- Use suser_cred(9) instead of directly checking cr_uid.
- Change the order of conditions to first verify that we actually need
to check for privileges and then eventually check them.
- Use suser_cred(9) instead of directly checking cr_uid.
- Change the order of conditions to first verify that we actually need
to check for privileges and then eventually check them.
Add a bandaid to avoid a deadlock in a situation, when we are trying to suspend
a file system, but need to obtain a vnode. We may not be able to do it, because
all vnodes could be already in use and other processes cannot release them,
because they are waiting in "suspfs" state.
In such situation, we allow to allocate a vnode anyway.
This is a temporary fix - there is no backpressure to free vnodes allocated in
those circumstances.
- Use SLIST_FOREACH_SAFE() macro, because knote_drop() can free an element
which can be then used to find next element in the list.
- Remove confusing done_noglobal label. The KQ_GLOBAL_UNLOCK() macro know
how to handle both situations - when kq_global lock is and is not held.
- Don't forget to unlock kq lock in low memory situations.
marius [Sun, 3 Sep 2006 18:16:45 +0000 (18:16 +0000)]
Restore the expected and documented pre rev. 1.36 behavior of
giving preference to pcn(4). Take precedence over le(4) though,
as le(4) isn't meant to supersede lnc(4) in this branch (yet).
/etc/crontab is similar enough to parse as correct if you run
"crontab /etc/crontab", but not the same format due to the who field.
Add some limited anti-foot-shooting support and refuse to load
/etc/crontab as someone's crontab. Users wishing shoot their foot in
this manner may copy /etc/crontab elsewhere. :)
marius [Sun, 3 Sep 2006 17:11:27 +0000 (17:11 +0000)]
- Add a deprecation note since this driver was replaced by le(4)
in HEAD. [1]
- Remove Digital DEPCA from the list of supported hardware; DEPCA
cards use shared memory for the buffers and descriptors but the
current ISA front-end of lnc(4) only knows about adapters that
use DMA instead (lnc(4) did support DEPCA in the past though).
In rev. 1.2 we have introduced a fallback handler for files with unknown
extensions. This seems to be unnecessary and prevents less(1) from being
able to detect file changes, so remove the part.
Submitted by: Eric Huss <e-huss netmeridian com>
PR: bin/102624
Discussed with: des
Merge kern_exec.c:1.293,1.295, kern_acct.c:1.82, vfs_mount.c:1.227 from
HEAD to RELENG_6:
In execve(), audit the path name being executed. In the future, it
would also be good to audit the interpreter pathname, if any.
Audit the argv and env vectors passed in on exec:
Add the argument auditing functions for argv and env.
Add kernel-specific versions of the tokenizer functions for the
arg and env represented as a char array.
Implement the AUDIT_ARGV and AUDIT_ARGE audit policy commands to
enable/disable argv/env auditing.
Call the argument auditing from the exec system calls.
Audit path passed to the acct() system call.
Audit some arguments to nmount(), mount(), umount().
Merge BSD.include.dist:1.106, include/Makefile:1.258 from HEAD to
RELENG_6:
Do install sys/security/audit include files. It would be nice just
to install audit_ioctl.h, but we seem only to support installing
directories, so we get them all. The two not intended for extra-
kernel use have !_KERNEL #error's, which should help.
In kern_fhstatfs(), drop Giant if the prison visibility check fails.
This corrects the same bug found by Todd Miller and corrected as part of
a larger set of Giant changes in vfs_syscalls.c:1.412 in HEAD by jeff.
Pointed out by: Alex Lyashkov <umka at sevcity dot net>
MFC the mac_associate_nfsd_label entry point, only replace one of the
mac_policy_ops stub elements to ensure that we dont break compatability
with existing MAC modules.
date: 2006/01/28 19:24:39; author: csjp; state: Exp; lines: +1 -1
Manage the ucred for the NFS server using the crget/crfree API defined in
kern_prot.c. This API handles reference counting among many other things.
Notably, if MAC is compiled into the kernel, it will properly initialize the
MAC labels when the ucred is allocated.
This work is in preparation for a new MAC entry point which will be responsible
for properly initializing policy specific labels for the NFS server credential.
Utilization of the crfree/crget APIs reduce the complexity associated with
this label's management.
Submitted by: green (with changes) [1]
Obtained from: TrustedBSD Project
Discussed with: rwatson, alfred
[1] I moved the ucred allocation outside the scope of the NFS server lock to
prevent M_WAIKOK allocations from occurring with non-sleep-able locks held.
Additionally, to reduce complexity, the ucred persist as long as the NFS
server descriptor.
marius [Sat, 2 Sep 2006 21:07:50 +0000 (21:07 +0000)]
MFC: 1.2, 1.3, 1.4
- Use full name of the Sun PGX64 cards and add the Sun part number
in order to simplify matters for people who are looking for a video
card supported by FreeBSD/sparc64.
- Add Sun PGX to the list of known working cards.
- s/UltraSparc/UltraSPARC/
- Add info about the requirement of OFW support.
marius [Sat, 2 Sep 2006 20:41:46 +0000 (20:41 +0000)]
MFC: 1.170 (partial)
- Improve the description of gem(4); the Sun chips it supports are
termed ERI and GEM rather than GMAC.
- Bring the description of le(4) in line with the current le(4); it
was still refering to the old i386 ISA-only le(4) which was nuked
along with ISA_COMPAT while HEAD was FreeBSD 5.
- Add an entry for hme(4).
marius [Sat, 2 Sep 2006 20:31:55 +0000 (20:31 +0000)]
MFC: 1.5, 1.6
- s/gigabit/Gigabit/
- Talk about supported chips rather than supported cards as the majority
of the hardware supported by gem(4) is on-board.
- "the .Nm driver"
- Sort the list of supported chips alphabetically.
- Sun GEM aren't used on-board though, so don't claim they'd be.
- Add a CAVEATS section informing that Sun GEM cards aren't supported
so far.
- Add the usual info about loading as module on startup to the SYNOPSIS.
Merge vfs_lookup.c:187, namei.h:1.48 from HEAD to RELENG_6:
Add AUDITVNODE[12] flags to namei(), which cause namei() to audit path
and vnode attribute information for looked up vnodes during the lookup
operation. This will allow consumers of namei() to specify that this
information be added to the in-process audit record.
sam [Sat, 2 Sep 2006 17:09:26 +0000 (17:09 +0000)]
MFC: statistics fixups:
o change rssi to be signed in ieee80211_nodestats
o add noise floor in ieee80211_nodestats (use an implicit hole to
preserve layout); return it as zero until we can update the api's
so the driver can provide noise floor data
o add a bandaid so IEEE80211_IOC_STA_STATS works for sta mode; when
all nodes are in the station table this will no longer be needed
o fix braino in IEEE80211_IOC_STA_INFO implementation; was supposed
to take a mac address and return info for that sta or all stations
if ff:ff:ff:ff:ff was supplied--but somehow this didn't get implemented;
implement the intended semantics and leave a compat shim at the old
ioctl number for the previous api
Note this changes the api for IEEE80211_IOC_STA_INFO but old binaries
will continue to work. FreeBSD_version bumped so apps can track the
change (no such applications are known to exist but just in case).
Merge audit/Makefile:1.1, auditd/Makefile:1.1, auditreduce/Makefile:1.1,
praudit/Makefile:1.1, and usr.sbin/Makefile:1.342,1.343,1.345 from HEAD
to RELENG_6:
sos [Sat, 2 Sep 2006 17:01:32 +0000 (17:01 +0000)]
MFC: Sync with -current.
Dont poll for ATA_IDLE on a detached channel in suspend.
Add support for the Serverworks HT1000 chip.
Finally fix support for the newer MCP51/MCP55 nVidia chipsets.
Add support for the ICH8 and ESB2 chips, also add a few other missing ICH7 partsUpdate JMicron support to also work with chips where the PATA and SATA
parts are on individual PCI functions.
Add support for VIA 8237A.
Add support for AHCI on the VIA VT8251.
Dont call free on non-alloc'd items.
Merge proc.h:1.449 and kern_thread.:1.225 from HEAD to RELENG_6:
Add new fields to process-related data structures:
- td_ar to struct thread, which holds the in-progress audit record during
a system call.
- p_au to struct proc, which holds per-process audit state, such as the
audit identifier, audit terminal, and process audit masks.
In the earlier implementation, td_ar was added to the zero'd section of
struct thread. In order to facilitate merging to RELENG_6, it has been
moved to the end of the data structure, requiring explicit
initalization in the thread constructor.
Merge audit.c:1.18, audit.h:1.8, audit_arg.c:1.6, audit_bsm.c:1.10,
audit_bsm_klib.c:1.4, audit_bsm_token.c:1.7, audit_ioctl.h:1.4,
audit_pipe.c:1.9, audit_private.h:1.10, audit_syscalls.c:1.5,
audit_trigger.c:1.3, audit_worker.c:1.9 from HEAD to RELENG_6.
This is the MFC of the kernel audit implementation, including argument
gathering functions, worker thread, active audit record queue, system
calls, BSM trail generation code, trigger pseudo-device, and pipe
pseudo-device. See audit(4) and auditpipe(4) for a detailed description
of the audit subsystem.
Merge audit.h:1.5, audit_kevents.h:1.7, audit_internal.h:1.4, and
audit_record.h:1.5 from HEAD to RELENG_6. These correspond to the
files of the same name in OpenBSM 1.0 alpha 10.
MFC OpenBSM 1.0 alpha 10 from HEAD to RELENG_6; OpenBSM is the user space
portion of the TrustedBSD audit implementation, which has now been
settling in 7-CURRENT for several months, and is intended to provide a
Common Criteria/CAPP-compliant fine-grained security event log subsystem.
OpenBSM includes libraries, documentation, configuration files, and audit
audit trail printing and audit trail reduction tools.
This code drop is based on Apple's BSM implementation, implemented by
McAfee Research, and has been substantially enhanced by the TrustedBSD
Project.
Audit support will be considered "experimental" for 6.2-RELEASE.