Commit Graph

49 Commits

Author SHA1 Message Date
Konstantin Belousov
85a0ddfd0b Add a resource limit for the total number of kqueues available to the
user.  Kqueue now saves the ucred of the allocating thread, to
correctly decrement the counter on close.

Under some specific and not real-world use scenario for kqueue, it is
possible for the kqueues to consume memory proportional to the square
of the number of the filedescriptors available to the process.  Limit
allows administrator to prevent the abuse.

This is kernel-mode side of the change, with the user-mode enabling
commit following.

Reported and tested by:	pho
Discussed with:	jmg
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2013-10-21 16:46:12 +00:00
Jilles Tjoelker
c4539460e3 sh: Improve error handling in read builtin:
* If read -t times out, return status as if interrupted by SIGALRM
  (formerly 1).
* If a trapped signal interrupts read, return status 128+sig (formerly 1).
* If [EINTR] occurs but there is no trap, retry the read (for example
  because of a SIGWINCH in interactive mode).
* If a read error occurs, write an error message and return status 2.

As before, a variable assignment error returns 2 and discards the remaining
data read.
2013-05-03 15:28:31 +00:00
Jilles Tjoelker
58570ac4a5 sh: Prefer our character classification functions to <ctype.h>. 2013-01-31 22:10:57 +00:00
Jilles Tjoelker
ad859ed8cf sh: Remove an unused header.
The read builtin no longer does things with termios.
2012-05-15 22:50:47 +00:00
Jilles Tjoelker
258ef734e7 sh: Minor optimization to output from ulimit/export/readonly.
No functional change is intended.
2011-05-15 22:09:27 +00:00
Jilles Tjoelker
9d37e15722 sh: Code size optimizations to "stack string" memory allocation:
* Prefer one CHECKSTRSPACE with multiple USTPUTC to multiple STPUTC.
* Add STPUTS macro (based on function) and use it instead of loops that add
  nul-terminated strings to the stack string.

No functional change is intended, but code size is about 1K less on i386.
2010-11-23 22:17:39 +00:00
Jilles Tjoelker
917fdfb106 sh: Fix 'read' if all chars before the first IFS char are backslash-escaped.
Backslash-escaped characters did not set the flag for a non-IFS character.

MFC after:	2 weeks
2010-09-08 20:35:43 +00:00
Jilles Tjoelker
384aedab58 sh: Various warning fixes (from WARNS=6 NO_WERROR=1):
- const
- initializations to silence -Wuninitialized (it was safe anyway)
- remove nested extern declarations
- rename "index" locals to "idx"
2009-12-27 18:04:05 +00:00
Konstantin Belousov
c9253e931d Usermode portion of the support for swap allocation accounting:
- update for getrlimit(2) manpage;
- support for setting RLIMIT_SWAP in login class;
- addition to the limits(1) and sh and csh limit-setting builtins;
- tuning(7) documentation on the sysctls controlling overcommit.

In collaboration with:	pho
Reviewed by:	alc
Approved by:	re (kensmith)
2009-06-23 20:57:27 +00:00
Jilles Tjoelker
fe40d6d3b1 sh: Make read's timeout (-t) apply to the entire line, not only the first
character.

This avoids using non-standard behaviour of the old (upto FreeBSD 7) TTY
layer: it reprocesses the input queue when switching to canonical mode. The
new TTY layer does not provide this functionality and so read -t worked
very poorly (first character is not echoed, cannot be backspaced but is
still read).

This also agrees with what most other shells with read -t do.

PR:		bin/129566
Reviewed by:	stefanf
Approved by:	ed (mentor)
2009-05-31 19:37:06 +00:00
Stefan Farfeleder
86d8da5d5b Fix the behaviour of the read built-in when IFS is unset.
Obtained from:	NetBSD
2009-03-22 22:57:53 +00:00
Stefan Farfeleder
b6748ec20c Improve the IFS handling of the read built-in.
Obtained from:	NetBSD
Submitted by:	Jilles Tjoelker
2009-03-22 22:09:12 +00:00
Ed Schouten
ae46d95884 Don't disable CR-to-NL translation when waiting for data to arrive.
A difference between the old and the new TTY layer is that the new
implementation does not perform any post-processing before returning
data back to userspace when calling read().

sh(1)'s read turns the TTY into a raw mode before calling select(). This
means that the first character will not receive any ICRNL processing.
Inherit this flag from the original terminal attributes.

Even though this issue is not present on RELENG_*, I'm MFCing it to make
sh(1) in jails behave better.

PR:		bin/129566
MFC after:	2 weeks
2009-03-08 19:09:55 +00:00
Ed Schouten
bc093719ca Integrate the new MPSAFE TTY layer to the FreeBSD operating system.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:

- Improved driver model:

  The old TTY layer has a driver model that is not abstract enough to
  make it friendly to use. A good example is the output path, where the
  device drivers directly access the output buffers. This means that an
  in-kernel PPP implementation must always convert network buffers into
  TTY buffers.

  If a PPP implementation would be built on top of the new TTY layer
  (still needs a hooks layer, though), it would allow the PPP
  implementation to directly hand the data to the TTY driver.

- Improved hotplugging:

  With the old TTY layer, it isn't entirely safe to destroy TTY's from
  the system. This implementation has a two-step destructing design,
  where the driver first abandons the TTY. After all threads have left
  the TTY, the TTY layer calls a routine in the driver, which can be
  used to free resources (unit numbers, etc).

  The pts(4) driver also implements this feature, which means
  posix_openpt() will now return PTY's that are created on the fly.

- Improved performance:

  One of the major improvements is the per-TTY mutex, which is expected
  to improve scalability when compared to the old Giant locking.
  Another change is the unbuffered copying to userspace, which is both
  used on TTY device nodes and PTY masters.

Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.

Obtained from:		//depot/projects/mpsafetty/...
Approved by:		philip (ex-mentor)
Discussed:		on the lists, at BSDCan, at the DevSummit
Sponsored by:		Snow B.V., the Netherlands
dcons(4) fixed by:	kan
2008-08-20 08:31:58 +00:00
Jens Schweikhardt
8dcaad55c2 Remove some white space at EOL. 2006-02-04 14:37:50 +00:00
Stefan Farfeleder
670528cd78 Protect malloc, realloc and free calls with INT{ON,OFF} directly in chkalloc,
ckrealloc and ckfree (added), respectively.  sh jumps out of the signal handler
using longjmp which is obviously a bad idea during malloc calls.

Note: I think there is still a small race here because volatile sig_atomic_t
only guarantees atomic reads and writes while we're doing increments and
decrements.

Protect a setmode call with INT{ON,OFF} as it calls malloc internally.

PR:		45478
Patch from:	Nate Eldredge
2005-10-28 10:45:19 +00:00
Stefan Farfeleder
e4c880af3f Fix the error message if the mask that is passed to umask -S contains
non-digits.
2005-09-09 19:59:41 +00:00
Ralf S. Engelschall
f7d95a075c Various small code cleanups resulting from a code reviewing
and linting procedure:

1. Remove useless sub-expression:

   - if (*start || (!ifsspc && start > string && (nulonly || 1))) {
   + if (*start || (!ifsspc && start > string)) {

   The sub-expression "(nulonly || 1)" always evaluates to true and
   according to CVS logs seems to be just a left-over from some
   debugging and introduced by accident. Removing the sub-expression
   doesn't change semantics and a code inspection showed that the
   variable "nulonly" is also not necessary here in any way (and the
   expression would require fixing instead of removing).

2. Remove dead code:

   -                if (backslash && c == '\\') {
   -                        if (read(STDIN_FILENO, &c, 1) != 1) {
   -                                status = 1;
   -                                break;
   -                        }
   -                        STPUTC(c, p);
   -                } else if (ap[1] != NULL && strchr(ifs, c) != NULL) {
   +                if (ap[1] != NULL && strchr(ifs, c) != NULL) {

   Inspection of the control and data flow showed that variable
   "backslash" is always false (0) when the "if"-expression is
   evaluated, hence the whole block is effectively dead code.
   Additionally, the skipping of characters after a backslash is already
   performed correctly a few lines above, so this code is also not
   needed at all. According to the CVS logs and the ASH 0.2 sources,
   this code existed in this way already since its early days.

3. Cleanup Style:

   - ! trap[signo][0] == '\0' &&
   + ! (trap[signo][0] == '\0') &&

   The expression wants to ensure the trap is not assigned the empty
   string. But the "!" operator has higher precedence than "==", so the
   comparison should be put into parenthesis to form the intended way of
   expression. Nevertheless the code was effectively not really broken
   as both particular NUL comparisons are semantically equal, of course.
   But the parenthesized version is a lot more intuitive.

4. Remove shadowing variable declaration:

   - char *q;

   The declaration of symbol "q" hides another identical declaration of
   "q" in the same context. As the other "q" is already reused multiple
   times and also can be reused again without negative side-effects,
   just remove the shadowing declaration.

5. Just small cosmetics:

   - if (ifsset() != 0)
   + if (ifsset())

   The ifsset() macro is already coded by returning the boolean result
   of a comparison operator, so no need to compare this boolean result
   again against a numerical value. This also aligns the macros usage to
   the remaining existing code.

Reviewed by: stefanf@
2005-09-06 19:30:00 +00:00
Stefan Farfeleder
79ea0bd9f3 First declare the functions to pacify -Wmissing-prototypes. 2005-08-13 08:31:37 +00:00
Mark Murray
6195fb4102 Remove clause 3 from the UCB licenses.
OK'ed by:	imp, core
2004-04-06 20:06:54 +00:00
Maxime Henrion
0c1661b754 - Don't use quad_t when we really mean rlim_t.
- Cast rlim_t to intmax_t when printing it.

This should fix the last format errors in sh(1).

Tested on:	i386, sparc64
2002-10-01 11:44:38 +00:00
Tim J. Robbins
abe2dc6158 Callers of error() don't need to supply a program name prefix in the
error message. Stops ulimit giving error messages like "ulimit: ulimit: xyz".
2002-09-30 13:29:32 +00:00
David E. O'Brien
2749b14129 Consistently use FBSDID 2002-06-30 05:15:05 +00:00
Matthew Dillon
085b9f3eb2 Add support for RLIMIT_VMEM. The #ifdef's were already there but getopt()
needed to be adjusted.
2002-06-26 00:29:53 +00:00
Warner Losh
5134c3f799 o __P has been reoved
o Old-style K&R declarations have been converted to new C89 style
o register has been removed
o prototype for main() has been removed (gcc3 makes it an error)
o int main(int argc, char *argv[]) is the preferred main definition.
o Attempt to not break style(9) conformance for declarations more than
  they already are.
o Change
	int
	foo() {
	...
  to
	int
	foo(void)
	{
	...
2002-02-02 06:50:57 +00:00
Sheldon Hearn
e1b4d8d074 Use STD{ERR,IN,OUT}_FILENO instead of their numeric values. The
definitions are more readable, and it's possible that they're
more portable to pathalogical platforms.

Submitted by:   David Hill <david@phobia.ms>
2001-07-26 11:02:39 +00:00
Martin Cracauer
f01e3d0cfe Fix warnings, some of them serious because sh violated name
spaces reserved by the header files it includes.

mkinit.c still produces C code with redundant declarations, although
they are more harmless since they automatically derived from the right
places.
2000-04-20 09:49:16 +00:00
Brian Feldman
7cde774d15 Implement ulimit -b for RLIMIT_SBSIZE. 1999-10-09 20:56:06 +00:00
Peter Wemm
2a4562393f $Id$ -> $FreeBSD$ 1999-08-27 23:15:48 +00:00
Thomas Gellekum
8f0561cc42 Make the behaviour of `read -e', ie. treating backslashes as special,
the default. Add -r option for the read builtin to reverse this.

PR:		13274
Reviewed by:	cpiazza, hoek, sheldonh
1999-08-26 08:16:27 +00:00
Kris Kennaway
46be34b902 Various spelling/formatting changes.
Submitted by: Philippe Charnier <charnier@xp11.frmug.org>
1999-05-08 10:22:15 +00:00
Warner Losh
a207266e91 Free memory from setmode.
Obtained from: OpenBSD
1998-12-16 04:45:35 +00:00
Martin Cracauer
1f40b47b46 Improve bookkeeping of in_waitcmd and style fixes.
Submitted by:	Bruce Evans
1998-08-25 09:33:34 +00:00
Martin Cracauer
7a8e920bb9 Do not exit on SIGINT in non-interactive shells, fixes PR 1206,
i.e. this makes emacs usable from system(3). Programs called from
shellscripts are now required to exit with proper signal status. That
means, they have to kill themself. Exiting with faked numerical exit
code is not sufficient.

Exit with proper signal status if script exits on signal.

Make the wait builtin interruptable, both with and without traps set.

Use volatile sig_atomic_t where (and only where) appropriate.

(Almost) fix printing of newlines on SIGINT.

Make traps setable from trap handlers. This is needed for shellscripts
that catch SIGINT for cleanup work but intend to exit on it, hance
have to kill themself from a trap handler. I.e. mkdep.

While I'm at it, make it -Wall clean. -Wall is not enabled in
Makefile, since vararg warnx() macro calls in usr.bin/printf/printf.c
are not -Wall-able.
PR:		1206
Obtained from:	Basic SIGINT fix from Bruce Evans
1998-08-24 10:20:37 +00:00
Philippe Charnier
3d7b5b9302 Add rcsid. Spelling. 1998-05-18 06:44:24 +00:00
Mike Smith
afa53c8df7 Add the '-t timeout' option to the 'read' builtin. This allows the
'read' command to return an error if the user fails to supply any
input withink a given time period.  The behaviour of this option is
similar to that of the like-named option in ksh93.

Reviewed by:	joerg
1997-09-29 15:15:16 +00:00
Steve Price
e7a0b0244d Use the __unused attribute where warranted. 1997-05-19 00:18:52 +00:00
Steve Price
afb033d5c4 Nuke register keyword usage and #if -> #ifdef.
Obtained from: NetBSD
1997-04-28 03:06:52 +00:00
Peter Wemm
b97fa2ef50 Revert $FreeBSD$ to $Id$ 1997-02-22 14:13:04 +00:00
Jordan K. Hubbard
1130b656e5 Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!)
avoiding the Id-smashing problem which has plagued developers for so long.

Boy, I'm glad we're not using sup anymore.  This update would have been
insane otherwise.
1997-01-14 07:20:47 +00:00
Steve Price
ab0a217285 Merge in NetBSD mods and -Wall cleaning.
Obtained from: NetBSD, me
1996-12-14 06:20:03 +00:00
Peter Wemm
4e4e09596d eek, how did that happen? I must have committed something left over from
when I was experimenting looking for an alternate format.  *blush*
1996-09-03 14:24:44 +00:00
Peter Wemm
4417f6297d Fix for PR#1287. This makes sh behave sensibly in case statements in the
face of aliases.  Note, bash doesn't do aliases while running scripts, but
"real" ksh does..

Also:
  Reduce redundant .Nm macros in (unused) bltin/echo.1
  nuke error2, it's hardly used.
  More -Wall cleanups
  dont do certain history operations if NO_HISTORY defined
  handle quad_t's from resource limits

Submitted by: Steve Price <sprice@hiwaay.net>  (minor tweaks by me)
1996-09-03 14:16:06 +00:00
Peter Wemm
16992ff483 Misc cleanups and fixes from Bruce:
- don't put \n on error() calls, error adds it already.
 - don't prepend "ulimit" on error() calls in miscbltin.c.
 - getopt typo on ulimit -p -> -u conversion
 - get/setrlimit() calls were not being error checked

ulimit formatting cleanup from me, use same wording as bash on Bruce's
suggestion.  Add ulimit arg to output on Joerg's suggestion.
1996-09-03 13:35:11 +00:00
Peter Wemm
aa9caaf657 Merge of 4.4-Lite2 sh source, plus some gcc -Wall cleaning. This is a
merge of parallel duplicate work by Steve Price and myself. :-]

There are some changes to the build that are my fault...  mkinit.c was
trying (poorly) to duplicate some of the work that make(1) is designed to
do.  The Makefile hackery is my fault too, the depend list was incomplete
because of some explicit OBJS+= entries, so mkdep wasn't picking up their
source file #includes.

This closes a pile of /bin/sh PR's, but not all of them..

Submitted by: Steve Price <steve@bonsai.hiwaay.net>, peter
1996-09-01 10:22:36 +00:00
Joerg Wunsch
769bbc65e8 o rename ulimit -p into ulimit -u, so we are in agreement with bash
o fix brokeness for 1>&5 redirection, where `5' was an invalid file
  descriptor, but no error message has been generated

o fix brokeness for redirect to/from myself case
1995-10-21 00:47:32 +00:00
Joerg Wunsch
7a2afe644c Implement the "ulimit" builtin. This is the analogon to csh's "limit"
command and badly needed in sh(1) for everybody who wants to modify
the system-wide limits from inside /etc/rc.

The options are similar to other system's implemantations of this
command, with the FreeBSD additions for -m (memoryuse) and -p (max
processes) that are not available on other systems.
1995-10-19 18:42:12 +00:00
David Greenman
89730b290a Added $Id$ 1994-09-24 02:59:15 +00:00
Rodney W. Grimes
4b88c807ea BSD 4.4 Lite bin Sources 1994-05-26 06:18:55 +00:00