ƒ°}155192 206 654 129 539 679 226 192 280 214 108 1777 164 190 276 247 248 327 180 177 187 147 164 417 355 119 236 241 212 230 355 249 346 123 133 173 139 204 283 653 247 207 155 230 1071 148 213 164 195 189 278 130 137 182 192 117 120 113 555 208 108 691 182 195 255 156 206 329 224 179 188 188 107 112 133 155 164 107 299 176 188 542 170 239 137 244 113 381 141 293 289 132 133 160 204 387 198 216 716 257 350 241 187 288 192 108 147 215 234 253 202 129 134 121 248 198 348 251 293 339 278 1172 392 299 162 210 196 206 165 176 206 329 1136 423 1383 173 232 166 108 155 169 136 246 131 420 144 180 316 426 140 140 147 390 279 256 231 262 127 122 262 264 157 263 377 258 197 191 189 174 227 423 108 312 193 519 241 187 289 205 235 241 328 226 108 190 108 385 772 108 225 187 201 170 242 394 275 849 137 293 179 160 158 363 125 255 150 269 186 K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-01T20:01:18.000000Z K 7 svn:log V 557 Import kernel audit framework: - Management of audit state on processes. - Audit system calls to configure process and system audit state. - Reliable audit record queue implementation, audit_worker kernel thread to asynchronously store records on disk. - Audit event argument. - Internal audit data structure -> BSM audit trail conversion library. - Audit event pre-selection. - Audit pseudo-device permitting kernel->user upcalls to notify auditd of kernel audit events. Much work by: wsalamon Obtained from: TrustedBSD Project, Apple Computer, Inc. END K 10 svn:author V 7 glebius K 8 svn:date V 27 2006-02-01T20:30:55.000000Z K 7 svn:log V 33 Xref rwlock(9). Reviewed by: ru END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-01T21:00:16.000000Z K 7 svn:log V 442 Add 'options AUDIT' and associate various .c files with the AUDIT option. We always build audit_syscalls.c so that the system call stubs can return ENOSYS rather than the system call code generating SIGSYS for the system calls. We are not yet ready to add AUDIT to LINT, as the prototypes for system call arguments won't be there until after the system calls for audit are added. Much work from: wsalamon Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T00:37:05.000000Z K 7 svn:log V 582 Add new fields to process-related data structures: - td_ar to struct thread, which holds the in-progress audit record during a system call. - p_au to struct proc, which holds per-process audit state, such as the audit identifier, audit terminal, and process audit masks. In the earlier implementation, td_ar was added to the zero'd section of struct thread. In order to facilitate merging to RELENG_6, it has been moved to the end of the data structure, requiring explicit initalization in the thread constructor. Much help from: wsalamon Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T01:16:31.000000Z K 7 svn:log V 129 Hook up audit to the initial process creation events (proc0, proc1). Much help from: wsalamon Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T01:19:31.000000Z K 7 svn:log V 96 Add /var/audit, mode 750, which will hold audit trail files. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T01:32:58.000000Z K 7 svn:log V 183 Hook up audit to fork() and exit() events. These changes manage the audit state on processes, not auditing of these events. Much work by: wsalamon Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T01:44:30.000000Z K 7 svn:log V 117 Map audit-related system calls to audit event identifiers. Much work by: wsalamon Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T01:45:01.000000Z K 7 svn:log V 12 Regenerate. END K 10 svn:author V 4 csjp K 8 svn:date V 27 2006-02-02T03:13:16.000000Z K 7 svn:log V 1682 Somewhat re-factor the read/write locking mechanism associated with the packet filtering mechanisms to use the new rwlock(9) locking API: - Drop the variables stored in the phil_head structure which were specific to conditions and the home rolled read/write locking mechanism. - Drop some includes which were used for condition variables - Drop the inline functions, and convert them to macros. Also, move these macros into pfil.h - Move pfil list locking macros intp phil.h as well - Rename ph_busy_count to ph_nhooks. This variable will represent the number of IN/OUT hooks registered with the pfil head structure - Define PFIL_HOOKED macro which evaluates to true if there are any hooks to be ran by pfil_run_hooks - In the IP/IP6 stacks, change the ph_busy_count comparison to use the new PFIL_HOOKED macro. - Drop optimization in pfil_run_hooks which checks to see if there are any hooks to be ran, and returns if not. This check is already performed by the IP stacks when they call: if (!PFIL_HOOKED(ph)) goto skip_hooks; - Drop in assertion which makes sure that the number of hooks never drops below 0 for good measure. This in theory should never happen, and if it does than there are problems somewhere - Drop special logic around PFIL_WAITOK because rw_wlock(9) does not sleep - Drop variables which support home rolled read/write locking mechanism from the IPFW firewall chain structure. - Swap out the read/write firewall chain lock internal to use the rwlock(9) API instead of our home rolled version - Convert the inlined functions to macros Reviewed by: mlaier, andre, glebius Thanks to: jhb for the new locking API END K 10 svn:author V 8 brueffer K 8 svn:date V 27 2006-02-02T06:06:27.000000Z K 7 svn:log V 67 MFC: rev. 1.62 Document JMicron JMB360. Approved by: re (scottl) END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-02T06:35:50.000000Z K 7 svn:log V 94 Correctly report L2 cache size according to its code comment. Tested on my Dual PIII machine. END K 10 svn:author V 7 trhodes K 8 svn:date V 27 2006-02-02T07:50:02.000000Z K 7 svn:log V 179 MFC: Work around an mdoc bug. Actually MFC the enhanced SYNOPSIS section, wasn't a real bug according to ru. Requested/reminded by: marius Approved by: re (scottl) END K 10 svn:author V 4 jeff K 8 svn:date V 27 2006-02-02T08:39:39.000000Z K 7 svn:log V 153 - textvp may have been from a different mountpoint than ndp->ni_vp and we may need to acquire giant to vrele it. Found by: mjacob MFC After: 3 days END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2006-02-02T09:02:16.000000Z K 7 svn:log V 152 Make sure we don't pick up a loopid that's larger than our current portdb max (MAX_FC_TARG == 256) now that we support 2K Login f/w. MFC after: 3 days END K 10 svn:author V 4 oleg K 8 svn:date V 27 2006-02-02T09:58:31.000000Z K 7 svn:log V 233 Enable 'complete' rx checksum offloading (i.e. let chip calculate checksums with pseudo header for tcp/udp packets). This could save one in_pseudo() call per incoming tcp/udp packet. Approved by: glebius (mentor) MFC after: 3 weeks END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T10:02:19.000000Z K 7 svn:log V 84 Add auditd_enable and auditd_flags rc.d scripts. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T10:02:55.000000Z K 7 svn:log V 81 Add auditd rc.d script. Submitted by: trhodes Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T10:03:43.000000Z K 7 svn:log V 91 Install /etc/security configuration files from OpenBSM. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T10:04:32.000000Z K 7 svn:log V 51 Define $LIBBSM. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T10:05:39.000000Z K 7 svn:log V 68 Add libbsm to the library build. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T10:15:30.000000Z K 7 svn:log V 320 Enable building of OpenBSM command line tools: - audit(8) - audit subsystem management tool - auditd(8) - audit trail and subsystem management daemon - auditreduce(1) - audit trail reduction tool - praudit(1) - audit trail printing tool Could probably use a NO_AUDIT make.conf flag. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T10:32:27.000000Z K 7 svn:log V 258 Add audit.4 man page, providing basic documentation for configuring the kernel audit facility, warnings about the experimental nature of this implementation, and pointers at a large number of other audit related man pages. Obtained from: TrustedBSD Project END K 10 svn:author V 4 nyan K 8 svn:date V 27 2006-02-02T11:14:13.000000Z K 7 svn:log V 26 MFi386: Enable the ce(4). END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-02T11:14:35.000000Z K 7 svn:log V 139 Remove reference to auditon(8), this tool has been superseded by auditd(8), and was committed in error. Obtained from: TrustedBSD Project END K 10 svn:author V 3 ume K 8 svn:date V 27 2006-02-02T11:46:05.000000Z K 7 svn:log V 148 make IPV6_V6ONLY socket option work for UDP as well. PR: ports/92620 Reported by: Kurt Miller MFC after: 1 week END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-02T11:54:40.000000Z K 7 svn:log V 115 Fix bug in L2 cache size detection code for CPU which supports CPUID function 8000_0006h. Tested on: Pentum-M 750 END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-02T12:44:09.000000Z K 7 svn:log V 133 Under verbose mode, correctly report L2 cache information for CPU which supports CPUID function 8000_0006h. Tested on: Pentum-M 750 END K 10 svn:author V 6 marius K 8 svn:date V 27 2006-02-02T14:57:00.000000Z K 7 svn:log V 259 Correct and improve the description of le(4) vs. pcn(4); apparently I was thinking from the pcn(4) perspective instead of the le(4) one when writing the former version as le(4) supports a superset of the chips supported by pcn(4) and not the other way round. END K 10 svn:author V 4 csjp K 8 svn:date V 27 2006-02-02T16:41:20.000000Z K 7 svn:log V 155 Use PFIL_HOOKED macros in if_bridge and pass the right argument to rw_assert. This un-breaks the build. Submitted by: Kostik Belousov Pointy hat to: csjp END K 10 svn:author V 2 ps K 8 svn:date V 27 2006-02-02T17:50:59.000000Z K 7 svn:log V 254 - Move the command setup from amr_start1 into the card specific submit routines. - Add or replace cpu_spinwait() with DELAY(1) to a few of the busy loops when reading from the controller to work around firmware bugs which can crash the controller. END K 10 svn:author V 2 ps K 8 svn:date V 27 2006-02-02T17:51:47.000000Z K 7 svn:log V 32 Enable 64bit SGL's on PERC 4/DC END K 10 svn:author V 2 ps K 8 svn:date V 27 2006-02-02T19:58:37.000000Z K 7 svn:log V 42 Implement SIOCGIFCONF for 32bit binaries. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2006-02-02T20:14:52.000000Z K 7 svn:log V 81 Whitespace fix. Submitted by: Wojciech A. Koszek END K 10 svn:author V 4 csjp K 8 svn:date V 27 2006-02-02T20:33:10.000000Z K 7 svn:log V 46 define lock.h before rwlock.h for DEBUG_LOCKS END K 10 svn:author V 6 cognet K 8 svn:date V 27 2006-02-02T20:35:45.000000Z K 7 svn:log V 108 Don't destroy the slave /dev entry until someone figures out why devfs seems to behave badly when we do so. END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2006-02-02T21:31:34.000000Z K 7 svn:log V 187 Remove use of inlines and use the functions as a library. Larger code space, possibly performance hit, but more portable. Certainly less questionable use of inlining. Suggested by: des END K 10 svn:author V 5 tegge K 8 svn:date V 27 2006-02-02T21:37:39.000000Z K 7 svn:log V 558 For low memory situations, non-VMIO buffers didnt't release pages back to the system when brelse() was called with B_RELBUF set on the buffer. This could be a problem when the system was low on memory, had many buffers on QUEUE_EMPTYKVA and started to traverse directories. For each getnewbuf(), pages were allocated from the system, driving the free reserve downwards. For each brelse(), the system put the buffer on QUEUE_CLEAN, with B_INVAL set. This commit changes the semantics of B_RELBUF to also free pages from non-VMIO buffers. Reviewed by: alc END K 10 svn:author V 5 tegge K 8 svn:date V 27 2006-02-02T21:55:38.000000Z K 7 svn:log V 152 Adjust old comment (present in rev 1.1) to match changes in rev 1.82. PR: kern/92509 Submitted by: "Bryan Venteicher" END K 10 svn:author V 7 glebius K 8 svn:date V 27 2006-02-02T22:11:38.000000Z K 7 svn:log V 110 In vlan_config() first call vlan_inithash(), then lock mutex, because vlan_inithash() calls malloc(M_WAITOK). END K 10 svn:author V 6 marcel K 8 svn:date V 27 2006-02-02T23:41:08.000000Z K 7 svn:log V 60 Remove devices acpi & mem, as they are in defaults already. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-02T23:57:31.000000Z K 7 svn:log V 137 If the device has a PNPID, don't bother to attach. There were some instances where the probe that was here would falsely grab a device. END K 10 svn:author V 5 peter K 8 svn:date V 27 2006-02-03T00:16:36.000000Z K 7 svn:log V 976 Make PV entries dynamic on amd64. i386 has a pre-reserved block of kva dedicated to storing pv entries, originally so that kva didn't have to be allocated at inconvenient times. For amd64, we can get the same effect by using the direct map area. Allocating pages is the same as with the object backed method, but now we can just lookup the page in the direct map area. Thus, no more pageable kva is reserved. This is the single largest consumer of kva on our work machines and this change should help conserve the fixed size 2GB pageable kva on the amd64 kernel. There are a pair of sysctl nodes introduced, named the same as their tunable counterparts. vm.pmap.shpgperproc and vm.pmap.pv_entry_max They work just like the tunables of the same path, except the values are linked. The pv entry cap is now dynamically changeable. I didn't make them totally unlimited because we need some sort of safety limit still. One could consume all physical memory without a cap. END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2006-02-03T00:36:19.000000Z K 7 svn:log V 53 !$(*&!($!&$(!&$&(!$(&!&($!($ Forget to commit this. END K 10 svn:author V 3 flz K 8 svn:date V 27 2006-02-03T01:35:36.000000Z K 7 svn:log V 120 - Add a startup script for hostapd. - Document associated variable in rc.conf(5). Approved by: dougb MFC after: 1 week END K 10 svn:author V 7 cvs2svn K 8 svn:date V 27 2006-02-03T01:35:37.000000Z K 7 svn:log V 68 This commit was manufactured by cvs2svn to create branch 'RELENG_6'. END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-03T02:33:01.000000Z K 7 svn:log V 99 Clear carry flag in get_mcontext so that setcontext does not return a bogus error. PR: misc/92110 END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-03T02:49:14.000000Z K 7 svn:log V 93 MFi386: Clear carry flag in get_mconetxt so that setcontext does not return a bogus error. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-03T06:12:10.000000Z K 7 svn:log V 185 Allow newer config versions to config older versions with the same major number. Reviewed by: ru@, jhb@, arch@ (a few months ago) # this is subject to refinement based on experience. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-03T06:27:51.000000Z K 7 svn:log V 38 Merge from p4: minor formatting nits. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-03T06:39:57.000000Z K 7 svn:log V 45 MFp4: Small cleanup of cpu messages at boot. END K 10 svn:author V 7 thompsa K 8 svn:date V 27 2006-02-03T08:06:11.000000Z K 7 svn:log V 86 MFC r1.52, fix inconsistencies with the bridge route table. Approved by: re (scottl) END K 10 svn:author V 7 thompsa K 8 svn:date V 27 2006-02-03T08:07:42.000000Z K 7 svn:log V 96 MFC r1.150, do not send two ARP replies if the bridge has an address. Approved by: re (scottl) END K 10 svn:author V 7 glebius K 8 svn:date V 27 2006-02-03T10:42:28.000000Z K 7 svn:log V 21 Axe unused function. END K 10 svn:author V 3 des K 8 svn:date V 27 2006-02-03T10:55:00.000000Z K 7 svn:log V 28 Use -O2 on RELENG_6 as well END K 10 svn:author V 8 brueffer K 8 svn:date V 27 2006-02-03T11:10:50.000000Z K 7 svn:log V 16 Fix a sentence. END K 10 svn:author V 7 glebius K 8 svn:date V 27 2006-02-03T11:38:19.000000Z K 7 svn:log V 458 Dropping the lock in the transmit_event() is not safe, because we store some pipe pointers on stack. If user reconfigures dummynet in the interlock gap, we can work with freed pipes after relock. To fix this, we decided not to send packets in transmit_event(), but fill a queue. At the end of dummynet() and dummynet_io(), after the lock is dropped, if there is something in the queue we run dummynet_send() to process the queue. In collaboration with: ru END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-03T11:48:37.000000Z K 7 svn:log V 111 Assign audit event identifiers to many system calls. Much work by: wsalamon Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-03T11:51:19.000000Z K 7 svn:log V 12 Regenerate. END K 10 svn:author V 6 marius K 8 svn:date V 27 2006-02-03T12:35:42.000000Z K 7 svn:log V 595 - Don't shift the clock frequency in MHz left by 8 before assigning it to sbus_mdvec.dv_clock as sbus_mdvec.dv_clock is meant to be specified in MHz. While this was a bug it shouldn't have affected FreeBSD/sparc64 as sbus_mdvec.dv_clock is used to limit the clock rate of chips when a machine isn't able to support them at maximum speed which isn't the case for sun4u machines. - Remove the code that checks whether the clock frequency returned by sbus_get_clockfreq() is 0 and falls back to 25MHz if it is as that's already done in sbus(4). Approved by: mjacob MFC after: 3 days END K 10 svn:author V 7 thompsa K 8 svn:date V 27 2006-02-03T12:53:58.000000Z K 7 svn:log V 86 MFC r1.52, fix inconsistencies with the bridge route table. Approved by: re (scottl) END K 10 svn:author V 7 thompsa K 8 svn:date V 27 2006-02-03T12:55:16.000000Z K 7 svn:log V 99 MFC r1.150, do not send two ARP replies if the bridge has an address. Approved by: re (scottl) END K 10 svn:author V 6 jcamou K 8 svn:date V 27 2006-02-03T14:41:41.000000Z K 7 svn:log V 159 Document carp(4) arguments. PR: docs/92653 Submitted by: Jeremy C. Reed Reviewed by: ru Approved by: trhodes (mentor) MFC after: 5 days END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-03T14:43:57.000000Z K 7 svn:log V 61 MFC: Move inlined functions into a library. Approved by: re END K 10 svn:author V 4 will K 8 svn:date V 27 2006-02-03T15:25:52.000000Z K 7 svn:log V 112 Make UDF endian-safe. Submitted by: Pedro Martelletto (via scottl) Tested on: sparc64 END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-03T15:42:16.000000Z K 7 svn:log V 232 In fchdir(), Giant must be separately acquired and dropped if the old vnode is from a file system that is not MPSAFE, as vrele() expects Giant to be held when it is called on a non-MPSAFE vnode. Spotted by: kris Tested by: glebius END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-03T15:49:07.000000Z K 7 svn:log V 127 Remove user.h include in audit.h, it is unneeded, and also can cause build problems for other components that include audit.h. END K 10 svn:author V 2 ru K 8 svn:date V 27 2006-02-03T15:51:17.000000Z K 7 svn:log V 88 MFC: 1.25, 1.26: Fix multicast routing on 64-bit platforms. Approved by: re (kensmith) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-03T15:53:37.000000Z K 7 svn:log V 92 Add AUDIT to NOTES, as it's probably ready to get regular build testing by the tinderboxes. END K 10 svn:author V 2 ru K 8 svn:date V 27 2006-02-03T15:56:42.000000Z K 7 svn:log V 97 MFC: 1.119: Make sure we reprogram multicast filter on IFF_ALLMULTI. Approved by: re (kensmith) END K 10 svn:author V 3 jhb K 8 svn:date V 27 2006-02-03T16:37:55.000000Z K 7 svn:log V 15 Sort includes. END K 10 svn:author V 2 ru K 8 svn:date V 27 2006-02-03T16:41:13.000000Z K 7 svn:log V 21 Fix a markup glitch. END K 10 svn:author V 2 ru K 8 svn:date V 27 2006-02-03T16:50:32.000000Z K 7 svn:log V 42 Handle NO_INCS solely inside bsd.incs.mk. END K 10 svn:author V 2 ru K 8 svn:date V 27 2006-02-03T20:55:30.000000Z K 7 svn:log V 64 Fix compilation with -Wundef (NBPF is undefined on FreeBSD >4). END K 10 svn:author V 7 cvs2svn K 8 svn:date V 27 2006-02-03T20:55:31.000000Z K 7 svn:log V 68 This commit was manufactured by cvs2svn to create branch 'RELENG_5'. END K 10 svn:author V 3 jhb K 8 svn:date V 27 2006-02-03T21:09:40.000000Z K 7 svn:log V 15 Add a comment. END K 10 svn:author V 4 oleg K 8 svn:date V 27 2006-02-03T23:03:07.000000Z K 7 svn:log V 205 Properly initialize args structure before passing it to ipfw_chk(): having uninitialized args.inp is unhealthy for uid/gid/jail ipfw rules. PR: kern/92589 Approved by: glebius (mentor) MFC after: 1 week END K 10 svn:author V 3 sam K 8 svn:date V 27 2006-02-03T23:37:21.000000Z K 7 svn:log V 84 add DEFAULTS and remove entries in GENERIC now duplicated Approved by: re (scottl) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-03T23:50:26.000000Z K 7 svn:log V 92 Fix INVARIANTS build on amd64; (unsigned unsigned long) != u_int64_t. Submitted by: mlaier END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T00:14:06.000000Z K 7 svn:log V 445 Cast pointers to (uintptr_t) before down-casting to (int). This avoids an incompatible conversion from a 64-bit pointer to a 32-bit integer on 64-bit platforms. We will investigate whether Solaris uses a 64-bit token here, or a new record here, in order to avoid truncating user pointers that are 64-bit. However, in the mean time, truncation is fine as these are rarely/never used fields in audit records. Obtained from: TrustedBSD Project END K 10 svn:author V 6 jasone K 8 svn:date V 27 2006-02-04T01:11:30.000000Z K 7 svn:log V 75 Fix calculation of the number of arenas to use on multi-processor systems. END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-04T03:41:48.000000Z K 7 svn:log V 143 i386/PAE defines bus_size_t to be 32-bits when it likely should be 64-bits. Fixing it is left for another day, so just hack around it for now. END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-04T06:08:19.000000Z K 7 svn:log V 42 Fix a possible memory leak in asr_attach. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T06:22:27.000000Z K 7 svn:log V 151 Fix minor inconsistancy between kernel built modules and stand-alone built buildes. I believe this gives the same flags on the command line for both. END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-04T06:36:39.000000Z K 7 svn:log V 17 Axe unused code. END K 10 svn:author V 3 ume K 8 svn:date V 27 2006-02-04T07:59:17.000000Z K 7 svn:log V 288 Never select the PCB that has INP_IPV6 flag and is bound to :: if we have another PCB which is bound to 0.0.0.0. If a PCB has the INP_IPV6 flag, then we set its cost higher than IPv4 only PCBs. Submitted by: Keiichi SHIMA Obtained from: KAME MFC after: 1 week END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-04T08:01:49.000000Z K 7 svn:log V 46 Give correct definitions to some basic types. END K 10 svn:author V 6 avatar K 8 svn:date V 27 2006-02-04T08:07:00.000000Z K 7 svn:log V 197 s/bin/sbin/ for mount_nwfs, mount_portalfs and mount_smbfs. They never lived in bin since 1994. Whilst here, also document the removal time of aforementioned utilities as well. MFC after: 1 week END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T08:15:29.000000Z K 7 svn:log V 196 Remove ifdef notyet for SIOCGHWADDR Treat SIOCADDMULTI and SIOCDELMULTI the same, since they had the same code Remove redundant assignment to error Convert to using the altq interface completely. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T08:16:07.000000Z K 7 svn:log V 40 Remove ifdef notdef SIOCHWADDR vestige. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T08:16:41.000000Z K 7 svn:log V 41 Remove ifdef notyet SIOCGHWADDR vestige. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T08:19:00.000000Z K 7 svn:log V 68 Fix mismerge after last cvs update for the IFQ_DRV_DEQUEUE changes. END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-04T08:20:23.000000Z K 7 svn:log V 108 Now that the U32 type is a really 32-bits wide, eliminate a bunch of other bad assumptions and long values. END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2006-02-04T08:39:02.000000Z K 7 svn:log V 291 Actually, no, I had it wrong in 1.109. The arguments to bus_dma_create_tag are bus_addr_t, not bus_size_t. In any case, turn off DAC support entirely until it is revamped to actually work *correctly* for 64 bit platforms (not using a PAE definition and for both initiator and target mode). END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-04T08:45:19.000000Z K 7 svn:log V 102 Add the start of busdma infrastructure to this driver. Convert the ASR_resetIOPR function to use it. END K 10 svn:author V 3 dfr K 8 svn:date V 27 2006-02-04T09:40:21.000000Z K 7 svn:log V 123 The function isspace does not take a string argument. I have no idea how this compiled before; it only worked by accident. END K 10 svn:author V 4 rink K 8 svn:date V 27 2006-02-04T10:01:33.000000Z K 7 svn:log V 622 Patch to allow XBox-users to use the onboard nve(4) nForce ethernet driver. The patch crudely forces the NIC out of operating mode before the nve(4) driver can initialize it; this is required to properly initialize the NIC. It is XBox-specific, as this condition can only occur on XBoxes (Most loaders will simply leave the NIC running, forcing us to use a crude workaround like this to get it in a workable condition). Due to the XBox-only aspect, this has been solved in XBox-specific initialization code and not within nve(4). Reviewed by: imp Approved by: imp (mentor) No objection: bz@, obrien@, q@ontheweb.com.au END K 10 svn:author V 8 netchild K 8 svn:date V 27 2006-02-04T11:58:28.000000Z K 7 svn:log V 159 MFC - rev 1.31 of maestro.c - rev 1.93 of dsp.c Both fix potential NULL pointer dereferencing. Found with: Coverity Prevent(tm) Approved by: re (kensmith) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T13:17:48.000000Z K 7 svn:log V 253 Import OpenBSM 1.0 alpha 2, a minor update on alpha 1: - Man page formatting improvements. - A number of new audit event identifiers for FreeBSD, Linux, and POSIX.1b events. - Remove 'tfm' class, unused in OpenBSM. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T13:17:48.000000Z K 7 svn:log V 144 This commit was generated by cvs2svn to compensate for changes in r155290, which included commits to RCS files with non-trunk default branches. END K 10 svn:author V 7 cvs2svn K 8 svn:date V 27 2006-02-04T13:17:49.000000Z K 7 svn:log V 91 This commit was manufactured by cvs2svn to create tag 'openbsm-vendor-OPENBSM_1_0_ALPHA_2'. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T13:22:44.000000Z K 7 svn:log V 191 Merge OpenBSM 1.0 alpha 2 kernel audit events into src/sys/bsm. Almost entirely new audit event identifiers for FreeBSD, Linux, and POSIX.1b system calls. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T13:28:55.000000Z K 7 svn:log V 96 Audit FreeBSD 32-bit system calls on 64-bit FreeBSD systems. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T13:29:09.000000Z K 7 svn:log V 12 Regenerate. END K 10 svn:author V 8 brueffer K 8 svn:date V 27 2006-02-04T13:42:07.000000Z K 7 svn:log V 50 Autogenerate hardware notes for the ce(4) driver. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T14:03:22.000000Z K 7 svn:log V 118 Assign audit identifiers to alpha/linux system calls so that they will be audited. Obtained from: TrustedBSD Project END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-04T14:10:57.000000Z K 7 svn:log V 137 Create childproc_jobstate function to report job control state, this also fixes a bug in childproc_continued which ignored PS_NOCLDSTOP. END K 10 svn:author V 8 wsalamon K 8 svn:date V 27 2006-02-04T14:11:33.000000Z K 7 svn:log V 155 Hook up the audit system to system call entry and exit. System calls will now be audited. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) END K 10 svn:author V 3 phk K 8 svn:date V 27 2006-02-04T14:35:01.000000Z K 7 svn:log V 109 Remove spurious "union arg" from printf.h Make sure to always print something in the alternate time format. END K 10 svn:author V 8 schweikh K 8 svn:date V 27 2006-02-04T14:37:50.000000Z K 7 svn:log V 32 Remove some white space at EOL. END K 10 svn:author V 8 schweikh K 8 svn:date V 27 2006-02-04T14:38:37.000000Z K 7 svn:log V 37 s/varable/variable/; s/tored/stored/ END K 10 svn:author V 8 schweikh K 8 svn:date V 27 2006-02-04T14:41:27.000000Z K 7 svn:log V 24 s/staticly/statically/g END K 10 svn:author V 8 schweikh K 8 svn:date V 27 2006-02-04T14:47:19.000000Z K 7 svn:log V 150 Initialize PWD early on (don't expect it to be inherited from the environment or set it only when changing directories with cd). PR: standards/92640 END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-04T16:50:14.000000Z K 7 svn:log V 102 Now that the em driver no longer needs to directly touch the scheduler, remove some unneeded headers. END K 10 svn:author V 6 cognet K 8 svn:date V 27 2006-02-04T17:01:19.000000Z K 7 svn:log V 252 MFi386: revision 1.288 date: 2006/02/04 14:11:33; author: wsalamon; state: Exp; lines: +4 -1 Hook up the audit system to system call entry and exit. System calls will now be audited. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-04T17:56:17.000000Z K 7 svn:log V 155 Squash another use of vtophys. Instead of creating separate busdma objects for doing static memory transfers, start collecting them into a single object. END K 10 svn:author V 6 cognet K 8 svn:date V 27 2006-02-04T18:01:15.000000Z K 7 svn:log V 197 Don't forget to set the address of the next descriptor to 0 when we're zeroing a physical page, or we could end up re-zeroing portions of memory we have zeroed before, which is clearly not wanted. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T18:24:06.000000Z K 7 svn:log V 242 Add a -A argument to mergemaster to allow explicitly specifying an architecture to pass through to the underlying makefiles. This is quite useful when building on an i386 box to populate an amd64 NFS root. Head nod: dougb MFC after: 1 week END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-04T18:29:51.000000Z K 7 svn:log V 181 Add a brief FREEBSD-upgrade file to provide direction on how to perform OpenBSM upgrades. Right now, this is very easy, but in the future it will probably become more complicated. END K 10 svn:author V 5 wpaul K 8 svn:date V 27 2006-02-04T19:42:49.000000Z K 7 svn:log V 1076 When ndis_attach() runs, it has to very briefly initialize the card in order to query the underlying Windows driver for the station address and some other properties. There is a slim chance that the card may receive a packet and indicate it up to us before ndis_attach() can call ndis_halt_nic(). This is bad, because both the softc structure and the ifnet structure aren't fully initialized yet: many pointers are still NULL, so if we make it into ndis_rxeof(), we will panic. To fix this, we need to do the following: - Move the calls to IoAllocateWorkItem() to before the call to ndis_init_nic(). - Move the initialization of the RX DPC and status callback function pointers to before ndis_init_nic() as well. - Modify ndis_rxeof() to check if the IFF_DRV_RUNNING flag is set. If it isn't, we return any supplied NDIS_PACKETs to the NIC without processing them. This fixes a crash than can occur when activating a wireless NIC in close proximity to a very busy wireless network, reported by Ryan Beasley (ryan%^$!ATgoddamnbastard-****!!!DOTorg. MFC after: 3 days END K 10 svn:author V 8 wsalamon K 8 svn:date V 27 2006-02-04T20:20:02.000000Z K 7 svn:log V 294 Make login audit-enabled, submitting audit records for the login and logout events. The specifics of submitting the records is contained within login_audit.c. Document the auditing behavior in the man page. Obtained from: TrustedBSD Project, Apple Computer, Inc. Approved by: rwatson (mentor) END K 10 svn:author V 8 wsalamon K 8 svn:date V 27 2006-02-04T20:37:20.000000Z K 7 svn:log V 201 Call the audit syscall enter/exit functions for the amd64 architecture, both 32-bit and 64-bit paths. System calls will now be audited. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) END K 10 svn:author V 8 brueffer K 8 svn:date V 27 2006-02-04T21:10:48.000000Z K 7 svn:log V 65 Remove reference to non-existant manpage. Confirmed by: rwatson END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T21:37:39.000000Z K 7 svn:log V 117 Don't type pun accidentally. Instead, be explicit that we're type punning with an union so that the compiler knows. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T21:56:14.000000Z K 7 svn:log V 103 Now that TUNABLE_ULONG is in the tree, and has been for a while, use it. This also avoids typepunning. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T22:14:20.000000Z K 7 svn:log V 113 Use void * for pointer rather than u_int8_t *, since it doesn't matter. Well it does for type punning warnings. END K 10 svn:author V 4 ceri K 8 svn:date V 27 2006-02-04T22:17:38.000000Z K 7 svn:log V 72 Perform minor rewording and grammatical improvement. Add a missing Xr. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T22:33:08.000000Z K 7 svn:log V 84 Type of overrun_buf doesn't matter to this code, but does to gcc. Make it a void *. END K 10 svn:author V 3 alc K 8 svn:date V 27 2006-02-04T22:37:10.000000Z K 7 svn:log V 113 Remove an unnecessary call to pmap_remove_all(). The given page is not mapped because its contents are invalid. END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T22:51:03.000000Z K 7 svn:log V 236 Silence the strict-alias warnings. Make a trip through (void *) when casting a structure to a uint32_t *. Many drivers in the tree do this, but I'll not update them until these changes can be reviewed by the pedantic standards folks. END K 10 svn:author V 6 marius K 8 svn:date V 27 2006-02-04T23:27:16.000000Z K 7 svn:log V 1039 - Add support for using LOM (Lights Out Management) and RSC (Remote System Control) devices as console. These are microcontrollers which are either on-board or part of an add-on card and provide terminal server, remote power switch and monitoring functionality. For console usage these are connected to the rest of the system via a SCC or an UART. This commit adds support for the following variants (corresponds to what 'input-device' and 'output-device' have to be set to): rsc found on-board in E250 and supposedly some Netra, connected via a SAB82532, com. parameters can be determined via OFW rsc-console RSC card found in E280R, Fire V4x0, Fire V8x0, connected via a NS16550, hardwired to 115200 8N1 lom-console LOMlite2 card found in Netra 20/T4, connected via a NS16550, hardwired to 9600 8N1 - Add my copyright to uart_cpu_sparc64.c as I've rewritten about one third of that file over time. Tested on: E250, E280R Thanks to: dwhite@ for providing access to an E280R OK'ed by: marcel MFC after: 1 week END K 10 svn:author V 6 marius K 8 svn:date V 27 2006-02-04T23:30:09.000000Z K 7 svn:log V 327 Enable getty(8) on ttyu2 by default in order to get machines that use a RSC (Remote System Control) connected via uart2 as console working out of the box. On machines that use uart2 to connect a keyboard and thus the ttyu2 node doesn't exist this will trigger a warning from getty(8) but cause no real harm. MFC after: 1 week END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-04T23:32:13.000000Z K 7 svn:log V 1289 Import support for the Atmel AT91RM9200 CPU/Microcontroller. This SoC is a ARM920T based CPU with a bunch of built-in peripherals. The inital import supports the SPI bus, the TWI bus (although iicbus integration is not complete), the uarts, the system timer and the onboard ethernet. Support for the Kwikbyte KB9202 (http://www.kwikbyte.com) board is also included, although there's no reason why the 9200 and the 9201 wouldn't also work. Primitive support for running under the skyeye emulator is also provided (although skyeye's support for the AT91RM9200 is a little weak). The code has been structured so that other members of Atmel's arm family can be supported in the future. The AT91SAM9260 is not presently supported due to lack of hardware. The arm7tdmi families are also not supported becasue they lack an MMU. Many thanks to cognet@ for his help and assistance in bringing up this board. He did much of the vm work and wrote parts of the uart and system timer code as well as the bus space implementation. The system boots to single user w/o problem, although the serial console is a little slow and the ethernet driver is still in flux. This work was sponsored by Timing Solutions, Corporation. I am grateful to their support of the FreeBSD project in this manner. END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2006-02-04T23:53:08.000000Z K 7 svn:log V 78 MFC overflow bug fixes and disable ISP_DAC_SUPPORTED for now Approved by: re END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2006-02-04T23:55:03.000000Z K 7 svn:log V 136 MFC overflow bug fixes and disable ISP_DAC_SUPPORTED for now; plus sync up with RELENG_6 && -current for all the rest. Approved by: re END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-05T02:18:46.000000Z K 7 svn:log V 70 Implement thr_set_name to set a name for thread. Reviewed by: julian END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-05T02:23:41.000000Z K 7 svn:log V 12 Regenerate. END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-05T02:26:17.000000Z K 7 svn:log V 59 use syscall thr_set_name to implement pthread_set_name_np. END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-05T03:04:54.000000Z K 7 svn:log V 73 Now, thread name is stored in kernel, userland no longer has to keep it. END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-05T05:05:27.000000Z K 7 svn:log V 41 Squash a couple more invalid long casts. END K 10 svn:author V 8 kensmith K 8 svn:date V 27 2006-02-05T05:06:04.000000Z K 7 svn:log V 148 Move asr driver from global NOTES to i386-specific NOTES. Requestor reports it is neither endian-clean or 64-bit clean. :-) Requested by: scottl END K 10 svn:author V 3 ume K 8 svn:date V 27 2006-02-05T09:52:40.000000Z K 7 svn:log V 39 shut up strict-aliasing rules warning. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T15:42:01.000000Z K 7 svn:log V 323 Add AUDITVNODE[12] flags to namei(), which cause namei() to audit path and vnode attribute information for looked up vnodes during the lookup operation. This will allow consumers of namei() to specify that this information be added to the in-process audit record. Submitted by: wsalamon Obtained from: TrustedBSD Project END K 10 svn:author V 6 scottl K 8 svn:date V 27 2006-02-05T16:02:16.000000Z K 7 svn:log V 49 Add isp_library.c to the build. Approved by: re END K 10 svn:author V 8 netchild K 8 svn:date V 27 2006-02-05T17:10:52.000000Z K 7 svn:log V 83 Fix memory leak in some failure cases. CID: 420 Found with: Coverity Prevent(tm) END K 10 svn:author V 6 mlaier K 8 svn:date V 27 2006-02-05T17:17:32.000000Z K 7 svn:log V 220 Make pflog a seperate module. As a result pflog_packet() becomes a function pointer that is declared in pf_ioctl.c Requested by: yar (as part of the module build reorg) MFC after: 1 week X-MFC with: yar's module reorg END K 10 svn:author V 8 netchild K 8 svn:date V 27 2006-02-05T17:33:18.000000Z K 7 svn:log V 328 A pointer was checked for NULL after dereferencing it. The check is not needed here, except there's a bug which results in detaching the device twice. Move the NULL pointer check to the beginning of the function and convert it into a KASSERT. CID: 420 Found with: Coverity Prevent(tm) Discussed with: ariff MFC after: 5 days END K 10 svn:author V 8 netchild K 8 svn:date V 27 2006-02-05T17:34:13.000000Z K 7 svn:log V 43 forced commit: previous commit was CID 483 END K 10 svn:author V 8 netchild K 8 svn:date V 27 2006-02-05T17:35:13.000000Z K 7 svn:log V 43 forced commit: previous commit was CID 429 END K 10 svn:author V 3 imp K 8 svn:date V 27 2006-02-05T17:38:28.000000Z K 7 svn:log V 55 an driver not endian clean, so don't enable on sparc64 END K 10 svn:author V 8 netchild K 8 svn:date V 27 2006-02-05T17:47:26.000000Z K 7 svn:log V 292 Convert NULL checks into KASSERT (and move them before the first dereferencing) since a NULL value would be a bug here. Note: Both affected functions look very similar. A refactoring may be beneficial. CID: 483, 485 Found with: Coverity Prevent(tm) Discussed with: ariff MFC after: 5 days END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T18:04:39.000000Z K 7 svn:log V 182 Allocate an 'audit' group, membership in which will grant the audit review right by virtue of read file permission on /var/audit and its contents. Obtained from: TrustedBSD Project END K 10 svn:author V 4 oleg K 8 svn:date V 27 2006-02-05T18:07:15.000000Z K 7 svn:log V 162 MFC 1.120: 1) Fix link state detection for cards operating in TBI mode (fiber ones) 2) add missing bus_dmamap_sync() call in bge_intr() Approved by: re (scottl) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T18:22:56.000000Z K 7 svn:log V 134 Change group for /var/audit to audit, so that audit review can be delegated to non-administrators. Obtained from: TrustedBSD Project END K 10 svn:author V 4 ceri K 8 svn:date V 27 2006-02-05T18:46:46.000000Z K 7 svn:log V 168 Bring these files somewhat into the present. Perform some rewording while here. Remove register.hlp, since the code that deals with it was removed nearly 7 years ago. END K 10 svn:author V 4 ceri K 8 svn:date V 27 2006-02-05T18:49:52.000000Z K 7 svn:log V 34 Gratuitous "typo in comment" fix. END K 10 svn:author V 4 ceri K 8 svn:date V 27 2006-02-05T18:57:01.000000Z K 7 svn:log V 29 Correct a user-visible typo. END K 10 svn:author V 4 ceri K 8 svn:date V 27 2006-02-05T19:23:05.000000Z K 7 svn:log V 168 The rpc.pcnfsd server was in the base for a little over seven minutes back in 1994. Change the example entry to point at the port, as per the entries for uucpd et al. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T19:34:09.000000Z K 7 svn:log V 167 Assign gid 77 to audit instead of gid 73. The ports group list did not include '73', which was assigned in a ports passwd entry to ircservices. Pointed out by: ceri END K 10 svn:author V 4 bmah K 8 svn:date V 27 2006-02-05T20:45:04.000000Z K 7 svn:log V 64 Fix misspelling: s/Janurary/January/ Approved by: re (scottl) END K 10 svn:author V 4 bmah K 8 svn:date V 27 2006-02-05T20:54:53.000000Z K 7 svn:log V 169 Add some new release notes for 2006 security advisories: SA-06:{01,02,03,04,05,06,07}. (SA-06:08 does not appear to apply to CURRENT.) Bump copyright date while here. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T21:06:09.000000Z K 7 svn:log V 280 When GC'ing a thread, assert that it has no active audit record. This should not happen, but with this assert, brueffer and I would not have spent 45 minutes trying to figure out why he wasn't seeing audit records with the audit version in CVS. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T21:08:25.000000Z K 7 svn:log V 161 On process exit, audit the return value of the process, and commit the record immediately, as this system call never returns. Obtained from: TrustedBSD Project END K 10 svn:author V 6 cognet K 8 svn:date V 27 2006-02-05T22:06:12.000000Z K 7 svn:log V 101 Backout rev 1.12. It would have been a good thing, if gcc was smart enough not to generate bad code. END K 10 svn:author V 6 mlaier K 8 svn:date V 27 2006-02-05T22:38:08.000000Z K 7 svn:log V 96 pflog is a separate module now. Submitted by: Antoine Brodin PR: kern/88271 MFC after: 1 week END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T23:15:22.000000Z K 7 svn:log V 93 Assign audit event identifiers to ibcs2 ISC system calls. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T23:16:20.000000Z K 7 svn:log V 78 Regenerate (accidentally also committed in commit that updated syscalls.isc). END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T23:25:19.000000Z K 7 svn:log V 130 Correct help line: list targets, not names of files generated by targets when no argument is provided to make. MFC after: 1 week END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T23:28:01.000000Z K 7 svn:log V 326 Assign audit event identfiers to Xenix system calls. Note: AUE_EACCESS is assigned to xenix_eaccess() instead of AUE_ACCESS, as that is the intended meaning of the system call. xenix_eaccess() should be reimplemented using our native eaccess() implementation so that it works as intended. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-05T23:28:46.000000Z K 7 svn:log V 12 Regenerate. END K 10 svn:author V 8 wsalamon K 8 svn:date V 27 2006-02-05T23:57:32.000000Z K 7 svn:log V 214 Add auditing of arguments to the close() and fstat() system calls. Much more argument auditing yet to come, for remaining system calls in this file. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T00:03:39.000000Z K 7 svn:log V 97 Correct typo in sample CVS import line: must specify full path to the CVS repository on repoman. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T00:06:04.000000Z K 7 svn:log V 422 Vendor branch import of OpenBSM 1.0 alpha 3: - Man page formatting, cross reference, mlinks, and accuracy improvements. - auditd and tools now compile and run on FreeBSD/arm. - auditd will now fchown() the trail file to the audit review group, if defined at compile-time. - Added AUE_SYSARCH for FreeBSD. - Definition of AUE_SETFSGID fixed for Linux. Many thanks to: brueffer, cognet Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T00:06:04.000000Z K 7 svn:log V 144 This commit was generated by cvs2svn to compensate for changes in r155364, which included commits to RCS files with non-trunk default branches. END K 10 svn:author V 7 cvs2svn K 8 svn:date V 27 2006-02-06T00:06:05.000000Z K 7 svn:log V 91 This commit was manufactured by cvs2svn to create tag 'openbsm-vendor-OPENBSM_1_0_ALPHA_3'. END K 10 svn:author V 4 ceri K 8 svn:date V 27 2006-02-06T00:06:39.000000Z K 7 svn:log V 195 Another update for reality: "dangerously dedicated" mode is now achieved by hitting 'F', which is no longer undocumented. PR: bin/92533 Submitted by: Rudolf Cejka END K 10 svn:author V 8 wsalamon K 8 svn:date V 27 2006-02-06T00:19:09.000000Z K 7 svn:log V 107 Audit the pid being requested in wait4(). Obtained from: TrustedBSD Project Approved by: rwatson (mentor) END K 10 svn:author V 8 wsalamon K 8 svn:date V 27 2006-02-06T00:28:50.000000Z K 7 svn:log V 137 Audit the args to rfork(), and the child PID for all fork system calls. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) END K 10 svn:author V 8 wsalamon K 8 svn:date V 27 2006-02-06T00:32:33.000000Z K 7 svn:log V 143 Audit the arguments (user/group IDs) for the system calls that set these IDs. Obtained from: TrustedBSD Project Approved by: rwatson (mentor) END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T01:12:46.000000Z K 7 svn:log V 231 Merge OpenBSM 1.0 alpha 3 include file changes from contrib/openbsm/bsm to sys/bsm: - Correct error in definition of audit event for Linux setfsgid(). - Add audit event identifier for sysarch(). Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T01:13:47.000000Z K 7 svn:log V 129 Reflect fix in Linux setfsgid() event name from OpenBSM in the alpha linux system call table. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T01:16:00.000000Z K 7 svn:log V 12 Regenerate. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T01:40:30.000000Z K 7 svn:log V 94 Assign audit event identifiers to Linux i386 system calls. Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T01:40:48.000000Z K 7 svn:log V 12 Regenerate. END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T01:51:08.000000Z K 7 svn:log V 288 When exiting a thread, submit any pending record. Today, we don't audit thread exit, but should that happen, this will prevent unhappiness, as the thread exit system call will never return, and hence not commit the record. Pointed out by/with: cognet Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T02:00:06.000000Z K 7 svn:log V 675 Prefer AUE_FOO audit identifiers to AUE_O_FOO, which are largely left over from the Darwin implementation. When we implement a system call as a wrapper to sysctl(), audit it as AUE_SYSCTL. This leads to greater compatibility with Solaris audit trails as sysctl() argument tokens are not the same as the ones for the originaly system calls (i.e., setdomainname()). Replace references to AUE_ events that are equivilent to AUE_NULL with AUE_NULL. In the case of process signal configuration, this is because these events do not require auditing. Move from the Darwin spelling of getsockopt() to the FreeBSD/Solaris one. Audit nmount(). Obtained from: TrustedBSD Project END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T02:00:32.000000Z K 7 svn:log V 12 Regenerate. END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-06T06:07:56.000000Z K 7 svn:log V 128 1. Eliminate compile warnings. 2. Add command 'thread signal' to print out current thread's signal mask and pending signals. END K 10 svn:author V 7 delphij K 8 svn:date V 27 2006-02-06T06:49:57.000000Z K 7 svn:log V 91 Attempt to fix DHCP address acquisition which was broken by rev. 1.133. MFC After: 3 days END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-06T09:41:56.000000Z K 7 svn:log V 104 Add members pl_sigmask and pl_siglist into ptrace_lwpinfo to get lwp's signal mask and pending signals. END K 10 svn:author V 4 jeff K 8 svn:date V 27 2006-02-06T10:10:42.000000Z K 7 svn:log V 77 - Remove ifdef disabled code that doesn't have a chance of working anymore. END K 10 svn:author V 4 jeff K 8 svn:date V 27 2006-02-06T10:12:00.000000Z K 7 svn:log V 148 - Add the global 'rebooting' variable that is used to detect when boot() has been called. Sponsored by: Isilon Systems, Inc. MFC After: 1 week END K 10 svn:author V 4 jeff K 8 svn:date V 27 2006-02-06T10:14:12.000000Z K 7 svn:log V 300 - Fix silly VI locking that is used to check a single flag. The vnode lock also protects this flag so it is not necessary. - Don't rely on v_mount to detect whether or not we've been recycled, use the more appropriate VI_DOOMED instead. Sponsored by: Isilon Systems, Inc. MFC After: 1 week END K 10 svn:author V 4 jeff K 8 svn:date V 27 2006-02-06T10:15:27.000000Z K 7 svn:log V 181 - Don't check v_mount for NULL to determine if a vnode has been recycled. Use the more appropriate VI_DOOMED flag instead. Sponsored by: Isilon Systems, Inc. MFC After: 1 week END K 10 svn:author V 4 jeff K 8 svn:date V 27 2006-02-06T10:19:50.000000Z K 7 svn:log V 755 - Add a ref count to the mount structure. Sleep for up to 3 seconds in vfs_mount_destroy waiting for this ref to hit 0. We don't print an error if we are rebooting as the root mount always retains some refernces by init proc. - Acquire a mnt ref for every vnode allocated to a mount point. Drop this ref only once vdestroy() has been called and the mount has been freed. - No longer NULL the v_mount pointer in delmntque() so that we may release the ref after vgone() has been called. This allows us to guarantee that the mount point structure will be valid until the last vnode has lost its last ref. - Fix a few places that rely on checking v_mount to detect recycling. Sponsored by: Isilon Systems, Inc. MFC After: 1 week END K 10 svn:author V 7 davidxu K 8 svn:date V 27 2006-02-06T11:54:19.000000Z K 7 svn:log V 41 Always clear thread info buffer to zero. END K 10 svn:author V 2 ru K 8 svn:date V 27 2006-02-06T14:30:21.000000Z K 7 svn:log V 201 Two fixes: - Run send queue down to completion, not just one packet. It has been observed to cause a stall queue otherwise. - Prevent queueing multiple function calls to a node. MFC after: 3 days END K 10 svn:author V 6 cognet K 8 svn:date V 27 2006-02-06T16:03:10.000000Z K 7 svn:log V 84 rwlock expects the struct thread to be aligned on 8 bytes, so make sure thread0 is. END K 10 svn:author V 2 ru K 8 svn:date V 27 2006-02-06T16:39:06.000000Z K 7 svn:log V 69 MFC: 1.3: RELENG_6_* commit constraints. Approved by: re (kensmith) END K 10 svn:author V 6 cognet K 8 svn:date V 27 2006-02-06T18:29:05.000000Z K 7 svn:log V 63 Use memory clobbers, to be on the safe side. Suggested by: jhb END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T18:41:00.000000Z K 7 svn:log V 266 Add information on audit pipe special devices, which allow user processes to "tee" the BSM record stream for the purposes of live monitoring, intrusion detection, etc. Support for audit pipes will be committed in the near future. Obtained from: TrustedBSD Project END K 10 svn:author V 3 sos K 8 svn:date V 27 2006-02-06T19:17:48.000000Z K 7 svn:log V 33 Unbreak DMA dumo on Intel 31224. END K 10 svn:author V 6 jcamou K 8 svn:date V 27 2006-02-06T19:22:34.000000Z K 7 svn:log V 159 Correct RFC for NTP. PR: docs/92629 Submitted by: Daniel Gerzo Noticed by: Michal F. Hanula Approved by: trhodes (mentor) END K 10 svn:author V 8 brueffer K 8 svn:date V 27 2006-02-06T19:28:02.000000Z K 7 svn:log V 53 Add a missing word and use the .Qq macro for quotes. END K 10 svn:author V 6 mjacob K 8 svn:date V 27 2006-02-06T19:28:46.000000Z K 7 svn:log V 173 Update man page for some booting and settings stuff. Remove a bunch of cards from vendors who are long since defunct. Add a note about 2322 support. Obtained from: Marcus END K 10 svn:author V 7 rwatson K 8 svn:date V 27 2006-02-06T20:27:00.000000Z K 7 svn:log V 90 Clarify and expand on some of the points about audit pipe devices. Discussed with: remko END