Commit Graph

2394 Commits

Author SHA1 Message Date
kre 872f7801f3 Do as the manual says, and use _PATH_DEFPATH if PATH is not present in
the environment rather than simply turning into posix_spawn() in that case.

Also, we cannot use strtok() to parse PATH, the semantics don't fit the API.
Borrow the guts of execvp for the PATH search.

We still simply check for a file with 'x' permission, and assume that one
will do, whatever it is, which isn't really correct, but ...
2020-05-11 14:54:34 +00:00
maya b47e7497df Don't add getentropy.c to the build (remove symbol from libc)
Still being discussed in tech-userlevel. If we wait any longer someone
is going to try the excuse that the discussion is entirely pointless, since
removing symbols is too hard.
2020-05-10 19:36:49 +00:00
wiz 94cffb35ae Fix macro usage. Fix typo. New sentence, new line. 2020-05-07 12:55:06 +00:00
nia 5e1fba1a1e Add getentropy() to libc - a simple wrapper to access the kernel CSPRNG.
Posted to tech-userlevel@ a week ago and reviewed by riastradh@.

GETENTROPY(3)		   Library Functions Manual		 GETENTROPY(3)

NAME
     getentropy - fill a buffer with high quality random data

LIBRARY
     Standard C Library (libc, -lc)

SYNOPSIS
     #include <unistd.h>

     int
     getentropy(void *buf, size_t buflen);

DESCRIPTION
     The getentropy() function fills a buffer with high quality random data,
     suitable for seeding cryptographically secure psuedorandom number
     generators.

     getentropy() is only intended for seeding random number generators and is
     not intended for use by regular code which simply needs secure random
     data.  For this purpose, please use arc4random(3).

     The maximum value for buflen is 256 bytes.

IMPLEMENTATION NOTES
     getentropy() reads from the sysctl(7) variable kern.arandom.

RETURN VALUES
     The getentropy() function returns 0 on success, and -1 if an error
     occurred.

ERRORS
     getentropy() will succeed unless:

     [EFAULT]		The buf argument points to an invalid memory address.

     [EIO]		Too many bytes were requested.

SEE ALSO
     arc4random(3), rnd(4)

STANDARDS
     The getentropy() function is non-standard.

HISTORY
     The getentropy() function first appeared in OpenBSD 5.6, then in
     FreeBSD 12.0, and NetBSD 10.
2020-05-06 16:17:36 +00:00
joerg 18796b949c Explicitly use -fcommon for globals shared between libc and CSU. 2020-04-22 23:32:25 +00:00
joerg 25a494ecc4 Rename __atomic_fork to __locked_fork and give it &errno as argument.
rtld and libc use different storage, so the initial version would
incorrectly report the failure reason for fork().

There is still a small race condition inside ld.elf_so as it doesn't use
thread-safe errno internally, but that's a more contained internal
issue.
2020-04-19 01:06:15 +00:00
joerg 11954c74b6 Introduce intermediate locking for fork, so that the dynamic linker is
in a consistent state. This most importantly avoids races between dlopen
and friends and fork, potentially resulting in dead locks in the child
when it itself tries to acquire locks.
2020-04-16 14:39:58 +00:00
wiz acf9dc2f4e Add comma in enumeration. 2020-03-30 22:14:48 +00:00
maya 5ff881a534 Mention elf rather than a.out some more.
(Also, inspired by freebsd, which removed the non-elf support)
2020-03-30 20:37:03 +00:00
maya d4a8a6057f xref elf(5). 2020-03-30 20:35:12 +00:00
maya 9ced62b43c Be less of a minefield for new architectures. They're not going to be a.out.
Remove sh5, long gone.
(Hopefully nothing hits the #else case)
2020-03-30 20:34:11 +00:00
christos 454e43c47d Add sysloglike attr. 2020-03-02 15:30:25 +00:00
christos f064f71d05 fix print-like attrs 2020-03-02 14:18:50 +00:00
christos 74707f6a8a PR/55041: Fix printf format in syslog(3) error message. 2020-03-02 14:10:24 +00:00
kamil 31ebab1943 Revert previous
'git grep' breaks now.
2020-02-01 18:14:16 +00:00
kamil 089c97bd22 Switch atform allocations from malloc()+free() to mmap()+munmap()
This avoid bootstrapping malloc too early when libc+libpthread are not
ready. It is called through pthread__init() -> _pthread_atfork().

This also helps LLVM Leak Sanitizer to pacify false positive reports.
2020-02-01 15:38:46 +00:00
msaitoh a5effc3ce9 s/inital/initial/ 2019-12-27 09:25:57 +00:00
joerg ae9905d569 PR 54619: Remove semaphore limit introduce as part of GSoC 2016 with
_SC_SEM_NSEMS_MAX. Report no limit for getconf(3). The ressource is
naturally limited by the backing file descriptor, so no separate limit
is necessary. Keep the accounting for debugging as it is part of the
sysctl ABI exposed by the kernel.
2019-12-15 20:25:25 +00:00
maya 27d953155b Provide sysconf(_SC_RTSIG_MAX) = SIGRTMAX - SIGRTMIN
Thanks nros@ for the correct definition
2019-10-16 20:43:18 +00:00
uwe 86bd1b8280 getlogin_r: use strcpy(). We check namelen before copying the result.
gcc 8 -Wstringop-overflow is uhappy when the specified bounds depend
on the length of the source and is not smart enough to see the check
we do.  Besides we don't want the padding effect of strncpy() here.
2019-10-05 19:19:51 +00:00
christos accd2f2682 lint is not smart enough to figure out that ilog2() is constant. 2019-09-23 18:17:03 +00:00
kamil 889b81b138 Remove _INCOMPLETE_XOPEN_C063, no longer needed 2019-09-16 01:25:16 +00:00
wiz 5ac2498fa8 Fix markup, and remove two superfluous Pp. 2019-09-15 07:01:13 +00:00
christos 9aeb91c2c4 fix wrong names and add markup 2019-09-15 01:03:23 +00:00
wiz fb6187f957 Remove superfluous Pp. 2019-09-01 19:36:09 +00:00
sevan f769ad4c22 Document history of exec()
Move statement on execlpe() & execvpe() to HISTORY section.
2019-09-01 19:33:45 +00:00
kamil 1a5f018b01 Enhance the support of LLVM sanitizers
Define _REENTRANT for MKSANITIZER build. This is needed for at least stdio
code. This caused new build issued with duplicated symbols in few places
and rump kernel code picking different code paths borrowed from libc.
Handle all this in one go.

Add bsd.sanitizer.mk to share common code used by programs and libraries.

Switch from realall to beforeinstall target in .syms files. This is more
reliable in MKSANITIZER.
2019-08-27 22:48:53 +00:00
wiz f525fbd105 Fix typo. 2019-06-12 12:32:54 +00:00
kamil 212f28ad56 Rephrase sentence about vfork+exec in posix_spawn(3)
Try to make it less confusing.

Requested by <joerg>
2019-06-12 12:26:24 +00:00
kamil a2bdb35ead Document that posix_spawn(3) uses a dedicated syscall
vfork+exec operations are done in one go. This is important information for
programs that wrap posix_spawn(3).
2019-06-12 00:05:48 +00:00
wiz afa9490a07 Quote the name "Ed" to avoid confusion with the macro "Ed". 2019-06-11 12:49:21 +00:00
kamil 93e6f7a330 Correct outdated note that posix_spawn(3) is implemented with vfork(2)
The original FreeBSD libc code uses vfork(2), it's not the case for NetBSD
as there is a dedicated kernel syscall.
2019-06-11 12:47:34 +00:00
christos 2f3bda949c Add GLOB_TILDE_CHECK (from GNU) 2019-05-29 01:21:33 +00:00
bad a057d46c24 Clarify that strunvisx() and strnunvisx() take the same flags as unvis().
Document VIS_NOESCAPE for unvis().
Bump date.
2019-05-08 15:37:41 +00:00
maya 30a5aeb5c6 Unify signbitl implementations.
(Unclear why they were different, it was only the comments that
differed)

Add a comment describing why the generic version works for both 80-bit
and 128-bit double.
2019-04-26 09:03:46 +00:00
wiz 928749aba2 Fix typo. 2019-03-12 22:21:53 +00:00
kre df01b8ae2e PR lib/54053
When auto scaling, and the buffer is bigger than big enough
for the biggest possible number, don't try and calculate
the max value that will fit in the buffer - that calc
will overflow (guaranteed) and is useless, the value
we're formatting cannot possibly be bigger.  So simply
use the unscaled value (the raw number).

While here, also avoid returning values that are larger
than the buffer len ... while it would be nice to be able
to find out how big the buffer should be so the data will
fit, the interface doesn't really allow that (the buffer
length passed in controls the scaling - at least when
auto scaling) and the code already does "return -1" when
it detects the buffer length is too small, even before
it works out how much would have been needed.  So, rather
than returning a value > len (while truncating the result
to fit in len ... all courtesy of snprintf()) return -1
in this case as well.

Also, allow suffix==NULL (meaning "") - there's no reason
not to, and requiring users to pass in an explicit "" is
not useful.
2019-03-11 15:10:51 +00:00
christos dae7fb3e37 appease string + int warning. 2019-02-18 20:27:20 +00:00
christos c959ea2c0d PR/53904: Jintao Zhu: Use a mutex instead of an rwlock to assure thread safety 2019-01-24 18:01:38 +00:00
wiz f401b5d182 Use \- for minus. 2019-01-15 07:01:01 +00:00
uwe 3e392f0443 Fly, nasal demons, fly away... 2019-01-15 03:43:15 +00:00
riastradh f5a847d300 Use the same variable for the locale example. 2019-01-15 03:30:58 +00:00
uwe 326784a6c3 Don't talk about "the first argument" when there's only one. 2019-01-15 01:23:49 +00:00
uwe 31759755bb Fix markup pasto. 2019-01-15 01:13:49 +00:00
uwe 2a102dd013 Remove the extra cast to int in the CAVEATS example.
We removed it from EXAMPLES a few releases ago.
2019-01-15 01:11:03 +00:00
uwe 893d5ca890 Fix typo in macro flag. 2019-01-15 00:43:32 +00:00
riastradh 2712861341 Expand on correct and incorrect usage, and on compiler warnings.
Give an example program with the warning, and some example nonsense
outputs.  Also note why glibc's approach doesn't solve the problem.
2019-01-15 00:31:19 +00:00
msaitoh 169880b3b2 "s/ an an / an /" in comment. No functional change. 2018-11-08 06:43:52 +00:00
kre d794b9b637 HACK: if calling dirname() with the results of a previous dirname()
there is no need to copy the path into the output buffer, it is already
there....

All this has to change to become compat with a forthcoming POSIX update.
2018-09-27 00:45:34 +00:00
maxv c698ced324 fix references, the things were moved into netipsec/ a while ago 2018-09-06 09:28:00 +00:00
wiz 4e9665c6ea Sort SEE ALSO. 2018-08-13 06:08:48 +00:00
kamil c85fcdfeed Merge FreeBSD improvements to the man-page of timespec_get(3)
Keep NetBSD references instead of FreeBSD ones included in the FreeBSD
version.
2018-08-10 20:35:52 +00:00
kamil 21d1b523b3 Avoid undefined behavior in ftok(3)
Do not change the signedness bit with a left shift operation.
Cast to unsigned integer to prevent this.

ftok.c:56:10, left shift of 123456789 by 24 places cannot be represented in type 'int'
ftok.c:56:10, left shift of 4160 by 24 places cannot be represented in type 'int'

Detected with micro-UBSan in the user mode.
2018-07-26 00:05:28 +00:00
joerg 33bc134aba Avoid complicated arithmetic involving NULL. 2018-05-16 20:21:39 +00:00
pgoyette 2829446e9d Fix typos, as reported by Eitan Adler. Update dates. 2018-02-07 11:16:05 +00:00
kamil 1bcc014257 Revert to commits as they broke few rump tests
"Include namespace.h in a few of libc source files
[...]
    This change finishes elimination of usage of the global name of the
    following symbols:
      - close -> _close
      - execve -> _execve
      - fcntl -> _fcntl
      - setcontext -> _setcontext
      - wait6 -> _wait6
      - write -> _write
      - writev -> _writev"

"Register more syscalls in namespace.h (of libc)

    Add weak symbols for:
     - fcntl
     - close
     - execve
     - setcontext
     - wait6
     - write
     - writev"

These changes broke:

    fs/nfs/t_rquotad:get_nfs_be_1_both
    fs/nfs/t_rquotad:get_nfs_be_1_group
    fs/nfs/t_rquotad:get_nfs_be_1_user
    fs/nfs/t_rquotad:get_nfs_le_1_both
    fs/nfs/t_rquotad:get_nfs_le_1_group
    fs/nfs/t_rquotad:get_nfs_le_1_user
    lib/librumphijack/t_config:fdoff
    lib/librumphijack/t_tcpip:http
    lib/librumphijack/t_tcpip:nfs
    lib/librumphijack/t_vfs:cpcopy
    lib/librumphijack/t_vfs:mv_x
    lib/librumphijack/t_vfs:paxcopy
    net/net/t_forwarding:ipforwarding_fastforward_v4
    net/net/t_forwarding:ipforwarding_fastforward_v6
    net/net/t_forwarding:ipforwarding_fragment_v4
    net/net/t_forwarding:ipforwarding_misc
    net/net/t_mtudisc6:mtudisc6_basic

This revert fixes the failures, except lib/librumphijack/t_vfs.

The original changes were added in order to facilitate a usage of
sanitizers against programs linked with NetBSD's libc. It is no longer
needed, so abandon these changes.

Sponsored by <The NetBSD Foundation>
2018-01-17 01:24:29 +00:00
kamil 575eeceb5d Include namespace.h in a few of libc source files
The NetBSD Standard C Library uses internally some of its functions with
a mangled symbol name, usually "_symbol". The internal functions shall not
use the global (public) symbols.

This change finishes elimination of usage of the global name of the
following symbols:
  - close -> _close
  - execve -> _execve
  - fcntl -> _fcntl
  - setcontext -> _setcontext
  - wait6 -> _wait6
  - write -> _write
  - writev -> _writev

Sponsored by <The NetBSD Foundation>
2018-01-05 19:01:36 +00:00
kamil c5b83981a9 Add bunch of missing includes of namespace.h in libc
The NetBSD Standard C Library uses internally some of its functions with
a mangled symbol name, usually "_symbol". The internal functions shall not
use the global (public) symbols.

This change eliminates usage of the global changes of the following symbols:
 - strlcat -> _strlcat
 - sysconf -> __sysconf
 - closedir -> _closedir
 - fparseln -> _fparseln
 - kill -> _kill
 - mkstemp -> _mkstemp
 - reallocarr -> _reallocarr
 - strcasecmp -> _strcasecmp
 - strncasecmp -> _strncasecmp
 - strptime -> _strptime
 - strtok_r -> _strtok_r
 - sysctl -> _sysctl
 - dlopen -> __dlopen
 - dlclose -> __dlclose
 - dlsym -> __dlsym

Sponsored by <The NetBSD Foundation>
2018-01-04 20:57:28 +00:00
rin fd569112f9 Revert change made by rev 1.11; now, fmtcheck(3) does not complain about
unused trailing arguments as before.

See also discussion on tech-userland:
http://mail-index.netbsd.org/tech-userlevel/2017/12/07/msg011019.html
2017-12-13 06:43:45 +00:00
abhinav b2e12d0489 Add ctype to the NAME section (as this is a man page for ctype)
Remove rest of the names from the NAME section
(These names have their own individual man pages, as such it doesn't make sense
 to have their names in the NAME section in this man page as well. Moreover,
 we have been trying to fix such man pages so that apropos(1)/whatis(1) are
 able to search these man pages. Other examples of such fixed man pages include
 memory(3), string(3) etc.)

ok wiz@
2017-12-12 14:13:52 +00:00
dholland 6dc0f13680 The list of async-signal-safe functions got moved to sigaction(2). 2017-12-06 16:38:22 +00:00
rin d2b4f0d1a5 Fix possible use of uninitialized variable in case of WIN32 && !_WIN64. 2017-12-06 14:05:14 +00:00
rin c084bfdff8 Teach fmtcheck(3) about wint_t, intmax_t, char *, intmax_t *, and wide string
arguments. Taken from FreeBSD:
https://svnweb.freebsd.org/base/head/lib/libc/gen/fmtcheck.c#rev181154
2017-12-06 12:32:02 +00:00
rin 41130f53d9 Teach fmtcheck(3) about the ' (thousands separator) flag. Taken from FreeBSD:
https://svnweb.freebsd.org/base/head/lib/libc/gen/fmtcheck.c#rev143905
2017-12-06 12:30:27 +00:00
rin efd7892a37 Teach fmtcheck(3) about the flags a, A, F, G, t, and z. Taken from FreeBSD:
https://svnweb.freebsd.org/base/head/lib/libc/gen/fmtcheck.c#rev117014
2017-12-06 12:28:53 +00:00
rin 75399b3dca Correct oversight of wrong format string with fewer number of arguments than
default format string has.
2017-12-06 11:33:34 +00:00
christos 2817b6ef18 Use 16x instead of 4x the amount of space since each wint_t can result in
4 bytes of 4 characters ("\ooo") each.
2017-11-27 16:37:21 +00:00
abhinav 99c134c1ef Add missing functions from the SYNOPSIS to the NAME section 2017-10-24 19:14:55 +00:00
abhinav 64d5a81edc Use commas at the right places in the NAME section 2017-10-24 19:07:12 +00:00
abhinav e4ba874d49 Add missing functions from the SYNOPSIS to the NAME section 2017-10-24 19:04:58 +00:00
abhinav 6180428e00 Remove trailing comma after last Nm entry in the NAME section 2017-10-24 18:54:03 +00:00
abhinav 878bf2901f Add getpass_r and getpassfd to the NAME section as well. 2017-10-24 18:50:46 +00:00
abhinav fb69a07bd7 Fix typo: s/cexpandtc/csetexpandtc
The synopsis and description mention only csetexpandtc function.
nxr also only shows csetexpandtc while no matches for cexpandtc.
2017-10-24 18:42:06 +00:00
maya 072aa72f29 move VAX notes to CAVEATS, clarify. 2017-09-27 18:55:50 +00:00
maya 88374bbe62 Move VAX notes to CAVEATS, clarify that it just returns zero
The VAX isinf implementation is in sys/arch/vax/include/math.h.
2017-09-27 09:04:30 +00:00
wiz cf8f895d5c Remove superfluous Tn. 2017-09-18 08:48:23 +00:00
abhinav 4d2c8c35f1 Add execlpe and execvpe to the NAME section 2017-09-17 11:45:10 +00:00
wiz 33c74a490b Fix typo. 2017-09-10 10:12:43 +00:00
wiz 3a20565680 Sort sections. Make error descriptions complete sentences. 2017-09-10 10:12:21 +00:00
kre 9a7908da70 Fix a typo, and some wording improvements. 2017-09-10 00:49:40 +00:00
kamil cb1261ae47 Remove the BUGS section from devname(3)
devname(3) does not report type of error on purpose.

Suggested by <kre>
2017-09-09 18:45:04 +00:00
kamil d4fa9170e4 Install new man-page devname_r(3).
This is a link to devname(3).
2017-09-09 18:18:27 +00:00
kamil aeb1b62621 Document devname_r(3) in devname(3).
Improve clarity of devname(3) mentioning that it returns a pointer to the
buffer pointer. This approach is not thread-safe and not reentrant.

Not that devname(3) does not set errno on failure and document it as a bug.
2017-09-09 18:00:39 +00:00
wiz b7a4e7c758 Remove superfluous Pp. 2017-08-05 20:22:29 +00:00
ginsbach 2c7d87026b There are more than four types of encoding. The combination of
VIS_CSTYLE | VIS_OCTAL is different from either separately.
2017-08-04 01:06:22 +00:00
wiz 01869ca4d2 Remove workaround for ancient HTML generation code. 2017-07-03 21:28:48 +00:00
manu 6a05c304af Make shared -DSMALL libc buildable without breaking libhack
We used -DSMALL to exclude code from libc in order to build
libhack. Introduce -DLIBHACK to do this without so that
-DSMALL does not remove code necessary for building a shared libc
2017-06-18 03:56:39 +00:00
christos eeb345227e Don't make assert use stdio; saves >100K on an empty static binary. 2017-05-15 16:09:09 +00:00
wiz 0456c39519 Formatting and punctuation improvements. 2017-05-14 12:35:46 +00:00
kre 486691905e Add the new signalname/signalnext/signalnumber interface to libc.
This as discussed on current-users in the thread
entitled:
  Proposal: new libc/libutil functions to map SIGXXXX <-> "XXXX"
that can be found (starting at):
  http://mail-index.netbsd.org/current-users/2017/04/28/msg031600.html

These functions provide the mechanism to enable applications
to divorce themselves from internal details of the signal
implementation.

Libc minor bumped, prototypes in <signal.h>, sets lists updated (and sorted).

One and all: feel free to improve the sources & man page (etc), but
please do not change the function signatures without discussion.
2017-05-09 11:14:16 +00:00
christos 048b91431b use the symbolic M_ALL and trim with M_MASK 2017-05-08 14:42:16 +00:00
christos b8fc685b9a Switch from a recursive pattern matching algorithm to handle '*'
to a backtracking one. Avoids DoS attacks with patterns "a*a*a*a*a*...b"
matching against "aaaaaaaaaaaa..." https://research.swtch.com/glob
2017-04-26 14:56:54 +00:00
christos 882d7a48e8 fix typo (Leonardo Taccari) 2017-04-23 13:23:02 +00:00
christos 6f84e2e257 Add VIS_DQ (for OpenBSD compat) 2017-04-23 01:58:48 +00:00
maya b24bc65591 always initialize iovcnt
from clang static analyzer
2017-04-18 12:34:07 +00:00
christos 50dd7b358e Fix out of bounds read for very large numbers (pointed out by Brooks Davis)
https://svnweb.freebsd.org/changeset/base/316766
2017-04-13 17:45:56 +00:00
wiz 54c511cc9d Remove trailing whitespace. 2017-03-23 12:31:57 +00:00
kre 4b48a30a7a Unbreak build, init variable (not a false alarm for this one.) 2017-03-22 19:36:04 +00:00
roy 1b119018c7 openlog(3): add LOG_PTRIM and LOG_NLOG log options.
syslog(3) is the one stop method of logging system events and diagnostics.
When debugging a daemon in the foreground on a terminal, each line is
prefixed with tag[pid]: which is very repetative and can take up valuable
screen estate.
LOG_PTRIM solves this by removing this prefix from stderr output.

There is also the case where the debugging could involve a dry-run and
syslog(3) calls would pollute the system log with incorrect data.
LOG_NLOG solves this by not writing the the system log, but allowing
LOG_PERROR to operate as before.

Initially discussed here:
https://mail-index.netbsd.org/tech-userlevel/2016/10/06/msg010330.html
2017-03-22 17:52:36 +00:00
maya 7ab45b5b71 Remove redundant null check before free. it is safe to free(NULL)
While here, clear up odd whitespace issue. NFC
2017-03-09 11:39:41 +00:00