ƒ°A105635 201 434 139 265 486 149 306 209 168 700 235 237 154 175 344 770 234 574 123 353 240 142 514 179 252 253 152 150 143 297 424 357 277 2504 580 721 445 253 178 239 123 311 209 209 167 161 121 311 153 210 191 200 202 140 237 144 150 443 102 1088 589 399 465 286 586 352 921 191 171 133 222 143 137 147 455 237 128 110 142 184 129 117 272 504 442 304 219 129 272 196 220 273 134 165 162 468 240 126 169 748 144 295 139 210 241 140 316 150 554 156 115 129 142 154 163 133 145 140 150 180 286 355 378 568 436 434 386 364 144 201 145 207 239 224 166 197 218 237 114 267 254 149 159 127 128 273 165 184 112 203 143 181 275 197 175 161 115 175 149 262 262 162 149 237 115 261 372 375 157 210 152 166 503 131 160 124 139 132 136 194 154 170 299 243 291 169 128 298 301 241 129 452 397 819 775 188 203 419 587 179 149 352 K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T16:39:12.000000Z K 7 svn:log V 337 Since the Biba and MLS access checks are identical to the open checks, collapse the two cases more cleanly: rather than wrapping an access check around open, simply provide the open implementation for the access vector entry. No functional change. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T17:01:30.000000Z K 7 svn:log V 43 White space nit the crept in during merge. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T17:05:48.000000Z K 7 svn:log V 168 Synchonize variable spelling with the MAC tree: we shortened some of the names. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T18:05:12.000000Z K 7 svn:log V 389 Demote sockets to single-label objects rather than maintaining a range on them, leaving process credentials as the only kernel objects with label ranges in the Biba and MLS policies. We weren't using the range in any access control decisions, so this lets us garbage collect effectively unused code. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 wollman K 8 svn:date V 27 2002-10-21T18:11:39.000000Z K 7 svn:log V 53 MFC tzdata2002d with updates for Brazil. PR: 44004 END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T18:14:30.000000Z K 7 svn:log V 209 More in the way of minor consistency improvements: trim 'mac_mls_' from another variable to line this up with mac_biba.c Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 6 julian K 8 svn:date V 27 2002-10-21T18:37:34.000000Z K 7 svn:log V 113 Add a flag needed for recovery of excess allocated KSEs. (not used in non KSE processes). Submitted by: davidxu END K 10 svn:author V 6 cognet K 8 svn:date V 27 2002-10-21T18:40:40.000000Z K 7 svn:log V 73 One #include should be enough. Approved by: mux (mentor) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T18:42:01.000000Z K 7 svn:log V 603 Add compartment support to Biba and MLS policies. The logic of the policies remains the same: subjects and objects are labeled for integrity or sensitivity, and a dominance operator determines whether or not subject/object accesses are permitted to limit inappropriate information flow. Compartments are a non-hierarchal component to the label, so add a bitfield to the label element for each, and a set check as part of the dominance operator. This permits the implementation of "need to know" elements of MLS. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 3 des K 8 svn:date V 27 2002-10-21T18:48:28.000000Z K 7 svn:log V 142 Reduce the overhead of the mutex statistics gathering code, try to produce shorter lines in the report, and clean up some minor style issues. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-21T19:00:50.000000Z K 7 svn:log V 144 Spell the BPB member of the 7.10 bootsector as bsBPB rather than bsPBP to be like all the other bootsectors. Apple has done the same it seems. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-21T19:44:07.000000Z K 7 svn:log V 62 fwheads and fwsectors got swapped underway. Approved by: sam END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-21T20:08:28.000000Z K 7 svn:log V 83 We want /dev/md0 for ramdisk roots, not /dev/md0c. Sponsored by: DARPA & NAI Labs END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-21T20:09:59.000000Z K 7 svn:log V 251 GEOM does not (and shall not) propagate flags like D_MEMDISK, so we will revert to checking the name to determine if our root device is a ramdisk, md(4) specifically to determine if we should attempt the root-mount RW Sponsored by: DARPA & NAI Labs. END K 10 svn:author V 7 iedowse K 8 svn:date V 27 2002-10-21T20:10:05.000000Z K 7 svn:log V 673 Remove the "temporary connection" hack in udp_output(). In order to send datagrams from an unconnected socket, we used to first block input, then connect the socket to the sendmsg/sendto destination, send the datagram, and finally disconnect the socket and unblock input. We now use in_pcbconnect_setup() to check if a connect() would have succeeded, but we never record the connection in the PCB (local anonymous port allocation is still recorded, though). The result from in_pcbconnect_setup() authorises the sending of the datagram and selects the local address and port to use, so we just construct the header and call ip_output(). Discussed on: -net Approved by: re END K 10 svn:author V 4 mike K 8 svn:date V 27 2002-10-21T20:35:29.000000Z K 7 svn:log V 140 Add id_t, a new type capable of representing a pid_t or a uid_t. Move the definition of rlim_t to so that it can be shared. END K 10 svn:author V 7 iedowse K 8 svn:date V 27 2002-10-21T20:40:02.000000Z K 7 svn:log V 477 Implement a new IP_SENDSRCADDR ancillary message type that permits a server process bound to a wildcard UDP socket to select the IP address from which outgoing packets are sent on a per-datagram basis. When combined with IP_RECVDSTADDR, such a server process can guarantee to reply to an incoming request using the same source IP address as the destination IP address of the request, without having to open one socket per server IP address. Discussed on: -net Approved by: re END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-21T20:42:20.000000Z K 7 svn:log V 31 Sigh, d_ntracks, not d_nheads. END K 10 svn:author V 8 gallatin K 8 svn:date V 27 2002-10-21T20:48:54.000000Z K 7 svn:log V 255 MFC 1.95: Register the arpintr netisr early. This fixes panics (mainly seen on alphas) which happen when dhclient is run and the machine crashes because the arpintr netisr has not yet been installed. PR: 41642 Tested by: pirzyk, others on freebsd-alpha END K 10 svn:author V 4 mike K 8 svn:date V 27 2002-10-21T20:50:30.000000Z K 7 svn:log V 146 Add the ability to specify a strict C99 environment with the _C99_SOURCE constant, which should be defined before including any standard headers. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-21T20:52:51.000000Z K 7 svn:log V 50 Grrr, s/PBP/BPB/ here as well. Noticed by: peter END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T20:55:39.000000Z K 7 svn:log V 417 Introduce mac_biba_copy() and mac_mls_copy(), which conditionally copy elements of one Biba or MLS label to another based on the flags on the source label element. Use this instead of mac_{biba,mls}_{single,range}() to simplify the existing code, as well as support partial label updates (we don't update if none is requested). Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 5 peter K 8 svn:date V 27 2002-10-21T21:08:32.000000Z K 7 svn:log V 85 psl.h isn't referenced anywhere that I could find on the alpha, so remove this stub. END K 10 svn:author V 6 semenu K 8 svn:date V 27 2002-10-21T21:20:19.000000Z K 7 svn:log V 156 MFC v1.8: MII_TICK needs not restart autonegotiation, the chip behaves pretty well by itself. Slightly rearrange the code to make diff to -current smaller. END K 10 svn:author V 6 semenu K 8 svn:date V 27 2002-10-21T21:21:42.000000Z K 7 svn:log V 157 MFC v1.7: MII_TICK needs not restart autonegotiation, the chip behaves pretty well by itself. Slightly rearrange the code to make diff to -current smaller. END K 10 svn:author V 2 mp K 8 svn:date V 27 2002-10-21T21:36:36.000000Z K 7 svn:log V 61 Add support for sparc64 kernel debugging. Submitted by: tmm END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-21T21:41:19.000000Z K 7 svn:log V 58 DEVFS has been nmountified, so use nmount(2) to mount it. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-21T22:03:03.000000Z K 7 svn:log V 51 Lobotomize MakeDev(), we don't need it with devfs. END K 10 svn:author V 6 julian K 8 svn:date V 27 2002-10-21T22:27:36.000000Z K 7 svn:log V 201 Remove the process state PRS_WAIT. It is never used. I left it there from pre-KSE days as I didn't know if I'd need it or not but now I know I don't.. It's functionality is in TDI_IWAIT in the thread. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T23:16:23.000000Z K 7 svn:log V 327 mac_none is a stub policy without any functional implementation. Various cleanups, no functional changes: - Fix a type in an entry point stub, socket checks accept sockets, not vnodes. - Trailing whitespace - Entry point sort order Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-21T23:51:18.000000Z K 7 svn:log V 260 Add mac(9), a man page providing a basic introduction to the concepts associated with the TrustedBSD MAC Framework, as well as some credits to developers and contributors. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 6 semenu K 8 svn:date V 27 2002-10-22T00:57:51.000000Z K 7 svn:log V 181 Remove the OpenBSD comatibility stuff. Many changes to be more style(9) compilant. Split two pieces if code into separate functions to do not exceed line length due to indentation. END K 10 svn:author V 8 mckusick K 8 svn:date V 27 2002-10-22T00:59:49.000000Z K 7 svn:log V 2405 This checkin reimplements the io-request priority hack in a way that works in the new threaded kernel. It was commented out of the disksort routine earlier this year for the reasons given in kern/subr_disklabel.c (which is where this code used to reside before it moved to kern/subr_disk.c): ---------------------------- revision 1.65 date: 2002/04/22 06:53:20; author: phk; state: Exp; lines: +5 -0 Comment out Kirks io-request priority hack until we can do this in a civilized way which doesn't cause grief. The problem is that it is not generally safe to cast a "struct bio *" to a "struct buf *". Things like ccd, vinum, ata-raid and GEOM constructs bio's which are not entrails of a struct buf. Also, curthread may or may not have anything to do with the I/O request at hand. The correct solution can either be to tag struct bio's with a priority derived from the requesting threads nice and have disksort act on this field, this wouldn't address the "silly-seek syndrome" where two equal processes bang the diskheads from one edge to the other of the disk repeatedly. Alternatively, and probably better: a sleep should be introduced either at the time the I/O is requested or at the time it is completed where we can be sure to sleep in the right thread. The sleep also needs to be in constant timeunits, 1/hz can be practicaly any sub-second size, at high HZ the current code practically doesn't do anything. ---------------------------- As suggested in this comment, it is no longer located in the disk sort routine, but rather now resides in spec_strategy where the disk operations are being queued by the thread that is associated with the process that is really requesting the I/O. At that point, the disk queues are not visible, so the I/O for positively niced processes is always slowed down whether or not there is other activity on the disk. On the issue of scaling HZ, I believe that the current scheme is better than using a fixed quantum of time. As machines and I/O subsystems get faster, the resolution on the clock also rises. So, ten years from now we will be slowing things down for shorter periods of time, but the proportional effect on the system will be about the same as it is today. So, I view this as a feature rather than a drawback. Hence this patch sticks with using HZ. Sponsored by: DARPA & NAI Labs. Reviewed by: Poul-Henning Kamp END K 10 svn:author V 8 mckusick K 8 svn:date V 27 2002-10-22T01:06:44.000000Z K 7 svn:log V 482 This update removes a race between unmount and lookup. The lookup locks the mount point directory while waiting for vfs_busy to clear. Meanwhile the unmount which holds the vfs_busy lock tried to lock the mount point vnode. The fix is to observe that it is safe for the unmount to remove the vnode from the mount point without locking it. The lookup will wait for the unmount to complete, then recheck the mount point when the vfs_busy lock clears. Sponsored by: DARPA & NAI Labs. END K 10 svn:author V 8 mckusick K 8 svn:date V 27 2002-10-22T01:14:25.000000Z K 7 svn:log V 623 This update is a performance improvement when allocating blocks on a full filesystem. Previously, if the allocation failed, we had to fsync the file before rolling back any partial allocation of indirect blocks. Most block allocation requests only need to allocate a single data block and if that allocation fails, there is nothing to unroll. So, before doing the fsync, we check to see if any rollback will really be necessary. If none is necessary, then we simply return. This update eliminates the flurry of disk activity that got triggered whenever a filesystem would run out of space. Sponsored by: DARPA & NAI Labs. END K 10 svn:author V 8 mckusick K 8 svn:date V 27 2002-10-22T01:23:00.000000Z K 7 svn:log V 347 This update further fine tunes the locking of snapshot vnodes in the ffs_copyonwrite routine to avoid a deadlock between the syncer daemon trying to sync out a snapshot vnode and the bufdaemon trying to write out a buffer containing the snapshot inode. With any luck this will be the last snapshot race condition. Sponsored by: DARPA & NAI Labs. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T01:52:53.000000Z K 7 svn:log V 156 .Xr mac.3 and posix1e.3 to mac.9. Point at sys/mac.h in posix1e.3. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-22T02:13:32.000000Z K 7 svn:log V 84 import 1.27 to fix buffer overflow: check size of rlen Obtained from: Heimdal CVS END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-22T02:13:32.000000Z K 7 svn:log V 144 This commit was generated by cvs2svn to compensate for changes in r105672, which included commits to RCS files with non-trunk default branches. END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2002-10-22T02:27:19.000000Z K 7 svn:log V 27 detect idle kse correctly. END K 10 svn:author V 5 silby K 8 svn:date V 27 2002-10-22T02:33:50.000000Z K 7 svn:log V 216 Add some magic bits necessary to turn the transmitter on for some (newer) 556B chips. Requested & tested by: Dinesh Nambisan Magic bits found by: Dave Dribin & Donald Becker MFC After: 3 days END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-22T03:43:30.000000Z K 7 svn:log V 114 import 1.27 to fix buffer overflow: check size of rlen Approved by: security-officer Obtained from: Heimdal CVS END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-22T03:51:10.000000Z K 7 svn:log V 114 import 1.27 to fix buffer overflow: check size of rlen Approved by: security-officer Obtained from: Heimdal CVS END K 10 svn:author V 4 jake K 8 svn:date V 27 2002-10-22T07:10:15.000000Z K 7 svn:log V 74 Start tick at the correct time (cpu_init_clocks), instead of cpu_startup. END K 10 svn:author V 6 cognet K 8 svn:date V 27 2002-10-22T08:27:13.000000Z K 7 svn:log V 66 MFC: Add support for ALi M5451 rev 0.2 Approved by: mux (mentor) END K 10 svn:author V 2 ru K 8 svn:date V 27 2002-10-22T08:30:31.000000Z K 7 svn:log V 30 _games is gone in rev. 1.305. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T09:13:02.000000Z K 7 svn:log V 218 Swing the weed-whacker around libdisk: Constify some things. Staticize some things. Remove some unused things. Prototype some things. Don't install a gazillion man-pages links. Drop support for ON-TRACK disk-manager. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T09:13:27.000000Z K 7 svn:log V 61 Pick up a prototyp from libdisk.h instead of having our own. END K 10 svn:author V 3 tjr K 8 svn:date V 27 2002-10-22T09:57:34.000000Z K 7 svn:log V 117 Add back the typedefs for in_addr_t and in_port_t; some broken autoconf scripts expect to define them. END K 10 svn:author V 3 tmm K 8 svn:date V 27 2002-10-22T10:37:07.000000Z K 7 svn:log V 99 Update for BSD.include.dist r1.60 (addition of include/dev/ofw). Forgotten by: tmm Prodded by: ru END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T10:51:58.000000Z K 7 svn:log V 107 Avoid a lot of #ifdef PC98 code by giving a couple of the Chunk functions an extra argument for all archs. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T10:52:53.000000Z K 7 svn:log V 109 Chunk functions in libdisk take an extra arguement for all archs to accomodate PC98 with less ifdef madness. END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T11:46:06.000000Z K 7 svn:log V 43 Typo: loose -> lose. Submitted by: trevor END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T11:55:27.000000Z K 7 svn:log V 144 Live with it: I had hoped to find a neat way to deal with all the magic numbers, but so far havn't come up with anything: Add an #ifdef PC98. END K 10 svn:author V 8 sheldonh K 8 svn:date V 27 2002-10-22T12:10:27.000000Z K 7 svn:log V 47 Fix typo in comments (misspelled "necessary"). END K 10 svn:author V 4 mike K 8 svn:date V 27 2002-10-22T13:26:35.000000Z K 7 svn:log V 57 Note that id_t can also hold a gid_t. Realign comments. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T14:22:24.000000Z K 7 svn:log V 346 Flesh out prototypes for __mac_get_pid, __mac_get_link, and __mac_set_link, based on __mac_get_proc() except with a pid, and __mac_get_file(), __mac_set_file() except that they do not follow symlinks. First in a series of commits to flesh out the user API. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T14:23:52.000000Z K 7 svn:log V 7 Regen. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T14:27:44.000000Z K 7 svn:log V 991 Revised APIs for user process label management; the existing APIs relied on all label parsing occuring in userland, and knowledge of the loaded policies in the user libraries. This revision of the API pushes that parsing into the kernel, avoiding the need for shared library support of policies in userland, permitting statically linked binaries (such as ls, ps, and ifconfig) to use MAC labels. In these API revisions, high level parsing of the MAC label is done in the MAC Framework, and interpretation of label elements is delegated to the MAC policy modules. This permits modules to export zero or more label elements to user space if desired, and support them in the manner they want and with the semantics they want. This is believed to be the final revision of this interface: from the perspective of user applications, the API has actually not changed, although the ABI has. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T14:29:47.000000Z K 7 svn:log V 492 Support the new MAC user API in kernel: modify existing system calls to use a modified notion of 'struct mac', and flesh out the new variation system calls (almost identical to existing ones except that they permit a pid to be specified for process label retrieval, and don't follow symlinks). This generalizes the label API so that the framework is now almost entirely policy-agnostic. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-22T14:31:32.000000Z K 7 svn:log V 306 - Check that a process isn't a new process (p_state == PRS_NEW) before trying to acquire it's proc lock since the proc lock may not have been constructed yet. - Split up the one big comment at the top of the loop and put the pieces in the right order above the various checks. Reported by: kris (1) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T14:31:34.000000Z K 7 svn:log V 368 Adapt MAC policies for the new user API changes; teach policies how to parse their own label elements (some cleanup to occur here in the future to use the newly added kernel strsep()). Policies now entirely encapsulate their notion of label in the policy module. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T14:32:54.000000Z K 7 svn:log V 189 Move the label initialized flag into _label.h: it's no longer exported to userspace. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T14:36:11.000000Z K 7 svn:log V 489 Reflect MAC kernel/user API changes into the libc MAC implementation. This removes a lot of complexity, since we basically just reserve space on a retrieval of a label, and pass around strings. Two new elements: (1) consumers of the API must now declare what label elements they are interested in retrieving, or (2) rely on the default provided in a new configuration file, mac.conf. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T14:38:49.000000Z K 7 svn:log V 255 Hook up a sample mac.conf to the install. The sample basically tells applications to print labels for all of the TrustedBSD- generated policies, if they are present. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 4 fjoe K 8 svn:date V 27 2002-10-22T14:44:03.000000Z K 7 svn:log V 827 MFC: - signal handling - thread suspension, add pthread_suspend/resume_all_np() - don't allow the uthread kernel pipe to use the same descriptors as stdio - make sigpending() and sigsuspend() account for signals that are pending on the process as well as pending on the current thread - thread_kern_poll(): limit maximum poll interval to 60 seconds - _select(): return correct number of total bits set in all fd_set's, change case of POLLNVAL as an error, remove POLLHUP and POLLERR from one case, their place is most likely amongst read events - use SA_RESTART for signal handlers - disconnect uthread_sigblock.c and uthread_sigsetmask.c from the build, remove sources not connected to build - pthread_xxx and sem_xxx symbols are now weak - remove #ifdef _THREAD_SAFE from sources -- it is not needed Approved by: deischen END K 10 svn:author V 4 bmah K 8 svn:date V 27 2002-10-22T14:59:31.000000Z K 7 svn:log V 98 Belated version bump for FreeBSD 4.7. PR: 44370 Submitted by: Barney Wolff END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T15:01:50.000000Z K 7 svn:log V 79 Invert the logic of the NO_MAKEDEV options to match the 5.0-R default install. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T15:02:53.000000Z K 7 svn:log V 41 Change to match NO_MAKEDEV* -> MAKEDEV*. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T15:03:51.000000Z K 7 svn:log V 129 Fix example, we do not need NO_MAKEDEV_RUN any more. XXX: this example should be updated with a good example of devfs(8) rules. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T15:04:32.000000Z K 7 svn:log V 51 Don't use NO_MAKEDEV* option, its the default now. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T15:07:17.000000Z K 7 svn:log V 45 Give a real error on failure to mount DEVFS. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T15:07:50.000000Z K 7 svn:log V 55 Remove the last traces of bogus MAKEDEV functionality. END K 10 svn:author V 3 ume K 8 svn:date V 27 2002-10-22T15:08:29.000000Z K 7 svn:log V 362 MFC: Put giant locks due to make getaddrinfo(), getnameinfo() and getipnodeby*() thread-safe. Our res_*() is not thread-safe. So, we share lock between getaddrinfo() and getipnodeby*(). Still, we cannot use getaddrinfo() and getipnodeby*() in conjunction with other functions which call res_*(). lib/libc/net/getaddrinfo.c: 1.34 lib/libc/net/name6.c: 1.29 END K 10 svn:author V 4 jake K 8 svn:date V 27 2002-10-22T15:15:39.000000Z K 7 svn:log V 143 Rename the libc signal trampoline to __sigtramp to match netbsd. This should allow gdb to detect when we're executing in a signal trampoline. END K 10 svn:author V 4 nyan K 8 svn:date V 27 2002-10-22T15:19:46.000000Z K 7 svn:log V 35 MFi386: revisions 1.189 and 1.190. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T15:22:36.000000Z K 7 svn:log V 18 No longer needed. END K 10 svn:author V 4 nyan K 8 svn:date V 27 2002-10-22T15:22:49.000000Z K 7 svn:log V 49 Merged from sys/isa/syscons_isa.c revision 1.20. END K 10 svn:author V 5 luigi K 8 svn:date V 27 2002-10-22T15:23:13.000000Z K 7 svn:log V 90 List some of the Compact Flash readers known to work with this driver. MFC after: 3 days END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-22T15:25:19.000000Z K 7 svn:log V 37 Remove more private MAKEDEV kludges. END K 10 svn:author V 4 nyan K 8 svn:date V 27 2002-10-22T15:25:25.000000Z K 7 svn:log V 24 MFi386: revision 1.543. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T15:33:33.000000Z K 7 svn:log V 175 Missed in previous merge: export sizeof(struct oldmac) rather than sizeof(struct mac). Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T15:53:43.000000Z K 7 svn:log V 407 Introduce MAC_CHECK_VNODE_SWAPON, which permits MAC policies to perform authorization checks during swapon() events; policies might choose to enforce protections based on the credential requesting the swap configuration, the target of the swap operation, or other factors such as internal policy state. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T15:56:44.000000Z K 7 svn:log V 345 Invoke mac_check_vnode_mmap() during mmap operations on vnodes, permitting policies to restrict access to memory mapping based on the credential requesting the mapping, the target vnode, the requested rights, or other policy considerations. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 6 robert K 8 svn:date V 27 2002-10-22T16:06:28.000000Z K 7 svn:log V 208 Change the `mutex_prof' structure to use three variables contained in an anonymous structure as counters, instead of an array with preprocessor-defined names for indices. Remove the associated XXX- comment. END K 10 svn:author V 6 alfred K 8 svn:date V 27 2002-10-22T16:12:27.000000Z K 7 svn:log V 123 Explain to users that they may want to kldload aio. Move Xref sections. Submitted by: Craig Rodrigues END K 10 svn:author V 5 mdodd K 8 svn:date V 27 2002-10-22T16:42:16.000000Z K 7 svn:log V 35 Reserve a major number for NVIDIA. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T17:02:42.000000Z K 7 svn:log V 175 Don't enforce MAC Biba policy for socket visibility if Biba is not explicitly enabled. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 4 bmah K 8 svn:date V 27 2002-10-22T17:05:36.000000Z K 7 svn:log V 102 New release notes: devctl, gbde(8), RAIDframe/raid(4), devd(8), removal of many (but not all) games. END K 10 svn:author V 4 bmah K 8 svn:date V 27 2002-10-22T17:09:23.000000Z K 7 svn:log V 126 Add Sun type 6 USB keyboard and mouse to supported device list. PR: 43974 Submitted by: Hendrik Scholz END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T17:10:15.000000Z K 7 svn:log V 176 opt_mac.h is no longer required for any of these modules, remove from the dependencies. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 4 bmah K 8 svn:date V 27 2002-10-22T17:11:48.000000Z K 7 svn:log V 41 MFC: Add Sun type 6 keyboard and mouse. END K 10 svn:author V 4 fjoe K 8 svn:date V 27 2002-10-22T17:11:49.000000Z K 7 svn:log V 72 fix pthread_suspend/resume_all_np() declarations Approved by: deischen END K 10 svn:author V 4 fjoe K 8 svn:date V 27 2002-10-22T17:13:32.000000Z K 7 svn:log V 69 remove unused __sys_sigaltstack() declaration Approved by: deischen END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T17:19:06.000000Z K 7 svn:log V 371 Remove the mac_te policy bits from 'struct oldmac' -- we're not going to merge mac_te, since the SEBSD port of SELinux/FLASK provides a much more mature Type Enforcement implementation. This changes the size of the on-disk 'struct oldmac' EA labels, which may require regeneration. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-22T17:30:52.000000Z K 7 svn:log V 147 Add an identify method that creates a pmtimer0 device if it doesn't alreedy exist. Hints are no longer needed to instantiate a pmtimer(4) device. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-22T17:32:27.000000Z K 7 svn:log V 34 No need for pmtimer hint anymore. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-22T17:32:51.000000Z K 7 svn:log V 77 - No need for pmtimer hint anymore. - npx doesn't need an 'at' hint anymore. END K 10 svn:author V 4 jake K 8 svn:date V 27 2002-10-22T18:03:15.000000Z K 7 svn:log V 654 - Expand struct trapframe to 256 bytes, make all fields fixed width and the same size. Add some fields that previously overlapped with something else or were missing. - Make struct regs and struct mcontext (minus floating point) the same as struct trapframe so converting between them is easy (null). - Add space for saving floating point state to struct mcontext. This requires that it be 64 byte aligned. - Add assertions that none of these structures change size, as they are part of the ABI. - Remove some dead code in sendsig(). - Save and restore %gsr in struct trapframe. Remember to restore %fsr. - Add some comments to exception.S. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T18:36:47.000000Z K 7 svn:log V 48 s/mls/biba/ in a copy+paste error for a printf. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-22T18:44:59.000000Z K 7 svn:log V 202 Don't dereference the 'x' pointer if it is NULL, instead skip the assignment. The netsmb code likes to call these functions with a NULL x argument a lot. Reported by: Vallo Kallaste END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-22T19:01:49.000000Z K 7 svn:log V 43 Style fix: space between 'switch' and '('. END K 10 svn:author V 8 jmallett K 8 svn:date V 27 2002-10-22T19:25:58.000000Z K 7 svn:log V 112 Add the concept of a per-disk error string, and a function which prints it along with the errno, if one is set. END K 10 svn:author V 8 jmallett K 8 svn:date V 27 2002-10-22T19:27:09.000000Z K 7 svn:log V 143 Use the libufs_printerror() function, which hopefully will deconfuse users getting error cases in a libufsificated dumpfs(8). Poked by: kkenn END K 10 svn:author V 8 jmallett K 8 svn:date V 27 2002-10-22T19:31:05.000000Z K 7 svn:log V 43 When errno is not set, do not use warn(3). END K 10 svn:author V 8 jmallett K 8 svn:date V 27 2002-10-22T19:36:10.000000Z K 7 svn:log V 218 Use an error message closer to old dumpfs(8) in the case of truncated/no superblock. Submitted by: kkenn Can't use it verbatim, at least I hate to, as the ", skipped" bit doesn't make much sense in a library, to me. END K 10 svn:author V 8 jmallett K 8 svn:date V 27 2002-10-22T19:55:44.000000Z K 7 svn:log V 53 Forgot to include when using 'errno' here. END K 10 svn:author V 6 thomas K 8 svn:date V 27 2002-10-22T20:18:51.000000Z K 7 svn:log V 458 Fill in missing parts of the ATAPI/CAM XPT: implement XPT_RESET_BUS and XPT_RESET_DEV. In order to properly handle reset requests whether they originate in the ATA layer (atacontrol reinit) or from the CAM layer (camcontrol reset) ata_reinit does not cause the SIM to be deallocated anymore. The SIM is now unconditionnally created for each ATAPI bus. This change may cause existing bus ids to change on some setups. Reviewed by: roberto Approved by: sos END K 10 svn:author V 4 fjoe K 8 svn:date V 27 2002-10-22T20:45:03.000000Z K 7 svn:log V 63 SYSVIPC sysctl variables are now tunables Approved by: alfred END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T22:34:29.000000Z K 7 svn:log V 18 rulset -> ruleset END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T22:36:56.000000Z K 7 svn:log V 32 s/then/than/ where appropriate. END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T22:39:18.000000Z K 7 svn:log V 45 The ipfw module is only loaded if necessary. END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T22:43:24.000000Z K 7 svn:log V 57 Improve wording by removing repetitive use of 'default'. END K 10 svn:author V 3 suz K 8 svn:date V 27 2002-10-22T22:50:38.000000Z K 7 svn:log V 71 fixed a kernel crash by "ifconfig stf0 inet 1.2.3.4" MFC after: 1 week END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T22:52:24.000000Z K 7 svn:log V 36 Split an excessively long sentence. END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T23:06:29.000000Z K 7 svn:log V 48 Refer to doc/en_US.ISO8859-1 for documentation. END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T23:11:38.000000Z K 7 svn:log V 43 Add description of fetch-recursive target. END K 10 svn:author V 8 keramida K 8 svn:date V 27 2002-10-22T23:36:10.000000Z K 7 svn:log V 53 Minor grammar fix: referenced to -> in reference to. END K 10 svn:author V 3 kan K 8 svn:date V 27 2002-10-23T01:43:29.000000Z K 7 svn:log V 88 Add support for binaries with arbitrary number of PT_LOAD sections. Reviewed by: peter END K 10 svn:author V 8 jmallett K 8 svn:date V 27 2002-10-23T01:57:33.000000Z K 7 svn:log V 188 De-obfuscate and correct the include path handling for SysV style includes. PR: 32759 Submitted by: Mark Valentine Reviewed by: Matthew Emmerton" MFC after: 15 days END K 10 svn:author V 3 kan K 8 svn:date V 27 2002-10-23T01:57:39.000000Z K 7 svn:log V 262 Handle binaries with arbitrary number PT_LOAD sections, not only ones with one text and one data section. The text and data rlimit checks still needs to be fixed to properly accout for additional sections. Reviewed by: peter (slightly different patch version) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-23T03:15:24.000000Z K 7 svn:log V 281 Introduce simple command line tools to manage MAC labels on processes and files. Basically wrappers for mac_{get,set}_{file,link,pid,proc}(3). Man pages to be updated shortly. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-23T03:17:22.000000Z K 7 svn:log V 471 If LOGIN_SETMAC is set and MAC is enabled in the kernel, then see if the user has a 'label' entry in their login class. If so, attempt to set that label on the process as part of the credential setup. If we're unable to parse the label, or unable to set the label, fail. In the future, we may also want to warn if a label is set but the kernel doesn't support MAC. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-23T03:19:34.000000Z K 7 svn:log V 339 Add a new '-s' option to su(1): if the flag is present, attempt to also set the user's MAC label as part of the user credential setup by setting setusercontext(3)'s SETMAC flag. By default, change only traditional process properties. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 6 marcel K 8 svn:date V 27 2002-10-23T03:33:06.000000Z K 7 svn:log V 338 Don't complain if we have an inconsistent map that may be the result of an incomplete migration. An incomplete migration is one where the MBR is not turned into a PMBR after creating the GPT. This early in the game it's more convenient to allow the inconsistency, because that avoids that we have to destroy the MBR partitioning for now. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-23T03:40:47.000000Z K 7 svn:log V 289 Teach ifconfig(8) how to print and set the MAC labels on network interfaces using the 'mac' argument. Without MAC support in the kernel, this does not change the behavior of ifconfig. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 3 tjr K 8 svn:date V 27 2002-10-23T04:35:25.000000Z K 7 svn:log V 271 Replace this wcsncpy() implementation with one based on strncpy.c to fix two major bugs: - off-by-one overflow when the length of the source string exceeds or equals the destination buffer size. - old version was not padding the destination buffer with null wide chars END K 10 svn:author V 6 scottl K 8 svn:date V 27 2002-10-23T04:50:34.000000Z K 7 svn:log V 49 Hook raidctl up to the build. Submitted by: tjr END K 10 svn:author V 8 mckusick K 8 svn:date V 27 2002-10-23T05:14:06.000000Z K 7 svn:log V 103 Missplaced FREE_LOCK causes a panic when hit while taking a snapshot. Sponsored by: DARPA & NAI Labs. END K 10 svn:author V 2 ue K 8 svn:date V 27 2002-10-23T06:02:16.000000Z K 7 svn:log V 54 Add two missing I noticed during translation. END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-23T06:10:08.000000Z K 7 svn:log V 112 import 1.29 to fix buffer overflow: check the length of the authenticator and rlen Obtained from: Heimdal CVS END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-23T06:10:08.000000Z K 7 svn:log V 144 This commit was generated by cvs2svn to compensate for changes in r105765, which included commits to RCS files with non-trunk default branches. END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-23T06:12:21.000000Z K 7 svn:log V 129 update version numbers to (consistenly): krb4 1.0.5 fb1 (including the kadmind fix) heimdal 0.5 fb1 (including the kadmind fix) END K 10 svn:author V 5 maxim K 8 svn:date V 27 2002-10-23T07:40:17.000000Z K 7 svn:log V 72 MFC rev. 1.45: fix getopt(3) optstring: remove a flag we do not handle. END K 10 svn:author V 4 roam K 8 svn:date V 27 2002-10-23T08:10:00.000000Z K 7 svn:log V 103 MFC ncal.c rev. 1.18, ncal.1 rev. 1.15: Teach ncal(1) about month names specified on the command line. END K 10 svn:author V 3 des K 8 svn:date V 27 2002-10-23T08:21:00.000000Z K 7 svn:log V 125 (MFP4#19900) Write message to stdout, not stderr. Submitted by: jmallet Sponsored by: Rachel Hestilow END K 10 svn:author V 3 des K 8 svn:date V 27 2002-10-23T08:21:00.000000Z K 7 svn:log V 144 This commit was generated by cvs2svn to compensate for changes in r105770, which included commits to RCS files with non-trunk default branches. END K 10 svn:author V 3 des K 8 svn:date V 27 2002-10-23T08:55:14.000000Z K 7 svn:log V 22 Translate to English. END K 10 svn:author V 5 maxim K 8 svn:date V 27 2002-10-23T08:58:36.000000Z K 7 svn:log V 172 MFC rev. 1.92: fixes non-zero'd out sin_zero field problem so that the padding is used as it is supposed to be. PR: kern/31704 kern/36813 Approved by: silence on -stable END K 10 svn:author V 5 maxim K 8 svn:date V 27 2002-10-23T10:05:19.000000Z K 7 svn:log V 159 Use syslog for messages about dropped sessions, do not flood a console. Suggested by: Eugene Grosbein Approved by: luigi MFC after: 1 week END K 10 svn:author V 5 maxim K 8 svn:date V 27 2002-10-23T10:07:55.000000Z K 7 svn:log V 55 Kill EOL spaces. Approved by: luigi MFC after: 1 week END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T10:12:12.000000Z K 7 svn:log V 65 Put parentheses around function-like macros to shut up warnings. END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T10:14:30.000000Z K 7 svn:log V 33 Very minor whitespace/style nit. END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T10:15:44.000000Z K 7 svn:log V 34 Constify to squash some warnings. END K 10 svn:author V 3 tjr K 8 svn:date V 27 2002-10-23T10:16:21.000000Z K 7 svn:log V 180 Add a Standards section, claiming conformance to IEEE Std. 1003.1-2001. Also add a note to the Bugs section pointing out that strerror() and perror() share the same static buffer. END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T10:20:01.000000Z K 7 svn:log V 71 Constify, staticify, rationalise types and fix other related warnings. END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T10:23:38.000000Z K 7 svn:log V 90 Be consistent about declaring a function "static", and consistent about the type of argv. END K 10 svn:author V 3 des K 8 svn:date V 27 2002-10-23T10:26:54.000000Z K 7 svn:log V 20 Whitespace cleanup. END K 10 svn:author V 3 ume K 8 svn:date V 27 2002-10-23T10:45:09.000000Z K 7 svn:log V 110 query ip6.arpa then ip6.int for IPv6 reverse lookup. follows RFC3152. Obtained from: KAME MFC after: 1 week END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T10:47:00.000000Z K 7 svn:log V 51 Add the new extra argument also in the alpha case. END K 10 svn:author V 3 tjr K 8 svn:date V 27 2002-10-23T10:47:47.000000Z K 7 svn:log V 89 Reimplement, handling the case where c == L'\0' correctly and fixing some style(9) bugs. END K 10 svn:author V 3 tjr K 8 svn:date V 27 2002-10-23T10:52:04.000000Z K 7 svn:log V 182 Reimplement more efficiently, using a single forward scan (like strrchr(3)) instead of scanning forwards to find the end of the string then scanning backwards to find the character. END K 10 svn:author V 3 tjr K 8 svn:date V 27 2002-10-23T11:08:40.000000Z K 7 svn:log V 104 Fix the NetBSD RCS id's on these files; somehow they were initially committed with the tags unexpanded. END K 10 svn:author V 2 ru K 8 svn:date V 27 2002-10-23T12:05:27.000000Z K 7 svn:log V 84 Need to run lint1 from ${WORLDTMP}/usr/libexec during buildworld. Spotted by: fjoe END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T12:13:10.000000Z K 7 svn:log V 69 Only define SEEK_{SET,CUR,END} if not already defined (by ) END K 10 svn:author V 4 nyan K 8 svn:date V 27 2002-10-23T12:54:05.000000Z K 7 svn:log V 22 MFi386: revision 1.10 END K 10 svn:author V 4 nyan K 8 svn:date V 27 2002-10-23T13:00:09.000000Z K 7 svn:log V 82 - The GEOM system does not work on pc98. - Fix to build w/o the HAVE_GEOM option. END K 10 svn:author V 8 simokawa K 8 svn:date V 27 2002-10-23T13:04:02.000000Z K 7 svn:log V 52 - Dequeue OCBs more safely in sbp_abort_all_ocbs(). END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-23T13:07:43.000000Z K 7 svn:log V 167 MFC kadm_ser_wrap.c:1.1.1.4: fix buffer overflow MFC updating kerberosIV and kerberos5 versions consistenly Approved by: security-officer Obtained from: kth-krb CVS END K 10 svn:author V 5 assar K 8 svn:date V 27 2002-10-23T13:21:32.000000Z K 7 svn:log V 167 MFC kadm_ser_wrap.c:1.1.1.4: fix buffer overflow MFC updating kerberosIV and kerberos5 versions consistenly Approved by: security-officer Obtained from: kth-krb CVS END K 10 svn:author V 6 jedgar K 8 svn:date V 27 2002-10-23T14:10:32.000000Z K 7 svn:log V 67 Update UPDATING and bump patch level for tar(1) and kadmind fixes. END K 10 svn:author V 6 jedgar K 8 svn:date V 27 2002-10-23T14:11:45.000000Z K 7 svn:log V 54 Update UPDATING and bump patch level for kadmind fix. END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T14:18:07.000000Z K 7 svn:log V 142 Make the first argument of getbsize a size_t* instead of an int*, as this is what the quantity actually is. Fix an easy const while I'm here. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T14:37:43.000000Z K 7 svn:log V 23 Fix cut&paste mistake. END K 10 svn:author V 3 ume K 8 svn:date V 27 2002-10-23T14:45:25.000000Z K 7 svn:log V 168 MFS: Allocate 64K recieve buffer for DNS responses. lib/libc/net/gethostbydns.c: 1.27.2.4 lib/libc/net/getnetbydns.c: 1.13.2.4 Approved by: security-officer END K 10 svn:author V 3 ume K 8 svn:date V 27 2002-10-23T14:48:22.000000Z K 7 svn:log V 279 MFS: Allocate 64K recieve buffer for DNS responses. lib/libc/net/getaddrinfo.c: 1.9.2.10, 1.9.2.11 lib/libc/net/gethostbydns.c: 1.27.2.4 lib/libc/net/getnetbydns.c: 1.13.2.4 lib/libc/net/name6.c: 1.6.2.7 lib/libc/net/res_mkquery.c: 1.15.2.2 Approved by: security-officer END K 10 svn:author V 3 ume K 8 svn:date V 27 2002-10-23T14:50:52.000000Z K 7 svn:log V 282 MFS: Allocate 64K recieve buffer for DNS responses. lib/libc/net/getaddrinfo.c: 1.9.2.10, 1.9.2.11 lib/libc/net/gethostbydns.c: 1.27.2.4 lib/libc/net/getnetbydns.c: 1.13.2.4 lib/libc/net/name6.c: 1.6.2.7 lib/libc/net/res_mkquery.c: 1.15.2.2 Approved by: security-officer END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-23T14:52:53.000000Z K 7 svn:log V 65 npx(4) doesn't honor port hints so don't provide an example one. END K 10 svn:author V 4 fanf K 8 svn:date V 27 2002-10-23T14:59:14.000000Z K 7 svn:log V 116 MFC: sync with current, bringing in a whole load of style fixes, plus bignum factorization on systems with OpenSSL. END K 10 svn:author V 8 simokawa K 8 svn:date V 27 2002-10-23T15:16:37.000000Z K 7 svn:log V 55 Don't send/recieve packets when the interface is down. END K 10 svn:author V 4 fjoe K 8 svn:date V 27 2002-10-23T15:35:07.000000Z K 7 svn:log V 73 MFC: sysvmsg sysctls and tuneables Submitted by: mr Approved by: alfred END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-23T15:53:09.000000Z K 7 svn:log V 410 - New-bussify the rc(4) device driver. - Add detach support to the driver so that you can kldunload the module. Note that currently rc_detach() fails to detach a unit if any of its child devices are open, thus a kldunload will fail if any of the tty devices are currently open. - sys/i386/isa/ic/cd180.h was moved to sys/dev/ic/cd180.h as part of this change. Requested by: rwatson Tested by: rwatson END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T16:20:12.000000Z K 7 svn:log V 37 Remove unneeded function prototypes. END K 10 svn:author V 4 ache K 8 svn:date V 27 2002-10-23T17:18:39.000000Z K 7 svn:log V 67 MFC: yacc.y up to 1.14 (minimize -current WARNS diff, DIGIT check) END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T17:35:11.000000Z K 7 svn:log V 30 Remove duplicate declaration. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T18:27:37.000000Z K 7 svn:log V 47 Remove NO_GEOM from sparc64. Reminded by: jhb END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T18:55:20.000000Z K 7 svn:log V 38 Adjust argument passed to getbsize(). END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T19:02:17.000000Z K 7 svn:log V 42 Adjust for getbsize argument type change. END K 10 svn:author V 2 ru K 8 svn:date V 27 2002-10-23T19:04:00.000000Z K 7 svn:log V 102 A crude temporary hack to fix building of ms(7) formatted documents while I am working on a real fix. END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T19:10:15.000000Z K 7 svn:log V 60 Change the type of an unused variable to appease a warning. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T19:32:18.000000Z K 7 svn:log V 78 Separate the struct disklabel filling stuff from the rest of Write_FreeBSD(). END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T19:52:32.000000Z K 7 svn:log V 206 Untangle #ifdefs in the write-end of things by giving each arch its own file and own copy of WriteDisk() to do things in. This should have happened years ago, instead of adding #ifdefs all over the place. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T20:02:33.000000Z K 7 svn:log V 150 Remove unnecessary ioctls tickling kernel side to realize that we fiddled with the disk. GEOM will automatically retaste when we closet he filedesc. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T20:15:10.000000Z K 7 svn:log V 198 Rely on sysctl kern.disks to be there, and get rid of one of the far too many lists of disk device driver names in the system. At this point we should really get the names from the XML, but hey... END K 10 svn:author V 3 jhb K 8 svn:date V 27 2002-10-23T20:18:33.000000Z K 7 svn:log V 77 We always need sys/pcpu.h now, not just for the SMP case. Approved by: jake END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T20:35:42.000000Z K 7 svn:log V 36 Remove another 10 mindless #ifdefs. END K 10 svn:author V 3 phk K 8 svn:date V 27 2002-10-23T21:05:42.000000Z K 7 svn:log V 205 More lobotomy: remove CHUNK_BSD_COMPAT, it was a bad idea, and now its gone. remove DOSPTYP_ONTRACK, missed in OnTrack removal commit. unifdef -DHAVE_GEOM make tst01 compile again. END K 10 svn:author V 8 gallatin K 8 svn:date V 27 2002-10-23T21:28:52.000000Z K 7 svn:log V 203 Remove the hack to build groff statically on alpha, now that the rtld has been extended to grok binaries with only one PLT_LOAD segment An UPDATING entry about this is pending review.. Approved by: ru END K 10 svn:author V 8 mckusick K 8 svn:date V 27 2002-10-23T21:47:02.000000Z K 7 svn:log V 143 We must be careful to avoid recursive copy-on-write faults when trying to clean up during disk-full senarios. Sponsored by: DARPA & NAI Labs. END K 10 svn:author V 5 markm K 8 svn:date V 27 2002-10-23T22:09:05.000000Z K 7 svn:log V 35 Fix for changed getbsize arg type. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-23T22:50:04.000000Z K 7 svn:log V 355 Rename ifconfig's "mac" argument to "maclabel" to prevent confusion regarding 802.1 MAC and Mandatory Access Control (MAC). Some potential for confusion remains further in other areas of the system regarding Message Authentication Codes (MAC). Requested by: wollman Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 8 jmallett K 8 svn:date V 27 2002-10-23T23:16:43.000000Z K 7 svn:log V 299 Remove efree(), it isn't used consistently enough to even pretend that it might help on the systems it could possibly be used as a bandaid for. In fact, the only thing it's useful for is instrumenting free(3) calls, and in that capacity, it's better served as a local patch, than a public wrapper. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-23T23:36:26.000000Z K 7 svn:log V 722 Provide a simple sample labeled access control policy, mac_partition. This policy can be loaded dynamically, and assigns each process a partition number, as well as permitting processes to operate outside the partition. Processes contained in a partition can only "see" processes inside the same partition, so it's a little like jail. The partition of a user can be set using the label mechanisms in login.conf. This sample policy is a good starting point for developers wanting to learn about how to produce labeled policies, as it labels only one kernel object, the process credential. PR: Submitted by: Reviewed by: Approved by: Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-23T23:36:27.000000Z K 7 svn:log V 678 Provide a simple sample labeled access control policy, mac_partition. This policy can be loaded dynamically, and assigns each process a partition number, as well as permitting processes to operate outside the partition. Processes contained in a partition can only "see" processes inside the same partition, so it's a little like jail. The partition of a user can be set using the label mechanisms in login.conf. This sample policy is a good starting point for developers wanting to learn about how to produce labeled policies, as it labels only one kernel object, the process credential. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 5 chris K 8 svn:date V 27 2002-10-23T23:55:23.000000Z K 7 svn:log V 94 Remove hard sentence breaks. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs END K 10 svn:author V 5 chris K 8 svn:date V 27 2002-10-23T23:56:15.000000Z K 7 svn:log V 108 Remove superfluous empty "FILES" section. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-24T00:00:57.000000Z K 7 svn:log V 322 Use the MAC interface to list process MAC labels rather than using the LOMAC-specific interface (which is being deprecated). The revised LOMAC using the MAC framework will export levels listable using this mechanism. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2002-10-24T00:07:30.000000Z K 7 svn:log V 490 Teach "ls -Z" to use the policy-agnostic MAC label interfaces rather than the LOMAC-specific interfaces for listing MAC labels. This permits ls to view MAC labels in a manner similar to getfmac, when ls is used with the -l argument. Next generation LOMAC will use the MAC Framework so should "just" work with this and other policies. Not the prettiest code in the world, but then, neither is ls(1). Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories END K 10 svn:author V 6 jedgar K 8 svn:date V 27 2002-10-24T00:18:46.000000Z K 7 svn:log V 84 Arghh, apply -p1 to BRANCH, not REVISION. Submitted by: Andrew END K 10 svn:author V 6 kbyanc K 8 svn:date V 27 2002-10-24T00:35:31.000000Z K 7 svn:log V 54 MFC 1.390: Make kqueue(2) work for virtual terminals. END K 10 svn:author V 5 chris K 8 svn:date V 27 2002-10-24T01:01:29.000000Z K 7 svn:log V 257 mac_free() no longer accepts a void * parameter; only mac_t's are supposed to be passed. Point this out in a warning notice, which will eventually go away, sometime between now and -RELEASE. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs END