it is a dangerous alternative entry point for all system calls, and thus
incompatible with the precision system call entry point scheme we are
heading towards. This has been a 3-year mission:
First perl needed a code-generated wrapper to fake syscall(2) as a giant
switch table, then all the ports were cleaned with relatively minor fixes,
except for "go". "go" required two fixes -- 1) a framework issue with
old library versions, and 2) like perl, a fake syscall(2) wrapper to
handle ioctl(2) and sysctl(2) because "syscall(SYS_ioctl" occurs all over
the place in the "go" ecosystem because the "go developers" are plan9-loving
unix-hating folk who tried to build an ecosystem without allowing "ioctl".
ok kettenis, jsing, afresh1, sthen
exposed in a new field returned by sysctl(KERN_PROC). Update
pthread_{get,set}_name_np(3) to use the syscalls. Show them, when
set, in ps -H and top -H output.
libc and libpthread minor bumps
ok mpi@, mvs@, deraadt@
This brings unveil into the tree, disabled by default - Currently
this will return EPERM on all attempts to use it until we are
fully certain it is ready for people to start using, but this
now allows for others to do more tweaking and experimentation.
Still needs to send the unveil's across forks and execs before
fully enabling.
Many thanks to robert@ and deraadt@ for extensive testing.
ok deraadt@
pledge for a new execve image immediately upon start. Also introduces
"error" which makes violations return -1 ENOSYS instead of killing the
program ("error" may not be handed to a setuid/setgid program, which
may be missing/ignoring syscall return values and would continue with
inconsistant state)
Discussion with many
florian has used this to improve the strictness of a daemon
which results in tame() code placements being much more recognizeable.
tame() can be moved to unistd.h and does not need cpp symbols to turn the
bits on and off. The resulting API is a bit unexpected, but simplifies the
mapping to enabling bits in the kernel substantially.
vague ok's from various including guenther doug semarie
version with zero args, so it should only be visible if __BSD_VISIBLE
(and not also for __XPG_VISIBLE). Contrawise, readlink() has been
part of base POSIX since 1995, so move to proper #if area for that.
Move crypt_checkpass() to the pure-BSD section of the file.
setpgrp() issue noted by Matti Karnaattu (mkarnaattu (at) gmail.com)
ok millert@
buffersize is enforced strictly, this supplies sufficient entropy
payload to act as seed material. Discourage general use of this
API, but lock down this function name as the go-to for userland
PRNG seeding. Improve documentation.
ok miod matthew
I accepted that he's right (again) to seperate this out from heavy
sysctl API and this will simply a variety of things. Functionname
is not used by anyone in the ports tree, so we guess we can use it.
Shocking that no application has a function called this.
ok matthew & others who pushed him to start this early on
them ftime(), gtty(), stty(), re_comp(), cuserid() and others.
Discussion and ongoing work to fix the ports tree from many, especially
naddy.
ok naddy
[There is a bit more cleanup possible after that, but this is considered
the current safe step]
moved them to unistd.h to match POSIX in 1995 but we never did.
The exception to this is getsubopt() which POSIX says should be in
stdlib.h. The non-standard suboptarg extern remains in the BSD-only
section of stdlib.h. Neither getsubopt() nor suboptarg belong in
unistd.h or getopt.h. They were only there to allow us to protect
all the getopt() bits from being multiply defined. OK guenther@
Use useconds_t in the ualarm() declaration.
Bump libstdc++ major to be sure there isn't ABI issues.
ok deraadt@ jca@ jmc@ millert@
ports testing by landry@
including CLOCK_{PROCESS,THREAD}_CPUTIME_ID constants and
{clock,pthread}_getcpuclockid() functions.
Worked out at t2k13 with help from tedu@ and matthew@ and testing by aja@
ok matthew@
to <unistd.h> and confstr(3) per POSIX 1003.1-2008
Change confstr(_CS_PATH) to operate directly instead of calling sysctl(3)
ports build tested by espie@
so that it can't get a signal while still running on the parent thread's
stack. Also, pass in sizeof(struct __tfork) to provide forward compat
when more members are added. This is an ABI change, so switch syscall
numbers and bump lib majors this time.
ok deraadt@ matthew@
FreeBSD's implementation via Frank Denis, with various cleanups and
tweaks by me.
ok deraadt@, guenther@; discussions and tweaks from many others
jmc@ promises to help me further with the man pages in tree
fail with errno set to ERANGE if not enough room is provided. Similar for
getlogin_r() so remove minbytes enforcement attribute.
ok kettenis@ guenther@ deraadt@ on getcwd, deraadt@ on getlogin_r.
fchmodat(2), fstatat(2), mkdirat(2), mkfifoat(2), mknodat(2),
faccessat(2), fchownat(2), linkat(2), readlinkat(2), renameat(2),
symlinkat(2), unlinkat(2), utimensat(2), futimens(2), and
fdopendir(3).
"Minor" libc bump.
Tested in a bulk build by naddy@
Much help from guenther@, thib@, tedu@, oga@, and others.
ok deraadt@, naddy@
