| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
added again if/when we port the framework.
Submitted by: mwlucas
Approved by: joe
|
| |
|
|
| |
Approved by: sheldonh (mentor)
|
| | |
|
| |
|
|
|
|
|
|
| |
that it should also set the user's default MAC label, if available and
permitted.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Check if the trapped pc is inside of the demarked sections to implement
fault recovery for copyin etc, instead of pcb_onfault. Handle recovery
from data access exceptions as well as page faults.
Inspired by: bde's sys.dif
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
were reversed. Correct this with no functional change.
|
| |
|
|
|
|
|
|
|
|
|
| |
in an if clause.
PR:
Submitted by:
Reviewed by:
Approved by:
Obtained from:
MFC after:
|
| |
|
|
|
|
| |
for LOCKD_MSG instead.
Requested by: rwatson
|
| |
|
|
| |
Missed by: kern/39809,njl
|
| | |
|
| |
|
|
|
|
| |
PR: docs/39060
Submitted by: Nicola Vitale <nivit@libero.it>
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
supplied buffer in case the size of it was equal to
the number of characters the converted address consumed.
The bug occurred when converting an AF_INET address.
- Remove the SPRINTF macro and use sprintf instead.
- Do not do string formatting using sprintf(3) and a
temporary buffer which is copied when the supplied
buffer provides enough space. Instead, use snprintf(3)
and the real destination buffer, thus avoid the copy.
Reported by: Stefan Farfeleder <e0026813@stud3.tuwien.ac.at> (1)
PR: misc/41289
|
| |
|
|
|
| |
PR: kern/39809
Approved by: gibbs
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
make a series of modifications to the credential arguments relating
to file read and write operations to cliarfy which credential is
used for what:
- Change fo_read() and fo_write() to accept "active_cred" instead of
"cred", and change the semantics of consumers of fo_read() and
fo_write() to pass the active credential of the thread requesting
an operation rather than the cached file cred. The cached file
cred is still available in fo_read() and fo_write() consumers
via fp->f_cred. These changes largely in sys_generic.c.
For each implementation of fo_read() and fo_write(), update cred
usage to reflect this change and maintain current semantics:
- badfo_readwrite() unchanged
- kqueue_read/write() unchanged
pipe_read/write() now authorize MAC using active_cred rather
than td->td_ucred
- soo_read/write() unchanged
- vn_read/write() now authorize MAC using active_cred but
VOP_READ/WRITE() with fp->f_cred
Modify vn_rdwr() to accept two credential arguments instead of a
single credential: active_cred and file_cred. Use active_cred
for MAC authorization, and select a credential for use in
VOP_READ/WRITE() based on whether file_cred is NULL or not. If
file_cred is provided, authorize the VOP using that cred,
otherwise the active credential, matching current semantics.
Modify current vn_rdwr() consumers to pass a file_cred if used
in the context of a struct file, and to always pass active_cred.
When vn_rdwr() is used without a file_cred, pass NOCRED.
These changes should maintain current semantics for read/write,
but avoid a redundant passing of fp->f_cred, as well as making
it more clear what the origin of each credential is in file
descriptor read/write operations.
Follow-up commits will make similar changes to other file descriptor
operations, and modify the MAC framework to pass both credentials
to MAC policy modules so they can implement either semantic for
revocation.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
| |
PR: kern/39809
Approved by: gibbs
|
| |
|
|
| |
than 80 columns.
|
| |
|
|
|
|
|
| |
are about equally as alphabetized.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
|
| |
Label link layer mbufs as they are created for transmission, check
mbufs before delivering them to sockets, label mbufs as they are created
from sockets, and preserve mbuf labels if mbufs are copied.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
| |
width smaller than 80 columns.
Thanks to Ruslan for an explanation of multiple ways to
achieve this.
|
| |
|
|
|
|
|
|
| |
we can use the names _receive() and _send() for the receive() and send()
checks. Rename related constants, policy implementations, etc.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
we can use the names _receive() and _send() for the receive() and send()
checks. Rename related constants, policy implementations, etc.
PR:
Submitted by:
Reviewed by:
Approved by:
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
MFC after:
|
| |
|
|
|
|
| |
in revision 1.17 of option.c.
MFC after: 1 week
|
| |
|
|
|
|
|
| |
some shells, etc., and also for GNU compatability (lack of this broke the
Mono CVS build for me).
MFC after: 1 week
|
| |
|
|
|
|
| |
rather than immediately returning, or we may not unlock necessary locks.
Noticed by: Mike Heffner <mheffner@acm.vt.edu>
|
| |
|
|
|
|
| |
Follow-on to rev 1.39.
Reviewed by: jayanth, Thomas R Henderson <thomas.r.henderson@boeing.com>, silby, dillon
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a pipe or queue has the "noerror" attribute, do not report
drops to the caller (ip_output() and friends).
(2 lines to implement it, 2 lines to document it.)
This will let you simulate losses on the sender side as if they
happened in the middle of the network, i.e. with no explicit feedback
to the sender.
manpage and ipfw2.c changes to follow shortly, together with other
ipfw2 changes.
Requested by: silby
MFC after: 3 days
|
| |
|
|
|
|
|
|
| |
handling, rather than returning directly to prevent leaking of vnode
reference/lock.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
| |
o Add argv[] boudary check.
PR: bin/40117
Reviewed by: silence on -audit
MFC after: 2 months
|
| |
|
|
|
|
|
| |
all structures in ip_var.h are defined, so remove include of mac.h.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
| |
satisfy consumers of ip_var.h that need a complete definition of
struct ipq and don't include mac.h.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
| |
is no longer present.
Pointed out by: bmilekic
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
| |
|
|
|
|
|
|
|
| |
type of the 'flags' argument m_getcl() was using anyway; m_extadd()
needed to be changed to accept an int instead of a short for 'flags.'
This makes things more consistent and also gives us more bits to
use for m_flags in the future (we have almost run out).
Requested by: sam (Sam Leffler)
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
qualifier to function prototypes and definitions where
appropriate using the '__restrict' macro.
- Update the manual page.
|
| |
|
|
|
| |
definitions to comply with IEEE Std 1003.1-2001.
- Update the manual pages.
|
| |
|
|
|
|
|
|
| |
definitions of the functions that convert strings to numbers
and are defined by IEEE Std 1003-1.2001.
- Use ANSI-C function definitions for all of the functions
mentioned above plus strtouq and strtoq.
- Update the prototypes in the manual pages.
|
| | |
|
| |
|
|
|
|
|
|
| |
Reviewed by: bde
Original 2.95 change was subject to:
Approved by: obrien
|
| |
|
|
| |
Submitted by: bde
|
| | |
|
| | |
|
