PERFORCE change 42079 for review

Robert Watson rwatson at FreeBSD.org
Wed Nov 12 03:23:12 GMT 2003


http://perforce.freebsd.org/chv.cgi?CH=42079

Change 42079 by rwatson at rwatson_tislabs on 2003/11/11 19:22:55

	Integ TrustedBSD base branch from FreeBSD vendor branch: bring
	in VFS mount changes, turnstiles, and loop back MAC
	(struct label) -> (struct label *) changes which I just
	merged.

Affected files ...

.. //depot/projects/trustedbsd/base/release/doc/en_US.ISO8859-1/hardware/common/dev.sgml#47 integrate
.. //depot/projects/trustedbsd/base/sbin/init/init.8#8 integrate
.. //depot/projects/trustedbsd/base/share/man/man4/Makefile#40 integrate
.. //depot/projects/trustedbsd/base/share/man/man4/ddb.4#5 integrate
.. //depot/projects/trustedbsd/base/share/man/man4/inet.4#8 integrate
.. //depot/projects/trustedbsd/base/share/man/man4/intro.4#9 integrate
.. //depot/projects/trustedbsd/base/share/man/man4/ips.4#1 branch
.. //depot/projects/trustedbsd/base/share/man/man4/man4.i386/lnc.4#2 integrate
.. //depot/projects/trustedbsd/base/share/man/man4/man4.i386/svr4.4#5 integrate
.. //depot/projects/trustedbsd/base/sys/amd64/amd64/autoconf.c#3 integrate
.. //depot/projects/trustedbsd/base/sys/conf/files#67 integrate
.. //depot/projects/trustedbsd/base/sys/dev/sound/pcm/ac97.c#16 integrate
.. //depot/projects/trustedbsd/base/sys/dev/usb/ohci.c#23 integrate
.. //depot/projects/trustedbsd/base/sys/fs/devfs/devfs.h#9 integrate
.. //depot/projects/trustedbsd/base/sys/i386/i386/mptable.c#2 integrate
.. //depot/projects/trustedbsd/base/sys/ia64/ia64/interrupt.c#18 integrate
.. //depot/projects/trustedbsd/base/sys/ia64/ia64/machdep.c#44 integrate
.. //depot/projects/trustedbsd/base/sys/ia64/ia64/trap.c#26 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_exec.c#40 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_mac.c#51 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_mutex.c#29 integrate
.. //depot/projects/trustedbsd/base/sys/kern/kern_thread.c#33 integrate
.. //depot/projects/trustedbsd/base/sys/kern/subr_turnstile.c#1 branch
.. //depot/projects/trustedbsd/base/sys/kern/subr_witness.c#42 integrate
.. //depot/projects/trustedbsd/base/sys/kern/vfs_mount.c#23 integrate
.. //depot/projects/trustedbsd/base/sys/net/bpfdesc.h#7 integrate
.. //depot/projects/trustedbsd/base/sys/net/if_var.h#17 integrate
.. //depot/projects/trustedbsd/base/sys/netinet/ip_var.h#17 integrate
.. //depot/projects/trustedbsd/base/sys/nfsclient/nfs_vfsops.c#26 integrate
.. //depot/projects/trustedbsd/base/sys/pci/agp.c#15 integrate
.. //depot/projects/trustedbsd/base/sys/pci/agp_ali.c#7 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac/mac_internal.h#3 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac/mac_label.c#1 branch
.. //depot/projects/trustedbsd/base/sys/security/mac/mac_net.c#3 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac/mac_pipe.c#3 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac/mac_process.c#3 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac/mac_system.c#2 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac/mac_vfs.c#3 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_biba/mac_biba.c#35 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_lomac/mac_lomac.c#15 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_mls/mac_mls.c#32 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_partition/mac_partition.c#7 integrate
.. //depot/projects/trustedbsd/base/sys/security/mac_test/mac_test.c#24 integrate
.. //depot/projects/trustedbsd/base/sys/sys/_mutex.h#7 integrate
.. //depot/projects/trustedbsd/base/sys/sys/filedesc.h#16 integrate
.. //depot/projects/trustedbsd/base/sys/sys/mac.h#34 integrate
.. //depot/projects/trustedbsd/base/sys/sys/mount.h#20 integrate
.. //depot/projects/trustedbsd/base/sys/sys/pipe.h#7 integrate
.. //depot/projects/trustedbsd/base/sys/sys/proc.h#50 integrate
.. //depot/projects/trustedbsd/base/sys/sys/socketvar.h#30 integrate
.. //depot/projects/trustedbsd/base/sys/sys/turnstile.h#1 branch
.. //depot/projects/trustedbsd/base/sys/sys/ucred.h#13 integrate
.. //depot/projects/trustedbsd/base/sys/sys/vnode.h#41 integrate

Differences ...

==== //depot/projects/trustedbsd/base/release/doc/en_US.ISO8859-1/hardware/common/dev.sgml#47 (text+ko) ====

@@ -29,7 +29,7 @@
 
 <sect1 id="support">
   <sect1info>
-    <pubdate>$FreeBSD: src/release/doc/en_US.ISO8859-1/hardware/common/dev.sgml,v 1.196 2003/11/09 23:42:51 bmah Exp $</pubdate>
+    <pubdate>$FreeBSD: src/release/doc/en_US.ISO8859-1/hardware/common/dev.sgml,v 1.197 2003/11/11 19:20:13 trhodes Exp $</pubdate>
   </sect1info>
 
   <title>Supported Devices</title>
@@ -430,7 +430,7 @@
     driver)
     </para>
 
-    <para arch="i386">IBM / Adaptec ServeRAID series (ips driver)</para>
+    <para arch="i386">IBM / Adaptec ServeRAID series (&man.ips.4; driver)</para>
 
     <para arch="i386,alpha,pc98,sparc64,ia64">LSI Logic Fusion/MP
 	architecture Fiber Channel controllers (&man.mpt.4; driver)</para>

==== //depot/projects/trustedbsd/base/sbin/init/init.8#8 (text+ko) ====

@@ -33,7 +33,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     @(#)init.8	8.3 (Berkeley) 4/18/94
-.\" $FreeBSD: src/sbin/init/init.8,v 1.39 2003/06/08 12:50:49 charnier Exp $
+.\" $FreeBSD: src/sbin/init/init.8,v 1.40 2003/11/11 18:37:50 kensmith Exp $
 .\"
 .Dd April 18, 1994
 .Dt INIT 8
@@ -151,9 +151,24 @@
 using
 .Xr sysctl 8
 to set the
-.Dq kern.securelevel
+.Va kern.securelevel
 variable to the required security level.
 .Pp
+If
+.Nm
+is run in a jail the security level of the
+.Dq host system
+will not be effected.
+Part of the information set up in the kernel to support a jail
+is a per-jail
+.Dq securelevel
+setting.
+This allows running a higher security level inside of a jail
+than that of the host system.
+See
+.Xr jail 8
+for more information about jails.
+.Pp
 In multi-user operation,
 .Nm
 maintains
@@ -383,6 +398,7 @@
 .Xr getty 8 ,
 .Xr halt 8 ,
 .Xr ipfw 8 ,
+.Xr jail 8 ,
 .Xr rc 8 ,
 .Xr reboot 8 ,
 .Xr shutdown 8 ,

==== //depot/projects/trustedbsd/base/share/man/man4/Makefile#40 (text+ko) ====

@@ -1,5 +1,5 @@
 #	@(#)Makefile	8.1 (Berkeley) 6/18/93
-# $FreeBSD: src/share/man/man4/Makefile,v 1.238 2003/11/10 21:26:52 hmp Exp $
+# $FreeBSD: src/share/man/man4/Makefile,v 1.239 2003/11/11 18:48:02 trhodes Exp $
 
 MAN=	aac.4 \
 	acpi.4 \
@@ -96,6 +96,7 @@
 	ip.4 \
 	ip6.4 \
 	ipfirewall.4 \
+	ips.4 \
 	ipsec.4 \
 	isp.4 \
 	ispfw.4 \

==== //depot/projects/trustedbsd/base/share/man/man4/ddb.4#5 (text+ko) ====

@@ -57,7 +57,7 @@
 .\" 	Created.
 .\" 	[90/08/30            dbg]
 .\"
-.\" $FreeBSD: src/share/man/man4/ddb.4,v 1.23 2003/10/14 02:47:23 imp Exp $
+.\" $FreeBSD: src/share/man/man4/ddb.4,v 1.24 2003/11/12 02:35:20 hmp Exp $
 .Dd January 16, 1996
 .Dt DDB 4
 .Os
@@ -312,7 +312,8 @@
 point at the low-level code paths may also cause strange behavior.
 .It Cm delete Ar addr
 .It Cm delete Li \&# Ns Ar number
-Delete the break point.  The target break point can be specified by a
+Delete the break point.
+The target break point can be specified by a
 break point number with
 .Li # ,
 or by using the same
@@ -520,7 +521,10 @@
 .It Li maxwidth
 The width of the displayed line.
 .It Li lines
-The number of lines.  It is used by "more" feature.
+The number of lines.
+It is used by
+.Dq more
+feature.
 .It Li tabstops
 Tab stop width.
 .It Li work Ns Ar xx
@@ -583,7 +587,8 @@
 a binary operator which rounds up the left hand side to the next
 multiple of right hand side.
 .It Li \&* Ns Em expr
-indirection.  It may be followed by a
+indirection.
+It may be followed by a
 .Sq Li :
 and modifiers as described above.
 .El

==== //depot/projects/trustedbsd/base/share/man/man4/inet.4#8 (text+ko) ====

@@ -30,7 +30,7 @@
 .\" SUCH DAMAGE.
 .\"
 .\"     From: @(#)inet.4	8.1 (Berkeley) 6/5/93
-.\" $FreeBSD: src/share/man/man4/inet.4,v 1.25 2003/10/14 02:59:13 imp Exp $
+.\" $FreeBSD: src/share/man/man4/inet.4,v 1.26 2003/11/12 02:35:20 hmp Exp $
 .\"
 .Dd February 14, 1995
 .Dt INET 4
@@ -297,7 +297,8 @@
 .Re
 .Sh CAVEAT
 The Internet protocol support is subject to change as
-the Internet protocols develop.  Users should not depend
+the Internet protocols develop.
+Users should not depend
 on details of the current implementation, but rather
 the services exported.
 .Sh HISTORY

==== //depot/projects/trustedbsd/base/share/man/man4/intro.4#9 (text+ko) ====

@@ -23,7 +23,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $FreeBSD: src/share/man/man4/intro.4,v 1.27 2003/06/28 23:53:37 ru Exp $
+.\" $FreeBSD: src/share/man/man4/intro.4,v 1.28 2003/11/12 02:35:20 hmp Exp $
 .\"
 .Dd January 20, 1996
 .Dt INTRO 4
@@ -149,8 +149,8 @@
 .Xr config 8
 for a detailed description of the files involved.
 The individual manual pages in this section provide a sample line for the
-configuration file in their synopsis portion.  See also the sample
-config file
+configuration file in their synopsis portion.
+See also the sample config file
 .Pa /sys/i386/conf/LINT
 (for the
 .Em i386

==== //depot/projects/trustedbsd/base/share/man/man4/man4.i386/lnc.4#2 (text+ko) ====

@@ -23,7 +23,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $FreeBSD: src/share/man/man4/man4.i386/lnc.4,v 1.20 2001/10/13 09:08:37 yokota Exp $
+.\" $FreeBSD: src/share/man/man4/man4.i386/lnc.4,v 1.21 2003/11/12 02:35:20 hmp Exp $
 .\"
 .Dd January 19, 1997
 .Dt LNC 4 i386
@@ -68,20 +68,24 @@
 .Sh DIAGNOSTICS
 .Bl -diag
 .It "lnc%d: Framing error"
-A framing error occurred.  This means a CRC error also occurred.
+A framing error occurred.
+This means a CRC error also occurred.
 This caused the driver to drop the packet that contained the framing error.
 .It "lnc%d: Receive CRC error
 The received Ethernet frame failed the CRC checksum.
 This caused the driver to drop the packet that failed the checksum.
 .It "lnc%d: Packet dropped, no mbufs"
-The driver ran out of mbuf's.  This may suggest a resource problem.
+The driver ran out of mbuf's.
+This may suggest a resource problem.
 .It "lnc%d: Couldn't allocate memory for NIC"
-This is a fatal error.  The driver will not attach to the card under this
+This is a fatal error.
+The driver will not attach to the card under this
 circumstance.
 .It "lnc%d: Memory allocated above 16Mb limit"
 ISA and ESIA cards require bounce buffers for DMA transfers above 16mb.
 The Am7990 and Am79C960 only have 24 address lines and so can only access
-the lower 16Mb of physical memory.  The
+the lower 16Mb of physical memory.
+The
 .Nm
 driver assumes the memory it allocates is within the lower 16Mb range.
 This is not a very valid assumption but there's nothing that can be done
@@ -89,7 +93,8 @@
 For shared memory NICs this isn't relevant.
 .It "lnc%d: Device timeout -- Resetting"
 The device has stopped responding to the network, or there is a problem with
-the network connection (cable).   Make sure the network connection in use
+the network connection (cable).
+Make sure the network connection in use
 is the same one the card is configured for.
 .It "lnc%d: Transmit late collision  -- Net error?"
 .It "lnc%d: Loss of carrier during transmit -- Net error?"

==== //depot/projects/trustedbsd/base/share/man/man4/man4.i386/svr4.4#5 (text+ko) ====

@@ -22,7 +22,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.\" $FreeBSD: src/share/man/man4/man4.i386/svr4.4,v 1.9 2003/10/28 05:22:19 tjr Exp $
+.\" $FreeBSD: src/share/man/man4/man4.i386/svr4.4,v 1.10 2003/11/12 02:35:20 hmp Exp $
 .Dd October 28, 2003
 .Dt SVR4 4 i386
 .Os
@@ -141,7 +141,9 @@
 .Pa /compat/svr4/dev .
 Internally, the
 .Xr streams 4
-driver produces a socket descriptor and "tags" it with additional STREAMS
+driver produces a socket descriptor and
+.Dq tags
+it with additional STREAMS
 state information before returning it to the client application.
 The
 .Nm
@@ -177,9 +179,11 @@
 .Pp
 Extensive testing has only really been carried out with Solaris 2.x binaries,
 with anecdotal reports of limited success coming from testers with
-early-revision SCO media.  In theory, the basic SVR4 ABI should be constant
+early-revision SCO media.
+In theory, the basic SVR4 ABI should be constant
 across the set of vendors who produce SVR4 operating systems, but in
-practice that's probably not the case.  If necessary, future work can
+practice that's probably not the case.
+If necessary, future work can
 either implement additional
 .Xr kld 4
 modules which produce functionality which contains OS-dependent
@@ -187,7 +191,9 @@
 ABI implementation.
 Alternatively,
 .Xr sysctl 8
-variables could set the "personality" the environment should present to
+variables could set the
+.Dq personality
+the environment should present to
 client applications.
 .Sh FILES
 .Bl -tag -width /sys/compat/svr4/syscalls.master -compact

==== //depot/projects/trustedbsd/base/sys/amd64/amd64/autoconf.c#3 (text+ko) ====

@@ -37,7 +37,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/amd64/amd64/autoconf.c,v 1.174 2003/07/25 21:15:44 obrien Exp $");
+__FBSDID("$FreeBSD: src/sys/amd64/amd64/autoconf.c,v 1.175 2003/11/12 01:49:49 peter Exp $");
 
 /*
  * Setup the system to run on the current machine.
@@ -155,6 +155,8 @@
 {
 
 	cninit_finish(); 
+	if (bootverbose)
+		printf("Device configuration finished.\n");
 	cold = 0;
 }
 

==== //depot/projects/trustedbsd/base/sys/conf/files#67 (text+ko) ====

@@ -1,4 +1,4 @@
-# $FreeBSD: src/sys/conf/files,v 1.847 2003/11/11 18:58:53 ume Exp $
+# $FreeBSD: src/sys/conf/files,v 1.849 2003/11/12 03:14:28 rwatson Exp $
 #
 # The long compile-with and dependency lines are required because of
 # limitations in config: backslash-newline doesn't work in strings, and
@@ -1154,6 +1154,7 @@
 kern/subr_smp.c		optional smp
 kern/subr_taskqueue.c	standard
 kern/subr_trap.c	standard
+kern/subr_turnstile.c	standard
 kern/subr_witness.c	optional witness
 kern/sys_generic.c	standard
 kern/sys_pipe.c		standard
@@ -1617,6 +1618,7 @@
 posix4/p1003_1b.c	standard
 posix4/posix4_mib.c	standard
 kern/uipc_sem.c		optional p1003_1b_semaphores
+security/mac/mac_label.c	optional mac
 security/mac/mac_net.c		optional mac
 security/mac/mac_pipe.c		optional mac
 security/mac/mac_process.c	optional mac

==== //depot/projects/trustedbsd/base/sys/dev/sound/pcm/ac97.c#16 (text+ko) ====

@@ -30,7 +30,7 @@
 
 #include "mixer_if.h"
 
-SND_DECLARE_FILE("$FreeBSD: src/sys/dev/sound/pcm/ac97.c,v 1.48 2003/10/12 11:51:24 des Exp $");
+SND_DECLARE_FILE("$FreeBSD: src/sys/dev/sound/pcm/ac97.c,v 1.49 2003/11/11 22:15:17 kuriyama Exp $");
 
 MALLOC_DEFINE(M_AC97, "ac97", "ac97 codec");
 
@@ -138,6 +138,7 @@
 	{ 0x414c4740, 0x0f, 0, "ALC202", 	0 },
 	{ 0x414c4720, 0x0f, 0, "ALC650", 	0 },
 	{ 0x414c4760, 0x0f, 0, "ALC655",	0 },
+	{ 0x414c4780, 0x0f, 0, "ALC658",	0 },
 	{ 0x43525900, 0x07, 0, "CS4297", 	0 },
 	{ 0x43525910, 0x07, 0, "CS4297A", 	0 },
 	{ 0x43525920, 0x07, 0, "CS4294/98",	0 },

==== //depot/projects/trustedbsd/base/sys/dev/usb/ohci.c#23 (text+ko) ====

@@ -8,7 +8,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/dev/usb/ohci.c,v 1.137 2003/11/10 00:20:52 joe Exp $");
+__FBSDID("$FreeBSD: src/sys/dev/usb/ohci.c,v 1.138 2003/11/12 01:40:11 joe Exp $");
 
 /*
  * Copyright (c) 1998 The NetBSD Foundation, Inc.
@@ -1475,7 +1475,7 @@
 			printf("ohci_softintr: sitd=%p is done\n", sitd);
 		sitd->isdone = 1;
 #endif
-		struct ohci_pipe *opipe = (struct ohci_pipe *)xfer->pipe;
+		opipe = (struct ohci_pipe *)xfer->pipe;
 		if (opipe->aborting)
 			continue;
  

==== //depot/projects/trustedbsd/base/sys/fs/devfs/devfs.h#9 (text+ko) ====

@@ -33,7 +33,7 @@
  *	@(#)kernfs.h	8.6 (Berkeley) 3/29/95
  * From: FreeBSD: src/sys/miscfs/kernfs/kernfs.h 1.14
  *
- * $FreeBSD: src/sys/fs/devfs/devfs.h,v 1.17 2002/12/09 03:44:27 rwatson Exp $
+ * $FreeBSD: src/sys/fs/devfs/devfs.h,v 1.18 2003/11/12 03:14:29 rwatson Exp $
  */
 
 #ifndef _FS_DEVFS_DEVFS_H_
@@ -159,7 +159,7 @@
 	mode_t	de_mode;
 	uid_t	de_uid;
 	gid_t	de_gid;
-	struct label	de_label;
+	struct label	*de_label;
 	struct timespec de_atime;
 	struct timespec de_mtime;
 	struct timespec de_ctime;

==== //depot/projects/trustedbsd/base/sys/i386/i386/mptable.c#2 (text+ko) ====

@@ -25,7 +25,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/i386/i386/mptable.c,v 1.224 2003/11/11 17:14:26 jhb Exp $");
+__FBSDID("$FreeBSD: src/sys/i386/i386/mptable.c,v 1.225 2003/11/11 21:19:43 jhb Exp $");
 
 #include "opt_mptable_force_htt.h"
 #include <sys/param.h>
@@ -893,6 +893,8 @@
 		return (EINVAL);
 	if (pci0 == -1 || pci0 + bus > mptable_maxbusid)
 		return (ENXIO);
+	if (busses[pci0 + bus].bus_type != PCI)
+		return (ENXIO);
 	args.bus = pci0 + bus;
 	args.found = 0;
 	mptable_walk_table(mptable_pci_probe_table_handler, &args);

==== //depot/projects/trustedbsd/base/sys/ia64/ia64/interrupt.c#18 (text+ko) ====

@@ -1,4 +1,4 @@
-/* $FreeBSD: src/sys/ia64/ia64/interrupt.c,v 1.41 2003/09/10 22:49:38 marcel Exp $ */
+/* $FreeBSD: src/sys/ia64/ia64/interrupt.c,v 1.42 2003/11/12 01:26:02 marcel Exp $ */
 /* $NetBSD: interrupt.c,v 1.23 1998/02/24 07:38:01 thorpej Exp $ */
 
 /*
@@ -200,8 +200,12 @@
 		asts[PCPU_GET(cpuid)]++;
 		CTR1(KTR_SMP, "IPI_AST, cpuid=%d", PCPU_GET(cpuid));
 	} else if (vector == ipi_vector[IPI_HIGH_FP]) {
-		if (PCPU_GET(fpcurthread) != NULL)
-			ia64_highfp_save(PCPU_GET(fpcurthread));
+		struct thread *thr = PCPU_GET(fpcurthread);
+		if (thr != NULL) {
+			save_high_fp(&thr->td_pcb->pcb_high_fp);
+			thr->td_pcb->pcb_fpcpu = NULL;
+			PCPU_SET(fpcurthread, NULL);
+		}
 	} else if (vector == ipi_vector[IPI_RENDEZVOUS]) {
 		rdvs[PCPU_GET(cpuid)]++;
 		CTR1(KTR_SMP, "IPI_RENDEZVOUS, cpuid=%d", PCPU_GET(cpuid));

==== //depot/projects/trustedbsd/base/sys/ia64/ia64/machdep.c#44 (text+ko) ====

@@ -23,7 +23,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $FreeBSD: src/sys/ia64/ia64/machdep.c,v 1.168 2003/11/11 09:53:37 marcel Exp $
+ * $FreeBSD: src/sys/ia64/ia64/machdep.c,v 1.169 2003/11/12 01:26:02 marcel Exp $
  */
 
 #include "opt_compat.h"
@@ -311,6 +311,8 @@
 #if IA32
 	ia32_savectx(oldpcb);
 #endif
+	if (PCPU_GET(fpcurthread) == old)
+		old->td_frame->tf_special.psr |= IA64_PSR_DFH;
 	if (!savectx(oldpcb)) {
 		newpcb = new->td_pcb;
 		oldpcb->pcb_current_pmap =
@@ -319,6 +321,8 @@
 #if IA32
 		ia32_restorectx(newpcb);
 #endif
+		if (PCPU_GET(fpcurthread) == new)
+			new->td_frame->tf_special.psr &= ~IA64_PSR_DFH;
 		restorectx(newpcb);
 		/* We should not get here. */
 		panic("cpu_switch: restorectx() returned");

==== //depot/projects/trustedbsd/base/sys/ia64/ia64/trap.c#26 (text+ko) ====

@@ -29,7 +29,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/ia64/ia64/trap.c,v 1.93 2003/10/28 19:38:26 marcel Exp $");
+__FBSDID("$FreeBSD: src/sys/ia64/ia64/trap.c,v 1.94 2003/11/12 01:26:02 marcel Exp $");
 
 #include "opt_ddb.h"
 #include "opt_ktrace.h"
@@ -570,81 +570,54 @@
 		if (!user)
 			trap_panic(vector, framep);
 
+		critical_enter();
+		thr = PCPU_GET(fpcurthread);
+		if (thr == td) {
+			/*
+			 * Short-circuit handling the trap when this CPU
+			 * already holds the high FP registers for this
+			 * thread.  We really shouldn't get the trap in the
+			 * first place, but since it's only a performance
+			 * issue and not a correctness issue, we emit a
+			 * message for now, enable the high FP registers and
+			 * return.
+			 */
+			printf("XXX: bogusly disabled high FP regs\n");
+			framep->tf_special.psr &= ~IA64_PSR_DFH;
+			critical_exit();
+			goto out;
+		} else if (thr != NULL) {
+			pcb = thr->td_pcb;
+			save_high_fp(&pcb->pcb_high_fp);
+			pcb->pcb_fpcpu = NULL;
+			PCPU_SET(fpcurthread, NULL);
+			thr = NULL;
+		}
+
 		pcb = td->td_pcb;
 		pcpu = pcb->pcb_fpcpu;
 
-#if 0
-		printf("XXX: td %p: highfp on cpu %p\n", td, pcpu);
-#endif
-
-		/*
-		 * The pcpu variable holds the address of the per-CPU
-		 * structure of the CPU currently holding this threads
-		 * high FP registers (or NULL if no CPU holds these
-		 * registers). We have to interrupt that CPU and wait
-		 * for it to have saved the registers.
-		 */
+#ifdef SMP
 		if (pcpu != NULL) {
-			thr = pcpu->pc_fpcurthread;
-			KASSERT(thr == td, ("High FP state out of sync"));
-
-			if (pcpu == pcpup) {
-				/*
-				 * Short-circuit handling the trap when this
-				 * CPU already holds the high FP registers for
-				 * this thread. We really shouldn't get the
-				 * trap in the first place, but since it's
-				 * only a performance issue and not a
-				 * correctness issue, we emit a message for
-				 * now, enable the high FP registers and
-				 * return.
-				 */
-				printf("XXX: bogusly disabled high FP regs\n");
-				framep->tf_special.psr &= ~IA64_PSR_DFH;
-				goto out;
-			}
-#ifdef SMP
-			/*
-			 * Interrupt the other CPU so that it saves the high
-			 * FP registers of this thread. Note that this can
-			 * only happen for the SMP case.
-			 */
 			ipi_send(pcpu->pc_lid, IPI_HIGH_FP);
-#endif
-#ifdef DIAGNOSTICS
-		} else {
-			KASSERT(PCPU_GET(fpcurthread) != td,
-			    ("High FP state out of sync"));
-#endif
+			critical_exit();
+			while (pcb->pcb_fpcpu != pcpu)
+				DELAY(100);
+			critical_enter();
+			pcpu = pcb->pcb_fpcpu;
+			thr = PCPU_GET(fpcurthread);
 		}
-
-		thr = PCPU_GET(fpcurthread);
-
-#if 0
-		printf("XXX: cpu %p: highfp belongs to td %p\n", pcpup, thr);
 #endif
 
-		/*
-		 * The thr variable holds the thread that owns the high FP
-		 * registers currently on this CPU. Free this CPU so that
-		 * we can load the current threads high FP registers.
-		 */
-		if (thr != NULL) {
-			KASSERT(thr != td, ("High FP state out of sync"));
-			pcb = thr->td_pcb;
-			KASSERT(pcb->pcb_fpcpu == pcpup,
-			    ("High FP state out of sync"));
-			ia64_highfp_save(thr);
+		if (thr == NULL && pcpu == NULL) {
+			restore_high_fp(&pcb->pcb_high_fp);
+			PCPU_SET(fpcurthread, td);
+			pcb->pcb_fpcpu = pcpup;
+			framep->tf_special.psr &= ~IA64_PSR_MFH;
+			framep->tf_special.psr &= ~IA64_PSR_DFH;
 		}
 
-		/*
-		 * Wait for the other CPU to have saved out high FP
-		 * registers (if applicable).
-		 */
-		while (pcpu && pcpu->pc_fpcurthread == td);
-
-		ia64_highfp_load(td);
-		framep->tf_special.psr &= ~IA64_PSR_DFH;
+		critical_exit();
 		goto out;
 	}
 

==== //depot/projects/trustedbsd/base/sys/kern/kern_exec.c#40 (text+ko) ====

@@ -25,7 +25,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_exec.c,v 1.231 2003/10/21 01:13:49 marcel Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_exec.c,v 1.232 2003/11/12 03:14:29 rwatson Exp $");
 
 #include "opt_ktrace.h"
 #include "opt_mac.h"
@@ -167,9 +167,8 @@
 	int credential_changing;
 	int textset;
 #ifdef MAC
-	struct label interplabel;	/* label of the interpreted vnode */
-	struct label execlabel;		/* optional label argument */
-	int will_transition, interplabelvalid = 0;
+	struct label *interplabel = NULL;
+	int will_transition;
 #endif
 
 	imgp = &image_params;
@@ -222,7 +221,7 @@
 	imgp->auxarg_size = 0;
 
 #ifdef MAC
-	error = mac_execve_enter(imgp, mac_p, &execlabel);
+	error = mac_execve_enter(imgp, mac_p);
 	if (error) {
 		mtx_lock(&Giant);
 		goto exec_fail;
@@ -336,9 +335,8 @@
 		/* free name buffer and old vnode */
 		NDFREE(ndp, NDF_ONLY_PNBUF);
 #ifdef MAC
-		mac_init_vnode_label(&interplabel);
-		mac_copy_vnode_label(&ndp->ni_vp->v_label, &interplabel);
-		interplabelvalid = 1;
+		interplabel = mac_vnode_label_alloc();
+		mac_copy_vnode_label(ndp->ni_vp->v_label, interplabel);
 #endif
 		vput(ndp->ni_vp);
 		vm_object_deallocate(imgp->object);
@@ -452,7 +450,7 @@
 	    attr.va_gid;
 #ifdef MAC
 	will_transition = mac_execve_will_transition(oldcred, imgp->vp,
-	    interplabelvalid ? &interplabel : NULL, imgp);
+	    interplabel, imgp);
 	credential_changing |= will_transition;
 #endif
 
@@ -502,7 +500,7 @@
 #ifdef MAC
 		if (will_transition) {
 			mac_execve_transition(oldcred, newcred, imgp->vp,
-			    interplabelvalid ? &interplabel : NULL, imgp);
+			    interplabel, imgp);
 		}
 #endif
 		/*
@@ -654,8 +652,8 @@
 		/* sorry, no more process anymore. exit gracefully */
 #ifdef MAC
 		mac_execve_exit(imgp);
-		if (interplabelvalid)
-			mac_destroy_vnode_label(&interplabel);
+		if (interplabel != NULL)
+			mac_vnode_label_free(interplabel);
 #endif
 		exit1(td, W_EXITCODE(0, SIGABRT));
 		/* NOT REACHED */
@@ -664,8 +662,8 @@
 done2:
 #ifdef MAC
 	mac_execve_exit(imgp);
-	if (interplabelvalid)
-		mac_destroy_vnode_label(&interplabel);
+	if (interplabel != NULL)
+		mac_vnode_label_free(interplabel);
 #endif
 	mtx_unlock(&Giant);
 	return (error);

==== //depot/projects/trustedbsd/base/sys/kern/kern_mac.c#51 (text+ko) ====

@@ -42,7 +42,7 @@
  */
 
 #include <sys/cdefs.h>
-__FBSDID("$FreeBSD: src/sys/kern/kern_mac.c,v 1.104 2003/11/11 03:40:04 rwatson Exp $");
+__FBSDID("$FreeBSD: src/sys/kern/kern_mac.c,v 1.105 2003/11/12 03:14:29 rwatson Exp $");
 
 #include "opt_mac.h"
 #include "opt_devfs.h"
@@ -256,6 +256,7 @@
 
 	LIST_INIT(&mac_static_policy_list);
 	LIST_INIT(&mac_policy_list);
+	mac_labelzone_init();
 
 	mtx_init(&mac_policy_mtx, "mac_policy_mtx", NULL, MTX_DEF);
 	cv_init(&mac_policy_cv, "mac_policy_cv");
@@ -565,7 +566,7 @@
 	}
 
 	buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
-	error = mac_externalize_cred_label(&tcred->cr_label, elements,
+	error = mac_externalize_cred_label(tcred->cr_label, elements,
 	    buffer, mac.m_buflen);
 	if (error == 0)
 		error = copyout(buffer, mac.m_string, strlen(buffer)+1);
@@ -602,7 +603,7 @@
 	}
 
 	buffer = malloc(mac.m_buflen, M_MACTEMP, M_WAITOK | M_ZERO);
-	error = mac_externalize_cred_label(&td->td_ucred->cr_label,
+	error = mac_externalize_cred_label(td->td_ucred->cr_label,
 	    elements, buffer, mac.m_buflen);
 	if (error == 0)
 		error = copyout(buffer, mac.m_string, strlen(buffer)+1);
@@ -619,7 +620,7 @@
 __mac_set_proc(struct thread *td, struct __mac_set_proc_args *uap)
 {
 	struct ucred *newcred, *oldcred;
-	struct label intlabel;
+	struct label *intlabel;
 	struct proc *p;
 	struct mac mac;
 	char *buffer;
@@ -640,13 +641,11 @@
 		return (error);
 	}
 
-	mac_init_cred_label(&intlabel);
-	error = mac_internalize_cred_label(&intlabel, buffer);
+	intlabel = mac_cred_label_alloc();
+	error = mac_internalize_cred_label(intlabel, buffer);
 	free(buffer, M_MACTEMP);
-	if (error) {
-		mac_destroy_cred_label(&intlabel);
-		return (error);
-	}
+	if (error)
+		goto out;
 
 	newcred = crget();
 
@@ -654,7 +653,7 @@
 	PROC_LOCK(p);
 	oldcred = p->p_ucred;
 
-	error = mac_check_cred_relabel(oldcred, &intlabel);
+	error = mac_check_cred_relabel(oldcred, intlabel);
 	if (error) {
 		PROC_UNLOCK(p);
 		crfree(newcred);
@@ -663,7 +662,7 @@
 
 	setsugid(p);
 	crcopy(newcred, oldcred);
-	mac_relabel_cred(newcred, &intlabel);
+	mac_relabel_cred(newcred, intlabel);
 	p->p_ucred = newcred;
 
 	/*
@@ -683,7 +682,7 @@
 	crfree(oldcred);
 
 out:
-	mac_destroy_cred_label(&intlabel);
+	mac_cred_label_free(intlabel);
 	return (error);
 }
 
@@ -694,7 +693,7 @@
 __mac_get_fd(struct thread *td, struct __mac_get_fd_args *uap)
 {
 	char *elements, *buffer;
-	struct label intlabel;
+	struct label *intlabel;
 	struct file *fp;
 	struct mac mac;
 	struct vnode *vp;
@@ -729,20 +728,20 @@
 	case DTYPE_VNODE:
 		vp = fp->f_vnode;
 
-		mac_init_vnode_label(&intlabel);
+		intlabel = mac_vnode_label_alloc();
 
 		vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
-		mac_copy_vnode_label(&vp->v_label, &intlabel);
+		mac_copy_vnode_label(vp->v_label, intlabel);
 		VOP_UNLOCK(vp, 0, td);
 
 		break;
 	case DTYPE_PIPE:
 		pipe = fp->f_data;
 
-		mac_init_pipe_label(&intlabel);
+		intlabel = mac_pipe_label_alloc();
 
 		PIPE_LOCK(pipe);
-		mac_copy_pipe_label(pipe->pipe_label, &intlabel);
+		mac_copy_pipe_label(pipe->pipe_label, intlabel);
 		PIPE_UNLOCK(pipe);
 		break;
 	default:
@@ -756,14 +755,14 @@
 	case DTYPE_FIFO:
 	case DTYPE_VNODE:
 		if (error == 0)
-			error = mac_externalize_vnode_label(&intlabel,
+			error = mac_externalize_vnode_label(intlabel,
 			    elements, buffer, mac.m_buflen);
-		mac_destroy_vnode_label(&intlabel);
+		mac_vnode_label_free(intlabel);
 		break;
 	case DTYPE_PIPE:
-		error = mac_externalize_pipe_label(&intlabel, elements,
+		error = mac_externalize_pipe_label(intlabel, elements,
 		    buffer, mac.m_buflen);
-		mac_destroy_pipe_label(&intlabel);
+		mac_pipe_label_free(intlabel);
 		break;
 	default:
 		panic("__mac_get_fd: corrupted label_type");
@@ -788,7 +787,7 @@
 {
 	char *elements, *buffer;
 	struct nameidata nd;
-	struct label intlabel;
+	struct label *intlabel;
 	struct mac mac;
 	int error;
 
@@ -815,13 +814,13 @@
 	if (error)
 		goto out;
 
-	mac_init_vnode_label(&intlabel);
-	mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel);
-	error = mac_externalize_vnode_label(&intlabel, elements, buffer,
+	intlabel = mac_vnode_label_alloc();
+	mac_copy_vnode_label(nd.ni_vp->v_label, intlabel);
+	error = mac_externalize_vnode_label(intlabel, elements, buffer,
 	    mac.m_buflen);
 
 	NDFREE(&nd, 0);
-	mac_destroy_vnode_label(&intlabel);
+	mac_vnode_label_free(intlabel);
 
 	if (error == 0)
 		error = copyout(buffer, mac.m_string, strlen(buffer)+1);
@@ -843,7 +842,7 @@
 {
 	char *elements, *buffer;
 	struct nameidata nd;
-	struct label intlabel;
+	struct label *intlabel;
 	struct mac mac;
 	int error;
 
@@ -870,12 +869,12 @@
 	if (error)
 		goto out;
 
-	mac_init_vnode_label(&intlabel);
-	mac_copy_vnode_label(&nd.ni_vp->v_label, &intlabel);
-	error = mac_externalize_vnode_label(&intlabel, elements, buffer,
+	intlabel = mac_vnode_label_alloc();
+	mac_copy_vnode_label(nd.ni_vp->v_label, intlabel);
+	error = mac_externalize_vnode_label(intlabel, elements, buffer,
 	    mac.m_buflen);
 	NDFREE(&nd, 0);
-	mac_destroy_vnode_label(&intlabel);
+	mac_vnode_label_free(intlabel);
 
 	if (error == 0)
 		error = copyout(buffer, mac.m_string, strlen(buffer)+1);
@@ -895,7 +894,7 @@
 int
 __mac_set_fd(struct thread *td, struct __mac_set_fd_args *uap)
 {
-	struct label intlabel;
+	struct label *intlabel;
 	struct pipe *pipe;
 	struct file *fp;
 	struct mount *mp;
@@ -928,40 +927,40 @@
 	switch (fp->f_type) {
 	case DTYPE_FIFO:
 	case DTYPE_VNODE:
-		mac_init_vnode_label(&intlabel);
-		error = mac_internalize_vnode_label(&intlabel, buffer);
+		intlabel = mac_vnode_label_alloc();
+		error = mac_internalize_vnode_label(intlabel, buffer);
 		if (error) {
-			mac_destroy_vnode_label(&intlabel);
+			mac_vnode_label_free(intlabel);
 			break;
 		}
 
 		vp = fp->f_vnode;
 		error = vn_start_write(vp, &mp, V_WAIT | PCATCH);
 		if (error != 0) {
-			mac_destroy_vnode_label(&intlabel);
+			mac_vnode_label_free(intlabel);
 			break;
 		}
 
 		vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
-		error = vn_setlabel(vp, &intlabel, td->td_ucred);
+		error = vn_setlabel(vp, intlabel, td->td_ucred);
 		VOP_UNLOCK(vp, 0, td);
 		vn_finished_write(mp);
 
-		mac_destroy_vnode_label(&intlabel);
+		mac_vnode_label_free(intlabel);
 		break;
 
 	case DTYPE_PIPE:
-		mac_init_pipe_label(&intlabel);
-		error = mac_internalize_pipe_label(&intlabel, buffer);
+		intlabel = mac_pipe_label_alloc();
+		error = mac_internalize_pipe_label(intlabel, buffer);
 		if (error == 0) {
 			pipe = fp->f_data;
 			PIPE_LOCK(pipe);
 			error = mac_pipe_label_set(td->td_ucred, pipe,
-			    &intlabel);
+			    intlabel);
 			PIPE_UNLOCK(pipe);
 		}
 
-		mac_destroy_pipe_label(&intlabel);
+		mac_pipe_label_free(intlabel);
 		break;
 
 	default:
@@ -983,7 +982,7 @@
 int
 __mac_set_file(struct thread *td, struct __mac_set_file_args *uap)
 {
-	struct label intlabel;

>>> TRUNCATED FOR MAIL (1000 lines) <<<
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message



More information about the trustedbsd-cvs mailing list