Subject: securelevel support incomplete, 'sysctl' missing (#221 - part 3 of 5) Index: sys,bin,lib,usr.lib,usr.bin/many 2.11BSD Description: The support for 'securelevel' is incomplete, part of it was added back in updates #197 thru 210 (when the 'chflags' syscall was implemented). But without a means of setting the security level of the system the level was fixed at -1. There is no 'sysctl' system call present. In addition to retrieving and setting the security level of the system the sysctl() call can be used to read many other kernel data structures without having to perform a nlist(3) on the kernel image. Also, there are present in the C library several obsolete (they were obsolete even when 2.11BSD was new) routines. Repeat-By: Observation. You may wish to refer to update #197 in which mention is made of the 'securelevel' feature. The manpages for sysctl(3) and sysctl(8) are in the shar file below. Fix: sysctl() was borrowed from 4.4BSD-Lite. Everything except the 'networking' portion has been ported - that will be done in the future. Initially only enough of sysctl() was going to be ported to manipulate the 'securelevel' of the system. As the porting effort got underway it became apparent that with not much extra effort the whole sysctl() call could be implemented. As a demonstration of how much faster sysctl() is than 'nlist()' a couple of the programs in the system have been converted to use sysctl() instead of nlist()+read() to fetch information from the kernel. You may wish to save the 'w' and 'welcome' programs in order to compare the runtimes before and after being converted. As time goes on additional utilities will be switched over from nlist() to sysctl(). This is part 3 of 5 (updates 219 thru 223). The contents of each part are as follow: Part/Update# Contents ============ ======== 1 / 219 shar file of new files added to the system. 2 / 220 shell script to remove obsolete files 3 / 221 patch file 1 4 / 222 patch file 2 5 / 223 patch file 3 The following files are modified by this part of the patch kit: /usr/include/syscall.h /usr/src/sys/conf/Make.unix /usr/src/sys/conf/Make.nsunix /usr/src/sys/conf/Make.sunix /usr/src/sys/conf/Make.sys /usr/src/sys/conf/param.c /usr/src/sys/sys/ufs_fio.c /usr/src/sys/sys/sys_inode.c /usr/src/sys/sys/ufs_mount.c /usr/src/sys/sys/init_main.c /usr/src/sys/sys/kern_exec.c /usr/src/sys/sys/init_sysent.c /usr/src/sys/h/systm.h /usr/src/sys/h/resource.h /usr/src/sys/h/vmparam.h /usr/src/sys/h/time.h /usr/src/sys/h/vmsystm.h /usr/src/sys/h/proc.h /usr/src/sys/h/text.h /usr/src/sys/h/file.h /usr/src/sys/pdp/conf.c /usr/src/sys/pdp/cpu.h /usr/src/sys/OTHERS/bad144/bad144.c /usr/src/sys/GENERIC/Makefile Instructions: 1) Cut where indicated and save to a file (/tmp/foo) 2) patch -p0 < /tmp/foo 3) For all kernel directories in /sys copy the conf/Make.sys file: cd /sys cp conf/Make.sys GENERIC/Make.sys foreach i (YOURKERNEL MYKERNEL PICKLE ...) cp conf/Make.sys ${i}/Make.sys If you do not do this the kern_sysctl.c file will not be compiled when you recompile the kernel. 4) You must edit the Makefile in each of the kernel directories in /sys to add the 'kern_sysctl.o' file to an overlay. Since this module is rather large (almost 4kb) it will almost always go into OV7. See GENERIC/Makefile as an example. Place kern_sysctl.o anywhere there is room (use the 'size' command on /unix - overlays can be 8kb and the base segment can be 56kb). It is _strongly_ recommended that kern_sysctl.o _NOT_ go into the base segment (it won't fit most of the time anyhow). 5) Caution: If you have developed local drivers and have modified pdp/conf.c then the patching might fail. This will take manual action to fix. DO NOT compile anything yet. There will be a detailed, step-by-step checklist of what to compile in the last part of this kit (#223). ====================cut here=================== *** /usr/include/syscall.h.old Fri Nov 25 22:23:07 1994 --- /usr/include/syscall.h Fri Jan 13 20:38:45 1995 *************** *** 28,34 **** #define SYS_getpid 20 #define SYS_mount 21 #define SYS_umount 22 ! /* 23 is old: setuid */ #define SYS_getuid 24 /* 25 is old: stime */ #define SYS_ptrace 26 --- 28,34 ---- #define SYS_getpid 20 #define SYS_mount 21 #define SYS_umount 22 ! #define SYS___sysctl 23 #define SYS_getuid 24 /* 25 is old: stime */ #define SYS_ptrace 26 *** /usr/src/sys/conf/Make.unix.old Sat Jan 22 16:38:43 1994 --- /usr/src/sys/conf/Make.unix Sat Jan 14 00:44:11 1995 *************** *** 9,15 **** # software without specific prior written permission. This software # is provided ``as is'' without express or implied warranty. # ! # %W% (Berkeley) %G% # ######################################################### # Non-networking, non-separate I/D kernel # --- 9,15 ---- # software without specific prior written permission. This software # is provided ``as is'' without express or implied warranty. # ! # 2.0 (2.11BSD GTE) 1/14/95 # ######################################################### # Non-networking, non-separate I/D kernel # *************** *** 61,67 **** tty_conf.o tty_pty.o tty_subr.o tty_tb.o tty_tty.o ufs_alloc.o \ ufs_bio.o ufs_bmap.o ufs_dsort.o ufs_fio.o ufs_inode.o \ ufs_mount.o ufs_namei.o ufs_subr.o ufs_syscalls.o \ ! vm_proc.o vm_sched.o vm_swap.o vm_swp.o vm_text.o xp.o subr_log.o OV1= OV2= --- 61,69 ---- tty_conf.o tty_pty.o tty_subr.o tty_tb.o tty_tty.o ufs_alloc.o \ ufs_bio.o ufs_bmap.o ufs_dsort.o ufs_fio.o ufs_inode.o \ ufs_mount.o ufs_namei.o ufs_subr.o ufs_syscalls.o \ ! vm_proc.o vm_sched.o vm_swap.o vm_swp.o vm_text.o xp.o subr_log.o \ ! kern_sysctl.o ! OV1= OV2= *** /usr/src/sys/conf/Make.nsunix.old Sat Jan 22 16:37:52 1994 --- /usr/src/sys/conf/Make.nsunix Sat Jan 14 00:43:25 1995 *************** *** 9,15 **** # software without specific prior written permission. This software # is provided ``as is'' without express or implied warranty. # ! # %W% (Berkeley) %G% # ######################################################### # Networking, separate I/D kernel # --- 9,15 ---- # software without specific prior written permission. This software # is provided ``as is'' without express or implied warranty. # ! # 2.0 (2.11BSD GTE) 1/14/95 # ######################################################### # Networking, separate I/D kernel # *************** *** 76,82 **** # OV6 gets the (hopefully) never used routines OV6= clock.o dn.o init_main.o kern_pdp.o machdep2.o subr_prf.o syscalls.o \ subr_log.o toy.o ! OV7= tmscp.o OV8= mch_fpsim.o KERNOBJ=${CONF} ${BASE} ${OV1} ${OV2} ${OV3} ${OV4} ${OV5} \ --- 76,82 ---- # OV6 gets the (hopefully) never used routines OV6= clock.o dn.o init_main.o kern_pdp.o machdep2.o subr_prf.o syscalls.o \ subr_log.o toy.o ! OV7= tmscp.o kern_sysctl.o OV8= mch_fpsim.o KERNOBJ=${CONF} ${BASE} ${OV1} ${OV2} ${OV3} ${OV4} ${OV5} \ *** /usr/src/sys/conf/Make.sunix.old Sat Jan 22 16:38:34 1994 --- /usr/src/sys/conf/Make.sunix Sat Jan 14 00:43:45 1995 *************** *** 9,15 **** # software without specific prior written permission. This software # is provided ``as is'' without express or implied warranty. # ! # %W% (Berkeley) %G% # ######################################################### # Non-network, but separate I/D kernel # --- 9,15 ---- # software without specific prior written permission. This software # is provided ``as is'' without express or implied warranty. # ! # 2.0 (2.11BSD GTE) 1/14/95 # ######################################################### # Non-network, but separate I/D kernel # *************** *** 61,67 **** OV4= hk.o init_main.o kern_prot.o tty_pty.o quota_kern.o quota_subr.o \ quota_ufs.o subr_log.o vm_swp.o vm_swap.o vm_proc.o toy.o OV5= ht.o tm.o ts.o ! OV6= tmscp.o OV7= mch_fpsim.o KERNOBJ=${CONF} ${BASE} ${OV1} ${OV2} ${OV3} ${OV4} ${OV5} \ --- 61,67 ---- OV4= hk.o init_main.o kern_prot.o tty_pty.o quota_kern.o quota_subr.o \ quota_ufs.o subr_log.o vm_swp.o vm_swap.o vm_proc.o toy.o OV5= ht.o tm.o ts.o ! OV6= tmscp.o kern_sysctl.o OV7= mch_fpsim.o KERNOBJ=${CONF} ${BASE} ${OV1} ${OV2} ${OV3} ${OV4} ${OV5} \ *** /usr/src/sys/conf/Make.sys.old Fri Mar 12 19:04:22 1993 --- /usr/src/sys/conf/Make.sys Sat Jan 14 00:50:17 1995 *************** *** 9,15 **** # software without specific prior written permission. This software # is provided ``as is'' without express or implied warranty. # ! # %W% (Berkeley) %G% # S= ../sys VPATH= ../sys --- 9,15 ---- # software without specific prior written permission. This software # is provided ``as is'' without express or implied warranty. # ! # 2.0 (2.11BSD GTE) 1/14/95 # S= ../sys VPATH= ../sys *************** *** 18,24 **** ${S}/kern_clock.c ${S}/kern_descrip.c ${S}/kern_exec.c \ ${S}/kern_exit.c ${S}/kern_fork.c ${S}/kern_mman.c \ ${S}/kern_proc.c ${S}/kern_prot.c ${S}/kern_resource.c \ ! ${S}/kern_sig.c ${S}/kern_subr.c \ ${S}/kern_synch.c ${S}/kern_time.c ${S}/kern_xxx.c \ ${S}/quota_sys.c ${S}/quota_kern.c ${S}/quota_ufs.c \ ${S}/quota_subr.c ${S}/subr_log.c ${S}/subr_prf.c ${S}/subr_rmap.c \ --- 18,24 ---- ${S}/kern_clock.c ${S}/kern_descrip.c ${S}/kern_exec.c \ ${S}/kern_exit.c ${S}/kern_fork.c ${S}/kern_mman.c \ ${S}/kern_proc.c ${S}/kern_prot.c ${S}/kern_resource.c \ ! ${S}/kern_sig.c ${S}/kern_subr.c ${S}/kern_sysctl.c \ ${S}/kern_synch.c ${S}/kern_time.c ${S}/kern_xxx.c \ ${S}/quota_sys.c ${S}/quota_kern.c ${S}/quota_ufs.c \ ${S}/quota_subr.c ${S}/subr_log.c ${S}/subr_prf.c ${S}/subr_rmap.c \ *************** *** 33,39 **** ${S}/vm_sched.c ${S}/vm_swap.c ${S}/vm_swp.c ${S}/vm_text.c OBJS= init_main.o init_sysent.o kern_acct.o kern_clock.o \ kern_descrip.o kern_exec.o kern_exit.o kern_fork.o kern_mman.o \ ! kern_proc.o kern_prot.o kern_resource.o kern_sig.o \ kern_subr.o kern_synch.o kern_time.o kern_xxx.o quota_sys.o \ quota_kern.o quota_ufs.o quota_subr.o subr_log.o subr_prf.o subr_rmap.o \ subr_xxx.o sys_generic.o sys_inode.o sys_kern.o \ --- 33,39 ---- ${S}/vm_sched.c ${S}/vm_swap.c ${S}/vm_swp.c ${S}/vm_text.c OBJS= init_main.o init_sysent.o kern_acct.o kern_clock.o \ kern_descrip.o kern_exec.o kern_exit.o kern_fork.o kern_mman.o \ ! kern_proc.o kern_prot.o kern_resource.o kern_sig.o kern_sysctl.o \ kern_subr.o kern_synch.o kern_time.o kern_xxx.o quota_sys.o \ quota_kern.o quota_ufs.o quota_subr.o subr_log.o subr_prf.o subr_rmap.o \ subr_xxx.o sys_generic.o sys_inode.o sys_kern.o \ *** /usr/src/sys/conf/param.c.old Thu Mar 11 20:03:37 1993 --- /usr/src/sys/conf/param.c Wed Jan 18 19:54:06 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)param.c 2.0 (2.11BSD GTE) 3/11/93 */ #include "../h/param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)param.c 2.1 (2.11BSD GTE) 1/18/95 */ #include "../h/param.h" *************** *** 69,74 **** --- 69,84 ---- struct mount mount[NMOUNT]; struct buf buf[NBUF], bfreelist[BQUEUES]; struct bufhd bufhash[BUFHSZ]; + + /* + * Remove the ifdef/endif to run the kernel in unsecure mode even when in + * a multiuser state. Normally 'init' raises the security level to 1 + * upon transitioning to multiuser. Setting the securelevel to -1 prevents + * the secure level from being raised by init. + */ + #ifdef PERMANENTLY_INSECURE + int securelevel = -1; + #endif #ifdef UCB_CLIST u_int clstdesc = ((((btoc(NCLIST*sizeof(struct cblock)))-1) << 8) | RW); *** /usr/src/sys/sys/ufs_fio.c.old Thu Dec 15 20:10:01 1994 --- /usr/src/sys/sys/ufs_fio.c Thu Dec 29 17:31:03 1994 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)ufs_fio.c 1.2 (2.11BSD GTE) 12/15/94 */ #include "param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)ufs_fio.c 1.3 (2.11BSD GTE) 12/29/94 */ #include "param.h" *************** *** 10,22 **** #include "user.h" #include "fs.h" #include "inode.h" #include "namei.h" #include "systm.h" #include "acct.h" #include "stat.h" - extern int securelevel; - /* * Check mode permission on inode pointer. * Mode is READ, WRITE or EXEC. --- 10,21 ---- #include "user.h" #include "fs.h" #include "inode.h" + #include "mount.h" #include "namei.h" #include "systm.h" #include "acct.h" #include "stat.h" /* * Check mode permission on inode pointer. * Mode is READ, WRITE or EXEC. *************** *** 135,145 **** return(u.u_error); if (u.u_uid == 0) { ! #ifdef not_quite_yet ! if ((ip->i_flags & (SF_IMMUTABLE|SF_APPEND))) && securelevel > 0) return(EPERM); - #endif ip->i_flags = vap->va_flags; } else --- 134,142 ---- return(u.u_error); if (u.u_uid == 0) { ! if ((ip->i_flags & (SF_IMMUTABLE|SF_APPEND)) && securelevel > 0) return(EPERM); ip->i_flags = vap->va_flags; } else *************** *** 186,190 **** --- 183,202 ---- } if (vap->va_mode != (mode_t)VNOVAL) return(chmod1(ip, vap->va_mode)); + return(0); + } + + ufs_mountedon(dev) + dev_t dev; + { + register struct mount *mp; + + for (mp = mount; mp < &mount[NMOUNT]; mp++) + { + if (mp->m_inodp == NULL) + continue; + if (mp->m_dev == dev) + return(EBUSY); + } return(0); } *** /usr/src/sys/sys/sys_inode.c.old Thu Dec 15 19:59:30 1994 --- /usr/src/sys/sys/sys_inode.c Fri Jan 6 23:36:24 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)sys_inode.c 1.2 (2.11BSD GTE) 12/8/94 */ #include "param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)sys_inode.c 1.3 (2.11BSD GTE) 1/6/95 */ #include "param.h" *************** *** 602,610 **** /* * Openi called to allow handler of special files to initialize and * validate before actual IO. - * - * Eventually the check for 'securelevel' and the MNT_NODEV mount option - * will go here. */ openi(ip, mode) register struct inode *ip; --- 602,607 ---- *************** *** 611,627 **** --- 608,672 ---- { register dev_t dev = ip->i_rdev; register int maj = major(dev); + dev_t bdev; + int error; + if (ip->i_fs->fs_flags & MNT_NODEV) + return(ENXIO); + switch (ip->i_mode&IFMT) { case IFCHR: if ((u_int)maj >= nchrdev) return (ENXIO); + if (mode & FWRITE) { + /* + * When running in very secure mode, do not allow + * opens for writing of any disk character devices. + */ + if (securelevel >= 2 && isdisk(dev, IFCHR)) + return(EPERM); + /* + * When running in secure mode, do not allow opens + * for writing of /dev/mem, /dev/kmem, or character + * devices whose corresponding block devices are + * currently mounted. + */ + if (securelevel >= 1) { + if ((bdev = chrtoblk(dev)) != NODEV && + (error = ufs_mountedon(bdev))) + return(error); + if (iskmemdev(dev)) + return(EPERM); + } + } return ((*cdevsw[maj].d_open)(dev, mode)); case IFBLK: if ((u_int)maj >= nblkdev) return (ENXIO); + /* + * When running in very secure mode, do not allow + * opens for writing of any disk block devices. + */ + if (securelevel >= 2 && (mode & FWRITE) && isdisk(dev, IFBLK)) + return(EPERM); + #ifdef notyet + /* + * Do not allow opens of block devices that are + * currently mounted. + * + * 2.11BSD must relax this restriction to allow 'fsck' to + * open the root filesystem (which is always mounted) during + * a reboot. Once in secure or very secure mode the + * above restriction is fully effective. + * + * Also, 'df' on 2.11BSD opens the device - this check can + * not be enabled until the 'statfs' capability is present. + */ + if (securelevel > 0 && (error = ufs_mountedon(dev))) + return(error); + #endif return ((*bdevsw[maj].d_open)(dev, mode)); } return (0); *** /usr/src/sys/sys/ufs_mount.c.old Sat Apr 7 18:07:25 1990 --- /usr/src/sys/sys/ufs_mount.c Fri Jan 6 21:20:24 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)ufs_mount.c 1.2 (2.10BSD Berkeley) 1/29/90 */ #include "param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)ufs_mount.c 1.3 (2.11BSD GTE) 1/6/95 */ #include "param.h" *************** *** 27,33 **** register struct a { char *fspec; char *freg; ! int ronly; } *uap = (struct a *)u.u_ap; dev_t dev; register struct inode *ip; --- 27,33 ---- register struct a { char *fspec; char *freg; ! int flags; } *uap = (struct a *)u.u_ap; dev_t dev; register struct inode *ip; *************** *** 59,65 **** u.u_error = EBUSY; return; } ! fs = mountfs(dev, uap->ronly, ip); if (fs == 0) return; (void) copyinstr(uap->freg, fs->fs_fsmnt, sizeof(fs->fs_fsmnt)-1, &len); --- 59,65 ---- u.u_error = EBUSY; return; } ! fs = mountfs(dev, uap->flags, ip); if (fs == 0) return; (void) copyinstr(uap->freg, fs->fs_fsmnt, sizeof(fs->fs_fsmnt)-1, &len); *************** *** 68,82 **** /* this routine has races if running twice */ struct fs * ! mountfs(dev, ronly, ip) dev_t dev; ! int ronly; struct inode *ip; { register struct mount *mp = 0; struct buf *tp = 0; register struct fs *fs; ! register error; int needclose = 0; error = --- 68,83 ---- /* this routine has races if running twice */ struct fs * ! mountfs(dev, flags, ip) dev_t dev; ! int flags; struct inode *ip; { register struct mount *mp = 0; struct buf *tp = 0; register struct fs *fs; ! register int error; ! int ronly = flags & MNT_RDONLY; int needclose = 0; error = *************** *** 115,120 **** --- 116,122 ---- fs->fs_flock = 0; fs->fs_nbehind = 0; fs->fs_lasti = 1; + fs->fs_flags = flags; if (ip) { ip->i_flag |= IMOUNT; cacheinval(ip); *** /usr/src/sys/sys/init_main.c.old Thu Dec 15 19:57:55 1994 --- /usr/src/sys/sys/init_main.c Fri Jan 6 21:58:25 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)init_main.c 1.6 (2.11BSD GTE) 12/15/94 */ #include "param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)init_main.c 1.7 (2.11BSD GTE) 1/6/95 */ #include "param.h" *************** *** 30,36 **** int netoff = 1; int cmask = CMASK; ! int securelevel = -1; extern size_t physmem; extern struct mapent _coremap[]; --- 30,36 ---- int netoff = 1; int cmask = CMASK; ! int securelevel; extern size_t physmem; extern struct mapent _coremap[]; *************** *** 156,162 **** nswap = swsize; mfree(swapmap, --nswap, 1); ! fs = mountfs(rootdev, boothowto & RB_RDONLY, (struct inode *)0); if (!fs) panic("iinit"); mount[0].m_inodp = (struct inode *)1; /* XXX */ --- 156,163 ---- nswap = swsize; mfree(swapmap, --nswap, 1); ! fs = mountfs(rootdev, boothowto & RB_RDONLY ? MNT_RDONLY : 0, ! (struct inode *)0); if (!fs) panic("iinit"); mount[0].m_inodp = (struct inode *)1; /* XXX */ *** /usr/src/sys/sys/kern_exec.c.old Sat Nov 26 23:12:37 1994 --- /usr/src/sys/sys/kern_exec.c Fri Jan 13 20:23:46 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)kern_exec.c 1.3 (2.11BSD GTE) 11/26/94 */ #include "param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)kern_exec.c 1.4 (2.11BSD GTE) 1/13/95 */ #include "param.h" *************** *** 19,24 **** --- 19,25 ---- #include "acct.h" #include "namei.h" #include "fs.h" + #include "mount.h" #include "file.h" #include "text.h" *************** *** 70,80 **** indir = 0; uid = u.u_uid; gid = u.u_gid; ! if (ip->i_mode & ISUID) ! uid = ip->i_uid; ! if (ip->i_mode & ISGID) ! gid = ip->i_gid; ! again: if (access(ip, IEXEC)) goto bad; --- 71,86 ---- indir = 0; uid = u.u_uid; gid = u.u_gid; ! if (ip->i_fs->fs_flags & MNT_NOEXEC) { ! u.u_error = EACCES; ! goto bad; ! } ! if ((ip->i_fs->fs_flags & MNT_NOSUID) == 0) { ! if (ip->i_mode & ISUID) ! uid = ip->i_uid; ! if (ip->i_mode & ISGID) ! gid = ip->i_gid; ! } again: if (access(ip, IEXEC)) goto bad; *** /usr/src/sys/sys/init_sysent.c.old Sun Nov 27 00:09:12 1994 --- /usr/src/sys/sys/init_sysent.c Sat Jan 14 00:42:01 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)init_sysent.c 1.6 (2.11BSD GTE) 11/26/94 */ /* --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)init_sysent.c 1.7 (2.11BSD GTE) 1/14/95 */ /* *************** *** 47,53 **** /* 1.7 system operation support */ int umount(),smount(); ! int sync(),reboot(),sysacct(); /* 2.1 generic operations */ int read(),write(),readv(),writev(),ioctl(); --- 47,53 ---- /* 1.7 system operation support */ int umount(),smount(); ! int sync(),reboot(),sysacct(), __sysctl(); /* 2.1 generic operations */ int read(),write(),readv(),writev(),ioctl(); *************** *** 128,134 **** 0, getpid, /* 20 = getpid */ 3, smount, /* 21 = mount */ 1, umount, /* 22 = umount */ ! 0, nosys, /* 23 = old setuid */ 0, getuid, /* 24 = getuid */ 0, nosys, /* 25 = old stime */ 4, ptrace, /* 26 = ptrace */ --- 128,134 ---- 0, getpid, /* 20 = getpid */ 3, smount, /* 21 = mount */ 1, umount, /* 22 = umount */ ! 6, __sysctl, /* 23 = __sysctl */ 0, getuid, /* 24 = getuid */ 0, nosys, /* 25 = old stime */ 4, ptrace, /* 26 = ptrace */ *** /usr/src/sys/h/systm.h.old Thu Dec 24 00:51:07 1992 --- /usr/src/sys/h/systm.h Fri Jan 20 19:49:52 1995 *************** *** 3,17 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)systm.h 1.1 (2.10BSD Berkeley) 12/1/86 */ #ifndef SUPERVISOR /* ! * Random set of variables ! * used by more than one ! * routine. */ extern char version[]; /* system version */ /* --- 3,42 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)systm.h 1.2 (2.11BSD GTE) 12/29/94 */ #ifndef SUPERVISOR + /* ! * The `securelevel' variable controls the security level of the system. ! * It can only be decreased by process 1 (/sbin/init). ! * ! * Security levels are as follows: ! * -1 permannently insecure mode - always run system in level 0 mode. ! * 0 insecure mode - immutable and append-only flags make be turned off. ! * All devices may be read or written subject to permission modes. ! * 1 secure mode - immutable and append-only flags may not be changed; ! * raw disks of mounted filesystems, /dev/mem, and /dev/kmem are ! * read-only. ! * 2 highly secure mode - same as (1) plus raw disks are always ! * read-only whether mounted or not. This level precludes tampering ! * with filesystems by unmounting them, but also inhibits running ! * newfs while the system is secured. ! * ! * In normal operation, the system runs in level 0 mode while single user ! * and in level 1 mode while multiuser. If level 2 mode is desired while ! * running multiuser, it can be set in the multiuser startup script ! * (/etc/rc.local) using sysctl(8). If it is desired to run the system ! * in level 0 mode while multiuser, initialize the variable securelevel ! * in /sys/kern/kern_sysctl.c to -1. Note that it is NOT initialized to ! * zero as that would allow the vmunix binary to be patched to -1. ! * Without initialization, securelevel loads in the BSS area which only ! * comes into existence when the kernel is loaded and hence cannot be ! * patched by a stalking hacker. */ + extern int securelevel; /* system security level */ + extern char version[]; /* system version */ /* *** /usr/src/sys/h/resource.h.old Sun May 17 20:25:33 1987 --- /usr/src/sys/h/resource.h Fri Jan 20 19:48:10 1995 *************** *** 3,11 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)resource.h 1.1 (2.10BSD Berkeley) 12/1/86 */ /* * Process priority specifications to get/setpriority. */ --- 3,14 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)resource.h 1.2 (2.11BSD GTE) 1/14/95 */ + #ifndef _SYS_RESOURCE_H_ + #define _SYS_RESOURCE_H_ + /* * Process priority specifications to get/setpriority. */ *************** *** 79,81 **** --- 82,91 ---- long rlim_cur; /* current (soft) limit */ long rlim_max; /* maximum value for rlim_cur */ }; + + /* Load average structure. */ + struct loadavg { + short ldavg[3]; + int fscale; + }; + #endif /* !_SYS_RESOURCE_H_ */ *** /usr/src/sys/h/vmparam.h.old Sun May 17 17:21:26 1987 --- /usr/src/sys/h/vmparam.h Thu Jan 19 19:53:18 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)vmparam.h 7.1 (Berkeley) 6/4/86 */ /* --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)vmparam.h 7.1.1 (2.11BSD GTE) 1/14/95 */ /* *************** *** 13,16 **** --- 13,35 ---- #include "../machine/vmparam.h" #else #include + #endif + + /* + * CTL_VM identifiers + */ + #define VM_METER 1 /* struct vmmeter */ + #define VM_LOADAVG 2 /* struct loadavg */ + #define VM_SWAPMAP 3 /* struct mapent _swapmap[] */ + #define VM_COREMAP 4 /* struct mapent _coremap[] */ + #define VM_MAXID 5 /* number of valid vm ids */ + + #ifndef KERNEL + #define CTL_VM_NAMES { \ + { 0, 0 }, \ + { "vmmeter", CTLTYPE_STRUCT }, \ + { "loadavg", CTLTYPE_STRUCT }, \ + { "swapmap", CTLTYPE_STRUCT }, \ + { "coremap", CTLTYPE_STRUCT }, \ + } #endif *** /usr/src/sys/h/time.h.old Sat May 16 11:29:24 1987 --- /usr/src/sys/h/time.h Fri Jan 20 19:50:22 1995 *************** *** 3,11 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)time.h 1.1 (2.10BSD Berkeley) 12/1/86 */ /* * Structure returned by gettimeofday(2) system call, * and used in other calls. --- 3,14 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)time.h 1.2 (2.11BSD GTE) 1/14/95 */ + #ifndef _SYS_TIME_H_ + #define _SYS_TIME_H_ + /* * Structure returned by gettimeofday(2) system call, * and used in other calls. *************** *** 59,61 **** --- 62,75 ---- #ifndef KERNEL #include #endif + + /* + * Getkerninfo clock information structure + */ + struct clockinfo { + int hz; /* clock frequency */ + int tick; /* micro-seconds per hz tick */ + int stathz; /* statistics clock frequency */ + int profhz; /* profiling clock frequency */ + }; + #endif /* !_SYS_TIME_H_ */ *** /usr/src/sys/h/vmsystm.h.old Wed Mar 10 20:26:20 1993 --- /usr/src/sys/h/vmsystm.h Sun Jan 15 21:14:30 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)vmsystm.h 7.2 (2.11BSD GTE) 3/10/93 */ /* --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)vmsystm.h 7.2.1 (2.11BSD GTE) 1/15/95 */ /* *************** *** 10,17 **** * Miscellaneous virtual memory subsystem variables and structures. */ - #if defined(KERNEL) && defined(UCB_METER) && !defined(SUPERVISOR) size_t freemem; /* remaining clicks of free memory */ u_short avefree; /* moving average of remaining free clicks */ u_short avefree30; /* 30 sec (avefree is 5 sec) moving average */ --- 10,18 ---- * Miscellaneous virtual memory subsystem variables and structures. */ size_t freemem; /* remaining clicks of free memory */ + + #if defined(KERNEL) && defined(UCB_METER) && !defined(SUPERVISOR) u_short avefree; /* moving average of remaining free clicks */ u_short avefree30; /* 30 sec (avefree is 5 sec) moving average */ *** /usr/src/sys/h/proc.h.old Fri Mar 12 19:44:42 1993 --- /usr/src/sys/h/proc.h Fri Jan 20 19:47:54 1995 *************** *** 3,11 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)proc.h 1.1 (2.10BSD Berkeley) 12/1/86 */ /* * One structure allocated per active * process. It contains all data needed --- 3,14 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)proc.h 1.2 (2.11BSD GTE) 1/18/95 */ + #ifndef _SYS_PROC_H_ + #define _SYS_PROC_H_ + /* * One structure allocated per active * process. It contains all data needed *************** *** 126,128 **** --- 129,133 ---- #define S_DATA 0 /* specified segment */ #define S_STACK 1 + + #endif /* !_SYS_PROC_H_ */ *** /usr/src/sys/h/text.h.old Thu Dec 24 00:45:47 1992 --- /usr/src/sys/h/text.h Fri Jan 20 19:50:09 1995 *************** *** 3,11 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)text.h 1.1 (2.10BSD Berkeley) 12/1/86 */ /* * Text structure. XXX REF COUNT should be short * One allocated per pure --- 3,14 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)text.h 1.2 (2.11BSD GTE) 1/19/95 */ + #ifndef _SYS_TEXT_H_ + #define _SYS_TEXT_H_ + /* * Text structure. XXX REF COUNT should be short * One allocated per pure *************** *** 58,60 **** --- 61,64 ---- u_long free_cache; /* placed in cache */ u_long free_cacheswap; /* swapped out to place in cache */ }; + #endif /* _SYS_TEXT_H_ */ *** /usr/src/sys/h/file.h.old Fri Nov 25 22:34:53 1994 --- /usr/src/sys/h/file.h Fri Jan 20 19:47:13 1995 *************** *** 3,14 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)file.h 1.2 (2.11BSD GTE) 11/25/94 */ #include ! #ifdef KERNEL /* * Descriptor table entry. * One for each kernel object. --- 3,16 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)file.h 1.3 (2.11BSD GTE) 1/19/95 */ #include ! #ifndef _SYS_FILE_H_ ! #define _SYS_FILE_H_ ! /* * Descriptor table entry. * One for each kernel object. *************** *** 25,30 **** --- 27,33 ---- off_t f_offset; }; + #ifdef KERNEL struct fileops { int (*fo_rw)(); int (*fo_ioctl)(); *************** *** 70,72 **** --- 73,76 ---- #define DTYPE_SOCKET 2 /* communications endpoint */ #define DTYPE_PIPE 3 /* I don't want to hear it, okay? */ #endif + #endif /* _SYS_FILE_H_ */ *** /usr/src/sys/pdp/conf.c.old Wed Nov 30 20:02:46 1994 --- /usr/src/sys/pdp/conf.c Thu Dec 29 17:41:18 1994 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)conf.c 2.2 (2.11BSD Berkeley) 11/29/94 */ #include "param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)conf.c 2.3 (2.11BSD Berkeley) 12/29/94 */ #include "param.h" *************** *** 12,17 **** --- 12,18 ---- #include "time.h" #include "ioctl.h" #include "resource.h" + #include "inode.h" #include "proc.h" #include "clist.h" #include "tty.h" *************** *** 441,443 **** --- 442,542 ---- }; int nchrdev = sizeof(cdevsw) / sizeof(cdevsw[0]); + + /* + * Routine that identifies /dev/mem and /dev/kmem. + * + * A minimal stub routine can always return 0. + */ + iskmemdev(dev) + register dev_t dev; + { + + if (major(dev) == 1 && (minor(dev) == 0 || minor(dev) == 1)) + return (1); + return (0); + } + + /* + * Routine to determine if a device is a disk. + * + * A minimal stub routine can always return 0. + */ + isdisk(dev, type) + dev_t dev; + register int type; + { + + switch (major(dev)) { + case 3: /* ram */ + case 4: /* hk */ + case 5: /* ra */ + case 6: /* rk */ + case 7: /* rl */ + case 8: /* rx */ + case 9: /* si */ + case 10: /* xp */ + case 11: /* br */ + if (type == IFBLK) + return (1); + return (0); + case 13: /* rhk */ + case 14: /* rra */ + case 15: /* rrk */ + case 16: /* rrl */ + case 17: /* rrx */ + case 18: /* rsi */ + case 19: /* rxp */ + case 20: /* rbr */ + if (type == IFCHR) + return (1); + /* fall through */ + default: + return (0); + } + /* NOTREACHED */ + } + + #define MAXDEV 25 + static char chrtoblktbl[MAXDEV] = { + /* CHR */ /* BLK */ + /* 0 */ NODEV, + /* 1 */ NODEV, + /* 2 */ NODEV, + /* 3 */ NODEV, + /* 4 */ NODEV, + /* 5 */ NODEV, + /* 6 */ 0, /* ht */ + /* 7 */ 1, /* tm */ + /* 8 */ 2, /* ts */ + /* 9 */ NODEV, + /* 10 */ NODEV, + /* 11 */ NODEV, + /* 12 */ NODEV, + /* 13 */ 4, /* hk */ + /* 14 */ 5, /* ra */ + /* 15 */ 6, /* rk */ + /* 16 */ 7, /* rl */ + /* 17 */ 8, /* rx */ + /* 18 */ 9, /* si */ + /* 19 */ 10, /* xp */ + /* 20 */ 11, /* br */ + /* 21 */ NODEV, + /* 22 */ NODEV, + /* 23 */ 12, /* tmscp */ + /* 24 */ NODEV + }; + /* + * Routine to convert from character to block device number. + * + * A minimal stub routine can always return NODEV. + */ + chrtoblk(dev) + register dev_t dev; + { + register int blkmaj; + + if (major(dev) >= MAXDEV || (blkmaj = chrtoblktbl[major(dev)]) == NODEV) + return (NODEV); + return (makedev(blkmaj, minor(dev))); + } *** /usr/src/sys/pdp/cpu.h.old Sat Dec 26 17:49:21 1992 --- /usr/src/sys/pdp/cpu.h Sat Jan 14 01:07:04 1995 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)cpu.h 1.2 (2.11BSD GTE) 12/26/92 */ /* --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)cpu.h 1.3 (2.11BSD GTE) 1/14/95 */ /* *************** *** 13,15 **** --- 13,28 ---- * between cpu types). */ #define PDP1170_LEAR ((physadr) 0177740) + + /* + * CTL_MACHDEP definitions. + */ + #define CPU_CONSDEV 1 /* dev_t: console terminal device */ + #define CPU_MAXID 2 /* number of valid machdep ids */ + + #ifndef KERNEL + #define CTL_MACHDEP_NAMES { \ + { 0, 0 }, \ + { "console_device", CTLTYPE_STRUCT }, \ + } + #endif *** /usr/src/sys/OTHERS/bad144/bad144.c.old Mon Jan 10 21:34:57 1994 --- /usr/src/sys/OTHERS/bad144/bad144.c Sat Jan 21 17:40:39 1995 *************** *** 9,15 **** "@(#) Copyright (c) 1980 Regents of the University of California.\n\ All rights reserved.\n"; ! static char sccsid[] = "@(#)bad144.c 5.4.1 (2.11BSD GTE) 12/31/93"; #endif not lint /* --- 9,15 ---- "@(#) Copyright (c) 1980 Regents of the University of California.\n\ All rights reserved.\n"; ! static char sccsid[] = "@(#)bad144.c 5.4.2 (2.11BSD GTE) 1/21/95"; #endif not lint /* *************** *** 52,58 **** char name[BUFSIZ]; char *malloc(); off_t lseek(); - off_t tell(); long atol(); main(argc, argv) --- 52,57 ---- *** /usr/src/sys/GENERIC/Makefile.old Tue Nov 29 23:30:06 1994 --- /usr/src/sys/GENERIC/Makefile Sat Jan 14 00:36:30 1995 *************** *** 63,69 **** quota_ufs.o subr_log.o vm_swp.o vm_swap.o vm_proc.o toy.o OV5= ht.o tm.o ts.o mem.o OV6= tmscp.o rl.o ! OV7= mch_fpsim.o KERNOBJ=${CONF} ${BASE} ${OV1} ${OV2} ${OV3} ${OV4} ${OV5} \ ${OV6} ${OV7} ${OV8} ${OV9} ${OV10} ${OV11} ${OV12} \ --- 63,69 ---- quota_ufs.o subr_log.o vm_swp.o vm_swap.o vm_proc.o toy.o OV5= ht.o tm.o ts.o mem.o OV6= tmscp.o rl.o ! OV7= mch_fpsim.o kern_sysctl.o KERNOBJ=${CONF} ${BASE} ${OV1} ${OV2} ${OV3} ${OV4} ${OV5} \ ${OV6} ${OV7} ${OV8} ${OV9} ${OV10} ${OV11} ${OV12} \