| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
These were reported by `mandoc -T lint` as
ERROR: skipping unknown macro
When these pages were rendered with `man`, the "unknown macro" meant
that the entire line was omitted from the output.
Obvious typos in:
lib/libsys/swapon.2
lib/libsys/procctl.2
share/man/man9/firmware.9
lib/libcasper/services/cap_net/cap_net.3: 'mode' describes a function
argument.
lib/libsys/statfs.2: there's no .Tm command ("trademark?"), and
.Tn ("tradename") is deprecated, so remove the macro entirely.
usr.sbin/mfiutil/mfiutil.8: man was interpreting '/dev/' as a macro
(which it didn't recognize).
share/man/man4/qat.4: same issue as above, but with '0'. In this case,
given the context of the previous line, rewriting as "Value '0'"
seemed more appropriate.
usr.sbin/mlx5tool/mlx5tool.8: typo in .Xr
Signed-off-by: Graham Percival <gperciva@tarsnap.com>
Sponsored by: Tarsnap Backup Inc.
Reviewed by: concussious, imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1417
(cherry picked from commit 2878d99dfcfbdd7a415a7f31cf95fbd53fc8e581)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
GCC 13 incorrectly thinks a call to free after a failed realloc is a
use after free.
lib/libcasper/services/cap_grp/cap_grp.c: In function 'group_resize':
lib/libcasper/services/cap_grp/cap_grp.c:65:17: error: pointer 'buf' may be used after 'realloc' [-Werror=use-after-free]
65 | free(buf);
| ^~~~~~~~~
lib/libcasper/services/cap_grp/cap_grp.c:63:19: note: call to 'realloc' here
63 | gbuffer = realloc(buf, gbufsize);
| ^~~~~~~~~~~~~~~~~~~~~~
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D42576
(cherry picked from commit b7f7cc25c01aeacaafb86ebcffdeb258b7933b08)
|
| |
|
|
|
|
|
|
| |
Reported by: GCC 14 -Wcalloc-transposed-args
Reviewed by: rlibby, emaste
Differential Revision: https://reviews.freebsd.org/D46005
(cherry picked from commit 5275d1ddb42dc70fb87925e59445059068c08271)
|
| |
|
|
|
|
|
|
|
|
| |
These ones were unambiguous cases where the Foundation was the only
listed copyright holder.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 5c2bc3db201a4fe8d7911cf816bea104d5dc2138)
(cherry picked from commit f06d322e9d925ab56a4aa8210a67637d4d341ab6)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Capability rights passed to cap_rights_* are not simple bitmaks and
cannot be ORed together in general (although it will work for certain
subsets of rights).
PR: 277057
Fixes: faaf43b2a750 ("fileargs: add tests")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 3733d82c4deb49035a39e18744085d1e3e9b8dc5)
(cherry picked from commit be83aa2a01b35f9e7aa94a3d45a851305fa22c83)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This line appears to have been copied from cap_sysctl.3. While I'm
here, reorder and reword the description of cap_net_limit a bit.
[skip ci]
Sponsored by: Axcient
Reviewed by: oshogbo
Differential Revision: https://reviews.freebsd.org/D42919
(cherry picked from commit 6b96125afdf245ae61dd82b59891ad0d6aab0066)
|
| |
|
|
|
|
| |
- s/mutiple/multiple/
(cherry picked from commit 637e4ef1a6bcd8677dabd8c08916df3091be5f64)
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously, while checking name2addr capabilities, we mistakenly used
the addr2name set. This error could cause a process to inadvertently
reset its limitations.
Reported by: Shawn Webb <shawn.webb@hardenedbsd.org>
(cherry picked from commit afd74c400075d94e01dd3430844bb290834660ef)
(cherry picked from commit 765757c6301fa41c0b59108347c600fbc9020c39)
|
| |
|
|
|
|
|
| |
Remove /^\.\\"\n\.\\"\s*\$FreeBSD\$$\n/
Similar commit in main:
(cherry picked from commit fa9896e082a1)
|
| |
|
|
|
|
|
| |
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
Similar commit in main:
(cherry picked from commit d0b2dbfa0ecf)
|
| |
|
|
|
|
|
| |
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
Similar commit in main:
(cherry picked from commit 1d386b48a555)
|
| |
|
|
|
|
|
| |
Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
Similar commit in main:
(cherry picked from commit b3e7694832e8)
|
| |
|
|
|
|
|
|
|
|
|
| |
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
(cherry picked from commit 4d846d260e2b9a3d4d0a701462568268cbfe7a5b)
|
| |
|
|
| |
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When testing cap_connect() and name/addr lookup functions, skip tests if
we fail and the error is not ENOTCAPABLE. This makes the tests amenable
to running in CI without Internet connectivity.
Reviewed by: oshogbo
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D39242
(cherry picked from commit 7ee4066db1295fe3660964c2561bef87da7431f8)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The cap_dns tests require Internet access. Currently they fail when
that's not available, which for CI purposes is undesirable. Let's
instead skip the tests if none of the non-casper name/addr lookups
succeed.
To that end:
- Convert the tests to ATF so that skipping is easier to implement.
- Break up the tests into separate test cases.
- If one of the system (i.e., non-casper) lookup functions fails, skip
the test if all of them failed, otherwise fail the tests, since
partial failure indicates something is flaky and deserves a closer
look.
Reviewed by: oshogbo
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39241
(cherry picked from commit 615bf03e33e466ca10e3f1d203f4c27188d28fc3)
|
| |
|
|
|
|
|
|
|
|
| |
These tests fail spuriously when run in parallel, since some of them
write a value to a global sysctl, read it back, and expect to see the
written value. These tests complete quite quickly in any case.
MFC after: 1 week
(cherry picked from commit 5d96ca7a307279cf4bdb191b7074cd1efcd3b8e8)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Correct some function prototypes which were documented with the wrong
pointer type.
* Clarify return values and requirements for freeing the limit handle.
[skip ci]
Sponsored by: Axcient
Reviewed by: oshogbo
Differential Revision: https://reviews.freebsd.org/D37586
(cherry picked from commit 6c93a2d0bc37f0c912e402f3f94c3c01350dca26)
|
| |
|
|
|
|
|
| |
We still want to fetch the variable just to verify that the interface
is right.
(cherry picked from commit 1e9ce60a6d758ddf5392e96e886fd815694dd66b)
|
| |
|
|
|
|
| |
MFC after: 5 days
(cherry picked from commit 88910b8b7b14386e05bccda0317ace2bfd383ef5)
|
| |
|
|
|
|
| |
MFC after: 5 days
(cherry picked from commit f45ca435bd2cba2ea6d9b79dbef275bc5ea4036a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
- inserting missing end of block: Sh breaks Bl
- moving content out of list: Pp
- missing comma before name: Nm cap_*
- comma in function argument: cap_*
- skipping paragraph macro: Pp after Sh
- sections out of conventional order: Sh AUTHORS
Reviewed by: bcr
Differential Revision: https://reviews.freebsd.org/D31144
(cherry picked from commit 3251ad29f4295ad73668a46727c5bbf7bbac0cf7)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Casper services expect that the first 3 descriptors (stdin/stdout/stderr)
will point to /dev/null. Which Casper will ensure later. The Casper
services are forked from the original process. If the initial process
closes one of those descriptors, Casper may reuse one of them for it on
purpose. If this is the case, then renumarate the descriptors used by
Casper to higher numbers. This is done already after the fork, so it
doesn't break the parent process.
PR: 255339
Reported by: Borja Marcos <borjam (at) sarenet.es>
Tested by: jkim@
(cherry picked from commit aa310ebfba3d49a0b6b03a103b969731a8136a73)
|
| |
|
|
|
|
|
|
|
| |
- Correct the type of the sysctl value.
- Initialize the oldsize parameter to cap_sysctlbyname()
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 44bbda649dc6c1cdc5a99641e14c77157967e140)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Some tests verify that the capgrp capability does not permit calls to
setgrent(3), but all tests need to ensure that they reset the
capability's group database handle, otherwise the local process and
casper process will be out of sync.
The cap_pwd tests already handle this.
Sponsored by: The FreeBSD Foundation
MFC after: 1 month
|
| |
|
|
|
|
|
|
|
|
| |
In libcasper, the first argument to the function is a structure that
represents a connection to Casper. On systems without Casper, macros
are used to interpose the Casper functions to standard libc ones.
This may cause errors/warnings that the variable is not used.
With the inline function, there is no such problem.
I omitted this file in: 8c121177f063a187534dcd475b136c34474802cd
|
| | |
|
| | |
|
| |
|
|
|
| |
Expose structures and variables that may be used on systems
build without Casper support.
|
| |
|
|
|
|
|
|
| |
In libcasper, the first argument to the function is a structure that
represents a connection to Casper. On systems without Casper, macros
are used to interpose the Casper functions to standard libc ones.
This may cause errors/warnings that the variable is not used.
With the inline function, there is no such problem.
|
| |
|
|
|
| |
Fix the for the CAPNET_CONNECT and CAPNET_CONNECTDNS.
Add test to ensure that this is possible.
|
| |
|
|
| |
Add test to ensure that this is possible.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
disabled
When compiling without casper these API calls result in unused variable warnings.
Using #defines was lovely in the past but unfortunately it triggers warnings
which can cascade into errors.
Instead, just inline with some fallthrough functions and keep things happy.
Tested:
* gcc-6 targeting mips32, with casper disabled
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D26762
Notes:
svn path=/head/; revision=366688
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The current default is provided in various Makefile.inc in some top-level
directories and covers a good portion of the tree, but doesn't cover parts
of the build a little deeper (e.g. libcasper).
Provide a default in src.sys.mk and set WARNS to it in bsd.sys.mk if that
variable is defined. This lets us relatively cleanly provide a default WARNS
no matter where you're building in the src tree without breaking things
outside of the tree.
Crunchgen has been updated as a bootstrap tool to work on this change
because it needs r365605 at a minimum to succeed. The cleanup necessary to
successfully walk over this change on WITHOUT_CLEAN builds has been added.
There is a supplemental project to this to list all of the warnings that are
encountered when the environment has WARNS=6 NO_WERROR=yes:
https://warns.kevans.dev -- this project will hopefully eventually go away
in favor of CI doing a much better job than it.
Reviewed by: emaste, brooks, ngie (all earlier version)
Reviewed by: emaste, arichardson (depend-cleanup.sh change)
Differential Revision: https://reviews.freebsd.org/D26455
Notes:
svn path=/head/; revision=365887
|
| |
|
|
|
|
|
|
| |
Reviewed by: emaste, markj (previous version), bcr (man page)
Differential Revision: https://reviews.freebsd.org/D24688
Notes:
svn path=/head/; revision=364276
|
| |
|
|
|
|
|
| |
MFC after: 1 week
Notes:
svn path=/head/; revision=362676
|
| |
|
|
|
|
|
|
|
|
| |
Reviewed by: bcr (mentor)
Approved by: bcr (mentor)
MFC after: 7 days
Differential Revision: https://reviews.freebsd.org/D24695
Notes:
svn path=/head/; revision=362230
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The service handler for fileargs_open() tries to pre-open multiple files
and pass descriptors for each back to the sandboxed process in a single
message. This is to amortize the cost of round-trips between the two
processes.
The service process adds a "cache" nvlist to the reply to "open",
containing file descriptors for pre-opened files. However, when adding
that nvlist to the reply, it was making a copy, effectively leaking the
cached descriptors.
While here, fix spelling in a local variable name.
PR: 241226
Reviewed by: oshogbo
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D25095
Notes:
svn path=/head/; revision=361694
|
| |
|
|
|
|
|
|
| |
Reported by: phk
MFC after: 2 weeks
Notes:
svn path=/head/; revision=360079
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We must wrap C declarations in __BEGIN / __END_DECLS to avoid C++ name-mangling
of the declaration when including the C header; name-mangling causes the linker
to attempt to locate the wrong (C++ ABI) symbol name.
Reviewed by: markj, oshogbo (earlier version both)
Differential Revision: https://reviews.freebsd.org/D24323
Notes:
svn path=/head/; revision=359696
|
| |
|
|
|
|
|
|
|
|
|
| |
No functional change. Minor API change that is nicer for consumers. ABI is
identical; the routine never needed to modify the pointed to value.
Reviewed by: emaste, markj
Differential Revision: https://reviews.freebsd.org/D24319
Notes:
svn path=/head/; revision=359674
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Update a bunch of Makefile.depend files as
a result of adding Makefile.depend.options files
Reviewed by: bdrewery
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org/D22494
Notes:
svn path=/head/; revision=355617
|
| |
|
|
|
|
|
|
|
|
| |
operation & ~limit where limit is a bool is clearly not what was intended,
given the line prior. Correct it to use the calculated mask for validation.
The cap_sysctl tests should now be functional again.
Notes:
svn path=/head/; revision=353914
|
| |
|
|
|
|
|
|
| |
Note that the cap_sysctl tests are currently failing and need some
attention.
Notes:
svn path=/head/; revision=353911
|
| |
|
|
|
|
|
|
|
|
|
| |
A lot of binaries present in FreeBSD-runtime depend on it so move
the libs there.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D21501
Notes:
svn path=/head/; revision=351853
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The limit of the name in fileargs is twice the size of the MAXPATH.
The nvlist will not add an element with the longer name.
We can detect at this point that the path is too big, and simple return
the same error as open(2) would.
PR: 239700
Reported by: markj
Tested by: markj
MFC after: 2 weeks
Notes:
svn path=/head/; revision=350695
|
| |
|
|
|
|
|
|
| |
PR: 239523
Submitted by: mikael.urankar@gmail.com
Notes:
svn path=/head/; revision=350438
|
| |
|
|
| |
Notes:
svn path=/head/; revision=350428
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that we have a way to obtain entropy in capability mode
(getrandom(2)), libcap_random is obsolete. Remove it.
Bump __FreeBSD_version in case anything happens to use it, though I've
found no consumers.
Reviewed by: delphij, emaste, oshogbo
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D21033
Notes:
svn path=/head/; revision=350307
|
