Commit Graph

21474 Commits

Author SHA1 Message Date
Kristof Provost
402dfb0a8d pf: Fix parsing of long table names
When parsing the nvlist for a struct pf_addr_wrap we unconditionally
tried to parse "ifname". This broke for PF_ADDR_TABLE when the table
name was longer than IFNAMSIZ. PF_TABLE_NAME_SIZE is longer than
IFNAMSIZ, so this is a valid configuration.

Only parse (or return) ifname or tblname for the corresponding
pf_addr_wrap type.

This manifested as a failure to set rules such as these, where the pfctl
optimiser generated an automatic table:

	pass in proto tcp to 192.168.0.1 port ssh
	pass in proto tcp to 192.168.0.2 port ssh
	pass in proto tcp to 192.168.0.3 port ssh
	pass in proto tcp to 192.168.0.4 port ssh
	pass in proto tcp to 192.168.0.5 port ssh
	pass in proto tcp to 192.168.0.6 port ssh
	pass in proto tcp to 192.168.0.7 port ssh

Reported by:	Florian Smeets
Tested by:	Florian Smeets
Reviewed by:	donner
X-MFC-With:	5c11c5a365
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29962
2021-04-26 18:08:15 +02:00
Kristof Provost
6fcc8e042a pf: Allow multiple labels to be set on a rule
Allow up to 5 labels to be set on each rule.
This offers more flexibility in using labels. For example, it replaces
the customer 'schedule' keyword used by pfSense to terminate states
according to a schedule.

Reviewed by:	glebius
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29936
2021-04-26 14:14:21 +02:00
Robert Watson
8e491aaeac Add code examples to cpuset(2), and improve cross referencing.
MFC after:	1 week
Reviewed by:	jeff, jrtc27, kevans, bcr (manpages)
Differential revision:	https://reviews.freebsd.org/D27803
2021-04-25 15:22:00 +01:00
Ed Maste
3cfd08c1c7 libkiconv: address memory leak in not-found cases
Found in "Understanding and Detecting Disordered Error Handling with
Precise Function Pairing" by Qiushi Wu et al.

Reviewed by:	imp, jhb
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D29896
2021-04-22 19:32:34 -04:00
Mitchell Horne
50f6c13997 pmc_allocate(3): document the count argument
This was added in b2ca2e50b9, and serves to provide an initial value
to the PMC, eliminating the need for a second syscall via pmc_set(3).

Reviewed by:	gnn, 0mp (manpages)
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D29885
2021-04-21 17:35:03 -03:00
Andrew Walker
dd559118ab Fix leak in libc NFSv4 flags parsing
Free memory allocated by strdup() in parse_flags_verbose().

Submitted by:	Andrew Walker <walker.aj325_gmail.com>
Reported by:	valgrind
Reviewed by:	allanjude, freqlabs, rpokala
MFC after:	3 days
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D29871
2021-04-20 15:39:56 -04:00
Mateusz Piotrowski
ca904beafd fork.2: Fix a typo in an example
Reported by:	rpokala
MFC with:	c4207d867c
2021-04-20 10:24:21 +02:00
Alex Richardson
1ad83445fc Allow lib/msun/logarithm_test to pass on ld128 platforms
For some reason the ld128 log1pl() implementation is less accurate than
logl(), but does at least guarantee precision >= the ld80 implementation.
Mark log1p_accuracy_tests as XFAIL for ld128 and increase the log1p tolerance
to the ld80 equivalent in accuracy_tests to avoid losing test coverage for
the other functions.

PR:		253984
Reviewed By:	ngie, dim
Differential Revision: https://reviews.freebsd.org/D29039
2021-04-20 01:46:43 +01:00
Alex Richardson
ab147542b7 libc/string/memset.c: Use unsigned long for stores
While most 64-bit architectures have an assembly implementation of this
file, RISC-V does not. As we now store 8 bytes instead of 4 it should speed
up RISC-V.

Reviewed By:	kib
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D29536
2021-04-20 01:46:43 +01:00
Alex Richardson
0b4ad01d91 libc/string/bcopy.c: Use intptr_t as the copy type
While most 64-bit architectures have an assembly implementation of this
file RISC-V does not. As we now copy 8 bytes instead of 4 it should speed
up RISC-V. Using intptr_t instead of int also allows using this file for
CHERI pure-capability code since trying to copy pointers using integer
loads/stores will invalidate pointers.

Reviewed By:	kib
Obtained from:	CheriBSD (partially)
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D29535
2021-04-20 01:46:42 +01:00
Kristof Provost
42ec75f83a pf: Optionally attempt to preserve rule counter values across ruleset updates
Usually rule counters are reset to zero on every update of the ruleset.
With keepcounters set pf will attempt to find matching rules between old
and new rulesets and preserve the rule counters.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29780
2021-04-19 14:31:47 +02:00
Alex Richardson
738314e445 Revert "lib/libc/net/nsdispatch.c: Fix missing unlock and add locking annotations"
This commit should not have introduced any functional changes, but
apparently it did. This appears to have broken LDAP setups.
Reverting for now. Will reland once I have fixed the breakage.

This reverts commit 5245bf7b92.
Reported By:	Александр Недоцуков, brd
MFC after:	immediately
2021-04-19 09:36:47 +01:00
Mateusz Piotrowski
1ffdcdadf6 getprogname.3: Add an example
It shows the difference between getprogname() and argv[0].

Reviewed by:	yuripv
Approved by:	yuripv (src)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D27204
2021-04-18 10:20:11 +02:00
Mateusz Piotrowski
c4207d867c fork.2: Add a simple use pattern
It seems to be a nice idea to show how fork() is usually used in
practice. This may act as a guide to developers who want to quickly
recall how to use the fork() function.

Reviewed by:	bcr, yuripv
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D27626
2021-04-17 23:12:06 +02:00
Kristof Provost
8403170b3d libpfct: Fix PIC flag
Use ${PICFLAG} rather than hard-adding -fPIC, which removes the
requirement for libnv to be built PIC.

MFC after:      4 weeks
Sponsored by:   Rubicon Communications, LLC ("Netgate")
2021-04-17 22:10:13 +02:00
Alex Richardson
062293c2c4 Remove XFAIL from tests/lib/msun/lround_test:main
This test no longer fails after 3b00222f15.

PR:		205451
MFC after:	1 week
2021-04-15 16:28:09 +01:00
Alex Richardson
3f01d8c2fe Remove amd64 XFAIL from tests/lib/msun/fma_test:infinities
This test no longer fails after 3b00222f15.

PR:		205448
MFC after:	1 week
2021-04-15 16:28:08 +01:00
Alex Richardson
168234fa67 lib/msun: Exclude ignored-pragmas from -Werror
This avoids build failures due to the clang 12 warning:
    '#pragma FENV_ACCESS' is not supported on this target - ignored

Clang 12 currently emits this warning for all non-x86 architectures.
While this can result in incorrect code generation (e.g. on AArch64 some
exceptions are not raised as expected), this is a pre-existing issue and
we should not fail the build due to this warning.

Reviewed By:	dim, emaste
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D29743
2021-04-15 16:27:52 +01:00
Konstantin Belousov
bbf7a4e878 O_PATH: allow vnode kevent filter on such files
if VREAD access is checked as allowed during open

Requested by:	wulf
Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29323
2021-04-15 12:49:18 +03:00
Konstantin Belousov
a5970a529c Make files opened with O_PATH to not block non-forced unmount
by only keeping hold count on the vnode, instead of the use count.

Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29323
2021-04-15 12:48:27 +03:00
Konstantin Belousov
8d9ed174f3 open(2): Implement O_PATH
Reviewed by:	markj
Tested by:	pho
Discussed with:	walker.aj325_gmail.com, wulf
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29323
2021-04-15 12:48:24 +03:00
Konstantin Belousov
509124b626 Add AT_EMPTY_PATH for several *at(2) syscalls
It is currently allowed to fchownat(2), fchmodat(2), fchflagsat(2),
utimensat(2), fstatat(2), and linkat(2).

For linkat(2), PRIV_VFS_FHOPEN privilege is required to exercise the flag.
It allows to link any open file.

Requested by:	trasz
Tested by:	pho, trasz
Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D29111
2021-04-15 12:48:11 +03:00
Konstantin Belousov
c78e124535 link(2): correct descriptor name in AT_RESOLVE_BENEATH description
Noted and reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D29111
2021-04-15 12:47:40 +03:00
Yuri Pankov
adec9669ff expand @TPUT@ in ncurses manpages
Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D29761
2021-04-14 18:16:59 +03:00
Kristof Provost
4eabfe468b pfctl: Fix clearing rules counters
After the migration to libpfctl for rule retrieval we accidentally lost
support for clearing the rules counters.

Introduce a get_clear variant of pfctl_get_rule() which allows rules
counters to be cleared.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29727
2021-04-14 13:33:02 +02:00
Alexander Motin
e49d3eb403 Fix race in case of device destruction.
During device destruction it is possible that open() succeed, but
fdevname() return NULL, that can't be assigned to string variable.
Fix that by adding explicit NULL check.

Also while there switch from fdevname() to fdevname_r().

Sponsored by:	iXsystems, Inc.
MFC after:	2 weeks
2021-04-13 11:25:27 -04:00
Kurosawa Takahiro
2aa21096c7 pf: Implement the NAT source port selection of MAP-E Customer Edge
MAP-E (RFC 7597) requires special care for selecting source ports
in NAT operation on the Customer Edge because a part of bits of the port
numbers are used by the Border Relay to distinguish another side of the
IPv4-over-IPv6 tunnel.

PR:		254577
Reviewed by:	kp
Differential Revision:	https://reviews.freebsd.org/D29468
2021-04-13 10:53:18 +02:00
Kurosawa Takahiro
600bd6ce06 pfctl, libpfctl: introduce pfctl_pool
Introduce pfctl_pool to be able to extend the pool part of the pf rule
without breaking the ABI.

Reviewed by:	kp
MFC after:	4 weeks
Differential Revision:	https://reviews.freebsd.org/D29721
2021-04-12 18:30:29 +02:00
Yuri Pankov
eeaf9d562f setclassenvironment: trim leading spaces in variable names
Trim leading spaces in variable names when the list is e.g.
pretty-formatted in /etc/login.conf or ~/.login_conf.

PR:		247947
Reviewed by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D25649
2021-04-12 01:05:10 +03:00
Piotr Pawel Stefaniak
1fdd6934d5 getdirentries.2: remove unnecessary space 2021-04-11 11:17:01 +02:00
Konstantin Belousov
4d9128da54 rtld: make dlerror() thread-local
PR:	95339
Discussed with:	arichardson
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29633
2021-04-10 17:33:34 +03:00
Konstantin Belousov
08bfbd4359 rtld: workaround for broken ABI
Right now, libthr does not initialize RtldLockInfo.rtli_version when calling
_rtld_thread_init(), which makes versioning the interface troublesome.

Add a workaround: if the calling object of _rtld_thread_init() exports
the "_pli_rtli_version" symbol, then consider rtli_version initialized.
Otherwise, forcibly set it to RTLI_VERSION_ONE, currently defined as
RTLI_VERSION.

Export "_pli_rtli_version" from libthr and properly initialize rtli_version.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29633
2021-04-10 17:33:33 +03:00
Dimitry Andric
bae9fd0b33 Only use -fp-exception-behavior=maytrap on x86, for now
After 3b00222f15, it turns out that clang only supports strict
floating point semantics for SystemZ and x86 at the moment, while for
other architectures it is still experimental.

Therefore, only use -fp-exception-behavior=maytrap on x86 for now,
otherwise this option results in "error: overriding currently
unsupported use of floating point exceptions on this target
[-Werror,-Wunsupported-floating-point-opt]" on other architectures.

Fixes:		3b00222f15
PR:		254911
MFC after:	1 week
2021-04-10 16:02:58 +02:00
Kristof Provost
15ca662208 libnv: Use PICFLAG rather than -fPIC
Suggested by:	andrew
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
2021-04-10 15:43:28 +02:00
Dimitry Andric
3b00222f15 Avoid raising unexpected floating point exceptions in libm
When using clang with x86_64 CPUs that support AVX, some floating point
transformations may raise exceptions that would not have been raised by
the original code. To avoid this, use the -fp-exception-behavior=maytrap
flag, introduced in clang 10.0.0.

In particular, this fixes a number of test failures with ctanhf(3) and
ctanf(3), when libm is compiled with -mavx. An unexpected FE_INVALID
exception is then raised, because clang emits vdivps instructions to
perform certain divides. (The vdivps instruction operates on multiple
single-precision float operands simultaneously, but the exceptions may
be influenced by unused parts of the XMM registers. In this particular
case, it was calculating 0 / 0, which results in FE_INVALID.)

If -fp-exception-behavior=maytrap is specified however, clang uses
vdivss instructions instead, which work on one operand, and should not
raise unexpected exceptions.

Reported by:	olivier
Reviewed by:	arichardson
PR:		254911
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D29686
2021-04-10 13:59:57 +02:00
Kristof Provost
ab5707a5cf libpfctl: Fix u_* counters
struct pf_rule had a few counter_u64_t counters. Those couldn't be
usefully comminicated with userspace, so the fields were doubled up in
uint64_t u_* versions.

Now that we use struct pfctl_rule (i.e. a fully userspace version) we
can safely change the structure and remove this wart.

Reviewed by:	glebius
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29645
2021-04-10 11:16:03 +02:00
Kristof Provost
e9eb09414a libpfctl: Switch to pfctl_rule
Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule.
Now that we use nvlists to communicate with the kernel these structures
can be fully decoupled.

Reviewed by:	glebius
MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29644
2021-04-10 11:16:02 +02:00
Kristof Provost
0d71f9f36e pfctl: Move ioctl abstraction functions into libpfctl
Introduce a library to wrap the pf ioctl interface.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29562
2021-04-10 11:16:02 +02:00
Kristof Provost
0dd13c7743 libnv: Build PIC
Build libnv as position independent code so we can use it from shared
libraries.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29561
2021-04-10 11:16:01 +02:00
Konstantin Belousov
dbd2053026 libc dl_iterate_phdr(): dlpi_tls_data is wrong
This is the same change as d36d681615, but for libc static implementaion
of dl_iterate_phdr().

Reported by:	emacsray@gmail.com
PR:	254774
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
ca46b5698e libc: implement __tls_get_addr() for static binaries
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
06d8a116bd libc: add _get_tp() private function
which returns pointer to tcb

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
7f7489eba3 libc: include rtld.h into static implementations of rtld interface
and resolve naming conficts

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:24 +03:00
Konstantin Belousov
93c14c55ec libc: constify dummy error message string for dlfcn
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29623
2021-04-09 23:46:23 +03:00
Dimitry Andric
7702d940ec Avoid -pedantic warnings about using _Generic in __fp_type_select
When compiling parts of math.h with clang using a C standard before C11,
and using -pedantic, it will result in warnings similar to:

bug254714.c:5:11: warning: '_Generic' is a C11 extension [-Wc11-extensions]
  return !isfinite(1.0);
          ^
/usr/include/math.h:111:21: note: expanded from macro 'isfinite'
                    ^
/usr/include/math.h:82:39: note: expanded from macro '__fp_type_select'
                                      ^

This is because the block that enables use of _Generic is conditional
not only on C11, but also on whether the compiler advertises support for
C generic selections via __has_extension(c_generic_selections).

To work around the warning without having to pessimize the code, use the
__extension__ keyword, which is supported by both clang and gcc. While
here, remove the check for __clang__, as _Generic has been supported for
a long time by gcc too now.

Reported by:	yuri
PR:		254714
MFC after:	1 week
2021-04-08 18:20:32 +02:00
Andrew Turner
4d9488674f Remove the last users of ARM_TP_ADDRESS
This was only needed on 32-bit arm prior to ARMv6. As we only support
ARMv6 or later remove it.

Reviewed by:	mannu
Sponsored by:	Innovate UK
Differential Revision:	https://reviews.freebsd.org/D29624
2021-04-08 07:52:54 +00:00
Mariusz Zaborski
2b1d0c0087 fileargs: fix double caching of the same file
In situations when the current file name wasn't the first element on
the list we were cleaning the current name too early.
This might cause us to pre-cache the same file twice.
2021-04-07 21:16:37 +02:00
Konstantin Belousov
d36d681615 rtld dl_iterate_phdr(): dlpi_tls_data is wrong
dl_iterate_phdr() dlpi_tls_data should provide the TLS module segment
address, and not the TLS init segment address as it does now.

Reported by:	emacsray@gmail.com
PR:	254774
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2021-04-06 03:23:08 +03:00
Mark Johnston
3b666932d4 libc: Fix the WITH_HESIOD build
Reported by:	Daniel Braniss <danny@cs.huji.ac.il>
MFC after:	1 week
2021-04-05 16:30:00 -04:00
Konstantin Belousov
d218c6f6af amd64 fabs.S: use '.section .rodata' instead of '.rodata'
Seems to be an issue with older gnu as

Reported by:	rscheff
Sponsored by:	The FreeBSD Foundation
MFC after:	6 days
2021-04-04 22:33:22 +03:00