Historically we exposed _getlogin as a private symbol on a per-arch basis
(except on aarch64 and riscv) for no obvious reason. We now need to
expose it for libc's use so remove the special case from
makesyscalls.lua and expose it in the generated syscalls.map.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44116
Rather than having PSEUDO be a list of object files when all consumers
want syscall names or source files, make it a list of bare syscall
names like INTERPOSED (which is built on PSEUDO).
Improve document of variables developers can set.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44108
Consolidate in preparation for further cleanup.
Also relocate the sole NOASM entry.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44107
Every PSEUDO entry (_foo.o) has a corresponding NOASM entry (foo.o) to
suppress its addition to ASM. Check PSEUDO instead when adding entries
to ASM. No functional change.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44106
It's a thin wrapper on cap_getmode() implemented in libc, not a system
call so the symbol should have been exposed by libc/gen/Symbol.map
alongside the implementation.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44110
Otherwise on success it ontain the return value of asprintf.
Sponsored by: Beckhoff Automation GmbH & Co. KG
Fixes: 2d2950c889 ("pam_xdg: Check asprintf return value")
This ensure that the XDG_RUNTIME_DIR is always created and the environment
variable is present which is a must for any wayland user (at least).
The only "cost" of it is a directory is created and unused.
Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D44012
Sponsored by: Beckhoff Automation GmbH & Co. KG
This is a module to setup the XDG directories and environment variables.
For now the only usage is to have a XDG_RUNTIME_DIR environment setup at
user login.
All other environment variable have a default fallback so no need to export
them in this module.
The directory is created according to the XDG Base directory specification.
The default base directory is /var/run/xdg/<username> but can be configured
using the runtime_dir=<dir> module option.
According to the spec the directory *must* not survive a reboot so adding
var_run_enable="YES" to rc.conf is highly recommanded.
Reviewed by: des, pauamma (manpages)
Differential Revision: https://reviews.freebsd.org/D44011
Sponsored by: Beckhoff Automation GmbH & Co. KG
Despite looking trivial, it requires proper split of exports from libsys
and libc, proper filtering work in rtld, and operational libsys.
Reviewed by: emaste, imp
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D44075
Move functions back to libc/gen sources; they are only versioned from
libc and not libsys.
Access libsys interposing slots using __libsys_interposing_slot()
instead of direct __libsys_interposing array dereference, which cannot
work from libc.
Reported by: glebius
Reviewed by: brooks
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D44042
so that libc/libthr do not preempt libsys symbols, esp. errno-related.
The issue is, if libsys is linked with DT_BIND_NOW flag, and then loaded
as filter, rtld tries to relocate its PLT symbols immediately, not as
filter. There, during symbol lookup, rtld finds filtering symbols in
libc, and since libc is in loading filters mode, the resolution stops
there. The end result is that libsys links to libc.
Reviewed by: brooks
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D44027
Before, the 'errno' itself was defined in libc and was referenced by
libsys, causing undesired dependency.
Reviewed by: brooks, imp
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D43985
that existed in auxv.c, use simple bool gate instead. This leaves a
small window if two threads try to call _elf_aux_info(3) simultaneously.
The situation is safe because auxv parsing is really idempotent. The
parsed data is the same, and we store atomic types (int/long/ptr) so
double-init does not matter.
Reviewed by: brooks, imp
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D43985
To allow gcc -m32 to work, link libc and libthr with --rpath-/usr/lib32.
When called with -m32, gcc is currently unable to communicate to
the bfd linker that it should look in /usr/lib32 to resolve needed (as
opposed to explicitly linked) libraries so we need to provide a hint.
See also: https://sourceware.org/bugzilla/show_bug.cgi?id=31395
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D43910
Continue to filter the public interface (elf_aux_info()), but entierly
relocate the private interfaces (_elf_aux_info(),
__init_elf_aux_vector(), and __elf_aux_vector) to libsys.
This ensures that rtld updates the correct (only) copy of
__elf_aux_vector. After 968a18975a
updates were confused and __getosreldate was failing, causing
the system to fall back to compat compat12 syscalls in some cases.
Return to explicitly linking libc to libsys and link libthr with libc
and libsys (in that order).
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D43910
Commit de6feefdb7 limited the amount of debuginfo generated for clang
and other llvm-related executables. This was done to save disk space and
memory during building, but it makes debugging any of these executables
much harder.
Add a new src.conf(5) setting, WITH_LLVM_FULL_DEBUGINFO, to generate
full debuginfo instead. This is off by default, but could for example be
enabled for release builds or snapshots, so llvm executables are easier
to debug.
Reviewed by: emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43839
Add lua bindings to hashing functions. sha256 is available. sha256.new
craetes a new object. sha256.update updates the digest. sha256.digest
returns the digest as a binary string and resets the
context. sha256.hexdigest returns the digest as a string of hex digits
and then resets the cotnext.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D43872
Capability rights passed to cap_rights_* are not simple bitmaks and
cannot be ORed together in general (although it will work for certain
subsets of rights).
PR: 277057
Fixes: faaf43b2a7 ("fileargs: add tests")
Sponsored by: The FreeBSD Foundation
By default only report unverified files at severity VE_WANT
and above. This inlcudes *.conf but not *.hints, *.cookie
or *.tgz which get VE_TRY as their severity.
If Verbose is set to 0, then VerifyFlags should default to 0 too.
Thus the combination of
module_verbose=0
VE_VEBOSE=0
is sufficient to make the loader almost totally silent.
When verify_prep has to find_manifest and it is verified ok
return VE_NOT_CHECKED to verify_file so that it can skip
repeating verify_fd
Also add better debugging output for is_verified and add_verify_status.
vectx handle compressed modules
When verifying a compressed module (.ko.gz or .ko.bz2)
stat() reports the size as -1 (unknown).
vectx_lseek needs to spot this during closing - and just read until
EOF is hit.
Note: because of the way libsa's open() works, verify_prep will see
the path to be verified as module.ko not module.ko.bz2 etc. This is
actually ok, because we need a separate module.ko.bz2 entry so that
the package can be verified, and the hash for module.ko is of the
uncompressed file which is what vectx will see.
Re-work local.trust.mk so site.trust.mk need only set
VE_SIGN_URL_LIST (if using the mentioned signing server)
interp.c: restrict interactive input
Apply the same restrictions to interactive input as for
unverified conf and hints files.
Use version.veriexec when LOADER_VERIEXEC is yes
Reviewed by: kevans
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D43810
We have BASEPATH defined.
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Reviewed by: dev_submerge.ch, markj
Differential Revision: https://reviews.freebsd.org/D43812
This reverts commit 470f9f13de.
I need more time to figure out how to make this work correctly with
incremental builds, which it currently miserably fails on.
There is no reason anymore to not build these as PIE. Unfortunately
bsd.lib.mk does not allow for building _only_ PIE static libraries, so
lib/clang/Makefile.inc needs a kludge to work around that issue.
MFC after: 1 week
and use the current file offset instead.
Requested by: Vinícius dos Santos Oliveira <vini.ipsmaker@gmail.com>
Reviewed by: jhb
Discussed with: asomers
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D43448