This is a mostly-unmodified copy of the various *_chk implementations
and headers from NetBSD, without yet modifying system headers to start
actually including them. A future commit will also apply the needed
bits to fix ssp/unistd.h.
Reviewed by: imp, pauamma_gundo.com (both previous versions), kib
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32306
This was prompted by noticing that '/var/db/portsnap' still exists on
newly-installed machines.
With this change, all mentions of portsnap(8) in the tree are gone,
except for the historical note in the AUTHORS section of manpage
phttpget(8).
locate(1) will thus start indexing again '/var/db/portsnap' on machines
where this directory still exists, which may be a good way to push
administrators to delete it.
Reviewed by: cperciva
Approved by: emaste (mentor)
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45023
I am unsure of its exact historical usage, but, we no longer ship GCC
with FreeBSD, and it should have been removed.
Reviewed by: imp, emaste
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D44440
This is useful for exposing additional registers to debuggers. For
instance, control registers are now available on amd64 when using gdb to
debug a guest.
The stub indicates support by including the string
"qXfer:features:read+" in its feature list. The debugger queries for
target descriptions by sending the query "qXfer:features:read:" followed
by a file path.
The XML definitions are copied from QEMU and installed to
/usr/share/bhyve/gdb.
Note that we currently don't handle the SIMD registers at all, since
that's of somewhat limited utility (for me at least) and since that
requires new ioctls to fetch the register values.
Reviewed by: jhb
MFC after: 2 weeks
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D43666
Add a python script which implements the bulk of this functionality.
Over time, this would ideally evolve into a library of python routines
which can be used to inspect kernel data structures and automate some
debugging tasks, similar to jhb's out-of-tree scripts, but written in a
somewhat nicer language and with better integration into the kgdb
command prompt.
Note that kgdb currently won't auto-load scripts in this directory.
This should perhaps change in the future. It probably also makes more
sense to have a crashinfo.py which provides all the kgdb output that we
want to include in core.txt, rather than having crashinfo.sh pipe in
several commands.
Reviewed by: avg, imp
Discussed with: jhb
MFC after: 3 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D33817
This option can be used to specify a format to use in DTrace output.
The following formats are supported:
- json
- xml
- html
- none (default DTrace output)
This is implemented using libxo and integrated into libdtrace. Client
code only works with the following API:
- dtrace_oformat_setup(dtrace_hdl_t *) -- to be called when output is starting.
- dtrace_oformat_teardown(dtrace_hdl_t *) -- to be called when output is finished
- dtrace_oformat(dtrace_hdl_t *) -- check if oformat is enabled.
- dtrace_set_outfp(FILE *) -- sets the output file for oformat.
- Ensure that oformat is correctly checked in the drop handler and record
processing callbacks.
This commit also adds tests which check if the generated output is
valid (JSON, XML) and extends the dtrace(1) describing the structured output.
Reviewed by: markj
Discussed with: phil
MFC after: 2 months
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D41745
- Add -b (suppress blank lines before directories).
- The equivalent of `-i` in fmtree is `-j` in mtree (nmtree) (indent the
output 4 spaces).
- Add `-F freebsd9` compatibility flavor (print the closing `..` at the
end).
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/912
This updates llvm, clang, compiler-rt, libc++, libunwind, lld, lldb and
openmp to llvm-project main llvmorg-17-init-19304-gd0b54bb50e51, the
last commit before the upstream release/17.x branch was created.
PR: 273753
MFC after: 1 month
This tests that with RTLD_DEEPBIND, symbols are looked up in all of the
object's needed objects before the global object.
PR: 275393
Reviewed by: kib
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D42843
Provide basic coverage for the existing options, nothing deeper (e.g.,
pipe closing behavior) is tested in this set.
Reviewed by: allanjude
Feedback from: des
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D42714
These were removed when the new mixer(3) library was imported, and I
missed updating the mtree file when I added the entries to
ObsoleteFiles.inc.
Fixes: 903873ce15 Implement and use new mixer(3) library for FreeBSD.
This module allows controlled privilege escallation via mac labels
securely associated with a process via mac_veriexec.
There are over 700 PRIV_* but we can compress many of them into
a single GBL_* thus constraining the size of gbl labels.
The goal is to allow a daemon to run as an unprivileged process while
still being able a set of privileged operations needed.
We add APIs to libveriexec so that userland processes can check labels
and an exec_script API that allows a suitably labeled process to run
something like a python interpreter directly if necessary;
overcomming the 'indirect' flag applied to the interpreter.
Add -l option to sbin/veriexec to report labels.
Reviewed by: stevek
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D41431
Remove leftover empty leading comments/blank lines that had been
spacers between $FreeBSD$ and the following content in config files
in src/etc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D41548
Unzip from FreeBSD has been ported to libarchive.
Change usr.bin/unzip to use bsdunzip from libarchive.
Differential Revision: https://reviews.freebsd.org/D41239
PR: 272845 (exp-run)
MFC after: 1 month
The mac_ipacl policy module enables fine-grained control over IP address
configuration within VNET jails from the base system.
It allows the root user to define rules governing IP addresses for
jails and their interfaces using the sysctl interface.
Requested by: multiple
Sponsored by: Google, Inc. (GSoC 2019)
MFC after: 2 months
Reviewed by: bz, dch (both earlier versions)
Differential Revision: https://reviews.freebsd.org/D20967
This better reflects the intent that this directory is indexed by kld
name and removes a conflict with D32128 which aims to split sysctl.conf.
Reviewed by: kevans imp
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D41043
For kernel modules loaded by scripts in /etc/rc.d and
/usr/local/etc/rc.d, if there is a file in /etc/sysctl.conf.d named <kld
name>.conf, then this will be loaded using the sysctl(8) utility. For
instance, sysctl variable changes for the pf kernel module would be
placed in the file /etc/sysctl.conf.d/pf.conf.
PR: 272129
Reviewed by: imp freebsd_igalic.co
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D40886
These are present (and empty) on a system installed post-GCC removal.
Reviewed by: imp
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D40878
Update its mtree entry.
Reviewed by: christos, markj
Fixes: 911f026039 dtrace: move kinst tests to common
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40901
Migrate to OpenSSL 3.0 in advance of FreeBSD 14.0. OpenSSL 1.1.1 (the
version we were previously using) will be EOL as of 2023-09-11.
Most of the base system has already been updated for a seamless switch
to OpenSSL 3.0. For many components we've added
`-DOPENSSL_API_COMPAT=0x10100000L` to CFLAGS to specify the API version,
which avoids deprecation warnings from OpenSSL 3.0. Changes have also
been made to avoid OpenSSL APIs that were already deprecated in OpenSSL
1.1.1. The process of updating to contemporary APIs can continue after
this merge.
Additional changes are still required for libarchive and Kerberos-
related libraries or tools; workarounds will immediately follow this
commit. Fixes are in progress in the upstream projects and will be
incorporated when those are next updated.
There are some performance regressions in benchmarks (certain tests in
`openssl speed`) and in some OpenSSL consumers in ports (e.g. haproxy).
Investigation will continue for these.
Netflix's testing showed no functional regression and a rather small,
albeit statistically significant, increase in CPU consumption with
OpenSSL 3.0.
Thanks to ngie@ and des@ for updating base system components, to
antoine@ and bofh@ for ports exp-runs and port fixes/workarounds, and to
Netflix and everyone who tested prior to commit or contributed to this
update in other ways.
PR: 271615
PR: 271656 [exp-run]
Relnotes: Yes
Sponsored by: The FreeBSD Foundation