Commit Graph

20929 Commits

Author SHA1 Message Date
John Baldwin
99282790b7 Remove the sed hack for ABI tag notes.
The ELF notes compiled in C were placed in a section with the wrong type
(SHT_PROGBITS instead of SHT_NOTE).  Previously, sed was used on the
generated assembly to rewrite the section type.  Instead, write the notes
in assembly which permits setting the correct section type directly.

While here, move inline assembly entry points out of C and into assembly
for aarch64, arm, and riscv.

Reviewed by:	kib
Tested on:	amd64 (cirrus-ci), riscv64
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D25211
2020-06-15 19:38:48 +00:00
Gordon Bergling
e0f7c06de2 libc manpages: various improvements from NetBSD
- Add STANDARDS and HISTORY sections within the appropriate manpages
- Mention two USENIX papers within kqueue(2) and strlcpy(3)

Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
Obtained from:	NetBSD
MFC after:	7 days
Differential Revision: https://reviews.freebsd.org/D24650
2020-06-14 05:59:30 +00:00
Gordon Bergling
bc89b58def libutil: Document function HISTORY within the manpages
Reviewed by:	bcr (mentor)
Approved by:	bcr (mentor)
MFC after:	7 days
Differential Revision:	https://reviews.freebsd.org/D24795
2020-06-14 05:35:02 +00:00
Konstantin Belousov
6cf8fba381 procctl(2): document PROC_KPTI
Reviewed by:	bcr
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25258
2020-06-13 18:19:42 +00:00
Konstantin Belousov
7e54fea1d1 procctl(2): consistently refer to the data pointer as 'data'.
Reviewed by:	bcr
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25258
2020-06-13 18:18:34 +00:00
Simon J. Gerraty
3e6e3de0aa verify_pcr_export: bump kenv_mvallen if needed
The loader.ve.hashed list can easily exceed KENV_MVALLEN.
If so, bump kenv_mvallen to a multiple of KENV_MVALLEN to
accommodate the value.

Reviewed by:	stevek
MFC after:	1 week
2020-06-12 21:55:30 +00:00
Kyle Evans
ebff66b3c3 posix_spawn: fix for some custom allocator setups
libc cannot assume that aligned_alloc and free come from jemalloc, or that
any application providing its own malloc and free is actually providing
aligned_alloc.

Switch back to malloc and just make sure we're passing a properly aligned
stack into rfork_thread, as an application perhaps can't reasonably replace
just malloc or just free without headaches.

This unbreaks ksh93 after r361996, which provides malloc/free but no
aligned_alloc.

Reported by:	freqlabs
Diagnosed by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
X-MFC-With:	r361996
2020-06-12 18:13:32 +00:00
Konstantin Belousov
2ef84b7da9 Add pthread_getname_np() and pthread_setname_np() aliases for
pthread_get_name_np() and pthread_set_name_np().

This re-applies r361770 after compatibility fixes.

Reviewed by:	antoine, jkim, markj
Tested by:	antoine (exp-run)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25117
2020-06-10 22:13:24 +00:00
Kyle Evans
1849fbb0b1 Add missing shell script from r361995
Pointy hat:	kevans
Reported by:	rpokala
X-MFC-With:	r361995
2020-06-10 03:04:36 +00:00
Kyle Evans
f0fbdf1f4f execvPe: obviate the need for potentially large stack allocations
Some environments in which execvPe may be called have a limited amount of
stack available. Currently, it avoidably allocates a segment on the stack
large enough to hold PATH so that it may be mutated and use strsep() for
easy parsing. This logic is now rewritten to just operate on the immutable
string passed in and do the necessary math to extract individual paths,
since it will be copying out those segments to another buffer anyways and
piecing them together with the name for a full path.

Additional size is also needed for the stack in posix_spawnp(), because it
may need to push all of argv to the stack and rebuild the command with sh in
front of it. We'll make sure it's properly aligned for the new thread, but
future work should likely make rfork_thread a little easier to use by
ensuring proper alignment.

Some trivial cleanup has been done with a couple of error writes, moving
strings into char arrays for use with the less fragile sizeof().

Reported by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
Reviewed by:	jilles, kib, Andrew Gierth
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25038
2020-06-10 01:32:13 +00:00
Kyle Evans
301cb491ea execvp: fix up the ENOEXEC fallback
If execve fails with ENOEXEC, execvp is expected to rebuild the command
with /bin/sh instead and try again.

The previous version did this, but overlooked two details:

argv[0] can conceivably be NULL, in which case memp would never get
terminated.  We must allocate no less than three * sizeof(char *) so we can
properly terminate at all times. For the non-NULL argv standard case, we
count all the non-NULL elements and actually skip the first argument, so we
end up capturing the NULL terminator in our bcopy().

The second detail is that the spec is actually worded such that we should
have been preserving argv[0] as passed to execvp:

"[...] executed command shall be as if the process invoked the sh utility
using execl() as follows:

execl(<shell path>, arg0, file, arg1, ..., (char *)0);

where <shell path> is an unspecified pathname for the sh utility, file is
the process image file, and for execvp(), where arg0, arg1, and so on
correspond to the values passed to execvp() in argv[0], argv[1], and so on."

So we make this change at this time as well, while we're already touching
it. We decidedly can't preserve a NULL argv[0] as this would be incredibly,
incredibly fragile, so we retain our legacy behavior of using "sh" for
argv[] in this specific instance.

Some light tests are added to try and detect some components of handling the
ENOEXEC fallback; posix_spawnp_enoexec_fallback_null_argv0 is likely not
100% reliable, but it at least won't raise false-alarms and it did result in
useful failures with pre-change libc on my machine.

This is a secondary change in D25038.

Reported by:	Andrew Gierth <andrew_tao173.riddles.org.uk>
Reviewed by:	jilles, kib, Andrew Gierth
MFC after:	1 week
2020-06-10 01:30:37 +00:00
Kyle Evans
04391da364 libusb: improve compatibility
Specifically, add LIBUSB_CLASS_PHYSICAL and the libusb_has_capability API.
Descriptions and functionality for these derived from the
documentation at [0].  The current set of capabilities are all supported by
libusb.

These were detected as missing after updating net/freerdp to 2.1.1, which
attempted to use both.

[0] http://libusb.sourceforge.net/api-1.0/group__libusb__misc.html

Reviewed by:	hselasky
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D25194
2020-06-09 17:17:43 +00:00
Ed Maste
24ed6f550a Rename skein_block_asm.s to .S and assemble using Clang IAS
Comparing the object files produced by GNU as 2.17.50 and Clang IAS
shows many immaterial changes in strtab etc., and one material change
in .text:

   1bac:  4c 8b 4f 18             mov    0x18(%rdi),%r9
   1bb0:  eb 0e                   jmp    1bc0 <Skein1024_block_loop>
-  1bb2:  66 66 2e 0f 1f 84 00    data16 nopw %cs:0x0(%rax,%rax,1)
-  1bb9:  00 00 00 00
-  1bbd:  0f 1f 00                nopl   (%rax)
+  1bb2:  66 2e 0f 1f 84 00 00    nopw   %cs:0x0(%rax,%rax,1)
+  1bb9:  00 00 00
+  1bbc:  0f 1f 40 00             nopl   0x0(%rax)

 0000000000001bc0 <Skein1024_block_loop>:
 Skein1024_block_loop():
   1bc0:  4c 8b 47 10             mov    0x10(%rdi),%r8
   1bc4:  4c 03 85 c0 00 00 00    add    0xc0(%rbp),%r8

That is, GNU as and Clang's integrated assembler use different multi-
byte NOPs for alignment (GNU as emits an 11 byte NOP + a 3 byte NOP,
while Clang IAS emits a 10 byte NOP + a 4 byte NOP).

Dependency cleanup hacks are not required, because we do not create
.depend files from GNU as.

Reviewed by:	allanjude, arichardson, cem, tsoome
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D8434
2020-06-06 00:35:41 +00:00
Ed Maste
f2b8688664 Also pass SKEIN_USE_ASM to the assembler, via AFLAGS 2020-06-05 18:56:43 +00:00
Mark Johnston
13776bf736 librtld_db: Handle anonymous mappings below the first file mapping.
r360979 erroneously assumed that the lowest mapping in an address space
would be a file mapping, but of course this is not true in general.

Reported and tested by:	Frederic Chardon <chardon.frederic@gmail.com>
MFC after:	3 days
2020-06-05 18:44:14 +00:00
Ed Maste
310e81aede Apply C SKEIN_LOOP setting only to skein_block.c
Otherwise if assembling skein_block_asm.s with Clang's integrated assembler
we can pass conflicting SKEIN_LOOP settings (via CFLAGS and ACFLAGS).
2020-06-05 17:00:38 +00:00
Alex Richardson
3fe733f375 csu: Avoid additional nops in the MIPS INIT_CALL_SEQ macro
Since we had a .set reorder, the nop after the "jal" was being placed after
the delay slot, resulting in two nops.
While changing this code also guard the .set noreorder with .set push/pop
and use $zero as the cpsetup save register since we don't need to save $gp.

Reviewed By:	jhb
Differential Revision: https://reviews.freebsd.org/D25025
2020-06-05 08:46:55 +00:00
Alex Richardson
652f26f9c5 Avoid using non-portable dd status=none flag
Copying the approach chosen in r309412. This fixes building the libc tests
on a macOS host since the macOS /bin/dd binary does not support status=none.

As there only seem to be two uses, this commit changes the two Makefiles.
If this becomes more common, we could also add a wrapper bootstrap script
that ignores status= and forwards the remaining args to the real dd.
Another alternative would be to remove the status flag and pipe stderr to
/dev/null, but them we lose error messages.

Reviewed By:	brooks
Differential Revision: https://reviews.freebsd.org/D24785
2020-06-05 08:46:50 +00:00
Hans Petter Selasky
eff8154913 USB HID descriptors may push/pop the current state to allow
description of items residing in a so-called union. FreeBSD currently
only supports 4 such pop levels.

If the push level is not restored within the processing of the same
HID item, an invalid memory location may be used for subsequent HID
item processing.

Verify that the push level is always valid when processing HID items.

Reported by:	Andy Nguyen (Google)
MFC after:	3 days
Sponsored by:	Mellanox Technologies
2020-06-05 07:57:16 +00:00
John Baldwin
00a4311adc Refer to AES-CBC as "aes-cbc" rather than "rijndael-cbc" for IPsec.
At this point, AES is the more common name for Rijndael128.  setkey(8)
will still accept the old name, and old constants remain for
compatiblity.

Reviewed by:	cem, bcr (manpages)
MFC after:	2 weeks
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D24964
2020-06-04 22:58:37 +00:00
Kyle Evans
63619b6dba vfs: add restrictions to read(2) of a directory [2/2]
This commit adds the priv(9) that waters down the sysctl to make it only
allow read(2) of a dirfd by the system root. Jailed root is not allowed, but
jail policy and superuser policy will abstain from allowing/denying it so
that a MAC module can fully control the policy.

Such a MAC module has been written, and can be found at:
https://people.freebsd.org/~kevans/mac_read_dir-0.1.0.tar.gz

It is expected that the MAC module won't be needed by many, as most only
need to do such diagnostics that require this behavior as system root
anyways. Interested parties are welcome to grab the MAC module above and
create a port or locally integrate it, and with enough support it could see
introduction to base. As noted in mac_read_dir.c, it is released under the
BSD 2 clause license and allows the restrictions to be lifted for only
jailed root or for all unprivileged users.

PR:		246412
Reviewed by:	mckusick, kib, emaste, jilles, cy, phk, imp (all previous)
Reviewed by:	rgrimes (latest version)
Differential Revision:	https://reviews.freebsd.org/D24596
2020-06-04 18:17:25 +00:00
Kyle Evans
dcef4f65ae vfs: add restrictions to read(2) of a directory [1/2]
Historically, we've allowed read() of a directory and some filesystems will
accommodate (e.g. ufs/ffs, msdosfs). From the history department staffed by
Warner: <<EOF

pdp-7 unix seemed to allow reading directories, but they were weird, special
things there so I'm unsure (my pdp-7 assembler sucks).

1st Edition's sources are lost, mostly. The kernel allows it. The
reconstructed sources from 2nd or 3rd edition read it though.

V6 to V7 changed the filesystem format, and should have been a warning, but
reading directories weren't materially changed.

4.1b BSD introduced readdir because of UFS. UFS broke all directory reading
programs in 1983. ls, du, find, etc all had to be rewritten. readdir() and
friends were introduced here.

SysVr3 picked up readdir() in 1987 for the AT&T fork of Unix. SysVr4 updated
all the directory reading programs in 1988 because different filesystem
types were introduced.

In the 90s, these interfaces became completely ubiquitous as PDP-11s running
V7 faded from view and all the folks that initially started on V7 upgraded
to SysV. Linux never supported this (though I've not done the software
archeology to check) because it has always had a pathological diversity of
filesystems.
EOF

Disallowing read(2) on a directory has the side-effect of masking
application bugs from relying on other implementation's behavior
(e.g. Linux) of rejecting these with EISDIR across the board, but allowing
it has been a vector for at least one stack disclosure bug in the past[0].

By POSIX, this is implementation-defined whether read() handles directories
or not. Popular implementations have chosen to reject them, and this seems
sensible: the data you're reading from a directory is not structured in some
unified way across filesystem implementations like with readdir(2), so it is
impossible for applications to portably rely on this.

With this patch, we will reject most read(2) of a dirfd with EISDIR. Users
that know what they're doing can conscientiously set
bsd.security.allow_read_dir=1 to allow read(2) of directories, as it has
proven useful for debugging or recovery. A future commit will further limit
the sysctl to allow only the system root to read(2) directories, to make it
at least relatively safe to leave on for longer periods of time.

While we're adding logic pertaining to directory vnodes to vn_io_fault, an
additional assertion has also been added to ensure that we're not reaching
vn_io_fault with any write request on a directory vnode. Such request would
be a logical error in the kernel, and must be debugged rather than allowing
it to potentially silently error out.

Commented out shell aliases have been placed in root's chsrc/shrc to promote
awareness that grep may become noisy after this change, depending on your
usage.

A tentative MFC plan has been put together to try and make it as trivial as
possible to identify issues and collect reports; note that this will be
strongly re-evaluated. Tentatively, I will MFC this knob with the default as
it is in HEAD to improve our odds of actually getting reports. The future
priv(9) to further restrict the sysctl WILL NOT BE MERGED BACK, so the knob
will be a faithful reversion on stable/12. We will go into the merge
acknowledging that the sysctl default may be flipped back to restore
historical behavior at *any* point if it's warranted.

[0] https://www.freebsd.org/security/advisories/FreeBSD-SA-19:10.ufs.asc

PR:		246412
Reviewed by:	mckusick, kib, emaste, jilles, cy, phk, imp (all previous)
Reviewed by:	rgrimes (latest version)
MFC after:	1 month (note the MFC plan mentioned above)
Relnotes:	absolutely, but will amend previous RELNOTES entry
Differential Revision:	https://reviews.freebsd.org/D24596
2020-06-04 18:09:55 +00:00
Konstantin Belousov
064c283d65 Revert r361770 "Add pthread_getname_np() and pthread_setname_np() aliases" for now.
It is not compatible enough with Linux.

Requested by:	antoine, jkim
Sponsored by:	The FreeBSD Foundation
2020-06-04 09:06:03 +00:00
Konstantin Belousov
9bed49fea4 Add pthread_getname_np() and pthread_setname_np() aliases
for pthread_get_name_np() and pthread_set_name_np(), to be
compatible with Linux.

PR:	238404
Proposed and reviewed by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D25117
2020-06-03 20:54:36 +00:00
Ed Maste
3f65edb369 mmap.2: correct prot argument terminology
One of the error descriptions referred to permissions; in context the
meaning was probably clear, but the prot values are properly called
protections.

MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2020-06-03 20:42:52 +00:00
John Baldwin
ae84ff9c47 Document SO_NO_OFFLOADS and SO_NO_DDP.
Reviewed by:	bcr, np
MFC after:	1 week
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D25043
2020-06-03 18:59:31 +00:00
Mark Johnston
c78e42e207 cap_fileargs: Fix a descriptor leak in the service process.
The service handler for fileargs_open() tries to pre-open multiple files
and pass descriptors for each back to the sandboxed process in a single
message.  This is to amortize the cost of round-trips between the two
processes.

The service process adds a "cache" nvlist to the reply to "open",
containing file descriptors for pre-opened files.  However, when adding
that nvlist to the reply, it was making a copy, effectively leaking the
cached descriptors.

While here, fix spelling in a local variable name.

PR:		241226
Reviewed by:	oshogbo
MFC after:	3 days
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D25095
2020-06-01 15:32:13 +00:00
Tijl Coosemans
3eee8f1cbb Fix installation of libxo encoder modules.
Because the install location was hardcoded in the Makefile as
/usr/lib/libxo/encoder, the lib32 version was installed over the native
version.  Replace /usr/lib with ${LIBDIR}.

Also define SHLIB_NAME instead of LIB + FILES.  This prevents building a
static library.

MFC after:	2 weeks
2020-05-31 17:20:17 +00:00
Ed Maste
c5ea81f7a6 rename in-tree libevent v1 to libevent1
r316063 installed pf's embedded libevent as a private lib, with headers
in /usr/include/private/event.  Unfortunately we also have a copy of
libevent v2 included in ntp, which needed to be updated for compatibility
with OpenSSL 1.1.

As unadorned 'libevent' generally refers to libevent v2, be explicit that
this one is libevent v1.

Reviewed by:	vangyzen (earlier)
Differential Revision:	https://reviews.freebsd.org/D17275
2020-05-28 22:05:50 +00:00
Rick Macklem
6f05ed08c2 Add an entry to Symbol.map for the rpctls_syscall added by r361599.
Reviewed by:	brooks
Differential Revision:	https://reviews.freebsd.org/D24949
2020-05-28 21:26:26 +00:00
Eric van Gyzen
1add7d0f8d libifconfig: remove redundant NULL check
Submitted by:	Puneeth_kumar.Jothaiah@emc.com
Reported by:	Coverity
Sponsored by:	Dell EMC Isilon
2020-05-27 18:26:10 +00:00
Andriy Gapon
56e8cb87c6 libprocstat: try to fix fallout from r361363
The revision caused libprocstat to have two undefined symbols:
- __start_set_pcpu
- __stop_set_pcpu
probably because of __GLOBL() used in sys/pcpu.h under _KERNEL.
The symbols are not accessed by anything and the linker in base does not
complain about them, but some ports are failing to build.
Hack around the problem by providing definitions for those symbols.

Probably there is a better solution, but I could not think of it yet.

Reported by:	zeising
MFC after:	3 days
X-MFC with:	r361363
Sponsored by:	Panzura
2020-05-24 14:54:21 +00:00
Conrad Meyer
37f1f2684f Update to Zstandard 1.4.5
As usual, the full release notes are found on Github:

  https://github.com/facebook/zstd/releases/tag/v1.4.5

Notable changes include:

* Improved decompress performance on amd64 and arm (5-10%
  and 15-50%, respectively).
* '--patch-from' zstd(1) CLI option, which provides something like a very fast
  version of bspatch(1) with slightly worse compression.  See release notes.

In this update, I dropped the 3-year old -O0 workaround for an LLVM ARM bug;
the bug was fixed in LLVM SVN in 2017, but we didn't remove this workaround
from our tree until now.

MFC after:	I won't, but feel free
Relnotes:	yes
2020-05-23 21:23:46 +00:00
Conrad Meyer
bc64b5ce19 Import Zstd 1.4.5 2020-05-23 20:37:33 +00:00
Dimitry Andric
d65cd7a57b Merge llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and openmp
llvmorg-10.0.1-rc1-0-gf79cd71e145 (aka 10.0.1 rc1).

MFC after:	3 weeks
2020-05-23 10:32:18 +00:00
Konstantin Belousov
c8ad15b6ff Implement Solaris-like link_map l_refname member.
The implementation is based on the public documentation, in particular
dlinfo(3) from Solaris.

Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2020-05-22 17:52:09 +00:00
Andriy Gapon
8a719b0cee libprocstat: fix ZFS support
First of all, znode_phys_t hasn't been used for storing file attributes
for a long time now.  Modern ZFS versions use a System Attribute table
with a flexible layout.  But more importantly all the required
information is available in znode_t itself.

It's not easy to include zfs_znode.h in userland without breaking code
because the most interesting parts of the header are kernel-only. And
hardcoding field offsets is too fragile.  So, I created a new
compilation unit that includes zfs_znode.h using some mild kludges to
get it and its dependencies to compile in userland.  The compilation
unit exports interesting field offsets and does not have any other code.

PR:		194117
Reviewed by:	markj
MFC after:	2 weeks
Sponsored by:	Panzura
Differential Revision: https://reviews.freebsd.org/D24941
2020-05-22 11:20:23 +00:00
Konstantin Belousov
d0ca9a7fe4 Restore the binary compatibility for link_map l_addr.
Keep link_map l_addr binary layout compatible, rename l_addr to l_base
where rtld returns map base.  Provide relocbase in newly added l_addr.

This effectively reverts the patch to the initial version of D24918.

Reported by: antoine (portmgr)
Reviewed by:	jhb, markj
Tested by:	markj
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D24946
2020-05-21 22:24:23 +00:00
Cy Schubert
091e9e469b MFV r361322:
Update unbound 1.9.6 --> 1.10.1.

Bug Fixes:
 - CVE-2020-12662 Unbound can be tricked into amplifying an incoming
   query into a large number of queries directed to a target.
 - CVE-2020-12663 Malformed answers from upstream name servers can be
   used to make Unbound unresponsive.

Reported by:	emaste
MFC after:	3 days
Relnotes:	yes
Security:	CVE-2020-12662, CVE-2020-12663
2020-05-21 21:00:46 +00:00
Andriy Gapon
e165a15b5f libprocstat: fix reading of file descriptor table via kvm
This seems to have been broken since r247602 (from year 2013!).
Can be easily tested with
  fstat -N /boot/kernel/kernel -M /var/crash/vmcore.last

MFC after:	1 week
Sponsored by:	Panzura
2020-05-21 13:46:30 +00:00
Ryan Moeller
245bfd34da Deduplicate fsid comparisons
Comparing fsid_t objects requires internal knowledge of the fsid structure
and yet this is duplicated across a number of places in the code.

Simplify by creating a fsidcmp function (macro).

Reviewed by:	mjg, rmacklem
Approved by:	mav (mentor)
MFC after:	1 week
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D24749
2020-05-21 01:55:35 +00:00
Konstantin Belousov
2c6d9dc0bb Change the samantic of struct link_map l_addr member.
It previously returned the object map base address, while all other
ELF operating systems return load offset, i.e. the difference between
map base and the link base.

Explain the meaning of the field in the man page.

Stop filling the mips-only l_offs member, which is apparently unused.

PR:	246561
Requested by:	Damjan Jovanovic <damjan.jov@gmail.com>
Reviewed by:	emaste, jhb, cem (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D24918
2020-05-20 22:08:26 +00:00
Martin Matuska
de6fa6b43b MFV r361280:
Update libarchive to 3.4.3

Relevant vendor changes:
  PR #1352: support negative zstd compression levels
  PR #1359: improve zstd version checking
  PR #1348: support RHT.security.selinux from GNU tar
  PR #1357: support for archives compressed with pzstd
  PR #1367: fix issues in acl tests
  PR #1372: child handling cleanup
  PR #1378: fix memory leak from passphrase callback
2020-05-20 20:58:48 +00:00
Benedict Reuschling
d50ff7de21 Fix a typo: argments -> arguments
PR:		243294
Submitted by:	Igor Ostapenko
MFC after:	5 days
2020-05-19 11:05:27 +00:00
Kyle Evans
880ff10ba9 procctl(2): correct a minor cut-n-pasto
This is clearly describing PROC_PROTMAX_FORCE_DISABLE, rather than
PROC_ASL_FORCE_DISABLE.

Submitted by:	sigsys@gmail.com
2020-05-16 04:52:29 +00:00
Ed Maste
65a1d63665 libalias: retire cuseeme support
The CU-SeeMe videoconferencing client and associated protocol is at this
point a historical artifact; there is no need to retain support for this
protocol today.

Reviewed by:	philip, markj, allanjude
Relnotes:	Yes
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D24790
2020-05-16 02:29:10 +00:00
Conrad Meyer
8a68ae80f6 vmm(4), bhyve(8): Expose kernel-emulated special devices to userspace
Expose the special kernel LAPIC, IOAPIC, and HPET devices to userspace
for use in, e.g., fallback instruction emulation (when userspace has a
newer instruction decode/emulation layer than the kernel vmm(4)).

Plumb the ioctl through libvmmapi and register the memory ranges in
bhyve(8).

Reviewed by:	grehan
Differential Revision:	https://reviews.freebsd.org/D24525
2020-05-15 15:54:22 +00:00
Benedict Reuschling
44318fb2f9 Fix SYNPOSIS section to point to the proper include directive.
netgraph(3) points to #include <netgraph/netgraph.h>, which is kernel only.
The man page refers to the user-space part of the netgraph module, which is
located in <netgraph.h>.

Submitted by:	lutz_donnerhacke.de
Approved by:	bcr
Differential Revision:	https://reviews.freebsd.org/D23814
2020-05-15 12:04:39 +00:00
Konstantin Belousov
1659238a0c Implement RTLD_DEEPBIND.
PR:	246462
Tested by:	Martin Birgmeier <d8zNeCFG@aon.at>
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D24841
2020-05-15 11:58:01 +00:00
Konstantin Belousov
dcc6ef1644 Add memalign(3), mostly for glibc compatibility.
Reviewed by:	emaste, imp (previous version)
Sponsored by:	The FreeBSD Foundation
MFC after:	2 weeks
Differential revision:	https://reviews.freebsd.org/D24307
2020-05-14 21:12:08 +00:00