csjp [Sat, 26 Aug 2006 20:13:35 +0000 (20:13 +0000)]
Fix panic associated with file creation via RPC/NFS when the MLS policy
is loaded. This problem stems from the fact that the policy is not properly
initializing the mac label associated with the NFS daemon.
rwatson [Sat, 26 Aug 2006 17:59:31 +0000 (17:59 +0000)]
Allow the user process to query the kernel's notion of a maximum
audit record size at run-time, which can be used by the user
process to size the user space buffer it reads into from the audit
pipe.
marius [Sat, 26 Aug 2006 16:28:19 +0000 (16:28 +0000)]
Fix another bug introduced with rev. 1.204; in vfs_donmount() if
the 'vfs_getopt(optlist, "errmsg", (void **)&errmsg, &errmsg_len)'
call fails, 'errmsg' is left uninitialized, making the later tests
against NULL meaningless, and the uses bogus. Thus initialize
'errmsg' to NULL beforehand. [1]
While at it, remove the superfluous assignment of 0 to 'errmsg_len'
if the above mentioned call fails as it's already initialized to 0.
rwatson [Sat, 26 Aug 2006 08:17:58 +0000 (08:17 +0000)]
Update kernel OpenBSM parts, especially src/sys/bsm, for the OpenBSM
1.0 alpha 9 import. See the OpenBSM import commit message for a
detailed summary of changes.
rwatson [Sat, 26 Aug 2006 08:04:15 +0000 (08:04 +0000)]
Vendor import of OpenBSM 1.0 alpha 9, with the following change history
notes since the last import:
OpenBSM 1.0 alpha 9
- Rename many OpenBSM-specific constants and API elements containing the
strings "BSM" and "bsm" to "AUDIT" and "audit", observing that this is true
for almost all existing constants and APIs.
- Instead of passing a per-instance cookie directly into all audit filter
APIs, pass in the audit filter daemon state pointer, which is then used by
the module using an audit_filter_{get,set}cookie() API. This will allow
future service APIs provided by the filter daemon to maintain their own
state -- for example, per-module preselection state.
OpenBSM 1.0 alpha 8
- Correct typo in definition of AUR_INT.
- Adopt OpenSolaris constant values for AUDIT_* configuration flags.
- Arguments to au_to_exec_args() and au_to_exec_env() no longer const.
- Add kernel versions of au_to_exec_args() and au_to_exec_env().
- Fix exec argument type that is printed for env strings from 'arg' to 'env'.
- New OpenBSM token version number assigned, constants added for other
commonly seen version numbers.
- OpenBSM-specific events assigned numbers in the 43xxx range to avoid future
collisions with Solaris. Darwin events renamed to AUE_DARWIN_foo, as they
are now deprecated numberings.
- autoconf now detects clock_gettime(), which is not available on Darwin.
- praudit output fixes relating to arg32 and arg64 tokens.
- Maximum record size updated to 64k-1 to match Solaris record size limit.
- Various style and comment cleanups in include files.
imp [Fri, 25 Aug 2006 23:50:05 +0000 (23:50 +0000)]
Pass whatever the value of NM down to lorder. This allows one to
override NM in Makefiles when, for example, cross compiling and have
that value be used by lorder. NM normally isn't defined, so we pass a
null value to lorder. lorder says 'NM=${NM-nm}' which causes it to
pickup the default value.
emax [Fri, 25 Aug 2006 17:53:13 +0000 (17:53 +0000)]
- Catch up with ongoing rwatson's socket work;
- Fix a couple of LORs and panics;
- Temporarily remove the code that tries to cleanup sockets that stuck
on accepting queues (both complete and incomplete). I'm taking an ostrich
approach here until I find a better way to deal with sockets that were
disconnected before accepting (i.e. while socket was on complete or
incomplete accept queue).
netchild [Fri, 25 Aug 2006 11:59:56 +0000 (11:59 +0000)]
Emulate what vfork does instead of using it in linux_vfork. This way
we can do the stuff we need to do with linux processes at fork and
don't panic the kernel at exit of the child.
rwatson [Fri, 25 Aug 2006 11:02:42 +0000 (11:02 +0000)]
Don't call suser_cred() directly from linux_sethostname(), as it just
wraps userland_sysctl(), which performs necessary privilege checks as
part of its normal operation.
trhodes [Fri, 25 Aug 2006 07:34:36 +0000 (07:34 +0000)]
Add login.conf checking to periodic security scripts. If the login.conf file
is not UID/GID 0, limits will be ignored and a strange error sent to auth.log.
rwatson [Fri, 25 Aug 2006 07:30:23 +0000 (07:30 +0000)]
Remove $P4$ from this file; other then temporarily P4-local work in
progress the kernel audit code in CVS is considered authoritative.
This will ease $P4$-related merging issues during the CVS loopback.
davidxu [Fri, 25 Aug 2006 06:12:53 +0000 (06:12 +0000)]
Add user priority loaning code to support priority propagation for
1:1 threading's POSIX priority mutexes, the code is no-op unless
priority-aware umtx code is committed.
maxim [Fri, 25 Aug 2006 05:46:47 +0000 (05:46 +0000)]
A bunch of fixes from NetBSD:
o Restore owner/group/mode/atime/mtime of symbolic links, rev. 1.30.
o Extract file flags of symbolic link, rev. 1.42.
o Call getfile() before altering file attributes.
Open file with mode 0600 instead of 0666 so that file won't remain
group or world readable/writable even if getfile() terminated.
Move skipfile() before altering file attributes in IF{CHR,BLK} and
IFIFO case for symmetry, rev. 1.32.
o Use file mode 0600 when creating special file or fifo, revs. 1.33, 1.34.
marius [Thu, 24 Aug 2006 22:00:24 +0000 (22:00 +0000)]
Remove the DPMS code in creator_blank_display(), as it causes some
LCDs to blink in the V_DISPLAY_ON case, at least in combination with
some 13W3-VGA-adaptors (what's exactly going on is unclear though,
as it happens when all of H-sync, V-sync and video output are enabled
and not touching the sync bits from the preset fixes it). Thus
creator_blank_display() now is reduced to turning the video output
on/off.
Although that DPMS code did what the XFree86/Xorg sunffb(4x) does,
it was questionable in the first place, as both implementations
also turn(ed) off the video output on standby and suspend, thus most
likely causing the monitor to turn off instead of entering standby
or suspend as intended (at least my monitors don't).
Reported and tested by: Patrick Reich
MFC after: 3 days
julian [Thu, 24 Aug 2006 20:45:38 +0000 (20:45 +0000)]
Add an option to allow copying of a hierarchy while linking he regular files.
Bikeshedded to death on: hackers
Submitted by:andersonatcenttech.com
MFC in: 1 month
marius [Thu, 24 Aug 2006 18:52:28 +0000 (18:52 +0000)]
Fix a bug introduced with rev. 1.204; in vfs_donmount() use
copyout(9) instead of copystr(9) for copying the errmsg from
kernel- to user-space. This fixes a panic on sparc64 when
using the nmount(2)-converted mountd(8).
While at it, use bcopy(3) instead of strncpy(3) in the kernel-
to kernel-space case for consistency with vfs_buildopts() and
between kernel- to user-space and kernel- to kernel-space case.
danger [Thu, 24 Aug 2006 17:07:19 +0000 (17:07 +0000)]
- add note about IPSEC_FILTERGIF to fast_ipsec(4) and let the users know
that it is not possible to use Fast IPsec in conjuction with KAME IPsec
- add available kernel options to ipsec(4)
- add reference for fast_ipsec(4) to ipsec(4)
imp [Thu, 24 Aug 2006 17:02:26 +0000 (17:02 +0000)]
Always make obj when building the libraries. This never hurts, and
helps some cross-architecture building tool installation patches that
I'm developing.
oleg [Thu, 24 Aug 2006 14:41:16 +0000 (14:41 +0000)]
Properly lock ifmedia callbacks. This should prevent concurrent access to PHY.
Following issues should be resolved:
- random watchdog timeouts (caused by concurrent phy access)
- some link state issues
- non working TX if media type was set explicitly
jhb [Wed, 23 Aug 2006 19:16:17 +0000 (19:16 +0000)]
Remove special handling for PC == 0. With this, kgdb can now properly
unwind across a page fault due to a null function pointer. It does a
better job than ddb now in fact.
thomas [Wed, 23 Aug 2006 15:59:43 +0000 (15:59 +0000)]
Set alarm timer for grace period from the grace_period variable, instead
of hard-coding a value of 10 seconds. Command line flag -g is thus now
correctly taken into account.
thomas [Tue, 22 Aug 2006 23:49:36 +0000 (23:49 +0000)]
(media_status): Factor common code between IFM_ETHER and IFM_ATM cases.
(print_media_word, print_media_word_ifconfig): Remove unnecessary
goto following test for null desc.
flz [Tue, 22 Aug 2006 11:17:29 +0000 (11:17 +0000)]
Backout this commit since it breaks startup and some scripts in
certain conditions. I haven't been able to find a better solution yet:
- Set a two read-only variables (${prefix} and ${etcdir}). This is
especially useful when using /etc/rc.d scripts with third-party
software installed from ports.
- Fix rc.d/sshd to work with openssh from ports using ${etcdir}
instead of hardcoded /etc.
- Reflect prefix/etcdir changes in rc.subr.8.