prototypes in <tcpd.h> use FILE. Pull in a minimal forward declaration
of FILE from <stdio.h> to minimize impact. Sorry for the breakage.
Reported by: Shawn Webb <shawn.webb@hardenedbsd.org>
X-MFC-With: r311459
Clang 4.0.0 complains about tcpd.h's not-really-prototypes, e.g.:
/usr/include/tcpd.h:75:24: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
extern int hosts_access(); /* access control */
^
To fix this, turn these declarations into real prototypes. While here,
garbage collect the incompatible rfc931() function from scaffold.c, as
it is never used.
Reviewed by: emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D9052
Add an XXX comment to note that the conditional seems suspect given
how it's handled elsewhere in the SNMP_OP_SET case.
MFC after: 2 weeks
Reported by: Coverity
CID: 1008573
- Use strlcpy to ensure p->name doesn't overflow sa.sun_path [*].
- Use SUN_LEN(..) instead of spelling out calculation longhand (inspired
by comment by jmallett).
Tested with: dgram and stream support with both bsnmpwalk and snmpwalk
MFC after: 1 week
Reported by: Coverity
CID: 1006825
- Ensure `section` doesn't overrun section by using strlcpy instead of
strcpy [*].
- Use strdup instead of malloc + strcpy (this wasn't flagged by Coverity,
but is an opportunistic change).
MFC after: 1 week
Reported by: Coverity
CID: 1006826 [*]
The previous change was flawed in terms of how it calculated the
buffer length for the sockaddr_un object. Use SUN_LEN where
appropriate and mute the Coverity complaint by using memset(.., 0, ..)
to zero out the entire structure instead of setting .sun_len to a bogus
value and strlcpy'ing in the contents of argv[1].
SUN_LEN is now being passed to bind(2) as well. For some odd reason
this wasn't flagged as a bug with Coverity.
Reported by: jilles, jmallett
MFC after: 2 days
X-MFC with: r311233
party software, this provides more standarized import workflow and
makes future upgrades easier.
The following files are new with this commit:
zconf.h.in
zlib.map
zlib.pc.in
They are not connected to build, but were kept in tree for reference
for future maintenance.
All our local trivial changes were applied to contrib/zlib, and the
contrib/zlib vendor source code is intended to 100% match lib/libz
before this commit.
MFC after: 2 weeks
This code is unused on FreeBSD, but it mutes a valid Coverity warning
which would be true on NetBSD
MFC after: 3 days
Reported by: Coverity
CID: 978311
Ensure child exits when complete as it's always run in a forked
process.
Add a missing break statement in :pselect_sigmask when calling
child(..) for clarity and to avoid weird domino effects if the
child process somehow does something it's not supposed to do
with the logfiles, file descriptors, etc
MFC after: 1 week
Reported by: Coverity
CID: 1223369, 1223370, 1300301
sure it returns 0
sched_yield tests for values returning 0 of type int and sched_yield is
of type long, so the test is a mismatch
MFC after: 1 week
Reported by: Coverity
CID: 1254953, 1254954, 1254965, 1254966
This doesn't fix the issue noted in the PR, but at the very least it
cleans up the error so it looks a bit more sane, and in the event
that bsnmp did wander off into the weeds, the likelihood of it
crashing with more sensible output is greater, in my opinion
MFC counter set high so I have enough time to resolve the real
underlying bug in bsnmpwalk
MFC after: 1 month
PR: 215721
- Call snmp_pdu_free on req and resp when done with the objects
- Call snmp_pdu_free on req before calling snmp_pdu_create on it
again
MFC after: 1 week
avoid returning an uninitialized value
There are some really complicated, snakey if-statements combined with
switch statements that could result in an invalid value being returned
as `ret`
MFC after: 1 week
Reported by: Coverity
CID: 1006551
This is of course to avoid buffer overruns
The remaining strcpy instance in the module needs to be audited for
correctness
MFC after: 1 week
Reported by: Coverity
CID: 1006827, 1006828
Sync libarchive with vendor.
Vendor changes (relevant to FreeBSD):
PR #771: Add NFSv4 ACL support to pax and restricted pax
NFSv4 ACL information may now be stored to and restored from tar archives.
ACL must be non-trivial and supported by the underlying filesystem, e.g.
natively by ZFS or by UFS with the NFSv4 ACL enable flag set.
MFC after: 2 weeks
Relnotes: yes
snmp_pdu_free: set pdu->nbindings to 0 to limit the damage that
could happen if a pdu was reused after calling the function, and
as both stack and heap allocation types are used in contrib/bsnmp
and usr.sbin/bsnmpd.
snmp_value_free: NULL out value->v.octetstring.octets after calling
free on it to prevent a double-free from occurring.
MFC after: 2 weeks
dwarf_attrval_*() will search the parent DIE referenced by a
DW_AT_abstract_origin attribute for the value of the DW_AT_type attribute.
Do the same thing for the DW_AT_specification attributes in variable
definitions emitted by GCC 6.2, and ensure that we return an error rather
than crashing if neither DW_AT_abstract_origin or DW_AT_specification is
found when looking for the value of the DW_AT_type attribute.
PR: 215350, 215395
Reviewed by: emaste
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D8920
or --license as most apps would do, instead it waits for data to
compress on stdin. Because of that, if `bzip2 --version' is called,
bogus `bzip2: I won't write compressed data to a terminal' error
message will be displayed, and checking for bzip2 version in scripts
as in
bzip2 --version 2>&1 | grep -o "Version [^,]*"
will hand as bzip2 would wait for data to compress on stdin. Fix
this by exiting right after showing version/license text.
I've tried to push this upstream for more than a year, but author
is unresponsive, so upstream may be considered dead.
Ubuntu applies similar fix, for the note.
PR: 199443
Approved by: dim, bapt
MFC after: 2 weeks
Differential Revision: D8924
as the listening address in snmpd_input(..)
Stash the IPv4 address of the receiver via the recv(..) callback and use it in
the send(..) callback for the transport by specifying IP_SENDSRCADDR for the
control message type.
Add sendmsg logic to the UDP transport's send(..) callback and use the
respective send(..) callback for the transport instead of calling sendto in
snmpd_input(..).
MFC after: 3 weeks
Obtained from: Isilon OneFS (^/onefs/branches/BR_8_0_0_DEV@r507595)
Submitted by: Thor Steingrimsson <thor.steingrimsson@isilon.com>
Sponsored by: Dell EMC Isilon
Fixed a bug that the PE object section names are generated incorrectly
using the section name table found in the original input ELF object
instead of the intermediate ELF object.
Ticket: #541
Do not try to copy section content from a NULL d_buf when creating
uninitialized data COFF section for PE object.
Ticket: #540
Obtained from: ELF Tool Chain r3507, r3508
MFC after: 1 week
Sync libarchive with vendor.
Vendor bugfixes (relevant to FreeBSD):
PR 846: Spelling fixes
PR 850: Fix issues with reading certain jar files
OSS-Fuzz 286: Bugfix in archive_strncat_l()
Again, for reasons I don't yet understand, this is not being flagged by the
compiler. Unlike the issue addressed in r310587, this problem existed prior
to r310586
MFC after: 2 weeks
X-MFC with: r310586, r310587
Add recv callback to transport layer to better facilitate code reuse and
readability and for symmetry with send callback. Move recv_dgram and
recv_stream to udp_recv and lsock_recv, respectively, and make the
beforementioned functions recv callbacks for the udp and lsock transports,
respectively.
Consolidate the check_priv* functions in their relevant trans*.c source to
limit scope/use.
Note: this code is roughly based content from the submitter, although this
was modified to be more of a direct move from snmpd/main.c to the trans_*.c
sources, and to reduce unnecessary static function declarations.
MFC after: 2 weeks
Submitted by: Thor Steingrimsson <thor.steingrimsson@isilon.com>
Sponsored by: Dell EMC Isilon
- Use inet_pton with AF_INET instead of doing longhand with sscanf.
- Use gethostbyname2 with AF_INET to ensure that the hostname isn't
accidentally parsed with another address family, e.g. AF_INET6.
NB: IpAddress per RFC-2578 is IPv4 only. Work is in progress to add
the InetAddress type and friends documented in RFC-4001 and
elsewhere (which supports IPv4, IPv6, and more).
MFC after: 2 weeks
- Explicitly test snmp_pdu_encode against SNMP_CODE_OK instead of assuming
any non-zero value is bad.
- Print out the code before calling abort() to give the end-user something
actionable to debug without having to recompile the binary, since the
core might not have these details.
MFC after: 1 week
The libgcc __register_frame and __deregister_frame functions take a
pointer to a set of FDE/CIEs, terminated by an entry where length is 0.
In Apple's libunwind implementation the pointer is taken to be to a
single FDE. I suspect this was just an Apple bug, compensated by Apple-
specific code in LLVM.
See lib/ExecutionEngine/RuntimeDyld/RTDyldMemoryManager.cpp and
http://lists.llvm.org/pipermail/llvm-dev/2013-April/061737.html
for more detail.
This change is based on the LLVM RTDyldMemoryManager.cpp. It should
later be changed to be alignment-safe.
Reported by: dim
Reviewed by: dim
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8869
The restriction here is pretty late and pretty minimal. We need a lot
of authority to open password databases, and don't do much after that
point.
Feedback from: lifanov at mail.lifanov.com (earlier version), emaste (earlier version)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D7988
Needed for 'readelf -l' of extended phnum files. (Parity with GNU
binutils.)
Reviewed by: no one, unfortunately
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8703
Extended numbering is used for any of these fields overflowing.
Reviewed by: emaste@
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8701
Initialize l_sec_contents to make sure that free(l_sec_contents) is called
on valid pointers.
Obtained from: OpenBSD (partial CVS rev 1.18)
MFC after: 5 days
executing :mincore_resid
The default process limits in FreeBSD is 64kB for unprivileged users,
which empirically is too low to run the :mincore_resid testcase.
Process limits are inherited, so even though the default limit for
root users is RLIM_INFINITY, the inherited limit with "sudo" with the
default login.conf will be 64kB.
Use setrlimit to set rlim_max for RLIMIT_MEMLOCK to RLIM_INFINITY to
avoid ENOMEM issues when calling mlock to wire the mmap'ed address
space.
setrlimit requires root access to increase rlim_max, so require root
privileges when running the test
Discovered when executing the tests with sudo, e.g.
"sudo kyua test -k /usr/tests/lib/libc/sys/Kyuafile mincore_test"
MFC after: 2 weeks
- Duplicate test_unmount to _test_unmount
- Remove atf_check calls
- Call _test_unmount from test_unmount, checking the exit code
at the end, and returning it to maintain the test_unmount
"contract"
MFC after: 1 week
Add some shortcuts in LazyValueInfo to reduce compile time of
Correlated Value Propagation.
The patch is to partially fix PR10584. Correlated Value Propagation
queries LVI to check non-null for pointer params of each callsite. If
we know the def of param is an alloca instruction, we know it is
non-null and can return early from LVI. Similarly, CVP queries LVI to
check whether pointer for each mem access is constant. If the def of
the pointer is an alloca instruction, we know it is not a constant
pointer. These shortcuts can reduce the cost of CVP significantly.
Differential Revision: https://reviews.llvm.org/D18066
This significantly reduces memory usage and compilation time when
compiling a particular C++ source file of the graphics/colmap port.
PR: 215136
MFC after: 3 days
Include the SHN_UNDEF (zero) index special section in extended-attribute
ELF files, like GNU binutils' readelf.
Additionally, print "<no-name>" for sections without names, like GNU
binutils.
Reviewed by: kaiw@
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8707
of memory allocation failures combined with insufficient error checking
could result in the construction and execution of an argument sequence that
was not intended.
Fix that treating malloc(3) failures as fatal condition.
Submitted by: brooks
Security: FreeBSD-SA-16:36.telnetd
The mbtoc(3) and wctomb(3) functions use internal state which may be
tainted before the call to strvis(3). In this context we can just use
the thread-safe versions mbrtoc(3) and wcrtomb(3) which allow passing
our own state from our stack.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Sync libarchive with vendor.
Vendor bugfixes:
libarchive #831:
Spelling fixes
libarchive #832:
Relax sanity checks of number fields in tar header even more
OSS-Fuzz #16:
Fix possible hang in uudecode_filter_read()
OSS-Fuzz #220:
Reject an 'ar' filename table larger than 1GB or a filename larger
than 1MB.
MFC after: 1 week
This fixes reading tar archives created by older versions of
plexus-archiver (used by maven-assembly-plugin) that fill uid and gid
fields with spaces (PLXCOMP-233).
Vendor issue:
https://github.com/libarchive/libarchive/issues/832
Reported by: Antoine Brodin <antoine@freebsd.org>
MFC after: 1 week
The copy of contrib/libc-vis on ^/stable/10 doesn't contain all of the features
in the ^/stable/11 // ^/head version, including VIS_NOLOCALE. The risk is lower
in conditionally running the test instead of backporting the newer version of
libc-vis
MFC after: now
factor lives in /usr/games/, not /usr/bin, in NetBSD.
The correct way to handle this is do on-the-fly manipulation of the test
script via ATF_TESTS_SH_SED_<foo>, not by modify the pathing directly in
the test script.
This is being done to resolve an unnecessary conflict made when pulling
back ^/head@r309469 (contrib/netbsd-tests update) to ^/stable/10.
No functional change
MFC after: now
rather unfortunate upstream workaround for an unwind header problem that
does not exist on FreeBSD, but which causes an unnecessary warning for
us, add some flags to the compiler-rt Makefile to suppress the warning.
Sync libarchive with vendor.
Vendor bugfixes:
Fix for heap-buffer-overflow in archive_le16dec()
Fix for heap-buffer-overflow in uudecode_bidder_bid()
Reworked fix for compatibility with archives created by Perl Archive::Tar
MFC after: 1 week
This uses the same fix as r294894 did for the mlock test. The code from
that commit is moved into a common object file which PROGS supports
building first.
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8689
Sync libarchive with vendor.
Small improvements, style fixes, bugfixes.
Restores compatibility with tar archives created with Perl Archive::Tar (1)
MFC after: 1 week
Reported by: Matthew Seaman <matthew@freebsd.org> (1)
This includes a security fix for a component that we do not build, and
two potentially useful client side fixes for reintegrate merges and tree
conflict handling. See CHANGES for full details.
Sync libarchive with vendor.
Important vendor bugfixes (relevant to FreeBSD):
#821: tar -P cannot extract hardlinks through symlinks
#825: Add sanity check of tar "uid, "gid" and "mtime" fields
PR: 213255
Reported by: Tijl Coosemans <tilj@FreeBSD.org>
MFC after: 1 week
Important vendor bugfixes (relevant to FreeBSD):
#821: tar -P cannot extract hardlinks through symlinks
#825: Add sanity check of tar "uid, "gid" and "mtime" fields
[PowerPC] Refactor soft-float support, and enable PPC64 soft float
This change enables soft-float for PowerPC64, and also makes
soft-float disable all vector instruction sets for both 32-bit and
64-bit modes. This latter part is necessary because the PPC backend
canonicalizes many Altivec vector types to floating-point types, and
so soft-float breaks scalarization support for many operations. Both
for embedded targets and for operating-system kernels desiring
soft-float support, it seems reasonable that disabling hardware
floating-point also disables vector instructions (embedded targets
without hardware floating point support are unlikely to have Altivec,
etc. and operating system kernels desiring not to use floating-point
registers to lower syscall cost are unlikely to want to use vector
registers either). If someone needs this to work, we'll need to
change the fact that we promote many Altivec operations to act on
v4f32. To make it possible to disable Altivec when soft-float is
enabled, hardware floating-point support needs to be expressed as a
positive feature, like the others, and not a negative feature,
because target features cannot have dependencies on the disabling of
some other feature. So +soft-float has now become -hard-float.
Fixes PR26970.
Pull in r283061 from upstream clang trunk (by Hal Finkel):
[PowerPC] Enable soft-float for PPC64, and +soft-float -> -hard-float
Enable soft-float support on PPC64, as the backend now supports it.
Also, the backend now uses -hard-float instead of +soft-float, so set
the target features accordingly.
Fixes PR26970.
Reported by: Mark Millard
PR: 214433
[PPC] Set SP after loading data from stack frame, if no red zone is
present
Follow-up to r280705: Make sure that the SP is only restored after
all data is loaded from the stack frame, if there is no red zone.
This completes the fix for
https://llvm.org/bugs/show_bug.cgi?id=26519.
Differential Revision: https://reviews.llvm.org/D24466
Reported by: Mark Millard
PR: 214433
Call Frame Optimization on i386 and libunwind, by disallowing the
optimization for i386-freebsd12.
This should fix some instances of broken exception handling when frame
pointers are omitted, in particular some unittests run during the build
of editors/libreoffice.
This hack will be removed as soon as upstream has implemented a more
permanent fix for this problem.
Upstream PR: https://llvm.org/bugs/show_bug.cgi?id=30879
Reviewed by: emaste
PR: 212343
VSS stands for "Volume Shadow Copy Service". Unlike virtual machine
snapshot, it only takes snapshot for the virtual disks, so both
filesystem and applications have to aware of it, and cooperate the
whole VSS process.
This driver exposes two device files to the userland:
/dev/hv_fsvss_dev
Normally userland programs should _not_ mess with this device file.
It is currently used by the hv_vss_daemon(8), which freezes and
thaws the filesystem. NOTE: currently only UFS is supported, if
the system mounts _any_ other filesystems, the hv_vss_daemon(8)
will veto the VSS process.
If hv_vss_daemon(8) was disabled, then this device file must be
opened, and proper ioctls must be issued to keep the VSS working.
/dev/hv_appvss_dev
Userland application can opened this device file to receive the
VSS freeze notification, hold the VSS for a while (mainly to flush
application data to filesystem), release the VSS process, and
receive the VSS thaw notification i.e. applications can run again.
The VSS will still work, even if this device file is not opened.
However, only filesystem consistency is promised, if this device
file is not opened or is not operated properly.
hv_vss_daemon(8) is started by devd(8) by default. It can be disabled
by editting /etc/devd/hyperv.conf.
Submitted by: Hongjiang Zhang <honzhan microsoft com>
Reviewed by: kib, mckusick
MFC after: 3 weeks
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D8224
AArch64: only try to use scaled fcvt ops on legal vector types.
Before we ended up calling getSimpleVectorType on a <3 x float>, which
asserted.
This fixes an assertion when building the print/ghostscript9-agpl-base
port for AArch64.
PR: 213865
MFC after: 3 days
Used extensively on my network over the past month.
Reviewed by: pfg, brooks
Suggested by: pfg
Obtained from: ftp://ftp.am-utils.org/pub/am-utils/
MFC after: 6 weeks
Relnotes: yes
Differential Revision: D8405
[AArch64] Don't blindly lower f16/f128 FCCMPs.
Instead, extend f16 (like we do when lowering a standalone SETCC),
and let f128 be legalized to the RT calls.
Fixes PR26803.
This fixes a fatal "Cannot select" backend error when building the
net/freerdp port for AArch64.
PR: 214380
MFC after: 3 days
Some tools spawn c++filt and pass it a single line at a time for
demangling. This is akin to r276689 for addr2line.
Sponsored by: The FreeBSD Foundation
[AArch64] PR28877: Don't assume we're running after legalization when
creating vcvtfp2fxs
Summary:
The DAG combine transformation that was generating the
aarch64_neon_vcvtfp2fxs node was assuming that all inputs where legal
and wasn't accounting that the input could be a v4f64 if we're trying
to do the transformation before legalization. We now bail out in this
case.
All illegal types besides v4f64 were already rejected.
Fixes https://llvm.org/bugs/show_bug.cgi?id=28877
Reviewers: jmolloy
Subscribers: aemerson, rengolin, llvm-commits
Differential Revision: https://reviews.llvm.org/D23261
This fixes several ports on AArch64.
Requested by: andrew
MFC after: 3 days
While I'm here, move message status codes to hv_utilreg.h, since they
will be used by the upcoming VSS stuffs.
Submitted by: Hongjiang Zhang <honzhan microsoft com>
MFC after: 1 week
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D8391
Previously most messages included a newline in the string, but a few of
them were missing. Fix these and simplify by just adding the newline in
the _LIBUNWIND_LOG macro itself.
While here correct 'libuwind' typo (missing 'n').
Upstream LLVM libunwind commits r280086 and r280103.
Previously a command like "strings f1 f2 f3" reported the exit status
based only on processing the last file.
As with GNU strings, report an error exit status if an error was
encountered processing any of the files. While here simplify the
exit status handling to just success (0) / failure (1).
Reviewed by: brooks
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8334
The mode of operation (elfcopy, mcs, or strip) is chosen based on the
program name. Broaden this to allow a substring match at the end of the
name to allow prefixes - for example, bsdstrip or aarch64-freebsd-strip.
This improves use of these tools as drop-in replacements for GNU objcopy
and strip, which are often built with a limited set of supported targets
and installed with a target prefix for cross tools.
Reviewed by: dim
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D1663
Summary:
The Freescale e500v2 PowerPC core does not use a standard FPU.
Instead, it uses a Signal Processing Engine (SPE)--a DSP-style vector processor
unit, which doubles as a FPU. The PowerPC SPE ABI is incompatible with the
stock powerpc ABI, so a new MACHINE_ARCH was created to deal with this.
Additionaly, the SPE opcodes overlap with Altivec, so these are mutually
exclusive. Taking advantage of this fact, a new file, powerpc/booke/spe.c, was
created with the same function set as in powerpc/powerpc/altivec.c, so it
becomes effectively a drop-in replacement. setjmp/longjmp were modified to save
the upper 32-bits of the now-64-bit GPRs (upper 32-bits are only accessible by
the SPE).
Note: This does _not_ support the SPE in the e500v1, as the e500v1 SPE does not
support double-precision floating point.
Also, without a new MACHINE_ARCH it would be impossible to provide binary
packages which utilize the SPE.
Additionally, no work has been done to support ports, work is needed for this.
This also means no newer gcc can yet be used. However, gcc's powerpc support
has been refactored which would make adding a powerpcspe-freebsd target very
easy.
Test Plan:
This was lightly tested on a RouterBoard RB800 and an AmigaOne A1222
(P1022-based) board, compiled against the new ABI. Base system utilities
(/bin/sh, /bin/ls, etc) still function appropriately, the system is able to boot
multiuser.
Reviewed By: bdrewery, imp
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D5683
It fails with: "dir/b did not receive NOTE_LINK"
Also, add needed cleanup logic to cleanup the mountpoint after the fact
MFC after: 2 weeks
PR: 213662
Sponsored by: Dell EMC Isilon
- Add inttypes.h #include for PRId64 macro
- Use FreeBSD's copy of getfh(2), which doesn't include a `fh_size` parameter.
Use sizeof(fhandle_t) instead as the size of fhp is always fixed as
fhandle_t, unlike NetBSD's copy of fhp, which is void*.
MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
Unfortunately removing files with uchg set always succeeds with root on
FreeBSD. Unfortunately running the test as an unprivileged user isn't doable
because mounting tmpfs requires root
PR: 212861
Sponsored by: Dell EMC Isilon
The mandoc search database generation uses each page's inode number as
a hash key to index hard linked pages only once. However, it also
processed the pages ordered by hash key resulting in effectively non-
deterministic output.
Instead:
1) provide fts_open() with a comparison function to process directories
and files in a deterministic order
2) in addition to the existing hash, insert pages into a linked list
which will be sorted (by virtue of 1)
3) iterate over pages by the list in 2, instead of hash order
I will work on upstreaming this change.
Reviewed by: bapt
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8213
Don't warn about valid time zone abbreviations. POSIX
through 2000 says that an abbreviation cannot start with ':', and
cannot contain ',', '-', '+', NUL, or a digit. POSIX from 2001
on changes this rule to say that an abbreviation can contain only
'-', '+', and alphanumeric characters from the portable character
set in the current locale. To be portable to both sets of rules,
an abbreviation must therefore use only ASCII letters." Adapted
from tzcode2015f.
This is needed to be able to update tzdata to a newer version
MFC after: 3 days
With a short needle (aka little) musl's memmem could read past the end
of the haystack (aka big). This was fixed in musl commit c718f9f.
Reviewed by: ed
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8137
This commit is from John Marino in dragonfly with the following commit log:
====
This was a CTYPE encoding error involving consecutive points of the same
ctype. It was reported by myself to Illumos over a year ago but I was
unsure if it was only happening on BSD. Given the cause, the bug is also
present on Illumos.
Basically, if consecutive points were of the exact same ctype, they would
be defined as a range regardless. For example, all of these would be
considered equivalent:
<A> ... <C>, <H> (converts to <A> .. <H>)
<A>, <B>, <H> (converts to <A> .. <H>)
<A>, <J> ... <H> (converts to <A> .. <H>)
So all the points that shouldn't have been defined got "bridged" by the
extreme points.
The effects were recently reported to FreeBSD on PR 213013. There are
countless places were the ctype flags are misdefined, so this is a major
fix that has to be MFC'd.
====
This reveals a bad change I did on the testsuite: while 0x07FF is a valid
unicode it is not used yet (reserved for future use)
PR: 213013
Submitted by: marino@
Reported by: Kurtis Rader <krader@skepticism.us>
Obtained from: Dragonfly
MFC after: 1 month
The blacklistd daemon expects to see a message on stdout, instead
of just relying on the exit value from any invoked programs.
Change the pf filtering to create multiple filters, attached under
a the "blacklist/*" anchor point. This prevents the filtering for
each port's filtering rule from overwriting the previously installed
filtering rule. Check for an existing filtering rule for each port,
so the installation of a given filtering rule only happens once.
Reinstalling the same rule resets the counters for the pf rule, and
we don't want that.
Reported by: David Horn (dhorn2000 at gmail.com)
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8081
Sync libarchive with vendor including security fixes.
Important vendor bugfixes (relevant to FreeBSD):
#747: Out of bounds read in mtree parser
#761: heap-based buffer overflow in read_Header (7-zip)
#784: Invalid file on bsdtar command line results in internal errors (1)
PR: 213092 (1)
MFC after: 1 week
The blacklistd daemon attempted to restore the filtering rules
before the database of blocked addresses was opened, so no rules
were being reloaded. Now the rules are properly recreated when the
daemon is started with '-r'.
This bug was fixed locally, and then sent upstream to NetBSD.
This changeset is the import the NetBSD version of the change,
which added debugging output to alert about a null database.
Reviewed by: emaste
Obtained from: NetBSD
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
[x86] don't try to create a vector integer inst for an SSE1 target
(PR30512)
This bug was introduced with:
http://reviews.llvm.org/rL272511
We need to restrict the lowering to v4f32 comparisons because that's
all SSE1 can handle.
This should fix:
https://llvm.org/bugs/show_bug.cgi?id=28044
This avoids a "Do not know how to custom type legalize this operation"
error when building the multimedia/ffmpeg port on i386 with SSE enabled.
build can break when different source files create the same target
files (case-insensitivity speaking). This is the case for object
files compiled with -fpic and shared libraries. The former uses
an extension of ".So", and the latter an extension ".so". Rename
shared object files from *.So to *.pico to match what NetBSD does.
Missed in r306297
MFC after: 1 month
Sponsored by: Bracket Computing
Differential Revision: https://reviews.freebsd.org/D7906
Use mdmfs/mdconfig instead of vndconfig/newfs. vndconfig doesn't exist on FreeBSD.
TODO: need to parameterize out the md(4) device as it's currently hardcoded to "3"
(in both the FreeBSD and NetBSD cases).
MFC after: 1 month
Sponsored by: Dell EMC Isilon
The `mknod <file> p` command doesn't exist on FreeBSD, like on NetBSD. Use
mkfifo instead to create named pipes (FIFOs).
MFC after: 1 month
Sponsored by: Dell EMC Isilon
Similar to r306030, use a simpler method for getting the value of
`hw.pagesize`, i.e. `sysctl -n hw.pagesize`. The awk filtering method doesn't
work on FreeBSD
MFC after: 1 month
Sponsored by: Dell EMC Isilon
Use kldstat -m to determine whether or not a filesystem is loaded. This works
well with tmpfs, ufs, and zfs
MFC after: 1 month
Sponsored by: Dell EMC Isilon
Use a simpler way of dumping kern.maxvnodes, i.e. `sysctl -n kern.maxvnodes`
The awk filtering method employed in NetBSD doesn't work on FreeBSD
MFC after: 1 month
Sponsored by: Dell EMC Isilon
Sync libarchive with vendor including important security fixes.
Issues fixed (FreeBSD):
PR #778: ACL error handling
Issue #745: Symlink check prefix optimization is too aggressive
Issue #746: Hard links with data can evade sandboxing restrictions
This update fixes the vulnerability #3 and vulnerability #4 as reported in
"non-cryptanalytic attacks against FreeBSD update components".
https://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
Fix for vulnerability #2 has already been merged in r304989.
MFC after: 1 week
Security: http://gist.github.com/anonymous/e48209b03f1dd9625a992717e7b89c4f
[PPC] Claim stack frame before storing into it, if no red zone is
present
Unlike PPC64, PPC32/SVRV4 does not have red zone. In the absence of
it there is no guarantee that this part of the stack will not be
modified by any interrupt. To avoid this, make sure to claim the
stack frame first before storing into it.
This fixes https://llvm.org/bugs/show_bug.cgi?id=26519.
Differential Revision: https://reviews.llvm.org/D24093
Add ISD::EH_DWARF_CFA, simplify @llvm.eh.dwarf.cfa on Mips, fix on
PowerPC
LLVM has an @llvm.eh.dwarf.cfa intrinsic, used to lower the
GCC-compatible __builtin_dwarf_cfa() builtin. As pointed out in
PR26761, this is currently broken on PowerPC (and likely on ARM as
well). Currently, @llvm.eh.dwarf.cfa is lowered using:
ADD(FRAMEADDR, FRAME_TO_ARGS_OFFSET)
where FRAME_TO_ARGS_OFFSET defaults to the constant zero. On x86,
FRAME_TO_ARGS_OFFSET is lowered to 2*SlotSize. This setup, however,
does not work for PowerPC. Because of the way that the stack layout
works, the canonical frame address is not exactly (FRAMEADDR +
FRAME_TO_ARGS_OFFSET) on PowerPC (there is a lower save-area offset
as well), so it is not just a matter of implementing
FRAME_TO_ARGS_OFFSET for PowerPC (unless we redefine its semantics --
We can do that, since it is currently used only for
@llvm.eh.dwarf.cfa lowering, but the better to directly lower the CFA
construct itself (since it can be easily represented as a
fixed-offset FrameIndex)). Mips currently does this, but by using a
custom lowering for ADD that specifically recognizes the (FRAMEADDR,
FRAME_TO_ARGS_OFFSET) pattern.
This change introduces a ISD::EH_DWARF_CFA node, which by default
expands using the existing logic, but can be directly lowered by the
target. Mips is updated to use this method (which simplifies its
implementation, and I suspect makes it more robust), and updates
PowerPC to do the same.
Fixes PR26761.
Differential Revision: https://reviews.llvm.org/D24038
[PowerPC] Don't spill the frame pointer twice
When a function contains something, such as inline asm, which
explicitly clobbers the register used as the frame pointer, don't
spill it twice. If we need a frame pointer, it will be saved/restored
in the prologue/epilogue code. Explicitly spilling it again will
reuse the same spill slot used by the prologue/epilogue code, thus
clobbering the saved value. The same applies to the base-pointer or
PIC-base register.
Partially fixes PR26856. Thanks to Ulrich for his analysis and the
small inline-asm reproducer.
[PowerPC] Add support for -mlongcall
The "long call" option forces the use of the indirect calling
sequence for all calls (even those that don't really need it). GCC
provides this option; This is helpful, under certain circumstances,
for building very-large binaries, and some other specialized use
cases.
Fixes PR19098.
Pull in r280041 from upstream clang trunk (by Hal Finkel):
[PowerPC] Add support for -mlongcall
Add support for GCC's PowerPC -mlongcall option; the backend supports
the corresponding target feature as of r280040.
Fixes PR19098.
Don't reduce the width of vector mul if the target doesn't support
SSE2.
The patch is to fix PR30298, which is caused by rL272694. The
solution is to bail out if the target has no SSE2.
Differential Revision: https://reviews.llvm.org/D24288
This fixes building the multimedia/libx264 port on i386.
the end of libc++'s <exception>. This is a workaround for building
Firefox, which generates a rather convoluted maze of standard library
wrapper headers, and this leads to an unfortunate sequence of:
1. wrapper <new> includes libc++ <new>,
2. which includes wrapper <exception>,
3. which includes libc++ <exception>,
4. which includes wrapper <cstdio> (because of -fno-exception),
5. which includes libc++ <new> again,
6. which includes mozalloc.h,
7. which tries to declare operator new with std::bad_alloc,
8. which gives an error because std::bad_alloc is not yet defined.
The <new> inclusion at step 5 does nothing, because the header guard for
<new> was already encountered in step 1. Then when moz_alloc.h tries to
use std::bad_alloc, it is not yet defined, because we are still busy
processing <exception> (where this class is defined) from step 3.
Mozilla has https://bugzilla.mozilla.org/show_bug.cgi?id=1269171 for
this, reported by Jan Beich (jbeich@), but when the fix for it is
applied to Firefox, we get into another, similar problem situation:
1. some header includes wrapper <exception>,
2. which includes libc++ <exception>,
3. which includes wrapper <cstdio> (because of -fno-exceptions),
4. which includes mozalloc.h,
5. which includes wrapper <new>,
6. which includes libc++ <new>,
7. which gives an error defining std::bad_alloc, because std::exception
is not yet defined.
At step 3, we were at the top of libc++'s <exception>, and at that point
std::exception is not yet defined. At step 6, <new> does include
<exception> again, but similar to step 5 in the previous problem case,
the header guard was already encountered, so the whole header is
skipped.
In upstream libc++'s later revisions r279744 and r279763, the reason for
including <cstdio> and <cstdlib> was nullified again, but these commits
are rather large and intrusive. Therefore, move the includes to the
bottom of the file, just before where they are needed. At that point,
std::exception is already fully defined.
Suggested by: Jörg Sonnenberger
format specifier for pointers when printing them out with printf(3)
MFC after: 57 days
Pointyhat to: ngie
Reported by: bz, cy, Jenkins (i386 job)
Submitted by: cy
Sponsored by: EMC / Isilon Storage Division
- Require root in the tcp/udp subtests (it's needed on FreeBSD when
registering services).
- Skip the tests if service registration fails.
MFC after: 59 days
X-MFC with: r305358
Reported by: Jenkins, rodrigc
Sponsored by: EMC / Isilon Storage Division
Sync libarchive with vendor
Vendor issues fixed:
PR #777: Multiple bugfixes for setup_acls()
This includes a bugfix for a bug that caused ACLs not to be read properly
for files and directories inside subdirectories and as a result not being
stored or being incorrectly stored in tar archives.
MFC after: 3 days
process. We don't *quite* pull that number out of our backside, as
the actual number is difficult to determine without modifying the VM
system to report it, but it's still useful to get an idea of what's
going on when a machine unexpectedly starts swapping.
MFC after: 1 week
$ echo x | awk '/[[:cntrl:]]/'
x
The NUL character in cntrl class truncates the pattern, and an empty
pattern matches anything. The patch skips NUL as a quick fix.
PR: 195792
Submitted by: kdrakehp@zoho.com
Approved by: bwk@cs.princeton.edu (the author)
MFC after: 3 days
FreeBSD always delivers all signals sent with sigqueue, except when
dealing with low memory conditions according to kib (see
bug # 212173 comment # 5).
In collaboration with: kib
PR: 212173
Sponsored by: EMC / Isilon Storage Division
[AArch64] Return the correct size for TLSDESC_CALLSEQ
The branch relaxation pass is computing the wrong offsets because it assumes
TLSDESC_CALLSEQ eats up 4 bytes, when in fact it is lowered to an instruction
sequence taking up 16 bytes. This can become a problem in huge files with lots
of TLS accesses, as it may slowly move branch targets out of the range computed
by the branch relaxation pass.
Fixes PR24234 https://llvm.org/bugs/show_bug.cgi?id=24234
Differential Revision: https://reviews.llvm.org/D22870
This fixes "error in backend: fixup value out of range" when compiling
the misc/talkfilters port for AArch64.
Reported by: sbruno
PR: 201762
MFC after: 3 days
Improvements include:
* readelf: report all relocation types in rel/rela for MIPS N64
* readelf: add ELFOSABI_ARM_AEABI
* elfdump: add ELFOSABI_ARM_AEABI and ELFOSABI_ARM
* Add recent RISC-V relocations
* elfcopy: use elftc_timestamp, to support SOURCE_DATE_EPOCH
Sponsored by: The FreeBSD Foundation
Bring older verbatim version of cpuid.h
This file is used regularly in FreeBSD builds but we usually use the
similar file provided by clang.
By providing the older file introduced in GCC 4.3, we hope to mimic
better what is provided by an external toolchain.
Obtained from: GCC-4_3-branch (SVN rev. 129548, pre GPLv3)
contrib/tnftp/src/ftp.c:2067:11: error: implicit conversion from 'int'
to 'char' changes value from 255 to -1 [-Werror,-Wconstant-conversion]
buf[0] = IAC;
~ ^~~
/usr/include/arpa/telnet.h:39:13: note: expanded from macro 'IAC'
#define IAC 255 /* interpret as command: */
^~~
contrib/tnftp/src/ftp.c:2068:11: error: implicit conversion from 'int'
to 'char' changes value from 244 to -12 [-Werror,-Wconstant-conversion]
buf[1] = IP;
~ ^~
/usr/include/arpa/telnet.h:50:12: note: expanded from macro 'IP'
#define IP 244 /* interrupt process--permanently */
^~~
Use an unsigned char buffer instead.
MFC after: 1 week
We brought an original __COUNTER__ implementation in r228474, however, it
was missing documentation and it had a different behaviour for precompiled
headers with respect to the upstream version. Since the upstream version
is under the same license as GCC4.2, bring the missing pieces to reduce
differences against upstream.
Optained from: GCC pre-4.3 (rev. 125041 ; GPLv2)
to -32768 when it is used as an argument to mp_itom(), in both libtelnet
and newkey. This code has been wrong since r26238 (!), so after almost
20 years it is rather useless to try to correct it.
MFC after: 1 week
The dirname output change bug is actively being worked on, and this
commit will need to be reverted once it's fixed.
MFC after: never
PR: 212193
Sponsored by: EMC / Isilon Storage Division
Sync libarchive with vendor including security fixes
Vendor issues fixed:
Issue #731: Reject tar entries >= INT64_MAX
Issue #744 (part of Issue #743): Enforce sandbox with very long pathnames
Issue #748: Zip decompression failure with highly-compressed data
Issue #767: Buffer overflow printing a filename
Issue #770: Zip read: be more careful about extra_length
MFC after: 3 days
macro is defined in lots of different places in ipfilter, so replace all
of the nonportable definitions with portable ones.
Pointy hat to: dim
X-MFC-With: r304959, r304953
MFC after: 3 days
positive diagnostics from -Wvarargs about enum parameters, e.g.:
cddl/contrib/opensolaris/lib/libnvpair/libnvpair.c:388:15: error: passing an object that undergoes default argument promotion to 'va_start' has undefined behavior
[-Werror,-Wvarargs]
va_start(ap, which);
^
cddl/contrib/opensolaris/lib/libnvpair/libnvpair.c:382:66: note: parameter of type 'enum nvlist_prtctl_fmt' is declared here
nvlist_prtctl_dofmt(nvlist_prtctl_t pctl, enum nvlist_prtctl_fmt which, ...)
^
conversions from int to short changing the values. This applies to
B38400 and higher, since their values do not fit into a short.
However, since the wrapped values are still unique, and they only serve
as keys, there is no problem in adding a cast to silence the warnings.
This also avoids changing the ABI, which would happen if we changed
NCURSES_OSPEED to int.
Discussed with: Thomas Dickey
MFC after: 1 week
Sync libarchive with vendor including security fixes
Vendor issues fixed:
Issue #731: Reject tar entries >= INT64_MAX
Issue #744 (part of Issue #743): Enforce sandbox with very long pathnames
Issue #748: Zip decompression failure with highly-compressed data
Issue #767: Buffer overflow printing a filename
Issue #770: Zip read: be more careful about extra_length
MFC after: 3 days
- Return appropriate error code instead of ENOMEM when sosend() fails in
send_mpa_req.
- Fix for problematic race during destroy_qp.
- Abortive close in the failure of send_mpa_reject() instead of normal close.
- Remove the unnecessary doorbell flowcontrol logic.
Submitted by: Krishnamraju Eraparaju at Chelsio
MFC after: 1 month
Sponsored by: Chelsio communications
For some odd reason SIGINT is only being delivered once, as opposed to multiple
times.
Disclaimer: this test was run on a kernel built on 08/14/2016. Need to build a
new kernel and rerun the test.
kern.vm_guest == none -> not a virtual machine
It's a bit of a misnomer with the function being named `isQEMU`... but FreeBSD's
support seems to be a bit more all-encompassing than NetBSD's is today.
Sponsored by: EMC / Isilon Storage Division
Per jemalloc(3)/aligned_alloc(3), the behavior is undefined if the size
isn't an integral multiple of the alignment. Thus, this is a NetBSD-specific
test.
Sponsored by: EMC / Isilon Storage Division
Update from sqlite3-3.12.1 (3120100) to sqlite3-3.14.1 (3140100).
This commit addresses the tmpdir selection vulnerability fixed in
sqlite3-1.13.0. See VuXML entry 546deeea-3fc6-11e6-a671-60a44ce6887b.
Security: VuXML 546deeea-3fc6-11e6-a671-60a44ce6887b
Security: CVE-2016-6153
