contrib/openbsm (svn merge) and src/sys/{bsm,security/audit} (manual
merge). Add libauditd build parts and add to auditd's linkage;
force libbsm to build before libauditd.
OpenBSM history for imported revisions below for reference.
MFC after: 1 month
Sponsored by: Apple Inc.
Obtained from: TrustedBSD Project
OpenBSM 1.1 alpha 4
- With the addition of BSM error number mapping, we also need to map the
local error number passed to audit_submit(3) to a BSM error number,
rather than have the caller perform that conversion.
- Reallocate user audit events to avoid collisions with Solaris; adopt a
more formal allocation scheme, and add some events allocated in Solaris
that will be of immediate use on other platforms.
- Add an event for Calife.
- Add au_strerror(3), which allows generating strings for BSM errors
directly, rather than requiring applications to map to the local error
space, which might not be able to entirely represent the BSM error
number space.
- Major auditd rewrite for launchd(8) support. Add libauditd library
that is shared between launchd and auditd.
- Add AUDIT_TRIGGER_INITIALIZE trigger (sent via 'audit -i') for
(re)starting auditing under launchd(8) on Mac OS X.
- Add 'current' symlink to active audit trail.
- Add crash recovery of previous audit trail file when detected on audit
startup that it has not been properly terminated.
- Add the event AUE_audit_recovery to indicated when an audit trail file
has been recovered from not being properly terminated. This event is
stored in the new audit trail file and includes the path of recovered
audit trail file.
- Mac OS X and FreeBSD dependent code in auditd.c is separated into
auditd_darwin.c and auditd_fbsd.c files.
- Add an event for the posix_spawn(2) and fsgetpath(2) Mac OS X system
calls.
- For Mac OS X, we use ASL(3) instead of syslog(3) for logging.
- Add support for NOTICE level logging.
OpenBSM 1.1 alpha 3
- Add two new functions, au_bsm_to_errno() and au_errno_to_bsm(), to map
between BSM error numbers (largely the Solaris definitions) and local
errno(2) values for 32-bit and 64-bit return tokens. This is required
as operating systems don't agree on some of the values of more recent
error numbers.
- Fix a bug how au_to_exec_args(3) and au_to_exec_env(3) calculates the
total size for the token. This buge.
- Deprecated Darwin constants, such as TRAILER_PAD_MAGIC, removed.
src/sys/dev/usb2/core/usbdevs
src/sys/dev/usb2/include/urio2_ioctl.h
src/sys/dev/usb2/storage/ustorage2_fs.h
These files are not used any more.
src/usr.sbin/Makefile
src/etc/mtree/BSD.include.dist
src/include/Makefile
src/lib/Makefile
src/share/man/man7/hier.7
src/share/mk/bsd.libnames.mk
src/etc/mtree/BSD.include.dist
Make "usbconfig" and "libusb20" a part of the default build.
src/sys/dev/usb/rio500_usb.h
src/sys/dev/usb2/storage/urio2.c
Use common include file.
src/sys/dev/usb2/bluetooth/ng_ubt2.c
Make USB bluetooth depend on "ng_hci" module.
src/sys/dev/usb2/controller/ehci2.c
src/sys/dev/usb2/controller/ehci2.h
Patches for Marvell EHCI.
src/sys/dev/usb2/core/usb2_busdma.c
Bugfix for 64-bit platforms. Need to unload the previously loaded DMA
map and some cleanup regarding some corner cases.
src/sys/dev/usb2/core/usb2_core.h
src/sys/dev/usb2/core/usb2_dev.c
src/sys/dev/usb2/core/usb2_dev.h
Bugfix for libusb filesystem interface.
New feature: Add support for filtering device data at the expense of the
userland process.
Add some more comments.
Some minor code styling.
Remove unused function, usb2_fifo_get_data_next().
Fix an issue about "fifo_index" being used instead of "ep_index".
src/sys/dev/usb2/core/usb2_device.c
src/sys/dev/usb2/core/usb2_generic.c
Bugfix for Linux USB compat layer. Do not free non-generic FIFOs when
doing an alternate setting.
Cleanup USB IOCTL and USB reference handling.
Fix a corner case where USB-FS was left initialised after
setting a new configuration or alternate setting.
src/sys/dev/usb2/core/usb2_hub.c
Improvement: Check all USB HUB ports by default at least one time.
src/sys/dev/usb2/core/usb2_request.c
Bugfix: Make sure destination ASCII string is properly zero terminated
in all cases.
Improvement: Skip invalid characters instead of replacing with a dot.
src/sys/dev/usb2/core/usb2_util.c
src/sys/dev/usb2/image/uscanner2.c
Spelling.
src/sys/dev/usb2/include/Makefile
Share "usbdevs" with the old USB stack.
src/sys/dev/usb2/include/usb2_devid.h
src/sys/dev/usb2/include/usb2_devtable.h
Regenerate files.
Alfred: Please fix the RCS tag at the top.
src/sys/dev/usb2/include/usb2_ioctl.h
Fix compilation of "kdump".
src/sys/dev/usb2/serial/ubsa2.c
src/sys/dev/usb2/serial/ugensa2.c
Remove device ID's which will end up in a new 3G driver.
src/sys/dev/usb2/sound/uaudio2.c
Correct a debug printout.
src/sys/dev/usb2/storage/umass2.c
Sync with old USB stack.
src/lib/libusb20/libusb20.3
Add more documentation.
src/lib/libusb20/libusb20.c
Various bugfixes and improvements.
src/usr.sbin/usbconfig/dump.c
src/usr.sbin/usbconfig/usbconfig.c
New commands for dumping strings and doing custom USB requests from
the command line.
Remove keyword requirements from generated files:
"head/sys/dev/usb2/include/usb2_devid.h"
"head/sys/dev/usb2/include/usb2_devtable.h"
control over the result of buildworld and installworld; this especially
helps packaging systems such as nanobsd
Reviewed by: various (posted to arch)
MFC after: 1 month
The segfaults when using SSP seem to be a gcc bug, a patch is available
in the gcc bugzilla, and will be imported once it's committed
into the official gcc tree.
- It is opt-out for now so as to give it maximum testing, but it may be
turned opt-in for stable branches depending on the consensus. You
can turn it off with WITHOUT_SSP.
- WITHOUT_SSP was previously used to disable the build of GNU libssp.
It is harmless to steal the knob as SSP symbols have been provided
by libc for a long time, GNU libssp should not have been much used.
- SSP is disabled in a few corners such as system bootstrap programs
(sys/boot), process bootstrap code (rtld, csu) and SSP symbols themselves.
- It should be safe to use -fstack-protector-all to build world, however
libc will be automatically downgraded to -fstack-protector because it
breaks rtld otherwise.
- This option is unavailable on ia64.
Enable GCC stack protection (aka Propolice) for kernel:
- It is opt-out for now so as to give it maximum testing.
- Do not compile your kernel with -fstack-protector-all, it won't work.
Submitted by: Jeremie Le Hen <jeremie@le-hen.org>
a. The BSD version will be built and installed unless
WITHOUT_BSD_CPIO is defined.
b. The GNU version will not be built or installed unless
WITH_GNU_CPIO is defined. If this is defined, the symlink
in /usr/bin will be to the GNU version whether the BSD
version is present or not.
When these changes are MFCed the defaults should be flipped.
2. Add a knob to disable the building of GNU grep. This will
make it easier for those that want to test the BSD version in
the ports.
Approved by: kientzle [1]
parts relied on the now removed NET_NEEDS_GIANT.
Most of I4B has been disconnected from the build
since July 2007 in HEAD/RELENG_7.
This is what was removed:
- configuration in /etc/isdn
- examples
- man pages
- kernel configuration
- sys/i4b (drivers, layers, include files)
- user space tools
- i4b support from ppp
- further documentation
Discussed with: rwatson, re
system makefiles.
Note that the CTF conversion defaults to off. We may choose to change this
default later if DTrace proves popular and people are prepared to wear
the compilation performance impact of compiling with debug symbols all the
time.
Setting NO_CTF in the make args or user environment turns off CTF conversion.
Even if we choose to default CTF generation to on later, we still need
NO_CTF so that the buildworld process can bootstrap the tools without
needlessly generating CTF data for temporary tools.
Setting WITH_CTF in the make args or user environment (and _NOT_ in
/etc/make.conf) is the only way to enable CTF data conversion. Nore that
this can't be implemented the same way that the WITH_ and WITHOUT_ stuff
is implemented throughout the buildworld because the CTF conversion needs
to work when building a simple object without a Makefile, using the
default rules in sys.mk.
Typing 'make test.o' with no makefile and just a source file test.c
should work. Also, typing 'make WITH_CTF=1 test.o without a makefile and
just a source file test.c should work and produce an object with a CTF
elf section. Typing 'make WITH_CTF=1 CFLAGS=-g test.o' without a makefile
and just a source file test.c should produce an object with both a CTF
elf section and the debug elf sections.
In the FreeBSD build where more .mk files are used than just sys.mk
which is included my make by default, the use of DEBUG_FLAGS is the
correct way to enable a debug build. The important thing to note here
is that it is the DEBUG_FLAGS setting that prevents libraries and
programs from being stripped on installation. So, for the addition of
CTF data conversion, setting DEBUG_FLAGS to contain -g, without NO_CTF,
will cause the ctfconvert and ctfmerge build programs to be executed
also with the -g arg so that debug symbols are retained rather than
being removed after the CTF data elf section has been added.
Add DTrace libraries to the list of libnames.
o Default to -O on mips as well as arm. -O2 has been strongly implicated
in many problems in the past, so we're taking a conservative approach
until the problems are well understood.
to JB's revision 1.96 change to remove -fno-strict-aliasing from CFLAGS.
This makes the default CFLAGS to match the simple defaults that the
tinderboxes use. By using -fno-strict-aliasing by default we are
choosing to ignore problems in code which had the potential to
shoot ourselves in the foot.
address PR ports/121363 (current day re-opening of PR ports/73797)
to make ports CFLAGS more independent of src/'s CFLAGS WRT aliasing.
Discussed with: brooks
Change the default CFLAGS to match the simple defaults that the
tinderboxes use. By using -fno-strict-aliasing by default we are
choosing to ignore problems in code which had the potential to
shoot ourselves in the foot.
The kernel config file is KERNCONF=MPC85XX, so the usual procedure applies:
1. make buildworld TARGET_ARCH=powerpc
2. make buildkernel TARGET_ARCH=powerpc TARGET_CPUTYPE=e500 KERNCONF=MPC85XX
This default config uses kernel-level FPU emulation. For the soft-float world
approach:
1. make buildworld TARGET_ARCH=powerpc TARGET_CPUTYPE=e500
2. disable FPU_EMU option in sys/powerpc/conf/MPC85XX
3. make buildkernel TARGET_ARCH=powerpc TARGET_CPUTYPE=e500 KERNCONF=MPC85XX
Approved by: cognet (mentor)
MFp4: e500
were recently), a simple 'make cleandepend; make depend' is sufficient
to keep the tree buildable after a cvs update when doing incremental
builds.
However, kdump and truss use a script which searches for header files
that define ioctls, and generates C code that includes them. This
script will usually not need updating when a header file is removed,
so the normal dependency mechanism will not realize that it needs to
be re-run. One is therefore left with code that references dead files
but will only be removed by a full 'make clean', which defeats the
purpose of incremental builds.
To work around this, modify the cleandepend target in bsd.dep.mk to
also remove any files listed in a new variable named CLEANDEPFILES,
and modify kdump's and truss's Makefiles accordingly.
MFC after: 2 weeks
definition files that are used only for extracting symbols. This is useful
for inter-module dependencies and files containing only enum-definitions.
MFC after: 4 weeks
default to the value of MK_KERBEROS unless set explicitly by
WITH_GSSAPI/WITHOUT_GSSAPI. (This introduces another type of
MK_* variables which itself is questionable.)
- Teach tools/build/options/makeman script that generates the
src.conf(5) manpage about the new type of MK_* variables.
- Fix broken logic in lib/Makefile.
WITHOUT_KERBEROS knob. While GSS can be used for other things
some third party software (most notably ports/x11/kdelibs3)
takes the presence of libgssapi as an indication that kerberos
is available, and attempts to link with the kerberos libs. If
they are not available, the build will fail.
Because you might want to use GSS but not kerberos, add a knob
to re-enable it if WITHOUT_KERBEROS is present.
Document the new knob, and the new behavior of WITHOUT_KERBEROS.
Not objected and/or generally agreed to by: freebsd-arch
Problem discussed/analyzed in:
PR: ports/116484
in the default CFLAGS, we're in the middle of a ports freeze, so we can't
really go making the corresponding change to the ports mk files.
I'll take -fno-strict-aliasing out again when the ports freeze ends.
This time, change the default CFLAGS to match the simple defaults that
the tinderboxes use. That is, don't use -fno-strict-aliasing by default.
My last attempt to re-anable -Werror gave me a lesson in what strict
aliasing is all about. There was code in libthr that wasn't 64-bit clean.
The default use of -fno-strict-aliasing hid that.
By using -fno-strict-aliasing by default we were choosing to ignore
problems in code which had the potential to shoot ourselves in the
foot. Sometimes it would be the 64-bit foot. I have both feet. The left
ones are 32 bits and the right ones are 64 bits. Don't ask about my
endian orientation. :-)
The -fno-strict-aliasing compiler arg can still be used if NO_STRING_ALIASING
is define in make.
We are early in the FreeBSD 8 development, so we have the opportunity to
wait and see if this works for us. I am sure that people will complain.
We can easily revert this. All I ask is that we take sides: clean code or
not. YMMV.
Note that by using -fno-strict-aliasing the build won't actually break.
Only where WARNS is set (and -Werror is used) will a compiler warning break
the build. The use of WARNS levels implies (to me at least) that the
developer has taken some care to make the code pass basic checks. This
commit makes those checks just a little bit more strict.
obstacle to enabling -Werror. I'll continue to work on cleaning up the
code so that we can keep this enabled.
If the tinderboxes would just use the default CFLAGS set in this file,
all would be fine and we'd be able to make use of -Werror.
__MAKE_SHELL variable. This feature isn't supposed to be in wide
use, but it's needed now to make `installworld' independent of the
stock binaries and libs so that radical ABI changes can go in safely.
Reviewed by: ru
test MK_INSTALLLIB, users can set WITHOUT_INSTALLLIB. The old
NO_INSTALLLIB is still supported as several makefiles set it.
- While here, fix an install when instructed not to install libs
(usr.bin/lex/lib/Makefile).
PR: bin/114200
Submitted by: Henrik Brix Andersen
- Check for duplicated symbols and suggest moving them to ObsoleteVersions.
- Improve and unify error handling.
- Make the regular expressions more uniform, robust, and less sensitive
to harmless variations in the input such as those to whitespace amount.
Reviewed by: deischen
Tested with: md5 (Version.map files in /usr/obj stay the same)