Before this commit, the save-entropy script rotates entropy files
like logs. This involves creating a new file that holds the entropy
and renaming of all existing entropy files. However, the entropy
data do not really need to be kept in a particular order, and
replacing the oldest file is sufficient.
This commit replaces the rotation with a scan in the
[1..entropy_save_num] space that finds the first empty slot, or
the slot of the oldest file, and writes entropy into that slot.
This also fixes an issue that prevents save-entropy from saving
any entropy when there is one non-regular file in any slot as a
side effect.
Based on an earlier patch from peterj@.
PR: 134225
Reported by: peterj
Reviewed by: csprng (cem, markm)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D22612
When a system has no internet connection, or when it is configured to obtain
ntpd leapfiles from some source other than the internet, or even when the
sysadmin has decided for some reason to customize ntp.conf to eliminate use
of the leapfile, the rc.d/ntpd script emits various error messages related
to the file.
This change allows setting the rc var ntp_db_leapfile to NONE to disable all
automatic processing related to that file in rc.d/ntpd.
Differential Revision: https://reviews.freebsd.org/D22461
Four bytes of padding are needed in the regular powerpc case to bring the
stack frame size up to a multiple of 16 bytes to meet ABI requirements.
Fixes odd hangs I was encountering during testing.
Summary:
We need to save off the full 64-bit register, not just the low 32 bits,
of all registers getting saved off in _rtld_bind_start. Additionally,
we need to save off the other SPE registers (SPEFSCR and accumulator),
so that their program state is not affected by the PLT resolver.
Reviewed by: bdragon
Differential Revision: https://reviews.freebsd.org/D22520
Each boot, regenerate /var/run/os-release based on the currently running
system. Create a /etc/os-release symlink pointing to this file (so that this
doesn't create a new reason /etc can not be mounted read-only).
This is compatible with what other systems do and is what the sysutil/os-release
port attempted to do, but in an incomplete way. Linux, Solaris and DragonFly all
implement this natively as well. The complete standard can be found at
https://www.freedesktop.org/software/systemd/man/os-release.html
Moving this to the base solves both the non-standard location problem with the
port, as well as the lack of update of this file on system update.
Bump __FreeBSD_version to 1300060
PR: 238953
Differential Revision: https://reviews.freebsd.org/D22271
FreeBSDlua ("flua") is a FreeBSD-private lua, flavored with whatever
extensions we need for base system operations. We currently support a subset
of lfs and lposix that are used in the rewrite of makesyscall.sh into lua,
added in r354786.
flua is intentionally written such that one can install standard lua and
some set of lua modules from ports and achieve the same effect.
linit_flua is a copy of linit.c from contrib/lua with lfs and lposix added
in. This is similar to what we do in stand/. linit.c has been renamed to
make it clear that this has flua-specific bits.
luaconf has been slightly obfuscated to make extensions more difficult. Part
of the problem is that flua is already hard enough to use as a bootstrap
tool because it's not in PATH- attempting to do extension loading would
require a special bootstrap version of flua with paths changed to protect
the innocent.
src.lua.mk has been added to make it easy for in-tree stuff to find flua,
whether it's bootstrap-flua or relying on PATH frobbing by Makefile.inc1.
Reviewed by: brooks, emaste (both earlier version), imp
Differential Revision: https://reviews.freebsd.org/D21893
to disable mounting Linux-specific filesystems under /compat/linux
when 'linux_enable' is set to YES.
Reviewed by: netchild, ian (earlier version)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D22320
Alter bsd.compat.mk to set MACHINE and MACHINE_ARCH when included
directly so MD paths in Makefiles work. In the process centralize
setting them in LIBCOMPATWMAKEENV.
Alter .PATH and CFLAGS settings in work when the Makefile is included.
While here only support LIB32 on supported platforms rather than always
enabling it and requiring users of MK_LIB32 to filter based
TARGET/MACHINE_ARCH.
The net effect of this change is to make Makefile.libcompat only build
compatability libraries.
Changes relative to r354449:
Correct detection of the compiler type when bsd.compat.mk is used
outside Makefile.libcompat. Previously it always matched the clang
case.
Set LDFLAGS including the linker emulation for mips where -m32 seems to
be insufficent.
Reviewed by: imp, kib (origional version in r354449)
Obtained from: CheriBSD (conceptually)
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22251
Alter bsd.compat.mk to set MACHINE and MACHINE_ARCH when included
directly so MD paths in Makefiles work. In the process centralize
setting them in LIBCOMPATWMAKEENV.
Alter .PATH and CFLAGS settings in work when the Makefile is included.
While here only support LIB32 on supported platforms rather than always
enabling it and requiring users of MK_LIB32 to filter based
TARGET/MACHINE_ARCH.
The net effect of this change is to make Makefile.libcompat only build
compatability libraries.
Reviewed by: imp, kib
Obtained from: CheriBSD (conceptually)
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22251
Previously the watchdog timeout message was appended to the last entry
in the "Waiting for PIDS" list, resulting in a message like
Waiting for PIDS: 31299 31296 90201 9020090 second watchdog timeout
expired. Shutdown terminated.
Print a newline to separate the watchdog timeout message. Also perform
the kill before logging or echoing the message.
PR: 241072
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
This change allows to specify a watchdog(9) timeout for a system
shutdown. The timeout is activated when the watchdogd daemon is
stopped. The idea is to a prevent any indefinite hang during late
stages of the shutdown. The feature is implemented in rc.d/watchdogd,
it builds upon watchdogd -x option.
Note that the shutdown timeout is not actiavted when the watchdogd
service is individually stopped by an operator. It is also not
activated for the 'shutdown' to the single-user mode. In those cases it
is assumed that the operator knows what they are doing and they have
means to recover the system should it hang.
Significant subchanges and implementation details:
- the argument to rc.shutdown, completely unused before, is assigned to
rc_shutdown variable that can be inspected by rc scripts
- init(8) passes "single" or "reboot" as the argument, this is not
changed
- the argument is not mandatory and if it is not set then rc_shutdown is
set to "unspecified"
- however, the default jail management scripts and jail configuration
examples have been updated to pass "jail" to rc.shutdown, just in case
- the new timeout can be set via watchdogd_shutdown_timeout rc option
- for consistency, the regular timeout can now be set via
watchdogd_timeout rc option
- watchdogd_shutdown_timeout and watchdogd_timeout override timeout
specifications in watchdogd_flags
- existing configurations, where the new rc options are not set, should
keep working as before
I am not particularly wed to any of the implementation specifics.
I am open to changing or removing any of them as long as the provided
functionality is the same (or very close) to the proposed one.
For example, I think it can be implemented without using watchdogd -x,
by means of watchdog(1) alone. In that case there would be a small
window between stopping watchdogd and running watchdog, but I think that
that is acceptable.
Reviewed by: bcr (man page changes)
MFC after: 5 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D21221
'sysvipc' - it has nothing to do with ABIs, and I'd like to later
rename 'abi' to 'linux', which better describes its purpose and also
matches the rcvar name.
Reviewed by: emaste
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D21615
has become very trigger-happy with libc++ 9.0.0.
It does not help that gcc's implementation of this warning is even more
trigger-happy, in the sense that it already warns on the declaration
itself, not when you are using it. This is very annoying with our use
of -Wsystem-headers. That should really be disabled for gcc.
After the aux vector is moved, it is necessary to re-digest aux_info so the
pointers are updated to the new locations.
This was causing thread creation to fail on powerpc64 when using direct
execution due to a nonsense value being read for aux_info[AT_STACKPROT].
Approved by: jhibbits (mentor)
Differential Revision: https://reviews.freebsd.org/D21656
std::auto_ptr in a whole bunch of individual Makefiles, make the warning
globally non-fatal instead. This is similar to what was done to many
more non-fatal warnings from newer gcc versions.
A user may set ${name}_env variable in rc.conf(5) in order to set additional
environment variables for a service command. Unfortunately, at the moment
this variable is only honored when the command is specified via the command
variable. Those additional environment variables coming from ${name}_env
are never set if the service is started via the ${rc_arg}_cmd variable (for
example start_cmd).
PR: 239692
Reviewed by: bcr, jilles
Approved by: src (jilles)
Differential Revision: https://reviews.freebsd.org/D21228
It doesn't need to be in runtime and might help people who want to
experiment with other rc system or don't use one (like in small
embedded mfsroot).
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21499
In the past, this allocator seems to have allocated things larger than
a page seperately. Much of this code was removed at some point (perhaps
along with sbrk() used) so remove the rest. Instead, keep allocating in
power-of-two bins up to FIRST_BUCKET_SIZE << (NBUCKETS - 1). If we want
something more efficent, we should use a fancier allocator.
While here, remove some vestages of sbrk() use. Most importantly, don't
try to page align the pagepool since it's always page aligned by mmap().
Reviewed by: kib
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21453
In Seventh Edition UNIX, the last pointer passed to free() was
guaranteed to not actually have been freed allowing memory to be
"compacted" via the following pattern:
free(foo);
foo = realloc(foo, newsize);
Further, Andrew Koenig reports in "C Traps and Pitfalls" that the
original realloc() implementation required this pattern.
The C standard is clear that this is Undefined Behavior. Modern
allocators don't support it and no portable code could rely on it so
remove this support.
Note: the removed implementation contains an off-by-one error and if
an item isn't found on the freelist, then twice as much memory as the
largest possible allocation will be copied.
Reviewed by: kib, imp
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21296
Instead of restoring the saved values of argc, argv and envp,
these must be loaded from the stack that _rtld() modifies.
This fixes rtld direct exec mode.
E.g.: /libexec/ld-elf.so.1 /bin/ls
Reviewed by: jhibbits
Differential Revision: https://reviews.freebsd.org/D21131
First, amd64 version of the script cannot work at least due to the
wrong architecture specification. Second, kernel can activate shared
objects for long time, due to PIE support.
It seems the intent was to allow ld-elf.so.1 to be build and used as
an executable. Since we have direct exec mode implemented for dso
ld-elf.so.1, the non-functional and commented out scripts can be
finally removed.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Update login(1), its manual pages, similar utilities, and motd.5 to refer to
the new location.
Suggested by: delphij@ (re: r349256)
Reviewed by: bcr (manpages), delphij
Differential Revision: https://reviews.freebsd.org/D20721
Move the bluetooth related files from FreeBSD-runtime to a new package named
FreeBSD-bluetooth
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and bluetooth isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20959
In 2013 the security chapter of the Handbook was updated in r42501 to
suggest limiting access to the system accounting file [*1] by creating the
initial file with a mode of 0600. This was in part based on a discussion in
the forums [*2]. Unfortunately, this advice is overridden by the fact that a
new file is created as part of periodic daily processing, and the file mode
is set by the rc.d/accounting script.
These changes update the accounting script to create the directory with mode
0750 if it doesn't already exist, and to create the daily file with mode
0640. This limits write access to root only, read access to root and members
of wheel, and eliminates world access completely. For admins who want to
prevent even members of wheel from accessing the files, the mode of the
/var/account directory can be manually changed to 0700, because the script
never creates or changes that directory if it already exists.
The accounting_rotate_log() function now also handles the error cases of no
existing log file to rotate, and attempting to rotate the file multiple
times (.0 file already exists).
Another small change here eliminates the complexity of the mktemp/chmod/mv
sequence for creating a new acct file by using install(1) with the flags
needed to directly create the file with the desired ownership and
modes. That allows coalescing two separate if checkyesno accounting_enable
blocks into one.
These changes were inspired by my investigation of PR 202203.
[1] https://www.freebsd.org/doc/handbook/security-accounting.html
[2] http://forums.freebsd.org/showthread.php?t=41059
PR: 202203
Differential Revision: https://reviews.freebsd.org/D20876
I found this on one of the CheriBSD Jenkins builders. Using
beforelinking instead of ${PROG} should fix the dependency for the
DEBUG_FILES case.
Reviewed by: brooks
Currently RTLD is linked against libc_nossp_pic which means that any libc
symbol used in rtld can pull in a lot of depedencies. This was causing
symbol such as __libc_interposing and all the pthread stubs to be included
in RTLD even though they are not required. It turns out most of these
dependencies can easily be avoided by providing overrides inside of rtld.
This change is motivated by CHERI, where we have an experimental ABI that
requires additional relocation processing to allow the use of function
pointers inside of rtld. Instead of adding this self-relocation code to
RTLD I attempted to remove most function pointers from RTLD and discovered
that most of them came from the libc dependencies instead of being actually
used inside rtld.
A nice side-effect of this change is that rtld is now 22% smaller on amd64.
text data bss dec hex filename
0x21eb6 0xce0 0xe60 145910 239f6 /home/alr48/ld-elf-x86.before.so.1
0x1a6ed 0x728 0xdd8 113645 1bbed /home/alr48/ld-elf-x86.after.so.1
The number of R_X86_64_RELATIVE relocations that need to be processed on
startup has also gone down from 368 to 187 (almost 50% less).
Reviewed By: kib
Differential Revision: https://reviews.freebsd.org/D20663
Summary:
PowerPC has two PLT models: BSS-PLT and Secure-PLT. BSS-PLT uses runtime
code generation to generate the PLT stubs. Secure-PLT was introduced with
GCC 4.1 and Binutils 2.17 (base has GCC 4.2.1 and Binutils 2.17), and is a
more secure PLT format, using a read-only linkage table, with the dynamic
linker populating a non-executable index table.
This is the libc, rtld, and kernel support only. The toolchain and build
parts will be updated separately.
Reviewed By: nwhitehorn, bdragon, pfg
Differential Revision: https://reviews.freebsd.org/D20598
MFC after: 1 month
Use appropriate fsyncs to persist the rewritten /etc/motd file, when a
rewrite is performed.
Reported by: Jonathan Walton <jonathan AT isilon.com>
Reviewed by: allanjude, vangyzen
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D20701
