diff options
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libc/tests/stdtime/Makefile | 4 | ||||
| -rw-r--r-- | lib/libc/tests/stdtime/detect_tz_changes_test.c | 118 | ||||
| -rw-r--r-- | lib/libifconfig/Makefile | 1 | ||||
| -rw-r--r-- | lib/libifconfig/libifconfig.h | 11 | ||||
| -rw-r--r-- | lib/libifconfig/libifconfig_nl.c | 72 | ||||
| -rw-r--r-- | lib/libnvmf/nvmf_tcp.c | 2 | ||||
| -rw-r--r-- | lib/libpfctl/libpfctl.c | 6 | ||||
| -rw-r--r-- | lib/libpfctl/libpfctl.h | 4 | ||||
| -rw-r--r-- | lib/libsysdecode/Makefile | 2 | ||||
| -rw-r--r-- | lib/libsysdecode/sysdecode.3 | 2 | ||||
| -rw-r--r-- | lib/libsysdecode/sysdecode_abi_to_freebsd_errno.3 | 2 | ||||
| -rw-r--r-- | lib/libsysdecode/sysdecode_syscallname.3 (renamed from lib/libsysdecode/sysdecode_syscallnames.3) | 6 | ||||
| -rw-r--r-- | lib/libutil++/Makefile | 4 | ||||
| -rw-r--r-- | lib/libutil++/freebsd__FILE_up.3 (renamed from lib/libutil++/freebsd::FILE_up.3) | 0 | ||||
| -rw-r--r-- | lib/libutil++/freebsd__addrinfo_up.3 (renamed from lib/libutil++/freebsd::addrinfo_up.3) | 0 | ||||
| -rw-r--r-- | lib/libutil++/freebsd__fd_up.3 (renamed from lib/libutil++/freebsd::fd_up.3) | 0 | ||||
| -rw-r--r-- | lib/libutil++/freebsd__malloc_up.3 (renamed from lib/libutil++/freebsd::malloc_up.3) | 0 | ||||
| -rw-r--r-- | lib/libutil++/freebsd__nvlist_up.3 (renamed from lib/libutil++/freebsd::nvlist_up.3) | 0 | ||||
| -rw-r--r-- | lib/libutil++/freebsd__pidfile.3 (renamed from lib/libutil++/freebsd::pidfile.3) | 0 | ||||
| -rw-r--r-- | lib/libutil++/freebsd__stringf.3 (renamed from lib/libutil++/freebsd::stringf.3) | 0 |
20 files changed, 206 insertions, 28 deletions
diff --git a/lib/libc/tests/stdtime/Makefile b/lib/libc/tests/stdtime/Makefile index adb883cc5b9a..6b9068e1641b 100644 --- a/lib/libc/tests/stdtime/Makefile +++ b/lib/libc/tests/stdtime/Makefile @@ -1,8 +1,10 @@ .include <src.opts.mk> ATF_TESTS_C+= strptime_test -.if ${MK_DETECT_TZ_CHANGES} != "no" ATF_TESTS_C+= detect_tz_changes_test + +.if ${MK_DETECT_TZ_CHANGES} != "no" +CFLAGS.detect_tz_changes_test+= -DDETECT_TZ_CHANGES .endif TESTSDIR:= ${TESTSBASE}/${RELDIR:C/libc\/tests/libc/} diff --git a/lib/libc/tests/stdtime/detect_tz_changes_test.c b/lib/libc/tests/stdtime/detect_tz_changes_test.c index 75f55bdede04..6648d8498cc5 100644 --- a/lib/libc/tests/stdtime/detect_tz_changes_test.c +++ b/lib/libc/tests/stdtime/detect_tz_changes_test.c @@ -4,6 +4,8 @@ * SPDX-License-Identifier: BSD-2-Clause */ +#include <sys/param.h> +#include <sys/conf.h> #include <sys/stat.h> #include <sys/wait.h> @@ -41,10 +43,6 @@ static const struct tzcase { }; static const time_t then = 1751328000; /* 2025-07-01 00:00:00 UTC */ -static const char *tz_change_interval_sym = "__tz_change_interval"; -static int *tz_change_interval_p; -static const int tz_change_interval = 3; -static int tz_change_timeout = 90; static bool debugging; @@ -72,7 +70,7 @@ change_tz(const char *tzn) ATF_REQUIRE((zfd = open(zfn, O_DIRECTORY | O_SEARCH)) >= 0); ATF_REQUIRE((sfd = openat(zfd, tzn, O_RDONLY)) >= 0); - ATF_REQUIRE((dfd = open(tfn, O_CREAT | O_TRUNC | O_WRONLY)) >= 0); + ATF_REQUIRE((dfd = open(tfn, O_CREAT | O_TRUNC | O_WRONLY, 0644)) >= 0); do { clen = copy_file_range(sfd, NULL, dfd, NULL, SSIZE_MAX, 0); ATF_REQUIRE_MSG(clen != -1, "failed to copy %s/%s: %m", @@ -85,6 +83,42 @@ change_tz(const char *tzn) debug("time zone %s installed", tzn); } +static void +test_tz(const char *expect) +{ + char buf[128]; + struct tm *tm; + size_t len; + + ATF_REQUIRE((tm = localtime(&then)) != NULL); + len = strftime(buf, sizeof(buf), "%z (%Z)", tm); + ATF_REQUIRE(len > 0); + ATF_CHECK_STREQ(expect, buf); +} + +ATF_TC(thin_jail); +ATF_TC_HEAD(thin_jail, tc) +{ + atf_tc_set_md_var(tc, "descr", "Test typical thin jail scenario"); + atf_tc_set_md_var(tc, "require.user", "root"); +} +ATF_TC_BODY(thin_jail, tc) +{ + const struct tzcase *tzcase = tzcases; + + /* prepare chroot */ + ATF_REQUIRE_EQ(0, mkdir("root", 0755)); + ATF_REQUIRE_EQ(0, mkdir("root/etc", 0755)); + change_tz(tzcase->tzfn); + /* enter chroot */ + ATF_REQUIRE_EQ(0, chroot("root")); + ATF_REQUIRE_EQ(0, chdir("/")); + /* check timezone */ + unsetenv("TZ"); + test_tz(tzcase->expect); +} + +#ifdef DETECT_TZ_CHANGES /* * Test time zone change detection. * @@ -102,6 +136,11 @@ change_tz(const char *tzn) * after we've received and discarded the first report from the child, * which should come almost immediately on startup. */ +static const char *tz_change_interval_sym = "__tz_change_interval"; +static int *tz_change_interval_p; +static const int tz_change_interval = 3; +static int tz_change_timeout = 90; + ATF_TC(detect_tz_changes); ATF_TC_HEAD(detect_tz_changes, tc) { @@ -272,6 +311,14 @@ ATF_TC_BODY(detect_tz_changes, tc) ATF_REQUIRE(WIFEXITED(status)); ATF_REQUIRE_EQ(0, WEXITSTATUS(status)); } +#endif /* DETECT_TZ_CHANGES */ + +static void +test_tz_env(const char *tzval, const char *expect) +{ + setenv("TZ", tzval, 1); + test_tz(expect); +} ATF_TC(tz_env); ATF_TC_HEAD(tz_env, tc) @@ -280,25 +327,64 @@ ATF_TC_HEAD(tz_env, tc) } ATF_TC_BODY(tz_env, tc) { - char buf[128]; - const struct tzcase *tzcase = NULL; - struct tm *tm; - size_t len; + const struct tzcase *tzcase; - for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) { - setenv("TZ", tzcase->tzfn, 1); - ATF_REQUIRE((tm = localtime(&then)) != NULL); - len = strftime(buf, sizeof(buf), "%z (%Z)", tm); - ATF_REQUIRE(len > 0); - ATF_REQUIRE_STREQ(tzcase->expect, buf); - } + for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) + test_tz_env(tzcase->tzfn, tzcase->expect); +} + +ATF_TC(setugid); +ATF_TC_HEAD(setugid, tc) +{ + atf_tc_set_md_var(tc, "descr", "Test setugid process"); + atf_tc_set_md_var(tc, "require.user", "root"); +} +ATF_TC_BODY(setugid, tc) +{ + const struct tzcase *tzcase = tzcases; + + /* prepare chroot */ + ATF_REQUIRE_EQ(0, mkdir("root", 0755)); + ATF_REQUIRE_EQ(0, mkdir("root/etc", 0755)); + change_tz(tzcase->tzfn); + /* enter chroot */ + ATF_REQUIRE_EQ(0, chroot("root")); + ATF_REQUIRE_EQ(0, chdir("/")); + /* become setugid */ + ATF_REQUIRE_EQ(0, seteuid(UID_NOBODY)); + ATF_REQUIRE(issetugid()); + /* check timezone */ + unsetenv("TZ"); + test_tz(tzcases->expect); +} + +ATF_TC(tz_env_setugid); +ATF_TC_HEAD(tz_env_setugid, tc) +{ + atf_tc_set_md_var(tc, "descr", "Test TZ environment variable " + "in setugid process"); + atf_tc_set_md_var(tc, "require.user", "root"); +} +ATF_TC_BODY(tz_env_setugid, tc) +{ + const struct tzcase *tzcase = tzcases; + + ATF_REQUIRE_EQ(0, seteuid(UID_NOBODY)); + ATF_REQUIRE(issetugid()); + for (tzcase = tzcases; tzcase->tzfn != NULL; tzcase++) + test_tz_env(tzcase->tzfn, tzcase->expect); } ATF_TP_ADD_TCS(tp) { debugging = !getenv("__RUNNING_INSIDE_ATF_RUN") && isatty(STDERR_FILENO); + ATF_TP_ADD_TC(tp, thin_jail); +#ifdef DETECT_TZ_CHANGES ATF_TP_ADD_TC(tp, detect_tz_changes); +#endif /* DETECT_TZ_CHANGES */ ATF_TP_ADD_TC(tp, tz_env); + ATF_TP_ADD_TC(tp, setugid); + ATF_TP_ADD_TC(tp, tz_env_setugid); return (atf_no_error()); } diff --git a/lib/libifconfig/Makefile b/lib/libifconfig/Makefile index fb7c659e068c..02629eb88f25 100644 --- a/lib/libifconfig/Makefile +++ b/lib/libifconfig/Makefile @@ -17,6 +17,7 @@ SRCS= libifconfig.c \ libifconfig_internal.c \ libifconfig_lagg.c \ libifconfig_media.c \ + libifconfig_nl.c \ libifconfig_sfp.c GEN= libifconfig_sfp_tables.h \ diff --git a/lib/libifconfig/libifconfig.h b/lib/libifconfig/libifconfig.h index a5ce7b375830..817f52bd094e 100644 --- a/lib/libifconfig/libifconfig.h +++ b/lib/libifconfig/libifconfig.h @@ -35,6 +35,8 @@ #include <netinet/ip_carp.h> #include <netinet6/in6_var.h> +#include <stdbool.h> + #define ND6_IFF_DEFAULTIF 0x8000 typedef enum { @@ -381,3 +383,12 @@ int ifconfig_set_vlantag(ifconfig_handle_t *h, const char *name, * length of *lenp * IFNAMSIZ bytes. */ int ifconfig_list_cloners(ifconfig_handle_t *h, char **bufp, size_t *lenp); + +/** Brings the interface up/down + * @param h An open ifconfig state object + * @param ifname The interface name + * @param up true to bring the interface up, false to bring it down + * @return 0 on success, nonzero on failure. + * On failure, the error info on the handle is set. + */ +int ifconfig_set_up(ifconfig_handle_t *h, const char *ifname, bool up); diff --git a/lib/libifconfig/libifconfig_nl.c b/lib/libifconfig/libifconfig_nl.c new file mode 100644 index 000000000000..7d9decabe26f --- /dev/null +++ b/lib/libifconfig/libifconfig_nl.c @@ -0,0 +1,72 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2025, Muhammad Saheed <saheed@FreeBSD.org> + */ + +#include <netlink/netlink.h> +#include <netlink/netlink_snl.h> +#include <netlink/route/common.h> +#include <netlink/route/interface.h> + +#include "libifconfig.h" +#include "libifconfig_internal.h" + +static int ifconfig_modify_flags(ifconfig_handle_t *h, const char *ifname, + int ifi_flags, int ifi_change); + +static int +ifconfig_modify_flags(ifconfig_handle_t *h, const char *ifname, int ifi_flags, + int ifi_change) +{ + int ret = 0; + struct snl_state ss; + struct snl_writer nw; + struct nlmsghdr *hdr; + struct ifinfomsg *ifi; + struct snl_errmsg_data e = { 0 }; + + if (!snl_init(&ss, NETLINK_ROUTE)) { + ifconfig_error(h, NETLINK, ENOTSUP); + return (-1); + } + + snl_init_writer(&ss, &nw); + hdr = snl_create_msg_request(&nw, NL_RTM_NEWLINK); + ifi = snl_reserve_msg_object(&nw, struct ifinfomsg); + snl_add_msg_attr_string(&nw, IFLA_IFNAME, ifname); + + ifi->ifi_flags = ifi_flags; + ifi->ifi_change = ifi_change; + + hdr = snl_finalize_msg(&nw); + if (hdr == NULL) { + ifconfig_error(h, NETLINK, ENOMEM); + ret = -1; + goto out; + } + + if (!snl_send_message(&ss, hdr)) { + ifconfig_error(h, NETLINK, EIO); + ret = -1; + goto out; + } + + if (!snl_read_reply_code(&ss, hdr->nlmsg_seq, &e)) { + ifconfig_error(h, NETLINK, e.error); + ret = -1; + goto out; + } + +out: + snl_free(&ss); + return (ret); +} + +int +ifconfig_set_up(ifconfig_handle_t *h, const char *ifname, bool up) +{ + int flag = up ? IFF_UP : ~IFF_UP; + + return (ifconfig_modify_flags(h, ifname, flag, IFF_UP)); +} diff --git a/lib/libnvmf/nvmf_tcp.c b/lib/libnvmf/nvmf_tcp.c index 6f41ca7ff502..48ddabaf506a 100644 --- a/lib/libnvmf/nvmf_tcp.c +++ b/lib/libnvmf/nvmf_tcp.c @@ -728,7 +728,7 @@ nvmf_tcp_handle_r2t(struct nvmf_tcp_qpair *qp, struct nvmf_tcp_rxpdu *pdu) } /* - * XXX: The spec does not specify how to handle R2T tranfers + * XXX: The spec does not specify how to handle R2T transfers * out of range of the original command. */ data_len = le32toh(r2t->r2tl); diff --git a/lib/libpfctl/libpfctl.c b/lib/libpfctl/libpfctl.c index 0037f31df04b..190ee46baf21 100644 --- a/lib/libpfctl/libpfctl.c +++ b/lib/libpfctl/libpfctl.c @@ -1284,8 +1284,8 @@ snl_add_msg_attr_pf_rule(struct snl_writer *nw, uint32_t type, const struct pfct snl_add_msg_attr_u8(nw, PF_RT_KEEP_STATE, r->keep_state); snl_add_msg_attr_u8(nw, PF_RT_AF, r->af); snl_add_msg_attr_u8(nw, PF_RT_PROTO, r->proto); - snl_add_msg_attr_u8(nw, PF_RT_TYPE, r->type); - snl_add_msg_attr_u8(nw, PF_RT_CODE, r->code); + snl_add_msg_attr_u16(nw, PF_RT_TYPE_2, r->type); + snl_add_msg_attr_u16(nw, PF_RT_CODE_2, r->code); snl_add_msg_attr_u8(nw, PF_RT_FLAGS, r->flags); snl_add_msg_attr_u8(nw, PF_RT_FLAGSET, r->flagset); snl_add_msg_attr_u8(nw, PF_RT_MIN_TTL, r->min_ttl); @@ -1694,6 +1694,8 @@ static struct snl_attr_parser ap_getrule[] = { { .type = PF_RT_SRC_NODES_ROUTE, .off = _OUT(r.src_nodes_type[PF_SN_ROUTE]), .cb = snl_attr_get_uint64 }, { .type = PF_RT_PKTRATE, .off = _OUT(r.pktrate), .arg = &pfctl_threshold_parser, .cb = snl_attr_get_nested }, { .type = PF_RT_MAX_PKT_SIZE, .off =_OUT(r.max_pkt_size), .cb = snl_attr_get_uint16 }, + { .type = PF_RT_TYPE_2, .off = _OUT(r.type), .cb = snl_attr_get_uint16 }, + { .type = PF_RT_CODE_2, .off = _OUT(r.code), .cb = snl_attr_get_uint16 }, }; #undef _OUT SNL_DECLARE_PARSER(getrule_parser, struct genlmsghdr, snl_f_p_empty, ap_getrule); diff --git a/lib/libpfctl/libpfctl.h b/lib/libpfctl/libpfctl.h index f6c8f6a2ccdb..da16d5179ec0 100644 --- a/lib/libpfctl/libpfctl.h +++ b/lib/libpfctl/libpfctl.h @@ -261,8 +261,8 @@ struct pfctl_rule { uint8_t keep_state; sa_family_t af; uint8_t proto; - uint8_t type; - uint8_t code; + uint16_t type; + uint16_t code; uint8_t flags; uint8_t flagset; uint8_t min_ttl; diff --git a/lib/libsysdecode/Makefile b/lib/libsysdecode/Makefile index ca020552a6e9..11f45355b8e2 100644 --- a/lib/libsysdecode/Makefile +++ b/lib/libsysdecode/Makefile @@ -27,7 +27,7 @@ MAN= sysdecode.3 \ sysdecode_sigcode.3 \ sysdecode_sockopt_name.3 \ sysdecode_socket_protocol.3 \ - sysdecode_syscallnames.3 \ + sysdecode_syscallname.3 \ sysdecode_utrace.3 MLINKS= sysdecode_abi_to_freebsd_errno.3 sysdecode_freebsd_to_abi_errno.3 MLINKS+=sysdecode_enum.3 sysdecode_acltype.3 \ diff --git a/lib/libsysdecode/sysdecode.3 b/lib/libsysdecode/sysdecode.3 index 0aa4155c004b..32f7fad4e6c5 100644 --- a/lib/libsysdecode/sysdecode.3 +++ b/lib/libsysdecode/sysdecode.3 @@ -73,7 +73,7 @@ A placeholder for use when the ABI is not known. .Xr sysdecode_sigcode 3 , .Xr sysdecode_socket_protocol 3 , .Xr sysdecode_sockopt_name 3 , -.Xr sysdecode_syscallnames 3 , +.Xr sysdecode_syscallname 3 , .Xr sysdecode_utrace 3 .Sh HISTORY The diff --git a/lib/libsysdecode/sysdecode_abi_to_freebsd_errno.3 b/lib/libsysdecode/sysdecode_abi_to_freebsd_errno.3 index 8f710d1e3756..51955f062393 100644 --- a/lib/libsysdecode/sysdecode_abi_to_freebsd_errno.3 +++ b/lib/libsysdecode/sysdecode_abi_to_freebsd_errno.3 @@ -89,4 +89,4 @@ see .Xr sysdecode 3 . .Sh SEE ALSO .Xr sysdecode 3 , -.Xr sysdecode_syscallnames 3 +.Xr sysdecode_syscallname 3 diff --git a/lib/libsysdecode/sysdecode_syscallnames.3 b/lib/libsysdecode/sysdecode_syscallname.3 index 610cbc9b2115..8ba88fd3c43e 100644 --- a/lib/libsysdecode/sysdecode_syscallnames.3 +++ b/lib/libsysdecode/sysdecode_syscallname.3 @@ -23,17 +23,17 @@ .\" SUCH DAMAGE. .\" .Dd October 17, 2016 -.Dt sysdecode_syscallnames 3 +.Dt sysdecode_syscallname 3 .Os .Sh NAME -.Nm sysdecode_syscallnames +.Nm sysdecode_syscallname .Nd lookup name of system calls .Sh LIBRARY .Lb libsysdecode .Sh SYNOPSIS .In sysdecode.h .Ft const char * -.Fn sysdecode_syscallnames "enum sysdecode_abi abi" "unsigned int code" +.Fn sysdecode_syscallname "enum sysdecode_abi abi" "unsigned int code" .Sh DESCRIPTION This function returns a pointer to the name of a system call identified by .Fa code diff --git a/lib/libutil++/Makefile b/lib/libutil++/Makefile index 56b64bbf358c..2e7a614df800 100644 --- a/lib/libutil++/Makefile +++ b/lib/libutil++/Makefile @@ -11,6 +11,10 @@ MAN+= freebsd::FILE_up.3 \ freebsd::pidfile.3 \ freebsd::stringf.3 +.for page in ${MAN} +MANSRC.${page}= ${page:S/:/_/g} +.endfor + .include <src.opts.mk> HAS_TESTS= diff --git a/lib/libutil++/freebsd::FILE_up.3 b/lib/libutil++/freebsd__FILE_up.3 index ea63b1233b43..ea63b1233b43 100644 --- a/lib/libutil++/freebsd::FILE_up.3 +++ b/lib/libutil++/freebsd__FILE_up.3 diff --git a/lib/libutil++/freebsd::addrinfo_up.3 b/lib/libutil++/freebsd__addrinfo_up.3 index 4845a76bfb61..4845a76bfb61 100644 --- a/lib/libutil++/freebsd::addrinfo_up.3 +++ b/lib/libutil++/freebsd__addrinfo_up.3 diff --git a/lib/libutil++/freebsd::fd_up.3 b/lib/libutil++/freebsd__fd_up.3 index 2ef2241a5c40..2ef2241a5c40 100644 --- a/lib/libutil++/freebsd::fd_up.3 +++ b/lib/libutil++/freebsd__fd_up.3 diff --git a/lib/libutil++/freebsd::malloc_up.3 b/lib/libutil++/freebsd__malloc_up.3 index b18e7854213a..b18e7854213a 100644 --- a/lib/libutil++/freebsd::malloc_up.3 +++ b/lib/libutil++/freebsd__malloc_up.3 diff --git a/lib/libutil++/freebsd::nvlist_up.3 b/lib/libutil++/freebsd__nvlist_up.3 index 43f76cf3ead3..43f76cf3ead3 100644 --- a/lib/libutil++/freebsd::nvlist_up.3 +++ b/lib/libutil++/freebsd__nvlist_up.3 diff --git a/lib/libutil++/freebsd::pidfile.3 b/lib/libutil++/freebsd__pidfile.3 index fb67253f5c02..fb67253f5c02 100644 --- a/lib/libutil++/freebsd::pidfile.3 +++ b/lib/libutil++/freebsd__pidfile.3 diff --git a/lib/libutil++/freebsd::stringf.3 b/lib/libutil++/freebsd__stringf.3 index 341fedef4343..341fedef4343 100644 --- a/lib/libutil++/freebsd::stringf.3 +++ b/lib/libutil++/freebsd__stringf.3 |