Age | Commit message (Collapse) | Author |
|
before unveil/pledge.
|
|
setup, take 3.
LARVAL fd still exist, but they are no longer marked with a flag and no
longer reachable via `fd_ofiles[]' or the global linked list. This allows
us to simplifies a lot code grabbing new references to fds.
All of this is now possible because dup2(2) refuses to clone LARVAL fds.
Note that the `fdplock' could now be release in all open(2)-like syscalls,
just like it is done in accept(2).
With inputs from Mathieu Masson, visa@, guenther@ and art@
Previous version ok bluhm@, ok visa@, sthen@
|
|
closing a LARVAL file.
Found the hardway by sthen@.
|
|
From tb@
|
|
ok millert@ sthen@
|
|
Storage defined in assembly code often doesn't define its type and size,
thus the nlist interface can't present it as N_DATA. Instead of fixing
all the assembly by adding .type pseudo ops, work around the problem in
pstat. Let's hope that allowing N_COMM is sufficient. This makes
''pstat -d u cpuid_level'' useful.
Reported by mikeb@, "looks sane" mikeb@ guenther@
|
|
ok mikeb@
|
|
Fixes cases like "pstat -d x ticks" on armv7.
ok jca@, deraadt@
|
|
Add sysctl kern.allowkmem (default 0) which controls the ability to open
/dev/mem or /dev/kmem at securelevel > 0. Over 15 years we converted 99%
of utilities in the tree to operate on sysctl-nodes (either by themselves
or via code hiding in the guts of -lkvm).
pstat -d and -v & procmap are affected and continued use of them will
require kern.allowkmem=1 in /etc/sysctl.conf. acpidump (and it's
buddy sendbug) are affected, but we'll work out a solution soon.
There will be some impact in ports.
ok kettenis guenther
|
|
The filemode(), ttymode() and vnodemode() functions can be split into two
pieces. The *_prep() piece must be hoisted to before pledge and the rest
can run under pledge "stdio rpath vminfo". The magic block that decides
which ones of the *_prep() pieces must be run with which combination of
command line switches is quite impressive.
Patch from Rob Pierce, thanks!
ok deraadt
|
|
leads to entering codepaths that try to work with only partially
initialized kvm structures -- with unsurprising outcomes.
Problem found by Rob Pierce, ok deraadt
|
|
Use uint64_t for the KERN_INTRCNT_CNT sysctl()
ok krw@
|
|
ok bluhm@
|
|
The shed fell over because 15 layers of paint exceeded engineering margins.
|
|
is generated, and mprotect/mmap return ENOTSUP. If the sysctl(8) flag
kern.wxabort is set then a SIGABRT occurs instead, for gdb use or coredump
creation.
W^X violating programs can be permitted on a ffs/nfs filesystem-basis,
using the "wxallowed" mount option. One day far in the future
upstream software developers will understand that W^X violations are a
tremendously risky practice and that style of programming will be
banished outright. Until then, we recommend most users need to use the
wxallowed option on their /usr/local filesystem. At least your other
filesystems don't permit such programs.
ok jca kettenis mlarkin natano
|
|
|
|
|
|
nlist too. Fixes a crash when the -T flag is specified due to
calling kvm_read() with a NULL kvm_t. From Rob Pierce
|
|
|
|
{Free,Net}BSD
- when a socket is closed with fds in its input, defer closing them to
a task to avoid recursing. This eliminates the complicated extra
reference taking which had a 37 line(!) comment explanation
- move flags, counts, and links only needed for this from struct file to
struct unpcb
- document the flow of the mark/sweep collector
much help from claudio@ who made me explain the GC to him until we trusted it
ok claudio@ mpi@ deraadt@
|
|
run this as root.
ok millert, also discussed with guenther
|
|
ok mpi@ tedu@
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
|
|
2. If we can't read a vnode, there's no way LIST_NEXT is going to be
meaningful.
3. set numvnodes before looping in case we return early.
getting better, but still not all fixed
|
|
ok tedu@
|
|
kernel struct vnode defintion, and the only consumer (pstat) still needs
kvm to read much of the required information. no great loss to always use
kvm until there's a better replacement interface.
ok deraadt millert uebayasi
|
|
ok doug
|
|
|
|
|
|
|
|
--
Sync timestamp changes for inodes of special files to disk as late
as possible (when the inode is reclaimed). Temporarily only do
this if option UFS_LAZYMOD configured and softupdates aren't enabled.
UFS_LAZYMOD is intentionally left out of /sys/conf/options.
This is mainly to avoid almost useless disk i/o on battery powered
machines. It's silly to write to disk (on the next sync or when the
inode becomes inactive) just because someone hit a key or something
wrote to the screen or /dev/null.
--
Made lazy syncing of timestamps for special files non-optional.
--
Also, include support in 'pstat -v' to display the IN_LAZYMOD flag.
ok tedu@ millert@
|
|
feedback and ok jmc@
|
|
use TAILQ_*_SAFE more than might be needed.
Bulk ports build by sthen@ showed nobody sticking their fingers
so deep into the kernel.
Feedback and suggestions from millert@. ok jsing@
|
|
|
|
- convert netstat from kvm_getfiles() to kvm_getfile2() using that
- delete kvm_getfiles() and KERN_FILE as no longer used (bump libkvm's major)
- rename kvm_getfile2() to kvm_getfiles(), kinfo_file2 to kinfo_file
and KERN_FILE2 to KERN_FILE.
ok deraadt@, millert@
ports scan sthen@
|
|
suggestions and ok millert@
|
|
O_* flags and eliminating an XXX comment.
ok matthew@ deraadt@
|
|
noted by matthieu@
|
|
functionality is lost, but one can argue that privacy was being violated
there...
ok various, including bluhm and guenther
|
|
|
|
is no direct need for sys/proc.h or sys/resource.h. Some consumers
of kinfo_proc need these for the proc flags and rlimit defines like
RLIM_INF so add the appropriate includes to them.
OK deraadt@ sthen@
|
|
Also, cast to long to make printf formatting portable
with help from matthew; ok deraadt@
|
|
in a fire. Start by removing the definitions, before we clean the
headers later.
|
|
|
|
Make -T behave as documented: only report totals
Only open the kvm files when necessary
prompted by a comment from matthew@
ok and corrections millert@, ok tedu@
|
|
|
|
unmaintainable). these days, people use source. these id's do not provide
any benefit, and do hurt the small install media
(the 33,000 line diff is essentially mechanical)
ok with the idea millert, ok dms
|
|
in 4.4BSD at least).
ok jmc@
|
|
besides it being gnarly its useless since no magic is
done if it is define.
pointed out by deraadt@
|