svn commit: r361660 - head/sys/modules/hyperv/hvsock
Author: lwhsu
Date: Sun May 31 05:02:15 2020
New Revision: 361660
URL: https://svnweb.freebsd.org/changeset/base/361660
Log:
Fix directly building in sys/modules
Sponsored by: The FreeBSD Foundation
Modified:
head/sys/modules/hyperv/hvsock/Makefile
Modified: head/sys/modules/hyperv/hvsock/Makefile
==
--- head/sys/modules/hyperv/hvsock/Makefile Sun May 31 03:44:13 2020
(r361659)
+++ head/sys/modules/hyperv/hvsock/Makefile Sun May 31 05:02:15 2020
(r361660)
@@ -5,6 +5,7 @@
KMOD= hv_sock
SRCS= hv_sock.c
SRCS+= hv_sock.h
+SRCS+= device_if.h bus_if.h
CFLAGS+= -I${SRCTOP}/sys/dev/hyperv/include\
-I${SRCTOP}/sys/dev/hyperv/vmbus \
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361658 - head/sys/rpc
Author: rmacklem Date: Sun May 31 01:12:52 2020 New Revision: 361658 URL: https://svnweb.freebsd.org/changeset/base/361658 Log: Add the .h file that describes the operations for the rpctls_syscall. This .h file will be used by the nfs-over-tls daemons to do the system call that was added by r361599. Added: head/sys/rpc/rpcsec_tls.h (contents, props changed) Added: head/sys/rpc/rpcsec_tls.h == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/rpc/rpcsec_tls.h Sun May 31 01:12:52 2020(r361658) @@ -0,0 +1,82 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2020 Rick Macklem + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef_RPC_RPCSEC_TLS_H_ +#define_RPC_RPCSEC_TLS_H_ + +/* Operation values for rpctls syscall. */ +#defineRPCTLS_SYSC_CLSETPATH 1 +#defineRPCTLS_SYSC_CLSOCKET2 +#defineRPCTLS_SYSC_CLSHUTDOWN 3 +#defineRPCTLS_SYSC_SRVSETPATH 4 +#defineRPCTLS_SYSC_SRVSOCKET 5 +#defineRPCTLS_SYSC_SRVSHUTDOWN 6 + +/* System call used by the rpctlscd, rpctlssd daemons. */ +intrpctls_syscall(int, const char *); + +/* Flag bits to indicate certificate results. */ +#defineRPCTLS_FLAGS_HANDSHAKE 0x01 +#defineRPCTLS_FLAGS_GOTCERT0x02 +#defineRPCTLS_FLAGS_SELFSIGNED 0x04 +#defineRPCTLS_FLAGS_VERIFIED 0x08 +#defineRPCTLS_FLAGS_DISABLED 0x10 +#defineRPCTLS_FLAGS_CERTUSER 0x20 + +/* Error return values for upcall rpcs. */ +#defineRPCTLSERR_OK0 +#defineRPCTLSERR_NOCLOSE 1 +#defineRPCTLSERR_NOSSL 2 +#defineRPCTLSERR_NOSOCKET 3 + +#ifdef _KERNEL +/* Functions that perform upcalls to the rpctlsd daemon. */ +enum clnt_stat rpctls_connect(CLIENT *newclient, struct socket *so, + uint64_t *sslp, uint32_t *reterr); +enum clnt_stat rpctls_cl_handlerecord(uint64_t sec, uint64_t usec, + uint64_t ssl, uint32_t *reterr); +enum clnt_stat rpctls_srv_handlerecord(uint64_t sec, uint64_t usec, + uint64_t ssl, uint32_t *reterr); +enum clnt_stat rpctls_cl_disconnect(uint64_t sec, uint64_t usec, + uint64_t ssl, uint32_t *reterr); +enum clnt_stat rpctls_srv_disconnect(uint64_t sec, uint64_t usec, + uint64_t ssl, uint32_t *reterr); + +/* Initialization function for rpcsec_tls. */ +intrpctls_init(void); + +/* Get TLS information function. */ +bool rpctls_getinfo(u_int *maxlen); + +/* String for AUTH_TLS reply verifier. */ +#defineRPCTLS_START_STRING "STARTTLS" + +#endif /* _KERNEL */ + +#endif /* _RPC_RPCSEC_TLS_H_ */ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, 30 May 2020 at 19:39, Konstantin Belousov wrote: > > > It looks like GNU ld has done it since 2015 in fact. Further, glibc > > will refuse to dlopen() an object with DF_1_PIE set, as of last June; > > this seems like it would be a reasonable thing for us to do too. > > > > glibc bug for this: https://sourceware.org/bugzilla/show_bug.cgi?id=24323 > > I can do it. What if such object is referenced by DT_NEEDED ? Hmm, good question. glibc has the following comment where they disallow it: > +/* dlopen of an executable is not valid because it is not possible > + to perform proper relocations, handle static TLS, or run the > + ELF constructors. For PIE, the check needs the dynamic > + section, so there is another check below. */ I would suggest that if it's the case we cannot correctly dlopen or handle a DT_NEEDED executable then we ought to fail. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, May 30, 2020 at 07:28:55PM -0400, Ed Maste wrote: > On Sat, 30 May 2020 at 16:17, Ed Maste wrote: > > > > On Sat, 30 May 2020 at 16:14, Konstantin Belousov > > wrote: > > > > > > On Sat, May 30, 2020 at 07:57:27PM +, Ed Maste wrote: > > > > Author: emaste > > > > Date: Sat May 30 19:57:26 2020 > > > > New Revision: 361657 > > > > URL: https://svnweb.freebsd.org/changeset/base/361657 > > > > > > > > Log: > > > > elf_common.h: define DF_1_PIE > > > > > > > > DF_1_PIE indicates that the object is a position-independent > > > > executable. > > > Only on Solaris. > > > > Apparently GNU ld sets it broadly now, and there's a patch to have lld > > start doing it: https://reviews.llvm.org/D80872 > > It looks like GNU ld has done it since 2015 in fact. Further, glibc > will refuse to dlopen() an object with DF_1_PIE set, as of last June; > this seems like it would be a reasonable thing for us to do too. > > glibc bug for this: https://sourceware.org/bugzilla/show_bug.cgi?id=24323 I can do it. What if such object is referenced by DT_NEEDED ? ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, 30 May 2020 at 16:17, Ed Maste wrote: > > On Sat, 30 May 2020 at 16:14, Konstantin Belousov wrote: > > > > On Sat, May 30, 2020 at 07:57:27PM +, Ed Maste wrote: > > > Author: emaste > > > Date: Sat May 30 19:57:26 2020 > > > New Revision: 361657 > > > URL: https://svnweb.freebsd.org/changeset/base/361657 > > > > > > Log: > > > elf_common.h: define DF_1_PIE > > > > > > DF_1_PIE indicates that the object is a position-independent executable. > > Only on Solaris. > > Apparently GNU ld sets it broadly now, and there's a patch to have lld > start doing it: https://reviews.llvm.org/D80872 It looks like GNU ld has done it since 2015 in fact. Further, glibc will refuse to dlopen() an object with DF_1_PIE set, as of last June; this seems like it would be a reasonable thing for us to do too. glibc bug for this: https://sourceware.org/bugzilla/show_bug.cgi?id=24323 ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, 30 May 2020 at 16:14, Konstantin Belousov wrote: > > On Sat, May 30, 2020 at 07:57:27PM +, Ed Maste wrote: > > Author: emaste > > Date: Sat May 30 19:57:26 2020 > > New Revision: 361657 > > URL: https://svnweb.freebsd.org/changeset/base/361657 > > > > Log: > > elf_common.h: define DF_1_PIE > > > > DF_1_PIE indicates that the object is a position-independent executable. > Only on Solaris. Apparently GNU ld sets it broadly now, and there's a patch to have lld start doing it: https://reviews.llvm.org/D80872 ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r361657 - head/sys/sys
On Sat, May 30, 2020 at 07:57:27PM +, Ed Maste wrote: > Author: emaste > Date: Sat May 30 19:57:26 2020 > New Revision: 361657 > URL: https://svnweb.freebsd.org/changeset/base/361657 > > Log: > elf_common.h: define DF_1_PIE > > DF_1_PIE indicates that the object is a position-independent executable. Only on Solaris. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361657 - head/sys/sys
Author: emaste
Date: Sat May 30 19:57:26 2020
New Revision: 361657
URL: https://svnweb.freebsd.org/changeset/base/361657
Log:
elf_common.h: define DF_1_PIE
DF_1_PIE indicates that the object is a position-independent executable.
Reference:
https://docs.oracle.com/cd/E36784_01/html/E36857/chapter6-42444.html
MFC after:3 days
Sponsored by: The FreeBSD Foundation
Modified:
head/sys/sys/elf_common.h
Modified: head/sys/sys/elf_common.h
==
--- head/sys/sys/elf_common.h Sat May 30 19:16:33 2020(r361656)
+++ head/sys/sys/elf_common.h Sat May 30 19:57:26 2020(r361657)
@@ -764,6 +764,7 @@ typedef struct {
#defineDF_1_ORIGIN 0x0080 /* Process $ORIGIN */
#defineDF_1_INTERPOSE 0x0400 /* Interpose all objects but
main */
#defineDF_1_NODEFLIB 0x0800 /* Do not search default paths
*/
+#defineDF_1_PIE0x0800 /* Is position-independent
executable */
/* Values for l_flags. */
#defineLL_NONE 0x0 /* no flags */
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361656 - head/gnu/usr.bin/binutils
Author: emaste
Date: Sat May 30 19:16:33 2020
New Revision: 361656
URL: https://svnweb.freebsd.org/changeset/base/361656
Log:
binutils: build as with BINUTILS || BINUTILS_BOOTSTRAP
Previously we descended into as only if MK_BINUTILS was true, including
during the bootstrap tool phase. BINUTILS is now disabled by default on
all archs, and we failed to build it during amd64 bootstrap.
Descend into as if either BINUTILS or BINUTILS_BOOTSTRAP is enabled.
This is not quite correct: we should either have the test also depend on
BOOTSTRAPPING, or set BINUTILS to the value of BINUTILS_BOOTSTRAP during
the bootstrap phase. However, this simple change fixes the build and
has been tested, and binutils will be removed completely in the near
future.
Modified:
head/gnu/usr.bin/binutils/Makefile
Modified: head/gnu/usr.bin/binutils/Makefile
==
--- head/gnu/usr.bin/binutils/Makefile Sat May 30 19:15:29 2020
(r361655)
+++ head/gnu/usr.bin/binutils/Makefile Sat May 30 19:16:33 2020
(r361656)
@@ -11,8 +11,9 @@ SUBDIR.${MK_BINUTILS}+= doc
# GNU as is used on x86 only, for a few files that cannot be assembled by
# Clang IAS. Other archs either use Clang IAS for every assembly file, or
# use external toolchain.
-.if ${TARGET} == "amd64" || ${TARGET} == "i386"
-SUBDIR.${MK_BINUTILS}+=as
+.if (${TARGET} == "amd64" || ${TARGET} == "i386") && \
+(${MK_BINUTILS} != "no" || ${MK_BINUTILS_BOOTSTRAP} != "no")
+SUBDIR+= as
.endif
SUBDIR_DEPEND_as=libbfd libiberty libopcodes
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361655 - head/usr.sbin/certctl
Author: markj Date: Sat May 30 19:15:29 2020 New Revision: 361655 URL: https://svnweb.freebsd.org/changeset/base/361655 Log: certctl.8: Correct the HISTORY section. certctl was merged to stable/12 after 12.1 was branched. PR: 246190 Reported by: Michael Osipov MFC after:3 days Modified: head/usr.sbin/certctl/certctl.8 Modified: head/usr.sbin/certctl/certctl.8 == --- head/usr.sbin/certctl/certctl.8 Sat May 30 19:11:41 2020 (r361654) +++ head/usr.sbin/certctl/certctl.8 Sat May 30 19:15:29 2020 (r361655) @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 22, 2020 +.Dd May 30, 2020 .Dt CERTCTL 8 .Os .Sh NAME @@ -123,6 +123,6 @@ Default: *.pem *.crt *.cer *.crl *.0 .Sh HISTORY .Nm first appeared in -.Fx 12.0 +.Fx 12.2 .Sh AUTHORS .An Allan Jude Aq Mt allanj...@freebsd.org ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361654 - head/usr.sbin/ctld
Author: markj
Date: Sat May 30 19:11:41 2020
New Revision: 361654
URL: https://svnweb.freebsd.org/changeset/base/361654
Log:
ctld: Fix a memory leak in uclparse_conf().
PR: 246596
Submitted by: Patryk
MFC after:1 week
Modified:
head/usr.sbin/ctld/uclparse.c
Modified: head/usr.sbin/ctld/uclparse.c
==
--- head/usr.sbin/ctld/uclparse.c Sat May 30 18:01:53 2020
(r361653)
+++ head/usr.sbin/ctld/uclparse.c Sat May 30 19:11:41 2020
(r361654)
@@ -914,6 +914,7 @@ int
uclparse_conf(struct conf *newconf, const char *path)
{
struct ucl_parser *parser;
+ ucl_object_t *top;
int error;
conf = newconf;
@@ -922,10 +923,14 @@ uclparse_conf(struct conf *newconf, const char *path)
if (!ucl_parser_add_file(parser, path)) {
log_warn("unable to parse configuration file %s: %s", path,
ucl_parser_get_error(parser));
+ ucl_parser_free(parser);
return (1);
}
- error = uclparse_toplevel(ucl_parser_get_object(parser));
+ top = ucl_parser_get_object(parser);
+ error = uclparse_toplevel(top);
+ ucl_object_unref(top);
+ ucl_parser_free(parser);
return (error);
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
RE: svn commit: r361275 - in head/sys: conf dev/hyperv/hvsock dev/hyperv/include dev/hyperv/vmbus modules/hyperv modules/hyperv/hvsock sys
> -Original Message-
> From: Kyle Evans
> Sent: Saturday, May 30, 2020 2:33 AM
> To: Wei Hu
> Cc: src-committers ; svn-src-all a...@freebsd.org>; svn-src-head
> Subject: Re: svn commit: r361275 - in head/sys: conf dev/hyperv/hvsock
> dev/hyperv/include dev/hyperv/vmbus modules/hyperv
> modules/hyperv/hvsock sys
>
> On Fri, May 29, 2020 at 12:08 PM Wei Hu wrote:
> > > -Original Message-
> > > > > [... snip ...]
> > > > > +void
> > > > > +hvs_trans_init(void)
> > > > > +{
> > > > > + /* Skip initialization of globals for non-default instances.
> > > > > */
> > > > > + if (!IS_DEFAULT_VNET(curvnet))
> > > > > + return;
> > > > > +
> > > > > + if (vm_guest != VM_GUEST_HV)
> > > > > + return;
> > > > > +
> > > > > + HVSOCK_DBG(HVSOCK_DBG_VERBOSE,
> > > > > + "%s: HyperV Socket hvs_trans_init called\n",
> > > > > + __func__);
> > > > > +
> > > > > + /* Initialize Globals */
> > > > > + previous_auto_bound_port = MAX_PORT;
> > > > > + sx_init(_trans_socks_sx, "hvs_trans_sock_sx");
> > > > > + mtx_init(_trans_socks_mtx,
> > > > > + "hvs_trans_socks_mtx", NULL, MTX_DEF);
> > > > > + LIST_INIT(_trans_bound_socks);
> > > > > + LIST_INIT(_trans_connected_socks);
> > > > > +}
> > > > > +
> > > >
> > > > I have a suspicion that all of these should really be per-vnet for
> > > > correct semantics with VIMAGE, with the IS_DEFAULT_VNET check
> > > > earlier dropped completely. I haven't read around the rest all
> > > > that much, but this would at least seem to prevent port re-use by
> > > > a different vnet, which is perhaps "good enough" but I think this
> > > > is something that should be fixed in the mid-term.
> > > >
> > >
> > > I have a follow-up concern about whether this is actually going to
> > > be maintained... it's been a full week with not even an
> > > acknowledgement or rebuttal of any of the concerns I've raised, with
> > > some of them being completely trivial to address in the short-term.
> > > I don't think that we really want this in the tree in its current state
> > > given
> this level of engagement.
> > >
> > Sorry for my late response, Kyle. I read your comments last week. To
> > be honest I am not familiar to VNET and VIMAGE, so I don't quite
> > understand. I got distracted into other work so my response to this was
> delayed.
> >
> > Do you mean to drop these two lines?
> >if (!IS_DEFAULT_VNET(curvnet))
> >return
> > I copied these from other socket init code. If they are not necessary I can
> remove them.
> >
>
> Alright, let's rewind a little bit here. =-) Consider while reading the below
> that I
> have no idea what the host-side of these sockets look like beyond what I just
> very quickly skimmed from [0].
>
> It's a little more involved than that; consider each vnet as its own
> independent
> network stack that's largely isolated from other vnets.
> The host starts out with a vnet, vnet0 (the default vnet), and root may spawn
> additional vnets attached to jails to allow the jail to operate its own
> network
> stack as well. Your pr_init will get called once per vnet spawned, including
> the
> obvious default vnet, which is why the check is there in the first place --
> you
> may have some global state that only needs to be initialized once, at which
> point you would exclude non-default vnets from executing those bits.
>
> The more I think about it, though, the more I wonder if hvsock makes sense at
> all in non-default vnet contexts and whether hvs_trans_attach should really be
> attaching to sockets outside of the default vnet. You can bind in your FreeBSD
> HyperV guest to a port, and a host service's option for connecting is
> specifying
> guest GUID + port; there's not really any wiggle room for multiple entities
> within a guest to be binding to a given port anyways. It may very well be the
> case that the status quo is the optimal outcome.
>
> Given that, does it make sense that the host connects via the guest GUID and
> can potentially end up connected to some jail of unknown trust operating its
> own network stack?
>
> As a final scattered thought for the hour, does the Linux implementation of
> this
> stuff do anything to give a guest admin visibility into existing HyperV
> sockets on
> the system? AFAICT here, there's no sockstat integration or anything else that
> might export hvsock information to userland, so one's only option to tracking
> down whether a HyperV socket even exists and to which process it belongs
> would appear to be probing around in the kernel.
>
The HyperV host only connects to guest using the guest unique GUID and a port
number. Once connection is requested, host sends a virtualized vmbus device
offer
to guest using different mechanism. On the guest side when the device office is
in,
it checks if the port is bound, then a communication channel on vmbus is
established
and a new
svn commit: r361651 - head
Author: emaste
Date: Sat May 30 16:20:18 2020
New Revision: 361651
URL: https://svnweb.freebsd.org/changeset/base/361651
Log:
Makefile.inc1: remove BINUTILS_BOOTSTRAP linker support
As of r359347 BINUTILS_BOOTSTRAP does not include the bfd linker.
Modified:
head/Makefile.inc1
Modified: head/Makefile.inc1
==
--- head/Makefile.inc1 Sat May 30 16:13:21 2020(r361650)
+++ head/Makefile.inc1 Sat May 30 16:20:18 2020(r361651)
@@ -250,9 +250,6 @@ USING_SYSTEM_COMPILER= yes
# Which linker is expected to be used?
.if ${MK_LLD_BOOTSTRAP} == "yes"
WANT_LINKER_TYPE= lld
-.elif ${MK_BINUTILS_BOOTSTRAP} == "yes"
-# Note that there's no support for bfd in WITH_SYSTEM_LINKER.
-WANT_LINKER_TYPE= bfd
.else
WANT_LINKER_TYPE=
.endif
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361650 - head/tools/build/options
Author: emaste Date: Sat May 30 16:13:21 2020 New Revision: 361650 URL: https://svnweb.freebsd.org/changeset/base/361650 Log: Add deprecation notice to WITH_BINUTILS option description Modified: head/tools/build/options/WITH_BINUTILS Modified: head/tools/build/options/WITH_BINUTILS == --- head/tools/build/options/WITH_BINUTILS Sat May 30 16:12:50 2020 (r361649) +++ head/tools/build/options/WITH_BINUTILS Sat May 30 16:13:21 2020 (r361650) @@ -2,3 +2,5 @@ Build and install GNU .Xr as 1 as part of the normal system build. +This option is not available as of +.Fx 13.0 . ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361648 - head/share/mk
Author: emaste
Date: Sat May 30 16:12:00 2020
New Revision: 361648
URL: https://svnweb.freebsd.org/changeset/base/361648
Log:
Disable BINUTILS by default on amd64
The retirement of obsolete binutils 2.17.50 has been in progress for
quite some time. All tools other than GNU as were removed prior to this
commit, and it was built only on amd64 - installed as /usr/bin/as, and
used as a bootstrap tool.
The amd64 exp-run has completed and failures have now been addressed in
the individual ports, so disable it by default.
PR: 233611, 205250 [exp-run]
Sponsored by: The FreeBSD Foundation
Modified:
head/share/mk/src.opts.mk
Modified: head/share/mk/src.opts.mk
==
--- head/share/mk/src.opts.mk Sat May 30 16:00:49 2020(r361647)
+++ head/share/mk/src.opts.mk Sat May 30 16:12:00 2020(r361648)
@@ -200,6 +200,7 @@ __DEFAULT_YES_OPTIONS = \
__DEFAULT_NO_OPTIONS = \
BEARSSL \
BHYVE_SNAPSHOT \
+BINUTILS \
BSD_GREP \
CLANG_EXTRAS \
DTRACE_TESTS \
@@ -290,12 +291,11 @@ __DEFAULT_NO_OPTIONS+=LLVM_TARGET_BPF
.if ${__T} == "aarch64" || ${__T:Mriscv*} != ""
BROKEN_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP GDB
.endif
-# BINUTILS is enabled on amd64 to provide as for ports - PR 205250
# BINUTILS_BOOTSTRAP is needed on amd64 only, for skein_block_asm.s
.if ${__T} == "amd64"
-__DEFAULT_YES_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP
+__DEFAULT_YES_OPTIONS+=BINUTILS_BOOTSTRAP
.else
-__DEFAULT_NO_OPTIONS+=BINUTILS BINUTILS_BOOTSTRAP
+__DEFAULT_NO_OPTIONS+=BINUTILS_BOOTSTRAP
.endif
.if ${__T:Mriscv*} != ""
BROKEN_OPTIONS+=OFED
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361649 - head/share/man/man5
Author: emaste Date: Sat May 30 16:12:50 2020 New Revision: 361649 URL: https://svnweb.freebsd.org/changeset/base/361649 Log: Add deprecation notice to WITH_BINUTILS option description Modified: head/share/man/man5/src.conf.5 Modified: head/share/man/man5/src.conf.5 == --- head/share/man/man5/src.conf.5 Sat May 30 16:12:00 2020 (r361648) +++ head/share/man/man5/src.conf.5 Sat May 30 16:12:50 2020 (r361649) @@ -1,6 +1,6 @@ .\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. .\" $FreeBSD$ -.Dd May 29, 2020 +.Dd May 30, 2020 .Dt SRC.CONF 5 .Os .Sh NAME @@ -182,21 +182,12 @@ Build all binaries with the .Dv DF_BIND_NOW flag set to indicate that the run-time loader should perform all relocation processing at process startup rather than on demand. -.It Va WITHOUT_BINUTILS -Do not build or install GNU -.Xr as 1 -as part -of the normal system build. -.Pp -This is a default setting on -arm/armv6, arm/armv7, arm64/aarch64, i386/i386, mips/mips, mips/mips64, powerpc/powerpc, powerpc/powerpc64, riscv/riscv64 and riscv/riscv64sf. .It Va WITH_BINUTILS Build and install GNU .Xr as 1 as part of the normal system build. -.Pp -This is a default setting on -amd64/amd64. +This option is not available as of +.Fx 13.0 . .It Va WITHOUT_BINUTILS_BOOTSTRAP Do not build GNU binutils as part of the bootstrap process. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r361647 - in head/bin/sh: . tests/execution
Author: jilles
Date: Sat May 30 16:00:49 2020
New Revision: 361647
URL: https://svnweb.freebsd.org/changeset/base/361647
Log:
sh: Allow more scripts without #!
Austin Group bugs #1226 and #1250 changed the requirements for shell scripts
without #! (POSIX does not specify #!; this is about the shell execution
when execve(2) returns an [ENOEXEC] error).
POSIX says we shall allow execution if the initial part intended to be
parsed by the shell consists of characters and does not contain the NUL
character. This allows concatenating a shell script (ending with exec or
exit) and a binary payload.
In order to reject common binary files such as PNG images, check that there
is a lowercase letter or expansion before the last newline before the NUL
character, in addition to the check for the newline character suggested by
POSIX.
Added:
head/bin/sh/tests/execution/shellproc6.0 (contents, props changed)
Modified:
head/bin/sh/exec.c
head/bin/sh/tests/execution/Makefile
Modified: head/bin/sh/exec.c
==
--- head/bin/sh/exec.c Sat May 30 13:39:56 2020(r361646)
+++ head/bin/sh/exec.c Sat May 30 16:00:49 2020(r361647)
@@ -44,6 +44,7 @@ __FBSDID("$FreeBSD$");
#include
#include
#include
+#include
#include
/*
@@ -140,6 +141,37 @@ shellexec(char **argv, char **envp, const char *path,
}
+static bool
+isbinary(const char *data, size_t len)
+{
+ const char *nul, *p;
+ bool hasletter;
+
+ nul = memchr(data, '\0', len);
+ if (nul == NULL)
+ return false;
+ /*
+* POSIX says we shall allow execution if the initial part intended
+* to be parsed by the shell consists of characters and does not
+* contain the NUL character. This allows concatenating a shell
+* script (ending with exec or exit) and a binary payload.
+*
+* In order to reject common binary files such as PNG images, check
+* that there is a lowercase letter or expansion before the last
+* newline before the NUL character, in addition to the check for
+* the newline character suggested by POSIX.
+*/
+ hasletter = false;
+ for (p = data; *p != '\0'; p++) {
+ if ((*p >= 'a' && *p <= 'z') || *p == '$' || *p == '`')
+ hasletter = true;
+ if (hasletter && *p == '\n')
+ return false;
+ }
+ return true;
+}
+
+
static void
tryexec(char *cmd, char **argv, char **envp)
{
@@ -155,7 +187,7 @@ tryexec(char *cmd, char **argv, char **envp)
if (in != -1) {
n = pread(in, buf, sizeof buf, 0);
close(in);
- if (n > 0 && memchr(buf, '\0', n) != NULL) {
+ if (n > 0 && isbinary(buf, n)) {
errno = ENOEXEC;
return;
}
Modified: head/bin/sh/tests/execution/Makefile
==
--- head/bin/sh/tests/execution/MakefileSat May 30 13:39:56 2020
(r361646)
+++ head/bin/sh/tests/execution/MakefileSat May 30 16:00:49 2020
(r361647)
@@ -59,6 +59,7 @@ ${PACKAGE}FILES+= shellproc2.0
${PACKAGE}FILES+= shellproc3.0
${PACKAGE}FILES+= shellproc4.0
${PACKAGE}FILES+= shellproc5.0
+${PACKAGE}FILES+= shellproc6.0
${PACKAGE}FILES+= subshell1.0 subshell1.0.stdout
${PACKAGE}FILES+= subshell2.0
${PACKAGE}FILES+= subshell3.0
Added: head/bin/sh/tests/execution/shellproc6.0
==
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/bin/sh/tests/execution/shellproc6.0Sat May 30 16:00:49 2020
(r361647)
@@ -0,0 +1,8 @@
+# $FreeBSD$
+
+T=`mktemp -d "${TMPDIR:-/tmp}/sh-test."` || exit
+trap 'rm -rf "${T}"' 0
+printf 'printf "this "\necho is a test\nexit\n\0' >"$T/testshellproc"
+chmod 755 "$T/testshellproc"
+PATH=$T:$PATH
+[ "`testshellproc`" = "this is a test" ]
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
