- reload %fprs for checking it again.
- use symbolic names for checking in %fprs.
revision 1.51
date: 2005/07/18 14:50:11; author: deraadt; state: Exp; lines: +2 -1
cache a copy of the fprs so we know what fp restore we should do after
revision 1.50
date: 2005/07/14 01:46:13; author: deraadt; state: Exp; lines: +4 -4
use symbolic names for checking in %fprs, as above
revision 1.44
date: 2004/04/23 04:18:17; author: marc; state: Exp; lines: +5 -4
fix a couple of %y register save/restore errors
1) don't save %y in a register that is later used before restoring %y
2) always restore %y after calling a signal handler
tested by drahn@, OK pval
Previously sun3x pmap assumed that pmap_unwire(9) was the only interface
which should handle unwiring page, but nowadays apparently it isn't true.
Fixes a longstanding "panic: get_a_table: out of A tables"
(and also B, C tables) problem on my 3/80.
While here, make this compile with PMAP_DEBUG.
super-user and securelevel.
The securelevel part was compiled of text from both init(8) and OpenBSD's
securelevel(7), and brought in-sync with what we really do.
if we ourselves hold the lock. This prevents e.g. mknod from hanging
indefinitely.
Also, always use the return value from VOP_ISLOCKED to determine whether
we hold the lock or someone else does, rather than looking into the lock
structure ourselves.
out into its own driver. (NB: mcclock should really, really be an MI driver
to avoid this kind of pasteware, but it is "nontrivial" to cope with the
fact that some machines have different ideas of mcclock.)
the logic in kauth_authorize_action() to use it.
When we try to authorize a request and the flag is FALSE, it means a
kernel was compiled with no listeners (or we're in very early boot stages),
and we always allow the request because it's likely to be coming from the
kernel itself or from loading an LKM with the security model (later on).
Assert that if the "listeners have been loaded" flag is FALSE, there are
really no listeners for the scope we're authorizing on.
When the flag is TRUE (ie., listeners have been loaded) but they were
later removed, creating a scope with no listeners, the request will be
denied further down.
This allows us to have the security model compiled outside the NetBSD
kernel and later loaded as an LKM, without fearing an attack will just
remove listeners we loaded earlier to create a "fail open" situation.
Input from yamt@, thorpej@, gdt@, dan@.
Okay yamt@, thorpej@.
