Decrease the anti-congestion sleep in 480.leapfile-ntpd to 1 hour
24 hours is too long. Periodic scripts are executed serially, so when
combined with the sleep in 410.pkg-audit periodic could actually take more
than 24 hours and block the next invocation.
Otherwise, it will silently disable the login for the selected account if
the argument is unrecognizable.
usr.sbin/pw/pw.h
usr.sbin/pw/pw_conf.c
usr.sbin/pw/pw_user.c
Use separate rules to validate boolean parameters and passwd
parameters. Error out if a password parameter cannot be parsed.
usr.sbin/pw/tests/Makefile
usr.sbin/pw/tests/crypt.c
usr.sbin/pw/tests/pw_useradd.sh
usr.sbin/pw/tests/pw_usermod.sh
Add tests for the validation. Also, enhance existing
password-related tests to actually validate that the correct hash is
written to master.passwd.
MFC r305421:
Resolve deadlock between device_detach() and usbd_do_request_flags()
by reviving the SX control request lock and refining which lock
protects the common scratch area in "struct usb_device".
The SX control request lock was removed by r246759 because it caused a
lock order reversal with the USB enumeration lock inside
usbd_transfer_setup() as a function of r246616. It was thought that
reducing the number of locks would resolve the LOR, but because some
USB device drivers use usbd_do_request_flags() inside callback
functions, like in taskqueues, a deadlock may occur when these are
drained from device_detach(). By restoring the SX control request
lock usbd_do_request_flags() is allowed to complete its execution
when a USB device driver is detaching. By using the SX control request
lock to protect the scratch area, the LOR introduced by r246616 is
also resolved.
Bump the FreeBSD version while at it to force recompilation of all USB
kernel modules.
MFC r303352
- Change the fbuf "vga" parameter to "vga=on|io|off".
"io" is the default, and allows VGA i/o registers to be
accessed. This is required by Win7/2k8 graphics guests that
use a combination of BIOS int10 and UEFI.
"off" disables all VGA i/o and mem accesses.
"on" is not yet hooked up, but will enable full VGA rendering.
OpenBSD/UEFI >= 5.9 graphics guests can be booted using "vga=off"
- Allow "rfb" to be used instead of "tcp" for the fbuf VNC
description. "tcp" will be removed at a future point and is
kept as an alias.
In m_devget(), if the data fits in a packet header mbuf, check the amount
of data is less than or equal to MHLEN instead of MLEN when placing initial
small packet header at end of mbuf.
MFC r304571:
Make the UKBD USB transfers double buffered and set them up one by one,
so they are memory independent which allows for handling panics
triggered by the keyboard driver itself, typically via CTRL+ALT+ESC
sequences. Or if the USB keyboard driver was processing a key at the
moment of panic. Allow UKBD to be attached while keyboard polling is active.
MFC r305284:
Fix array size issue when using the pre-scaling feature for
ISOCHRONOUS USB transfers. Make sure enough length and buffer pointers
are allocated when setting up the libusb transfer structure to support
the maximum number of frames the kernel can handle.
MFC r303893, r303894:
misc replacements of comma with semicolon when pertinent.
Uses of commas instead of a semicolons can easily go undetected. The comma
can serve as a statement separator but this shouldn't be abused when
statements are meant to be standalone.
MFC r303889:
libc/rpc: replace comma with semicolon when pertinent.
Uses of commas instead of a semicolons can easily go undetected. The comma
can serve as a statement separator but this shouldn't be abused when
statements are meant to be standalone.
MFC r303891, r303892:
sys: replace comma with semicolon when pertinent.
Uses of commas instead of a semicolons can easily go undetected. The comma
can serve as a statement separator but this shouldn't be abused when
statements are meant to be standalone.
2) Prevent out of bounds access to ws[-1] (passed buffer) which happens
when the first mb sequence is incomplete and there are not enougn chars in
the read buffer. ws[-1] may lead to memory faults or false results, in
case the memory here contains '\n'.
3) Fix n == 1 case. Here should be no physical read (fill buffer) attempt
(we read n - 1 chars with the room for NUL, see fgets()),
and no NULL return.
In existing implementations including FreeBSD, there is no reason to use
readdir_r() in the common case where potentially multiple threads each list
their own directory. Code using readdir() is simpler.
What's more, although readdir_r() can safely be used on FreeBSD because
NAME_MAX is forced to 255, it cannot be used safely on systems where
{NAME_MAX} is not fixed. As a concrete example, FAT/NTFS filenames can be up
to 255 UTF-16 code units long, which can be up to 765 UTF-8 bytes.
Deprecating readdir_r() in POSIX has been proposed in
http://www.austingroupbugs.net/view.php?id=696
and glibc wants to deprecate it as well.
dim [Wed, 7 Sep 2016 19:25:08 +0000 (19:25 +0000)]
MFC r305389:
With clang 3.9.0, compiling sys/netinet/igmp.c results in the following
warning:
sys/netinet/igmp.c:546:21: error: implicit conversion from 'int' to 'char' changes value from 148 to -108 [-Werror,-Wconstant-conversion]
p->ipopt_list[0] = IPOPT_RA; /* Router Alert Option */
~ ^~~~~~~~
sys/netinet/ip.h:153:19: note: expanded from macro 'IPOPT_RA'
#define IPOPT_RA 148 /* router alert */
^~~
This is because ipopt_list is an array of char, so IPOPT_RA is wrapped
to a negative value. It would be nice to change ipopt_list to an array
of u_char, but it changes the signature of the public struct ipoption,
so add an explicit cast to suppress the warning.
dim [Wed, 7 Sep 2016 19:17:03 +0000 (19:17 +0000)]
MFC r305360:
With clang 3.9.0, compiling cxgb results in the following warning:
sys/dev/cxgb/cxgb_sge.c:2873:44: error: implicit conversion from 'int'
to 'char' changes value from 128 to -128 [-Werror,-Wconstant-conversion]
*mtod(m, char *) = CPL_ASYNC_NOTIF;
~ ^~~~~~~~~~~~~~~
This is because CPL_ASYNC_NOTIF is 0x80, so the plain char argument is
wrapped to a negative value. Fix this by using uint8_t instead.
dim [Wed, 7 Sep 2016 19:02:47 +0000 (19:02 +0000)]
MFC r305345:
With clang 3.9.0, compiling ppbus(4) results in the following warnings:
sys/dev/ppbus/ppb_1284.c:296:46: error: implicit conversion from 'int'
to 'char' changes value from 144 to -112 [-Werror,-Wconstant-conversion]
if ((error = do_peripheral_wait(bus, SELECT | nBUSY, 0))) {
~~~~~~~~~~~~~~~~~~ ~~~~~~~^~~~~~~
sys/dev/ppbus/ppb_1284.c:785:48: error: implicit conversion from 'int'
to 'char' changes value from 240 to -16 [-Werror,-Wconstant-conversion]
if (do_1284_wait(bus, nACK | SELECT | PERROR | nBUSY,
~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~
sys/dev/ppbus/ppb_1284.c:786:29: error: implicit conversion from 'int'
to 'char' changes value from 240 to -16 [-Werror,-Wconstant-conversion]
nACK | SELECT | PERROR | nBUSY)) {
~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~
This is because nBUSY is 0x80, so the plain char argument is wrapped to
a negative value. Fix this in a minimal fashion, by using uint8_t in a
few places.
dim [Wed, 7 Sep 2016 18:33:18 +0000 (18:33 +0000)]
MFC r305085:
Fix warnings in tnftp about invalid constant conversions, e.g.:
contrib/tnftp/src/ftp.c:2067:11: error: implicit conversion from 'int'
to 'char' changes value from 255 to -1 [-Werror,-Wconstant-conversion]
buf[0] = IAC;
~ ^~~
/usr/include/arpa/telnet.h:39:13: note: expanded from macro 'IAC'
#define IAC 255 /* interpret as command: */
^~~
contrib/tnftp/src/ftp.c:2068:11: error: implicit conversion from 'int'
to 'char' changes value from 244 to -12 [-Werror,-Wconstant-conversion]
buf[1] = IP;
~ ^~
/usr/include/arpa/telnet.h:50:12: note: expanded from macro 'IP'
#define IP 244 /* interrupt process--permanently */
^~~
dim [Wed, 7 Sep 2016 18:22:08 +0000 (18:22 +0000)]
MFC r305077:
Squelch clang 3.9.0 warnings about BASE (which is 32768) being converted
to -32768 when it is used as an argument to mp_itom(), in both libtelnet
and newkey. This code has been wrong since r26238 (!), so after almost
20 years it is rather useless to try to correct it.
MFC r305086:
Fix warnings in telnet about invalid constant conversions, e.g.:
contrib/telnet/telnet/commands.c:2914:13: error: implicit conversion
from 'int' to 'char' changes value from 137 to -119
[-Werror,-Wconstant-conversion]
*lsrp++ = IPOPT_SSRR;
~ ^~~~~~~~~~
/usr/include/netinet/ip.h:152:21: note: expanded from macro 'IPOPT_SSRR'
#define IPOPT_SSRR 137 /* strict source route */
^~~
contrib/telnet/telnet/commands.c:2916:13: error: implicit conversion
from 'int' to 'char' changes value from 131 to -125
[-Werror,-Wconstant-conversion]
*lsrp++ = IPOPT_LSRR;
~ ^~~~~~~~~~
/usr/include/netinet/ip.h:148:21: note: expanded from macro 'IPOPT_LSRR'
#define IPOPT_LSRR 131 /* loose source route */
^~~
dim [Wed, 7 Sep 2016 18:16:06 +0000 (18:16 +0000)]
MFC r305218:
Pull in r277331 from upstream llvm trunk (by Diana Picus):
[AArch64] Return the correct size for TLSDESC_CALLSEQ
The branch relaxation pass is computing the wrong offsets because it assumes
TLSDESC_CALLSEQ eats up 4 bytes, when in fact it is lowered to an instruction
sequence taking up 16 bytes. This can become a problem in huge files with lots
of TLS accesses, as it may slowly move branch targets out of the range computed
by the branch relaxation pass.
dim [Wed, 7 Sep 2016 18:06:34 +0000 (18:06 +0000)]
MFC r304920:
In ncurses baudrate definitions, avoid warnings about implicit
conversions from int to short changing the values. This applies to
B38400 and higher, since their values do not fit into a short.
However, since the wrapped values are still unique, and they only serve
as keys, there is no problem in adding a cast to silence the warnings.
This also avoids changing the ABI, which would happen if we changed
NCURSES_OSPEED to int.
andrew [Wed, 7 Sep 2016 13:57:06 +0000 (13:57 +0000)]
MFC 304801:
Don't set *dev in the zfs root case, it may be NULL and will correctly be
set later in the function. This fixes a potential NULL pointer dereference
found on arm64.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
andrew [Wed, 7 Sep 2016 12:59:08 +0000 (12:59 +0000)]
MFC 303307, 303308, 303309 clean up the arm64 MP code:
- Rework how we number CPUs on arm64 to try and keep clusters together.
- Fix a typo in a string in a KASSERT to sanity check the CPU IDs.
- Remove an unused variable.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
andrew [Wed, 7 Sep 2016 12:10:30 +0000 (12:10 +0000)]
MFC 302849, 302851, 302896 GICv3 improvements:
- Move internal data structures out of the common header file
- Remove unused data structures and macros
- Add us_print_child to the GICv3 driver
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
MFC r303799, r303800:
ext2fs: Add defines for some missing ext4 features and inode flags.
These are currently unused in our implementation and some even appear to
have not been implemented yet on linux but it is good to keep them for
reference.
MFC r305065: Add refactored blacklist support to sshd
Change the calls to of blacklist_init() and blacklist_notify to be
macros defined in the blacklist_client.h file. This avoids
the need for #ifdef USE_BLACKLIST / #endif except in the
blacklist.c file.
Remove redundent initialization attempts from within
blacklist_notify - everything always goes through
blacklistd_init().
Added UseBlacklist option to sshd, which defaults to off.
To enable the functionality, use '-o UseBlacklist=yes' on
the command line, or uncomment in the sshd_config file.
Approved by: des
Sponsored by: The FreeBSD Foundation
Revert r304192 to fix short month names and replace %b with %_m in date_fmt
for Chinese locales.
As mentioned in the commit message of r289041, nl_langinfo(ABMON_*) only
returned numbers when using a Chinese locale, this causes problems in
applications that put the short month name and the day of the month together.
manu [Mon, 5 Sep 2016 21:25:45 +0000 (21:25 +0000)]
MFC r304509
if_emac: Before generating a random MAC address, try using the SID rootkey
to generate one. This is was U-Boot does to generate a random MAC so we end
up with the same MAC address as if U-Boot did generate it.
manu [Mon, 5 Sep 2016 21:11:27 +0000 (21:11 +0000)]
MFC r303087
Add support for the SID (Security ID Module) on Allwinner A10 and A20.
The rootkey is burnt at production and can't be changed, thus is can be used
as a device unique ID or to generate a MAC address (This is was u-boot does).
The rootkey is exposed as a sysctl (dev.aw_sid.<unit>.rootkey).
manu [Mon, 5 Sep 2016 20:46:45 +0000 (20:46 +0000)]
MFC r304290,r304649
r304290:
Only set pud settings if this is a pullup or pulldown configuration.
This removes the need to set the MMC pins with pullups in our DTS.
Thanks to jmcneill@ for spotting this.
r304649:
Do not include file from dt-bindings and simply use the already present defines.
manu [Mon, 5 Sep 2016 20:34:15 +0000 (20:34 +0000)]
MFC r304289
a10_gpio_get_function now returns the whole function not only
GPIO_INPUT/GPIO_OUTPUT.
a10_gpio_get_pud now returns the whole pud not only PULLDOWN/PULLUP.
Add a10_gpio_get_drv to get the current drive strenght.
During fdt pin configure, avoid setting function/drive/pud if it's already in
the correct value.
MFC r305269: cron: use existing maximum username constant MAXLOGNAME
Previously cron had its own maximum username length limit, which was
smaller than the system's MAXLOGNAME. This could lead to crontab -u
updating the wrong user's crontab (if the name was truncated, and
matched another user).
fgetwc(3) may set both __SEOF and __SERR at once (in case of incomplete
sequence near EOF), so we can't just check for
(wc == WEOF && !__sfeof(fp)) and must relay on __sferror(fp) with
__SERR clearing/restoring.
dim [Fri, 2 Sep 2016 17:07:52 +0000 (17:07 +0000)]
MFC r305013:
Add an empty virtual destructor to zfsd's Vdev class. This is needed
because the class has virtual functions, and the compiler-generated
default destructor is non-virtual.
Reviewed by: asomers
MFC r305016:
Fix the zfsd unittest:
* TESTSDIR is supposed to be under cddl/usr.sbin, not cddl/sbin
* DevdCtl::EventBuffer no longer exists, so remove its forward
declaration
MFC r305036:
Some versions of SLOF do not append the partition number to the boot
device argument to the stage-1 bootloader. In such cases, boot1 would
only try to read the entire device rather than checking for partitions.
Instead of panic'ing, fall back to reading the partitions as normal in
such situations. This was preventing boot of installed systems on some
versions of PowerKVM.
MFC r304966 (peter):
The read-ahead code from r298230 made it likely the boot code would read
beyond the end of disk. r298900 added code to prevent this. Some BIOSes
cause significant delays if asked to read past end-of-disk.
We never trusted the BIOS to accurately report the sectorsize of disks
before and this set of changes. Unfortuately they interact badly with
the infamous >2TB wraparound bugs. We have a number of relatively-recent
machines in the FreeBSD.org cluster where the BIOS reports 3TB disks as 1TB.
With pre-r298900 they work just fine. After r298900 they stop working if
the boot environment attempts to access anything outside the first 1TB on
the disk. 'ZFS: I/O error, all block copies unavailable' etc. It affects
both UFS and ZFS if they try to boot from large volumes.
This change replaces the blind trust of the BIOS end-of-disk reporting
with a read-ahead clip to prevent reads crossing the of end-of-disk
boundary. Since 2^32 (2TB) size reporting truncation is not uncommon,
the clipping is done on 2TB aliases of the reported end-of-disk.
ie: a 3TB disk reported as 1TB has readahead clipped at 1TB, 3TB, 5TB, ...
as one of them is likely to be the real end-of-disk.
This should make the loader on these broken machines behave the same as
traditional pre-r298900 loader behavior, without disabling read-ahead.
Add non-TRUSTEDBSD prefixed knobs for the _PC_ACL* and {CAP,INF,MAC}_PRESENT knobs
It's not necessarily intuitive that the variables to query contain TRUSTEDBSD
in the prefix. Add non-TRUSTEDBSD prefixed knobs for querying things like
"_PC_ACL_NFS4".
MFC r304075,r304989:
Sync libarchive with vendor including security fixes
Vendor issues fixed:
Issue #731: Reject tar entries >= INT64_MAX
Issue #744: Very long pathnames evade symlink checks
Issue #748: libarchive can compress, but cannot decompress zip some files
PR #750: ustar: fix out of bounds read on empty string ("") filename
PR #755: fix use of acl_get_flagset_np() on FreeBSD
Issue #767: Buffer overflow printing a filename
Issue #770: Zip read: be more careful about extra_length
MFC r304874:
Temporarily disable two libarchive tests that have not yet been fixed by
vendor. Tests will be re-enabled after a fix has been merged.
jkim [Wed, 31 Aug 2016 20:21:03 +0000 (20:21 +0000)]
MFC: r304320
Disable assembly sources when compiler/assembler cannot compile certain
instructions. For example, GCC 4.2.1 + binutils 2.17.50 does not support
AVX instructions.
Follow-up to r304953, in which I broke the build: apparently the SOLARIS
macro is defined in lots of different places in ipfilter, so replace all
of the nonportable definitions with portable ones.