tr: fix class handling in unicode world
toupper/tolower logic was only handled for CCLASS_TOUPPER and
CCLASS_TOLOWER, add support for CCLASS ([:alpha:])
PR: 219900
MFC After: 1 week
kern: mac: add a prison_cleanup entry point
The MAC framework provides a lot of useful functionality that can be
configured per-jail without requiring the use of labels. Having another
entry point that we invoke just for general prison cleanup rather than
freeing the label is useful to allow a module that can otherwise work
off of a series of MAC entry points + sysctls for configuration to free
its per-jail configuration without having to bring in osd(9).
One such example in the wild is HardenedBSD's secadm, but some of my
own personal use had wanted it as well- it was simply overlooked in the
final version because my first policy made more sense with labels. On
that note, it's expected that prison_cleanup and prison_destroy_label
will effectively be mutually exclusive -- the former only used when
a label isn't needed, the latter when it is.
Note that prison_cleanup isn't perfectly symmetrical w.r.t.
prison_created: the latter takes a label as well, because it's called
later in jail setup and a better point for propagation than when the
[11 lines not shown]
HBSD: Resolve merge conflicts
This also brings us a little closer to upstream's llvm-related
Makefiles. Reintroduce the MK_LLVM_LINK_STATIC_LIBRARIES option,
defaulted to yes.
It is not advised for HardenedBSD users to set
WITHOUT_LLVM_LINK_STATIC_LIBRARIES just yet. Initial testing
demonstrated some issues with linking the right libraries. I do plan to
still move us towards supporting the src compiler toolchain being
compiled as PIEs.
Signed-off-by: Shawn Webb <shawn.webb at hardenedbsd.org>
sys/compat/freebsd32: Fix i386 compilation
The compile assertion now failing is due to the change '__int64_t' =>
'__int32_t' as the type of 'time32_t' on i386, which is the correct
value. The use of 'freebsd32.h' on i386 may seem strange, but it comes
from 'kern_umtx.c' including it unconditionally as it needs 'struct
umutex32'.
Fixes: 87632ddf67b0 ("openzfs sys/types32.h: use abi_compat.h for time32_t")
Sponsored by: The FreeBSD Foundation
sys: ELF: Rename SHN_FBSD_CACHED => SHN_FREEBSD_CACHED
All other FreeBSD-specific constants have FREEBSD fully spelled out in
their names. Be consistent.
No functional change (intended).
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D55224
timeout: Clean up
* Annotate logv() and fix format string bug.
* Don't reinvent str2sig(3).
* Reorganize kill_self() so we unblock signals as late as possible, and
use raise(2) instead of kill(2).
* Explicitly close unused pipe descriptors.
* Use correct type to collect result of read(2) and write(2).
* Compare return values to 0, not -1.
* Sort local variables according to style(9).
* Reduce unnecessary nesting.
[8 lines not shown]
diff: Tweak range of -C and -U arguments
POSIX uses the terms “positive decimal integer” for -C and “non-negative
decimal integer” for -U, which translates into lower bounds of 1 for -C
and 0 for -U.
POSIX does not specify a minimum upper bound for either mode, but as of
5fc739eb5949 both our backends support context sizes up to and including
INT_MAX, so use that.
Having had the opportunity to consult the Unix System Test Suite, the
diff test cases found therein happen to precisely match these bounds.
While here, switch to using strtonum() to parse numerical arguments, and
try to be more consistent in how we report usage errors.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D55261
diff: Tweak recursion tests
The -r flag is not required to compare two directories; it is only
required to compare them recursively, i.e. descend into their common
subdirectories. Adjust tests that use -r needlessly, and adjust the
dirloop test to verify that these two cases remain distinct.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D55262
bpf: don't call bpf_detachd() in bpf_setdlt()
The bpf_attachd() will perform bpf_detachd() itself. Performing it twice
will lead to doing CK_LIST_REMOVE twice.
Reported & tested by: bz
ip_mroute: Make the routing socket private
I have some patches which make ip_mroute and ip6_mroute multi-FIB-aware.
This enables running per-FIB routing daemons, each of which has a
separate routing socket.
Several places in the network stack check whether multicast routing is
configured by checking whether the multicast routing socket is non-NULL.
This doesn't directly translate in my proposed scheme, as each FIB would
have its own socket. I'd like to modify the ip(6)_mroute code to store
all state, including the socket, in a per-FIB structure. So, take a
step towards that and 1) hide the socket, 2) add a boolean flag which
indicates whether a multicast router is registered.
Reviewed by: pouria, zlei, glebius, adrian
MFC after: 2 weeks
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55236
cxgbe(4): Show correct range of tids in sysctl_tids
The highest valid tid has to be adjusted for the hi-pri filter region.
MFC after: 1 week
Sponsored by: Chelsio Communications
nvme: Use size_t for payload size
Using uint32_t here can cause spurious compiler warnings. I assume it
was done to constrain the range; use a KASSERT instead.
Sponsored by: Klara, Inc.
Sponsored by: NetApp, Inc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D55279
libsys/arm: include ARM EABI unwind bits into libsys
libsys required ARM EABI unwind symbols like __aeabi_unwind_cpp_pr0.
These symbols are normally provided by libc, but if a binary does
not link libc, the symbol ends up not being resolved.
Among other problems, this prevented gcc14 and newer from building
on arm.
Add the relevant symbols as hidden symbols into libsys to avoid this
problem.
(this patch was posted by jrtc27 who has asked me to move it along)
PR: 292539
Tested by: fuz, Mark Millard <marklmi26-fbsd at yahoo.com>
Reviewed by: mmel
Approved by: markj (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D55255
libc/arm: use __builtin_trap() instead of abort() in aeabi_unwind stubs
This avoids a dependency on the abort symbol in libsys.
PR: 292539
Reviewed by: mmel
Approved by: markj (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D55255
diff3: fix merge mode
Make the merge mode compatible with GNU diff3
Add tests for all the changes, those tests are extracted from the
etcupdate testsuite.
This version passes the etcupdate testsuite and the diffutils diff3
test suite.
MFC After: 1 week
atf_python/vnet: Make it possible to set the FIB of vnet interfaces
Reviewed by: zlei, ngie
MFC after: 1 week
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D54972
