Commit Graph

21138 Commits

Author SHA1 Message Date
Piotr Pawel Stefaniak
39c64ed6d1 libutil: remove extraneous ": " from error messages
Each of the err() family of functions already takes care of that.
2020-06-20 06:10:42 +00:00
Mateusz Piotrowski
3b3e9cfb1b Fix a typo in cpuset_getdomain.2
PR:		247385
Reported by:	Paul Floyd <paulf free.fr>
MFC after:	1 week
2020-06-18 19:03:20 +00:00
Michael Tuexen
df2fca7ba8 Whitespace changes, not functional change intended.
MFC after:		1 week
2020-06-18 16:22:09 +00:00
Gordon Bergling
b7d33ccd65 fgetln(3): Add a Caveats Section
Reviewed by:	yuripv, bcr (mentor)
Approved by:	bcr (mentror)
Obtained from:	OpenBSD
MFC after:	7 days
Differential Revision:	https://reviews.freebsd.org/D24916
2020-06-18 13:13:04 +00:00
Xin LI
e743706d58 Fix installation of magic file.
Reported by:	lwhsu
MFC after:	2 weeks
X-MFC-with:	r362258
2020-06-17 15:57:59 +00:00
Andrew Turner
b6aadd183a Update opencsd to 0.14.2
Sponsored by:	Innovate UK
2020-06-17 10:42:20 +00:00
Xin LI
2726a70148 MFV r362254: file 5.39.
MFC after:	2 weeks
2020-06-17 07:41:28 +00:00
Marc Fonvieille
a9c7e6bd61 Fix pointer name to match the name used in the function prototype
above (and in termios.c).

Discussed with:	Rodney W. Grimes <rgrimes@FreeBSD.org>
2020-06-16 17:05:38 +00:00
Gordon Bergling
421f325efc libcasper(3): Document HISTORY within the manpages
Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
MFC after:		7 days
Differential Revision:	https://reviews.freebsd.org/D24695
2020-06-16 16:48:52 +00:00
John Baldwin
99282790b7 Remove the sed hack for ABI tag notes.
The ELF notes compiled in C were placed in a section with the wrong type
(SHT_PROGBITS instead of SHT_NOTE).  Previously, sed was used on the
generated assembly to rewrite the section type.  Instead, write the notes
in assembly which permits setting the correct section type directly.

While here, move inline assembly entry points out of C and into assembly
for aarch64, arm, and riscv.

Reviewed by:	kib
Tested on:	amd64 (cirrus-ci), riscv64
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D25211
2020-06-15 19:38:48 +00:00
Gordon Bergling
e0f7c06de2 libc manpages: various improvements from NetBSD
- Add STANDARDS and HISTORY sections within the appropriate manpages
- Mention two USENIX papers within kqueue(2) and strlcpy(3)

Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
Obtained from:	NetBSD
MFC after:	7 days
Differential Revision: https://reviews.freebsd.org/D24650
2020-06-14 05:59:30 +00:00
Gordon Bergling
bc89b58def libutil: Document function HISTORY within the manpages
Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
MFC after:	7 days
Differential Revision:	https://reviews.freebsd.org/D24795
2020-06-14 05:35:02 +00:00
Konstantin Belousov
6cf8fba381 procctl(2): document PROC_KPTI
Reviewed by:	bcr
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25258
2020-06-13 18:19:42 +00:00
Konstantin Belousov
7e54fea1d1 procctl(2): consistently refer to the data pointer as 'data'.
Reviewed by:	bcr
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25258
2020-06-13 18:18:34 +00:00
Simon J. Gerraty
3e6e3de0aa verify_pcr_export: bump kenv_mvallen if needed
The loader.ve.hashed list can easily exceed KENV_MVALLEN.
If so, bump kenv_mvallen to a multiple of KENV_MVALLEN to
accommodate the value.

Reviewed by:	stevek
MFC after:	1 week
2020-06-12 21:55:30 +00:00
Kyle Evans
ebff66b3c3 posix_spawn: fix for some custom allocator setups
libc cannot assume that aligned_alloc and free come from jemalloc, or that
any application providing its own malloc and free is actually providing
aligned_alloc.

Switch back to malloc and just make sure we're passing a properly aligned
stack into rfork_thread, as an application perhaps can't reasonably replace
just malloc or just free without headaches.

This unbreaks ksh93 after r361996, which provides malloc/free but no
aligned_alloc.

Reported by:	freqlabs
Diagnosed by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
X-MFC-With:	r361996
2020-06-12 18:13:32 +00:00
Konstantin Belousov
2ef84b7da9 Add pthread_getname_np() and pthread_setname_np() aliases for
pthread_get_name_np() and pthread_set_name_np().

This re-applies r361770 after compatibility fixes.

Reviewed by:	antoine, jkim, markj
Tested by:	antoine (exp-run)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25117
2020-06-10 22:13:24 +00:00
Kyle Evans
1849fbb0b1 Add missing shell script from r361995
Pointy hat:	kevans
Reported by:	rpokala
X-MFC-With:	r361995
2020-06-10 03:04:36 +00:00
Kyle Evans
f0fbdf1f4f execvPe: obviate the need for potentially large stack allocations
Some environments in which execvPe may be called have a limited amount of
stack available. Currently, it avoidably allocates a segment on the stack
large enough to hold PATH so that it may be mutated and use strsep() for
easy parsing. This logic is now rewritten to just operate on the immutable
string passed in and do the necessary math to extract individual paths,
since it will be copying out those segments to another buffer anyways and
piecing them together with the name for a full path.

Additional size is also needed for the stack in posix_spawnp(), because it
may need to push all of argv to the stack and rebuild the command with sh in
front of it. We'll make sure it's properly aligned for the new thread, but
future work should likely make rfork_thread a little easier to use by
ensuring proper alignment.

Some trivial cleanup has been done with a couple of error writes, moving
strings into char arrays for use with the less fragile sizeof().

Reported by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
Reviewed by:	jilles, kib, Andrew Gierth
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25038
2020-06-10 01:32:13 +00:00
Kyle Evans
301cb491ea execvp: fix up the ENOEXEC fallback
If execve fails with ENOEXEC, execvp is expected to rebuild the command
with /bin/sh instead and try again.

The previous version did this, but overlooked two details:

argv[0] can conceivably be NULL, in which case memp would never get
terminated.  We must allocate no less than three * sizeof(char *) so we can
properly terminate at all times. For the non-NULL argv standard case, we
count all the non-NULL elements and actually skip the first argument, so we
end up capturing the NULL terminator in our bcopy().

The second detail is that the spec is actually worded such that we should
have been preserving argv[0] as passed to execvp:

"[...] executed command shall be as if the process invoked the sh utility
using execl() as follows:

execl(<shell path>, arg0, file, arg1, ..., (char *)0);

where <shell path> is an unspecified pathname for the sh utility, file is
the process image file, and for execvp(), where arg0, arg1, and so on
correspond to the values passed to execvp() in argv[0], argv[1], and so on."

So we make this change at this time as well, while we're already touching
it. We decidedly can't preserve a NULL argv[0] as this would be incredibly,
incredibly fragile, so we retain our legacy behavior of using "sh" for
argv[] in this specific instance.

Some light tests are added to try and detect some components of handling the
ENOEXEC fallback; posix_spawnp_enoexec_fallback_null_argv0 is likely not
100% reliable, but it at least won't raise false-alarms and it did result in
useful failures with pre-change libc on my machine.

This is a secondary change in D25038.

Reported by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
Reviewed by:	jilles, kib, Andrew Gierth
MFC after:	1 week
2020-06-10 01:30:37 +00:00
Kyle Evans
04391da364 libusb: improve compatibility
Specifically, add LIBUSB_CLASS_PHYSICAL and the libusb_has_capability API.
Descriptions and functionality for these derived from the
documentation at [0].  The current set of capabilities are all supported by
libusb.

These were detected as missing after updating net/freerdp to 2.1.1, which
attempted to use both.

[0] http://libusb.sourceforge.net/api-1.0/group__libusb__misc.html

Reviewed by:	hselasky
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25194
2020-06-09 17:17:43 +00:00
Ed Maste
24ed6f550a Rename skein_block_asm.s to .S and assemble using Clang IAS
Comparing the object files produced by GNU as 2.17.50 and Clang IAS
shows many immaterial changes in strtab etc., and one material change
in .text:

   1bac:  4c 8b 4f 18             mov    0x18(%rdi),%r9
   1bb0:  eb 0e                   jmp    1bc0 <Skein1024_block_loop>
-  1bb2:  66 66 2e 0f 1f 84 00    data16 nopw %cs:0x0(%rax,%rax,1)
-  1bb9:  00 00 00 00
-  1bbd:  0f 1f 00                nopl   (%rax)
+  1bb2:  66 2e 0f 1f 84 00 00    nopw   %cs:0x0(%rax,%rax,1)
+  1bb9:  00 00 00
+  1bbc:  0f 1f 40 00             nopl   0x0(%rax)

 0000000000001bc0 <Skein1024_block_loop>:
 Skein1024_block_loop():
   1bc0:  4c 8b 47 10             mov    0x10(%rdi),%r8
   1bc4:  4c 03 85 c0 00 00 00    add    0xc0(%rbp),%r8

That is, GNU as and Clang's integrated assembler use different multi-
byte NOPs for alignment (GNU as emits an 11 byte NOP + a 3 byte NOP,
while Clang IAS emits a 10 byte NOP + a 4 byte NOP).

Dependency cleanup hacks are not required, because we do not create
.depend files from GNU as.

Reviewed by:	allanjude, arichardson, cem, tsoome
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8434
2020-06-06 00:35:41 +00:00
Ed Maste
f2b8688664 Also pass SKEIN_USE_ASM to the assembler, via AFLAGS 2020-06-05 18:56:43 +00:00
Mark Johnston
13776bf736 librtld_db: Handle anonymous mappings below the first file mapping.
r360979 erroneously assumed that the lowest mapping in an address space
would be a file mapping, but of course this is not true in general.

Reported and tested by:	Frederic Chardon <chardon.frederic@gmail.com>
MFC after:	3 days
2020-06-05 18:44:14 +00:00
Ed Maste
310e81aede Apply C SKEIN_LOOP setting only to skein_block.c
Otherwise if assembling skein_block_asm.s with Clang's integrated assembler
we can pass conflicting SKEIN_LOOP settings (via CFLAGS and ACFLAGS).
2020-06-05 17:00:38 +00:00
Alex Richardson
3fe733f375 csu: Avoid additional nops in the MIPS INIT_CALL_SEQ macro
Since we had a .set reorder, the nop after the "jal" was being placed after
the delay slot, resulting in two nops.
While changing this code also guard the .set noreorder with .set push/pop
and use $zero as the cpsetup save register since we don't need to save $gp.

Reviewed By:	jhb
Differential Revision: https://reviews.freebsd.org/D25025
2020-06-05 08:46:55 +00:00
Alex Richardson
652f26f9c5 Avoid using non-portable dd status=none flag
Copying the approach chosen in r309412. This fixes building the libc tests
on a macOS host since the macOS /bin/dd binary does not support status=none.

As there only seem to be two uses, this commit changes the two Makefiles.
If this becomes more common, we could also add a wrapper bootstrap script
that ignores status= and forwards the remaining args to the real dd.
Another alternative would be to remove the status flag and pipe stderr to
/dev/null, but them we lose error messages.

Reviewed By:	brooks
Differential Revision: https://reviews.freebsd.org/D24785
2020-06-05 08:46:50 +00:00
Hans Petter Selasky
eff8154913 USB HID descriptors may push/pop the current state to allow
description of items residing in a so-called union. FreeBSD currently
only supports 4 such pop levels.

If the push level is not restored within the processing of the same
HID item, an invalid memory location may be used for subsequent HID
item processing.

Verify that the push level is always valid when processing HID items.

Reported by:	Andy Nguyen (Google)
MFC after:	3 days
Sponsored by:	Mellanox Technologies
2020-06-05 07:57:16 +00:00
John Baldwin
00a4311adc Refer to AES-CBC as "aes-cbc" rather than "rijndael-cbc" for IPsec.
At this point, AES is the more common name for Rijndael128.  setkey(8)
will still accept the old name, and old constants remain for
compatiblity.

Reviewed by:	cem, bcr (manpages)
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24964
2020-06-04 22:58:37 +00:00
Kyle Evans
63619b6dba vfs: add restrictions to read(2) of a directory [2/2]
This commit adds the priv(9) that waters down the sysctl to make it only
allow read(2) of a dirfd by the system root. Jailed root is not allowed, but
jail policy and superuser policy will abstain from allowing/denying it so
that a MAC module can fully control the policy.

Such a MAC module has been written, and can be found at:
https://people.freebsd.org/~kevans/mac_read_dir-0.1.0.tar.gz

It is expected that the MAC module won't be needed by many, as most only
need to do such diagnostics that require this behavior as system root
anyways. Interested parties are welcome to grab the MAC module above and
create a port or locally integrate it, and with enough support it could see
introduction to base. As noted in mac_read_dir.c, it is released under the
BSD 2 clause license and allows the restrictions to be lifted for only
jailed root or for all unprivileged users.

PR:		246412
Reviewed by:	mckusick, kib, emaste, jilles, cy, phk, imp (all previous)
Reviewed by:	rgrimes (latest version)
Differential Revision:	https://reviews.freebsd.org/D24596
2020-06-04 18:17:25 +00:00
Kyle Evans
dcef4f65ae vfs: add restrictions to read(2) of a directory [1/2]
Historically, we've allowed read() of a directory and some filesystems will
accommodate (e.g. ufs/ffs, msdosfs). From the history department staffed by
Warner: <<EOF

pdp-7 unix seemed to allow reading directories, but they were weird, special
things there so I'm unsure (my pdp-7 assembler sucks).

1st Edition's sources are lost, mostly. The kernel allows it. The
reconstructed sources from 2nd or 3rd edition read it though.

V6 to V7 changed the filesystem format, and should have been a warning, but
reading directories weren't materially changed.

4.1b BSD introduced readdir because of UFS. UFS broke all directory reading
programs in 1983. ls, du, find, etc all had to be rewritten. readdir() and
friends were introduced here.

SysVr3 picked up readdir() in 1987 for the AT&T fork of Unix. SysVr4 updated
all the directory reading programs in 1988 because different filesystem
types were introduced.

In the 90s, these interfaces became completely ubiquitous as PDP-11s running
V7 faded from view and all the folks that initially started on V7 upgraded
to SysV. Linux never supported this (though I've not done the software
archeology to check) because it has always had a pathological diversity of
filesystems.
EOF

Disallowing read(2) on a directory has the side-effect of masking
application bugs from relying on other implementation's behavior
(e.g. Linux) of rejecting these with EISDIR across the board, but allowing
it has been a vector for at least one stack disclosure bug in the past[0].

By POSIX, this is implementation-defined whether read() handles directories
or not. Popular implementations have chosen to reject them, and this seems
sensible: the data you're reading from a directory is not structured in some
unified way across filesystem implementations like with readdir(2), so it is
impossible for applications to portably rely on this.

With this patch, we will reject most read(2) of a dirfd with EISDIR. Users
that know what they're doing can conscientiously set
bsd.security.allow_read_dir=1 to allow read(2) of directories, as it has
proven useful for debugging or recovery. A future commit will further limit
the sysctl to allow only the system root to read(2) directories, to make it
at least relatively safe to leave on for longer periods of time.

While we're adding logic pertaining to directory vnodes to vn_io_fault, an
additional assertion has also been added to ensure that we're not reaching
vn_io_fault with any write request on a directory vnode. Such request would
be a logical error in the kernel, and must be debugged rather than allowing
it to potentially silently error out.

Commented out shell aliases have been placed in root's chsrc/shrc to promote
awareness that grep may become noisy after this change, depending on your
usage.

A tentative MFC plan has been put together to try and make it as trivial as
possible to identify issues and collect reports; note that this will be
strongly re-evaluated. Tentatively, I will MFC this knob with the default as
it is in HEAD to improve our odds of actually getting reports. The future
priv(9) to further restrict the sysctl WILL NOT BE MERGED BACK, so the knob
will be a faithful reversion on stable/12. We will go into the merge
acknowledging that the sysctl default may be flipped back to restore
historical behavior at *any* point if it's warranted.

[0] https://www.freebsd.org/security/advisories/FreeBSD-SA-19:10.ufs.asc

PR:		246412
Reviewed by:	mckusick, kib, emaste, jilles, cy, phk, imp (all previous)
Reviewed by:	rgrimes (latest version)
MFC after:	1 month (note the MFC plan mentioned above)
Relnotes:	absolutely, but will amend previous RELNOTES entry
Differential Revision:	https://reviews.freebsd.org/D24596
2020-06-04 18:09:55 +00:00
Konstantin Belousov
064c283d65 Revert r361770 "Add pthread_getname_np() and pthread_setname_np() aliases" for now.
It is not compatible enough with Linux.

Requested by:	antoine, jkim
Sponsored by:	The FreeBSD Foundation
2020-06-04 09:06:03 +00:00
Konstantin Belousov
9bed49fea4 Add pthread_getname_np() and pthread_setname_np() aliases
for pthread_get_name_np() and pthread_set_name_np(), to be
compatible with Linux.

PR:	238404
Proposed and reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25117
2020-06-03 20:54:36 +00:00
Ed Maste
3f65edb369 mmap.2: correct prot argument terminology
One of the error descriptions referred to permissions; in context the
meaning was probably clear, but the prot values are properly called
protections.

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2020-06-03 20:42:52 +00:00
John Baldwin
ae84ff9c47 Document SO_NO_OFFLOADS and SO_NO_DDP.
Reviewed by:	bcr, np
MFC after:	1 week
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D25043
2020-06-03 18:59:31 +00:00
Mark Johnston
c78e42e207 cap_fileargs: Fix a descriptor leak in the service process.
The service handler for fileargs_open() tries to pre-open multiple files
and pass descriptors for each back to the sandboxed process in a single
message.  This is to amortize the cost of round-trips between the two
processes.

The service process adds a "cache" nvlist to the reply to "open",
containing file descriptors for pre-opened files.  However, when adding
that nvlist to the reply, it was making a copy, effectively leaking the
cached descriptors.

While here, fix spelling in a local variable name.

PR:		241226
Reviewed by:	oshogbo
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D25095
2020-06-01 15:32:13 +00:00
Tijl Coosemans
3eee8f1cbb Fix installation of libxo encoder modules.
Because the install location was hardcoded in the Makefile as
/usr/lib/libxo/encoder, the lib32 version was installed over the native
version.  Replace /usr/lib with ${LIBDIR}.

Also define SHLIB_NAME instead of LIB + FILES.  This prevents building a
static library.

MFC after:	2 weeks
2020-05-31 17:20:17 +00:00
Ed Maste
c5ea81f7a6 rename in-tree libevent v1 to libevent1
r316063 installed pf's embedded libevent as a private lib, with headers
in /usr/include/private/event.  Unfortunately we also have a copy of
libevent v2 included in ntp, which needed to be updated for compatibility
with OpenSSL 1.1.

As unadorned 'libevent' generally refers to libevent v2, be explicit that
this one is libevent v1.

Reviewed by:	vangyzen (earlier)
Differential Revision:	https://reviews.freebsd.org/D17275
2020-05-28 22:05:50 +00:00
Rick Macklem
6f05ed08c2 Add an entry to Symbol.map for the rpctls_syscall added by r361599.
Reviewed by:	brooks
Differential Revision:	https://reviews.freebsd.org/D24949
2020-05-28 21:26:26 +00:00
Eric van Gyzen
1add7d0f8d libifconfig: remove redundant NULL check
Submitted by:	Puneeth_kumar.Jothaiah@emc.com
Reported by:	Coverity
Sponsored by:	Dell EMC Isilon
2020-05-27 18:26:10 +00:00
Andriy Gapon
56e8cb87c6 libprocstat: try to fix fallout from r361363
The revision caused libprocstat to have two undefined symbols:
- __start_set_pcpu
- __stop_set_pcpu
probably because of __GLOBL() used in sys/pcpu.h under _KERNEL.
The symbols are not accessed by anything and the linker in base does not
complain about them, but some ports are failing to build.
Hack around the problem by providing definitions for those symbols.

Probably there is a better solution, but I could not think of it yet.

Reported by:	zeising
MFC after:	3 days
X-MFC with:	r361363
Sponsored by:	Panzura
2020-05-24 14:54:21 +00:00
Conrad Meyer
37f1f2684f Update to Zstandard 1.4.5
As usual, the full release notes are found on Github:

  https://github.com/facebook/zstd/releases/tag/v1.4.5

Notable changes include:

* Improved decompress performance on amd64 and arm (5-10%
  and 15-50%, respectively).
* '--patch-from' zstd(1) CLI option, which provides something like a very fast
  version of bspatch(1) with slightly worse compression.  See release notes.

In this update, I dropped the 3-year old -O0 workaround for an LLVM ARM bug;
the bug was fixed in LLVM SVN in 2017, but we didn't remove this workaround
from our tree until now.

MFC after:	I won't, but feel free
Relnotes:	yes
2020-05-23 21:23:46 +00:00
Conrad Meyer
bc64b5ce19 Import Zstd 1.4.5 2020-05-23 20:37:33 +00:00
Dimitry Andric
d65cd7a57b Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
llvmorg-10.0.1-rc1-0-gf79cd71e145 (aka 10.0.1 rc1).

MFC after:	3 weeks
2020-05-23 10:32:18 +00:00
Konstantin Belousov
c8ad15b6ff Implement Solaris-like link_map l_refname member.
The implementation is based on the public documentation, in particular
dlinfo(3) from Solaris.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2020-05-22 17:52:09 +00:00
Andriy Gapon
8a719b0cee libprocstat: fix ZFS support
First of all, znode_phys_t hasn't been used for storing file attributes
for a long time now.  Modern ZFS versions use a System Attribute table
with a flexible layout.  But more importantly all the required
information is available in znode_t itself.

It's not easy to include zfs_znode.h in userland without breaking code
because the most interesting parts of the header are kernel-only. And
hardcoding field offsets is too fragile.  So, I created a new
compilation unit that includes zfs_znode.h using some mild kludges to
get it and its dependencies to compile in userland.  The compilation
unit exports interesting field offsets and does not have any other code.

PR:		194117
Reviewed by:	markj
MFC after:	2 weeks
Sponsored by:	Panzura
Differential Revision: https://reviews.freebsd.org/D24941
2020-05-22 11:20:23 +00:00
Konstantin Belousov
d0ca9a7fe4 Restore the binary compatibility for link_map l_addr.
Keep link_map l_addr binary layout compatible, rename l_addr to l_base
where rtld returns map base.  Provide relocbase in newly added l_addr.

This effectively reverts the patch to the initial version of D24918.

Reported by: antoine (portmgr)
Reviewed by:	jhb, markj
Tested by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D24946
2020-05-21 22:24:23 +00:00
Cy Schubert
091e9e469b MFV r361322:
Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
 - CVE-2020-12662 Unbound can be tricked into amplifying an incoming
   query into a large number of queries directed to a target.
 - CVE-2020-12663 Malformed answers from upstream name servers can be
   used to make Unbound unresponsive.

Reported by:	emaste
MFC after:	3 days
Relnotes:	yes
Security:	CVE-2020-12662, CVE-2020-12663
2020-05-21 21:00:46 +00:00
Andriy Gapon
e165a15b5f libprocstat: fix reading of file descriptor table via kvm
This seems to have been broken since r247602 (from year 2013!).
Can be easily tested with
  fstat -N /boot/kernel/kernel -M /var/crash/vmcore.last

MFC after:	1 week
Sponsored by:	Panzura
2020-05-21 13:46:30 +00:00
Ryan Moeller
245bfd34da Deduplicate fsid comparisons
Comparing fsid_t objects requires internal knowledge of the fsid structure
and yet this is duplicated across a number of places in the code.

Simplify by creating a fsidcmp function (macro).

Reviewed by:	mjg, rmacklem
Approved by:	mav (mentor)
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D24749
2020-05-21 01:55:35 +00:00
Konstantin Belousov
2c6d9dc0bb Change the samantic of struct link_map l_addr member.
It previously returned the object map base address, while all other
ELF operating systems return load offset, i.e. the difference between
map base and the link base.

Explain the meaning of the field in the man page.

Stop filling the mips-only l_offs member, which is apparently unused.

PR:	246561
Requested by:	Damjan Jovanovic <damjan.jov@gmail.com>
Reviewed by:	emaste, jhb, cem (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D24918
2020-05-20 22:08:26 +00:00
Martin Matuska
de6fa6b43b MFV r361280:
Update libarchive to 3.4.3

Relevant vendor changes:
  PR #1352: support negative zstd compression levels
  PR #1359: improve zstd version checking
  PR #1348: support RHT.security.selinux from GNU tar
  PR #1357: support for archives compressed with pzstd
  PR #1367: fix issues in acl tests
  PR #1372: child handling cleanup
  PR #1378: fix memory leak from passphrase callback
2020-05-20 20:58:48 +00:00
Benedict Reuschling
d50ff7de21 Fix a typo: argments -> arguments
PR:		243294
Submitted by:	Igor Ostapenko
MFC after:	5 days
2020-05-19 11:05:27 +00:00
Kyle Evans
880ff10ba9 procctl(2): correct a minor cut-n-pasto
This is clearly describing PROC_PROTMAX_FORCE_DISABLE, rather than
PROC_ASL_FORCE_DISABLE.

Submitted by:	sigsys@gmail.com
2020-05-16 04:52:29 +00:00
Ed Maste
65a1d63665 libalias: retire cuseeme support
The CU-SeeMe videoconferencing client and associated protocol is at this
point a historical artifact; there is no need to retain support for this
protocol today.

Reviewed by:	philip, markj, allanjude
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24790
2020-05-16 02:29:10 +00:00
Conrad Meyer
8a68ae80f6 vmm(4), bhyve(8): Expose kernel-emulated special devices to userspace
Expose the special kernel LAPIC, IOAPIC, and HPET devices to userspace
for use in, e.g., fallback instruction emulation (when userspace has a
newer instruction decode/emulation layer than the kernel vmm(4)).

Plumb the ioctl through libvmmapi and register the memory ranges in
bhyve(8).

Reviewed by:	grehan
Differential Revision:	https://reviews.freebsd.org/D24525
2020-05-15 15:54:22 +00:00
Benedict Reuschling
44318fb2f9 Fix SYNPOSIS section to point to the proper include directive.
netgraph(3) points to #include <netgraph/netgraph.h>, which is kernel only.
The man page refers to the user-space part of the netgraph module, which is
located in <netgraph.h>.

Submitted by:	lutz_donnerhacke.de
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D23814
2020-05-15 12:04:39 +00:00
Konstantin Belousov
1659238a0c Implement RTLD_DEEPBIND.
PR:	246462
Tested by:	Martin Birgmeier <d8zNeCFG@aon.at>
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D24841
2020-05-15 11:58:01 +00:00
Konstantin Belousov
dcc6ef1644 Add memalign(3), mostly for glibc compatibility.
Reviewed by:	emaste, imp (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D24307
2020-05-14 21:12:08 +00:00
Brandon Bergren
3dbb9df36b [PowerPC] Fix wrong instructions in _savegpr_X.
We were accidentally using stfd instead of stw in our SAVEGPR macro.

This has almost certainly been causing crashes when compiling with -Os.

Reviewed by:	jhibbits (in irc)
MFC after:	3 days
Sponsored by:	Tag1 Consulting, Inc.
2020-05-14 04:00:35 +00:00
Mark Johnston
cf55371827 Re-enable proc_test:symbol_lookup after r360979.
PR:		244732
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2020-05-12 17:05:55 +00:00
Mark Johnston
13c2d789fb librtld_db: Fix shlib mapping offsets.
kve_offset gives the offset into the backing file, which is not what we
want since different segments may map the same page.  Use the base of
the mapping to determine the offset exported by librtld_db instead.

PR:		244732
Reported by:	Jenkins, Nicolò Mazzucato <nicomazz97@gmail.com>
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2020-05-12 17:00:47 +00:00
Eric van Gyzen
fac6dee9eb Remove tests for obsolete compilers in the build system
Assume gcc is at least 6.4, the oldest xtoolchain in the ports tree.
Assume clang is at least 6, which was in 11.2-RELEASE.  Drop conditions
for older compilers.

Reviewed by:	imp (earlier version), emaste, jhb
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D24802
2020-05-12 15:22:40 +00:00
Xin LI
16ade779ef Generate zlib.pc from source.
Reviewed by:		bapt
MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D24806
2020-05-12 01:47:33 +00:00
Dimitry Andric
28845ae1ab Use -fno-asynchronous-unwind-tables to compile lib/csu
Summary:
In r209294 kib added -fno-asynchronous-unwind-tables to the compile
flags for the GNU C startup components. This was done to work around a
BFD ld assertion, "no .eh_frame_hdr table will be created", which is
produced because of the layout of the startup objects.

Add the same flag to lib/csu too, for the same reason. And similarly to
r209294, also add -fno-omit-frame-pointer.

This is primarily meant to quickly MFC to stable/11, so it can end up in
the 11.4 release, as a fix for https://bugs.freebsd.org/246322.

PR:		246322
MFC after:	3 days
Differential Revision: https://reviews.freebsd.org/D24797
2020-05-11 19:36:38 +00:00
Benedict Reuschling
6a7016194d Add HISTORY sections to document when this
functionality first appeared in FreeBSD.

Submitted by:	Gordon Bergling gbergling_gmail.com
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D24677
2020-05-05 19:31:47 +00:00
Conrad Meyer
b34f8412c5 strdup.3: Slightly canonicalize OOM return/error status
Attempted to clean up the language around "this is a malloc'd object."  May be
passed as a parameter to free(3) is a bit obtuse.

Sponsored by:	Dell EMC Isilon
2020-05-05 17:57:04 +00:00
John Baldwin
483d953a86 Initial support for bhyve save and restore.
Save and restore (also known as suspend and resume) permits a snapshot
to be taken of a guest's state that can later be resumed.  In the
current implementation, bhyve(8) creates a UNIX domain socket that is
used by bhyvectl(8) to send a request to save a snapshot (and
optionally exit after the snapshot has been taken).  A snapshot
currently consists of two files: the first holds a copy of guest RAM,
and the second file holds other guest state such as vCPU register
values and device model state.

To resume a guest, bhyve(8) must be started with a matching pair of
command line arguments to instantiate the same set of device models as
well as a pointer to the saved snapshot.

While the current implementation is useful for several uses cases, it
has a few limitations.  The file format for saving the guest state is
tied to the ABI of internal bhyve structures and is not
self-describing (in that it does not communicate the set of device
models present in the system).  In addition, the state saved for some
device models closely matches the internal data structures which might
prove a challenge for compatibility of snapshot files across a range
of bhyve versions.  The file format also does not currently support
versioning of individual chunks of state.  As a result, the current
file format is not a fixed binary format and future revisions to save
and restore will break binary compatiblity of snapshot files.  The
goal is to move to a more flexible format that adds versioning,
etc. and at that point to commit to providing a reasonable level of
compatibility.  As a result, the current implementation is not enabled
by default.  It can be enabled via the WITH_BHYVE_SNAPSHOT=yes option
for userland builds, and the kernel option BHYVE_SHAPSHOT.

Submitted by:	Mihai Tiganus, Flavius Anton, Darius Mihai
Submitted by:	Elena Mihailescu, Mihai Carabas, Sergiu Weisz
Relnotes:	yes
Sponsored by:	University Politehnica of Bucharest
Sponsored by:	Matthew Grooms (student scholarships)
Sponsored by:	iXsystems
Differential Revision:	https://reviews.freebsd.org/D19495
2020-05-05 00:02:04 +00:00
John Baldwin
16aabb761c Remove support for IPsec algorithms deprecated in r348205 and r360202.
Examples of depecrated algorithms in manual pages and sample configs
are updated where relevant.  I removed the one example of combining
ESP and AH (vs using a cipher and auth in ESP) as RFC 8221 says this
combination is NOT RECOMMENDED.

Specifically, this removes support for the following ciphers:
- des-cbc
- 3des-cbc
- blowfish-cbc
- cast128-cbc
- des-deriv
- des-32iv
- camellia-cbc

This also removes support for the following authentication algorithms:
- hmac-md5
- keyed-md5
- keyed-sha1
- hmac-ripemd160

Reviewed by:	cem, gnn (older verisons)
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24342
2020-05-02 00:06:58 +00:00
John Baldwin
371f3da616 Remove the SYMVER build option.
This option was added as a transition aide when symbol versioning was
first added.  It was enabled by default in 2007 and is supported even
by the old GPLv2 binutils.  Trying to disable it currently fails to
build in libc and at this point it isn't worth fixing the build.

Reported by:	Michael Dexter
Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D24637
2020-04-30 22:08:40 +00:00
Ed Maste
be99f8868b liblua: ensure that "require" will fail in bootstrap flua
We do not want to support bootstrapping lua modules, so ensure that
require will fail by providing a nonexistent path.

Reviewed by:	kevans
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24610
2020-04-29 13:41:32 +00:00
Mark Johnston
bea2668321 Document handling of connection-mode sockets by sendto(2).
sendto(2), sendmsg(2) and sendmmsg(2) return ENOTCONN if a destination
address is specified and the socket is not connected and the socket
protocol does not automatically connect ("implied connect").  Document
that.  Also document the fact that the destination address is ignored
for connection-mode sockets if the socket is already connected.

PR:		245817
Submitted by:	Erik Inge Bolsø <knan-bfo@modirum.com>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D24530
2020-04-27 16:12:32 +00:00
Mark Johnston
569eb766c5 Fix handling of EV_EOF for named pipes.
Contrary to the kevent man page, EV_EOF on a fifo is not cleared by
EV_CLEAR.  Modify the read and write filters to clear EV_EOF when the
fifo's PIPE_EOF flag is clear, and update the man page to document the
new behaviour.

Modify the write filter to return the amount of buffer space available
even if no readers are present.  This matches the behaviour for sockets.

When reading from a pipe, only call pipeselwakeup() if some data was
actually read.  This prevents the continuous re-triggering of a
EVFILT_READ event on EOF when in edge-triggered mode.

PR:		203366, 224615
Submitted by:	Jan Kokemüller <jan.kokemueller@gmail.com>
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24528
2020-04-27 15:59:19 +00:00
Conrad Meyer
1e72c52e23 libc: partially revert r326576
In r326576 ("use @@@ instead of @@ in __sym_default"), an earlier version of
the phabricator-discussed patch was inadvertently committed.  The commit
message claims that @@@ means that weak is not needed, but that was due to a
misunderstanding of the use of weak symbols in this context by the submitted
in the first draft of the patch; the description text was not updated to
match the discussion.  As discussed in phabricator, weak is needed for
symbol interposing because of the behavior of our rtld, and is widely used
elsewhere in libc.

This partial revert restores the approved version of the patch and permits
symbol interposing for openat.

Reported by:	Raymond Ramsden <rramsden AT isilon.com>
Reviewed by:	dim, emaste, kib (2017)
Discussed with:	kib (2020)
Differential Revision:	https://reviews.freebsd.org/D11653
2020-04-25 14:24:54 +00:00
Mateusz Piotrowski
5dcf0083fc Fix a typo
Reported by:	pstef
MFC after:	2 days
2020-04-24 22:04:14 +00:00
Alexander Motin
e4e0417440 Map family 0x5F (Denverton) to goldmont.
According to the 325462-071US document, they should be the same.

MFC after:	1 week
2020-04-24 16:05:35 +00:00
Eric van Gyzen
c5ad81420c Update jemalloc to version 5.2.1
Revert r354606 to restore r354605.

Apply one line from jemalloc commit d01b425e5d1e1 in hash_x86_128()
to fix the build with gcc, which only allows a fallthrough attribute
to appear before a case or default label.

Submitted by:	jasone in r354605
Discussed with:	jasone
Reviewed by:	bdrewery
MFC after:	never, due to gcc 4.2.1
Relnotes:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D24522
2020-04-23 23:57:43 +00:00
Kristof Provost
36dcd97de3 libc: Shortcut if_indextoname() if index == 0
If the index we're trying to convert is 0 we can avoid a potentially
expensive call to getifaddrs(). No interface has an ifindex of zero, so
we can handle this as an error: set the errno to ENXIO and return NULL.

Submitted by:	Nick Rogers
Reviewed by:	lutz at donnerhacke.de
MFC after:	2 weeks
Sponsored by:	RG Nets
Differential Revision:	https://reviews.freebsd.org/D24524
2020-04-23 21:16:51 +00:00
Kyle Evans
a269a14ff0 kqueue(2): de-vandalize the random sentence in the middle
A last minute change appears to have inadvertently vandalized unrelated
parts of the manpage with the date. =-(

Reported by:	rpokala
2020-04-22 04:05:02 +00:00
Kyle Evans
00b0f94c58 kqueue(2): add a note about EV_RECEIPT
In the below-referenced PR, a case is attached of a simple reproducer that
exhibits suboptimal behavior: EVFILT_READ and EVFILT_WRITE being set in the
same kevent(2) call will only honor the first one. This is, in-fact, how
it's supposed to work.

A read of the manpage leads me to believe we could be more clear about this;
right now there's a logical leap to make in the relevant statement: "When
passed as input, it forces EV_ERROR to always be returned." -- the logical
leap being that this indicates the caller should have allocated space for
the change to be returned with EV_ERROR indicated in the events, or
subsequent filters will get dropped on the floor.

Another possible workaround that accomplishes similar effect without needing
space for all events is just setting EV_RECEIPT on the final change being
passed in; if any errored before it, the kqueue would not be drained. If we
made it to the final change with EV_RECEIPT set, then we would return that
one with EV_ERROR and still not drain the kqueue. This would seem to not be
all that advisable.

PR:		229741
MFC after:	1 week
2020-04-22 03:45:52 +00:00
John Baldwin
24c2e17d2b Map negative types passed to vm_capability_type2name to NULL.
Submitted by:	vangyzen
2020-04-21 21:48:35 +00:00
John Baldwin
5e61abf740 Check the magic value in longjmp() before calling sigprocmask().
This avoids passing garbage to sigprocmask() if the jump buffer is
invalid.

Reviewed by:	mhorne
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24483
2020-04-21 17:40:23 +00:00
John Baldwin
d000623a21 Add description string for VM_CAP_BPT_EXIT.
While here, replace the array of mapping structures with an array of
string pointers where the index is the capability value.

Submitted by:	Rob Fairbanks <rob.fx907@gmail.com>
Reviewed by:	rgrimes
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D24289
2020-04-21 17:30:56 +00:00
Alan Somers
72a600a7a1 libauditd: make it a PRIVATELIB
According to the upstream man page (which we don't install), none of
libauditd's symbols are intended to be public. Also, I can't find any
evidence for a port that uses libauditd. Therefore, we should treat it like
other such libraries and use PRIVATELIB.

Reported by:	phk
Reviewed by:	cem, emaste
MFC after:	2 weeks
2020-04-19 02:20:39 +00:00
Alan Somers
1796400d62 libbsm: fix some MLINKS
Add missing MLINKS entries for a few functions. Remove some old typo
entries.

Reported by:	phk
Reviewed by:	cem
MFC after:	2 weeks
2020-04-19 02:18:40 +00:00
Alan Somers
133b8ab5bb cap_dns.3: fix some orphan .Xr links
Reported by:	phk
MFC after:	2 weeks
2020-04-18 20:13:43 +00:00
Brooks Davis
3076591b7a Attempt to use AT_PS_STRINGS to get the ps_strings pointer.
This saves a system call and avoids one of the (relatively rare) cases
of the kernel exporting pointers via sysctl.

As a temporary measure, keep the sysctl support to allow limited
compatability with old kernels.

Fail gracefully if ps_strings can't be found (should never happen).

Reviewed by:	kib
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24407
2020-04-15 20:28:20 +00:00
Brooks Davis
1e4a35add8 Support AT_PS_STRINGS in _elf_aux_info().
This will be used by setproctitle().

Reviewed by:	kib
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24407
2020-04-15 20:26:41 +00:00
Brooks Davis
6671366a55 Fix -Wvoid-pointer-to-enum-cast warnings.
This pattern is used in callbacks with void * data arguments and seems
both relatively uncommon and relatively harmless.  Silence the warning
by casting through uintptr_t.

This warning is on by default in Clang 11.

Reviewed by:	arichardson
Obtained from:	CheriBSD (partial)
MFC after:	1 week
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24425
2020-04-15 18:15:58 +00:00
John Baldwin
e2b9919398 Remove support for geli(4) algorithms deprecated in r348206.
This removes support for reading and writing volumes using the
following algorithms:

- Triple DES
- Blowfish
- MD5 HMAC integrity

In addition, this commit adds an explicit whitelist of supported
algorithms to give a better error message when an invalid or
unsupported algorithm is used by an existing volume.

Reviewed by:	cem
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24343
2020-04-15 00:14:50 +00:00
Kyle Evans
7851fb8ecb closefrom: clamp lowfd to >= 0; close_range's parameters are unsigned.
Pointy hat:	kevans
Reported by:	CI (lwhsu)
2020-04-14 23:24:24 +00:00
Kyle Evans
7d03e08112 Mark closefrom(2) COMPAT12, reimplement in libc to wrap close_range
Include a temporarily compatibility shim as well for kernels predating
close_range, since closefrom is used in some critical areas.

Reviewed by:	markj (previous version), kib
Differential Revision:	https://reviews.freebsd.org/D24399
2020-04-14 18:07:42 +00:00
Jonathan T. Looney
fb401f1bba Make sonewconn() overflow messages have per-socket rate-limits and values.
sonewconn() emits debug-level messages when a listen socket's queue
overflows. Currently, sonewconn() tracks overflows on a global basis. It
will only log one message every 60 seconds, regardless of how many sockets
experience overflows. And, when it next logs at the end of the 60 seconds,
it records a single message referencing a single PCB with the total number
of overflows across all sockets.

This commit changes to per-socket overflow tracking. The code will now
log one message every 60 seconds per socket. And, the code will provide
per-socket queue length and overflow counts. It also provides a way to
change the period between log messages using a sysctl.

Reviewed by:	jhb (previous version), bcr (manpages)
MFC after:	2 weeks
Sponsored by:	Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D24316
2020-04-14 15:38:18 +00:00
Kyle Evans
7c5e60c72e libc: remove shm_open(2)'s compat fallback
This had been introduced to ease any pain for using slightly older kernels
with a newer libc, e.g., for bisecting a kernel across the introduction of
shm_open2(2). 6 months has passed, retire the fallback and let shm_open()
unconditionally call shm_open2().

Stale includes are removed as well.
2020-04-13 15:59:15 +00:00
Xin LI
d25a143055 Sync with OpenBSD:
arc4random.c: In the incredibly unbelievable circumstance where
_rs_init() fails to allocate pages, don't call abort() because of
corefile data leakage concerns, but simply _exit().  The reasoning
is _rs_init() will only fail if someone finds a way to apply
specific pressure against this failure point, for the purpose of
leaking information into a core which they can read.  We don't
need a corefile in this instance to debug that.  So take this
"lever" away from whoever in the future wants to do that.

arc4random.3: reference random(4)

arc4random_uniform.c: include stdint.h over sys/types.h
2020-04-13 08:42:13 +00:00
Kyle Evans
472ced39ef Implement a close_range(2) syscall
close_range(min, max, flags) allows for a range of descriptors to be
closed. The Python folk have indicated that they would much prefer this
interface to closefrom(2), as the case may be that they/someone have special
fds dup'd to higher in the range and they can't necessarily closefrom(min)
because they don't want to hit the upper range, but relocating them to lower
isn't necessarily feasible.

sys_closefrom has been rewritten to use kern_close_range() using ~0U to
indicate closing to the end of the range. This was chosen rather than
requiring callers of kern_close_range() to hold FILEDESC_SLOCK across the
call to kern_close_range for simplicity.

The flags argument of close_range(2) is currently unused, so any flags set
is currently EINVAL. It was added to the interface in Linux so that future
flags could be added for, e.g., "halt on first error" and things of this
nature.

This patch is based on a syscall of the same design that is expected to be
merged into Linux.

Reviewed by:	kib, markj, vangyzen (all slightly earlier revisions)
Differential Revision:	https://reviews.freebsd.org/D21627
2020-04-12 21:23:19 +00:00
Alexander V. Chernikov
a666325282 Introduce nexthop objects and new routing KPI.
This is the foundational change for the routing subsytem rearchitecture.
 More details and goals are available in https://reviews.freebsd.org/D24141 .

This patch introduces concept of nexthop objects and new nexthop-based
 routing KPI.

Nexthops are objects, containing all necessary information for performing
 the packet output decision. Output interface, mtu, flags, gw address goes
 there. For most of the cases, these objects will serve the same role as
 the struct rtentry is currently serving.
Typically there will be low tens of such objects for the router even with
 multiple BGP full-views, as these objects will be shared between routing
 entries. This allows to store more information in the nexthop.

New KPI:

struct nhop_object *fib4_lookup(uint32_t fibnum, struct in_addr dst,
  uint32_t scopeid, uint32_t flags, uint32_t flowid);
struct nhop_object *fib6_lookup(uint32_t fibnum, const struct in6_addr *dst6,
  uint32_t scopeid, uint32_t flags, uint32_t flowid);

These 2 function are intended to replace all all flavours of
 <in_|in6_>rtalloc[1]<_ign><_fib>, mpath functions  and the previous
 fib[46]-generation functions.

Upon successful lookup, they return nexthop object which is guaranteed to
 exist within current NET_EPOCH. If longer lifetime is desired, one can
 specify NHR_REF as a flag and get a referenced version of the nexthop.
 Reference semantic closely resembles rtentry one, allowing sed-style conversion.

Additionally, another 2 functions are introduced to support uRPF functionality
 inside variety of our firewalls. Their primary goal is to hide the multipath
 implementation details inside the routing subsystem, greatly simplifying
 firewalls implementation:

int fib4_lookup_urpf(uint32_t fibnum, struct in_addr dst, uint32_t scopeid,
  uint32_t flags, const struct ifnet *src_if);
int fib6_lookup_urpf(uint32_t fibnum, const struct in6_addr *dst6, uint32_t scopeid,
  uint32_t flags, const struct ifnet *src_if);

All functions have a separate scopeid argument, paving way to eliminating IPv6 scope
 embedding and allowing to support IPv4 link-locals in the future.

Structure changes:
 * rtentry gets new 'rt_nhop' pointer, slightly growing the overall size.
 * rib_head gets new 'rnh_preadd' callback pointer, slightly growing overall sz.

Old KPI:
During the transition state old and new KPI will coexists. As there are another 4-5
 decent-sized conversion patches, it will probably take a couple of weeks.
To support both KPIs, fields not required by the new KPI (most of rtentry) has to be
 kept, resulting in the temporary size increase.
Once conversion is finished, rtentry will notably shrink.

More details:
* architectural overview: https://reviews.freebsd.org/D24141
* list of the next changes: https://reviews.freebsd.org/D24232

Reviewed by:	ae,glebius(initial version)
Differential Revision:	https://reviews.freebsd.org/D24232
2020-04-12 14:30:00 +00:00
Sergio Carlavilla Delgado
73129d4797 Add HISTORY section to getc(3)
PR:		240269
Submitted by:	Gordon Bergling
Differential Revision:	https://reviews.freebsd.org/D24295
2020-04-10 09:37:20 +00:00
Sergio Carlavilla Delgado
bbf6efd7b7 exit(3): Add HISTORY section
PR:		240259
Submitted by:	Gordon Bergling
Obtained from:	OpenBSD
Differential Revision:	https://reviews.freebsd.org/D24146
2020-04-10 09:27:18 +00:00
Sergio Carlavilla Delgado
3fea6e53c1 arc4random(3): Expand the SEE ALSO section
Submitted by:	Gordon Bergling
Approved by:	brueffer@
Obtained from:	NetBSD
Differential Revision:	https://reviews.freebsd.org/D23716
2020-04-10 09:12:41 +00:00
Konstantin Belousov
09bae0a023 libc: Fix possible overflow in binuptime().
This is an application of the kernel overflow fix from r357948 to
userspace, based on the algorithm developed by Bruce Evans. To keep
the ABI of the vds_timekeep stable, instead of adding the large_delta
member, MSB of both multipliers are added to quickly estimate the overflow.

Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2020-04-09 23:22:35 +00:00
Simon J. Gerraty
723f904176 Improve interaction of vectx and tftp
On slow platforms, it helps to spread the hashing load
over time so that tftp does not timeout.

Also, some .4th files are too big to fit in cache of pkgfs,
so increase cache size and ensure fully populated.

Reviewed by:	stevek
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D24287
2020-04-07 16:56:34 +00:00
Conrad Meyer
b30c6ac9f9 libcasper(3): Export functions to C++
We must wrap C declarations in __BEGIN / __END_DECLS to avoid C++ name-mangling
of the declaration when including the C header; name-mangling causes the linker
to attempt to locate the wrong (C++ ABI) symbol name.

Reviewed by:	markj, oshogbo (earlier version both)
Differential Revision:	https://reviews.freebsd.org/D24323
2020-04-07 16:40:41 +00:00
Maxim Sobolev
a8b8edb25e Normalize deployment tools usage and definitions by putting into one place
instead of sprinkling them out over many disjoint files. This is a follow-up
to achieve the same goal in an incomplete rev.348521.

Approved by:	imp
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D20520
2020-04-07 02:46:22 +00:00
Conrad Meyer
2750f1b954 libcasper: Constify cap_sysctl_limit_mib() mib parameter
No functional change. Minor API change that is nicer for consumers. ABI is
identical; the routine never needed to modify the pointed to value.

Reviewed by:	emaste, markj
Differential Revision:	https://reviews.freebsd.org/D24319
2020-04-06 23:07:56 +00:00
Kyle Evans
147d7b567f llvm: add a build knob for enabling assertions
For head/, this will remain eternally default-on to maintain the status quo.
For stable/ branches, it should be flipped to default-off to maintain the
status quo.

There's value in being able to flip it one way or the other easily on head
or stable branches, whether you want to gain some performance back on head/
(for machines there's little chance you'll actually hit an assertion) or
potentially diagnose a problem with the version of llvm on an older branch.

Currently, stable branches get the CFLAGS+= -ndebug line uncommented; going
forward, they will instead have the default of LLVM_ASSERTIONS flipped.

Reviewed by:	dim, emaste, re (gjb)
MFC after:	1 week
MFC note:	flip the default of LLVM_ASSERTIONS
Differential Revision:	https://reviews.freebsd.org/D24264
2020-04-06 01:27:17 +00:00
Sergio Carlavilla Delgado
d2034aedc1 Fix typo 2020-04-04 07:43:47 +00:00
Matt Macy
92b14858b4 Update x86 counters
MFC after:	1 week
2020-04-03 22:36:22 +00:00
Ed Maste
6e46e45f97 ANSIfy and KNF function arg definitions in libmd/md4.c
Reported by:	bde, in 2017
2020-04-03 20:56:43 +00:00
Ed Maste
652a974885 lldb: build and enable lua script bindings
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24266
2020-04-03 16:54:13 +00:00
Ed Maste
31c5c437cc lldb: commit generated LLDBWrapLua.cpp 2020-04-03 15:55:58 +00:00
Ed Maste
f0d060f91b lldb: add rule to generate LLDBWrapLua.cpp
Building lldb's lua/python bindings requires swig, but we do not want to
include it in the FreeBSD base system (as a build tool) because it has
non-trivial dependencies.  As a workaround, add a make rule to generate
LLDBWrapLua.cpp, and we will commit the generated file.

Requires the swig30 package.

Reviewed by:	brooks
Discussed with:	dim
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24265
2020-04-03 15:52:44 +00:00
Warner Losh
5310132318 Note some functions that appeared in First Edition Unix
These functions first appeared in the First Edition of Unix (or earlier in the
pdp-7 version). Just claim 1st Edition for all this. The pdp-7 code is too
fragmented at this point to extend history that far back.
2020-04-01 22:50:41 +00:00
John Baldwin
59838c1a19 Retire procfs-based process debugging.
Modern debuggers and process tracers use ptrace() rather than procfs
for debugging.  ptrace() has a supserset of functionality available
via procfs and new debugging features are only added to ptrace().
While the two debugging services share some fields in struct proc,
they each use dedicated fields and separate code.  This results in
extra complexity to support a feature that hasn't been enabled in the
default install for several years.

PR:		244939 (exp-run)
Reviewed by:	kib, mjg (earlier version)
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D23837
2020-04-01 19:22:09 +00:00
Hartmut Brandt
0bf56da32d Merge release 1.14 of bsnmp. 2020-04-01 15:25:16 +00:00
Mateusz Piotrowski
89064ec6ef Use proper mdoc(7) macros for literal text and do not use Tn
Tn is deprecated and upsets linters.

MFC after:	3 days
2020-04-01 09:01:35 +00:00
Simon J. Gerraty
5ea556d98c Do not claim libbearssl et al are INTERNALLIB
If INTERNALLIB is defined we need PIE and bsd.incs.mk is
not included.

PR:		245189
Reviewed by:	emaste
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org//D24233
2020-04-01 05:45:12 +00:00
Hartmut Brandt
d5efa260d9 Import version 1.14 of bsnmp. This mainly consists of bug fixes
in the ASN.1 functions and comes with a test suite for these
functions.
2020-03-31 17:50:32 +00:00
John Baldwin
da8c654e99 Trim some duplicate EIO descriptions.
While here, drop an extra conjunction from the list of error
conditions for the remaining EIO description in symlink(2).

Discussed with:	mckusick (trimming duplicates)
MFC after:	2 weeks
2020-03-30 21:48:47 +00:00
John Baldwin
e42b096439 Document EINTEGRITY errors for many system calls.
EINTEGRITY was previously documented as a UFS-specific error for
mount(2).  This documents EINTEGRITY as a filesystem-independent error
that may be reported by the backing store of a filesystem.

While here, document EIO as a filesystem-independent error for both
mount(2) and posix_fadvise(2).  EIO was previously only documented for
UFS for mount(2).

Reviewed by:	mckusick
Suggested by:	mckusick
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24168
2020-03-30 21:44:00 +00:00
Ed Maste
af6751f413 libc: unconditionalize _NLIST_DO_ELF
Suggested by:	brooks, imp
2020-03-30 21:25:00 +00:00
Ed Maste
86cfa7e70b nlist: retire long-obsolete aout support
Reviewed by:	brooks, kib
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24229
2020-03-30 20:15:19 +00:00
Alfredo Dal'Ava Junior
f1343c7f67 msun: swap words order instead of bits order on BIG ENDIAN
The "for" loop on big endian was inverting all the bits instead of
just the words

Issue reported by TestSuite (msun lib nan_test case)

Submitted by:	Renato Riolino <renato.riolino@eldorado.org.br>
Submitted by:	Fernando Valle <fernando.valle@eldorado.org.br>
Reviewed by:	pfg, alfredo
Approved by:	jhibbits (mentor)
Sponsored by:	Eldorado Research Institute (eldorado.org.br)
Differential Revision:	https://reviews.freebsd.org/D23926
2020-03-26 18:50:54 +00:00
Dimitry Andric
aec4c088fd Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
llvmorg-10.0.0-0-gd32170dbd5b (aka 10.0.0 release).

PR:		244251
MFC after:	6 weeks
X-MFC-With:	358851
2020-03-26 17:46:32 +00:00
Brooks Davis
daa006f84b Install expected kyua docs.
The "kyua about" command assumes these files exist causing tests
supplied devel/kyua to fail.

Fix a bug defining the default KYUA_DOCDIR so the installed files can be
found.

Reported by:	jenkins tests
Reviewed by:	lwhsu
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24187
2020-03-26 17:34:17 +00:00
Sergio Carlavilla Delgado
8e76d7909d Add HISTORY sections to log(3) man page
PR:		240265
Submitted by:	gbergling@gmail.com
Approved by:	bcr@(mentor), imp@
MFC after:	1 day
Differential Revision:	https://reviews.freebsd.org/D24148
2020-03-26 11:24:43 +00:00
Simon J. Gerraty
53f151f906 Fix pkgfs stat so it satisfies libsecureboot
We need a valid st_dev, st_ino and st_mtime
to correctly track which files have been verified
and to update our notion of time.

ve_utc_set(): ignore utc if it would jump our current time
by more than VE_UTC_MAX_JUMP (20 years).

Allow testing of install command via userboot.
Need to fix its stat implementation too.

bhyveload also needs stat fixed - due to change to userboot.h

Call ve_error_get() from vectx_close() when hash is wrong.

Track the names of files we have hashed into pcr

For the purposes of measured boot, it is important
to be able to reproduce the hash reflected in
loader.ve.pcr
so loader.ve.hashed provides a list of names in the order they
were added.

Reviewed by:	imp
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org//D24027
2020-03-25 19:12:19 +00:00
Emmanuel Vadot
483955de74 libpmc: Always add the full include path for libpmcstat
Previously it was only added for aarch64, amd64 and i386
2020-03-25 02:28:47 +00:00
Emmanuel Vadot
ee55186dfd pmc: Add include path for libpmcstat as it is an internallib
Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D24173
2020-03-25 01:32:16 +00:00
Emmanuel Vadot
e055e3367e wlandebug: Add include path for libifconfig as it is a internallib
Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D24172
2020-03-25 01:31:26 +00:00
Warner Losh
56c995d658 exec{l,v}{e,p} arrived in 7th Edition research Unix to support the Bourne Shell
which introduced environment variables. Document that here. Verified by
consulting the TUHS archive.
2020-03-24 19:33:21 +00:00
Emmanuel Vadot
9d7c39d873 pkgbase: Move telnetd and ftpd pam file to the utilities package
Both programs are in this package so put the pam.d file in there too.

Reported by:	emaste
Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D24161
2020-03-24 01:08:06 +00:00
Brooks Davis
e2d6edeb99 Improve LIBADD/_DP_* for kyua libraries.
This fixes build with ld.bfd as the linker (e.g. on powerpc).

This corrects a bug in D24103.

Sponsored by:	DARPA
2020-03-23 21:21:38 +00:00
Brooks Davis
b0d29bc47d Import the kyua test framework.
Having kyua in the base system will simplify automated testing in CI and
eliminates bootstrapping issues on new platforms.

The build of kyua is controlled by WITH(OUT)_TESTS_SUPPORT.

Reviewed by:	emaste
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24103
2020-03-23 19:01:23 +00:00
Brooks Davis
c697fb7f7c Add liblutok a lightweight C++ API for lua.
It is added an INTERNALLIB and not installed.  It will be used by kyua.

This is a preparatory commit for D24103.

Reviewed by:	emaste
Obtained from:	CheriBSD
Sponsored by:	DARPA
2020-03-23 18:26:23 +00:00
Edward Tomasz Napierala
868983b032 Add STANDARDS and HISTORY to getcontext(3), makecontext(3), and ucontext(3).
Obtained from:	NetBSD
MFC after:	2 weeks
Sponsored by:	DARPA
2020-03-23 17:38:20 +00:00
Warner Losh
00c101b17d Document when execl and execp entered unix.
For this, things are complicated. The first mention in the manual was in the 4th
edition manual (as an add on to exec(II)).  The 2nd and 3rd editions didn't have
these in the manual (either as a separate page, or as an add-on to exec(II)). We
don't have good 1st, 2nd or 3rd edition distributions to look in. However,
there's a tape labeled 'last1120c' that we do have. This tape contains the last
version of the V2 edition of the C compiler on it (just after C got struct). On
this tape there was a libc.sa archive that contains source for execl and
execp. This source is sufficiently different from the V5 sources (which are the
next ones we have sources for) and have a slightly different calling convention
than later sources, suggesting that the early date for the last1120c tape is
correct (in that era, the epoch changed every year, leading to a one or two year
ambiguity on when the files could have been modified) and it should be though of
as V2. Since this was also a time of compiler development, and the calling
convetions are known to be under evolution, and since the rest of the sources in
libc.sa are consistent, that's further evidence that V2 is likely. Finally, 2nd
edition was the last version to fully support the 11/20 because it lacked many
basic features and bell labs moved off it to the 11/45 as soon as they could
afford to buy one, around this time era. The unix manuals make it sound like V3
might have supported the 11/20, but the same intro could also be read to mean it
didn't, at all, and that V3 was the first rewrite for the 11/45 ahead of the
rewrite in C that came with V4.

Taken together, the evidence leans most heavily to V2 (90% IMHO), and slightly
to V3 (8%) or possibly V4 (2%). I've not put all this in the man page, but have
left it here in case someone notices in the future that V4 is the first manual
page for it.
2020-03-23 16:02:01 +00:00
Sergio Carlavilla Delgado
fd2ea83940 fix typo in exec man page
PR:		240258
Submitted by:	gbergling@gmail.com
Reported by:	kib@
Approved by:	bcr@(mentor, implicit)
MFC after:	2 days
Differential Revision:	https://reviews.freebsd.org/D24145
2020-03-22 20:10:05 +00:00
Sergio Carlavilla Delgado
792f4f40b8 exec man page: Add HISTORY section
PR:		240258
Submitted by:	gbergling@gmail.com
Patch by:	gbergling@gmail.com
Approved by:	bcr@(mentor)
MFC after:	2 days
Differential Revision:	https://reviews.freebsd.org/D24145
2020-03-22 12:57:49 +00:00
Xin LI
a8675d927b MFV r359197: xz 5.2.5.
MFC after:	2 weeks
Relnotes:	yes
2020-03-22 01:27:38 +00:00
Ed Maste
42a62b0417 nlist(3): add elf(5) xref
Found while looking for a.out remnants; nlist should also xref the
binary format we currently use.
2020-03-21 15:51:05 +00:00
Mark Johnston
733983be9b Fix uselocale(3) to not leak a reference to the old locale.
In a single-threaded program pthread_getspecific() always returns NULL,
so the old locale would not end up being freed.

PR:		239520
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2020-03-20 20:02:53 +00:00
Warner Losh
3b7fd87cbf Remove sparc support from clang build infrastructure. Any remaining sparc files
will be mopped up in future imports.

Differential Revision: https://reviews.freebsd.org/D24128
2020-03-20 15:07:15 +00:00
Mateusz Piotrowski
9168ef5be3 Document geli(8) loader variables conventions
The geli(8) manual page has an example for preloading keyfiles during boot.
There is no detail though on how the lookup of these variables actually
works.

Let's document that the name of a device does not have to be a part
of the variable.

PR:		243261
Submitted by:	johannes@jo-t.de
Approved by:	bcr (mentor)
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D24114
2020-03-19 09:23:26 +00:00
Xin LI
4188ba1a3b Fix race condition in catopen(3).
The current code uses a rwlock to protect the cached list, which
in turn holds a list of catentry objects, and increments reference
count while holding only read lock.

Fix this by converting the reference counter to use atomic operations.

While I'm there, also perform some clean ups around memory operations.

PR:		202636
Reported by:	Henry Hu <henry.hu.sh@gmail.com>
Reviewed by:	markj
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24095
2020-03-19 06:33:06 +00:00
Dimitry Andric
cd675bb60e Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
llvmorg-10.0.0-rc4-5-g52c365aa9ca.  The actual release should follow Real
Soon Now.

PR:             244251
MFC after:      6 weeks
2020-03-18 18:26:53 +00:00
John Baldwin
7a9cfa086a Fix the workaround to ignore the #warning for GCC.
clang and gcc use different warning flags for #warning preprocessor
directives.

Reported by:	Jenkins
MFC after:	1 week
2020-03-17 23:22:07 +00:00
John Baldwin
8d8a74e69e Mark procfs-based process debugging as deprecated for FreeBSD 13.
Attempting to use ioctls on /proc/<pid>/mem to control a process will
trigger warnings on the console.  The <sys/pioctl.h> include file will
also now emit a compile-time warning when used from userland.

Reviewed by:	emaste
MFC after:	1 week
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D23822
2020-03-17 18:44:03 +00:00
Brooks Davis
564b9ff2a7 Add an internal liblua and use it in flua.
The new liblua will be used in a forthcoming import of kyua.

Reviewed by:	kevans
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24090
2020-03-17 17:28:12 +00:00
Kyle Evans
19fe57fdb4 libssp: don't compile with -fstack-protector*
This similarly matches what we do in libc; compiling libssp with
-fstack-protector* is actively harmful.  For instance, if the canary ctor
ends up with a stack protector then it will trivially trigger a false
positive as the canary's being initialized.

This was noted by the reporter as irc/ircd-hybrid started crashing at start
after our libssp was MFC'd to stable/11, as its build will explicitly link
in libssp. On FreeBSD, this isn't necessary as SSP bits are included in
libc, but it should absolutely not trigger runtime breakage -- it does mean
that the canary will get initialized twice, but as this is happening early
on in application startup it should just be redundant work.

Reported by:	Tod McQuillin <devin@sevenlayer.studio>
MFC after:	3 days
2020-03-14 15:15:27 +00:00
Michael Tuexen
db4493f7b6 sendfile() does currently not support SCTP sockets.
Therefore, fail the call.

Reviewed by:		markj@
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D24059
2020-03-13 18:38:28 +00:00
Ryan Moeller
797711a84f libpmcstat: Try /boot/modules if module not found
Modules from ports/pkg are commonly installed to /boot/modules rather than to
the same directory the kernel resides in.  Look there if a module is not found
next to the kernel.

Submitted by:	mmacy
Reported by:	Nick Principe <nap@iXsystems.com>
Approved by:	mmacy (mentor)
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
2020-03-12 23:04:40 +00:00
Mateusz Piotrowski
18a9889f69 ftw.3: Follow style(9) in the example
Reported by:	oshogbo
Approved by:	bcr (mentor)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D24043
2020-03-12 18:28:23 +00:00
Brandon Bergren
db7f521db7 Fix r358688 -- Remember to actually save r3 before processing.
Crash was noticed by pkubaj building gcc9.

Apparently non dword-aligned char pointers are somewhat rare in the wild.

Reported by:	pkubaj
Sponsored by:	Tag1 Consulting, Inc.
2020-03-11 23:34:44 +00:00
Kirk McKusick
95ca762da8 When mounting a UFS filesystem, return EINTEGRITY rather than EIO
when a superblock check-hash error is detected. This change clarifies
a mount that failed due to media hardware failures (EIO) from a mount
that failed due to media errors (EINTEGRITY) that can be corrected by
running fsck(8).

Sponsored by: Netflix
2020-03-11 21:00:40 +00:00
Li-Wen Hsu
0fc06121ac Temporarily skip 2 failing tests after llvm10 import
PR:		244732
Sponsored by:	The FreeBSD Foundation
2020-03-11 12:43:54 +00:00
Warner Losh
9ac30e0b66 Remove unused cam ccb flags
These flags have been unused for some time. Some of them were in the
CAM2 specification, but CAM has moved on a bit from that. Some were
used in the old Pluto VideoSpace (and AirSpace) systems which had the
video playback I/O scheduler in userspace, but have been unused since
then.

Reviewed by: chuck, ken
Differential Revision:  https://reviews.freebsd.org/D24008
2020-03-10 23:58:41 +00:00
Dimitry Andric
4d4aa25694 Move another file in libllvm from sources required for world, to sources
required for bootstrap, as the PowerPC builds need this.

Reported by:	bdragon
PR:		244251
MFC after:	6 weeks
X-MFC-With:	358851
2020-03-10 20:25:36 +00:00
Dimitry Andric
0f1174c5e1 Add one additional file to libllvmminimal, to help the ppc64 bootstrap.
Reported by:	bdragon
PR:		244251
MFC after:	6 weeks
X-MFC-With:	358851
2020-03-10 20:01:52 +00:00
Dimitry Andric
fc23be915c Merge ^/head r358832 through r358848. 2020-03-10 17:49:09 +00:00
Hans Petter Selasky
f6428705d8 Fix for building libusb under Linux.
MFC after:	3 days
Sponsored by:	Mellanox Technologies
2020-03-10 15:59:20 +00:00
Dimitry Andric
16b9056593 Merge ^/head r358731 through r358831. 2020-03-10 07:04:05 +00:00
Dimitry Andric
da759cfa32 Remove -mlong-calls vhen building arm libraries and llvm.
Clang from 9.0.0 onwards already has the necessary relocation range
extenders, so this workaround is no longer needed (it produces longer
and slower code). Tested on real hardware, and in cross-compile
environment.

Submitted by:	mmel
2020-03-10 06:49:43 +00:00
Simon J. Gerraty
afc571b1a6 veloader use vectx API for kernel and modules
The vectx API, computes the hash for verifying a file as it is read.
This avoids the overhead of reading files twice - once to verify, then
again to load.

For doing an install via loader, avoiding the need to rewind
large files is critical.

This API is only used for modules, kernel and mdimage as these are the
biggest files read by the loader.
The reduction in boot time depends on how expensive the I/O is
on any given platform.  On a fast VM we see 6% improvement.

For install via loader the first file to be verified is likely to be the
kernel, so some of the prep work (finding manifest etc) done by
verify_file() needs to be factored so it can be reused for
vectx_open().

For missing or unrecognized fingerprint entries, we fail
in vectx_open() unless verifying is disabled.

Otherwise fingerprint check happens in vectx_close() and
since this API is only used for files which must be verified
(VE_MUST) we panic if we get an incorrect hash.

Reviewed by:	imp,tsoome
MFC after:	1 week
Sponsored by:	Juniper Networks
Differential Revision:	https://reviews.freebsd.org//D23827
2020-03-08 17:42:42 +00:00
Mateusz Guzik
d2222aa0e9 fd: use smr for managing struct pwd
This has a side effect of eliminating filedesc slock/sunlock during path
lookup, which in turn removes contention vs concurrent modifications to the fd
table.

Reviewed by:	markj, kib
Differential Revision:	https://reviews.freebsd.org/D23889
2020-03-08 00:23:36 +00:00
Dimitry Andric
f7ed37c525 Merge ^/head r358678 through r358711. 2020-03-06 17:11:29 +00:00
Justin Hibbits
dcfc676147 powerpc/memcpy: Don't predict the src and dst will be misaligned
Predicting misalignment will pessimize the expected common case.  Don't
predict true or false in thise case.
2020-03-06 03:46:48 +00:00
Justin Hibbits
021abafa5c Finish revert of r358672, missed in r358688.
Manual reverts never succeed correctly.

Reported by:	luporl
2020-03-06 02:30:04 +00:00
Justin Hibbits
00797360b5 powerpc/powerpc64: Enforce natural alignment in memcpy
Summary:
POWER architecture CPUs (Book-S) require natural alignment for
cache-inhibited storage accesses.  Since we can't know the caching model
for a page ahead of time, always enforce natural alignment in memcpy.
This fixes a SIGBUS in X with acceleration enabled on POWER9.

As part of this, revert r358672, it's no longer necessary with this fix.

Regression tested by alfredo.

Reviewed by: alfredo
Differential Revision: https://reviews.freebsd.org/D23969
2020-03-06 01:45:03 +00:00
Dimitry Andric
8c27c5541e Merge ^/vendor/llvm-project/release-10.x up to its last change (upstream
commit llvmorg-10.0.0-rc3-1-gc290cb61fdc), and bump versions.
2020-03-05 18:11:47 +00:00
Dimitry Andric
e43d33d286 Merge ^/head r358466 through r358677. 2020-03-05 17:55:36 +00:00
Ed Maste
0a052459e6 umtx_op.2: correct typo
PR:		244611
Submitted by:	John F. Carr <jfc@mit.edu>
MFC after:	3 days
2020-03-05 15:51:44 +00:00
Mateusz Piotrowski
d4d63c8986 ftw.3: Add examples
PR:		173448 [1]
Submitted by:	fernape@ (previous version) [1]
Reviewed by:	jilles
Approved by:	bcr (mentor)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D21750
2020-03-05 14:52:24 +00:00
Alfredo Dal'Ava Junior
2b37373c48 [PowerPC64] restrict memcpy/bcopy optimization to POWER ISA >=V2.07
VSX instructions were added in POWER ISA V2.06 (POWER7), but it
requires data to be word-aligned. Such requirement was removed in
ISA V2.07B (POWER8).

Since current memcpy/bcopy optimization relies on VSX instructions
handling misalignment transparently, and kernel doesn't currently
implement an alignment error handler, this optimzation should be
restrict to ISA V2.07 onwards.

SIGBUS on stxvd2x instruction was reproduced in POWER7+ CPU.

Reviewed by:	luporl, jhibbits, bdragon
Approved by:	jhibbits (mentor)
Differential Revision:	https://reviews.freebsd.org/D23958
2020-03-05 14:13:22 +00:00
Mateusz Piotrowski
a81c96922d thr_self.2: Fix some typos in the thread identifier range
Reported by:	kaktus
Approved by:	bcr (mentor)
Differential Revision:	https://reviews.freebsd.org/D23936
2020-03-03 09:51:53 +00:00
Martin Matuska
f55be4fc57 MFV r358511,r358532:
Sync libarchive with vendor.

Relevant vendor changes:
  Issue #1257: Add testcase for ZIPX files with LZMA_STREAM_END marker
  PR #1331: cpio.5: fix hard link description
  Issue #1335: archive_read.c: fix UBSan warning about undefined behavior
  Issue #1338: XAR reader: fix UBSan warning about undefined behavior
  Issue #1339: bsdcpio_test: fix datatype in from_hex()
  Issue #1341: Safe writes: delete temporary file if rename fails.
  Issue #1341: Safe writes: improve error handling

MFC after:	1 week
2020-03-02 08:44:58 +00:00
Mateusz Guzik
8d03b99b9d fd: move vnodes out of filedesc into a dedicated structure
The new structure is copy-on-write. With the assumption that path lookups are
significantly more frequent than chdirs and chrooting this is a win.

This provides stable root and jail root vnodes without the need to reference
them on lookup, which in turn means less work on globally shared structures.
Note this also happens to fix a bug where jail vnode was never referenced,
meaning subsequent access on lookup could run into use-after-free.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D23884
2020-03-01 21:53:46 +00:00
Dimitry Andric
91019ea7d4 Merge ^/head r358400 through r358465. 2020-02-29 15:08:14 +00:00
Ed Maste
c45018041d retire the LLVM_LIBUNWIND option
LLVM's libunwind is used on all FreeBSD-supported CPU architectures and
is a required component.

Reviewed by:	brooks (earlier)
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23123
2020-02-29 12:43:43 +00:00
Dimitry Andric
75dfc66c1b Merge ^/head r358269 through r358399. 2020-02-27 19:07:10 +00:00
Dimitry Andric
4739579419 Merge ^/vendor/llvm-project/release-10.x up to its last change (upstream
commit llvmorg-10.0.0-rc2-70-ge5cb70267e7), and bump versions.
2020-02-27 19:04:39 +00:00
Warner Losh
f33b14f02e Remove libthr, csu, libthread_db and testfloat sparc64 specific directories.
Submitted by:	kib@ (libthr)
2020-02-27 04:44:58 +00:00
Ed Maste
acb8858f05 Return ENOTSUP for mmap/mprotect if prot not subset of prot_max
From POSIX,

[ENOTSUP]
    The implementation does not support the combination of accesses
    requested in the prot argument.

This fits the case that prot contains permissions which are not a subset
of prot_max.

Reviewed by:	brooks, cem
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23843
2020-02-26 20:03:43 +00:00
Warner Losh
a5b6c2960d Remove sparc64 specific parts of libc.
Also update comments for which architectures use 128 bit long doubles,
as appropriate.

The softfloat specialization routines weren't updated since they
appear to be from an upstream source which we may want to update in
the future to get a more favorable license.

Reviewed by: emaste@
Differential Revision:  https://reviews.freebsd.org/D23658
2020-02-26 18:55:09 +00:00
Warner Losh
a8197ad3aa Remove sparc64 specific parts of libm and fix comments
Once upon a time, sparc64 was the only ld128 architecture. However,
both aarch64 and riscv are now such architectures. Many of the
comments about how slow multiplication was on old sparc64 processors
are now no longer true. However, since no evaluation has been done for
aarch64 yet, it's unclear if they are still relevant or not. If not,
the code should be changed. If so, the comments should remove the
uncertainty.

Reviewed by: emaste@
Differential Revision: https://reviews.freebsd.org/D23658
2020-02-26 18:55:03 +00:00
Ed Maste
5c6d07fb9c mprotect.2: sort errors alphabetically
Reported by:	brooks
MFC after:	3 days
2020-02-26 18:46:41 +00:00
Dimitry Andric
c0ac260c74 Instead of using just the long upstream commit hash for LLVM component
versions, use "git describe --tags --long" output, which is more
descriptive.  E.g., "90c78073f73eac58f4f8b4772a896dc8aac023bc" becomes
"llvmorg-10.0.0-rc2-0-g90c78073f73".
2020-02-24 19:18:50 +00:00
Dimitry Andric
24a22d1d9c Merge r358179 through r358238.
PR:		244251
2020-02-22 09:58:11 +00:00
Kyle Evans
5ac6a2c94d fetch(3): plug some leaks
In the successful case, sockshost is not freed prior to return.

The failure case can now be hit after fetch_reopen(), which was not true
before. Thus, we need to make sure to clean up all of the conn resources
which will also close sd. For all of the points prior to fetch_reopen(), we
continue to just close sd.

CID:		1419598, 1419616
2020-02-21 18:21:57 +00:00
Eric van Gyzen
3ae8839afe truncate(2): extending the file is required by POSIX 2008
Update the man page to mention that extending a file with truncate(2)
is required by POSIX as of 2008.

Reviewed by:	bcr
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D23354
2020-02-20 23:47:09 +00:00
Dimitry Andric
6c140a7281 Merge ^/head r358131 through r358178. 2020-02-20 19:07:29 +00:00
Mateusz Guzik
0573d0a9b8 vfs: add realpathat syscall
realpath(3) is used a lot e.g., by clang and is a major source of getcwd
and fstatat calls. This can be done more efficiently in the kernel.

This works by performing a regular lookup while saving the name and found
parent directory. If the terminal vnode is a directory we can resolve it using
usual means. Otherwise we can use the name saved by lookup and resolve the
parent.

See the review for sample syscall counts.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D23574
2020-02-20 16:58:19 +00:00
Baptiste Daroussin
e0989ec919 ncurses: bump shlib number to version 9
ABI has change in between ncurses 5 or 6. While theorically ncurses 6 is buildable with
backward compatibility, I fail at building in a way where the application linked against
the previous version of ncurses are rendering properly.
Let's go on the new ABI which provides all the latest features.

A compat12x package is cooking for backward compatibility
2020-02-20 09:12:07 +00:00
Dimitry Andric
43c7dd6b59 Merge ^/head r358075 through r358130. 2020-02-19 21:03:06 +00:00
Jeff Roberson
c6fd3e23f7 Use per-domain locks for the bucket cache.
This gives much better concurrency when there are a large number of
cores per-domain and multiple domains.  Avoid taking the lock entirely
if it will not be productive.  ROUNDROBIN domains will have mixed
memory in each domain and will load balance to all domains.

While here refactor the zone/domain separation and bucket limits to
simplify callers.

Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D23673
2020-02-19 18:48:46 +00:00
Baptiste Daroussin
e18651243e Update to 6.2-20200215
While I didn't plan another upgrade, This version incorporate fixes from
kevans@ so let's upgrade to it
2020-02-19 17:09:08 +00:00
Kyle Evans
c70019dd0a libsysdecode: grab shmflags from sys/mman.h, add decode method
Any SHM_* flag here is (and likely will continue to be) a shmflag that may
be passed to shm_open2(), with exception to SHM_ANON. This is a prereq to
adding appropriate support to truss/kdump.

Reviewed by:	kaktus (slightly earlier version)
Differential Revision:	https://reviews.freebsd.org/D23733
2020-02-19 14:52:32 +00:00
Baptiste Daroussin
9b61ffab6b lib_gen.c now also depends on ncurses_dll.h specify it to prevent some breakage
if ncurses_dll.h is already present in base while building
2020-02-19 14:09:15 +00:00
Sergio Carlavilla Delgado
8209febbb3 Add some HISTORY sections to manpages
environ(7) was in AT&T Version 7
ac(8): Add a HISTORY section
sa(8): Add a HISTORY section
sqrt(3): Add the actual sqrt function to the HISTORY section

Obtained from: OpenBSD

Submitted by:	gbergling@gmail.com
Approved by:	bcr@(mentor)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D23693
2020-02-19 12:49:49 +00:00
Dimitry Andric
abaad9d77d Merge ^/head r358049 through r358074. 2020-02-18 17:59:37 +00:00
Cy Schubert
e8c4b9d46b This commit makes significant changes to pam_login_access(8) to bring it
up to par with the Linux pam_access(8).

Like the Linux pam_access(8) our pam_login_access(8) is a service module
for pam(3) that allows a administrator to limit access from specified
remote hosts or terminals. Unlike the Linux pam_access, pam_login_access
is missing some features which are added by this commit:

Access file can now be specified. The default remains /etc/access.conf.
The syntax is consistent with Linux pam_access.

By default usernames are matched. If the username fails to match a match
against a group name is attempted. The new nodefgroup module option will
only match a username and no attempt to match a group name is made.
Group names must be specified in brackets, "()" when nodefgroup is
specified. Otherwise the old backward compatible behavior is used.
This is consistent with Linux pam_access.

A new field separator module option allows the replacement of the default
colon (:) with any other character. This facilitates potential future
specification of X displays. This is also consistent with Linux pam_access.

A new list separator module option to replace the default space/comma/tab
with another character. This too is consistent with Linux pam_access.

Linux pam_access options not implemented in this commit are the debug
and audit options. These will be implemented at a later date.

Reviewed by:	bjk, bcr (for manpages)
Approved by:	des (blanket, implicit)
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D23198
2020-02-18 11:27:08 +00:00
Cy Schubert
6f1ed8ae58 strchr() returns a pointer not an int.
Reported by:	bjk
Approved by:	des (blanket, implicit)
MFC after:	3 days
2020-02-18 11:27:05 +00:00
Cy Schubert
9c9372ad3f Add missing SYNOPSIS section.
Reported by:	ports/textproc/igor
MFC after:	3 days
2020-02-18 11:27:02 +00:00
Cy Schubert
88fcc10c94 There is no pam(8) man page, it is pam(3).
Approved by:	des (implicit, blanket)
MFC after:	3 days
2020-02-18 11:26:59 +00:00
Cy Schubert
0d960f7379 When pam_login_access(5) fails to match a username it attempts to
match the primary group a user belongs to. This commit extends the
match to secondary groups a user belongs to as well, just as the Linux
pam_access(5) does.

Approved by:	des (implicit, blanket)
2020-02-18 11:26:56 +00:00
Cy Schubert
f47effabd5 The words ALL, LOCAL, and EXCEPT have special meaning and are documented
as in the login.access(5) man page. However strcasecmp() is used to compare
for these special strings. Because of this User accounts and groups with
the corresponding lowercase names are misintrepreted to have special
whereas they should not.

This commit fixes this, conforming to the man page and to how the Linux
pam_access(8) handles these special words.

Approved by:	des (implicit, blanket)
2020-02-18 11:26:52 +00:00
Baptiste Daroussin
aae38d10b4 Update ncurses to 20200118
Among the changes from before:
- Add support for extended colors on widechar version
- Enable ncurses extended functions
- Enable version 2 of the extended mouse support
- Enable SCREEN extensions

Modification that differs from upstream:
- _nc_delink_entries used to be exposed and was turn static,
  turn it back as dynamic to not break abi
- Adapt our old termcap.c to modern ncurses

MFC after:	3 weeks
2020-02-18 08:11:52 +00:00
Dimitry Andric
3c4ad300a1 Merge ^/head r358000 through r358048. 2020-02-17 20:27:05 +00:00
Dimitry Andric
9260381051 Merge r358042 from the clang1000-import branch:
Add casts and L suffixes to libc quad support, to work around various
-Werror warnings from clang 10.0.0, such as:

lib/libc/quad/fixdfdi.c:57:12: error: implicit conversion from 'long long' to 'double' changes value from 9223372036854775807 to 9223372036854775808 [-Werror,-Wimplicit-int-float-conversion]
                if (x >= QUAD_MAX)
                      ~~ ^~~~~~~~
/usr/obj/usr/src/powerpc.powerpc/tmp/usr/include/sys/limits.h:89:19: note: expanded from macro 'QUAD_MAX'
#define QUAD_MAX        (__QUAD_MAX)    /* max value for a quad_t */
                         ^~~~~~~~~~
/usr/obj/usr/src/powerpc.powerpc/tmp/usr/include/machine/_limits.h:91:20: note: expanded from macro '__QUAD_MAX'
#define __QUAD_MAX      __LLONG_MAX     /* max value for a quad_t */
                        ^~~~~~~~~~~
/usr/obj/usr/src/powerpc.powerpc/tmp/usr/include/machine/_limits.h:75:21: note: expanded from macro '__LLONG_MAX'
#define __LLONG_MAX     0x7fffffffffffffffLL    /* max value for a long long */
                        ^~~~~~~~~~~~~~~~~~~~

and many instances of:

lib/libc/quad/fixunsdfdi.c:73:17: error: shift count >= width of type [-Werror,-Wshift-count-overflow]
        toppart = (x - ONE_HALF) / ONE;
                       ^~~~~~~~
lib/libc/quad/fixunsdfdi.c:45:19: note: expanded from macro 'ONE_HALF'
#define ONE_HALF        (ONE_FOURTH * 2.0)
                         ^~~~~~~~~~
lib/libc/quad/fixunsdfdi.c:44:23: note: expanded from macro 'ONE_FOURTH'
#define ONE_FOURTH      (1 << (LONG_BITS - 2))
                           ^  ~~~~~~~~~~~~~~~
lib/libc/quad/fixunsdfdi.c:73:29: error: shift count >= width of type [-Werror,-Wshift-count-overflow]
        toppart = (x - ONE_HALF) / ONE;
                                   ^~~
lib/libc/quad/fixunsdfdi.c:46:15: note: expanded from macro 'ONE'
#define ONE             (ONE_FOURTH * 4.0)
                         ^~~~~~~~~~
lib/libc/quad/fixunsdfdi.c:44:23: note: expanded from macro 'ONE_FOURTH'
#define ONE_FOURTH      (1 << (LONG_BITS - 2))
                           ^  ~~~~~~~~~~~~~~~

MFC after:	3 days
2020-02-17 20:24:21 +00:00
Dimitry Andric
feb1d5507e Add casts and L suffixes to libc quad support, to work around various
-Werror warnings from clang 10.0.0, such as:

lib/libc/quad/fixdfdi.c:57:12: error: implicit conversion from 'long long' to 'double' changes value from 9223372036854775807 to 9223372036854775808 [-Werror,-Wimplicit-int-float-conversion]
                if (x >= QUAD_MAX)
                      ~~ ^~~~~~~~
/usr/obj/usr/src/powerpc.powerpc/tmp/usr/include/sys/limits.h:89:19: note: expanded from macro 'QUAD_MAX'
#define QUAD_MAX        (__QUAD_MAX)    /* max value for a quad_t */
                         ^~~~~~~~~~
/usr/obj/usr/src/powerpc.powerpc/tmp/usr/include/machine/_limits.h:91:20: note: expanded from macro '__QUAD_MAX'
#define __QUAD_MAX      __LLONG_MAX     /* max value for a quad_t */
                        ^~~~~~~~~~~
/usr/obj/usr/src/powerpc.powerpc/tmp/usr/include/machine/_limits.h:75:21: note: expanded from macro '__LLONG_MAX'
#define __LLONG_MAX     0x7fffffffffffffffLL    /* max value for a long long */
                        ^~~~~~~~~~~~~~~~~~~~

and many instances of:

lib/libc/quad/fixunsdfdi.c:73:17: error: shift count >= width of type [-Werror,-Wshift-count-overflow]
        toppart = (x - ONE_HALF) / ONE;
                       ^~~~~~~~
lib/libc/quad/fixunsdfdi.c:45:19: note: expanded from macro 'ONE_HALF'
#define ONE_HALF        (ONE_FOURTH * 2.0)
                         ^~~~~~~~~~
lib/libc/quad/fixunsdfdi.c:44:23: note: expanded from macro 'ONE_FOURTH'
#define ONE_FOURTH      (1 << (LONG_BITS - 2))
                           ^  ~~~~~~~~~~~~~~~
lib/libc/quad/fixunsdfdi.c:73:29: error: shift count >= width of type [-Werror,-Wshift-count-overflow]
        toppart = (x - ONE_HALF) / ONE;
                                   ^~~
lib/libc/quad/fixunsdfdi.c:46:15: note: expanded from macro 'ONE'
#define ONE             (ONE_FOURTH * 4.0)
                         ^~~~~~~~~~
lib/libc/quad/fixunsdfdi.c:44:23: note: expanded from macro 'ONE_FOURTH'
#define ONE_FOURTH      (1 << (LONG_BITS - 2))
                           ^  ~~~~~~~~~~~~~~~
2020-02-17 20:14:59 +00:00
Dimitry Andric
054f98174b Work around riscv buildworld failure where it cannot link the final
clang binary, with:

ld: error: undefined symbol: llvm::EnableABIBreakingChecks
>>> referenced by PlistDiagnostics.cpp
>>>               PlistDiagnostics.o:(.sdata+0x0) in archive /usr/obj/usr/src/riscv.riscv64/lib/clang/libclang/libclang.a
[... many more like this ...]
2020-02-17 18:51:52 +00:00
Mark Johnston
34e2051faf Remove swblk_t.
It was used only to store the bounds of each swap device.  However,
since swblk_t is a signed 32-bit int and daddr_t is a signed 64-bit
int, swp_pager_isondev() may return an invalid result if swap devices
are repeatedly added and removed and sw_end for a device ends up
becoming a negative number.

Note that the removed comment about maximum swap size still applies.

Reviewed by:	jeff, kib
Tested by:	pho
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23666
2020-02-17 15:11:07 +00:00
Bjoern A. Zeeb
10108cb673 Partially revert VNET change and expand VNET structure.
Revert parts of r353274 replacing vnet_state with a shutdown flag.

Not having the state flag for the current SI_SUB_* makes it harder to debug
kernel or module panics related to VNET bringup or teardown.
Not having the state also does not allow us to check for other dependency
levels between components, e.g. for moving interfaces.

Expand the VNET structure with the new boolean flag indicating that we are
doing a shutdown of a given vnet and update the vnet magic cookie for the
change.

Update libkvm to compile with a bool in the kernel struct.

Bump __FreeBSD_version for (external) module builds to more easily detect
the change.

Reviewed by:	hselasky
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D23097
2020-02-17 11:08:50 +00:00
Dimitry Andric
b33a8b3822 Merge ^/head r357966 through r357999. 2020-02-16 13:23:54 +00:00
Konstantin Belousov
132fb3dc99 Add pthread_peekjoin_np(3).
The function allows to peek at the thread exit status and even see
return value, without joining (and thus finally destroying) the target
thread.

Reviewed by:	markj
Sponsored by:	The FreeBSD Foundation (kib)
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D23676
2020-02-15 23:25:39 +00:00
Kyle Evans
86fd2105dc fetch(3): don't leak sockshost on failure
fetch_socks5_getenv will allocate memory for the host (or set it to NULL) in
all cases through the function; the caller is responsible for freeing it if
we end up allocating.

While I'm here, I've eliminated a label that just jumps to the next line...
2020-02-15 19:47:49 +00:00
Kyle Evans
3dc455e897 fetch(3): fix regression in IPv6:port spec from r357977
In case the port was specified, we never actually populated *host. Do so
now.

Pointy hat:	kevans
2020-02-15 19:39:50 +00:00
Kyle Evans
0f3fa96016 fetch(3): move bits of fetch_socks5_getenv around
This commit separates out port parsing and validation from grabbing the host
from the env var. The only related bit really is that we need to be more
specific with the delimiter in the IPv6 case.
2020-02-15 19:31:40 +00:00
Kyle Evans
c44be5aa0a fetch(3): Add SOCKS5 support
This change adds SOCKS5 support to the library fetch(3) and updates the man
page.

Details: Within the fetch_connect() function, fetch(3) checks if the
SOCKS5_PROXY environment variable is set. If so, it connects to this host
rather than the end-host. It then initializes the SOCKS5 connection in
accordance with RFC 1928 and returns the resulting conn_t (file descriptor)
for usage by the regular FTP/HTTP handlers.

Design Decision: This change defaults all DNS resolutions through the proxy
by sending all IPs as hostnames. Going forward, another feature might be to
create another environmental variable to toggle resolutions through the
proxy or not..

One may set the SOCKS5_PROXY environment variable in any of the formats:

SOCKS5_PROXY=proxy.example.com
SOCKS5_PROXY=proxy.example.com:1080
SOCKS5_PROXY=192.0.2.0
SOCKS5_PROXY=198.51.100.0:1080
SOCKS5_PROXY=[2001:db8::1]
SOCKS5_PROXY=[2001:db8::2]:1080

Then perform a request with fetch(1).

(note by kevans)
I've since been informed that Void Linux/xbps has a fork of libfetch that
also implements SOCKS5. I may compare/contrast the two in the mid-to-near
future.

Submitted by:	Farhan Khan <farhan farhan codes>
Differential Revision:	https://reviews.freebsd.org/D18908
2020-02-15 18:03:16 +00:00
Dimitry Andric
13138422bc Merge ^/vendor/llvm-project/release-10.x up to its last change (upstream
commit llvmorg-10.0.0-rc2-0-g90c78073f73), bump versions, and update
build glue.
2020-02-15 14:58:40 +00:00
Dimitry Andric
74dc6beb30 Merge ^/head r357855 through r357920. 2020-02-14 19:32:58 +00:00
Konstantin Belousov
751fae1eff Return success, instead of ESRCH, from pthread_cancel(3) applied to the
exited but not yet joined thread.

Before, if the thread exited but was not yet joined, we returned
ESRCH.

According to IEEE Std 1003.1™-2017 recommendation in the
description of pthread_cancel(3):
  If an implementation detects use of a thread ID after the end of its
  lifetime, it is recommended that the function should fail and report
  an [ESRCH] error.
So it seems desirable to not return ESRCH until the lifetime of the
thread ID ends.  According to the section 2.9.2 Thread IDs,
  The lifetime of a thread ID ends after the thread terminates if it
  was created with the detachstate attribute set to
  PTHREAD_CREATE_DETACHED or if pthread_detach() or pthread_join()
  has been called for that thread.
In other words, lifetime for thread ID of exited but not yet joined thread
did not ended yet.

Prompted by:	cperciva
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2020-02-13 23:22:12 +00:00
Dimitry Andric
44e86fbdcf Merge ^/head r357662 through r357854. 2020-02-13 12:52:24 +00:00
Warner Losh
f0df5b8f27 Remove sparc64 specific inclusion of bswap32 built-ins. 2020-02-12 06:56:04 +00:00
Warner Losh
1ddf69c1df Remove sparc64 specific warning suppression. 2020-02-12 06:54:34 +00:00
Warner Losh
feb2ecc382 Remove excluding libproc and librtld_db on sparc64. 2020-02-12 06:54:28 +00:00
Warner Losh
08d7456502 Remove sparc64 files
These were disconnected from the build when the kernel was
removed. Since they depend on removed parts of the kernel, remove them
completely.
2020-02-12 06:53:29 +00:00
Martin Matuska
f976241773 MFV r357783:
Update libarchive to 3.4.2

Relevant vendor changes:
  PR #1289: atomic extraction support (bsdtar -x --safe-writes)
  PR #1308: big endian fix for UTF16 support in LHA reader
  PR #1326: reject RAR5 files that declare invalid header flags
  Issue #987: fix support 7z archive entries with Delta filter
  Issue #1317: fix compression output buffer handling in XAR writer
  Issue #1319: fix uname or gname longer than 32 characters in pax writer
  Issue #1325: fix use after free when archiving hardlinks in ISO9660 or XAR
  Use localtime_r() and gmtime_r() instead of localtime() and gmtime()

X-MFC-With:	r356212,r356365,r356416
MFC after:	1 week
2020-02-12 00:16:56 +00:00
Mark Johnston
25aa4a3c07 libmemstat: Catch up with r357776.
Reported by:	O. Hartmann <ohartmann@walstatt.org>
2020-02-11 20:15:49 +00:00
Xin LI
d38c30c092 MFV r357712: file 5.38.
MFC after:	2 weeks
2020-02-11 07:02:48 +00:00
Konstantin Belousov
fc908e5001 Use sigfastblock(2) for masking signals in libthr.
Ensure proper handshake to transfer sigfastblock(2) blocking word
ownership from rtld to libthr.

Unfortunately sigfastblock(2) is not enough to stop intercepting
signals in libthr, because critical sections must ensure more than
just signal blocking.

Tested by:	pho
Disscussed with:	cem, emaste, jilles
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D12773
2020-02-09 12:27:22 +00:00
Konstantin Belousov
a1fd89b45f Add AT_BSDFLAGS support to _elf_aux_info(3).
Tested by:	pho
Disscussed with:	cem, emaste, jilles
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D12773
2020-02-09 12:12:03 +00:00
Konstantin Belousov
146fc63fce Add a way to manage thread signal mask using shared word, instead of syscall.
A new syscall sigfastblock(2) is added which registers a uint32_t
variable as containing the count of blocks for signal delivery.  Its
content is read by kernel on each syscall entry and on AST processing,
non-zero count of blocks is interpreted same as the signal mask
blocking all signals.

The biggest downside of the feature that I see is that memory
corruption that affects the registered fast sigblock location, would
cause quite strange application misbehavior. For instance, the process
would be immune to ^C (but killable by SIGKILL).

With consumers (rtld and libthr added), benchmarks do not show a
slow-down of the syscalls in micro-measurements, and macro benchmarks
like buildworld do not demonstrate a difference. Part of the reason is
that buildworld time is dominated by compiler, and clang already links
to libthr. On the other hand, small utilities typically used by shell
scripts have the total number of syscalls cut by half.

The syscall is not exported from the stable libc version namespace on
purpose.  It is intended to be used only by our C runtime
implementation internals.

Tested by:	pho
Disscussed with:	cem, emaste, jilles
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D12773
2020-02-09 11:53:12 +00:00
Eitan Adler
66a23ebe19 memset.3: better fix previous typo
Upon re-reading the whole sentence this is a better fix.

MFC with: r357681
2020-02-08 21:17:48 +00:00
Eitan Adler
3f8bd4b7bf memset.3: fix a a duplicate word 2020-02-08 20:56:38 +00:00
Konstantin Belousov
53071ed1c9 pmc: Add Hygon Dhyana support.
To make the PMC tool pmcstat working properly on Hygon platform, add
support for Hygon Dhyana family 18h by using the PMC initialization
code path of AMD family 17h.

Submitted by:	Pu Wen <puwen@hygon.cn>
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D23562
2020-02-07 22:28:04 +00:00
Dimitry Andric
bc02c18c48 Merge ^/head r357408 through r357661. 2020-02-07 19:08:37 +00:00
Pedro F. Giffuni
2512630061 typo: s/impelmentation/implementation/.
No functional change
2020-02-07 15:14:29 +00:00
John Baldwin
f5a7e78d32 Tidy the _set_tp function for RISC-V.
- Use a constant for the offset instead of a magic number.
- Use an addi instruction that writes to tp directly instead of a mv
  that writes the result of a compiler-generated addi.

Reviewed by:	mhorne
MFC after:	1 week
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D23521
2020-02-06 21:46:15 +00:00
Leandro Lupori
38cf2a4334 Implement kvm_kerndisp
This change adds a new libkvm function, kvm_kerndisp(), that can be used to
retrieve the kernel displacement, that is the difference between the kernel's
base virtual address at run time and the kernel base virtual address specified
in the kernel image file.

This will be used by kgdb, to properly relocate kernel symbols, when needed.

Reviewed by:	jhb
Differential Revision:	https://reviews.freebsd.org/D23285
2020-02-06 13:21:59 +00:00
Ed Maste
0f61170882 libssp_nonshared: use only on i386 and ppc
libssp_nonshared.a defines one symbol, __stack_chk_fail_local.  This
is used only on i386 and powerpc; other archs emit calls directly to
__stack_chk_fail.  Simplify linking on other archs by omitting it.

PR:		242941 [exp-run]
2020-02-05 20:08:01 +00:00
Ed Maste
83372bda16 libfetch: disallow invalid escape sequences
Per RFC1738 escape is "% hex hex"; other sequences do not form a valid URL.

Suggested by:	Matthew Dillon
Reviewed by:	Matthew Dillon
MFC after:	1 week
2020-02-05 16:55:00 +00:00
Mark Johnston
a3a706387e Fix a use of an uninitialized pointer in xdr_rpcbs_rmtcalllist().
This appears to have been introduced in r173763.  Also fix the confusing
indentation that probably led to the bug in the first place.

PR:		243759
Diagnosed by:	martin@lispworks.com
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2020-02-05 16:10:09 +00:00
Mark Johnston
51d7f2ed58 Improve validation of the sockaddr length in iruserok_sa().
Negative numbers are not valid sockaddr lengths.

PR:		243747
Submitted by:	Andrew Reiter <areiter@veracode.com>
MFC after:	1 week
2020-02-05 16:09:44 +00:00
Kyle Evans
acf2957e49 login.conf(5): split MAIL env var out into a "mail" capability
This allows it to be easily suppressed in, e.g., the "daemon" class where it
will not be properly expanded.

This is a part of D21481.

Submitted by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
2020-02-05 04:17:14 +00:00
Jeff Roberson
7f38506ff9 Fix libmemstat_uma build after r357485.
Submitted by:	cy
2020-02-04 05:27:45 +00:00
Warner Losh
58aa35d429 Remove sparc64 kernel support
Remove all sparc64 specific files
Remove all sparc64 ifdefs
Removee indireeect sparc64 ifdefs
2020-02-03 17:35:11 +00:00
Kyle Evans
b85ea80975 libc: provide fputc_unlocked
Among the same justification as the other stdio _unlocked; in addition to an
inline version in <stdio.h>, we must provide a function in libc as well for
the functionality. This fixes the lang/gcc* builds, which want to use the
symbol from libc.

PR:		243810
Reported by:	antoine, swills, Michael <michael.adm gmail com>
X-MFC-With:	r357284
2020-02-02 19:45:12 +00:00
Brandon Bergren
469026a8a3 [PowerPC] Fix feholdexcept() on powerpc referencing the wrong struct member
In r355656, endianness handling of the floating point environment was fixed
in the PowerPC code to work as intended.

However, one bit got missed, causing feholdexcept() to mis-save the fenv.

Submitted by:	Renato Riolino <renato.riolino@eldorado.org.br>
Differential Revision:	https://reviews.freebsd.org/D23382
2020-02-02 19:16:52 +00:00
Kyle Evans
6a5abb1ee5 Provide O_SEARCH
O_SEARCH is defined by POSIX [0] to open a directory for searching, skipping
permissions checks on the directory itself after the initial open(). This is
close to the semantics we've historically applied for O_EXEC on a directory,
which is UB according to POSIX. Conveniently, O_SEARCH on a file is also
explicitly undefined behavior according to POSIX, so O_EXEC would be a fine
choice. The spec goes on to state that O_SEARCH and O_EXEC need not be
distinct values, but they're not defined to be the same value.

This was pointed out as an incompatibility with other systems that had made
its way into libarchive, which had assumed that O_EXEC was an alias for
O_SEARCH.

This defines compatibility O_SEARCH/FSEARCH (equivalent to O_EXEC and FEXEC
respectively) and expands our UB for O_EXEC on a directory. O_EXEC on a
directory is checked in vn_open_vnode already, so for completeness we add a
NOEXECCHECK when O_SEARCH has been specified on the top-level fd and do not
re-check that when descending in namei.

[0] https://pubs.opengroup.org/onlinepubs/9699919799/

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D23247
2020-02-02 16:34:57 +00:00