Commit Graph

1699 Commits

Author SHA1 Message Date
Nathan Whitehorn
153d788f31 Revert r209544. It papers over a binutils bug, and is not even a reliable
fix for it.

The bug occurs when using the --as-needed flag to ld in the presence of
synthetic linker-generated symbols that reference symbols defined in
linked-to shared libraries with versioned symbols. When the only symbols
used from a library fall into this category, ld will drop the DT_NEEDED
entry for it, but retain the versioning information. This bug is best
fixed/hacked around in binutils, not in rtld.

Discussed with:	kan
2010-06-28 01:40:56 +00:00
Nathan Whitehorn
5540acc1ba Ignore versioned dependencies on shared objects to which we do not link.
This fixes an error with files like this created by GNU ld under certain
circumstances.
2010-06-26 22:04:52 +00:00
Jayachandran C.
a77be127e6 Merge jmallett@'s n64 work into HEAD - changeset 3
Update rtld MIPS code to use assembly macros that work on o32/n64.

Changes from http://svn.freebsd.org/base/user/jmallett/octeon

Approved by:	rrs(mentor), jmallett
2010-06-16 16:39:01 +00:00
Alexander Kabaev
f28c411c0c Plug possible memory leak.
Found by:  Coverity
MFC after: 2 weeks
2010-06-03 00:25:43 +00:00
Ulrich Spörlein
a5ee07913d mdoc: use literal text, not a column table to present the
configuration file snippet.
2010-06-02 10:20:31 +00:00
Roman Divacky
1dfdc15bb0 Only use the cache after the early stage of loading. This is
because calling mmap() etc. may use GOT which is not set up
yet. Use calloc() instead of mmap() in cases where this
was the case before (sparc64, powerpc, arm).

Submitted by:	Dimitry Andric (dimitry andric com)
Reviewed by:	kan
Approved by:	ed (mentor)
2010-05-18 08:55:23 +00:00
Kirk McKusick
945f418ab8 Final update to current version of head in preparation for reintegration. 2010-05-06 17:37:23 +00:00
Warner Losh
e7ff54750b Bring in new files from edwin's tftp 2010-05-04 13:07:40 +00:00
Warner Losh
5276e63981 Go ahead and merge the work edwin@ on tftpd into the tree. It is a
lot better than what's in the tree now.  Edwin tested it at a prior
employer, but can't test it today.  I've found that it works a lot
better with the various uboot versions that I've used in my embedded
work.  Here's the pkg-descr from the port that describes the changes:

It all started when we got some new routers, which told me the
following when trying to upload configuration or download images
from it: The TFTP server doesn't support the blocksize option.

My curiousity was triggered, it took me some reading of RFCs and
other documentation to find out what was possible and what could
be done. Was plain TFTP very simple in its handshake, TFTP with
options was kind of messy because of its backwards capability: The
first packet returned could either be an acknowledgement of options,
or the first data packet.

Going through the source code of src/libexec/tftpd and going through
the code of src/usr.bin/tftp showed that there was a lot of duplicate
code, and the addition of options would only increase the amount
of duplicate code. After all, both the client and the server can
act as a sender and receiver.

At the end, it ended up with a nearly complete rewrite of the tftp
client and server. It has been tested against the following TFTP
clients and servers:

- Itself (yay!)
- The standard FreeBSD tftp client and server
- The Fedora Core 6 tftp client and server
- Cisco router tftp client
- Extreme Networks tftp client

It supports the following RFCs:

RFC1350 - THE TFTP PROTOCOL (REVISION 2)
RFC2347 - TFTP Option Extension
RFC2348 - TFTP Blocksize Option
RFC2349 - TFTP Timeout Interval and Transfer Size Options
RFC3617 - Uniform Resource Identifier (URI) Scheme and Applicability
          Statement for the Trivial File Transfer Protocol (TFTP)

It supports the following unofficial TFTP Options as described at
http://www.compuphase.com/tftp.htm:

blksize2 - Block size restricted to powers of 2, excluding protocol headers
rollover - Block counter roll-over (roll back to zero or to one)

From the tftp program point of view the following things are changed:

- New commands: "blocksize", "blocksize2", "rollover" and "options"
- Development features: "debug" and "packetdrop"

If you try this tftp/tftpd implementation, please let me know if
it works (or doesn't work) and against which implementaion so I can
get a list of confirmed working systems.

Author: Edwin Groothuis <edwin@FreeBSD.org>
2010-05-04 06:19:19 +00:00
Kirk McKusick
a4bf5fb987 Update to current version of head. 2010-04-28 05:33:59 +00:00
Kirk McKusick
5092109703 The NFS quota-reporting RPC uses 32-bit sized fields. We approximate
64-bit quota sizes by scaling down the sizes by the minimum amount
necessary to fit in a 32-bit field and then upscale the filesystem
block size to compensate. For example, if the hard block limit is
0x300000008 then we set the hard block limit to 0xA0000002 and claim
that the blocksize is 4 * DEV_BSIZE. This will lose the minimal
amount of information thus delivering nearly correct answers.
2010-04-25 00:05:51 +00:00
Dag-Erling Smørgrav
b591468394 Forgot to initialize the debug variable.
MFC after:	2 weeks
2010-04-01 13:16:32 +00:00
Dag-Erling Smørgrav
9481b5428e Add a debugging option (-d)
Add a -k option which fingerd(8) passes through to finger(1).

MFC after:	2 weeks
2010-04-01 13:11:39 +00:00
Xin LI
d56cc55917 Check that gl_pathc is bigger than zero before derefencing gl_pathv.
When gl_pathc == 0, the content of gl_pathv is undefined.

PR:		bin/144761
Submitted by:	David BERARD <contact davidberard fr>
Obtained from:	OpenBSD
MFC after:	1 week
2010-03-25 22:41:01 +00:00
Pietro Cerutti
071ab531db - Remove const'ness from dlerror(3) prototype, for consistency with POSIX.
Approved by:	cognet
MFC after:	1 week
2010-03-24 15:59:51 +00:00
Ulrich Spörlein
63d46d1d5e Fix several typos in macros or macro misusage.
Found by:	make manlint
Reviewed by:	ru
Approved by:	philip (mentor)
2010-03-12 10:01:06 +00:00
Dag-Erling Smørgrav
1a0fda2b54 IFH@204581 2010-03-04 13:35:57 +00:00
Warner Losh
5d7dfd42c7 Updated rtld for n32 support.
Submitted by:	jmallet@
Obtained from:	NetBSD
2010-03-04 04:53:05 +00:00
Dag-Erling Smørgrav
9dc9c85fe9 WIP: the last missing piece of the quota64 puzzle. Not quite there
yet.
2010-03-04 00:47:24 +00:00
Ruslan Ermilov
c59ee18a21 Fixed static linkage. 2010-02-26 09:41:16 +00:00
Nathan Whitehorn
4f2730f723 Support the extended PLT format used when objects have more than 8192
PLT relocations on PPC32.
2010-02-22 16:49:45 +00:00
Warner Losh
6f76ed8008 The NetBSD Foundation has granted permission to remove clauses 3 and 4.
Obtained from:	NetBSD
2010-02-16 21:49:36 +00:00
Marcel Moolenaar
e45051c39e Improve TLS variant I:
o   Use obj->tlsinitsize to determine whether there's initialized data.
o   If obj->tlssize > obj->tlsinitsize, then bzero uninitialized data.
o   Don't exclude variant I from the work-around in free_tls_offset().
2010-02-16 02:48:11 +00:00
Ed Schouten
cee4a62e54 Set ut_line to "ftpd" for ftpd.
This makes it a little easier to figure out which application was
responsible for this log entry. Ideally we should add an ut_process or
something similar.

Suggested by:	Vincent Poy <vincepoy gmail com>
2010-02-09 07:35:12 +00:00
Ed Schouten
0806dd9238 Remove stale references to utmp(5) and its corresponding filenames.
I removed utmp and its manpage, but not other manpages referring to it.
2010-01-21 17:25:12 +00:00
Ed Schouten
9f37b1a2b4 Really disable wtmp logging when chrooting.
Also perform a small cleanup to ftpd_logwtmp(). Just use a NULL
parameter for the username to indicate a logout, instead of an empty
string.

Reported by:	Alexey Shuvaev <shuvaev physik uni-wuerzburg de>
2010-01-18 23:28:25 +00:00
Ed Schouten
88b69f52ee Phase out ttyslot(3).
The ttyslot() function was originally part for SUSv1, marked LEGACY in
SUSv2 and removed later on. This function only makes sense when using
utmp(5), because it was used to determine the offset of the record for
the controlling TTY. It makes little sense to keep it here, because the
new utmpx file format doesn't index based on TTY slots.
2010-01-14 05:35:32 +00:00
Ed Schouten
006ab5b3e7 Port all apps in libexec/ from libulog to utmpx. 2010-01-13 18:28:58 +00:00
Ed Schouten
80643af02b Port ftpd to utmpx.
Unfortunately I have to partially wreck its functionality, though. ftpd
used to keep a file descriptor to the wtmp, which allowed it to work
from within a chroot. The current utmpx implementation doesn't offer a
way to do this. Maybe we can address this in the future, if it turns out
to be a real issue.
2010-01-13 18:28:41 +00:00
Ed Schouten
960aa5e071 Port comsat to utmpx.
It seems comsat stats the utmpx database each 15 seconds to see whether
it has been changed. I am changing this behaviour to look at the utmpx
database upon processing. I don't want to allow direct interference with
the database files. I also wonder whether this optimization has any
measurable performance benefit nowadays.
2010-01-13 18:25:43 +00:00
Ed Schouten
426f89600c Remove `dead code' from rlogind.
- It shouldn't call logwtmp(). Applications like login(1) already make
  sure both login and logout entries are written to the storage.
- There's no need to restore permissions on the pseudo-terminal, since
  it should be garbage collected by the kernel.
2010-01-13 18:24:04 +00:00
Ed Schouten
1100c00131 Make WARNS=6 the default for libexec/.
Just like bin/ and sbin/, I think setting WARNS to the highest value
possible will make it more attractive for people to fix warnings.

- The WARNS variable is set in the Makefile in the directory of the
  application itself, making it more likely that it will be removed out
  of curiosity to see what happens.
- New applications will most likely build with WARNS=6 out of the box,
  because the author would more likely fix the warnings during
  development than lower WARNS.

Unfortunately almost all apps in libexec require a lowered value of
WARNS.
2010-01-02 09:50:19 +00:00
Ed Schouten
3e08d559a8 Fix several warnings.
- Add __unused keywords.
- Don't shadow a global variable called cr.
- Make the global cr variable const.
2010-01-02 09:45:59 +00:00
Ed Schouten
f709df34c3 ANSIfy ldconfig and the aout bits it still uses from rtld-aout.
(Why is aout support still there?)
2009-12-29 21:07:17 +00:00
Ed Schouten
a7cb923912 Make rpc.ruserd work with utmpx/libulog.
Because strings are now null-terminated, I've decided to just use an
array of utmpx structures, instead of the separated strings. This means
we just copy the entire utmpx structure and point to the strings within
the structures directly.
2009-12-29 10:28:20 +00:00
Ed Schouten
2de7889ec8 Perform cleanups to rpc.rusersd:
- Perform whitespace fixes. Use tabs instead of 8 spaces.
- Make it build at WARNS=6.
2009-12-28 23:01:24 +00:00
Ed Schouten
af5bd8feb3 Modify the sources to make WARNS=6 work. 2009-12-26 14:33:55 +00:00
Ed Schouten
3af5aa46eb Unbreak the build.
I increased the WARNS, but it looks like it breaks certain architectures
with more strict alignment requirements (mips, sparc64, ia64).

Pointy hat to:	me
2009-12-26 11:00:18 +00:00
Ed Schouten
3eb56f7eff Let talkd use utmpx instead of utmp.
Because strings are null terminated now, there is no need to copy
ut_line into a separate buffer first. Also enable WARNS.
2009-12-25 11:12:05 +00:00
Ed Schouten
f195f6269e Don't use UT_NAMESIZE here to determine the maximum username length. 2009-12-25 10:30:54 +00:00
Ed Schouten
9e9a895ea7 Repair breakage to last-minute API change.
I changed ulog_log{in,out} to return a void, but forgot to change
ulog-helper as well.

Reported by:	stefanf
2009-12-03 21:44:41 +00:00
Ed Schouten
2208eadf43 Add a new library: libulog.
One of the things I really want to do, is to get rid of the limitations
of our current utmp(5) mechanism:

- It only allows 8 byte TTY device names.
- The hostname only allows 16 bytes of storage.

I'm not a big fan of <utmpx.h>, but I think we should at least try to
add parts of it. Unfortunately we cannot implement <utmpx.h>, because we
miss various fields, such as ut_id, ut_pid, etc. The API provided by
libulog shares some similarities with <utmpx.h>, so it shouldn't be too
hard to port these applications eventually. In most simple cases, it
should just be a matter of removing the ulog_ prefix everywhere.

As a bonus, it also implements a function called ulog_login_pseudo(),
which allows unprivileged applications to write log entries, provided
they have a valid file descriptor to a pseudo-terminal master device.

libulog will allow a smoother transition to a new file format by adding
a library interface to deal with utmp/wtmp/lastlog files. I initially
thought about adding the functionality to libutil, but because I'm not
planning on keeping this library around forever, we'd better keep it
separated.

Next items on the todo list:

1. Port applications in the base system (and ports) to libulog, instead
   of letting them use <utmp.h>.
2. Remove <utmp.h>, implement <utmpx.h> and reimplement this library on
   top.
3. Port as many applications as possible back to <utmpx.h>.
2009-12-03 15:48:24 +00:00
Colin Percival
f349fbc4a6 Fix local root vulnerability.
Security:	Advisory will be coming soon.
X-MFC-After:	30 seconds
2009-12-01 02:57:06 +00:00
Konstantin Belousov
abf48e8311 Allow to load not-openable dso when tracing. This fixes ldd on such dso or
dso linked to non-openable object.
Remove '\n' at the end of error message.
End comments with dot.

MFC after:	3 weeks (together with r199829)
2009-11-28 14:29:32 +00:00
Konstantin Belousov
0d3bc8a930 Implement rtld part of the support for -z nodlopen (see ld(1)).
Reviewed by:	kan
MFC after:	3 weeks
2009-11-26 13:57:20 +00:00
Konstantin Belousov
45d276ce3c Flag controlling origin expansion in DT_FLAGS is DF_ORIGIN, not DF_1_ORIGIN.
Reviewed by:	kan
MFC after:	3 days
2009-11-26 13:55:49 +00:00
Robert Watson
de8b11d839 Fix white space in rtld runtime error printf.
MFC after:	3 days
2009-11-14 15:08:44 +00:00
Konstantin Belousov
dec4912e62 Calculate relocation base for the main object, and apply the relocation
adjustment for all virtual addresses encoded into the ELF structures of
it. PIE binary could and should be loaded at non-zero mapbase.

For sym_zero pseudosymbol used as a return value from find_symdef()
for undefined weak symbols, st_value also should be adjusted, since
_rtld_bind corrects symbol values by relocbase.

Discussed with:	bz
Reviewed by:	kan
Tested by:	bz (i386, amd64), bsam (linux)
MFC after:	some time
2009-10-10 15:27:10 +00:00
Robert Watson
1c232cd509 In rtld's map_object(), use pread(..., 0) rather than read() to read the
ELF header from the front of the file.  As all other I/O on the binary
is done using mmap(), this avoids the need for seek privileges on the
file descriptor during run-time linking.

MFC after:	1 month
Sponsored by:	Google
2009-10-06 17:14:39 +00:00
Dag-Erling Smørgrav
3f89d457bf Sync from head. 2009-09-26 23:25:22 +00:00
Dag-Erling Smørgrav
2db2319de5 printerr_reply() has never been used for as long as we've had this code in
our tree (13+ years).  This is an excellent argument for aggressive use
of "static".
2009-09-26 23:05:01 +00:00
Dag-Erling Smørgrav
4085a92bc9 Sync with head 2009-09-25 23:28:57 +00:00
Dag-Erling Smørgrav
95f1d628d9 Other minor style issues. 2009-09-25 23:03:24 +00:00
Dag-Erling Smørgrav
0fbc5fbedf Sync with head 2009-09-25 22:45:59 +00:00
Dag-Erling Smørgrav
ebb2b0f28a Slight style cleanup. 2009-09-25 22:20:30 +00:00
Dag-Erling Smørgrav
10b3b54548 Merge from head 2009-09-17 16:16:44 +00:00
Dag-Erling Smørgrav
7d4b968b0f Merge from head up to r188941 (last revision before the USB stack switch) 2009-09-17 13:31:39 +00:00
Remko Lodder
c8b385c86f Do the first step in removing lukemftpd from the base system. Disconnect
it from the build.

If you are using the FTP daemon, please consider using the port ftp/tnftpd
which is the same FTP server, but newer and might have more/better
functionality.

This results in us providing only one ftp daemon by default.

Reviewed by:	bz
Approved by:	imp (mentor, implicit)
MFC after:	3 days
Silence from:	obrien
2009-09-03 16:34:20 +00:00
Konstantin Belousov
49e8c06b45 Implement RTLD_NOLOAD flag for dlopen(3).
Requested and tested by:	jkim
Reviewed by:	kan
Approved by:	re (kensmith)
2009-07-17 19:45:42 +00:00
Konstantin Belousov
69ca61ba5e Only perform .bss mapping and cleaning operations when segment file size
is not equal to its memory size.

This eliminates unneeded clearing of the text segment that often
happens due to text end not being page-aligned.

For instance,
$ readelf -l /lib/libedit.so.6
Program Headers:
  Type           Offset   VirtAddr   PhysAddr   FileSiz MemSiz  Flg Align
  LOAD           0x000000 0x00000000 0x00000000 0x139e1 0x139e1 R E 0x1000
  LOAD           0x014000 0x00014000 0x00014000 0x00f04 0x00f14 RW  0x1000
  DYNAMIC        0x014cc4 0x00014cc4 0x00014cc4 0x000d0 0x000d0 RW  0x4
$ procstat -v $$ (for /bin/sh)
68585 0x28097000 0x280aa000 r-x    6    0  21  14 CN vn /lib/libedit.so.6
68585 0x280aa000 0x280ab000 r-x    1    0   1   0 CN vn /lib/libedit.so.6 <==
68585 0x280ab000 0x280ac000 rwx    1    0   1   0 CN vn /lib/libedit.so.6
Note the splitted map entry marked by '<=='.

Reviewed by:	kan
Approved by:	re (kensmith)
MFC after:	1 month
2009-07-17 19:32:04 +00:00
Alexander Kabaev
2286fe7635 Second attempt at eliminating .text relocations in shared libraries
compiled with stack protector.

Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC
generates local calls to this function which result in absolute
relocations put into position-independent code segment, making dynamic
loader do extra work every time given shared library is being relocated
and making affected text pages non-shareable.

Reviewed by:        kib
Approved by:        re (kib)
2009-07-14 21:19:13 +00:00
Alexander Kabaev
d48890cfb8 Back out previous revision until better tested fix is ready.
Approved by: re (impliciti, by approving previos check-in)
2009-06-29 01:33:59 +00:00
Alexander Kabaev
a162c9ae9c Eliminate .text relocations in shared libraries compiled with stack protector.
Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC generates
local calls to this function which result in absolute relocations put into
position-independent code segment, making dynamic loader do extra work everys
time given shared library is being relocated and making affected text pages
non-shareable.

Reviewed by:        kib
Approved by:        re (kensmith)
2009-06-28 23:51:39 +00:00
Ed Schouten
26d0788e89 Fix a typo in the same comment, one line below.
Submitted by:	bf1783 googlemail com
2009-06-23 14:12:49 +00:00
Ed Schouten
75b872ee53 Fix typo in comment.
Submitted by:	Christoph Mallon
2009-06-23 09:50:50 +00:00
Alexander Kabaev
6c3154f6a1 Allow order of initialization of loaded shared objects to be
altered through their .init code. This might happen if init
vector calls dlopen on its own and that dlopen causes some not
yet initialized object to be initialized earlier as part of that
dlopened DAG.

Do not reset module reference counts to zero on final fini vector
run when process is exiting. Just add an additional parameter to
force fini vector invocation regardless of current reference count
value if object was not destructed yet. This allows dlclose called
from fini vector to proceed normally instead of failing with handle
validation error.

Reviewed by:	kib
Reported by:	venki kaps
2009-06-20 14:16:41 +00:00
Alexander Kabaev
1310f23766 FreeBSD returns main object handle from dlopen(NULL, ...) calls.
dlsym seaches using this handle are expected to look for symbol
definitions in all objects loaded at the program start time along
with all objects currently in RTLD_GLOBAL scope.

Discussed with: kib
Reported by:	Maho NAKATA
MFC after:	2 weeks
2009-06-16 16:38:54 +00:00
Doug Rabson
22a91927b3 Increase the size of the static TLS area slightly (required for the NVidia's
OpenGL driver on amd64).
2009-05-27 18:54:31 +00:00
Doug Barton
7dcdb93f91 Per the man page:
The makekey utility has been deprecated and will be removed in a future
release of FreeBSD.

Actually removing it was approved back on 10/29/2007 by re (kensmith) but
I dropped the ball on actually removing it. It's doubtful that it's become
more relevant/useful in the intervening time.
2009-05-26 00:07:02 +00:00
Robert Watson
3f2f85a6de Prefer <sys/param.h> to <machine/param.h> for the definition of
CACHE_LINE_SIZE.

Submitted by:	bde
MFC after:	2 weeks
2009-04-20 10:35:50 +00:00
Robert Watson
d9d845a99c Explicitly include machine/param.h for CACHE_LINE_SIZE.
MFC after:	2 weeks
2009-04-19 23:03:57 +00:00
Robert Watson
d1f2f1c3f3 Now that the kernel defines CACHE_LINE_SIZE in machine/param.h, use
that definition in the custom locking code for the run-time linker
rather than local definitions.

Pointed out by:	tinderbox
MFC after:	2 weeks
2009-04-19 23:02:50 +00:00
Konstantin Belousov
a3c8e04ef7 Currently, when mapping an object, rtld reserves the whole address space
for the mapping by the object' file with the protection and mode of
the first loadable segment over the whole region. Then, it maps other
segments at the appropriate addresses inside the region.

On amd64, due to default alignment of the segments being 1Gb, the
subsequent segment mappings leave the holes in the region, that usually
contain mapping of the object' file past eof. Such mappings prevent
wiring of the address space, because the pages cannot be faulted in.

Change the way the mapping of the ELF objects is constructed, by first
mapping PROT_NONE anonymous memory over the whole range, and then
mapping the segments of the object over it. Take advantage of this new
order and allocate .bss by changing the protection of the range instead
of remapping.

Note that we cannot simply keep the holes between segments, because
other mappings may be made there. Among other issues, when the dso is
unloaded, rtld unmaps the whole region, deleting unrelated mappings.

The kernel ELF image activator does put the holes between segments, but
this is not critical for now because kernel loads only executable image
and interpreter, both cannot be unloaded. This will be fixed later, if
needed.

Reported and tested by:	Hans Ottevanger <fbsdhackers beasties demon nl>
Suggested and reviewed by:	kan, alc
2009-04-10 10:14:04 +00:00
Konstantin Belousov
11e0093f28 Update comment to the reality, rtld supports any number of loadable segments.
Fix spacing.

Reviewed by:	kan
2009-04-10 09:52:42 +00:00
David E. O'Brien
ec85f7fa39 Move variable externs into extern.h so they are checked against the definitions. 2009-04-07 20:34:34 +00:00
Konstantin Belousov
c8da4f07d7 Allow the NULL, RTLD_SELF and RTLD_NEXT handles to work with dlfunc(3).
dlfunc() called dlsym() to do the work, and dlsym() determines the dso
that originating the call by the return address. Due to this, dlfunc()
operated as if the caller is always the libc.

To fix this, move the dlfunc() to rtld, where it can call the internal
implementation of dlsym, and still correctly fetch return address.
Provide usual weak stub for the symbol from libc for static binaries.
dlfunc is put to FBSD_1.0 symver namespace in the ld.so export to
override dlfunc@FBSD_1.0 weak symbol, exported by libc.

Reported, analyzed and tested by:	Tijl Coosemans <tijl ulyssis org>
PR: standards/133339
Reviewed by:	kan
2009-04-03 19:17:23 +00:00
Konstantin Belousov
b2e4ce45d9 Document RTLD_NODELETE, -z nodelete and -z origin support. 2009-04-01 14:38:20 +00:00
Olivier Houchard
c2851b5d37 Use RTF_LLDATA. 2009-03-31 23:02:51 +00:00
Konstantin Belousov
2b0b4ee359 Implement support for RTLD_NODELETE flag for dlopen() and -z nodelete
static linker option. Do it by incrementing reference count on the loaded
object and its dependencies.

Reviewed by:	davidxu, kan
2009-03-30 08:47:28 +00:00
Konstantin Belousov
4d59cc85e8 Do not dereference NULL pointer. refobj is NULL for the objects that are
preloaded.

Reported and tested by:	ed
2009-03-28 15:54:08 +00:00
Xin LI
569e2ef6a9 Support for a new environment variable, LD_ELF_HINTS_PATH for overriding
the rtld hints file.  This environment variable would be unset if the
process is considered as tainted with setuid/setgid.  This feature gives
a convenient way of using a custom set of shared library that is not
located in the default location and switch back.

Feature requested by:	iXsystems
Original patch by:	John Hixson
MFC after:		2 weeks
2009-03-23 16:49:00 +00:00
Konstantin Belousov
28551690e0 Implement the dynamic string token substitution in the rpath and
soneeded pathes. The $ORIGIN, $OSNAME, $OSREL and $PLATFORM tokens
are supported. Enabling the substitution requires DF_ORIGIN flag in
DT_FLAGS or DF_1_ORIGIN if DF_FLAGS_1, that may be set with -z origin
gnu ld flag. Translation is unconditionally disabled for setuid/setgid
processes.

The $ORIGIN translation relies on the AT_EXECPATH auxinfo supplied
by kernel.

Requested by:	maho
Tested by:	maho, pho
Reviewed by:	kan
2009-03-18 13:40:37 +00:00
Ruslan Ermilov
d9ca85fca7 Fix build when WITH_SSP is set explicitly.
Submitted by:	Jeremie Le Hen
2009-02-21 15:04:31 +00:00
Dag-Erling Smørgrav
1b3515f39b WIP 2009-01-30 13:54:03 +00:00
Maxim Konovalov
9b7076d1ce o Fix typo: indentical -> identical.
PR:		docs/131149
Submitted by:	Patrick Oonk
MFC after:	1 week
2009-01-30 09:42:25 +00:00
Ed Schouten
4cb085f361 Fix handling of pts(4) device names in comsat(8). Also catch fork() errors.
Pseudo-terminals allocated with posix_openpt(2) will have more slashes
in their path names than comsat(8) allows, so allow slashes when the
character device name starts with "pts/".

This patch is loosely based on NetBSD's changes, revision 1.33. Because
it also included the changes to fork(), I imported them here as well.
Maybe we could import even more fixes from the other BSD's?

Original commit message from the NetBSD folks:

	PR/30170: Markus W Kilbinger: src/libexec/comsat complains
	about: '/' in "/dev/pts/1"

Reported by:	Robert Huff <roberthuff rcn com>
2009-01-17 15:56:38 +00:00
Colin Percival
f0b40b1c97 Prevent cross-site forgery attacks on ftpd(8) due to splitting
long commands into multiple requests. [08:12]

Avoid calling uninitialized function pointers in protocol switch
code. [08:13]

Merry Christmas everybody...

Approved by:	so (cperciva)
Approved by:	re (kensmith)
Security:	FreeBSD-SA-08:12.ftpd, FreeBSD-SA-08:13.protosw
2008-12-23 01:23:09 +00:00
Qing Li
6e6b3f7cbc This main goals of this project are:
1. separating L2 tables (ARP, NDP) from the L3 routing tables
2. removing as much locking dependencies among these layers as
   possible to allow for some parallelism in the search operations
3. simplify the logic in the routing code,

The most notable end result is the obsolescent of the route
cloning (RTF_CLONING) concept, which translated into code reduction
in both IPv4 ARP and IPv6 NDP related modules, and size reduction in
struct rtentry{}. The change in design obsoletes the semantics of
RTF_CLONING, RTF_WASCLONE and RTF_LLINFO routing flags. The userland
applications such as "arp" and "ndp" have been modified to reflect
those changes. The output from "netstat -r" shows only the routing
entries.

Quite a few developers have contributed to this project in the
past: Glebius Smirnoff, Luigi Rizzo, Alessandro Cerri, and
Andre Oppermann. And most recently:

- Kip Macy revised the locking code completely, thus completing
  the last piece of the puzzle, Kip has also been conducting
  active functional testing
- Sam Leffler has helped me improving/refactoring the code, and
  provided valuable reviews
- Julian Elischer setup the perforce tree for me and has helped
  me maintaining that branch before the svn conversion
2008-12-15 06:10:57 +00:00
Konstantin Belousov
10b4034657 Provide custom simple allocator for rtld locks in libthr. The allocator
does not use any external symbols, thus avoiding possible recursion into
rtld to resolve symbols, when called.

Reviewed by:	kan, davidxu
Tested by:	rink
MFC after:	1 month
2008-12-02 11:58:31 +00:00
Konstantin Belousov
cb5c4b10ba Add two rtld exported symbols, _rtld_atfork_pre and _rtld_atfork_post.
Threading library calls _pre before the fork, allowing the rtld to
lock itself to ensure that other threads of the process are out of
dynamic linker. _post releases the locks.

This allows the rtld to have consistent state in the child. Although
child may legitimately call only async-safe functions, the call may
need plt relocation resolution, and this requires working rtld.

Reported and debugging help by:	rink
Reviewed by:	kan, davidxu
MFC after:	1 month (anyway, not before 7.1 is out)
2008-11-27 11:27:59 +00:00
Ed Schouten
225c0f4b44 Convert telnetd(8) to use posix_openpt(2).
Some time ago I got some reports MPSAFE TTY broke telnetd(8). Even
though it turned out to be a different problem within the TTY code, I
spotted a small issue with telnetd(8). Instead of allocating PTY's using
openpty(3) or posix_openpt(2), it used its own PTY allocation routine.
This means that telnetd(8) still uses /dev/ptyXX-style devices.

I've also increased the size of line[]. Even though 16 should be enough,
we already use 13 bytes ("/dev/pts/999", including '\0'). 32 bytes gives
us a little more freedom.

Also enable -DSTREAMSPTY. Otherwise telnetd(8) strips the PTY's pathname
to the latest slash instead of just removing "/dev/" (e.g. /dev/pts/0 ->
0, instead of pts/0).

Reviewed by:	rink
2008-11-13 19:05:27 +00:00
Dag-Erling Smørgrav
3ebc694460 Whitespace and style fixes, build at WARNS level 6.
MFC after:	3 weeks
2008-11-04 14:17:49 +00:00
Warner Losh
1d178313cc This code has no copyright. It is fairly obvious to me that we're a
derivitive of NetBSD's mips_reloc.c, so pull in the copyright notice
from there.

Also, a minor tweak to load/store pointers.  Other changes from NetBSD
likely would be useful too...

Obtained from:	NetBSD
2008-10-13 20:24:03 +00:00
Warner Losh
2ab1831e76 MFp4: Fix a bug in the mips relocation code that prevents shared images
from working.

From p4 filelog of the upstream file in p4

//depot/projects/mips2-jnpr/src/libexec/rtld-elf/mips/reloc.c
... #6 change 140737 edit on 2008/04/27 by gonzo@gonzo_jeeves (text+ko)

        o Looks like handler for R_MIPS_REL32 brought by CS 137942
            is broken for tradmips. Code from NetBSD's
            libexec/ld.elf_so/arch/mips/mips_reloc.c works just fine.

... #3 change 137942 edit on 2008/03/17 by rrs@rrs-mips2-jnpr (text+ko)

        Any relocation symbol lookup if its 0. It looks like
               this is the way the compiler indicates you need to
               look in another shared library. When we hit these
               as we relocate a object we will do the symbol
               lookups and setup the relocation table with the
               right value.

Submitted by:	rrs@, gonzo@
2008-10-10 05:10:10 +00:00
Alexander Kabaev
657d9f9ae9 Allow strong symbols to override weak ones for lookups done through
dlsym with RTLD_NEXT/RTLD_SELF handles.

Allow symbols from ld-elf.so to be located this way too.

Based on report and original patch from sobomax@.
2008-10-10 00:16:32 +00:00
Sam Leffler
690f477d75 add new build knobs and jigger some existing controls to improve
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd

Reviewed by:	various (posted to arch)
MFC after:	1 month
2008-09-21 22:02:26 +00:00
David Xu
d8b04dc0d4 Allow multiple locks to be acquired by detecting corresponding
bit flag, otherwise if a thread acquired a lock, another thread
or the current thread itself can no longer acquire another lock
because thread_mask_set() return whole flag word, this results
bit leaking in the word and misbehavior in later locking and
unlocking.
2008-09-16 01:46:11 +00:00
Alexander Kabaev
61adda8468 Make sure internal rtld malloc routines are not called from unlocked
contexts as rtld's malloc is not thread safe and is only supposed to be
called with exclusive bind lock already held.

The originating PR submitted a patch on top of different pre-requisite
workaroud for unsafe dlopen calls, and the patch was midief slighlty to apply
to stock sources for the purpose of this commit. Running rtld malloc from
unlocked contexts is a bug on its own.

PR: 126950
Submited by: Oleg Dolgov
2008-09-03 01:05:32 +00:00
Ed Schouten
878f530ff8 Remove the now unneeded pt_chown utility.
Before we had a posix_openpt() that allocated PTY's with proper
permissions in place, we used this set-uid utility to change the
ownership of PTY slave devices to the real user ID of the process. This
utility was used to implement grantpt().

In my first designs of the MPSAFE TTY layer, I replaced this by adding
an ioctl() called TIOCGRANTPT, which was used to change the ownership.
I left the pt_chown utility, because older C libraries needed it to work
properly.

After some discussions back in June I changed the PTY code to set
permissions properly upon creation. Fortunately the previous grantpt()
implementation changed permissions by hand when pt_chown is not
installed, which always succeeds. This means grantpt() still works
properly, even though the set-uid utility is missing.

I've done tests with FreeBSD 5.2.1, FreeBSD 6.3 and FreeBSD 7.0 jails.
All of them still work if I remove pt_chown.

Reviewed by:	philip (ex-mentor)
2008-08-24 10:01:22 +00:00
Colin Percival
f9bcf9cabf Mark functions as __dead2 in order to help the LLVM static checker
understand which code paths aren't possible.

This commit eliminates 117 false positive bug reports of the form
"allocate memory; error out if pointer is NULL; use pointer".
2008-08-04 01:25:48 +00:00