Commit Graph

2320 Commits

Author SHA1 Message Date
kib
5b944b1c03 Flush data cache for executable loadable segments explicitly.
Do not use textsize and do not flush everything between map base and
base + textsize, because unmapped areas cannot be flushed.

This makes Obj_Entry textsize only use go away, and I will remove it
later.

Reported by:	tuexen
Tested by:	Mark Millard <marklmi26-fbsd@yahoo.com>
Sponsored by:	The FreeBSD Foundation
2018-11-03 20:39:16 +00:00
des
7df50adcde Run unbound-anchor when root.key is empty, not just when it is absent.
PR:		232555
Submitted by:	Ari Suutari <ari@stonepile.fi>
MFC after:	3 days
2018-11-01 14:24:12 +00:00
dteske
1f052ff0ad Add new rc keywords: enable, disable, delete
This adds new keywords to rc/service to enable/disable a service's
rc.conf(5) variable and "delete" to remove the variable.

When the "service_delete_empty" variable in rc.conf(5) is set to "YES"
(default is "NO") an rc.conf.d file (in /etc/ or /usr/local/etc) is
deleted if empty after modification using "service $foo delete".

Submitted by:	lme (modified)
Reviewed by:	0mp (previous version), lme, bcr
Relnotes:	yes
Sponsored by:	Smule, Inc.
Differential Revision:	https://reviews.freebsd.org/D17113
2018-10-31 20:37:12 +00:00
kib
1387551a9c Remove rtld use of libc amd64_set_fsbase().
One less non-trivial dependency of rtld on libc.  Also,
amd64_set_fsbase() is to be converted to ifunc, which I do not want to
support inside rtld.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-10-29 23:59:26 +00:00
kib
8e7496aa64 Initialize ifunc calling machinery earlier.
In particular, do it before the first call to allocate_initial_tls(),
which contains MD parts to set the initial thread' TLS pointer.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2018-10-29 23:56:39 +00:00
arichardson
17d3c0ce4c rtld-elf: fix more warnings to allow compiling with WARNS=6
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17154
2018-10-29 21:08:28 +00:00
arichardson
b885decb3c rtld-elf: compile with WANRS=4 warnings other than -Wcast-align
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17153
2018-10-29 21:08:19 +00:00
arichardson
ea67da5f83 rtld-elf: make it compile with WARNS=3
Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17150
2018-10-29 21:08:11 +00:00
arichardson
4a1080a9d3 rtld: set obj->textsize correctly
With lld-generated binaries the first PT_LOAD will usually be a read-only
segment unless you pass --no-rosegment. For those binaries the textsize is
determined by the next PT_LOAD. To allow both LLD and bfd 2.17 binaries to
be parsed correctly use the end of the last PT_LOAD that is marked as
executable instead.

I noticed that the value was wrong while adding some debug prints for some rtld
changes for CHERI binaries. `obj->textsize` only seems to be used by PPC so the
effect is untested. However, the value before was definitely wrong and the new
result matches the phdrs.

Reviewed By:	kib
Approved By:	brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17117
2018-10-29 21:08:02 +00:00
eugen
224e08c700 rcorder(8): add support for /etc/rc.resume, so it calls "rcorder -k resume"
and runs scripts containing "KEYWORD: resume" with single "resume" argument.

Working example is the port sysutils/cpupdate that defines
extra_commands="resume" to reload CPU microcode cleared
by suspend/resume sequence.

This change does nothing for a system having no scripts with KEYWORD: resume.

MFC after:		1 month
Differential Revision:	https://reviews.freebsd.org/D15247
2018-10-27 17:21:13 +00:00
eugen
b9679deff8 makewhatis: do not try to operate on read-only mounted directories
just to fail later.

MFC after:	1 month
2018-10-27 17:15:58 +00:00
des
f91c2df9e3 Add default value for local_unbound_tls + fix nearby style bugs.
Reported by:	bcran@
MFC after:	3 days
2018-10-27 09:34:33 +00:00
glebius
21791314ac Remove code that is dead since r287197. Today wlan(4) interfaces aren't
children of some other interface. Creation happens only in wlan_up().
2018-10-24 20:49:51 +00:00
eugen
9a472e898d rc.initdiskless: fix commentary grammar after r339465
MFC after:	1 month
2018-10-20 18:46:36 +00:00
eugen
1901274ba0 rc.initdiskless: add support for auxiliary NVRAM.
Currently, rc.inidiskless assumes that local system configuration
changes are kept in some mountable file system. For example,
nanobsd uses dedicated partition mounted as /cfg for this.

However, small embedded devices like MIPS routers may have no enough flash
space to keep full-blown file system but have only one or couple
small flash blocks to keep persistent local configuration overrides.

This change extends rc.initdiskless and introduces ability to run auxiliary
command /conf/T/M/extract that is supposed to extract configuration overrides
from such local storage.

For example, the command /conf/default/etc/extract may contain something like:

cd "$1" && bsdcpio --quiet -idu < /dev/map/cfg

bsdcpio command extracts compressed archive from the storage to /etc
assuming the storage is exposed by the kernel as /dev/map/cfg to userland.

PR:		204215
MFC after:	1 month
2018-10-20 18:13:51 +00:00
eugen
8cb4b0c018 Make upgrade from previous FreeBSD versions less painful
and make previously working configuration like this work again:

gif_interfaces="gif0"
gifconfig_gif0="1.1.1.1 2.2.2.2"
ifconfig_gif0="inet 192.168.1.1 192.168.1.2 netmask 255.255.255.252"

PR:		204700
MFC after:	1 month
2018-10-20 18:01:48 +00:00
des
59fd2fb98e The local_unbound service will configure and bootstrap itself, but only
if a network connection is available.  This is not an issue when running
'service local_unbound setup' interactively, but can be on a diskless
system where local_unbound self-configures on every boot.  To address
this, add explicit dependencies on netwait and defaultroute.

Submitted by:	eugen
Approved by:	re (gjb)
2018-10-18 18:33:44 +00:00
des
c45ccb9f71 Add support for DNS-over-TLS to the local_unbound service.
Approved by:	re (kib)
2018-10-18 15:35:13 +00:00
bz
9e213bd230 While preparing to move init(8) to its own package as indicated
in r339413, a current pkgbase update problem came up.  For users
testing pkgbase at the moment there is no (automatic) way to pick
up new base packages (yet).
As a result rather than also moving init(8) to its own package,
back out the part of the change in r339413 that moved rc* to its
own package and defer creating new packages until the
infrastructure is in place to handle these cases.
Both init and rc* are considered too problematic to be lost by
early adaptors at this stage.

Discussed with:		brd
Reviewed by:		brd
Approved by:		re (gjb)
2018-10-18 02:07:30 +00:00
bz
6fa8790c31 Move the rc framework out of sbin/init into libexec/rc.
The reasons for this are forward looking to pkgbase:
 * /sbin/init is a special binary; try not to replace it with
   every package update because an rc script was touched.
   (a follow-up commit will make init its own package)
 * having rc in its own place will allow more easy replacement
   of the rc framework with alternatives, such as openrc.

Discussed with:		brd (during BSDCam), kmoore
Requested by:		cem, bz
PR:			231522
Approved by:		re (gjb)
2018-10-17 16:49:11 +00:00
andreast
a195c2356b This commit reverts 338930. The approach was wrong.
Fix the issue with subtracting the TLS_TCB_SIZE too when we are trying to get
the 'where' in the R_PPC_TPREL32 case. At allocation time we added an offset
and the TLS_TCB_SIZE. This has to be subtracted as well.

Now all the issues reported are fixed. Tests were done on G4 and G5 PowerMac's.
Additionally I ran the tls tests from the gcc test suite and made sure the
results are as good as pre 338486.

Thanks to tuexen for reporting the malfunction and for patient testing.
Also testing thanks goes to jhibbits.

Reported by:	tuexen
Discussed with:	jhibbits, nwhitehorn
Approved by:	re (gjb)
Pointyhat to:	andreast
2018-10-01 18:46:35 +00:00
andrew
c148541690 Add STT_GNU_IFUNC and R_AARCH64_IRELATIVE support on arm64.
This is based on the amd64 implementation. Support for both PLT and
non-PLT (e.g. a global variable initilised with a pointer to an ifunc)
cases are supported.

We don't pass anything to the resolver as it is expected they will read
the ID registers directly, with the number of registers with CPU info
likely to increase in the future.

Reviewed by:	kib
Approved by:	re (gjb)
Differential Revision:	https://reviews.freebsd.org/D17341
2018-10-01 14:02:29 +00:00
kib
5982fcac46 Provide refobj context when doing libmap substitution inside
search_library_path().

This corrects the scope of libmap matches.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:28:14 +00:00
kib
9593a6d4aa When doing lm_add(), check for duplicates.
This is useful when lm_find() moves the match to the global mapping,
since lm_find() could be called with a same path more than once.

Reported and tested by:	Andreas Longwitz <longwitz@incore.de>
Sponsored by:	The FreeBSD Foundation
Approved by:	re (gjb)
MFC after:	1 week
2018-09-26 21:27:08 +00:00
andreast
bbfa8d7720 Bring the 32-bit powerpc (PowerMac) back to live. The commit 338486 reworked
some TLS bits. This broke operation on the PowerMac. Namely one could not login.
At login the screen/shell was giving back lots of backslashes and the login
shell dumped core.

The fix to this issue is to revert the powerpc commit from 338486 and to
increase the TLS_TCB_SIZE to 16.
Reverting only did not help, login was possible but userland applications
aborted with strange messages.

I tested this patch with world/kernel builds and with port upgrades.
Additionally a full gcc8 bootstrap was successfully completed.

Reviewed by: jhibbits@
Approved by: re (Glen)
2018-09-25 19:29:35 +00:00
brd
eb92ef0b12 Move libmap.conf to libexec/rtld-elf/
This leverages CONFS to handle the config file install.

Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D17161
2018-09-18 00:25:00 +00:00
brooks
ad8dc1e97b Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

This was previously commited as r337978 and reverted in r338149 due to
exposing a bug the ARM rtld.  This bug was fixed in r338317 by mmel.

Submitted by:	James Clarke
Approved by:	re (kib)
Reviewed by:	kbowling
Testing by:	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-09-05 23:23:16 +00:00
brd
efb1577987 Move gettytab to libexec/getty/
Approved by:	re (gjb), will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16953
2018-09-05 15:25:23 +00:00
kib
ae9e5bc0c3 Style cleanup. No functional changes.
Sponsored by:	The FreeBSD Foundation
MFC after:	3 days
Approved by:    re (rgrimes)
2018-09-02 15:42:37 +00:00
mmel
58ecd611cd Fix wrong offset calculation for R_ARM_TLS_TPOFF32 relocations.
TLS_TCB_SIZE is already accounted in defobj-> tlsoffset so all these symbols
were incorrectly relocated by +8.

Note:
The only consumer (for all binaries on my ARM board) of R_ARM_TLS_TPOFF32
relocation is _ThreadRuneLocale variable. And the incorrectly relocated
ThreadRuneLocale accidentally pointed to zeroed memory before memory layout
change from D16510 had changed status quo.

MFC after:	3 weeks
Reviewed by:	imp, jhb
Approved by:	re (marius)
2018-08-25 16:54:37 +00:00
asomers
b4a74a70d5 tftpd: Fix data corruption bug with netascii
Transferring files in netascii format requires, among other things,
translating all CR characters to a CR,NUL pair. tftpd does this correctly
except when the CR occurs as the last octet of a packet. In that case, it
erroneously drops the NUL which should be part of the following packet. The
bug was caused by using 0 as a sentinel value in a variable that could
legitimately hold 0. Fix it by switching the sentinel value to -1.

PR:		178055
Reported by:	Richard <rsitze@gmail.com>
Reviewed by:	cem
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D16853
2018-08-22 23:31:27 +00:00
brooks
d47030f7df Revert r337978: Rework rtld's TLS Variant I implementation to match r326794
Michal Meloun reports that it breaks ctype (isspace()..) related
functions on armv7 so back out while we diagnose the issue.

Reported by:	Michal Meloun <melounmichal@gmail.com>
2018-08-21 18:22:12 +00:00
brd
165124c04a Move ftpusers to libexec/ftpd/
Thsi helps with pkgbase by switching to CONFS so that ftpusers will be
properly tagged as a config file.

Approved by:	will (mentor)
Differential Revision:	https://reviews.freebsd.org/D16787
2018-08-21 17:07:52 +00:00
brooks
214c1ab8d7 Rework rtld's TLS Variant I implementation to match r326794
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes.  Thus,
port these changes to rtld.

Submitted by:	James Clarke
Reviewed by:	kbowling
Testing byL	kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16510
2018-08-17 16:19:47 +00:00
trasz
916e85edb0 Remove pointless comment.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-03 10:59:05 +00:00
trasz
0aa666301d .Xr pam_securetty(8) from ttys(5), to hint the users as to what actually
enforces the 'secure' tty flag.

MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-03 10:58:13 +00:00
br
3b2642649d Save and restore floating-point arguments.
Sponsored by:	DARPA, AFRL
2018-08-02 12:21:39 +00:00
trasz
8d28f4cb0f Fix regression tests broken by r337067.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2018-08-02 11:55:16 +00:00
trasz
bc0d1a1d0e Make sure the rtld(1) error messages go to stderr, not stdout.
While here fix capitalization of a few nearby strings, add the
rtld's file name prefix so it's obvious where the message come
from, and return zero when "-h" is used.

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D16530
2018-08-02 07:43:28 +00:00
asomers
1fe29e8908 Fix several Coverity warnings in tftp
Some of the changes are in the libexec/tftpd directory, but to functions that
are only used by tftp(1) (they share some code).

* strcpy => strlcpy (1006793, 1006794, 1006796, 1006741)
* Unchecked return value and TOCTTOU (1009314)
* NULL pointer dereference (1018035, 1018036)

Reported by:	Coverity
CID:		1006793, 1006794, 1006796, 1006741, 1009314, 1018035
CID:		1018036
MFC after:	2 weeks
2018-07-22 17:10:12 +00:00
asomers
6f39a2452a Fix multiple Coverity warnings in tftpd(8)
* Initialize uninitialized variable (CID 1006502)
* strcpy => strlcpy (CID 1006792, 1006791, 1006790)
* Check function return values (CID 1009442, 1009441, 1009440)
* Delete dead code in receive_packet (not reported by Coverity)
* Remove redundant alarm(3) in receive_packet (not reported by Coverity)

Reported by:	Coverity
CID: 1006502, 1006792, 1006791, 1006790, 1009442, 1009441, 1009440
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D11287
2018-07-22 16:14:30 +00:00
asomers
7fada835fd tftpd(8): when completing an WRQ, flush the file before acknowleding receipt
tftpd(8) should flush a newly written file to disk before ACKing the final DATA
packet.  Otherwise there is a narrow race window when a subsequent read may not
see the file.  This is somewhat related to r330710, but the race window is much
smaller.  Hopefully this will fix the intermittent tests in Jenkins.

Reported by:	Jenkins
MFC after:	2 weeks
2018-07-21 19:48:31 +00:00
sef
107a344bbb This exposes ZFS user and group quotas via the normal
quatactl(2) mechanism.  (Read-only at this point, however.)
In particular, this is to allow rpc.rquotad query quotas
for NFS mounts, allowing users to see their quotas on the
hosts using the datasets.

The changes specifically:

* Add new RPC entry points for querying quotas.
* Changes the library routines to allow non-UFS quotas.
* Changes rquotad to check for quotas on mounted filesystems,
rather than being limited to entries in /etc/fstab
* Lastly, adds a VFS entry-point for ZFS to query quotas.

Note that this makes one unavoidable behavioural change: if quotas
are enabled, then they can be queried, as opposed to the current
method of checking for quotas being specified in fstab.  (With
ZFS, if there are user or group quotas, they're used, always.)

Reviewed by:	delphij, mav
Approved by:	mav
Sponsored by:	iXsystems Inc
Differential Revision:	https://reviews.freebsd.org/D15886
2018-07-05 22:56:13 +00:00
kib
c856dc5dce Make rtld use libc_nossp_pic.a. Remove SSP shims.
Submitted by:	Luis Pires
Reviewed by:	brooks
Differential revision:	https://reviews.freebsd.org/D15341
2018-05-09 10:30:56 +00:00
asomers
65a0e81cdc tftpd: misc Coverity cleanup in the tests
A bunch of unchecked return values from open(2) and read(2)

Reported by:	Coverity
CID:		1386900, 1386911, 1386926, 1386928, 1386932, 1386942
CID:		1386961, 1386979
MFC after:	8 days
X-MFC-With:	330696
2018-03-22 14:51:05 +00:00
asomers
3d48866b50 tftpd: fix the build of tests on i386 after 330696
It's those darn printf format specifiers again

Reported by:	cy, kibab
MFC after:	20 days
X-MFC-With:	330696
2018-03-10 18:07:31 +00:00
asomers
a6bc631948 tftpd: reject unknown opcodes
If tftpd receives a command with an unknown opcode, it simply exits 1.  It
doesn't send an ERROR packet, and the client will hang waiting for one.  Fix
it.

PR:		226005
MFC after:	3 weeks
2018-03-10 01:50:43 +00:00
asomers
c29c7eb33f tftpd: Abort on an WRQ access violation
On a WRQ (write request) tftpd checks whether the client has access
permission for the file in question.  If not, then the write is prevented.
However, tftpd doesn't reply with an ERROR packet, nor does it abort.
Instead, it tries to receive the packet anyway.

The symptom is slightly different depending on the nature of the error.  If
the target file is nonexistent and tftpd lacks permission to create it, then
tftpd will willingly receive the file, but not write it anywhere.  If the
file exists but is not writable, then tftpd will fail to ACK to WRQ.

PR:		225996
MFC after:	3 weeks
2018-03-10 01:43:55 +00:00
asomers
26f5519e21 tftpd: Verify world-writability for WRQ when using relative paths
tftpd(8) says that files may only be written if they already exist and are
publicly writable.  tftpd.c verifies that a file is publicly writable if it
uses an absolute pathname.  However, if the pathname is relative, that check
is skipped.  Fix it.

Note that this is not a security vulnerability, because the transfer
ultimately doesn't work unless the file already exists and is owned by user
nobody.  Also, this bug does not affect the default configuration, because
the default uses the "-s" option which makes all pathnames absolute.

PR:		226004
MFC after:	3 weeks
2018-03-10 01:35:26 +00:00
asomers
ccec95ca4c tftpd: Flush files as soon as they are fully received
On an RRQ, tftpd doesn't exit as soon as it's finished receiving a file.
Instead, it waits five seconds just in case the client didn't receive the
server's last ACK and decides to resend the final DATA packet.
Unfortunately, this created a 5 second delay from when the client thinks
it's done sending the file, and when the file is available for other
processes.

Fix this bug by closing the file as soon as receipt is finished.

PR:			157700
Reported by:		Barry Mishler <barry_mishler@yahoo.com>
MFC after:		3 weeks
2018-03-09 23:25:18 +00:00