Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-3]: src/sys/sys Pull up revision 1.134 (requested by elad in tick...

details:   https://anonhg.NetBSD.org/src/rev/e3f5d4fc1169
branches:  netbsd-3
changeset: 576138:e3f5d4fc1169
user:      tron <tron%NetBSD.org@localhost>
date:      Fri Jun 10 15:10:51 2005 +0000

description:
Pull up revision 1.134 (requested by elad in ticket #389):
Some changes in veriexec.
New features:
- Add a veriexec_report() routine to make most reporting consistent and
remove some common code.
- Add 'strict' mode that controls how veriexec behaves.
- Add sysctl knobs:
o kern.veriexec.verbose controls verbosity levels. Value: 0, 1.
o kern.veriexec.strict controls strict level. Values: 0, 1, 2. See
documentation in sysctl(3) for details.
o kern.veriexec.algorithms returns a string with a space separated
list of supported hashing algorithms in veriexec.
- Updated documentation in man pages for sysctl(3) and sysctl(8).
Bug fixes:
- veriexec_removechk(): Code cleanup + handle FINGERPRINT_NOTEVAL
correctly.
- exec_script(): Don't pass 0 as flag when executing a script; use the
defined VERIEXEC_INDIRECT - which is 1. Makes indirect execution
enforcement work.
- Fix some printing formats and types..

diffstat:

 sys/sys/sysctl.h |  6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diffs (27 lines):

diff -r 4dba09bc1f1a -r e3f5d4fc1169 sys/sys/sysctl.h
--- a/sys/sys/sysctl.h  Fri Jun 10 15:10:44 2005 +0000
+++ b/sys/sys/sysctl.h  Fri Jun 10 15:10:51 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: sysctl.h,v 1.133 2005/03/11 06:16:16 atatat Exp $      */
+/*     $NetBSD: sysctl.h,v 1.133.2.1 2005/06/10 15:10:51 tron Exp $    */
 
 /*
  * Copyright (c) 1989, 1993
@@ -268,7 +268,8 @@
 #define        KERN_DRIVERS            75      /* struct: driver names and majors #s */
 #define        KERN_BUF                76      /* struct: buffers */
 #define        KERN_FILE2              77      /* struct: file entries */
-#define        KERN_MAXID              78      /* number of valid kern ids */
+#define        KERN_VERIEXEC           78      /* node: verified exec */
+#define        KERN_MAXID              79      /* number of valid kern ids */
 
 
 #define        CTL_KERN_NAMES { \
@@ -350,6 +351,7 @@
        { "drivers", CTLTYPE_STRUCT }, \
        { "buf", CTLTYPE_NODE }, \
        { "file2", CTLTYPE_STRUCT }, \
+       { "veriexec", CTLTYPE_NODE }, \
 }
 
 /*
Home | Main Index | Thread Index | Old Index