Commit Graph

18428 Commits

Author SHA1 Message Date
Rodney W. Grimes
ce9f2d31b3 Convert absolute links to relative links.
Style.Makefile(9) has been ignored to produce minimal diffs.

Approved by:	grehan (mentor)
MFC after:	1 week
2017-03-07 05:10:38 +00:00
Justin Hibbits
90b4425549 Clang in base now supports -mlongcall, so remove this hack
PR:		215947
MFC after:	2 weeks
2017-03-07 02:17:38 +00:00
Andrey V. Elsukov
22986c6740 Introduce the concept of IPsec security policies scope.
Currently are defined three scopes: global, ifnet, and pcb.
Generic security policies that IKE daemon can add via PF_KEY interface
or an administrator creates with setkey(8) utility have GLOBAL scope.
Such policies can be applied by the kernel to outgoing packets and checked
agains inbound packets after IPsec processing.
Security policies created by if_ipsec(4) interfaces have IFNET scope.
Such policies are applied to packets that are passed through if_ipsec(4)
interface.
And security policies created by application using setsockopt()
IP_IPSEC_POLICY option have PCB scope. Such policies are applied to
packets related to specific socket. Currently there is no way to list
PCB policies via setkey(8) utility.

Modify setkey(8) and libipsec(3) to be able distinguish the scope of
security policies in the `setkey -DP` listing. Add two optional flags:
'-t' to list only policies related to virtual *tunneling* interfaces,
i.e. policies with IFNET scope, and '-g' to list only policies with GLOBAL
scope. By default policies from all scopes are listed.

To implement this PF_KEY's sadb_x_policy structure was modified.
sadb_x_policy_reserved field is used to pass the policy scope from the
kernel to userland. SADB_SPDDUMP message extended to support filtering
by scope: sadb_msg_satype field is used to specify bit mask of requested
scopes.

For IFNET policies the sadb_x_policy_priority field of struct sadb_x_policy
is used to pass if_ipsec's interface if_index to the userland. For GLOBAL
policies sadb_x_policy_priority is used only to manage order of security
policies in the SPDB. For IFNET policies it is not used, so it can be used
to keep if_index.

After this change the output of `setkey -DP` now looks like:
# setkey -DPt
0.0.0.0/0[any] 0.0.0.0/0[any] any
	in ipsec
	esp/tunnel/87.250.242.144-87.250.242.145/unique:145
	spid=7 seq=3 pid=58025 scope=ifnet ifname=ipsec0
	refcnt=1
# setkey -DPg
::/0 ::/0 icmp6 135,0
	out none
	spid=5 seq=1 pid=872 scope=global
	refcnt=1

No objection from:	#network
Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D9805
2017-03-07 00:13:53 +00:00
Enji Cooper
7532a6570b Move ATF_TC_WITHOUT_HEAD(getgrent) near the testcase it annotates
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-03-06 22:46:49 +00:00
Bryan Drewery
a1b9cad56b Fix bootstrapping libmd on older systems after r314709.
This follows another fix to bootstrap libmd after r313404.  The
MD5FileChunk prototype is needed to build libmd, but it is
only reliably in the src tree's sys/md5.h header.  Rather than
polluting the legacy build with this header for the entire build,
just symlink it in here for now as is done in the elftoolchain
build.  Libmd is already referencing other src tree headers by
its used of CFLAGS+= ${SRCTOP}/sys/crypto/sha2.  This, and
other uses of CFLAGS+= ${SRCTOP}/sys..., may later change to
be in the legacy mechanism.

Reported by:	bde, ian, sjg
Tested by:	ian
2017-03-06 21:06:55 +00:00
Pedro F. Giffuni
b5120bbada libpam: extra bounds checking through reallocarray(3).
Reviewed by:	des
MFC after:	1 week
2017-03-06 15:45:46 +00:00
Pedro F. Giffuni
fdd2f2ebdd Revert r314777: wrong log, the change was to libpam. 2017-03-06 15:42:03 +00:00
Pedro F. Giffuni
0012b66baf libfetch: extra bounds checking through reallocarray(3).
Reviewed by:	des
MFC after:	1 week
2017-03-06 15:38:03 +00:00
Pedro F. Giffuni
bb7d0109d7 libfetch: extra bounds checking through reallocarray(3).
Reviewed by:	des
MFC after:	1 week
2017-03-06 15:37:34 +00:00
Xin LI
0d64c8a06d Remove compatibility with old libpcap.
Differential Revision:	https://reviews.freebsd.org/D9606
2017-03-06 08:13:19 +00:00
Dag-Erling Smørgrav
c8453e5bf4 Fix partial requests (used by fetch -r) when the requested file is
already complete.

Since 416 is an error code, any Content-Range header in the response
would refer to the error message, not the requested document, so
relying on the value of size when we know we got a 416 is wrong.
Instead, just verify that offset == 0 and assume that we've reached
the end of the document (if offset > 0, we did not request a range,
and the server is screwing with us).  Note that we cannot distinguish
between reaching the end and going past it, but that is a flaw in the
protocol, not in the code, so we just have to assume that the caller
knows what it's doing.  A smart caller would request an offset
slightly before what it believes is the end and compare the result to
what is already in the file.

PR:		212065
Reported by:	mandree
MFC after:	3 weeks
2017-03-05 12:06:45 +00:00
Conrad Meyer
8844cec8f3 fts: Fix a potential memory leak in error case
Dan Krejsa reports a potential memory leak in an fts_build error case,
detected by Coverity.  (It doesn't seem to show up in Coverity Scan, so I
don't have a CID to point to.)

I don't know whether it is actually possible to arrive in this case with a
non-empty 'head' list.  The cost is low, though.  One additional branch in a
terminal error case isn't the end of the world.

PR:		217125
Submitted by:	Dan Krejsa <dan.krejsa at gmail.com>
2017-03-04 20:46:57 +00:00
Enji Cooper
abe427af75 Fix warnings in lib/msun/tests/... to help pave way for WARNS?= 6.
- Staticize variables.
- Use nitems liberally. Wherever nitems is used, use unsigned integers
- Remove unused variables (argc, argv, etc)

This fixes most issues -- some issues remain in logarithm_test though.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-03-04 10:07:46 +00:00
Enji Cooper
5c47281893 Convert lib/msun/ctrig_test from TAP to ATF
This is being done as a precursor for work needed to annontate failing
testcases with clang 4.0+.

MFC after:	1 week
PR:	217528
Sponsored by:	Dell EMC Isilon
2017-03-04 09:16:51 +00:00
Warner Losh
8ff15e8613 Make sure guid table is compiled before we use it.
Sponsored by: Netflix
2017-03-03 20:23:23 +00:00
Warner Losh
80967c8e1c Only compile the known uuid table once.
Sponsored by: Netflix
2017-03-03 20:22:56 +00:00
Warner Losh
e174551332 Move uuid_table definition to efivar.h.
Create new function efi_known_guid() to return list of guids.

Sponsored by: Netflix
2017-03-03 20:22:47 +00:00
Dag-Erling Smørgrav
886c581471 Load default options before requesting a ticket.
PR:		213909
Reported by:	basarevych@gmail.com
MFC after:	1 week
2017-03-03 14:06:22 +00:00
Baptiste Daroussin
5d1ce10bee Properly initialize netrcfd in fetchParseURL
This fixes ftp with fetch(1) which was broken after r313974

Submitted by:	dim
Reported by:	olivier
Pointyhat to:	bapt
2017-03-03 12:51:16 +00:00
Enji Cooper
fa42250152 Correct MLINKS for sbuf_hexdump(9)
sbuf_hexdump(9) should be linked to sbuf(9), not hexdump(3). Another
review will be posted to deduplicate the sbuf_hexdump reference in
in hexdump(3) or at the very least make the information less duplicative.

MFC after:	1 week
X-MFC with:	r313437
Sponsored by:	Dell EMC Isilon
2017-03-03 06:31:47 +00:00
Martin Matuska
642870485c MFV r314565,314567,314570:
Update libarchive to version 3.3.1 (and sync with latest vendor dist)

Notable vendor changes:
  PR #501: improvements in ACL path handling
  PR #724: fix hang when reading malformed cpio files
  PR #864: fix out of bounds read with malformed GNU tar archives
  Documentation, style, test suite improvements and typo fixes.

New options to bsdtar that enable or disable reading and/or writing of:
  Access Control Lists (--acls, --no-acls)
  Extended file flags (--fflags, --no-fflags)
  Extended attributes (--xattrs, --no-xattrs)
  Mac OS X metadata (Mac OS X only) (--mac-metadata, --no-mac-metadata)

MFC after:	2 weeks
2017-03-02 22:59:35 +00:00
Dimitry Andric
ed085b68ab Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
4.0.0 (branches/release_40 296509).  The release will follow soon.

Please note that from 3.5.0 onwards, clang, llvm and lldb require C++11
support to build; see UPDATING for more information.

Also note that as of 4.0.0, lld should be able to link the base system
on amd64 and aarch64.  See the WITH_LLD_IS_LLD setting in src.conf(5).
Though please be aware that this is work in progress.

Release notes for llvm, clang and lld will be available here:
<http://releases.llvm.org/4.0.0/docs/ReleaseNotes.html>
<http://releases.llvm.org/4.0.0/tools/clang/docs/ReleaseNotes.html>
<http://releases.llvm.org/4.0.0/tools/lld/docs/ReleaseNotes.html>

Thanks to Ed Maste, Jan Beich, Antoine Brodin and Eric Fiselier for
their help.

Relnotes:	yes
Exp-run:	antoine
PR:		215969, 216008
MFC after:	1 month
2017-03-02 20:49:40 +00:00
Brooks Davis
af4157ef72 Garbage collect unused gdtoa related files on mips.
Reviewed by:	emase, imp, jhb
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D9841
2017-03-02 17:08:37 +00:00
Brooks Davis
13f2393362 Correct an misunderstanding of MDSRCS.
MDSRCS it intended to allow assembly versions of funtions with C
implementations listed in MISRCS. The selection of the correct
machdep_ldis?.c for a given architecture does not follow this pattern
and the file should be added to SRCS directly.

Reviewed by:	emaste, imp, jhb
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D9841
2017-03-02 17:07:28 +00:00
Brooks Davis
9fe44df287 Correct MDSRCS use in <arch>/string/Makefile.inc.
- Remove .c files which duplicate entries in MISRCS.
- Use the same, less merge conflict prone style in all cases.
- Use MDSRCS for mips (.c and .S files both ended up in SRCS).
- Remove pointless sparc64 Makefile.inc.
- Remove uninformative foreign VCS ID entries.

Reviewed by:	emaste, imp, jhb
MFC after:	1 week
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D9841
2017-03-02 17:05:52 +00:00
Scott Long
add86609f8 Expose the sbuf_putbuf() symbol to libsbuf. There are a few other symbols
that are present but not exposed, like get/set/clear flags, not sure if they
need to be exposed at this point.

Sponsored by:	Netflix
2017-03-02 01:39:23 +00:00
Dimitry Andric
348238dbd4 Merge ^/head r314420 through r314481. 2017-03-01 08:22:51 +00:00
Warner Losh
fbbd9655e5 Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
Eric van Gyzen
81027fa594 Sort declaration of sem_clockwait_np
Also mention <time.h> in sem_timedwait(3), because POSIX does,
and because the user will need it for clockid_t, struct timespec,
and TIMER_ABSTIME.

Reported by:	bde
MFC after:	9 days
X-MFC with:	r314179
Sponsored by:	Dell EMC
2017-02-28 21:47:00 +00:00
Dimitry Andric
be64968040 Merge ^/head r314270 through r314419. 2017-02-28 21:30:26 +00:00
Dimitry Andric
2e477b5e5e Merge llvm, clang, compiler-rt, libc++, lld and lldb release_40 branch
r296509, and update build glue.
2017-02-28 21:18:23 +00:00
Dimitry Andric
365919ebc1 Vendor import of llvm release_40 branch r296509:
https://llvm.org/svn/llvm-project/llvm/branches/release_40@296509
2017-02-28 21:07:18 +00:00
Bjoern A. Zeeb
6d91604093 Properly indent a default: label and avoid crashing when running
under -v but cannot connect due to trying to print an int as %s [1].

Reported by:	andrew [1]
MFC after:	3 days
2017-02-28 18:10:03 +00:00
Gleb Smirnoff
efe3b0de14 Remove SVR4 (System V Release 4) binary compatibility support.
UNIX System V Release 4 is operating system released in 1988. It ceased
to exist in early 2000-s.
2017-02-28 05:14:42 +00:00
Pedro F. Giffuni
3b243527db librss: simplify some NULL checks.
MFC after:	1 week
2017-02-27 00:10:00 +00:00
Mariusz Zaborski
b62c1f2b18 Remove unneeded variable initialization from r314319.
Pointed out by:	kib
2017-02-26 22:15:39 +00:00
Mariusz Zaborski
ba1b663656 Don't try to open devices in the gettc() function which will always
fail in the Capability mode. Instead silently fallback to the syscall
method, which is done for example in the gettimeofday(2) function.

Reviewed by:	kib
2017-02-26 22:07:26 +00:00
Dimitry Andric
d630701f86 Merge ^/head r314178 through r314269. 2017-02-25 15:04:19 +00:00
Dimitry Andric
bc93f188f6 Merge llvm, clang, compiler-rt, libc++, lld and lldb release_40 branch
r296202, and update build glue.
2017-02-25 15:00:57 +00:00
Dimitry Andric
2344cbce57 Vendor import of clang release_40 branch r296202:
https://llvm.org/svn/llvm-project/cfe/branches/release_40@296202
2017-02-25 14:40:42 +00:00
Dimitry Andric
9c618dddcd Vendor import of llvm release_40 branch r296202:
https://llvm.org/svn/llvm-project/llvm/branches/release_40@296202
2017-02-25 14:40:33 +00:00
Warner Losh
589c673b32 Don't convert ENOENT to nothing for individual lookup, just for the
iterative get_next interface. This prevents efivar(3) from printing 4k
of 0's when a variable isn't set.

Sponsored by: Netflix
2017-02-25 00:09:21 +00:00
Enji Cooper
8f7861b26f Fix up r314189
The conditional in do_buff_decode(..) after the while loop was accidentally
inverted. Only increment the pointer for fmt if it's not NUL.

MFC after:	2 weeks
X-MFC with:	r314189
Reported by:	pstef
Sponsored by:	Dell EMC Isilon
2017-02-24 06:49:31 +00:00
Enji Cooper
29d14889f5 Fix some minor style nits: put parentheses around return values
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-02-24 06:28:58 +00:00
Enji Cooper
69c703b9c4 Fix up NULL/'\0' uses and fix 2 derefs after NULL
MFC after:	2 weeks
Reported by:	Coverity
CID:		1018898, 1018899
Differential Revision:	https://reviews.freebsd.org/D6142
Sponsored by:	Dell EMC Isilon
2017-02-24 06:24:39 +00:00
Eric van Gyzen
b215ceaaec Add sem_clockwait_np()
This function allows the caller to specify the reference clock
and choose between absolute and relative mode.  In relative mode,
the remaining time can be returned.

The API is similar to clock_nanosleep(3).  Thanks to Ed Schouten
for that suggestion.

While I'm here, reduce the sleep time in the semaphore "child"
test to greatly reduce its runtime.  Also add a reasonable timeout.

Reviewed by:	ed (userland)
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D9656
2017-02-23 19:36:38 +00:00
Dimitry Andric
eedd67c033 Merge ^/head r314129 through r314177. 2017-02-23 19:32:25 +00:00
Dimitry Andric
5d19388204 Merge llvm, clang, compiler-rt, libc++, lld and lldb release_40 branch
r296002, and update build glue.
2017-02-23 19:25:29 +00:00
Dimitry Andric
47c4f8f166 Vendor import of clang release_40 branch r296002:
https://llvm.org/svn/llvm-project/cfe/branches/release_40@296002
2017-02-23 19:13:57 +00:00
Dimitry Andric
5a813558fc Vendor import of llvm release_40 branch r296002:
https://llvm.org/svn/llvm-project/llvm/branches/release_40@296002
2017-02-23 19:13:48 +00:00
Dimitry Andric
1b6fff624e Vendor import of clang release_40 branch r295910:
https://llvm.org/svn/llvm-project/cfe/branches/release_40@295910
2017-02-23 19:02:12 +00:00
Dimitry Andric
e49737eb04 Vendor import of llvm release_40 branch r295910:
https://llvm.org/svn/llvm-project/llvm/branches/release_40@295910
2017-02-23 19:02:03 +00:00
Jung-uk Kim
d751009457 Remove an assembler flag, which is redundant since r309124. The upstream
took care of it by introducing a macro NO_EXEC_STACK_DIRECTIVE.

http://llvm.org/viewvc/llvm-project?rev=273500&view=rev

Reviewed by:	dim
2017-02-23 17:46:38 +00:00
Dimitry Andric
6ae9acde63 Merge ^/head r313896 through r314128. 2017-02-23 07:45:58 +00:00
Dimitry Andric
e3c4285520 Surround any unmangled C++ names in libcxxrt's version map with 'extern
"C++"', otherwise ld refuses to make the symbols global in the final
library.  This causes the __int128-related symbols to go missing when
the library is stripped during installation.

Helpful hints:	emaste
MFC after:	2 weeks
X-MFC-With:	r314061
2017-02-22 18:44:57 +00:00
Dimitry Andric
6fc1c2befc Add __int128-related symbols to libcxxrt's version map. Put these into
the same CXXABI verions as recent libstdc++.

Note that __int128 types are only available on arches where long long is
128 bit wide.

Noticed by:	harti
MFC after:	2 weeks
2017-02-21 21:48:45 +00:00
Eric van Gyzen
90c1b723a5 Make several improvements and corrections in the kenv(2) man page
MFC after:	3 days
Sponsored by:	Dell EMC
2017-02-21 19:51:41 +00:00
Dag-Erling Smørgrav
f3b0ac3409 Upgrade to OpenPAM Radula. 2017-02-20 00:56:46 +00:00
Baptiste Daroussin
d8713bf361 Add a file descriptor in struct url for netrc
When using libfetch in an application that drops privileges when fetching
like pkg(8) then user complain because the application does not read anymore
${HOME}/.netrc. Now a caller can prepare a fd to the said file and manually
assign it to the structure.

It is also a first step to allow to capsicumize libfetch applications

Reviewed by:	allanjude, des
Approved by:	des
Differential Revision:	https://reviews.freebsd.org/D9678
2017-02-20 00:14:31 +00:00
Dag-Erling Smørgrav
04e3065217 Vendor import of OpenPAM Radula. 2017-02-19 21:00:46 +00:00
Dimitry Andric
5d77776c55 Belatedly add variant.cpp to libc++. This completes the support for the
upcoming C++17 std::variant template.
2017-02-19 14:53:59 +00:00
Dimitry Andric
a3906ca572 Merge ^/head r313644 through r313895. 2017-02-17 20:19:38 +00:00
Dimitry Andric
2bcad0d8d6 Merge llvm, clang, compiler-rt, libc++, lld and lldb release_40 branch
r295380, and update build glue.
2017-02-17 20:07:35 +00:00
Dimitry Andric
abacad30a5 Vendor import of compiler-rt release_40 branch r295380:
https://llvm.org/svn/llvm-project/compiler-rt/branches/release_40@295380
2017-02-17 19:37:28 +00:00
Dimitry Andric
eb2854521a Vendor import of clang release_40 branch r295380:
https://llvm.org/svn/llvm-project/cfe/branches/release_40@295380
2017-02-17 19:36:19 +00:00
Dimitry Andric
c60b95818e Vendor import of llvm release_40 branch r295380:
https://llvm.org/svn/llvm-project/llvm/branches/release_40@295380
2017-02-17 19:35:08 +00:00
Michal Meloun
d98d230378 Publish fp[get][set]sticky() for ARMv6.
Although fp[get][set]sticky() functions are obsolete, they are still
required for GNU fortran49 library.

MFC after: 2 months
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D9634
2017-02-17 13:49:46 +00:00
Michal Meloun
cd9bdb7362 Publish __aeabi_uidiv and __aeabi_idiv as compatible symbols from libc.
Due to bug[1] in libcompiler_rt, all symbols declared by
DEFINE_AEABI_FUNCTION_ALIAS() are not hidden. All these but two
are explicitly exported from libc and don't causes problems.

Remaining two, __aeabi_uidiv and __aeabi_idiv, infecting all
non-versioned shared libraries. And these symbols are consumed
by many (if not all) packages[2].

As workaround, export these from libc as compatible symbols,
in global namespace. With this, these are still visible for
rtld, but static linker doesn't use then.

[1]
DEFINE_AEABI_FUNCTION_ALIAS() macro uses '.set' directive for
declaration of aliased symbol. Unfortunately, '.set' doesn't
inherit visibility of base symbol, and macro don't explicitly
sets visibility for aliased one.

[2]
Given symbols are exported from non-versioned libraries only if
library itself uses them. So, if world is built for CPU with
HW divide, these function are not used and given symbols are
not exported. By this, contents of these libraries is not stable,
and all packages fails to run.

Note: Due to r313823 I'm forced to commit this too early, without
leave enough time for proper review.

MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D9632
2017-02-17 11:16:19 +00:00
Mahdi Mokhtari
1fdfb24aa7 Add documentations related to new APIs of r313761
PR:		216850 216851 216852 216856 216857 216858
Submitted by:	sgk@troutmask.apl.washington.edu
Reported by:	sgk@troutmask.apl.washington.edu
Reviewed by:	bde emaste hselasky
Approved by:	bde emaste hselasky
Differential Revision:	https://reviews.freebsd.org/D9491
2017-02-17 08:25:48 +00:00
Mahdi Mokhtari
a287735349 Fix building of r313761 on platforms that
`long double` is alias of `double` (MIPS, etc)

PR:		216850 216851 216852 216856 216857 216858
Reported by:	emsate
Reviewed by:	bde emaste hselasky
Approved by:	bde emaste hselasky
Differential Revision:	https://reviews.freebsd.org/D9491
2017-02-17 08:22:32 +00:00
Ed Schouten
8eb15797b1 Remove unnecessary #includes from the kqueue(2) man page.
Now that <sys/event.h> can be included on its own, adjust the manual
page accordingly. Remove both unnecessary #include statements from the
synopsis and the example code.

While there, also add a note to the BUGS section to mention that
previous versions of this header file still depend on <sys/types.h>.

Reviewed by:	ngie, vangyzen
Differential Revision:	https://reviews.freebsd.org/D9605
2017-02-16 06:52:53 +00:00
Ed Maste
1dc349ab95 prefix UFS symbols with UFS_ to reduce namespace pollution
Specifically:
  ROOTINO -> UFS_ROOTINO
  WINO -> UFS_WINO
  NXADDR -> UFS_NXADDR
  NDADDR -> UFS_NDADDR
  NIADDR -> UFS_NIADDR
  MAXSYMLINKLEN_UFS[12] -> UFS[12]_MAXSYMLINKLEN (for consistency)

Also prefix ext2's and nandfs's NDADDR and NIADDR with EXT2_ and NANDFS_

Reviewed by:	kib, mckusick
Obtained from:	NetBSD
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D9536
2017-02-15 19:50:26 +00:00
Mahdi Mokhtari
a11c507775 Add casinl() cacosl() catanl() casinhl() cacoshl() catanhl() APIs to msun
to improve C11 conformance.

PR:		216850 216851 216852 216856 216857 216858
Submitted by:	mmokhi
Reported by:	sgk@troutmask.apl.washington.edu
Reviewed by:	bde, mat, theraven
Approved by:	bde (src committer), mat (mentor)
Differential Revision:	https://reviews.freebsd.org/D9491
2017-02-15 07:59:54 +00:00
Mark Johnston
661c4fe512 Fix indentation in nss_configure().
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-02-14 21:55:50 +00:00
Mark Johnston
888e46a99b Register nss_atexit() before parsing nsswitch.conf for the first time.
NSS modules are loaded when nsswitch.conf is parsed and may register their
own atexit handlers with libc. nss_atexit() unloads any dynamically loaded
NSS modules, so it should run only after the modules' atexit handlers have
been invoked.

MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-02-14 21:51:19 +00:00
Bartek Rutkowski
00ef17befe Capsicum support for bhyve(8).
Adds Capsicum sandboxing to bhyve.

Submitted by:	Pawel Biernacki <pawel.biernacki@gmail.com>
Reviewed by:	grehan, oshogbo
Approved by:	emaste, grehan
Sponsored by:	Mysterious Code Ltd.
Differential Revision:	https://reviews.freebsd.org/D8290
2017-02-14 13:35:59 +00:00
Enji Cooper
87dc0e9bc9 Handle clang 4.x+ with the compile-time exception added in r312213
It also fails the assertions noted in bug 208703

PR:	208703
PR:	217084
Submitted by:	jbeich
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-02-14 00:54:48 +00:00
Dimitry Andric
c9117188c5 For now, compile all of contrib/gdtoa without requiring strict aliasing,
since it is using type punning of union members, and clang does not yet
support gcc's extensions which allow this (refer to
https://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html#Type%2dpunning
for more information).

This should fix strtod(3) return values for the lang/julia port, so it
does not fail on an assertion during its build.

PR:		216770
2017-02-13 20:13:29 +00:00
Xin LI
ada6f083b9 MFV r313676: libpcap 1.8.1
MFC after:	1 month
2017-02-13 08:23:39 +00:00
Konstantin Belousov
987ff18184 Consistently handle negative or wrapping offsets in the mmap(2) syscalls.
For regular files and posix shared memory, POSIX requires that
[offset, offset + size) range is legitimate.  At the maping time,
check that offset is not negative.  Allowing negative offsets might
expose the data that filesystem put into vm_object for internal use,
esp. due to OFF_TO_IDX() signess treatment.  Fault handler verifies
that the mapped range is valid, assuming that mmap(2) checked that
arithmetic gives no undefined results.

For device mappings, leave the semantic of negative offsets to the
driver.  Correct object page index calculation to not erronously
propagate sign.

In either case, disallow overflow of offset + size.

Update mmap(2) man page to explain the requirement of the range
validity, and behaviour when the range becomes invalid after mapping.

Reported and tested by:	royger (previous version)
Reviewed by:	alc
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2017-02-12 21:05:44 +00:00
Enji Cooper
99b33ca4ec Manipulate OBJDIR with :H when referencing dso directory
This reduces path lengths, etc in memory with make by a minimal value

Sponsored by:	Dell EMC Isilon
2017-02-11 20:14:50 +00:00
Dimitry Andric
1a36faad54 Merge ^/head r313301 through r313643. 2017-02-11 14:04:18 +00:00
Dimitry Andric
5ca5951e31 Merge llvm, clang, compiler-rt, libc++, lld and lldb release_40 branch
r294803, and update build glue.
2017-02-11 13:58:05 +00:00
Dimitry Andric
3897d3b845 Vendor import of llvm release_40 branch r294803:
https://llvm.org/svn/llvm-project/llvm/branches/release_40@294803
2017-02-11 13:25:24 +00:00
Conrad Meyer
0ecf59f68f ufs: Use UFS_MAXNAMLEN constant
(like NFS, EXT2FS, SVR4, IBCS2) instead of redefining the MAXNAMLEN
constant.

No functional change.

Reviewed by:	kib@, markj@
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D9500
2017-02-09 17:47:01 +00:00
Enji Cooper
635f2911b0 Merge content from ^/projects/netbsd-tests-upstream-01-2017 into ^/head
The primary end-goal of this drop is ease future merges with NetBSD and
collaborate further with the NetBSD project.

The goal was (largely, not completely as some items are still oustanding
in the NetBSD GNATS system) achieved by doing the following:
- Pushing as many changes required to port contrib/netbsd-tests
  back to NetBSD as possible, then pull the upstream applied changes
  back in to FreeBSD.
- Diff reduce with upstream where possible by:
-- Improving libnetbsd header, etc compat glue.
-- Using _SED variables to modify test scripts on the fly for items
   that could not be upstreamed to NetBSD.

As a bonus for this work, this change also introduces testcases for
uniq(1).

Many thanks to Christos for working with me to get many of the changes
back into the NetBSD project.

In collaboration with:	Christos Zoulas <christos@netbsd.org>
MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-02-08 09:46:15 +00:00
Enji Cooper
12e1a6e990 Clean up trailing and leading whitespace for variables to make it
consistent with the rest of the file and style.Makefile(9) a bit
more

MFC after:	3 weeks
Sponsored by:	Dell EMC Isilon
2017-02-08 09:24:25 +00:00
Enji Cooper
0a2eff9dd9 Create link from hexdump(3) to sbuf_hexdump(9) as the manpage describes
sbuf_hexdump(9)'s behavior

MFC after:	3 weeks
Sponsored by:	Dell EMC Isilon
2017-02-08 09:22:35 +00:00
Enji Cooper
696fcb05fb Clarify #includes for hexdump(3) vs sbuf_hexdump(9)
hexdump(3) only requires libutil.h, whereas sbuf_hexdump(9) requires
sys/types.h (for ssize_t) and sys/sbuf.h

MFC after:	3 weeks
Sponsored by:	Dell EMC Isilon
2017-02-08 09:19:49 +00:00
Enji Cooper
9ddd071605 MFhead@r313404 2017-02-07 19:47:30 +00:00
Enji Cooper
da9813b9ea Remove placeholder compat header for stdio.h
In the end, dealing with fparseln was more bikeshed worthy than I
anticipated, and polling stdio.h with libutil.h caused me more
grief than necessary. Keeping the compat header around for no
reason other than include_next'ing the stdio.h header in FreeBSD
makes no sense.
2017-02-07 19:47:04 +00:00
Enji Cooper
e0f389edab Improve libnetbsd compatibility with NetBSD
This change is being made to diff reduce/reduce duplication in
contrib/netbsd-tests and to facilitate further porting of software from
NetBSD

Add the following headers:
- sys/event.h:
-- sys/types.h is required for kqueue on FreeBSD, but not NetBSD.
- sys/types.h:
-- NBBY is defined in sys/param.h on FreeBSD, not sys/types.h like on NetBSD.
   Pull in sys/param.h to have parity with NetBSD.
- sys/wait.h:
-- Define wrusage as __wrusage for parity with NetBSD typedef.
- glob.h
-- Define __gl_stat_t as "struct stat" for parity with NetBSD typedef.
- pthread.h:
-- Pull in pthread_np.h for _np functions defined separately on FreeBSD.

Improve compatibility with NetBSD in the following headers:

- sha1.h:
-- define SHA1_CTX as SHA_CTX
-- define SHA1Final as SHA1_Final
- sha2.h:
-- #include sha384 to pick up all of the SHA 384 bit macros and definitions.
- util.h:
-- Add sys/types.h to util.h to pollute the header for types used in
   flags_to_string and string_to_flags (u_long) as NetBSD doesn't require them
   for the functions.

MFC after:      2 weeks
Sponsored by:   Dell EMC Isilon
2017-02-07 19:42:41 +00:00
Enji Cooper
a678f77962 MFhead@r313380 2017-02-07 06:04:13 +00:00
Enji Cooper
9a41ce4a69 Expect :int_within_limits to fail when ptrdiff_t/*intmax_t differ in base type
The %t{d,u} (ptrdiff_t) tests fail for the following reasons:
- ptrdiff_t is by definition int32_t on !LP64 architectures and int64_t on
  LP64 architectures.
- intmax_t is by definition fixed to int64_t on all architectures.
- Some of the code in lib/libc/stdio/... is promoting ptrdiff_t to *intmax_t
  when parsing/representing the value.

PR:		191674
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-02-07 05:39:00 +00:00
Enji Cooper
1eca9a9a49 Wrap strcmp/wcscmp calls with ATF_CHECK_MSG and drop atf_tc_fail use
The reasoning here was the same as what was done in r313376:
- Gather as many results as possible instead of failing early and
  not testing the rest of the cases.
- Simplify logic when checking test inputs vs outputs and printing
  test result.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-02-07 04:25:21 +00:00
Enji Cooper
0653d1fb68 Fix :hexadecimal_floating_point on i386
Don't exclude i386 from LDBL_MANT_DIG == 64; it works properly in
that case.

While here, replace strcmp + atf_tc_fail with ATF_CHECK_MSG for 2
reasons:
- Gather as many results as possible instead of failing early and
  not testing the rest of the cases.
- Simplify logic when checking test inputs vs outputs and printing
  test result.

Tested on:	amd64, i386
MFC after: 	1 week
Sponsored by:	Dell EMC Isilon
2017-02-07 03:46:48 +00:00
Enji Cooper
d5f154d3cf hcreate(3): fix the ERRORS section and bump .Dd
- Add missing comma between functions that trigger ENOMEM error.
- Fix the description for ESRCH. The action that triggers this error is
  FIND, not SEARCH (SEARCH does not exist).

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-02-07 02:32:49 +00:00
Enji Cooper
15df32b48d MFhead@r313360 2017-02-07 01:33:39 +00:00
Toomas Soome
467c82cb84 loader: Replace EFI part devices.
Rewrite EFI part device interface to present disk devices in more
user friendly way.

We keep list of three types of devices: floppy, cd and disk, the
visible names: fdX: cdX: and diskX:

Use common/disk.c and common/part.c interfaces to manage the
partitioning.

The lsdev -l will additionally list the device path.

Reviewed by:	imp, allanjude
Approved by:	imp (mentor), allanjude (mentor)
Differential Revision:	https://reviews.freebsd.org/D8581
2017-02-06 09:18:47 +00:00
Andrey V. Elsukov
fcf596178b Merge projects/ipsec into head/.
Small summary
 -------------

o Almost all IPsec releated code was moved into sys/netipsec.
o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel
  option IPSEC_SUPPORT added. It enables support for loading
  and unloading of ipsec.ko and tcpmd5.ko kernel modules.
o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by
  default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type
  support was removed. Added TCP/UDP checksum handling for
  inbound packets that were decapsulated by transport mode SAs.
  setkey(8) modified to show run-time NAT-T configuration of SA.
o New network pseudo interface if_ipsec(4) added. For now it is
  build as part of ipsec.ko module (or with IPSEC kernel).
  It implements IPsec virtual tunnels to create route-based VPNs.
o The network stack now invokes IPsec functions using special
  methods. The only one header file <netipsec/ipsec_support.h>
  should be included to declare all the needed things to work
  with IPsec.
o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed.
  Now these protocols are handled directly via IPsec methods.
o TCP_SIGNATURE support was reworked to be more close to RFC.
o PF_KEY SADB was reworked:
  - now all security associations stored in the single SPI namespace,
    and all SAs MUST have unique SPI.
  - several hash tables added to speed up lookups in SADB.
  - SADB now uses rmlock to protect access, and concurrent threads
    can do SA lookups in the same time.
  - many PF_KEY message handlers were reworked to reflect changes
    in SADB.
  - SADB_UPDATE message was extended to support new PF_KEY headers:
    SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They
    can be used by IKE daemon to change SA addresses.
o ipsecrequest and secpolicy structures were cardinally changed to
  avoid locking protection for ipsecrequest. Now we support
  only limited number (4) of bundled SAs, but they are supported
  for both INET and INET6.
o INPCB security policy cache was introduced. Each PCB now caches
  used security policies to avoid SP lookup for each packet.
o For inbound security policies added the mode, when the kernel does
  check for full history of applied IPsec transforms.
o References counting rules for security policies and security
  associations were changed. The proper SA locking added into xform
  code.
o xform code was also changed. Now it is possible to unregister xforms.
  tdb_xxx structures were changed and renamed to reflect changes in
  SADB/SPDB, and changed rules for locking and refcounting.

Reviewed by:	gnn, wblock
Obtained from:	Yandex LLC
Relnotes:	yes
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D9352
2017-02-06 08:49:57 +00:00