Hook audit into the OpenSSH build, this results in audit records being
submitted for successful/failed logins, as well as having OpenSSH set
the audit context for a user when they login.
MFC: Fix for a bug that causes the computation of "len" in tcp_output() to
get messed up, resulting in an inconsistency between the TCP state
and so_snd.
MFC: Fixes an edge case bug in timewait handling where ticks rolling over causing
the timewait expiry to be exactly 0 corrupts the timewait queues (and that entry).
MFC performance improvements when skipping entry bodies.
In particular, this speeds up listing contents or extracting
single files from uncompressed archives read from slow, seekable
media (e.g., slow disk drives).
Thanks to: Benjamin Lutz for doing the heavy lifting,
critical bugfix from Chris Spiegel
Axe Giant from vn_fullpath(9). The vnode -> pathname lookup should be
filesystem agnostic. We are not touching any file system specific functions
in this code path. Since we have a cache lock, there is really no need to
keep Giant around here.
This eliminates Giant acquisitions for any syscall which is auditing pathnames.
marius [Mon, 4 Sep 2006 18:28:32 +0000 (18:28 +0000)]
MFC: 1.33
Do as the USII CPU manual suggests and leave interrupts enabled
for a bit before retrying to resend an IPI in order to avoid
deadlocks if the other CPU is also trying to send one.
MFC: v1.98
spell unlock correctly, this is relatively minor as it's rare someone would
provide a lock method, and want the default unlock, but it is a bug...
- Allow to use fast_ipsec(4) on debug.mpsafenet=0 and INVARIANTS-enabled
systems. Without the change it will panic on assertions.
- Update the code after opencrypto changes.
While checking for update of snapshot file in the ffs_copyonwrite,
first filter out metadata update. Otherwise, devfs vnode could be
erronously interpreted as ufs one, causing further check of i_flags
to use random memory.
PR: kern/100365
Debugged and fix described by: tegge
Approved by: pjd (mentor)
Don't expect that 'device random' will compile in those files into the
kernel for us. If random is compiled as kernel module, geom_bde.ko cannot
be loaded.
- Don't use f-word in comments. We are gentlemans.
Pointed out by: Maciej Sobczak
- Commit the results of the typo hunt by Darren Pilgrim.
This change affects documentation and comments only,
no real code involved.
PR: misc/101245
Submitted by: Darren Pilgrim <darren pilgrim bitfreak org>
Tested by: md5(1)
Commit to HEAD by: yar
- Not only a request from us can be passed to g_{mirror,raid3}_worker()
function, but also a request to us, in which case checking bio_cflags
is wrong, because the class above us is controling it, not we.
- Use suser_cred(9) instead of directly checking cr_uid.
- Change the order of conditions to first verify that we actually need
to check for privileges and then eventually check them.
- Use suser_cred(9) instead of directly checking cr_uid.
- Change the order of conditions to first verify that we actually need
to check for privileges and then eventually check them.
Add a bandaid to avoid a deadlock in a situation, when we are trying to suspend
a file system, but need to obtain a vnode. We may not be able to do it, because
all vnodes could be already in use and other processes cannot release them,
because they are waiting in "suspfs" state.
In such situation, we allow to allocate a vnode anyway.
This is a temporary fix - there is no backpressure to free vnodes allocated in
those circumstances.
- Use SLIST_FOREACH_SAFE() macro, because knote_drop() can free an element
which can be then used to find next element in the list.
- Remove confusing done_noglobal label. The KQ_GLOBAL_UNLOCK() macro know
how to handle both situations - when kq_global lock is and is not held.
- Don't forget to unlock kq lock in low memory situations.
marius [Sun, 3 Sep 2006 18:16:45 +0000 (18:16 +0000)]
Restore the expected and documented pre rev. 1.36 behavior of
giving preference to pcn(4). Take precedence over le(4) though,
as le(4) isn't meant to supersede lnc(4) in this branch (yet).
/etc/crontab is similar enough to parse as correct if you run
"crontab /etc/crontab", but not the same format due to the who field.
Add some limited anti-foot-shooting support and refuse to load
/etc/crontab as someone's crontab. Users wishing shoot their foot in
this manner may copy /etc/crontab elsewhere. :)
marius [Sun, 3 Sep 2006 17:11:27 +0000 (17:11 +0000)]
- Add a deprecation note since this driver was replaced by le(4)
in HEAD. [1]
- Remove Digital DEPCA from the list of supported hardware; DEPCA
cards use shared memory for the buffers and descriptors but the
current ISA front-end of lnc(4) only knows about adapters that
use DMA instead (lnc(4) did support DEPCA in the past though).
In rev. 1.2 we have introduced a fallback handler for files with unknown
extensions. This seems to be unnecessary and prevents less(1) from being
able to detect file changes, so remove the part.
Submitted by: Eric Huss <e-huss netmeridian com>
PR: bin/102624
Discussed with: des
Merge kern_exec.c:1.293,1.295, kern_acct.c:1.82, vfs_mount.c:1.227 from
HEAD to RELENG_6:
In execve(), audit the path name being executed. In the future, it
would also be good to audit the interpreter pathname, if any.
Audit the argv and env vectors passed in on exec:
Add the argument auditing functions for argv and env.
Add kernel-specific versions of the tokenizer functions for the
arg and env represented as a char array.
Implement the AUDIT_ARGV and AUDIT_ARGE audit policy commands to
enable/disable argv/env auditing.
Call the argument auditing from the exec system calls.
Audit path passed to the acct() system call.
Audit some arguments to nmount(), mount(), umount().
Merge BSD.include.dist:1.106, include/Makefile:1.258 from HEAD to
RELENG_6:
Do install sys/security/audit include files. It would be nice just
to install audit_ioctl.h, but we seem only to support installing
directories, so we get them all. The two not intended for extra-
kernel use have !_KERNEL #error's, which should help.
In kern_fhstatfs(), drop Giant if the prison visibility check fails.
This corrects the same bug found by Todd Miller and corrected as part of
a larger set of Giant changes in vfs_syscalls.c:1.412 in HEAD by jeff.
Pointed out by: Alex Lyashkov <umka at sevcity dot net>
MFC the mac_associate_nfsd_label entry point, only replace one of the
mac_policy_ops stub elements to ensure that we dont break compatability
with existing MAC modules.
date: 2006/01/28 19:24:39; author: csjp; state: Exp; lines: +1 -1
Manage the ucred for the NFS server using the crget/crfree API defined in
kern_prot.c. This API handles reference counting among many other things.
Notably, if MAC is compiled into the kernel, it will properly initialize the
MAC labels when the ucred is allocated.
This work is in preparation for a new MAC entry point which will be responsible
for properly initializing policy specific labels for the NFS server credential.
Utilization of the crfree/crget APIs reduce the complexity associated with
this label's management.
Submitted by: green (with changes) [1]
Obtained from: TrustedBSD Project
Discussed with: rwatson, alfred
[1] I moved the ucred allocation outside the scope of the NFS server lock to
prevent M_WAIKOK allocations from occurring with non-sleep-able locks held.
Additionally, to reduce complexity, the ucred persist as long as the NFS
server descriptor.
marius [Sat, 2 Sep 2006 21:07:50 +0000 (21:07 +0000)]
MFC: 1.2, 1.3, 1.4
- Use full name of the Sun PGX64 cards and add the Sun part number
in order to simplify matters for people who are looking for a video
card supported by FreeBSD/sparc64.
- Add Sun PGX to the list of known working cards.
- s/UltraSparc/UltraSPARC/
- Add info about the requirement of OFW support.
marius [Sat, 2 Sep 2006 20:41:46 +0000 (20:41 +0000)]
MFC: 1.170 (partial)
- Improve the description of gem(4); the Sun chips it supports are
termed ERI and GEM rather than GMAC.
- Bring the description of le(4) in line with the current le(4); it
was still refering to the old i386 ISA-only le(4) which was nuked
along with ISA_COMPAT while HEAD was FreeBSD 5.
- Add an entry for hme(4).
marius [Sat, 2 Sep 2006 20:31:55 +0000 (20:31 +0000)]
MFC: 1.5, 1.6
- s/gigabit/Gigabit/
- Talk about supported chips rather than supported cards as the majority
of the hardware supported by gem(4) is on-board.
- "the .Nm driver"
- Sort the list of supported chips alphabetically.
- Sun GEM aren't used on-board though, so don't claim they'd be.
- Add a CAVEATS section informing that Sun GEM cards aren't supported
so far.
- Add the usual info about loading as module on startup to the SYNOPSIS.
Merge vfs_lookup.c:187, namei.h:1.48 from HEAD to RELENG_6:
Add AUDITVNODE[12] flags to namei(), which cause namei() to audit path
and vnode attribute information for looked up vnodes during the lookup
operation. This will allow consumers of namei() to specify that this
information be added to the in-process audit record.
sam [Sat, 2 Sep 2006 17:09:26 +0000 (17:09 +0000)]
MFC: statistics fixups:
o change rssi to be signed in ieee80211_nodestats
o add noise floor in ieee80211_nodestats (use an implicit hole to
preserve layout); return it as zero until we can update the api's
so the driver can provide noise floor data
o add a bandaid so IEEE80211_IOC_STA_STATS works for sta mode; when
all nodes are in the station table this will no longer be needed
o fix braino in IEEE80211_IOC_STA_INFO implementation; was supposed
to take a mac address and return info for that sta or all stations
if ff:ff:ff:ff:ff was supplied--but somehow this didn't get implemented;
implement the intended semantics and leave a compat shim at the old
ioctl number for the previous api
Note this changes the api for IEEE80211_IOC_STA_INFO but old binaries
will continue to work. FreeBSD_version bumped so apps can track the
change (no such applications are known to exist but just in case).
Merge audit/Makefile:1.1, auditd/Makefile:1.1, auditreduce/Makefile:1.1,
praudit/Makefile:1.1, and usr.sbin/Makefile:1.342,1.343,1.345 from HEAD
to RELENG_6:
sos [Sat, 2 Sep 2006 17:01:32 +0000 (17:01 +0000)]
MFC: Sync with -current.
Dont poll for ATA_IDLE on a detached channel in suspend.
Add support for the Serverworks HT1000 chip.
Finally fix support for the newer MCP51/MCP55 nVidia chipsets.
Add support for the ICH8 and ESB2 chips, also add a few other missing ICH7 partsUpdate JMicron support to also work with chips where the PATA and SATA
parts are on individual PCI functions.
Add support for VIA 8237A.
Add support for AHCI on the VIA VT8251.
Dont call free on non-alloc'd items.