svn commit: r361660 - head/sys/modules/hyperv/hvsock
Author: lwhsu Date: Sun May 31 05:02:15 2020 New Revision: 361660 URL: https://svnweb.freebsd.org/changeset/base/361660 Log: Fix directly building in sys/modules Sponsored by: The FreeBSD Foundation Modified: head/sys/modules/hyperv/hvsock/Makefile Modified: head/sys/modules/hyperv/hvsock/Makefile == --- head/sys/modules/hyperv/hvsock/Makefile Sun May 31 03:44:13 2020 (r361659) +++ head/sys/modules/hyperv/hvsock/Makefile Sun May 31 05:02:15 2020 (r361660) @@ -5,6 +5,7 @@ KMOD= hv_sock SRCS= hv_sock.c SRCS+= hv_sock.h +SRCS+= device_if.h bus_if.h CFLAGS+= -I${SRCTOP}/sys/dev/hyperv/include\ -I${SRCTOP}/sys/dev/hyperv/vmbus \ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361658 - head/sys/rpc
Author: rmacklem Date: Sun May 31 01:12:52 2020 New Revision: 361658 URL: https://svnweb.freebsd.org/changeset/base/361658 Log: Add the .h file that describes the operations for the rpctls_syscall. This .h file will be used by the nfs-over-tls daemons to do the system call that was added by r361599. Added: head/sys/rpc/rpcsec_tls.h (contents, props changed) Added: head/sys/rpc/rpcsec_tls.h == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/rpc/rpcsec_tls.h Sun May 31 01:12:52 2020(r361658) @@ -0,0 +1,82 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2020 Rick Macklem + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef_RPC_RPCSEC_TLS_H_ +#define_RPC_RPCSEC_TLS_H_ + +/* Operation values for rpctls syscall. */ +#defineRPCTLS_SYSC_CLSETPATH 1 +#defineRPCTLS_SYSC_CLSOCKET2 +#defineRPCTLS_SYSC_CLSHUTDOWN 3 +#defineRPCTLS_SYSC_SRVSETPATH 4 +#defineRPCTLS_SYSC_SRVSOCKET 5 +#defineRPCTLS_SYSC_SRVSHUTDOWN 6 + +/* System call used by the rpctlscd, rpctlssd daemons. */ +intrpctls_syscall(int, const char *); + +/* Flag bits to indicate certificate results. */ +#defineRPCTLS_FLAGS_HANDSHAKE 0x01 +#defineRPCTLS_FLAGS_GOTCERT0x02 +#defineRPCTLS_FLAGS_SELFSIGNED 0x04 +#defineRPCTLS_FLAGS_VERIFIED 0x08 +#defineRPCTLS_FLAGS_DISABLED 0x10 +#defineRPCTLS_FLAGS_CERTUSER 0x20 + +/* Error return values for upcall rpcs. */ +#defineRPCTLSERR_OK0 +#defineRPCTLSERR_NOCLOSE 1 +#defineRPCTLSERR_NOSSL 2 +#defineRPCTLSERR_NOSOCKET 3 + +#ifdef _KERNEL +/* Functions that perform upcalls to the rpctlsd daemon. */ +enum clnt_stat rpctls_connect(CLIENT *newclient, struct socket *so, + uint64_t *sslp, uint32_t *reterr); +enum clnt_stat rpctls_cl_handlerecord(uint64_t sec, uint64_t usec, + uint64_t ssl, uint32_t *reterr); +enum clnt_stat rpctls_srv_handlerecord(uint64_t sec, uint64_t usec, + uint64_t ssl, uint32_t *reterr); +enum clnt_stat rpctls_cl_disconnect(uint64_t sec, uint64_t usec, + uint64_t ssl, uint32_t *reterr); +enum clnt_stat rpctls_srv_disconnect(uint64_t sec, uint64_t usec, + uint64_t ssl, uint32_t *reterr); + +/* Initialization function for rpcsec_tls. */ +intrpctls_init(void); + +/* Get TLS information function. */ +bool rpctls_getinfo(u_int *maxlen); + +/* String for AUTH_TLS reply verifier. */ +#defineRPCTLS_START_STRING "STARTTLS" + +#endif /* _KERNEL */ + +#endif /* _RPC_RPCSEC_TLS_H_ */ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, 30 May 2020 at 19:39, Konstantin Belousov wrote: > > > It looks like GNU ld has done it since 2015 in fact. Further, glibc > > will refuse to dlopen() an object with DF_1_PIE set, as of last June; > > this seems like it would be a reasonable thing for us to do too. > > > > glibc bug for this: https://sourceware.org/bugzilla/show_bug.cgi?id=24323 > > I can do it. What if such object is referenced by DT_NEEDED ? Hmm, good question. glibc has the following comment where they disallow it: > +/* dlopen of an executable is not valid because it is not possible > + to perform proper relocations, handle static TLS, or run the > + ELF constructors. For PIE, the check needs the dynamic > + section, so there is another check below. */ I would suggest that if it's the case we cannot correctly dlopen or handle a DT_NEEDED executable then we ought to fail. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, May 30, 2020 at 07:28:55PM -0400, Ed Maste wrote: > On Sat, 30 May 2020 at 16:17, Ed Maste wrote: > > > > On Sat, 30 May 2020 at 16:14, Konstantin Belousov > > wrote: > > > > > > On Sat, May 30, 2020 at 07:57:27PM +, Ed Maste wrote: > > > > Author: emaste > > > > Date: Sat May 30 19:57:26 2020 > > > > New Revision: 361657 > > > > URL: https://svnweb.freebsd.org/changeset/base/361657 > > > > > > > > Log: > > > > elf_common.h: define DF_1_PIE > > > > > > > > DF_1_PIE indicates that the object is a position-independent > > > > executable. > > > Only on Solaris. > > > > Apparently GNU ld sets it broadly now, and there's a patch to have lld > > start doing it: https://reviews.llvm.org/D80872 > > It looks like GNU ld has done it since 2015 in fact. Further, glibc > will refuse to dlopen() an object with DF_1_PIE set, as of last June; > this seems like it would be a reasonable thing for us to do too. > > glibc bug for this: https://sourceware.org/bugzilla/show_bug.cgi?id=24323 I can do it. What if such object is referenced by DT_NEEDED ? ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, 30 May 2020 at 16:17, Ed Maste wrote: > > On Sat, 30 May 2020 at 16:14, Konstantin Belousov wrote: > > > > On Sat, May 30, 2020 at 07:57:27PM +, Ed Maste wrote: > > > Author: emaste > > > Date: Sat May 30 19:57:26 2020 > > > New Revision: 361657 > > > URL: https://svnweb.freebsd.org/changeset/base/361657 > > > > > > Log: > > > elf_common.h: define DF_1_PIE > > > > > > DF_1_PIE indicates that the object is a position-independent executable. > > Only on Solaris. > > Apparently GNU ld sets it broadly now, and there's a patch to have lld > start doing it: https://reviews.llvm.org/D80872 It looks like GNU ld has done it since 2015 in fact. Further, glibc will refuse to dlopen() an object with DF_1_PIE set, as of last June; this seems like it would be a reasonable thing for us to do too. glibc bug for this: https://sourceware.org/bugzilla/show_bug.cgi?id=24323 ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, 30 May 2020 at 16:14, Konstantin Belousov wrote: > > On Sat, May 30, 2020 at 07:57:27PM +, Ed Maste wrote: > > Author: emaste > > Date: Sat May 30 19:57:26 2020 > > New Revision: 361657 > > URL: https://svnweb.freebsd.org/changeset/base/361657 > > > > Log: > > elf_common.h: define DF_1_PIE > > > > DF_1_PIE indicates that the object is a position-independent executable. > Only on Solaris. Apparently GNU ld sets it broadly now, and there's a patch to have lld start doing it: https://reviews.llvm.org/D80872 ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, May 30, 2020 at 07:57:27PM +, Ed Maste wrote: > Author: emaste > Date: Sat May 30 19:57:26 2020 > New Revision: 361657 > URL: https://svnweb.freebsd.org/changeset/base/361657 > > Log: > elf_common.h: define DF_1_PIE > > DF_1_PIE indicates that the object is a position-independent executable. Only on Solaris. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361657 - head/sys/sys
Author: emaste Date: Sat May 30 19:57:26 2020 New Revision: 361657 URL: https://svnweb.freebsd.org/changeset/base/361657 Log: elf_common.h: define DF_1_PIE DF_1_PIE indicates that the object is a position-independent executable. Reference: https://docs.oracle.com/cd/E36784_01/html/E36857/chapter6-42444.html MFC after:3 days Sponsored by: The FreeBSD Foundation Modified: head/sys/sys/elf_common.h Modified: head/sys/sys/elf_common.h == --- head/sys/sys/elf_common.h Sat May 30 19:16:33 2020(r361656) +++ head/sys/sys/elf_common.h Sat May 30 19:57:26 2020(r361657) @@ -764,6 +764,7 @@ typedef struct { #defineDF_1_ORIGIN 0x0080 /* Process $ORIGIN */ #defineDF_1_INTERPOSE 0x0400 /* Interpose all objects but main */ #defineDF_1_NODEFLIB 0x0800 /* Do not search default paths */ +#defineDF_1_PIE0x0800 /* Is position-independent executable */ /* Values for l_flags. */ #defineLL_NONE 0x0 /* no flags */ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361656 - head/gnu/usr.bin/binutils
Author: emaste Date: Sat May 30 19:16:33 2020 New Revision: 361656 URL: https://svnweb.freebsd.org/changeset/base/361656 Log: binutils: build as with BINUTILS || BINUTILS_BOOTSTRAP Previously we descended into as only if MK_BINUTILS was true, including during the bootstrap tool phase. BINUTILS is now disabled by default on all archs, and we failed to build it during amd64 bootstrap. Descend into as if either BINUTILS or BINUTILS_BOOTSTRAP is enabled. This is not quite correct: we should either have the test also depend on BOOTSTRAPPING, or set BINUTILS to the value of BINUTILS_BOOTSTRAP during the bootstrap phase. However, this simple change fixes the build and has been tested, and binutils will be removed completely in the near future. Modified: head/gnu/usr.bin/binutils/Makefile Modified: head/gnu/usr.bin/binutils/Makefile == --- head/gnu/usr.bin/binutils/Makefile Sat May 30 19:15:29 2020 (r361655) +++ head/gnu/usr.bin/binutils/Makefile Sat May 30 19:16:33 2020 (r361656) @@ -11,8 +11,9 @@ SUBDIR.${MK_BINUTILS}+= doc # GNU as is used on x86 only, for a few files that cannot be assembled by # Clang IAS. Other archs either use Clang IAS for every assembly file, or # use external toolchain. -.if ${TARGET} == "amd64" || ${TARGET} == "i386" -SUBDIR.${MK_BINUTILS}+=as +.if (${TARGET} == "amd64" || ${TARGET} == "i386") && \ +(${MK_BINUTILS} != "no" || ${MK_BINUTILS_BOOTSTRAP} != "no") +SUBDIR+= as .endif SUBDIR_DEPEND_as=libbfd libiberty libopcodes ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361655 - head/usr.sbin/certctl
Author: markj Date: Sat May 30 19:15:29 2020 New Revision: 361655 URL: https://svnweb.freebsd.org/changeset/base/361655 Log: certctl.8: Correct the HISTORY section. certctl was merged to stable/12 after 12.1 was branched. PR: 246190 Reported by: Michael Osipov MFC after:3 days Modified: head/usr.sbin/certctl/certctl.8 Modified: head/usr.sbin/certctl/certctl.8 == --- head/usr.sbin/certctl/certctl.8 Sat May 30 19:11:41 2020 (r361654) +++ head/usr.sbin/certctl/certctl.8 Sat May 30 19:15:29 2020 (r361655) @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 22, 2020 +.Dd May 30, 2020 .Dt CERTCTL 8 .Os .Sh NAME @@ -123,6 +123,6 @@ Default: *.pem *.crt *.cer *.crl *.0 .Sh HISTORY .Nm first appeared in -.Fx 12.0 +.Fx 12.2 .Sh AUTHORS .An Allan Jude Aq Mt allanj...@freebsd.org ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361654 - head/usr.sbin/ctld
Author: markj Date: Sat May 30 19:11:41 2020 New Revision: 361654 URL: https://svnweb.freebsd.org/changeset/base/361654 Log: ctld: Fix a memory leak in uclparse_conf(). PR: 246596 Submitted by: Patryk MFC after:1 week Modified: head/usr.sbin/ctld/uclparse.c Modified: head/usr.sbin/ctld/uclparse.c == --- head/usr.sbin/ctld/uclparse.c Sat May 30 18:01:53 2020 (r361653) +++ head/usr.sbin/ctld/uclparse.c Sat May 30 19:11:41 2020 (r361654) @@ -914,6 +914,7 @@ int uclparse_conf(struct conf *newconf, const char *path) { struct ucl_parser *parser; + ucl_object_t *top; int error; conf = newconf; @@ -922,10 +923,14 @@ uclparse_conf(struct conf *newconf, const char *path) if (!ucl_parser_add_file(parser, path)) { log_warn("unable to parse configuration file %s: %s", path, ucl_parser_get_error(parser)); + ucl_parser_free(parser); return (1); } - error = uclparse_toplevel(ucl_parser_get_object(parser)); + top = ucl_parser_get_object(parser); + error = uclparse_toplevel(top); + ucl_object_unref(top); + ucl_parser_free(parser); return (error); } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
RE: svn commit: r361275 - in head/sys: conf dev/hyperv/hvsock dev/hyperv/include dev/hyperv/vmbus modules/hyperv modules/hyperv/hvsock sys
> -Original Message- > From: Kyle Evans > Sent: Saturday, May 30, 2020 2:33 AM > To: Wei Hu > Cc: src-committers ; svn-src-all a...@freebsd.org>; svn-src-head > Subject: Re: svn commit: r361275 - in head/sys: conf dev/hyperv/hvsock > dev/hyperv/include dev/hyperv/vmbus modules/hyperv > modules/hyperv/hvsock sys > > On Fri, May 29, 2020 at 12:08 PM Wei Hu wrote: > > > -Original Message- > > > > > [... snip ...] > > > > > +void > > > > > +hvs_trans_init(void) > > > > > +{ > > > > > + /* Skip initialization of globals for non-default instances. > > > > > */ > > > > > + if (!IS_DEFAULT_VNET(curvnet)) > > > > > + return; > > > > > + > > > > > + if (vm_guest != VM_GUEST_HV) > > > > > + return; > > > > > + > > > > > + HVSOCK_DBG(HVSOCK_DBG_VERBOSE, > > > > > + "%s: HyperV Socket hvs_trans_init called\n", > > > > > + __func__); > > > > > + > > > > > + /* Initialize Globals */ > > > > > + previous_auto_bound_port = MAX_PORT; > > > > > + sx_init(_trans_socks_sx, "hvs_trans_sock_sx"); > > > > > + mtx_init(_trans_socks_mtx, > > > > > + "hvs_trans_socks_mtx", NULL, MTX_DEF); > > > > > + LIST_INIT(_trans_bound_socks); > > > > > + LIST_INIT(_trans_connected_socks); > > > > > +} > > > > > + > > > > > > > > I have a suspicion that all of these should really be per-vnet for > > > > correct semantics with VIMAGE, with the IS_DEFAULT_VNET check > > > > earlier dropped completely. I haven't read around the rest all > > > > that much, but this would at least seem to prevent port re-use by > > > > a different vnet, which is perhaps "good enough" but I think this > > > > is something that should be fixed in the mid-term. > > > > > > > > > > I have a follow-up concern about whether this is actually going to > > > be maintained... it's been a full week with not even an > > > acknowledgement or rebuttal of any of the concerns I've raised, with > > > some of them being completely trivial to address in the short-term. > > > I don't think that we really want this in the tree in its current state > > > given > this level of engagement. > > > > > Sorry for my late response, Kyle. I read your comments last week. To > > be honest I am not familiar to VNET and VIMAGE, so I don't quite > > understand. I got distracted into other work so my response to this was > delayed. > > > > Do you mean to drop these two lines? > >if (!IS_DEFAULT_VNET(curvnet)) > >return > > I copied these from other socket init code. If they are not necessary I can > remove them. > > > > Alright, let's rewind a little bit here. =-) Consider while reading the below > that I > have no idea what the host-side of these sockets look like beyond what I just > very quickly skimmed from [0]. > > It's a little more involved than that; consider each vnet as its own > independent > network stack that's largely isolated from other vnets. > The host starts out with a vnet, vnet0 (the default vnet), and root may spawn > additional vnets attached to jails to allow the jail to operate its own > network > stack as well. Your pr_init will get called once per vnet spawned, including > the > obvious default vnet, which is why the check is there in the first place -- > you > may have some global state that only needs to be initialized once, at which > point you would exclude non-default vnets from executing those bits. > > The more I think about it, though, the more I wonder if hvsock makes sense at > all in non-default vnet contexts and whether hvs_trans_attach should really be > attaching to sockets outside of the default vnet. You can bind in your FreeBSD > HyperV guest to a port, and a host service's option for connecting is > specifying > guest GUID + port; there's not really any wiggle room for multiple entities > within a guest to be binding to a given port anyways. It may very well be the > case that the status quo is the optimal outcome. > > Given that, does it make sense that the host connects via the guest GUID and > can potentially end up connected to some jail of unknown trust operating its > own network stack? > > As a final scattered thought for the hour, does the Linux implementation of > this > stuff do anything to give a guest admin visibility into existing HyperV > sockets on > the system? AFAICT here, there's no sockstat integration or anything else that > might export hvsock information to userland, so one's only option to tracking > down whether a HyperV socket even exists and to which process it belongs > would appear to be probing around in the kernel. > The HyperV host only connects to guest using the guest unique GUID and a port number. Once connection is requested, host sends a virtualized vmbus device offer to guest using different mechanism. On the guest side when the device office is in, it checks if the port is bound, then a communication channel on vmbus is established and a new
svn commit: r361651 - head
Author: emaste Date: Sat May 30 16:20:18 2020 New Revision: 361651 URL: https://svnweb.freebsd.org/changeset/base/361651 Log: Makefile.inc1: remove BINUTILS_BOOTSTRAP linker support As of r359347 BINUTILS_BOOTSTRAP does not include the bfd linker. Modified: head/Makefile.inc1 Modified: head/Makefile.inc1 == --- head/Makefile.inc1 Sat May 30 16:13:21 2020(r361650) +++ head/Makefile.inc1 Sat May 30 16:20:18 2020(r361651) @@ -250,9 +250,6 @@ USING_SYSTEM_COMPILER= yes # Which linker is expected to be used? .if ${MK_LLD_BOOTSTRAP} == "yes" WANT_LINKER_TYPE= lld -.elif ${MK_BINUTILS_BOOTSTRAP} == "yes" -# Note that there's no support for bfd in WITH_SYSTEM_LINKER. -WANT_LINKER_TYPE= bfd .else WANT_LINKER_TYPE= .endif ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361650 - head/tools/build/options
Author: emaste Date: Sat May 30 16:13:21 2020 New Revision: 361650 URL: https://svnweb.freebsd.org/changeset/base/361650 Log: Add deprecation notice to WITH_BINUTILS option description Modified: head/tools/build/options/WITH_BINUTILS Modified: head/tools/build/options/WITH_BINUTILS == --- head/tools/build/options/WITH_BINUTILS Sat May 30 16:12:50 2020 (r361649) +++ head/tools/build/options/WITH_BINUTILS Sat May 30 16:13:21 2020 (r361650) @@ -2,3 +2,5 @@ Build and install GNU .Xr as 1 as part of the normal system build. +This option is not available as of +.Fx 13.0 . ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361648 - head/share/mk
Author: emaste Date: Sat May 30 16:12:00 2020 New Revision: 361648 URL: https://svnweb.freebsd.org/changeset/base/361648 Log: Disable BINUTILS by default on amd64 The retirement of obsolete binutils 2.17.50 has been in progress for quite some time. All tools other than GNU as were removed prior to this commit, and it was built only on amd64 - installed as /usr/bin/as, and used as a bootstrap tool. The amd64 exp-run has completed and failures have now been addressed in the individual ports, so disable it by default. PR: 233611, 205250 [exp-run] Sponsored by: The FreeBSD Foundation Modified: head/share/mk/src.opts.mk Modified: head/share/mk/src.opts.mk == --- head/share/mk/src.opts.mk Sat May 30 16:00:49 2020(r361647) +++ head/share/mk/src.opts.mk Sat May 30 16:12:00 2020(r361648) @@ -200,6 +200,7 @@ __DEFAULT_YES_OPTIONS = \ __DEFAULT_NO_OPTIONS = \ BEARSSL \ BHYVE_SNAPSHOT \ +BINUTILS \ BSD_GREP \ CLANG_EXTRAS \ DTRACE_TESTS \ @@ -290,12 +291,11 @@ __DEFAULT_NO_OPTIONS+=LLVM_TARGET_BPF .if ${__T} == "aarch64" || ${__T:Mriscv*} != "" BROKEN_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP GDB .endif -# BINUTILS is enabled on amd64 to provide as for ports - PR 205250 # BINUTILS_BOOTSTRAP is needed on amd64 only, for skein_block_asm.s .if ${__T} == "amd64" -__DEFAULT_YES_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP +__DEFAULT_YES_OPTIONS+=BINUTILS_BOOTSTRAP .else -__DEFAULT_NO_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP +__DEFAULT_NO_OPTIONS+=BINUTILS_BOOTSTRAP .endif .if ${__T:Mriscv*} != "" BROKEN_OPTIONS+=OFED ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361649 - head/share/man/man5
Author: emaste Date: Sat May 30 16:12:50 2020 New Revision: 361649 URL: https://svnweb.freebsd.org/changeset/base/361649 Log: Add deprecation notice to WITH_BINUTILS option description Modified: head/share/man/man5/src.conf.5 Modified: head/share/man/man5/src.conf.5 == --- head/share/man/man5/src.conf.5 Sat May 30 16:12:00 2020 (r361648) +++ head/share/man/man5/src.conf.5 Sat May 30 16:12:50 2020 (r361649) @@ -1,6 +1,6 @@ .\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. .\" $FreeBSD$ -.Dd May 29, 2020 +.Dd May 30, 2020 .Dt SRC.CONF 5 .Os .Sh NAME @@ -182,21 +182,12 @@ Build all binaries with the .Dv DF_BIND_NOW flag set to indicate that the run-time loader should perform all relocation processing at process startup rather than on demand. -.It Va WITHOUT_BINUTILS -Do not build or install GNU -.Xr as 1 -as part -of the normal system build. -.Pp -This is a default setting on -arm/armv6, arm/armv7, arm64/aarch64, i386/i386, mips/mips, mips/mips64, powerpc/powerpc, powerpc/powerpc64, riscv/riscv64 and riscv/riscv64sf. .It Va WITH_BINUTILS Build and install GNU .Xr as 1 as part of the normal system build. -.Pp -This is a default setting on -amd64/amd64. +This option is not available as of +.Fx 13.0 . .It Va WITHOUT_BINUTILS_BOOTSTRAP Do not build GNU binutils as part of the bootstrap process. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361647 - in head/bin/sh: . tests/execution
Author: jilles Date: Sat May 30 16:00:49 2020 New Revision: 361647 URL: https://svnweb.freebsd.org/changeset/base/361647 Log: sh: Allow more scripts without #! Austin Group bugs #1226 and #1250 changed the requirements for shell scripts without #! (POSIX does not specify #!; this is about the shell execution when execve(2) returns an [ENOEXEC] error). POSIX says we shall allow execution if the initial part intended to be parsed by the shell consists of characters and does not contain the NUL character. This allows concatenating a shell script (ending with exec or exit) and a binary payload. In order to reject common binary files such as PNG images, check that there is a lowercase letter or expansion before the last newline before the NUL character, in addition to the check for the newline character suggested by POSIX. Added: head/bin/sh/tests/execution/shellproc6.0 (contents, props changed) Modified: head/bin/sh/exec.c head/bin/sh/tests/execution/Makefile Modified: head/bin/sh/exec.c == --- head/bin/sh/exec.c Sat May 30 13:39:56 2020(r361646) +++ head/bin/sh/exec.c Sat May 30 16:00:49 2020(r361647) @@ -44,6 +44,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include /* @@ -140,6 +141,37 @@ shellexec(char **argv, char **envp, const char *path, } +static bool +isbinary(const char *data, size_t len) +{ + const char *nul, *p; + bool hasletter; + + nul = memchr(data, '\0', len); + if (nul == NULL) + return false; + /* +* POSIX says we shall allow execution if the initial part intended +* to be parsed by the shell consists of characters and does not +* contain the NUL character. This allows concatenating a shell +* script (ending with exec or exit) and a binary payload. +* +* In order to reject common binary files such as PNG images, check +* that there is a lowercase letter or expansion before the last +* newline before the NUL character, in addition to the check for +* the newline character suggested by POSIX. +*/ + hasletter = false; + for (p = data; *p != '\0'; p++) { + if ((*p >= 'a' && *p <= 'z') || *p == '$' || *p == '`') + hasletter = true; + if (hasletter && *p == '\n') + return false; + } + return true; +} + + static void tryexec(char *cmd, char **argv, char **envp) { @@ -155,7 +187,7 @@ tryexec(char *cmd, char **argv, char **envp) if (in != -1) { n = pread(in, buf, sizeof buf, 0); close(in); - if (n > 0 && memchr(buf, '\0', n) != NULL) { + if (n > 0 && isbinary(buf, n)) { errno = ENOEXEC; return; } Modified: head/bin/sh/tests/execution/Makefile == --- head/bin/sh/tests/execution/MakefileSat May 30 13:39:56 2020 (r361646) +++ head/bin/sh/tests/execution/MakefileSat May 30 16:00:49 2020 (r361647) @@ -59,6 +59,7 @@ ${PACKAGE}FILES+= shellproc2.0 ${PACKAGE}FILES+= shellproc3.0 ${PACKAGE}FILES+= shellproc4.0 ${PACKAGE}FILES+= shellproc5.0 +${PACKAGE}FILES+= shellproc6.0 ${PACKAGE}FILES+= subshell1.0 subshell1.0.stdout ${PACKAGE}FILES+= subshell2.0 ${PACKAGE}FILES+= subshell3.0 Added: head/bin/sh/tests/execution/shellproc6.0 == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/bin/sh/tests/execution/shellproc6.0Sat May 30 16:00:49 2020 (r361647) @@ -0,0 +1,8 @@ +# $FreeBSD$ + +T=`mktemp -d "${TMPDIR:-/tmp}/sh-test."` || exit +trap 'rm -rf "${T}"' 0 +printf 'printf "this "\necho is a test\nexit\n\0' >"$T/testshellproc" +chmod 755 "$T/testshellproc" +PATH=$T:$PATH +[ "`testshellproc`" = "this is a test" ] ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"