if we got a Login Response PDU without the "T" bit set, try again with
an empty request. This fixes interoperability with COMSTAR.
Reviewed by: mav@
Tested by: mav@
MFC after: 1 week
merge(1), which is part of the RCS package, it must not be installed if
WITHOUT_RCS update is set. Otherwise, it will produce confusing errors.
CR: https://reviews.freebsd.org/D691
MFC after: 1 week
Sponsored by: Spectra Logic
NetBSD's virtio-net implementation doesn't negotiate
the merged rx-buffers feature. To support this, check
to see if the feature was negotiated, and then adjust
the operation of the receive path accordingly by using
a larger iovec, and a smaller rx header.
In addition, ignore writes to the (read-only) status byte.
Tested with NetBSD/amd64 5.2.2, 6.1.4 and 7-beta.
Reviewed by: neel, tychon
Phabric: D745
MFC after: 3 days
when the initiator skips security negotiation. This fixes interoperability
with Xtend SAN initiator.
PR: 193021
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Note that this is a workaround, not a proper solution. If you know
lex well, and want to help - please let me know, I'll explain how it
should work.
PR: 192968
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
used prior to f_dialog_init() -- e.g., in a script that sets
DIALOG_SELF_INITIALIZE to NULL, preventing f_dialog_init() from being run
automaticaly when `dialog.subr' is included. Caused by sub-shell processing
of arguments inheriting prior value of $OPTIND, used by getopts. Solved by
unsetting OPTIND prior to [re-]processing of positional arguments.
While there, add a NO_WTHREAD_SAFETY flag that can be used to disable
this specific warning flag. Disable it for auditdistd. We can easily
patch up auditdistd to have the right annotations to build, but as
auditdistd is intended to be portable across other operating systems,
it's not worth the effort.
Approved by: brueffer@
packets at all. Swapping byte order on SOCK_RAW was actually a bug, an
artifact from the BSD network stack, that used to convert a packet to
native byte order once it is received by kernel.
Other operating systems didn't follow this, and later other BSD
descendants fixed this, leaving us alone with the bug. Now it is
clear that we should fix the bug.
In collaboration with: Olivier Cochard-Labbé <olivier cochard.me>
See also: https://wiki.freebsd.org/SOCK_RAW
Sponsored by: Nginx, Inc.
in the emulation of the task switch. If any exceptions are triggered then the
guest %rip should point to instruction that caused the task switch as opposed
to the one after it.
Also, add a missing LIBPANEL dependency for lldb
Approved by: rpaulo (mentor)
Suggested by: brooks
MFC after: 5 days
Phabric: D675 (as part of a larger diff)
PR: 192762
The executable itself doesn't contain any privileged information.
An example of where this is useful is when makefs(8) is creating an image
that includes /sbin/shutdown. This can now be done without root privileges.
Reviewed by: delphij
Discussed with: delphij, des
CR: https://reviews.freebsd.org/D662
Sometimes nmount(2) will fail without setting errmsg. The previous (ignored)
error would then be shown as the reason for the failed call if the next
nmount(2) also fails without [ENOENT,ENOTSUP].
An example is when there is a tmpfs mounted with -o size. vfs_filteropt() adds
'size' as an error in errmsg due to 'size' not being in tmpfs_updateopts. Then
tmpfs_mount returns [ENOTSUP] from nmount(2), which is then ignored. The next
call may race with an unmount causing an invalid [EINVAL] that then does log an
error, with the tmpfs errmsg.
The race itself is a separate issue to fix as it is expected to have an
[ENOENT] returned instead.
In this example the mount being shown is actually nullfs, not tmpfs that the
error is from.
mountd[740]: can't delete exports for /poudriere/data/.m/exp-head-commit-test-devel/04/.npkg: Invalid argument mount option <size> is unknown
It should only show:
mountd[740]: can't delete exports for /poudriere/data/.m/exp-head-commit-test-devel/04/.npkg: Invalid argument
MFC after: 2 weeks
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
where it never would work anyhow, such as csu or loader. This suggests
there may be better ways of adding support to the tree. Many of these
cases can be fixed such that -fPIE will work but there is really no
reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
really building libraries but have been using bsd.prog.mk because the code
is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
been needed.
We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.
Reported by: kib
UNIX systems, eg. MacOS X and Solaris. It uses Sun-compatible map format,
has proper kernel support, and LDAP integration.
There are still a few outstanding problems; they will be fixed shortly.
Reviewed by: allanjude@, emaste@, kib@, wblock@ (earlier versions)
Phabric: D523
MFC after: 2 weeks
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Add the ACPI MCFG table to advertise the extended config memory window.
Introduce a new flag MEM_F_IMMUTABLE for memory ranges that cannot be deleted
or moved in the guest's address space. The PCI extended config space is an
example of an immutable memory range.
Add emulation for the "movzw" instruction. This instruction is used by FreeBSD
to read a 16-bit extended config space register.
CR: https://phabric.freebsd.org/D505
Reviewed by: jhb, grehan
Requested by: tychon
