Date: Fri, 8 Nov 1996 19:44:37 +0100 (MET) From: Juergen Lock <nox@jelal.hb.north.de> To: jkh@time.cdrom.com Cc: stable@freebsd.org Subject: Re: The curtain is going down on 2.1-stable in 5 days! Message-ID: <199611081844.TAA13349@saturn.hb.north.de> In-Reply-To: <10472.847447745@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In article <10472.847447745@time.cdrom.com> you write:
>Basically, I need to get 2.1.6 off my plate if I'm to have any hope of
>working constructively on 2.2, and managing 3 different branches
>during this transitional period is also something of a headache which
>I'd like to avoid prolonging.
>
>So. David and I have decided that next Tuesday, the 12th of November,
>would be an excellent time to start putting FreeBSD 2.1.6 to bed, and
>if you've got any critical bug fixes or security problems to report in
>2.1-stable, now would be an excellent time to raise them before it's
>too late.
I don't know if its just me but has anyone tried building a -stable
with the `international' des/secure stuff recently (using int-cvs-cur*
off ftp.za.freebsd.org)? i haven't yet tried tracking this one down
and really don't know if i'll get to in five days :) but just in case
there really is something wrong there i thought i'd better ask...
also here is an old list of things that may be worth merging:
(i think only the first one actually went in at that time)
>From nox Sun Jun 30 19:17:52 1996
>Subject: misc things possibly worth merging?
>To: stable@freebsd.org
>Date: Sun, 30 Jun 1996 19:17:52 +0200 (MET DST)
This is from a cvs diff -u -rRELENG_2_1_0 which i just looked thru:
(I guess there are many more little things of this kind... :)
Index: src/gnu/usr.bin/ld/rrs.c
===================================================================
RCS file: /home/cvs/cvs/src/gnu/usr.bin/ld/rrs.c,v
retrieving revision 1.14
diff -u -r1.14 rrs.c
--- rrs.c 1995/03/04 17:46:09 1.14
+++ rrs.c 1996/05/28 01:33:30
@@ -1185,6 +1185,7 @@
sodp[i].sod_library = 1;
} else
sodp[i].sod_library = 0;
+ sodp[i].sod_reserved = 0;
pos += 1 + strlen(name);
sodp[i].sod_next = (i == number_of_shobjs - 1) ? 0 :
(thats from: revision 1.15
date: 1996/05/27 18:06:02; author: jdp; state: Exp; lines: +2 -1
Zero out an unused field in a structure that is written to the output
file. The field formerly contained random garbage, leading to spurious
differences between otherwise identical executables and libraries.)
Index: src/sys/ddb/db_ps.c
===================================================================
RCS file: /home/cvs/cvs/src/sys/ddb/db_ps.c,v
retrieving revision 1.6.4.2
diff -u -r1.6.4.2 db_ps.c
--- db_ps.c 1995/09/12 04:21:43 1.6.4.2
+++ db_ps.c 1996/06/15 10:39:48
@@ -82,6 +82,10 @@
return;
}
}
+ if (p == NULL) {
+ printf("oops, ran out of processes early!\n");
+ break;
+ }
pp = p->p_pptr;
if (pp == NULL)
pp = p;
(from: revision 1.12
date: 1996/06/15 07:08:02; author: peter; state: Exp; lines: +5 -1
A small bit of defensive programming in case the panic is during process
exit and cleanup. the 'ps' command assumes that there are always 'nproc'
processes on the lists and will walk off the end without checking if not,
causing ddb to trap during the 'ps' command.
)
i have not yet had such a panic, just looked useful when i saw it...
Index: src/usr.sbin/lpr/lpd/printjob.c
===================================================================
RCS file: /home/cvs/cvs/src/usr.sbin/lpr/lpd/printjob.c,v
retrieving revision 1.4.4.2
diff -u -r1.4.4.2 printjob.c
--- printjob.c 1995/10/06 10:30:44 1.4.4.2
+++ printjob.c 1996/06/11 10:21:34
@@ -622,6 +622,13 @@
printer, format);
return(ERROR);
}
+ if (prog == NULL) {
+ (void) close(fi);
+ syslog(LOG_ERR,
+ "%s: no filter found in printcap for format character '%c'",
+ printer, format);
+ return(ERROR);
+ }
if ((av[0] = rindex(prog, '/')) != NULL)
av[0]++;
else
(from: revision 1.8
date: 1996/05/05 22:40:48; author: joerg; state: Exp; lines: +173 -75
Pull a bunch of fixes from the 4.4BSD-Lite2 branch. It's really
surprising how many trivial errors there have been... :-)
Some more cleanup is needed, but i'd like to separate the Lite2 changes
from other work, that's why this goes into a different commit.
People with serial printers should see whether i have broken the stty-
style printcap options (i hope not).
Inspired by: Sergey Shkonda <serg@bcs1.bcs.zaporizhzhe.ua>
)
this was after a lpr -dlqhi (which should have been lpr -P..
as you can guess) got me messages of coredumping lpd processes :)
(haven't looked at the other fixes in that commit, i guess many
of them could also go in?)
and finally some USER_LDT fixes from current, they make wine
work at least a little better.
just in case someone still finds the time and look at this...
Juergen
Index: src/sys/i386/i386/machdep.c
===================================================================
RCS file: /home/cvs/cvs/src/sys/i386/i386/machdep.c,v
retrieving revision 1.128.4.8
diff -u -r1.128.4.8 machdep.c
--- machdep.c 1996/06/25 20:19:29 1.128.4.8
+++ machdep.c 1996/06/26 19:44:34
@@ -1003,6 +1003,19 @@
{
int *regs = p->p_md.md_regs;
+#ifdef USER_LDT
+ struct pcb *pcb = &p->p_addr->u_pcb;
+
+ /* was i386_user_cleanup() in NetBSD */
+ if (pcb->pcb_ldt) {
+ if (pcb == curpcb)
+ lldt(GSEL(GUSERLDT_SEL, SEL_KPL));
+ kmem_free(kernel_map, (vm_offset_t)pcb->pcb_ldt,
+ pcb->pcb_ldt_len * sizeof(union descriptor));
+ pcb->pcb_ldt_len = (int)pcb->pcb_ldt = 0;
+ }
+#endif
+
bzero(regs, sizeof(struct trapframe));
regs[tEIP] = entry;
regs[tESP] = stack;
Index: src/sys/i386/i386/sys_machdep.c
===================================================================
RCS file: /home/cvs/cvs/src/sys/i386/i386/sys_machdep.c,v
retrieving revision 1.9
diff -u -r1.9 sys_machdep.c
--- sys_machdep.c 1995/05/30 07:59:40 1.9
+++ sys_machdep.c 1996/04/30 19:22:55
@@ -45,6 +45,13 @@
#include <vm/vm_kern.h> /* for kernel_map */
+#define MAX_LD 8192
+#define LD_PER_PAGE 512
+#define NEW_MAX_LD(num) ((num + LD_PER_PAGE) & ~(LD_PER_PAGE-1))
+#define SIZE_FROM_LARGEST_LD(num) (NEW_MAX_LD(num) << 3)
+
+
+
void set_user_ldt __P((struct pcb *pcb));
int i386_get_ldt __P((struct proc *, char *, int *));
int i386_set_ldt __P((struct proc *, char *, int *));
@@ -80,6 +87,10 @@
}
#ifdef USER_LDT
+/*
+ * Update the GDT entry pointing to the LDT to point to the LDT of the
+ * current process.
+ */
void
set_user_ldt(struct pcb *pcb)
{
@@ -107,17 +118,19 @@
int nldt, num;
union descriptor *lp;
int s;
- struct i386_get_ldt_args ua, *uap;
+ struct i386_get_ldt_args ua;
+ struct i386_get_ldt_args *uap = &ua;
- if ((error = copyin(args, &ua, sizeof(struct i386_get_ldt_args))) < 0)
+ if ((error = copyin(args, uap, sizeof(struct i386_get_ldt_args))) < 0)
return(error);
- uap = &ua;
#ifdef DEBUG
- printf("i386_get_ldt: start=%d num=%d descs=%x\n", uap->start, uap->num, uap->desc);
+ printf("i386_get_ldt: start=%d num=%d descs=%x\n", uap->start,
+ uap->num, uap->desc);
#endif
- if (uap->start < 0 || uap->num < 0)
+ /* verify range of LDTs exist */
+ if ((uap->start < 0) || (uap->num <= 0))
return(EINVAL);
s = splhigh();
@@ -157,7 +170,9 @@
int *retval;
{
int error = 0, i, n;
+ int largest_ld;
struct pcb *pcb = &p->p_addr->u_pcb;
+ union descriptor desc;
union descriptor *lp;
int s;
struct i386_set_ldt_args ua, *uap;
@@ -171,25 +186,36 @@
printf("i386_set_ldt: start=%d num=%d descs=%x\n", uap->start, uap->num, uap->desc);
#endif
- if (uap->start < 0 || uap->num < 0)
- return(EINVAL);
-
- /* XXX Should be 8192 ! */
- if (uap->start > 512 ||
- (uap->start + uap->num) > 512)
- return(EINVAL);
-
- /* allocate user ldt */
- if (!pcb->pcb_ldt) {
- union descriptor *new_ldt =
- (union descriptor *)kmem_alloc(kernel_map, 512*sizeof(union descriptor));
- bcopy(ldt, new_ldt, sizeof(ldt));
- pcb->pcb_ldt = (caddr_t)new_ldt;
- pcb->pcb_ldt_len = 512; /* XXX need to grow */
-#ifdef DEBUG
- printf("i386_set_ldt(%d): new_ldt=%x\n", p->p_pid, new_ldt);
-#endif
- }
+ /* verify range of descriptors to modify */
+ if ((uap->start < NLDT) || (uap->start >= MAX_LD) || (uap->num < 0) ||
+ (uap->num > MAX_LD))
+ {
+ return(EINVAL);
+ }
+ largest_ld = uap->start + uap->num - 1;
+ if (largest_ld >= MAX_LD)
+ return(EINVAL);
+
+ /* allocate user ldt */
+ if (!pcb->pcb_ldt || (largest_ld >= pcb->pcb_ldt_len)) {
+ union descriptor *new_ldt = (union descriptor *)kmem_alloc(
+ kernel_map, SIZE_FROM_LARGEST_LD(largest_ld));
+ if (new_ldt == NULL) {
+ return ENOMEM;
+ }
+ if (pcb->pcb_ldt) {
+ bcopy(pcb->pcb_ldt, new_ldt, pcb->pcb_ldt_len
+ * sizeof(union descriptor));
+ kmem_free(kernel_map, (vm_offset_t)pcb->pcb_ldt,
+ pcb->pcb_ldt_len * sizeof(union descriptor));
+ } else {
+ bcopy(ldt, new_ldt, sizeof(ldt));
+ }
+ pcb->pcb_ldt = (caddr_t)new_ldt;
+ pcb->pcb_ldt_len = NEW_MAX_LD(largest_ld);
+ if (pcb == curpcb)
+ set_user_ldt(pcb);
+ }
/* Check descriptors for access violations */
for (i = 0, n = uap->start; i < uap->num; i++, n++) {
@@ -199,63 +225,71 @@
if (error)
return(error);
- /* Only user (ring-3) descriptors */
- if (desc.sd.sd_dpl != SEL_UPL)
- return(EACCES);
-
- /* Must be "present" */
- if (desc.sd.sd_p == 0)
- return(EACCES);
-
switch (desc.sd.sd_type) {
- case SDT_SYSNULL:
- case SDT_SYS286CGT:
- case SDT_SYS386CGT:
- break;
- case SDT_MEMRO:
- case SDT_MEMROA:
- case SDT_MEMRW:
- case SDT_MEMRWA:
- case SDT_MEMROD:
- case SDT_MEMRODA:
- case SDT_MEME:
- case SDT_MEMEA:
- case SDT_MEMER:
- case SDT_MEMERA:
- case SDT_MEMEC:
- case SDT_MEMEAC:
- case SDT_MEMERC:
- case SDT_MEMERAC: {
-#if 0
- unsigned long base = (desc.sd.sd_hibase << 24)&0xFF000000;
- base |= (desc.sd.sd_lobase&0x00FFFFFF);
- if (base >= KERNBASE)
- return(EACCES);
-#endif
+ case SDT_SYSNULL: /* system null */
+ desc.sd.sd_p = 0;
+ break;
+ case SDT_SYS286TSS: /* system 286 TSS available */
+ case SDT_SYSLDT: /* system local descriptor table */
+ case SDT_SYS286BSY: /* system 286 TSS busy */
+ case SDT_SYSTASKGT: /* system task gate */
+ case SDT_SYS286IGT: /* system 286 interrupt gate */
+ case SDT_SYS286TGT: /* system 286 trap gate */
+ case SDT_SYSNULL2: /* undefined by Intel */
+ case SDT_SYS386TSS: /* system 386 TSS available */
+ case SDT_SYSNULL3: /* undefined by Intel */
+ case SDT_SYS386BSY: /* system 386 TSS busy */
+ case SDT_SYSNULL4: /* undefined by Intel */
+ case SDT_SYS386IGT: /* system 386 interrupt gate */
+ case SDT_SYS386TGT: /* system 386 trap gate */
+ case SDT_SYS286CGT: /* system 286 call gate */
+ case SDT_SYS386CGT: /* system 386 call gate */
+ /* I can't think of any reason to allow a user proc
+ * to create a segment of these types. They are
+ * for OS use only.
+ */
+ return EACCES;
+
+ /* memory segment types */
+ case SDT_MEMEC: /* memory execute only conforming */
+ case SDT_MEMEAC: /* memory execute only accessed conforming */
+ case SDT_MEMERC: /* memory execute read conforming */
+ case SDT_MEMERAC: /* memory execute read accessed conforming */
+ /* Must be "present" if executable and conforming. */
+ if (desc.sd.sd_p == 0)
+ return (EACCES);
+ break;
+ case SDT_MEMRO: /* memory read only */
+ case SDT_MEMROA: /* memory read only accessed */
+ case SDT_MEMRW: /* memory read write */
+ case SDT_MEMRWA: /* memory read write accessed */
+ case SDT_MEMROD: /* memory read only expand dwn limit */
+ case SDT_MEMRODA: /* memory read only expand dwn lim accessed */
+ case SDT_MEMRWD: /* memory read write expand dwn limit */
+ case SDT_MEMRWDA: /* memory read write expand dwn lim acessed */
+ case SDT_MEME: /* memory execute only */
+ case SDT_MEMEA: /* memory execute only accessed */
+ case SDT_MEMER: /* memory execute read */
+ case SDT_MEMERA: /* memory execute read accessed */
break;
- }
default:
- return(EACCES);
+ return(EINVAL);
/*NOTREACHED*/
}
+
+ /* Only user (ring-3) descriptors may be present. */
+ if ((desc.sd.sd_p != 0) && (desc.sd.sd_dpl != SEL_UPL))
+ return (EACCES);
}
s = splhigh();
/* Fill in range */
- for (i = 0, n = uap->start; i < uap->num && !error; i++, n++) {
- union descriptor desc, *dp;
- dp = &uap->desc[i];
- lp = &((union descriptor *)(pcb->pcb_ldt))[n];
-#ifdef DEBUG
- printf("i386_set_ldt(%d): ldtp=%x\n", p->p_pid, lp);
-#endif
- error = copyin(dp, lp, sizeof(union descriptor));
- }
- if (!error) {
- *retval = uap->start;
-/* need_resched(); */
- }
+ error = copyin(uap->desc,
+ &((union descriptor *)(pcb->pcb_ldt))[uap->start],
+ uap->num * sizeof(union descriptor));
+ if (!error)
+ *retval = uap->start;
splx(s);
return(error);
Index: src/sys/i386/i386/vm_machdep.c
===================================================================
RCS file: /home/cvs/cvs/src/sys/i386/i386/vm_machdep.c,v
retrieving revision 1.39.4.4
diff -u -r1.39.4.4 vm_machdep.c
--- vm_machdep.c 1996/06/20 08:08:29 1.39.4.4
+++ vm_machdep.c 1996/06/22 21:00:02
@@ -580,10 +580,23 @@
cpu_exit(p)
register struct proc *p;
{
+#ifdef USER_LDT
+ struct pcb *pcb;
+#endif
#if NNPX > 0
npxexit(p);
#endif /* NNPX */
+#ifdef USER_LDT
+ pcb = &p->p_addr->u_pcb;
+ if (pcb->pcb_ldt != 0) {
+ if (pcb == curpcb)
+ lldt(GSEL(GUSERLDT_SEL, SEL_KPL));
+ kmem_free(kernel_map, (vm_offset_t)pcb->pcb_ldt,
+ pcb->pcb_ldt_len * sizeof(union descriptor));
+ pcb->pcb_ldt_len = (int)pcb->pcb_ldt = 0;
+ }
+#endif
cnt.v_swtch++;
cpu_switch(p);
panic("cpu_exit");
>From nox@jelal.hb.north.de Sat Aug 3 22:22:03 MET DST 1996
>Subject: another one (was: misc things possibly worth merging?)
>Date: 10 Jul 1996 06:16:48 +0200
>Message-ID: <199607100340.FAA01767@saturn.hb.north.de>
I wrote:
> This is from a cvs diff -u -rRELENG_2_1_0 which i just looked thru:
> (I guess there are many more little things of this kind... :)
>
> Index: src/gnu/usr.bin/ld/rrs.c
> ===================================================================
>...
here is another one...
Index: src/gnu/usr.bin/texinfo/info-files/dir
===================================================================
RCS file: /home/cvs/cvs/src/gnu/usr.bin/texinfo/info-files/dir,v
retrieving revision 1.3.4.3
diff -u -r1.3.4.3 dir
--- dir 1996/06/05 02:44:02 1.3.4.3
+++ dir 1996/07/07 17:16:22
@@ -15,6 +15,9 @@
System utilities:
* AMD: (amdref). AMD Reference Manual.
+* CVS: (cvs). CVS Reference Manual.
+* CVS-CLIENT: (cvsclient). CVS client/server Reference Manual.
+* DIFF: (diff). DIFF/PATCH Reference Manual.
* DC: (dc). The GNU desk calculator.
* GAWK: (gawk). The GNU AWK language interpreter manual.
* Info: (info). Manual for this documentation browsing system.
@@ -43,6 +46,7 @@
* GXX Internals: (gxxint). Guide to the internals of the GNU C++ compiler.
* GDB: (gdb). The GNU Debugger (C & C++) manual.
* GDB Internals: (gdbint). Guide to the internals of GDB.
+* GMP: (gmp). The GNU MP Math library.
* History: (history). The GNU History library.
* Readline: (readline). The GNU Readline library
* Regex: (regex). The GNU regular expression library.
cheers
Juergen
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611081844.TAA13349>