| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
file 5.25.
Relnotes: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Clang emits SSE instructions on amd64 in the common path of
pthread_mutex_unlock. If the thread does not otherwise use SSE,
this usage incurs a context-switch of the FPU/SSE state, which
reduces the performance of multiple real-world applications by a
non-trivial amount (3-5% in one application).
Instead of this change, I experimented with eagerly switching the
FPU state at context-switch time. This did not help. Most of the
cost seems to be in the read/write of memory--as kib@ stated--and
not in the #NM handling. I tested on machines with and without
XSAVEOPT.
One counter-argument to this change is that most applications already
use SIMD, and the number of applications and amount of SIMD usage
are only increasing. This is absolutely true. I agree that--in
general and in principle--this change is in the wrong direction.
However, there are applications that do not use enough SSE to offset
the extra context-switch cost. SSE does not provide a clear benefit
in the current libthr code with the current compiler, but it does
provide a clear loss in some cases. Therefore, disabling SSE in
libthr is a non-loss for most, and a gain for some.
I refrained from disabling SSE in libc--as was suggested--because
I can't make the above argument for libc. It provides a wide variety
of code; each case should be analyzed separately.
https://lists.freebsd.org/pipermail/freebsd-current/2015-March/055193.html
Suggestions from: dim, jmg, rpaulo
Sponsored by: Dell Inc.
|
| |
|
|
|
|
|
|
|
|
| |
Set dev->fd to -1 when calling cam_close_spec_device with a valid dev->fd
descriptor to avoid trashing valid file descriptors that access dev->fd at a
later point in time
PR: 192671
Submitted by: Scott Ferris <scott.ferris@isilon.com>
Sponsored by: EMC / Isilon Storage Division
|
| |
|
|
|
|
| |
The old code was exponential in the number of asterisks in the pattern.
However, once a match has been found upto the next asterisk, the previous
asterisks are no longer relevant.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Shell syntax is too complicated to detect command substitution and unquoted
operators reliably without implementing much of sh's parser. Therefore, have
sh do this detection.
While changing sh's support anyway, also read input from a pipe instead of
arguments to avoid {ARG_MAX} limits and improve privacy, and output count
and length using 16 instead of 8 digits.
The basic concept is:
execl("/bin/sh", "sh", "-c", "freebsd_wordexp ${1:+\"$1\"} -f "$2",
"", flags & WRDE_NOCMD ? "-p" : "", <pipe with words>);
The WRDE_BADCHAR error is still implemented in libc. POSIX requires us to
fail strings containing unquoted braces with code WRDE_BADCHAR. Since this
is normally not a syntax error in sh, there is still a need for checking
code in libc, we_check().
The new we_check() is an optimistic check that all the characters
<newline> | & ; < > ( ) { }
are quoted. To avoid duplicating too much sh logic, such characters are
permitted when quoting characters are seen, even if the quoting characters
may themselves be quoted. This code reports all WRDE_BADCHAR errors; bad
characters that get past it and are a syntax error in sh return WRDE_SYNTAX.
Although many implementations of WRDE_NOCMD erroneously allow some command
substitutions (and ours even documented this), there appears to be code that
relies on its security (codesearch.debian.net shows quite a few uses).
Passing untrusted data to wordexp() still exposes a denial of service
possibility and a fairly large attack surface.
This is also a MFC of r286830 to reduce conflicts. I changed the code
somewhat to avoid changes from r286941; in particular, WRDE_BADVAL can still
only be returned if WRDE_UNDEF was passed.
Relnotes: yes
Security: fixes command execution with wordexp(untrusted, WRDE_NOCMD)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Export current system call code and argument count for system call entry
and exit events. To preserve the ABI, the new fields are moved to the
end of struct thread in these branches (unlike HEAD) and explicitly copied
when new threads are created. In addition, the new tests are only added
in 10.
r287386:
Export current system call code and argument count for system call entry
and exit events. procfs stop events for system call tracing report these
values (argument count for system call entry and code for system call exit),
but ptrace() does not provide this information. (Note that while the system
call code can be determined in an ABI-specific manner during system call
entry, it is not generally available during system call exit.)
The values are exported via new fields at the end of struct ptrace_lwpinfo
available via PT_LWPINFO.
r288949:
Fix various edge cases related to system call tracing.
- Always set td_dbg_sc_* when P_TRACED is set on system call entry
even if the debugger is not tracing system call entries. This
ensures the fields are valid when reporting other stops that
occur at system call boundaries such as for PT_FOLLOW_FORKS or
when only tracing system call exits.
- Set TDB_SCX when reporting the stop for a new child process in
fork_return(). This causes the event to be reported as a system
call exit.
- Report a system call exit event in fork_return() for new threads in
a traced process.
- Copy td_dbg_sc_* to new threads instead of zeroing. This ensures
that td_dbg_sc_code in particular will report the system call that
created the new thread or process when it reports a system call
exit event in fork_return().
- Add new ptrace tests to verify that new child processes and threads
report system call exit events with a valid pl_syscall_code via
PT_LWPINFO.
r288993:
Document the recently added pl_syscall_* fields in struct ptrace_lwpinfo.
|
| |
|
|
|
|
|
|
|
| |
PR: 203440 (based on)
Submitted by: ceratv@rpi.edu
Approved by: wblock@ (mentor)
Differential Revision: https://reviews.freebsd.org/D3813
- address grammar
|
| |
|
|
| |
Stop linking libc++.so verbosely, there is no need to.
|
| |
|
|
| |
does, so this file should not be in CLEANFILES / .NOPATH.
|
| |
|
|
|
|
|
| |
r273756:
only install .pc files when we are not installing 32bit compat libs...
r287980:
Replace beforeinstall: handling with FILES.
|
| |
|
|
| |
Add missing CLEANFILES.
|
| |
|
|
| |
Fix a couple of markup typos.
|
| |
|
|
|
|
| |
Export a list of VM objects in the system via a sysctl. The list can be
examined via 'vmstat -o'. It can be used to determine which files are
using physical pages of memory and how much each is using.
|
| |
|
|
|
| |
Avoid adding duplicates into OBJS. bsd.lib.mk already handles adding entries
to OBJS based on SRCS.
|
| |
|
|
| |
Correct the description of MADV_DONTNEED.
|
| |
|
|
|
|
|
|
| |
In libz's inflateMark(), avoid left-shifting a negative integer, which
is undefined.
Reviewed by: delphij
Differential Revision: https://reviews.freebsd.org/D3344
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
NetBSD commit log:
Use a constant array for the MIB. Newer LLVM decided that mib[] warranted
stack protections, with the obvious crash after the setup was done.
As a positive side effect, code size shrinks a bit.
I'm not sure why this hasn't bitten us yes, but it is certainly possible and
there are no real drawbacks to this change anyway.
Submitted by: pfg
Obtained from: NetBSD
|
| |
|
|
| |
Reported by: clang scan-build
|
| |
|
|
|
|
|
|
|
| |
- Print sdl->sdl_data when sdl->sdl_nlen > 0 && sdl->sdl_alen == 0
as link_ntoa(3) does.
- snprintf() returns at most size-1 of the chars printed into
the buffer. (n == hostlen) also means the buffer length was
too short.
|
| |
|
|
|
|
|
| |
- Fix SIGSEGV when sa == NULL. NULL check in getnameinfo_inet()
did not work as expected.
- Simplify afdl table lookup.
|
| |
|
|
|
| |
Fix t_spawnattr test for attributes handling by posix_spawn(3).
Connect it to the build.
|
| |
|
|
|
|
|
| |
Instead of doing an no-op (|= 0), actually clear the flags in
acl_clear_flags_np.
Reported by: Pascal Drecker <pascal freebsd drecker com>
|
| |
|
|
|
|
|
|
|
|
| |
Switch libc from using _sig{procmask,action,suspend} symbols, which
are aliases for the syscall stubs and are plt-interposed, to the
libc-private aliases of internally interposed sigprocmask() etc.
MFC r287300:
Use libthr interposed functions instead of syscalls, in posix_spawn()'
child.
|
| |
|
|
|
| |
Add <sys/user.h> to the SYNOPSIS of the kinfo_get*() functions since these
functions all return types that are defined in that header.
|
| |
|
|
|
|
|
|
|
| |
Per rfc3629 value greater than 0x10ffff should be rejected (r286490,r286491)
Make UTF-8 parsing and generation more strict. (r287125 by ed)
- in mbrtowc() we need to disallow codepoints above 0x10ffff.
- In wcrtomb() we need to disallow codepoints between 0xd800 and 0xdfff.
|
| |
|
|
|
|
|
|
| |
- ANSIfy
- Remove the redundant _PATH_RSH definition (paths.h at r96194);
- Use pid_t for PIDs
- Note that we are at the same level of OpenBSD's counterpart of
revision 1.7 (r94757).
|
| |
|
|
|
|
|
|
|
| |
if possible.
The kern.proc.umask.<pid> sysctl allows querying the umask without
temporarily modifying it.
r280713 is the actual change, while r279084 is a whitespace change.
|
| |
|
|
| |
Remove the wrong asserts.
|
| |
|
|
| |
Pre-resolve symbols required for the deferred signal processing.
|
| |
|
|
| |
For example, it made gpart partitions without label report "1" as label.
|
| |
|
|
|
|
|
| |
In libm's exp2(3), avoid left-shifting a negative integer, which is
undefined. Replace it with the intended value, in a defined way.
Reviewed by: bde
|
| |
|
|
|
| |
PR: 200942
Submitted by: Conrad Meyer
|
| |
|
|
|
|
|
|
|
|
|
|
| |
libusb: Fix minor warning.
Fix a warning triggered by the gcc + FORTIFY_SOURCE patches:
In function 'libusb20_parse_config_desc': lib/libusb/libusb20_desc.c:141:
warning: passing argument 1 of 'memcpy' discards qualifiers from pointer
target type
Submitted by: hselansky
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFC r284918:
Add helper fill_based_sd(9).
MFC r284919:
Add x86 PT_GETFSBASE, PT_GETGSBASE machine-depended ptrace requests to
obtain the thread %fs and %gs bases. Add x86 PT_SETFSBASE and
PT_SETGSBASE requests to set the bases from debuggers. The set
requests, similarly to the sysarch({I386,AMD64}_SET_FSBASE), override
the corresponding segment registers.
MFC r284965:
Document x86 machine-specific ptrace(2) requests.
MFC r285011:
Disallow a debugger on 64bit system to set fs/gs bases of the 32bit
process beyond the end of the process address space.
MFC r285104:
Grammar and language fixes.
|
| |
|
|
|
|
|
| |
Update Capsicum and Mandatory Access Control manual pages
to no longer claim they are experimental.
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
| |
Fix markup.
Sponsored by: The FreeBSD Foundation
|
| |
|
|
|
|
|
|
|
|
|
| |
MFV r285970:
Apply upstream changeset bf4f6ec64e:
Fix issue 356: properly skip a sparse file entry in a tar file.
PR: 201506
Relnotes: yes
|
| |
|
|
|
|
|
|
| |
Fix sysctl(3) so it returns the intended values for all mib names in
the 'user' sysctl tree, which have all been coming back 0 or empty
since r240176.
Approved by: re
|
| |
|
|
|
| |
PR: 190055
Approved by: re (marius)
|
| |
|
|
|
|
| |
is an empty file now so it is safe to remove before the merge.
Approved by: re (gjb)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
MFH (r276699, r276702, r277057): local control socket
MFH (r276599, r276612, r282087, r282088): build fixes
This brings in Unbound 1.5.3 from head. Local control sockets are now
supported and will be used by default for new installations. Existing
systems will continue to use TCP control sockets until the automated
setup script is re-run ("service local_unbound setup") and the service
restarted ("service local_unbound restart").
Approved by: re (kib)
Relnotes: yes
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When passwd or group information is changed (by pw, vipw, chpass, ...)
temporary file is created and then a rename() call move it to official file.
This operation didn't have any check to make sure data was written to disk
and if a power cycle happens system could end up with a 0 length passwd
or group database.
There is a pfSense bug with more information about it:
https://redmine.pfsense.org/issues/4523
The following changes were made to protect passwd and group operations:
* lib/libutil/gr_util.c:
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
- After rename(), fsync() call on directory for faster result
* lib/libutil/pw_util.c
- Replace mkstemp() by mkostemp() with O_SYNC flag to create temp file
* usr.sbin/pwd_mkdb/pwd_mkdb.c
- Added O_SYNC flag on dbopen() calls
- After rename(), fsync() call on directory for faster result
* lib/libutil/pw_util.3
- pw_lock() returns a file descriptor to master password file on success
Differential Revision: https://reviews.freebsd.org/D2978
Approved by: re (kib), bapt (implicit agreed)
Sponsored by: Netgate
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add __cxa_deleted_virtual to libcxxrt's version map.
This symbol can sometimes be emitted by clang++, and was not yet
exported from libcxxrt. Attempt to be compatible with libsupc++ by
using the same CXXABI_1.3.6 symbol version.
Approved by: re (kib)
Reported by: yuri@rawbw.com
PR: 200863
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D2850
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Emulate the 'bit test' instruction.
MFC r282259:
Re-implement RTC current time calculation to eliminate the possibility of
losing time.
MFC r282281:
Advertise the MTRR feature via CPUID and emulate the minimal set of MTRR MSRs.
MFC r282284:
When an instruction cannot be decoded just return to userspace so bhyve(8)
can dump the instruction bytes.
MFC r282287:
Don't require <sys/cpuset.h> to be always included before <machine/vmm.h>.
MFC r282296:
Emulate MSR_SYSCFG which is accessed by Linux on AMD cpus when MTRRs are
enabled.
MFC r282301:
Relax limits when transitioning a vector from the IRR to the ISR and also
when extinguishing it from the ISR in response to an EOI.
MFC r282335:
Advertise an additional memory BAR in the "dummy" device emulation.
MFC r282336:
Emulate machine check related MSRs to allow guest OSes like Windows to boot.
MFC r282351:
Don't advertise the Intel SMX capability to the guest.
MFC r282407:
Emulate the 'CMP r/m8, imm8' instruction.
MFC r282519:
Add macros for AMD-specific bits in MSR_EFER: LMSLE, FFXSR and TCE.
MFC r282520:
Emulate guest writes to EFER_MSR properly.
MFC r282558:
Deprecate the 3-way return values from vm_gla2gpa() and vm_copy_setup().
MFC r282571:
Check 'td_owepreempt' and yield the vcpu thread if it is set.
MFC r282595:
Allow byte reads of AHCI registers.
MFC r282784:
Handling indirect descriptors is a capability of the host and not one that
needs to be negotiated. Use the host capabilities field and not the negotiated
field when verifying that indirect descriptors are supported.
MFC r282788:
Allow configuration of the sector size advertised to the guest.
MFC r282865:
Set the subvendor field in config space to the vendor ID. This is required
by the Windows virtio drivers to correctly match a device.
MFC r282922:
Bump the size of the blockif scatter-gather list to 67.
MFC r283075:
Fix off-by-one in array index bounds check. bhyveload would allow you to
create 33 entries on an array that only has 32 slots
MFC r283168:
Temporarily revert r282922 which bumped the max descriptors.
MFC r283255:
Emulate the "CMP r/m, reg" instruction (opcode 39H).
MFC r283256:
Add an option "--get-vmcs-exit-inst-length" to display the instruction length
of the instruction that caused the VM-exit.
MFC r283264:
Change the header type of the emulated host-bridge from type 1 to type 0.
MFC r283293:
Don't rely on the 'VM-exit instruction length' field in the VMCS to always
have an accurate length on an EPT violation.
MFC r283299:
Remove bogus verification of instruction length after instruction decode.
MFC r283308:
Exceptions don't deliver an error code in real mode.
MFC r283657:
Fix non-deterministic delays when accessing a vcpu that was in "running" or
"sleeping" state.
MFC r283973:
Use tunable 'hw.vmm.svm.features' to disable specific SVM features even
though they might be available in hardware. Use tunable 'hw.vmm.svm.num_asids'
to limit the number of ASIDs used by the hypervisor.
MFC r284046:
Fix regression in 'verify_gla()' with the RIP-relative addressing mode.
MFC r284174:
Support guest writes to the TSC by enabling the "use TSC offsetting"
execution control.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Allow passthrough devices to be hinted.
MFC r279683:
When ICW1 is issued the edge sense circuit is reset which means that
following an initialization a low-to-high transistion is necesary to
generate an interrupt.
MFC r279925:
Add -p parameter to list PCI device to pass through to the guest.
MFC r281559:
Fix handling of BUS_PROBE_NOWILDCARD in 'device_probe_child()'.
MFC r280447:
When fetching an instruction in non-64bit mode, consider the value of the
code segment base address.
MFC r280725:
Move legacy interrupt allocation for virtio devices to common code.
MFC r280775:
Fix the RTC device model to operate correctly in 12-hour mode.
MFC r280929:
Fix "MOVS" instruction memory to MMIO emulation.
MFC r280968:
Display instruction bytes and %rip prior to aborting due to an instruction
emulation error.
MFC r281145:
Enhance the support for Group 1 Extended opcodes for CMP, AND, OR instructions.
MFC r281542:
Initialize 'error' before use (Coverity IDs 1249748, 1249747, 1249751, 1249749)
MFC r281561:
Prior to aborting due to an ioport error, it is always interesting to see what
the guest's %rip is.
MFC r281611:
If the number of guest vcpus is less than '1' then flag it as an error.
MFC r281612:
Prefer 'vcpu_should_yield()' over checking 'curthread->td_flags' directly.
MFC r281630:
Relax the check on which vectors can be delivered through the APIC. According
to the Intel SDM vectors 16 through 255 are allowed to be delivered via the
local APIC.
MFC r281879:
Missing break in switch case (Coverity ID 1292499)
MFC r281946:
Don't allow guest to modify readonly bits in the PCI config 'status' register.
MFC r281987:
STOS/STOSB/STOSW/STOSD/STOSQ instruction emulation.
MFC r282206:
Implement the century byte in the RTC.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace bhyve's minimal RTC emulation with a fully featured one in vmm.ko.
MFC r276432:
Initialize all fields of 'struct vm_exception exception' before passing it
to vm_inject_exception().
MFC r276763:
Clear blocking due to STI or MOV SS in the hypervisor when an instruction is
emulated or when the vcpu incurs an exception.
MFC r277149:
Clean up usage of 'struct vm_exception' to only to communicate information
from userspace to vmm.ko when injecting an exception.
MFC r277168:
Fix typo (missing comma).
MFC r277309:
Make the error message explicit instead of just printing the usage if the
virtual machine name is not specified.
MFC r277310:
Simplify instruction restart logic in bhyve.
MFC r277359:
Fix a bug in libvmmapi 'vm_copy_setup()' where it would return success even
if the 'gpa' was in the guest MMIO region.
MFC r277360:
MOVS instruction emulation.
MFC r277626:
Add macro to identify AVIC capability (advanced virtual interrupt controller)
in AMD processors.
MFC r279220:
Don't close a block context if it couldn't be opened avoiding a null deref.
MFC r279225:
Add "-u" option to bhyve(8) to indicate that the RTC should maintain UTC time.
MFC r279227:
Emulate MSR 0xC0011024 when running on AMD processors.
MFC r279228:
Always emulate MSR_PAT on Intel processors and don't rely on PAT save/restore
capability of VT-x. This lets bhyve run nested in older VMware versions that
don't support the PAT save/restore capability.
MFC r279540:
Fix warnings/errors when building vmm.ko with gcc.
|
| |
|
|
|
|
|
|
| |
r275819, r276176, r278154, r278160, r278339, r279127, r279240, r279491,
r279493, r279856, r283032, r284423, r284426, r284427, r284428
Merge changes to libm from the past 9 months. This includes improvements
to the Bessel functions and adds the C99 function lgammal.
|
| |
|
|
|
|
| |
file 5.23.
Relnotes: yes
|
| |
|
|
|
|
|
|
|
| |
Fix a debug statement. Only the callback function (performing the
incrementing of dpv_overall_oread) knows what its purpose is (and
often times it was bytes, not lines).
MFC r283975 (araujo):
Clean up unused variable and silence clang warnings.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix the following clang 3.7.0 warnings in lib/libfetch/http.c:
lib/libfetch/http.c:1628:26: error: address of array 'purl->user'
will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
aparams.user = purl->user ?
~~~~~~^~~~ ~
lib/libfetch/http.c:1630:30: error: address of array 'purl->pwd'
will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
aparams.password = purl->pwd?
~~~~~~^~~~
lib/libfetch/http.c:1657:25: error: address of array 'url->user'
will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
aparams.user = url->user ?
~~~~~^~~~ ~
lib/libfetch/http.c:1659:29: error: address of array 'url->pwd'
will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
aparams.password = url->pwd ?
~~~~~^~~ ~
lib/libfetch/http.c:1669:25: error: address of array 'url->user'
will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
aparams.user = url->user ?
~~~~~^~~~ ~
lib/libfetch/http.c:1671:29: error: address of array 'url->pwd'
will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]
aparams.password = url->pwd ?
~~~~~^~~ ~
Since url->user and url->pwd are arrays, they can never be NULL, so the
checks can be removed.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D2673
|
