| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
|
|
|
|
| |
This seems to have been lost during updates from upstream, and
was reported (on IRC) as a nice feature to have (again).
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D28689
|
| |
|
|
|
|
|
|
|
|
|
| |
Stop using the kernel's struct pf_rule, switch to libpfctl's pfctl_rule.
Now that we use nvlists to communicate with the kernel these structures
can be fully decoupled.
Reviewed by: glebius
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29644
|
| |
|
|
|
|
|
| |
Reviewed by: glebius
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29641
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
libarchive: Apply upstream commit a1b7bf8013fb7a11a486794247daae592db6f5ae
This fixes the failing test_read_append_filter_wrong_program test in CI
which has been failing since 01-Dec-2020.
Commit message from https://github.com/libarchive/libarchive/commit/a1b7bf8013fb7a11a486794247daae592db6f5ae
Silence stderr in test_read_append_filter_program
When the FreeBSD testsuite runs the libarchive tests it checks that stderr
is empty. Since #1382 this is no longer the case. This change restores
the behaviour of silencing bunzip2 stderr but doesn't bring back the
output text check.
Partially reverts 2e7aa5d9
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D29036
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to version 4.0.0
This version fixes an issue (missing pop of top-of-stack value in the
"P" command of the dc program).
This issue did not affect the bc program, since it does not use dc as
an back-end to actually perform the calculations as was the case with
the traditional bc and dc programs.
The major number has been bumped due to Windows support that has been
added to this version. It does not correspond to a major change that
might affect FreeBSD.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GNU readelf exits with an error for a number of invalid file cases.
Previously ELF Tool Chain readelf always exited with 0. Now we exit 1
upon detecting an error with one or more input files, but in any case
all of them are processed.
This should catch common failure cases. We still do not report an error
for some types of malformed ELF files, but this is consistent with GNU
readelf.
PR: 252727
Reviewed by: jkoshy, markj
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29377
|
| |
|
|
|
| |
It contains changes pushed by pstef@ when working on improving the
completion for /bin/sh
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
3a509754ded1 removed the color field from our definition, but libevent1
has a copy of it off to the side to prevent event.h consumers from
*needing* to pull in sys/queue.h and sys/tree.h.
Update the event.h definition so that we don't accidentally end up with
two different views of struct event.
This appears to have no functional effect on anything in tree, but this
came up in a local patch to port if_switch(4) and related components
from OpenBSD.
MFC after: 1 week
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
The only change needed is to mark a few variables as static.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently macOS and DragonFlyBSD get their own special case and only
handle x86. Since all the FreeBSD cases should be general enough for
macOS and DragonFlyBSD (and the x86 ones are identical to the existing
ones) we can just delete the special cases and reuse the FreeBSD ones.
Note that upstream has since removed all the architecture-specific
checks in this file, with the only code relevant to us being an
endianness check that uses the generic compiler-provided macros. Thus
this patch will not be upstreamed, and will be dropped in a future
vendor import.
Reviewed by: dim
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29352
|
| |
|
|
|
|
|
|
| |
This upgrade performs an implicit flush of the output if the script
funcion read() is called, to make sure a prompt that does not end in a
new-line is correctly displayed in line-buffered output mode.
Merge commit '893ecb52db5ed47d6c1e8698334d34e0df651612'
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Latest version available from: https://w1.fi/security/2021-1/
Vulnerability
A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.
Vulnerable versions/configurations
wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled
An attacker (or a system controlled by the attacker) needs to be within
radio range of the vulnerable system to send a set of suitably
constructed management frames that trigger the corner case to be reached
in the management of the P2P peer table.
Note: FreeBSD base does not enable P2P.
|
| |\
| |
| |
| |
| | |
PR: 252663
MFC after: 1 week
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(Note I am also applying this to main and stable/13, to restore the old
libcxxrt ABI and to avoid having to maintain a compat library.)
After the recent cherry-picking of libcxxrt commits 0ee0dbfb0d26 and
d2b3fadf2db5, users reported that editors/libreoffice packages from the
official package builders did not start anymore. It turns out that the
combination of these commits subtly changes the ABI, requiring all
applications that depend on internal details of struct _Unwind_Exception
(available via unwind-arm.h and unwind-itanium.h) to be recompiled.
However, the FreeBSD package builders always use -RELEASE jails, so
these still use the old declaration of struct _Unwind_Exception, which
is not entirely compatible. In particular, LibreOffice uses this struct
in its internal "uno bridge" component, where it attempts to setup its
own exception handling mechanism.
To fix this incompatibility, go back to the old declarations of struct
_Unwind_Exception, and restore the __LP64__ specific workaround we had
in place before (which was to cope with yet another, older ABI bug).
Effectively, this reverts upstream libcxxrt commits 88bdf6b290da
("Specify double-word alignment for ARM unwind") and b96169641f79
("Updated Itanium unwind"), and reapplies our commit 3c4fd2463bb2
("libcxxrt: add padding in __cxa_allocate_* to fix alignment").
PR: 253840
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Update the tests to check O_RESOLVE_BENEATH instead.
If this looks reasonable, I'll try to upstream this change.
This keeps a compat fallback for O_BENEATH since the Linux port still
has/had O_BENEATH with "no .., no absolute paths" semantics.
Test Plan: `/usr/tests/sys/capsicum/capsicum-test -u 977` passes and
runs the O_RESOLVE_BENEATH tests.
Reviewed By: markj
Differential Revision: https://reviews.freebsd.org/D29016
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Clang commit ccb4124a4172bf2cb2e1cd7c253f0f1654fce294:
Fix -gz=zlib options for linker
gcc translates -gz=zlib to --compress-debug-options=zlib for both
assembler and linker but clang only does this for assembler.
The linker needs --compress-debug-options=zlib option to compress the
debug sections in the generated executable or shared library.
Due to this bug, -gz=zlib has no effect on the generated executable or
shared library.
This patch fixes that.
Clang commit 462cf39a5c180621b56f7602270ce33eb7b68d23:
[Driver] Fix -gz=zlib options for linker also on FreeBSD
ccb4124a4172 fixed translating -gz=zlib to --compress-debug-sections for
linker invocation for several ToolChains, but omitted FreeBSD.
Approved by: dim
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29028
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Temporary files were not cleaned up, resulting in $TMPDIR or even
the current directory becoming littered with ecp.* files.
This happened with error and even sometimes on success!
Approved by: dim
MFC after: 4 weeks
Accepted upstream: https://sourceforge.net/p/elftoolchain/code/3918/
Differential Revision: https://reviews.freebsd.org/D28651
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Apparently GCC defines NULL to 0 in C++11 mode (instead of nullptr), so
this causes the following error:
```
In file included from capsicum-test.h:15,
from capsicum-test.cc:1:
gtest-1.10.0/include/gtest/gtest.h: In instantiation of 'testing::AssertionResult testing::internal::CmpHelperNE(const char*, const char*, const T1&, const T2&) [with T1 = long int; T2 = procstat*]':
capsicum-test.cc:75:3: required from here
gtest-1.10.0/include/gtest/gtest.h:1621:28: error: ISO C++ forbids comparison between pointer and integer [-fpermissive]
1609 | if (val1 op val2) {\
| ~~~~~~~~~~~~
......
1621 | GTEST_IMPL_CMP_HELPER_(NE, !=);
gtest-1.10.0/include/gtest/gtest.h:1609:12: note: in definition of macro 'GTEST_IMPL_CMP_HELPER_'
1609 | if (val1 op val2) {\
| ^~
```
Fix this by using nullptr directly.
Submitted upstream as https://github.com/google/capsicum-test/pull/56
Reported by: Jenkins CI
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This includes various fixes that I submitted recently such as updating the
pdkill() tests for the actual implemented behaviour
(https://github.com/google/capsicum-test/pull/53) and lots of changes to
avoid calling sleep() and replacing it with reliable synchronization
(pull requests 49,51,52,53,54). This should make the testsuite more reliable
when running on Jenkins. Additionally, process status is now retrieved using
libprocstat instead of running `ps` and parsing the output
(https://github.com/google/capsicum-test/pull/50). This fixes one previously
failing test and speeds up execution.
Overall, this update reduces the total runtime from ~60s to about 4-5 seconds.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It appears that the stackframe layout can be slightly different depending on
compiler and target architecture. For example, when using CHERI LLVM for RISC-V
we can actually overflow the buffer by up to 8 bytes without SSP detecting it.
Fix this by increasing the overflow to 15 bytes.
Reviewed By: ngie, emaste
Differential Revision: https://reviews.freebsd.org/D28997
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
dialog.h defines MIN and MAX (making sure to undefine the previous
macros if it already exists), but sys/param.h also defines those
macros (without guards) and is included after dialog.h resulting
in both gcc and clang complaining about macro redefiniton
While clang do accept -Wno-macro-redefined to ignore the redefinition
warning, gcc does not [1]
Undefine both macros prior inclusion of sys/param.h to avoid the warning
Reported by: arichardson
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Upstream broke catalog generation with some over-eagre style cleanups.
This brings in my pull request.
Obtained from: https://github.com/lichray/nvi2/pull/88
Differential Revision: https://reviews.freebsd.org/D28594
|
| | |
| |
| |
| |
| | |
patch dialog.c which requires stddef for the usage of offsetof
catchup on the config header
|
| | | |
|
| |\ \ |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This fixes the closefrom test in sys/audit.
Includes cherry-picks of the following commits from openbsm:
https://github.com/openbsm/openbsm/commit/4dfc628aafe589d68848f7033f3d3488c4d979e0
https://github.com/openbsm/openbsm/commit/99ff6fe32aebc5a4b8d40d60062b8574697df557
https://github.com/openbsm/openbsm/commit/da48a0399e95448693d3fa2be48454ca564c1be8
Reviewed By: kevans
Differential Revision: https://reviews.freebsd.org/D28388
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
After 0ee0dbfb0d26cf4bc37f24f12e76c7f532b0f368 where I imported a more
recent libcxxrt snapshot, the variables 'rtn' and 'has_ret' could in
some cases be used while still uninitialized. Most obviously this would
lead to a jemalloc complaint about a bad free(), aborting the program.
Fix this by initializing a bunch variables in their declarations. This
change has also been sent upstream, with some additional changes to be
used in their testing framework.
PR: 253226
MFC after: 3 days
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
I did this without a full vendor update since that would cause too many
conflicts. Since these files now almost match the NetBSD sources the
next git subtree merge should work just fine.
Reviewed By: lwhsu
Differential Revision: https://reviews.freebsd.org/D28797
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
In 0ee0dbfb0d26cf4bc37f24f12e76c7f532b0f368 I imported a more recent
libcxxrt snapshot, which includes an upstream fix for the padding of
struct _Unwind_Exception:
https://github.com/libcxxrt/libcxxrt/commit/e458560b7e22fff59af643dba363544b393bd8db
However, we also had a similar fix in our tree as:
https://cgit.freebsd.org/src/commit/?id=3c4fd2463bb29f65ef1404011fcb31e508cdf2e2
Since having both fixes makes the struct too large again, it leads to
SIGBUSes when throwing exceptions on amd64 (or other LP64 arches). This
is most easily tested by running kyua without any arguments.
It looks like our fix is no longer needed now, so revert it to reduce
diffs against upstream.
PR: 253226
Reviewed by: arichardson, kp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D28799
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Interesting fixes:
b3c73ba libelftc_dem_gnu3: Sync with elftoolchain r3877
7b2335c Mostly fix __cxa_demangle after #3
Reported by: arichardson
PR: 253226
MFC after: 3 days
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Add three examples showing the use of `-h`, `-l`, `-t`, `-w`
christos@netbsd.org to be notified.
Reviewed by: bcr@, gbe@, imp@
Approved by: bcr@, gbe@ (mentor), imp@
Differential Revision: https://reviews.freebsd.org/D25242
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since https://github.com/freebsd/atf/commit/4581cefc1e3811dd3c926b5dd4b15fd63d2e19da
ATF opens the results file on startup. This fixes problems like
capsicumized tests not being able to open the file on exit.
However, this test closes all file descriptors above 3 to get a
deterministic fd table allocation for the child. Instead of using closefrom
(which will close the ATF output file FD) I've changed this test use
the lowest available fd and pass that to the helper program as a string.
We could also try to re-open the results file in ATF if we get a EBADF
error, but that will fail when running under Capsicum.
Reviewed By: cem
Differential Revision: https://reviews.freebsd.org/D28684
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This update changes the behavior of "-e" or "-f" in BC_ENV_ARGS:
Use of these options on the command line makes bc exit after executing
the given commands. These options will not cause bc to exit when
passed via the environment (but EOF in STDIN or -e or -f on the
command line will make bc exit as before).
The same applies to DC_ENV_ARGS with regard to the dc program.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Importing flex 2.6.4 has introduced a regression: input() now returns 0
instead of EOF to indicate that the end of input was reached, just like
traditional AT&T and POSIX lex. Note the behavior contradicts flex(1).
See "INCOMPATIBILITIES WITH LEX AND POSIX" section for information.
This incompatibility traces back to the original version and documented
in its manual page by the Vern Paxson.
Apparently, it has been reported in a few places, e.g.,
https://github.com/westes/flex/issues/448
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911415
Unfortunately, this also breaks the scanner used by libdtrace and
dtrace is unable to resolve some probe argument types as a result. See
PR253440 for more information.
Note the regression was introduced by the following upstream commit
without any explanation or documentation change:
https://github.com/westes/flex/commit/f863c9490e6912ffcaeb12965fb3a567a10745ff
Now we restore the traditional flex behavior unless lex-compatibility
mode is set with "-l" option because I believe the author originally
wanted to make it more lex and POSIX compatible.
PR: 253440
Reported by: markj
|
| | | |
| | |
| | |
| | |
| | | |
This includes changes to use GTEST_SKIP() instead of the local hand-rolled
mechanism as well as a few minor cleanups.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Since https://github.com/freebsd/atf/commit/4581cefc1e3811dd3c926b5dd4b15fd63d2e19da
ATF opens the results file on startup. This fixes problems like
capsicumized tests not being able to open the file on exit.
However, this test closes all file descriptors just to check that
socketpair returns fd 3+4 and thereby also closes the ATF results file.
This then results in an EBADF when writing the result so the test is
reported as broken.
While system calls that create new file descriptors (must?) use the lowest
available file descriptor number, it does not seem useful to test this
property here. Drop the check for FD==3/4 to unbreak the testsuite.
We could also try to re-open the results file in ATF if we get a EBADF
error, but that will fail when running under Capsicum.
Reviewed By: cem
Differential Revision: https://reviews.freebsd.org/D28683
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The rpc_control() API does not accept the CLCR_SET_RPCB_TIMEOUT command,
it only accepts RPC_SVC_CONNMAXREC_GET/RPC_SVC_CONNMAXREC_SET, so it was
not doing anything.
Instead of incorrectly calling this API, use clnt_create_timed() instead.
I noticed this because the test was timing out after 120s in the CheriBSD CI.
Reviewed By: ngie
Differential Revision: https://reviews.freebsd.org/D28478
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
summary of changes, or for a more thorough overview:
https://subversion.apache.org/docs/release-notes/1.14
NOTE 1: There is no need to dump and reload repositories, and the
working copy format is still the same as Subversion 1.8 through 1.13.
NOTE 2: The upstream release also contains a fix for a security issue in
mod_dav_svn (CVE-2020-17525), but since we do not build or use any
Apache modules, it is not an issue for the FreeBSD base system.
Relnotes: yes
MFC after: 3 days
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | | |
Note araujo tried to fix it in r298241 but he only touched generated
files for bootstrap. This commit properly fixes the problem.
|
| | | |
| | |
| | |
| | |
| | | |
Note araujo tried to fix it in r298241 but he only touched generated
files for bootstrap. This commit properly fixes the problem.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
After d3338f3355a612cf385632291f46c5777bba8d18, the lib/msun test case
'hypotl_near_underflow' would fail to compile on platforms where long
doubles weren't 80 bit, like on x86. Disable this particular test on
such platforms for now.
PR: 253313
MFC after: 1 week
X-MFC-With: d3338f3355a612cf385632291f46c5777bba8d18
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Changes of interest
o unit-tests: use private TMPDIR to avoid errors from other users
o avoid strdup in mkTempFile
o always use vfork
o job.c: do not create empty shell files in jobs mode
reduce unnecessary calls to waitpid
o cond.c: fix debug output for comparison operators in conditionals
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This adjusts the factor used to scale the subnormal numbers, so it
becomes the right value after adjusting its exponent. Thanks to Steve
Kargl for finding the most elegant fix.
Also enable the hypot tests, and add a test case for this bug.
PR: 253313
MFC after: 1 week
|
| |\ \ \
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Update unbound 1.13.0 --> 1.13.1.
Includes numerous bugfixes documented at:
https://www.nlnetlabs.nl/projects/unbound/download/#unbound-1-13-1
MFC after: 1 month
|
