| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
Submitted by: Trevor Johnson <trevor@jpj.net>
|
|
|
|
|
|
| |
Reviewed by: freebsd-standards
PR: 40709
Submitted by: Edward Brocklesby <nighthawk@unrealircd.com>, johan
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
for any reason other than ENOENT (think resource limits). Close allow and
deny files before allowed() returns to stop the user's EDITOR being able to
read them.
Obtained from: OpenBSD (partially)
|
| |
|
| |
|
|
|
|
|
|
| |
for when num * size would cause integer overflow.
MFC after: 1 week
|
|
|
|
|
|
|
|
|
| |
execve().
This could be done in a more general manner but it still wouldn't
be very pretty.
MFC after: 3 weeks
|
| |
|
| |
|
| |
|
|
|
|
|
| |
PR: bin/25587 (in part)
MFC after: 3 weeks
|
|
|
|
|
| |
PR: bin/25587 (in part)
MFC after: 3 weeks
|
|
|
|
|
| |
PR: bin/25587 (in part)
MFC after: 3 weeks
|
|
|
|
|
| |
PR: bin/25587 (in part)
MFC after: 3 weeks
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MP=`mount -t ufs | grep -v " nosuid" | awk '{ print $3 }' | sort`
sets ${MP} to an empty string so the next line:
set ${MP}
actually just dumps all of the shells variables to stdout (and therefore
the security report). Fixed by surrounding the code which goes through the
mounts with a test for an empty string before using ${MP}.
Reviewed by: brian
MFC after: 3 days
|
| |
|
|
|
|
| |
with appropriate page queue locking.
|
| |
|
| |
|
|
|
|
| |
the diffs from my branch.
|
|
|
|
| |
why p4 didn't gave me this diff too.
|
| |
|
|
|
|
|
|
| |
Convert init(8) to use nmount() instead of mount() when
it has to mount devfs. This doesn't happen normally,
since the kernel is supposed to mount devfs itself.
|
|
|
|
|
|
|
|
|
|
| |
remove all the code which was trying to do so.
This code was nasty in several ways, it was hiding
the kernel bug where the kernel was unable to properly
load a module, and it was quitting if it wasn't able
to load the module. The consequence is that an ABI
breakage of the vfsconf API would have broken *every*
mount utility.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Return EFTYPE instead of EINVAL for wrong locale file format.
Whitespaces.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
2) Move incomplete check for / in locale name from env section to
loadlocale(), add check for "." and ".." too.
It allows to check any argument, not env only.
3) Redesing LOAD_CATEGORY macro to eliminate code duplication.
4) Try harder in fallback code: if old locale can't be restored,
load "C" locale
5) White space formatting, long lines, etc.
|
|
|
|
| |
ANSI decl here. The old K&R one was copied from OpenBSD I think.
|
|
|
|
|
| |
(Only set this flag if the mapping has a corresponding pv list entry,
which this mapping doesn't.)
|
| |
|
| |
|
|
|
|
| |
vm_page_alloc(VM_ALLOC_WIRED).
|
|
|
|
|
| |
on x86 in between KERNBASE and the kernel load address. pmap_mapdev()
can return pointers to this for devices operating in the isa "hole".
|
|
|
|
|
|
|
|
|
| |
missed the pmap_kenter/kremove in this file, which leads to read()/write()
of /dev/mem using stale TLB entries. (gah!) Fortunately, mmap of /dev/mem
wasn't affected, so it wasn't as bad as it could have been. This throws
some light on the 'X server affects stability' thread....
Pointed out by: bde
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
cards. Since the firmware is hard coded into the kernel, I've made it
a kernel option (WI_SYMBOL_FIRMWARE).
Note: This only downloads into the RAM of these cards. It doesn't
download into FLASH, and is somewhat limited. There needs to be a
better way to deal, but this works for now. My Symbol LA4132 CF card
works now.
Obtained from: NetBSD
|
|
|
|
| |
yet.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
kernel access control.
Extensions to libc to provide basic MAC label manipulation facilities
for userland. These interface will be replaced in the next month
or two with more flexible interfaces, but provide sufficient support
to allow use of the Biba and MLS policies for user applications.
libc_r wrappers to follow.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
linker_load_module() instead.
This fixes a bug where the kernel was unable to properly locate and
load a kernel module in vfs_mount() (and probably in the netgraph
code as well since it was using the same function). This is because
the linker_load_file() does not properly search the module path.
Problem found by: peter
Reviewed by: peter
Thanks to: peter
|
|
|
|
|
|
|
|
|
|
| |
kernel access control.
When generating nd6 output on an interface, label the packet
appropriately.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
|
|
|
| |
case, also preserve the MAC label. Note that this mbuf allocation
is fairly non-optimal, but not my fault.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|
|
|
|
|
| |
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
|