Initially, 'acl' (an 'acl_t *') is allocated, and its ACCESS_ACL and
DEFAULT_ACL fields are passed to the 'libc' ACL routines for subsequent
allocation. If the '-m' option (merge existing ACL with a new one) is
specified, then 'set_acl_mask()' will be called and passed one of the
two ACLs. This function, in turn, replaces this given ACL structure by
another, freshly allocated. However, the pointer in the 'acl' variable
in the caller is not updated. The caller then proceeds to free the ACL,
incurring in a double free condition.
Submitted by: Pedro Martelletto <pedro at ambientworks.net>
Approved by: rwatson (mentor)
for the convenience of rc.d. Now it has happily lived there for quite
a while. So move the pkill(1) source files from usr.bin to bin, too.
Approved by: gad
When I imported the MPSAFE TTY code, I added the -p flag to sh(1)'s
ulimit, but I forgot to document it in the appropriate manual page.
Requested by: stefanf
After the MPSAFE TTY import, we have support for the TAB0 and TAB3 flags
to handle tab expansion, while we only used to support OXTABS. Switch
stty(1) to use tab0 and tab3 to print whether tab expansion is turned on
or off. Implement the oxtabs and tabs switches by setting the
appropriate TABx value.
Even though POSIX only lists this as being XSI, we'd better follow it.
The last half year I've been working on a replacement TTY layer for the
FreeBSD kernel. The new TTY layer was designed to improve the following:
- Improved driver model:
The old TTY layer has a driver model that is not abstract enough to
make it friendly to use. A good example is the output path, where the
device drivers directly access the output buffers. This means that an
in-kernel PPP implementation must always convert network buffers into
TTY buffers.
If a PPP implementation would be built on top of the new TTY layer
(still needs a hooks layer, though), it would allow the PPP
implementation to directly hand the data to the TTY driver.
- Improved hotplugging:
With the old TTY layer, it isn't entirely safe to destroy TTY's from
the system. This implementation has a two-step destructing design,
where the driver first abandons the TTY. After all threads have left
the TTY, the TTY layer calls a routine in the driver, which can be
used to free resources (unit numbers, etc).
The pts(4) driver also implements this feature, which means
posix_openpt() will now return PTY's that are created on the fly.
- Improved performance:
One of the major improvements is the per-TTY mutex, which is expected
to improve scalability when compared to the old Giant locking.
Another change is the unbuffered copying to userspace, which is both
used on TTY device nodes and PTY masters.
Upgrading should be quite straightforward. Unlike previous versions,
existing kernel configuration files do not need to be changed, except
when they reference device drivers that are listed in UPDATING.
Obtained from: //depot/projects/mpsafetty/...
Approved by: philip (ex-mentor)
Discussed: on the lists, at BSDCan, at the DevSummit
Sponsored by: Snow B.V., the Netherlands
dcons(4) fixed by: kan
understand which code paths aren't possible.
This commit eliminates 117 false positive bug reports of the form
"allocate memory; error out if pointer is NULL; use pointer".
When I ported most applications away from <sgtty.h>, I noticed none of
them were actually using these definitions. I kept them in place,
because I didn't want to touch tools like pstat(8) and stty(1).
In preparation for the MPSAFE TTY layer, remove these definitions. This
doesn't have any impact with respect to binary compatibility (see
tty_conf.c).
We couldn now add an #error to <sys/ioctl_compat.h> when included
outside the kernel. Unfortunately, kdump's mkioctls includes this file
unconditionally.
Approved by: philip (mentor)
Cast string precision to `int'. amd64 systems warn about the
field precision being `long int' if we don't, and pathnames are
normally short enough to fit in an `int'.
Noticed by: pav
ln(1) checks to see if the source of a symlink, i.e. the file it
should point to actually exists. The default is the old ln
behavior, that does not check, to avoid surprising people who may
be using ln(1) in scripts or other non-interactive places.
PR: bin/7265
Submitted by: Joel Ray Holveck, detlev!joelh at mail.camalott.com
MFC after: 2 weeks
Portability Utilities" option.
Often configure scripts generated by the autotools test if $LINENO works and
refuse to use /bin/sh if not.
Package test run by: pav
to type int.
- Change the type used for arithmetic expansion to intmax_t (ie. 64 bit on all
currently supported FreeBSD architectures). SUSv3 requires at least type
long but allows for larger types. Other shells (eg. bash, zsh, NetBSD's sh)
do that too.
PR: 122659
Submitted by: Jaakko Heinonen (minor modifications by me)
are used to modify the arguments. Not doing so caused random memory reads or
null pointer dereferences when 'getopts' was called again later (SUSv3 says
getopts produces unspecified results in this case).
PR: 48318
- Allow realpath to accept multiple paths on the command line.
- Add -q to suppress warnings if some paths can't be processed, and use
getopt(3) to process flags.
- Print the path being requested rather than a possibly partially
processed path when a failure occurs so that you can tell which of
several passed paths did fail.
MFC after: 1 week
PR: 112920
Submitted by: Ighighi <ighighi@gmail.com>
- Add -v to print file names as they are processed; -vv prints the flags
change as well.
- Add -f to ignore failures with the same semantics as chflags(1), neither
printing an error nor affecting the return code.
- Don't try to set the flags if they won't change.
I made minor cosmetic tweaks to the code in the patch.
MFC after: 1 week
PR: 112827
Submitted by: Ighighi <ighighi at gmail.com>
computes the new path and the second one, updatepwd(), updates the variables
PWD, OLDPWD and the path used for the pwd builtin according to the new
directory. For a logical directory change, chdir() is now called between
those two functions, no longer causing wrong values to be stored in PWD etc. if
it fails.
PR: 64990, 101316, 120571
on platforms with unsigned chars. The comparison in question is there to
determine whether chars are unsigned or not and is based on comparing a
char, initialized to -1, for less than 0. Change the comparison to check
for geater than 0 instead...
and follow the letter of the POSIX specification.
- Moving a directory to an existing non-empty directory will now fail,
as required.
- Improve consistency and remove some style bugs of earlier versions.
This version passes all tests of tools/regression/bin/mv/regress.sh 1.6
Reviewed by: bde
MFC after: 1 month
warning is given when the directory doesn't exist.
PR: bin/50656
Submitted by: Edwin Groothuis <edwin@mavetju.org>
Approved by: grog@
Not reviewed by: grog@
with the same name exists, delete that directory first, before performing
the copy. This ensures that mv(1) across devices follows the semantics
of rename(2), as required by POSIX.
This change could introduce the potential of data loss, even if the
copy fails, violating the atomicity properties of rename(2). This is
(mostly) mitigated by first renaming the destination and obliterating
it only after a succesfull copy.
The above logic also led to the introduction of code that will cleanup
the results of a partial copy, if a cross-device copy fails.
PR: bin/118367
MFC after: 1 month
This fixes its compilation if MK_OPENSSL == no and also obsoletes
release/Makefile rev. 1.192. The latter isn't reverted though as
support for the fixit floppy and the rest of the boot floppies is
scheduled to be deorbited anyway.
Discussed with: kensmith
kthread_add() takes the same parameters as the old kthread_create()
plus a pointer to a process structure, and adds a kernel thread
to that process.
kproc_kthread_add() takes the parameters for kthread_add,
plus a process name and a pointer to a pointer to a process instead of just
a pointer, and if the proc * is NULL, it creates the process to the
specifications required, before adding the thread to it.
All other old kthread_xxx() calls return, but act on (struct thread *)
instead of (struct proc *). One reason to change the name is so that
any old kernel modules that are lying around and expect kthread_create()
to make a process will not just accidentally link.
fix top to show kernel threads by their thread name in -SH mode
add a tdnam formatting option to ps to show thread names.
make all idle threads actual kthreads and put them into their own idled process.
make all interrupt threads kthreads and put them in an interd process
(mainly for aesthetic and accounting reasons)
rename proc 0 to be 'kernel' and it's swapper thread is now 'swapper'
man page fixes to follow.
- p_sflag was mostly protected by PROC_LOCK rather than the PROC_SLOCK or
previously the sched_lock. These bugs have existed for some time.
- Allow swapout to try each thread in a process individually and then
swapin the whole process if any of these fail. This allows us to move
most scheduler related swap flags into td_flags.
- Keep ki_sflag for backwards compat but change all in source tools to
use the new and more correct location of P_INMEM.
Reported by: pho
Reviewed by: attilio, kib
Approved by: re (kensmith)
setenv(3) by tracking the size of the memory allocated instead of using
strlen() on the current value.
Convert all calls to POSIX from historic BSD API:
- unsetenv returns an int.
- putenv takes a char * instead of const char *.
- putenv no longer makes a copy of the input string.
- errno is set appropriately for POSIX. Exceptions involve bad environ
variable and internal initialization code. These both set errno to
EFAULT.
Several patches to base utilities to handle the POSIX changes from
Andrey Chernov's previous commit. A few I re-wrote to use setenv()
instead of putenv().
New regression module for tools/regression/environ to test these
functions. It also can be used to test the performance.
Bump __FreeBSD_version to 700050 due to API change.
PR: kern/99826
Approved by: wes
Approved by: re (kensmith)
handling is that fd = open(foo) is -1. This bug is harmless since
close(-1) just returns an error (which the code ignores).
Found by: Coverity Prevent(tm)
CID: 1503 (in userland test run)
Not because I admit they are technically wrong and not because of bug
reports (I receive nothing). But because I surprisingly meets so
strong opposition and resistance so lost any desire to continue that.
Anyone who interested in POSIX can dig out what changes and how
through cvs diffs.
1) Under POSIX unsetenv("foo=bar") is explicit error and not equal
to unsetenv("foo")
2) Prepare for upcomig POSIXed putenv() rewrite: make putenv() calls
portable and conforming to standard.
Before this fix the -h flag was ignored (i.e. setfacl
always set the ACL on the file pointed to by the symbolic
link even when the -h flag requested that the ACL be set
on the symbolic link itself).
either -v or -V) if a file with a slash in the name doesn't exist (if there is
no slash we already did that).
Additionally, suppress the error message for command -v for files with a slash.
PR: 107674
Submitted by: Martin Kammerhofer
This allows script compatibility with Linux, whose
"hostname" is the same as BSD "hostname -s".
With this change, "hostname -f" is the same on
both systems.
MFC after: 7 days
issue a syntax error immediately but save the information that it is erroneous
for later when the parameter expansion is actually done. This means eg. "false
&& ${}" will not generate an error which seems to be required by POSIX.
Include the invalid parameter expansion in the error message (sometimes
abbreviated with ... because recovering it would require a lot of code).
PR: 105078
Submitted by: emaste
instead of removing the file and issue a warning about
the removal, do not do any operation at all in case -P
is specified when the dinode has hard links.
With -f and -P specified together, we assume that the
user wants rm to overwrite the contents of the file
and remove it (destroy the contents of file but leave
its hard links as is).
The reason of doing it this way is that, in case where
a hard link is created by a malicious user (currently
this is permitted even if the user has no access to the
file). Losing the link can potentially mean that the
actual owner would lose control completely to the user
who wants to obtain access in a future day.
Discussed with: Peter Jermey
is hard links. Overwritting when links > 1 would cause data
loss, which is usually undesired.
Inspired by: discussion on -hackers@
Suggested by: elessar at bsdforen de
Obtained from: OpenBSD