12605 Commits

Author SHA1 Message Date
Mariusz Zaborski
abdfa0b19c Restrict stdin if it's not in use.
Reviewed by:	emaste, cem
Differential Revision:	https://reviews.freebsd.org/D8184
2016-10-07 19:02:13 +00:00
Mariusz Zaborski
a4e3fc54a0 Remove the duplicated code using Capsicum helpers.
Reviewed by:	cem, ed, bapt, emaste
Differential Revision	https://reviews.freebsd.org/D8140
2016-10-07 17:56:57 +00:00
Ed Maste
bbe31b709a Improvements to BSD-licensed DTC.
- Numerous crash and bug fixes
- Improved warning and error messages
- Permit multiple labels on nodes and properties
- Fix node@address references
- Add support for /delete-node/
- Consume whitespace after a node
- Read the next token before the second /memreserve/
- Fix parsing of whitespace
- Clean up /delete-node/ and add support for /delete-property/
- Handle /delete-node/ specifying a unit address

Obtained from:	https://github.com/davidchisnall/dtc @df5ede4
2016-10-07 12:57:35 +00:00
Baptiste Daroussin
bbf9a45630 localedef: Improve cc_list parsing
original commit log:
=====
I had originally suspected the parsing of ctype definition files as being
the source of the ctype flag mis-definitions, but it wasn't.  In the
process, I simplified the cc_list parsing so I'm committing the no-impact
improvement separately.  It removes some parsing redundancies and
won't parse partial range definitions anymore.
====

Submitted by:	marino
Obtained from:	Dragonfly
MFC after:	1 month
2016-10-06 19:51:30 +00:00
Baptiste Daroussin
c7edf4fd0b localedef: Fix ctype dump (fixed wide spread errors)
This commit is from John Marino in dragonfly with the following commit log:

====
This was a CTYPE encoding error involving consecutive points of the same
ctype.  It was reported by myself to Illumos over a year ago but I was
unsure if it was only happening on BSD.  Given the cause, the bug is also
present on Illumos.

Basically, if consecutive points were of the exact same ctype, they would
be defined as a range regardless.  For example, all of these would be
considered equivalent:

  <A> ... <C>, <H>  (converts to <A> .. <H>)
  <A>, <B>, <H>     (converts to <A> .. <H>)
  <A>, <J> ... <H>  (converts to <A> .. <H>)

So all the points that shouldn't have been defined got "bridged" by the
extreme points.

The effects were recently reported to FreeBSD on PR 213013.  There are
countless places were the ctype flags are misdefined, so this is a major
fix that has to be MFC'd.
====

This reveals a bad change I did on the testsuite: while 0x07FF is a valid
unicode it is not used yet (reserved for future use)

PR:		213013
Submitted by:	marino@
Reported by:	Kurtis Rader <krader@skepticism.us>
Obtained from:	Dragonfly
MFC after:	1 month
2016-10-06 19:46:43 +00:00
Conrad Meyer
38adbfe6b2 write(1): Capsicumify
Enter Capsicum capability sandbox pretty early in this setuid program.

Some minor modifications were needed to cache directory fds and use
relative lookups.

Rights restriction of the stdio descriptors is unfortunately pretty messy
because we need an ioctl capability not present in the current libcapsicum
helpers (FIODGNAME).

Reviewed by:	ed
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D7999
2016-10-06 14:55:15 +00:00
Ed Maste
4a1cdaba5f locate: ANSIfy 2016-10-06 13:37:46 +00:00
Ed Maste
d41042ad84 login: fix capitalization in errx messages
Reported by:	bde
2016-10-06 13:21:42 +00:00
Ed Maste
9ce3c6b09a Retire WITHOUT_ELFCOPY_AS_OBJCOPY option
In FreeBSD 11 ELF Tool Chain's elfcopy is installed as objcopy by
default, with the option to switch back to GNU objcopy by setting
WITHOUT_ELFCOPY_AS_OBJCOPY in make.conf.

We plan to remove the outdated in-tree binutils in FreeBSD 12, so
remove the temporary transition aid.

Reviewed by:	brooks, imp
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7337
2016-10-03 17:49:26 +00:00
Marcel Moolenaar
4ac1e8d30f Replace OFF_MAX with INT64_MAX. The former is defined on Linux. 2016-10-03 04:00:30 +00:00
Marcel Moolenaar
6b1235713e Prefer <stdint.h> over <sys/types.h>. While here remove redundant
inclusion of <sys/queue.h>.

Move the inclusion of the disk partitioning headers out of order
and inbetween standard headers and local header. They will change
in a subsequent commit.
2016-10-03 02:37:28 +00:00
Marcel Moolenaar
1080fb197b Replace STAILQ with TAILQ. TAILQs are portable enough that they can
be used on both macOS and Linux. STAILQs are not. In particular,
STAILQ_LAST does not next on Linux. Since neither STAILQ_FOREACH_SAFE
nor TAILQ_FOREACH_SAFE exist on Linux, replace its use with a regular
TAILQ_FOREACH. The _SAFE variant was only used for having the next
pointer in a local variable.
2016-10-03 01:46:47 +00:00
John Baldwin
dda41f2078 Don't declare the 'temp' timeval as static. 2016-10-01 22:17:40 +00:00
John Baldwin
54b10c9e17 Use timercmp() and timersub() in kdump.
Previously, kdump used the kernel-only timervalsub() macro which required
defining _KERNEL when including <sys/time.h>.  Now, kdump uses the existing
userland API.  The timercmp() usage to check for a backwards timestamp is
also clearer and simpler than the previous code which checked the result of
the subtraction for a negative value.

While here, take advantage of the 3-arg timersub() to store the subtraction
results in a tempory timeval instead of overwriting the timestamp in the
ktrace record and then having to restore it.
2016-10-01 22:12:33 +00:00
John Baldwin
406d2926f2 Expose kernel-only errno values if _WANT_KERNEL_ERRNO is defined.
The kernel uses a few negative errno values for internal conditions
such as requesting a system call restart.  Normally these errno values
are not exposed to userland.  However, kdump needs access to these
values as some of then can be present in a ktrace system call return
record.  Previously kdump was defining _KERNEL to gain access to ehse
values, but was then having to manually declare 'errno' (and doing it
incorrectly).  Now, kdump uses _WANT_KERNEL_ERRNO instead of _KERNEL
and uses the system-provided declaration of errno.
2016-10-01 22:08:07 +00:00
John Baldwin
8dec694290 Decode arguments to truncate and ftruncate.
In particular, decode the off_t argument as a 64-bit argument to fix
decoding for 32-bit processes.
2016-10-01 22:03:41 +00:00
John Baldwin
71ed318eb4 Handle 64-bit system call arguments (off_t, id_t).
In particular, 64-bit system call arguments use up two register_t
arguments for 32-bit processes.  They must also be aligned on a 64-bit
boundary on 32-bit powerpc processes.  This fixes the decoding of
lseek(), procctl(), and wait6() arguments for 32-bit processes (both
native and via freebsd32).

Note that the ktrace system call return record only returns a single
register, so the return value of lseek is always truncated to the low
32-bits for 32-bit processes.
2016-10-01 22:01:41 +00:00
Pedro F. Giffuni
758a3cff59 patch(1): make some macros look boolean.
Similar to r306560, plus remove an unused macro.

Suggested by:	jmallett
2016-10-01 20:46:01 +00:00
Pedro F. Giffuni
c7ef297a8e patch(1): make some macros look boolean.
Minor cleanup inspired by a new patch(1) variant in schily tools.

For reference:
https://sourceforge.net/p/schillix-on/

MFC after:	1 week
2016-10-01 20:31:00 +00:00
Ed Maste
6cd8c11ba5 primes: trivially capsicumize
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7982
2016-09-30 13:50:59 +00:00
Ed Maste
f987297fc9 Add a WITHOUT_DIALOG src.conf(5) knob
It also turns off dependencies (bsdinstall, bsdconfig, dpv, tzsetup).

Reviewed by:	dteske
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7969
2016-09-27 18:08:38 +00:00
Ruslan Bukin
60e5fa86df Increase timeout for legacy_test from 300 (default) to 600 seconds.
It takes about 7 minutes to pass the test on MIPS64EB in QEMU.

Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-09-26 13:59:18 +00:00
Marcel Moolenaar
7b5a53ea4d Portability changes:
1.  macOS nor Linux have MAP_NOCORE nor MAP_NOSYNC. Define as 0.
2.  macOS doesn't have SEEK_DATA nor SEEK_HOLE. Define as -1
    so that lseek will return -1 (with errno set to EINVAL).
3.  gcc correctly warns that error is assigned but not used in
    image_copyout_region().  Fix by returning on the first error.
2016-09-26 04:14:00 +00:00
Marcel Moolenaar
5aad7d9a87 Avoid depending on the <sys/endian.h> header for le*enc and be*enc.
Not only is the header unportable, the encoding/decoding functions
are as well.  Instead, duplicate the handful of small inlines we
need into a private header called endian.h.

Aside: an alternative approach is to move the encoding/decoding
functions to a separate system header.  While the header is still
nonportable, such an approach would make it possible to re-use the
definitions by playing games with include paths. This may be the
preferred approach if more (build) utilities need this.  This
change does not preclude that.  In fact, it makes it easier.
2016-09-26 01:06:32 +00:00
Marcel Moolenaar
4039ea7c9b Eliminate the use of EDOOFUS. The error code was used to signal
programming errors, but is really a poor substitute for assert.
And less portable as well.
2016-09-26 00:41:08 +00:00
Marcel Moolenaar
5a1302ab2e Replace the use of linker sets with constructors for both the
formats and schemes.  Formats and schemes are registered at
runtime now, rather than collected at link time.
2016-09-25 22:57:59 +00:00
Marcel Moolenaar
ac3425511d Update local variable 'block' after calling capacity_resize(),
otherwise format_resize(), which is called right after, isn't
getting the current/actual image size. Rather than rounding up,
format_resize() could end up truncating the size and we don't
allow that by design.

MFC after:	1 week
2016-09-24 17:29:27 +00:00
Bryan Drewery
304336144c DIRDEPS_BUILD: Connect new directories.
Sponsored by:	Dell EMC Isilon
2016-09-23 22:46:19 +00:00
Konstantin Belousov
7402f93ef2 Provide proccontrol(1), an utility to control processes behaviour, related
to procctl(2).

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2016-09-23 12:34:54 +00:00
Joseph Mingrone
fef8f03390 Add myself (jrm) to calendar.freebsd
Approved by:    swills (mentor)
2016-09-21 18:52:49 +00:00
Alan Somers
005156d7b3 Update mkimg(1) author's contact info
Reviewed by:	marcel, imp
MFC after:	3 days
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D7991
2016-09-21 18:42:17 +00:00
Ed Maste
9e8f606352 elfdump: limit STDIN to no rights rather than closing it
Closing stdin/stdout/stderr is often a bad idea as a future open()
can end up with its fd. Leave it open and limit it to no rights
instead.

Reviewed by:	cem
Differential Revision:	https://reviews.freebsd.org/D7984
2016-09-20 21:38:12 +00:00
Ed Maste
23648b7d73 bspatch: Remove backwards-compatibility sys/capability.h support
bspatch previously included sys/capability.h or sys/capsicum.h based
on __FreeBSD_version, as FreeBSD is the upstream for bsdiff and we may
see this file incorporated into other third-party software.

The Capsicum header is now installed as sys/capsicum.h in stable/10 and
FreeBSD 10.3, so we can just use sys/capsicum.h and simplify the logic.

Reviewed by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D7954
2016-09-20 15:13:15 +00:00
Conrad Meyer
d36899d10f Move sys/capsicum.h includes after types.h or param.h
This is not actually documented or even implied in style(9).  Make the change
to match convention.  Someone should document this convention in style(9).

Reported by:	jhb
Sponsored by:	EMC Dell Isilon
2016-09-19 20:43:03 +00:00
Pedro F. Giffuni
0c9426b684 hexdump(1): Simplify by using asprintf(3)
Instead of strlen() + calloc() + snprintf, just use asprintf().
No functional change.

Obtained from:	OpenBSD (CVS Rev. 1.22)
2016-09-19 18:35:22 +00:00
Conrad Meyer
10cc720c25 indent(1): Capsicumify
This is a nice and trivial program for sandboxing.  One input file, one
output file.

Reviewed by:	pfg
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D7920
2016-09-19 16:16:14 +00:00
Conrad Meyer
875cba632b tr(1): Capsicumify
This is a straightforward single input, single output program for
capsicum.

Reviewed by:	bapt
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D7928
2016-09-19 16:14:38 +00:00
Conrad Meyer
e75a7302d3 cmp(1): Capsicumify
Reviewed by:	allanjude, bapt, oshogbo
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D7912
2016-09-19 16:13:00 +00:00
Baptiste Daroussin
3ba0c99044 Revert capsicum support
In some corner case VFS lookup is not working and I do not have time to debug
it for now.
2016-09-19 06:39:11 +00:00
Enji Cooper
720ca50063 Fix typo introduced in r305949 with the stable/10 bootstrapping logic
The header is sys/capability.h, not sys/capabilities.h

X-MFC with:	r305949
Pointyhat to:	bapt
Reported by:	allanjude, Jenkins
Sponsored by: 	Dell EMC Isilon
2016-09-19 03:02:43 +00:00
Ed Maste
06403dbce5 elfdump: adjust stdout/stderr capabilities
stdio uses fstat and the TIOCGETA ioctl. Also collapse the
cap_rights_limit and new cap_ioctls_limit calls into one if statement.
Errors here are not actionable by the user and distinguishing stdout
from stderr doesn't really have value.

Reported by:	kib
Reviewed by:	allanjude, bapt
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D7944
2016-09-18 20:23:26 +00:00
Baptiste Daroussin
e645c6addb Simplify the fix for bootstrap tools
building head is not supported from prior to stable/10 where sys/capsicum.h was
named sys/capabilities.h

Reported by:	kib
2016-09-18 19:16:48 +00:00
Baptiste Daroussin
8197e93d39 Fix building as bootstrap tools on pre-capsicum.h systems 2016-09-18 18:49:18 +00:00
Baptiste Daroussin
160af93197 Better error checking
if getcwd fails: just ignore it and do not try to adding to the list of possible
path where to find the files.

if fdopen fails, warn and return NULL the rest of the code knows how to deal
with it

Reported by:	oshogbo
2016-09-18 18:03:06 +00:00
Baptiste Daroussin
b2c71bcefc style(9) fix
Reported by:	oshogbo
2016-09-18 17:56:14 +00:00
Baptiste Daroussin
d33dad44da Capsicum-ize tee(1)
Reviewed by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D7940
2016-09-18 16:34:40 +00:00
Baptiste Daroussin
224d9e3ed2 Capsicum-ize soelim(1).
As a trick to be able to access all files passed in arguments (readonly) within
the sandbox we first open the root directory, then consider all files as
relative to this file descriptor.

This might be improved once casper add supports for filesystem.

MFC after:	1 month
Reviewed by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D7936
2016-09-18 16:25:41 +00:00
Baptiste Daroussin
c59a0a34e8 Remove reference of z(s)diff which was dropped before importing 2016-09-18 10:06:35 +00:00
Warren Block
a63166d8fc Update history. Patch supplied by Sevan Janiyan <venture37@geeklan.co.uk>.
PR:		181390
Submitted by:	ksmakoto@dd.iij4u.or.jp
MFC after:	1 week
2016-09-16 14:23:16 +00:00
Ed Maste
6c6e388929 sdiff: improve errx string
errx() appends a newline so \n is superfluous. Also switch to lower case
with no period for consistency with other errx strings.
2016-09-15 02:48:56 +00:00