- Remove all NFS related stuff from file system specific code.
- Drop the vfs_checkexp hook and generalize it in the new nfs_check_export
function, thus removing redundancy from all file systems.
- Move all NFS export-related stuff from kern/vfs_subr.c to the new
file sys/nfs/nfs_export.c. The former was becoming large and its code
is always compiled, regardless of the build options. Using the latter,
the code is only compiled in when NFSSERVER is enabled. While doing this,
also make some functions in nfs_subs.c conditional to NFSSERVER.
- Add a new command in nfssvc(2), called NFSSVC_SETEXPORTSLIST, that takes a
path and a set of export entries. At the moment it can only clear the
exports list or append entries, one by one, but it is done in a way that
allows setting the whole set of entries atomically in the future (see the
comment in mountd_set_exports_list or in doc/TODO).
- Change mountd(8) to use the nfssvc(2) system call instead of mount(2) so
that it becomes file system agnostic. In fact, all this whole thing was
done to remove a 'XXX' block from this utility!
- Change the mount*, newfs and fsck* userland utilities to not deal with NFS
exports initialization; done internally by the kernel when initializing
the NFS support for each file system.
- Implement an interface for VFS (called VFS hooks) so that several kernel
subsystems can run arbitrary code upon receipt of specific VFS events.
At the moment, this only provides support for unmount and is used to
destroy NFS exports lists from the file systems being unmounted, though it
has room for extension.
Thanks go to yamt@, chs@, thorpej@, wrstuden@ and others for their comments
and advice in the development of this patch.
Fixes first part of PR#31184. addrsort() was not exposed to the rest of
libc as it turns out not to be usable for getaddrinfo(), so a different
sorter will be implemented for that.
The cause of this is that in the re-entrant case we block all signals until
we timeout. Convert this to use pollts and then grab the pending signals
and sigsuspend them.
XXX: We should really convert this to use kqueue, like FreeBSD did.
was done and that this behavior is not supposed to be portable. Filling
under the security considerations section because code not following the
guidelines given here can be "less secure".
- Merge 4.4BSD strerror.3 man page changes that summarize information
for all the error printing functions. This makes the perror(3) page
obsolete.
- Implement all error functions in terms of strerror_r(), including
__strerror() which is not used internally. Can it be removed?
- Bump version for strerror_r
XXX: All this is done backwards, and is a mess. Really the _foo.c files should
include the _foo function definition, not the foo.c files, like everywhere
else.
The current code resolves paths like `/foo/bar/', `/foo/bar/./', and
`/foo/bar/../', even if `bar' is a regular file and not a directory.
Reviewed by cube@.
system-specific values. Submitted by Chris Demetriou in Nov 1995 (!)
in PR kern/1781, modified only slighly by me.
This is enabled on a per-mount basis with the MNT_MAGICLINKS mount
flag. It can be enabled at mountroot() time by building the kernel
with the ROOTFS_MAGICLINKS option.
The following magic strings are supported by the implementation:
@machine value of MACHINE for the system
@machine_arch value of MACHINE_ARCH for the system
@hostname the system host name, as set with sethostname()
@domainname the system domain name, as set with setdomainname()
@kernel_ident the kernel config file name
@osrelease the releaes number of the OS
@ostype the name of the OS (always "NetBSD" for NetBSD)
Example usage:
mkdir /arch/i386/bin
mkdir /arch/sparc/bin
ln -s /arch/@machine_arch/bin /bin
under HAVE_NBTOOL_CONFIG_H for disktab.h as well. This means
disktab.h has to be installed in the nbinclude include directory.
(Failure mode: with TOOLDIR as a subdirectory of /usr, the host's disktab.h
got picked up, and not the in-tree copy.)
Reviewed by dyoung.
This is a workaround to make gcc's behavior consistent, since gcc can
transform:
printf("%s\n", s) -> puts(s)
fprintf(fp, "%s", s) -> fputs(s, fp)
as an optimization.
I've left the _DIAGASSERT's that make sure that s != NULL alone because we
should really still abort in a debugging environment.
- Change #ifdef VERIFIED_EXEC_VERBOSE to another verbose level, 2. Add
sysctl(3) bits.
- Simplify access type conflict handling during load. This depends on
the values of access type defines to be ordered from least to most
'strict'.
- Better organize strict level. Now we have 4 levels:
- Level 0, learning mode: Warnings only about anything that might've
resulted in 'access denied' or similar in a higher strict level.
- Level 1, IDS mode:
- Deny access on fingerprint mismatch.
- Deny modification of veriexec tables.
- Level 2, IPS mode:
- All implications of strict level 1.
- Deny write access to monitored files.
- Prevent removal of monitored files.
- Enforce access type - 'direct', 'indirect', or 'file'.
- Level 3, lockdown mode:
- All implications of strict level 2.
- Prevent creation of new files.
- Deny access to non-monitored files.
- Update sysctl(3) man-page with above. (date bumped too :)
- Remove FINGERPRINT_INDIRECT from possible fp_status values; it's no
longer needed.
- Simplify veriexec_removechk() in light of new strict level policies.
- Eliminate use of 'securelevel'; veriexec now behaves according to
its strict level only.
not correct since, as far as reading the source, it is impossible for
cgetset() to set such errno. I guess `seq' is not a typo of `set' but
abbreviation of `sequen...'.
and install ${TOOLDIR}/bin/${MACHINE_GNU_PLATFORM}-disklabel,
${TOOLDIR}/bin/${MACHINE_GNU_PLATFORM}-fdisk by "reaching over" to
the sources in ${NETBSDSRCDIR}/sbin/{disklabel fdisk}/.
To avoid clashes with a build-host's header files, especially on
*BSD, the host-tools versions of fdisk and disklabel search for
#includes such as disklabel.h, disklabel_acorn.h, disklabel_gpt.h,
and bootinfo.h in a new #includes namespace, nbinclude/. That is,
they #include <nbinclude/sys/disklabel.h>, <nbinclude/machine/disklabel.h>,
<nbinclude/sparc64/disklabel.h>, instead of <sys/disklabel.h> and
such. I have also updated the system headers to #include from
nbinclude/-space when HAVE_NBTOOL_CONFIG_H is #defined.
location so that an uninitialized `in' won't be used if net_i == BYADDR.
Detected with gcc -Wuninitialized, confirmed by diffing against BIND 4.9.11.
(The bug was introduced in rev 1.26. Hi Itojun! :)
New features:
- Add a veriexec_report() routine to make most reporting consistent and
remove some common code.
- Add 'strict' mode that controls how veriexec behaves.
- Add sysctl knobs:
o kern.veriexec.verbose controls verbosity levels. Value: 0, 1.
o kern.veriexec.strict controls strict level. Values: 0, 1, 2. See
documentation in sysctl(3) for details.
o kern.veriexec.algorithms returns a string with a space separated
list of supported hashing algorithms in veriexec.
- Updated documentation in man pages for sysctl(3) and sysctl(8).
Bug fixes:
- veriexec_removechk(): Code cleanup + handle FINGERPRINT_NOTEVAL
correctly.
- exec_script(): Don't pass 0 as flag when executing a script; use the
defined VERIEXEC_INDIRECT - which is 1. Makes indirect execution
enforcement work.
- Fix some printing formats and types..
* add some functions:
_citrus_memory_stream_bind_ptr()
_citrus_memory_stream_tell()
_citrus_memory_stream_ungetc()
_citrus_region_get_subregion()
* fix a bug in _citrus_memory_stream_seek().
Return the correct result. (broken in rev 1.56 -- Hi Christos!)
getgr{ent,nam,uid}_r():
Return 0 "entry not found" and errno for other failures.
("entry not found" still sets *result to NULL).
Various backends:
don't set the retval to errno (or modify errno) for NS_NOTFOUND.
Per discussion with Klaus Klein.
Return 0 "entry not found" and errno for other failures.
("entry not found" still sets *result to NULL).
Various backends:
don't set the retval to errno (or modify errno) for NS_NOTFOUND.
Per discussion with Klaus Klein.
conversion to construct a quiet NaN on hppa, mips, sh3, and sh5 as well.
Also, remove the portion constructing a ROP on vax; this is not required
by the standard, and in its consequences it is not an appropriate
substitute for a qNaN.
distinction between signalling NaNs and quiet NaNs back into the
machine-dependent headers; treat the implementation of __nanf in the
same spirit.
IEEE 754 leaves the distinction between signalling NaNs and quiet NANs
to the implementation, and unlike our headers used to suggest they're
not identical in the interpretation of the fraction's MSb; in due
course, make those of hppa, mips, sh3, and sh5 reflect reality.
as target for a bunch of MLINKS. This had the effect that whatever came
last in install overwrote everything from the other camp.
Solve this by renaming the libc page -- this makes sense because no
function is really named "getcap" here.
causes lint to complain because it sees both struct statvfs and struct
_statvfs. Fix by changing the macro to have arguments.
XXX[1]: Probably this should be done for the rest of the functions that have
the same names as struct tags.
XXX[2]: Is there a better way?