From upstream 0ee44ef3:
- Fix send of udp retries when ENOBUFS is returned. It stops looping
and also waits for the condition to go away. Reported by Florian
Obser.
PR: 274352
MFC after: 3 days
Merge commit '292d51198aa319c58f534549851e9c28486abdf4'
Trimming of the line feed is no longer necessary after
d993c6b0db
Currently the tests:
- bcachefs2
- gpkg-1-zst
- multiple
are failing, but a fix will be committed upstream.
This also reverts c5e957ad4 "file: fix test case for gpkg by removing the extra \n."
MFC after: 3 days
despite being ignored in our main .gitignore, such files can still be
merged from vendor branches.
Reviewed by: cy
Fixes: 8f76bb7dad (unbound: Vendor import 1.18.0)
MFC after: 2 weeks
X-MFC with: 8f76bb7dad
Differential Revision: https://reviews.freebsd.org/D41920
Some highlights from NEWS entries:
** Improved OpenSSL 3.0 compatibility.
** Support for hidraw(4) on FreeBSD; gh#597.
** Improved support for FIDO 2.1 authenticators.
PR: 273596
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
On FreeBSD, pthread mutex, cond, and spinlocks allocate memory. On
Linux-based systems, these calls do not allocate memory. So there was a
safe assumption that the ofed RDMA verb calls do not need to explicitly
destroy the pthread locks. This assumption is false on FreeBSD. So let
us rearrange the code to cleanup the pthread locks.
Reviewed by: delphij
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D41105
An explicit tzset() call is usually not needed as it happens implicitly
the first time we call localtime() or mktime(), but in some cases
(sandboxing, chroot) this may be too late.
PR: 273807
MFC after: 3 days
Reviewed by: jrm
Differential Revision: https://reviews.freebsd.org/D41880
Removing artificial completion generator as there had been no indication
of the code being required for E810 cards. Further more it was found
that the code may have unpleasant side effects on user experience when
using ucmatose tool.
Signed-off-by: Bartosz Sobczak <bartosz.sobczak@intel.com>
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Reviewed by: erj@
MFC after: 1 day
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D41593
This commit fixes a couple of security vulnerabilities in the PAX writer:
1. Heap overflow in url_encode() in archive_write_set_format_pax.c
2. NULL dereference in archive_write_pax_header_xattrs()
3. Another NULL dereference in archive_write_pax_header_xattrs()
4. NULL dereference in archive_write_pax_header_xattr()
Security: No known reference yet
Obtained from: https://github.com/libarchive/libarchive/commit/1b4e0d0f9
MFC after: 3 days
[builtins][AArch64] Implement _sync out-of-line atomics
Whilst Clang does not use these, recent GCC does, and so on systems such
as FreeBSD that wish to use compiler-rt as the system runtime library
but also wish to support building programs with GCC these interfaces are
needed.
This is a light adaptation of the code committed to GCC by Sebastian Pop
<spop@amazon.com>, relicensed with permission for use in compiler-rt.
Fixes https://github.com/llvm/llvm-project/issues/63483
Reviewed By: sebpop, MaskRay
Differential Revision: https://reviews.llvm.org/D158536
Reviewed by: dim
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41716
Prefer libpfctl functions over direct access to the ioctl whenever
possible. This will allow subsequent removal of DIOCGETSTATUS (in 15) as
there already is an nvlist-based alternative.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D41647
This adds the --crlf option to netcat, which triggers translation of \n
characters into \r\n sequences in the input -> network direction.
The Linux version of nc also supports this functionality with --crlf and
-C. The OpenBSD version uses -C to specify client certificates. Our
version is too old and doesn't have it, but I avoided adding -C anyway
to ease future syncs with upstream.
Attempts to upstream the feature were unsuccessful:
https://marc.info/?t=169282068500001
Differential Revision: https://reviews.freebsd.org/D41489
These tests weren't run on x86 until CI grabbed them. It turns out,
there's a sign extension bug that surfaces on x86 with char being a
signed type.
NetBSD unearthed this when they took and improved the patch, so just
grab their solution until we get to merging in the latest version of
the test.
Reported by: CI (via ngie)
Fixes: 2f489a509e ("libc: fix some overflow scenarios in vis(3)")
It was originally in contrib, and moved to usr.sbin in 6692aa840c1f; I always thought lib would make more sense but never got around to moving it.
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D41504
Update Intel irdma driver to version 1.2.17-k
Notable changes:
- pf-reset handling improvements, including fixes in communication with if_ice(4)
- avoid racing when handling various events
- adding sw stats sysctls
- hand over pe_criterr handling from ice(4) to irdma(4)
- debug prints adjustments
- fix crash after changes in irdma_add_mqh_ifa_cb
Signed-off-by: Bartosz Sobczak <bartosz.sobczak@intel.com>
Signed-off-by: Eric Joyner <erj@FreeBSD.org>
Reviewed by: erj@
MFC after: 1 month
Sponsored by: Intel Corporation
Differential Revision: https://reviews.freebsd.org/D41425
Highlights:
- Some style fixes
- Bumped mbbuf in istrsenvisx() to MB_LEN_MAX to avoid VLAs
- mbslength cannot go negative, so make it unsigned
- Further bounds checking & fix an additional overrun, with dlen == 0
- Avoid duplicate call to wcslen(start)
GoogleTest 1.14.0 now requires C++14 to build. Change
`googletest.test.inc.mk` to reflect this requirement.
Adjust the build integration logic to handle the new version of
GoogleTest (add/remove headers/sources as needed).
Tighten down warnings via `CXXFLAGS.clang` instead of ignoring all
warnings. Some new warnings snuck in after I did my last round of fix
submissions upstream.
Also address some overlinking added in the previous version import by
removing superfluous libraries.
===============================
Expect WhenDynamicCastToTest.AmbiguousCast to fail
This change reapplies the expected failure from 1.10.0.
Ref: https://github.com/google/googletest/issues/2172
MFC after: 2 weeks
Reviewed by: asomers, emaste
Differential Revision: https://reviews.freebsd.org/D41399
Merge commit '8ef491440fcaec96f899d73e08873426c78583a4' into googletest-v1.14.0-import
The previous incarnation of this would call wcrtomb() on the destination
buffer, and only check for overflow *after* it's happened.
Additionally, the conversion error / VIS_NOLOCALE path also didn't check
for overflow, and the overflow check at the end didn't account for the
fact that we still need to write a NUL terminator afterward.
Start by only doing the multibyte conversion into mbdst directly if we
have enough buffer space to guarantee it'll fit. An additional
MB_CUR_MAX buffer has been stashed on the stack to write into if we're
cutting it close at the end of the buffer, since we don't really have a
good way to determine the length of the wchar_t without just doing the
conversion. We'll do the conversion into the buffer that's guaranteed
to fit, then copy it over if the copy won't overflow.
The byte-for-byte overflow is a little bit easier, as we simply check
for overflow with each byte written and make sure we can still NUL
terminate after.
Tests added to exercise these edge cases.
Reviewed by: des
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D41328
The function ibv_query_device_ex is static inline, it is not exported
from the dso. With lld 16, which is much more picky about versioning and
undefined symbols, this becomes an error.
The ibv_register_driver driver symbol is explicitly versioned in
sources, it is non-existent in un-versioned object files.
Sponsored by: NVidia networking
MFC after: 1 week
The FreeBSD driver support for clang tested explicitly for 32-bit
Intel, MIPS, or PowerPC targets where /usr/lib32/libcrt1.o was
present to decide whether -m32 should use /usr/lib32. At jrtc27's
suggestion, simply test for a 32-bit platform rather than adding
arm to the list. Upstreamed as
3450272fc2
Bump the freebsd version to force a bootstrap build. This is one
step in adding support for -m32 on arm64.
Reviewed by: jrtc27, brooks, dim
Differential Revision: https://reviews.freebsd.org/D40943
Libarchive 3.7.0
Important changes (relevant to FreeBSD):
#1814 Do not account for NULL terminator when comparing with "TRAILER!!!"
#1818 Add ability to produce multi-frame zstd archives
#1840 year 2038 fix for pax archives on platforms with 64-bit time_t
#1860 Make single bit bitfields unsigned to avoid clang 16 warning
#1869 Fix FreeBSD builds with WARNS=6
#1873 bsdunzip ported to libarchive from FreeBSD
#1894 read support for zstd compression in 7zip archives
#1918 ARM64 filter support in 7zip archives
MFC after: 2 weeks
PR: 272567 (exp-run)
[builtins][Mips] Un-break FreeBSD build of __clear_cache
Commit 674a17e9bbe8 ("MIPS/compiler_rt: use synci to flush icache on
r6") completely removed the OS-specific guards under the guise of "For
pre-r6, we can use cacheflush libc function, which is same on Linux and
FreeBSD." However, the code in question had guards for Linux and
OpenBSD, not Linux and FreeBSD, and FreeBSD does not have a cacheflush
libc function as claimed, so this was neither the statement they
intended to make nor was it sufficient justification for making the code
completely unconditional. Whilst the upcoming FreeBSD 14 release has
dropped support for MIPS, FreeBSD 13 has support for it.
Fix this by only calling cacheflush on the OSes where it was previously
called, and not on other OSes where it either definitely isn't available
(FreeBSD) or is unknown (any other OS than the three mentioned in this
commit).
This is only needed for MFC'ing, as mips has been removed from
14-CURRENT.
PR: 271047
MFC after: immediately
Intentionally or not, but the libwrap was written in such manner that
if your /etc/hosts.allow doesn't have any domain names, neither smart
keywords like LOCAL or KNOWN, then it will not try to resolve the
client address during the hosts check. This was achieved with the
NOT_INADDR() check that matched IPv4 addresses/prefixes. Extend this
to also skip resolve if client list token looks like IPv6.
Reviewed by: philip, emaste
PR: 269456
Differential revision: https://reviews.freebsd.org/D40070
