Commit Graph

1860 Commits

Author SHA1 Message Date
nwhitehorn
1657a60f21 Add support for R_PPC64_UADDR64 relocations. 2011-01-03 23:11:52 +00:00
csjp
48ae57efdb expand checkuser() to support the propagation of error codes back to
the caller.  Currently, checkuser() does not differentiate between the
failure to open the file and the absence of a user in the file.  Check
to see if there was an error opening the file.  If there are any errors,
terminate the connection.  Currently, the only exception to this rule
is ENOENT, since there is nothing that says the /etc/ftpuser
and /etc/ftpchroot has to exist.

MFC after:	3 weeks
2011-01-03 21:28:12 +00:00
nwhitehorn
974e62ca27 Fix an error in the ABI in rtld_bind_start(). When passing arguments to a
C function, the caller's stack frame must have room to store all of the
arguments to that function. While here, fix stack frame alignment issues.

Without this change, the compiler will save r3 and r4 into the caller's
stack frame before calling setjmp() in _rtld_bind(). These would then
overwrite arguments to the newly-bound function, causing eventual failures.
2010-12-28 22:31:59 +00:00
kan
87f341c8ac Fix an apparent cop-and-paste mistake in previous commit.
This makes dlsym(RTLD_DEFAULT) work properly again.
2010-12-27 00:30:29 +00:00
kib
cefd8b2a41 Implement support for ELF filters in rtld. Both normal and auxillary
filters are implemented.

Filtees are loaded on demand, unless LD_LOADFLTR environment variable
is set or -z loadfltr was specified during the linking. This forces
rtld to upgrade read-locked rtld_bind_lock to write lock when it
encounters an object with filter during symbol lookup.

Consolidate common arguments of the symbol lookup functions in the
SymLook structure.  Track the state of the rtld locks in the
RtldLockState structure. Pass local RtldLockState through the rtld
symbol lookup calls to allow lock upgrades.

Reviewed by:	kan
Tested by:	Mykola Dzham <i levsha me>, nwhitehorn (powerpc)
2010-12-25 08:51:20 +00:00
kib
377233e6cc Add a hook to pass debug flags to the build of rtld when doing make in
the rtld directory.

Reviewed by:	kan
2010-12-25 08:42:38 +00:00
charnier
5ed91a1e7d Add __unused 2010-12-20 08:44:08 +00:00
charnier
02e9ed10af Add __unused 2010-12-20 08:37:26 +00:00
charnier
89b5c05930 Add __unused. Ansi prototypes. 2010-12-20 08:29:54 +00:00
charnier
7587c23cc2 add __unused 2010-12-19 13:05:17 +00:00
jh
c65c4f33f5 If dlclose() is called recursively from a _fini() function, the inner
dlclose() call may unload the object of the outer call prematurely
because objects are unreferenced before _fini() calls.

Fix this by unreferencing objects after calling objlist_call_fini() in
dlclose(). Therefore objlist_call_fini() now calls the fini function if
the reference count of an object is 1. In addition we must restart the
list_fini traversal after every _fini() call because another dlclose()
call might have modified the reference counts.

Add an XXX comment to objlist_call_fini() about possible race with
dlopen().

PR:		133246, 149464
Reviewed by:	kan, kib
2010-12-16 16:56:44 +00:00
kevlo
92646cacc6 Fix double ;; 2010-12-06 10:24:06 +00:00
glebius
f2bb89e063 Catch up with kernel using time_uptime to drive ARP timeouts.
Noticed by:	jilles
2010-12-06 09:39:36 +00:00
dim
fd6589bbdb Use -fPIC to build libexec/rtld-elf on sparc64, so it will also be able
to link with newer binutils, without overflowing the GOT.

Obtained from:	projects/binutils-2.17
2010-11-11 22:53:55 +00:00
brucec
696c4e1f9b Fix typos.
PR:	bin/148894
Submitted by:	olgeni
2010-11-09 10:59:09 +00:00
kib
232463cef8 In r214728, if dlopen() is called for the object that has been already
loaded as a dependency and marked -z nodlopen, object' DAG is already
initialized by load_needed_objects(). Due to this, the init_dag() call
from dlopen() does not increment refcount for the object [1].

Change init_dag() to not increment DAG refcount. Require explicit calls
to ref_dag() to increment, and assert that ref_dag() and unref_dag()
are called for root that has dag initialized. To fix the noted issue,
unconditionally call both init_dag() and ref_dag() in dlopen() for the
case when the object was already loaded, making it similar to the case
of newly loaded object.

Noted by:	jh [1]
Reviewed by:	jh, kan
MFC after:	6 days
2010-11-04 09:29:00 +00:00
kib
63d55248fc Fix style.
MFC after:	6 days
2010-11-04 09:19:14 +00:00
kib
6ddde2168b If dlopen() is called for the dso that has been already loaded as a
dependency, then the dso never has its DAG initialized. Empty DAG
makes ref_dag() call in dlopen() a nop, and the dso refcount is off
by one.

Initialize the DAG on the first dlopen() call, using a boolean flag
to prevent double initialization.

From the PR (edited):
Assume we have a library liba.so, containing a function a(), and a
library libb.so, containing function b(). liba.so needs functionality
from libb.so, so liba.so links in libb.so.

An application doesn't know about the relation between these libraries,
but needs to call a() and b(). It dlopen()s liba.so and obtains a
pointer to a(), then it dlopen()s libb.so and obtains a pointer to b().

As soon as the application doesn't need a() anymore, it dlclose()s liba.so.

Expected result: the pointer to b() is still valid and can be called
Actual result: the pointer to b() has become invalid, even though the
application did not dlclose() the handle to libb.so. On calling b(), the
application crashes with a segmentation fault.

PR:	misc/151861
Based on patch by:	jh
Reviewed by:	kan
Tested by:	Arjan van Leeuwen <freebsd-maintainer opera com>
MFC after:	1 week
2010-11-03 09:23:08 +00:00
ed
568dc19750 Add a new libc function: cfmakesane(3).
I've noticed various terminal emulators that need to obtain a sane
default termios structure use very complex `hacks'. Even though POSIX
doesn't provide any functionality for this, extend our termios API with
cfmakesane(3), which is similar to the commonly supported cfmakeraw(3),
except that it fills the termios structure with sane defaults.

Change all code in our base system to use this function, instead of
depending on <sys/ttydefaults.h> to provide TTYDEF_*.
2010-11-02 17:00:56 +00:00
marcel
7586e071c7 Unbreak ia64.
With r169630 I disabled symbol versioning because it broke rtld.  With
r211706 rtld got broken for ia64 & powerpc64.  It was fixed for powerpc64
with r212497.  In between, r211749 removed the exports table because the
version script handled the exports.  But wait, symbol versioning was
disabled on ia64.

With exports controlled by the version script and symbol versioning
disabled, all symbols are exported and too many symbols bind to the
definition in rtld. Let's just say that waird things happen.

So, enable symbol versioning on ia64 and apply a work-around for the
SIGSEGV that triggered r169630 to begin with: when rtld relocates
itself, it comes across r_debug_state and for some reason can't find the
definition. This causes a failure, relocation aborts and null pointers
galore. The work-around is to ignore the missing definition when rtld
is relocating itself and keep going.

Maybe with the next binutils this will all go away. Maybe not, in
which case I still need to figure out why r_debug_state cannot be found.

BTW: r_debug_state is in the symbol map -- I don't think any other rtld
symbols that rtld references are in the symbol map...
2010-10-22 04:43:04 +00:00
uqs
7fc6083fed mdoc: drop even more redundant .Pp calls
No change in rendered output, less mandoc lint warnings.

Tool provided by:	Nobuyuki Koganemaru n-kogane at syd.odn.ne.jp
2010-10-19 12:35:40 +00:00
uqs
8ae3afcfad mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
delphij
526f3b4483 Use a defined FreeBSD version.
MFC after:	3 days
2010-10-06 18:20:39 +00:00
nwhitehorn
6a7d71b6f3 Fix two subtle problems in PPC32 RTLD. The first is a concurrency issue
where long PLT calls in multi-threaded environments could end up with
incorrect jmptab values. The second is that, after the addition of extended
PLT support, I forgot to update the PLT icache synchronization code to cover
the extended PLT instead of just the basic PLT.

MFC after:	10 days
2010-10-04 16:02:11 +00:00
marius
59060ff14e Remove the duplicate logging of failed read requests, whose error message
also was inappropriate as it triggered for every EACCESS and ENOTFOUND, not
just the case the -n option is intended to deal with and thus really spammed
us with ~20 messages in the default configuration when booting a diskless
FreeBSD client, introduced with r207608 again.

MFC after:	1 week
2010-09-24 14:44:04 +00:00
marius
b33b39bf8f Make WARNS=6 clean.
MFC after:	1 week
2010-09-24 10:40:17 +00:00
marius
938d137047 Try to adhere to style.Makefile(5).
MFC after:	3 days
2010-09-23 14:06:15 +00:00
imp
296fa4d2e7 Move the pfrom initialization from before the setjmp to after the
setjmp to avoid warnings on the powerpc build...
2010-09-15 15:38:47 +00:00
rpaulo
e6e37d7e7d Remove an explicit assignment of the CFLAGS variable intended for
debugging purposes only.
2010-09-15 10:32:32 +00:00
nwhitehorn
6701006626 Check for undefined weak symbols during PLT binding on powerpc64, and do
not attempt to copy NULL function descriptors. This fixes LD_BIND_NOW on
powerpc64 after r211706.

Reviewed by:	kib
2010-09-12 17:04:51 +00:00
brucec
76d7244728 Fix incorrect usage of 'assure' and 'insure'.
Approved by: rrs (mentor)
2010-08-28 16:32:01 +00:00
nwhitehorn
53fd0232a8 Make RTLD work on powerpc64 again. If there is a sub-directory named
MACHINE_ARCH, use that specific one, otherwise use MACHINE_CPUARCH.

Reviewed by:	imp
2010-08-24 23:19:14 +00:00
kib
d86ee49c10 Remove exports table. Export control by the version script is enough.
Reviewed by:	kan
MFC after:	3 weeks
2010-08-24 13:01:14 +00:00
imp
c3a399c4ba MFtbemd:
Prefer MACHNE_CPUARCH to MACHINE_ARCH in most contexts where you want
to test of all the CPUs of a given family conform.
2010-08-23 22:24:11 +00:00
kib
df9bc4850f On shared object unload, in __cxa_finalize, call and clear all installed
atexit and __cxa_atexit handlers that are either installed by unloaded
dso, or points to the functions provided by the dso.

Use _rtld_addr_phdr to locate segment information from the address of
private variable belonging to the dso, supplied by crtstuff.c. Provide
utility function __elf_phdr_match_addr to do the match of address against
dso executable segment.

Call back into libthr from __cxa_finalize using weak
__pthread_cxa_finalize symbol to remove any atfork handler which
function points into unloaded object.

The rtld needs private __pthread_cxa_finalize symbol to not require
resolution of the weak undefined symbol at initialization time. This
cannot work, since rtld is relocated before sym_zero is set up.

Idea by:	kan
Reviewed by:	kan (previous version)
MFC after:	3 weeks
2010-08-23 15:38:02 +00:00
kib
7ca1c6f40a Introduce implementation-private rtld interface _rtld_addr_phdr, which
fills struct dl_phdr_info for the shared object that contains the
specified address, if any.

Idea and reviewed by:	kan
MFC after:	3 weeks
2010-08-23 15:27:03 +00:00
kib
b748bcac7a Provide the starting image with the pointer to ELF aux vector. It is
written into the __elf_aux_vector variable, if the symbol is present.

Idea from:	kan
Tested by:	marius (sparc64)
MFC after:	1 month
2010-08-17 09:08:28 +00:00
kib
3c2c3f33ee Use the newly provided aux vectors to get pagesize and osreldate information.
Use local version of getpagesize(), rtld_getpagesize() in private allocator.
Override the __getosreldate() previously fetched from libc_pic.a with
local version that uses aux value if present. Note that __getosreldate()
is used by rtld indirectly, by mmap(2) libc wrapper.

To be able to utilize aux, split digest_dynamic() for use by init_rtld()
into two parts, where the first one does not call malloc(), and the
second part uses it. init_rtld() is able to initialize global variables
before digest_dynamic2() calls. In particular, pagesize and osreldate are
set up from the aux values.

Now, rtld avoids (two) sysctl calls in startup.

Tested by:	marius (sparc64)
MFC after:	1 month
2010-08-17 09:05:39 +00:00
neel
707ea62774 Add parentheses around the argument 'x' used in the __bswapXX(x) macros. Revert
r211130 in favor of this more general fix.

This fixes a compilation error for mips 64-bit little endian build.
libexec/rtld-elf/mips/reloc.c:196: warning: right shift count >= width of type

Suggested by:	stefanf, jchandra, bde
2010-08-11 02:28:39 +00:00
neel
e9108ccbcc Fix compilation error for 64-bit little endian build:
libexec/rtld-elf/mips/reloc.c:196: warning: right shift count >= width of type

When the expression '(r_info) >> 32' was passed to bswap32() it was promptly
changed to '(uint32_t)(r_info) >> 32' which is not what we intended.
2010-08-10 05:15:35 +00:00
ed
0c25417d53 Remove unneeded use of struct timezone.
We can safely call gettimeofday() without passing a struct timezone.
We're not using it at all.
2010-08-08 02:45:48 +00:00
joel
f4e8725880 Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
joel
fc8c0d299a Fix typo. 2010-08-04 07:47:19 +00:00
jchandra
a25f240d5c 64 bit support for MIPS rtld.
- Handle the case where pltgot[1] is 64 bit.
- use 'ifdef __mips_n64' instead of 'ELFSIZE == 64' to detect 64 bit compile.
2010-07-29 20:18:52 +00:00
nwhitehorn
615d4b84bc RTLD support for powerpc64. A few small modifications to the Makefile
and symbol map are required to support various consequences of the dot
symbol scheme:

- Symbols beginning with a dot are reserved, so start private symbols with
  an underscore.
- In order to set RTLD breakpoints, gdb must be able to locate the text
  entry point, not the data section function descriptor, so add
  .r_debug_state to the symbol map on powerpc64.

Obtained from:	projects/ppc64
2010-07-10 17:43:24 +00:00
nwhitehorn
97828e73ee Revert r209544. It papers over a binutils bug, and is not even a reliable
fix for it.

The bug occurs when using the --as-needed flag to ld in the presence of
synthetic linker-generated symbols that reference symbols defined in
linked-to shared libraries with versioned symbols. When the only symbols
used from a library fall into this category, ld will drop the DT_NEEDED
entry for it, but retain the versioning information. This bug is best
fixed/hacked around in binutils, not in rtld.

Discussed with:	kan
2010-06-28 01:40:56 +00:00
nwhitehorn
44c5071b3b Ignore versioned dependencies on shared objects to which we do not link.
This fixes an error with files like this created by GNU ld under certain
circumstances.
2010-06-26 22:04:52 +00:00
jchandra
54db007c16 Merge jmallett@'s n64 work into HEAD - changeset 3
Update rtld MIPS code to use assembly macros that work on o32/n64.

Changes from http://svn.freebsd.org/base/user/jmallett/octeon

Approved by:	rrs(mentor), jmallett
2010-06-16 16:39:01 +00:00
kan
1ae09bbbb6 Plug possible memory leak.
Found by:  Coverity
MFC after: 2 weeks
2010-06-03 00:25:43 +00:00
uqs
4edfa3fb86 mdoc: use literal text, not a column table to present the
configuration file snippet.
2010-06-02 10:20:31 +00:00
rdivacky
7f3f7db379 Only use the cache after the early stage of loading. This is
because calling mmap() etc. may use GOT which is not set up
yet. Use calloc() instead of mmap() in cases where this
was the case before (sparc64, powerpc, arm).

Submitted by:	Dimitry Andric (dimitry andric com)
Reviewed by:	kan
Approved by:	ed (mentor)
2010-05-18 08:55:23 +00:00
mckusick
b25e55dcc5 Final update to current version of head in preparation for reintegration. 2010-05-06 17:37:23 +00:00
imp
a5f9262d67 Bring in new files from edwin's tftp 2010-05-04 13:07:40 +00:00
imp
ff6273a439 Go ahead and merge the work edwin@ on tftpd into the tree. It is a
lot better than what's in the tree now.  Edwin tested it at a prior
employer, but can't test it today.  I've found that it works a lot
better with the various uboot versions that I've used in my embedded
work.  Here's the pkg-descr from the port that describes the changes:

It all started when we got some new routers, which told me the
following when trying to upload configuration or download images
from it: The TFTP server doesn't support the blocksize option.

My curiousity was triggered, it took me some reading of RFCs and
other documentation to find out what was possible and what could
be done. Was plain TFTP very simple in its handshake, TFTP with
options was kind of messy because of its backwards capability: The
first packet returned could either be an acknowledgement of options,
or the first data packet.

Going through the source code of src/libexec/tftpd and going through
the code of src/usr.bin/tftp showed that there was a lot of duplicate
code, and the addition of options would only increase the amount
of duplicate code. After all, both the client and the server can
act as a sender and receiver.

At the end, it ended up with a nearly complete rewrite of the tftp
client and server. It has been tested against the following TFTP
clients and servers:

- Itself (yay!)
- The standard FreeBSD tftp client and server
- The Fedora Core 6 tftp client and server
- Cisco router tftp client
- Extreme Networks tftp client

It supports the following RFCs:

RFC1350 - THE TFTP PROTOCOL (REVISION 2)
RFC2347 - TFTP Option Extension
RFC2348 - TFTP Blocksize Option
RFC2349 - TFTP Timeout Interval and Transfer Size Options
RFC3617 - Uniform Resource Identifier (URI) Scheme and Applicability
          Statement for the Trivial File Transfer Protocol (TFTP)

It supports the following unofficial TFTP Options as described at
http://www.compuphase.com/tftp.htm:

blksize2 - Block size restricted to powers of 2, excluding protocol headers
rollover - Block counter roll-over (roll back to zero or to one)

From the tftp program point of view the following things are changed:

- New commands: "blocksize", "blocksize2", "rollover" and "options"
- Development features: "debug" and "packetdrop"

If you try this tftp/tftpd implementation, please let me know if
it works (or doesn't work) and against which implementaion so I can
get a list of confirmed working systems.

Author: Edwin Groothuis <edwin@FreeBSD.org>
2010-05-04 06:19:19 +00:00
mckusick
3a0f5972a0 Update to current version of head. 2010-04-28 05:33:59 +00:00
mckusick
f40c3a9dc5 The NFS quota-reporting RPC uses 32-bit sized fields. We approximate
64-bit quota sizes by scaling down the sizes by the minimum amount
necessary to fit in a 32-bit field and then upscale the filesystem
block size to compensate. For example, if the hard block limit is
0x300000008 then we set the hard block limit to 0xA0000002 and claim
that the blocksize is 4 * DEV_BSIZE. This will lose the minimal
amount of information thus delivering nearly correct answers.
2010-04-25 00:05:51 +00:00
des
45fc1063dc Forgot to initialize the debug variable.
MFC after:	2 weeks
2010-04-01 13:16:32 +00:00
des
da05485bc2 Add a debugging option (-d)
Add a -k option which fingerd(8) passes through to finger(1).

MFC after:	2 weeks
2010-04-01 13:11:39 +00:00
delphij
e7582f97cf Check that gl_pathc is bigger than zero before derefencing gl_pathv.
When gl_pathc == 0, the content of gl_pathv is undefined.

PR:		bin/144761
Submitted by:	David BERARD <contact davidberard fr>
Obtained from:	OpenBSD
MFC after:	1 week
2010-03-25 22:41:01 +00:00
gahr
d3131ffa6e - Remove const'ness from dlerror(3) prototype, for consistency with POSIX.
Approved by:	cognet
MFC after:	1 week
2010-03-24 15:59:51 +00:00
uqs
8f141f1a13 Fix several typos in macros or macro misusage.
Found by:	make manlint
Reviewed by:	ru
Approved by:	philip (mentor)
2010-03-12 10:01:06 +00:00
des
834fb25a9e IFH@204581 2010-03-04 13:35:57 +00:00
imp
2c774f7ff2 Updated rtld for n32 support.
Submitted by:	jmallet@
Obtained from:	NetBSD
2010-03-04 04:53:05 +00:00
des
b6c1125799 WIP: the last missing piece of the quota64 puzzle. Not quite there
yet.
2010-03-04 00:47:24 +00:00
ru
7cea019b6c Fixed static linkage. 2010-02-26 09:41:16 +00:00
nwhitehorn
911ef3e63a Support the extended PLT format used when objects have more than 8192
PLT relocations on PPC32.
2010-02-22 16:49:45 +00:00
imp
58afe79515 The NetBSD Foundation has granted permission to remove clauses 3 and 4.
Obtained from:	NetBSD
2010-02-16 21:49:36 +00:00
marcel
b72bfb8c31 Improve TLS variant I:
o   Use obj->tlsinitsize to determine whether there's initialized data.
o   If obj->tlssize > obj->tlsinitsize, then bzero uninitialized data.
o   Don't exclude variant I from the work-around in free_tls_offset().
2010-02-16 02:48:11 +00:00
ed
bf52ec5e71 Set ut_line to "ftpd" for ftpd.
This makes it a little easier to figure out which application was
responsible for this log entry. Ideally we should add an ut_process or
something similar.

Suggested by:	Vincent Poy <vincepoy gmail com>
2010-02-09 07:35:12 +00:00
ed
b28da9a61e Remove stale references to utmp(5) and its corresponding filenames.
I removed utmp and its manpage, but not other manpages referring to it.
2010-01-21 17:25:12 +00:00
ed
da06e492c7 Really disable wtmp logging when chrooting.
Also perform a small cleanup to ftpd_logwtmp(). Just use a NULL
parameter for the username to indicate a logout, instead of an empty
string.

Reported by:	Alexey Shuvaev <shuvaev physik uni-wuerzburg de>
2010-01-18 23:28:25 +00:00
ed
c47f4ccef3 Phase out ttyslot(3).
The ttyslot() function was originally part for SUSv1, marked LEGACY in
SUSv2 and removed later on. This function only makes sense when using
utmp(5), because it was used to determine the offset of the record for
the controlling TTY. It makes little sense to keep it here, because the
new utmpx file format doesn't index based on TTY slots.
2010-01-14 05:35:32 +00:00
ed
6dd5ce59c1 Port all apps in libexec/ from libulog to utmpx. 2010-01-13 18:28:58 +00:00
ed
a0af351d02 Port ftpd to utmpx.
Unfortunately I have to partially wreck its functionality, though. ftpd
used to keep a file descriptor to the wtmp, which allowed it to work
from within a chroot. The current utmpx implementation doesn't offer a
way to do this. Maybe we can address this in the future, if it turns out
to be a real issue.
2010-01-13 18:28:41 +00:00
ed
14920edb23 Port comsat to utmpx.
It seems comsat stats the utmpx database each 15 seconds to see whether
it has been changed. I am changing this behaviour to look at the utmpx
database upon processing. I don't want to allow direct interference with
the database files. I also wonder whether this optimization has any
measurable performance benefit nowadays.
2010-01-13 18:25:43 +00:00
ed
4215376d31 Remove `dead code' from rlogind.
- It shouldn't call logwtmp(). Applications like login(1) already make
  sure both login and logout entries are written to the storage.
- There's no need to restore permissions on the pseudo-terminal, since
  it should be garbage collected by the kernel.
2010-01-13 18:24:04 +00:00
ed
b1c1be30d7 Make WARNS=6 the default for libexec/.
Just like bin/ and sbin/, I think setting WARNS to the highest value
possible will make it more attractive for people to fix warnings.

- The WARNS variable is set in the Makefile in the directory of the
  application itself, making it more likely that it will be removed out
  of curiosity to see what happens.
- New applications will most likely build with WARNS=6 out of the box,
  because the author would more likely fix the warnings during
  development than lower WARNS.

Unfortunately almost all apps in libexec require a lowered value of
WARNS.
2010-01-02 09:50:19 +00:00
ed
fc5b3c2f3d Fix several warnings.
- Add __unused keywords.
- Don't shadow a global variable called cr.
- Make the global cr variable const.
2010-01-02 09:45:59 +00:00
ed
f590bf3733 ANSIfy ldconfig and the aout bits it still uses from rtld-aout.
(Why is aout support still there?)
2009-12-29 21:07:17 +00:00
ed
e11903ba0f Make rpc.ruserd work with utmpx/libulog.
Because strings are now null-terminated, I've decided to just use an
array of utmpx structures, instead of the separated strings. This means
we just copy the entire utmpx structure and point to the strings within
the structures directly.
2009-12-29 10:28:20 +00:00
ed
f922449aa5 Perform cleanups to rpc.rusersd:
- Perform whitespace fixes. Use tabs instead of 8 spaces.
- Make it build at WARNS=6.
2009-12-28 23:01:24 +00:00
ed
5d9c8b273f Modify the sources to make WARNS=6 work. 2009-12-26 14:33:55 +00:00
ed
b204f94963 Unbreak the build.
I increased the WARNS, but it looks like it breaks certain architectures
with more strict alignment requirements (mips, sparc64, ia64).

Pointy hat to:	me
2009-12-26 11:00:18 +00:00
ed
95bce7e055 Let talkd use utmpx instead of utmp.
Because strings are null terminated now, there is no need to copy
ut_line into a separate buffer first. Also enable WARNS.
2009-12-25 11:12:05 +00:00
ed
d6471fa124 Don't use UT_NAMESIZE here to determine the maximum username length. 2009-12-25 10:30:54 +00:00
ed
460e546f24 Repair breakage to last-minute API change.
I changed ulog_log{in,out} to return a void, but forgot to change
ulog-helper as well.

Reported by:	stefanf
2009-12-03 21:44:41 +00:00
ed
879c7d2730 Add a new library: libulog.
One of the things I really want to do, is to get rid of the limitations
of our current utmp(5) mechanism:

- It only allows 8 byte TTY device names.
- The hostname only allows 16 bytes of storage.

I'm not a big fan of <utmpx.h>, but I think we should at least try to
add parts of it. Unfortunately we cannot implement <utmpx.h>, because we
miss various fields, such as ut_id, ut_pid, etc. The API provided by
libulog shares some similarities with <utmpx.h>, so it shouldn't be too
hard to port these applications eventually. In most simple cases, it
should just be a matter of removing the ulog_ prefix everywhere.

As a bonus, it also implements a function called ulog_login_pseudo(),
which allows unprivileged applications to write log entries, provided
they have a valid file descriptor to a pseudo-terminal master device.

libulog will allow a smoother transition to a new file format by adding
a library interface to deal with utmp/wtmp/lastlog files. I initially
thought about adding the functionality to libutil, but because I'm not
planning on keeping this library around forever, we'd better keep it
separated.

Next items on the todo list:

1. Port applications in the base system (and ports) to libulog, instead
   of letting them use <utmp.h>.
2. Remove <utmp.h>, implement <utmpx.h> and reimplement this library on
   top.
3. Port as many applications as possible back to <utmpx.h>.
2009-12-03 15:48:24 +00:00
cperciva
dbccfb34d9 Fix local root vulnerability.
Security:	Advisory will be coming soon.
X-MFC-After:	30 seconds
2009-12-01 02:57:06 +00:00
kib
d9873126f6 Allow to load not-openable dso when tracing. This fixes ldd on such dso or
dso linked to non-openable object.
Remove '\n' at the end of error message.
End comments with dot.

MFC after:	3 weeks (together with r199829)
2009-11-28 14:29:32 +00:00
kib
8f8a9dcd17 Implement rtld part of the support for -z nodlopen (see ld(1)).
Reviewed by:	kan
MFC after:	3 weeks
2009-11-26 13:57:20 +00:00
kib
0dba9623fa Flag controlling origin expansion in DT_FLAGS is DF_ORIGIN, not DF_1_ORIGIN.
Reviewed by:	kan
MFC after:	3 days
2009-11-26 13:55:49 +00:00
rwatson
0fc93714b1 Fix white space in rtld runtime error printf.
MFC after:	3 days
2009-11-14 15:08:44 +00:00
kib
69e50b966c Calculate relocation base for the main object, and apply the relocation
adjustment for all virtual addresses encoded into the ELF structures of
it. PIE binary could and should be loaded at non-zero mapbase.

For sym_zero pseudosymbol used as a return value from find_symdef()
for undefined weak symbols, st_value also should be adjusted, since
_rtld_bind corrects symbol values by relocbase.

Discussed with:	bz
Reviewed by:	kan
Tested by:	bz (i386, amd64), bsam (linux)
MFC after:	some time
2009-10-10 15:27:10 +00:00
rwatson
63d44e1faa In rtld's map_object(), use pread(..., 0) rather than read() to read the
ELF header from the front of the file.  As all other I/O on the binary
is done using mmap(), this avoids the need for seek privileges on the
file descriptor during run-time linking.

MFC after:	1 month
Sponsored by:	Google
2009-10-06 17:14:39 +00:00
des
ca7f5e11bd Sync from head. 2009-09-26 23:25:22 +00:00
des
6079decb90 printerr_reply() has never been used for as long as we've had this code in
our tree (13+ years).  This is an excellent argument for aggressive use
of "static".
2009-09-26 23:05:01 +00:00
des
9909689482 Sync with head 2009-09-25 23:28:57 +00:00
des
d38c1275ec Other minor style issues. 2009-09-25 23:03:24 +00:00
des
bf5117185e Sync with head 2009-09-25 22:45:59 +00:00
des
5c2742e3da Slight style cleanup. 2009-09-25 22:20:30 +00:00
des
9ed1a4b5eb Merge from head 2009-09-17 16:16:44 +00:00
des
7ee29ca499 Merge from head up to r188941 (last revision before the USB stack switch) 2009-09-17 13:31:39 +00:00
remko
dcd2780b1c Do the first step in removing lukemftpd from the base system. Disconnect
it from the build.

If you are using the FTP daemon, please consider using the port ftp/tnftpd
which is the same FTP server, but newer and might have more/better
functionality.

This results in us providing only one ftp daemon by default.

Reviewed by:	bz
Approved by:	imp (mentor, implicit)
MFC after:	3 days
Silence from:	obrien
2009-09-03 16:34:20 +00:00
kib
a106aba3da Implement RTLD_NOLOAD flag for dlopen(3).
Requested and tested by:	jkim
Reviewed by:	kan
Approved by:	re (kensmith)
2009-07-17 19:45:42 +00:00
kib
a1f78e1642 Only perform .bss mapping and cleaning operations when segment file size
is not equal to its memory size.

This eliminates unneeded clearing of the text segment that often
happens due to text end not being page-aligned.

For instance,
$ readelf -l /lib/libedit.so.6
Program Headers:
  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
  LOAD           0x000000 0x00000000 0x00000000 0x139e1 0x139e1 R E 0x1000
  LOAD           0x014000 0x00014000 0x00014000 0x00f04 0x00f14 RW  0x1000
  DYNAMIC        0x014cc4 0x00014cc4 0x00014cc4 0x000d0 0x000d0 RW  0x4
$ procstat -v $$ (for /bin/sh)
68585 0x28097000 0x280aa000 r-x    6    0  21  14 CN vn /lib/libedit.so.6
68585 0x280aa000 0x280ab000 r-x    1    0   1   0 CN vn /lib/libedit.so.6 <==
68585 0x280ab000 0x280ac000 rwx    1    0   1   0 CN vn /lib/libedit.so.6
Note the splitted map entry marked by '<=='.

Reviewed by:	kan
Approved by:	re (kensmith)
MFC after:	1 month
2009-07-17 19:32:04 +00:00
kan
ef443476d9 Second attempt at eliminating .text relocations in shared libraries
compiled with stack protector.

Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC
generates local calls to this function which result in absolute
relocations put into position-independent code segment, making dynamic
loader do extra work every time given shared library is being relocated
and making affected text pages non-shareable.

Reviewed by:        kib
Approved by:        re (kib)
2009-07-14 21:19:13 +00:00
kan
a3faeb1b41 Back out previous revision until better tested fix is ready.
Approved by: re (impliciti, by approving previos check-in)
2009-06-29 01:33:59 +00:00
kan
f780ef8f19 Eliminate .text relocations in shared libraries compiled with stack protector.
Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC generates
local calls to this function which result in absolute relocations put into
position-independent code segment, making dynamic loader do extra work everys
time given shared library is being relocated and making affected text pages
non-shareable.

Reviewed by:        kib
Approved by:        re (kensmith)
2009-06-28 23:51:39 +00:00
ed
9400451d81 Fix a typo in the same comment, one line below.
Submitted by:	bf1783 googlemail com
2009-06-23 14:12:49 +00:00
ed
367665ede0 Fix typo in comment.
Submitted by:	Christoph Mallon
2009-06-23 09:50:50 +00:00
kan
51b981d72b Allow order of initialization of loaded shared objects to be
altered through their .init code. This might happen if init
vector calls dlopen on its own and that dlopen causes some not
yet initialized object to be initialized earlier as part of that
dlopened DAG.

Do not reset module reference counts to zero on final fini vector
run when process is exiting. Just add an additional parameter to
force fini vector invocation regardless of current reference count
value if object was not destructed yet. This allows dlclose called
from fini vector to proceed normally instead of failing with handle
validation error.

Reviewed by:	kib
Reported by:	venki kaps
2009-06-20 14:16:41 +00:00
kan
5b73b70b12 FreeBSD returns main object handle from dlopen(NULL, ...) calls.
dlsym seaches using this handle are expected to look for symbol
definitions in all objects loaded at the program start time along
with all objects currently in RTLD_GLOBAL scope.

Discussed with: kib
Reported by:	Maho NAKATA
MFC after:	2 weeks
2009-06-16 16:38:54 +00:00
dfr
954b6f0f3b Increase the size of the static TLS area slightly (required for the NVidia's
OpenGL driver on amd64).
2009-05-27 18:54:31 +00:00
dougb
8af28beff7 Per the man page:
The makekey utility has been deprecated and will be removed in a future
release of FreeBSD.

Actually removing it was approved back on 10/29/2007 by re (kensmith) but
I dropped the ball on actually removing it. It's doubtful that it's become
more relevant/useful in the intervening time.
2009-05-26 00:07:02 +00:00
rwatson
8c6f0d9418 Prefer <sys/param.h> to <machine/param.h> for the definition of
CACHE_LINE_SIZE.

Submitted by:	bde
MFC after:	2 weeks
2009-04-20 10:35:50 +00:00
rwatson
fab10a1822 Explicitly include machine/param.h for CACHE_LINE_SIZE.
MFC after:	2 weeks
2009-04-19 23:03:57 +00:00
rwatson
9d69b9825b Now that the kernel defines CACHE_LINE_SIZE in machine/param.h, use
that definition in the custom locking code for the run-time linker
rather than local definitions.

Pointed out by:	tinderbox
MFC after:	2 weeks
2009-04-19 23:02:50 +00:00
kib
5a12c5d70e Currently, when mapping an object, rtld reserves the whole address space
for the mapping by the object' file with the protection and mode of
the first loadable segment over the whole region. Then, it maps other
segments at the appropriate addresses inside the region.

On amd64, due to default alignment of the segments being 1Gb, the
subsequent segment mappings leave the holes in the region, that usually
contain mapping of the object' file past eof. Such mappings prevent
wiring of the address space, because the pages cannot be faulted in.

Change the way the mapping of the ELF objects is constructed, by first
mapping PROT_NONE anonymous memory over the whole range, and then
mapping the segments of the object over it. Take advantage of this new
order and allocate .bss by changing the protection of the range instead
of remapping.

Note that we cannot simply keep the holes between segments, because
other mappings may be made there. Among other issues, when the dso is
unloaded, rtld unmaps the whole region, deleting unrelated mappings.

The kernel ELF image activator does put the holes between segments, but
this is not critical for now because kernel loads only executable image
and interpreter, both cannot be unloaded. This will be fixed later, if
needed.

Reported and tested by:	Hans Ottevanger <fbsdhackers beasties demon nl>
Suggested and reviewed by:	kan, alc
2009-04-10 10:14:04 +00:00
kib
4ea821c223 Update comment to the reality, rtld supports any number of loadable segments.
Fix spacing.

Reviewed by:	kan
2009-04-10 09:52:42 +00:00
obrien
674fad2600 Move variable externs into extern.h so they are checked against the definitions. 2009-04-07 20:34:34 +00:00
kib
d2fcac0ee2 Allow the NULL, RTLD_SELF and RTLD_NEXT handles to work with dlfunc(3).
dlfunc() called dlsym() to do the work, and dlsym() determines the dso
that originating the call by the return address. Due to this, dlfunc()
operated as if the caller is always the libc.

To fix this, move the dlfunc() to rtld, where it can call the internal
implementation of dlsym, and still correctly fetch return address.
Provide usual weak stub for the symbol from libc for static binaries.
dlfunc is put to FBSD_1.0 symver namespace in the ld.so export to
override dlfunc@FBSD_1.0 weak symbol, exported by libc.

Reported, analyzed and tested by:	Tijl Coosemans <tijl ulyssis org>
PR: standards/133339
Reviewed by:	kan
2009-04-03 19:17:23 +00:00
kib
2b9fbfce36 Document RTLD_NODELETE, -z nodelete and -z origin support. 2009-04-01 14:38:20 +00:00
cognet
b31803623e Use RTF_LLDATA. 2009-03-31 23:02:51 +00:00
kib
566c4f31f1 Implement support for RTLD_NODELETE flag for dlopen() and -z nodelete
static linker option. Do it by incrementing reference count on the loaded
object and its dependencies.

Reviewed by:	davidxu, kan
2009-03-30 08:47:28 +00:00
kib
1552563928 Do not dereference NULL pointer. refobj is NULL for the objects that are
preloaded.

Reported and tested by:	ed
2009-03-28 15:54:08 +00:00
delphij
63c651080e Support for a new environment variable, LD_ELF_HINTS_PATH for overriding
the rtld hints file.  This environment variable would be unset if the
process is considered as tainted with setuid/setgid.  This feature gives
a convenient way of using a custom set of shared library that is not
located in the default location and switch back.

Feature requested by:	iXsystems
Original patch by:	John Hixson
MFC after:		2 weeks
2009-03-23 16:49:00 +00:00
kib
46713086a1 Implement the dynamic string token substitution in the rpath and
soneeded pathes. The $ORIGIN, $OSNAME, $OSREL and $PLATFORM tokens
are supported. Enabling the substitution requires DF_ORIGIN flag in
DT_FLAGS or DF_1_ORIGIN if DF_FLAGS_1, that may be set with -z origin
gnu ld flag. Translation is unconditionally disabled for setuid/setgid
processes.

The $ORIGIN translation relies on the AT_EXECPATH auxinfo supplied
by kernel.

Requested by:	maho
Tested by:	maho, pho
Reviewed by:	kan
2009-03-18 13:40:37 +00:00
ru
21f7074ade Fix build when WITH_SSP is set explicitly.
Submitted by:	Jeremie Le Hen
2009-02-21 15:04:31 +00:00
des
604db9f61a WIP 2009-01-30 13:54:03 +00:00
maxim
5235e02062 o Fix typo: indentical -> identical.
PR:		docs/131149
Submitted by:	Patrick Oonk
MFC after:	1 week
2009-01-30 09:42:25 +00:00
ed
dea8334849 Fix handling of pts(4) device names in comsat(8). Also catch fork() errors.
Pseudo-terminals allocated with posix_openpt(2) will have more slashes
in their path names than comsat(8) allows, so allow slashes when the
character device name starts with "pts/".

This patch is loosely based on NetBSD's changes, revision 1.33. Because
it also included the changes to fork(), I imported them here as well.
Maybe we could import even more fixes from the other BSD's?

Original commit message from the NetBSD folks:

	PR/30170: Markus W Kilbinger: src/libexec/comsat complains
	about: '/' in "/dev/pts/1"

Reported by:	Robert Huff <roberthuff rcn com>
2009-01-17 15:56:38 +00:00
cperciva
87e5b5b6cc Prevent cross-site forgery attacks on ftpd(8) due to splitting
long commands into multiple requests. [08:12]

Avoid calling uninitialized function pointers in protocol switch
code. [08:13]

Merry Christmas everybody...

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
2008-12-23 01:23:09 +00:00
qingli
ec826ad5c7 This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
kib
af7a67c13c Provide custom simple allocator for rtld locks in libthr. The allocator
does not use any external symbols, thus avoiding possible recursion into
rtld to resolve symbols, when called.

Reviewed by:	kan, davidxu
Tested by:	rink
MFC after:	1 month
2008-12-02 11:58:31 +00:00
kib
b683fcf692 Add two rtld exported symbols, _rtld_atfork_pre and _rtld_atfork_post.
Threading library calls _pre before the fork, allowing the rtld to
lock itself to ensure that other threads of the process are out of
dynamic linker. _post releases the locks.

This allows the rtld to have consistent state in the child. Although
child may legitimately call only async-safe functions, the call may
need plt relocation resolution, and this requires working rtld.

Reported and debugging help by:	rink
Reviewed by:	kan, davidxu
MFC after:	1 month (anyway, not before 7.1 is out)
2008-11-27 11:27:59 +00:00
ed
c737fde5da Convert telnetd(8) to use posix_openpt(2).
Some time ago I got some reports MPSAFE TTY broke telnetd(8). Even
though it turned out to be a different problem within the TTY code, I
spotted a small issue with telnetd(8). Instead of allocating PTY's using
openpty(3) or posix_openpt(2), it used its own PTY allocation routine.
This means that telnetd(8) still uses /dev/ptyXX-style devices.

I've also increased the size of line[]. Even though 16 should be enough,
we already use 13 bytes ("/dev/pts/999", including '\0'). 32 bytes gives
us a little more freedom.

Also enable -DSTREAMSPTY. Otherwise telnetd(8) strips the PTY's pathname
to the latest slash instead of just removing "/dev/" (e.g. /dev/pts/0 ->
0, instead of pts/0).

Reviewed by:	rink
2008-11-13 19:05:27 +00:00
des
b9a735f615 Whitespace and style fixes, build at WARNS level 6.
MFC after:	3 weeks
2008-11-04 14:17:49 +00:00
imp
0d11106473 This code has no copyright. It is fairly obvious to me that we're a
derivitive of NetBSD's mips_reloc.c, so pull in the copyright notice
from there.

Also, a minor tweak to load/store pointers.  Other changes from NetBSD
likely would be useful too...

Obtained from:	NetBSD
2008-10-13 20:24:03 +00:00
imp
9cf0b7b688 MFp4: Fix a bug in the mips relocation code that prevents shared images
from working.

From p4 filelog of the upstream file in p4

//depot/projects/mips2-jnpr/src/libexec/rtld-elf/mips/reloc.c
... #6 change 140737 edit on 2008/04/27 by gonzo@gonzo_jeeves (text+ko)

        o Looks like handler for R_MIPS_REL32 brought by CS 137942
            is broken for tradmips. Code from NetBSD's
            libexec/ld.elf_so/arch/mips/mips_reloc.c works just fine.

... #3 change 137942 edit on 2008/03/17 by rrs@rrs-mips2-jnpr (text+ko)

        Any relocation symbol lookup if its 0. It looks like
               this is the way the compiler indicates you need to
               look in another shared library. When we hit these
               as we relocate a object we will do the symbol
               lookups and setup the relocation table with the
               right value.

Submitted by:	rrs@, gonzo@
2008-10-10 05:10:10 +00:00
kan
d53cb6ffcf Allow strong symbols to override weak ones for lookups done through
dlsym with RTLD_NEXT/RTLD_SELF handles.

Allow symbols from ld-elf.so to be located this way too.

Based on report and original patch from sobomax@.
2008-10-10 00:16:32 +00:00
sam
9c3d2ffcdf add new build knobs and jigger some existing controls to improve
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd

Reviewed by:	various (posted to arch)
MFC after:	1 month
2008-09-21 22:02:26 +00:00
davidxu
612ed6bb13 Allow multiple locks to be acquired by detecting corresponding
bit flag, otherwise if a thread acquired a lock, another thread
or the current thread itself can no longer acquire another lock
because thread_mask_set() return whole flag word, this results
bit leaking in the word and misbehavior in later locking and
unlocking.
2008-09-16 01:46:11 +00:00
kan
ad15dd0347 Make sure internal rtld malloc routines are not called from unlocked
contexts as rtld's malloc is not thread safe and is only supposed to be
called with exclusive bind lock already held.

The originating PR submitted a patch on top of different pre-requisite
workaroud for unsafe dlopen calls, and the patch was midief slighlty to apply
to stock sources for the purpose of this commit. Running rtld malloc from
unlocked contexts is a bug on its own.

PR: 126950
Submited by: Oleg Dolgov
2008-09-03 01:05:32 +00:00
ed
126d9ed063 Remove the now unneeded pt_chown utility.
Before we had a posix_openpt() that allocated PTY's with proper
permissions in place, we used this set-uid utility to change the
ownership of PTY slave devices to the real user ID of the process. This
utility was used to implement grantpt().

In my first designs of the MPSAFE TTY layer, I replaced this by adding
an ioctl() called TIOCGRANTPT, which was used to change the ownership.
I left the pt_chown utility, because older C libraries needed it to work
properly.

After some discussions back in June I changed the PTY code to set
permissions properly upon creation. Fortunately the previous grantpt()
implementation changed permissions by hand when pt_chown is not
installed, which always succeeds. This means grantpt() still works
properly, even though the set-uid utility is missing.

I've done tests with FreeBSD 5.2.1, FreeBSD 6.3 and FreeBSD 7.0 jails.
All of them still work if I remove pt_chown.

Reviewed by:	philip (ex-mentor)
2008-08-24 10:01:22 +00:00
cperciva
45f0d08992 Mark functions as __dead2 in order to help the LLVM static checker
understand which code paths aren't possible.

This commit eliminates 117 false positive bug reports of the form
"allocate memory; error out if pointer is NULL; use pointer".
2008-08-04 01:25:48 +00:00
ru
8735fdbd4c Enable GCC stack protection (aka Propolice) for userland:
- It is opt-out for now so as to give it maximum testing, but it may be
  turned opt-in for stable branches depending on the consensus.  You
  can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
  It is harmless to steal the knob as SSP symbols have been provided
  by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
  (sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
  libc will be automatically downgraded to -fstack-protector because it
  breaks rtld otherwise.
- This option is unavailable on ia64.

Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.

Submitted by:	Jeremie Le Hen <jeremie@le-hen.org>
2008-06-25 21:33:28 +00:00
jhb
40d5d7fe56 Use sysctl to fetch stats from the kernel instead of reading variables
directly via libkvm.

PR:		kern/122875, bin/123014
Tested by:	Danny Braniss  danny cs.huji.ac.il
MFC after:	1 week
2008-06-10 18:47:43 +00:00
bms
2046eefcb4 Make the meaning of the %A format specifier, as passed to
LD_TRACE_LOADED_OBJECTS_FMT[12], more obvious for users like me.
2008-05-15 10:47:14 +00:00
dfr
be0348cb75 Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.
2008-05-07 13:53:12 +00:00
kib
60e5d7d052 Fix the problem with the C++ exception handling for the multithreaded
programs.

From the PR description:
The gcc runtime's _Unwind_Find_FDE function, invoked during exception
handling's stack unwinding, is not safe to execute from within multiple
threads. FreeBSD' s dl_iterate_phdr() however permits multiple threads
to pass through it though. The result is surprisingly reliable infinite
looping of one or more threads if they just happen to be unwinding at
the same time.

Introduce the new lock that is write locked around the dl_iterate_pdr,
thus providing required exclusion for the stack unwinders.

PR:	threads/123062
Submitted by:	Andy Newman <an at atrn org>
Reviewed by:	kan
MFC after:	2 weeks
2008-05-06 09:27:41 +00:00
imp
ab840fe874 MFp4: Add mips support for dynamic linking.
This code came from the merged mips2 and Juniper mips repositories.
Warner Losh, Randall Seager, Oleksandr Tymoshenko and Olivier Houchard
worked to merge, debug and integrate this code.  This code may also
contain code derived from NetBSD.
2008-04-04 20:59:26 +00:00
brueffer
b64d211df2 Fix some "in in" typos in comments.
PR:		121490
Submitted by:	Anatoly Borodin <anatoly.borodin@gmail.com>
Approved by:	rwatson (mentor), jkoshy
MFC after:	3 days
2008-03-26 07:32:08 +00:00
rwatson
7ad2ad4eca For un-prototyped static inline functions declared in pthread_md.h on
sparc64, use ANSI function headers and specifically indicate the lack of
arguments with 'void'.  Otherwise, warnings are generated at WARNS=3 for
libkse, leading to a compile failure with -Werror.
2007-12-01 14:24:44 +00:00
edwin
9786b2ff4c Add "with" to make the line go smoother. 2007-11-23 01:52:44 +00:00
edwin
0aec4e0b50 Add the -W options, which acts the same as -w but will generate
unique names based on the submitted filename, a strftime(3) format
string and a two digit sequence number.

By default the strftime(3) format string is %Y%m%d (YYYYMMDD), but
this can be changed by the -F option.

PR:		bin/106049 (based on patch in that PR)
Approved by:	grog@ (mentor)
2007-11-23 00:05:29 +00:00
jb
ec0f8069c4 Include an extra header to get a function prototype. 2007-11-19 08:58:11 +00:00
yar
64d3637d56 Add a hackish knob to skip rtld, NO_RTLD. In conjunction with
src/Makefile.inc1 rev. 1.590, it can allow installing a world
cross-built for a different arch over the live system.  The procedure
is more or less as follows:

	cp -R /rescue /rescue.old
	make installkernel TARGET_ARCH=foo
	make -DNO_RTLD installworld TARGET_ARCH=foo
	     ^^^^^^^^^
	PATH=/rescue.old
	chflags noschg /libexec/ld-elf.so.1
	cp /usr/obj/foo/usr/src/libexec/rtld/ld-elf.so.1 /libexec
	chflags schg /libexec/ld-elf.so.1
	<ditto for ld-elf32.so.1 if installing for amd64>
	reboot
2007-10-31 11:19:32 +00:00
marius
a060d7dfbc - Fix the handling of R_SPARC_OLO10, which is a bit of a special case
in the way we implement handling of relocations.
  As for the kernel part this fixes the loading of lots of modules,
  which failed to load due to unresolvable symbols when built after
  the GCC 4.2.0 import. This wasn't due to a change in GCC itself
  though but one of several changes in configuration done along the
  import. Specfically, HAVE_AS_REGISTER_PSEUDO_OP, which causes GCC
  to denote global registers used for scratch purposes and in turn
  GAS uses R_SPARC_OLO10 relocations for, is now defined.
  While at it replace some more ELF_R_TYPE which should have been
  ELF64_R_TYPE_ID but didn't cause problems so far.
- Sync a sanity check between kernel and rtld(1) and change it to be
  maintenance free regarding the type used for the lookup table.
- Sprinkle const on lookup tables.
- Use __FBSDID.

Reported and tested by:	yongari
MFC after:		5 days
2007-10-16 19:17:48 +00:00
ru
62d48a1604 Fixed static linkage (build with -DNO_SHARED).
Approved by:	re (kensmith)
2007-10-01 18:17:24 +00:00
delphij
90cc29c58c Stop mentioning /usr/X11R6.
Approved by:	re (hrs)
2007-07-24 06:41:07 +00:00
marcel
127adac725 Unbreak the dynamic linker by not creating a cache for rtld-elf
itself. It needs mmap(2), which now needs getosreldate(3) and
which in turn uses a global variable to cache the result. This
cannot be done before linking is done.

See also: ../sparc64/reloc.c:1.15
Approved by: re (kensmith)
2007-07-15 22:52:15 +00:00
kensmith
bd3c8bf640 Cache does not serve any purpose when rtld is relocating itself, do
not bother allocating one.

Submitted by:	kan
Approved by:	re (bmah)
2007-07-13 16:18:43 +00:00
kan
312c816e62 Add r_debug_state to the list of symbols exported from rtld. GDB needs to
be able to find it in order to trap shared library events from rtld.

Approved by:	re (rwatson)
2007-07-11 23:07:37 +00:00
scf
196b6346ba Significantly reduce the memory leak as noted in BUGS section for
setenv(3) by tracking the size of the memory allocated instead of using
strlen() on the current value.

Convert all calls to POSIX from historic BSD API:
 - unsetenv returns an int.
 - putenv takes a char * instead of const char *.
 - putenv no longer makes a copy of the input string.
 - errno is set appropriately for POSIX.  Exceptions involve bad environ
   variable and internal initialization code.  These both set errno to
   EFAULT.

Several patches to base utilities to handle the POSIX changes from
Andrey Chernov's previous commit.  A few I re-wrote to use setenv()
instead of putenv().

New regression module for tools/regression/environ to test these
functions.  It also can be used to test the performance.

Bump __FreeBSD_version to 700050 due to API change.

PR:		kern/99826
Approved by:	wes
Approved by:	re (kensmith)
2007-07-04 00:00:41 +00:00
mlaier
83807ec50d Link pf 4.1 to the build:
- move ftp-proxy from libexec to usr.sbin
 - add tftp-proxy
 - new altq mtag link

Approved by:	re (kensmith)
2007-07-03 12:46:08 +00:00
yar
1d6d43b237 Note PAM support in atrun(8).
Sort FILES section while there.
Touch document date.
2007-06-17 14:02:31 +00:00
yar
73c6fd823f Add PAM support to atrun(8). 2007-06-15 12:02:16 +00:00
yar
62d3b985f5 Actually use new features of perr() and perrx(). 2007-06-15 10:34:36 +00:00
yar
79a90bc272 Catch up with perr() becoming variadic. 2007-06-15 10:12:37 +00:00
yar
0a5d437c3d Make perr() variadic and add perrx() to use in cases where
errno is irrelevant.  Some code duplication can be reduced
if perr() is variadic and perrx() is available.
2007-06-15 10:10:40 +00:00
yar
8a97efc414 Use a single setusercontext(3) instead of a bunch of basic syscalls.
Besides aesthetic benefits, that makes at(1) jobs subject to such
login.conf(5) settings as resource limits.
2007-06-14 22:16:21 +00:00
yar
b6a0b8bdc1 Spotted another copy of the loony error message. 2007-06-14 21:24:05 +00:00
yar
2c7e2004e3 Fix an error message that was beside the point. 2007-06-14 15:18:44 +00:00
yar
aaa29dd12a Fix a typical off-by-one error that can result in an unterminated string:
strncpy(dst, src, sizeof(dst));

by substituting the safer strlcpy() for strncpy().

X-Security:	none (the source string isn't user-supplied)
2007-06-14 14:44:04 +00:00
bz
e9cff2bb80 Correct a typo.
PR:		106049
Submitted by:	edwin (as part of a larger patch)
2007-06-03 15:32:06 +00:00
csjp
5e8c160d0b Update the man page to reflect that certain variables will be unset in
the case that the program is set-user-ID or set-group-ID. Add missing
annotations for LIBMAP and LIBMAP_DISABLE.
2007-05-17 19:14:25 +00:00
csjp
9c7934b018 In the event a process is tainted (setuid/setgid binaries), un-set any
potentially dangerous environment variables all together. It should be
noted that the run-time linker will not honnor these environment variables
if the process is tainted currently. However, once a child of the tainted
process calls setuid(2), it's status as being tainted (as defined by
issetugid(2)) will be removed. This could be problematic because
subsequent activations of the run-time linker could honnor these
dangerous variables.

This is more of an anti foot-shot mechanism, there is nothing I am
aware of in base that does this, however there may be third party
utilities which do, and there is no real negative impact of clearing
these environment variables.

Discussed on:	secteam
Reviewed by:	cperciva
PR:		kern/109836
MFC after:	2 weeks
2007-05-17 18:00:27 +00:00
marcel
15da83b5e9 Don't enable symbol versioning on ia64 for now. It causes
symbol lookup failures that later result in null-pointer
dereferences. This needs looking into, but since we're
close to release it's possible that it's not resolved before
that time.
2007-05-16 23:24:15 +00:00
marcel
43f7889dc6 We don't need --export-dynamic for ld-elf.so.1, because it's a
shared object.
2007-05-16 23:19:51 +00:00
deischen
bf3a79274d Enable symbol versioning by default. Use WITHOUT_SYMVER to disable it.
Warning, after symbol versioning is enabled, going back is not easy
(use WITHOUT_SYMVER at your own risk).

Change the default thread library to libthr.

There most likely still needs to be a version bump for at least the
thread libraries.  If necessary, this will happen later.
2007-05-13 14:12:40 +00:00
pav
587620304d Remove %m formatter, it's ifdef 0'ed in the code from the very beginning
MFC after:	1 week
2007-05-12 12:26:25 +00:00
pav
c4339791e9 Expand documentation for LD_TRACE_LOADED_OBJECTS_FMT? variables
PR:		docs/66265 (inspired by)
Submitted by:	Michel Lavondes <fox@vader.aacc.cc.md.us>
MFC after:	1 week
2007-05-12 12:24:49 +00:00
davidxu
a037728652 Fix a TLS memory leak.
PR: threads/112297
MFC: 1 week
2007-05-05 08:44:59 +00:00
ache
6ccaf050cc Back out all POSIXified *env() changes.
Not because I admit they are technically wrong and not because of bug
reports (I receive nothing). But because I surprisingly meets so
strong opposition and resistance so lost any desire to continue that.

Anyone who interested in POSIX can dig out what changes and how
through cvs diffs.
2007-05-01 16:02:44 +00:00
deischen
5850400608 Catch up with the private namespace change (s/FBSDprivate/FBSDprivate_1.0). 2007-05-01 13:46:27 +00:00
ache
4677e2577d Prepare for upcoming POSIXed putenv() rewrite:
don't allow putenv() arg be on the stack, replace putenv() with setenv()
2007-04-30 12:27:58 +00:00
kan
e7d29627ee Retire rtld-specific Versions.def. Symbols exported by rtld are supposed
to override weak symbols exported by libc, so by definition these two
are using the same symbol version names.

Reflect the reality by referring to libc's Versions.def directly.
2007-04-29 16:12:06 +00:00
deischen
bb377be75b Give the private version namespace a number to match libc. 2007-04-29 14:16:19 +00:00
deischen
2a7306fdc5 Use C comments since we now preprocess these files with CPP. 2007-04-29 14:05:22 +00:00
trhodes
c0ca7353a3 Remove references to S/Key and list OPIE. 2007-04-20 09:08:20 +00:00
yar
908756daef Reword the description of the UTF8 option (-8) so I can swear
to myself that I understand it.

Bump document date.
2007-04-19 17:30:19 +00:00
yar
021deab651 Add support for RFC 2389 (FEAT) and RFC 2640 (UTF8) to ftpd(8).
The support for RFC 2640 (UTF8) is optional and rudimentary.
The server just advertises its capability to handle UTF-8 file
names and relies on its own 8-bit cleanness, as well as on
the backward compatibility of UTF-8 with ASCII.  So uploaded
files will have UTF-8 names, but the initial server contents
should be prepared in UTF-8 by hand, no on-the-fly conversion
of file names will be done.

PR:		bin/111714
Submitted by:	Zhang Weiwu <see email in the PR>
MFC after:	1 week
2007-04-18 22:43:39 +00:00
kan
b9221e5c75 Bring rtld exports in line with corresponding symbols exported from
libc.

Disable SYMVER_DEFAULT n rtld until its implications are understood
better.
2007-04-09 23:00:29 +00:00
kan
639e7fc27d Remove reference to FBSDprivate version. We do not use it in this
module yet.
2007-04-07 23:23:10 +00:00
kan
0c81bcae73 Catch up on rtld's special status. Since it does not appear on
main object list, its versioning information needs to be examined
separately.

This hopefully fixes problems that people running with SYMVER_ENABLED
are experiencing.
2007-04-07 23:17:00 +00:00
kan
98adf88c30 Prepare rtld for symbol versioning. Disable it by default for now. 2007-04-03 19:01:06 +00:00
kan
0dd97e2c18 Implement dl_iterate_phdr function.
Convert boolean flags in internal Obj_Entry structure into bitfields.
Properly check for loaded segment alignment in map_object.
2007-04-03 18:31:20 +00:00
kan
34c2527aa4 Use u_int for variable manipulated by atomic ops to match atomic
ops function prototypes.
2007-04-03 18:28:13 +00:00
yar
7788a539e6 Let automatic TCP send buffer sizing do its job for ftpd(8): stop
setting the SO_SNDBUF socket option.  Using a hard-coded value for
it was a poor idea anyway in the face of diverse network conditions.
2007-02-09 17:18:39 +00:00
jhb
dcee465690 Document LD_UTRACE.
MFC after:	3 days
2007-01-23 22:38:39 +00:00