libpam: extra bounds checking through reallocarray(3).
It appears to be causing brokenness when reporting PAM_* environment
variables. This requires more investigation.
Reported by: lstewart
reallocarray(3) is a non portable extension that originated in OpenBSD.
Given that it is already in FreeBSD's libc it is useful for the cases
where reallocation involves a multiplication.
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D9955
- spelling: "mis-named" should be "misnamed".
- delete spaces interspersed in literal representation of
`struct cam_device` as hard-tabs separate the types and fields.
- Add commas after `e.g.`.
Reported by: igor
MFC after: 1 week
Sponsored by: Dell EMC Isilon
This is the correct markup macro, as opposed to .Va (variable names)
While here, annotate several bare references to `NULL` with .Dv.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Unsign setlen: it is local and will never be negative. Having one more bit
for growth is beneficial and it avoids a cast when it's going to be used
for allocation.
Reviewed by: ngie
MFC after: 3 days
Rename nitems to numitems: it shares the anme with an existing macro in
sys/params.h. Also initialize the value later which avoids asigning the
value if we exit early.
Reviewed by: ngie
MFC after: 3 days
ATF tests have a default WARNS of 0, unlike other usermode programs. This
change is technically a noop, but it documents that the msun tests don't
work with any warnings enabled, at least not on all architectures.
Reviewed by: ngie
MFC after: 3 weeks
Sponsored by: Spectra Logic Corporation
Differential Revision: https://reviews.freebsd.org/D9933
The clang 4.x+ upgrade now causes this testcase to fail, but
only on amd64.
More investigation will be done to determine the cause.
MFC after: 1 week
Reported by: Jenkins
PR: 217528
Sponsored by: Dell EMC Isilon
Recent changes (maybe a side-effect of the ATF-ification in r314649)
invalidate the failure expectation.
PR: 205446
MFC after: 1 week
Sponsored by: Dell EMC Isilon
This commit implements the (mostly?) Linux compatible
efidp_format_device_path and efidp_parse_device_path APIs. These are
the only APIs exposed through this library. However, they are built on
code from Tianocore's EDK2 MdePkg. They are brought in as new files
here for reasons described in FreeBSD-update.
Symbol versioning will be introduced to control what's exported from
the EDK2 code.
Some structural changes may be necessary when we move to sharing with
sys/boot/efi.
Sponsored by: Netflix
Currently are defined three scopes: global, ifnet, and pcb.
Generic security policies that IKE daemon can add via PF_KEY interface
or an administrator creates with setkey(8) utility have GLOBAL scope.
Such policies can be applied by the kernel to outgoing packets and checked
agains inbound packets after IPsec processing.
Security policies created by if_ipsec(4) interfaces have IFNET scope.
Such policies are applied to packets that are passed through if_ipsec(4)
interface.
And security policies created by application using setsockopt()
IP_IPSEC_POLICY option have PCB scope. Such policies are applied to
packets related to specific socket. Currently there is no way to list
PCB policies via setkey(8) utility.
Modify setkey(8) and libipsec(3) to be able distinguish the scope of
security policies in the `setkey -DP` listing. Add two optional flags:
'-t' to list only policies related to virtual *tunneling* interfaces,
i.e. policies with IFNET scope, and '-g' to list only policies with GLOBAL
scope. By default policies from all scopes are listed.
To implement this PF_KEY's sadb_x_policy structure was modified.
sadb_x_policy_reserved field is used to pass the policy scope from the
kernel to userland. SADB_SPDDUMP message extended to support filtering
by scope: sadb_msg_satype field is used to specify bit mask of requested
scopes.
For IFNET policies the sadb_x_policy_priority field of struct sadb_x_policy
is used to pass if_ipsec's interface if_index to the userland. For GLOBAL
policies sadb_x_policy_priority is used only to manage order of security
policies in the SPDB. For IFNET policies it is not used, so it can be used
to keep if_index.
After this change the output of `setkey -DP` now looks like:
# setkey -DPt
0.0.0.0/0[any] 0.0.0.0/0[any] any
in ipsec
esp/tunnel/87.250.242.144-87.250.242.145/unique:145
spid=7 seq=3 pid=58025 scope=ifnet ifname=ipsec0
refcnt=1
# setkey -DPg
::/0 ::/0 icmp6 135,0
out none
spid=5 seq=1 pid=872 scope=global
refcnt=1
No objection from: #network
Obtained from: Yandex LLC
MFC after: 2 weeks
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D9805
This follows another fix to bootstrap libmd after r313404. The
MD5FileChunk prototype is needed to build libmd, but it is
only reliably in the src tree's sys/md5.h header. Rather than
polluting the legacy build with this header for the entire build,
just symlink it in here for now as is done in the elftoolchain
build. Libmd is already referencing other src tree headers by
its used of CFLAGS+= ${SRCTOP}/sys/crypto/sha2. This, and
other uses of CFLAGS+= ${SRCTOP}/sys..., may later change to
be in the legacy mechanism.
Reported by: bde, ian, sjg
Tested by: ian
already complete.
Since 416 is an error code, any Content-Range header in the response
would refer to the error message, not the requested document, so
relying on the value of size when we know we got a 416 is wrong.
Instead, just verify that offset == 0 and assume that we've reached
the end of the document (if offset > 0, we did not request a range,
and the server is screwing with us). Note that we cannot distinguish
between reaching the end and going past it, but that is a flaw in the
protocol, not in the code, so we just have to assume that the caller
knows what it's doing. A smart caller would request an offset
slightly before what it believes is the end and compare the result to
what is already in the file.
PR: 212065
Reported by: mandree
MFC after: 3 weeks
Dan Krejsa reports a potential memory leak in an fts_build error case,
detected by Coverity. (It doesn't seem to show up in Coverity Scan, so I
don't have a CID to point to.)
I don't know whether it is actually possible to arrive in this case with a
non-empty 'head' list. The cost is low, though. One additional branch in a
terminal error case isn't the end of the world.
PR: 217125
Submitted by: Dan Krejsa <dan.krejsa at gmail.com>
This is being done as a precursor for work needed to annontate failing
testcases with clang 4.0+.
MFC after: 1 week
PR: 217528
Sponsored by: Dell EMC Isilon
sbuf_hexdump(9) should be linked to sbuf(9), not hexdump(3). Another
review will be posted to deduplicate the sbuf_hexdump reference in
in hexdump(3) or at the very least make the information less duplicative.
MFC after: 1 week
X-MFC with: r313437
Sponsored by: Dell EMC Isilon
Update libarchive to version 3.3.1 (and sync with latest vendor dist)
Notable vendor changes:
PR #501: improvements in ACL path handling
PR #724: fix hang when reading malformed cpio files
PR #864: fix out of bounds read with malformed GNU tar archives
Documentation, style, test suite improvements and typo fixes.
New options to bsdtar that enable or disable reading and/or writing of:
Access Control Lists (--acls, --no-acls)
Extended file flags (--fflags, --no-fflags)
Extended attributes (--xattrs, --no-xattrs)
Mac OS X metadata (Mac OS X only) (--mac-metadata, --no-mac-metadata)
MFC after: 2 weeks
4.0.0 (branches/release_40 296509). The release will follow soon.
Please note that from 3.5.0 onwards, clang, llvm and lldb require C++11
support to build; see UPDATING for more information.
Also note that as of 4.0.0, lld should be able to link the base system
on amd64 and aarch64. See the WITH_LLD_IS_LLD setting in src.conf(5).
Though please be aware that this is work in progress.
Release notes for llvm, clang and lld will be available here:
<http://releases.llvm.org/4.0.0/docs/ReleaseNotes.html>
<http://releases.llvm.org/4.0.0/tools/clang/docs/ReleaseNotes.html>
<http://releases.llvm.org/4.0.0/tools/lld/docs/ReleaseNotes.html>
Thanks to Ed Maste, Jan Beich, Antoine Brodin and Eric Fiselier for
their help.
Relnotes: yes
Exp-run: antoine
PR: 215969, 216008
MFC after: 1 month
