Commit Graph

20291 Commits

Author SHA1 Message Date
Bruce Evans
63df3a344e Quick fix for slow clearing and context switches of large frame buffers
with old kernels, by breaking the support for large frame buffers in the
same way as for current kernels.

Large frame buffers may be too large to map into kva, and the kernel
(syscons) only uses the first screen page anyway, so r203535, r205557
and 248799 limit the buffer size in VESA modes to the first screen
page, apparently without noticing that this breaks applications by
using the same limit for user mappings as for kernel mappings.  In
vgl, this makes the virtual screen the same as the physical screen.

However, this is almost a feature since clearing and switching large
(usually mostly unused) frame buffers takes too long.  E.g., on a 16
year old low-end AGP card it takes about 12 seconds to clear the 128MB
frame buffer in old kernels that map it all and also map it with slow
attributes (e.g., uncacheable).  Older PCI cards are even slower, but
usually have less memory.  Newer PCIe cards are faster, but may have
many GB of memory.  Also, vgl malloc()s a shadow buffer with the same
size as the frame buffer, so large frame buffers are even more wasteful
in applications than in the kernel.

Use the same limit in vgl as in newer kernels.

Virtual screens and panning still work in non-VESA modes that have
more than 1 page.  The reduced buffer size in the kernel also breaks
mmap() of the last physical page in modes where the reduced size is
not a multiple of the physical page size.  The same reduction in vgl
only reduces the virtual screen size.
2019-04-16 15:31:23 +00:00
Bruce Evans
9db56319d1 Fix a variable name in r346215. Clearing of the right of the screen was
broken, except it worked accidentally in most cases where the virtual
screen is larger than the physical screen.
2019-04-16 14:28:33 +00:00
Conrad Meyer
1631235aa6 random.3: Clarify confusing summary
random.3 is only "better" in contrast to rand.3.  Both are non-cryptographic
pseudo-random number generators.  The opening blurbs of each's DESCRIPTION
section does emphasize this, and correctly directs unfamiliar developers to
arc4random(3).  However, the summary (".Nd" or Name description) of random.3
conflicted in tone and message with that warning.

Resolve the conflict by clarifying in the Nd section that random(3) is
non-cryptographic and pseudo-random.  Elide the "better" qualifier which
implied a comparison but did not provide a specific object to contrast.

Sponsored by:	Dell EMC Isilon
2019-04-15 18:49:04 +00:00
Konstantin Belousov
760e34772c Fix order of destructors between main binary and libraries.
Since inits for the main binary are run from rtld (for some time), the
rtld_exit atexit(3) handler, which is passed from rtld to the program
entry and installed by csu, is installed after any atexit(3) handlers
installed by main binary constructors.  This means that rtld_exit() is
fired before main binary handlers.

Typical C++ static constructors are executed from init (either binary
or libs) but use atexit(3) to ensure that destructors are called in
the right order, independent of the linking order.  Also, C++
libraries finalizers call __cxa_finalize(3) to flush library'
atexit(3) entries.  Since atexit(3) entry is cleared after being run,
this would be mostly innocent, except that, atexit(rtld_exit) done
after main binary constructors, makes destructors from libraries
executed before destructors for main.

Fix by reordering atexit(rtld_exit) before inits for main binary, same
as it happened when inits were called by csu.  Do it using new private
libc symbol with pre-defined ABI.

Reported. tested, and reviewed by:	kan
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-04-15 13:03:09 +00:00
Mariusz Zaborski
908d1eef0b libnv: extend the tests
Add cases for sending file descriptors.

Submitted by:	Mindaugas Rasiukevicius <rmind@noxt.eu>
MFC after:	2 weeks
2019-04-15 03:32:01 +00:00
Mariusz Zaborski
3810ba1b33 libnv: add support for nvlist_send()/nvlist_recv() on Linux
This may be useful for cross build in the feature.

Submitted by:	Mindaugas Rasiukevicius <rmind@noxt.eu>
MFC after:	2 weeks
2019-04-15 03:31:02 +00:00
Bruce Evans
5cf92d7aed For writing and reading single pixels, avoid some pessimizations for
depths > 8.  Add some smaller optimizations for these depths.  Use a
more generic method for all depths >= 8, although this gives tiny
pessimizations for these depths.

For clearing the whole frame buffer, avoid the same pessimizations
for depths > 8.  Add some larger optimizations for these depths.  Use
an even more generic method for all depths >= 8 to give the optimizations
for depths > 8 and a tiny pessimization for depth 8.

The main pessimization was that old versions of bcopy() copy 1 byte at a
time for all trailing bytes.  (i386 still does this.  amd64 now pessimizzes
large sizes instead of small ones if the CPU supports ERMS.  dev/fb gets
this wrong by mostly not using the bcopy() family or the technically correct
bus space functions but by mostly copying 2 bytes at a time using an
unoptimized loop without even volatile declarations to prevent the compiler
rewriting it.)

The sizes here are 1, 2, 3 or 4 bytes, so depths 9-16 were up to twice as
slow as necessary and depths 17-24 were up to 3 times slower than necessary.
Fix this (except depths 17-24 are still up to 2 times slower than necessary)
by using (builtin) memcpy() instead of bcopy() and reorganizing so that the
complier can see the small constant sizes.  Reduce special cases while
reorganizing although this is slightly slower than adding special cases.
The compiler inlining (and even -O2 vs -O0) makes little difference compared
with reducing the number of accesses except on modern hardware it gives a
small improvement.

Clearing was also pessimized mainly by the extra accesses.  Fix it quite
differently by creating a MEMBUF containing 1 line (in fast memory using
a slow method) and copying this.  This is only slightly slower than reducing
everything to efficient memset()s and bcopy()s, but simpler, especially
for the segmented case.  This works for planar modes too, but don't use it
then since the old method was actually optimal for planar modes (it works
by moving the slow i/o instructions out of inner loops), while for direct
modes the slow instructions were all in the invisible inner loop in bcopy().

Use htole32() and le32toh() and some type puns instead of unoptimized
functions for converting colors.  This optimization is mostly in the noise.
libvgl is only supported on x86, so it could hard-code the assumption that
the byte order is le32, but the old conversion functions didn't hard-code
this.
2019-04-14 13:37:50 +00:00
Enji Cooper
b3d01a2ad7 Fix warnings with lib/libpmc
* Use `MIN` instead of similar hand rolled macro.
* Sort headers.
* Use `errno.h` instead of `sys/errno.h`.
* Wrap the argument to sizeof in parentheses for clarity.
* Remove `__BSD_VISIBLE` and `_XOPEN_SOURCE` #defines to mute warnings about
  incompatible snprintf definitions.

This fixes a number of warnings I've been seeing lately in my builds.

Sort makefile variables per style.Makefile(9) (`CFLAGS`/`CWARNFLAG.gcc`) and
bump `WARNS` to 3.

MFC after:	2 weeks
Reviewed by:	jtl
Approved by:	jtl (mentor)
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D19851
2019-04-14 00:06:49 +00:00
Konstantin Belousov
b8f75b175c Do not access mutex memory after unlock.
PR:	237195
Reported by:	freebsd@hurrikhan.eu
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-04-12 17:27:19 +00:00
Kyle Evans
fcb47c42ec libbe(3): use libzfs name validation for datasets/snapshot names
Our home-rolled solution didn't quite capture all of the details, and we
didn't actually validate snapshot names at all. zfs_name_valid captures the
important details, but it doesn't necessarily expose the errors that we're
wanting to see in the be_validate_* functions. Validating lengths
independently, then the names, should make this a non-issue.
2019-04-10 14:00:03 +00:00
Simon J. Gerraty
7b8b0fdba0 Always report file with incorrect hash. 2019-04-09 22:20:11 +00:00
Ed Maste
22ccf855bf libc: update strstr implementation to match musl
musl commits:
122d67f846cb0be2c9e1c3880db9eb9545bbe38c
0239cd0681e889a269fb7691f60e81ef8d081e6b
8f5a820d147da36bcdbddd201b35d293699dacd8

Submitted by:	David CARLIER <devnexen_gmail.com>
Obtained from:	musl
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19834
2019-04-09 15:52:18 +00:00
Edward Tomasz Napierala
9b7448fcad .Xr protect(1) and proccontrol(1) from procctl(2).
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2019-04-09 10:09:59 +00:00
Bruce Evans
b8e788b67e Fix copying of MEMBUFs to MEMBUFs. This case was implemented by using
the same code as the VIDBUF8 case, so it only worked for depths <= 8.
The 2 directions for copying between VIDBUFs and MEMBUFs worked by using
a Read/Write organization which makes the destination a VIDBUF so the
MEMBUF case was not reached, and the VIDBUF cases have already been fixed.

Fix this by removing "optimizations" for the VIDBUF8 case so that the
MEMBUF case can fall through to the general (non-segmented) case.  The
optimizations were to duplicate code for the VIDBUF8 case so as to
avoid 2 multiplications by 1 at runtime.  This optimization is not useful
since the multiplications are not in the inner loop.

Remove the same "optimization" for the VIDBUF8S case.  It was even less
useful there since it duplicated more to do relatively less.
2019-04-08 04:54:15 +00:00
Mitchell Horne
b2689b12b1 Add option to build LLVM RISC-V target
Reviewed by:	emaste, dim
Approved by:	markj (mentor)
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D19759
2019-04-07 18:24:26 +00:00
Mariusz Zaborski
8a9e93bb21 Use funlinkat in pidfile to ensure we are removing the right file. 2019-04-06 11:24:43 +00:00
Mariusz Zaborski
a1304030b8 Introduce funlinkat syscall that always us to check if we are removing
the file associated with the given file descriptor.

Reviewed by:	kib, asomers
Reviewed by:	cem, jilles, brooks (they reviewed previous version)
Discussed with:	pjd, and many others
Differential Revision:	https://reviews.freebsd.org/D14567
2019-04-06 09:34:26 +00:00
Konstantin Belousov
4fbf8e1c2e Implement devctl(8) command 'reset', using DEV_RESET /dev/devctl2 ioctl.
Reviewed by:	imp (previous version), jhb (previous version)
Sponsored by:	Mellanox Technologies
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19646
2019-04-05 19:32:26 +00:00
Konstantin Belousov
9cdd5c07ad Add __BEGIN_DECLS/__END_DECLS braces to libdevctl header.
Reviewed by:	imp (previous version), jhb (previous version)
Sponsored by:	Mellanox Technologies
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19646
2019-04-05 17:54:31 +00:00
Olivier Cochard
6a2d6673e6 Add requiered programs (cc and c++) for some lib/atf regression tests
PR:		236889
Reviewed by:	ngie
Approved by:	emaste (on IRC)
MFC after:	1 month
Sponsored by:	Netflix
2019-04-04 20:34:17 +00:00
Rodney W. Grimes
6c1c6ae537 Use IN_foo() macros from sys/netinet/in.h inplace of handcrafted code
There are a few places that use hand crafted versions of the macros
from sys/netinet/in.h making it difficult to actually alter the
values in use by these macros.  Correct that by replacing handcrafted
code with proper macro usage.

Reviewed by:		karels, kristof
Approved by:		bde (mentor)
MFC after:		3 weeks
Sponsored by:		John Gilmore
Differential Revision:	https://reviews.freebsd.org/D19317
2019-04-04 19:01:13 +00:00
Pawel Jakub Dawidek
2f07cdf871 Implement automatic online expansion of GELI providers - if the underlying
provider grows, GELI will expand automatically and will move the metadata
to the new location of the last sector.

This functionality is turned on by default. It can be turned off with the
-R flag, but it is not recommended - if the underlying provider grows and
automatic expansion is turned off, it won't be possible to attach this
provider again, as the metadata is no longer located in the last sector.

If the automatic expansion is turned off and the underlying provider grows,
GELI will only log a message with the previous size of the provider, so
recovery can be easier.

Obtained from:	Fudo Security
2019-04-03 23:57:37 +00:00
Pawel Jakub Dawidek
b4f850c006 - Add missing -T (notrim) option to the label subcommand.
- Add missing -T option in the onetime subcommand comment.

Obtained from:	Fudo Security
2019-04-03 23:50:52 +00:00
Phil Shafer
406a584d7e Import libxo-1.0.2
from 1.0.0:
    Add "continuation" flag, to allow multiple "xo" invocations in a single line of output (#58)
    Add --top-wrap to make top-level JSON wrappers
    Add --{open,close}-{list,instace} options
    Add xo_xml_leader(), to detect use of some bogus XML tags. It's still bad form, but it's a little safer now
    Avoid call to xo_write before xo_flush, since the latter calls the former
    Check return code from xo_flush_h properly (<0) (FreeBSD Bug 236935)
    For JSON output, avoid newline before a container's close brace (#62)
    Merge branch 'text_only' of https://github.com/zvr/libxo into zvr-text_only
    Use XO_USE_INT_RETURN_CODES, not USE_INT_RETURN_CODES
    add docs for --continuation
    add docs for --not-first
    call xo_state_set_flags before values and close containers; add XOIF_MADE_OUTPUT flag to track state; make proper empty JSON objects in xo_finish
    color_map code has to be #ifdef'd out, since the struct definition
    correct xo_flush_func_t (doesn't use xo_ssize_t)
    make depth change for --top-wrap only for JSON
    fix to handle --top-wrap in "xo" by being more consistent with handling trailing newlines
    fix to handle text-only version #64 (from zvr)
    fix xo_buf_has_room for round up to the next XO_BUFSIZ, not just add XO_BUFSIZ to the size (FreeBSD Bug 236937)
    update docs for new "xo" options
    update functions to use xo_ssize_t
    update test cases
from 1.0.1:
    Add EINTEGRITY to .pot files under test/gettext/ (fix from FreeBSD)
from 1.0.2:
    handle failure from xo_vnsprintf; don't add -1 to "rc"

PR:		236937, 236935
Submitted by:	phil
Reported by:	Alfonso S. Siciliano <alfix86@gmail.com>
MFC after:	2 weeks
2019-04-03 21:55:39 +00:00
Kyle Evans
90cf61e8a5 libbe(3): Add a serial to the generated snapshot names
To use bectl in an example, when one creates a new boot environment with
either `bectl create <be>` or `bectl create -e <otherbe> <be>`, libbe will
take a snapshot of the original boot environment to clone. Previously, this
used %F-%T date format as the snapshot name, but this has some limitations-
attempting to create multiple boot environments in quick succession may
collide if done within the same second.

Tack a serial onto it to reduce the chances of a collision... we could still
collide if multiple processes/threads are creating boot environments at the
same time, but this is likely not a big concern as this has only been
reported as occurring in freebsd-ci setup.

MFC after:	3 days
2019-04-03 17:04:38 +00:00
Marcin Wojtas
b0fefb25c5 Create kernel module to parse Veriexec manifest based on envs
The current approach of injecting manifest into mac_veriexec is to
verify the integrity of it in userspace (veriexec (8)) and pass its
entries into kernel using a char device (/dev/veriexec).
This requires verifying root partition integrity in loader,
for example by using memory disk and checking its hash.
Otherwise if rootfs is compromised an attacker could inject their own data.

This patch introduces an option to parse manifest in kernel based on envs.
The loader sets manifest path and digest.
EVENTHANDLER is used to launch the module right after the rootfs is mounted.
It has to be done this way, since one might want to verify integrity of the init file.
This means that manifest is required to be present on the root partition.
Note that the envs have to be set right before boot to make sure that no one can spoof them.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: sjg
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D19281
2019-04-03 03:57:37 +00:00
Alexander Motin
e40d8dbbcb Make cam_error_print() decode NVMe commands.
MFC after:	2 weeks
2019-04-02 19:37:52 +00:00
Andrey V. Elsukov
04d1781439 Add IPv6 transport for bsnmp.
This patch adds a new table begemotSnmpdTransInetTable that uses the
InetAddressType textual convention and can be used to create listening
ports for IPv4, IPv6, zoned IPv6 and based on DNS names. It also supports
future extension beyond UDP by adding a protocol identifier to the table
index. In order to support this gensnmptree had to be modified.

Submitted by:   harti
MFC after:      1 month
Relnotes:       yes
Differential Revision:  https://reviews.freebsd.org/D16654
2019-04-02 12:50:01 +00:00
Enji Cooper
e9e2022e74 Import proof-of-concept for handling GTEST_SKIP() in Environment::SetUp
Per the upstream pull-request [1]:

```
  gtest prior to this change would completely ignore `GTEST_SKIP()` if
  called in `Environment::SetUp()`, instead of bailing out early, unlike
  `Test::SetUp()`, which would cause the tests themselves to be skipped.
  The only way (prior to this change) to skip the tests would be to
  trigger a fatal error via `GTEST_FAIL()`.

  Desirable behavior, in this case, when dealing with
  `Environment::SetUp()` is to check for prerequisites on a system
  (example, kernel supports a particular featureset, e.g., capsicum), and
  skip the tests. The alternatives prior to this change would be
  undesirable:

  - Failing sends the wrong message to the test user, as the result of the
    tests is indeterminate, not failed.
  - Having to add per-test class abstractions that override `SetUp()` to
    test for the capsicum feature set, then skip all of the tests in their
    respective SetUp fixtures, would be a lot of human and computational
    work; checking for the feature would need to be done for all of the
    tests, instead of once for all of the tests.

  For those reasons, making `Environment::SetUp()` handle `GTEST_SKIP()`,
  by not executing the testcases, is the most desirable solution.

  In order to properly diagnose what happened when running the tests if
  they are skipped, print out the diagnostics in an ad hoc manner.

  Update the documentation to note this change and integrate a new test,
  gtest_skip_in_environment_setup_test, into the test suite.

  This change addresses #2189.

  Signed-off-by: Enji Cooper <yaneurabeya@gmail.com>
```

The goal with my merging in this change is to avoid requiring extensive
refactoring/retesting of test suites when ensuring prerequisites are met,
e.g., checking for a CAPABILITIES-enabled kernel before running capsicum-test
(see D19758 for more details).

The proof-of-concept is being imported before accepted by the upstream
project due to the fact that the upstream project is undergoing a potential
development freeze and the maintainers aren't responding to my PR.

1. https://github.com/google/googletest/pull/2203

Reported by:	asomers (https://github.com/google/googletest/issues/2189)
Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	2 months
Differential Revision:	https://reviews.freebsd.org/D19765
2019-04-01 18:07:48 +00:00
Kyle Evans
e1ee62302a libbe: Fix zfs_is_mounted check w/ snapshots
'be_destroy' can destroy a boot environment (by name) or a given snapshot.
If the target to be destroyed is a dataset, check if it's mounted. We don't
want to check if the origin dataset is mounted when destroying a snapshot.

PR:		236043
Submitted by:	Rob Fairbanks <rob.fx907 gmail com>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19650
2019-04-01 17:44:20 +00:00
Enji Cooper
0eb97cca9f Allow users to override CSTD/CXXSTD on a per-prog basis
The current logic for CSTD/CXXSTD requires homogenity as far as the
supported C/C++ standards, which is a sensible default. However, when
dealing with differing versions of C++, some code may compile with C++11, but
not C++17 (for instance). So in order to avoid having people convert over their
code to the new standard, give the users the ability to specify the standard on
a per-program basis.

This will allow a user to override the supporting standard for a set of
programs, mixing C++11 with C++14 (for instance).

Reviewed by:	asomers
Apprved by:	emaste (mentor)
MFC after:	1 month
MFC with:	r345708
Differential Revision: https://reviews.freebsd.org/D19738
2019-03-29 18:49:08 +00:00
Enji Cooper
e8067928ff Standardize -std=c++* as CXXSTD`
CXXSTD was added as the C++ analogue to CSTD.

CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.

This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.

As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.

Notes:

This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.

Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:

Before this commit:
```
CXXFLAGS+=	-std=c++14
```

After this commit:
```
CXXSTD=	c++14
```

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 month
MFC with:	r345203, r345704, r345705
Relnotes:	yes
Tested with:	make tinderbox
Differential Revision:	https://reviews.freebsd.org/D19732
2019-03-29 18:45:27 +00:00
Enji Cooper
bdbf3440ce Revert r345706: the third time will be the charm
When a review is closed via Phabricator it updates the patch attached to the
review. I downloaded the raw patch from Phabricator, applied it, and repeated
my mistake from r345704 by accident mixing content from D19732 and D19738.

For my own personal sanity, I will try not to mix reviews like this in the
future.

MFC after:	1 month
MFC with:	r345706
Approved by:	emaste (mentor, implicit)
2019-03-29 18:43:46 +00:00
Enji Cooper
760b1a815b Standardize -std=c++* as CXXSTD`
CXXSTD was added as the C++ analogue to CSTD.

CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.

This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.

As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.

Notes:

This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.

Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:

Before this commit:
```
CXXFLAGS+=	-std=c++14
```

After this commit:
```
CXXSTD=	c++14
```

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 month
MFC with:	r345203, r345704, r345705
Relnotes:	yes
Tested with:	make tinderbox
Differential Revision:	https://reviews.freebsd.org/D19732
2019-03-29 18:31:48 +00:00
Enji Cooper
752cabaa1c Revert r345704
I accidentally committed code from two reviews. I will reintroduce the code to
bsd.progs.mk as part of a separate commit from r345704.

Approved by:	emaste (mentor, implicit)
MFC after:	2 months
MFC with:	r345704
2019-03-29 18:16:33 +00:00
Enji Cooper
9a41926bfb CXXSTD is the C++ analogue to CSTD.
CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.

This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.

As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.

Notes:

This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.

Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:

Before this commit:
```
CXXFLAGS+=	-std=c++14
```

After this commit:
```
CXXSTD=	c++14
```

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 month
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D19732
2019-03-29 18:13:44 +00:00
Konstantin Belousov
5d00c5a657 Fix initial exec TLS mode for dynamically loaded shared objects.
If dso uses initial exec TLS mode, rtld tries to allocate TLS in
static space. If there is no space left, the dlopen(3) fails. If space
if allocated, initial content from PT_TLS segment is distributed to
all threads' pcbs, which was missed and caused un-initialized TLS
segment for such dso after dlopen(3).

The mode is auto-detected either due to the relocation used, or if the
DF_STATIC_TLS dynamic flag is set.  In the later case, the TLS segment
is tried to allocate earlier, which increases chance of the dlopen(3)
to succeed.  LLD was recently fixed to properly emit the flag, ld.bdf
did it always.

Initial test by:	dumbbell
Tested by:	emaste (amd64), ian (arm)
Tested by:	Gerald Aryeetey <aryeeteygerald_rogers.com> (arm64)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19072
2019-03-29 17:52:57 +00:00
Bruce Evans
a32dbad556 Fix restoring to graphics modes in VGLEnd().
Correct restoring was only attempted for mode 258 (800x600x4 P).  (This
was the only useful graphics mode supported in the kernel until 10-15
years ago, and is still the only one explicitly documented in the man
page).  The comment says that it is the geometry (subscreen size) that
is restored, but it seems to only be necessary to restore the font
size, with the geometry only needed since it is set by the same ioctl.
The font size was not restored for this mode, but was forced to 16.

For other graphics modes, the font size was clobbered to 0.  This
confuses but doesn't crash the kernel (font size 0 gives null text).
This confuses and crashes vidcontrol.  The only way to recover was to
use vidcontrol to set the mode to any text mode on the way back to the
original graphics mode.

vidcontrol gets this wrong in the opposite way when backing out of
changes after an error.  It restores the font size correctly, but
forces the geometry to the full screen size.
2019-03-29 16:30:19 +00:00
Bruce Evans
cfcc114dcb Fix endless loops for handling SIGBUS and SIGSEGV.
r80270 has the usual wrong fix for unsafe signal handling -- just set
a flag and return to let an event loop check the flag and do safe
handling.  This never works for signals like SIGBUS and SIGSEGV that
repeat and works poorly for others unless the application has an event
loop designed to support this.

For these signals, clean up unsafely as before, except for arranging that
nested signals are fatal and forcing a nested signal if the cleanup doesn't
cause one.
2019-03-29 15:57:08 +00:00
Bruce Evans
0410dc5f5d Fix races in mouse signal handling almost properly using the INTOFF/INTON
method as in /bin/sh.

We still do technically undefined things in the signal handler, but it
is safe in practice to access state that is protected by INTOFF/INTON.

In a recent commit, I sprinkled VGLMouseFrozen++/-- operations in
places that need INTOFF/INTON.  This prevented clobbering of pixels
under the mouse, but left mouse signals deferred for too long.  It is
necessary to call the signal handler when the count goes to 0.  Old
versions did this in the unfreeze function, but didn't block actual
signals, so the signal handler raced itself.  The sprinkled operations
reduced the races, but when then worked to block a race they left
signals deferred for too long.

Use INTOFF/INTON to fix complete loss of mouse signals while reading
the mouse status.  Clobbering of the state was prevented by SIG_IGN'ing
mouse signals, but that has a high overhead and broke more than it
fixed by losing mouse signals completely.  sigprocmask() works to block
signals without losing them completely, but its overhead is also too
high.

libvgl's mouse signal handling is often worse than none.  Applications
can't block waiting for a mouse or keyboard or other event, but have
to busy-wait.  The SIG_IGN's lost about half of all mouse events while
busy-waiting for mouse events.
2019-03-29 15:20:48 +00:00
Bruce Evans
5ee94e9954 Fix VGLLine() in depths > 8.
It started truncating its color arg to 8 bits using plot() in r229415.
The version in r229415 is also more than 3 times slower in segmented
modes, by doing more syscalls to move the window.
2019-03-28 14:21:22 +00:00
Bruce Evans
baca0ce6b3 Fix VGLGetXY(), VGLSetXY() and VGLClear() for MEMBUFs in depths > 8.
This depends on PixelBytes being properly initialized, which it is for
all bitmaps constructed by libvgl except mouse cursor bitmaps.
2019-03-28 12:28:29 +00:00
Bruce Evans
fa68d9b94e Oops, r345496 got the pointer args backwards for bcopy() in VGLClear for
segmented modes.

Also fix some style bugs in the 2 changed lines.  libvgl uses a very non-KNF
style with 2-column indentation with no tabs except for regressions.
2019-03-28 09:51:37 +00:00
Ed Maste
09b47fc1c2 revert r341429 "disable BIND_NOW in libc, libthr, and rtld"
r345620 by kib@ fixed the rtld issue that caused a crash at startup
during resolution of libc's ifuncs with BIND_NOW.

PR:		233333
Sponsored by:	The FreeBSD Foundation
2019-03-28 02:12:32 +00:00
Mark Johnston
a273e09cb2 Fix pidfile_open(3) to handle relative paths with multiple components.
r322369's use of basename(3) was incorrect and worked by accident so
long as the pidfile path was absolute or consisted of a single
component.  Fix the basename() usage and add a regression test.

Reported by:	0mp
Reviewed by:	cem
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D19728
2019-03-27 19:40:18 +00:00
Bruce Evans
014ddcbce4 Fix accessing pixels under the mouse cursor:
Reading of single pixels didn't look under the cursor.

Copying of 1x1 bitmaps didn't look under the cursor for either reading
or writing.

Copying of larger bitmaps looked under the cursor for at most the
destination.

Copying of larger bitmaps looked under a garbage cursor (for the Display
bitmap) when the destination is a MEMBUF.  The results are not used, so
this only wasted time and flickered the cursor.

Writing of single pixels looked under a garbage cursor for MEMBUF
destinations, as above except this clobbered the current cursor and
didn't update the MEMBUF.  Writing of single pixels is not implemented
yet in depths > 8.  Otherwise, writing of single pixels worked.  It was
the only working case for accessing pixels under the cursor.

Clearing of MEMBUFs wasted time freezing the cursor in the Display bitmap.

The fixes abuse the top bits in the color arg to the cursor freezing
function to control the function.  Also clear the top 8 bits so that
applications can't clobber the control bits or create 256 aliases for
every 24-bit pixel value in depth 32.

Races fixed:

Showing and hiding the cursor only tried to avoid races with the mouse
event signal handler for internal operations.  There are still many
shorter races from not using volatile or sig_atomic_t for the variable
to control this.  This variable also controls freezes, and has more
complicated states than before.

The internal operation of unfreezing the cursor opened a race window
by unsetting the signal/freeze variable before showing the cursor.
2019-03-27 18:03:34 +00:00
Bruce Evans
aa1ce985e4 Fix copying of bitmaps in depths > 8. This fix is complete, except different
depths for the source and target are not supported.  The bits for higher
numbered planes (mostly for red) were either not copied or were copied to
lower numbered planes for nearby pixels.

Quick fix for creation of mouse cursor bitmaps in all depths.   This fix is
only complete for the default lightwhite cursor with a black frame.

Even the lightwhite and black colors are hard to find.  The templates
use 0xff for lightwhite, but that means brightblue in the simplest mode
(Truecolor depth 24).  Other modes are even more complicated -- they are
singly or doubly indirect throught palette(s) and changing of the palettes
by applications is supported.

Details:

Replicate the template value for Truecolor modes to fill out the target
depth (and more for depths not a multiple of 8).  Do this for every
drawing of the cursor so that it sort of works for mouse cursor bitmaps
set by applications.

Use 0xf for lightwhite in most other modes.  Only do this for the
default cursor so that it doesn't affect mouse cursor bitmaps set by
applications.  0xf mostly works because it was originally for CGA
lightwhite and is emulated using 1 or 2 indirections on EGA and VGA.
0x3f (EGA white) and 0xff (VGA black) direct palette indexes mostly
don't work since backwards compatibility inhibits or prevents them
representing lightwhite.  But 0x3f (EGA white) must be used for mode
37 (VGA_MODEX) (320x240x8 V) since this mode is closer to EGA than VGA.
2019-03-27 08:02:55 +00:00
Ed Maste
ed5e102abb DTF_REWIND does nothing (since r247236) so retire its use
Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D19663
2019-03-26 19:35:41 +00:00
Martin Matuska
df422cb404 MFV r345495:
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1153: fixed 2 bugs in ZIP reader [1]
  PR #1143: ensure archive_read_disk_entry_from_file() uses ARCHIVE_READ_DISK
  Changes to file flags code, support more file flags on FreeBSD:
    UF_OFFLINE, UF_READONLY, UF_SPARSE, UF_REPARSE, UF_SYSTEM
    UF_ARCHIVE is not supported by intention (yet)

PR:		236300
MFC after:	2 weeks
2019-03-25 11:49:57 +00:00
Bruce Evans
dac776fdbf Fix another type of buffer overrun for segmented modes. The buffer index
was not taken modulo the window size in VGLClear().

Segmented modes also need a kernel fix to almost work.  The ioctl to set
the window origin is broken.

These bugs are rarely problems since non-VESA modes only need
segmentation to support multiple pages but libvgl doesn't support
multiple pages and treats these modes as non-segmented, and VESA modes
are usually mapped linearly except on old hardware so they really are
non-segmented.
2019-03-25 11:48:40 +00:00
Bruce Evans
31d09534f8 Oops, my previous commit to libvgl was missing the change of VGLSetBorder()
to match the change in its declaration.  Change the declaration back to
"byte color" since setting of the border color is not supported for more
than 256 colors.
2019-03-24 20:43:21 +00:00
Bruce Evans
dd31deb8cb Fix the type of the color args for VGLMouseFreeze(), VGLBitmapPutChar(),
VGLBitmapString() and VGLSetBorder() so as to not truncate to 8 bits.

Complete the corresponding fix for VGLGetXY() and VGLPutXY() (parts
of the man page were out of date).
2019-03-24 20:36:35 +00:00
Bruce Evans
dd38752cb9 Add support for arbitrary font widths. Only multiples of 8 were supported.
Since the font format is undocumented, it is unclear how non-multiples
of 8 should be padded to bytes in the font file.  Use the same
representation as bdf text format (big- endian, with padding in the
lower bits).
2019-03-24 19:41:45 +00:00
Bruce Evans
1382e2a94d Fix reading of pixels in (4 and 8-plane) planar modes.
There seems to be no alternative to reading each plane independently using
3 slow i/o's per plane (this delivers 8 nearby pixels, but we don't buffer
the results so run 8 times slower than necessary.

All the code for this was there, but it was ifdefed out and replaced by
simpler code that cannot work in planar modes.  The ifdefed out code
was correct except it was missing a volatile declaration, so compilers
optimized the multiple dummy reads in it to a single read.
2019-03-24 19:27:03 +00:00
Bruce Evans
fbc6daa1dc Fix buffer overruns in modes with color depth more than 8.
Support for 16-bit and 32-bit Truecolor modes was supposed to be
complete in r70991 of main.c and in nearby revisions for other files, but
it was broken by the overruns in most cases (all cases were the mouse
is enabled, and most cases where bitmaps are used).  r70991 also
uninintentionally added support for depths 9-15, 17-23 and 25-31.
Depth 24 was more obviously broken and its support is ifdefed out.  In
the other ranges, only depth 15 is common.  It was broken by buffer
overruns in all cases.

bitmap.c:
- the static buffer was used even when it was too small (but it was
  large enough to often work accidentally in depth 16)
- the size of the dynamically allocated buffer was too small
- the sizing info bitmap->PixelBytes was not inititialzed in the bitmap
  constructor.  It often ended up as 0 for MEMBUFs, so using it in more
  places gave more null pointer accesses.  (It is per-bitmap, but since
  conversion between bitmaps of different depths is not supported (except
  from 4 bits by padding to 8), it would work better if it were global.)

main.c:
- depths were rounded down instead of up to a multiple of 8, so PixelBytes
  was 1 too small for depths above 8 except 16, 24 and 32.
- PixelBytes was not initialized for 4-bit planar modes.  It isn't really
  used for frame buffer accesses in these modes, but needs to be 1 in
  MEMBUF images.

mouse.c:
- the mouse cursor buffers were too small.

vgl.h:
- PixelBytes was not initialized in the static bitmap constructor.  It
  should be initialized to the value for the current mode, but that is
  impossible in a static constructor.  Initialize it to -1 so as to
  fail if it is used without further initialization.

All modes that are supposed to be supported now don't crash in
nontrivial tests, and almost work.  Missing uses of PixelBytes now
give in-bounds wrong pointers instead of overruns.  Misconversions of
bitmaps give multiple miscolored mouse cursors instead of 1 white one,
and similarly for bitmaps copied through a MEMBUF.
2019-03-24 18:57:03 +00:00
Bruce Evans
425c24e5da Fix libvgl to not always fail to initialize due to its invalid mmap()
args (neither MAP_PRIVATE nor MAP_SHARED).  It was broken in r271635
and/or r271724 by stricter checking.  The compatibility code in r271724
doesn't work for my old binaries (actually new binaries with old
libraries).

PR:		needed to test the fix for PR 162373
2019-03-24 16:47:43 +00:00
Ravi Pokala
557e162fe7 Add descriptions for sysctls in kern_mib.c and sysctl.3 which lack them.
r343532 noted the difference between "hw.realmem" and "hw.physmem", which I
was previously unaware of. I discovered that neither sysctl had a
description visible via `sysctl -d', so I found where they were defined and
added suitable descriptions. While in the file, I went ahead and added
descriptions for all the others which lacked them. I also updated sysctl.3
accordingly

Reviewed by:	kib, bcr
MFC after:	1 weeks
Sponsored by:	Panasas
Differential Revision:	https://reviews.freebsd.org/D19007
2019-03-23 19:53:15 +00:00
Conrad Meyer
481572a998 arc4random: Adjust example code to use uniform() API
PR:		236678
Reported by:	Andras Farkas <deepbluemistake AT gmail.com>
2019-03-21 14:45:08 +00:00
Alan Somers
bda54b8f96 googletest: backport GTEST_SKIP to googletest 1.8.1
This commit backports revisions 00938b2b228f3b70d3d9e51f29a1505bdad43f1e and
59f90a338bce2376b540ee239cf4e269bf6d68ad from googletest's master branch to
our included version of googletest, which is based on 1.8.1. It adds the
GTEST_SKIP feature, which is very useful for a project like FreeBSD where
some tests depend on particular system configurations.

Reviewed by:	ngie
Obtained from:	github.com/google/googletest
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/rS345331
2019-03-20 23:15:58 +00:00
Alan Somers
123af6ec70 Rename fuse(4) to fusefs(4)
This makes it more consistent with other filesystems, which all end in "fs",
and more consistent with its mount helper, which is already named
"mount_fusefs".

Reviewed by:	cem, rgrimes
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D19649
2019-03-20 21:48:43 +00:00
Dimitry Andric
c3e6b9d390 Pull in r352826 from upstream lld trunk (by Fangrui Song):
[ELF] Support --{,no-}allow-shlib-undefined

  Summary:
  In ld.bfd/gold, --no-allow-shlib-undefined is the default when
  linking an executable. This patch implements a check to error on
  undefined symbols in a shared object, if all of its DT_NEEDED entries
  are seen.

  Our approach resembles the one used in gold, achieves a good balance
  to be useful but not too smart (ld.bfd traces all DSOs and emulates
  the behavior of a dynamic linker to catch more cases).

  The error is issued based on the symbol table, different from
  undefined reference errors issued for relocations. It is most
  effective when there are DSOs that were not linked with -z defs (e.g.
  when static sanitizers runtime is used).

  gold has a comment that some system libraries on GNU/Linux may have
  spurious undefined references and thus system libraries should be
  excluded (https://sourceware.org/bugzilla/show_bug.cgi?id=6811). The
  story may have changed now but we make --allow-shlib-undefined the
  default for now. Its interaction with -shared can be discussed in the
  future.

  Reviewers: ruiu, grimar, pcc, espindola

  Reviewed By: ruiu

  Subscribers: joerg, emaste, arichardson, llvm-commits

  Differential Revision: https://reviews.llvm.org/D57385

Pull in r352943 from upstream lld trunk (by Fangrui Song):

  [ELF] Default to --no-allow-shlib-undefined for executables

  Summary:
  This follows the ld.bfd/gold behavior.

  The error check is useful as it captures a common type of ld.so
  undefined symbol errors as link-time errors:

      // a.cc => a.so (not linked with -z defs)
      void f(); // f is undefined
      void g() { f(); }

      // b.cc => executable with a DT_NEEDED entry on a.so
      void g();
      int main() { g(); }

      // ld.so errors when g() is executed (lazy binding) or when the program is started (-z now)
      // symbol lookup error: ... undefined symbol: f

  Reviewers: ruiu, grimar, pcc, espindola

  Reviewed By: ruiu

  Subscribers: llvm-commits, emaste, arichardson

  Tags: #llvm

  Differential Revision: https://reviews.llvm.org/D57569

Together, these add support for --no-allow-shlib-undefined, and make it
the default for executables, so they will fail to link if any symbols
from needed shared libraries are undefined.

Reported by:	jbeich
PR:		236062, 236141
MFC after:	1 month
X-MFC-With:	r344779
2019-03-20 20:57:11 +00:00
Dimitry Andric
fb7e42b9fd Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
8.0.0 final release r356365.  There were no functional changes since the
most recent merge, of 8.0.0 rc5.

Release notes for llvm, clang, lld and libc++ 8.0.0 are now available:

https://llvm.org/releases/8.0.0/docs/ReleaseNotes.html
https://llvm.org/releases/8.0.0/tools/clang/docs/ReleaseNotes.html
https://llvm.org/releases/8.0.0/tools/lld/docs/ReleaseNotes.html
https://llvm.org/releases/8.0.0/projects/libcxx/docs/ReleaseNotes.html

PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-20 19:18:26 +00:00
Dimitry Andric
d0010a8e4c Vendor import of clang 8.0.0 release r356365:
https://llvm.org/svn/llvm-project/cfe/tags/RELEASE_800/final@356365
2019-03-20 17:46:38 +00:00
Dimitry Andric
eccf47f57a Enable building libomp.so for 32-bit x86. This is done by selectively
enabling the functions that save and restore MXCSR, since access to this
register requires SSE support.

Note that you may run into other issues with OpenMP on i386, since this
*not* yet supported upstream, and certainly not extensively tested.

PR:		236062, 236582
MFC after:	1 month
X-MFC-With:	r344779
2019-03-18 21:04:28 +00:00
Dimitry Andric
66110c6521 Remove --as-needed from the linker flags for libomp.so, as these
actually prevent the transitive dependency on libm.

Reported by:	jbeich
PR:		236062, 236581
MFC after:	1 month
X-MFC-With:	r344779
2019-03-18 19:56:00 +00:00
Dimitry Andric
db7591a848 Also explicitly link libomp.so against -lm, as it transitively depends
on scalbn and a few other math functions, via libcompiler-rt.  This
should allow OpenMP programs to link with BFD linkers too.

Reported by:	jbeich
PR:		236062, 236581
MFC after:	1 month
X-MFC-With:	r344779
2019-03-18 19:11:11 +00:00
Dimitry Andric
1d0078a2af Explicitly link libomp.so against -lpthread, as it depends on pthread
functionality.  This should make example OpenMP programs work out of the
box.

Reported by:	jbeich
PR:		236062, 236581
MFC after:	1 month
X-MFC-With:	r344779
2019-03-17 11:27:27 +00:00
Dimitry Andric
9b3c15c583 Disable lib/libomp build for the 32-bit part of amd64 buildworld, as it
is not supported for that target.

Reported by:	Michael Butler <imb@protected-networks.net>
PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-16 17:55:22 +00:00
Dimitry Andric
b0840a28f6 Connect lib/libomp to the build.
* Set MK_OPENMP to yes by default only on amd64, for now.
* Bump __FreeBSD_version to signal this addition.
* Ensure gcc's conflicting omp.h is not installed if MK_OPENMP is yes.
* Update OptionalObsoleteFiles.inc to cope with the conflicting omp.h.
* Regenerate src.conf(5) with new WITH/WITHOUT fragments.

Relnotes:	yes
PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-16 15:45:15 +00:00
Dimitry Andric
3c6bb67129 Add lib/libomp, with a Makefile, and generated configuration headers.
Not connected to the main build yet, as there is still the issue of the
GNU omp.h header conflicting with the LLVM one.  (That is, if MK_GCC is
enabled.)

PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-16 15:01:36 +00:00
Enji Cooper
5193fcde8d Initial googlemock/googletest integration into the build/FreeBSD test suite
This initial integration takes googlemock/googletest release 1.8.1, integrates
the library, tests, and sample unit tests into the build.

googlemock/googletest's inclusion is optionally available via `MK_GOOGLETEST`.
`MK_GOOGLETEST` is dependent on `MK_TESTS` and is enabled by default when
built with a C++11 capable toolchain.

Google tests can be specified via the `GTESTS` variable, which, in comparison
with the other test drivers, is more simplified/streamlined, as Googletest only
supports C++ tests; not raw C or shell tests (C tests can be written in C++
using the standard embedding methods).

No dependent libraries are assumed for the tests. One must specify `gmock`,
`gmock_main`, `gtest`, or `gtest_main`, via `LIBADD` for the program.

More information about googlemock and googletest can be found on the
Googletest [project page](https://github.com/google/googletest), and the
[GoogleMock](https://github.com/google/googletest/blob/v1.8.x/googlemock/docs/Documentation.md)
and
[GoogleTest](https://github.com/google/googletest/tree/v1.8.x/googletest/docs)
docs.

These tests are originally integrated into the build as plain driver tests, but
will be natively integrated into Kyua in a later version.

Known issues/Errata:
* [WhenDynamicCastToTest.AmbiguousCast fails on FreeBSD](https://github.com/google/googletest/issues/2172)

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	2 months
Differential Revision: https://reviews.freebsd.org/D19551
2019-03-15 21:43:52 +00:00
Dimitry Andric
2352f97079 Merge llvm, clang, compiler-rt, libc++, libunwind, lld, and lldb
release_80 branch r356034 (effectively, 8.0.0 rc5), resolve conflicts,
and bump version numbers.

PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-14 19:52:12 +00:00
Dimitry Andric
54a27abbcb Vendor import of clang release_80 branch r356034:
https://llvm.org/svn/llvm-project/cfe/branches/release_80@356034
2019-03-14 19:41:16 +00:00
Ed Maste
f6a10ccc53 Use consistent struct stat arg name in stat man page
stat, lstat, and fstat use `*sb` as the stat struct pointer arg name,
while fstatat previously used `*buf`.

MFC after:	1 week
2019-03-13 15:18:14 +00:00
John Baldwin
c8a048a4a3 Move libunwind out of contrib/llvm/projects.
Move LLVM's libunwind to its own contrib/ directory similar to other
runtime libraries like libc++ and libcxxrt.

Reviewed by:	dim, emaste
Differential Revision:	https://reviews.freebsd.org/D19534
2019-03-12 16:41:17 +00:00
Enji Cooper
ff511f1f39 MFhead@r344996 2019-03-11 03:02:58 +00:00
Dimitry Andric
b3ed818e2d Merge llvm, clang, compiler-rt, libc++, lld, and lldb release_80 branch
r355677 (effectively, 8.0.0 rc4), resolve conflicts, and bump version
numbers.

PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-09 00:27:50 +00:00
Dimitry Andric
f463519f0c Vendor import of clang release_80 branch r355677:
https://llvm.org/svn/llvm-project/cfe/branches/release_80@355677
2019-03-08 22:44:50 +00:00
Mark Johnston
b16150ea90 Have pthread_cond_destroy() return EBUSY if the condvar has waiters.
This is not required of a compliant implementation, but it's easy to
check for and helps improve compatibility with other common
implementations.  Moreover, it's consistent with our
pthread_mutex_destroy().

PR:		234805
Reviewed by:	jhb, kib, ngie
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D19496
2019-03-08 21:07:08 +00:00
John Baldwin
2e43efd0bb Drop "All rights reserved" from my copyright statements.
Reviewed by:	rgrimes
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D19485
2019-03-06 22:11:45 +00:00
Mark Johnston
f3af92bd36 Reorder copyright lines to preserve the source of "All rights reserved."
Reported by:	rgrimes
MFC with:	r344829, r344830
2019-03-06 16:50:14 +00:00
Marcin Wojtas
13ea0450a9 Extend libsecureboot(old libve) to obtain trusted certificates from UEFI and implement revocation
UEFI related headers were copied from edk2.

A new build option "MK_LOADER_EFI_SECUREBOOT" was added to allow
loading of trusted anchors from UEFI.

Certificate revocation support is also introduced.
The forbidden certificates are loaded from dbx variable.
Verification fails in two cases:

There is a direct match between cert in dbx and the one in the chain.
The CA used to sign the chain is found in dbx.
One can also insert a hash of TBS section of a certificate into dbx.
In this case verifications fails only if a direct match with a
certificate in chain is found.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: sjg
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision:	https://reviews.freebsd.org/D19093
2019-03-06 06:39:42 +00:00
Mark Johnston
5e58ed820a Add riscv minidump support to libkvm.
Submitted by:	Mitchell Horne <mhorne063@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D19171
2019-03-05 23:59:55 +00:00
Dimitry Andric
0a4621159b Add a few missed files to the MK_LLVM_TARGET_BPF=yes case, otherwise
clang and various other executables will fail to link with undefined
symbols.

Reported by:	O. Hartmann <ohartmann@walstatt.org>
MFC after:	1 month
X-MFC-With:	r344779
2019-03-05 22:04:23 +00:00
Ed Maste
80a8c751ea libllvm: promote WithColor and xxhash to SRCS_MIN
The armv6 build failed in CI due to missing symbols (from these two
source files) in the bootstrap Clang.

This affected only armv6 because other Clang-using archs are using LLD
as the bootstrap linker, and thus include SRCS_MIW via LLD_BOOTSTRAP.

Reported by:	CI, via lwhsu
Sponsored by:	The FreeBSD Foundation
2019-03-05 16:18:06 +00:00
Hans Petter Selasky
1efeb40d1d Fix typos in libusb.
Found by:		Denis Ahrens <denis@h3q.com>
MFC after:		1 week
Sponsored by:		Mellanox Technologies
2019-03-05 14:47:15 +00:00
Enji Cooper
b18a4ccab9 MFhead@r344786 2019-03-05 01:00:38 +00:00
Simon J. Gerraty
02a4bc589c Allow for reproducible build
Use SOURCE_DATE_EPOCH for BUILD_UTC if MK_REPRODUCIBLE_BUILD is yes.
Default SOURCE_DATE_EPOCH to 2019-01-01

Reviewed by:	emaste
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org/D19464
2019-03-04 22:04:21 +00:00
Dimitry Andric
844fc3e907 Merge ^/head r344549 through r344775. 2019-03-04 19:14:32 +00:00
Dimitry Andric
3087b115d4 Merge llvm, clang, compiler-rt, libc++, lld, and lldb release_80 branch
r355313, resolve conflicts, and bump version numbers.
2019-03-04 19:06:51 +00:00
Dimitry Andric
1dda0966cc Vendor import of clang release_80 branch r355313:
https://llvm.org/svn/llvm-project/cfe/branches/release_80@355313
2019-03-04 18:25:50 +00:00
Dimitry Andric
1d6bb9f417 Vendor import of llvm release_80 branch r355313:
https://llvm.org/svn/llvm-project/llvm/branches/release_80@355313
2019-03-04 18:25:41 +00:00
Kenneth D. Merry
0caf9bf62d Add IBM TS1160 density codes to libmt and the mt(1) man page.
These are taken directly from the density report from a TS1160
tape drive.  (Using mt getdensity)

A TS1160 drive stores 20TB raw (60TB with compression) on a JE tape.

lib/libmt/mtlib.c:
	Add 3592A6 encrypted/unencrypted density codes, and bpmm/bpi
	values.

usr.bin/mt/mt.1:
	Add 3592B5 encrypted/unencrypted density codes, bpmm/bpi
	values and number of tracks.  Bump the man page date.

MFC after:	3 days
Sponsored by:	Spectra Logic
2019-03-04 14:30:37 +00:00
Michael Tuexen
8124c05f2c Use correct buffer sizes in sctp_get[lp]addrs().
MFC after:		3 days
2019-03-02 13:16:01 +00:00
Ed Maste
d95826c43d poll.2: POLLNVAL is returned also for insufficient rights
Reported by:	"Bora Özarslan" <borako.ozarslan@gmail.com>
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2019-02-27 17:52:22 +00:00
Konstantin Belousov
9fb91a0a7d procctl(2): document ASLR knobs.
Reviewed by:	0mp
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D19308
2019-02-26 17:41:41 +00:00
Konstantin Belousov
80a3fa4893 procctl(2): fix -width parameter to .Bl.
According to 0mp, macros are not expanded in the argument provided to
-width.  Use plain identifiers for width specification.

Noted and reviewed by:	0mp
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D19308
2019-02-26 17:35:06 +00:00
Simon J. Gerraty
a92958df34 Enable build of libbearssl
Reviewed by:	emaste
Sponsored by:	Juniper Networks
Differential Revision:	D16337
2019-02-26 06:11:01 +00:00
Simon J. Gerraty
5fff9558a4 Add libsecureboot
Used by loader and veriexec
Depends on libbearssl

Reviewed by:	emaste
Sponsored by:	Juniper Networks
Differential Revision:	D16335
2019-02-26 06:09:10 +00:00
Simon J. Gerraty
0957b409a9 Add libbearssl
Disabled by default, used by loader and sbin/veriexec

Reviewed by:	emaste
Sponsored by:	Juniper Networks
Differential Revision: D16334
2019-02-26 05:59:22 +00:00
Dimitry Andric
af373543d8 Merge ^/head r344513 through r344548. 2019-02-25 19:18:32 +00:00
Dimitry Andric
da18572fa1 Merge llvm, clang, compiler-rt, libc++, lld, and lldb release_80 branch
r354799, resolve conflicts, and bump version numbers.
2019-02-25 19:17:20 +00:00
Dimitry Andric
7b0060e442 Vendor import of clang release_80 branch r354799:
https://llvm.org/svn/llvm-project/cfe/branches/release_80@354799
2019-02-25 19:07:25 +00:00
Dimitry Andric
bd7f07563c Vendor import of llvm release_80 branch r354799:
https://llvm.org/svn/llvm-project/llvm/branches/release_80@354799
2019-02-25 19:07:16 +00:00
Ed Maste
e1157dcec4 Make libifconfig INTERNALLIB
Instead of PRIVATELIB + NO_PIC.  This avoids the need for the wlandebug
PIE special case added in r344211, and provides a stronger guarantee
against 3rd party software coming to depend on the API or ABI.

If / when we declare the API/ABI to be stable we can make it a normal
library.

Discussed with:	bapt
Sponsored by:	The FreeBSD Foundation
2019-02-25 18:22:20 +00:00
Enji Cooper
18b18078f2 MFhead@r344527 2019-02-25 18:00:14 +00:00
Dimitry Andric
a8fe8db49a Merge ^/head r344178 through r344512. 2019-02-25 11:59:29 +00:00
Enji Cooper
7b42ad1434 Reword the comment above NO_WERROR 2019-02-21 06:51:35 +00:00
Enji Cooper
1d4fb286a0 Move NO_WTHREAD_SAFETY to googletest.test.inc.mk
This variable is necessary to compile with googletest at a global level. Move
it there.
2019-02-21 06:49:20 +00:00
Enji Cooper
c1bcc48b3c Use gmock/gtest headers when PRIVATELIB is defined
The move to /usr/include/private prefixed paths seems to require a bit more
effort in order to compile programs.

Install the headers to /usr/include/private/g{mock,test}/... and automatically
include /usr/include/private in GTESTS_CXXFLAGS to make compilation seamless. I
will work on the more global problem later with @bdrewery.
2019-02-21 04:47:44 +00:00
Enji Cooper
7481b4234c Build death tests programmatically
The previous code hardcoded the death test build definitions in a duplicative
manner. The new code doesn't.
2019-02-21 03:37:31 +00:00
Enji Cooper
833018816d Correct gmock/gtest expectations w.r.t. C++11/RTTI
Long story short, some of the tests were failing because they expected either
dynamic_cast or RTTI to be functional and it wasn't.

Move all common CXXFLAGS out to googletest.test.inc.mk and reference it from
googletest.test.mk and .../googletest/Makefile.inc
2019-02-20 20:09:59 +00:00
Konstantin Belousov
03d89f7a04 pkru(3) man page.
Reviewed by:	alc, markj, jilles
With more input from:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19211
2019-02-20 10:03:03 +00:00
Konstantin Belousov
a2d95495ee Add usermode helpers for for Intel userspace protection keys feature.
Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D18893
2019-02-20 09:56:23 +00:00
Enji Cooper
4783c2dda5 Fix test compilation for gmock_main tests, similar to r344345 2019-02-20 09:33:55 +00:00
Enji Cooper
4dedfa3214 Fix test compilation for gmock tests, similar to r344345 2019-02-20 08:04:08 +00:00
Enji Cooper
c5da30a59d Add glue Makefile.inc to make the next hop to the googletest/Makefile.inc 2019-02-20 08:01:00 +00:00
Enji Cooper
92ede4717e Oh wait... those helper programs were for the py tests
We don't need to install those. Leave that testing for the package's tests
2019-02-20 07:52:55 +00:00
Enji Cooper
140b363941 Apply lessons learned in r344345 on gtest_main tests
The key difference is that some of the programs were previously being compiled
and installed as tests, which is incorrect. Treat them like helpers instead.
2019-02-20 07:49:09 +00:00
Enji Cooper
dae8f2468d Fix gtest test compilation and build more tests
My previous work to integrate these tests was incomplete/incorrect, because I
misunderstood how the cmake macros worked.

This addresses items with the gtest tests, which in turn fixes test compilation
and adds more tests which I had previously missed.

Due to an unknown issue with gtest_stress_test, I had to add pthread to LIBADD,
even though I shouldn't have added it to that (it was failing to link -lpthread
to libprivategtest.a). Add a XXX comment to note that something's awry there
and deserves additional investigation.
2019-02-20 07:29:50 +00:00
Enji Cooper
f53e266234 Add more port-related flags to Makefile.inc 2019-02-20 06:54:32 +00:00
Enji Cooper
fedec5d9ee Sprinkle ${HAS_TESTS} in Makefiles
While here, reindent `SUBDIR.${MK_TESTS}`
2019-02-20 06:03:21 +00:00
Enji Cooper
04773d6d93 Add glue Makefile for tests under lib/googletest/... 2019-02-20 03:07:11 +00:00
Enji Cooper
988a9f7e39 Use GTESTS instead of PLAIN_TESTS_CXX
The former is from googletest.test.mk, whereas the latter is from plain.test.mk.

As noted in r344328, Kyua will adopt more native GoogleTest support. Thus, it's
more desirable to make the test interface more of an opaque blackbox for the
testcase implementer.
2019-02-20 01:11:30 +00:00
Enji Cooper
df13161740 Fix up dependency finding for libg{mock,test}_main
- Look up the corresponding non-*_main libraries via LDFLAGS using the
  directories provided in src.libnames.mk. This will allow the libraries to
  be built in the "make libraries" phase of buildworld.
- gtest_main relies on gtest, but didn't explicitly call out the dependency
  in `LIBADD`. Fill in this missing blank.
2019-02-20 00:19:11 +00:00
Enji Cooper
1ab321591f Unconditionally build/install libg{mock,test}_main
They are supporting libraries and as such, will need to be built/installed
when MK_TESTS == no during buildworld, i.e., the "make libraries" phase.

Otherwise, dependent components cannot rely on the libraries, like
`cddl/usr.sbin/zfsd/tests`.
2019-02-20 00:15:25 +00:00
Enji Cooper
f5817a3803 Add missing INCSGROUPS definition
This will install the gmock headers, like the gtest headers
2019-02-19 22:46:50 +00:00
Enji Cooper
43e25f47a7 Add MK_GOOGLETEST option for building/installing gmock/gtest
These libraries don't compile on non-C++-11 capable compilers, e.g., g++ 4.2.1
and its corresponding implementation of the c++ library, i.e., libstdc++.

Blacklist compilation on all non-C++-11 capable compilers and give others the
option of opting out of building/installing gmock/gtest via MK_GOOGLETEST.

This option is controlled by MK_CXX and MK_TESTS, as ATF compilation is.
2019-02-19 22:40:32 +00:00
Enji Cooper
c90e23db39 Make server_cat(..) handle short receives
In short, the prior code was far too simplistic when it came to calling recv(2)
and failed intermittently (or in the case of Jenkins, deterministically).

Handle short recv(2)s by checking the return code and incrementing the window
into the buffer by the number of received bytes. If the number of received
bytes <= 0, then bail out of the loop, and test the total number of received
bytes vs the expected number of bytes sent for equality, and base whether or
not the test passes/fails on that fact.

Remove the expected failure, now that the hdtr testcases deterministically pass
on my host after this change [1].

PR:		234809 [1], 235200
Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D19188
2019-02-19 22:19:31 +00:00
Sean Eric Fagan
237f4abc57 Remove some redundant code in _posix1e_acl_strip_np
This was discovered through examination -- acl_copy_entry() copies the
tag type and permset fields.

Reviewed by:	trasz, pfg
Sponsored by:	iXsystems Inc.
Differential Revision:	https://reviews.freebsd.org/D19240
2019-02-19 19:15:15 +00:00
Enji Cooper
30e009fc3a MFhead@r344270 2019-02-19 03:46:32 +00:00
Gleb Smirnoff
aa43298309 With r343051 UMA switched from atomic counts to counter(9) and now kernel
reports snap counts of how much a zone alloced and how much it freed.  It
may happen that snap values doesn't match, e.g alloced - freed < 0.
Workaround that in memstat library.

Reported by:	pho
2019-02-18 21:27:13 +00:00
Dimitry Andric
40af08b3a3 Add one additional file to libllvmminimal, since in some cases (e.g.
upgrading from stable/10 to stable/11) symbols from it are needed to
link llvm-tblgen and clang-tblgen.

Reported by:	kib
MFC after:	3 days
2019-02-18 19:07:15 +00:00
Gleb Smirnoff
5bfb2e008d Imaginary cat jumped my keyboard! 2019-02-15 23:46:34 +00:00
Gleb Smirnoff
66fb0b1ad7 For 32-bit machines rollback the default number of vnode pager pbufs
back to the lever before r343030.  For 64-bit machines reduce it slightly,
too.  Together with r343030 I bumped the limit up to the value we use at
Netflix to serve 100 Gbit/s of sendfile traffic, and it probably isn't a
good default.

Provide a loader tunable to change vnode pager pbufs count. Document it.
2019-02-15 23:36:22 +00:00
Ed Maste
bcf99d2d99 Add WITH_PIE knob to build Position Independent Executables
Building binaries as PIE allows the executable itself to be loaded at a
random address when ASLR is enabled (not just its shared libraries).

With this change PIE objects have a .pieo extension and INTERNALLIB
libraries libXXX_pie.a.

MK_PIE is disabled for some kerberos5 tools, Clang, and Subversion, as
they explicitly reference .a libraries in their Makefiles.  These can
be addressed on an individual basis later.  MK_PIE is also disabled for
rtld-elf because it is already position-independent using bespoke
Makefile rules.

Currently only dynamically linked binaries will be built as PIE.

Discussed with:	dim
Reviewed by:	kib
MFC after:	1 month
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18423
2019-02-15 22:22:38 +00:00
Dimitry Andric
c981cbbd13 Merge ^/head r343956 through r344177. 2019-02-15 21:50:45 +00:00
Dimitry Andric
640dd76f2c Merge llvm, clang, compiler-rt, libc++, lld, and lldb release_80 branch
r354130, resolve conflicts, and bump version numbers.
2019-02-15 21:44:42 +00:00
Dimitry Andric
8e85c80dd7 Vendor import of compiler-rt release_80 branch r354130:
https://llvm.org/svn/llvm-project/compiler-rt/branches/release_80@354130
2019-02-15 20:49:11 +00:00
Dimitry Andric
5df36aae64 Vendor import of clang release_80 branch r354130:
https://llvm.org/svn/llvm-project/cfe/branches/release_80@354130
2019-02-15 20:49:05 +00:00
Dimitry Andric
519e1985ae Vendor import of llvm release_80 branch r354130:
https://llvm.org/svn/llvm-project/llvm/branches/release_80@354130
2019-02-15 20:48:51 +00:00
Konstantin Belousov
071bca67ee Unify i386 and amd64 getcontextx.c, and use ifuncs while there.
In particular, use ifuncs for __getcontextx_size(), also calculate the
size of the extended save area in resolver.  Same for __fillcontextx2().

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-02-14 14:02:33 +00:00
Konstantin Belousov
b5d72efb7a x86 __vdso_gettc(): use machine/cpufunc.h function for CPUID.
Based on the discussion with:	jkim
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-02-14 13:59:00 +00:00
Leandro Lupori
9031358d67 silence cast-align warnings from clang on powerpc64
silence the following warning when compiling libthr with clang 8
for powerpc64 architecture:

usr/src/lib/libthr/arch/powerpc/include/pthread_md.h:82:10: error:
cast from 'uint8_t *' (aka 'unsigned char *') to 'struct tcb *'
increases required alignment from 1 to 8 [-Werror,-Wcast-align]
82:  return ((struct tcb *)(_tp - TP_OFFSET));

Submitted by:	alfredo.junior_eldorado.org.br
Reviewed by:	git_bdragon.rtk0.net, emaste, kib, jhibbits, luporl
Differential Revision:	https://reviews.freebsd.org/D18807
2019-02-13 18:28:53 +00:00
Enji Cooper
fd89d5ad05 Compile the tests without -Werror for now
I'm working on resolving the issue upstream on github
2019-02-13 05:41:04 +00:00
Enji Cooper
f3c5273d31 Merge build glue for libraries and tests done on github
I need to doublecheck my work vs the port, but I believe that this covers the
initial integration of all upstream tests.

Ref: https://github.com/ngie-eign/freebsd/tree/googletest-integration
2019-02-13 04:58:15 +00:00
David E. O'Brien
60cc4a3e2d Note that readpassphrase() came into FreeBSD's libc at 4.6. 2019-02-13 04:52:01 +00:00
Kyle Evans
be7dd42376 libbe(3): Fix be_destroy behavior w.r.t. deep BE snapshots and -o
be_destroy is documented to recursively destroy a boot environment.  In the
case of snapshots, one would take this to mean that these are also
recursively destroyed.  However, this was previously not the case.
be_destroy would descend into the be_destroy callback and attempt to
zfs_iter_children on the top-level snapshot, which is bogus.

Our alternative approach is to take note of the snapshot name and iterate
through all of fs children of the BE to try destruction in the children.

The -o option is also fixed to work properly with deep BEs.  If the BE was
created with `bectl create -e otherDeepBE newDeepBE`, for instance, then a
recursive snapshot of otherDeepBE would have been taken for construction of
newDeepBE but a subsequent destroy with BE_DESTROY_ORIGIN set would only
clean up the snapshot at the root of otherDeepBE: ${BEROOT}/otherDeepBE@...

The most recent iteration instead pretends not to know how these things
work, verifies that the origin is another BE and then passes that back
through be_destroy to DTRT when snapshots and deep BEs may be in play.

MFC after:	1 week
2019-02-13 04:19:08 +00:00
Martin Matuska
a39fc08da2 MFV r344063:
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1085: Fix a null pointer dereference bug in zip writer
  PR #1110: ZIP reader added support for XZ, LZMA, PPMD8 and BZIP2
            decopmpression
  PR #1116: Add support for 64-bit ar format
  PR #1120: Fix a 7zip crash [1] and a ISO9660 infinite loop [2]
  PR #1125: RAR5 reader - fix an invalid read and a memory leak
  PR #1131: POSIX reader - do not fail when tree_current_lstat() fails
            due to ENOENT [3]
  PR #1134: Delete unnecessary null pointer checks before calls of free()
  OSS-Fuzz 10843: Force intermediate to uint64_t to make UBSAN happy.
  OSS-Fuzz 11011: Avoid buffer overflow in rar5 reader

PR:		233006 [3]
Security:	CVE-2019-1000019 [1], CVE-2019-1000020 [2]
MFC after:	2 weeks
2019-02-12 23:24:45 +00:00
Kyle Evans
446ae812b0 libbe(3): Belatedly note the BE_DESTROY_ORIGIN option added in r343977
X-MFC-With: r343977
2019-02-12 02:16:21 +00:00