summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Rename the libc signal trampoline to __sigtramp to match netbsd. Thisjake2002-10-222-4/+4
| | | | should allow gdb to detect when we're executing in a signal trampoline.
* Remove the last traces of bogus MAKEDEV functionality.phk2002-10-222-24/+0
|
* Give a real error on failure to mount DEVFS.phk2002-10-222-38/+10
|
* Don't use NO_MAKEDEV* option, its the default now.phk2002-10-221-1/+1
|
* Fix example, we do not need NO_MAKEDEV_RUN any more.phk2002-10-221-1/+1
| | | | XXX: this example should be updated with a good example of devfs(8) rules.
* Change to match NO_MAKEDEV* -> MAKEDEV*.phk2002-10-222-12/+11
|
* Invert the logic of the NO_MAKEDEV options to match the 5.0-R default install.phk2002-10-221-2/+2
|
* Hook up a sample mac.conf to the install. The sample basicallyrwatson2002-10-222-1/+18
| | | | | | | | tells applications to print labels for all of the TrustedBSD- generated policies, if they are present. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Reflect MAC kernel/user API changes into the libc MAC implementation.rwatson2002-10-227-247/+398
| | | | | | | | | | | | This removes a lot of complexity, since we basically just reserve space on a retrieval of a label, and pass around strings. Two new elements: (1) consumers of the API must now declare what label elements they are interested in retrieving, or (2) rely on the default provided in a new configuration file, mac.conf. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Move the label initialized flag into _label.h: it's no longerrwatson2002-10-221-0/+2
| | | | | | | | exported to userspace. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Adapt MAC policies for the new user API changes; teach policies howrwatson2002-10-227-94/+691
| | | | | | | | | | to parse their own label elements (some cleanup to occur here in the future to use the newly added kernel strsep()). Policies now entirely encapsulate their notion of label in the policy module. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* - Check that a process isn't a new process (p_state == PRS_NEW) beforejhb2002-10-221-20/+23
| | | | | | | | | trying to acquire it's proc lock since the proc lock may not have been constructed yet. - Split up the one big comment at the top of the loop and put the pieces in the right order above the various checks. Reported by: kris (1)
* Support the new MAC user API in kernel: modify existing system callsrwatson2002-10-229-1521/+8253
| | | | | | | | | | | | to use a modified notion of 'struct mac', and flesh out the new variation system calls (almost identical to existing ones except that they permit a pid to be specified for process label retrieval, and don't follow symlinks). This generalizes the label API so that the framework is now almost entirely policy-agnostic. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Revised APIs for user process label management; the existing APIs reliedrwatson2002-10-224-194/+216
| | | | | | | | | | | | | | | | | | | on all label parsing occuring in userland, and knowledge of the loaded policies in the user libraries. This revision of the API pushes that parsing into the kernel, avoiding the need for shared library support of policies in userland, permitting statically linked binaries (such as ls, ps, and ifconfig) to use MAC labels. In these API revisions, high level parsing of the MAC label is done in the MAC Framework, and interpretation of label elements is delegated to the MAC policy modules. This permits modules to export zero or more label elements to user space if desired, and support them in the manner they want and with the semantics they want. This is believed to be the final revision of this interface: from the perspective of user applications, the API has actually not changed, although the ABI has. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Regen.rwatson2002-10-225-12/+45
|
* Flesh out prototypes for __mac_get_pid, __mac_get_link, andrwatson2002-10-221-3/+5
| | | | | | | | | | __mac_set_link, based on __mac_get_proc() except with a pid, and __mac_get_file(), __mac_set_file() except that they do not follow symlinks. First in a series of commits to flesh out the user API. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Note that id_t can also hold a gid_t. Realign comments.mike2002-10-221-8/+8
|
* Fix typo in comments (misspelled "necessary").sheldonh2002-10-221-2/+2
|
* Live with it: I had hoped to find a neat way to deal with all the magicphk2002-10-221-2/+9
| | | | numbers, but so far havn't come up with anything: Add an #ifdef PC98.
* Typo: loose -> lose.keramida2002-10-221-1/+1
| | | | Submitted by: trevor
* Chunk functions in libdisk take an extra arguement for all archs to accomodatephk2002-10-224-26/+4
| | | | PC98 with less ifdef madness.
* Avoid a lot of #ifdef PC98 code by giving a couple of the Chunk functionsphk2002-10-225-56/+3
| | | | an extra argument for all archs.
* Update for BSD.include.dist r1.60 (addition of include/dev/ofw).tmm2002-10-221-0/+2
| | | | | Forgotten by: tmm Prodded by: ru
* Add back the typedefs for in_addr_t and in_port_t; some broken autoconftjr2002-10-221-0/+10
| | | | scripts expect <sys/types.h> to define them.
* Pick up a prototyp from libdisk.h instead of having our own.phk2002-10-222-2/+0
|
* Swing the weed-whacker around libdisk:phk2002-10-2210-447/+73
| | | | | | | | | Constify some things. Staticize some things. Remove some unused things. Prototype some things. Don't install a gazillion man-pages links. Drop support for ON-TRACK disk-manager.
* _games is gone in rev. 1.305.ru2002-10-221-1/+1
|
* Start tick at the correct time (cpu_init_clocks), instead of cpu_startup.jake2002-10-222-5/+11
|
* Add some magic bits necessary to turn the transmitter on for somesilby2002-10-222-0/+10
| | | | | | | | | (newer) 556B chips. Requested & tested by: Dinesh Nambisan <dinesh@nambisan.net> Magic bits found by: Dave Dribin & Donald Becker MFC After: 3 days
* detect idle kse correctly.davidxu2002-10-221-1/+1
|
* This commit was generated by cvs2svn to compensate for changes in r105672,assar2002-10-221-1/+8
|\ | | | | | | which included commits to RCS files with non-trunk default branches.
| * import 1.27 to fix buffer overflow:assar2002-10-221-1/+8
| | | | | | | | | | | | check size of rlen Obtained from: Heimdal CVS
* | .Xr mac.3 and posix1e.3 to mac.9. Point at sys/mac.h in posix1e.3.rwatson2002-10-222-3/+5
| | | | | | | | | | Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* | This update further fine tunes the locking of snapshot vnodes inmckusick2002-10-221-12/+21
| | | | | | | | | | | | | | | | | | the ffs_copyonwrite routine to avoid a deadlock between the syncer daemon trying to sync out a snapshot vnode and the bufdaemon trying to write out a buffer containing the snapshot inode. With any luck this will be the last snapshot race condition. Sponsored by: DARPA & NAI Labs.
* | This update is a performance improvement when allocating blocks onmckusick2002-10-221-0/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | a full filesystem. Previously, if the allocation failed, we had to fsync the file before rolling back any partial allocation of indirect blocks. Most block allocation requests only need to allocate a single data block and if that allocation fails, there is nothing to unroll. So, before doing the fsync, we check to see if any rollback will really be necessary. If none is necessary, then we simply return. This update eliminates the flurry of disk activity that got triggered whenever a filesystem would run out of space. Sponsored by: DARPA & NAI Labs.
* | This update removes a race between unmount and lookup. The lookupmckusick2002-10-221-4/+1
| | | | | | | | | | | | | | | | | | | | | | locks the mount point directory while waiting for vfs_busy to clear. Meanwhile the unmount which holds the vfs_busy lock tried to lock the mount point vnode. The fix is to observe that it is safe for the unmount to remove the vnode from the mount point without locking it. The lookup will wait for the unmount to complete, then recheck the mount point when the vfs_busy lock clears. Sponsored by: DARPA & NAI Labs.
* | This checkin reimplements the io-request priority hack in a waymckusick2002-10-223-32/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | that works in the new threaded kernel. It was commented out of the disksort routine earlier this year for the reasons given in kern/subr_disklabel.c (which is where this code used to reside before it moved to kern/subr_disk.c): ---------------------------- revision 1.65 date: 2002/04/22 06:53:20; author: phk; state: Exp; lines: +5 -0 Comment out Kirks io-request priority hack until we can do this in a civilized way which doesn't cause grief. The problem is that it is not generally safe to cast a "struct bio *" to a "struct buf *". Things like ccd, vinum, ata-raid and GEOM constructs bio's which are not entrails of a struct buf. Also, curthread may or may not have anything to do with the I/O request at hand. The correct solution can either be to tag struct bio's with a priority derived from the requesting threads nice and have disksort act on this field, this wouldn't address the "silly-seek syndrome" where two equal processes bang the diskheads from one edge to the other of the disk repeatedly. Alternatively, and probably better: a sleep should be introduced either at the time the I/O is requested or at the time it is completed where we can be sure to sleep in the right thread. The sleep also needs to be in constant timeunits, 1/hz can be practicaly any sub-second size, at high HZ the current code practically doesn't do anything. ---------------------------- As suggested in this comment, it is no longer located in the disk sort routine, but rather now resides in spec_strategy where the disk operations are being queued by the thread that is associated with the process that is really requesting the I/O. At that point, the disk queues are not visible, so the I/O for positively niced processes is always slowed down whether or not there is other activity on the disk. On the issue of scaling HZ, I believe that the current scheme is better than using a fixed quantum of time. As machines and I/O subsystems get faster, the resolution on the clock also rises. So, ten years from now we will be slowing things down for shorter periods of time, but the proportional effect on the system will be about the same as it is today. So, I view this as a feature rather than a drawback. Hence this patch sticks with using HZ. Sponsored by: DARPA & NAI Labs. Reviewed by: Poul-Henning Kamp <phk@critter.freebsd.dk>
* | Remove the OpenBSD comatibility stuff. Many changes to be more style(9)semenu2002-10-223-621/+355
| | | | | | | | | | compilant. Split two pieces if code into separate functions to do not exceed line length due to indentation.
* | Add mac(9), a man page providing a basic introduction to the conceptsrwatson2002-10-212-1/+200
| | | | | | | | | | | | | | | | associated with the TrustedBSD MAC Framework, as well as some credits to developers and contributors. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* | mac_none is a stub policy without any functional implementation.rwatson2002-10-212-14/+14
| | | | | | | | | | | | | | | | | | | | | | | | Various cleanups, no functional changes: - Fix a type in an entry point stub, socket checks accept sockets, not vnodes. - Trailing whitespace - Entry point sort order Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* | Remove the process state PRS_WAIT.julian2002-10-213-7/+0
| | | | | | | | | | | | It is never used. I left it there from pre-KSE days as I didn't know if I'd need it or not but now I know I don't.. It's functionality is in TDI_IWAIT in the thread.
* | Lobotomize MakeDev(), we don't need it with devfs.phk2002-10-211-0/+2
| |
* | DEVFS has been nmountified, so use nmount(2) to mount it.phk2002-10-212-4/+28
| |
* | Add support for sparc64 kernel debugging.mp2002-10-211-5/+64
| | | | | | | | Submitted by: tmm
* | psl.h isn't referenced anywhere that I could find on the alpha, so removepeter2002-10-211-32/+0
| | | | | | | | this stub.
* | Introduce mac_biba_copy() and mac_mls_copy(), which conditionallyrwatson2002-10-212-17/+49
| | | | | | | | | | | | | | | | | | | | | | copy elements of one Biba or MLS label to another based on the flags on the source label element. Use this instead of mac_{biba,mls}_{single,range}() to simplify the existing code, as well as support partial label updates (we don't update if none is requested). Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* | Grrr, s/PBP/BPB/ here as well.jhb2002-10-211-1/+1
| | | | | | | | Noticed by: peter
* | Add the ability to specify a strict C99 environment with themike2002-10-211-1/+6
| | | | | | | | | | _C99_SOURCE constant, which should be defined before including any standard headers.
* | Sigh, d_ntracks, not d_nheads.phk2002-10-211-1/+1
| |
* | Implement a new IP_SENDSRCADDR ancillary message type that permitsiedowse2002-10-213-4/+91
| | | | | | | | | | | | | | | | | | | | | | | | a server process bound to a wildcard UDP socket to select the IP address from which outgoing packets are sent on a per-datagram basis. When combined with IP_RECVDSTADDR, such a server process can guarantee to reply to an incoming request using the same source IP address as the destination IP address of the request, without having to open one socket per server IP address. Discussed on: -net Approved by: re
OpenPOWER on IntegriCloud