avos [Thu, 9 Jun 2016 17:26:54 +0000 (17:26 +0000)]
urtwn(4): refresh manpage.
Mention URTWN_WITHOUT_UCODE option (r295871), hardware encryption support
(r292175), IBSS (r290651) and HOSTAP (r290631) mode support;
cleanup CAVEATS section (some 11n support was added in r297175 + add a
note about current rate control issues).
emaste [Thu, 9 Jun 2016 17:03:03 +0000 (17:03 +0000)]
Use -L to specify compat32 library paths instead of -Y
-Y is an uncommon linker option that is rather similar to -L. In
discussion with Peter it seems early amd64 development might have
required the -Y-specific behaviour, but it is no longer necessary.
Switch to -L which is more widely supported and much more commonly
used, to make it easier to link the FreeBSD base system with linkers
other than ld.bfd.
Submitted by: Rafael Ávila de Espíndola
Differential Revision: https://reviews.freebsd.org/D6681
jamie [Thu, 9 Jun 2016 16:41:41 +0000 (16:41 +0000)]
Make sure the OSD methods for jail set and remove can't run concurrently,
by holding allprison_lock exclusively (even if only for a moment before
downgrading) on all paths that call PR_METHOD_REMOVE. Since they may run
on a downgraded lock, it's still possible for them to run concurrently
with PR_METHOD_GET, which will need to use the prison lock.
royger [Thu, 9 Jun 2016 16:15:01 +0000 (16:15 +0000)]
xen/timer: re-introduce the inittodr call in the resume path
r298930 removed the inittodr call, but it seems like this prevents
"calcru: runtime went backwards ..." messages from occasionally appearing
when resuming from migration.
Reported by: Karl Pielorz <kpielorz@tdx.co.uk>
Sponsored by: Citrix Systems R&D
avos [Thu, 9 Jun 2016 13:42:18 +0000 (13:42 +0000)]
net80211: discard an injected frame if it is smaller than header length.
Do not try to pass such frames; a correct frame cannot be smaller than
(the corresponding) header size.
(for wpi(4) an additional check was added in r289012).
ticks are signed int and if statistics is not updated for a long time
(more than INT_MAX ticks, but less than UINT_MAX) difference becomes
negative and less than hz for a long time.
Other option to repeat is simply load driver (which initializes
timestamps to 0) when ticks are negative.
Remove 'if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1);' from raw xmit
and apbridge path; it will be incremented by ieee80211_tx_complete()
after packet transmission.
trasz [Thu, 9 Jun 2016 07:49:20 +0000 (07:49 +0000)]
Decouple MaxBurstLength and FirstBurstLength from MaxRecvDataSegmentLength
reported by the ICL module in iscsid(8). This harmed performance and was
just wrong.
trasz [Thu, 9 Jun 2016 07:19:02 +0000 (07:19 +0000)]
Don't cap FirstBurstLength to maximum MaxRecvDataSegmentLength claimed
by the offload driver; there is no reason to do so, and it actually
harms performance.
cperciva [Thu, 9 Jun 2016 03:54:25 +0000 (03:54 +0000)]
Add 'env - PATH=$$PATH' to bsdec2-image-upload make command, in order to
avoid environment pollution problems. That port uses <bsd.prog.mk> but
is not compatible with the latest mk bits in HEAD.
Reported by: gjb
No rush, but make sure it's in the tree before tomorrow by: gjb
sjg [Thu, 9 Jun 2016 01:50:43 +0000 (01:50 +0000)]
Add a prototype for random_harvest_queue to dev/random/random_harvestq.h
This fixes a warning that occurs in a number of files that use the
random_harvest_queue function.
markj [Thu, 9 Jun 2016 01:28:44 +0000 (01:28 +0000)]
Implement an NSS backend for netgroups and add getnetgrent_r(3).
This support appears to have been documented in nsswitch.conf(5) for some
time. The implementation adds two NSS netgroup providers to libc. The
default, compat, provides the behaviour documented in netgroup(5), so this
change does not make any user-visible behaviour changes. A files provider
is also implemented.
innetgr(3) is implemented as an optional NSS method so that providers such
as NIS which are able to implement efficient reverse lookup can do so.
A fallback implementation is used otherwise. getnetgrent_r(3) is added for
convenience and to provide compatibility with glibc and Solaris.
With a small patch to net/nss_ldap, it's possible to specify an ldap
netgroup provider, allowing one to query nisNetgroupTriple entries.
markj [Thu, 9 Jun 2016 01:11:48 +0000 (01:11 +0000)]
Fix an infinite loop in setnetgrent(3) with NIS netgroups.
Handle an empty result from yp_match() by returning NULL, which is
consistent with the handling of an empty netgroup in /etc/netgroup.
setnetgrent(3) has no return value, so there is no particular need to
distinguish this case from an error.
oshogbo [Wed, 8 Jun 2016 23:22:59 +0000 (23:22 +0000)]
The code responsible for opening and rotating pcap files is independent
of Capser and should use openat(2) unconditionally on FreeBSD.
openat(2) is mandatory when sandboxed with Capsicum, but still works
in the absence of Capsicum.
andrew [Wed, 8 Jun 2016 22:36:55 +0000 (22:36 +0000)]
Allow libefi to be built with TERM_EMU undefined. There were a few places
where we assumed TERM_EMU was defined but didn't check. Fix these by also
including them under the ifdefs.
As HO is called from loader we need a null implementation so loader.efi
doesn't need to know which version of libefi it is building against.
andrew [Wed, 8 Jun 2016 22:29:30 +0000 (22:29 +0000)]
Remove the ARMv4/ARMv5 userland atomic support from struct proc on armv6.
Nothing should use this on armv6 as we use the atomic instructions added in
ARMv6k.
landonf [Wed, 8 Jun 2016 21:38:51 +0000 (21:38 +0000)]
bhnd(4): Fix mips/broadcom core matching and bus pass order.
Changes:
- Fixed incorrect MIPS74k vendor ID in the bhnd core descriptor tables
- Fixed MIPS core driver's matching against MIPS/MIPS33 cores.
- Improved MIPS3302 core description.
- Enabled BUS_PASS_BUS on the bhnd nexus drivers to allow early probing
of the MIPS core.
- Enabled BUS_PASS_CPU on the MIPS core driver to ensure correct attach
order.
- Disabled matching of the MIPS core driver on non-SoC devices.
Reviewed by: Michael Zhilin <mizhka@gmail.com>
Approved by: adrian (mentor)
Differential Revision: https://reviews.freebsd.org/D6735
Don't let ATF call basename() and dirname() in a non-standard way.
POSIX basename() and dirname() are allowed to overwrite the input
buffer. The advantage of implementing it that way is that the functions
can be thread-safe, as they don't store the result in a global buffer.
It looks like ATF wants to call basename() and dirname() in the
non-standard way where the argument is of type "const char *". This
change disables the calls to basename() and dirname(), which only seems
to affect the formatting of some rare debug/error messages.
Allow to setup country and/or regulatory domain before scanning
(since channel list is affected by regulatory restrictions this may
impact scan results).
adrian [Wed, 8 Jun 2016 16:10:34 +0000 (16:10 +0000)]
[ath_hal] correctly initialise the CAB queue default value
* Allow readyTime to just be programmed in directly
* The beacon interval and all of the beacon timing sysctl's are in TU,
not TSF. So, we were doing the wrong math on the CAB programming
in the first place.
des [Wed, 8 Jun 2016 11:47:19 +0000 (11:47 +0000)]
Replace _pam_verbose_error() with a macro. This was the last difference
between our libpam and stock OpenPAM, meaning that it is now possible to
replace the base libpam with a hypothetical ports version of OpenPAM.
truckman [Wed, 8 Jun 2016 09:40:06 +0000 (09:40 +0000)]
Don't leak addrinfo if ai->ai_addrlen <= minsiz test fails.
If the ai->ai_addrlen <= minsiz test fails, then freeaddrinfo()
does not get called to free the memory just allocated by getaddrinfo().
Fix by moving ai->ai_addrlen <= minsiz to a separate nested if
block, and keep freeaddrinfo() in the outer block so that freeaddrinfo()
will be called whenever getaddrinfo() succeeds.
truckman [Wed, 8 Jun 2016 05:32:39 +0000 (05:32 +0000)]
Explicitly NUL terminate the buffer filled by fread().
The fix in r300649 was not sufficient to convince Coverity that the
buffer was NUL terminated, even with the buffer pre-zeroed. Swap
the size and nmemb arguments to fread() so that a valid lenght is
returned, which we can use to terminate the string in the buffer
at the correct location. This should also quiet the complaint about
the return value of fread() not being checked.
kib [Wed, 8 Jun 2016 04:37:03 +0000 (04:37 +0000)]
Old process credentials for setuid execve must not be dereferenced
when the process credentials were not changed. This can happen if an
error occured trying to activate the setuid binary. And on error, if
new credentials were not yet assigned, they must be freed to not
create the leak.
Use oldcred == NULL as the predicate to detect credential
reassignment.
Reported and tested by: pho
Sponsored by: The FreeBSD Foundation
truckman [Wed, 8 Jun 2016 02:14:05 +0000 (02:14 +0000)]
Fix a (false positive?) Argument cannot be negative coverity defect.
Rather than guarding close(fd) with an fd >= 0 test and setting fd
to -1 when it is closed to avoid a potential double-close, just
move the close() call after the conditional "goto make_token". This
moves the close() call totally outside the loop to avoid the
possibility of calling it twice. This should also prevent a Coverity
warning about checking fd for validity after it was previously passed
to read().
oshogbo [Wed, 8 Jun 2016 02:03:53 +0000 (02:03 +0000)]
Add flags to the Casper services.
CASPER_SERVICE_STDIO - Casper will not close the first three descriptors (stdin,
stdout and stderr) this can be helpful for debugging.
CASPER_SERVICE_FD - Capser will not close all other descriptors, this can
be useful for a filesystem service.