aboutsummaryrefslogtreecommitdiffstats
path: root/ChangeLog.txt
AgeCommit message (Collapse)Author
2012-12-12bitrot and linkat() fixes for Darwin.SEEBS_TESTINGPeter Seebach
2012-12-12add linkat() implementationPeter Seebach
We never had an implementation for linkat() because no one used it; now someone uses it. link() is now implemented on top of linkat(). Note the abnormal AT_SYMLINK_FOLLOW (as opposed to _NOFOLLOW) flag.
2012-08-09Fix up chroot damage caused by PSEUDO_STATBUF fixpseudo-1.4.1PSEUDO_1_4_1Peter Seebach
The PSEUDO_STATBUF change (allowing operations on files over 2GB even on 32-bit systems) introduced a subtle bug; by calling stat64() rather than real_stat(), pseudo stopped handling chrooted paths well. In most cases, this was fine, but in the specific case of a rename, where the stat buffers for the various parts were actually used, it wasn't. Of particular note, pseudo could end up creating links which had stack garbage for their stat buffs, because it assumed that if the rename operation succeeded, the stat operations must have succeeded. Of course, there is no real_stat64 in the Linux port, because there's no need for it; most code is calling __xstat64 or some relative thereof, and even if you did really call stat64, it'd end up routed there anyway. So we add that so that it can be used for calls and we don't have to encode Linux-specific magic about __xstat into the generic header.
2012-08-02Remove the _plain thing, use PSEUDO_STATBUF everywhere.Peter Seebach
The _plain thing was added because of clashes between Linux ("struct stat64 for 64-bit file sizes") and Darwin ("struct stat is already 64 bits"). But it turns out not to be enough, because stat will *fail* if it cannot represent a file size, so when something like unlinkat() calls a non-64-bit stat in order to determine whether a file exists, it gets the wrong answer if the file is over 2GB in size. Solution: Continue using PSEUDO_STATBUF, and also provide defines for base_stat() which can be either real_stat() or real_stat64(), etcetera. This eliminates any reason to need the _plain functions. It also suggests that the other real___fxstatat() calls should someday go away because that is an ugly, ugly, implementation detail. As part of testing this, fix up some bitrot which affected Darwin (such as the continue outside of a loop, but inside an #ifdef; that was left over from the conversion of init_one_wrapper to a separate function).
2012-07-27Use .tar.bz2 tarballpseudo-1.4PSEUDO_1_4Peter Seebach
Instead of using .tgz, use .tar.bz2 (and change czf to cjf). This makes life easier for Yocto.
2012-07-24CleanupPeter Seebach
Clean up a couple of (harmless, but unsightly) bits of cruft left from a failed attempt at implementing the ARCH_FLAGS support.
2012-07-20tag 1.4Peter Seebach
2012-07-20Don't try to learn all the architecture-specific flagsPeter Seebach
Pseudo should never have been the one picking -m32/-m64. That should be coming from the build system in some way. Deprecate --arch, add --cflags.
2012-06-281.3.1 tagPeter Seebach
Enough changes to justify a tag.
2012-06-28[Yocto #2639] Don't crash with really long chroot directoriesPeter Seebach
The logic for whether to allocate space for the "base" path in pseudo_fix_path recognized that you don't need it when the path you're evaluating starts with a slash. This is great, except: 1. It's not actually true, if rootlen isn't 0. 2. The decision of whether or not to copy over the base path didn't check for this, so it would happen anyway. The net result is, if you had a path in excess of 256 characters as a base (say, a chroot directory), and you tried to evaluate a path starting with a slash (say, /etc/shadow), pseudo would allocate enough space for the path, but not for the base path, and then copy the base path into it anyway. The rounding up to multiples of 256 isn't enough to save us in this case. Solution: 1. Make the logic for the base path copy match the allocation logic. 2. Use (path[0] != '/' || rootlen) as the second part of the test, because if there's a non-zero rootlen, we're in a chroot and MUST preserve at least some of the path. This could maybe be smarter (what if we only allocated space for rootlen in that case?) except that in reality, it's very very often the case that baselen == rootlen, and it's not as though we want MORE complexity.
2012-04-30change official upstreamPeter Seebach
2012-04-10First pass at smarter handling of multilib compile optionsPeter Seebach
Long story short: ARM doesn't use -m32 and -m64, so make those a little more dependent. We'll probably rework this completely "soon" as we mess with more targets and x32 becomes an issue.
2012-04-09Improve RPATH logicPeter Seebach
The existing behavior was to set rpath to whatever was specified explicitly with --with-rpath, or to set a default if the opt_rpath variable was unset and we reached a --with-sqlite. This turns out to be incorrect in the case where a static sqlite is being used. You can force the issue with --without-rpath, but it's probably better to make the inference smarter. This also allows the slight cleanup of setting opt_rpath to '' to begin with, because we're no longer depending on the distinction between empty and unset.
2012-03-28cleanup and fixesPeter Seebach
Spotted a couple of things during the last batch of fixes; fixing these up so things are more consistent or clearer.
2012-03-27call this 1.3pseudo-1.3PSEUDO_1_3Peter Seebach
2012-03-27Allow static sqlitePeter Seebach
Some systems prefer to avoid messing with LD_LIBRARY_PATH as much, and instead link sqlite statically.
2012-03-27Configuration cleanup for OE-core:Peter Seebach
In OE-Core we need to be able to configure for both 32-bit and 64-bit libpseudo libraries. In order to avoid some complex manipulations, we adjust the configure and Makefile to facilitate this. Upstream-Status: Submitted Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2012-03-27add popen() callPeter Seebach
We weren't trapping popen(), so if environment variables were in an inconsistent state when popen() was called, Bad Things Happened. Add a popen() wrapper. Like a couple of other special cases, is applied even when pseudo is theoretically disabled, and that includes the antimagic case. (But we never use popen() so that's fine.)
2012-02-06The O_LARGEFILE value was getting merged into mode (where it wasPeter Seebach
ignored) rather than flags (where it was needed), meaning that the open64 type functions didn't work as intended on 32-bit hosts.
2012-02-06Fix *at() function interface holesPeter Seebach
1. Fix *at() where dirfd is obtained through dirfd(DIR *). The dirfd(DIR *) interface allows you to get the fd for a DIR *, meaning you can use it with openat(), meaning you can need its path. This causes a segfault. Also fixed the base_path code not to segfault in that case, but first fix the underlying problem. 2. Implement renameat() After three long years, someone tried to use this. This was impossibly hard back when pseudo was written, because there was only one dirfd provided for. Thing is, now, the canonicalization happens in wrapfuncs, so a small tweak to makewrappers to recognize that oldpath should use olddirfd if it exists is enough to get us fully canonicalized paths when needed.
2011-11-02Name this 1.2pseudo-1.2PSEUDO_1_2Peter Seebach
2011-11-02Initialize memory in pseudo_client to avoid valgrind warningMark Hatle
2011-11-01: * (mhatle) Stop valgrind from reporting use of uninitialized memory from pseudo_client:client_ping() Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2011-11-02Rework the clone wrapper to add an intermediate function to resolve a defect.Mark Hatle
Previously the clone(2) wrapper unconditionallity restored the system environment. It also invokes the checks to see if the user has requested pseudo to be disabled or unloaded. Due to the semantics of clone, this caused both the parent and child processes to be disabled or unloaded. The new code adds an intermediate function, wrap_clone_child, that only runs within the child context. This way we can be sure to only disable/unload pseudo from within the child process. In addition, we avoid mucking with the environment if CLONE_VM is set, since this will affect both parent and child. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2011-11-02Implement PSEUDO_UNLOAD, replacing existing PSEUDO_RELOADED semantics.Mark Hatle
Change from internal PSEUDO_RELOADED to external PSEUDO_UNLOAD environment variable. Enable external programs to have a safe and reliable way to unload pseudo on the next exec*. PSEUDO_UNLOAD also will disable pseudo if we're in a fork/clone situation in the same way PSEUDO_DISABLED=1 would. Rename the PSEUDO_DISABLED tests, and create a similar set for the new PSEUDO_UNLOAD. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2011-07-19Fix uninitalized variable.Peter Seebach
You might be wondering why this wasn't caught. Answer: gcc's too smart. Consider: int x; if (condition) x = 23; return x; This function will just return 23. Since gcc knows that it doesn't matter what happens if x is used uninitialized (it's an indeterminate value, thus a possible trap representation, thus undefined behavior to use it), it simplifies the initial part of this away. Thus there's no use of an uninitialized value. Something similar seems to be at issue with the use of the uninitialized f in pseudo_init_one_wrapper. The variable wasn't initialized in the pre-realpath-fix version either, but in that version, the assignment from dlsym was completely unconditional.
2011-06-09Fix realpath(name, NULL) when PSEUDO_DISABLED=1Peter Seebach
On some Linux systems, dlsym("realpath", RTLD_NEXT) prefers for reasons of its own to give a symbol that is also known as old_realpath, which fails and yields EINVAL when called with a null pointer as the second argument. This can be avoided, on some systems, by using dlvsym() to request the GLIBC_2.3 version of the symbol. The wrapper logic is enhanced to allow for specifying versions, although this currently only works for Linux (Darwin has no dlvsym, apparently?). The test case is a trivial program which calls realpath(name, NULL) run with PSEUDO_DISABLED=1.
2011-06-061.1.1 releasePeter Seebach
2011-06-06Improve system()Peter Seebach
2011-06-02Call this "version 1.1".Peter Seebach
2011-06-02Add system() wrapper to force setup of the pseudo environment. NotePeter Seebach
that we add an extra fork() so we can do the setup in a child process, but still just pass the command string to the standard system() call.
2011-05-31Change logic on file creation/chmod so that we only secretly mask inPeter Seebach
the 0100 bit for directories. The reason is that otherwise we create plain files which are 0700 on disk, which means they're non-zero &0111, which breaks euidaccess(X_OK).
2011-05-25Make ulckpwdf() report failuresSeebs
2011-04-21Fix hangs on Fedora 13 et al.Peter Seebach
2011-04-16Fix oldclone port, which had bit-rotted since it was developed.Peter Seebach
2011-04-13Fix path expansion of empty strings.Peter Seebach
2011-04-04Whitespace changes.Peter Seebach
2011-04-01mention Darwin in READMESeebs
2011-03-25Try to force debug fd to 2. The intent is that this will keep mallocPeter Seebach
debugger messages from going to the wrong place. No longer fclose(stderr) after grabbing log file, because stderr is likely still using fd 2.
2011-03-25Make subports/preports executable.Peter Seebach
2011-03-25Merge in ports workPeter Seebach
This is a spiffied-up rebase of a bunch of intermediate changes, presented as a whole because it is, surprisingly, less confusing that way. The basic idea is to separate the guts code into categories ranging from generic stuff that can be the same everywhere and specific variants. The big scary one is the Darwin support, which actually seems to run okay on 64-bit OS X 10.6. (No other variants were tested.) The other example given is support for the old clone() syscall on RHEL 4, which affects some wrlinux use cases. There's a few minor cleanup bits here, such as a function with inconsistent calling conventions, but nothing really exciting.
2011-03-25Fix execvp crashPeter Seebach
2011-02-10Whoops! If LOCALSTATEDIR doesn't exist, and you invoke pseudoPeter Seebach
directly rather than via an on-demand spawn from the client, the directory is never created.
2011-02-09database initialization cleanup.Peter Seebach
2011-02-08Expand paths on exec.Peter Seebach
This is fussy, because we have to actually do the path search ourselves as best we can to handle unqualified paths. The result, though, is more meaningful logs. Along the way, fix some bitrot in the comments in pseudo_fix_path and friends.
2011-01-24Revert "Add a cache of the last object found in pseudo_op"Mark Hatle
This reverts commit 49d4d35918d457b0e9206679ecad3b9c84f11e66.
2011-01-18Do not cache OP_EXEC callsMark Hatle
The cached data values were being collected when an OP_EXEC call was made. This is incorrect as the values are only for logging purposes. It's believed this caused an occasional crash in certain instances. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2011-01-14Automatically create state/prefix directoriesPeter Seebach
It'd be handy for the WR build system if new state directories could be created as needed. It is made so. And to answer the first question everyone, including me, has on reading this: You can't do system("mkdir -p ...") because the invoked shell would need to run under pseudo, so it'd have to check for a server, and...
2011-01-13ChangeLog for previous fixPeter Seebach
2010-12-17When pseudo is disabled avoid directory processing...Mark Hatle
When pseudo is disabled, we skip a bunch of the prefix, localstate, etc processing. This allows pseudo to run with a directory that does not yet exist. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2010-12-16The maketables thing made it possible for some modules to get builtPeter Seebach
before pseudo_tables.h existed. Fixed.