Commit Graph

68 Commits

Author SHA1 Message Date
christos
4d595fd7b1 - sprinkle __unused on function decls.
- fix a couple of unused bugs
- no more -Wno-unused for i386
2006-10-12 01:30:41 +00:00
elad
5f7169ccb1 First take at security model abstraction.
- Add a few scopes to the kernel: system, network, and machdep.

- Add a few more actions/sub-actions (requests), and start using them as
  opposed to the KAUTH_GENERIC_ISSUSER place-holders.

- Introduce a basic set of listeners that implement our "traditional"
  security model, called "bsd44". This is the default (and only) model we
  have at the moment.

- Update all relevant documentation.

- Add some code and docs to help folks who want to actually use this stuff:

  * There's a sample overlay model, sitting on-top of "bsd44", for
    fast experimenting with tweaking just a subset of an existing model.

    This is pretty cool because it's *really* straightforward to do stuff
    you had to use ugly hacks for until now...

  * And of course, documentation describing how to do the above for quick
    reference, including code samples.

All of these changes were tested for regressions using a Python-based
testsuite that will be (I hope) available soon via pkgsrc. Information
about the tests, and how to write new ones, can be found on:

	http://kauth.linbsd.org/kauthwiki

NOTE FOR DEVELOPERS: *PLEASE* don't add any code that does any of the
following:

  - Uses a KAUTH_GENERIC_ISSUSER kauth(9) request,
  - Checks 'securelevel' directly,
  - Checks a uid/gid directly.

(or if you feel you have to, contact me first)

This is still work in progress; It's far from being done, but now it'll
be a lot easier.

Relevant mailing list threads:

http://mail-index.netbsd.org/tech-security/2006/01/25/0011.html
http://mail-index.netbsd.org/tech-security/2006/03/24/0001.html
http://mail-index.netbsd.org/tech-security/2006/04/18/0000.html
http://mail-index.netbsd.org/tech-security/2006/05/15/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/01/0000.html
http://mail-index.netbsd.org/tech-security/2006/08/25/0000.html

Many thanks to YAMAMOTO Takashi, Matt Thomas, and Christos Zoulas for help
stablizing kauth(9).

Full credit for the regression tests, making sure these changes didn't break
anything, goes to Matt Fleming and Jaime Fournier.

Happy birthday Randi! :)
2006-09-08 20:58:56 +00:00
ad
f474dceb13 Use the LWP cached credentials where sane. 2006-07-23 22:06:03 +00:00
christos
c0160ad4aa don't allocate statvfs on the stack. 2006-06-12 00:22:47 +00:00
kardel
de4337ab21 merge FreeBSD timecounters from branch simonb-timecounters
- struct timeval time is gone
  time.tv_sec -> time_second
- struct timeval mono_time is gone
  mono_time.tv_sec -> time_uptime
- access to time via
	{get,}{micro,nano,bin}time()
	get* versions are fast but less precise
- support NTP nanokernel implementation (NTP API 4)
- further reading:
  Timecounter Paper: http://phk.freebsd.dk/pubs/timecounter.pdf
  NTP Nanokernel: http://www.eecis.udel.edu/~mills/ntp/html/kern.html
2006-06-07 22:33:33 +00:00
elad
215bd95ba4 integrate kauth. 2006-05-14 21:15:11 +00:00
christos
95e1ffb156 merge ktrace-lwp. 2005-12-11 12:16:03 +00:00
thorpej
73c9fbb0e6 Use ANSI function decls. Apply some static. 2005-06-23 23:15:12 +00:00
yamt
819738713e sys_acct: use VOP_SETATTR instead of VOP_TRUNCATE as the latter's
filesystem internal.  while i'm here, fix vnode locking.

XXX vn_start_write
2004-12-13 08:46:43 +00:00
christos
6665736bf9 Truncate the last incomplete accounting record, if the file size is not
a multiple of the accounting size structure. This can happen after a system
crash when fsck truncates the accounting file.
2004-11-13 20:41:41 +00:00
skrll
f7155e40f6 There's no need to pass a proc value when using UIO_SYSSPACE with
vn_rdwr(9) and uiomove(9).

OK'd by Jason Thorpe
2004-09-17 14:11:20 +00:00
christos
6bd1d6d4db Replace the statfs() family of system calls with statvfs().
Retain binary compatibility.
2004-04-21 01:05:31 +00:00
junyoung
a222c81884 Nuke __P(). 2004-03-23 13:22:03 +00:00
agc
aad01611e7 Move UCB-licensed code from 4-clause to 3-clause licence.
Patches provided by Joel Baker in PR 22364, verified by myself.
2003-08-07 16:26:28 +00:00
fvdl
d5aece61d6 Back out the lwp/ktrace changes. They contained a lot of colateral damage,
and need to be examined and discussed more.
2003-06-29 22:28:00 +00:00
darrenr
960df3c8d1 Pass lwp pointers throughtout the kernel, as required, so that the lwpid can
be inserted into ktrace records.  The general change has been to replace
"struct proc *" with "struct lwp *" in various function prototypes, pass
the lwp through and use l_proc to get the process pointer when needed.

Bump the kernel rev up to 1.6V
2003-06-28 14:20:43 +00:00
christos
62d7b4df25 PR/5458: Andrew Brown: acct(2) bug accounting to files marked sappnd 2003-04-20 03:20:18 +00:00
thorpej
e0d8d366df Merge the nathanw_sa branch. 2003-01-18 10:06:22 +00:00
lukem
adc783d537 add RCSIDs 2001-11-12 15:25:01 +00:00
thorpej
f10e7dc65b Don't reset file size limit to infinity on exit. Instead, temporarily
raise the limit to infinity when writing out the accounting file.

From Artur Grabowski <art@stacken.kth.se>.
2000-05-08 19:06:36 +00:00
enami
01a5f6c995 Create new kernel thread to issue statfs(2) system call to check free
disk space rather than doing it in timeout handler.  This fixes long
standing bug that accounting file can't be put on NFS file system (so,
e.g, we couldn't turn on accounting on diskless system).
2000-03-10 01:13:18 +00:00
perry
275d1554aa Abolition of bcopy, ovbcopy, bcmp, and bzero, phase one.
bcopy(x, y, z) ->  memcpy(y, x, z)
ovbcopy(x, y, z) -> memmove(y, x, z)
   bcmp(x, y, z) ->  memcmp(x, y, z)
  bzero(x, y)    ->  memset(x, 0, y)
1998-08-04 04:03:10 +00:00
perry
730baa7431 fix sizeofs so they comply with the KNF style guide. yes, it is pedantic. 1998-07-31 22:50:48 +00:00
thorpej
80e25bcca0 Don't cast the null residual pointer passed to vn_rdwr(). 1998-07-28 18:11:39 +00:00
fvdl
e5bc90f40c Merge with Lite2 + local changes 1998-03-01 02:20:01 +00:00
mycroft
04daee4f9c Add const where appropriate. 1997-10-19 02:00:19 +00:00
christos
8a5b1b92e2 First pass at prototyping 1996-02-04 02:15:01 +00:00
mycroft
245f292fed Prefix names of system call implementation functions with `sys_'. 1995-10-07 06:25:19 +00:00
thorpej
60024eb978 Make system calls conform to a standard prototype and bring those
prototypes into scope.
1995-09-19 21:40:36 +00:00
mycroft
f75ba16b09 Update to use timer{add,sub}(). 1995-03-21 13:33:34 +00:00
cgd
d218233b36 various cleanups for -Wall. some inspired by James Jegers. 1994-12-24 15:07:22 +00:00
mycroft
080e194e58 Remove extra arg to vn_open(). 1994-12-14 19:03:13 +00:00
mycroft
a18ec3cb1b LEASE_CHECK -> VOP_LEASE 1994-12-13 21:52:35 +00:00
mycroft
f9e259e3ca Use __timer{add,sub}(), not timeval{add,sub}(). Remove the latter completely. 1994-12-11 18:06:07 +00:00
christos
1a320dc9be added extra argument in vn_open and VOP_OPEN to allow cloning devices 1994-11-14 06:01:16 +00:00
cgd
6b86130410 update for new syscall args description mechanism 1994-10-20 04:22:35 +00:00
mycroft
7f9b78dbbe Revert most of the previous change. 1994-07-04 20:43:06 +00:00
cgd
34a7f2bbed minor style nits, change VBAD handling 1994-07-04 20:27:06 +00:00
cgd
cf92afd66e New RCS ID's, take two. they're more aesthecially pleasant, and use 'NetBSD' 1994-06-29 06:29:24 +00:00
cgd
975727e127 replace part of apparently-deleted line 1994-06-19 22:58:29 +00:00
mycroft
699bbb84b6 Update to 4.4-Lite fs code. 1994-06-08 11:28:29 +00:00
cgd
f472d92282 very obscure bug fix for acctwatch 1994-05-24 06:49:14 +00:00
mycroft
21a95abaca Don't go berzerk if acctwatch() happens to be called during an
acct_process().
1994-05-21 09:00:22 +00:00
cgd
8faa0eadd2 oops; if in the wrong place. thanks charles. 1994-05-21 01:10:26 +00:00
cgd
b3fda1e8ec update with merged versions 1994-05-20 10:05:02 +00:00
cgd
47d5757075 4.4-Lite versions 1994-05-20 10:04:05 +00:00
cgd
91cf0fbaf3 copyright foo 1994-05-17 04:21:49 +00:00
mycroft
62bf6a1578 Remove now-bogus casts. 1994-05-05 08:37:38 +00:00
cgd
a0a7429482 lots of changes: prototype migration, move lots of variables, definitions,
and structure elements around.  kill some unnecessary type and macro
definitions.  standardize clock handling.  More changes than you'd want.
1994-05-05 05:35:42 +00:00
cgd
4bbabd8e7a Rename a lot of process flags. 1994-05-04 03:41:12 +00:00