The main change was v1.57 by djm@:
Randomise the rekey interval a little. Previously, the chacha20
instance would be rekeyed every 1.6MB. This makes it happen at a
random point somewhere in the 1-2MB range.
Reviewed by: csprng (markm, cem)
Differential Revision: https://reviews.freebsd.org/D36088
(cherry picked from commit e9a2e4d1d2)
These all have my copyright so can be removed. Some also have FreeBSD
Foundation copyright so drop from there as has been done for previous
files.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 101480e926)
Recover application ability to supply fabricated PID
embedded into ident that was lost when libc switched
to generation of RFC 5424 log messages, for example:
logger -t "ident[$$]" -p user.notice "test"
It is essential for long running scripts.
Also, this change unbreaks matching resulted entries
by ident in syslog.conf:
!ident
*.* /var/log/ident.log
Without the fix, the log (and matching) was broken:
Aug 1 07:36:58 hostname ident[123][86483]: test
Now it works as expected and worked before breakage:
Aug 1 07:39:40 hostname ident[123]: test
Differential: https://reviews.freebsd.org/D36005
(cherry picked from commit e9ae9fa937)
Enhanced REP MOVSB feature of CPUs starting from Ivy Bridge makes
REP MOVSB the fastest way to copy memory in most of cases. However
Intel Optimization Reference Manual says: "setting the DF to force
REP MOVSB to copy bytes from high towards low addresses will expe-
rience significant performance degradation". Measurements on Intel
Cascade Lake and Alder Lake, same as on AMD Zen3 show that it can
drop throughput to as low as 2.5-3.5GB/s, comparing to ~10-30GB/s
of REP MOVSQ or hand-rolled loop, used for non-ERMS CPUs.
This patch keeps ERMS use for forward ordered memory copies, but
removes it for backward overlapped moves where it does not work.
This is just a cosmetic sync with kernel, since libc does not use
ERMS at this time.
Reviewed by: mjg
MFC after: 2 weeks
(cherry picked from commit f22068d91b)
On success gnu libc sched_getaffinity() should return 0, unlike underlying
Linux syscall which returns the size of CPU mask copied to user.
PR: 263939
MFC after: 2 weeks
(cherry picked from commit 3e11d3f61a)
Summary:
BITSET uses long as its basic underlying type, which is dependent on the
compile type, meaning on 32-bit builds the basic type is 32 bits, but on
64-bit builds it's 64 bits. On little endian architectures this doesn't
matter, because the LSB is always at the low bit, so the words get
effectively concatenated moving between 32-bit and 64-bit, but on
big-endian architectures it throws a wrench in, as setting bit 0 in
32-bit mode is equivalent to setting bit 32 in 64-bit mode. To
demonstrate:
32-bit mode:
BIT_SET(foo, 0): 0x00000001
64-bit sees: 0x0000000100000000
cpuset is the only system interface that uses bitsets, so solve this
by swapping the integer sub-components at the copyin/copyout points.
Reviewed by: kib
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D35225
(cherry picked from commit 47a57144af)
Fix the build after 47a57144
(cherry picked from commit 89737eb829)
cpuset: Fix the KASAN and KMSAN builds
Rename the "copyin" and "copyout" fields of struct cpuset_copy_cb to
something less generic, since sanitizers define interceptors for
copyin() and copyout() using #define.
Reported by: syzbot+2db5d644097fc698fb6f@syzkaller.appspotmail.com
Fixes: 47a57144af ("cpuset: Byte swap cpuset for compat32 on big endian architectures")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 4a3e51335e)
Use Linux semantics for the thread affinity syscalls.
Linux has more tolerant checks of the user supplied cpuset_t's.
Minimum cpuset_t size that the Linux kernel permits in case of
getaffinity() is the maximum CPU id, present in the system / NBBY,
the maximum size is not limited.
For setaffinity(), Linux does not limit the size of the user-provided
cpuset_t, internally using only the meaningful part of the set, where
the upper bound is the maximum CPU id, present in the system, no larger
than the size of the kernel cpuset_t.
Unlike FreeBSD, Linux ignores high bits if set in the setaffinity(),
so clear it in the sched_setaffinity() and Linuxulator itself.
Reviewed by: Pau Amma (man pages)
In collaboration with: jhb
Differential revision: https://reviews.freebsd.org/D34849
MFC after: 2 weeks
(cherry picked from commit f35093f8d6)
To be more compatible to IEEE Std 1003.1-2008 (“POSIX.1”).
Reviewed by: mjg, Pau Amma (doc)
Differential revision: https://reviews.freebsd.org/D34680
MFC after: 2 weeks
(cherry picked from commit c6487446d7)
Teach poll(2) to support Linux-style POLLRDHUP events for sockets, if
requested. Triggered when the remote peer shuts down writing or closes
its end.
Reviewed by: kib
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D29757
(cherry picked from commit 3aaaa2efde)
POSIX deprecated getpagesize(3). The portable way to obtain the page
size is `sysconf(_SC_PAGESIZE)`.
Reviewed by: cperciva (earlier), imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D35352
(cherry picked from commit 49c937e704)
There are some sections which could be improved
and work to do so is on going. The work will be
covered via 'X-MFC-WITH' commits.
Obtained from: OpenBSD
Differential Revision: https://reviews.freebsd.org/D34759
(cherry picked from commit 4b7f35db44)
This adds the PT_GETREGSET and PT_SETREGSET ptrace types. These can be
used to access all the registers from a specified core dump note type.
The NT_PRSTATUS and NT_FPREGSET notes are initially supported. Other
machine-dependant types are expected to be added in the future.
The ptrace addr points to a struct iovec pointing at memory to hold the
registers along with its length. On success the length in the iovec is
updated to tell userspace the actual length the kernel wrote or, if the
base address is NULL, the length the kernel would have written.
Because the data field is an int the arguments are backwards when
compared to the Linux PTRACE_GETREGSET call.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D19831
(cherry picked from commit 548a2ec49b)
Unlike the other syscalls these two symbols were missing from the
version script. I noticed this while looking into the compiler-rt
runtime libraries for CHERI.
Reviewed by: brooks
Obtained from: https://github.com/CTSRD-CHERI/cheribsd/pull/1063
MFC after: 3 days
(cherry picked from commit 395db99f32)
- Include <machine/tls.h> in MD rtld_machdep.h headers.
- Remove local definitions of TLS_* constants from rtld_machdep.h
headers and libc using the values from <machine/tls.h> instead.
- Use _tcb_set() instead of inlined versions in MD
allocate_initial_tls() routines in rtld. The one exception is amd64
whose _tcb_set() invokes the amd64_set_fsbase ifunc. rtld cannot
use ifuncs, so amd64 inlines the logic to optionally write to fsbase
directly.
- Use _tcb_set() instead of _set_tp() in libc.
- Use '&_tcb_get()->tcb_dtv' instead of _get_tp() in both rtld and libc.
This permits removing _get_tp.c from rtld.
- Use TLS_TCB_SIZE and TLS_TCB_ALIGN with allocate_tls() in MD
allocate_initial_tls() routines in rtld.
Reviewed by: kib, jrtc27 (earlier version)
Differential Revision: https://reviews.freebsd.org/D33353
(cherry picked from commit 8bcdb144eb)
- Use 16 byte alignment rather than 8 for aarch64, powerpc64, and RISC-V.
- Use 8 byte alignment rather than 4 for 32-bit arm, mips, and powerpc.
I suspect that mips64 should be using 16 byte alignment, but both libc
and rtld currently use 8 byte alignment.
Reviewed by: kib, jrtc27
Sponsored by: The University of Cambridge, Google Inc.
Differential Revision: https://reviews.freebsd.org/D33350
(cherry picked from commit 4c2f5bfbfa)
Reviewed by: kib, emaste, jrtc27
Sponsored by: The University of Cambridge, Google Inc.
Differential Revision: https://reviews.freebsd.org/D33348
(cherry picked from commit 9952b82b39)
The time() system call first appeared in Version 1 AT&T UNIX. Through
the Version 3 AT&T UNIX, it returned 60 Hz ticks since an epoch that
changed occasionally, because it was a 32-bit value that overflowed in a
little over 2 years.
In Version 4 AT&T UNIX the granularity of the return value was reduced to
whole seconds, delaying the aforementioned overflow until 2038.
Version 7 AT&T UNIX introduced the ftime() system call, which returned
time at a millisecond level, though retained the gtime() system call
(exposed as time() in userland). time() could have been implemented as a
wrapper around ftime(), but that wasn't done.
4.1cBSD implemented a higher-precision time function gettimeofday() to
replace ftime() and reimplemented time() in terms of that.
Since FreeBSD 9 the implementation of time() uses
clock_gettime(CLOCK_SECOND) instead of gettimeofday() for performance
reasons.
With most valuable input from Warner (imp@).
Reviewed by: 0mp, jilles, imp
Differential Revision: https://reviews.freebsd.org/D34751
(cherry picked from commit 3e0f3678ec)
To support cc -pg on arm64 we need to implement .mcount. As clang and
gcc think it is function like it just needs to load the arguments
to _mcount and call it.
On gcc the first argument is passed in x0, however this is missing on
clang so we need to load it from the stack. As it's the caller return
address this will be at a known location.
PR: 262709
Reviewed by: emaste (earlier version)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34634
(cherry picked from commit 16d5f9a164)
Previously, such errors were not distinguished from the end-of-directory
condition.
With improvements from Mahmoud Abumandour <ma.mandourr@gmail.com>.
Reviewed by: markj
PR: 262038
(cherry picked from commit 0cff70ca66)
RFC 2533 refers to 'A Syntax for Describing Media Feature Sets',
which is wrong since the correct reference should be
RFC 2553 'Basic Socket Interface Extensions for IPv6'.
Obtained from: OpenBSD
(cherry picked from commit fa556e83be)
This is akin to commit bafaa70b6f.
Reported by: Guy Yur <guyyur@gmail.com>
Fixes: 86a16ada1e
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 6e13794fbe)
Turns out clang converts "memcmp(foo, bar, len) == 0" and similar to
bcmp calls.
Reviewed by: emaste (previous version), jhb (previous version)
Differential Revision: https://reviews.freebsd.org/D34673
(cherry picked from commit fbc002cb72)
__sfvwrite() advances the pointer before calling fflush. If fflush()
fails, it is not enough to roll back inside it, because we cannot know
how much was advanced by the caller.
Reported by: Peter <pmc@citylink.dinoex.sub.org>
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Fixes: 86a16ada1e
(cherry picked from commit bafaa70b6f)
time() is now implemented using clock_gettime(2) instead of
gettimeofday(2).
Reviewed by: debdrup
Fixes: 358ed16f75 Use clock_gettime(CLOCK_SECOND)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D34438
(cherry picked from commit 413045a52c)
Summary:
Use initial-exec, like other architectures.
While here, switch MACHINE_ARCH in lib/libc/Makefile to LIBC_ARCH and consistently use powerpc.
Subscribers: imp, #contributor_reviews_base
Differential Revision: https://reviews.freebsd.org/D34315
Reviewed by: luporl
MFC after: 2 weeks
(cherry picked from commit 884ba43116)
Testing of a new feature revealed that calling sysctl() to retrieve
the value of the user.localbase variable passing too low a buffer size
could leave the result buffer unchanged.
The behavior in the normal case of a sufficiently large buffer was
correct.
All known callers pass a sufficiently large buffer and have thus not
been affected by this issue. If a non-default value had been assigned
to this variable, the result was as documented, too.
Fix the function to fill the buffer with a partial result, if the
passed in buffer size is too low to hold the full result.
(cherry picked from commit e11ad014d1)
libc: add helper furnction to set sysctl() user.* variables
Testing had revealed that trying to retrieve the user.localbase
variable into to small a buffer would return the correct error code,
but would not fill the available buffer space with a partial result.
A partial result is of no use, but this is still a violation of the
documented behavior, which has been fixed in the previous commit to
this function.
I just checked the code for "user.cs_path" and found that it had the
same issue.
Instead of fixing the logic for each user.* sysctl string variable
individually, this commit adds a helper function set_user_str() that
implements the semantics specified in the sysctl() man page.
It is currently only used for "user.cs_path" and "user.localbase",
but it will offer a significant simplification when further such
variables will be added (as I intend to do).
(cherry picked from commit 9535d9f104)
sysctlbyname(): restore access to user variables
The optimization of sysctlbyname() in commit d05b53e0ba had the
side-effect of not going through the fix-up for the user.* variables
in the previously called sysctl() function.
This lead to 0 or an empty strings being returned by sysctlbyname()
for all user.* variables.
An alternate implementation would store the user variables in the
kernel during system start-up. That would allow to remove the fix-up
code in the C library that is currently required to provide the actual
values.
This update restores the previous code path for the user.* variables
and keeps the performance optimization intact for all other variables.
(cherry picked from commit af7d105379)
A case of undefined behavior in __fread() has been detected by UBSAN
and reported by Mark Millard:
/usr/main-src/lib/libc/stdio/fread.c:133:10: runtime error: applying
zero offset to null pointer
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior in
/usr/main-src/lib/libc/stdio/fread.c:133:10
While being benign (the NULL pointer is later passed to memcpy() with
a length argument of 0), this issue causes in the order of 600 Kyua
test cases to fail on systems running a world built with WITH_UBSAN
and WITH_ASAN.
The undefined behavior can be prevented by skipping operations that
have no effect for r == 0. Mark Millard has suggested to only skip
this code segment if fp->_p == NULL, but I have verified that for the
case of r == 0 no further argument checking is performed on the
addresses passed to memcpy() and thus no bugs are hidden from the
sanitizers due to the simpler condition chosen.
(cherry picked from commit 10af8e45a8)
Mark Milliard has detected a case of undefined behavior with the LLVM
UBSAN. The mandoc program called qsort with a==NULL and n==0, which is
allowed by the POSIX standard. The qsort() in FreeBSD did not attempt
to perform any accesses using the passed pointer for n==0, but it did
add an offset to the pointer value, which is undefined behavior in
case of a NULL pointer. This operation has no adverse effects on any
achitecture supported by FreeBSD, but could be caught in more strict
environments.
After some discussion in the freebsd-current mail list, it was
concluded that the case of a==NULL and n!=0 should still be caught by
UBSAN (or cause a program abort due to an illegal access) in order to
not hide errors in programs incorrectly invoking qsort().
Only the the case of a==NULL and n==0 should be fixed to not perform
the undefined operation on a NULL pointer.
This commit makes qsort() exit before reaching the point of
potentially undefined behvior for the case n==0, but does not test
the value of a, since the result will not depend on whether this
pointer is NULL or an actual pointer to an array if n==0.
The issue found by Mark Milliard in the whatis command has been
reported to the upstream (OpenBSD) and has already been patched
there.
(cherry picked from commit d106f982a5)
Require the newly opened file descriptor to be good, instead of
re-requiring the one that was required three lines earlier.
Thankfully, opening /dev/null is really unlikely to fail.
Reported by: Coverity
MFC after: 1 week
Sponsored by: Dell EMC Isilon
(cherry picked from commit a8fea07c30)
