Commit Graph

6935 Commits

Author SHA1 Message Date
Dimitry Andric
48aaf27bca Update Makefiles under lib/clang and usr.bin/clang for 11.0.0 builds,
and also bump the version in the mtree files.
2020-08-06 19:30:00 +00:00
Yoshihiro Takahashi
8f11c99715 - Cleanups related to sparc64 removal.
- Remove remains of sparc64 files.

Reviewed by:	imp
Differential Revision:	https://reviews.freebsd.org/D25831
2020-07-28 10:58:37 +00:00
Tom Jones
3b01bf881c Add tests for "add", "change" and "delete" functionality of /sbin/route.
Add tests to cover "add", "change" and "delete" functionality of /sbin/route
for ipv4 and ipv6. These tests for the existing route tool are the first step
towards creating libroute.

Submitted by:   Ahsan Barkati
Sponsored by:   Google, Inc. (GSoC 2020)
Reviewed by:    kp, thj
Approved by:    bz (mentor)
MFC after:      1 month
Differential Revision:  https://reviews.freebsd.org/D25220
2020-07-22 13:49:54 +00:00
Gregory Neil Shapiro
5b0945b570 Merge sendmail 8.16.1 to HEAD: See contrib/sendmail/RELEASE_NOTES for details
Includes build infrastructure & config updates required for changes in 8.16.1

MFC after:	5 days
2020-07-15 18:28:54 +00:00
Olivier Cochard
d371ed1c4b Install extra TCP stack header files: They are needed to compile a userland
component of TCP Blackbox Recorder as example.

Approved by:	rrs
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D25584
2020-07-08 21:40:27 +00:00
Conrad Meyer
a35bc248fd Restrict default /root permissions
Remove world-readability from the root directory.  Sensitive information may be
stored in /root and we diverge here from normative administrative practice, as
well as installation defaults of other Unix-alikes.  The wheel group is still
permitted to read the directory.

750 is no more restrictive than defaults for the rest of the open source
Unix-alike world.  In particular, Ben Woods surveyed DragonFly, NetBSD,
OpenBSD, ArchLinux, CentOS, Debian, Fedora, Slackware, and Ubuntu.  None have a
world-readable /root by default.

Submitted by:	Gordon Bergling <gbergling AT gmail.com>
Reviewed by:	ian, myself
Discussed with:	emaste (informal approval)
Relnotes:	sure?
Differential Revision:	https://reviews.freebsd.org/D23392
2020-06-04 16:04:19 +00:00
Kyle Evans
cb99e93575 pkgbase: resolve mailer.conf conflict WITHOUT_SENDMAIL
When WITHOUT_SENDMAIL is set, we end up with two different mailer.conf that
conflict, and hilarity ensues. There's currently three different places that
we might install mailer.conf:

- ^/etc/Makefile (package=runtime, contingent on MK_MAIL != no)
- ^/libexec/dma/dmagent/Makefile (package=dma, contingent on MK_SENDMAIL !=
no)
- ^/usr.sbin/mailwrapper/Makefile (package=utilities, contingent on
not-installed)

The mailwrapper installation will effectively never happen because the ^/etc
one will first.

This patch simplifies the whole situation; remove the ^/etc/Makefile version
and install it primarily in mailwrapper if MK_MAILWRAPPER != "no". The
scenarios covered in mailwrapper are:

- sendmail(8) is installed, dma(8) may or may not be installed
- neither sendmail(8) nor dma(8) is installed

In the first scenario, sendmail(8) is dominant so we can go ahead and
install the version in ^/etc/mail. In the unlisted scenario, sendmail(8) is
not installed but dma(8) is, we'll let ^/libexec/dma/dmagent do the
installation. In the second listed scenario, we still want to install an
example mailer.conf so just install the base sendmail(8) version.

Reviewed by:	bapt
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D24924
2020-06-02 02:38:54 +00:00
Tijl Coosemans
82c3a6548f Install 32-bit libcrypto engines in /usr/lib32/engines instead of
/usr/lib32 and let 32-bit libcrypto search that location instead of
/usr/lib/engines.

Reviewed by:	jkim
2020-06-01 18:58:09 +00:00
Tijl Coosemans
3eee8f1cbb Fix installation of libxo encoder modules.
Because the install location was hardcoded in the Makefile as
/usr/lib/libxo/encoder, the lib32 version was installed over the native
version.  Replace /usr/lib with ${LIBDIR}.

Also define SHLIB_NAME instead of LIB + FILES.  This prevents building a
static library.

MFC after:	2 weeks
2020-05-31 17:20:17 +00:00
Ed Maste
c5ea81f7a6 rename in-tree libevent v1 to libevent1
r316063 installed pf's embedded libevent as a private lib, with headers
in /usr/include/private/event.  Unfortunately we also have a copy of
libevent v2 included in ntp, which needed to be updated for compatibility
with OpenSSL 1.1.

As unadorned 'libevent' generally refers to libevent v2, be explicit that
this one is libevent v1.

Reviewed by:	vangyzen (earlier)
Differential Revision:	https://reviews.freebsd.org/D17275
2020-05-28 22:05:50 +00:00
Dimitry Andric
d65cd7a57b Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
llvmorg-10.0.1-rc1-0-gf79cd71e145 (aka 10.0.1 rc1).

MFC after:	3 weeks
2020-05-23 10:32:18 +00:00
Alexander V. Chernikov
a666325282 Introduce nexthop objects and new routing KPI.
This is the foundational change for the routing subsytem rearchitecture.
 More details and goals are available in https://reviews.freebsd.org/D24141 .

This patch introduces concept of nexthop objects and new nexthop-based
 routing KPI.

Nexthops are objects, containing all necessary information for performing
 the packet output decision. Output interface, mtu, flags, gw address goes
 there. For most of the cases, these objects will serve the same role as
 the struct rtentry is currently serving.
Typically there will be low tens of such objects for the router even with
 multiple BGP full-views, as these objects will be shared between routing
 entries. This allows to store more information in the nexthop.

New KPI:

struct nhop_object *fib4_lookup(uint32_t fibnum, struct in_addr dst,
  uint32_t scopeid, uint32_t flags, uint32_t flowid);
struct nhop_object *fib6_lookup(uint32_t fibnum, const struct in6_addr *dst6,
  uint32_t scopeid, uint32_t flags, uint32_t flowid);

These 2 function are intended to replace all all flavours of
 <in_|in6_>rtalloc[1]<_ign><_fib>, mpath functions  and the previous
 fib[46]-generation functions.

Upon successful lookup, they return nexthop object which is guaranteed to
 exist within current NET_EPOCH. If longer lifetime is desired, one can
 specify NHR_REF as a flag and get a referenced version of the nexthop.
 Reference semantic closely resembles rtentry one, allowing sed-style conversion.

Additionally, another 2 functions are introduced to support uRPF functionality
 inside variety of our firewalls. Their primary goal is to hide the multipath
 implementation details inside the routing subsystem, greatly simplifying
 firewalls implementation:

int fib4_lookup_urpf(uint32_t fibnum, struct in_addr dst, uint32_t scopeid,
  uint32_t flags, const struct ifnet *src_if);
int fib6_lookup_urpf(uint32_t fibnum, const struct in6_addr *dst6, uint32_t scopeid,
  uint32_t flags, const struct ifnet *src_if);

All functions have a separate scopeid argument, paving way to eliminating IPv6 scope
 embedding and allowing to support IPv4 link-locals in the future.

Structure changes:
 * rtentry gets new 'rt_nhop' pointer, slightly growing the overall size.
 * rib_head gets new 'rnh_preadd' callback pointer, slightly growing overall sz.

Old KPI:
During the transition state old and new KPI will coexists. As there are another 4-5
 decent-sized conversion patches, it will probably take a couple of weeks.
To support both KPIs, fields not required by the new KPI (most of rtentry) has to be
 kept, resulting in the temporary size increase.
Once conversion is finished, rtentry will notably shrink.

More details:
* architectural overview: https://reviews.freebsd.org/D24141
* list of the next changes: https://reviews.freebsd.org/D24232

Reviewed by:	ae,glebius(initial version)
Differential Revision:	https://reviews.freebsd.org/D24232
2020-04-12 14:30:00 +00:00
Xin LI
f5b7695d2d Always install backward compatibility timezones, as they are installed
on all major Linux distributions as well as NetBSD and OpenBSD.

Remove the undocumented ZONEINFO_OLD_TIMEZONES_SUPPORT and the deprecated
OLDTIMEZONES knobs as they are now the default.

Reviewed by:		ngie, rgrimes
MFC after:		2 weeks
Differential Revision:	https://reviews.freebsd.org/D24306
2020-04-09 05:11:18 +00:00
David Bright
0e3e53d746 Add a basic test for nvmecontrol
I recently made some bug fixes in nvmecontrol. It occurred to me that
since nvmecontrol lacks any kyua tests, I should convert the informal
testing I did into a more formal automated test. The test in this
change should be considered just a starting point; it is neither
complete nor thorough. While converting the test to ATF/kyua, I
discovered a small bug in nvmecontrol; the nvmecontrol devlist command
would always exit with an unsuccessful status. So I included the fix
for that, too, so that the test won't fail.

Reviewed by:	imp@
MFC after:	3 days
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D24269
2020-04-07 20:26:42 +00:00
Maxim Sobolev
a8b8edb25e Normalize deployment tools usage and definitions by putting into one place
instead of sprinkling them out over many disjoint files. This is a follow-up
to achieve the same goal in an incomplete rev.348521.

Approved by:	imp
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D20520
2020-04-07 02:46:22 +00:00
Brooks Davis
cfe7aad9c3 Create and use a tests group for the tests user.
No user (except nobody) should be a member of the nobody group.

Reported by:	rgrimes
Reviewed by:	rgrimes
MFC after:	3 days
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24199
2020-03-27 16:05:37 +00:00
Brooks Davis
daa006f84b Install expected kyua docs.
The "kyua about" command assumes these files exist causing tests
supplied devel/kyua to fail.

Fix a bug defining the default KYUA_DOCDIR so the installed files can be
found.

Reported by:	jenkins tests
Reviewed by:	lwhsu
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24187
2020-03-26 17:34:17 +00:00
Emmanuel Vadot
c016c89196 pkgbase: Move device.hints from the runtime to the bootloader package
Also mark it as config file so if a user changes this file pkg will attempt
to merge the new file upon an update.
device.hints is neither related to runtime or loader but it make more sense
to have it in loader in case some user delete /boot/ and wants to recreate it,
now only two packages are required FreeBSD-bootloader and the kernel package.
While here change where we override the package for files installed in /boot,
this allow us to keep other tags (such as config).

Reported by:	pizzamig
Reviewed by:	bapt pizzamig emaste
Differential Revision:	https://reviews.freebsd.org/D24159
2020-03-24 01:07:01 +00:00
Brooks Davis
b0d29bc47d Import the kyua test framework.
Having kyua in the base system will simplify automated testing in CI and
eliminates bootstrapping issues on new platforms.

The build of kyua is controlled by WITH(OUT)_TESTS_SUPPORT.

Reviewed by:	emaste
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24103
2020-03-23 19:01:23 +00:00
Brooks Davis
d41872f999 Add the tests user, an unprivileged user from the default kyua config.
This is a preparatory commit for D24103.

Reviewed by:	emaste
Obtained from:	CheriBSD
MFC after:	3 days
Sponsored by:	DARPA
2020-03-23 17:11:27 +00:00
Ed Maste
4e3984bb5d BSD.sendmail.dist: simplify mqueue group name setting
Submitted by:	gshapiro
2020-03-22 16:55:20 +00:00
Ed Maste
7ab51667a7 pkgbase: create sendmail directories only from BSD.sendmail.dist
Else when WITHOUT_SENDMAIL is set we still create a sendmail package
that contains (only) two directories.

Reviewed by:	manu
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24149
2020-03-22 15:37:38 +00:00
Dimitry Andric
e43d33d286 Merge ^/head r358466 through r358677. 2020-03-05 17:55:36 +00:00
Warner Losh
daba5ace03 Finish removal of bktr
Remove the old ioctl .h files
Remove copying/linking ioctl .h files in instasllworld
Remove bktr from lint
Add now-removed files with ObsoleteFiles
2020-03-01 20:37:42 +00:00
Dimitry Andric
91019ea7d4 Merge ^/head r358400 through r358465. 2020-02-29 15:08:14 +00:00
Ed Maste
57f804675e remove GCC 4.2.1 build infrastructure
As described in Warner's email message[1] to the FreeBSD-arch mailing
list we have reached GCC 4.2.1's retirement date.  At this time all
supported architectures either use in-tree Clang, or rely on external
toolchain (i.e., a contemporary GCC version from ports).

GCC 4.2.1 was released July 18, 2007 and was imported into FreeBSD later
that year, in r171825.  GCC has served us well, but version 4.2.1 is
obsolete and not used by default on any architecture in FreeBSD.  It
does not support modern C and does not support arm64 or RISC-V.

Thanks to everyone responsible for maintaining, updating, and testing
GCC in the FreeBSD base system over the years.

So long, and thanks for all the fish.

[1] https://lists.freebsd.org/pipermail/freebsd-arch/2020-January/019823.html

PR:		228919
Reviewed by:	brooks, imp
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D23124
2020-02-29 03:25:51 +00:00
Dimitry Andric
ef1c128c05 Merge ^/head r357921 through r357930. 2020-02-14 19:33:48 +00:00
Dimitry Andric
c42c3abb9e Remove /usr/include/ssp from BSD.include.dist after r356356
This avoids having to delete it every time with "make delete-old".

PR:		242950
MFC after:	2 weeks
X-MFC-With:	r356356
2020-02-14 19:31:24 +00:00
Dimitry Andric
bb1d0df511 Merge ^/head r357179 through r357269. 2020-01-29 21:09:36 +00:00
Kyle Evans
fbd46fe94a pkgbase: fix caroot packaging and add post-install script
The original intention for caroot was to be packaged separately, perhaps so
that users can have a more/less conservative upgrade policy for this
separated from the rest of base.

secure/caroot/Makefile doesn't have anything interesting to package, but its
subdirectories might. Move the PACKAGE= to Makefile.inc so both blacklisted
and trusted get packaged consistently into the correct one rather than the
default -utilities. Also tag the directories for package=caroot, as they
could also be empty; blacklisted is empty by default, but trusted is not.

Add a post-install script to do certctl rehash, along with a note should we
eventually come up with a way to detect that files have been added or
removed that requires a rehash.

-caroot gets a dependency on -utilities, as that's where we provide certctl
at the moment. We can perhaps reconsider this and put certctl into this
package in the future, but there are some bits within -utilities that
unconditionally invoke certctl so let's hold off for now.

Reviewed by:	manu (earlier version, before -utilities dep added)
Differential Revision:	https://reviews.freebsd.org/D23352
2020-01-29 18:47:08 +00:00
Dimitry Andric
0b37c15904 * Bump version numbers to 10.0.0
* Update UPDATING
* Update (Optional)ObsoleteFiles.inc
* Update VCS(Revision|Version) files
* Update generated config headers
* Update clang internal headers Makefile
2020-01-25 16:23:49 +00:00
Ed Maste
d3c87514db Tag NLS aliases with pkgbase package
POSIX and en_US.US_ASCII are aliases (symlinks) to the C locale.  They were
not previously tagged with a pkgbase pacakge.  Add the tag so that they are
handled correctly on pkgbase-installed/updated systems.

[This is r356990 reapplied with a corrected commit message.]

Discussed with:	manu
2020-01-24 14:41:51 +00:00
Ed Maste
3407334ae2 revert r356990 to reapply with correct commit message
Requested by:	rgrimes
2020-01-24 14:40:37 +00:00
Ed Maste
6ed1dc004a Tag NLS aliases with package=runtime
POSIX and en_US.US_ASCII are aliases (symlinks) to the C locale.  They were
not previously tagged with a pkgbase pacakge.  Add the tag so that they are
handled correctly on pkgbase-installed/updated systems.

Discussed with:	manu
2020-01-22 18:40:19 +00:00
Kyle Evans
156ebad647 Tag os-release symlink with package=runtime
This ensures it gets into pkgbase-(installed/updated) systems.
2020-01-22 14:07:27 +00:00
Jung-uk Kim
a9e3baa562 Install man5 and man7 for OpenSSL.
Note config.5 and crypto.7 are not installed because we have conflicts.

Requested by:	phk
MFC after:	1 month
2020-01-22 01:15:57 +00:00
Dimitry Andric
c14a5a8800 Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
9.0.1 final release c1a0a213378a458fbea1a5c77b315c7dce08fd05.

Release notes for llvm, clang, lld and libc++ 9.0.1 will become
available here:

https://releases.llvm.org/9.0.1/docs/ReleaseNotes.html
https://releases.llvm.org/9.0.1/tools/clang/docs/ReleaseNotes.html
https://releases.llvm.org/9.0.1/tools/lld/docs/ReleaseNotes.html
https://releases.llvm.org/9.0.1/projects/libcxx/docs/ReleaseNotes.html

PR:		240629
MFC after:	1 month
2019-12-22 11:50:44 +00:00
Alan Somers
67f72211dd gmultipath: add ATF tests
Add ATF tests for most gmultipath operations. Add some dtrace probes too,
primarily for configuration changes that happen in response to provider
errors.

PR:		178473
MFC after:	2 weeks
Sponsored by:	Axcient
Differential Revision:	https://reviews.freebsd.org/D22235
2019-12-06 00:12:14 +00:00
Warner Losh
6467506baf Create /etc/os-release file.
Each boot, regenerate /var/run/os-release based on the currently running
system. Create a /etc/os-release symlink pointing to this file (so that this
doesn't create a new reason /etc can not be mounted read-only).

This is compatible with what other systems do and is what the sysutil/os-release
port attempted to do, but in an incomplete way. Linux, Solaris and DragonFly all
implement this natively as well. The complete standard can be found at
https://www.freedesktop.org/software/systemd/man/os-release.html

Moving this to the base solves both the non-standard location problem with the
port, as well as the lack of update of this file on system update.

Bump __FreeBSD_version to 1300060

PR: 238953
Differential Revision:  https://reviews.freebsd.org/D22271
2019-11-20 23:45:31 +00:00
Warner Losh
599d032a6d Standardize EFI's ESP mount point.
Mount the UEFI ESP on /boot/efi. No current system uses this by default, but
there are many ad-hoc schemes that do this in /efi or /esp or /uefi and adding a
new directory at the top-level would have a much higher likelihood of
collision. Document this in /etc/mtree/BSD.root.mtree and create EFIDIR and
related variables in bsd.own.mk.

Differential Revision: https://reviews.freebsd.org/D21344
2019-11-20 21:06:29 +00:00
Conrad Meyer
470182bb6e Link in NetBSD's unifdef(1) tests
Skip one, is it currently fails.
2019-11-18 04:03:11 +00:00
Conrad Meyer
43e9023f2d libexecinfo: Integrate NetBSD test into FreeBSD 2019-10-27 05:32:08 +00:00
Bjoern A. Zeeb
f74e6e494f frag6: import a set of test cases
In order to ensure that changing the frag6 code does not change behaviour
or break code a set of test cases were implemented.

Like some other test cases these use Scapy to generate packets and possibly
wait for expected answers.  In most cases we do check the global and
per interface (netstat) statistics output using the libxo output and grep
to validate fields and numbers.  This is a bit hackish but we currently have
no better way to match a selected number of stats only (we have to ignore
some of the ND6 variables; otherwise we could use the entire list).

Test cases include atomic fragments, single fragments, multi-fragments,
and try to cover most error cases in the code currently.
In addition vnet teardown is tested to not panic.

A separate set (not in-tree currently) of probes were used in order to
make sure that the test cases actually test what they should.

The "sniffer" code was copied and adjusted from the netpfil version
as we sometimes will not get packets or have longer timeouts to deal with.

Sponsored by:	Netflix
2019-10-21 09:33:45 +00:00
Dimitry Andric
8b3bc70a2b Merge ^/head r352764 through r353315. 2019-10-08 18:17:02 +00:00
Kyle Evans
f27f39db77 [1/3] Initial infrastructure for SSL root bundle in base
This setup will add the trusted certificates from the Mozilla NSS bundle
to base.

This commit includes:
- CAROOT option to opt out of installation of certs
- mtree amendments for final destinations
- infrastructure to fetch/update certs, along with instructions

A follow-up commit will add a certctl(8) utility to give the user control
over trust specifics. Another follow-up commit will actually commit the
initial result of updatecerts.

This work was done primarily by allanjude@, with minor contributions by
myself.

No objection from:	secteam
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16856
2019-10-02 01:05:29 +00:00
Dimitry Andric
61c1328eb0 Merge ^/head r352105 through r352307. 2019-09-13 21:15:01 +00:00
Michael Zhilin
cd38a86c63 [jail] removal by jid doesn't trigger pre/post stop scripts
This commit fixes bug: command "jail -r" didn't trigger pre/post stop
commands (and others) defined in config file if jid is specified insted of
name. Also it adds basic tests for usr.sbin/jail to avoid regression.

Reviewed by:	jamie, kevans, ray
MFC after:      5 days
Differential Revision: https://reviews.freebsd.org/D21328
2019-09-12 18:53:29 +00:00
Yuri Pankov
42249ef234 locale: handle day, abday, mon, abmon, am_pm keywords
All of these are defined as mandatory by POSIX.

While here, mark all non-standard ones as FreeBSD-only as
other systems (at least, GNU/Linux and illumos) do not handle
them, so we should not encourage their use.

PR:		237752
Reviewed by:	bapt
Differential Revision:	https://reviews.freebsd.org/D21490
2019-09-10 15:09:46 +00:00
Dimitry Andric
f993ed2fbd Merge ^/head r351732 through r352104. 2019-09-09 19:58:46 +00:00
Kyle Evans
b27524973c patch(1): add some basic tests
Summary:
- basic: test application of patches created by diff -u at the
  beginning/middle/end of file, which have differing amounts of context
  before and after chunks being added
- limited_ctx: stems from PR 74127 in which a rogue line was getting added
  when the patch should have been rejected. Similar behavior was
  reproducible with larger contexts near the beginning/end of a file. See
  r326084 for details
- file_creation: patch sourced from /dev/null should create the file
- file_nodupe: said patch sourced from /dev/null shouldn't dupe the contents
  when re-applied (personal vendetta, WIP, see comment)
- file_removal: this follows from nodupe; the reverse of a patch sourced
  from /dev/null is most naturally deleting the file, as is expected based
  on GNU patch behavior (WIP)
2019-09-05 03:16:14 +00:00