MFC r335874: Cut currdev dev and path fields for ZFS on the last colon.
Previously the code cut those fields on second colon, that prevented
boot from boot environments with colon in their names. This change
moves the limitation from dev field to path, which is empty by default.
Unportable left shift reported with MKSANITIZER=yes
USE_SANITIZER=undefined:
# progress -zf ./games.tgz tar -xp -C "./" -f -
/public/src.git/usr.bin/gzip/gzip.c:2126:33: runtime error: left shift of
251 by 24 places cannot be represented in type 'int'
100%
|****************************************************************************************************************|
44500 KiB 119.69 MiB/s 00:00 ETA
Refactor the following code into something that is more clear
and fix signed integer shift, by casting all buf[] elements to
(unsigned int):
Detected on NetBSD:
# nm /usr/lib/libc.so|grep sanit
/public/src.git/lib/libc/citrus/modules/citrus_mapper_std.c:173:8:
runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
ed [Sun, 15 Jul 2018 13:50:01 +0000 (13:50 +0000)]
MFC r336060:
Allow the use of slashes in process names of RFC 3164 formatted messages.
Tools such as Postfix use slashes in process names for hierarchy
(postfix/qmgr). By allowing these slashes, syslogd is able to extract
the process name and process ID nicely, so that they can be stored in
RFC 5424 message fields.
dim [Sat, 14 Jul 2018 14:20:30 +0000 (14:20 +0000)]
MFC r335799:
Upgrade our copies of clang, llvm, lld, lldb, compiler-rt and libc++ to
6.0.1 release (upstream r335540).
Relnotes: yes
MFC r335813:
Follow-up to r335799 (llvm/clang 6.0.1 update), by regenerating various
headers with new version information defines.
MFC r335819:
More follow-up to r335799 (llvm/clang 6.0.1 update), where I forgot to
update mtree files, ObsoleteFiles and a number of other paths. Sorry
about all the breakage.
MFC: r333579
The NFSv4.1 server should return NFSERR_BACKCHANBUSY instead of NFS_OK.
When an NFSv4.1 session is busy due to a callback being in progress,
nfsrv_freesession() should return NFSERR_BACKCHANBUSY instead of NFS_OK.
The only effect this has is that the DestroySession operation will report
the failure for this case and this probably has little or no effect on a
client. Spotted by inspection and no failures related to this have been
reported.
#include <bsm/audit.h> in security/audit/audit_ioctl.h
security/audit/audit_ioctl.h uses a type from bsm/audit.h, so needs to
include it. And it needs to know the type's size, so it can't just
forward-declare.
Fix "Bad tailq" panic when auditing auditon(A_SETCLASS, ...)
Due to an oversight in r195280, auditon(A_SETCLASS, ...) would cause a tailq
element to get added to the tailq twice, resulting in a circular tailq. This
panics when INVARIANTS are on.
dab [Wed, 11 Jul 2018 14:50:06 +0000 (14:50 +0000)]
MFC r335765, r335776, r336186:
Remove potential identifier conflict in the EV_SET macro.
PR43905 pointed out a problem with the EV_SET macro if the passed
struct kevent pointer were specified with an expression with side
effects (e.g., "kevp++"). This was fixed in rS110241, but by using a
local block that defined an internal variable (named "kevp") to get
the pointer value once. This worked, but could cause issues if an
existing variable named "kevp" is in scope. To avoid that issue,
jilles@ pointed out that "C99 compound literals and designated
initializers allow doing this cleanly using a macro". This change
incorporates that suggestion, essentially verbatim from jilles@
comment on PR43905, except retaining the old definition for pre-C99 or
non-STDC (e.g., C++) compilers.
r335027:
When this code was introduced at r300829 the author forgot to add
the BSD license header that is the same as in its C header file.
Sponsored by: iXsystems Inc.
r335050:
While I was investigating CID 1194192 related with a resource leak on mrp memory
allocation, I could identify that actually we use this pointer on pci_emul.c as
well as on vga.c source file.
I have reworked the logic here to make it more readable and also add a warn to
explicit show the function where the memory allocation error could happen,
also sort headers.
MFC: r333508
Add support for the TestStateID operation to the NFSv4.1 server.
The Linux client now uses the TestStateID operation, so this patch adds
support for it to the NFSv4.1 server. The FreeBSD client never uses this
operation, so it should not be affected.
pfctl: Don't retrieve interface list if '-n' is set
If '-n' is set we don't use the list of skip interfaces, so don't retrieve it.
This fixes issues if 'pfctl -n' is used before the pf module is loaded. This
was broken by r333181.
r334307:
Simplify macros EFPRINTF and EFFLUSH. [0]
Also stdarg(3) says that each invocation of va_start() must be paired
with a corresponding invocation of va_end() in the same function. [1]
Reported by: Coverity
CID: 1194318[0] and 1194332[1]
Discussed with: jhb
Sponsored by: iXsystems Inc.
Differential Revision: https://reviews.freebsd.org/D15548
r335103:
Fix style(9) space vs tab.
Reviewed by: jhb
Sponsored by: iXsystems Inc.
Differential Revision: https://reviews.freebsd.org/D15774
r335104:
Fix style(9) space vs tab.
Reviewed by: jhb
Sponsored by: iXsystems Inc.
Differential Revision: https://reviews.freebsd.org/D15768
Remove system makefile path directives from env passed to PORTS_MODULES step
Previously, MAKESYSPATH as well as '-m' directives in MAKEFLAGS would cause
any port rebuilt during the PORTS_MODULES stage to consume system makefiles
from $(SRCROOT)/share/mk instead of those installed under /usr/share/mk.
For kernel modules that need to build against an updated src tree this
makes sense; less so for <bsd.port.mk> or any userspace library or utility
the port may also happen to install.
Before 11.0, this probably didn't matter much in practice. But the addition
of src.libnames.mk under $(SRCROOT)/share/mk in 11.0 breaks any consumer of
bsd.prog.mk and DPADD/LDADD during PORTS_MODULES.
Address the build breakage by removing MAKESYSPATH and any occurrence of
'-m' from MAKEFLAGS in the environment created for the port build.
Instead set SYSDIR so that any kmod built by the port will still consume
conf/kmod.mk from the updated src tree, assuming it uses <bsd.kmod.mk>
r329232 (by bdrewery):
ports modules: Don't leak AUTO_OBJ changes into the port builds.
This came about when r328489 made ports modules builds no longer use the
in-tree share/mk files, but didn't cleanup MAKEOBJDIR from the
environment.
This fixes "Variable OBJTOP is recursive".
r331836:
Remove MK_AUTO_OBJ from env passed to PORTS_MODULES
This fixes a failure to resolve object file paths seen when buildkernel
(which sets MK_AUTO_OBJ=yes) and installkernel (which sets MK_AUTO_OBJ=no)
are run as separate steps. r329232 partially fixed this scenario by removing
MAKEOBJDIR, but it seems the AUTO_OBJ setting also needs to be on the same
page for the build and install steps.
MFC r333004
Fix Issue with adding MultiCast Addresses. When multicast addresses are
added/deleted, the delete the multicast addresses previously programmed
in HW and reprogram the new set of multicast addresses.
Don't bail out when we find primary and secondary bootblocks miscompare.
We do not have code to fix this situation, and the mismatch does not
prevent the kernel driver from consuming the file system, and some factory
formatted SD cards seem to have a garbage backup block.
This makes the code match to its comments (replacing pfatal with pwarn).
States learned via pfsync from a peer with the same ruleset checksum were not
getting assigned to rules like they should because pfsync_in_upd() wasn't
passing the PFSYNC_SI_CKSUM flag along to pfsync_state_import.
Restore the order in which RFC 3164 messages with fac/pri are formatted.
The refactoring of the syslogd code to format messages using iovecs
slightly altered the output of syslogd by placing the facility/priority
after the hostname, as opposed to printing it right before. This change
reverts the behaviour to be consistent with how it was before.
Allow jail names (not just IDs) to be specified for: cpuset(1), ipfw(8),
sockstat(1), ugidfw(8)
These are the last of the jail-aware userland utilities that didn't work
with names.
ian [Thu, 5 Jul 2018 16:12:48 +0000 (16:12 +0000)]
MFC r333255, r333260
r333255:
Make reading imx6 gpio pins work correctly whether the pin is in open-drain
mode or not. An earlier attempt to make this work was done in r320456, by
always reading the pad status register (PSR) instead of the data register.
But it turns out the values in PSR only reflect the electrical level of an
output pin if the pad is configured with the SION (Set Input On) bit in the
pinmux config, and most output gpio pads are not configured that way.
So now a gpio read is done by returning the value from the data register,
which works right whether the pin is configured for input or output, unless
the pin has been set for OPENDRAIN mode, in which case the PSR is read
instead. For this to work, the pin must also be configured with SION turned
on in the fdt pinmux data, which is a reasonable thing to require for the
unusual case of reading an open-drain output pin.
r333260:
Properly support the GPIO_PIN_PRESET_{LOW,HIGH} options when configuring
a gpio pin. If neither of the options is specified, pre-set the pin's
output value to the pin's current input value, to achieve glitch-free
transitions to output mode on pins that are pulled up or down at reset
or via fdt pinctrl data.
Some complexity exists in these bits that isn't needed. The sysctl handler,
upon change to '2', runs through the current set of hints and sets them in
the kenv.
However, this isn't at all necessary if we're pulling hints from the kenv,
static or dynamic, as the former will get added to the latter in
init_dynamic_kenv (see: kern_environment.c). We can reduce this
configuration to just adding static_hints to the kenv if we were previously
using them.
The changes in res_find are minimal and based on the observation that once
use_kenv gets set to '1' it will never be reset to '0', and it gets set to
'1' as soon as we hit fallback mode. Later work will refactor res_find a
little bit and eliminate this now-local, because it's become clear that
there's some funkiness revolving around use_kenv=1 and it being used to
imply that we're certainly looking at the dynamic_kenv.
MFC r335509: subr_hints: Fix acpi unit hinting (at the very least)
The refactoring in r335479 overlooked the fact that the dynamic kenv can
also be switched to if hintmode == 0. This is problematic because the
checkmethod bits are only ever ran once, but it worked previously because
the use_kenv was a global state and the first lookup would enable it if
occurring after the dynamic environment has been setup.
Extending our local definition of use_kenv to include all non-STATIC
hintmodes as long as the dynamic_kenv is setup fixes this. We still have
potential issues if the dynamic kenv comes up while we're doing an anchored
search through the environment, but this is not much of a concern right now
because:
1.) The dynamic environment comes up super early in boot, just after kmem
2.) This is going to get rewritten to provide a safer mechanism for the
anchored searches, ensuring that we continue using the same environment
chain (dynamic env or static fallback) for all anchored search invocations
ian [Wed, 4 Jul 2018 14:04:23 +0000 (14:04 +0000)]
MFC r335595-r335596
r335595:
Modernize usage of "restrict" keyword in ntp.conf
It is no longer necessary to specify a -4/-6 flag on any ntp.conf
keyword. The address type is inferred from the address itself as
necessary. "restrict default" statements always apply to both address
families regardless of any -4/-6 flag that may be present.
So this change just tidies up our default config by removing the redundant
restrict -6 statement and comment, and by removing the -6 flag from the
restrict keyword that allows access from localhost.
This change was inspired by the patches provided in PRs 201803 and 210245,
and included some contrib/ntp code inspection to verify that the -4/-6
keywords are basically no-ops in all contexts now.
r335596:
Fix a comment; the ntp leaplist file is updated periodically, but not weekly
(it's only updated when a check shows it's within 30 days of expiring).
ian [Wed, 4 Jul 2018 14:01:56 +0000 (14:01 +0000)]
MFC r335575, r335786-r335787
r335575:
Use 'mv -f' in rc.d/ntpd to avoid spuriously halting the boot.
The final 'mv' to install a fetched leap-list file can fail (due to a
readonly fs, or schg flags, for example), and that leads to mv(1)
prompting the user, stopping the boot process. Instead, use mv -f
to supress the prompting, and if verbose mode is on, emit a warning
that the existing file cannot be replaced.
PR: 219255
r335786:
Rename variable ntp_tmp_leapfile to have a leading underbar, to distinguish
it from variables with similar names which are set in rc.conf. This will
make more sense as the script grows more similar-name local variables in
some upcoming changes.
r335787:
When being verbose about various leapfile versions, also mention expiration.
The expiration date is actually more of a version number than the version
date, because expiration changes twice a year, whereas the version only
changes when actual leap second events occur (except in USNO leapfiles,
which inappropriately bump the version with every expiration date change).
ian [Wed, 4 Jul 2018 13:57:49 +0000 (13:57 +0000)]
MFC r335489:
Add some words clarifying that rename(2) does nothing when the 'from' and
'to' args are the same file. Wording borrowed from POSIX.1-2017, but
the freebsd code to implement this behavior was added in 2002 (r103180).
humanize_number(3): fix math edge case in rounding large numbers
Fix for remainder overflow, when in rare cases adding remainder to divider
exceeded 1 and turned the total to 1000 in final formatting, taking up
the space for the unit character.
The fix continues the division of the original number if the above case
happens -- added the appropriate check to the for loop performing
the division. This lowers the value shown, to make it fit into the buffer
space provided (1.0M for 4+1 character buffer, as used by ls).
Add test case for the reported bug and extend test program to support
providing buffer length (ls -lh uses 5, tests hard-coded 4).
To not influence anything right now, all of these are on by default, in
situations where clang is enabled.
Selectively turning a few targets off manually should work. Turning on
only one target should work too, even if that target does not correspond
to the build architecture. (In that case, LLVM_NATIVE_ARCH will not be
defined, and you can only use the resulting clang executable for
cross-compiling.)
I performed a few measurements on one of the FreeBSD.org reference
machines, building clang from scratch, with all targets enabled, and
with only the x86 target enabled. The latter was ~12% faster in real
time (on a 32-core box), and ~14% faster in user time. For a full
buildworld the difference will probably be less pronounced, though.
envvar allows adding individual environment variables to the kernel's static
environment without the overhead of pulling in a full file. envvar in a
config looks like:
envvar some_var=5
All envvar-provided variables will be added after the env file is processed,
so envvar keys that exist in the previous env will be overwritten by
whatever value is set here in the kernel configuration directly.
As an aside, envvar lines are intentionally tokenized differently from
basically every other line. We used a named state when ENVVAR is encountered
to gobble up the rest of the line, which will later be cleaned and validated
in post-processing by sanitize_envline. This turns out to be the simplest
and cleanest way to allow the flexibility that kenv does while not
compromising on silly hacks.
r335651:
config(8): Set envmode if we accept an envvar
kp [Fri, 29 Jun 2018 16:46:19 +0000 (16:46 +0000)]
MFC r335569:
pf: Support "return" statements in passing rules when they fail.
Normally pf rules are expected to do one of two things: pass the traffic or
block it. Blocking can be silent - "drop", or loud - "return", "return-rst",
"return-icmp". Yet there is a 3rd category of traffic passing through pf:
Packets matching a "pass" rule but when applying the rule fails. This happens
when redirection table is empty or when src node or state creation fails. Such
rules always fail silently without notifying the sender.
Allow users to configure this behaviour too, so that pf returns an error packet
in these cases.
brooks [Thu, 28 Jun 2018 20:33:12 +0000 (20:33 +0000)]
MFC r335641:
Fix a stack overflow in mount_smbfs when hostname is too long.
The local hostname was blindly copied into the to the nn_name array.
When the hostname exceeded 16 bytes, it would overflow. Truncate the
hostname to 15 bytes plus a 0 terminator which is the "workstation name"
suffix.
Use defensive strlcpy() when filling nn_name in all cases.
PR: 228354
Reported by: donald.buchholz@intel.com
Reviewed by: jpaetzel, ian (prior version)
Discussed with: Security Officer (gtetlow)
Security: Stack overflow with the hostname.
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15936
ed [Thu, 28 Jun 2018 12:55:05 +0000 (12:55 +0000)]
MFC r335565:
Still parse messages that don't contain an RFC 3164 timestamp.
The changes made in r326573 required that messages always start with an
RFC 3164 timestamp. It looks like certain devices, but also certain
logging libraries (Python 3's "logging" package) simply don't generate
RFC 3164 formatted messages containing a timestamp.
Make timestamps optional again. When the timestamp is missing, also
assume that the message contains no hostname. The first word of the
message likely already belongs to the message payload.
kevans [Thu, 28 Jun 2018 01:32:37 +0000 (01:32 +0000)]
MFC r334882, r334884-r334885: loader(8) boot flag <-> environment fixes
r334882:
stand: Consolidate checking for boot flags driven by environment vars
e.g. boot_mute, boot_single, boot_verbose, and friends; we checked for these
in multiple places, consolidate into common/ and allow a setting of "NO" for
any of these to turn them off. This allows systems with multiple
loader.conf(5) or loader.conf(5) overlay systems to easily turn off
variables in later processed files by setting it to NO.
Reported by: Nick Wolff @ iXsystems
Reviewed by: imp
r334884:
stand: Fix build after r334882
Not sure how this was not caught in Universe.
r334885:
stand: One more trivial consolidation (setting environment from howto)
kevans [Wed, 27 Jun 2018 23:02:18 +0000 (23:02 +0000)]
MFC r335467: Don't remove loader.conf(5) when built WITHOUT_FORTH
The new stand/ structure installs loader.conf(5) and defaults/loader.conf
regardless of interpreter. The only thing gating installation now is
MK_BOOT.
kevans [Wed, 27 Jun 2018 21:22:48 +0000 (21:22 +0000)]
MFC r332395 (ian): Use explicit_bzero() when cleaning values out of the kenv
Sometimes the values contain geli passphrases being communicated from
loader(8) to the kernel, and some day the compiler may decide to start
eliding calls to memset() for a pointer which is not dereferenced again
before being passed to free().
kevans [Wed, 27 Jun 2018 21:13:20 +0000 (21:13 +0000)]
MFC r335458: Add debug.verbose_sysinit tunable for VERBOSE_SYSINIT
VERBOSE_SYSINIT is currently an all-or-nothing option. debug.verbose_sysinit
adds an option to have the code compiled in but quiet by default so that
getting this information from a device in the field doesn't necessarily
require distributing a recompiled kernel.
Its default is VERBOSE_SYSINIT's value as defined in the kernconf. As such,
the default behavior for simply omitting or including this option is
unchanged.
kevans [Wed, 27 Jun 2018 21:11:28 +0000 (21:11 +0000)]
MFC r335404: sort(1): Fix -m when only implicit stdin is used for input
Observe:
printf "a\nb\nc\n" > /tmp/foo
# Next command results in no output
cat /tmp/foo | sort -m
# Next command results in proper output
cat /tmp/foo | sort -m -
# Also works:
sort -m /tmp/foo
Some const'ification was done to simplify the actual solution of adding "-"
explicitly to the file list if we didn't have any file arguments left over.
kevans [Wed, 27 Jun 2018 21:03:05 +0000 (21:03 +0000)]
MFC r330086, r333155: seq(1) improvements
MFC r330086 (cem): seq(1): Consistently include 'last' for non-integers
The source of error is a rounded increment being too large and thus the loop
steps slightly past 'last'. Perform a final comparison using the formatted
string values (truncated precision) to determine if we still need to print
the 'last' value.
MFC r333155: seq(1): Move long_opts up with globals
kevans [Wed, 27 Jun 2018 21:00:09 +0000 (21:00 +0000)]
MFC r333157: cmp(1): Provide some long options
These match GNU cmp(1) for compatibility where applicable.
Future work might implement the -i option from GNU cmp(1) to express skip
either in terms of both files or of the form "SKIP1:SKIP2" rather than
specifying them as additional arguments to cmp(1).
araujo [Wed, 27 Jun 2018 03:58:02 +0000 (03:58 +0000)]
MFC r333622, r334019, r334084
r333622:
vq_getchain() can return -1 if some descriptor(s) are invalid and prints
a diagnostic message. So we do a sanity checking on the return value
of vq_getchain().
r334019:
Include atkbdc header where there are declared the prototype functions
atkbdc_event and atkbdc_init.
Sponsored by: iXsystems Inc.
r334084:
pthread_rwlock_unlock(3) returns 0 if successful, otherwise an error number
will be returned to indicate the error, so I'm applying an assert(3) to do
a sanity check of the return value.
Reported by: Coverity CID: 1391235, 1193654 and 1193651
Reviewed by: grehan
Sponsored by: iXsystems Inc.
Differential Revision: https://reviews.freebsd.org/D15533