This effectively reverts r124752.
There's no reason this should be different. It resulted in needing NO_PIE in
the original opt-out NO_PIE commit as this was not using the proper framework.
Reported by: peter
1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
where it never would work anyhow, such as csu or loader. This suggests
there may be better ways of adding support to the tree. Many of these
cases can be fixed such that -fPIE will work but there is really no
reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
really building libraries but have been using bsd.prog.mk because the code
is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
been needed.
We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.
Reported by: kib
By Richard Earnshaw at ARM
>
>GCC has for a number of years provides a set of pre-defined macros for
>use with determining the ISA and features of the target during
>pre-processing. However, the design was always somewhat cumbersome in
>that each new architecture revision created a new define and then
>removed the previous one. This meant that it was necessary to keep
>updating the support code simply to recognise a new architecture being
>added.
>
>The ACLE specification (ARM C Language Extentions)
>(http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.set.swdev/index.html)
>provides a much more suitable interface and GCC has supported this
>since gcc-4.8.
>
>This patch makes use of the ACLE pre-defines to map to the internal
>feature definitions. To support older versions of GCC a compatibility
>header is provided that maps the traditional pre-defines onto the new
>ACLE ones.
Stop using __FreeBSD_ARCH_armv6__ and switch to __ARM_ARCH >= 6 in the
couple of places in tree. clang already implements ACLE. Add a define
that says we implement version 1.1, even though the implementation
isn't quite complete.
socket options. This includes managing the correspoing stat counters.
Add the SCTP_DETAILED_STR_STATS kernel option to control per policy
counters on every stream. The default is off and only an aggregated
counter is available. This is sufficient for the RTCWeb usecase.
MFC after: 1 week
the whole RLIMIT_STACK-sized region of the kernel-allocated stack as
the stack of main thread.
By default, the main thread stack is clamped at 2MB (4MB on 64bit
ABIs) and the rest is used for other threads stack allocation. Since
there is no programmatic way to adjust the size of the main thread
stack, pthread_attr_setstacksize() is too late, the knob allows user
to manage the main stack size both for single-threaded and
multi-threaded processes with the rlimit.
Reported by: "Ivan A. Kosarev" <ivan@ivan-labs.com>
Tested by: dim
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Remove the .t wrappers
Rename all of the TAP test applications from test-<test> to
<test>_test to match the convention described in the TestSuite
wiki page
humanize_number_test.c:
- Fix -Wformat warnings with counter variables
- Fix minor style(9) issues:
-- Header sorting
-- Variable declaration alignment/sorting in main(..)
-- Fit the lines in <80 columns
- Fix an off by one index error in the testcase output [*]
- Remove unnecessary `extern char * optarg;` (this is already provided by
unistd.h)
Phabric: D555
Approved by: jmmv (mentor)
MFC after: 2 weeks
Obtained from: EMC / Isilon Storage Division [*]
Submitted by: Casey Peel <cpeel@isilon.com> [*]
Sponsored by: EMC / Isilon Storage Division
Many compilers may optimize away the overflow check `msg + l < msg',
where `msg' is a pointer and `l' is an integer, because pointer
overflow is undefined behavior in C.
Use a safe precondition test `l >= eom - msg' instead.
Reference:
https://android-review.googlesource.com/#/c/50570/
Requested by: pfg
Obtained from: NetBSD (CVS rev. 1.10)
and tgammal in libm. These functions are part of ISO/IEC 9899:1999
and their prototypes should have been moved into the appropriate
__ISO_C_VISIBLE >= 1999 section. After moving the prototypes,
remnants of r236148 can be removed.
PR: standards/191754
Reviewed by: bde
erroneously skip symbols that were not mangled at all. Fix this by
moving the return into the preceding if block.
While here, simplify the code by letting __cxa_demangle() allocate the
needed space for the demangled symbol. This also fixes a memory leak,
which would occur whenever __cxa_demangle() failed.
Reported by: pgj
MFC after: 3 days
Make sure everything linking to a privatelib and/or an internallib does it directly
from the OBJDIR rather than DESTDIR.
Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing
in final installation
Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to
internal/privatelib
Directly link to the .so in case of private library to avoid having to complexify
LDFLAGS.
Phabric: https://phabric.freebsd.org/D553
Reviewed by: imp, emaste
Rename all of the TAP test applications from <test> to <test>_test
to match the convention described in the TestSuite wiki page
Phabric: D538
Approved by: jmmv (mentor)
Sponsored by: EMC / Isilon Storage Division
NRSACK extension. The default will still be off, since it
it not an RFC (yet).
Changing the sysctl name will be in a separate commit.
MFC after: 1 week
option for controlling ECN on future associations and get the
status on current associations.
A simialar pattern will be used for controlling SCTP extensions in
upcoming commits.
compressed tarball, aka package. The file system assumes that the
files are layed-out in the same order as needed to allow for the
package to be streamed. As such, it does not read an entire package
into memory first.
Some properties of the file system:
o Files that start with '+' are silently skipped. These are found
in FreeBSD package files.
o Files smaller than or equal to 4KB will be cached in memory and
as such allow for some flexibility in accessing files out of
order.
o Files with the .tgz suffix are assumed to be (sub-)packages and
signal the end for a directory scan.
Obtained from: Juniper Networks, Inc.
to counteract the default behaviour of always trying each and every
file system until one succeeds, or the open fails. The problem with the
loader is that we've implemented features based on this behavior. The
handling of compressed files is a good example of this. However, it is
in general highly undesirable to not have a one-time probe (or taste
in the geom lingo), followed by something similar to a mount whenever
we (first) read from a device. Everytime we go to the same device, we
can reasonably assume it (still) has the same file system. For file
systems that need to do far more that a trivial read of a super block,
not having something similar to a mount operation is disastrous from
a performance (and thus usability) perspective.
But, again, since we've implemented features based on this stateless
approach, things can get complicated quickly if and when we want to
change this. And yet, we sometimes do need stateful behaviour.
For this reason, this change simply introduces exclusive_file_system.
When set to the fsops of the file system to use, the open call will
only try this file system. Setting it to NULL restores the default
behaviour. It's a low-cost (low-brow?) approach to provide enough
control without re-implementing the guts of the loader.
A good example of when this is useful is when we're trying to load
files out of a container (say, a software packaga) that itself lives
on a file system or is fetched over the network. While opening the
container can be done in the normal stateless manner, once it is
opened, subsequent opens should only consider the container.
Obtained from: Juniper Networks, Inc.
requires the return value of telldir() to equal the value passed to
seekdir(). The current seekdir code with SINGLEUSE enabled breaks
this case as each call to telldir() allocates a new cookie. Instead,
remove the SINGLEUSE code and change telldir() to look for an existing
cookie for the directory's current location rather than always creating
a new cookie.
CR: https://phabric.freebsd.org/D490
PR: 121656
Reviewed by: jilles
MFC after: 1 week
header with archive_crypto_private.h, and its ARCHIVE_HASH_xxx macros
were renamed to ARCHIVE_CRYPTO_xxx.
Rename these macros in lib/libarchive/config_freebsd.h, to re-enable the
hashes for libarchive again. This affects the mtree format writer, and
the xar format reader and writer modules.
This also requires changes in the library order for statically linking
rescue, otherwise ld would complain about redefined symbols. Thanks to
jkim for pointing out the solution.
Reviewed by: kientzle
MFC after: 1 week
Replace fprintf_l with fputs when output is unformatted.
Use locale_t in _conv() since it was using sprintf (now sprintf_l)
Use locale_t on _yconv() sinci it calls _conv()
Obtained from: Apple Inc. (Libc 997.90.3)
CR: D482
Reviewed by: theraven
MFC after: 1 week
after an intervening call to rewinddir() is undefined, so reclaim any
pending telldir() cookies in the directory when rewinddir() is called.
CR: D459
Reviewed by: jilles
MFC after: 1 week
true on amd64 I'm not quite positive this is the "correct" solution for
this but it does seem to compile and shut up the spew of warnings when
compiling libstand for userboot.
Add two _Static_asserts() so that in the future somebody will get a compile
failure if an architecture develops that violates the assumptions of this
code. (strongly suggested by jmg)
Change commetns to indicate int types instead of long. (noted by ian in
phabric review)
Phabric: https://phabric.freebsd.org/D443
The faulting instruction needs to be restarted when the exception handler
is done handling the fault. bhyve now does this correctly by setting
'vmexit[vcpu].inst_length' to zero so the %rip is not advanced.
A minor complication is that the fault injection APIs are used by instruction
emulation code that is shared by vmm.ko and bhyve. Thus the argument that
refers to 'struct vm *' in kernel or 'struct vmctx *' in userspace needs to
be loosely typed as a 'void *'.