| Age | Commit message (Collapse) | Author |
|---|
|
eagleoflqj via OpenSSH github PR#178, ok djm@, feedback & ok millert@
|
|
|
|
based on code from musl and now similar to our strstr().
OK tb@ millert@
|
|
optimizes one statement in two-way string compare.
OK tb@ millert@
|
|
ok deraadt@
|
|
OK schwarze@
|
|
problems as 64-bit models. To resolve the syscall speculation, as a first
step "nop; nop" was added after all occurances of the syscall ("swi 0")
instruction. Then the kernel was changed to jump over the 2 extra instructions.
In this final step, those pair of nops are converted into the speculation-blocking
sequence ("dsb nsh; isb").
Don't try to build through these multiple steps, use a snapshot instead.
Packages matching the new ABI will be out in a while...
ok kettenis
|
|
spotted at https://fossies.org/linux/misc/openssh-8.2p1.tar.gz/codespell.html
|
|
problems as 64-bit models. For the syscall instruction issue, add nop;nop
after swi 0, in preparation for jumping over a speculation barrier here later.
ok kettenis
|
|
|
|
a syscall, replace the double nop with a dsb nsh; isb; sequence which
stops the CPU from speculating any further. This fix was suggested
by Anthony Steinhauser.
ok deraadt@
|
|
in many underlying subsystems and device drivers. guenther@ pointed
out this applies to system calls taking a file descriptor as an
argument. deraadt@ warned against attempting to be excessively
precise and against spreading fear, uncertainty, and doubt.
So apply a minimal patch that merely avoids the misleading wording
"will succeed unless", given that the lists aren't really exhaustive,
and simply uses a more usual wording.
Unfortunate wording reported by <David dot Raymond at nmt dot edu>.
|
|
This was replaced by a getlogin() system call which Ingo discovered we
incorrectly list as being 4.2BSD when it was introduced in 4.3BSD Reno.
ok schwarze@
|
|
Starting from "Combined Table of Contents" in Doug McIlroy's
"A Research UNIX Reader" a table of which edition manuals appeared in.
Checked against manuals from bitsavers/TUHS and source from TUHS where
available.
Ingo points out there are cases where something is included but not
documented until a later release.
bcd(6) v6 v7
printf(3) v2 v4
abort(3) v5 v6
system(3) v6 v7
fmod(3) v5 v6
ok schwarze@
|
|
without atomics, a smaller list.
ok mpi@ visa@
|
|
direction suggested by Laurence Tratt <laurie at tratt dot net>,
part of the wording from deraadt@.
While here, add the missing STANDARDS section, correct HISTORY,
drop redundant verbiage from RETURN VALUES, and garbage collect .Tn.
OK sthen@ jmc@ millert@ and Laurence Tratt,
and deraadt@ likes one line of the patch in particular.
|
|
|
|
The will be replaced by a speculation barrier as soon as we teach the
kernel to skip over these two instructions when returning from a
system call.
ok patrick@, deraadt@
|
|
sysctl.2 bits from benno@
|
|
ok tedu
|
|
at the first non-option argument.
I had to read source code to figure it out.
|
|
SunOS 4.0 based on text from the following papers.
"Two 4.2BSD system calls, madvise and mincore, remain unspecified,
madvise is intended to provide information to the system to influence
its management policies. Since a major rework of such policies was
deferred to a future release, we decided to defer full specification
and implementation of madvise until that time."
R. Gingell, J. Moran, W. Shannon
"Virtual Memory Architecture in SunOS"
Proceedings of USENIX Summer Conference, June 1987
AUUGN Volume 8 Number 5, October 1987
"Memory management related system calls based on the original 4.2BSD
specification that were implemented include mmap, munmap, mprotect,
madvise, and mincore."
J. Moran
"SunOS Virtual Memory Implementation"
Proceedings of the Spring 1988 European UNIX Users Group Conference,
April 1988
AUUGN Volume 9 Number 3, June 1988
and a reference in
"Global Index", Part Number: 800-1758-10, Revision A, of 9 May 1988
bitsavers pdf/sun/sunos/4.0/800-1758-10A_Global_Index_198805.pdf
discussed with an ok schwarze@
|
|
non-optional arguments to stop getopt(3) processing.
ok deraadt@
|
|
mmap(), munman(), madvise() and mprotect() are described as planned for
later releases.
A fully functional mmap(2) supporting shared libraries first appeared in
SunOS 4.0 along with msync(2). SunOS 4.1 added madvise(3) and replaced
msync(2) with mctl(2) which was was used to implement msync(3), mlock(3)
and munlock(3).
While some of these functions appear as empty or ifdef'd functions in
4.1cBSD and later it was not until the Mach VM was integrated with Net/2
that most of them were implemented. Though the CSRG releases never
supported shared libraries or madvise(). mlock()/munlock() were not in
Net/2 as they were added by hibler in 1993, but were in 4.4BSD.
madvise(2) was implemented for UVM in NetBSD 1.5 and ported to
OpenBSD 2.7.
For now instead of trying to accurately describe when interfaces
first appeared in other systems correct when they were first available
in CSRG or OpenBSD releases, retaining the text in mmap(2) discussing
SunOS 4.0.
madvise(2) 4.4BSD -> OpenBSD 2.7
mmap2(2) 4.4BSD -> 4.3BSD Net/2
mprotect(2) 4.4BSD -> 4.3BSD Net/2
msync(2) 4.4BSD -> 4.3BSD Net/2
munmap(2) 4.1cBSD -> 4.3BSD Net/2
|
|
From j@bitminer.ca with input from Andras Farkas, deraadt, joerg@netbsd
"fix however you feel best!" jmc
|
|
compiled with pie or profiling enabled. This was missed when the
independent depend target was removed. Align this target with the
inference rules in bsd.lib.mk. This now creates mcount.d as it should
and fixes 'make clean' which previously left mcount.po.d behind.
ok guenther
|
|
behavior.
noticed by hshoexer@; OK beck@
|
|
OK jca@
|
|
|
|
A fully functional mmap() system call first appeared in SunOS 4.0 and
has been available since 4.4BSD.
wording from and ok schwarze@ input from deraadt@
|
|
|
|
where such packet is bound to. This check is enforced if and only
IP forwarding is disabled.
Change discussed with bluhm@, claudio@, deraadt@, markus@, tobhe@
OK bluhm@, claudio@, tobhe@
|
|
|
|
Potential for misunderstanding noticed by Chris Rawnsley <chris at
puny dot agency>, wording proposed by deraadt@, patch sent by Chris
Rawnsley, OK deraadt@.
|
|
- minor tweaks while here
|
|
OK florian jmc
|
|
|
|
Repair from Martin @ academicsolutions.ch
|
|
validation. Repair work mostly by markus and millert, first of all
solving the primary problem, then adding some additional validation
points. And then futher validation in login and su.
This will be 6.5/021_libcauth.patch.sig and 6.6/010_libcauth.patch.sig
Reported by Qualys
|
|
validation. Repair work mostly by markus and millert, first of all
solving the primary problem, then adding some additional validation
points. And then futher validation in login and su.
This will be 6.5/021_libcauth.patch.sig and 6.6/010_libcauth.patch.sig
Reported by Qualys
|
|
ok guenther@ and deraadt
|
|
ok millert@ deraadt@
|
|
and drop NetBSD RCS tag apparently left over from copy & paste
|
|
where libc.so's text segment is, thereby allowing invocation of system
calls from that region. An upcoming change will kill the process if a
system call is invoked from addresses not explicitly permitted.
ok guenther kettenis mortimer
|
|
like mem{set,cpy,move} or __stack_smash_handler using asm() renaming. So
treat gcc3 like clang and mark such functions as protected instead.
ok ayoma@
|
|
link it with -znow
ok kettenis@ deraadt@ jca@
|
|
as well as those in arch/arm/gen/divsi3.S. This cleans up the PLTs on the
32bit archs.
luna88k testing by aoyama@
"looks good" kettenis@, testing and ok deraadt@
|
|
|
|
|
|
PLT entries and prevent overriding
ok kettenis@ deraadt@
|
