The first test triggers the out of bounds read of the 'left' array. It
only fails when realpath.c is compiled with '-fsanitize=address'.
The other test checks for ENOENT when running into an empty
symlink. This matches NetBSD's realpath(3) semantics. Previously,
empty symlinks were treated like ".".
Submitted by: Jan Kokemц╪ller <jan.kokemueller@gmail.com>
PR: 219154
MFC after: 2 weeks
With ip fragment reassembly implemented, it makes sense to allow
larger nfs reads. Note due to loader heap size limit, we do not want
to set too large maximum read size. Also we do not change default read size.
Reviewed by: bcr, allanjude
Differential Revision: https://reviews.freebsd.org/D10754
Implement simple separate ip module and fragment re-assembly.
The work is based on send and receive previously implemented in udp.c,
moved to ip.c and added the ip fragment re-assembly.
This change allows to specify larger tftp or nfs payload, such as:
tftp.blksize=4096 or nfs.read_size=4096
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D10631
_local_initshells did not reset cp to the beginning of the line buffer
for every iteration that it called fgets(3), leading to writing past the
end of line with fairly long /etc/shells or excessively long line
lengths. Correct this by properly resetting cp.
PR: 192528
Submitted by: Kyle Evans <kevans91@ksu.edu>
Reviewed by: cem, jilles
Differential Revision: https://reviews.freebsd.org/D10690
If realpath() allocated memory for result and failed, the memory is
freed in each place where return is performed. More, the function
needs to track the allocation status, to not free user-supplied
buffer.
Consolidate the memory handling in the wrapper, freeing the buffer if
the actual worker failed.
Reviewed by: emaste (previous version)
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D10670
- The statement "left_len -= s - left;" does not take the slash into
account if one was found. This results in the invariant
"left[left_len] == '\0'" being violated (and possible buffer
overflows). The patch replaces the variable "s" with a size_t
"next_token_len" for more clarity.
- "slen" from readlink(2) can be 0 when encountering empty
symlinks. Then, further down, "symlink[slen - 1]" underflows the
buffer. When slen == 0, realpath(3) should probably return ENOENT
(http://austingroupbugs.net/view.php?id=825,
https://lwn.net/Articles/551224/).
Some other minor issues:
- The condition "resolved_len >= PATH_MAX" cannot be true.
- Similarly, "s - left >= sizeof(next_token)" cannot be true, as long
as "sizeof(next_token) >= sizeof(left)".
- Return ENAMETOOLONG when a resolved symlink from readlink(2) is too
long for the symlink buffer (instead of just truncating it).
- "resolved_len > 1" below the call to readlink(2) is always true as
"strlcat(resolved, next_token, PATH_MAX);" always results in a
string of length > 1. Also, "resolved[resolved_len - 1] = '\0';" is
not needed; there can never be a trailing slash here.
- The truncation check for "strlcat(symlink, left, sizeof(symlink));"
should be against "sizeof(symlink)" (the third argument to strlcat)
instead of "sizeof(left)".
Submitted by: Jan Kokemц╪ller <jan.kokemueller@gmail.com>
PR: 219154
MFC after: 2 weeks
an inexact floating point exception. The variable cannot be eliminated,
unfortunately, otherwise the desired addition triggering the exception
will be emitted neither by clang, nor by gcc.
Reviewed by: Steve Kargl, bde
MFC after: 3 days
lib/libmt/mtlib.c:
Add the LTO-8 density code to the density table in libmt.
usr.bin/mt/mt.1:
Add the LTO-8 density code, tracks, bpmm, and bpi to the density
table in the mt(1) man page.
MFC after: 3 days
Sponsored by: Spectra Logic
The current read from network is working from up to down - we have some
protocol needing the data from the network, so we build the buffer space
for that protocol, add the extra space for headers and pass this buffer
down to be filled by nif get call in hope, we have guessed the incoming
packet size right. Amazingly enough this approach mostly does work, but
not always...
So, this update does work from down to up - we allocate buffer (based
on MTU or frame size info), fill it up, and pass on for upper layers.
The obvious problem is that when we should free the buffer - if at all.
In the current implementation the upper layer will free the packet on error
or when the packet is no longer needed.
While working on the issue, the additional issue did pop up - the bios
implementation does not have generic get/put interface but is using pxe
udpsend/udpreceive instead. So the udp calls are gone and undi interface
is implemented instead. Which in turn means slight other changes as we
do not need to have duplicated pxe implementation and can just use dev_net.
To align packet content, the actual read from nic is using shifted buffer by
ETHER_ALIGN (2).
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D10232
Don't use DHCP 150 option to decide which protocol use to netboot. When
root-path includes ip address - go thru NFS, if ip address not exists in
root-path - go thru TFTP from server which ip address is in next-server. But
there is one limitation - only one tftp server in network to provide loader and
everything else. Does enybody use more than only one?
Submitted by: kczekirda
Sponsored by: Oktawave
MFC after: 3 weeks
Relnote: Yes
Differential Revision: https://reviews.freebsd.org/D8740
The previous misuse of sys_sigqueue() was sending random register or
stack garbage to 64-bit targets. The freebsd32 implementation preserves
the sival_int member of value when signaling a 64-bit process.
Document the mixed ABI implementation of union sigval and the
incompability of sival_ptr with pointer integrity schemes.
Reviewed by: kib, wblock
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D10605
Trivial style(9) fix, no functional change. There are also some 81
characters lines below, but I don't see a good way to shorten them.
Sponsored by: Dell EMC Isilon
Adapt glob's match() routine to use a greedy algorithm that avoids
exponential runtime in byzantine inputs.
While here, add a testcase for the byzantine input.
Prompted by: https://research.swtch.com/glob
Authored by: Yves Orton <demerphq at gmail.com>
Obtained from: Perl (33252c318625f3c6c89b816ee88481940e3e6f95)
Sponsored by: Dell EMC Isilon
When passed the invalid regular expression "a**", the error is
eventually detected and seterr() is called. It sets p->error
appropriatly and p->next and p->end to nuls which is a never used char
nuls[10] which is zeros due to .bss initialization. Unfortunatly,
p_ere_exp() and p_simp_re() both have fall through cases where they set
the error, decrement p->next and access it which means a read from what
ever .bss variable comes before nuls.
Found with regex_test:repet_multi and CHERI bounds checking.
Reviewed by: ngie, pfg, emaste
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D10541
Accomplish this by allocating space for it in __svc_xports and allowing
it to be registered. The failure to allocate space was causing an
out-of-bounds read in svc_getreq_common(). The failure to register
caused PR 211804.
The bug was found with CHERI bounds checking.
PR: 211804
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Reviewed by: ngie
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D10528
The mutex is used in sem_open() and sem_close(), which cannot
recurse. The atfork handlers cannot collide with the open and close
code.
Reviewed by: vangyzen
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D10545
Do not retest for the found semaphore after the loop to look it up.
Instead, handle both cases of last and non-last close simultaneously,
which allows to consolidate the list unlock and successful return.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
The H_SET operation of the history() function takes an int argument which is
the position of the item to which the cursor should be moved to.
Submitted by: Abhinav Upadhyay <abhinav@NetBSD.org>
The sysctl(HW_PAGESIZE) call cannot fail on FreeBSD kernels at least.
And even if it failed for some improbable reason, PAGE_SIZE is a safe
value to return.
Discussed with: jilles
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
patm(4) devices.
Maintaining an address family and framework has real costs when we make
infrastructure improvements. In the case of NATM we support no devices
manufactured in the last 20 years and some will not even work in modern
motherboards (some newer devices that patm(4) could be updated to
support apparently exist, but we do not currently have support).
With this change, support remains for some netgraph modules that don't
require NATM support code. It is unclear if all these should remain,
though ng_atmllc certainly stands alone.
Note well: FreeBSD 11 supports NATM and will continue to do so until at
least September 30, 2021. Improvements to the code in FreeBSD 11 are
certainly welcome.
Reviewed by: philip
Approved by: harti
The internal array size goes through a loop and is compared with numitems
which at its limits makes can be unreachably higher than arraysz.
Prevent an hypothetical overflow by matching the types.
MFC after: 1 week
Taking some hints from the regex variant in nvi(1) and higher-level
compiler warnings, update some types in our regex(3) implementation.
Joint work with: Kyle Evans
MFC after: 2 weeks
gctl_dump(3) is only exposed when stdio.h is #include'd first, per its
addition in r112510. The reasoning noted for the conditional "exposure"
of the function was to "limit #include pollution".
This addresses an issue I found with the documentation when looking at
bug 218809, which in turn addresses a -Wimplicit-function-declaration
compiler warning in `tools/regression/geom_gpt/test.c` (it uses
gctl_dump(3)).
MFC after: 5 weeks
Sponsored by: Dell EMC Isilon
- Use .Dv when mentioning NULL per mdoc(7).
- Reword `g_device_path`, `g_open_by_ident`, and `g_providername`'s descriptions
so they're less wordy.
- Fix a typo in `g_device_path` (can not -> cannot).
MFC after: 5 weeks
Tested with: igor, make manlint
Sponsored by: Dell EMC Isilon
Make some use of reallocarray, attempting to limit it to cases where the
parameters are unsigned and there is some theoretical chance of overflow.
MFC afer: 2 weeks
Differential Revision: https://reviews.freebsd.org/D9980
properly anyway. (Upstream has reorganized this somewhat in the mean
time, but for proper backtraces we would need llvm-symbolizer in base.)
MFC after: 3 days
I inadvertedly soubled the size of the memset without noticing the
start address had changed. The size for the memset in pt_map_thread()
shouldn't actually match the reallocarray() so undo that part of r317200.
This is a re-commit of r317201 to clarify the log.
X-MFC with: r317200
Lengths are not negative, so map_len should be unsigned. Unsign the
corresponding indexes too and bring a small use of reallocarray(3).
Reorder the memset to be consistent with the realloc: it appears we
were only clearing half the memory in pt_map_thread().
MFC after: 2 weeks
When application reads large directory, calling telldir() for each entry,
like Samba does, it creates exponential performance drop as number of
entries reach tenths to hundreds of thousands. It is caused by full search
through the internal list, that never finds matches in that scenario, but
creates O(n^2) delays. This patch optimizes that search, limiting it to
entries of the same buffer, turning time closer to O(n) in case of linear
directory scan.
PR: 218622
Reviewed by: jhb, jilles
MFC after: 2 weeks
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D10408
Unsign some variables involved in allocation as they will never be
negative anyways. Provide some bounds checking through reallocarray(3).
This is all very unlikely to have any visible effect.
Reviewed by: jamie
MFC after: 3 weeks
The maximum scale is 6 (K, M, G, T, P, E) (B is 0).
Overly large explict scales were checked correctly, but for sufficently
large numbers HN_AUTOSCALE would get to 7 resulting in an out of bounds
read.
Found with humanize_number_test and CHERI bounds checking.
Reviewed by: emaste
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D10376
When the replay window size is large than UINT8_MAX, add to the request
the SADB_X_EXT_SA_REPLAY extension header that was added in r309144.
Also add support of SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
SADB_X_EXT_SA_REPLAY, SADB_X_EXT_NEW_ADDRESS_SRC, SADB_X_EXT_NEW_ADDRESS_DST
extension headers to the key_debug that is used by `setkey -x`.
Modify kdebug_sockaddr() to use inet_ntop() for IP addresses formatting.
And modify kdebug_sadb_x_policy() to show policy scope and priority.
Reviewed by: gnn, Emeric Poupon
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D10375
of the current usermode implementation of the POSIX semaphores.
For NSEMS_MAX, return -1 without changing errno, which indicates that
the variable has no limit. Before, sysconf(3) returned parameters
queried from the ksem(9) legacy implementation, which apparently has
low defaults for NSEMS_MAX.
Reported and tested by: jbeich
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
The conditional jump can only be performed to targets up to 1MB in
either direction and does not work too well when linker places cerror
further that that from the caller. In that case linker will complain
about relocation overflows.
Reviewed by: emaste, andrew
Differential Revision: https://reviews.freebsd.org/D10305
On most architectures crt objects are compiled in a multiple-step process
so that sed can be run on the generated assembly. As the final step,
the C compiler generates an object file from the modified assembly output.
Currently this last step uses $CC with only $ACFLAGS. However, for other
uses in the tree, $ACFLAGS is meant to include assembly-specific compiler
flags that are in addition to $CFLAGS (see default .S.o rules
bsd.suffixes.mk). In particular, external toolchains may require
additional flags to select a non-default target which will be present
in CFLAGS but not ACFLAGS. To support this while still mitigating the
issue with CFLAGS described in r234502, include a modified CFLAGS that
excludes "-g" when assembling the modified assembly files.
Note that normally an assembler ($AS) is used to assemble .s flags to
object files (see bsd.suffixes.mk). However, llvm-based toolchains do
not currently have a stand-alone assembler.
Reviewed by: imp
Sponsored by: DARPA / AFRL
Differential Revision: https://reviews.freebsd.org/D10085
Start new sentences on new lines.
Sentences affected by the change are wrapped at <80 columns. Other
potentially offending lines have been left alone to reduce churn.
MFC after: 2 months
Sponsored by: Dell EMC Isilon
These functions are already referenced throughout the manpage -- this makes their
presence more apparent.
MFC after: 2 months
Sponsored by: Dell EMC Isilon
Current implementation of dosfs in libstand reads full File Allocation Table to
the RAM in the initialization code. In the extreme case of FAT32 filesystem,
this structure will take up to 256-1024 Mb of loader memory, depending on the
cluster size.
Proposed patch reduces libstands/dosfs memory requirements to 128 Kb for all
variants of dosfs filesystem. For FAT12 and FAT16 filesystems, File Allocation
Table is cached in full, as before. For FAT32, File Allocation Table is broken
into the equal blocks of 128 Kilobytes (32768 entries), and only current block
is cached.
Because per-filesystem context is now small, global FAT cache (for all
instances of dosfs filesystem) is replaced by local per-instance cache.
Submitted by: Mikhail.Kupchik_gmail.com
Reviewed by: tsoome, allanjude
Differential Revision: https://reviews.freebsd.org/D9547
While we have mechanisms in place to protect ourselves against the read
behind the disk end, there is still one corner case. As the GPT
partition table has backup table at the end of the disk, and we yet
do not know the size of the disk (if the wrong size is provided by the
firmware/bios), we need to limit the reads to avoid read ahead in such case.
Note: this update does add constant into stand.h, so the incremental build
will need to get local stand.h updated first.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D10187
These are error-checked versions of memory allocation routines used by
NetBSD code, and are being added to facilitate updates to makefs.
Reviewed by: ngie
Differential Revision: https://reviews.freebsd.org/D10291
Areas not covered still [positive functionality wise] are:
- sbuf_{clear,get,set}_flags
- sbuf_new (in particular, with fixed buffers, etc).
Some basic negative testing has been added, but more will be added in the
future.
This work was in part to validate work done by cem in r288223, and ian
before that.
MFC after: 2 months
Sponsored by: Dell EMC Isilon
These functions were added to sbuf(9) in r279992, but never
exposed to userspace. Expose them now so they can be used/tested.
MFC after: 2 months
Sponsored by: Dell EMC Isilon
Newer versions of GCC include an __ffssi2() symbol in libgcc and the
compiler can emit calls to it in generated code. This is true for at
least GCC 6.2 when compiling world for mips and mips64.
Reviewed by: jmallett, dim
Sponsored by: DARPA / AFRL
Differential Revision: https://reviews.freebsd.org/D10086
Make sure sensitive memory is properly cleared when finished with it
Reviewed by: Eric McCorkle <eric@metricspace.net>
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D9798
We have parallel NFSv2 and NFSv3 reader implementations, only configurable at
build time, defaulting to v3. Remove v2.
Reviewed by: allanjude
Approved by: allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D10206
resulting in a process dumping core in the corefile.
Also extend procstat to view select members of 'struct ptrace_lwpinfo'
from the contents of the note.
Sponsored by: Dell EMC Isilon
9899:2011 Appendix K 3.7.4.1.
Other needed supporting types, defines and constraint_handler
infrastructure is added as specified in the C11 spec.
Submitted by: Tom Rix <trix@juniper.net>
Sponsored by: Juniper Networks
Discussed with: ed
MFC after: 3 weeks
Differential revision: https://reviews.freebsd.org/D9903
Differential revision: https://reviews.freebsd.org/D10161
Part of my original reasoning as far as converting the snprintf
calls was to permit switching over from char[] to wchar_t[] in the
future, as well as futureproof in case cam_errbuf's size was ever
changed.
Unfortunately, my approach was bugged because it conflated the
number of items with the size of the buffer, instead of the number of
elements being a fixed size != 1 byte.
Use nitems(..) instead which counts the quantity of items of a specific
type, as opposed to an unqualified sizeof(..) (which assumes that the
number of characters is equal to the buffer size).
MFC after: 2 months
Noted by: cem
Sponsored by: Dell EMC Isilon
lib/libgcc_s consumes lib/libcompiler_rt/Makefile*. The NO_WERROR.gcc in
lib/libcompiler_rt/Makefile doesn't seem to have made a difference in being
able to build this, so sprinkle NO_WERROR.gcc here as well.
MFC after: 3 days
Reported by: Jenkins (FreeBSD-head-amd64-gcc)
Tested with: amd64-gcc-6.3.0 (devel/amd64-xtoolchain-gcc)
Sponsored by: Dell EMC Isilon
- kvm_close: add a testcase to verify support for errno = EINVAL / -1
(see D10065) when kd == NULL is provided to the libcall.
- kvm_geterr:
-- Add a negative testcase for kd == NULL returning "" (see D10022).
-- Add two positive testcases:
--- test the error case using kvm_write on a O_RDONLY descriptor.
--- test the "no error" case using kvm_read(3) and kvm_nlist(3) as
helper routines and by injecting a bogus error message via
_kvm_err (an internal API) _kvm_err was used as there isn't a
formalized way to clear the error output, and because
kvm_nlist always returns ENOENT with the NULL terminator today.
- kvm_open, kvm_open2:
-- Add some basic negative tests for kvm_open(3) and kvm_open2(3).
Testing positive cases with a specific
`corefile`/`execfile`/`resolver` requires more work and would require
user intervention today in order to reliably test this out.
Reviewed by: markj
MFC after: 2 months
Sponsored by: Dell EMC Isilon
Differential Revision: D10024
Sync libarchive with vendor
Vendor changes (FreeBSD-related):
- constify variables in several places
- unify platform ACL code in a single source file
- fix unused variable if compiling on FreeBSD without NFSv4 ACL support
MFC after: 3 days
X-MFC-with: 315636, 315876
This, like including ucl private headers, is useful for writing new base
system tools. Yes, anyone using these libraries shouldn't assume ABI
compatibility.
Reviewed by: bdrewery, bapt
Differential Revision: https://reviews.freebsd.org/D10123
- Add a new "qsize" parameter in audit_control and the getacqsize(3) API to
query it, allowing to set the kernel's maximum audit queue length.
- Add support to push a mapping between audit event names and event numbers
into the kernel (where supported) using new A_GETEVENT and A_SETEVENT
auditon(2) operations.
- Add audit event identifiers for a number of new (and not-so-new) FreeBSD
system calls including those for asynchronous I/O, thread management, SCTP,
jails, multi-FIB support, and misc. POSIX interfaces such as
posix_fallocate(2) and posix_fadvise(2).
- On operating systems supporting Capsicum, auditreduce(1) and praudit(1) now
run sandboxed.
- Empty "flags" and "naflags" fields are now permitted in audit_control(5).
Many thanks to Christian Brueffer for producing the OpenBSM release and
importing/tagging it in the vendor branch. This release will allow improved
auditing of a range of new FreeBSD functionality, as well as non-traditional
events (e.g., fine-grained I/O auditing) not required by the Orange Book or
Common Criteria.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, AFRL
MFC after: 3 weeks
We don't have enouch space to store full VFP context within mcontext
stucture. Due to this:
- follow i386/amd64 way and store VFP state outside of the mcontext_t
but point to it. Use the size of VFP state structure as an 'magic'
indicator of the saved VFP state presence.
- teach set_mcontext() about this external storage.
- for signal delivery, store VFP state to expanded 'struct sigframe'.
Submited by: Andrew Gierth (initial version)
PR: 217611
MFC after: 2 weeks
- in mcontext_t, rename newer used 'union __vfp' to equaly sized 'mc_spare'.
Space allocated by 'union __vfp' is too small and cannot hold full
VFP context.
- move structures defined in fp.h to more appropriate headers.
- remove all unused VFP structures.
MFC after: 2 weeks
Sync libarchive with vendor.
Vendor changes (FreeBSD-related):
- store extended attributes with extattr_set_link() if no fd is provided
- add extended attribute tests to libarchive and bsdtar
- fix tar's test_option_acls
- support the UF_HIDDEN file flag
X-MFC with: 315636
channel to a zygote process, rather than sending a function pointer or
service pointer. This avoids transfering pointers between address spaces,
which while robust in this case (due to the zygote being forked() from the
parent) is not generally a good idea, especially in the presence of
increasingly popular control-flow integrity and pointer protection
mitigation schemes. With this change, ping(8) and other sandboxed tools
using libcasper for DNS resolution now work on architectures with tagged
memory again.
Reviewed by: oshogbo
MFC after: 1 week
Sponsored by: DARPA, AFRL
*** CID 1372598: Null pointer dereferences (FORWARD_NULL)
/lib/libefivar/efivar-dp-parse.c: 3612 in UefiDevicePathLibConvertTextToDeviceNode()
Dereferencing null pointer "FromText".
When ported from Tiano core, I commented this out with an ifdef. That
was in error because we're supposed to fallback to a filepath when
nothing else patches. Instead, restore the original code, but fix
DevPathFromTextFilePath to cope with the conversion to narrow
strings. Also, fix the off-by-one error in the size of the memory it
allocates.
The off by one error is documented in Tiano core bug
https://bugzilla.tianocore.org/show_bug.cgi?id=441
CID: 1372598
Sponsored by: Netflix
Paper over a coverity issue:
*** CID 1372592: API usage errors (BAD_COMPARE)
/lib/libefivar/efivar-dp-parse.c: 2723 in DevPathFromTextiSCSI()
Truncating the result of "strcmp" to "unsigned short" may cause it
to be misinterpreted as 0. Note that "strcmp" may return an integer
besides -1, 0, or 1.
We do this by making StrCmp return either 0 or 1 for equal or
not-equal. There's a bug in the DevPathFromTextiSCSI cast of the
return value and this workaround will fix it without breaking other
users of StrCmp (all of which test for == 0).
https://bugzilla.tianocore.org/show_bug.cgi?id=440 has been filed
upstream to log this issue.
CID: 1372592
Sponsored by: Netflix
Implement a new init(8) option in /etc/ttys. If this option is present
on the entry in /etc/ttys, the entry will be active if and only if it
exists. If the name starts with a '/', it will be considered an
absolute path. If not, it will be a path relative to /dev.
This allows one to turn off video console getty that aren't present
(while running a getty on them even when they aren't the system
console). Likewise with serial ports.
It differs from onifconsole in only requiring the device exist rather
than it be listed as one of the system consoles.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D10037
If opendir succeeds but malloc fails, numitems was used uninitialized in
error handling under the 'fail' label. If it happened to have a non-zero
value, the NULL 'names' was dereferenced.
Reported by: Coverity
CIDs: 1329566, 1372625
Sponsored by: Dell EMC Isilon
to the user. There is currently no buffering, so the result may be
somewhat unpredictable if the conversation function adds a newline,
like openpam_ttyconv() does.
Clean up and simplify the environment handling code, which triggered
an inexplicable bug on some systems.
MFC after: 2 weeks
- Fix -Wunused warnings with *_native detection handlers by marking `kd`
__unused, except with arm/mips, where a slightly more complicated scheme
is required to handle the native case vs the non-native case.
- Fix -Wmissing-variable-declarations warnings by marking struct kvm_arch
objects static.
Differential Revision: D10071
MFC after: 1 week
Reviewed by: vangyzen
Tested with: WIP test code (D10024) // kgdb7121 (i386 crash/kernel on amd64)
Sponsored by: Dell EMC Isilon
Add the CLOCK_PROCESS_CPUTIME_ID and CLOCK_THREAD_CPUTIME_ID clock_id
values to the clock_gettime(2) man page. Reformat the excessively
long paragraph (sentence!) into a tag list.
Reported by: jilles in https://reviews.freebsd.org/D10020
MFC after: 3 days
Sponsored by: Dell EMC
defined in compiler-rt, but it has no option to silence its warning, so
make gcc warnings for libcompiler_rt non-fatal.
Noticed by: lwhsu
MFC after: 3 days
Return a NUL string instead of just working by accident with kvm_geterr(3)
when MALLOC_PRODUCTION is disabled (I didn't confirm the MALLOC_PRODUCTION
being enabled path).
Document the new explicit return behavior for kvm_geterr(3), as well
as the previous implicit behavior, i.e., the buffer attached to
returned via kvm_geterr(3) would be empty if a previous error hadn't been
stored in `kd`.
Differential Revision: D10022
MFC after: 1 week
Reviewed by: vangyzen
Sponsored by: Dell EMC Isilon
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
Since the uset can set dhcp.interface-mtu, we need to try to validate the
value. So we verify if the conversion to int is successful and we will not
allow to set value greater than max IPv4 packet size.
Also use snprintf for safety.
Reviewed by: allanjude, bapt
Approved by: allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D8492
Don't segfault in kvm_close(3) if provided a NULL pointer. Instead, return
-1 and set errno to EINVAL.
Document this new behavior explicitly.
MFC after: 1 week
Reviewed by: vangyzen
Sponsored by: Dell EMC Isilon
Differential Revision: D10065
This is being done to avoid potential double frees with the values.
Differential Revision: D9970
MFC after: 1 week
Reviewed by: imp
Sponsored by: Dell EMC Isilon
The failing test requires the zh_TW.Big5 locale, which is no longer
installed as of r315568.
Add a note/pointer just in case someone considers re-adding it.
Reported by: Jenkins
Sponsored by: Dell EMC Isilon
`error` is the accumulated error from previous close(2) calls.
This bug has been present since the libcall's import from 4.4BSD
Lite (r1573).
MFC after: 1 week
Noticed by: vangyzen (D10022)
Relnotes: yes
Sponsored by: Dell EMC Isilon
As noted by vangyzen, with a similar issue in D10022, the pointer portion of
the .Fa macro call is unnecessary, so remove the '*'.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
The commented out return value for kvm_getprocs(3) was misleading -- the
uncommented line is correct.
No content change
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Add a clock_nanosleep() syscall, as specified by POSIX.
Make nanosleep() a wrapper around it.
Attach the clock_nanosleep test from NetBSD. Adjust it for the
FreeBSD behavior of updating rmtp only when interrupted by a signal.
I believe this to be POSIX-compliant, since POSIX mentions the rmtp
parameter only in the paragraph about EINTR. This is also what
Linux does. (NetBSD updates rmtp unconditionally.)
Copy the whole nanosleep.2 man page from NetBSD because it is complete
and closely resembles the POSIX description. Edit, polish, and reword it
a bit, being sure to keep any relevant text from the FreeBSD page.
Reviewed by: kib, ngie, jilles
MFC after: 3 weeks
Relnotes: yes
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D10020
It is O(n) in the length of the haystack (big) string, and has special
cases for short needle (little) strings, of one to four bytes, to avoid
excessive overhead.
There are a small set of nearly trivial cases where the startup overhead
of the musl implementation makes it slightly slower -- for example, a 31
byte needle that matches the beginning of the haystack. It's faster for
non-trivial cases, and significantly so for inputs that trigger worst-
case behaviour of the previous implementation. As an example, in my
tests a 16K needle that matches the end of a 64K haystack is nearly
2000x faster with this implementation.
Reviewed by: bapt (earlier), ed (earlier)
Obtained from: musl (snapshot at commit c718f9fc)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D2601
a separator between host and port, and using strchr() to search for it.
Rewrite fetch_resolve() so it handles bracketed literals correctly, and
remove similar code elsewhere to avoid passing unbracketed literals to
fetch_resolve(). Remove #ifdef INET6 so we still parse IP literals
correctly even if we do not have the ability to connect to them.
While there, fix an off-by-one error which caused HTTP 400 errors to be
misinterpreted as redirects.
PR: 217723
MFC after: 1 week
Reported by: bapt, bz, cem, ngie
D8376 extended softfloat/hardfloat support, but used a macro that never
actually gets set except in libc and msun's Makefile.inc. So libc and libm
got built correctly, but any program including fenv.h itself assumed it was
on a hardfloat systen and emitted inline fpu instructions for
fedisableexcept() and friends.
Using __mips_soft_float makes everything work in all cases, since it's a
compiler-internal macro that is always set correctly for the target
PR: 217845
Submitted by: Dan Nelson <dnelson_1901@yahoo.com>
MFC after: 1 week
Fix the regex used to find vmprot table entries and add the missing include.
This fixes kdumps output of PFLT arguments which would previously look like:
5202 101546 ktrace PFLT 0x5ae000 0x2<><invalid>2
They now display correctly:
5202 101546 ktrace PFLT 0x5ac000 0x2<VM_PROT_WRITE>
MFC after: 1 week
I noticed after commit that kvm_dpcpu_setcpu was defined in the manpage.
Thus, the correct macro for the function reference is .Fn, not .Xr.
MFC after: 1 week
X-MFC with: r315363
Sponsored by: Dell EMC Isilon
This is being done for the following reasons:
- kvm_open(3), etc says they will return NULL.
- NULL by definition is (void*)0 per POSIX, but can be redefined,
depending on the compiler, etc.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
This change contains several negative and positive tests for:
- cam_open_device
- cam_close_device
- cam_getccb
- cam_freeccb
This also contains a test for the failure case noted in bug 217649,
i.e., O_RDWR must be specified because pass(4) requires it.
This test unfortunately cannot assume that cam-capable devices are
present, so the user must explicitly provide a device via
`test_suites.FreeBSD.cam_test_device`. In the future, a test kernel
module might be shipped, or ctl(4) might be used, as a test device
when testing out libcam, which will allow the tests to do away with
having to specify an explicit test device.
Reviewed by: asomers, ken (earlier diff)
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Differential Revision: D9928
INHERIT_ZERO is an OpenBSD feature.
When a page is marked as such, it would be zeroed
upon fork().
This would be used in new arc4random(3) functions.
PR: 182610
Reviewed by: kib (earlier version)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D427
- Add comma before and after 'e.g.'; remove surrounding parentheses
that were unnecessary after this change [1].
- Add .Mt when referencing ken and Peter Dufault's email addresses
[2].
- Sprinkle around .An use where proper [2].
Bump .Dd for the change
MFC after: 1 week
Reported by: igor [1], manlint [2]
Reviewed by: imp
Sponsored by: Dell EMC Isilon
Differential Revision: D9968
This allows me to accurately test this scenario, and for others to rely
on the behavior, instead of relying on knowledge obtained via code
inspection.
Wording borrowed from free(3).
MFC after: 1 week
Requested by: ken (D9928)
Reviewed by: imp
Sponsored by: Dell EMC Isilon
Differential Revision: D9969
libpam: extra bounds checking through reallocarray(3).
It appears to be causing brokenness when reporting PAM_* environment
variables. This requires more investigation.
Reported by: lstewart
reallocarray(3) is a non portable extension that originated in OpenBSD.
Given that it is already in FreeBSD's libc it is useful for the cases
where reallocation involves a multiplication.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D9955
- spelling: "mis-named" should be "misnamed".
- delete spaces interspersed in literal representation of
`struct cam_device` as hard-tabs separate the types and fields.
- Add commas after `e.g.`.
Reported by: igor
MFC after: 1 week
Sponsored by: Dell EMC Isilon
This is the correct markup macro, as opposed to .Va (variable names)
While here, annotate several bare references to `NULL` with .Dv.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Unsign setlen: it is local and will never be negative. Having one more bit
for growth is beneficial and it avoids a cast when it's going to be used
for allocation.
Reviewed by: ngie
MFC after: 3 days
Rename nitems to numitems: it shares the anme with an existing macro in
sys/params.h. Also initialize the value later which avoids asigning the
value if we exit early.
Reviewed by: ngie
MFC after: 3 days
ATF tests have a default WARNS of 0, unlike other usermode programs. This
change is technically a noop, but it documents that the msun tests don't
work with any warnings enabled, at least not on all architectures.
Reviewed by: ngie
MFC after: 3 weeks
Sponsored by: Spectra Logic Corporation
Differential Revision: https://reviews.freebsd.org/D9933
The clang 4.x+ upgrade now causes this testcase to fail, but
only on amd64.
More investigation will be done to determine the cause.
MFC after: 1 week
Reported by: Jenkins
PR: 217528
Sponsored by: Dell EMC Isilon
Recent changes (maybe a side-effect of the ATF-ification in r314649)
invalidate the failure expectation.
PR: 205446
MFC after: 1 week
Sponsored by: Dell EMC Isilon
This commit implements the (mostly?) Linux compatible
efidp_format_device_path and efidp_parse_device_path APIs. These are
the only APIs exposed through this library. However, they are built on
code from Tianocore's EDK2 MdePkg. They are brought in as new files
here for reasons described in FreeBSD-update.
Symbol versioning will be introduced to control what's exported from
the EDK2 code.
Some structural changes may be necessary when we move to sharing with
sys/boot/efi.
Sponsored by: Netflix
Currently are defined three scopes: global, ifnet, and pcb.
Generic security policies that IKE daemon can add via PF_KEY interface
or an administrator creates with setkey(8) utility have GLOBAL scope.
Such policies can be applied by the kernel to outgoing packets and checked
agains inbound packets after IPsec processing.
Security policies created by if_ipsec(4) interfaces have IFNET scope.
Such policies are applied to packets that are passed through if_ipsec(4)
interface.
And security policies created by application using setsockopt()
IP_IPSEC_POLICY option have PCB scope. Such policies are applied to
packets related to specific socket. Currently there is no way to list
PCB policies via setkey(8) utility.
Modify setkey(8) and libipsec(3) to be able distinguish the scope of
security policies in the `setkey -DP` listing. Add two optional flags:
'-t' to list only policies related to virtual *tunneling* interfaces,
i.e. policies with IFNET scope, and '-g' to list only policies with GLOBAL
scope. By default policies from all scopes are listed.
To implement this PF_KEY's sadb_x_policy structure was modified.
sadb_x_policy_reserved field is used to pass the policy scope from the
kernel to userland. SADB_SPDDUMP message extended to support filtering
by scope: sadb_msg_satype field is used to specify bit mask of requested
scopes.
For IFNET policies the sadb_x_policy_priority field of struct sadb_x_policy
is used to pass if_ipsec's interface if_index to the userland. For GLOBAL
policies sadb_x_policy_priority is used only to manage order of security
policies in the SPDB. For IFNET policies it is not used, so it can be used
to keep if_index.
After this change the output of `setkey -DP` now looks like:
# setkey -DPt
0.0.0.0/0[any] 0.0.0.0/0[any] any
in ipsec
esp/tunnel/87.250.242.144-87.250.242.145/unique:145
spid=7 seq=3 pid=58025 scope=ifnet ifname=ipsec0
refcnt=1
# setkey -DPg
::/0 ::/0 icmp6 135,0
out none
spid=5 seq=1 pid=872 scope=global
refcnt=1
No objection from: #network
Obtained from: Yandex LLC
MFC after: 2 weeks
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D9805
This follows another fix to bootstrap libmd after r313404. The
MD5FileChunk prototype is needed to build libmd, but it is
only reliably in the src tree's sys/md5.h header. Rather than
polluting the legacy build with this header for the entire build,
just symlink it in here for now as is done in the elftoolchain
build. Libmd is already referencing other src tree headers by
its used of CFLAGS+= ${SRCTOP}/sys/crypto/sha2. This, and
other uses of CFLAGS+= ${SRCTOP}/sys..., may later change to
be in the legacy mechanism.
Reported by: bde, ian, sjg
Tested by: ian
already complete.
Since 416 is an error code, any Content-Range header in the response
would refer to the error message, not the requested document, so
relying on the value of size when we know we got a 416 is wrong.
Instead, just verify that offset == 0 and assume that we've reached
the end of the document (if offset > 0, we did not request a range,
and the server is screwing with us). Note that we cannot distinguish
between reaching the end and going past it, but that is a flaw in the
protocol, not in the code, so we just have to assume that the caller
knows what it's doing. A smart caller would request an offset
slightly before what it believes is the end and compare the result to
what is already in the file.
PR: 212065
Reported by: mandree
MFC after: 3 weeks
Dan Krejsa reports a potential memory leak in an fts_build error case,
detected by Coverity. (It doesn't seem to show up in Coverity Scan, so I
don't have a CID to point to.)
I don't know whether it is actually possible to arrive in this case with a
non-empty 'head' list. The cost is low, though. One additional branch in a
terminal error case isn't the end of the world.
PR: 217125
Submitted by: Dan Krejsa <dan.krejsa at gmail.com>
This is being done as a precursor for work needed to annontate failing
testcases with clang 4.0+.
MFC after: 1 week
PR: 217528
Sponsored by: Dell EMC Isilon
sbuf_hexdump(9) should be linked to sbuf(9), not hexdump(3). Another
review will be posted to deduplicate the sbuf_hexdump reference in
in hexdump(3) or at the very least make the information less duplicative.
MFC after: 1 week
X-MFC with: r313437
Sponsored by: Dell EMC Isilon
Update libarchive to version 3.3.1 (and sync with latest vendor dist)
Notable vendor changes:
PR #501: improvements in ACL path handling
PR #724: fix hang when reading malformed cpio files
PR #864: fix out of bounds read with malformed GNU tar archives
Documentation, style, test suite improvements and typo fixes.
New options to bsdtar that enable or disable reading and/or writing of:
Access Control Lists (--acls, --no-acls)
Extended file flags (--fflags, --no-fflags)
Extended attributes (--xattrs, --no-xattrs)
Mac OS X metadata (Mac OS X only) (--mac-metadata, --no-mac-metadata)
MFC after: 2 weeks
4.0.0 (branches/release_40 296509). The release will follow soon.
Please note that from 3.5.0 onwards, clang, llvm and lldb require C++11
support to build; see UPDATING for more information.
Also note that as of 4.0.0, lld should be able to link the base system
on amd64 and aarch64. See the WITH_LLD_IS_LLD setting in src.conf(5).
Though please be aware that this is work in progress.
Release notes for llvm, clang and lld will be available here:
<http://releases.llvm.org/4.0.0/docs/ReleaseNotes.html>
<http://releases.llvm.org/4.0.0/tools/clang/docs/ReleaseNotes.html>
<http://releases.llvm.org/4.0.0/tools/lld/docs/ReleaseNotes.html>
Thanks to Ed Maste, Jan Beich, Antoine Brodin and Eric Fiselier for
their help.
Relnotes: yes
Exp-run: antoine
PR: 215969, 216008
MFC after: 1 month
MDSRCS it intended to allow assembly versions of funtions with C
implementations listed in MISRCS. The selection of the correct
machdep_ldis?.c for a given architecture does not follow this pattern
and the file should be added to SRCS directly.
Reviewed by: emaste, imp, jhb
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D9841
- Remove .c files which duplicate entries in MISRCS.
- Use the same, less merge conflict prone style in all cases.
- Use MDSRCS for mips (.c and .S files both ended up in SRCS).
- Remove pointless sparc64 Makefile.inc.
- Remove uninformative foreign VCS ID entries.
Reviewed by: emaste, imp, jhb
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D9841
Renumber cluase 4 to 3, per what everybody else did when BSD granted
them permission to remove clause 3. My insistance on keeping the same
numbering for legal reasons is too pedantic, so give up on that point.
Submitted by: Jan Schaumann <jschauma@stevens.edu>
Pull Request: https://github.com/freebsd/freebsd/pull/96
Also mention <time.h> in sem_timedwait(3), because POSIX does,
and because the user will need it for clockid_t, struct timespec,
and TIMER_ABSTIME.
Reported by: bde
MFC after: 9 days
X-MFC with: r314179
Sponsored by: Dell EMC
fail in the Capability mode. Instead silently fallback to the syscall
method, which is done for example in the gettimeofday(2) function.
Reviewed by: kib
The conditional in do_buff_decode(..) after the while loop was accidentally
inverted. Only increment the pointer for fmt if it's not NUL.
MFC after: 2 weeks
X-MFC with: r314189
Reported by: pstef
Sponsored by: Dell EMC Isilon
This function allows the caller to specify the reference clock
and choose between absolute and relative mode. In relative mode,
the remaining time can be returned.
The API is similar to clock_nanosleep(3). Thanks to Ed Schouten
for that suggestion.
While I'm here, reduce the sleep time in the semaphore "child"
test to greatly reduce its runtime. Also add a reasonable timeout.
Reviewed by: ed (userland)
MFC after: 2 weeks
Relnotes: yes
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D9656
"C++"', otherwise ld refuses to make the symbols global in the final
library. This causes the __int128-related symbols to go missing when
the library is stripped during installation.
Helpful hints: emaste
MFC after: 2 weeks
X-MFC-With: r314061
the same CXXABI verions as recent libstdc++.
Note that __int128 types are only available on arches where long long is
128 bit wide.
Noticed by: harti
MFC after: 2 weeks
When using libfetch in an application that drops privileges when fetching
like pkg(8) then user complain because the application does not read anymore
${HOME}/.netrc. Now a caller can prepare a fd to the said file and manually
assign it to the structure.
It is also a first step to allow to capsicumize libfetch applications
Reviewed by: allanjude, des
Approved by: des
Differential Revision: https://reviews.freebsd.org/D9678
Although fp[get][set]sticky() functions are obsolete, they are still
required for GNU fortran49 library.
MFC after: 2 months
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D9634
Due to bug[1] in libcompiler_rt, all symbols declared by
DEFINE_AEABI_FUNCTION_ALIAS() are not hidden. All these but two
are explicitly exported from libc and don't causes problems.
Remaining two, __aeabi_uidiv and __aeabi_idiv, infecting all
non-versioned shared libraries. And these symbols are consumed
by many (if not all) packages[2].
As workaround, export these from libc as compatible symbols,
in global namespace. With this, these are still visible for
rtld, but static linker doesn't use then.
[1]
DEFINE_AEABI_FUNCTION_ALIAS() macro uses '.set' directive for
declaration of aliased symbol. Unfortunately, '.set' doesn't
inherit visibility of base symbol, and macro don't explicitly
sets visibility for aliased one.
[2]
Given symbols are exported from non-versioned libraries only if
library itself uses them. So, if world is built for CPU with
HW divide, these function are not used and given symbols are
not exported. By this, contents of these libraries is not stable,
and all packages fails to run.
Note: Due to r313823 I'm forced to commit this too early, without
leave enough time for proper review.
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D9632
Now that <sys/event.h> can be included on its own, adjust the manual
page accordingly. Remove both unnecessary #include statements from the
synopsis and the example code.
While there, also add a note to the BUGS section to mention that
previous versions of this header file still depend on <sys/types.h>.
Reviewed by: ngie, vangyzen
Differential Revision: https://reviews.freebsd.org/D9605
NSS modules are loaded when nsswitch.conf is parsed and may register their
own atexit handlers with libc. nss_atexit() unloads any dynamically loaded
NSS modules, so it should run only after the modules' atexit handlers have
been invoked.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
since it is using type punning of union members, and clang does not yet
support gcc's extensions which allow this (refer to
https://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html#Type%2dpunning
for more information).
This should fix strtod(3) return values for the lang/julia port, so it
does not fail on an assertion during its build.
PR: 216770
For regular files and posix shared memory, POSIX requires that
[offset, offset + size) range is legitimate. At the maping time,
check that offset is not negative. Allowing negative offsets might
expose the data that filesystem put into vm_object for internal use,
esp. due to OFF_TO_IDX() signess treatment. Fault handler verifies
that the mapped range is valid, assuming that mmap(2) checked that
arithmetic gives no undefined results.
For device mappings, leave the semantic of negative offsets to the
driver. Correct object page index calculation to not erronously
propagate sign.
In either case, disallow overflow of offset + size.
Update mmap(2) man page to explain the requirement of the range
validity, and behaviour when the range becomes invalid after mapping.
Reported and tested by: royger (previous version)
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
The primary end-goal of this drop is ease future merges with NetBSD and
collaborate further with the NetBSD project.
The goal was (largely, not completely as some items are still oustanding
in the NetBSD GNATS system) achieved by doing the following:
- Pushing as many changes required to port contrib/netbsd-tests
back to NetBSD as possible, then pull the upstream applied changes
back in to FreeBSD.
- Diff reduce with upstream where possible by:
-- Improving libnetbsd header, etc compat glue.
-- Using _SED variables to modify test scripts on the fly for items
that could not be upstreamed to NetBSD.
As a bonus for this work, this change also introduces testcases for
uniq(1).
Many thanks to Christos for working with me to get many of the changes
back into the NetBSD project.
In collaboration with: Christos Zoulas <christos@netbsd.org>
MFC after: 1 month
Sponsored by: Dell EMC Isilon
In the end, dealing with fparseln was more bikeshed worthy than I
anticipated, and polling stdio.h with libutil.h caused me more
grief than necessary. Keeping the compat header around for no
reason other than include_next'ing the stdio.h header in FreeBSD
makes no sense.
This change is being made to diff reduce/reduce duplication in
contrib/netbsd-tests and to facilitate further porting of software from
NetBSD
Add the following headers:
- sys/event.h:
-- sys/types.h is required for kqueue on FreeBSD, but not NetBSD.
- sys/types.h:
-- NBBY is defined in sys/param.h on FreeBSD, not sys/types.h like on NetBSD.
Pull in sys/param.h to have parity with NetBSD.
- sys/wait.h:
-- Define wrusage as __wrusage for parity with NetBSD typedef.
- glob.h
-- Define __gl_stat_t as "struct stat" for parity with NetBSD typedef.
- pthread.h:
-- Pull in pthread_np.h for _np functions defined separately on FreeBSD.
Improve compatibility with NetBSD in the following headers:
- sha1.h:
-- define SHA1_CTX as SHA_CTX
-- define SHA1Final as SHA1_Final
- sha2.h:
-- #include sha384 to pick up all of the SHA 384 bit macros and definitions.
- util.h:
-- Add sys/types.h to util.h to pollute the header for types used in
flags_to_string and string_to_flags (u_long) as NetBSD doesn't require them
for the functions.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
The %t{d,u} (ptrdiff_t) tests fail for the following reasons:
- ptrdiff_t is by definition int32_t on !LP64 architectures and int64_t on
LP64 architectures.
- intmax_t is by definition fixed to int64_t on all architectures.
- Some of the code in lib/libc/stdio/... is promoting ptrdiff_t to *intmax_t
when parsing/representing the value.
PR: 191674
MFC after: 1 week
Sponsored by: Dell EMC Isilon
The reasoning here was the same as what was done in r313376:
- Gather as many results as possible instead of failing early and
not testing the rest of the cases.
- Simplify logic when checking test inputs vs outputs and printing
test result.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Don't exclude i386 from LDBL_MANT_DIG == 64; it works properly in
that case.
While here, replace strcmp + atf_tc_fail with ATF_CHECK_MSG for 2
reasons:
- Gather as many results as possible instead of failing early and
not testing the rest of the cases.
- Simplify logic when checking test inputs vs outputs and printing
test result.
Tested on: amd64, i386
MFC after: 1 week
Sponsored by: Dell EMC Isilon
- Add missing comma between functions that trigger ENOMEM error.
- Fix the description for ESRCH. The action that triggers this error is
FIND, not SEARCH (SEARCH does not exist).
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Rewrite EFI part device interface to present disk devices in more
user friendly way.
We keep list of three types of devices: floppy, cd and disk, the
visible names: fdX: cdX: and diskX:
Use common/disk.c and common/part.c interfaces to manage the
partitioning.
The lsdev -l will additionally list the device path.
Reviewed by: imp, allanjude
Approved by: imp (mentor), allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D8581
Small summary
-------------
o Almost all IPsec releated code was moved into sys/netipsec.
o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel
option IPSEC_SUPPORT added. It enables support for loading
and unloading of ipsec.ko and tcpmd5.ko kernel modules.
o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by
default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type
support was removed. Added TCP/UDP checksum handling for
inbound packets that were decapsulated by transport mode SAs.
setkey(8) modified to show run-time NAT-T configuration of SA.
o New network pseudo interface if_ipsec(4) added. For now it is
build as part of ipsec.ko module (or with IPSEC kernel).
It implements IPsec virtual tunnels to create route-based VPNs.
o The network stack now invokes IPsec functions using special
methods. The only one header file <netipsec/ipsec_support.h>
should be included to declare all the needed things to work
with IPsec.
o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed.
Now these protocols are handled directly via IPsec methods.
o TCP_SIGNATURE support was reworked to be more close to RFC.
o PF_KEY SADB was reworked:
- now all security associations stored in the single SPI namespace,
and all SAs MUST have unique SPI.
- several hash tables added to speed up lookups in SADB.
- SADB now uses rmlock to protect access, and concurrent threads
can do SA lookups in the same time.
- many PF_KEY message handlers were reworked to reflect changes
in SADB.
- SADB_UPDATE message was extended to support new PF_KEY headers:
SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They
can be used by IKE daemon to change SA addresses.
o ipsecrequest and secpolicy structures were cardinally changed to
avoid locking protection for ipsecrequest. Now we support
only limited number (4) of bundled SAs, but they are supported
for both INET and INET6.
o INPCB security policy cache was introduced. Each PCB now caches
used security policies to avoid SP lookup for each packet.
o For inbound security policies added the mode, when the kernel does
check for full history of applied IPsec transforms.
o References counting rules for security policies and security
associations were changed. The proper SA locking added into xform
code.
o xform code was also changed. Now it is possible to unregister xforms.
tdb_xxx structures were changed and renamed to reflect changes in
SADB/SPDB, and changed rules for locking and refcounting.
Reviewed by: gnn, wblock
Obtained from: Yandex LLC
Relnotes: yes
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D9352
Document AF_UNIX control messages in unix(4) only, not split between unix(4)
and recv(2).
Also, warn about LOCAL_CREDS effective uid/gid fields, since the write could
be from a setuid or setgid program (with the explicit SCM_CREDS and
LOCAL_PEERCRED, the credentials are read at such a time that it can be
assumed that the process intends for them to be used in this context).
Reviewed by: wblock
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D9298
