58:45 +00:00
kib
bd5d614be8 vm_map_lock_read() does not increment map->timestamp, so we should
compare map->timestamp with saved timestamp after map read lock is
reacquired, not with saved timestamp + 1. The only consequence of the +1
was unconditional lookup of the next map entry, though.

Tested by:	pho
Approved by:	des
MFC after:	2 weeks
2008-12-29 12:45:11 +00:00
kib
76cd718eec Use curproc->p_sysent->sv_flags bit SV_ILP32 for detection of the 32 bit
caller, instead of direct comparision with ia32_freebsd_sysvec.

Tested by:	pho
Approved by:	des
MFC after:	2 weeks
2008-12-29 12:41:32 +00:00
kib
7599f93972 Drop the pseudofs vnode lock around call to pfs_read handler. The handler
may need to lock arbitrary vnodes, causing either lock order reversal or
recursive vnode lock acquisition.

Tested by:	pho
Approved by:	des
MFC after:	2 weeks
2008-12-29 12:12:23 +00:00
kib
c3f2d023e8 After the pfs_vncache_mutex is dropped, another thread may attempt to
do pfs_vncache_alloc() for the same pfs_node and pid. In this case, we
could end up with two vnodes for the pair. Recheck the cache under the
locked pfs_vncache_mutex after all sleeping operations are done [1].

This case mostly cannot happen now because pseudofs uses exclusive vnode
locking for lookup. But it does drop the vnode lock for dotdot lookups,
and Marcus' pseudofs_vptocnp implementation is vulnerable too.

Do not call free() on the struct pfs_vdata after insmntque() failure,
because vp->v_data points to the structure, and pseudofs_reclaim()
frees it by the call to pfs_vncache_free().

Tested by:	pho [1]
Approved by:	des
MFC after:	2 weeks
2008-12-29 12:07:18 +00:00
obrien
489c6b7af5 1. Add the ability to tweak the token output before targets in job mode.
E.g.,  .MAKE.JOB.PREFIX=${.newline}---[${.MAKE.PID}]
   would produce

   ---[1234] target ---

2. Added ${.newline} as a simple means of being able to include '\n' in the
   assignment of .MAKE.JOB.PREFIX

Obtained from:	NetBSD
2008-12-29 10:26:02 +00:00
obrien
5d8be9f4c7 Consistently use Var_SetGlobal(). 2008-12-29 08:05:49 +00:00
kmacy
9198d09682 merge 186535, 186537, and 186538 from releng_7_xen
Log:
 - merge in latest xenbus from dfr's xenhvm
 - fix race condition in xs_read_reply by converting tsleep to mtx_sleep

Log:
 unmask evtchn in bind_{virq, ipi}_to_irq

Log:
 - remove code for handling case of not being able to sleep
 - eliminate tsleep - make sleeps atomic
2008-12-29 06:31:03 +00:00
rwatson
0c86a1e4f3 Vendor import of OpenBSM 1.1 alpha4, which incorporates the following
changes since the last imported OpenBSM release:

OpenBSM 1.1 alpha 4

- With the addition of BSM error number mapping, we also need to map the
  local error number passed to audit_submit(3) to a BSM error number,
  rather than have the caller perform that conversion.
- Reallocate user audit events to avoid collisions with Solaris; adopt a
  more formal allocation scheme, and add some events allocated in Solaris
  that will be of immediate use on other platforms.
- Add an event for Calife.
- Add au_strerror(3), which allows generating strings for BSM errors
  directly, rather than requiring applications to map to the local error
  space, which might not be able to entirely represent the BSM error
  number space.
- Major auditd rewrite for launchd(8) support.  Add libauditd library
  that is shared between launchd and auditd.
- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for
  (re)starting auditing under launchd(8) on Mac OS X.
- Add 'current' symlink to active audit trail.
- Add crash recovery of previous audit trail file when detected on audit
  startup that it has not been properly terminated.
- Add the event AUE_audit_recovery to indicated when an audit trail file
  has been recovered from not being properly terminated.  This event is
  stored in the new audit trail file and includes the path of recovered
  audit trail file.
- Mac OS X and FreeBSD dependent code in auditd.c is separated into
  auditd_darwin.c and auditd_fbsd.c files.
- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system
  calls.
- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
- Add support for NOTICE level logging.

OpenBSM 1.1 alpha 3

- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
  between BSM error numbers (largely the Solaris definitions) and local
  errno(2) values for 32-bit and 64-bit return tokens.  This is required
  as operating systems don't agree on some of the values of more recent
  error numbers.
- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the
  total size for the token.  This bug resulted in "unknown" tokens being
  printed after the exec args/env tokens.
- Support for AUT_SOCKET_EX extended socket tokens, which describe a
  socket using a pair of IPv4/IPv6 and port tuples.
- OpenBSM BSM file header version bumped for 1.1 release.
- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.

Obtained from:	TrustedBSD Project
Sponsored by:	Apple Inc.
2008-12-28 22:40:42 +00:00
bz
e46dfc4a18 For consistency use LLE_IS_VALID() in this 4th place that is actually
interested in the (void *)-1 return value hack.
This way we can easily identify those special parts of the code.
2008-12-28 21:18:01 +00:00
kmacy
208a4373c4 drop rnh lock before destroying it 2008-12-28 14:32:27 +00:00
ganbold
ab8a937c28 Remove unused variable.
Found with:     Coverity Prevent(tm)
CID: 542

Approved by: weongyo
2008-12-28 13:50:58 +00:00
bz
4d655f6e02 Include std.ixp425 for "cpu" and comment out duplicate memory map
options. Using the already included std.avila is not considered
to be entirely right (and the options slightly differ) but the best
match we currently have. Upcoming work should fit better.

Reorder another variable to match the layout of other configs.

Reviewed by:	sam, warner (earlier version with options removed)
2008-12-28 11:04:24 +00:00