- Separate the suser part of the bsd44 secmodel into its own secmodel
and directory, pending even more cleanups. For revision history
purposes, the original location of the files was
src/sys/secmodel/bsd44/secmodel_bsd44_suser.c
src/sys/secmodel/bsd44/suser.h
- Add a man-page for secmodel_suser(9) and update the one for
secmodel_bsd44(9).
- Add a "secmodel" module class and use it. Userland program and
documentation updated.
- Manage secmodel count (nsecmodels) through the module framework.
This eliminates the need for secmodel_{,de}register() calls in
secmodel code.
- Prepare for secmodel modularization by adding relevant module bits.
The secmodels don't allow auto unload. The bsd44 secmodel depends
on the suser and securelevel secmodels. The overlay secmodel depends
on the bsd44 secmodel. As the module class is only cosmetic, and to
prevent ambiguity, the bsd44 and overlay secmodels are prefixed with
"secmodel_".
- Adapt the overlay secmodel to recent changes (mainly vnode scope).
- Stop using link-sets for the sysctl node(s) creation.
- Keep sysctl variables under nodes of their relevant secmodels. In
other words, don't create duplicates for the suser/securelevel
secmodels under the bsd44 secmodel, as the latter is merely used
for "grouping".
- For the suser and securelevel secmodels, "advertise presence" in
relevant sysctl nodes (sysctl.security.models.{suser,securelevel}).
- Get rid of the LKM preprocessor stuff.
- As secmodels are now modules, there's no need for an explicit call
to secmodel_start(); it's handled by the module framework. That
said, the module framework was adjusted to properly load secmodels
early during system startup.
- Adapt rump to changes: Instead of using empty stubs for securelevel,
simply use the suser secmodel. Also replace secmodel_start() with a
call to secmodel_suser_start().
- 5.99.20.
Testing was done on i386 ("release" build). Spearated module_init()
changes were tested on sparc and sparc64 as well by martin@ (thanks!).
Mailing list reference:
http://mail-index.netbsd.org/tech-kern/2009/09/25/msg006135.html
There's no such thing as ".Xs"; it was a typo for ".Sx". However,
.Sx is intended for references to another section of the same man page,
not for references to sections of a different man page.
Tested on Intel SS4200-E (ICH7), and Acorp 6A815EPD (ICH2) motherboards,
on amd64 and i386 ports respectively.
It should be noted that the majority of boards with ICH chips do not
expose the GPIO pins for off-board use. For instance, aside from the
three exposed-on-a-header pins on the 6A815EPD, another pin is also
used to control write protect on the FWH. The SS4200 exposes the GPIO
on a header that connects to the 10 LEDs on the front panel, as well
as a tact switch on the back panel.
lookup_for_nfsd(). This code is, or at least should be, the same as
the regular symlink-following code plus an extra flag nfsd needs.
The two lots of code can/will be merged in the future.
private backdoor entry point this is.
Also, clone the lookup_for_nfsd() entry point as
lookup_for_nfsd_index(), for use by a different call site in nfsd that
does different unclean things with nameidata.
in rc.subr to be marked as optional. This means that it's not an
error if the file system is not mentioned in /etc/fstab. It is
still an error if something else goes wrong.
Change the defaults for these two variables in /etc/defaults/rc.conf:
critical_filesystems_local="OPTIONAL:/var"
critical_filesystems_remote="OPTIONAL:/usr"
and which can suppress output in silent mode. Silent mode is enabled
via the new rc_silent variable, which defaults to a value that depends
on the kern.boothowto sysctl.
Part of the /etc/rc silent changes requested in PR 41946
and proposed in tech-userlevel.
kernel cgd driver in an application which encrypts and decrypts
files. The cgd driver is running completely in userspace and
requires no special access privileges.
For example:
golem> dmesg > dmesg.txt
# write encrypted dmesg.txt to encrypted.img
golem> ./img2cgd write encrypted.img dmesg.txt
/cryptfile's passphrase:
# read encrypted.img and output decrypted contents to decrypted.txt
golem> ./img2cgd read encrypted.img decypted.txt
/cryptfile's passphrase:
golem> diff dmesg.txt decypted.txt
# but when entering a different password:
golem> ./img2cgd read encrypted.img decypted.txt
/cryptfile's passphrase:
golem> diff dmesg.txt decypted.txt
Binary files dmesg.txt and decypted.txt differ
Currently the utility writes the data length in a proprietary
format, but I'll convert it to use a real disklabel RSN. Then it
can be used to create cgd-encrypted disk images.
This program can later be used as a base for a utility to create
cgd-encrypted images of a standard NetBSD build. Idea for such a
tool and hence the inspiration for this simple example program from
Roland Dowdeswell.
