1) Eliminate possibility to call __*collate_range_cmp() with inclomplete
locale (which cause core dump) by removing whole 'table' argument
by which it passed.
2) Restore __collate_range_cmp() in __sccl().
3) Collating [a-z] range in regcomp() works for single byte locales only
(we can't do it for other ones). In previous state only first 256
wide chars are considered and all others are just silently dropped from the
range.
MFC r300612
Reject ioctl commands for FLSHGCHR and FLSHPCHR if the size is greater
than sc->areq. This is a bounds check to ensure we're not just cramming
arbitrarily sized nonsense into the driver and overflowing the heap.
MFC r299188
Since igb_detach() cleans up all the data structures that will be
free'd by the functions following its call, we can simply return instead
of crashing and burning in the event of igb_detach() failing.
Avoid a possible heap overflow in our nlm code by limiting the number
of service to the arbitrary value of 256. Log an appropriate message
that indicates the hard limit.
MFC r303031: clang++: Always use --eh-frame-hdr on FreeBSD, even for -static
FreeBSD uses LLVM's libunwind on FreeBSD/arm64 today (and we expect to
use it more widely in the future) and it requires the EH frame segment
in static binaries.
MFC - r302384 to 10-STABLE
Do not initialize the adapter on MTU change when adapter status is down.
This fixes long-standing problems when changing settings of the adapter.
Decrease lock contention within the TCP accept case by removing
the INP_INFO lock from tcp_usr_accept. As the PR/patch states
this was following the advice already in the code.
See the PR below for a full discussion of this change and its
measured effects.
Fix problems in the FQ-PIE AQM cleanup code that could leak memory or
cause a crash.
Because dummynet calls pie_cleanup() while holding a mutex, pie_cleanup()
is not able to use callout_drain() to make sure that all callouts are
finished before it returns, and callout_stop() is not sufficient to make
that guarantee. After pie_cleanup() returns, dummynet will free a
structure that any remaining callouts will want to access.
Fix these problems by allocating a separate structure to contain the
data used by the callouts. In pie_cleanup(), call callout_reset_sbt()
to replace the normal callout with a cleanup callout that does the cleanup
work for each sub-queue. The instance of the cleanup callout that
destroys the last flow will also free the extra allocated block of memory.
Protect the reference count manipulation in the cleanup callout with
DN_BH_WLOCK() to be consistent with all of the other usage of the reference
count where this lock is held by the dummynet code.
Fix a copy/paste bug introduced during X86_64 Linuxulator work.
FreeBSD support NX bit on X86_64 processors out of the box, for i386 emulation
use READ_IMPLIES_EXEC flag, introduced in r302515.
While here move common part of mmap() and mprotect() code to the files in compat/linux
to reduce code dupcliation between Linuxulator's.
Implement Linux personality() system call mainly due to READ_IMPLIES_EXEC flag.
In Linux if this flag is set, PROT_READ implies PROT_EXEC for mmap().
Linux/i386 set this flag automatically if the binary requires executable stack.
READ_IMPLIES_EXEC flag will be used in the next Linux mmap() commit.
Updates to EC2 loader.conf:
* Use console=comconsole (r301732) since EC2 now has a "VGA" console;
* Enable blkif indirect segment I/O (r302288) since EC2 now consistently
gets better disk performance with this option enabled.
Support checksum offloading for TCP/IPV6 and UDP/IPV6.
Support SCTP checksum offloading for SCTP/IPV6.
Support SCTP checksum offloading on all controllers except 82575.
Don't check the area that the host has not filled.
PR: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=209443
PR: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210425
Submitted by: Hongjiang Zhang <honzhan microsoft com>
Reviewed by: sephe, Dexuan Cui <decui microsoft com>
Sponsored by: Microsoft OSTC
Differential Revision: https://reviews.freebsd.org/D6955
302605
hyperv/stor: Save the response status and xfer length properly.
The current command response handling discards status and xfer
length unconditionally, so that all of the commands would be
considered successful, even if errors happened. When errors
really happens, this causes all kinds of wiredness, since the
buffer will not be filled on the host side and sense data will
be ignored.
Most of the time, errors do not happen, however, error does
happen for the request sent immediately after the disk resizing.
Discarding the SCSI status (SCSI_STATUS_CHECK_COND) and sense
data (capacity changes) prevents the disk resizing from working
properly.
This commit saves the response status and xfer length properly
for later use.
Submitted by: Dexuan Cui <decui microsoft com>
Noticed by: sephe
Sponsored by: Microsoft OSTC
Differential Revision: https://reviews.freebsd.org/D7181
This library uses macros to define fprintf behvavior for several object
types The compiler will see the non-string literal arguments to the fprintf
calls and omit warnings for them. Quiese these warnings in contrib code:
cddl/contrib/opensolaris/lib/libnvpair/libnvpair.c:743:12: warning: format
string is not a string literal (potentially insecure) [-Wformat-security]
ARENDER(pctl, nvlist_array, nvl, name, val, nelem);
cddl/lib/libavl/Makefile
cddl/lib/libctf/Makefile
cddl/lib/libnvpair/Makefile
cddl/lib/libumem/Makefile
cddl/lib/libuutil/Makefile
Increase WARNS to the highest working level for each of these
libraries
Add the ability to print out the module specific information in likely formats.
Among other things this gives us the ability to find out the syscall number of a dynamically loaded syscall that has a dynamicly allocated vector number.
MFC r302402: Fix ahci(4) driver attach to controller with 32 ports.
Incorrect sign expansion in variables that supposed to be a bit fields
caused infinite loop. Fixing this allows system properly detect maximal
possible 32 devices configured on AHCI HBA of BHyVe. That case did not
happen in a wild before due to lack of hardware AHCI HBAs with 32 ports.
- Remove -Wunused-but-set-variable (newcpu)
- Always return VMEXIT_CONTINUE as the code always set retval to that value.
r302363:
Fix gcc warnings
Put cfl/prdt under AHCI_DEBUG #defines as they are only used in
those cases.
r302364:
Fix gcc warnings
Add `WRAPPED_CTASSERT` macro by annotating CTASSERTs with __unused
to deal with -Wunused-local-typedefs warnings from gcc 4.8+.
All other compilers (clang, etc) use CTASSERT as-is. A more generic
solution for this issue will be proposed after ^/stable/11 is forked.
Consolidate all CTASSERTs under one block instead of inlining them in
functions.
r302365:
Fix gcc warnings
Remove -Wunused-but-set-variable (`error`). Cast calls with
`(void)` to note that the return value is explicitly ignored.
r302373:
Fix CTASSERT issue in a more clean way
- Replace all CTASSERT macro instances with static_assert's.
- Remove the WRAPPED_CTASSERT macro; it's now an unnecessary obfuscation.
- Localize all static_assert's to the structures being tested.
- Sort some headers per-style(9).
Skip lastcomm and sa tests on unsupported architectures
usr.bin/lastcom/tests/Makefile
usr.sbin/sa/tests/Makefile
Set allow_architectures appropriately. These tests depend on
golden files that must be generated for each architecture, and
haven't yet been generated for all of them.
Better document security_show_{success,info,badconfig} in /etc/periodic.conf
periodic(8) already handles the security_show_{success,info,badconfig}
variables correctly. However, those variables aren't explicitly set in
/etc/defaults/periodic.conf or anywhere else, which suggests to the user
that they shouldn't be used.
etc/defaults/periodic.conf
Explicitly set defaults for security_show_{success,info,badconfig}
usr.sbin/periodic/periodic.sh
Update usage string
usr.sbin/periodic/periodic.8
Minor man page updates
One thing I'm _not_ doing is recommending setting security_output to
/var/log/security.log or adding that file to /etc/newsyslog.conf, because
periodic(8) would create it with default permissions, usually 644, and
that's probably a bad idea.
Output the diffs to standard error when comparing the expected vs the
obtained output from lastcomm instead of just printing out a summary, e.g.
"they differed".
This will make failures with results more apparent when running kyua debug,
kyua report-html, etc.
MFC r302306:
Fix detection of USB device disconnects in USB host mode when the USB
device is connected directly to the USB port of the DWC OTG, in this
case a RPI-zero.
Allow - in distribution names. This is needed for freebsd-update to work
with 11.0+, where the debugging symbols use a new naming scheme for release
distribution files.
Similar to r300836, cl and ct will always be non-NULL as they're allocated
using the mem_alloc routines, which always use `malloc(..., M_WAITOK)`.
Deobfuscating the cleanup path fixes a leak where if cl was NULL and
ct was not, ct would not be free'd, and also removes a duplicate test for
cl not being NULL.
Sync libarchive with vendor, bugfixes for tests:
- fix tests on filesystems without birthtime support, e.g. UFS1 (1)
- vendor issue #729: avoid use of C99 for-scope declarations in
test_write_format_gnutar_filenames.c
Fix a race condition between the main thread in aqm_pie_cleanup() and the
callout thread that can cause a kernel panic. Always do the final cleanup
in the callout thread by passing a separate callout function for that task
to callout_reset_sbt().
Protect the ref_count decrement in the callout with DN_BH_WLOCK(). All
other ref_count manipulation is protected with this lock.
There is still a tiny window between ref_count reaching zero and the end
of the callout function where it is unsafe to unload the module. Fixing
this would require the use of callout_drain(), but this can't be done
because dummynet holds a mutex and callout_drain() might sleep.
Remove the callout_pending(), callout_active(), and callout_deactivate()
calls from calculate_drop_prob(). They are not needed because this callout
uses callout_init_mtx().
Fix multiple Coverity Out-of-bounds access false postive issues in CAM
The currently used idiom for clearing the part of a ccb after its
header generates one or two Coverity errors for each time it is
used. All instances generate an Out-of-bounds access (ARRAY_VS_SINGLETON)
error because of the treatment of the header as a two element array,
with a pointer to the non-existent second element being passed as
the starting address to bzero(). Some instances also alsp generate
Out-of-bounds access (OVERRUN) errors, probably because the space
being cleared is larger than the sizeofstruct ccb_hdr).
In addition, this idiom is difficult for humans to understand and
it is error prone. The user has to chose the proper struct ccb_*
type (which does not appear in the surrounding code) for the sizeof()
in the length calculation. I found several instances where the
length was incorrect, which could cause either an actual out of
bounds write, or incompletely clear the ccb.
A better way is to write the code to clear the ccb itself starting
at sizeof(ccb_hdr) bytes from the start of the ccb, and calculate
the length based on the specific type of struct ccb_* being cleared
as specified by the union ccb member being used. The latter can
normally be seen in the nearby code. This is friendlier for Coverity
and other static analysis tools because they will see that the
intent is to clear the trailing part of the ccb.
Wrap all of the boilerplate code in a convenient macro that only
requires a pointer to the desired union ccb member (or a pointer
to the union ccb itself) as an argument.