the default label support in /etc/mac.conf. Rather than maintain
each default label type in an explicit global variable in mac.c,
keep a list of defaults loaded from the configuration file.
Generalize the parsing so that we support both the older:
default_file_labels foo
default_ifnet_labels foo
default_process_labels foo
And also a new:
default_labels file foo
default_labels ifnet foo
default_labels process foo
We now accept arbitrary object classes in the first argument. If
the same object is specified more than once, we discard the
earlier definition in favor of the later one.
Add a new API, mac_prepare_type(), which accepts a mac_t to
prepare, as well as an object name in the second argument, which
will pull a default label set for the object out of the
configuration loaded by mac_init_internal(). This permits the libc
to adapt to new objects known about by applications but not by libc
at compile-time.
Also liberalize the error handling a bit: if we're using implicit
initialization (i.e., the application didn't explicitly initialize
the MAC code), ignore syntax errors and only use valid lines. In
the future, we may want to add explicit warnings and do this a
bit more consistently.
While here, add support for a MAC_CONFFILE environmental variable,
which may be used to specify an alternative mac.conf configuration
file if the application isn't running with modified privilege
(issetugid()).
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
gethostname()'s old and new signatures without requiring a library
bump. Note that programs which called gethostname() with a negative
argument were already broken, since the same type conversion was done
by the old implementation. Add a note in the Makefile so that whoever
next bumps the libc revision will delete the kluge at the same time
(as it will no longer be necessary). This is only operative on 64-bit
platforms.
Submitted by: marcel
when the buffer is not long enough to hold the current host name.
POSIX does not standardize error returns for gethostname(), so it
doesn't matter which one we use, but ENAMETOOLONG is at least a little
more intuitive, and mi suggests the existence of prior art. I've been
running with this change for a while on my home machine with no
effect. At the same time, I've updated the prototype for
gethostname() to use the correct standard type (size_t) for the
namelen argument.
All of the in-tree callers fall into one of the following categories:
1) Call perror() or equivalent when gethostname() fails.
2) Ignore gethostname()'s return value entirely, potentially resulting
in data corruption if the buffer is too small.
3) Fall back to a (possibly sensible) default value if gethostname()
fails.
Many of the callers I examined shows signs of confusion about the
correct sizing of the host name buffer. gethostname(3) now has more
information about this, as well as updated standards information.
PR: 48114
Submitted by: mi (in part)
binaries in /bin and /sbin installed in /lib. Only the versioned files
reside in /lib, the .so symlink continues to live /usr/lib so the
toolchain doesn't need to be modified.
- All those diffs to syscalls.master for each architecture *are*
necessary. This needed clarification; the stub code generation for
mlockall() was disabled, which would prevent applications from
linking to this API (suggested by mux)
- Giant has been quoshed. It is no longer held by the code, as
the required locking has been pushed down within vm_map.c.
- Callers must specify VM_MAP_WIRE_HOLESOK or VM_MAP_WIRE_NOHOLES
to express their intention explicitly.
- Inspected at the vmstat, top and vm pager sysctl stats level.
Paging-in activity is occurring correctly, using a test harness.
- The RES size for a process may appear to be greater than its SIZE.
This is believed to be due to mappings of the same shared library
page being wired twice. Further exploration is needed.
- Believed to back out of allocations and locks correctly
(tested with WITNESS, MUTEX_PROFILING, INVARIANTS and DIAGNOSTIC).
PR: kern/43426, standards/54223
Reviewed by: jake, alc
Approved by: jake (mentor)
MFC after: 2 weeks
didn't provide a constant for one of them (non-IEEE denormal trap),
in an attempt to not support it probably, it's not we are left with
the lower 5 bits.
o Properly mask the passed or returned fp_except_t. Not doing so
causes instant core dumps by trying to write an invalid value to
ar.fpsr. Now that we're masking, stop using exclusive-or to invert
bits.
This fixes the illegal instruction fault encountered when building
mozilla.
o fix the len argument of memcmp(3) to be the size of the node field
of the uuid structure, not the size of the uuid structure itself.
We're comparing the node fields...
o uuid_compare(3) is specified to return -1, 0 or 1, depending on
the outcome of the comparison. memcmp(3) returns the difference
between the first differing bytes. Hence, we cannot ever return
the return value of memcmp(3) as-is.
PR: standards/55370
Submitted by: Konstantin Oznobihin <bork@rsu.ru>
wctob() in terms of wcrtomb() instead of sputrune(). There should be
no functional differences, but there may be a small performance hit
because we make an extra function call.
The aim here is to have as few functions as possible calling
s{get,put}rune() to make it easier to remove them in the future.
Also change "Auto mode" to use a "special" value
instead of 0, and define and document it.
I had thought libpthread had already been switched to use auto mode but
it appears that patch hasn't been committed yet.
Discussed with: Davidxu
that we can flush the register stack prior to entering the kernel.
This avoids having dirty registers and saves us from having to
manually write them to the backing store from within the kernel.
In that respect, flushing the RSE is both functionally required as
well as performance optimal.
On average we had 18 dirty registers when getcontext(2) was called
from libthr. Since libthr does not switch back to a context created
by getcontext(2), not having dealt with the dirty registers was
harmless.
on the corresponding .proc directive, or the .endp must not have a
name at all.
While here, remove an artificial dependency in Ovfork.S by performing
manual register renaming.
almost identical.
* Merge strchr(3) and strrchr(3) to strchr(3) since the two functions
are almost identical.
* Make the wording of index(3) and strchr(3) more similar.
* mdoc(7) cleanup.
Submitted by: SUZUKI Koichi <metal@gc5.so-net.ne.jp>, keramida, myself
PR: docs/32054
Reviewed by: ru
Approved by: ceri (mentor)
switching anymore, so there's no need to save and restore GP. This
change breaks threaded applications linked against libc_r. Pull the
tier 2 card again: relink. This will link against libthr instead.
don't probe the server at all for passwd.by* maps. This fixes
interoperability with the Services For UNIX NIS server (which is
really a front end to Captive^WActiveDirectory). This server
incorrectly returns success for all YPPROC_MASTER requests,
even for maps that don't exist, which makes it impossible to
(ab)use it to probe for the existence of the master.passwd.by*
maps.
This is a little kludgey, but basically restores the original
behavior of getpwent.c as it is in -stable, and works around both
the lack of YPPROC_ORDER on NIS+ servers as well as the broken
YPPROC_MASTER on Services For UNIX servers.
by sizeof(wchar_t) to get the number of wide characters it contains.
Remove the !hardway micro-optimisation from the CT_INT case to avoid
having to fix it for wide characters.
is made an array of two, to explicitly avoid stack corruption due to
null-terminating (which is doesn't actually happen due to stack alignment
padding).
Submitted by: Ed Moy <emoy@apple.com>
Obtained from: Apple Computer, Inc.
system by specifying the file system ID instead of a path. Use this
by default in umount(8). This avoids the need to perform any vnode
operations to look up the mount point, so it makes it possible to
unmount a file system whose root vnode cannot be looked up (e.g.
due to a dead NFS server, or a file system that has become detached
from the hierarchy because an underlying file system was unmounted).
It also provides an unambiguous way to specify which file system is
to be unmunted.
Since the ability to unmount using a path name is retained only for
compatibility, that case now just uses a simple string comparison
of the supplied path against f_mntonname of each mounted file system.
Discussed on: freebsd-arch
mdoc help from: ru
The old buffer was not being initialized and a later str*() op on
it would cause a crash if it wasn't initialized by a previous
call to setproctitle(3) with an actual string.
Noticed by: Ashley Penney <ashp@unloved.org>
to clarify which system call accepts which arguments. Previously
the manual page gave the impression that calling unmount() with
flags of (MNT_FORCE | MNT_UPDATE | MNT_RDONLY) would downgrade a
read-write mount to read-only, which is clearly untrue; to do that,
these flags should be passed to mount() instead.
Change execvp to be a wrapper around execvP. This is necessary for some
of the /rescue pieces. It may also be more generally applicable as well.
Submitted by: Tim Kientzle <kientzle@acm.org>
Approved by: Silence on arch@
[+|-]Inf, [+|-]NaN, nan(...), and hexidecimal FP constants.
While here, add %a and %A, which are aliases for %e, and
add support for long doubles.
Reviewed by: standards@
and sigsuspend(2), all three of which operate or depend on the
process signal mask.
Add a missing xref to sigsetops(3), without which the above three
syscalls would be useless.
TAI is a timescale, just like UTC. The tai field returns the offset
between the two, and isn't really used for precision time keeping.
Explain in brief what a positive and a negative leap seconds are. Add
some URLs to very useful web pages about time and time keeping for
more information on using this API.
Reviewed by: phk
or -1 on failure. The manual used to say it returned 0 or -1. Both
examination of the kernel sources, and ntpd show that this is the case.
MFC After: 3 days
Also fixed the rest of ell (list) functions prototypes to include
a (commented out) terminating null pointer.
Pointed out by: bde
Obtained from: POSIX.1-2001
Glanced at by: imp
replaced just fine with getpeereid() and the whole code
gets a lot simpler. We don't break the ABI, since all server
programms use __rpc_get_local_uid(), and we just change library
internals.
Reviewed by: des
It is only possible to do this on an ABI that has a compulsory frame
pointer, which the amd64 ABI does not. Thus, it is only possible to
implement this as a compiler builtin.
fgetrune(), fputrune(), fungetrune(), mbrune(), mbrrune(), mbmb(),
setinvalidrune(), UTF2 encoding method.
These have been marked as being deprecated in their manual pages since 5.0,
and their use causes a linker warning.
that the old API (passing "" as the attribute name to the _get_
interface) is now deprecated (and was probably a bad idea).
Pointed out by: Dominic Giampaolo <dbg@apple.com>
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
o Make sure the arguments to ctx_wrapper() are loaded from the
backing store by forcing an underflow. Do this by making all
registers in the register frame local.
o Up to 8 arguments are allowed. This is the number of arguments
passed in registers. Subsequent registers are passed on the stack.
Trying to deal with this is not easy in C and likely forces us to
use assembly code. Let's avoid that for now. There's no indication
that more than 8 arguments is a strong requirement (Linux also has
an 8 argument limit).
o We expect that the stack base is 16-byte aligned and the stack
size is a multiple of 16-byte. We bomb out if this is not the case.
We probably want to be less strict by enforcing it ourselves. For
now it's better to not hide gross alignment bogons by silently
correcting it.
to a buffer in the big key/data case, memmove() was used on pointers
to size_ts, but only sizeof(u_int32_t) bytes where copied. This broke
on big_endian architectures where sizeof(size_t) > sizeof(u_int32_t).
This bug broke portupgrade (by way of ruby_bdb1) on sparc64.
Approved by: re (rwatson)
are not initialized at this place. Move the initializing
before the non-blocking check.
Submitted by: Marius Strobl <marius@alchemy.franken.de>
Reviewed by: jhb
Approved by: re
just read() in non-blocking mode too. The reason is obvious. NetBSD
uses a complete different way to get the credentials so this patch
only applies to FreeBSD.
Reviewed by: rwatson
Approved by: re
Remove the special treatment of non-blocking mode in
the "look ahead function" xdrrec_eof(). It currently
assumes that the last read() in a row of several reads
does not have zero lenght. If this is the case, svc_vc_stat()
does return XPRT_MOREREQS, and the RPC-request aborts because
there is no data to read anymore.
To fix this, go back to the original version of the code
for non-blocking mode until NetBSD comes up with another
possible fix like this one in xdrrec_eof()
if (rstrm->last_frag && rstrm->in_finger == rstrm->in_boundry) {
return TRUE;
}
Return always FALSE in set_input_fragment() for non-blocking
mode. Since this was not used in FreeBSD, I omitted it at the
first time. Now we use this function and we should always
return FALSE for it.
Reviewed by: rwatson
Approved by: re
prime objectives are:
o Implement a syscall path based on the epc inststruction (see
sys/ia64/ia64/syscall.s).
o Revisit the places were we need to save and restore registers
and define those contexts in terms of the register sets (see
sys/ia64/include/_regset.h).
Secundairy objectives:
o Remove the requirement to use contigmalloc for kernel stacks.
o Better handling of the high FP registers for SMP systems.
o Switch to the new cpu_switch() and cpu_throw() semantics.
o Add a good unwinder to reconstruct contexts for the rare
cases we need to (see sys/contrib/ia64/libuwx)
Many files are affected by this change. Functionally it boils
down to:
o The EPC syscall doesn't preserve registers it does not need
to preserve and places the arguments differently on the stack.
This affects libc and truss.
o The address of the kernel page directory (kptdir) had to
be unstaticized for use by the nested TLB fault handler.
The name has been changed to ia64_kptdir to avoid conflicts.
The renaming affects libkvm.
o The trapframe only contains the special registers and the
scratch registers. For syscalls using the EPC syscall path
no scratch registers are saved. This affects all places where
the trapframe is accessed. Most notably the unaligned access
handler, the signal delivery code and the debugger.
o Context switching only partly saves the special registers
and the preserved registers. This affects cpu_switch() and
triggered the move to the new semantics, which additionally
affects cpu_throw().
o The high FP registers are either in the PCB or on some
CPU. context switching for them is done lazily. This affects
trap().
o The mcontext has room for all registers, but not all of them
have to be defined in all cases. This mostly affects signal
delivery code now. The *context syscalls are as of yet still
unimplemented.
Many details went into the removal of the requirement to use
contigmalloc for kernel stacks. The details are mostly CPU
specific and limited to exception_save() and exception_restore().
The few places where we create, destroy or switch stacks were
mostly simplified by not having to construct physical addresses
and additionally saving the virtual addresses for later use.
Besides more efficient context saving and restoring, which of
course yields a noticable speedup, this also fixes the dreaded
SMP bootup problem as a side-effect. The details of which are
still not fully understood.
This change includes all the necessary backward compatibility
code to have it handle older userland binaries that use the
break instruction for syscalls. Support for break-based syscalls
has been pessimized in favor of a clean implementation. Due to
the overall better performance of the kernel, this will still
be notived as an improvement if it's noticed at all.
Approved by: re@ (jhb)
Fixes a problem where directory entries could show up twice: once
on the top layer of the union stack, and once on the bottom layer.
Approved by: re (rwatson)
Those who really need this information can find it in the include file.
* Include a succinct description of the st_birthtime field.
Approved by: re (bmah)