#
95ee2897 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
sys: Remove $FreeBSD$: two-line .h pattern Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
|
#
7029da5c |
|
26-Feb-2020 |
Pawel Biernacki <kaktus@FreeBSD.org> |
Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) r357614 added CTLFLAG_NEEDGIANT to make it easier to find nodes that are still not MPSAFE (or already are but aren’t properly marked). Use it in preparation for a general review of all nodes. This is non-functional change that adds annotations to SYSCTL_NODE and SYSCTL_PROC nodes using one of the soon-to-be-required flags. Mark all obvious cases as MPSAFE. All entries that haven't been marked as MPSAFE before are by default marked as NEEDGIANT Approved by: kib (mentor, blanket) Commented by: kib, gallatin, melifaro Differential Revision: https://reviews.freebsd.org/D23718
|
#
cc426dd3 |
|
11-Dec-2018 |
Mateusz Guzik <mjg@FreeBSD.org> |
Remove unused argument to priv_check_cred. Patch mostly generated with cocinnelle: @@ expression E1,E2; @@ - priv_check_cred(E1,E2,0) + priv_check_cred(E1,E2) Sponsored by: The FreeBSD Foundation
|
#
df850530 |
|
25-Feb-2018 |
Eugene Grosbein <eugen@FreeBSD.org> |
mac_portacl(4): stop panicing INVARIANTS-enabled kernel by loading .ko when kernel already has options MAC_PORTACL. PR: 183817 Approved by: avg (mentor) MFC after: 1 week
|
#
af3b2549 |
|
27-Jun-2014 |
Hans Petter Selasky <hselasky@FreeBSD.org> |
Pull in r267961 and r267973 again. Fix for issues reported will follow.
|
#
37a107a4 |
|
27-Jun-2014 |
Glen Barber <gjb@FreeBSD.org> |
Revert r267961, r267973: These changes prevent sysctl(8) from returning proper output, such as: 1) no output from sysctl(8) 2) erroneously returning ENOMEM with tools like truss(1) or uname(1) truss: can not get etype: Cannot allocate memory
|
#
3da1cf1e |
|
27-Jun-2014 |
Hans Petter Selasky <hselasky@FreeBSD.org> |
Extend the meaning of the CTLFLAG_TUN flag to automatically check if there is an environment variable which shall initialize the SYSCTL during early boot. This works for all SYSCTL types both statically and dynamically created ones, except for the SYSCTL NODE type and SYSCTLs which belong to VNETs. A new flag, CTLFLAG_NOFETCH, has been added to be used in the case a tunable sysctl has a custom initialisation function allowing the sysctl to still be marked as a tunable. The kernel SYSCTL API is mostly the same, with a few exceptions for some special operations like iterating childrens of a static/extern SYSCTL node. This operation should probably be made into a factored out common macro, hence some device drivers use this. The reason for changing the SYSCTL API was the need for a SYSCTL parent OID pointer and not only the SYSCTL parent OID list pointer in order to quickly generate the sysctl path. The motivation behind this patch is to avoid parameter loading cludges inside the OFED driver subsystem. Instead of adding special code to the OFED driver subsystem to post-load tunables into dynamically created sysctls, we generalize this in the kernel. Other changes: - Corrected a possibly incorrect sysctl name from "hw.cbb.intr_mask" to "hw.pcic.intr_mask". - Removed redundant TUNABLE statements throughout the kernel. - Some minor code rewrites in connection to removing not needed TUNABLE statements. - Added a missing SYSCTL_DECL(). - Wrapped two very long lines. - Avoid malloc()/free() inside sysctl string handling, in case it is called to initialize a sysctl from a tunable, hence malloc()/free() is not ready when sysctls from the sysctl dataset are registered. - Bumped FreeBSD version to indicate SYSCTL API change. MFC after: 2 weeks Sponsored by: Mellanox Technologies
|
#
6472ac3d |
|
07-Nov-2011 |
Ed Schouten <ed@FreeBSD.org> |
Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs. The SYSCTL_NODE macro defines a list that stores all child-elements of that node. If there's no SYSCTL_DECL macro anywhere else, there's no reason why it shouldn't be static.
|
#
d745c852 |
|
06-Nov-2011 |
Ed Schouten <ed@FreeBSD.org> |
Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs. This means that their use is restricted to a single C file.
|
#
b1ce21c6 |
|
09-Nov-2010 |
Rebecca Cran <brucec@FreeBSD.org> |
Fix typos. PR: bin/148894 Submitted by: olgeni
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
a3ce3b6d |
|
14-Mar-2009 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
- Correct logic in if statement - we want to allocate temporary buffer when someone is passing new rules, not when he only want to read them. Because of this bug, even if the given rules were incorrect, they ended up in rule_string. - Add missing protection for rule_string when coping it. Reviewed by: rwatson MFC after: 1 week
|
#
9162f64b |
|
10-Jan-2009 |
Robert Watson <rwatson@FreeBSD.org> |
Rather than having MAC policies explicitly declare what object types they label, derive that information implicitly from the set of label initializers in their policy operations set. This avoids a possible class of programmer errors, while retaining the structure that allows us to avoid allocating labels for objects that don't need them. As before, we regenerate a global mask of labeled objects each time a policy is loaded or unloaded, stored in mac_labeled. Discussed with: csjp Suggested by: Jacques Vidrine <nectar at apple.com> Obtained from: TrustedBSD Project Sponsored by: Apple, Inc.
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
6356dba0 |
|
23-Aug-2008 |
Robert Watson <rwatson@FreeBSD.org> |
Introduce two related changes to the TrustedBSD MAC Framework: (1) Abstract interpreter vnode labeling in execve(2) and mac_execve(2) so that the general exec code isn't aware of the details of allocating, copying, and freeing labels, rather, simply passes in a void pointer to start and stop functions that will be used by the framework. This change will be MFC'd. (2) Introduce a new flags field to the MAC_POLICY_SET(9) interface allowing policies to declare which types of objects require label allocation, initialization, and destruction, and define a set of flags covering various supported object types (MPC_OBJECT_PROC, MPC_OBJECT_VNODE, MPC_OBJECT_INPCB, ...). This change reduces the overhead of compiling the MAC Framework into the kernel if policies aren't loaded, or if policies require labels on only a small number or even no object types. Each time a policy is loaded or unloaded, we recalculate a mask of labeled object types across all policies present in the system. Eliminate MAC_ALWAYS_LABEL_MBUF option as it is no longer required. MFC after: 1 week ((1) only) Reviewed by: csjp Obtained from: TrustedBSD Project Sponsored by: Apple, Inc.
|
#
2616144e |
|
09-Aug-2008 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Add sbuf_new_auto as a shortcut for the very common case of creating a completely dynamic sbuf. Obtained from: Varnish MFC after: 2 weeks
|
#
3f1a7a90 |
|
25-Oct-2007 |
Robert Watson <rwatson@FreeBSD.org> |
Consistently name functions for mac_<policy> as <policy>_whatever rather than mac_<policy>_whatever, as this shortens the names and makes the code a bit easier to read. When dealing with label structures, name variables 'mb', 'ml', 'mm rather than the longer 'mac_biba', 'mac_lomac', and 'mac_mls', likewise making the code a little easier to read. Obtained from: TrustedBSD Project
|
#
30d239bc |
|
24-Oct-2007 |
Robert Watson <rwatson@FreeBSD.org> |
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
|
#
32f9753c |
|
11-Jun-2007 |
Robert Watson <rwatson@FreeBSD.org> |
Eliminate now-unused SUSER_ALLOWJAIL arguments to priv_check_cred(); in some cases, move to priv_check() if it was an operation on a thread and no other flags were present. Eliminate caller-side jail exception checking (also now-unused); jail privilege exception code now goes solely in kern_jail.c. We can't yet eliminate suser() due to some cases in the KAME code where a privilege check is performed and then used in many different deferred paths. Do, however, move those prototypes to priv.h. Reviewed by: csjp Obtained from: TrustedBSD Project
|
#
78007886 |
|
23-Apr-2007 |
Robert Watson <rwatson@FreeBSD.org> |
Apply variable name normalization to MAC policies: adopt global conventions for the naming of variables associated with specific data structures. Obtained from: TrustedBSD Project
|
#
7405fcc3 |
|
23-Feb-2007 |
Robert Watson <rwatson@FreeBSD.org> |
More unnecessary include reduction.
|
#
c96ae196 |
|
06-Feb-2007 |
Robert Watson <rwatson@FreeBSD.org> |
Continue 7-CURRENT MAC Framework rearrangement and cleanup: Don't perform a nested include of _label.h in mac.h, as mac.h now describes only the user API to MAC, and _label.h defines the in-kernel representation of MAC labels. Remove mac.h includes from policies and MAC framework components that do not use userspace MAC API definitions. Add _KERNEL inclusion checks to mac_internal.h and mac_policy.h, as these are kernel-only include files Obtained from: TrustedBSD Project
|
#
0efd6615 |
|
22-Dec-2006 |
Robert Watson <rwatson@FreeBSD.org> |
Move src/sys/sys/mac_policy.h, the kernel interface between the MAC Framework and security modules, to src/sys/security/mac/mac_policy.h, completing the removal of kernel-only MAC Framework include files from src/sys/sys. Update the MAC Framework and MAC policy modules. Delete the old mac_policy.h. Third party policy modules will need similar updating. Obtained from: TrustedBSD Project
|
#
acd3428b |
|
06-Nov-2006 |
Robert Watson <rwatson@FreeBSD.org> |
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
|
#
d7dd2bd6 |
|
10-Oct-2006 |
Robert Watson <rwatson@FreeBSD.org> |
Do allow jailed superuser to override the port ACL. MFC after: 3 days Submitted by: Michal Mertl <mime at traveller dot cz>
|
#
5bb84bc8 |
|
31-Oct-2005 |
Robert Watson <rwatson@FreeBSD.org> |
Normalize a significant number of kernel malloc type names: - Prefer '_' to ' ', as it results in more easily parsed results in memory monitoring tools such as vmstat. - Remove punctuation that is incompatible with using memory type names as file names, such as '/' characters. - Disambiguate some collisions by adding subsystem prefixes to some memory types. - Generally prefer lower case to upper case. - If the same type is defined in multiple architecture directories, attempt to use the same name in additional cases. Not all instances were caught in this change, so more work is required to finish this conversion. Similar changes are required for UMA zone names.
|
#
0d74c186 |
|
08-Dec-2004 |
Robert Watson <rwatson@FreeBSD.org> |
Add a new sysctl/tunable to mac_portacl: security.mac.portacl.autoport_exempt This sysctl exempts to bind port '0' as long as IP_PORTRANGELOW hasn't been set on the socket. This is quite useful as it allows applications to use automatic binding without adding overly broad rules for the binding of port 0. This sysctl defaults to enabled. This is a slight variation on the patch submitted by the contributor. MFC after: 2 weeks Submitted by: Michal Mertl <mime at traveller dot cz>
|
#
d461245f |
|
06-Dec-2004 |
Robert Watson <rwatson@FreeBSD.org> |
Switch from using an sx lock to a mutex for the mac_portacl rule chain: the sx lock was used previously because we might sleep allocating additional memory by using auto-extending sbufs. However, we no longer do this, instead retaining the user-submitted rule string, so mutexes can be used instead. Annotate the reason for not using the sbuf-related rule-to-string code with a comment. Switch to using TAILQ_CONCAT() instead of manual list copying, as it's O(1), reducing the rule replacement step under the mutex from O(2N) to O(2). Remove now uneeded vnode-related includes. MFC after: 2 weeks
|
#
2b8b4f37 |
|
15-May-2004 |
Colin Percival <cperciva@FreeBSD.org> |
Remove dead code. (This loop counted the number of rules, but the count was never used.) Reported by: pjd Approved by: rwatson
|
#
be057190 |
|
20-Jan-2004 |
Robert Watson <rwatson@FreeBSD.org> |
Pay attention to mac_portacl_enabled. Submitted by: simon
|
#
b4b138c2 |
|
18-Mar-2003 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Including <sys/stdint.h> is (almost?) universally only to be able to use %j in printfs, so put a newsted include in <sys/systm.h> where the printf prototype lives and save everybody else the trouble.
|
#
46300030 |
|
11-Mar-2003 |
Alexander Kabaev <kan@FreeBSD.org> |
Do not depend on namespace pollution, explicitly include sys/sx.h
|
#
03d03162 |
|
02-Mar-2003 |
Robert Watson <rwatson@FreeBSD.org> |
A cute yet small MAC policy that provides a simple ACL mechanism to permit users and groups to bind ports for TCP or UDP, and is intended to be combined with the recently committed support for net.inet.ip.portrange.reservedhigh. The policy is twiddled using sysctl(8). To use this module, you will need to compile in MAC support, and probably set reservedhigh to 0, then twiddle security.mac.portacl.rules to set things as desired. This policy module only restricts ports explicitly bound using bind(), not implicitly bound ports where the port number is selected by the IP stack. It appears to work properly in my local configuration, but needs more broad testing. A sample policy might be: # sysctl security.mac.portacl.rules="uid:425:tcp:80,uid:425:tcp:79" This permits uid 425 to bind TCP sockets to ports 79 and 80. Currently no distinction is made for incoming vs. outgoing ports with TCP, although that would probably be easy to add. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|