Commit Graph

8810 Commits

Author SHA1 Message Date
gbe
6e6f9637cd ctime(3): Bump .Dd after r362165
Reported by:	bcr (mentor)
Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
X-MFC-With:	r362165
2020-06-17 11:57:48 +00:00
andrew
5c16d0080a Update opencsd to 0.14.2
Sponsored by:	Innovate UK
2020-06-17 10:42:20 +00:00
antoine
7cf98d85c3 Re-apply r333944 to unbreak ports 2020-06-17 10:11:54 +00:00
delphij
f302f42b9b MFV r362254: file 5.39.
MFC after:	2 weeks
2020-06-17 07:41:28 +00:00
kp
9ea76245ef llvm: Default to -mno-relax on RISC-V
Compiling on a RISC-V system fails with 'relocation R_RISCV_ALIGN
requires unimplemented linker relaxation; recompile with -mno-relax'.

Our default linker (ld.lld) doesn't support relaxation, so default to
no-relax so we don't generate object files the linker can't handle.

Reviewed by:	mhorne
Sponsored by:	Axiado
Differential Revision:	https://reviews.freebsd.org/D25210
2020-06-16 18:39:56 +00:00
andrew
46e57ede0c Re-add opencsd as a vendor import from the dist directory
Sponsored by:	Innovate UK
2020-06-16 08:59:44 +00:00
andrew
16e116ab01 Remove opencsd so I can re-import it with the correct ancestry
Sponsored by:	Innovate UK
2020-06-16 08:57:13 +00:00
gbe
714893bd28 Add a HISTORY section to ctime(3)
Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
Obtained from:	OpenBSD
MFC after:	7 days
Differential Revision:	https://reviews.freebsd.org/D24635
2020-06-14 05:08:15 +00:00
yuripv
430cfd638e nvi: fallback to ISO8859-1 as last resort
Current logic of using user's locale encoding that is UTF-8 doesn't make
much sense if we already failed the looks_utf8() check and skipped
encoding set using "fileencoding" as being UTF-8 as well; fallback to
ISO8859-1 in that case.

Reviewed by:	Zhihao Yuan <lichray@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D24919
2020-06-13 14:11:02 +00:00
cy
3132c3cb3a MFV r362143:
Update sqlite3 to 3.32.2 (3320200).

CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of
service (segmentation fault) via a malformed window-function query because
the AggInfo object's initialization is mishandled.

CVE-2020-13434: SQLite through 3.32.0 has an integer overflow in
sqlite3_str_vappendf in printf.c.

CVE-2020-13435: SQLite through 3.32.0 has a segmentation fault in
sqlite3ExprCodeTarget in expr.c.

CVE-2020-13630: ext/fts3/fts3.c in SQLite before 3.32.0 has a
use-after-free in fts3EvalNextRow, related to the snippet feature

CVE-2020-13631: SQLite before 3.32.0 allows a virtual table to be renamed
to the name of one of its shadow tables, related to alter.c and build.c.

CVE-2020-13632: ext/fts3/fts3_snippet.c in SQLite before 3.32.0 ha s a
NULL pointer dereference via a crafted matchinfo() query.

PR:		247149
Reported by:	spam123@bitbert.com
MFC after:	3 days
Security:	vuxml: c4ac9c79-ab37-11ea-8b5e-b42e99a1b9c3
		https://nvd.nist.gov/vuln/detail/CVE-2020-11655
		https://nvd.nist.gov/vuln/detail/CVE-2020-13434
		https://nvd.nist.gov/vuln/detail/CVE-2020-13435
		https://nvd.nist.gov/vuln/detail/CVE-2020-13630
		https://nvd.nist.gov/vuln/detail/CVE-2020-13631
		https://nvd.nist.gov/vuln/detail/CVE-2020-13632
2020-06-13 04:47:59 +00:00
cy
c3c70f6599 MFV r362082:
Update sqlite3 3.31.1 --> 3.32.0.

PR:		247149
Reported by:	spam123@bitbert.com
Reminded by:	emaste
MFC after:	3 days
Security:	CVE-2020-11655, CVE-2020-13434, CVE-2020-13435,
		CVE-2020-13630, CVE-2020-13631, CVE-2020-13632
2020-06-12 13:02:44 +00:00
sjg
518cb6c844 Merge bmake-20200606
Relevant items from ChangeLog:

	o dir.c: cached_stats - don't confuse stat and lstat results.
	o var.c: add :Or for reverse sort.
2020-06-09 20:52:35 +00:00
cy
12309a187e Post CVE-2020-12695 cleanup patch:
Resolve a Linuxism to fix the build.

MFC after:	3 days
X-MFC with:	r361957, r361958, r361959
2020-06-09 05:43:51 +00:00
cy
96c7316a34 MFV r361938:
Upstream commit message:

[PATCH 3/3] WPS UPnP: Handle HTTP initiation failures for events more
properly

While it is appropriate to try to retransmit the event to another
callback URL on a failure to initiate the HTTP client connection, there
is no point in trying the exact same operation multiple times in a row.
Replve the event_retry() calls with event_addr_failure() for these cases
to avoid busy loops trying to repeat the same failing operation.

These potential busy loops would go through eloop callbacks, so the
process is not completely stuck on handling them, but unnecessary CPU
would be used to process the continues retries that will keep failing
for the same reason.

Obtained from:	https://w1.fi/security/2020-1/\
	0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
MFC after:	3 days
Security:	VU#339275 and CVE-2020-12695
2020-06-09 05:39:37 +00:00
cy
57dd0bae15 MFV r361937:
Upstream commit message:

[PATCH 2/3] WPS UPnP: Fix event message generation using a long URL path

More than about 700 character URL ended up overflowing the wpabuf used
for building the event notification and this resulted in the wpabuf
buffer overflow checks terminating the hostapd process. Fix this by
allocating the buffer to be large enough to contain the full URL path.
However, since that around 700 character limit has been the practical
limit for more than ten years, start explicitly enforcing that as the
limit or the callback URLs since any longer ones had not worked before
and there is no need to enable them now either.

Obtained from:	https://w1.fi/security/2020-1/\
	0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
MFC after:	3 days
Security:	VU#339275 and CVE-2020-12695
2020-06-09 05:38:12 +00:00
cy
1677259054 MFV r361936:
Upstream commit message:

[PATCH 1/3] WPS UPnP: Do not allow event subscriptions with URLs to
other networks

The UPnP Device Architecture 2.0 specification errata ("UDA errata
16-04-2020.docx") addresses a problem with notifications being allowed
to go out to other domains by disallowing such cases. Do such filtering
for the notification callback URLs to avoid undesired connections to
external networks based on subscriptions that any device in the local
network could request when WPS support for external registrars is
enabled (the upnp_iface parameter in hostapd configuration).

Obtained from:	https://w1.fi/security/2020-1/\
	0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
MFC after:	3 days
Security:	VU#339275 and CVE-2020-12695
2020-06-09 05:35:38 +00:00
emaste
6f212aeb0b lld: Set DF_1_PIE for -pie
DF_1_PIE originated from Solaris[1].

GNU ld[2] sets the flag on non-Solaris platforms.

It can help distinguish PIE from ET_DYN.
eu-classify from elfutils uses this to recognize PIE[3].

glibc uses this flag to reject dlopen'ing a PIE[4]

[1] https://docs.oracle.com/cd/E36784_01/html/E36857/chapter6-42444.html
[2] https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=5fe2850dd96483f176858fd75c098313d5b20bc2
[3] https://sourceware.org/git/?p=elfutils.git;a=commit;h=3f489b5c7c78df6d52f8982f79c36e9a220e8951
[4] https://sourceware.org/bugzilla/show_bug.cgi?id=24323

Discussed with:	dim
Obtained from:	LLVM ee9a251caf1d
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2020-06-02 22:57:13 +00:00
emaste
8c06ca2244 llvm: Add DF_1_PIE
Discussed with:	dim
Obtained from:	LLVM d9943e7f0ce8
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2020-06-02 22:55:51 +00:00
cy
a8a9bad622 Per-rule hit counts (-h) can be used with either -i (input) or -o (output)
filter rule lists.

MFC after:	3 days
2020-06-02 03:44:22 +00:00
dim
b43c8782bd Update Subversion to 1.14.0 LTS. See contrib/subversion/CHANGES for a
summary of changes, or for a more thorough overview:

https://subversion.apache.org/docs/release-notes/1.14

NOTE: there is no need to dump and reload repositories, and the working
copy format is still the same as Subversion 1.8 through 1.13.

Relnotes:	yes
MFC after:	2 weeks
X-MFC-With:	r361677
2020-06-01 10:27:05 +00:00
dim
6de59a0150 Update apr-util to 1.6.1. See contrib/apr-util/CHANGES for a summary of
changes.

MFC after:	2 weeks
X-MFC-With:	r361677
2020-06-01 10:14:45 +00:00
dim
415cce75a0 Update apr to 1.7.0. See contrib/apr/CHANGES for a summary of changes.
MFC after:	2 weeks
X-MFC-With:	r361677
2020-05-31 22:12:56 +00:00
emaste
95849b479a readelf: add more DT_FLAGS_1 flags
Reference:
https://docs.oracle.com/cd/E36784_01/html/E36857/chapter6-42444.html

> DF_1_SINGLETON  Singleton symbols exist.
> DF_1_STUB       Object is a stub.
> DF_1_PIE        Object is a position-independent executable.

Sponsored by:	The FreeBSD Foundation
2020-05-31 15:31:47 +00:00
dim
0c10ab5174 Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
llvmorg-10.0.1-rc1-0-gf79cd71e145 (aka 10.0.1 rc1).

MFC after:	3 weeks
2020-05-23 10:32:18 +00:00
cem
ee65ba044e ctime.3: Use ASCII asterisks for C, not special unicode math glyphs
PR:		246656
Reported by:	danfe
2020-05-22 15:30:14 +00:00
cy
51112a15b9 MFV r361322:
Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
 - CVE-2020-12662 Unbound can be tricked into amplifying an incoming
   query into a large number of queries directed to a target.
 - CVE-2020-12663 Malformed answers from upstream name servers can be
   used to make Unbound unresponsive.

Reported by:	emaste
MFC after:	3 days
Relnotes:	yes
Security:	CVE-2020-12662, CVE-2020-12663
2020-05-21 21:00:46 +00:00
cy
d925782ab3 Vendor import of Unbound 1.10.1.
Security:	CVE-2020-12662, CVE-2020-12663
2020-05-21 05:01:52 +00:00
sjg
897ced70e6 Merge bmake-20200517
Changes since 20181221 are mostly portability related
hence the large gap in versions imported.

There are however some bug fixes, and a rework of filemon handling.
In NetBSD make/filemon/filemon_ktrace.c allows use of fktrace
and elimination of filemon(4) which has not had the TLC it needs.

FreeBSD filemon(4) is in much better shape, so bmake/filemon/filemon_dev.c
allows use of that, with a bit less overhead than the ktrace model.

Summary of changes from ChangeLog

	o str.c: empty string does not match % pattern
	  plus unit-test changes
	o var.c: import handling of old sysV style modifier using '%'
	o str.c: refactor brk_string
	o meta.c: meta_oodate, CHECK_VALID_META is too aggressive for CMD
	  a blank command is perfectly valid.
	o meta.c: meta_oodate, check for corrupted meta file
	  earlier and more often.
	* meta.c: meta_compat_parent check for USE_FILEMON
	  patch from Soeren Tempel
	o meta.c: fix compat mode, need to call meta_job_output()
	o job.c: extra fds for meta mode not needed if using filemon_dev
	o meta.c: avoid passing NULL to filemon_*() when meta_needed()
	  returns FALSE.
	o filemon/filemon_{dev,ktrace}.c: allow selection of
	  filemon implementation.  filemon_dev.c uses the kernel module
	  while filemon_ktrace.c leverages the fktrace api available in
	  NetBSD.  filemon_ktrace.c can hopefully form the basis for
	  adding support for other tracing mechanisms such as strace on
	  Linux.
	o meta.c: when target is out-of-date per normal make rules
	  record value of .OODATE in meta file.
	o parse.c: don't pass NULL to realpath(3)
	  some versions cannot handle it.
	o parse.c: ParseDoDependency: free paths rather than assert

plus more unit-tests
2020-05-20 22:25:46 +00:00
mm
9db3aa573e MFV r361280:
Update libarchive to 3.4.3

Relevant vendor changes:
  PR #1352: support negative zstd compression levels
  PR #1359: improve zstd version checking
  PR #1348: support RHT.security.selinux from GNU tar
  PR #1357: support for archives compressed with pzstd
  PR #1367: fix issues in acl tests
  PR #1372: child handling cleanup
  PR #1378: fix memory leak from passphrase callback
2020-05-20 20:58:48 +00:00
mm
dc5c52f259 Update vendor/libarchive/dist to git fc6563f5130d8a7ee1fc27c0e55baef35119f26c
Libarchive 3.4.3

Relevant vendor changes:
  PR #1352: support negative zstd compression levels
  PR #1359: improve zstd version checking
  PR #1348: support RHT.security.selinux from GNU tar
  PR #1357: support for archives compressed with pzstd
  PR #1367: fix issues in acl tests
  PR #1372: child handling cleanup
  PR #1378: fix memory leak from passphrase callback
2020-05-20 16:13:02 +00:00
cy
0cb8021f74 Silence the once per second CTRL-EVENT-SCAN-FAILED errors when the WiFi
radio is disabled through the communication device toggle key (also known
as the RF raidio kill button). Only the CTRL-EVENT-DISCONNECTED will be
issued.

Submitted by:	avg
Reported by:	avg
MFC after:	1 week
2020-05-20 04:16:13 +00:00
emaste
9f08a43426 blacklistd.conf.5: typo/grammar fixes
PR:		246467
Submitted by:	Mike Lempriere
2020-05-19 00:15:19 +00:00
emaste
8722af6392 GNU as: move deprecation message after option parsing
Some cmake test parses the output of the first line of as --version, and
emits an error if it does not contain some expected strings:

Checking whether the ASM compiler is GNU using "--version" did not match
"(GNU assembler)|(GCC)|(Free Software Foundation)"

Emit the deprecation message later, after parsing argv and thus --version.

PR:		246540
Reported by:	dch
Sponsored by:	The FreeBSD Foundation
2020-05-18 16:07:14 +00:00
lwhsu
61e1c0a32b Temporarily disable failing case in CI of amd64:
- lib.libexecinfo.backtrace_test.backtrace_fmt_basic

PR:		246537
Sponsored by:	The FreeBSD Foundation
2020-05-18 12:36:28 +00:00
jhibbits
1938414230 elftoolchain: Add powerpc64 definition to elftoolchain config
powerpc is already in place, but powerpc64 is needed separately.
2020-05-16 03:52:30 +00:00
jceel
5ab91d3e1d Import lib9p 7ddb1164407da19b9b1afb83df83ae65a71a9a66.
Approved by:	trasz
MFC after:	1 month
Sponsored by:	Conclusive Engineering (development), vStack.com (funding)
2020-05-14 19:57:52 +00:00
cem
2f8f4ef722 clang: Reject %n for __attribute__((format(__freebsd_kprintf__)))
A follow-up to r360849.

Reported by:	imp
Reviewed by:	emaste, imp
X-MFC-With:	r360849
Differential Revision:	https://reviews.freebsd.org/D24786
2020-05-09 19:26:44 +00:00
emaste
40894cfa31 Merge commit 21e5e1724b75 from llvm git:
getMainExecutable: Fix hand-rolled AT_EXECPATH for older FreeBSD

  Once we hit AT_NULL, we need to bail out of the loop; not just the
  enclosing switch.  This fixes basic usage (e.g. `cc --version`) when
  AT_EXECPATH isn't present on older branches (e.g. under
  emu-user-static, at the moment), where we would previously run off
  the end of ::environ.

  Patch By: kevans

  Reviewed By: arichardson

  Differential Revision:  https://reviews.llvm.org/D79239

MFC after:	3 days
2020-05-07 21:18:37 +00:00
dim
59ea2dfeff Merge commit 4ca2cad94 from llvm git (by Justin Hibbits):
[PowerPC] Add clang -msvr4-struct-return for 32-bit ELF

  Summary:

  Change the default ABI to be compatible with GCC. For 32-bit ELF
  targets other than Linux, Clang now returns small structs in
  registers r3/r4. This affects FreeBSD, NetBSD, OpenBSD. There is no
  change for 32-bit Linux, where Clang continues to return all structs
  in memory.

  Add clang options -maix-struct-return (to return structs in memory)
  and -msvr4-struct-return (to return structs in registers) to be
  compatible with gcc. These options are only for PPC32; reject them on
  PPC64 and other targets. The options are like -fpcc-struct-return and
  -freg-struct-return for X86_32, and use similar code.

  To actually return a struct in registers, coerce it to an integer of
  the same size. LLVM may optimize the code to remove unnecessary
  accesses to memory, and will return i32 in r3 or i64 in r3:r4.

  Fixes PR#40736

  Patch by George Koehler!

  Reviewed By: jhibbits, nemanjai
  Differential Revision: https://reviews.llvm.org/D73290

Requested by:	jhibbits
MFC after:	3 days
2020-05-06 19:10:39 +00:00
dim
d9f53cebb3 In r358396 I merged llvm upstream commit 2e24219d3, which fixed "error:
unsupported relocation on symbol" when assembling arm 'adr' pseudo
instructions. However, the upstream commit did not take big-endian arm
into account.

Applying the same changes to the big-endian handling is straightforward,
thanks to Andrew Turner and Peter Smith for the hint. This will also be
submitted upstream.

MFC after:	immediately, since this fix is meant for stable/11
2020-05-06 18:13:00 +00:00
emaste
2379f277ff GNU as: print a deprecation warning on program start
GNU as 2.17.50 will be removed before FreeBSD 13.
2020-05-06 01:08:19 +00:00
cem
2a767da786 pwcache.3: Explicitly document OOM condition
The pwcache functions allocate memory, and may return NULL pointers if that
allocation fails and the corresponding uid or gid was not found in the local
password database.  Document this behavior.

Sponsored by:	Dell EMC Isilon
2020-05-05 17:55:45 +00:00
brooks
2db6d46b20 Set LG_VADDR to 48 on RISC-V.
The Sv48 PTE format is the largest currently defined address space for
RISC-V. It makes no sense to define a larger size and doing so (at
least for 64-bits) forces rtrees down a slow path.

Reviewed by:	vangyzen, jhb, mhorne
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D24658
2020-05-04 17:16:30 +00:00
dim
60f97c61b7 Tentatively apply https://reviews.llvm.org/D78877 (by Dave Green):
[ARM] Only produce qadd8b under hasV6Ops

  When compiling for a arm5te cpu from clang, the +dsp attribute is
  set. This meant we could try and generate qadd8 instructions where we
  would end up having no pattern. I've changed the condition here to be
  hasV6Ops && hasDSP, which is what other parts of ARMISelLowering seem
  to use for similar instructions.

  Fixed PR45677.

This fixes "fatal error: error in backend: Cannot select: t37: i32 =
ARMISD::QADD8b t43, t44" when compiling sys/dev/sound/pcm/feeder_mixer.c
for armv5. For some reason we do not encounter this on head, but this
error popped up while building universes for stable/12.

MFC after:	3 days
2020-04-26 19:17:45 +00:00
philip
5e8f103011 Import tzdata 2020a
Changes: https://github.com/eggert/tz/blob/2020a/NEWS

MFC after:	3 days
2020-04-24 05:05:58 +00:00
vangyzen
9cea565ffa Update jemalloc to version 5.2.1
Revert r354606 to restore r354605.

Apply one line from jemalloc commit d01b425e5d1e1 in hash_x86_128()
to fix the build with gcc, which only allows a fallthrough attribute
to appear before a case or default label.

Submitted by:	jasone in r354605
Discussed with:	jasone
Reviewed by:	bdrewery
MFC after:	never, due to gcc 4.2.1
Relnotes:	yes
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D24522
2020-04-23 23:57:43 +00:00
cy
03ffd71cfd Fix PowerPC segfault.
The segfault fix was originally developed by our upstream, sqlite.org,
to address S/390 and Sparc segfaults, both of which are big endian.
Our PowerPC is also big endian, which this patch also fixes.

Reported by:	Mark Millard <marklmi at yahoo.com>
Tested by:	Mark Millard <marklmi at yahoo.com>
Obtained from:	https://www.sqlite.org/src/vinfo/04885763c4cd00cb?diff=1
		https://sqlite.org/forum/forumpost/672291a5b2
MFC after:	1 month
X-MFC with:	r360221, 360221
2020-04-23 14:08:40 +00:00
cy
9c7ac33549 MFV r360158:
Update sqlite3-3.31.0 (3310000) --> sqlite3-3.31.1 (3310100)

Tested by:	Mark Millard <marklmi at yahoo.com>
		With to be committed PowerPC patch
MFC after:	1 month
X-MFC with:	r360221
2020-04-23 13:58:11 +00:00
cy
355146b1cd In preparation for update to sqlite3-3.31.1 (3310100),
recommit r357201: MFV r357163, which was reverted by r357522
due to segfault under PowerPc.

Update sqlite3-3.30.1 (3300100) --> sqlite3-3.31.0 (3310000)

MFC after:	1 month
2020-04-23 13:46:34 +00:00
emaste
88fbc7dd20 blacklistd.8: fix db file path
PR:		245781
Submitted by:	Jose Luis Duran
MFC after:	3 days
2020-04-21 13:30:00 +00:00