20067 Commits

Author SHA1 Message Date
olivier
63b6a64873 Add requiered programs (cc and c++) for some lib/atf regression tests
PR:		236889
Reviewed by:	ngie
Approved by:	emaste (on IRC)
MFC after:	1 month
Sponsored by:	Netflix
2019-04-04 20:34:17 +00:00
rgrimes
cda8035706 Use IN_foo() macros from sys/netinet/in.h inplace of handcrafted code
There are a few places that use hand crafted versions of the macros
from sys/netinet/in.h making it difficult to actually alter the
values in use by these macros.  Correct that by replacing handcrafted
code with proper macro usage.

Reviewed by:		karels, kristof
Approved by:		bde (mentor)
MFC after:		3 weeks
Sponsored by:		John Gilmore
Differential Revision:	https://reviews.freebsd.org/D19317
2019-04-04 19:01:13 +00:00
pjd
c118ff293a Implement automatic online expansion of GELI providers - if the underlying
provider grows, GELI will expand automatically and will move the metadata
to the new location of the last sector.

This functionality is turned on by default. It can be turned off with the
-R flag, but it is not recommended - if the underlying provider grows and
automatic expansion is turned off, it won't be possible to attach this
provider again, as the metadata is no longer located in the last sector.

If the automatic expansion is turned off and the underlying provider grows,
GELI will only log a message with the previous size of the provider, so
recovery can be easier.

Obtained from:	Fudo Security
2019-04-03 23:57:37 +00:00
pjd
60f9cddb6a - Add missing -T (notrim) option to the label subcommand.
- Add missing -T option in the onetime subcommand comment.

Obtained from:	Fudo Security
2019-04-03 23:50:52 +00:00
phil
11f8ca01b7 Import libxo-1.0.2
from 1.0.0:
    Add "continuation" flag, to allow multiple "xo" invocations in a single line of output (#58)
    Add --top-wrap to make top-level JSON wrappers
    Add --{open,close}-{list,instace} options
    Add xo_xml_leader(), to detect use of some bogus XML tags. It's still bad form, but it's a little safer now
    Avoid call to xo_write before xo_flush, since the latter calls the former
    Check return code from xo_flush_h properly (<0) (FreeBSD Bug 236935)
    For JSON output, avoid newline before a container's close brace (#62)
    Merge branch 'text_only' of https://github.com/zvr/libxo into zvr-text_only
    Use XO_USE_INT_RETURN_CODES, not USE_INT_RETURN_CODES
    add docs for --continuation
    add docs for --not-first
    call xo_state_set_flags before values and close containers; add XOIF_MADE_OUTPUT flag to track state; make proper empty JSON objects in xo_finish
    color_map code has to be #ifdef'd out, since the struct definition
    correct xo_flush_func_t (doesn't use xo_ssize_t)
    make depth change for --top-wrap only for JSON
    fix to handle --top-wrap in "xo" by being more consistent with handling trailing newlines
    fix to handle text-only version #64 (from zvr)
    fix xo_buf_has_room for round up to the next XO_BUFSIZ, not just add XO_BUFSIZ to the size (FreeBSD Bug 236937)
    update docs for new "xo" options
    update functions to use xo_ssize_t
    update test cases
from 1.0.1:
    Add EINTEGRITY to .pot files under test/gettext/ (fix from FreeBSD)
from 1.0.2:
    handle failure from xo_vnsprintf; don't add -1 to "rc"

PR:		236937, 236935
Submitted by:	phil
Reported by:	Alfonso S. Siciliano <alfix86@gmail.com>
MFC after:	2 weeks
2019-04-03 21:55:39 +00:00
kevans
6154830ee6 libbe(3): Add a serial to the generated snapshot names
To use bectl in an example, when one creates a new boot environment with
either `bectl create <be>` or `bectl create -e <otherbe> <be>`, libbe will
take a snapshot of the original boot environment to clone. Previously, this
used %F-%T date format as the snapshot name, but this has some limitations-
attempting to create multiple boot environments in quick succession may
collide if done within the same second.

Tack a serial onto it to reduce the chances of a collision... we could still
collide if multiple processes/threads are creating boot environments at the
same time, but this is likely not a big concern as this has only been
reported as occurring in freebsd-ci setup.

MFC after:	3 days
2019-04-03 17:04:38 +00:00
mw
7c5d4b81ab Create kernel module to parse Veriexec manifest based on envs
The current approach of injecting manifest into mac_veriexec is to
verify the integrity of it in userspace (veriexec (8)) and pass its
entries into kernel using a char device (/dev/veriexec).
This requires verifying root partition integrity in loader,
for example by using memory disk and checking its hash.
Otherwise if rootfs is compromised an attacker could inject their own data.

This patch introduces an option to parse manifest in kernel based on envs.
The loader sets manifest path and digest.
EVENTHANDLER is used to launch the module right after the rootfs is mounted.
It has to be done this way, since one might want to verify integrity of the init file.
This means that manifest is required to be present on the root partition.
Note that the envs have to be set right before boot to make sure that no one can spoof them.

Submitted by: Kornel Duleba <mindal@semihalf.com>
Reviewed by: sjg
Obtained from: Semihalf
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D19281
2019-04-03 03:57:37 +00:00
mav
66e1cda3f6 Make cam_error_print() decode NVMe commands.
MFC after:	2 weeks
2019-04-02 19:37:52 +00:00
ae
8487042261 Add IPv6 transport for bsnmp.
This patch adds a new table begemotSnmpdTransInetTable that uses the
InetAddressType textual convention and can be used to create listening
ports for IPv4, IPv6, zoned IPv6 and based on DNS names. It also supports
future extension beyond UDP by adding a protocol identifier to the table
index. In order to support this gensnmptree had to be modified.

Submitted by:   harti
MFC after:      1 month
Relnotes:       yes
Differential Revision:  https://reviews.freebsd.org/D16654
2019-04-02 12:50:01 +00:00
ngie
326f7629c8 Import proof-of-concept for handling GTEST_SKIP() in Environment::SetUp
Per the upstream pull-request [1]:

```
  gtest prior to this change would completely ignore `GTEST_SKIP()` if
  called in `Environment::SetUp()`, instead of bailing out early, unlike
  `Test::SetUp()`, which would cause the tests themselves to be skipped.
  The only way (prior to this change) to skip the tests would be to
  trigger a fatal error via `GTEST_FAIL()`.

  Desirable behavior, in this case, when dealing with
  `Environment::SetUp()` is to check for prerequisites on a system
  (example, kernel supports a particular featureset, e.g., capsicum), and
  skip the tests. The alternatives prior to this change would be
  undesirable:

  - Failing sends the wrong message to the test user, as the result of the
    tests is indeterminate, not failed.
  - Having to add per-test class abstractions that override `SetUp()` to
    test for the capsicum feature set, then skip all of the tests in their
    respective SetUp fixtures, would be a lot of human and computational
    work; checking for the feature would need to be done for all of the
    tests, instead of once for all of the tests.

  For those reasons, making `Environment::SetUp()` handle `GTEST_SKIP()`,
  by not executing the testcases, is the most desirable solution.

  In order to properly diagnose what happened when running the tests if
  they are skipped, print out the diagnostics in an ad hoc manner.

  Update the documentation to note this change and integrate a new test,
  gtest_skip_in_environment_setup_test, into the test suite.

  This change addresses #2189.

  Signed-off-by: Enji Cooper <yaneurabeya@gmail.com>
```

The goal with my merging in this change is to avoid requiring extensive
refactoring/retesting of test suites when ensuring prerequisites are met,
e.g., checking for a CAPABILITIES-enabled kernel before running capsicum-test
(see D19758 for more details).

The proof-of-concept is being imported before accepted by the upstream
project due to the fact that the upstream project is undergoing a potential
development freeze and the maintainers aren't responding to my PR.

1. https://github.com/google/googletest/pull/2203

Reported by:	asomers (https://github.com/google/googletest/issues/2189)
Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	2 months
Differential Revision:	https://reviews.freebsd.org/D19765
2019-04-01 18:07:48 +00:00
kevans
79d87e9f35 libbe: Fix zfs_is_mounted check w/ snapshots
'be_destroy' can destroy a boot environment (by name) or a given snapshot.
If the target to be destroyed is a dataset, check if it's mounted. We don't
want to check if the origin dataset is mounted when destroying a snapshot.

PR:		236043
Submitted by:	Rob Fairbanks <rob.fx907 gmail com>
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19650
2019-04-01 17:44:20 +00:00
ngie
0b0688a91c Allow users to override CSTD/CXXSTD on a per-prog basis
The current logic for CSTD/CXXSTD requires homogenity as far as the
supported C/C++ standards, which is a sensible default. However, when
dealing with differing versions of C++, some code may compile with C++11, but
not C++17 (for instance). So in order to avoid having people convert over their
code to the new standard, give the users the ability to specify the standard on
a per-program basis.

This will allow a user to override the supporting standard for a set of
programs, mixing C++11 with C++14 (for instance).

Reviewed by:	asomers
Apprved by:	emaste (mentor)
MFC after:	1 month
MFC with:	r345708
Differential Revision: https://reviews.freebsd.org/D19738
2019-03-29 18:49:08 +00:00
ngie
777d26ce52 Standardize -std=c++* as CXXSTD`
CXXSTD was added as the C++ analogue to CSTD.

CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.

This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.

As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.

Notes:

This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.

Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:

Before this commit:
```
CXXFLAGS+=	-std=c++14
```

After this commit:
```
CXXSTD=	c++14
```

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 month
MFC with:	r345203, r345704, r345705
Relnotes:	yes
Tested with:	make tinderbox
Differential Revision:	https://reviews.freebsd.org/D19732
2019-03-29 18:45:27 +00:00
ngie
c702cbc7f9 Revert r345706: the third time will be the charm
When a review is closed via Phabricator it updates the patch attached to the
review. I downloaded the raw patch from Phabricator, applied it, and repeated
my mistake from r345704 by accident mixing content from D19732 and D19738.

For my own personal sanity, I will try not to mix reviews like this in the
future.

MFC after:	1 month
MFC with:	r345706
Approved by:	emaste (mentor, implicit)
2019-03-29 18:43:46 +00:00
ngie
04346017b4 Standardize -std=c++* as CXXSTD`
CXXSTD was added as the C++ analogue to CSTD.

CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.

This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.

As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.

Notes:

This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.

Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:

Before this commit:
```
CXXFLAGS+=	-std=c++14
```

After this commit:
```
CXXSTD=	c++14
```

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 month
MFC with:	r345203, r345704, r345705
Relnotes:	yes
Tested with:	make tinderbox
Differential Revision:	https://reviews.freebsd.org/D19732
2019-03-29 18:31:48 +00:00
ngie
feb0a2664c Revert r345704
I accidentally committed code from two reviews. I will reintroduce the code to
bsd.progs.mk as part of a separate commit from r345704.

Approved by:	emaste (mentor, implicit)
MFC after:	2 months
MFC with:	r345704
2019-03-29 18:16:33 +00:00
ngie
aeeceba42b CXXSTD is the C++ analogue to CSTD.
CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.

This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.

As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.

Notes:

This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.

Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:

Before this commit:
```
CXXFLAGS+=	-std=c++14
```

After this commit:
```
CXXSTD=	c++14
```

Reviewed by:	asomers
Approved by:	emaste (mentor)
MFC after:	1 month
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D19732
2019-03-29 18:13:44 +00:00
kib
9638d3e2e6 Fix initial exec TLS mode for dynamically loaded shared objects.
If dso uses initial exec TLS mode, rtld tries to allocate TLS in
static space. If there is no space left, the dlopen(3) fails. If space
if allocated, initial content from PT_TLS segment is distributed to
all threads' pcbs, which was missed and caused un-initialized TLS
segment for such dso after dlopen(3).

The mode is auto-detected either due to the relocation used, or if the
DF_STATIC_TLS dynamic flag is set.  In the later case, the TLS segment
is tried to allocate earlier, which increases chance of the dlopen(3)
to succeed.  LLD was recently fixed to properly emit the flag, ld.bdf
did it always.

Initial test by:	dumbbell
Tested by:	emaste (amd64), ian (arm)
Tested by:	Gerald Aryeetey <aryeeteygerald_rogers.com> (arm64)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19072
2019-03-29 17:52:57 +00:00
bde
fa1364c104 Fix restoring to graphics modes in VGLEnd().
Correct restoring was only attempted for mode 258 (800x600x4 P).  (This
was the only useful graphics mode supported in the kernel until 10-15
years ago, and is still the only one explicitly documented in the man
page).  The comment says that it is the geometry (subscreen size) that
is restored, but it seems to only be necessary to restore the font
size, with the geometry only needed since it is set by the same ioctl.
The font size was not restored for this mode, but was forced to 16.

For other graphics modes, the font size was clobbered to 0.  This
confuses but doesn't crash the kernel (font size 0 gives null text).
This confuses and crashes vidcontrol.  The only way to recover was to
use vidcontrol to set the mode to any text mode on the way back to the
original graphics mode.

vidcontrol gets this wrong in the opposite way when backing out of
changes after an error.  It restores the font size correctly, but
forces the geometry to the full screen size.
2019-03-29 16:30:19 +00:00
bde
535f431830 Fix endless loops for handling SIGBUS and SIGSEGV.
r80270 has the usual wrong fix for unsafe signal handling -- just set
a flag and return to let an event loop check the flag and do safe
handling.  This never works for signals like SIGBUS and SIGSEGV that
repeat and works poorly for others unless the application has an event
loop designed to support this.

For these signals, clean up unsafely as before, except for arranging that
nested signals are fatal and forcing a nested signal if the cleanup doesn't
cause one.
2019-03-29 15:57:08 +00:00
bde
d7c2d0475b Fix races in mouse signal handling almost properly using the INTOFF/INTON
method as in /bin/sh.

We still do technically undefined things in the signal handler, but it
is safe in practice to access state that is protected by INTOFF/INTON.

In a recent commit, I sprinkled VGLMouseFrozen++/-- operations in
places that need INTOFF/INTON.  This prevented clobbering of pixels
under the mouse, but left mouse signals deferred for too long.  It is
necessary to call the signal handler when the count goes to 0.  Old
versions did this in the unfreeze function, but didn't block actual
signals, so the signal handler raced itself.  The sprinkled operations
reduced the races, but when then worked to block a race they left
signals deferred for too long.

Use INTOFF/INTON to fix complete loss of mouse signals while reading
the mouse status.  Clobbering of the state was prevented by SIG_IGN'ing
mouse signals, but that has a high overhead and broke more than it
fixed by losing mouse signals completely.  sigprocmask() works to block
signals without losing them completely, but its overhead is also too
high.

libvgl's mouse signal handling is often worse than none.  Applications
can't block waiting for a mouse or keyboard or other event, but have
to busy-wait.  The SIG_IGN's lost about half of all mouse events while
busy-waiting for mouse events.
2019-03-29 15:20:48 +00:00
bde
141773fa87 Fix VGLLine() in depths > 8.
It started truncating its color arg to 8 bits using plot() in r229415.
The version in r229415 is also more than 3 times slower in segmented
modes, by doing more syscalls to move the window.
2019-03-28 14:21:22 +00:00
bde
a7c7e5d2e7 Fix VGLGetXY(), VGLSetXY() and VGLClear() for MEMBUFs in depths > 8.
This depends on PixelBytes being properly initialized, which it is for
all bitmaps constructed by libvgl except mouse cursor bitmaps.
2019-03-28 12:28:29 +00:00
bde
e8708d1622 Oops, r345496 got the pointer args backwards for bcopy() in VGLClear for
segmented modes.

Also fix some style bugs in the 2 changed lines.  libvgl uses a very non-KNF
style with 2-column indentation with no tabs except for regressions.
2019-03-28 09:51:37 +00:00
emaste
2648698edf revert r341429 "disable BIND_NOW in libc, libthr, and rtld"
r345620 by kib@ fixed the rtld issue that caused a crash at startup
during resolution of libc's ifuncs with BIND_NOW.

PR:		233333
Sponsored by:	The FreeBSD Foundation
2019-03-28 02:12:32 +00:00
markj
562ca52ecd Fix pidfile_open(3) to handle relative paths with multiple components.
r322369's use of basename(3) was incorrect and worked by accident so
long as the pidfile path was absolute or consisted of a single
component.  Fix the basename() usage and add a regression test.

Reported by:	0mp
Reviewed by:	cem
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D19728
2019-03-27 19:40:18 +00:00
bde
9eb714978e Fix accessing pixels under the mouse cursor:
Reading of single pixels didn't look under the cursor.

Copying of 1x1 bitmaps didn't look under the cursor for either reading
or writing.

Copying of larger bitmaps looked under the cursor for at most the
destination.

Copying of larger bitmaps looked under a garbage cursor (for the Display
bitmap) when the destination is a MEMBUF.  The results are not used, so
this only wasted time and flickered the cursor.

Writing of single pixels looked under a garbage cursor for MEMBUF
destinations, as above except this clobbered the current cursor and
didn't update the MEMBUF.  Writing of single pixels is not implemented
yet in depths > 8.  Otherwise, writing of single pixels worked.  It was
the only working case for accessing pixels under the cursor.

Clearing of MEMBUFs wasted time freezing the cursor in the Display bitmap.

The fixes abuse the top bits in the color arg to the cursor freezing
function to control the function.  Also clear the top 8 bits so that
applications can't clobber the control bits or create 256 aliases for
every 24-bit pixel value in depth 32.

Races fixed:

Showing and hiding the cursor only tried to avoid races with the mouse
event signal handler for internal operations.  There are still many
shorter races from not using volatile or sig_atomic_t for the variable
to control this.  This variable also controls freezes, and has more
complicated states than before.

The internal operation of unfreezing the cursor opened a race window
by unsetting the signal/freeze variable before showing the cursor.
2019-03-27 18:03:34 +00:00
bde
4871e6f10e Fix copying of bitmaps in depths > 8. This fix is complete, except different
depths for the source and target are not supported.  The bits for higher
numbered planes (mostly for red) were either not copied or were copied to
lower numbered planes for nearby pixels.

Quick fix for creation of mouse cursor bitmaps in all depths.   This fix is
only complete for the default lightwhite cursor with a black frame.

Even the lightwhite and black colors are hard to find.  The templates
use 0xff for lightwhite, but that means brightblue in the simplest mode
(Truecolor depth 24).  Other modes are even more complicated -- they are
singly or doubly indirect throught palette(s) and changing of the palettes
by applications is supported.

Details:

Replicate the template value for Truecolor modes to fill out the target
depth (and more for depths not a multiple of 8).  Do this for every
drawing of the cursor so that it sort of works for mouse cursor bitmaps
set by applications.

Use 0xf for lightwhite in most other modes.  Only do this for the
default cursor so that it doesn't affect mouse cursor bitmaps set by
applications.  0xf mostly works because it was originally for CGA
lightwhite and is emulated using 1 or 2 indirections on EGA and VGA.
0x3f (EGA white) and 0xff (VGA black) direct palette indexes mostly
don't work since backwards compatibility inhibits or prevents them
representing lightwhite.  But 0x3f (EGA white) must be used for mode
37 (VGA_MODEX) (320x240x8 V) since this mode is closer to EGA than VGA.
2019-03-27 08:02:55 +00:00
emaste
fce16adb1c DTF_REWIND does nothing (since r247236) so retire its use
Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D19663
2019-03-26 19:35:41 +00:00
mm
436a3173ae MFV r345495:
Sync libarchive with vendor.

Relevant vendor changes:
  PR #1153: fixed 2 bugs in ZIP reader [1]
  PR #1143: ensure archive_read_disk_entry_from_file() uses ARCHIVE_READ_DISK
  Changes to file flags code, support more file flags on FreeBSD:
    UF_OFFLINE, UF_READONLY, UF_SPARSE, UF_REPARSE, UF_SYSTEM
    UF_ARCHIVE is not supported by intention (yet)

PR:		236300
MFC after:	2 weeks
2019-03-25 11:49:57 +00:00
bde
67852a43d0 Fix another type of buffer overrun for segmented modes. The buffer index
was not taken modulo the window size in VGLClear().

Segmented modes also need a kernel fix to almost work.  The ioctl to set
the window origin is broken.

These bugs are rarely problems since non-VESA modes only need
segmentation to support multiple pages but libvgl doesn't support
multiple pages and treats these modes as non-segmented, and VESA modes
are usually mapped linearly except on old hardware so they really are
non-segmented.
2019-03-25 11:48:40 +00:00
bde
603951c40e Oops, my previous commit to libvgl was missing the change of VGLSetBorder()
to match the change in its declaration.  Change the declaration back to
"byte color" since setting of the border color is not supported for more
than 256 colors.
2019-03-24 20:43:21 +00:00
bde
c8b259dea5 Fix the type of the color args for VGLMouseFreeze(), VGLBitmapPutChar(),
VGLBitmapString() and VGLSetBorder() so as to not truncate to 8 bits.

Complete the corresponding fix for VGLGetXY() and VGLPutXY() (parts
of the man page were out of date).
2019-03-24 20:36:35 +00:00
bde
59d01ed5c0 Add support for arbitrary font widths. Only multiples of 8 were supported.
Since the font format is undocumented, it is unclear how non-multiples
of 8 should be padded to bytes in the font file.  Use the same
representation as bdf text format (big- endian, with padding in the
lower bits).
2019-03-24 19:41:45 +00:00
bde
ba342886de Fix reading of pixels in (4 and 8-plane) planar modes.
There seems to be no alternative to reading each plane independently using
3 slow i/o's per plane (this delivers 8 nearby pixels, but we don't buffer
the results so run 8 times slower than necessary.

All the code for this was there, but it was ifdefed out and replaced by
simpler code that cannot work in planar modes.  The ifdefed out code
was correct except it was missing a volatile declaration, so compilers
optimized the multiple dummy reads in it to a single read.
2019-03-24 19:27:03 +00:00
bde
37338fb0d0 Fix buffer overruns in modes with color depth more than 8.
Support for 16-bit and 32-bit Truecolor modes was supposed to be
complete in r70991 of main.c and in nearby revisions for other files, but
it was broken by the overruns in most cases (all cases were the mouse
is enabled, and most cases where bitmaps are used).  r70991 also
uninintentionally added support for depths 9-15, 17-23 and 25-31.
Depth 24 was more obviously broken and its support is ifdefed out.  In
the other ranges, only depth 15 is common.  It was broken by buffer
overruns in all cases.

bitmap.c:
- the static buffer was used even when it was too small (but it was
  large enough to often work accidentally in depth 16)
- the size of the dynamically allocated buffer was too small
- the sizing info bitmap->PixelBytes was not inititialzed in the bitmap
  constructor.  It often ended up as 0 for MEMBUFs, so using it in more
  places gave more null pointer accesses.  (It is per-bitmap, but since
  conversion between bitmaps of different depths is not supported (except
  from 4 bits by padding to 8), it would work better if it were global.)

main.c:
- depths were rounded down instead of up to a multiple of 8, so PixelBytes
  was 1 too small for depths above 8 except 16, 24 and 32.
- PixelBytes was not initialized for 4-bit planar modes.  It isn't really
  used for frame buffer accesses in these modes, but needs to be 1 in
  MEMBUF images.

mouse.c:
- the mouse cursor buffers were too small.

vgl.h:
- PixelBytes was not initialized in the static bitmap constructor.  It
  should be initialized to the value for the current mode, but that is
  impossible in a static constructor.  Initialize it to -1 so as to
  fail if it is used without further initialization.

All modes that are supposed to be supported now don't crash in
nontrivial tests, and almost work.  Missing uses of PixelBytes now
give in-bounds wrong pointers instead of overruns.  Misconversions of
bitmaps give multiple miscolored mouse cursors instead of 1 white one,
and similarly for bitmaps copied through a MEMBUF.
2019-03-24 18:57:03 +00:00
bde
068eaf9a72 Fix libvgl to not always fail to initialize due to its invalid mmap()
args (neither MAP_PRIVATE nor MAP_SHARED).  It was broken in r271635
and/or r271724 by stricter checking.  The compatibility code in r271724
doesn't work for my old binaries (actually new binaries with old
libraries).

PR:		needed to test the fix for PR 162373
2019-03-24 16:47:43 +00:00
rpokala
f817f49efa Add descriptions for sysctls in kern_mib.c and sysctl.3 which lack them.
r343532 noted the difference between "hw.realmem" and "hw.physmem", which I
was previously unaware of. I discovered that neither sysctl had a
description visible via `sysctl -d', so I found where they were defined and
added suitable descriptions. While in the file, I went ahead and added
descriptions for all the others which lacked them. I also updated sysctl.3
accordingly

Reviewed by:	kib, bcr
MFC after:	1 weeks
Sponsored by:	Panasas
Differential Revision:	https://reviews.freebsd.org/D19007
2019-03-23 19:53:15 +00:00
cem
ea80586850 arc4random: Adjust example code to use uniform() API
PR:		236678
Reported by:	Andras Farkas <deepbluemistake AT gmail.com>
2019-03-21 14:45:08 +00:00
asomers
f61d24052a googletest: backport GTEST_SKIP to googletest 1.8.1
This commit backports revisions 00938b2b228f3b70d3d9e51f29a1505bdad43f1e and
59f90a338bce2376b540ee239cf4e269bf6d68ad from googletest's master branch to
our included version of googletest, which is based on 1.8.1. It adds the
GTEST_SKIP feature, which is very useful for a project like FreeBSD where
some tests depend on particular system configurations.

Reviewed by:	ngie
Obtained from:	github.com/google/googletest
MFC after:	2 months
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/rS345331
2019-03-20 23:15:58 +00:00
asomers
1215d8a08b Rename fuse(4) to fusefs(4)
This makes it more consistent with other filesystems, which all end in "fs",
and more consistent with its mount helper, which is already named
"mount_fusefs".

Reviewed by:	cem, rgrimes
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D19649
2019-03-20 21:48:43 +00:00
dim
b6343a9567 Pull in r352826 from upstream lld trunk (by Fangrui Song):
[ELF] Support --{,no-}allow-shlib-undefined

  Summary:
  In ld.bfd/gold, --no-allow-shlib-undefined is the default when
  linking an executable. This patch implements a check to error on
  undefined symbols in a shared object, if all of its DT_NEEDED entries
  are seen.

  Our approach resembles the one used in gold, achieves a good balance
  to be useful but not too smart (ld.bfd traces all DSOs and emulates
  the behavior of a dynamic linker to catch more cases).

  The error is issued based on the symbol table, different from
  undefined reference errors issued for relocations. It is most
  effective when there are DSOs that were not linked with -z defs (e.g.
  when static sanitizers runtime is used).

  gold has a comment that some system libraries on GNU/Linux may have
  spurious undefined references and thus system libraries should be
  excluded (https://sourceware.org/bugzilla/show_bug.cgi?id=6811). The
  story may have changed now but we make --allow-shlib-undefined the
  default for now. Its interaction with -shared can be discussed in the
  future.

  Reviewers: ruiu, grimar, pcc, espindola

  Reviewed By: ruiu

  Subscribers: joerg, emaste, arichardson, llvm-commits

  Differential Revision: https://reviews.llvm.org/D57385

Pull in r352943 from upstream lld trunk (by Fangrui Song):

  [ELF] Default to --no-allow-shlib-undefined for executables

  Summary:
  This follows the ld.bfd/gold behavior.

  The error check is useful as it captures a common type of ld.so
  undefined symbol errors as link-time errors:

      // a.cc => a.so (not linked with -z defs)
      void f(); // f is undefined
      void g() { f(); }

      // b.cc => executable with a DT_NEEDED entry on a.so
      void g();
      int main() { g(); }

      // ld.so errors when g() is executed (lazy binding) or when the program is started (-z now)
      // symbol lookup error: ... undefined symbol: f

  Reviewers: ruiu, grimar, pcc, espindola

  Reviewed By: ruiu

  Subscribers: llvm-commits, emaste, arichardson

  Tags: #llvm

  Differential Revision: https://reviews.llvm.org/D57569

Together, these add support for --no-allow-shlib-undefined, and make it
the default for executables, so they will fail to link if any symbols
from needed shared libraries are undefined.

Reported by:	jbeich
PR:		236062, 236141
MFC after:	1 month
X-MFC-With:	r344779
2019-03-20 20:57:11 +00:00
dim
908ef42db7 Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
8.0.0 final release r356365.  There were no functional changes since the
most recent merge, of 8.0.0 rc5.

Release notes for llvm, clang, lld and libc++ 8.0.0 are now available:

https://llvm.org/releases/8.0.0/docs/ReleaseNotes.html
https://llvm.org/releases/8.0.0/tools/clang/docs/ReleaseNotes.html
https://llvm.org/releases/8.0.0/tools/lld/docs/ReleaseNotes.html
https://llvm.org/releases/8.0.0/projects/libcxx/docs/ReleaseNotes.html

PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-20 19:18:26 +00:00
dim
8bfcb839fd Enable building libomp.so for 32-bit x86. This is done by selectively
enabling the functions that save and restore MXCSR, since access to this
register requires SSE support.

Note that you may run into other issues with OpenMP on i386, since this
*not* yet supported upstream, and certainly not extensively tested.

PR:		236062, 236582
MFC after:	1 month
X-MFC-With:	r344779
2019-03-18 21:04:28 +00:00
dim
4b26eab0c6 Remove --as-needed from the linker flags for libomp.so, as these
actually prevent the transitive dependency on libm.

Reported by:	jbeich
PR:		236062, 236581
MFC after:	1 month
X-MFC-With:	r344779
2019-03-18 19:56:00 +00:00
dim
fdfe051110 Also explicitly link libomp.so against -lm, as it transitively depends
on scalbn and a few other math functions, via libcompiler-rt.  This
should allow OpenMP programs to link with BFD linkers too.

Reported by:	jbeich
PR:		236062, 236581
MFC after:	1 month
X-MFC-With:	r344779
2019-03-18 19:11:11 +00:00
dim
ad625eb486 Explicitly link libomp.so against -lpthread, as it depends on pthread
functionality.  This should make example OpenMP programs work out of the
box.

Reported by:	jbeich
PR:		236062, 236581
MFC after:	1 month
X-MFC-With:	r344779
2019-03-17 11:27:27 +00:00
dim
9bc552afe9 Disable lib/libomp build for the 32-bit part of amd64 buildworld, as it
is not supported for that target.

Reported by:	Michael Butler <imb@protected-networks.net>
PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-16 17:55:22 +00:00
dim
4c7b570576 Connect lib/libomp to the build.
* Set MK_OPENMP to yes by default only on amd64, for now.
* Bump __FreeBSD_version to signal this addition.
* Ensure gcc's conflicting omp.h is not installed if MK_OPENMP is yes.
* Update OptionalObsoleteFiles.inc to cope with the conflicting omp.h.
* Regenerate src.conf(5) with new WITH/WITHOUT fragments.

Relnotes:	yes
PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-16 15:45:15 +00:00
dim
ac90eb90b3 Add lib/libomp, with a Makefile, and generated configuration headers.
Not connected to the main build yet, as there is still the issue of the
GNU omp.h header conflicting with the LLVM one.  (That is, if MK_GCC is
enabled.)

PR:		236062
MFC after:	1 month
X-MFC-With:	r344779
2019-03-16 15:01:36 +00:00