Commit Graph

2294 Commits

Author SHA1 Message Date
brooks
ad8dc1e97b Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

This was previously commited as r337978 and reverted in r338149 due to
exposing a bug the ARM rtld.  This bug was fixed in r338317 by mmel.

Submitted by:	James Clarke
Approved by:	re (kib)
Reviewed by:	kbowling
Testing by:	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-09-05 23:23:16 +00:00
brd
efb1577987 Move gettytab to libexec/getty/
Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16953
2018-09-05 15:25:23 +00:00
kib
ae9e5bc0c3 Style cleanup. No functional changes.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Approved by:    re (rgrimes)
2018-09-02 15:42:37 +00:00
mmel
58ecd611cd Fix wrong offset calculation for R_ARM_TLS_TPOFF32 relocations.
TLS_TCB_SIZE is already accounted in defobj-> tlsoffset so all these symbols
were incorrectly relocated by +8.

Note:
The only consumer (for all binaries on my ARM board) of R_ARM_TLS_TPOFF32
relocation is _ThreadRuneLocale variable. And the incorrectly relocated
ThreadRuneLocale accidentally pointed to zeroed memory before memory layout
change from D16510 had changed status quo.

MFC after:	3 weeks
Reviewed by:	imp, jhb
Approved by:	re (marius)
2018-08-25 16:54:37 +00:00
asomers
b4a74a70d5 tftpd: Fix data corruption bug with netascii
Transferring files in netascii format requires, among other things,
translating all CR characters to a CR,NUL pair. tftpd does this correctly
except when the CR occurs as the last octet of a packet. In that case, it
erroneously drops the NUL which should be part of the following packet. The
bug was caused by using 0 as a sentinel value in a variable that could
legitimately hold 0. Fix it by switching the sentinel value to -1.

PR:		178055
Reported by:	Richard <rsitze@gmail.com>
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16853
2018-08-22 23:31:27 +00:00
brooks
d47030f7df Revert r337978: Rework rtld's TLS Variant I implementation to match r326794
Michal Meloun reports that it breaks ctype (isspace()..) related
functions on armv7 so back out while we diagnose the issue.

Reported by:	Michal Meloun <melounmichal@gmail.com>
2018-08-21 18:22:12 +00:00
brd
165124c04a Move ftpusers to libexec/ftpd/
Thsi helps with pkgbase by switching to CONFS so that ftpusers will be
properly tagged as a config file.

Approved by:	will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16787
2018-08-21 17:07:52 +00:00
brooks
214c1ab8d7 Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

Submitted by:	James Clarke
Reviewed by:	kbowling
Testing byL	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-08-17 16:19:47 +00:00
trasz
916e85edb0 Remove pointless comment.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-03 10:59:05 +00:00
trasz
0aa666301d .Xr pam_securetty(8) from ttys(5), to hint the users as to what actually
enforces the 'secure' tty flag.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-03 10:58:13 +00:00
br
3b2642649d Save and restore floating-point arguments.
Sponsored by:	DARPA, AFRL
2018-08-02 12:21:39 +00:00
trasz
8d28f4cb0f Fix regression tests broken by r337067.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-02 11:55:16 +00:00
trasz
bc0d1a1d0e Make sure the rtld(1) error messages go to stderr, not stdout.
While here fix capitalization of a few nearby strings, add the
rtld's file name prefix so it's obvious where the message come
from, and return zero when "-h" is used.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16530
2018-08-02 07:43:28 +00:00
asomers
1fe29e8908 Fix several Coverity warnings in tftp
Some of the changes are in the libexec/tftpd directory, but to functions that
are only used by tftp(1) (they share some code).

* strcpy => strlcpy (1006793, 1006794, 1006796, 1006741)
* Unchecked return value and TOCTTOU (1009314)
* NULL pointer dereference (1018035, 1018036)

Reported by:	Coverity
CID:		1006793, 1006794, 1006796, 1006741, 1009314, 1018035
CID:		1018036
MFC after:	2 weeks
2018-07-22 17:10:12 +00:00
asomers
6f39a2452a Fix multiple Coverity warnings in tftpd(8)
* Initialize uninitialized variable (CID 1006502)
* strcpy => strlcpy (CID 1006792, 1006791, 1006790)
* Check function return values (CID 1009442, 1009441, 1009440)
* Delete dead code in receive_packet (not reported by Coverity)
* Remove redundant alarm(3) in receive_packet (not reported by Coverity)

Reported by:	Coverity
CID: 1006502, 1006792, 1006791, 1006790, 1009442, 1009441, 1009440
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D11287
2018-07-22 16:14:30 +00:00
asomers
7fada835fd tftpd(8): when completing an WRQ, flush the file before acknowleding receipt
tftpd(8) should flush a newly written file to disk before ACKing the final DATA
packet.  Otherwise there is a narrow race window when a subsequent read may not
see the file.  This is somewhat related to r330710, but the race window is much
smaller.  Hopefully this will fix the intermittent tests in Jenkins.

Reported by:	Jenkins
MFC after:	2 weeks
2018-07-21 19:48:31 +00:00
sef
107a344bbb This exposes ZFS user and group quotas via the normal
quatactl(2) mechanism.  (Read-only at this point, however.)
In particular, this is to allow rpc.rquotad query quotas
for NFS mounts, allowing users to see their quotas on the
hosts using the datasets.

The changes specifically:

* Add new RPC entry points for querying quotas.
* Changes the library routines to allow non-UFS quotas.
* Changes rquotad to check for quotas on mounted filesystems,
rather than being limited to entries in /etc/fstab
* Lastly, adds a VFS entry-point for ZFS to query quotas.

Note that this makes one unavoidable behavioural change: if quotas
are enabled, then they can be queried, as opposed to the current
method of checking for quotas being specified in fstab.  (With
ZFS, if there are user or group quotas, they're used, always.)

Reviewed by:	delphij, mav
Approved by:	mav
Sponsored by:	iXsystems Inc
Differential Revision:	https://reviews.freebsd.org/D15886
2018-07-05 22:56:13 +00:00
kib
c856dc5dce Make rtld use libc_nossp_pic.a. Remove SSP shims.
Submitted by:	Luis Pires
Reviewed by:	brooks
Differential revision:	https://reviews.freebsd.org/D15341
2018-05-09 10:30:56 +00:00
asomers
65a0e81cdc tftpd: misc Coverity cleanup in the tests
A bunch of unchecked return values from open(2) and read(2)

Reported by:	Coverity
CID:		1386900, 1386911, 1386926, 1386928, 1386932, 1386942
CID:		1386961, 1386979
MFC after:	8 days
X-MFC-With:	330696
2018-03-22 14:51:05 +00:00
asomers
3d48866b50 tftpd: fix the build of tests on i386 after 330696
It's those darn printf format specifiers again

Reported by:	cy, kibab
MFC after:	20 days
X-MFC-With:	330696
2018-03-10 18:07:31 +00:00
asomers
a6bc631948 tftpd: reject unknown opcodes
If tftpd receives a command with an unknown opcode, it simply exits 1.  It
doesn't send an ERROR packet, and the client will hang waiting for one.  Fix
it.

PR:		226005
MFC after:	3 weeks
2018-03-10 01:50:43 +00:00
asomers
c29c7eb33f tftpd: Abort on an WRQ access violation
On a WRQ (write request) tftpd checks whether the client has access
permission for the file in question.  If not, then the write is prevented.
However, tftpd doesn't reply with an ERROR packet, nor does it abort.
Instead, it tries to receive the packet anyway.

The symptom is slightly different depending on the nature of the error.  If
the target file is nonexistent and tftpd lacks permission to create it, then
tftpd will willingly receive the file, but not write it anywhere.  If the
file exists but is not writable, then tftpd will fail to ACK to WRQ.

PR:		225996
MFC after:	3 weeks
2018-03-10 01:43:55 +00:00
asomers
26f5519e21 tftpd: Verify world-writability for WRQ when using relative paths
tftpd(8) says that files may only be written if they already exist and are
publicly writable.  tftpd.c verifies that a file is publicly writable if it
uses an absolute pathname.  However, if the pathname is relative, that check
is skipped.  Fix it.

Note that this is not a security vulnerability, because the transfer
ultimately doesn't work unless the file already exists and is owned by user
nobody.  Also, this bug does not affect the default configuration, because
the default uses the "-s" option which makes all pathnames absolute.

PR:		226004
MFC after:	3 weeks
2018-03-10 01:35:26 +00:00
asomers
ccec95ca4c tftpd: Flush files as soon as they are fully received
On an RRQ, tftpd doesn't exit as soon as it's finished receiving a file.
Instead, it waits five seconds just in case the client didn't receive the
server's last ACK and decides to resend the final DATA packet.
Unfortunately, this created a 5 second delay from when the client thinks
it's done sending the file, and when the file is available for other
processes.

Fix this bug by closing the file as soon as receipt is finished.

PR:			157700
Reported by:		Barry Mishler <barry_mishler@yahoo.com>
MFC after:		3 weeks
2018-03-09 23:25:18 +00:00
asomers
054a344d95 Add some functional tests for tftpd(8)
tftpd(8) is difficult to test in isolation due to its relationship with
inetd.  Create a test program that mimics the behavior of tftp(1) and
inetd(8) and verifies tftpd's response in several different scenarios.

These test cases cover all of the basic TFTP protocol, but not the optional
parts.

PR:		157700
PR:		225996
PR:		226004
PR:		226005
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D14310
2018-03-09 15:30:20 +00:00
asomers
c8d2fb97f2 rpc.sprayd: raise WARNS to 6
MFC after:	3 weeks
2018-03-05 16:11:07 +00:00
trasz
421fff6c4a .Xr pstat(8), so that people have a chance to learn how to get a list
of terminal devices using "pstat -t".

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-03-02 14:16:19 +00:00
mmel
bd14553bb6 Make rtld_bind_start() debugger friendly.
Save link register and annotate call frame structure so debugger can unwind
call frame created by rtld_bind_start().

MFC after:	2 weeks
2018-02-27 15:35:11 +00:00
trasz
c2a7be7783 Fix gettytab(5) to document f0, f1, and f2 as unsupported; they've been gone
since r131091.

PR:             184691 (partial)
Submitted by:   naddy@
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
2018-02-26 17:51:18 +00:00
trasz
08613ce568 Prevent getty(8) from looping indefinitely if the device node doesn't
exist. This behaviour makes no sense for eg USB serial adapters, or
USB device-side serial templates.

This mostly reverts to pre-r135941 behaviour.

Reviewed by:	imp@
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14198
2018-02-25 20:15:06 +00:00
trasz
784e0cc049 Build getty(8) with WARNS=6.
Reviewed by:	imp@
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14197
2018-02-21 15:57:24 +00:00
trasz
27c92bd697 Sprinkle static; avoid nested externs.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 19:05:13 +00:00
trasz
b885082be8 Add missing initializer.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:40:36 +00:00
trasz
6de165e2dd Rename getty's getline() to get_line(), to avoid clash with getline(3).
Obtained from:	DragonFlyBSD
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:39:58 +00:00
trasz
d545c29ed5 Don't cast away the const, it's not been needed since r92925.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:36:24 +00:00
trasz
1797d2da21 Initialize all the fields. This is one of the steps required to bump WARNS.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:58:31 +00:00
trasz
0e97ad7f73 Reduce code duplication; no functional changes.
Obtained from:	NetBSD
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:55:20 +00:00
trasz
af02e546da Remove unused variable.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:54:05 +00:00
marius
d9ac9c210e o Let rtld(1) set up psABI user trap handlers prior to executing the
objects' init functions instead of doing the setup via a constructor
  in libc as the init functions may already depend on these handlers
  to be in place. This gets us rid of:
  - the undefined order in which libc constructors as __guard_setup()
    and jemalloc_constructor() are executed WRT __sparc_utrap_setup(),
  - the requirement to link libc last so __sparc_utrap_setup() gets
    called prior to constructors in other libraries (see r122883).
  For static binaries, crt1.o still sets up the user trap handlers.
o Move misplaced prototypes for MD functions in to the MD prototype
  section of rtld.h.
o Sprinkle nitems().
2018-02-03 23:14:11 +00:00
pfg
6a14751e3a rpc.sprayd: Remove 3rd and 4th clauses in christos' license.
Obtained from:	NetBSD
2017-12-28 17:51:53 +00:00
pfg
d5811653ed rpc.sprayd: Bring some changes from NetBSD.
Most notable, other than some style issues:
CVS 1.11:
  do not use LOG_CONS.
CVS 1.13:
  consistently use exit instead of return in main().
  use LOG_WARNING instead of LOG_ERR for non critical errors.

Obtained from:	NetBSD
MFC after:	2 weeks
2017-12-28 17:44:30 +00:00
delphij
32a7549145 Replace send-mail with the more standarized sendmail, we do not create
links for send-mail in mailwrapper so it did not work anyway.

MFC after:	2 weeks
2017-12-27 06:23:50 +00:00
delphij
739ac49229 Use strlcpy().
MFC after:	2 weeks
2017-12-05 07:21:47 +00:00
pfg
fab328f17f libexec: adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.
2017-11-27 15:25:02 +00:00
pfg
872b698bd4 General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
pfg
9da7bdde06 spdx: initial adoption of licensing ID tags.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.

Initially, only tag files that use BSD 4-Clause "Original" license.

RelNotes:	yes
Differential Revision:	https://reviews.freebsd.org/D13133
2017-11-18 14:26:50 +00:00
trasz
9bb62d136f Increase rtld initial memory pool size from 32kB to 128kB.
The old value was probably fine back in 1998, when that code was imported
(although the comments still mention VAX, which was quite obsolete by then);
now, however, it's too small to handle our libc, which results in some
additional calls to munmap/mmap later on.  Asking for more virtual address
space is virtually free, and syscalls are not, thus the change.

It was suggested by kib@ that this might be a symptom of a deeper problem.
It doesn't only affect libc, though - the change also improves rtld memory
management for eg KDE libraries.  I guess it's just a natural bloat.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12834
2017-11-18 13:21:22 +00:00
jhb
710175569b Appease old GCC by disabling .cfi_sections for GCC 4.x. 2017-11-14 17:16:03 +00:00
jhb
73e564150a Some fixups to the CFI directives for PLT stub entry points.
The directives I added in r323466 and r323501 did not define a valid
CFA until several instructions into the associated functions.  This
triggers an assertion in GDB when generating a stack trace while
stopped at the first instruction of PLT stub entry point since there
is no valid CFA rule for the first instruction.

This is probably just wrong on my part as the non-simple .cfi_startproc
would have defined a valid CFA.  Instead, define a valid CFA as sp + 0
at the start of the functions and then use .cfa_def_offset to change the
offset when sp is adjusted later in the function.

Sponsored by:	DARPA / AFRL
2017-11-10 01:17:26 +00:00
jhb
f77a4e7d64 Use NESTED() instead of LEAF() for rtld_start.
This is only cosmetic, but the entry point for rtld is not a leaf function,
and this avoids two .frame directives for rtld_start.

Sponsored by:	DARPA / AFRL
2017-11-10 01:13:45 +00:00