If we had to set OBJTOP we want to .export it (if .MAKE.LEVEL > 0)
for the benefit of things like x!= ${.MAKE} -r ... and similar.
Without OBJTOP, the default MAKEOBJDIR setting will result in
attempting to use an objdir like /lib or /bin etc in some cases.
This patch is based on D30990
with the addition of the check for level > 0.
Reviewed by: jrtc27
Differential Revision: <https://reviews.freebsd.org/D30990>
Add the WITH/WITHOUT_BRANCH_PROTECTION build flags. This can be used
to enable the use of pointer authentication (FEAT_PAuth) and branch
target identification (FEAT_BTI) in userspace.
The kernel already handles both of these is userspace, we just need
to enable it.
Leave disabled for a short period for this to settle before enabling.
Reviewed by: emaste
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D42596
Link with --no-undefined-version by default. Will detect and prevent
the accidental removal of symbols from versioned libraries.
(cherry picked from commit 4510f2ca91)
This reverts commit b25ceb97ed.
Reviewed by: arichardson, kib, dim, emaste
Differential Revision: https://reviews.freebsd.org/D44216
gcc doesn't have -m32 support on aarch64 so mark LIB32 broken there.
We have to check both COMPILER_TYPE and X_COMPILER_TYPE becuase
X_COMPILER_TYPE is only conditionally set and COMPILER_TYPE is the host
compiler in Makefile.inc1.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D45089
In the future, we will Default to _FORTIFY_SOURCE=2 if SSP is enabled,
otherwise default to _FORTIFY_SOURCE=0. For now we default it to 0
unconditionally to ease bisect across older versions without the new
symbols, and we'll put out a call for testing.
include/*.h include their ssp/*.h equivalents as needed based on the
knob. Programs and users are allowed to override FORTIFY_SOURCE in their
Makefiles or src.conf/make.conf to force it off.
Reviewed by: des, markj
Relnotes: yes
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32308
libnvmf provides APIs for transmitting and receiving Command and
Response capsules along with data associated with NVMe commands.
Capsules are represented by 'struct nvmf_capsule' objects.
Capsules are transmitted and received on queue pairs represented by
'struct nvmf_qpair' objects.
Queue pairs belong to an association represented by a 'struct
nvmf_association' object.
libnvmf provides additional helper APIs to assist with constructing
command capsules for a host, response capsules for a controller,
connecting queue pairs to a remote controller and optionally
offloading connected queues to an in-kernel host, accepting queue pair
connections from remote hosts and optionally offloading connected
queues to an in-kernel controller, constructing controller data
structures for local controllers, etc.
libnvmf also includes an internal transport abstraction as well as an
implementation of a userspace TCP transport.
libnvmf is primarily intended for ease of use and low-traffic use cases
such as establishing connections that are handed off to the kernel.
As such, it uses a simple API built on blocking I/O.
For a host, a consumer first populates an 'struct
nvmf_association_params' with a set of parameters shared by all queue
pairs for a single association such as whether or not to use SQ flow
control and header and data digests and creates a 'struct
nvmf_association' object. The consumer is responsible for
establishing a TCP socket for each queue pair. This socket is
included in the 'struct nvmf_qpair_params' passed to 'nvmf_connect' to
complete transport-specific negotiation, send a Fabrics Connect
command, and wait for the Connect reply. Upon success, a new 'struct
nvmf_qpair' object is returned. This queue pair can then be used to
send and receive capsules. A command capsule is allocated, populated
with an SQE and optional data buffer, and transmitted via
nvmf_host_transmit_command. The consumer can then wait for a reply
via nvmf_host_wait_for_response. The library also provides some
wrapper functions such as nvmf_read_property and nvmf_write_property
which send a command and wait for a response synchronously.
For a controller, a consumer uses a single association for a set of
incoming connections. A consumer can choose to use multiple
associations (e.g. a separate association for connections to a
discovery controller listening on a different port than I/O
controllers). The consumer is responsible for accepting TCP sockets
directly, but once a socket has been accepted it is passed to
nvmf_accept to perform transport-specific negotiation and wait for the
Connect command. Similar to nvmf_connect, nvmf_accept returns a newly
construct nvmf_qpair. However, in contrast to nvmf_connect,
nvmf_accept does not complete the Fabrics negotiation. The consumer
must explicitly send a response capsule before waiting for additional
command capsules to arrive. In particular, in the kernel offload
case, the Connect command and data are provided to the kernel
controller and the Connect response capsule is sent by the kernel once
it is ready to handle the new queue pair.
For userspace controller command handling, the consumer uses
nvmf_controller_receive_capsule to wait for a command capsule.
nvmf_receive_controller_data is used to retrieve any data from a
command (e.g. the data for a WRITE command). It can be called
multiple times to split the data transfer into smaller sizes.
nvmf_send_controller_data is used to send data to a remote host in
response to a command. It also sends a response capsule indicating
success, or an error if an internal error occurs. nvmf_send_response
is used to send a response without associated data. There are also
several convenience wrappers such as nvmf_send_success and
nvmf_send_generic_error.
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D44710
Link with --no-undefined-version by default. Will detect and prevent
the accidental removal of symbols from versioned libraries.
Reviewed by: arichardson, kib, dim, emaste
Differential Revision: https://reviews.freebsd.org/D44216
This commit broke "make makeman" checks in github CI due to a lack of
option description files. The split between VIMAGE and VIMAGE_SUPPORT
is not clearly justified and the code is broken because there is no
opt_vimage.h (it's in opt_global.h).
This reverts commit 22ca6db50f.
The drivers and utilities are now built and installed unconditionally.
Reviewed by: imp, emaste
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D44843
Capsicum is non-optional as of c24c117b96 ("Remove
WITHOUT_{CAPSICUM,CASPER} options").
`#ifndef WITHOUT_CAPSICUM` is left in the source for the benefit of
downstream consumers, but is never defined in FreeBSD.
Reviewed by: oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42077
- Remove superfluous whitespace by removing trailing whitespace
before `\` (line continuation character)
- Quote `SUBDIR.` to clarify the fact that this is a variable
reference--not the end of a sentence.
As discussed in bug 278417, some ports require the F16C instruction set
to compile, but there is no way yet to detect whether the currently
chosen CPUTYPE supports this feature.
Add the feature to the MACHINE_CPU variable, for each processor that
supports it. The list of processors was extracted from clang 18's -dM
output, filtered on the __F16C__ define.
PR: 278417
Reviewed by: brooks, emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D44848
Following the convention used in the rest of this file, ${LIBPFCTLDIR}
should refer to the directory, and ${LIBPFCTL} to the library itself.
Instead, both values were assigned to ${LIBPFCTL}, and ${LIBPFCTLDIR} was
not set at all.
This appears to be a simple typo and not a deliberate choice, so fix it
by assigning the directory name to ${LIBPFCTLDIR} instead.
Default to VIMAGE as yes.
Add VIMAGE to __DEFAULT_DEPENDENT_OPTIONS (to define VIMAGE_SUPPORT)
Only output VIMAGE to opt_global.h when VIMAGE support is wanted.
Obtained from: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D39636
This allows for setting a different compiler for building hostprogs
when cross compiling.
Obtained from: Juniper Networks, Inc.
Reviewed by: sjg
Differential Revision: https://reviews.freebsd.org/D44536
This adds support for two new diff algorithms, Myers diff and Patience
diff.
These algorithms perform a different form of search compared to the
classic Stone algorithm and support escapes when worst case scenarios
are encountered.
Add the -A flag to allow selection of the algorithm, but default to
using the new Myers diff implementation.
The libdiff implementation currently only supports a subset of input and
output options supported by diff. When these options are used, but the
algorithm is not selected, automatically fallback to the classic Stone
algorithm until support for these modes can be added.
Based on work originally done by thj@ with contributions from kevans@.
Sponsored by: Klara, Inc.
Reviewed by: thj
Differential Revision: https://reviews.freebsd.org/D44302
This will be used by bhyve to build a device tree when booting arm64
guests.
Reviewed by: corvink, jhb
MFC after: 1 week
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D40994
Setting NO_CTF, NO_DEBUG_FILES, NO_INSTALLLIB, NO_MAN, NO_PROFILE,
and NO_WARNS was deprecated in 2014 and made an error prior to the
13.0.0 release in commit d3a5bf95f2.
Likewise, NO_WERROR was made an error prior to 13.0.0 in commit
7fa2f2a62f.
Remove this transition aid making these variables no-ops as setting them
will result in an error on all supported releases.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D44345
MacOS has case insensitive filesystems by default. So trying to link
between foo.X and FOO.X causes an error of some sort since we unlink the
old foo file destroying the newly installed foo due to the insensitive
nature of the FS. Assume that this is true on darwin/macos, though it is
only try by default there.
Perhaps install should grow smarts to know when this is the case, though
that looked much trickier. There didn't seem to be a flag to check. This
would be better, imho, since we could still write the METALOG data
correctly (images created from these metalogs are imperfect due to this
relatively issue...).
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D44347
this is a very early script to support cloudinit, it does not intend to
be a full featured cloudinit client, but will support a good enough
subset to be viable in most case.
It support nocloud and openstack config-2 config drive mode (iso9660 or
msdosfs)
The following features are currently supported:
- adding users (including a default user named 'freebsd' with password
'freebsd'
- adding groups
- adding ssh keys
- static ipv4, static ipv6, dynamic ipv4
With this one is able to use the 'bring your own image feature" out of
box.
It is expected that the script grows the support of other clouds
supporting cloud-init, contributions are welcomed.
It is designed to be only run once via the firstboot mecanism.
Sponsored by: OVHCloud
MFC After: 3 weeks
Differential Revision: https://reviews.freebsd.org/D44141
When enabled (current default) link with --undefined-version to allow
symbol maps to contain symbols not defined by libraries. When disabled,
link with --no-undefined-version to disallow these bugs.
WITHOUT_UNDEFINED_VERSION is currently broken. Once it is fixed it
should be made the default and this option should likely be removed.
Reviewed by: dim, emaste
Differential Revision: https://reviews.freebsd.org/D44169
When BEARSSL is enabled, we pull in libsecureboot, which has EFI
dependencies which don't exist on powerpc. This needs to be detangled,
but until then mark it as broken.
Sponsored by: Netflix
Continue to filter the public interface (elf_aux_info()), but entierly
relocate the private interfaces (_elf_aux_info(),
__init_elf_aux_vector(), and __elf_aux_vector) to libsys.
This ensures that rtld updates the correct (only) copy of
__elf_aux_vector. After 968a18975a
updates were confused and __getosreldate was failing, causing
the system to fall back to compat compat12 syscalls in some cases.
Return to explicitly linking libc to libsys and link libthr with libc
and libsys (in that order).
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D43910
This option will omit all the graphics support, the teken terminal
library, video mode support, etc and support a simple, basic, text-only
video console for the x86 BIOS boot loader. It uses the FreeBSD 12
version of vidconsole.c. It defaults to NO.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43912
Commit de6feefdb7 limited the amount of debuginfo generated for clang
and other llvm-related executables. This was done to save disk space and
memory during building, but it makes debugging any of these executables
much harder.
Add a new src.conf(5) setting, WITH_LLVM_FULL_DEBUGINFO, to generate
full debuginfo instead. This is off by default, but could for example be
enabled for release builds or snapshots, so llvm executables are easier
to debug.
Reviewed by: emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43839
At runtime, when rtld loads libc it will also load libsys. For each
symbol that is present in both, the libsys one will override the libc
one. It continues to be the case that program need only link against
libc (usually implicitly). The linkage to libsys is automatic.
Reviewed by: kib, emaste, imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/908
libsys provides the FreeBSD kernel interface (auxargs, system calls,
vdso). It can be linked directly for programs using a non-standard
libc and will later be linked as a filter library to libc providing
the actual system call implementation.
Reviewed by: kib, emaste, imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/908
Not all of the tree is happy for realinstall to be done in parallel. In
particular, Makefile.inc1 uses .WAIT to force etc to be installed after
earlier subdirectories, since etc calls into share/man's makedb to run
makewhatis on the tree and needs all manpages to have been installed.
Also, libexec/Makefile doesn't set SUBDIR_PARALLEL, and the link from
ld-elf32.1 to ld-elf.1 relies on rtld-elf having been installed before
rtld-elf32, otherwise creating the link will fail.
In general, core behavioural differences like this between NO_ROOT and
"normal" builds are also dangerous and confusing.
If this optimisation is deemed important, it should be reintroduced in a
more limited and robust manner that doesn't break the above situations.
Until then value correctness over slight efficiency gains on high core
count machines, the same machines where you're more likely to encounter
issues from this optimisation.
This reverts commits cd19ecdbdc ("Similar to r296013 for NO_ROOT,
force SUBDIR_PARALLEL for buildworld WORLDTMP staging.") and
b9c6f31681 ("Add more STANDALONE_SUBDIR_TARGETS.").
Found by: CheriBSD Jenkins
Reviewed by: bdrewery, brooks
Fixes: cd19ecdbdc ("Similar to r296013 for NO_ROOT, force SUBDIR_PARALLEL for buildworld WORLDTMP staging.")
Fixes: b9c6f31681 ("Add more STANDALONE_SUBDIR_TARGETS.")
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43705
This revision breaks Linux and MacOS cross builds because
TARGET_ENDIANNESS is not define during bootstrapping on these
platforms.
I think the correct approach would be to separate the new
fbsd_ossl_provider_load() and unload functions into their own
library (instead of libroken). This avoids the less desirable
option of including bsd.cpu.mk in secure/lib/Makefile.common,
which does build but could complicate future work.
Reported by: jrtc27
This reverts commit cb350ba7bf.
Weak crypto is provided by the openssl legacy provider which is
not load by default. Load the legacy providers as needed.
When the legacy provider is loaded into the default context the default
provider will no longer be automatically loaded. Without the default
provider the various kerberos applicaions and functions will abort().
PR: 272835
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D43009
Tested by: netchild, Joerg Pulz <Joerg.Pulz@frm2.tum.de>
This option can be used to specify a format to use in DTrace output.
The following formats are supported:
- json
- xml
- html
- none (default DTrace output)
This is implemented using libxo and integrated into libdtrace. Client
code only works with the following API:
- dtrace_oformat_setup(dtrace_hdl_t *) -- to be called when output is starting.
- dtrace_oformat_teardown(dtrace_hdl_t *) -- to be called when output is finished
- dtrace_oformat(dtrace_hdl_t *) -- check if oformat is enabled.
- dtrace_set_outfp(FILE *) -- sets the output file for oformat.
- Ensure that oformat is correctly checked in the drop handler and record
processing callbacks.
This commit also adds tests which check if the generated output is
valid (JSON, XML) and extends the dtrace(1) describing the structured output.
Reviewed by: markj
Discussed with: phil
MFC after: 2 months
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D41745
We used to exclude a lot of extra hooks to allow for local
customizations of the build which couldn't be done outside of sys.mk,
but excluded that support for fmake. Remove those hacks.
Sponsored by: Netflix
Reviewed by: brooks
Pull Request: https://github.com/freebsd/freebsd-src/pull/980
There's no need to support fmake anymore. Always assume we can use
bmake's :tA modifier. The ports tree hasn't supported fmake in about a
decade anyway. Simplify here.
Sponsored by: Netflix
Reviewed by: brooks, emaste
Pull Request: https://github.com/freebsd/freebsd-src/pull/980
Commit 83cb5bae96 added a check for MAKE_VERSION being new enough to
handle CTFCONVERT_CMD being an empty string since fmake of the time
didn't support it until just a few commits before 83cb5bae96. Later,
it was augmented with a check for .PARSEDIR to see if bmake was
running. fmake and boostrapping from fmake haven't worked in maybe 6 or
8 years, so we can remove the check here. If you want to update from
your FreeBSD 7 or FreeBSD 8 systems, you're even more out of luck than
you were before and must jump to an older version before jumping to
current for the source upgrade path.
Sponsored by: Netflix
Reviewed by: brooks, emaste
Pull Request: https://github.com/freebsd/freebsd-src/pull/980
In the DIRDEPS_BUILD we use staging.
The staging logic in bsd.man.mk was in the wrong place, shift it
and add compressed man pages to the stage set if appropriate.
Reviewed by: stevek
Differential Revision: https://reviews.freebsd.org/D43238
Instead of having to do:
PROGS= program1 program2
SRCS.program1= program1.c common.c
SRCS.program2= program2.c common.c
This can now be done instead:
PROGS= program1 program2
SRCS= common.c
SRCS.program1= program1.c
SRCS.program2= program2.c
This shouldn't effect any existing projects using <bsd.progs.mk>.
Reviewed by: imp, sjg
Pull Request: https://github.com/freebsd/freebsd-src/pull/766
Python test scripts get processed (to add the `#! /usr/libexec/
atf_pytest_wrapper` shebang line), into a .xtmp file, and installed from
there. However, as there was no dependency of this .xtmp file on the
original file we kept reinstalling the .xtmp file, even if the original
had been edited already.
This could cause great confusion when debugging python test scripts.
Reviewed by: markj
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D43118
Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.
Sponsored by: Netflix
They are not executables and cannot be activated by kernel.
Reviewed by: emaste, imp
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D42768
GCC raises this warning for libc++'s istream. It raises false
positives in other cases as well (GCC bugs 109640, 109642, 109671).
Warning from <istream>:
/usr/include/c++/v1/istream:1464:34: error: possibly dangling reference to a temporary [-Werror=dangling-reference]
1464 | const ctype<_CharT>& __ct = std::use_facet<ctype<_CharT> >(__is.getloc());
| ^~~~
/usr/include/c++/v1/istream:1464:71: note: the temporary was destroyed at the end of the full expression 'std::__1::use_facet<ctype<char> >(std::__1::ios_base::getloc() const())'
1464 | const ctype<_CharT>& __ct = std::use_facet<ctype<_CharT> >(__is.getloc());
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D42579