Kernel:
Change statistics to use the *uptime() timescale (ie: relative to
boottime) rather than the UTC aligned timescale. This makes the
device statistics code oblivious to clock steps.
Change timestamps to bintime format, they are cheaper.
Remove the "busy_count", and replace it with two counter fields:
"start_count" and "end_count", which are updated in the down and
up paths respectively. This removes the locking constraint on
devstat.
Add a timestamp argument to devstat_start_transaction(), this will
normally be a timestamp set by the *_bio() function in bp->bio_t0.
Use this field to calculate duration of I/O operations.
Add two timestamp arguments to devstat_end_transaction(), one is
the current time, a NULL pointer means "take timestamp yourself",
the other is the timestamp of when this transaction started (see
above).
Change calculation of busy_time to operate on "the salami principle":
Only when we are idle, which we can determine by the start+end
counts being identical, do we update the "busy_from" field in the
down path. In the up path we accumulate the timeslice in busy_time
and update busy_from.
Change the byte_* and num_* fields into two arrays: bytes[] and
operations[].
Userland:
Change the misleading "busy_time" name to be called "snap_time" and
make the time long double since that is what most users need anyway,
fill it using clock_gettime(CLOCK_MONOTONIC) to put it on the same
timescale as the kernel fields.
Change devstat_compute_etime() to operate on struct bintime.
Remove the version 2 legacy interface: the change to bintime makes
compatibility far too expensive.
Fix a bug in systat's "vm" page where boot relative busy times would
be bogus.
Bump __FreeBSD_version to 500107
Review & Collaboration by: ken
dtoa() is buggy. The bug would cause incorrect output to be
generated when format strings such as '%5.0f' were used with
nonzero numbers whose magnitude is less than 1.
Reported by: df(1) by way of periodic(8)
Reviewed by: mike
amount of bytes (supposed to be) written by vsnprintf exceeds the
size of the buffer.
PR: bin/48844
Submitted by: Peter A Jonsson <pj@ludd.luth.se>
Obtained from: OpenBSD
MFC after: 1 month
package, a more recent, generalized set of routines. Among the
changes:
- Declare strtof() and strtold() in stdlib.h.
- Add glue to libc to support these routines for all kinds
of ``long double''.
- Update printf() to reflect the fact that dtoa works slightly
differently now.
As soon as I see that nothing has blown up, I will kill
src/lib/libc/stdlib/strtod.c. Soon printf() will be able
to use the new routines to output long doubles without loss
of precision, but numerous bugs in the existing code must
be addressed first.
Reviewed by: bde (briefly), mike (mentor), obrien
not save (restore) the global pointer (GP) in the jmpbuf in setjmp
(longjmp) because it's not needed in general. GP is considered a
scratch register at callsites and hence is always restored after a
call (when it's possible that the call resolves to a symbol in a
different loadmodule; otherwise GP does not have to be saved and
restored at all), including calls to setjmp/longjmp. There's just
one problem with this now that we use setjmp/longjmp for context
switching: A new context must have GP defined properly for the
thread's entry point. This means that we need to put GP in the
jmpbuf and consequently that we have to restore is in longjmp.
This automaticly requires us to save it as well.
When setjmp/longjmp isn't used for context switching, this can be
reverted again.
integral type to the size of a pointer type when it's known that the
cast is valid. On ia64 such casts are generally bad news and has led
us (=peter :-) to make such casts fatal. By casting to intptr_t
before casting to a pointer type, this now compiles cleanly in LP64
architectures. Note that the final cast has been changed to void*
(instead of siginfo_t*) to make it explicit that we're not trying to
pass a siginfo_t pointer but rather trying to pass an int when the
prototype says it should be a pointer.
the J_SIG0 field. While here, rename J_SIG0 to J_SIGSET and
remove J_SIG1. The main reason for this change is that the
128-bit sigset_t is now aligned on a 16-byte boundary, which
allows us to use 16-byte atomic loads and stores on CPUs that
support it. The removal of J_SIG1 is done to avoid confusion:
it is never accessed and should not be. Renaming J_SIG0 to
J_SIGSET is the icing on the cake that's better done now than
later.
password quality, not login.conf(5).
- Move warnexpire and warnpasswd from the ``Accounting Limits''
section to ``Authentication'', and nix everything else in the
former section. The accounting knobs are not available in
the base system, and the subset of them available in ports
should be documented in the ports' manpages.
PR: 47960
Reviewed by: mike (mentor), doc
file in the NFS file system when the underlying device is not a
network device. A Sparc64 specific hack for this exact problem was
already present (nfs.c:1.9, tftp.c:1.10), but the problem is not
specific to Sparc64. The hack has been promoted to a non-i386 test
because on non-i386 architectures it's either impossible to have
non-network devices coexist in the same loader with the NFS FS, or
network and non-network device coexist and NFS filesystems can only
be used on top of network devices. I believe i386 pxeboot is where
this does not hold.
The root cause of this problem is in open.c where each file system
is tried until no more file systems exist or a file system returns
success. There's no notion of a list of valid file systems given
the underlying device and the non-existence of a file can cause
the invalid combination to be tried.
in math.h; the consensus here was that __BSD_VISIBLE was correct instead.
- gamma_r, lgamma_r, gammaf_r, and lgammaf_r had no documentation in the
lgamma(3) manpage.
Reviewed by: standards@
Submitted by: Ben Mesander
The background info in this man page needs rewriting
in some parts since the last major changes
to the code, however it still accuratly reflects how to use the
API.
* use correct error detection of realloc failure
* strtol negative return check
* use strtol to validate string instead of rolling our own
validation code
* terminate the command sequence correctly
for the sorts of errors we run into[1]. This also gives us room to put in a
vaguely appropriate casts to silence warnings since our compiler doesn't like
when we compare ssize_t to size_t[2]. Add a cast in sblock.c[3] to silence
a warning because of signed vs. size_t hell (again). Clean up nearby
excessive parenthemutilation[4].
Reviewed by: bde [2] [3]
Suggested by: bde, many [1]
Submitted by: bde [4]
An aside about [4], bde notes that we do not check for a negative value for
the fs bsize. I'm nto going to do that in every situation we use it, one must
expect a reasonable program to pass down reasonable values. Some foot shooting
protection I will tolerate, some I will not. Also he suggests some possible
conditional improvements there, which I may take to heart.
PS: For me at least, this is now WARNS=5 clean...
seed->first value correlation. It breaks rand_r()... Other possible methods
like shuffling inside aray will breaks rand_r() too, because it assumes
only one word state, i.e. nothing extra can be added after seed assignment
in srand().
BTW, for old formulae seed->first value correlation is not so monotonically
increased as with other Linear Congruential Generators of this type only
becase arithmetic overflow happens. But overflow affects distribution
and lower bits very badly, as many articles says, such type of overflow
not improves PRNG.
So, monotonically increased seed->first value correlation problem remains...
Only warnings that could be fixed without changing the generated object
code and without restructuring the source code have been handled.
Reviewed by: /sbin/md5
Introdice RTLD_SELF special handle and properly process it within
dlsym() and dlinfo() functions.
The intention is to improve our compatibility with Solaris and
to make a Java port easier.
Partially submitted by: phantom
isnormal(). The current isinf() and isnan() are perserved for
binary compatibility with 5.0, but new programs will use the macros.
o Implement C99 comparison macros isgreater(), isgreaterequal(),
isless(), islessequal(), islessgreater(), isunordered().
Submitted by: David Schultz <dschultz@uclink.Berkeley.EDU>
to maintain, and had security issues which would have required a major
rewrite to address anyway.
This implementation currently starts a separate agent for each session
instead of connecting each new session to the agent started by the first
one. While this would be a Good Thing (and the old pam_ssh(8) tried to
do it), it's hard to get right. I'll revisit this issue when I've had a
chance to test some modifications to ssh-agent(1).
o Add a MD header private to libc called _fpmath.h; this header
contains bitfield layouts of MD floating-point types.
o Add a MI header private to libc called fpmath.h; this header
contains bitfield layouts of MI floating-point types.
o Add private libc variables to lib/libc/$arch/gen/infinity.c for
storing NaN values.
o Add __double_t and __float_t to <machine/_types.h>, and provide
double_t and float_t typedefs in <math.h>.
o Add some C99 manifest constants (FP_ILOGB0, FP_ILOGBNAN, HUGE_VALF,
HUGE_VALL, INFINITY, NAN, and return values for fpclassify()) to
<math.h> and others (FLT_EVAL_METHOD, DECIMAL_DIG) to <float.h> via
<machine/float.h>.
o Add C99 macro fpclassify() which calls __fpclassify{d,f,l}() based
on the size of its argument. __fpclassifyl() is never called on
alpha because (sizeof(long double) == sizeof(double)), which is good
since __fpclassifyl() can't deal with such a small `long double'.
This was developed by David Schultz and myself with input from bde and
fenner.
PR: 23103
Submitted by: David Schultz <dschultz@uclink.Berkeley.EDU>
(significant portions)
Reviewed by: bde, fenner (earlier versions)
pam_wheel(8) module was written to work in spite of a broken libpam, and
has grown organically since its inception, which is reflected in both its
functionality and implementation. Rather than clean up pam_wheel(8) and
break backward compatibility, I've chosen to reimplement it under a new,
more generic name.
Sponsored by: DARPA, NAI Labs
to remove part of seed -> 1st value correlation. Correlation still remains
because of algorithm limits. Note that old algorithm have even stronger
correlation, especially in the lower bits area, but not eye-visible, as
current one.
at 0 as designed. Its BSD adaptation tries to fight it by mapping 0 to
2147483647 after calculation, but this method not works since 2147483647
seed returns to 0 again on the next interation. Instead of after calculation
mapping, map 0 to another value _before_ calculation, so it never stucks.
initialize the context. This way, a failure to initialize the context is
not fatal unless we actually have work to do - because if we don't, we
return PAM_SUCCESS without even trying to initialize the context.
checks, including the "open directory" check or a MAC check fail,
after the working directory of the process has been changed, then
the cwd of the process will be left as the target directory rather
than the original directory.
At some point, this bug might be fixable by performing the directory
change only after permission is granted for the change. In the
mean time document it (it's been there for a while).
is finished. This fixes clients doing two RPCs over the
same connection at the same time. Without this fix, we
could end with a reply to old data.
Submitted by: Frank van der Linden <fvdl@netbsd.org>
Reviewed by: rwatson
Obtained from: NetBSD
(previous variant return NULL pointer for both empty file case and error case,
so caller can't sense error properly).
It not affect existen programs because property_find() now returns NULL
for both NULL pointer and NULLified struct.
get it from the fs structure. Really libufs should have interfaces to generate
both what we export, and what we import, based on eachother, and this should
be full of redundant code to make sure everything is right... But really, we
don't even deal with checksums, so plenty of room to improve.
a NULL filename argument allows a stream's mode to be changed. At the
moment it just recycles the old file descriptor instead of storing the
filename somewhere and using that to reopen the file, as the standard
seems to require. Strictly conforming C99 applications probably can't
tell the difference but POSIX ones can.
PR: 46791
to be called on first sight of trouble.
"sensitive" is somewhat arbitrarily defined as "setuid, setgid, uid == root
or gid == wheel".
The 'A' option carries no performance penalty.
It is not possible to override this setting: fix the program instead.
Absentmindedly nodded OK to by: various
o Link mac_get_pid.3 to mac_get.3
o Update SEE ALSO to refer to mac_prepare, and added missing references
o Remove clause #3 on my work
o Update mac_get.3 for the updated MAC API
Sponsored by: DARPA, Network Associates Laboratories
Obtained from: TrustedBSD Project
so that multiple opens of the same semaphore without an intervening
sem_close() return the same object, and so that sem_close() does not
segfault while trying to remove the item from the list.
that crept in recently. GCC will optimize the divides and multiplies for us.
Submitted by: David Schultz <dschultz@uclink.Berkeley.EDU>
MFC after: 1 day
- In Create_Chunk_DWIM(), if there is a freebsd chunk that has no
children chunks, then trying to add a child part chunk will fail even
though there is free space. Handle this special case by adding an
unused chunk the full size of the freebsd chunk as a child of the
freebsd chunk before adding the new part chunk. This situation can
happen when changing the type of an existing slice to be a FreeBSD
slice type or when installing onto a blank disk on Alpha (which has
no slices.)
Reviewed by: phk
MFC after: 2 days
pam_krb5 to consolidate the copyright texts. The semi-official
pam_krb5 module has been distributed with this new license text ever
since, but I'm just now getting around to updating the text here.
putchar_unlocked(), putc_unlocked(), feof_unlocked(), ferror_unlocked(),
clearerr_unlocked(), and fileno_unlocked(). The first four are required
by POSIX. The rest are provided for consistency.
because we have 2 stacks per thread: the regular downward
memory stack and the irregular upward register stack. This
implementation lets both stacks grow toward each other. An
alternative scheme is to have them grow away from each other.
The alternate scheme has the advantage that both stack grow
toward guard pages. Since libc_r is virtually dead and we
really want the *context stuff for thread switching, we don't
try to be perfect, just functional.
instead of unwinding the call stack. This makes them usable to switch
stacks, e.g. for libc_r.
Do not save the frame pointer in setjmp() and _setjmp(), it is not needed
any more.
Rename _longjmp() to ___longjmp(), with a weak alias to _longjmp(), like
the other architectures did.
o Call waitpid() if an error occurs after forking the child process
to avoid leaving zombies around.
o Handle the WRDE_DOOFS|WRDE_APPEND combination correctly
o Do not confuse $( substitution with $(( shell arithmetic
(noticed by wollman)
o Handle backslash escaping properly
o Allow $( and ${ to be quoted
As a side effect, it makes the code easier to read and requires less
pointer arithmetic.
Test by: strerror regression test
Submitted by: Tim Kientzle <kientzle@acm.org>
when the same pipe FILE is pclosed()'d in different threads, and to avoid
corrupting the linked list when adding or removing items. The symptoms of
the linked list getting corrupted were pclose() either not finding the pipe
on the list, or the list becoming circular and pclose() looping infinitely.
to Solaris, it is in /usr/libexec) to perform the handing over of tty nodes
to the user being granted the pty.
Submitted by: Ryan Younce <ryany@pobox.com>
Reviewed by: security-officer@, standards@, mike@
This situation most notably arises in chkprintcap, when a /etc/printcap
entry has an empty rp= attribute. In that case, cgetmatch would enter
an infinite loop if any entry in the file has multiple names.
This causes lpd to hang at boot time on 5.0-DP2 when both conditions
are met (:rp=: and multiple names -- not necessarily on the same entry).
Reviewed by: roberto
a pointer and lack a prototype will have the return value (assumed
to be an integer) zero-extended to a pointer. On ia64 this is
unconditionally fatal as it zeroes-out the region bits, forming an
invalid pointer. Fix the sigsegv by including <stdlib.h>.
Pointy hat: bbraun
the -fpcc-struct-return calling convention properly instead of
returning garbage. This may break backwards compatibility with some old
binaries that were compiled when -fno-pcc-struct-return was the default.
o Fix an English error (comma splice) and poorly worded sentence.
o Fix KNF ordering of variables (pointers come before arithmetic types).
o Restore hand-optimization of sizeof()-1, instead of strlen().
o Remove unneeded local variables in strerror_r().
Test by: strerror regression test
Requested by: bde
Reviewed by: bde
strerror_r(). Doing this allows us to ensure that strerror_r() always
fills the supplied buffer regardless of EINVAL or ERANGE errors.
strerror()'s semantics have changed slightly such that an argument of
0 is now considered invalid and errno is set to EINVAL.
Remove internal regression test for strerror() and strerror_r(). This
will be reincarnated in src/tools/regression/lib/libc/string.
In strerror(3), add a comment about strerror()'s bogus return type.
PR: 44356
Stop calling system calls "function calls".
Use "The .Fn system call" a-la "The .Nm utility".
When referring to a non-BSD implementation in
the HISTORY section, call syscall a function,
to be safe.
from "unix" back to "local". Add some compat stuff so both
ways work for some time.
Reviewed by: phk
Approved by: imp (UPDATING)
Requested by: iedowse, lukem@netbsd.org
to be cleaner. Also, when deleting a chunk, try to find the mother chunk
as a whole chunk by default if this isn't a BSD partition or a unused or
whole chunk. Before we just did this for FreeBSD and FAT slices, which
means that other chunk types such as EFI and mbr (mbr is used for slices
that don't have their own chunk type).
Submitted by: nyan (mostly)
Approved by: re
when trying to store the year in a signed int. The maximum time_t on ia64
is around 292 billion years in the future, but 'int' and struct tm.tm_year
can only represent then ext 2.1 billion years or so.
This solves the problem of mktime/localtime looping on ia64. Unfortunately,
the standards say that tm_year is an 'int', so we are still stuck with a
y2147483647 bug. bash2's configure script looks for bugs in mktime() and
fails on ia64 because of this. However, mktime() on FreeBSD fails the test
normally anyway so this is no big loss.
This change does not affect any other platforms besides ia64.
Approved by: re
since it has been MFC'ed. See the log message for the previous commit
for more details. The alignment bug in gcc-3 has not been fixed, but
it is not very serious and the previous commit just moved it (as intended).
Approved by: re (murray)
the old 8-bit fs_old_flags to the new location the first time that the
filesystem is mounted by a new kernel. One of the unused flags in
fs_old_flags is used to indicate that the flags have been moved.
Leave the fs_old_flags word intact so that it will work properly if
used on an old kernel.
Change the fs_sblockloc superblock location field to be in units
of bytes instead of in units of filesystem fragments. The old units
did not work properly when the fragment size exceeeded the superblock
size (8192). Update old fs_sblockloc values at the same time that
the flags are moved.
Suggested by: BOUWSMA Barry <freebsd-misuser@netscum.dyndns.dk>
Sponsored by: DARPA & NAI Labs.
In _thread_switch, set current thread pointer in kse mailbox
only after all registers copied out of thread mailbox, kernel will do
upcall at trap time, if set current thread pointer before loading all
registers from thread mailbox, at trap time, the thread mailbox data
will be overwritten by kernel, result is junk data is loaded into CPU.
been repo-copied from src/lib/libc/uuid to src/include. Update the
makefiles.
While in src/include/Makefile, reformat and resort INCS. Reverting
the functional change only involves removing uuid.h.
Pompted by: ru
I've no idea if this is the right behavior for the library, but this
at least fixes the build, and matches what seems to be alfred's intent
in the commit message for 1.19.
sysconf.c:
Use 'break' rather than 'goto yesno' in sysconf.c so that we report a '0'
return value from the kernel sysctl.
vfs_aio.c:
Make aio reset its configuration parameters to -1 after unloading
instead of 0.
posix4_mib.c:
Initialize the aio configuration parameters to -1
to indicate that it is not loaded.
Add a facility (p31b_iscfg()) to determine if a posix4 facility has been
initialized to avoid having to re-order the SYSINITs.
Use p31b_iscfg() to determine if aio has had a chance to run yet which
is likely if it is compiled into the kernel and avoid spamming its
values.
Introduce a macro P31B_VALID() instead of doing the same comparison over
and over.
posix4.h:
Prototype p31b_iscfg().
Both are atomic, but the cmpxchg has memory ordering hints. We
give this acquire semantics.
NOTE: The unlock in libc_r is implemented by a "normal" assign
statement. This is not correct on ia64 due to the memory ordering
characteristics of the architecture. We need release semantics
for an unlock.
libc. I want to keep these in some version for the thread
library/ies, but don't know whether to have them repo-copied
to libc_r or renamed and kept in libc.
Change the name of an alpha macro that was changed with the
system call commit.
subsystems capabilities:
_SC_AIO_LISTIO_MAX returns the default of _POSIX_AIO_LISTIO_MAX
_SC_AIO_MAX returns the default _POSIX_AIO_MAX
_SC_AIO_PRIO_DELTA_MAX returns the default of 0
Without these adjustments the values returned are -1 even when the
aio side of the kernel returns '0' for them which is incorrect.
Noticed by: Craig Rodrigues <rodrigc@attbi.com>
time_t. Deal with the possibility that time_t != int32_t. This boils
down to this sort of thing:
- time(&ut.ut_time);
+ ut.ut_time = time(NULL);
and similar for ctime(3) etc. I've kept it minimal for the stuff
that may need to be portable (or 3rd party code), but used Matt's time32
stuff for cases where that isn't as much of a concern.
Approved by: re (jhb)
descriptors that have the close-on-exec flag set, as that will have no
effect anyway and might screw something else up if the file descriptor
happens to be shared with another process.
PR: standards/43335
MFC after: 1 week
architecture, mainly to avoid getting a SIGFPE signal sent
when calling strtod(3) with certain input.
The SIGFPE has been sent because the code was not aware that
a Gradual Underflow is handled in software via traps on the
Alpha architecture, but is not implemented in our Alpha kernel
layer.
With `Sudden_Underflow' defined, strtod(3) should not depend
on Gradual Underflow and adjust its calculations accordingly,
which means that other, more subtle errors than the sending of
SIGFPE could be solved by this.
Discussed with: bde
PR: alpha/12623
PR: alpha/17032
PR: alpha/43567
MFC after: 7 days
caused by dynamic PAM modules that call openlog(3) and closelog(3),
e.g. ports/security/pam_pwdfile.
What happened here is that the module first registered its "ident"
with openlog(3), then PAM library unloaded module with dlclose(3),
and the next call to syslog(3) resulted in SIGSEGV.
MFC after: 3 days
o Remove the unwanted smartness in _longjmp() where it compares
the current ar.bspstore with the saved ar.bspstore and restores
ar.rnat based on it. This either avoids saving ar.rnat in the
jmp_buf or is the consequence of not saving ar.rnat. All this
complexity breaks libc_r where we use longjmp() to switch to
different threads and the current ar.bspstore has no relation
to the saved ar.bspstore. Thus: we save ar.rnat in setjmp()
and simply restore ar.bspstore and ar.rnat in longjmp().
This code needs a cleanup.
by filling in the jump table.
Convert uses of pthread routines within libc_r to use the internal
versions (_pthread_foo instead of pthread_foo).
Remove a couple of globals from application namespace.
entries in the table being stubs. While I'm here, add macros to
auto-generate the stubs. A conforming threads library can override
the stub routines by filling in the jump table.
Add some entries to namespace.h and sync un-namespace.h to it.
Also add a comment to remind folks to update un-namespace.h
when changing namespace.h.
PAM module state (created in pam_sm_authenticate and referenced later
in pam_sm_setcred and pam_sm_acct_mgmt). However, the krb5_ccache
structure shares some data members with the krb5_context structure
that was used in its creation. Since a new krb5_context is created
and destroyed at each PAM entry point, this inevitably caused the
krb5_ccache structure to reference free'd memory.
Now instead of storing a pointer to the krb5_ccache structure,
we store the name of the cache (e.g. `MEMORY:0x123CACHE') in
pam_sm_authenticate, and resolve the name in the other entry points.
This bug was uncovered by phkmalloc's free'd memory scrubbing.
Approved by: re (jhb)
e.g.
Unknown error: -1765328378
we get
Client not found in Kerberos database
Another way to accomplish this would have been to leave
`error_message' alone, but to explicitly load the Kerberos com_err
error tables. However, I don't really like the idea of a PAM module
dorking with global tables.
Approved by: re (jhb)
difference between the two from a low-level point of view is that
the partition type is different. This change adds EFI related cases
to existing switch statements with existing FAT related cases.
information, since we rely on the pwd entry to know what MAC labels
to set as part of the login process.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Don't force 16-byte alignment at run-time. Do it at compile-time.
This saves us the pointer fiddling by the setjmp functions and
reduces complexity. While here, increase the jmp_buf by 16 bytes
to an even 512 bytes. Coincidentally, due to the way alignment
was handled prior to this change, the jmp_buf has not changed in
size, but only in how the space is used. Prior to this change
the 16 bytes were reserved for enforcing alignment; now they are
reserved by us for future extensions.
Therefore, this ABI breaker is relatively save: the failure is
always an alignment trap.
namely uuidgen(1), uuidgen(2) and uuid(3), the following division
has been choosen:
uuidgen(1) A description of the command line utility,
and other user oriented UUID information.
uuidgen(2) A mostly technical description of UUIDs.
uuid(3) A description of the functions and other
programmer oriented UUID information.
According to the division: add more technical contents.
Contributed by: Hiten Pandya <hiten@uk.FreeBSD.org>
Edited and enhanced: marcel
always to the first 16 sectors of the disk. The firmware reads the boot
code from a partition, defaulting to 'a' if none is specified, which only
corresponds to the first 16 sectors of the disk if 'a' is first. Solaris
often makes the swap partition first, instead of the root partition, and
users expect to be able to do the same with freebsd as well. This also
allows one to temporarily boot from another partition if the boot block
on the root partition gets scrambled somehow.
o Remove all code guarded by !defined(__ia64__). This file is
specifically written for ia64,
o Handle the case when read_block() or write_block() fails. We
don't want sysinstall(8) to signal a thumbs-up on error,
o Set the starting (cyl,hd,sect) triple to 0xFFFFFF when either
bios_hd or bios_sect is zero or the LBA us not representable
with the triple. In that case automaticly initialize the
ending triple with 0xFFFFFF as well,
o Reindent Write_Int32() as it was different than the rest of
the file,
o Remove some unused variables that appeared to be used but
were effectively useless.
o Plug a memory leak: The second timne we read the MBR, we write
out a modified block, but didn't free the memory after writing.
o Replace d1->sector_size with 512 when we read/write the MBR.
We ignore the sector size in cases we shouldn't but adhered to
it in cases it would be wrong if the sector_size wasn't 512.
This file should eventually be rewritten to write out a GPT. For
now, a MBR will do...
to be static for 5.0. I may remove this for 5.1 or 5.2. No more
binaries or libarires will be generated with __sF starting as of
yesterday. Originally the plan had been to eliminate this for 5.0,
but we didn't get the __std{in,out,err}p changes merged into -stable
until yesterday (rather than in September 2001 like it should have
been). Given that didn't happen on time, we can't do the other part
of the scheme now.
# Please do not change this without talking to me first.
to use the same start condition as the i386 version. However, since
Alpha's only have one fake "slice" from sysinstall's perspective we don't
need to use a loop, but can just write out the BSD label in the first
fake "slice".
the page myself. The new language is more accurate than what was there
before, but the most accurate way of describing the funcionality eludes
me.
PR: kern/33904
MFC after: 1 month
of heads end the number of sectors per track. If there's an obvious
insanity (heads and sectors are both zero or the media size is not
an integral multiple of heads times sector) we set the number of
cylinders to zero.
1. When the parition type is not an integer, try to parse the type
as an UUID. If that succeeds, map the UUID to chunk_e.
2. For GPT partitions, pass the type constructed in point 1 above
to Add_Chunk.
While here, fix the MBREXT case by only checking if the first 3
characters are MBR. This avoids duplication.
the data value returned by kevent()'s EVFILT_READ filter on non-TCP
sockets accurately reflects the amount of data that can be read from the
sockets by applications.
PR: 30634
Reviewed by: -net, -arch
Sponsored by: NTT Multimedia Communications Labs
MFC after: 2 weeks
* Fix typos in rwlock stubs.
* Add pthread_XXX counterparts to the _pthread_XXX stubs which libraries
like libX11 can use to ensure thread-safety without requiring the use
of a thread library.
Submitted by: Terry Lambert (pthread_cond_broadcast)
Reviewed by: deischen
HUGE_VAL is not properly aligned on some architectures. The previous
fix now works because the two versions of 'math.h' (include/math.h
and lib/msun/src/math.h) have since been merged into one.
PR: bin/43544
functions is expected for uuidgen(1), mca(8) and gpt(8). Given the
generic use of UUIDs beyond the scope of the DCE 1.1 specification,
visibility of the data structure at all levels of the machine,
including firmware and the wish to not create a permanent build-
time FreeBSD-ism for DCE compliant applications by creating a new
library, it was decided that libc would be the least inappropriate
place. Also, because the UUID functions live in libc under IRIX as
well, we have maximized our portability and left as many options
open as possible.
This implementation introduces an extension not found in the
specification: the status parameter is allowed to be a NULL-
pointer. The reason for introducing the extension is because
the status is almost never of any use.
The manpage that's part of this commit is a minimal place-holder
and is further fleshed-out in the near future.
Approved by: re@
Contributed by: Hiten Mahesh Pandya <hiten@unixdaemons.com>
Sponsored by: marcel :-)
Tested on: alpha, i386, ia64
Don't gratuitously pipe thru a cat(1) if NODOCCOMPRESS.
Only create _stamp.extra when necessary.
Get rid of SOELIMPP and OBJS.
Use Groff version of soelim(1); we need its -I option
for the following to work.
Don't needlessly chdir to SRCDIR. Only a few documents
need CD_HACK, and those that need it either use refer(1)
or .PSPIC macro which internally uses the .psbb call.
This significantly rewamps libdisks discovery of existing disk
layout.
Please send me reports if this does not work as expected on
i386 or sparc64 platforms.
I need to sort out alpha, pc98 and ia64 (in that order) before
testing on those platforms make a lot of sense.
Belived to work for: i386 sparc64
Unknown state: pc98 alpha ia64
_fetch_writev() to incorrectly report EPIPE in certain cases.
Also fix a number of const warnings by using __DECONST(), plus a signed /
unsigned comparison by casting the rhs to ssize_t.
Submitted by: fenner, Craig Rodrigues <rodrigc@attbi.com>
return -1 regardless of what s points to, mbtowc(&w, s, 1) sets w to a
null wide character when s points to a null byte. This seems to be closer
to what most other implementations do, but the C99 standard contradicts
itself for these cases.
whether a named utility should behave in FreeBSD 4.x-compatible mode
or in a standard mode (default standard). The configuration is done
malloc(3)-style, with either an environment variable or a symlink.
Update expr(1) to use this new interface.
Implement new sysconf keys. Change the implenentation of
_SC_ASYNCHRONOUS_IO in preparation for the next set of changes.
Move some limits which had been in <sys/syslimits.h> to <limits.h> where
they belong. They had only ever been in syslimits.h to provide for the
kernel implementation of the CTL_USER MIB branch, which went away with
newsysctl years ago. (There is a #error in <sys/syslimits.h> which I
will downgrade in the next commit.)
error, only report an error if no data was read at all (unless len was
0 to start with). Otherwise, the final read of practically any transfer
will end in a fatal error.
the SSL case, it is no different from the old _fetch_write(), but in the
non-SSL case it uses writev(2) to send the entire vector as a single
packet (provided it can fit in one packet). Implement _fetch_write()
and _fetch_putln() in terms of _fetch_writev().
This should improve performance in the non-SSL case (by reducing protocol
overhead) and solve the problem where too-smart-for-their-own-good
firewalls reject FTP packets that do not end in CRLF.
PR: bin/44123
Submitted by: fenner
not initialized before use, and _http_growbuf() did not return a value
on success.
Reported by: Peter Edwards <pmedwards@eircom.net>
MFC after: 2 weeks
symptoms: make timeouts and short transfers fatal, and set errno to an
appropriate value (ETIMEDOUT for a timeout, EPIPE for a short transfer).
MFC after: 2 weeks
extenston function. It supposed to provide facility to get already created
thread's attributes. Looks like it's last thing we need to make JDK's Hotspot
building without requirement to have source tree.
Reviewed by: deischen
MFC after: 3 days
- port range check need to be done before htons. from deraadt
- %d/%u audit
- correct bad practice in the code - it uses two changing variables
to manage buffer (buf and buflen). we eliminate buflen and use
fixed point (ep) as the ending pointer.
- use snprintf, not sprintf
- pass correct name into q.name. from lukem@netbsd
- sync comment
Obtained from: KAME
MFC after: 1 week
closed through _fetch_close() which is the only one who knows the connection
REALLY was closed (since ref -> 0). However, FTP keeps its own local
cached_connection and checks if it is valid by comparing it to NULL. This
is bogus since it may have been freed elsewhere by _fetch_close().
This change checks if we are closing the cached_connection and the ref is 1
(soon to be 0). If so, set cached_connection to NULL so we don't
accidentally reuse it. The REAL fix should be to move connection caching
to the common.c level (_fetch_* functions) and NULL the cache(s) in
_fetch_close(). Then all layers could benefit from caching.
linking.
* Fix disorder in the SEE ALSO sections of aio_*(2).
* Remove unnecessary cross-references from the SEE ALSO sections of
aio_*(2); config(8), kldload(8) and kldunload(8) are cross-referenced
from aio(4).
* Remove the KERNEL OPTIONS sections from aio_*(2), now that these
pages cross-reference aio(4), which contains suitable kernel linking
reference material.
more efficient. The problem with the previous implementation was that it
calculated the length of the first argument ("big") with wcslen() when
it was not necessary.
to be passed. Point this out in a warning notice, which will eventually
go away, sometime between now and -RELEASE.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
remove CHUNK_BSD_COMPAT, it was a bad idea, and now its gone.
remove DOSPTYP_ONTRACK, missed in OnTrack removal commit.
unifdef -DHAVE_GEOM
make tst01 compile again.
two major bugs:
- off-by-one overflow when the length of the source string exceeds or
equals the destination buffer size.
- old version was not padding the destination buffer with null wide chars
if the user has a 'label' entry in their login class. If so, attempt
to set that label on the process as part of the credential setup. If
we're unable to parse the label, or unable to set the label, fail.
In the future, we may also want to warn if a label is set but the
kernel doesn't support MAC.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
This removes a lot of complexity, since we basically just reserve
space on a retrieval of a label, and pass around strings. Two new
elements: (1) consumers of the API must now declare what label
elements they are interested in retrieving, or (2) rely on the default
provided in a new configuration file, mac.conf.
Approved by: re
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Constify some things.
Staticize some things.
Remove some unused things.
Prototype some things.
Don't install a gazillion man-pages links.
Drop support for ON-TRACK disk-manager.
memory while mapping a virtual address to a physical address.
This allows us to work with virtual addresses for page tables,
provided it doesn't cause infinite recursion. Currently all
page tables are direct mapped.
to bring in the new MAC label management API. With the new API
revision, we have only policy-agnostic code in libc and the base
kernel.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
o fillin media s/h/c fields from new XML phk just added; need this because
sysinstall uses them in the fdisk look-alike
o add new tags to xml parser
o cleanup parser a touch; remove unused tags and move tag parsing stuff to
a table to simplify future additions
o redo callback to pass 64-bit values since mediasize overflows u_int32_t
o loosen parsing sanity checks a touch to deal with new xml we must handle
o move sector size probing to non-geom handling since we now get it from xml
o remove WHOLE_DISK_SLICE buggery now that we get mediasize from xml
get the xml configuration for the devices and "parse" the information to
get what's needed
o replace #ifdef DEBUG constructs with DPRINT/DPRINTX to make the code more
readable
Note the xml "parser" is very very hackish and should be replaced with a
real one. This one was done to be very small and special-purpose; don't
think about copying it elsewhere.
Approved by: phk
group membership requirement if the group has no explicit members listed
in /etc/group. By default, this group is the wheel group; setting this
flag restores the default BSD behavior from 4.x.
Reviewed by: markm
Requested by: various
Sponsored by: DARPA, Network Associates Laboratories
of a file descriptor has NULL entries, so don't dereference the table entries
to get the owners ever -- don't print the owners when processing a thread_dump
request as a result of SIGINFO.
Reviewed by: deischen
o memory wasn't reclaimed in certain cases
o add more msgs under #ifdef DEBUG
o rewrite tangle of for loops for clarity
NB: Open_Disk should redo how it malloc's memory so the caller can free
everything. Documentation says the caller can free the disk list to
reclaim everything but this leaks the indirect strings. Fixing this
is simple for the sysctl case but adds complexity to the fallback,
non-sysctl, case.
maximum number of bytes that may be stored in the array, not the maximum
number of wide characters to read. The wording of the standard unfortunately
does not make this clear.
the compatibility library libcompat.
- Add new implementations of lsearch() and lfind() which conform to
IEEE Std 1003.1-2001 to libc. Add a new manual page for them and
add them to the makefile.
- Add function prototypes for lsearch() and lfind() to the search.h
header.
page from the compatibility library.
- Add new implementations of insque() and remque() which conform to
IEEE Std 1003.1-2001 to libc. Add a new manual page for them and
connect them to the build.
- Add the prototypes of insque() and remque() to the search.h
header.
in the UDP RPC client code. As a side-effect, this fixes some bugs
that might prevent the RPC call from ever timing out for example
if the server keeps responding with the wrong xid. This could
probably be simplified further by using the EVFILT_TIMER filter.
(at least the French ones), a memory leak upon successful termination, a
pointer arithmetic error causing heap corruption, and an off-by-one bug
causing incorrect amounts of padding at the right of the value.
"UTF2" method. Although UTF-8 and the old UTF2 encoding are compatible
for 16-bit characters, the new UTF-8 implementation is much more strict
about rejecting malformed input and also handles the full 31 bit range
of characters.
international monetary values: int_p_cs_precedes, int_n_cs_precedes,
int_p_sep_by_space, int_n_sep_by_space, int_p_sign_posn, int_n_sign_posn.
This should not break existing binaries or LC_MONETARY data files.
Reviewed by: ache
MFC after: 1 month
and getipnodeby*() thread-safe.
Our res_*() is not thread-safe. So, we share lock between
getaddrinfo() and getipnodeby*(). Still, we cannot use
getaddrinfo() and getipnodeby*() in conjunction with other
functions which call res_*().
Requested by: many people
the FPU state on receiving and returning from a signal.
The FPU save and restore macros are no longer needed, but
remain defined in case we need to use them again (something
else breaks). They'll be removed permanently once new
syscalls are added to handle the new i386 ucontext size.
some deliberation the name "libbsdxml" was chosen since it conveys the two
most important attributes: "Private to FreeBSD" and "XML".
Add a skeleton man-page to give the credit and point for further
documentation. (If somebody wants to write a true mdoc manpage for
this I am sure both the eXpat people and I will be grateful).
(Still not connected to the build)
`sigprocmask', `sigaltstack', and `sigwait' as well as to the
prototypes of the apparantly unimplemented functions `sigtimedwait'
and `sigwaitinfo'. This complies with IEEE Std 1003.1-2001.
ceased to be useful when the number of "special processes" went from 3
to one per device. I considered replacing it with a "kernel threads"
section, but this seemed like the wrong place for that.
PR: 40969
doesn't do this, and it wouldn't be very useful if it did, since the
caller supplies us with that number.
PR: 41329
Submitted by: Michael Galassi <nerd@xyz.com>
one into the latter and removed the former.
This works around the bug that some broken Makefiles add -I.../src/include
to CFLAGS, resulting in the old math.h being preferred and differences
between the headers possibly being fatal.
The merge mainly involves declaring some functions as __pure2 although
they are not yet all strictly free of side effects.
PR: 43544
Peter had repocopied sys/disklabel.h to sys/diskpc98.h and sys/diskmbr.h.
These two new copies are still intact copies of disklabel.h and
therefore protected by #ifndef _SYS_DISKLABEL_H_ so #including them
in programs which already include <sys.disklabel.h> is currently a
no-op.
This commit adds a number of such #includes.
Once I have verified that I have fixed all the places which need fixing,
I will commit the updated versions of the three #include files.
Sponsored by: DARPA & NAI Labs.
userland. If someone wants to implement a backup p_siglist in the kernel
for compatability and to export one could. For now, just tell KVM to hand
an empty signal set off to the userland.
to/from a ucontext when a thread is interrupted by a signal.
This will be removed when a proper fix is made in the kernel
to save/restore the FP state without breaking the ABI.
-fomit-frame-pointer is not used). This is mostly moot for -current
because gcc-3 does the alignment (slightly incorrectly) in main().
This patch is intended for easy MFC'ing and should be backed out in
-current soon since it causes compiler warnings and better fixes are
possible in -current. The best fix is to do nothing here and wait for
gcc to do stack alignment right. gcc-3 aligns the stack in main(), but
does it too late for main()'s local variables and too late for anything
called before main(). A misaligned stack is now more than an efficiency
problem, since some SSE instructions in some or all (hardware)
implementations trap on misaligned operands even if alignment checking
is not enabled.
PR: 41528:
Submitted by: NIIMI Satoshi <sa2c@sa2c.net> (original version)
MFC after: 3 days
Although there was nothing wrong with getwc() and putwc(), getwchar()
and putwchar() assumed that <stdio.h> had been included before <wchar.h>,
which is not allowed by the standard.
va_end closer to the __vfprintf() call, free the buffer when __vfprintf()
fails and don't bother trying to shrink the buffer with realloc() before
returning it.
Submitted by: bde
addition to existing authentication. No change to the existing
APIs to preseve both binary and API compatibility, so I am not
inclined to bump the library version number unless someone thinks
this is necessary.
Submitted by: Paul Fraley <fraley@juniper.net>
MFC after: 2 weeks
- Sort local variable declarations.
- Protect a hand-formatted comment from indent(1).
- Use portable casts, even though this is machine-dependant code.
- Remove extraneous blank lines.
- Remove trailing newline.
- Use sigdelset(3), not SIGDELSET(9).
Requested by: bde
Use the correct constants directly from sysconf() rather than calling
sysctl() to tell us the (still compiled-in) value. Leave the CTL_POSIX1B
stuff alone for now (but I'd like to see this replaced with a single
structure returning all of the relevant information).
Implement all of the keys from 1003.1-2001 that we can. Ensure that
the build will break if someone redefines an option constant to zero
without implementing the necessary presence-detection logic here.
(4 of 5)
hack, thereby allowing future extensions to the structure (e.g., for extended
attributes) without rebreaking the ABI. FTSENT now contains a pointer to the
parent stream, which fts_compar() can then take advantage of, avoiding the
undefined behavior previously warned about. As a consequence of this change,
the prototype of the comparison function passed to fts_open() has changed
to reflect the required amount of constness for its use. All callers in the
tree are updated to use the correct prototype.
Comparison functions can now make use of the new parent pointer to access
the new stream-specific private data pointer, which is intended to assist
creation of reentrant library routines which use fts(3) internally.
Not objected to in spirit by: -arch
o Added dd_pnpinfo, dd_location, dd_devflags, dd_flags and dd_state
o Copy/initialize these as necessary.
o Document the changes to the interface in devinfo.3.
and wide characters. These were already documented in the manual page,
with an entry mentioning that they were not implemented yet. The XSI
%S and %C synoyms have not been added.
or "POSIX", other European locales). Use __sgetc() and __sputc() where
possible to avoid a wasteful lock and unlock for each byte and to avoid
function call overhead.
get applications to move to the ISO C interfaces as well as have the
freedom to replace the rune interfaces with ones that support stateful
conversions some time in the future.
here in terms of mbrtowc(), wcrtomb(), and the single-byte I/O functions.
The rune I/O functions are about to become deprecated in favour of the
ones provided by ISO C90 Amd. 1 and C99.
under way to move the remnants of the a.out toolchain to ports. As the
comment in src/Makefile said, this stuff is deprecated and one should not
expect this to remain beyond 4.0-REL. It has already lasted WAY beyond
that.
Notable exceptions:
gcc - I have not touched the a.out generation stuff there.
ldd/ldconfig - still have some code to interface with a.out rtld.
old as/ld/etc - I have not removed these yet, pending their move to ports.
some includes - necessary for ldd/ldconfig for now.
Tested on: i386 (extensively), alpha
The new libpthread will provide POSIX threading support using KSE.
These files were previously repo-copied from src/lib/libc_r.
Reviewed by: deischen
Approved by: -arch
after adding __FBSDID().
Garbage-collected kvm_readswap(). This was once used by kvm_uread(), but
kvm_uread() now just reads /proc/<pid>/mem and procfs hopefully handles
swapped out pages.
next step is to allow > 1 to be allocated per process. This would give
multi-processor threads. (when the rest of the infrastructure is
in place)
While doing this I noticed libkvm and sys/kern/kern_proc.c:fill_kinfo_proc
are diverging more than they should.. corrective action needed soon.
KAME did the modification only to _dns_getaddrinfo(). However,
it is not sufficient, and res_queryN() should be modified, too.
So, I did same modification to res_queryN().
Obtained from: KAME
insure enough space is available for the response, or be prepared
to resize the buffer and retry as necessary.
Do the conservative thing and make sure enough space is available.
Reviewed by: silence on freebsd-audit
When it is called directly, gcc is smart enough to generate inline
code for it, which is why it wasn't noticed before that it was missing.
fabs() would probably better fit into libm, but it has traditionally been
in libc on FreeBSD, so there is probably software around that makes
assumptions about this by now.
of pointers to strings. These two arrays were fixed to the same size, but one
had an implicit zeroed trailer element, which was unused because the size was
used up by the ones before said zeroed trailer element. So the unused limb was
chopped off the over-sized-but-not-over-sized array, and everyone lived happily
ever after.
instead of on startup. This fixes binary compatibility of dynamically
linked binaries from before the signal code move.
Suggested by: wollman (a long time ago)
than 32 bits. It was trying to figure out things like the day of week
of when time_t is roughly 2^62 etc. Make a better guess for the starting
point for the binary search that works on both 32 and 64 bit types. I have
been using this for a while now.
bcopy(3) functions are prototyped in <strings.h> and not in
<string.h> anymore.
- Add a sentence about that to the respective HISTORY sections.
In the C source files:
- Include <string.h> or <strings.h> depending on what function
is to be compiled.
- Use ANSI-C function definitions.
.In string.h
with
.In strings.h
and adding a sentence to the HISTORY section.
- Use an ANSI-C function definition.
- Include <strings.h> instead of <string.h>.
- Apply style(9): Put a space after return keywords.
in the ANSI-C format.
- Change the code a bit to hopefully save some cycles.
I.e. (simplified) change
a = b + 1;
while (--b & 0x7)
/* ... */
to
a = b;
for (; b & 0x7; b--)
/* ... */
and
while (--a >= 0)
/* ... */
to
for (; a > 0; a--)
/* ... */
- Equip two function arguments of swab() with the 'restrict'
type qualifier in form of the '__restrict' macro. This is
specified by POSIX.1-2001.
<strings.h> as the associated header file.
The prototypes have been moved there from <string.h> because
POSIX.1-2001 said so.
- Conditionally include either <strings.h> or <string.h> based
on whether the [r]index() or str[r]chr() functions are
compiled, respectively.
- Style(9) tells us to
- put a space after the return keyword
- to check for a NUL character without using the ! operator.
- use NULL instead of (type *)NULL where the compiler knows
the type.
Apply these rules.
- Rather use ANSI-C function definitions than K&R ones.
- For index(3), correct second function argument's type; it was
declared to be a `const char' before and is now an `int'.
is <strings.h> and not <string.h> anymore.
- Tell the reader about this change in the HISTORY section.
- Switch to use an ANSI-C function definition.
- Include <strings.h> instead of <string.h> in the source file.
the prototypes for both functions are now in the <strings.h>
header, as required by IEEE Std 1003.1-2001.
- Add one sentence about that in the HISTORY section.
- Include <strings.h> in the source file to have the prototypes
in scope when the _ANSI_SOURCE macro is defined.
at file flags and replace it with functions that will avoid null
pointer checks.
MFC to be done by archie ;-)
PR: 42100
Reviewed by: archie, robert
MFC after: 3 days
file descriptor bit if poll() returns POLLERR, POLLHUP, or POLLNVAL.
Othewise, it's possible for select() to return successfully but
with no bits set.
Reviewed by: deischen
MFC after: 3 days
PR: bin/42175
on behalf of a thread, we should check the POLLERR, POLLHUP, and
POLLNVAL flags as well to wake up the thread in these cases.
Suggested by: deischen
MFC after: 3 days
to fail needlessly if a reverse DNS lookup of the IP address didn't
come up with a hostname. As a comment in the code clearly stated,
the "damn hostname" was looked up only for the purpose of netgroup
matching. But if that lookup failed, the function bailed out
immediately even though in many cases netgroup matching would not
be used.
This change marks the hostname as unknown but continues. Where
netgroup matching is performed, an unknown hostname is handled
conservatively. I.e., for "+@netgroup" (accept) entries an unknown
hostname never matches, and for "-@netgroup" (reject) entries an
unknown hostname always matches.
In the lines affected (only), I also fixed a few bogus casts. There
are others, and in fact this entire file would be a good candidate
for a cleanup sweep.
Reviewed by: imp (wearing his flourescent yellow Security Team cap)
MFC after: 2 days
called <machine/_types.h>.
o <machine/ansi.h> will continue to live so it can define MD clock
macros, which are only MD because of gratuitous differences between
architectures.
o Change all headers to make use of this. This mainly involves
changing:
#ifdef _BSD_FOO_T_
typedef _BSD_FOO_T_ foo_t;
#undef _BSD_FOO_T_
#endif
to:
#ifndef _FOO_T_DECLARED
typedef __foo_t foo_t;
#define _FOO_T_DECLARED
#endif
Concept by: bde
Reviewed by: jake, obrien
disklabel.h; broken originally by 1.87 of sys/disklabel.h, which
made the split between DKTYPENAMES and FSTYPENAMES.
Someone who knows disklabel.c: do we still need DKTYPENAMES to be
defined here now?
supplied buffer in case the size of it was equal to
the number of characters the converted address consumed.
The bug occurred when converting an AF_INET address.
- Remove the SPRINTF macro and use sprintf instead.
- Do not do string formatting using sprintf(3) and a
temporary buffer which is copied when the supplied
buffer provides enough space. Instead, use snprintf(3)
and the real destination buffer, thus avoid the copy.
Reported by: Stefan Farfeleder <e0026813@stud3.tuwien.ac.at> (1)
PR: misc/41289
definitions of the functions that convert strings to numbers
and are defined by IEEE Std 1003-1.2001.
- Use ANSI-C function definitions for all of the functions
mentioned above plus strtouq and strtoq.
- Update the prototypes in the manual pages.
public prototypes of setbuf(3) and setvbuf(3) using the
'__restrict' macro from <sys/cdefs.h> to be compliant with
IEEE Std 1003.1-2001.
- Replace the K&R with ANSI-C function definitions.
- Bring the manual page up-to-date.
strftime(3) for IEEE Std 1003.1-2001 compliance and remove
excessive usage of the 'const' qualifier that was neither
present in the prototype in the publice header, nor in the
local prototype just above the function definition.
- Replace the K&R function definition with a ANSI-C one.
- Update the prototype of strftime(3) in its manual page.
concatenation and copy functions using the '__restrict' macro.
This is to satisfy IEEE Std 1003-1.2001.
- Use ANSI-C function definitions.
- Add the 'restrict' keyword to the manual pages, too.
to the function definition of strxfrm(3) in form of our
'__restrict' macro.
- Use an ANSI-C function definition for strxfrm(3).
- Change the manual page accordingly.
of our __restrict macro to the prototypes and function
definitions of inet_pton and inet_ntop.
- Use ANSI-C function argument lists.
- Adjust the prototypes in the manual page.
to cause bugs when gcc is more aggressively optimising things.
There are still problems with dtoa mentioned in the PR - maybe
Dan could suggest a patch.
PR: 40209
Submitted by: Dan Lukes <dan@obluda.cz>
Approved by: bde
MFC after: 2 weeks
(unless someone tries to use libufs support functions without using
_fillout or _ctor to construct a uufsd.)
Obtained from: jmallett_libufs Perforce branch.
(I skipped those in contrib/, gnu/ and crypto/)
While I was at it, fixed a lot more found by ispell that I
could identify with certainty to be errors. All of these
were in comments or text, not in actual code.
Suggested by: bde
MFC after: 3 days
- Make getvfsbyname() take a struct xvfsconf *.
- Convert several consumers of getvfsbyname() to use struct xvfsconf.
- Correct the getvfsbyname.3 manpage.
- Create a new vfs.conflist sysctl to dump all the struct xvfsconf in the
kernel, and rewrite getvfsbyname() to use this instead of the weird
existing API.
- Convert some {set,get,end}vfsent() consumers to use the new vfs.conflist
sysctl.
- Convert a vfsload() call in nfsiod.c to kldload() and remove the useless
vfsisloadable() and endvfsent() calls.
- Add a warning printf() in vfs_sysctl() to tell people they are using
an old userland.
After these changes, it's possible to modify struct vfsconf without
breaking the binary compatibility. Please note that these changes don't
break this compatibility either.
When bp will have updated mount_smbfs(8) with the patch I sent him, there
will be no more consumers of the {set,get,end}vfsent(), vfsisloadable()
and vfsload() API, and I will promptly delete it.
#define EDOFUS 88 /* Programming error */
This can be used to signal error situations which indicate that the
program logic or assumptions is deficient.
label updates. Biba and MLS already supported this. This permits the
userland library to submit relative updates on MAC labels, rather
than submitting an entire label to replace the current label. This
also requires changes to the MAC modules, which are forthcoming.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
variables. Both symbols are set to the same value by the linker,
and _end symbol has less chances to clash with application defined
global symbols.
alpha, ia64 and sparc64 ports already use _end, i386 is now
consistent with them.
Reviewed by: bde
Approved by: obrien
Reported by: pirzyk
currently cached data. It allows a number of nice things, like: removing
fallback code from single locale loading, remove memory leak when LC_CTYPE
data loaded again and again, efficient cache use, not only for
setlocale(locale1); setlocale(locale1), but for setlocale(locale1);
setlocale("C"); setlocale(locale1) too (i.e. data file loaded only once).
towlower() and towupper() required by ISO C90 Amd. 1.
iswascii(), iswhexnumber(), iswideogram(), iswnumber(), iswphonogram(),
iswrune() and iswspecial() have also been implemented for consistency
with the BSD extensions in <ctype.h>.
2) Move incomplete check for / in locale name from env section to
loadlocale(), add check for "." and ".." too.
It allows to check any argument, not env only.
3) Redesing LOAD_CATEGORY macro to eliminate code duplication.
4) Try harder in fallback code: if old locale can't be restored,
load "C" locale
5) White space formatting, long lines, etc.
kernel access control.
Extensions to libc to provide basic MAC label manipulation facilities
for userland. These interface will be replaced in the next month
or two with more flexible interfaces, but provide sufficient support
to allow use of the Biba and MLS policies for user applications.
libc_r wrappers to follow.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
kernel access control.
Provide a library to manage user file system firewall-like rules
supported by the mac_bsdextended.ko security model. The kernel
module exports the current rule set using sysctl, and this
library provides a front end that includes support for retrieving
and setting rules, as well as printing and parsing them.
Note: as with other userland components, this is a WIP. However,
when used in combination with the soon-to-be-committed ugidfw,
it can actually be quite useful in multi-user environments to
allow the administrator to limit inter-user file operations without
resorting to heavier weight labeled security policies.
Obtained form: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
the PAM_ECHO_PASS option on-the-fly is a NOP (though it wasn't with the
old pam_get_pass(3) code). Instead, call pam_prompt(3) directly. This
actually simplifies the code a bit.
MFC after: 3 days
TCP clients. The problem was that a struct netconfig returned by
getnetconfigent() was being treated as a handle for __rpc_getconf(),
which certainly isn't right.
The tirpc-99 code uses __rpc_setconf("udp")/__rpc_getconf() to find
the IPv4 udp netconfig, but our implementation of these functions
seem happy to return IPv6 entries, so we can't use them. By reverting
to the old version, we are hard-coding the name of the udp4 netid.
Tracked down by: Bakul Shah <bakul@bitblocks.com>
This will make the behavior robuster if many addresses are added
after the size estimation of storage at the first sysctl.
Reviewed by: JINMEI Tatuya <jinmei@isl.rdc.toshiba.co.jp>
MFC after: 1 week
- use strlcpy.
- snprintf can return negative value, so cope with it.
- tweak interface index on interface locals (ff01::/16).
- removed unused macros.
- removed a macro that uses only once (in a trivial context).
- explicitly say goodbye to ENI_xxx.
- constify struct afd.
Obtained from: KAME
MFC after: 1 week
completeness and doesn't get us a working libc_r there because libc_r
uses setjmp() and setjmp() cannot be used for context switches on ia64
as-is (or sparc64). Rather than making setjmp/longjmp behave like
the *context() calls, it would be far better to make libc_r use *context()
directly which is what they are for.
Obtained from: marcel
info. This turned out to be rather useful on ia64 for tracking down
malloc/free problems.
Detect duplicate free()'s - otherwise these show up as a guard1 failure
and it looks like corruption instead of something simple like a second
free() where there shouldn't be.
Deal with libz using libc headers and not seeing the malloc/free stuff that
we provide in libstand. Do similar nastiness to what is done for bzlib.
Tested on: i386, ia64 (compile, run)
- add GLOB_NOMATCH return value and use it when we don't get a match
- rename GLOB_ABEND to GLOB_ABORTED and use it instead of returning 1
in some places
- add GLOB_NOESCAPE flag and retire GLOB_QUOTE to compatibility
section
Suggestions/advice on correct usage of POSIX defines: wollman
support creation times such as UFS2) to the value of the
modification time if the value of the modification time is older
than the current creation time. See utimes(2) for further details.
Sponsored by: DARPA & NAI Labs.
Assembler macros are tidied up and made as similar as sanely possible.
The macros are translated into C (__inline static) functions for lint.
Declaration orders are made the same.
Declarations are all ISOfied and tidied up.
Comment contents have gratuitous diffs removed.
The net result is a bunch of crt1.c's that are 90% the same.
It may be possible to now encapsulate the differences in one
MD header, and have only one MI crt1.c file (although the macros
to do this may be ugly).
Helpful comments by: obrien, bde
Alpha tested by: des
i386-elf tested by: markm
It's silly to call sysctl() to get the value of _PATH_STDPATH from
<paths.h> when we can just use it directly. This greatly simplifies
the implementation. (This is also part of my grand scheme to get
rid of sysctl's `user' category, which should never have been created.)
Use strlcpy() instead of strncpy() as it has the exact semantics we want.
no punch_fw was used.
Fix another couple of bugs which prevented rules from being
installed properly.
On passing, use IPFW2 instead of NEW_IPFW to compile the new code,
and slightly simplify the instruction generation code.
file descriptors does not change upon dropping privilege, and include
a likely case of `setuid(non_superuser); exec(...);'.
Sponsored by: DARPA, NAI Labs
Obtained from: TrustedBSD Project
the build. It is here to compartmentalise functionality currently duplicated
in many notable programs in the base system. It currently handles block
reads and writes, as well as reading and writing of the filesystem superblock,
and the reading/lookup of inode data. It supports both UFS and UFS2. I
will be maintaining it, and porting programs to use it, however for now, it
is simply being built as part of world.
The ability to schedule multiple threads per process
(one one cpu) by making ALL system calls optionally asynchronous.
to come: ia64 and power-pc patches, patches for gdb, test program (in tools)
Reviewed by: Almost everyone who counts
(at various times, peter, jhb, matt, alfred, mini, bernd,
and a cast of thousands)
NOTE: this is still Beta code, and contains lots of debugging stuff.
expect slight instability in signals..
This code makes use of variable-size kernel representation of rules
(exactly the same concept of BPF instructions, as used in the BSDI's
firewall), which makes firewall operation a lot faster, and the
code more readable and easier to extend and debug.
The interface with the rest of the system is unchanged, as witnessed
by this commit. The only extra kernel files that I am touching
are if_fw.h and ip_dummynet.c, which is quite tied to ipfw. In
userland I only had to touch those programs which manipulate the
internal representation of firewall rules).
The code is almost entirely new (and I believe I have written the
vast majority of those sections which were taken from the former
ip_fw.c), so rather than modifying the old ip_fw.c I decided to
create a new file, sys/netinet/ip_fw2.c . Same for the user
interface, which is in sbin/ipfw/ipfw2.c (it still compiles to
/sbin/ipfw). The old files are still there, and will be removed
in due time.
I have not renamed the header file because it would have required
touching a one-line change to a number of kernel files.
In terms of user interface, the new "ipfw" is supposed to accepts
the old syntax for ipfw rules (and produce the same output with
"ipfw show". Only a couple of the old options (out of some 30 of
them) has not been implemented, but they will be soon.
On the other hand, the new code has some very powerful extensions.
First, you can put "or" connectives between match fields (and soon
also between options), and write things like
ipfw add allow ip from { 1.2.3.4/27 or 5.6.7.8/30 } 10-23,25,1024-3000 to any
This should make rulesets slightly more compact (and lines longer!),
by condensing 2 or more of the old rules into single ones.
Also, as an example of how easy the rules can be extended, I have
implemented an 'address set' match pattern, where you can specify
an IP address in a format like this:
10.20.30.0/26{18,44,33,22,9}
which will match the set of hosts listed in braces belonging to the
subnet 10.20.30.0/26 . The match is done using a bitmap, so it is
essentially a constant time operation requiring a handful of CPU
instructions (and a very small amount of memmory -- for a full /24
subnet, the instruction only consumes 40 bytes).
Again, in this commit I have focused on functionality and tried
to minimize changes to the other parts of the system. Some performance
improvement can be achieved with minor changes to the interface of
ip_fw_chk_t. This will be done later when this code is settled.
The code is meant to compile unmodified on RELENG_4 (once the
PACKET_TAG_* changes have been merged), for this reason
you will see #ifdef __FreeBSD_version in a couple of places.
This should minimize errors when (hopefully soon) it will be time
to do the MFC.
re-read from the stack mid copy. This may help mitigate the recent
Apache buffer overrun and future overruns of the sort.
Reviewed by: jdp
MFC after: 2 days
file descriptors in programs linked with libc_r with flags
other than the default ones. This kept, inter alia, freopen()
from working correctly when reopening standard streams.
reviewed by: deischen
PR: misc/39377
Use memcpy for all little-endian architectures, sys/kern/md5c.c indicates
this should be safe for all currently supported LE archs.
Change the Encode and Decode functions for other archs to use le32toh()
and htole32() functions instead of explicit byte shuffling.
On sparc64 this gives md5(1) about 8% speed increase.
filesystem expands the inode to 256 bytes to make space for 64-bit
block pointers. It also adds a file-creation time field, an ability
to use jumbo blocks per inode to allow extent like pointer density,
and space for extended attributes (up to twice the filesystem block
size worth of attributes, e.g., on a 16K filesystem, there is space
for 32K of attributes). UFS2 fully supports and runs existing UFS1
filesystems. New filesystems built using newfs can be built in either
UFS1 or UFS2 format using the -O option. In this commit UFS1 is
the default format, so if you want to build UFS2 format filesystems,
you must specify -O 2. This default will be changed to UFS2 when
UFS2 proves itself to be stable. In this commit the boot code for
reading UFS2 filesystems is not compiled (see /sys/boot/common/ufsread.c)
as there is insufficient space in the boot block. Once the size of the
boot block is increased, this code can be defined.
Things to note: the definition of SBSIZE has changed to SBLOCKSIZE.
The header file <ufs/ufs/dinode.h> must be included before
<ufs/ffs/fs.h> so as to get the definitions of ufs2_daddr_t and
ufs_lbn_t.
Still TODO:
Verify that the first level bootstraps work for all the architectures.
Convert the utility ffsinfo to understand UFS2 and test growfs.
Add support for the extended attribute storage. Update soft updates
to ensure integrity of extended attribute storage. Switch the
current extended attribute interfaces to use the extended attribute
storage. Add the extent like functionality (framework is there,
but is currently never used).
Sponsored by: DARPA & NAI Labs.
Reviewed by: Poul-Henning Kamp <phk@freebsd.org>
Fixed pow(x, y) when x is very close to -1.0 and y is a very large odd
integer. E.g., pow(-1.0 - pow(2.0, -52.0), 1.0 + pow(2.0, 52.0)) was
0.0 instead of being very close to -exp(1.0).
PR: 39236
Submitted by: Stephen L Moshier <steve@moshier.net>
e_powf.c:
Apply the same patch although it is just cosmetic because odd integers
large enough to cause the problem are too large to be precisely represented
as floats.
MFC after: 1 week
Since they were never documented and have never appeared in a FreeBSD
release, no repo-copy of the header is done. This removes namespace
pollution from <time.h>.
condense the redundant bits.
o Provide an example for using snprintf over sprintf. This may be
supplemented with an asprintf() example soon.
Sponsored by: DARPA, NAI Labs
a format string. This will later on be changed to a reference to the
FreeBSD Security Architecture after it has been committed.
PR: docs/39320
Sposnored by: DARPA, NAI Labs
rad_request_authenticator()
Returns the Request-Authenticator relevant to the most recently received
RADIUS response.
rad_server_secret()
Returns the Shared Secret relevant to the most recently received
RADIUS response.
Neither of these functions should be necessary, however, the
MS-MPPE-Recv-Key and MS-MPPE-Send-Key Microsoft Vendor Specific
attributes are supplied in a mangled (encrypted) format, requiring
this information to demangle.
It's not clear whether these functions should be replaced with a
rad_demangle() function or whether these attributes are one-offs.
Sponsored by: Monzoon
Hopefully, now it is more clear that the memory referenced by the
ptr argument of realloc(ptr,size) is freed and only the return value
of realloc() points to a valid memory area upon successful completion.
Submitted by: Martin Faxer <gmh003532@brfmasthugget.se>
which contains the socket descriptor, the input buffer and (yet unused)
SSL state variables. This has the neat side effect of greatly improving
reentrance (though we're not *quite* there yet) and opening the door to
HTTP connection caching.
This commit is inspired by email conversations with and patches from
Henry Whincup <henry@techiebod.com> last fall.
__dlfunc_t to dlfunc_t to match what I have proposed to the Austin
Group. (This also makes it easier for applications to store these
values before they decide what to do with them, e.g., in a wrapper
function.)
Add new dlfunc() interface, which is a version of dlsym() with a
return type that can be cast to a function pointer without turning
your computer into a frog.
Reviewed by: freebsd-standards
- float ynf(int n, float x) /* wrapper ynf */
+float
+ynf(int n, float x) /* wrapper ynf */
This is because the __STDC__ stuff was indented.
Reviewed by: md5
The uuidgen command, by means of the uuidgen syscall, generates one
or more Universally Unique Identifiers compatible with OSF/DCE 1.1
version 1 UUIDs.
From the Perforce logs (change 11995):
Round of cleanups:
o Give uuidgen() the correct prototype in syscalls.master
o Define struct uuid according to DCE 1.1 in sys/uuid.h
o Use struct uuid instead of uuid_t. The latter is defined
in sys/uuid.h but should not be used in kernel land.
o Add snprintf_uuid(), printf_uuid() and sbuf_printf_uuid()
to kern_uuid.c for use in the kernel (currently geom_gpt.c).
o Rename the non-standard struct uuid in kern/kern_uuid.c
to struct uuid_private and give it a slightly better definition
for better byte-order handling. See below.
o In sys/gpt.h, fix the broken uuid definitions to match the now
compliant struct uuid definition. See below.
o In usr.bin/uuidgen/uuidgen.c catch up with struct uuid change.
A note about byte-order:
The standard failed to provide a non-conflicting and
unambiguous definition for the binary representation. My initial
implementation always wrote the timestamp as a 64-bit little-endian
(2s-complement) integral. The clock sequence was always written
as a 16-bit big-endian (2s-complement) integral. After a good
nights sleep and couple of Pan Galactic Gargle Blasters (not
necessarily in that order :-) I reread the spec and came to the
conclusion that the time fields are always written in the native
by order, provided the the low, mid and hi chopping still occurs.
The spec mentions that you "might need to swap bytes if you talk
to a machine that has a different byte-order". The clock sequence
is always written in big-endian order (as is the IEEE 802 address)
because its division is resulting in bytes, making the ordering
unambiguous.
- Remove redundant "? :" construct.
style(9):
- Place a space after return statements.
- Compare pointers to NULL.
- Do not use ! to compare a character to nul.
and pthread_resume_all_np(). These suspend and resume all threads except
the current thread, respectively. The existing functions pthread_single_np()
and pthread_multi_np(), which formerly had no effect, now exhibit the same
behaviour and pthread_suspend_all_np() and pthread_resume_all_np(). These
functions have been added mostly for the native java port.
Don't allow the uthread kernel pipe to use the same descriptors as
stdio. Mostily submitted by Oswald Buddenhagen <ossi@kde.org>.
Correct some minor style nits.
obscene, or - as they say in New York - sophisticated, add pam_echo(8) and
pam_exec(8) to our ever-lengthening roster of PAM modules.
Sponsored by: DARPA, NAI Labs.
- fix a potential overrun made worse by rev 1.5 of camlib.h
- change strncpy() and strcpy() calls to strlcpy()
- use sizeof(string[]) instead of STRING_LEN to avoid future problems
- get rid of an unused variable
Thanks to BDE for pointing out some of the problems.
MFC after: 2 weeks
Get rid of the INTERNALSTATICLIB knob and just use plain INTERNALLIB.
INTERNALLIB now means to build static library only and don't install
anything. Added a NOINSTALLLIB knob for libpam/modules. To not
build any library at all, just do not set LIB.
via INCS. Implemented INCSLINKS (equivalent to SYMLINKS) to
handle symlinking include files. Allow for multiple groups of
include files to be installed, with the powerful INCSGROUPS knob.
Documentation to follow.
Added standard `includes' and `incsinstall' targets, use them
in Makefile.inc1. Headers from the following makefiles were
not installed before (during `includes' in Makefile.inc1):
kerberos5/lib/libtelnet/Makefile
lib/libbz2/Makefile
lib/libdevinfo/Makefile
lib/libform/Makefile
lib/libisc/Makefile
lib/libmenu/Makefile
lib/libmilter/Makefile
lib/libpanel/Makefile
Replaced all `beforeinstall' targets for installing includes
with the INCS stuff.
Renamed INCDIR to INCSDIR, for consistency with FILES and SCRIPTS,
and for compatibility with NetBSD. Similarly for INCOWN, INCGRP,
and INCMODE.
Consistently use INCLUDEDIR instead of /usr/include.
gnu/lib/libstdc++/Makefile and gnu/lib/libsupc++/Makefile changes
were only lightly tested due to the missing contrib/libstdc++-v3.
I fully tested the pre-WIP_GCC31 version of this patch with the
contrib/libstdc++.295 stuff.
These changes have been tested on i386 with the -DNO_WERROR "make
world" and "make release".
a floating point instruction into a 6-bit register number for
double and quad arguments.
Make use of the new INSFPdq_RN macro where apporpriate; this
is required for correctly handling the "high" fp registers
(>= %f32).
Fix a number of bugs related to the handling of the high registers
which were caused by using __fpu_[gs]etreg() where __fpu_[gs]etreg64()
should be used (the former can only access the low, single-precision,
registers).
Submitted by: tmm
startup code rather than a static C++ object since c++ seems to be broken.
This doesn't seem to work for staticically linked program just yet, I'll
give that some more work when I get a chance.
