Distinguish IPv4 and IPv6 addresses and optional port numbers in
user space to set the option for the correct protocol family.
Add support in the kernel for carrying the new IPv6 destination
address and port.
Add support to TCP and UDP for IPv6 and fix UDP IPv4 to not change
the address in the IP header.
Add support for IPv6 forwarding to a non-local destination.
Add a regession test uitilizing VIMAGE to check all 20 possible
combinations I could think of.
Obtained from: David Dolson at Sandvine Incorporated
(original version for ipfw fwd IPv6 support)
Sponsored by: Sandvine Incorporated
PR: bin/117214
MFC after: 4 weeks
Approved by: re (kib)
Ensure that process descriptors work as expected. We should be able to:
- pdfork(), like regular fork(), but producing a process descriptor
- pdgetpid() to convert a PD into a PID
- pdkill() to send signals to a process identified by a PD
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
When calling poll(2) on a capability, unwrap first and then poll the
underlying object.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
This commit adds regression testing for openat(), fstatat(), etc. with
capability scoping ("strict relative" lookup), which applies:
- in capability mode
- when performing any *at() lookup relative to a capability
These tests will fail until the *at() code is committed; on my local
instance, with the *at() changes, they all pass.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
As per kib's suggestion, we also change test_count from a size_t to an int;
its value at the moment is 4, and we only expect it to go up to 7.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
kernel for FreeBSD 9.0:
Add a new capability mask argument to fget(9) and friends, allowing system
call code to declare what capabilities are required when an integer file
descriptor is converted into an in-kernel struct file *. With options
CAPABILITIES compiled into the kernel, this enforces capability
protection; without, this change is effectively a no-op.
Some cases require special handling, such as mmap(2), which must preserve
information about the maximum rights at the time of mapping in the memory
map so that they can later be enforced in mprotect(2) -- this is done by
narrowing the rights in the existing max_protection field used for similar
purposes with file permissions.
In namei(9), we assert that the code is not reached from within capability
mode, as we're not yet ready to enforce namespace capabilities there.
This will follow in a later commit.
Update two capability names: CAP_EVENT and CAP_KEVENT become
CAP_POST_KEVENT and CAP_POLL_KEVENT to more accurately indicate what they
represent.
Approved by: re (bz)
Submitted by: jonathan
Sponsored by: Google Inc
Even if we have CAP_FCHFLAGS, fchflags(2) fails on NFS. This is normal
and expected, so don't fail the test because of it.
Note that, whether or not we are on NFS, fchflags(2) should always fail
with ENOTCAPABLE if we are using a capability that does not have the
CAP_FCHFLAGS right.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
Add more regression testing, some of which is expected to fail until we
commit more kernel implementation.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
Add more regression testing, some of which is expected to fail until we
commit more kernel implementation.
Approved by: re (kib), mentor (rwatson)
Sponsored by: Google Inc
sources this tool collates are no longer available and the format of the
current database is directly usable by pciconf(8) without needing any special
processing.
Formerly, in this case an error was returned but the pid was also returned
to the application, requiring the application to use unspecified behaviour
(the returned pid in error situations) to avoid zombies.
Now, reap the zombie and do not return the pid.
MFC after: 2 weeks
Rather than using err() if either of two failure conditions
fires (which can produce spurious error messages), just use
errx() if the one condition that really matters fires.
In practice, this single test is enough to detect the failure
mode we're looking for (kqueue being inherited across fork).
Approved by: mentor (rwatson), re (Capsicum blanket)
Sponsored by: Google Inc
Modify the existing unit test (from libkqueue) which already exercises process events via
fork() and kill(). Now, the child process simply checks that the 'kqfd' descriptor is invalid.
Some minor modifications were required to make err() work correctly. It seems that this test
was imported using the output of a configure script, but config.h was not included in key
places, nor was its syntax correct (need '#define HAVE_FOO 1' rather than '#define HAVE_FOO').
Finally, change main() to run the "proc" suite by default, but widened the '#if TODO' in
proc.c to include the non-functioning test event_trigger().
Approved by: mentor (rwatson), re (Capsicum blanket)
Sponsored by: Google Inc
- Implement simple and generic language which can
be used to describe any kind of device ID structures.
- Fix endian issues.
- Add an example format file.
Suggested by: imp @
MFC after: 14 days
is now required by bus_autoconf.
- Allow interface class matching even if device class is vendor specific.
- Update bus_autoconf tool to not generate system and subsystem match lines
for the nomatch event.
PR: misc/157903
MFC after: 14 days
sorted according to the mode which they support:
host, device or dual mode
- Add generic tool to extract these data:
tools/bus_autoconf
Discussed with: imp
Suggested by: Robert Millan <rmh@debian.org>
PR: misc/157903
MFC after: 14 days
This knob removes the tools that are exclusively used to view and
maintain the databases maintained by utmpx, namely last, users, who,
wtmpcvt, ac, lastlogin and utxrm.
The tool w is not in this list, because it has some other functionality
which is unrelated to utmpx; it is hardlinked to the uptime tool.
The WITHOUT_ACCT switch is supposed to omit tools related to process
accounting, namely accton and sa. ac(8) is just a simple tool that
prints statistics based on data in the utx.log database. It has nothing
to do with the former.
Replacing ;; with the new control operator ;& will cause the next list to be
executed as well without checking its pattern, continuing until a list ends
with ;; or until the end of the case statement. This is like omitting
"break" in a C "switch" statement.
The sequence ;& was formerly invalid.
This feature is proposed for the next POSIX issue in Austin Group issue
#449.
The eval special builtin now runs the code with EV_EXIT if it was run
with EV_EXIT itself.
In particular, this eliminates one fork when a command substitution contains
an eval command that ends with an external program or a subshell.
This is similar to what r220978 did for functions.
The function name expandstr() and the general idea of doing this kind of
expansion by treating the text as a here document without end marker is from
dash.
All variants of parameter expansion and arithmetic expansion also work (the
latter is not required by POSIX but it does not take extra code and many
other shells also allow it).
Command substitution is prevented because I think it causes too much code to
be re-entered (for example creating an unbounded recursion of trace lines).
Unfortunately, our LINENO is somewhat crude, otherwise PS4='$LINENO+ ' would
be quite useful.
If the here-document is attached to a compound command or subshell, $?
already works properly. This is both a workaround for bin/41410 and a
requirement for a true fix for bin/41410.
PR: bin/41410
MFC after: 1 week
checks for collision/non-collision properties in binding them. This
test would have identified a bug recently reported on current@
involding my disaggregation of the pcbinfo lock.
It would be nice if this test also exercised packet diversion and
injection, but that is for another day.
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
rather than using a fixed port number. This means that the regression test
can be run many times in a row without waiting on TIMEWAIT to release a
hard-coded port number.
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Examples:
LC_ALL=en_US.UTF-8 printf '%d\n' $(printf \'\\303\\244)
LC_ALL=en_US.ISO8859-1 printf '%d\n' $(printf \'\\344)
Both of these should print 228.
Like some other shells, incomplete or invalid multibyte characters yield the
value of the first byte without a warning.
Note that there is no general way to go back from the character code to the
character.
CDPATH should be ignored not only for pathnames starting with '/' but also
for pathnames whose first component is '.' or '..'.
The man page already describes this behaviour.
If IFS is null, unquoted $@/$* should still expand to separate words.
This differs from quoted $@ (which does not depend on IFS) in that pathname
generation is performed and empty words are removed.
If WITH_BSD_GREP is not set, it will be 'bsdgrep' and GNUgrep will be
'[ef]grep'. Otherwise, BSD-grep will be the grep family, and GNUgrep
will be 'gnugrep'.
Discussed with: brooks
This reflects failure to determine the pathname of the new directory in the
exit status (1). Normally, cd returns successfully if it did chdir() and the
call was successful.
In POSIX, -e only has meaning with -P; because our -L is not entirely
compliant and may fall back to -P mode, -e has some effect with -L as well.
This is sometimes used with eval or old-style command substitution, and most
shells other than ash derivatives allow it.
It can also be used with scripts that violate POSIX's requirement on the
application that they end in a newline (scripts must be text files except
that line length is unlimited).
Example:
v=`cat <<EOF
foo
EOF`
echo $v
This commit does not add support for the similar construct with new-style
command substitution, like
v=$(cat <<EOF
foo
EOF)
This continues to require a newline after the terminator.
the architecture, reflect this in documentation. For such
options, both WITH_FOO and WITHOUT_FOO description files should
be provided.
Prodded by: des
- Setting a build option may enforce other build options, try harder
to detect this case.
- Setting a build option may change other option's default value,
try harder to detect this case.
Because we have no iconv in base, support for other charsets is not
possible.
Note that \u/\U are processed using the locale that was active when the
shell started. This is necessary to avoid behaviour that depends on the
parse/execute split (for example when placing braces around an entire
script). Therefore, UTF-8 encoding is implemented manually.
?, [...] patterns match codepoints instead of bytes. They do not match
invalid sequences. [...] patterns must not contain invalid sequences
otherwise they will not match anything. This is so that ${var#?} removes the
first codepoint, not the first byte, without putting UTF-8 knowledge into
the ${var#pattern} code. However, * continues to match any string and an
invalid sequence matches an identical invalid sequence. (This differs from
fnmatch(3).)
A string between $' and ' may contain backslash escape sequences similar to
the ones in a C string constant (except that a single-quote must be escaped
and a double-quote need not be). Details are in the sh(1) man page.
This construct is useful to include unprintable characters, tabs and
newlines in strings; while this can be done with a command substitution
containing a printf command, that needs ugly workarounds if the result is to
end with a newline as command substitution removes all trailing newlines.
The construct may also be useful in future to describe unprintable
characters without needing to write those characters themselves in 'set -x',
'export -p' and the like.
The implementation attempts to comply to the proposal for the next issue of
the POSIX specification. Because this construct is not in POSIX.1-2008,
using it in scripts intended to be portable is unwise.
Matching the minimal locale support in the rest of sh, the \u and \U
sequences are currently not useful.
Exp-run done by: pav (with some other sh(1) changes)
Note that this only applies to variables that are actually used.
Things like (0 && unsetvar) do not cause an error.
Exp-run done by: pav (with some other sh(1) changes)
In particular, this makes things like ${#foo[0]} and ${#foo[@]} errors
rather than silent equivalents of ${#foo}.
PR: bin/151720
Submitted by: Mark Johnston
Exp-run done by: pav (with some other sh(1) changes)
Ensure that system calls that access global namespaces, e.g. open(2), are not permitted, and that whitelisted sysctls like kern.osreldate are.
Approved by: rwatson
Sponsored by: Google, Inc.
with INET6 equivalents. Patch reather than re-genenerating src.conf
(given the current problem with the script that does the re-gen).
Reviewed by: gnn
Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems
MFC after: 2 weeks
This tool can be used to print statistics, registers, and
other device specific information once the driver is loaded
into the kernel.
Submitted by: Sriram Rapuru from Exar
MFC after: 2 weeks
For backgrounded pipelines and subshells, the previous value of $? was being
preserved, which is incorrect.
For backgrounded simple commands containing a command substitution, the
status of the last command substitution was returned instead of 0.
If fork() fails, this is an error.
If EV_EXIT causes an exit, use the exception mechanism to unwind
redirections and local variables. This way, if the final command is a
redirected command, an EXIT trap now executes without the redirections.
Because of these changes, EV_EXIT can now be inherited by the body of a
function, so do so. This means that a function no longer prevents a fork
before an exec being skipped, such as in
f() { head -1 /etc/passwd; }; echo $(f)
Wrapping a single builtin in a function may still cause an otherwise
unnecessary fork with command substitution, however.
An exit command or -e failure still invokes the EXIT trap with the
original redirections and local variables in place.
Note: this depends on SHELLPROC being gone. A SHELLPROC depended on
keeping the redirections and local variables and only cleaning up the
state to restore them.
- Test newslog with clasic naming of rotates files to actually test
the correct number of log files as newsyslog now does the correct
thing post r220926.
- Add some more newsyslog tests which tests keeping 0, 1, and 2
logfiles.
This is only a problem if IFS contains digits, which is unusual but valid.
Because of an incorrect fix for PR bin/12137, "${#parameter}" was treated
as ${#parameter}. The underlying problem was that "${#parameter}"
erroneously added CTLESC bytes before determining the length. This
was properly fixed for PR bin/56147 but the incorrect fix was not backed
out.
Reported by: Seeker on forums.freebsd.org
MFC after: 2 weeks
flags, so remove that part from WITHOUT_CXX again.
This is only partially regenerated, as the entries for FDT and GPIO seem to
have switched their default state, too.
WITHOUT_CLANG.
Don't build clang bootstrap/build-tools depending on this flag. We also
keep gperf, devd and libstdc++ around to prevent foot-shooting and to
make this a two-way street.
Of course, strerror_r() may still fail with ERANGE.
Although the POSIX specification said this could fail with EINVAL and
doing this likely indicates invalid use of errno, most other
implementations permitted it, various POSIX testsuites require it to
work (matching the older sys_errlist array) and apparently some
applications depend on it.
PR: standards/151316
MFC after: 1 week
- Change name to reflect this
- Install all kernel modules
- Choose image size that i386 and amd64 can be combined into one image
- Mount tmpfs over /boot/zfs for zpool imports
These already worked: $# ${#} ${##} ${#-} ${#?}
These now work as well: ${#+word} ${#-word} ${##word} ${#%word}
There is an ambiguity in the standard with ${#?}: it could be the length of
$? or it could be $# giving an error in the (impossible) case that it is not
set. We continue to use the former interpretation as it seems more useful.
The test was support to check if SUID/SGID bits are removed on first
write, but actually we were checking if they were removed after close.
Now we can check if SUID/SGID bits are gone after first write.
While here add checks to see if when both SUID and SGID bits are set they are
both cleared on first write.
- fchmod(2),
- fchown(2),
- fchflags(2),
- fstat(2),
- ftruncate(2),
- fpathconf(2),
- lpathconf(2).
Make write(2) syscall to take descriptor instead of file name.
We implement descriptors by keeping track of open files and allowing to
reference them by the following syscalls. Because pjdfstest already supports
executing multiple syscalls from one command it works pretty well.
For example, the following command:
pjdfstest open foo "O_CREAT,O_RDWR" 0 : open bar "O_CREAT,O_RDONLY" 640 : fchmod 0 0666 : fchown 0 -1 20 : fchmod 1 0444
is equivalent of (error checking omitted):
int fd[2];
fd[0] = open("foo", O_CREAT | O_RDWR, 0);
fd[1] = open("bar", O_CREAT | O_RDONLY, 0640);
fchmod(fd[0], 0666);
fchown(fd[0], -1, 20);
fchmod(fd[1], 0444);
Preserving $? may cause problems particularly if set -e is in effect.
It may be useful to preserve the old value of $? in the dot script but this
must not be implemented in such a way that it would break this test.
setting. It can be built by setting the WITH_ICONV knob. While this
knob is unset, the library part, the binaries, the header file and
the metadata files will not be built or installed so it makes no impact
on the system if left turned off.
This work is based on the iconv implementation in NetBSD but a great
number of improvements and feature additions have been included:
- Some utilities have been added. There is a conversion table generator,
which can compare conversion tables to reference data generated by
GNU libiconv. This helps ensuring conversion compatibility.
- UTF-16 surrogate support and some endianness issues have been fixed.
- The rather chaotic Makefiles to build metadata have been refactored
and cleaned up, now it is easy to read and it is also easier to add
support for new encodings.
- A bunch of new encodings and encoding aliases have been added.
- Support for 1->2, 1->3 and 1->4 mappings, which is needed for
transliterating with flying accents as GNU does, like "u.
- Lots of warnings have been fixed, the major part of the code is
now WARNS=6 clean.
- New section 1 and section 5 manual pages have been added.
- Some GNU-specific calls have been implemented:
iconvlist(), iconvctl(), iconv_canonicalize(), iconv_open_into()
- Support for GNU's //IGNORE suffix has been added.
- The "-" argument for stdin is now recognized in iconv(1) as per POSIX.
- The Big5 conversion module has been fixed.
- The iconv.h header files is supposed to be compatible with the
GNU version, i.e. sources should build with base iconv.h and
GNU libiconv. It also includes a macro magic to deal with the
char ** and const char ** incompatibility.
- GNU compatibility: "" or "char" means the current local
encoding in use
- Various cleanups and style(9) fixes.
Approved by: delphij (mentor)
Obtained from: The NetBSD Project
Sponsored by: Google Summer of Code 2009
A full featured groff is required during buildworld, so build it always
and don't rely on it being present on the host system.
vgrind(1) is tightly coupled to a roff processor and will not be
built/installed when groff is disabled. Also much of the roff'ed
documentation under share/doc will not be built/installed when
WITHOUT_GROFF is defined.
Reviewed by: ru (partial)
Sync up with flags understood by install(1) [1], and make install(1)'s
usage output not hide the clearly documented -M flag.
PR: misc/154739 [1]
Submitted by: arundel
images that are of a certain size. The geometery is bogus, but that
doesn't matter since the new packet mode onviates the need to get the
geometry right.
* In {(...) <redir1;} <redir2, do not drop redir1.
* Maintain the difference between (...) <redir and {(...)} <redir:
In (...) <redir, the redirection is performed in the child, while in
{(...)} <redir it should be performed in the parent (like {(...); :;}
<redir)
POSIX requires this and it is simpler than the previous code that remembered
command locations when appending directories to PATH.
In particular,
PATH=$PATH
is no longer a no-op but discards all cached command locations.
If execve() returns an [ENOEXEC] error, check if the file is binary before
trying to execute it using sh. A file is considered binary if at least one
of the first 256 bytes is '\0'.
In particular, trying to execute ELF binaries for the wrong architecture now
fails with an "Exec format error" message instead of syntax errors and
potentially strange results.
hexdump.
This is a part replacement of the old athprom code, which tries
to both fetch and print the contents of an eeprom dump.
A tool to generate hexdumps from a running system will follow shortly.
* add missing includes to quieten warnings
* fix an inline function decl to have a return type
* since .h files are created during the build (opt_ah.h, ah_osdep.h)
which modify the behaviour of the HAL include/source files,
include OBJDIR in the path so the #include's work.
The tools should now build when the directory is added to LOCAL_DIRS
during a make buildworld.
When a foreground job exits on a signal, a message is printed to stdout
about this. The buffer was not flushed after this which could result in the
message being written to the wrong file if the next command was a builtin
and had stdout redirected.
Example:
sh -c 'kill -9 $$'; : > foo; echo FOO:; cat foo
Reported by: gcooper
MFC after: 1 week
This is useful so that it is easier to exit on a signal than to reset the
trap to default and resend the signal. It matches ksh93. POSIX says that
'exit' without args from a trap action uses the exit status from the last
command before the trap, which is different from 'exit $?' and matches this
if the previous command is assumed to have exited on the signal.
If the signal is SIGSTOP, SIGTSTP, SIGTTIN or SIGTTOU, or if the default
action for the signal is to ignore it, a normal _exit(2) is done with exit
status 128+signal_number.
* Make 'trap --' do the same as 'trap' instead of nothing.
* Make '--' stop option processing (note that '-' action is not an option).
Side effect: The error message for an unknown option is different.
When running with a custom locale setup, it's easy to confuse the
date regression tests and cause them to fail, e.g. when LANG='C'
but LC_ALL='el_GR.UTF-8'. Set LC_ALL to 'C', which overrides all
other LC_xxx options, to avoid this sort of problem.
Reviewed by: uqs, edwin
All builtins are now always found before a PATH search.
Most ash derivatives have an undocumented feature where the presence of an
entry "%builtin" in $PATH will cause builtins to be checked at that point of
the PATH search, rather than before looking at any directories as documented
in the man page (very old versions do document this feature).
I am removing this feature from sh, as it complicates the code, may violate
expectations (for example, /usr/bin/alias is very close to a forkbomb with
PATH=/usr/bin:%builtin, only /usr/bin/builtin not being another link saves
it) and appears to be unused (all the %builtin google code search finds is
in some sort of ash source code).
Note that aliases and functions took and take precedence above builtins.
Because aliases work on a lexical level they can only ever be overridden on
a lexical level (quoting or preceding 'builtin' or 'command'). Allowing
override of functions via PATH does not really fit in the model of sh and it
would work differently from %builtin if implemented.
Note: POSIX says special builtins are found before functions. We comply to
this because we do not allow functions with the same name as a special
builtin.
Silence from: freebsd-hackers@ (message sent 20101225)
Discussed with: dougb
It should use the original exit status, just like falling off the
end of the trap handler.
Outside an EXIT trap, 'exit' is still equivalent to 'exit $?'.
- Sort the includes of pack.c, moving sys/*.h files near the top.
- Add a couple of missing #include lines, and remove the need for
custom -include options in the CFLAGS of the test Makefile.
- Remove the ad-hoc 'all' target, but keep its 'regress' bits for
testing.
- Convert the ad-hoc 'clean' target to proper CLEANFILES stuff,
so that the normal bsd.prog.mk machinery can clean up.
- Use `make -V .OBJDIR' to detect the place where 'pack' lives,
so that regress.t works both with and without 'make obj'.
Reviewed by: uqs
MFC after: 1 week
An error message is written, the builtin is not executed, nonzero exit
status is returned but the shell does not abort.
This was already checked for special builtins and external commands, with
the same consequences except that the shell aborts for special builtins.
Obtained from: NetBSD
