|  | Commit message (Collapse) | Author | Age | Files | Lines | 
|---|
| | |  | 
| | 
| 
| 
| | ok guenther jmc | 
| | 
| 
| 
| 
| 
| 
| 
| | requiring it (sftp-server).
Remove the /exists///// behaviour from here.  The /nonexistant
behaviour remains in the kernel and needs to be shot next.
There may be ports fallout, but we doubt it.
ok beck djm | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| | have a different calling convention than the standard function...as seen
in kdump output.
ok deraadt@ schwarze@ | 
| | 
| 
| 
| 
| 
| | value < 0.  errno is only updated in this case.  Change all (most?)
callers of syscalls to follow this better, and let's see if this strictness
helps us in the future. | 
| | 
| 
| 
| 
| 
| | on error, so checking for -1 only is potentially non-portable.
Also mention that the C89 standard does not require errno to be set.
OK deraadt@ millert@ | 
| | 
| 
| 
| 
| | -1 to mark failure, not arbitrary values < 0.  I believe manual pages
should follow the described contract precisely and accurately. | 
| | 
| 
| 
| 
| 
| 
| 
| | code.  We now user the simple userland wrapper on top of __realpath(2).
The non-POSIX behaviour still remains, that is the next component to fix.
From a diff by beck, but I managed to chainsaw it a bit further.  Tested
in snaps for a couple of days.
ok beck | 
| | |  | 
| | 
| 
| 
| 
| 
| | it is a thin wrapper over the syscall __readlink(2).  Improve the list
of possible errors.
ok millert beck jmc | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | _csu_finish() to _libc_preinit(), which is an .init_array function
in shared libc (and mark it INITFIRST) or a .preinit_array function
in static libc, grabbing the _dl_cb callback there from ld.so.  Then
in _csu_finish(), invoke the dl_clean_boot() callback to free ld.so's
startup bits before main() gets control.
Other cleanups this permits:
 - move various startup structures into .data.rel.ro
 - the dl* stubs in libc can be strong and call the callbacks provided
   via _dl_cb
 - no longer need to conditionalize dlctl() calls on presence of _DYNAMIC
original concept and full diff ok kettenis@
ok deraadt@ | 
| | 
| 
| 
| 
| | checks userland-parsing vs kernel parsing, we are hoping to spot another
bug.. | 
| | 
| 
| 
| | calling it until those are fixed. | 
| | 
| 
| 
| 
| 
| 
| 
| | For now, this also still uses the existing realpath implmentation
and emits a syslog if we see differening results. Once we have run
with that for a little while we will remove the old code
ok deraadt@ | 
| | 
| 
| 
| | Fixes malloc_conceal...freezero with malloc options C and/or G. | 
| | 
| 
| 
| 
| | triggered by a question from Jan Stary <hans at stare dot cz> on misc@;
OK otto@ | 
| | 
| 
| 
| 
| 
| | i.e. those other than LC_CTYPE, into the CAVEATS section, and
standardize wording somewhat.
OK jmc@ | 
| | |  | 
| | |  | 
| | 
| 
| 
| 
| | jmc@ noticed that the text wasn't completely clear;
OK jmc@ | 
| | |  | 
| | 
| 
| 
| 
| | counterparts but return memory in pages marked MAP_CONCEAL and on
free() freezero() is actually called. | 
| | 
| 
| 
| 
| 
| 
| 
| 
| | allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit().  The reasoning is _rs_init() will only
fail if someone finds a way to apply specific pressure against this
failure point, for the purpose of leaking information into a core which
they can read.  We don't need a corefile in this instance to debug that.
So take this "lever" away from whoever in the future wants to do that. | 
| | 
| 
| 
| | patch from Peter Piwowarski <peterjpiwowarski at gmail dot com> | 
| | 
| 
| 
| 
| 
| 
| 
| 
| | This implementation reduces contention because threads no longer need
to spin calling sched_yield(2) before going to sleep.
Tested by many, thanks!
ok visa@, pirofti@ | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | |  | 
| | 
| 
| 
| | the wrong idiom. ok tedu@ but probably needs some tweakin | 
| | 
| 
| 
| | ok deraadt@ tedu@ | 
| | 
| 
| 
| 
| 
| 
| 
| | * mention LC_COLLATE;
* clarify that all these functions are infested, including the *_l() versions;
* avoid ENVIRONMENT, these functions don't inspect it;
* and point to the C library functions that change the locale.
OK millert@ | 
| | 
| 
| 
| 
| 
| | clearly stating which arguments have to be avoided, and mention the
header files defining the constants required for the checks.
Feedback and OK guenther@, OK bluhm@. | 
| | 
| 
| 
| 
| 
| 
| 
| | CAVEATS pointing to the new CAVEATS section in setlocale(3).
Make those in wprintf(3) and wscanf(3) more concise
since duplicate information is a bad idea.
Incompleteness of information originally pointed out by millert@.
OK millert@ | 
| | 
| 
| 
| 
| | Checking Disabled flag. Introduce a RES flag to do so. ok krw@
deraadt@ eric@ | 
| | 
| 
| 
| | by me and others indicate that it is the optimum. | 
| | 
| 
| 
| 
| 
| | making the number of pools variable.  Do not document the malloc
conf settings atm, don't know yet if they will stay.  Thanks to all
the testers. ok deraadt@ | 
| | 
| 
| 
| | tested by many; ok florian@ | 
| | |  | 
| | 
| 
| 
| | patch from Hiltjo Posthuma <hiltjo at codemadness dot org> | 
| | |  | 
| | 
| 
| 
| 
| 
| | now that there is essentially no malloc.conf;
text tweaked by deraadt; ok otto deraadt | 
| | 
| 
| 
| 
| 
| 
| 
| 
| 
| 
| | libs have it, it is a function that is considered harmful, so:
Delete malloc_usable_size(). It is a function that blurs the line
between malloc managed memory and application managed memory and
exposes some of the internal workings of malloc.  If an application
relies on that, it is likely to break using another implementation
of malloc.  If you want usable size x, just allocate x bytes. ok
deraadt@ and other devs | 
| | 
| 
| 
| | PROTO_NORMAL().  Problem noted by deraadt@ | 
| | |  | 
| | 
| 
| 
| 
| 
| 
| 
| | effectively use pledge(2) in some programs.
approval from many, thanks!
idea by & ok deraadt@ | 
| | |  |