__FreeBSD_version is recorded in *crt1.o and crti.o via crtbrand.o. Add
an explicit dependency to pick up __FreeBSD_version bumps.
Additional changes are required to fully plumb *crt1.o dependencies
through the build.
Reported by: bapt
Reviewed by: bapt
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43417
(cherry picked from commit ed3563b0ac31d854bf907d4d847ac0195ec9637b)
If the caller didn't use jailparam_import() to fetch the parameter
value, an attempt to export it will trigger a segfault. Make it a bit
easier to figure out what's happening in this situation.
PR: 276809
Reviewed by: jamie
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43732
(cherry picked from commit dfabf3efaa795e657f3858b7e2d0b11f8a51ecb5)
Otherwise the lock upgrade performed by rtld's load_filtees() can result
in infinite recursion, wherein:
1. _rtld_bind() acquires the bind read lock,
2. the source DSO's filtees haven't been loaded yet, so the lock upgrade
in load_filtees() cause rtld to jump to _rtld_bind() and release the
bind lock,
3. _thr_rtld_lock_release() calls _thr_ast(), which calls thr_wake(),
which hasn't been resolved yet,
4. _rtld_bind() acquires the bind read lock in order to resolve
thr_wake(),
5. ...
See the linked pull request for an instance of this problem arising with
libsys. That particular instance is also worked around by commit
e7951d0b04e6.
Reported by: brooks
Reviewed by: kib
Pull Request: https://github.com/freebsd/freebsd-src/pull/908
MFC after: 1 week
Sponsored by: Innovate UK
(cherry picked from commit 36f0a34ca645d49ec79d60ea7e773374ef0991ea)
This is an implementation detail which is likely to become irrelevant in
the future, as we move to not resetting the priority if the
corresponding capability is not present in the configuration file
('/etc/login.conf').
GitHub's code search and Google show no use of this public constant, and
it doesn't exist in OpenBSD and NetBSD.
So, remove this definition and its sole use in-tree.
PR: 276570 (exp-run)
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43609
(cherry picked from commit c7e645269f1c7e9872a7ccf6b72f045c55a66793)
Approved by: markj (mentor)
This public constant has not been used in-tree since 1997 (this was
noticed while working on previous commit "setusercontext(): umask: Set
it only once (in the common case)").
Since it was an implementation detail and GitHub's code search and
Google show no use of this symbol today, simply remove it.
PR: 276570 (exp-run)
Reviewed by: emaste, kib (earlier version, then part of D40344)
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43608
(cherry picked from commit e3a396eb2a029e5dc9161469735aa3f7f16845d1)
Approved by: markj (mentor)
Setting the process priority is done only when the current process'
effective UID corresponds to that for which context is to be set.
Consequently, setting priority is done with appropriate credentials and
will fail if the target user tries to raise it unduly via his
'~/.login_conf'.
PR: 271751
Reviewed by: kib, Andrew Gierth <andrew_tao173.riddles.org.uk>
Approved by: emaste (mentor)
MFC after: 3 days
Relnotes: yes
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40352
(cherry picked from commit f2a0277d3e51a6a839151eef17f466d0db2b7300)
Approved by: markj (mentor)
In preparation for setting priorities from '~/.login_conf' and to ease
reading of setusercontext().
No functional change.
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40350
(cherry picked from commit 7b94ec550ef6e7b75d608e125e9b78478197d4e7)
Approved by: markj (mentor)
Priority is reset to 0 if not explicitly specified.
While here, be more explicit about what "Initial priority (nice) level"
means and document that it is possible to set real-time or idle class'
priorities with this capability.
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40689
(cherry picked from commit aa96945e71b0f724e6ce673194d23f58d2d637d3)
Approved by: markj (mentor)
Polish the syslog messages to contain readily useful information.
Behavior of capability 'priority' is inconsistent with what is done for
all other contexts: 'umask', 'cpumask', resource limits, etc., where an
absence of capability means to inherit the value. It is currently
preserved for compatibility, but is subject to change on a future major
release.
Reviewed by: emaste, kib (older version)
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40349
(cherry picked from commit d988621b0c25209866ed5a98b1a8b20269935761)
Approved by: markj (mentor)
Column "Notes" in fact only contains default values for capabilities, so
make this clear by renaming it to "Default".
Add a small introductory text mentioning it, and what an absence of
default value means (inheritance).
PR: 271748
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40347
(cherry picked from commit 92b2c4358f57ef84f161efd8370ba4832bd9261a)
Approved by: markj (mentor)
Remove indentation by inverting the big 'if (lc)' and using 'return'.
Use explicit binary operators to produce booleans.
Reviewed by: emaste, kib, dchagin
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40346
(cherry picked from commit 771d5c93ab5a3fb1701d9706df2ce87d6a9da6f3)
Approved by: markj (mentor)
'inherit' explicitly indicates that the umask should not be changed.
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 3 days
Relnotes: yes
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40687
(cherry picked from commit c328e6c6ccaa4cdf921c16d68a2f2c5992dd3b72)
Approved by: markj (mentor)
The umask is simply left unchanged if no explicit value is specified in
the login class capabilities database.
PR: 271747
Reviewed by: emaste
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40345
(cherry picked from commit 0d1fe948d97d2d6e3708349b74cf438f9604a8d1)
Approved by: markj (mentor)
Simplify the code and make it more coherent (umask was the only context
setting not modified by setlogincontext() directly).
Preserve the current behavior of not changing the umask if none is
specified in the login class capabilities database, but without the
superfluous umask() dance. (The only exception to this is that
a special value no user is likely to input in the database now stands
for no specification.)
If some user has a 'umask' override in its '~/.login_conf', the umask
will still be set twice as before (as is the case for all other context
settings overriden in '~/.login_conf').
Log a warning in case of an invalid umask specification.
This change makes it apparent that the value of LOGIN_DEFUMASK doesn't
matter. It will be removed in a subsequent commit.
PR: 271747
Reviewed by: emaste, kib (earlier version)
Approved by: emaste
MFC after: 3 days
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40344
(cherry picked from commit e99c28e93bd4d04ff877459734e9ce06ad2335a7)
Approved by: markj (mentor)
The section INTERNET ADDRESSES describes the acceptance of dotted
values with varying number of parts in multiple bases. This applies
to inet_aton and inet_addr, but not to inet_pton. Clarify this
section by listing the functions to which this applies. Move the
description of what inet_pton accepts into this section from STANDARDS,
where it is easily missed. Rename the section to clarify that it
applies only to IPv4. (inet_pton also works with IPv6.)
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D43537
(cherry picked from commit 9231c42127bf8e47588169ecc395f57cae0e15fb)
The code in this file runs before the sanitizer can initialize its
shadow map.
Fixes: ad2fac552c ("lib/libc/amd64: add archlevel-based simd dispatch framework")
(cherry picked from commit 4dedcb1bb54cbbe8043c79ad733f966b6ffc6972)
This is another part of fixing the WITH_ASAN build. Some additional
source files had to be added to libllvm and liblldb, since the ASan
instrumentation causes symbols in those files to be referenced.
Reported by: markj
PR: 276597
MFC after: 3 days
(cherry picked from commit 5c38ea60a04199dae2c6e5db82461e7275c7def6)
We have s_fabs.c, but fabs(3) is already provided by libc due to
historical reasons, so it is not compiled into libm. When the linker
does not use --undefined-version, this leads to a complaint about the
symbol being nonexistent, so remove it from Symbol.map.
While here, adjust the comment about some functions being supplied by
libc: while it is true that all these are indeed in libc, libm still
includes its own versions of frexp(3), isnan(3), isnanf(3), and
isnanl(3).
Reported by: Steve Kargl <sgk@troutmask.apl.washington.edu>
MFC after: 3 days
(cherry picked from commit d04e03c19a8d7660ea36f62720eef9bc96b69889)
When this functionality was moved to libifconfig in 3dfbda3401,
the end of list calculation was modified for unknown reasons, practically
limiting the number of bridge member returned to (about) 102.
This patch changes the calculation back to what it was originally and
adds a unit test to verify it works as expected.
Reported by: Patrick M. Hausen (via ML)
Reviewed by: kp
Approved by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43135
(cherry picked from commit 3d36053ca6d6a17d408c8f92c504e6135dc9d8df)
Similarly as in the previous commit, using calloc() instead of malloc()
is useless here in the regular case since the subsequent call to
cpuset_getaffinify() is going to completely fill the allocated memory.
However, there is an additional complication. This function tries to
allocate memory to hold the cpuset if it previously wasn't, and does so
before the thread lock is acquired, which can fail on a bad thread ID.
In this case, it is necessary to deallocate the memory allocated in this
function so that the attributes object appears unmodified to the caller
when an error is returned. Without this, a subsequent call to
pthread_attr_getaffinity_np() would expose uninitialized memory (not
a security problem per se, since it comes from the same process) instead
of returning a full mask as it would before the failing call to
pthread_attr_get_np(). So the caller would be able to notice a change
in the state of the attributes object even if pthread_attr_get_np()
reported failure, which would be quite surprising. A similar problem
that could occur on failure of cpuset_setaffinity() has been fixed.
Finally, we shall always report memory allocation failure. This already
goes for pthread_attr_init(), so, if for nothing else, just be
consistent.
Reviewed by: emaste, kib
Approved by: emaste (mentor)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43329
(cherry picked from commit aadb4a1b3fd185d547087f6eafca6ce0b4df3291)
Approved by: markj (mentor)
Using calloc() instead of malloc() is useless here since the allocated
memory is to be wholly crushed by the memcpy() call that follows.
Suggested by: kib
Reviewed by: emaste, kib
Approved by: emaste (mentor)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D43328
(cherry picked from commit 15bb0300eeca233827a6a13cd2ed883e0034979d)
Approved by: markj (mentor)
The change of argument for sizeof() (from a type to an object) is to be
consistent with the change done for the malloc() code just above in the
preceding commit touching this file.
Consider bit flags as integers and test whether they are set with an
explicit comparison with 0.
Use an explicit flag value (PTHREAD_SCOPE_SYSTEM) in place of a variable
that has this value at point of substitution.
All other changes are straightforward.
Suggested by: kib
Reviewed by: kib
Approved by: emaste (mentor)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D43327
(cherry picked from commit 4d312aa051414ad77d3515f258230d01ad11d6dc)
Approved by: markj (mentor)
The scalar implementation is fairly simplistic and only performs
slightly better than the generic C implementation. It could be
improved by using the same algorithm as for memchr, but it would
have been a lot more complicated.
The baseline implementation is similar to timingsafe_memcmp. It's
slightly slower than memchr() due to the more complicated main
loop, but I don't think that can be significantly improved.
Tested by: developers@, exp-run
Approved by: mjg
MFC after: 1 month
MFC to: stable/14
PR: 275785
Differential Revision: https://reviews.freebsd.org/D42925
(cherry picked from commit fb197a4f7751bb4e116989e57ba7fb12a981895f)
The "values" test case is specifically crafted to detect the off-by-one
error previous discovered in the scalar strchrnul implementation.
Tested by: developers@, exp-run
Approved by: mjg
MFC after: 1 month
MFC to: stable/14
PR: 275785
Differential Revision: https://reviews.freebsd.org/D42925
(cherry picked from commit 691ff1832e09a6ccbc8f5b04c88cafc7452b3ce6)
POSIX.1-2004 and the upcoming C23 agree that memccpy()'s arguments
are restrict qualified and must not overlap. In 2002, restrict
qualifiers were added to <string.h>'s declaration of the function.
Make things official and document that the arguments must not
overlap.
See also: 61b60edfd3
Approved by: kib
MFC after: 1 month
MFC to: stable/14
(cherry picked from commit e0d4f419ac41aa91b862f3ceadc32a86abf08572)
Based on the strlcpy code from D42863, this patch adds a SIMD-enhanced
implementation of memccpy for amd64. A scalar implementation calling
into memchr and memcpy to do the job is provided, too.
Please note that this code does not behave exactly the same as the C
implementation of memccpy for overlapping inputs. However, overlapping
inputs are not allowed for this function by ISO/IEC 9899:1999 and neither
has the C implementation any code to deal with the possibility. It just
proceeds byte-by-byte, which may or may not do the expected thing for
some overlaps. We do not document whether overlapping inputs are
supported in memccpy(3).
Tested by: developers@, exp-run
Approved by: mjg
MFC after: 1 month
MFC to: stable/14
PR: 275785
Differential Revision: https://reviews.freebsd.org/D42902
(cherry picked from commit fc0e38a7a67a6d43095efb00cf19ee5f95dcf710)
