The syscall number is stored in the same register as the syscall return
on amd64 (and possibly other architectures) and so it is impossible to
recover in the signal handler after the call has returned. This small
tweak delivers it in the `si_value` field of the signal, which is
sufficient to catch capability violations and emulate them with a call
to a more-privileged process in the signal handler.
Approved by: markj (mentor)
Reviewed by: kib, bcr (manpages)
Differential Revision: https://reviews.freebsd.org/D29185
This introduces a new, per-process flag, "NO_NEW_PRIVS", which
is inherited, preserved on exec, and cannot be cleared. The flag,
when set, makes subsequent execs ignore any SUID and SGID bits,
instead executing those binaries as if they not set.
The main purpose of the flag is implementation of Linux
PROC_SET_NO_NEW_PRIVS prctl(2), and possibly also unpriviledged
chroot.
Reviewed By: kib
Sponsored By: EPSRC
Differential Revision: https://reviews.freebsd.org/D30939
Finally, we have the correct function definition for strmode. NetBSD/OpenBSD
did this many years ago. This code is weird sign extension safe.
Reviewed by: imp@
Pull Request: https://github.com/freebsd/freebsd-src/pull/493
When debugging POSIX shared memory issues, it's really
useful to learn that there is a command line tool now
to manipulate shared memory segments.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D30896
so that libc vdso and kernel syscall give closer results.
Reported by: dchagin
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D30873
Call binuptime inside switch statement, instead of pre-calculating
the abs argument.
Change the type of the abs argument to bool.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D30873
We can use the buffer passed to fread(3) directly in the FILE *.
The buffer needs to be reset before each call to __srefill().
This preserves the expected behavior in all cases.
The change was found originally in OpenBSD and later adopted by NetBSD.
MFC after: 2 weeks
Obtained from: OpenBSD (CVS 1.18)
Differential Revision: https://reviews.freebsd.org/D30548
Previously, a negative change list length would be treated the same as
an empty change list. A negative event list length would result in
bogus copyouts. Make kevent(2) return EINVAL for both cases so that
application bugs are more easily found, and to be more robust against
future changes to kevent internals.
Reviewed by: imp, kib
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30480
Document that LOG_PID is ignored and can not be disabled.
This change was made along with the move from RFC 3164 to RFC 5424 log messages.
PR: 255664
Reported by: des.gaufres@gmail.com
Reviewed by: gbe, jilles
Approved by: gbe (mentor, manpages), jilles
There are still references to timed(8) and timedc(8) in the base system,
which were removed in 2018.
PR: 255425
Reported by: Ceri Davies <ceri at submonkey dot net>
Reviewed by: ygy, gbe
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D30232
It reopens the passed file descriptor, checking the file backing vnode'
current access rights against open mode. In particular, this flag allows
to convert file descriptor opened with O_PATH, into operable file
descriptor, assuming permissions allow that.
Reviewed by: markj
Tested by: Andrew Walker <awalker@ixsystems.com>
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D30148
It writes the core of live stopped process to the file descriptor
provided as an argument.
Based on the initial version from https://reviews.freebsd.org/D29691,
submitted by Michał Górny <mgorny@gentoo.org>.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D29955
Teach poll(2) to support Linux-style POLLRDHUP events for sockets, if
requested. Triggered when the remote peer shuts down writing or closes
its end.
Reviewed by: kib
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D29757
While most 64-bit architectures have an assembly implementation of this
file, RISC-V does not. As we now store 8 bytes instead of 4 it should speed
up RISC-V.
Reviewed By: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29536
While most 64-bit architectures have an assembly implementation of this
file RISC-V does not. As we now copy 8 bytes instead of 4 it should speed
up RISC-V. Using intptr_t instead of int also allows using this file for
CHERI pure-capability code since trying to copy pointers using integer
loads/stores will invalidate pointers.
Reviewed By: kib
Obtained from: CheriBSD (partially)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29535
This commit should not have introduced any functional changes, but
apparently it did. This appears to have broken LDAP setups.
Reverting for now. Will reland once I have fixed the breakage.
This reverts commit 5245bf7b92.
Reported By: Александр Недоцуков, brd
MFC after: immediately
It seems to be a nice idea to show how fork() is usually used in
practice. This may act as a guide to developers who want to quickly
recall how to use the fork() function.
Reviewed by: bcr, yuripv
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27626
if VREAD access is checked as allowed during open
Requested by: wulf
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D29323
by only keeping hold count on the vnode, instead of the use count.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D29323
It is currently allowed to fchownat(2), fchmodat(2), fchflagsat(2),
utimensat(2), fstatat(2), and linkat(2).
For linkat(2), PRIV_VFS_FHOPEN privilege is required to exercise the flag.
It allows to link any open file.
Requested by: trasz
Tested by: pho, trasz
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D29111
This is the same change as d36d681615, but for libc static implementaion
of dl_iterate_phdr().
Reported by: emacsray@gmail.com
PR: 254774
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D29623
This was only needed on 32-bit arm prior to ARMv6. As we only support
ARMv6 or later remove it.
Reviewed by: mannu
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D29624
dl_iterate_phdr() dlpi_tls_data should provide the TLS module segment
address, and not the TLS init segment address as it does now.
Reported by: emacsray@gmail.com
PR: 254774
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Instead of polling nleft[i] (without appropriate memory barriers!) and
using sleep() to detect the exit just call pthread_join() on all threads.
Also replace the use of a mutex that guarding the increments with atomic
fetch_add. This should reduce the runtime of this test on SMP systems.
Finally, remove all the debug printfs unless DEBUG_OUTPUT is set in
the environment.
Test Plan: still fails sometimes on qemu (but maybe less often?)
Reviewed By: jhb
Differential Revision: https://reviews.freebsd.org/D29390
POWER architecture CPUs (Book-S) require natural alignment for
cache-inhibited storage accesses. Since we can't know the caching model
for a page ahead of time, always enforce natural alignment in bcopy.
This fixes a SIGBUS when calling the function with misaligned pointers
on POWER7.
Submitted by: Bruno Larsen <bruno.larsen@eldorado.org.br>
Reviewed by: luporl, bdragon (IRC)
MFC after: 1 week
Sponsored by: Eldorado Research Institute (eldorado.org.br)
Differential Revision: https://reviews.freebsd.org/D28776
The error cases (goto fin) of _nsdispatch were missing the unlock.
This change also drops the checks for __isthreaded since the pthread stubs
are already no-ops if threads are not being used. Dropping those conditionals
allows clang's thread safety analysis to deal with the file and also makes
the code a bit more readable. While touching the file also add a few more
assertions in debug mode that the right locks are held.
Reviewed By: markj
Differential Revision: https://reviews.freebsd.org/D29372
- Defined MAXLINE constant (8192 octets by default instead 2048) for
centralized limit setting up. It sets maximum number of characters of
the syslog message. RFC5424 doesn't limit maximum size of the message.
Named after MAXLINE in syslogd(8).
- Fixed size of fmt_cpy buffer up to MAXLINE for rendering formatted
(%m) messages.
- Introduced autoexpansion of sending socket buffer up to MAXLINE.
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D27205