- Make openssl_gcm_encrypt generic to AEAD ciphers (aside from CCM)
and use it for Chacha20-Poly1305.
- Use generic AEAD control constants instead of GCM/CCM specific names.
Reviewed by: cem
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D27838
This script uses -e, so it's prone to exiting in awkward places. In
particular, if arc diff fails, the script just exits without restoring
the checkout.
Mitigate this for now by using a global variable to record the previous
checkout and use a trap handler to restore it in the face of errors. A
better solution might be to use arc diff's --head parameter but that
will require more testing.
Reported by: kevans
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D28631
After changing the namespace.h header we need to provide _err on macOS, too.
Previously we used the system libc err*/warn*, but that does not provide
_err/_warn (which is used by other bootstrapped files from libc).
To fix this problem bootstrap err.c on macOS as well.
Fixes: 02af91c52 (Fix crossbuild bootstrap tools build with Clang 12)
Clang 12 no longer allows re-defining a weak symbol as non-weak. This
happed here because we compile err.c with _err defined to err. To fix
this, use the same approach as the libc namespace.h
Previously bsd.compiler.mk was not able to detect the compiler type for
Ubuntu's /usr/bin/cc unless we were invoking the /usr/bin/gcc symlink.
This problem has been fixed by 9c6954329a
so we can drop the workaround from make.py.
Reviewed By: jrtc27
Differential Revision: https://reviews.freebsd.org/D28323
nmtree is derived from fmtree, and has been the default mtree(8) since
6adfbbbf16, a little over a year after its introduction.
fmtree has not seen any substantial work since then, except for build
fixes and runtime issues that were diagnosed in nmtree and backported
because this was still in the tree.
Turn it off by default.
Reviewed by: bdrewery, brooks, cy, emaste
Differential Revision: https://reviews.freebsd.org/D28573
Add manual page based on the usage in the script with a few changes and
hook it up to the build.
Reviewed by: 0mp, markj
Differential Revision: https://reviews.freebsd.org/D28519
Rather than putting revision metadata in .git/arc/create-message, create
a tmpfile and use that. Otherwise arc diff always prompts about it and
in some cases complains because its standard input is piped.
Reported by: imp
Differential Revision: https://reviews.freebsd.org/D28614
This is a handy script for creating and updating Differential revisions
from git commits. It tries to avoid forcing the user to manage their
git tree in any particular way, but makes two major assumptions:
- there is a one-to-one mapping between git commits and Differential
revisions,
- the title of a Differential revision is the same as the summary line
of the corresponding commit.
A verbose description of the script's functionality is provided in its
usage message, which should probably be converted to a man page.
A description of workflows using git-arc is here:
https://lists.freebsd.org/pipermail/freebsd-hackers/2021-January/056979.html
There are some loose ends but this is functional enough to be useful.
Discussed with: jhb
Differential Revision: https://reviews.freebsd.org/D28334
Userspace has OFED build enabled for quite some time, but kernel modules
were not. This is useless config because any userspace IB code requires
kernel support. So enable modules build by default.
Move WITH_OFED to WITHOUT_OFED since defaults are now enabled.
Reviewed by: emaste, hselasky, kevans
MFC after: 3 days
Sponsored by: NVidia Networking / Mellanox Technologies
Differential Revision: https://reviews.freebsd.org/D28460
This option has been equivalent to any form of C++ support since libstdc++
was removed. Therefore, replace all MK_LIBCPLUSPLUS uses with MK_CXX.
Reviewed By: emaste
Differential Revision: https://reviews.freebsd.org/D27974
Parallel builds of stand should be assumed both possible and safe as of
7012461c9b, so let's start using some jobs to speed up lualoader test
harness builds.
There's a third party dependency on this option; currently,
net/openldap24-{,sasl-}client. At least mention that an openldap from ports
is needed for this option.
PR: 252866
Reported-by: Build Option Survey via Michael Dexter
MFC-after: 3 days
This merges upstream patches from OpenSSL's master branch to add
KTLS infrastructure for TLS 1.0-1.3 including both RX and TX
offload and SSL_sendfile support on both Linux and FreeBSD.
Note that TLS 1.3 only supports TX offload.
A new WITH/WITHOUT_OPENSSL_KTLS determines if OpenSSL is built with
KTLS support. It defaults to enabled on amd64 and disabled on all
other architectures.
Reviewed by: jkim (earlier version)
Approved by: secteam
Obtained from: OpenSSL (patches from master)
MFC after: 1 week
Relnotes: yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D28273
nids(4) was a clever idea in the early 2000's when the market was
flooded with 10/100 NICs with Windows-only drivers, but that hasn't been
the case for ages and the driver has had no meaningful maintenance in
ages. It only supports Windows-XP era drivers.
Also remove:
- ndis support from wpa_supplicant
- ndiscvt(8)
Reviewed By: emaste, bcr (manpages)
Differential Revision: https://reviews.freebsd.org/D27609
This is unnecessary when cross-building from Linux/macOS.
Additionally, cp -p appears to be broken on macOS Big Sur
(https://openradar.appspot.com/8957219).
For some unknown reason this commit appears to fix
freezes when building on macOS Big Sur.
This also fixes building in docker with volume mounts
with ACLs, since setting the ACL with cp -p fails otherwise.
Obtained From: CheriBSD
Tested By: gnn (macOS Big Sur), Nathaniel Wesley Filardo (docker)
Reviewed By: jrtc27, imp
Differential Revision: https://reviews.freebsd.org/D28267
Older glibc headers did some very nasty things that have since been
sanitised. We could also fix this by adding a linux/getopt.h wrapper
alongside the existing common/getopt.h that #undef's __need_getopt, but
that seems a little more hacky and complicated.
Reviewed by: arichardson
WITHOUT_LIBTHR has been broken for a little over five years now, since the
xz 5.2.0 update introduced a hard liblzma dependency on libthr, and building
a useful system without threading support is becoming increasingly more
difficult.
Additionally, in the five plus years that it's been broken more reverse
dependencies have cropped up in libzstd, libsqlite3, and libcrypto (among
others) that make it more and more difficult to reconcile the effort needed
to fix these options.
Remove the broken options.
PR: 252760
Reviewed by: brooks, emaste, kib
Differential Revision: https://reviews.freebsd.org/D28263
Define a non-const static char EMSG[] = "" to avoid having to add
__DECONST() to all uses of EMSG. Also make current_dash a const char *
to fix this warning.
On little-endian PowerPC64, this prevented /usr/lib/clang/11.0.0 being
cleaned up completely after upgrading to clang 11.0.1.
Noticed by: pkubaj
MFC after: 4 weeks
X-MFC-With: r364284
With the switch to git, we should strive to properly attribute every
commit appropriately with the metadata that's provided to do so. In this
case, the submitter should be recorded via the author metadata. Committing
an arbitrary patch, one can set it as such:
git commit --author="John Smith <smith@example.com>"
Reviewed-by: emaste
Differential-Revision: https://reviews.freebsd.org/D28069
The *w variants of ncurses directories went away, and the remaining names
build the widechar variants instead of non-widechar variants. As such, the
entire ncurses tree should be regenerated.
Key off of lib/ncurses/ncursesw being present and remove the whole ncurses
hierarchy if it is.
Reviewed by: emaste (IRC)
Remove wi(4). pccard is going away, and wi only supports PC Card
devices, though it has a minor amount of glue to also support
PCI cards. However, removing the one without removing the other
is hard, so the whole driver is being removed.
Relnotes: Yes
The macOS /bin/sh complains about using return outside of functions.
Replace `return 0` with `exit 0` to fix this. While editing this files
I've also fixed all the shellcheck warnings that were displayed by my IDE.
Reviewed By: emaste
Differential Revision: https://reviews.freebsd.org/D28016
If we set STRIPBIN, we also have to set XSTRIPBIN since we otherwise
use the host /usr/bin/strip during buildworld. However, this does not
work on macOS since /usr/bin/strip doesn't handle ELF binaries.
As suggested in D27598. This also supports MK_WERROR.clang=no and
MK_WERROR.gcc=no to support the existing NO_WERROR.<compiler> uses.
Reviewed By: brooks
Differential Revision: https://reviews.freebsd.org/D27601
With this change and D27598 make kernel-toolchain no longer emits any
warnings for me.
Reviewed By: emaste
Differential Revision: https://reviews.freebsd.org/D27599
Support for NS_MOREFRAG is broken, as NS_MOREFRAG is copied from
the TX slot to the RX slot rather than the other way around.
Also, the NS_MOREFRAG must be copied also in case of packet
copy (no zerocopy).
Reported by: rajesh1.kumar_amd.com
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D27980
We've created a new pf_ruleset.c file for pfctl and no longer use the
kernel vrsion, but the build system doesn't handle this dependency
change correctly. Delete the dependency file if it contains the kernel
version of the file.
MFC after: 2 weeks
Only keep the widechar version of ncurses as libncursesw.so.9
Keep the old name to avoid breaking the ABI compatibility (the non
widechar version libncurses.so.9 is not binary compatible with
libncursesw.so.9) since all ports and base are already only linking
against the widechar version we can simply remove libncurses.so.9
Since the .9 version only lived in the dev branch and never ended in a
release, it is simply removed and not added to any binary compat
package.
Add symlinks to keep build time compatibility for anyone linking against
-lncurses
- Files for colldef were generated by duplicating UTF-8 collation files
for each language and included invalid characters in the non-UTF-8
encodings. localedef(1) does not allow those characters.
cldr2def.pl now checks if the characters are valid based on charmap files.
TODO: ja_JP.UTF-8 locale should not be generated solely from CLDR because
it was standardized in a document "UI-OSF Application Platform Profile for
Japanese Environment" which was incompatible with information in CLDR.
Most of commercial Unix vendors adopt this pre-Unicode-era document
as the reference even for UTF-8 locale. Newer versions of Solaris have
added a CLDR version as ja_JP.UTF-8@cldr, and IBM AIX has used
JA_JP.UTF-8 for the UI-OSF specification and ja_JP.UTF-8 for CLDR.
Note that this commit does not change generation of ja_JP.UTF-8.
Changes related to this issue will be committed separately later.
- Generate POSIX charamap UTF-32 as a reference. It was confusing that
charmap.xml used Unicode names defined in UnicodeData.txt though POSIX
charmap used slightly different names for the same code points.
cldr2def.pl now uses UTF-32.cm as single information source for Unicode
symbol names and code points. Charset.xml is also updated to use them.
- Fix a bug in get_encodings() in cldr2def.pl which did not understand
0x00+0x00 notation correctly in charmaps/ISCII-DEV.TXT.
- Do not regenerate posix/xx_Comm_C.UTF-8.src every time when doing
"make build".
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D27809
* argc/argv are currently unused
* msglen is currently unused
* "default" is a const buffer, but char *cp isn't, so
change default string to be a non-const global string variable
* Make 'cp' private to each context that's using it, which fixes
a "variable shadows previous declaration" warning and makes it
easier to track where it was being leaked between address family
sections
* Remove unused verbose global; things are now done through syslog
* Mark a variable as unused in handle_rtmsg()
Tested:
* FreeBSD/mips32 using gcc-6.4
Unconditionally install bsdgrep as grep, bootstrap or not. Remove all
build glue and stop installing both gnugrep and libgnuregex now that
all consumers of the latter are gone.
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D27732
git's default commit message includes the list of staged, unstaged, and
untracked files; adding our metadata tags and then their descriptions
made for a very long template.
Move the descriptions to the metadata lines themselves.
Reviewed by: bcr
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27664
Do not explicitly encode control characters widths as 0
allowing wcwidth() to return the proper implicit value for
non-printable characters (-1).
Reported by: naddy
Start with a slightly modified version of the SVN commit template, to
allow developers to experiment. This will be updated in the future as
our process and techniques evolve.
This can be installed by copying or symlinking into the .git/hooks/
directory.
Feedback from: cem, jhb
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27633
luacheck rightfully complains that i is unused in the show-module-options
loop at the end (it was used for some debugging in the process).
We've added a new pager module that's compiled in, so declare that as an
acceptable global.
GDB 6.1.1 was released in June 2004 and is long obsolete. It does not
support all of the architectures that FreeBSD does, and imposes
limitations on the FreeBSD kernel build, such as the continued use of
DWARF2 debugging information.
It was kept (in /usr/libexec/) only for use by crashinfo(8), which
extracts some basic information from a kernel core dump after a crash.
Crashinfo already prefers gdb from port/package if installed.
Future work may add kernel debug support to LLDB or find another path
for crashinfo's needs, but in any case we do not want to ship the
excessively outdated GDB in FreeBSD 13.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D27610
This is an import of the Google Summer of Code 2018 project completed by
Christian Kramer (and, sadly, ignored by us for two years now). The goals
stated for that project were:
FreeBSD already has support for interrupts implemented in the GPIO
controller drivers of several SoCs, but there are no interfaces to take
advantage of them out of user space yet. The goal of this work is to
implement such an interface by providing descriptors which integrate
with the common I/O system calls and multiplexing mechanisms.
The initial imported code supports the following functionality:
- A kernel driver that provides an interface to the user space; the
existing gpioc(4) driver was enhanced with this functionality.
- Implement support for the most common I/O system calls / multiplexing
mechanisms:
- read() Places the pin number on which the interrupt occurred in the
buffer. Blocking and non-blocking behaviour supported.
- poll()/select()
- kqueue()
- signal driven I/O. Posting SIGIO when the O_ASYNC was set.
- Many-to-many relationship between pins and file descriptors.
- A file descriptor can monitor several GPIO pins.
- A GPIO pin can be monitored by multiple file descriptors.
- Integration with gpioctl and libgpio.
I added some fixes (mostly to locking) and feature enhancements on top of
the original gsoc code. The feature ehancements allow the user to choose
between detailed and summary event reporting. Detailed reporting provides
a record describing each pin change event. Summary reporting provides the
time of the first and last change of each pin, and a count of how many times
it changed state since the last read(2) call. Another enhancement allows
the recording of multiple state change events on multiple pins between each
call to read(2) (the original code would track only a single event at a time).
The phabricator review for these changes timed out without approval, but I
cite it below anyway, because the review contains a series of diffs that
show how I evolved the code from its original state in Christian's github
repo for the gsoc project to what is being commited here. (In effect,
the phab review extends the VC history back to the original code.)
Submitted by: Christian Kramer
Obtained from: https://github.com/ckraemer/freebsd/tree/gsoc2018
Differential Revision: https://reviews.freebsd.org/D27398
RISC-V has the same booting requirements as arm64 (loader.efi, no legacy
boot options), so generated images for both architectures have the same
partition layout.
Reviewed by: gjb
Differential Revision: https://reviews.freebsd.org/D27044
Character width data being out of date is a constant source
of weird rendering issues and wasted time trying to diagnose
those, e.g. as reported by Jeremy Chadwick:
https://gitlab.com/muttmua/mutt/-/issues/67
Sadly, there is no real ("standard") wcwidth data source, so
this tries to rectify the problem using the utf8proc one (through
its C API) which would hopefully benefeat both FreeBSD and
utf8proc through bug reports (if any).
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D27259
This was introduced and then disabled by default primarily to avoid dealing
with bugs in libgnuregex. rS363823 switched to using libregex for it, so
let's just rip the option out now so we can make sure we're getting tested
with libregex via bsdgrep.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D27476
When invoked as "ping6", ping will now attempt to use ICMPv6 for hostnames
that resolve both IPv4 and IPv6 addresses.
Reviewed by: bz, manu
MFC-With: r368045
Differential Revision: https://reviews.freebsd.org/D27384
Also fix the run by setting up the environment in non-deprecated way.
Always run with --debug to understand better what sort of stuff is happening in
the background. Also split out the bmake bootstrap stage (takes about 31s on
ubuntu, but 1m14 on macOS?)
Drops the dependency on coreutils (realpath, nproc) and thus (?) fixes macOS to
be just as fast (4 logical cores vs 2 physical cores before, go figure.)
Reviewed by: arichardson
There is now a single ping binary, which chooses to use ICMP or ICMPv4
based on the -4 and -6 options, and the format of the address.
Submitted by: Ján Sučan <sucanjan@gmail.com>
Sponsored by: Google LLC (Google Summer of Code 2019)
MFC after: Never
Differential Revision: https://reviews.freebsd.org/D21377
Crypto file descriptors were added in the original OCF import as a way
to provide per-open data (specifically the list of symmetric
sessions). However, this gives a bit of a confusing API where one has
to open /dev/crypto and then invoke an ioctl to obtain a second file
descriptor. This also does not match the API used with /dev/crypto on
other BSDs or with Linux's /dev/crypto driver.
Character devices have gained support for per-open data via cdevpriv
since OCF was imported, so use cdevpriv to simplify the userland API
by permitting ioctls directly on /dev/crypto descriptors.
To provide backwards compatibility, CRIOGET now opens another
/dev/crypto descriptor via kern_openat() rather than dup'ing the
existing file descriptor. This preserves prior semantics in case
CRIOGET is invoked multiple times on a single file descriptor.
Reviewed by: markj
Relnotes: yes
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D27302
after r367304 and r367324, when WITH_LLVM_CXXFILT is enabled.
Noticed by: "Herbert J. Skuhra" <herbert@gojira.at>
MFC after: 3 days
X-MFC-With: r367304
There are two options:
- WITH_INIT_ALL_ZERO: Zero all variables on the stack.
- WITH_INIT_ALL_PATTERN: Initialize variables with well-defined patterns.
The exact pattern are a compiler implementation detail and vary by type.
They are somewhat documented in the LLVM commit message:
https://reviews.llvm.org/rL349442
I've used WITH_INIT_ALL_* to match Microsoft's InitAll feature rather
than naming them after the LLVM specific compiler flags.
In a range of consumer products, options like these are used in
both debug and production builds with debugs builds using patterns
(intended to provoke crashes on use of uninitialized values) and
production using zeros (deemed more likely to lead to harmless
misbehavior or NULL-pointer dereferences).
Reviewed by: emaste
Obtained from: CheriBSD
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D27131
Provide a way to ask for an opaque version string for a locale_t, so
that potential changes in sort order can be detected. Similar to
ICU's ucol_getVersion() and Windows' GetNLSVersionEx(), this API is
intended to allow databases to detect when text order-based indexes
might need to be rebuilt.
The CLDR version is extracted from CLDR source data by the Makefile
under tools/tools/locale, written into the machine-generated Makefile
under shared/colldef, passed to localedef -V, and then written into
LC_COLLATE file headers. The initial version is 34.0.
tools/tools/locale was recently updated to pull down 35.0, but the
output hasn't been committed under share/colldef yet, so that will
provide the first observable change when it happens. Other versioning
schemes are possible in future, because the format is unspecified.
Reviewed by: bapt, 0mp, kib, yuripv (albeit a long time ago)
Differential Revision: https://reviews.freebsd.org/D17166
Since elftoolchain's cxxfilt is rather far behind on features, and we
ran into several bugs, add an option to use llvm-cxxfilt as an drop-in
replacement.
It supports the same options as elftoolchain cxxfilt, though it doesn't
have support for old ARM (C++ Annotated Reference Manual, not the CPU)
and GNU v2 manglings. But these are irrelevant in 2020.
Note: as we already compile the required libraries as part of libllvm,
this will not add any significant build time either.
PR: 250702
Reviewed by: emaste, yuri
Differential Revision: https://reviews.freebsd.org/D27071
MFC after: 2 weeks
This patch also introduces an environment variable BE_UTILITY,
which can be used to specify the utility to use for managing
ZFS boot environments (which can be either bectl or beadm).
While here, fix some typos in the manual page and
remove beadm from section "SEE ALSO".
Reviewed by: bcr, kevans, rpokala
Approved by: will
Differential Revision: https://reviews.freebsd.org/D21111
Foundation copyrights, approved by emaste@. It does not include
files which carry other people's copyrights; if you're one
of those people, feel free to make similar change.
Reviewed by: emaste, imp, gbe (manpages)
Differential Revision: https://reviews.freebsd.org/D26980
Literal references to /usr/local exist in a large number of files in
the FreeBSD base system. Many are in contributed software, in configuration
files, or in the documentation, but 19 uses have been identified in C
source files or headers outside the contrib and sys/contrib directories.
This commit makes it possible to set _PATH_LOCALBASE in paths.h to use
a different prefix for locally installed software.
In order to avoid changes to openssh source files, LOCALBASE is passed to
the build via Makefiles under src/secure. While _PATH_LOCALBASE could have
been used here, there is precedent in the construction of the path used to
a xauth program which depends on the LOCALBASE value passed on the compiler
command line to select a non-default directory.
This could be changed in a later commit to make the openssh build
consistently use _PATH_LOCALBASE. It is considered out-of-scope for this
commit.
Reviewed by: imp
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D26942
It turns out that without /dev/null beinstall is not able to complete and
instead exits with messages similar to these:
--------------------------------------------------------------
>>> Installing kernel GENERIC completed on Sun Oct 25 17:47:37 CET 2020
--------------------------------------------------------------
/tmp/beinstall.JleGoP/mnt: Inspecting dirs /usr/src /usr/obj/usr/src/amd64.amd64
--- installworld ---
make[1]: "/usr/obj/usr/src/amd64.amd64/toolchain-metadata.mk" line 1: Using cached toolchain metadata from build at t480 on Sun Oct 25 15:53:28 CET 2020
make[2]: "/dev/null" line 2: Need an operator
make[2]: Fatal errors encountered -- cannot continuemake[1]: "/usr/src/Makefile.inc1" line 593: CPUTYPE global should be set with ?=.
Cleaning up ...
umount -f /tmp/beinstall.JleGoP/mnt/usr/src /tmp/beinstall.JleGoP/mnt/usr/obj/usr/src/amd64.amd64 /tmp/beinstall.JleGoP/mnt
Destroyed successfully
error: Installworld failed!
Upon a bit of debugging, it turns out that /dev/null inside the chroot
environment is full random bytes, which cause "make -f /dev/null" to
misbehave. Mounting a proper devfs inside the chroot seems to be the most
appropriate way to fix it.
will@ also noted that this change requires that whatever is needed in devfs
must exist in the old kernel.
Approved by: will
MFC after: 2 week
Differential Revision: https://reviews.freebsd.org/D26944
