For now, sandboxing is done only if -n option was specified and neither -z nor
-V options were given. Because it is very common to run tcpdump(8) with the -n
option for speed, I decided to commit sandboxing now. To also support
sandboxing when -n option wasn't specified, we need Casper daemon and its
services that are not available in FreeBSD yet.
- Limit file descriptors of a file specified by -r option or files specified
via -V option to CAP_READ only.
- If neither -r nor -V options were specified, we operate on /dev/bpf.
Limit its descriptor to CAP_READ and CAP_IOCTL plus limit allowed ioctls to
BIOCGSTATS only.
- Limit file descriptor of a file specified by -w option to CAP_SEEK and
CAP_WRITE.
- If either -C or -G options were specified, we open directory containing
destination file and we limit directory descriptor to CAP_CREATE, CAP_FCNTL,
CAP_FTRUNCATE, CAP_LOOKUP, CAP_SEEK and CAP_WRITE. Newly opened/created
files are limited to CAP_SEEK and CAP_WRITE only.
- Enter capability mode if -n option was specified and neither -z nor -V
options were specified.
Approved by: delphij, wxs
Sponsored by: The FreeBSD Foundation
Add MachineBasicBlock::addLiveIn().
This function adds a live-in physical register to an MBB and ensures
that it is copied to a virtual register immediately.
Pull in r185615 from llvm trunk:
Live-in copies go *after* EH_LABELs.
This will soon be tested by exception handling working at all.
Pull in r185617 from llvm trunk:
Simplify landing pad lowering.
Stop using the ISD::EXCEPTIONADDR and ISD::EHSELECTION when lowering
landing pad arguments. These nodes were previously legalized into
CopyFromReg nodes, but that never worked properly because the
CopyFromReg node weren't guaranteed to be scheduled at the top of the
basic block.
This meant the exception pointer and selector registers could be
clobbered before being copied to a virtual register.
This patch copies the two physical registers to virtual registers at
the beginning of the basic block, and lowers the landingpad instruction
directly to two CopyFromReg nodes reading the *virtual* registers. This
is safe because virtual registers don't get clobbered.
A future patch will remove the ISD::EXCEPTIONADDR and ISD::EHSELECTION
nodes.
Together, these changes fix llvm PR 16038 ('qt4 webcore file results in
"Bad machine code: Using an undefined physical register"'), and should
make it possible again to compile the www/qt4-webkit port again on the
i386 arch, without using a CPUTYPE=i686 or higher setting.
the stack in a leaf function that uses TLS.
The issue is, when using TLS, the function is no longer a leaf as it calls
__aeabi_read_tp. With statically linked programs this is not an issue as
it doesn't make use of the stack, however with dynamically linked
applications we enter rtld which does use the stack and makes assumptions
about it's alignment.
This is only a temporary fix until a better patch can be made and submitted
upstream.
- Reconnect with some minor modifications, in particular now selsocket()
internals are adapted to use sbintime units after recent'ish calloutng
switch.
-Add configure support for FreeBSD 10 and 11.
-Adapt a threading fix to gnu POSIX95 (which we don't use).
-Refer to a bug fix for the disabled vrptree support.
This is all useless in our current build but it is included
for convenience in case someone may want to re-package our
older gcc.
Reviewed by: gerald (long ago)
Make PrologEpilogInserter save/restore all callee saved registers in
functions which call __builtin_unwind_init()
__builtin_unwind_init() is an undocumented gcc intrinsic which has
this effect, and is used in libgcc_eh.
Goes part of the way toward fixing PR8541.
This obsoletes the ugly hack to libgcc's unwind code from r245272, and
should also work for other arches, so revert the hack too.
Parse_SetInput:
curFile->fname was using the buffer passed to it - which ReadMakefile frees.
This change makes the comment in ParseEOF about leaking curFile->fname true.
This is actually a fully functional build except:
* All internal shared libraries are static linked to make sure there
is no interference with ports (and to reduce build time).
* It does not have the python/perl/etc plugin or API support.
* By default, it installs as "svnlite" rather than "svn".
* If WITH_SVN added in make.conf, you get "svn".
* If WITHOUT_SVNLITE is in make.conf, this is completely disabled.
To be absolutely clear, this is not intended for any use other than
checking out freebsd source and committing, like we once did with cvs.
It should be usable for small scale local repositories that don't
need the python/perl plugin architecture.
From: Guy Eilam <guy@wizery.com>
Date: Mon, 21 Feb 2011 20:44:46 +0000 (+0200)
Subject: utils: Corrected a typo in header's name definition
utils: Corrected a typo in header's name definition
Corrected a typo in the BASE64_H definition that
might cause the header file to be included more than once.
Signed-off-by: Guy Eilam <guy@wizery.com>
Submitted by: <dt71@gmx.com>
MFC after: 3 days
Allow clang to build __clear_cache on ARM.
__clear_cache is special. It needs no signature, but is a real function in
compiler_rt or libgcc.
Patch by Andrew Turner.
This allows us to build the __clear_cache function in compiler-rt.
Emit native implementations of atomic operations on FreeBSD/armv6.
Just like on Linux, FreeBSD/armv6 assumes the system supports
ldrex/strex unconditionally. It is also used by the kernel. We can
therefore enable support for it, like we do on Linux.
While there, change one of the unit tests to explicitly test against
armv5 instead of armv7, as it actually tests whether libcalls are
emitted.
[ms-inline asm] Fix a crasher when we fail on a direct match.
The issue was that the MatchingInlineAsm and VariantID args to the
MatchInstructionImpl function weren't being set properly. Specifically, when
parsing intel syntax, the parser thought it was parsing inline assembly in the
at&t dialect; that will never be the case.
The crash was caused when the emitter tried to emit the instruction, but the
operands weren't set. When parsing inline assembly we only set the opcode, not
the operands, which is used to lookup the instruction descriptor.
rdar://13854391 and PR15945
Also, this commit reverts r176036. Now that we're correctly parsing the intel
syntax the pushad/popad don't match properly. I've reimplemented that fix using
a MnemonicAlias.
Pull in r183907 from llvm trunk:
X86: Make the cmov aliases work with intel syntax too.
These commits make a number of Intel-style inline assembly mnemonics
aliases (occurring in several ports) work properly, which could cause
assertions otherwise.
Reported by: kwm, bapt
2011-11-14 Jim Ingham <jingham@apple.com>
* dwarf2read.c (read_type_die): Handle DW_TAG_unspecified_type.
(read_tag_unspecified_type): New function, add a type for the
DW_TAG_unspecified_type die.
Obtained from: Apple, gdb-1752
PR15662: Optimized debug info produces out of order function
parameters
When a function is inlined we lazily construct the variables
representing the function's parameters. After that, we add any
remaining unused parameters.
If the function doesn't use all the parameters, or uses them out of
order, then the DWARF would produce them in that order, producing a
parameter order that doesn't match the source.
This fix causes us to always keep the arg variables at the start of
the variable list & in the original order from the source.
Reported by: avg
MFC after: 1 week
Add support for optimized (non-generic) atomic libcalls.
For integer types of sizes 1, 2, 4 and 8, libcompiler-rt (and libgcc)
provide atomic functions that pass parameters by value and return
results directly.
libgcc and libcompiler-rt only provide optimized libcalls for
__atomic_fetch_*, as generic libcalls on non-integer types would make
little sense. This means that we can finally make __atomic_fetch_*
work
on architectures for which we don't provide these operations as
builtins
(e.g. ARM).
This should fix the dreaded "cannot compile this atomic library call
yet" error that would pop up once every while.
This should make it possible for me to get C11 atomics working on all of
our platforms.
Initial support for the AMD amdfam10 chipsets has been available in the
gcc43 branch under GPLv2. AMD and some linux distributions (OpenSUSE) did
a backport of the amdfam10 support and made it available.
This is a revised subset of the support initially brought in in r236962
and later reverted. The collateral efects seem to have disappeared but
it is still recommended to set the CPUTYPE with caution.
Reviewed by: jkim (ages ago)
MFC after: 3 weeks
The "automatic" login feature is described as follows:
The USER environment variable holds the name of the person telnetting in.
This is the username of the person on the client machine. The traditional
behaviour is to execute login(1) with this username first, meaning that
login(1) will prompt for the password only. If login fails, login(1) will
retry, but now prompt for the username before prompting for the password.
This feature got broken by how the environment got scrubbed. Before the
change in r69825 we removed variables that we deemed dangerous. Starting
with r69825 we only keep those variable we know to be safe.
The USER environment variable fell through the cracks. It suddenly got
scrubbed (i.e. removed from the environment) while still being checked
for. It also got explicitly removed from the environment to handle the
failed login case.
The fix is to obtain the value of the USER environment variable before
we scrub the environment and used the "cached" in subsequent checks.
This guarantees that the environment does not contain the USER variable
in the end, while still being able to implement "automatic" login.
Obtained from: Juniper Networks, Inc.
LoopVectorize: LoopSimplify can't canonicalize loops with an
indirectbr in it, don't assert on those cases.
Fixes PR16139.
This should fix clang assertion failures when optimizing at -O3, similar
to:
Assertion failed: (TheLoop->getLoopPreheader() && "No preheader!!"),
function canVectorize, file
contrib/llvm/lib/Transforms/Vectorize/LoopVectorize.cpp, line 2171.
Reported by: O. Hartmann <ohartman@zedat.fu-berlin.de>
PR: ports/178332, ports/178977
MFC after: 3 days