Commit Graph

2393 Commits

Author SHA1 Message Date
Eugene Grosbein
4a36780b2a makewhatis: do not try to operate on read-only mounted directories
just to fail later.

MFC after:	1 month
2018-10-27 17:15:58 +00:00
Dag-Erling Smørgrav
59c38254d7 Add default value for local_unbound_tls + fix nearby style bugs.
Reported by:	bcran@
MFC after:	3 days
2018-10-27 09:34:33 +00:00
Gleb Smirnoff
90809c673e Remove code that is dead since r287197. Today wlan(4) interfaces aren't
children of some other interface. Creation happens only in wlan_up().
2018-10-24 20:49:51 +00:00
Eugene Grosbein
707a657cbf rc.initdiskless: fix commentary grammar after r339465
MFC after:	1 month
2018-10-20 18:46:36 +00:00
Eugene Grosbein
b4d24263c2 rc.initdiskless: add support for auxiliary NVRAM.
Currently, rc.inidiskless assumes that local system configuration
changes are kept in some mountable file system. For example,
nanobsd uses dedicated partition mounted as /cfg for this.

However, small embedded devices like MIPS routers may have no enough flash
space to keep full-blown file system but have only one or couple
small flash blocks to keep persistent local configuration overrides.

This change extends rc.initdiskless and introduces ability to run auxiliary
command /conf/T/M/extract that is supposed to extract configuration overrides
from such local storage.

For example, the command /conf/default/etc/extract may contain something like:

cd "$1" && bsdcpio --quiet -idu < /dev/map/cfg

bsdcpio command extracts compressed archive from the storage to /etc
assuming the storage is exposed by the kernel as /dev/map/cfg to userland.

PR:		204215
MFC after:	1 month
2018-10-20 18:13:51 +00:00
Eugene Grosbein
3c36368a15 Make upgrade from previous FreeBSD versions less painful
and make previously working configuration like this work again:

gif_interfaces="gif0"
gifconfig_gif0="1.1.1.1 2.2.2.2"
ifconfig_gif0="inet 192.168.1.1 192.168.1.2 netmask 255.255.255.252"

PR:		204700
MFC after:	1 month
2018-10-20 18:01:48 +00:00
Dag-Erling Smørgrav
c51198361b The local_unbound service will configure and bootstrap itself, but only
if a network connection is available.  This is not an issue when running
'service local_unbound setup' interactively, but can be on a diskless
system where local_unbound self-configures on every boot.  To address
this, add explicit dependencies on netwait and defaultroute.

Submitted by:	eugen
Approved by:	re (gjb)
2018-10-18 18:33:44 +00:00
Dag-Erling Smørgrav
d0d49703a5 Add support for DNS-over-TLS to the local_unbound service.
Approved by:	re (kib)
2018-10-18 15:35:13 +00:00
Bjoern A. Zeeb
c35b07d1cb While preparing to move init(8) to its own package as indicated
in r339413, a current pkgbase update problem came up.  For users
testing pkgbase at the moment there is no (automatic) way to pick
up new base packages (yet).
As a result rather than also moving init(8) to its own package,
back out the part of the change in r339413 that moved rc* to its
own package and defer creating new packages until the
infrastructure is in place to handle these cases.
Both init and rc* are considered too problematic to be lost by
early adaptors at this stage.

Discussed with:		brd
Reviewed by:		brd
Approved by:		re (gjb)
2018-10-18 02:07:30 +00:00
Bjoern A. Zeeb
0696600c41 Move the rc framework out of sbin/init into libexec/rc.
The reasons for this are forward looking to pkgbase:
 * /sbin/init is a special binary; try not to replace it with
   every package update because an rc script was touched.
   (a follow-up commit will make init its own package)
 * having rc in its own place will allow more easy replacement
   of the rc framework with alternatives, such as openrc.

Discussed with:		brd (during BSDCam), kmoore
Requested by:		cem, bz
PR:			231522
Approved by:		re (gjb)
2018-10-17 16:49:11 +00:00
Andreas Tobler
953cba365f This commit reverts 338930. The approach was wrong.
Fix the issue with subtracting the TLS_TCB_SIZE too when we are trying to get
the 'where' in the R_PPC_TPREL32 case. At allocation time we added an offset
and the TLS_TCB_SIZE. This has to be subtracted as well.

Now all the issues reported are fixed. Tests were done on G4 and G5 PowerMac's.
Additionally I ran the tls tests from the gcc test suite and made sure the
results are as good as pre 338486.

Thanks to tuexen for reporting the malfunction and for patient testing.
Also testing thanks goes to jhibbits.

Reported by:	tuexen
Discussed with:	jhibbits, nwhitehorn
Approved by:	re (gjb)
Pointyhat to:	andreast
2018-10-01 18:46:35 +00:00
Andrew Turner
6e4fdb5c9d Add STT_GNU_IFUNC and R_AARCH64_IRELATIVE support on arm64.
This is based on the amd64 implementation. Support for both PLT and
non-PLT (e.g. a global variable initilised with a pointer to an ifunc)
cases are supported.

We don't pass anything to the resolver as it is expected they will read
the ID registers directly, with the number of registers with CPU info
likely to increase in the future.

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17341
2018-10-01 14:02:29 +00:00
Konstantin Belousov
d2f2e4c02d Provide refobj context when doing libmap substitution inside
search_library_path().

This corrects the scope of libmap matches.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:28:14 +00:00
Konstantin Belousov
6c30676522 When doing lm_add(), check for duplicates.
This is useful when lm_find() moves the match to the global mapping,
since lm_find() could be called with a same path more than once.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:27:08 +00:00
Andreas Tobler
28337eb676 Bring the 32-bit powerpc (PowerMac) back to live. The commit 338486 reworked
some TLS bits. This broke operation on the PowerMac. Namely one could not login.
At login the screen/shell was giving back lots of backslashes and the login
shell dumped core.

The fix to this issue is to revert the powerpc commit from 338486 and to
increase the TLS_TCB_SIZE to 16.
Reverting only did not help, login was possible but userland applications
aborted with strange messages.

I tested this patch with world/kernel builds and with port upgrades.
Additionally a full gcc8 bootstrap was successfully completed.

Reviewed by: jhibbits@
Approved by: re (Glen)
2018-09-25 19:29:35 +00:00
Brad Davis
9a537769d6 Move libmap.conf to libexec/rtld-elf/
This leverages CONFS to handle the config file install.

Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D17161
2018-09-18 00:25:00 +00:00
Brooks Davis
17fb2856c3 Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

This was previously commited as r337978 and reverted in r338149 due to
exposing a bug the ARM rtld.  This bug was fixed in r338317 by mmel.

Submitted by:	James Clarke
Approved by:	re (kib)
Reviewed by:	kbowling
Testing by:	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-09-05 23:23:16 +00:00
Brad Davis
ce9e223ebd Move gettytab to libexec/getty/
Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16953
2018-09-05 15:25:23 +00:00
Konstantin Belousov
c1a0a86ed4 Style cleanup. No functional changes.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Approved by:    re (rgrimes)
2018-09-02 15:42:37 +00:00
Michal Meloun
ee6281c3d3 Fix wrong offset calculation for R_ARM_TLS_TPOFF32 relocations.
TLS_TCB_SIZE is already accounted in defobj-> tlsoffset so all these symbols
were incorrectly relocated by +8.

Note:
The only consumer (for all binaries on my ARM board) of R_ARM_TLS_TPOFF32
relocation is _ThreadRuneLocale variable. And the incorrectly relocated
ThreadRuneLocale accidentally pointed to zeroed memory before memory layout
change from D16510 had changed status quo.

MFC after:	3 weeks
Reviewed by:	imp, jhb
Approved by:	re (marius)
2018-08-25 16:54:37 +00:00
Alan Somers
76e8e459e4 tftpd: Fix data corruption bug with netascii
Transferring files in netascii format requires, among other things,
translating all CR characters to a CR,NUL pair. tftpd does this correctly
except when the CR occurs as the last octet of a packet. In that case, it
erroneously drops the NUL which should be part of the following packet. The
bug was caused by using 0 as a sentinel value in a variable that could
legitimately hold 0. Fix it by switching the sentinel value to -1.

PR:		178055
Reported by:	Richard <rsitze@gmail.com>
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16853
2018-08-22 23:31:27 +00:00
Brooks Davis
a5207d3ef6 Revert r337978: Rework rtld's TLS Variant I implementation to match r326794
Michal Meloun reports that it breaks ctype (isspace()..) related
functions on armv7 so back out while we diagnose the issue.

Reported by:	Michal Meloun <melounmichal@gmail.com>
2018-08-21 18:22:12 +00:00
Brad Davis
541075a618 Move ftpusers to libexec/ftpd/
Thsi helps with pkgbase by switching to CONFS so that ftpusers will be
properly tagged as a config file.

Approved by:	will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16787
2018-08-21 17:07:52 +00:00
Brooks Davis
9b50d81646 Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

Submitted by:	James Clarke
Reviewed by:	kbowling
Testing byL	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-08-17 16:19:47 +00:00
Edward Tomasz Napierala
b32ae5fe79 Remove pointless comment.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-03 10:59:05 +00:00
Edward Tomasz Napierala
b678442360 .Xr pam_securetty(8) from ttys(5), to hint the users as to what actually
enforces the 'secure' tty flag.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-03 10:58:13 +00:00
Ruslan Bukin
f00ebc42b5 Save and restore floating-point arguments.
Sponsored by:	DARPA, AFRL
2018-08-02 12:21:39 +00:00
Edward Tomasz Napierala
50cf3bac62 Fix regression tests broken by r337067.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-02 11:55:16 +00:00
Edward Tomasz Napierala
711a4538f8 Make sure the rtld(1) error messages go to stderr, not stdout.
While here fix capitalization of a few nearby strings, add the
rtld's file name prefix so it's obvious where the message come
from, and return zero when "-h" is used.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16530
2018-08-02 07:43:28 +00:00
Alan Somers
ca2d3691c3 Fix several Coverity warnings in tftp
Some of the changes are in the libexec/tftpd directory, but to functions that
are only used by tftp(1) (they share some code).

* strcpy => strlcpy (1006793, 1006794, 1006796, 1006741)
* Unchecked return value and TOCTTOU (1009314)
* NULL pointer dereference (1018035, 1018036)

Reported by:	Coverity
CID:		1006793, 1006794, 1006796, 1006741, 1009314, 1018035
CID:		1018036
MFC after:	2 weeks
2018-07-22 17:10:12 +00:00
Alan Somers
3c0fa26534 Fix multiple Coverity warnings in tftpd(8)
* Initialize uninitialized variable (CID 1006502)
* strcpy => strlcpy (CID 1006792, 1006791, 1006790)
* Check function return values (CID 1009442, 1009441, 1009440)
* Delete dead code in receive_packet (not reported by Coverity)
* Remove redundant alarm(3) in receive_packet (not reported by Coverity)

Reported by:	Coverity
CID: 1006502, 1006792, 1006791, 1006790, 1009442, 1009441, 1009440
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D11287
2018-07-22 16:14:30 +00:00
Alan Somers
7378015b69 tftpd(8): when completing an WRQ, flush the file before acknowleding receipt
tftpd(8) should flush a newly written file to disk before ACKing the final DATA
packet.  Otherwise there is a narrow race window when a subsequent read may not
see the file.  This is somewhat related to r330710, but the race window is much
smaller.  Hopefully this will fix the intermittent tests in Jenkins.

Reported by:	Jenkins
MFC after:	2 weeks
2018-07-21 19:48:31 +00:00
Sean Eric Fagan
aad5531e71 This exposes ZFS user and group quotas via the normal
quatactl(2) mechanism.  (Read-only at this point, however.)
In particular, this is to allow rpc.rquotad query quotas
for NFS mounts, allowing users to see their quotas on the
hosts using the datasets.

The changes specifically:

* Add new RPC entry points for querying quotas.
* Changes the library routines to allow non-UFS quotas.
* Changes rquotad to check for quotas on mounted filesystems,
rather than being limited to entries in /etc/fstab
* Lastly, adds a VFS entry-point for ZFS to query quotas.

Note that this makes one unavoidable behavioural change: if quotas
are enabled, then they can be queried, as opposed to the current
method of checking for quotas being specified in fstab.  (With
ZFS, if there are user or group quotas, they're used, always.)

Reviewed by:	delphij, mav
Approved by:	mav
Sponsored by:	iXsystems Inc
Differential Revision:	https://reviews.freebsd.org/D15886
2018-07-05 22:56:13 +00:00
Konstantin Belousov
0725fca53d Make rtld use libc_nossp_pic.a. Remove SSP shims.
Submitted by:	Luis Pires
Reviewed by:	brooks
Differential revision:	https://reviews.freebsd.org/D15341
2018-05-09 10:30:56 +00:00
Alan Somers
ad5c8bd63a tftpd: misc Coverity cleanup in the tests
A bunch of unchecked return values from open(2) and read(2)

Reported by:	Coverity
CID:		1386900, 1386911, 1386926, 1386928, 1386932, 1386942
CID:		1386961, 1386979
MFC after:	8 days
X-MFC-With:	330696
2018-03-22 14:51:05 +00:00
Alan Somers
f270fabc2b tftpd: fix the build of tests on i386 after 330696
It's those darn printf format specifiers again

Reported by:	cy, kibab
MFC after:	20 days
X-MFC-With:	330696
2018-03-10 18:07:31 +00:00
Alan Somers
6301d64774 tftpd: reject unknown opcodes
If tftpd receives a command with an unknown opcode, it simply exits 1.  It
doesn't send an ERROR packet, and the client will hang waiting for one.  Fix
it.

PR:		226005
MFC after:	3 weeks
2018-03-10 01:50:43 +00:00
Alan Somers
b7da179e96 tftpd: Abort on an WRQ access violation
On a WRQ (write request) tftpd checks whether the client has access
permission for the file in question.  If not, then the write is prevented.
However, tftpd doesn't reply with an ERROR packet, nor does it abort.
Instead, it tries to receive the packet anyway.

The symptom is slightly different depending on the nature of the error.  If
the target file is nonexistent and tftpd lacks permission to create it, then
tftpd will willingly receive the file, but not write it anywhere.  If the
file exists but is not writable, then tftpd will fail to ACK to WRQ.

PR:		225996
MFC after:	3 weeks
2018-03-10 01:43:55 +00:00
Alan Somers
d89aca7618 tftpd: Verify world-writability for WRQ when using relative paths
tftpd(8) says that files may only be written if they already exist and are
publicly writable.  tftpd.c verifies that a file is publicly writable if it
uses an absolute pathname.  However, if the pathname is relative, that check
is skipped.  Fix it.

Note that this is not a security vulnerability, because the transfer
ultimately doesn't work unless the file already exists and is owned by user
nobody.  Also, this bug does not affect the default configuration, because
the default uses the "-s" option which makes all pathnames absolute.

PR:		226004
MFC after:	3 weeks
2018-03-10 01:35:26 +00:00
Alan Somers
d3953c1f47 tftpd: Flush files as soon as they are fully received
On an RRQ, tftpd doesn't exit as soon as it's finished receiving a file.
Instead, it waits five seconds just in case the client didn't receive the
server's last ACK and decides to resend the final DATA packet.
Unfortunately, this created a 5 second delay from when the client thinks
it's done sending the file, and when the file is available for other
processes.

Fix this bug by closing the file as soon as receipt is finished.

PR:			157700
Reported by:		Barry Mishler <barry_mishler@yahoo.com>
MFC after:		3 weeks
2018-03-09 23:25:18 +00:00
Alan Somers
888651fcd9 Add some functional tests for tftpd(8)
tftpd(8) is difficult to test in isolation due to its relationship with
inetd.  Create a test program that mimics the behavior of tftp(1) and
inetd(8) and verifies tftpd's response in several different scenarios.

These test cases cover all of the basic TFTP protocol, but not the optional
parts.

PR:		157700
PR:		225996
PR:		226004
PR:		226005
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D14310
2018-03-09 15:30:20 +00:00
Alan Somers
ea8727d50d rpc.sprayd: raise WARNS to 6
MFC after:	3 weeks
2018-03-05 16:11:07 +00:00
Edward Tomasz Napierala
7a467312ef .Xr pstat(8), so that people have a chance to learn how to get a list
of terminal devices using "pstat -t".

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-03-02 14:16:19 +00:00
Michal Meloun
fad101b3f2 Make rtld_bind_start() debugger friendly.
Save link register and annotate call frame structure so debugger can unwind
call frame created by rtld_bind_start().

MFC after:	2 weeks
2018-02-27 15:35:11 +00:00
Edward Tomasz Napierala
fe3f4a580a Fix gettytab(5) to document f0, f1, and f2 as unsupported; they've been gone
since r131091.

PR:             184691 (partial)
Submitted by:   naddy@
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
2018-02-26 17:51:18 +00:00
Edward Tomasz Napierala
170430d505 Prevent getty(8) from looping indefinitely if the device node doesn't
exist. This behaviour makes no sense for eg USB serial adapters, or
USB device-side serial templates.

This mostly reverts to pre-r135941 behaviour.

Reviewed by:	imp@
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14198
2018-02-25 20:15:06 +00:00
Edward Tomasz Napierala
18587b84c5 Build getty(8) with WARNS=6.
Reviewed by:	imp@
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14197
2018-02-21 15:57:24 +00:00
Edward Tomasz Napierala
9c33cc93cd Sprinkle static; avoid nested externs.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 19:05:13 +00:00
Edward Tomasz Napierala
1776dc9fd6 Add missing initializer.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:40:36 +00:00
Edward Tomasz Napierala
9a9a988e26 Rename getty's getline() to get_line(), to avoid clash with getline(3).
Obtained from:	DragonFlyBSD
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:39:58 +00:00
Edward Tomasz Napierala
076ec4025d Don't cast away the const, it's not been needed since r92925.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:36:24 +00:00
Edward Tomasz Napierala
2ba8065021 Initialize all the fields. This is one of the steps required to bump WARNS.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:58:31 +00:00
Edward Tomasz Napierala
04688610ae Reduce code duplication; no functional changes.
Obtained from:	NetBSD
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:55:20 +00:00
Edward Tomasz Napierala
6b1b6a5e28 Remove unused variable.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:54:05 +00:00
Marius Strobl
41fc6f680b o Let rtld(1) set up psABI user trap handlers prior to executing the
objects' init functions instead of doing the setup via a constructor
  in libc as the init functions may already depend on these handlers
  to be in place. This gets us rid of:
  - the undefined order in which libc constructors as __guard_setup()
    and jemalloc_constructor() are executed WRT __sparc_utrap_setup(),
  - the requirement to link libc last so __sparc_utrap_setup() gets
    called prior to constructors in other libraries (see r122883).
  For static binaries, crt1.o still sets up the user trap handlers.
o Move misplaced prototypes for MD functions in to the MD prototype
  section of rtld.h.
o Sprinkle nitems().
2018-02-03 23:14:11 +00:00
Pedro F. Giffuni
5ab6bac110 rpc.sprayd: Remove 3rd and 4th clauses in christos' license.
Obtained from:	NetBSD
2017-12-28 17:51:53 +00:00
Pedro F. Giffuni
bec1dbb67b rpc.sprayd: Bring some changes from NetBSD.
Most notable, other than some style issues:
CVS 1.11:
  do not use LOG_CONS.
CVS 1.13:
  consistently use exit instead of return in main().
  use LOG_WARNING instead of LOG_ERR for non critical errors.

Obtained from:	NetBSD
MFC after:	2 weeks
2017-12-28 17:44:30 +00:00
Xin LI
a9a7c8c0a1 Replace send-mail with the more standarized sendmail, we do not create
links for send-mail in mailwrapper so it did not work anyway.

MFC after:	2 weeks
2017-12-27 06:23:50 +00:00
Xin LI
69097cd8da Use strlcpy().
MFC after:	2 weeks
2017-12-05 07:21:47 +00:00
Pedro F. Giffuni
e6209940de libexec: adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.
2017-11-27 15:25:02 +00:00
Pedro F. Giffuni
8a16b7a18f General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
Pedro F. Giffuni
df57947f08 spdx: initial adoption of licensing ID tags.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.

Initially, only tag files that use BSD 4-Clause "Original" license.

RelNotes:	yes
Differential Revision:	https://reviews.freebsd.org/D13133
2017-11-18 14:26:50 +00:00
Edward Tomasz Napierala
ef4968d9e7 Increase rtld initial memory pool size from 32kB to 128kB.
The old value was probably fine back in 1998, when that code was imported
(although the comments still mention VAX, which was quite obsolete by then);
now, however, it's too small to handle our libc, which results in some
additional calls to munmap/mmap later on.  Asking for more virtual address
space is virtually free, and syscalls are not, thus the change.

It was suggested by kib@ that this might be a symptom of a deeper problem.
It doesn't only affect libc, though - the change also improves rtld memory
management for eg KDE libraries.  I guess it's just a natural bloat.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12834
2017-11-18 13:21:22 +00:00
John Baldwin
f2515b1cc1 Appease old GCC by disabling .cfi_sections for GCC 4.x. 2017-11-14 17:16:03 +00:00
John Baldwin
a264cb726b Some fixups to the CFI directives for PLT stub entry points.
The directives I added in r323466 and r323501 did not define a valid
CFA until several instructions into the associated functions.  This
triggers an assertion in GDB when generating a stack trace while
stopped at the first instruction of PLT stub entry point since there
is no valid CFA rule for the first instruction.

This is probably just wrong on my part as the non-simple .cfi_startproc
would have defined a valid CFA.  Instead, define a valid CFA as sp + 0
at the start of the functions and then use .cfa_def_offset to change the
offset when sp is adjusted later in the function.

Sponsored by:	DARPA / AFRL
2017-11-10 01:17:26 +00:00
John Baldwin
c3faeef12c Use NESTED() instead of LEAF() for rtld_start.
This is only cosmetic, but the entry point for rtld is not a leaf function,
and this avoids two .frame directives for rtld_start.

Sponsored by:	DARPA / AFRL
2017-11-10 01:13:45 +00:00
Bryan Drewery
ea825d0274 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
Bryan Drewery
04760bd70d These values already set by src.libnames.mk.
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-10-31 00:03:25 +00:00
Edward Tomasz Napierala
be8f91d3d0 Use MAP_PRIVATE instead of obsolete MAP_COPY. No functional changes.
MFC after:	2 weeks
2017-10-30 08:56:04 +00:00
Edward Tomasz Napierala
152036a0f7 Plug memory leak on error case.
Reported by:	Coverity
CID:		1382112
MFC after:	2 weeks
2017-10-29 12:07:27 +00:00
Edward Tomasz Napierala
b4ed9a87f9 Remove unneeded calls to access(2) from rtld(1); just call open(2) instead.
The result looks like this:

--- przed       2017-10-21 23:19:21.445034000 +0100
+++ po  2017-10-21 23:18:50.031865000 +0100
@@ -11,7 +11,6 @@ mmap(0x0,102,PROT_READ,MAP_PRIVATE,3,0x0)      = 343665418
 close(3)                                        = 0 (0x0)
 open("/usr/local/etc/libmap.d",O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC,0165) ERR#2 'No such file or directory'
 munmap(0x80067d000,102)                                 = 0 (0x0)
-access("/usr/local/lib/libintl.so.8",F_OK)      = 0 (0x0)
 openat(AT_FDCWD,"/usr/local/lib/libintl.so.8",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3)
 fstat(3,{ mode=-rw-r--r-- ,inode=642560,size=55188,blksize=32768 }) = 0 (0x0)
 mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34366541824 (0x80067d000)
@@ -20,14 +19,13 @@ mmap(0x800877000,40960,PROT_READ|PROT_EXEC,MAP_PRIVATE
 mmap(0x800a81000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0xa000) = 34370752512 (0x800a81000)
 munmap(0x80067d000,4096)                        = 0 (0x0)
 close(3)                                        = 0 (0x0)
-access("/usr/local/lib/libc.so.7",F_OK)                 ERR#2 'No such file or directory'
+openat(AT_FDCWD,"/usr/local/lib/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) ERR#2 'No such file or directory'
 openat(AT_FDCWD,"/var/run/ld-elf.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
 read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\M-2\0\0"...,128) = 128 (0x80)
 fstat(3,{ mode=-r--r--r-- ,inode=970684,size=306,blksize=32768 }) = 0 (0x0)
 lseek(3,0x80,SEEK_SET)                          = 128 (0x80)
 read(3,"/lib:/usr/lib:/usr/lib/compat:/u"...,178) = 178 (0xb2)
 close(3)                                        = 0 (0x0)
-access("/lib/libc.so.7",F_OK)                   = 0 (0x0)
 openat(AT_FDCWD,"/lib/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3)
 fstat(3,{ mode=-r--r--r-- ,inode=1605239,size=1910320,blksize=32768 }) = 0 (0x0)
 mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34366541824 (0x80067d000)

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12766
2017-10-24 12:56:08 +00:00
Edward Tomasz Napierala
2fe071d971 Replace lseek(2)/read(2) pair with pread(2), removing yet another syscall
from the binary startup code.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-10-24 12:04:07 +00:00
Edward Tomasz Napierala
1689a3c4ac Make find_library() conform to style(9). No functional changes.
Suggested by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-10-24 11:24:54 +00:00
Edward Tomasz Napierala
e65ad973b2 Reword the conditional; it was ugly, and adding another parameter,
which I'm going to do in a subsequent commit, would make it even uglier.
No functional changes.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-10-24 11:16:38 +00:00
Edward Tomasz Napierala
a8b31c14d2 Use xmalloc and read(2) instead of mmap(2) to read in libmap.conf(5).
This removes the need to call munmap(2) afterwards.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12767
2017-10-24 10:48:26 +00:00
Edward Tomasz Napierala
6b61e3e47a Don't call realpath(3) from libmap rtld code. This gets rid of a few calls
to fstatat(2) at binary startup; the difference looks like this:

--- przed       2017-10-14 13:55:49.983528000 +0100
+++ po  2017-10-14 14:10:39.134343000 +0100
@@ -1,15 +1,10 @@
 mmap(0x0,32768,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34366173184 (0x800623000)
 issetugid()                                     = 0 (0x0)
-fstatat(AT_FDCWD,"/etc",{ mode=drwxr-xr-x ,inode=1364352,size=2560,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
-fstatat(AT_FDCWD,"/etc/libmap.conf",{ mode=-rw-r--r-- ,inode=1373288,size=102,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
 openat(AT_FDCWD,"/etc/libmap.conf",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
 fstat(3,{ mode=-rw-r--r-- ,inode=1373288,size=102,blksize=32768 }) = 0 (0x0)
 mmap(0x0,102,PROT_READ,MAP_PRIVATE,3,0x0)       = 34366205952 (0x80062b000)
 close(3)                                        = 0 (0x0)
-fstatat(AT_FDCWD,"/usr",{ mode=drwxr-xr-x ,inode=561792,size=512,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
-fstatat(AT_FDCWD,"/usr/local",{ mode=drwxr-xr-x ,inode=561800,size=512,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
-fstatat(AT_FDCWD,"/usr/local/etc",{ mode=drwxr-xr-x ,inode=653279,size=1536,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
-fstatat(AT_FDCWD,"/usr/local/etc/libmap.d",0x7fffffffcf50,AT_SYMLINK_NOFOLLOW) ERR#2 'No such file or directory'
+open("/usr/local/etc/libmap.d",O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC,0165) ERR#2 'No such file or directory'
 munmap(0x80062b000,102)                                 = 0 (0x0)
 openat(AT_FDCWD,"/var/run/ld-elf.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
 read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\M-2\0\0"...,128) = 128 (0x80)

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12741
2017-10-22 10:32:40 +00:00
Eugene Grosbein
de8d85c908 ftpd(8): fix user context handling.
Apply authenticated user context after update of wtmp(5) at start of session,
so that ftpd process is not killed by kernel with SIGXFSZ when user has
"filesize" limit lower than size of system wtmp file. Same applies
to session finalization: revert to super-user context before update of wtmp.

If ftpd hits limit while writing a file at user request,
do not get killed with SIGXFSZ instantly but apparently ignore the signal,
process error and report it to the user, and continue with the session.

PR:		143570
Approved by:	avg (mentor), mav (mentor)
MFC after:	1 week
2017-10-06 13:46:05 +00:00
Jeremie Le Hen
e415aa2846 Remove rcmds.
If they are still needed, you can find them in the net/bsdrcmds port.

This was proposed June, 20th and approved by various committers [1].
They have been marked as deprecated on CURRENT in r320644 [2] on July, 4th.
Both stable/11 and release/11.1 contain the deprecation notice (thanks to
allanjude@).

Note that ruptime(1)/rwho(1)/rwhod(8) were initially thought to be part of
rcmds but this was a mistake and those are therefore NOT removed.

[1] https://lists.freebsd.org/pipermail/freebsd-arch/2017-June/018239.html
[2] https://svnweb.freebsd.org/base?view=revision&revision=320644

Reviewed by:	bapt, brooks
Differential Revision:	https://reviews.freebsd.org/D12573
2017-10-06 08:43:14 +00:00
Gordon Tetlow
4572fb3faf Deorbit catman. The tradeoff of disk for performance has long since tipped
in favor of just rendering the manpage instead of relying on pre-formatted
catpages. Note, this does not impede the ability to use existing catpages,
it just removes the utility to generate them.

Reviewed by:	imp, allanjude
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D12317
2017-09-13 16:35:16 +00:00
John Baldwin
b4e9a36bf7 Handle relocations for newer non-PIC MIPS ABI.
Newer binutils supports extensions to the MIPS ABI for non-PIC code
that is used when compiling O32 binaries with clang 5 (but not used
for N64 oddly enough).  These extensions require support for
R_MIPS_COPY relocations as well as a second PLT GOT using
R_MIPS_JUMP_SLOT relocations.

For R_MIPS_COPY, use the same approach as on other architectures where
fixups are deferred to the MD do_copy_relocations.

The additional PLT GOT for jump slots is located in a .got.plt section
which is identified by a DT_MIPS_PLTGOT dynamic entry.  This GOT also
requires fixups for the first two GOT entries just as the normal GOT.
However, the entry point for this second GOT uses a different calling
convention. Rather than passing an offset into the GOT, it passes an
offset into the .rel.plt section.  This requires a second entry point
(_rtld_pltbind_start) which calls the normal _rtld_bind() rather than
_mips_rtld_bind().  This also means providing a real version of
reloc_jmpslot() which is used by _rtld_bind().

In addition, add real implementions of reloc_plt() and
reloc_jmpslots() which walk .rel.plt handling R_MIPS_JUMP_SLOT
relocations.

Reviewed by:	kib
Sponsored by:	DARPA / AFRL
Differential Revision:	https://reviews.freebsd.org/D12326
2017-09-12 17:46:30 +00:00
Warner Losh
08d1c5b152 End softfp->hardfp transition period for arm
On hard-float 32-bit arm platforms, always search for the soft float
binaries in the alternative locations.

Sponsored by: Netflix
Differential Review: https://reviews.freebsd.org/D12274
MFC After: 1 week
2017-09-12 17:06:35 +00:00
John Baldwin
21a8b38698 Add CFI directives for _rtld_bind_start.
This allows debuggers to unwind back into the caller when stopped in the
runtime linker.

Sponsored by:	DARPA / AFRL
2017-09-11 22:18:01 +00:00
David Bright
ff48be37b5 Add a new getty/gettytab capability to generate an initial message dynamically.
This modification adds a new gettytab(5) option (iM) to specify a
program to run that will generate the initial (banner) message that is
displayed before the login prompt. Such a capability is useful when
dynamic information is needed in the banner message that cannot be
supplied by the set of % substitution sequences available in the "im"
option.

Reviewed by:	vangyzen, wblock, manpages
Approved by:	vangyzen (mentor)
MFC after:	1 week
Relnotes:	yes
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D12108
2017-09-07 00:20:17 +00:00
Konstantin Belousov
cf551abc8b Add serial comma.
Submitted by:	wblock
MFC after:	3 days
2017-09-01 16:56:37 +00:00
John Baldwin
f4711b38fd Compile reloc.o with -fno-jump-tables on MIPS.
In particular, the switch statement on the type of dynamic entries
in _rtld_relocate_nonplt_self() needs to not use a jump table since
jump tables on MIPS use local GOT entries which aren't initialized
until after this loop.

Suggested by:	arichardson
Reviewed by:	emaste
Sponsored by:	DARPA / AFRL
2017-08-30 20:00:15 +00:00
John Baldwin
83d33b2bb5 Read max_stack_flags from correct object.
'obj' is not initialized here.

Reviewed by:	kib
MFC after:	1 week
Sponsored by:	DARPA / AFRL
2017-08-30 18:22:52 +00:00
Enji Cooper
188e46ab03 Add supporting changes for Add limited sandbox capability to "make check"
Non-tests/... changes:
- Add HAS_TESTS= to Makefiles with libraries and programs to enable iteration
  and propagate the appropriate environment down to *.test.mk.

tests/... changes:
- Add appropriate support Makefile.inc's to set HAS_TESTS in a minimal manner,
  since tests/... is a special subdirectory tree compared to the others.

MFC after:	2 months
MFC with:	r322511
Reviewed by:	arch (silence), testing (silence)
Differential Revision:	D12014
2017-08-14 19:21:37 +00:00
Ruslan Bukin
af19cc59ca Support for v1.10 (latest) of RISC-V privilege specification.
New version is not compatible on supervisor mode with v1.9.1
(previous version).

Highlights:
    o BBL (Berkeley Boot Loader) provides no initial page tables
      anymore allowing us to choose VM, to build page tables manually
      and enable MMU in S-mode.
    o SBI interface changed.
    o GENERIC kernel.
      FDT is now chosen standard for RISC-V hardware description.
      DTB is now provided by Spike (golden model simulator). This
      allows us to introduce GENERIC kernel. However, description
      for console and timer devices is not provided in DTB, so move
      these devices temporary to nexus bus.
    o Supervisor can't access userspace by default. Solution is to
      set SUM (permit Supervisor User Memory access) bit in sstatus
      register.
    o Compressed extension is now turned on by default.
    o External GCC 7.1 compiler used.
    o _gp renamed to __global_pointer$
    o Compiler -march= string is now in use allowing us to choose
      required extensions (compressed, FPU, atomic, etc).

Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D11800
2017-08-10 14:18:09 +00:00
Ruslan Bukin
ca20f8ec29 o Replace __riscv__ with __riscv
o Replace __riscv64 with (__riscv && __riscv_xlen == 64)

This is required to support new GCC 7.1 compiler.
This is compatible with current GCC 6.1 compiler.

RISC-V is extensible ISA and the idea here is to have built-in define
per each extension, so together with __riscv we will have some subset
of these as well (depending on -march string passed to compiler):

__riscv_compressed
__riscv_atomic
__riscv_mul
__riscv_div
__riscv_muldiv
__riscv_fdiv
__riscv_fsqrt
__riscv_float_abi_soft
__riscv_float_abi_single
__riscv_float_abi_double
__riscv_cmodel_medlow
__riscv_cmodel_medany
__riscv_cmodel_pic
__riscv_xlen

Reviewed by:	ngie
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D11901
2017-08-07 14:09:57 +00:00
Enji Cooper
d511b20a69 Add HAS_TESTS to all Makefiles that are currently using the
`SUBDIR.${MK_TESTS}+= tests` idiom.

This is a follow up to r321912.
2017-08-02 08:50:42 +00:00
Enji Cooper
4b330699f8 Convert traditional ${MK_TESTS} conditional idiom for including test
directories to SUBDIR.${MK_TESTS} idiom

This is being done to pave the way for future work (and homogenity) in
^/projects/make-check-sandbox .

No functional change intended.

MFC after:	1 weeks
2017-08-02 08:35:51 +00:00
Sepherosa Ziehau
c685956956 hyperv: Add VF bringup scripts and devd rules.
How network VF works with hn(4) on Hyper-V in non-transparent mode:

- Each network VF has a cooresponding hn(4).
- The network VF and the it's cooresponding hn(4) have the same hardware
  address.
- Once the network VF is up, e.g. ifconfig VF up:
  o  All of the transmission should go through the network VF.
  o  Most of the reception goes through the network VF.
  o  Small amount of reception may go through the cooresponding hn(4).
     This reception will happen, even if the the cooresponding hn(4) is
     down.  The cooresponding hn(4) will change the reception interface
     to the network VF, so that network layer and application layer will
     be tricked into thinking that these packets were received by the
     network VF.
  o  The cooresponding hn(4) pretends the physical link is down.
- Once the network VF is down or detached:
  o  All of the transmission should go through the cooresponding hn(4).
  o  All of the reception goes through the cooresponding hn(4).
  o  The cooresponding hn(4) fallbacks to the original physical link
     detection logic.

All these features are mainly used to help live migration, during which
the network VF will be detached, while the network communication to the
VM must not be cut off.  In order to reach this level of live migration
transparency, we use failover mode lagg(4) with the network VF and the
cooresponding hn(4) attached to it.

To ease user configuration for both network VF and non-network VF, the
lagg(4) will be created by the following rules, and the configuration
of the cooresponding hn(4) will be applied to the lagg(4) automatically.

Sponsored by:	Microsoft
Differential Revision:	https://reviews.freebsd.org/D11635
2017-07-31 07:18:15 +00:00
Konstantin Belousov
dd269a0bf4 Allow to specify targets by absolute paths in libmap.conf.
Submitted by:	Tatu Kilappa <tatu.kilappa@iki.fi>
PR:	221032
MFC after:	2 weeks
2017-07-27 08:33:31 +00:00
Konstantin Belousov
9152cb3868 Language improvements.
Submitted by:	wblock
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D10826
2017-07-14 15:42:12 +00:00
Xin LI
2bbd226f5a In open_binary_fd: when using buffer size for strl* and snprintf,
always use >= instead of > to avoid truncation.

Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D11474
MFC after:	3 days
2017-07-05 06:12:21 +00:00
Konstantin Belousov
84de44d3f2 When reporting undefined symbol, note the version, if specified.
Use the standard syntax of name@version, I do not expect a confusion
due to unlikely possibility of the name containing the '@' character.

Requested by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-07-04 20:19:36 +00:00
Allan Jude
1f3f7ac7ba Add deprecation notices for all rcmd tools
Submitted by:	bcr
Reviewed by:	emaste, bapt, jhl
MFC after:	immediate
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D11471
2017-07-04 15:44:30 +00:00
Enji Cooper
4fb696d630 atf-sh(3): document atf_init_test_cases(3) fully
The function was missing from the NAME/SYNOPSIS sections. Add a manpage link
to complete the documentation reference.

MFC after:	1 month
2017-06-30 05:49:12 +00:00
Xin LI
c1d2f02b32 Use strlcpy() instead of strncpy() and nul-terminating.
MFC after:	2 weeks
2017-06-28 04:24:10 +00:00
John W. De Boskey
5e3f9bb882 A little tweak for performance
Reviewed by: adrian
Approved by: rmacklem (mentor)
MFC after: 3 weeks
2017-06-27 13:24:06 +00:00
Konstantin Belousov
a36deee3d3 Use address space guard to implement inter-segment gap.
Rtld checks and use old MAP_ANON/PROT_NONE method of creating gap if
running on old kernel.

Reviewed by:	alc, markj
Tested by:	pho, Qualys
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-06-24 17:04:27 +00:00
Enji Cooper
3a286197d0 Add MLINKS for atf-sh(3) to each of the functions it implements
This hopefully will make atf-sh(3) easier to understand for newcomers,
without having to go through the atf-sh(3) level of indirection.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-06-07 21:18:28 +00:00
Enji Cooper
8393f4feaf Revert r319659
I missed the fact that atf-sh(3) already documents atf_check(3). I'll
be adding an manpage link for that instead in the next commit.

MFC after:	1 week
MFC with:	r319659
Sponsored by:	Dell EMC Isilon
2017-06-07 21:11:32 +00:00
Enji Cooper
cdfe874a10 Add an MLINK for atf_check(1) -> atf-check(1)
This is being done to make the documentation for atf-check(1) easier to find/more
intuitive for new users, because atf_check is the atf-run(1) shell version of the
standalone atf-check(1) command, which is used in atf-sh(3) test programs.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-06-07 21:03:27 +00:00
Konstantin Belousov
109f3b8c69 Document direct execution mode for rtld.
Reviewed by:	emaste, jonathan (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D10826
2017-05-29 13:38:26 +00:00
Konstantin Belousov
18934eb6b8 Correct explanation of the dynamic tokens handling.
Reviewed by:	emaste, jonathan
Sponsored by:	The FreeBSD Foundation
X-Differential Revision:	https://reviews.freebsd.org/D10826
2017-05-29 13:36:32 +00:00
Eric van Gyzen
7fb37371e8 rtld: fix warnings about redundant declarations
Fix warnings about redundant declarations in rtld
when libthr in increased to WARNS=6.

Reviewed by:	kib
MFC after:	3 days
Sponsored by:	Dell EMC
Differential Revision:	https://reviews.freebsd.org/D10934
2017-05-26 15:55:03 +00:00
Konstantin Belousov
9e5e0e8850 For ld.so direct execution mode, implement -p option: search for the
binary in $PATH.

Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D10790
2017-05-23 10:00:52 +00:00
Konstantin Belousov
ce9600b12e Update my copyright, note The FreeBSD Foundation involvement.
While tweaking copyright block, switch to use __FBSDID for tag.

Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2017-05-18 09:34:26 +00:00
Konstantin Belousov
591986a8da Fix style [1], add static keyword before static function definition.
Noted by:	bapt [1]
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2017-05-18 09:31:30 +00:00
Jonathan Anderson
dc902dbd60 Fix some nroff syntax in rtld.1.
When I originally documented the LD_LIBRARY_PATH_FDS environment variable,
I used `.Ev` rather than `.It Ev` to introduce it; this led to the
documentation being embedded in the previous paragraph (LD_LIBRARY_PATH).
2017-05-18 00:32:05 +00:00
Jonathan Anderson
d5a5e50d3b Allow rtld direct-exec to take a file descriptor.
When executing rtld directly, allow a file descriptor to be explicitly
specified rather than opened from the given path. This, together with the
LD_LIBRARY_PATH_FDS environment variable, allows dynamically-linked
applications to be executed from within capability mode.

Also add some rudimentary argument parsing (without pulling in getopt or
the like) to accept this file descriptor, a help (-h) option and a basic
usage string.

Reviewed by:	kib
Sponsored by:	NSERC, RDC
Differential Revision:	https://reviews.freebsd.org/D10751
2017-05-17 22:51:28 +00:00
Konstantin Belousov
da403aea11 Pretend that there is some security when executing in direct mode.
Do not allow direct exec if we the process is suid. Try to follow Unix
permission checks for DACs, ignore ACLs.

Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D10750
2017-05-16 19:53:38 +00:00
Jonathan Anderson
7a36bd9ffd Rename rtld's parse_libdir to parse_integer.
This is a more accurate name, as the integer doesn't have to be a library
directory descriptor. It is also a prerequisite for more argument parsing
coming in the near future (e.g., parsing explicit binary descriptors).

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	NSERC
2017-05-16 13:27:44 +00:00
Konstantin Belousov
0fc65b0ab8 Make ld-elf.so.1 directly executable.
Check if passed phdr is actually phdr of the interpreter itself, and
decide that this is the case of direct execution.  In this case, the
binary to activate is specified in the argv[1].  After opening it,
shift down on-stack structure with argv, env and aux vectors to
emulate execution of the binary and not of the interpreter.

Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D10701
2017-05-15 18:48:58 +00:00
Konstantin Belousov
9104191924 Fix the AT_EXECFD functionality.
If the mapped object is linked at specific address, we must obey it.
If AT_EXECFD is not used, only in-kernel ELF image activator needed to
keep the mapping address, since only binaries are linked at the fixed
address, and binaries are mapped by kernel in this case.

Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
X-Differential revision:	https://reviews.freebsd.org/D10701
2017-05-15 18:47:25 +00:00
Konstantin Belousov
c4f7cccbe7 In _rtld(), reorder local declarations to compact the block and
partially sort them by style(9).  Move locals declarations from nested
blocks into the block at function start.

Discussed with:	emaste
MFC after:	1 week
2017-05-13 18:59:27 +00:00
Bryan Drewery
07676084ec DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-05-09 01:48:23 +00:00
Kurt Lidl
be4b793398 Improve blacklist support before upgrading libblacklist
The locally declared enum of blacklistd actions needs to be
hidden when the soon to be committed changes to libblacklist
are brought into the tree.  Fix the type of the "msg" parameter
to match the library.

There should be no functional changes.

MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
2017-05-06 04:17:48 +00:00
Edward Tomasz Napierala
4b89eed669 Fix markup in gettytab(5).
Reviewed by:	bapt
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D10476
2017-05-04 19:01:17 +00:00
Gleb Smirnoff
83c9dea1ba - Remove 'struct vmmeter' from 'struct pcpu', leaving only global vmmeter
in place.  To do per-cpu stats, convert all fields that previously were
  maintained in the vmmeters that sit in pcpus to counter(9).
- Since some vmmeter stats may be touched at very early stages of boot,
  before we have set up UMA and we can do counter_u64_alloc(), provide an
  early counter mechanism:
  o Leave one spare uint64_t in struct pcpu, named pc_early_dummy_counter.
  o Point counter(9) fields of vmmeter to pcpu[0].pc_early_dummy_counter,
    so that at early stages of boot, before counters are allocated we already
    point to a counter that can be safely written to.
  o For sparc64 that required a whole dummy pcpu[MAXCPU] array.

Further related changes:
- Don't include vmmeter.h into pcpu.h.
- vm.stats.vm.v_swappgsout and vm.stats.vm.v_swappgsin changed to 64-bit,
  to match kernel representation.
- struct vmmeter hidden under _KERNEL, and only vmstat(1) is an exclusion.

This is based on benno@'s 4-year old patch:
https://lists.freebsd.org/pipermail/freebsd-arch/2013-July/014471.html

Reviewed by:	kib, gallatin, marius, lidl
Differential Revision:	https://reviews.freebsd.org/D10156
2017-04-17 17:34:47 +00:00
Robert Watson
45c0d45bb5 Emply contemporary function prototypes in bootpd, rather than relying on
locally defined K&R prototypes in .c files; use appropriate casts for
pointer types now that types for arguments are available at compile time.
This ensures that compilers with multiple incompatible calling conventions
can select the correct calling convention for external functions.

Sponsored by:	DARPA, AFRL
MFC after:	1 week
2017-03-26 14:37:12 +00:00
Warner Losh
37b5835028 Impelemnt ttys onifexists in init.
Implement a new init(8) option in /etc/ttys. If this option is present
on the entry in /etc/ttys, the entry will be active if and only if it
exists.  If the name starts with a '/', it will be considered an
absolute path. If not, it will be a path relative to /dev.

This allows one to turn off video console getty that aren't present
(while running a getty on them even when they aren't the system
console). Likewise with serial ports.

It differs from onifconsole in only requiring the device exist rather
than it be listed as one of the system consoles.

Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D10037
2017-03-22 19:00:41 +00:00
Gleb Smirnoff
62cd9e48ca Remove unused vmmeter. 2017-03-17 04:16:14 +00:00
Jilles Tjoelker
2d6acb22fe rtld(1): Document that LD_BIND_NOT is unset for setugid processes.
MFC after:	2 weeks
2017-03-16 22:15:43 +00:00
Konstantin Belousov
018865f8e8 Disable LD_BIND_NOT for setugid processes.
Requested by:	jilles
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2017-03-15 23:47:19 +00:00
Konstantin Belousov
e35ddbe448 Implement LD_BIND_NOT knob for rtld.
From the manpage:
When set to a nonempty string, prevents modifications of the PLT slots
when doing bindings.  As result, each call of the PLT-resolved
function is resolved.  In combination with debug output, this provides
complete account of all bind actions at runtime.

Same feature exists on Linux and Solaris.

Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2017-03-15 21:11:57 +00:00
Alan Somers
35804720ec Increase WARNS for rtld-elf tests
ATF tests have a default WARNS of 0, unlike other usermode programs.

Reviewed by:  ngie, julian
MFC after:    3 weeks
Sponsored by: Spectra Logic Corporation
Differential Revision:        https://reviews.freebsd.org/D9933
2017-03-11 00:10:40 +00:00
Konstantin Belousov
12c81769b6 Avoid bind lock recursion.
When dlclose(3) unloads an object with filtees, it recursively calls
dlclose(3) on each filtee in free_needed_filtees().  Introduce
dlclose_locked() helper, called from free_needed_filtees() instead of
dlclose(), and pass the bind lockstate down to avoid recursing.

Reported and tested by:	jhibbits
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-03-09 21:05:47 +00:00
Rodney W. Grimes
ce9f2d31b3 Convert absolute links to relative links.
Style.Makefile(9) has been ignored to produce minimal diffs.

Approved by:	grehan (mentor)
MFC after:	1 week
2017-03-07 05:10:38 +00:00
Enji Cooper
a251f9dcf8 libexec: normalize paths using SRCTOP-relative paths or :H when possible
This simplifies make logic/output

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-04 11:28:03 +00:00
Warner Losh
fbbd9655e5 Renumber copyright clause 4
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.

Submitted by:	Jan Schaumann <jschauma@stevens.edu>
Pull Request:	https://github.com/freebsd/freebsd/pull/96
2017-02-28 23:42:47 +00:00
John Baldwin
e278d94bca Fully handle the special encoding of GOT[1] on mips64.
The MIPS ABI does not require the second GOT entry to be reserved for use
by the runtime linker as on other architectures.  Instead, static linkers
use a special value in the second GOT entry to indicate if the entry is
reserved.  This value is supposed to consist of an address with the MSB
set and the rest of the bits all zero which is an invalid user address.

However, the old binutils currently in the tree uses the 32-bit mask value
(2^31) on 64-bit MIPS instead of 2^63.  This was fixed in upstream
binutils in 2008 to use 2^63 on 64-bit MIPS.

The first part of this change changes the runtime check in init_pltgot()
to check for both values (2^31 and 2^63) when deciding whether to store
the current object pointer in GOT[1] which fixes dynamic N64 binaries
compiled with modern binutils.

However, the initial version of this fix exposed another related bug in
that _rtld_relocate_nonplt_self() was only checking for the new value
(2^63) in GOT[1] and incorrectly treated GOT[1] as a local GOT entry
(and did not relocate the final local GOT entry).  To handle this, fix
all of the places that check for GOT[1]'s status to use the same macro
that checks for both values on N64.

Reviewed by:	kan, imp
Sponsored by:	DARPA / AFRL
Differential Revision:	https://reviews.freebsd.org/D9708
2017-02-23 00:02:49 +00:00
Konstantin Belousov
6d20836aa7 Handle protected symbols in rtld.
Protected symbol reference in GOT of the defining object must be
resolved to itself, same as -Bsymbolic globally.

Discussed with:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D9317
2017-02-09 23:33:06 +00:00
Alexey Dokuchaev
f73ff060d2 Try to fix the old "he capability is stupid" bug in gettytab(5)/getty(8)
There is one capability explicitly documented in gettytab(5) as stupid: he.
And it is indeed.  It was meant to facilitate system hostname modification,
but is hardly usable in practice because it allows very limited editing
(e.g., it depends on a particular hostname length, making it non-generic).

Replace it with simple implementation that treats ``he'' as POSIX extended
regular expression which is matched against the hostname.  If there are no
parenthesized subexpressions in the pattern, entire matched string is used
as the final hostname.  Otherwise, use the first matched subexpression.
If the pattern does not match, the original hostname is not modified.

Using regex(3) gives more freedom, does not complicate the code very much,
and makes a lot more sense, in turn making ``he'' less stupid and actually
useful (e.g., it is now possible to obtain node or domain names from the
original hostname string, without knowing it in advance).

Reviewed by:		jilles, manpages (wblock)
Approved by:		jilles (implied)
Differential Revision:	https://reviews.freebsd.org/D9244
2017-02-02 20:30:50 +00:00
John Baldwin
2a7278307b Remove a duplicate store when performing REL32 relocations in rtld.
The duplicate call to store_ptr() was added in r204687, but it should
have no effect as it only stores an Elf_Sword and the later store_ptr()
does a write that is at least as large if not larger.

Reviewed by:	jmallett
Obtained from:	CheriBSD (sort of)
Sponsored by:	DARPA / AFRL
2017-01-30 23:13:41 +00:00
Peter Jeremy
8787928589 Extend LD_UTRACE by also generating utrace(2) log events for runtime linker
errors.

Reviewed by:	kib, jhb
Approved by:	jhb(mentor)
MFC after:	1 week
Differential Revision:	 D9347
2017-01-30 08:38:32 +00:00
Yoshihiro Takahashi
2b375b4edd Remove pc98 support completely.
I thank all developers and contributors for pc98.

Relnotes:	yes
2017-01-28 02:22:15 +00:00
Andrew Turner
02dbdb1677 Pull the R_AARCH64_TLSDESC code out into a common function and use them in
both the plt and non-plt case.

This fixes an issue where libraries built with LLD can fail with
"Unhandled relocation 1031"

PR:		214971
Obtained from:	1 week
Sponsored by:	DARPA, AFRL
2017-01-25 17:35:11 +00:00
Ed Maste
ebf8934652 rtld: do not rely on a populated GOT on amd64
On rela architectures GNU BFD ld and gold store the relocation addend
in GOT entries (in addition to the relocation's r_addend field).
rtld previously relied on this to access its own _DYNAMIC symbol in
order to apply its own relocations.

However, recording addends in the GOT is not specified by the ABI,
and some versions of LLVM's LLD linker leave the GOT uninitialized on
rela architectures.

BFD ld does not populate the GOT on sparc64, and sparc64 rtld has a
machine-dependent rtld_dynamic_addr() function that returns the
_DYNAMIC address. Use the same approach on amd64, obtaining the %rip-
relative _DYNAMIC address following a suggestion from Rafael Espíndola.

Architectures other than amd64 should be addressed in future work.

PR:		214972
Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D9180
2017-01-16 14:49:29 +00:00
Konstantin Belousov
f8adf1a784 For the main binary, postpone enforcing relro read-only protection
until copy relocations are done.

Newer binutils and lld seems to output copy into relro-protected range.

Reported by: Rafael Espц╜ndola via emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-01-12 15:54:03 +00:00
Konstantin Belousov
b88a8d3d1d Fix acquisition of nested write compat rtld locks.
Obtaining compat rtld lock in write mode sets process signal mask to
block all signals.  Previous mask is stored in the global variable
oldsigmask.  If a lock is write-locked while another lock is already
write-locked, oldsigmask is overwritten by the total mask and on the
last unlock, all signals except traps appear to be blocked.

Fix this by counting the write-lock nested level, and only storing to
oldsigmask/restoring from it at the outermost level.

Masking signals disables involuntary preemption for libc_r, and there
could be no voluntary context switches in the locked code
(dl_iterate_phdr(3) keeps a lock around user callback, but it was
added long after libc_r was renounced).  Due to this, remembering the
level in the global variable after the lock is obtained should be
safe, because no two libc_r threads can acquire different write locks
in parallel.

PR:	215826
Reported by:	kami
Tested by:	yamagi@yamagi.org (previous version)
To be reviewed by:	kan
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2017-01-10 19:26:55 +00:00
Konstantin Belousov
e7bfd34bdf Use ANSI C definitions, update comment.
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-01-10 17:05:34 +00:00
Enji Cooper
4eb4663b0e Conditionalize all code that uses tcpd.h behind LIBWRAP guard
This will allow the code to stand by itself without libwrap

MFC after:	2 weeks
2017-01-06 04:27:07 +00:00
Xin LI
62b0ff4e66 Don't use high precision clock for expiration as only second portion is
used.

MFC after:	2 weeks
2016-12-26 17:23:09 +00:00
Xin LI
9a0ebab4d4 Avoid use after free.
Reported by:	Clang static code analyzer
MFC after:	2 weeks
2016-12-26 17:10:41 +00:00
Mark Johnston
57a9273f93 rtld: Fix a couple of bugs around the unloading of ELF filters.
- Pass the correct object to unload_filtees().
- Use a marker to restart iteration after unload_filtees() has returned.
  It calls dlclose() and may recursively remove entries from the global
  object list, so TAILQ_FOREACH_SAFE is not sufficient.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2016-12-22 17:44:27 +00:00
Mark Johnston
510fe58c82 rtld: Ensure that dlopen() cannot obtain a reference on a doomed object.
rtld drops the bind lock to call fini functions in an object prior to
unmapping it. The new "doomed" state flag prevents the acquisition of new
references for an object while the lock is dropped.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2016-12-22 17:41:32 +00:00
Mark Johnston
c02741759f rtld: Fix a race between dl_iterate_phdr() and dlclose().
Add a transient reference count to ensure that the phdr argument to the
callback remains valid while the bind lock is dropped.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2016-12-22 17:37:39 +00:00
Konstantin Belousov
3931b59fad Fix typo.
MFC after:	3 days
2016-12-16 14:23:08 +00:00