NSS modules are loaded when nsswitch.conf is parsed and may register their
own atexit handlers with libc. nss_atexit() unloads any dynamically loaded
NSS modules, so it should run only after the modules' atexit handlers have
been invoked.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
For regular files and posix shared memory, POSIX requires that
[offset, offset + size) range is legitimate. At the maping time,
check that offset is not negative. Allowing negative offsets might
expose the data that filesystem put into vm_object for internal use,
esp. due to OFF_TO_IDX() signess treatment. Fault handler verifies
that the mapped range is valid, assuming that mmap(2) checked that
arithmetic gives no undefined results.
For device mappings, leave the semantic of negative offsets to the
driver. Correct object page index calculation to not erronously
propagate sign.
In either case, disallow overflow of offset + size.
Update mmap(2) man page to explain the requirement of the range
validity, and behaviour when the range becomes invalid after mapping.
Reported and tested by: royger (previous version)
Reviewed by: alc
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
The primary end-goal of this drop is ease future merges with NetBSD and
collaborate further with the NetBSD project.
The goal was (largely, not completely as some items are still oustanding
in the NetBSD GNATS system) achieved by doing the following:
- Pushing as many changes required to port contrib/netbsd-tests
back to NetBSD as possible, then pull the upstream applied changes
back in to FreeBSD.
- Diff reduce with upstream where possible by:
-- Improving libnetbsd header, etc compat glue.
-- Using _SED variables to modify test scripts on the fly for items
that could not be upstreamed to NetBSD.
As a bonus for this work, this change also introduces testcases for
uniq(1).
Many thanks to Christos for working with me to get many of the changes
back into the NetBSD project.
In collaboration with: Christos Zoulas <christos@netbsd.org>
MFC after: 1 month
Sponsored by: Dell EMC Isilon
In the end, dealing with fparseln was more bikeshed worthy than I
anticipated, and polling stdio.h with libutil.h caused me more
grief than necessary. Keeping the compat header around for no
reason other than include_next'ing the stdio.h header in FreeBSD
makes no sense.
This change is being made to diff reduce/reduce duplication in
contrib/netbsd-tests and to facilitate further porting of software from
NetBSD
Add the following headers:
- sys/event.h:
-- sys/types.h is required for kqueue on FreeBSD, but not NetBSD.
- sys/types.h:
-- NBBY is defined in sys/param.h on FreeBSD, not sys/types.h like on NetBSD.
Pull in sys/param.h to have parity with NetBSD.
- sys/wait.h:
-- Define wrusage as __wrusage for parity with NetBSD typedef.
- glob.h
-- Define __gl_stat_t as "struct stat" for parity with NetBSD typedef.
- pthread.h:
-- Pull in pthread_np.h for _np functions defined separately on FreeBSD.
Improve compatibility with NetBSD in the following headers:
- sha1.h:
-- define SHA1_CTX as SHA_CTX
-- define SHA1Final as SHA1_Final
- sha2.h:
-- #include sha384 to pick up all of the SHA 384 bit macros and definitions.
- util.h:
-- Add sys/types.h to util.h to pollute the header for types used in
flags_to_string and string_to_flags (u_long) as NetBSD doesn't require them
for the functions.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
The %t{d,u} (ptrdiff_t) tests fail for the following reasons:
- ptrdiff_t is by definition int32_t on !LP64 architectures and int64_t on
LP64 architectures.
- intmax_t is by definition fixed to int64_t on all architectures.
- Some of the code in lib/libc/stdio/... is promoting ptrdiff_t to *intmax_t
when parsing/representing the value.
PR: 191674
MFC after: 1 week
Sponsored by: Dell EMC Isilon
The reasoning here was the same as what was done in r313376:
- Gather as many results as possible instead of failing early and
not testing the rest of the cases.
- Simplify logic when checking test inputs vs outputs and printing
test result.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Don't exclude i386 from LDBL_MANT_DIG == 64; it works properly in
that case.
While here, replace strcmp + atf_tc_fail with ATF_CHECK_MSG for 2
reasons:
- Gather as many results as possible instead of failing early and
not testing the rest of the cases.
- Simplify logic when checking test inputs vs outputs and printing
test result.
Tested on: amd64, i386
MFC after: 1 week
Sponsored by: Dell EMC Isilon
- Add missing comma between functions that trigger ENOMEM error.
- Fix the description for ESRCH. The action that triggers this error is
FIND, not SEARCH (SEARCH does not exist).
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Rewrite EFI part device interface to present disk devices in more
user friendly way.
We keep list of three types of devices: floppy, cd and disk, the
visible names: fdX: cdX: and diskX:
Use common/disk.c and common/part.c interfaces to manage the
partitioning.
The lsdev -l will additionally list the device path.
Reviewed by: imp, allanjude
Approved by: imp (mentor), allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D8581
Small summary
-------------
o Almost all IPsec releated code was moved into sys/netipsec.
o New kernel modules added: ipsec.ko and tcpmd5.ko. New kernel
option IPSEC_SUPPORT added. It enables support for loading
and unloading of ipsec.ko and tcpmd5.ko kernel modules.
o IPSEC_NAT_T option was removed. Now NAT-T support is enabled by
default. The UDP_ENCAP_ESPINUDP_NON_IKE encapsulation type
support was removed. Added TCP/UDP checksum handling for
inbound packets that were decapsulated by transport mode SAs.
setkey(8) modified to show run-time NAT-T configuration of SA.
o New network pseudo interface if_ipsec(4) added. For now it is
build as part of ipsec.ko module (or with IPSEC kernel).
It implements IPsec virtual tunnels to create route-based VPNs.
o The network stack now invokes IPsec functions using special
methods. The only one header file <netipsec/ipsec_support.h>
should be included to declare all the needed things to work
with IPsec.
o All IPsec protocols handlers (ESP/AH/IPCOMP protosw) were removed.
Now these protocols are handled directly via IPsec methods.
o TCP_SIGNATURE support was reworked to be more close to RFC.
o PF_KEY SADB was reworked:
- now all security associations stored in the single SPI namespace,
and all SAs MUST have unique SPI.
- several hash tables added to speed up lookups in SADB.
- SADB now uses rmlock to protect access, and concurrent threads
can do SA lookups in the same time.
- many PF_KEY message handlers were reworked to reflect changes
in SADB.
- SADB_UPDATE message was extended to support new PF_KEY headers:
SADB_X_EXT_NEW_ADDRESS_SRC and SADB_X_EXT_NEW_ADDRESS_DST. They
can be used by IKE daemon to change SA addresses.
o ipsecrequest and secpolicy structures were cardinally changed to
avoid locking protection for ipsecrequest. Now we support
only limited number (4) of bundled SAs, but they are supported
for both INET and INET6.
o INPCB security policy cache was introduced. Each PCB now caches
used security policies to avoid SP lookup for each packet.
o For inbound security policies added the mode, when the kernel does
check for full history of applied IPsec transforms.
o References counting rules for security policies and security
associations were changed. The proper SA locking added into xform
code.
o xform code was also changed. Now it is possible to unregister xforms.
tdb_xxx structures were changed and renamed to reflect changes in
SADB/SPDB, and changed rules for locking and refcounting.
Reviewed by: gnn, wblock
Obtained from: Yandex LLC
Relnotes: yes
Sponsored by: Yandex LLC
Differential Revision: https://reviews.freebsd.org/D9352
Document AF_UNIX control messages in unix(4) only, not split between unix(4)
and recv(2).
Also, warn about LOCAL_CREDS effective uid/gid fields, since the write could
be from a setuid or setgid program (with the explicit SCM_CREDS and
LOCAL_PEERCRED, the credentials are read at such a time that it can be
assumed that the process intends for them to be used in this context).
Reviewed by: wblock
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D9298
Sync libarchive with vendor
Vendor changes (relevant to FreeBSD):
- support extracting NFSv4 ACLs from Solaris tar archives
- bugfixes and optimizations in the ACL code
- multiple fixes in the test suite
- typo and other small bugfixes
Security fixes:
- cab reader: endless loop when parsing MSZIP signature (OSS-Fuzz 335)
- LHA reader: heap-buffer-overflow in lha_read_file_header_1()
(CVE-2017-5601)
- LZ4 reader: null-pointer dereference in lz4_filter_read_legacy_stream()
(OSS-Fuzz 453)
- mtree reader: heap-buffer-overflow in detect_form() (OSS-Fuzz 421, 443)
- WARC reader: heap-buffer-overflow in xstrpisotime() (OSS-Fuzz 382, 458)
Memory leak fixes:
- ACL support: free memory allocated by acl_get_qualifier()
- disk writer: missing free in create_filesystem_object()
- file reader: fd leak (Coverity 1016755)
- gnutar writer: fix free in archive_write_gnutar_header()
(Coverity 101675)
- iso 9660 reader: missing free in parse_file_info()
(partial Coverity 1016754)
- program reader: missing free in __archive_read_program()
- program writer: missing free in __archive_write_program_free()
- xar reader: missing free in xar_cleanup()
- xar reader: missing frees in expat_xmlattr_setup()
(Coverity 1229979-1229981)
- xar writer: missing free in file_free()
- zip reader: missing free in zip_read_local_file_header()
MFC after: 1 week
X-MFC with: 310866, 310868, 310870, 311899
The symbols currently hidden in libprofile_rt are needed for linking with
`clang --coverage` to add coverage counters at link time and produce
coverage numbers at runtime.
In collaboration with: dim
MFC after: 1 month
Sponsored by: Dell EMC Isilon
Differential Revision: D9168
Re-import libedit 2016-02-27
This reverts r296435: the issues related to lldb and this update appear to
have been identified (in lldb).
Obtained from: NetBSD
Reported by: emaste
MFC after: 3 weeks
Replace uses of the GCC __nonnull__ attribute with the clang nullability
qualifiers. The replacement should be transparent for clang developers as
the new qualifiers will produce the same warnings and will be useful for
static checkers but will not cause aggressive optimizations.
GCC will not produce such warnings and developers will have to use
upgraded GCC ports built with the system headers from r312538.
Hinted by: Apple's Libc-1158.20.4, Bionic libc
MFC after: 11.1 Release
Differential Revision: https://reviews.freebsd.org/D9004
