21555 Commits

Author SHA1 Message Date
Kristof Provost
27c77f42ae libpfctl: Improve error handling in pfctl_get_states()
Ensure that we always free nvlists and other allocated memory.

Reviewed by:	scottl
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D30493
2021-05-31 14:18:47 +02:00
Kristof Provost
6dbb729d35 libpfctl: fix memory leak
When we create an nvlist and insert it into another nvlist we must
remember to destroy it. The nvlist_add_nvlist() function makes a copy,
just like nvlist_add_string() makes a copy of the string.

See also 4483fb47735c29408c72045469c9c4b3e549668b

Reviewed by:	scottl
MFC after:	3 days
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D30492
2021-05-31 14:18:32 +02:00
Jason A. Harmening
a4b07a2701 VFS_QUOTACTL(9): allow implementation to indicate busy state changes
Instead of requiring all implementations of vfs_quotactl to unbusy
the mount for Q_QUOTAON and Q_QUOTAOFF, add an "mp_busy" in/out param
to VFS_QUOTACTL(9).  The implementation may then indicate to the caller
whether it needed to unbusy the mount.

Also, add stbool.h to libprocstat modules which #define _KERNEL
before including sys/mount.h.  Otherwise they'll pull in sys/types.h
before defining _KERNEL and therefore won't have the bool definition
they need for mp_busy.

Reviewed By:	kib, markj
Differential Revision: https://reviews.freebsd.org/D30556
2021-05-30 14:53:47 -07:00
Justin Hibbits
2b9a828c99 Set default SPE FP environment 2021-05-29 21:53:35 -05:00
Mark Johnston
6bb5699d2b libradius: Fix attribute length validation in rad_get_attr(3)
The length of the attribute header needs to be excluded when comparing
the attribute length against the length of the packet.  Otherwise,
validation may incorrectly fail when fetching the final attribute in a
message.

Fixes:		8d5c78130 ("libradius: Fix input validation bugs")
Reported by:	Peter Eriksson
Tested by:	Peter Eriksson
MFC after:	now
Sponsored by:	The FreeBSD Foundation
2021-05-28 12:58:29 -04:00
Mark Johnston
e00bae5c18 kevent: Prohibit negative change and event list lengths
Previously, a negative change list length would be treated the same as
an empty change list.  A negative event list length would result in
bogus copyouts.  Make kevent(2) return EINVAL for both cases so that
application bugs are more easily found, and to be more robust against
future changes to kevent internals.

Reviewed by:	imp, kib
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D30480
2021-05-27 15:52:20 -04:00
Eric van Gyzen
427f12f150 libprocstat kstack: fix race with thread creation
When collecting kernel stacks for a target process, if the process
adds a thread between the two calls to sysctl, ignore the additional
threads.  Previously, procstat would print only a useless error
message.  Now, it prints a consistent snapshot of the stacks.
We know that snapshot is already stale, but it could still be stale
even with a more complex fix to reallocate and retry, so such a fix
is hardly worth the effort.

Reported by:	Daniel.Mitchell@emc.com
MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2021-05-27 11:44:00 -05:00
Mark Johnston
8d5c781306 libradius: Fix input validation bugs
Approved by:	so
Security:	FreeBSD-SA-21:12.libradius
Security:	CVE-2021-29629
MFC after:	now
Sponsored by:	The FreeBSD Foundation
2021-05-26 16:30:23 -04:00
Konstantin Belousov
fd3ac06f45 ptrace: add an option to not kill debuggees on debugger exit
Requested by:	markj
Reviewed by:	jhb (previous version)
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differrential revision:	https://reviews.freebsd.org/D30351
2021-05-25 18:22:34 +03:00
Konstantin Belousov
e67ef6ce66 libkvm: Fix build after removeal of p_tracevp
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2021-05-22 16:36:54 +03:00
Kristof Provost
d0fdf2b28f pf: Track the original kif for floating states
Track (and display) the interface that created a state, even if it's a
floating state (and thus uses virtual interface 'all').

MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D30245
2021-05-20 12:49:27 +02:00
Kristof Provost
bc94129147 pfctl: Use DIOCGETSTATESNV
Migrate to using the new nvlist-based DIOCGETSTATESNV call to obtain the
states list.

MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D30244
2021-05-20 12:49:27 +02:00
Mitchell Horne
dfdc57e8aa libpmc: fall-back to kernel tables if pmu-events fails
On x86, the pmu_events table is the source of truth for finding
supported events. However, events not found there may still be present
in the kernel's static event tables. For example, the pmc.soft(3) events
will never be available from pmu-events.

Update pmc_allocate() to search the legacy event tables if
pmc_pmu_pmcallocate() fails to return a result. This allows both event
sources to be consulted before giving up, thus restoring pmc.soft(3) and
pmc.tsc(3) on x86.

Reviewed by:	emaste
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D30216
2021-05-13 16:01:24 -03:00
Mitchell Horne
da13ef6aa0 libpmc: remove PMC_MDEP_TABLE logic
This logic was added for handling some of the complicated relationships
between events and x86 CPU models. Since that logic has been mostly
removed from libpmc(3) in favor of pmu-events, this no longer serves
much of a purpose. Mapping CPU types to event tables is already handled
by the switch statement in pmc_init().

Reviewed by:	ray, emaste
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D30196
2021-05-13 16:01:19 -03:00
Mitchell Horne
4d8d74a4f5 libpmc: remove unused PMC_MDEP_INIT_INTEL_V2
All uses of this macro were removed in e92a1350b50e. Remove
cpu_has_iaf_counters as well.

Reviewed by:	ray, emaste
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D30195
2021-05-13 15:56:39 -03:00
Emmanuel Vadot
6dbde50a7e pkgbase: Move librt to clibs
librt implement the POSIX realtime extension library.
Move it to clibs instead of utilities as a number of ports uses it
so avoid a dependancy on FreeBSD-utilities.

MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D30088
2021-05-13 17:41:24 +02:00
Fernando Apesteguía
94eb6c42ab syslog.3 - Add detail about LOG_PID
Document that LOG_PID is ignored and can not be disabled.
This change was made along with the move from RFC 3164 to RFC 5424 log messages.

PR:	255664
Reported by:	des.gaufres@gmail.com
Reviewed by:	gbe, jilles
Approved by:	gbe (mentor, manpages), jilles
2021-05-13 16:23:44 +02:00
Ceri Davies
1760799b4c Remove references to timed(8)
There are still references to timed(8) and timedc(8) in the base system,
which were removed in 2018.

PR: 255425
Reported by:	Ceri Davies <ceri at submonkey dot net>
Reviewed by:	ygy, gbe
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D30232
2021-05-13 09:53:08 +02:00
Robert Wing
a7f81b488d libvmm: explicitly save and restore errno in vm_open()
In commit 6bb140e3ca895a14, vm_destroy() was replaced with free() to
preserve errno. However, it's possible that free() may change the errno
as well. Keep the free() call, but explicitly save and restore errno.

Noted by: jhb
Fixes: 6bb140e3ca895a14
2021-05-11 15:11:52 -08:00
Konstantin Belousov
5e7cdf1817 openat(2): add O_EMPTY_PATH
It reopens the passed file descriptor, checking the file backing vnode'
current access rights against open mode. In particular, this flag allows
to convert file descriptor opened with O_PATH, into operable file
descriptor, assuming permissions allow that.

Reviewed by:	markj
Tested by:	Andrew Walker <awalker@ixsystems.com>
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D30148
2021-05-11 02:39:24 +03:00
Kristof Provost
93abcf17e6 pf: Support killing 'matching' states
Optionally also kill states that match (i.e. are the NATed state or
opposite direction state entry for) the state we're killing.

See also https://redmine.pfsense.org/issues/8555

Submitted by:	Steven Brown
Reviewed by:	bcr (man page)
Obtained from:	https://github.com/pfsense/FreeBSD-src/pull/11/
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D30092
2021-05-07 22:13:31 +02:00
Kristof Provost
abbcba9cf5 pf: Allow states to by killed per 'gateway'
This allows us to kill states created from a rule with route-to/reply-to
set.  This is particularly useful in multi-wan setups, where one of the
WAN links goes down.

Submitted by:	Steven Brown
Obtained from:	https://github.com/pfsense/FreeBSD-src/pull/11/
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D30058
2021-05-07 22:13:31 +02:00
Kristof Provost
2a00c4db93 pfctl: Start using DIOCKILLSTATESNV
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D30055
2021-05-07 22:13:31 +02:00
Kristof Provost
53714a5861 pfctl: Start using DIOCCLRSTATESNV
MFC after:	1 week
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D30053
2021-05-07 22:13:30 +02:00
Justin Hibbits
6640579610 msun fixes for SPE
Summary:
Fix FPU exception management for powerpcspe.  Bits are in a different place from
the standard FPSCR, so we need to handle the shifting differences.  Also,
there's no concept of a "software exception" raise, so we need to do exceptional
math to trigger the exception from software.

Reviewed By: alfredo
Differential Revision: https://reviews.freebsd.org/D22824
2021-05-05 20:57:33 -05:00
Edward Tomasz Napierala
1bffa44166 ptrace: document ENOMEM
Reviewed By:	emaste, markj
Sponsored By:	EPSRC
Differential Revision:	https://reviews.freebsd.org/D29960
2021-05-04 15:22:42 +01:00
Konstantin Belousov
87a64872cd Add ptrace(PT_COREDUMP)
It writes the core of live stopped process to the file descriptor
provided as an argument.

Based on the initial version from https://reviews.freebsd.org/D29691,
submitted by Michał Górny <mgorny@gentoo.org>.

Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29955
2021-05-03 19:18:26 +03:00
Konstantin Belousov
07f229d20c connectat(2): clarify that the s argument is socket
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2021-04-30 17:43:45 +03:00
Mark Johnston
44bbda649d cap_sysctl.3: Fix bugs in the example
- Correct the type of the sysctl value.
- Initialize the oldsize parameter to cap_sysctlbyname()

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2021-04-28 10:38:52 -04:00
Thomas Munro
3aaaa2efde poll(2): Add POLLRDHUP.
Teach poll(2) to support Linux-style POLLRDHUP events for sockets, if
requested.  Triggered when the remote peer shuts down writing or closes
its end.

Reviewed by:	kib
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D29757
2021-04-28 23:00:31 +12:00
Yuri Pankov
01a856c666 open_memstream(3): fix typo
While here, pet mandoc: .Tn -> .Vt
2021-04-28 12:18:25 +03:00
Kristof Provost
402dfb0a8d pf: Fix parsing of long table names
When parsing the nvlist for a struct pf_addr_wrap we unconditionally
tried to parse "ifname". This broke for PF_ADDR_TABLE when the table
name was longer than IFNAMSIZ. PF_TABLE_NAME_SIZE is longer than
IFNAMSIZ, so this is a valid configuration.

Only parse (or return) ifname or tblname for the corresponding
pf_addr_wrap type.

This manifested as a failure to set rules such as these, where the pfctl
optimiser generated an automatic table:

	pass in proto tcp to 192.168.0.1 port ssh
	pass in proto tcp to 192.168.0.2 port ssh
	pass in proto tcp to 192.168.0.3 port ssh
	pass in proto tcp to 192.168.0.4 port ssh
	pass in proto tcp to 192.168.0.5 port ssh
	pass in proto tcp to 192.168.0.6 port ssh
	pass in proto tcp to 192.168.0.7 port ssh

Reported by:	Florian Smeets
Tested by:	Florian Smeets
Reviewed by:	donner
X-MFC-With:	5c11c5a3655842a176124ef2334fcdf830422c8a
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29962
2021-04-26 18:08:15 +02:00
Kristof Provost
6fcc8e042a pf: Allow multiple labels to be set on a rule
Allow up to 5 labels to be set on each rule.
This offers more flexibility in using labels. For example, it replaces
the customer 'schedule' keyword used by pfSense to terminate states
according to a schedule.

Reviewed by:	glebius
MFC after:	2 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29936
2021-04-26 14:14:21 +02:00
Robert Watson
8e491aaeac Add code examples to cpuset(2), and improve cross referencing.
MFC after:	1 week
Reviewed by:	jeff, jrtc27, kevans, bcr (manpages)
Differential revision:	https://reviews.freebsd.org/D27803
2021-04-25 15:22:00 +01:00
Ed Maste
3cfd08c1c7 libkiconv: address memory leak in not-found cases
Found in "Understanding and Detecting Disordered Error Handling with
Precise Function Pairing" by Qiushi Wu et al.

Reviewed by:	imp, jhb
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D29896
2021-04-22 19:32:34 -04:00
Mitchell Horne
50f6c13997 pmc_allocate(3): document the count argument
This was added in b2ca2e50b9aa, and serves to provide an initial value
to the PMC, eliminating the need for a second syscall via pmc_set(3).

Reviewed by:	gnn, 0mp (manpages)
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D29885
2021-04-21 17:35:03 -03:00
Andrew Walker
dd559118ab Fix leak in libc NFSv4 flags parsing
Free memory allocated by strdup() in parse_flags_verbose().

Submitted by:	Andrew Walker <walker.aj325_gmail.com>
Reported by:	valgrind
Reviewed by:	allanjude, freqlabs, rpokala
MFC after:	3 days
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D29871
2021-04-20 15:39:56 -04:00
Mateusz Piotrowski
ca904beafd fork.2: Fix a typo in an example
Reported by:	rpokala
MFC with:	c4207d867c201a726aa3157e09262f72166c89c4
2021-04-20 10:24:21 +02:00
Alex Richardson
1ad83445fc Allow lib/msun/logarithm_test to pass on ld128 platforms
For some reason the ld128 log1pl() implementation is less accurate than
logl(), but does at least guarantee precision >= the ld80 implementation.
Mark log1p_accuracy_tests as XFAIL for ld128 and increase the log1p tolerance
to the ld80 equivalent in accuracy_tests to avoid losing test coverage for
the other functions.

PR:		253984
Reviewed By:	ngie, dim
Differential Revision: https://reviews.freebsd.org/D29039
2021-04-20 01:46:43 +01:00
Alex Richardson
ab147542b7 libc/string/memset.c: Use unsigned long for stores
While most 64-bit architectures have an assembly implementation of this
file, RISC-V does not. As we now store 8 bytes instead of 4 it should speed
up RISC-V.

Reviewed By:	kib
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D29536
2021-04-20 01:46:43 +01:00
Alex Richardson
0b4ad01d91 libc/string/bcopy.c: Use intptr_t as the copy type
While most 64-bit architectures have an assembly implementation of this
file RISC-V does not. As we now copy 8 bytes instead of 4 it should speed
up RISC-V. Using intptr_t instead of int also allows using this file for
CHERI pure-capability code since trying to copy pointers using integer
loads/stores will invalidate pointers.

Reviewed By:	kib
Obtained from:	CheriBSD (partially)
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D29535
2021-04-20 01:46:42 +01:00
Kristof Provost
42ec75f83a pf: Optionally attempt to preserve rule counter values across ruleset updates
Usually rule counters are reset to zero on every update of the ruleset.
With keepcounters set pf will attempt to find matching rules between old
and new rulesets and preserve the rule counters.

MFC after:	4 weeks
Sponsored by:	Rubicon Communications, LLC ("Netgate")
Differential Revision:	https://reviews.freebsd.org/D29780
2021-04-19 14:31:47 +02:00
Alex Richardson
738314e445 Revert "lib/libc/net/nsdispatch.c: Fix missing unlock and add locking annotations"
This commit should not have introduced any functional changes, but
apparently it did. This appears to have broken LDAP setups.
Reverting for now. Will reland once I have fixed the breakage.

This reverts commit 5245bf7b92b74e556527b4916a8deba386fe5772.
Reported By:	Александр Недоцуков, brd
MFC after:	immediately
2021-04-19 09:36:47 +01:00
Mateusz Piotrowski
1ffdcdadf6 getprogname.3: Add an example
It shows the difference between getprogname() and argv[0].

Reviewed by:	yuripv
Approved by:	yuripv (src)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D27204
2021-04-18 10:20:11 +02:00
Mateusz Piotrowski
c4207d867c fork.2: Add a simple use pattern
It seems to be a nice idea to show how fork() is usually used in
practice. This may act as a guide to developers who want to quickly
recall how to use the fork() function.

Reviewed by:	bcr, yuripv
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D27626
2021-04-17 23:12:06 +02:00
Kristof Provost
8403170b3d libpfct: Fix PIC flag
Use ${PICFLAG} rather than hard-adding -fPIC, which removes the
requirement for libnv to be built PIC.

MFC after:      4 weeks
Sponsored by:   Rubicon Communications, LLC ("Netgate")
2021-04-17 22:10:13 +02:00
Alex Richardson
062293c2c4 Remove XFAIL from tests/lib/msun/lround_test:main
This test no longer fails after 3b00222f156dca5700c839d73e36daf479fa640c.

PR:		205451
MFC after:	1 week
2021-04-15 16:28:09 +01:00
Alex Richardson
3f01d8c2fe Remove amd64 XFAIL from tests/lib/msun/fma_test:infinities
This test no longer fails after 3b00222f156dca5700c839d73e36daf479fa640c.

PR:		205448
MFC after:	1 week
2021-04-15 16:28:08 +01:00
Alex Richardson
168234fa67 lib/msun: Exclude ignored-pragmas from -Werror
This avoids build failures due to the clang 12 warning:
    '#pragma FENV_ACCESS' is not supported on this target - ignored

Clang 12 currently emits this warning for all non-x86 architectures.
While this can result in incorrect code generation (e.g. on AArch64 some
exceptions are not raised as expected), this is a pre-existing issue and
we should not fail the build due to this warning.

Reviewed By:	dim, emaste
MFC after:	1 week
Differential Revision: https://reviews.freebsd.org/D29743
2021-04-15 16:27:52 +01:00
Konstantin Belousov
bbf7a4e878 O_PATH: allow vnode kevent filter on such files
if VREAD access is checked as allowed during open

Requested by:	wulf
Reviewed by:	markj
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29323
2021-04-15 12:49:18 +03:00