Introduce pfctl_get_status_h() because we need the pfctl_handle. In this variant
use netlink to obtain the information.
Sponsored by: Rubicon Communications, LLC ("Netgate")
pfctl_open() opens both /dev/pf and a netlink socket. Allow access to the /dev/
pf fd via pfctl_fd().
This means that libpfctl users no longer have to open /dev/pf themselves for any
calls that are not yet available in libpfctl.
Sponsored by: Rubicon Communications, LLC ("Netgate")
MFC after: 2 weeks
- A file descriptor obtained from accept(2), accept4(2) and openat(2)
is not always assigned all capability rights. Instead, it inherits
capability rights from the "parent" socket/dir file descriptor.
- getdents(2) and getdirentries(2) requires CAP_READ.
- openat(2) with O_WRONLY|O_TRUNC does not require CAP_SEEK.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1207
Move auditing runtime (auditd, etc.) into the new FreeBSD-audit package.
Also move the runtime OpenBSM manual pages from libbsm into auditd so
they get installed with the right package.
Add an UPDATING entry noting the new packages.
Reviewed by: imp, manu
Pull Request: https://github.com/freebsd/freebsd-src/pull/1197
As kib@ noted:
> Obviously gettimeofday(2) is not going to be removed
> even in the far future.
Reported by: kib
Fixes: 4395d3ced5 Document that gettimeofday() is obsolescent
MFC after: 3 days
As noted in bug 277096, when building a pkgbase repository using
WITHOUT_CROSS_COMPILER and WITHOUT_TOOLCHAIN (which sets WITHOUT_CLANG),
the following residual files are left over:
/usr/lib/clang/18/lib/freebsd/libclang_rt.asan-x86_64.so
/usr/lib/clang/18/share/asan_ignore_list.txt
/usr/lib/clang/18/share/cfi_ignore_list.txt
/usr/lib/clang/18/share/msan_ignore_list.txt
This is because the lib/libclang_rt directory is still descended into,
even if WITHOUT_CLANG is used. Fix it by not descending into the
libclang_rt directory in that case.
PR: 277096
Reported by: Siva Mahadevan <me@svmhdvn.name>
MFC after: 3 days
This was missed when read/write, etc were updated to return ssize_t.
Fixes: 2e83b28161 Fix a few syscall arguments to use size_t instead of u_int.
Reviewed by: imp, kib
Differential Revision: https://reviews.freebsd.org/D44930
A compiler clever enough to know that z is positive with a non-zero
biased exponent could, for example, optimize away the scalbnf(z,n) in
pow() because behavior for left shift of negative values is undefined.
`n` is negative when y*log2(|x|) < -0.5. i.e. |x^y| < sqrt(0.5)
The intended behavior for operator<< in this code is to shift the two's
complement representation of the first operand.
In the pow() functions, the result is added to the IEEE 754 exponent of
z = 2^y'. n may be negative enough to underflow the biased IEEE 754
exponent below zero, which is manifested in the sign bit of j
(which would correspond to the IEEE 754 sign bit).
The conversion from uint32_t to int32_t for out-of-int32_t-range values
is implementation defined. The assumed behavior of interpreting the
uint32_t value as a two's complement representation of a signed value
is already assumed in many parts of the code, such as uses of
GET_FLOAT_WORD() with signed integers.
This code passes all the current tests, and makes some out of tree
fuzzing tests pass again rather than hit UB (detailed in the commentary
of the pull request).
Signed-off-by: Karl Tomlinson <karlt+@karlt.net>
Reviewed by: imp, steve kargl, dim
Pull Request: https://github.com/freebsd/freebsd-src/pull/1137
This eliminates the use of non-thread-safe function in printf*() family,
and make the call locale-aware. Also, it stops obliterating the
strerror() static buffer, which aligns with the POSIX requirement that
implementations must behave as if no standard-mandated functions call
strerror().
PR: 278556
Reported by: Jonathan Gruber <jonathan.gruber.jg@gmail.com>
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D44916
xlocale.3: Comment out reference to atof_l(3), atoi_l(3), atol_l(3), atoll_l(3)
These manual page references do not exist.
lagg.4: Change the reference for /etc/rc.conf from a reference link
.Xr -> .Pa based on the context within the manual page it is used.
buf.9: Remove .Xr entries from the file
The buf.9 manual page contains a commented out .Xr reference.
The <filmmein> 9 entry is a placeholder and has been removed for
clarity.
Reviewed by: mhorne
Pull Request: https://github.com/freebsd/freebsd-src/pull/1114
This version of swab function simplifies the logic of swapping adjacent
bytes. Previous version of swab() used an arbitrary unrolling, which was
relevant back in the day but unnecessary for modern compilers, as if the
input size is known at compile time, they can do it automatically.
This version of swab() is inspired by musl.
A similar version can be found at: https://github.com/openbsd/src/blob/master/lib/libc/string/swab.c
Signed-off-by: rilysh <nightquick@proton.me>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1086
- add const to the appropriate places in the libipsec public API and the
relevant internal functions needed to support that.
- replace caddr_t with c_caddr_t in ipsec_dump_policy()
- update the ipsec_dump_policy manpage to use c_caddr_t (this manpage
was already wrong as it had "char *" instead of caddr_t previously).
While here, update pfkeyv2.h to not cast away const in the PFKEY_*()
macros.
This should not cause any ABI changes as the actual types have not
changed.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1099
Following the pattern of other architectures, make __sys_vfork the main
symbol and _vfork and vfork weak aliases. This avoids the need to
special case vfork in the generated list of symbols.
Differential Revision: https://reviews.freebsd.org/D44330
Use __libc_interposing_slot() in favor of __libsys_interposing_slot() so
that the interposing interface is entierly between libc and libthr with
libsys only involved as an implementation detail.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44880
Otherwise bsd.own.mk overrides it, causing libcxxrt.so.1 to be
erroneously installed into /usr/lib.
Also add an ObsoleteFiles.inc entry, for removing the bad copy.
Reported by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Fixes: da77a1b4f0
It's unclear to me why lld didn't complain about these are they aren't
present and haven't been. Instead ld.bfd complained.
Reviewed by: dim
Fixes: 6e6cd03c91 libc/quad: narrow list of symbols exposed on i386
Differential Revision: https://reviews.freebsd.org/D44879
GCC has used this for some time (since 7.0) and apparently we were
getting away with using the hidden symbol, but when linking with
--no-undefined-version we get an error unless it's properly exported.
(For anyone who wonders at the assymetry, __udivmoddi4 is indeed much
older and was introduced with GCC 3.0.)
MFC after: 3 days
Reviewed by: dim
Differential Revision: https://reviews.freebsd.org/D44878
The upstream llvm commit 5eb44df1b64d made the addition of these GCC
compatability symbols dependent on build configuration rather than
hardcoded for amd64, i386, and powerpc. Reenable them.
Reviewed by: dim
Differential Revision: https://reviews.freebsd.org/D44877
I put the symbols in the wrong file (should have been
lib/libc/sys/Symbol.map), added a duplicate pdfork entry due to a botch
rebase, and there seems to be a issue with gcc13/binutils not exposing
the symbols so revert the whole thing while I debug.
This reverts commit ee632fb9eb.
List them in the symbol map rather than using the __sym_default to
expose them. This will allow later improvements in the stub
implementations in libc.so.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44113
These private symbols are used by libc so expose as we do with
auxargs bits rather then relying on duplicate implementations in libc.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44114
Clang supports __bf16 for riscv from version 18.0 onwards, so update the
checks for it. While here, rewrite the checks so they are hopefully more
readable, and also handle gcc a little better.
In addition, define COMPILER_RT_HAS_FLOAT16 and COMPILER_RT_HAS_BFLOAT16
when these features should be available, since there are some parts in
compiler-rt that check for these defines.
PR: 276104
MFC after: 1 month
Libarchive 3.7.3
New features:
#1941 uudecode filter: support file name and file mode in raw mode
#1943 7-zip reader: translate Windows permissions into UNIX
permissions
#1962 zstd filter now supports the "long" write option
#2012 add trailing letter b to bsdtar(1) substitute pattern
#2031 PCRE2 support
#2054 add support for long options "--group" and "--owner" to tar(1)
Security fixes:
#2101 Fix possible vulnerability in tar error reporting introduced
in f27c173
Important bugfixes:
#1974 ISO9660: preserve the natural order of links
#2105 rar5: fix infinite loop if during rar5 decompression the last
block produced no data
#2027 xz filter: fix incorrect eof at the end of an lzip member
#2043 zip: fix end-of-data marker processing when decompressing zip
archives
PR: 278315 (exp-run)
MFC after: 1 week
The former exists and architectures other than aarch64 and riscv provide
it. The later does not exist.
Differential Revision: https://reviews.freebsd.org/D44329