subsystems, based on work by YAMAMOTO Takashi. This is intended to
be used by other subsystems (such as the proc_*() or lwp_*() routines)
rather than directly by consumers.
- if allocated in the MI range, it breaks the builds for ports that do
not use it
- if allocated in the MD range, 3ware's tw_cli tool will break because it
hardcodes the major
remove pseudo-device btdev(4) and inherent limitations
add bthub(4) which autoconfigures at bluetooth controllers as they
are enabled. bluetooth devices now attach here.
btdevctl(8) and its cache is updated to handle new semantics
etc/rc.d/btdevctl is updated to configure devices from a list
in /etc/bluetooth/btdevctl.conf
- Add a few scopes to the kernel: system, network, and machdep.
- Add a few more actions/sub-actions (requests), and start using them as
opposed to the KAUTH_GENERIC_ISSUSER place-holders.
- Introduce a basic set of listeners that implement our "traditional"
security model, called "bsd44". This is the default (and only) model we
have at the moment.
- Update all relevant documentation.
- Add some code and docs to help folks who want to actually use this stuff:
* There's a sample overlay model, sitting on-top of "bsd44", for
fast experimenting with tweaking just a subset of an existing model.
This is pretty cool because it's *really* straightforward to do stuff
you had to use ugly hacks for until now...
* And of course, documentation describing how to do the above for quick
reference, including code samples.
All of these changes were tested for regressions using a Python-based
testsuite that will be (I hope) available soon via pkgsrc. Information
about the tests, and how to write new ones, can be found on:
http://kauth.linbsd.org/kauthwiki
NOTE FOR DEVELOPERS: *PLEASE* don't add any code that does any of the
following:
- Uses a KAUTH_GENERIC_ISSUSER kauth(9) request,
- Checks 'securelevel' directly,
- Checks a uid/gid directly.
(or if you feel you have to, contact me first)
This is still work in progress; It's far from being done, but now it'll
be a lot easier.
Relevant mailing list threads:
http://mail-index.netbsd.org/tech-security/2006/01/25/0011.htmlhttp://mail-index.netbsd.org/tech-security/2006/03/24/0001.htmlhttp://mail-index.netbsd.org/tech-security/2006/04/18/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/05/15/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/08/01/0000.htmlhttp://mail-index.netbsd.org/tech-security/2006/08/25/0000.html
Many thanks to YAMAMOTO Takashi, Matt Thomas, and Christos Zoulas for help
stablizing kauth(9).
Full credit for the regression tests, making sure these changes didn't break
anything, goes to Matt Fleming and Jaime Fournier.
Happy birthday Randi! :)
is defined. if this option is present in the Makefile CFLAGS and we are
using GCC4, build kern_synch.c with -fno-reorder-blocks, so that this
actually works.
XXX be nice if KERN_SYNCH_BPENDTSLEEP_LABEL was a normal 'defflag' option
XXX but for now take the easy way out and make it checkable in CFLAGS.
The PIOBM is used by only one driver (will be added later,
stay tuned) and intruduce an attribute "ata_piobm" so that
it will be conditionally compiled in.
The "ata_dma" (busmastering transfer using ATA DMA mode) and
"ata_udma" (busmastering transfer using ATA Ultra DMA mode)
attributes are also added for consistency, but unused for now.
Fix MOBILE encapsulation. Add many debugging printfs (mainly
concerning UDP mode). Clean up the gre(4) code a bit. Add the
capability to setup UDP tunnels to ifconfig. Update documentation.
In UDP mode, gre(4) puts a GRE header onto transmitted packets,
and hands them to a UDP socket for transmission. That is, the
encapsulation looks like this: IP+UDP+GRE+encapsulated packet.
There are two ways to set up a UDP tunnel. One way is to tell the
source and destination IP+port to gre(4), and let gre(4) create
the socket. The other way to create a UDP tunnel is for userland
to "delegate" a UDP socket to the kernel.
dev/ic/wd33c93.c. This may not be the best WD33C93 driver we've
got, but it's the most recently worked on and probably the most
portable, so it seems like a good basis for further work (and in
particular an acorn26 driver for the Acorn SCSI card). There's
no functional change in this commit, and sgimips kernels still
compile.
Change the way in which bluetooth devices attach to system. The
new way is for devices to attach directly to a btdevN device via
its own control file /dev/btdevN.
- bthub(4) is replaced by btdev(4).
- /dev/bthubctl is replaced by /dev/btdevN.
- configuration now uses proplib(3) property lists.
- btcontrol(8) updated to use new API, and now uses private
- XML config file /var/db/btdev.xml.
- adapt to NVERIEXEC in init_sysctl.c.
- we now need "veriexec.h" for NVERIEXEC.
- "opt_verified_exec.h" -> "opt_veriexec.h", and include it only where
it is needed.
commands to the controller.
Add a amrctl(8) control tool, which for now only allows to get status
from the adapter (status of adapter, logical volumes and and individual
drives).
From FreeBSD, with some adjustements by Andrew Doran and me.
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.
this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.
as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.
also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.
tons of input from yamt@, wrstuden@, martin@, and christos@.
This allows us to convert aucom to just another com attachment, and cleanup
some code in the com_arbus.c.
Additionally, we use a common com_cleanup routine rather than having a
zillion copies of it in the attachment points.
This has been tested on a number architectures, and it has been shown to get
close to comparable performance when COM_REGMAP is defined, and comparable
when it is not defined.
Approved by core@. Fixes PR port-evbmips/32362.
Merge from chap-midi branch, after
~month for review
Comments by thorpej@ drochner@ and Alexandre Ratchov
Incorporated: points by thorpej@ drochner@; preliminary support for
a stats-collecting ioctl suggested by martin@ from comments by A.R.
PR kern/32441 kern/32442 kern/32567 kern/32588 kern/32694 kern/33590
kern/33614 and one instance of kern/32651
ok martin@
2. implement solaris-like kmem_alloc/free api, using #1.
(note: this implementation is backed by kernel_map, thus can't be
used from interrupt context.)
NetBSD Foundation Membership still pending.) This stack was written by
Iain under sponsorship from Itronix Inc.
The stack includes support for rfcomm networking (networking via your
bluetooth enabled cell phone), hid devices (keyboards/mice), and headsets.
Drivers for both PCMCIA and USB bluetooth controllers are included.
- struct timeval time is gone
time.tv_sec -> time_second
- struct timeval mono_time is gone
mono_time.tv_sec -> time_uptime
- access to time via
{get,}{micro,nano,bin}time()
get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
martin