Commit Graph

3951 Commits

Author SHA1 Message Date
John Baldwin 5e6befdaca atf: Switch from std::auto_ptr<> to std::unique_ptr<>
This mirrors upstream commit f053ab687f6e27aa264f599ecbfc5ef27ad4e2d3.

Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D49789
2025-04-16 10:10:35 -04:00
John Baldwin f1a94c5552 bsd.sys.mk: Re-enable warnings for C++11 extensions
This should no longer be relevant since the default C++ standard is
C++17.

Reviewed by:	imp, asomers, emaste
Differential Revision:	https://reviews.freebsd.org/D49787
2025-04-16 09:41:42 -04:00
John Baldwin 6527682ab7 src: Use gnu++17 as the default C++ standard
Previously the compiler's default C++ standard was used unlike C where
bsd.sys.mk explicitly sets a default language version.  Setting an
explicit default version will give a more uniform experience across
different compilers and compiler versions.

gnu++17 was chosen to match the default C standard.  It is well
supported by a wide range of clang (5+) and GCC (9+) versions.

gnu++17 is also the default C++ standard in recent versions of clang
(16+) and GCC (11+).  As a result, many of the explicit CXXSTD
settings in Makefiles had the effect of lowering the C++ standard
instead of raising it as was originally intended and are removed.

Note that the remaining explicit CXXSTD settings for atf and liblutok
explicitly lower the standard to C++11 due to use of the deprecated
auto_ptr<> template which is removed in later versions.

Reviewed by:	imp, asomers, dim, emaste
Differential Revision:	https://reviews.freebsd.org/D49223
2025-04-11 09:53:50 -04:00
Ed Maste 1cae7121c6 Enable LLVM_BINUTILS by default
Starting in 2014 FreeBSD migrated from GNU binutils to ELF Tool Chain
tools.  At that time there were no usable LLVM versions of those tools,
but they have been developing rapidly since then.  Migrate to LLVML's
tools for both functionality and maintainability reasons.

This will eventually support the use of link-time optimization (LTO) in
the FreeBSD base system.  LTO runs optimization passes over the entire
executable (or library) at link time and thus allows for more effective
optimization than when performed on individual compilation units.

When using LTO object files (.o) including those contained in static
library archives (.a) contain LLVM IR bitcode rather than target
object code.  This means that utilities that operate on object files
need to support LLVM IR.

As with ELF Tool Chain the LLVM tools aim for command line and output
format compatibility with GNU binutils, although there are a few minor
differences.  Where these cause a material issue (breaking a port or
eliminating required functionality) we can submit LLVM bugs and work
on patches.

PR:		258872 (exp-run)
Reviewed by:	bapt
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49361
2025-03-14 13:29:06 -04:00
Brooks Davis e62ff34a67 sys.mk: Improve ports compatibility hack guard
Back in 9ca5434380 and include of bsd.cpu.mk in sys.mk was added as a
hack for ports Makefiles.  This works fine in general (for values of
fine that include not being able to use MK_ variables in bsd.cpu.mk),
but has surprising effects on MacOS with a case insensitive filesystems.
There we build things in paths like share/docs/IPv6 where
../../Mk/bsd.port.mk matches share/mk/bsd.port.mk.

Fix this issue by checking for ../../Mk/Uses which seems highly unlikely
to match something in share/mk.

Reviewed by:	imp, emaste
Differential Revision:	https://reviews.freebsd.org/D49232
2025-03-04 20:51:10 +00:00
Ed Maste 085c0641a2 bsd.mkopt.mk: Avoid warning from makeman
Setting WITHOUT_X where X is a __REQUIRED_OPTION produces a warning.

This occurred during makeman's `make showconfig` invocatation, but the
warning serves no purpose there, and clutters makeman's output.  Skip
the warning for the showconfig target used by makeman.

Reviewed by:	brooks
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49123
2025-02-25 08:10:07 -05:00
Simon J. Gerraty e9c2838d93 Add newlog.sh and setops.sh to share/mk
jobs.mk makes use of newlog.sh if found.

Set NEWLOG_SH in local.sys.env.mk to save jobs.mk searching for it.

PR:	284390
Reviewed by:	stevek
Differential Revision:	https://reviews.freebsd.org/D48737
2025-02-11 09:42:17 -08:00
Minsoo Choo ca4eddea97 src: Use gnu17 as the default C standard for userland instead of gnu99
Tracking newer versions of C (and C++) permits assuming newer language
features in the base system.  Some C11 extensions are already used in
the base system but implemented on top of GNU C extensions such as
_Alignas and _Static_assert.  In some cases the fallback versions in
cdefs.h are more limited than the native C11 extensions.

Even though C11 is the next major version of C, C17 is chosen instead
since C17 does not add new features to C but merely fixes defects in
C11.  It is also well supported by a wide range of clang (7.0.0+) and
GCC (8.1+) versions.

Along with changing the default, this change also removes explicit
requests for c11 via the CSTD variable in various Makefiles.

Libraries and binaries for ZFS continue to use c99.

PR:		284039 (exp-run)
Reviewed by:	imp, arichardson, emaste
Differential Revision:	https://reviews.freebsd.org/D43237
2025-02-11 09:16:25 -05:00
Simon J. Gerraty c8245ceb47 Update dirdeps.mk et al
Update dirdeps.mk and friends to match latest contrib/bmake/mk

Reviewed by:	stevek
Differential Revision:	https://reviews.freebsd.org/D48855
2025-02-10 14:20:06 -08:00
Ed Maste 5bb9236d27 src.libnames.mk: Apply -L also for privatelibs
For INTERNALLIBS and regular libs we add -L to specify the library path,
which may be needed if a library is in a non-default path but also means
we can link against those libraries when built independently.  Do the
same for privatelibs as well.

Reviewed by:	bapt
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48891
2025-02-09 14:00:29 -05:00
John Baldwin 0e4c4cc491 share/mk: Remove more support for building profiled libraries
- Remove documentation of profiled library support from bsd.README

- Remove rules to create individual .po files.  The rules to generate
  an archive from these files was already removed, so these .po rules
  aren't used.

Reviewed by:	emaste
Fixes:		3750ccefb8 ("Retire MK_PROFILE infrastructure")
Differential Revision:	https://reviews.freebsd.org/D48819
2025-02-05 09:49:11 -05:00
Jose Luis Duran 955f974a1a mk: Add missing escape character
Add a missing escape character that splits a long line to avoid breaking
the builds.

Reported by:	cy
Approved by:	emaste (mentor)
Fixes:	88d448ec81 ("mk: Move vm stack test debug symbols")
MFC after:	1 week
2025-02-04 15:23:25 +00:00
Jose Luis Duran 88d448ec81 mk: Move vm stack test debug symbols
Avoid the creation of a /usr/tests/sys/vm/stack/.debug directory by
placing sys/vm/stack test debug symbols under /usr/lib/debug.

Reviewed by:	emaste
Approved by:	emaste (mentor)
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D48796
2025-02-04 14:47:24 +00:00
Alexander Leidinger 1c2ae9233b Limit some cc options based upon features
Limit the use of stack clash protection and zeroregs based upon
compiler features:
 - switch unconditional use of stack clash protection into a compiler
   feature
 - limit the use of stack clash protection on unsupported architectures
   (I did not wade into the source of each compiler to determine when
   support arrived for each architecture, I used the compiler version
   when it was introduced with what is supported currently)
 - add a safeguard for stack clash protection in places where we have no
   SSP provisions (we may not need it, but better safe than sorry when
   something changes or is overridden by the user)
 - limit the use of zeroregs the same way, so that even specifying it
   will not lead to build failures (useful for universe builds when
   WITH_ZEROREGS is specified in src.conf)

Differential Revision:	https://reviews.freebsd.org/D48724
2025-01-31 13:15:29 +01:00
Alexander Leidinger f934e629dc Add stack clash protection to the WITH_SSP flag
Some background info availabe in:
https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
https://developers.redhat.com/blog/2020/05/22/stack-clash-mitigation-in-gcc-part-3
https://blog.llvm.org/posts/2021-01-05-stack-clash-protection/

Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D48651
2025-01-25 13:45:53 +01:00
Alexander Leidinger 2a44cccd40 Add option to clear caller-used registers on function return.
The WITH_ZEROREGS option for src.conf will zero caller-used register
contents just before returning from a function, ensuring that
temporary values are not leaked beyond the function boundary. This
means that register contents are less likely to be available for side
channel attacks and information exposures.

It reduces all except 1 of the simple "write-what-where" ROP gadgets in
/lib:
    grep "Gadget found" /tmp/before_lib* | wc -l
     197
    grep "Gadget found" /tmp/after_lib* | wc -l
       1
    grep "Gadget found" /tmp/after_lib*
    /tmp/after_libbsdxml.so.4.txt:  [+] Gadget found: 0x1b3f1 mov qword ptr [rdi], rcx ; pop rbp ; ret

To reproduce:
    for lib in *.so.*; do
        echo $lib:
        ROPgadget --ropchain --binary /tmp/be_mount.Sx87/lib/$lib | sed -n '/Step 1/,/Step 2/p' >! /tmp/before_$lib.txt
        ROPgadget --ropchain --binary $lib | sed -n '/Step 1/,/Step 2/p' >!  /tmp/after_$lib.txt
    done

Additionally, in some cases this reduces the number of all ROP gadgets
(quick check with /libs only):
libalias.so.7: reduction 10.000%
libavl.so.2: reduction 13.900%
libbsdxml.so.4: reduction 37.500%
libc.so.7: reduction 10.000%
libc++.so.1: reduction 14.800%
libcam.so.7: reduction 50.700%
libcap_netdb.so.1: reduction 5.800%
libcasper.so.1: reduction 14.600%
libcrypto.so.30: reduction 7.500%
libdtrace.so.2: reduction 3.900%
libelf.so.2: reduction 15.800%
libgcc_s.so.1: reduction 32.700%
libibverbs.so.1: reduction 5.300%
libicp.so.3: reduction 2.100%
libipt.so.0: reduction 28.200%
libirdma.so.1: reduction 1.600%
libkiconv.so.4: reduction 0%
libm.so.5: reduction 21.900%
libmd.so.6: reduction 0%
libmd.so.7: reduction 3.100%
libncursesw.so.9: reduction 11.200%
libnvpair.so.2: reduction 40.200%
libpcap.so.8: reduction 11.400%
libpjdlog.so.0: reduction 27.400%
libsbuf.so.6: reduction 2.900%
libspl.so.2: reduction 42.300%
libsys.so.7: reduction 2.700%
libthr.so.3: reduction 21.000%
libuutil.so.2: reduction 13.100%
libz.so.6: reduction 5.600%
libzpool.so.2: reduction 15.100%

In some cases it adds some ROP gadgets despite removing the simple ROP
gadgets:
lib80211.so.1: reduction -32.700%
libbe.so.1: reduction -22.300%
libbegemot.so.4: reduction -20.500%
libcap_dns.so.2: reduction -58.000%
libcap_fileargs.so.1: reduction -28.200%
libcap_grp.so.1: reduction -54.000%
libcap_net.so.1: reduction -28.800%
libcap_pwd.so.1: reduction -38.800%
libcap_sysctl.so.2: reduction -71.100%
libcap_syslog.so.1: reduction -15.000%
libcrypt.so.5: reduction -14.600%
libctf.so.2: reduction -.300%
libcxxrt.so.1: reduction -14.000%
libdevstat.so.7: reduction -1.600%
libedit.so.8: reduction -4.200%
libgeom.so.5: reduction -16.500%
libicp_rescue.so.3: reduction -2.300%
libipsec.so.4: reduction -31.800%
libjail.so.1: reduction -21.700%
libkvm.so.7: reduction -5.300%
libmlx5.so.1: reduction -6.300%
libmt.so.5: reduction -23.000%
libnv.so.1: reduction -.400%
librss.so.1: reduction -3.800%
librt.so.1: reduction -24.000%
libssp.so.0: reduction -21.100%
libstats.so.0: reduction -9.000%
libtinfow.so.9: reduction -3.500%
libtpool.so.2: reduction -36.500%
libufs.so.8: reduction -11.900%
libulog.so.0: reduction -67.400%
libumem.so.2: reduction -2.000%
libutil.so.9: reduction -7.200%
libxo.so.0: reduction -9.000%
libzdb.so.2: reduction -11.700%
libzfs_core.so.2: reduction -17.700%
libzfs.so.4: reduction -.300%
libzfsbootenv.so.1: reduction -26.900%
libzutil.so.2: reduction -5.600%

To reproduce:
    for lib in *.so.*; do
        echo -n $lib:
        before="$(ROPgadget --nosys --nojop --binary /tmp/be_mount.Sx87/lib/$lib | tail -n1 | cut -d : -f 2)"
        after="$(ROPgadget --nosys --nojop --binary $lib | tail -n1 | cut -d : -f 2)"
        echo " reduction" $(bc -S 3 -e "(1-${after}/${before})*100")%
    done >/tmp/reduction.txt

Most of the time the size difference is very small (<1% for >50% of the
files and >10% for only 2 files):
lib80211.so.1: size change .100%
libalias.so.7: size change 0%
libavl.so.2: size change 0%
libbe.so.1: size change .100%
libbegemot.so.4: size change .100%
libbsdxml.so.4: size change 0%
libc.so.7: size change 1.200%
libc++.so.1: size change 1.600%
libcam.so.7: size change 1.900%
libcap_dns.so.2: size change .100%
libcap_fileargs.so.1: size change .100%
libcap_grp.so.1: size change .100%
libcap_net.so.1: size change .100%
libcap_netdb.so.1: size change .100%
libcap_pwd.so.1: size change .100%
libcap_sysctl.so.2: size change .100%
libcap_syslog.so.1: size change .100%
libcasper.so.1: size change 0%
libcrypt.so.5: size change 3.900%
libcrypto.so.30: size change 1.400%
libctf.so.2: size change .100%
libcxxrt.so.1: size change .100%
libdevstat.so.7: size change 15.400%		exceptional
libdtrace.so.2: size change .600%
libedit.so.8: size change 1.800%
libelf.so.2: size change .100%
libgcc_s.so.1: size change 3.000%
libgeom.so.5: size change 0%
libibverbs.so.1: size change .100%
libicp_rescue.so.3: size change .100%
libicp.so.3: size change 1.500%
libipsec.so.4: size change .100%
libipt.so.0: size change 3.100%
libirdma.so.1: size change .100%
libjail.so.1: size change .100%
libkiconv.so.4: size change .100%
libkvm.so.7: size change .100%
libm.so.5: size change 1.700%
libmd.so.6: size change 0%
libmd.so.7: size change .100%
libmlx5.so.1: size change 0%
libmt.so.5: size change .100%
libncursesw.so.9: size change 1.900%
libnv.so.1: size change 4.300%
libnvpair.so.2: size change 4.300%
libpcap.so.8: size change 1.200%
libpjdlog.so.0: size change .100%
librss.so.1: size change .200%
librt.so.1: size change .100%
libsbuf.so.6: size change .100%
libspl.so.2: size change 0%
libssp.so.0: size change .100%
libstats.so.0: size change .100%
libsys.so.7: size change .100%
libthr.so.3: size change 2.400%
libtinfow.so.9: size change 1.600%
libtpool.so.2: size change .100%
libufs.so.8: size change .100%
libulog.so.0: size change .100%
libumem.so.2: size change 54.300%		exceptional
libutil.so.9: size change .100%
libuutil.so.2: size change .100%
libxo.so.0: size change .100%
libz.so.6: size change .100%
libzdb.so.2: size change .300%
libzfs_core.so.2: size change .100%
libzfs.so.4: size change 2.000%
libzfsbootenv.so.1: size change .100%
libzpool.so.2: size change 1.200%
libzutil.so.2: size change 0%
2025-01-22 19:33:23 +01:00
Warner Losh cc6d72cfcc bsd.cpu.mk: Remove xscale reference
We've retired all the armv5te support, so we don't need this here anymore.

Sponsored by:		Netflix
2025-01-21 14:24:10 -07:00
Norikatsu Shigemura 0fb33e049a bsd.cpu.mk: Add _CPUFLAGS to CXXFLAGS as well
PR: 180365
Reviewed by: imp
Sponsored by: Netflix
2025-01-21 14:24:10 -07:00
Kyle Evans 05427f4639 secure: hook up libecc as libpkgecc
libecc is not intended to be general use, other applications should
really be using openssl.  pkg(7) uses libecc to align with the pkg(8)
project and its goals.  This will be used in the upcoming support for
ECC in pkg(7).

Reviewed by:	emaste
Differential Revision:	https://reviews.freebsd.org/D48117
2025-01-01 15:11:22 -06:00
Kyle Evans f59bb61e1e lib: hook libder up to the build
libder will be used in upcoming ECC support in the pkg(7) bootstrap to
read DER-encoded keys and signatures.

Differential Revision:	https://reviews.freebsd.org/D48116
2025-01-01 15:11:06 -06:00
John Baldwin 365b89e8ea nvmf: Switch several ioctls to using nvlists
For requests that handoff queues from userspace to the kernel as well
as the request to fetch reconnect parameters from the kernel, switch
from using flat structures to nvlists.  In particular, this will
permit adding support for additional transports in the future without
breaking the ABI of the structures.

Note that this is an ABI break for the ioctls used by nvmf(4) and
nvmft(4).  Since this is only present in main I did not bother
implementing compatability shims.

Inspired by:	imp (suggestion on a different review)
Reviewed by:	imp
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D48230
2024-12-30 13:52:21 -05:00
Minsoo Choo c6e56e6500 bsd.lib.mk: Capitalize "Building" for libraries
This is consistent with the case we use when building object files.

Reviewed by:	emaste
Pull request:	https://github.com/freebsd/freebsd-src/pull/1542
2024-12-08 11:17:01 -05:00
Stefan Eßer 8ea6c11540 usr.bin/bc: remove OpenBSD derived bc and dc commands
In 2020, an improved implementation of the bc and dc commands
developed by Gavin D. Howard has been imported into FreeBSD.
It has replaced the OpenBSD-derived versions of these commands
in all currently supported FreeBSD releases.

The OpenBSD versions could still be built using the WITHOUT_GH_BC
option. There have been no reports of problems or unexpected
deviations from the OpenBSD version for some time, therefore
keeping the OpenBSD version is no longer required in FreeBSD.

This commit removes the option to build the OpenBSD version and
corresponding source files from -CURRENT. No MFC is planned, all
currently released FreeBSD versions should retain the build option.

The WITHOUT_GH_BC option is no longer accepted and will cause
make buildworld to fail.

Reviewed by:	des, emaste
Approved by:	des
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D46876
2024-11-24 22:38:23 +01:00
Ed Maste 3750ccefb8 Retire MK_PROFILE infrastructure
It was disabled by default in fe52b7f60e.  We planned to (but did not)
remove the option before FreeBSD 14.  Remove it now, for FreeBSD 15.

Relnotes:	Yes
Reviewed by:	imp
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31558
2024-11-12 12:11:51 -05:00
Robert Clausecker cb5e41b160 lib/libcrypt: unbundle hash functions
libcrypt bundles the various hash functions it needs,
duplicating code that is also found in libmd.
Unbundle the hash functions and apply the same hack used
for libncursesw so static consumers link -lmd in addition
to -lcrypt.

Reviewed by:	kevans
Differential Revision:	https://reviews.freebsd.org/D47062
2024-10-25 16:02:38 +02:00
Warner Losh 23dee252da loader: Change this BIOS tradeoff: Add back zip and use text only
After talking with a number of people about the removal of some things
to make the loader fit, readjust things a little.

Add back GZIP and BZIP2 compression support. Many of the downstream MFC
packaging systems depend on this. This adds back 20k to the size of the
loader.

Make the boot loader text-only by default. This saves 40k in size. Net,
we're 20k smaller. The graphics loader for BIOS is less useful than the
zip functionality: You can still boot w/a text only one it and you can
build a custom one if you really want it. It's also the default we use
for dual console.

This should be merged back into stable/14 and stable/13 so it's in the
next release for each of these. That way we have only one release (13.4)
with the other defaults.

MFC After:		3 days
Sponsored by:		Netflix
Reviewed by:		olce, rgrimes, emaste
Differential Revision:	https://reviews.freebsd.org/D47203
2024-10-24 20:26:25 -06:00
Dimitry Andric a3a88aa132 Fix buildworld with gcc 13 after llvm-19 import
It turns out the new libc++ 19 headers result in a -Werror warning from
gcc 13:

  In file included from /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/__memory/shared_ptr.h:31:
  /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/__memory/uninitialized_algorithms.h: In instantiation of 'constexpr void std::__1::__uninitialized_allocator_relocate(_Alloc&, _Tp*, _Tp*, _Tp*) [with _Alloc = allocator<basic_string<char> >; _Tp = basic_string<char>]':
  /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/vector:1052:42:   required from 'void std::__1::vector<_Tp, _Alloc>::__swap_out_circular_buffer(std::__1::__split_buffer<_Tp, _Allocator&>&) [with _Tp = std::__1::basic_string<char>; _Allocator = std::__1::allocator<std::__1::basic_string<char> >]'
  /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/vector:1469:31:   required from 'void std::__1::vector<_Tp, _Alloc>::reserve(size_type) [with _Tp = std::__1::basic_string<char>; _Allocator = std::__1::allocator<std::__1::basic_string<char> >; size_type = long unsigned int]'
  /usr/src/freebsd/src/contrib/googletest/googletest/src/gtest.cc:795:27:   required from here
  /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/__memory/uninitialized_algorithms.h:645:21: error: 'void* __builtin_memcpy(void*, const void*, long unsigned int)' writing to an object of type 'std::__1::__remove_const_t<std::__1::basic_string<char> >' {aka 'class std::__1::basic_string<char>'} with no trivial copy-assignment; use copy-assignment or copy-initialization instead o[-Werror=class-memaccess]
    645 |     __builtin_memcpy(const_cast<__remove_const_t<_Tp>*>(__result), __first, sizeof(_Tp) * (__last - __first));
        |     ~~~~~~~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  In file included from /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/__system_error/error_category.h:15,
                   from /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/__system_error/error_code.h:18,
                   from /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/__ostream/basic_ostream.h:16:
  /usr/obj/usr/src/freebsd/src/amd64.amd64/tmp/usr/include/c++/v1/string:752:7: note: 'std::__1::__remove_const_t<std::__1::basic_string<char> >' {aka 'class std::__1::basic_string<char>'} declared here
    752 | class basic_string {
        |       ^~~~~~~~~~~~

Since this is all benign, turn off errors for -Wclass-memaccess.

PR:		280562
MFC after:	3 days
2024-10-25 00:09:33 +02:00
Dimitry Andric d575077527 bsd.sys.mk: for clang >= 19, similar to gcc >= 8.1, turn off -Werror for
-Wcast-function-type-mismatch.

PR:		280562
MFC after:	1 month
2024-10-23 20:26:34 +02:00
Kyle Evans 44f736c385 mk: add PLAIN_TESTS_PORCH support
porch(1), available via sysutils/porch, is an expect(1)-like program
that uses lua instead of tcl for scripting.  Imminent use will be to
execute tests of tty canonicalization to ensure we don't regress some of
the corner cases we've fixed, but tests for other interactive programs
are being considered as well.

PLAIN_TESTS_PORCH is being introduced primarily to get the metadata
right without writing it out for every single test; required_programs
ensures that we skip the tests if the port is not installed.

Reviewed by:	0mp (previous version), ngie
Differential Revision:	https://reviews.freebsd.org/D46805
2024-10-20 20:32:31 -05:00
Ka Ho Ng 968bcca262 libkldelf: add a private library for kernel/kld-related ELF parsing
The libkldelf library was originally a part of kldxref(8). It exposed
ELF parsing helpers specialized in parsing KLDs and the kernel
executable. The library can be used to read metadata such as linker_set,
mod_depend, mod_version and PNP match info, and raw data from the ELF.

To promote the reuse of the facilities the ELF parsing code is separated
from kldxref(8) into a new private library.

For now, libkldelf's source files will be compiled into kldxref(8)
directly if kldxref is built during bootstrapping phase. The reason is
linking kldxref(8) against the libkldelf static library has an unwanted
side effect which renders the linker sets inside the libkldelf
implementation empty if the static library is not build by ld -r all the
.o files into a single .o before producing the static library.

Sponsored by:	Juniper Networks, Inc.
Reviewed by:	markj
Suggested by:	jrtc27, markj
Differential Revision:	https://reviews.freebsd.org/D46719
2024-10-18 20:20:13 +00:00
Simon J. Gerraty c5c0e79bb0 Add local.meta.stage.mk
We need to undo NO_OBJ if we are staging
as it causes us to drop the stage* target cookies in src tree
which is bad, and may break doing the same targets for multiple
architectures.

Reviewed by:	stevek
2024-10-16 09:26:29 -07:00
Simon J. Gerraty ec7e7ee868 local.dirdeps-targets.mk include src.opts.mk
Include src.opts.mk to ensure we have options defined for when
assessing dirdeps-options.

Reviewed by:	stevek
2024-10-14 11:34:55 -07:00
Simon J. Gerraty 6b135dd607 local.gendirdeps.mk skip awk and xinstall for host
Do not record DIRDEPS for awk.host or xinstall.host
if we ever need them they can be dealt with specially.

Reviewed by: stevek
2024-10-14 11:34:55 -07:00
Simon J. Gerraty 498dac0ace Update dirdeps.mk for better debug output
Latest dirdeps.mk provides better clue as to which makefile
is being read for a given DIRDEP.

Reviewed by: stevek
2024-10-14 10:30:39 -07:00
Isaac Freund d5e9faf1f3 mk: honor TAGS for FILES in default group
Currently the lib32 crt files (/usr/lib32/Scrt1.o etc.) are placed in
the clibs-dev package rather than the clibs-dev-lib32 package.

The /usr/lib32/dtrace/drti.o file is similarly placed in the dtrace
package rather than the dtrace-lib32 package.

Splitting shared libraries in /usr/lib32 into a -lib32 package is
handled in bsd.lib.mk by adding "lib32" to TAGS. However bsd.files.mk
ignores TAGS and only honors ${group}TAGS since 144c442.

This patch changes the behavior of bsd.files.mk to honor TAGS if the
default FILES group is used. This matches the handling of PACKAGE, which
is also ignored unless the default FILES group is used.

With this patch, both the clibs and dtrace package are split correctly.

PR:		249145
Reviewed by:	bapt
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46991
2024-10-09 12:03:26 -04:00
Ka Ho Ng 50c64df2a1 Revert "libkldelf: add a private library for kernel/kld-related ELF parsing"
This reverts commit 0a2cfd653e.
2024-10-08 19:40:20 +00:00
Ka Ho Ng 0a2cfd653e libkldelf: add a private library for kernel/kld-related ELF parsing
The libkldelf library was originally a part of kldxref(8). It exposed
ELF parsing helpers specialized in parsing KLDs and the kernel
executable. The library can be used to read metadata such as linker_set,
mod_depend, mod_version and PNP match info, and raw data from the ELF.

To promote the reuse of the facilities the ELF parsing code is separated
from kldxref(8) into a new private library.

kldxref(8) is modified to link against the libkldelf library.

Sponsored by:	Juniper Networks, Inc.
Reviewed by:	markj
Differential Revision:	https://reviews.freebsd.org/D46719
2024-10-08 04:24:07 +00:00
Konstantin Belousov eade2001aa jemalloc: set LG_VADDR to 64 on amd64
and allow to revert it back to 48 with WITHOUT_JEMALLOC_LG_VADDR_WIDE build
option.

Reviewed by:	andrew, emaste
Sponsored by:	Advanced Micro Devices (AMD)
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D46686
2024-09-27 01:54:25 +03:00
Ahmad Khalifa fe3f792f9a Add build option for the ia32 loader
In preparation for supporting 64-bit machines with 32-bit UEFI firmware,
add a build option for compiling the ia32 loader. Currently unused.

Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1098
2024-09-20 08:45:05 -06:00
Mark Johnston 24affded3d src.conf: Add a MK_ZFS_TESTS knob
The in-tree ZFS test suite is somewhat outdated and I see a number of
failures there.  I tend to think that we want to integrate the OpenZFS
test suite somehow, replacing the legacy one, though it's also possible
to run that as a separate test suite.

In any case, if one wants to run the OpenZFS test suite separately, it's
useful to be able to disable installation of the legacy ZFS test suite,
so let's provide a src.conf option to do that.

Reviewed by:	asomers
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D46476
2024-09-07 14:36:28 +00:00
Jose Luis Duran 973bbdab47 mk: Add a BTI-report linker feature
Add support for specifying how to report the missing Branch Target
Identification (BTI) linker feature on AArch64.

For:

Kernel:    bti-report on when the linker supports it
Userspace: bti-report on when the linker supports it and
           BTI_REPORT_ERROR is defined

Fixes:	43e8849bc2 ("conf: Enable BTI checking in the arm64 kernel")
Pull Request:	https://github.com/freebsd/freebsd-src/pull/1393
2024-08-30 16:03:17 +00:00
Ed Maste aa0bc761d2 bsd.symver.mk: pass $CFLAGS to $CPP invocation
This allows us to support symbols optionally available based on
configuration, not just on compiler built-in #defines.

Reviewed by:	brooks, jrtc27
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45346
2024-08-20 21:17:52 -04:00
Warner Losh 20d35d5817 loader: Add WITH/WITHOUT_LOADER_PXEBOOT build option
Make it possible to disable pxeboot. This loader will fail to build when
it's too large. When /boot/loader needs to be larger like that, this
options will disable a component whose build will fail. It is an explicit
option rather than implicit when things are too large to force the user to
make the explicit tradeoffs rather than wonder why they have a stale pxeboot
or other odd failure mode.

MFC After:		3 days
Sponsored by:		Netflix
Differential Revision:	https://reviews.freebsd.org/D46212
2024-08-06 17:22:36 -06:00
Simon J. Gerraty a2b67d4a6e Update dirdeps.mk to latest
Also add meta2deps.{py,sh} to FILES so they get installed/staged

Reviewed by: stevek
2024-07-29 12:48:56 -07:00
Ed Maste ba373fca78 Do not clean (in buildworld/buildkernel) by default
As discussed on the freebsd-arch mailing list[1].  For historical
reasons FreeBSD's buildworld and buildkernel targets started by cleaning
the object tree, for traditional (non-metamode) builds.

Cleaning is not necessary when dependencies are properly tracked, and we
have a somewhat kludgey script[2] to handle some known cases where deps
were mishandled by traditional builds.  Be consistent with the vast
majority of open source build systems by default, and do not clean at
the beginning of buildworld or buildkernel.

Users may set WITH_CLEAN in src.conf(5) to restore the previous
behaviour, or run `make cleanworld` and/or `make cleankernel` before
starting a build.

[1] https://lists.freebsd.org/archives/freebsd-arch/2024-July/000727.html
[2] tools/build/depend-cleanup.sh

Reviewed by:	jhb, imp
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46172
2024-07-29 13:16:52 -04:00
Cy Schubert a90b9d0159 wpa: Import 2.11
Following is a changelog of new features and fixes to wpa:

hostapd:
* Wi-Fi Easy Connect
  - add support for DPP release 3
  - allow Configurator parameters to be provided during config exchange
* HE/IEEE 802.11ax/Wi-Fi 6
  - various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
  - add preliminary support
* SAE: add support for fetching the password from a RADIUS server
* support OpenSSL 3.0 API changes
* support background radar detection and CAC with some additional
  drivers
* support RADIUS ACL/PSK check during 4-way handshake (wpa_psk_radius=3)
* EAP-SIM/AKA: support IMSI privacy
* improve 4-way handshake operations
  - use Secure=1 in message 3 during PTK rekeying
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
  to avoid interoperability issues
* support new SAE AKM suites with variable length keys
* support new AKM for 802.1X/EAP with SHA384
* extend PASN support for secure ranging
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
  - this is based on additional details being added in the IEEE 802.11
    standard
  - the new implementation is not backwards compatible
* improved ACS to cover additional channel types/bandwidths
* extended Multiple BSSID support
* fix beacon protection with FT protocol (incorrect BIGTK was provided)
* support unsynchronized service discovery (USD)
* add preliminary support for RADIUS/TLS
* add support for explicit SSID protection in 4-way handshake
  (a mitigation for CVE-2023-52424; disabled by default for now, can be
  enabled with ssid_protection=1)
* fix SAE H2E rejected groups validation to avoid downgrade attacks
* use stricter validation for some RADIUS messages
* a large number of other fixes, cleanup, and extensions

wpa_supplicant:
* Wi-Fi Easy Connect
  - add support for DPP release 3
  - allow Configurator parameters to be provided during config exchange
* MACsec
  - add support for GCM-AES-256 cipher suite
  - remove incorrect EAP Session-Id length constraint
  - add hardware offload support for additional drivers
* HE/IEEE 802.11ax/Wi-Fi 6
  - support BSS color updates
  - various fixes
* EHT/IEEE 802.11be/Wi-Fi 7
  - add preliminary support
* support OpenSSL 3.0 API changes
* improve EAP-TLS support for TLSv1.3
* EAP-SIM/AKA: support IMSI privacy
* improve mitigation against DoS attacks when PMF is used
* improve 4-way handshake operations
  - discard unencrypted EAPOL frames in additional cases
  - use Secure=1 in message 2 during PTK rekeying
* OCV: do not check Frequency Segment 1 Channel Number for 160 MHz cases
  to avoid interoperability issues
* support new SAE AKM suites with variable length keys
* support new AKM for 802.1X/EAP with SHA384
* improve cross-AKM roaming with driver-based SME/BSS selection
* PASN
  - extend support for secure ranging
  - allow PASN implementation to be used with external programs for
    Wi-Fi Aware
* FT: Use SHA256 to derive PMKID for AKM 00-0F-AC:3 (FT-EAP)
  - this is based on additional details being added in the IEEE 802.11
    standard
  - the new implementation is not backwards compatible, but PMKSA
    caching with FT-EAP was, and still is, disabled by default
* support a pregenerated MAC (mac_addr=3) as an alternative mechanism
  for using per-network random MAC addresses
* EAP-PEAP: require Phase 2 authentication by default (phase2_auth=1)
  to improve security for still unfortunately common invalid
  configurations that do not set ca_cert
* extend SCS support for QoS Characteristics
* extend MSCS support
* support unsynchronized service discovery (USD)
* add support for explicit SSID protection in 4-way handshake
  (a mitigation for CVE-2023-52424; disabled by default for now, can be
  enabled with ssid_protection=1)
  - in addition, verify SSID after key setup when beacon protection is
    used
* fix SAE H2E rejected groups validation to avoid downgrade attacks
* a large number of other fixes, cleanup, and extensions

MFC after:	2 months

Merge commit '6377230b3cf4f238dcd0dc2d76ff25943d3040e5'
2024-07-23 12:49:40 -07:00
Warner Losh e9ac41698b Remove residual blank line at start of Makefile
This is a residual of the $FreeBSD$ removal.

MFC After: 3 days (though I'll just run the command on the branches)
Sponsored by: Netflix
2024-07-15 16:43:39 -06:00
Andrew Turner 06999c8a3a share/mk: Remove armv6 support
It is being removed from the tree. Remove the build infrastructure to
configure armv6 builds.

Reviewed by:	manu, imp, emaste
Sponsored by:	Arm Ltd
Differential Revision:	https://reviews.freebsd.org/D45643
2024-07-12 11:31:54 +00:00
Colin Percival 19597c0233 Fix typo in previous commit
I fixed this when I tested the patch, but apparently forgot to commit
the typo fix into my local git tree.  ".ORDER" -> ".ORDER:".

MFC after:	5 minutes
Fixes:	187d696a0a "bsd.progs.mk: Create directories first"
Sponsored by:	Amazon
2024-07-10 08:08:20 -07:00
Colin Percival 187d696a0a bsd.progs.mk: Create directories first
Order installdirs before the $p.install targets; this is necessary
when a user of <bsd.progs.mk> also creates the directory into which
the binaries are installed.

In particular, without this patch running `make installworld -jN` can
break when installing tests since the /usr/tests/foo/bar directories
are created during installworld; this has been causing the stable/14
weekly snapshot builds to intermittently fail for months.

MFC after:	5 minutes
Sponsored by:	Amazon
Differential Revision:	https://reviews.freebsd.org/D45923
2024-07-10 07:47:18 -07:00