| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
| |
whitespace in this page;
ok deraadt
|
| |
|
|
| |
from <Edgar at Pettijohn dash web dot com> on tech@
|
| | |
|
| |
|
|
|
|
|
|
|
| |
this attribute. The kernel does so for main-process stacks at execve() time,
pthread stack functions do so for new stacks, and stacks provided to
sigaltstack() and other user-provided stacks will need to be allocated
in that way.
Not required yet, but paving the way.
Work done with stefan
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
strings.
this was part of a demo showing how to implement the kernel side of
sysctl(3) for setting Semantically Opaque Interface Identifier key
material (for RFC 7217), but it seems to be the most straightforward
path toward integrating soiikey handling and rc.
Originally written by dlg, who commited it some time ago on my request.
I then backed it out again, now it's time to put it back in.
ok florian@ sthen@ naddy@ tb@
Man page bits tweaked & OK jmc
|
| | |
|
| |
|
|
|
|
|
| |
listeners of device state changes.
currently only supports NOTE_CHANGE that will be used by drm(4)
ok kettenis@
|
| | |
|
| | |
|
| |
|
|
| |
Reminded by jmc@
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
and put it to use in userspace in lieu of the kern.boottime
sysctl.
Its absolute value is the time that has elapsed since the
system booted, i.e., the system uptime.
Use in top(1), w(1), and snmpd(8) eliminates a race with
settimeofday(2), adjtime(2), etc. inherent to deriving the
system uptime via the kern.boottime sysctl.
Product of a great deal of discussion/revision with jca@, tb@,
and guenther@.
ok tb@ jca@ guenther@ dlg@ mlarkin@ tom@
|
| |
|
|
|
| |
patch from Jan Stary <hans at stare dot cz>;
"I think it makes sense to speak about errno as a variable (.Va)" jca@.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
pledge for a new execve image immediately upon start. Also introduces
"error" which makes violations return -1 ENOSYS instead of killing the
program ("error" may not be handed to a setuid/setgid program, which
may be missing/ignoring syscall return values and would continue with
inconsistant state)
Discussion with many
florian has used this to improve the strictness of a daemon
|
| |
|
|
|
|
|
|
|
| |
to builtins like mem{set,cpy,move} and __stack_smash_handler. So, when
building with clang, instead mark those as protected visibility to get rid
of the PLT relocations. We can't take the address of them then, but that's
ok: it's a build-time error not a run-time error.
ok kettenis@
|
| |
|
|
|
|
| |
sufficiently and at least one horrific security hole was the result.
ok deraadt@ beck@
|
| |
|
|
| |
one of the bugs reported by <ilya dot kaliman at gmail dot com> via jmc@
|
| |
|
|
| |
ok jmc@
|
| |
|
|
|
|
| |
Add a few errors that were previously undocumented.
ok jmc@
|
| |
|
|
| |
ok jmc@
|
| |
|
|
|
| |
EADDRNOTAVAIL if local address is not available.
OK deraadt@ millert@
|
| |
|
|
|
| |
to receive sendsyslog(2) messages.
discussed with martijn@; OK jmc@ deraadt@
|
| |
|
|
| |
okay bluhm@, deraadt@
|
| |
|
|
| |
requested by jmc@
|
| |
|
|
|
|
| |
and delete misleading parts from the CAVEATS;
issue reported by <ScottCheloha at gmail dot com> on bugs@;
OK espie@ millert@
|
| |
|
|
| |
ok jca@ kettenis@ deraadt@
|
| |
|
|
|
|
|
|
| |
pthread_exit from libpthread to libc, along with low-level bits to
support them. Major bump to both libc and libpthread.
Requested by libressl team. Ports testing by naddy@
ok kettenis@
|
| | |
|
| |
|
|
| |
calculate them as done for other objects
|
| |
|
|
|
|
| |
according to POSIX. Bring regression test and kernel in line for
amd64 and i386. Other architectures have to follow.
OK deraadt@ kettenis@
|
| |
|
|
|
| |
Do the same in sendsyslog(2) and document the behavior.
reported by Ilja Van Sprundel; OK millert@ deraadt@
|
| |
|
|
| |
ok jmc@ visa@
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
when something went wrong. This allows to monitor whether the
system is under attack and that the attack has been prevented by
OpenBSD pledge(2).
OK deraadt@ millert@ jmc@
|
| |
|
|
|
| |
From FreeBSD via Jan Schreiber <jes at posteo ! de>, thanks!
OK tedu, bluhm
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
function calls, but instead a "class" of functions like "sigsetops".
Rename to sigaddset", and while at it improve documentation in sigprocmask(2)
to point to it.
ok tedu
|
| |
|
|
| |
with the other pid-specific details.
|
| |
|
|
| |
OK jmc@
|
| |
|
|
|
| |
discarded by the kernel. Document that at least one pending signal
will be delivered before sigprocmask() returns.
|
| |
|
|
|
|
|
| |
not exist or is not a child of the calling process.
Document what happens when SIGCHLD is ignored or SA_NOCLDWAIT is
set in sa_flags (this part from FreeBSD).
OK guenther@
|
| |
|
|
| |
Inputs from guenther@, ok kettenis@, visa@
|
| |
|
|
| |
With schwarze@
|
| | |
|
otto
jmc
schwarze
deraadt
florian
robert
mpi
cheloha
guenther
tobias
bluhm
espie
jsg
tedu
dlg
mikeb
sthen
millert