 @@ -1,14 +1,14 @@
-/*	$NetBSD: param.c,v 1.61 2009/05/02 14:13:28 pooka Exp $	*/
+/*	$NetBSD: param.c,v 1.62 2009/05/03 21:25:44 elad Exp $	*/
 /*
  * Copyright (c) 1980, 1986, 1989 Regents of the University of California.
  * All rights reserved.
  * (c) UNIX System Laboratories, Inc.
  * All or some portions of this file are derived from material licensed
  * to the University of California by American Telephone and Telegraph
  * Co. or Unix System Laboratories, Inc. and are reproduced herein with
  * the permission of UNIX System Laboratories, Inc.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
 @@ -27,27 +27,27 @@
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)param.c	7.20 (Berkeley) 6/27/91
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: param.c,v 1.61 2009/05/02 14:13:28 pooka Exp $");
+__KERNEL_RCSID(0, "$NetBSD: param.c,v 1.62 2009/05/03 21:25:44 elad Exp $");
 #include "opt_hz.h"
 #include "opt_rtc_offset.h"
 #include "opt_sysv.h"
 #include "opt_sysvparam.h"
 #include "opt_nmbclusters.h"
 #include "opt_multiprocessor.h"
 #include <sys/param.h>
 #include <sys/systm.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
 #include <sys/proc.h>
 @@ -121,28 +121,26 @@ int	maxproc = NPROC;
 int	desiredvnodes = NVNODE;
 u_int	maxfiles = MAXFILES;
 int	fscale = FSCALE;	/* kernel uses `FSCALE', user uses `fscale' */
 int	maxexec = MAXEXEC;	/* max number of concurrent exec() calls */
 #ifdef MULTIPROCESSOR
 u_int	maxcpus = MAXCPUS;
 size_t	coherency_unit = COHERENCY_UNIT;
 #else
 u_int	maxcpus = 1;
 size_t	coherency_unit = ALIGNBYTES + 1;
 #endif
 int	dovfsusermount = 0;
 /*
  * Various mbuf-related parameters.  These can also be changed at run-time
  * with sysctl.
  */
 int	nmbclusters = NMBCLUSTERS;
 #ifndef MBLOWAT
 #define	MBLOWAT		16
 #endif
 int	mblowat = MBLOWAT;
 #ifndef MCLLOWAT
 #define	MCLLOWAT	8

 @@ -1,14 +1,14 @@
-/*	$NetBSD: vfs_init.c,v 1.43 2009/01/17 07:02:35 yamt Exp $	*/
+/*	$NetBSD: vfs_init.c,v 1.44 2009/05/03 21:25:44 elad Exp $	*/
 /*-
  * Copyright (c) 1998, 2000, 2008 The NetBSD Foundation, Inc.
  * All rights reserved.
+ *
  * This code is derived from software contributed to The NetBSD Foundation
  * by Jason R. Thorpe of the Numerical Aerospace Simulation Facility,
  * NASA Ames Research Center.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
 @@ -57,27 +57,27 @@
  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
+ *
  *	@(#)vfs_init.c	8.5 (Berkeley) 5/11/95
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_init.c,v 1.43 2009/01/17 07:02:35 yamt Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_init.c,v 1.44 2009/05/03 21:25:44 elad Exp $");
 #include <sys/param.h>
 #include <sys/mount.h>
 #include <sys/time.h>
 #include <sys/vnode.h>
 #include <sys/stat.h>
 #include <sys/namei.h>
 #include <sys/ucred.h>
 #include <sys/buf.h>
 #include <sys/errno.h>
 #include <sys/kmem.h>
 #include <sys/systm.h>
 #include <sys/module.h>
 @@ -137,48 +137,40 @@ vn_default_error(void *v)
+{
 	return (EOPNOTSUPP);
+}
 static struct sysctllog *vfs_sysctllog;
 /*
  * Top level filesystem related information gathering.
  */
 static void
 sysctl_vfs_setup(void)
+{
 	extern int dovfsusermount;
 	extern int vfs_magiclinks;
 	sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT,
 		       CTLTYPE_NODE, "vfs", NULL,
 		       NULL, 0, NULL, 0,
 		       CTL_VFS, CTL_EOL);
 	sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT,
 		       CTLTYPE_NODE, "generic",
 		       SYSCTL_DESCR("Non-specific vfs related information"),
 		       NULL, 0, NULL, 0,
 		       CTL_VFS, VFS_GENERIC, CTL_EOL);
 	sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		       CTLTYPE_INT, "usermount",
 		       SYSCTL_DESCR("Whether unprivileged users may mount "
 				    "filesystems"),
 		       NULL, 0, &dovfsusermount, 0,
 		       CTL_VFS, VFS_GENERIC, VFS_USERMOUNT, CTL_EOL);
 	sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT,
 		       CTLTYPE_STRING, "fstypes",
 		       SYSCTL_DESCR("List of file systems present"),
 		       sysctl_vfs_generic_fstypes, 0, NULL, 0,
 		       CTL_VFS, VFS_GENERIC, CTL_CREATE, CTL_EOL);
 	sysctl_createv(&vfs_sysctllog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		       CTLTYPE_INT, "magiclinks",
 		       SYSCTL_DESCR("Whether \"magic\" symlinks are expanded"),
 		       NULL, 0, &vfs_magiclinks, 0,
 		       CTL_VFS, VFS_GENERIC, VFS_MAGICLINKS, CTL_EOL);
+}

 @@ -1,14 +1,14 @@
-/* $NetBSD: secmodel_bsd44.c,v 1.11 2007/11/21 22:49:07 elad Exp $ */
+/* $NetBSD: secmodel_bsd44.c,v 1.12 2009/05/03 21:25:44 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. The name of the author may not be used to endorse or promote products
 @@ -17,33 +17,34 @@
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44.c,v 1.11 2007/11/21 22:49:07 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44.c,v 1.12 2009/05/03 21:25:44 elad Exp $");
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/kauth.h>
 #include <sys/sysctl.h>
 #include <sys/mount.h>
 #include <secmodel/secmodel.h>
 #include <secmodel/bsd44/bsd44.h>
 #include <secmodel/bsd44/suser.h>
 #include <secmodel/securelevel/securelevel.h>
 SYSCTL_SETUP(sysctl_security_bsd44_setup,
     "sysctl security bsd44 setup")
+{
 	const struct sysctlnode *rnode;
 	sysctl_createv(clog, 0, NULL, &rnode,
 @@ -82,26 +83,58 @@ SYSCTL_SETUP(sysctl_security_bsd44_setup
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		       CTLTYPE_INT, "securelevel",
 		       SYSCTL_DESCR("System security level"),
 		       secmodel_securelevel_sysctl, 0, NULL, 0,
 		       CTL_CREATE, CTL_EOL);
 	sysctl_createv(clog, 0, &rnode, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		       CTLTYPE_INT, "curtain",
 		       SYSCTL_DESCR("Curtain information about objects to "
 				    "users not owning them."),
 		       NULL, 0, &secmodel_bsd44_curtain, 0,
 		       CTL_CREATE, CTL_EOL);
 	sysctl_createv(clog, 0, &rnode, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		       CTLTYPE_INT, "usermount",
 		       SYSCTL_DESCR("Whether unprivileged users may mount "
 				    "filesystems"),
 		       NULL, 0, &dovfsusermount, 0,
 		       CTL_CREATE, CTL_EOL);
 	/*
 	 * For compatibility, create the "dovfsusermount" variable in its
 	 * original location.
 	 */
 	sysctl_createv(clog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT,
 		       CTLTYPE_NODE, "vfs", NULL,
 		       NULL, 0, NULL, 0,
 		       CTL_VFS, CTL_EOL);
 	sysctl_createv(clog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT,
 		       CTLTYPE_NODE, "generic",
 		       SYSCTL_DESCR("Non-specific vfs related information"),
 		       NULL, 0, NULL, 0,
 		       CTL_VFS, VFS_GENERIC, CTL_EOL);
 	sysctl_createv(clog, 0, NULL, NULL,
 		       CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
 		       CTLTYPE_INT, "usermount",
 		       SYSCTL_DESCR("Whether unprivileged users may mount "
 				    "filesystems"),
 		       NULL, 0, &dovfsusermount, 0,
 		       CTL_VFS, VFS_GENERIC, VFS_USERMOUNT, CTL_EOL);
+}
 void
 secmodel_bsd44_start(void)
+{
 	secmodel_bsd44_init();
 	secmodel_bsd44_suser_start();
 	secmodel_securelevel_start();
 	secmodel_register();
+}

 @@ -1,14 +1,14 @@
-/* $NetBSD: secmodel_bsd44_logic.c,v 1.4 2007/11/21 22:49:07 elad Exp $ */
+/* $NetBSD: secmodel_bsd44_logic.c,v 1.5 2009/05/03 21:25:44 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. The name of the author may not be used to endorse or promote products
 @@ -17,36 +17,38 @@
  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_logic.c,v 1.4 2007/11/21 22:49:07 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_logic.c,v 1.5 2009/05/03 21:25:44 elad Exp $");
 #include <sys/types.h>
 #include <sys/param.h>
 #include <sys/kauth.h>
 #include <sys/sysctl.h>
 #include <secmodel/bsd44/bsd44.h>
 #include <secmodel/bsd44/suser.h>
 #include <secmodel/securelevel/securelevel.h>
 int secmodel_bsd44_curtain;
 int dovfsusermount;
 /*
  * Initialize the traditional NetBSD security model.
  */
 void
 secmodel_bsd44_init(void)
+{
 	secmodel_securelevel_init();
 	secmodel_bsd44_curtain = 0;
 	dovfsusermount = 0;
+}

 @@ -1,14 +1,14 @@
-/* $NetBSD: suser.h,v 1.4 2007/01/09 12:57:56 elad Exp $ */
+/* $NetBSD: suser.h,v 1.5 2009/05/03 21:25:44 elad Exp $ */
 /*-
  * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
  * All rights reserved.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  * 1. Redistributions of source code must retain the above copyright
  *    notice, this list of conditions and the following disclaimer.
  * 2. Redistributions in binary form must reproduce the above copyright
  *    notice, this list of conditions and the following disclaimer in the
  *    documentation and/or other materials provided with the distribution.
  * 3. The name of the author may not be used to endorse or promote products
 @@ -20,26 +20,27 @@
  * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
  * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
  * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
  * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 #ifndef _SECMODEL_BSD44_SUSER_H_
 #define	_SECMODEL_BSD44_SUSER_H_
 extern int secmodel_bsd44_curtain;
 extern int dovfsusermount;
 void secmodel_bsd44_suser_start(void);
 #if defined(_LKM)
 void secmodel_bsd44_suser_stop(void);
 #endif /* _LKM */
 int secmodel_bsd44_suser_generic_cb(kauth_cred_t, kauth_action_t, void *,
     void *, void *, void *, void *);
 int secmodel_bsd44_suser_system_cb(kauth_cred_t, kauth_action_t, void *,
     void *, void *, void *, void *);
 int secmodel_bsd44_suser_process_cb(kauth_cred_t, kauth_action_t, void *,
     void *, void *, void *, void *);