summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* The ipfw module is only loaded if necessary.keramida2002-10-221-1/+3
|
* s/then/than/ where appropriate.keramida2002-10-221-4/+4
|
* rulset -> rulesetkeramida2002-10-221-1/+1
|
* Fill in missing parts of the ATAPI/CAM XPT: implement XPT_RESET_BUSthomas2002-10-223-26/+52
| | | | | | | | | | | | | | and XPT_RESET_DEV. In order to properly handle reset requests whether they originate in the ATA layer (atacontrol reinit) or from the CAM layer (camcontrol reset) ata_reinit does not cause the SIM to be deallocated anymore. The SIM is now unconditionnally created for each ATAPI bus. This change may cause existing bus ids to change on some setups. Reviewed by: roberto Approved by: sos
* Forgot to include <errno.h> when using 'errno' here.jmallett2002-10-221-0/+1
|
* Use an error message closer to old dumpfs(8) in the case of truncated/nojmallett2002-10-221-1/+1
| | | | | | | | | superblock. Submitted by: kkenn Can't use it verbatim, at least I hate to, as the ", skipped" bit doesn't make much sense in a library, to me.
* When errno is not set, do not use warn(3).jmallett2002-10-221-1/+2
|
* Use the libufs_printerror() function, which hopefully will deconfuse usersjmallett2002-10-221-1/+2
| | | | | | getting error cases in a libufsificated dumpfs(8). Poked by: kkenn
* Add the concept of a per-disk error string, and a function which prints itjmallett2002-10-226-1/+78
| | | | along with the errno, if one is set.
* Style fix: space between 'switch' and '('.rwatson2002-10-222-2/+2
|
* Don't dereference the 'x' pointer if it is NULL, instead skip thejhb2002-10-221-6/+12
| | | | | | | assignment. The netsmb code likes to call these functions with a NULL x argument a lot. Reported by: Vallo Kallaste <kalts@estpak.ee>
* s/mls/biba/ in a copy+paste error for a printf.rwatson2002-10-221-1/+1
|
* - Expand struct trapframe to 256 bytes, make all fields fixed width and thejake2002-10-229-156/+303
| | | | | | | | | | | | | | same size. Add some fields that previously overlapped with something else or were missing. - Make struct regs and struct mcontext (minus floating point) the same as struct trapframe so converting between them is easy (null). - Add space for saving floating point state to struct mcontext. This requires that it be 64 byte aligned. - Add assertions that none of these structures change size, as they are part of the ABI. - Remove some dead code in sendsig(). - Save and restore %gsr in struct trapframe. Remember to restore %fsr. - Add some comments to exception.S.
* - No need for pmtimer hint anymore.jhb2002-10-221-2/+0
| | | | - npx doesn't need an 'at' hint anymore.
* No need for pmtimer hint anymore.jhb2002-10-222-2/+0
|
* Add an identify method that creates a pmtimer0 device if it doesn't alreedyjhb2002-10-221-2/+19
| | | | exist. Hints are no longer needed to instantiate a pmtimer(4) device.
* Remove the mac_te policy bits from 'struct oldmac' -- we're not goingrwatson2002-10-222-12/+0
| | | | | | | | | to merge mac_te, since the SEBSD port of SELinux/FLASK provides a much more mature Type Enforcement implementation. This changes the size of the on-disk 'struct oldmac' EA labels, which may require regeneration. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* remove unused __sys_sigaltstack() declarationfjoe2002-10-221-1/+0
| | | | Approved by: deischen
* fix pthread_suspend/resume_all_np() declarationsfjoe2002-10-221-2/+2
| | | | Approved by: deischen
* opt_mac.h is no longer required for any of these modules, remove fromrwatson2002-10-226-6/+0
| | | | | | | the dependencies. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Add Sun type 6 USB keyboard and mouse to supported device list.bmah2002-10-222-0/+12
| | | | | PR: 43974 Submitted by: Hendrik Scholz <hendrik@scholz.net>
* New release notes: devctl, gbde(8), RAIDframe/raid(4), devd(8),bmah2002-10-222-0/+132
| | | | removal of many (but not all) games.
* Don't enforce MAC Biba policy for socket visibility if Biba is notrwatson2002-10-221-0/+3
| | | | | | | explicitly enabled. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Reserve a major number for NVIDIA.mdodd2002-10-221-0/+1
|
* Explain to users that they may want to kldload aio.alfred2002-10-227-22/+175
| | | | | | Move Xref sections. Submitted by: Craig Rodrigues <rodrigc@attbi.com>
* Change the `mutex_prof' structure to use three variables containedrobert2002-10-222-36/+28
| | | | | | in an anonymous structure as counters, instead of an array with preprocessor-defined names for indices. Remove the associated XXX- comment.
* Invoke mac_check_vnode_mmap() during mmap operations on vnodes,rwatson2002-10-221-2/+12
| | | | | | | | | | permitting policies to restrict access to memory mapping based on the credential requesting the mapping, the target vnode, the requested rights, or other policy considerations. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Introduce MAC_CHECK_VNODE_SWAPON, which permits MAC policies torwatson2002-10-2214-1/+213
| | | | | | | | | | | perform authorization checks during swapon() events; policies might choose to enforce protections based on the credential requesting the swap configuration, the target of the swap operation, or other factors such as internal policy state. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Missed in previous merge: export sizeof(struct oldmac) rather thanrwatson2002-10-229-9/+9
| | | | | | | sizeof(struct mac). Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* MFi386: revision 1.543.nyan2002-10-222-78/+78
|
* Remove more private MAKEDEV kludges.phk2002-10-222-6/+6
|
* List some of the Compact Flash readers known to work with this driver.luigi2002-10-221-0/+8
| | | | MFC after: 3 days
* Merged from sys/isa/syscons_isa.c revision 1.20.nyan2002-10-222-0/+4
|
* No longer needed.phk2002-10-221-18/+0
|
* MFi386: revisions 1.189 and 1.190.nyan2002-10-223-36/+30
|
* Rename the libc signal trampoline to __sigtramp to match netbsd. Thisjake2002-10-222-4/+4
| | | | should allow gdb to detect when we're executing in a signal trampoline.
* Remove the last traces of bogus MAKEDEV functionality.phk2002-10-222-24/+0
|
* Give a real error on failure to mount DEVFS.phk2002-10-222-38/+10
|
* Don't use NO_MAKEDEV* option, its the default now.phk2002-10-221-1/+1
|
* Fix example, we do not need NO_MAKEDEV_RUN any more.phk2002-10-221-1/+1
| | | | XXX: this example should be updated with a good example of devfs(8) rules.
* Change to match NO_MAKEDEV* -> MAKEDEV*.phk2002-10-222-12/+11
|
* Invert the logic of the NO_MAKEDEV options to match the 5.0-R default install.phk2002-10-221-2/+2
|
* Hook up a sample mac.conf to the install. The sample basicallyrwatson2002-10-222-1/+18
| | | | | | | | tells applications to print labels for all of the TrustedBSD- generated policies, if they are present. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Reflect MAC kernel/user API changes into the libc MAC implementation.rwatson2002-10-227-247/+398
| | | | | | | | | | | | This removes a lot of complexity, since we basically just reserve space on a retrieval of a label, and pass around strings. Two new elements: (1) consumers of the API must now declare what label elements they are interested in retrieving, or (2) rely on the default provided in a new configuration file, mac.conf. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Move the label initialized flag into _label.h: it's no longerrwatson2002-10-221-0/+2
| | | | | | | | exported to userspace. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Adapt MAC policies for the new user API changes; teach policies howrwatson2002-10-227-94/+691
| | | | | | | | | | to parse their own label elements (some cleanup to occur here in the future to use the newly added kernel strsep()). Policies now entirely encapsulate their notion of label in the policy module. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* - Check that a process isn't a new process (p_state == PRS_NEW) beforejhb2002-10-221-20/+23
| | | | | | | | | trying to acquire it's proc lock since the proc lock may not have been constructed yet. - Split up the one big comment at the top of the loop and put the pieces in the right order above the various checks. Reported by: kris (1)
* Support the new MAC user API in kernel: modify existing system callsrwatson2002-10-229-1521/+8253
| | | | | | | | | | | | to use a modified notion of 'struct mac', and flesh out the new variation system calls (almost identical to existing ones except that they permit a pid to be specified for process label retrieval, and don't follow symlinks). This generalizes the label API so that the framework is now almost entirely policy-agnostic. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Revised APIs for user process label management; the existing APIs reliedrwatson2002-10-224-194/+216
| | | | | | | | | | | | | | | | | | | on all label parsing occuring in userland, and knowledge of the loaded policies in the user libraries. This revision of the API pushes that parsing into the kernel, avoiding the need for shared library support of policies in userland, permitting statically linked binaries (such as ls, ps, and ifconfig) to use MAC labels. In these API revisions, high level parsing of the MAC label is done in the MAC Framework, and interpretation of label elements is delegated to the MAC policy modules. This permits modules to export zero or more label elements to user space if desired, and support them in the manner they want and with the semantics they want. This is believed to be the final revision of this interface: from the perspective of user applications, the API has actually not changed, although the ABI has. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Regen.rwatson2002-10-225-12/+45
|
OpenPOWER on IntegriCloud