the jail(8) command. [10:04]
Fix a one-NUL-byte buffer overflow in libopie. [10:05]
Correctly sanity-check a buffer length in nfs mount. [10:06]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-10:04.jail
Security: FreeBSD-SA-10:05.opie
Security: FreeBSD-SA-10:06.nfsclient
Make it possible to actually use NFSv4 permission bits with acl_set_perm(3)
and acl_delete_perm(3). It went undetected, because neither setfacl(1)
nor Samba use this routines. D'oh.
Fix a bug due to a type conversion from 64 to 32 bits. The side effect of
this type conversion is the high bits which were used to indicate if a
special character was a literal or special were dropped. As a result, all
special character were treated as special, even if they were supposed to
be literals.
Approved by: mentor (wes@)
Two optimizations to MI strlen(3) inspired by David S. Miller's
blog posting [1].
- Use word-sized test for unaligned pointer before working
the hard way.
Memory page boundary is always integral multiple of a word
alignment boundary. Therefore, if we can access memory
referenced by pointer p, then (p & ~word mask) must be also
accessible.
- Better utilization of multi-issue processor's ability of
concurrency.
The previous implementation utilized a formular that must be
executed sequentially. However, the ~, & and - operations can
actually be caculated at the same time when the operand were
different and unrelated.
The original Hacker's Delight formular also offered consistent
performance regardless whether the input would contain
characters with their highest-bit set, as it catches real
nul characters only.
These two optimizations has shown further improvements over the
previous implementation on microbenchmarks on i386 and amd64 CPU
including Pentium 4, Core Duo 2 and i7.
[1] http://vger.kernel.org/~davem/cgi-bin/blog.cgi/2010/03/08#strlen_1
* un-document 'struct sigaltstack' tag for stack_t as this is BSD-specific;
this doesn't seem useful enough to document as such
* alternate stacks are per thread, not per process
* update error codes to what the kernel does and POSIX requires
POSIX permits but does not require checking access on the current and parent
directories.
Because various programs do not like it if getcwd(3) fails, it seems best
to avoid checking access as much as possible. There are various reports in
GNATS about this (search for getcwd).
Our getcwd(3) implementation first queries the kernel for the pathname
directly, which does not check any permissions but sometimes fails, and then
falls back to reading all parent directories for the names.
PR: standards/44425
Slightly modernize realpath(3).
SUSv4 requires that implementation returns EINVAL if supplied path is NULL,
and ENOENT if path is empty string [1].
Bring prototype in conformance with SUSv4, adding restrict keywords.
Allow the resolved path buffer pointer be NULL, in which case realpath(3)
allocates storage with malloc().
MFC r206898:
Free() is not allowed to modify errno, remove safety brackets around it.
Add small optimization, do not copy a string to the buffer that is
to be freed immediately after.
MFC r206997:
Move realpath(3) prototype to a POSIX section.
MFC r206998:
Add standards section, improve wording, taking into account the handling
of NULL and changed type in declaration.
While SPARC V9 allows tininess to be detected either before or after
rounding (impl. dep. #55), the SPARC JPS1 responsible for SPARC64 and
UltraSPARC processors defines that in all cases tininess is detected
before rounding therefore rounding up to the smallest normalized number
should set the underflow flag. This change is needed for using SoftFloat
on sparc64 for reference purposes.
PR: 144900
Submitted by: Peter Jeremy
Align the declaration for sa_sigaction with POSIX.
MFC r206649:
Still reference struct __sigaction with clarification when this form
of argument declaration is needed.
MFC r206802:
Revert r206649. Simplify the presented declaration of struct sigaction.
- Stop adding trailing '\n'. The servent_unpack() doesn't expect
lines terminated with '\n'.
- Treat '+' as special only when in compat mode, and simplify
the logic bit.
- Reduce duplicate code.
- While SPARC V9 allows tininess to be detected either before or after
rounding (impl. dep. #55), the SPARC JPS1 responsible for SPARC64 and
UltraSPARC processors defines that in all cases tinyness is detected
before rounding, therefore rounding up to the smallest normalised
number should set the underflow flag.
- If an infinite result is rounded down, the result should have an
exponent 1 less than the value for infinity.
PR: 144900
Submitted by: Peter Jeremy
Division should take both arguments' signs into account when the
the dividend is infinity or zero and the divisor is not the same.
PR: 144900
Submitted by: Peter Jeremy
Use thr_once() with once_t controls to initialize various thread_key_t
objects used to provide per-thread storage in the RPC code. Almost all
of these used double-checking with a dedicated mutex (tsd_lock) to do this
before. However, that is not always safe with more relaxed memory orders.
There were also other bugs, such as one in __rpc_createrr() that caused a
new key to be allocated each time __rpc_createrr() was invoked.
- The OPSZ macro actually only does the right thing for int32 and int64
operands but not for double and extended double ones. Instead of trying
to fix the macro just nuke it and unroll the loops in the correct way
though as extended double operands turn out to be the only special case.
- For FxTO{s,d,q} the source operand is int64 so rs2 has to be re-decoded
after setting type accordingly as it's generally decoded using the low
2 bits as the type, which are 0 for these three instructions.
- Similarly, in case of F{s,d,q}TOx the target is int64 so rd has to be
re-decoded using not only the operand mask appropriate for int64 but
also the correct register number encoding.
- Use const where appropriate.
- Wrap long lines.
Submitted by: Peter Jeremy (partly)
In _gettemp(), check that the length of the path doesn't exceed
MAXPATHLEN. Otherwise the path name (or part of it) may not fit to
carrybuf causing a buffer overflow.
PR: bin/140228
Make pause(3) implementation not depended on the legacy sigcompat.c
interfaces. Do not block rt signals during and after pause(3) calls.
Use private libc namespace to call proper methods.
The multiplicand a = 0x5deece66d = 25214903917, not 0xfdeece66d.
This bug in the man page has gone unnoticed for over 15 years!
PR: docs/143461
Submitted by: Jeremy Huddleston jeremyhu apple.com
Add missing return, in a rare case where we can't allocate memory in
deallocate.
Submitted by: Ryan Stone (rysto32 at gmail dot com)
Approved by: jasone
(S)LIST_HEAD_INITIALIZER takes a (S)LIST_HEAD as an argument.
Fix some wrong usages.
Note: this does not affect generated binaries as this argument is not used.
PR: 137213
Submitted by: Eygene Ryabinkin (initial version)
Better glibc compatibility for getline/getdelim:
- Tolerate applications that pass a NULL pointer for the buffer and
claim that the capacity of the buffer is nonzero.
- If an application passes in a non-NULL buffer pointer and claims the
buffer has zero capacity, we should free (well, realloc) it
anyway. It could have been obtained from malloc(0), so failing to
free it would be a small memory leak.
MFC r201512:
Modernize scandir(3) and alphasort(3) interfaces according to the IEEE
Std 1003.1-2008.
MFC r201602:
Move scandir(3) and alphasort(3) into XSI namespace.
MFC r201604:
Use thunks to adapt alphasort-like interface to the comparision function
required by qsort() and qsort_r().
MFC r202556 (by ache):
Use strcoll() in opendir() and alphasort(). Remove some comments.
MFC r202572 (by ache):
Revert to using strcmp() for opendir().
MFC r202677 (by ache):
Style.
MFC r202679 (by ache):
Style: rename internal function to opendir_compar().
MFC r202691 (by ache):
For alphasort(3) add reference to strcoll(3).
MFC r202693 (by ache):
Style: reword comment.
The devices that supported EVFILT_NETDEV kqueue filters were removed in
r195175. Remove all definitions, documentation, and usage.
The change of function signature for vlan_link_state() was not merged to
maintain the ABI.
