Option 'P1003_1B_SEMAPHORES' to compile them in, or load the "sem" module
to activate them.
Have kern/makesyscalls.sh emit an include for sys/_semaphore.h into sysproto.h
to pull in the typedef for semid_t.
Add the syscalls to the syscall table as module stubs.
under way to move the remnants of the a.out toolchain to ports. As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL. It has already lasted WAY beyond
that.
Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
build on, let alone actually do some useful work on real hardware.
Namely, put it in i386/pc98. There is no bus_dma.h on the other architecures,
tra la.
- add dependencies on opt_cpu.h and opt_kstack_pages.h to the linux module
Makefile in the i386 case. The latter is needed by an i386-only file, the
former by the i386 implementation of linux_sysvec.c (opt_cpu.h is used for
architecture-dependent options, so I added it only for i386, although this
file is also generated for the alpha).
- add a dependency on opt_kstack_pages.h to the pecoff module Makefile.
automatically once opt_foo.h is in SRCS, modulo some carelessness in
removing garbage in stale versions of opt_foo.h (touch(1) should not
be used to create opt_foo.h in kmod.mk or elsewhere).
Cleaned up nearby rule for creating opt_ddb.h.
kernel access control.
Invoke appropriate MAC entry points for a number of VFS-related
operations in the Linux ABI module. In particular, handle uselib
in a manner similar to open() (more work is probably needed here),
as well as handle statfs(), and linux readdir()-like calls.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
kernel access control.
Hook up various policy modules to the kernel build.
Note that a number of these modules require futher entry point commits
in the remainder of the kernel to become fully functional, but enough
of the pieces are in place to allow experimentation.
Note also that it would be desirable to not build the mac_*.ko modules
if 'options MAC' is not defined in the kernel configuration, because
the resulting modules are not useful without the kernel option. There
doesn't appear to be precedent for a way to do this -- for example,
we allow ipfw.ko to be built even if 'options NETINET' isn't defined.
Suggests welcomed on the "best" way to do this.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
kernel access control.
Modify procfs so that (when mounted multilabel) it exports process MAC
labels as the vnode labels of procfs vnodes associated with processes.
Approved by: des
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
kernel access control.
Modify pseudofs so that it can support synthetic file systems with
the multilabel flag set. In particular, implement vop_refreshlabel()
as pn_refreshlabel(). Implement pfs_refreshlabel() to invoke this,
and have it fall back to the mount label if the file system does
not implement pn_refreshlabel() for the node. Otherwise, permit
the file system to determine how the service is provided.
Approved by: des
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
This driver actually works slightly better on -stable than on -current
(the system locks on detach on -current), so it should be MFC'd somewhat
sooner.
This driver currently points out a difficulty in the sound device framework.
The PCM unregister routine is allowed to refuse the detach if the device is
in use. In the case of a USB device, however, this unregistration is much more
mandatory in nature, since the device is *actually* gone when this call is
made. The sound subsystem really should not refuse an unregistration and
should take its own steps to reject further I/O. As a result, if you detach
a USB sound device while it is in use, you can expect a panic shortly
thereafter.
This device cannot currently record audio. Some routines are unwritten as
of yet in uaudio.c to support recording.
This device hangs my -current box on detach. I don't know why. This does
not happen on my -stable machine.
Obtained from: Hiroyuki Aizu
MFC after: 2 weeks
one out of a block cipher. This has 2 advantages:
1) The code is _much_ simpler
2) We aren't committing our security to one algorithm (much as we
may think we trust AES).
While I'm here, make an explicit reseed do a slow reseed instead
of a fast; this is in line with what the original paper suggested.