Commit Graph

15530 Commits

Author SHA1 Message Date
kargl
4122b35eb6 * Use "math.h" instead of <math.h>.
* Use bit twiddling.  This requires inclusion of math_private.h
  and inclusion of float.h in s_roundl.c.  Raise invalid exception.
* Use literal integer constants where possible.  Let the compiler
  do the appropriate conversion.
* In s_roundf.c, use an F suffix on float constants instead of
  promoting float to double and then converting the result back
  to float. In s_roundl.c, use an L suffix.
* In s_roundl.c, use the ENTERI and RETURNI macros.  This requires
  the inclusion of fpmath.h and on __i386__ class hardware ieeefp.h.

Reviewed by:	bde
2013-11-06 23:44:52 +00:00
gjb
af4516470b Fix .Dd after r257646.
DST affects the day by one hour, but the number of days in the
week stay the same.
2013-11-05 21:47:00 +00:00
markj
3250f22887 Modify the libproc breakpoint add/remove functions to stop the target
process if it has not already been stopped, since this is required for
ptrace(2) to work.

libdtrace does not seem to stop target processes before trying to remove
their breakpoints, so we were previously failing to remove the breakpoint
on r_debug_state() in rtld. This was causing processes to die with SIGTRAP
if they called dlopen(3) after dtrace(1) had detached.

Reported by:	symbolics@gmx.com
Reviewed by:	rpaulo
MFC after:	1 month
2013-11-05 03:23:54 +00:00
eadler
65182b9501 Use OpenBSD's revamped description of strlcpy and strlcat.
This explanation is supposed to be simpler and better.  In particular
"comparing it to the snprintf API provides lots of value, since it raises the
bar on understanding, so that programmers/auditors will a better job calling
all 3 of these functions."

Requested by:	deraadt@cvs.openbsd.org
Obtained From:	OpenBSD
Reviewed by:	cperciva
2013-11-04 19:05:31 +00:00
pjd
35ca29ffe7 - Add manual pages for capability rights (rights(4)), cap_rights_init(3)
family of functions and cap_rights_get(3) function.
- Update remaining Capsicum-related manual pages.

Reviewed by:	bdrewery
MFC after:	3 days
2013-11-04 14:10:22 +00:00
jilles
83816cd1d5 kqueue: Change error for kqueues rlimit from EMFILE to ENOMEM and document
this error condition in the kqueue(2) manual page.

Discussed with:	kib
2013-11-03 23:06:24 +00:00
peter
2041181afb Remove the WITH_LIBICONV_COMPAT hack that seems to do more harm than
good.  This caused libc to spoof the ports libiconv namespace and
provide a colliding libiconv.so.3 to fool rtld.  This should have
been removed some time ago.
2013-11-03 19:04:57 +00:00
emaste
aa360f5c3d Fix up FreeBSD tag for files not from a vendor branch
Unexpand the tag, remove the fbsd:nokeywords property and add the
svn:keywords property.  This should eliminate the gratuituous diffs
that appear on these files in projects branches.

Sponsored by:	The FreeBSD Foundation
2013-10-31 18:44:40 +00:00
nwhitehorn
0fdc4230d2 Add missing header.
Submitted by:	Sean Bruno
2013-10-30 15:46:50 +00:00
nwhitehorn
46fc599e66 printf() specifier updates to CAM to handle either 32-bit or 64-bit lun_id_t.
MFC after:	2 weeks
2013-10-30 14:13:15 +00:00
markj
756d4686b3 Fix an off-by-one error when checking whether a given address is within
the extent of a symbol.

Submitted by:	Prashanth Kumar <pra_udupi@yahoo.co.in>
Reviewed by:	rpaulo
MFC after:	1 week
2013-10-29 03:52:05 +00:00
markj
bb1072d7ef Revert r257248 and fix the problem in a way that doesn't violate style(9).
Suggested by:	jmg
2013-10-29 03:12:31 +00:00
glebius
8ebac90b8a Remove ng_fec(4). 2013-10-28 14:47:33 +00:00
markj
1da863f2b4 Fix the build with gcc. 2013-10-28 12:42:27 +00:00
markj
64b3e71588 Remove an incorrect debug printf. 2013-10-28 01:41:59 +00:00
cognet
59778d65b1 Use the size of the MACHINE_ARCH string instead of sizeof(uint32_t). It can
happen sizeof(MACHINE_ARCH) is more than 4 bytes, and bad things would
happen. This should make the ctors being called again on armeb.
2013-10-27 23:48:59 +00:00
markj
7799e79095 Clean up the debug printing in libproc a bit. In particular:
* Don't print any error messages to stderr unless DEBUG is defined.
* Add a DPRINTFX macro for use when errno isn't set.
* Print the error string from libelf when appropriate.
2013-10-27 20:39:10 +00:00
andrew
6a2adb9b35 Update the hard-float version of the fenv functions to use the VFP unit.
Any other floating-point unit is unsupported on ARM.
2013-10-27 10:44:22 +00:00
eadler
03a9e9340c Mention in login.conf.5 which fields may be infinite and how to specifify infinity.
The number of ways to indicate this confuses people.

PR:		docs/100196
Reported by:	"Dr. Markus Waldeck" <waldeck@gmx.de>
Reported by:	Jamie Landeg Jones <jamie.landeg.jones@gmail.com>
2013-10-27 04:59:18 +00:00
eadler
29be42f32b All man pages refer to FreeBSD so there is no need to mention "In .Fx" 2013-10-27 04:49:40 +00:00
rpaulo
d57a569a3a Set up the /usr/tests hierarchy.
Populate /usr/tests with the only test programs that currently live
in the tree (those in lib/libcrypt/tests/) and add all the build
machinery to accompany this change.

In particular:

- Add a WITHOUT_TESTS variable that users can define to request that
  no tests be put in /usr/tests.
- Add a top-level Kyuafile for /usr/tests and a way to create similar
  Kyuafiles in top-level subdirectories.
- Add a BSD.tests.dist file to define the directory layout of
  /usr/tests.

Submitted by:	Julio Merino jmmv google.com
Reviewed by:	sjg
MFC after:	2 weeks
2013-10-25 05:25:19 +00:00
kib
734382a525 Add a resource limit for the total number of kqueues available to the
user.  Kqueue now saves the ucred of the allocating thread, to
correctly decrement the counter on close.

Under some specific and not real-world use scenario for kqueue, it is
possible for the kqueues to consume memory proportional to the square
of the number of the filedescriptors available to the process.  Limit
allows administrator to prevent the abuse.

This is kernel-mode side of the change, with the user-mode enabling
commit following.

Reported and tested by:	pho
Discussed with:	jmg
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2013-10-21 16:46:12 +00:00
delphij
9b3dfbc250 Drop cm_lock before calling mapper_close, which in turn could call
_citrus_mapper_close again and result in a deadlock otherwise.

This is similar to NetBSD PR/24023 (fixed in their r1.5 of this file).

PR:		bin/182994
Submitted by:	Fabian Keil <fk fabiankeil de>
MFC after:	3 days
2013-10-21 07:58:37 +00:00
jilles
0bad71763f syslog: Use SOCK_CLOEXEC instead of separate fcntl() call. 2013-10-20 21:04:44 +00:00
jilles
dc3e99b30a popen(): Try to prevent inappropriate fd passing even if 'e' is not used.
Even though not all race conditions can be fixed if the 'e' option is not
used, still fix some race conditions using pipe2():

* Prevent both ends of the pipe from leaking to a concurrent popen().

* Prevent the child process's end of the pipe from leaking to any concurrent
  fork and exec.

This change also simplifies the code.
2013-10-20 20:50:17 +00:00
rpaulo
cfe21388ca Clearly split the logic to build ATF and plain tests apart.
This change introduces a new plain.test.mk file that provides the build
infrastructure to build test programs that don't use any framework.
Most of the code previously in bsd.test.mk moves to plain.test.mk and
atf.test.mk is extended with the missing pieces.

In doing so, this change pushes all test program building logic to the
various *.test.mk files instead of trying to reuse some tiny bits.
In fact, this attempt to reuse some definitions makes the code harder
to read and harder to extend.

The clear benefit of this is that the interface of bsd.test.mk is now
clearly delimited.

Submitted by:	Julio Merino jmmv google.com
MFC after:	2 weeks
2013-10-19 06:48:49 +00:00
markj
cc181af35a Fix the libproc build when DEBUG is defined. 2013-10-17 03:39:21 +00:00
neel
75369cb181 Add a new capability, VM_CAP_ENABLE_INVPCID, that can be enabled to expose
'invpcid' instruction to the guest. Currently bhyve will try to enable this
capability unconditionally if it is available.

Consolidate code in bhyve to set the capabilities so it is no longer
duplicated in BSP and AP bringup.

Add a sysctl 'vm.pmap.invpcid_works' to display whether the 'invpcid'
instruction is available.

Reviewed by:	grehan
MFC after:	3 days
2013-10-16 18:20:27 +00:00
delphij
7a806a64ea Make it possible to seek within a gzip stream. 2013-10-16 17:16:40 +00:00
glebius
a87549c49c Revert r256514 for libkvm. It wasn't correct actually and breaks build. 2013-10-15 13:53:35 +00:00
glebius
ce5230d593 Make getutxent(3) more robust against bad utx.log files. Whenever we read
zeroes, don't stop processing the file, but read until its end or valid
data.

In collaboration with:	ed
2013-10-15 13:32:01 +00:00
glebius
53ef73d870 - While we are spreading the counter(9) across network stack, more userland
tools would need to know about the counter_u64_t type. Allow to include
sys/counter.h from userspace.
- Utilize now defined type in kvm_counter_u64_fetch().

Sponsored by:	Netflix
Sponsored by:	Nginx, Inc.
2013-10-15 10:05:37 +00:00
bdrewery
ae7fa1acd1 Rename libbsdyml to libyaml, make private, and bump
SHLIB_MAJOR to 1.0

Suggested by:	des
Approved by:	bapt
MFC after:	1 week
2013-10-14 18:31:15 +00:00
rpaulo
650bab0fa9 Remove most of the ATF tools and the _atf user.
This is necessary because ATF is deprecated and it will be replaced by Kyua.

Submitted by:	jmmv@netbsd.org
Reviewed by:	Garrett Cooper
Approved by:	re
2013-10-12 06:06:53 +00:00
dim
bde695ba4c Bump OS versions in the toolchain triples to 11.0, and bump the
__FreeBSD_cc_version predefined macros in clang and gcc.

Approved by:	re (gjb)
2013-10-10 20:47:11 +00:00
kan
0f43811dc1 Unbreak zfsloader with LOADER_TFTP_SUPPORT on
Only accept 'net' and 'pxe' devices as underlying transport
in tftp.c on x86. Prior to this change tftp code would attempt
to send packets over any boot device, including zfs one with
predictably sad results.

Approved by: re (gjb)
MFC After: 1 month
2013-10-09 21:33:19 +00:00
pjd
4ab5163697 Handle the cases where NULL is passed as cap_rightsp to the
filestat_new_entry() function.

Reported by:	Alex Kozlov <spam@rm-rf.kiev.ua>
Approved by:	re (gjb)
2013-10-09 20:58:50 +00:00
neel
f9f9a7e617 Parse the memory size parameter using expand_number() to allow specifying
the memory size more intuitively (e.g. 512M, 4G etc).

Submitted by:	rodrigc
Reviewed by:	grehan
Approved by:	re (blanket)
2013-10-09 03:56:07 +00:00
jmg
ec9fa283ad don't assert on bad args, instead return an error..
Since so many programs don't check return value, always NUL terminate
the buf...

fix rounding when using base 1024 (the bug that started it all)...

add a set of test cases so we can make sure that things don't break
in the future...

Thanks to Clifton Royston for testing and the test program...

Approved by:	re (hrs, glebius)
MFC after:	1 week
2013-10-07 22:22:57 +00:00
neel
aed205d5cd Merge projects/bhyve_npt_pmap into head.
Make the amd64/pmap code aware of nested page table mappings used by bhyve
guests. This allows bhyve to associate each guest with its own vmspace and
deal with nested page faults in the context of that vmspace. This also
enables features like accessed/dirty bit tracking, swapping to disk and
transparent superpage promotions of guest memory.

Guest vmspace:
Each bhyve guest has a unique vmspace to represent the physical memory
allocated to the guest. Each memory segment allocated by the guest is
mapped into the guest's address space via the 'vmspace->vm_map' and is
backed by an object of type OBJT_DEFAULT.

pmap types:
The amd64/pmap now understands two types of pmaps: PT_X86 and PT_EPT.

The PT_X86 pmap type is used by the vmspace associated with the host kernel
as well as user processes executing on the host. The PT_EPT pmap is used by
the vmspace associated with a bhyve guest.

Page Table Entries:
The EPT page table entries as mostly similar in functionality to regular
page table entries although there are some differences in terms of what
bits are used to express that functionality. For e.g. the dirty bit is
represented by bit 9 in the nested PTE as opposed to bit 6 in the regular
x86 PTE. Therefore the bitmask representing the dirty bit is now computed
at runtime based on the type of the pmap. Thus PG_M that was previously a
macro now becomes a local variable that is initialized at runtime using
'pmap_modified_bit(pmap)'.

An additional wrinkle associated with EPT mappings is that older Intel
processors don't have hardware support for tracking accessed/dirty bits in
the PTE. This means that the amd64/pmap code needs to emulate these bits to
provide proper accounting to the VM subsystem. This is achieved by using
the following mapping for EPT entries that need emulation of A/D bits:
               Bit Position           Interpreted By
PG_V               52                 software (accessed bit emulation handler)
PG_RW              53                 software (dirty bit emulation handler)
PG_A               0                  hardware (aka EPT_PG_RD)
PG_M               1                  hardware (aka EPT_PG_WR)

The idea to use the mapping listed above for A/D bit emulation came from
Alan Cox (alc@).

The final difference with respect to x86 PTEs is that some EPT implementations
do not support superpage mappings. This is recorded in the 'pm_flags' field
of the pmap.

TLB invalidation:
The amd64/pmap code has a number of ways to do invalidation of mappings
that may be cached in the TLB: single page, multiple pages in a range or the
entire TLB. All of these funnel into a single EPT invalidation routine called
'pmap_invalidate_ept()'. This routine bumps up the EPT generation number and
sends an IPI to the host cpus that are executing the guest's vcpus. On a
subsequent entry into the guest it will detect that the EPT has changed and
invalidate the mappings from the TLB.

Guest memory access:
Since the guest memory is no longer wired we need to hold the host physical
page that backs the guest physical page before we can access it. The helper
functions 'vm_gpa_hold()/vm_gpa_release()' are available for this purpose.

PCI passthru:
Guest's with PCI passthru devices will wire the entire guest physical address
space. The MMIO BAR associated with the passthru device is backed by a
vm_object of type OBJT_SG. An IOMMU domain is created only for guest's that
have one or more PCI passthru devices attached to them.

Limitations:
There isn't a way to map a guest physical page without execute permissions.
This is because the amd64/pmap code interprets the guest physical mappings as
user mappings since they are numerically below VM_MAXUSER_ADDRESS. Since PG_U
shares the same bit position as EPT_PG_EXECUTE all guest mappings become
automatically executable.

Thanks to Alan Cox and Konstantin Belousov for their rigorous code reviews
as well as their support and encouragement.

Thanks for John Baldwin for reviewing the use of OBJT_SG as the backing
object for pci passthru mmio regions.

Special thanks to Peter Holm for testing the patch on short notice.

Approved by:	re
Discussed with:	grehan
Reviewed by:	alc, kib
Tested by:	pho
2013-10-05 21:22:35 +00:00
jilles
b6f424e548 accept(2): Update portability note for accept4().
The accept(2) man page warns that O_NONBLOCK and other properties on the
new socket may vary across implementations. However, this issue only
applies to accept() and not to accept4(). On the other hand, accept4()
is not commonly available yet.

Reported by:	pluknet
Reviewed by:	bjk
Approved by:	re (kib)
2013-10-01 21:17:18 +00:00
des
aa2e4b623c Remove BIND.
Approved by:	re (gjb)
2013-09-30 17:23:45 +00:00
delphij
de2d546a38 Temporarily disable iconv for non-shared library builds. The dynamic
loading of conversation table is not yet compatible with static builds.

Approved by:	re (gjb)
2013-09-26 17:55:36 +00:00
delphij
74e37edc35 Import NetBSD readline.c,v 1.104: do not crash with add_history(NULL).
MFC after:	3 days
Approved by:	re (gjb)
2013-09-26 17:54:58 +00:00
andrew
9439877e98 Add an elf note on ARM to store the MACHINE_ARCH an executable was built
for. This is useful for software needing to know which architecture a
binary is built for as arm and armv6 have slight differences meaning only
some binaries build for one will work as expected on the other. It is
expected pkgng will be able to make use of this to simplify the logic to
determine which package ABI to use.

Approved by:	re (kib)
2013-09-26 07:53:18 +00:00
emaste
51ba585f88 Add LLDB bmake infrastructure
This connects LLDB to the build, but it is disabled by default.  Add
WITH_LLDB= to src.conf to build it.

Note that LLDB requires a C++11 compiler so is disabled on platforms
using GCC.

Approved by:	re (gjb)
Sponsored by:	DARPA, AFRL
2013-09-20 01:52:02 +00:00
joel
bd6ef8adfa Minor mdoc improvements.
Approved by:	re (blanket)
2013-09-19 19:43:38 +00:00
jhb
d3ef75b6c7 Extend the support for exempting processes from being killed when swap is
exhausted.
- Add a new protect(1) command that can be used to set or revoke protection
  from arbitrary processes.  Similar to ktrace it can apply a change to all
  existing descendants of a process as well as future descendants.
- Add a new procctl(2) system call that provides a generic interface for
  control operations on processes (as opposed to the debugger-specific
  operations provided by ptrace(2)).  procctl(2) uses a combination of
  idtype_t and an id to identify the set of processes on which to operate
  similar to wait6().
- Add a PROC_SPROTECT control operation to manage the protection status
  of a set of processes.  MADV_PROTECT still works for backwards
  compatability.
- Add a p_flag2 to struct proc (and a corresponding ki_flag2 to kinfo_proc)
  the first bit of which is used to track if P_PROTECT should be inherited
  by new child processes.

Reviewed by:	kib, jilles (earlier version)
Approved by:	re (delphij)
MFC after:	1 month
2013-09-19 18:53:42 +00:00
tuexen
0524de64dc Remove an unused variable and fix a memory leak in sctp_connectx().
Approved by:	re (gjb)
MFC after:	3 days
2013-09-19 06:19:24 +00:00
des
3d9cc85dd7 Move libldns to the correct (ordered) library list.
Approved by:	re (blanket)
2013-09-15 15:55:21 +00:00
des
ea05e625ec Build and install the Unbound caching DNS resolver daemon.
Approved by:	re (blanket)
2013-09-15 14:51:23 +00:00
dim
2bafcef1c8 After r255294, building lib/msun's symbol map (using clang as the
preprocessor) gives the following error:

--- Version.map ---
<stdin>:287:4: error: invalid preprocessing directive
        # Implemented as weak aliases for imprecise versions
          ^
1 error generated.

Change the comment to a C-style one, to prevent this error.

Approved by:	re (hrs)
2013-09-12 20:51:48 +00:00
bdrewery
b3237a11f6 Consistently reference file descriptors as "fd". 55 other manpages
used "fd", while these used "d" and "filedes".

MFC after:	1 week
Approved by:	gjb
Approved by:	re (delphij)
2013-09-12 00:53:38 +00:00
jhb
04bb6e10cd Add a mmap flag (MAP_32BIT) on 64-bit platforms to request that a mapping use
an address in the first 2GB of the process's address space.  This flag should
have the same semantics as the same flag on Linux.

To facilitate this, add a new parameter to vm_map_find() that specifies an
optional maximum virtual address.  While here, fix several callers of
vm_map_find() to use a VMFS_* constant for the findspace argument instead of
TRUE and FALSE.

Reviewed by:	alc
Approved by:	re (kib)
2013-09-09 18:11:59 +00:00
des
2b94dc11fa LDNS needs OpenSSL. This wasn't a problem as long as it was only build
statically, since any program using it would have to link with it anyway.

Approved by:	re (blanket)
2013-09-08 19:39:18 +00:00
des
aba57138f9 Make libldns and libssh private.
Approved by:	re (blanket)
2013-09-08 10:04:26 +00:00
des
6a7561b73b Update to OpenPAM Nummularia. 2013-09-07 19:43:39 +00:00
des
e50a38ba7d MFV (r255364): move the code around in preparation for Nummularia. 2013-09-07 18:46:35 +00:00
des
338d7c2adb Vendor import of OpenPAM Nummularia.. 2013-09-07 16:15:30 +00:00
des
e86dd36ab2 Prepare for OpenPAM Nummularia by reorganizing to match its new directory
structure.
2013-09-07 16:10:15 +00:00
andrew
59c30969f9 On ARM EABI double precision floating point values are stored in the
endian the CPU is in, i.e. little-endian on most ARM cores.

This allows ARMv4 and ARMv5 boards to boot with the ARM EABI.
2013-09-07 14:04:10 +00:00
jilles
eb5a66191b wait(2): Add some possible caveats to standards section. 2013-09-07 11:41:52 +00:00
jilles
979e7776c1 libc: Make resolver sockets close-on-exec (SOCK_CLOEXEC).
Although the resolver's sockets are exposed to applications via res_state,
I do not expect them to pass the sockets across execve().
2013-09-06 23:49:54 +00:00
jilles
a0c0abfff1 libc: Use SOCK_CLOEXEC for various internal file descriptors.
This change avoids undesirably passing some internal file descriptors to a
process created (fork+exec) by another thread.

Kernel support for SOCK_CLOEXEC was added in r248534, March 19, 2013.
2013-09-06 21:02:06 +00:00
jilles
68907dc598 libc/stdio: Allow fopen/freopen modes in any order (except initial r/w/a).
Austin Group issue #411 requires 'e' to be accepted before and after 'x',
and encourages accepting the characters in any order, except the initial
'r', 'w' or 'a'.

Given that glibc accepts the characters after r/w/a in any order and that
diagnosing this problem may be hard, change our libc to behave that way as
well.
2013-09-06 13:47:16 +00:00
theraven
63750491ac Use Makefile.inc instead of .export. 2013-09-06 10:40:38 +00:00
theraven
c04dfb0b19 Fix the namespace pollution caused by iconv.h including stdbool.h
This broke any C89 ports that defined bool themselves, including things
like gcc, gtk, and so on.
2013-09-06 09:46:44 +00:00
jilles
178dd060a8 Update some signal man pages for multithreading. 2013-09-06 09:08:40 +00:00
theraven
c8fcb04ad9 Add stub implementations of the missing C++11 math functions.
These are weak and so can be replaced by other versions in applications
that choose to do so, and will give a linker warning when used so that
applications that rely on the extra precision can avoid them.

Note that since the C/C++ specs only guarantee that long double has
precision equal to double, code that actually relies on these functions
having greater precision is unportable at best and broken at worst.
2013-09-06 07:58:23 +00:00
hselasky
d2f07e2fda Correct two comments. 2013-09-05 12:21:11 +00:00
pjd
029a6f5d92 Change the cap_rights_t type from uint64_t to a structure that we can extend
in the future in a backward compatible (API and ABI) way.

The cap_rights_t represents capability rights. We used to use one bit to
represent one right, but we are running out of spare bits. Currently the new
structure provides place for 114 rights (so 50 more than the previous
cap_rights_t), but it is possible to grow the structure to hold at least 285
rights, although we can make it even larger if 285 rights won't be enough.

The structure definition looks like this:

	struct cap_rights {
		uint64_t	cr_rights[CAP_RIGHTS_VERSION + 2];
	};

The initial CAP_RIGHTS_VERSION is 0.

The top two bits in the first element of the cr_rights[] array contain total
number of elements in the array - 2. This means if those two bits are equal to
0, we have 2 array elements.

The top two bits in all remaining array elements should be 0.
The next five bits in all array elements contain array index. Only one bit is
used and bit position in this five-bits range defines array index. This means
there can be at most five array elements in the future.

To define new right the CAPRIGHT() macro must be used. The macro takes two
arguments - an array index and a bit to set, eg.

	#define	CAP_PDKILL	CAPRIGHT(1, 0x0000000000000800ULL)

We still support aliases that combine few rights, but the rights have to belong
to the same array element, eg:

	#define	CAP_LOOKUP	CAPRIGHT(0, 0x0000000000000400ULL)
	#define	CAP_FCHMOD	CAPRIGHT(0, 0x0000000000002000ULL)

	#define	CAP_FCHMODAT	(CAP_FCHMOD | CAP_LOOKUP)

There is new API to manage the new cap_rights_t structure:

	cap_rights_t *cap_rights_init(cap_rights_t *rights, ...);
	void cap_rights_set(cap_rights_t *rights, ...);
	void cap_rights_clear(cap_rights_t *rights, ...);
	bool cap_rights_is_set(const cap_rights_t *rights, ...);

	bool cap_rights_is_valid(const cap_rights_t *rights);
	void cap_rights_merge(cap_rights_t *dst, const cap_rights_t *src);
	void cap_rights_remove(cap_rights_t *dst, const cap_rights_t *src);
	bool cap_rights_contains(const cap_rights_t *big, const cap_rights_t *little);

Capability rights to the cap_rights_init(), cap_rights_set(),
cap_rights_clear() and cap_rights_is_set() functions are provided by
separating them with commas, eg:

	cap_rights_t rights;

	cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FSTAT);

There is no need to terminate the list of rights, as those functions are
actually macros that take care of the termination, eg:

	#define	cap_rights_set(rights, ...)				\
		__cap_rights_set((rights), __VA_ARGS__, 0ULL)
	void __cap_rights_set(cap_rights_t *rights, ...);

Thanks to using one bit as an array index we can assert in those functions that
there are no two rights belonging to different array elements provided
together. For example this is illegal and will be detected, because CAP_LOOKUP
belongs to element 0 and CAP_PDKILL to element 1:

	cap_rights_init(&rights, CAP_LOOKUP | CAP_PDKILL);

Providing several rights that belongs to the same array's element this way is
correct, but is not advised. It should only be used for aliases definition.

This commit also breaks compatibility with some existing Capsicum system calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.

Sponsored by:	The FreeBSD Foundation
2013-09-05 00:09:56 +00:00
theraven
8b9f5e4153 Add a c++/v1/tr1 include directory containing symlinks to all of the standard
headrs.

Lots of third-party code expects to find C++03 headers under tr1 because that's
where GNU decided to hide them.  This should fix ports that expect them there.

MFC after:	1 week
2013-09-04 15:02:14 +00:00
emaste
4f53813f88 Connect libexecinfo to the build
Sponsored by:	DARPA, AFRL
2013-09-03 15:22:04 +00:00
emaste
4bfbadb2b3 Don't install private libexecinfo headers 2013-09-03 13:31:43 +00:00
rwatson
e6c5cc6ac3 Document SIGLIBRT in signal(3); take a stab at the signal description as
the original committer didn't provide one.

MFC after:	3 days
2013-09-03 08:19:06 +00:00
emaste
d5b6a7dd6b libexecinfo compatibility with devel/libexecinfo port
1. Match shlib number
2. Add libelf dependency

Suggested by: bapt[1]
2013-09-02 12:37:33 +00:00
jilles
73eea4eee6 system(): Restore behaviour for SIGINT and SIGQUIT.
As mentioned in r16117 and the book "Advanced Programming in the Unix
Environment" by W. Richard Stevens, we should ignore SIGINT and SIGQUIT
before forking, since it is not guaranteed that the parent process starts
running soon enough.

To avoid calling sigaction() in the vforked child, instead block SIGINT and
SIGQUIT before vfork() and keep the sigaction() to ignore after vfork(). The
FreeBSD kernel discards ignored signals, even if they are blocked;
therefore, it is not necessary to unblock SIGINT and SIGQUIT earlier.
2013-09-01 19:59:54 +00:00
jilles
ee4b8e07a8 libc: Always use our own copy of sys_errlist and sys_nerr (.so only).
This ensures strerror() and friends continue to work correctly even if a
(non-PIE) executable linked against an older libc imports sys_errlist (which
causes sys_errlist to refer to the executable's copy with a size fixed when
that executable was linked).

The executable's use of sys_errlist remains broken because it uses the
current value of sys_nerr and may access past the bounds of the array.

Different from the message "Using sys_errlist from executables is not
ABI-stable" on freebsd-arch, this change does not affect the static library.
There seems no reason to prevent overriding the error messages in the static
library.
2013-08-31 22:32:42 +00:00
andrew
8190b13763 Add support to the ARM platform specific section types. 2013-08-31 18:13:20 +00:00
theraven
3b54dfb62d Unconditionally compile the __sync_* atomics support functions into compiler-rt
for ARM.
This is quite ugly, because it has to work around a clang bug that does not
allow built-in functions to be defined, even when they're ones that are
expected to be built as part of a library.

Reviewed by:	ed
2013-08-31 08:50:45 +00:00
pluknet
0030cdac07 The round of expand_number() cleanups.
o Fix range error checking to detect overflow when uint64_t < uintmax_t.
o Remove a non-functional check for no valid digits as pointed out by Bruce.
o Remove a rather pointless comment describing what the function does.
o Clean up a bunch of style bugs.

Brucified by:	bde
2013-08-30 11:21:52 +00:00
jilles
baaacfdc28 libutil: Use O_CLOEXEC for internal file descriptors from open(). 2013-08-28 21:10:37 +00:00
rwatson
1dbe7f4b10 Xref capsicum(4) and procdesc(4) from pdfork(2).
Suggested by:	sbruno
MFC after:	3 days
2013-08-28 20:00:25 +00:00
kargl
0c40bd77af * Whitespace. 2013-08-28 16:59:55 +00:00
jilles
d4eb686387 wordexp(): Avoid leaking the pipe file descriptors to a parallel fork/exec.
This uses the new pipe2() system call added on May 1 (r250159).
2013-08-27 21:47:01 +00:00
kargl
71c97bf245 * s_erf.c:
. Use integer literal constants instead of double literal constants.

* s_erff.c:
  . Use integer literal constants instead of casting double literal
    constants to float.
  . Update the threshold values from those carried over from erf() to
    values appropriate for float.
  . New sets of polynomial coefficients for the rational approximations.
    These coefficients have little, but positive, effect on the maximum
    error in ULP in the four intervals, but do improve the overall
    speed of execution.
  . Remove redundant GET_FLOAT_WORD(ix,x) as hx already contained the
    contents that is packed into ix.
  . Update the mask that is used to zero-out lower-order bits in x in
    the intervals [1.25, 2.857143] and [2.857143, 12].  In tests on
    amd64, this change improves the maximum error in ULP from 6.27739
    and 63.8095 to 3.16774 and 2.92095 on these intervals for erffc().

Reviewed by:	bde
2013-08-27 19:46:56 +00:00
will
7c6cb741cf Make the PAM password strength checking module WARNS=2 safe.
lib/libpam/modules/pam_passwdqc/Makefile:
	Bump WARNS to 2.

contrib/pam_modules/pam_passwdqc/pam_passwdqc.c:
	Bump  _XOPEN_SOURCE and _XOPEN_VERSION from 500 to 600
	so that vsnprint() is declared.

	Use the two new union types (pam_conv_item_t and
	pam_text_item_t) to resolve strict aliasing violations
	caused by casts to comply with the pam_get_item() API taking
	a "const void **" for all item types.  Warnings are
	generated for casts that create "type puns" (pointers of
	conflicting sized types that are set to access the same
	memory location) since these pointers may be used in ways
	that violate C's strict aliasing rules.  Casts to a new
	type must be performed through a union in order to be
	compliant, and access must be performed through only one
	of the union's data types during the lifetime of the union
	instance.  Handle strict-aliasing warnings through pointer
	assignments, which drastically simplifies this change.

	Correct a CLANG "printf-like function with more arguments
	than format" error.

Submitted by:	gibbs
Sponsored by:	Spectra Logic
2013-08-27 15:50:26 +00:00
emaste
01af225f38 Add libexecinfo Makefile
Sponsored by:	DARPA, AFRL
2013-08-23 14:31:05 +00:00
jilles
ea95259d98 libc: Access some unexported variables more efficiently (related to stdio). 2013-08-23 14:23:54 +00:00
jilles
d2eb50cd0c libc: Make various internal file descriptors from fopen() close-on-exec. 2013-08-23 13:59:47 +00:00
joel
08d86e8646 Remove EOL whitespace. 2013-08-22 16:02:20 +00:00
erwin
6a288ef517 Update Bind to 9.9.3-P2
Notable new features:

*  Elliptic Curve Digital Signature Algorithm keys and signatures in
   DNSSEC are now supported per RFC 6605. [RT #21918]

*  Introduces a new tool "dnssec-verify" that validates a signed zone,
   checking for the correctness of signatures and NSEC/NSEC3 chains.
   [RT #23673]

*  BIND now recognizes the TLSA resource record type, created to
   support IETF DANE (DNS-based Authentication of Named Entities)
   [RT #28989]

*  The new "inline-signing" option, in combination with the
   "auto-dnssec" option that was introduced in BIND 9.7, allows
   named to sign zones completely transparently.

Approved by:	delphij (mentor)
MFC after:	3 days
Sponsored by:	DK Hostmaster A/S
2013-08-22 08:15:03 +00:00
des
0b46e38a09 Even though it doesn't really make sense in the context of a CONNECT
request, RFC 2616 14.23 mandates the presence of the Host: header in
all HTTP 1.1 requests.

PR:		kern/181445
Submitted by:	Kimo <kimor79@yahoo.com>
MFC after:	3 days
2013-08-22 07:43:36 +00:00
ken
c7af094e18 Expand the use of stat(2) flags to allow storing some Windows/DOS
and CIFS file attributes as BSD stat(2) flags.

This work is intended to be compatible with ZFS, the Solaris CIFS
server's interaction with ZFS, somewhat compatible with MacOS X,
and of course compatible with Windows.

The Windows attributes that are implemented were chosen based on
the attributes that ZFS already supports.

The summary of the flags is as follows:

UF_SYSTEM:	Command line name: "system" or "usystem"
		ZFS name: XAT_SYSTEM, ZFS_SYSTEM
		Windows: FILE_ATTRIBUTE_SYSTEM

		This flag means that the file is used by the
		operating system.  FreeBSD does not enforce any
		special handling when this flag is set.

UF_SPARSE:	Command line name: "sparse" or "usparse"
		ZFS name: XAT_SPARSE, ZFS_SPARSE
		Windows: FILE_ATTRIBUTE_SPARSE_FILE

		This flag means that the file is sparse.  Although
		ZFS may modify this in some situations, there is
		not generally any special handling for this flag.

UF_OFFLINE:	Command line name: "offline" or "uoffline"
		ZFS name: XAT_OFFLINE, ZFS_OFFLINE
		Windows: FILE_ATTRIBUTE_OFFLINE

		This flag means that the file has been moved to
		offline storage.  FreeBSD does not have any special
		handling for this flag.

UF_REPARSE:	Command line name: "reparse" or "ureparse"
		ZFS name: XAT_REPARSE, ZFS_REPARSE
		Windows: FILE_ATTRIBUTE_REPARSE_POINT

		This flag means that the file is a Windows reparse
		point.  ZFS has special handling code for reparse
		points, but we don't currently have the other
		supporting infrastructure for them.

UF_HIDDEN:	Command line name: "hidden" or "uhidden"
		ZFS name: XAT_HIDDEN, ZFS_HIDDEN
		Windows: FILE_ATTRIBUTE_HIDDEN

		This flag means that the file may be excluded from
		a directory listing if the application honors it.
		FreeBSD has no special handling for this flag.

		The name and bit definition for UF_HIDDEN are
		identical to the definition in MacOS X.

UF_READONLY:	Command line name: "urdonly", "rdonly", "readonly"
		ZFS name: XAT_READONLY, ZFS_READONLY
		Windows: FILE_ATTRIBUTE_READONLY

		This flag means that the file may not written or
		appended, but its attributes may be changed.

		ZFS currently enforces this flag, but Illumos
		developers have discussed disabling enforcement.

		The behavior of this flag is different than MacOS X.
		MacOS X uses UF_IMMUTABLE to represent the DOS
		readonly permission, but that flag has a stronger
		meaning than the semantics of DOS readonly permissions.

UF_ARCHIVE:	Command line name: "uarch", "uarchive"
		ZFS_NAME: XAT_ARCHIVE, ZFS_ARCHIVE
		Windows name: FILE_ATTRIBUTE_ARCHIVE

		The UF_ARCHIVED flag means that the file has changed and
		needs to be archived.  The meaning is same as
		the Windows FILE_ATTRIBUTE_ARCHIVE attribute, and
		the ZFS XAT_ARCHIVE and ZFS_ARCHIVE attribute.

		msdosfs and ZFS have special handling for this flag.
		i.e. they will set it when the file changes.

sys/param.h:		Bump __FreeBSD_version to 1000047 for the
			addition of new stat(2) flags.

chflags.1:		Document the new command line flag names
			(e.g. "system", "hidden") available to the
			user.

ls.1:			Reference chflags(1) for a list of file flags
			and their meanings.

strtofflags.c:		Implement the mapping between the new
			command line flag names and new stat(2)
			flags.

chflags.2:		Document all of the new stat(2) flags, and
			explain the intended behavior in a little
			more detail.  Explain how they map to
			Windows file attributes.

			Different filesystems behave differently
			with respect to flags, so warn the
			application developer to take care when
			using them.

zfs_vnops.c:		Add support for getting and setting the
			UF_ARCHIVE, UF_READONLY, UF_SYSTEM, UF_HIDDEN,
			UF_REPARSE, UF_OFFLINE, and UF_SPARSE flags.

			All of these flags are implemented using
			attributes that ZFS already supports, so
			the on-disk format has not changed.

			ZFS currently doesn't allow setting the
			UF_REPARSE flag, and we don't really have
			the other infrastructure to support reparse
			points.

msdosfs_denode.c,
msdosfs_vnops.c:	Add support for getting and setting
			UF_HIDDEN, UF_SYSTEM and UF_READONLY
			in MSDOSFS.

			It supported SF_ARCHIVED, but this has been
			changed to be UF_ARCHIVE, which has the same
			semantics as the DOS archive attribute instead
			of inverse semantics like SF_ARCHIVED.

			After discussion with Bruce Evans, change
			several things in the msdosfs behavior:

			Use UF_READONLY to indicate whether a file
			is writeable instead of file permissions, but
			don't actually enforce it.

			Refuse to change attributes on the root
			directory, because it is special in FAT
			filesystems, but allow most other attribute
			changes on directories.

			Don't set the archive attribute on a directory
			when its modification time is updated.
			Windows and DOS don't set the archive attribute
			in that scenario, so we are now bug-for-bug
			compatible.

smbfs_node.c,
smbfs_vnops.c:		Add support for UF_HIDDEN, UF_SYSTEM,
			UF_READONLY and UF_ARCHIVE in SMBFS.

			This is similar to changes that Apple has
			made in their version of SMBFS (as of
			smb-583.8, posted on opensource.apple.com),
			but not quite the same.

			We map SMB_FA_READONLY to UF_READONLY,
			because UF_READONLY is intended to match
			the semantics of the DOS readonly flag.
			The MacOS X code maps both UF_IMMUTABLE
			and SF_IMMUTABLE to SMB_FA_READONLY, but
			the immutable flags have stronger meaning
			than the DOS readonly bit.

stat.h:			Add definitions for UF_SYSTEM, UF_SPARSE,
			UF_OFFLINE, UF_REPARSE, UF_ARCHIVE, UF_READONLY
			and UF_HIDDEN.

			The definition of UF_HIDDEN is the same as
			the MacOS X definition.

			Add commented-out definitions of
			UF_COMPRESSED and UF_TRACKED.  They are
			defined in MacOS X (as of 10.8.2), but we
			do not implement them (yet).

ufs_vnops.c:		Add support for getting and setting
			UF_ARCHIVE, UF_HIDDEN, UF_OFFLINE, UF_READONLY,
			UF_REPARSE, UF_SPARSE, and UF_SYSTEM in UFS.
			Alphabetize the flags that are supported.

			These new flags are only stored, UFS does
			not take any action if the flag is set.

Sponsored by:	Spectra Logic
Reviewed by:	bde (earlier version)
2013-08-21 23:04:48 +00:00
pluknet
96dfe577d2 Reset errno before strtoumax() call to properly detect ERANGE.
Restore saved errno if strtoumax() call is successful.

Reported by:	ache
Reviewed by:	jilles
MFC after:	1 week
2013-08-21 22:37:15 +00:00
pluknet
fd7d22e698 Check strtoumax(3) for ERANGE in case of non-prefixed string.
OK'd by:	silence on current@
MFC after:	1 week
2013-08-21 16:46:06 +00:00
pjd
b717fb9f08 Implement fdclosedir(3) function, which is equivalent to the closedir(3)
function, but returns directory file descriptor instead of closing it.

Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
2013-08-18 20:11:34 +00:00
pjd
ab20de7f07 Remove redundant space. 2013-08-18 20:06:35 +00:00
jilles
836cb97bd1 dup3(3): Replace copyright notice.
Although I copied dup(2) to create dup3(3), I removed almost all the
non-boilerplate, so dup3(3) is copyright me.

Reported by:	bjk
2013-08-18 13:25:18 +00:00
pjd
76babb36d9 Consistently use 'af' as an argument name for address family.
Now both gethostbyname2(3) and gethostbyaddr(3) use the same argument name.
The same argument name is also used in implementations of those functions.
2013-08-18 10:38:59 +00:00
pjd
6e8f2d8487 Make example more correct (errstr is a pointer, not boolean). 2013-08-18 10:33:46 +00:00
jilles
fd29e78a68 libc: Access _logname_valid more efficiently.
The variable _logname_valid is not exported via the version script;
therefore, change C and i386/amd64 assembler code to remove indirection
(which allowed interposition). This makes the code slightly smaller and
faster.

Also, remove #define PIC_GOT from i386/amd64 in !PIC mode. Without PIC,
there is no place containing the address of each variable, so there is no
possible definition for PIC_GOT.
2013-08-17 19:24:58 +00:00
pjd
ac8f6c2ee4 Correct function name and return value. 2013-08-17 14:55:31 +00:00
andrew
7bf16ad3f2 Ensure we set all fpu registers to zero by using the address and size of
the union over one of its members.
2013-08-17 14:42:40 +00:00
jhb
3bfcb89de4 Add new mmap(2) flags to permit applications to request specific virtual
address alignment of mappings.
- MAP_ALIGNED(n) requests a mapping aligned on a boundary of (1 << n).
  Requests for n >= number of bits in a pointer or less than the size of
  a page fail with EINVAL.  This matches the API provided by NetBSD.
- MAP_ALIGNED_SUPER is a special case of MAP_ALIGNED.  It can be used
  to optimize the chances of using large pages.  By default it will align
  the mapping on a large page boundary (the system is free to choose any
  large page size to align to that seems best for the mapping request).
  However, if the object being mapped is already using large pages, then
  it will align the virtual mapping to match the existing large pages in
  the object instead.
- Internally, VMFS_ALIGNED_SPACE is now renamed to VMFS_SUPER_SPACE, and
  VMFS_ALIGNED_SPACE(n) is repurposed for specifying a specific alignment.
  MAP_ALIGNED(n) maps to using VMFS_ALIGNED_SPACE(n), while
  MAP_ALIGNED_SUPER maps to VMFS_SUPER_SPACE.
- mmap() of a device object now uses VMFS_OPTIMAL_SPACE rather than
  explicitly using VMFS_SUPER_SPACE.  All device objects are forced to
  use a specific color on creation, so VMFS_OPTIMAL_SPACE is effectively
  equivalent.

Reviewed by:	alc
MFC after:	1 month
2013-08-16 21:13:55 +00:00
jilles
a43a1c528c pselect(2): Add xref to sigsuspend(2). 2013-08-16 14:06:29 +00:00
jilles
1c4bb0bb48 Add man page dup3(3). 2013-08-16 13:16:27 +00:00
jilles
020684e443 Add dup3(), based on F_DUP2FD and F_DUP2FD_CLOEXEC fcntls.
I removed functionality not proposed for POSIX in Austin group issue #411.
A man page (my own) and test cases will follow in later commits.

PR:		176233
Submitted by:	Jukka Ukkonen
2013-08-16 13:10:30 +00:00
des
5e5b39c47e GC unused source file. 2013-08-16 10:53:36 +00:00
jilles
bdb743702f sigsuspend(2): Add xrefs to pselect(2) and sigwait-alikes. 2013-08-15 22:33:27 +00:00
erwin
f32b4abce9 Vendor import of Bind 9.9.3-P2
Approved by:	 delphij (mentor, implicit)
Sponsored by:	DK Hostmaster A/S
2013-08-14 11:10:02 +00:00
jilles
e3e0bd874e libc: Use O_CLOEXEC when writing gmon files (cc -pg). 2013-08-13 21:45:48 +00:00
peter
4fb136d770 vfork(2) was listed as deprecated in 1994 (r1573) and was the false
reports of its impending demise were removed in 2009 (r199257).

However, in 1996 (r16117) system(3) was switched from vfork(2) to
fork(2) based partly on this.  Switch back to vfork(2).  This has a
dramatic effect in cases of extreme mmap use - such as excessive
abuse (500+) of shared libraries.

popen(3) has used vfork(2) for a while.  vfork(2) isn't going anywhere.
2013-08-13 20:38:55 +00:00
jilles
9381206c83 db: Use O_CLOEXEC instead of separate fcntl() call. 2013-08-13 19:20:50 +00:00
peter
39612cec78 Expose _citrus_bcs_trunc_rws_len for libintl's use.
Submitted by:	Jan Beich <jbeich@tormail.org>
2013-08-13 18:14:53 +00:00
peter
f5e56f1d52 Turn off warns for this do-nothing file. clang noticed. 2013-08-13 08:12:57 +00:00
peter
995e1f0063 The iconv in libc did two things - implement the standard APIs, the GNU
extensions and also tried to be link time compatible with ports libiconv.
This splits that functionality and enables the parts that shouldn't
interfere with the port by default.

WITH_ICONV (now on by default) - adds iconv.h, iconv_open(3) etc.
WITH_LIBICONV_COMPAT (off by default) adds the libiconv_open etc API, linker
symbols and even a stub libiconv.so.3 that are good enough to be able
to 'pkg delete -f libiconv' on a running system and reasonably expect it
to work.

I have tortured many machines over the last few days to try and reduce
the possibilities of foot-shooting as much as I can.  I've successfully
recompiled to enable and disable the libiconv_compat modes, ports that use
libiconv alongside system iconv etc.  If you don't enable the
WITH_LIBICONV_COMPAT switch, they don't share symbol space.

This is an extension of behavior on other system.  iconv(3) is a standard
libc interface and libiconv port expects to be able to run alongside it on
systems that have it.

Bumped osreldate.
2013-08-13 07:15:01 +00:00
jilles
3bf0adb320 db/hash: Use O_CLOEXEC instead of separate fcntl() call.
In particular, a hash db is used by getpwnam() and getpwuid().

MFC after:	1 week
2013-08-11 15:38:48 +00:00
rpaulo
29e6d17ad1 Fix the return value when we found a symbol in .dynstr. This nasty bug was
preventing a lot of symbol lookups in dtruss -s, for example.
2013-08-10 07:39:15 +00:00
jilles
2895e1352c Add mkostemp() and mkostemps().
These are like mkstemp() and mkstemps() but allow passing open(2) flags like
O_CLOEXEC.
2013-08-09 17:24:23 +00:00
ache
0a3b2e376d According to POSIX \ in the fnmatch(3) pattern should escape
any character including '\0', but our version replace escaped '\0'
with '\\'.
I.e. fnmatch("\\", "\\", 0) should not match while fnmatch("\\", "", 0)
should (Linux and NetBSD does the same). Was vice versa.

PR:     181129
MFC after:      1 week
2013-08-08 09:04:02 +00:00
peter
4f61f84d69 Our libc iconv (unlike gnu iconv and the citrus code in NetBSD) has a
bypass mode when src == dst.  Unfortunately, there are tools in ports
that pass byte streams through iconv to determine if the encodings
are valid.  eg: gettext-0.18.3+.

Disable the optimization and behave like the other implementations.
2013-08-08 01:53:27 +00:00
erwin
ef27886236 Update Bind to 9.8.5-P2
New Features

   Adds a new configuration option, "check-spf"; valid values are
   "warn" (default) and "ignore".  When set to "warn", checks SPF
   and TXT records in spf format, warning if either resource record
   type occurs without a corresponding record of the other resource
   record type.  [RT #33355]

   Adds support for Uniform Resource Identifier (URI) resource
   records. [RT #23386]

   Adds support for the EUI48 and EUI64 RR types. [RT #33082]

   Adds support for the RFC 6742 ILNP record types (NID, LP, L32,
   and L64). [RT #31836]

Feature Changes

   Changes timing of when slave zones send NOTIFY messages after
   loading a new copy of the zone.  They now send the NOTIFY before
   writing the zone data to disk.  This will result in quicker
   propagation of updates in multi-level server structures. [RT #27242]
   "named -V" can now report a source ID string.  (This is will be
   of most interest to developers and troubleshooters).  The source

   ID for ISC's production versions of BIND is defined in the "srcid"
   file in the build tree and is normally set to the most recent
   git hash. [RT #31494]

   Response Policy Zone performance enhancements.  New "response-policy"
   option "min-ns-dots".  "nsip" and "nsdname" now enabled by default
   with RPZ. [RT #32251]

Approved by:	delphij (mentor)
Sponsored by:	DK Hostmaster A/S
2013-08-06 06:22:54 +00:00
dim
792f34fe5e After r253839, which modifies ld's behaviour to not automatically pull
in needed libraries, change libc++.so into a linker script, so it can
automatically pull in libcxxrt.so.

MFC after:	1 week
2013-08-03 16:23:43 +00:00
erwin
414d5ed7dd Vendor import of BIND 9.8.5-P2
Approved by:	delphij (mentor, implicit)
Sponsored by:	DK Hostmaster A/S
2013-07-31 11:42:42 +00:00
des
0b1a1b2338 Include an Accept header in requests.
PR:		kern/180917
MFC after:	1 week
2013-07-30 13:07:55 +00:00
theraven
613035d60b Restore the longer form of the _Generic. The short form does not work in C++. 2013-07-29 12:33:03 +00:00
theraven
b37d7ced75 Reenable the isnan(double) / isinf(double) declarations when targeting C89 + SUSv2 mode. 2013-07-29 08:32:13 +00:00
avg
4e6c4b2a36 Revert r253748,253749
This WIP should not have been committed yet.

Pointyhat to:	avg
2013-07-28 18:44:17 +00:00
avg
c8737cbf1c remove needless inclusion of machine/cpu.h in userland
MFC after:	21 days
2013-07-28 18:35:43 +00:00
des
29d3efe0a8 Implement certificate verification, and many other SSL-related
imrovements; complete details in the PR.

PR:		kern/175514
Submitted by:	Michael Gmelin <freebsd@grem.de>
MFC after:	1 week
2013-07-26 15:53:43 +00:00
zont
d47da97be7 Remove define and documentation for vm_pageout_algorithm missed in r253587 2013-07-26 02:00:06 +00:00
jhb
2ee9cbbc0f Enhance the description of NOTE_TRACK:
- NOTE_TRACK has never triggered a NOTE_TRACK event from the parent pid.
  If NOTE_FORK is set, the listener will get a NOTE_FORK event from
  the parent pid, but not a separate NOTE_TRACK event.
- Explicitly note that the event added to monitor the child process
  preserves the fflags from the original event.
- Move the description of NOTE_TRACKERR under NOTE_TRACK as it is not a
  bit for the user to set (which is what this list pupports to be).
  Also, explicitly note that if an error occurs, the NOTE_CHILD event
  will not be generated.

MFC after:	1 week
2013-07-25 19:34:24 +00:00
rpaulo
56a6c80c3f Add pkgconf files for libusb.
Reviewed by:	hselasky
2013-07-25 03:54:08 +00:00
erwin
dc235a5943 Vendor import of Bind 9.8.5-P1
Approved by:	delphij (mentor)
Sponsored by:	DK Hostmaster A/S
2013-07-24 07:12:55 +00:00
jilles
bc9fec6137 wordexp(): Fix syntax validation for backslashes in single-quotes. 2013-07-23 21:09:26 +00:00
emaste
a3c7be9ea2 Document EINVAL error return from PT_LWPINFO 2013-07-22 18:18:21 +00:00
andrew
80d48d248e Teach siglongjmp about the VFP version of the setjmp buffer.
This fixes a bug where a call to sigsetjmp followed by siglongjmp may fail
when run on a machine with VFP enabled.
2013-07-21 12:47:33 +00:00
des
50344d2c6f Use the correct request syntax for proxied (tunneled) HTTPS requests.
PR:		bin/180666
MFC after:	3 days
2013-07-21 06:59:56 +00:00
scottl
7dbfd863d4 Since there's no defined schema for the XML that's generated by the
kern.geom.confxml sysctl, it's silly to warn about tags in libgeom,
especially since libgeom exists simply to build a tree out of the conf
information.

Obtained from:	Netflix
MFC after:	3 days
2013-07-19 06:42:15 +00:00
avg
3dc57aad8c [fix to r253380] __setenv: be explicit about placing '=' after name
This should a regression introduced in r253380 if malloc'ed memory
happens to have '=' at the right place.

Reported by:	ache
Pointyhat to:	me (avg)
MFC after:	1 day
X-MFC with:	r253380
2013-07-17 08:45:27 +00:00
avg
1afb4f2886 libc: name passed into __setenv is not necessarily NUL-terminated
That's particularly true when __setenv is called from __merge_environ.

MFC after:	4 days
2013-07-16 07:26:46 +00:00
hselasky
9ea6fe9fbe Add some missing definitions to build a working FreeBSD's libusb under Linux. 2013-07-14 10:22:00 +00:00
theraven
4b658e6ec5 Cleaner support for type qualifiers.
Submitted by:	Pasi Parviainen
2013-07-13 13:04:38 +00:00
theraven
f60d437435 Ensure that the _Generic() macro in math.h works with qualified types.
tgmath.h contains the same bugs and so should be fixed in the same way.
2013-07-13 10:10:45 +00:00
hrs
2336066e66 Fix mdoc syntax.
Pointed out by:	joeld
2013-07-13 08:17:55 +00:00
schweikh
1747a8a491 Typo corrected. 2013-07-12 17:37:05 +00:00
marius
98abe96b02 Prefix the alias macros for members of struct __mcontext with an underscore
in order to avoid a clash in the net80211 code.
2013-07-12 14:24:52 +00:00
hrs
ef82e58667 Add a leaf node CTL_NET.PF_ROUTE.0.AF.NET_RT_DUMP.0.FIB. This returns
routing table with the specified FIB number, not td->td_proc->p_fibnum.
2013-07-12 12:36:12 +00:00
theraven
7804a995aa Fix the build with C++ where __builtin_types_compatible_p is not allowed. 2013-07-12 11:03:51 +00:00