rwatson [Tue, 25 Mar 2003 01:10:54 +0000 (01:10 +0000)]
Expand scope of the Biba policy to include some of the new entry
points available for enforcement:
mac_biba_check_sysarch_ioperm() - Require Biba privilege to make
use of privileged machine-dependent interfaces, protecting against
bypass of the policy via various mechanisms.
mac_biba_check_system_swapoff() - Require Biba privilege to disable
swapping against a vnode target.
jake [Tue, 25 Mar 2003 00:07:06 +0000 (00:07 +0000)]
- Add vm_paddr_t, a physical address type. This is required for systems
where physical addresses larger than virtual addresses, such as i386s
with PAE.
- Use this to represent physical addresses in the MI vm system and in the
i386 pmap code. This also changes the paddr parameter to d_mmap_t.
- Fix printf formats to handle physical addresses >4G in the i386 memory
detection code, and due to kvtop returning vm_paddr_t instead of u_long.
Note that this is a name change only; vm_paddr_t is still the same as
vm_offset_t on all currently supported platforms.
jhb [Mon, 24 Mar 2003 21:24:37 +0000 (21:24 +0000)]
Oops, SHUTDOWN_PRI_LAST should be EVENTHANDLER_PRI_LAST, not
EVENTHANDLER_PRI_FIRST. Oddly enough, this didn't seem to break the boxes
I tested these changes on.
jhb [Mon, 24 Mar 2003 21:15:35 +0000 (21:15 +0000)]
Replace the at_fork, at_exec, and at_exit functions with the slightly more
flexible process_fork, process_exec, and process_exit eventhandlers. This
reduces code duplication and also means that I don't have to go duplicate
the eventhandler locking three more times for each of at_fork, at_exec, and
at_exit.
Reviewed by: phk, jake, almost complete silence on arch@
jhb [Mon, 24 Mar 2003 21:07:31 +0000 (21:07 +0000)]
Define some generic eventhandler priorities for use with eventhandlers and
redefine the existing priority macros for specific eventhandlers in terms
of the generic priorities.
jhb [Mon, 24 Mar 2003 21:03:53 +0000 (21:03 +0000)]
- Remove witness_dead and just use witness_watch instead. If witness_watch
is set to 0, it now has the same affect as setting witness_dead used to
have.
- Added a sysctl handler that allows root to change witness_watch from a
non-zero value to zero to disable witness at runtime. Note that you
can't turn witness back on once it is off. You can only turn it off as
a one-way switch.
- Added a comment describing the possible values of witness_watch.
phk [Mon, 24 Mar 2003 19:30:15 +0000 (19:30 +0000)]
Premptively change initializations of struct g_class to use C99
sparse struct initializations before we extend the struct with
new OAM related member functions.
jhb [Mon, 24 Mar 2003 15:56:00 +0000 (15:56 +0000)]
Don't call sysbeep() in sc_bell() if either duration or pitch is zero.
Otherwise sysbeep() makes an annoying clicking sound on some systems.
'kbdcontrol -b off' just sets the duration and pitch to zero, it doesn't
set the QUIET_BELL flag.
bde [Mon, 24 Mar 2003 11:26:08 +0000 (11:26 +0000)]
Fixed an errx format error in rev.1.81. This should have been fatal
when WARNS was increased recently, but __printf0like() has been
temporarily disabled for 8 months.
Fixed related style bugs (disordered declaraction and silly type for
maxpayload -- assume 16-bit ints like the rest of ping.c).
bde [Mon, 24 Mar 2003 11:03:42 +0000 (11:03 +0000)]
Better fix for the problem addressed by rev.1.79: don't loop in
fifo_open() waiting for another reader or writer if one arrived and
departed while we were waiting (or a little earlier).
Rev.1.79 broke blocking opens of fifos by making them time out after 1
second. This was bad for at least apsfilter.
bde [Mon, 24 Mar 2003 10:17:14 +0000 (10:17 +0000)]
Disable interrupts while in kdb_trap() to handle cases where the caller
doesn't do it. This fixes all known causes of "Context switches not
allowed in the debugger" in mi_switch(). The main cause was trap_fatal()
calling kdb_trap() with interrupts enabled. Switching to ithreads for
interrupt handling then made fatal traps more fatal and harder to debug.
The problem was limited in -current because most interrupt handlers are
blocked by Giant, but it occurred almost deterministically for me because
my clock interrupt handlers are non-fast and not blocked by Giant.
simokawa [Mon, 24 Mar 2003 04:06:21 +0000 (04:06 +0000)]
- The payload of Write Request Quad and Read Response Quad must be
network byte order.
- Set ATRetries register after each bus reset because the value is 'undef'
in OHCI spec.
mux [Sun, 23 Mar 2003 18:29:52 +0000 (18:29 +0000)]
Add a new -o option to tell xargs(1) to reopen /dev/tty as stdin in
the child process, before executing the command. This is very useful
when you do stuff like ``find ... | xargs interactive_application''.
Without -o, the application would inherit the pipe as its stdin, and
you thus lose any control over it.
This flag has been carefully chosen to not conflit with other options
of other xargs utilities like GNU xargs.
rwatson [Sun, 23 Mar 2003 02:09:20 +0000 (02:09 +0000)]
Garbage collect FREEBSD_MAC_EXTATTR_NAME and FREEBSD_MAC_EXTATTR_NAMESPACE,
which are no longer required now that we have UFS2 with extended
attribute transactions.
imp [Sat, 22 Mar 2003 15:39:38 +0000 (15:39 +0000)]
MFP4 27224 and 27225:
Change 27224 by imp@imp_hammer on 2003/03/22 00:16:22
Put what I think are the correct TX RATE translation tables
in place for LUCENT firmware. This is based on the 4.x driver.
Maybe it should be table driven?
ifconfig wi0 media DS/11Mbps still fails, but it fails before
we even get to the txrate stuff, so other things are wrong.
Change 27225 by imp@imp_hammer on 2003/03/22 00:45:11
Default ic_fixed_rate to -1. This is the same thing as autoselect.
There really should be a #define for this...
mux [Sat, 22 Mar 2003 12:18:20 +0000 (12:18 +0000)]
- Add a new ioctl to get the maximum number of ATA channels.
- Use it in atacontrol(8) when listing ATA devices instead of
stopping at the first ENXIO received.
This makes atacontrol list work on my sparc64 where the two ATA
channels I have are numbered 2 and 3.
keramida [Sat, 22 Mar 2003 09:47:02 +0000 (09:47 +0000)]
Make -c only set flag_c and not a toggle. With flag_c disabled by
default, this makes the behavior of gstat more predictable when -c is
specified multiple times on the command line.
jhb [Fri, 21 Mar 2003 19:49:34 +0000 (19:49 +0000)]
Sync up linux and svr compat elf fixup functions for exec(). These
functions are now all basically identical except that alpha linux uses
Elf64 arguments and svr4 and i386 linux use Elf32. The fixups include
changing the first argument to be a register_t ** to match the prototype
for fixup functions, asserting that the process in the image_params struct
is always curproc and removing unnecessary locking to read credentials as a
result, and a few style fixes.