Commit Graph

8883 Commits

Author SHA1 Message Date
Brooks Davis
ee37749af6 Add PROT_MAX to the HISTORY section.
In the case of mmap(), add a HISTORY section.  Mention that mmap() and
mprotect()'s documentation predates an implementation.  The
implementation first saw wide use in 4.3-Reno, but there seems to be no
easy way to express that in mdoc so stick with 4.4BSD.

Reviewed by:	emaste
Requested by:	cem
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D20713
2019-06-20 21:52:30 +00:00
Brooks Davis
74a1b66cf4 Extend mmap/mprotect API to specify the max page protections.
A new macro PROT_MAX() alters a protection value so it can be OR'd with
a regular protection value to specify the maximum permissions.  If
present, these flags specify the maximum permissions.

While these flags are non-portable, they can be used in portable code
with simple ifdefs to expand PROT_MAX() to 0.

This change allows (e.g.) a region that must be writable during run-time
linking or JIT code generation to be made permanently read+execute after
writes are complete.  This complements W^X protections allowing more
precise control by the programmer.

This change alters mprotect argument checking and returns an error when
unhandled protection flags are set.  This differs from POSIX (in that
POSIX only specifies an error), but is the documented behavior on Linux
and more closely matches historical mmap behavior.

In addition to explicit setting of the maximum permissions, an
experimental sysctl vm.imply_prot_max causes mmap to assume that the
initial permissions requested should be the maximum when the sysctl is
set to 1.  PROT_NONE mappings are excluded from this for compatibility
with rtld and other consumers that use such mappings to reserve
address space before mapping contents into part of the reservation.  A
final version this is expected to provide per-binary and per-process
opt-in/out options and this sysctl will go away in its current form.
As such it is undocumented.

Reviewed by:	emaste, kib (prior version), markj
Additional suggestions from:	alc
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D18880
2019-06-20 18:24:16 +00:00
Alan Somers
5993fa5582 open(2): fix the description of O_FSYNC
The man page claims that with O_FSYNC (aka O_SYNC) the kernel will not cache
written data. However, that's not true. Nor does POSIX require it.
Perhaps it was true when that section of the man page was written in r69336
(I haven't checked). But it's not true now.  Now the effect is simply that
writes are sent to disk immediately and synchronously, but they're still
cached.

See also: https://pubs.opengroup.org/onlinepubs/9699919799/
See also: ffs_write in sys/ufs/ffs/ffs_vnops.c

Reviewed by:	cem
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20641
2019-06-14 20:35:37 +00:00
Mariusz Zaborski
5c816e43b4 unlink: add missing function to unlink.2 man page 2019-06-05 22:36:19 +00:00
Bjoern A. Zeeb
96b3894360 Rather than using the legacy IP struct fields in the union for the
port number, properly access them by their IPv6 names.
This will make it easier to slice up and compile out address families
in the future.

No functional change intended.

MFC after:	6 weeks
2019-06-04 20:53:35 +00:00
Pedro F. Giffuni
ec845b07c6 typo: suppported. 2019-05-29 02:08:23 +00:00
Baptiste Daroussin
45a13fd899 Move back group, master.passwd and shells to etc directory
Use the .PATH mechanism instead so keep installing them from lib/libc/gen

While here revert 347961 and 347893 which are no longer needed

Discussed with:	manu
Tested by:	manu
ok manu@
2019-05-23 18:37:05 +00:00
Alan Somers
8bbd9a3839 Link fhlinkat(2) man page
Reviewed by:	kib
MFC after:	3 days
MFC-With:	r341689
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20339
2019-05-22 01:11:21 +00:00
Konstantin Belousov
7c5a46a1bc Remove resolver_qual from DEFINE_IFUNC/DEFINE_UIFUNC macros.
In all practical situations, the resolver visibility is static.

Requested by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Approved by:	so (emaste)
Differential revision:	https://reviews.freebsd.org/D20281
2019-05-16 22:20:54 +00:00
Brad Davis
871b6b10ce Move master.passwd and group to lib/libc/gen/
libc was picked as the destination location for these because of the syscalls
that use these files as the lowest level place they are referenced.

Approved by:	will (mentor), rgrimes, manu
Differential Revision:	https://reviews.freebsd.org/D16728
2019-05-16 01:09:13 +00:00
Benedict Reuschling
15c9c06e6a Add small EXAMPLE section to bsearch.3.
Submitted by:		fernape (via Phabricator)
Reviewed by:		bcr, jilles, dab
Approved by:		bcr (man pages), jilles (src)
MFC after:		3 days
Differential Revision:	https://reviews.freebsd.org/D19902
2019-05-15 15:54:27 +00:00
Mark Johnston
54a3a11421 Provide separate accounting for user-wired pages.
Historically we have not distinguished between kernel wirings and user
wirings for accounting purposes.  User wirings (via mlock(2)) were
subject to a global limit on the number of wired pages, so if large
swaths of physical memory were wired by the kernel, as happens with
the ZFS ARC among other things, the limit could be exceeded, causing
user wirings to fail.

The change adds a new counter, v_user_wire_count, which counts the
number of virtual pages wired by user processes via mlock(2) and
mlockall(2).  Only user-wired pages are subject to the system-wide
limit which helps provide some safety against deadlocks.  In
particular, while sources of kernel wirings typically support some
backpressure mechanism, there is no way to reclaim user-wired pages
shorting of killing the wiring process.  The limit is exported as
vm.max_user_wired, renamed from vm.max_wired, and changed from u_int
to u_long.

The choice to count virtual user-wired pages rather than physical
pages was done for simplicity.  There are mechanisms that can cause
user-wired mappings to be destroyed while maintaining a wiring of
the backing physical page; these make it difficult to accurately
track user wirings at the physical page layer.

The change also closes some holes which allowed user wirings to succeed
even when they would cause the system limit to be exceeded.  For
instance, mmap() may now fail with ENOMEM in a process that has called
mlockall(MCL_FUTURE) if the new mapping would cause the user wiring
limit to be exceeded.

Note that bhyve -S is subject to the user wiring limit, which defaults
to 1/3 of physical RAM.  Users that wish to exceed the limit must tune
vm.max_user_wired.

Reviewed by:	kib, ngie (mlock() test changes)
Tested by:	pho (earlier version)
MFC after:	45 days
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D19908
2019-05-13 16:38:48 +00:00
Justin Hibbits
2f420a7c7f revert r346588 for now
The rewrite of strcmp in assembly uses an instruction added in PowerISA
2.05, making it SIGILL on CPUs older than the POWER6, such as the PPC970 in
the PowerMac G5.  Revert this until we get clang+lld, or retire the in-tree
binutils in favor of newer binutils with IFUNC support, whichever comes
first.
2019-05-11 15:17:42 +00:00
Alan Somers
05a179e83e directory.3: add a STANDARDS section
Reviewed by:	jilles, ngie
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D20111
2019-05-02 19:59:37 +00:00
Ian Lepore
7d6386daa0 Add a manpage for elf_aux_info(3)
Differential Revision:	https://reviews.freebsd.org/D20063
2019-04-26 15:43:14 +00:00
Justin Hibbits
89a0487c97 powerpc64: Rewrite strcmp in asm to take advantage of word size
Summary:
Optimize strcmp for powerpc64.
Data is loaded by double words and cmpb intruction is used to find '\0'.

Some performance gain rates between the current and the optimized solution:

String size (bytes)		Gain rate
	<=8			0.59%
	<=16			1.92%
	32			3.02%
	64			5.60%
	128			10.16%
	256			18.05%
	512			30.18%
	1024			42.82%

Submitted by:	alexandre.yamashita_eldorado.org.br,
		leonardo.bianconi_eldorado.org.br
Differential Revision: https://reviews.freebsd.org/D15220
2019-04-23 02:53:53 +00:00
Conrad Meyer
680defa7ce random.3: Remove obsolete BUGS section
Relative performance to rand(3) is sort of irrelevant; they do different things
and a user with sensitivity to RNG performance won't use libc random(3) anyway.

The historical note about bad seeding is long obsolete, referring to a 1996 or
earlier version of FreeBSD.

Sponsored by:	Dell EMC Isilon
2019-04-22 16:29:34 +00:00
Conrad Meyer
0ab49eea7f rand.3: Match better recommendation language from random.3
Sponsored by:	Dell EMC Isilon
2019-04-22 16:26:39 +00:00
Enji Cooper
47c347cb58 Fix get_int_via_sysctlbyname(..) on Jenkins
Initialize `oldlen` to the size of the value, instead of leaving the value
unitialized. Leaving it unitialized seems to work by accident on amd64 when
running 64-bit programs, but not on i386.

This matches patterns in use in other programs.

PR:		237458
Approved by:	emaste (mentor; implicit)
MFC after:	1 week
Tested on:	^/head (amd64), ^/stable/11 (i386)
2019-04-22 11:09:24 +00:00
Conrad Meyer
6b97c2e306 Revert r346410 and r346411
libkern in .PATH has too many filename conflicts with libc and my -DNO_CLEAN
tinderbox didn't catch that ahead of time.  Mea culpa.
2019-04-19 22:08:17 +00:00
Conrad Meyer
7deb4b1964 libkern: Bring in arc4random_uniform(9) from libc
It is a useful arc4random wrapper in the kernel for much the same reasons as
in userspace.  Move the source to libkern (because kernel build is
restricted to sys/, but userspace can include any file it likes) and build
kernel and libc versions from the same source file.

Copy the documentation from arc4random_uniform(3) to the section 9 page.

While here, add missing arc4random_buf(9) symlink.

Sponsored by:	Dell EMC Isilon
2019-04-19 20:05:47 +00:00
Conrad Meyer
1631235aa6 random.3: Clarify confusing summary
random.3 is only "better" in contrast to rand.3.  Both are non-cryptographic
pseudo-random number generators.  The opening blurbs of each's DESCRIPTION
section does emphasize this, and correctly directs unfamiliar developers to
arc4random(3).  However, the summary (".Nd" or Name description) of random.3
conflicted in tone and message with that warning.

Resolve the conflict by clarifying in the Nd section that random(3) is
non-cryptographic and pseudo-random.  Elide the "better" qualifier which
implied a comparison but did not provide a specific object to contrast.

Sponsored by:	Dell EMC Isilon
2019-04-15 18:49:04 +00:00
Konstantin Belousov
760e34772c Fix order of destructors between main binary and libraries.
Since inits for the main binary are run from rtld (for some time), the
rtld_exit atexit(3) handler, which is passed from rtld to the program
entry and installed by csu, is installed after any atexit(3) handlers
installed by main binary constructors.  This means that rtld_exit() is
fired before main binary handlers.

Typical C++ static constructors are executed from init (either binary
or libs) but use atexit(3) to ensure that destructors are called in
the right order, independent of the linking order.  Also, C++
libraries finalizers call __cxa_finalize(3) to flush library'
atexit(3) entries.  Since atexit(3) entry is cleared after being run,
this would be mostly innocent, except that, atexit(rtld_exit) done
after main binary constructors, makes destructors from libraries
executed before destructors for main.

Fix by reordering atexit(rtld_exit) before inits for main binary, same
as it happened when inits were called by csu.  Do it using new private
libc symbol with pre-defined ABI.

Reported. tested, and reviewed by:	kan
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-04-15 13:03:09 +00:00
Ed Maste
22ccf855bf libc: update strstr implementation to match musl
musl commits:
122d67f846cb0be2c9e1c3880db9eb9545bbe38c
0239cd0681e889a269fb7691f60e81ef8d081e6b
8f5a820d147da36bcdbddd201b35d293699dacd8

Submitted by:	David CARLIER <devnexen_gmail.com>
Obtained from:	musl
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19834
2019-04-09 15:52:18 +00:00
Edward Tomasz Napierala
9b7448fcad .Xr protect(1) and proccontrol(1) from procctl(2).
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2019-04-09 10:09:59 +00:00
Mariusz Zaborski
a1304030b8 Introduce funlinkat syscall that always us to check if we are removing
the file associated with the given file descriptor.

Reviewed by:	kib, asomers
Reviewed by:	cem, jilles, brooks (they reviewed previous version)
Discussed with:	pjd, and many others
Differential Revision:	https://reviews.freebsd.org/D14567
2019-04-06 09:34:26 +00:00
Rodney W. Grimes
6c1c6ae537 Use IN_foo() macros from sys/netinet/in.h inplace of handcrafted code
There are a few places that use hand crafted versions of the macros
from sys/netinet/in.h making it difficult to actually alter the
values in use by these macros.  Correct that by replacing handcrafted
code with proper macro usage.

Reviewed by:		karels, kristof
Approved by:		bde (mentor)
MFC after:		3 weeks
Sponsored by:		John Gilmore
Differential Revision:	https://reviews.freebsd.org/D19317
2019-04-04 19:01:13 +00:00
Enji Cooper
0eb97cca9f Allow users to override CSTD/CXXSTD on a per-prog basis
The current logic for CSTD/CXXSTD requires homogenity as far as the
supported C/C++ standards, which is a sensible default. However, when
dealing with differing versions of C++, some code may compile with C++11, but
not C++17 (for instance). So in order to avoid having people convert over their
code to the new standard, give the users the ability to specify the standard on
a per-program basis.

This will allow a user to override the supporting standard for a set of
programs, mixing C++11 with C++14 (for instance).

Reviewed by:	asomers
Apprved by:	emaste (mentor)
MFC after:	1 month
MFC with:	r345708
Differential Revision: https://reviews.freebsd.org/D19738
2019-03-29 18:49:08 +00:00
Enji Cooper
bdbf3440ce Revert r345706: the third time will be the charm
When a review is closed via Phabricator it updates the patch attached to the
review. I downloaded the raw patch from Phabricator, applied it, and repeated
my mistake from r345704 by accident mixing content from D19732 and D19738.

For my own personal sanity, I will try not to mix reviews like this in the
future.

MFC after:	1 month
MFC with:	r345706
Approved by:	emaste (mentor, implicit)
2019-03-29 18:43:46 +00:00
Enji Cooper
760b1a815b Standardize -std=c++* as CXXSTD`
CXXSTD was added as the C++ analogue to CSTD.

CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.

This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.

As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.

Notes:

This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.

Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:

Before this commit:
```
CXXFLAGS+=	-std=c++14
```

After this commit:
```
CXXSTD=	c++14
```

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 month
MFC with:	r345203, r345704, r345705
Relnotes:	yes
Tested with:	make tinderbox
Differential Revision:	https://reviews.freebsd.org/D19732
2019-03-29 18:31:48 +00:00
Enji Cooper
752cabaa1c Revert r345704
I accidentally committed code from two reviews. I will reintroduce the code to
bsd.progs.mk as part of a separate commit from r345704.

Approved by:	emaste (mentor, implicit)
MFC after:	2 months
MFC with:	r345704
2019-03-29 18:16:33 +00:00
Enji Cooper
9a41926bfb CXXSTD is the C++ analogue to CSTD.
CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.

This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.

As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.

Notes:

This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.

Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:

Before this commit:
```
CXXFLAGS+=	-std=c++14
```

After this commit:
```
CXXSTD=	c++14
```

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 month
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D19732
2019-03-29 18:13:44 +00:00
Konstantin Belousov
5d00c5a657 Fix initial exec TLS mode for dynamically loaded shared objects.
If dso uses initial exec TLS mode, rtld tries to allocate TLS in
static space. If there is no space left, the dlopen(3) fails. If space
if allocated, initial content from PT_TLS segment is distributed to
all threads' pcbs, which was missed and caused un-initialized TLS
segment for such dso after dlopen(3).

The mode is auto-detected either due to the relocation used, or if the
DF_STATIC_TLS dynamic flag is set.  In the later case, the TLS segment
is tried to allocate earlier, which increases chance of the dlopen(3)
to succeed.  LLD was recently fixed to properly emit the flag, ld.bdf
did it always.

Initial test by:	dumbbell
Tested by:	emaste (amd64), ian (arm)
Tested by:	Gerald Aryeetey <aryeeteygerald_rogers.com> (arm64)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19072
2019-03-29 17:52:57 +00:00
Ed Maste
09b47fc1c2 revert r341429 "disable BIND_NOW in libc, libthr, and rtld"
r345620 by kib@ fixed the rtld issue that caused a crash at startup
during resolution of libc's ifuncs with BIND_NOW.

PR:		233333
Sponsored by:	The FreeBSD Foundation
2019-03-28 02:12:32 +00:00
Ed Maste
ed5e102abb DTF_REWIND does nothing (since r247236) so retire its use
Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D19663
2019-03-26 19:35:41 +00:00
Ravi Pokala
557e162fe7 Add descriptions for sysctls in kern_mib.c and sysctl.3 which lack them.
r343532 noted the difference between "hw.realmem" and "hw.physmem", which I
was previously unaware of. I discovered that neither sysctl had a
description visible via `sysctl -d', so I found where they were defined and
added suitable descriptions. While in the file, I went ahead and added
descriptions for all the others which lacked them. I also updated sysctl.3
accordingly

Reviewed by:	kib, bcr
MFC after:	1 weeks
Sponsored by:	Panasas
Differential Revision:	https://reviews.freebsd.org/D19007
2019-03-23 19:53:15 +00:00
Conrad Meyer
481572a998 arc4random: Adjust example code to use uniform() API
PR:		236678
Reported by:	Andras Farkas <deepbluemistake AT gmail.com>
2019-03-21 14:45:08 +00:00
Ed Maste
f6a10ccc53 Use consistent struct stat arg name in stat man page
stat, lstat, and fstat use `*sb` as the stat struct pointer arg name,
while fstatat previously used `*buf`.

MFC after:	1 week
2019-03-13 15:18:14 +00:00
John Baldwin
2e43efd0bb Drop "All rights reserved" from my copyright statements.
Reviewed by:	rgrimes
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D19485
2019-03-06 22:11:45 +00:00
Michael Tuexen
8124c05f2c Use correct buffer sizes in sctp_get[lp]addrs().
MFC after:		3 days
2019-03-02 13:16:01 +00:00
Ed Maste
d95826c43d poll.2: POLLNVAL is returned also for insufficient rights
Reported by:	"Bora Özarslan" <borako.ozarslan@gmail.com>
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2019-02-27 17:52:22 +00:00
Konstantin Belousov
9fb91a0a7d procctl(2): document ASLR knobs.
Reviewed by:	0mp
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D19308
2019-02-26 17:41:41 +00:00
Konstantin Belousov
80a3fa4893 procctl(2): fix -width parameter to .Bl.
According to 0mp, macros are not expanded in the argument provided to
-width.  Use plain identifiers for width specification.

Noted and reviewed by:	0mp
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D19308
2019-02-26 17:35:06 +00:00
Konstantin Belousov
03d89f7a04 pkru(3) man page.
Reviewed by:	alc, markj, jilles
With more input from:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19211
2019-02-20 10:03:03 +00:00
Konstantin Belousov
a2d95495ee Add usermode helpers for for Intel userspace protection keys feature.
Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D18893
2019-02-20 09:56:23 +00:00
Enji Cooper
c90e23db39 Make server_cat(..) handle short receives
In short, the prior code was far too simplistic when it came to calling recv(2)
and failed intermittently (or in the case of Jenkins, deterministically).

Handle short recv(2)s by checking the return code and incrementing the window
into the buffer by the number of received bytes. If the number of received
bytes <= 0, then bail out of the loop, and test the total number of received
bytes vs the expected number of bytes sent for equality, and base whether or
not the test passes/fails on that fact.

Remove the expected failure, now that the hdtr testcases deterministically pass
on my host after this change [1].

PR:		234809 [1], 235200
Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D19188
2019-02-19 22:19:31 +00:00
Sean Eric Fagan
237f4abc57 Remove some redundant code in _posix1e_acl_strip_np
This was discovered through examination -- acl_copy_entry() copies the
tag type and permset fields.

Reviewed by:	trasz, pfg
Sponsored by:	iXsystems Inc.
Differential Revision:	https://reviews.freebsd.org/D19240
2019-02-19 19:15:15 +00:00
Gleb Smirnoff
5bfb2e008d Imaginary cat jumped my keyboard! 2019-02-15 23:46:34 +00:00
Gleb Smirnoff
66fb0b1ad7 For 32-bit machines rollback the default number of vnode pager pbufs
back to the lever before r343030.  For 64-bit machines reduce it slightly,
too.  Together with r343030 I bumped the limit up to the value we use at
Netflix to serve 100 Gbit/s of sendfile traffic, and it probably isn't a
good default.

Provide a loader tunable to change vnode pager pbufs count. Document it.
2019-02-15 23:36:22 +00:00
Konstantin Belousov
071bca67ee Unify i386 and amd64 getcontextx.c, and use ifuncs while there.
In particular, use ifuncs for __getcontextx_size(), also calculate the
size of the extended save area in resolver.  Same for __fillcontextx2().

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-02-14 14:02:33 +00:00