1 /*- 2 * Copyright (c) 1982, 1988, 1991, 1993 3 * The Regents of the University of California. All rights reserved. 4 * (c) UNIX System Laboratories, Inc. 5 * All or some portions of this file are derived from material licensed 6 * to the University of California by American Telephone and Telegraph 7 * Co. or Unix System Laboratories, Inc. and are reproduced herein with 8 * the permission of UNIX System Laboratories, Inc. 9 * 10 * %sccs.include.redist.c% 11 * 12 * @(#)systm.h 8.7 (Berkeley) 03/29/95 13 */ 14 15 /* 16 * The `securelevel' variable controls the security level of the system. 17 * It can only be decreased by process 1 (/sbin/init). 18 * 19 * Security levels are as follows: 20 * -1 permannently insecure mode - always run system in level 0 mode. 21 * 0 insecure mode - immutable and append-only flags make be turned off. 22 * All devices may be read or written subject to permission modes. 23 * 1 secure mode - immutable and append-only flags may not be changed; 24 * raw disks of mounted filesystems, /dev/mem, and /dev/kmem are 25 * read-only. 26 * 2 highly secure mode - same as (1) plus raw disks are always 27 * read-only whether mounted or not. This level precludes tampering 28 * with filesystems by unmounting them, but also inhibits running 29 * newfs while the system is secured. 30 * 31 * In normal operation, the system runs in level 0 mode while single user 32 * and in level 1 mode while multiuser. If level 2 mode is desired while 33 * running multiuser, it can be set in the multiuser startup script 34 * (/etc/rc.local) using sysctl(1). If it is desired to run the system 35 * in level 0 mode while multiuser, initialize the variable securelevel 36 * in /sys/kern/kern_sysctl.c to -1. Note that it is NOT initialized to 37 * zero as that would allow the vmunix binary to be patched to -1. 38 * Without initialization, securelevel loads in the BSS area which only 39 * comes into existence when the kernel is loaded and hence cannot be 40 * patched by a stalking hacker. 41 */ 42 extern int securelevel; /* system security level */ 43 extern const char *panicstr; /* panic message */ 44 extern char version[]; /* system version */ 45 extern char copyright[]; /* system copyright */ 46 47 extern int nblkdev; /* number of entries in bdevsw */ 48 extern int nchrdev; /* number of entries in cdevsw */ 49 extern int nswdev; /* number of swap devices */ 50 extern int nswap; /* size of swap space */ 51 52 extern int selwait; /* select timeout address */ 53 54 extern u_char curpriority; /* priority of current process */ 55 56 extern int maxmem; /* max memory per process */ 57 extern int physmem; /* physical memory */ 58 59 extern dev_t dumpdev; /* dump device */ 60 extern long dumplo; /* offset into dumpdev */ 61 62 extern dev_t rootdev; /* root device */ 63 extern struct vnode *rootvp; /* vnode equivalent to above */ 64 65 extern dev_t swapdev; /* swapping device */ 66 extern struct vnode *swapdev_vp;/* vnode equivalent to above */ 67 68 extern struct sysent { /* system call table */ 69 short sy_narg; /* number of args */ 70 short sy_argsize; /* total size of arguments */ 71 int (*sy_call)(); /* implementing function */ 72 } sysent[]; 73 extern int nsysent; 74 #define SCARG(p,k) ((p)->k.datum) /* get arg from args pointer */ 75 76 extern int boothowto; /* reboot flags, from console subsystem */ 77 78 /* casts to keep lint happy */ 79 #define insque(q,p) _insque((caddr_t)q,(caddr_t)p) 80 #define remque(q) _remque((caddr_t)q) 81 82 /* 83 * General function declarations. 84 */ 85 int nullop __P((void)); 86 int enodev __P((void)); 87 int enoioctl __P((void)); 88 int enxio __P((void)); 89 int eopnotsupp __P((void)); 90 int einval __P((void)); 91 int seltrue __P((dev_t dev, int which, struct proc *p)); 92 void *hashinit __P((int count, int type, u_long *hashmask)); 93 int nosys __P((struct proc *, void *, register_t *)); 94 95 #ifdef __GNUC__ 96 volatile void panic __P((const char *, ...)); 97 #else 98 void panic __P((const char *, ...)); 99 #endif 100 void tablefull __P((const char *)); 101 void addlog __P((const char *, ...)); 102 void log __P((int, const char *, ...)); 103 void printf __P((const char *, ...)); 104 int sprintf __P((char *buf, const char *, ...)); 105 void ttyprintf __P((struct tty *, const char *, ...)); 106 107 void bcopy __P((const void *from, void *to, u_int len)); 108 void ovbcopy __P((const void *from, void *to, u_int len)); 109 void bzero __P((void *buf, u_int len)); 110 111 int copystr __P((void *kfaddr, void *kdaddr, u_int len, u_int *done)); 112 int copyinstr __P((void *udaddr, void *kaddr, u_int len, u_int *done)); 113 int copyoutstr __P((void *kaddr, void *udaddr, u_int len, u_int *done)); 114 int copyin __P((void *udaddr, void *kaddr, u_int len)); 115 int copyout __P((void *kaddr, void *udaddr, u_int len)); 116 117 int fubyte __P((void *base)); 118 #ifdef notdef 119 int fuibyte __P((void *base)); 120 #endif 121 int subyte __P((void *base, int byte)); 122 int suibyte __P((void *base, int byte)); 123 int fuword __P((void *base)); 124 int fuiword __P((void *base)); 125 int suword __P((void *base, int word)); 126 int suiword __P((void *base, int word)); 127 128 int hzto __P((struct timeval *tv)); 129 void timeout __P((void (*func)(void *), void *arg, int ticks)); 130 void untimeout __P((void (*func)(void *), void *arg)); 131 void realitexpire __P((void *)); 132 133 struct clockframe; 134 void hardclock __P((struct clockframe *frame)); 135 void softclock __P((void)); 136 void statclock __P((struct clockframe *frame)); 137 138 void initclocks __P((void)); 139 140 void startprofclock __P((struct proc *)); 141 void stopprofclock __P((struct proc *)); 142 void setstatclockrate __P((int hzrate)); 143 144 #include <libkern/libkern.h> 145