unifdef(1): Improve worst-case bound on symbol resolution
Use RB_TREE to make some algorithms O(lg N) and O(N lg N) instead of O(N)
and O(N^2).
While here, remove arbitrarily limit on number of macros understood.
Reverts r354877 and r354878, which disabled the (correct) test.
PR: 242095
Reported by: lwhsu
Use RB_TREE to make some algorithms O(lg N) and O(N lg N) instead of O(N)
and O(N^2). Because N is typically small and the former linear array also has
great constant factors (as a property of CPU caching), this doesn't provide
material benefit most or all of the time.
While here, remove arbitrarily limit on number of macros understood.
Otherwise small quantities look nonsensical. For instance, when
swapping in a single page we would print "4096 In".
Fix code indentation while here.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
The igmp stats tend to print two lines of warning for an unexpected
version and length. Despite an invalid version and struct size it
continues to try to do something with the data. Do not try to parse
the remainder of the struct and error on warning.
Note the underlying issue of the data not being available properly
is still there and needs to be fixed seperately.
Reported by: test cases, lwhsu
MFC after: 3 weeks
The code for "netstat -gs -f inet" failed if the kernel namelist did not
include the _mrtstat symbol. However, that symbol is not in a standard
kernel even with the ip_mroute module loaded, where the functionality is
available. It is also not in a kernel with MROUTING but also VIMAGE, as
there can be multiple sets of stats. However, when running the command
on a live system, the symbol is not used; a sysctl is used. Go ahead
and try the sysctl in any case, and complain that IPv4 MROUTING is not
present only if the sysctl fails with ENOENT. Also fail if _mrtstat is
not defined when running on a core file; netstat doesn't know about vnets,
so can only work if MROUTING was included, and VIMAGE was not.
Reviewed by: bz
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22311
If cu reads an EOF on the input side, it goes into a tight loop
sending a garbage byte to the remote. With this change, it exits
gracefully, along with its child.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
The few columns that are not humanized are usually 0. This makes
the output mostly aligned.
Reviewed by: allanjude
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D22185
Alter bsd.compat.mk to set MACHINE and MACHINE_ARCH when included
directly so MD paths in Makefiles work. In the process centralize
setting them in LIBCOMPATWMAKEENV.
Alter .PATH and CFLAGS settings in work when the Makefile is included.
While here only support LIB32 on supported platforms rather than always
enabling it and requiring users of MK_LIB32 to filter based
TARGET/MACHINE_ARCH.
The net effect of this change is to make Makefile.libcompat only build
compatability libraries.
Changes relative to r354449:
Correct detection of the compiler type when bsd.compat.mk is used
outside Makefile.libcompat. Previously it always matched the clang
case.
Set LDFLAGS including the linker emulation for mips where -m32 seems to
be insufficent.
Reviewed by: imp, kib (origional version in r354449)
Obtained from: CheriBSD (conceptually)
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22251
With the -0 option added to ENV(1), some ports will no longer require genv
from sysutils/coreutils.
Reviewed by: kevans (prior version), swills
Approved by: bcr (manpages), imp
Differential Revision: https://reviews.freebsd.org/D22230
Alter bsd.compat.mk to set MACHINE and MACHINE_ARCH when included
directly so MD paths in Makefiles work. In the process centralize
setting them in LIBCOMPATWMAKEENV.
Alter .PATH and CFLAGS settings in work when the Makefile is included.
While here only support LIB32 on supported platforms rather than always
enabling it and requiring users of MK_LIB32 to filter based
TARGET/MACHINE_ARCH.
The net effect of this change is to make Makefile.libcompat only build
compatability libraries.
Reviewed by: imp, kib
Obtained from: CheriBSD (conceptually)
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22251
- move from "oxtradoc" to RST/Sphinx documentation
- new "csv" encoder, which allows path and leaf lists
- address warnings from PVS-Stdio tool
- add "xolint" detected errors to the documentation
We have a bad habit of duplicating contents of files that are sourced from
/dev/null and applied more than once... take the more sane (in most ways)
GNU route and complain if the file exists and offer reversal options.
This still falls short a little bit as selecting "don't reverse, apply
anyway" will still give you duplicated file contents. There's probably other
issues as well, but awareness is the first step to happiness.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D21535
In nearly all cases, the caller has a uintptr_t compatible argument so
this eliminates a large number of casts.
Add a print_pointer function to centralize printing pointers.
Reviewed by: jhb
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22212
Some dts are including dtsi that also contain a /dts-v1/ tag at the
top. GNU DTC doesn't seems to have a problem with that so fix our
dtc to behave the same.
Reviewed by: kevans
MFC after: 1 week
when variance is small relative to data points.
Now [0, 1, 2] shows same standard deviation as [10000000000000, ...1, ...2]
Also: Various nitpickery from my own tree.
Traditionally, toolchain components such as cc, as, and ld have been
built as static executables. The WITH_SHARED_TOOLCHAIN option from
src.conf(5) is meant to link these as regular executables, e.g. using
shared libraries.
The build of ld.lld did not yet check this option. Fix the Makefile so
it will do so now.
Reported by: Mike Cui <cuicui@gmail.com>
PR: 241257
MFC after: 3 days
Limit argmax to an absurdly large value prevent overflow (no overflow
possible on FreeBSD due to ARG_MAX).
In CheriBSD we exceed the 19 non-NULL arguments in the static array. Add
a simple size doubling allocator and increase the default to 32.
GC remnants of support for fixed arguments.
Reviewed by: archardson (prior version), James Clarke (prior version)
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21971
Summary: Add trivial 32-bit arm cores on aarch64 support for gcore. This
doesn't handle fpregs.
Reviewed by: #arm, andrew
Sponsored by: Juniper Networks, Inc
Differential Revision: https://reviews.freebsd.org/D21947
This warning (comparing a pointer against a zero character literal
rather than NULL) has existed since GCC 7.1.0, and was recently added to
Clang trunk.
Almost all of these are harmless, except for fwcontrol's str2node, which
needs to both guard against dereferencing a NULL pointer (though in
practice it appears none of the callers will ever pass one in), as well
as ensure it doesn't parse the empty string as node 0 due to strtol's
awkward interface.
Submitted by: James Clarke <jtrc27@jrtc27.com>
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21914
r265408 renamed tcps_rcvmemdrop to tcps_rcvreassfull and gave it a more
specific description. r279122 (libxo-ification) reverted that change.
This commit brings it back, but with a small tweak to the description.
MFC after: 2 weeks
Various bits in usr.bin/clang/* will fail to compile without -mxgot due to
truncated relocations. -mxgot entails a speed penalty, but I suspect we
don't care as much about compiler performance in 32-bit mips land.
Reviewed by: arichardson
Differential Revision: https://reviews.freebsd.org/D21698
The regexec function is declared as taking an array of regmatch_t
elements, and passing in the pointer to singleton element, while
correct, triggers a Coverity warning. Convert the singleton into
an array of one to silence the warning.
Reported by: Coverity
Coverity CID: 1009732, 1009733
MFC after: 2 weeks
This uses the same logic as with the -s option, first validating the
entered value, then storing the result in a struct timeval.
MFC after: 3 days
X-MFC-With: r352818
In r334906, the -s option was changed to allow fractional times, but
this only functioned correctly for batch mode. In interactive mode, any
delay below 1.0 would get floored to zero. This would put top(1) into a
tight loop, which could be difficult to interrupt.
Fix this by storing the -s option value (after validation) into a struct
timeval, and using that struct consistently for delaying with select(2).
Next up is to allow interactive entry of a fractional delay value.
MFC after: 3 days
The description talks about 'number', while the final argument was
'count'. Since 'count' is already used for the count of displays,
change the final argument name to 'number'.
MFC after: 3 days
Add an atomic shm rename operation, similar in spirit to a file
rename. Atomically unlink an shm from a source path and link it to a
destination path. If an existing shm is linked at the destination
path, unlink it as part of the same atomic operation. The caller needs
the same permissions as shm_unlink to the shm being renamed, and the
same permissions for the shm at the destination which is being
unlinked, if it exists. If those fail, EACCES is returned, as with the
other shm_* syscalls.
truss support is included; audit support will come later.
This commit includes only the implementation; the sysent-generated
bits will come in a follow-on commit.
Submitted by: Matthew Bryan <matthew.bryan@isilon.com>
Reviewed by: jilles (earlier revision)
Reviewed by: brueffer (manpages, earlier revision)
Relnotes: yes
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D21423
Introduce a new add_off_t static function that exits with an error
message if there's an overflow, otherwise returns their sum. Use this
when adding values obtained from the input patch.
Reviewed by: delphij, allanjude (earlier)
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D7897
When an empty pattern is encountered in the pattern list, I had previously
broken bsdgrep to count that as a "match all" and ignore any other patterns
in the list. This commit rectifies that mistake, among others:
- The -v flag semantics were not quite right; lines matched should have been
counted differently based on whether the -v flag was set or not. procline
now definitively returns whether it's matched or not, and interpreting
that result has been kicked up a level.
- Empty patterns with the -x flag was broken similarly to empty patterns
with the -w flag. The former is a whole-line match and should be more
strict, only matching blank lines. No -x and no -w will will match the
empty string at the beginning of each line.
- The exit code with -L was broken, w.r.t. modern grep. Modern grap will
exit(0) if any file that didn't match was output, so our interpretation
was simply backwards. The new interpretation makes sense to me.
Tests updated and added to try and catch some of this.
This misbehavior was found by autoconf while fixing ports found in PR 229925
expecting either a more sane or a more GNU-like sed.
MFC after: 1 week
The way jot(1) defaults missing arguments doesn't match the behaviour
described in the manpage, which states that with fewer than 3 arguments
missing values are supplied from left to right.
In fact, with one or two arguments, the last (s which is step size or seed)
defaults to 1 (or -1 if begin and end specify a descending range), and then
omitted arguments are set to default starting with the leftmost until three
arguments are available.
This is why `jot 2 1000` prints 1000 and 1001 instead of 1000 and 100.
PR: 135475
Submitted by: Jonathan McKeown <j.mckeown@ru.ac.za>
Approved by: doc (bcr)
Differential Revision: https://reviews.freebsd.org/D21736
Event: EuroBSDcon 2019
to a clnt_create() call even when it is actually a program
version mismatch.
Normally the server is supposed to return RPC_PROGVERSMISMATCH
when it supports the specified program but not support
the specified version. Some filers return RPC_PROGNOTREGISTERED
to RQUOTA v2 calls and FreeBSD does not retry with the old
v1 calls. This change fixes this failure scenario.
Submitted by: Jian-Bo Liao
PR: 236179
- make abday, day, abmon, mon, am_pm output quoting match linux
- workaround localeconv() issue for mon_grouping and grouping (PR172215)
- for other values not available in default locale, output -1 instead of
127 (CHAR_MAX) as returned by localeconv()
With these changes, output of `locale` and `locale -k` for all keywords
specified by POSIX exactly matches the linux one.
PR: 237752
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D21599
All of these are defined as mandatory by POSIX.
While here, mark all non-standard ones as FreeBSD-only as
other systems (at least, GNU/Linux and illumos) do not handle
them, so we should not encourage their use.
PR: 237752
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D21490
In FreeBSD 11 along with the rework on the collation, mklocale(1) and colldef(1)
has been replaced by localedef(1) (a note has been added to the manpage to state
it).
mklocale(1) and colldef(1) has been kept around to be able to build older
versions of FreeBSD. None of the version requiring those tools are supported
anymore so it is time to remove them from base
o Do not run any iconv() processing in -a. The locale of root user is not
what is desired by most of the users who receive their calendar mail.
Just assume that users store their calendars in a format that is readable
to them. This fixes regression from r344340.
o fork() and setusercontext(LOGIN_SETALL) for every user. This makes LANG
set inside a calendar file mostly excessive, as we will pick up user's
login class LANG.
o This also executes complex function cal() that parses user owned files
with appropriate user privileges.
Previously it was run with privileges dropped only temporary for execution
of cal(), and fully dropped only before invoking sendmail (see r22473).
Reviewed by: bapt (older version of patch)
patch by espie@
replace sloppy parsing of numeric values with strtonum (incr, decr, divert)
still use integers, so use the natural bounds for these.
POSIX says m4 should error when these use non numeric values, and now they
do.
okay millert@
Obtained from: OpenBSD
by espie@
ifelse is special, fix argv parsing to avoid segfault
problem noticed by Matthew Green (netbsd), slightly different fix
so that argc counting makes more sense.
we might want to warn on wrong number of parameters later, but this is
somewhat inconsistent depending on the builtin right now.
okay millert@
Obtained from: OpenBSD
Add -E flag (make warnings fatal), following the behavior of GNU m4 1.4.9+
Help and direction millert@ espie@ anton@ deraadt@
ok espie@
Obtained from: OpenBSD
To remain compatible with GNU patch, we should ensure that once we're
removing empty files after a reversed /dev/null patch we don't remove files
that have been modified. GNU patch leaves these intact and just reverses the
hunk that created the file, effectively implying --remove-empty-files for
reversed /dev/null patches.
All of them are needed to be able to boot to single user and be able
to repair a existing FreeBSD installation so put them directly into
FreeBSD-runtime.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21503
Summary:
- basic: test application of patches created by diff -u at the
beginning/middle/end of file, which have differing amounts of context
before and after chunks being added
- limited_ctx: stems from PR 74127 in which a rogue line was getting added
when the patch should have been rejected. Similar behavior was
reproducible with larger contexts near the beginning/end of a file. See
r326084 for details
- file_creation: patch sourced from /dev/null should create the file
- file_nodupe: said patch sourced from /dev/null shouldn't dupe the contents
when re-applied (personal vendetta, WIP, see comment)
- file_removal: this follows from nodupe; the reverse of a patch sourced
from /dev/null is most naturally deleting the file, as is expected based
on GNU patch behavior (WIP)
Some of the procstat tests start a program "while1" and examine the process
using procstat, but did not wait properly for it to start (kill -0 will
succeed immediately after the child process has been created).
Instead, have "while1" write something when it starts, and use a fifo to
wait for that.
PR: 233587, 233588
Reviewed by: ngie
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D21519
These will be expanded later as I come up with good test cases; for now,
these seem to be enough to trigger bugs in base gnugrep and expose missing
features in bsdgrep.
The libxo xml feature of adding an annotation with the "original"
address from the utmpx file if it is different than the final "from"
field was broken by r351379. This was pointed out by the gcc error
that save_p might be used uninitialized. Save the original address
as needed in each entry, don't just use the last one from the previous
loop.
Reviewed by: marcel@
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D21390
Ouput format of last(1) is broken for non UTF-8 locales
since it got libxo(3) support. It uses strftime(3) that produces
non UTF-8 strings passed to xo_emit(3) with wrong %s format -
it should be %hs in this case, so xo_emit(3) produces empty output.
This change is basically no-op when locale is of UTF-8 type,
f.e. en_GB.UTF-8 or ru_RU.UTF-8 or sr_RS.UTF-8@latin.
It fixes output for other locales.
MFC after: 2 weeks
After r351379 save_p may be used uninitialized. Set it to NULL before
first assignment so that a later NULL check will work correctly.
Reported by: CI system for gcc platforms
MFC after: 1 week
X-MFC with: 351379 (karels)
It's nice to be able to display a full IPv6 host address if
needed, but it's also nice to display more than 3 characters of a command
line. Compute the needed size for the FROM column in an earlier pass,
and determine the maximum, then print what fits for the command.
Reviewed by: marcel@ (markm@ previous revision)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D21211
On arm64, riscv, and s390x disable building of aout components.
This allows gprof to build on these architectures which never supported
the legacy a.out binary format.
Obtained from: s390x branch
MFC after: 3 months
The Zstd format bumps the CLOOP major number to 4 to avoid incompatibility
with older systems. Support in geom_uzip(4) is conditional on the ZSTDIO
kernel option, which is enabled in amd64 GENERIC, but not all in-tree
configurations.
mkuzip(8) was modified slightly to always initialize the nblocks + 1'th
offset in the CLOOP file format. Previously, it was only initialized in the
case where the final compressed block happened to be unaligned w.r.t.
DEV_BSIZE. The "Fake" last+1 block change in r298619 means that the final
compressed block's 'blen' was never correct unless the compressed uzip image
happened to be BSIZE-aligned. This happened in about 1 out of every 512
cases. The zlib and lzma decompressors are probably tolerant of extra trash
following the frame they were told to decode, but Zstd complains that the
input size is incorrect.
Correspondingly, geom_uzip(4) was modified slightly to avoid trashing the
nblocks + 1'th offset when it is known to be initialized to a good value.
This corrects the calculated final real cluster compressed length to match
that printed by mkuzip(8).
mkuzip(8) was refactored somewhat to reduce code duplication and increase
ease of adding other compression formats.
* Input block size validation was pulled out of individual compression
init routines into main().
* Init routines now validate a user-provided compression level or select
an algorithm-specific default, if none was provided.
* A new interface for calculating the maximal compressed size of an
incompressible input block was added for each driver. The generic code
uses it to validate against MAXPHYS as well as to allocate compression
result buffers in the generic code.
* Algorithm selection is now driven by a table lookup, to increase ease of
adding other formats in the future.
mkuzip(8) gained the ability to explicitly specify a compression level with
'-C'. The prior defaults -- 9 for zlib and 6 for lzma -- are maintained.
The new zstd default is 9, to match zlib.
Rather than select lzma or zlib with '-L' or its absense, respectively, a
new argument '-A <algorithm>' is provided to select 'zlib', 'lzma', or
'zstd'. '-L' is considered deprecated, but will probably never be removed.
All of the new features were documented in mkuzip.8; the page was also
cleaned up slightly.
Relnotes: yes
While here:
- Remove deprecated Tn macros.
- Do not use macros with the -width option.
Reviewed by: bcr
Approved by: doc (bcr)
Differential Revision: https://reviews.freebsd.org/D21173
- Use keyed-md5 and keyed_sha1 instead of md5 and sha1 to match
the names accepted by setkey and to also avoid confusion since
these are not "plain" MD5 or SHA1.
- Remove always-true #ifdef's to make the source a bit easier to
read.
- Add missing mappings for tcp-md5, camellia-cbc, and aes-gmac.
MFC after: 2 weeks
Sponsored by: Chelsio Communications
- UMA_XDOMAIN enables an additional per-cpu bucket for freed memory that
was freed on a different domain from where it was allocated. This is
only used for UMA_ZONE_NUMA (first-touch) zones.
- UMA_FIRSTTOUCH sets the default UMA policy to be first-touch for all
zones. This tries to maintain locality for kernel memory.
Reviewed by: gallatin, alc, kib
Tested by: pho, gallatin
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D20929
Rename the variable for the in6_addr from in6p to ia6 to follow the
convention generally used in FreeBSD.
No functional changes.
MFC after: 3 months
Sponsored by: Netflix
nfsstat -s prints bogus large numbers for the Server Re-Failed and Server
Faults fields. This was introduced by r328588.
Although I know nothing about libxo, these lines aren't titles and this
patch seems to fix the problem, so I am committing it for rea@ who emailed
it to me.
It also deleted the trailing ':' from the title lines, since those were not
in the pre-r328588 output.
If there is a more correct fix, someone conversant with libxo will need
to do so.
Submitted by: rea
MFC after: 2 weeks
Update login(1), its manual pages, similar utilities, and motd.5 to refer to
the new location.
Suggested by: delphij@ (re: r349256)
Reviewed by: bcr (manpages), delphij
Differential Revision: https://reviews.freebsd.org/D20721
Move the dpv related files from FreeBSD-runtime to a new package named
FreeBSD-dpv
The only consumer is bsdinstall which is already in it's own package.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20960
Move the bluetooth related files from FreeBSD-runtime to a new package named
FreeBSD-bluetooth
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and bluetooth isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20959
This removes all of the architecture-specific functions from truss.
A per-ABI structure is still needed to map syscall numbers to names
and FreeBSD errno values to ABI error values as well as hold syscall
counters. However, the linker set of ABI structures is now replaced
with a simple table mapping ABI names to structures. This approach
permits sharing the same ABI structure among separate names such as
i386 a.out and ELF binaries as well as ELF v1 vs ELF v2 for powerpc64.
A few differences are visible due to using PT_GET_SC_RET to fetch the
error value of a system call. Note that ktrace/kdump have had the
"new" behaviors for a long time already:
- System calls that return with EJUSTRETURN or ERESTART will now be
noticed and logged as such. Previously sigreturn (which uses
EJUSTRETURN) would report whatever random value was in the register
holding errno from the previous system call for example. Now it
reports EJUSTRETURN.
- System calls that return errno as their error value such as
posix_fallocate() and posix_fadvise() now report non-zero return
values as errors instead of success with a non-zero return value.
Reviewed by: kib
MFC after: 1 month
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D20963
We remove IPSEC only in parts of the tree, and not others. RELEASE_CRUNCH to
disable it has not kept up with all its uses. Remove it. Should there be a real
need to disable IPSEC, one that hasn't shown up in the base system to date,
it can be re-added behind a WITHOUT_IPSEC build option.
Stop defining SMALLER. Since we replaced cpio with libarchive version,
there's no options to make it smaller. Also, the comment about the
FreeBSD installer is obsolete. Remove them both.
After r348611 the kernel's build-ID is available via sysctl. Add a -b flag
to uname to report it.
Submitted by: Ali Mashtizadeh <ali_mashtizadeh.com>
Reviewed by: markj, imp
Relnotes: Yes
Event: Waterloo Hackathon 2019
Differential Revision: https://reviews.freebsd.org/D20511
vtfontcvt: improve .bdf validation
Previously if we had a FONTBOUNDINGBOX or DWIDTH entry that had missing
or invalid values and and failed sscanf, we would proceeded with
partially initialized bounding box / device width variables.
Reported by: afl (FONTBOUNDINGBOX)
MFC with: r349100
Sponsored by: The FreeBSD Foundation
NANDFS has been broken for years. Remove it. The NAND drivers that
remain are for ancient parts that are no longer relevant. They are
polled, have terrible performance and just for ancient arm
hardware. NAND parts have evolved significantly from this early work
and little to none of it would be relevant should someone need to
update to support raw nand. This code has been off by default for
years and has violated the vnode protocol leading to panics since it
was committed.
Numerous posts to arch@ and other locations have found no actual users
for this software.
Relnotes: Yes
No Objection From: arch@
Differential Revision: https://reviews.freebsd.org/D20745
Previously if we had a FONTBOUNDINGBOX or DWIDTH entry that had missing
or invalid values and and failed sscanf, we would proceeded with
partially initialized bounding box / device width variables.
Reported by: afl (FONTBOUNDINGBOX)
MFC with: r349100
Sponsored by: The FreeBSD Foundation
Previously if we had a BBX entry that had invalid values (e.g. bounding
box outside of font bounding box) and failed sscanf (e.g., because it
had fewer than four values) we skipped the BBX value validation and then
triggered an assertion failure.
Reported by: afl
MFC with: r349100
Event: Berlin Devsummit 2019
Sponsored by: The FreeBSD Foundation
Previously we would crash if the BBX y-offset was outside of the font
bounding box.
Reported by: afl
MFC with: r349100
Event: Berlin Devsummit 2019
Sponsored by: The FreeBSD Foundation
I believe this case could be triggered by a broken .bdf font.
PR: 205707
Reported by: ci.freebsd.org
MFC with: 349100
Event: Berlin Devsummit 2019
Sponsored by: The FreeBSD Foundation
Sync libarchive with vendor.
Relevant vendor changes:
- check_symlinks_fsobj() without chdir() and fchdir()
- bsdtar.1 manpage fixes
- patches from OpenBSD to libarchive_fe/passphrase.c
- version bumped to 3.4.0
MFC after: 2 weeks
The two most recent additions to the elf auxiliary vector are
HWCAP and HWCAP2 which describe platform specific cpu capabilities.
Make procstat recognize these fields so that they aren't displayed
as UNKNOWN.
Reviewed by: trociny, markj
Approved by: markj (mentor)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D20582
The freopen(3) was replaced with fileargs_open(3) and fclose(3).
In the following function, we skip if the stream is standard in, so it is
safe to do so.
This also requires us to change the logic first to open the file and then
check its status. The stat(2) is disallowed in capability mode.
This commit unbrakes the -F option.
The bug was introduced in the r348708.
Reported by: pho
Tested by: pho
The kernel has a limit of 131072 glyphs in a font; add the same check to
vtfontcvt so that we won't create a font file that the kernel will not
load.
PR: 205707
Submitted by: Dmitry Wagin
MFC after: 2 weeks
To facilitate experimentation with LTO we require an ar that supports
LLVM IR, and to a lesser degree also an nm. As a first step always
install llvm-ar and llvm-nm.
Sponsored by: The FreeBSD Foundation
install -> ${INSTALL}
mtree -> ${MTREE_CMD}
services_mkdb -> ${SERVICES_MKDB_CMD}
cap_mkdb -> ${CAP_MKDB_CMD}
pwd_mkdb -> ${PWD_MKDB_CMD}
kldxref -> ${KLDXREF_CMD}
If you do custom FreeBSD builds you may want to override those
in some cases.
Sponsored by: Sippy Software, Inc.
ASAN reports become a lot more useful with llvm-symbolizer in $PATH, and the
build is not much more time-consuming. The added benefit is that the
resulting reports will actually include symbol information; without, thread
trace information includes a bunch of addresses that immediately resolve to
an inline function in
^/contrib/compiler-rt/lib/sanitizer_common/sanitizer_common.h and take a
little more effort to examine.
Reviewed by: emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D20484
This 'r' case should have belonged to the switch in the first place, but
I had somehow missed the switch when initially adding the rgrep link. The
zgrep script later came along and faithfully left this case standing alone,
so we will now go ahead and join it.
Nearby comment also adjusted a tad bit for wording and style.
Reported by: Daniel Ebdrup
MFC after: 3 days
See usage for the command line structure. Man page will come shortly.
Reviewed by: jilles, tmunro
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D20258
Sync libarchive with vendor.
Relevant vendor changes:
Issue #795: XAR - do not try to add xattrs without an allocated name
PR #812: non-recursive option for extract and list
PR #958: support reading metadata from compressed files
PR #999: add --exclude-vcs option to bsdtar
Issue #1062: treat empty archives with a GNU volume header as valid
PR #1074: Handle ZIP files with trailing 0s in the extra fields
(Android APK archives)
PR #1109: Ignore padding in Zip extra field data (Android APK archives)
PR #1167: fix problems related to unreadable directories
Issue #1168: fix handling of strtol() and strtoul()
PR #1172: RAR5 - fix invalid window buffer read in E8E9 filter
PR #1174: ZIP reader - fix of MSZIP signature parsing
PR #1175: gzip filter - fix reading files larger than 4GB from memory
PR #1177: gzip filter - fix memory leak with repeated header reads
PR #1180: ZIP reader - add support for Info-ZIP Unicode Path Extra Field
PR #1181: RAR5 - fix merge_block() recursion
(OSS-Fuzz 12999, 13029, 13144, 13478, 13490)
PR #1183: fix memory leak when decompressing ZIP files with LZMA
PR #1184: fix RAR5 OSS-Fuzz issues 12466, 14490, 14491, 12817
OSS-Fuzz 12466: RAR5 - fix buffer overflow when parsing huffman tables
OSS-Fuzz 14490, 14491: RAR5 - fix bad shift-left operations
OSS-Fuzz 12817: RAR5 - handle a case with truncated huffman tables
PR #1186: RAR5 - fix invalid type used for dictionary size mask
(OSS-Fuzz 14537)
PR #1187: RAR5 - fix integer overflow (OSS-Fuzz 14555)
PR #1190: RAR5 - RAR5 don't try to unpack entries marked as directories
(OSS-Fuzz 14574)
PR #1196: RAR5 - fix a potential SIGSEGV on 32-bit builds
OSS-Fuzz 2582: RAR - fix use after free if there is an invalid entry
OSS-Fuzz 14331: RAR5 - fix maximum owner name length
OSS-Fuzz 13965: RAR5 - use unsigned int for volume number + range check
Additional RAR5 reader changes:
- support symlinks, hardlinks, file owner, file group, versioned files
- change ARCHIVE_FORMAT_RAR_V5 to 0x100000
- set correct mode for readonly directories
- support readonly, hidden and system Windows file attributes
MFC after: 2 weeks
Historically we have not distinguished between kernel wirings and user
wirings for accounting purposes. User wirings (via mlock(2)) were
subject to a global limit on the number of wired pages, so if large
swaths of physical memory were wired by the kernel, as happens with
the ZFS ARC among other things, the limit could be exceeded, causing
user wirings to fail.
The change adds a new counter, v_user_wire_count, which counts the
number of virtual pages wired by user processes via mlock(2) and
mlockall(2). Only user-wired pages are subject to the system-wide
limit which helps provide some safety against deadlocks. In
particular, while sources of kernel wirings typically support some
backpressure mechanism, there is no way to reclaim user-wired pages
shorting of killing the wiring process. The limit is exported as
vm.max_user_wired, renamed from vm.max_wired, and changed from u_int
to u_long.
The choice to count virtual user-wired pages rather than physical
pages was done for simplicity. There are mechanisms that can cause
user-wired mappings to be destroyed while maintaining a wiring of
the backing physical page; these make it difficult to accurately
track user wirings at the physical page layer.
The change also closes some holes which allowed user wirings to succeed
even when they would cause the system limit to be exceeded. For
instance, mmap() may now fail with ENOMEM in a process that has called
mlockall(MCL_FUTURE) if the new mapping would cause the user wiring
limit to be exceeded.
Note that bhyve -S is subject to the user wiring limit, which defaults
to 1/3 of physical RAM. Users that wish to exceed the limit must tune
vm.max_user_wired.
Reviewed by: kib, ngie (mlock() test changes)
Tested by: pho (earlier version)
MFC after: 45 days
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D19908
This is a prerequisite of unifying kernel zlib instances.
Submitted by: Yoshihiro Ota <ota at j.email.ne.jp>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D20191
During processing we maintain symbol offsets in the 64-bit s_so array,
and when writing the archive convert to 32-bit if no offsets are greater
than 4GB. However, this was somewhat inefficient as we looped over the
array twice: first, converting to big endian and second, writing each
32-bit value one at a time (and incorrectly so on big-endian platforms).
Instead, when writing a 32-bit archive shuffle convert symbol data to
big endian (as required by the ar format) and shuffle to the beginning
of the allocation at the same time.
Also correct emission of the symbol count on big endian platforms.
Further changes are planned, but this should fix powerpc64.
Reported by: jhibbits, mlinimon
Reviewed by: jhibbits, Gerald Aryeetey (earlier)
Tested by: jhibbits
MFC after: 10 days
MFC with: r346079
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D20007
This change allows the user to once again override the C++ standard, restoring
high-level pre-r345708 behavior.
This also unbreaks building lib/ofed/libibnetdisc/Makefile with a non-C++11
capable compiler, e.g., g++ 4.2.1, as the library supported being built with
older C++ standards.
MFC after: 2 weeks
MFC with: r345708
Reviewed by: emaste
Reported by: jbeich
Differential Revision: https://reviews.freebsd.org/D19895 (as part of a larger change)
Previous spellings of my name (NGie, Ngie) weren't my legal spelling. Use Enji
instead for clarity.
While here, remove "All Rights Reserved" from copyrights I "own".
MFC after: 1 week
This is somewhat more readable than pointer arithmetic. Also remove an
unnecessary cast while here.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
This is a minor simplification; if we do not have any symbols the empty
symbol table can be in 32-bit format.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Add a stat counter to track ipv6 atomic fragments. Atomic fragments can be
generated in response to invalid path MTU values, but are also a potential
attack vector and considered harmful (see RFC6946 and RFC8021).
While here add tracking of the atomic fragment counter to netstat and systat.
Reviewed by: tuexen, jtl, bz
Approved by: jtl (mentor), bz (mentor)
Event: Aberdeen hackathon 2019
Differential Revision: https://reviews.freebsd.org/D17511
This allows an endless stream of random data within the given bounds.
It already worked if a seed was provided as the 4th argument but not
if one was left out.
In collaboration with: jhb
MFC after: 2 weeks
Relnotes: yes
Experimentally, reduces sort -R time of a 148160 line corpus from about
3.15s to about 0.93s on this particular system.
There's probably room for improvement using some digest other than md5, but
I don't want to look at sort(1) anymore. Some discussion of other possible
improvements in the Test Plan section of the Differential.
PR: 230792
Reviewed by: jhb (earlier version)
Differential Revision: https://reviews.freebsd.org/D19885
Bound input file processing length to avoid the issue reported in [1]. For
simplicity, only allow regular file and character device inputs. For
character devices, only allow /dev/random (and /dev/urandom symblink).
32 bytes of random is perfectly sufficient to seed MD5; we don't need any
more. Users that want to use large files as seeds are encouraged to truncate
those files down to an appropriate input file via tools like sha256(1).
(This does not change the sort algorithm of sort -R.)
[1]: https://lists.freebsd.org/pipermail/freebsd-hackers/2018-August/053152.html
PR: 230792
Reported by: Ali Abdallah <aliovx AT gmail.com>
Relnotes: yes
There's no reason to order based on strcmp of ASCII digests instead of
memcmp of the raw digests.
While here, remove collision fallback. If you collide two MD5s, they're
probably the same string anyway. If robustness against MD5 collisions is
desired, maybe we shouldn't use MD5.
None of the behavior of sort -R is specified by POSIX, so we're free to
implement this however we like. E.g., using a 128-bit counter and block cipher
to generate unique indices for each line of input.
PR: 230792 (2/many)
Relnotes: This will change the sort order for a given dataset with a
given seed. Other similarly breaking changes are planned.
Sponsored by: Dell EMC Isilon
from 1.0.0:
Add "continuation" flag, to allow multiple "xo" invocations in a single line of output (#58)
Add --top-wrap to make top-level JSON wrappers
Add --{open,close}-{list,instace} options
Add xo_xml_leader(), to detect use of some bogus XML tags. It's still bad form, but it's a little safer now
Avoid call to xo_write before xo_flush, since the latter calls the former
Check return code from xo_flush_h properly (<0) (FreeBSD Bug 236935)
For JSON output, avoid newline before a container's close brace (#62)
Merge branch 'text_only' of https://github.com/zvr/libxo into zvr-text_only
Use XO_USE_INT_RETURN_CODES, not USE_INT_RETURN_CODES
add docs for --continuation
add docs for --not-first
call xo_state_set_flags before values and close containers; add XOIF_MADE_OUTPUT flag to track state; make proper empty JSON objects in xo_finish
color_map code has to be #ifdef'd out, since the struct definition
correct xo_flush_func_t (doesn't use xo_ssize_t)
make depth change for --top-wrap only for JSON
fix to handle --top-wrap in "xo" by being more consistent with handling trailing newlines
fix to handle text-only version #64 (from zvr)
fix xo_buf_has_room for round up to the next XO_BUFSIZ, not just add XO_BUFSIZ to the size (FreeBSD Bug 236937)
update docs for new "xo" options
update functions to use xo_ssize_t
update test cases
from 1.0.1:
Add EINTEGRITY to .pot files under test/gettext/ (fix from FreeBSD)
from 1.0.2:
handle failure from xo_vnsprintf; don't add -1 to "rc"
PR: 236937, 236935
Submitted by: phil
Reported by: Alfonso S. Siciliano <alfix86@gmail.com>
MFC after: 2 weeks
The value was changed from int to bool. Since the new type
is smaller, the rest of the variable in the caller was left
unitialized.
PR: 236714
Reported by: trasz
Diagnosed by: markj
Sponsored by: The FreeBSD Foundation
to no longer be displayed. This was because the reimplementation of
setup_buffer() did not copy the previous contents into any reallocated
buffer.
Reported by: James Wright <james.wright@jigsawdezign.com>
PR: 236947
MFC after: 3 days
CXXSTD was added as the C++ analogue to CSTD.
CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.
This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.
As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.
Notes:
This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.
Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:
Before this commit:
```
CXXFLAGS+= -std=c++14
```
After this commit:
```
CXXSTD= c++14
```
Reviewed by: asomers
Approved by: emaste (mentor)
MFC after: 1 month
MFC with: r345203, r345704, r345705
Relnotes: yes
Tested with: make tinderbox
Differential Revision: https://reviews.freebsd.org/D19732
When a review is closed via Phabricator it updates the patch attached to the
review. I downloaded the raw patch from Phabricator, applied it, and repeated
my mistake from r345704 by accident mixing content from D19732 and D19738.
For my own personal sanity, I will try not to mix reviews like this in the
future.
MFC after: 1 month
MFC with: r345706
Approved by: emaste (mentor, implicit)
CXXSTD was added as the C++ analogue to CSTD.
CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.
This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.
As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.
Notes:
This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.
Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:
Before this commit:
```
CXXFLAGS+= -std=c++14
```
After this commit:
```
CXXSTD= c++14
```
Reviewed by: asomers
Approved by: emaste (mentor)
MFC after: 1 month
MFC with: r345203, r345704, r345705
Relnotes: yes
Tested with: make tinderbox
Differential Revision: https://reviews.freebsd.org/D19732
I accidentally committed code from two reviews. I will reintroduce the code to
bsd.progs.mk as part of a separate commit from r345704.
Approved by: emaste (mentor, implicit)
MFC after: 2 months
MFC with: r345704
CXXSTD defaults to `-std=c++11` with supporting compilers; `-std=gnu++98`,
otherwise for older versions of g++.
This change standardizes the CXXSTD variable, originally added to
googletest.test.inc.mk as part of r345203.
As part of this effort, convert all `CXXFLAGS+= -std=*` calls to use `CXXSTD`.
Notes:
This value is not sanity checked in bsd.sys.mk, however, given the two
most used C++ compilers on FreeBSD (clang++ and g++) support both modes, it is
likely to work with both toolchains. This method will be refined in the future
to support more variants of C++, as not all versions of clang++ and g++ (for
instance) support C++14, C++17, etc.
Any manual appending of `-std=*` to `CXXFLAGS` should be replaced with CXXSTD.
Example:
Before this commit:
```
CXXFLAGS+= -std=c++14
```
After this commit:
```
CXXSTD= c++14
```
Reviewed by: asomers
Approved by: emaste (mentor)
MFC after: 1 month
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D19732
Highlights:
- Bugfix for order in which /delete-node/ and /delete-property/ are
processed [0]
- /omit-if-no-ref/ support has been added (used only by U-Boot at this
point, in theory)
- GPL dtc compat version bumped to 1.4.7
- Various small fixes and compatibility improvements
Reported by: strejda [0]
MFC after: 1 week
exist
Apply EX_UNAVAILABLE patch part from PR 170775 to match the documentation.
Checked with a command from PR 210770:
lockf -n /tmp/doesnotexist echo; echo $?
PR: 210770
MFC after: 1 week
- Fix markup.
- Mention that process can only allow tracing for itself. This is already
stated in procctl(2), but requiring knowledge of the syscall description
is too much for the tool user.
- Clearly state that query mode only works for existing process.
Noted and reviewed by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
r344504 added an extra ARP_LOG() call in case of an if_output() failure.
It turns out IPv4 can be noisy. In order to not spam the console by default:
(a) add a counter for these events so people can keep better track of how
often it happens, and
(b) add a sysctl to select the default ARP_LOG log level and set it to
INFO avoiding the one (the new) DEBUG level by default.
Claim a spare (1st one after 10 years since the stats were added) in order
to not break netstat from FreeBSD 12->13 updates in the future.
Reviewed by: karels
Differential Revision: https://reviews.freebsd.org/D19490
This matches GNU seq, for example.
For users that are looking for similar functionality, 'jot -b foo N' will
print 'foo' N times. See jot(1).
PR: 236347
Reported by: <y AT maya.st>
Sponsored by: Dell EMC Isilon
The ports version of cal is an abandonware so in order to minimize the
potential bit rot of our documentation let's not mention it at all.
Interested users are going to find suitable alternatives anyway on their
own.
Reported by: bapt
Approved by: bapt (src)
Approved by: krion (mentor, implicit), mat (mentor, implicit)
Differential Revision: https://reviews.freebsd.org/D19492
Without this, if output is redirected from the console, it is buffered for
too long, making tool quite unusable.
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Set the number of partitions entries in the GPT header to a
multiple of the number of entries that fit in a sector.
PR: 236238
Reviewed by: imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D19465
Note that only entries wired by userspace are shown as such. In
particular, entries transiently wired by sysctl_wire_old_buffer() are
not flagged as wired in procstat -v output.
Reviewed by: kib (previous version)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D19461
These are taken directly from the density report from a TS1160
tape drive. (Using mt getdensity)
A TS1160 drive stores 20TB raw (60TB with compression) on a JE tape.
lib/libmt/mtlib.c:
Add 3592A6 encrypted/unencrypted density codes, and bpmm/bpi
values.
usr.bin/mt/mt.1:
Add 3592B5 encrypted/unencrypted density codes, bpmm/bpi
values and number of tracks. Bump the man page date.
MFC after: 3 days
Sponsored by: Spectra Logic
Buildworld failed when both WITHOUT_INET6_SUPPORT and INET equivalent were set.
Fix netstat and syslogd by applying appropriate #ifdef INET/INET6 to make world
compile again.
Reviewed by: ngie, hrs, ume
Welcomed by: Michael Dexter (D17040)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D19418
This change is made in the name of GNU patch compatibility. If GNU patch is
fed a zero-length patch, it will exit successfully with no output. This is
used in at least one port to date (comms/wsjtx), and we break on this usage.
It seems unlikely that anyone relies on patch(1) calling their completely
empty patch garbage and failing, and GNU compatibility is a plus if it helps
with porting, so make the switch.
Reported by: db
MFC after: 2 weeks
The default handling showed the argument as hex. Add explicit handling so
we can show it as decimal, since that's how we show file descriptors
everywhere else.
Approved by: mjg (mentor)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D19295
Split the rights-limiting code into two cases: if one of the input
files isn't a regular file, use caph_limit_stream(3) instead of
open-coding the same logic; if both input files are regular files,
and the initial attempts to map them succeed, we limit the rights on
those files to CAP_MMAP_R.
Add a regression test for PR 234885.
PR: 234885
Reviewed by: delphij
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D19216
Subversion builds and links against its own .a archives using local
rules, so did not benefit from with the WITH_PIE library support added
in r344179. Apply the same _pie suffix locally.
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D19246
In line_update(), set lastcol correctly after moving to any non-zero
column, so the "overwrite old stuff" part does not attempt to address
negative offsets in the current line.
Rewrite setup_buffer() to always allocate at least 80 characters,
otherwise various calls to summary_format() will overwrite the end of
the buffers, if the screen width gets small enough.
MFC after: 1 week
calendar(1) can have input in various encoding, specifying
LANG=<locale_name> to enable calendar(1) to determine which one to use.
The problem is the content of the calendar itself is exposed as is making it
unreadable in many cases. For example french calendar which is encoded
ISO8859-1 is rendered badly in a fr_FR.UTF-8 environment.
Using iconv allows to solve this issue.
This will also allow to keep only 1 encoding in base for those files without
breaking user existing setup
Reported by: many
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D19221
Comment for CAPFAIL_LOOKUP refered only to paths containing ".." but
it is returned for other restricted VFS lookup cases, such as absolute
paths or openat(AT_FDCWD, ...).
Building binaries as PIE allows the executable itself to be loaded at a
random address when ASLR is enabled (not just its shared libraries).
With this change PIE objects have a .pieo extension and INTERNALLIB
libraries libXXX_pie.a.
MK_PIE is disabled for some kerberos5 tools, Clang, and Subversion, as
they explicitly reference .a libraries in their Makefiles. These can
be addressed on an individual basis later. MK_PIE is also disabled for
rtld-elf because it is already position-independent using bespoke
Makefile rules.
Currently only dynamically linked binaries will be built as PIE.
Discussed with: dim
Reviewed by: kib
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D18423
With this change, randomization can be enabled for all non-fixed
mappings. It means that the base address for the mapping is selected
with a guaranteed amount of entropy (bits). If the mapping was
requested to be superpage aligned, the randomization honours the
superpage attributes.
Although the value of ASLR is diminshing over time as exploit authors
work out simple ASLR bypass techniques, it elimintates the trivial
exploitation of certain vulnerabilities, at least in theory. This
implementation is relatively small and happens at the correct
architectural level. Also, it is not expected to introduce
regressions in existing cases when turned off (default for now), or
cause any significant maintaince burden.
The randomization is done on a best-effort basis - that is, the
allocator falls back to a first fit strategy if fragmentation prevents
entropy injection. It is trivial to implement a strong mode where
failure to guarantee the requested amount of entropy results in
mapping request failure, but I do not consider that to be usable.
I have not fine-tuned the amount of entropy injected right now. It is
only a quantitive change that will not change the implementation. The
current amount is controlled by aslr_pages_rnd.
To not spoil coalescing optimizations, to reduce the page table
fragmentation inherent to ASLR, and to keep the transient superpage
promotion for the malloced memory, locality clustering is implemented
for anonymous private mappings, which are automatically grouped until
fragmentation kicks in. The initial location for the anon group range
is, of course, randomized. This is controlled by vm.cluster_anon,
enabled by default.
The default mode keeps the sbrk area unpopulated by other mappings,
but this can be turned off, which gives much more breathing bits on
architectures with small address space, such as i386. This is tied
with the question of following an application's hint about the mmap(2)
base address. Testing shows that ignoring the hint does not affect the
function of common applications, but I would expect more demanding
code could break. By default sbrk is preserved and mmap hints are
satisfied, which can be changed by using the
kern.elf{32,64}.aslr.honor_sbrk sysctl.
ASLR is enabled on per-ABI basis, and currently it is only allowed on
FreeBSD native i386 and amd64 (including compat 32bit) ABIs. Support
for additional architectures will be added after further testing.
Both per-process and per-image controls are implemented:
- procctl(2) adds PROC_ASLR_CTL/PROC_ASLR_STATUS;
- NT_FREEBSD_FCTL_ASLR_DISABLE feature control note bit makes it possible
to force ASLR off for the given binary. (A tool to edit the feature
control note is in development.)
Global controls are:
- kern.elf{32,64}.aslr.enable - for non-fixed mappings done by mmap(2);
- kern.elf{32,64}.aslr.pie_enable - for PIE image activation mappings;
- kern.elf{32,64}.aslr.honor_sbrk - allow to use sbrk area for mmap(2);
- vm.cluster_anon - enables anon mapping clustering.
PR: 208580 (exp runs)
Exp-runs done by: antoine
Reviewed by: markj (previous version)
Discussed with: emaste
Tested by: pho
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D5603
Avoid setting zero bytes beyond the length of the 'thisline' parameters
in i_process() and u_process(), and don't attempt to memset a negative
number of bytes.
MFC after: 1 week
Suggest using -a to egrep to properly see executed commands.
This is a minor improvement to the manpage. A better improvement
would be removal or gigantic warnings.
Sponsored by: Dell EMC
MFC after: 1 week
For example, from the referenced PR [1]:
$ mkdir /tmp/lib/ /tmp/libexec
$ touch /tmp/lib/foo.so
$ install -lrs /tmp/lib/foo.so /tmp/libexec/
The common path identification bits terminate src at /tmp/lib/ and the
destination at /tmp/libe. The subsequent backtracking is then incorrect, as
it traverses the destination and backtraces exactly one level while eating
the 'libexec' because it was previously (falsely) identified as common with
'lib'.
The obvious fix would be to make sure we've actually terminated just after
directory separators and rewind a character if we haven't. In the above
example, we would end up rewinding to /tmp/ and subsequently doing the right
thing.
Test case added.
PR: 235330 [1]
MFC after: 1 week
- Use "in" instead of "on" when referring to directory and UFS partition.
- Switch from hw.physmem to hw.realmem and add a description to
distinguish the two.
- Explain why the "df" command is having trouble displaying ZFS sizes
correctly. Add a bit more descriptive text to help why the output of
"zfs list -o space" should be used.
- Switch to vmstat instead of iostat display for systat(1) as it shows
more information on one screen. Describe what is displayed based on the
text of the man page. Change the list of the other values accordingly.
- Sort the flags to "zfs destroy" alphabetically.
Reviewed by: rgrimes
Approved by: rgrimes
MFC after: 8 days
Differential Revision: https://reviews.freebsd.org/D18993
find(1) ignores -type w passed to it. With this patch find(1) properly
identifies and prints whiteouts.
PR: 126384, 156703
Submitted by: oleg@mamontov.net
MFC after: 1 week
While these warnings are false positives, the use of strdup() instead of
malloc() and strcpy() simplifies and clarifies the code.
While checking the remaining uses of strcpy and strcat I noticed an
assignment of a strlen() to a variable "s", whose value needs to be
preserved for use in later output routines (where it is used to allocate
a buffer). I do not think that the value of "s" will come out lower than
its correct value and thus there is no risk of a buffer overflow, in the
general case, but a specially crafter argument might lead to an overflow.
The bogus assignment to "s" is removed since this value was only used a
single time in the following malloc() call, which has been removed.
MFC after: 2 weeks
Add a bunch of examples on how to use ZFS features like:
- listing available space,
- setting and displaying a userquota,
- displaying pool I/O statistics and pool history,
- displaying the compression ratio for a dataset,
- various list options (sorting, removing headers),
- performing a dry-run of a snapshot delete,
- removing a range of snapshots,
- setting a custom property,
- preventing removal of a snapshot with ZFS holds,
- permission sets for zfs send/receive.
Additionally, clarify the existing examples a bit when
it comes to displaying space by mentioning UFS explicitly.
Other examples include displaying I/O in top(1), querying
sysctl(8) for active CPUs and available RAM. Mention systat(1)
and its options, too.
While here, reformat the example to upload a dmesg(8) a bit
to wrap properly.
Thanks to Allan Jude for his help with some of the ZFS examples.
Reviewed by: dru,allanjude
Approved by: allanjude (earlier version)
MFC after: 3 days
Relnotes: yes (ZFS examples in freebsd-tips)
Differential Revision: https://reviews.freebsd.org/D18541
We already call setutxent() once during initialization. Furthermore,
the subsequent calls occur after the process has entered capability
mode, so they fail, and attempts to fetch database entries fail as
a result.
PR: 235096
Submitted by: fullermd@over-yonder.net
MFC after: 3 days
According to systat(1) :only option is supposed to accept multiple drives
but the parser for its arguments stops after first entry. Fix the parser
logic to accept multiple drives.
PR: 59220
Reported by: Andy Farkas <andyf@speednet.com.au>
MFC after: 1 week
Test failures don't seem to propagate up if atf_check is run in
a pipeline. Thus, the tests continued to pass despite the bug reverted
in r343245.
MFC after: 1 week
It breaks the special mode specified by passing "-" as one of the
input files. Revert for now while we discuss a fix.
PR: 234885
Reported by: delphij
MFC after: now
getopt_long(3) requires the long options be terminated by a NULL block.
Without the terminator, an invalid long option results in a segmentation
fault.
Reported by: Brandon Bergren
MFC after: 1 week
This is mostly a style fix since the code in question is not called multiple
times and doesn't have cummulative effect.
PR: 204953
Submitted by: David Binderman <dcb314@hotmail.com>
MFC after: 1 week
- Limit rights on stdio before opening input files. Otherwise, open()
may return one of the standard descriptors and we end up limiting
rights such that we cannot read from one of the input files.
- Use caph_limit_stdio(), which suppresses EBADF, to ensure that
we don't emit an error if one of the stdio streams is closed.
- Don't bother further limiting rights on stdin when stdin isn't going
to be used. Doing so correctly requires checking for a number of
edge cases, and it doesn't provide any significant benefit.
PR: 234885
Reviewed by: oshogbo
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D18860
bc.y: Rev 1.50
- write parse errors to stderr, prompted by Martijn Dekker
- we're only interactive if stdout en stderr are a tty as well as stdin
PR: 234430
Obtained from: OpenBSD
MFC after: 1 week
The goal of this change is to make it easier to use getconf to query
the number of available processors.
Sadly it's unclear per POSIX, which form (with a preceding _ or
lacking it) is correct. I will bring this up on the Austin Group list so
this point is clarified for implementors that might rely on this getconf
variable in future POSIX spec versions.
This is something I noticed when trying to import GoogleTest to FreeBSD
as one of the CI scripts uses this variable on Linux.
MFC after: 2 weeks
Approved by: emaste (mentor)
Differential Revision: https://reviews.freebsd.org/D18640
The default build should install bsdgrep(1) and grep(1), with the latter
being gnugrep(1). WITH_BSD_GREP flips this situation such that we have
gnugrep(1) and grep(1), with the latter being bsdgrep(1).
Changes to start installing the zgrep script out of usr.bin/grep
inadvertently altered the default build such that grep(1) was being
installed, and it was bsdgrep(1). Correct the typo.
Reported by: bcran
MFC after: 3 days
