#
303975 |
|
11-Aug-2016 |
gjb |
Copy stable/11@r303970 to releng/11.0 as part of the 11.0-RELEASE cycle.
Prune svn:mergeinfo from the new branch, and rename it to RC1.
Update __FreeBSD_version.
Use the quarterly branch for the default FreeBSD.conf pkg(8) repo and the dvd1.iso packages population.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
302408 |
|
08-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation
|
#
254410 |
|
16-Aug-2013 |
jilles |
Add man page dup3(3).
|
#
251203 |
|
31-May-2013 |
jilles |
dup(2): Clarify return value, in particular of dup2().
|
#
249739 |
|
21-Apr-2013 |
jilles |
dup(2): Remove incorrect sentence about getdtablesize().
There are no getdtablesize() bounds on the file descriptor to be duplicated; it only has to be open. If the RLIMIT_NOFILE rlimit was decreased after opening the file descriptor, it may be greater than or equal to getdtablesize() but still valid.
MFC after: 1 week
|
#
247602 |
|
02-Mar-2013 |
pjd |
Merge Capsicum overhaul:
- Capability is no longer separate descriptor type. Now every descriptor has set of its own capability rights.
- The cap_new(2) system call is left, but it is no longer documented and should not be used in new code.
- The new syscall cap_rights_limit(2) should be used instead of cap_new(2), which limits capability rights of the given descriptor without creating a new one.
- The cap_getrights(2) syscall is renamed to cap_rights_get(2).
- If CAP_IOCTL capability right is present we can further reduce allowed ioctls list with the new cap_ioctls_limit(2) syscall. List of allowed ioctls can be retrived with cap_ioctls_get(2) syscall.
- If CAP_FCNTL capability right is present we can further reduce fcntls that can be used with the new cap_fcntls_limit(2) syscall and retrive them with cap_fcntls_get(2).
- To support ioctl and fcntl white-listing the filedesc structure was heavly modified.
- The audit subsystem, kdump and procstat tools were updated to recognize new syscalls.
- Capability rights were revised and eventhough I tried hard to provide backward API and ABI compatibility there are some incompatible changes that are described in detail below:
CAP_CREATE old behaviour: - Allow for openat(2)+O_CREAT. - Allow for linkat(2). - Allow for symlinkat(2). CAP_CREATE new behaviour: - Allow for openat(2)+O_CREAT.
Added CAP_LINKAT: - Allow for linkat(2). ABI: Reuses CAP_RMDIR bit. - Allow to be target for renameat(2).
Added CAP_SYMLINKAT: - Allow for symlinkat(2).
Removed CAP_DELETE. Old behaviour: - Allow for unlinkat(2) when removing non-directory object. - Allow to be source for renameat(2).
Removed CAP_RMDIR. Old behaviour: - Allow for unlinkat(2) when removing directory.
Added CAP_RENAMEAT: - Required for source directory for the renameat(2) syscall.
Added CAP_UNLINKAT (effectively it replaces CAP_DELETE and CAP_RMDIR): - Allow for unlinkat(2) on any object. - Required if target of renameat(2) exists and will be removed by this call.
Removed CAP_MAPEXEC.
CAP_MMAP old behaviour: - Allow for mmap(2) with any combination of PROT_NONE, PROT_READ and PROT_WRITE. CAP_MMAP new behaviour: - Allow for mmap(2)+PROT_NONE.
Added CAP_MMAP_R: - Allow for mmap(PROT_READ). Added CAP_MMAP_W: - Allow for mmap(PROT_WRITE). Added CAP_MMAP_X: - Allow for mmap(PROT_EXEC). Added CAP_MMAP_RW: - Allow for mmap(PROT_READ | PROT_WRITE). Added CAP_MMAP_RX: - Allow for mmap(PROT_READ | PROT_EXEC). Added CAP_MMAP_WX: - Allow for mmap(PROT_WRITE | PROT_EXEC). Added CAP_MMAP_RWX: - Allow for mmap(PROT_READ | PROT_WRITE | PROT_EXEC).
Renamed CAP_MKDIR to CAP_MKDIRAT. Renamed CAP_MKFIFO to CAP_MKFIFOAT. Renamed CAP_MKNODE to CAP_MKNODEAT.
CAP_READ old behaviour: - Allow pread(2). - Disallow read(2), readv(2) (if there is no CAP_SEEK). CAP_READ new behaviour: - Allow read(2), readv(2). - Disallow pread(2) (CAP_SEEK was also required).
CAP_WRITE old behaviour: - Allow pwrite(2). - Disallow write(2), writev(2) (if there is no CAP_SEEK). CAP_WRITE new behaviour: - Allow write(2), writev(2). - Disallow pwrite(2) (CAP_SEEK was also required).
Added convinient defines:
#define CAP_PREAD (CAP_SEEK | CAP_READ) #define CAP_PWRITE (CAP_SEEK | CAP_WRITE) #define CAP_MMAP_R (CAP_MMAP | CAP_SEEK | CAP_READ) #define CAP_MMAP_W (CAP_MMAP | CAP_SEEK | CAP_WRITE) #define CAP_MMAP_X (CAP_MMAP | CAP_SEEK | 0x0000000000000008ULL) #define CAP_MMAP_RW (CAP_MMAP_R | CAP_MMAP_W) #define CAP_MMAP_RX (CAP_MMAP_R | CAP_MMAP_X) #define CAP_MMAP_WX (CAP_MMAP_W | CAP_MMAP_X) #define CAP_MMAP_RWX (CAP_MMAP_R | CAP_MMAP_W | CAP_MMAP_X) #define CAP_RECV CAP_READ #define CAP_SEND CAP_WRITE
#define CAP_SOCK_CLIENT \ (CAP_CONNECT | CAP_GETPEERNAME | CAP_GETSOCKNAME | CAP_GETSOCKOPT | \ CAP_PEELOFF | CAP_RECV | CAP_SEND | CAP_SETSOCKOPT | CAP_SHUTDOWN) #define CAP_SOCK_SERVER \ (CAP_ACCEPT | CAP_BIND | CAP_GETPEERNAME | CAP_GETSOCKNAME | \ CAP_GETSOCKOPT | CAP_LISTEN | CAP_PEELOFF | CAP_RECV | CAP_SEND | \ CAP_SETSOCKOPT | CAP_SHUTDOWN)
Added defines for backward API compatibility:
#define CAP_MAPEXEC CAP_MMAP_X #define CAP_DELETE CAP_UNLINKAT #define CAP_MKDIR CAP_MKDIRAT #define CAP_RMDIR CAP_UNLINKAT #define CAP_MKFIFO CAP_MKFIFOAT #define CAP_MKNOD CAP_MKNODAT #define CAP_SOCK_ALL (CAP_SOCK_CLIENT | CAP_SOCK_SERVER)
Sponsored by: The FreeBSD Foundation Reviewed by: Christoph Mallon <christoph.mallon@gmx.de> Many aspects discussed with: rwatson, benl, jonathan ABI compatibility discussed with: kib
|
#
239503 |
|
21-Aug-2012 |
zeising |
Add missing .Pp macro.
PR: docs/170380 Submitted by: Garrett Cooper <yanegomi@gmail.com> Approved by: joel (mentor)
|
#
234131 |
|
11-Apr-2012 |
eadler |
Return EBADF instead of EMFILE from dup2 when the second argument is outside the range of valid file descriptors
PR: kern/164970 Submitted by: Peter Jeremy <peterjeremy@acm.org> Reviewed by: jilles Approved by: cperciva MFC after: 1 week
|
#
224864 |
|
14-Aug-2011 |
rwatson |
Cross-reference cap_new(2) from dup(2), as they have similar functionality.
Approved by: re (kib)
|
#
165903 |
|
09-Jan-2007 |
imp |
Per Regents of the University of Calfornia letter, remove advertising clause.
# If I've done so improperly on a file, please let me know.
|
#
131504 |
|
02-Jul-2004 |
ru |
Mechanically kill hard sentence breaks.
|
#
108087 |
|
19-Dec-2002 |
ru |
mdoc(7) police: "The .Fa argument.".
|
#
108028 |
|
18-Dec-2002 |
ru |
mdoc(7) police: Tidy up the syscall language.
Stop calling system calls "function calls".
Use "The .Fn system call" a-la "The .Nm utility".
When referring to a non-BSD implementation in the HISTORY section, call syscall a function, to be safe.
|
#
100144 |
|
15-Jul-2002 |
keramida |
The .Fn function.
|
#
85555 |
|
26-Oct-2001 |
ru |
Remove the internal implementation details of wrapping syscalls, which do not match the reality anyway.
Approved by: deischen, bde
|
#
84306 |
|
01-Oct-2001 |
ru |
mdoc(7) police: Use the new .In macro for #include statements.
|
#
81462 |
|
10-Aug-2001 |
ru |
mdoc(7) police: join split punctuation to macro calls.
|
#
79754 |
|
15-Jul-2001 |
dd |
Remove whitespace at EOL.
|
#
79531 |
|
10-Jul-2001 |
ru |
mdoc(7) police: removed HISTORY info from the .Os call.
|
#
79454 |
|
09-Jul-2001 |
dd |
mdoc(7) police: remove extraneous .Pp before and/or after .Sh.
|
#
61988 |
|
23-Jun-2000 |
chris |
Replace .Va, .Ar and .Nm with .Fa or .Va where necessary, examples: ``.Ar errno'' -> ``.Va errno'' ``.Nm ops'' -> ``.Fa ops'' ``.Va fd'' -> ``.Fa fd''
|
#
59460 |
|
21-Apr-2000 |
phantom |
Introduce ".Lb" macro to libc manpages.
More libraries manpages updates following.
|
#
50476 |
|
28-Aug-1999 |
peter |
$Id$ -> $FreeBSD$
|
#
23574 |
|
09-Mar-1997 |
mckay |
Clarified the behaviour of dup2(fd1,fd2) when fd1==fd2 and when fd1 is invalid.
Safe for 2.2!
|
#
22993 |
|
22-Feb-1997 |
peter |
Revert $FreeBSD$ to $Id$
|
#
21907 |
|
20-Jan-1997 |
wosch |
Sort cross references.
|
#
21673 |
|
14-Jan-1997 |
jkh |
Make the long-awaited change from $Id$ to $FreeBSD$
This will make a number of things easier in the future, as well as (finally!) avoiding the Id-smashing problem which has plagued developers for so long.
Boy, I'm glad we're not using sup anymore. This update would have been insane otherwise.
|
#
20097 |
|
02-Dec-1996 |
wosch |
upgrade STANDARDS from POSIX 1003.1-88 to 1003.1-90 using .St macro use ``is expected to conform to'' phrase, not ``conforms to''
Pointed out by: Bruce->NIST-PCTS
|
#
17906 |
|
29-Aug-1996 |
wosch |
function appeared in Version 7 AT&T UNIX Obtained from: ftp://netlib.att.com/netlib/att/cs/v7man/man2
|
#
13545 |
|
22-Jan-1996 |
julian |
Reviewed by: julian and (hsu?) Submitted by: John Birrel(L?)
changes for threadsafe operations
|
#
1574 |
|
27-May-1994 |
rgrimes |
This commit was generated by cvs2svn to compensate for changes in r1573, which included commits to RCS files with non-trunk default branches.
|
#
1573 |
|
27-May-1994 |
rgrimes |
BSD 4.4 Lite Lib Sources
|