benno [Thu, 1 Sep 2022 15:43:07 +0000 (15:43 +0000)]
fix unveil(2) in vmctl(8), unix socket needs :w:
ok mestre@ martijn@
millert [Thu, 1 Sep 2022 15:21:28 +0000 (15:21 +0000)]
Update awk to Aug 30, 2022 version.
Various leaks and use-after-free issues plugged/fixed.
tb [Thu, 1 Sep 2022 15:19:16 +0000 (15:19 +0000)]
Check sk_SSL_CIPHER_push() return value
CID 24797
ok jsing
martijn [Thu, 1 Sep 2022 14:34:17 +0000 (14:34 +0000)]
Add privilege separation to snmpd.
This uses the just imported snmpd_metrics as a new (agentx-based) backend.
Snmpd(8) executes all files in /usr/libexec/snmpd and treats regions
registered by these binaries as authorative, so that no other agentx
backends can overwrite them. The snmpe process is now pledged
"stdio recvfd inet unix".
This removes quite a few entries from the sysORTable, but the current
entries are non-compliant anyway and should be completely revisisted at a
later time.
Reduces the time for a full walk by about a factor of 4, bringing us close
to the original speed before application.c was introduced.
General design discussed with claudio@
Tested by and OK sthen
Release build test and OK tb@
benno [Thu, 1 Sep 2022 14:23:25 +0000 (14:23 +0000)]
add checks that unveil() is doing the right thing irt. bind() and connect()
martijn [Thu, 1 Sep 2022 14:22:55 +0000 (14:22 +0000)]
Hook up snmpd_metrics
OK tb@, sthen@
martijn [Thu, 1 Sep 2022 14:20:32 +0000 (14:20 +0000)]
Import snmpd_metrics.
This contains snmpd's mib.c (and friends) adjusted for libagentx.
This standalone binary is to be used by snmpd to achieve privilege
separation.
If people need net-snmpd, but want some of the base snmpd metrics they can
start this binary as a normal daemon and connect to net-snmpd's agentx
socket.
Tested, Feedback, and OK sthen@
Release build test, and OK tb@
tb [Thu, 1 Sep 2022 14:03:29 +0000 (14:03 +0000)]
Link sha test to regress
tb [Thu, 1 Sep 2022 14:02:41 +0000 (14:02 +0000)]
Add a nicely licensed, table-driven test for SHA
This tests covers the NIST vectors for SHA-{1,224,256,384,256} and will
soon be able to replace the old SHA tests entirely.
From Joshua Sing <joshua () hypera ! dev>
krw [Thu, 1 Sep 2022 13:56:21 +0000 (13:56 +0000)]
Drop support for unused attributes 'bs' (d_bbsize) and 'sb'
(d_sbsize).
ok otto@ as part of larger diff
krw [Thu, 1 Sep 2022 13:45:26 +0000 (13:45 +0000)]
Stop setting d_bbsize and d_sbsize. Nobody has paid
any attention for some time.
ok otto@ as part of larger diff
krw [Thu, 1 Sep 2022 13:37:57 +0000 (13:37 +0000)]
Nuke comment about not using d_sbsize.
ok otto@ as part of larger diff
krw [Thu, 1 Sep 2022 13:35:02 +0000 (13:35 +0000)]
d_bbsize and d_sbsize have become write-only fields.
No need to set them or check that they are set.
ok otto@ as part of larger diff
martijn [Thu, 1 Sep 2022 13:24:28 +0000 (13:24 +0000)]
At the moment unveil(2) doesn't check the path for bind(2) or connect(2).
This is about to change and connect(2) will require "w", not "r".
OK deraadt@ florian@ mestre@
claudio [Thu, 1 Sep 2022 13:23:24 +0000 (13:23 +0000)]
Switch the rde_peer hashtable and peer list to a single RB tree.
Only the RDE used a hashtable for lookups while the session engine
switched from a list to RB tree some time ago.
Use peer_foreach() in the mrt code instead of passing the peer list
as an argument.
OK benno@ tb@
claudio [Thu, 1 Sep 2022 13:19:11 +0000 (13:19 +0000)]
This code no longer needs siphash.h and also cleanup some leftover
prototypes and members that were not removed in the previous RB tree
conversions.
OK benno@ tb@
deraadt [Thu, 1 Sep 2022 12:28:53 +0000 (12:28 +0000)]
the VNDIOCSET ioctl path handling bypassed the unveil, so root (or .operator)
could read a file outside the space.
ok semarie benno tb
kn [Thu, 1 Sep 2022 08:52:30 +0000 (08:52 +0000)]
Fix logic bug
USE_SOFTRAID=Yes means the softraid volume itself *does* need to be
formatted.
krw [Thu, 1 Sep 2022 08:18:20 +0000 (08:18 +0000)]
Delete force CHS remnants here too.
Makes file identical to amd64 version again.
ok mlarkin@
jsg [Thu, 1 Sep 2022 07:26:56 +0000 (07:26 +0000)]
remove exec_makecmds() and exec_runcmds() prototypes
removed from kern_exec.c between NetBSD 0.9 and NetBSD 1.0
ajacoutot [Thu, 1 Sep 2022 07:25:32 +0000 (07:25 +0000)]
Add a new action: "configtest", to check configuration syntax of the daemon.
A few adjustments will be done in the next days (like disabling this action if
there's no specific rc_configtest function defined).
e.g.
/etc/rc.d/sshd configtest
rcctl configtest sshd
idea from naddy@
miod [Thu, 1 Sep 2022 05:49:04 +0000 (05:49 +0000)]
Do not embed ident(1) strings in object code.
ok daniel@ deraadt@ jca@
jsg [Thu, 1 Sep 2022 05:40:46 +0000 (05:40 +0000)]
remove ppath_destroy() prototype; function was never committed
jsg [Thu, 1 Sep 2022 05:31:49 +0000 (05:31 +0000)]
remove sb_lock() prototype; removed in uipc_socket2.c 1.64
jsg [Thu, 1 Sep 2022 05:24:51 +0000 (05:24 +0000)]
remove unused prototypes from buf.h
bufcache_getanycleanbuf() removed in vfs_bio.c 1.181
buf_acquire_unmapped() removed in vfs_biomem.c 1.22
buf_print() removed in vfs_bio.c 1.47
cluster_write() removed along with vfs_cluster.c in 2016
kn [Thu, 1 Sep 2022 01:52:08 +0000 (01:52 +0000)]
Don't print device name on failure
Noticed by mistake (wanted `-l'):
# vnconfig l
vnd0
vnconfig: VNDIOCSET: No such file or directory
Same happens if you try to load a bogus file:
# vnconfig ./empty
vnd0
vnconfig: VNDIOCSET: Input/output error
In both cases, the info on stdout is useless as vnd0 is not used.
Defer printing the device until after the file is set up:
# ./obj/vnconfig l
vnconfig: VNDIOCSET: No such file or directory
# ./obj/vnconfig ./empty
vnconfig: VNDIOCSET: Input/output error
OK deraadt
kn [Thu, 1 Sep 2022 01:09:19 +0000 (01:09 +0000)]
Minor internal target names and spacing tweaks, add dry-toofew test
kn [Thu, 1 Sep 2022 00:43:14 +0000 (00:43 +0000)]
Add macppc bits, hook up installboot(8) tests on macppc
Default tests (USE_SOFTRAID=No, NDISKS=1) pass except for 'vnd0 ./ofwboot'
as reported on tech@ (fix pending).
cheloha [Thu, 1 Sep 2022 00:14:36 +0000 (00:14 +0000)]
ts(1): parse user format string only once
Currently, ts(1) reparses the user format string every time it prints
a timestamp. This is wasteful.
If we isolate the parsing loop in fmtfmt() and move the rest of the
work into a new function, fmtprint(), we can cut some overhead out
of the hot loop.
We still need to update any microsecond substrings in the parsed
format string every time we print a timestamp. So during parsing in
fmtfmt() we build a list of pointers to locations in the parsed buffer
where the microsecond substring needs to be copied during fmtprint().
With input from deraadt@.
Link1: https://marc.info/?l=openbsd-tech&m=
165769139318084&w=2
Link2: https://marc.info/?l=openbsd-tech&m=
165910022501353&w=2
OK job@
kn [Thu, 1 Sep 2022 00:13:35 +0000 (00:13 +0000)]
Hook up installboot(8) tests on sparc64
Default tests (USE_SOFTRAID=Yes, NDISKS='1 2') pass except for '-r mnt',
as mentioned (fix pending).
USE_SOFTRAID=no and/or NDISKS=1 make '-r mnt' work.
kn [Wed, 31 Aug 2022 23:53:22 +0000 (23:53 +0000)]
Introduce USE_SOFTRAID to allow testing on vnd(4) directly
This is mostly for architectures which don't have softraid(4) support
in installboot(8), but should also be useful in general to test different
setups and thus increase coverage.
Default to root on softraid on vnd on all architectures that support it:
amd64, arm64, i386 and sparc64; use root on vnd on others (yet to come).
patrick [Wed, 31 Aug 2022 23:31:35 +0000 (23:31 +0000)]
Compare equality of looked up node using pointers instead of
strings, as the component name provided in the IORT might be
specified in a different way than our ACPI stack would do.
ok kettenis@
kn [Wed, 31 Aug 2022 23:10:01 +0000 (23:10 +0000)]
Silence cleanup, rename internal setup targets for clarity
kn [Wed, 31 Aug 2022 22:54:41 +0000 (22:54 +0000)]
Always run prepare
Not all architectures require/implement -p, but installboot(8) provides stubs,
so leave it to the program to (not) do something.
jmc [Wed, 31 Aug 2022 22:27:14 +0000 (22:27 +0000)]
use the posix phrasing to improve the description of "shift";
nudge from luka krmpotic
tb [Wed, 31 Aug 2022 21:34:14 +0000 (21:34 +0000)]
Add an empty line for consistency.
mvs [Wed, 31 Aug 2022 21:23:02 +0000 (21:23 +0000)]
Move PRU_SENDOOB request to (*pru_sendoob)().
PRU_SENDOOB request always consumes passed `top' and `control' mbufs. To
avoid dummy m_freem(9) handlers for all protocols release passed mbufs
in the pru_sendoob() EOPNOTSUPP error path.
Also fix `control' mbuf(9) leak in the tcp(4) PRU_SENDOOB error path.
ok bluhm@
krw [Wed, 31 Aug 2022 20:52:15 +0000 (20:52 +0000)]
Replace "newfs_msdos" and "fsck_msdos" with "newfs -t msdos" and "fsck -t
msdos".
Add some missing spaces after "=".
Constify the static strings.
Prodded a while ago by deraadt@, tweaks from kn@, ok kn@
tb [Wed, 31 Aug 2022 20:49:37 +0000 (20:49 +0000)]
Recommit -r1.45 but without error checking EVP_PKEY_copy_parameters()
EVP_PKEY_copy_parameters() will unconditionally fail if the pkey's ameth
has no copy_params(). Obviously this is indistinguishable from actual
failure...
ok jsing
patrick [Wed, 31 Aug 2022 20:49:12 +0000 (20:49 +0000)]
Support SMMUv3 IORT nodes as well in the midlayers. This allows IOMMU
mappings to reach a future SMMUv3 implementation.
ok kettenis@, mlarkin@
kn [Wed, 31 Aug 2022 20:48:55 +0000 (20:48 +0000)]
Rename helper vars/files under obj/
Up-front cleanup for a future diff to run directly on vnd(4) without softraid(4).
No functional change.
kn [Wed, 31 Aug 2022 20:23:57 +0000 (20:23 +0000)]
Put MD fdisk usage into new FORMAT_DISK, also softraid volume after chunks
tb [Wed, 31 Aug 2022 20:20:53 +0000 (20:20 +0000)]
Revert r1.46. Causes fireworks in regress.
kettenis [Wed, 31 Aug 2022 20:16:02 +0000 (20:16 +0000)]
MSIs on the x13s are routed through both a "normal" SMMU and a "v3" SMMU.
So handle this case in acpipci(4) and kill the hack to disable MSIs.
ok patrick@, mlarkin@, deraadt@
kn [Wed, 31 Aug 2022 19:40:37 +0000 (19:40 +0000)]
Log copy of /ofwboot
Another step towards more consistent behaviour across platforms.
This leaves only hppa and landisk **not** logging such copies,
but I can't test on those.
OK miod
kn [Wed, 31 Aug 2022 19:38:42 +0000 (19:38 +0000)]
Denote possible answers in the usual manner
OK miod
miod [Wed, 31 Aug 2022 18:46:06 +0000 (18:46 +0000)]
Make installboot on landisk aware of a possible MBR on the disk, and in this
case install the first level bootstrap at the beginning of the of the wd0a
filesystem, rather than at the beginning of the disk.
Both locations work but the previous behaviour overwriting an existing MBR
is a violation of POLA.
tweaks & ok krw@
dv [Wed, 31 Aug 2022 16:17:18 +0000 (16:17 +0000)]
relayd(8): change agentx_getsock to return void
Only has one return value and it's never checked.
ok martijn@, tb@
kettenis [Wed, 31 Aug 2022 16:10:59 +0000 (16:10 +0000)]
Add qcgpio(4) and qciic(4), drivers for the Qualcomm GPIO and I2C controllers
found on the SC8280XP SoC. Together these drivers make the keyboard,
trackpoint and touchpad work on the x13s.
ok deraadt@
claudio [Wed, 31 Aug 2022 15:51:44 +0000 (15:51 +0000)]
Remove IMSG_CTL_SHOW_RIB_HASH and struct rde_hashstats which are no
longer used. Also cleanup some hash sizes which are also no longer used.
OK tb@
kettenis [Wed, 31 Aug 2022 15:14:01 +0000 (15:14 +0000)]
Introduce iic_intr_disestablish() and use it in ihidev(4).
ok jcs@
claudio [Wed, 31 Aug 2022 15:00:53 +0000 (15:00 +0000)]
Remove the hash statistics print code. The RDE no longer sends these
imsgs.
OK tb@
kettenis [Wed, 31 Aug 2022 14:47:22 +0000 (14:47 +0000)]
Add apldc(4), apldchidev(4), apldckdb(4) and aplrtkit(4). Together these
drivers implement support for the Dockchannel-base keyboard found on
Apple M2 laptops.
ok mlarkin@, patrick@
claudio [Wed, 31 Aug 2022 14:29:36 +0000 (14:29 +0000)]
Switch the generic attribute cache to an RB tree.
OK benno@ tb@
tb [Wed, 31 Aug 2022 14:27:34 +0000 (14:27 +0000)]
Remove most mentions of contexts on the stack.
tb [Wed, 31 Aug 2022 13:28:39 +0000 (13:28 +0000)]
nasty whitespace
tb [Wed, 31 Aug 2022 13:01:01 +0000 (13:01 +0000)]
Rework DSA_size() and ECDSA_size()
DSA_size() and ECDSA_size() have a very special hack. They fudge up an
ASN1_INTEGER with a size which is typically > 100 bytes, backed by a
buffer of size 4. This was "fine", however, since they set buf[0] = 0xff,
where the craziness that was i2c_ASN1_INTEGER() only looks at the first
octet (one may then ask why a buffer of size 4 was necessary...).
This changed with the rewrite of i2c_ASN1_INTEGER(), which doesn't
respect this particular hack and rightly assumes that it is fed an
actual ASN1_INTEGER...
Instead, create an appropriate signature and use i2d to determine its
size.
Fixes an out-of-bounds read flagged by ASAN and oss-fuzz.
ok jsing
tb [Wed, 31 Aug 2022 12:29:08 +0000 (12:29 +0000)]
Avoid division by zero if no connection was made.
CID 184043
claudio [Wed, 31 Aug 2022 12:13:59 +0000 (12:13 +0000)]
Add missing OpenBSD id comment
benno [Wed, 31 Aug 2022 11:29:12 +0000 (11:29 +0000)]
make kernel build without INET6 again
ok sashan@
claudio [Wed, 31 Aug 2022 11:25:36 +0000 (11:25 +0000)]
Make sure that only one roa softreconfig runner is run at any time.
If a run takes to long drop the current update and wait for the next update.
OK benno@
krw [Wed, 31 Aug 2022 11:04:41 +0000 (11:04 +0000)]
Remove now unused and unreferenced disktab.h.
krw [Wed, 31 Aug 2022 10:46:33 +0000 (10:46 +0000)]
Whitespace fixes.
tb [Wed, 31 Aug 2022 09:39:59 +0000 (09:39 +0000)]
Some missing return checks
tb [Wed, 31 Aug 2022 09:38:00 +0000 (09:38 +0000)]
Avoid some buffer overflows in ecdsatest
The ASN.1 encoding of the modified ECDSA signature can grow in size due to
padding of the ASN.1 integers. Instead of reusing the same signature buffer
freshly allocate it. Avoids some buffer overflows caught by ASAN.
tb [Wed, 31 Aug 2022 09:36:46 +0000 (09:36 +0000)]
Revert previous. Committed the wrong version of the diff.
tb [Wed, 31 Aug 2022 09:33:39 +0000 (09:33 +0000)]
Avoid some buffer overflows in ecdsatest
The ASN.1 encoding of the modified ECDSA signature can grow in size due to
padding of the ASN.1 integers. Instead of reusing the same signature buffer
freshly allocate it. Avoids some buffer overflows caught by ASAN.
mpi [Wed, 31 Aug 2022 09:26:04 +0000 (09:26 +0000)]
Introduce a function to trylock a page instead of duplicating the logic.
Stolen from NetBSD.
ok jsg@
krw [Wed, 31 Aug 2022 09:20:57 +0000 (09:20 +0000)]
Remove "force CHS" remnants. LBA uber alles.
Mildly sad noises from Nick.
ok miod@ mlarkin@
martijn [Wed, 31 Aug 2022 09:19:22 +0000 (09:19 +0000)]
Rewrite the searchrange end calculation routine.
The old one had a bug which allowed it to move backwards on overlapping
regions and also didn't always returned the optimal end position.
OK tb@
gnezdo [Wed, 31 Aug 2022 09:07:35 +0000 (09:07 +0000)]
Lock vmobjlock then check u_flags & UVM_VNODE_VALID in uvn_attach
This is a continuation of this commit:
"Always acquire the `vmobjlock' before incrementing an object's reference."
Unfortuantely this created a race found by syzkaller manifesting as:
panic: kernel diagnostic assertion "uvn->u_obj.uo_refs == 0" failed:
file "sys/uvm/uvm_vnode.c", line 234
ok mpi@
Reported-by: syzbot+dd2d2684ad2818c927da@syzkaller.appspotmail.com
krw [Wed, 31 Aug 2022 08:35:07 +0000 (08:35 +0000)]
If a partition both starts and ends beyond the end of the unit
only warn about the start.
ok millert@
nicm [Wed, 31 Aug 2022 08:07:05 +0000 (08:07 +0000)]
Fix window size report, from Vincent Bernat.
fcambus [Wed, 31 Aug 2022 07:25:45 +0000 (07:25 +0000)]
Sync the supported hardware list with armv7.html.
OK jsg@
tb [Wed, 31 Aug 2022 07:15:31 +0000 (07:15 +0000)]
Switch loop bounds from size_t to int in check_hosts()
sk_num() can return a negative value, in which case the upper bound is
SIZE_MAX, which results in a very long for loop.
CID 153997
ok jsing
tb [Wed, 31 Aug 2022 07:12:30 +0000 (07:12 +0000)]
Check return values in ssl_print_tmp_key()
Use EVP_PKEY_get0_EC_KEY() instead of the get1 version to avoid an
EVP_PKEY_free(). Check return values: if either EVP_PKEY_get0_EC_KEY()
or EC_KEY_get0_group() fail, a NULL dereference occurs.
CID 43289
ok jsing
tb [Wed, 31 Aug 2022 06:51:36 +0000 (06:51 +0000)]
Avoid potential NULL dereference in ssl_set_pkey()
Switch from X509_get_pubkey() to X509_get0_pubkey() to avoid an unnecessary
EVP_PKEY_free(). Check the return values of X509_get0_pubkey() and
EVP_PKEY_copy_parameters(). If the former returns NULL, the latter will
dereference NULL.
CID 25020
ok jsing
jsg [Wed, 31 Aug 2022 06:23:06 +0000 (06:23 +0000)]
backport Xr fix
ok djm@
djm [Wed, 31 Aug 2022 02:56:40 +0000 (02:56 +0000)]
whitespace
guenther [Wed, 31 Aug 2022 01:27:04 +0000 (01:27 +0000)]
Refine the change in rev 1.125: the UVM mitigation for CoW faulting
when multiple CPUs are running threads in the process is only needed
when there can be multiple CPUs, so save a fault on SP builds.
ok miod@ mpi@
tb [Tue, 30 Aug 2022 23:41:53 +0000 (23:41 +0000)]
stray tab
tb [Tue, 30 Aug 2022 23:40:37 +0000 (23:40 +0000)]
whitespace
job [Tue, 30 Aug 2022 22:48:16 +0000 (22:48 +0000)]
Add ASPA regress bits
tb [Tue, 30 Aug 2022 22:42:32 +0000 (22:42 +0000)]
Avoid dead assignment
tb [Tue, 30 Aug 2022 20:40:14 +0000 (20:40 +0000)]
Check HMAC() return value to avoid a later use of uninitialized
CID 25421
tb [Tue, 30 Aug 2022 20:20:02 +0000 (20:20 +0000)]
Remove a commented-out sk_push that has been hanging around for > 20 years
benno [Tue, 30 Aug 2022 19:52:58 +0000 (19:52 +0000)]
remove an unused argument of ixgbe_rx_checksum()
ok mbuhl@
bluhm [Tue, 30 Aug 2022 19:42:29 +0000 (19:42 +0000)]
Syzkaller found a missing input validation in pipex mppe keylenbits.
Reported-by: syzbot+2eca95b271d07ab91b43@syzkaller.appspotmail.com
tested yasuoka@; OK mvs@ yasuoka@
tb [Tue, 30 Aug 2022 19:33:26 +0000 (19:33 +0000)]
chacha20_poly1305_cleanup() should return 1
Otherwise EVP_CIPHER_CTX_cleanup() leaks, as spotted by the ASAN CI.
ok jsing
job [Tue, 30 Aug 2022 18:56:49 +0000 (18:56 +0000)]
Add support for ASPA objects (draft-ietf-sidrops-aspa-profile-10)
ASPA objects are published in the RPKI and can be used to detect and
mitigate BGP route leaks. Validated ASPA Payloads are visible through
filemode (-f) and the JSON output format (-j).
With feedback from tb@
OK claudio@ tb@
claudio [Tue, 30 Aug 2022 18:50:21 +0000 (18:50 +0000)]
Switch nexthop hash to a RB tree.
OK benno@
krw [Tue, 30 Aug 2022 18:50:06 +0000 (18:50 +0000)]
Nuke disktab.h references in preparation for nuking disktab.h.
disktab.h has not been used or useful for a looooong time.
Detailed historical research by jsg@.
ok jsg@ deraadt@
kn [Tue, 30 Aug 2022 18:23:58 +0000 (18:23 +0000)]
Remove struct ifnet's unused if_switchport member
This is a switch(4) left-over.
Even though it is defined under _KERNEL, a few ports do define it and
include <net/if_var.h>, so this removal warrants a REVISION bump for all
potential ports consumers (once ports bulk machines run on a snapshot
containing this commit).
OK mvs
tb [Tue, 30 Aug 2022 18:23:40 +0000 (18:23 +0000)]
Plug leak of BIO in tls13_quic_init()
If rbio and wbio are the same, SSL_free() only frees one BIO, so the
BIO_up_ref() before SSL_set_bio() leads to a leak.
ok jsing
martijn [Tue, 30 Aug 2022 17:37:03 +0000 (17:37 +0000)]
Remove now unused search variable. Missed in previous.
OK tb@
martijn [Tue, 30 Aug 2022 17:33:20 +0000 (17:33 +0000)]
Remove the downwards check for overlapping regions when the subtree flag is
set.
There's a bit of inverted logic in there and this feature will probably get
in the way of the blocklist feature (and maybe others)
OK tb@
dv [Tue, 30 Aug 2022 17:09:21 +0000 (17:09 +0000)]
Initial support for mmio assist for vmm(4)
Provide the basic information required for a userland assist in
emulating instructions touching mmio regions, sending as much
information as is provided by the host hardware.
No decode or assist provided at the moment by vmd(8).
ok mlarkin@
miod [Tue, 30 Aug 2022 16:26:29 +0000 (16:26 +0000)]
Remove long unused WARN_REFERENCES macro; idea guenther@, ok jsg@ jca@
miod [Tue, 30 Aug 2022 16:24:16 +0000 (16:24 +0000)]
Fix uninitialized variable after the switch to (*pru_send); found the hard
way on alpha.
ok bluhm@ mvs@
yasuoka [Tue, 30 Aug 2022 16:06:09 +0000 (16:06 +0000)]
Use BUFSIZ instead of PATH_MAX. Since it doesn't anything with a file
system path. input from claudio
ok tb claudio