| Age | Commit message (Collapse) | Author |
|---|
|
|
|
this attribute. The kernel does so for main-process stacks at execve() time,
pthread stack functions do so for new stacks, and stacks provided to
sigaltstack() and other user-provided stacks will need to be allocated
in that way.
Not required yet, but paving the way.
Work done with stefan
|
|
|
|
strings.
this was part of a demo showing how to implement the kernel side of
sysctl(3) for setting Semantically Opaque Interface Identifier key
material (for RFC 7217), but it seems to be the most straightforward
path toward integrating soiikey handling and rc.
Originally written by dlg, who commited it some time ago on my request.
I then backed it out again, now it's time to put it back in.
ok florian@ sthen@ naddy@ tb@
Man page bits tweaked & OK jmc
|
|
|
|
and that the result is always properly set when the functions returns.
fix issues spotted by claudio@.
ok claudio@
|
|
|
|
|
|
- Start with a full page of struct region_info's
- Save an mprotect in the init code: allocate 3 pages with none and
make the middle page r/w instead of a r/w allocation and two calls to make the
guard pages none
|
|
junked
- freezero(): only clear requested size
|
|
|
|
since ARMv5. Should be much faster but more importantly it removes the
data table from .text which could introduce unwanted ROP gadgets.
Based on changes in Android/Bionic by Elliott Hughes.
ok patrick@
|
|
compiled with clang.
ok visa@
|
|
The error was:
--8<--
ffs.S:57:2: error: unsupported relocation on symbol
adrne r2, .L_ffs_table
^
-->8--
Minimal workaround suggested by deraadt@, ok guenther@ kettenis@
|
|
|
|
came also up with this diff. Simple, no bias and benchmarks show the extra
random calls disappear in te measurement noise.
|
|
|
|
but at that time ffs function calls were generated instead of the
compiler inlining the code. Now that ffs is marked protected in
libc this is handled better. Thanks to kshe who prompted me to
look at this again.
|
|
dance, mark it protected. This works better for both gcc and clang: gcc
blocks overriding of internal calls, while clang permits inlining again.
ok otto@
|
|
bump.
"just go ahead -- crank" deraadt@
|
|
|
|
listeners of device state changes.
currently only supports NOTE_CHANGE that will be used by drm(4)
ok kettenis@
|
|
|
|
|
|
so that <machine/signal.h> is not needed in setjmp.S.
Suggested by kettenis@ long ago, OK deraadt@
|
|
|
|
Reminded by jmc@
|
|
ok jca@
|
|
|
|
|
|
some cleanup; tested by sthen@ on a ports build
|
|
in libc.
ok patrick@, jsg@, guenther@
|
|
relevant. from Mark Karpilovskij.
ok millert
|
|
cleanups. From Jan Kokemueller. OK deraadt@
|
|
|
|
and put it to use in userspace in lieu of the kern.boottime
sysctl.
Its absolute value is the time that has elapsed since the
system booted, i.e., the system uptime.
Use in top(1), w(1), and snmpd(8) eliminates a race with
settimeofday(2), adjtime(2), etc. inherent to deriving the
system uptime via the kern.boottime sysctl.
Product of a great deal of discussion/revision with jca@, tb@,
and guenther@.
ok tb@ jca@ guenther@ dlg@ mlarkin@ tom@
|
|
(w/ _dlctl reference) into static executables. It's all Mark's code so
put his preferred copyright on it.
ok kettenis@
|
|
Slightly tweaked diff from guenther@
|
|
ok millert@
|
|
From Scott Cheloha, ok deraadt@ tb@
|
|
patch from Jan Stary <hans at stare dot cz>;
"I think it makes sense to speak about errno as a variable (.Va)" jca@.
|
|
|
|
pledge for a new execve image immediately upon start. Also introduces
"error" which makes violations return -1 ENOSYS instead of killing the
program ("error" may not be handed to a setuid/setgid program, which
may be missing/ignoring syscall return values and would continue with
inconsistant state)
Discussion with many
florian has used this to improve the strictness of a daemon
|
|
failure. This change brings fwscanf(3) back in line with fscanf(3).
From FreeBSD; ok deraadt@, millert@
|
|
_libc___cxa_thread_atexit_impl reference on gcc architectures that breaks
the build.
|
|
interface is also made available as __cxa_thread_atexit_impl to satisfy the
needs of GNU libstdc++.
ok guenther@, millert@
|
|
correctly take into account the segment p_align. Previously, anything
with a size belong the natural alignment or with alignment larger than
the natural one would either not be intialized correctly, be misaligned,
or result in the TIB being misaligned.
Problems reported by Charles Collicutt (charles (at) collicutt.co.uk)
ok kettenis@
|
|
string-handling <stdio.h> functions, like we already do it for <string.h>.
Includes a smaller patch from <kshe59 at zoho dot eu>, OK jmc@.
|
|
while here, consistently use .Fo to cure execessive line lengths
|
|
to builtins like mem{set,cpy,move} and __stack_smash_handler. So, when
building with clang, instead mark those as protected visibility to get rid
of the PLT relocations. We can't take the address of them then, but that's
ok: it's a build-time error not a run-time error.
ok kettenis@
|
