Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva)
Approved by: re (bz)
Security: FreeBSD-SA-11:06.bind
Security: FreeBSD-SA-11:07.chroot
Security: FreeBSD-SA-11:08.telnetd
Security: FreeBSD-SA-11:09.pam_ssh
Security: FreeBSD-SA-11:10.pam
from scratch, copying needed functionality from the old implemenation
on demand, with a thorough review of all code. The main change is that
interface layer has been removed from the CARP. Now redundant addresses
are configured exactly on the interfaces, they run on.
The CARP configuration itself is, as before, configured and read via
SIOCSVH/SIOCGVH ioctls. A new prefix created with SIOCAIFADDR or
SIOCAIFADDR_IN6 may now be configured to a particular virtual host id,
which makes the prefix redundant.
ifconfig(8) semantics has been changed too: now one doesn't need
to clone carpXX interface, he/she should directly configure a vhid
on a Ethernet interface.
To supply vhid data from the kernel to an application the getifaddrs(8)
function had been changed to pass ifam_data with each address. [1]
The new implementation definitely closes all PRs related to carp(4)
being an interface, and may close several others. It also allows
to run a single redundant IP per interface.
Big thanks to Bjoern Zeeb for his help with inet6 part of patch, for
idea on using ifam_data and for several rounds of reviewing!
PR: kern/117000, kern/126945, kern/126714, kern/120130, kern/117448
Reviewed by: bz
Submitted by: bz [1]
yet (see LLVM PR 9788), and warns about it, rub it out for now. When
clang grows support for this attribute, I will revert this again.
MFC after: 1 week
conversion between enum desdir/desmode from include/rpc/des.h, and enum
desdir/desmode from include/rpcsvc/crypt.x. These are actually
different enums, with different value names, but by accident the integer
representation of the enum values happened to be the same.
MFC after: 1 week
warn about it. I guess this was originally done to silence a bogus
warning by an older version of gcc, but I could not reproduce it with
any version of gcc that I have access to.
MFC after: 1 week
__noreturn macro and modify the other exiting functions to use it.
The __noreturn macro, unlike __dead2, must be used BEFORE the function.
This is in line with the C and C++ specifications that place _Noreturn (c1x)
and [[noreturn]] (C++11) in front of the functions. As with __dead2, this
macro falls back to using the GCC attribute.
Unfortunately, clang currently sets the same value for the C version macro
in C99 and C1x modes, so these functions are hidden by default. At some
point before 10.0, I need to go through the headers and clean up the C1x /
C++11 visibility.
Reviewed by: brooks (mentor)
vs. the comment documented "If we are working with a privileged socket,
then take only one attempt". Make the code match.
Furthermore, critical privileged applications that [over] log a vast amount
can look like a DoS to this code. Given it's unlikely the single reattempted
send() will succeeded, avoid usurping the scheduler in a library API for a
single non-critical facility in critical applications.
Obtained from: Juniper Networks
Discussed with: glebius
than silently failing and returning success.
Without this, code calls pthread_once(), receives a return value of
success, and thinks that the passed function has been called.
Approved by: dim (mentor)
system calls to provide feed-forward clock management capabilities to
userspace processes. ffclock_getcounter() returns the current value of the
kernel's feed-forward clock counter. ffclock_getestimate() returns the current
feed-forward clock parameter estimates and ffclock_setestimate() updates the
feed-forward clock parameter estimates.
- Document the syscalls in the ffclock.2 man page.
- Regenerate the script-derived syscall related files.
Committed on behalf of Julien Ridoux and Darryl Veitch from the University of
Melbourne, Australia, as part of the FreeBSD Foundation funded "Feed-Forward
Clock Synchronization Algorithms" project.
For more information, see http://www.synclab.org/radclock/
Submitted by: Julien Ridoux (jridoux at unimelb edu au)
load of _l suffixed versions of various standard library functions that use
the global locale, making them take an explicit locale parameter. Also
adds support for per-thread locales. This work was funded by the FreeBSD
Foundation.
Please test any code you have that uses the C standard locale functions!
Reviewed by: das (gdtoa changes)
Approved by: dim (mentor)
change here is to ensure that when a process forks after arc4random
is seeded, the parent and child don't observe the same random sequence.
OpenBSD's fix introduces some additional overhead in the form of a
getpid() call. This could be improved upon, e.g., by setting a flag
in fork(), if it proves to be a problem.
This was discussed with secteam (simon, csjp, rwatson) in 2008, shortly
prior to my going out of town and forgetting all about it. The conclusion
was that the problem with forks is worrisome, but it doesn't appear to
have introduced an actual vulnerability for any known programs.
The only significant remaining difference between our arc4random and
OpenBSD's is in how we seed the generator in arc4_stir().
OpenBSD's version (r1.22). While some of our style changes were
indeed small improvements, being able to easily track functionality
changes in OpenBSD seems more useful.
Also fix style bugs in the FreeBSD-specific parts of this file.
No functional changes, as verified with md5.
The size passed to strlcat() must depend on the input length, not the
output length. Because the input and output buffers are equal in size,
the resulting binary does not change at all.
madvise(2) except that it operates on a file descriptor instead of a
memory region. It is currently only supported on regular files.
Just as with madvise(2), the advice given to posix_fadvise(2) can be
divided into two types. The first type provide hints about data access
patterns and are used in the file read and write routines to modify the
I/O flags passed down to VOP_READ() and VOP_WRITE(). These modes are
thus filesystem independent. Note that to ease implementation (and
since this API is only advisory anyway), only a single non-normal
range is allowed per file descriptor.
The second type of hints are used to hint to the OS that data will or
will not be used. These hints are implemented via a new VOP_ADVISE().
A default implementation is provided which does nothing for the WILLNEED
request and attempts to move any clean pages to the cache page queue for
the DONTNEED request. This latter case required two other changes.
First, a new V_CLEANONLY flag was added to vinvalbuf(). This requests
vinvalbuf() to only flush clean buffers for the vnode from the buffer
cache and to not remove any backing pages from the vnode. This is
used to ensure clean pages are not wired into the buffer cache before
attempting to move them to the cache page queue. The second change adds
a new vm_object_page_cache() method. This method is somewhat similar to
vm_object_page_remove() except that instead of freeing each page in the
specified range, it attempts to move clean pages to the cache queue if
possible.
To preserve the ABI of struct file, the f_cdevpriv pointer is now reused
in a union to point to the currently active advice region if one is
present for regular files.
Reviewed by: jilles, kib, arch@
Approved by: re (kib)
MFC after: 1 month
the word alignment, some versions of gcc do require 16-byte alignment.
Make sure the stack is 16-byte aligned before calling a subroutine.
Inspired by: PR amd64/162214
MFC after: 1 week
as it is required by amd64 ABI. Add a comment for the places were
the stack is accidentally properly aligned already.
PR: amd64/162214
Submitted by: yamayan <yamayan kbh biglobe ne jp>
MFC after: 1 week
When booting the system, truncate the utx.active file, but do write the
BOOT_TIME record into it afterwards. This allows one to obtain the boot
time of the system as follows:
struct utmpx u1 = { .ut_type = BOOT_TIME }, *u2;
setutxent();
u2 = getutxid(&u1);
Now, the boot time is stored in u2->ut_tv, just like on Linux and other
systems.
We don't open the utx.active file with O_EXLOCK. It's rather unlikely
that other applications use this database at the same time and I want to
prevent the possibility of deadlocks in init(8).
Discussed with: pluknet
working MI one. The MI one only needs to be overridden on machines
with non-IEEE754 arithmetic. (The last supported one was the VAX.)
It can also be overridden if someone comes up with a faster one that
actually passes the regression tests -- but this is harder than it sounds.
Even though POSIX allows us to return simply /dev/tty as a pathname
identifying the controlling terminal of the running process, it is nicer
if this function were actually useful, by returning the actual pathname
of the controlling terminal.
Implement ctermid() by using the kern.devname sysctl to resolve the
actual name of /dev/tty. Don't use devname(3), since it may return bogus
strings like #C:0x123.
As of FreeBSD 6, devices can only be opened through devfs. These device
nodes don't have major and minor numbers anymore. The st_rdev field in
struct stat is simply based a copy of st_ino.
Simply display device numbers as hexadecimal, using "%#jx". This is
allowed by POSIX, since it explicitly states things like the following
(example taken from ls(1)):
"If the file is a character special or block special file, the
size of the file may be replaced with implementation-defined
information associated with the device in question."
This makes the output of these commands more compact. For example, ls(1)
now uses approximately four columns less. While there, simplify the
column length calculation from ls(1) by calling snprintf() with a NULL
buffer.
Don't be afraid; if needed one can still obtain individual major/minor
numbers using stat(1).
conversion, conversion must fail and errno must be set to E2BIG.
PR: standards/160673
Submitted by: Henning Petersen <henning.petersen@t-online.de>
Reviewed by: pluknet
Approved by: re (kib), delphij (mentor)
A "process descriptor" file descriptor is used to manage processes
without using the PID namespace. This is required for Capsicum's
Capability Mode, where the PID namespace is unavailable.
New system calls pdfork(2) and pdkill(2) offer the functional equivalents
of fork(2) and kill(2). pdgetpid(2) allows querying the PID of the remote
process for debugging purposes. The currently-unimplemented pdwait(2) will,
in the future, allow querying rusage/exit status. In the interim, poll(2)
may be used to check (and wait for) process termination.
When a process is referenced by a process descriptor, it does not issue
SIGCHLD to the parent, making it suitable for use in libraries---a common
scenario when using library compartmentalisation from within large
applications (such as web browsers). Some observers may note a similarity
to Mach task ports; process descriptors provide a subset of this behaviour,
but in a UNIX style.
This feature is enabled by "options PROCDESC", but as with several other
Capsicum kernel features, is not enabled by default in GENERIC 9.0.
Reviewed by: jhb, kib
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
* Decouple the path supervision using a separate HB timer per path.
* Add support for potentially failed state.
* Bring back RTO.min to 1 second.
* Accept packets on IP-addresses already announced via an ASCONF
* While there: do some cleanups.
Approved by: re@
MFC after: 2 months.
These system calls have already been implemented in the kernel; now we
hook up libc symbols so userspace can drive them.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
-g, by reverting r219139. The LLVM PR referenced in that revision was
fixed in the mean time, and we imported a clang snapshot soon
afterwards, so the temporary workaround of disabling clang's integrated
assembler is no longer needed.
In this particular case, using e.g. DEBUG_FLAGS=-g causes clang to
output certain directives into assembly that our version of GNU as
chokes on.
Reported by: dougb
Approved by: re (kib)
Formerly, in this case an error was returned but the pid was also returned
to the application, requiring the application to use unspecified behaviour
(the returned pid in error situations) to avoid zombies.
Now, reap the zombie and do not return the pid.
MFC after: 2 weeks
As noted in Austin Group issue #370 (an interpretation has been issued),
failing posix_spawn() because an fd specified with
posix_spawn_file_actions_addclose() is not open is unnecessarily harsh, and
there are existing implementations that do not fail posix_spawn() for this
reason.
Reviewed by: ed
MFC after: 10 days
Some files keep the SUN4V tags as a code reference, for the future,
if any rewamped sun4v support wants to be added again.
Reviewed by: marius
Tested by: sbruno
Approved by: re
* Cleanup usage of iov's.
* Add support for SCTP_TIMEOUTS socketoption.
* Fix a bug in sctp_recvmsg(): return the msg_flags in case of an error.
* Fix a bug in the error handling of sctp_peeloff(): return the -1.
- While here, remove a few C comments that don't seem to contribute
anything additional to the man page.
PR: 146047
Submitted by: arundel
MFC after: 3 days
vop_stdallocate() is filesystem agnostic and will run as slow as a
read/write loop in userspace; however, it serves to correctly
implement the functionality for filesystems that do not implement a
VOP_ALLOCATE.
Note that __FreeBSD_version was already bumped today to 900036 for any
ports which would like to use this function.
Also reserve space in the syscall table for posix_fadvise(2).
Reviewed by: -arch (previous version)
negative return value from write to update its position in
a buffer. The patch, courtesy of Andrey Simonenko, also simplifies
a conditional by removing the "i != cnt" clause, since it is
always true at this point in the code. The bug caused problems
for mountd, when it generated a large reply to an exports RPC
request.
Submitted by: simon at comsys.ntu-kpi.kiev.ua
MFC after: 2 weeks
Of course, strerror_r() may still fail with ERANGE.
Although the POSIX specification said this could fail with EINVAL and
doing this likely indicates invalid use of errno, most other
implementations permitted it, various POSIX testsuites require it to
work (matching the older sys_errlist array) and apparently some
applications depend on it.
PR: standards/151316
MFC after: 1 week
syscall assembly files. This results in conflicting dependencies and can
cause unexpected results for parallel builds. This is because the .c file
and the .S file both generate the same .o file.
Submitted by: Simon Gerraty <sjg@juniper.net>
Sponsored by: Juniper Networks
The "FTS_NOSTAT" option can avoid a lot of calls to stat(2) if it knows that a
directory could not possibly have subdirectories. This is decided by looking at
the link count: a subdirectory would increment its parent's link count by
virtue of its own ".." entry. This assumption only holds for UFS-like
filesystems that implement links and directories this way, so we must punt for
others.
It looks like ZFS is a UFS-like file system, as the above also holds for ZFS.
Add ZFS to the list of file systems that allow for such optimization.
MFC after: 1 month
Calling rfork_thread(3) does not interoperate with pthreads and global state
is not properly protected.
Remove the BUGS section suggesting LinuxThreads entirely. With the current
pthread library libthr, all threads are kernel-level entities so there seems
little reason to use LinuxThreads.
support for it. Note that while sparc64 also supports the static TLS
model and thus tls_model("initial-exec"), using the default model
turned out to yield slightly better buildstone performance.
- If precision is 0, don't print period followed by no digits.
- If precision is 0 stop printing units as soon as possible
(eg. if we have three years and five days and precision is 0
print only 3y5d).
- If precision is not 0, print all units (eg. 3y0d0h0m0s.00).
MFC after: 2 weeks
it possible for the kernel to track login class the process is assigned to,
which is required for RCTL. This change also make setusercontext(3) call
setloginclass(2) and makes it possible to retrieve current login class using
id(1).
Reviewed by: kib (as part of a larger patch)
entries instead of six). This makes "setfacl -b" do the right thing
for ACLs on ZFS. UFS recognizes both kinds of trivial ACLs; no change
there.
MFC after: 2 months
can link against them. Add man pages for the new system calls, with one
errant forward reference to changes not yet present in FreeBSD, but soon
will be.
Reviewed by: anderson
Obtained from: Capsicum Project
Sponsored by: Google, Inc.
Discussed with: benl, kris, pjd
MFC after: 3 months
kernel.debug (or possibly other files), when WITH_CTF is active.
This is caused by a bug in clang's integrated assembler, causing malloc
to sometimes hang during initialization in statically linked executables
that use threading, such as the copy of ctfmerge that is built during
the bootstrap stage of buildworld. The bug has been submitted upstream:
http://llvm.org/bugs/show_bug.cgi?id=9352
Note that you might have to rebuild and install libc first, to get your
kernel build to finish, because the ctfmerge binary built during
bootstrap is linked with your base system's copy of libc.a, which might
already contain a bad copy of malloc.o.
setting. It can be built by setting the WITH_ICONV knob. While this
knob is unset, the library part, the binaries, the header file and
the metadata files will not be built or installed so it makes no impact
on the system if left turned off.
This work is based on the iconv implementation in NetBSD but a great
number of improvements and feature additions have been included:
- Some utilities have been added. There is a conversion table generator,
which can compare conversion tables to reference data generated by
GNU libiconv. This helps ensuring conversion compatibility.
- UTF-16 surrogate support and some endianness issues have been fixed.
- The rather chaotic Makefiles to build metadata have been refactored
and cleaned up, now it is easy to read and it is also easier to add
support for new encodings.
- A bunch of new encodings and encoding aliases have been added.
- Support for 1->2, 1->3 and 1->4 mappings, which is needed for
transliterating with flying accents as GNU does, like "u.
- Lots of warnings have been fixed, the major part of the code is
now WARNS=6 clean.
- New section 1 and section 5 manual pages have been added.
- Some GNU-specific calls have been implemented:
iconvlist(), iconvctl(), iconv_canonicalize(), iconv_open_into()
- Support for GNU's //IGNORE suffix has been added.
- The "-" argument for stdin is now recognized in iconv(1) as per POSIX.
- The Big5 conversion module has been fixed.
- The iconv.h header files is supposed to be compatible with the
GNU version, i.e. sources should build with base iconv.h and
GNU libiconv. It also includes a macro magic to deal with the
char ** and const char ** incompatibility.
- GNU compatibility: "" or "char" means the current local
encoding in use
- Various cleanups and style(9) fixes.
Approved by: delphij (mentor)
Obtained from: The NetBSD Project
Sponsored by: Google Summer of Code 2009
As it was pointed out by Alan Cox, that no longer serves its purpose with
the modern UMA allocator compared to the old one used in 4.x days.
The removal of sysctl eliminates max_proc_mmap type overflow leading to
the broken mmap(2) seen with large amount of physical memory on arches
with factually unbound KVA space (such as amd64). It was found that
slightly less than 256GB of physmem was enough to trigger the overflow.
Reviewed by: alc, kib
Approved by: avg (mentor)
MFC after: 2 months
The existing implementation of bzero incorrectly clears bytes when the
start address is not word aligned. Fix it by using REG_SHI macro which
works on both 32 and 64 bit.
Submitted by: Artem Belevich (fbsdlist at src cx)
Most of the ports I broke when I imported utmpx, were simple management
utilities for the utmp database, allowing you to add/remove entries
manually.
Add a small tool called utxrm(8), which allows you to remove an entry
from the utmpx database by hand. This is useful when a login daemon
crashes or fails to remove the entry during shutdown.
calling thread's unique integral ID, which is similar to AIX function of
the same name. Bump __FreeBSD_version to note its introduction.
Reviewed by: kib
This matches the constants from <signal.h> with 'SIG' removed, which POSIX
requires kill and trap to accept and 'kill -l' to write.
'kill -l', 'trap', 'trap -l' output is now upper case.
In Turkish locales, signal names with an upper case 'I' are now accepted,
while signal names with a lower case 'i' are no longer accepted, and the
output of 'killall -l' now contains proper capital 'I' without dot instead
of a dotted capital 'I'.
These changes are needed to fix n32 compile after the recent change of
mips n32 MACHINE_ARCH to mipsn32eb/mipsn32el.
Reviewed by: imp, bz (earlier version)
architectures that support this .note. In particular, do not unneccessary
emit the notes on ia64 and sparc64, which ABI require non-executable stacks.
Tested by: marcel
Because {NGROUPS_MAX} may become variable, its value should be obtained
using sysconf(3). If a #define is used anyway, it should be obtained by
including <limits.h> as that is in POSIX like getgroups(2) itself is.
<sys/param.h> is not in POSIX.
MFC after: 1 week
This is what SUSv4 requires, and also the only thing that works if strict
standards compliance is requested or mknodat() is needed.
PR: standards/123688
Submitted by: gcooper
MFC after: 1 week
Implement MACHINE_ARCH=mips64e[lb] to build N64 images. This replaces
MACHINE_ARCH=mipse[lb] TARGET_ABI=n64.
MACHINE_ARCH=mipsn32e[lb] has been added, but currently requires
WITHOUT_CDDL due to atomic issues in libzfs. I've not investigated
this much, but implemented this to preserve as much of the TARGET_ABI
functionality that I could. Since its presence doesn't affect the
working cases, I've kept it in for now.
Added mips64e[lb] to make universe, so more kernels build.
And I think this (finally) closes the curtain on the tbemd tree.
the existing file descriptor. Instead, let dup2() atomically close the
old file descriptor when assigning the newly opened file to the same
descriptor. This closes a race in a multithreaded application where a
concurrent open() could allocate the existing file descriptor in between
the calls to close() and dup2().
PR: threads/79887
Submitted by: Dmitrij Tejblum tejblum of yandex-team.ru
Reviewed by: davidxu
MFC after: 1 week
you tag a socket with an uint32_t value. The cookie can then be
used by the kernel for various purposes, e.g. setting the skipto
rule or pipe number in ipfw (this is the reason SO_USER_COOKIE has
been implemented; however there is nothing ipfw-specific in its
implementation).
The ipfw-related code that uses the optopn will be committed separately.
This change adds a field to 'struct socket', but the struct is not
part of any driver or userland-visible ABI so the change should be
harmless.
See the discussion at
http://lists.freebsd.org/pipermail/freebsd-ipfw/2009-October/004001.html
Idea and code from Paul Joe, small modifications and manpage
changes by myself.
Submitted by: Paul Joe
MFC after: 1 week
I've noticed various terminal emulators that need to obtain a sane
default termios structure use very complex `hacks'. Even though POSIX
doesn't provide any functionality for this, extend our termios API with
cfmakesane(3), which is similar to the commonly supported cfmakeraw(3),
except that it fills the termios structure with sane defaults.
Change all code in our base system to use this function, instead of
depending on <sys/ttydefaults.h> to provide TTYDEF_*.
flag. [1]
- Note that also fchflags(2) will return EPERM for attempts to set or
unset the SF_SNAPSHOT flag.
Submitted by: Garrett Cooper [1]
MFC after: 1 week
Instead of only returning NULL when the entry is invalid and can't be
matched against the current database, also return it when it cannot open
the log files properly.
It's a bit more pedantic regarding .Bl list elements. This has an added
benefit of unbreaking the ipfw(8) manpage, where groff was silently
skipping one list element.
a silly rwlock deadlock problem, the deadlock is caused by writer
waiters, if a thread has already locked a reader lock, and wants to
acquire another reader lock, it will be blocked by writer waiters,
but we had already fixed it years ago.
On anything modern, the C version, which processes a word at a time, is much
faster. The Intel optimization manual explicitly warns against using REP
prefixes with SCAS or CMPS, which is exactly what the assembler version
does.
A simple test on a Phenom II showed the C version, compiled with -O2, to be
about twice as fast determining the length of 100000 strings between 0 and
255 bytes long.
MFC after: 2 weeks
as they are slower than the generic version in C, at least on modern
hardware. This leaves us with just five implementations.
Suggested by: bde
Approved by: rpaulo (mentor)
r212976): order the incoming arguments to fscale as st(0), st(1), and
mark temp2 volatile (only in case of compilation with clang) to force
clang to pop it correctly. No binary change when compiled with gcc.
This fixes ldexp() when compiled with clang on amd64, which makes
drand48() and friends work correctly again, and this in turn fixes
perl's tempfile().
Reported by: Renato Botelho, Derek Tattersall
Approved by: rpaulo (mentor)
for them, two functions _pthread_cancel_enter and _pthread_cancel_leave
are added to let thread enter and leave a cancellation point, it also
makes it possible that other functions can be cancellation points in
libraries without having to be rewritten in libthr.
Reorder inline assembly arguments temp2, temp, value and texp to follow
the st(0), st(1), etc. style.
Also mark the temp2 variable as volatile to workaround another clang
bug.
This allows clang to buildworld FreeBSD/i386.
Submitted by: dim
the first line of a script exceeded MAXSHELLCMDLEN characters, then
exec_imgact_shell() silently truncated the line and passed on the truncated
interpreter name or argument. Now, exec_imgact_shell() will fail and return
ENOEXEC, which is the commonly used errno among Unix variants for this type
of error. (2) Previously, exec_imgact_shell()'s check on the length of the
interpreter's name was ineffective. In other words, exec_imgact_shell()
could not possibly fail and return ENAMETOOLONG. The reason being that the
length of the interpreter name had to exceed MAXSHELLCMDLEN characters in
order that ENAMETOOLONG be returned. But, the search for the end of the
interpreter name stops after at most MAXSHELLCMDLEN - 2 characters are
scanned. (In the end, this particular error is eventually discovered
outside of exec_imgact_shell() and ENAMETOOLONG is returned. So, the real
effect of this second change is that the error is detected earlier, in
exec_imgact_shell().)
Update the definition of MAXINTERP to the actual limit on the size of
the interpreter name that has been in effect since r142453 (from
2005).
In collaboration with: kib
acl_is_trivial_np(3) properly recognize the new trivial ACLs. From
the user point of view, that means "ls -l" no longer shows plus signs
for all the files when running ZFS v28.
add a wrapper for it in libc and rework the code in libthr, the
system call still can return EINTR, we keep this feature.
Discussed on: thread
Reviewed by: jilles
their implementations aren't in the same files. Introduce LIBC_ARCH
and use that in preference to MACHINE_CPUARCH. Tested by amd64 and
powerpc64 builds (thanks nathanw@)
the separate .o for libc_pic.a. This prevents rtld from making the
symbol global.
Putting the stack_protector_compat.c into the public domain acknowledged
by kan.
Reviewed by: kan
MFC after: 2 weeks
atexit and __cxa_atexit handlers that are either installed by unloaded
dso, or points to the functions provided by the dso.
Use _rtld_addr_phdr to locate segment information from the address of
private variable belonging to the dso, supplied by crtstuff.c. Provide
utility function __elf_phdr_match_addr to do the match of address against
dso executable segment.
Call back into libthr from __cxa_finalize using weak
__pthread_cxa_finalize symbol to remove any atfork handler which
function points into unloaded object.
The rtld needs private __pthread_cxa_finalize symbol to not require
resolution of the weak undefined symbol at initialization time. This
cannot work, since rtld is relocated before sym_zero is set up.
Idea by: kan
Reviewed by: kan (previous version)
MFC after: 3 weeks
number of host CPUs and osreldate.
This eliminates the last sysctl(2) calls from the dynamically linked image
startup.
No objections from: kan
Tested by: marius (sparc64)
MFC after: 1 month
have to return ERANGE and terminate with NS_RETURN.
- When gethostbyname_r(3) and the friends end with an error,
set errno to the value nss backend returns, and return errno
value.
PR: kern/131623
MFC after: 2 weeks
clang.
The general idea is that the vendor will not accept our compilation
patches and so disabling the warnings is the best way to go as it makes
future imports bearable.
Submitted by: Dimitry Andric <dimitry at andric.com>
Discussed with: das
to catch invalid signal numbers [1]. Use consistent style of
not assigning the return value to a local variable.
Reported by: Garrett Cooper <yanegomi gmail com> [1]
MFC after: 1 week
quirks for weak-symbol handling. Text symbols require also marking weak
the special dot-symbol associated with the function, and data symbols
require that you not do that. To fix this, provide a hacked
__weak_reference for powerpc64, and define a new __weak_reference_data
for the single weak data symbol in base.
Revert after: binutils 2.17 import
Obtained from: projects/ppc64
