Tighten up the random seeding a little bit more. getpid() alone only
affect only lower bits of seed which would resulte in the same seed for
sequences of fast-started awk's resulting the same random sequence.
Bring Gawk back. There just isn't any other POSIX compliant AWK out there.
The biggest thing missing from Bell-Labs AWK is the character class regexes.
Bring Gawk back. There just isn't any other POSIX compliant AWK out there.
The biggest thing missing from Bell-Labs AWK is the character class regexes.
I'd put down $10 says the author did a last minute tweak to awkgram.y (which
had an error in it), and applied it by hand to awkgram.c (getting it right)
rather than really generating an new awkgram.c properly using Bison/YACC...
Fix his mistake here.
We use the stock version of this file now, but since someone foolishly
took about 15 files off the vendor branch for what turned out to be
good reason a Gawk update takes an order of magnitude more effort than
it should...
Warner Losh [Fri, 2 Nov 2001 21:50:15 +0000 (21:50 +0000)]
Arrgh. A clean pc98 build failed due to bogons on my part :-(.
Fix it by putting back the link of machine to sys/i386/include rather
than ../../include (aka sys/pc98/include). I had a stale machine link
on my first test.
Not sure what the "right" fix is, but this unbreaks things.
Warner Losh [Fri, 2 Nov 2001 21:34:20 +0000 (21:34 +0000)]
Factor the common parts of the Makefile.foo files. This introduces two
new files: kern.pre.mk, which contains most of the definitions, and
kern.post.mk, which contains most of the rules.
I've tested this on i386 and pc98. I have had feedback on the sparc64
port, but no reports from anybody on alpha, ia64 or powerpc. I
appologize in advance if I've broken you.
Warner Losh [Fri, 2 Nov 2001 21:26:07 +0000 (21:26 +0000)]
Better error messages for the cases where device_add_child fails. We
should also whine if the old pccardd is used, but that's a little
harder than it sounds.
This also has the effect of fixing a typo that was in the last
version I committed.
Robert Watson [Fri, 2 Nov 2001 21:20:05 +0000 (21:20 +0000)]
o Remove (struct proc *p = td->td_proc) indirection in ipcperm(),
as suser_td(td) works as well as suser_xxx(NULL, p->p_ucred, 0);
This simplifies upcoming changes to suser(), and causes this code
to use the right credential (well, largely) once the td->td_ucred
changes are complete. There remains some redundancy and oddness
in this code, which should be rethought after the next batch of
suser and credential changes.
Robert Watson [Fri, 2 Nov 2001 21:11:41 +0000 (21:11 +0000)]
o Remove the local temporary variable "struct proc *p" from vfs_mount()
in vfs_syscalls.c. Although it did save some indirection, many of
those savings will be obscured with the impending commit of suser()
changes, and the result is increased code complexity. Also, once
p->p_ucred and td->td_ucred are distinguished, this will make
vfs_mount() use the correct thread credential, rather than the
process credential.
Robert Watson [Fri, 2 Nov 2001 18:44:50 +0000 (18:44 +0000)]
o Introduce group subset test, which limits the ability of a process to
debug another process based on their respective {effective,additional,
saved,real} gid's. p1 is only permitted to debug p2 if its effective
gids (egid + additional groups) are a strict superset of the gids of
p2. This implements properly the security test previously incorrectly
implemented in kern_ktrace.c, and is consistent with the kernel
security policy (although might be slightly confusing for those more
familiar with the userland policy).
o Restructure p_candebug() logic so that various results are generated
comparing uids, gids, credential changes, and then composed in a
single check before testing for privilege. These tests encapsulate
the "BSD" inter-process debugging policy. Other non-BSD checks remain
seperate. Additional comments are added.
Mike Barcroft [Fri, 2 Nov 2001 18:05:43 +0000 (18:05 +0000)]
o Add new header <sys/stdint.h>.
o Make <stdint.h> a symbolic link to <sys/stdint.h>.
o Move most of <sys/inttypes.h> into <sys/stdint.h>, as per C99.
o Remove <sys/inttypes.h>.
o Adjust includes in sys/types.h and boot/efi/include/ia64/efibind.h
to reflect new location of integer types in <sys/stdint.h>.
o Remove previously symbolicly linked <inttypes.h>, instead create a
new file.
o Add MD headers <machine/_inttypes.h> from NetBSD.
o Include <sys/stdint.h> in <inttypes.h>, as required by C99; and
include <machine/_inttypes.h> in <inttypes.h>, to fill in the
remaining requirements for <inttypes.h>.
o Add additional integer types in <machine/ansi.h> and
<machine/limits.h> which are included via <sys/stdint.h>.
Partially obtain from: NetBSD
Tested on: alpha, i386
Discussed on: freebsd-standards@bostonradio.org
Reviewed by: bde, fenner, obrien, wollman
Warner Losh [Fri, 2 Nov 2001 17:28:43 +0000 (17:28 +0000)]
Always set unit number to -1 unless some other unit is specified in
the config file. This fixes the breakage caused by the recent change
in the behavior of device_add_child for ata (which shows soren's
reservations were well founded).
Jonathan Lemon [Fri, 2 Nov 2001 17:04:32 +0000 (17:04 +0000)]
+ Fix another possible vn_close race, in the same fashion as r1.95.
+ Check that the cached vnode type != VBAD before calling devsw(),
this can happen if the vnode has been revoked.
Robert Watson [Fri, 2 Nov 2001 16:41:06 +0000 (16:41 +0000)]
o Add a comment to p_candebug() noting that the P_INEXEC check should
really be moved elsewhere: p_candebug() encapsulates the security
policy decision, whereas the P_INEXEC check has to do with "correctness"
regarding race conditions, rather than security policy.
Example: even if no security protections were enforced (the "uids are
advisory" model), removing P_INEXEC could result in incorrect operation
due to races on credential evaluation and modification during execve().
Robert Watson [Fri, 2 Nov 2001 15:22:32 +0000 (15:22 +0000)]
Merge from POSIX.1e Capabilities development tree:
o Reorder and synchronize #include's, including moving "opt_cap.h" to
above system includes.
o Introduce #ifdef'd kern.security.capabilities sysctl tree, including
kern.security.capabilities.enabled, which defaults to 0.
The rest of the file remains stubs for the time being.
Robert Watson [Fri, 2 Nov 2001 15:16:59 +0000 (15:16 +0000)]
Merge from POSIX.1e Capabilities development tree:
o POSIX.1e capabilities authorize overriding of VEXEC for VDIR based
on CAP_DAC_READ_SEARCH, but of !VDIR based on CAP_DAC_EXECUTE. Add
appropriate conditionals to vaccess() to take that into account.
o Synchronization cap_check_xxx() -> cap_check() change.
Robert Watson [Fri, 2 Nov 2001 14:45:22 +0000 (14:45 +0000)]
o Merge recent changes from the POSIX.1e capability tree:
- Introduce cap_check_td() to reflect suser_td()
- Introduce non-portable cap_from_text2_np(), which converts a
text-form capability to an internal form relative to an existing
capability, and non-portable cap_to_text2_np(), which accepts
a flag argument specifying more about the text output format.
- Introduce CTT_* flags controlling the behavior of
cap_to_text2_np().
If zero bytes are allocated, return pointer to the middle of page-zero
(which is protected) so that the program will crash if it dereferences
this illgotten pointer.
Inspired & Urged by: Theo de Raadt <deraadt@cvs.openbsd.org>
Peter Wemm [Fri, 2 Nov 2001 00:41:00 +0000 (00:41 +0000)]
"Fix" a problem that got copied from alpha to ia64 and broke there.
When we truncate the msgbuf size because the last chunk is too small,
correctly terminate the phys_avail[] array - the VM system tests
the *end* for zero, not the start. This leads the VM startup to
attempt to recreate a duplicate set of pages for all physical memory.
XXX the msgbuf handling is suspiciously different on i386 vs
alpha/ia64...
Mitsuru IWASAKI [Thu, 1 Nov 2001 22:20:41 +0000 (22:20 +0000)]
Oops, deleted wrong BIF acquisition timeout invocation by mistake
in my previous commit.
acpi_cmbat_get_bif() from taskqueue calls acpi_cmbat_timeout() so it's
better for startup.
Robert Watson [Thu, 1 Nov 2001 21:37:07 +0000 (21:37 +0000)]
o Update copyright dates.
o Add reference to TrustedBSD Project in license header.
o Update dated comments, including comment in extattr.h claiming that
no file systems support extended attributes.
o Improve comment consistency.
Robert Watson [Thu, 1 Nov 2001 20:56:57 +0000 (20:56 +0000)]
o Move suser() calls in kern/ to using suser_xxx() with an explicit
credential selection, rather than reference via a thread or process
pointer. This is part of a gradual migration to suser() accepting
a struct ucred instead of a struct proc, simplifying the reference
and locking semantics of suser().
Luigi Rizzo [Thu, 1 Nov 2001 16:52:34 +0000 (16:52 +0000)]
Add entries for "dumb" and "dialup" terminals, as the shell in HEAD
refuses to start if it does not find a matching entry for the terminal
type.
My impression is that this is a problem in the shell, because
at least on PicoBSD images, the shell itself coredumps.
Anyways, this is the quickest fix i can come up with.
Mitsuru IWASAKI [Thu, 1 Nov 2001 16:34:07 +0000 (16:34 +0000)]
Some fix for the recent apm module changes.
- Now that apm loadable module can inform its existence to other kernel
components (e.g. i386/isa/clock.c:startrtclock()'s TCS hack).
- Exchange priority of SI_SUB_CPU and SI_SUB_KLD for above purpose.
- Add simple arbitration mechanism for APM vs. ACPI. This prevents
the kernel enables both of them.
- Remove obsolete `#ifdef DEV_APM' related code.
- Add abstracted interface for Powermanagement operations. Public apm(4)
functions, such as apm_suspend(), should be replaced new interfaces.
Currently only power_pm_suspend (successor of apm_suspend) is implemented.
Luigi Rizzo [Thu, 1 Nov 2001 16:17:37 +0000 (16:17 +0000)]
Provide a new picobsd option, "--modules", to also build modules
(modload and friends are sufficiently small to consider their inclusion
in PicoBSD images).
Add the TGA video driver. This is a great accomplishtment and will help
us a lot on older Alphas.
Andrew Gallatin, Thomas V. Crimi, and Peter Jeremy contributed to this
work along with the submitter.