the jail(8) command. [10:04]
Fix a one-NUL-byte buffer overflow in libopie. [10:05]
Correctly sanity-check a buffer length in nfs mount. [10:06]
Approved by: so (cperciva)
Approved by: re (kensmith)
Security: FreeBSD-SA-10:04.jail
Security: FreeBSD-SA-10:05.opie
Security: FreeBSD-SA-10:06.nfsclient
file.1 to contain the correct version number and SIZEOF_LONG_LONG to be
defined as appropriate, which is crucial for 64-bit big-endian ELF files
to be handled correctly on big-endian systems.
PR: 146387
Reviewed by: delphij
MFC after: 3 days
bottom of the manpages and order them consistently.
GNU groff doesn't care about the ordering, and doesn't even mention
CAVEATS and SECURITY CONSIDERATIONS as common sections and where to put
them.
Found by: mdocml lint run
Reviewed by: ru
this type conversion is the high bits which were used to indicate if a
special character was a literal or special were dropped. As a result, all
special character were treated as special, even if they were supposed to
be literals.
Reviewed by: gad@
Approved by: mentor (wes@)
Adjust dependencies for programs using libarchive
Add xz and linkage against liblzma to rescue system
Approved by: kientzle, delphij (mentor)
MFC after: 2 weeks
When parsing the month "juillet" (abbr "jul"), %B recognized it as
"juin" (abbr "jui") because the full name of the month names is
checked at the same time as the abbrevation.
The new behaviour checks the full names first before checking the
abbrevation names.
PR: kern/141939
Submitted by: Denis Chatelain <denis@tikuts.com>
MFC after: 1 week
Although libthr's pthread_sigmask() just calls sigprocmask() and this is
unlikely to change, mention this POSIX requirement on applications.
MFC after: 1 week
This joint work of Dag-Erling Smørgrav and myself updates the
FFS quota system to support both traditional 32-bit and new 64-bit
quotas (for those of you who want to put 2+Tb quotas on your users).
By default quotas are not compiled into the kernel. To include them
in your kernel configuration you need to specify:
options QUOTA # Enable FFS quotas
If you are already running with the current 32-bit quotas, they
should continue to work just as they have in the past. If you
wish to convert to using 64-bit quotas, use `quotacheck -c 64';
if you wish to revert from 64-bit quotas back to 32-bit quotas,
use `quotacheck -c 32'.
There is a new library of functions to simplify the use of the
quota system, do `man quotafile' for details. If your application
is currently using the quotactl(2), it is highly recommended that
you convert your application to use the quotafile interface.
Note that existing binaries will continue to work.
Special thanks to John Kozubik of rsync.net for getting me
interested in pursuing 64-bit quota support and for funding
part of my development time on this project.
sigvec(2) references have been updated to sigaction(2), sigsetmask(2) and
sigblock(2) to sigprocmask(2), sigpause(2) to sigsuspend(2).
Some legacy man pages still refer to them, that is OK.
* un-document 'struct sigaltstack' tag for stack_t as this is BSD-specific;
this doesn't seem useful enough to document as such
* alternate stacks are per thread, not per process
* update error codes to what the kernel does and POSIX requires
MFC after: 1 week
This option is available in the Linux implementation of pam_krb5
and allows to authorize a user not known to the local system.
Ccache is not used as we don't have a secure uid/gid for the cache file.
Usable for authentication of external kerberos users (e.g Active Directory)
via PAM from applications like Cyrus saslauthd, PHP or perl.
PR: bin/146186
Submitted by: myself
Approved by: deplhij (mentor)
MFC after: 2 weeks
Additionally, because of sysctl(3) use (which is generally good), behaviour
for crash dumps differs slightly from behaviour for live kernels and this
will probably never be fixed entirely, so weaken that claim.
MFC after: 1 week
Also add xrefs for confstr(3) (as sysconf(3) but for strings) and kvm(3)
(which is a more convenient way to access some of the variables).
PR: 116480
MFC after: 1 week
brings in support for an optional intent log which eliminates the need
for background fsck on unclean shutdown.
Sponsored by: iXsystems, Yahoo!, and Juniper.
With help from: McKusick and Peter Holm
- Rework the wrapper support to check libpkg version as well as pkg_install
version.
- Add libfetch to _prebuild_libs.
- There are no new features introduced.
Notes: the API is not stable, so basically, do not use libpkg in your
projects for now. Also there's no manpage for libpkg yet, because the API
will change drastically. I repeat, do not use libpkg for now.
SUSv4 requires that implementation returns EINVAL if supplied path is NULL,
and ENOENT if path is empty string [1].
Bring prototype in conformance with SUSv4, adding restrict keywords.
Allow the resolved path buffer pointer be NULL, in which case realpath(3)
allocates storage with malloc().
PR: kern/121897 [1]
MFC after: 2 weeks
Simplify the presented declaration of struct sigaction, noting the
caveat in the text. Real layout of the structure and exposed
implementation namespace only obfuscates the usage.
Submitted by: bde
MFC after: 3 days
POSIX permits but does not require checking access on the current and parent
directories.
Because various programs do not like it if getcwd(3) fails, it seems best
to avoid checking access as much as possible. There are various reports in
GNATS about this (search for getcwd).
Our getcwd(3) implementation first queries the kernel for the pathname
directly, which does not check any permissions but sometimes fails, and then
falls back to reading all parent directories for the names.
PR: standards/44425
MFC after: 2 weeks
Note: the *64 interfaces are no longer exposed via zlib.h but were keep
as public interfaces;
Note 2: this commit would break applications that uses the moved symbols
directly.
Although groff_mdoc(7) gives another impression, this is the ordering
most widely used and also required by mdocml/mandoc.
Reviewed by: ru
Approved by: philip, ed (mentors)
Be explicit and use the general bracketing form plus symbols which are
to be interpreted mathematically in this case.
Complaint by: mdocml
Reviewed by: ru
Approved by: philip, ed (mentors)
rounding (impl. dep. #55), the SPARC JPS1 responsible for SPARC64 and
UltraSPARC processors defines that in all cases tininess is detected
before rounding therefore rounding up to the smallest normalized number
should set the underflow flag. This change is needed for using SoftFloat
on sparc64 for reference purposes.
PR: 144900
Submitted by: Peter Jeremy
This fix mostly matters after r206129 that made it possible for
st_blksize to be greater than 4K. For this reason, this change should
be MFC-ed before r206129.
Also, it seems that all FreeBSD uitlities that use db(3) hash databases
and create new databases in files, specify their own block size value
and thus do not depend on block size autotuning.
PR: bin/144446
Submitted by: Peter Jeremy <peterjeremy@acm.org>
MFC after: 5 days
domain clock, 8 programmable PMC.
- Westmere based CPU (Xeon 5600, Corei7 980X) support.
- New man pages with events list for core and uncore.
- Updated Corei7 events with Intel 253669-033US December 2009 doc.
There is some removed events in the documentation, they have been
kept in the code but documented in the man page as obsolete.
- Offcore response events can be setup with rsp token.
Sponsored by: NETASQ
implement assert() instead of relying on a non-required exit(). The exit()
invocation also did not match the semantics of the exit() routine that
current boot environments happen to require.
PR: kern/144749
Discussed with: bde
MFC after: 1 week
A nice thing about POSIX 2008 is that it finally standardizes a way to
obtain file access/modification/change times in sub-second precision,
namely using struct timespec, which we already have for a very long
time. Unfortunately POSIX uses different names.
This commit adds compatibility macros, so existing code should still
build properly. Also change all source code in the kernel to work
without any of the compatibility macros. This makes it all a less
ambiguous.
I am also renaming st_birthtime to st_birthtim, even though it was a
local extension anyway. It seems Cygwin also has a st_birthtim.
parser. This merge does not change any API and should not break any
native or thirdparty applications.
Changes include:
* Merge multiple report ID support and other improvements from kernel
HID parser.
* Ignore rid argument in hid_start_parser, parse all the report items since
we now support multiple report ID.
* Skip report ID byte in hid_get_data() and set report ID byte in
hid_set_data(), if report ID is non-zero.
* Reimplement hid_get_report_id: instead get report id from uhid device
(which is always 0), try parsing the report descriptor and return the
first report ID encountered.
Reviewed by: hps
Silent on: -usb mailing list
According to POSIX open() must return ENOTDIR when the path name does
not refer to a path name. Change vn_open() to respect this flag. This
also simplifies the Linuxolator a bit.
Scrt1_c.o was accidentally compiled with -DGCRT (profiling), like gcrt1_c.o.
This problem is i386-specific, the other architectures are OK.
If you have problems with PIE executables such as samba and cups leaving
behind gmon files, rebuild them after installing this change.
PR: ports/143924
Reviewed by: kib
MFC after: 3 days
rounding (impl. dep. #55), the SPARC JPS1 responsible for SPARC64 and
UltraSPARC processors defines that in all cases tinyness is detected
before rounding, therefore rounding up to the smallest normalised
number should set the underflow flag.
- If an infinite result is rounded down, the result should have an
exponent 1 less than the value for infinity.
PR: 144900
Submitted by: Peter Jeremy
MFC after: 3 days
the problems related to the handling of broken DNSSEC trust chains.
This fix is only relevant for those who have DNSSEC validation
enabled and configure trust anchors from third parties, either
manually, or through a system like DLV.
Erwin ran an exp-run with libcompat and <regexp.h> removed. It turns out
the regexp library is almost entirely unused. In fact, it looks like it
is sometimes used by accident. Because these function names clash with
libc's <regex.h>, some application use both <regex.h> and libcompat,
which means they link against the wrong regex library.
This commit removes the regexp library and reimplements re_comp() and
re_exec() using <regex.h>. It seems the grammar of the regular
expressions accepted by these functions is similar to POSIX EREs.
After this commit, 1 low-profile port will be broken, but the maintainer
already has a patch for it sitting in his mailbox.
blog posting [1].
- Use word-sized test for unaligned pointer before working
the hard way.
Memory page boundary is always integral multiple of a word
alignment boundary. Therefore, if we can access memory
referenced by pointer p, then (p & ~word mask) must be also
accessible.
- Better utilization of multi-issue processor's ability of
concurrency.
The previous implementation utilized a formular that must be
executed sequentially. However, the ~, & and - operations can
actually be caculated at the same time when the operand were
different and unrelated.
The original Hacker's Delight formular also offered consistent
performance regardless whether the input would contain
characters with their highest-bit set, as it catches real
nul characters only.
These two optimizations has shown further improvements over the
previous implementation on microbenchmarks on i386 and amd64 CPU
including Pentium 4, Core Duo 2 and i7.
[1] http://vger.kernel.org/~davem/cgi-bin/blog.cgi/2010/03/08#strlen_1
MFC after: 1 month
by *sprintf(), etc.
- Explicitly initialize _fl_mutex to PTHREAD_MUTEX_INITIALIZER for all FILE
objects. This is currently a nop on FreeBSD, but is import for other
platforms (or in the future) where PTHREAD_MUTEX_INITIALIZER is not simply
zero.
PR: threads/141198
Reported by: Jeremy Huddleston @ Apple
MFC after: 2 weeks
operands but not for double and extended double ones. Instead of trying
to fix the macro just nuke it and unroll the loops in the correct way
though as extended double operands turn out to be the only special case.
- For FxTO{s,d,q} the source operand is int64 so rs2 has to be re-decoded
after setting type accordingly as it's generally decoded using the low
2 bits as the type, which are 0 for these three instructions.
- Similarly, in case of F{s,d,q}TOx the target is int64 so rd has to be
re-decoded using not only the operand mask appropriate for int64 but
also the correct register number encoding.
- Use const where appropriate.
- Wrap long lines.
Submitted by: Peter Jeremy (partly)
MFC after: 3 days
objects used to provide per-thread storage in the RPC code. Almost all
of these used double-checking with a dedicated mutex (tsd_lock) to do this
before. However, that is not always safe with more relaxed memory orders.
There were also other bugs, such as one in __rpc_createrr() that caused a
new key to be allocated each time __rpc_createrr() was invoked.
PR: threads/144558
Reported by: Sam Robb samrobb of averesystems com (key leak)
MFC after: 1 week
These header files only provide functionality that can be used in
combination with libcompat. In order to prevent people from including
them without any actual use (which happens a lot with <sys/timeb.h>),
put a warning here to make people more aware.
This means we have to lower WARNS for libcompat, which is no big deal.
Rejigger the SUBDIR setting a smidge: we now set all the libraries that depend
on something else, and then SUBDIR+= the rest.
A separate commit will fix the SUBDIR style to be the same as the rest
of the tree.
This Makefile change can be removed when the next version of sendmail
is imported as it will have this built in to the FreeBSD conf.h section.
Submitted by: John Marshall
MFC after: 3 days
