#
6bb132ba |
|
15-Apr-2024 |
Brooks Davis <brooks@FreeBSD.org> |
Reduce reliance on sys/sysproto.h pollution Add sys/errno.h, sys/malloc.h, sys/queue.h, and vm/uma.h as needed. sys/sysproto.h currently includes sys/acl.h which currently includes sys/param.h, sys/queue.h, and vm/uma.h which in turn bring in sys/errno.h sys/malloc.h. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D44465
|
#
fdafd315 |
|
24-Nov-2023 |
Warner Losh <imp@FreeBSD.org> |
sys: Automated cleanup of cdefs and other formatting Apply the following automated changes to try to eliminate no-longer-needed sys/cdefs.h includes as well as now-empty blank lines in a row. Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/ Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/ Remove /\n+#if.*\n#endif.*\n+/ Remove /^#if.*\n#endif.*\n/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/ Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/ Sponsored by: Netflix
|
#
cf7974fd |
|
20-Sep-2023 |
Zhenlei Huang <zlei@FreeBSD.org> |
sysctl: Update 'master' copy of vnet SYSCTLs on kernel environment variables change Complete phase three of 3da1cf1e88f8. With commit 110113bc086f, vnet sysctl variables can be loader tunable but the feature is limited. When the kernel modules have been initialized, any changes (e.g. via kenv) to kernel environment variable will not affect subsequently created VNETs. This change relexes the limitation by listening on kernel environment variable's set / unset events, and then update the 'master' copy of vnet SYSCTL or restore it to its initial value. With this change, TUNABLE_XXX_FETCH can be greately eliminated for vnet loader tunables. Reviewed by: glebius Fixes: 110113bc086f sysctl(9): Enable vnet sysctl variables to be loader tunable MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D41825
|
#
685dc743 |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
sys: Remove $FreeBSD$: one-line .c pattern Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
|
#
4d846d26 |
|
10-May-2023 |
Warner Losh <imp@FreeBSD.org> |
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch up to that fact and revert to their recommended match of BSD-2-Clause. Discussed with: pfg MFC After: 3 days Sponsored by: Netflix
|
#
df949e76 |
|
10-Mar-2022 |
Jose Luis Duran <jlduran@gmail.com> |
kern_environment: Partially apply style(9) Sort include files, remove duplicates and remove trailing whitespce. Pull Request: https://github.com/freebsd/freebsd-src/pull/589 Reviewed by: imp
|
#
c32bd976 |
|
12-Aug-2022 |
Colin Percival <cperciva@FreeBSD.org> |
kern: Support duplicate variables in early kenv Some virtual machines pass virtio MMIO device parameters via the kernel command line as a series of virtio_mmio.device=<parameters> options. These get translated into FreeBSD kernel environment variables; but unfortunately they all use the same variable name, which resulted in all but the first such parameter being ignored when the dynamic kernel environment is set up from the initial environment buffers. With this commit, duplicate environment settings will instead be stored as ${name}_1, ${name}_2... ${name}_9999. In the unlikely event that the same variable is set over 10000 times before the dynamic kernel environment is set up, we panic. Variable settings after the dynamic environment is initialized continue to override the previously-set value; the change is limited to the very early kernel boot (prior to SI_SUB_KMEM + 1) and changes behaviour from "ignore" to "store with a different name" only. Reviewed by: imp Feedback from: kevans Sponsored by: https://patreon.com/cperciva Differential Revision: https://reviews.freebsd.org/D36187
|
#
31d1b816 |
|
28-May-2022 |
Dmitry Chagin <dchagin@FreeBSD.org> |
sysent: Get rid of bogus sys/sysent.h include. Where appropriate hide sysent.h under proper condition. MFC after: 2 weeks
|
#
db0f2643 |
|
20-Jun-2021 |
Kyle Evans <kevans@FreeBSD.org> |
kenv: allow listing of static kernel environments The early environment is typically cleared, so these new options need the PRESERVE_EARLY_KENV kernel config(8) option. These environments are reported as missing by kenv(1) if the option is not present in the running kernel. Reviewed by: imp Differential Revision: https://reviews.freebsd.org/D30835
|
#
7a129c97 |
|
20-Jun-2021 |
Kyle Evans <kevans@FreeBSD.org> |
kern: add an option for preserving the early kenv Some downstream configurations do not store secrets in the early (loader/static) environments and desire a way to preserve these for diagnostic reasons. Provide an option to do so. Reviewed by: imp, jhb (earlier version) Differential Revision: https://reviews.freebsd.org/D30834
|
#
bc683a89 |
|
07-Oct-2020 |
Warner Losh <imp@FreeBSD.org> |
Move kernel env global variables, etc to sys/kenv.h The kernel globals for kenv are confined to 2 files that need them and a few that likely shouldn't (but as written the code does). Move them from sys/systm.h to sys/kenv.h. This removed a XXX from systm.h and cleans it up a little bit...
|
#
624a7e1f |
|
21-Sep-2020 |
Mitchell Horne <mhorne@FreeBSD.org> |
Use getenv_is_true() in init_static_kenv() A small example of how these functions can be used to simplify checks of this nature. Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D26271
|
#
cba446e2 |
|
21-Sep-2020 |
Mitchell Horne <mhorne@FreeBSD.org> |
Add getenv(9) boolean parsing functions This adds the getenv_bool() function, to parse a boolean value from a kernel environment variable or tunable. This works for traditional boolean values like "0" and "1", and also "true" and "false" (case-insensitive). These semantics do not yet apply to sysctls declared using SYSCTL_BOOL with CTLFLAG_TUN (they still only parse 1 and 0). Also added are two wrapper functions, getenv_is_true() and getenv_is_false(). These are slightly simpler for callers wishing to perform a single check of a configuration variable. Reviewed by: jhb (slightly earlier version) Sponsored by: NetApp, Inc. Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D26270
|
#
6fed89b1 |
|
01-Sep-2020 |
Mateusz Guzik <mjg@FreeBSD.org> |
kern: clean up empty lines in .c and .h files
|
#
f3ba85cc |
|
14-Aug-2020 |
Jason A. Harmening <jah@FreeBSD.org> |
kenv: avoid sleepable alloc for integer tunables Avoid performing a potentially-blocking malloc for kenv lookups that will only perform non-destructive integer conversions on the returned buffer. Instead, perform the strtoq() in-place with the kenv lock held. While here, factor the logic around kenv_lock acquire and release into kenv_acquire() and kenv_release(), and use these functions for some light cleanup. Collapse getenv_string_buffer() into kern_getenv(), as the former no longer has any other callers and the only additional task performed by the latter is a WITNESS check that hasn't been useful since r362231. PR: 248250 Reported by: gbe Reviewed by: mjg Tested by: gbe Differential Revision: https://reviews.freebsd.org/D26010
|
#
4a711b8d |
|
25-Jun-2020 |
John Baldwin <jhb@FreeBSD.org> |
Use zfree() instead of explicit_bzero() and free(). In addition to reducing lines of code, this also ensures that the full allocation is always zeroed avoiding possible bugs with incorrect lengths passed to explicit_bzero(). Suggested by: cem Reviewed by: cem, delphij Approved by: csprng (cem) Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D25435
|
#
73845fdb |
|
16-Jun-2020 |
Simon J. Gerraty <sjg@FreeBSD.org> |
Make KENV_MVALLEN tunable When doing secure boot, loader wants to export loader.ve.hashed the value of which typically exceeds KENV_MVALLEN. Replace use of KENV_MVALLEN with tunable kenv_mvallen. Add getenv_string_buffer() for the case where a stack buffer cannot be created and use uma_zone_t kenv_zone for suitably sized buffers. Reviewed by: stevek, kevans Obtained from: Abhishek Kulkarni <abkulkarni@juniper.net> MFC after: 1 week Sponsored by: Juniper Networks Differential Revision: https://reviews.freebsd.org//D25259
|
#
5163b1a7 |
|
12-Sep-2019 |
Kyle Evans <kevans@FreeBSD.org> |
Follow up r352244: kenv: tighten up assertions As I like to forget: static kenv var formatting is actually such that an empty environment would be double null bytes. We should make sure that a non-zero buffer has at least enough for this, though most of the current usage is with a 4k buffer.
|
#
436c4687 |
|
12-Sep-2019 |
Kyle Evans <kevans@FreeBSD.org> |
kenv: assert that an empty static buffer passed in is "empty" Garbage in the passed-in buffer can cause problems if any attempts to read the kenv are inadvertently made between init_static_kenv and the first kern_setenv -- assuming there is one. This is cheap and easy, so do it. This also helps rule out some class of bugs as one tries to debug; tunables fetch from the static environment up until SI_SUB_KMEM + 1, and many of these buffers are global ~4k buffers that rely on BSS clearing while others just grab a page of free memory and use it (e.g. xen).
|
#
6fd2dcd4 |
|
05-Feb-2019 |
Bruce Evans <bde@FreeBSD.org> |
Fix zapping of static hints and env in init_static_kenv(). Environments are terminated by 2 NULs, but only 1 NUL was zapped. Zapping only 1 NUL just splits the first string into an empty string and a corrupted string. All other strings in static hints and env remained live early in the boot when they were supposed to be disabled. Support calling init_static_kenv() very early in the boot, so as to use the env very early in the boot. Then the pointer to the loader env may change after the first call due to enabling paging or otherwise remapping the pointer. Another call is needed to register the change. Don't use the previous pointer in this (or any) later call. Reviewed by: kib
|
#
75beb4d4 |
|
12-Nov-2018 |
Kyle Evans <kevans@FreeBSD.org> |
Add dynamic_kenv assertion to init_static_kenv Both to formally document the requirement that this not be called after the dynamic kenv is setup, and to perhaps help static analyzers figure out what's going on. While calling init_static_kenv this late isn't fatal, there are some caveats that the caller should be aware of: - Late calls are effectively a no-op, as far as default FreeBSD is concerned, as everything will switch to searching the dynamic kenv once it's available. - Each of the kern_getenv calls will leak memory, as it's assumed that these are searching static environment and allocations will not be made. As such, this usage is not sensible and should be detected.
|
#
970a174f |
|
25-Oct-2018 |
Mark Johnston <markj@FreeBSD.org> |
Add FALLTHROUGH comments to appease Coverity. CID: 1017862-1017864, 1017866-1017868 MFC after: 2 weeks
|
#
44314c35 |
|
11-Jul-2018 |
Kyle Evans <kevans@FreeBSD.org> |
kern_environment: Give the static environment a chance to disable MD env This variable has been given the name "loader_env.disabled" as it's the primary way most people will have an MD environment. This restores the previously-default behavior of ignoring the loader(8) environment, which may be useful for vendor distributions or other scenarios where inheriting the loader environment may be considered a security issue or potentially breaking of a more locked-down environment. As the change to config(5) indicates, disabling the loader environment should not be a choice made lightly since it may provide ACPI hints and other useful things that the system can rely on to boot. An UPDATING entry has been added to mention an upgrade path for those that may have relied on the previous behavior. Discussed with: bde Relnotes: yes (maybe)
|
#
c7a82b9c |
|
09-Jul-2018 |
Kyle Evans <kevans@FreeBSD.org> |
kern_environment: bool'itize dynamic_kenv; fix small style(9) nit
|
#
cae22dd9 |
|
06-Jul-2018 |
Kyle Evans <kevans@FreeBSD.org> |
kern_environment: Fix SYSINIT ordering The dynamic environment was being initialized at SI_SUB_KMEM, SI_ORDER_ANY. I added the hint-merging at SI_SUB_KMEM, SI_ORDER_ANY as well in r335998 - this can only work by coincidence. Re-do both to operate at SI_SUB_KMEM + 1, SI_ORDER_FIRST and SI_ORDER_SECOND respectively to be safe. It's sufficiently obfuscated away as to when in SU_SUB_KMEM malloc will be available, and the dynamic environment cannot be relied upon there anyways since it's initialized at SI_ORDER_ANY. Reported by: bde Discussed with: bde X-MFC-With: r335998
|
#
39d44f7f |
|
05-Jul-2018 |
Kyle Evans <kevans@FreeBSD.org> |
kern_environment: use any provided environments, evict hintmode/envmode At the moment, hintmode and envmode are used to indicate whether static hints or static env have been provided in the kernel config(5) and the static versions are mutually exclusive with loader(8)-provided environment. hintmode *can* be reconfigured later to pull from the dynamic environment, thus taking advantage of the loader(8) or post-kmem environment setting. This changeset fixes both problems at once to move us from a semi-confusing state to a consistent state: if an environment file, hints file, or loader(8) environment are provided, we use them in a well-known order of precedence: - loader(8) environment - static environment - static hints file Once the dynamic environment is setup this becomes a moot point. The loader(8) and static environments are merged (respecting the above order of precedence), and the static hints are merged in on an as-needed basis after the dynamic environment has been setup. Hints lookup are changed to respect all of the above. Before the dynamic environment is setup, lookups use the above-mentioned order and fallback to the next environment if a matching hint is not found. Once the dynamic environment is setup, that is used on its own since it captures all of the above information plus any dynamic kenv settings that came up later in boot. The following tangentially related changes were made to res_find: - A hintp cookie is now passed in so that related searches continue using the chain of environments (or dynamic environment) without relying on global state - All three environments will be searched if they actually have valid hints to use, rather than just choosing the first environment that actually had a hint and rolling with that only The hintmode sysctl has been ripped out. static_{env,hints}.disabled are still honored and will disable their respective environments from being used for hint lookups and from being merged into the dynamic environment, as expected. MFC after: 1 month (maybe) Differential Revision: https://reviews.freebsd.org/D15953
|
#
e2868734 |
|
05-Jul-2018 |
Kyle Evans <kevans@FreeBSD.org> |
Revert r335995 due to accidental changes snuck in
|
#
8ef58863 |
|
05-Jul-2018 |
Kyle Evans <kevans@FreeBSD.org> |
kern_environment: use any provided environments, evict hintmode/envmode At the moment, hintmode and envmode are used to indicate whether static hints or static env have been provided in the kernel config(5) and the static versions are mutually exclusive with loader(8)-provided environment. hintmode *can* be reconfigured later to pull from the dynamic environment, thus taking advantage of the loader(8) or post-kmem environment setting. This changeset fixes both problems at once to move us from a semi-confusing state to a consistent state: if an environment file, hints file, or loader(8) environment are provided, we use them in a well-known order of precedence: - loader(8) environment - static environment - static hints file Once the dynamic environment is setup this becomes a moot point. The loader(8) and static environments are merged (respecting the above order of precedence), and the static hints are merged in on an as-needed basis after the dynamic environment has been setup. Hints lookup are changed to respect all of the above. Before the dynamic environment is setup, lookups use the above-mentioned order and fallback to the next environment if a matching hint is not found. Once the dynamic environment is setup, that is used on its own since it captures all of the above information plus any dynamic kenv settings that came up later in boot. The following tangentially related changes were made to res_find: - A hintp cookie is now passed in so that related searches continue using the chain of environments (or dynamic environment) without relying on global state - All three environments will be searched if they actually have valid hints to use, rather than just choosing the first environment that actually had a hint and rolling with that only The hintmode sysctl has been ripped out. static_{env,hints}.disabled are still honored and will disable their respective environments from being used for hint lookups and from being merged into the dynamic environment, as expected. MFC after: 1 month (maybe) Differential Revision: https://reviews.freebsd.org/D15953
|
#
ce70c572 |
|
20-Jun-2018 |
Hans Petter Selasky <hselasky@FreeBSD.org> |
Permit the kernel environment to set an array of numeric values for a single sysctl(9) node. Reviewed by: kib@, imp@, jhb@ Differential Revision: https://reviews.freebsd.org/D15802 MFC after: 1 week Sponsored by: Mellanox Technologies
|
#
97603f1d |
|
10-Apr-2018 |
Ian Lepore <ian@FreeBSD.org> |
Use explicit_bzero() when cleaning values out of the kernel environment. Sometimes the values contain geli passphrases being communicated from loader(8) to the kernel, and some day the compiler may decide to start eliding calls to memset() for a pointer which is not dereferenced again before being passed to free().
|
#
8a36da99 |
|
27-Nov-2017 |
Pedro F. Giffuni <pfg@FreeBSD.org> |
sys/kern: adoption of SPDX licensing ID tags. Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task. The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts.
|
#
15be49f5 |
|
14-Apr-2016 |
Warner Losh <imp@FreeBSD.org> |
Create wrappers for uint64_t and int64_t for the tunables. While not strictly necessary, it is more convenient.
|
#
85143dd1 |
|
21-Feb-2016 |
Ian Lepore <ian@FreeBSD.org> |
Allow a dynamic env to override a compiled-in static env by passing in the override indication in the env data. Submitted by: bde
|
#
69dcb7e7 |
|
01-Jan-2016 |
Ian Lepore <ian@FreeBSD.org> |
Make the 'env' directive described in config(5) work on all architectures, providing compiled-in static environment data that is used instead of any data passed in from a boot loader. Previously 'env' worked only on i386 and arm xscale systems, because it required the MD startup code to examine the global envmode variable and decide whether to use static_env or an environment obtained from the boot loader, and set the global kern_envp accordingly. Most startup code wasn't doing so. Making things even more complex, some mips startup code uses an alternate scheme that involves calling init_static_kenv() to pass an empty buffer and its size, then uses a series of kern_setenv() calls to populate that buffer. Now all MD startup code calls init_static_kenv(), and that routine provides a single point where envmode is checked and the decision is made whether to use the compiled-in static_kenv or the values provided by the MD code. The routine also continues to serve its original purpose for mips; if a non-zero buffer size is passed the routine installs the empty buffer ready to accept kern_setenv() values. Now if the size is zero, the provided buffer full of existing env data is installed. A NULL pointer can be passed if the boot loader provides no env data; this allows the static env to be installed if envmode is set to do so. Most of the work here is a near-mechanical change to call the init function instead of directly setting kern_envp. A notable exception is in xen/pv.c; that code was originally installing a buffer full of preformatted env data along with its non-zero size (like mips code does), which would have allowed kern_setenv() calls to wipe out the preformatted data. Now it passes a zero for the size so that the buffer of data it installs is treated as non-writeable.
|
#
2735a91d |
|
23-Oct-2014 |
Xin LI <delphij@FreeBSD.org> |
Test if 'env' is NULL before doing memset() and strlen(), the caller may pass NULL to freeenv().
|
#
b9f6af45 |
|
22-Oct-2014 |
Colin Percival <cperciva@FreeBSD.org> |
Avoid leaking data from the kernel environment: When we convert the initial static environment to a dynamic one, zero the static environment buffer, and zero individual values when kern_unsetenv and freeenv are called. Tested by: kmoore (VM memory dump + grep) Tested by: cperciva (kernel panic dump + grep)
|
#
2be111bf |
|
16-Oct-2014 |
Davide Italiano <davide@FreeBSD.org> |
Follow up to r225617. In order to maximize the re-usability of kernel code in userland rename in-kernel getenv()/setenv() to kern_setenv()/kern_getenv(). This fixes a namespace collision with libc symbols. Submitted by: kmacy Tested by: make universe
|
#
915f2b7c |
|
01-Nov-2013 |
Alexander Motin <mav@FreeBSD.org> |
Make getenv_*() functions and respectively TUNABLE_*_FETCH() macros not allocate memory and so not require sleepable environment. getenv() has already used on-stack temporary storage, so just use it more rationally. getenv_string() receives buffer as argument, so don't need another one.
|
#
11c60144 |
|
16-Apr-2013 |
Warner Losh <imp@FreeBSD.org> |
r249408 and r249436 cause a NULL pointer dereference on the CUBIEBOARD since it doesn't set the kernel envrionment at all. Work around this by making sure kern_envp is non-NULL before dereferencing it.
|
#
f46206c2 |
|
13-Apr-2013 |
Jayachandran C. <jchandra@FreeBSD.org> |
Fix changes made in r249408. In some cases, kern_envp is set by the architecture code and env_pos does not contain the length of the static kernel environment. In these cases r249408 causes the kernel to discard the environment. Fix this by updating the check for empty static env to *kern_envp != '\0' Reported by: np@
|
#
15f9c9ed |
|
12-Apr-2013 |
Jayachandran C. <jchandra@FreeBSD.org> |
Fix kenv behavior when there is no static environment In case where there are no static kernel environment entries, the function init_dynamic_kenv() adds an incorrect entry at position 0 of the dynamic kernel environment. This in turn causes kenv(1) to print and empty list even though there are dynamic entries added later. Fix this by checking env_pos in init_dynamic_kenv() and adding dynamic entries only if there are static entries.
|
#
2f0ac259 |
|
14-Aug-2012 |
Jaakko Heinonen <jh@FreeBSD.org> |
Reserve room for the terminating NUL when setting or getting kernel environment variables. KENV_MNAMELEN and KENV_MVALLEN doesn't include space for the terminating NUL.
|
#
8451d0dd |
|
16-Sep-2011 |
Kip Macy <kmacy@FreeBSD.org> |
In order to maximize the re-usability of kernel code in user space this patch modifies makesyscalls.sh to prefix all of the non-compatibility calls (e.g. not linux_, freebsd32_) with sys_ and updates the kernel entry points and all places in the code that use them. It also fixes an additional name space collision between the kernel function psignal and the libc function of the same name by renaming the kernel psignal kern_psignal(). By introducing this change now we will ease future MFCs that change syscalls. Reviewed by: rwatson Approved by: re (bz)
|
#
f53edc90 |
|
23-May-2011 |
Jaakko Heinonen <jh@FreeBSD.org> |
In init_dynamic_kenv(), ignore environment strings exceeding the KENV_MNAMELEN + 1 + KENV_MVALLEN + 1 length limit to avoid buffer overflow in getenv(). Currenly loader(8) doesn't limit the length of environment strings. PR: kern/132104 MFC after: 1 month
|
#
852bee75 |
|
07-May-2011 |
Jaakko Heinonen <jh@FreeBSD.org> |
To avoid duplicated warning, move WITNESS_WARN() added in r221597 to the branch which doesn't call malloc(9). Suggested by: kib
|
#
816c2039 |
|
07-May-2011 |
Jaakko Heinonen <jh@FreeBSD.org> |
Add WITNESS_WARN() to getenv() to explicitly note that the function may sleep. This helps to expose bugs when the requested environment variable doesn't exist.
|
#
a7d5f7eb |
|
19-Oct-2010 |
Jamie Gritton <jamie@FreeBSD.org> |
A new jail(8) with a configuration file, to replace the work currently done by /etc/rc.d/jail.
|
#
eae8e367 |
|
10-Jan-2010 |
Warner Losh <imp@FreeBSD.org> |
Merge change r198561 from projects/mips to head: r198561 | thompsa | 2009-10-28 15:25:22 -0600 (Wed, 28 Oct 2009) | 4 lines Allow a scratch buffer to be set in order to be able to use setenv() while booting, before dynamic kenv is running. A few platforms implement their own scratch+sprintf handling to save data from the boot environment.
|
#
ed7d70c2 |
|
28-Oct-2009 |
Andrew Thompson <thompsa@FreeBSD.org> |
Allow a scratch buffer to be set in order to be able to use setenv() while booting, before dynamic kenv is running. A few platforms implement their own scratch+sprintf handling to save data from the boot environment.
|
#
bcf11e8d |
|
05-Jun-2009 |
Robert Watson <rwatson@FreeBSD.org> |
Move "options MAC" from opt_mac.h to opt_global.h, as it's now in GENERIC and used in a large number of files, but also because an increasing number of incorrect uses of MAC calls were sneaking in due to copy-and-paste of MAC-aware code without the associated opt_mac.h include. Discussed with: pjd
|
#
3f935cf3 |
|
22-Mar-2009 |
Colin Percival <cperciva@FreeBSD.org> |
Correctly sanity-check timer IDs. [SA-09:06] Limit the size of malloced buffer when dumping environment variables. [EN-09:01] Approved by: so (cperciva) Approved by: re (kensmith) Security: FreeBSD-SA-09:06.ktimer Errata: FreeBSD-EN-09:01.kenv
|
#
d7f03759 |
|
19-Oct-2008 |
Ulf Lilleengen <lulf@FreeBSD.org> |
- Import the HEAD csup code which is the basis for the cvsmode work.
|
#
7f41115e |
|
21-Jul-2008 |
Pawel Jakub Dawidek <pjd@FreeBSD.org> |
Implement the following macros for completeness: SYSCTL_QUAD() SYSCTL_ADD_QUAD() TUNABLE_QUAD() TUNABLE_QUAD_FETCH() Now we can use 64bit tunables on 32bit systems.
|
#
30d239bc |
|
24-Oct-2007 |
Robert Watson <rwatson@FreeBSD.org> |
Merge first in a series of TrustedBSD MAC Framework KPI changes from Mac OS X Leopard--rationalize naming for entry points to the following general forms: mac_<object>_<method/action> mac_<object>_check_<method/action> The previous naming scheme was inconsistent and mostly reversed from the new scheme. Also, make object types more consistent and remove spaces from object types that contain multiple parts ("posix_sem" -> "posixsem") to make mechanical parsing easier. Introduce a new "netinet" object type for certain IPv4/IPv6-related methods. Also simplify, slightly, some entry point names. All MAC policy modules will need to be recompiled, and modules not updates as part of this commit will need to be modified to conform to the new KPI. Sponsored by: SPARTA (original patches against Mac OS X) Obtained from: TrustedBSD Project, Apple Computer
|
#
d302c56d |
|
13-Oct-2007 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
I don't know what I was smoking when I wrote these three years ago; the return value is an error code, hence always an int. While I'm here, add getenv_uint() for completeness.
|
#
873fbcd7 |
|
05-Mar-2007 |
Robert Watson <rwatson@FreeBSD.org> |
Further system call comment cleanup: - Remove also "MP SAFE" after prior "MPSAFE" pass. (suggested by bde) - Remove extra blank lines in some cases. - Add extra blank lines in some cases. - Remove no-op comments consisting solely of the function name, the word "syscall", or the system call name. - Add punctuation. - Re-wrap some comments.
|
#
acd3428b |
|
06-Nov-2006 |
Robert Watson <rwatson@FreeBSD.org> |
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
|
#
aed55708 |
|
22-Oct-2006 |
Robert Watson <rwatson@FreeBSD.org> |
Complete break-out of sys/sys/mac.h into sys/security/mac/mac_framework.h begun with a repo-copy of mac.h to mac_framework.h. sys/mac.h now contains the userspace and user<->kernel API and definitions, with all in-kernel interfaces moved to mac_framework.h, which is now included across most of the kernel instead. This change is the first step in a larger cleanup and sweep of MAC Framework interfaces in the kernel, and will not be MFC'd. Obtained from: TrustedBSD Project Sponsored by: SPARTA
|
#
e3546a75 |
|
09-Jul-2006 |
Scott Long <scottl@FreeBSD.org> |
Use a sleep mutex instead of an sx lock for the kernel environment. This allows greater flexibility for drivers that want to query the environment. Reviewed by: jhb, mux
|
#
a8f47039 |
|
15-Mar-2006 |
Alexander Leidinger <netchild@FreeBSD.org> |
Fix memory leak introduced in previous revision. Discussed with: phk
|
#
c8d7706e |
|
09-Mar-2006 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Ignore kenv strings which overflow the room we have, rather than pretend we have room for them.
|
#
2b7182c6 |
|
26-Sep-2005 |
David Xu <davidxu@FreeBSD.org> |
Reorder statements to avoid accessing unknown memory. In theory, invoking kenv with very long string can panic kernel.
|
#
3904769b |
|
31-Jul-2005 |
Alexander Leidinger <netchild@FreeBSD.org> |
Add bounds checking to the setenv part of the kernel environment. This has no security implications since only root is allowed to use kenv(1) (and corrupt the kernel memory after adding too much variables previous to this commit). This is based upon the PR [1] mentioned below, but extended to check both bounds (in case of an overflow of the counting variable) and to comply to the style of the function. An overflow of the counting variable shouldn't happen after adding the check for the upper bound, but better safe than sorry (in case some other function in the kernel overwrites random memory). An interested soul may want to add a printf to notify root in case the bounds are hit. Also allocate KENV_SIZE+1 entries (the array is NULL-terminated), since the comment for KENV_SIZE says it's the maximum number of environment strings. [2] PR: 83687 [1] Submitted by: Harry Coin <harrycoin@qconline.com> [1] Submitted by: Ariff Abdullah <skywizard@MyBSD.org.my> [2]
|
#
628b83cd |
|
08-Mar-2005 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
My addled brains didn't realize that since vtp points into value, we can't freeenv(value) before we're done inspecting vtp[0]. Tested by: Anish Mistry <mistry.7@osu.edu>
|
#
f3301d15 |
|
05-Mar-2005 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Teach getenv_quad() to recognize k/m/g/t suffixes in both lower- and upper-case. This means (almost) all tunables now support those suffixes.
|
#
c711aea6 |
|
09-Feb-2005 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Make a bunch of malloc types static. Found by: src/tools/tools/kernxref
|
#
ed3fdd0e |
|
08-Nov-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Retire TUNABLE_QUAD_*.
|
#
b0e1e474 |
|
31-Oct-2004 |
Dag-Erling Smørgrav <des@FreeBSD.org> |
Add TUNABLE_LONG and TUNABLE_ULONG, and use the latter for the hw.pci.host_mem_start tunable. Add comments to TUNABLE_INT and TUNABLE_QUAD recommending against their use. MFC after: 3 weeks
|
#
06afcd9d |
|
27-Apr-2004 |
David Schultz <das@FreeBSD.org> |
If the buffer supplied to kenv(KENV_DUMP, ...) isn't big enough, return the number of bytes needed instead of 0. The manpage claims that we do this anyway.
|
#
677b542e |
|
10-Jun-2003 |
David E. O'Brien <obrien@FreeBSD.org> |
Use __FBSDID().
|
#
a163d034 |
|
18-Feb-2003 |
Warner Losh <imp@FreeBSD.org> |
Back out M_* changes, per decision of the TRB. Approved by: trb
|
#
44956c98 |
|
21-Jan-2003 |
Alfred Perlstein <alfred@FreeBSD.org> |
Remove M_TRYWAIT/M_WAITOK/M_WAIT. Callers should use 0. Merge M_NOWAIT/M_DONTWAIT into a single flag M_NOWAIT.
|
#
b80521fe |
|
13-Dec-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
remove syscallarg(). Suggested by: peter
|
#
d1e405c5 |
|
13-Dec-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
SCARGS removal take II.
|
#
bc9e75d7 |
|
13-Dec-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
Backout removal SCARGS, the code freeze is only "selectively" over.
|
#
0bbe7292 |
|
13-Dec-2002 |
Alfred Perlstein <alfred@FreeBSD.org> |
Remove SCARGS. Reviewed by: md5
|
#
e686e5ae |
|
01-Nov-2002 |
Robert Watson <rwatson@FreeBSD.org> |
Add MAC checks for various kenv() operations: dump, get, set, unset, permitting MAC policies to limit access to the kernel environment. Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories
|
#
e80fb434 |
|
17-Oct-2002 |
Robert Drehmel <robert@FreeBSD.org> |
Use strlcpy() instead of strncpy() to copy NUL terminated strings for safety and consistency.
|
#
6692ac66 |
|
30-Apr-2002 |
Peter Wemm <peter@FreeBSD.org> |
Cosmetic tweaks. Try and keep the style more consistent, catch some stray whitespace and update a comment.
|
#
2c900f64 |
|
25-Apr-2002 |
Bruce Evans <bde@FreeBSD.org> |
Fixed some longstanding bugs in _getenv_static(): - malformed environment strings (ones without an '=') were not rejected. There shouldn't be any of these, but when the static environment is empty it always begins with one of these; this one should be considered as the terminator after the end of the environment, but it isn't. - the comparison of the name being looked up with the name in the environment was fuzzy -- only the characters up to the length of the latter were compared, so _getenv_static("foobar") matched "foo=..." in the environment and everything matched "" in the empty environment. MFC after: 3 days
|
#
b48a4280 |
|
17-Apr-2002 |
Maxime Henrion <mux@FreeBSD.org> |
Avoid calling malloc() or free() while holding the kenv lock. Reviewed by: jake
|
#
d786139c |
|
17-Apr-2002 |
Maxime Henrion <mux@FreeBSD.org> |
Rework the kernel environment subsystem. We now convert the static environment needed at boot time to a dynamic subsystem when VM is up. The dynamic kernel environment is protected by an sx lock. This adds some new functions to manipulate the kernel environment : freeenv(), setenv(), unsetenv() and testenv(). freeenv() has to be called after every getenv() when you have finished using the string. testenv() only tests if an environment variable is present, and doesn't require a freeenv() call. setenv() and unsetenv() are self explanatory. The kenv(2) syscall exports these new functionalities to userland, mainly for kenv(1). Reviewed by: peter
|
#
5a08b84f |
|
25-Oct-2001 |
John Baldwin <jhb@FreeBSD.org> |
Fix an inverted test csae. Success of getenv() is determined by a return value of !NUL rather than NUL. Submitted by: luigi Pointy hat to: jhb
|
#
21cbf0cc |
|
23-Oct-2001 |
John Baldwin <jhb@FreeBSD.org> |
- Change getenv_quad() to return an int instead of a quad_t since it returns an success/failure code rather than the actual value. - Add getenv_string() which copies a string from the environment to another string and returns true on success.
|
#
cbc89bfb |
|
10-Oct-2001 |
Paul Saab <ps@FreeBSD.org> |
Make MAXTSIZ, DFLDSIZ, MAXDSIZ, DFLSSIZ, MAXSSIZ, SGROWSIZ loader tunable. Reviewed by: peter MFC after: 2 weeks
|
#
1114d185 |
|
20-Sep-2001 |
Peter Wemm <peter@FreeBSD.org> |
Add a pointer to kenv(1).
|
#
57ea1fa0 |
|
20-Sep-2001 |
Jonathan Lemon <jlemon@FreeBSD.org> |
Revert last commit. The same functionality can be obtained through the 'kenv' command, which I obviously was unaware of.
|
#
e492f035 |
|
20-Sep-2001 |
Jonathan Lemon <jlemon@FreeBSD.org> |
Add a sysctl MIB 'kern.env', that dumps the contents of the kernel environment from the loader, as well as the kernel's compiled in static hints.
|
#
b93c3c5e |
|
15-Jun-2001 |
Peter Wemm <peter@FreeBSD.org> |
Fix some warnings in kern_environment.c. Make the getenv*() family take a const 'name', since they dont modify anything. 159: warning: passing arg 1 of `getenv_int' discards qualifiers... 167: warning: passing arg 1 of `getenv' discards qualifiers from pointer..
|
#
09786698 |
|
07-Jun-2001 |
Peter Wemm <peter@FreeBSD.org> |
"Fix" the previous initial attempt at fixing TUNABLE_INT(). This time around, use a common function for looking up and extracting the tunables from the kernel environment. This saves duplicating the same function over and over again. This way typically has an overhead of 8 bytes + the path string, versus about 26 bytes + the path string.
|
#
77978ab8 |
|
04-Jul-2000 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Previous commit changing SYSCTL_HANDLER_ARGS violated KNF. Pointed out by: bde
|
#
82d9ae4e |
|
03-Jul-2000 |
Poul-Henning Kamp <phk@FreeBSD.org> |
Style police catches up with rev 1.26 of src/sys/sys/sysctl.h: Sanitize SYSCTL_HANDLER_ARGS so that simplistic tools can grog our sources: -sysctl_vm_zone SYSCTL_HANDLER_ARGS +sysctl_vm_zone (SYSCTL_HANDLER_ARGS)
|
#
25792ef3 |
|
23-Nov-1999 |
Archie Cobbs <archie@FreeBSD.org> |
Change the prototype of the strto* routines to make the second parameter a char ** instead of a const char **. This make these kernel routines consistent with the corresponding libc userland routines. Which is actually 'correct' is debatable, but consistency and following the spec was deemed more important in this case. Reviewed by (in concept): phk, bde
|
#
c1dc94ee |
|
06-Nov-1999 |
Matt Jacob <mjacob@FreeBSD.org> |
add in actual getenv_quad function
|
#
d1f088da |
|
11-Oct-1999 |
Peter Wemm <peter@FreeBSD.org> |
Trim unused options (or #ifdef for undoc options). Submitted by: phk
|
#
c3aac50f |
|
27-Aug-1999 |
Peter Wemm <peter@FreeBSD.org> |
$Id$ -> $FreeBSD$
|
#
697457a1 |
|
28-Jan-1999 |
Matthew Dillon <dillon@FreeBSD.org> |
Fix warnings related to -Wall -Wcast-qual
|
#
a06791bc |
|
27-Jan-1999 |
Matthew Dillon <dillon@FreeBSD.org> |
Fix getenv() comparison against '=' ... was *cp = '=' instead of *cp == '='.
|
#
2084f96c |
|
15-Jan-1999 |
Mike Smith <msmith@FreeBSD.org> |
Add getenv_int(), specifically for retrieving integer values from kernel environment variables. This makes it easy to pass tuning parameters in from the bootloader.
|
#
a8dad954 |
|
09-Oct-1998 |
Mike Smith <msmith@FreeBSD.org> |
Don't try to initialise the environment out of a sysinit, it's handled in MD code instead.
|
#
e4f570a2 |
|
09-Oct-1998 |
Jordan K. Hubbard <jkh@FreeBSD.org> |
Fix damaged comment.
|
#
6ba9413b |
|
08-Oct-1998 |
Mike Smith <msmith@FreeBSD.org> |
Kernel environment access, preloaded module lookup.
|