| Age | Commit message (Collapse) | Author |
|---|
|
Add strtonumx(), a companion to strtonum(3) that preserves its safety
and error-reporting semantics while allowing the caller to specify a
conversion base, similar to the strtol(3) family of functions.
Reviewed by: emaste, kib, ziaee
Obtained from: https://www.illumos.org/issues/15365
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D54270
|
|
This new function computes the alignment of a pointer.
It is part of ISO/IEC 9899:2024, the new C standard.
If the pointer is a null pointer, null is returned.
I have tried to write an implementation that can cope
with traditional address-based architectures, even if
size_t and uintptr_t are of different length. Adjustments
may be needed for CHERI though.
A man page is provided, too. No unit test for now.
Reviewed by: kib, imp, ziaee (manpages), pauamma@gundo.com
Approved by: markj (mentor)
MFC after: 1 month
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D53673
|
|
This function from OpenBSD is a hybrid of reallocarray() and calloc().
It reallocates an array, clearing any newly allocated items.
reallocarray() ultimately originates from OpenBSD.
The source is taken from lib/libopenbsd, which now no longer has the
function unless when bootstrapping (needed for mandoc).
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D52863
|
|
This is a calque of the NetBSD function of the same name.
MFC after: never
Relontes: yes
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D49979
|
|
Summary:
This reverts commit d7efac1be1441c122f7fb9de51a409172f21326c.
This reverts commit 9d0eea9422d075c8a6924b33161d2d5abfb4072a.
Some ports (specifically Python) define __BSD_VISIBLE themselves, so
the change from __BSD_VISIBLE to __POSIX_VISIBLE >= 202405 makes them
fail.
Reported by: jrtc27, cperciva
|
|
Some of the POSIX 202405L functions are already in the system, make
them visible when appropriate.
Reviewed by: imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D47859
|
|
The immediately obvious and attractive targets from <stdlib.h> are
arc4random_buf(3) and realpath(3) -- scraping the header didn't reveal
much else of interest.
Reviewed by: markj
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D45681
|
|
TinyC doesn't support the .symver assembler directive. Add a generic way
to signal this and use that not to define __sym_() macros that use
it. Only use the __sym_* macros in headers when they are defined (which
currently is only for the qsort_r compat code. Not supporting this for
tcc is fine: It's an edge case for legacy binaries / code anyway which
isn't relevant to tinyc.
Sponsored by: Netflix
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D45651
|
|
This non-standard type is unused in the base system (__ct_rune_t or
__rune_t are used instead) and ports. It has been around as long as our
current source repo, but we have avoided using it. In sys/_types.h
where the __*rune_t typedefs are defined, the following appears in a
comment:
NOTE: rune_t is not covered by ANSI nor other standards, and should
not be instantiated outside of lib/libc/locale. Use wchar_t.
The definition of this unused type meant we gratutiously differed from
standards compliant stddef.h/stdlib.h.
PR: 279357 (exp-run by antoine)
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D45426
|
|
quick_exit() can call other functions, and we don't guarantee it calls
std::terminate should those other functions throw exceptions. And to
make it do so has ABI complications for libc. Until that's sorted out,
revert this noexcept (but leave a comment behind so people will find
this commit message)
Requested by: kib
Sponsored by: Netflix
|
|
The noexcept specifier is required on these functions in C++:
_Exit(), atexit(), quick_exit(), at_quick_exit(), abort().
MFC after: 2 weeks
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1085
|
|
Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.
Sponsored by: Netflix
|
|
Remove /^\s*\*+\s*\$FreeBSD\$.*$\n/
|
|
Some points for the future:
- libc is not the right place for sorting algorithms.
Probably libutil is better suited for this purpose or
a dedicated libsort. Should move all sorting algorithms
away from libc eventually.
- CheriBSD uses capabilities for memory access, and could
benefit from a standard memswap() function.
- Do something about qsort() in FreeBSD's libc like:
- Mark it deprecated on FreeBSD, as a first step,
due to missing limits on CPU time.
- Audit the use of qsort() in the FreeBSD base system
and consider swapping to other existing sorting
algorithms.
Discussed with: brooks@
Differential Revision: https://reviews.freebsd.org/D36493
This reverts commit a7469c9c0a504a5e6e9b89e148cd78df5e67ff7f.
This reverts commit 7d65a450cdcc7cc743f2ecd114ba3428a21c0033.
This reverts commit 8dcf3a82c54cb216df3213a013047907636a01da.
|
|
Fixes build of Python:
/usr/include/stdlib.h:409:1: error: unknown type name 'errno_t'
errno_t bsort_s(void *, rsize_t, rsize_t,
Reported by: vishwin@
MFC after: 1 week
Sponsored by: NVIDIA Networking
Differential Revision: https://reviews.freebsd.org/D36493
|
|
The bsort(3) algorithm works by swapping objects, similarly to qsort(3),
and does not require any significant amount of additional memory.
The bsort(3) algorithm doesn't suffer from the processing time issues
known the plague the qsort(3) family of algorithms, and is bounded by
a complexity of O(log2(N) * log2(N) * N), where N is the number of
elements in the sorting array. The additional complexity compared to
mergesort(3) is a fair tradeoff in situations where no memory may
be allocated.
The bsort(3) APIs are identical to those of qsort(3), allowing for
easy drop-in and testing.
The design of the bsort(3) algorithm allows for future parallell CPU
execution when sorting arrays. The current version of the bsort(3)
algorithm is single threaded. This is possible because fixed areas
of the sorting data is compared at a time, and can easily be divided
among different CPU's to sort large arrays faster.
Reviewed by: gbe@, delphij@, pauamma_gundo.com (manpages)
Sponsored by: NVIDIA Networking
Differential Revision: https://reviews.freebsd.org/D36493
|
|
Sponsored by: Netflix
Reviewed by: delphij
Differential Revision: https://reviews.freebsd.org/D39076
|
|
Add mostly glibc and msl compatible secure_getenv. Return NULL if
issetugid() indicates the process is tainted, otherwise getenv(x). The
rational behind this is the fact that many Linux applications use this
function instead of getenv() as it's widely consider a, "best
practice".
Reviewed by: imp, mjg (feedback)
Pull Request: https://github.com/freebsd/freebsd-src/pull/686
Signed-off-by: Lucy Marsh <seafork@disroot.org>
|
|
Signed-off-by: Elyes Haouas <ehaouas@noos.fr>
|
|
This reverts commit 43703bc489ec504b947b869045c492ed38c1a69c.
Reviewed by: jrtc27
Differential Revision: https://reviews.freebsd.org/D38216
|
|
GCC 12 (unlike GCC 9) does not match a function argument passed to the
old qsort_r() API (as is used in the qsort_r_compat test) to a
function pointer type via __generic. It treats the function type as a
distinct type from a function pointer. As a workaround, add a second
definition of qsort_r for GCC 12 which uses the bare function type.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D37410
|
|
glibc-based interface.
Unfortunately, the glibc maintainers, despite knowing the existence
of the FreeBSD qsort_r(3) interface in 2004 and refused to add the
same interface to glibc based on grounds of the lack of standardization
and portability concerns, has decided it was a good idea to introduce
their own qsort_r(3) interface in 2007 as a GNU extension with a
slightly different and incompatible interface.
With the adoption of their interface as POSIX standard, let's switch
to the same prototype, there is no need to remain incompatible.
C++ and C applications written for the historical FreeBSD interface
get source level compatibility when building in C++ mode, or when
building with a C compiler with C11 generics support, provided that
the caller passes a fifth parameter of qsort_r() that exactly matches
the historical FreeBSD comparator function pointer type and does not
redefine the historical qsort_r(3) prototype in their source code.
Symbol versioning is used to keep old binaries working.
MFC: never
Relnotes: yes
Reviewed by: cem, imp, hps, pauamma
Differential revision: https://reviews.freebsd.org/D17083
|
|
The clearenv(3) function allows us to clear all environment
variable in one shot. This may be useful for security programs that
want to control the environment or what variables are passed to new
spawned programs.
Reviewed by: scf, markj (secteam), 0mp (manpages)
Differential Revision: https://reviews.freebsd.org/D28223
|
|
We no longer support old versions of GCC. Remove this check by
assuming it's false. That will make the entire expression false. Also
remove support for Intel compiler, it's badly bitrotted. Technically,
this removes support for C89 and K&R from compilers that don't define
_Bool in those compilation environments as well. I'm unaware of any
working compiler today for which that would be relevant (pcc has it
and tcc sadly isn't working for other reasons), though if one
pops up in ports, I'll work to resolve the issue.
Notes:
svn path=/head/; revision=367028
|
|
- Hide ptsname_r under __BSD_VISIBLE for now as the specification
is not finalized at this time.
- Keep Symbol.map sorted.
- Avoid the interposing of ptsname_r(3) from an user application
from breaking ptsname(3) by making the implementation a static
method and call the static function from ptsname(3) instead.
Reported by: kib
Reviewed by: kib, jilles
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D26845
Notes:
svn path=/head/; revision=366866
|
|
MFC after: 2 weeks
PR: 250062
Reviewed by: jilles, 0mp, Ray <i maskray me>
Differential Revision: https://reviews.freebsd.org/D26647
Notes:
svn path=/head/; revision=366781
|
|
rand(3)'s standard C API is extremely limiting, but we can do better
than the historical 32-bit state Park-Miller LCG we've shipped since
2001: r73156.
The justification provided at the time for not using random(3) was that
rand_r(3) could not be made to use the same algorithm. That is still
true. However, the irrelevance of rand_r(3) is increasingly obvious.
Since that time, POSIX has marked the interface obsolescent. rand_r(3)
never became part of the standard C library. If not for API
compatibility reasons, I would just remove rand_r(3) entirely.
So, I do not believe it is a problem for rand_r(3) and rand(3) to
diverge.
The 12 ABI is maintained with compatibility definitions, but this
revision does subtly change the API of rand(3). The sequences of
pseudorandom numbers produced in programs built against new versions of
libc will differ from programs built against prior versions of libc.
Reviewed by: kevans, markm
MFC after: no
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D23290
Notes:
svn path=/head/; revision=357382
|
|
to port software written for Linux variant of qsort_r(3).
Reviewed by: kib, arichardson
MFC after: 2 weeks
Relnotes: yes
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D23174
Notes:
svn path=/head/; revision=356909
|
|
And remove the inline/deprecated attribute use entirely in stdlib.h, from
r355747. The intent was to provide a buildable API transitionary period, but
clearly that was counter-productive.
Reported by: delphij, imp, others
Notes:
svn path=/head/; revision=355776
|
|
The legacy version of GCC4 currently in base does not support the
parameterized form of this function attribute, as recent introduced in
stdlib.h (r355747).
As we have done for other function attributes with similar compatibility
problems, add a version-compatibile definition in sys/cdefs.h. Note that
Clang defines itself to be GCC 4, so one must check for __clang__ in
addition to __GNUC__ version. On legacy GCC 4, the macro expands to just
the __deprecated__ attribute; on modern GCC or Clang, the macro expands to
the parameterized variant with the message.
Ignoring legacy or unsupported compilers, the macro is also beneficial in
that it is a bit more ergonomic than the full
__attribute__((__deprecated__())) boilerplate.
Reported by: CI (but not tinderbox); imp and others
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D22817
Notes:
svn path=/head/; revision=355759
|
|
It serves no useful purpose and wasn't as popular as its equally meritless
cousin, srandomdev(3).
Setting aside the problems with rand(3) in general, the problem with this
interface is that the seed isn't shared with the caller (other than by
attacking the output of the generator, which is trivial, but not a hallmark of
pleasant API design). The (arguable) utility of rand(3) or random(3) is as a
semi-fast simulation generator which produces consistent results from a given
seed. These are mutually at odd. Furthermore, sometimes people got the
mistaken impression that a high quality random seed meant a weak generator like
rand(3) or random(3) could be used for things like cryptographic key
generation. This is absolutely not so.
The API was never part of a standard and was not widely used in tree. Existing
in-tree uses have all been removed.
Possible replacement in out of tree codebases:
char buf[3];
time_t t;
time(t);
strftime(buf, sizeof(buf), "%S", gmtime(&t));
srand(atoi(buf));
Relnotes: yes
Notes:
svn path=/head/; revision=355747
|
|
This is a variant of mkostemps() which takes a directory descriptor and
returns a descriptor for a tempfile relative to that directory. Unlike
the other mktemp functions, mkostempsat() can be used in capability
mode.
Reviewed by: cem
Discussed with: brooks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D21031
Notes:
svn path=/head/; revision=350420
|
|
Users of arc4random(3) should never call them directly.
All ports tree usage was fixed as part of bug 230756.
Relnotes: yes
Approved by: re (marius), exp-run (bug 230756 by portmgr antoine)
Notes:
svn path=/head/; revision=338331
|
|
ObsoleteFiles.inc:
Remove manual pages for arc4random_addrandom(3) and
arc4random_stir(3).
contrib/ntp/lib/isc/random.c:
contrib/ntp/sntp/libevent/evutil_rand.c:
Eliminate in-tree usage of arc4random_addrandom().
crypto/heimdal/lib/roken/rand.c:
crypto/openssh/config.h:
Eliminate in-tree usage of arc4random_stir().
include/stdlib.h:
Remove arc4random_stir() and arc4random_addrandom() prototypes,
provide temporary shims for transistion period.
lib/libc/gen/Makefile.inc:
Hook arc4random-compat.c to build, add hint for Chacha20 source for
kernel, and remove arc4random_addrandom(3) and arc4random_stir(3)
links.
lib/libc/gen/arc4random.c:
Adopt OpenBSD arc4random.c,v 1.54 with bare minimum changes, use the
sys/crypto/chacha20 implementation of keystream.
lib/libc/gen/Symbol.map:
Remove arc4random_stir and arc4random_addrandom interfaces.
lib/libc/gen/arc4random.h:
Adopt OpenBSD arc4random.h,v 1.4 but provide _ARC4_LOCK of our own.
lib/libc/gen/arc4random.3:
Adopt OpenBSD arc4random.3,v 1.35 but keep FreeBSD r114444 and
r118247.
lib/libc/gen/arc4random-compat.c:
Compatibility shims for arc4random_stir and arc4random_addrandom
functions to preserve ABI. Log once when called but do nothing
otherwise.
lib/libc/gen/getentropy.c:
lib/libc/include/libc_private.h:
Fold __arc4_sysctl into getentropy.c (renamed to arnd_sysctl).
Remove from libc_private.h as a result.
sys/crypto/chacha20/chacha.c:
sys/crypto/chacha20/chacha.h:
Make it possible to use the kernel implementation in libc.
PR: 182610
Reviewed by: cem, markm
Obtained from: OpenBSD
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D16760
Notes:
svn path=/head/; revision=338059
|
|
This follows the documented use in GCC. It is basically only relevant for
calloc(3), reallocarray(3) and mallocarray(9).
Suggested by: Mark Millard
Reference:
https://docs.freebsd.org/cgi/mid.cgi?9DE674C6-EAA3-4E8A-906F-446E74D82FC4
Notes:
svn path=/head/; revision=328237
|
|
The GCC attribute causes a warning to be emitted if a caller of the
function with this attribute does not use its return value. Unlike the
traditional realloc, with reallocf(3) we don't have to check for NULL
values but we still have to make sure the result is used.
MFC after: 3 days
Notes:
svn path=/head/; revision=327751
|
|
The daemonfd function is equivalent to the daemon(3) function expect that
arguments are descriptors. For example dhclient(8) which is sandboxed is
unable to open /dev/null to close stdio instead it's allows to fail
daemon(3) function to close the descriptors and then do it explicit in code.
Instead of such hacks we can use now daemonfd.
This API can be also helpful to migrate system to platforms like CheriBSD.
Reviewed by: brooks@, bcr@, jilles@ (earlier version)
Differential Revision: https://reviews.freebsd.org/D13433
Notes:
svn path=/head/; revision=327115
|
|
Reviewed by: dim, jhb
Discussed with: imp
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D13156
Notes:
svn path=/head/; revision=326123
|
|
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Notes:
svn path=/head/; revision=326024
|
|
9899:2011 Appendix K 3.7.4.1.
Other needed supporting types, defines and constraint_handler
infrastructure is added as specified in the C11 spec.
Submitted by: Tom Rix <trix@juniper.net>
Sponsored by: Juniper Networks
Discussed with: ed
MFC after: 3 weeks
Differential revision: https://reviews.freebsd.org/D9903
Differential revision: https://reviews.freebsd.org/D10161
Notes:
svn path=/head/; revision=316213
|
|
Despite wishful thinking the removal of these old function hasn't
happened yet.
MFC after: 3 days
Notes:
svn path=/head/; revision=313819
|
|
Replace uses of the GCC __nonnull__ attribute with the clang nullability
qualifiers. The replacement should be transparent for clang developers as
the new qualifiers will produce the same warnings and will be useful for
static checkers but will not cause aggressive optimizations.
GCC will not produce such warnings and developers will have to use
upgraded GCC ports built with the system headers from r312538.
Hinted by: Apple's Libc-1158.20.4, Bionic libc
MFC after: 11.1 Release
Differential Revision: https://reviews.freebsd.org/D9004
Notes:
svn path=/head/; revision=312934
|
|
While the checks are considered useful, the attribute does dangerous
optimizations, removing NULL checks where they can be needed. Remove the
uses of this attribute introduced in r281130: the changes were inspired on
Google's bionic where this attribute is not used anymore.
The __nonnull() attribute will be deprecrated from our headers and
replaced with the Clang _Nonnull qualifier in the future.
MFC after: 3 days
Notes:
svn path=/head/; revision=311012
|
|
The setkey() and encrypt() functions are part of XSI, not the POSIX base
definitions. There is no strict requirement for us to provide these,
especially if we're only going to keep these around as undocumented
stubs. The same holds for des_setkey() and des_cipher().
Instead of providing functions that only generate warnings when linking,
simply disallow linking against them. The impact of this is relatively
low. It only causes two leaf ports to break. I'll see what I can do to
help out to get those fixed.
PR: 211626
Notes:
svn path=/head/; revision=306651
|
|
POSIX requires that MB_CUR_MAX expands to an expression of type size_t.
It currently expands to an int. As these are already macros, don't
change the underlying type of these functions. There is no ned to touch
those.
Differential Revision: https://reviews.freebsd.org/D6645
Notes:
svn path=/head/; revision=303427
|
|
POSIX requires that these functions have an unsigned int for their first
argument; not an unsigned long.
My reasoning is that we can safely change these functions without
breaking the ABI. As far as I know, our supported architectures either
use registers for passing function arguments that are at least as big as
long (e.g., amd64), or int and long are of the same size (e.g., i386).
Reviewed by: ache
Differential Revision: https://reviews.freebsd.org/D6644
Notes:
svn path=/head/; revision=303342
|
|
Both __alloc_align and __alloc_size can't be used when the function
returns a pointer to memory. This fixes breakage when building with
clang 3.4:
In file included from /usr/src/svn/usr.sbin/bhyve/atkbdc.c:40:
/usr/include/stdlib.h:176:6: error: '__alloc_size__' attribute only
applies to functions that return a pointer [-Werror,-Wignored-attributes]
Pointed out by: ngie, cem
Approved by: re (gjb)
Notes:
svn path=/head/; revision=302358
|
|
etc) in stdlib.h. These will be needed for newer versions of libc++,
which uses them for defining overloaded versions of abs() and div().
MFC after: 1 week
Notes:
svn path=/head/; revision=297212
|
|
This lets the compiler know about the alignment of pointers returned
by aligned_alloc(3), posix_memalign(3). and contigmalloc(9)
Currently this is only supported in recent gcc but we are ready to
use it if clang implements it.
Relnotes: yes
Notes:
svn path=/head/; revision=282988
|
|
Notes:
svn path=/head/; revision=282322
|
