Commit Graph

134 Commits

Author SHA1 Message Date
bdrewery
b619f0c747 Revert r267233 for now. PIE support needs to be reworked.
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
   build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
   where it never would work anyhow, such as csu or loader. This suggests
   there may be better ways of adding support to the tree. Many of these
   cases can be fixed such that -fPIE will work but there is really no
   reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
   really building libraries but have been using bsd.prog.mk because the code
   is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
   been needed.

We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.

Reported by:	kib
2014-08-19 15:04:32 +00:00
bdrewery
989e2c6000 In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.

Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]

Mark known build failures as NO_PIE for now.

The only known runtime failure was rtld.

[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by:		Shawn Webb <lattera@gmail.com>
Discussed between:	des@ and Shawn Webb [2]
2014-06-08 17:29:31 +00:00
trhodes
f22bac81aa If called without -T or -t, fsck attempts to detect the
file system type.  If this fails, fsck will fail with
"unknown file system type" message.

PR:		188214
2014-05-23 14:32:57 +00:00
uqs
0435f4a49c Make fsck and fsck_msdosfs WARNS=6 clean
- sprinkle const
- add volatile qualifier to avoid vfork clobbering

Inspired by:	NetBSD
PR:		bin/139802
Reviewed by:	ed
2012-10-21 12:01:19 +00:00
uqs
d704245c81 sbin/fsck: s/perror/perr/ to avoid shadowing
- rename some other vars too
- merge NetBSD license changes

Obtained from:	NetBSD
PR:		bin/139802
Reviewed by:	ed
2012-10-21 12:01:11 +00:00
ed
5b02333e84 Add missing static keywords for global variables to tools in sbin/.
These tools declare global variables without using the static keyword,
even though their use is limited to a single C-file, or without placing
an extern declaration of them in the proper header file.
2011-11-04 13:36:02 +00:00
sobomax
e1f2c1df24 Add new option -c to specify alternatve location of the /etc/fstab
file.

MFC after:	1 month
2011-10-25 01:46:42 +00:00
joel
f4e8725880 Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
mckusick
00c55fe8c7 Note that foreground fsck should be run after a filesystem related panic.
Suggested by:	Mikhail Teterin (mi@)
MFC after:	1 week
2010-07-22 18:33:10 +00:00
netchild
42a48ae275 Fix minor resource leak in a function which was introduced by changing an
err() to a return in r106254.

MFC after:	1 week
2009-11-20 15:27:00 +00:00
obrien
7d88cc57bf Add the '-C' "check clean" flag. If the FS is marked clean, skip file
system checking.  However, if the file system is not clean, perform a
full fsck.

Reviewed by:	delphij
Obtained from:	Juniper Networks
2009-01-30 18:33:05 +00:00
ru
719be5d341 Sync program's usage() with manpage's SYNOPSIS. 2005-02-10 09:19:34 +00:00
ru
114ea39c76 Fixed the misplaced $FreeBSD$. 2005-02-09 18:07:17 +00:00
ru
d9e4eb9285 Deal with double whitespace. 2004-07-03 00:13:43 +00:00
ru
46fddaa54b Mechanically kill hard sentence breaks. 2004-07-02 21:45:06 +00:00
markm
90f91e7879 Remove advertising clause from University of California Regent's license,
per letter dated July 22, 1999.

Approved by: core, imp
2004-04-09 19:58:40 +00:00
bde
890b93648b Use __printflike() and __dead2 instead of hard-coded gccisms.
Declare perror().  We define and use a home made version of perror(3)
that can't simply be removed (although it has the same interface as
perror(3)) since it is very different (it prints on stdout, doesn't
always print the program name, and sometimes exits).  Declare it to
get a reminder of this brokenness when WARNS is increased enough.
2003-12-27 13:54:02 +00:00
bde
e73943dcf6 Garbage-collected hotroot, rawname() and unrawname() again. These
became garbage when block devices were axed and were removed a few
months later, but they came back (with hotroot renamed to hot + hotroot())
when the NetBSD fsck was mismerged.
2003-12-27 13:29:49 +00:00
bde
ccf8fdfdee fsck_msdosfs/main.c:
- Don't use errexit() to (mis)implement usage().  Using errexit() just
  gave the bogus exit code 8.
- Fixed 3 other style bugs in usage().

fsck/fsutil.[ch]:
- Garbage-collected errexit().  It is essentially just one of NetBSD's
  fsck_ext2fs error printing functions, but we don't have fsck_ext2fs
  and the function is unsuitable for use there too (since pfatal() is
  also used and it printf to a different stream).
2003-12-27 13:08:55 +00:00
trhodes
3b490f22bc Bump WARNS level and add a '?' to WARNS=. 2003-10-29 16:10:17 +00:00
trhodes
198ce303b5 Remove redundant declaration of the perror() function, it's provided by stdio.h.
Don't define DKTYPENAMES without using it.
2003-10-29 16:09:17 +00:00
maxim
742d2ae133 o Fix usage(): remove '-l', add missed '-f', sort. 2003-07-26 15:29:10 +00:00
simon
b3a9102865 Remove references to the '-l' option in synopsis. The rest of the
description of this option was removed in v. 1.22.

PR:		docs/54880
Submitted by:	Lukas Ertl <l.ertl@univie.ac.at>
Approved by:	ceri (mentor)
2003-07-26 12:57:56 +00:00
gordon
5114761ede Convert fsck and mount to using execvP to find fsck_foo and mount_foo.
This simplifies the code path and makes the default path easy to override
in the /rescue case.

Submitted by:	Tim Kientzle <kientzle@acm.org>
2003-06-29 17:53:48 +00:00
jmallett
a521aa5aa4 Back out previous delta to fix fsck on filesystems without an fstab entry,
where we want to take the disklabel filesystem type of "4.2BSD" and use
fsck_4.2bsd on those filesystems.

Add a comment about why the code is there, now that we know:

         * XXX This is a kludge to make automatic filesystem type guessing
         * from the disklabel work for "4.2BSD" filesystems.  It does a
         * very limited subset of transliteration to a normalised form of
         * filesystem name, and we do not seem to enforce a filesystem
         * name character set.
2003-04-25 01:12:35 +00:00
jmallett
3971e27f3b Strip out bogus difference from when this came from NetBSD: transliterating
upper-case alphabetical characters to lower-case ones, and spaces to dashes.
The person who added this when bringing the code from NetBSD has no idea why
he added it, and nobody on freebsd-fs came up with any cases where the icky
part (the conversion of spaces to underscores) was needed.  The removal of
the upper-case conversion follows an even more obvious logic: it avoids any
sort of namespace issues.  People using StUdLy caps for filesystem names
deserve everything they get.  Otherwise, Efs and efs might be totally different
things, but would use the same fsck.  And we don't want that, right?  That
just provokes the sort of foot-shooting this would prevent.

If you have problems with this, I'll walk you through using sed on your fstab,
cause the only way you could have problems is if you spelled ufs as "UFS".
Most likely, you haven't done that.

MFC after:	1 month
2003-03-03 09:40:32 +00:00
schweikh
fec6546e12 english(4) police. 2002-12-27 12:15:40 +00:00
phk
0b009ff7e7 Straighten out a compound if() to improve readability marginally. 2002-12-17 19:33:44 +00:00
ru
041d1287e8 Uniformly refer to a file system as "file system".
Approved by:	re
2002-12-12 17:26:04 +00:00
phk
ca801c0301 Give a meaningfull diagnostic when we cannot determine the filesystem type. 2002-10-31 15:32:39 +00:00
trhodes
136be46680 s/filesystem/file system/g as discussed on -developers 2002-08-21 18:11:48 +00:00
charnier
a2accd01f0 The .Nm utility 2002-07-06 19:34:18 +00:00
trhodes
896f3841bf more file system > filesystem 2002-05-16 04:10:46 +00:00
des
4d6b787d2d Usage style sweep: spell "usage" with a small 'u'.
Also change one case of blatant __progname abuse (several more remain)
This commit does not touch anything in src/{contrib,crypto,gnu}/.
2002-04-22 13:44:47 +00:00
markm
bda6eb4b89 Replace __progname with the functionally identical but more
acceptable (documented) getprogname(3).
2002-03-24 15:06:48 +00:00
imp
120c3c211a o __P removed
o ansi function prototypes
o unifdef -D__STDC__
o __dead2 on usage prototype
o remove now-bogus main prototype
2002-03-20 22:57:10 +00:00
obrien
9baf2f1b03 Default to WARNS=2.
Binary builds that cannot handle this must explicitly set WARNS=0.

Reviewed by:	mike
2001-12-04 02:19:58 +00:00
ru
2b577fc318 mdoc(7) police: Fixed broken xrefs. 2001-08-22 14:16:31 +00:00
kris
5e75b336b9 Silence non-constant format string warnings by marking functions
as __printflike()/__printf0like(), adding const, or adding missing "%s"
format strings, as appropriate.

MFC after:	2 weeks
2001-08-19 08:19:37 +00:00
dd
a145482cf6 Remove whitespace at EOL. 2001-07-15 07:53:42 +00:00
mckusick
c5f553afea Update usage message with new options.
Submitted by:	Ruslan Ermilov <ru@FreeBSD.org>
2001-04-30 05:36:32 +00:00
ru
bbf732ba37 mdoc(7) police: update document date, sort xrefs, fix markup. 2001-04-27 08:28:44 +00:00
mckusick
658667dbfa Add support for running foreground (-F) and background (-B) checks.
Traditionally, fsck is invoked before the filesystems are mounted
and all checks are done to completion at that time. If background
checking is available, fsck is invoked twice. It is first invoked
at the traditional time, before the filesystems are mounted, with
the -F flag to do checking on all the filesystems that cannot do
background checking. It is then invoked a second time, after the
system has completed going multiuser, with the -B flag to do checking
on all the filesystems that can do background checking. Unlike
the foreground checking, the background checking is started
asynchonously so that other system activity can proceed even on
the filesystems that are being checked.

At the moment, only the fast filesystem supports background checking.
To be able to do background checking, a filesystem must have been
running with soft updates, not have been marked as needing a
foreground check, and be mounted and writable when the background
check is to be done (i.e., not listed as `noauto' in /etc/fstab).

These changes are the final piece needed to support background
filesystem checking. They will not have any effect until you update
your /etc/rc to invoke fsck in its new mode of operation. I am
still playing around with exactly what those changes should be
and should be committing them later this week.
2001-04-25 07:18:22 +00:00
phk
a117685f16 Don't make fsck go quite _that_ fast:
In Preen mode we only checked one partition per disk device.
2001-04-07 13:24:59 +00:00
ru
a1012ae9ac mdoc(7) police: use .Nm instead of hardcoded name. 2001-04-04 10:36:16 +00:00
phk
c59a8fb48c This change sanitizes the way fsck deals with pass numbers.
Consider this /etc/fstab:

# Device         Mountpoint      FStype  Options    Dump    Pass#
/dev/ad1s1b      none            swap    sw         0       0
/dev/ad0s1b      none            swap    sw         0       0
/dev/ad0s1a      /               ufs     rw         1       1
/dev/ad0s1e      /home           ufs     rw         2       2
/dev/ad1s1e      /tmp            ufs     rw         2       2
/dev/ad1s1f      /usr            ufs     rw         2       2
/dev/ccd0c       /syv            ufs     rw         2       11
proc             /proc           procfs  rw         0       0

ccd0c is striped over /dev/ad0f and /dev/ad1g

Without this pass, fsck in preen mode will check ad0s1a first,
and then issue three processes in parallel:

One process doing ad0s1e
One process doing ad1s1e and ad1s1f
One process doing ccd0c

There is no way to tell it that ccd0c overlaps ad0 and ad1.

With the patch, it will do it this way:

pass 2:
One process doing ad0s1e
One process doing ad1s1e and ad1s1f

and when they are complete:

pass 11:
One process doing ccd0c

This is much faster and more sane.

Valid pass numbers are anything from 1 to INTMAX-1.

I retired the '-l' option which tried to allow people to do
something like this, but which didn't work and which complicated
the code an awful lot.
2001-03-30 08:01:34 +00:00
ru
86642a4ab4 - Backout botched attempt to introduce MANSECT feature.
- MAN[1-9] -> MAN.
2001-03-26 14:33:27 +00:00
ru
56b5d7535b Set the default manual section for sbin/ to 8. 2001-03-20 18:13:31 +00:00
ru
8a6f8b5fe4 mdoc(7) police: split punctuation characters + misc fixes. 2001-02-01 16:38:02 +00:00
phk
012b3e6f20 Use macro API to <sys/queue.h>
Submitted by:	"Peter Avalos" <pavalos@theshell.com>
Reviewed by:	/sbin/md5
2000-12-30 21:05:45 +00:00