document the libufs interface for fetching and storing inodes.
The undocumented getino / putino interface has been replaced
with a new getinode / putinode interface.
Convert the utilities that had been using the undocumented
interface to use the new documented interface.
No functional change (as for now the libufs library does not
do inode check-hashes).
Reviewed by: kib
Tested by: Peter Holm
Sponsored by: Netflix
libnv used fcntl(fd, F_GETFL) to test whether fd is a valid file
descriptor. Aside from being racy, this check requires CAP_FCNTL
rights on fd. Instead, use fcntl(fd, F_GETFD), which does not require
any capability rights.
Also remove some redundant fd_is_valid() checks to avoid extra system
calls; in many cases we were performing this check immediately before
dup()ing the descriptor.
Reviewed by: cem, oshogbo (previous version)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D17963
And build libdl unconditionally. All supported FreeBSD linkers accept
-F / --filter so there is no need to test for support.
Discussed with: kib
Sponsored by: The FreeBSD Foundation
cap_fileargs is a Casper service which helps to sandbox applications that need
access to the filesystem namespace. The main purpose of the service is to make
easy to capsicumize applications that works on multiple files passed in argv.
We have a couple example of using it but we still treat this service as an
experimental one.
Reviewed by: emsate (previous version), jonathan (partially)
Discussed with: many
Differential Revision: https://reviews.freebsd.org/D14407
paths.
It was decided that committing the code and drafting of the man page
update is better than allowing the code to rot until wordsmithing
happens.
Reviewed by: jilles (previous version)
Discussed with: brooks, jilles, emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D17714
and dependent functions (eg getpwname(3)) get called. This can
improve performance of binaries that perform a lot of name
lookups, such as gssd(8). It also matches documented behaviour
of Linux and Solaris.
The old code is left in place, should anyone need it, guarded
by #ifdef NS_REREAD_CONF.
Reviewed by: imp, bcr
MFC after: 2 weeks
Relnotes: yes
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D17934
The previously activated BE should have canmount=noauto set on it upon
activation of the new BE, but we previously did not touch canmount on either
old or new BE.
PR: 233113
MFC after: 3 days
fusefs is inconsistently named. The kernel module is named "fuse", but the
mount helper is named "mount_fusefs" and the jail(8) parameter is named
"allow.mount.fusefs". Special case it in libjail.
Reviewed by: jamie
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D17929
It is required by llvm-profdata, now built by default under the
LLVM_COV knob. The additional complexity that would come from avoiding
building it if CLANG_EXTRAS and LLVM_COV are both disabled is not worth
the small savings in build time.
Sponsored by: The FreeBSD Foundation
This was shown to be a problem by side effect of now-enabled test case,
which was going through C, en_US.UTF-8, ja_JP.SJIS, and ja_JP.eucJP,
and failing eventually as data in mbrtowc's mbstate, that was
perfectly correct for en_US.UTF-8 was treated as incorrect for
ja_JP.SJIS, failing the entire test case.
This makes the persistent mbstates to be per ctype-component,
and not per-locale so we could easily reset the mbstates when
only LC_CTYPE is changed.
Reviewed by: bapt, pfg
Approved by: kib (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D17796
The BSD crtbegin/crtend code now builds on all architectures, however
further work is needed to check if it works correctly.
MFC with: r339738
Sponsored by: DARPA, AFRL
that it uses the same ctype maps and functions as other UTF-8 locales.
Reviewed by: bapt, cem, eadler
Approved by: kib (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D17833
Please notice that we still don't clean information in nvlist structures.
Submitted by: David CARLIER <devnexen@gmail.com>
Differential Revision: https://reviews.freebsd.org/D16777
The getaddrinfo(3) and gethostbyname(3) are used to return the address for a
given hostname. The getnameinfo(3) and gethostbyaddr(3) are used to return
hostname for a given address. Right now in casper, we have two limitations:
- NAME which allows resolving DNS names.
- ADDR which allows to do revert DNS lookups.
Before this change the rights was mixed up:
NAME - getnameinfo(3) and gethostbyname(3)
ADDR - gethostbyaddr(3) and getaddrinfo(3)
Which no matters on limitation allowed us to resolve DNS names and do DNS
lookups basically by using a different set of functions.
Now the NAME type allows getaddrinfo(3) and gethostbyname (3)functions,
and the ADDR names allow to use gethostbyaddr(3) and getnameinfo(3) functions.
Reviewed by: pjd, bcr
MFC after: 3 weeks
Discussed with: hrs
Differential Revision: https://reviews.freebsd.org/D16930
The idea behind those functions is not to force consumers to remember that there
is a need to check errno on failure. We already have a caph_enter(3) function
which does the same for cap_enter(2).
MFC after: 2 weeks
Update contrib/expat by merging from the vendor branch.
Update expat_config.h manually, using
make -C /usr/ports/textproc/expat2 configure
as a baseline.
MFC after: 1 month
Relnotes: yes
Security: yes; see contrib/expat/Changes since 2.2.0
Sponsored by: Dell EMC Isilon
The comment isn't stale. The check is bogus in the sense that poll(2)
does not require pollfd entries to be unique in fd space, so there is no
reason there cannot be more pollfd entries than open or even allowed
fds. The check is mostly a seatbelt against accidental misuse or
abuse. FD_SETSIZE, while usually unrelated to poll, is used as an
arbitrary floor for systems with very low kern.maxfilesperproc.
Additionally, document this possible EINVAL condition in the poll.2
manual.
No functional change.
Reviewed by: markj
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D17671
Most easily reproducible by attempting to activate the currently activated
BE, one would get a "not a cloned filesystem" error instead of success or a
sane message.
PR: 232488
MFC after: 3 days
Enabling BSD_CRTBEGIN on amd64 resulted in
error: unused variable '__CTOR_LIST__'.
__CTOR_LIST__ is indeed unused in crtbegin.c; it marks the beginning of
the .ctors array and is used in crtend.c. Annotate __DTOR_LIST__ as
well for consistency.
Discussed with: andrew
MFC with: r339738
Sponsored by: The FreeBSD Foundation
The tests haven't been run them, but this is enough to build them so I can
get feedback on if the various crt.h headers are correct.
MFC with: r339738
Sponsored by: DARPA, AFRL
then runs these from the base test programs. With this we can check
crtbeginS.o and crtendS.o are working as expected.
MFC with: r339738
Sponsored by: DARPA, AFRL
If RLIM_INFINITY == -1ULL (such as on macOS) the min() call will result
in a value of less than 1 being returned. This causes nftw() to fail
with EINVAL.
While touching this file also fix includes to work on Linux/macOS and don't
declare snprintf since it may have different attributes in the system
headers there.
Reviewed By: mmacy
Approved By: brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17682
timezone offset. These values are generally zero.
While one still theoreticall could set these values, that's almost
never done. Users wishing to have an offset between the time of day
clock hardware and UTC use adjkerntz(8) instead.
localtime(3) should be used to find these values for the current
timezone.
Flags prevent open(2) and *at(2) vfs syscalls name lookup from
escaping the starting directory. Supposedly the interface is similar
to the same proposed Linux flags.
Reviewed by: jilles (code, previous version of manpages), 0mp (manpages)
Discussed with: allanjude, emaste, jonathan
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D17547
