Add a new errno, ENOTCAPABLE, to be returned when a process requests an
operation on a file descriptor that is not authorized by the descriptor's
capability flags.
Sponsored by: Google
Update to BIND 9.6.1-P2. The vulnerability this is designed to fix is
related to DNSSEC validation on a resolving name server that allows
access to untrusted users. If your system does not fall into all 3 of
these categories you do not need to update immediately.
- fix a transfer cancelling bug/segfault [1]
- correct a return code in the transfer cancel function.
- add new API function, libusb20_tr_bulk_intr_sync().
Submitted by: HPS
Reported by: Robert Jenssen [1]
Not all Intel Core (TM) CPUs implement PMC_CLASS_IAF fixed-function
counters. For such CPUs, use an alternate mapping of convenience
names to events supported by PMC_CLASS_IAP programmable counters.
Add two new fcntls to enable/disable read-ahead:
- F_READAHEAD: specify the amount for sequential access. The amount is
specified in bytes and is rounded up to nearest block size.
- F_RDAHEAD: Darwin compatible version that use 128KB as the sequential
access size.
A third argument of zero disables the read-ahead behavior.
Please note that the read-ahead amount is also constrainted by sysctl
variable, vfs.read_max, which may need to be raised in order to better
utilize this feature.
Thanks Igor Sysoev for proposing the feature and submitting the original
version, and kib@ for his valuable comments.
The fd_mask type is an unsigned long, not an int, so treat the mask as a
long instead of an int when examining the results of select() to look for
RPC requests. Previously this routine would ignore RPC requests to sockets
whose file descriptor mod 64 was greater than 31 on a 64-bit platform.
* retry various system calls on EINTR
* retry the rest after a short read (common if there is more than about 1K
of output)
* block SIGCHLD like system(3) does (note that this does not and cannot
work fully in threaded programs, they will need to be careful with wait
functions)
PR: 90580
Eliminate dead stores.
In __mbsconv(), if prec was zero, nconv could have been used
uninitialized. Initialize it to a safe value so that there's no
chance of returning an error if stack garbage happens to be equal to
(size_t)-1 or (size_t)-2.
In svc_raw_reply(), don't leave stat uninitialized if the MSG_ACCEPTED
&& SUCCESS case succeeds. The stack garbage might be zero.
In clnt_raw_create(), avoid minor race condition initializing the
file-scope variable clntraw_private.
Found by: Clang static analyzer
- fix refcounting error during data transfer
- fix a memory leak on the USB backend
- fix invalid pointer computations (in one case memory outside the allocated
area was written in LibUSB v1.0)
- make sure memory is always initialised, also in failing cases
- add missing functions from v1.0.4
PR: usb/140325
Modified locale(1) to be able to show the altmon_X fields and the
[cxX]_fmt's. Also modify the "-k list" option to display only
fields with a certain prefix.
Add the comment "(FreeBSD only)" to the altmonth_x keywords
Add simple embedded RADIUS server support to libradius, by extending existing
API, keeping backward compatibility.
First consumer for this functionality is going to become forthcoming MPD-5.4,
supporting CoA and DR of RFC 3576: Dynamic Authorization Extensions to RADIUS.
Make libc.a provide __stack_chk_fail_local weak alias. This is
needed to satisfy static libraries that are compiled with -fpic
and linked into static binary afterwards. Several libraries in
gcc are examples of such static libs.
Approved by: re (kib)
In nanosleep(2), note that the calling thread is put to sleep, not the
whole process. Also explicitely name the parameter that specifies
sleep interval.
Approved by: re (kensmith)
Correct the pthread stub prototype for pthread_mutexattr_settype to allow for
the type argument. This is known to fix some pthread_mutexattr_settype()
invocations, especially when it comes to pulseaudio.
Approved by: re (kib)
cr_groups is no longer embedded in struct ucred and is instead stored
in a seperate array. As such we need to use kvm_read rather than bcopy
to populate the ki_groups field.
This fixes a crash when running ps -ax on a coredump.
Reported by: brucec
Tested by: brucec
MFC after: 3 days
Approved by: re@ (kib)
Revision: 197322
Log:
Correct BIOS header sanitizing on pc98.
Revision: 197374
Log:
Disable a check on a disk size because it's too strict. This change is
to avoid using incorrect geometry.
It seems that this is the same problem in g_part_bsd_read()@g_part_bsd.c.
Reviewed by: rink
Approved by: re (kib)
Let fall down in the hard path (thus handling shared waiters wakeup
correctly) for the shared waiters also in the rwlock held in shared mode
as well, fixing possible deadlocks.
Please note that this is a special condition as we want this fix in
before RC2 as we assume it is critical and so it has been handled
as an instant-merge. For the STABLE_7 branch, 1 week before the MFC
is assumed.
Approved by: re (kib)
(incorrect handling of zero-length reads before the copy buffer is
allocated) is masked by the iso9660 taster. Tar and cpio both enable
that taster so were protected from the bug; unzip is susceptible.
This both fixes the bug and updates the test harness to exercise
this case.
Submitted by: Ed Schouten diagnosed the bug and drafted a patch
Approved by: re (kib)
Use explicit int values for the device states in order to allow, if
necessary, in the future, adds of new states without breaking ABI
between revisions.
Please note that this is a special condition as we want this fix in
before RC1 as we assume it is critical and so it has been handled
as an instant-merge.
Approved by: re (kib)
for stable branches:
- shift to MALLOC_PRODUCTION
- turn off automatic crash dumps
- Remove kernel debuggers, INVARIANTS*[1], WITNESS* from
GENERIC kernel config files[2]
[1] INVARIANTS* left on for ia64 by request marcel
[2] sun4v was left as-is
Reviewed by: marcel, kib
Approved by: re (implicit)
Fix regression introduced with NFSv4 ACL support - make acl_to_text(3)
and acl_calc_mask(3) return error instead of crashing when acl passed
to them is NULL.
Submitted by: markus
Reviewed by: rwatson
Approved by: re (kib)
Consider flag == 0 as the same of flag == R_NEXT. This change will restore
a historical behavior that has been changed by revision 190491, and has seen
to break exim.
Approved by: re (kib)
Our implementation of granpt(3) could be valid in the future.
When I wrote the pseudo-terminal driver for the MPSAFE TTY code, Robert
Watson and I agreed the best way to implement this, would be to let
posix_openpt() create a pseudo-terminal with proper permissions in place
and let grantpt() and unlockpt() be no-ops.
This isn't valid behaviour when looking at the spec. Because I thought
it was an elegant solution, I filed a bug report at the Austin Group
about this. In their last teleconference, they agreed on this subject.
This means that future revisions of POSIX may allow grantpt() and
unlockpt() to be no-ops if an open() on /dev/ptmx (if the implementation
has such a device) and posix_openpt() already do the right thing.
I'd rather put this in the manpage, because simply mentioning we don't
comply to any standard makes it look worse than it is. Right now we
don't, but at least we took care of it.
Approved by: re (kib)
Rather than replicating the maths from the kernel, use the
value the kernel calculated directly as we already read it
with struct vnet. This will make kvm_vnet.c more resilent
in case of possible kernel changes.
Reviewed by: rwatson
Approved by: re (kib)
vnet.h, we now use jails (rather than vimages) as the abstraction
for virtualization management, and what remained was specific to
virtual network stacks. Minor cleanups are done in the process,
and comments updated to reflect these changes.
Reviewed by: bz
Approved by: re (vimage blanket)
