Date: Mon, 3 May 2004 18:22:27 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 52186 for review Message-ID: <200405040122.i441MRfN096047@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=52186 Change 52186 by rwatson@rwatson_tislabs on 2004/05/03 18:21:57 Integrate TrustedBSD base branch from FreeBSD CVS HEAD: Backout of FORCECONSPEED. Loop back inpcb lock assertions in raw_append() and udp_append() from trustedbsd_mac. Loop back mac_mbuf_to_label() fix for NULL tags from trustedbsd_mac. Loop back id(1) -M MAC label support from trustedbsd_mac. Affected files ... .. //depot/projects/trustedbsd/base/share/man/man4/sio.4#10 integrate .. //depot/projects/trustedbsd/base/sys/conf/NOTES#51 integrate .. //depot/projects/trustedbsd/base/sys/conf/options#51 integrate .. //depot/projects/trustedbsd/base/sys/dev/sio/sio.c#33 integrate .. //depot/projects/trustedbsd/base/sys/kern/kern_mac.c#55 integrate .. //depot/projects/trustedbsd/base/sys/netinet/raw_ip.c#26 integrate .. //depot/projects/trustedbsd/base/sys/netinet/udp_usrreq.c#27 integrate .. //depot/projects/trustedbsd/base/sys/security/mac/mac_net.c#8 integrate .. //depot/projects/trustedbsd/base/usr.bin/id/id.1#2 integrate .. //depot/projects/trustedbsd/base/usr.bin/id/id.c#6 integrate .. //depot/projects/trustedbsd/base/usr.sbin/watchdogd/watchdogd.c#5 integrate Differences ... ==== //depot/projects/trustedbsd/base/share/man/man4/sio.4#10 (text+ko) ==== @@ -34,7 +34,7 @@ .\" .\" from: @(#)dca.4 5.2 (Berkeley) 3/27/91 .\" from: com.4,v 1.1 1993/08/06 11:19:07 cgd Exp -.\" $FreeBSD: src/share/man/man4/sio.4,v 1.51 2004/04/30 21:16:52 ambrisko Exp $ +.\" $FreeBSD: src/share/man/man4/sio.4,v 1.52 2004/05/03 22:35:27 ambrisko Exp $ .\" .Dd July 10, 2002 .Dt SIO 4 @@ -178,8 +178,6 @@ PPS timestamping on CTS instead of DCD .It 0x20000 device is assumed to use a 16650A-type (extended FIFO) chip -.It 0x400000 -If no comconsole found then mark as a comconsole .El .Pp Minor numbering: ==== //depot/projects/trustedbsd/base/sys/conf/NOTES#51 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/conf/NOTES,v 1.1224 2004/05/03 21:18:55 pjd Exp $ +# $FreeBSD: src/sys/conf/NOTES,v 1.1225 2004/05/03 22:35:27 ambrisko Exp $ # # NOTES -- Lines that can be cut/pasted into kernel and hints configs. # @@ -1468,8 +1468,6 @@ options COM_MULTIPORT # Code for some cards with shared IRQs. options CONSPEED=115200 # Speed for serial console # (default 9600). -options FORCECONSPEED # no matter what use CONSPEED for - # console. # `flags' specific to sio(4). See below for flags used by both sio(4) and # uart(4). ==== //depot/projects/trustedbsd/base/sys/conf/options#51 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/sys/conf/options,v 1.448 2004/05/03 21:18:56 pjd Exp $ +# $FreeBSD: src/sys/conf/options,v 1.449 2004/05/03 22:35:27 ambrisko Exp $ # # On the handling of kernel options # @@ -522,7 +522,6 @@ # options for serial support COM_ESP opt_sio.h COM_MULTIPORT opt_sio.h -FORCECONSPEED opt_sio.h BREAK_TO_DEBUGGER opt_comconsole.h ALT_BREAK_TO_DEBUGGER opt_comconsole.h ==== //depot/projects/trustedbsd/base/sys/dev/sio/sio.c#33 (text+ko) ==== @@ -31,7 +31,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/dev/sio/sio.c,v 1.428 2004/04/30 21:16:52 ambrisko Exp $"); +__FBSDID("$FreeBSD: src/sys/dev/sio/sio.c,v 1.429 2004/05/03 22:35:28 ambrisko Exp $"); #include "opt_comconsole.h" #include "opt_compat.h" @@ -123,7 +123,6 @@ #define COM_PPSCTS(flags) ((flags) & 0x10000) #define COM_ST16650A(flags) ((flags) & 0x20000) #define COM_TI16754(flags) ((flags) & 0x200000) -#define COM_ALTCONSOLE(flags) ((flags) & 0x400000) #define sio_getreg(com, off) \ (bus_space_read_1((com)->bst, (com)->bsh, (off))) @@ -750,7 +749,7 @@ sio_setreg(com, com_cfcr, CFCR_8BITS); mtx_unlock_spin(&sio_lock); bus_release_resource(dev, SYS_RES_IOPORT, rid, port); - if (comconsole != -1 && iobase == siocniobase) + if (iobase == siocniobase) result = 0; if (result != 0) { device_set_softc(dev, NULL); @@ -796,7 +795,6 @@ mtx_unlock_spin(&sio_lock); - result = 0; irqs = irqmap[1] & ~irqmap[0]; if (bus_get_resource(idev, SYS_RES_IRQ, 0, &xirq, NULL) == 0 && ((1 << xirq) & irqs) == 0) { @@ -806,14 +804,14 @@ printf( "sio%d: port may not be enabled\n", device_get_unit(dev)); - result = ENXIO; } if (bootverbose) printf("sio%d: irq maps: %#x %#x %#x %#x\n", device_get_unit(dev), irqmap[0], irqmap[1], irqmap[2], irqmap[3]); - for (fn = 0; result == 0 && fn < sizeof failures; ++fn) + result = 0; + for (fn = 0; fn < sizeof failures; ++fn) if (failures[fn]) { sio_setreg(com, com_mcr, 0); result = ENXIO; @@ -828,7 +826,7 @@ break; } bus_release_resource(dev, SYS_RES_IOPORT, rid, port); - if (comconsole != -1 && iobase == siocniobase) + if (iobase == siocniobase) result = 0; if (result != 0) { device_set_softc(dev, NULL); @@ -2816,9 +2814,6 @@ u_char cfcr; cfcr = inb(iobase + com_cfcr); - outb(iobase + com_cfcr, 0x0e); - if (inb(iobase + com_cfcr) != 0x0e) - return (0); outb(iobase + com_cfcr, CFCR_DLAB | cfcr); dlbl = inb(iobase + com_dlbl); @@ -2831,12 +2826,7 @@ /* XXX there should be more sanity checking. */ if (divisor == 0) return (CONSPEED); - -#ifdef FORCECONSPEED - return (CONSPEED); -#else return (rclk / (16UL * divisor)); -#endif } #endif @@ -2917,7 +2907,7 @@ speed_t boot_speed; u_char cfcr; u_int divisor; - int s, unit, check_flags; + int s, unit; struct siocnstate sp; /* @@ -2936,42 +2926,28 @@ */ cp->cn_pri = CN_DEAD; - siocniobase = 0; - for(check_flags = 1; check_flags >= 0 && !siocniobase; check_flags--) { - for (unit = 0; unit < 16; unit++) { /* XXX need to know how - many */ - int flags; + for (unit = 0; unit < 16; unit++) { /* XXX need to know how many */ + int flags; + + if (resource_disabled("sio", unit)) + continue; + if (resource_int_value("sio", unit, "flags", &flags)) + continue; + if (COM_CONSOLE(flags) || COM_DEBUGGER(flags)) { + int port; + Port_t iobase; - if (resource_disabled("sio", unit)) + if (resource_int_value("sio", unit, "port", &port)) continue; - if (resource_int_value("sio", unit, "flags", &flags)) - continue; - - if (!check_flags && COM_ALTCONSOLE(flags) - && !siocniobase){ - flags |= 0x10; + iobase = port; + s = spltty(); + if (boothowto & RB_SERIAL) { + boot_speed = + siocngetspeed(iobase, comdefaultrclk); + if (boot_speed) + comdefaultrate = boot_speed; } - if (COM_CONSOLE(flags) || COM_DEBUGGER(flags)) { - int port; - Port_t iobase; - - if (resource_int_value("sio", unit, "port", - &port)) - continue; - iobase = port; - s = spltty(); - if (boothowto & RB_SERIAL) { - boot_speed = siocngetspeed(iobase, - comdefaultrclk); - if (boot_speed) - comdefaultrate = boot_speed; - else { - splx(s); - continue; - } - } - /* * Initialize the divisor latch. We can't rely on * siocnopen() to do this the first time, since it @@ -2981,37 +2957,34 @@ * need to set the speed in hardware so that * switching it later is null. */ - cfcr = inb(iobase + com_cfcr); - outb(iobase + com_cfcr, CFCR_DLAB | cfcr); - divisor = siodivisor(comdefaultrclk, comdefaultrate); - outb(iobase + com_dlbl, divisor & 0xff); - outb(iobase + com_dlbh, divisor >> 8); - outb(iobase + com_cfcr, cfcr); + cfcr = inb(iobase + com_cfcr); + outb(iobase + com_cfcr, CFCR_DLAB | cfcr); + divisor = siodivisor(comdefaultrclk, comdefaultrate); + outb(iobase + com_dlbl, divisor & 0xff); + outb(iobase + com_dlbh, divisor >> 8); + outb(iobase + com_cfcr, cfcr); - siocnopen(&sp, iobase, comdefaultrate); + siocnopen(&sp, iobase, comdefaultrate); - splx(s); - if (!siocniobase && COM_CONSOLE(flags) - && !COM_LLCONSOLE(flags)) { - siocnset(cp, unit); - cp->cn_pri = COM_FORCECONSOLE(flags) - || boothowto & RB_SERIAL - ? CN_REMOTE : CN_NORMAL; - siocniobase = iobase; - siocnunit = unit; - } - if (COM_DEBUGGER(flags)) { - printf("sio%d: gdb debugging port\n", - unit); - siogdbiobase = iobase; - siogdbunit = unit; + splx(s); + if (COM_CONSOLE(flags) && !COM_LLCONSOLE(flags)) { + siocnset(cp, unit); + cp->cn_pri = COM_FORCECONSOLE(flags) + || boothowto & RB_SERIAL + ? CN_REMOTE : CN_NORMAL; + siocniobase = iobase; + siocnunit = unit; + } + if (COM_DEBUGGER(flags)) { + printf("sio%d: gdb debugging port\n", unit); + siogdbiobase = iobase; + siogdbunit = unit; #if DDB > 0 - siocnset(&gdbconsdev, unit); - gdb_arg = &gdbconsdev; - gdb_getc = siocngetc; - gdb_putc = siocnputc; + siocnset(&gdbconsdev, unit); + gdb_arg = &gdbconsdev; + gdb_getc = siocngetc; + gdb_putc = siocnputc; #endif - } } } } ==== //depot/projects/trustedbsd/base/sys/kern/kern_mac.c#55 (text+ko) ==== @@ -42,7 +42,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/kern/kern_mac.c,v 1.111 2004/05/03 20:53:27 rwatson Exp $"); +__FBSDID("$FreeBSD: src/sys/kern/kern_mac.c,v 1.112 2004/05/03 22:54:46 rwatson Exp $"); #include "opt_mac.h" #include "opt_devfs.h" @@ -1231,4 +1231,4 @@ return (ENOSYS); } -#endif +#endif /* !MAC */ ==== //depot/projects/trustedbsd/base/sys/netinet/raw_ip.c#26 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)raw_ip.c 8.7 (Berkeley) 5/15/95 - * $FreeBSD: src/sys/netinet/raw_ip.c,v 1.130 2004/05/03 17:15:34 maxim Exp $ + * $FreeBSD: src/sys/netinet/raw_ip.c,v 1.131 2004/05/04 00:10:16 rwatson Exp $ */ #include "opt_inet6.h" @@ -142,6 +142,8 @@ { int policyfail = 0; + INP_LOCK_ASSERT(last); + #if defined(IPSEC) || defined(FAST_IPSEC) /* check AH/ESP integrity. */ if (ipsec4_in_reject(n, last)) { ==== //depot/projects/trustedbsd/base/sys/netinet/udp_usrreq.c#27 (text+ko) ==== @@ -27,7 +27,7 @@ * SUCH DAMAGE. * * @(#)udp_usrreq.c 8.6 (Berkeley) 5/23/95 - * $FreeBSD: src/sys/netinet/udp_usrreq.c,v 1.151 2004/04/07 20:46:14 imp Exp $ + * $FreeBSD: src/sys/netinet/udp_usrreq.c,v 1.152 2004/05/04 01:08:15 rwatson Exp $ */ #include "opt_ipsec.h" @@ -449,6 +449,8 @@ struct sockaddr *append_sa; struct mbuf *opts = 0; + INP_LOCK_ASSERT(last); + #if defined(IPSEC) || defined(FAST_IPSEC) /* check AH/ESP integrity. */ if (ipsec4_in_reject(n, last)) { ==== //depot/projects/trustedbsd/base/sys/security/mac/mac_net.c#8 (text+ko) ==== @@ -35,7 +35,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sys/security/mac/mac_net.c,v 1.114 2004/02/29 15:33:56 rwatson Exp $"); +__FBSDID("$FreeBSD: src/sys/security/mac/mac_net.c,v 1.115 2004/05/03 23:37:48 rwatson Exp $"); #include "opt_mac.h" @@ -89,9 +89,12 @@ struct m_tag *tag; struct label *label; + if (mbuf == NULL) + return (NULL); tag = m_tag_find(mbuf, PACKET_TAG_MACLABEL, NULL); + if (tag == NULL) + return (NULL); label = (struct label *)(tag+1); - return (label); } ==== //depot/projects/trustedbsd/base/usr.bin/id/id.1#2 (text+ko) ==== @@ -33,7 +33,7 @@ .\" SUCH DAMAGE. .\" .\" @(#)id.1 8.1 (Berkeley) 6/6/93 -.\" $FreeBSD: src/usr.bin/id/id.1,v 1.11 2001/08/15 09:09:41 ru Exp $ +.\" $FreeBSD: src/usr.bin/id/id.1,v 1.12 2004/05/03 22:50:23 rwatson Exp $ .\" .Dd June 6, 1993 .Dt ID 1 @@ -48,6 +48,8 @@ .Fl G Op Fl n .Op Ar user .Nm +.Fl M +.Nm .Fl P .Op Ar user .Nm @@ -78,6 +80,8 @@ .It Fl G Display the different group IDs (effective, real and supplementary) as white-space separated numbers, in no particular order. +.It Fl M +Display the MAC label of the current prorcess. .It Fl P Display the id as a password file entry. .It Fl g ==== //depot/projects/trustedbsd/base/usr.bin/id/id.c#6 (text+ko) ==== @@ -43,11 +43,13 @@ #endif #endif /* not lint */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/usr.bin/id/id.c,v 1.19 2002/09/04 23:29:02 dwmalone Exp $"); +__FBSDID("$FreeBSD: src/usr.bin/id/id.c,v 1.20 2004/05/03 22:50:23 rwatson Exp $"); #include <sys/param.h> +#include <sys/mac.h> #include <err.h> +#include <errno.h> #include <grp.h> #include <pwd.h> #include <stdio.h> @@ -59,6 +61,7 @@ void pline(struct passwd *); void pretty(struct passwd *); void group(struct passwd *, int); +void maclabel(void); void usage(void); void user(struct passwd *); struct passwd * @@ -71,10 +74,10 @@ { struct group *gr; struct passwd *pw; - int Gflag, Pflag, ch, gflag, id, nflag, pflag, rflag, uflag; + int Gflag, Mflag, Pflag, ch, gflag, id, nflag, pflag, rflag, uflag; const char *myname; - Gflag = Pflag = gflag = nflag = pflag = rflag = uflag = 0; + Gflag = Mflag = Pflag = gflag = nflag = pflag = rflag = uflag = 0; myname = strrchr(argv[0], '/'); myname = (myname != NULL) ? myname + 1 : argv[0]; @@ -88,11 +91,14 @@ } while ((ch = getopt(argc, argv, - (isgroups || iswhoami) ? "" : "PGgnpru")) != -1) + (isgroups || iswhoami) ? "" : "PGMgnpru")) != -1) switch(ch) { case 'G': Gflag = 1; break; + case 'M': + Mflag = 1; + break; case 'P': Pflag = 1; break; @@ -134,6 +140,9 @@ pw = *argv ? who(*argv) : NULL; + if (Mflag && pw != NULL) + usage(); + if (gflag) { id = pw ? pw->pw_gid : rflag ? getgid() : getegid(); if (nflag && (gr = getgrgid(id))) @@ -157,6 +166,11 @@ exit(0); } + if (Mflag) { + maclabel(); + exit(0); + } + if (Pflag) { pline(pw); exit(0); @@ -317,6 +331,30 @@ (void)printf("\n"); } +void +maclabel(void) +{ + char *string; + mac_t label; + int error; + + error = mac_prepare_process_label(&label); + if (error == -1) + errx(1, "mac_prepare_type: %s", strerror(errno)); + + error = mac_get_proc(label); + if (error == -1) + errx(1, "mac_get_proc: %s", strerror(errno)); + + error = mac_to_text(label, &string); + if (error == -1) + errx(1, "mac_to_text: %s", strerror(errno)); + + (void)printf("%s\n", string); + mac_free(label); + free(string); +} + struct passwd * who(char *u) { @@ -366,6 +404,7 @@ (void)fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n", "usage: id [user]", " id -G [-n] [user]", + " id -M", " id -P [user]", " id -g [-nr] [user]", " id -p [user]", ==== //depot/projects/trustedbsd/base/usr.sbin/watchdogd/watchdogd.c#5 (text+ko) ==== @@ -1,5 +1,5 @@ /* - * Copyright (c) 2003 Sean M. Kelly <smkelly@FreeBSD.org> + * Copyright (c) 2003-2004 Sean M. Kelly <smkelly@FreeBSD.org> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -29,7 +29,7 @@ */ #include <sys/types.h> -__FBSDID("$FreeBSD: src/usr.sbin/watchdogd/watchdogd.c,v 1.6 2004/04/28 07:35:03 smkelly Exp $"); +__FBSDID("$FreeBSD: src/usr.sbin/watchdogd/watchdogd.c,v 1.7 2004/05/03 21:41:02 smkelly Exp $"); #include <sys/rtprio.h> #include <sys/stat.h>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200405040122.i441MRfN096047>