1 /*- 2 * Copyright (c) 1982, 1988, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * %sccs.include.redist.c% 11 * 12 * @(#)systm.h 8.3 (Berkeley) 01/21/94 13 */ 14 15 /* 16 * The `securelevel' variable controls the security level of the system. 17 * It can only be decreased by process 1 (/sbin/init). 18 * 19 * Security levels are as follows: 20 * -1 permannently insecure mode - always run system in level 0 mode. 21 * 0 insecure mode - immutable and append-only flags make be turned off. 22 * All devices may be read or written subject to permission modes. 23 * 1 secure mode - immutable and append-only flags may not be changed; 24 * raw disks of mounted filesystems, /dev/mem, and /dev/kmem are 25 * read-only. 26 * 2 highly secure mode - same as (1) plus raw disks are always 27 * read-only whether mounted or not. This level precludes tampering 28 * with filesystems by unmounting them, but also inhibits running 29 * newfs while the system is secured. 30 * 31 * In normal operation, the system runs in level 0 mode while single user 32 * and in level 1 mode while multiuser. If level 2 mode is desired while 33 * running multiuser, it can be set in the multiuser startup script 34 * (/etc/rc.local) using sysctl(1). If it is desired to run the system 35 * in level 0 mode while multiuser, initialize the variable securelevel 36 * in /sys/kern/kern_sysctl.c to -1. Note that it is NOT initialized to 37 * zero as that would allow the vmunix binary to be patched to -1. 38 * Without initialization, securelevel loads in the BSS area which only 39 * comes into existence when the kernel is loaded and hence cannot be 40 * patched by a stalking hacker. 41 */ 42 extern int securelevel; /* system security level */ 43 extern const char *panicstr; /* panic message */ 44 extern char version[]; /* system version */ 45 extern char copyright[]; /* system copyright */ 46 47 extern int nblkdev; /* number of entries in bdevsw */ 48 extern int nchrdev; /* number of entries in cdevsw */ 49 extern int nswdev; /* number of swap devices */ 50 extern int nswap; /* size of swap space */ 51 52 extern int selwait; /* select timeout address */ 53 54 extern u_char curpriority; /* priority of current process */ 55 56 extern int maxmem; /* max memory per process */ 57 extern int physmem; /* physical memory */ 58 59 extern dev_t dumpdev; /* dump device */ 60 extern long dumplo; /* offset into dumpdev */ 61 62 extern dev_t rootdev; /* root device */ 63 extern struct vnode *rootvp; /* vnode equivalent to above */ 64 65 extern dev_t swapdev; /* swapping device */ 66 extern struct vnode *swapdev_vp;/* vnode equivalent to above */ 67 68 extern struct sysent { /* system call table */ 69 int sy_narg; /* number of arguments */ 70 int (*sy_call)(); /* implementing function */ 71 } sysent[]; 72 73 extern int boothowto; /* reboot flags, from console subsystem */ 74 75 /* casts to keep lint happy */ 76 #define insque(q,p) _insque((caddr_t)q,(caddr_t)p) 77 #define remque(q) _remque((caddr_t)q) 78 79 /* 80 * General function declarations. 81 */ 82 int nullop __P((void)); 83 int enodev __P((void)); 84 int enoioctl __P((void)); 85 int enxio __P((void)); 86 int eopnotsupp __P((void)); 87 int seltrue __P((dev_t dev, int which, struct proc *p)); 88 void *hashinit __P((int count, int type, u_long *hashmask)); 89 90 #ifdef __GNUC__ 91 volatile void panic __P((const char *, ...)); 92 #else 93 void panic __P((const char *, ...)); 94 #endif 95 void tablefull __P((const char *)); 96 void addlog __P((const char *, ...)); 97 void log __P((int, const char *, ...)); 98 void printf __P((const char *, ...)); 99 int sprintf __P((char *buf, const char *, ...)); 100 void ttyprintf __P((struct tty *, const char *, ...)); 101 102 void bcopy __P((void *from, void *to, u_int len)); 103 void ovbcopy __P((void *from, void *to, u_int len)); 104 void bzero __P((void *buf, u_int len)); 105 106 int copystr __P((void *kfaddr, void *kdaddr, u_int len, u_int *done)); 107 int copyinstr __P((void *udaddr, void *kaddr, u_int len, u_int *done)); 108 int copyoutstr __P((void *kaddr, void *udaddr, u_int len, u_int *done)); 109 int copyin __P((void *udaddr, void *kaddr, u_int len)); 110 int copyout __P((void *kaddr, void *udaddr, u_int len)); 111 112 int fubyte __P((void *base)); 113 #ifdef notdef 114 int fuibyte __P((void *base)); 115 #endif 116 int subyte __P((void *base, int byte)); 117 int suibyte __P((void *base, int byte)); 118 int fuword __P((void *base)); 119 int fuiword __P((void *base)); 120 int suword __P((void *base, int word)); 121 int suiword __P((void *base, int word)); 122 123 int hzto __P((struct timeval *tv)); 124 void timeout __P((void (*func)(void *), void *arg, int ticks)); 125 void untimeout __P((void (*func)(void *), void *arg)); 126 void realitexpire __P((void *)); 127 128 struct clockframe; 129 void hardclock __P((struct clockframe *frame)); 130 void softclock __P((void)); 131 void statclock __P((struct clockframe *frame)); 132 133 void initclocks __P((void)); 134 135 void startprofclock __P((struct proc *)); 136 void stopprofclock __P((struct proc *)); 137 void setstatclockrate __P((int hzrate)); 138 139 #include <libkern/libkern.h> 140