| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
The previous commit had the desired effect for setugid programs, but
broke TZ for everyone else. I didn't notice because my test cases
swap out /etc/localtime instead of setting TZ, so add a test case
that sets TZ.
Fixes: b6ea2513f776 ("tzcode: Limit TZ for setugid programs")
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D52108
|
| |
|
|
|
|
|
|
| |
PR: 288931
Reviewed by: emaste, glebius
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D52010
|
| |
|
|
|
|
|
| |
Reviewed by: emaste, glebius
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D52010
|
| |
|
|
|
|
|
| |
Reviewed by: emaste, glebius
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D52010
|
| |
|
|
|
|
|
| |
Reviewed by: emaste, glebius
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D52010
|
| |
|
|
|
|
|
|
| |
gcc doesn't like something about the initializer that comes with
jemalloc. Since it's vendor code, make this warning not an error
for -Werror purposes.
Sponsored by: Netflix
|
| |
|
|
|
|
| |
- s/aguments/arguments/
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This brings in a merge from jemalloc 5.3.0. It's almost fully scripted, except:
Three conflicts resolved by hand:
include/jemalloc/internal/test_hooks.h Use the new name
src/extent.c Use the new code
src/jemalloc.c Use the new code since je_realloc has moved
The script is recorded in FREEBSD-upgrade. The old script did svn
commands that were basically a rebase of our changes. This update has a
series of diff reduction changes before this.
Note: I'd planned on fixing the above three conflicts with commits, but
ran out of time when I did this work in January. I got discouraged when
jemalloc was EOL'd and didn't pick this back up. I did the above by hand
to get this into FreeBSD 15.0
This work is a repeat of the work by Minsoo Choo who did all these
changes and created a pull request. Given the importance of jemalloc, I
audited these changes by redoing them in this series of commits (and
with the script that was checked in). I did this to confince myself and
anybody else in doubt that there was no supply chain attack. The diffs
between this series of commits and Minsoo's work are minor (though the
version skew makes adds some noise). Interested parties can independent
audit each step, I hope. I've listed Minsoo as a co-author since without
his pull request to test again, this wouldn't have been possible.
Thanks to brooks@ for help with getting the jemalloc 3 ABI compat
symbols right.
Co-authored-by: Minsoo Choo <minsoochoo0122@proton.me>
Pull Request: https://github.com/freebsd/freebsd-src/pull/1337
Sponsored by: Netflix
|
| |
|
|
|
|
| |
This reverts commit 7ac276298b72982189ac1a5b17461936dc00163e.
Requested by: kib
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As pointed out in the PR and the article linked below, the switch to
insertion sort in the BSD qsort code is based on a misunderstanding of
Knuth's TAOCP and is actually a pessimization. As demonstrated by the
added test, it is trivially easy to construct pathological input which
results in quadratic runtime. Without that misguided optimization, the
same input runs in nearly linearithmic time.
https://www.raygard.net/2022/02/26/Re-engineering-a-qsort-part-3
PR: 287089
MFC after: 1 week
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D51907
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On most other platforms observed, including OpenBSD, NetBSD, and Linux,
these system calls have long since been converted to only touching the
supplementary groups of the process. This poses both portability and
security concerns in porting software to and from FreeBSD, as this
subtle difference is a landmine waiting to happen. Bugs have been
discovered even in FreeBSD-local sources, since this behavior is
somewhat unintuitive (see, e.g., fix 48fd05999b0f for chroot(8)).
Now that the egid is tracked outside of cr_groups in our ucred, convert
the syscalls to deal with only supplementary groups. Some remaining
stragglers in base that had baked in assumptions about these syscalls
are fixed in the process to avoid heartburn in conversion.
For relnotes: application developers should audit their use of both
setgroups(2) and getgroups(2) for signs that they had assumed the
previous FreeBSD behavior of using the first element for the egid. Any
calls to setgroups() to clear groups that used a single array of the
now or soon-to-be egid can be converted to setgroups(0, NULL) calls to
clear the supplementary groups entirely on all FreeBSD versions.
Co-authored-by: olce (but bugs are likely mine)
Relnotes: yes (see last paragraph)
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D51648
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Following the earlier removal of keyserv, none of this functionality
works since it requires keyserv.
Remove the relevant symbols from libc's Symbol.map. Leave compatibility
symbols for existing applications, but since the functions don't work
without keyserv, stub them out to return an error.
Remove some private symbols that were only used by keyserv; these don't
get compatibility symbols.
Remove the documentation for the old functions.
Remove rpc.ypupdated since it requires DES authentication.
Reviewed by: manu, des, emaste
Differential Revision: https://reviews.freebsd.org/D50442
|
| |
|
|
|
|
|
|
|
|
|
| |
A very simple implementation as I don't have the patience right now
to write a full SWAR kernel. Should still do the trick if you wish
to opt out of SSE for some reason.
Reported by: Mikael Simonsson <m@mikaelsimonsson.com>
Reviewed by: strajabot
PR: 288321
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
| |
This ensures O(1) behaviour if the character is a constant offset
from the end of the string, regardless of how long the string is.
Reported by: Mikael Simonsson <m@mikaelsimonsson.com>
Reviewed by: benni
PR: 288321
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
|
| |
If we encounter a zero in the havezero state, we should assume octal,
just like we would if we encountered any other digit below 8.
MFC after: 1 week
PR: 288440
Fixes: d9dc1603d6e4 ("libc: Implement N2630.")
Reviewed by: mandree
Differential Revision: https://reviews.freebsd.org/D51832
|
| |
|
|
|
|
|
|
|
|
| |
A small oversight in our implementation of \w is that it's actually
not strictly [[:alnum:]]. According to the GNU documentation, it's
actually [[:alnum:]] + underscore. The fix is rather trivial: just add
it to our set explicitly, and amend our test set to be sure that _ is
actually included.
PR: 287396
|
| |
|
|
| |
Sponsored by: Klara, Inc.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we switched to an interposing table (commit 8495e8b1e9e1) for
cancelation points we stopped having concrete implementations of
__<syscall> and instead use __sys_<syscall> and __thr_<syscall>.
These entries of the form:
__weak_reference(__sys_<syscall>, __<syscall>);
seem to be intended to preserve these symbols, but they have no effect
as __sys_<syscall> isn't defined in the translation units in question.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D51668
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current incarnation of execvPe() is a bit messy, and it can be
rather difficult to reason about whether we're actually doing the right
thing with our errors. We have two cases in which we may enter the loop:
1.) We have a name that has no slashes in it, and we enter the loop
normally through our strsep() logic to process $PATH
2.) We have a name with at least one slash, in which case we jump into
the middle of the loop then bail after precisely the one iteration
if we failed
Both paths will exit the loop if we failed, either via jumping to the
`done` label to preserve an errno or into the path that clobbers errno.
Clobbering errno for case #2 above would seem to be wrong, as we did not
actually search -- this would seem to be what POSIX expects, as well,
based on expectations of the conformance test suite.
Simplify reasoning about the two paths by splitting out an execvPe_prog
that does the execve(2) call specifically, and returns based on whether
the error would be fatal in a PATH search or not. For the
relative/absolute case, we can just ignore the return value and keep
errno intact. The search case gets simplified to return early if
we hit a fatal error, or continue until the end and clobber errno if
we did not find a suitable candidate.
Another posix_spawnp() test is added to confirm that we didn't break our
EACCES behavior in the process.
Reviewed by: des, markj
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D51629
|
| |
|
|
|
|
|
|
| |
We have an explicit __sym_compat() entry for the legacy implementation.
Fixes: 7381dcc9eeb7
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D51701
|
| |
|
|
|
|
|
|
|
|
| |
This function was never safe to use. We marked it deprecated in the
manual page in 2016, and it is marked obsolete in POSIX 2024. Add a
linker warning and annotate the prototype.
Sponsored by: Klara, Inc.
Reviewed by: imp, markj
Differential Revision: https://reviews.freebsd.org/D51681
|
| |
|
|
|
|
|
|
|
|
| |
It seems to be a good place to help the user discover those useful
wrappers.
Reviewed by: christos
MFC after: 3 days
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D51654
|
| |
|
|
| |
Fixes: 3a686b851f8f
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
POSIX.1 states that `dbm_nextkey` must return an invalid key
(i.e., `key.dptr == NULL`) after the end of the database was reached.
The current implementation of `hash_seq` will incorrectly restart
the key sequence after the end of the database is reached.
Fix this by checking the "current bucket" index when R_NEXT is passed.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D51635
Reviewed by: markj
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The dbm(3) manpage explicitly states that O_WRONLY is not allowed in
dbm_open, but a more recent comment in ` __hash_open` suggests otherwise.
Furthermore, POSIX.1 allows O_WRONLY in dbm_open and states
that the underlying file must be opened for both reading and writing.
Fix this by correcting the O_WRONLY check and moving it further into
the function to make sure that the original flags are stored in hashp.
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D51514
|
| |
|
|
|
|
|
| |
Suggested by: avg
Reviewed by: avg
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51523
|
| |
|
|
|
|
| |
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D51492
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dbm_open currently returns an error when opening a missing database
with O_CREAT but creates the request database file. This is caused
by a buggy check in __hash_open which attempts to detect a new
(or empty) database file, but fails to take the O_CREAT flag into
account.
Fix this by expanding the check to include O_CREAT.
Fixes: edcdc752ecdd
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D51491
|
| |
|
|
|
|
|
| |
This hasn't been needed since FreeBSD 5.0.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D51434
|
| |
|
|
|
| |
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D37319
|
| |
|
|
|
|
|
|
|
|
|
| |
Otherwise, its use is only specified in the error case, which is
somewhat obscure. Also properly typeset NULL.
Reviewed by: pauamma_gundo.com
Discussed with: emaste
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Differential revision: https://reviews.freebsd.org/D51424
|
| |
|
|
|
|
|
|
|
| |
While here, clean the detection code up a bit.
Sponsored by: Klara, Inc.
Sponsored by: NetApp, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D51343
|
| |
|
|
|
|
|
|
|
|
|
| |
With the recent inclusion of the FD_CLOFORK and FD_RESOLVE_BENEATH flags,
we must avoid clearing them when setting only FD_CLOEXEC.
Signed-off-by: Ricardo Branco <rbranco@suse.de>
Reviewed by: kib, markj
MFC after: 1 month
Pull Request: https://github.com/freebsd/freebsd-src/pull/1766
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On PowerPC platforms a valid link to the Table of Contents (TOC) is
required for PLT lookups to function. This TOC pointer is stored in
a dedicated register, and is used along with the stack pointer by both
C prologue and PLT lookup code.
When calling swapcontext() with uc_link != NULL, a PLT lookup to
setcontext(3) is attempted from within the _ctx_done context. The
exiting process has usually trashed both r1 and r2 at this point,
leading to a crash within the PLT lookup before setcontext(2) is
reached to restore the linked context.
Save and restore r2 as in a regular function. This ensures the
subsequent PLT lookup to setcontext(3) succeeds.
Signed-off-by: Timothy Pearson <tpearson@raptorengineering.com>
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1759
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Now that dd_size is unsigned, we need to check if the return value from
getdirentries() was negative before assigning it to dd_size.
While here, simplify the scandir_error test case slightly, and verify
that calling readdir() again after EOF still returns NULL.
Fixes: 42e613018da5
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D51266
|
| |
|
|
|
|
|
| |
This private API is no longer used by rtld-elf so can be removed.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D50921
|
| |
|
|
|
|
|
|
| |
Use either size_t or off_t (as appropriate) instead of long.
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D51210
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is both more logical and more useful than EINVAL.
While here, also check for VBAD and return EBADF in that case. This can
happen if the underlying filesystem got forcibly unmounted after the
directory was opened. Previously, this would also have returned EINVAL,
which wasn't right but wasn't wrong either; however, ENOTDIR would not
be appropriate.
MFC after: never
Sponsored by: Klara, Inc.
Reviewed by: kevans, kib
Differential Revision: https://reviews.freebsd.org/D51209
|
| |
|
|
|
|
|
|
|
|
| |
These only existed for a few days before being renamed, so there's no
reason to continue to carry compatibility shims for them.
Fixes: deeebfdecab5
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D50981
|
| |
|
|
|
|
|
| |
Fixes: da2025a0e894
Sponsored by: Klara, Inc.
Reviewed by: bcr
Differential Revision: https://reviews.freebsd.org/D51208
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the calling process has used SIG_IGN as handler or set the
SA_NOCLDWAIT flag for SIGCHLD, processes will be automatically reaped on
exit and calls to waitpid(3) will therefore fail with ECHILD.
We waitpid primarily to reap our child so that the caller does not have
to worry about it. ECHILD indicates that there is no child to reap, so
we can just treat that as a success and move on.
Signed-off-by: Kenny Levinsen <kl@kl.wtf>
Tested by: Jan Beich
Pull Request: https://github.com/freebsd/freebsd-src/pull/1675
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* Add test cases for opendir() and fdopendir().
* Drop O_NONBLOCK from opendir(); it was added a long time ago to avoid
blocking if given a closed named pipe, but now we use O_DIRECTORY,
which ensures that we get ENOTDIR in that case.
* While here, remove unused #includes left over from the split.
Sponsored by: Klara, Inc.
Reviewed by: kevans, markj
Differential Revision: https://reviews.freebsd.org/D51126
|
| |
|
|
|
|
|
|
|
|
| |
__uexterr_format: return empty string on no error, instead of "No error"
err(): check for the first symbol of the exterr to decide if there is
anything to print.
Requested and reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D51204
|
| |
|
|
|
|
| |
Reviewed by: kib, markj
MFC after: 1 month
Pull Request: https://github.com/freebsd/freebsd-src/pull/1758
|
| |
|
|
|
|
| |
Reviewed by: asomers, brooks
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D51141
|
| |
|
|
|
|
|
|
|
|
|
| |
If the extended error string is provided by kernel, return only the
string, which is supposedly enough to identify exact cause of the error.
If the string is not provided, print the technically looking gibberish
which still allows to identify location with kernel sources.
Reviewed by: asomers, brooks
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D51141
|
| |
|
|
|
|
| |
Reviewed by: kib
MFC after: 1 month
Pull Request: https://github.com/freebsd/freebsd-src/pull/1698
|
| |
|
|
|
|
| |
Reviewed by: kib
MFC after: 1 month
Pull Request: https://github.com/freebsd/freebsd-src/pull/1698
|
| |
|
|
|
|
|
|
|
|
| |
inotify_init() and inotify_init1() are implemented using __specialfd(2).
inotify_add_watch() is implemented in terms of inotify_add_watch_at(2).
Reviewed by: kib
MFC after: 3 months
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D50315
|
| |
|
|
|
|
| |
Sponsored by: Klara, Inc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D51118
|
