Commit Graph

9199 Commits

Author SHA1 Message Date
Thomas Munro
cc7edd258c Add collation version support to querylocale(3).
Provide a way to ask for an opaque version string for a locale_t, so
that potential changes in sort order can be detected.  Similar to
ICU's ucol_getVersion() and Windows' GetNLSVersionEx(), this API is
intended to allow databases to detect when text order-based indexes
might need to be rebuilt.

The CLDR version is extracted from CLDR source data by the Makefile
under tools/tools/locale, written into the machine-generated Makefile
under shared/colldef, passed to localedef -V, and then written into
LC_COLLATE file headers.  The initial version is 34.0.
tools/tools/locale was recently updated to pull down 35.0, but the
output hasn't been committed under share/colldef yet, so that will
provide the first observable change when it happens.  Other versioning
schemes are possible in future, because the format is unspecified.

Reviewed by:	bapt, 0mp, kib, yuripv (albeit a long time ago)
Differential Revision:	https://reviews.freebsd.org/D17166
2020-11-08 02:50:34 +00:00
Stefan Eßer
23b4092837 Re-arrange some of the code to separate writable user tree variables from
R/O variables.

While here fix some nearby style. No functional change intended.

MFC after:	1 month
2020-11-02 18:48:06 +00:00
Stefan Eßer
1ebef47735 Make sysctl user.local a tunable that can be written at run-time
This sysctl value had been provided as a read-only variable that is
compiled into the C library based on the value of _PATH_LOCALBASE in
paths.h.

After this change, the value is compiled into the kernel as an empty
string, which is translated to _PATH_LOCALBASE by the C library.

This empty string can be overridden at boot time or by a privileged
user at run time and will then be returned by sysctl.

When set to an empty string, the value returned by sysctl reverts to
_PATH_LOCALBASE.

This update does not change the behavior on any system that does
not modify the default value of user.localbase.

I consider this change as experimental and would prefer if the run-time
write permission was reconsidered and the sysctl variable defined with
CLFLAG_RDTUN instead to restrict it to be set at boot time.

MFC after:	1 month
2020-10-31 23:48:41 +00:00
Stefan Eßer
3b9795a2e8 Fix reversed condition after attempted style fix in r367196
Reported by:	xtouqh@hotmail.com
MFC after:	3 days
2020-10-31 12:10:43 +00:00
Stefan Eßer
d86926912c Fix style, no functional change
Submitted by:	kib
MFC after:	3 days
2020-10-31 11:44:10 +00:00
Stefan Eßer
77b793c465 Update man-pages to describe the user.localbase variable added in r367179.
MFC after:	3 days
2020-10-30 19:37:53 +00:00
Stefan Eßer
147eea393f Add read only sysctl variable user.localbase
The value is provided by the C library as for other sysctl variables in
the user tree. It is compiled in and returns the value of _PATH_LOCALBASE
defined in paths.h.

Reviewed by:	imp, scottl
Differential Revision:	https://reviews.freebsd.org/D27009
2020-10-30 18:48:09 +00:00
Brooks Davis
b0bffa3a4c Disable ssp raw test without ASAN
r366981 disabled ASAN when it might not be reliable (with an external
compiler), but this test is broken without ASAN so disable it completely
in that case.

PR:		250706
Reviewed by:	emaste, lwhsu
Differential Revision:	https://reviews.freebsd.org/D26982
2020-10-28 23:10:54 +00:00
Edward Tomasz Napierala
bce7ee9d41 Drop "All rights reserved" from all my stuff. This includes
Foundation copyrights, approved by emaste@.  It does not include
files which carry other people's copyrights; if you're one
of those people, feel free to make similar change.

Reviewed by:	emaste, imp, gbe (manpages)
Differential Revision:	https://reviews.freebsd.org/D26980
2020-10-28 13:46:11 +00:00
Alan Cox
76c7af51ab Revise the description of MAP_STACK. In particular, describe the guard
in more detail.

Reviewed by:	bcr, kib, markj
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26908
2020-10-27 18:08:33 +00:00
Stefan Eßer
1f474190fc Replace literal uses of /usr/local in C sources with _PATH_LOCALBASE
Literal references to /usr/local exist in a large number of files in
the FreeBSD base system. Many are in contributed software, in configuration
files, or in the documentation, but 19 uses have been identified in C
source files or headers outside the contrib and sys/contrib directories.

This commit makes it possible to set _PATH_LOCALBASE in paths.h to use
a different prefix for locally installed software.

In order to avoid changes to openssh source files, LOCALBASE is passed to
the build via Makefiles under src/secure. While _PATH_LOCALBASE could have
been used here, there is precedent in the construction of the path used to
a xauth program which depends on the LOCALBASE value passed on the compiler
command line to select a non-default directory.

This could be changed in a later commit to make the openssh build
consistently use _PATH_LOCALBASE. It is considered out-of-scope for this
commit.

Reviewed by:	imp
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D26942
2020-10-27 11:29:11 +00:00
John-Mark Gurney
0fda26dbb3 update write(2)'s iovec limit w/ info about the iosize_max_clamp sysctl... 2020-10-26 00:37:31 +00:00
Warner Losh
b38d86a585 warnx: fix needless static
I noticed after the review that these shouldn't be static. Remove the
'static' from them, otherwise concurrent calls to warn* might see a
similar but to the original.
2020-10-24 00:03:11 +00:00
Warner Losh
4e0771b2da warnx: Save errno across calls that might change it.
When warn() family of functions is being used after err_set_file() has
been set to, for example, /dev/null, errno is being clobbered,
rendering it unreliable after, for example, procstat_getpathname()
when it is supposed to emit a warning. Then the errno is changed to
Inappropriate ioctl for device, destroying the original value (via
calls to fprintf()functions).

Submitted by: Juraj Lutter
Differential Revision: https://reviews.freebsd.org/D26871
2020-10-23 23:56:00 +00:00
Brooks Davis
3e7449a37b Only use ASAN when using the in-tree compiler
When building FreeBSD 11 on a FreeBSD 12 system with
CROSS_TOOLCHAIN=llvm10 we end up trying to link against the packaged
version of the sanitizer library.  This resulted in a requirement for
getentropy(3) which is not present in FreeBSD 11.

Reviewed by:	emaste
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D26903
2020-10-23 22:27:45 +00:00
Konstantin Belousov
69c09181d4 mmap(2): Document guard size for MAP_STACK and related EINVAL.
Based on submission by:	emaste
Reviewed by:	emaste, markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D26894
2020-10-21 21:40:33 +00:00
Xin LI
5011fb430a Further refinements of ptsname_r(3) interface:
- Hide ptsname_r under __BSD_VISIBLE for now as the specification
   is not finalized at this time.
 - Keep Symbol.map sorted.
 - Avoid the interposing of ptsname_r(3) from an user application
   from breaking ptsname(3) by making the implementation a static
   method and call the static function from ptsname(3) instead.

Reported by:	kib
Reviewed by:	kib, jilles
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26845
2020-10-20 01:29:45 +00:00
Xin LI
3e7224dffe Implement ptsname_r.
MFC after:	2 weeks
PR:		250062
Reviewed by:	jilles, 0mp, Ray <i maskray me>
Differential Revision:	https://reviews.freebsd.org/D26647
2020-10-17 04:14:38 +00:00
Kyle Evans
6d55b98d52 libc: typo fix (s/involes/involves)
Reported by:	Masahiko Sawada via twitter
MFC after:	3 days
2020-10-16 17:51:09 +00:00
Alex Richardson
c2ca066705 Fix building on Linux/macOS after r366622
We have to bootstrap arc4random.c, so guard the FenestrasX code to avoid
using it on Linux/macOS.

Reviewed By:	cem
Differential Revision: https://reviews.freebsd.org/D26738
2020-10-12 10:42:14 +00:00
Conrad Meyer
f8e8a06d23 random(4) FenestrasX: Push root seed version to arc4random(3)
Push the root seed version to userspace through the VDSO page, if
the RANDOM_FENESTRASX algorithm is enabled.  Otherwise, there is no
functional change.  The mechanism can be disabled with
debug.fxrng_vdso_enable=0.

arc4random(3) obtains a pointer to the root seed version published by
the kernel in the shared page at allocation time.  Like arc4random(9),
it maintains its own per-process copy of the seed version corresponding
to the root seed version at the time it last rekeyed.  On read requests,
the process seed version is compared with the version published in the
shared page; if they do not match, arc4random(3) reseeds from the
kernel before providing generated output.

This change does not implement the FenestrasX concept of PCPU userspace
generators seeded from a per-process base generator.  That change is
left for future discussion/work.

Reviewed by:	kib (previous version)
Approved by:	csprng (me -- only touching FXRNG here)
Differential Revision:	https://reviews.freebsd.org/D22839
2020-10-10 21:52:00 +00:00
Gordon Bergling
3d265fce43 Fix a few mandoc issues
- skipping paragraph macro: Pp after Sh
- sections out of conventional order: Sh EXAMPLES
- whitespace at end of input line
- normalizing date format
2020-10-09 19:12:44 +00:00
Mark Johnston
afd95785c0 newlocale(3): Fix a memory leak.
newlocale() optionally takes a "base" locale, from which components not
specified in the mask are inherited.  POSIX says that newlocale() may
modify "base" and return it, or free "base" and return a newly allocated
locale.  We were not doing either, so applications which use newlocale()
to modify an existing base locale end up leaking memory on FreeBSD.

This diff fixes the leak by releasing a reference to the base locale
before returning.  This is less efficient than modifying "base"
directly, but is simpler for an initial bug fix.  Also, update the man
page to clarify behaviour with respect to "base".

PR:		249416
MFC after:	3 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D26522
2020-10-02 18:35:55 +00:00
Kyle Evans
320ef1bef0 auxv: partially revert r366207, cast buflen to unsigned int as needed
The warning generated pre-r366207 is actually a sign comparison warning:

error: comparison of integers of different signs: 'unsigned long' and 'int'
                        if (strlcpy(buf, execpath, buflen) >= buflen)

Revert parts that affected other lines and just cast this to unsigned int.

The buflen < 0 -> EINVAL has been kept despite no longer serving any
purposes w.r.t. sign-extension because I do believe it's the right thing to
do: "The provided buffer was not the right size for the requested item."

The original warning is confirmed to still be gone with an:
env WARNS=6 make WITHOUT_TESTS=yes.

Reviewed by:	asomers, kib
X-MFC-With:	r366207
Differential Revision:	https://reviews.freebsd.org/D26631
2020-10-01 19:56:38 +00:00
Enji Cooper
c9d175ea90 Eliminate duplicate afterinstallconfigs target
Define separate dependent targets which `afterinstallconfigs` relies on, in
order to modify `${DESTDIR}/etc/master.passwd` and
`${DESTDIR}/etc/nsswitch.conf`.

Mark these targets .PHONY, since they manipulate configurations on the fly and
the generation logic isn't 100% defined in terms of the source files/logic,
and is variable, based on MK_foo flags.

MFC after:	2 weeks
Reviewed by:	bapt, brd
Differential Revision:	https://reviews.freebsd.org/D20330
2020-10-01 16:37:49 +00:00
Warner Losh
61c4a6f317 Updates to chroot(2) docs
1. Note what settings give historic behavior
2. Recommend jail under security considerations.
2020-09-29 18:13:54 +00:00
Alan Somers
d14f60e9ba Misc compiler warning fixes in lib/libc
Reviewed by:	kevans, imp
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26534
2020-09-27 22:26:41 +00:00
Alan Somers
90ec6a3035 lib/libc/tests/iconv: raise WARNS to 6
MFC after:	2 weeks
2020-09-24 21:42:44 +00:00
Alan Somers
9f036e84fb lib/libc/tests/sys: raise WARNS to 6
MFC after:	2 weeks
2020-09-24 21:39:09 +00:00
Brandon Bergren
b257310103 [PowerPC64LE] Fix gdtoa configurations on LE.
gdtoa wins the award for "most outdated endianness naming convention"
with its IEEE_8087 vs IEEE_MC68k defines. I had a good chuckle.

Update softfloat and arith.h to adjust to BE or LE automatically
based on the low level preprocessor defines.

Fixes printf/scanf on PowerPC64LE, although there is still a problem
lurking regarding Signalling NaNs...

Sponsored by:	Tag1 Consulting, Inc.
2020-09-23 02:05:44 +00:00
Brandon Bergren
24faccc241 [PowerPC64LE] Use a shared LIBC_ARCH for powerpc64le.
Given that we have converted to ELFv2 for BE already, endianness is the only
difference between the two ARCHs.

As such, there is no need to differentiate LIBC_ARCH between the two.

Combining them like this lets us avoid needing to have two copies of several
bits for no good reason.

Sponsored by:	Tag1 Consulting, Inc.
2020-09-23 00:21:51 +00:00
Konstantin Belousov
1f305be431 Document {O,AT}_RESOLVE_BENEATH and new O_BENEATH behavior for relative paths.
PR:	248335
Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25886
2020-09-22 22:54:54 +00:00
Alan Somers
9ad1d357e0 fix integer underflow in getgrnam_r and getpwnam_r
Sometimes nscd(8) will return a 1-byte buffer for a nonexistent entry. This
triggered an integer underflow in grp_unmarshal_func, causing getgrnam_r to
return ERANGE instead of 0.

Fix the user's buffer size check, and add a correct check for a too-small
nscd buffer.

PR:		248932
Event:		September 2020 Bugathon
Reviewed by:	markj
MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision: https://reviews.freebsd.org/D26204
2020-09-19 19:08:27 +00:00
Kyle Evans
fe815331bb build: provide a default WARNS for all in-tree builds
The current default is provided in various Makefile.inc in some top-level
directories and covers a good portion of the tree, but doesn't cover parts
of the build a little deeper (e.g. libcasper).

Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that
variable is defined. This lets us relatively cleanly provide a default WARNS
no matter where you're building in the src tree without breaking things
outside of the tree.

Crunchgen has been updated as a bootstrap tool to work on this change
because it needs r365605 at a minimum to succeed. The cleanup necessary to
successfully walk over this change on WITHOUT_CLEAN builds has been added.

There is a supplemental project to this to list all of the warnings that are
encountered when the environment has WARNS=6 NO_WERROR=yes:
https://warns.kevans.dev -- this project will hopefully eventually go away
in favor of CI doing a much better job than it.

Reviewed by:	emaste, brooks, ngie (all earlier version)
Reviewed by:	emaste, arichardson (depend-cleanup.sh change)
Differential Revision:	https://reviews.freebsd.org/D26455
2020-09-18 17:17:46 +00:00
Mark Johnston
3d1098617b Fix error checking in shm_create_largepage().
Reviewed by:	alc, kib
Reported by:	Coverity
MFC with:	r365524
Differential Revision:	https://reviews.freebsd.org/D26464
2020-09-18 12:30:15 +00:00
Kyle Evans
8b8cf4ece6 memfd_create: simplify HUGETLB support a little bit
This also fixes a minor issue that was missed in the initial review; the
layout of the MFD_HUGE_* flags is actually not 1:1 bit:flag -- it instead
borrowed the Linux convention of how this is laid out since it was
originally implemented on Linux, the top 6 bits represent the shift required
for the requested page size.

This allows us to remove the flag <-> pgsize mapping table and simplify the
logic just prior to validation of the requested page size.

While we're here, fix two small nits:

- HUGETLB memfd shouldn't exhibit the SHM_GROW_ON_WRITE behavior. We can
  only grow largepage shm by appropriately aligned (i.e. requested pagesize)
  sizes, so it can't work in the typical/sane fashion. Furthermore, Linux
  does the same, so let's be compatible.

- We don't allow MFD_HUGETLB without specifying a pagesize, so no need to
  check for that later.

Reviewed by:	kib (slightly earlier version)
2020-09-11 02:02:15 +00:00
Kyle Evans
9bf2b80ca6 memfd_create: fix return values
Literally returning EINVAL from a function designed to return an fd makes
for interesting scenarios.

I cannot assign enough pointy hats to cover this one.
2020-09-10 21:25:16 +00:00
Kyle Evans
944174e7bf Fix memfd_create tests after r365524
r365524 did accidentally invert this check that sets SHM_LARGEPAGE, leading
non-hugetlb memfd as unconfigured largepage shm and thus test failures when
we try to ftruncate or write to them.

PR:		249236
Discussed with:	kib
2020-09-10 17:23:30 +00:00
Konstantin Belousov
3ef55e8f25 Add shm_create_largepage(3) helper for creation and configuration of
largepage shm objects.

And since we can, add memfd_create(MFD_HUGETLB) support, hopefully
close enough to the Linux feature.

Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D24652
2020-09-09 22:20:36 +00:00
Kyle Evans
69112cca60 getlogin_r: fix the type of len
getlogin_r is specified by POSIX to to take a size_t len, not int. Fix our
version to do the same, bump the symbol version due to ABI change and
provide compat.

This was reported to break compilation of Ruby 2.8.

Some discussion about the necessity of the ABI compat did take place in the
review. While many 64-bit platforms would likely be passing it in a 64-bit
register and zero-extended and thus, not notice ABI breakage, some do
sign-extend (e.g. mips).

PR:		247102
Submitted by:	Bertram Scharpf <software@bertram-scharpf.de> (original)
Submitted by:	cem (ABI compat)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D26335
2020-09-09 18:07:13 +00:00
Kyle Evans
0e907c045b libc tests: dynthr_mod: fix some WARNS issues
This is being addressed as part of a side-patch I'm working on that builds
all the things with WARNS=6, instead of relying on it being supplied in just
shallow parts of the build with higher-level Makefile.inc.

Provide a prototype for mod_main and annotate the thread function argument
as unused.

MFC after:	1 week
2020-09-09 02:45:47 +00:00
Kyle Evans
5593499d4a libc/resolv: attempt to fix the test under WARNS=6
In a side-change that I'm working on to start defaulting src builds to
WARNS=6 where WARNS isn't otherwise specified, GCC6 (and clang, to a lesser
extent) pointed out a number of issues with the resolv tests:

- Global method variable that gets shadowed in run_tests()
- Signed/unsigned comparison between i in run_tests() and hosts->sl_cur

The shadowed variable looks like it might actually be bogus as written, as
we pass it to RUN_TESTS -> run_tests, but other parts use the global method
instead. This change is mainly geared towards correcting that by removing
the global and plumbing the method through from run_tests -> run into the
new thread.

For the signed/unsigned comparison, there's no compelling reason to not just
switch i/nthreads/nhosts to size_t.

The review also included a change to the load() function that was better
addressed by jhb in r365302.

Reviewed by:	ngie, pstef
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D24844
2020-09-09 02:42:21 +00:00
Brandon Bergren
328b5f2570 [PowerPC] Implement VDSO timebase access on powerpc*
Implement the remaining pieces needed to allow userland timestamp reading.

Rewritten based on an intial essay into the problem by Justin Hibbits.
(Copyright changed to my own on his request.)

Tested on ppc64 (POWER9 Talos II), powerpcspe (e500v2 RB800), and
powerpc (g4 PowerBook).

Reviewed by:	jhibbits (in irc)
Sponsored by:	Tag1 Consulting, Inc.
Differential Revision:	https://reviews.freebsd.org/D26347
2020-09-08 03:00:31 +00:00
Dimitry Andric
86b019c29a Follow-up r365371 by removing sentences which indicate the state of the
MK_MALLOC_PRODUCTION option on -CURRENT.

Also, for the sake of backwards compatibility, support the old way of
enabling 'production malloc', e.g. by adding a define in make.conf(5).

MFC after:	1 week
X-MFC-With:	r365371
2020-09-06 09:08:06 +00:00
Dimitry Andric
7d4374f65f Turn MALLOC_PRODUCTION into a regular src.conf(5) option
For historical reasons, defining MALLOC_PRODUCTION in /etc/make.conf has
been used to turn off potentially expensive debug checks and statistics
gathering in the implementation of malloc(3).

It seems more consistent to turn this into a regular src.conf(5) option,
e.g. WITH_MALLOC_PRODUCTION / WITHOUT_MALLOC_PRODUCTION. This can then
be toggled similar to any other source build option, and turned on or
off by default for e.g. stable branches.

Reviewed by:	imp, #manpages
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D26337
2020-09-05 23:30:17 +00:00
John Baldwin
2afeaad315 Various fixes to the load() function.
- Use getline() instead of fgetln().  This ensures the returned string
  is always null-terminated without losing the last character if the
  last line in a file doesn't have a newline.  Also, while fgetln says
  the returned buffer can be modified, that doesn't actually seem safe
  as the current implementation means you are modifying stdio's
  internal buffer.

- Remove a spurious if before an ATF_REQUIRE that was clearly supposed
  to be non-optional.

- Remove a pointless compare of 'ptr' against '\0' (really NULL) that
  duplicated the middle condition in the for().

- Once a comment is found, skip the rest of the line, not just the
  current word.

Reviewed by:	kevans
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D26278
2020-09-03 14:50:15 +00:00
John Baldwin
875e04d716 Pass a valid mode with O_CREATE to open(2).
CheriABI is pickier about the arguments to open(2) and crashes with a
fault if a mode isn't passed to an open() when O_CREATE is specified.

Reported by:	CHERI
Reviewed by:	brooks
Obtained from:	CheriBSD
MFC after:	2 weeks
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D26281
2020-09-02 21:17:54 +00:00
John Baldwin
97bdc65f27 Don't assume objects in program sections have a size of a pointer.
The size of the object at 'addr' is unknown and might be smaller than
the size of a pointer (e.g. some x86 instructions are smaller than a
pointer).  Instead, just check that the address is in the bounds of
the program header.

Reported by:	CHERI (indirectly)
Reviewed by:	kib, brooks
Obtained from:	CheriBSD
MFC after:	1 week
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D26279
2020-09-02 20:43:08 +00:00
John Baldwin
1a4531bc98 Compute the correct size of the string to move forward.
Previously this was counting the amount of spare room at the start of
the buffer that the string needed to move forward and passing that as
the number of bytes to copy to memmove rather than the length of the
string to be copied.

In the strfmon test in the test suite this caused the memmove to
overflow the allocated buffer by one byte which CHERI caught.

Reported by:	CHERI
Reviewed by:	kevans
Obtained from:	CheriBSD
MFC after:	1 week
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D26280
2020-09-02 20:04:26 +00:00
Mark Johnston
847ab36bf2 Include the psind in data returned by mincore(2).
Currently we use a single bit to indicate whether the virtual page is
part of a superpage.  To support a forthcoming implementation of
non-transparent 1GB superpages, it is useful to provide more detailed
information about large page sizes.

The change converts MINCORE_SUPER into a mask for MINCORE_PSIND(psind)
values, indicating a mapping of size psind, where psind is an index into
the pagesizes array returned by getpagesizes(3), which in turn comes
from the hw.pagesizes sysctl.  MINCORE_PSIND(1) is equal to the old
value of MINCORE_SUPER.

For now, two bits are used to record the page size, permitting values
of MAXPAGESIZES up to 4.

Reviewed by:	alc, kib
Sponsored by:	Juniper Networks, Inc.
Sponsored by:	Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D26238
2020-09-02 18:16:43 +00:00