| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
| |
Block devices are a thing of a past in FreeBSD.
Reviewed by: ziaee
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D53332
|
| |
|
|
| |
(cherry picked from commit 1c8d7bb4cf7a6b19262333b2a9b1dacf3094b938)
|
| |
|
|
|
|
|
|
| |
MFC after: 3 days
Reviewed by: ziaee
Differential Revision: https://reviews.freebsd.org/D53411
(cherry picked from commit cb1315c15acf7d3fae66b2c5631e076776683f96)
|
| |
|
|
|
|
| |
Fix an accidentally committed merge left over.
Fixes: 38a172d3c6b7 ("ffs.3: Add a STANDARDS section to the manual page")
|
| |
|
|
|
|
|
|
|
|
| |
The ffs() function conforms to IEEE Std 1003.1-2008 ("POSIX.1").
The ffsl() and ffsll() functions conform to IEEE Std 1003.1-2024 ("POSIX.1").
Reviewed by: ziaee
Differential Revision: https://reviews.freebsd.org/D53352
(cherry picked from commit f1cb4e9962d715ec85ba26d7019ab83adea1ffb7)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Add 14.2, as this was cherry-picked prior to release.
Reported by: Harald Eilertsen
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D53320
(cherry picked from commit 2387a51af235e4304c63f95465a569c878f49dcd)
(cherry picked from commit 87795ea45407355de4e36388ed6c02ef70b9241a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our versions of these functions (originally taken from BIND) simply
don't work correctly for AF_INET6. These were removed from BIND itself
quite a while ago, but OpenBSD has made several fixes in the mean time,
so import their code.
Add tests for both functions.
PR: 289198
Reported by: Nico Sonack <nsonack@herrhotzenplotz.de>
MFC after: 1 week
Reviewed by: des
Obtained from: OpenBSD (lib/libc/net)
Sponsored by: https://www.patreon.com/bsdivy
Differential Revision: https://reviews.freebsd.org/D52629
(cherry picked from commit 8f4a0d2f7b96099001dbc51e06114df1a0e6d291)
inet_net_test: Compare pointers against nullptr
GCC does not like passing NULL (__null) to std::ostringstream::operator<<
inside of ATF_REQUIRE_EQ:
lib/libc/tests/net/inet_net_test.cc: In member function 'virtual void {anonymous}::atfu_tc_inet_net_ntop_invalid::body() const':
lib/libc/tests/net/inet_net_test.cc:306:9: error: passing NULL to non-pointer argument 1 of 'std::__1::basic_ostream<_CharT, _Traits>& std::__1::basic_ostream<_CharT, _Traits>::operator<<(long int) [with _CharT = char; _Traits = std::__1::char_traits<char>]' [-Werror=conversion-null]
306 | ATF_REQUIRE_EQ(ret, NULL);
| ^~~~~~~~~~~~~~
In file included from /usr/obj/.../amd64.amd64/tmp/usr/include/c++/v1/sstream:317,
from /usr/obj/.../amd64.amd64/tmp/usr/include/atf-c++/macros.hpp:29,
from /usr/obj/.../amd64.amd64/tmp/usr/include/atf-c++.hpp:29,
from lib/libc/tests/net/inet_net_test.cc:33:
/usr/obj/.../amd64.amd64/tmp/usr/include/c++/v1/__ostream/basic_ostream.h:338:81: note: declared here
338 | basic_ostream<_CharT, _Traits>& basic_ostream<_CharT, _Traits>::operator<<(long __n) {
| ~~~~~^~~
...
Fixes: 8f4a0d2f7b96 ("libc: Import OpenBSD's inet_net_{ntop,pton}")
(cherry picked from commit aa358ce3ca8e1fcfb305025fd00beb2a119c7c77)
inet_net_test: Use int to hold expected return values from inet_net_pton
GCC warns about the sign mismatch in comparisons:
lib/libc/tests/net/inet_net_test.cc: In member function 'virtual void {anonymous}::atfu_tc_inet_net_inet4::body() const':
lib/libc/tests/net/inet_net_test.cc:86:17: error: comparison of integer expressions of different signedness: 'int' and 'const unsigned int' [-Werror=sign-compare]
86 | ATF_REQUIRE_EQ(bits, addr.bits);
| ^~~~~~~~~~~~~~
lib/libc/tests/net/inet_net_test.cc: In member function 'virtual void {anonymous}::atfu_tc_inet_net_inet6::body() const':
lib/libc/tests/net/inet_net_test.cc:205:17: error: comparison of integer expressions of different signedness: 'int' and 'const unsigned int' [-Werror=sign-compare]
205 | ATF_REQUIRE_EQ(bits, addr.bits);
| ^~~~~~~~~~~~~~
Fixes: 8f4a0d2f7b96 ("libc: Import OpenBSD's inet_net_{ntop,pton}")
(cherry picked from commit e1aeb58cbbc3839db93ec38ce491b7b9383d5649)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
ISO 8601 allows use of "Z" as the time zone designator. Update the
strptime parser to allow this usage.
While we are at it, update the manpage to reflect that both UTC and Z
are now valid options.
Reviewed by: des
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D53083
(cherry picked from commit 79e57ea662d92ffcbe7d65854a284aefac6a332d)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit a34940a9756a ("timezone: Move to the XSI/POSIX definition for
timezone") was not merged to stable/14. The MFC of 29810aa6ae70
("libc: Move tzset.3 to stdtime") didn't take this into account and
ended up installing two different versions of timezone.3 over top of
each other.
This is a direcct commit to stable/14 as the issue is not present in
main. If a34940a9756a gets merged in the future the reverted part of
29810aa6ae70 will need to be reapplied.
Fixes: 29810aa6ae70 ("libc: Move tzset.3 to stdtime")
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
We've been mostly POSIX-conforming since r236400 and fully since r240410,
which fixed a corner case where a missing non-leaf directory would be
reported as ENOTDIR instead of ENOENT.
Sponsored by: Klara, Inc.
Fixes: 7877ed7ce33e ("Avoid mapping ENOENT to ENOTDIR for non-existent path components.")
Reviewed by: ziaee, markj
Differential Revision: https://reviews.freebsd.org/D53027
(cherry picked from commit 7c66667d45e95af59f59e41ef169119a974a6be1)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If lstat() fails with EACCES or ENOTDIR, the path we need to return in
the caller-provided buffer is that of the parent directory (which is
either unreadable or not a directory; the latter can only happen in the
case of a race) rather than that of the child we attempted to stat.
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D53025
(cherry picked from commit 1406de21e176d8700240ac9e473df007cd41eec1)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Passing NULL should result in EINVAL
* Passing an empty path should result in ENOENT
* Failure with a non-null buffer should leave a partial result. As
pointed out in a comment in the test case, this reveals a discrepancy
between the documentation and reality.
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D53024
(cherry picked from commit f3386dfeb429faaa30a915a4a422a25e07c8bf39)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current phrasing could be interpreted as meaning that initgroups(3)
could return ENOMEM instead of -1, which it actually did until I fixed
it in commit 0b018cfd81d8 ("initgroups(3): Fix return value on
allocation failure").
While here, mention setgroups(2) as a system call rather than a library
function.
MFC with: 0b018cfd81d8 ("initgroups(3): Fix return value on allocation failure")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit c36a44e1cdab1c67a98132676818f473cc4e5c03)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Emphasize the peculiar treatment of 'ngroups', through which the
effective group list's size is returned, even if the passed allocated
size is not big enough, in which case the output 'groups' array is
completely filled with the effective group list's first elements.
Use the precise POSIX term for the group associated to the user in the
password database ("initial numerical group ID"), consistently with what
was done in initgroups.3.
Use "length" instead of "size" to refer to the number of elements of an
array (in contrast with its actual size in bytes).
Perform some minor simplifications on top of the last rework.
MFC after: 1 hour
Sponsored by: The FreeBSD Foundation
(cherry picked from commit f5544556754ec6b33c1d13c7648a354fef645b2f)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clarify and be more precise about the behavior of getgroups(2), in
particular with respect to 'gidsetlen'.
Prefer a terminology close to POSIX terms, i.e., use "effective groups"
instead of "group access list".
Say that getgroups(2) reports the supplementary groups in strictly
ascending order (and mention this has been the case since FreeBSD 14.3).
Add a new SECURITY CONSIDERATIONS section, in particular contrasting
FreeBSD 15's behavior with the current one.
While here, fix some style.
Reviewed by: gbe (older version)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52286
(cherry picked from commit 4be38acc826f260e4c7d3ebbb9de534db449782e)
As indicated in the original commit message, the manual page was
specifically modified as stable/14's getgroups(2) still has the old
behavior.
The original commit message above was reworked to reflect the actual
commit content.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a new SECURITY CONSIDERATIONS section contrasting the current
behavior with the new one in force starting from FreeBSD 15.
Prefer a terminology referring to POSIX terms, i.e., use "effective
group list" instead of "group access list".
While here, fix some style.
Fixes: 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to match other platforms")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52284
(cherry picked from commit 6d22cd6b5f8b5604f1fe9e70930b1506f990e31e)
As indicated in the original commit message, the manual page was
specifically modified as stable/14's setgroups(2) still
has the old behavior.
The original commit message above was reworked to reflect the actual
commit content.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bring up to date with NSS by substituting "file" with "database".
Describe more precisely which database is accessed, i.e., only the group
database, which value should be used and where it lands in the result.
Prefer a terminology referring to POSIX terms, i.e., use "effective
group list" instead of "group access list".
Reviewed by: gbe
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52283
(cherry picked from commit 9294eb44eecb71f573f29ff84ce1bd3aa93c077c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the manual page with the upcoming change in behavior in FreeBSD
15. Add a "SECURITY CONSIDERATIONS" section that mentions some property
of the current behavior, and refer to the same manual page in 15 for
more details.
While here, revamp the manual page, in particular to use the exact POSIX
terminology where possible.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52282
(cherry picked from commit 9dc1ac8691966480ff8bd9c37dd405b981b41dd5)
As indicated in the original commit message, only the manual page was
MFCed and then specifically modified as stable/14's setgroups(2) still
has the old behavior.
The original commit message above was reworked to reflect the actual
commit content.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We must not return ENOMEM, but rather -1 with 'errno' set to ENOMEM, as
described in the manual page and as other implementations are doing.
A malloc() failure actually already sets ENOMEM for us. Add comments
indicating which function set 'errno' each time we return.
While here, improve style and remove useless headers.
Reviewed by: kib, emaste
Fixes: 54404cfb13d4 ("In preparation for raising NGROUPS and NGROUPS_MAX, ...")
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52580
(cherry picked from commit 0b018cfd81d8fdd64af3fe94c6989a82c0d3afa9)
|
| |
|
|
|
|
|
|
|
| |
No functional change (intended).
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 580d2d429598e6eb3549f9ea7490d10e19904f7c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The manual page does not directly mention this reason for getting EPERM,
instead referring the reader to chroot(2). We have had some questions
about it recently, in part due to a bug (fixed), and this case is not an
obvious permission/problem, so let's be more explicit.
PR: 280809
Reviewed by: jamie
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52319
(cherry picked from commit ef2f36be8fce8cf7a62ce7d33ab1c4a181fac3e2)
|
| |
|
|
|
|
|
|
| |
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D52924
(cherry picked from commit 31db1582c883cbdd151ffacb22829027f23ead40)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC after: 3 days
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D52828
(cherry picked from commit 64f8416afd4cd042b34e3e975f84fb3493397828)
fts: Further improve the manual page
* Add subsections for the three functions that didn't already have one.
* Add a RETURN VALUES section.
* Improve the grammar somewhat.
* Clarify that fts_read() will not set errno to 0 if called again after
having already returned NULL.
Sponsored by: Klara, Inc.
Reviewed by: bcr, markj
Differential Revision: https://reviews.freebsd.org/D52925
(cherry picked from commit a802334d86c7173ddd7776a20065bd5682f25f67)
|
| |
|
|
|
|
|
|
| |
While here, fix manlint warnings and a typo in tzset(3).
MFC after: 3 days
(cherry picked from commit be8830612314d9afb64b5c040db689de44eb4b85)
|
| |
|
|
|
|
|
|
|
|
| |
This really belongs in stddime, since it documents interfaces
implemented in stdtime.
Suggested by: brooks
Sponsored by: Netflix
(cherry picked from commit 7a0a6b276cfd7e072346842fe4746d08ee30e617)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The ones that were effectively unchanged from
d97e44784bb5a^..e24279e0f9e did not have `.Dd` bumped. Only
the ones that had a net content change between those
revisions.
MFC after: 2 weeks
MFC with: d97e44784bb5a e24279e0f9e
(cherry picked from commit 1b37af092211f9947d9f089f452232b791b9eafc)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
aio(4) is a hard requirement in the kernel as of f3215338ef82. The
scenario that the patch was submitted for is no longer possible.
This isn't a straight up revert since the previous change also addressed
some minor issues.
PR: 190942
Reported by: asomers
MFC after: 2 weeks
MFC with: d97e44784bb5
Fixes: d97e44784bb5 ("aio_*(2): mention ENOSYS under ERRORS")
Differential Revision: https://reviews.freebsd.org/D49541
(cherry picked from commit e24279e0f9e28ba0c1920cb539fc357568790c0a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ENOSYS can occur if aio(4) is not loaded in the kernel. Document this
behavior so consumers on FreeBSD can better understand that this is a
possible scenario.
Clean up the manpages slightly while here:
- Sort `ERRORS` by errno(3).
- Use `.Fx` instead of `FreeBSD`.
MFC after: 2 weeks
Reviewed by: ziaee
PR: 190942
Differential Revision: https://reviews.freebsd.org/D49502
(cherry picked from commit d97e44784bb5a510b7af7593c86cfbcff73855c4)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need <unistd.h> to get our prototype normally, but WARNS in libc is
way too low to surface that.
Additionally, _FORTIFY_SOURCE needs to include <ssp/unistd.h> by way of
<unistd.h> to actually export an implementation of getgrouplist(3). The
version defined in the .c gets named __ssp_real_getgrouplist() and the
actual implementation comes from the redirect stub in <ssp/unistd.h>,
which basically gets optimized away in the built object because our
__builtin_object_size() check is trivially false when we cannot resolve
any object sizes in this translation unit.
This could be argued as a design flaw in _FORTIFY_SOURCE, but we should
grab <unistd.h> for our prototype anyways so let's kick the can down
the road instead of re-thinking it for 15.0.
Reported by: Shawn Webb (HardenedBSD)
Fixes: d3f8ed6066 ("getgrouplist(3): Remove superfluous [...]")
MFC after: 3 days
(cherry picked from commit 91ea7e2ce2b5b2ff4702c3092cfe944862d58172)
This is (partly) MFCed just for the sake of re-introducing the
<unistd.h> include to have a prototype. There is no _FORTIFY_SOURCE
support for getgrouplist(3) in 14.
|
| |
|
|
|
|
|
|
|
|
| |
No functional change (intended).
Fixes: a59d6a872459 ("Implementing 'fallback' nsswitch source.")
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
(cherry picked from commit d3f8ed6066fdea329ed695925fc726e84d50abc3)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This ensures O(1) behaviour if the character is a constant offset
from the end of the string, regardless of how long the string is.
Reported by: Mikael Simonsson <m@mikaelsimonsson.com>
Reviewed by: benni
PR: 288321
MFC after: 1 month
(cherry picked from commit 4b15965daa99044daf184221b7c283bf7f2d7e66)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
A very simple implementation as I don't have the patience right now
to write a full SWAR kernel. Should still do the trick if you wish
to opt out of SSE for some reason.
Reported by: Mikael Simonsson <m@mikaelsimonsson.com>
Reviewed by: strajabot
PR: 288321
MFC after: 1 month
(cherry picked from commit 30acc84270266e41f66cf572f67c3290d923da2f)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Include errors common to chroot and fchroot in a single list, followed
by errors unique to each.
Unprivileged chroot is permitted if the security.bsd.unprivileged_chroot
sysctl is set to 1. Make note of this and update the EPERM description.
Reported by: kevans
Reviewed by: kevans, kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51703
(cherry picked from commit 95f8c3e1ed0c3075411444381a5a4baef4ed8fda)
|
| |
|
|
|
|
|
|
|
|
| |
For some reason return value of the __je_bootstrap_malloc()
is not checked and then de-referenced few lines below, causing
a SEGV if an early allocation fails.
MFC after: 1 month
(cherry picked from commit 1e99be5dcda222d47a77715e190a381a14f46ece)
|
| |
|
|
|
|
|
|
|
|
| |
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: NetApp, Inc.
Reviewed by: bcr
Differential Revision: https://reviews.freebsd.org/D51946
(cherry picked from commit 4eaa7f66620c33957ff9a929820cb791f7fe5578)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As pointed out in the PR and the article linked below, the switch to
insertion sort in the BSD qsort code is based on a misunderstanding of
Knuth's TAOCP and is actually a pessimization. As demonstrated by the
added test, it is trivially easy to construct pathological input which
results in quadratic runtime. Without that misguided optimization, the
same input runs in nearly linearithmic time.
https://www.raygard.net/2022/02/26/Re-engineering-a-qsort-part-3
PR: 287089
MFC after: 1 week
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D51907
(cherry picked from commit 5205b32de3fb7702e96b3991f5b1a61eee406d8b)
|
| |
|
|
|
|
| |
PR: 288931
(cherry picked from commit f892e509c1a07f7116b9788a05e4ae99a06d54d0)
|
| |
|
|
| |
(cherry picked from commit bd4dd5d951ea022b478c455c3eabb2a1b8cc4936)
|
| |
|
|
| |
(cherry picked from commit 47d1788c2e984f99521fd5b31194f96d94bf8a6b)
|
| |
|
|
| |
(cherry picked from commit 632f7051709da98d4c9e59f11404f00d456b592c)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
With the recent inclusion of the FD_CLOFORK and FD_RESOLVE_BENEATH flags,
we must avoid clearing them when setting only FD_CLOEXEC.
Signed-off-by: Ricardo Branco <rbranco@suse.de>
Reviewed by: kib, markj
MFC after: 1 month
Pull Request: https://github.com/freebsd/freebsd-src/pull/1766
(cherry picked from commit 8768b60de16a3d72a8783ec1241a711a782a36a9)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It seems to be a good place to help the user discover those useful
wrappers.
Reviewed by: christos
MFC after: 3 days
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D51654
(cherry picked from commit 04c8bba8c8672d186837e353d4f2335a26f0c3c1)
|
| |
|
|
|
|
| |
- s/aguments/arguments/
(cherry picked from commit 333b0490e3132bf8f1a0d974d8b2597caf765970)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If we encounter a zero in the havezero state, we should assume octal,
just like we would if we encountered any other digit below 8.
MFC after: 1 week
PR: 288440
Fixes: d9dc1603d6e4 ("libc: Implement N2630.")
Reviewed by: mandree
Differential Revision: https://reviews.freebsd.org/D51832
(cherry picked from commit 602e98dd35ea5041b800fb56a2b1ac34f6649310)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If the calling process has used SIG_IGN as handler or set the
SA_NOCLDWAIT flag for SIGCHLD, processes will be automatically reaped on
exit and calls to waitpid(3) will therefore fail with ECHILD.
We waitpid primarily to reap our child so that the caller does not have
to worry about it. ECHILD indicates that there is no child to reap, so
we can just treat that as a success and move on.
Signed-off-by: Kenny Levinsen <kl@kl.wtf>
Tested by: Jan Beich
Pull Request: https://github.com/freebsd/freebsd-src/pull/1675
(cherry picked from commit da9e73e5d483c47e67b3094356dd4b640749849e)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The return value is not required to be the difference between the
differing bytes, only less than zero, zero, or greater than zero.
Reviewed by: fuz
Event: Kitchener-Waterloo Hackathon 202406
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47683
(cherry picked from commit 5cc53d79655bf7f67b1a794c088d896aa6475c2e)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The O_RESOLVE_BENEATH openat(2) flag restricts name lookups such that
they remain under the directory referenced by the dirfd. This commit
introduces an implicit version of the flag, FD_RESOLVE_BENEATH, stored
in the file descriptor entry. When the flag is set, any lookup relative
to that fd automatically has O_RESOLVE_BENEATH semantics. Furthermore,
the flag is sticky, meaning that it cannot be cleared, and it is copied
by dup() and openat().
File descriptors with FD_RESOLVE_BENEATH set may not be passed to
fchdir(2) or fchroot(2). Various fd lookup routines are modified to
return fd flags to the caller.
This flag will be used to address a case where jails with different root
directories and the ability to pass SCM_RIGHTS messages across the jail
boundary can transfer directory fds in such as way as to allow a
filesystem escape.
PR: 262180
Reviewed by: kib
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D50371
(cherry picked from commit f35525ff2053e026a423e852136d73ed93c95803)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Add select(2), poll(2), or kqueue(2) source socket semantics and close
behavior.
Reported by: Udip Pant <upant@netflix.com>
Reviewed by: manpages (ziaee), markj
Obtained from: OpenBSD
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D51547
(cherry picked from commit 122b2a3530f8baab56d196b51724cc3ddd38abd2)
|
| |
|
|
|
|
|
|
|
| |
Reviewed by: gallatin, markj
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D47720
Co-authored-by: Mark Johnston <markj@FreeBSD.org>
(cherry picked from commit c1e304c60c46a26af57f9638c53417dd6cffa9fe)
|
| |
|
|
| |
(cherry picked from commit 441995e161a2564d37947d054a2f1219754deb5f)
|
