Commit Graph

2478 Commits

Author SHA1 Message Date
cem
942f34746a random(4): Attempt to persist entropy promptly
The goal of saving entropy in Fortuna is two-fold: (1) to provide early
availability of the random device (unblocking) on next boot; and (2), to
have known, high-quality entropy available for that initial seed.  We know
it is high quality because it's output taken from Fortuna.

The FS&K paper makes it clear that Fortuna unblocks when enough bits have
been input that the output //may// be safely seeded.  But they emphasize
that the quality of various entropy sources is unknown, and a saved entropy
file is essential for both availability and ensuring initial
unpredictability.

In FreeBSD we persist entropy using two mechanisms:

1. The /etc/rc.d/random shutdown() function, which is used for ordinary
   shutdowns and reboots; and,

2. A cron job that runs every dozen minutes or so to persist new entropy, in
   case the system suffers from power loss or a crash (bypassing the
   ordinary shutdown path).

Filesystems are free to cache dirty data indefinitely, with arbitrary flush
policy.  Fsync must be used to ensure the data is persisted, especially for
the cron job save-entropy, whose entire goal is power loss and crash safe
entropy persistence.

Ordinary shutdown may not need the fsync because unmount should flush out
the dirty entropy file shortly afterwards.  But it is always possible power
loss or crash occurs during the short window after rc.d/random shutdown runs
and before the filesystem is unmounted, so the additional fsync there seems
harmless.

PR:		230876
Reviewed by:	delphij, markj, markm
Approved by:	secteam (delphij)
Differential Revision:	https://reviews.freebsd.org/D19742
2019-03-31 04:57:50 +00:00
kib
9638d3e2e6 Fix initial exec TLS mode for dynamically loaded shared objects.
If dso uses initial exec TLS mode, rtld tries to allocate TLS in
static space. If there is no space left, the dlopen(3) fails. If space
if allocated, initial content from PT_TLS segment is distributed to
all threads' pcbs, which was missed and caused un-initialized TLS
segment for such dso after dlopen(3).

The mode is auto-detected either due to the relocation used, or if the
DF_STATIC_TLS dynamic flag is set.  In the later case, the TLS segment
is tried to allocate earlier, which increases chance of the dlopen(3)
to succeed.  LLD was recently fixed to properly emit the flag, ld.bdf
did it always.

Initial test by:	dumbbell
Tested by:	emaste (amd64), ian (arm)
Tested by:	Gerald Aryeetey <aryeeteygerald_rogers.com> (arm64)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D19072
2019-03-29 17:52:57 +00:00
emaste
7ebe05b989 rtld: attempt to fix reloc_non_plt TLS allocation on MIPS
allocate_tls_offset returns true on success.  The same issue existed
on arm and was fixed in r345693.

PR:		236880
MFC after:	1 month
Sponsored by:	The FreeBSD Foundation
2019-03-29 15:07:00 +00:00
emaste
2ef156ce23 rtld: attempt to fix reloc_nonplt_object TLS allocation
allocate_tls_offset returns true on success.  This still needs more
testing and review, but this change is consistent with other archs.

PR:		236880
Reported by:	Andrew Gierth <andrew@tao11.riddles.org.uk>
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2019-03-29 14:35:23 +00:00
emaste
2648698edf revert r341429 "disable BIND_NOW in libc, libthr, and rtld"
r345620 by kib@ fixed the rtld issue that caused a crash at startup
during resolution of libc's ifuncs with BIND_NOW.

PR:		233333
Sponsored by:	The FreeBSD Foundation
2019-03-28 02:12:32 +00:00
kib
a39d81cd6c rtld: disable relro enforcement for irelative relocation processing.
This fixes yet another breakage for relro + bind now.

Reported by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2019-03-27 22:35:28 +00:00
ae
273edcd24b Add ability to automatically load ipfw_nat64, ipfw_nptv6 and ipfw_pmod
modules by declaring corresponding variables in rc.conf. Also document
them in rc.conf(5).

Submitted by:	Dries Michiels
Differential Revision:	https://reviews.freebsd.org/D19673
2019-03-23 15:41:32 +00:00
cy
d1995a3d0d The check for $ippool_rules in start_cmd is tautological.
Reported by:	hrs@
MFC after:	13 days
X-MFC with:	r345400
2019-03-23 04:32:10 +00:00
cy
8b8564b522 Use internal command variables for consistent style.
Reported by:	rgrimes@
MFC after:	13 days
X-MFC with:	r345400
2019-03-22 11:46:35 +00:00
cy
d384d720f8 From r345400, connect ippool to the build/install.
PR:		218433
MFC after:	2 weeks
X-MFC with:	r345400
2019-03-22 01:42:27 +00:00
cy
7afdafa07f Add rc.d support for ippool(8).
I've been using ippool at my site for approximately two years. It's
about time this was committed.

PR:		218433
MFC after:	2 weeks
2019-03-22 01:30:51 +00:00
bz
8f6fafa869 Fix legacy IP autoconfiguration.
It seems my subconcious plan in r345088 to not only prefer IPv6 autoconf
but to also slowly deteriorate legacy IP auto-configuration was uncovered
way too early.

In case IPv6 is a thing yet ipv6_autoconfif was not true, we would not
bring up the interface yet tell the follow-up DHCPv4 configuration in
ifconfig_up() that we did.  So unless you were doing SYNCDHCP or IPv6
you would not get legacy-IP DHCPv4 configuration.

I see multiple problems here: (a) people not yet using IPv6 (obviously a
problem), and (b) the dhclient startup script not running dhclient in
that case despite configured to do so (needs to be investigated seperately).

Reported by:	Pawel Biernacki (pawel.biernacki gmail.com)
Tested by:	Pawel Biernacki
Differential Revision:	https://reviews.freebsd.org/D19488
Pointyhat to:	bz (not sure if it is for breaking or
		for letting them notice it so easily)
2019-03-17 09:31:09 +00:00
bz
7192e4e02b Enhance IPv6 autoconf startup.
Before this change we would only run rtsol on an interface which was
set to accept_rtadv and did not have rtsold enabled.  This change
removes the latter condition and always runs rtsol (rather than the
deferred rtsold) to reduce the delay until we send the first RS.

This change will also handle the accept_rtadv before dhcp hence
starting IPv6 auto-configuration before IPV4 DHCP.

This change is intended for FreeBSD 13 and later only and will not be MFCed.

Reviewed by:		hrs
Differential Revision:	https://reviews.freebsd.org/D19488
2019-03-13 17:00:15 +00:00
bcr
84cc085048 Extend descriptions and comments about the need to create /etc/pf.conf.
FreeBSD removed the default /etc/pf.conf file in previous releases, but
the documentation kept mentioning it like any other file present in the
system.  Change pf.conf(5) to mention in the description of the default
ruleset location that this file needs to be created manually. Also, the
default rc.conf file had it's comment extended a bit to let people know
that this file does not exist by default.

PR:		    231977
Submitted by:	    koobs@
Reviewed by:	    kp@, 0mp@
Approved by:	    kp@
MFC after:	    10 days
Differential Revision:	https://reviews.freebsd.org/D19530
2019-03-12 20:08:37 +00:00
cy
3238513f87 Fix still installing ipfilter rc.d files even when WITHOUT_IPFILTER
is specified.

When WITHOUT_IPFILTER is specified, delete-old-files fails to delete
the optional rc.d files from above. Fix this.

WITHOUT_IPFILTER fails to delete the ipfilter.5 optional file during
delete-old-files. Fix this.

Reported by:	Dmitry Luhtionov <dmitryluhtionov@gmail.com>
MFC after:	1 week
2019-03-12 19:34:33 +00:00
asomers
80fa2e20e7 Drop "All rights reserved" from the files I own
Also, add SPDX tags where needed.

MFC after:	2 weeks
2019-03-11 22:23:56 +00:00
lidl
375a0e48ae Remove an unneeded 'tail -n 1' from a pipeline
When piping to awk, it's almost always an anti-pattern to use 'grep'
first.

When not in a pipeline, sometimes it is faster to use tail, as awk
must process all the lines in the input stream, and won't 'seek'.
In a pipeline, both grep and awk must process all lines, so we might
as well skip the extra process creation for tail and just use awk
for all the processing.

Reviewed by:	jilles
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D19441
2019-03-11 13:33:03 +00:00
sef
9fb40dda0a Add support for a virtual hostname to nfsd
Specifically, this allows (via "-V vhostname") telling nfsd what principal
to use, instead of the hostname.  This is used at iXsystems for fail-over in
HA systems.

Reviewed by:	macklem
Sponsored by:	iXsystems Inc.
Differential Revision:	https://reviews.freebsd.org/D19191
2019-02-16 00:15:54 +00:00
emaste
33a9dab77f Add WITH_PIE knob to build Position Independent Executables
Building binaries as PIE allows the executable itself to be loaded at a
random address when ASLR is enabled (not just its shared libraries).

With this change PIE objects have a .pieo extension and INTERNALLIB
libraries libXXX_pie.a.

MK_PIE is disabled for some kerberos5 tools, Clang, and Subversion, as
they explicitly reference .a libraries in their Makefiles.  These can
be addressed on an individual basis later.  MK_PIE is also disabled for
rtld-elf because it is already position-independent using bespoke
Makefile rules.

Currently only dynamically linked binaries will be built as PIE.

Discussed with:	dim
Reviewed by:	kib
MFC after:	1 month
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D18423
2019-02-15 22:22:38 +00:00
cperciva
67d2201786 Teach /etc/rc.d/growfs how to handle systems running ZFS.
There are many cases which this code does not handle (e.g. ZFS mirrors)
but the code can handle the single-disk case -- so it's enough to take
care of the "disk image which gets booted into a VM with a larger than
expected disk" case for which this firstboot script was created.

MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D19095
2019-02-08 19:19:31 +00:00
imp
fcac8a2db3 Remove All Rights Reserved
Remove the all rights reserved clause from my copyright, and make
other minor tweaks needed where that might have created ambiguity.
2019-02-05 21:37:34 +00:00
vangyzen
388de14948 rtld: pacify -Wmaybe-uninitialized from gcc6
Sponsored by:	Dell EMC Isilon
2019-02-01 23:16:59 +00:00
kib
00ad846ae4 Rename rtld-elf/malloc.c to rtld-elf/rtld_malloc.c.
Then malloc.c file name is too generic to use it for libthr.a.

Sponsored by:	The FreeBSD Foundation
MFC after:	13 days
2019-01-30 16:28:27 +00:00
kib
949bf85901 Add header file missed in r343564.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D18988
2019-01-29 22:45:24 +00:00
kib
e50de39a98 Adjust posix symbols from rtld-elf/malloc.c with the __crt_ prefix.
This allows to reuse the allocator in other environments that get
malloc(3) and related functions from libc or interposer.

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D18988
2019-01-29 22:40:42 +00:00
avos
a7bfcd8ed2 rc(8): do not stop dhclient(8) when wpa_supplicant(8) / hostapd(8) is used
They will stop it automatically ('Interface wlan0 is down,
dhclient exiting'); use /etc/rc.d/dhclient stop command only when
none of them is used.

MFC after:	5 days
2019-01-27 15:55:31 +00:00
kib
42ffd5f945 Remove now redundand ifunc relocation code which should have been
removed as part of r341441.

This call to reloc_non_plt() may crash if ifunc resolvers use the
needed libraries symbols since the pass over the needed libs
relocation is not yet done.  The change in r341441 ensures the right
relocation order otherwise.

Submitted by:	theraven
MFC after:	1 week
Discussed in:	https://reviews.freebsd.org/D17529
2019-01-27 00:37:52 +00:00
se
4a8a970d5e Fix potential buffer overflow and undefined behavior.
The buffer allocated in read_chat() could be 1 element too short, if the
chatstr parameter passed in is 1 or 3 charachters long (e.g. "a" or "a b").
The allocation of the pointer array does not account for the terminating
NULL pointer in that case.

Overlapping source and destination strings are undefined in strcpy().
Instead of moving a string to the left by one character just increment the
char pointer before it is assigned to the results array.

MFC after:	2 weeks
2019-01-26 20:43:28 +00:00
brooks
3d6c5e19e8 Use a private definition of osockaddr rather then relying on type
namespace polution in sys/socket.h.

Also remove support for operation on 4.3BSD.

PR:		224529
Differential Revision:	https://reviews.freebsd.org/D14505
2019-01-18 21:30:06 +00:00
des
822f8baa4c Revert r343093 until I can address the issues raised by kib@. 2019-01-17 16:50:50 +00:00
des
776282ee21 Implement dlopenat(3).
MFC after:	3 weeks
2019-01-16 12:12:40 +00:00
jhibbits
34bac9a05e Fix rtld-elf compilation warning for powerpc64 ELFv2 ABI
Summary: reloc_jmpslot function parameter 'defobj' is not used when using ELFv2
ABI

Submitted by:	alfredo.junior_eldorado.org.br
Reviewed By: kib, git_bdragon.rtk0.net, emaste, jhibbits
Differential Revision: https://reviews.freebsd.org/D18808
2019-01-13 02:33:20 +00:00
kevans
cb474e1de9 rc.subr: Fix typo
Originally intended as 'in case in needs to be re-invoked', but it was later
decided (by myself) that 're-invoke itself' makes it more clear that the
script is expected to use this in a way.

Reported by:	Jose Luis Duran (jlduran @ github)
X-MFC-With:	r342792
2019-01-06 01:39:01 +00:00
kevans
87678f95ad rc.subr: Provide rc_service variable for service scripts
Some rc scripts in ports (e.g. uwsgi, apache, openvpn) allow for
'application profiles' that usually require the rc script to be invoked
again for each active profile. Because there's no consistent way to
determine the path because it differs between manual/service(8) invocations
and /etc/rc invocations, this leads to patterns like these:

- www/uwsgi hardcodes the script path
- security/openvpn guesses either $_file or $0 based on $0 = /etc/rc

Instead of forcing rc scripts to guess, provide an rc_service variable to
the scripts that gets set appropriately both for direct execution or when a
script is being executed via run_rc_script (e.g. /etc/rc).

This is our analog of an OpenRC variable with the same name, different case
(RC_SERVICE).

PR:		234614
Reported by:	koobs
Reviewed by:	dteske, jilles
MFC after:	3 days
2019-01-05 21:23:25 +00:00
jhibbits
d6cbcdd4c0 rtld-elf: Fix powerpc64 TLS handling, matching powerpc's fix
We need to subtract the TLS_TCB_SIZE to get to the real data pointer, since
r13 points to the end of the TCB structure.  Prior to this, devel/protobuf-c
port broke with recent update to devel/protobuf, which exposed this issue.

Submitted by:	andreast
Reported by:	Piotr Kubaj
MFC after:	1 week
2019-01-01 20:12:58 +00:00
mjg
d340729f53 Remove iBCS2, part1: userspace
iBCS2 was disconnected from the build in 2015 (see r291419)

bsdconfig parts submitted by dteske.

Reviewed by:	kib (previous version)
Sponsored by:	The FreeBSD Foundation
2018-12-19 21:56:54 +00:00
emaste
2fa3dfd487 bootpd: validate hardware type
Due to insufficient validation of network-provided data it may have been
possible for a malicious actor to craft a bootp packet which could cause
a stack buffer overflow.

admbugs:	850
Reported by:	Reno Robert
Reviewed by:	markj
Approved by:	so
Security:	FreeBSD-SA-18:15.bootpd
Sponsored by:	The FreeBSD Foundation
2018-12-19 18:16:29 +00:00
asomers
9f8238d209 Conditionally install /etc/rc.d/audit* based on ${MK_AUDIT}
/usr/sbin/audit(dist)?d are only installed if ${MK_AUDIT} == yes. Their
supporting scripts should only be installed in those instances as well.

Submitted by:	ngie
Reviewed by:	emaste
MFC after:	2 weeks
Pull Request:	https://github.com/freebsd/freebsd/pull/242
2018-12-16 23:38:46 +00:00
gnn
222efc509d Remove, the now very outdated, timed.
Submitted by:	Kyle Spiers ksspiers at gmail
Reviewed by:	bcr,brooks,bz,sbruno
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D18505
2018-12-15 21:34:40 +00:00
mmel
4a03477e31 Improve R_AARCH64_TLSDESC relocation.
The original code did not support dynamically loaded libraries and used
suboptimal access to TLS variables.
New implementation removes lazy resolving of TLS relocation - due to flaw
in TLSDESC design is impossible to switch resolver function at runtime
without expensive locking.

Due to this, 3 specialized resolvers are implemented:
 - load time resolver for TLS relocation from libraries loaded with main
   executable (thus with known TLS offset).
 - resolver for undefined thread weak symbols.
 - slower lazy resolver for dynamically loaded libraries with fast path for
   already resolved symbols.

PR:		228892, 232149, 233204, 232311
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D18417
2018-12-15 10:38:07 +00:00
cem
46a4fa605e rc.subr: Implement list_vars without using 'read'
'read' pessimistically read(2)s one byte at a time, which can be quite
silly for large environments in slow emulators.

In my boring user environment, truss shows that the number of read()
syscalls to source rc.subr and invoke list_vars is reduced by something like
3400 to 60.  ministat(1) shows a significant time difference of about -71%
for my environment.

Suggested by:	jilles
Discussed with:	dteske, jhb, jilles
Differential Revision:	https://reviews.freebsd.org/D18481
2018-12-11 01:38:50 +00:00
mmel
73763781e7 Implement R_AARCH64_TLS_DTPMOD64 and A_AARCH64_TLS_DTPREL64 relocations.
Although these are slightly obsolete in favor of R_AARCH64_TLSDESC,
gcc -mtls-dialect=trad still use them.

Please note that definition of TLS_DTPMOD64 and TLS_DTPREL64 are incorrectly
exchanged in GNU binutils. TLS_DTPREL64 should be encoded to 1028 (as is
defined in ARM ELF ABI) but binutils encode it to 1029. And vice versa,
TLS_DTPMOD64 should be encoded to 1029 but binutils encode it to 1028.

While I'm in, add also R_AARCH64_NONE. It can be produced as result of linker
relaxation.

MFC after:	1 week
2018-12-08 14:58:17 +00:00
mmel
0275a9632c Tidy up arm64 reloc_jmpslots() implementation.
- don't relocate jump slots multiple times (if LD_BIND_NOW is defined).
- process only R_AARCH64_JUMP_SLOT here, other relocation types are handled
  by reloc_plt().

MFC after:	1 week
2018-12-05 10:30:53 +00:00
mmel
d2e12e4129 Implement arm64 version of __tls_get_addr().
MFC after:	1 week
2018-12-05 10:23:38 +00:00
mmel
90d0da9858 Fix style(9).
Not a functional change.

MFC after:	1 week
2018-12-05 10:22:14 +00:00
kib
afa4092620 Some fixes for LD_BIND_NOW + ifuncs.
- Do not perform ifunc relocations together with other PLT relocations
  in PLT.  Instead, do it during an additional pass over the init
  list, so that ifuncs are resolved in the order of dso
  dependencies. This allows the ifuncs resolvers to call into depended
  libs.  Init list now includes all objects instead of only objects
  with init/fini callables.
- Disable relro protection around bind_now ifunc relocations.

I considered calling ifunc resolvers of dso after initializers of all
dependencies are processed, and decided that this is wrong/should not
be supported. The order now is normal relocations for all
objects->ifunc resolution in init order->initializers, where each step
does complete pass over all loaded objects before moving to the next
step.

Reported, tested and reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D18400
2018-12-03 20:03:43 +00:00
kib
f76ddef342 Provide naive but self-contained implementations of memset(3) and
bzero(3) for rtld.

This again reduces rtld dependency on libc, and in future, avoid ifunc
relocations when the functions are converted to ifuncs in libc.

Reported by:	mjg
Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D18400
2018-12-03 19:55:55 +00:00
emaste
4b8684b1a7 disable BIND_NOW in libc, libthr, and rtld
An issue remains with BIND_NOW and processes using threads.  For now,
restore libc's BIND_NOW disable, and also disable BIND_NOW in rtld and
libthr.

A patch is in review (D18400) that likely fixes this issue, but just
disable BIND_NOW pending further testing after it is committed.

PR:		233333
Sponsored by:	The FreeBSD Foundation
2018-12-03 15:59:46 +00:00
kib
eaf760e402 rtld: parse FreeBSD Feature Control note on the object load.
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
2018-11-23 22:37:35 +00:00
cem
5ba01d2430 Revert r340843 - addressed independently in r340842! 2018-11-23 18:27:16 +00:00
cem
52b184fd16 rtld: Silence a false positive GCC 6.4.0 warning
The function reloc_non_plt has complicated variable lifetimes that GCC 6.4.0
(the version currently used by amd64-xtoolchain-gcc) misunderstands and
produces an erroneous warning about.  Silence it to allow the -Werror build
to proceed.

Reviewed by:	emaste
2018-11-23 18:23:29 +00:00
kib
61fe5f31f1 Silence gcc warnings.
Reported by:	emaste
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
2018-11-23 18:15:23 +00:00
cy
9e1bbc9fd8 Allow forced start of ipmon in special cases where testing is desired
(or other special cases) and when ipfilter is disabled in rc.conf but
started by other means.

MFC after:	1 week
2018-11-22 04:48:27 +00:00
kib
9593615a0c rtld: when immediate bind mode is requested, process irelocs in PLT
immediately after other PLT relocs.

Otherwise, if the object has relro page, we write to readonly page,
and we would need to use mprotect(2) two more times to fix it.  Note
that resolve_object_ifunc() does nothing when called second time, so
there is no need to avoid existing call.

Reported and tested by:	emaste
PR:	233333
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-11-20 14:52:43 +00:00
eugen
17a2a2a164 Move definition of $jail_conf variable to /etc/defaults/rc.conf
from jail startup script so it can be successfully queried
with the command "sysrc jail_conf".

MFC after:	1 month
2018-11-10 14:11:54 +00:00
arichardson
cd8fbf39d6 Handle the DT_MIPS_RLD_MAP_REL dynamic tag in RTLD
This dynamic tag contains the location of the .rld_map section relative to
the location of the dynamic tag. For PIE MIPS binaries DT_MIPS_RLD_MAP can
not be used since it contains an absolute address. Without this change
GDB can not find the function program counters in other libraries and once
I apply this change I can successfully run info sharedlibraries again.

Reviewed By:	kib
Differential Revision: https://reviews.freebsd.org/D17867
2018-11-07 15:04:41 +00:00
emaste
04e0acd935 rtld: move relro enforcement after ifunc processing
Previously the combination of relro (implicit), -z now and ifunc use
resulted in a segfault when applying ifuncs after relro (test binary
here just calls amd64_get_fsbase()):

| % env LD_DEBUG=1 libexec/rtld-elf/obj/ld-elf.so.1 a.out
| ...
| enforcing main obj relro
| ...
| resolving ifuncs
| reloc_jmpslot: *0x203198 = 0x189368ea4570
| zsh: bus error (core dumped)  LD_DEBUG=1 obj/ld-elf.so.1 ~/a.out

Reported by:	Shawn Webb
Reviewed by:	kib
Sponsored by:	The FreeBSD Foundation
2018-11-04 19:21:12 +00:00
kib
cafa79dcef Remove Obj_Entry textsize member.
It is unused after r340102, and more important, I do not see how to
define textsize in both practically useful and correct way, for binaries
with more that one executable segments.

Sponsored by:	The FreeBSD Foundation
2018-11-04 00:32:28 +00:00
kib
5b944b1c03 Flush data cache for executable loadable segments explicitly.
Do not use textsize and do not flush everything between map base and
base + textsize, because unmapped areas cannot be flushed.

This makes Obj_Entry textsize only use go away, and I will remove it
later.

Reported by:	tuexen
Tested by:	Mark Millard <marklmi26-fbsd@yahoo.com>
Sponsored by:	The FreeBSD Foundation
2018-11-03 20:39:16 +00:00
des
7df50adcde Run unbound-anchor when root.key is empty, not just when it is absent.
PR:		232555
Submitted by:	Ari Suutari <ari@stonepile.fi>
MFC after:	3 days
2018-11-01 14:24:12 +00:00
dteske
1f052ff0ad Add new rc keywords: enable, disable, delete
This adds new keywords to rc/service to enable/disable a service's
rc.conf(5) variable and "delete" to remove the variable.

When the "service_delete_empty" variable in rc.conf(5) is set to "YES"
(default is "NO") an rc.conf.d file (in /etc/ or /usr/local/etc) is
deleted if empty after modification using "service $foo delete".

Submitted by:	lme (modified)
Reviewed by:	0mp (previous version), lme, bcr
Relnotes:	yes
Sponsored by:	Smule, Inc.
Differential Revision:	https://reviews.freebsd.org/D17113
2018-10-31 20:37:12 +00:00
kib
1387551a9c Remove rtld use of libc amd64_set_fsbase().
One less non-trivial dependency of rtld on libc.  Also,
amd64_set_fsbase() is to be converted to ifunc, which I do not want to
support inside rtld.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-10-29 23:59:26 +00:00
kib
8e7496aa64 Initialize ifunc calling machinery earlier.
In particular, do it before the first call to allocate_initial_tls(),
which contains MD parts to set the initial thread' TLS pointer.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-10-29 23:56:39 +00:00
arichardson
17d3c0ce4c rtld-elf: fix more warnings to allow compiling with WARNS=6
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17154
2018-10-29 21:08:28 +00:00
arichardson
b885decb3c rtld-elf: compile with WANRS=4 warnings other than -Wcast-align
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17153
2018-10-29 21:08:19 +00:00
arichardson
ea67da5f83 rtld-elf: make it compile with WARNS=3
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17150
2018-10-29 21:08:11 +00:00
arichardson
4a1080a9d3 rtld: set obj->textsize correctly
With lld-generated binaries the first PT_LOAD will usually be a read-only
segment unless you pass --no-rosegment. For those binaries the textsize is
determined by the next PT_LOAD. To allow both LLD and bfd 2.17 binaries to
be parsed correctly use the end of the last PT_LOAD that is marked as
executable instead.

I noticed that the value was wrong while adding some debug prints for some rtld
changes for CHERI binaries. `obj->textsize` only seems to be used by PPC so the
effect is untested. However, the value before was definitely wrong and the new
result matches the phdrs.

Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17117
2018-10-29 21:08:02 +00:00
eugen
224e08c700 rcorder(8): add support for /etc/rc.resume, so it calls "rcorder -k resume"
and runs scripts containing "KEYWORD: resume" with single "resume" argument.

Working example is the port sysutils/cpupdate that defines
extra_commands="resume" to reload CPU microcode cleared
by suspend/resume sequence.

This change does nothing for a system having no scripts with KEYWORD: resume.

MFC after:		1 month
Differential Revision:	https://reviews.freebsd.org/D15247
2018-10-27 17:21:13 +00:00
eugen
b9679deff8 makewhatis: do not try to operate on read-only mounted directories
just to fail later.

MFC after:	1 month
2018-10-27 17:15:58 +00:00
des
f91c2df9e3 Add default value for local_unbound_tls + fix nearby style bugs.
Reported by:	bcran@
MFC after:	3 days
2018-10-27 09:34:33 +00:00
glebius
21791314ac Remove code that is dead since r287197. Today wlan(4) interfaces aren't
children of some other interface. Creation happens only in wlan_up().
2018-10-24 20:49:51 +00:00
eugen
9a472e898d rc.initdiskless: fix commentary grammar after r339465
MFC after:	1 month
2018-10-20 18:46:36 +00:00
eugen
1901274ba0 rc.initdiskless: add support for auxiliary NVRAM.
Currently, rc.inidiskless assumes that local system configuration
changes are kept in some mountable file system. For example,
nanobsd uses dedicated partition mounted as /cfg for this.

However, small embedded devices like MIPS routers may have no enough flash
space to keep full-blown file system but have only one or couple
small flash blocks to keep persistent local configuration overrides.

This change extends rc.initdiskless and introduces ability to run auxiliary
command /conf/T/M/extract that is supposed to extract configuration overrides
from such local storage.

For example, the command /conf/default/etc/extract may contain something like:

cd "$1" && bsdcpio --quiet -idu < /dev/map/cfg

bsdcpio command extracts compressed archive from the storage to /etc
assuming the storage is exposed by the kernel as /dev/map/cfg to userland.

PR:		204215
MFC after:	1 month
2018-10-20 18:13:51 +00:00
eugen
8cb4b0c018 Make upgrade from previous FreeBSD versions less painful
and make previously working configuration like this work again:

gif_interfaces="gif0"
gifconfig_gif0="1.1.1.1 2.2.2.2"
ifconfig_gif0="inet 192.168.1.1 192.168.1.2 netmask 255.255.255.252"

PR:		204700
MFC after:	1 month
2018-10-20 18:01:48 +00:00
des
59fd2fb98e The local_unbound service will configure and bootstrap itself, but only
if a network connection is available.  This is not an issue when running
'service local_unbound setup' interactively, but can be on a diskless
system where local_unbound self-configures on every boot.  To address
this, add explicit dependencies on netwait and defaultroute.

Submitted by:	eugen
Approved by:	re (gjb)
2018-10-18 18:33:44 +00:00
des
c45ccb9f71 Add support for DNS-over-TLS to the local_unbound service.
Approved by:	re (kib)
2018-10-18 15:35:13 +00:00
bz
9e213bd230 While preparing to move init(8) to its own package as indicated
in r339413, a current pkgbase update problem came up.  For users
testing pkgbase at the moment there is no (automatic) way to pick
up new base packages (yet).
As a result rather than also moving init(8) to its own package,
back out the part of the change in r339413 that moved rc* to its
own package and defer creating new packages until the
infrastructure is in place to handle these cases.
Both init and rc* are considered too problematic to be lost by
early adaptors at this stage.

Discussed with:		brd
Reviewed by:		brd
Approved by:		re (gjb)
2018-10-18 02:07:30 +00:00
bz
6fa8790c31 Move the rc framework out of sbin/init into libexec/rc.
The reasons for this are forward looking to pkgbase:
 * /sbin/init is a special binary; try not to replace it with
   every package update because an rc script was touched.
   (a follow-up commit will make init its own package)
 * having rc in its own place will allow more easy replacement
   of the rc framework with alternatives, such as openrc.

Discussed with:		brd (during BSDCam), kmoore
Requested by:		cem, bz
PR:			231522
Approved by:		re (gjb)
2018-10-17 16:49:11 +00:00
andreast
a195c2356b This commit reverts 338930. The approach was wrong.
Fix the issue with subtracting the TLS_TCB_SIZE too when we are trying to get
the 'where' in the R_PPC_TPREL32 case. At allocation time we added an offset
and the TLS_TCB_SIZE. This has to be subtracted as well.

Now all the issues reported are fixed. Tests were done on G4 and G5 PowerMac's.
Additionally I ran the tls tests from the gcc test suite and made sure the
results are as good as pre 338486.

Thanks to tuexen for reporting the malfunction and for patient testing.
Also testing thanks goes to jhibbits.

Reported by:	tuexen
Discussed with:	jhibbits, nwhitehorn
Approved by:	re (gjb)
Pointyhat to:	andreast
2018-10-01 18:46:35 +00:00
andrew
c148541690 Add STT_GNU_IFUNC and R_AARCH64_IRELATIVE support on arm64.
This is based on the amd64 implementation. Support for both PLT and
non-PLT (e.g. a global variable initilised with a pointer to an ifunc)
cases are supported.

We don't pass anything to the resolver as it is expected they will read
the ID registers directly, with the number of registers with CPU info
likely to increase in the future.

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17341
2018-10-01 14:02:29 +00:00
kib
5982fcac46 Provide refobj context when doing libmap substitution inside
search_library_path().

This corrects the scope of libmap matches.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:28:14 +00:00
kib
9593a6d4aa When doing lm_add(), check for duplicates.
This is useful when lm_find() moves the match to the global mapping,
since lm_find() could be called with a same path more than once.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:27:08 +00:00
andreast
bbfa8d7720 Bring the 32-bit powerpc (PowerMac) back to live. The commit 338486 reworked
some TLS bits. This broke operation on the PowerMac. Namely one could not login.
At login the screen/shell was giving back lots of backslashes and the login
shell dumped core.

The fix to this issue is to revert the powerpc commit from 338486 and to
increase the TLS_TCB_SIZE to 16.
Reverting only did not help, login was possible but userland applications
aborted with strange messages.

I tested this patch with world/kernel builds and with port upgrades.
Additionally a full gcc8 bootstrap was successfully completed.

Reviewed by: jhibbits@
Approved by: re (Glen)
2018-09-25 19:29:35 +00:00
brd
eb92ef0b12 Move libmap.conf to libexec/rtld-elf/
This leverages CONFS to handle the config file install.

Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D17161
2018-09-18 00:25:00 +00:00
brooks
ad8dc1e97b Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

This was previously commited as r337978 and reverted in r338149 due to
exposing a bug the ARM rtld.  This bug was fixed in r338317 by mmel.

Submitted by:	James Clarke
Approved by:	re (kib)
Reviewed by:	kbowling
Testing by:	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-09-05 23:23:16 +00:00
brd
efb1577987 Move gettytab to libexec/getty/
Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16953
2018-09-05 15:25:23 +00:00
kib
ae9e5bc0c3 Style cleanup. No functional changes.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Approved by:    re (rgrimes)
2018-09-02 15:42:37 +00:00
mmel
58ecd611cd Fix wrong offset calculation for R_ARM_TLS_TPOFF32 relocations.
TLS_TCB_SIZE is already accounted in defobj-> tlsoffset so all these symbols
were incorrectly relocated by +8.

Note:
The only consumer (for all binaries on my ARM board) of R_ARM_TLS_TPOFF32
relocation is _ThreadRuneLocale variable. And the incorrectly relocated
ThreadRuneLocale accidentally pointed to zeroed memory before memory layout
change from D16510 had changed status quo.

MFC after:	3 weeks
Reviewed by:	imp, jhb
Approved by:	re (marius)
2018-08-25 16:54:37 +00:00
asomers
b4a74a70d5 tftpd: Fix data corruption bug with netascii
Transferring files in netascii format requires, among other things,
translating all CR characters to a CR,NUL pair. tftpd does this correctly
except when the CR occurs as the last octet of a packet. In that case, it
erroneously drops the NUL which should be part of the following packet. The
bug was caused by using 0 as a sentinel value in a variable that could
legitimately hold 0. Fix it by switching the sentinel value to -1.

PR:		178055
Reported by:	Richard <rsitze@gmail.com>
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16853
2018-08-22 23:31:27 +00:00
brooks
d47030f7df Revert r337978: Rework rtld's TLS Variant I implementation to match r326794
Michal Meloun reports that it breaks ctype (isspace()..) related
functions on armv7 so back out while we diagnose the issue.

Reported by:	Michal Meloun <melounmichal@gmail.com>
2018-08-21 18:22:12 +00:00
brd
165124c04a Move ftpusers to libexec/ftpd/
Thsi helps with pkgbase by switching to CONFS so that ftpusers will be
properly tagged as a config file.

Approved by:	will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16787
2018-08-21 17:07:52 +00:00
brooks
214c1ab8d7 Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

Submitted by:	James Clarke
Reviewed by:	kbowling
Testing byL	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-08-17 16:19:47 +00:00
trasz
916e85edb0 Remove pointless comment.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-03 10:59:05 +00:00
trasz
0aa666301d .Xr pam_securetty(8) from ttys(5), to hint the users as to what actually
enforces the 'secure' tty flag.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-03 10:58:13 +00:00
br
3b2642649d Save and restore floating-point arguments.
Sponsored by:	DARPA, AFRL
2018-08-02 12:21:39 +00:00
trasz
8d28f4cb0f Fix regression tests broken by r337067.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-02 11:55:16 +00:00
trasz
bc0d1a1d0e Make sure the rtld(1) error messages go to stderr, not stdout.
While here fix capitalization of a few nearby strings, add the
rtld's file name prefix so it's obvious where the message come
from, and return zero when "-h" is used.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16530
2018-08-02 07:43:28 +00:00
asomers
1fe29e8908 Fix several Coverity warnings in tftp
Some of the changes are in the libexec/tftpd directory, but to functions that
are only used by tftp(1) (they share some code).

* strcpy => strlcpy (1006793, 1006794, 1006796, 1006741)
* Unchecked return value and TOCTTOU (1009314)
* NULL pointer dereference (1018035, 1018036)

Reported by:	Coverity
CID:		1006793, 1006794, 1006796, 1006741, 1009314, 1018035
CID:		1018036
MFC after:	2 weeks
2018-07-22 17:10:12 +00:00
asomers
6f39a2452a Fix multiple Coverity warnings in tftpd(8)
* Initialize uninitialized variable (CID 1006502)
* strcpy => strlcpy (CID 1006792, 1006791, 1006790)
* Check function return values (CID 1009442, 1009441, 1009440)
* Delete dead code in receive_packet (not reported by Coverity)
* Remove redundant alarm(3) in receive_packet (not reported by Coverity)

Reported by:	Coverity
CID: 1006502, 1006792, 1006791, 1006790, 1009442, 1009441, 1009440
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D11287
2018-07-22 16:14:30 +00:00
asomers
7fada835fd tftpd(8): when completing an WRQ, flush the file before acknowleding receipt
tftpd(8) should flush a newly written file to disk before ACKing the final DATA
packet.  Otherwise there is a narrow race window when a subsequent read may not
see the file.  This is somewhat related to r330710, but the race window is much
smaller.  Hopefully this will fix the intermittent tests in Jenkins.

Reported by:	Jenkins
MFC after:	2 weeks
2018-07-21 19:48:31 +00:00
sef
107a344bbb This exposes ZFS user and group quotas via the normal
quatactl(2) mechanism.  (Read-only at this point, however.)
In particular, this is to allow rpc.rquotad query quotas
for NFS mounts, allowing users to see their quotas on the
hosts using the datasets.

The changes specifically:

* Add new RPC entry points for querying quotas.
* Changes the library routines to allow non-UFS quotas.
* Changes rquotad to check for quotas on mounted filesystems,
rather than being limited to entries in /etc/fstab
* Lastly, adds a VFS entry-point for ZFS to query quotas.

Note that this makes one unavoidable behavioural change: if quotas
are enabled, then they can be queried, as opposed to the current
method of checking for quotas being specified in fstab.  (With
ZFS, if there are user or group quotas, they're used, always.)

Reviewed by:	delphij, mav
Approved by:	mav
Sponsored by:	iXsystems Inc
Differential Revision:	https://reviews.freebsd.org/D15886
2018-07-05 22:56:13 +00:00
kib
c856dc5dce Make rtld use libc_nossp_pic.a. Remove SSP shims.
Submitted by:	Luis Pires
Reviewed by:	brooks
Differential revision:	https://reviews.freebsd.org/D15341
2018-05-09 10:30:56 +00:00
asomers
65a0e81cdc tftpd: misc Coverity cleanup in the tests
A bunch of unchecked return values from open(2) and read(2)

Reported by:	Coverity
CID:		1386900, 1386911, 1386926, 1386928, 1386932, 1386942
CID:		1386961, 1386979
MFC after:	8 days
X-MFC-With:	330696
2018-03-22 14:51:05 +00:00
asomers
3d48866b50 tftpd: fix the build of tests on i386 after 330696
It's those darn printf format specifiers again

Reported by:	cy, kibab
MFC after:	20 days
X-MFC-With:	330696
2018-03-10 18:07:31 +00:00
asomers
a6bc631948 tftpd: reject unknown opcodes
If tftpd receives a command with an unknown opcode, it simply exits 1.  It
doesn't send an ERROR packet, and the client will hang waiting for one.  Fix
it.

PR:		226005
MFC after:	3 weeks
2018-03-10 01:50:43 +00:00
asomers
c29c7eb33f tftpd: Abort on an WRQ access violation
On a WRQ (write request) tftpd checks whether the client has access
permission for the file in question.  If not, then the write is prevented.
However, tftpd doesn't reply with an ERROR packet, nor does it abort.
Instead, it tries to receive the packet anyway.

The symptom is slightly different depending on the nature of the error.  If
the target file is nonexistent and tftpd lacks permission to create it, then
tftpd will willingly receive the file, but not write it anywhere.  If the
file exists but is not writable, then tftpd will fail to ACK to WRQ.

PR:		225996
MFC after:	3 weeks
2018-03-10 01:43:55 +00:00
asomers
26f5519e21 tftpd: Verify world-writability for WRQ when using relative paths
tftpd(8) says that files may only be written if they already exist and are
publicly writable.  tftpd.c verifies that a file is publicly writable if it
uses an absolute pathname.  However, if the pathname is relative, that check
is skipped.  Fix it.

Note that this is not a security vulnerability, because the transfer
ultimately doesn't work unless the file already exists and is owned by user
nobody.  Also, this bug does not affect the default configuration, because
the default uses the "-s" option which makes all pathnames absolute.

PR:		226004
MFC after:	3 weeks
2018-03-10 01:35:26 +00:00
asomers
ccec95ca4c tftpd: Flush files as soon as they are fully received
On an RRQ, tftpd doesn't exit as soon as it's finished receiving a file.
Instead, it waits five seconds just in case the client didn't receive the
server's last ACK and decides to resend the final DATA packet.
Unfortunately, this created a 5 second delay from when the client thinks
it's done sending the file, and when the file is available for other
processes.

Fix this bug by closing the file as soon as receipt is finished.

PR:			157700
Reported by:		Barry Mishler <barry_mishler@yahoo.com>
MFC after:		3 weeks
2018-03-09 23:25:18 +00:00
asomers
054a344d95 Add some functional tests for tftpd(8)
tftpd(8) is difficult to test in isolation due to its relationship with
inetd.  Create a test program that mimics the behavior of tftp(1) and
inetd(8) and verifies tftpd's response in several different scenarios.

These test cases cover all of the basic TFTP protocol, but not the optional
parts.

PR:		157700
PR:		225996
PR:		226004
PR:		226005
MFC after:	3 weeks
Differential Revision:	https://reviews.freebsd.org/D14310
2018-03-09 15:30:20 +00:00
asomers
c8d2fb97f2 rpc.sprayd: raise WARNS to 6
MFC after:	3 weeks
2018-03-05 16:11:07 +00:00
trasz
421fff6c4a .Xr pstat(8), so that people have a chance to learn how to get a list
of terminal devices using "pstat -t".

MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-03-02 14:16:19 +00:00
mmel
bd14553bb6 Make rtld_bind_start() debugger friendly.
Save link register and annotate call frame structure so debugger can unwind
call frame created by rtld_bind_start().

MFC after:	2 weeks
2018-02-27 15:35:11 +00:00
trasz
c2a7be7783 Fix gettytab(5) to document f0, f1, and f2 as unsupported; they've been gone
since r131091.

PR:             184691 (partial)
Submitted by:   naddy@
MFC after:      2 weeks
Sponsored by:   The FreeBSD Foundation
2018-02-26 17:51:18 +00:00
trasz
08613ce568 Prevent getty(8) from looping indefinitely if the device node doesn't
exist. This behaviour makes no sense for eg USB serial adapters, or
USB device-side serial templates.

This mostly reverts to pre-r135941 behaviour.

Reviewed by:	imp@
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14198
2018-02-25 20:15:06 +00:00
trasz
784e0cc049 Build getty(8) with WARNS=6.
Reviewed by:	imp@
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D14197
2018-02-21 15:57:24 +00:00
trasz
27c92bd697 Sprinkle static; avoid nested externs.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 19:05:13 +00:00
trasz
b885082be8 Add missing initializer.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:40:36 +00:00
trasz
6de165e2dd Rename getty's getline() to get_line(), to avoid clash with getline(3).
Obtained from:	DragonFlyBSD
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:39:58 +00:00
trasz
d545c29ed5 Don't cast away the const, it's not been needed since r92925.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 18:36:24 +00:00
trasz
1797d2da21 Initialize all the fields. This is one of the steps required to bump WARNS.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:58:31 +00:00
trasz
0e97ad7f73 Reduce code duplication; no functional changes.
Obtained from:	NetBSD
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:55:20 +00:00
trasz
af02e546da Remove unused variable.
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2018-02-04 13:54:05 +00:00
marius
d9ac9c210e o Let rtld(1) set up psABI user trap handlers prior to executing the
objects' init functions instead of doing the setup via a constructor
  in libc as the init functions may already depend on these handlers
  to be in place. This gets us rid of:
  - the undefined order in which libc constructors as __guard_setup()
    and jemalloc_constructor() are executed WRT __sparc_utrap_setup(),
  - the requirement to link libc last so __sparc_utrap_setup() gets
    called prior to constructors in other libraries (see r122883).
  For static binaries, crt1.o still sets up the user trap handlers.
o Move misplaced prototypes for MD functions in to the MD prototype
  section of rtld.h.
o Sprinkle nitems().
2018-02-03 23:14:11 +00:00
pfg
6a14751e3a rpc.sprayd: Remove 3rd and 4th clauses in christos' license.
Obtained from:	NetBSD
2017-12-28 17:51:53 +00:00
pfg
d5811653ed rpc.sprayd: Bring some changes from NetBSD.
Most notable, other than some style issues:
CVS 1.11:
  do not use LOG_CONS.
CVS 1.13:
  consistently use exit instead of return in main().
  use LOG_WARNING instead of LOG_ERR for non critical errors.

Obtained from:	NetBSD
MFC after:	2 weeks
2017-12-28 17:44:30 +00:00
delphij
32a7549145 Replace send-mail with the more standarized sendmail, we do not create
links for send-mail in mailwrapper so it did not work anyway.

MFC after:	2 weeks
2017-12-27 06:23:50 +00:00
delphij
739ac49229 Use strlcpy().
MFC after:	2 weeks
2017-12-05 07:21:47 +00:00
pfg
fab328f17f libexec: adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.
2017-11-27 15:25:02 +00:00
pfg
872b698bd4 General further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:49:47 +00:00
pfg
9da7bdde06 spdx: initial adoption of licensing ID tags.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.

Initially, only tag files that use BSD 4-Clause "Original" license.

RelNotes:	yes
Differential Revision:	https://reviews.freebsd.org/D13133
2017-11-18 14:26:50 +00:00
trasz
9bb62d136f Increase rtld initial memory pool size from 32kB to 128kB.
The old value was probably fine back in 1998, when that code was imported
(although the comments still mention VAX, which was quite obsolete by then);
now, however, it's too small to handle our libc, which results in some
additional calls to munmap/mmap later on.  Asking for more virtual address
space is virtually free, and syscalls are not, thus the change.

It was suggested by kib@ that this might be a symptom of a deeper problem.
It doesn't only affect libc, though - the change also improves rtld memory
management for eg KDE libraries.  I guess it's just a natural bloat.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12834
2017-11-18 13:21:22 +00:00
jhb
710175569b Appease old GCC by disabling .cfi_sections for GCC 4.x. 2017-11-14 17:16:03 +00:00
jhb
73e564150a Some fixups to the CFI directives for PLT stub entry points.
The directives I added in r323466 and r323501 did not define a valid
CFA until several instructions into the associated functions.  This
triggers an assertion in GDB when generating a stack trace while
stopped at the first instruction of PLT stub entry point since there
is no valid CFA rule for the first instruction.

This is probably just wrong on my part as the non-simple .cfi_startproc
would have defined a valid CFA.  Instead, define a valid CFA as sp + 0
at the start of the functions and then use .cfa_def_offset to change the
offset when sp is adjusted later in the function.

Sponsored by:	DARPA / AFRL
2017-11-10 01:17:26 +00:00
jhb
f77a4e7d64 Use NESTED() instead of LEAF() for rtld_start.
This is only cosmetic, but the entry point for rtld is not a leaf function,
and this avoids two .frame directives for rtld_start.

Sponsored by:	DARPA / AFRL
2017-11-10 01:13:45 +00:00
bdrewery
a598c4b809 DIRDEPS_BUILD: Update dependencies.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:07:04 +00:00
bdrewery
fdd34babd3 These values already set by src.libnames.mk.
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-10-31 00:03:25 +00:00
trasz
d403a9d535 Use MAP_PRIVATE instead of obsolete MAP_COPY. No functional changes.
MFC after:	2 weeks
2017-10-30 08:56:04 +00:00
trasz
bedd65c99d Plug memory leak on error case.
Reported by:	Coverity
CID:		1382112
MFC after:	2 weeks
2017-10-29 12:07:27 +00:00
trasz
d623bf7192 Remove unneeded calls to access(2) from rtld(1); just call open(2) instead.
The result looks like this:

--- przed       2017-10-21 23:19:21.445034000 +0100
+++ po  2017-10-21 23:18:50.031865000 +0100
@@ -11,7 +11,6 @@ mmap(0x0,102,PROT_READ,MAP_PRIVATE,3,0x0)      = 343665418
 close(3)                                        = 0 (0x0)
 open("/usr/local/etc/libmap.d",O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC,0165) ERR#2 'No such file or directory'
 munmap(0x80067d000,102)                                 = 0 (0x0)
-access("/usr/local/lib/libintl.so.8",F_OK)      = 0 (0x0)
 openat(AT_FDCWD,"/usr/local/lib/libintl.so.8",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3)
 fstat(3,{ mode=-rw-r--r-- ,inode=642560,size=55188,blksize=32768 }) = 0 (0x0)
 mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34366541824 (0x80067d000)
@@ -20,14 +19,13 @@ mmap(0x800877000,40960,PROT_READ|PROT_EXEC,MAP_PRIVATE
 mmap(0x800a81000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_PREFAULT_READ,3,0xa000) = 34370752512 (0x800a81000)
 munmap(0x80067d000,4096)                        = 0 (0x0)
 close(3)                                        = 0 (0x0)
-access("/usr/local/lib/libc.so.7",F_OK)                 ERR#2 'No such file or directory'
+openat(AT_FDCWD,"/usr/local/lib/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) ERR#2 'No such file or directory'
 openat(AT_FDCWD,"/var/run/ld-elf.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
 read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\M-2\0\0"...,128) = 128 (0x80)
 fstat(3,{ mode=-r--r--r-- ,inode=970684,size=306,blksize=32768 }) = 0 (0x0)
 lseek(3,0x80,SEEK_SET)                          = 128 (0x80)
 read(3,"/lib:/usr/lib:/usr/lib/compat:/u"...,178) = 178 (0xb2)
 close(3)                                        = 0 (0x0)
-access("/lib/libc.so.7",F_OK)                   = 0 (0x0)
 openat(AT_FDCWD,"/lib/libc.so.7",O_RDONLY|O_CLOEXEC|O_VERIFY,00) = 3 (0x3)
 fstat(3,{ mode=-r--r--r-- ,inode=1605239,size=1910320,blksize=32768 }) = 0 (0x0)
 mmap(0x0,4096,PROT_READ,MAP_PRIVATE|MAP_PREFAULT_READ,3,0x0) = 34366541824 (0x80067d000)

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12766
2017-10-24 12:56:08 +00:00
trasz
20894895b5 Replace lseek(2)/read(2) pair with pread(2), removing yet another syscall
from the binary startup code.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-10-24 12:04:07 +00:00
trasz
5b7fff3b37 Make find_library() conform to style(9). No functional changes.
Suggested by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-10-24 11:24:54 +00:00
trasz
b383c7a174 Reword the conditional; it was ugly, and adding another parameter,
which I'm going to do in a subsequent commit, would make it even uglier.
No functional changes.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-10-24 11:16:38 +00:00
trasz
f80b548569 Use xmalloc and read(2) instead of mmap(2) to read in libmap.conf(5).
This removes the need to call munmap(2) afterwards.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12767
2017-10-24 10:48:26 +00:00
trasz
ae63a24a87 Don't call realpath(3) from libmap rtld code. This gets rid of a few calls
to fstatat(2) at binary startup; the difference looks like this:

--- przed       2017-10-14 13:55:49.983528000 +0100
+++ po  2017-10-14 14:10:39.134343000 +0100
@@ -1,15 +1,10 @@
 mmap(0x0,32768,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANON,-1,0x0) = 34366173184 (0x800623000)
 issetugid()                                     = 0 (0x0)
-fstatat(AT_FDCWD,"/etc",{ mode=drwxr-xr-x ,inode=1364352,size=2560,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
-fstatat(AT_FDCWD,"/etc/libmap.conf",{ mode=-rw-r--r-- ,inode=1373288,size=102,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
 openat(AT_FDCWD,"/etc/libmap.conf",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
 fstat(3,{ mode=-rw-r--r-- ,inode=1373288,size=102,blksize=32768 }) = 0 (0x0)
 mmap(0x0,102,PROT_READ,MAP_PRIVATE,3,0x0)       = 34366205952 (0x80062b000)
 close(3)                                        = 0 (0x0)
-fstatat(AT_FDCWD,"/usr",{ mode=drwxr-xr-x ,inode=561792,size=512,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
-fstatat(AT_FDCWD,"/usr/local",{ mode=drwxr-xr-x ,inode=561800,size=512,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
-fstatat(AT_FDCWD,"/usr/local/etc",{ mode=drwxr-xr-x ,inode=653279,size=1536,blksize=32768 },AT_SYMLINK_NOFOLLOW) = 0 (0x0)
-fstatat(AT_FDCWD,"/usr/local/etc/libmap.d",0x7fffffffcf50,AT_SYMLINK_NOFOLLOW) ERR#2 'No such file or directory'
+open("/usr/local/etc/libmap.d",O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC,0165) ERR#2 'No such file or directory'
 munmap(0x80062b000,102)                                 = 0 (0x0)
 openat(AT_FDCWD,"/var/run/ld-elf.so.hints",O_RDONLY|O_CLOEXEC,00) = 3 (0x3)
 read(3,"Ehnt\^A\0\0\0\M^@\0\0\0\M-2\0\0"...,128) = 128 (0x80)

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12741
2017-10-22 10:32:40 +00:00
eugen
82b41a4415 ftpd(8): fix user context handling.
Apply authenticated user context after update of wtmp(5) at start of session,
so that ftpd process is not killed by kernel with SIGXFSZ when user has
"filesize" limit lower than size of system wtmp file. Same applies
to session finalization: revert to super-user context before update of wtmp.

If ftpd hits limit while writing a file at user request,
do not get killed with SIGXFSZ instantly but apparently ignore the signal,
process error and report it to the user, and continue with the session.

PR:		143570
Approved by:	avg (mentor), mav (mentor)
MFC after:	1 week
2017-10-06 13:46:05 +00:00
jlh
f7dc81f848 Remove rcmds.
If they are still needed, you can find them in the net/bsdrcmds port.

This was proposed June, 20th and approved by various committers [1].
They have been marked as deprecated on CURRENT in r320644 [2] on July, 4th.
Both stable/11 and release/11.1 contain the deprecation notice (thanks to
allanjude@).

Note that ruptime(1)/rwho(1)/rwhod(8) were initially thought to be part of
rcmds but this was a mistake and those are therefore NOT removed.

[1] https://lists.freebsd.org/pipermail/freebsd-arch/2017-June/018239.html
[2] https://svnweb.freebsd.org/base?view=revision&revision=320644

Reviewed by:	bapt, brooks
Differential Revision:	https://reviews.freebsd.org/D12573
2017-10-06 08:43:14 +00:00
gordon
daef3d23e9 Deorbit catman. The tradeoff of disk for performance has long since tipped
in favor of just rendering the manpage instead of relying on pre-formatted
catpages. Note, this does not impede the ability to use existing catpages,
it just removes the utility to generate them.

Reviewed by:	imp, allanjude
Approved by:	emaste (mentor)
Differential Revision:	https://reviews.freebsd.org/D12317
2017-09-13 16:35:16 +00:00
jhb
3783785a2f Handle relocations for newer non-PIC MIPS ABI.
Newer binutils supports extensions to the MIPS ABI for non-PIC code
that is used when compiling O32 binaries with clang 5 (but not used
for N64 oddly enough).  These extensions require support for
R_MIPS_COPY relocations as well as a second PLT GOT using
R_MIPS_JUMP_SLOT relocations.

For R_MIPS_COPY, use the same approach as on other architectures where
fixups are deferred to the MD do_copy_relocations.

The additional PLT GOT for jump slots is located in a .got.plt section
which is identified by a DT_MIPS_PLTGOT dynamic entry.  This GOT also
requires fixups for the first two GOT entries just as the normal GOT.
However, the entry point for this second GOT uses a different calling
convention. Rather than passing an offset into the GOT, it passes an
offset into the .rel.plt section.  This requires a second entry point
(_rtld_pltbind_start) which calls the normal _rtld_bind() rather than
_mips_rtld_bind().  This also means providing a real version of
reloc_jmpslot() which is used by _rtld_bind().

In addition, add real implementions of reloc_plt() and
reloc_jmpslots() which walk .rel.plt handling R_MIPS_JUMP_SLOT
relocations.

Reviewed by:	kib
Sponsored by:	DARPA / AFRL
Differential Revision:	https://reviews.freebsd.org/D12326
2017-09-12 17:46:30 +00:00
imp
9b789e10f5 End softfp->hardfp transition period for arm
On hard-float 32-bit arm platforms, always search for the soft float
binaries in the alternative locations.

Sponsored by: Netflix
Differential Review: https://reviews.freebsd.org/D12274
MFC After: 1 week
2017-09-12 17:06:35 +00:00
jhb
698de0bfc6 Add CFI directives for _rtld_bind_start.
This allows debuggers to unwind back into the caller when stopped in the
runtime linker.

Sponsored by:	DARPA / AFRL
2017-09-11 22:18:01 +00:00