summaryrefslogtreecommitdiffstats
path: root/sys/kern/kern_environment.c
Commit message (Collapse)AuthorAgeFilesLines
* Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERICrwatson2009-06-051-2/+0
| | | | | | | | and used in a large number of files, but also because an increasing number of incorrect uses of MAC calls were sneaking in due to copy-and-paste of MAC-aware code without the associated opt_mac.h include. Discussed with: pjd
* Correctly sanity-check timer IDs. [SA-09:06]cperciva2009-03-231-3/+7
| | | | | | | | | | Limit the size of malloced buffer when dumping environment variables. [EN-09:01] Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-09:06.ktimer Errata: FreeBSD-EN-09:01.kenv
* Implement the following macros for completeness:pjd2008-07-211-0/+8
| | | | | | | | | SYSCTL_QUAD() SYSCTL_ADD_QUAD() TUNABLE_QUAD() TUNABLE_QUAD_FETCH() Now we can use 64bit tunables on 32bit systems.
* Merge first in a series of TrustedBSD MAC Framework KPI changesrwatson2007-10-241-4/+4
| | | | | | | | | | | | | | | | | | | | | | | from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
* I don't know what I was smoking when I wrote these three years ago; thedes2007-10-131-4/+19
| | | | | | return value is an error code, hence always an int. While I'm here, add getenv_uint() for completeness.
* Further system call comment cleanup:rwatson2007-03-051-2/+1
| | | | | | | | | | - Remove also "MP SAFE" after prior "MPSAFE" pass. (suggested by bde) - Remove extra blank lines in some cases. - Add extra blank lines in some cases. - Remove no-op comments consisting solely of the function name, the word "syscall", or the system call name. - Add punctuation. - Re-wrap some comments.
* Sweep kernel replacing suser(9) calls with priv(9) calls, assigningrwatson2006-11-061-3/+11
| | | | | | | | | | | | | specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
* Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.hrwatson2006-10-221-1/+2
| | | | | | | | | | | | | begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now contains the userspace and user<->kernel API and definitions, with all in-kernel interfaces moved to mac_framework.h, which is now included across most of the kernel instead. This change is the first step in a larger cleanup and sweep of MAC Framework interfaces in the kernel, and will not be MFC'd. Obtained from: TrustedBSD Project Sponsored by: SPARTA
* Use a sleep mutex instead of an sx lock for the kernel environment. Thisscottl2006-07-091-24/+26
| | | | | | allows greater flexibility for drivers that want to query the environment. Reviewed by: jhb, mux
* Fix memory leak introduced in previous revision.netchild2006-03-151-3/+3
| | | | Discussed with: phk
* Ignore kenv strings which overflow the room we have, rather than pretendphk2006-03-091-1/+6
| | | | we have room for them.
* Reorder statements to avoid accessing unknown memory.davidxu2005-09-261-2/+2
| | | | | In theory, invoking kenv with very long string can panic kernel.
* Add bounds checking to the setenv part of the kernel environment.netchild2005-07-311-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | This has no security implications since only root is allowed to use kenv(1) (and corrupt the kernel memory after adding too much variables previous to this commit). This is based upon the PR [1] mentioned below, but extended to check both bounds (in case of an overflow of the counting variable) and to comply to the style of the function. An overflow of the counting variable shouldn't happen after adding the check for the upper bound, but better safe than sorry (in case some other function in the kernel overwrites random memory). An interested soul may want to add a printf to notify root in case the bounds are hit. Also allocate KENV_SIZE+1 entries (the array is NULL-terminated), since the comment for KENV_SIZE says it's the maximum number of environment strings. [2] PR: 83687 [1] Submitted by: Harry Coin <harrycoin@qconline.com> [1] Submitted by: Ariff Abdullah <skywizard@MyBSD.org.my> [2]
* My addled brains didn't realize that since vtp points into value, wedes2005-03-091-2/+5
| | | | | | can't freeenv(value) before we're done inspecting vtp[0]. Tested by: Anish Mistry <mistry.7@osu.edu>
* Teach getenv_quad() to recognize k/m/g/t suffixes in both lower- anddes2005-03-051-3/+15
| | | | upper-case. This means (almost) all tunables now support those suffixes.
* Make a bunch of malloc types static.phk2005-02-101-1/+1
| | | | Found by: src/tools/tools/kernxref
* Retire TUNABLE_QUAD_*.des2004-11-081-8/+0
|
* Add TUNABLE_LONG and TUNABLE_ULONG, and use the latter for thedes2004-10-311-0/+46
| | | | | | | hw.pci.host_mem_start tunable. Add comments to TUNABLE_INT and TUNABLE_QUAD recommending against their use. MFC after: 3 weeks
* If the buffer supplied to kenv(KENV_DUMP, ...) isn't big enough,das2004-04-281-21/+18
| | | | | return the number of bytes needed instead of 0. The manpage claims that we do this anyway.
* Use __FBSDID().obrien2003-06-111-2/+3
|
* Back out M_* changes, per decision of the TRB.imp2003-02-191-6/+6
| | | | Approved by: trb
* Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0.alfred2003-01-211-6/+6
| | | | Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
* remove syscallarg().alfred2002-12-141-4/+4
| | | | Suggested by: peter
* SCARGS removal take II.alfred2002-12-141-14/+14
|
* Backout removal SCARGS, the code freeze is only "selectively" over.alfred2002-12-131-14/+14
|
* Remove SCARGS.alfred2002-12-131-14/+14
| | | | Reviewed by: md5
* Add MAC checks for various kenv() operations: dump, get, set, unset,rwatson2002-11-011-1/+23
| | | | | | | permitting MAC policies to limit access to the kernel environment. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Use strlcpy() instead of strncpy() to copy NUL terminated stringsrobert2002-10-171-2/+1
| | | | for safety and consistency.
* Cosmetic tweaks. Try and keep the style more consistent, catch some straypeter2002-05-011-42/+41
| | | | whitespace and update a comment.
* Fixed some longstanding bugs in _getenv_static():bde2002-04-251-3/+4
| | | | | | | | | | | | | - malformed environment strings (ones without an '=') were not rejected. There shouldn't be any of these, but when the static environment is empty it always begins with one of these; this one should be considered as the terminator after the end of the environment, but it isn't. - the comparison of the name being looked up with the name in the environment was fuzzy -- only the characters up to the length of the latter were compared, so _getenv_static("foobar") matched "foo=..." in the environment and everything matched "" in the empty environment. MFC after: 3 days
* Avoid calling malloc() or free() while holding themux2002-04-171-13/+26
| | | | | | kenv lock. Reviewed by: jake
* Rework the kernel environment subsystem. We now convert the staticmux2002-04-171-59/+308
| | | | | | | | | | | | | | | | | environment needed at boot time to a dynamic subsystem when VM is up. The dynamic kernel environment is protected by an sx lock. This adds some new functions to manipulate the kernel environment : freeenv(), setenv(), unsetenv() and testenv(). freeenv() has to be called after every getenv() when you have finished using the string. testenv() only tests if an environment variable is present, and doesn't require a freeenv() call. setenv() and unsetenv() are self explanatory. The kenv(2) syscall exports these new functionalities to userland, mainly for kenv(1). Reviewed by: peter
* Fix an inverted test csae. Success of getenv() is determined by a returnjhb2001-10-251-1/+1
| | | | | | | value of !NUL rather than NUL. Submitted by: luigi Pointy hat to: jhb
* - Change getenv_quad() to return an int instead of a quad_t since itjhb2001-10-231-1/+21
| | | | | | returns an success/failure code rather than the actual value. - Add getenv_string() which copies a string from the environment to another string and returns true on success.
* Make MAXTSIZ, DFLDSIZ, MAXDSIZ, DFLSSIZ, MAXSSIZ, SGROWSIZ loaderps2001-10-101-0/+8
| | | | | | | tunable. Reviewed by: peter MFC after: 2 weeks
* Add a pointer to kenv(1).peter2001-09-211-0/+3
|
* Revert last commit. The same functionality can be obtained through thejlemon2001-09-211-26/+27
| | | | 'kenv' command, which I obviously was unaware of.
* Add a sysctl MIB 'kern.env', that dumps the contents of the kerneljlemon2001-09-201-27/+26
| | | | | environment from the loader, as well as the kernel's compiled in static hints.
* Fix some warnings in kern_environment.c. Make the getenv*() familypeter2001-06-151-3/+3
| | | | | | take a const 'name', since they dont modify anything. 159: warning: passing arg 1 of `getenv_int' discards qualifiers... 167: warning: passing arg 1 of `getenv' discards qualifiers from pointer..
* "Fix" the previous initial attempt at fixing TUNABLE_INT(). This timepeter2001-06-081-0/+15
| | | | | | | around, use a common function for looking up and extracting the tunables from the kernel environment. This saves duplicating the same function over and over again. This way typically has an overhead of 8 bytes + the path string, versus about 26 bytes + the path string.
* Previous commit changing SYSCTL_HANDLER_ARGS violated KNF.phk2000-07-041-1/+1
| | | | Pointed out by: bde
* Style police catches up with rev 1.26 of src/sys/sys/sysctl.h:phk2000-07-031-1/+1
| | | | | | | | Sanitize SYSCTL_HANDLER_ARGS so that simplistic tools can grog our sources: -sysctl_vm_zone SYSCTL_HANDLER_ARGS +sysctl_vm_zone (SYSCTL_HANDLER_ARGS)
* Change the prototype of the strto* routines to make the secondarchie1999-11-241-2/+3
| | | | | | | | | | | parameter a char ** instead of a const char **. This make these kernel routines consistent with the corresponding libc userland routines. Which is actually 'correct' is debatable, but consistency and following the spec was deemed more important in this case. Reviewed by (in concept): phk, bde
* add in actual getenv_quad functionmjacob1999-11-071-1/+17
|
* Trim unused options (or #ifdef for undoc options).peter1999-10-111-1/+0
| | | | Submitted by: phk
* $Id$ -> $FreeBSD$peter1999-08-281-1/+1
|
* Fix warnings related to -Wall -Wcast-qualdillon1999-01-281-2/+2
|
* Fix getenv() comparison against '=' ... was *cp = '=' instead ofdillon1999-01-271-2/+2
| | | | *cp == '='.
* Add getenv_int(), specifically for retrieving integer values from kernelmsmith1999-01-151-1/+20
| | | | | environment variables. This makes it easy to pass tuning parameters in from the bootloader.
* Don't try to initialise the environment out of a sysinit, it's handledmsmith1998-10-091-10/+1
| | | | in MD code instead.
OpenPOWER on IntegriCloud