programs there; make all Makefiles that use bsd.hostprog.mk include it.
Namely turn off MKREPRO and don't make lint, man pages, info files etc.
Remove the Makefile.inc files that contained these same settings, and
remove the settings from Makefile.host
PR/53238: Robert Elz: Disable MKREPRO in tools; the host compiler might
not support the necessary options. This is done thusly:
1. Create Makefile.inc and set MKREPRO=no in it. Change the Makefiles that
include bsd.own.mk, to include bsd.init.mk which includes Makefile.inc
first. This will also allow us to control other tools options from a
single location if we need to.
2. Centralize NOMAN handling.
XXX: pullup-8
Add support for tracing vfork(2) events in the context of ptrace(2).
This API covers other frontends to fork1(9) like posix_spawn(2) or clone(2),
if they cause parent to wait for exec(2) or exit(2) of the child.
Changes:
- Add new argument to sigswitch() determining whether we need to acquire
the proc_lock or whether it's already held.
- Refactor fork1(9) for fork(2) and vfork(2)-like events.
Call sigswitch() from fork(1) for forking or vforking parent, instead of
emitting kpsignal(9). We need to emit the signal and suspend the parent,
returning to user and relock proc_lock.
- Add missing prototype for proc_stop_done() in kern_sig.c.
- Make sigswitch a public function accessible from other kernel code
including <sys/signalvar.h>.
- Remove an entry about unimplemented PTRACE_VFORK in the ptrace(2) man page.
- Permin PTRACE_VFORK in the ptrace(2) frontend for userland.
- Remove expected failure for unimplemented PTRACE_VFORK tests in the ATF
ptrace(2) test-suite.
- Relax signal routing constraints under a debugger for a vfork(2)ed child.
This intended to protect from signaling a parent of a vfork(2)ed child that
called PT_TRACE_ME, but wrongly misrouted other signals in vfork(2)
use-cases.
Add XXX comments about still existing problems and future enhancements:
- correct vfork(2) + PT_TRACE_ME handling.
- fork1(2) handling of scenarios when a process is collected in valid but
rare cases.
All ATF ptrace(2) fork[1-8] and vfork[1-8] tests pass.
Fix PR kern/51630 by Kamil Rytarowski (myself).
Sponsored by <The NetBSD Foundation>
Prohibit:
- calling PT_TRACE_ME by initproc (PID1),
- calling PT_ATTACH by initproc (PID1).
PID1 and its parent cannot become a tracer.
Sponsored by <The NetBSD Foundation>
proc_stoptrace() is dedicated for emitting a syscall trap for a debugger,
either on entry or exit of the system function routine.
Changes:
- Change an if() branch of an invalid condition of being traced by
initproc (PID1) to KASSERT(9).
- Assert that the current process has set appropriate flags (PSL_TRACED
and PSL_SYSCALL).
- Use ktrpoint(KTR_PSIG) and ktrpsig()/e_ktrpsig() in order to register
the emitted signal for the ktrace(1) event debugging.
Example of the new output from kdump(1) for the syscall debugger traps,
containing SIGTRAP notification with TRAP_SCE and TRAP_SCX (around
the getpid(2) call).
$ kdump /tmp/1.dat.qemu |grep 663
588 1 t_ptrace_waitpid RET fork 663/0x297
663 1 t_ptrace_waitpid EMUL "netbsd"
663 1 t_ptrace_waitpid RET fork 0
663 1 t_ptrace_waitpid CALL ptrace(PT_TRACE_ME,0,0,0)
663 1 t_ptrace_waitpid RET ptrace 0
663 1 t_ptrace_waitpid CALL _lwp_self
663 1 t_ptrace_waitpid RET _lwp_self 1
663 1 t_ptrace_waitpid CALL _lwp_kill(1,0x11)
663 1 t_ptrace_waitpid RET _lwp_kill 0
588 1 t_ptrace_waitpid RET __wait450 663/0x297
663 1 t_ptrace_waitpid CALL getpid
588 1 t_ptrace_waitpid RET __wait450 663/0x297
663 1 t_ptrace_waitpid PSIG SIGTRAP SIG_DFL: code=TRAP_SCE, addr=0x0, trap=0)
663 1 t_ptrace_waitpid RET getpid 663/0x297, 588/0x24c
588 1 t_ptrace_waitpid RET __wait450 663/0x297
663 1 t_ptrace_waitpid PSIG SIGTRAP SIG_DFL: code=TRAP_SCX, addr=0x0, trap=0)
663 1 t_ptrace_waitpid CALL exit(5)
588 1 t_ptrace_waitpid RET __wait450 663/0x297
Sponsored by <The NetBSD Foundation>
already fixed half of the problem two months ago in rev1.67, back then I
thought it was not triggerable because each packet we emit is guaranteed
to have correctly formed IPv6 options; but it is actually triggerable via
IPv6 forwarding, we emit a packet we just received, and we don't sanitize
its options before invoking IPsec.
Since it would be wrong to just stop the iteration and continue the IPsec
processing, allow compute_ipsec_pos to fail, and when it does, drop the
packet entirely.
not support the necessary options. This is done thusly:
1. Set MKREPRO=no in Makefile.host. This handles all the Makefiles that
use it and don't include bsd.own.mk.
2. Create Makefile.inc and set MKREPRO=no in it. Change the Makefiles that
include bsd.own.mk, to include bsd.init.mk which includes Makefile.inc
first. This will also allow us to control other tools options from a
single location if we need to.
XXX: pullup-8
christos