Commit Graph

19624 Commits

Author SHA1 Message Date
jkim
59b947e8fc Make libradius(3) buildable. 2018-09-19 07:06:20 +00:00
jkim
76850e3a16 Make libmp(3) buildable. 2018-09-19 07:05:31 +00:00
jkim
9dfee4aa81 Make libfetch buildable. 2018-09-19 07:04:15 +00:00
brd
e099bd35c6 Really fix pam install. Don't commit late at night or you make simple mistakes.
Reported by:	dumbbell
Approved by:	re (gjb), will (mentor)
2018-09-13 16:14:33 +00:00
brd
79c4c92dad Fix build after r338621 by avoiding LINKS and installing the link manually.
Approved by:	re (rgrimes), will (mentor)
2018-09-13 07:48:49 +00:00
brd
ae17e768db Move all pam related config to lib/libpam/
Approved by:	re (rgrimes), will (mentor), des
Differential Revision:	https://reviews.freebsd.org/D17122
2018-09-13 04:08:48 +00:00
hselasky
60fe6885ff Fix issues about cancelling USB transfers in LibUSB when the USB device has
been detached. When a USB device has been detached the kernel file handle
stops responding to commands. USB applications which continue to run after
the USB device has been detached, depend on LibUSB generated events to tear
down its pending USB transfers. Add code to handle the needed cleanup when
processing the USB transfer(s) fails and prevent new USB transfer(s) from
being submitted.

Found by:		Ludovic Rousseau <ludovic.rousseau+freebsd@gmail.com>
PR:			231076
MFC after:		1 week
Approved by:		re (gjb)
Sponsored by:		Mellanox Technologies
2018-09-12 15:06:30 +00:00
des
d80a9d8e56 Upgrade Unbound to 1.7.2. More to follow.
Approved by:	re (kib@)
2018-09-10 16:56:44 +00:00
des
0a47c58bdd Upgrade to OpenSSH 7.8p1.
Approved by:	re (kib@)
2018-09-10 16:20:12 +00:00
woodsb02
7649a58915 geli init with multiple providers - fix init and fix -B "none"
Apply some fixes post rS336659, which allowed multiple provders to be
initialized in a single command.
- Fix issue where second and subsequent providers would fail init.
  This was due to the metadata struct being zeroed after the first
  provider init was completed, despite containing common data required
  for subsequent providers.
- Fix issue where -B "none" would still result in the metadata being
  backed-up if multiple providers had been specified. This was due to
  the backupfile of "none" being incorrectly made unique for each
  provider by appending "-<prov>".

Approved by:	asomers
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17096
2018-09-10 14:50:34 +00:00
jhb
e80c3bc752 bhyve: Use MAP_GUARD when mapping guest memory ranges.
Instead of relying on PROT_NONE mappings with MAP_ANON, use MAP_GUARD
to reserve address space around guest memory ranges including the
guard ranges of address space around mappings.

Submitted by:	Shawn Webb
Reviewed by:	araujo
Approved by:	re (rgrimes)
MFC after:	1 month
Sponsored by:	HardendBSD and G2, Inc
Differential Revision:	https://reviews.freebsd.org/D16822
2018-09-06 20:29:40 +00:00
jhb
bc92f163ac Add gelf_mips64el.c to the list of files to include in libelf.
Missed in r338478.

Pointy hat to:	jhb
Approved by:	re (rgrimes)
MFC after:	1 month
2018-09-05 21:47:22 +00:00
des
38e9280258 For full Linux-PAM compatibility, add a trailing NUL character when
passing the authentication token to the external program.

Approved by:	re (kib)
Submitted by:	Thomas Munro <munro@ip9.org>
MFC after:	1 week
Differential Revision:	D16950
2018-09-04 10:51:41 +00:00
kevans
a1b9ddb01d libbe(3): Fix error handling with respect to be_exists
Some paths through be_exists will set the error state, others will not
There are multiple reasons that a call can fail, so clean it up a bit: all
paths now return an appropriate error code so the caller can attempt to
distinguish between a BE legitimately not existing and just having the wrong
mountpoint. The caller is expected to bubble the error through to the
internal error handler as needed.

This fixes some unfriendliness with bectl(8)'s activate subcommand, where
it might fail due to a bad mountpoint but the only message output is a
generic "failed to activate" message.

Approved by:	re (gjb)
2018-09-01 02:22:26 +00:00
sbruno
20f13358b1 r338270 had the side effect of no longer installing libmd.so into /lib.
For users who have a seperate zfs mount of /usr or /usr/lib, this will
cause dynamic loading failures when attempting to execute zfs mount on
bootup. E.g. the system won't boot.

Including <src.opts.mk> sets SHLIBDIR, so SHLIBDIR?= has no
effect.  The other lib/ Makefiles solve this problem by moving the
SHLIBDIR  assignment to before .include <src.opts.mk>.

Submitted by:	jilles
Reviewed by:	allanjude
Approved by:	re (rgrimes)
Differential Revision:	https://reviews.freebsd.org/D16910
2018-08-26 17:05:43 +00:00
kevans
51650c5969 libbe(3)/bectl(8): Make consistent with beadm
vermaden (maintainer of beadm) points out the following inconsistencies:
- "missing command" is not printed prior to usage if the error is simply a
   missing command; this should be obvious from the context
- "bectl rename" isn't using the "don't unmount" flag (zfs rename -u), so
   the active BE can't be renamed. It doesn't make sense in our context to
   *not* use -u, so use it.

Documentation updates reflect the above and note an inconsistency with the
'destroy' command that is consistent with other parts of the base system.

A fix for libbe(3) not properly being installed to /lib is included.
SHLIBDIR should have been added when it was moved in r337995.

Approved by:	re (kib)
2018-08-24 20:44:58 +00:00
arichardson
c4f6e7dc54 Don't build skein_block_asm.s if we don't have an as binary
This fixes building libmd on MacOS/Linux. The real fix is probably to
build it as a .S file with $CC instead. It might also be better to just
compile the C file in userspace since the compiler can the use SSE/AVX.

Reviewed By:	emaste, brooks
Approved By:	jhb (mentor)
Differential Revision: https://reviews.freebsd.org/D16844
2018-08-23 18:19:33 +00:00
imp
b531108f0a Forgot to bump .Dd in r338233 like I promised in the review. Doh! 2018-08-23 05:08:38 +00:00
imp
485cde8df8 Create devctl freeze/thaw.
This adds it to devctl, libdevctl, defines the two IOCTLs and
implements the kernel bits. causes any new drivers that are added via
kldload to be deferred until a 'thaw' comes in. These do not stack: it
is an error to freeze while frozen, or thaw while thawed.

Differential Revision: https://reviews.freebsd.org/D16735
2018-08-23 05:05:47 +00:00
arichardson
8f8ffd0de4 Stop using unifdef to generate bsdxml.h
The current invocation of unifdef causes the build to fail when using a shell
with -o pipefail on by default since unifdef will return a non-zero exit status
if it changes something. The only thing this call to unifdef does is remove 5
lines that will be ignored by the compiler anyway. Furthermore, it is the only
make rule in the source tree that requires unifdef. Removing this call also
makes it slightly easier to build without inhering $PATH (D16815) since we
don't need unifdef anymore.

I also noticed that the sed call to replace the include guard has been broken
for over 10 years since the import of expat 2.0.1 changed it from
`XmlParse_INCLUDED` to `Expat_INCLUDED`. I could also fix this but since it's
been broken for so long and no one noticed, it's probably not necessary.

Reviewed By:	emaste
Approved By:	jhb (mentor)
Differential Revision: https://reviews.freebsd.org/D14317
2018-08-22 11:56:42 +00:00
brd
04b9fb59f6 Move all bluetooth related config files out of etc
This helps with pkgbase by switching to CONFS so they are properly tagged as
config files.

Approved by:	will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16833
2018-08-21 19:28:53 +00:00
tuexen
3e0ad7d794 Add SOL_SOCKET level socket option with name SO_DOMAIN to get
the domain of a socket.

This is helpful when testing and Solaris and Linux have the same
socket option using the same name.

Reviewed by:		bcr@, rrs@
Sponsored by:		Netflix, Inc.
Differential Revision:	https://reviews.freebsd.org/D16791
2018-08-21 14:04:30 +00:00
pfg
d91c3ee490 libthr: minor spacing cleanup.
No functional change.

X-MFC with:	r337992
2018-08-21 01:33:25 +00:00
arichardson
c7f1f595d8 Don't rebuild ioctl.c and relink libsysdecode if there are no changes
Instead generate a temporary file and only overwrite ioctl.c if the
files are actually different.

Approved By:	jhb (mentor)
2018-08-20 10:59:49 +00:00
arichardson
de3ac6e1c3 Allow bootstrapping libmd on MacOS
The assembly files use directives that only work for ELF targets so skip
them when bootstrapping on MacOS.

Reviewed By:	imp
Approved By:	jhb (mentor)
Differential Revision: https://reviews.freebsd.org/D14247
2018-08-20 10:39:48 +00:00
arichardson
068abe0536 Make mkioctls script work on Linux and MacOS
Using find -s  will not work with the Linux or MacOS find command. We pipe
to sort instead since the only real requirement here is that the order
stays the same. While I am touching this file I also fixed a `==` construct
which is not supported by POSIX sh but appears to work on FreeBSD.

Reviewed By:	imp
Approved By:	jhb (mentor)
Differential Revision: https://reviews.freebsd.org/D14246
2018-08-20 10:39:37 +00:00
delphij
590c452778 In r331279 the code used ENOSYS to check the existence of getrandom(2).
This will only work if the caller already handles SIGSYS, which is not
always the case.

Address this by checking osreldate instead. Note that because there
was not __FreeBSD_version bump when the system call was added, use
1200061 (r332100) which is the first bump after the introduction of
the system call.

PR:		230762
Reported by:	Jenkins via Mark Millard
Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D16807
2018-08-20 02:17:55 +00:00
0mp
ebb7831f00 Document socket control message routines for ancillary data access (CMSG_DATA).
PR:		227777
Reviewed by:	bcr, eadler
Approved by:	mat (mentor), manpages (bcr)
Obtained from:	OpenBSD
Differential Revision:	https://reviews.freebsd.org/D15215
2018-08-19 17:42:49 +00:00
delphij
cc30da3fe1 Update userland arc4random() with OpenBSD's Chacha20 based arc4random().
ObsoleteFiles.inc:

    Remove manual pages for arc4random_addrandom(3) and
    arc4random_stir(3).

  contrib/ntp/lib/isc/random.c:
  contrib/ntp/sntp/libevent/evutil_rand.c:

    Eliminate in-tree usage of arc4random_addrandom().

  crypto/heimdal/lib/roken/rand.c:
  crypto/openssh/config.h:

    Eliminate in-tree usage of arc4random_stir().

  include/stdlib.h:

    Remove arc4random_stir() and arc4random_addrandom() prototypes,
    provide temporary shims for transistion period.

  lib/libc/gen/Makefile.inc:

    Hook arc4random-compat.c to build, add hint for Chacha20 source for
    kernel, and remove arc4random_addrandom(3) and arc4random_stir(3)
    links.

  lib/libc/gen/arc4random.c:

    Adopt OpenBSD arc4random.c,v 1.54 with bare minimum changes, use the
    sys/crypto/chacha20 implementation of keystream.

  lib/libc/gen/Symbol.map:

    Remove arc4random_stir and arc4random_addrandom interfaces.

  lib/libc/gen/arc4random.h:

    Adopt OpenBSD arc4random.h,v 1.4 but provide _ARC4_LOCK of our own.

  lib/libc/gen/arc4random.3:

    Adopt OpenBSD arc4random.3,v 1.35 but keep FreeBSD r114444 and
    r118247.

  lib/libc/gen/arc4random-compat.c:

    Compatibility shims for arc4random_stir and arc4random_addrandom
    functions to preserve ABI.  Log once when called but do nothing
    otherwise.

  lib/libc/gen/getentropy.c:
  lib/libc/include/libc_private.h:

    Fold __arc4_sysctl into getentropy.c (renamed to arnd_sysctl).
    Remove from libc_private.h as a result.

  sys/crypto/chacha20/chacha.c:
  sys/crypto/chacha20/chacha.h:

    Make it possible to use the kernel implementation in libc.

PR:		182610
Reviewed by:	cem, markm
Obtained from:	OpenBSD
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D16760
2018-08-19 17:40:50 +00:00
kib
bea25c30d9 Provide set_constraint_handler_s(3) man page.
Mention abort_handler_s(3) and ignore_handler_s(3), provide
cross-reference from memset(3).

Submitted by:	Yuri Pankov <yuripv@yuripv.net>
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D16797
2018-08-19 14:39:57 +00:00
kib
8078dbdbb3 Clarify that memset_s(3) requires __STDC_WANT_LIB_EXT1__ for visibility.
Fix typos and other nits.

Submitted by:	Yuri Pankov <yuripv@yuripv.net>
MFC after:	3 days
Differential revision:	https://reviews.freebsd.org/D16797
2018-08-19 14:25:28 +00:00
kib
53df9847c8 Use tab for indent.
Submitted by:	Yuri Pankov <yuripv@yuripv.net>
MFC after:	3 days
2018-08-19 14:22:45 +00:00
delphij
dc8f15c81c Workaround ECAPMODE for kernels between revision [331280, 337999)
where getrandom(2) is not available in capability mode.
2018-08-18 08:32:21 +00:00
delphij
18548ca3f9 Split arc4random_uniform into it's own file and sync with OpenBSD.
PR:		182610
Obtained from:	OpenBSD
MFC after:	2 weeks
2018-08-18 06:20:45 +00:00
kevans
68ec745a9c libbe(3): Move build goop back out of cddl/
Some background: in the GSoC project, libbe/Makefile lived in lib/libbe. I
created projects/bectl branch, maintained the above for all of five
minutes before I misread Makefile.inc1 and decided that it couldn't possibly
build outside of cddl/, so I kicked the Makefile out into the cddl/ build
and all was good. The misreading was of the bit where .WAIT is added to
SUBDIR after lib, libexec but prior to building bin and cddl *only during
the install targets*, which is the critical part.

Fast forward- buildworld was still broken in my branch unbeknownst to me
because I didn't nuke my OBJDIR. Combing through Makefile.inc1 eventually
revealed the necessary magic to make sure that libbe's dependencies are
specified well enough, and it becomes clear what needs done to make a
non-cddl/ build work. This is an interesting prospect, because the build
split is kind of annoying to work with.

IGNORE_PRAGMA is added to avoid dropping WARNS by one more. This was
previously pulled in via cddl/Makefile.inc.
2018-08-18 03:20:59 +00:00
pfg
af33553b47 POSIX compliance improvements in the pthread(3) functions.
This basically adds makes use of the C99 restrict keyword, and also
adds some 'const's to four threading functions: pthread_mutexattr_gettype(),
pthread_mutexattr_getprioceiling(), pthread_mutexattr_getprotocol(), and
pthread_mutex_getprioceiling. The changes are in accordance to POSIX/SUSv4-2018.

Hinted by:	DragonFlyBSD

Relnotes:	yes
MFC after:	1 month
Differential Revision:	D16722
2018-08-18 01:05:38 +00:00
kib
73f3efa46c Add pthread_get_name_np(3).
The function retrieves the thread name previously set by
pthread_set_name_np(3). The name is cached in the process memory.

Requested by:	Willem Jan Withagen <wjw@digiware.nl>
Man page update:	Yuri Pankov <yuripv@yuripv.net>
Reviewed by:	ian (previous version)
Discussed with:	arichardson, bjk (man page)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D16702
2018-08-17 18:34:07 +00:00
oshogbo
6c18c0985d Fix style nits. 2018-08-17 14:37:13 +00:00
kevans
1117e03b1e Add efidev(4)/efirt(9)
Document efidev(4), provider of userland access to EFI Runtime Services. A link is created to efirtc(4), which handles the time-of-day clock side.

efirt(9) is the kernel side of this.

Reviewed by:	imp, kib (earlier version)
Differential Revision:	https://reviews.freebsd.org/D16696
2018-08-17 04:17:51 +00:00
jamie
6b9aac38ce Revert r337922, except for some documention-only bits. This needs to wait
until user is changed to stop using jail(2).

Differential Revision:	D14791
2018-08-16 19:09:43 +00:00
kevans
3c7e957126 libbe(3): Impose dataset length restrictions on boot env name validation
Previously, we only validated names for character restrictions. This is
helpful, but we should've also checked length restrictions- dataset names
must be restricted to MAXNAMELEN.

While here, move validation before doing a bunch of concatenations and fix
error handling in be_rename. It was previously setting the error state based
on return value from a libzfs function, which is wrong: libzfs errors don't
necessarily match cleanly to libbe errors. This would cause the assertion in
be_error to hit when the error was printed.
2018-08-16 18:58:34 +00:00
jamie
94a36bb7c1 Put jail(2) under COMPAT_FREEBSD11. It has been the "old" way of creating
jails since FreeBSD 7.

Along with the system call, put the various security.jail.allow_foo and
security.jail.foo_allowed sysctls partly under COMPAT_FREEBSD11 (or
BURN_BRIDGES).  These sysctls had two disparate uses: on the system side,
they were global permissions for jails created via jail(2) which lacked
fine-grained permission controls; inside a jail, they're read-only
descriptions of what the current jail is allowed to do.  The first use
is obsolete along with jail(2), but keep them for the second-read-only use.

Differential Revision:	D14791
2018-08-16 18:40:16 +00:00
kevans
5f1af1a0a1 libbe(3): Prefer safer versions of strcat/strcpy
Or, in the activate case, just use snprintf since that's effectively what
we're doing anyways.
2018-08-16 18:37:47 +00:00
kevans
d566a4a452 libbe(3)/bectl(8): Hit rewind on a bunch of off-by-ones
While here, use sizeof() in some places that it makes sense to reduce room
for error and prefer strlcpy to strncpy
2018-08-16 17:56:03 +00:00
trasz
fefb9fa0f3 Fix typo.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-16 14:46:49 +00:00
bz
22a78b1747 Allow the use of TCP instead of UDP for queries by setting options usevc
in resolv.conf which sets RES_USEVC.

Reviewed by:	ume
MFC after:	17 days
Differential Revision:	https://reviews.freebsd.org/D16607
2018-08-16 13:18:40 +00:00
kevans
17e1e9b97a libbe(3): Fix leaky faucets
Amongst them:
- Resource leaks
- Logically dead code
- Unused values
- Null termination issues

Reported by:	asomers (pointer to Coverity), Coverity
CID:		1394777, 1394791, 1394830, 1394844, 1394872, 1394894,
CID:		1394900, 1394907, 1394950, 1394965
2018-08-14 18:11:06 +00:00
mmacy
fba44c4a67 Add library and kernel support for AMD Family 17h counters
NB: lacks default sample rate for most counters
2018-08-14 05:18:43 +00:00
des
90f37b39e4 Add support for Linux-PAM's badly named expose_authtok option.
Submitted by:	Thomas Munro <munro@ip9.org>
MFC after:	1 week
Differential Revision:	D16171
2018-08-14 00:14:17 +00:00
mmacy
ba1896c08e pmc amd17h: fix inputs to jevents 2018-08-13 23:46:44 +00:00