#
677b542e |
| 11-Jun-2003 |
David E. O'Brien <obrien@FreeBSD.org> |
Use __FBSDID().
|
Revision tags: release/5.1.0_cvs, release/5.1.0, release/4.8.0_cvs, release/4.8.0 |
|
#
6de61153 |
| 03-Mar-2003 |
Ruslan Ermilov <ru@FreeBSD.org> |
FreeBSD 5.0 has stopped shipping /modules 2.5 years ago. Catch up with this further by excluding /modules from the (default) kern.module_path.
|
#
a163d034 |
| 19-Feb-2003 |
Warner Losh <imp@FreeBSD.org> |
Back out M_* changes, per decision of the TRB.
Approved by: trb
|
#
44956c98 |
| 21-Jan-2003 |
Alfred Perlstein <alfred@FreeBSD.org> |
Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
|
#
7251b4bf |
| 21-Jan-2003 |
Jake Burkholder <jake@FreeBSD.org> |
Resolve relative relocations in klds before trying to parse the module's metadata. This fixes module dependency resolution by the kernel linker on sparc64, where the relocations for the metadata are
Resolve relative relocations in klds before trying to parse the module's metadata. This fixes module dependency resolution by the kernel linker on sparc64, where the relocations for the metadata are different than on other architectures; the relative offset is in the addend of an Elf_Rela record instead of the original value of the location being patched. Also fix printf formats in debug code.
Submitted by: Hartmut Brandt <brandt@fokus.gmd.de> PR: 46732 Tested on: alpha (obrien), i386, sparc64
show more ...
|
Revision tags: release/5.0.0_cvs, release/5.0.0 |
|
#
f97182ac |
| 14-Dec-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
unwrap lines made short enough by SCARGS removal
|
#
d1e405c5 |
| 14-Dec-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
SCARGS removal take II.
|
#
bc9e75d7 |
| 13-Dec-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
Backout removal SCARGS, the code freeze is only "selectively" over.
|
#
0bbe7292 |
| 13-Dec-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
Remove SCARGS.
Reviewed by: md5
|
#
a3df768b |
| 19-Nov-2002 |
Robert Watson <rwatson@FreeBSD.org> |
Merge kld access control checks from the MAC tree: these access control checks permit policy modules to augment the system policy for permitting kld operations. This permits policies to limit access
Merge kld access control checks from the MAC tree: these access control checks permit policy modules to augment the system policy for permitting kld operations. This permits policies to limit access to kld operations based on credential (and other) properties, as well as to perform checks on the kld being loaded (integrity, etc).
Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
show more ...
|
#
3b132a61 |
| 17-Oct-2002 |
Sam Leffler <sam@FreeBSD.org> |
fix kldload error return when a module is rejected because it's statically linked in the kernel. When this condition is detected deep in the linker internals the EEXIST error code that's returned is
fix kldload error return when a module is rejected because it's statically linked in the kernel. When this condition is detected deep in the linker internals the EEXIST error code that's returned is stomped on and instead an ENOEXEC code is returned. This makes apps like sysinstall bitch.
show more ...
|
#
7c61d785 |
| 15-Oct-2002 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Plug a memory-leak.
"I think you're right" by: jake
|
Revision tags: release/4.7.0_cvs |
|
#
9ca43589 |
| 15-Aug-2002 |
Robert Watson <rwatson@FreeBSD.org> |
In order to better support flexible and extensible access control, make a series of modifications to the credential arguments relating to file read and write operations to cliarfy which credential is
In order to better support flexible and extensible access control, make a series of modifications to the credential arguments relating to file read and write operations to cliarfy which credential is used for what:
- Change fo_read() and fo_write() to accept "active_cred" instead of "cred", and change the semantics of consumers of fo_read() and fo_write() to pass the active credential of the thread requesting an operation rather than the cached file cred. The cached file cred is still available in fo_read() and fo_write() consumers via fp->f_cred. These changes largely in sys_generic.c.
For each implementation of fo_read() and fo_write(), update cred usage to reflect this change and maintain current semantics:
- badfo_readwrite() unchanged - kqueue_read/write() unchanged pipe_read/write() now authorize MAC using active_cred rather than td->td_ucred - soo_read/write() unchanged - vn_read/write() now authorize MAC using active_cred but VOP_READ/WRITE() with fp->f_cred
Modify vn_rdwr() to accept two credential arguments instead of a single credential: active_cred and file_cred. Use active_cred for MAC authorization, and select a credential for use in VOP_READ/WRITE() based on whether file_cred is NULL or not. If file_cred is provided, authorize the VOP using that cred, otherwise the active credential, matching current semantics.
Modify current vn_rdwr() consumers to pass a file_cred if used in the context of a struct file, and to always pass active_cred. When vn_rdwr() is used without a file_cred, pass NOCRED.
These changes should maintain current semantics for read/write, but avoid a redundant passing of fp->f_cred, as well as making it more clear what the origin of each credential is in file descriptor read/write operations.
Follow-up commits will make similar changes to other file descriptor operations, and modify the MAC framework to pass both credentials to MAC policy modules so they can implement either semantic for revocation.
Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs
show more ...
|
Revision tags: release/4.6.2_cvs, release/4.6.2 |
|
#
f2b17113 |
| 02-Aug-2002 |
Maxime Henrion <mux@FreeBSD.org> |
Make the consumers of the linker_load_file() function use linker_load_module() instead.
This fixes a bug where the kernel was unable to properly locate and load a kernel module in vfs_mount() (and p
Make the consumers of the linker_load_file() function use linker_load_module() instead.
This fixes a bug where the kernel was unable to properly locate and load a kernel module in vfs_mount() (and probably in the netgraph code as well since it was using the same function). This is because the linker_load_file() does not properly search the module path.
Problem found by: peter Reviewed by: peter Thanks to: peter
show more ...
|
#
dcbe050b |
| 22-Jul-2002 |
Don Lewis <truckman@FreeBSD.org> |
Pre-wire the output buffer so that sysctl_kern_function_list() doesn't block in SYSCTL_OUT() while holding a lock.
|
Revision tags: release/4.6.1 |
|
#
31965a72 |
| 08-Jul-2002 |
Jeff Roberson <jeff@FreeBSD.org> |
- Delay unlocking a vnode in linker_hints_lookup until we're actually done with it. - Remove a now stale comment about improper vnode locking.
|
Revision tags: release/4.6.0_cvs |
|
#
2eb7b21b |
| 19-Jun-2002 |
Andrew R. Reiter <arr@FreeBSD.org> |
- Remove the lock(9) protecting the kernel linker system. - Added a mutex, kld_mtx, to protect the kernel_linker system. Note that while ``classes'' is global (to that file), it is only read only
- Remove the lock(9) protecting the kernel linker system. - Added a mutex, kld_mtx, to protect the kernel_linker system. Note that while ``classes'' is global (to that file), it is only read only after SI_SUB_KLD, SI_ORDER_ANY. - Add a SYSINIT to flip a flag that disallows class registration after SI_SUB_KLD, SI_ORDER_ANY.
Idea for ``classes'' read only by: jake Reviewed by: jake
show more ...
|
#
b94c4e9a |
| 26-Apr-2002 |
Brian Somers <brian@FreeBSD.org> |
Test if rootvnode is NULL rather than if rootdev is NODEV when determining if there's a filesystem present.
rootdev can be NODEV in the NFS-mounted root scenario.
Discussed with: Harti Brandt <bran
Test if rootvnode is NULL rather than if rootdev is NODEV when determining if there's a filesystem present.
rootdev can be NODEV in the NFS-mounted root scenario.
Discussed with: Harti Brandt <brandt@fokus.gmd.de>, iedowse
show more ...
|
#
f1e4a6e9 |
| 10-Apr-2002 |
Brian Somers <brian@FreeBSD.org> |
In linker_load_module(), check that rootdev != NODEV before calling linker_search_module().
Without this, modules loaded from loader.conf that then try to load in additional modules (such as digi.ko
In linker_load_module(), check that rootdev != NODEV before calling linker_search_module().
Without this, modules loaded from loader.conf that then try to load in additional modules (such as digi.ko loading a card's BIOS) die badly in the vn_open() called from linker_search_module().
It may be worth checking (KASSERTing?) that rootdev != NODEV in vn_open() too.
show more ...
|
#
96987c74 |
| 10-Apr-2002 |
Brian Somers <brian@FreeBSD.org> |
Change linker_reference_module() so that it's passed a struct mod_depend * (which may be NULL). The only consumer of this function at the moment is digi_loadmoduledata(), and that passes a NULL mod_
Change linker_reference_module() so that it's passed a struct mod_depend * (which may be NULL). The only consumer of this function at the moment is digi_loadmoduledata(), and that passes a NULL mod_depend *.
In linker_reference_module(), check to see if we've already got the required module loaded. If we have, bump the reference count and return that, otherwise continue the module search as normal.
show more ...
|
#
44731cab |
| 01-Apr-2002 |
John Baldwin <jhb@FreeBSD.org> |
Change the suser() API to take advantage of td_ucred as well as do a general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes
Change the suser() API to take advantage of td_ucred as well as do a general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes a thread pointer as its only argument. The td_ucred member of this thread must be valid so the only valid thread pointers are curthread and a few kernel threads such as thread0. The suser_cred() function takes a pointer to a struct ucred as its first argument and an integer flag as its second argument. The flag is currently only used for the PRISON_ROOT flag.
Discussed on: smp@
show more ...
|
#
517f30c2 |
| 25-Mar-2002 |
Andrew R. Reiter <arr@FreeBSD.org> |
- Recommit the securelevel_gt() calls removed by commits rev. 1.84 of kern_linker.c and rev. 1.237 of vfs_syscalls.c since these are not the source of the recent panics occuring around kldloading
- Recommit the securelevel_gt() calls removed by commits rev. 1.84 of kern_linker.c and rev. 1.237 of vfs_syscalls.c since these are not the source of the recent panics occuring around kldloading file system support modules.
Requested by: rwatson
show more ...
|
#
fe3240e9 |
| 22-Mar-2002 |
Andrew R. Reiter <arr@FreeBSD.org> |
- Back out the commit to make the linker_load_file() securelevel check made aware in jail environments. Supposedly something is broken, so this should be backed out until further investigation p
- Back out the commit to make the linker_load_file() securelevel check made aware in jail environments. Supposedly something is broken, so this should be backed out until further investigation proves otherwise, or a proper fix can be provided.
show more ...
|
#
e85b9ae9 |
| 21-Mar-2002 |
Andrew R. Reiter <arr@FreeBSD.org> |
- Fix a logic error in checking the securelevel that was introduced in the previous commit.
Pointy hats to: arr, rwatson
|
#
c457a440 |
| 20-Mar-2002 |
Andrew R. Reiter <arr@FreeBSD.org> |
- Change a check of securelevel to securelevel_gt() call in order to help against users within a jail attempting to load kernel modules. - Add a check of securelevel_gt() to vfs_mount() in order to
- Change a check of securelevel to securelevel_gt() call in order to help against users within a jail attempting to load kernel modules. - Add a check of securelevel_gt() to vfs_mount() in order to chop some low hanging fruit for the repair of securelevel checking of linking and unlinking files from within jails. There is more to be done here.
Reviewed by: rwatson
show more ...
|