8213 Commits

Author SHA1 Message Date
mckusick
0c6131b761 Truely fix #if defined broken in -r343111
Pointy-hat-to: mckusick
2019-01-17 16:26:59 +00:00
mckusick
7bd3ea2052 Proper definition of elast3.
Reported by: Oliver Pinter <oliver.pinter@hardenedbsd.org>
2019-01-17 15:42:10 +00:00
mckusick
115404dd89 Fix #if defined broken in -r343111
Pointy-hat-to: mckusick
2019-01-17 15:35:04 +00:00
mckusick
72a21ba0f6 Create new EINTEGRITY error with message "Integrity check failed".
An integrity check such as a check-hash or a cross-correlation failed.
The integrity error falls between EINVAL that identifies errors in
parameters to a system call and EIO that identifies errors with the
underlying storage media. EINTEGRITY is typically raised by intermediate
kernel layers such as a filesystem or an in-kernel GEOM subsystem when
they detect inconsistencies. Uses include allowing the mount(8) command
to return a different exit value to automate the running of fsck(8)
during a system boot.

These changes make no use of the new error, they just add it. Later
commits will be made for the use of the new error number and it will
be added to additional manual pages as appropriate.

Reviewed by:    gnn, dim, brueffer, imp
Discussed with: kib, cem, emaste, ed, jilles
Differential Revision: https://reviews.freebsd.org/D18765
2019-01-17 06:35:45 +00:00
cy
0f161e0ed6 Remove redundant ipfilter version of pcap-bpf.h. As of r214535 it was
no longer needed.

MFC after:	1 week
2019-01-16 20:46:39 +00:00
kib
f34dbcf7d0 Implement shmat(2) flag SHM_REMAP.
Based on the description in Linux man page.

Reviewed by:	markj, ngie (previous version)
Sponsored by:	Mellanox Technologies
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D18837
2019-01-16 05:15:57 +00:00
kib
b1df0520f7 Trim spaces at the end of lines.
Reviewed by:	markj, ngie
Sponsored by:	Mellanox Technologies
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D18837
2019-01-16 05:09:29 +00:00
cy
2487ef39a2 Remove an IRIX-only source file.
MFC after:	1 week
2019-01-16 02:05:42 +00:00
emaste
b54d7a9715 Update to ELF Tool Chain r3668
Highlights:
- Make sure that only TLS sections are sorted into TLS segment.
- Fixed multiple errors in "Section to Segment mapping".
- Man page updates
- ar improvements
- elfcopy: avoid filter_reloc uninitialized variable for rela
- elfcopy: avoid stripping relocations from static binaries
- readelf: avoid printing directory in front of absolute path
- readelf: add NT_FREEBSD_FEATURE_CTL FreeBSD note type
- test improvements

NOTES:

Some of these changes originated in FreeBSD and simply reduce diffs
between contrib and vendor.

ELF Tool Chain ar is not (currently) used in FreeBSD, and there are
improvements in both FreeBSD and ELF Tool Chain ar that are not in
the other.

Sponsored by:	The FreeBSD Foundation
2019-01-10 14:35:23 +00:00
glebius
5c01e9df31 Timer interval is correctly counted in ticks (1/100 s) in
mibif_reset_hc_timer().  Multiplication by 10 is erroneous
and is probably a blind copy and paste from next function.

PR:		132993
Submitted by:	Vitezslav Novy <vnovy vnovy.net>
2019-01-09 05:53:59 +00:00
pjd
cdf255bc9f In r316006 the getstrfromtype_locked() function was modified to return
an empty string, instead of NULL, if an entry is missing in the audit_control
file. Because of that change the getachost() function started to return
success even if the host name was not defined in the audit_control.
This in turn led to auditd_hostlen always being set (for an empty host it was
set to 0). If auditd_hostlen was not equal to -1 we were trying to append
the host name to trail file name. All this led to situation where when host
name is not defined in audit_control, auditd will create trail files with
a leading '.', which breaks auditdistd as it doesn't work with longer audit
trail file names.

Fix this by appending host name to the trail file name only if the host name
is not empty.
2019-01-09 01:16:35 +00:00
kib
be893b4ffd Clamp tuklib_physmem() return value to SIZE_T_MAX.
On 32bit platforms it is possible to have (much) more physical RAM
than is mappable into single address space.  In this case liblzma
scales the value into a request to mmap more address space than it is
theoretically possible.

Reported and tested by:	pho
Reviewed by:	delphij
Discussed with:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2019-01-06 23:59:04 +00:00
cy
1c9a919954 Remove ipsd (IP Scan Detetor). It is unused and to my knowledge has
never been used on any platform that ipfilter has been on. However
it looks like it could be a useful utility, therefore there are plans
to make it a port one day. It lacks a man page as well.

MFC after:	1 month
2019-01-06 21:24:44 +00:00
philip
9e724bf2b7 Import tzdata 2018i
Changes: https://github.com/eggert/tz/blob/2018i/NEWS

MFC after:	2 days
2018-12-31 07:57:37 +00:00
philip
9fe8985a00 Import tzdata 2018h
Changes: https://github.com/eggert/tz/blob/2018h/NEWS

MFC after:	3 days
2018-12-30 08:22:35 +00:00
cy
61fa48679a TCP_PAWS_IDLE is does not exist in NetBSD and illumos. In FreeBSD
TCP_PAWS_IDLE is defined in netinet/tcp_seq.h, however this header
isn't included explicitly or implicitly at this point therefore
as far ipfilter is concerned TCP_PAWS_IDLE is not defined. Remove
the #ifdef and include netinet/tcp.h unconditionally.

MFC after:	1 week
2018-12-30 04:25:48 +00:00
dim
9446fc065b Pull in r342863 from upstream llvm trunk (by Hans Wennborg):
Remove debug printf leftover from r342397

PR:		234480
MFC after:	6 weeks
X-MFC-With:	r341825
2018-12-29 15:21:51 +00:00
dim
4d6e1dc006 Pull in r342397 from upstream llvm trunk (by Amara Emerson):
Revert "Revert r342183 "[DAGCombine] Fix crash when store merging
  created an extract_subvector with invalid index.""

  Fixed the assertion failure.

  Differential Revision: https://reviews.llvm.org/D51831

This fixes 'Assertion failed: ((VT.getVectorNumElements() +
N2C->getZExtValue() <= N1.getValueType().getVectorNumElements()) &&
"Extract subvector overflow!"), function getNode' when building the
multimedia/aom port (with AVX2 enabled).

Reported by:	jbeich
PR:		234480
MFC after:	6 weeks
X-MFC-With:	r341825
2018-12-29 15:13:49 +00:00
sjg
0b3293f227 Merge bmake-20181221 2018-12-23 01:05:52 +00:00
cy
ce7ba01778 MFV r342175:
Update sqlite3-3.23.1 --> sqlite3-3.26.0 (3260000)

MFC after:	3 days
Security:	https://blade.tencent.com/magellan/index_en.html
		No known CVE was apparently registered.
2018-12-18 01:12:30 +00:00
dim
d3f31084c9 Update clang, llvm, lld, lldb, compiler-rt and libc++ version number to
7.0.1 release r349250.  There were no functional changes since the 7.0.1
rc3 import.

PR:		230240, 230355
Relnotes:	yes
MFC after:	2 months
X-MFC-With:	r341825
2018-12-15 14:08:41 +00:00
mm
426936ff22 MFV r341771,342040,342041:
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1102: RAR5 reader - fix big-endian problems
  PR #1105: Fix various crash, memory corruption and infinite loop conditions
  PR #1107: RAR5 reader: removed an unused function: bf_is_last_block

MFC after:	1 week
2018-12-13 11:18:45 +00:00
hselasky
c5d6dce698 Don't register IOCTLs with capsicum when there is no valid file descriptor.
This fixes tcpdump when using mlx5_X devices.

Differential Revision:	https://reviews.freebsd.org/D18499
Reviewed by:		kib@, slavash@, oshogbo@
MFC after:		1 week
Sponsored by:		Mellanox Technologies
2018-12-12 09:51:10 +00:00
dim
07b9c9ba27 Merge ^/head r340918 through r341763. 2018-12-09 11:39:45 +00:00
dim
43ddd8bc14 Merge llvm, clang, lld, lldb, compiler-rt and libc++ release_70 branch
r348686 (effectively 7.0.1 rc3), resolve conflicts, and bump version
numbers.

PR:		230240, 230355
2018-12-09 11:36:04 +00:00
cy
b53b242388 MFV r341618:
Update wpa 2.6 --> 2.7.
2018-12-09 06:45:49 +00:00
pjd
3c25eec2c3 Consider the following situation:
The sender has .not_terminated file. It gets disconnected. The last trail
file is then terminated without adding new data (this can happen for example
when auditd is being stopped on the sender). After reconnect the .not_terminated
was not renamed on the receiver as it should.

We were already handling similar situation where the sender crashed and the
.not_terminated trail file was renamed to .crash_recovery. Extend this case to
handle the situation above.
2018-12-07 03:13:36 +00:00
sjg
9944792304 Update bmake to version 20180919
Cleanup of stats cache
and new :q modifier.
2018-12-06 20:56:19 +00:00
cy
89c5bde73b Remove an ugly Ultrix hack. Ultrix has been AWOL since the last ice
age, more to come.

MFC after:	1 week
2018-12-06 20:15:54 +00:00
slavash
8dd5aa9b23 opensm: Use precision specifier for scanf
If user input a string larger than the length of buffer, the stack
memory will be corrupted.

Approved by:    hselasky (mentor)
MFC after:      1 week
Sponsored by:   Mellanox Technologies
2018-12-05 13:28:46 +00:00
slavash
e068d6add9 libibverbs: Fix memory leak in ibv_read_sysfs_file().
Testing packetdrill using valgrind resulted in finding a memory leak in
ibv_read_sysfs_file(). The attached patch fixes it.

Submitted by:	tuexen@
Approved by:    hselasky (mentor)
MFC after:      1 week
Sponsored by:   Mellanox Technologies
2018-12-05 13:28:17 +00:00
cy
d07109aadc As part of the general cleanup of the ipfilter code, special cases
are committed separately to document fixing them separately from
the general cleanup. In this case we don't want to hide the utter
brokenness of what is being fixed.

Clean up a discombobulated block of #if's, with one block unreachable.
ip_fil.c is used in ipftest which is used to dry-run test ipfilter
rules in userspace without loading them in the kernel. The call to
(*ifp->if_output) matches that in the FreeBSD kernel.

Further testing and work will be required to make ipftest fully
functional.

MFC after:	1 week
2018-12-04 06:11:04 +00:00
yuripv
85096f812f vi: fix UTF-8 detection.
PR:		202290
Submitted by:	lampa@fit.vutbr.cz
Reviewed by:	bapt
Approved by:	kib (mentor, implicit)
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D17950
2018-11-26 15:33:55 +00:00
mm
c4065f2d8a MFV r340938:
Sync libarchive with vendor.

Relevant vendor changes:
  Issue #1096: Support extracting ACLs with in-entry comments (GNU tar)
  PR #1023: Support extracting extattrs as non-root on non-user-writeable
            files

MFC after:	1 week
2018-11-26 11:04:35 +00:00
dim
3aa6bcc5fe Merge ^/head r340427 through r340868. 2018-11-24 14:46:06 +00:00
mm
8a8c94dcfc MFV r340865:
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1080: Spelling fixes
  PR #1084: RAR5 reader bugfixes
  PR #1091: fix use-after-free in delayed newc link processing
  PR #1092: Fix a few obvious resource leaks and strcpy() misuses

MFC after:	1 week
2018-11-24 01:25:45 +00:00
mjg
964a7b2e16 strings: unbreak the build after r340746
Discussed with:	oshogbo
Sponsored by:	The FreeBSD Foundation
2018-11-21 22:37:49 +00:00
oshogbo
3c79232eb6 strings: fix style nits
Reviewed by:	cem, emaste, Joseph Koshy <jkoshy@users.sourceforge.net>
Differential Revision:	https://reviews.freebsd.org/D18036
2018-11-21 21:48:02 +00:00
sobomax
90bad5f3b9 Fix CU: output of the --debug-dump=decodedline, the problem there
is that both file name and current directory is recorded, however
file name sometimes already contains absolute path. In which case
prefixing it with directory name results in an invalid pathname.

Only append directory name if the file name does not start with '/'.
This seems to DTRT.

Approved by:	emaste
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18290
2018-11-21 21:46:06 +00:00
yuripv
697e15c1a9 Make mbstowcs_basic test pass, now that we have more ctype definitions.
Reported by:	jenkins
Approved by:	kib (mentor, implicit)
2018-11-17 12:59:59 +00:00
0mp
213cb44e2d smbutil(1): Improve mdoc formatting.
Also, make the path to the example configuration file absolute.

Reviewed by:	bcr
Approved by:	krion (mentor, implicit), mat (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17985
2018-11-14 15:15:07 +00:00
trasz
cfdbbc84de Pick 57553c3b1a5592dc4c03f3c6831d9b794e523865 from upstream:
Avoid touching all pages in extent_recycle for debug build.

    We may have a large number of pages with *zero set (since they are populated on
    demand).  Only check the first page to avoid paging in all of them.

This makes it easy to compare performance with and without 'retain:true'.

Discussed with:	jasone
Obtained from:	Qi Wang <interwq at gwu dot edu>
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-11-14 13:06:48 +00:00
emaste
e4830730f1 Revert r340385, strings capability mode
This needs to be reworked for bootstrapping.
2018-11-13 01:30:31 +00:00
emaste
a7897bfba1 strings: enter capability mode when operating on stdin
Reviewed by:	oshogbo
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2018-11-12 20:38:43 +00:00
dim
0838f433ff Merge ^/head r340235 through r340367. 2018-11-12 16:41:41 +00:00
oshogbo
cb78f985ad libcasper: ange the name of limits in cap_dns so the intentions are obvious.
Reported by:	pjd
MFC after:	3 weeks
2018-11-12 15:52:45 +00:00
emaste
e6b659c541 nvi: remove superfluous space before ^\
This fixes alignment in vi's 'viusage' command and has been fixed
upstream and in OpenBSD.

Submitted by:	Raf Czlonka (github:rjc)
MFC after:	1 week
Pull Request:	https://github.com/freebsd/freebsd/pull/122
2018-11-09 17:39:57 +00:00
yuripv
17c10964b4 Reset persistent mbstates when rune locale encoding changes.
This was shown to be a problem by side effect of now-enabled test case,
which was going through C, en_US.UTF-8, ja_JP.SJIS, and ja_JP.eucJP,
and failing eventually as data in mbrtowc's mbstate, that was
perfectly correct for en_US.UTF-8 was treated as incorrect for
ja_JP.SJIS, failing the entire test case.

This makes the persistent mbstates to be per ctype-component,
and not per-locale so we could easily reset the mbstates when
only LC_CTYPE is changed.

Reviewed by:	bapt, pfg
Approved by:	kib (mentor, implicit)
Differential Revision:	https://reviews.freebsd.org/D17796
2018-11-09 03:32:53 +00:00
dim
b45b4d8aa3 Merge ^/head r340126 through r340212. 2018-11-07 18:52:28 +00:00
trasz
e47db63c84 Pick 50b473c8839f5408df179bdf6f2b3fd2cf5c3b2f from upstream:
Set commit properly for FreeBSD w/ overcommit.

    When overcommit is enabled, commit needs to be set when doing mmap().  The
    regression was introduced in f80c97e.

This fixes 'retain:true'.

Discussed with:	jasone
Obtained from:	Qi Wang <interwq at gwu dot edu>
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-11-06 12:05:46 +00:00