that they will be installed before application constructors are invoked.
Its possible to link applications such that this fails, application code
is invoked before they are installed, but, well, Don't Do That.
Approved by: re (jhb)
was rejected as a range error, while any values less than LONG_MIN
were silently substituted with LONG_MIN. Furthermore, on some
platforms `time_t' has less range than `long' (e.g. alpha), which may
give incorrect results when parsing some strings.
context of sockets, and document EINVAL as a possible failure mode
based on the object selected, not just the label provided.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
SO_PEERLABEL. This provides an interface to query the label of a
socket peer without embedding implementation details of mac_t in
the application. Previously, sizeof(*mac_t) had to be specified
by an application when performing getsockopt().
Document mac_get_peer(3), and expand documentation of the other
mac_get(3) functions. Note that it's possible to get EINVAL back
from mac_get_fd(3) when pointing it at an inappropriate object.
NOTE: mac_get_fd() and mac_set_fd() support for sockets will
follow shortly, so the documentation is slightly ahead of the
code.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
mac_free(3), which is used only for variables of type mac_t in
the FreeBSD implementation.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
is accessed for the first time as a result of an application looking
up label configuration information. Previously, the check and read
were kicked off by mac_prepare_(typename)() functions; since
mac_prepare_type() may now be directly employed by a user process,
push the check and initialization into that function.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
- In __sigreturn call sigprocmask() to restore our signal state rather than
returning through sigreturn(). jmp to ___sigreturn to restore our register
state following this.
Requested by: pete
string files (__SSTR flag set). This is necessary because __sputc()
does not respect the __SALC flag, and crashes trying to flush the buffer
instead of resizing it.
PR: 59167
sorting strings with common prefixes by noting
when all the strings land in just one bin.
Testing shows significant speedups (on the order of
30%) on strings with common prefixes and no slowdowns on any
of my test cases.
Submitted by: Markus Bjartveit Kruger <markusk@pvv.ntnu.no>
PR: 58860
Approved by: gordon (mentor)
by a parent that is a session leader (e.g., login shell) by ignoring
SIGHUP in before calling fork(2) and then restoring SIGHUP's action
after setsid(3). Based on the patch by Martin Kammerhofer
<mkamm@gmx.net>.
PR: bin/25462
Reviewed by: bde, alex.neyman@auriga.ru
Catch up with renaming of "Japanese" to "ja_JP.eucJP". Comment out the
statement that EUC is provided for compatibility with UNIX-based systems;
this is not a very good opening paragraph.
it around an application's fork() call. Our new thread libraries
(libthr, libpthread) can now have threads running while another
thread calls fork(). In this case, it is possible for malloc
to be left in an inconsistent state in the child. Our thread
libraries, libpthread in particular, need to use malloc internally
after a fork (in the child).
Reviewed by: davidxu
mbstate_t object that they ignore. The zeroing is fairly expensive, and it
will never be necessary in these functions; when we support state-dependent
encodings, we will pass in a pointer to the file's mbstate_t object, and
only zero it at the time the file gets opened.
rather than generating an error. This is consistent with other tools
printing user and group names, and means you can read the ACL using
our tools rather than being up a creek.
PR: 56991
Submitted by: Michael Bretterklieber <mbretter@a-quadrat.at>
mbrtowc() and wcrtomb() directly. GB18030, GBK and UTF2 are left
unconverted; GB18030 will be done eventually, but GBK and UTF2 may just
be removed, as they are subsets of GB18030 and UTF-8 respectively.
as wrappers around the deprecated 4.4BSD rune functions. This paves the
way for state-dependent encodings, which the rune API does not support.
- Add __emulated_sgetrune() and __emulated_sputrune(), which are
implementations of sgetrune() and sputrune() in terms of
mbrtowc() and wcrtomb().
- Rename the old rune-wrapper mbrtowc() and wcrtomb() functions to
__emulated_mbrtowc() and __emulated_wcrtomb().
- Add __mbrtowc and __wcrtomb function pointers, which point to the
current locale's conversion functions, or the __emulated versions.
- Implement mbrtowc() and wcrtomb() as calls to these function pointers.
- Make the "NONE" encoding implement mbrtowc() and wcrtomb() directly.
All of this emulation mess will be removed, together with rune support,
in FreeBSD 6.
when the current implementation won't use it, anyway. Just pass NULL.
This will need to be changed when state-dependent encodings are
supported, but there's no need to take the performance hit
in the meantime.
in KAME implementation, even when no policy is installed
into kernel, getaddrinfo(3) sorts addresses. Since it
causes POLA violation, I modified to don't sort addresses
when no policy is installed into kernel,
Obtained from: KAME
send strhash(3) off to sleep with the fishes. Nothing in our tree uses it.
It has no documentation. It is nonstandard and in spite of the filename
strhash.c and strhash.h, it lives in application namespace by providing
compulsory global symbols hash_create()/hash_destroy()/hash_search()/
hash_traverse()/hash_purge()/hash_stats() regardless of whether you
#include <strhash.h> or not. If it turns out that there is a huge
application for this after all, I can repocopy it somewhere safer and
we can revive it elsewhere. But please, not in libc!
(aka RFC2292bis). Though I believe this commit doesn't break
backward compatibility againt existing binaries, it breaks
backward compatibility of API.
Now, the applications which use Advanced Sockets API such as
telnet, ping6, mld6query and traceroute6 use RFC3542 API.
Obtained from: KAME
the denormal/unnormal trap, is not a standard IEEE trap. We did
not exclude it from being returned by fpgetmask(), nor did we make
sure that fpsetmask() didn't clobber it. Since the non-IEEE trap
is not part of fp_except_t, users of ifpgetmask()/fpsetmask() would
be confronted with unexpected behaviour, one of which is a SIGFPE
for denormal/unnormal FP results.
This commit makes sure that we don't leak the denormal/unnormal mask
bit in fp_except_t and also that we don't clobber it.
closer to reality. More work remains to be done. st_mtime should
be the most complete based on IEEE Std 1003.1, 2003 Edition, a
review of ufs_vnops.c, and some experimentation.
(fstp stores a mem32 value, fstpl stores a mem64 value)
This fixes ghostscript for 'make release' on amd64. Ghostscript for some
reason thinks it is a good idea to use -fno-builtin, which means it is
vulnerable to bugs in libc that are normally hidden by the builtin gcc
functions. Oops.
always widen the imputed netmask if it is narrower than the specified octets.
fixes a strange behaviour where inet_net_pton would always return 4 (bits)
for multicast addresses no matter how many octets were specified.
negotiated with Paul Vixie, original author of this function.
PR: standards/53151
Submitted by: Max Laier <max@love2party.net>
Optained from: OpenBSD
specified directory is not found in the mount list. Before the
MNT_BYFSID changes, unmount(2) used to return ENOENT for a nonexistent
path and EINVAL for a non-mountpoint, but we can no longer distinguish
between these cases. Of the two error codes, EINVAL was more likely
to occur in practice, and it was the only one of the two that was
documented.
Update the manual page to match the current behaviour.
Suggested by: tjr
Reviewed by: tjr
no peer address information is desired.
PR: 56044
Submitted by: Felix Opatz <felix@zotteljedi.de> and
Bernd Luevelsmeyer <bdluevel@heitec.net>
MFC after: 1 month
value for getcontext() in a preserved register rather than on the stack.
The second time around, the stack value would likely have changed so we
can't depend on it for the return value.
otherwise the return from the syscall stub for getcontext will pop off
the return value for the caller to the getcontext stub and it will appear
as though the setcontext() syscall returned instead of the getcontext().
The same bug exists on amd64, a fix is coming there too.
The bug can be demonstrated with this test code fragment:
main()
{
ucontext_t top;
if (getcontext(&top) == 0) {
write(2, "PING!\n", 6);
/* Cause a return value of 1 from getcontext this time */
top.uc_mcontext.mc_eax = 1;
setcontext(&top);
err(1, "setcontext() returned");
}
write(2, "PONG!\n", 6);
_exit(0);
}
the default label support in /etc/mac.conf. Rather than maintain
each default label type in an explicit global variable in mac.c,
keep a list of defaults loaded from the configuration file.
Generalize the parsing so that we support both the older:
default_file_labels foo
default_ifnet_labels foo
default_process_labels foo
And also a new:
default_labels file foo
default_labels ifnet foo
default_labels process foo
We now accept arbitrary object classes in the first argument. If
the same object is specified more than once, we discard the
earlier definition in favor of the later one.
Add a new API, mac_prepare_type(), which accepts a mac_t to
prepare, as well as an object name in the second argument, which
will pull a default label set for the object out of the
configuration loaded by mac_init_internal(). This permits the libc
to adapt to new objects known about by applications but not by libc
at compile-time.
Also liberalize the error handling a bit: if we're using implicit
initialization (i.e., the application didn't explicitly initialize
the MAC code), ignore syntax errors and only use valid lines. In
the future, we may want to add explicit warnings and do this a
bit more consistently.
While here, add support for a MAC_CONFFILE environmental variable,
which may be used to specify an alternative mac.conf configuration
file if the application isn't running with modified privilege
(issetugid()).
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
gethostname()'s old and new signatures without requiring a library
bump. Note that programs which called gethostname() with a negative
argument were already broken, since the same type conversion was done
by the old implementation. Add a note in the Makefile so that whoever
next bumps the libc revision will delete the kluge at the same time
(as it will no longer be necessary). This is only operative on 64-bit
platforms.
Submitted by: marcel
when the buffer is not long enough to hold the current host name.
POSIX does not standardize error returns for gethostname(), so it
doesn't matter which one we use, but ENAMETOOLONG is at least a little
more intuitive, and mi suggests the existence of prior art. I've been
running with this change for a while on my home machine with no
effect. At the same time, I've updated the prototype for
gethostname() to use the correct standard type (size_t) for the
namelen argument.
All of the in-tree callers fall into one of the following categories:
1) Call perror() or equivalent when gethostname() fails.
2) Ignore gethostname()'s return value entirely, potentially resulting
in data corruption if the buffer is too small.
3) Fall back to a (possibly sensible) default value if gethostname()
fails.
Many of the callers I examined shows signs of confusion about the
correct sizing of the host name buffer. gethostname(3) now has more
information about this, as well as updated standards information.
PR: 48114
Submitted by: mi (in part)
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
- All those diffs to syscalls.master for each architecture *are*
necessary. This needed clarification; the stub code generation for
mlockall() was disabled, which would prevent applications from
linking to this API (suggested by mux)
- Giant has been quoshed. It is no longer held by the code, as
the required locking has been pushed down within vm_map.c.
- Callers must specify VM_MAP_WIRE_HOLESOK or VM_MAP_WIRE_NOHOLES
to express their intention explicitly.
- Inspected at the vmstat, top and vm pager sysctl stats level.
Paging-in activity is occurring correctly, using a test harness.
- The RES size for a process may appear to be greater than its SIZE.
This is believed to be due to mappings of the same shared library
page being wired twice. Further exploration is needed.
- Believed to back out of allocations and locks correctly
(tested with WITNESS, MUTEX_PROFILING, INVARIANTS and DIAGNOSTIC).
PR: kern/43426, standards/54223
Reviewed by: jake, alc
Approved by: jake (mentor)
MFC after: 2 weeks
didn't provide a constant for one of them (non-IEEE denormal trap),
in an attempt to not support it probably, it's not we are left with
the lower 5 bits.
o Properly mask the passed or returned fp_except_t. Not doing so
causes instant core dumps by trying to write an invalid value to
ar.fpsr. Now that we're masking, stop using exclusive-or to invert
bits.
This fixes the illegal instruction fault encountered when building
mozilla.
o fix the len argument of memcmp(3) to be the size of the node field
of the uuid structure, not the size of the uuid structure itself.
We're comparing the node fields...
o uuid_compare(3) is specified to return -1, 0 or 1, depending on
the outcome of the comparison. memcmp(3) returns the difference
between the first differing bytes. Hence, we cannot ever return
the return value of memcmp(3) as-is.
PR: standards/55370
Submitted by: Konstantin Oznobihin <bork@rsu.ru>
wctob() in terms of wcrtomb() instead of sputrune(). There should be
no functional differences, but there may be a small performance hit
because we make an extra function call.
The aim here is to have as few functions as possible calling
s{get,put}rune() to make it easier to remove them in the future.
Also change "Auto mode" to use a "special" value
instead of 0, and define and document it.
I had thought libpthread had already been switched to use auto mode but
it appears that patch hasn't been committed yet.
Discussed with: Davidxu
that we can flush the register stack prior to entering the kernel.
This avoids having dirty registers and saves us from having to
manually write them to the backing store from within the kernel.
In that respect, flushing the RSE is both functionally required as
well as performance optimal.
On average we had 18 dirty registers when getcontext(2) was called
from libthr. Since libthr does not switch back to a context created
by getcontext(2), not having dealt with the dirty registers was
harmless.
on the corresponding .proc directive, or the .endp must not have a
name at all.
While here, remove an artificial dependency in Ovfork.S by performing
manual register renaming.