summaryrefslogtreecommitdiff
path: root/usr/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'usr/src/lib')
-rw-r--r--usr/src/lib/brand/bhyve/zone/boot.c2
-rw-r--r--usr/src/lib/cfgadm_plugins/ac/common/mema.c40
-rw-r--r--usr/src/lib/cfgadm_plugins/sysctrl/common/cfga.c41
-rw-r--r--usr/src/lib/fm/libldom/sparc/ldom_xmpp_client.c4
-rw-r--r--usr/src/lib/fm/topo/modules/sun4v/sun4vpi/pi_walker.c4
-rw-r--r--usr/src/lib/libdemangle/common/cxx.c2
-rw-r--r--usr/src/lib/libzonecfg/common/libzonecfg.c9
-rw-r--r--usr/src/lib/pam_modules/list/list.c56
8 files changed, 107 insertions, 51 deletions
diff --git a/usr/src/lib/brand/bhyve/zone/boot.c b/usr/src/lib/brand/bhyve/zone/boot.c
index 645958d14a..3d26e350d4 100644
--- a/usr/src/lib/brand/bhyve/zone/boot.c
+++ b/usr/src/lib/brand/bhyve/zone/boot.c
@@ -286,6 +286,8 @@ add_disk(char *disk, char *path, char *slotconf, size_t slotconf_len)
strcmp(guest_block_size, "0") == 0) {
guest_block_size = NULL;
}
+ } else if (is_env_string("device", disk, "model", "nvme")) {
+ model = "nvme";
} else if (is_env_string("device", disk, "model", "ahci")) {
if (is_env_string("device", disk, "media", "cdrom")) {
model = "ahci-cd";
diff --git a/usr/src/lib/cfgadm_plugins/ac/common/mema.c b/usr/src/lib/cfgadm_plugins/ac/common/mema.c
index 1b08d13f92..3e97bc622e 100644
--- a/usr/src/lib/cfgadm_plugins/ac/common/mema.c
+++ b/usr/src/lib/cfgadm_plugins/ac/common/mema.c
@@ -24,8 +24,6 @@
* Use is subject to license terms.
*/
-#pragma ident "%Z%%M% %I% %E% SMI"
-
#include <stddef.h>
#include <stdlib.h>
#include <unistd.h>
@@ -465,7 +463,7 @@ ap_stat(
if ((bank = ap_bk_idx(bank_spec)) == -1) {
__fmt_errstring(errstring, strlen(bank_spec),
- dgettext(TEXT_DOMAIN, ap_invalid), bank_spec);
+ dgettext(TEXT_DOMAIN, ap_invalid), bank_spec);
return (CFGA_ERROR);
}
@@ -831,7 +829,7 @@ mtest_run(
if (ret == -1) {
if (ret_errno == ENOTSUP) {
mema_err(&cmd, ret_errno, errstring,
- CMD_MEM_TEST_START);
+ CMD_MEM_TEST_START);
return (CFGA_OPNOTSUPP);
}
if (ret_errno == EBUSY && test_start.tester_pid > 0) {
@@ -1131,14 +1129,14 @@ cfga_test(
hlp = subopt_help_str(opts);
if (hlp != NULL) {
__fmt_errstring(errstring,
- strlen(value) + strlen(hlp),
- dgettext(TEXT_DOMAIN, unk_test),
- value, hlp);
+ strlen(value) + strlen(hlp),
+ dgettext(TEXT_DOMAIN, unk_test),
+ value, hlp);
free((void *)hlp);
} else {
__fmt_errstring(errstring, 20,
- dgettext(TEXT_DOMAIN, calloc_fail),
- strlen(options) + 1, 1);
+ dgettext(TEXT_DOMAIN, calloc_fail),
+ strlen(options) + 1, 1);
}
/* Free after printing value. */
free((void *)free_cp);
@@ -1161,18 +1159,18 @@ cfga_test(
if (max_errors != -1 && subopt == maxerr_idx) {
__fmt_errstring(errstring,
- strlen(opts[subopt]),
- dgettext(TEXT_DOMAIN, dup_num),
- opts[subopt]);
+ strlen(opts[subopt]),
+ dgettext(TEXT_DOMAIN, dup_num),
+ opts[subopt]);
free((void *)free_cp);
return (CFGA_ERROR);
}
if (value == NULL) {
__fmt_errstring(errstring,
- 0,
- dgettext(TEXT_DOMAIN, no_num),
- "");
+ 0,
+ dgettext(TEXT_DOMAIN, no_num),
+ "");
free((void *)free_cp);
return (CFGA_ERROR);
}
@@ -1181,9 +1179,9 @@ cfga_test(
if ((ret_p == value) || (*ret_p != '\0') ||
(max_errors < 0)) {
__fmt_errstring(errstring,
- strlen(value),
- dgettext(TEXT_DOMAIN, no_num),
- value);
+ strlen(value),
+ dgettext(TEXT_DOMAIN, no_num),
+ value);
free((void *)free_cp);
return (CFGA_ERROR);
}
@@ -1300,7 +1298,7 @@ info_set(ac_stat_t *asp, mema_bank_t *bkp, cfga_info_t info)
char *end;
end = &info[sizeof (cfga_info_t)];
- *info = NULL;
+ *info = '\0';
board = bkp->board;
@@ -1370,8 +1368,8 @@ mema_cvt(ac_stat_t *ac, mema_bank_t *bkp, cfga_stat_data_t *cs)
cs->ap_busy = (cfga_busy_t)ac->busy;
cs->ap_status_time = ac->status_time;
info_set(ac, bkp, cs->ap_info);
- cs->ap_log_id[0] = NULL;
- cs->ap_phys_id[0] = NULL;
+ cs->ap_log_id[0] = '\0';
+ cs->ap_phys_id[0] = '\0';
}
/*ARGSUSED*/
diff --git a/usr/src/lib/cfgadm_plugins/sysctrl/common/cfga.c b/usr/src/lib/cfgadm_plugins/sysctrl/common/cfga.c
index 1dca716564..81245635d2 100644
--- a/usr/src/lib/cfgadm_plugins/sysctrl/common/cfga.c
+++ b/usr/src/lib/cfgadm_plugins/sysctrl/common/cfga.c
@@ -24,8 +24,6 @@
* Use is subject to license terms.
*/
-#pragma ident "%Z%%M% %I% %E% SMI"
-
#include <stddef.h>
#include <locale.h>
#include <ctype.h>
@@ -611,7 +609,10 @@ sim_open(char *a, int b, int c)
}
static int
-sim_close(int a) { return (0); }
+sim_close(int a)
+{
+ return (0);
+}
static int
sim_ioctl(int fd, int cmd, void *a)
@@ -750,7 +751,7 @@ dlist_find(int board, char **dlist, int *disabled)
static int
dlist_update(int board, int disable, char *dlist, struct cfga_msg *msgp,
- int verbose)
+ int verbose)
{
int i, j, n;
int err;
@@ -941,7 +942,7 @@ cfga_change_state(
cfga_err(NULL, errstring, ERR_TRANS, 0);
else if (disabled && !(force || (options && !disable)))
cfga_err(NULL, errstring, CMD_CONNECT,
- ERR_DISABLED, DIAG_FORCE, 0);
+ ERR_DISABLED, DIAG_FORCE, 0);
else if (!(*confp->confirm)(confp->appdata_ptr,
cfga_str(ASK_CONNECT))) {
(void) close(fd);
@@ -949,7 +950,7 @@ cfga_change_state(
} else if (ioctl(fd, SYSC_CFGA_CMD_CONNECT, sc) == -1)
cfga_err(sc, errstring, CMD_CONNECT, 0);
else if (options && (opterr = dlist_update(idx, disable,
- dlist, msgp, verbose))) {
+ dlist, msgp, verbose))) {
err = disable ? OPT_DISABLE : OPT_ENABLE;
cfga_err(NULL, errstring, err, opterr, 0);
} else
@@ -982,7 +983,7 @@ cfga_change_state(
if (rs == SYSC_CFGA_RSTATE_DISCONNECTED)
if (disabled && !(force || (options && !disable))) {
cfga_err(NULL, errstring, CMD_CONFIGURE,
- ERR_DISABLED, DIAG_FORCE, 0);
+ ERR_DISABLED, DIAG_FORCE, 0);
(void) close(fd);
return (CFGA_ERROR);
} else if (!(*confp->confirm)(confp->appdata_ptr,
@@ -1000,7 +1001,7 @@ cfga_change_state(
if (ioctl(fd, SYSC_CFGA_CMD_CONFIGURE, sc) == -1)
cfga_err(sc, errstring, CMD_CONFIGURE, 0);
else if (options && (opterr = dlist_update(idx,
- disable, dlist, msgp, verbose))) {
+ disable, dlist, msgp, verbose))) {
err = disable ? OPT_DISABLE : OPT_ENABLE;
cfga_err(NULL, errstring, err, opterr, 0);
} else
@@ -1015,7 +1016,7 @@ cfga_change_state(
else if (ioctl(fd, SYSC_CFGA_CMD_UNCONFIGURE, sc) == -1)
cfga_err(sc, errstring, CMD_UNCONFIGURE, 0);
else if (options && (opterr = dlist_update(idx, disable,
- dlist, msgp, verbose))) {
+ dlist, msgp, verbose))) {
err = disable ? OPT_DISABLE : OPT_ENABLE;
cfga_err(NULL, errstring, err, opterr, 0);
} else
@@ -1124,14 +1125,14 @@ cfga_private_func(
if ((idx = ap_idx(ap_id)) == -1)
cfga_err(NULL, errstring, ERR_AP_INVAL, ap_id, 0);
else if (((fd = open(ap_id, O_RDWR, 0)) == -1) ||
- (ioctl(fd, cmd, sc) == -1))
+ (ioctl(fd, cmd, sc) == -1))
cfga_err(NULL, errstring, err, 0);
else
rc = CFGA_OK;
if (options) {
opterr = (dlist_find(idx, &dlist, &disabled) ||
- dlist_update(idx, disable, dlist, msgp, verbose));
+ dlist_update(idx, disable, dlist, msgp, verbose));
if (opterr) {
err = disable ? OPT_DISABLE : OPT_ENABLE;
if (verbose)
@@ -1274,7 +1275,7 @@ info_set(sysc_cfga_stat_t *sc, cfga_info_t info, int disabled)
struct cpu_info *cpu;
union bd_un *bd = &sc->bd;
- *info = NULL;
+ *info = '\0';
switch (sc->type) {
case CPU_BOARD:
@@ -1282,11 +1283,11 @@ info_set(sysc_cfga_stat_t *sc, cfga_info_t info, int disabled)
if (cpu->cpu_speed > 1) {
info += sprintf(info, "cpu %d: ", i);
info += sprintf(info, "%3d MHz ",
- cpu->cpu_speed);
+ cpu->cpu_speed);
if (cpu->cache_size)
info += sprintf(info, "%0.1fM ",
- (float)cpu->cache_size /
- (float)(1024 * 1024));
+ (float)cpu->cache_size /
+ (float)(1024 * 1024));
}
}
break;
@@ -1312,7 +1313,7 @@ info_set(sysc_cfga_stat_t *sc, cfga_info_t info, int disabled)
for (i = 0; i < 2; i++)
if (bd->dsk.disk_pres[i])
info += sprintf(info, "target: %2d ",
- bd->dsk.disk_id[i]);
+ bd->dsk.disk_id[i]);
else
info += sprintf(info, "no disk ");
break;
@@ -1338,8 +1339,8 @@ sysc_cvt(sysc_cfga_stat_t *sc, cfga_stat_data_t *cs, int disabled)
cs->ap_busy = (cfga_busy_t)sc->in_transition;
cs->ap_status_time = sc->last_change;
info_set(sc, cs->ap_info, disabled);
- cs->ap_log_id[0] = NULL;
- cs->ap_phys_id[0] = NULL;
+ cs->ap_log_id[0] = '\0';
+ cs->ap_phys_id[0] = '\0';
}
/*ARGSUSED*/
@@ -1426,8 +1427,8 @@ cfga_stat(
rc = CFGA_OK;
if (options && options[0] && ((opterr != 0) ||
- ((opterr = dlist_update(idx, disable, dlist, NULL, 0))
- != 0))) {
+ ((opterr = dlist_update(idx, disable, dlist, NULL, 0))
+ != 0))) {
err = disable ? OPT_DISABLE : OPT_ENABLE;
cfga_err(NULL, errstring, err, opterr, 0);
}
diff --git a/usr/src/lib/fm/libldom/sparc/ldom_xmpp_client.c b/usr/src/lib/fm/libldom/sparc/ldom_xmpp_client.c
index f183b5b7f9..b12cd868e9 100644
--- a/usr/src/lib/fm/libldom/sparc/ldom_xmpp_client.c
+++ b/usr/src/lib/fm/libldom/sparc/ldom_xmpp_client.c
@@ -252,7 +252,7 @@ xmpp_connect(xmpp_conn_t *conn)
conn->tls_started = B_FALSE;
conn->parser = xmlCreatePushParserCtxt(&xml_handler, (void *) conn,
- NULL, NULL, NULL);
+ NULL, 0, NULL);
if (conn->parser == NULL) {
return (-1);
}
@@ -417,7 +417,7 @@ xmpp_client_thr(void *data)
* It should only be reset once after the ssl is opened
* in the start_tls().
*/
- (void) xmlCtxtResetPush(conn.parser, NULL, NULL, NULL,
+ (void) xmlCtxtResetPush(conn.parser, NULL, 0, NULL,
NULL);
}
xmpp_close(&conn);
diff --git a/usr/src/lib/fm/topo/modules/sun4v/sun4vpi/pi_walker.c b/usr/src/lib/fm/topo/modules/sun4v/sun4vpi/pi_walker.c
index c762e5e5c0..a767df54d6 100644
--- a/usr/src/lib/fm/topo/modules/sun4v/sun4vpi/pi_walker.c
+++ b/usr/src/lib/fm/topo/modules/sun4v/sun4vpi/pi_walker.c
@@ -308,7 +308,7 @@ pi_walker(pi_enum_t *pip, tnode_t *t_parent, const char *hc_name,
* by calling an appropriate creation routine for the node type.
*
* Output:
- * This routine returns MDE_WALK_NEXT, MDE_WALK_DONE or MDE_WALK_ERROR
+ * This routine returns MDE_WALK_NEXT, MDE_WALK_DONE or MDE_WALK_ERROR
* only.
*/
static int
@@ -704,7 +704,7 @@ pi_walkerlist_create(topo_mod_t *mod)
/* Initialize the uutil list structure */
walker_pool = uu_list_pool_create("pi_walker_pool",
sizeof (pi_walkernode_t), offsetof(pi_walkernode_t, walker_node),
- pi_walkerlist_compare, NULL);
+ pi_walkerlist_compare, 0);
if (walker_pool == NULL) {
(void) topo_mod_seterrno(mod, EMOD_NOMEM);
return (-1);
diff --git a/usr/src/lib/libdemangle/common/cxx.c b/usr/src/lib/libdemangle/common/cxx.c
index af5f549f78..c89bd2ac7b 100644
--- a/usr/src/lib/libdemangle/common/cxx.c
+++ b/usr/src/lib/libdemangle/common/cxx.c
@@ -167,7 +167,7 @@ size_t cpp_name_max_depth = 1024; /* max depth of name stack */
char *
cpp_demangle(const char *src, size_t srclen, sysdem_ops_t *ops)
{
- char *result = NULL;
+ char *volatile result = NULL;
cpp_db_t db;
if (!db_init(&db, ops))
diff --git a/usr/src/lib/libzonecfg/common/libzonecfg.c b/usr/src/lib/libzonecfg/common/libzonecfg.c
index e709b7dba8..7dc3f9ccb8 100644
--- a/usr/src/lib/libzonecfg/common/libzonecfg.c
+++ b/usr/src/lib/libzonecfg/common/libzonecfg.c
@@ -6066,9 +6066,16 @@ new_zone_did()
int len;
int val;
struct flock lck;
+ char pathbuf[PATH_MAX];
char buf[80];
- if ((fd = open(DEBUGID_FILE, O_RDWR | O_CREAT,
+ if (snprintf(pathbuf, sizeof (pathbuf), "%s%s", zonecfg_get_root(),
+ DEBUGID_FILE) >= sizeof (pathbuf)) {
+ printf(gettext("alternate root path is too long"));
+ return (-1);
+ }
+
+ if ((fd = open(pathbuf, O_RDWR | O_CREAT,
S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) < 0) {
perror("new_zone_did open failed");
return (-1);
diff --git a/usr/src/lib/pam_modules/list/list.c b/usr/src/lib/pam_modules/list/list.c
index 185a451246..234f709a36 100644
--- a/usr/src/lib/pam_modules/list/list.c
+++ b/usr/src/lib/pam_modules/list/list.c
@@ -33,6 +33,7 @@
#include <malloc.h>
#include <unistd.h>
#include <errno.h>
+#include <grp.h>
#include <security/pam_appl.h>
#include <security/pam_modules.h>
#include <security/pam_impl.h>
@@ -68,24 +69,34 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
char buf[BUFSIZ];
char hostname[MAXHOSTNAMELEN];
char *username = NULL;
+ char *grbuf = NULL;
char *bufp;
char *rhost;
- char *limit;
+ char *limit;
int userok = 0;
int hostok = 0;
int i;
int allow_deny_test = 0;
+ long grbuflen = 0;
boolean_t debug = B_FALSE;
boolean_t allow = B_FALSE;
boolean_t matched = B_FALSE;
boolean_t check_user = B_TRUE;
+ boolean_t check_group = B_FALSE;
boolean_t check_host = B_FALSE;
boolean_t check_exact = B_FALSE;
pam_list_mode_t op_mode = LIST_PLUS_CHECK;
+ // group reentrant interfaces limits
+ if ((grbuflen = sysconf(_SC_GETGR_R_SIZE_MAX)) <= 0)
+ return (PAM_BUF_ERR);
+
for (i = 0; i < argc; ++i) {
if (strncasecmp(argv[i], "debug", sizeof ("debug")) == 0) {
debug = B_TRUE;
+ } else if (strncasecmp(argv[i], "group",
+ sizeof ("group")) == 0) {
+ check_group = B_TRUE;
} else if (strncasecmp(argv[i], "user", sizeof ("user")) == 0) {
check_user = B_TRUE;
} else if (strncasecmp(argv[i], "nouser",
@@ -140,8 +151,8 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
}
}
- if (((check_user || check_host || check_exact) == B_FALSE) ||
- (allow_deny_test > 1)) {
+ if (((check_user || check_group || check_host ||
+ check_exact) == B_FALSE) || (allow_deny_test > 1)) {
__pam_log(LOG_AUTH | LOG_ERR, ILLEGAL_COMBINATION);
return (PAM_SERVICE_ERR);
}
@@ -151,6 +162,11 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
return (PAM_SERVICE_ERR);
}
+ if ((op_mode == LIST_COMPAT_MODE) && (check_group == B_TRUE)) {
+ log_illegal_combination("compat", "group");
+ return (PAM_SERVICE_ERR);
+ }
+
if (debug) {
__pam_log(LOG_AUTH | LOG_DEBUG,
"pam_list: check_user = %d, check_host = %d,"
@@ -165,7 +181,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
(void) pam_get_item(pamh, PAM_USER, (void**)&username);
- if ((check_user || check_exact) && ((username == NULL) ||
+ if ((check_user || check_group || check_exact) && ((username == NULL) ||
(*username == '\0'))) {
__pam_log(LOG_AUTH | LOG_ERR,
"pam_list: username not supplied, critical error");
@@ -203,6 +219,12 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
return (PAM_SERVICE_ERR);
}
+ if (check_group && ((grbuf = calloc(1, grbuflen)) == NULL)) {
+ __pam_log(LOG_AUTH | LOG_ERR,
+ "pam_list: could not allocate memory for group");
+ return (PAM_BUF_ERR);
+ }
+
while (fgets(buf, BUFSIZ, fd) != NULL) {
/* lines longer than BUFSIZ-1 */
if ((strlen(buf) == (BUFSIZ - 1)) &&
@@ -242,6 +264,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
"pam_list: simple minus unknown, "
"illegal line in " PF_PATH);
(void) fclose(fd);
+ free(grbuf);
return (PAM_SERVICE_ERR);
}
@@ -251,6 +274,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
"pam_list: @ is not allowed on the first "
"position in " PF_PATH);
(void) fclose(fd);
+ free(grbuf);
return (PAM_SERVICE_ERR);
}
@@ -282,6 +306,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
/*
* if -> netgroup line
+ * else if -> group line
* else -> user line
*/
if ((bufp[0] == '@') && (bufp[1] != '\0')) {
@@ -311,6 +336,28 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
break;
}
}
+ } else if ((bufp[0] == '%') && (bufp[1] != '\0')) {
+ char **member;
+ struct group grp;
+
+ if (check_group == B_FALSE)
+ continue;
+
+ bufp++;
+
+ if (getgrnam_r(bufp, &grp, grbuf, grbuflen) != NULL) {
+ for (member = grp.gr_mem; *member != NULL;
+ member++) {
+ if (strcmp(*member, username) == 0) {
+ matched = B_TRUE;
+ break;
+ }
+ }
+ } else {
+ __pam_log(LOG_AUTH | LOG_ERR,
+ "pam_list: %s is not a known group",
+ bufp);
+ }
} else {
if (check_user) {
if (strcmp(bufp, username) == 0) {
@@ -331,6 +378,7 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
}
}
(void) fclose(fd);
+ free(grbuf);
if (debug) {
__pam_log(LOG_AUTH | LOG_DEBUG,
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-06 11:40:48 +0000