Leaf directories that have dependencies impacted
by options need a Makefile.depend.options file
to avoid churn in Makefile.depend
DIRDEPS for cases such as OPENSSL, TCP_WRAPPERS etc
can be set in local.dirdeps-options.mk
which can add to those set in Makefile.depend.options
See share/mk/dirdeps-options.mk
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22469
TP points to the start of the TLS block after the tcb, but
Obj_Entry.tlsoffset includes the tcb, so subtract the size of the tcb
to compute the offset relative to TP.
This is identical to the same fixes for powerpc in r339072 and r342671.
Reviewed by: James Clarke
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D22661
o Remove All Rights Reserved from my notices
o imp@FreeBSD.org everywhere
o regularize punctiation, eliminate date ranges
o Make sure that it's clear that I don't claim All Rights reserved by listing
All Rights Reserved on same line as other copyright holders (but not
me). Other such holders are also listed last where it's clear.
Before this commit, the save-entropy script rotates entropy files
like logs. This involves creating a new file that holds the entropy
and renaming of all existing entropy files. However, the entropy
data do not really need to be kept in a particular order, and
replacing the oldest file is sufficient.
This commit replaces the rotation with a scan in the
[1..entropy_save_num] space that finds the first empty slot, or
the slot of the oldest file, and writes entropy into that slot.
This also fixes an issue that prevents save-entropy from saving
any entropy when there is one non-regular file in any slot as a
side effect.
Based on an earlier patch from peterj@.
PR: 134225
Reported by: peterj
Reviewed by: csprng (cem, markm)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D22612
When a system has no internet connection, or when it is configured to obtain
ntpd leapfiles from some source other than the internet, or even when the
sysadmin has decided for some reason to customize ntp.conf to eliminate use
of the leapfile, the rc.d/ntpd script emits various error messages related
to the file.
This change allows setting the rc var ntp_db_leapfile to NONE to disable all
automatic processing related to that file in rc.d/ntpd.
Differential Revision: https://reviews.freebsd.org/D22461
Four bytes of padding are needed in the regular powerpc case to bring the
stack frame size up to a multiple of 16 bytes to meet ABI requirements.
Fixes odd hangs I was encountering during testing.
Summary:
We need to save off the full 64-bit register, not just the low 32 bits,
of all registers getting saved off in _rtld_bind_start. Additionally,
we need to save off the other SPE registers (SPEFSCR and accumulator),
so that their program state is not affected by the PLT resolver.
Reviewed by: bdragon
Differential Revision: https://reviews.freebsd.org/D22520
Each boot, regenerate /var/run/os-release based on the currently running
system. Create a /etc/os-release symlink pointing to this file (so that this
doesn't create a new reason /etc can not be mounted read-only).
This is compatible with what other systems do and is what the sysutil/os-release
port attempted to do, but in an incomplete way. Linux, Solaris and DragonFly all
implement this natively as well. The complete standard can be found at
https://www.freedesktop.org/software/systemd/man/os-release.html
Moving this to the base solves both the non-standard location problem with the
port, as well as the lack of update of this file on system update.
Bump __FreeBSD_version to 1300060
PR: 238953
Differential Revision: https://reviews.freebsd.org/D22271
FreeBSDlua ("flua") is a FreeBSD-private lua, flavored with whatever
extensions we need for base system operations. We currently support a subset
of lfs and lposix that are used in the rewrite of makesyscall.sh into lua,
added in r354786.
flua is intentionally written such that one can install standard lua and
some set of lua modules from ports and achieve the same effect.
linit_flua is a copy of linit.c from contrib/lua with lfs and lposix added
in. This is similar to what we do in stand/. linit.c has been renamed to
make it clear that this has flua-specific bits.
luaconf has been slightly obfuscated to make extensions more difficult. Part
of the problem is that flua is already hard enough to use as a bootstrap
tool because it's not in PATH- attempting to do extension loading would
require a special bootstrap version of flua with paths changed to protect
the innocent.
src.lua.mk has been added to make it easy for in-tree stuff to find flua,
whether it's bootstrap-flua or relying on PATH frobbing by Makefile.inc1.
Reviewed by: brooks, emaste (both earlier version), imp
Differential Revision: https://reviews.freebsd.org/D21893
to disable mounting Linux-specific filesystems under /compat/linux
when 'linux_enable' is set to YES.
Reviewed by: netchild, ian (earlier version)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D22320
Alter bsd.compat.mk to set MACHINE and MACHINE_ARCH when included
directly so MD paths in Makefiles work. In the process centralize
setting them in LIBCOMPATWMAKEENV.
Alter .PATH and CFLAGS settings in work when the Makefile is included.
While here only support LIB32 on supported platforms rather than always
enabling it and requiring users of MK_LIB32 to filter based
TARGET/MACHINE_ARCH.
The net effect of this change is to make Makefile.libcompat only build
compatability libraries.
Changes relative to r354449:
Correct detection of the compiler type when bsd.compat.mk is used
outside Makefile.libcompat. Previously it always matched the clang
case.
Set LDFLAGS including the linker emulation for mips where -m32 seems to
be insufficent.
Reviewed by: imp, kib (origional version in r354449)
Obtained from: CheriBSD (conceptually)
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22251
Alter bsd.compat.mk to set MACHINE and MACHINE_ARCH when included
directly so MD paths in Makefiles work. In the process centralize
setting them in LIBCOMPATWMAKEENV.
Alter .PATH and CFLAGS settings in work when the Makefile is included.
While here only support LIB32 on supported platforms rather than always
enabling it and requiring users of MK_LIB32 to filter based
TARGET/MACHINE_ARCH.
The net effect of this change is to make Makefile.libcompat only build
compatability libraries.
Reviewed by: imp, kib
Obtained from: CheriBSD (conceptually)
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D22251
Previously the watchdog timeout message was appended to the last entry
in the "Waiting for PIDS" list, resulting in a message like
Waiting for PIDS: 31299 31296 90201 9020090 second watchdog timeout
expired. Shutdown terminated.
Print a newline to separate the watchdog timeout message. Also perform
the kill before logging or echoing the message.
PR: 241072
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
This change allows to specify a watchdog(9) timeout for a system
shutdown. The timeout is activated when the watchdogd daemon is
stopped. The idea is to a prevent any indefinite hang during late
stages of the shutdown. The feature is implemented in rc.d/watchdogd,
it builds upon watchdogd -x option.
Note that the shutdown timeout is not actiavted when the watchdogd
service is individually stopped by an operator. It is also not
activated for the 'shutdown' to the single-user mode. In those cases it
is assumed that the operator knows what they are doing and they have
means to recover the system should it hang.
Significant subchanges and implementation details:
- the argument to rc.shutdown, completely unused before, is assigned to
rc_shutdown variable that can be inspected by rc scripts
- init(8) passes "single" or "reboot" as the argument, this is not
changed
- the argument is not mandatory and if it is not set then rc_shutdown is
set to "unspecified"
- however, the default jail management scripts and jail configuration
examples have been updated to pass "jail" to rc.shutdown, just in case
- the new timeout can be set via watchdogd_shutdown_timeout rc option
- for consistency, the regular timeout can now be set via
watchdogd_timeout rc option
- watchdogd_shutdown_timeout and watchdogd_timeout override timeout
specifications in watchdogd_flags
- existing configurations, where the new rc options are not set, should
keep working as before
I am not particularly wed to any of the implementation specifics.
I am open to changing or removing any of them as long as the provided
functionality is the same (or very close) to the proposed one.
For example, I think it can be implemented without using watchdogd -x,
by means of watchdog(1) alone. In that case there would be a small
window between stopping watchdogd and running watchdog, but I think that
that is acceptable.
Reviewed by: bcr (man page changes)
MFC after: 5 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D21221
'sysvipc' - it has nothing to do with ABIs, and I'd like to later
rename 'abi' to 'linux', which better describes its purpose and also
matches the rcvar name.
Reviewed by: emaste
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D21615
has become very trigger-happy with libc++ 9.0.0.
It does not help that gcc's implementation of this warning is even more
trigger-happy, in the sense that it already warns on the declaration
itself, not when you are using it. This is very annoying with our use
of -Wsystem-headers. That should really be disabled for gcc.
After the aux vector is moved, it is necessary to re-digest aux_info so the
pointers are updated to the new locations.
This was causing thread creation to fail on powerpc64 when using direct
execution due to a nonsense value being read for aux_info[AT_STACKPROT].
Approved by: jhibbits (mentor)
Differential Revision: https://reviews.freebsd.org/D21656
std::auto_ptr in a whole bunch of individual Makefiles, make the warning
globally non-fatal instead. This is similar to what was done to many
more non-fatal warnings from newer gcc versions.
A user may set ${name}_env variable in rc.conf(5) in order to set additional
environment variables for a service command. Unfortunately, at the moment
this variable is only honored when the command is specified via the command
variable. Those additional environment variables coming from ${name}_env
are never set if the service is started via the ${rc_arg}_cmd variable (for
example start_cmd).
PR: 239692
Reviewed by: bcr, jilles
Approved by: src (jilles)
Differential Revision: https://reviews.freebsd.org/D21228
It doesn't need to be in runtime and might help people who want to
experiment with other rc system or don't use one (like in small
embedded mfsroot).
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21499
In the past, this allocator seems to have allocated things larger than
a page seperately. Much of this code was removed at some point (perhaps
along with sbrk() used) so remove the rest. Instead, keep allocating in
power-of-two bins up to FIRST_BUCKET_SIZE << (NBUCKETS - 1). If we want
something more efficent, we should use a fancier allocator.
While here, remove some vestages of sbrk() use. Most importantly, don't
try to page align the pagepool since it's always page aligned by mmap().
Reviewed by: kib
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21453
In Seventh Edition UNIX, the last pointer passed to free() was
guaranteed to not actually have been freed allowing memory to be
"compacted" via the following pattern:
free(foo);
foo = realloc(foo, newsize);
Further, Andrew Koenig reports in "C Traps and Pitfalls" that the
original realloc() implementation required this pattern.
The C standard is clear that this is Undefined Behavior. Modern
allocators don't support it and no portable code could rely on it so
remove this support.
Note: the removed implementation contains an off-by-one error and if
an item isn't found on the freelist, then twice as much memory as the
largest possible allocation will be copied.
Reviewed by: kib, imp
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21296
Instead of restoring the saved values of argc, argv and envp,
these must be loaded from the stack that _rtld() modifies.
This fixes rtld direct exec mode.
E.g.: /libexec/ld-elf.so.1 /bin/ls
Reviewed by: jhibbits
Differential Revision: https://reviews.freebsd.org/D21131
First, amd64 version of the script cannot work at least due to the
wrong architecture specification. Second, kernel can activate shared
objects for long time, due to PIE support.
It seems the intent was to allow ld-elf.so.1 to be build and used as
an executable. Since we have direct exec mode implemented for dso
ld-elf.so.1, the non-functional and commented out scripts can be
finally removed.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Update login(1), its manual pages, similar utilities, and motd.5 to refer to
the new location.
Suggested by: delphij@ (re: r349256)
Reviewed by: bcr (manpages), delphij
Differential Revision: https://reviews.freebsd.org/D20721
Move the bluetooth related files from FreeBSD-runtime to a new package named
FreeBSD-bluetooth
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and bluetooth isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20959
In 2013 the security chapter of the Handbook was updated in r42501 to
suggest limiting access to the system accounting file [*1] by creating the
initial file with a mode of 0600. This was in part based on a discussion in
the forums [*2]. Unfortunately, this advice is overridden by the fact that a
new file is created as part of periodic daily processing, and the file mode
is set by the rc.d/accounting script.
These changes update the accounting script to create the directory with mode
0750 if it doesn't already exist, and to create the daily file with mode
0640. This limits write access to root only, read access to root and members
of wheel, and eliminates world access completely. For admins who want to
prevent even members of wheel from accessing the files, the mode of the
/var/account directory can be manually changed to 0700, because the script
never creates or changes that directory if it already exists.
The accounting_rotate_log() function now also handles the error cases of no
existing log file to rotate, and attempting to rotate the file multiple
times (.0 file already exists).
Another small change here eliminates the complexity of the mktemp/chmod/mv
sequence for creating a new acct file by using install(1) with the flags
needed to directly create the file with the desired ownership and
modes. That allows coalescing two separate if checkyesno accounting_enable
blocks into one.
These changes were inspired by my investigation of PR 202203.
[1] https://www.freebsd.org/doc/handbook/security-accounting.html
[2] http://forums.freebsd.org/showthread.php?t=41059
PR: 202203
Differential Revision: https://reviews.freebsd.org/D20876
I found this on one of the CheriBSD Jenkins builders. Using
beforelinking instead of ${PROG} should fix the dependency for the
DEBUG_FILES case.
Reviewed by: brooks
Currently RTLD is linked against libc_nossp_pic which means that any libc
symbol used in rtld can pull in a lot of depedencies. This was causing
symbol such as __libc_interposing and all the pthread stubs to be included
in RTLD even though they are not required. It turns out most of these
dependencies can easily be avoided by providing overrides inside of rtld.
This change is motivated by CHERI, where we have an experimental ABI that
requires additional relocation processing to allow the use of function
pointers inside of rtld. Instead of adding this self-relocation code to
RTLD I attempted to remove most function pointers from RTLD and discovered
that most of them came from the libc dependencies instead of being actually
used inside rtld.
A nice side-effect of this change is that rtld is now 22% smaller on amd64.
text data bss dec hex filename
0x21eb6 0xce0 0xe60 145910 239f6 /home/alr48/ld-elf-x86.before.so.1
0x1a6ed 0x728 0xdd8 113645 1bbed /home/alr48/ld-elf-x86.after.so.1
The number of R_X86_64_RELATIVE relocations that need to be processed on
startup has also gone down from 368 to 187 (almost 50% less).
Reviewed By: kib
Differential Revision: https://reviews.freebsd.org/D20663
Summary:
PowerPC has two PLT models: BSS-PLT and Secure-PLT. BSS-PLT uses runtime
code generation to generate the PLT stubs. Secure-PLT was introduced with
GCC 4.1 and Binutils 2.17 (base has GCC 4.2.1 and Binutils 2.17), and is a
more secure PLT format, using a read-only linkage table, with the dynamic
linker populating a non-executable index table.
This is the libc, rtld, and kernel support only. The toolchain and build
parts will be updated separately.
Reviewed By: nwhitehorn, bdragon, pfg
Differential Revision: https://reviews.freebsd.org/D20598
MFC after: 1 month
Use appropriate fsyncs to persist the rewritten /etc/motd file, when a
rewrite is performed.
Reported by: Jonathan Walton <jonathan AT isilon.com>
Reviewed by: allanjude, vangyzen
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D20701
The logic I originally wrote to detect whether a driftfile option was in the
set of flags was based on the result of removing the pattern *flag* being an
empty string. That didn't handle the case where the string was empty to
begin with. Doh! So now it also specifically checks for an empty string.
The result of the bad check was that ntpd would run without a driftfile, but
it would do so only if it was running as root instead of the non-priveleged
ntpd user, which isn't a typical case. Ntpd runs fine without a driftfile,
although it does take it longer to stabilize the clock frequency at startup.
Reported by: avg@
Pointy hat: ian@
MFC after: some testing
Tag saved entropy files as "nodump," to signal that the files should not be
backed up by dump(8) or other automated backup software that honors the file
flag.
Do not produce an error if the target file resides on a filesystem that does
not support file flags (e.g., msdos /boot).
Reviewed by: delphij
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D20358
- Remove an extra space after "usage:".
- Avoid lines exceeding 80 columns.
Based on notes from rgrimes.
MFC with: r348066
Event: Waterloo Hackathon 2019
There were several (apparently) copy-pasted NEED validation macros,
leading to the same error string for different issues. Change the
YP and NTP tags so they are distinct.
PR: 30863
Submitted by: Dan Lukes <dan@obluda.cz>
Reviewed by: markj
MFC after: 1 week
Event: Waterloo Hackathon 2019
ed(4) and ep(4) have been removed. fxp(4) remains popular in older
systems, but isn't as future proof as em(4).
Reviewed by: bz, jhb
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D20311
Use roundup2() and rounddown2() instead of inlining them.
Get rid of the fd local variable, use literal -1 for the mmap argument.
Use MAP_FAILED as mmap(2) failure indicator.
After that, apply some style.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
kern_execve() locks text vnode exclusive to be able to set and clear
VV_TEXT flag. VV_TEXT is mutually exclusive with the v_writecount > 0
condition.
The change removes VV_TEXT, replacing it with the condition
v_writecount <= -1, and puts v_writecount under the vnode interlock.
Each text reference decrements v_writecount. To clear the text
reference when the segment is unmapped, it is recorded in the
vm_map_entry backed by the text file as MAP_ENTRY_VN_TEXT flag, and
v_writecount is incremented on the map entry removal
The operations like VOP_ADD_WRITECOUNT() and VOP_SET_TEXT() check that
v_writecount does not contradict the desired change. vn_writecheck()
is now racy and its use was eliminated everywhere except access.
Atomic check for writeability and increment of v_writecount is
performed by the VOP. vn_truncate() now increments v_writecount
around VOP_SETATTR() call, lack of which is arguably a bug on its own.
nullfs bypasses v_writecount to the lower vnode always, so nullfs
vnode has its own v_writecount correct, and lower vnode gets all
references, since object->handle is always lower vnode.
On the text vnode' vm object dealloc, the v_writecount value is reset
to zero, and deadfs vop_unset_text short-circuit the operation.
Reclamation of lowervp always reclaims all nullfs vnodes referencing
lowervp first, so no stray references are left.
Reviewed by: markj, trasz
Tested by: mjg, pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 month
Differential revision: https://reviews.freebsd.org/D19923
- Remove dead and most likely rotten MALLOC_DEBUG, MSTAT, and RCHECK options.
- Remove unused headers.
- Remove one case of undefined behavior where left shift could overflow.
It is impossible on practice for rtld and libthr consumer.
PR: 237577
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Since inits for the main binary are run from rtld (for some time), the
rtld_exit atexit(3) handler, which is passed from rtld to the program
entry and installed by csu, is installed after any atexit(3) handlers
installed by main binary constructors. This means that rtld_exit() is
fired before main binary handlers.
Typical C++ static constructors are executed from init (either binary
or libs) but use atexit(3) to ensure that destructors are called in
the right order, independent of the linking order. Also, C++
libraries finalizers call __cxa_finalize(3) to flush library'
atexit(3) entries. Since atexit(3) entry is cleared after being run,
this would be mostly innocent, except that, atexit(rtld_exit) done
after main binary constructors, makes destructors from libraries
executed before destructors for main.
Fix by reordering atexit(rtld_exit) before inits for main binary, same
as it happened when inits were called by csu. Do it using new private
libc symbol with pre-defined ABI.
Reported. tested, and reviewed by: kan
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
This causes some increase of the dynamic linker size, but benefits of
avoiding compiling private copy or the linker when debugging is
required. definitely worth it.
The dbg() calls can be compiled out by defining LD_NO_DEBUG symbol.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Since r233109, kldload has the -n option, which silently ignores options
that are already loaded.
https://lists.freebsd.org/pipermail/freebsd-rc/2018-December/003899.html
Note that this script no longer reports if the module is already loaded,
but it could be argued this wasn't particularly useful information.
PR: docs/234248
Reviewed by: bcr (docs), kib, rgrimes (visual)
Approved by: jilles
Differential Revision: https://reviews.freebsd.org/D18670
ifconfig(8) syntax allows to specify only single address_family,
so we need additional invocation of ifconfig to support configuration
of cloned gif interface that may use different address families
for its internal and external addresses.
Also, ifconfig(8) does not allow to omit "inet6" keyword for address family
specifying IPv6 addresses as outer addresses of the interface.
Also, address_family is not "parameter" and it has to go before parameters
including "tunnel" keyword, so "ifconfig gif0 tunnel inet6 $oip1 $oip2" would be
wrong syntax and only "ifconfig gif0 inet6 tunnel $oip1 $oip2" is right.
With this change, the following works:
gifconfig_gif0="inet6 2a00::1 2a01::1"
ifconfig_gif0="inet 10.0.0.1 10.0.0.2 netmask 255.255.255.252"
MFC after: 2 weeks
The goal of saving entropy in Fortuna is two-fold: (1) to provide early
availability of the random device (unblocking) on next boot; and (2), to
have known, high-quality entropy available for that initial seed. We know
it is high quality because it's output taken from Fortuna.
The FS&K paper makes it clear that Fortuna unblocks when enough bits have
been input that the output //may// be safely seeded. But they emphasize
that the quality of various entropy sources is unknown, and a saved entropy
file is essential for both availability and ensuring initial
unpredictability.
In FreeBSD we persist entropy using two mechanisms:
1. The /etc/rc.d/random shutdown() function, which is used for ordinary
shutdowns and reboots; and,
2. A cron job that runs every dozen minutes or so to persist new entropy, in
case the system suffers from power loss or a crash (bypassing the
ordinary shutdown path).
Filesystems are free to cache dirty data indefinitely, with arbitrary flush
policy. Fsync must be used to ensure the data is persisted, especially for
the cron job save-entropy, whose entire goal is power loss and crash safe
entropy persistence.
Ordinary shutdown may not need the fsync because unmount should flush out
the dirty entropy file shortly afterwards. But it is always possible power
loss or crash occurs during the short window after rc.d/random shutdown runs
and before the filesystem is unmounted, so the additional fsync there seems
harmless.
PR: 230876
Reviewed by: delphij, markj, markm
Approved by: secteam (delphij)
Differential Revision: https://reviews.freebsd.org/D19742
If dso uses initial exec TLS mode, rtld tries to allocate TLS in
static space. If there is no space left, the dlopen(3) fails. If space
if allocated, initial content from PT_TLS segment is distributed to
all threads' pcbs, which was missed and caused un-initialized TLS
segment for such dso after dlopen(3).
The mode is auto-detected either due to the relocation used, or if the
DF_STATIC_TLS dynamic flag is set. In the later case, the TLS segment
is tried to allocate earlier, which increases chance of the dlopen(3)
to succeed. LLD was recently fixed to properly emit the flag, ld.bdf
did it always.
Initial test by: dumbbell
Tested by: emaste (amd64), ian (arm)
Tested by: Gerald Aryeetey <aryeeteygerald_rogers.com> (arm64)
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D19072
allocate_tls_offset returns true on success. The same issue existed
on arm and was fixed in r345693.
PR: 236880
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
allocate_tls_offset returns true on success. This still needs more
testing and review, but this change is consistent with other archs.
PR: 236880
Reported by: Andrew Gierth <andrew@tao11.riddles.org.uk>
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
r345620 by kib@ fixed the rtld issue that caused a crash at startup
during resolution of libc's ifuncs with BIND_NOW.
PR: 233333
Sponsored by: The FreeBSD Foundation
modules by declaring corresponding variables in rc.conf. Also document
them in rc.conf(5).
Submitted by: Dries Michiels
Differential Revision: https://reviews.freebsd.org/D19673
It seems my subconcious plan in r345088 to not only prefer IPv6 autoconf
but to also slowly deteriorate legacy IP auto-configuration was uncovered
way too early.
In case IPv6 is a thing yet ipv6_autoconfif was not true, we would not
bring up the interface yet tell the follow-up DHCPv4 configuration in
ifconfig_up() that we did. So unless you were doing SYNCDHCP or IPv6
you would not get legacy-IP DHCPv4 configuration.
I see multiple problems here: (a) people not yet using IPv6 (obviously a
problem), and (b) the dhclient startup script not running dhclient in
that case despite configured to do so (needs to be investigated seperately).
Reported by: Pawel Biernacki (pawel.biernacki gmail.com)
Tested by: Pawel Biernacki
Differential Revision: https://reviews.freebsd.org/D19488
Pointyhat to: bz (not sure if it is for breaking or
for letting them notice it so easily)
Before this change we would only run rtsol on an interface which was
set to accept_rtadv and did not have rtsold enabled. This change
removes the latter condition and always runs rtsol (rather than the
deferred rtsold) to reduce the delay until we send the first RS.
This change will also handle the accept_rtadv before dhcp hence
starting IPv6 auto-configuration before IPV4 DHCP.
This change is intended for FreeBSD 13 and later only and will not be MFCed.
Reviewed by: hrs
Differential Revision: https://reviews.freebsd.org/D19488
FreeBSD removed the default /etc/pf.conf file in previous releases, but
the documentation kept mentioning it like any other file present in the
system. Change pf.conf(5) to mention in the description of the default
ruleset location that this file needs to be created manually. Also, the
default rc.conf file had it's comment extended a bit to let people know
that this file does not exist by default.
PR: 231977
Submitted by: koobs@
Reviewed by: kp@, 0mp@
Approved by: kp@
MFC after: 10 days
Differential Revision: https://reviews.freebsd.org/D19530
is specified.
When WITHOUT_IPFILTER is specified, delete-old-files fails to delete
the optional rc.d files from above. Fix this.
WITHOUT_IPFILTER fails to delete the ipfilter.5 optional file during
delete-old-files. Fix this.
Reported by: Dmitry Luhtionov <dmitryluhtionov@gmail.com>
MFC after: 1 week
When piping to awk, it's almost always an anti-pattern to use 'grep'
first.
When not in a pipeline, sometimes it is faster to use tail, as awk
must process all the lines in the input stream, and won't 'seek'.
In a pipeline, both grep and awk must process all lines, so we might
as well skip the extra process creation for tail and just use awk
for all the processing.
Reviewed by: jilles
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D19441
Specifically, this allows (via "-V vhostname") telling nfsd what principal
to use, instead of the hostname. This is used at iXsystems for fail-over in
HA systems.
Reviewed by: macklem
Sponsored by: iXsystems Inc.
Differential Revision: https://reviews.freebsd.org/D19191
Building binaries as PIE allows the executable itself to be loaded at a
random address when ASLR is enabled (not just its shared libraries).
With this change PIE objects have a .pieo extension and INTERNALLIB
libraries libXXX_pie.a.
MK_PIE is disabled for some kerberos5 tools, Clang, and Subversion, as
they explicitly reference .a libraries in their Makefiles. These can
be addressed on an individual basis later. MK_PIE is also disabled for
rtld-elf because it is already position-independent using bespoke
Makefile rules.
Currently only dynamically linked binaries will be built as PIE.
Discussed with: dim
Reviewed by: kib
MFC after: 1 month
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D18423
There are many cases which this code does not handle (e.g. ZFS mirrors)
but the code can handle the single-disk case -- so it's enough to take
care of the "disk image which gets booted into a VM with a larger than
expected disk" case for which this firstboot script was created.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D19095
This allows to reuse the allocator in other environments that get
malloc(3) and related functions from libc or interposer.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D18988
They will stop it automatically ('Interface wlan0 is down,
dhclient exiting'); use /etc/rc.d/dhclient stop command only when
none of them is used.
MFC after: 5 days
removed as part of r341441.
This call to reloc_non_plt() may crash if ifunc resolvers use the
needed libraries symbols since the pass over the needed libs
relocation is not yet done. The change in r341441 ensures the right
relocation order otherwise.
Submitted by: theraven
MFC after: 1 week
Discussed in: https://reviews.freebsd.org/D17529
The buffer allocated in read_chat() could be 1 element too short, if the
chatstr parameter passed in is 1 or 3 charachters long (e.g. "a" or "a b").
The allocation of the pointer array does not account for the terminating
NULL pointer in that case.
Overlapping source and destination strings are undefined in strcpy().
Instead of moving a string to the left by one character just increment the
char pointer before it is assigned to the results array.
MFC after: 2 weeks
Summary: reloc_jmpslot function parameter 'defobj' is not used when using ELFv2
ABI
Submitted by: alfredo.junior_eldorado.org.br
Reviewed By: kib, git_bdragon.rtk0.net, emaste, jhibbits
Differential Revision: https://reviews.freebsd.org/D18808
Originally intended as 'in case in needs to be re-invoked', but it was later
decided (by myself) that 're-invoke itself' makes it more clear that the
script is expected to use this in a way.
Reported by: Jose Luis Duran (jlduran @ github)
X-MFC-With: r342792
Some rc scripts in ports (e.g. uwsgi, apache, openvpn) allow for
'application profiles' that usually require the rc script to be invoked
again for each active profile. Because there's no consistent way to
determine the path because it differs between manual/service(8) invocations
and /etc/rc invocations, this leads to patterns like these:
- www/uwsgi hardcodes the script path
- security/openvpn guesses either $_file or $0 based on $0 = /etc/rc
Instead of forcing rc scripts to guess, provide an rc_service variable to
the scripts that gets set appropriately both for direct execution or when a
script is being executed via run_rc_script (e.g. /etc/rc).
This is our analog of an OpenRC variable with the same name, different case
(RC_SERVICE).
PR: 234614
Reported by: koobs
Reviewed by: dteske, jilles
MFC after: 3 days
We need to subtract the TLS_TCB_SIZE to get to the real data pointer, since
r13 points to the end of the TCB structure. Prior to this, devel/protobuf-c
port broke with recent update to devel/protobuf, which exposed this issue.
Submitted by: andreast
Reported by: Piotr Kubaj
MFC after: 1 week
iBCS2 was disconnected from the build in 2015 (see r291419)
bsdconfig parts submitted by dteske.
Reviewed by: kib (previous version)
Sponsored by: The FreeBSD Foundation
Due to insufficient validation of network-provided data it may have been
possible for a malicious actor to craft a bootp packet which could cause
a stack buffer overflow.
admbugs: 850
Reported by: Reno Robert
Reviewed by: markj
Approved by: so
Security: FreeBSD-SA-18:15.bootpd
Sponsored by: The FreeBSD Foundation
/usr/sbin/audit(dist)?d are only installed if ${MK_AUDIT} == yes. Their
supporting scripts should only be installed in those instances as well.
Submitted by: ngie
Reviewed by: emaste
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd/pull/242
The original code did not support dynamically loaded libraries and used
suboptimal access to TLS variables.
New implementation removes lazy resolving of TLS relocation - due to flaw
in TLSDESC design is impossible to switch resolver function at runtime
without expensive locking.
Due to this, 3 specialized resolvers are implemented:
- load time resolver for TLS relocation from libraries loaded with main
executable (thus with known TLS offset).
- resolver for undefined thread weak symbols.
- slower lazy resolver for dynamically loaded libraries with fast path for
already resolved symbols.
PR: 228892, 232149, 233204, 232311
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D18417
'read' pessimistically read(2)s one byte at a time, which can be quite
silly for large environments in slow emulators.
In my boring user environment, truss shows that the number of read()
syscalls to source rc.subr and invoke list_vars is reduced by something like
3400 to 60. ministat(1) shows a significant time difference of about -71%
for my environment.
Suggested by: jilles
Discussed with: dteske, jhb, jilles
Differential Revision: https://reviews.freebsd.org/D18481
Although these are slightly obsolete in favor of R_AARCH64_TLSDESC,
gcc -mtls-dialect=trad still use them.
Please note that definition of TLS_DTPMOD64 and TLS_DTPREL64 are incorrectly
exchanged in GNU binutils. TLS_DTPREL64 should be encoded to 1028 (as is
defined in ARM ELF ABI) but binutils encode it to 1029. And vice versa,
TLS_DTPMOD64 should be encoded to 1029 but binutils encode it to 1028.
While I'm in, add also R_AARCH64_NONE. It can be produced as result of linker
relaxation.
MFC after: 1 week
- don't relocate jump slots multiple times (if LD_BIND_NOW is defined).
- process only R_AARCH64_JUMP_SLOT here, other relocation types are handled
by reloc_plt().
MFC after: 1 week
- Do not perform ifunc relocations together with other PLT relocations
in PLT. Instead, do it during an additional pass over the init
list, so that ifuncs are resolved in the order of dso
dependencies. This allows the ifuncs resolvers to call into depended
libs. Init list now includes all objects instead of only objects
with init/fini callables.
- Disable relro protection around bind_now ifunc relocations.
I considered calling ifunc resolvers of dso after initializers of all
dependencies are processed, and decided that this is wrong/should not
be supported. The order now is normal relocations for all
objects->ifunc resolution in init order->initializers, where each step
does complete pass over all loaded objects before moving to the next
step.
Reported, tested and reviewed by: emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D18400
bzero(3) for rtld.
This again reduces rtld dependency on libc, and in future, avoid ifunc
relocations when the functions are converted to ifuncs in libc.
Reported by: mjg
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D18400
An issue remains with BIND_NOW and processes using threads. For now,
restore libc's BIND_NOW disable, and also disable BIND_NOW in rtld and
libthr.
A patch is in review (D18400) that likely fixes this issue, but just
disable BIND_NOW pending further testing after it is committed.
PR: 233333
Sponsored by: The FreeBSD Foundation
The function reloc_non_plt has complicated variable lifetimes that GCC 6.4.0
(the version currently used by amd64-xtoolchain-gcc) misunderstands and
produces an erroneous warning about. Silence it to allow the -Werror build
to proceed.
Reviewed by: emaste
immediately after other PLT relocs.
Otherwise, if the object has relro page, we write to readonly page,
and we would need to use mprotect(2) two more times to fix it. Note
that resolve_object_ifunc() does nothing when called second time, so
there is no need to avoid existing call.
Reported and tested by: emaste
PR: 233333
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
This dynamic tag contains the location of the .rld_map section relative to
the location of the dynamic tag. For PIE MIPS binaries DT_MIPS_RLD_MAP can
not be used since it contains an absolute address. Without this change
GDB can not find the function program counters in other libraries and once
I apply this change I can successfully run info sharedlibraries again.
Reviewed By: kib
Differential Revision: https://reviews.freebsd.org/D17867
Previously the combination of relro (implicit), -z now and ifunc use
resulted in a segfault when applying ifuncs after relro (test binary
here just calls amd64_get_fsbase()):
| % env LD_DEBUG=1 libexec/rtld-elf/obj/ld-elf.so.1 a.out
| ...
| enforcing main obj relro
| ...
| resolving ifuncs
| reloc_jmpslot: *0x203198 = 0x189368ea4570
| zsh: bus error (core dumped) LD_DEBUG=1 obj/ld-elf.so.1 ~/a.out
Reported by: Shawn Webb
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
It is unused after r340102, and more important, I do not see how to
define textsize in both practically useful and correct way, for binaries
with more that one executable segments.
Sponsored by: The FreeBSD Foundation
Do not use textsize and do not flush everything between map base and
base + textsize, because unmapped areas cannot be flushed.
This makes Obj_Entry textsize only use go away, and I will remove it
later.
Reported by: tuexen
Tested by: Mark Millard <marklmi26-fbsd@yahoo.com>
Sponsored by: The FreeBSD Foundation
This adds new keywords to rc/service to enable/disable a service's
rc.conf(5) variable and "delete" to remove the variable.
When the "service_delete_empty" variable in rc.conf(5) is set to "YES"
(default is "NO") an rc.conf.d file (in /etc/ or /usr/local/etc) is
deleted if empty after modification using "service $foo delete".
Submitted by: lme (modified)
Reviewed by: 0mp (previous version), lme, bcr
Relnotes: yes
Sponsored by: Smule, Inc.
Differential Revision: https://reviews.freebsd.org/D17113
One less non-trivial dependency of rtld on libc. Also,
amd64_set_fsbase() is to be converted to ifunc, which I do not want to
support inside rtld.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
In particular, do it before the first call to allocate_initial_tls(),
which contains MD parts to set the initial thread' TLS pointer.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
With lld-generated binaries the first PT_LOAD will usually be a read-only
segment unless you pass --no-rosegment. For those binaries the textsize is
determined by the next PT_LOAD. To allow both LLD and bfd 2.17 binaries to
be parsed correctly use the end of the last PT_LOAD that is marked as
executable instead.
I noticed that the value was wrong while adding some debug prints for some rtld
changes for CHERI binaries. `obj->textsize` only seems to be used by PPC so the
effect is untested. However, the value before was definitely wrong and the new
result matches the phdrs.
Reviewed By: kib
Approved By: brooks (mentor)
Differential Revision: https://reviews.freebsd.org/D17117
and runs scripts containing "KEYWORD: resume" with single "resume" argument.
Working example is the port sysutils/cpupdate that defines
extra_commands="resume" to reload CPU microcode cleared
by suspend/resume sequence.
This change does nothing for a system having no scripts with KEYWORD: resume.
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D15247
Currently, rc.inidiskless assumes that local system configuration
changes are kept in some mountable file system. For example,
nanobsd uses dedicated partition mounted as /cfg for this.
However, small embedded devices like MIPS routers may have no enough flash
space to keep full-blown file system but have only one or couple
small flash blocks to keep persistent local configuration overrides.
This change extends rc.initdiskless and introduces ability to run auxiliary
command /conf/T/M/extract that is supposed to extract configuration overrides
from such local storage.
For example, the command /conf/default/etc/extract may contain something like:
cd "$1" && bsdcpio --quiet -idu < /dev/map/cfg
bsdcpio command extracts compressed archive from the storage to /etc
assuming the storage is exposed by the kernel as /dev/map/cfg to userland.
PR: 204215
MFC after: 1 month
and make previously working configuration like this work again:
gif_interfaces="gif0"
gifconfig_gif0="1.1.1.1 2.2.2.2"
ifconfig_gif0="inet 192.168.1.1 192.168.1.2 netmask 255.255.255.252"
PR: 204700
MFC after: 1 month
if a network connection is available. This is not an issue when running
'service local_unbound setup' interactively, but can be on a diskless
system where local_unbound self-configures on every boot. To address
this, add explicit dependencies on netwait and defaultroute.
Submitted by: eugen
Approved by: re (gjb)
in r339413, a current pkgbase update problem came up. For users
testing pkgbase at the moment there is no (automatic) way to pick
up new base packages (yet).
As a result rather than also moving init(8) to its own package,
back out the part of the change in r339413 that moved rc* to its
own package and defer creating new packages until the
infrastructure is in place to handle these cases.
Both init and rc* are considered too problematic to be lost by
early adaptors at this stage.
Discussed with: brd
Reviewed by: brd
Approved by: re (gjb)
The reasons for this are forward looking to pkgbase:
* /sbin/init is a special binary; try not to replace it with
every package update because an rc script was touched.
(a follow-up commit will make init its own package)
* having rc in its own place will allow more easy replacement
of the rc framework with alternatives, such as openrc.
Discussed with: brd (during BSDCam), kmoore
Requested by: cem, bz
PR: 231522
Approved by: re (gjb)
Fix the issue with subtracting the TLS_TCB_SIZE too when we are trying to get
the 'where' in the R_PPC_TPREL32 case. At allocation time we added an offset
and the TLS_TCB_SIZE. This has to be subtracted as well.
Now all the issues reported are fixed. Tests were done on G4 and G5 PowerMac's.
Additionally I ran the tls tests from the gcc test suite and made sure the
results are as good as pre 338486.
Thanks to tuexen for reporting the malfunction and for patient testing.
Also testing thanks goes to jhibbits.
Reported by: tuexen
Discussed with: jhibbits, nwhitehorn
Approved by: re (gjb)
Pointyhat to: andreast
This is based on the amd64 implementation. Support for both PLT and
non-PLT (e.g. a global variable initilised with a pointer to an ifunc)
cases are supported.
We don't pass anything to the resolver as it is expected they will read
the ID registers directly, with the number of registers with CPU info
likely to increase in the future.
Reviewed by: kib
Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D17341
search_library_path().
This corrects the scope of libmap matches.
Reported and tested by: Andreas Longwitz <longwitz@incore.de>
Sponsored by: The FreeBSD Foundation
Approved by: re (gjb)
MFC after: 1 week
This is useful when lm_find() moves the match to the global mapping,
since lm_find() could be called with a same path more than once.
Reported and tested by: Andreas Longwitz <longwitz@incore.de>
Sponsored by: The FreeBSD Foundation
Approved by: re (gjb)
MFC after: 1 week
some TLS bits. This broke operation on the PowerMac. Namely one could not login.
At login the screen/shell was giving back lots of backslashes and the login
shell dumped core.
The fix to this issue is to revert the powerpc commit from 338486 and to
increase the TLS_TCB_SIZE to 16.
Reverting only did not help, login was possible but userland applications
aborted with strange messages.
I tested this patch with world/kernel builds and with port upgrades.
Additionally a full gcc8 bootstrap was successfully completed.
Reviewed by: jhibbits@
Approved by: re (Glen)
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes. Thus,
port these changes to rtld.
This was previously commited as r337978 and reverted in r338149 due to
exposing a bug the ARM rtld. This bug was fixed in r338317 by mmel.
Submitted by: James Clarke
Approved by: re (kib)
Reviewed by: kbowling
Testing by: kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D16510
TLS_TCB_SIZE is already accounted in defobj-> tlsoffset so all these symbols
were incorrectly relocated by +8.
Note:
The only consumer (for all binaries on my ARM board) of R_ARM_TLS_TPOFF32
relocation is _ThreadRuneLocale variable. And the incorrectly relocated
ThreadRuneLocale accidentally pointed to zeroed memory before memory layout
change from D16510 had changed status quo.
MFC after: 3 weeks
Reviewed by: imp, jhb
Approved by: re (marius)
Transferring files in netascii format requires, among other things,
translating all CR characters to a CR,NUL pair. tftpd does this correctly
except when the CR occurs as the last octet of a packet. In that case, it
erroneously drops the NUL which should be part of the following packet. The
bug was caused by using 0 as a sentinel value in a variable that could
legitimately hold 0. Fix it by switching the sentinel value to -1.
PR: 178055
Reported by: Richard <rsitze@gmail.com>
Reviewed by: cem
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D16853
Michal Meloun reports that it breaks ctype (isspace()..) related
functions on armv7 so back out while we diagnose the issue.
Reported by: Michal Meloun <melounmichal@gmail.com>
Thsi helps with pkgbase by switching to CONFS so that ftpusers will be
properly tagged as a config file.
Approved by: will (mentor)
Differential Revision: https://reviews.freebsd.org/D16787
The above commit fixed handling overaligned TLS segments in libc's
TLS Variant I implementation, but rtld provides its own implementation
for dynamically-linked executables which lacks these fixes. Thus,
port these changes to rtld.
Submitted by: James Clarke
Reviewed by: kbowling
Testing byL kbowling (powerpc64), br (riscv), kevans (armv7)
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D16510
While here fix capitalization of a few nearby strings, add the
rtld's file name prefix so it's obvious where the message come
from, and return zero when "-h" is used.
Reviewed by: kib
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D16530
Some of the changes are in the libexec/tftpd directory, but to functions that
are only used by tftp(1) (they share some code).
* strcpy => strlcpy (1006793, 1006794, 1006796, 1006741)
* Unchecked return value and TOCTTOU (1009314)
* NULL pointer dereference (1018035, 1018036)
Reported by: Coverity
CID: 1006793, 1006794, 1006796, 1006741, 1009314, 1018035
CID: 1018036
MFC after: 2 weeks
tftpd(8) should flush a newly written file to disk before ACKing the final DATA
packet. Otherwise there is a narrow race window when a subsequent read may not
see the file. This is somewhat related to r330710, but the race window is much
smaller. Hopefully this will fix the intermittent tests in Jenkins.
Reported by: Jenkins
MFC after: 2 weeks
quatactl(2) mechanism. (Read-only at this point, however.)
In particular, this is to allow rpc.rquotad query quotas
for NFS mounts, allowing users to see their quotas on the
hosts using the datasets.
The changes specifically:
* Add new RPC entry points for querying quotas.
* Changes the library routines to allow non-UFS quotas.
* Changes rquotad to check for quotas on mounted filesystems,
rather than being limited to entries in /etc/fstab
* Lastly, adds a VFS entry-point for ZFS to query quotas.
Note that this makes one unavoidable behavioural change: if quotas
are enabled, then they can be queried, as opposed to the current
method of checking for quotas being specified in fstab. (With
ZFS, if there are user or group quotas, they're used, always.)
Reviewed by: delphij, mav
Approved by: mav
Sponsored by: iXsystems Inc
Differential Revision: https://reviews.freebsd.org/D15886
If tftpd receives a command with an unknown opcode, it simply exits 1. It
doesn't send an ERROR packet, and the client will hang waiting for one. Fix
it.
PR: 226005
MFC after: 3 weeks
On a WRQ (write request) tftpd checks whether the client has access
permission for the file in question. If not, then the write is prevented.
However, tftpd doesn't reply with an ERROR packet, nor does it abort.
Instead, it tries to receive the packet anyway.
The symptom is slightly different depending on the nature of the error. If
the target file is nonexistent and tftpd lacks permission to create it, then
tftpd will willingly receive the file, but not write it anywhere. If the
file exists but is not writable, then tftpd will fail to ACK to WRQ.
PR: 225996
MFC after: 3 weeks
tftpd(8) says that files may only be written if they already exist and are
publicly writable. tftpd.c verifies that a file is publicly writable if it
uses an absolute pathname. However, if the pathname is relative, that check
is skipped. Fix it.
Note that this is not a security vulnerability, because the transfer
ultimately doesn't work unless the file already exists and is owned by user
nobody. Also, this bug does not affect the default configuration, because
the default uses the "-s" option which makes all pathnames absolute.
PR: 226004
MFC after: 3 weeks
On an RRQ, tftpd doesn't exit as soon as it's finished receiving a file.
Instead, it waits five seconds just in case the client didn't receive the
server's last ACK and decides to resend the final DATA packet.
Unfortunately, this created a 5 second delay from when the client thinks
it's done sending the file, and when the file is available for other
processes.
Fix this bug by closing the file as soon as receipt is finished.
PR: 157700
Reported by: Barry Mishler <barry_mishler@yahoo.com>
MFC after: 3 weeks
tftpd(8) is difficult to test in isolation due to its relationship with
inetd. Create a test program that mimics the behavior of tftp(1) and
inetd(8) and verifies tftpd's response in several different scenarios.
These test cases cover all of the basic TFTP protocol, but not the optional
parts.
PR: 157700
PR: 225996
PR: 226004
PR: 226005
MFC after: 3 weeks
Differential Revision: https://reviews.freebsd.org/D14310
exist. This behaviour makes no sense for eg USB serial adapters, or
USB device-side serial templates.
This mostly reverts to pre-r135941 behaviour.
Reviewed by: imp@
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D14198
objects' init functions instead of doing the setup via a constructor
in libc as the init functions may already depend on these handlers
to be in place. This gets us rid of:
- the undefined order in which libc constructors as __guard_setup()
and jemalloc_constructor() are executed WRT __sparc_utrap_setup(),
- the requirement to link libc last so __sparc_utrap_setup() gets
called prior to constructors in other libraries (see r122883).
For static binaries, crt1.o still sets up the user trap handlers.
o Move misplaced prototypes for MD functions in to the MD prototype
section of rtld.h.
o Sprinkle nitems().
Most notable, other than some style issues:
CVS 1.11:
do not use LOG_CONS.
CVS 1.13:
consistently use exit instead of return in main().
use LOG_WARNING instead of LOG_ERR for non critical errors.
Obtained from: NetBSD
MFC after: 2 weeks
Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
No functional change intended.
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
Initially, only tag files that use BSD 4-Clause "Original" license.
RelNotes: yes
Differential Revision: https://reviews.freebsd.org/D13133
The old value was probably fine back in 1998, when that code was imported
(although the comments still mention VAX, which was quite obsolete by then);
now, however, it's too small to handle our libc, which results in some
additional calls to munmap/mmap later on. Asking for more virtual address
space is virtually free, and syscalls are not, thus the change.
It was suggested by kib@ that this might be a symptom of a deeper problem.
It doesn't only affect libc, though - the change also improves rtld memory
management for eg KDE libraries. I guess it's just a natural bloat.
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D12834
The directives I added in r323466 and r323501 did not define a valid
CFA until several instructions into the associated functions. This
triggers an assertion in GDB when generating a stack trace while
stopped at the first instruction of PLT stub entry point since there
is no valid CFA rule for the first instruction.
This is probably just wrong on my part as the non-simple .cfi_startproc
would have defined a valid CFA. Instead, define a valid CFA as sp + 0
at the start of the functions and then use .cfa_def_offset to change the
offset when sp is adjusted later in the function.
Sponsored by: DARPA / AFRL
This is only cosmetic, but the entry point for rtld is not a leaf function,
and this avoids two .frame directives for rtld_start.
Sponsored by: DARPA / AFRL
This removes the need to call munmap(2) afterwards.
MFC after: 2 weeks
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D12767
Apply authenticated user context after update of wtmp(5) at start of session,
so that ftpd process is not killed by kernel with SIGXFSZ when user has
"filesize" limit lower than size of system wtmp file. Same applies
to session finalization: revert to super-user context before update of wtmp.
If ftpd hits limit while writing a file at user request,
do not get killed with SIGXFSZ instantly but apparently ignore the signal,
process error and report it to the user, and continue with the session.
PR: 143570
Approved by: avg (mentor), mav (mentor)
MFC after: 1 week
If they are still needed, you can find them in the net/bsdrcmds port.
This was proposed June, 20th and approved by various committers [1].
They have been marked as deprecated on CURRENT in r320644 [2] on July, 4th.
Both stable/11 and release/11.1 contain the deprecation notice (thanks to
allanjude@).
Note that ruptime(1)/rwho(1)/rwhod(8) were initially thought to be part of
rcmds but this was a mistake and those are therefore NOT removed.
[1] https://lists.freebsd.org/pipermail/freebsd-arch/2017-June/018239.html
[2] https://svnweb.freebsd.org/base?view=revision&revision=320644
Reviewed by: bapt, brooks
Differential Revision: https://reviews.freebsd.org/D12573
in favor of just rendering the manpage instead of relying on pre-formatted
catpages. Note, this does not impede the ability to use existing catpages,
it just removes the utility to generate them.
Reviewed by: imp, allanjude
Approved by: emaste (mentor)
Differential Revision: https://reviews.freebsd.org/D12317
Newer binutils supports extensions to the MIPS ABI for non-PIC code
that is used when compiling O32 binaries with clang 5 (but not used
for N64 oddly enough). These extensions require support for
R_MIPS_COPY relocations as well as a second PLT GOT using
R_MIPS_JUMP_SLOT relocations.
For R_MIPS_COPY, use the same approach as on other architectures where
fixups are deferred to the MD do_copy_relocations.
The additional PLT GOT for jump slots is located in a .got.plt section
which is identified by a DT_MIPS_PLTGOT dynamic entry. This GOT also
requires fixups for the first two GOT entries just as the normal GOT.
However, the entry point for this second GOT uses a different calling
convention. Rather than passing an offset into the GOT, it passes an
offset into the .rel.plt section. This requires a second entry point
(_rtld_pltbind_start) which calls the normal _rtld_bind() rather than
_mips_rtld_bind(). This also means providing a real version of
reloc_jmpslot() which is used by _rtld_bind().
In addition, add real implementions of reloc_plt() and
reloc_jmpslots() which walk .rel.plt handling R_MIPS_JUMP_SLOT
relocations.
Reviewed by: kib
Sponsored by: DARPA / AFRL
Differential Revision: https://reviews.freebsd.org/D12326
On hard-float 32-bit arm platforms, always search for the soft float
binaries in the alternative locations.
Sponsored by: Netflix
Differential Review: https://reviews.freebsd.org/D12274
MFC After: 1 week
This modification adds a new gettytab(5) option (iM) to specify a
program to run that will generate the initial (banner) message that is
displayed before the login prompt. Such a capability is useful when
dynamic information is needed in the banner message that cannot be
supplied by the set of % substitution sequences available in the "im"
option.
Reviewed by: vangyzen, wblock, manpages
Approved by: vangyzen (mentor)
MFC after: 1 week
Relnotes: yes
Sponsored by: Dell EMC
Differential Revision: https://reviews.freebsd.org/D12108
In particular, the switch statement on the type of dynamic entries
in _rtld_relocate_nonplt_self() needs to not use a jump table since
jump tables on MIPS use local GOT entries which aren't initialized
until after this loop.
Suggested by: arichardson
Reviewed by: emaste
Sponsored by: DARPA / AFRL
Non-tests/... changes:
- Add HAS_TESTS= to Makefiles with libraries and programs to enable iteration
and propagate the appropriate environment down to *.test.mk.
tests/... changes:
- Add appropriate support Makefile.inc's to set HAS_TESTS in a minimal manner,
since tests/... is a special subdirectory tree compared to the others.
MFC after: 2 months
MFC with: r322511
Reviewed by: arch (silence), testing (silence)
Differential Revision: D12014
New version is not compatible on supervisor mode with v1.9.1
(previous version).
Highlights:
o BBL (Berkeley Boot Loader) provides no initial page tables
anymore allowing us to choose VM, to build page tables manually
and enable MMU in S-mode.
o SBI interface changed.
o GENERIC kernel.
FDT is now chosen standard for RISC-V hardware description.
DTB is now provided by Spike (golden model simulator). This
allows us to introduce GENERIC kernel. However, description
for console and timer devices is not provided in DTB, so move
these devices temporary to nexus bus.
o Supervisor can't access userspace by default. Solution is to
set SUM (permit Supervisor User Memory access) bit in sstatus
register.
o Compressed extension is now turned on by default.
o External GCC 7.1 compiler used.
o _gp renamed to __global_pointer$
o Compiler -march= string is now in use allowing us to choose
required extensions (compressed, FPU, atomic, etc).
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D11800
o Replace __riscv64 with (__riscv && __riscv_xlen == 64)
This is required to support new GCC 7.1 compiler.
This is compatible with current GCC 6.1 compiler.
RISC-V is extensible ISA and the idea here is to have built-in define
per each extension, so together with __riscv we will have some subset
of these as well (depending on -march string passed to compiler):
__riscv_compressed
__riscv_atomic
__riscv_mul
__riscv_div
__riscv_muldiv
__riscv_fdiv
__riscv_fsqrt
__riscv_float_abi_soft
__riscv_float_abi_single
__riscv_float_abi_double
__riscv_cmodel_medlow
__riscv_cmodel_medany
__riscv_cmodel_pic
__riscv_xlen
Reviewed by: ngie
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D11901
directories to SUBDIR.${MK_TESTS} idiom
This is being done to pave the way for future work (and homogenity) in
^/projects/make-check-sandbox .
No functional change intended.
MFC after: 1 weeks
How network VF works with hn(4) on Hyper-V in non-transparent mode:
- Each network VF has a cooresponding hn(4).
- The network VF and the it's cooresponding hn(4) have the same hardware
address.
- Once the network VF is up, e.g. ifconfig VF up:
o All of the transmission should go through the network VF.
o Most of the reception goes through the network VF.
o Small amount of reception may go through the cooresponding hn(4).
This reception will happen, even if the the cooresponding hn(4) is
down. The cooresponding hn(4) will change the reception interface
to the network VF, so that network layer and application layer will
be tricked into thinking that these packets were received by the
network VF.
o The cooresponding hn(4) pretends the physical link is down.
- Once the network VF is down or detached:
o All of the transmission should go through the cooresponding hn(4).
o All of the reception goes through the cooresponding hn(4).
o The cooresponding hn(4) fallbacks to the original physical link
detection logic.
All these features are mainly used to help live migration, during which
the network VF will be detached, while the network communication to the
VM must not be cut off. In order to reach this level of live migration
transparency, we use failover mode lagg(4) with the network VF and the
cooresponding hn(4) attached to it.
To ease user configuration for both network VF and non-network VF, the
lagg(4) will be created by the following rules, and the configuration
of the cooresponding hn(4) will be applied to the lagg(4) automatically.
Sponsored by: Microsoft
Differential Revision: https://reviews.freebsd.org/D11635
Use the standard syntax of name@version, I do not expect a confusion
due to unlikely possibility of the name containing the '@' character.
Requested by: emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week