735748f30a changed the output of the states so that the creator id
endianness would be consistent. This means that we need to convert the
host endianness creatorid back to big-endian before we give it to the
kernel.
MFC after: 3 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
This matches the type in other unwind headers (LLVM libunwind,
libcxxrt, glibc).
NB: include/unwind.h is not installed but is only used by libthr
Reviewed by: imp, dim, emaste
Differential Revision: https://reviews.freebsd.org/D34049
This test was written because execvp was found to improperly handle the
argc == 0 case when it falls back from an ENOEXEC. We could probably
mostly revert it now, but let's just fix the test for the time being and
circle back later to decide if we want to simplify execvp. The test
will likely remain either way just to make sure execvp isn't working
around the newly enforced restriction with the fallback.
Fixes: 301cb491ea ("execvp: fix up the ENOEXEC fallback")
Reported by: jenkins via lwhsu@
This adds the PT_GETREGSET and PT_SETREGSET ptrace types. These can be
used to access all the registers from a specified core dump note type.
The NT_PRSTATUS and NT_FPREGSET notes are initially supported. Other
machine-dependant types are expected to be added in the future.
The ptrace addr points to a struct iovec pointing at memory to hold the
registers along with its length. On success the length in the iovec is
updated to tell userspace the actual length the kernel wrote or, if the
base address is NULL, the length the kernel would have written.
Because the data field is an int the arguments are backwards when
compared to the Linux PTRACE_GETREGSET call.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D19831
We provide the hostid (which is the state creatorid) to the kernel as a
big endian number (see pfctl/pfctl.c pfctl_set_hostid()), so convert it
back to system endianness when we get it from the kernel.
This avoids a confusing mismatch between the value the user configures
and the value displayed in the state.
MFC after: 3 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D33989
The manpage has contained the following verbiage on the matter for just
under 31 years:
"At least one argument must be present in the array"
Previous to this version, it had been prefaced with the weakening phrase
"By convention."
Carry through and document it the rest of the way. Allowing argc == 0
has been a source of security issues in the past, and it's hard to
imagine a valid use-case for allowing it. Toss back EINVAL if we ended
up not copying in any args for *execve().
The manpage change can be considered "Obtained from: OpenBSD"
Reviewed by: emaste, kib, markj (all previous version)
Differential Revision: https://reviews.freebsd.org/D34045
As documented in the HiFive Unmatched Software Reference Manual.
Reviewed by: imp, mhorne
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34010
While LLDB on powerpc and powerpcspe builds as-is, on powerpc64 and
powerpc64le it requires adding a couple of additional source files
to build.
Differential review: https://reviews.freebsd.org/D34043
Approved by: dim, imp, emaste
The CAM subsystem uses bus:taget:lun tuple to address peripherals. But
for convenience many userland programs such as camcontrol accept devices
names such as da0. There is a libcam function, cam_open_device, to
support that. It first calls cam_get_device() to parse the device name
as a driver name and a unit (and handle some special device name
prefixes) and then uses cam_lookup_pass() to find a matching pass
device.
This change extends cam_get_device() to apply realpath(3) to the device
name before parsing it. This will allow to use tools such as camcontrol
and smartctl with symbolic links that could be friendlier (more
distinguished) names for devices.
MFC after: 3 weeks
Relnotes: maybe
This matches libc and rtld in using the alignment (TLS_TCB_ALIGN) from
machine/tls.h instead of hardcoding 16.
Reviewed by: kib
Sponsored by: The University of Cambridge, Google Inc.
Differential Revision: https://reviews.freebsd.org/D34023
otherwise the data is just dropped. Check for current position equal to
the buffer base at the entry of the function; if not equal, setvbuf()
was done from the write method and it is not our business to override
the decision.
PR: 76398
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D34007
Reviewed by: kib, markj
Obtained from: CheriBSD
Sponsored by: The University of Cambridge, Google Inc.
Differential Revision: https://reviews.freebsd.org/D33988
Notable upstream pull request merges:
#12766 Fix error propagation from lzc_send_redacted
#12805 Updated the lz4 decompressor
#12851 FreeBSD: Provide correct file generation number
#12857 Verify dRAID empty sectors
#12874 FreeBSD: Update argument types for VOP_READDIR
#12896 Reduce number of arc_prune threads
#12934 FreeBSD: Fix zvol_*_open() locking
#12947 lz4: Cherrypick fix for CVE-2021-3520
#12961 FreeBSD: Fix leaked strings in libspl mnttab
#12964 Fix handling of errors from dmu_write_uio_dbuf() on FreeBSD
#12981 Introduce a flag to skip comparing the local mac when raw sending
#12985 Avoid memory allocations in the ARC eviction thread
Obtained from: OpenZFS
OpenZFS commit: 17b2ae0b24
The text after .error et al is emitted verbatim.
Reviewed by: sjg
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33904
sizeof(bitfield.member) is invalid, and this shows up in some FreeBSD
build configurations: work around this by !!ing ‒
this makes the sizeof target the ! result type (_Bool), instead
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Fixes: 42aaf0e ("libspl: ASSERT*: mark arguments as used")
Closes#12984Closes#12986
All it is right now is some #if 0ed Solaris code that returns ENOSYS,
and is only applicable for the Solaris blockdev layer.
In the Illumos gate, there's a single user: rmformat(1);
I recommend a read of the manual as a blast from the past, but, well
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Issue #12844Closes#12969
The current ASLR stack gap feature will be removed, and with that the
need for this change, and the kern.stactop sysctl, is gone. Moreover,
the approach taken in this revision does not provide compatibility for
old copies of libthr.so, and the revision should have also updated
__libc_map_stacks_exec().
This reverts commit 78df56ccfc.
Reviewed by: kib
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33704
A case of undefined behavior in __fread() has been detected by UBSAN
and reported by Mark Millard:
/usr/main-src/lib/libc/stdio/fread.c:133:10: runtime error: applying
zero offset to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior in
/usr/main-src/lib/libc/stdio/fread.c:133:10
While being benign (the NULL pointer is later passed to memcpy() with
a length argument of 0), this issue causes in the order of 600 Kyua
test cases to fail on systems running a world built with WITH_UBSAN
and WITH_ASAN.
The undefined behavior can be prevented by skipping operations that
have no effect for r == 0. Mark Millard has suggested to only skip
this code segment if fp->_p == NULL, but I have verified that for the
case of r == 0 no further argument checking is performed on the
addresses passed to memcpy() and thus no bugs are hidden from the
sanitizers due to the simpler condition chosen.
Reported by: Mark Millard (marklmi@yahoo.com)
Tested by: Mark Millard (marklmi@yahoo.com)
Differential Revision: https://reviews.freebsd.org/D33903
MFC after: 2 weeks
Evaluated every variable that lives in .data (and globals in .rodata)
in the kernel modules, and constified/eliminated/localised them
appropriately. This means that all read-only data is now actually
read-only data, and, if possible, at file scope. A lot of previously-
global-symbols became inlinable (and inlined!) constants. Probably
not in a big Wowee Performance Moment, but hey.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Closes#12899
The FreeBSD implementations of various libspl functions for getting
mounted device information were found to leak several strings which
were being allocated in statfs2mnttab but never freed.
The Solaris getmntany(3C) and related interfaces are expected to return
strings residing in static buffers that need to be copied rather than
freed by the caller.
Use static thread-local storage to stash the mnttab structure strings
from FreeBSD's statfs info rather than strings allocated on the heap by
strdup(3).
While here, remove some stray commented out lines.
Reviewed-by: Alexander Motin <mav@FreeBSD.org>
Reviewed-by: Rich Ercolani <rincebrain@gmail.com>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
Closes#12961
They're later |=d with constants, but never reset
Caught by valgrind while investigating
https://github.com/openzfs/zfs/pull/12928#issuecomment-1007496550
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Closes#12954
Mark Milliard has detected a case of undefined behavior with the LLVM
UBSAN. The mandoc program called qsort with a==NULL and n==0, which is
allowed by the POSIX standard. The qsort() in FreeBSD did not attempt
to perform any accesses using the passed pointer for n==0, but it did
add an offset to the pointer value, which is undefined behavior in
case of a NULL pointer. This operation has no adverse effects on any
achitecture supported by FreeBSD, but could be caught in more strict
environments.
After some discussion in the freebsd-current mail list, it was
concluded that the case of a==NULL and n!=0 should still be caught by
UBSAN (or cause a program abort due to an illegal access) in order to
not hide errors in programs incorrectly invoking qsort().
Only the the case of a==NULL and n==0 should be fixed to not perform
the undefined operation on a NULL pointer.
This commit makes qsort() exit before reaching the point of
potentially undefined behvior for the case n==0, but does not test
the value of a, since the result will not depend on whether this
pointer is NULL or an actual pointer to an array if n==0.
The issue found by Mark Milliard in the whatis command has been
reported to the upstream (OpenBSD) and has already been patched
there.
MFC after: 1 week
Otherwise on mapper failure we goto error handler which expect
rpscoc_lock owned, but we do not.
PR: 261051
Reported by: RyanCai <ryancaicse@gmail.com>
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
LLDB depends on libclang as it uses Clang as the expression parser.
Previously setting WITHOUT_CLANG but leaving LLDB enabled (as default)
resulted in a build failure.
Users who set WITHOUT_CLANG in order to reduce build time or size
might want to set WITHOUT_LLDB in addition to WITHOUT_CLANG, or use
WITHOUT_TOOLCHAIN instead.
PR: 260993
Reported by: eugen
Reviewed by: dim
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
As an experiment, I stole the lz4 decompressor from
upstream lz4 (1.9.3), and landed it.
Feedback suggested that keeping the vendor lz4 code isolated and
unlinted was probably reasonable, so I lobbed it into its own file.
It also seemed reasonable to put the mostly-untouched* code into
lz4.c proper, and relegate the integrated and ZFS-specific code to
lz4_zfs.c.
Reviewed-by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Rich Ercolani <rincebrain@gmail.com>
Closes#12805
After progressively folding away null cases, it turns out there's
/literally/ nothing there, even if some things are part of the
Solaris SPARC DDI/DKI or the seventeen module types (some doubled for
32-bit userland), or the entire modctl syscall definition.
Nothing.
Initialisation is handled in illumos-crypto.c,
which calls all the initialisers directly
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Attila Fülöp <attila@fueloep.org>
Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>
Closes#12895Closes#12902
This reverts commit f6a0dac84a.
Reviewed-by: Matthew Ahrens <mahrens@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Mark Maybee <mark.maybee@delphix.com>
Signed-off-by: Paul Dagnelie <pcd@delphix.com>
Closes#12938
It turns out that we still need xlocal.h protection for when we're
cross building on Linux. Linux doesn't have this file, but os/x
does. Before, we'd assume we didn't have it, like old FreeBSD, when
cross compiling. After the latest update, all that code was removed so
cross compiling needs to be handled separaetly. Do so by defining
HAVE_XLOCALE_H only when we're not building on linux. This allows us
to build the mkmagic build tool needed to build file(1).
Sponsored by: Netflix
Reviewed by: jrtc27
Differential Revision: https://reviews.freebsd.org/D33741
in handling the cpuset sizes different from sizeof(cpuset_t).
For both cases, cpuset size shorter than sizeof(cpuset_t) results
in EINVAL on Linux.
For sched_getaffinity(), be more permissive and accept cpuset size
larger than our cpuset_t, by clipping the syscall argument and zeroing
the rest of the output buffer. For sched_setaffinity(), we should allow
shorter cpusets than current ABI size, again zeroing the rest of the bits.
With this change, python os.sched_get/setaffinity functions work.
Reported by: se
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
The MINIMUM_SUPPORTED_OSREL is 1002501 (FreeBSD 10.3), and xlocale is
supported there.
While I'm there, explicitly use config.h generated with --disable-bzlib
--disable-xzlib instead of deleting them manually.
MFC after: 2 weeks
Do not redefine the fallthrough macro when building with libcpp.
Reviewed-by: Ryan Moeller <ryan@iXsystems.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Martin Matuska <mm@FreeBSD.org>
Closes#12880
Any error from lzc_send_redacted is overwritten by the error of
send_conclusion_record; skip writing the conclusion record if there
was an earlier error.
Reviewed-by: Paul Dagnelie <pcd@delphix.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Philipp Riederer <philipp@riederer.email>
Closes#12766
If I'm not mistaken, the underlying sendmsg() for nvlist_send() is
failing with ENOBUFS. In turn, nvlist_recv() returns NULL because it
didn't receive the expected number of file descriptors.
Adjusting net.local.dgram.recvspace worked on my local machine, but on
CI the test still fails consistently.
PR: 260891
This is a re-application of commit
2d82b47a5b, which was reverted since it
broke with syslog daemons that don't adjust the /dev/log recv buffer
size. Now that the default is large enough to accomodate 8KB messages,
restore support for large messages.
PR: 260126
As with other runtime components like libc or libcxxrt.
If desired we can stop linking devd statically after this change (to
achive approximately no net change in required root filesystem size).
We must set SHLIBDIR with ?= before including <src.opts.mk>, otherwise
that will have set SHBLIDIR to its default value of /usr/lib.
Otherwise, "make delete-old-libs" would suggest to delete libc++.so.1
from /usr/lib, while there was not yet a copy in /lib.
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33123
The introduction of <sched.h> improved compatibility with some 3rd
party software, but caused the configure scripts of some ports to
assume that they were run in a GLIBC compatible environment.
Parts of sched.h were made conditional on -D_WITH_CPU_SET_T being
added to ports, but there still were compatibility issues due to
invalid assumptions made in autoconfigure scripts.
The differences between the FreeBSD version of macros like CPU_AND,
CPU_OR, etc. and the GLIBC versions was in the number of arguments:
FreeBSD used a 2-address scheme (one source argument is also used as
the destination of the operation), while GLIBC uses a 3-adderess
scheme (2 source operands and a separately passed destination).
The GLIBC scheme provides a super-set of the functionality of the
FreeBSD macros, since it does not prevent passing the same variable
as source and destination arguments. In code that wanted to preserve
both source arguments, the FreeBSD macros required a temporary copy of
one of the source arguments.
This patch set allows to unconditionally provide functions and macros
expected by 3rd party software written for GLIBC based systems, but
breaks builds of externally maintained sources that use any of the
following macros: CPU_AND, CPU_ANDNOT, CPU_OR, CPU_XOR.
One contributed driver (contrib/ofed/libmlx5) has been patched to
support both the old and the new CPU_OR signatures. If this commit
is merged to -STABLE, the version test will have to be extended to
cover more ranges.
Ports that have added -D_WITH_CPU_SET_T to build on -CURRENT do
no longer require that option.
The FreeBSD version has been bumped to 1400046 to reflect this
incompatible change.
Reviewed by: kib
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D33451
Text requests and responses can span multiple PDUs. In that case, the
sender sets the Continue bit in non-final PDUs and the Final bit in
the last PDU. The receiver responds to non-final PDUs with an empty
text PDU.
To support this, add a more abstract API in libiscsi which accepts and
receives key sets rather than PDUs. These routines internally send or
receive one or more PDUs. Use these new functions to replace the
handling of TextRequest and TextResponse PDUs in discovery sessions in
both ctld and iscsid.
Note that there is not currently a use case for large Text requests
and those are still always sent as a single PDU. However, discovery
sessions can return a text response listing targets that spans
multiple PDUs, so the new API supports sending and receiving multi-PDU
responses.
Reported by: Jithesh Arakkan @ Chelsio
Reviewed by: mav
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D33548
As with other runtime components like libc or libcxxrt.
If desired we can stop linking devd statically after this change (to
achive approximately no net change in required root filesystem size).
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33123
The states macro is the type for engine.c to use, with states1 being a
local macro for regexec to use to determine whether it can use the small
matcher or not (by comparing nstates and 8*sizeof(states1)). However,
macro bodies are expanded in the context of their use, and so when
regexec uses states1 it uses the current value of states, which is left
over as char * from the large version (or, really, the multi-byte one,
but that reuses large's states). For all supported architectures in
FreeBSD, the two have the same size, and so this confusion is harmless.
However, for architectures like CHERI where that is not the case (or
Windows's LLP64 as discovered by LLVM and fixed in 2010 in 2e071faed8e2)
and sizeof(char *) is bigger than sizeof(long) regexec will erroneously
try to use the small matcher when nstates is between sizeof(long) and
sizeof(char *) (i.e. between 64 and 128 on CHERI, or 32 and 64 on LLP64)
and end up overflowing the number of bits in the underlying long if it
ever uses those high states. On weirder architectures where sizeof(long)
is greater than sizeof(char *) this also fixes it to not fall back on
the large matcher prematurely, but such architectures are likely limited
to the embedded space, if they exist at all.
Fix this by swapping round states and states1, so that states1 is
defined directly as being long and states is an alias for it for the
small matcher case.
Found by: CHERI
This will be used in future changes to support large text requests
spanning multiple PDUs.
Provide wrapper functions keys_load/save_pdu that operate use a PDU's
data buffer.
Reviewed by: mav
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D33547
When keys are loaded from a received PDU, a copy of the received keys
block is saved in the keys struct and the name and value pointers
point into that saved block. Freeing the keys frees this block.
However, when keys are added to a keys struct to build a set of keys
later sent in a PDU, the keys data block pointer is not used and
individual key names and values hold allocated strings. When the keys
structure was freed, all of these individual key name and value
strings were leaked.
Instead, allocate copies of strings for names and values when parsing
a set of keys from a received PDU and free all of the individual key
name and value strings when deleting a set of keys.
Reviewed by: mav
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D33545
Move some of the code duplicated between ctld(8) and iscsid(8) into a
libiscsiutil library.
Sharing the low-level PDU code did require having a
'struct connection' base class with a method table to permit separate
initiator vs target behavior (e.g. in handling proxy PDUs).
Reviewed by: mav, emaste
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D33544
Checking there are still bytes left must be done before dereferencing
the pointer, not the other way round. This is harmless on traditional
architectures since the result will immediately be thrown away, and all
callers are in separate translation units so there is no potential for
optimising based on this out-of-bounds read. However, on CHERI, pointers
are bounded, and so this will trap if fed a string that does not have a
NUL within the first len bytes.
Found by: CHERI
Reviewed by: brooks
__FBSDID() places the provided string in the output object's .comment
section. However, with the transition to Git $FreeBSD$ is no longer
expanded and so we emitted a literal $FreeBSD$.
$FreeBSD$ will be addressed in a holistic manner in the future, but at
least avoid embedding it into everything linked on FreeBSD (via csu).
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33594
