init(8) sets the "daemon" login class without specifying a pw
entry (so no substitutions are done on the variables). service(8)'s
use of env -L had the effect of specifying root's pw entry, with two
effects: getpwnam and getpwuid are being called, which may not be
entirely safe depending on what nsswitch is up to and what stage of
boot we are at, and substitutions would have been done.
Fix by teaching env(8) to allow -L -/classname to set the class
environment with no pw entry at all specified, and use it in
service(8).
PR: 253959
This allow us to create image with the following format:
mkimg -v -o sdcard -s gpt -p efi:=esp_aarch64.img:1M -p freebsd-ufs::1G
Which will add a efi partition at a 1M offset on the image with its content
coming from the esp_aarch64.img file.
MFC after: 3 days
Even with an absolute offset we want to know the last block the partition
otherwise we endup with an image the size of the metadata.
This allow to create image with the ESP placed at a specific position which
is useful on arm/arm64 where u-boot have always a hard time to read the ESP
if it's not aligned on 512k.
mkimg -v -o sdcard -s gpt -p efi::54M:1M -p freebsd-ufs::1G
now works.
MFC after: 3 days
Along with the termcap database, ncurses will now lookup for the
terminfo database, note that the terminfo database is being looked
up first and then it fallsback on the termcap one.
While here drop our custom reader for the termcap database, over the
time it is needed maintenance to be able to catchup with changes on ncurses
side.
Install the ncurses tools which are needed to deal with the terminfo
database: tic, infocmp, toe
Replace our termcap only aware tools with the ncurses counterpart:
tput, tabs, tset, clear and reset
In particular they can your the extra capabilities described in the
terminfo database, which does not exist in termcap
Note that to add a new terminfo information to the database from ports
the ports will just need to add their extra information into:
/usr/local/share/site-terminfo/<firstletteroftheterm>/<term>
Tested by: jbeich, manu
This partition type can be used to boot some PowerKVM VMs. We don't
support it well because of some limitations in SLOF, but it's worth at
least have feature parity in geom and mkimg.
Preserve more space for swap devise names.
Prevent line overflow with long devise name.
Don't draw a bar when swap is not used at all.
Simplify and optimize code.
Change the label to end at end of 100%.
PR: 251655
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D27496
summary of changes, or for a more thorough overview:
https://subversion.apache.org/docs/release-notes/1.14
NOTE 1: There is no need to dump and reload repositories, and the
working copy format is still the same as Subversion 1.8 through 1.13.
NOTE 2: The upstream release also contains a fix for a security issue in
mod_dav_svn (CVE-2020-17525), but since we do not build or use any
Apache modules, it is not an issue for the FreeBSD base system.
Relnotes: yes
MFC after: 3 days
Changes of interest
o unit-tests: use private TMPDIR to avoid errors from other users
o avoid strdup in mkTempFile
o always use vfork
o job.c: do not create empty shell files in jobs mode
reduce unnecessary calls to waitpid
o cond.c: fix debug output for comparison operators in conditionals
Glibc's stdlib.h defines various prototypes for GNU extensions that take
a locale_t. Newer versions use locale_t directly and include an internal
bits/types/locale_t.h in order to get its definition, but older versions
include xlocale.h for that, for which our bootstrap version is empty.
Moreover it expects to use the glibc-specific __locale_t type. Thus,
provide dummy definitions of both types in order to ensure the
prototypes don't give any errors, and guard against the header being
inadvertently included between the bootstrapping namespace.h and
un-namespace.h, where locale_t is #define'd.
This header is not used when bootstrapping on FreeBSD and exists solely
to stub out glibc's, so this should have no impact on FreeBSD hosts.
Reviewed by: arichardson, emaste (comment only)
Differential Revision: https://reviews.freebsd.org/D28317
I found this when compiling all the bootstrap tools with -fsanitize=addres:
==65590==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x62d000008400 at pc 0x000000473053 bp 0x7ffc1c7dd910 sp 0x7ffc1c7dd0b8
READ of size 32769 at 0x62d000008400 thread T0
#0 0x473052 in regexec (/local/scratch/alr48/cheri/build/freebsd-amd64-build/local/scratch/alr48/cheri/freebsd/amd64.amd64/tmp/legacy/bin/grep+0x473052)
#1 0x4c9cf3 in procline /local/scratch/alr48/cheri/freebsd/usr.bin/grep/util.c:539:8
#2 0x4c8687 in procfile /local/scratch/alr48/cheri/freebsd/usr.bin/grep/util.c:379:18
#3 0x4c6596 in main /local/scratch/alr48/cheri/freebsd/usr.bin/grep/grep.c:714:8
0x62d000008400 is located 0 bytes to the right of 32768-byte region [0x62d000000400,0x62d000008400)
allocated by thread T0 here:
#0 0x493d5d in malloc (/local/scratch/alr48/cheri/build/freebsd-amd64-build/local/scratch/alr48/cheri/freebsd/amd64.amd64/tmp/legacy/bin/grep+0x493d5d)
#1 0x4cad75 in grep_malloc /local/scratch/alr48/cheri/freebsd/usr.bin/grep/util.c:656:13
#2 0x4c8129 in procfile /local/scratch/alr48/cheri/freebsd/usr.bin/grep/util.c
#3 0x4c6596 in main /local/scratch/alr48/cheri/freebsd/usr.bin/grep/grep.c:714:8
SUMMARY: AddressSanitizer: heap-buffer-overflow (/local/scratch/alr48/cheri/build/freebsd-amd64-build/local/scratch/alr48/cheri/freebsd/amd64.amd64/tmp/legacy/bin/grep+0x473052) in regexec
Reviewed By: kevans
MFC after: 1 week
The basic issue here is that grep, when given -m 1, would stop all
line processing once it hit the match count and exit immediately. The
problem with exiting immediately is that -A processing only happens when
subsequent lines are processed and do not match.
The fix here is relatively easy; when bsdgrep matches a line, it resets
the 'tail' of the matching context to the value supplied to -A and
dumps anything that's been queued up for -B. After the current line has
been printed and tail is reset, we check our mcount and do what's
needed. Therefore, at the time that we decide we're doing nothing, we
know that 'tail' of the context is correct and we can simply continue
on if there's still more to pick up.
With this change, we still bail out immediately if there's been no -A
flag. If -A was supplied, we signal that we should continue on. However,
subsequent lines will not even bothere to try and process the line. We
have reached the match count, so even if the next line would match then
we must process it if it hadn't. Thus, the loop in procfile() can
short-circuit and just process the line as a non-match until
procmatches() indicates that it's safe to stop.
A test has been added to reflect both that we should be picking up the
next line and that the next line should be considered a non-match even
if it should have been.
PR: 253350
MFC-after: 3 days
The null pattern semantics were terrible because I tried to match gnugrep,
but I got it wrong. Let's unwind that:
- The null pattern should match every line if neither -w nor -x.
- The null pattern should match empty lines if -x.
- The null pattern should not match any lines if -w.
The first two will stop processing (shortcut) even if additional patterns
are specified. In any other case, we will continue processing other
patterns. If no other patterns are specified beside a null pattern, then
we match if neither -w nor -x or set and do not match if either of those
are specified.
The justification for -w is that it should match on a whole word, but the
null pattern deos not have a whole word to match on.
Empty pattern files should never match anything, and more importantly, -v
should cause everything to be written.
PR: 253209
MFC-after: 4 days
This fixes running the du tests with /tmp as tmpfs (which is what we do in the
CheriBSD CI).
Obtained from: CheriBSD
Reviewed By: ngie
Differential Revision: https://reviews.freebsd.org/D28398
When checking if the newly opened file is the same as the old one,
we need to fstat() the new file descriptor, not the old one again.
Reviewed by: glebius
Sponsored by: Netflix
This option was not tested when WARNS was globally lifted in the src tree up
to 6. Drop WARNS back down to unbreak the build; note that this is still
enabling more warnings than it had before the WARNS change, so the gcc build
may need to be independently evaluated at this level.
PR: 252865
Reported-by: Build Option Servey via Michael Dexter
MFC-after: 3 days
- Use libelf to parse ELF data structures and remove code duplication
for ELF32.
- Don't require the OSABI field to be set to the FreeBSD OSABI for
shared libraries. Both AArch64 and RISC-V leave it set to "none"
and instead depend on the ABI tag note. For ldd, this means falling
back to walking the notes in PT_NOTE segments to find the ABI tag
note to determine if an ELF shared library without OSABI set in the
header file is a FreeBSD shared library.
Reviewed by: kib
MFC after: 5 days
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D28342
When diff hits certain access errors, function diffreg() shows the error
message, and then returns to the calling function, which calls
print_status() with the return value.
However, in these cases, the return value isn't changed from the initial
default value of D_SAME.
Normally, print_status() with a value of D_SAME does nothing, so this
works out ok, however, if the "-s" flag is set, a message is displayed
showing identicality:
case D_SAME:
if (sflag)
printf("Files %s%s and %s%s are identical\n", path1, entry, path2, entry);
break;
This then produces such results as:
% diff -s /COPYRIGHT /var/run/rpcbind.sock
diff: /var/run/rpcbind.sock: Operation not supported
Files /COPYRIGHT and /var/run/rpcbind.sock are identical
% diff -s /COPYRIGHT /etc/master.passwd
diff: /etc/master.passwd: Permission denied
Files /COPYRIGHT and /etc/master.passwd are identical
Create a D_ERROR status which is returned in such cases, and
print_status() then deals with that status seperately from D_SAME
PR: 252614
MFC after: 1 week
Target value for val has uint32_t type, not uint, adjust used constant.
Change val type to unsigned so that left and right sides of comparision
operator do not expose different signed types of same range [*].
Switch to unsigned long long and strtoll(3) so that 0x80000000 is
accepted by conversion function [**].
Reported by: kargl [*]
Noted by: emaste [**]
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28301
This will allow elfctl on older releases to set bits that are not yet
known there, so that the binary will have the correct settings applied
if run on a later FreeBSD version.
PR: 252629 (related)
Suggested by: kib
Reviewed by: gbe (manpage, earlier), kib
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28284
Summary:
Steps 5 and 9:
- Update Mentor and Mentee Information
- Update Ports with Personal Information
Reviewers: tcberner, fernape
Reviewed By: fernape
Subscribers: imp
Differential Revision: https://reviews.freebsd.org/D28281
This is what amd64 calls the i386 Linux ABI in order to distinguish it
from the amd64 Linux ABI, and matches the nomenclature used for the
FreeBSD ABIs where they always have the size suffix in the name.
Reviewed by: trasz
Differential Revision: https://reviews.freebsd.org/D27647
Some ELF feature flags indicate a request to opt-out of some feature,
for example NT_FREEBSD_FCTL_ASLR_DISABLE indicates that ASLR should be
disabled for the tagged binary. Using "aslr" as the short name for the
flag is confusing as it seems to indicate a request for ASLR to be
enabled. Rename "noaslr", and make a similar change for other opt-out
flags.
Reviewed by: bapt, manu, markj
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28139
I am going to prefix opt-out ELF feature flag names with "no" to make
their meaning more clear (review D28139), but there are some uses of the
existing names already (e.g., the PR referenced below).
For now accept the older, unprefixed name as well, and emit a warning.
We can revert this after FreeBSD 13 branches.
% elfctl -e +aslr foo
elfctl: interpreting aslr as noaslr; please specify noaslr
PR: 239873 (related)
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28140
Quite a lot of churn on style, but lots of
good work refactoring complicated functions
and lots more unit-tests.
Thanks mostly to rillig at NetBSD
Some interesting entries from ChangeLog
o .MAKE.{UID,GID} represent uid and gid running make.
o allow env var MAKE_OBJDIR_CHECK_WRITABLE=no to skip writable
checks in InitObjdir. Explicit .OBJDIR target always allows
read-only directory.
o add more unit tests for META MODE
Merge commit '8e11a9b4250be3c3379c45fa820bff78d99d5946' into main
Change-Id: I464fd4c013067f0915671c1ccc96d2d8090b2b9c
This may allow an identical elfctl invocation to be used on multiple
FreeBSD versions, with features not implemented on older releases being
silently ignored.
PR: 252629 (related)
Reviewed by: kib
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28130
-s causes cmp to print nothing for differing files, for use when only
the exit status is of interest.
-z compares the file size first, for regular files, and fails the
comparison early if they do not match.
Prior to this change -s implied -z as an optimization, but this is not
valid when file offsets are specified. Now, enable the -z optimization
for -s only if both skip arguments are not provided / 0.
Note that using -z with differing skip values will currently always
fail. We may want to compare size1 - skip1 with size2 - skip2 instaead,
and in any case the man page should be clarified.
PR: 252542
Fixes: 3e6902efc8
Reported by: William Ahern
Reviewed by: markj
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28071
ldd had #defines for AOUT, ELF, and ELF32. The removal of AOUT left a
possibly confusing gap. These are not used anywhere but this file so
renumber to avoid the gap.
Reported by: allanjude
Previously -q (just print a line when files differ) ignored flags like
-w (ignore whitespace). Avoid the D_BRIEF short-circuit when flags are
in effect.
PR: 252515
Reported by: Scott Aitken
Reviewed by: kevans
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D28064
Add two simple examples showing the use of the flags: d, n, s, t
While here, reorder cross references properly by section
Bump .Dd
Approved by: manpages (gbe@)
Differential Revision: https://reviews.freebsd.org/D27540
last(1): Bump .Dd
Add some examples showing the use of the flags: a, k, P, w
Reviewed by: gbe@, yuripv@
Approved by: manpages (gbe@)
Differential Revision: https://reviews.freebsd.org/D27545
Userland aout support has not been required since FreeBSD 2.x.
If someone needs to use FreeBSD 2 shared libraries they will be best
served by using a FreeBSD 2 ldd, perhaps as part of a jail with a full
FreeBSD 2.x install.
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27478
The current version of this test will effectively pass as long as one of the
specified paths is in the output, and it could even be a subset of one of
the paths.
Strengthen up the test a little bit:
* Specify beginning/end anchors for each path
* Add egrep -v checks to make sure we don't have any *additional* paths
* Ratchet down paths2 to exactly the two paths we expect to appear
Reviewed by: ngie
Differential Revision: https://reviews.freebsd.org/D27984
This test attempts to use \t (tab intended) in a grep expression. With the
former /usr/bin/grep (i.e. gnugrep), this was interpreted as a literal 't'.
The expression would work anyways because the tr(1) usage would ultimately
replace all of the spaces with a single newline, and they would match the
paths whether they were correctly fromatted or not.
Current /usr/bin/grep (i.e. bsdgrep) is less-tolerant of ordinary-escapes, a
property of the underlying regex(3) engine, to make it easier to identify
when stuff like this happens. In-fact, this expression broke after the
switch happened.
This revision does the bare basics to fix the usage by using a printf to get
a literal tab character to insert into the expression. It also swaps out the
manual insertion of the line prefix into the grep expression by pulling
that part out of $sep and reusing it for the leading path.
The secondary issue was the tr(1) usage, since tr would only replace the
first character of string1 with the first character of string2. This has
instead been replaced by a sed expression, which similary understands \n to
be a newline on all supported versions of FreeBSD. Each path now gets
prefixed with the appropriate context that should be there (i.e. numeric
sequence followed by a tab).
PR: 252446
Reviewed by: emaste, ngie
Differential Revision: https://reviews.freebsd.org/D27983
As suggested in D27598. This also supports MK_WERROR.clang=no and
MK_WERROR.gcc=no to support the existing NO_WERROR.<compiler> uses.
Reviewed By: brooks
Differential Revision: https://reviews.freebsd.org/D27601
While here:
- Split synopsis into two parts. The first explains how to record
sessions, while the second one explains how to replay (some of)
the recorded sessions.
- Fix the -width argument of the environment variables list.
MFC after: 1 week
- Ignore malformed directory entries as created by Dropbox ("/").
(rev 1.24)
- Use libarchive 3.x interface: check result for archive_read_free()
and don't call archive_read_close manually. (rev 1.23)
- Always overwrite symlinks on extraction, ever if they're newer than
entries in archive.
- Use getline() rather than getdelim().
PR: 231827
Submitted by: ak
Reviewed by: mm
Obtained from: NetBSD
MFC after: 2 weeks
sockstat can "hang" on getpwuid() calls in situations when FreeBSD
is joined to a directory service (AD/LDAP etc) and the directory
service fail to answer in a timely manner when trying to resolve
numeric UIDs to user names.
Submitted by: Caleb St. John <caleb@ixsystems.com>
MFC after: 1 week
Add two simple examples. In this case I opted to show a small portion of
the output since it helps to understand what the tool does. It shows the use
of the -t flag too.
PR:
Submitted by:
Reported by:
Reviewed by: gbe@
Approved by: manpages (bcr@)
Obtained from:
MFC after:
MFH:
Relnotes:
Security:
Sponsored by:
Differential Revision: https://reviews.freebsd.org/D27543
FreeBSD has used ELF binaries/libraries for decades, but still has some
support for legacy a.out binaries. Portions of this have been retired
over time, but support remained in ldd, ldconfig, and gprof.
Retire gprof support; if anyone needs to do development on a.out
binaries still they will be best served by installing a full FreeBSD 2.x
or other obsolete version in a jail.
Kernel support for executing a.out binaries is unchnaged.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27480
Unconditionally install bsdgrep as grep, bootstrap or not. Remove all
build glue and stop installing both gnugrep and libgnuregex now that
all consumers of the latter are gone.
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D27732
When exporting a variable we correctly check all the preconditions that
could make setenv(3) fail. Checking the setenv(3) return value seems
redundant, but given that login(1) is critical, it doesn't hurt to have
a post-check.
This change is based on the "Principles of Secure Coding" course by
Matthew Bishop, PhD., which specifically discusses this code in FreeBSD.
(This change redoes r368776 due to a silly mistake)
When exporting a variable we correctly check all the preconditions that
could make setenv(3) fail. Checking the setenv(3) return value seems
redundant, but given that login(1) is critical, it doesn't hurt to have
a post-check.
This change is based on the "Principles of Secure Coding" course by
Matthew Bishop, PhD., which specifically discusses this code in FreeBSD.
Differential Revision: https://reviews.freebsd.org/D26966
Also centralize and unify checks to enable ASLR stack gap in a new
helper exec_stackgap().
PR: 239873
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Move the include of langinfo.h out of the WITH_ICONV condition block,
since it is not dependent on ICONV. This was correct when nl_langinfo()
had only been called in the WITH_ICONV case, but that is no longer the
case.
Submitted by: yuripv
There was an unprotected use of nl_langinfo() to determine the order of
day vs. month in the generated output.
When building without ICONV support, the order will be: month, day.
yesexpr is an extended regular expression for quite some time now,
use appropriate flag when compiling it.
PR: 238762
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D27509
Add simple example showing the use of the flags: p, t, v
Reviewed by: gbe@, yuripv@
Approved by: manpages (yuripv@)
Differential Revision: https://reviews.freebsd.org/D27541
These values are taken directly from the density report from an
IBM LTO-9 tape drive. (Using mt getdensity)
A LTO-9 drive stores 18TB raw (45TB with compression) on an LTO-9 tape.
lib/libmt/mtlib.c:
Add the LTO-9 density code, and bpmm/bpi values.
usr.bin/mt/mt.1:
Add the LTO-9 density code, bpmm/bpi values and number of
tracks. Bump the man page date.
MFC after: 3 days
Sponsored by: Spectra Logic
