Commit Graph

1321 Commits

Author SHA1 Message Date
Alexander Kabaev
2286fe7635 Second attempt at eliminating .text relocations in shared libraries
compiled with stack protector.

Use libssp_nonshared library to pull __stack_chk_fail_local symbol into
each library that needs it instead of pulling it from libc. GCC
generates local calls to this function which result in absolute
relocations put into position-independent code segment, making dynamic
loader do extra work every time given shared library is being relocated
and making affected text pages non-shareable.

Reviewed by:        kib
Approved by:        re (kib)
2009-07-14 21:19:13 +00:00
Jamie Gritton
de6f37045c Add libjail, a (somewhat) simpler interface to the jail_set and jail_get
system calls and the security.jail.param sysctls.

Approved by:	bz (mentor)
2009-06-24 18:18:35 +00:00
Doug Barton
536613bc35 Add support for the build options that are currently in the port:
WITH_BIND_IDN
	WITH_BIND_LARGE_FILE
	WITH_BIND_SIGCHASE
	WITH_BIND_XML
2009-06-01 21:58:59 +00:00
Ed Schouten
d2a0bb0803 Remove if_ppp(4) and if_sl(4).
Not only did these two drivers depend on IFF_NEEDSGIANT, they were
broken 7 months ago during the MPSAFE TTY import. if_ppp(4) has been
replaced by ppp(8). There is no replacement for if_sl(4).

If we see regressions in for example the ports tree, we should just use
__FreeBSD_version 800045 to check whether if_ppp(4) and if_sl(4) are
present. Version 800045 is used to denote the import of MPSAFE TTY.

Discussed with: rwatson, but also rwatson's IFF_NEEDSGIANT emails on the
                lists.
2009-04-05 22:08:18 +00:00
Nathan Whitehorn
1c96bdd146 Add support for 64-bit PowerPC CPUs operating in the 64-bit bridge mode
provided, for example, on the PowerPC 970 (G5), as well as on related CPUs
like the POWER3 and POWER4.

This also adds support for various built-in hardware found on Apple G5
hardware (e.g. the IBM CPC925 northbridge).

Reviewed by:    grehan
2009-04-04 00:22:44 +00:00
Roman Divacky
300d03a832 Switch over to gnu99 compilation on default for userland.
Tested by:	make universe
Tested by:	ports exp build (done by pav)
Reviewed by:	ru
Reviewed by:	silence on arch
Approved by:	ed (mentor)
2009-03-14 17:55:16 +00:00
Nathan Whitehorn
5b4975b180 Explicitly disable generation of Altivec instructions in the kernel on PowerPC,
and add support to allow users to set their CPUTYPE in make.conf.
2009-02-22 18:45:30 +00:00
Bjoern A. Zeeb
67e7848003 Document that with r186854 we started using KMODOWN/KMODGRP
for the kernel as well and no longer only for modules.

Reviewed by:	kib, antoine
MFC after:	26 days
2009-01-08 12:22:37 +00:00
Robert Watson
7a0a89d2cb Merge OpenBSM alpha 4 from OpenBSM vendor branch to head, both
contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge).  Add libauditd build parts and add to auditd's linkage;
force libbsm to build before libauditd.

OpenBSM history for imported revisions below for reference.

MFC after:      1 month
Sponsored by:   Apple Inc.
Obtained from:  TrustedBSD Project

OpenBSM 1.1 alpha 4

- With the addition of BSM error number mapping, we also need to map the
  local error number passed to audit_submit(3) to a BSM error number,
  rather than have the caller perform that conversion.
- Reallocate user audit events to avoid collisions with Solaris; adopt a
  more formal allocation scheme, and add some events allocated in Solaris
  that will be of immediate use on other platforms.
- Add an event for Calife.
- Add au_strerror(3), which allows generating strings for BSM errors
  directly, rather than requiring applications to map to the local error
  space, which might not be able to entirely represent the BSM error
  number space.
- Major auditd rewrite for launchd(8) support.  Add libauditd library
  that is shared between launchd and auditd.
- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for
  (re)starting auditing under launchd(8) on Mac OS X.
- Add 'current' symlink to active audit trail.
- Add crash recovery of previous audit trail file when detected on audit
  startup that it has not been properly terminated.
- Add the event AUE_audit_recovery to indicated when an audit trail file
  has been recovered from not being properly terminated.  This event is
  stored in the new audit trail file and includes the path of recovered
  audit trail file.
- Mac OS X and FreeBSD dependent code in auditd.c is separated into
  auditd_darwin.c and auditd_fbsd.c files.
- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system
  calls.
- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
- Add support for NOTICE level logging.

OpenBSM 1.1 alpha 3

- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
  between BSM error numbers (largely the Solaris definitions) and local
  errno(2) values for 32-bit and 64-bit return tokens.  This is required
  as operating systems don't agree on some of the values of more recent
  error numbers.
- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the
  total size for the token.  This buge.
- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.
2008-12-31 11:12:24 +00:00
Alfred Perlstein
6f0e1ffd07 src/sys/dev/usb2/controller/uss820dci_pccard.c
src/sys/dev/usb2/core/usbdevs
src/sys/dev/usb2/include/urio2_ioctl.h
src/sys/dev/usb2/storage/ustorage2_fs.h

These files are not used any more.

src/usr.sbin/Makefile
src/etc/mtree/BSD.include.dist
src/include/Makefile
src/lib/Makefile
src/share/man/man7/hier.7
src/share/mk/bsd.libnames.mk
src/etc/mtree/BSD.include.dist

Make "usbconfig" and "libusb20" a part of the default build.

src/sys/dev/usb/rio500_usb.h
src/sys/dev/usb2/storage/urio2.c

Use common include file.

src/sys/dev/usb2/bluetooth/ng_ubt2.c

Make USB bluetooth depend on "ng_hci" module.

src/sys/dev/usb2/controller/ehci2.c
src/sys/dev/usb2/controller/ehci2.h

Patches for Marvell EHCI.

src/sys/dev/usb2/core/usb2_busdma.c

Bugfix for 64-bit platforms. Need to unload the previously loaded DMA
map and some cleanup regarding some corner cases.

src/sys/dev/usb2/core/usb2_core.h
src/sys/dev/usb2/core/usb2_dev.c
src/sys/dev/usb2/core/usb2_dev.h

Bugfix for libusb filesystem interface.

New feature: Add support for filtering device data at the expense of the
userland process.

Add some more comments.

Some minor code styling.

Remove unused function, usb2_fifo_get_data_next().

Fix an issue about "fifo_index" being used instead of "ep_index".

src/sys/dev/usb2/core/usb2_device.c
src/sys/dev/usb2/core/usb2_generic.c

Bugfix for Linux USB compat layer. Do not free non-generic FIFOs when
doing an alternate setting.

Cleanup USB IOCTL and USB reference handling.
Fix a corner case where USB-FS was left initialised after
setting a new configuration or alternate setting.

src/sys/dev/usb2/core/usb2_hub.c

Improvement: Check all USB HUB ports by default at least one time.

src/sys/dev/usb2/core/usb2_request.c

Bugfix: Make sure destination ASCII string is properly zero terminated
in all cases.

Improvement: Skip invalid characters instead of replacing with a dot.

src/sys/dev/usb2/core/usb2_util.c
src/sys/dev/usb2/image/uscanner2.c

Spelling.

src/sys/dev/usb2/include/Makefile

Share "usbdevs" with the old USB stack.

src/sys/dev/usb2/include/usb2_devid.h
src/sys/dev/usb2/include/usb2_devtable.h

Regenerate files.

Alfred: Please fix the RCS tag at the top.

src/sys/dev/usb2/include/usb2_ioctl.h

Fix compilation of "kdump".

src/sys/dev/usb2/serial/ubsa2.c
src/sys/dev/usb2/serial/ugensa2.c

Remove device ID's which will end up in a new 3G driver.

src/sys/dev/usb2/sound/uaudio2.c

Correct a debug printout.

src/sys/dev/usb2/storage/umass2.c

Sync with old USB stack.

src/lib/libusb20/libusb20.3

Add more documentation.

src/lib/libusb20/libusb20.c

Various bugfixes and improvements.

src/usr.sbin/usbconfig/dump.c
src/usr.sbin/usbconfig/usbconfig.c

New commands for dumping strings and doing custom USB requests from
the command line.

Remove keyword requirements from generated files:
 "head/sys/dev/usb2/include/usb2_devid.h"
 "head/sys/dev/usb2/include/usb2_devtable.h"
2008-11-19 08:56:35 +00:00
Warner Losh
258f85b951 ata module additions now nest ata modules one deeper than any prior module.
Increase heuristic used to find them by one.
2008-10-09 22:01:27 +00:00
Sam Leffler
690f477d75 add new build knobs and jigger some existing controls to improve
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd

Reviewed by:	various (posted to arch)
MFC after:	1 month
2008-09-21 22:02:26 +00:00
Warner Losh
a678ba4ec8 Turn of SSP for mips for now until support is added to the base
architecture.
2008-07-23 06:14:21 +00:00
Olivier Houchard
ad8abd6c4d Disable SSP on arm for the time being.
The segfaults when using SSP seem to be a gcc bug, a patch is available
in the gcc bugzilla, and will be imported once it's committed
into the official gcc tree.
2008-07-19 00:19:16 +00:00
Ruslan Ermilov
042df2e2da Enable GCC stack protection (aka Propolice) for userland:
- It is opt-out for now so as to give it maximum testing, but it may be
  turned opt-in for stable branches depending on the consensus.  You
  can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
  It is harmless to steal the knob as SSP symbols have been provided
  by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
  (sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
  libc will be automatically downgraded to -fstack-protector because it
  breaks rtld otherwise.
- This option is unavailable on ia64.

Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.

Submitted by:	Jeremie Le Hen <jeremie@le-hen.org>
2008-06-25 21:33:28 +00:00
Alex Dupre
172b9da045 Fix links to online gcc docs.
Reported by:	Andre Guibert de Bruet <andy@siliconlandmark.com>
MFC after:	1 day
2008-06-25 06:07:03 +00:00
Doug Barton
d57e5bc480 Properly alphabetize the BSD_CPIO option 2008-06-16 07:23:12 +00:00
Doug Barton
6973701a00 1. Make the BSD version of cpio the default [1]
a. The BSD version will be built and installed unless
WITHOUT_BSD_CPIO is defined.
b. The GNU version will not be built or installed unless
WITH_GNU_CPIO is defined. If this is defined, the symlink
in /usr/bin will be to the GNU version whether the BSD
version is present or not.

When these changes are MFCed the defaults should be flipped.

2. Add a knob to disable the building of GNU grep. This will
make it easier for those that want to test the BSD version in
the ports.

Approved by:	kientzle [1]
2008-06-16 05:48:15 +00:00
Bjoern A. Zeeb
2e598474fa Remove ISDN4BSD (I4B) from HEAD as it is not MPSAFE and
parts relied on the now removed NET_NEEDS_GIANT.
Most of I4B has been disconnected from the build
since July 2007 in HEAD/RELENG_7.

This is what was removed:
- configuration in /etc/isdn
- examples
- man pages
- kernel configuration
- sys/i4b (drivers, layers, include files)
- user space tools
- i4b support from ppp
- further documentation

Discussed with: rwatson, re
2008-05-26 10:40:09 +00:00
John Birrell
770ac3b21f Add support for the Compact C Type (CTF) conversions throughout FreeBSD's
system makefiles.

Note that the CTF conversion defaults to off. We may choose to change this
default later if DTrace proves popular and people are prepared to wear
the compilation performance impact of compiling with debug symbols all the
time.

Setting NO_CTF in the make args or user environment turns off CTF conversion.
Even if we choose to default CTF generation to on later, we still need
NO_CTF so that the buildworld process can bootstrap the tools without
needlessly generating CTF data for temporary tools.

Setting WITH_CTF in the make args or user environment (and _NOT_ in
/etc/make.conf) is the only way to enable CTF data conversion. Nore that
this can't be implemented the same way that the WITH_ and WITHOUT_ stuff
is implemented throughout the buildworld because the CTF conversion needs
to work when building a simple object without a Makefile, using the
default rules in sys.mk.

Typing 'make test.o' with no makefile and just a source file test.c
should work. Also, typing 'make WITH_CTF=1 test.o without a makefile and
just a source file test.c should work and produce an object with a CTF
elf section. Typing 'make WITH_CTF=1 CFLAGS=-g test.o' without a makefile
and just a source file test.c should produce an object with both a CTF
elf section and the debug elf sections.

In the FreeBSD build where more .mk files are used than just sys.mk
which is included my make by default, the use of DEBUG_FLAGS is the
correct way to enable a debug build. The important thing to note here
is that it is the DEBUG_FLAGS setting that prevents libraries and
programs from being stripped on installation. So, for the addition of
CTF data conversion, setting DEBUG_FLAGS to contain -g, without NO_CTF,
will cause the ctfconvert and ctfmerge build programs to be executed
also with the -g arg so that debug symbols are retained rather than
being removed after the CTF data elf section has been added.

Add DTrace libraries to the list of libnames.
2008-05-22 01:14:43 +00:00
Doug Rabson
33f1219925 Fix conflicts after heimdal-1.1 import and add build infrastructure. Import
all non-style changes made by heimdal to our own libgssapi.
2008-05-07 13:53:12 +00:00
Oleksandr Tymoshenko
04e109f098 Handle endianness for mips
Approved by:	cognet (mentor)
2008-04-28 14:54:17 +00:00
Alexander Kabaev
046f4eba8c Fix spelling mistake in comment. 2008-04-09 20:27:53 +00:00
Warner Losh
fd08931dd5 MFp4 (mips2-jnpr):
o Default to -O on mips as well as arm.  -O2 has been strongly implicated
  in many problems in the past, so we're taking a conservative approach
  until the problems are well understood.
2008-04-04 21:12:40 +00:00
David E. O'Brien
20c46652dc PR ports/121363 (& ports/73797) has been committed, so we can now go back
to JB's revision 1.96 change to remove -fno-strict-aliasing from CFLAGS.

This makes the default CFLAGS to match the simple defaults that the
tinderboxes use.  By using -fno-strict-aliasing by default we are
choosing to ignore problems in code which had the potential to
shoot ourselves in the foot.
2008-04-02 17:24:22 +00:00
Ruslan Ermilov
dbdb679c6f Remove options MK_LIBKSE and DEFAULT_THREAD_LIB now that we no longer
build libkse.  This should fix WITHOUT_LIBTHR builds as a side effect.
2008-03-29 17:44:40 +00:00
Warner Losh
88f25023dc Add support for MACHINE_ARCH == mips, plus a few generic CPU types that
will be supported in the forth coming FreeBSD/mips port.
2008-03-19 12:20:44 +00:00
David E. O'Brien
92aa7717fa Temporarily back out revision 1.98 to give Portmgr some time to
address PR ports/121363 (current day re-opening of PR ports/73797)
to make ports CFLAGS more independent of src/'s CFLAGS WRT aliasing.

Discussed with: brooks
2008-03-04 20:26:03 +00:00
David E. O'Brien
b9b482710e Back out revision 1.97, which backed out part of revision 1.96.
Change the default CFLAGS to match the simple defaults that the
tinderboxes use.  By using -fno-strict-aliasing by default we are
choosing to ignore problems in code which had the potential to
shoot ourselves in the foot.
2008-03-04 19:00:11 +00:00
Rafal Jaworowski
321578e3d0 Connect MPC85XX to the PowerPC build.
The kernel config file is KERNCONF=MPC85XX, so the usual procedure applies:

1. make buildworld TARGET_ARCH=powerpc
2. make buildkernel TARGET_ARCH=powerpc TARGET_CPUTYPE=e500 KERNCONF=MPC85XX

This default config uses kernel-level FPU emulation. For the soft-float world
approach:

1. make buildworld TARGET_ARCH=powerpc TARGET_CPUTYPE=e500
2. disable FPU_EMU option in sys/powerpc/conf/MPC85XX
3. make buildkernel TARGET_ARCH=powerpc TARGET_CPUTYPE=e500 KERNCONF=MPC85XX

Approved by:	cognet (mentor)
MFp4:		e500
2008-03-03 20:40:20 +00:00
John Baldwin
10250ddd27 Add a 'c7' CPUTYPE for VIA C7 CPUs that is 'c3-2' with the addition of
i686, sse2, and sse3.

MFC after:	1 week
2008-02-29 19:20:05 +00:00
Ruslan Ermilov
e901b583be Add LIBELF. 2008-02-21 16:29:31 +00:00
Dag-Erling Smørgrav
5fb6bed92c Revert CLEANDEPFILES commit per ru@'s request; it does not really solve
the problem.  The correct fix will follow.
2008-02-05 08:52:36 +00:00
Dag-Erling Smørgrav
0d7cc1d0eb Normally, when a header file is removed from the build (as i4b headers
were recently), a simple 'make cleandepend; make depend' is sufficient
to keep the tree buildable after a cvs update when doing incremental
builds.

However, kdump and truss use a script which searches for header files
that define ioctls, and generates C code that includes them.  This
script will usually not need updating when a header file is removed,
so the normal dependency mechanism will not realize that it needs to
be re-run.  One is therefore left with code that references dead files
but will only be removed by a full 'make clean', which defeats the
purpose of incremental builds.

To work around this, modify the cleandepend target in bsd.dep.mk to
also remove any files listed in a new variable named CLEANDEPFILES,
and modify kdump's and truss's Makefiles accordingly.

MFC after:	2 weeks
2008-02-03 11:34:56 +00:00
Ruslan Ermilov
4ef19e9667 Cosmetique: sort the list. 2008-01-24 07:03:21 +00:00
Christian Brueffer
7500fac915 Remove remnants of old *_FORTRAN build flags.
Approved by:	rwatson (mentor)
MFC after:	3 days
2008-01-17 20:51:58 +00:00
Hartmut Brandt
02c3c75236 Add an additional make variable EXTRAMIBSYMS which allows to specify
definition files that are used only for extracting symbols. This is useful
for inter-module dependencies and files containing only enum-definitions.

MFC after:	4 weeks
2008-01-08 12:55:56 +00:00
Ruslan Ermilov
6dc51eca81 - Fix setting of MK_GSSAPI option by bsd.own.mk; its value should
default to the value of MK_KERBEROS unless set explicitly by
  WITH_GSSAPI/WITHOUT_GSSAPI.  (This introduces another type of
  MK_* variables which itself is questionable.)

- Teach tools/build/options/makeman script that generates the
  src.conf(5) manpage about the new type of MK_* variables.

- Fix broken logic in lib/Makefile.
2007-12-12 16:39:32 +00:00
Doug Barton
3fe21f77bc Hide the building and installation of libgssapi behind the
WITHOUT_KERBEROS knob. While GSS can be used for other things
some third party software (most notably ports/x11/kdelibs3)
takes the presence of libgssapi as an indication that kerberos
is available, and attempts to link with the kerberos libs. If
they are not available, the build will fail.

Because you might want to use GSS but not kerberos, add a knob
to re-enable it if WITHOUT_KERBEROS is present.

Document the new knob, and the new behavior of WITHOUT_KERBEROS.

Not objected and/or generally agreed to by:	freebsd-arch

Problem discussed/analyzed in:
PR:	ports/116484
2007-12-10 19:09:24 +00:00
Ruslan Ermilov
157deb6a4e Make "manlint" recursive.
Prodded by:	obrien
2007-12-07 15:02:06 +00:00
John Birrell
221a97c194 Although the entire src tree builds cleanly now without -fno-strict-aliasing
in the default CFLAGS, we're in the middle of a ports freeze, so we can't
really go making the corresponding change to the ports mk files.

I'll take -fno-strict-aliasing out again when the ports freeze ends.
2007-11-26 21:46:21 +00:00
John Birrell
cfb5b3256b Re-enable -Werror again.
This time, change the default CFLAGS to match the simple defaults that
the tinderboxes use. That is, don't use -fno-strict-aliasing by default.

My last attempt to re-anable -Werror gave me a lesson in what strict
aliasing is all about. There was code in libthr that wasn't 64-bit clean.
The default use of -fno-strict-aliasing hid that.

By using -fno-strict-aliasing by default we were choosing to ignore
problems in code which had the potential to shoot ourselves in the
foot. Sometimes it would be the 64-bit foot. I have both feet. The left
ones are 32 bits and the right ones are 64 bits. Don't ask about my
endian orientation. :-)

The -fno-strict-aliasing compiler arg can still be used if NO_STRING_ALIASING
is define in make.

We are early in the FreeBSD 8 development, so we have the opportunity to
wait and see if this works for us. I am sure that people will complain.
We can easily revert this. All I ask is that we take sides: clean code or
not. YMMV.

Note that by using -fno-strict-aliasing the build won't actually break.
Only where WARNS is set (and -Werror is used) will a compiler warning break
the build. The use of WARNS levels implies (to me at least) that the
developer has taken some care to make the code pass basic checks. This
commit makes those checks just a little bit more strict.
2007-11-22 23:21:12 +00:00
John Birrell
f9f50330f3 Unfortunately the tinderbox setup uses custom CFLAGS which are a big
obstacle to enabling -Werror. I'll continue to work on cleaning up the
code so that we can keep this enabled.

If the tinderboxes would just use the default CFLAGS set in this file,
all would be fine and we'd be able to make use of -Werror.
2007-11-19 22:39:39 +00:00
John Birrell
76f9e2ec8f Re-enable -Werror ins WARNS as it was roughly 6 months ago before
being disabled while gcc 4.2 was bedded in.

Tested with 'make release' (amd64 arm i386 ia64 pc98 powerpc sparc64 sun4v)
2007-11-19 09:09:02 +00:00
John Birrell
c117aee58e Weed out a warning argument that isn't applicable to C++ code. 2007-11-19 09:01:58 +00:00
Olivier Houchard
cdc162fe0e Switch arm to -O until the -O2 issues are resolved.
MFC After:	3 days
2007-11-05 23:08:34 +00:00
Yaroslav Tykhiy
a39cea66f4 Allow the shell used by make(1) to be changed early via the
__MAKE_SHELL variable.  This feature isn't supposed to be in wide
use, but it's needed now to make `installworld' independent of the
stock binaries and libs so that radical ABI changes can go in safely.

Reviewed by:	ru
2007-10-27 18:40:34 +00:00
Ruslan Ermilov
4f6d329f1e - Convert NO_INSTALLLIB option to a new syntax: makefiles should
test MK_INSTALLLIB, users can set WITHOUT_INSTALLLIB.  The old
  NO_INSTALLLIB is still supported as several makefiles set it.

- While here, fix an install when instructed not to install libs
  (usr.bin/lex/lib/Makefile).

PR:		bin/114200
Submitted by:	Henrik Brix Andersen
2007-10-20 19:01:50 +00:00
Ruslan Ermilov
2e0a54d6c0 Align the warning message with the one in bsd.own.mk. 2007-10-20 18:46:15 +00:00
Yaroslav Tykhiy
479f84ca4d Explicitly verify if we have found the VERSION_GEN script
instead of passing the possibly null argument to awk(1) and
getting an obscure error from it.
2007-10-18 15:21:35 +00:00