rwatson [Tue, 29 Oct 2002 19:18:52 +0000 (19:18 +0000)]
Implement Biba policy entry points for mac_check_system_swapon()
and mac_check_system_sysctl(), providing additional integrity
protections relating to swap target device selection and system
management via sysctl(). Require Biba privilege for both; also
require that the target of swap operations be a high integrity
object, since swap data is high integrity.
julian [Tue, 29 Oct 2002 19:12:44 +0000 (19:12 +0000)]
Finally get around to committing Bill Paul's FEC netgraph nodes.
These are really only partly netgraph nodes as they do not use the
netgraph interfaces for many of the functions for which they could
be used, however they represent important functionality.
imp [Tue, 29 Oct 2002 19:02:19 +0000 (19:02 +0000)]
Don't take out the rl_mtx lock in the attach routine. The only way
we'd need it is if we're interrupted. So, register the interrupt last
in the attach routine.
fenner [Tue, 29 Oct 2002 16:46:13 +0000 (16:46 +0000)]
Renumber IPPROTO_DIVERT out of the range of valid IP protocol numbers.
This allows socket() to return an error when the kernel is not built
with IPDIVERT, and doesn't prevent future applications from using the
"borrowed" IP protocol number. The sysctl net.inet.raw.olddiverterror
controls whether opening a socket with the "borrowed" IP protocol
fails with an accompanying kernel printf; this code should last only a
couple of releases.
ru [Tue, 29 Oct 2002 15:51:37 +0000 (15:51 +0000)]
Index is unique for each PRINTERDEVICE.
Abuse .for so that the variable expansion works inside the N modifier.
This won't be a simple abuse with the next version of bsd.doc.mk
which will support multi-value PRINTERDEVICE.
murray [Tue, 29 Oct 2002 15:13:28 +0000 (15:13 +0000)]
Add scr2txt to the required list of doc ports for "make release". I
think this list of the bare minimal ports required should maybe be
moved to textproc/docproj/Makefile, so that when we add a new
dependency there, we can just add it to a required or optional list,
rather than add it there and forget about it here. ;)
ru [Tue, 29 Oct 2002 14:56:09 +0000 (14:56 +0000)]
bsd.doc.mk changes:
Don't gratuitously pipe thru a cat(1) if NODOCCOMPRESS.
Only create _stamp.extra when necessary.
Get rid of SOELIMPP and OBJS.
Use Groff version of soelim(1); we need its -I option
for the following to work.
Don't needlessly chdir to SRCDIR. Only a few documents
need CD_HACK, and those that need it either use refer(1)
or .PSPIC macro which internally uses the .psbb call.
obrien [Tue, 29 Oct 2002 12:17:43 +0000 (12:17 +0000)]
Fix `pkg_add -r' by backing out revs 1.34-1.38.
Revs 1.37-8 produce a bus error in some environments.
Revs 1.34-6 do not bus error, but write corrupted files.
semenu [Tue, 29 Oct 2002 01:03:44 +0000 (01:03 +0000)]
Fix winChkName() to match when the last slot contains nothing but the
terminating zero (it was treated as length missmatch). The mtools create
such slots if the name len is the product of 13 (max number of unicode
chars fitting in directory slot).
jmallett [Mon, 28 Oct 2002 23:33:57 +0000 (23:33 +0000)]
Split var.c into var.c and var_modify.c and move all the modification funcs
to var_modify.c, for readability. constify some low hanging fruit (string
manipulation functions) and the upper layers appropriately. No longer use
the private strstr(3) implementation, while changing string code.
rwatson [Mon, 28 Oct 2002 19:44:05 +0000 (19:44 +0000)]
Remove all reference to 'struct oldmac', since it's no longer required
with the new VFS/EA semantics in the MAC framework. Move the per-policy
structures out to per-policy include files, removing all policy-specific
defines and structures out of the base framework includes and
implementation, making mac_biba and mac_mls entirely self-contained.
rwatson [Mon, 28 Oct 2002 19:33:22 +0000 (19:33 +0000)]
Clarify style(9) WRT comments following #endif, #else.
The closing comment is required only for long conditionally defined
code sections, with the exception of lint cases. Attempt to document
also the logic for using '!' before the SOMETIMESSOMETHGINGHERE.
The goal of these comments is to make complex cases more
comprehensible, not to require them in all cases. The rules here are
derived from behavior used in 90+% of the kernel source code.
murray [Mon, 28 Oct 2002 08:34:48 +0000 (08:34 +0000)]
Move SCSI drivers to third floppy disk (drivers.flp) to give "make
release" a chance of finishing on the Alpha platform.
The actual split between drivers on disks 2 and 3 should be optimized
so that most users don't need the third disk, but for now, I'm just
trying to get it working.
tjr [Mon, 28 Oct 2002 08:24:46 +0000 (08:24 +0000)]
Handle boundary cases more correctly; mblen(s, 0) and mbtowc(NULL, s, 0)
return -1 regardless of what s points to, mbtowc(&w, s, 1) sets w to a
null wide character when s points to a null byte. This seems to be closer
to what most other implementations do, but the C99 standard contradicts
itself for these cases.
marcel [Mon, 28 Oct 2002 01:59:27 +0000 (01:59 +0000)]
Remove mf.a from sapic_read() and sapic_write(). We only care
about ordering and not acceptance. The removal of mf.a leaves
behind the mf that accompanied it.
marcel [Mon, 28 Oct 2002 01:00:57 +0000 (01:00 +0000)]
Remove mf.a (the acceptance form of the memory fence instruction)
from all low-level bus space support functions. There's no need
to actually force the read/write to be accepted by the platform
before we can do anything else. We still have the mf instruction
there, which forces ordering. This too is not required given the
semantices of the bus space I/O functions, but it's not at all
clear to me if there are any poorly written device drivers that
depend on the strict ordering by the processor. The motto here is
to take small steps...
marcel [Mon, 28 Oct 2002 00:50:39 +0000 (00:50 +0000)]
Make vmstat -i work:
o Properly set the pointer to the counter for each interrupt and
update the intrnames table.
o Remove Alpha cruft from intrcnt.h.
o Create INTRNAME_LEN as the single entity that defines the width
of the names in the intrnames table (incl. terminatinf '\0').
wollman [Mon, 28 Oct 2002 00:15:43 +0000 (00:15 +0000)]
Create a small library function, check_utility_compat(3), to determine
whether a named utility should behave in FreeBSD 4.x-compatible mode
or in a standard mode (default standard). The configuration is done
malloc(3)-style, with either an environment variable or a symlink.
iedowse [Sun, 27 Oct 2002 23:23:51 +0000 (23:23 +0000)]
Fix a case in kern_rename() where a vn_finished_write() call was
missed. This bug has been present since the vn_start_write() and
vn_finished_write() calls were first added in revision 1.159. When
the case is triggered, any attempts to create snapshots on the
filesystem will deadlock and also prevent further write activity
on that filesystem.
marcel [Sun, 27 Oct 2002 23:00:46 +0000 (23:00 +0000)]
In ipi_send(), perform a mf instruction prior to initiating the IPI.
This guarantees that loads and stores emitted before the fence are
made visible before the IPI becomes pended.
Remove the mf.a instruction after initiating the IPI. There's no
guarantee that the IPI becomes pended prior to subsequent reads or
writes. Even if there was a guarantee, it would mostly be without
any benefit.
wollman [Sun, 27 Oct 2002 18:09:49 +0000 (18:09 +0000)]
Implement the new 1003.1-2001 pathconf() keys, including the Advisory
Information option. Other filesystem implementations should do something
similar.
wollman [Sun, 27 Oct 2002 18:07:41 +0000 (18:07 +0000)]
Change the way support for asynchronous I/O is indicated to applications
to conform to 1003.1-2001. Make it possible for applications to actually
tell whether or not asynchronous I/O is supported.
Since FreeBSD's aio implementation works on all descriptor types, don't
call down into file or vnode ops when [f]pathconf() is asked about
_PC_ASYNC_IO; this avoids the need for every file and vnode op to know about
it.
wollman [Sun, 27 Oct 2002 18:03:02 +0000 (18:03 +0000)]
Update limits and configuration parameters for 1003.1/TC1/D6.
Implement new sysconf keys. Change the implenentation of
_SC_ASYNCHRONOUS_IO in preparation for the next set of changes.
Move some limits which had been in <sys/syslimits.h> to <limits.h> where
they belong. They had only ever been in syslimits.h to provide for the
kernel implementation of the CTL_USER MIB branch, which went away with
newsysctl years ago. (There is a #error in <sys/syslimits.h> which I
will downgrade in the next commit.)