summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2015-10-05Use explicit_bzero() instead of memset() for zeroing out secrets.Todd C. Miller
OK deraadt@
2015-10-05this process deserves -fstack-protector-allTheo de Raadt
2015-10-05some more bzero->explicit_bzero, from Michael McConvilleDamien Miller
2015-10-05correct picasso's birth date;Jason McIntyre
from comet (freebsd 116952), via richard
2015-10-05alpha ramdisk ran out of space, very slightly. Probably due to theTheo de Raadt
development of tame? option CD9660 and mount_cd9660 are already absent, so remove the cd(4) driver ok miod
2015-10-05tame "stdio inet cmsg" should work well in the session engine.Theo de Raadt
ok benno
2015-10-05KNF a switch statement, moving a local variable up a frame as well -Theo de Raadt
carefully.
2015-10-05Out, damned whitespace!Kenneth R Westerback
2015-10-05Count IFQ_ENQUEUE() failure as output drop.Masao Uebayashi
mpi@ prefers checking IFQ_ENQUEUE() error, and this matches that. OK dlg@
2015-10-05Don't count IF_DROP()'ed packets as if_oerrors too.Masao Uebayashi
mpi@ plans to clean-up IF_DROP()'s, but fix consistent use of it for now. OK dlg@
2015-10-05Remove unused errstr variable.Todd C. Miller
2015-10-05use different tame requests if TMPDIR is in env:Sebastien Marie
- tmppath for when mktemp() operates in /tmp proper - cpath+wpath for use of $TMPDIR based on log-message from previous commit ok deraadt@
2015-10-05Handle ifi_oqdrops in netstat(8).Masao Uebayashi
OK mpi@ dlg@
2015-10-05Accumulate ifq_drops into if_oqdrops if if_start().Masao Uebayashi
mpi@ questioned usefulness of if_snd.ifq_drops, but this is what exists now. This area is going to be readily polished. OK dlg@
2015-10-05Teach snmpd(8) about if_oqdrops.Masao Uebayashi
OK mpi@ dlg@
2015-10-05If expression omits -exec/execdir/-ok primaries, then find will neverTheo de Raadt
enter the fork+execve codepath. That allows use of "stdio getpw rpath"! Use of -exec methods have been discouraged for years anyways, with -print0/xargs -0 now considered safer practice. ok guenther millert
2015-10-05Add ifi_oqdrops and its alias to struct if_data.Masao Uebayashi
Necessary bumps in Ports will be handled by sthen@. OK mpi@ dlg@
2015-10-05If the -l flag is set, diff will fork/execve pr on a pipe. But otherTheo de Raadt
uses can tame "stdio wpath rpath cpath tmppath". tmppath for when mktemp() operates in /tmp proper, but cpath+wpath for use of $TMPDIR. ok sthen millert
2015-10-05correct a rtget() error checkSebastien Marie
this function could only return 0 or 1, and 1 on error. avoid to deref an uninitialised variable if rtget() return an error. ok millert@ benno@ deraadt@
2015-10-05these 3 files do not need sys/socket.hTheo de Raadt
2015-10-05tame "stdio rpath" or tame "stdio" suffices for all of these programs.Theo de Raadt
fairly easy to audit by running nm and noticing nothing beyond base stdio except for fopen/freopen. Then review all callpaths to those functions, and place the tame() calls. ok sthen
2015-10-05This can use tame "stdio rpath" from the top. If we are only working onTheo de Raadt
stdin, an additional tame "stdio" is easy. same diff from sthen
2015-10-05tame "stdio rpath" works. (Someone could refactor the processing loopTheo de Raadt
to handle the stdin case without rpath, but it looks a bit invasive. ok sthen
2015-10-05Simplify iwm(4) newstate task by only queuing one state transitionStefan Sperling
at a time. The newstate task now always transitions to the most recently requested state, rather than hopping along with every request. This allows us get rid of the silly newstate generation counter, and we can now task_del() a pending transition when the interface goes down. While several issues with this driver remain, I believe this change does not introduce new problems. Tested by myself, jasper@, and zhuk@
2015-10-05Factor LACP frame processing out to a separate taskMike Belopuhov
This is slightly refactored version of the diff by jmatthew@ that makes use of a single per-trunk task but retains per-port mbuf queues. Running LACP frame processing in a task context allows a simple way to synchronize changes to the trunk ports and trunk itself performed from the ioctl, timeout and task contexts with a kernel lock. OK mpi
2015-10-05Remove 'landisk' from the comment about NUMBOOT archs. Only oneKenneth R Westerback
NUMBOOT arch is left: Vax.
2015-10-05fix some spelling messes.Igor Sobrado
2015-10-05typo.Igor Sobrado
2015-10-05Fix missing checks for truncation of long file names. Rather thanAlexandre Ratchov
checking for truncation every time we touch the string, simply allocate a memory chunk large enough to store the full path.
2015-10-05tame "stdio rpath" works fine, as long as we sidestep the demanglingTheo de Raadt
process which involves fork+execve.... ok doug
2015-10-05Since the dawn of time, this has contained freopen() for the tty pathTheo de Raadt
with mode "w", as root, since "w" implies O_CREAT. That will create the raw file in /dev if it does not yet exist (due to a lie in utmp). It should use "r+", to open it for for O_RDWR only. Oh man this reminds me of 1988, how old is this bug? ok doug
2015-10-05tame "stdio rpath" initially; if we find out the only file operated onTheo de Raadt
is stdin, then we can drop directly to tame "stdio" ok doug
2015-10-05tame "stdio rpath wpath cpath fattr", because this creates new files,Theo de Raadt
fchmod's them, and possibly renames them. ok doug
2015-10-05refactor, so we don't a C function in a .h file, yuck!Theo de Raadt
2015-10-05Fix ip_is_idle_packet() to parse packets properly.YASUOKA Masahiko
diff from Yuuichi Someya
2015-10-05tame "stdio getpw" right at the top; this runs the whole gamut ofTheo de Raadt
getpw/gr type functions allowed in that set. ok doug
2015-10-05tame "stdio rpath" for the entire lifetime. newsyntax() could open a fileTheo de Raadt
very early on, but next() can open one quite late. ok doug
2015-10-05small KNFTheo de Raadt
2015-10-05tame "stdio rpath" early on, but if we discover only stdin is beingTheo de Raadt
operated on switch to tame "stdio". Reformat a very ugly code block without braces to squeeze the tame calls in. ok doug
2015-10-05use the normal -1 check for tame failureTheo de Raadt
2015-10-05use the normal -1 check for tame failureTheo de Raadt
2015-10-05tame "stdio rpath" is enough for the general case, which opens fileTheo de Raadt
after file from argv. If it is discovered to be reading from stdin only, go to tame "stdio" ok doug
2015-10-05Make sure dot is not set after tz - fixes incorrect handling, which allowsJoel Sing
20151005171301+1.09Z to be treated as a valid time. ok beck@
2015-10-05tame "stdio rpath" works here. It may look like the stdin case can avoidTheo de Raadt
opening files, but no... a file could indicate nested import of another file, so rpath is needed. ok doug
2015-10-05col can be locked down with tame "stdio", in case it is fed nasty input,Theo de Raadt
or if it has bugs. The previous commits by schwarze indicate the latter case was very true until recently... ok doug
2015-10-05banner can be restricted to tame "stdio". if this program is put into aTheo de Raadt
foreign-data pipeline, and happens to contain a string handling bug, i do not want it being controlled to open a socket. ok doug
2015-10-05tame "stdio rpath" works for all use cases of pwd(1). In part thisTheo de Raadt
success could be because our getcwd() is backed by a system call, unlike historical practice. Didn't think it through competely, but this could burn someone else later, if they try to port this code to another system. Anyways, good enough for us. all cases tested by doug
2015-10-05Remove disklabel -B support on landisk - superseded by MI installboot.Miod Vallat
2015-10-05No need to create {sd,wd}boot links to xxboot anymore.Miod Vallat
2015-10-05Use MI installboot instead of disklabel -B to put boot blocks on installationMiod Vallat
media.
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 15:47:39 +0000