Commit Graph

1763 Commits

Author SHA1 Message Date
Konstantin Belousov
68266d5aba Postpone the resolution of IRELATIVE relocations and IFUNC-targeted
relocations until tls is initialized and stacks permissions correctly
set. This allows the ifunc to call malloc(3) and some other heavy
services.

Add debug banner.

MFC after:	3 days
2012-01-04 17:17:11 +00:00
Ed Schouten
b3608ae18f Replace index() and rindex() calls with strchr() and strrchr().
The index() and rindex() functions were marked LEGACY in the 2001
revision of POSIX and were subsequently removed from the 2008 revision.
The strchr() and strrchr() functions are part of the C standard.

This makes the source code a lot more consistent, as most of these C
files also call into other str*() routines. In fact, about a dozen
already perform strchr() calls.
2012-01-03 18:51:58 +00:00
Colin Percival
3e65b9c6e6 Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06]
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]

Fix a buffer overflow in telnetd. [11:08]

Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]

Add sanity checking of service names in pam_start. [11:10]

Approved by:    so (cperciva)
Approved by:    re (bz)
Security:       FreeBSD-SA-11:06.bind
Security:       FreeBSD-SA-11:07.chroot
Security:       FreeBSD-SA-11:08.telnetd
Security:       FreeBSD-SA-11:09.pam_ssh
Security:       FreeBSD-SA-11:10.pam
2011-12-23 15:00:37 +00:00
Nathan Whitehorn
4b51c69976 Additional icache paranoia: non-PLT relocations can modify the text segment.
It is then important to make sure the icache is synchronized again to
prevent (rare) random seg faults and illegal instructions.

MFC after:	3 days
2011-12-17 16:20:27 +00:00
Nathan Whitehorn
17bbcc52d1 Fix RTLD on PowerPC after r228435. Changing the order of init_pltgot()
caused the icache to be invalidated at the wrong time, resulting in
an icache full of nonsense in the PLT section.
2011-12-17 15:31:00 +00:00
Dimitry Andric
3eb9425c95 Fix the incompatible enum conversions in libexec/ypxfr in another, more
messy way, so as to not disrupt other yp programs: just add casts to
convert the incompatible enums, as the numerical values are the same
(either by accident, design, or the phase of the moon at that time).

MFC after:	1 week
2011-12-16 22:05:10 +00:00
Dimitry Andric
db83a39193 Revert r228592, as the non-messy way of fixing ypxfr breaks other yp
programs (e.g. usr.sbin/rpc.yppasswdd).

Spotted by:	np
MFC after:	1 week
2011-12-16 21:57:44 +00:00
Dimitry Andric
8f553bfb27 Attempt to fix the numerous incompatible enum conversions in
libexec/ypxfr in the least disruptive way.

MFC after:	1 week
2011-12-16 19:39:49 +00:00
Dimitry Andric
9e277ed8bf Fix typos in the comments about clang warnings in several
sendmail-related Makefiles.

Spotted by:	arundel
MFC after:	1 week
2011-12-16 17:02:25 +00:00
Dimitry Andric
ff3879a34a Unfortunately, clang gives warnings about sendmail code that cannot be
turned off yet.  Since this is contrib code, and we don't really care
about the warnings, just turn make them non-fatal for now.

MFC after:	1 week
2011-12-16 16:32:08 +00:00
Dimitry Andric
2f3739b852 In libexec/rbootd/utils.c, use the correct printf length modifiers for
u_int32_t and size_t.

MFC after:	1 week
2011-12-16 16:29:51 +00:00
Dimitry Andric
789732b939 In libexec/pppoed/pppoed.c, use the correct printf length modifier for a
size_t.

MFC after:	1 week
2011-12-16 16:07:39 +00:00
Dimitry Andric
4df50ce813 Unfortunately, clang gives warnings about sendmail code that cannot be
turned off yet.  Since this is contrib code, and we don't really care
about the warnings, just turn make them non-fatal for now.

MFC after:	1 week
2011-12-16 15:58:38 +00:00
Dimitry Andric
747a8c81c7 In libexec/bootpd/tools/bootptest/print-bootp.c, use the correct printf
length modifier for the difference between two pointers.

MFC after:	1 week
2011-12-16 15:55:43 +00:00
Dimitry Andric
50541c922e In libexec/getty/chat.c, replace && with & in chat_send(). The intent
is to test if the CHATDEBUG_SEND bit is set in the chat_debug global.

MFC after:	1 week
2011-12-16 15:44:12 +00:00
Dimitry Andric
5d0ce6a552 In libexec/bootpd/bootpgw/bootpgw.c, add a cast for the remaining
minutes of activity, to avoid a warning on platforms where time_t is a
32-bit integer.

MFC after:	1 week
2011-12-16 15:38:11 +00:00
Konstantin Belousov
5734c46c68 _rtld_bind() read-locks the bind lock, and possible plt resolution
from the dispatcher would also acquire bind lock in read mode, which
is the supported operation. plt is explicitely designed to allow safe
multithreaded updates, so the shared lock do not cause problems.

The error in r228435 is that it allows read lock acquisition after the
write lock for the bind block.  If we dlopened the shared object that
contains IRELATIVE or jump slot which target is STT_GNU_IFUNC, then
possible recursive plt resolve from the dispatcher would cause it.

Postpone the resolution for irelative/ifunc right before initializers
are called, and drop bind lock around calls to dispatcher.  Use
initlist to iterate over the objects instead of the ->next, due to
drop of the bind lock in iteration.

For i386/reloc.c:reloc_iresolve(), fix calculation of the dispatch
function address for dso, by taking into account possible non-zero
relocbase.

MFC after:	3 weeks
2011-12-14 16:47:53 +00:00
Konstantin Belousov
6be4b69715 Add support for STT_GNU_IFUNC and R_MACHINE_IRELATIVE GNU extensions to
rtld on 386 and amd64. This adds runtime bits neccessary for the use
of the dispatch functions from the dynamically-linked executables and
shared libraries.

To allow use of external references from the dispatch function, resolution
of the R_MACHINE_IRESOLVE relocations in PLT is postponed until GOT entries
for PLT are prepared, and normal resolution of the GOT entries is finished.
Similar to how it is done by GNU, IRELATIVE relocations are resolved in
advance, instead of normal lazy handling for PLT.

Move the init_pltgot() call before the relocations for the object are
processed.

MFC after:	3 weeks
2011-12-12 11:03:14 +00:00
Ed Schouten
4df6844ba3 Make comsat(8) approximately 15% smaller.
This program only consists of a single C file, so simply mark everything
except main() static.
2011-12-10 18:35:26 +00:00
Konstantin Belousov
5b646fa11c Typo.
MFC after:	3 days
2011-12-09 20:40:24 +00:00
Konstantin Belousov
953cc85489 Fix fd leak.
Reported by:	slonoman2011 yandex ru
MFC after:	1 week
2011-11-18 09:55:47 +00:00
Christian Brueffer
0dfcc6619b Fix a misplaced parenthesis.
PR:		162164
Submitted by:	Henning Petersen <henning.petersen@t-online.de>
MFC after:	1 week
2011-10-30 12:33:19 +00:00
Eitan Adler
36daf0495a - change "is is" to "is" or "it is"
- change "the the" to "the"

Approved by:	lstewart
Approved by:	sahil (mentor)
MFC after:	3 days
2011-10-16 14:30:28 +00:00
Konstantin Belousov
ef9cbd91d0 Handle the R_386_TLS_TPOFF32 relocation, which is similar to R_386_TLS_TPOFF,
but with negative relocation value.

Found by:	mpfr test suite, pointed to by ale
Reviewed by:	kan
MFC after:	1 week
2011-10-08 12:42:19 +00:00
Konstantin Belousov
4e63ea7386 Setting up TLS block for the main thread must be done after the
relocations are processed, since tls initialization section might be
itself subject for relocations. Only set up of the block is postponed,
the tls block offsets are allocated before relocation processing, since
TLS-related relocations may need offsets ready.

Reported by:	ale
PR:	threads/161344
Reviewed by:	kan
MFC after:	1 week
2011-10-08 12:39:47 +00:00
Konstantin Belousov
750b5e3134 Restore the writing of the .bss sections of the dsos (not the main
executable) after r190885. The whole region for the dso is mmaped with
MAP_NOCORE flag, doing only mprotect(2) over .bss prevented it from
writing .bss to core files.

Revert the optimization of using mprotect(2) to establish .bss, overlap
the section with mmap(2).

Reported by:	attilio
Reviewed by:	attilio, emaste
Approved by:	re (bz)
MFC after:	2 weeks
2011-09-20 21:49:54 +00:00
Konstantin Belousov
f785588713 Use the proper dynamic tls block to calculate the tls variable address
in case tls data generation was updated.

PR:	misc/160721
Submitted by:	"Thinker K.F. Li" <thinker codemud net>
Tested by:	flo
Approved by:	re (bz)
MFC after:	1 week
2011-09-15 11:50:09 +00:00
Konstantin Belousov
b236731716 Do not use the function pointers for the internal operation of rtld_printf()
functions. The _rtld_error() function might be called early during the rtld
bootstrap, in which case function pointers are not yet functional on ia64
due to required relocations not yet performed.

Reported, reviewed and tested by:	marcel
Approved by:	re (bz)
2011-09-06 10:21:33 +00:00
Dimitry Andric
cce0f33cda When libexec/rtld-elf/rtld.c is compiled with clang, the r_debug_state()
function (a hook necessary for gdb support), is inlined, but since the
function contains no code, no calls to it are generated.  When gdb is
debugging a dynamically linked program, this causes backtraces to be
corrupted.

Fix it by marking the function __noinline, and inserting an empty asm
statement, that pretends to clobber memory.  This forces the compiler to
emit calls to r_debug_state() throughout rtld.c.

Approved by:	re (kib)
2011-09-03 11:41:00 +00:00
Konstantin Belousov
0e9a260520 Rtld links with the specially built pic static libc library to get some
C runtime services, like printf(). Unfortunately, the multithread-safeness
measures in the libc do not work in rtld environment.

Rip the kernel printf() implementation and use it in the rtld instead of
libc version. This printf does not require any shared global data and thus
is mt-safe. Systematically use rtld_printf() and related functions, remove
the calls to err(3).

Note that stdio is still pulled from libc due to libmap implementaion using
fopen(). This is safe but unoptimal, and can be changed later.

Reported and tested by:	pgj
Diagnosed and reviewed by:	kan (previous version)
Approved by:	re (bz)
2011-08-24 20:05:13 +00:00
Craig Rodrigues
46d20cbcf1 Pull in some wording to the tftpd.8 man page
from NetBSD, with some slight changes:

=========================================================================================
http://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/tftpd/tftpd.8?only_with_tag=MAIN#rev1.22

Revision 1.22 or diffs], Fri Jan 8 21:05:14 2010 UTC (18 months, 2 weeks ago) by christos

Patrick Welche <prlw1@cam.ac.uk>
    - add -p pathsep option
    - make wrap to zero work, but produce a warning
While here:
    - fix gcc warnings, in particular variable clobbered warnings
      (compiling with fewer warnings does not really fix the problem)
=========================================================================================

These wording changes clarify the default rollover behavior
as a "kludge".  Also, the block numbers and octet counts for 65535 blocks
and 32767 blocks are more accurate than the existing documented numbers.

Requested by:   Pawan Gupta <pawang at juniper dot net>
Obtained from:  Juniper Networks
Approved by:    re (kib)
2011-07-31 03:18:36 +00:00
Craig Rodrigues
38bd7db313 In the old TFTP server, there was an undocumented behavior where
the block counter would rollover to 0 if a file larger
than 65535 blocks was transferred.  With the default block size
of 512 octets per block, this is a file size of approximately 32 megabytes.

The new TFTP server code would report an error and stop transferring
the file if a file was larger than 65535 blocks.

This patch restores the old TFTP server's behavior to the new
TFTP server code.  If a TFTP client transfers a file larger
than 65535 blocks, and does *not* specify the "rollover" option,
then automatically rollover the block counter to 0 every time
we reach 65535 blocks.

This restores interoperability with the FreeBSD 6 TFTP client.
Without this change, if a FreeBSD 6 TFTP client tried to
retrieve a file larger than 65535 blocks from a FreeBSD 9 TFTP server
, the transfer would fail.
The same file could be retrieved successfully if the same FreeBSD 6
TFTP client was used against a FreeBSD 6 TFTP server.

Approved by:  re (kib)
Tested by: Pawan Gupta <pawang at juniper dot net>,
Obtained from:  Juniper Networks
2011-07-31 03:12:20 +00:00
Craig Rodrigues
f6c506d9cf Acknowledge Edwin Groothuis for the major rewrite he
did of the tftpd and tftp code to support TFTP blocksize.
2011-06-24 05:41:38 +00:00
Craig Rodrigues
14de21443e Bring back synchnet() implementation from older
tftp implementation.  The synchnet() function
was converted to a no-op when the new TFTP implementation
was committed to FreeBSD.  However, this function, as it was
in the older code, is needed
in order to synchronize between the tftpd server and tftp clients,
which may be buggy.

Specifically, we had a buggy TFTP client which would send
TFTP ACK packets for non-TFTP packets, which would cause
the count of packets to get out of whack, causing transfers
to fail with the new TFTPD implementation.

Obtained from:  Juniper Networks
Submitted by: Santhanakrishnan Balraj <sbalraj at juniper dot net>
2011-06-24 02:56:24 +00:00
Craig Rodrigues
957af43f83 Update references to RFC's that the newer TFTP implementation supports. 2011-06-22 23:25:24 +00:00
Craig Rodrigues
7e321ae384 Fix typo.
Reported by: Nick Mann <njm at njm dot me dot uk>
2011-06-22 22:05:37 +00:00
Craig Rodrigues
a1aea88a5c Clarify tftpd's -d flag in the new TFTP implementation.
Bump date.
2011-06-22 21:53:45 +00:00
Edward Tomasz Napierala
e81b1c7129 Add LOGIN_SETCPUMASK and LOGIN_SETLOGINCLASS to the setusercontext(3)
calls in ftpd(8).
2011-06-22 19:14:49 +00:00
Ed Schouten
0ea9a5ddd4 Minor cleanups to ulog-helper:
- Remove unneeded linking against libmd. libulog depends on this
  library, but the ulog-helper tool itself does not.

- Change the comment at the top to mention utmpx instead of utmp, wtmp
  and lastlog.

- Simply use user_from_uid() to translate to a username string.

- Put variable declarations together.
2011-06-21 17:59:51 +00:00
Ben Laurie
5f301949ef Fix clang warnings.
Approved by:	philip (mentor)
2011-06-18 13:56:33 +00:00
Craig Rodrigues
e5660633d3 Clarify that the TFTP blocksize (RFC2348) or non-standard
TFTP rollover option can be used to transfer larger files.
2011-06-16 02:27:05 +00:00
Nathan Whitehorn
f33b8de1dc Compile RTLD with global dot symbols on 64-bit PowerPC, as a crutch for
GDB's ability to locate r_debug_state (which is actually the only function
that need be compiled this way).
2011-06-08 13:23:35 +00:00
Jaakko Heinonen
189075e9db Remove a gratuitous newline. This should be a non-functional change.
PR:		bin/153667
Submitted by:	Craig Leres
MFC after:	1 week
2011-06-07 16:23:27 +00:00
Craig Rodrigues
3b6bd978f0 Fix tftp_log() usage. 2011-05-26 20:32:33 +00:00
Andriy Gapon
6014c8de1d rtld: eliminate double call to close(2) that may occur in load_object
The second close(2) call resulted in heisenbugs in some multi-threaded
applications where e.g. dlopen(3) call in one thread could close a file
descriptor for a file having been opened in other thread concurrently.

My litmus test for this issue was an openoffice.org build.

Reviewed by:	jhb
MFC after:	2 weeks
2011-03-25 18:23:10 +00:00
Marius Strobl
080ca1a51b - Add support for TLS relocations.
- Emitt an error when encountering an unsupported and in case of the
  kernel also for unaligned relocations.
- Fix R_SPARC_LOX10 relocations. Apparently these are hardly ever used.
2011-03-11 21:08:02 +00:00
Marius Strobl
cb32ba5229 - Remove clause 3 and 4 from TNF licenses. [1]
- Add the _RF_X committed in r212998 also to the tables in the sparc64
  reloc.c in order reduce differences between the kernel and the userland
  source. This results in no functional change though.
- Fix further inconsistencies in the abbreviations of the names of the
  relocations.
- Further whitespace fixes.

Obtained from:	NetBSD [1]
2011-03-11 20:30:58 +00:00
Nathan Whitehorn
a43ce960b5 Remove dead code that snuck in from the 32-bit PowerPC version of this
file. The error being checked for does not exist on 64-bit systems.
2011-03-07 20:32:46 +00:00
Marius Strobl
25b31a9496 - With the addition of TLS support binutils started to make the addend
values for resolved symbols relative to relocbase instead of sections
  so detect this case and handle as appropriate, which allows using
  kernel modules linked with affected versions of binutils. Actually I
  think this is a bug in binutils but given that apparently nobody
  complained for nearly six years and powerpc has basically the same
  workaround I decided to put it in for the sparc64 kernel, too.
- Fix R_SPARC_HIX22 relocations. Apparently these are hardly ever used.
2011-03-06 15:20:11 +00:00
Marius Strobl
d374d11285 - Consistently abbreviate the names of the relocations.
- End sentences with dots.
- Fix whitespace.
2011-03-06 13:25:46 +00:00