Since NUL usually terminates strings in underlying syscalls, allowing
it when converting string arguments is a security risk, especially
when dealing with filenames. For example, a program might reason that
filename like "/root/..\x00/" is a subdirectory or "/root/" and allow
access to it, while underlying syscall will treat "\x00" as an end of
that string and the actual filename will be "/root/..", which might
be unexpected. Returning EINVAL when string arguments have NUL in
them makes sure this attack vector is unusable.
R=golang-dev, r, bradfitz, fullung, rsc, minux.ma
CC=golang-dev
https://golang.org/cl/6458050
This syscall was inadvertently exported when fixing
Getrlimit/Setrlimit on 32-bit platforms.
R=golang-dev, minux.ma
CC=golang-dev
https://golang.org/cl/6458051
Darwin kernels have a bug in accept() where error result from
an internal call is not checked and socket is accepted instead
of ECONNABORTED error. However, such sockets have no sockaddr,
which results in EAFNOSUPPORT error from anyToSockaddr, making
Go http servers running on Mac OS X easily susceptible to
denial of service from simple port scans with nmap.
Fixes#3849.
R=golang-dev, adg, mikioh.mikioh
CC=golang-dev
https://golang.org/cl/6456045
The previous version was not handling an off_t (64 bit)
parameter on 32 bit i386 systems. This patch splits sendfile
into two implementations in their respective arch-specific files.
Tested on FreeBSD amd64 and i386.
R=bradfitz
CC=golang-dev
https://golang.org/cl/6356048
This slipped in with the implementation of Getpid in CL 5909043.
I'd exclude that CL entirely but it is tangled up in the Win32finddata changes.
R=golang-dev, minux.ma
CC=golang-dev
https://golang.org/cl/6297065
Preserve old API by using correct struct in system call
and then copying the results, as we did for SetsockoptLinger.
R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/6307065
pipe2 is equivalent to pipe with flags set to 0.
However, pipe2 was only added recently. Using pipe
instead improves compatibility with NetBSD 5.
R=jsing
CC=golang-dev
https://golang.org/cl/6268045
RawSockaddrDatalink and SockaddrDatalink need to match - make Data
have length 12 for both.
R=golang-dev, mikioh.mikioh
CC=golang-dev
https://golang.org/cl/6223051
Fix mkerrors.sh so that it works on NetBSD.
Remove directory mode bits from types - this already appears in errors.
Regenerate the z* files now that cgo is working.
R=golang-dev, m4dh4tt3r, r
CC=golang-dev
https://golang.org/cl/6201077
Manually repair/update z* files for netbsd - this allows Go to
compile again on 386.
R=golang-dev, rsc, minux.ma
CC=golang-dev
https://golang.org/cl/6194064
Instead use a new type, "Note", whose underlying
type is just a string. This change allows us to
remove the exported os.Plan9Note type.
R=bradfitz, seed, rsc
CC=golang-dev
https://golang.org/cl/6015046
Now that Go will no longer work on OpenBSD versions prior to 5.1,
remove the sysctl workaround that was needed for 5.0 and earlier.
R=golang-dev, bradfitz
CC=golang-dev
https://golang.org/cl/6116050
1. Readdirnames was erroneously returning an
empty slice on every invocation.
2. The logic for determining which files to
close before exec was incorrect. If the
set of files to be kept open (provided by
the caller) did not include the files
opened at startup, those files would be
accidentally closed.
I also cleaned up readdupdevice while I was
in the vicinity.
R=golang-dev, seed, rsc
CC=golang-dev
https://golang.org/cl/6016044
syscall.Exit would originally kill only the calling
Go proc, leaving behind other procs in the
same group. This change makes syscall.Exit call
runtime·exit, which due to CL
https://golang.org/cl/5617048
will cleanly exit all the Go procs in the group.
R=golang-dev, rsc, rminnich, remyoudompheng, ality, john
CC=golang-dev, mirtchovski
https://golang.org/cl/6036051
This change comes from CL 5536043,
created by Andrey Mirtchovski. His
description follows:
"The plan9 exec child handler does not manage
dup-ed fds from the parent correctly: when a
dup-ed file descriptor appears in the child's fd
list it is closed when first encountered and then
subsequent attempt to dup it later in Pass 2 fails,
resulting in 'fork/exec: fd out of range or not
open'."
R=golang-dev, rminnich, ality
CC=golang-dev, mirtchovski, rsc
https://golang.org/cl/6009046
Building go currently fails on NetBSD, thus the regeneration
scripts do not run correctly. With these changes, at least
the go_bootstrap tool builds correctly.
R=golang-dev, r, bradfitz
CC=golang-dev
https://golang.org/cl/5695064
Tested using 6g and gccgo on x86_64 GNU/Linux and using gccgo
on PowerPC GNU/Linux (which is big-endian).
R=golang-dev, bradfitz, mikioh.mikioh, iant
CC=golang-dev
https://golang.org/cl/5975073
It is unprecedented to add tests to package syscall, especially
system-specific ones. Not a policy worth changing right before Go 1
is cut.
The sole existing test, passfd_test.go, contains the line
// +build linux darwin probablyfreebsd probablyopenbsd
which argues that this is not a subject to be undertaking likely.
Note that passfd_test.go also went in just now. It's the only test
in syscall.
Deleting for now, will reconsider after Go 1.
R=golang-dev, bradfitz, r, dsymonds
CC=golang-dev
https://golang.org/cl/5846063
This moves the various CA root fetchers from crypto/tls into crypto/x509.
The move was brought about by issue 2997. Windows doesn't ship with all
its root certificates, but will instead download them as-needed when using
CryptoAPI for certificate verification.
This CL changes crypto/x509 to verify a certificate using the system root
CAs when VerifyOptions.RootCAs == nil. On Windows, this verification is
now implemented using Windows's CryptoAPI. All other root fetchers are
unchanged, and still use Go's own verification code.
The CL also fixes the hostname matching logic in crypto/tls/tls.go, in
order to be able to test whether hostname mismatches are honored by the
Windows verification code.
The move to crypto/x509 also allows other packages to use the OS-provided
root certificates, instead of hiding them inside the crypto/tls package.
Fixes#2997.
R=agl, golang-dev, alex.brainman, rsc, mikkel
CC=golang-dev
https://golang.org/cl/5700087
CL 3075041 says ARM is not little-endian, but my test suggests otherwise.
My test program is:
package main
import ("fmt"; "syscall"; "os")
func main() {
err := syscall.Fallocate(1, 1/*FALLOC_FL_KEEP_SIZE*/, 0, int64(40960));
fmt.Fprintln(os.Stderr, err)
}
Without this CL, ./test > testfile will show: file too large; and strace shows:
fallocate(1, 01, 0, 175921860444160) = -1 EFBIG (File too large)
With this CL, ./test > testfile will show: <nil>; and strace shows:
fallocate(1, 01, 0, 40960) = 0
Quoting rsc:
"[It turns out that] ARM syscall ABI requires 64-bit arguments to use an
(even, odd) register pair, not an (odd, even) pair. Switching to "big-endian"
worked because it ended up using the high 32-bits (always zero in the tests
we had) as the padding word, because the 64-bit argument was the last one,
and because we fill in zeros for the rest of the system call arguments, up to
six. So it happened to work."
I updated mksyscall_linux.pl to accommodate the register pair ABI requirement,
and removed all hand-tweaked syscall routines in favor of the auto-generated
ones. These including: Ftruncate, Truncate, Pread and Pwrite.
Some recent Linux/ARM distributions do not bundle kernel asm headers,
so instead we always get latest asm/unistd.h from git.kernel.org (just like
what we do for FreeBSD).
R=ken, r, rsc, r, dave, iant
CC=golang-dev
https://golang.org/cl/5726051
1, IMO, the fatal error "regfree: not a register" from 5g when
compiling runtime/debug.go is due to gcc miscompile, it doesn't
show up when compiled with -O0. But I still haven't thought of
a way to fix this, should all ARM builds be built with -O0?
2, fixed mksysnum_linux.pl, so zsysnum_linux_arm.go no longer
needs to be hand-generated.
3, regen all in pkg syscall for Linux/ARM on Debian 6.0
This CL is somewhat big, I'd like to split it if necessary.
R=rsc, dave
CC=golang-dev
https://golang.org/cl/5659044
Restore package os/signal, with new API:
Notify replaces Incoming, allowing clients
to ask for certain signals only. Also, signals
go to everyone who asks, not just one client.
This could plausibly move into package os now
that there are no magic side effects as a result
of the import.
Update runtime for new API: move common Unix
signal handling code into signal_unix.c.
(It's so easy to do this now that we don't have
to edit Makefiles!)
Tested on darwin,linux 386,amd64.
Fixes#1266.
R=r, dsymonds, bradfitz, iant, borman
CC=golang-dev
https://golang.org/cl/3749041
You could argue for changing all the others, but
Linux is outvoted, and the only time it matters
is when newfd==-1, in which case you can call Dup.
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/5650073
make syscall.ProcAttr.Files be []uintptr
all.bash passes on Linux.
things seem to compile on GOOS={darwin,windows}
R=golang-dev, mattn.jp, alex.brainman, rsc
CC=golang-dev
https://golang.org/cl/5653055
The rule is that build directives can be preceded only
by blank lines and other line comments, not /* */ comments.
R=golang-dev, adg, bradfitz
CC=golang-dev
https://golang.org/cl/5619045
This can drastically reduce the number of system
calls made by programs that repeatedly query the
environment.
R=golang-dev, rsc
CC=golang-dev
https://golang.org/cl/5599054
Consequently, remove many package Makefiles,
and shorten the few that remain.
gomake becomes 'go tool make'.
Turn off test phases of run.bash that do not work,
flagged with $BROKEN. Future CLs will restore these,
but this seemed like a big enough CL already.
R=golang-dev, r
CC=golang-dev
https://golang.org/cl/5601057
This CL makes both InterfaceAddrs and Addrs method on Interface
return IPNet struct for representing interface address and mask
like below:
interface "lo0": flags "up|loopback|multicast", ifindex 1, mtu 16384
interface address "fe80::1/64"
interface address "127.0.0.1/8"
interface address "::1/128"
joined group address "ff02::fb"
joined group address "224.0.0.251"
joined group address "ff02::2:65d0:d71e"
joined group address "224.0.0.1"
joined group address "ff01::1"
joined group address "ff02::1"
joined group address "ff02::1:ff00:1"
Fixes#2571.
R=rsc
CC=golang-dev
https://golang.org/cl/5489062
Not all syscalls are implemented, but many are. On the suggestion
of Joel Sing <jsing@google.com>, the generated files were added
with hg add instead of hg cp, since they are generated on an OS
dependant basis.
R=golang-dev, jsing, mikioh.mikioh
CC=golang-dev
https://golang.org/cl/5491050
syscall_windows.go contains a small demo, which calls the obsolete
syscall.Errstr function.
R=golang-dev, alex.brainman
CC=golang-dev
https://golang.org/cl/5475044