Add a counter to track how frequently SACK has transmitted
more than one MSS using TSO. Instances when this will be
beneficial is the use of PRR, or when ACK thinning due to
GRO/LRO or ACK discards by the network are present.
Reviewed By: tuexen, #transport
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D45070
Before increasing sufflen, make sure the current name plus two (including
the terminating NUL character and the to-be-added character) does not
exceed the fixed buffer length, and stop immediately if this would occur.
In worst case scenario the code would write an nul character beyond the
boundary, however it would be caught by open(2) and based on the memory
layout, we do not believe this would constitute a security vulnerability.
MFC after: 3 days
This was prompted by noticing that '/var/db/portsnap' still exists on
newly-installed machines.
With this change, all mentions of portsnap(8) in the tree are gone,
except for the historical note in the AUTHORS section of manpage
phttpget(8).
locate(1) will thus start indexing again '/var/db/portsnap' on machines
where this directory still exists, which may be a good way to push
administrators to delete it.
Reviewed by: cperciva
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45023
Convert du to use libxo enabling structured output.
[[ minor style fixes by imp ]]
Signed-off-by: Nathan Huff <nhuff@acm.org>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1145
Add a -w flag to forward terminal resize events on to the child, which
can be useful in some circumstances to avoid terminal corruption.
Reviewed by: des
Co-authored-by: Xavier Beaudouin <xavier.beaudouin@klarasystems.com>
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D44167
Fix some nits pointed out by checkstyle9.pl in advance of functional
changes to script(1).
Reviewed by: des
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D44167
The CAPFAIL tracepoint was recently extended to report ECAPMODE
capability violations for processes that do not enter capability mode.
This allows developers that are interested in Capsicumizing their
programs to determine where violations are being raised.
Previously, CAPFAIL only produced output for processes using Capsicum(4)
capabilties. Thus, most ktrace users never received log output from the
trace point. With the recent changes, this is no longer the case.
Having this trace point enabled by default will produce output for all
processes that use syscalls that are not permitted in capability mode.
This may lead to confusion for users that are not familiar with the
feature. Remove KTRFAC_CAPFAIL from ktrace's default points to avoid
this.
Approved by: markj (mentor)
Reviewed by: markj
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D44887
Capsicum is non-optional as of c24c117b96 ("Remove
WITHOUT_{CAPSICUM,CASPER} options").
`#ifndef WITHOUT_CAPSICUM` is left in the source for the benefit of
downstream consumers, but is never defined in FreeBSD.
Reviewed by: oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42077
Even if the first branch succeeds, next time it will still check for
the second branch (which will be false) as the first one was true.
Add an else..if statement to address this.
Signed-off-by: rilysh <nightquick@proton.me>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1165
Note: This follows the current style of the bsdiff.c and bspatch.c
files, which is rather far from style(9).
Reviewed by: imp, cpervica
Pull Request: https://github.com/freebsd/freebsd-src/pull/1076
This replaces fgetln() with getline(). The main reason for this is
portability, making things easier for people who want to compile these
tools on non-FreeBSD systems.
I appreciate that's probably not the top concern for FreeBSD base tools,
but fgetln() is impossible to port to most platforms, as concurrent
access is essentially impossible to implement fully correct without the
line buffer on the FILE struct. Other than this, many generic FreeBSD
tools compile fairly cleanly on Linux with a few small changes.
Most uses of fgetln() pre-date getline() support (added in 2009 with
69099ba2ec), and there's been some previous patches (ee3ca711a88c98e6b1a71a2a4fc8ce) for other tools.
Obtained from: https://github.com/dcantrell/bsdutils and
https://github.com/chimera-linux/chimerautils
Signed-off-by: Martin Tournoij <martin@arp242.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/893
This replaces fgetln() with getline(). The main reason for this is
portability, making things easier for people who want to compile these
tools on non-FreeBSD systems.
I appreciate that's probably not the top concern for FreeBSD base tools,
but fgetln() is impossible to port to most platforms, as concurrent
access is essentially impossible to implement fully correct without the
line buffer on the FILE struct. Other than this, many generic FreeBSD
tools compile fairly cleanly on Linux with a few small changes.
Most uses of fgetln() pre-date getline() support (added in 2009 with
69099ba2ec), and there's been some previous patches (ee3ca711a88c98e6b1a71a2a4fc8ce) for other tools.
Obtained from: https://github.com/dcantrell/bsdutils and
https://github.com/chimera-linux/chimerautils
Signed-off-by: Martin Tournoij <martin@arp242.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/893
This replaces fgetln() with getline(). The main reason for this is
portability, making things easier for people who want to compile these
tools on non-FreeBSD systems.
I appreciate that's probably not the top concern for FreeBSD base tools,
but fgetln() is impossible to port to most platforms, as concurrent
access is essentially impossible to implement fully correct without the
line buffer on the FILE struct. Other than this, many generic FreeBSD
tools compile fairly cleanly on Linux with a few small changes.
Most uses of fgetln() pre-date getline() support (added in 2009 with
69099ba2ec), and there's been some previous patches (ee3ca711a88c98e6b1a71a2a4fc8ce) for other tools.
Obtained from: https://github.com/dcantrell/bsdutils and
https://github.com/chimera-linux/chimerautils
Signed-off-by: Martin Tournoij <martin@arp242.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/893
This replaces fgetln() with getline(). The main reason for this is
portability, making things easier for people who want to compile these
tools on non-FreeBSD systems.
I appreciate that's probably not the top concern for FreeBSD base tools,
but fgetln() is impossible to port to most platforms, as concurrent
access is essentially impossible to implement fully correct without the
line buffer on the FILE struct. Other than this, many generic FreeBSD
tools compile fairly cleanly on Linux with a few small changes.
Most uses of fgetln() pre-date getline() support (added in 2009 with
69099ba2ec), and there's been some previous patches (ee3ca711a88c98e6b1a71a2a4fc8ce) for other tools.
Obtained from: https://github.com/dcantrell/bsdutils and
https://github.com/chimera-linux/chimerautils
Signed-off-by: Martin Tournoij <martin@arp242.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/893
This replaces fgetln() with getline(). The main reason for this is
portability, making things easier for people who want to compile these
tools on non-FreeBSD systems.
I appreciate that's probably not the top concern for FreeBSD base tools,
but fgetln() is impossible to port to most platforms, as concurrent
access is essentially impossible to implement fully correct without the
line buffer on the FILE struct. Other than this, many generic FreeBSD
tools compile fairly cleanly on Linux with a few small changes.
Most uses of fgetln() pre-date getline() support (added in 2009 with
69099ba2ec), and there's been some previous patches (ee3ca711a88c98e6b1a71a2a4fc8ce) for other tools.
Obtained from: https://github.com/dcantrell/bsdutils and
https://github.com/chimera-linux/chimerautils
Signed-off-by: Martin Tournoij <martin@arp242.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/893
This replaces fgetln() with getline(). The main reason for this is
portability, making things easier for people who want to compile these
tools on non-FreeBSD systems.
I appreciate that's probably not the top concern for FreeBSD base tools,
but fgetln() is impossible to port to most platforms, as concurrent
access is essentially impossible to implement fully correct without the
line buffer on the FILE struct. Other than this, many generic FreeBSD
tools compile fairly cleanly on Linux with a few small changes.
Most uses of fgetln() pre-date getline() support (added in 2009 with
69099ba2ec), and there's been some previous patches (ee3ca711a88c98e6b1a71a2a4fc8ce) for other tools.
Obtained from: https://github.com/dcantrell/bsdutils and
https://github.com/chimera-linux/chimerautils
Signed-off-by: Martin Tournoij <martin@arp242.net>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/893
When viewing the manpage the '-t' option is shown as follows
-t -Sm tab1, tab2, ..., tabn Sm
with the markup '\&Sm' included within '.It Fl t', which doesn't
makes any sense.
So just remove it.
PR: 274897
MFC after: 3 days
* Use `errc()` instead of manually setting `errno` before calling `err()`.
* Change one warning into a fatal error.
* Drop some unnecessary casts.
* `strlcat()` bounds checks were off-by-one. This does not matter in
practice because the subsequent code renders an overrun harmless.
* We were passing `SSIZE_MAX` to `copy_file_range()` instead of the
requested size. This only matters if we're asked to install a file
which is still being written to while we are copying it.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D44810
We already removed it from cp(1) over a year ago but never followed up
here. Do so now, for the same reasons: significant complexity for
little to no benefit.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D44809
Libarchive 3.7.3
New features:
#1941 uudecode filter: support file name and file mode in raw mode
#1943 7-zip reader: translate Windows permissions into UNIX
permissions
#1962 zstd filter now supports the "long" write option
#2012 add trailing letter b to bsdtar(1) substitute pattern
#2031 PCRE2 support
#2054 add support for long options "--group" and "--owner" to tar(1)
Security fixes:
#2101 Fix possible vulnerability in tar error reporting introduced
in f27c173
Important bugfixes:
#1974 ISO9660: preserve the natural order of links
#2105 rar5: fix infinite loop if during rar5 decompression the last
block produced no data
#2027 xz filter: fix incorrect eof at the end of an lzip member
#2043 zip: fix end-of-data marker processing when decompressing zip
archives
PR: 278315 (exp-run)
MFC after: 1 week
In `copy()`, if no digest was requested (which is the common case), we
use `copy_file_range()` to avoid needlessly copying the contents of the
file into user space and back. When `copy_file_range()` returns
successfully (which, again, is the common case), we simply return, and
therefore never get to the point where we call `fsync()` if the `-S`
option was specified. Fix this.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D44756
There's no need to copy the path twice to split it into base and dir.
We simply call `basename()` first, then handle the two trivial cases in
which it isn't safe to call `dirname()`.
While here, add an early check that the destination is not an empty
string. This would always fail eventually, so it may as well fail
right away. Also add a test case for this shortcut.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D44743
Previously, we would only use a temporary file if explicitly asked to
with the `-S` option, and even then, only if the target file already
existed. This meant that an outside observer looking for the target
file might see a partial file, and might see the file disappear and
then reappear.
With this patch, we always use a temporary file, ensuring atomicity.
The downside is slightly increased disk usage. The upside is never
having to worry about, for instance, cron jobs randomly failing if
they happen to run simultaneously with `make installworld`.
The `-S` option is retained, partly for compatibility, and partly
to control the use of `fsync(2)`, which has a non-negligible cost
(approximately 10% increase in wall time for `make installworld`).
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: 0mp, brooks, imp, markj
Differential Revision: https://reviews.freebsd.org/D44742
When a Capsicum violation occurs in the kernel, ktrace will now record
detailed information pertaining to the violation.
For example:
- When a namei lookup violation occurs, ktrace will record the path.
- When a signal violation occurs, ktrace will record the signal number.
- When a sendto(2) violation occurs, ktrace will record the recipient
sockaddr.
For all violations, the syscall and ABI is recorded.
kdump is also modified to display this new information to the user.
Reviewed by: oshogbo, markj
Approved by: markj (mentor)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D40676
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvm-project main llvmorg-18-init-18359-g93248729cfae, the
last commit before the upstream release/18.x branch was created.
PR: 276104
MFC after: 1 month
The "pathlen" variable is the return value of strlen(3) and is then
passed as an argument to malloc(3) and memcpy(3). The size_t type
matches the prototype for these functions. The size_t type is unsigned
so it can fit larger $PATH values than ssize_t. However, in practice
ssize_t should be larger enough so this change is just for clarity.
Signed-off-by: Collin Funk <collin.funk1@gmail.com>
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1113
This commit reverts 8db56defa7,
rolling back the vendor import of xz 5.6.0 and restoring the
package to version 5.4.5.
The revert was not directly due to the attack (CVE-2024-3094):
our import process have removed the test cases and build scripts
that would have enabled the attack. However, reverting would
help to reduce potential confusion and false positives from
security scanners that assess risk based solely on version
numbers.
Another commit will follow to restore binary compatibility with
the liblzma 5.6.0 library by making the previously private
symbol (lzma_mt_block_size) public.
PR: 278127
MFC after: 3 days
Before a protocol specific control block started to embed inpcb in self
(see 0aa120d52f, e68b379244, 483fe96511) this pointer used to point
at it.
Retain kf_sock_inpcb field in the struct kinfo_file in <sys/user.h>. The
exp-run detected a minimal use of the field in ports:
* sysutils/lsof - patched upstream
* net-mgmt/netdata - patch accepted upstream
* emulators/qemu-user-static - upstream master branch seems not using
the field anymore
We can keep the field around for some time, but eventually it may be
reused for something else.
PR: 277659 (exp-run)
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D44491
Note that VFS internally interprets a timestamp of -1 as “do not set”,
so this has no effect, but at least touch won't incorrectly reject the
given date / time (1969-12-31 23:59:59 UTC) as invalid.
While here, fix some style issues.
MFC after: 1 week
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D44504
This adds support for two new diff algorithms, Myers diff and Patience
diff.
These algorithms perform a different form of search compared to the
classic Stone algorithm and support escapes when worst case scenarios
are encountered.
Add the -A flag to allow selection of the algorithm, but default to
using the new Myers diff implementation.
The libdiff implementation currently only supports a subset of input and
output options supported by diff. When these options are used, but the
algorithm is not selected, automatically fallback to the classic Stone
algorithm until support for these modes can be added.
Based on work originally done by thj@ with contributions from kevans@.
Sponsored by: Klara, Inc.
Reviewed by: thj
Differential Revision: https://reviews.freebsd.org/D44302