This module allows controlled privilege escallation via mac labels
securely associated with a process via mac_veriexec.
There are over 700 PRIV_* but we can compress many of them into
a single GBL_* thus constraining the size of gbl labels.
The goal is to allow a daemon to run as an unprivileged process while
still being able a set of privileged operations needed.
We add APIs to libveriexec so that userland processes can check labels
and an exec_script API that allows a suitably labeled process to run
something like a python interpreter directly if necessary;
overcomming the 'indirect' flag applied to the interpreter.
Add -l option to sbin/veriexec to report labels.
Reviewed by: stevek
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D41431
Move the timerfd impelemntation from linux compat code to sys/kern. Use
it to implement the new system calls for timerfd. Add a hook to kern_tc
to allow timerfd to know when the system time has stepped. Add kqueue
support to timerfd. Adjust a few names to be less Linux centric.
RelNotes: YES
Reviewed by: markj (on irc), imp, kib (with reservations), jhb (slack)
Differential Revision: https://reviews.freebsd.org/D38459
Right now we have to zero-initialize most fields in the varius callers,
but this is a little error prone. Simplify it by zeroing it out upon
allocation instead, drop the other redundant initialization.
Reviewed by: markj
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D41546
In 693f88c9da ("iconv_std: complete the //IGNORE support"), we
more completely implemented //IGNORE, which changed the semantics of
ci_discard_ilseq. DISCARD_ILSEQ semantics are supposed to match
//IGNORE, so we really can't do much about that particular
incompatibility. This broke c*rtomb and mbrtoc* handling of invalid
sequences, but it turns out they don't want DISCARD_ILSEQ semantics at
all; they really want the subset that we call
_CITRUS_ICONV_F_HIDE_INVALID.
This restores the exact flow in iconv_std to precisely how it happened
prior to 693f88c9da.
PR: 265871
Fixes: 693f88c9da ("iconv_std: complete the //IGNORE support")
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D41513
This is an attempt at clean-room implementation of the Linux'
membarrier(2) syscall. For documentation, you would need to read
both membarrier(2) Linux man page, the comments in Linux
kernel/sched/membarrier.c implementation and possibly look at
actual uses.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D32360
On FreeBSD, ZSTD_ASM_SUPPORTED is defined as 0, but on macOS and Linux
it is defined as 1, yet we don't build any of the assembly sources.
Rather than add them just for bootstrapping on non-FreeBSD, explicitly
define ZSTD_DISABLE_ASM so they're not needed and everything is
consistent.
This fixes building a bootstrap LLVM toolchain on non-FreeBSD amd64 (the
only architecture with assembly available).
Reviewed by: emaste, imp
Differential Revision: https://reviews.freebsd.org/D41543
This changeset adds a baseline implementation of memcmp and bcmp
for amd64. The same code is used for both functions with conditional
code were the behaviour differs (we need more precise output for the
memcmp case).
FreeBSD documents that memcmp returns the difference between the
mismatching characters. Slightly faster code would be possible could
we relax this requirement to the ISO/IEC 9899:1999 requirement of
merely returning a negative/positive integer or zero.
Performance is better than bionic and glibc, except for long strings
were the two are 13% faster. This could be because they use SSE4
ptest which we cannot use in a baseline kernel.
Sponsored by: The FreeBSD Foundation
Approved by: mjg
Differential Revision: https://reviews.freebsd.org/D41442
This commit adds a baseline implementation of stpcpy(3) for amd64.
It performs quite well in comparison to the previous scalar implementation
as well as agains bionic and glibc (though glibc is faster for very long
strings). Fiddle with the Makefile to also have strcpy(3) call into the
optimised stpcpy(3) code, fixing an oversight from D9841.
Sponsored by: The FreeBSD Foundation
Reviewed by: imp ngie emaste
Approved by: mjg kib
Fixes: D9841
Differential Revision: https://reviews.freebsd.org/D41349
pthread_getname_np needs to be provided by libc in order to import
jemalloc 5.3.0.
A stub implementation for libc pthread_getname_np() is added for
_pthread_stubs.c, which always reports empty name for the main thread.
Internal _pthread_getname_np() is not exported, but provided for libc
own use.
Reviewed by: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41461
It was originally in contrib, and moved to usr.sbin in 6692aa840c1f; I always thought lib would make more sense but never got around to moving it.
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D41504
- Prune headers and tests no longer installed after the upgrade.
- Remove GoogleTest-related files when MK_GOOGLETEST == no.
- Disable `-Werror` with gcc to unbreak the gcc12 CI run with
`lib/googletest`. Any issues found by g++ will be filed
upstream and hopefully resolved in a future version.
- Remove clang -Werror issues which are resolved in version 1.14.0 to
avoid masking valid issues.
MFC after: 1 week
MFC with: 28f6c2f292
Create a stdlib/malloc to hold the definition of the malloc interface
(e.g., the Symbol.map file) and make jemalloc a subdirectory. This will
make it easier to integrate alternative allocators such as snmalloc
while making it clear that the current jemalloc symbols are the FreeBSD
API/ABI (for better or worse).
Suggested by: jrtc27
Reviewed by: jrtc27, emaste
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D41457
All jemalloc sources are in contrib so don't look for them in the
jemalloc subdirectory.
Reviewed by: jrtc27, emaste
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D41481
There's a hierarchy here and we should use it.
Improves: cbeacb7c46
Reviewed by: jrtc27, jhb, emaste
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D41456
This likely documented where this file was copied, but the $FreeBSD$
tag was lost as soon as it was committed. Just remove it. Also remove
the one that looked like it was intended to track versions. That will
simplify the MFC.
Sponsored by: Netflix
During the life-cycle of the patch that landed as 0bc26e3254, the
variable names changed and I missed that in the rebase. Use the proper
TARGET_TRIPLE_ABI.
Fixes: 0bc26e3254
Sponsored by: Netflix
These configuration headers were only guessed, but unfortunately not exactly
correctly. Therefore, re-generate them on real HW.
Generated on CA15, verified on CA9, CA7(with VFP lite) and on 32-bit ARMv9.
PR: 272229
Reported by: Robert Clausecker <fuz@FreeBSD.org>
MFC after: 2 weeks
This makes it possible to install kerberos-lib (which is used by common
utilities such as curl) without pulling in the rest of kerberos.
MFC after: 1 week
GoogleTest 1.14.0 now requires C++14 to build. Change
`googletest.test.inc.mk` to reflect this requirement.
Adjust the build integration logic to handle the new version of
GoogleTest (add/remove headers/sources as needed).
Tighten down warnings via `CXXFLAGS.clang` instead of ignoring all
warnings. Some new warnings snuck in after I did my last round of fix
submissions upstream.
Also address some overlinking added in the previous version import by
removing superfluous libraries.
===============================
Expect WhenDynamicCastToTest.AmbiguousCast to fail
This change reapplies the expected failure from 1.10.0.
Ref: https://github.com/google/googletest/issues/2172
MFC after: 2 weeks
Reviewed by: asomers, emaste
Differential Revision: https://reviews.freebsd.org/D41399
Merge commit '8ef491440fcaec96f899d73e08873426c78583a4' into googletest-v1.14.0-import
Apparently there are applications that resolve dl_iterate_phdr from libc
and try to call the symbol. Our libc only provides stubs for dl* to
satisfy static linker or statically linked binaries, and is not prepared
to this situation.
Add a code to dso libc to find real dl_iterate_phdr and redirect the
call to it.
Reported by: yuri
PR: 272992
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Also use __func__ rather than hardcoding the function name. This code
now fits in 80 columns without splitting the log message.
Reviewed by: zlei
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39619
The closing parenthesis was in the wrong location, so instead of assigning the return value to krbret and then comparing it to zero, we were assigning the result of the comparison to krbret and then comparing that to zero. This has no practical significance since the value is not used after the loop terminates.
PR: 229719
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D41299
Unzip from FreeBSD has been ported to libarchive.
Change usr.bin/unzip to use bsdunzip from libarchive.
Differential Revision: https://reviews.freebsd.org/D41239
PR: 272845 (exp-run)
MFC after: 1 month
