Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
156,617 Commits 606 Branches 0 Tags 3.1 GiB
902dda5b53
Commit Graph

342 Commits

Author SHA1 Message Date
daniel
c339e55881 Add an opencrypto provider for the AES xcrypt instructions found on VIA 
C5P and later cores (also known as 'ACE', which is part of the VIA PadLock
security engine). Ported from OpenBSD.

Reviewed on tech-crypto and port-i386, no objections to commiting this.
 2007-02-17 00:28:23 +00:00
wiz
c46358a299 Reword slightly. 2006-12-23 07:35:28 +00:00
elad
a84fee7faf Initial implementation of PaX Segvguard (this is still work-in-progress, 
it's just to get it out of my local tree).
 2006-11-22 02:02:51 +00:00
jmmv
13f9baab4e MULTIBOOT_SYMTAB_SPACE is gone because the kernel is now clever enough to 
not need this hack.
 2006-10-25 13:58:02 +00:00
wiz
f1d4555c7e Bump date for last. 2006-10-14 07:30:54 +00:00
peter
dd191f37f3 Merge the peter-altq branch. 
(sync with KAME & add support for using ALTQ with pf(4)).
 2006-10-12 19:59:07 +00:00
manu
f309b668fd - Document COMPAT_15 as doing nothing 
- Add COMPAT_15 to all the kernel that had COMPAT_14, for the sake of coherency
- Remove the only occurences of #ifdef COMPAT_15 in the tree: for the ARM
ports, COMPAT_15 was always used in conjunction with EXEC_AOUT. Only EXEC_AOUT
matters here.

This address kern/18407
 2006-09-27 21:42:04 +00:00
elad
5c38108d28 Change the PaX mprotect(2) restrictions' "global_protection" knob to 
just "global" -- it's shorter and more readable. Update documentation.
 2006-09-26 14:48:40 +00:00
wiz
6099d0dd9f Casing fix. 2006-09-23 11:16:50 +00:00
yamt
382236f83b BUFQ_PRIOCSCAN: s/experimental// 
i forgot why i marked it experimental.
 2006-09-20 02:15:42 +00:00
yamt
87780961a4 - options PDPOLICY_CLOCKPRO. 
- bump date.
 2006-09-15 16:01:24 +00:00
wiz
cd36443c3d Bump date for previous. 2006-09-10 21:11:01 +00:00
dogcow
f2d329dca0 remove more vestiges of CCITT, LLC, HDLC, NS, and NSIP. 2006-09-07 02:40:31 +00:00
pavel
28ef711f66 reference compat_30(8) in the description of COMPAT_30 and delete 
duplicated information. Pointed out by Izumi Tsutsui.

Bump date.
 2006-08-26 18:34:28 +00:00
xtraeme
9c74798bdd AMD PowerNow!/Cool`n'Quiet driver for NetBSD/amd64, 
adapted from OpenBSD.

Tested on a few machines:

http://bigbird.dohd.org:3021/NetBSD/dmesg
http://www.bsd.org.il/netbsd/acpi/dmesg

Thanks to cube, elad and others for testing and fixes.

Enabled by default on GENERIC.
 2006-08-06 15:37:21 +00:00
elad
25cf4840f3 more for 4.0: VERIFIED_EXEC no longer needed. 2006-07-30 22:16:29 +00:00
wiz
3d46a8c2b5 Drop trailing whitespace. 2006-07-14 22:05:57 +00:00
elad
b5d09ef065 okay, since there was no way to divide this to two commits, here it goes.. 
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.

this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.

as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.

also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.

tons of input from yamt@, wrstuden@, martin@, and christos@.
 2006-07-14 18:41:40 +00:00
jschauma
1a55271438 revert previous: as pointed out by tsutsui@, we're talking about 
MACHINE_ARCH, not MACHINE, so x86_64 should be noted, not amd64.
 2006-07-11 16:22:23 +00:00
jschauma
2b6f56fbdc use 'amd64' instead of 'x86_64' to avoid confusing new users of amd64 
who are not aware that it used to be called x86_64.
 2006-07-11 15:43:38 +00:00
gdamore
a5c89047c0 Initial import of bluetooth stack on behalf of Iain Hibbert. (plunky@, 
NetBSD Foundation Membership still pending.)  This stack was written by
Iain under sponsorship from Itronix Inc.

The stack includes support for rfcomm networking (networking via your
bluetooth enabled cell phone), hid devices (keyboards/mice), and headsets.

Drivers for both PCMCIA and USB bluetooth controllers are included.
 2006-06-19 15:44:33 +00:00
perry
9ea4211ee2 .Xr config 5 
Might need a bit more, but this looked okay for now.
 2006-06-04 21:55:50 +00:00
tsutsui
d4b574cc47 Mention COMPAT_30. 2006-05-19 17:53:18 +00:00
tsutsui
68f7891240 Mention options COMPAT_20 is also required for obsolete getfsstat(2) 
and fhstatfs(2) system calls.
 2006-05-19 17:43:44 +00:00
elad
04d63f90b5 Introduce PaX MPROTECT -- mprotect(2) restrictions used to strengthen 
W^X mappings.

Disabled by default.

First proposed in:

	http://mail-index.netbsd.org/tech-security/2005/12/18/0000.html

More information in:

	http://pax.grsecurity.net/docs/mprotect.txt

Read relevant parts of options(4) and sysctl(3) before using!

Lots of thanks to the PaX author and Matt Thomas.
 2006-05-16 00:08:24 +00:00
wiz
5d1e8b2745 Fix some typos. 2006-02-25 02:28:55 +00:00
chs
899d1b31b2 convert "magiclinks" from a per-fs mount option to a system-wide sysctl. 
as discussed on tech-kern quite some time ago.
 2006-02-12 01:32:06 +00:00
ross
cf5f509b2f Move "OEA Only" to the powerpc subsection header. 2006-02-11 18:45:01 +00:00
wiz
f0bf09cccc New sentence, new line; bump date for previous. 2006-02-11 18:36:20 +00:00
ross
af8e3c5091 document for powerpc option PTEGCOUNT=value 2006-02-11 18:33:34 +00:00
wiz
750e9a6a5b New sentence, new line. Bump date for previous. 2006-02-09 23:18:10 +00:00
manu
87d33baf60 update options(4) to talk about COMPAT_LINUX32 2006-02-09 19:24:40 +00:00
wiz
bb3c26cb98 Remove bogus line (pasto?). 2006-02-04 18:50:39 +00:00
wiz
f95c736511 New sentence, new line. Fix typo. 2006-02-04 18:37:20 +00:00
jmmv
0b879f1cfc Implement support for 'The Multiboot Specification' so that i386 kernels 
can be booted directly from Multiboot-compliant boot loaders (e.g. GRUB).
See the added multiboot(8) manual page for more information.

No objections in tech-kern@; only positive comments.
 2006-02-03 11:08:23 +00:00
rpaulo
36bb4dfe7d bump date for previous 2006-02-02 17:35:37 +00:00
reinoud
ffe00306fe Add the `file-system UDF' option to the options(4) man page. Also cross 
reference it to the mount_udf(8) manpage.
 2006-02-02 16:33:54 +00:00
darrenr
5987976cc1 if db_onpanic is -1, do not invoke any ddb functions at all when handling 
a panic.  This allows ddb's behaviour on a panic to be controlled via
sysctl rather than just compiling it in/out.
 2006-01-28 14:37:31 +00:00
bouyer
8e24dbfd8a Note DDB_COMMANDONENTER option. 2006-01-28 11:54:48 +00:00
darrenr
434c8e8a28 document newly introduced behaviour for ddb.onpanic=2 2006-01-28 08:23:28 +00:00
is
dbe99782bc Clarify that option values are C constants. 2006-01-26 10:02:48 +00:00
wiz
be32f9b107 \-1, not -1 (correct PS output). 2006-01-12 19:52:13 +00:00
xtraeme
c9f2b0fc40 AMD PowerNow K7 driver written by Martin Vegiard via PR port-i386/26239. 
Enabled by default on GENERIC and GENERIC_LAPTOP.

Imported 1 year later... but it's here finally.
 2005-12-31 17:55:55 +00:00
elad
1864f3b314 - Add a new section, "Security Options" 
- Move INSECURE to be under it, and fix wording - we hardwire to -1, not 0.
- Add Veriexec options.
 2005-12-20 18:15:30 +00:00
wiz
fc9c16cb33 Mention COMPAT_LINUX is available for x86_64. Bump date. 2005-12-15 20:52:20 +00:00
tsutsui
c91f73110a options VNODE_OP_NOINLINE is gone. 2005-12-07 12:46:32 +00:00
tsutsui
e8946f3801 Mention options FFS_NO_SNAPSHOT. Maybe incomplete, but better than nothing... 2005-12-07 12:08:37 +00:00
hubertf
a7477788d0 bump date for previous (PIM) 2005-12-02 21:06:22 +00:00
hubertf
0ae416724f Add a bit more data on where to go with option PIM 2005-12-02 21:03:44 +00:00
jmmv
56e945ca0d Mention "file-system tmpfs". Pointed out by Rui Paulo. 2005-10-08 11:22:13 +00:00