Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
158,963 Commits 606 Branches 0 Tags 3.1 GiB
6af9c3d49d
Commit Graph

7150 Commits

Author SHA1 Message Date
gdt
3a8d10addf Add Novatel Merlin, used in VZ V620. 
From John Nielsen on freebsd-mobile.
Not tested, but almost certainly better than attaching as ugen.

FreeBSD has a UQ_ASSUME_CM_OVER_DATA quirk for this device; I can't
figure out what that means.
 2007-02-05 15:13:28 +00:00
ad
20fd6754cf Sync with latest changes. 2007-02-05 15:04:21 +00:00
rillig
f59fec0d57 Mention the word "regular file" more clearly. 
The term "append-only" directory was misleading.
 2007-02-05 14:54:31 +00:00
rillig
a70aaa0ac5 Added a HISTORY section. 2007-02-05 14:48:25 +00:00
elad
5e2e282f9c Add support for per-user /tmp. 
Enabled via per_user_tmp in /etc/rc.conf (default off).

See security(8) and rc.conf(5) for more details.

Lots of input from thorpej@ & christos@, thanks!
 2007-02-04 08:19:26 +00:00
ad
26d6ccf325 Document cv_has_waiters(). 2007-02-03 16:49:11 +00:00
ad
00b8f6d201 - Require that cv_signal/cv_broadcast be called with the interlock held. 
- Provide 'async' versions that don't need the interlock.
 2007-02-03 16:39:53 +00:00
wiz
711856f6bb Fix Dd argument. 2007-02-02 07:37:06 +00:00
wiz
a88d4440e3 Sort SEE ALSO. Fix typo. 2007-02-02 07:36:09 +00:00
wiz
401fd96995 Sort options. Fix a few typos. 2007-02-02 07:35:28 +00:00
ad
c1a5096807 Add manpage for memory barrier ops. Not enabled in the Makefile yet. 2007-02-02 03:40:07 +00:00
elad
319fb82387 paxctl(1) -> paxctl(8), add "table of contents". 2007-02-02 02:42:00 +00:00
elad
2f9fd85b15 Some nits, paxctl(1) -> paxctl(8). 2007-02-02 02:39:13 +00:00
apb
4432060543 * Insert "+1" at the front of a North American telephone number. 
* Refer to pkgsrc/sysutils/wpi-firmware
 2007-01-31 18:10:35 +00:00
njoly
f0142adc4d Remove wrong statement about non automatic files creation. 
ok by christos
 2007-01-31 15:41:37 +00:00
elad
409147ef11 Forgot to add notes about secmodel_register() and secmodel_register() in 
previous commit -- added now.
 2007-01-31 11:18:23 +00:00
elad
ac22ef0996 Update instructions on writing a new security model to include some notes 
about LKMs and private data in credentials.
 2007-01-31 11:16:46 +00:00
elad
9d00fe4640 Fix mdoc (Lt -> Gt). 2007-01-31 10:39:40 +00:00
elad
c439bcfe43 Add a new scope, the credentials scope, which is internal to the kauth(9) 
implementation and meant to be used by security models to hook credential
related operations (init, fork, copy, free -- hooked in kauth_cred_alloc(),
kauth_proc_fork(), kauth_cred_clone(), and kauth_cred_free(), respectively)
and document it.

Add specificdata to credentials, and routines to register/deregister new
"keys", as well as set/get routines. This allows security models to add
their own private data to a kauth_cred_t.

The above two, combined, allow security models to control inheritance of
their own private data in credentials which is a requirement for doing
stuff like, I dunno, capabilities?
 2007-01-31 10:08:23 +00:00
mrg
6024cd92c4 update the "bt" description to include "/l" modifier 2007-01-31 02:17:31 +00:00
tron
03ffbba348 Correct documentation about ACPI related kernel options. 
Patch provided by Joerg Niendorf in PR misc/35514.
 2007-01-30 13:01:34 +00:00
hannken
4d607243ba Change fstrans enum types to upper case. 
No functional change.

From Antti Kantee <pooka@netbsd.org>
 2007-01-29 15:42:50 +00:00
elad
c2e4f788f9 Talk about special cases for kauth_authorize_action(). 2007-01-28 00:21:04 +00:00
elad
94d493dbe2 Remove extra '.El', left in previous commit. 2007-01-27 23:14:02 +00:00
skrll
372930a9c7 Fix the path reference to the firmware package. 2007-01-25 16:16:38 +00:00
wiz
a6b4bc9d66 Do not give Nx arguments it does not understand. 2007-01-23 22:24:30 +00:00
wiz
656213bfe1 Sort SEE ALSO alphabetically. Fix Xref. 2007-01-23 20:33:38 +00:00
wiz
a297486471 Sort SEE ALSO. 2007-01-23 20:32:05 +00:00
wiz
c0ed8c1e97 Make HTML-safe. 2007-01-23 20:31:33 +00:00
wiz
0f3c9bb729 Sort ERRORS. 2007-01-23 20:31:20 +00:00
jdc
2761c4c97a Note that sun-4 systems must set the PROM variable "console=p4opt". 
Cross-reference cgfourteen(4).
New sentence, new line.
 2007-01-22 18:11:56 +00:00
jdc
3cfa1eec0a Add additional cross-references (from Slava Semushin). 2007-01-22 11:57:44 +00:00
wiz
0b400eb99f Remove trailing space and grammar fix. 2007-01-21 22:14:53 +00:00
hannken
facd1f65cb Add and update documentation for fstrans(9) file system suspension helper. 
wiz?
 2007-01-21 15:42:36 +00:00
isaki
9e86a000cf Add support for CS5536. 2007-01-21 05:04:15 +00:00
xtraeme
a4423f177a Updated viaenv(4) driver: 
* Support for the VIA VT8231 Hardware monitor.
* Power Management Timer available for timecounters in both
  VT86C686A and VT8231 (code simplified thanks to dev/ic/acpipmtimer).
* Remove viapm(4) code and manpage (which was a link to viaenv.4 anyway).

From OpenBSD, tested by some users.
 2007-01-20 18:44:26 +00:00
elad
a78693aa19 Kill KAUTH_PROCESS_RESOURCE and just replace it with two actions for 
nice and rlimit.
 2007-01-20 16:47:38 +00:00
hubertf
75f2812824 exclude working directories 2007-01-17 00:51:25 +00:00
elad
c3ca2b03a6 Add man-page for pathname(9) routines, but don't link to build yet. 2007-01-16 13:21:14 +00:00
elad
6df6f0ea65 Introduce kauth_proc_fork() to control credential inheritance. 2007-01-15 17:45:32 +00:00
gdt
11343fbd1f Add a heuristic to set rbus_min_start based on total RAM. The new 
behavior is to choose 0.5 GB for <= 192 MB, 1 GB normally, and 2 GB
for >= 1 GB.  This should make the defaults work additionally old
Thinkpad 600Es, and also on notebooks with lots of RAM (e.g. T60 with
2GB).

ok christos@
 2007-01-12 20:34:09 +00:00
elad
8ed50e44ae veriexec_file_delete() and veriexec_table_delete() now take 'struct lwp *' 
too.
 2007-01-11 16:24:47 +00:00
pooka
28b073df19 regen 2007-01-09 15:35:14 +00:00
elad
d2e4f7167b Remove advertising clause from all of my stuff. 2007-01-09 12:49:36 +00:00
xtraeme
bdfae9b3bc First appeared in 4.0. 2007-01-08 23:55:58 +00:00
tsutsui
96b793e47c - add some note and Xref for rgephy(4) and rlphy(4), as per suggestion 
from Steve Bellovin in PR kern/35376
- add some more 8169S based products which have their own PCI vendor ID
  and are listed in if_re_pci.c
- fix/remove some error messages in DIAGNOSTIC section to sync with reality.
- bump date
 2007-01-08 15:37:10 +00:00
wiz
751fa51e41 Sort SEE ALSO. 2007-01-08 07:24:35 +00:00
wiz
378494c46b Appeared in 5.0. End sentence with a dot. 2007-01-08 07:21:17 +00:00
wiz
f05f89cb89 Serial comma. Add RCS Id. 2007-01-08 07:19:57 +00:00
elad
190f747fee Add a memoryallocators(9) man-page to give a short summary of memory 
allocators available in the kernel.

Tons of input from YAMAMOTO Takashi, thanks!
 2007-01-07 15:37:51 +00:00
xtraeme
ad691d8e2e ug(4): manual page for the Abit uGuru hardware system monitor 
(wiz please review, thanks).
 2007-01-07 03:14:09 +00:00
xtraeme
91e325391c sync with code, preempt wizd and bump date. 2007-01-07 01:44:01 +00:00
wiz
e7caa1c8e8 Bump date for previous. 
XXX: this needs updating for the sendmail and uucp removals.
 2007-01-06 13:03:50 +00:00
ober
11827a57ef Update to include the new Zaurus port as per new-port checklist. 2007-01-06 03:53:21 +00:00
wiz
0d2fb92520 Fix Dd argument (who woke the wizd?) 2007-01-03 23:00:03 +00:00
joerg
724f61fbac Bump date as previous before wizd awakes. 2007-01-03 08:45:59 +00:00
joerg
a6d84a6d41 Reflect changed name of the firmware package after the update to 
version 3.
 2007-01-03 08:04:12 +00:00
elad
a13160f423 Make mount(2) and unmount(2) use kauth(9) for security policy. 
Okay yamt@.
 2007-01-02 10:47:28 +00:00
elad
c6e8423fec Make kauth_deregister_scope() and kauth_unlisten_scope() free the 
passed kauth_scope_t and kauth_listener_t objects, respectively.

Okay yamt@.
 2007-01-01 23:33:03 +00:00
wiz
2e33f7658d Remove pasto lines in license; ok rumble@. 2007-01-01 20:16:18 +00:00
wiz
fb228f3ef5 Fix Dd argument (should be full month name). 2007-01-01 16:58:00 +00:00
pavel
e697c78846 Add alpha-specific information. 2007-01-01 16:05:12 +00:00
wiz
183497f456 Sort options in SYNOPSIS. Use Dq for strings and Pa for paths. 
New sentence, new line.
 2006-12-31 09:40:58 +00:00
wiz
4383124932 Use double quotes for strings. Remove trailing whitespace. 
New sentence, new line. Sort SEE ALSO.
 2006-12-31 09:40:18 +00:00
gdt
155f4a0519 Add D-Link DWL-AG660. (A card with "H/W Ver.:A2" and FCC ID 
KA2DWLAG650A3 attached and worked, but I'm not sure if it's a 5212 or
5213 because the driver doesn't print it at attach time.)
 2006-12-30 23:51:18 +00:00
rumble
486ddd506f Build man8.sgimips. Alphabetise the list. 2006-12-30 19:29:20 +00:00
rumble
c916a07b67 Add section 8 man pages for sgimips, including brief entries on the boot 
procedure and the sgivol utility.
 2006-12-30 19:28:19 +00:00
elad
867767da66 Add veriexe_openchk(). 2006-12-30 15:32:19 +00:00
wiz
9fb2b767d2 New sentence, new line. Use Nx. Drop dot at end of SEE ALSO. 2006-12-28 11:44:19 +00:00
hubertf
f300aecb2d Fill manpage with some data, taken from comments in the kernel source 2006-12-28 02:09:49 +00:00
elad
504c71d9fe Make machdep scope architecture-agnostic by removing all arch-specific 
requests and centralizing them all. The result is that some of these
are not used on some architectures, but the documentation was updated
to reflect that.
 2006-12-26 10:43:43 +00:00
elad
7e1cc3fd07 Elaborate on SSP. 
Requested by and okay wiz@.
 2006-12-26 10:24:53 +00:00
elad
ff39342b33 veriexec_lookup() should not return an internal data-structure, but rather 
just a boolean value.
 2006-12-26 07:50:40 +00:00
rumble
62b7bdb3b6 Add a page for LG1/LG2 graphics. Add xrefs. 2006-12-26 04:43:10 +00:00
rumble
f87f55890b Potentially futile attempt to avoid wizd. 2006-12-24 21:51:28 +00:00
rumble
91ea8ec96b Fix a few typos and tweak the grammar slightly. Move the disabling PaX 
MPROTECT section to directly follow instructions on enabling it. Be
consistent in stating that Segvguard works on a per-program, per-user
basis.
 2006-12-24 21:50:09 +00:00
rumble
4c3f4508d4 arbitrator -> arbiter 2006-12-24 00:47:24 +00:00
rumble
407a4bff65 Mention Set Engineering's GIO Fast Ethernet board. 2006-12-23 22:01:54 +00:00
rumble
a2560eee42 Nuke sbic(4). It never existed and we already have wdsc(4). 2006-12-23 21:38:26 +00:00
wiz
b040245dd5 Xr more man pages (XXX: sbic(4) is missing) 2006-12-23 10:10:55 +00:00
wiz
cc896d6c79 Xr giopci(4). 2006-12-23 10:06:09 +00:00
wiz
f687422c7e Use HTML escapes. 2006-12-23 10:05:43 +00:00
wiz
68c8c576ac Serial comma; new sentence, new line. 2006-12-23 10:04:15 +00:00
wiz
a1b013e655 Drop trailing dot in Nd. 2006-12-23 10:01:32 +00:00
wiz
0cbf97b519 Use HTML escapes. 2006-12-23 09:45:34 +00:00
wiz
103c72a1ca Bump date for previous. 2006-12-23 09:36:56 +00:00
wiz
3d4b4feff1 Use HTML escapes. 2006-12-23 09:24:57 +00:00
wiz
6dfb14d789 New sentence, new line. Fix typo. 2006-12-23 09:21:10 +00:00
wiz
e0c96a247b Undo accidental change in 1.109. 2006-12-23 09:12:35 +00:00
wiz
aff4cf84af Remove superfluous Pp; use Nm instead of Xr to ourselves; bump date for v1.32. 2006-12-23 09:11:19 +00:00
wiz
f92f3068da Use HTML escapes. 2006-12-23 09:05:20 +00:00
wiz
987a2558a6 Use Dv for defined values. 2006-12-23 09:02:45 +00:00
wiz
6db5804452 Fix Dd argument. 2006-12-23 08:56:53 +00:00
wiz
4a036f5957 Xref and describe ahcisata(4). 2006-12-23 08:55:37 +00:00
wiz
934af31abd Use Dv for defined values, even in lists (some more). 2006-12-23 08:46:27 +00:00
wiz
45f6f59489 Use Dv for defined values, even in lists. 2006-12-23 08:45:55 +00:00
yamt
e9e681eded remove the fileassoc "tabledata" functionality. 2006-12-23 08:36:14 +00:00
wiz
b9b556a28f Sort sections. 2006-12-23 08:26:35 +00:00
wiz
28ed461a83 Fix typo. 2006-12-23 08:06:54 +00:00
wiz
2a3af1da0d Use Nx; new sentence, new line; serial comma. 2006-12-23 08:04:32 +00:00
wiz
e1f9477296 Revert previous: this is a list of wrong spellings. 2006-12-23 08:00:37 +00:00
wiz
66bd97f47f Use Dv for defined values. 2006-12-23 07:43:41 +00:00
wiz
c46358a299 Reword slightly. 2006-12-23 07:35:28 +00:00
wiz
50026664ac New sentence, new line. 
Reword: all .. will not .. -> no .. will ..
 2006-12-23 07:33:16 +00:00
yamt
dcedbd0734 remove a BUGS section because it's solved by yamt-splraiseipl. 2006-12-23 07:30:26 +00:00
wiz
7713de669b Fix sections in Xrefs. 2006-12-23 07:17:50 +00:00
wiz
0c97daff02 Sort SEE ALSO. 2006-12-23 06:58:20 +00:00
wiz
2f68d00c69 Drop trailing whitespace. 2006-12-23 06:52:49 +00:00
wiz
43a0a70785 Use more markup. Use .Rs/.Re for book citation. 2006-12-23 06:51:41 +00:00
wiz
d15f199eb9 Use more markup. Use .Rs/.Re for book citation. Add missing comma. 2006-12-23 06:39:35 +00:00
wiz
f5ec841753 Fix typo. 2006-12-23 06:36:33 +00:00
wiz
fa9034328d Drop trailing whitespace. 2006-12-23 06:36:19 +00:00
rumble
642cea6312 Fix formatting, mention Phobos boards, no hyphenation of ''Challenge S''. 2006-12-23 03:40:11 +00:00
elad
3d11477c94 Add requests indicating access to unmanaged memory for arm, pc532, powerpc, 
sh3, sh5, and vax, and use them instead of KAUTH_GENERIC_ISSUSER.

Update documentation and example secmodel code.
 2006-12-22 11:13:21 +00:00
ad
c7a999e12a Note that ACOMPAT and ASU are no longer recorded. 2006-12-22 08:00:20 +00:00
rumble
e9faaca2de hpc(4) doesn't take flags anymore. Briefly note how the different revisions 
may be mixed on certain systems.
 2006-12-22 05:35:06 +00:00
rumble
1d22f4010e Fix pasto. 2006-12-22 01:16:20 +00:00
rumble
795f7da152 Add a giopci(4) manual page. 2006-12-22 01:15:17 +00:00
rumble
b437497b0f s/Challenge-S/Challenge S/, mention Challenge M as well, and remove the 
imc(4) bug as we now have an interface.
 2006-12-22 01:00:48 +00:00
rumble
c1f813ee0d Change the title slightly to indicate what GIO stands for. Also, be sure to 
mention Challenge M, state that only two electrically distinct slots exist
on Indigo2/Challenge M and inform that a SysAD bug exists, which certain
cards may trigger (though we may mask it with a workaround). Other minor
nits as well.
 2006-12-22 00:51:00 +00:00
yamt
71683748ca fix a typo. 2006-12-21 16:09:22 +00:00
yamt
5d51c3ca27 document splraiseipl and makeiplcookie. 2006-12-21 16:01:13 +00:00
elad
2fa3937ffc Markup fix - forgot 'Fn'. 2006-12-20 12:29:09 +00:00
wiz
ea180530fa Xref msk, and describe mfi and bnx. 2006-12-19 17:52:16 +00:00
kleink
69647b7dbd Mention/Xref ral(4). 2006-12-19 11:06:44 +00:00
elad
f1a69ab3ea Some changes to get rid of another KAUTH_GENERIC_ISSUSER usage: 
- Make procfs_control() in procfs_ctl.c static,
  - Add an argument to the above, 'pfs', for the pfsnode,
  - Add another request type to KAUTH_PROCESS_CANPROCFS named
    KAUTH_REQ_PROCESS_CANPROCFS_CTL (and update documentation),
  - Use the above combination in a call to kauth_authorize_process().
 2006-12-19 09:58:34 +00:00
simonb
58e3217148 Explicitly mention that pmap_extract() should deal with KSEG-style 
kernel addresses.
 2006-12-18 00:41:21 +00:00
wiz
aba0bd4e11 Add Xrefs to etherip(4). 2006-12-18 00:16:10 +00:00
wiz
649915d649 Uppercase Ethernet. New sentence, new line. 
Use Ox/Nx macros. Sort SEE ALSO.
 2006-12-18 00:14:38 +00:00
wiz
6a46fac871 Xref bnx(4) and mfi(4). 2006-12-17 23:53:59 +00:00
wiz
1c4838284d Nx -> Ox; remove trailing whitespace. 2006-12-17 23:53:28 +00:00
wiz
5f1fe534e7 Punctuation issues. 2006-12-17 23:51:26 +00:00
bouyer
ea4f35dcd0 Add bnx(4), a driver for Broadcom NetXtreme II 10/100/1000 Ethernet device. 
Ported from OpenBSD by cube@, with some bus_dma fixes by me.
Tested on i386 and amd64.
 2006-12-17 23:02:06 +00:00
bouyer
462dc620e3 Add mfi(4), a driver for LSI Logic & Dell MegaRAID SAS RAID controller. 
Ported from OpenBSD, tested on i386 and amd64.
 2006-12-17 22:57:14 +00:00
pavel
2ed51cbda7 Remove the note about hardware VLAN tagging being unsupported, 
Izumi Tsutsui fixed and reenabled it. Bump date.
 2006-12-16 09:56:44 +00:00
ad
9a12b97e85 Nx 5.0 -> Nx 4.0 2006-12-15 20:25:55 +00:00
elad
238ad51d2d - moves 'nice' access semantics to secmodel code, 
- makes sysctl_proc_find() just lookup the process,
- use KAUTH_PROCESS_CANSEE requests to determine if the caller is
  allowed to view the target process' corename, stop flags, and
  rlimits,
- use explicit kauth(9) calls with KAUTH_PROCESS_CORENAME,
  KAUTH_REQ_PROCESS_RESOURCE_NICE, KAUTH_REQ_PROCESS_RESOURCE_RLIMIT,
  and KAUTH_PROCESS_STOPFLAG when modifying the aforementioned.
- sync man-page and example skeleton secmodel with reality.

okay yamt@

this is a pullup candidate.
 2006-12-14 11:45:08 +00:00
wiz
bf294e42f4 Add snapper(4) man page, based on the one provided by David H. Gutteridge 
in PR 35138 with minor changes.
 2006-12-12 19:25:54 +00:00
yamt
687483b208 update an example. 2006-12-11 15:33:01 +00:00
yamt
995d487942 FILEASSOC_NHOOKS has gone. 2006-12-11 15:30:23 +00:00
yamt
9858d82855 it's fileassoc, not verifiedexec. 2006-12-11 15:27:46 +00:00
yamt
c534201d82 sync with the implementation. 2006-12-11 15:27:09 +00:00
pooka
9b0cc2c27b fix description to match the code 2006-12-10 23:03:03 +00:00
chs
c398ae9734 a smorgasbord of improvements to vnode locking and path lookup: 
- LOCKPARENT is no longer relevant for lookup(), relookup() or VOP_LOOKUP().
   these now always return the parent vnode locked.  namei() works as before.
   lookup() and various other paths no longer acquire vnode locks in the
   wrong order via vrele().  fixes PR 32535.
   as a nice side effect, path lookup is also up to 25% faster.
 - the above allows us to get rid of PDIRUNLOCK.
 - also get rid of WANTPARENT (just use LOCKPARENT and unlock it).
 - remove an assumption in layer_node_find() that all file systems implement
   a recursive VOP_LOCK() (unionfs doesn't).
 - require that all file systems supply vfs_vptofh and vfs_fhtovp routines.
   fill in eopnotsupp() for file systems that don't support being exported
   and remove the checks for NULL.  (layerfs calls these without checking.)
 - in union_lookup1(), don't change refcounts in the ISDOTDOT case, just
   adjust which vnode is locked.  fixes PR 33374.
 - apply fixes for ufs_rename() from ufs_vnops.c rev. 1.61 to ext2fs_rename().
 2006-12-09 16:11:50 +00:00
elad
b8e4702fb2 Back out uvm_is_swap_device(). 2006-12-07 14:06:51 +00:00
dyoung
0a817c6193 Bump date for previous. 2006-12-06 05:32:18 +00:00
dyoung
2f22b3e668 Add rudimentary documentation for IPSec socket options. Maybe 
somebody who groks IPSec will help me out here.
 2006-12-06 05:27:32 +00:00
hubertf
e135fa8ee4 Update to describe current API (only), and not duplicate that can be 
found elsewhere. (And which will appear in the NetBSD Internals Guide
soonish).

Submitted by Daniel Sieger <dsieger@TechFak.Uni-Bielefeld.DE>,
OK'd by martin@ and  yamt@
 2006-12-04 15:36:23 +00:00
wiz
1f1eabcdb7 Use more markup. Use HTML escapes. Use .Rs/.Re for book citation. 2006-12-04 13:16:59 +00:00
pavel
edab74570a Move the description of sysctl MIBs from sysctl.3 to a new manual page 
sysctl.7. Remove the list of MIBs from sysctl.8 so we don't have to
maintain duplicate information, as proposed by YAMAMOTO Takashi on
tech-userlevel. Also remove references to header files from sysctl.8.

The numeric constants remain documented, they are still needed in some
cases. See the discussion on tech-userlevel. ("mib list in sysctl.8")

OK by YAMAMOTO Takashi.
 2006-12-04 08:59:13 +00:00
rpaulo
08a924d363 Mention wpa_supplicant rc script. 
Noted by hubertf@
 2006-12-04 03:52:26 +00:00
dyoung
a2ab81c489 Change date to reflect today's change. 
Try to get groff -mdoc to stop inserting extraneous linebreaks---no
luck!
 2006-12-04 02:51:07 +00:00
dyoung
627864e36f Per discussion on tech-net@, discard the address-munging hack that 
let one create a tunnel with equal inner and outer destination IP
numbers.  Update gre(4) documentation for this change.

Extract subroutine  gre_update_route() from gre_compute_route(),
and always call it in gre_output() to freshen the route for
tunnel-encapsulated packets.
 2006-12-04 02:40:15 +00:00
tsutsui
32402b1bfe Remove an invalid (and nonexistent) .Xr usage. 2006-12-03 05:28:33 +00:00
elad
432c309931 Change kauth(9) KPI for kauth_authorize_device_passthru() to add another 
argument, u_long, serving as a bit-mask of generic requests for the
passthru request.

Discussed on tech-security@ and tech-kern@. Okay tls@.
 2006-12-02 03:10:42 +00:00
elad
1e92f4ba9c Trailing whitespace... 2006-12-01 16:13:36 +00:00
elad
a6c2dfb16d Introduce uvm_is_swap_device(), to check if the passed struct vnode * is 
used as a swap device or not.

Okay mrg@.
 2006-12-01 16:06:09 +00:00
pooka
b98361ea36 sauce catchup 2006-12-01 15:31:25 +00:00
bouyer
7b4730a29f Add ahcisata(4), a driver for AHCI 1.0 and 1.1 controllers. Tested on the sata 
ports of a Intel 63xxESB chipset. Does not support NCQ yet.
 2006-11-30 21:01:15 +00:00
elad
2f85bad1eb Sync with reality after recent changes. 2006-11-30 16:55:00 +00:00
hira
be6e51a13a Add missing spaces after section suffix. 2006-11-29 16:50:53 +00:00
elad
646f2112d3 Make Veriexec use proplib(3) for kernel-userland data passing. 
Obviously, this breaks the already unstable Veriexec ABI, but that's
it. Some cool additions are planned to be introduced, and this just
makes it so that NetBSD 4.0 users will be able to easily use them as
well.

This also removes the fingerprint type name limit, so relevant code
was adjusted.

Thoroughly tested (even uncovered a bug in proplib! thanks for fixing
that cube@!). Documentation updated.
 2006-11-28 22:22:02 +00:00
pooka
0dd37417ef match description of VOP_PUTPAGES with reality 2006-11-28 19:26:30 +00:00
elad
8bb202af97 Move ktrace, ptrace, systrace, and procfs to use kauth(9). 
First, remove process_checkioperm() calls from MD code. Similar checks
using kauth(9) routines (on the process scope, using appropriate action)
are done in the callers.

Add secmodel back-end to handle each subsystem.
 2006-11-28 17:27:09 +00:00
elad
21bc112176 Implement Veriexec's raw disk policy on-top of kauth(9)'s device scope, 
using both the rawio_spec and passthru actions to detect raw disk
activity. Same for kernel memory policy.

Update documentation (no longer need to expose veriexec_rawchk()) and
remove all Veriexec-related bits from specfs.
 2006-11-26 20:27:27 +00:00
wiz
dee9175769 Bump date for previous. 2006-11-26 16:36:06 +00:00
elad
df07d5d652 I wanted to do this for so long: veriexec_init_fp_ops() -> veriexec_init(). 2006-11-26 16:22:36 +00:00
jmmv
175531f6ed Mention the maximum line length allowed in the passwd file. 
Inspired by PR misc/34664.
 2006-11-26 11:43:48 +00:00
jmmv
964c039645 Explain that groups can be defined using multiple lines due to the fixed 
line length used to parse the file.  Closes PR misc/34664.
 2006-11-26 11:35:39 +00:00
christos
2c8c97cf53 Add LevelOne WNC-0301USB 2006-11-25 21:44:44 +00:00
elad
6a55f622e6 First take of MI boot(8) man-page, suggested by agc@. 
Okay agc@.
 2006-11-25 17:43:47 +00:00
christos
c0179c282a spell precede; from Zafer 2006-11-25 16:48:31 +00:00
scw
512f329f66 Document disk_blocksize(9). 2006-11-25 12:00:25 +00:00
christos
1665d5e960 fix spelling of accommodate; from Zapher. 2006-11-24 19:46:58 +00:00
rpaulo
785b8e0981 WARNING: input date is in the past! 2006-11-23 18:02:15 +00:00
elad
6d74a5fdc7 Document Veriexec strict levels (hm, maybe we should have veriexec(8)?) 
as requested by Adam Hamsik.
 2006-11-23 13:23:22 +00:00
rpaulo
370be902f0 WARNING: date is in the future! 2006-11-23 04:12:51 +00:00
rpaulo
5423539f94 New EtherIP driver based on tap(4) and gif(4) by Hans Rosenfeld. 
Notable changes:
	* Fixes PR 34268.
	* Separates the code from gif(4) (which is more cleaner).
	* Allows the usage of STP (Spanning Tree Protocol).
	* Removed EtherIP implementation from gif(4)/tap(4).

Some input from Christos.
 2006-11-23 04:07:07 +00:00
elad
2664dc174c Add missing items to the securelevel implications list. 
Now it is complete.
 2006-11-22 21:00:30 +00:00
elad
eb704f9789 SSP is not enabled by default, update documentation. 
Pointed out by yamt@, thanks!
 2006-11-22 13:00:02 +00:00
elad
4b316db1d1 Introduce KAUTH_REQ_MACHDEP_{ALPHA,X86}_UNMANAGEDMEM to handle access 
to unmanaged memory.

These are the last two securelevel references in the MD code.
 2006-11-22 12:12:51 +00:00
elad
a84fee7faf Initial implementation of PaX Segvguard (this is still work-in-progress, 
it's just to get it out of my local tree).
 2006-11-22 02:02:51 +00:00
wiz
e524263824 Add RCS Id. Use Nx. Sort SEE ALSO. Avoid Xr to ourselves. 
Avoid marking up commas. Uppercase Dt argument.
 2006-11-19 00:26:52 +00:00
wiz
430da4d077 Bump date for previous. 2006-11-19 00:20:02 +00:00
elad
2db3a96be7 Provide a standard authorization wrapper for the device scope. 2006-11-19 00:11:29 +00:00
wiz
4dcf8d1488 New sentence, new line. Typo fixes. Slightly more appropriate mdoc macro. 2006-11-19 00:05:42 +00:00
pooka
e518d4247c elf loader lives in /libexec these days. and besides, it's called 
ld.elf_so, not ld.so_elf
 2006-11-18 14:32:14 +00:00
jld
0919614fc2 Add /l to description of "ps" abbreviation for "show all procs". 2006-11-18 08:48:32 +00:00
oster
93a18158f4 Document 'show all procs /l'. (i.e. catch up with reality) 2006-11-18 01:20:58 +00:00
pooka
8bf1f71b17 document PUFFSFLAG_NOCACHE 2006-11-17 18:00:20 +00:00
elad
cbaf7914e4 First attempt at an examples section, and while here also add some notes 
about extending kauth(9).
 2006-11-15 14:55:54 +00:00
ad
f2097c8b0d Remove misleading sentence, to be replaced by a manual page describing basic locking rules. 2006-11-14 15:30:09 +00:00
ad
316b72d710 Fix errors. 2006-11-13 18:28:15 +00:00
ad
119899c354 Remove authors section, and update history where appropriate. 2006-11-13 16:33:56 +00:00
ad
4608df106c - Remove AUTHORs section. 
- Mention twa.
 2006-11-13 16:29:05 +00:00
ad
bea3d13d1d Add manual pages for RW locks, mutexes and condition variables. Not 
enabled in the Makefile.
 2006-11-13 16:22:11 +00:00
dyoung
a25eaede91 Add a source-address selection policy mechanism to the kernel. 
Also, add ioctls SIOCGIFADDRPREF/SIOCSIFADDRPREF to get/set preference
numbers for addresses.  Make ifconfig(8) set/display preference
numbers.

To activate source-address selection policies in your kernel, add
'options IPSELSRC' to your kernel configuration.

Miscellaneous changes in support of source-address selection:

        1 Factor out some common code, producing rt_replace_ifa().

        2 Abbreviate a for-loop with TAILQ_FOREACH().

        3 Add the predicates on IPv4 addresses IN_LINKLOCAL() and
          IN_PRIVATE(), that are true for link-local unicast
          (169.254/16) and RFC1918 private addresses, respectively.
          Add the predicate IN_ANY_LOCAL() that is true for link-local
          unicast and multicast.

        4 Add IPv4-specific interface attach/detach routines,
          in_domifattach and in_domifdetach, which build #ifdef
          IPSELSRC.

See in_getifa(9) for a more thorough description of source-address
selection policy.
 2006-11-13 05:13:38 +00:00
plunky
57c0199dcf Tidy away wsmouse_input() abstractions and update 
documentation to include the W direction.
 2006-11-12 19:00:42 +00:00
pooka
095997aad1 initial documentation for the puffs message interface 2006-11-09 01:29:34 +00:00
xtraeme
f0a9e30534 First appeared in 3.1 not 4.0. 2006-11-06 21:32:57 +00:00
xtraeme
c3ca7d0b90 It was added in 3.1 not 4.0. 2006-11-06 21:31:26 +00:00
xtraeme
28214abdba First appeared in NetBSD 3.1 not 4.0... and bump date. 2006-11-06 21:27:15 +00:00
wiz
0db5a288e6 Fix a typo. 2006-11-04 17:16:24 +00:00
yamt
90101c023b be explicit about the difference between vmem_free and vmem_xfree. 2006-11-04 13:07:58 +00:00
yamt
bf894997ce document vmem_xalloc/xfree. 2006-11-04 12:55:28 +00:00
yamt
f0fcd48625 consistency. 2006-11-04 12:39:50 +00:00
elad
1121d7d96a Sync with reality. 2006-11-04 10:47:37 +00:00
elad
9477ac30bc Add "@uid" keyword translation, to translate effective user-id of the 
process.
 2006-11-04 10:14:00 +00:00
wiz
1666843c46 Remove references to hostname.if(5), add ones for ifconfig.if(5). 2006-10-31 22:49:01 +00:00
joerg
fc0bc19fc7 Add rum(4) for newer USB Ralink devices. Obtained from OpenBSD. 
Special thanks to Sepherosa Ziehau for helping debugging USB issues.
Hook up rum(4) for i386 config files.
 2006-10-31 22:21:16 +00:00
wiz
403c06a45d Bump date for previous. 2006-10-31 22:01:09 +00:00
plunky
162befcdae add references to bluetooth keyboards 2006-10-31 19:11:14 +00:00
plunky
f5c76b405a add references to bluetooth mice 2006-10-31 19:10:14 +00:00
elad
7372f1dad4 oops, remove junk. 2006-10-31 02:06:30 +00:00
elad
5a11382d8e Sync with reality. 2006-10-31 01:59:12 +00:00
wiz
dccfb8ab7d Bump date for previous. New sentence, new line. 2006-10-30 23:53:54 +00:00
cbiere
de8ccd77d9 Moved example code into its own section with an additional path truncation 
check. Added a COMPATIBILITY section for sun_len and SUN_LEN() as suggested
by soda. Fixes PR lib/34744.
 2006-10-30 23:49:04 +00:00
garbled
0a8823b9bd Note the slide(4) driver in the list of chips in the pciide driver, and 
fix a missing space in the slide manpage.
 2006-10-30 23:39:38 +00:00
wiz
e63079c2a4 Avoid punctuation markup; remove pastos (?). 2006-10-30 21:36:36 +00:00
elad
52d8744717 Use integers, not pointers to integers, for KAUTH_REQ_NETWORK_SOCKET_OPEN. 
Reminded by yamt@, thanks!
 2006-10-30 16:53:48 +00:00
elad
4b90b6befa Remove note about how a malicious root user can cause kernel crashes. 2006-10-30 12:40:08 +00:00
elad
a6e87ced6c Sync with reality. 2006-10-28 15:34:18 +00:00
wiz
e2440f408d New sentence, new line. 
Add Xr for all referenced drivers, some of them commented out because
the man pages don't exist yet, in particular:
acorn32/amps(4)
acorn32/csa(4)
acorn32/icside(4)
acorn32/rapide(4)
acorn32/simide(4)
hcsc(4)
 2006-10-26 22:39:50 +00:00
bjh21
79a98f507f At wiz's suggestion, replace the two MD podulebus(4) pages with a single MI 
one, modelled somewhat on pci(4).
 2006-10-26 21:37:08 +00:00
wiz
f31bc9e7e9 Bump date for previous. 2006-10-26 17:54:52 +00:00
drochner
cb7efd18c2 minor fixes and cleanup, reviewed by elad 2006-10-26 17:33:11 +00:00
elad
04e6d5f932 Don't take chances... properly document KAUTH_NETWORK_INTERFACE. On a 
second thought having that warning just in the CVS log doesn't look too
helpful. :)
 2006-10-26 16:11:17 +00:00
elad
ed853f6398 Document that arg1 and arg2 for KAUTH_NETWORK_INTERFACE are optional. 
Document that arg3 is optionally the interface-specific request. Should
only make sense if we pass ifnet * in arg1!
 2006-10-26 16:06:39 +00:00
wiz
7f6433f8ce Sort SEE ALSO. Fix Dd argument. Remove intro(4) xref (page does not exist). 2006-10-26 12:52:14 +00:00
wiz
13da499d18 New sentence, new line. 2006-10-26 12:50:22 +00:00
wiz
6acb9c2f08 Fix typos, improve markup. 2006-10-26 12:47:30 +00:00
wiz
faa00b034c Fix typo, found by yamt. 2006-10-26 12:31:14 +00:00
wiz
1751d830e6 Various minor improvements. 2006-10-26 11:16:28 +00:00
wiz
dc554c90da Fix Dd argument (full month name). 2006-10-26 10:54:52 +00:00
elad
adf8d7aab2 Introduce KAUTH_REQ_NETWORK_SOCKET_OPEN, to check if opening a socket is 
allowed. It takes three int * arguments indicating domain, type, and
protocol. Replace previous KAUTH_REQ_NETWORK_SOCKET_RAWSOCK with it (but
keep it still).

Places that used to explicitly check for privileged context now don't
need it anymore, so I replaced these with XXX comment indiacting it for
future reference.

Documented and updated examples as well.
 2006-10-25 22:49:22 +00:00
jmmv
ccf856e4f9 Remove references to the GRUB patch required to load NetBSD kernels. 
Finally they can be booted by mainstream GRUB-Legacy versions -- those
included with any Linux distribution!
 2006-10-25 14:02:11 +00:00
jmmv
13f9baab4e MULTIBOOT_SYMTAB_SPACE is gone because the kernel is now clever enough to 
not need this hack.
 2006-10-25 13:58:02 +00:00
elad
0730babc25 Sync documentation for KAUTH_PROCESS_CANSIGNAL with reality. 2006-10-24 10:23:05 +00:00
peter
157373e263 Fix a typo. 2006-10-23 21:21:49 +00:00
pooka
de328e13dc regen for puffs 
(and a few others.  seems like plenty of people remember to do this)
 2006-10-22 23:03:48 +00:00
xtraeme
0262460f38 Xr ikphy 2006-10-22 16:08:43 +00:00
bouyer
e960fdb58f Add support for the Intel 80003 Gigabit Ethernet controller (found e.g. 
in newer server chipsets) to wm(4), from the FreeBSD em(4) driver.
While there, add a few other Intel Ethernet controller that should work
as is.
Properly update the RX error and TX collision counters.
Add ikphy(4), a driver for the Intel i82563 Kumeran 10/100/1000
Ethernet PHYs
(forgot to cvs add this file in previous commit; pointed out by Juan RP)
 2006-10-22 16:00:53 +00:00
bjh21
fc5237c2e4 ei(4) is MI, shared by acorn26 and acorn32. Pull its man page up out of the 
acorn26 directory.
 2006-10-22 14:29:24 +00:00
elad
6b1bc77758 Use consistent wording. 
While here, undocument converstion routines for pcred/ucred, as these are
going to be deprecated. They already are, actually, but because we exposed
them to userland so cleverly with sysctl, it may require more thinking
before actually removing them. For now, just make sure nobody relies on
these types. Or at least try...
 2006-10-22 14:00:00 +00:00
pooka
418e5b1cea reflect kauth uucred routine changes 
thanks to Elad for reminding
 2006-10-22 13:42:17 +00:00
elad
db3faefa96 First shot at a security(8) man-page, a quick guide for some NetBSD 
security features.
 2006-10-22 12:16:27 +00:00
yamt
2026cc5abb be consistent with other vmem pages. 2006-10-22 11:23:32 +00:00
yamt
4194eaeebd document vmem. 2006-10-22 11:14:52 +00:00
bouyer
154d613f0b Add support for the Intel 80003 Gigabit Ethernet controller (found e.g. in 
newer server chipsets) to wm(4), from the FreeBSD em(4) driver.
While there, add a few other Intel Ethernet controller that should work as
is.
Properly update the RX error and TX collision counters.
Add ikphy(4), a driver for the Intel i82563 Kumeran 10/100/1000 Ethernet PHYs
 2006-10-21 14:10:32 +00:00
elad
d53df4ed98 Document KAUTH_NETWORK_INTERFACE arguments. 2006-10-21 00:07:40 +00:00