12617 Commits

Author SHA1 Message Date
Conrad Meyer
1532e6565c Capsicum support for jot(1)
Limit descriptors and enter capability mode in jot(1).

Submitted by:	brueffer (earlier version)
Reviewed by:	emaste, jonathan (earlier version)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D1345
2016-10-19 21:50:57 +00:00
Pietro Cerutti
3652bc8e09 Chase a cornercase in printenv and sync its behaviour with builtin's
The cornercase is when printenv is passed a parameter in the form VAR=val,
where VAR=val exists in the environment. In this case, printenv would print a
spurious newline and returns 0.

Approved by:		cognet
MFC after:			1 week
2016-10-19 14:51:25 +00:00
Warner Losh
c30dcf40ba Add a new flag to mkimg (-a num) to specify the active partition for
those partitioning schemes that have this concept. Implement it as an
override for mbr's setting 0x80 in the flags for the first partition
when we have boot code.

Differential Revision: https://reviews.freebsd.org/D4403
2016-10-18 05:43:12 +00:00
Marcel Moolenaar
4299711473 o Provide a private definition for UUIDs (mkimg_uuid_t) because
UUIDs are not portable.
 o  Move mkimg_uuid() to a new file and merge both gpt_uuid_enc()
    and vhd_uuid_enc() into a single mkimg_uuid_enc() that lives
    in the same file.
 o  Move the OS-specific implementation of generating a UUID to
    osdep_uuidgen() and provide the implementations for FreeBSD,
    macOS and Linux.
 o  Expect the partitioning scheme headers to be found by having
    a search to the directory in which the headers live. This
    avoids conflicts on non-FreeBSD machines.
2016-10-18 01:55:07 +00:00
John Baldwin
9289f547a2 Move mksubr from kdump into libsysdecode.
Restructure this script so that it generates a header of tables instead
of a source file.  The tables are included in a flags.c source file which
provides functions to decode various system call arguments.

For functions that decode an enumeration, the function returns a pointer
to a string for known values and NULL for unknown values.

For functions that do more complex decoding (typically of a bitmask), the
function accepts a pointer to a FILE object (open_memstream() can be used
as a string builder) to which decoded values are written.  If the
function operates on a bitmask, the function returns true if any bits
were decoded or false if the entire value was valid.  Additionally, the
third argument accepts a pointer to a value to which any undecoded bits
are stored.  This pointer can be NULL if the caller doesn't care about
remaining bits.

Convert kdump over to using decoder functions from libsysdecode instead of
mksubr.  truss also uses decoders from libsysdecode instead of private
lookup tables, though lookup tables for objects not decoded by kdump remain
in truss for now.  Eventually most of these tables should move into
libsysdecode as the automated table generation approach from mksubr is
less stale than the static tables in truss.

Some changes have been made to truss and kdump output:
- The flags passed to open() are now properly decoded in that one of
  O_RDONLY, O_RDWR, O_WRONLY, or O_EXEC is always included in a decoded
  mask.
- Optional arguments to open(), openat(), and fcntl() are only printed
  in kdump if they exist (e.g. the mode is only printed for open() if
  O_CREAT is set in the flags).
- Print argument to F_GETLK/SETLK/SETLKW in kdump as a pointer, not int.
- Include all procctl() commands.
- Correctly decode pipe2() flags in truss by not assuming full
  open()-like flags with O_RDONLY, etc.
- Decode file flags passed to *chflags() as file flags (UF_* and SF_*)
  rather than as a file mode.
- Fix decoding of quotactl() commands by splitting out the two command
  components instead of assuming the raw command value matches the
  primary command component.

In addition, truss and kdump now build without triggering any warnings.
All of the sysdecode manpages now include the required headers in the
synopsis.

Reviewed by:	kib (several older versions), wblock (manpages)
MFC after:	2 months
Differential Revision:	https://reviews.freebsd.org/D7847
2016-10-17 22:37:07 +00:00
Ed Maste
cf8fb39f7d elfdump: correct DT_AUXILIARY / DT_USED / DT_FILTER definitions
r109332 introduced these three as DT_SUNW_*. Update to the correct
names already used elsewhere in FreeBSD and the Sun "Linker and
Libraries Guide"

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2016-10-17 13:36:50 +00:00
Marcel Moolenaar
8d249f5e2f Switch to using the portable partition scheme headers. 2016-10-16 02:55:52 +00:00
Baptiste Daroussin
23421d5492 Fix typos in sdiff(1) message and improve display 2016-10-15 19:55:07 +00:00
Baptiste Daroussin
db1fcc8008 Move cleanup() into the edit.c file which is the only users of that function
Remove common.{c,h}
2016-10-15 13:45:09 +00:00
Baptiste Daroussin
e8ad1a6f3d Turn editit into a static function 2016-10-15 13:42:38 +00:00
Baptiste Daroussin
196a5c7c35 Remove the common.h include which is actually not used in sdiff.c 2016-10-15 13:41:58 +00:00
John Baldwin
9ba323071d Fix printf format warning. 2016-10-11 17:11:17 +00:00
Mariusz Zaborski
abdfa0b19c Restrict stdin if it's not in use.
Reviewed by:	emaste, cem
Differential Revision:	https://reviews.freebsd.org/D8184
2016-10-07 19:02:13 +00:00
Mariusz Zaborski
a4e3fc54a0 Remove the duplicated code using Capsicum helpers.
Reviewed by:	cem, ed, bapt, emaste
Differential Revision	https://reviews.freebsd.org/D8140
2016-10-07 17:56:57 +00:00
Ed Maste
bbe31b709a Improvements to BSD-licensed DTC.
- Numerous crash and bug fixes
- Improved warning and error messages
- Permit multiple labels on nodes and properties
- Fix node@address references
- Add support for /delete-node/
- Consume whitespace after a node
- Read the next token before the second /memreserve/
- Fix parsing of whitespace
- Clean up /delete-node/ and add support for /delete-property/
- Handle /delete-node/ specifying a unit address

Obtained from:	https://github.com/davidchisnall/dtc @df5ede4
2016-10-07 12:57:35 +00:00
Baptiste Daroussin
bbf9a45630 localedef: Improve cc_list parsing
original commit log:
=====
I had originally suspected the parsing of ctype definition files as being
the source of the ctype flag mis-definitions, but it wasn't.  In the
process, I simplified the cc_list parsing so I'm committing the no-impact
improvement separately.  It removes some parsing redundancies and
won't parse partial range definitions anymore.
====

Submitted by:	marino
Obtained from:	Dragonfly
MFC after:	1 month
2016-10-06 19:51:30 +00:00
Baptiste Daroussin
c7edf4fd0b localedef: Fix ctype dump (fixed wide spread errors)
This commit is from John Marino in dragonfly with the following commit log:

====
This was a CTYPE encoding error involving consecutive points of the same
ctype.  It was reported by myself to Illumos over a year ago but I was
unsure if it was only happening on BSD.  Given the cause, the bug is also
present on Illumos.

Basically, if consecutive points were of the exact same ctype, they would
be defined as a range regardless.  For example, all of these would be
considered equivalent:

  <A> ... <C>, <H>  (converts to <A> .. <H>)
  <A>, <B>, <H>     (converts to <A> .. <H>)
  <A>, <J> ... <H>  (converts to <A> .. <H>)

So all the points that shouldn't have been defined got "bridged" by the
extreme points.

The effects were recently reported to FreeBSD on PR 213013.  There are
countless places were the ctype flags are misdefined, so this is a major
fix that has to be MFC'd.
====

This reveals a bad change I did on the testsuite: while 0x07FF is a valid
unicode it is not used yet (reserved for future use)

PR:		213013
Submitted by:	marino@
Reported by:	Kurtis Rader <krader@skepticism.us>
Obtained from:	Dragonfly
MFC after:	1 month
2016-10-06 19:46:43 +00:00
Conrad Meyer
38adbfe6b2 write(1): Capsicumify
Enter Capsicum capability sandbox pretty early in this setuid program.

Some minor modifications were needed to cache directory fds and use
relative lookups.

Rights restriction of the stdio descriptors is unfortunately pretty messy
because we need an ioctl capability not present in the current libcapsicum
helpers (FIODGNAME).

Reviewed by:	ed
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D7999
2016-10-06 14:55:15 +00:00
Ed Maste
4a1cdaba5f locate: ANSIfy 2016-10-06 13:37:46 +00:00
Ed Maste
d41042ad84 login: fix capitalization in errx messages
Reported by:	bde
2016-10-06 13:21:42 +00:00
Ed Maste
9ce3c6b09a Retire WITHOUT_ELFCOPY_AS_OBJCOPY option
In FreeBSD 11 ELF Tool Chain's elfcopy is installed as objcopy by
default, with the option to switch back to GNU objcopy by setting
WITHOUT_ELFCOPY_AS_OBJCOPY in make.conf.

We plan to remove the outdated in-tree binutils in FreeBSD 12, so
remove the temporary transition aid.

Reviewed by:	brooks, imp
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7337
2016-10-03 17:49:26 +00:00
Marcel Moolenaar
4ac1e8d30f Replace OFF_MAX with INT64_MAX. The former is defined on Linux. 2016-10-03 04:00:30 +00:00
Marcel Moolenaar
6b1235713e Prefer <stdint.h> over <sys/types.h>. While here remove redundant
inclusion of <sys/queue.h>.

Move the inclusion of the disk partitioning headers out of order
and inbetween standard headers and local header. They will change
in a subsequent commit.
2016-10-03 02:37:28 +00:00
Marcel Moolenaar
1080fb197b Replace STAILQ with TAILQ. TAILQs are portable enough that they can
be used on both macOS and Linux. STAILQs are not. In particular,
STAILQ_LAST does not next on Linux. Since neither STAILQ_FOREACH_SAFE
nor TAILQ_FOREACH_SAFE exist on Linux, replace its use with a regular
TAILQ_FOREACH. The _SAFE variant was only used for having the next
pointer in a local variable.
2016-10-03 01:46:47 +00:00
John Baldwin
dda41f2078 Don't declare the 'temp' timeval as static. 2016-10-01 22:17:40 +00:00
John Baldwin
54b10c9e17 Use timercmp() and timersub() in kdump.
Previously, kdump used the kernel-only timervalsub() macro which required
defining _KERNEL when including <sys/time.h>.  Now, kdump uses the existing
userland API.  The timercmp() usage to check for a backwards timestamp is
also clearer and simpler than the previous code which checked the result of
the subtraction for a negative value.

While here, take advantage of the 3-arg timersub() to store the subtraction
results in a tempory timeval instead of overwriting the timestamp in the
ktrace record and then having to restore it.
2016-10-01 22:12:33 +00:00
John Baldwin
406d2926f2 Expose kernel-only errno values if _WANT_KERNEL_ERRNO is defined.
The kernel uses a few negative errno values for internal conditions
such as requesting a system call restart.  Normally these errno values
are not exposed to userland.  However, kdump needs access to these
values as some of then can be present in a ktrace system call return
record.  Previously kdump was defining _KERNEL to gain access to ehse
values, but was then having to manually declare 'errno' (and doing it
incorrectly).  Now, kdump uses _WANT_KERNEL_ERRNO instead of _KERNEL
and uses the system-provided declaration of errno.
2016-10-01 22:08:07 +00:00
John Baldwin
8dec694290 Decode arguments to truncate and ftruncate.
In particular, decode the off_t argument as a 64-bit argument to fix
decoding for 32-bit processes.
2016-10-01 22:03:41 +00:00
John Baldwin
71ed318eb4 Handle 64-bit system call arguments (off_t, id_t).
In particular, 64-bit system call arguments use up two register_t
arguments for 32-bit processes.  They must also be aligned on a 64-bit
boundary on 32-bit powerpc processes.  This fixes the decoding of
lseek(), procctl(), and wait6() arguments for 32-bit processes (both
native and via freebsd32).

Note that the ktrace system call return record only returns a single
register, so the return value of lseek is always truncated to the low
32-bits for 32-bit processes.
2016-10-01 22:01:41 +00:00
Pedro F. Giffuni
758a3cff59 patch(1): make some macros look boolean.
Similar to r306560, plus remove an unused macro.

Suggested by:	jmallett
2016-10-01 20:46:01 +00:00
Pedro F. Giffuni
c7ef297a8e patch(1): make some macros look boolean.
Minor cleanup inspired by a new patch(1) variant in schily tools.

For reference:
https://sourceforge.net/p/schillix-on/

MFC after:	1 week
2016-10-01 20:31:00 +00:00
Ed Maste
6cd8c11ba5 primes: trivially capsicumize
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7982
2016-09-30 13:50:59 +00:00
Ed Maste
f987297fc9 Add a WITHOUT_DIALOG src.conf(5) knob
It also turns off dependencies (bsdinstall, bsdconfig, dpv, tzsetup).

Reviewed by:	dteske
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7969
2016-09-27 18:08:38 +00:00
Ruslan Bukin
60e5fa86df Increase timeout for legacy_test from 300 (default) to 600 seconds.
It takes about 7 minutes to pass the test on MIPS64EB in QEMU.

Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-09-26 13:59:18 +00:00
Marcel Moolenaar
7b5a53ea4d Portability changes:
1.  macOS nor Linux have MAP_NOCORE nor MAP_NOSYNC. Define as 0.
2.  macOS doesn't have SEEK_DATA nor SEEK_HOLE. Define as -1
    so that lseek will return -1 (with errno set to EINVAL).
3.  gcc correctly warns that error is assigned but not used in
    image_copyout_region().  Fix by returning on the first error.
2016-09-26 04:14:00 +00:00
Marcel Moolenaar
5aad7d9a87 Avoid depending on the <sys/endian.h> header for le*enc and be*enc.
Not only is the header unportable, the encoding/decoding functions
are as well.  Instead, duplicate the handful of small inlines we
need into a private header called endian.h.

Aside: an alternative approach is to move the encoding/decoding
functions to a separate system header.  While the header is still
nonportable, such an approach would make it possible to re-use the
definitions by playing games with include paths. This may be the
preferred approach if more (build) utilities need this.  This
change does not preclude that.  In fact, it makes it easier.
2016-09-26 01:06:32 +00:00
Marcel Moolenaar
4039ea7c9b Eliminate the use of EDOOFUS. The error code was used to signal
programming errors, but is really a poor substitute for assert.
And less portable as well.
2016-09-26 00:41:08 +00:00
Marcel Moolenaar
5a1302ab2e Replace the use of linker sets with constructors for both the
formats and schemes.  Formats and schemes are registered at
runtime now, rather than collected at link time.
2016-09-25 22:57:59 +00:00
Marcel Moolenaar
ac3425511d Update local variable 'block' after calling capacity_resize(),
otherwise format_resize(), which is called right after, isn't
getting the current/actual image size. Rather than rounding up,
format_resize() could end up truncating the size and we don't
allow that by design.

MFC after:	1 week
2016-09-24 17:29:27 +00:00
Bryan Drewery
304336144c DIRDEPS_BUILD: Connect new directories.
Sponsored by:	Dell EMC Isilon
2016-09-23 22:46:19 +00:00
Konstantin Belousov
7402f93ef2 Provide proccontrol(1), an utility to control processes behaviour, related
to procctl(2).

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-09-23 12:34:54 +00:00
Joseph Mingrone
fef8f03390 Add myself (jrm) to calendar.freebsd
Approved by:    swills (mentor)
2016-09-21 18:52:49 +00:00
Alan Somers
005156d7b3 Update mkimg(1) author's contact info
Reviewed by:	marcel, imp
MFC after:	3 days
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D7991
2016-09-21 18:42:17 +00:00
Ed Maste
9e8f606352 elfdump: limit STDIN to no rights rather than closing it
Closing stdin/stdout/stderr is often a bad idea as a future open()
can end up with its fd. Leave it open and limit it to no rights
instead.

Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D7984
2016-09-20 21:38:12 +00:00
Ed Maste
23648b7d73 bspatch: Remove backwards-compatibility sys/capability.h support
bspatch previously included sys/capability.h or sys/capsicum.h based
on __FreeBSD_version, as FreeBSD is the upstream for bsdiff and we may
see this file incorporated into other third-party software.

The Capsicum header is now installed as sys/capsicum.h in stable/10 and
FreeBSD 10.3, so we can just use sys/capsicum.h and simplify the logic.

Reviewed by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D7954
2016-09-20 15:13:15 +00:00
Conrad Meyer
d36899d10f Move sys/capsicum.h includes after types.h or param.h
This is not actually documented or even implied in style(9).  Make the change
to match convention.  Someone should document this convention in style(9).

Reported by:	jhb
Sponsored by:	EMC Dell Isilon
2016-09-19 20:43:03 +00:00
Pedro F. Giffuni
0c9426b684 hexdump(1): Simplify by using asprintf(3)
Instead of strlen() + calloc() + snprintf, just use asprintf().
No functional change.

Obtained from:	OpenBSD (CVS Rev. 1.22)
2016-09-19 18:35:22 +00:00
Conrad Meyer
10cc720c25 indent(1): Capsicumify
This is a nice and trivial program for sandboxing.  One input file, one
output file.

Reviewed by:	pfg
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D7920
2016-09-19 16:16:14 +00:00
Conrad Meyer
875cba632b tr(1): Capsicumify
This is a straightforward single input, single output program for
capsicum.

Reviewed by:	bapt
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D7928
2016-09-19 16:14:38 +00:00
Conrad Meyer
e75a7302d3 cmp(1): Capsicumify
Reviewed by:	allanjude, bapt, oshogbo
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D7912
2016-09-19 16:13:00 +00:00