1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-18 10:35:55 +00:00
Commit Graph

43024 Commits

Author SHA1 Message Date
Warner Losh
1e56655e43 Minor style nits suggested by sam and mdodd:
o give an argument to EP_BUSY_WAIT
o use foo_locked rather than foo_body
o Add locking assertions for extra safety.
2003-10-25 21:28:40 +00:00
Warner Losh
470de03fd0 Convert to bus_space.
Make the pccard attachment work with NEWCARD
Start locking of the driver, but only the macros are defined right now

Tested on: Megahertz CC10BT/2
# (These cards are very popular on ebay these days, and run < $10 including
#  shipping from some sellers).
2003-10-25 19:56:19 +00:00
Peter Wemm
f3075be88a For the SMP case, flush the TLB at the beginning of the page zero/copy
routines.  Otherwise we run into trouble with speculative tlb preloads
on SMP systems.  This effectively defeats Jeff's revision 1.438
optimization (for his pentium4-M laptop) in the SMP case.  It breaks
other systems, particularly athlon-MP's.
2003-10-25 18:51:41 +00:00
Alan Cox
93dbd07122 - Align a comment within struct vm_page.
- Annotate the vm_page's valid field as synchronized by the containing
   vm object's lock.
2003-10-25 18:33:04 +00:00
Robert Watson
36bbf86ba6 Check (locked) before performing an advisory unlock following a failure
of vn_start_write().  Otherwise, we may inconsistently attempt to release
the advisory lock.

Pointed out by:	teggej
2003-10-25 16:43:50 +00:00
Robert Watson
c447f5b2f4 When generate a core dump, use advisory locking in an advisory way:
if we do acquire an advisory lock, great!  We'll release it later.
However, if we fail to acquire a lock, we perform the coredump
anyway.  This problem became particularly visible with NFS after
the introduction of rpc.lockd: if the lock manager isn't running,
then locking calls will fail, aborting the core dump (resulting in
a zero-byte dump file).

Reported by:	Yogeshwar Shenoy <ynshenoy@alumni.cs.ucsb.edu>
2003-10-25 16:14:09 +00:00
Robert Watson
67536f038c Allow MAC policies to block/revoke kern_alq write access to a file.
Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
Reviewed by:	jeff
2003-10-25 16:10:41 +00:00
Robert Watson
da77b2fa6b Make MAC_EXTERNALIZE() and MAC_INTERNALIZE() simply take the object
type, rather than "object_label" as the first argument.  This reduces
complexity a little for the consumer, and also makes it easier for
use to rename the underlying entry points in struct mac_policy_obj.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-25 15:28:20 +00:00
Hidetoshi Shimokawa
65290832bd Fix fwmem_strategy() race in 4-stable. 2003-10-25 15:05:59 +00:00
Hidetoshi Shimokawa
a4468d6352 Move validity check of 'xfer->fc != NULL' to right place. 2003-10-25 15:04:49 +00:00
Hidetoshi Shimokawa
b604f6e80f dcons_crom.c needs dcons and firewire. 2003-10-25 12:59:22 +00:00
Hajimu UMEMOTO
618d51bbdc revert following unwanted changes:
- __packed to __attribute__((__packed__)
  -  uintN_t back to u_intN_t

Reported by:	bde
2003-10-25 10:57:08 +00:00
Hajimu UMEMOTO
16cd67e933 correct namespace pollution.
Submitted by:	bde
2003-10-25 09:37:10 +00:00
Alan Cox
52051abcf1 - Call vnode_pager_input_old() with the vm object locked. 2003-10-25 05:21:16 +00:00
Peter Wemm
b09a77f561 GC workaround code for detecting pentium4's and disabling PSE and PG_G.
It's been ifdef'ed out for ages.
2003-10-25 05:14:38 +00:00
Nate Lawson
9b937d4836 Add devctl(4) notify support to ACPI. Various subsystems now notify
userland whenever events occur.  See the example in devd.conf below
to see how to use it.
2003-10-25 05:03:25 +00:00
Warner Losh
c365ed47e4 Whole grab-bag of changes:
o Make the driver MPSAFE
o Some changes due to diff reduction effort with vx.
o Removed some obsolete junk.

Reviewed by: sam, modd
2003-10-25 04:09:49 +00:00
Warner Losh
e0eeb66087 Start to minimize diffs between vx and ep. These latter is based on a
more advanced version of the chips supported by the former.  Matt Dodd
and I are working towards merging them, and this a step on that path.
2003-10-25 04:05:33 +00:00
Robert Watson
138f64b698 Sort type declarations together.
Remove an excess carriage return.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-25 03:50:44 +00:00
Warner Losh
17e02bb39b Convenience functions to generate notifications from the kernel. The ACPI
code will start using these shortly.

Reviewed by: njl
2003-10-24 22:41:54 +00:00
Doug Ambrisko
43e42f3688 Add support for another multiple serial port card based on OX16PCI954 device
id 0x950a.

MFC:	after 4.9 release.
2003-10-24 22:34:56 +00:00
Eric Anholt
4294fd5ce1 Don't try to use dev->dma_lock unless dma is initialized (dev->dma != NULL)
in bufs_info sysctl handler.  dev->dma and dev->dma_lock existence are
protected by DRM_LOCK().  Fixes panic on sysctl hw.dri when the device is
uninitialied (when you aren't in X).
2003-10-24 21:45:21 +00:00
John-Mark Gurney
0eb3b7bb7f don't allow reading from files that haven't been open'd for reading. 2003-10-24 21:07:53 +00:00
John Baldwin
8b201c42c6 - Add a DDB command 'show intrcnt' to show the non-zero interrupt counts.
- Add a DDB function to dump the contents of an ithread and optionally
  details about each handler in that ithread.  This function can be used
  by MD code to implement DDB commands that display information about
  interrupt sources and their registered handlers.
2003-10-24 21:05:30 +00:00
John Baldwin
07930cce05 A few whitespace and comment tweaks. 2003-10-24 21:02:26 +00:00
John Baldwin
fe38ebca56 - Fail to probe if acpi0 probed ok as this driver basically tries to probe
the ACPI timer and we shouldn't do that if ACPI is already around to do
  that for us.
- Set a description and tweak the order of checks in the probe function
  to more closely match other PCI drivers.

This should probably be moved to sys/dev/piix/piix.c at some point and
turned on for all i386 kernels rather than just SMP ones.
2003-10-24 21:01:31 +00:00
Hajimu UMEMOTO
c302f5bc07 remove the ip6r0_addr and ip6r0_slmap members from ip6_rthdr0{}
according to rfc2292bis.

Obtained from:	KAME
2003-10-24 20:37:05 +00:00
Hajimu UMEMOTO
5434eaa208 correct tab and order. 2003-10-24 19:51:49 +00:00
Poul-Henning Kamp
7b3c545769 Close the right consumers if we run into trouble opening them all.
Submitted by:	Pawel Jakub Dawidek <nick@garage.freebsd.pl>
2003-10-24 18:47:31 +00:00
Poul-Henning Kamp
87ac8d11c2 Fix two old/new consumer confusions.
Submitted by:    Pawel Jakub Dawidek <nick@garage.freebsd.pl>
2003-10-24 18:46:23 +00:00
Poul-Henning Kamp
63b92d134e When grabbing vnodes to service NFS requests, make sure to call
vn_start_write() early to avoid snapshot deadlocks.

By:	mckusick
2003-10-24 18:36:49 +00:00
Hajimu UMEMOTO
f95d46333d Switch Advanced Sockets API for IPv6 from RFC2292 to RFC3542
(aka RFC2292bis).  Though I believe this commit doesn't break
backward compatibility againt existing binaries, it breaks
backward compatibility of API.
Now, the applications which use Advanced Sockets API such as
telnet, ping6, mld6query and traceroute6 use RFC3542 API.

Obtained from:	KAME
2003-10-24 18:26:30 +00:00
Hajimu UMEMOTO
234a35c714 Since dp->dom_ifattach calls malloc() with M_WAITOK, we cannot
use mutex lock directly here.  Protect ifp->if_afdata instead.

Reported by:	grehan
2003-10-24 16:57:59 +00:00
Hartmut Brandt
7298db81fe Sysctl names should not contain dots. Convert them to underlines. 2003-10-24 16:44:27 +00:00
Hidetoshi Shimokawa
869093b15d Add dumb console driver and related bits.
dcons(4): very simple console and gdb port driver
dcons_crom(4): FireWire attachment
dconschat(8): User interface to dcons

Tested with: i386, i386-PAE, and sparc64.
2003-10-24 15:44:10 +00:00
Hidetoshi Shimokawa
102ebc1f95 Fix for FW_ASYREQ.
- set send.pay_len correctly.
- copy response only if needed.
- remove unnecessary 'err = 0'.
2003-10-24 13:55:51 +00:00
Hidetoshi Shimokawa
ad5c39fe2a Don't check timeout just after booted.
Some transactions could be considered wrongly to be timeout
bacause interrupts are disabled during boot process.
2003-10-24 07:42:21 +00:00
Hartmut Brandt
0376020649 Module build infrastructure for the NgATM SAA layer. 2003-10-24 07:42:08 +00:00
Hartmut Brandt
98ef351f12 Netgraph part of the NgATM signalling AA layer. These nodes can
also be used as a general-purpose transport protocol above any
packet layer (IP, UDP).
2003-10-24 07:39:11 +00:00
Warner Losh
d2bda4e032 Backswards is as backwards does: If we're MPSAFE, then we don't need
giant, which implies that we need to take out giant it we're NOT
MPSAFE.

# I can't believe the number of people that looked at this failed to
# detect this.
2003-10-24 07:20:13 +00:00
Marcel Moolenaar
3a988c5c87 Remove unused header. See also ia64/disasm/disasm.h. 2003-10-24 06:53:43 +00:00
Marcel Moolenaar
2a0a749f39 Remove ia64_pack_bundle() and ia64_unpack_bundle(). They are not
used anymore.
2003-10-24 06:52:21 +00:00
Marcel Moolenaar
4d85274d1a Remove unused file. db_disasm() has been implemented in db_interface.c
now.
2003-10-24 06:48:41 +00:00
Alan Cox
2e3b314d3a - Push down Giant from vm_pageout() to vm_pageout_scan(), freeing
vm_pageout_page_stats() from Giant.
 - Modify vm_pager_put_pages() and vm_pager_page_unswapped() to expect the
   vm object to be locked on entry.  (All of the pager routines now expect
   this.)
2003-10-24 06:43:04 +00:00
Marcel Moolenaar
5664617492 Implement db_disasm() by using the new disassembler. Temporarily
unimplement db_write_breakpoint() and db_clear_breakpoint().
2003-10-24 06:42:03 +00:00
Mike Silbersack
0709c23335 Reduce the number of tcp time_wait structs to maxsockets / 5; this ensures
that at most 20% of sockets can be in time_wait at one time, ensuring
that time_wait sockets do not starve real connections from inpcb
structures.

No implementation change is needed, jlemon already implemented a nice
LRU-ish algorithm for tcp_tw structure recycling.

This should reduce the need for sysadmins to lower the default msl on
busy servers.
2003-10-24 05:44:14 +00:00
Arun Sharma
f47392f4c2 Use a TR of size 1 << IA64_ID_PAGE_SHIFT instead of 16M to avoid
overlapping TR/TC entries (which results in a machine check). Note
that we don't look at the size of the memory descriptor, because
it doesn't guarantee non-overlap.

With this change, a UP kernel could boot on a Intel Tiger4 machine
with the following options:

options         LOG2_ID_PAGE_SIZE=26		# 64M
options         LOG2_PAGE_SIZE=14               # 16K

Approved by: marcel
2003-10-24 04:56:58 +00:00
Peter Wemm
cedb3695c1 Add __va_copy and make it always visible, in spite of the __ISO_C_VISIBLE
setting.  Make va_copy be an alias if __ISO_C_VISIBLE >= 1999.

Why?  more than a few ports have an autoconf that looks for __va_copy
because it is available on glibc.  It is critical that we use it if
at all possible on amd64.  It generally isn't a problem for i386 and its
ilk because autoconf driven code tends to fall back to an assignment.
2003-10-24 02:50:39 +00:00
Marcel Moolenaar
5c03a7c7f9 Don't use fuword() or suword() unconditionally. They explicitly
disallow reading or writing.
2003-10-24 02:33:26 +00:00
Marcel Moolenaar
3fc58f92dc Remove two unused fields in the operand structure (o_read & o_write). 2003-10-24 02:05:53 +00:00
Eric Anholt
1d0d7f3ee4 Update to latest from DRI CVS. Primary new feature is mostly-complete smpng
locking, and the apparently unnecessary locking for -stable has been removed.
This may fix issues with missed interrupts since April, which manifested
themselves as slowdowns or hangs in radeon, in particular. Many cleanups also
took place.  In the shared code, there are improvements to r128 driver
stability.
2003-10-24 01:48:17 +00:00
Sam Leffler
ac6b0748be o restructure initialization code so data structures are setup
when loaded as a module
o cleanup data structures on module unload when no application has
  been started (i.e. kldload, kldunload w/o mrtd)
o remove extraneous unlocks immediately prior to destroying them

Supported by:	FreeBSD Foundation
2003-10-24 00:09:18 +00:00
Sam Leffler
37bdc2803f check return result from rtalloc1 before invoking RTUNLOCK 2003-10-23 21:41:00 +00:00
John Baldwin
e07c897e61 Writes to p_flag in __setugid() no longer need Giant. 2003-10-23 21:20:34 +00:00
John Baldwin
787f162df6 Move the P_COWINPROGRESS flag from being a per-process p_flag to being a
per-thread td_pflag which doesn't require any locks to read or write as it
is only read or written by curthread on itself.

Glanced at by:	mckusick
2003-10-23 21:14:08 +00:00
Garrett Wollman
06cb76bde3 Add appropriate const poisoning to the assert_*locked() family so that I can
call ASSERT_VOP_LOCKED(vp, __func__) without a diagnostic.

Inspired by:	the evil and rude OpenAFS cache manager code
2003-10-23 18:17:36 +00:00
John Baldwin
9f9ccd206d Add simple support for AGP 3.0 including enabling 8x mode. The simple
part of the support is that it still assumes one master and one target
where as AGP 3.0 actually supports multiple devices on the bus.

Submitted by:	Keith Whitwell <keith@tungstengraphics.com>
Sponsored by:	The Weather Channel
2003-10-23 18:08:56 +00:00
Warner Losh
231ef86f68 Remove unnecessary casts to (caddr_t) for if_broadcastaddr. 2003-10-23 17:48:53 +00:00
John Baldwin
65c3981023 Use a switch statement on the devid instead of if-else for determing which
code to use to see if the onboard video has been disabled or not.

Submitted by:	Keith Whitwell <keith@tungstengraphics.com>
2003-10-23 17:48:30 +00:00
Warner Losh
39efe73c15 Remove unnecessary (caddr_t) casts of if_broadcastaddr. 2003-10-23 17:47:55 +00:00
Warner Losh
9d51aaa4e8 Const poison crc routines (why these aren't centralized, I'm not sure). 2003-10-23 16:57:38 +00:00
Warner Losh
97bf3cc2cc Const poison the crc calcuation routines so const data can be sent to
it.
2003-10-23 16:55:27 +00:00
Brooks Davis
76d6b7514f Use IF_MAXUNIT instead of rolling our own identical TUN_MAXUNIT. 2003-10-23 16:29:20 +00:00
Warner Losh
64760eb06e Merge from p4 (noticed these changes with DES' if_ethersubr.c changes caused
a minor conflict):
o Use ETHER_ADDR_LEN in preference to '6'.
o Remove two unnecessary (caddr_t) casts.  One of them causes problems in
  my tree where etherbroadcastaddr is const, and (caddr_t) casts the const
  away.
2003-10-23 15:09:34 +00:00
Dag-Erling Smørgrav
72fd1b6a20 Clean up whitespace, remove "register" keyword, ANSIfy.
No functional changes.
2003-10-23 13:49:10 +00:00
Dag-Erling Smørgrav
76bfe7b119 0x7FFFFFFFFF is >32 bits and needs an explicit LL. 2003-10-23 13:42:03 +00:00
Marcel Moolenaar
764015afda Cleanup. Remove the md_flags for threads. It's not used. The flags
we had were bogus.
While here, reassign the copyright to the Project. There's nothing
in this files that originates from NetBSD, especially now that the
FreeBSD/alpha bits have been removed, but even then the amount of
inherited code that we actually used was nil.
2003-10-23 06:41:59 +00:00
Marcel Moolenaar
32efda28bf Reimplement unaligned_fixup() using the new disassembler and a
mcontext_t for the register values. Currently only ld8 and ldfd
instructions are handled as those are the ones we need now (a
misaligned ld8 occurs 4 times in ntpd(8) and a misaligned ldfd
occurs once in mozilla 1.4 and 1.5). Other instructions are added
when needed.
2003-10-23 06:32:34 +00:00
Marcel Moolenaar
49e4ce1f63 Remove unused include of <machine/inst.h> 2003-10-23 06:23:55 +00:00
Marcel Moolenaar
5a931213f0 Remove prototype of unaligned_fixup() and fix a nearby style(9)
bug.
2003-10-23 06:21:44 +00:00
Marcel Moolenaar
26c41f9dd1 Add prototypes for spillfd() and unaligned_fixup(). 2003-10-23 06:20:38 +00:00
Marcel Moolenaar
075f7fe484 Add spillfd(). This function loads a double-precision FP register
at the first address and spills it to the second address. This
allows unaligned_fixup() to update the context of the process in
a way that assures proper rounding.
Similar functions for single-and extended-precision are added when
needed.
2003-10-23 06:19:06 +00:00
Marcel Moolenaar
1f98bf53d9 Hook-up the new disassembler. 2003-10-23 06:11:37 +00:00
Peter Wemm
63f2bb5ff1 Use a more robust API altogether for the amd64_get_fsbase() etc functions. 2003-10-23 06:06:14 +00:00
Marcel Moolenaar
b9eabb421b Add a new disassembler that improves over the previous disassembler
in that it provides an abstract (intermediate) representation for
instructions. This significantly improves working with instructions
such as emulation of instructions that are not implemented by the
hardware (e.g. long branch) or enhancing implemented instructions
(e.g. handling of misaligned memory accesses). Not to mention that
it's much easier to print instructions.

Functions are included that provide a textual representation for
opcodes, completers and operands.

The disassembler supports all ia64 instructions defined by revision
2.1 of the SDM (Oct 2002).
2003-10-23 06:01:52 +00:00
Peter Wemm
042093540c Look at the equipment list for amd64 as well as i386 for autodetecting
floppy drives in the absence of hints.
2003-10-23 05:52:52 +00:00
Warner Losh
71d72f8892 Fix mismerge from one tree to another: add ( 2003-10-23 05:33:53 +00:00
Peter Wemm
c0432d033e Renumber the sysarch vectors for amd64 specific syscalls so that I can
implement i386 compat numbers where it makes sense.  This would save a
syscall translation layer.  Yes, this breaks the abi slightly again, but
fortunately its just a recompile rather than tweaking the source.  I will
be fixing the libc stubs while I'm here.
2003-10-23 05:31:23 +00:00
Warner Losh
1d4cc96d96 more unused item cleanup 2003-10-23 04:53:33 +00:00
Warner Losh
8abef7fd9b BASE is no longer used, and is an appendix. Remove it. 2003-10-23 04:50:35 +00:00
Warner Losh
537db6f8b0 Learn basic C.
((uint32_t *) v) + 10 != ((caddr_t) v) + 10
so apply the cast later.
2003-10-23 03:42:47 +00:00
Hidetoshi Shimokawa
61ba65809d Reduce debug messages. 2003-10-23 01:55:03 +00:00
Nate Lawson
dc0b8f8933 Allow access to the field if it is within the region size rounded up
to a multiple of the access byte width.  This overcomes errors in the
AML often found in Toshiba laptops.  These errors were allowed by
the Microsoft ASL compiler and interpreter.  This will NOT be imported
by ACPI-CA so make the change on our local branch.  File was already off
the vendor branch.

Submitted by:	blaz
Original idea:	Rick Richardson for Linux
2003-10-22 22:30:57 +00:00
Nate Lawson
3c0014e8ae Add the ACPICA_PEDANTIC option which is off by default. Enabling it will
enable strict checks of the AML.  Our default behavior will be to relax
checks to work on as many platforms as possible.  Also clean up and document
other ACPI options while I'm here.
2003-10-22 22:27:49 +00:00
Robert Watson
6fa0475d95 mac_Finish break-out of kern_mac.c into parts:
Include src/sys/security/mac/mac_internal.h in kern_mac.c.

  Remove redundant defines from the include: SYSCTL_DECL(), debug macros,
    composition macros.

  Unstaticize various bits now exposed to the remainder of the kernel:
    mac_init_label(), mac_destroy_label().

  Remove all the functions now implemented in mac_process/mac_vfs/mac_net/
    mac_pipe.  Also remove debug counters, sysctls exporting debug
    counters, enforcement flags, sysctls exporting enforcement flags.

  Leave module declaration, sysctl nodes, mactemp malloc type, system
    calls.

This should conclude MAC/LINT/NOTES breakage from the break-out process,
but I'm running builds now to make sure I caught everything.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:59:31 +00:00
Robert Watson
089c1bdac9 Variable cleanup following break-out of kern_mac.c into sys/security/mac:
Unstaticize mac_late.
  Remove ea_warn_once, now in mac_vfs.c.
  Unstaticisize mac_policy_list, mac_static_policy_list, use
    struct mac_policy_list_head instead of LIST_HEAD() directly.
  Unstaticize and un-inline MAC policy locking functions so they can
    be referenced from mac_*.c.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:47:41 +00:00
Robert Watson
9e7bf51ca8 Rename error_select() to mac_error_select(), and unstaticize so it
can be used from src/sys/security/mac/mac_*.c.

Obtained from:	TrustedBSD Project
Sponosred by:	DARPA, Network Associates Laboratories
2003-10-22 20:42:22 +00:00
Robert Watson
5d79de444b Hook up to the build for options MAC:
security/mac/mac_net.c
	security/mac/mac_pipe.c
	security/mac/mac_process.c
	security/mac/mac_system.c
	security/mac/mac_vfs.c

Note: Here begins a period of NOTES/LINT build breakage due to duplicate
symbols that will shortly be removed from kern_mac.c.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:39:33 +00:00
Robert Watson
6cc24dcbb4 Remove non-VFS related code from mac_vfs.c. Leave:
Extended attribute transaction warning flag if transactions aren't
  supported on the EA implementation being used.

  Debug fallback flag to permit a less conservative fallback if reading
  an on-disk label fails.

  Enforce_fs toggle to enforce file systme access control.

  Debugging counters for file system objects: mounts, vnodes, devfs_dirents.

  Object initialization, destruction, copying, internalization,
  externalization, relabeling for file system objects.

  Life cycle operations for devfs entries.

  Generic extended attribute label implementation for use by UFS, UFS2 in
  multilabel mode.

  Generic single-level label implementation for use by all file systems
  when in singlelabel mode.

  Exec-time transition based on file label entry points.

  Vnode operation access control checks (many).

  Mount operation access control checks (few).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:29:41 +00:00
Poul-Henning Kamp
d55b513f6e Fix a braino memory leak.
Found by:	Pawel Jakub Dawidek <nick@garage.freebsd.pl>
2003-10-22 20:28:46 +00:00
Robert Watson
6bd1173258 Remove non-system bits from mac_system.c. Leave:
Enforce_kld, enforce_system access control toggles.
  Access control checks for: kenv operation, kld operations,
    sysarch_ioperm(), acct(), nfsd(), reboot(), settime(), swapon(),
    swapoff(), sysctl().

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:09:12 +00:00
Robert Watson
5a9c1aaac5 Remove non-credential/process-related bits from mac_process.c. Leave:
Enforce_process, enforce_vm access control enforcement twiddles.
  Credential, process label counters.
  VM revocation sysctls/tunables.
  Credential label management, internalization/externalization/relabel
    code.
  Process label management.
  Proc0, proc1 creation, cred creation.
  Thread userret.
  mac_execve_enter(), _exit(), transition at exec-time.
  VM revocation on process label change.
  Process-related access control checks (visibility, debug, signal, sched).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 20:02:04 +00:00
Robert Watson
73275908f7 Remove non-pipe code from mac_pipe.c. Leave:
Pipe enforcement flag.
  Pipe object debugging counters.
  MALLOC type for MAC label storage.
  Pipe MAC label management routines, externalize/internalization/change
    routines.
  Pipe MAC access control checks.

Un-staticize functions called from mac_set_fd() when operating on a
pipe.  Abstraction improvements in this space seem likely.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 19:31:57 +00:00
Hajimu UMEMOTO
86b51224d4 we have ppsratecheck(). 2003-10-22 19:23:51 +00:00
Robert Watson
28e65e3d2b Remove non-network related contents from mac_net.c. Leave:
Network and socket enforcement toggles.
  Counters for network objects (mbufs, ifnets, bpfdecs, sockets, and ipqs).
  Label management routines for network objects.
  Life cycle events for network objects.
  Label internalization/externalization/relabel for ifnets, sockets,
    including ioctl implementations for sockets, ifnets.
  Access control checks relating to network obejcts.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 19:15:34 +00:00
Hajimu UMEMOTO
9bcf770ca8 IP6Q_LOCK_CHECK -> IP6Q_LOCK_ASSERT.
Sugested by:	sam
2003-10-22 19:03:49 +00:00
Tor Egge
f0da6ec99b Initialize bp->b_offset to the physical offset in partition
so GEOM knows where to read from disk.
2003-10-22 18:57:59 +00:00
Hajimu UMEMOTO
66bb118edd drop the code of HAVE_NRL_INPCB part. our system doesn't
use NRL style INPCB.
2003-10-22 18:52:57 +00:00
Robert Watson
86ea834c58 The following shared types/constants/interfaces/... are required
in mac_internal.h:

  Sysctl tree declarations.

  Policy list structure definition.

  Policy list variables (static, dynamic).

  mac_late flag.

  Enforcement flags for process, vm, which have checks in multiple files.

  mac_labelmbufs variable to drive conditional mbuf labeling.

  M_MACTEMP malloc type.

  Debugging counter macros.

  MAC Framework infrastructure primitives, including policy locking
    primitives, kernel label initialization/destruction, userland
    label consistency checks, policy slot allocation.

  Per-object interfaces for objects that are internalized and externalized
    using system calls that will remain centrally defined: credentials,
    pipes, vnodes.

  MAC policy composition macros: MAC_CHECK, MAC_BOOLEAN, MAC_EXTERNALIZE,
    MAC_INTERNALIZE, MAC_PERFORM.

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-10-22 18:49:29 +00:00
Alan Cox
ab42316c2f - Retire vm_pageout_page_free(). Instead, use vm_page_select_cache() from
vm_pageout_scan().  Rationale: I don't like leaving a busy page in the
   cache queue with neither the vm object nor the vm page queues lock held.
 - Assert that the page is active in vm_pageout_page_stats().
2003-10-22 18:41:32 +00:00