36434 Commits

Author SHA1 Message Date
Robert Watson
2555374c4f Introduce p_label, extensible security label storage for the MAC framework
in struct proc.  While the process label is actually stored in the
struct ucred pointed to by p_ucred, there is a need for transient
storage that may be used when asynchronous (deferred) updates need to
be performed on the "real" label for locking reasons.  Unlike other
label storage, this label has no locking semantics, relying on policies
to provide their own protection for the label contents, meaning that
a policy leaf mutex may be used, avoiding lock order issues.  This
permits policies that act based on historical process behavior (such
as audit policies, the MAC Framework port of LOMAC, etc) can update
process properties even when many existing locks are held without
violating the lock order.  No currently committed policies implement use
of this label storage.

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-20 15:41:25 +00:00
Alfred Perlstein
818407fe06 reapply 1.26 through 1.28.
Approved by: re
2002-11-20 15:21:06 +00:00
John Baldwin
69da428022 Fix compile in the case of SMP defined but DDB not defined.
Approved by:	re (implicit, DP2 doesn't build w/o this)
2002-11-20 14:09:33 +00:00
Alfred Perlstein
7affe44ee3 forgot about 5.x freeze, backout 1.26 through 1.28 pending re@ appoval. 2002-11-20 10:53:06 +00:00
Alfred Perlstein
0b2724b10f remove useless casts, unused macros and cleanup a line wrap. 2002-11-20 10:13:04 +00:00
Alfred Perlstein
9822015014 comment and untwist error return logic 2002-11-20 10:06:51 +00:00
Alfred Perlstein
32cb464571 Remove an outdated comment complaining about exporting struct ucred
to userspace, I fixed it a while ago.
2002-11-20 10:00:04 +00:00
Kirk McKusick
f5235f70a4 The target for the maximum number of dependencies has been cut
in half because of reports that under heavy load the kernel could
exhaust its memory pool. The limit is now (desiredvnodes * 4)
rather than (desiredvnodes * 8), so it will still scale with
larger systems, just not as quickly.

Sponsored by:   DARPA & NAI Labs.
2002-11-20 05:16:11 +00:00
Kirk McKusick
3374bb5ad6 If an error occurs while writing a buffer, then the data will
not have hit the disk and the dependencies cannot be unrolled.
In this case, the system will mark the buffer as dirty again so
that the write can be retried in the future. When the write
succeeds or the system gives up on the buffer and marks it as
invalid (B_INVAL), the dependencies will be cleared.

Sponsored by:   DARPA & NAI Labs.
2002-11-20 05:14:16 +00:00
Robert Watson
a3df768b04 Merge kld access control checks from the MAC tree: these access control
checks permit policy modules to augment the system policy for permitting
kld operations.  This permits policies to limit access to kld operations
based on credential (and other) properties, as well as to perform checks
on the kld being loaded (integrity, etc).

Approved by:	re
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2002-11-19 22:12:42 +00:00
Mike Silbersack
df285b3d1d Add a sysctl to control the generation of source quench packets,
and set it to 0 by default.

Partially obtained from:	NetBSD
Suggested by:	David Gilbert
MFC after:	5 days
2002-11-19 17:06:06 +00:00
Sam Leffler
e5562bee60 correct function declarations of stubs used for building w/o device bpf 2002-11-19 02:50:46 +00:00
Robert Watson
293d2d2261 We leaked a process lock reference in the event an RFTHREAD process
leader wasn't exiting during a fork; instead, do remember to release
the lock avoiding lock order reversals and recursion panic.

Reported by:	"Joel M. Baldwin" <qumqats@outel.org>
2002-11-18 14:23:21 +00:00
David Xu
bfd8325073 Make sure only update wall clock at upcall time, slightly reformat
code in kse_relase().
2002-11-18 12:28:15 +00:00
Jeff Roberson
74c924b553 - Wakeup the correct address when a zone is no longer full.
Spotted by:	jake
2002-11-18 08:27:14 +00:00
Jake Burkholder
a121cb6a7f Create the ofwcons device at SI_SUB_CONFIGURE instead of SI_SUB_DRIVERS,
after configure() has run.  Only create the device if ofwcons is the
highest priority console.  Make a dev alias with the same name as the
firmware output-device property.
2002-11-18 06:19:12 +00:00
Juli Mallett
5f07565bcb Move SHOW_BUSYBUFS and PANIC_REBOOT_WAIT_TIME into the MI options file, since
MI code uses them, and every platform provides them (except x86_64 whose
options file was lacking one).

Reviewed by:	bde, rwatson
2002-11-18 06:17:07 +00:00
Jake Burkholder
e2815d20d9 Setup a default tty mode even if the device is not the console. Don't
reset the chip on open if we're not the console.

This fixes running a getty on ttya or ttyb if console input and output
devices are screen.
2002-11-18 05:56:43 +00:00
Alan Cox
a12cc0e489 Remove vm_page_protect(). Instead, use pmap_page_protect() directly. 2002-11-18 04:05:22 +00:00
Jake Burkholder
4ce7e0f43a Remove some unnecessary code. Make the device description nicer. Add a
delay in the right place to flush output before switching consoles.
2002-11-18 04:02:42 +00:00
Jake Burkholder
42f850516c Run configure at SI_SUB_THIRD instead of SI_SUB_ANY like other
architectures.
2002-11-18 03:28:23 +00:00
Alfred Perlstein
ec63e12a03 During shutdown explain what the numbers following the 'syncing
disks' message mean, specifically, 'buffers remaining...'.
2002-11-18 02:41:03 +00:00
David Xu
8798d4f9c8 1. Support versioning and wall clock in kse mailbox,
also add rusage time in thread mailbox.
2. Minor change for thread limit code in thread_user_enter(),
   fix typo in kse_release() last I committed.

Reviewed by: deischen, mini
2002-11-18 01:59:31 +00:00
Alan Cox
49115f9070 MFi386 r1.369
- Clear the PG_WRITEABLE flag in pmap_changebit() if write access is
   being removed.  Return immediately if write access is being removed and
   PG_WRITEABLE is already clear.

Note: For efficiency, pmap_changebit() should be replaced by a function
similar to sparc64's pmap_clear_write().
2002-11-18 01:36:09 +00:00
Julian Elischer
904f1b77cc include smp.h.
it is required by some code that was commented out until david's
last commit.
2002-11-17 23:26:42 +00:00
Alan Cox
779df20df2 MFi386 r1.369
- Clear the PG_WRITEABLE flag in pmap_page_protect() if write access is
   being removed.  Return immediately if write access is being removed and
   PG_WRITEABLE is already clear.
2002-11-17 21:48:42 +00:00
Luigi Rizzo
6c6cc282a7 Replace m_copy() with m_copypacket() where applicable.
Replace 0 with NULL where appropriate.
Fix indentation and function headers.
2002-11-17 18:14:04 +00:00
Luigi Rizzo
a9897b2662 Fix function headers, remove 'register' from variable declarations. 2002-11-17 18:13:02 +00:00
Luigi Rizzo
9b77fbf0a2 Fix function headers and remove 'register' variable declarations. 2002-11-17 17:04:19 +00:00
Luigi Rizzo
3e372e140c Move the ip_fragment code from ip_output() to a separate function,
so that it can be reused elsewhere (there is a number of places
where it can be useful). This also trims some 200 lines from
the body of ip_output(), which helps readability a bit.

(This change was discussed a few weeks ago on the mailing lists,
Julian agreed, silence from others. It is not a functional change,
so i expect it to be ok to commit it now but i am happy to back it
out if there are objections).

While at it, fix some function headers and replace m_copy() with
m_copypacket() where applicable.

MFC after: 1 week
2002-11-17 16:30:44 +00:00
Mike Barcroft
65cf1bf2f0 1. Hide the internals of struct fd_set in standard namespaces.
2. Avoid referencing bcopy() and bzero(), since they may not be in
   scope.

Request by:     bde (1)
Submitted by:   wollman (2)
Reviewed by:	archie, bde
PR:		43270
2002-11-17 16:22:18 +00:00
Luigi Rizzo
20fab86349 Minor documentation changes and indentation fix.
Replace m_copy() with m_copypacket() where applicable.

While at it, fix some function headers and remove 'register' from
variable declarations.
2002-11-17 16:13:08 +00:00
Luigi Rizzo
4e8fe3210d Cleanup some of the comments, and reformat long lines.
Replace m_copy() with m_copypacket() where applicable.

Replace "if (a.s_addr ...)" with "if (a.s_addr != INADDR_ANY ...)"
to make it clear what the code means.

While at it, fix some function headers and remove 'register' from
variable declarations.

MFC after: 3 days
2002-11-17 16:02:17 +00:00
Jake Burkholder
810c82e6c2 - Add support for ALT_BREAK_TO_DEBUGGER; this is the only reliable way to
trigger a breakpoint with this chip.
- Fiddle the right bits in the cn input and output routines to disable port
  interrupts and enable visibility of the masked interrupt status bits.
- Register a shutdown final event handler to put the chip back in the mode
  that the prom expects.
2002-11-17 16:00:51 +00:00
Josef Karthauser
11f314d4cb Apply some fixups in the driver_t's.
Submitted by:	akiyama
MFC after:	3 days
2002-11-17 14:22:37 +00:00
Josef Karthauser
97764f126a Use a sysctl for controlling the debugging output.
Submitted by:	akiyama
2002-11-17 14:08:48 +00:00
Yoshihiro Takahashi
8a529159ad Save a slice name on the disk and print it at g_pc98_dumpconf(). 2002-11-17 13:56:37 +00:00
Josef Karthauser
263de9cd60 Fix a typo in a console message.
Submitted by:	akiyama
MFC after:	3 days
2002-11-17 13:33:55 +00:00
David Xu
fdc5ecd24f 1.Add sysctls to control KSE resource allocation.
kern.threads.max_threads_per_proc
  kern.threads.max_groups_per_proc
2.Temporary disable borrower thread stash itself as
  owner thread's spare thread in thread_exit(). there
  is a race between owner thread and borrow thread:
  an owner thread may allocate a spare thread as this:
	if (td->td_standin == NULL)
		td->standin = thread_alloc();
  but thread_alloc() can block the thread, then a borrower
  thread would possible stash it self as owner's spare
  thread in thread_exit(), after owner is resumed, result
  is a thread leak in kernel, double check in owner can
  avoid the race, but it may be ugly and not worth to do.
2002-11-17 11:47:03 +00:00
David Xu
db9b0729fc Rework last exiting thread in kse_release(), wait a signal and then
schedule an upcall and call thread_exit().
2002-11-17 10:12:00 +00:00
Jeff Roberson
a9a088823e - Release the imgp vnode prior to freeing exec_map resources to avoid
deadlock.
2002-11-17 09:33:00 +00:00
Warner Losh
c04a433aa9 DETACH_FORCE was removed recently. Remove it here, even though this
isn't supported.
2002-11-17 04:52:37 +00:00
Alfred Perlstein
f51c1e897d Rework the sysconf(3) interaction with aio:
sysconf.c:
  Use 'break' rather than 'goto yesno' in sysconf.c so that we report a '0'
  return value from the kernel sysctl.

vfs_aio.c:
  Make aio reset its configuration parameters to -1 after unloading
  instead of 0.

posix4_mib.c:
  Initialize the aio configuration parameters to -1
  to indicate that it is not loaded.
  Add a facility (p31b_iscfg()) to determine if a posix4 facility has been
  initialized to avoid having to re-order the SYSINITs.
  Use p31b_iscfg() to determine if aio has had a chance to run yet which
  is likely if it is compiled into the kernel and avoid spamming its
  values.
  Introduce a macro P31B_VALID() instead of doing the same comparison over
  and over.

posix4.h:
  Prototype p31b_iscfg().
2002-11-17 04:15:34 +00:00
Yoshihiro Takahashi
9df5c871ce MFi386: revision 1.550. 2002-11-17 02:57:06 +00:00
Yoshihiro Takahashi
0730e65baa Merged from sys/isa/fd.c revision 1.242. 2002-11-17 02:39:55 +00:00
Jake Burkholder
7446769caf MFi386 r1.369. Clear the PG_WRITEABLE flag in pmap_clear_write; return
immediately if its already clear.

Suggested by:	alc
2002-11-17 01:17:07 +00:00
Daniel Eischen
84b427ce23 Regenerate after adding syscalls. 2002-11-16 23:48:14 +00:00
Jeff Roberson
f3da1873bc - Don't forget the flags value when using boot pages.
Reported by:	grehan
2002-11-16 20:57:41 +00:00
Daniel Eischen
a4b04278f0 Add *context() syscalls to ia64 32-bit compatability table as requested
in kern/syscalls.master.
2002-11-16 15:15:17 +00:00
Alan Cox
4fec79bef8 Now that pmap_remove_all() is exported by our pmap implementations
use it directly.
2002-11-16 07:44:25 +00:00