summaryrefslogtreecommitdiffstats
path: root/libexec
Commit message (Collapse)AuthorAgeFilesLines
* Revert r274772: it is not valid on MIPSemaste2014-11-251-1/+1
| | | | Reported by: sbruno
* Use canonical __PIC__ flagemaste2014-11-211-1/+1
| | | | | | | | It is automatically set when -fPIC is passed to the compiler. Reviewed by: dim, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D1179
* I agree w/ tedu that this isn't a Bug.. it's like complaining thatjmg2014-11-201-18/+2
| | | | | | you can't use an ssh client to fetch a web page... Submitted by: tedu (via -tech)
* Add baud rate support to telnet(1)ngie2014-11-111-0/+1
| | | | | | | | | | | | | This implements part of RFC-2217 It's based off a patch originally written by Sujal Patel at Isilon, and contributions from other Isilon employees. PR: 173728 Phabric: D995 Reviewed by: markj, markm MFC after: 2 weeks Sponsored by: EMC / Isilon Storage Division
* MFV: Import atf-0.21.jmmv2014-11-013-3/+7
|
* This is the much-discussed major upgrade to the random(4) device, known to ↵markm2014-10-301-1/+1
| | | | | | | | | | | | | | | | | | | you all as /dev/random. This code has had an extensive rewrite and a good series of reviews, both by the author and other parties. This means a lot of code has been simplified. Pluggable structures for high-rate entropy generators are available, and it is most definitely not the case that /dev/random can be driven by only a hardware souce any more. This has been designed out of the device. Hardware sources are stirred into the CSPRNG (Yarrow, Fortuna) like any other entropy source. Pluggable modules may be written by third parties for additional sources. The harvesting structures and consequently the locking have been simplified. Entropy harvesting is done in a more general way (the documentation for this will follow). There is some GREAT entropy to be had in the UMA allocator, but it is disabled for now as messing with that is likely to annoy many people. The venerable (but effective) Yarrow algorithm, which is no longer supported by its authors now has an alternative, Fortuna. For now, Yarrow is retained as the default algorithm, but this may be changed using a kernel option. It is intended to make Fortuna the default algorithm for 11.0. Interested parties are encouraged to read ISBN 978-0-470-47424-2 "Cryptography Engineering" By Ferguson, Schneier and Kohno for Fortuna's gory details. Heck, read it anyway. Many thanks to Arthur Mesh who did early grunt work, and who got caught in the crossfire rather more than he deserved to. My thanks also to folks who helped me thresh this out on whiteboards and in the odd "Hallway track", or otherwise. My Nomex pants are on. Let the feedback commence! Reviewed by: trasz,des(partial),imp(partial?),rwatson(partial?) Approved by: so(des)
* Add an "empty" Makefile.pc98 because it doesn't need/want HYPERV. Itimp2014-10-161-0/+4
| | | | is not relevant to the hardware it runs on.
* HYPERV isn't available on all architectures, but just on by defaultimp2014-10-163-5/+12
| | | | | | | | for i386/amd64. Rather, it only works on i386/amd64 and should only be built there. Rather than change the default based on which architecutre, do things more directly by only building it on i386/amd64 and having it always on. This is how we handle other options that are relevant only for a few architectures.
* Always return pathname in dl_iterate_phdr's dlpi_name, as Linux doesemaste2014-10-091-2/+1
| | | | | | | | | | | | Linux LD_ITERATE_PHDR(3): The dlpi_name field is a null-terminated string giving the pathname from which the shared object was loaded. That functionality is much more useful than returning just the short name. Approved by: kan Sponsored by: The FreeBSD Foundation
* Remove MK_ARM_EABI, the armeb issues have been fixed. The code to supportandrew2014-10-011-1/+1
| | | | | | | | | | | | the oabi is still in the tree, but it is expected this will be removed as developers work on surrounding code. With this commit the ARM EABI is the only supported supported ABI by FreeBSD on ARMa 32-bit processors. X-MFC after: never Relnotes: yes Differential Revision: https://reviews.freebsd.org/D876
* Import HyperV Key-Value Pair (KVP) driver and daemon code by Microsoft,delphij2014-09-132-0/+15
| | | | | | | | | | | | | | many thanks for their continued support of FreeBSD. While I'm there, also implement a new build knob, WITHOUT_HYPERV to disable building and installing of the HyperV utilities when necessary. The HyperV utilities are only built for i386 and amd64 targets. This is a stable/10 candidate for inclusion with 10.1-RELEASE. Submitted by: Wei Hu <weh microsoft com> MFC after: 1 week
* Document the whole settings needed to build a debug version of rtld.kib2014-08-291-0/+4
| | | | | Sponsored by: The FreeBSD Foundation MFC after: 3 days
* Optimize r270798, only do the second pass over non-plt relocationskib2014-08-294-3/+9
| | | | | | | when the first pass found IFUNCs. Sponsored by: The FreeBSD Foundation MFC after: 2 weeks
* IFUNC symbol type shall be processed for non-PLT relocations,kib2014-08-299-334/+311
| | | | | | | | | | | | | | | | | | | e.g. when a global variable is initialized with a pointer to ifunc. Add symbol type check and call resolver for STT_GNU_IFUNC symbol types when processing non-PLT relocations, but only after non-IFUNC relocations are done. The two-phase proceessing is required since resolvers may reference other symbols, which must be ready to use when resolver calls are done. Restructure reloc_non_plt() on x86 to call find_symdef() and handle IFUNC in single place. For non-x86 reloc_non_plt(), check for call for IFUNC relocation and do nothing, to avoid processing relocs twice. PR: 193048 Sponsored by: The FreeBSD Foundation MFC after: 2 weeks
* Remove stray newline.kib2014-08-271-1/+1
|
* Fix "make checkdpadd" by "spoofing" DPADDngie2014-08-261-0/+1
| | | | | | Approved by: jmmv (mentor) Phabric: D631 PR: 192769
* Always check the limits of array index variables before using them.pfg2014-08-211-2/+2
| | | | | Obtained from: DragonFlyBSD MFC after: 1 week
* Revert r267233 for now. PIE support needs to be reworked.bdrewery2014-08-194-8/+0
| | | | | | | | | | | | | | | | | | | | | | | | 1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other build-only utility libraries. 2. Another 40% is fixed by generating _pic.a variants of various libraries. 3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR) where it never would work anyhow, such as csu or loader. This suggests there may be better ways of adding support to the tree. Many of these cases can be fixed such that -fPIE will work but there is really no reason to have it in those cases. 4. Some of the uses are working around hacks done to some Makefiles that are really building libraries but have been using bsd.prog.mk because the code is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have been needed. We likely do want to enable PIE by default (opt-out) for non-tree consumers (such as ports). For in-tree though we probably want to only enable PIE (opt-in) for common attack targets such as remote service daemons and setuid utilities. This is also a great performance compromise since ASLR is expected to reduce performance. As such it does not make sense to enable it in all utilities such as ls(1) that have little benefit to having it enabled. Reported by: kib
* Remove LOG_ODELAY because it does nothing.neel2014-08-172-2/+2
| | | | | Reviewed by: jilles CR: https://reviews.freebsd.org/D611
* Rework privatelib/internallibbapt2014-08-062-4/+2
| | | | | | | | | | | | | | Make sure everything linking to a privatelib and/or an internallib does it directly from the OBJDIR rather than DESTDIR. Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing in final installation Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to internal/privatelib Directly link to the .so in case of private library to avoid having to complexify LDFLAGS. Phabric: https://phabric.freebsd.org/D553 Reviewed by: imp, emaste
* Similar to r269506, fix LIBDIR to not duplicate TESTSDIRngie2014-08-051-2/+2
| | | | | | | Phabric: D536 Reviewed by: jmmv Approved by: jmmv (mentor) Sponsored by: EMC / Isilon Storage Division
* Remove unnecessary .PATH directivengie2014-08-051-2/+0
| | | | | | | | | | All of the sources for the tests are contained in the current working directory and the subdirectories Phabric: D537 Reviewed by: jmmv Approved by: jmmv (mentor) Sponsored by: EMC / Isilon Storage Division
* Fix BINDIR to not duplicate "${TESTSDIR}ngie2014-08-041-1/+1
| | | | | | | | | This should fix 'make release' with MK_TESTS != no Phabric: D525 (part of a larger patch) Reviewed by: jmmv Approved by: jmmv (co-mentor)
* Move a -L argument from LDADD to LDFLAGSngie2014-08-041-1/+3
| | | | | | | Phabric: D525 (part of a larger patch) Reviewed by: jmmv Approved by: jmmv (co-mentor)
* Fix a -Wsecurity warning with clangngie2014-08-041-1/+1
| | | | | | | Phabric: D525 (part of a larger patch) Reviewed by: jmmv Approved by: jmmv (co-mentor)
* Remove hardcoded path to TESTSDIR (Makefile, ld_library_pathfds.c) atngie2014-08-042-12/+11
| | | | | | | | | | | | | build time by using atf_tc_get_config_var(tc, "srcdir")) This will allow end-users to move the binaries to different locations after they've been built without having to rebuild the binaries with the new paths Phabric: D525 (part of a larger patch) Reviewed by: jmmv Approved by: jmmv (co-mentor)
* Don't save entropy inside jails.delphij2014-07-221-0/+2
| | | | | | | | | | As of r126744, we no longer feed the entropy device in jails upon start, and collecting them is no longer useful. PR: conf/126744 Submitted by: Eugene Grosbein <eugen grosbein net> (with minor changes) MFC after: 1 week Approved by: so (des)
* Replace all uses of libncurses and libtermcap with their wide characterbrooks2014-07-171-2/+2
| | | | | | | | | | variants. This allows usable file system images (i.e. those with both a shell and an editor) to be created with only one copy of the curses library. Exp-run: antoine PR: 189842 Discussed with: bapt Sponsored by: DARPA, AFRL
* libpythagoras needs libm.jmmv2014-07-161-0/+3
| | | | | This fixes "make tinderbox" failures on various architectures when WITH_TESTS=yes is enabled. Problem introduced in r267679.
* Fix atf-sh's integration_testjmmv2014-07-091-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | With the move of atf-sh into /usr/libexec in r267181, some of the tests in the integration_test program broke because they could not execute atf-sh from the path any longer. This slipped through because I do have a local atf installation in my home directory that appears in my path, hence the tests could still execute my own version. Fix this by forcing /usr/libexec to appear at the beginning of the path when attempting to execute atf-sh. To make upgrading easy (and to avoid an unnecessary entry in UPDATING), make integration_test depend on the Makefile so that a rebuild of the shell script is triggered. This requires a hack in the *.test.mk files to ensure the Makefile is not treated as a source to the generated program. Ugly, I know, but I don't have a better way of doing this at the moment. Will think of one once I address the TODO in the *.test.mk files that suggests generalizing the file generation functionality. PR: 191052 Reviewed by: Garrett Cooper
* Remove ia64.marcel2014-07-075-997/+3
| | | | | | | | | | | | | | | | | This includes: o All directories named *ia64* o All files named *ia64* o All ia64-specific code guarded by __ia64__ o All ia64-specific makefile logic o Mention of ia64 in comments and documentation This excludes: o Everything under contrib/ o Everything under crypto/ o sys/xen/interface o sys/sys/elf_common.h Discussed at: BSDcan
* Align the stack in _rtld_bind_start. Normally this is called with theandrew2014-07-061-2/+5
| | | | | | | | | | | | | | | | | | | correct stack alignment, however when we have a leaf function that uses thread local storage it calls __aeabi_read_tp to get the thread pointer. Neither GCC or clang see this as a function call so will align the stack to a 4-byte boundary. This may be a problem as _rtld_bind expects to be on an 8-byte boundary. The solution is to store a copy of the stack pointer and force the alignment before calling _rtld_bind. This fixes a problem with armeb where applications would crash in odd ways. It should also remove the need for a local patch to clang to force the stack alignment to an 8-byte boundary, even for leaf functions. Further testing will be needed before reverting this local change to clang as we may rely on it in other places. Reviewed by: jmg@
* Fix r264346 for ia64. We need to allocate memory for the functionmarcel2014-07-022-0/+9
| | | | | | | | | descriptors in order to relocate RTLD itself. To allocate memory, we need the pagesizes array initialized, but that happens after RTLD is relocated. This ordering is important for amd64, but it's opposite of what ia64 needs. Handle this conflict with the define called RTLD_INIT_PAGESIZES_EARLY. When defined, obtain the page sizes before relocating rtld, otherwise do it after.
* mdoc: remove superfluous paragraph macros.joel2014-06-231-1/+0
|
* Test RTLD's new LD_LIBRARY_PATH_FDS variable.jonathan2014-06-208-0/+373
| | | | | | | | | | | | Test LD_LIBRARY_PATH_FDS by linking a binary that requires a shared library that isn't in any of the usual search paths. Ensure this fails when we don't supply LD_LIBRARY_PATH_FDS or we pass invalid information in it. Ensure it works when we pass the correct directory in various places in the variable. Approved by: rwatson (mentor) MFC after: 3 weeks Sponsored by: DARPA/AFRL
* Add the LD_LIBRARY_PATH_FDS environmental variable.jonathan2014-06-204-16/+148
| | | | | | | | | | | | | | This variable allows the loading of shared libraries via directory descriptors rather than via library paths. If LD_LIBRARY_PATH_FDS=3:4:12, the directories represented by file descriptors 3, 4 and 12 will searched for shared libraries before the normal path-based mechanisms are used. This allows us to execute unprivileged binaries from within a Capsicum sandbox even if they require shared libraries. Approved by: rwatson (mentor) Reviewed by: kib MFC after: 3 weeks Sponsored by: DARPA/AFRL
* use .Mt to mark up email addresses consistently (part2)bapt2014-06-207-14/+14
| | | | | PR: 191174 Submitted by: Franco Fichtner <franco@lastsummer.de>
* In preparation for ASLR [1] support add WITH_PIE to support building with -fPIE.bdrewery2014-06-084-0/+8
| | | | | | | | | | | | | | | | This is currently an opt-in build flag. Once ASLR support is ready and stable it should changed to opt-out and be enabled by default along with ASLR. Each application Makefile uses opt-out to ensure that ASLR will be enabled by default in new directories when the system is compiled with PIE/ASLR. [2] Mark known build failures as NO_PIE for now. The only known runtime failure was rtld. [1] http://www.bsdcan.org/2014/schedule/events/452.en.html Submitted by: Shawn Webb <lattera@gmail.com> Discussed between: des@ and Shawn Webb [2]
* Move atf-sh from /usr/bin/ to /usr/libexec/jmmv2014-06-065-2/+86
| | | | | | | | | | | | | In r266650, we made libatf-c and libatf-c++ private libraries so that no components outside of the source tree could unintendedly depend on them. This change does the same for the "atf-sh library" by moving the atf-sh interpreter from its public location in /usr/bin/ to the private location in /usr/libexec/. Our build system will ensure that our own test programs use the right binary, but users won't be able to depend on atf-sh by "mistake". Committing this now to ride the UPDATING notice added with r267172 today.
* When building picobsd, define WITHOUT_OPENSSL and WITHOUT_KERBEROS andimp2014-06-061-3/+0
| | | | | | | | | remove the now-redundant checks for RELEASE_CRUNCH. This originally was defined for building smaller sysinstall images, but was later also used by picobsd builds for a similar purpose. Now that we've moved away from sysinstall, picobsd is the only remaining consumer of this interface. Adding these two options reduces the RELEASE_CRUNCH special cases in the tree by half.
* Change libatf-c and libatf-c++ to be private libraries.jmmv2014-05-251-2/+2
| | | | | | | | | | | | | | We should not be leaking these interfaces to the outside world given that it's much easier for third-party components to use the devel/atf package from ports. As a side-effect, we can also drop the ATF pkgconfig and aclocal files from the base system. Nothing in the base system needs these, and it was quite ugly to have to get them installed only so that a few ports could build. The offending ports have been fixed to depend on devel/atf explicitly. Reviewed by: bapt
* Right now, the rtld prefork hook locks the rtld bind lock in the readkib2014-05-241-1/+15
| | | | | | | | | | | | | | | | | | mode. This allows the binder to be functional in the child after the fork (assuming no lazy loading of a filter is needed), but other rtld services which require write lock on rtld_bind_lock cause deadlock, if called by child. Change the _rtld_atfork() to lock the bind lock in write mode, making the rtld fully functional after the fork. Pre-resolve the symbols which are called by the libthr' fork() interposer, since dynamic resolution causes deadlock due to the rtld_bind_lock already owned in the write mode. Reported and tested by: pho Sponsored by: The FreeBSD Foundation MFC after: 2 weeks
* Fix LD_LIBMAP.kib2014-05-181-3/+3
| | | | | | | The r232862 passed the pointer to end of string to lmc_parse() and free(). Submitted by: Wolfgang Jenkner <wjenkner@inode.at> MFC after: 1 week
* - Export the function added in r265456 rather than the non-existentmarkj2014-05-072-3/+3
| | | | | | | | | | | _rtld_debug_postinit(). [1] - Use __compiler_membar() instead of inline asm in _r_debug_state() and _r_debug_postinit(). [2] Pointy hat to: markj [1] Reported by: attilio [2] Discussed with: kib X-MFC-With: r265456
* Add a postinit debugger hook to rtld. This will be used by dtrace(1) to haltmarkj2014-05-062-0/+16
| | | | | | | | | | the victim process before its entry point is called, at which point probes and DOF data are registered with the kernel. The r_debug_state hook cannot be used for this purpose, as it is called before the program's init routines are invoked and in particular before DOF data is registered (via drti.o). Reviewed by: kib MFC after: 2 weeks
* Use src.opts.mk in preference to bsd.own.mk except where we need stuffimp2014-05-067-6/+7
| | | | from the latter.
* Fix releasing the lock in the parent atrun process after the queueghelmer2014-04-171-0/+6
| | | | | directory has been processed. Otherwise, a long-running child process caused other atrun invocations to stall unnecessarily.
* Add dwarf annotations to the amd64 _rtld_bind_start to allow debuggerskib2014-04-141-0/+43
| | | | | | | to unwind around the calls from PLT to binder. Sponsored by: The FreeBSD Foundation MFC after: 1 week
* NO_MAN= has been deprecated in favor of MAN= for some time, go aheadimp2014-04-138-8/+8
| | | | | | and finish the job. ncurses is now the only Makefile in the tree that uses it since it wasn't a simple mechanical change, and will be addressed in a future commit.
* Before calling mmap() on a shared library's text and data sections, rtldalc2014-04-114-25/+67
| | | | | | | | | | | | | | | | | | | | | | | | | | first calls mmap() with the arguments PROT_NONE and MAP_ANON to reserve a single, contiguous range of virtual addresses for the entire shared library. Later, rtld calls mmap() with the the shared library's file descriptor and the argument MAP_FIXED to place the text and data sections within the reserved range. The rationale for mapping shared libraries in this way is explained in the commit message for Revision 190885. However, this approach does have an unintended, negative consequence. Since the first call to mmap() specifies MAP_ANON and not the shared library's file descriptor, the kernel has no idea what alignment the vm object backing the file prefers. As a result, the reserved range's alignment is unlikely to be the same as the vm object's, and so mapping with superpages becomes impossible. To address this problem, this revision adds the argument MAP_ALIGNED_SUPER to the first call to mmap() if the text section is larger than the smallest superpage size. To determine if the text section is larger than the smallest superpage size, rtld must always fetch the page size information. As a result, the private code for fetching the base page size in rtld's builtin malloc is redundant. Eliminate it. Requested by: kib Tested by: zbb (on arm) Reviewed by: kib (an earlier version) Discussed with: jhb
OpenPOWER on IntegriCloud