Commit Graph

5203 Commits

Author SHA1 Message Date
Warner Losh
1376924697 nanobsd: remove psuedo-terminals from ttys
Yowsa! Another review mentioned this in passing... Only 10 years late.

Sponsored by:		Netflix
2021-11-18 22:55:57 -07:00
Jose Luis Duran
9f6c794ee2 NanoBSD/rescue: Update to 20200214 OpenSSH configuration files
No functional change intended.
2021-11-18 22:55:46 -07:00
Gleb Smirnoff
964035c409 git-arc: with "create" allow to specify parent of the first commit
Reviewed by:		markj
Differential revision:	https://reviews.freebsd.org/D33045
2021-11-18 18:49:20 -08:00
Gleb Smirnoff
760be44702 git-arc: document "create" command options
Differential revision:	https://reviews.freebsd.org/D33045
2021-11-18 18:47:44 -08:00
Peter Holm
fb41143324 Added a new unionfs test scenario. Removed a few old unionfs tests from
the exclude list
2021-11-15 10:40:51 +01:00
Dimitry Andric
6e75b2fbf9 Merge llvm-project release/13.x llvmorg-13.0.0-rc1-97-g23ba3732246a
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvmorg-13.0.0-rc1-97-g23ba3732246a.

PR:		258209
MFC after:	2 weeks
2021-11-13 21:42:03 +01:00
Dimitry Andric
fe6060f10f Merge llvm-project main llvmorg-13-init-16847-g88e66fa60ae5
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvmorg-13-init-16847-g88e66fa60ae5, the last commit before
the upstream release/13.x branch was created.

PR:		258209
MFC after:	2 weeks
2021-11-13 21:39:49 +01:00
Peter Holm
7e3c4b09a0 stress2: Added two test scenarios for future gunion(8) 2021-11-11 10:11:49 +01:00
Peter Holm
6ffad483ff stress2: Added a new zfs test scenario 2021-11-10 10:27:44 +01:00
Peter Holm
7b83aad3ff stress2: Exclude the files in .git. Simplify test by using timeout(1) 2021-11-09 08:28:12 +00:00
Ed Maste
e9a994639b ssh: enable FIDO/U2F keys
Description of FIDO/U2F support (from OpenSSH 8.2 release notes,
https://www.openssh.com/txt/release-8.2):

  This release adds support for FIDO/U2F hardware authenticators to
  OpenSSH. U2F/FIDO are open standards for inexpensive two-factor
  authentication hardware that are widely used for website
  authentication.  In OpenSSH FIDO devices are supported by new public
  key types "ecdsa-sk" and "ed25519-sk", along with corresponding
  certificate types.

  ssh-keygen(1) may be used to generate a FIDO token-backed key, after
  which they may be used much like any other key type supported by
  OpenSSH, so long as the hardware token is attached when the keys are
  used. FIDO tokens also generally require the user explicitly
  authorise operations by touching or tapping them.

  Generating a FIDO key requires the token be attached, and will
  usually require the user tap the token to confirm the operation:

    $ ssh-keygen -t ecdsa-sk -f ~/.ssh/id_ecdsa_sk
    Generating public/private ecdsa-sk key pair.
    You may need to touch your security key to authorize key generation.
    Enter file in which to save the key (/home/djm/.ssh/id_ecdsa_sk):
    Enter passphrase (empty for no passphrase):
    Enter same passphrase again:
    Your identification has been saved in /home/djm/.ssh/id_ecdsa_sk
    Your public key has been saved in /home/djm/.ssh/id_ecdsa_sk.pub

  This will yield a public and private key-pair. The private key file
  should be useless to an attacker who does not have access to the
  physical token. After generation, this key may be used like any
  other supported key in OpenSSH and may be listed in authorized_keys,
  added to ssh-agent(1), etc. The only additional stipulation is that
  the FIDO token that the key belongs to must be attached when the key
  is used.

To enable FIDO/U2F support, this change regenerates ssh_namespace.h,
adds ssh-sk-helper, and sets ENABLE_SK_INTERNAL (unless building
WITHOUT_USB).

devd integration is not included in this change, and is under
investigation for the base system.  In the interim the security/u2f-devd
port can be installed to provide appropriate devd rules.

Reviewed by:	delphij, kevans
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32509
2021-11-04 13:01:44 -04:00
Ed Maste
065ef8f783 Add descriptions for WITH_ASAN and WITH_UBSAN
Reviewed by:	jrtc27
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32773
2021-11-01 10:48:56 -04:00
Peter Holm
97a74bbe38 stress2: Added a regression test 2021-10-29 09:04:49 +00:00
John Baldwin
2f7f899536 libdialog: Bump shared library version to 10.
The upgrade to libdialog 1.3 included changes to the ABI.

Bump libdpv to 3 since it links against libdialog.

Reported by:	Mark Millard <marklmi@yahoo.com>
Reviewed by:	bapt
Fixes:		a96ef45019 dialog: import dialog 1.3-20210117
Differential Revision:	https://reviews.freebsd.org/D32675
2021-10-27 09:30:24 -07:00
Ed Maste
48cb3fee25 Retire obsolete iscsi_initiator(4)
The new iSCSI initiator iscsi(4) was introduced with FreeBSD 10.0, and
the old intiator was marked obsolete shortly thereafter (in commit
d32789d95c, MFC'd to stable/10 in ba54910169).  Remove it now.

Reviewed by:	jhb, mav
Relnotes:	yes
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32673
2021-10-26 16:17:35 -04:00
Peter Holm
cbc3ecb7ef stress2: Added two syzkaller reproducers 2021-10-26 09:59:04 +00:00
Peter Holm
50b8e3efaf stress2: Fix typo 2021-10-23 06:39:36 +00:00
Ed Maste
7b1e19ad78 Add libfido2 to the build
From https://github.com/Yubico/libfido2:

    libfido2 provides library functionality and command-line tools to
    communicate with a FIDO device over USB, and to verify attestation
    and assertion signatures.

    libfido2 supports the FIDO U2F (CTAP 1) and FIDO 2.0 (CTAP 2)
    protocols.

libfido2 will be used by ssh to support FIDO/U2F keys. It is currently
intended only for use by ssh, and so is installed as a PRIVATELIB and is
placed in the ssh pkgbase package.

This is currently disabled for the 32-bit library build as libfido2 is
not compatible with the COMPAT_32BIT hack in usb_ioctl.h.

Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32448
2021-10-22 19:57:57 -04:00
Baptiste Daroussin
2a213a2e28 OptionalObsoleteFiles: add more googletest files to remove 2021-10-20 14:18:37 +02:00
Peter Holm
8d7fe65348 stress2: Added a "mdconfig -o force" test scenario 2021-10-20 06:01:58 +00:00
Kyle Evans
8c22b9f3ba Fix cross-building on Linux/aarch64
Add necessary bits to detect ELF format on Linux/aarch64; note that
Linux calls it aarch64 where we would typically call it arm64 (uname -m)

Reviewed by:	arichardson, emaste, imp
Sponsored by:	Ampere Computing LLC
Sponsored by:	Klara Inc.
Differential Revision:	https://reviews.freebsd.org/D32542
2021-10-18 11:09:00 -05:00
Peter Holm
6deacc1b3b stress2: Move test added by mistake
Reported by: markj
2021-10-18 13:30:42 +00:00
Ed Maste
2e85df652c Add libcbor to the build
From https://github.com/PJK/libcbor:

    libcbor is a C library for parsing and generating CBOR, the general-
    purpose schema-less binary data format.

libcbor will be used by ssh to support FIDO/U2F keys.  It is currently
intended only for use by ssh, and so is installed as a PRIVATELIB and is
placed in the ssh pkgbase package.

cbor_export.h and configuration.h were generated by the upstream CMake
build.  We could create them with bmake rules instead (as NetBSD has
done) but this is a fine start.

This is currently disabled for the 32-bit library build as libfido2 is
not compatible with the COMPAT_32BIT hack in usb_ioctl.h, and there is
no need for libcbor without libfido2.

Reviewed by:	kevans
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32347
2021-10-15 15:10:24 -04:00
Cameron Katri
1b85b68da0 llvm-readobj: Attach to buildsystem
Also install it as readelf when MK_LLVM_BINUTILS is set.

Reviewed By:	dim, arichardson
Differential Revision: https://reviews.freebsd.org/D32058
2021-10-14 17:18:05 +01:00
Peter Holm
fc22fe5c74 stress2: Use two memory disks for this test 2021-10-12 06:45:19 +00:00
Alex Richardson
a89410ef91 cross-build: fix some redeclaration warnings during bootstrap
MFC after:	3 days
2021-10-11 11:57:54 +01:00
Alex Richardson
88c027338f Update OptionalObsoleteFiles.inc after 021385aba5
I forgot to update this file so make delete-old would incorrectly remove
the newly-installed LLVM binutils. While touching the file also update
for 8e1c989abb since ObsoleteFiles.inc now inludes the tablegen binaries.

Reported by:	Herbert J. Skuhra <herbert@gojira.at>
Reviewed By:	emaste, imp

Differential Revision: https://reviews.freebsd.org/D32022
2021-10-11 11:46:31 +01:00
Warner Losh
880aec7361 cross-build: Remove redundant lines.
There's two identical gid_from_group lines in a row. We only need one.
Ditto for uid_from_user().

Sponsored by:		Netflix
Reviewed by:		bapt, jrtc27
Differential Revision:	https://reviews.freebsd.org/D32442
2021-10-10 11:17:14 -06:00
Ed Maste
032448cd2c Belatedly track private lib renaming for OptionalObsoleteFiles.inc
Reviewed by:	kevans
Fixes:		5551c57355 ("Rework PRIVATELIB")
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D32384
2021-10-08 23:15:56 -04:00
Peter Holm
89ec6dcce0 stress2: Added a regression test 2021-10-08 06:38:17 +00:00
Peter Holm
e6c28c2465 stress2: exclude known problem test 2021-10-08 06:35:17 +00:00
John Baldwin
42dcd39528 crypto: Support Chacha20-Poly1305 with a nonce size of 8 bytes.
This is useful for WireGuard which uses a nonce of 8 bytes rather
than the 12 bytes used for IPsec and TLS.

Note that this also fixes a (should be) harmless bug in ossl(4) where
the counter was incorrectly treated as a 64-bit counter instead of a
32-bit counter in terms of wrapping when using a 12 byte nonce.
However, this required a single message (TLS record) longer than 64 *
(2^32 - 1) bytes (about 256 GB) to trigger.

Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32122
2021-10-06 14:08:49 -07:00
John Baldwin
bcb0fd6acc cryptocheck: Support multiple IV sizes for AES-CCM.
By default, the "normal" IV size (12) is used, but it can be overriden
via -I.  If -I is not specified and -z is specified, issue requests
for all possible IV sizes.

Reviewed by:	markj
Sponsored by:	 Chelsio Communications, The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D32110
2021-10-06 14:08:47 -07:00
Baptiste Daroussin
cbc83e378a ncurses: chase dependency changes in the source tree
Differential Revision:	https://reviews.freebsd.org/D32098
2021-10-04 11:38:24 +02:00
Vincenzo Maffione
f7cef43aa9 nemtap: lb app: Validate ihl field when hashing packet
MFC after:	1 week
2021-09-26 13:48:21 +00:00
Baptiste Daroussin
88741a40c8 check-links.sh: treat PIE executable as elf files 2021-09-23 04:49:57 +02:00
Peter Holm
9ac518adf0 stress2: Update test to ensure propper cleanup of fifo files 2021-09-20 07:36:27 +00:00
Warner Losh
7cf62c68c0 nanobsd: Provide empty routines for new embedded scheme
calculate_partitioning and create_code_slice are now required in
nanobsd.sh. While things work with the ones provided by legacy.sh, it's
fighting embedded/common's other actions. Instead, replace them with
stubs.

Sponsored by:		Netflix
2021-09-16 11:54:18 -06:00
Konstantin Belousov
9a8eb5db55 test/ptrace/scescx.c: fix printing of braces for syscalls without args
Also do not print stray closing brace for error condition.

Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2021-09-16 20:26:18 +03:00
Peter Holm
bab406830a stress2: Added more unionfs tests 2021-09-16 06:29:07 +00:00
Alan Somers
ff33e5c83f stress2: replace fuse.ko with fusefs.ko
It got renamed in FreeBSD 13

Reviewed by:	pho
MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision: https://reviews.freebsd.org/D31963
2021-09-15 12:59:21 -06:00
Alan Somers
5dc5f849be tools/test/upsdl: fix compiler warnings
MFC after:	2 weeks
Sponsored by:	Axcient
2021-09-14 14:50:01 -06:00
Peter Holm
94c678cf19 stress2: A two second timeout is too short 2021-09-14 07:50:26 +00:00
Edward Tomasz Napierala
ddedf2a11e tzcode: Implement timezone change detection
Implement optional timezone change detection for local time libc
functions.  This is disabled by default; set WITH_DETECT_TZ_CHANGES
to build it.

Reviewed By:	imp
Sponsored by:	NetApp, Inc.
Sponsored by:	Klara, Inc.
X-NetApp-PR:	#47
Differential Revision:	https://reviews.freebsd.org/D30183
2021-09-12 03:07:58 +00:00
Peter Holm
89379af43f stress2: Update test to the sysctl 'vfs.lookup_shared' being removed 2021-09-13 08:56:06 +00:00
Peter Holm
ddd74e40e2 stress2: Added missing unmount 2021-09-13 08:55:19 +00:00
Peter Holm
f2c9a8b9d9 stress2: Add a syzkaller reproducer 2021-09-09 07:30:47 +00:00
Jose Luis Duran
94d9439b6b Fix cross-builds after 4e5d32a445
Add alignment macros to cross-build's sys/cdefs.h

Pull Request:	https://github.com/freebsd/freebsd-src/pull/531
MFC after:	immediately (build fix)
2021-09-07 10:53:50 +01:00
Robert Wing
8a004a98c2 git-arc: allow word splitting in build_commit_list()
git-rev-list expects commits to be listed separately, allow word
splitting and disable shellcheck SC2086 when using git-rev-list
to build the commit list.

Fixes: 4fd0c6ab1a ("Fix most shellcheck warnings in git-arc.sh")
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D31838
2021-09-06 07:42:46 -08:00
Edward Tomasz Napierala
439aa58728 iconv: Fix "make make-ref"
The purpose of this command is to "refresh" the source reference
files generated with GNU libiconv, located in tools/test/iconv/ref/.
Previously it would generate copies somewhere in OBJDIR, which
we don't use.

Reviewed By:	allanjude
Sponsored by:   Klara, Inc.
Differential Revision:	https://reviews.freebsd.org/D31820
2021-09-06 15:47:35 +01:00