Age | Commit message (Collapse) | Author |
|
to unveil. Unfortunately the auth subsystem uses _PATH_AUTHPROG =
"/usr/libexec/auth/login_", which it auth-program is appended to -- a
rather gross idea which now shows lack of wisdom.
|
|
This brings unveil into the tree, disabled by default - Currently
this will return EPERM on all attempts to use it until we are
fully certain it is ready for people to start using, but this
now allows for others to do more tweaking and experimentation.
Still needs to send the unveil's across forks and execs before
fully enabling.
Many thanks to robert@ and deraadt@ for extensive testing.
ok deraadt@
|
|
4.2 BSD takes a signal mask as argument while POSIX sigpause(int
sig) expects a single signal. Do not expose our traditional BSD
sigpause(3) to XPG/POSIX sources.
OK guenther@
|
|
From Raf Czlonka, ok sthen@
|
|
extensions and modern compilers (such as clang) will use them to optimize
separate calculations of sine and cosine.
ok tom@, patrick@, deraadt@, jmc@
|
|
needs (looking at you sgi, but others required this before). This is for
the circumstances we need pagesize known at compile time, not getpagesize()
runtime. Use it for malloc storage sizes, for shm, and to set pthread stack
default sizes. The stack sizes were a mess, and pushing them towards
page-aligned is healthy move (which will also be needed by the coming
stack register checker)
ok guenther kettenis, discussion with stefan
|
|
pledge for a new execve image immediately upon start. Also introduces
"error" which makes violations return -1 ENOSYS instead of killing the
program ("error" may not be handed to a setuid/setgid program, which
may be missing/ignoring syscall return values and would continue with
inconsistant state)
Discussion with many
florian has used this to improve the strictness of a daemon
|
|
now misalign things.
ok guenther@
|
|
__cxa_thread_atexit() implementation.
ok guenther@
|
|
While it is not clear (to me) why that ports ends up with corrupted
shared libs, reverting those changes fixes the issue and should allow us
to close p2k17 more smoothly.
Discussed with a bunch, ok ajacoutot@ guenther@
|
|
on the stack instead of mallocing the list and move the APIs from libpthread
to libc so that they can be used inside libc.
Note: the standard was explicitly written to permit/support this
"macro with unmatched brace" style and it's what basically everyone
else already does. We xor the info with random cookies with a
random magic to detect/trip-up overwrites.
Major bump to both libc and libpthread due to the API move.
ok mpi@
|
|
For the moment it only includes <sys/exec_elf.h> but the goal is to
stop pulling it directly and also replace <elf_abi.h> at least for
base applications.
ok deraadt@, jasper@, naddy@
|
|
implementation is now spread between libc and librthread. No changes
to the content
ok mpi@
|
|
combine the two find(1) invocations into one.
From Klemens Nanni; ok tb@
|
|
phessler@ reported that this oversight broke an armv7 bulk build;
OK guenther@
|
|
Complete in the sense that all POSIX *locale(3) and *_l(3) functions
are included, but in OpenBSD, we of course only really care about
LC_CTYPE and we only support ASCII and UTF-8.
With important help from kettenis@, guenther@, and jca@.
Repeated testing in ports bulk builds by naddy@.
Additional testing by jca@, sebastia@, dcoppa@, and others.
OK kettenis@ dcoppa@, and guenther@ on an earlier version.
Riding guenther@'s libc/librthread major bump.
|
|
|
|
|
|
ok millert@
|
|
|
|
This gives fast access to the address on systems that implement
the UserLocal register. TCB caching is still used when running
in the single-threaded mode in order not to penalize old systems.
The kernel counterpart of this change must be in place before
using this diff!
With guenther@
|
|
doesn't actually flip the switch yet, so aarch64 continues to be the only
architecture for which we build clang.
ok jsg@, deraadt@
|
|
no longer has access to the content of a memmory object. It does
this by either clearing (if the object memory remains cached) or
by calling munmap(2). ok millert@, deraadt@, guenther@
|
|
ok millert@ deraadt@ kettenis@
|
|
with the types.
OK jca@
|
|
with the added feature that released memory is cleared. Much input from various
developers. ok deraadt@ tom@
|
|
<arpa/inet.h> needs to provide uint16_t and uint32_t.
ok millert@ krw@ naddy@
|
|
<netinet/in.h> and <arpa/inet.h>
ok and ports test naddy@ (thanks!)
ok krw@ beck@ millert@
|
|
ok patrick@
|
|
ok millert@
|
|
Proposed some time ago by tedu@, builk build by ajacoutot@
|
|
flag to chown to change the symlinks themselves instead of their targets.
Also change permissions of all symlinks, so they don't depend on the umask
during make build.
ok millert
|
|
and add prereq targets, so some header files are generated by BUILDUSER
during 'make prereq' instead of by root during 'make includes'.
Switch the order of 'make cleandir' and 'make includes' during 'make build'
so we don't generate many files twice.
Except for some machine@ symlinks from ${MACHINE}/stand, /usr/obj is now
clean from files generated by root during 'make build'. Those will be
cleaned up in a second step.
help, testing & ok deraadt, input from natano, further testing rpe
|
|
|
|
OK guenther@
|
|
ok guenther@
|
|
ok deraadt@ millert@
|
|
to a local equivalent to eliminate a dependency on <sys/time.h> being
included
ok deraadt@ millert@
|
|
update the NULL definition for C++11. OK deraadt@ guenther@ kettenis@
|
|
|
|
|
|
|
|
ok deraadt@
|
|
a rant Theo wrote 24 years ago. Mark __ypexclude_{add,is,free}() as hidden
"get off my lawn!" deraadt@
|
|
longjmp performs can't really be relied upon, even after we got rid of the
false positives...
ok millert@ deraadt@
|
|
ok millert@ deraadt@
|
|
|
|
|
|
This stores errno, the cancelation flags, and related bits for each thread
and is allocated by ld.so or libc.a. This is an ABI break from 5.9-stable!
Make libpthread dlopen'able by moving the cancelation wrappers into libc
and doing locking and fork/errno handling via callbacks that libpthread
registers when it first initializes. 'errno' *must* be declared via
<errno.h> now!
Clean up libpthread's symbol exports like libc.
On powerpc, offset the TIB/TCB/TLS data from the register per the ELF spec.
Testing by various, particularly sthen@ and patrick@
ok kettenis@
|
|
that will be needed and make libpthread work when ld.so/libc.a provide an
initial TIB.
|