1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-20 11:11:24 +00:00
Commit Graph

182194 Commits

Author SHA1 Message Date
David E. O'Brien
6d85e39be1 Merge r252513 from src/gnu/usr.bin/patch into src/usr.bin/patch:
Properly handle input lines containing NUL characters such that pgets()
accurately fills the read buffer.

Callers of pgets() still mis-process the buffer contents if the read line
contains NUL characters, but this at least makes pgets() accurate.
2013-07-03 22:46:30 +00:00
David E. O'Brien
0571fd57a1 Merge r252512 from src/gnu/usr.bin/patch into src/usr.bin/patch:
Make it so that 'patch < FUBAR' and 'patch -i FUBAR' operate the same.

The former makes a copy of stdin, but was not accurately putting the
content of stdin into a temp file.  This lead to the undercounting
the number of lines in hunks containing NUL characters when reading
from stdin.  Thus resulting in "unexpected end of file in patch" errors.
2013-07-03 22:44:26 +00:00
Pawel Jakub Dawidek
8da93e6861 MFp4 @229488:
Sandbox unprivileged process using capability mode.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:23:25 +00:00
Pawel Jakub Dawidek
a6f38228d4 MFp4 @229487:
Revoke all capability rights from STDIN and allow only for write to STDOUT and
STDERR. All those descriptors are redirected to /dev/null.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:22:29 +00:00
Pawel Jakub Dawidek
4c7a48b7a9 MFp4 @229486:
Once PID is written to the pidfile, revoke all capability rights.
We just want to keep the pidfile open.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:21:11 +00:00
Pawel Jakub Dawidek
fe5c716394 MFp4 @229485:
Only allow to overwrite lease file.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:19:43 +00:00
Pawel Jakub Dawidek
f73ac8b9de MFp4 @229484:
Limit routing socket so only poll(2) and read(2) are allowed (CAP_POLL_EVENT
and CAP_READ). This prevents unprivileged process from adding, removing or
modifying system routes.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:18:40 +00:00
Pawel Jakub Dawidek
de2c882f5c MFp4 @229483:
Limit communication pipe with privileged process to CAP_READ and CAP_WRITE.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:17:29 +00:00
Pawel Jakub Dawidek
3b2ed0659c MFp4 @229482:
- Limit bpf descriptor in unprivileged process to CAP_POLL_EVENT, CAP_READ and
  allow for SIOCGIFFLAGS, SIOCGIFMEDIA ioctls.
- While here limit bpf descriptor in privileged process to only CAP_WRITE.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:16:02 +00:00
Pawel Jakub Dawidek
235eb53002 MFp4 @229481:
Currently it was allowed to send any UDP packets from unprivileged process and
possibly any packets because /dev/bpf was open for writing.

Move sending packets to privileged process. Unprivileged process has no longer
access to not connected UDP socket and has only access to /dev/bpf in read-only
mode.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:12:54 +00:00
Pawel Jakub Dawidek
e374cef518 MFp4 @229480:
Shutdown write direction of the routing socket. We only need to read from it.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:09:02 +00:00
Pawel Jakub Dawidek
7fdc27bc51 MFp4 @229479:
- Add new request (IMSG_SEND_PACKET) that will be handled by privileged process.
- Add $FreeBSD$.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:07:55 +00:00
Pawel Jakub Dawidek
0bbe83068e MFp4 @229477:
The gethostname(3) function won't work in capability mode, because reading
kern.hostname sysctl is not permitted there.  Cache hostname early and use
cached value later.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:05:36 +00:00
Pawel Jakub Dawidek
c786bc9089 Remove redundant white-spaces. 2013-07-03 22:03:19 +00:00
Pawel Jakub Dawidek
b0f1b32afb MFp4 @229476,229478:
Make use of two fields: rfdesc and wfdesc to keep bpf descriptor open for
reading only in rfdesc and bpf descriptor open for writing only in wfdesc.
In the end they will be used by two different processes.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 22:01:52 +00:00
Pawel Jakub Dawidek
3a0fc7d8a9 MFp4 @229474:
iov_base field is 'void *' in FreeBSD, no need to cast.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:58:26 +00:00
Pawel Jakub Dawidek
e8da500388 MFp4 @229473:
No caller checks send_packet() return value, so make it void.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:57:24 +00:00
Pawel Jakub Dawidek
ba019ae51f MFp4 @229472:
Use the same type for 'from' and 'to' argument in send_packet().

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:53:54 +00:00
Pawel Jakub Dawidek
d1f4d85494 MFp4 @229471:
Remove unused argument from assemble_hw_header().

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:49:10 +00:00
Pawel Jakub Dawidek
592291c1e7 MFp4 @229470:
Remove unused argument from send_packet().

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:45:29 +00:00
Pawel Jakub Dawidek
181ab08d9e MFp4: @229469:
Garbage-collect dead prototypes.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
2013-07-03 21:41:35 +00:00
Andrey A. Chernov
476d9314d6 1) POSIX requires rand(3) return values to be in the [0, RAND_MAX] range,
but ACM formula we use have internal state (and return value) in the
[1, 0x7ffffffe] range, so our RAND_MAX (0x7fffffff) is never reached
because it is off by one, zero is not reached too.

Correct both RAND_MAX and rand(3) return value, shifting last one
to the 0 by 1 subtracted, resulting POSIXed [0, 0x7ffffffd(=new RAND_MAX)]
range.

2) Add a checks for not overflowing on too big seeds. It may happens on
the machines, where sizeof(unsigned int) > 32 bits.

Reviewed by:    bde [1]
MFC after:      2 weeks
2013-07-03 21:21:54 +00:00
Pawel Jakub Dawidek
6f691f7ee1 Sandbox rwhod(8) receiver process using capability mode and Capsicum
capabilities.

rwhod(8) receiver can now only receive packages, write to /var/rwho/ directory
and log to syslog.

Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
Reviewed by:	pjd
MFC after:	1 month
2013-07-03 21:07:02 +00:00
Pawel Jakub Dawidek
223eee088f The whole sending functionality was implemented within signal handler,
which is very bad idea. Split sending and receiving in two processes,
which fixes this problem and will help to sandbox rwhod.

Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
Reviewed by:	pjd
MFC after:	1 month
2013-07-03 21:04:20 +00:00
Pawel Jakub Dawidek
90173d7dc6 Style cleanups.
Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
Reviewed by:	pjd
MFC after:	1 month
2013-07-03 20:58:58 +00:00
Pawel Jakub Dawidek
d7499324a8 Few more style nits.
MFC after:	1 month
2013-07-03 20:44:47 +00:00
Pawel Jakub Dawidek
7c33a30a7a Sandbox rwho(1) using capability mode and Capsicum capabilities.
rwho(1) gets only read-only access to /var/rwho/ directory.

Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
Reviewed by:	pjd
MFC after:	1 month
2013-07-03 20:42:10 +00:00
Rui Paulo
8606701fc4 Increase the microcode max size to 16K to accomodate more recent Intel
firmware.
2013-07-03 20:29:15 +00:00
Pawel Jakub Dawidek
c05bfdd395 Style cleanups.
Submitted by:	Mariusz Zaborski <oshogbo@FreeBSD.org>
Sponsored by:	Google Summer of Code 2013
Reviewed by:	pjd
MFC after:	1 month
2013-07-03 20:28:33 +00:00
Peter Wemm
6c6f1f0185 Add an entry for filemon. 2013-07-03 20:22:12 +00:00
Peter Wemm
4271368368 Move static ZFS compile option to the other static file system options. 2013-07-03 20:21:39 +00:00
Rui Paulo
ecf28f6d07 Typos in comments. 2013-07-03 20:19:23 +00:00
Dimitry Andric
0cf157db98 Pull in r185446 from clang trunk:
Fix to PR15826 - clang hits assert in clang::ASTContext::getASTRecordLayout.

Reported by:	glebius
2013-07-03 19:08:10 +00:00
Warren Block
9ce127ad76 Add descriptions to the FILES list, fix some mdoc complaints, move the
"neither" entry out of the table in BOOTING.

Submitted by:	joeld
Reviewed by:	joeld
MFC after:	1 week
2013-07-03 18:53:36 +00:00
Michael Tuexen
56f778aadf Code cleanups.
MFC after: 3 days
2013-07-03 18:48:43 +00:00
Peter Wemm
ff0b75b897 Make it clear that there are three separate internal locks. 2013-07-03 18:35:21 +00:00
Peter Wemm
7900abff04 As a followup to r252547, propate const down the call stack. 2013-07-03 18:27:45 +00:00
Peter Wemm
33e7ec3e83 Attempt to deal with a compile failure that shows up with gcc, which
has -Werror on.  Without this, yylex() is inconsistently or redundantly
defined.
2013-07-03 18:25:27 +00:00
David C Somayajulu
bcafe87486 Port 0 needs to wait for ACK only if it issued the RESET. 2013-07-03 17:57:35 +00:00
Navdeep Parhar
e364d8c44a Catch up with r238990. LLE_DELETED does not clobber everything else in
la_flags since said revision.
2013-07-03 17:27:32 +00:00
John Baldwin
8f4c2e526b Don't perform the acpi_DeviceIsPresent() check for PCI-PCI bridges. If
we are probing a PCI-PCI bridge it is because we found one by enumerating
the devices on a PCI bus, so the bridge is definitely present.  A few
BIOSes report incorrect status (_STA) for some bridges that claimed they
were not present when in fact they were.

While here, move this check earlier for Host-PCI bridges so attach fails
before doing any work that needs to be torn down.

PR:		kern/91594
Tested by:	Jack Vogel @ Intel
MFC after:	1 week
2013-07-03 17:26:05 +00:00
Alexander Motin
ce300fbfb7 Fix NULL-deference kernel panic on attempt of destroying non-existing
ramdisk-backed CTL LUN.
2013-07-03 14:58:11 +00:00
Niclas Zeising
82fbf0f6ea Revert previous revision, local change that accidentally snuck in. 2013-07-03 12:58:53 +00:00
Niclas Zeising
5b694ac5db Regenerate after r252561
PR:		docs/180025
Submitted by:	Garrett Cooper <yaneurabeya@gmail.com>
2013-07-03 12:53:06 +00:00
Niclas Zeising
bc772b9013 Document WITHOUT_SVNLITE and WITH_SVN.
PR:		docs/180025
Submitted by:	Garrett Cooper <yaneurabeya@gmail.com>
2013-07-03 12:36:47 +00:00
Davide Italiano
9e9421bcdf - Fix double frees/user after free.
- Allocate using smb_rq_alloc() instead of inlining it.

Reported by:	uqs
Found with:	Coverity Scan
2013-07-03 10:31:45 +00:00
Hiroki Sato
4099f7e640 Fix a typo (s/error/errno/). 2013-07-03 09:50:59 +00:00
Dag-Erling Smørgrav
a05aa38cb1 There is no reason to disallow setting the password or account expiry
date to the current date.

MFC after:	3 days
2013-07-03 09:48:24 +00:00
Hiroki Sato
6facd7a6b8 Fix a compiler warning.
MFC after:	1 week
2013-07-03 07:31:07 +00:00
Peter Wemm
19dfd82d81 Replace the #define for "iconv" so it is for the function name instead of
a macro with parameters.  Remove a __DECONST hack and add consts instead
for gnu libiconv API compatability.  This makes it work with things like
devel/boost-libs that expects to use "iconv" as though it were a pointer.
2013-07-03 07:03:19 +00:00