This, like including ucl private headers, is useful for writing new base
system tools. Yes, anyone using these libraries shouldn't assume ABI
compatibility.
Reviewed by: bdrewery, bapt
Differential Revision: https://reviews.freebsd.org/D10123
- Add a new "qsize" parameter in audit_control and the getacqsize(3) API to
query it, allowing to set the kernel's maximum audit queue length.
- Add support to push a mapping between audit event names and event numbers
into the kernel (where supported) using new A_GETEVENT and A_SETEVENT
auditon(2) operations.
- Add audit event identifiers for a number of new (and not-so-new) FreeBSD
system calls including those for asynchronous I/O, thread management, SCTP,
jails, multi-FIB support, and misc. POSIX interfaces such as
posix_fallocate(2) and posix_fadvise(2).
- On operating systems supporting Capsicum, auditreduce(1) and praudit(1) now
run sandboxed.
- Empty "flags" and "naflags" fields are now permitted in audit_control(5).
Many thanks to Christian Brueffer for producing the OpenBSM release and
importing/tagging it in the vendor branch. This release will allow improved
auditing of a range of new FreeBSD functionality, as well as non-traditional
events (e.g., fine-grained I/O auditing) not required by the Orange Book or
Common Criteria.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, AFRL
MFC after: 3 weeks
We don't have enouch space to store full VFP context within mcontext
stucture. Due to this:
- follow i386/amd64 way and store VFP state outside of the mcontext_t
but point to it. Use the size of VFP state structure as an 'magic'
indicator of the saved VFP state presence.
- teach set_mcontext() about this external storage.
- for signal delivery, store VFP state to expanded 'struct sigframe'.
Submited by: Andrew Gierth (initial version)
PR: 217611
MFC after: 2 weeks
- in mcontext_t, rename newer used 'union __vfp' to equaly sized 'mc_spare'.
Space allocated by 'union __vfp' is too small and cannot hold full
VFP context.
- move structures defined in fp.h to more appropriate headers.
- remove all unused VFP structures.
MFC after: 2 weeks
Sync libarchive with vendor.
Vendor changes (FreeBSD-related):
- store extended attributes with extattr_set_link() if no fd is provided
- add extended attribute tests to libarchive and bsdtar
- fix tar's test_option_acls
- support the UF_HIDDEN file flag
X-MFC with: 315636
channel to a zygote process, rather than sending a function pointer or
service pointer. This avoids transfering pointers between address spaces,
which while robust in this case (due to the zygote being forked() from the
parent) is not generally a good idea, especially in the presence of
increasingly popular control-flow integrity and pointer protection
mitigation schemes. With this change, ping(8) and other sandboxed tools
using libcasper for DNS resolution now work on architectures with tagged
memory again.
Reviewed by: oshogbo
MFC after: 1 week
Sponsored by: DARPA, AFRL
*** CID 1372598: Null pointer dereferences (FORWARD_NULL)
/lib/libefivar/efivar-dp-parse.c: 3612 in UefiDevicePathLibConvertTextToDeviceNode()
Dereferencing null pointer "FromText".
When ported from Tiano core, I commented this out with an ifdef. That
was in error because we're supposed to fallback to a filepath when
nothing else patches. Instead, restore the original code, but fix
DevPathFromTextFilePath to cope with the conversion to narrow
strings. Also, fix the off-by-one error in the size of the memory it
allocates.
The off by one error is documented in Tiano core bug
https://bugzilla.tianocore.org/show_bug.cgi?id=441
CID: 1372598
Sponsored by: Netflix
Paper over a coverity issue:
*** CID 1372592: API usage errors (BAD_COMPARE)
/lib/libefivar/efivar-dp-parse.c: 2723 in DevPathFromTextiSCSI()
Truncating the result of "strcmp" to "unsigned short" may cause it
to be misinterpreted as 0. Note that "strcmp" may return an integer
besides -1, 0, or 1.
We do this by making StrCmp return either 0 or 1 for equal or
not-equal. There's a bug in the DevPathFromTextiSCSI cast of the
return value and this workaround will fix it without breaking other
users of StrCmp (all of which test for == 0).
https://bugzilla.tianocore.org/show_bug.cgi?id=440 has been filed
upstream to log this issue.
CID: 1372592
Sponsored by: Netflix
Implement a new init(8) option in /etc/ttys. If this option is present
on the entry in /etc/ttys, the entry will be active if and only if it
exists. If the name starts with a '/', it will be considered an
absolute path. If not, it will be a path relative to /dev.
This allows one to turn off video console getty that aren't present
(while running a getty on them even when they aren't the system
console). Likewise with serial ports.
It differs from onifconsole in only requiring the device exist rather
than it be listed as one of the system consoles.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D10037
If opendir succeeds but malloc fails, numitems was used uninitialized in
error handling under the 'fail' label. If it happened to have a non-zero
value, the NULL 'names' was dereferenced.
Reported by: Coverity
CIDs: 1329566, 1372625
Sponsored by: Dell EMC Isilon
to the user. There is currently no buffering, so the result may be
somewhat unpredictable if the conversation function adds a newline,
like openpam_ttyconv() does.
Clean up and simplify the environment handling code, which triggered
an inexplicable bug on some systems.
MFC after: 2 weeks
- Fix -Wunused warnings with *_native detection handlers by marking `kd`
__unused, except with arm/mips, where a slightly more complicated scheme
is required to handle the native case vs the non-native case.
- Fix -Wmissing-variable-declarations warnings by marking struct kvm_arch
objects static.
Differential Revision: D10071
MFC after: 1 week
Reviewed by: vangyzen
Tested with: WIP test code (D10024) // kgdb7121 (i386 crash/kernel on amd64)
Sponsored by: Dell EMC Isilon
Add the CLOCK_PROCESS_CPUTIME_ID and CLOCK_THREAD_CPUTIME_ID clock_id
values to the clock_gettime(2) man page. Reformat the excessively
long paragraph (sentence!) into a tag list.
Reported by: jilles in https://reviews.freebsd.org/D10020
MFC after: 3 days
Sponsored by: Dell EMC
defined in compiler-rt, but it has no option to silence its warning, so
make gcc warnings for libcompiler_rt non-fatal.
Noticed by: lwhsu
MFC after: 3 days
Return a NUL string instead of just working by accident with kvm_geterr(3)
when MALLOC_PRODUCTION is disabled (I didn't confirm the MALLOC_PRODUCTION
being enabled path).
Document the new explicit return behavior for kvm_geterr(3), as well
as the previous implicit behavior, i.e., the buffer attached to
returned via kvm_geterr(3) would be empty if a previous error hadn't been
stored in `kd`.
Differential Revision: D10022
MFC after: 1 week
Reviewed by: vangyzen
Sponsored by: Dell EMC Isilon
This is a painful change, but it is needed. On the one hand, we avoid
modifying them, and this slows down some ideas, on the other hand we still
eventually modify them and tools like netstat(1) never work on next version of
FreeBSD. We maintain a ton of spares in them, and we already got some ifdef
hell at the end of tcpcb.
Details:
- Hide struct inpcb, struct tcpcb under _KERNEL || _WANT_FOO.
- Make struct xinpcb, struct xtcpcb pure API structures, not including
kernel structures inpcb and tcpcb inside. Export into these structures
the fields from inpcb and tcpcb that are known to be used, and put there
a ton of spare space.
- Make kernel and userland utilities compilable after these changes.
- Bump __FreeBSD_version.
Reviewed by: rrs, gnn
Differential Revision: D10018
Since the uset can set dhcp.interface-mtu, we need to try to validate the
value. So we verify if the conversion to int is successful and we will not
allow to set value greater than max IPv4 packet size.
Also use snprintf for safety.
Reviewed by: allanjude, bapt
Approved by: allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D8492
Don't segfault in kvm_close(3) if provided a NULL pointer. Instead, return
-1 and set errno to EINVAL.
Document this new behavior explicitly.
MFC after: 1 week
Reviewed by: vangyzen
Sponsored by: Dell EMC Isilon
Differential Revision: D10065
This is being done to avoid potential double frees with the values.
Differential Revision: D9970
MFC after: 1 week
Reviewed by: imp
Sponsored by: Dell EMC Isilon
The failing test requires the zh_TW.Big5 locale, which is no longer
installed as of r315568.
Add a note/pointer just in case someone considers re-adding it.
Reported by: Jenkins
Sponsored by: Dell EMC Isilon
`error` is the accumulated error from previous close(2) calls.
This bug has been present since the libcall's import from 4.4BSD
Lite (r1573).
MFC after: 1 week
Noticed by: vangyzen (D10022)
Relnotes: yes
Sponsored by: Dell EMC Isilon
As noted by vangyzen, with a similar issue in D10022, the pointer portion of
the .Fa macro call is unnecessary, so remove the '*'.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
The commented out return value for kvm_getprocs(3) was misleading -- the
uncommented line is correct.
No content change
MFC after: 1 week
Sponsored by: Dell EMC Isilon
Add a clock_nanosleep() syscall, as specified by POSIX.
Make nanosleep() a wrapper around it.
Attach the clock_nanosleep test from NetBSD. Adjust it for the
FreeBSD behavior of updating rmtp only when interrupted by a signal.
I believe this to be POSIX-compliant, since POSIX mentions the rmtp
parameter only in the paragraph about EINTR. This is also what
Linux does. (NetBSD updates rmtp unconditionally.)
Copy the whole nanosleep.2 man page from NetBSD because it is complete
and closely resembles the POSIX description. Edit, polish, and reword it
a bit, being sure to keep any relevant text from the FreeBSD page.
Reviewed by: kib, ngie, jilles
MFC after: 3 weeks
Relnotes: yes
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D10020
It is O(n) in the length of the haystack (big) string, and has special
cases for short needle (little) strings, of one to four bytes, to avoid
excessive overhead.
There are a small set of nearly trivial cases where the startup overhead
of the musl implementation makes it slightly slower -- for example, a 31
byte needle that matches the beginning of the haystack. It's faster for
non-trivial cases, and significantly so for inputs that trigger worst-
case behaviour of the previous implementation. As an example, in my
tests a 16K needle that matches the end of a 64K haystack is nearly
2000x faster with this implementation.
Reviewed by: bapt (earlier), ed (earlier)
Obtained from: musl (snapshot at commit c718f9fc)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D2601
a separator between host and port, and using strchr() to search for it.
Rewrite fetch_resolve() so it handles bracketed literals correctly, and
remove similar code elsewhere to avoid passing unbracketed literals to
fetch_resolve(). Remove #ifdef INET6 so we still parse IP literals
correctly even if we do not have the ability to connect to them.
While there, fix an off-by-one error which caused HTTP 400 errors to be
misinterpreted as redirects.
PR: 217723
MFC after: 1 week
Reported by: bapt, bz, cem, ngie
D8376 extended softfloat/hardfloat support, but used a macro that never
actually gets set except in libc and msun's Makefile.inc. So libc and libm
got built correctly, but any program including fenv.h itself assumed it was
on a hardfloat systen and emitted inline fpu instructions for
fedisableexcept() and friends.
Using __mips_soft_float makes everything work in all cases, since it's a
compiler-internal macro that is always set correctly for the target
PR: 217845
Submitted by: Dan Nelson <dnelson_1901@yahoo.com>
MFC after: 1 week
Fix the regex used to find vmprot table entries and add the missing include.
This fixes kdumps output of PFLT arguments which would previously look like:
5202 101546 ktrace PFLT 0x5ae000 0x2<><invalid>2
They now display correctly:
5202 101546 ktrace PFLT 0x5ac000 0x2<VM_PROT_WRITE>
MFC after: 1 week
I noticed after commit that kvm_dpcpu_setcpu was defined in the manpage.
Thus, the correct macro for the function reference is .Fn, not .Xr.
MFC after: 1 week
X-MFC with: r315363
Sponsored by: Dell EMC Isilon
This is being done for the following reasons:
- kvm_open(3), etc says they will return NULL.
- NULL by definition is (void*)0 per POSIX, but can be redefined,
depending on the compiler, etc.
MFC after: 1 week
Sponsored by: Dell EMC Isilon
