| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
(cherry picked from commit d8decc9ae31af7ffc77276c89639fb13eb1020cc)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
There is a documented bug in sendfile.2 which notes that sendfile(2)
does not raise an error if it fails to copy out the number of bytes
written. Explicitly ignore the error from copyout() calls in
preparation for annotating copyout() with __result_use_check.
Reviewed by: glebius, kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43129
(cherry picked from commit d0adc2f283ad5db6b568ca533a056c9f635551cd)
|
| |
|
|
|
|
|
|
|
|
| |
This matches the native implementation's behaviour.
Reviewed by: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43101
(cherry picked from commit 81eb7baa69e983fe159d254a4ed47d9c00396801)
|
| |
|
|
|
|
|
|
| |
suword32() returns -1 upon an error, not an errno value.
MFC after: 1 week
(cherry picked from commit bd1654ce92569bbfbe513749db08cdd781b3a036)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The various time fields are time_t's which are only 32-bit on i386.
Fixing the old versions is probably of little use, but it's more correct
and in theory there could be powerpc binaries from 6.x.
PR: 240035
Fixes: fbb273bc05bef Properly support for FreeBSD 4 32bit System V shared memory.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D42870
(cherry picked from commit 957f014dc076a7f74ed0c8c8699e6f39b55785e7)
|
| |
|
|
| |
(cherry picked from commit 9b65fa69407808e710748875b0af98902110f128)
|
| |
|
|
|
|
|
| |
Remove /^\s*\$FreeBSD\$$\n/
Similar commit in current:
(cherry picked from commit 78d146160dc5)
|
| |
|
|
|
|
|
| |
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
Similar commit in current:
(cherry picked from commit 031beb4e239b)
|
| |
|
|
|
|
|
| |
Remove /^[\s*]*__FBSDID\("\$FreeBSD\$"\);?\s*\n/
Similar commit in current:
(cherry picked from commit 685dc743dc3b)
|
| |
|
|
|
|
|
| |
Remove /^\s*\*+\s*\$FreeBSD\$.*$\n/
Similar commit in current:
(cherry picked from commit 2ff63af9b88c)
|
| |
|
|
|
|
|
| |
Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/
Similar commit in current:
(cherry picked from commit 95ee2897e98f)
|
| |
|
|
|
|
|
|
|
|
|
| |
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
(cherry picked from commit 4d846d260e2b9a3d4d0a701462568268cbfe7a5b)
|
| |
|
|
|
|
|
|
|
|
| |
Get rid of calling Linux stat translation hook and specific to Linux
handling of non-vnode dirfd from kern_statat(),
Reviewed by: kib, mjg
Differential revision: https://reviews.freebsd.org/D35474
(cherry picked from commit cb858340dcbf214cc4c4d78dbb741620d7b3a252)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The API says that CMSG_SPACE should be used for msg_controllen, but in
practice the native ABI allows you to only use CMSG_LEN for the final
(typically only) control message, and real-world software does this,
including Wayland. For freebsd32, this is in practice mostly harmless,
since control messages are generally used to carry file descriptors,
which are already 4 bytes in size and thus no padding is needed, but
they can carry other quantities that may not result in an aligned
length. This was discovered after CheriBSD's freebsd64 equivalent was
updated to match the freebsd32 implementation, as that uses 8 byte
alignment which does break the file descriptor use case, and thus
Wayland.
This used to be addressed by aligning buflen before the first iteration,
but that allowed unwanted invalid inputs and was lost in 1b1428dcc82b,
with no safer equivalent put in its place.
Reviewed by: brooks, kib, markj
Obtained from: CheriBSD
Fixes: 1b1428dcc82b ("Fix a TOCTOU vulnerability in freebsd32_copyin_control().")
Differential Revision: https://reviews.freebsd.org/D36554
(cherry picked from commit 7b673a2c73d0577e2c006aeb110295a522b98135)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a freebsd32 caller uses all or most allowed space for control
messages (MCLBYTES == 2K) then the message may no longer fit when
the messages are padded for 64-bit alignment. Historically we've just
shrugged and said there is no ABI guarantee. We ran into this on
CheriBSD where a capsicumized 64-bit nm would fail when called with more
than 64 files.
Fix this by not gratutiously capping size of mbuf data we'll allocate
to MCLBYTES and let m_get2 allocate up to MJUMPAGESIZE (4K or larger).
Instead of hard-coding a length check, let m_get2 do it and check for a
NULL return.
Reviewed by: markj, jhb, emaste
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D36322
(cherry picked from commit c46697b9cb97a14f61ac0a58758aab081b9e48c5)
|
| |
|
|
|
|
| |
Tested by: pho
(cherry picked from commit 140ceb5d956bb8795a77c23d3fd5ef047b0f3c68)
|
| |
|
|
|
|
| |
Tested by: pho
(cherry picked from commit f081a291a17de0e28e5b7f5adba312f0dcb59b0f)
|
| |
|
|
| |
(cherry picked from commit f99cc5a38947e80c41bfa28855291ac5a2e41fea)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Split cpuset_getaffinity() into a two counterparts, where the
user_cpuset_getaffinity() is intended to operate on the cpuset_t from
user va, while kern_cpuset_getaffinity() expects the cpuset from kernel
va.
Accordingly, the code that clears the high bits is moved to the
user_cpuset_getaffinity(). Linux sched_getaffinity() syscall returns
the size of set copied to the user-space and then glibc wrapper clears
the high bits.
MFC after: 2 weeks
(cherry picked from commit d46174cd8838b86b9fe956b80c82bd238c302b2e)
|
| |
|
|
|
|
|
|
| |
Where appropriate hide sysent.h under proper condition.
MFC after: 2 weeks
(cherry picked from commit 31d1b816fe139f46083f8609c34b7d129a6e2ee0)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
BITSET uses long as its basic underlying type, which is dependent on the
compile type, meaning on 32-bit builds the basic type is 32 bits, but on
64-bit builds it's 64 bits. On little endian architectures this doesn't
matter, because the LSB is always at the low bit, so the words get
effectively concatenated moving between 32-bit and 64-bit, but on
big-endian architectures it throws a wrench in, as setting bit 0 in
32-bit mode is equivalent to setting bit 32 in 64-bit mode. To
demonstrate:
32-bit mode:
BIT_SET(foo, 0): 0x00000001
64-bit sees: 0x0000000100000000
cpuset is the only system interface that uses bitsets, so solve this
by swapping the integer sub-components at the copyin/copyout points.
Reviewed by: kib
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D35225
(cherry picked from commit 47a57144af25a7bd768b29272d50a36fdf2874ba)
Fix the build after 47a57144
(cherry picked from commit 89737eb8290a10d96b77afac1b68e4740b43353b)
cpuset: Fix the KASAN and KMSAN builds
Rename the "copyin" and "copyout" fields of struct cpuset_copy_cb to
something less generic, since sanitizers define interceptors for
copyin() and copyout() using #define.
Reported by: syzbot+2db5d644097fc698fb6f@syzkaller.appspotmail.com
Fixes: 47a57144af25 ("cpuset: Byte swap cpuset for compat32 on big endian architectures")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 4a3e51335e86cee02569c04b9f1e95ca9abcb170)
Use Linux semantics for the thread affinity syscalls.
Linux has more tolerant checks of the user supplied cpuset_t's.
Minimum cpuset_t size that the Linux kernel permits in case of
getaffinity() is the maximum CPU id, present in the system / NBBY,
the maximum size is not limited.
For setaffinity(), Linux does not limit the size of the user-provided
cpuset_t, internally using only the meaningful part of the set, where
the upper bound is the maximum CPU id, present in the system, no larger
than the size of the kernel cpuset_t.
Unlike FreeBSD, Linux ignores high bits if set in the setaffinity(),
so clear it in the sched_setaffinity() and Linuxulator itself.
Reviewed by: Pau Amma (man pages)
In collaboration with: jhb
Differential revision: https://reviews.freebsd.org/D34849
MFC after: 2 weeks
(cherry picked from commit f35093f8d6d8155ab2e56c11ee03d474688b16a2)
|
| |
|
|
|
|
|
|
| |
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D31247
MFC after: 2 weeks
(cherry picked from commit 7cf06e075d1c28ad444e6b6beaf783210123c9d7)
|
| |
|
|
|
|
|
| |
Differential Revision: https://reviews.freebsd.org/D31246
MFC after: 2 weeks
(cherry picked from commit 3c886cb6917f1ff89e5756916cc0ff011e22c74d)
|
| |
|
|
|
|
|
|
| |
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D31245
MFC after: 2 weeks
(cherry picked from commit 32a18e9abd3809cf265e0e2969cd942fa84ae32b)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Rename the "copyin" and "copyout" fields of struct cpuset_copy_cb to
something less generic, since sanitizers define interceptors for
copyin() and copyout() using #define.
Reported by: syzbot+2db5d644097fc698fb6f@syzkaller.appspotmail.com
Fixes: 47a57144af25 ("cpuset: Byte swap cpuset for compat32 on big endian architectures")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 4a3e51335e86cee02569c04b9f1e95ca9abcb170)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Summary:
BITSET uses long as its basic underlying type, which is dependent on the
compile type, meaning on 32-bit builds the basic type is 32 bits, but on
64-bit builds it's 64 bits. On little endian architectures this doesn't
matter, because the LSB is always at the low bit, so the words get
effectively concatenated moving between 32-bit and 64-bit, but on
big-endian architectures it throws a wrench in, as setting bit 0 in
32-bit mode is equivalent to setting bit 32 in 64-bit mode. To
demonstrate:
32-bit mode:
BIT_SET(foo, 0): 0x00000001
64-bit sees: 0x0000000100000000
cpuset is the only system interface that uses bitsets, so solve this
by swapping the integer sub-components at the copyin/copyout points.
Reviewed by: kib
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D35225
(cherry picked from commit 47a57144af25a7bd768b29272d50a36fdf2874ba)
|
| |
|
|
|
|
|
| |
Reviewed by: andrew, emaste
Differential Revision: https://reviews.freebsd.org/D34177
(cherry picked from commit 949e3959669f0ca6697ab0d5e8e0b8194de23f81)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds the PT_GETREGSET and PT_SETREGSET ptrace types. These can be
used to access all the registers from a specified core dump note type.
The NT_PRSTATUS and NT_FPREGSET notes are initially supported. Other
machine-dependant types are expected to be added in the future.
The ptrace addr points to a struct iovec pointing at memory to hold the
registers along with its length. On success the length in the iovec is
updated to tell userspace the actual length the kernel wrote or, if the
base address is NULL, the length the kernel would have written.
Because the data field is an int the arguments are backwards when
compared to the Linux PTRACE_GETREGSET call.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D19831
(cherry picked from commit 548a2ec49bd4ebf9ab00d362257c6bb4d2d7edbc)
|
| |
|
|
|
|
|
|
|
|
|
| |
The kernel pointers in this structure need to be 32-bit pointers,
not native pointers to 32-bit integers.
Reviewed by: kib
Sponsored by: The University of Cambridge, Google Inc.
Differential Revision: https://reviews.freebsd.org/D33905
(cherry picked from commit da7fc5c33f9a4c906068a9a43f43f8d295100418)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
32-bit architectures other than i386 have 64-bit time_t which results
in a struct timespec with 12 bytes for tv_sec and tv_nsec, and 4 bytes
of padding. Zero the padding holes in struct stat32 and struct
freebsd11_stat32.
i386 has 32-bit time_t; struct timespec is 8 bytes and has no padding.
Found by inspection, prompted by a report by Reno Robert of Trend Micro
Zero Day Initiative. The originally reported issue (ZDI-CAN-14538) is
already fixed in all supported FreeBSD versions (it was addressed
incidentally as part of the 64-bit inode project).
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D34709
(cherry picked from commit f90cd1ae30b5f49e9f6ea58a0628ce1c8d8822bc)
Approved by: re (gjb, early MFC)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reimplement bdf0f24bb16d556a5b by checking for the caller' ABI in
the implementation of PT_GET_SC_ARGS, and copying out everything if
it is Linuxolator.
Also fix a minor information leak: if PT_GET_SC_ARGS_ALL is done on the
thread reused after other process, it allows to read some number of that
thread last syscall arguments. Clear td_sa.args in thread_alloc().
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential revision: https://reviews.freebsd.org/D31968
(cherry picked from commit f575573ca57716395ad88b962388a55d755cf6a7)
|
| |
|
|
|
|
|
|
|
|
|
| |
This is one of the pieces required to make modern (ie Focal)
strace(1) work.
Reviewed By: jhb (earlier version)
Sponsored by: EPSRC
Differential Revision: https://reviews.freebsd.org/D28212
(cherry picked from commit bdf0f24bb16d556a5b1e01cdfc087d08e91ac572)
|
| |
|
|
|
|
|
|
|
| |
These ones were unambiguous cases where the Foundation was the only
listed copyright holder (in the associated license block).
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 9feff969a01044c3083b552f06f7eb6416bc0524)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ASLR stack randomization will reappear in a forthcoming commit. Rather
than inserting a random gap into the stack mapping, the entire stack
mapping itself will be randomized in the same way that other mappings
are when ASLR is enabled.
No functional change intended, as the stack gap implementation is
currently disabled by default.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 758d98debec43ff83b8a1ed9a3d3a8441b83b3cc)
|
| |
|
|
|
|
|
|
|
|
|
| |
Rather than fetching the ps_strings address directly from a process'
sysentvec, use this macro. With stack address randomization the
ps_strings address is no longer fixed.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 706f4a81a81250a326ea25914e7effe1768f1a37)
|
| |
|
|
| |
(cherry picked from commit fe6db727081936c43250f97a4ff4b9de20eb0091)
|
| | |
|
| |
|
|
| |
(cherry picked from commit 77b2c2f81451db8119e4ea6398fe76813db790de)
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Simplify control flow around handling of the execpath length and signal
trampoline. Cache the sysentvec pointer in a local variable.
No functional change intended.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
(cherry picked from commit f04a096049382637178b54ffb45089f5f9fb3db9)
|
| | |
|
| |
|
|
|
|
| |
For MFC, COMPAT_FREEBSD13 braces were removed.
(cherry picked from commit 5346570276a5ddfd5f530201fcbf24ddcc53033d)
|
| |
|
|
| |
(cherry picked from commit 794d3e8e63f4a6ebc8926030b6c937109ddc5485)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
freebsd32_sendmsg() and freebsd32_recvmsg() both copyin the message
header twice, once directly and once in freebsd32_copyinmsghdr(). The
iovec length from the former is used when copying in msg_iov, but the
rest of the kernel uses the iovec length from the latter. When
kern_sendit() and kern_recvit() iterate over the iovec to compute the
residual for I/O, they can therefore end up walking past the end of the
copied in iovec, either resulting in a system call error, userspace
memory corruption from uiomove() with invalid iovecs, or a kernel page
fault if the copied-in iovec is followed by an unmapped KVA region.
Reported by: syzbot+7cc64cd0c49605acd421@syzkaller.appspotmail.com
Reviewed by: kib, emaste
Sponsored by: The FreeBSD Foundation
(cherry picked from commit fea1a98ead918b39280b586773a923e76194400b)
|
| |
|
|
|
|
|
|
| |
Fix style in the freebsd32_sendmsg() definition.
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 4bda16ff184bfca5ee4bf9709a06323d9cf5945b)
|
| |
|
|
| |
(cherry picked from commit 796a8e1ad1ae3f7b8e4c9f97bebbef5d7d5a2c16)
|
| |
|
|
| |
(cherry picked from commit db8d680ebe9b12c7d9e0eb8bf9940fcef709f5ec)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to restore ABI compatibility for pre-10.x binaries.
It restores _umtx_lock() and _umtx_unlock() syscalls, and UMTX_OP_LOCK/
UMTX_OP_UNLOCK umtx_op(2) operations. UMUTEX_ERROR_CHECK flag is left
out for now, I do not think it makes a difference.
PR: 218571
Reviewed by: brooks (previous version)
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D31220
(cherry picked from commit 9b6b793bd79521edc082a89b264a30881cb65e22)
|
