'C' and 'H' flags at runtime. This matches messages output for other
toggles which leave the first column in the message blank to hold the
cursor.
PR: bin/158775
Submitted by: arundel
MFC after: 3 days
ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY
This update addresses the following vulnerability:
CVE-2011-2464
=============
Severity: High
Exploitable: Remotely
Description:
A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code location
of the defect makes it impossible to protect BIND using ACLs configured
within named.conf or by disabling any features at compile-time or run-time.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464https://www.isc.org/software/bind/advisories/cve-2011-2464
- Implement -Wvariable-decl.
- Port -Wtrampolines support from gcc3.
(all three also via OpenBSD)
PR: gnu/127136, gnu/157019
Submitted by: Henning Petersen, Pedro Giffuni
MFC after: 6 weeks
for resolving by a child process that, upon success, will add the entry
to the config of the running running parent process.
Unfortunately there are a couple of bugs with this, fixed in various
later versions of upstream in potentially different ways due to other
code changes:
1) Upon server [-46] <FQDN> the [-46] are used as FQDN for later resolving
which does not work. Make sure we always pass the name (or IP there).
2) The intermediate file to carry the information to the child process
does not know about -4/-6 restrictions, so that a dual-stacked host
could resolve to an IPv6 address but that might be unreachable (see
r223626) leading to no working synchronization ignoring a IPv4 record.
Thus alter the intermediate format to also pass the address family
(AF_UNSPEC (default), AF_INET or AF_INET6) to the child process
depending on -4 or -6.
3) Make the child process to parse the new intermediate file format and
save the address family for getaddrinfo() hints flags.
4) Change child to always reload resolv.conf calling res_init() before
trying to resolve names. This will pick up resolv.conf changes or
new resolv.confs should they have not existed or been empty or
unusable on ntp startup. This fix is more conditional in upstream
versions but given FreeBSD has res_init there is no need for the
configure logic as well.
Approved by: roberto
Sponsored by: Sandvine Incorporated
MFC after: 9 days
in host byte order, so we need to compare them as such.
Properly compare IPv6 addresses as well.
This allows the, by default, 8 badaddrs slots per address
family to work correctly and only print sendto() errors once.
The change is no longer applicable to any latest upstream versions.
Approved by: roberto
Sponsored by: Sandvine Incorporated
MFC after: 1 week
In userland, sign extend the offset for JA instructions.
We currently use that to implement "ip6 protochain", and "pc" might be
wider than "pc->k", in which case we need to arrange that "pc->k" be
sign-extended, by casting it to bpf_int32.
PR: kern/157188
Submitted by: plosher
MFC after: 2 weeks
is defined, but then proceeds to use a hardcoded maximum hostname length
of 64 anyway. Fix this by checking against MAXHOSTNAMELEN instead.
PR: bin/157732
MFC after: 3 days
64-bit PowerPC or 32-bit PowerPC.
- Make gdb work on powerpc64, the code for this is obtained from
ppc-linux-tdep.c.
- Remove non-elf core read functionality. Implement core read functionality
similar like other FreeBSD targets.
- Set long double limitations.
This allows one to force consistent printing of numeric port numbers like
we do with -n for other tools like netstat (just that -n was already taken)
rather than the service names.
-P is currently unused in OpenBSD so the change is eligible for upstreaming.
PR: misc/151015
Submitted by: Matt Koivisto (mkoivisto sandvine.com)
Sponsored by: Sandvine Incorporated
MFC after: 1 week
This also replaces the local fix in r219209 that made .Ac emit
ASCII angle quotes with an official fix. In the official fix,
ASCII quotes are output when using the .Aq, .Ao and .Ac calls,
but only when nested into the .An macro.
PR: gnu/154822
It seems there have only been a small amount to the compiler-rt source
code in the mean time. I'd rather have the code in sync as much as
possible by the time we release 9.0. Changes:
- The libcompiler_rt library is now dual licensed under both the
University of Illinois "BSD-Like" license and the MIT license.
- Our local modifications for using .hidden instead of .private_extern
have been upstreamed, meaning our changes to lib/assembly.h can now be
reverted.
- A possible endless recursion in __modsi3() has been fixed.
- Support for ARM EABI has been added, but it has no effect on FreeBSD
(yet).
- The functions __udivmodsi4 and __divmodsi4 have been added.
Requested by: many, including bf@ and Pedro Giffuni
buffers. This fixes a segfault on exit due to calling free on a bogus pointer.
This should be considered a temporary stop gap fix to avoid the crash. The
complete fix re-shuffles the initializations of some of the clean-up pointers.
The details of the fix can be found in the libpcap git repository:
commit bc8209b71e928870b0f172d43b174ab27ba24394
Proded by: kevlo, rpaulo
MFC after: 2 weeks
Submitted by: Anton Yuzhaninov
The binutils update in r218822 caused the MIPS n64 dynamic binaries to
fail because the ".interp" section is not in the initial sections.
This happens because elf64bmip-defs.sh overrides INITIAL_READONLY_SECTIONS
to add ".MIPS.options" sections instead of the ".reginfo" section used
by n32.
This used to work fine, but after r218822, INITIAL_READONLY_SECTIONS also
contains the .interp section, so the override has to be done differently.
Reported by : aduane at juniper
Obtained from: gonzo (Initial version)
rather than at the bottom of the manpage.
- Remove an obsolete comment about SWAIT being a stale state. It was
resurrected for a different purpose in FreeBSD 5 to mark idle ithreads.
- Add a comment documenting that the SLEEP and LOCK states typically
display the name of the event being waited on with lock names being
prefixed with an asterisk and sleep event names not having a prefix.
MFC after: 1 week
idle threads). The process is displayed by default (subject to whether or
not system processes are displayed) to preserve existing behavior. The
system idle process can be hidden via the '-z' command line argument or the
'z' key while top is running. When it is hidden, top more closely matches
the behavior of FreeBSD <= 4.x where idle time was not accounted to any
process.
MFC after: 2 weeks
system and is decided upon by configure and could be an u_int or a
u_char. For FreeBSD it is a u_char.
For IPv6 however RFC 3493, 5.2 defines the argument to
IPV6_MULTICAST_LOOP to be an unsigned integer so make sure we always
use that using a second variable for the IPV6 case.
This is to get rid of these error messages every 5 minutes on some
systems:
ntpd[1530]: setsockopt IPV6_MULTICAST_LOOP failure: Invalid argument
on socket 22, addr fe80::... for multicast address ff02::101
While here also fix the copy&paste error in the log message for
IPV6_MULTICAST_LOOP.
Reviewed by: roberto
Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems
MFC after: 10 days
Filed as: Bug 1936 on ntp.org
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.
This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.
2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.
Add a patch provided by ru@ and confirmed by ISC to fix a crash at
shutdown time when a SIG(0) key is being used.
LLVM_HOSTTRIPLE that is defined during the cross-tools stage.
Using clang, you can now build amd64 world and kernel on i386, and vice
versa. Other arches still need work.
Change for Africa/Casablanca:
- The 3rd april 2011 at 00:00:00, [it] will be 3rd april 1:00:00
- The 31th july 2011 at 00:59:59, [it] will be 31th July 00:00:00
Update for SouthAmerica/Chili:
- Chile's clocks will go back an hour this year on the 7th of May instead
of this Saturday. They will go forward again the 3rd Saturday in
August, not in October as they have since 1968. This is a pilot plan
which will be reevaluated in 2012.
- Pacific/Apia will have DST on 2 April instead of 3 April in 2011.
- Turkye will go to DST on 28 April instead of 27 April in 2011.
- Cuba will go to DST on 20 April in 2011.
Obtained from: ftp://elsie.nci.nih.gov/pub/
* elf64-sparc.c (sparc64_elf_relocate_section): Adjust addend of
dynamic relocs against section symbols for the output section vma.
However, with the addition of TLS support in the upstream rev. 1.104
this fix was essentially reverted. After factoring out the common parts
of elf32-sparc.c and elf64-sparc.c a comment was added to elfxx-sparc.c
in the upstream rev. 1.27 as part of unrelated changes, saying that the
fix from elf64-sparc.c rev. 1.61 indeed should be implemented, but given
that some unspecified OS has a broken ld.so expecting broken relocations
deliberately is omitted.
As the current behavior actually violates the SPARC ABI, FreeBSD never
had such a broken ld.so and this is actually causing problems with at
least kernel modules linked with binutils 2.17.50 committed in r218822
without the workaround committed in r219340 in place, re-implement the
above fix in a way so that is only applied if the output format is
ELFOSABI_FREEBSD. In the upstream version it probably would make sense
to invert this check and only skip adjusting the addend for the OS with
the broken ld.so, once it's determine which one that is.
Approved by: dim
c65292b04b98d6a76d58c5a54ca8f81463bf24de to support new SIOCGIFDESCR
ioctl interface which was too late for libpcap 1.1.1.
Reported by: brucec
Noticed by: wxs
- No leapsecond in June 2011
- Add and update timezones for America/Juneau, America/Sitka,
America/Metlakatla
- Change of Summer time to Winter time in Chili happens in April
2011, not in March 2011.
These options are supported in this shape in all newer GCC versions.
PR: gnu/155308
Obtained from: gcc 4.3 (rev. 118090, 118973, 120846; GPLv2)
MFC after: 2 weeks
groff will try to produce fancy angle brackets like
Foo ⟨foo@FreeBSD.org⟩
This is nice and well, but no email client will understand them. For
ease of copy&paste keep the one-true pair of brackets 0x3c/0x3e.
See: RFC 822, RFC 2822
PR: gnu/154822
Submitted by: Dominic Fandrey <kamikaze@bsdforen.de>
MFC after: 2 weeks
There are several bugfixes in this update, but the most important one is
to ensure __start_ and __stop_ symbols for linker sets and kernel module
metadata are always emitted in object files:
http://llvm.org/bugs/show_bug.cgi?id=9292
Before this fix, if you compiled kernel modules with clang, they would
not be properly processed by kldxref, and if they had any dependencies,
the kernel would fail to load those. Another problem occurred when
attempting to mount a tmpfs filesystem, which would result in 'operation
not supported by device'.
arguments passed to ld, when linking. This was to appease configure
scripts in several ports, that grep for such a -L option in "${CC} -v"
output, to determine the startup objects passed to ld. Note ld itself
does not need to be told about /usr/lib, since it has this path builtin
anyway.
However, if clang is built as a bootstrap tool during buildworld, it
should not use *anything* outside ${WORLDTMP} to include or link with.
The upstream fix to add -L/usr/lib breaks this assumption, and can thus
cause libraries from /usr/lib to be linked in during buildworld.
This can result in buildworld dying during linking of zinject, where it
picks up the wrong copy of libzpool.so, eventually leading to:
/usr/obj/usr/src/tmp/lib/libthr.so.3: undefined reference to `_rtld_get_stack_prot'
Fix this issue by not adding any hardcoded paths, but by looping through
the run-time library path list, which is already correctly set for the
bootstrap phase.
Reported by: datastream.freecity@gmail.com
Pointy hat to: dim
and k8-sse3 cpu-types for -march=/-mtune= gcc options.
These new cpu-types include the SSE3 instruction set that is supported
by all newer AMD Athlon 64 and Opteron processors.
All three cpu-types are supported by clang and all gcc versions
starting with 4.3 SVN rev 124339 (at that time GPLv2 licensed).
PR: gnu/154906
Discussed with: kib, kan, dim
Obtained from: gcc 4.3 (r124339, GPLv2 licensed)
MFC after: 2 weeks
x86 CPU support, better support for powerpc64, some new directives, and
many other things. Bump __FreeBSD_version, and add a note to UPDATING.
Thanks to the many people that have helped to test this.
Obtained from: projects/binutils-2.17
All 9.6 users with DNSSEC validation enabled should upgrade to this
version, or the latest version in the 9.7 branch, prior to 2011-03-31
in order to avoid validation failures for names in .COM as described
here:
https://www.isc.org/announcement/bind-9-dnssec-validation-fails-new-ds-record
In addition the fixes for this and other bugs, there are also the
following:
* Various fixes to kerberos support, including GSS-TSIG
* Various fixes to avoid leaking memory, and to problems that could
prevent a clean shutdown of named
Also remove local overrides that are now in the contrib tree.
This is a direct commit to contrib/ as we will no longer import any
newer groff snapshots, due to licensing issues.
MFC after: 3 weeks
Mark gcc-provided asm files as not requiring executable stack.
It seems that non-FreeBSD ABIs for powerpc64 claim stack non-executable.
Due to this, rs6000_elf_end_indicate_exec_stack() only emit the note for
32 bit target. I decided not to change FreeBSD ABI and patch
emit the notes for both variants.
Reviewed and tested by: nwhitehorn
'linker stubs'. Add .note.GNU-stack for the stubs objects. Without this,
final binary will have RWE mode for PT_GNU_STACK regardless of the
actual requirements.
Tested by: nwhitehorn
Reviewed by: dim, nwhitehorn
dialog is distributed from GPLv2 to LGPLv2 and introduces a number of new
features and a new and better libdialog API. The existing libdialog will
be kept temporarily as libodialog for compatibility purposes until sade,
sysinstall and tzsetup have been either updated or replaced.
__FreeBSD_version is now 900030.
Discussed on: -current
Approved by: core
Obtained from: http://invisible-island.net/dialog
it should also be MI. The problem here arises when ld ends up linking a
link-once section with relocations against sections that point back to it
that are as yet unresolved. Instead of piecemeal finding sections we
think are potentially subject to this issue, just defer processing for
sections that have yet to be relocated instead of immediately bailing.
actually work, linking of libgcc_s.so.1 on ia64 will fail with:
unwind-ia64.So(.text+0x1762): In function `_Unwind_FindEnclosingFunction':
: undefined reference to `_Unwind_FindTableEntry'
unwind-ia64.So(.text+0x1d82): In function `uw_frame_state_for':
: undefined reference to `_Unwind_FindTableEntry'
/usr/bin/ld: libgcc_s.so.1: hidden symbol `_Unwind_FindTableEntry' isn't defined
Repair this by not hiding the _Unwind_FindTableEntry symbol; on FreeBSD,
it is in libc, not in libgcc.
Silence from: current@
thread specific informations.
In order to do that, and in order to avoid KBI breakage with existing
infrastructure the following semantic is implemented:
- For live programs, a new member to the PT_LWPINFO is added (pl_tdname)
- For cores, a new ELF note is added (NT_THRMISC) that can be used for
storing thread specific, miscellaneous, informations. Right now it is
just popluated with a thread name.
GDB, then, retrieves the correct informations from the corefile via the
BFD interface, as it groks the ELF notes and create appropriate
pseudo-sections.
Sponsored by: Sandvine Incorporated
Tested by: gianni
Discussed with: dim, kan, kib
MFC after: 2 weeks
Not doing so may cause all sorts of random libraries to expose
libcompiler_rt's functions, which should of course not be done.
Discussed with: kan, kib
into it. Prior to this commit the .gnu_debuglink section can have up
to 3 bytes of uninitialized garbage; as a result, .ko files could
change vary between builds.
Approved by: dim
MFC after: 7 days