Code analysis and runtime analysis using truss(8) indicate that the only
privileged operations performed by ntpd are adjusting system time, and
(re-)binding to privileged UDP port 123. These changes add a new mac(4)
policy module, mac_ntpd(4), which grants just those privileges to any
process running with uid 123.
This also adds a new user and group, ntpd:ntpd, (uid:gid 123:123), and makes
them the owner of the /var/db/ntp directory, so that it can be used as a
location where the non-privileged daemon can write files such as the
driftfile, and any optional logfile or stats files.
Because there are so many ways to configure ntpd, the question of how to
configure it to run without root privs can be a bit complex, so that will be
addressed in a separate commit. These changes are just what's required to
grant the limited subset of privs to ntpd, and the small change to ntpd to
prevent it from exiting with an error if running as non-root.
Differential Revision: https://reviews.freebsd.org/D16281
Prevent installation of an all-zero TK.
This is also upline git commit 53bb18cc8b7a4da72e47e4b3752d0d2135cffb23.
Obtained from: https://w1.fi/security/2017-1/\
rebased-v2.6-0004-Prevent-installation-\
of-an-all-zero-TK.patch
X-MFC-with: r336203
libibverbs example utilities.
This allows connecting to both IPv4 and IPv6 and reverts
some FreeBSD only patches.
MFC after: 1 week
Sponsored by: Mellanox Technologies
Add the ability to to parse sysfs paths to sysctl nodes by replacing '/' with '.'
Submitted by: slavash@
MFC after: 1 week
Sponsored by: Mellanox Technologies
Request init/fini array on FreeBSD 12 and later
Summary:
It seems a bad idea to change the default in the middle of a release
branch due to possible changes in global ctor / dtor ordering between
.ctors and .init_array. With FreeBSD 11.0's release imminent lets
change the default now for FreeBSD 12 (the current development
stream) and later.
FreeBSD rtld has supported .init_array / .fini_array for many years.
As of Jan 1 2017 all supported FreeBSD releases and branches will
have support.
Reviewers: dim, brooks, arichardson
Reviewed By: dim, brooks, arichardson
Subscribers: bsdjhb, krytarowski, emaste, cfe-commits
Differential Revision: https://reviews.llvm.org/D24867
Requested by: jhb
MFC after: 3 days
auditd_wait_for_events() relies on read(2) being interrupted by signals,
but it registers signal handlers with signal(3), which sets SA_RESTART.
That breaks asynchronous signal handling. It means that signals don't
actually get handled until after an audit(8) trigger is received.
Symptoms include:
* Sending SIGTERM to auditd doesn't kill it right away; you must send
SIGTERM and then send a trigger with auditon(2).
* Same with SIGHUP
* Zombie child processes don't get reaped until auditd receives a trigger
sent by auditon. This includes children created by expiring audit trails
at auditd startup.
Fix by using sigaction(2) instead of signal(3).
Cherry pick https://github.com/openbsm/openbsm/commit/d060887
PR: 229381
Reviewed by: cem
Obtained from: OpenBSM
MFC after: 2 weeks
Differential Revision: https://github.com/openbsm/openbsm/pull/36
The issue was caused by header pollution brought by GCC 8.1.
We now have to remove include-fixed headers in the GCC installation
directory.
Sponsored by: DARPA, AFRL
Pointed out by: jhb
o Also move printf.h to go after it since it does require declaration
of va_list.
This fixes build with latest RISC-V GNU Toolchain with GCC 8.1
Sponsored by: DARPA, AFRL
For developers gensnmptree can now generate functions for enums to convert
between enums and strings and to check the validity of a value.
The sources in FreeBSD are now in sync with the upstream which allows to
bring in IPv6 modifications.
- Change the C++ directory entries to honor --sysroot if it is set.
- Don't define CROSS_INCLUDE_DIR for the cross compiler. Instead, set
TARGET_SYSTEM_ROOT to point to WORLDTMP and always define
STANDARD_INCLUDE_DIR.
- Change STANDARD_INCLUDE_DIR and the C++ include directories to just
start with "/usr" always. The compiler will prepend the sysroot when
doing cross-builds. GCC_INCLUDE_DIR (which contains headers that ship
with the compiler such as intrinsincs rather than OS-supplied headers)
remains hardcoded to look in TOOLS_PREFIX.
Reviewed by: bdrewery (older version)
Sponsored by: DARPA / AFRL
Differential Revision: https://reviews.freebsd.org/D15127
Magic file for dump(8) had this dump and previous dump dates reversed.
Fix order for all three flavours of the dump(8) format.
This fix was committed to upstream repo as magic/Magdir/dump,v 1.17
and will be merged during next vendor import.
PR: 223155
MFC after: 2 weeks
The local hostname was blindly copied into the to the nn_name array.
When the hostname exceeded 16 bytes, it would overflow. Truncate the
hostname to 15 bytes plus a 0 terminator which is the "workstation name"
suffix.
Use defensive strlcpy() when filling nn_name in all cases.
PR: 228354
Reported by: donald.buchholz@intel.com
Reviewed by: jpaetzel, ian (prior version)
Discussed with: Security Officer (gtetlow)
MFC after: 3 days
Security: Stack overflow with the hostname.
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15936
o Restore floating-point registers in jumpto()
These are required to native cross build GCC and GDB
(both do require libc++ and libunwind).
These are not tested.
Sponsored by: DARPA, AFRL
When running mckey, errors may happen in the init/connect stage.
When leaving multicast groups, we override this value.
Fix that by saving the return value from rdma_leave_multicast to different
parameter, and only in case of failure in rdma_leave_multicast override it.
MFC after: 1 week
Approved by: hselasky (mentor), kib (mentor)
Sponsored by: Mellanox Technologies
Aligns the build with the FreeBSD traditional approach to not build in
contrib/, and to track inter-dependencies between libraries.
With help from: bdrewery
Reviewed by: bdrewery, hselasky
Sponsored by: Mellanox Technologies
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D15648
- Restore local change to include <net/bpf.h> inside pcap.h.
This fixes ports build problems.
- Update local copy of dlt.h with new DLT types.
- Revert no longer needed <net/bpf.h> includes which were added
as part of r334277.
Suggested by: antoine@, delphij@, np@
MFC after: 3 weeks
Sponsored by: Mellanox Technologies
Upstream change ed47534 consciously added some redundant functional
declarations, and I'm not sure why. AFAICT they were never required. On
FreeBSD, they break the build with GCC (but not Clang) for any program
including libbsm.h with WARNS=6.
Fix by cherry-picking upstream change
https://github.com/openbsm/openbsm/commit/0553c27
Reported by: emaste
Reviewed by: cem
Obtained from: OpenBSM
MFC after: 2 weeks
Pull Request: https://github.com/openbsm/openbsm/pull/31
Vendor import two upstream commits:
c1bb8784abd3ca978e376b0d10e324db0491237b
9c4af7213cc2543a1f5586d8f2c19f86aa0cbe72
When using tcpdump -I -i wlanN and wlanN is not a monitor mode VAP,
tcpdump will print an error message saying rfmon is not supported.
Give a concise explanation as to how one might solve this problem by
creating a monitor mode VAP.
MFC after: 1 month
Approved by: hselasky (mentor), kib (mentor)
Sponsored by: Mellanox Technologies
- Add xo_format_is_numeric() with improved logic to decide if format
strings are numeric, so json output quotes them
- Convert docs to sphinx/rst
- update tests
Includes fix for PR 221676:
27d3021cc3 (diff-5a0d468963477f7daedb8308c219dd80)
PR: 221676
MFC after: 5 days
Merge the latest file(1) in.
Relevent Changelog:
- extend the support for ${x?:} expansions for magic descriptions
- add support for ${x?:} in mime types to handle pie binaries.
- add support for negative offsets (offsets from the end of file)
- close the file on error when writing magic
Relnotes: yes
We've been maintaining top(1) for a long time, and the upstream
hasn't existed/been used in similarly as long. Make it clear that we own
top(1)
Tested with 'make universe'. Everything passed except MIPS which failed
for unrelated reasons. Install also tested for amd64.
Reviewed by: sbruno
No objections: imp, mmacy
Differential Revision: https://reviews.freebsd.org/D15387
PeepholeOpt cleanup/refactor; NFC
- Less unnecessary use of `auto`
- Add early `using RegSubRegPair(AndIdx) =` to avoid countless
`TargetInstrInfo::` qualifications.
- Use references instead of pointers where possible.
- Remove unused parameters.
- Rewrite the CopyRewriter class hierarchy:
- Pull out uncoalescable copy rewriting functionality into
PeepholeOptimizer class.
- Use an abstract base class to make it clear that rewriters are
independent.
- Remove unnecessary \brief in doxygen comments.
- Remove unused constructor and method from ValueTracker.
- Replace UseAdvancedTracking of ValueTracker with DisableAdvCopyOpt
use.
Even though upstream marked this as "No Functional Change", it does
contain some functional changes, and these fix a compiler hang for one
particular source file in the devel/godot port.
PR: 228261
MFC after: 3 days
