#
267654 |
|
19-Jun-2014 |
gjb |
Copy stable/9 to releng/9.3 as part of the 9.3-RELEASE cycle.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
262056 |
|
17-Feb-2014 |
avg |
MFC r255971: Fix some typos that were causing probe argument types to show up as unknown
MFC slacker: markj
|
#
246290 |
|
03-Feb-2013 |
dchagin |
MFC r235063 (by netchild@): - >500 static DTrace probes for the linuxulator - DTrace scripts to check for errors, performance, ... they serve mostly as examples of what you can do with the static probes with moderate load the scripts may be overwhelmed, excessive lock-tracing may influence program behavior (see the last design decission)
Design decissions: - use "linuxulator" as the provider for the native bitsize; add the bitsize for the non-native emulation (e.g. "linuxuator32" on amd64) - Add probes only for locks which are acquired in one function and released in another function. Locks which are aquired and released in the same function should be easy to pair in the code, inter-function locking is more easy to verify in DTrace. - Probes for locks should be fired after locking and before releasing to prevent races (to provide data/function stability in DTrace, see the man-page of "dtrace -v ..." and the corresponding DTrace docs).
Manual merge futex part of r227293 (by ed@): Mark MALLOC_DEFINEs static that have no corresponding MALLOC_DECLAREs.
MFC r235078 (by uqs@): Fix make depend.
|
#
226640 |
|
22-Oct-2011 |
brueffer |
MFC: r226247, r226253
Properly free linux_gidset in case of an error.
Approved by: re (kib)
|
#
225736 |
|
22-Sep-2011 |
kensmith |
Copy head to stable/9 as part of 9.0-RELEASE release cycle.
Approved by: re (implicit)
|
#
225617 |
|
16-Sep-2011 |
kmacy |
In order to maximize the re-usability of kernel code in user space this patch modifies makesyscalls.sh to prefix all of the non-compatibility calls (e.g. not linux_, freebsd32_) with sys_ and updates the kernel entry points and all places in the code that use them. It also fixes an additional name space collision between the kernel function psignal and the libc function of the same name by renaming the kernel psignal kern_psignal(). By introducing this change now we will ease future MFCs that change syscalls.
Reviewed by: rwatson Approved by: re (bz)
|
#
202341 |
|
15-Jan-2010 |
brooks |
Since all other comparisons involving ngroups_max use "ngroups_max + 1", use ">= ngroups_max+1" instead of the equivalent "> ngroups_max" to reduce confusion.
|
#
202143 |
|
12-Jan-2010 |
brooks |
Replace the static NGROUPS=NGROUPS_MAX+1=1024 with a dynamic kern.ngroups+1. kern.ngroups can range from NGROUPS_MAX=1023 to INT_MAX-1. Given that the Windows group limit is 1024, this range should be sufficient for most applications.
MFC after: 1 month
|
#
194498 |
|
19-Jun-2009 |
brooks |
Rework the credential code to support larger values of NGROUPS and NGROUPS_MAX, eliminate ABI dependencies on them, and raise the to 1024 and 1023 respectively. (Previously they were equal, but under a close reading of POSIX, NGROUPS_MAX was defined to be too large by 1 since it is the number of supplemental groups, not total number of groups.)
The bulk of the change consists of converting the struct ucred member cr_groups from a static array to a pointer. Do the equivalent in kinfo_proc.
Introduce new interfaces crcopysafe() and crsetgroups() for duplicating a process credential before modifying it and for setting group lists respectively. Both interfaces take care for the details of allocating groups array. crsetgroups() takes care of truncating the group list to the current maximum (NGROUPS) if necessary. In the future, crsetgroups() may be responsible for insuring invariants such as sorting the supplemental groups to allow groupmember() to be implemented as a binary search.
Because we can not change struct xucred without breaking application ABIs, we leave it alone and introduce a new XU_NGROUPS value which is always 16 and is to be used or NGRPS as appropriate for things such as NFS which need to use no more than 16 groups. When feasible, truncate the group list rather than generating an error.
Minor changes: - Reduce the number of hand rolled versions of groupmember(). - Do not assign to both cr_gid and cr_groups[0]. - Modify ipfw to cache ucreds instead of part of their contents since they are immutable once referenced by more than one entity.
Submitted by: Isilon Systems (initial implementation) X-MFC after: never PR: bin/113398 kern/133867
|
#
177785 |
|
31-Mar-2008 |
kib |
Add the support for the AT_FDCWD and fd-relative name lookups to the namei(9).
Based on the submission by rdivacky, sponsored by Google Summer of Code 2007 Reviewed by: rwatson, rdivacky Tested by: pho
|
#
170587 |
|
11-Jun-2007 |
rwatson |
Eliminate now-unused SUSER_ALLOWJAIL arguments to priv_check_cred(); in some cases, move to priv_check() if it was an operation on a thread and no other flags were present.
Eliminate caller-side jail exception checking (also now-unused); jail privilege exception code now goes solely in kern_jail.c.
We can't yet eliminate suser() due to some cases in the KAME code where a privilege check is performed and then used in many different deferred paths. Do, however, move those prototypes to priv.h.
Reviewed by: csjp Obtained from: TrustedBSD Project
|
#
166944 |
|
24-Feb-2007 |
netchild |
Partial MFp4 of 114977: Whitespace commit: Fix grammar, spelling and punctuation.
Submitted by: "Scot Hetzel" <swhetzel@gmail.com>
|
#
164033 |
|
06-Nov-2006 |
rwatson |
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning specific privilege names to a broad range of privileges. These may require some future tweaking.
Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
|
#
156874 |
|
19-Mar-2006 |
ru |
Unbreak COMPAT_LINUX32 option support on amd64.
Broken by: netchild
|
#
156850 |
|
18-Mar-2006 |
netchild |
Fixup some problems in my previous commit (COMPAT_43).
Pointyhat to: netchild
|
#
156842 |
|
18-Mar-2006 |
netchild |
Get rid of the need of COMPAT_43 in the linuxolator.
Submitted by: Divacky Roman <xdivac02@stud.fit.vutbr.cz> Obtained from: DragonFly (some parts)
|
#
140214 |
|
14-Jan-2005 |
obrien |
Match the LINUX32's style with existing style Submitted by: Jung-uk Kim <jkim@niksun.com>
Use positive, not negative logic.
|
#
133816 |
|
16-Aug-2004 |
tjr |
Changes to MI Linux emulation code necessary to run 32-bit Linux binaries on AMD64, and the general case where the emulated platform has different size pointers than we use natively: - declare certain structure members as l_uintptr_t and use the new PTRIN and PTROUT macros to convert to and from native pointers. - declare some structures __packed on amd64 when the layout would differ from that used on i386. - include <machine/../linux32/linux.h> instead of <machine/../linux/linux.h> if compiling with COMPAT_LINUX32. This will need to be revisited before 32-bit and 64-bit Linux emulation support can coexist in the same kernel. - other small scattered changes.
This should be a no-op on i386 and Alpha.
|
#
132653 |
|
26-Jul-2004 |
cperciva |
Rename suser_cred()'s PRISON_ROOT flag to SUSER_ALLOWJAIL. This is somewhat clearer, but more importantly allows for a consistent naming scheme for suser_cred flags.
The old name is still defined, but will be removed in a few days (unless I hear any complaints...)
Discussed with: rwatson, scottl Requested by: jhb
|
#
130344 |
|
11-Jun-2004 |
phk |
Deorbit COMPAT_SUNOS.
We inherited this from the sparc32 port of BSD4.4-Lite1. We have neither a sparc32 port nor a SunOS4.x compatibility desire these days.
|
#
121302 |
|
21-Oct-2003 |
tjr |
Reject negative ngrp arguments in linux_setgroups() and linux_setgroups16(); stops users being able to cause setgroups to clobber the kernel stack by copying in data past the end of the linux_gidset array.
|
#
116173 |
|
10-Jun-2003 |
obrien |
Use __FBSDID().
|
#
111797 |
|
03-Mar-2003 |
des |
More caddr_t removal, in conjunction with copy{in,out}(9) this time. Also clean up some egregious casts and incorrect use of sizeof.
|
#
102954 |
|
05-Sep-2002 |
bde |
Include <sys/malloc.h> instead of depending on namespace pollution 2 layers deep in <sys/proc.h> or <sys/vnode.h>.
Removed unused includes. Sorted includes.
|
#
102814 |
|
01-Sep-2002 |
iedowse |
Use the new kern_* functions to avoid the need to store arguments in the stack gap. This converts most VFS and signal related system calls, as well as select().
Discussed on: -arch Approved by: marcel
|
#
94621 |
|
13-Apr-2002 |
jhb |
Rework logic of syscalls that modify process credentials as described in rev 1.152 of sys/kern/kern_prot.c.
|
#
93593 |
|
01-Apr-2002 |
jhb |
Change the suser() API to take advantage of td_ucred as well as do a general cleanup of the API. The entire API now consists of two functions similar to the pre-KSE API. The suser() function takes a thread pointer as its only argument. The td_ucred member of this thread must be valid so the only valid thread pointers are curthread and a few kernel threads such as thread0. The suser_cred() function takes a pointer to a struct ucred as its first argument and an integer flag as its second argument. The flag is currently only used for the PRISON_ROOT flag.
Discussed on: smp@
|
#
91406 |
|
27-Feb-2002 |
jhb |
Simple p_ucred -> td_ucred changes to start using the per-thread ucred reference.
|
#
84918 |
|
14-Oct-2001 |
marcel |
Forced commit. There apparently was already a PR for the problem fixed by the previous commit.
PR: 31122
|
#
84916 |
|
14-Oct-2001 |
marcel |
When casting from uid16/gid16 to uid/gid respectively, make sure that "no change" (ie 0xFFFF) is properly cast to (int)-1 for those syscalls that set uids and/or gids.
Verified by: LTP
|
#
83366 |
|
12-Sep-2001 |
julian |
KSE Milestone 2 Note ALL MODULES MUST BE RECOMPILED make the kernel aware that there are smaller units of scheduling than the process. (but only allow one thread per process at this time). This is functionally equivalent to teh previousl -current except that there is a thread associated with each process.
Sorry john! (your next MFC will be a doosie!)
Reviewed by: peter@freebsd.org, dillon@freebsd.org
X-MFC after: ha ha ha ha
|
#
82745 |
|
01-Sep-2001 |
marcel |
Speculatively add this file. It's part of the Linuxulator update to make it emulate Linux kernel version 2.4.2, which is required in order to upgrade the linux_base port to RH 7.1.
Note that this file is only needed for 32-bit architectures. To us this means i386 (for now?)
|