1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
where it never would work anyhow, such as csu or loader. This suggests
there may be better ways of adding support to the tree. Many of these
cases can be fixed such that -fPIE will work but there is really no
reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
really building libraries but have been using bsd.prog.mk because the code
is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
been needed.
We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.
Reported by: kib
dependent encoding) to NEWCONS (Unicode).
The file "LANG.map" is used to convert INDEX.keymaps. It has 3 columns:
- the language ID as used in the source file
- the language ID to be used in the generated file (e.g. "iw" -> "he")
- the encoding of the menu texts for this language
The conversion result is written to STDOUT.
The file "KBDFILES.map" is used to batch convert keymap files. It's
columns are:
- the encoding used for the keymap sounce file
- the name of the source file
- the name of the generated file
The output files are created in the TEMP sub-directory of the vt keymap
directory, in order to preserve (possibly uncommitted) keymap files in
/usr/src/share/vt/keymaps.
The convert-keymap.pl script can be directly executed by passing the
source file name and the encoding on the command line. It writes to
STDOUT and generates hex Unicode codepoints by default. (This can be
changed to decimal in the script.)
While written for the one-time conversion of the SYSCONS keymaps into
the format required for NEWCONS, I think these tools may be useful for
easy conversion of possible further SYSCONS keymap files, that have not
been committed to the source tree.
Mostly bugfixes or features developed in the past 6 months,
so this is a 10.1 candidate.
Basically no user API changes (some bugfixes in sys/net/netmap_user.h).
In detail:
1. netmap support for virtio-net, including in netmap mode.
Under bhyve and with a netmap backend [2] we reach over 1Mpps
with standard APIs (e.g. libpcap), and 5-8 Mpps in netmap mode.
2. (kernel) add support for multiple memory allocators, so we can
better partition physical and virtual interfaces giving access
to separate users. The most visible effect is one additional
argument to the various kernel functions to compute buffer
addresses. All netmap-supported drivers are affected, but changes
are mechanical and trivial
3. (kernel) simplify the prototype for *txsync() and *rxsync()
driver methods. All netmap drivers affected, changes mostly mechanical.
4. add support for netmap-monitor ports. Think of it as a mirroring
port on a physical switch: a netmap monitor port replicates traffic
present on the main port. Restrictions apply. Drive carefully.
5. if_lem.c: support for various paravirtualization features,
experimental and disabled by default.
Most of these are described in our ANCS'13 paper [1].
Paravirtualized support in netmap mode is new, and beats the
numbers in the paper by a large factor (under qemu-kvm,
we measured gues-host throughput up to 10-12 Mpps).
A lot of refactoring and additional documentation in the files
in sys/dev/netmap, but apart from #2 and #3 above, almost nothing
of this stuff is visible to other kernel parts.
Example programs in tools/tools/netmap have been updated with bugfixes
and to support more of the existing features.
This is meant to go into 10.1 so we plan an MFC before the Aug.22 deadline.
A lot of this code has been contributed by my colleagues at UNIPI,
including Giuseppe Lettieri, Vincenzo Maffione, Stefano Garzarella.
MFC after: 3 days.
Remove the .t wrappers
Rename all of the TAP test applications from test-<test> to
<test>_test to match the convention described in the TestSuite
wiki page
humanize_number_test.c:
- Fix -Wformat warnings with counter variables
- Fix minor style(9) issues:
-- Header sorting
-- Variable declaration alignment/sorting in main(..)
-- Fit the lines in <80 columns
- Fix an off by one index error in the testcase output [*]
- Remove unnecessary `extern char * optarg;` (this is already provided by
unistd.h)
Phabric: D555
Approved by: jmmv (mentor)
MFC after: 2 weeks
Obtained from: EMC / Isilon Storage Division [*]
Submitted by: Casey Peel <cpeel@isilon.com> [*]
Sponsored by: EMC / Isilon Storage Division
The new code uses a "test discovery mechanism" to determine
what tests are available for execution
The test shell can be specified via:
kyua test -v test_suites.FreeBSD.bin.sh.test_shell=/path/to/test/sh
Sponsored by: EMC / Isilon Storage Division
Approved by: jmmv (mentor)
Reviewed by: jilles (maintainer)
submitted via r268811
- Install the Kyuafile by adding FILES to FILESGROUPS
- Run the testcases with an unprivileged user
Some of the testcases depend upon behavior that's broken when
run as root on FreeBSD because of how permissions are treated
with access(2) vs eaccess(2), open(2), etc
- Simplify the test driver to just inspect the exit code from
run_test because it now exits with 0 if successful and exits
with !0 if unsuccessful
- Don't do ad hoc temporary directory creation/deletion; let Kyua
handle that
- Add entries for files removed in r268811 to
OptionalObsoleteFiles.inc
PR: 191020
X-MFC with: r268811
Approved by: jmmv (mentor)
Reviewed by: bapt
Sponsored by: EMC / Isilon Storage Division
* Add AR9287 and AR9331 chipset support - it just uses the AR5416 support
for now so some of the register mappings are wrong, but it works well
enough.
* don't call exit() from opmark().
Rename all of the TAP test applications from <test> to <test>_test
to match the convention described in the TestSuite wiki page
Phabric: D538
Approved by: jmmv (mentor)
Sponsored by: EMC / Isilon Storage Division
- Make sure the tests go into the right directory. The location was
wrong so they were overwriting the bin/chown tests!
- Use the right naming scheme for the test program.
- Remove the svn:executable property from the shell script.
variants. This allows usable file system images (i.e. those with both a
shell and an editor) to be created with only one copy of the curses library.
Exp-run: antoine
PR: 189842
Discussed with: bapt
Sponsored by: DARPA, AFRL
This is a redo of r267424, which was reverted in r267432 because it broke
"make buildworld" from FreeBSD 9.x. This issue has been resolved and this
change is still "make tinderbox" clean.
At least one test doesn't work yet without gcc, however gcc is
not always available in base. Using the environment compiler
is more trustable and will also work with an external compiler.
Reviewed by: markj
MFC after: 3 days
statically linked into consumers (GDB and variants) in the base
system, and the shared library is no longer installed.
That also allows ports to be able to use a modern version of readline
PR: 162948
Reviewed by: emaste
The test locale1.0 depends on locale support; it is meaningless without a
working LC_MESSAGES.
I added an OptionalObsoleteFiles.inc entry.
PR: 181151
Submitted by: Garrett Cooper (original version)
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
This includes:
o All directories named *ia64*
o All files named *ia64*
o All ia64-specific code guarded by __ia64__
o All ia64-specific makefile logic
o Mention of ia64 in comments and documentation
This excludes:
o Everything under contrib/
o Everything under crypto/
o sys/xen/interface
o sys/sys/elf_common.h
Discussed at: BSDcan
use dedicated kernel files with some local settings
use mkimg for ISO building
put images into separate directory and rename them for better consistency
The _SUPPORT knobs have a consistent meaning which differs from the
behaviour controlled by this knob. As the knob is opt-out and has not
appeared in a release the impact should be low.
Suggested by: imp, wblock
MFC after: 1 week
* Add special case handling where normal conversion would not work
(some APIs have special names)
* Fix conversion for function calls involving ifnet
Submitted by: Sreekanth Rupavatharam <rupavath@juniper.net>
Obtained from: Juniper Networks, Inc.