summaryrefslogtreecommitdiffstats
path: root/sys
Commit message (Collapse)AuthorAgeFilesLines
* Renumber IPPROTO_DIVERT out of the range of valid IP protocol numbers.fenner2002-10-293-4/+19
| | | | | | | | | | | This allows socket() to return an error when the kernel is not built with IPDIVERT, and doesn't prevent future applications from using the "borrowed" IP protocol number. The sysctl net.inet.raw.olddiverterror controls whether opening a socket with the "borrowed" IP protocol fails with an accompanying kernel printf; this code should last only a couple of releases. Approved by: re
* The syscall names are string constants, so make them consts.dwmalone2002-10-292-3/+3
|
* Lower a priority of "session drop" messages.maxim2002-10-291-1/+1
| | | | | Requested by: Eugene Grosbein <eugen@kuzbass.ru> MFC after: 3 days
* Duh. #ifdef CTASSERT so we don't break user-land software.phk2002-10-291-0/+2
|
* Fix winChkName() to match when the last slot contains nothing but thesemenu2002-10-291-1/+8
| | | | | | | | terminating zero (it was treated as length missmatch). The mtools create such slots if the name len is the product of 13 (max number of unicode chars fitting in directory slot). MFC after: 1 week
* Remove unnecessary <sys/malloc.h> include.semenu2002-10-298-8/+0
| | | | | Submitted by: marius@alchemy.franken.de MFC after: 1 week
* Put a CTASSERT on the size of struct sun_disklabel.phk2002-10-281-0/+2
| | | | Sponsored by: DARPA & NAI Labs.
* Add the remaning part of the new libdisk interaction.phk2002-10-285-2/+79
| | | | | | | WARNING: This is not a published interface, it is a stopgap measure for WARNING: libdisk so we can get 5.0-R out of the door. Sponsored by: DARPA & NAI Labs
* Add support for the new libdisk interaction.phk2002-10-281-2/+15
| | | | Sponsored by: DARPA & NAI Labs.
* Trim extraneous #else and #endif MAC comments per style(9).rwatson2002-10-282-9/+9
|
* Correct a typo in a previously commented include entry that was maderwatson2002-10-281-1/+1
| | | | visible in the recent commit.
* Remove all reference to 'struct oldmac', since it's no longer requiredrwatson2002-10-284-98/+63
| | | | | | | | | | with the new VFS/EA semantics in the MAC framework. Move the per-policy structures out to per-policy include files, removing all policy-specific defines and structures out of the base framework includes and implementation, making mac_biba and mac_mls entirely self-contained. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Add a return type for mac_biba_high_single(), apparently lost in anrwatson2002-10-281-0/+1
| | | | earlier merge. It's a 'static int'.
* Rename mac_biba_subject_equal_ok() to mac_biba_subject_privileged()rwatson2002-10-281-6/+6
| | | | | | | to evolve the notion of Biba privilege a bit. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Zero the trusted_interface buffer before starting parsing.rwatson2002-10-281-0/+6
| | | | | | | | Print a warning if a requested interface name is longer than IFNAMSIZ. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* An inappropriate ASSERT slipped in during the recent merge of therwatson2002-10-289-18/+0
| | | | reboot checking; remove.
* Reduce namespace pollution to userland.scottl2002-10-281-0/+2
| | | | Spotted-by: bde
* Fix a bug in the cherry-picker kkey generator routine.phk2002-10-281-0/+1
| | | | | | | WARNING: You need to backup and restore the _unencrypted_ contents WARNING: of your GBDE disks when you take this update! Sponsored by: DARPA & NAI Labs.
* Add more compatibility junk.phk2002-10-282-11/+34
|
* Close a race window in kse_create(): signal delivered after SIGPENDING calldavidxu2002-10-282-8/+4
| | | | but before we call kse_link().
* Handle hints for the atspeaker device.mdodd2002-10-283-2/+52
| | | | Document same.
* Remove mf.a from sapic_read() and sapic_write(). We only caremarcel2002-10-281-3/+0
| | | | | about ordering and not acceptance. The removal of mf.a leaves behind the mf that accompanied it.
* Remove mf.a (the acceptance form of the memory fence instruction)marcel2002-10-281-12/+0
| | | | | | | | | | | from all low-level bus space support functions. There's no need to actually force the read/write to be accepted by the platform before we can do anything else. We still have the mf instruction there, which forces ordering. This too is not required given the semantices of the bus space I/O functions, but it's not at all clear to me if there are any poorly written device drivers that depend on the strict ordering by the processor. The motto here is to take small steps...
* Make vmstat -i work:marcel2002-10-284-54/+48
| | | | | | | | o Properly set the pointer to the counter for each interrupt and update the intrnames table. o Remove Alpha cruft from intrcnt.h. o Create INTRNAME_LEN as the single entity that defines the width of the names in the intrnames table (incl. terminatinf '\0').
* Fix a case in kern_rename() where a vn_finished_write() call wasiedowse2002-10-272-4/+4
| | | | | | | | missed. This bug has been present since the vn_start_write() and vn_finished_write() calls were first added in revision 1.159. When the case is triggered, any attempts to create snapshots on the filesystem will deadlock and also prevent further write activity on that filesystem.
* In ipi_send(), perform a mf instruction prior to initiating the IPI.marcel2002-10-271-1/+1
| | | | | | | | | This guarantees that loads and stores emitted before the fence are made visible before the IPI becomes pended. Remove the mf.a instruction after initiating the IPI. There's no guarantee that the IPI becomes pended prior to subsequent reads or writes. Even if there was a guarantee, it would mostly be without any benefit.
* Implement the new 1003.1-2001 pathconf() keys, including the Advisorywollman2002-10-271-11/+47
| | | | | | | Information option. Other filesystem implementations should do something similar. With advice from: mckusick, phk
* Change the way support for asynchronous I/O is indicated to applicationswollman2002-10-277-4/+44
| | | | | | | | | | to conform to 1003.1-2001. Make it possible for applications to actually tell whether or not asynchronous I/O is supported. Since FreeBSD's aio implementation works on all descriptor types, don't call down into file or vnode ops when [f]pathconf() is asked about _PC_ASYNC_IO; this avoids the need for every file and vnode op to know about it.
* As promised, downgrade the #error into a #warning.wollman2002-10-271-1/+1
|
* Update limits and configuration parameters for 1003.1/TC1/D6.wollman2002-10-272-10/+14
| | | | | | | | | | | Implement new sysconf keys. Change the implenentation of _SC_ASYNCHRONOUS_IO in preparation for the next set of changes. Move some limits which had been in <sys/syslimits.h> to <limits.h> where they belong. They had only ever been in syslimits.h to provide for the kernel implementation of the CTL_USER MIB branch, which went away with newsysctl years ago. (There is a #error in <sys/syslimits.h> which I will downgrade in the next commit.)
* Don peril sensitive sun glasses and change the default system call vectorjake2002-10-272-4/+37
| | | | | | | | | | | | | | | | | for sparc64 from trap #9 to trap #65. This is one of the ABI "blessed" system call vectors and is different from any other system that we might want to emulate, making the emulation easier by reducing the number of code paths that need to be shared. Compatibility with old applications is provided with COMPAT_FREEBSD4. Add defines for a few special traps that we may need to implement for compatibility with 32bit applications, and add comments on which vectors are used for what in other systems, and which are available. Pass magic flags to trap() for deprecated or unimplemented system call vectors so they will deliver SIGSYS instead of SIGILL. This piggy backs nicely with the recent sigaction(2) system call number change, and provided the rules are followed for upgrading past it, this change should not be noticed.
* Don't roll our own clean target, the default onemux2002-10-271-5/+0
| | | | works better.
* Centrally manage enforcement of {reboot,swapon,sysctl} using therwatson2002-10-279-117/+81
| | | | | | | mac_enforce_system toggle, rather than several separate toggles. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Fix a bunch of warnings on 64 bit platforms in themux2002-10-272-4/+5
| | | | CISS_DEBUG case by appropriately using %z and %j.
* - Comment a line which sets CISS_DEBUG by default.mux2002-10-271-1/+1
| | | | - Use -DCISS_DEBUG rather than -DCISS_DEBUG=0.
* Fix a warning when CISS_DEBUG is defined.mux2002-10-271-1/+1
|
* Don't truncate on large disks.phk2002-10-271-1/+6
|
* Implement mac_check_system_sysctl(), a MAC Framework entry point torwatson2002-10-2714-0/+277
| | | | | | | | | | | | | | | permit MAC policies to augment the security protections on sysctl() operations. This is not really a wonderful entry point, as we only have access to the MIB of the target sysctl entry, rather than the more useful entry name, but this is sufficient for policies like Biba that wish to use their notions of privilege or integrity to prevent inappropriate sysctl modification. Affects MAC kernels only. Since SYSCTL_LOCK isn't in sysctl.h, just kern_sysctl.c, we can't assert the SYSCTL subsystem lockin the MAC Framework. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Hook up mac_check_system_reboot(), a MAC Framework entry point thatrwatson2002-10-2714-3/+225
| | | | | | | | | permits MAC modules to augment system security decisions regarding the reboot() system call, if MAC is compiled into the kernel. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Merge from MAC tree: rename mac_check_vnode_swapon() torwatson2002-10-2714-171/+171
| | | | | | | | | | | mac_check_system_swapon(), to reflect the fact that the primary object of this change is the running kernel as a whole, rather than just the vnode. We'll drop additional checks of this class into the same check namespace, including reboot(), sysctl(), et al. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Make geom_mbr.c optional on PC98, use GEOM_MBR option to include it.phk2002-10-262-1/+6
| | | | | Disable check for supposedly magic "IPL1" string for PC98 labels, its thaumaturgical power is in doubt.
* Fix a style nit.mux2002-10-261-1/+1
|
* In VOP_LOOKUP, don't deny DELETE and RENAME operationsmux2002-10-261-1/+2
| | | | | when ISLASTCN is not set. The actual file which is being looked up may live in a different filesystem.
* Add a missing destroy_dev().mux2002-10-261-0/+2
|
* Allow deprecated or unimplemented system call vectors to deliver SIGSYS,jake2002-10-261-1/+1
| | | | as suggested by the sparc v9 ABI.
* Remove an unused macro.jake2002-10-261-6/+0
|
* MFi386: revisions 1.544 and 1.545.nyan2002-10-262-80/+640
|
* Slightly change the semantics of vnode labels for MAC: rather thanrwatson2002-10-2629-4824/+1254
| | | | | | | | | | | | | | | | | | | | | "refreshing" the label on the vnode before use, just get the label right from inception. For single-label file systems, set the label in the generic VFS getnewvnode() code; for multi-label file systems, leave the labeling up to the file system. With UFS1/2, this means reading the extended attribute during vfs_vget() as the inode is pulled off disk, rather than hitting the extended attributes frequently during operations later, improving performance. This also corrects sematics for shared vnode locks, which were not previously present in the system. This chances the cache coherrency properties WRT out-of-band access to label data, but in an acceptable form. With UFS1, there is a small race condition during automatic extended attribute start -- this is not present with UFS2, and occurs because EAs aren't available at vnode inception. We'll introduce a work around for this shortly. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
* Call bpf_mtap() on outgoing packets.tmm2002-10-261-3/+6
|
* Add COMPAT_FREEBSD4 here too. It has COMPAT_43 as well.peter2002-10-261-0/+1
|
OpenPOWER on IntegriCloud