Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
184,231 Commits 606 Branches 0 Tags
Commit Graph

184231 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
christos
7770393bf8 add type attributes in a few more places. 2009-10-03 17:09:18 +00:00
jmcneill
92ddd35b74 from Jukka Ruohonen: 
- Remove redundant assertions.
 - Properly check for NULL pointers.
 - No real need to keep track whether the internal event handler is installed.
 - Add a missing function to pass possible extra information associated with
   an event. Mentioned in the specification.
 2009-10-03 15:49:21 +00:00
jmcneill
d0d1a0e6c3 Enable viapcib 2009-10-03 13:37:27 +00:00
zafer
efcbcb0cf3 remove trailing whitespace. (hi wiz!) 2009-10-03 12:45:15 +00:00
martin
b7d9979e0d When creating /etc/fstab: 
for the first swap partition use type sw,dp instead of sw, so dump device
gets configured correctly if swap is not on the second partition.
Fixes PR install/42148.
 2009-10-03 12:00:00 +00:00
wiz
0fe31f2e87 Drop trailing whitespace. 2009-10-03 07:37:01 +00:00
elad
5b3a96a24d Move KAUTH_NETWORK_BIND::KAUTH_REQ_NETWORK_BIND_PORT policy back to the 
subsystem (or close to it).

Note: Revisit KAUTH_REQ_NETWORK_BIND_PRIVPORT.
 2009-10-03 03:59:39 +00:00
elad
82ce55ed44 Move policies for KAUTH_PROCESS_{CANSEE,CORENAME,STOPFLAG,FORK} back to 
the subsystem.

Note: Consider killing the signal listener and sticking
      KAUTH_PROCESS_SIGNAL here as well.
 2009-10-03 03:38:31 +00:00
elad
e62043d705 One less include. 2009-10-03 03:02:55 +00:00
elad
50c13fc074 Make modstat output look pretty again. 2009-10-03 02:27:43 +00:00
elad
2bf6c7c405 We only care about KAUTH_NETWORK_ROUTE. 2009-10-03 02:22:22 +00:00
elad
eab999856c Make this file a little bit smaller by collapsing cases. 2009-10-03 02:06:11 +00:00
elad
0dd621a02d Move clockctl policy exception back to the subsystem. 2009-10-03 02:01:12 +00:00
elad
0a0bbb40a7 secmodel_bsd44_curtain -> secmodel_suser_curtain (static). 2009-10-03 01:52:14 +00:00
elad
cee5cd7dd4 Move default network interface policy back to the subsystem. 2009-10-03 01:46:39 +00:00
elad
111de3833c Finish moving socket policy to the subsystem. 2009-10-03 01:41:39 +00:00
christos
3da8ec1b81 accept struct { ... } __packed name; 2009-10-03 01:35:20 +00:00
elad
452ced03bd Move sched policy back to the subsystem. 2009-10-03 01:30:25 +00:00
elad
6991fd9ea2 Move firewall/NAT policy back to respective subsystems (pf, ipf). 
Note: the ipf code contains a lot of ifdefs, some of them for NetBSD
versions that are no longer maintained. It won't make the code more
readable, but we should consider removing them.
 2009-10-03 00:37:01 +00:00
elad
212f5fa214 Move kevent policy back to the subsystem. 2009-10-03 00:14:07 +00:00
elad
abc7a4290b Put module loading policy back in the subsystem. 
Revisit: consider moving kauth_init() above module_init() in main().
 2009-10-03 00:06:37 +00:00
tsarna
3c8b3fccbd Make signals match what OS X and the manpage say. Implement toggles for 
debug and packet trace logging.

Make this conditional on HAVE_SIGINFO. Presumably lack of SIGINFO as a
standard posix feature is why they went with different signals here in
the first place, but since we have it, let's use it.
 2009-10-03 00:03:05 +00:00
elad
1f98cab201 Put the tty opening policy back in the subsystem. 
Remove include we don't need from the secmodel code.
 2009-10-02 23:58:53 +00:00
elad
510083464f Move some of the socket policy back to the subsystem. 
Remove include we don't need in the secmodel code.
 2009-10-02 23:50:16 +00:00
elad
8751f894d8 Put signal delivery policy back in the subsystem. 2009-10-02 23:24:15 +00:00
elad
c2ba1b2a75 Remove includes we don't need. 2009-10-02 23:18:12 +00:00
elad
9f0d81cf10 Move routing socket security policy back to the subsystem. 2009-10-02 23:16:21 +00:00
elad
198c6aa6f5 - Squeeze function declarations where possible, 
- KAUTH_RESULT_DEFER is the default (set at the beginning of each listener)
  and as such does not need to be set explicitly in the switches.
 2009-10-02 23:06:33 +00:00
elad
51f0d6a0eb Put procfs policy back in the subsystem. 2009-10-02 23:00:02 +00:00
elad
09f3ac9e2f Stick nice policy in its own subsystem and call the listener "resource" 
rather than "rlimit"...
 2009-10-02 22:46:18 +00:00
elad
bcc5014bd0 Move rlimit policy back to the subsystem. 
For this we needed proc_uidmatch() exposed, which makes a lot of sense,
so put it back in sys_process.c for use in other places as well.
 2009-10-02 22:38:45 +00:00
elad
2ae3a70827 Move ptrace's security policy back to the subsystem itself. 
Add a ptrace_init() so we have a place to register the listener; called
next to ktrinit().
 2009-10-02 22:18:56 +00:00
elad
9a472060de Let the ipkdb subsystem allow operations related to it rather than wrongly 
doing so in the suser secmodel.
 2009-10-02 22:05:52 +00:00
elad
40cc528a28 Move psets security policy back to the subsystem and keep suser logic only 
in the suser secmodel code.
 2009-10-02 21:56:28 +00:00
christos
17b31cc3a2 handle bit fields in packed structures. 2009-10-02 21:49:30 +00:00
elad
932cd15f91 Move ktrace's subsystem security policy to the subsystem itself, and keep 
just the suser-related logic in the suser secmodel.
 2009-10-02 21:47:35 +00:00
roy
e301526e91 Import dhcpcd-5.1.1 2009-10-02 21:44:02 +00:00
roy
9f9d7a83f9 Fix building dhcpcd-5.1.1 2009-10-02 21:40:16 +00:00
roy
0b3ae6da92 Add back dhcpcd.conf 2009-10-02 21:36:41 +00:00
roy
cc2e8e7e32 Import dhcpcd-5.1.1 
Changes from dhcpcd-5.0.7 include
* Only allow hardware families we know by default (over-ridable)
* Fix persistent and timeout 0 options
* Fix parsing of escape code sequencies
* Don't bring up interfaces brought down when handling new interfaces
* Allow un-encapsulated vendor option
* Don't null terminate gratuitously when handling quotes
* Fix various typos and grammatical errors
* dhcpcd.conf simplified a little
 2009-10-02 21:31:01 +00:00
jmcneill
350f3d2e59 match VT8237A 2009-10-02 21:27:45 +00:00
christos
31c4dc3a51 lint knows __packed now. 2009-10-02 21:05:28 +00:00
christos
5cf5db250b if __packed exists, use it. I might revert this later when I fully implement 
attribute for lint.
 2009-10-02 21:05:10 +00:00
christos
876a5b04b7 compute sizes by the new tsize() function. 2009-10-02 21:04:03 +00:00
christos
19f30f4ea2 fix typedef struct __packed 2009-10-02 20:45:06 +00:00
elad
1df9608023 Centralize documentation about exported sysctl variables in the relevant 
secmodel's man-page.
 2009-10-02 20:31:19 +00:00
elad
780232ccbf Create securelevel variable under securelevel node. 2009-10-02 20:15:07 +00:00
elad
52734536eb Bump date to today's date (rather than when the changes were made). 2009-10-02 19:50:37 +00:00
elad
4e583a9ca6 Remove secmodel.h, forgotten in previous commit: 
http://mail-index.netbsd.org/source-changes/2009/10/02/msg001437.html
 2009-10-02 19:41:45 +00:00
christos
2144a69bda remove debugging 2009-10-02 19:02:16 +00:00