When using libfetch in an application that drops privileges when fetching
like pkg(8) then user complain because the application does not read anymore
${HOME}/.netrc. Now a caller can prepare a fd to the said file and manually
assign it to the structure.
It is also a first step to allow to capsicumize libfetch applications
Reviewed by: allanjude, des
Approved by: des
Differential Revision: https://reviews.freebsd.org/D9678
committed in r313972
The code committed in r313962 implicitly relies on python 2.x to generate
testvect.h . There are a handful of issues with this approach:
- python is not an explicit build dependency for FreeBSD
- python 2.x is deprecated and will be removed sometime in the future
(potentially before 11.x's EOL), and the script does not function with
python 3.5 (it uses deprecated idioms and incompatible function calls).
- python(1) (by default) lives in /usr/local/bin (${LOCALBASE}/bin) and
gentestvect.py is a dependency of testvect.h (prior to r313972) which
means that if the mtime of the generator script was newer than the
mtime of the test vector, it could cause a spurious build failure in
build time or at install time.
A better solution using C/C++ should be devised.
Discussed with: allanjude
MFC after: 2 weeks
X-MFC with: r313962, r313972
Sponsored by: Dell EMC Isilon
Using relative paths imply working directory (in this case .OBJDIR), whereas the
sources live in the .CURDIR-relative path.
MFC after: 2 weeks
X-MFC with: r313962
Pointyhat to: allanjude
Sponsored by: Dell EMC Isilon
Right now the noexec mount option disallows image activators to try
execve the files on the mount point. Also, after r127187, noexec
also limits max_prot map entries permissions for mappings of files
from such mounts, but not the actual mapping permissions.
As result, the API behaviour is inconsistent. The files from noexec
mount can be mapped with PROT_EXEC, but if mprotect(2) drops execution
permission, it cannot be re-enabled later. Make this consistent
logically and aligned with behaviour of other systems, by disallowing
PROT_EXEC for mmap(2).
Note that this change only ensures aligned results from mmap(2) and
mprotect(2), it does not prevent actual code execution from files
coming from noexec mount. Such files can always be read into
anonymous executable memory and executed from there.
Reported by: shamaz.mazum@gmail.com
PR: 217062
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
The PBKDF2 in sys/geom/eli/pkcs5v2.c is around half the speed it could be
GELI's PBKDF2 uses a simple benchmark to determine a number of iterations
that will takes approximately 2 seconds. The security provided is actually
half what is expected, because an attacker could use the optimized
algorithm to brute force the key in half the expected time.
With this change, all newly generated GELI keys will be approximately 2x
as strong. Previously generated keys will talk half as long to calculate,
resulting in faster mounting of encrypted volumes. Users may choose to
rekey, to generate a new key with the larger default number of iterations
using the geli(8) setkey command.
Security of existing data is not compromised, as ~1 second per brute force
attempt is still a very high threshold.
PR: 202365
Original Research: https://jbp.io/2015/08/11/pbkdf2-performance-matters/
Submitted by: Joe Pixton <jpixton@gmail.com> (Original Version), jmg (Later Version)
Reviewed by: ed, pjd, delphij
Approved by: secteam, pjd (maintainer)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D8236
for USB OTG-capable hardware to implement device side of USB
Mass Storage, ie pretend it's a flash drive. It's configured
in the same way as other CTL frontends, using ctladm(8)
or ctld(8). Differently from usfs(4), all the configuration
can be done without rebuilding the kernel.
Testing and review is welcome. Right now I'm still moving,
and I don't have access to my test environment, so I'm somewhat
reluctant to making larger changes to this code; on the other
hand I don't want to let it sit on Phab until my testing setup
is back, because I want to get it into 11.1-RELEASE.
Reviewed by: emaste (cursory), wblock (man page)
MFC after: 2 weeks
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8787
MSDOS and Windows GNU grep uses -u to mean "print byte offsets as if
running on an UNIX system." The option has no effect on systems that
do not use CRLF line endings.
PR: 171200
Submitted by: deeptech71@gmail.com, Anders Jensen-Waud
MFC after: 1 month
Rework part of the loop in grep_fgetln to return the rest of the line
and ensure that we still advance the buffer by the length of the rest
of the line.
PR: 165471
Submitted by: Kyle Evans <kevans91@ksu.edu>
MFC after: 1 month
parameter to mmap(2), even if MAP_FIXED is not explicitly specified.
Android ART is one example. Implement bug compatibility for this case
in linuxulator.
Reviewed by: dchagin@
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D9373
Since fcmpset can fail without lock contention e.g. on arm, it was possible
to get spurious failures when the caller was expecting the primitive to succeed.
Reported by: mmel
called for all threads belonging to a procedure. Currently the first
thread in a procedure is kept around as an optimisation step and is
never freed. Because the first thread in a procedure is never freed
nor allocated, its destructor and constructor callbacks are never
called which means per thread structures allocated by dtrace and the
Linux emulation layers for example, might be present for threads which
don't need these structures.
This patch adds a thread construction and destruction call for the
first thread in a procedure.
Tested: dtrace, linux emulation
Reviewed by: kib @
MFC after: 1 week
Sponsored by: Mellanox Technologies
lam(1) is used in portsnap(8), so lock it down
Reviewed by: emaste, cem, jonathan
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D8076
All resources lack of which may put CTIO into the queue are either
per-channel or potentially per-queue, but none of them are per-LUN.
This is a first step to fix live LUN disabling. Before this change
any CTIOs held in a queue in time of disabling were just leaked.
MFC after: 2 weeks
Do no write to PBA register on igb(4) devices unless we need
to make adjustments for the 82575 and jumbo frames.
Remove redundant LPE/~LPE assignments.
Move e1000_lv_jumbo_workaround_ich8lan() invokcation into a block
so that its not executed in the igb case.
Move em(4) class assignments of RCTL values to its own code block.
Adjust a few direct accesses of ifp->mtu to use accessor functions.
PR: 216734
Submitted by: Kaho Toshikazu <kaho@elam.kais.kyoto-u.ac.jp>
Use large enough type for calculation of mtrr physmask. Typical
cpu_maxphyaddr is 36 or larger.
Reported and tested by: sbruno
Sponsored by: The FreeBSD Foundation
MFC after: 13 days
For the loop that dirties vm_pages in case superpage was written to,
check the complete condition before the loop.
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Implement get_pcpu() for amd64/sparc64/mips/powerpc, and use it to
replace pcpu_find(curcpu) in MI code.
Reviewed by: andreast, kan, lidl
Tested by: lidl(mips, sparc64), andreast(powerpc)
Differential Revision: https://reviews.freebsd.org/D9587
Some of the tests in devel/atf // devel/kyua rely on the tools being in $PATH,
which means that the tests fail when run via "make checkworld" because $PATH
is restricted to exclude directory elements like "${LOCALBASE}/bin".
MFC after: 1 week
Sponsored by: Dell EMC Isilon
In case when decrypted and decapsulated packet is an UDP datagram,
check that its checksum is not zero before doing incremental checksum
adjustment.
Reported by: Eugene Grosbein
Tested by: Eugene Grosbein
Convert linux_recv(), linux_send() and linux_accept() system call arguments
to the register_t type too.
PR: 217161
MFC after: 3 days
xMFC with: r313284,r313285,r313684
