ae [Thu, 28 Jun 2018 11:39:27 +0000 (11:39 +0000)]
Add NULL pointer check.
encap_lookup_t method can be invoked by IP encap subsytem even if none
of gif/gre/me interfaces are exist. Hash tables are allocated on demand,
when first interface is created. So, make NULL pointer check before
doing access to hash table.
kevans [Thu, 28 Jun 2018 03:37:15 +0000 (03:37 +0000)]
ifconfig(8): Attempt to render non-printable sequences w/ UTF-8 Environment
Currently ifconfig(8) only prints the hex representation of ssid names
with non-ASCII characters. Many modern terminals are able to properly render
non-ASCII characters. This change checks if the terminal charmap is UTF-8,
and if so, will render the characters, rather than the hex value.
This behavior is circumvented by running ifconfig(8) in a non-UTF8 locale;
e.g. C or POSIX.
It was pointed out by kp@ during the review that APs have the option to
broadcast whether their SSIDs may be interpreted as UTF-8. Ideally, we would
honor this and only attempt this behavior if it's so-broadcasted by the AP.
However, a sample survey showed that hostapd will advertise this if
indicated in config but it doesn't seem to be so common in the AP market, so
this would be effectively useless as we'll rarely know if the SSID should be
renderable as UTF-8.
Despite this, it was decided to be OK with this anyways- there's a
straightforward path to doing it the right way based on advertisement by AP
if we need to go that route, and one can revert to old behavior easily
enough at runtime if we get it wrong.
glebius [Wed, 27 Jun 2018 22:00:50 +0000 (22:00 +0000)]
Correct r335242. Use unsigned cast instead of abs(). Using abs() gives
incorrect result when ticks has already wrapped, and are about to reach
the cr_ticks value (cr_ticks - ticks < hz).
bdrewery [Wed, 27 Jun 2018 21:36:49 +0000 (21:36 +0000)]
Stop building intermediate .o files.
These are not used to link the final tool anymore. At some point in the past
the suffix rules changed to not link these in. The original reason for this in
r19176 is unclear but seems to be related to mkdep. The .depend handling is
still broken here as it is for all build tool patterns like this.
jhb [Wed, 27 Jun 2018 18:14:33 +0000 (18:14 +0000)]
Fix GCC 4.2.1 to honor --sysroot for includes.
- Change the C++ directory entries to honor --sysroot if it is set.
- Don't define CROSS_INCLUDE_DIR for the cross compiler. Instead, set
TARGET_SYSTEM_ROOT to point to WORLDTMP and always define
STANDARD_INCLUDE_DIR.
- Change STANDARD_INCLUDE_DIR and the C++ include directories to just
start with "/usr" always. The compiler will prepend the sysroot when
doing cross-builds. GCC_INCLUDE_DIR (which contains headers that ship
with the compiler such as intrinsincs rather than OS-supplied headers)
remains hardcoded to look in TOOLS_PREFIX.
bdrewery [Wed, 27 Jun 2018 16:58:10 +0000 (16:58 +0000)]
tinderbox: Only build clang/lld once if needed.
Need to handle LLD_BOOTSTRAP separately (for archs like i386).
This would be much better off with an off-by-default option like
SHARED_TOOLCHAIN that universe force-enabled. Then a normal buildworld
would store the toolchain there if enabled and otherwise in WORLDTMP
with only the 1 arch selected.
bdrewery [Wed, 27 Jun 2018 16:57:51 +0000 (16:57 +0000)]
Add LLVM_TARGET_ALL option.
LLVM_TARGET_* will auto be set based on LLVM_TARGET_ALL and MK_CLANG.
If LLVM_TARGET_ALL is disabled, during a cross-build, then SYSTEM_COMPILER
and SYSTEM_LINKER are auto disabled.
This option should be used by users rather than the per-arch LLVM_TARGET
options as it is simpler to maintain for them should the supported
target list change.
bdrewery [Wed, 27 Jun 2018 16:56:46 +0000 (16:56 +0000)]
Rework check for libclang_rt to see if the needed library exists.
Currently libclang_rt is not provided for cross-building and as such
is not connected to cross-tools. For building clang once in universe
it is likely that libclang_rt won't exist for the universe toolchain
but even if it did it would not support anything but the native arch.
So explicitly check for support before enabling h_raw.
emaste [Wed, 27 Jun 2018 14:45:13 +0000 (14:45 +0000)]
Split kern_break from sys_break and use it in linuxulator
Previously the linuxulator's linux_brk invoked the FreeBSD sys_break
syscall implementation directly. Instead, move the bulk of the existing
implementation to kern_break, and call that from both sys_break and
linux_brk.
This also addresses a minor bug in linux_brk in that we now return the
actual (rounded up) break address, rather than the requested value.
imp [Wed, 27 Jun 2018 04:11:09 +0000 (04:11 +0000)]
Fix devctl generation for core files.
We have a problem with vn_fullpath_global when the file exists. Work
around it by printing the full path if the core file name starts with /,
or current working directory followed by the filename if not.
stevek [Tue, 26 Jun 2018 23:19:55 +0000 (23:19 +0000)]
Revert r335402
While useful as an example, veriexecctl, as it is, has very little practical
use, since there is nothing ensuring the integrity of the manifest of hashes.
A more appropriate set of utilities will replace it.
asomers [Tue, 26 Jun 2018 20:26:57 +0000 (20:26 +0000)]
audit(4): add tests for the process-control audit class
Tested syscalls include rfork(2), chdir(2), fchdir(2), chroot(2),
getresuid(2), getresgid(2), setpriority(2), setgroups(2), setpgrp(2),
setrlimit(2), setlogin(2), mlock(2), munlock(2), minherit(2), rtprio(2),
profil(2), ktrace(2), ptrace(2), fork(2), umask(2), setuid(2), setgid(2),
seteuid(2), and setegid(2). The last six are only tested in the success
case, either because they're infalliable or a failure is difficult to cause
on-demand.
gonzo [Tue, 26 Jun 2018 18:53:52 +0000 (18:53 +0000)]
Fix file(1) dumpdate reporting for dump(8) files
Magic file for dump(8) had this dump and previous dump dates reversed.
Fix order for all three flavours of the dump(8) format.
This fix was committed to upstream repo as magic/Magdir/dump,v 1.17
and will be merged during next vendor import.
woodsb02 [Tue, 26 Jun 2018 18:07:16 +0000 (18:07 +0000)]
geli attach multiple providers
Allow attaching of multiple geli providers at once if they use same
passphrase and keyfiles.
This is helpful when the providers being attached are not used for boot,
and therefore the existing code to first try the cached password when
tasting the providers during boot does not apply.
Multiple providers with the same passphrase and keyfiles can be attached
at the same time during system start-up by adding the following to
rc.conf:
geli_groups="storage backup"
geli_storage_flags="-k /etc/geli/storage.keys"
geli_storage_devices="ada0 ada1"
geli_backup_flags="-j /etc/geli/backup.passfile -k /etc/geli/backup.keys"
geli_backup_devices="ada2 ada3"
There's no need to hold the lock since the cleaning of the interrupt
cannot happen in parallel due to the XNBF_IN_SHUTDOWN flag being set.
Note that the locking in netback needs some improvement or
clarification.
kevans [Tue, 26 Jun 2018 04:02:25 +0000 (04:02 +0000)]
config(8): Flip the order of concatenation for `hints` and `env`
As previously noted, kernel's processing of these means that the first
appearance of a hint/variable wins. Flipping the order of concatenation
means that later variables override earlier variables, as expected when one
does:
hints x
hints y
Where perhaps x is:
hint.aw_sid.0.disable=1
and y is:
hint.aw_sid.0.disable=0
The expectation would be that a later appearing variable would override an
earlier appearing variable, such as with `device`/`nodevice`, device.hints,
and other similarly structured data files.
kevans [Tue, 26 Jun 2018 03:56:10 +0000 (03:56 +0000)]
config(8): Make 'env' files consistent with other file-accepting options
Previously, only one 'env' file could be specified. Later 'env' directives
would overwrite earlier 'env' directives. This is inconsistent with every
other file-accepting directives which process files in order, including
hints.
A caveat applies to both hints and env that isn't mentioned: they're
concatenated in the order of appearance, so they're not actually applied in
the way one might think by supplying:
hints x
hints y
Hints in x will take precedence over same-name hints in y due to how
the kernel processes them, stopping at the first line that matches the hint
we're searching for. Future work will flip the order of concatenation so
that later files may still properly override earlier files.
In practice, this likely doesn't matter at all due to the nature of the
beast.
imp [Tue, 26 Jun 2018 00:39:38 +0000 (00:39 +0000)]
Use buf + strategy rather than bypassing geom_vfs layer
The reference counting that's done in the geom_vfs layer to prevent
delivery of requests to defunct devices only works if all requests go
through that layer. UFS was bypassing that layer for BIO_DELETE requests,
sending them to the geom_consumer directly with g_io_request. Allocate
a buf, fill it in, and call strategy on it instead.
andrew [Mon, 25 Jun 2018 22:36:25 +0000 (22:36 +0000)]
Make cpu_set_syscall_retval common between the existing FreeBSD ABI and
the Linuxulator. We need to translate error values onto Linux errno values
and return them to userspace when a syscall fails. We also need to preserve
x1 as all registers are preserved other than the return value.
emaste [Mon, 25 Jun 2018 20:33:04 +0000 (20:33 +0000)]
linux64: add arm64 linuxulator build details
The arm64 linuxulator needs different arguments for the objcopy
invocation used to build the linux VDSO. These arguments are both arch-
and OS-dependent, so I did not try to use some common setting for them.
brooks [Mon, 25 Jun 2018 19:55:15 +0000 (19:55 +0000)]
Normalize the g(eom,cache,part,...) build.
Rather then combining hardlink creation for the geom(8) binary with
shared library build, move libraries to src/lib/geom so they are
built and installed normally. Create a common Makefile.classes
which is included by both lib/geom/Makefile and sbin/geom/Makefile
so the symlink and libraries stay in sync.
The relocation of libraries allows libraries to be build for 32-bit
compat. This also reduces the number of non-standard builds in
the system.
This commit is not sufficent to run a 32-bit /sbin/geom on a 64-bit
system out of the box as it will look in the wrong place for libraries
unless GEOM_LIBRARY_PATH is set appropriatly in the environment.
kevans [Mon, 25 Jun 2018 17:17:47 +0000 (17:17 +0000)]
config(8): Add `envvar` support
envvar allows adding individual environment variables to the kernel's static
environment without the overhead of pulling in a full file. envvar in a
config looks like:
envvar some_var=5
All envvar-provided variables will be added after the env file is processed,
so envvar keys that exist in the previous env will be overwritten by
whatever value is set here in the kernel configuration directly.
As an aside, envvar lines are intentionally tokenized differently from
basically every other line. We used a named state when ENVVAR is encountered
to gobble up the rest of the line, which will later be cleaned and validated
in post-processing by sanitize_envline. This turns out to be the simplest
and cleanest way to allow the flexibility that kenv does while not
compromising on silly hacks.
Reviewed by: ian (also contributor of sanitize_envline rewrite)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D15962
brooks [Mon, 25 Jun 2018 16:42:49 +0000 (16:42 +0000)]
Fix a stack overflow in mount_smbfs when hostname is too long.
The local hostname was blindly copied into the to the nn_name array.
When the hostname exceeded 16 bytes, it would overflow. Truncate the
hostname to 15 bytes plus a 0 terminator which is the "workstation name"
suffix.
Use defensive strlcpy() when filling nn_name in all cases.
PR: 228354
Reported by: donald.buchholz@intel.com
Reviewed by: jpaetzel, ian (prior version)
Discussed with: Security Officer (gtetlow)
MFC after: 3 days
Security: Stack overflow with the hostname.
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D15936
kib [Mon, 25 Jun 2018 11:29:04 +0000 (11:29 +0000)]
Do not leave stray qword on top of stack for interrupts and exceptions
without error code. Doing so it mis-aligned the stack.
Since the only consumer of the SSE instructions with the alignment
requirements is AES-NI module, and since the FPU context cannot be
accessed in interrupts, the only situation where the alignment matter
are the compat32 syscalls, as reported in the PR.
PR: 229222
Reported and tested by: dewayne@heuristicsystems.com.au
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
kib [Mon, 25 Jun 2018 11:24:26 +0000 (11:24 +0000)]
Do not access ISA timer if BIOS reports that there is no legacy
devices present.
On at least one machine where it would matter since the ISA timer is
power gated when booted in the UEFI mode, BIOS still reports that the
legacy devices are present. That is, user still have to manually
disable TSC calibration on such machines. Hopefully it will be more
useful in the future.
Discussed with: Ben Widawsky <benjamin.widawsky@intel.com>
Reviewed by: royger
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D16004
MFC after: 1 week
sbruno [Sun, 24 Jun 2018 21:19:08 +0000 (21:19 +0000)]
Assuming that the intent (from the white space) is that the fprintf()
be executed in the if() conditional. If its not supposed to be printed
inside the conditional, then the braces should be removed and the extra
tabs on the fprintf() should be removed.
eadler [Sun, 24 Jun 2018 13:23:27 +0000 (13:23 +0000)]
dhclient: build with WARNS=6
- add static in a number of places
- initialize __progname rather than rely on magical extern values
- use nitems() instead of manually spelling it out
- unshadow 'idi'
- teach 'error' that it is '__dead2'
- add missing 'break'
eadler [Sun, 24 Jun 2018 05:40:42 +0000 (05:40 +0000)]
newfs: clean up warnings
- remove param: unused since r95357.
- correct definition of usage
- add explicit fallthrough notice. The existing one doesn't work with
our selection of "implicit-fallthrough" strictness.
This results in WARNS=6 building on amd64, but not other arches