PERFORCE change 36710 for review
Marcel Moolenaar
marcel at FreeBSD.org
Fri Aug 22 15:27:08 PDT 2003
http://perforce.freebsd.org/chv.cgi?CH=36710
Change 36710 by marcel at marcel_nfs on 2003/08/22 15:26:16
IFC @36700
Affected files ...
.. //depot/projects/ia64/lib/libc/posix1e/mac.c#5 integrate
.. //depot/projects/ia64/lib/libc/posix1e/mac_free.3#5 integrate
.. //depot/projects/ia64/lib/libc/posix1e/mac_get.3#5 integrate
.. //depot/projects/ia64/lib/libc/posix1e/mac_is_present_np.3#5 integrate
.. //depot/projects/ia64/lib/libc/posix1e/mac_prepare.3#4 integrate
.. //depot/projects/ia64/lib/libc/posix1e/mac_set.3#7 integrate
.. //depot/projects/ia64/lib/libc/posix1e/mac_text.3#7 integrate
.. //depot/projects/ia64/release/doc/en_US.ISO8859-1/hardware/common/dev.sgml#64 integrate
.. //depot/projects/ia64/sbin/rtsol/Makefile#4 integrate
.. //depot/projects/ia64/share/man/man7/development.7#4 integrate
.. //depot/projects/ia64/sys/amd64/pci/pci_bus.c#3 integrate
.. //depot/projects/ia64/sys/cam/scsi/scsi_da.c#50 integrate
.. //depot/projects/ia64/sys/conf/kern.pre.mk#23 integrate
.. //depot/projects/ia64/sys/conf/kmod.mk#25 integrate
.. //depot/projects/ia64/sys/contrib/dev/oltr/if_oltr.c#8 integrate
.. //depot/projects/ia64/sys/dev/firewire/firewire.c#36 integrate
.. //depot/projects/ia64/sys/dev/firewire/fwohci.c#34 integrate
.. //depot/projects/ia64/sys/dev/firewire/fwohci_pci.c#24 integrate
.. //depot/projects/ia64/sys/dev/hea/eni.h#7 integrate
.. //depot/projects/ia64/sys/dev/lge/if_lge.c#14 integrate
.. //depot/projects/ia64/sys/dev/lmc/if_lmc.c#8 integrate
.. //depot/projects/ia64/sys/dev/lnc/if_lnc_pci.c#5 integrate
.. //depot/projects/ia64/sys/dev/pccbb/pccbb.c#36 integrate
.. //depot/projects/ia64/sys/dev/pccbb/pccbbdevid.h#8 integrate
.. //depot/projects/ia64/sys/fs/specfs/spec_vnops.c#22 integrate
.. //depot/projects/ia64/sys/geom/geom_ccd.c#5 integrate
.. //depot/projects/ia64/sys/geom/geom_subr.c#33 integrate
.. //depot/projects/ia64/sys/i4b/capi/iavc/iavc_pci.c#8 integrate
.. //depot/projects/ia64/sys/i4b/layer1/ifpi/i4b_ifpi_pci.c#8 integrate
.. //depot/projects/ia64/sys/i4b/layer1/ifpi2/i4b_ifpi2_pci.c#10 integrate
.. //depot/projects/ia64/sys/i4b/layer1/isic/i4b_elsa_qs1p.c#5 integrate
.. //depot/projects/ia64/sys/i4b/layer1/itjc/i4b_itjc_pci.c#11 integrate
.. //depot/projects/ia64/sys/i4b/layer1/iwic/i4b_iwic_pci.c#5 integrate
.. //depot/projects/ia64/sys/powerpc/ofw/ofw_pcib_pci.c#2 integrate
.. //depot/projects/ia64/sys/security/mac_test/mac_test.c#13 integrate
.. //depot/projects/ia64/sys/sparc64/ebus/ebus.c#10 integrate
.. //depot/projects/ia64/sys/sparc64/isa/isa.c#9 integrate
.. //depot/projects/ia64/sys/sparc64/isa/ofw_isa.c#5 integrate
.. //depot/projects/ia64/sys/sparc64/pci/apb.c#6 integrate
.. //depot/projects/ia64/sys/sparc64/pci/ofw_pci.c#13 integrate
.. //depot/projects/ia64/sys/sparc64/pci/ofw_pcib.c#2 integrate
.. //depot/projects/ia64/sys/sparc64/pci/ofw_pcib_subr.c#2 integrate
.. //depot/projects/ia64/sys/sparc64/pci/ofw_pcibus.c#2 integrate
.. //depot/projects/ia64/sys/sparc64/pci/psycho.c#29 integrate
.. //depot/projects/ia64/sys/sparc64/sbus/sbus.c#18 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/cache.c#12 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/cheetah.c#4 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/db_hwwatch.c#5 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/db_trace.c#9 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/dump_machdep.c#6 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/identcpu.c#8 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/intr_machdep.c#11 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/mem.c#8 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/mp_machdep.c#17 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/nexus.c#7 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/ofw_bus.c#8 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/spitfire.c#4 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/sys_machdep.c#7 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/tick.c#11 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/tlb.c#8 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/trap.c#30 integrate
.. //depot/projects/ia64/sys/sparc64/sparc64/tsb.c#16 integrate
.. //depot/projects/ia64/sys/sys/mac.h#18 integrate
.. //depot/projects/ia64/usr.bin/chat/chat.c#5 integrate
.. //depot/projects/ia64/usr.bin/getconf/confstr.gperf#5 integrate
.. //depot/projects/ia64/usr.bin/getconf/fake-gperf.awk#2 integrate
.. //depot/projects/ia64/usr.bin/getconf/getconf.c#8 integrate
.. //depot/projects/ia64/usr.bin/getconf/limits.gperf#2 integrate
.. //depot/projects/ia64/usr.bin/getconf/pathconf.gperf#4 integrate
.. //depot/projects/ia64/usr.bin/getconf/progenv.gperf#2 integrate
.. //depot/projects/ia64/usr.bin/getconf/sysconf.gperf#5 integrate
.. //depot/projects/ia64/usr.bin/mkstr/mkstr.1#5 integrate
Differences ...
==== //depot/projects/ia64/lib/libc/posix1e/mac.c#5 (text+ko) ====
@@ -1,6 +1,6 @@
/*
* Copyright (c) 1999, 2000, 2001, 2002 Robert N. M. Watson
- * Copyright (c) 2002 Networks Associates Technology, Inc.
+ * Copyright (c) 2002, 2003 Networks Associates Technology, Inc.
* All rights reserved.
*
* This software was developed by Robert Watson for the TrustedBSD Project.
@@ -31,7 +31,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/lib/libc/posix1e/mac.c,v 1.5 2003/02/18 13:39:52 nectar Exp $
+ * $FreeBSD: src/lib/libc/posix1e/mac.c,v 1.7 2003/08/22 17:49:59 rwatson Exp $
*/
#include <sys/types.h>
@@ -49,123 +49,211 @@
static int internal_initialized;
-/* Default sets of labels for various query operations. */
-static char *default_file_labels;
-static char *default_ifnet_labels;
-static char *default_process_labels;
+/*
+ * Maintain a list of default label preparations for various object
+ * types. Each name will appear only once in the list.
+ *
+ * XXXMAC: Not thread-safe.
+ */
+LIST_HEAD(, label_default) label_default_head;
+struct label_default {
+ char *ld_name;
+ char *ld_labels;
+ LIST_ENTRY(label_default) ld_entries;
+};
static void
mac_destroy_labels(void)
{
+ struct label_default *ld;
+
+ while ((ld = LIST_FIRST(&label_default_head))) {
+ free(ld->ld_name);
+ free(ld->ld_labels);
+ LIST_REMOVE(ld, ld_entries);
+ free(ld);
+ }
+}
+
+static void
+mac_destroy_internal(void)
+{
+
+ mac_destroy_labels();
+
+ internal_initialized = 0;
+}
+
+static int
+mac_add_type(const char *name, const char *labels)
+{
+ struct label_default *ld, *ld_new;
+ char *name_dup, *labels_dup;
- if (default_file_labels != NULL) {
- free(default_file_labels);
- default_file_labels = NULL;
+ /*
+ * Speculatively allocate all the memory now to avoid allocating
+ * later when we will someday hold a mutex.
+ */
+ name_dup = strdup(name);
+ if (name_dup == NULL) {
+ errno = ENOMEM;
+ return (-1);
+ }
+ labels_dup = strdup(labels);
+ if (labels_dup == NULL) {
+ free(name_dup);
+ errno = ENOMEM;
+ return (-1);
+ }
+ ld_new = malloc(sizeof(*ld));
+ if (ld_new == NULL) {
+ free(name_dup);
+ free(labels_dup);
+ errno = ENOMEM;
+ return (-1);
}
- if (default_ifnet_labels != NULL) {
- free(default_ifnet_labels);
- default_ifnet_labels = NULL;
+ /*
+ * If the type is already present, replace the current entry
+ * rather than add a new instance.
+ */
+ for (ld = LIST_FIRST(&label_default_head); ld != NULL;
+ ld = LIST_NEXT(ld, ld_entries)) {
+ if (strcmp(name, ld->ld_name) == 0)
+ break;
}
- if (default_process_labels != NULL) {
- free(default_process_labels);
- default_process_labels = NULL;
+ if (ld != NULL) {
+ free(ld->ld_labels);
+ ld->ld_labels = labels_dup;
+ labels_dup = NULL;
+ } else {
+ ld = ld_new;
+ ld->ld_name = name_dup;
+ ld->ld_labels = labels_dup;
+
+ ld_new = NULL;
+ name_dup = NULL;
+ labels_dup = NULL;
+
+ LIST_INSERT_HEAD(&label_default_head, ld, ld_entries);
}
+
+ if (name_dup != NULL)
+ free(name_dup);
+ if (labels_dup != NULL)
+ free(labels_dup);
+ if (ld_new != NULL)
+ free(ld_new);
+
+ return (0);
}
-static void
-mac_destroy_internal(void)
+static char *
+next_token(char **string)
{
+ char *token;
- mac_destroy_labels();
+ token = strsep(string, " \t");
+ while (token != NULL && *token == '\0')
+ token = strsep(string, " \t");
- internal_initialized = 0;
+ return (token);
}
static int
-mac_init_internal(void)
+mac_init_internal(int ignore_errors)
{
+ const char *filename;
+ char line[LINE_MAX];
FILE *file;
- char line[LINE_MAX];
int error;
error = 0;
- file = fopen(MAC_CONFFILE, "r");
+ LIST_INIT(&label_default_head);
+
+ if (!issetugid() && getenv("MAC_CONFFILE") != NULL)
+ filename = getenv("MAC_CONFFILE");
+ else
+ filename = MAC_CONFFILE;
+ file = fopen(filename, "r");
if (file == NULL)
return (0);
while (fgets(line, LINE_MAX, file)) {
- char *arg, *parse, *statement;
+ char *arg, *comment, *parse, *statement;
if (line[strlen(line)-1] == '\n')
line[strlen(line)-1] = '\0';
else {
+ if (ignore_errors)
+ continue;
fclose(file);
error = EINVAL;
goto just_return;
}
- parse = line;
- statement = "";
- while (parse && statement[0] == '\0')
- statement = strsep(&parse, " \t");
+ /* Remove any comment. */
+ comment = line;
+ parse = strsep(&comment, "#");
- /* Blank lines ok. */
- if (strlen(statement) == 0)
+ /* Blank lines OK. */
+ statement = next_token(&parse);
+ if (statement == NULL)
continue;
- /* Lines that consist only of comments ok. */
- if (statement[0] == '#')
- continue;
+ if (strcmp(statement, "default_labels") == 0) {
+ char *name, *labels;
- if (strcmp(statement, "default_file_labels") == 0) {
- if (default_file_labels != NULL) {
- free(default_file_labels);
- default_file_labels = NULL;
+ name = next_token(&parse);
+ labels = next_token(&parse);
+ if (name == NULL || labels == NULL ||
+ next_token(&parse) != NULL) {
+ if (ignore_errors)
+ continue;
+ error = EINVAL;
+ fclose(file);
+ goto just_return;
}
- arg = strsep(&parse, "# \t");
- if (arg != NULL && arg[0] != '\0') {
- default_file_labels = strdup(arg);
- if (default_file_labels == NULL) {
- error = ENOMEM;
- fclose(file);
- goto just_return;
- }
+ if (mac_add_type(name, labels) == -1) {
+ if (ignore_errors)
+ continue;
+ fclose(file);
+ goto just_return;
}
- } else if (strcmp(statement, "default_ifnet_labels") == 0) {
- if (default_ifnet_labels != NULL) {
- free(default_ifnet_labels);
- default_ifnet_labels = NULL;
- }
+ } else if (strcmp(statement, "default_ifnet_labels") == 0 ||
+ strcmp(statement, "default_file_labels") == 0 ||
+ strcmp(statement, "default_process_labels") == 0) {
+ char *labels, *type;
+
+ if (strcmp(statement, "default_ifnet_labels") == 0)
+ type = "ifnet";
+ else if (strcmp(statement, "default_file_labels") == 0)
+ type = "file";
+ else if (strcmp(statement, "default_process_labels") ==
+ 0)
+ type = "process";
- arg = strsep(&parse, "# \t");
- if (arg != NULL && arg[0] != '\0') {
- default_ifnet_labels = strdup(arg);
- if (default_ifnet_labels == NULL) {
- error = ENOMEM;
- fclose(file);
- goto just_return;
- }
+ labels = next_token(&parse);
+ if (labels == NULL || next_token(&parse) != NULL) {
+ if (ignore_errors)
+ continue;
+ error = EINVAL;
+ fclose(file);
+ goto just_return;
}
- } else if (strcmp(statement, "default_process_labels") == 0) {
- if (default_process_labels != NULL) {
- free(default_process_labels);
- default_process_labels = NULL;
- }
- arg = strsep(&parse, "# \t");
- if (arg != NULL && arg[0] != '\0') {
- default_process_labels = strdup(arg);
- if (default_process_labels == NULL) {
- error = ENOMEM;
- fclose(file);
- goto just_return;
- }
+ if (mac_add_type(type, labels) == -1) {
+ if (ignore_errors)
+ continue;
+ fclose(file);
+ goto just_return;
}
} else {
+ if (ignore_errors)
+ continue;
fclose(file);
error = EINVAL;
goto just_return;
@@ -187,7 +275,7 @@
{
if (!internal_initialized)
- return (mac_init_internal());
+ return (mac_init_internal(1));
else
return (0);
}
@@ -198,7 +286,7 @@
if (internal_initialized)
mac_destroy_internal();
- return (mac_init_internal());
+ return (mac_init_internal(0));
}
int
@@ -243,7 +331,7 @@
}
int
-mac_prepare(struct mac **mac, char *elements)
+mac_prepare(struct mac **mac, const char *elements)
{
if (strlen(elements) >= MAC_MAX_LABEL_BUF_LEN)
@@ -267,6 +355,32 @@
}
int
+mac_prepare_type(struct mac **mac, const char *name)
+{
+ struct label_default *ld;
+
+ for (ld = LIST_FIRST(&label_default_head); ld != NULL;
+ ld = LIST_NEXT(ld, ld_entries)) {
+ if (strcmp(name, ld->ld_name) == 0)
+ return (mac_prepare(mac, ld->ld_labels));
+ }
+
+ return (ENOENT); /* XXXMAC: ENOLABEL */
+}
+
+int
+mac_prepare_ifnet_label(struct mac **mac)
+{
+ int error;
+
+ error = mac_maybe_init_internal();
+ if (error != 0)
+ return (error);
+
+ return (mac_prepare_type(mac, "ifnet"));
+}
+
+int
mac_prepare_file_label(struct mac **mac)
{
int error;
@@ -275,14 +389,11 @@
if (error != 0)
return (error);
- if (default_file_labels == NULL)
- return (mac_prepare(mac, ""));
-
- return (mac_prepare(mac, default_file_labels));
+ return (mac_prepare_type(mac, "file"));
}
int
-mac_prepare_ifnet_label(struct mac **mac)
+mac_prepare_packet_label(struct mac **mac)
{
int error;
@@ -290,11 +401,9 @@
if (error != 0)
return (error);
- if (default_ifnet_labels == NULL)
- return (mac_prepare(mac, ""));
+ return (mac_prepare_type(mac, "packet"));
+}
- return (mac_prepare(mac, default_ifnet_labels));
-}
int
mac_prepare_process_label(struct mac **mac)
{
@@ -304,10 +413,7 @@
if (error != 0)
return (error);
- if (default_process_labels == NULL)
- return (mac_prepare(mac, ""));
-
- return (mac_prepare(mac, default_process_labels));
+ return (mac_prepare_type(mac, "process"));
}
/*
==== //depot/projects/ia64/lib/libc/posix1e/mac_free.3#5 (text+ko) ====
@@ -31,7 +31,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/lib/libc/posix1e/mac_free.3,v 1.5 2003/01/15 03:03:05 chris Exp $
+.\" $FreeBSD: src/lib/libc/posix1e/mac_free.3,v 1.6 2003/08/22 18:01:03 rwatson Exp $
.\"
.Dd December 21, 2001
.Dt MAC_FREE 3
@@ -74,6 +74,12 @@
.Fx
POSIX.1e implementation page
for more information.
+.Sh HISTORY
+Support for Mandatory Access Control was introduced in
+.Fx 5.0
+as part of the
+.Tn TrustedBSD
+Project.
.Sh BUGS
POSIX.1e specifies that
.Fn mac_free
==== //depot/projects/ia64/lib/libc/posix1e/mac_get.3#5 (text+ko) ====
@@ -28,7 +28,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/lib/libc/posix1e/mac_get.3,v 1.5 2003/01/15 03:03:05 chris Exp $
+.\" $FreeBSD: src/lib/libc/posix1e/mac_get.3,v 1.6 2003/08/22 18:01:03 rwatson Exp $
.\"
.Dd December 21, 2001
.Dt MAC_GET 3
@@ -123,3 +123,9 @@
.Fx
POSIX.1e implementation page
for more information.
+.Sh HISTORY
+Support for Mandatory Access Control was introduced in
+.Fx 5.0
+as part of the
+.Tn TrustedBSD
+Project.
==== //depot/projects/ia64/lib/libc/posix1e/mac_is_present_np.3#5 (text+ko) ====
@@ -28,7 +28,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/lib/libc/posix1e/mac_is_present_np.3,v 1.5 2003/01/15 03:03:05 chris Exp $
+.\" $FreeBSD: src/lib/libc/posix1e/mac_is_present_np.3,v 1.6 2003/08/22 18:01:03 rwatson Exp $
.\"
.Dd January 9, 2002
.Dt MAC_IS_PRESENT_NP 3
@@ -79,3 +79,9 @@
.Xr mac_text 3 ,
.Xr mac 4 ,
.Xr mac 9
+.Sh HISTORY
+Support for Mandatory Access Control was introduced in
+.Fx 5.0
+as part of the
+.Tn TrustedBSD
+Project.
==== //depot/projects/ia64/lib/libc/posix1e/mac_prepare.3#4 (text+ko) ====
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2002 Networks Associates Technology, Inc.
+.\" Copyright (c) 2002, 2003 Networks Associates Technology, Inc.
.\" All rights reserved.
.\"
.\" This software was developed for the FreeBSD Project by Chris
@@ -28,20 +28,22 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/lib/libc/posix1e/mac_prepare.3,v 1.3 2003/04/20 04:43:56 rwatson Exp $
+.\" $FreeBSD: src/lib/libc/posix1e/mac_prepare.3,v 1.4 2003/08/22 17:58:38 rwatson Exp $
.\"
-.Dd December 12, 2002
+.Dd August 22, 2003
.Os
.Dt MAC_PREPARE 3
.Sh NAME
-.Nm mac_prepare , mac_prepare_file_label ,
+.Nm mac_prepare , mac_prepare_type , mac_prepare_file_label ,
.Nm mac_prepare_ifnet_label , mac_prepare_process_label
.Nd allocate appropriate storage for
.Vt mac_t
.Sh SYNOPSIS
.In sys/mac.h
.Ft int
-.Fn mac_prepare "mac_t *mac" "char *elements"
+.Fn mac_prepare "mac_t *mac" "const char *elements"
+.Ft int
+.Fn mac_prepare_type "mac_t *mac" "const char *name"
.Ft int
.Fn mac_prepare_file_label "mac_t *mac"
.Ft int
@@ -55,21 +57,46 @@
.Fa *mac
for use by
.Xr mac_get 3 .
+When the resulting label is passed into the
+.Xr mac_get 3
+functions, the kernel will attempt to fill in the label elements specified
+when the label was prepared.
+Elements are specified in a nul-terminate string, using commas to
+delimit fields.
+Element names may be prefixed with the
+.Dv ?
+character to indicate that a failure by the kernel to retrieve that
+element should not be considered fatal.
.Pp
The
.Fn mac_prepare
function accepts a list of policy names as a parameter, and allocates the
storage to fit those label elements accordingly.
+The remaining functions in the family make use of system defaults defined
+in
+.Xr mac.conf 5
+instead of an explicit
+.Va elements
+argument, deriving the default from the specified object type.
.Pp
+.Fn mac_prepare_type
+allocates the storage to fit an object label of the type specified by
+the
+.Va name
+argument.
The
.Fn mac_prepare_file_label ,
.Fn mac_prepare_ifnet_label ,
and
.Fn mac_prepare_process_label
-functions allocate the storage to fit file, network interface,
-and process labels, respectively.
-The default label elements employed by these APIs is configured in
-.Xr mac.conf 5 .
+functions are equivilent to invocations of
+.Fn mac_prepare_type
+with arguments of
+.Qq file ,
+.Qq ifnet ,
+and
+.Qq process
+respectively.
.Sh RETURN VALUES
.Rv -std
.Sh SEE ALSO
@@ -89,3 +116,11 @@
.Fx
POSIX.1e implementation page
for more information.
+.Sh HISTORY
+Support for Mandatory Access Control was introduced in
+.Fx 5.0
+as part of the
+.Tn TrustedBSD
+Project.
+Support for generic object types first appeared in
+.Fx 5.2 .
==== //depot/projects/ia64/lib/libc/posix1e/mac_set.3#7 (text+ko) ====
@@ -28,7 +28,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/lib/libc/posix1e/mac_set.3,v 1.8 2003/01/15 03:02:30 chris Exp $
+.\" $FreeBSD: src/lib/libc/posix1e/mac_set.3,v 1.9 2003/08/22 18:01:03 rwatson Exp $
.\"
.Dd January 14, 2003
.Dt MAC_SET 3
@@ -138,3 +138,9 @@
.Xr mac_text 3 ,
.Xr mac 4 ,
.Xr mac 9
+.Sh HISTORY
+Support for Mandatory Access Control was introduced in
+.Fx 5.0
+as part of the
+.Tn TrustedBSD
+Project.
==== //depot/projects/ia64/lib/libc/posix1e/mac_text.3#7 (text+ko) ====
@@ -28,7 +28,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.\" $FreeBSD: src/lib/libc/posix1e/mac_text.3,v 1.8 2003/01/15 03:01:45 chris Exp $
+.\" $FreeBSD: src/lib/libc/posix1e/mac_text.3,v 1.9 2003/08/22 18:01:03 rwatson Exp $
.\"
.Dd December 21, 2001
.Dt MAC_TEXT 3
@@ -95,3 +95,9 @@
.Fx
POSIX.1e implementation page
for more information.
+.Sh HISTORY
+Support for Mandatory Access Control was introduced in
+.Fx 5.0
+as part of the
+.Tn TrustedBSD
+Project.
==== //depot/projects/ia64/release/doc/en_US.ISO8859-1/hardware/common/dev.sgml#64 (text+ko) ====
@@ -31,7 +31,7 @@
<sect1 id="support">
<sect1info>
- <pubdate>$FreeBSD: src/release/doc/en_US.ISO8859-1/hardware/common/dev.sgml,v 1.173 2003/08/21 21:49:09 bmah Exp $</pubdate>
+ <pubdate>$FreeBSD: src/release/doc/en_US.ISO8859-1/hardware/common/dev.sgml,v 1.174 2003/08/22 17:36:14 bmah Exp $</pubdate>
</sect1info>
<title>Supported Devices</title>
@@ -1961,10 +1961,10 @@
</note>
</para>
- <para arch="sparc64">Sun HME and QFE Ethernet NICs (hme driver)</para>
+ <para arch="sparc64">Sun HME and QFE Ethernet NICs (&man.hme.4; driver)</para>
<para arch="sparc64">Sun GEM (Gigabit Ethernet) and ERI (Fast
- Ethernet) NICs (gem driver)</para>
+ Ethernet) NICs (&man.gem.4; driver)</para>
<para arch="i386,pc98">Myson Ethernet NICs (my driver)
<itemizedlist>
==== //depot/projects/ia64/sbin/rtsol/Makefile#4 (text+ko) ====
@@ -11,14 +11,14 @@
# AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT
# LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
# A PARTICULAR PURPOSE.
-# $FreeBSD: src/sbin/rtsol/Makefile,v 1.6 2003/08/14 18:43:57 ume Exp $
+# $FreeBSD: src/sbin/rtsol/Makefile,v 1.7 2003/08/22 18:59:55 ume Exp $
SRCDIR= ${.CURDIR}/../../usr.sbin/rtsold
PROG= rtsol
SRCS= rtsold.c rtsol.c if.c probe.c dump.c rtsock.c
-CFLAGS+=-DINET6 -DHAVE_POLL_H
+CFLAGS+=-DINET6 -DHAVE_ARC4RANDOM -DHAVE_POLL_H
WARNS= 0
NOMAN= yes
==== //depot/projects/ia64/share/man/man7/development.7#4 (text+ko) ====
@@ -2,7 +2,7 @@
.\" the BSD Copyright as specified in the file "/usr/src/COPYRIGHT" in
.\" the FreeBSD source tree.
.\"
-.\" $FreeBSD: src/share/man/man7/development.7,v 1.7 2003/05/21 15:55:40 ru Exp $
+.\" $FreeBSD: src/share/man/man7/development.7,v 1.8 2003/08/22 17:12:55 njl Exp $
.\"
.Dd December 21, 2002
.Dt DEVELOPMENT 7
@@ -354,7 +354,7 @@
Simply unmounting /usr/obj will leave you with a /usr/obj that is a
subdirectory in /usr which is typically local to the client.
You can then do builds to your heart's content!
-.Sh MULTIPLE VERSIONS OF THE SOURCE TREE
+.Sh MAINTAINING A LOCAL BRANCH
I have described how to maintain two versions of the source tree, a stable
version in /FreeBSD/FreeBSD-4.x and a current version
in /FreeBSD/FreeBSD-current.
@@ -370,6 +370,36 @@
to collect and manage source distributions from a central server is a very
useful thing to be able to do and you can certainly export to machines
which can build those other operating systems.
+.Pp
+Many developers choose to maintain a local branch of
+.Fx
+to test patches or build a custom distribution.
+This can be done with CVS or another source code management system
+(SubVersion, Perforce, BitKeeper) with its own repository.
+Since the main
+.Fx
+tree is based on CVS, the former is convenient.
+.Pp
+The
+.Fx
+version of CVS examines a custom environmental variable,
+CVS_LOCAL_BRANCH_NUM, which specifies an integer to use when doing a cvs
+tag/rtag.
+Set this number to something high (say 1000) to avoid colliding
+with potential future branches of the main repository. For example,
+branching a file with version 1.4 produces 1.4.1000.
+Future commits to this branch will produce revisions 1.4.1000.1,
+1.4.1000.2, etc.
+.Pp
+To fork your local branch, do:
+.Bd -literal -offset 4n
+cvs rtag -r RELENG_4 -b LOCAL_RELENG_4 src
+.Ed
+.Pp
+After this, you can check out a copy from your local repository using the
+new tag and begin making changes and committing them.
+For more information on using cvs, see
+.Xr cvs 1 .
.Sh UPDATING VIA CVS
The advantage of using cvsup to maintain an updated copy of the CVS
repository instead of using it to maintain source trees directly is that you
==== //depot/projects/ia64/sys/amd64/pci/pci_bus.c#3 (text+ko) ====
@@ -25,7 +25,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/amd64/pci/pci_bus.c,v 1.100 2003/07/25 21:19:18 obrien Exp $");
+__FBSDID("$FreeBSD: src/sys/amd64/pci/pci_bus.c,v 1.101 2003/08/22 07:36:49 imp Exp $");
#include "opt_cpu.h"
@@ -36,9 +36,9 @@
#include <sys/module.h>
#include <sys/malloc.h>
-#include <pci/pcivar.h>
-#include <pci/pcireg.h>
-#include <pci/pcib_private.h>
+#include <dev/pci/pcivar.h>
+#include <dev/pci/pcireg.h>
+#include <dev/pci/pcib_private.h>
#include <isa/isavar.h>
#include <machine/legacyvar.h>
#include <machine/pci_cfgreg.h>
==== //depot/projects/ia64/sys/cam/scsi/scsi_da.c#50 (text+ko) ====
@@ -27,7 +27,7 @@
*/
#include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/cam/scsi/scsi_da.c,v 1.153 2003/08/22 05:58:23 njl Exp $");
+__FBSDID("$FreeBSD: src/sys/cam/scsi/scsi_da.c,v 1.154 2003/08/22 16:35:53 njl Exp $");
#ifdef _KERNEL
#include "opt_da.h"
@@ -94,7 +94,8 @@
typedef enum {
DA_Q_NONE = 0x00,
DA_Q_NO_SYNC_CACHE = 0x01,
- DA_Q_NO_6_BYTE = 0x02
+ DA_Q_NO_6_BYTE = 0x02,
+ DA_Q_NO_PREVENT = 0x04
} da_quirks;
typedef enum {
@@ -222,9 +223,7 @@
/*quirks*/ DA_Q_NO_6_BYTE
},
{
- /*
- * See above.
- */
+ /* See above. */
{T_DIRECT, SIP_MEDIA_FIXED, quantum, "VIKING 2*", "*"},
/*quirks*/ DA_Q_NO_6_BYTE
},
@@ -381,6 +380,14 @@
{T_DIRECT, SIP_MEDIA_REMOVABLE, "JUNGSOFT", "NEXDISK*", "*"},
/*quirks*/ DA_Q_NO_SYNC_CACHE
},
+ {
+ /*
+ * Creative Nomad MUVO mp3 player (USB)
+ * PR: kern/53094
+ */
+ {T_DIRECT, SIP_MEDIA_REMOVABLE, "CREATIVE", "NOMAD_MUVO", "*"},
+ /*quirks*/ DA_Q_NO_SYNC_CACHE|DA_Q_NO_PREVENT
+ },
};
static disk_strategy_t dastrategy;
@@ -500,7 +507,8 @@
}
if (error == 0) {
- if ((softc->flags & DA_FLAG_PACK_REMOVABLE) != 0)
+ if ((softc->flags & DA_FLAG_PACK_REMOVABLE) != 0 &&
+ (softc->quirks & DA_Q_NO_PREVENT) == 0)
daprevent(periph, PR_PREVENT);
} else {
softc->flags &= ~DA_FLAG_OPEN;
@@ -578,7 +586,8 @@
}
if ((softc->flags & DA_FLAG_PACK_REMOVABLE) != 0) {
- daprevent(periph, PR_ALLOW);
+ if ((softc->quirks & DA_Q_NO_PREVENT) == 0)
+ daprevent(periph, PR_ALLOW);
/*
* If we've got removeable media, mark the blocksize as
* unavailable, since it could change when new media is
==== //depot/projects/ia64/sys/conf/kern.pre.mk#23 (text+ko) ====
@@ -3,7 +3,7 @@
# Unified Makefile for building kernels. This includes all the definitions
# that need to be included before %BEFORE_DEPEND
#
-# $FreeBSD: src/sys/conf/kern.pre.mk,v 1.33 2003/07/30 22:11:36 scottl Exp $
+# $FreeBSD: src/sys/conf/kern.pre.mk,v 1.34 2003/08/22 15:41:44 imp Exp $
#
# Can be overridden by makeoptions or /etc/make.conf
@@ -23,7 +23,7 @@
.if !defined(NO_CPU_COPTFLAGS)
COPTFLAGS+= ${_CPUCFLAGS}
.endif
-INCLUDES= -nostdinc -I- ${INCLMAGIC} -I. -I$S -I$S/dev
+INCLUDES= -nostdinc -I- ${INCLMAGIC} -I. -I$S
# This hack lets us use the Intel ACPICA code without spamming a new
# include path into 100+ source files.
==== //depot/projects/ia64/sys/conf/kmod.mk#25 (text+ko) ====
@@ -1,5 +1,5 @@
# From: @(#)bsd.prog.mk 5.26 (Berkeley) 6/25/91
-# $FreeBSD: src/sys/conf/kmod.mk,v 1.139 2003/07/26 02:27:50 peter Exp $
+# $FreeBSD: src/sys/conf/kmod.mk,v 1.140 2003/08/22 15:41:44 imp Exp $
#
# The include file <bsd.kmod.mk> handles installing Kernel Loadable Device
# drivers (KLD's).
@@ -83,7 +83,7 @@
# Add -I paths for system headers. Individual KLD makefiles don't
# need any -I paths for this. Similar defaults for .PATH can't be
# set because there are no standard paths for non-headers.
-CFLAGS+= -I. -I@ -I@/dev
+CFLAGS+= -I. -I@
# Add a -I path to standard headers like <stddef.h>. Use a relative
# path to src/include if possible. If the @ symlink hasn't been built
==== //depot/projects/ia64/sys/contrib/dev/oltr/if_oltr.c#8 (text+ko) ====
@@ -30,7 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
- * $FreeBSD: src/sys/contrib/dev/oltr/if_oltr.c,v 1.29 2003/08/06 10:52:16 bde Exp $
+ * $FreeBSD: src/sys/contrib/dev/oltr/if_oltr.c,v 1.30 2003/08/22 15:28:22 imp Exp $
*/
#include <sys/param.h>
@@ -74,8 +74,13 @@
#include <sys/bus.h>
#include <sys/rman.h>
+#if (__FreeBSD_version < 500000)
#include <pci/pcireg.h>
#include <pci/pcivar.h>
+#else
+#include <dev/pci/pcireg.h>
+#include <dev/pci/pcivar.h>
+#endif
#include "contrib/dev/oltr/trlld.h"
==== //depot/projects/ia64/sys/dev/firewire/firewire.c#36 (text+ko) ====
@@ -31,7 +31,7 @@
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $FreeBSD: src/sys/dev/firewire/firewire.c,v 1.59 2003/08/05 03:11:39 simokawa Exp $
+ * $FreeBSD: src/sys/dev/firewire/firewire.c,v 1.60 2003/08/22 07:30:41 simokawa Exp $
*
*/
@@ -1772,8 +1772,10 @@
fw_xfer_done(xfer);
break;
case FWXF_START:
+#if 0
if (firewire_debug)
printf("not sent yet tl=%x\n", xfer->tl);
+#endif
break;
default:
printf("unexpected state %d\n", xfer->state);
==== //depot/projects/ia64/sys/dev/firewire/fwohci.c#34 (text+ko) ====
@@ -31,7 +31,7 @@
* ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*
- * $FreeBSD: src/sys/dev/firewire/fwohci.c,v 1.64 2003/08/20 03:11:37 simokawa Exp $
+ * $FreeBSD: src/sys/dev/firewire/fwohci.c,v 1.65 2003/08/22 07:30:41 simokawa Exp $
*
*/
@@ -1110,8 +1110,10 @@
if (tr->xfer != NULL) {
xfer = tr->xfer;
if (xfer->state == FWXF_RCVD) {
+#if 0
if (firewire_debug)
printf("already rcvd\n");
+#endif
>>> TRUNCATED FOR MAIL (1000 lines) <<<
More information about the p4-projects
mailing list