Commit Graph

18980 Commits

Author SHA1 Message Date
bdrewery
a4164f0dcd DIRDEPS_BUILD: Connect new directories.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:04:07 +00:00
bdrewery
631ffc3cba Connect libpathconv, disconnected since import in r309035.
Sponsored by:	Dell EMC Isilon
2017-10-31 00:03:52 +00:00
bdrewery
215c814ffa DIRDEPS_BUILD: libgcc now depends on MK_LLVM_LIBUNWIND
The dependency on gnu/lib/libgcc or lib/libgcc* is determined
at 'make dirdeps' time.

Sponsored by:	Dell EMC Isilon
2017-10-31 00:03:36 +00:00
mmel
7ef0c143b1 Fix misleading comment.
Not a functional change.

MFC after:	3 days
2017-10-29 14:26:37 +00:00
oshogbo
db89191cf9 Fix information about nv.h include.
MFC after:	1 week
2017-10-29 09:50:20 +00:00
eadler
45275e3a26 Update several more URLs
- Primarily http -> https
- Primarily FreeBSD project URLs
2017-10-29 08:17:03 +00:00
pfg
981dd2aa38 Fix out-of-bounds read in libc/regex.
The bug is an out-of-bounds read detected with address sanitizer that
happens when 'sp' in p_b_coll_elems() includes NUL byte[s], e.g. if it's
equal to "GS\x00". In that case len will be equal to 4, and the
strncmp(cp->name, sp, len) call will succeed when cp->name is "GS" but the
cp->name[len] == '\0' comparison will cause the read to go out-of-bounds.

Checking the length using strlen() instead eliminates the issue.

The bug was found in LLVM with oss-fuzz:
	https://reviews.llvm.org/D39380

MFC after:	1 week
Obtained from:	Vlad Tsyrklevich through posting on openbsd-tech
2017-10-28 20:09:34 +00:00
oshogbo
82ffa91f39 Introduce caspermocks.
The idea behinds mocks is that we don't need to ifdef a lot of code in
tools itself but those defines are hidden in the casper library.
Right now the mocks are implemented as define/inlines functions.
There was a very long discussion how this should be implemented.
This approach has some advantages like we don't need to link to any additional
libraries. Unfortunately there are also some disadvantages for example it is
easy to get library out of sync between two versions of functions or that we
need extra define to compile program with casper support.
This isn't an ideal solution but it's good enough for now and should simplify
capsicumizing programs. This also doesn't close us any other ways to do those
mocks and this should evolve in time.

Discussed with:	pjd, emaste, ed, rwatson, bapt, cem, bdrewery
Differential Revision:    https://reviews.freebsd.org/D8753
2017-10-28 19:23:57 +00:00
cy
1fbdcdb35c Revert r325031. This breaks the build due to __FBSDID.
Pointy hat to:	cy
2017-10-27 05:04:29 +00:00
cy
07ffe161f7 Ensure all incude statements are kept together by moving the
sys/cdefs.h include appropriately.

MFC after:	1 week
X-MFC with:	r325030
2017-10-27 04:51:05 +00:00
cy
409bc76662 Remove redundant sys/cdefs.h include.
MFC after:	1 week
2017-10-27 04:47:44 +00:00
asomers
db51239d93 Partially revert r325011: restore Guid's default constructor
Reported by:	ohartmann
MFC after:	3 weeks
X-MFC-With:	325011
Sponsored by:	Spectra Logic Corp
2017-10-26 17:56:34 +00:00
asomers
878bf63ed9 zfsd should be able to online an L2ARC that disappears and returns
Previously, this didn't work because L2ARC devices' labels don't contain
pool GUIDs.  Modify zfsd so that the pool GUID won't be required:

lib/libdevdctl/guid.h
	Change INVALID_GUID from a uint64_t constant to a function that
	returns an invalid Guid object.  Remove the void constructor.
	Nothing uses it, and it violates RAII.

cddl/usr.sbin/zfsd/case_file.h
cddl/usr.sbin/zfsd/case_file.cc
	Allow CaseFile::Find to match a CaseFile based on Vdev GUID alone.
	In CaseFile::ReEvaluate, attempt to online devices even if the newly
	arrived device has no pool GUID.

cddl/usr.sbin/zfsd/vdev_iterator.cc
	Iterate through a pool's cache devices as well as its regular
	devices.

Reported by:	avg
Reviewed by:	avg
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D12791
2017-10-26 15:28:18 +00:00
des
e50db1d5c3 If the user-provided password exceeds the maximum password length, don't
bother passing it to crypt().  It won't succeed and may allow an attacker
to confirm that the user exists.

Reported by:	jkim@
MFC after:	1 week
Security:	CVE-2016-6210
2017-10-26 13:23:13 +00:00
bdrewery
9c5d7caa5a Prefix {TARGET,BUILD}_TRIPLE with LLVM_ to avoid Makefile.inc1 collision.
The Makefile.inc1 TARGET_TRIPLE is for specifying which -target is used
during the build of world.

MFC after:	2 weeks
Reviewed by:	dim, imp
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D12792
2017-10-25 21:45:55 +00:00
imp
409e046ace RB_POWERCYCLE needs to be handled like RB_POWEROFF for decoding.
Sponsored by: Netflix
2017-10-25 15:30:25 +00:00
imp
1b355cb406 Define RB_POWERCYCLE
RB_POWERCYCLE instructs the platform to power off and then power back
on a short time later, if that's possible. Otherwise, degrade to the
RB_POWEROFF behavior.

Sponsored by: Netflix
2017-10-25 15:30:20 +00:00
br
8f6b3ab3a7 Extract a set of pmcstat functions and interfaces to the new internal
library -- libpmcstat.

This includes PMC logging module, symbols lookup functions,
ELF parsing, process management, PMC attachment, etc.

This allows to reuse code while building new hwpmc(4)-based applications.

Also add pmcstat_symbol_search_by_name() function that allows to find
mapped IP range for a given function name.

Reviewed by:	kib
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12718
2017-10-24 16:28:00 +00:00
asomers
135fa0db36 Bump man page revision dates for r324941
Reported by:	jhb
MFC after:	20 days
X-MFC-with:	324941
Sponsored by:	Spectra Logic Corp
2017-10-24 14:34:25 +00:00
asomers
d4f614fd9c Remove artificial restriction on lio_listio's operation count
In r322258 I made p1003_1b.aio_listio_max a tunable. However, further
investigation shows that there was never any good reason for that limit to
exist in the first place. It's used in two completely different ways:

* To size a UMA zone, which globally limits the number of concurrent
  aio_suspend calls.

* To artifically limit the number of operations in a single lio_listio call.
  There doesn't seem to be any memory allocation associated with this limit.

This change does two things:

* Properly names aio_suspend's UMA zone, and sizes it based on a new constant.

* Eliminates the artifical restriction on lio_listio. Instead, lio_listio
  calls will now be limited by the more generous max_aio_queue_per_proc. The
  old p1003_1b.aio_listio_max is now an alias for
  vfs.aio.max_aio_queue_per_proc, so sysconf(3) will still work with
  _SC_AIO_LISTIO_MAX.

Reported by:	bde
Reviewed by:	jhb
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D12120
2017-10-23 23:12:01 +00:00
ngie
7e9da6d913 Clean up trailing whitespace
MFC after:	1 week
2017-10-23 16:55:22 +00:00
ngie
597ef9b253 Remove dead stores
The return value of various snprintf calls was stored in `len` and not used
in many functions.

MFC after:	1 week
Reported by:	clang-scanbuild
2017-10-23 16:54:30 +00:00
trasz
b1c2085f71 Add OID for the vm.overcommit sysctl. This makes it possible to remove
one call to sysctl(2) from jemalloc startup code. (That also requires
changes to jemalloc, but I plan to push those to upstream first.)

Reviewed by:	kib
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12745
2017-10-22 10:35:29 +00:00
dim
edf74aa7bb After the import of libc++ 5.0.0, there is no need to disable building
libc++experimental.a on arm (r318654) and mips (r318859) anymore, since
upstream fixed the static assertions which would occur.

Noticed by:	George Abdelmalik <gabdelmalik@uniridge.com.au>
PR:		223119
MFC after:	3 days
2017-10-21 18:21:44 +00:00
mmel
990c7fb044 Make elf_aux_info() as public libc function.
- Teach elf aux vector functions about newly added AT_HWCAP and AT_HWCAP2
  vectors.
- Export _elf_aux_info() as new public libc function elf_aux_info(3)

The elf_aux_info(3) should be considered as FreeBSD counterpart of glibc
getauxval() with more robust interface.

Note:
We cannot name this new function as getauxval(), with glibc compatible
interface. Some ports autodetect its existence and then expects that all
Linux specific AT_<*> vectors are defined and implemented.

MFC after:	1 month
Reviewed by:	kib
Differential Revision:	https://reviews.freebsd.org/D12743
2017-10-21 12:06:18 +00:00
emaste
999a7f348b write.2: correct maximum nbytes size for EINVAL error
In FreeBSD 11 and later debug.iosize_max_clamp defaults to 0, and the
maximum nbytes count for write(2) is SSIZE_MAX. Update the man page to
document this, and mention the sysctl that can be set to obtain the
previous behaviour.

PR:		196666
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2017-10-17 02:51:45 +00:00
romain
4fddfecb7b Add a quick description of the geom_getxml(3), geom_xml2tree(3),
geom_gettree(3) and geom_deletetree(3) functions provided by libgeom and are
not documented in libgeom(3).

Reviewed by:	mav, bjk, allanjude
Approved by:	allanjude
Differential Revision:	https://reviews.freebsd.org/D12679
2017-10-16 17:21:52 +00:00
mmel
8d35d61064 Save VFP state in getcontext(3) on ARM.
This is a last followup of r315974, which fixes userland part
of VFP save/restore problems described in PR 217611.

PR:		217611
MFC after:	2 weeks
2017-10-16 12:53:54 +00:00
avos
ef389b0fa2 libifconfig: allow to get original interface name via ifconfig_get_orig_name()
Uses the same method as in tools/tools/ifinfo/ifinfo.c
(via net.link.generic sysctl).

Tested with modified wlandebug(8).

Differential Revision:	https://reviews.freebsd.org/D12554
2017-10-16 06:54:26 +00:00
emaste
5d14c78c8e allow posix_fallocate in capability mode
posix_fallocate is logically equivalent to writing zero blocks to the
desired file size and there is no reason to prevent calling it in
capability mode. posix_fallocate already checked for the CAP_WRITE
right, so we merely need to list it in capabilities.conf.

Reviewed by:	allanjude
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D12640
2017-10-12 15:45:53 +00:00
imp
640ae38df0 Move lib/libstand to sys/boot/libsa
Move the sources to sys/boot. Make adjustments related to the
move. Kill LIBSTAND_SRC since it's no longer needed.

Sponsored by: Netflix
2017-10-12 14:56:28 +00:00
imp
941c14fcba Add $FreeBSD$ to ancient sources that it's missing from.
Sponsored by: Netflix
2017-10-12 14:53:25 +00:00
imp
352b8c9173 Disconnect libstand from the build.
Remove libstand from the src/lib build. Remove LIBSTAND from
bsd.libnames.mk. Add affected files to the obsolete files list.

Sponsored by: Netflix
2017-10-09 22:12:57 +00:00
trasz
4462f97f62 capsicum_helpers: Add EVENT to default stdio rights set
Without it, calling caph_limit_stdio(3) breaks Irssi.

Reviewed by:	oshogbo
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12622
2017-10-08 17:29:43 +00:00
imp
c5ddd11381 Support armv7 builds for userland
Make armv7 as a new MACHINE_ARCH.

Copy all the places we do armv6 and add armv7 as basically an
alias. clang appears to generate code for armv7 by default. armv7 hard
float isn't supported by the the in-tree gcc, so it hasn't been
updated to have a new default.

Support armv7 as a new valid MACHINE_ARCH (and by extension
TARGET_ARCH).

Add armv7 to the universe build.

Differential Revision: https://reviews.freebsd.org/D12010
2017-10-05 23:01:33 +00:00
hselasky
a1144014f8 Add support for new cuse(3) error code, CUSE_ERR_NO_DEVICE.
This error code is useful when emulating Linux input event
devices from userspace.

PR:			218626
Submitted by:		jan.kokemueller@gmail.com
MFC after:		1 week
Sponsored by:		Mellanox Technologies
2017-10-05 16:42:02 +00:00
bjk
9eddd5d91f mdoc style: start new sentence on new line 2017-10-04 12:58:30 +00:00
cy
0540e9667e Fix typo.
Reported by:	se
2017-10-04 09:54:59 +00:00
cy
39ad51ea1e Clarify the wording describing the stayopen flag.
MFC after:	1 week
2017-10-04 06:06:22 +00:00
brooks
67ff9a5216 Remove an unneeded and incorrect memset().
On Variant I TLS architectures (aarch64, arm, mips, powerpc, and riscv)
the __libc_allocate_tls function allocates thread local storage memory
with calloc(). It then copies initialization data over the portions with
non-zero initial values. Before this change it would then pointlessly
zero the already zeroed remainder of the storage. Unfortunately the
calculation was wrong and it would zero TLS_TCB_SIZE (2*sizeof(void *))
additional bytes.

In practice, this overflow only matters if the TLS segment is sized such
that calloc() allocates a less than TLS_TCB_SIZE extra memory. Even
then, the likely result will be zeroing part of the next bucket. This
coupled with the impact being confined to Tier II platforms means there
will be no security advisory for this issue.

Reviewed by:	kib, dfr
Discussed with:	security-officer (delphij)
MFC after:	1 week
Found by:	CHERI
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12547
2017-10-03 22:57:19 +00:00
trasz
533491cf99 Make procstat(1) recognize process descriptors, so that it shows
"P" instead of "?" in "procstat -af" output. Note that there are
still a few more DTYPE_* kinds we don't decode yet.

Reported by:	rwatson
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D12426
2017-10-03 11:45:24 +00:00
ru
567ae72107 Fixed description of msg_name/msg_namelen in recvmsg(). 2017-10-03 11:13:25 +00:00
glebius
7168fac388 Hide struct socket and struct unpcb from the userland.
Violators may define _WANT_SOCKET and _WANT_UNPCB respectively and
are not guaranteed for stability of the structures.  The violators
list is the the usual one: libprocstat(3) and netstat(1) internally
and lsof in ports.

In struct xunpcb remove the inclusion of kernel structure and add
a bunch of spare fields.  The xsocket already has socket not included,
but add there spares as well.  Embed xsockbuf into xsocket.

Sort declarations in sys/socketvar.h to separate kernel only from
userland available ones.

PR:		221820 (exp-run)
2017-10-02 23:29:56 +00:00
mizhka
cc1f74e813 [libthr] revert change of visibility of _thread_keytable to unbreak debugger
Fix regression by r318539. The sysutils/pstack uses library libthread_db to
read information about threads state. The function pt_ta_new makes lookup of
several key symbols including _thread_keytable. But r318539 mades this field
static. It causes silent ignore of libthr library by pstack and as result
sysutils/pstack doesn't output any thread information.

This fix changes this field back to non-static.

MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D11738
2017-10-02 20:33:16 +00:00
mm
b2f0376b45 MFV r324145,324147:
Sync libarchive with vendor.

Relevant vendor changes:
  PR #905: Support for Zstandard read and write filters
  PR #922: Avoid overflow when reading corrupt cpio archive
  Issue #935: heap-based buffer overflow in xml_data (CVE-2017-14166)
  OSS-Fuzz 2936: Place a limit on the mtree line length
  OSS-Fuzz 2394: Ensure that the ZIP AES extension header is large enough
  OSS-Fuzz 573: Read off-by-one error in RAR archives (CVE-2017-14502)

MFC after:	1 week
Security:	CVE-2017-14166, CVE-2017-14502
2017-10-01 00:40:23 +00:00
bdrewery
3f9dafbc2b __setrunelocale: Fix asprintf(3) failure not returning an error.
Also fix the style of the asprintf(3) call in __collate_load_tables_l().
Both of these lines were modified away from snprintf(3) during the
import from DragonFly/Illumos.

Reviewed by:	jilles (briefly over shoulder)
MFC after:	2 weeks
Sponsored by:	Dell EMC Isilon
2017-09-29 16:30:50 +00:00
cem
6a49c4a2ea capsicum_helpers: Add SEEK to default stdio rights set
PR:		219173
Sponsored by:	Dell EMC Isilon
2017-09-25 19:33:32 +00:00
mckusick
4c3c44cdd8 Continuing efforts to provide hardening of FFS, this change adds a
check hash to cylinder groups. If a check hash fails when a cylinder
group is read, no further allocations are attempted in that cylinder
group until it has been fixed by fsck. This avoids a class of
filesystem panics related to corrupted cylinder group maps. The
hash is done using crc32c.

Check hases are added only to UFS2 and not to UFS1 as UFS1 is primarily
used in embedded systems with small memories and low-powered processors
which need as light-weight a filesystem as possible.

Specifics of the changes:

sys/sys/buf.h:
    Add BX_FSPRIV to reserve a set of eight b_xflags that may be used
    by individual filesystems for their own purpose. Their specific
    definitions are found in the header files for each filesystem
    that uses them. Also add fields to struct buf as noted below.

sys/kern/vfs_bio.c:
    It is only necessary to compute a check hash for a cylinder
    group when it is actually read from disk. When calling bread,
    you do not know whether the buffer was found in the cache or
    read. So a new flag (GB_CKHASH) and a pointer to a function to
    perform the hash has been added to breadn_flags to say that the
    function should be called to calculate a hash if the data has
    been read. The check hash is placed in b_ckhash and the B_CKHASH
    flag is set to indicate that a read was done and a check hash
    calculated. Though a rather elaborate mechanism, it should
    also work for check hashing other metadata in the future. A
    kernel internal API change was to change breada into a static
    fucntion and add flags and a function pointer to a check-hash
    function.

sys/ufs/ffs/fs.h:
    Add flags for types of check hashes; stored in a new word in the
    superblock. Define corresponding BX_ flags for the different types
    of check hashes. Add a check hash word in the cylinder group.

sys/ufs/ffs/ffs_alloc.c:
    In ffs_getcg do the dance with breadn_flags to get a check hash and
    if one is provided, check it.

sys/ufs/ffs/ffs_vfsops.c:
    Copy across the BX_FFSTYPES flags in background writes.
    Update the check hash when writing out buffers that need them.

sys/ufs/ffs/ffs_snapshot.c:
    Recompute check hash when updating snapshot cylinder groups.

sys/libkern/crc32.c:
lib/libufs/Makefile:
lib/libufs/libufs.h:
lib/libufs/cgroup.c:
    Include libkern/crc32.c in libufs and use it to compute check
    hashes when updating cylinder groups.

Four utilities are affected:

sbin/newfs/mkfs.c:
    Add the check hashes when building the cylinder groups.

sbin/fsck_ffs/fsck.h:
sbin/fsck_ffs/fsutil.c:
    Verify and update check hashes when checking and writing cylinder groups.

sbin/fsck_ffs/pass5.c:
    Offer to add check hashes to existing filesystems.
    Precompute check hashes when rebuilding cylinder group
    (although this will be done when it is written in fsutil.c
    it is necessary to do it early before comparing with the old
    cylinder group)

sbin/dumpfs/dumpfs.c
    Print out the new check hash flag(s)

sbin/fsdb/Makefile:
    Needs to add libufs now used by pass5.c imported from fsck_ffs.

Reviewed by: kib
Tested by: Peter Holm (pho)
2017-09-22 12:45:15 +00:00
oshogbo
0e3fd3e4f5 Remove redundant initialization. Don't use variable - just return the value.
Make scan-build happy by casting to 'void *' instead of 'void **'.

Submitted by:	pjd@
MFC after:	1 month
Found by:	scan-build and cppcheck
Sponsored by:	Wheel Systems
2017-09-21 10:00:16 +00:00
gordon
8166f0a416 MFV r323678: file 5.32
Approved by:	emaste (mentor)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D12400
2017-09-17 19:14:38 +00:00