1. 50+% of NO_PIE use is fixed by adding -fPIC to INTERNALLIB and other
build-only utility libraries.
2. Another 40% is fixed by generating _pic.a variants of various libraries.
3. Some of the NO_PIE use is a bit absurd as it is disabling PIE (and ASLR)
where it never would work anyhow, such as csu or loader. This suggests
there may be better ways of adding support to the tree. Many of these
cases can be fixed such that -fPIE will work but there is really no
reason to have it in those cases.
4. Some of the uses are working around hacks done to some Makefiles that are
really building libraries but have been using bsd.prog.mk because the code
is cleaner. Had they been using bsd.lib.mk then NO_PIE would not have
been needed.
We likely do want to enable PIE by default (opt-out) for non-tree consumers
(such as ports). For in-tree though we probably want to only enable PIE
(opt-in) for common attack targets such as remote service daemons and setuid
utilities. This is also a great performance compromise since ASLR is expected
to reduce performance. As such it does not make sense to enable it in all
utilities such as ls(1) that have little benefit to having it enabled.
Reported by: kib
mount_nfs effectively uses mount protocol v3 by default already.
v1 mount protocol is being removed along with nfsv2 by a high profile NFS
appliance vendor and our legacy v1 mount protocol usage causes rpc errors.
submitted via r268811
- Install the Kyuafile by adding FILES to FILESGROUPS
- Run the testcases with an unprivileged user
Some of the testcases depend upon behavior that's broken when
run as root on FreeBSD because of how permissions are treated
with access(2) vs eaccess(2), open(2), etc
- Simplify the test driver to just inspect the exit code from
run_test because it now exits with 0 if successful and exits
with !0 if unsuccessful
- Don't do ad hoc temporary directory creation/deletion; let Kyua
handle that
- Add entries for files removed in r268811 to
OptionalObsoleteFiles.inc
PR: 191020
X-MFC with: r268811
Approved by: jmmv (mentor)
Reviewed by: bapt
Sponsored by: EMC / Isilon Storage Division
cheating by assigning the same sector offset to both directories,
but it seems that VirtualBox doesn't like that. Neither does
qemu from the looks of it. We now actually write the directory
and table twice.
MFC after: 3 days
While here, change how we check if the current line is the last one.
Before, we just checked if there were more files after the current one.
Now, we check the actual content of those files: they files may not have
a line at all. This matches the definition of the "last line" by the
Open Group.
The new behavior is closer to GNU sed.
PR: 160745
Phabric: https://phabric.freebsd.org/D431
Reviewed by: jilles
Approved by: jilles
Exp-run by: antoine
Correct the usage in both the manpage and in usage() to indicate
that the wait interval and repetition count may be given either
with the respective -w/-c arguments, or as the final positional
arguments. [0]
The corresponding code to implement the positional arguments has
been conditional on the (always-enabled) BACKWARD_COMPATIBILITY
macro since the original 4.4-lite import. It's no longer reasonable
to remove the functionality, so remove the macro and conditional
instead.
Note that multiple disks may be given on the command line.
While here, sort arguments and apply minor mdoc fixes.
PR: 184755 [0]
Approved by: hrs (mentor, src committer)
Error was:
cc1: warnings being treated as errors
.../usr.bin/m4/misc.c: In function 'm4errx':
.../usr.bin/m4/misc.c:268: warning: declaration of 'eval' shadows a global declaration
.../usr.bin/m4/extern.h:40: warning: shadowed declaration is here
Make sure everything linking to a privatelib and/or an internallib does it directly
from the OBJDIR rather than DESTDIR.
Add src.libnames.mk so bsd.libnames.mk is not polluted by libraries not existsing
in final installation
Introduce the LD* variable which is what ld(1) is expecting (via LDADD) to link to
internal/privatelib
Directly link to the .so in case of private library to avoid having to complexify
LDFLAGS.
Phabric: https://phabric.freebsd.org/D553
Reviewed by: imp, emaste
The SHT range 0x70000000-0x7fffffff is processor-specific. Pass the
ELF machine type header to sh_types so the section header type name can
be reported correctly for the given processor.
For all ranges report the actual value for unknown types.
Add MIPS-specific type SHT_MIPS_OPTIONS.
CR: D483
Reviewed by: sbruno, marcel
Sponsored by: DARPA, AFRL
- Make sure the tests go into the right directory. The location was
wrong so they were overwriting the bin/chown tests!
- Use the right naming scheme for the test program.
- Remove the svn:executable property from the shell script.
columns available anyway. Also left align as we tend to do for flags
fields, although you can't see that currently as the string fully fills
that available columns.
MFC after: 3 days
Sponsored by: DARPA, AFRL
Document the exit values and the duration format
Improve wording
Pet mandoc -Tlint
Sort SEE ALSO
Phabric: https://phabric.freebsd.org/D432
Reviewed by: wblock
variants. This allows usable file system images (i.e. those with both a
shell and an editor) to be created with only one copy of the curses library.
Exp-run: antoine
PR: 189842
Discussed with: bapt
Sponsored by: DARPA, AFRL
a raw image with a VHD footer appended. There's little value that I
can see to use the fixed image type, but in order to make VHD images
for use by Microsoft's Azure platform, they must be fixed VHD images.
Support has been added by refactoring the code to re-use common code
and by adding a second output format structure. To created fixed VHD
images, specify "vhdf" as the output format.
Bring a couple of changes from NetBSD:
queue.c (CVS Rev. 1.4. 1.5)
Fix memory leaks.
NULL does not need a cast.
grep.c (CVS Rev. 1.6)
Use the more portable getline.
Obtained from: NetBSD
MFC after: 3 days
it fully passes the GNU timeout regression tests, it is written in a mostly
portable way (only signal parsing is relying on non portable structures)
Phabric: D377
Use this for VHD and VMDK to avoid allocating space in the image
for empty sectors.
Note that this negatively affects performance because mkimg uses a
temporary file for the intermediate storage. When mkimg has better
internal book keeping, performance can be significantly improved.
Disabling them breaks build on archs using GCC. The problem is at line 156 of
bits/basic_ios.h:
if (this->exceptions() & __state)
__throw_exception_again;
With exceptions disabled __throw_exception_again is defined as
#define __throw_exception_again
at line 45 of exception_defines.h and the code results in an empty loop body,
which fails because of -Werror.
Approved by: cognet
This was showing as:
vmstat: undefined symbols:
_cnt
To remain backwards compatible with older dumps, if 'vm_cnt' symbol is not
found then try again with 'cnt'.
Reported by: pho
Sponsored by: EMC / Isilon Storage Division
- Use set instead of std::set, to be consistent with the rest of the file.
- Remove return (0); it's not required.
- Add a dash at the beginning of the copyright, per style(9).
This reduces the lines of code by roughly 50% (not counting the COPYRIGHT
header) and makes it more readable by using standard algorithms.
Approved by: bapt
This includes:
o All directories named *ia64*
o All files named *ia64*
o All ia64-specific code guarded by __ia64__
o All ia64-specific makefile logic
o Mention of ia64 in comments and documentation
This excludes:
o Everything under contrib/
o Everything under crypto/
o sys/xen/interface
o sys/sys/elf_common.h
Discussed at: BSDcan
gentoo has "util-linux 2.24.1" with long options. Other distributions
have similar.
usage() is intentionally unchanged to keep it short and sweet
Reviewed by: jmg
Discussed with: adrian, jilles
among others.
Add an undocumented option for unit testing (-y). When given, the image
will have UUIDs and timestamps synthesized in a way that gives identical
results across runs. As such, UUIDs stop being unique, globally or
otherwise.
VHD support requested by: gjb@
The _SUPPORT knobs have a consistent meaning which differs from the
behaviour controlled by this knob. As the knob is opt-out and has not
appeared in a release the impact should be low.
Suggested by: imp, wblock
MFC after: 1 week
With the move by the FreeBSD Project away from CVSup as a distribution
mechanism, there is no longer a need to keep this in base.
Approved by: mux (around a year ago), silence on -hackers
X-MFC-after: never
detected.
Certain criteria must be met for this bug to show up:
* the -w flag is specified, and
* neither -o or --color are specified, and
* the pattern is part of another word in the line, and
* the other word that contains the pattern occurs first
PR: 181973
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
more obvious imprecision in the previous top changes.
Specifically, top uses a delta of clock_gettime() calls right after
invoking the kern.proc sysctl to fetch the process/thread list to
compute the time delta between the fetches. However, the kern.proc
sysctl handler does not run in constant time. It can spin on locks,
be preempted by an interrupt handler, etc. As a result, the time
between the gathering of stats for individual processes or threads
between subsequent kern.proc handlers can vary. If a "slow" kern.proc
run is followed by a "fast" kern.proc run, then the threads/processes
at the start of the "slow" run will have a longer time delta than the
threads/processes at the end. If the clock_gettime() time delta is
not itself skewed by preemption, then the delta may be too short for
a given thread/process resulting in a higher percent CPU than actual.
However, there is no good way to calculate the exact amount of overage,
nor to know which threads to subtract the overage from. Instead, just
punt and fix the definitely-wrong case of an individual thread having
more than 100% CPU.
Discussed with: zonk
Other implementations of patch(1), including GNU patch and "svn patch"
have a --dry-run option which does the same as our -C or --check
option.
Add a new alias to make our implementation more compatible.
MFC after: 1 week
Patch(1) uses a short int for the line length, which is usually
sufficient for regular diffs, but makes no effort to signal
when there is an overflow.
Change the line length to an unsigned short int to better use
the fact that a length is never negative. The change is loosely
inspired on a related change in DragonFly, but we avoid spending
more memory than necessary.
While here adjust the messages to be clearer on what is happening.
MFC after: 1 week
of invalid characters of the current file instead of an accumulated
value.
- Make do_conv return an error when invalid characters have been found.
Return EXIT_FAILURE from main if any file contained invalid characters.
This matches the behaviour of GNU iconv.
- Mark usage with __dead2 attribute.
- Make the long_options array const.
This change reverts a change from OpenBSD which made use of
calloc, and therefore wasted time initializing arrays that
will later be realloc'ed. Consistently use FreeBSD's
reallocf().
While here also merge the changes from OpenBSD's manpage
patch.1 Rev 1.27:
"patch was moved from user portability (UP) to base in issue 7
and is no longer optional"
MFC after: 1 week
vtfontcvt is useful for end users to convert arbitrary bitmap fonts
for use by vt(4). It can also be used as a build tool, allowing us
to keep the source font data in the src tree rather than uuencoded
binaries.
Reviewed by: ray, wblock (D183)
Sponsored by: The FreeBSD Foundation
The change to expand_number (r204654) broke detection of too large sizes and
relative sizes ('+'/'-').
Also add some tests.
PR: 190735
Submitted by: Kirk Russell
MFC after: 1 week
This is currently an opt-in build flag. Once ASLR support is ready and stable
it should changed to opt-out and be enabled by default along with ASLR.
Each application Makefile uses opt-out to ensure that ASLR will be enabled by
default in new directories when the system is compiled with PIE/ASLR. [2]
Mark known build failures as NO_PIE for now.
The only known runtime failure was rtld.
[1] http://www.bsdcan.org/2014/schedule/events/452.en.html
Submitted by: Shawn Webb <lattera@gmail.com>
Discussed between: des@ and Shawn Webb [2]
In r266650, we made libatf-c and libatf-c++ private libraries so that no
components outside of the source tree could unintendedly depend on them.
This change does the same for the "atf-sh library" by moving the atf-sh
interpreter from its public location in /usr/bin/ to the private location
in /usr/libexec/. Our build system will ensure that our own test programs
use the right binary, but users won't be able to depend on atf-sh by
"mistake".
Committing this now to ride the UPDATING notice added with r267172 today.
* -Sc was generating code without a return type on main.
* -Sm was generating an unusable clean target due to undefined RM.
* -Sm was generating clean target with extra preceding space.
PR: 185582
Submitted by: Pawel Biernacki <pawel.biernacki@gmail.com>
MFC after: 1 week
remove the now-redundant checks for RELEASE_CRUNCH. This originally
was defined for building smaller sysinstall images, but was later also
used by picobsd builds for a similar purpose. Now that we've moved
away from sysinstall, picobsd is the only remaining consumer of this
interface. Adding these two options reduces the RELEASE_CRUNCH
special cases in the tree by half.
- Reformat the entire man page
- Create a proper synopsis section
- Use itemized-lists to describe each flag, rather than paragraphs
- Cross-reference common flags to a 'general flags' sub-section with short
inline description of the flag
- Label 'general flags' sub-section
- Apply additional fixes suggested by wblock, brueffer, and bdrewery
- Update .Dd that got undone previously
- Change the order of the .Op Fl to be alphabetical
- Add the -i | -I interface flags to the description of 'interface
display mode'
- Fix missing parameters in man page
- Fix missing parameters in usage()
- Sync man page and usage()
MFC Note: stable/9 and stable/10 do not have -R, will need to be removed
when merged
CR: D58
Reviewed by: brueffer, bcr
Approved by: wblock (mentor)
MFC after: 7 days
Sponsored by: ScaleEngine Inc.
The directory hierarchy is created by an mtree file (BSD.usr.dist,
in the case of calendar(1)). An explicit "mkdir -p" in a program's
Makefile is redundant, and can mask a missing mtree entry.
This is not really a good test as the behaviour for /c is unspecified.
For the record, ksh93 returns:
$ printf "abc\n\cdef"
abc
ef$
Discussed with: Garret D'Amore (Illumos)
displays after a pause, use the difference in runtime divided by the
length of the pause as the percentage of CPU used instead of the value
calculated by the kernel. In addition, when determing if a process or
thread is idle or not, treat any process or thread that has used any
runtime or performed any context switches during the interval as busy.
Note that the percent CPU is calculated as a double and stored in an
array to avoid recalculating the value multiple times in the comparison
method used to sort processes in the CPU display.
Tested by: Jamie Landeg-Jones <jamie@dyslexicfish.net>
Reviewed by: emaste (earlier version)
MFC after: 1 week
We should not be leaking these interfaces to the outside world given
that it's much easier for third-party components to use the devel/atf
package from ports.
As a side-effect, we can also drop the ATF pkgconfig and aclocal files
from the base system. Nothing in the base system needs these, and it
was quite ugly to have to get them installed only so that a few ports
could build. The offending ports have been fixed to depend on
devel/atf explicitly.
Reviewed by: bapt
problem with broken in-tree builds (which are used far more
pervasively than I'd known outside the tree). However, weird results
may now happen if at any point in the tree above you there happens to
be a directory that has subdirectory of share/mk, as unpredictable
results will follow. This was considered the lessor of the two evils,
at least for now. In the future this will be removed again when the
underlying issues are resolved.
- Increase WID_IF_DEFAULT() from 6 to 8 (the default for AF_INET6) because
we have interfaces with longer names than 6 chars like epairN{a,b}.
- Style fixes.
This is intended to help in diagnostics and debugging of NIC and stack
flowid support.
Eventually this will grow another column (RSS CPU ID) but
that currently isn't cached in the inpcb.
There's also no clean flowtype -> flowtype identifier string. This is
the mbuf M_HASHTYPE_* values for RSS.
Here's some example output:
adrian@adrian-hackbox:~/work/freebsd/head/src % netstat -Rn | more
Active Internet connections
Proto Recv-Q Send-Q Local Address Foreign Address flowid ftype
tcp4 0 0 10.11.1.65.22 10.11.1.64.12409 29041942 2
udp4 0 0 127.0.0.1.123 *.* 00000000 0
udp6 0 0 fe80::1%lo0.123 *.* 00000000 0
udp6 0 0 ::1.123 *.* 00000000 0
udp4 0 0 10.11.1.65.123 *.* 00000000 0
Tested:
* amd64 system w/ igb NIC; local driver changes to expose RSS flowid in if_igb.
flag to procstat.
- Add an -H flag to request information about threads rather than processes
when dumping statistics. Currently it is only used for -r to display
resource usage for individual threads instead of the entire process.
Reviewed by: kib (older version without -H)
MFC after: 1 month
Add support for different output formats:
1. The output file that was previously written is now called the raw format.
2. Add the vmdk output format to create VMDK images.
When the format is not given, the raw output format is assumed.
in SUBDIRS having tests added to it, which fails. Work around this by
checking to make sure tests exists before adding it to subdirs and
work to get the generated file fixed so we can rename Makefile.inc to
something else so it isn't automatically included by subdirs...
This first step is mostly to prevent the code from rotting even further
and to ensure these do not get wiped when fmake's code is removed from
the tree.
These tests are currently being skipped because they detect the underlying
make is not fmake and thus disable themselves -- and the reason is that
some of the tests fail, possibly due to legitimate bugs. Enabling them to
run against bmake will come separately.
Lastly, it would be ideal if these tests were fed upstream but they are
not ready for that yet. In the interim, just put them under usr.bin/bmake/
while we sort things out. The existence of a different unit-tests directory
within here makes me feel less guilty about this.
Change confirmed working with a clean amd64 build.
If a numeric argument is missing, zero should be assumed, for signed as well
as unsigned conversions.
This fixes the 'zero' regression tests.
r265592 erroneously reverted r244407.
The "bltin/bltin.h" wrappers do not support exit() and attempting
to call it will exit sh completely.
Note that errx() is acceptable but will always return with status 2.
Reported by: jilles (and the testing framework)
Fix by: jilles
Pointyhat: pfg
and MK_LLDB=no, so set those explicitly (now that we can do
that). Simplify tests for these variables as well, since we know they
will always be defined regardless of the phase of the build.
install it as fmake. This defaults to no. This should be viewed as the
first step towards evental migration of this historic code to ports
and removal from the tree.
If e_shnum or e_shstrndx are at least SHN_LORESERVE (0xff00) then an
escape value is used to indicate that the actual value is found in one
of section 0's fields.
Sponsored by: DARPA, AFRL
This actually completes r264743 so that width and precision
specifiers work properly with %n$. These keeps consistency
with ksh93 and zsh.
Requested by: jilles
Obtained from: Garrett D'Amore (Illumos)
MFC after: 4 days
sector granularity for both offset and length. Have all schemes
use mkimg_write() instead of mkimg_seek() followed by write(2).
Now that schemes don't use lseek(2) nor write(2) directly, it's
easier to support output formats other than raw disks.
instead of from /usr/share/mk.
I'm not sure that this will let buildworld complete on a system with
no installed src.opts.mk (make buildworld is still running), but the
tinderbox builds are all failing earlyon without this patch.
build world, so it is the only make we build or install. fmake is
still in the tree, but disconnected, and upgrades from older systems
that still have bmake has not been removed, but its state has not been
tested (it should work given how minimal the work to upgrade to bmake
is).
same events that tcpstat's tcps_rcvmemdrop counter counts.
- Rename tcps_rcvmemdrop to tcps_rcvreassfull and improve its
description in netstat(1) output.
Sponsored by: Netflix
Sponsored by: Nginx, Inc.
netstat has two options for printing multicast tables:
sysctl (the default one for live systems) and kvm-based one (for cores).
It looks like kvm-based one hasn't been working since it's been introduced
in r190012 due to absence of mfctablesize kernel symbol.
Check for all ipv4-multicast symbols being correctly resolved was introduced
in r259638 regardless of 'live' value leading to "No IPv4 MROUTING" error
message.
Reported by: Olivier Cochard-Labbé
MFC after: 1 week
- Introduce a separate usage() function.
- Don't use argv[0]. Directly name the application, as we do elsewhere.
- Don't prepend the application name.
- Don't print two newlines.
Add a new %n$ option to change the order of the parameters as
done in the ksh93 builtin printf (among others).
For example:
%printf '%2$1d %1$s\n' one 2 three 4
2 one
4 three
The feature was written by Garret D'Amore under a
BSD license for Nexenta/illumos.
Reference:
http://garrett.damore.org/2010/10/new-implementation-of-printf.html
PR: bin/152934
Obtained from: Illumos
MFC after: 2 weeks
For 10 years, the "DIALUP <tty>, <user>" message has required having a
hostname (-h) instead of not having a hostname; therefore, it is never
logged. Given that dialup is obsolete and this has not been fixed, remove
the log message.
Note that LOGALL, which is defined by default, logs a message for all
logins, including dialup logins.
For increased compatibility with GNU units: support a -v option which
produces more verbose output when spitting out the answer.
GNU -v does additional work in the version, information, and check output which
we do not (yet?) replicate.
and finish the job. ncurses is now the only Makefile in the tree that
uses it since it wasn't a simple mechanical change, and will be
addressed in a future commit.
As per POSIX, the -exec ... {} + primary always returns true, but a non-zero
exit status causes find to return a non-zero exit status itself. GNU does
the same, and also for -execdir ... {} +.
It does not make much sense to return false from the primary only when the
child process happens to be run.
The behaviour for -exec/-execdir ... ; remains unchanged: the primary
returns true or false depending on the exit status, and find's exit status
is unaffected.
The units program is likely little used. It is even less likely that a script
will want the units program to print out its version number by passing -v.
GNU units uses -V for version and -v for verbosity.
Increase compatibility between these two versions (written by the same author)
by switching our flag as well.
Take this opportunity to remove bogus information about the version number and
just call it 'FreeBSD units'.
Discussed with: cperciva, rwatson
fts_read() leaves errno unchanged on EOF and sets it on error, so set errno
to 0 before calling it. Also, don't trust finish_execplus() to leave errno
unchanged.
These were originally deleted as "not important" but, actually we need them
in place if we want to be able to use autoconf on software that provides
atf-based tests. (That includes being able to rebuild autotest from scratch
on the Kyua cluster machines, as the automated setup does.)
This is useful for debugging compat modules.
Sponsored by: EMC / Isilon Storage Division
Obtained from: Isilon OneFS (based on work by Jeff Hughes)
MFC after: 2 weeks
all the SUBDIR entries in parallel, instead of serially. Apply this
option to a selected number of Makefiles, which can greatly speed up the
build on multi-core machines, when using make -j.
This can be extended to more Makefiles later on, whenever they are
verified to work correctly with parallel building.
I tested this on a 24-core machine, with make -j48 buildworld (N = 6):
before stddev after stddev
======= ====== ======= ======
real time 1741.1 16.5 959.8 2.7
user time 12468.7 16.4 14393.0 16.8
sys time 1825.0 54.8 2110.6 22.8
(user+sys)/real 8.2 17.1
E.g. the build was approximately 45% faster in real time. On machines
with less cores, or with lower -j settings, the speedup will not be as
impressive. But at least you can now almost max out a machine with
buildworld!
Submitted by: jilles
MFC after: 2 weeks
well over 8 years...
roll the clock forward 16 years since there have been other changes
deserving of a bump, but never happened..
Submitted by: feld
Obtained from: 1 week
This targets the existing ARMv6 and ARMv7 SoCs that contain a VFP unit.
This is an optional coprocessors may not be present in all devices, however
it appears to be in all current SoCs we support.
armv6hf targets the VFP variant of the ARM EABI and our copy of gcc is too
old to support this. Because of this there are a number of WITH/WITHOUT
options that are unsupported and must be left as the default value. The
options and their required value are:
* WITH_ARM_EABI
* WITHOUT_GCC
* WITHOUT_GNUCXX
In addition, without an external toolchain, the following need to be left
as their default:
* WITH_CLANG
* WITH_CLANG_IS_CC
As there is a different method of passing float and double values to
functions the ABI is incompatible with existing armv6 binaries. To use
this a full rebuild of world is required. Because no floating point values
are passed into the kernel an armv6 kernel with VFP enabled will work with
an armv6hf userland and vice versa.
Note that these tests are for fmake, not bmake, and thus they are not
installed nor run when bmake is selected (the default). Yes, I have
wasted a *ton* of time on moving tests for no real reason other than
ensuring they are not left behind.
But maybe, just maybe, it was not work in vain: the majority of these
tests also work with bmake and the few that don't may point at broken
stuff. For example, the tests for the "archive" feature do not work
with bmake, but bmake's manpage and source tree seem to imply that they
should. So... to be investigated later; need to poke sjg@.