7.0.1 release r349250. There were no functional changes since the 7.0.1
rc3 import.
PR: 230240, 230355
Relnotes: yes
MFC after: 2 months
X-MFC-With: r341825
The sender has .not_terminated file. It gets disconnected. The last trail
file is then terminated without adding new data (this can happen for example
when auditd is being stopped on the sender). After reconnect the .not_terminated
was not renamed on the receiver as it should.
We were already handling similar situation where the sender crashed and the
.not_terminated trail file was renamed to .crash_recovery. Extend this case to
handle the situation above.
If user input a string larger than the length of buffer, the stack
memory will be corrupted.
Approved by: hselasky (mentor)
MFC after: 1 week
Sponsored by: Mellanox Technologies
are committed separately to document fixing them separately from
the general cleanup. In this case we don't want to hide the utter
brokenness of what is being fixed.
Clean up a discombobulated block of #if's, with one block unreachable.
ip_fil.c is used in ipftest which is used to dry-run test ipfilter
rules in userspace without loading them in the kernel. The call to
(*ifp->if_output) matches that in the FreeBSD kernel.
Further testing and work will be required to make ipftest fully
functional.
MFC after: 1 week
is that both file name and current directory is recorded, however
file name sometimes already contains absolute path. In which case
prefixing it with directory name results in an invalid pathname.
Only append directory name if the file name does not start with '/'.
This seems to DTRT.
Approved by: emaste
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D18290
Also, make the path to the example configuration file absolute.
Reviewed by: bcr
Approved by: krion (mentor, implicit), mat (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D17985
Avoid touching all pages in extent_recycle for debug build.
We may have a large number of pages with *zero set (since they are populated on
demand). Only check the first page to avoid paging in all of them.
This makes it easy to compare performance with and without 'retain:true'.
Discussed with: jasone
Obtained from: Qi Wang <interwq at gwu dot edu>
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
This fixes alignment in vi's 'viusage' command and has been fixed
upstream and in OpenBSD.
Submitted by: Raf Czlonka (github:rjc)
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd/pull/122
This was shown to be a problem by side effect of now-enabled test case,
which was going through C, en_US.UTF-8, ja_JP.SJIS, and ja_JP.eucJP,
and failing eventually as data in mbrtowc's mbstate, that was
perfectly correct for en_US.UTF-8 was treated as incorrect for
ja_JP.SJIS, failing the entire test case.
This makes the persistent mbstates to be per ctype-component,
and not per-locale so we could easily reset the mbstates when
only LC_CTYPE is changed.
Reviewed by: bapt, pfg
Approved by: kib (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D17796
Set commit properly for FreeBSD w/ overcommit.
When overcommit is enabled, commit needs to be set when doing mmap(). The
regression was introduced in f80c97e.
This fixes 'retain:true'.
Discussed with: jasone
Obtained from: Qi Wang <interwq at gwu dot edu>
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
The writeRandomBytes_arc4random is not used if the arc4random_buf
is available. This caused compiler to throw warnings which are treated as
an error in libexpact.
Approved by: vangyzen
Update contrib/expat by merging from the vendor branch.
Update expat_config.h manually, using
make -C /usr/ports/textproc/expat2 configure
as a baseline.
MFC after: 1 month
Relnotes: yes
Security: yes; see contrib/expat/Changes since 2.2.0
Sponsored by: Dell EMC Isilon
This ELF note will be used to allow binaries to opt out of, or in to,
upcoming vulnerability mitigation and other features.
Committing the definition and readelf change separately to allow
independent MFC.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
- Document that mount_smbfs(8) only supports SMB1 and that SMB2 and SMB3
are not supported at the moment. Suggest users to browse ports for
software compatible with newer versions of the protocol.
- Copy supported servers list from README.
- Add a SEE ALSO section and reference the chapter about Samba in the
FreeBSD Handbook.
- Add a HISTORY section.
- Style changes:
- Use Dq instead of Em in the EXAMPLES section.
- Mark command modifiers with Cm.
Reviewed by: bcr
Approved by: krion (mentor, implicit), mat (mentor, implicit)
MFC after: 1 week
Sponsored by: Bally Wulff Games & Entertainment GmbH
Differential Revision: https://reviews.freebsd.org/D17798
> Remove doaccess variable and access(2) call since this interfers with
> applications like zdump(8) because pledge(2) doesn't allow access(2) to
> /usr/share/zoneinfo.
>
> millert@ better described why this call can go away:
>
> "This looks like an attempt to do access checks based on the real uid instead
> of the effective uid. Basically for setuid programs we don't want to allow a
> user to set TZ to a path they should not be able to otherwise access.
>
> However, we already have a check for issetugid() above so I think the doaccess
> bits can just be removed and we can rely on open()."
>
> After discussion with tb@, deraadt@ and millert@, this was also OK'ed by them
Reviewed by: imp
Obtained from: OpenBSD
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D17701