POSIX uses an int for the signal number instead of an unsigned int. NetBSD
made this change in 2010 and FreeBSD made this change in 2016. Follow suit
with the other BSDs and match what POSIX specifies.
This should not have an impact on the ABI and therefore no bump is needed.
Flagged by Sortix os-test.
ok deraadt@, millert@
libsndio recovers after underruns, so in most cases they should just
be ignored. However there are cases where a program may use an external
audio clock (ex. an RTP stream) and resample to make the local audio
rate match the remote rate to keep the latency constant. To do so, the
program must measure continuously the clock drift and calculate the
resampling ratio. Upon underrun, such programs must restart the
measurements, hence the need for this new interface.
ok armani
As suggested by kettenis@ and deraadt, including LOGIN_SETXDGENV in
LOGIN_SETALL, the latter being used in a bunch of place, appears to be
a mistake. The mkdir(2) and fchown(2) / fchmod(2) calls made by
setusercontext(LOGIN_SETXDGENV) result in pledge(2) violations in at
least calendar(1) and inetd(8), as reported by jmc@ and lucas@
respectively. Also it brings little to no advantage since most of the
login managers analyzed so far require an explicit change to export the
XDG_RUNTIME_DIR variable.
So move LOGIN_SETXDGENV out of LOGIN_SETALL. If you started relying on
this in one of your port, please adapt the code to explicitely pass
LOGIN_SETXDGENV. xenodm(1) will be fixed shortly, patches for login(1)
and sshd(8) are waiting for reviews.
ok deraadt@ robert@
The Base Specifications, Issue 8 incorporated Austin Group Defect 1533
adding long tm_gmtoff (which we already have) and const char *tm_zone,
which we have but without const. Adapt our struct. This was tested in
an amd64 bulk without fallout and fixes a bunch of compiler warnings
from strptime.c r1.32 where gmt[] and utc[] were moved to rodata.
https://austingroupbugs.net/view.php?id=1533
ok jca millert
If LOGIN_SETXDGENV is passed in the flags, ensure the presence and
usability of a runtime directory dedicated to <uid>. Set the
XDG_RUNTIME_DIR variable only if the directory is usable.
With feedback from deraadt@, matthieu@ and guenther@.
ok deraadt@ robert@
the rust libstd emutls version is using one pthread_key per thread-variable. it
means the maximum number of thread-variable at a time is PTHREAD_KEYS_MAX.
with recent rustc 1.91.0, we start hiting the limit while compiling some
programs (like sysutils/rustic).
ok robert@
"Let's go 512 and hope someone eventually does proper TLS" deraadt@
libc/hidden/_stdio.h. All programs that refer to the internal
structure of the FILE object can't be compiled from now on.
std{in,out,err} doesn't refer __sF[] now, but the hidden __sF along
with __srget and __swbuf symbols are kept temporarily to make our
transition easier. But those symbols will be deleted soon. The shared
library versions are bumped for libc and all the other libraries that
refer to std{in,out,err}.
diff from guenther, tweak by me, tested by many
ok sthen tb
told the kernel about the sample buffer, and then the normal exit-time
_mcleanup() would finalize the buffer, open()'ed a file and write out
the details. This file opening has become increasingly impossible
because of our privsep / privdrop, chroot, setresuid uid-dropping,
pledge, unveil, and other efforts. So people stopped using gprof.
Programs which needed profiling needed substantial mitigation removal
changes to put them under test.
In the new gprof profiling subsystem, profil() is enhanced to provide more
buffer information to the kernel, as well as better instructions for where
the file should be written. At normal exit-time mcleanup(), after finalizing
the buffer, the process simply terminates via _exit(2), and the kernel
does all the opening and writing in a safe way. The file is now deposited
into the starting directory, or into PROFDIR as determined at program start,
with safety issues taken into consideration.
Additional side effecs:
- The monstartup(3) interface will go away, it cannot be supported.
- profil() is now allowed in pledge "stdio", access is decided by the -pg ELF note
- gmon.out is renamed to gmon.progname.pid.out, due to pervasive multi-process
privsep practices
prompted originally by job and claudio for use in rpki-client and bgpd
advice from kettenis and claudio
moved to ELF.
Move the a.out specific defines and macros, but the MID_xxx values, from
<sys/exec.h> to <a.out.h>, and update the few userland binaries which really
need these defines (i.e. boot-related tools for old architectures) to
explicitly include <a.out.h> when needed.
"Fine" deraadt@
to match Solaris and _not_ match glibc/BSDs and no one caught it
before publication. Provide the new name but keep providing the
existing names under the same conditions as before. Update #include
visibility and dlfcn(3) manpage and add restrict qualifiers.
ok deraadt@
According to bit_alloc(3) man page the arguments to bitstring macros
are evaluated only once and may safely have side effects. Fix the
implementation with temporary variables to fulfill this requirement.
OK florian@ deraadt@
For hardware devices, add a server.device control
with a single item and the device name as display
string.
Add the necessary sndioctl(1) bits to print it.
To be used in httpd(8) shortly to prevent toctu issues.
This makes __fdopendir internally accessible to avoid unnecessary
syscalls in scandirat(3). Suggested & diff by guenther
suggested by & OK millert
tweak & OK guenther
OK tb, jca
This rides the libc crank.
Even if those _[BCNLPSUX] defines are in the reserved namespace, some
ports make use of those identifiers and thus need pointless
headscratching and patches. Just use a longer reserved prefix.
We can't just #undef those defines as they are used in libc.
Change similar to what NetBSD did around 2010. Went through base builds
and an amd64 bulk build, the only fallout was lib(e)stdc++ base_ctype.h.
"make includes" will install the latest ctype.h and libstdc++ ctype_base.h.
"makes sense" deraadt@, ok sthen@ tb@
it is a dangerous alternative entry point for all system calls, and thus
incompatible with the precision system call entry point scheme we are
heading towards. This has been a 3-year mission:
First perl needed a code-generated wrapper to fake syscall(2) as a giant
switch table, then all the ports were cleaned with relatively minor fixes,
except for "go". "go" required two fixes -- 1) a framework issue with
old library versions, and 2) like perl, a fake syscall(2) wrapper to
handle ioctl(2) and sysctl(2) because "syscall(SYS_ioctl" occurs all over
the place in the "go" ecosystem because the "go developers" are plan9-loving
unix-hating folk who tried to build an ecosystem without allowing "ioctl".
ok kettenis, jsing, afresh1, sthen
of the C language but are part of the C library and have to be
declared in <uchar.h> - see paragraph 7.28.2.
In stark contrast, according to the C++11 standard, char32_t and char16_t
are part of the C++ language, namely, keywords - see paragraph 2.12.1.
Consequently, they must not be declared in a header file.
To resolve this vile contradiction, use the predefined macro __cplusplus
to find out which language is in use for the current compilation unit -
see C11 paragraph 6.10.8.3 and C++11 paragraph 16.8.1.
Reminded of the problem by naddy@.
OK naddy@ who tested in make build / make release.
Looks reasonable to millert@.
OK millert@.
Tested by naddy@ in a bulk and by matthieu@ in the new foot(1) port.
I originally wrote the code in 2022 at the prodding of espie@.
Using one improvement to a manual page from jmc@.
exposed in a new field returned by sysctl(KERN_PROC). Update
pthread_{get,set}_name_np(3) to use the syscalls. Show them, when
set, in ps -H and top -H output.
libc and libpthread minor bumps
ok mpi@, mvs@, deraadt@
This will be used in waitid(2) to set si_utime and si_stime.
The definition of struct timespec also moves from time.h to sys/_time.h
for struct itimerspec. OK kettenis@
The new sio_flush(3) functions works the same way as sio_stop(3),
except that it doesn't wait for play buffer to be drained. Instead,
it discards its contents and returns immediately.
as const, moving them from .data to .data.rel.ro. The other BSDs
did this a long time ago; NetBSD did a chunk in 1998, which is long
enough I didn't bother to get exact dates for others.
ok deraadt@ millert@
anytime a class is looked up, the /etc/login.conf.d/${class} file will be
checked first for a matching class definition; this will allow us to easily
add custom login classes from packages
ok millert@
daniel