summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | Do What I Mean when the user asks for random integers or characters.dds2006-11-062-8/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Up to now jot would fail to generate the last character in the range or skew the integer distribution in a way that would generate the numbers in the range's limits with half the probability of the rest. This modification fixes the program, rather than documenting the strange behavior, as suggested in docs/54879. Also, correctly specify the range of random(3). PR: docs/54879 MFC after: 2 weeks
* | Add stub entry point implementations of mpo_priv_check and mpo_priv_grant torwatson2006-11-061-0/+16
| | | | | | | | | | | | the mac_stub policy. Obtained from: TrustedBSD Project
* | Sweep kernel replacing suser(9) calls with priv(9) calls, assigningrwatson2006-11-06167-737/+1367
| | | | | | | | | | | | | | | | | | | | | | | | | | specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
* | Add a new priv(9) kernel interface for checking the availability ofrwatson2006-11-0613-92/+1065
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | privilege for threads and credentials. Unlike the existing suser(9) interface, priv(9) exposes a named privilege identifier to the privilege checking code, allowing more complex policies regarding the granting of privilege to be expressed. Two interfaces are provided, replacing the existing suser(9) interface: suser(td) -> priv_check(td, priv) suser_cred(cred, flags) -> priv_check_cred(cred, priv, flags) A comprehensive list of currently available kernel privileges may be found in priv.h. New privileges are easily added as required, but the comments on adding privileges found in priv.h and priv(9) should be read before doing so. The new privilege interface exposed sufficient information to the privilege checking routine that it will now be possible for jail to determine whether a particular privilege is granted in the check routine, rather than relying on hints from the calling context via the SUSER_ALLOWJAIL flag. For now, the flag is maintained, but a new jail check function, prison_priv_check(), is exposed from kern_jail.c and used by the privilege check routine to determine if the privilege is permitted in jail. As a result, a centralized list of privileges permitted in jail is now present in kern_jail.c. The MAC Framework is now also able to instrument privilege checks, both to deny privileges otherwise granted (mac_priv_check()), and to grant privileges otherwise denied (mac_priv_grant()), permitting MAC Policy modules to implement privilege models, as well as control a much broader range of system behavior in order to constrain processes running with root privilege. The suser() and suser_cred() functions remain implemented, now in terms of priv_check() and the PRIV_ROOT privilege, for use during the transition and possibly continuing use by third party kernel modules that have not been updated. The PRIV_DRIVER privilege exists to allow device drivers to check privilege without adopting a more specific privilege identifier. This change does not modify the actual security policy, rather, it modifies the interface for privilege checks so changes to the security policy become more feasible. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
* | Added PCI ID's for:rink2006-11-061-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | - 0x1065: Intel 82562ET/EZ/GT/GZ PRO/100 VE Ethernet [1], as found on Tyan GS14 barebones. - 0x1094: Intel Pro/100 946GZ (ICH7) Network Connection [2], as found on Intel 946GZis motherboards. [1] Submitted by: myself [2] Submitted by: Mike Tancsa <mike@sentex.net> Reviewed by: imp (mentor), jfv Approved by: imp (mentor) MFC after: 3 days
* | Prevent freeing wild pointer when bailing out.takawata2006-11-061-1/+2
| |
* | Set up the context for the dbbe_trace callback in the ddb. Otherwise,kib2006-11-061-1/+14
| | | | | | | | | | | | trap caused by backtracing would lead to panic. Noted and reviewed by: bde
* | Avoid negative array indices: an empty string can also be useddds2006-11-062-2/+3
| | | | | | | | to specify a default value.
* | See also arc4randomdds2006-11-061-0/+1
| | | | | | | | | | PR: docs/54879 MFC after: 2 weeks
* | Restore jot's ability to use a seed for producing a deterministicdds2006-11-062-7/+18
| | | | | | | | | | | | | | | | | | sequence of random numbers. This functionality was lost in revision 1.9 when the random number generator was switched to arc4random. PR: docs/54879 MFC after: 2 weeks
* | Replace obscure aliases through pointers with plain variables.dds2006-11-061-11/+8
| | | | | | | | MFC after: 2 weeks
* | Regress.out is now regress.x.out.dds2006-11-061-1/+0
| |
* | Merge code in common cases.dds2006-11-061-29/+6
| | | | | | | | | | Verified by: New regression tests in tools/regression/usr.bin/jot MFC after: 2 weeks
* | Test the handling of supplied and default parameters.dds2006-11-0629-2/+1692
| |
* | Replace opaque numeric bit flag values with #defined identifiers.dds2006-11-061-29/+38
| | | | | | | | | | | | | | While there, add some missing FALLTHROUGH comments. Verified with: cmp(1) on the executable MFC after: 2 weeks
* | Remove gratuitous white space change.obrien2006-11-061-12/+5
| |
* | Allow one to force with issue with 'TARGET_BIG_ENDIAN'.obrien2006-11-061-2/+2
| |
* | Switch default proto to TCP.obrien2006-11-061-1/+1
| |
* | Eliminate documentation references to a non-existent function.kientzle2006-11-062-2/+0
| |
* | Computing SHLIB_MAJOR is not a good idea. It's really a FreeBSDkientzle2006-11-061-6/+3
| | | | | | | | | | | | system value that has no real relation to the libarchive version. (Except, of course, that any ABI breakage will force both to be incremented.)
* | Remove an unused declaration.kientzle2006-11-061-2/+0
| |
* | Change the type of ar_arg_sockaddr from struct sockaddr to structcsjp2006-11-062-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | sockaddr_storage. This structure is defined in RFC 2553 and is a more semantically correct structure for holding IP and IP6 sockaddr information. struct sockaddr is not big enough to hold all the required information for IP6, resulting in truncated addresses et al when auditing IP6 sockaddr information. We also need to assume that the sa->sa_len has been validated before the call to audit_arg_sockaddr() is made, otherwise it could result in a buffer overflow. This is being done to accommodate auditing of network related arguments (like connect, bind et al) that will be added soon. Discussed with: rwatson Obtained from: TrustedBSD Project MFC after: 2 weeks
* | Major rework of the ia64 loaders. The two primary objectives are:marcel2006-11-0539-2798/+1269
| | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. Make libefi portable by removing ia64 specific code and build it on i386 and amd64 by default to prevent regressions. These changes include fixes and improvements over previous code to establish or improve APIs where none existed or when the amount of kluging was unacceptably high. 2. Increase the amount of sharing between the efi and ski loaders to improve maintainability of the loaders and simplify making changes to the loader-kernel handshaking in the future. The version of the efi and ski loaders are now both changed to 1.2 as user visible improvements and changes have been made.
* | Forced commit to document that the following repo copy has beenmarcel2006-11-050-0/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | performed: from: src/sys/boot/efi/libefi/bootinfo.c to: src/sys/boot/ia64/common/bootinfo.c from: src/sys/boot/efi/libefi/copy.c to: src/sys/boot/ia64/common/copy.c from: src/sys/boot/efi/libefi/devicename.c to: src/sys/boot/ia64/common/devicename.c from: src/sys/boot/efi/libefi/elf_freebsd.c to: src/sys/boot/ia64/common/exec.c ncvs meister: simon (thanks!)
* | - I forgot to bump a date.danger2006-11-051-1/+1
| | | | | | | | Approved by: keramida (mentor), trhodes (mentor) (implicit)
* | - capitalize the first letter of the first word in the sentencedanger2006-11-051-1/+1
| | | | | | | | Approved by: trhodes (mentor), keramida (mentor)
* | - add some files to FILES section and provide their descriptiondanger2006-11-051-0/+16
| | | | | | | | | | | | | | | | - reference devfs.conf and devfs.rules in SEE ALSO section Approved by: keramida (mentor), trhodes (mentor) PR: docs/103347 MFC-after: 3 days
* | Fix a typo: "the give login class" to "the given login class."trhodes2006-11-051-1/+1
| | | | | | | | | | PR: 75577 Submitted by: Nobuyuki Koganemaru
* | Add regression tests for PR 105078.stefanf2006-11-059-0/+19
| |
* | When parsing an invalid parameter expansion (eg. ${} or ${foo@bar}) do notstefanf2006-11-053-9/+25
| | | | | | | | | | | | | | | | | | | | | | issue a syntax error immediately but save the information that it is erroneous for later when the parameter expansion is actually done. This means eg. "false && ${}" will not generate an error which seems to be required by POSIX. Include the invalid parameter expansion in the error message (sometimes abbreviated with ... because recovering it would require a lot of code). PR: 105078 Submitted by: emaste
* | Fix possible leak when bridge is in monitor mode. Use m_freem() which willcsjp2006-11-051-1/+1
| | | | | | | | | | | | | | | | free the entire chain, instead of using m_free() which will free just the mbuf that was passed. Discussed with: thompsa MFC after: 3 days
* | o Add NetBSD 3.0.2 and NetBSD 3.1.maxim2006-11-051-8/+12
| |
* | Change one more ARM_BIG_ENDIAN to TARGET_BIG_ENDIAN.cognet2006-11-051-1/+1
| |
* | Sync up with rhyolite routed 2.31 which fixes the handling of varargs.trhodes2006-11-051-12/+15
| | | | | | | | | | | | | | Remove -p from usage, it's gone completely now. PR: 83387 Submited by: arved
* | Revert previous commit, and instead make the expression in rev. 1.2ru2006-11-051-1/+1
| | | | | | | | | | | | match the style of this file. OK'ed by: rrs
* | Tons of fixes to get all the 64bit issues removed.rrs2006-11-0511-73/+91
| | | | | | | | | | | | | | | | | | This also moves two 16 bit int's to become 32 bit values so we do not have to use atomic_add_16. Most of the changes are %p, casts and other various nasty's that were in the orignal code base. With this commit my machine will now do a build universe.. however I as yet have not tested on a 64bit machine .. it may not work :-(
* | o Document ServeRAID 7x support.maxim2006-11-051-1/+3
| | | | | | | | | | Submitted by: Andrey V. Elsukov MFC after: 3 days
* | Create a bidirectional mapping of the DOS 'read only' attributebp2006-11-053-2/+20
| | | | | | | | | | | | | | | | to the 'w' flag. PR: kern/77958 Submitted by: ghozzy gmail com MFC after: 1 month
* | It seems to be safe to ignore 'file not locked' errorbp2006-11-051-0/+2
| | | | | | | | | | | | from server. This effectively suppresses 'Unmapped error 1:158'. MFC after: 1 month
* | The rune interface was removed by tjr over two years ago.trhodes2006-11-051-0/+11
| |
* | When the source and destination objects for VOP_RENAME() are the same,pjd2006-11-041-27/+6
| | | | | | | | | | | | POSIX advice to just ignore the operation and return 0. We already handle this case in kern_rename(), but don't give bad example - the source is not removed.
* | VOP_REMOVE() doesn't unlock vnodes nor decrease reference counts.pjd2006-11-041-10/+0
| |
* | Typo, 'from' vnode is locked here, not 'to' vnode.pjd2006-11-041-1/+1
| |
* | Remove the KDTRACE option again because of the complaints about havingjb2006-11-047-21/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | it as a default. For the record, the KDTRACE option caused _no_ additional source files to be compiled in; certainly no CDDL source files. All it did was to allow existing BSD licensed kernel files to include one or more CDDL header files. By removing this from DEFAULTS, the onus is on a kernel builder to add the option to the kernel config, possibly by including GENERIC and customising from there. It means that DTrace won't be a feature available in FreeBSD by default, which is the way I intended it to be. Without this option, you can't load the dtrace module (which contains the dtrace device and the DTrace framework). This is equivalent to requiring an option in a kernel config before you can load the linux emulation module, for example. I think it is a mistake to have DTrace ported to FreeBSD, but not to have it available to everyone, all the time. The only exception to this is the companies which distribute systems with FreeBSD embedded. Those companies will customise their systems anyway. The KDTRACE option was intended for them, and only them.
* | Currently, we initialize "error" to zero when it's declared, thencsjp2006-11-041-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | we never initialize it to anything else. However, in the case that m_uiotombuf fails, we return error (effectively reporting success). This appears to be a relic of an older revision of this file, where "error" used to be doing something useful. (See revision 1.1, where error is used in a loop with uiomove() instead of using m_uiotomubf). So instead on unconditionally reporting success in the case there is a failure in m_uiotombuf, explicitly return ENOBUFS. While we are here, garbage collect the error variable since it's no longer required. MFC after: 2 weeks
* | When the packet is for the bridge then note which interface to send the replythompsa2006-11-041-0/+5
| | | | | | | | | | | | | | | | | | | | | | to, previously it was always broadcast to all interfaces (a bug). This is useful when the bridge is the default gateway and vlans are used to isolate each client, the reply is now kept private to the vlan which the client resides. Reported by: Jon Otterholm Tested by: Jon Otterholm MFC after: 3 days
* | Xref pthread_condattr.3, pthread_attr.3, and pthread_mutexattr.3.trhodes2006-11-043-3/+6
| | | | | | | | | | PR: 60679 Submitted by: roam (with minor modifications)
* | Document return values for res_query and res_search.lawrance2006-11-042-3/+17
| | | | | | | | | | | | | | | | | | h_errno is not an extern int, just a macro providing an integer lvalue. PR: doc/50573 Submitted by: Ronald F.Guilmette <rfg@monkeys.com> Reviewed by: trhodes MFC after: 3 days
* | - clock_gettime is in time.h instead of sys/time.hdanger2006-11-041-3/+3
| | | | | | | | | | | | Approved by: trhodes (mentor), keramida (mentor) PR: docs/104707 MFC-after: 3 days
* | Fix pointer arithmetic to be 64-bit friendly.ru2006-11-041-1/+1
| |
OpenPOWER on IntegriCloud