getino(3)/putino(3), inode.c has been reworked in Perforce to the point
where a manual page may not be accurate. Certainly putino(3) has not
even been merged back yet.
These will need a lot of improvement for most applications, but they
document the API enough to get someone on their feet, most likely. The
best documentation still exists in the form of libufs(3) consumers in the
base system.
the chance of getting the same thread id when allocating a
new thread is reduced. This won't work if the application
creates a new thread for every time a thread exits, but
we're still within the allowances of POSIX.
debugging is enabled so the symbol needs to be resolved before rtld
locking is enabled. I may not really know what I'm talking about,
but it works.
Submitted by: kan
cat ${.ALLSRC} > ${.TARGET}
rather than
ln -sf ${.ALLSRC} ${.TARGET}
not to depends on absolute-path of symbolic links.
Commented by: marcel, obrien, bde
- -elf in CFLAGS had no effect except to reduce portability.
- -elf in LDFLAGS had even less effect, since LDFLAGS is not used.
- -Wall in CFLAGS had no effect except to reduce portability and break
overriding of WARNS, since the setting of WARNS implies -Wall.
an application compiled -static with libthr would dump core in
malloc(3) because the stub thread initialization routine in libc would
be used instead of the libthr supplied one.
don't allow it at the moment, the correct thing to do is try again.
Otherwise, libthr would fail this test because it doesn't allow
an unlimited number of concurrent threads per application.
that the old API (passing "" as the attribute name to the _get_
interface) is now deprecated (and was probably a bad idea).
Pointed out by: Dominic Giampaolo <dbg@apple.com>
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
hashing scheme used in Microsoft's NT machines. IT IS NOT SECURE!
DON'T USE IT! This is for the use of competent sysadmins only!
Submitted by: Michael Bretterklieber
o Make sure the arguments to ctx_wrapper() are loaded from the
backing store by forcing an underflow. Do this by making all
registers in the register frame local.
is not called, and no static rules match an outgoing packet, the
latter retains its source IP address. This is in support of the
"static NAT only" mode.
o Up to 8 arguments are allowed. This is the number of arguments
passed in registers. Subsequent registers are passed on the stack.
Trying to deal with this is not easy in C and likely forces us to
use assembly code. Let's avoid that for now. There's no indication
that more than 8 arguments is a strong requirement (Linux also has
an 8 argument limit).
o We expect that the stack base is 16-byte aligned and the stack
size is a multiple of 16-byte. We bomb out if this is not the case.
We probably want to be less strict by enforcing it ourselves. For
now it's better to not hide gross alignment bogons by silently
correcting it.
an excessive close() on one of these descriptors would cause
a memory for this descriptor to be allocated in the internal
descriptor table. When this descriptor gets used again, e.g.
through the call to open() or socket(), the descriptor would
be erroneously left in the blocking mode, and the whole
application would get stuck on a blocking operation, e.g.,
in accept(2).
Prevent this bug from happening by disallowing close() against
non-active descriptors (return -1 and set errno to EBADF in
this case).
Reviewed by: deischen
Approved by: re (scottl)
to a buffer in the big key/data case, memmove() was used on pointers
to size_ts, but only sizeof(u_int32_t) bytes where copied. This broke
on big_endian architectures where sizeof(size_t) > sizeof(u_int32_t).
This bug broke portupgrade (by way of ruby_bdb1) on sparc64.
Approved by: re (rwatson)
path, making them suitable for direct use by the dynamic loader.
Register libpthread-specific locking API with rtld on startup.
This still has some rough edges with signals which should be
addresses later.
Approved by: re (scottl)
is called and the application is not threaded. This works around
a problem when an application that hasn't yet become threaded
tries to jump out of a signal handler.
Reported by: mbr
Approved by: re@ (rwatson)
condition variables. Cosmetic.
Explicitly compare against PTHREAD_MUTEX_INITIALIZER. We shouldn't
encourage calls to the mutex functions with null pointers to mutexes.
Approved by: re/jhb
from multiple threads don't initialze the same condition variable
more than once.
Explicitly compare cond pointers with PTHREAD_COND_INITIALIZER instead
of NULL. Just because it happens to be defined as NULL is no reason
to encourage the idea that people can call those functions with
NULL pointers to a condition variable.
Approved by: re/jhb
The dead list thread is sufficient for synchronization.
Retire the arch_id (ldt array slot) in the gc thread instead of the
doing it in the thread itself.
Approved by: re/jhb
are not initialized at this place. Move the initializing
before the non-blocking check.
Submitted by: Marius Strobl <marius@alchemy.franken.de>
Reviewed by: jhb
Approved by: re
low-level lock used by the libpthread implementation. In the
future, we'll eliminate spinlocks from libc but that will wait
until after 5.1-release.
Don't call an application signal handler if the handler is
the same as the library-installed handler. This seems to
be possible after a fork and is the cause of konsole hangs.
Approved by: re@ (jhb)
just read() in non-blocking mode too. The reason is obvious. NetBSD
uses a complete different way to get the credentials so this patch
only applies to FreeBSD.
Reviewed by: rwatson
Approved by: re
Remove the special treatment of non-blocking mode in
the "look ahead function" xdrrec_eof(). It currently
assumes that the last read() in a row of several reads
does not have zero lenght. If this is the case, svc_vc_stat()
does return XPRT_MOREREQS, and the RPC-request aborts because
there is no data to read anymore.
To fix this, go back to the original version of the code
for non-blocking mode until NetBSD comes up with another
possible fix like this one in xdrrec_eof()
if (rstrm->last_frag && rstrm->in_finger == rstrm->in_boundry) {
return TRUE;
}
Return always FALSE in set_input_fragment() for non-blocking
mode. Since this was not used in FreeBSD, I omitted it at the
first time. Now we use this function and we should always
return FALSE for it.
Reviewed by: rwatson
Approved by: re
joiner by making sure all locks and unlocks occur in the same order. For
the record the lock order is: DEAD_LIST, THREAD_LIST, exiting thread, joiner
thread.
Approved by: re/rwatson
thread is not dead, the join loop is guaranteed to execute at least
once, so there is no need to pick up the thread list lock after
we return from suspenstion only to release it after the loop.
Approved by: re/blanket libthr
joined and then the joiner thread. There isn't an easy (sane?) way
to make it use the correct order without introducing races involving
the target thread and finding which (active or dead) list it is on. So,
after locking the canceled thread it will try to lock the joined thread
and if it fails release the first lock and try again from the top.
Introduce a new function, _spintrylock, which is simply a wrapper arround
umtx_trylock(), to help accomplish this.
Approved by: re/blanket libthr
Modify the thread creation and thread searching routine
to lock the thread lists with the new locks instead of GIANT_LOCK.
Approved by: re/blanket libthr
list is protected by a spinlock_t, but the dead list uses a pthread_mutex
because it is necessary to synchronize other threads with the garbage
collector thread. Lock/Unlock macros are used so it's easier to make
changes to the locks in the future.
The 'dead thread list' lock is intended to replace the gc mutex.
This doesn't have any practical ramifications. It simply makes it
clearer what the purpose of the lock is. The gc will use this lock,
instead of the gc mutex, to synchronize access to the dead list with
other threads.
Modify _pthread_exit() to use these two new locks instead of GIANT_LOCK,
and also to properly lock and protect thread state changes,
especially with respect to a joining thread.
The gc thread was also re-arranged to be more organized and less nested.
_pthread_join() was also modified to use the thread list locks. However,
locking and unlocking here needs special care because a thread could find
itself in a position where it's joining an exiting thread that is
waiting on the dead list lock, which this thread (joiner) holds. If the
joiner doesn't take care to lock *and* unlock in the same order they
(the joiner and the joinee) could deadlock against each other.
Approved by: re/blanket libthr
pthread_cond_t) internaly in addition to the low-level spinlock_t. The
garbage collector mutex and condition variable are two such examples. This
might lead to critical sections nested within critical sections. Implement
a reference counting mechanism so that signals are masked only on the first
entry and unmasked on the last exit.
I'm not sure I like the idea of nested critical sections, but if
the library is going to use the pthread primitives it might be necessary.
Approved by: re/blanket libthr
a lock is being waitied on.
Fix a races in join and cancellation.
When trying to wait on a CV and the library is not yet
threaded, make it threaded so that waiting actually works.
When trying to nanosleep() and we're not threaded, just
call the system call nanosleep instead of adding the thread
to the wait queue.
Clean up adding/removing new threads to the "all threads queue",
assigning them unique ids, and tracking how many active threads
there are. Do it all when the thread is added to the scheduling
queue instead of making pthread_create() know how to do it.
Fix a race where a thread could be marked for signal delivery
but it could be exited before we actually add the signal to it.
Other minor cleanups and bug fixes.
Submitted by: davidxu
Approved by: re@ (blanket for libpthread)
Access to the thread's flags and state is protected by
_thread_critical_enter/exit(). When a thread is signaled with a condition
its state must be protected by locking it and disabling
signals before it is taken of the waiters' queue.
Move the implementation of pthread_cond_signal() and pthread_cond_broadcast()
into one function, cond_signal(). Its behaviour is determined by the
last argument, int broadcast. If this is set to 1 it will remove all
waiters, otherwise it will wake up only the first waiter thread.
Remove an extraneous call to pthread_testcancel().
Approved by: re/blanket libthr
that take the address of a struct pthread as their first argument.
_spin[un]lock() just become wrappers arround these two functions.
These new functions are for use in situations where curthread can't be
used. One example is _thread_retire(), where we invalidate the array index
curthread uses to get its pointer..
Approved by: re/blanket libthr
Prevent one thread from messing up another thread's saved signal
mask by saving it in struct pthread instead of leaving it as a
global variable. D'oh!
Approved by: re/blanket libthr
in thr_private.h
o Lock down the ldt_entries array and ldt_free, which points to
the next free slot. As noted in the comments, it's necessary
to special case the initial_thread because %gs is not setup
for it yet. This is ok because that early in the program there
won't be any reentrancy issues anyways.
Approved by: re/blanket libthr
When in either the mutex or cond queue we notice that the thread
is already on one of the queues, don't just simply abort(). Print
out the thread's identifiers and what queue it was on.
Approved by: markm/mentor, re/blanket libthr
is the *only* remaining thread in the application, in which case we
should not core dump, and instead exit gracefully.
Approved by: markm/mentor, re/blanket libthr
be external (initialize()!).
Remove cancellation points from _pthread_cond_wait and
_pthread_cond_timedwait (single underscore versions are
libc private functions). Point the weak reference(!) for
these functions to the versions with cancellation points.
Approved by: re@(blanket till 5/19)
Pointed out by: kan (cancellation point bug)
prime objectives are:
o Implement a syscall path based on the epc inststruction (see
sys/ia64/ia64/syscall.s).
o Revisit the places were we need to save and restore registers
and define those contexts in terms of the register sets (see
sys/ia64/include/_regset.h).
Secundairy objectives:
o Remove the requirement to use contigmalloc for kernel stacks.
o Better handling of the high FP registers for SMP systems.
o Switch to the new cpu_switch() and cpu_throw() semantics.
o Add a good unwinder to reconstruct contexts for the rare
cases we need to (see sys/contrib/ia64/libuwx)
Many files are affected by this change. Functionally it boils
down to:
o The EPC syscall doesn't preserve registers it does not need
to preserve and places the arguments differently on the stack.
This affects libc and truss.
o The address of the kernel page directory (kptdir) had to
be unstaticized for use by the nested TLB fault handler.
The name has been changed to ia64_kptdir to avoid conflicts.
The renaming affects libkvm.
o The trapframe only contains the special registers and the
scratch registers. For syscalls using the EPC syscall path
no scratch registers are saved. This affects all places where
the trapframe is accessed. Most notably the unaligned access
handler, the signal delivery code and the debugger.
o Context switching only partly saves the special registers
and the preserved registers. This affects cpu_switch() and
triggered the move to the new semantics, which additionally
affects cpu_throw().
o The high FP registers are either in the PCB or on some
CPU. context switching for them is done lazily. This affects
trap().
o The mcontext has room for all registers, but not all of them
have to be defined in all cases. This mostly affects signal
delivery code now. The *context syscalls are as of yet still
unimplemented.
Many details went into the removal of the requirement to use
contigmalloc for kernel stacks. The details are mostly CPU
specific and limited to exception_save() and exception_restore().
The few places where we create, destroy or switch stacks were
mostly simplified by not having to construct physical addresses
and additionally saving the virtual addresses for later use.
Besides more efficient context saving and restoring, which of
course yields a noticable speedup, this also fixes the dreaded
SMP bootup problem as a side-effect. The details of which are
still not fully understood.
This change includes all the necessary backward compatibility
code to have it handle older userland binaries that use the
break instruction for syscalls. Support for break-based syscalls
has been pessimized in favor of a clean implementation. Due to
the overall better performance of the kernel, this will still
be notived as an improvement if it's noticed at all.
Approved by: re@ (jhb)
lock held (_thr_sched_switch_unlocked()) and use this to avoid
dropping the scheduler lock and having the scheduler retake the
same lock again.
Add a better way of detecting if a low-level lock is in use.
When switching out a thread due to blocking in the UTS, don't
switch to the KSE's scheduler stack only to switch back to
another thread. If possible switch to the new thread directly
from the old thread and avoid the overhead of the extra
context switch.
Check for pending signals on a thread when entering the scheduler
and add them to the threads signal frame. This includes some
other minor signal fixes.
Most of this was a joint effor between davidxu and myself.
Reviewed by: davidxu
Approved by: re@ (blanket for libpthread)
Fixes a problem where directory entries could show up twice: once
on the top layer of the union stack, and once on the bottom layer.
Approved by: re (rwatson)
of pthread_cond_timedwait() is moved into cond_wait_common().
Pthread_cond_wait() and pthread_cond_timedwait() are now wrappers around
this function. Previously, the former called the latter with the abstime
pointing to 0 time. This violated Posix semantics should an application
have reason to call it with that argument because instead or returning
immediately it would have waited indefinitely for the cv to be signaled.
Approved by: markm/mentor, re/blanket libthr
Reviewed by: jeff
respect to other threads and signal handlers by moving to
the _thread_critical_enter/exit functions.
o Introduce an static function, testcancel(), that is used by
the other functions in this module. This allows it to make
locking assumptions that the top-level functions can't.
o Rework the code flow a bit to reduce indentation levels.
Approved by: markm/mentor, re/blanket libthr
Reviewed by: jeff
Those who really need this information can find it in the include file.
* Include a succinct description of the st_birthtime field.
Approved by: re (bmah)
- hosts_ctl(3), hosts_access(3), request_init(3),
request_set(3).
PR: docs/52000
Submitted by: Simon L. Nielsen <simon@nitro.dk>
Approved and Reviewed by: des (mentor), re (scottl)
- strip out the nasty PIC_PROLOGUE/EPILOGUE stuff, since we dont have
to lose a register in PIC mode anymore (we use %rip-relative addressing).
- update for C register argument passing conventions.
- convert 32 bit to 64 bit register sizes etc.
Note that the syscall instruction clobbers %rcx, which is inconvenient
because it is the fourth syscall argument, so we use %r10 (another scratch
register) for the 4th syscall arg instead (I picked %r10 to be the same as
NetBSD). int 0x80 is still possible though, and it uses %rcx as usual.
Note that the syscall style syscall does *NOT* preserve all the registers,
unlike int 0x80. We do not preserve the scratch registers except for
%rdi and %rsi. int 0x80 does preserve everything but the return values.
technique) so that we don't wind up calling into an application's
version if the application defines them.
Inspired by: qpopper's interfering and buggy version of strlcpy
a thread lock).
Better protect access to thread state while searching for
threads to handle a signal.
Better protect access to process pending signals while processing
a thread in sigwait().
Submitted by: davidxu
KSEs when it's thread exits; allow the GC handler to do that.
o Make spinlock/spinlock critical regions.
The following were submitted by davidxu
o Alow thr_switch() to take a null mailbox argument.
o Better protect cancellation checks.
o Don't set KSE specific data when creating new KSEs; rely on the
first upcall of the KSE to set it.
o Add the ability to set the maximum concurrency level and do this
automatically. We should have a way to enable/disable this with
some sort of tunable because some applications may not want this
to be the default.
o Hold the scheduling lock across thread switch calls.
o If scheduling of a thread fails, make sure to remove it from the list
of active threads.
o Better protect accesses to a joining threads when the target thread is
exited and detached.
o Remove some macro definitions that are now provided by <sys/kse.h>.
o Don't leave the library in threaded mode if creation of the initial
KSE fails.
o Wakeup idle KSEs when there are threads ready to run.
o Maintain the number of threads active in the priority queue.
While I'm here, use the TAILQ_FOREACH macro instead of a more
manual method which was inherited from libc_r (so we could
remove elements from the list which isn't needed for libpthread).
Submitted by: Kazuaki Oda <kaakun@highway.ne.jp>
setgrent, and endgrent also. (The previous NSS implementation used to
simply twiddle the internal data of the various modules directly.)
A symptom (group list set incorrectly in sshd) was
Reported by: Glenn Johnson <gjohnson@srrc.ars.usda.gov>
Sponsored by: DARPA, Network Associates Laboratories
idea to re-initialize `struct passwd', because e.g. pw_class might
get set by one module, but not by another. Add another call to the
internal pwd_init function to accomplish this.
Sponsored by: DARPA, Network Associates Laboratories
password must necessarily have an empty pwd->pw_passwd. Also add a check
that prevents users from setting a blank password unless the nullok option
was specified. Root is still allowed to give anyone a blank password.
Correct a bug that should have wreaked havoc everywhere, but for
some reason only bit unlucky people who use `-march' optimizations.
The compiler cannot assist one in distinguishing between the two
function calls below.
int nsdispatch(void *, ...);
void *discard;
nsdispatch(&discard, ...); /* correct .. no, really! */
nsdispatch(discard, ...); /* Boom */
Robin provided me with a debugging environment in which I could see
what was going on.
Badness when using CPUTYPE was
Reported by: "Robin P. Blanchard" <Robin.Blanchard@gactr.uga.edu>
Reported by: nork
Sponsored by: DARPA, Network Associates Laboratories
provided by Sergey A. Osokin <osa@freebsd.org.ru>.
In order to test this on a single CPU machine, you need to:
sysctl kern.threads.debug=1
sysctl kern.threads.virtual_cpu=2
lock level is 0. Thus far, the threads implementation doesn't use
mutexes or condition variables so the lock level should be 0.
Save the return value when trying to schedule a new thread and
use this to return an error from pthread_create().
Change the max sleep time for an idle KSE to 1 minute from 2 minutes.
Maintain a count of the number of KSEs within a KSEG.
With these changes scope system threads seem to work, but heavy
use of them crash the kernel (supposedly VM bugs).
An incorrectly-sized allocation was being made due to an incorrect
argument to the `sizeof' operator. Obvious, because it violated the
`foo = malloc(sizeof(*foo))' idiom. Hard-to-see, because it was a
missing `*' (`*p' versus `**p').
Resulting failure was
Reported by: ache
Sponsored by: DARPA, Network Associates Laboratories
privileges. To do so may cause the NIS server to log spurious and
annoying `access denied' messages.
Reported by: Philip Paeps <philip@paeps.cx>
Sponsored by: DARPA, Network Associates Laboratories
to be instances where the kernel doesn't properly save and/or
restore it.
Use noupcall and nocompleted flags in the KSE mailbox. These
require kernel changes to work which will be committed sometime
later. Things still work without the changes.
Remove the general kse entry function and use two different
functions -- one for scope system threads and one for scope
process threads. The scope system function is not yet enabled
and we use the same function for all threads at the moment.
Keep a copy of the KSE stack for the case that a KSE runs
a scope system thread and uses the same stack as the thread
(no upcalls are generated, so a separate stack isn't needed).
This isn't enabled yet.
Use a separate field for the KSE waiting flag. It isn't
correct to use the mailbox flags field.
The following fixes were provided by David Xu:
o Initialize condition variable locks with thread versions
of the low-level locking functions instead of the kse versions.
o Enable threading before creating the first thread instead
of after.
o Don't enter critical regions when trying to malloc/free
or call functions that malloc/free.
o Take the scheduling lock when inheriting thread attributes.
o Check the attribute's stack pointer instead of the
attributes stack size for null when allocating a
thread's stack.
o Add a kseg reinit function so we don't have to destroy and
then recreate the same lock.
o Check the return value of kse_create() and return an
appropriate error if it fails.
o Don't forget to destroy a thread's locks when freeing it.
o Examine the correct flags word for checking to see if
a thread is in a synchronization queue.
Things should now work on an SMP kernel.
Note that the tp register (r13) is reserved as the TLS pointer in
the same way that that gp register (r1) is reserved as the global
pointer. This implementation uses the tp register to point to the
thread structure used by the threads implementation. This is not
in violation with the runtime specification provided the TLS is
a fixed distance from the thread structure. This is only an issue
when code used the __thread keyword to create TLS. This is not
supported at the moment.
in the mac.3 library man page. They were already cross-referenced
at the end of the man page, just not explicitly listed here.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
libthr. No changes were made to libpthread by request of deischen,
who will soon commit a real implementation for that library.
PR: standards/50848
Submitted by: Sergey A. Osokin <osa@freebsd.org.ru>
MFC after: 1 week
would result in an incorrectly terminated grouplist.
login(1) crashes
Reported by: Morten Rodal <morten@rodal.no>,
Matthias Schuendehuette <msch@snafu.de>
string was an incredibly dumb idea (of course it will be changed by an
NSS module on success!). Use a static empty string instead.
Sponsored by: DARPA, Network Associates Laboratories
may not fill in all fields, and in the case of string fields, this could
cause trouble for applications. (The only likely example is `pw_class',
because this field is not used by all modules in all cases.)
Move initialization of struct passwd from module-specific code to the
dispatch code.
The problem of a NULL pw_class was
Noticed by: Philip Paeps <philip@paeps.cx>
and the c^Htrusty ssh(1) command.
Déjà vu by: getpwent.c revision 1.56
Sponsored by: DARPA, Network Associates Laboratories
at least one consumer outside of libc and pwd_mkdb.
Adjust the versioning in libc and pwd_mkdb accordingly.
named was the application affected, and that fact was first
Reported by: Zherdev Anatoly <tolyar@mx.ru>
Sponsored by: DARPA, Network Associates Laboratories
environment. This includes support for multiple KSEs and KSEGs.
The ability to create more than 1 KSE via pthread_setconcurrency()
is in the works as well as support for PTHREAD_SCOPE_SYSTEM threads.
Those should come shortly.
There are still some known issues which davidxu and I are working
on, but it'll make it easier for us by committing what we have.
This library now passes all of the ACE tests that libc_r passes
with the exception of one. It also seems to work OK with KDE
including konqueror, kwrite, etc. I haven't been able to get
mozilla to run due to lack of java plugin, so I'd be interested
to see how it works with that.
Reviewed by: davidxu
family of functions using the new nsdispatch(3) core. Remove
arbitrary size limits when using the thread-safe versions.
= Re-implement the traditional getpwent(3)/getgrent(3) functions on
top of the thread-safe versions.
= Update the on-disk format of the hashed version of the passwd(5)
databases to allow for versioned entries. The legacy version is
`3'. (Don't ask.)
= Add support for version `4' entries in the passwd(5) database.
Entries in this format are identical to version 3 entries except
that all integers are stored as 32-bit integers in network byte
order (big endian).
= pwd_mkdb is updated to generate both version 3 and version 4
entries.
Sponsored by: DARPA, Network Associates Laboratories
may be built into libc (`static NSS modules') or dynamically loaded
via dlopen (`dynamic NSS modules'). Modules are loaded/initialized
at configuration time (i.e. when nsdispatch is called and nsswitch.conf
is read or re-read).
= Make the nsdispatch(3) core thread-safe.
= New status code for nsdispatch(3) `NS_RETURN', currently used to
signal ERANGE-type issues.
= syslog(3) problems, don't warn/err/abort.
= Try harder to avoid namespace pollution.
= Implement some shims to assist in porting NSS modules written for
the GNU C Library nsswitch interface.
Sponsored by: DARPA, Network Associates Laboratories
they resemble one another, but POSIX.1e interfaces were not sufficiently
expressive to do what we needed.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
%f and sufficiently short %g specifiers where the precision was
explicitly zero, no '#' flag was specified, and the floating point
argument was > 0 and <= 0.5. While at it, add some comments to better
explain the relevant bits of code.
Noticed by: Christoph Kukulies <kuku@physik.rwth-aachen.de>
or the tty, just block selected signals in the parent like system(3) does.
Many thanks to bde for his assistance in finding the correct solution.
PR: bin/50679
by allprison_mtx), a unique prison/jail identifier field, two path
fields (pr_path for reporting and pr_root vnode instance) to store
the chroot() point of each jail.
o Add jail_attach(2) to allow a process to bind to an existing jail.
o Add change_root() to perform the chroot operation on a specified
vnode.
o Generalize change_dir() to accept a vnode, and move namei() calls
to callers of change_dir().
o Add a new sysctl (security.jail.list) which is a group of
struct xprison instances that represent a snapshot of active jails.
Reviewed by: rwatson, tjr
- Bump shared library version on libusbhid.
- Retire libusbhid.h; it is called usbhid.h now.
- hid_start_parse() takes a third argument.
- hid_locate() takes a fifth argument.
- hid_report_size() order of arguments changes.
- Other changes, including formatting and whitespace.
Bump __FreeBSD_version.
This change will break all third party applications that rely on previous
FreeBSD specific behavior.
proper way to fix this. The way this works is to prepend "exec " to
the editor command to eliminate the "shell in the middle" which prevents
us from properly reawakening the editor after a SIGTSTP.
PR: bin/50679
- Reduce diffs with NetBSD.
- Formatting and explicit values for enum declaration.
- Order of prototypes.
- zero report_size in hid_clear_local()
- errx() needs no newline
- Don't initialie variable in declaration in hid_parse_usage_in_page().
- Use fmtcheck() in hid_usage_in_page().
be printed.
- Fix %f conversions where the number of significant digits is < expt.
This would be a one-line change were it not for thousands separators.
Noticed by tjr.
- Remove some unnecessary code in the parsing of precision specifiers.
- We used to round long double arguments to double. Now we print
them properly.
- Bugs involving '%F', corner cases of '#' and 'g' format
specifiers, and the '.*' precision specifier have been
fixed.
- Added support for the "'" specifier to print thousands' grouping
characters in a locale-dependent manner.
- Implement the __vfprintf() side of hexadecimal floating point
support. All that is still needed is a routine to convert the
mantissa to hex digits one nibble at a time in the style of ultoa().
Reviewed by: silence on standards@
- __vfprintf()'s 'buf' has never been used for floating point, so
don't define it in terms of (incorrect) constants describing
floating point numbers. The actual size needed depends on
sizeof(uintmax_t) and locale details, so I slightly overestimated.
- We don't need a 308-character buffer to store the string "308".
With long doubles and %a we need more than three characters, though.
FreeBSD. This method attempts to centralize all the necessary hacks
or work arounds in one of two places in the tree (src/Makefile.inc1
and src/tools/build). We build a small compatibility library
(libbuild.a) as well as selectively installing necessary include
files. We then include this directory when building host binaries.
This removes all the past release compatibilty hacks from various
places in the tree. We still build on tip of stable and current. I
will work with those that want to support more, although I anticipate
it will just work.
Many thanks to ru@, obrien@ and jhb@ for providing valuable input at
various stage of implementation, as well as for working together to
positively effect a change for the better.
strange things might happen when garbage values in the struct
get passed in to localtime_r() and family.
Noticed by: marcus
Approved by: markm (mentor)(implicit)
Move the remaining bits of <sys/diskslice.h> to <i386/include/bootinfo.h>
Move i386/pc98 specific bits from <sys/reboot.h> to
<i386/include/bootinfo.h> as well.
Adjust includes in sys/boot accordingly.
as curthread in the new context, so that it will be set automatically when
the thread is switched to. This fixes a race where we'd run for a little
while with curthread unset in _thread_start.
Reviewed by: jeff
_get_curthread(). This is similar to the kernel's curthread. Doing
this saves stack overhead and is more convenient to the programmer.
- Pass the pointer to the newly created thread to _thread_init().
- Remove _get_curthread_slow().
This was changed because originally we were blocking on the umtx and
allowing the kernel to do the queueing. It was decided that the
lib should queue and start the threads in the order it decides and the
umtx code would just be used like spinlocks.
critical and should not be killed when pageout is looking for more
memory pages in all the wrong places.
Reviewed by: arch@
Sponsored by: St. Bernard Software
from strptime(3). Previously, they would get filled only
for the %s specifier and as a side effect of using the
the %Z specifier with a GMT time zone.
PR: misc/48993
Approved by: markm (mentor)
Silence on: -standards
new one, and do not fall back to the RO fd. There was a bug here
in that the RO fd was never closed, if the RDRW open succeeded, but
this code is bogus anyway, and it breaks newfs of floppies, at least
for me, due to "Device busy." Anything that wants to fall back is
doing something significantly odd that it should have some more complex
code on its end.
more complicated things than just setting the lock to 0.
- Implement stubs for this function in libc and the two threading libraries
that are currently in the tree.
by NIS work, like nsswitch.conf(5) promises to be able to.
(These modifications will be fed back to NetBSD, of course)
- In endusershell(), do not set `sl' to NULL if we know it already has
that value.
a couple of reqests: DSM_BUSY_PCT and DSM_QUEUE_LENGTH.
I have no further plans for mutilating this API at this point in
time, and will update the man-page to reflect current reality as
the next thing.
Reviewed by: ken
Kernel:
Change statistics to use the *uptime() timescale (ie: relative to
boottime) rather than the UTC aligned timescale. This makes the
device statistics code oblivious to clock steps.
Change timestamps to bintime format, they are cheaper.
Remove the "busy_count", and replace it with two counter fields:
"start_count" and "end_count", which are updated in the down and
up paths respectively. This removes the locking constraint on
devstat.
Add a timestamp argument to devstat_start_transaction(), this will
normally be a timestamp set by the *_bio() function in bp->bio_t0.
Use this field to calculate duration of I/O operations.
Add two timestamp arguments to devstat_end_transaction(), one is
the current time, a NULL pointer means "take timestamp yourself",
the other is the timestamp of when this transaction started (see
above).
Change calculation of busy_time to operate on "the salami principle":
Only when we are idle, which we can determine by the start+end
counts being identical, do we update the "busy_from" field in the
down path. In the up path we accumulate the timeslice in busy_time
and update busy_from.
Change the byte_* and num_* fields into two arrays: bytes[] and
operations[].
Userland:
Change the misleading "busy_time" name to be called "snap_time" and
make the time long double since that is what most users need anyway,
fill it using clock_gettime(CLOCK_MONOTONIC) to put it on the same
timescale as the kernel fields.
Change devstat_compute_etime() to operate on struct bintime.
Remove the version 2 legacy interface: the change to bintime makes
compatibility far too expensive.
Fix a bug in systat's "vm" page where boot relative busy times would
be bogus.
Bump __FreeBSD_version to 500107
Review & Collaboration by: ken
dtoa() is buggy. The bug would cause incorrect output to be
generated when format strings such as '%5.0f' were used with
nonzero numbers whose magnitude is less than 1.
Reported by: df(1) by way of periodic(8)
Reviewed by: mike
amount of bytes (supposed to be) written by vsnprintf exceeds the
size of the buffer.
PR: bin/48844
Submitted by: Peter A Jonsson <pj@ludd.luth.se>
Obtained from: OpenBSD
MFC after: 1 month
package, a more recent, generalized set of routines. Among the
changes:
- Declare strtof() and strtold() in stdlib.h.
- Add glue to libc to support these routines for all kinds
of ``long double''.
- Update printf() to reflect the fact that dtoa works slightly
differently now.
As soon as I see that nothing has blown up, I will kill
src/lib/libc/stdlib/strtod.c. Soon printf() will be able
to use the new routines to output long doubles without loss
of precision, but numerous bugs in the existing code must
be addressed first.
Reviewed by: bde (briefly), mike (mentor), obrien
not save (restore) the global pointer (GP) in the jmpbuf in setjmp
(longjmp) because it's not needed in general. GP is considered a
scratch register at callsites and hence is always restored after a
call (when it's possible that the call resolves to a symbol in a
different loadmodule; otherwise GP does not have to be saved and
restored at all), including calls to setjmp/longjmp. There's just
one problem with this now that we use setjmp/longjmp for context
switching: A new context must have GP defined properly for the
thread's entry point. This means that we need to put GP in the
jmpbuf and consequently that we have to restore is in longjmp.
This automaticly requires us to save it as well.
When setjmp/longjmp isn't used for context switching, this can be
reverted again.
integral type to the size of a pointer type when it's known that the
cast is valid. On ia64 such casts are generally bad news and has led
us (=peter :-) to make such casts fatal. By casting to intptr_t
before casting to a pointer type, this now compiles cleanly in LP64
architectures. Note that the final cast has been changed to void*
(instead of siginfo_t*) to make it explicit that we're not trying to
pass a siginfo_t pointer but rather trying to pass an int when the
prototype says it should be a pointer.
the J_SIG0 field. While here, rename J_SIG0 to J_SIGSET and
remove J_SIG1. The main reason for this change is that the
128-bit sigset_t is now aligned on a 16-byte boundary, which
allows us to use 16-byte atomic loads and stores on CPUs that
support it. The removal of J_SIG1 is done to avoid confusion:
it is never accessed and should not be. Renaming J_SIG0 to
J_SIGSET is the icing on the cake that's better done now than
later.
password quality, not login.conf(5).
- Move warnexpire and warnpasswd from the ``Accounting Limits''
section to ``Authentication'', and nix everything else in the
former section. The accounting knobs are not available in
the base system, and the subset of them available in ports
should be documented in the ports' manpages.
PR: 47960
Reviewed by: mike (mentor), doc
file in the NFS file system when the underlying device is not a
network device. A Sparc64 specific hack for this exact problem was
already present (nfs.c:1.9, tftp.c:1.10), but the problem is not
specific to Sparc64. The hack has been promoted to a non-i386 test
because on non-i386 architectures it's either impossible to have
non-network devices coexist in the same loader with the NFS FS, or
network and non-network device coexist and NFS filesystems can only
be used on top of network devices. I believe i386 pxeboot is where
this does not hold.
The root cause of this problem is in open.c where each file system
is tried until no more file systems exist or a file system returns
success. There's no notion of a list of valid file systems given
the underlying device and the non-existence of a file can cause
the invalid combination to be tried.
in math.h; the consensus here was that __BSD_VISIBLE was correct instead.
- gamma_r, lgamma_r, gammaf_r, and lgammaf_r had no documentation in the
lgamma(3) manpage.
Reviewed by: standards@
Submitted by: Ben Mesander
The background info in this man page needs rewriting
in some parts since the last major changes
to the code, however it still accuratly reflects how to use the
API.
* use correct error detection of realloc failure
* strtol negative return check
* use strtol to validate string instead of rolling our own
validation code
* terminate the command sequence correctly
for the sorts of errors we run into[1]. This also gives us room to put in a
vaguely appropriate casts to silence warnings since our compiler doesn't like
when we compare ssize_t to size_t[2]. Add a cast in sblock.c[3] to silence
a warning because of signed vs. size_t hell (again). Clean up nearby
excessive parenthemutilation[4].
Reviewed by: bde [2] [3]
Suggested by: bde, many [1]
Submitted by: bde [4]
An aside about [4], bde notes that we do not check for a negative value for
the fs bsize. I'm nto going to do that in every situation we use it, one must
expect a reasonable program to pass down reasonable values. Some foot shooting
protection I will tolerate, some I will not. Also he suggests some possible
conditional improvements there, which I may take to heart.
PS: For me at least, this is now WARNS=5 clean...
seed->first value correlation. It breaks rand_r()... Other possible methods
like shuffling inside aray will breaks rand_r() too, because it assumes
only one word state, i.e. nothing extra can be added after seed assignment
in srand().
BTW, for old formulae seed->first value correlation is not so monotonically
increased as with other Linear Congruential Generators of this type only
becase arithmetic overflow happens. But overflow affects distribution
and lower bits very badly, as many articles says, such type of overflow
not improves PRNG.
So, monotonically increased seed->first value correlation problem remains...
Only warnings that could be fixed without changing the generated object
code and without restructuring the source code have been handled.
Reviewed by: /sbin/md5
Introdice RTLD_SELF special handle and properly process it within
dlsym() and dlinfo() functions.
The intention is to improve our compatibility with Solaris and
to make a Java port easier.
Partially submitted by: phantom
isnormal(). The current isinf() and isnan() are perserved for
binary compatibility with 5.0, but new programs will use the macros.
o Implement C99 comparison macros isgreater(), isgreaterequal(),
isless(), islessequal(), islessgreater(), isunordered().
Submitted by: David Schultz <dschultz@uclink.Berkeley.EDU>
to maintain, and had security issues which would have required a major
rewrite to address anyway.
This implementation currently starts a separate agent for each session
instead of connecting each new session to the agent started by the first
one. While this would be a Good Thing (and the old pam_ssh(8) tried to
do it), it's hard to get right. I'll revisit this issue when I've had a
chance to test some modifications to ssh-agent(1).
o Add a MD header private to libc called _fpmath.h; this header
contains bitfield layouts of MD floating-point types.
o Add a MI header private to libc called fpmath.h; this header
contains bitfield layouts of MI floating-point types.
o Add private libc variables to lib/libc/$arch/gen/infinity.c for
storing NaN values.
o Add __double_t and __float_t to <machine/_types.h>, and provide
double_t and float_t typedefs in <math.h>.
o Add some C99 manifest constants (FP_ILOGB0, FP_ILOGBNAN, HUGE_VALF,
HUGE_VALL, INFINITY, NAN, and return values for fpclassify()) to
<math.h> and others (FLT_EVAL_METHOD, DECIMAL_DIG) to <float.h> via
<machine/float.h>.
o Add C99 macro fpclassify() which calls __fpclassify{d,f,l}() based
on the size of its argument. __fpclassifyl() is never called on
alpha because (sizeof(long double) == sizeof(double)), which is good
since __fpclassifyl() can't deal with such a small `long double'.
This was developed by David Schultz and myself with input from bde and
fenner.
PR: 23103
Submitted by: David Schultz <dschultz@uclink.Berkeley.EDU>
(significant portions)
Reviewed by: bde, fenner (earlier versions)
pam_wheel(8) module was written to work in spite of a broken libpam, and
has grown organically since its inception, which is reflected in both its
functionality and implementation. Rather than clean up pam_wheel(8) and
break backward compatibility, I've chosen to reimplement it under a new,
more generic name.
Sponsored by: DARPA, NAI Labs
to remove part of seed -> 1st value correlation. Correlation still remains
because of algorithm limits. Note that old algorithm have even stronger
correlation, especially in the lower bits area, but not eye-visible, as
current one.
at 0 as designed. Its BSD adaptation tries to fight it by mapping 0 to
2147483647 after calculation, but this method not works since 2147483647
seed returns to 0 again on the next interation. Instead of after calculation
mapping, map 0 to another value _before_ calculation, so it never stucks.
initialize the context. This way, a failure to initialize the context is
not fatal unless we actually have work to do - because if we don't, we
return PAM_SUCCESS without even trying to initialize the context.
checks, including the "open directory" check or a MAC check fail,
after the working directory of the process has been changed, then
the cwd of the process will be left as the target directory rather
than the original directory.
At some point, this bug might be fixable by performing the directory
change only after permission is granted for the change. In the
mean time document it (it's been there for a while).
is finished. This fixes clients doing two RPCs over the
same connection at the same time. Without this fix, we
could end with a reply to old data.
Submitted by: Frank van der Linden <fvdl@netbsd.org>
Reviewed by: rwatson
Obtained from: NetBSD
(previous variant return NULL pointer for both empty file case and error case,
so caller can't sense error properly).
It not affect existen programs because property_find() now returns NULL
for both NULL pointer and NULLified struct.
get it from the fs structure. Really libufs should have interfaces to generate
both what we export, and what we import, based on eachother, and this should
be full of redundant code to make sure everything is right... But really, we
don't even deal with checksums, so plenty of room to improve.
a NULL filename argument allows a stream's mode to be changed. At the
moment it just recycles the old file descriptor instead of storing the
filename somewhere and using that to reopen the file, as the standard
seems to require. Strictly conforming C99 applications probably can't
tell the difference but POSIX ones can.
PR: 46791
to be called on first sight of trouble.
"sensitive" is somewhat arbitrarily defined as "setuid, setgid, uid == root
or gid == wheel".
The 'A' option carries no performance penalty.
It is not possible to override this setting: fix the program instead.
Absentmindedly nodded OK to by: various
o Link mac_get_pid.3 to mac_get.3
o Update SEE ALSO to refer to mac_prepare, and added missing references
o Remove clause #3 on my work
o Update mac_get.3 for the updated MAC API
Sponsored by: DARPA, Network Associates Laboratories
Obtained from: TrustedBSD Project
so that multiple opens of the same semaphore without an intervening
sem_close() return the same object, and so that sem_close() does not
segfault while trying to remove the item from the list.
that crept in recently. GCC will optimize the divides and multiplies for us.
Submitted by: David Schultz <dschultz@uclink.Berkeley.EDU>
MFC after: 1 day
- In Create_Chunk_DWIM(), if there is a freebsd chunk that has no
children chunks, then trying to add a child part chunk will fail even
though there is free space. Handle this special case by adding an
unused chunk the full size of the freebsd chunk as a child of the
freebsd chunk before adding the new part chunk. This situation can
happen when changing the type of an existing slice to be a FreeBSD
slice type or when installing onto a blank disk on Alpha (which has
no slices.)
Reviewed by: phk
MFC after: 2 days
pam_krb5 to consolidate the copyright texts. The semi-official
pam_krb5 module has been distributed with this new license text ever
since, but I'm just now getting around to updating the text here.
putchar_unlocked(), putc_unlocked(), feof_unlocked(), ferror_unlocked(),
clearerr_unlocked(), and fileno_unlocked(). The first four are required
by POSIX. The rest are provided for consistency.
because we have 2 stacks per thread: the regular downward
memory stack and the irregular upward register stack. This
implementation lets both stacks grow toward each other. An
alternative scheme is to have them grow away from each other.
The alternate scheme has the advantage that both stack grow
toward guard pages. Since libc_r is virtually dead and we
really want the *context stuff for thread switching, we don't
try to be perfect, just functional.
instead of unwinding the call stack. This makes them usable to switch
stacks, e.g. for libc_r.
Do not save the frame pointer in setjmp() and _setjmp(), it is not needed
any more.
Rename _longjmp() to ___longjmp(), with a weak alias to _longjmp(), like
the other architectures did.
o Call waitpid() if an error occurs after forking the child process
to avoid leaving zombies around.
o Handle the WRDE_DOOFS|WRDE_APPEND combination correctly
o Do not confuse $( substitution with $(( shell arithmetic
(noticed by wollman)
o Handle backslash escaping properly
o Allow $( and ${ to be quoted
As a side effect, it makes the code easier to read and requires less
pointer arithmetic.
Test by: strerror regression test
Submitted by: Tim Kientzle <kientzle@acm.org>
when the same pipe FILE is pclosed()'d in different threads, and to avoid
corrupting the linked list when adding or removing items. The symptoms of
the linked list getting corrupted were pclose() either not finding the pipe
on the list, or the list becoming circular and pclose() looping infinitely.
to Solaris, it is in /usr/libexec) to perform the handing over of tty nodes
to the user being granted the pty.
Submitted by: Ryan Younce <ryany@pobox.com>
Reviewed by: security-officer@, standards@, mike@
This situation most notably arises in chkprintcap, when a /etc/printcap
entry has an empty rp= attribute. In that case, cgetmatch would enter
an infinite loop if any entry in the file has multiple names.
This causes lpd to hang at boot time on 5.0-DP2 when both conditions
are met (:rp=: and multiple names -- not necessarily on the same entry).
Reviewed by: roberto
a pointer and lack a prototype will have the return value (assumed
to be an integer) zero-extended to a pointer. On ia64 this is
unconditionally fatal as it zeroes-out the region bits, forming an
invalid pointer. Fix the sigsegv by including <stdlib.h>.
Pointy hat: bbraun
the -fpcc-struct-return calling convention properly instead of
returning garbage. This may break backwards compatibility with some old
binaries that were compiled when -fno-pcc-struct-return was the default.
o Fix an English error (comma splice) and poorly worded sentence.
o Fix KNF ordering of variables (pointers come before arithmetic types).
o Restore hand-optimization of sizeof()-1, instead of strlen().
o Remove unneeded local variables in strerror_r().
Test by: strerror regression test
Requested by: bde
Reviewed by: bde
strerror_r(). Doing this allows us to ensure that strerror_r() always
fills the supplied buffer regardless of EINVAL or ERANGE errors.
strerror()'s semantics have changed slightly such that an argument of
0 is now considered invalid and errno is set to EINVAL.
Remove internal regression test for strerror() and strerror_r(). This
will be reincarnated in src/tools/regression/lib/libc/string.
In strerror(3), add a comment about strerror()'s bogus return type.
PR: 44356
Stop calling system calls "function calls".
Use "The .Fn system call" a-la "The .Nm utility".
When referring to a non-BSD implementation in
the HISTORY section, call syscall a function,
to be safe.
from "unix" back to "local". Add some compat stuff so both
ways work for some time.
Reviewed by: phk
Approved by: imp (UPDATING)
Requested by: iedowse, lukem@netbsd.org
to be cleaner. Also, when deleting a chunk, try to find the mother chunk
as a whole chunk by default if this isn't a BSD partition or a unused or
whole chunk. Before we just did this for FreeBSD and FAT slices, which
means that other chunk types such as EFI and mbr (mbr is used for slices
that don't have their own chunk type).
Submitted by: nyan (mostly)
Approved by: re
when trying to store the year in a signed int. The maximum time_t on ia64
is around 292 billion years in the future, but 'int' and struct tm.tm_year
can only represent then ext 2.1 billion years or so.
This solves the problem of mktime/localtime looping on ia64. Unfortunately,
the standards say that tm_year is an 'int', so we are still stuck with a
y2147483647 bug. bash2's configure script looks for bugs in mktime() and
fails on ia64 because of this. However, mktime() on FreeBSD fails the test
normally anyway so this is no big loss.
This change does not affect any other platforms besides ia64.
Approved by: re
since it has been MFC'ed. See the log message for the previous commit
for more details. The alignment bug in gcc-3 has not been fixed, but
it is not very serious and the previous commit just moved it (as intended).
Approved by: re (murray)
the old 8-bit fs_old_flags to the new location the first time that the
filesystem is mounted by a new kernel. One of the unused flags in
fs_old_flags is used to indicate that the flags have been moved.
Leave the fs_old_flags word intact so that it will work properly if
used on an old kernel.
Change the fs_sblockloc superblock location field to be in units
of bytes instead of in units of filesystem fragments. The old units
did not work properly when the fragment size exceeeded the superblock
size (8192). Update old fs_sblockloc values at the same time that
the flags are moved.
Suggested by: BOUWSMA Barry <freebsd-misuser@netscum.dyndns.dk>
Sponsored by: DARPA & NAI Labs.
In _thread_switch, set current thread pointer in kse mailbox
only after all registers copied out of thread mailbox, kernel will do
upcall at trap time, if set current thread pointer before loading all
registers from thread mailbox, at trap time, the thread mailbox data
will be overwritten by kernel, result is junk data is loaded into CPU.
been repo-copied from src/lib/libc/uuid to src/include. Update the
makefiles.
While in src/include/Makefile, reformat and resort INCS. Reverting
the functional change only involves removing uuid.h.
Pompted by: ru
I've no idea if this is the right behavior for the library, but this
at least fixes the build, and matches what seems to be alfred's intent
in the commit message for 1.19.
sysconf.c:
Use 'break' rather than 'goto yesno' in sysconf.c so that we report a '0'
return value from the kernel sysctl.
vfs_aio.c:
Make aio reset its configuration parameters to -1 after unloading
instead of 0.
posix4_mib.c:
Initialize the aio configuration parameters to -1
to indicate that it is not loaded.
Add a facility (p31b_iscfg()) to determine if a posix4 facility has been
initialized to avoid having to re-order the SYSINITs.
Use p31b_iscfg() to determine if aio has had a chance to run yet which
is likely if it is compiled into the kernel and avoid spamming its
values.
Introduce a macro P31B_VALID() instead of doing the same comparison over
and over.
posix4.h:
Prototype p31b_iscfg().
Both are atomic, but the cmpxchg has memory ordering hints. We
give this acquire semantics.
NOTE: The unlock in libc_r is implemented by a "normal" assign
statement. This is not correct on ia64 due to the memory ordering
characteristics of the architecture. We need release semantics
for an unlock.
libc. I want to keep these in some version for the thread
library/ies, but don't know whether to have them repo-copied
to libc_r or renamed and kept in libc.
Change the name of an alpha macro that was changed with the
system call commit.
subsystems capabilities:
_SC_AIO_LISTIO_MAX returns the default of _POSIX_AIO_LISTIO_MAX
_SC_AIO_MAX returns the default _POSIX_AIO_MAX
_SC_AIO_PRIO_DELTA_MAX returns the default of 0
Without these adjustments the values returned are -1 even when the
aio side of the kernel returns '0' for them which is incorrect.
Noticed by: Craig Rodrigues <rodrigc@attbi.com>
time_t. Deal with the possibility that time_t != int32_t. This boils
down to this sort of thing:
- time(&ut.ut_time);
+ ut.ut_time = time(NULL);
and similar for ctime(3) etc. I've kept it minimal for the stuff
that may need to be portable (or 3rd party code), but used Matt's time32
stuff for cases where that isn't as much of a concern.
Approved by: re (jhb)
descriptors that have the close-on-exec flag set, as that will have no
effect anyway and might screw something else up if the file descriptor
happens to be shared with another process.
PR: standards/43335
MFC after: 1 week
architecture, mainly to avoid getting a SIGFPE signal sent
when calling strtod(3) with certain input.
The SIGFPE has been sent because the code was not aware that
a Gradual Underflow is handled in software via traps on the
Alpha architecture, but is not implemented in our Alpha kernel
layer.
With `Sudden_Underflow' defined, strtod(3) should not depend
on Gradual Underflow and adjust its calculations accordingly,
which means that other, more subtle errors than the sending of
SIGFPE could be solved by this.
Discussed with: bde
PR: alpha/12623
PR: alpha/17032
PR: alpha/43567
MFC after: 7 days
caused by dynamic PAM modules that call openlog(3) and closelog(3),
e.g. ports/security/pam_pwdfile.
What happened here is that the module first registered its "ident"
with openlog(3), then PAM library unloaded module with dlclose(3),
and the next call to syslog(3) resulted in SIGSEGV.
MFC after: 3 days
o Remove the unwanted smartness in _longjmp() where it compares
the current ar.bspstore with the saved ar.bspstore and restores
ar.rnat based on it. This either avoids saving ar.rnat in the
jmp_buf or is the consequence of not saving ar.rnat. All this
complexity breaks libc_r where we use longjmp() to switch to
different threads and the current ar.bspstore has no relation
to the saved ar.bspstore. Thus: we save ar.rnat in setjmp()
and simply restore ar.bspstore and ar.rnat in longjmp().
This code needs a cleanup.
by filling in the jump table.
Convert uses of pthread routines within libc_r to use the internal
versions (_pthread_foo instead of pthread_foo).
Remove a couple of globals from application namespace.
entries in the table being stubs. While I'm here, add macros to
auto-generate the stubs. A conforming threads library can override
the stub routines by filling in the jump table.
Add some entries to namespace.h and sync un-namespace.h to it.
Also add a comment to remind folks to update un-namespace.h
when changing namespace.h.
PAM module state (created in pam_sm_authenticate and referenced later
in pam_sm_setcred and pam_sm_acct_mgmt). However, the krb5_ccache
structure shares some data members with the krb5_context structure
that was used in its creation. Since a new krb5_context is created
and destroyed at each PAM entry point, this inevitably caused the
krb5_ccache structure to reference free'd memory.
Now instead of storing a pointer to the krb5_ccache structure,
we store the name of the cache (e.g. `MEMORY:0x123CACHE') in
pam_sm_authenticate, and resolve the name in the other entry points.
This bug was uncovered by phkmalloc's free'd memory scrubbing.
Approved by: re (jhb)
e.g.
Unknown error: -1765328378
we get
Client not found in Kerberos database
Another way to accomplish this would have been to leave
`error_message' alone, but to explicitly load the Kerberos com_err
error tables. However, I don't really like the idea of a PAM module
dorking with global tables.
Approved by: re (jhb)
difference between the two from a low-level point of view is that
the partition type is different. This change adds EFI related cases
to existing switch statements with existing FAT related cases.
information, since we rely on the pwd entry to know what MAC labels
to set as part of the login process.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Don't force 16-byte alignment at run-time. Do it at compile-time.
This saves us the pointer fiddling by the setjmp functions and
reduces complexity. While here, increase the jmp_buf by 16 bytes
to an even 512 bytes. Coincidentally, due to the way alignment
was handled prior to this change, the jmp_buf has not changed in
size, but only in how the space is used. Prior to this change
the 16 bytes were reserved for enforcing alignment; now they are
reserved by us for future extensions.
Therefore, this ABI breaker is relatively save: the failure is
always an alignment trap.
namely uuidgen(1), uuidgen(2) and uuid(3), the following division
has been choosen:
uuidgen(1) A description of the command line utility,
and other user oriented UUID information.
uuidgen(2) A mostly technical description of UUIDs.
uuid(3) A description of the functions and other
programmer oriented UUID information.
According to the division: add more technical contents.
Contributed by: Hiten Pandya <hiten@uk.FreeBSD.org>
Edited and enhanced: marcel
always to the first 16 sectors of the disk. The firmware reads the boot
code from a partition, defaulting to 'a' if none is specified, which only
corresponds to the first 16 sectors of the disk if 'a' is first. Solaris
often makes the swap partition first, instead of the root partition, and
users expect to be able to do the same with freebsd as well. This also
allows one to temporarily boot from another partition if the boot block
on the root partition gets scrambled somehow.
o Remove all code guarded by !defined(__ia64__). This file is
specifically written for ia64,
o Handle the case when read_block() or write_block() fails. We
don't want sysinstall(8) to signal a thumbs-up on error,
o Set the starting (cyl,hd,sect) triple to 0xFFFFFF when either
bios_hd or bios_sect is zero or the LBA us not representable
with the triple. In that case automaticly initialize the
ending triple with 0xFFFFFF as well,
o Reindent Write_Int32() as it was different than the rest of
the file,
o Remove some unused variables that appeared to be used but
were effectively useless.
o Plug a memory leak: The second timne we read the MBR, we write
out a modified block, but didn't free the memory after writing.
o Replace d1->sector_size with 512 when we read/write the MBR.
We ignore the sector size in cases we shouldn't but adhered to
it in cases it would be wrong if the sector_size wasn't 512.
This file should eventually be rewritten to write out a GPT. For
now, a MBR will do...
to be static for 5.0. I may remove this for 5.1 or 5.2. No more
binaries or libarires will be generated with __sF starting as of
yesterday. Originally the plan had been to eliminate this for 5.0,
but we didn't get the __std{in,out,err}p changes merged into -stable
until yesterday (rather than in September 2001 like it should have
been). Given that didn't happen on time, we can't do the other part
of the scheme now.
# Please do not change this without talking to me first.
to use the same start condition as the i386 version. However, since
Alpha's only have one fake "slice" from sysinstall's perspective we don't
need to use a loop, but can just write out the BSD label in the first
fake "slice".
the page myself. The new language is more accurate than what was there
before, but the most accurate way of describing the funcionality eludes
me.
PR: kern/33904
MFC after: 1 month
of heads end the number of sectors per track. If there's an obvious
insanity (heads and sectors are both zero or the media size is not
an integral multiple of heads times sector) we set the number of
cylinders to zero.
1. When the parition type is not an integer, try to parse the type
as an UUID. If that succeeds, map the UUID to chunk_e.
2. For GPT partitions, pass the type constructed in point 1 above
to Add_Chunk.
While here, fix the MBREXT case by only checking if the first 3
characters are MBR. This avoids duplication.
the data value returned by kevent()'s EVFILT_READ filter on non-TCP
sockets accurately reflects the amount of data that can be read from the
sockets by applications.
PR: 30634
Reviewed by: -net, -arch
Sponsored by: NTT Multimedia Communications Labs
MFC after: 2 weeks
* Fix typos in rwlock stubs.
* Add pthread_XXX counterparts to the _pthread_XXX stubs which libraries
like libX11 can use to ensure thread-safety without requiring the use
of a thread library.
Submitted by: Terry Lambert (pthread_cond_broadcast)
Reviewed by: deischen
HUGE_VAL is not properly aligned on some architectures. The previous
fix now works because the two versions of 'math.h' (include/math.h
and lib/msun/src/math.h) have since been merged into one.
PR: bin/43544
functions is expected for uuidgen(1), mca(8) and gpt(8). Given the
generic use of UUIDs beyond the scope of the DCE 1.1 specification,
visibility of the data structure at all levels of the machine,
including firmware and the wish to not create a permanent build-
time FreeBSD-ism for DCE compliant applications by creating a new
library, it was decided that libc would be the least inappropriate
place. Also, because the UUID functions live in libc under IRIX as
well, we have maximized our portability and left as many options
open as possible.
This implementation introduces an extension not found in the
specification: the status parameter is allowed to be a NULL-
pointer. The reason for introducing the extension is because
the status is almost never of any use.
The manpage that's part of this commit is a minimal place-holder
and is further fleshed-out in the near future.
Approved by: re@
Contributed by: Hiten Mahesh Pandya <hiten@unixdaemons.com>
Sponsored by: marcel :-)
Tested on: alpha, i386, ia64
Don't gratuitously pipe thru a cat(1) if NODOCCOMPRESS.
Only create _stamp.extra when necessary.
Get rid of SOELIMPP and OBJS.
Use Groff version of soelim(1); we need its -I option
for the following to work.
Don't needlessly chdir to SRCDIR. Only a few documents
need CD_HACK, and those that need it either use refer(1)
or .PSPIC macro which internally uses the .psbb call.
This significantly rewamps libdisks discovery of existing disk
layout.
Please send me reports if this does not work as expected on
i386 or sparc64 platforms.
I need to sort out alpha, pc98 and ia64 (in that order) before
testing on those platforms make a lot of sense.
Belived to work for: i386 sparc64
Unknown state: pc98 alpha ia64
_fetch_writev() to incorrectly report EPIPE in certain cases.
Also fix a number of const warnings by using __DECONST(), plus a signed /
unsigned comparison by casting the rhs to ssize_t.
Submitted by: fenner, Craig Rodrigues <rodrigc@attbi.com>
return -1 regardless of what s points to, mbtowc(&w, s, 1) sets w to a
null wide character when s points to a null byte. This seems to be closer
to what most other implementations do, but the C99 standard contradicts
itself for these cases.
whether a named utility should behave in FreeBSD 4.x-compatible mode
or in a standard mode (default standard). The configuration is done
malloc(3)-style, with either an environment variable or a symlink.
Update expr(1) to use this new interface.
Implement new sysconf keys. Change the implenentation of
_SC_ASYNCHRONOUS_IO in preparation for the next set of changes.
Move some limits which had been in <sys/syslimits.h> to <limits.h> where
they belong. They had only ever been in syslimits.h to provide for the
kernel implementation of the CTL_USER MIB branch, which went away with
newsysctl years ago. (There is a #error in <sys/syslimits.h> which I
will downgrade in the next commit.)
error, only report an error if no data was read at all (unless len was
0 to start with). Otherwise, the final read of practically any transfer
will end in a fatal error.
the SSL case, it is no different from the old _fetch_write(), but in the
non-SSL case it uses writev(2) to send the entire vector as a single
packet (provided it can fit in one packet). Implement _fetch_write()
and _fetch_putln() in terms of _fetch_writev().
This should improve performance in the non-SSL case (by reducing protocol
overhead) and solve the problem where too-smart-for-their-own-good
firewalls reject FTP packets that do not end in CRLF.
PR: bin/44123
Submitted by: fenner
not initialized before use, and _http_growbuf() did not return a value
on success.
Reported by: Peter Edwards <pmedwards@eircom.net>
MFC after: 2 weeks
symptoms: make timeouts and short transfers fatal, and set errno to an
appropriate value (ETIMEDOUT for a timeout, EPIPE for a short transfer).
MFC after: 2 weeks
extenston function. It supposed to provide facility to get already created
thread's attributes. Looks like it's last thing we need to make JDK's Hotspot
building without requirement to have source tree.
Reviewed by: deischen
MFC after: 3 days
- port range check need to be done before htons. from deraadt
- %d/%u audit
- correct bad practice in the code - it uses two changing variables
to manage buffer (buf and buflen). we eliminate buflen and use
fixed point (ep) as the ending pointer.
- use snprintf, not sprintf
- pass correct name into q.name. from lukem@netbsd
- sync comment
Obtained from: KAME
MFC after: 1 week
closed through _fetch_close() which is the only one who knows the connection
REALLY was closed (since ref -> 0). However, FTP keeps its own local
cached_connection and checks if it is valid by comparing it to NULL. This
is bogus since it may have been freed elsewhere by _fetch_close().
This change checks if we are closing the cached_connection and the ref is 1
(soon to be 0). If so, set cached_connection to NULL so we don't
accidentally reuse it. The REAL fix should be to move connection caching
to the common.c level (_fetch_* functions) and NULL the cache(s) in
_fetch_close(). Then all layers could benefit from caching.
linking.
* Fix disorder in the SEE ALSO sections of aio_*(2).
* Remove unnecessary cross-references from the SEE ALSO sections of
aio_*(2); config(8), kldload(8) and kldunload(8) are cross-referenced
from aio(4).
* Remove the KERNEL OPTIONS sections from aio_*(2), now that these
pages cross-reference aio(4), which contains suitable kernel linking
reference material.
