Unfortunately though the original tarball supports this in ./configure
(for Linux), to fully support disabling of mlockall() by default requires
a little extra help otherwise the following is logged in syslog:
Cannot set RLIMIT_MEMLOCK: Operation not permitted
MFC after: 2 weeks
X-MFC with: r352304
On arm and arm64, where chars are unsigned by default, buildworld dies
with:
--- terminal.o ---
/usr/src/contrib/libedit/terminal.c:569:41: error: comparison of
integers of different signs: 'wint_t' (aka 'int') and 'wchar_t' (aka
'unsigned int') [-Werror,-Wsign-compare]
el->el_cursor.v][where & 0370] !=
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ^
/usr/src/contrib/libedit/terminal.c:659:28: error: comparison of
integers of different signs: 'wint_t' (aka 'int') and 'wchar_t' (aka
'unsigned int') [-Werror,-Wsign-compare]
[el->el_cursor.h] == MB_FILL_CHAR)
~~~~~~~~~~~~~~~~~ ^ ~~~~~~~~~~~~
Fix this by making MB_FILL_CHAR a wint_t, so no casting is needed.
Note that in https://reviews.freebsd.org/D21584 this was also proposed
by Yuichiro Naito <naito.yuichiro_gmail.com>.
Reviewed by: bapt
Subscribers: naito.yuichiro_gmail.com, ml_vishwin.info
MFC after: 3 weeks
X-MFC-With: r352275
Differential Revision: https://reviews.freebsd.org/D21657
in various declarations.
Otherwise, depending on how unwind-arm.h is included from other source
files, the compiler may complain that uint32_t and uint64_t are unknown
types.
MFC after: 3 days
This only lists the changed type and not other attributes so that it
matches the behavior of -C as done in r66747 for fmtree. The NetBSD
-ff implementation was copied from fmtree.
Reviewed by: imp
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D21623
This function is not needed anymore, it allows old sh binary to continue
to run and avoid breaking backward compatibility.
Note that is now just calls the regular _el_fn_complete which does a proper
job at quoting.
Discussed with: jilles
Compared to current version in base:
- great improvements on the Unicode support
- full support for filename completion including quoting
which means we do not need anymore our custom addition)
- Improved readline compatiblity
Upgrading libedit has been a pain in the past, because somehow we never
managed to properly cleanup the tree in lib/libedit and each merge has always
been very painful. After years of fighting give up and refresh a merge from
scrarch properly in contrib.
Note that the switch to this version will be done in another commit.
[IfConversion] Fix diamond conversion with unanalyzable branches.
The code was incorrectly counting the number of identical
instructions, and therefore tried to predicate an instruction which
should not have been predicated. This could have various effects: a
compiler crash, an assembler failure, a miscompile, or just
generating an extra, unnecessary instruction.
Instead of depending on TargetInstrInfo::removeBranch, which only
works on analyzable branches, just remove all branch instructions.
Fixes https://bugs.llvm.org/show_bug.cgi?id=43121 and
https://bugs.llvm.org/show_bug.cgi?id=41121 .
Differential Revision: https://reviews.llvm.org/D67203
This should fix "Unable to predicate BX killed renamable $r0" errors
when building the lang/spidermonkey170 and lang/spidermonkey38 ports for
armv7 and armv6.
PR: 236567
MFC after: 3 days
lldb prepends the thread name to log entries, and the existing thread
name for the FreeBSD ProcessMonitor thread was longer than the kernel's
supported thread name length, and so was truncated. This made logs hard
to read, as the truncated thread name ran into the log message. Shorten
"lldb.process.freebsd.operation" to just "freebsd.op" so that logs are
more readable.
(Upstreaming to lldb still to be done).
gets is unsafe and shouldn't be used (for many years now). Leave it in
the existing symbol version so anything that previously linked aginst it
still runs, but do not allow new software to link against it.
(The compatability/legacy implementation must not be static so that
the symbol and in particular the compat sym gets@FBSD_1.0 make it
into libc.)
PR: 222796 (exp-run)
Reported by: Paul Vixie
Reviewed by: allanjude, cy, eadler, gnn, jhb, kib, ngie (some earlier)
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D12298
Fix a problem which prevented -OServerSSLOptions or -OClientSSLOptions
specified in the command-line option from working.
This patch has been accepted by the upstream.
Reviewed by and discussed with: gshapiro
Update wpa 2.8 --> 2.9
hostapd:
* SAE changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* EAP-pwd changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* fixed FT-EAP initial mobility domain association using PMKSA caching
* added configuration of airtime policy
* fixed FILS to and RSNE into (Re)Association Response frames
* fixed DPP bootstrapping URI parser of channel list
* added support for regulatory WMM limitation (for ETSI)
* added support for MACsec Key Agreement using IEEE 802.1X/PSK
* added experimental support for EAP-TEAP server (RFC 7170)
* added experimental support for EAP-TLS server with TLS v1.3
* added support for two server certificates/keys (RSA/ECC)
* added AKMSuiteSelector into "STA <addr>" control interface data to
determine with AKM was used for an association
* added eap_sim_id parameter to allow EAP-SIM/AKA server pseudonym and
fast reauthentication use to be disabled
* fixed an ECDH operation corner case with OpenSSL
wpa_supplicant:
* SAE changes
- disable use of groups using Brainpool curves
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* EAP-pwd changes
- disable use of groups using Brainpool curves
- allow the set of groups to be configured (eap_pwd_groups)
- improved protection against side channel attacks
[https://w1.fi/security/2019-6/]
* fixed FT-EAP initial mobility domain association using PMKSA caching
(disabled by default for backwards compatibility; can be enabled
with ft_eap_pmksa_caching=1)
* fixed a regression in OpenSSL 1.1+ engine loading
* added validation of RSNE in (Re)Association Response frames
* fixed DPP bootstrapping URI parser of channel list
* extended EAP-SIM/AKA fast re-authentication to allow use with FILS
* extended ca_cert_blob to support PEM format
* improved robustness of P2P Action frame scheduling
* added support for EAP-SIM/AKA using anonymous@realm identity
* fixed Hotspot 2.0 credential selection based on roaming consortium
to ignore credentials without a specific EAP method
* added experimental support for EAP-TEAP peer (RFC 7170)
* added experimental support for EAP-TLS peer with TLS v1.3
* fixed a regression in WMM parameter configuration for a TDLS peer
* fixed a regression in operation with drivers that offload 802.1X
4-way handshake
* fixed an ECDH operation corner case with OpenSSL
MFC after: 1 week
Security: https://w1.fi/security/2019-6/\
sae-eap-pwd-side-channel-attack-update.txt
Rework recursive_timed_mutex so that it uses __thread_id instead of
using the lower-level __libcpp_thread_id. This is prep for fixing
PR42918. Reviewed as https://reviews.llvm.org/D65895
Pull in r368916 from upstream libc++ trunk (by Marshall Clow):
Fix thread comparison by making sure we never pass our special 'not a
thread' value to the underlying implementation. Fixes PR#42918.
This should fix std:🧵🆔:operator==() attempting to call
pthread_equal(3) with zero values.
Reported by: andrew@tao11.riddles.org.uk
PR: 239038, 239550
MFC after: 3 days
Per the July 22, 1999 letter (in /COPYRIGHT) from
William Hoskins
Director, Office of Technology Licensing
University of California, Berkeley
MFC after: 1 week
Adjust argc and argv by optind before using them. This slightly
simplifies the code. No functional change intended.
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D21079
The low fd limit used by poudriere exposed an odd failure mode in
cap_fileargs (used by readelf as of r350516). In particular, when
the limit was hit, both the main process and casper service would
block on their shared socket, waiting forever for the other to send a
message.
Reported by: zeising
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
pthread_cond_timedwait() should wait _at least_ until the timeout,
but it might appear to wait longer due to system activity and
scheduling. The test ignored fractional seconds when comparing the
actual and expected timeouts, so it allowed anywhere between zero
and one extra second of wait time. Zero is a bit unreasonable.
Compare fractional seconds so we always allow up to one extra second.
Reviewed by: ngie
MFC after: 1 week
Sponsored by: Dell EMC Isilon
In the future FreeBSD will ship without GNU binutils 2.17.50. Add a
note advising users who require GNU as to install the binutils port
or package.
Note that on armv7, arm64, amd64, i386 we currently ship only two
binutils tools (as and objdump). A deprecation notice was added to
objdump's man page some time ago.
PR: 233611
Discussed with: jhb
MFC after: 1 week
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
These bits are used for Intel CET IBT/Shadow Stack.
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D20516
We may install llvm-objdump as objdump (see review D18307) or just
provide no /usr/bin/objdump, but either way GNU objdump won't be
installed in the future.
MFC after: 3 days
This is a backport of LLVM commit 8331f61a51a7a0a1efbf5ed398e181593023d151,
llvm-svn: 353981:
ELF: Allow GOT relocs pointing to non-preemptable ifunc to resolve to an
IRELATIVE where possible.
This is needed in order to make ifuncs work correctly on PPC64.
It fixes an issue with lld, in which it would skip emitting necessary IRELATIVE
relocations. Without this change, indirect calls to ifuncs would result in a
segmentation fault, in static binaries or when defined in the main binary
(outside shared libraries).
This change also reverts the local
"Preserve relocations against ifuncs when -zifunc-noplt" commit and
replaces it by its upstream version, as part of the merge.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D21102
Modify strip(1) to not accept multiple input files when an output
file is specified. There is no good way to handle this combination,
and the change is compatible with binutils.
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
[CodeGen][NFC] Simplify checks for stack protector index checking
Use `hasStackProtectorIndex()` instead of `getStackProtectorIndex()
>= 0`.
Pull in r366371 from upstream llvm trunk (by Francis Visoiu Mistrih):
[PEI] Don't re-allocate a pre-allocated stack protector slot
The LocalStackSlotPass pre-allocates a stack protector and makes sure
that it comes before the local variables on the stack.
We need to make sure that later during PEI we don't re-allocate a new
stack protector slot. If that happens, the new stack protector slot
will end up being **after** the local variables that it should be
protecting.
Therefore, we would have two slots assigned for two different stack
protectors, one at the top of the stack, and one at the bottom. Since
PEI will overwrite the assigned slot for the stack protector, the
load that is used to compare the value of the stack protector will
use the slot assigned by PEI, which is wrong.
For this, we need to check if the object is pre-allocated, and re-use
that pre-allocated slot.
Differential Revision: https://reviews.llvm.org/D64757
Pull in r367068 from upstream llvm trunk (by Francis Visoiu Mistrih):
[CodeGen] Don't resolve the stack protector frame accesses until PEI
Currently, stack protector loads and stores are resolved during
LocalStackSlotAllocation (if the pass needs to run). When this is the
case, the base register assigned to the frame access is going to be
one of the vregs created during LocalStackSlotAllocation. This means
that we are keeping a pointer to the stack protector slot, and we're
using this pointer to load and store to it.
In case register pressure goes up, we may end up spilling this
pointer to the stack, which can be a security concern.
Instead, leave it to PEI to resolve the frame accesses. In order to
do that, we make all stack protector accesses go through frame index
operands, then PEI will resolve this using an offset from sp/fp/bp.
Differential Revision: https://reviews.llvm.org/D64759
Together, these fix a issue where the stack protection feature in LLVM's
ARM backend can be rendered ineffective when the stack protector slot is
re-allocated so that it appears after the local variables that it is
meant to protect, leaving the function potentially vulnerable to a
stack-based buffer overflow.
Reported by: andrew
Security: https://kb.cert.org/vuls/id/129209/
MFC after: 3 days
This snapshot among other things includes a fix for a crash of mandoc with empty
tbl reported by rea@ (his regression test has been incorporated upstream)
MFC after: 3 weeks
8.0.1 final release r366581. The only functional change is a fix for a
mismerge of upstream r360816, which properly restores the r2 register
when unwinding on PowerPC64 (See https://reviews.freebsd.org/D20337).
Relnotes: yes
PR: 236062
MFC after: 3 days
X-MFC-With: r349004
It is declared here and in rfc931.c and unused here so keep that copy
and discard this one.
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA, AFRL
When O_CREAT is specified, the third, variadic argument is
required as the permission. If on is not passed, then depending
on the ABI, either the contents of the third argument register
or some arbitrary stuff on the stack will be used as the permission.
This has been merged to NetBSD.
Reviewed by: asomers, ngie
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D20972
In both cases, function pointer arguments were inconsistently declared
and the result worked because of C's odd rules around function pointer
(de)references. With a stricter compiler these fail to compile.
Reviewed by: cem
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D20964
