libarchive #831:
Spelling fixes
libarchive #832:
Relax sanity checks of number fields in tar header even more
OSS-Fuzz #16:
Fix possible hang in uudecode_filter_read()
OSS-Fuzz #220:
Reject an 'ar' filename table larger than 1GB or a filename larger
than 1MB.
jhb [Tue, 6 Dec 2016 00:39:00 +0000 (00:39 +0000)]
Rework syscall structure lookups.
Avoid always using an O(n^2) loop over known syscall structures with
strcmp() on each system call. Instead, use a per-ABI cache indexed by
the system call number. The first 1024 system calls (which should cover
all of the normal system calls in currently-supported ABIs) use a flat array
indexed by the system call number to find system call structure. For other
system calls, a linked list of structures storing an integer to structure
mapping is stored in the ABI. The linked list isn't very smart, but it
should only be used by buggy applications invoking unknown system calls.
This also fixes handling of unknown system calls which currently trigger
a NULL pointer dereference.
jhb [Tue, 6 Dec 2016 00:36:02 +0000 (00:36 +0000)]
Don't attach to Host-PCI bridges with a bad bus number.
If the bus number assigned to a Host-PCI bridge doesn't match the first
bus number in the associated producer range from _CRS, print a warning and
fail to attach rather than panicking due to an assertion failure.
At least one single-socket Dell machine leaves a "ghost" Host-PCI bridge
device in the ACPI namespace that seems to correspond to the I/O hub in
the second socket of a two-socket machine. However, the BIOS doesn't
configure the settings for this "ghost" bridge correctly, nor does it have
any PCI devices behind it.
libarchive #831:
Spelling fixes
libarchive #832:
Relax sanity checks of number fields in tar header even more
OSS-Fuzz #16:
Fix possible hang in uudecode_filter_read()
OSS-Fuzz #220:
Reject an 'ar' filename table larger than 1GB or a filename larger
than 1MB.
avos [Tue, 6 Dec 2016 00:13:49 +0000 (00:13 +0000)]
rsu: add hardware crypto support (WEP, TKIP and CCMP).
This change includes firmware commands for key setup +
some additional checking via CAMREAD / CAMWRITE registers.
Nothing (except rsu_delete_key() for pairwise keys) is deferred;
to ensure that things are done in order rsu_set_key() will wait
until key deletion task will be finished.
Tested with Asus USB-N10 (all ciphers).
Differences from initial (reviewed) patch:
- Pause AC queues before disassociation - since CMD_DISCONNECT clears
crypto state all pending frames must be processed / dropped before it.
- Check sc_running flag before trying to set static keys.
- Clear key index from bitmap even when firmware command fails
(it will be invalidated via CAMWRITE anyway).
rmacklem [Mon, 5 Dec 2016 22:36:25 +0000 (22:36 +0000)]
Fix the NFSv4.1 server for Open reclaim after a reboot.
The NFSv4.1 server failed to update the nfs-stablerestart file for
a client when the client was issued its first Open. As such, recovery
of Opens after a server reboot failed with NFSERR_NOGRACE.
This patch fixes this.
It also changes the code so that it malloc()'s the 1024 byte array
instead of allocating it on the kernel stack for both NFSv4.0 and NFSv4.1.
Note that this bug only affected NFSv4.1 and only when clients attempted
to reclaim Opens after a server reboot.
sobomax [Mon, 5 Dec 2016 17:21:04 +0000 (17:21 +0000)]
Refactor the regression test code by splitting huge monolithic C
file into smaller pieces that are hopefully easier to understand
and extend. This is to pave the ground for adding few more
socket timestamp formats that I am working on here.
- Append RCR_APP_PHYSTS bit after firmware loading - otherwise
firmware will reset the register and this modification will be lost.
(without it Rx PHY descriptor section will contain garbage).
- Check if R92S_RXDW0_PHYST bit is set (like it is done in rtwn(4)) -
even if infosz is non-zero the section may not contain anything useful.
- In case, if descriptor is absent (A-MPDU?) use last calibrated RSSI
(rtwn(4) uses RSSI from the previous (sub)frame; probably, this
approach should be used here too).
kib [Sun, 4 Dec 2016 20:44:58 +0000 (20:44 +0000)]
Restructure the code to handle reporting of non-exited processes from
wait(2).
- Do not acquire the process spinlock if neither WTRAPPED nor WUNTRACED
options were passed [1].
- Extract the code to report alive process into a new helper
report_alive_proc() and use it for trapped, stopped and continued
childrens.
Note that the process spinlock is required around the WTRAPPED and
WUNTRACED tests, because P_STOPPED_TRACE and P_STOPPED_SIG flags are
set before other threads are stopped at the suspension point, and that
threads increment p_suspcount while owning only the process spinlock,
the process lock is dropped by them. If the spinlock is not taken for
tests, the syscall thread might miss both p_suspcount increment and
wakeup in wakeup in thread_suspend_switch().
Based on the submission by: mjg [1]
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
mmel [Sun, 4 Dec 2016 16:04:22 +0000 (16:04 +0000)]
Fixes for NVIDIA Tegra124 clocks:
- EMC clock have standard peripheral clock block. Use it.
- Implement full frequency set method for PLLD2. This PLL
is used as HDMI pixel clock so we must be able to set it
to wide range of frequencies, within 5% tolerance allowed
by HDMI specification. Due to this, full state space search
(over m, n, p fields) is necessary.
mmel [Sun, 4 Dec 2016 15:27:39 +0000 (15:27 +0000)]
Implement fake pmap_mapdev_attr() for ARMv6.
This function is referenced, but never called from DRM2 code. Also,
real behavior of pmap_mapdev_attr() in ARM world is unclear as we don't
have any additional attribute for a device memory type.
Relax sanity check of number fields in tar header even more.
This fixes reading tar archives created by older versions of
plexus-archiver (used by maven-assembly-plugin) that fill uid and gid
fields with spaces (PLXCOMP-233).
jhibbits [Sun, 4 Dec 2016 02:15:46 +0000 (02:15 +0000)]
Fix a typo (move parenthesis to correct location in the line).
Before this, it would cause the one consumer of this API in powerpc usage
(dev/dpaa) to set the PTE WIMG flags to empty instead of --M-, making the
cache-enabled buffer portals non-coherent.
rpokala [Sat, 3 Dec 2016 17:54:08 +0000 (17:54 +0000)]
Build smbios.ko as a module for amd64 and i386
For whatever reason, smapi, smbios, vpd are all under the "bios" directory.
smapi is only for i386, so the entire "bios" directory is only built for
i386. Break smapi out, and make only it i386-specific. Then, build the
"bios" directory for both amd64 and i386.
pfg [Sat, 3 Dec 2016 17:44:43 +0000 (17:44 +0000)]
Revert r253678, r253661:
Fix a segfault in ctfmerge(1) due to a bug in GCC.
The change was correct and the bug real, but upstream didn't adopt it
and we want to remain in sync. When/if upstream does something about it
we can bring their version.
The bug in question was fixed in GCC 4.9 which is now the default in
FreeBSD's ports. Our native gcc-4.2, which is still in use in some Tier-2
platforms also has a workaround so no end-user should be harmed by the
revert.
avos [Sat, 3 Dec 2016 16:02:53 +0000 (16:02 +0000)]
rsu: fix frame processing in the Rx path (similar to r292207).
- Fill in Rx radiotap header correctly (for every packet in a chain;
not once per chain).
- Fix rate / flags fields in Rx radiotap.
- Add debug messages for discarded frames.
- Pass received control (< sizeof(struct ieee80211_frame)) frames
to net80211 (if allowed by device filter; cannot happen yet).
bdrewery [Sat, 3 Dec 2016 05:29:35 +0000 (05:29 +0000)]
DIRDEPS_BUILD: Fix '/' in group names creating a bad cookie.
This is reworking the change in r296585 but to still properly install
the files. This limits the change to only the DIRDEPS_BUILD logic
for what it considers the name of the staging set, which is what the
cookie name is based off of.
ngie [Sat, 3 Dec 2016 03:56:20 +0000 (03:56 +0000)]
Don't build :strvis_locale if VIS_NOLOCALE is undefined
The copy of contrib/libc-vis on ^/stable/10 doesn't contain all of the features
in the ^/stable/11 // ^/head version, including VIS_NOLOCALE. The risk is lower
in conditionally running the test instead of backporting the newer version of
libc-vis
ngie [Sat, 3 Dec 2016 03:13:32 +0000 (03:13 +0000)]
Restore pathing for factor(1), which unnecessarily diverged in r278616
factor lives in /usr/games/, not /usr/bin, in NetBSD.
The correct way to handle this is do on-the-fly manipulation of the test
script via ATF_TESTS_SH_SED_<foo>, not by modify the pathing directly in
the test script.
This is being done to resolve an unnecessary conflict made when pulling
back ^/head@r309469 (contrib/netbsd-tests update) to ^/stable/10.
adrian [Sat, 3 Dec 2016 02:45:18 +0000 (02:45 +0000)]
[net80211] prepare for 11ac aware NICs that want to know per-vdev channel and centre frequencies.
* ic_freq is the centre of the primary channel, not the centre of the
HT40/HT80/etc channel. Add a method to access that.
* Add a method to access the centre of the primary channel, including
knowing the centre of the 5/10/20/40/80, versus the primary channel.
Ie, it's the centre of the 40, 80, 160MHz channel.
* Add a method to access the centre frequency of the secondary 80MHz
channel - we don't support VHT yet, but when we do.
* Add methods to access the current channel and the per-dev desired
channel. Ideally drivers that do full offload with a per-vap channel
configuration should use the vap channel, NOT ic_curchan.
Non-offload drivers that require net80211 to change the channel should
be accessing ic_curchan.
ngie [Sat, 3 Dec 2016 02:24:15 +0000 (02:24 +0000)]
Expect 01:main to fail
Changes were made to ZFS in the past year with respect to how ACLs
are handled, causing failures in this test. Mark it TODO so (hopefully)
someone more knowledgeable (like mav or trasz) will fix the code or the
test.
vangyzen [Sat, 3 Dec 2016 01:14:21 +0000 (01:14 +0000)]
thr_set_name(): silently truncate the given name as needed
Instead of failing with ENAMETOOLONG, which is swallowed by
pthread_set_name_np() anyway, truncate the given name to MAXCOMLEN+1
bytes. This is more likely what the user wants, and saves the
caller from truncating it before the call (which was the only
recourse).
Polish pthread_set_name_np(3) and add a .Xr to thr_set_name(2)
so the user might find the documentation for this behavior.
pfg [Fri, 2 Dec 2016 16:41:08 +0000 (16:41 +0000)]
indent(1): Avoid out-of-bound accesses of arrays.
ps.paren_indents:
When ps.paren_level was 0, this was accessing paren_indents[-1].
in_buffer:
This fragment checks if "*/" was read, but there's no guarantee that there
is more than one byte in the array (actually, this happens frequently for
the "{" in things like "int main(void) {").
pfg [Fri, 2 Dec 2016 16:28:18 +0000 (16:28 +0000)]
indent(1): Optimize parser stack usage.
When special else-if processing is enabled (-ei), we can assume "else if"
and "if" to be equivalent for indentation purposes.
This reduction saves a lot of stack space in case of a long "if-else-if
... else-if" sequence; with this change,
Postgres/src/bin/psql/tab-complete.c as of 9.6beta3
requires minimum of the stack length to be 31 instead of 444.
imp [Fri, 2 Dec 2016 14:44:45 +0000 (14:44 +0000)]
Flag the vendor specific pages as such. This allows different decoding
for the same page number as different vendors encode vendor specific
pages differently.
imp [Fri, 2 Dec 2016 14:44:38 +0000 (14:44 +0000)]
dd is currently a bootstrap tool. It really doesn't have any business
being a bootstrap tool. However, for reproducible build output,
FreeBSD added dd status=none because it was otherwise difficult to
suppress the status information, but retain any errors that might
happen. There's no real reason that dd has to be a build tool, other
than we use status=none unconditional. Remove dd from a bootstrap tool
entirely by only using status=none when available. This may also help
efforts to build the system on non-FreeBSD hosts as well.
emaste [Fri, 2 Dec 2016 14:23:26 +0000 (14:23 +0000)]
Retire long-broken/unused static rtld support
rtld-elf has some vestigial support for building as a static executable.
r45501 introduced a partial implementation with a prescient note that it
"might never be enabled." r153515 introduced ELF symbol versioning
support, and removed part of the unused build infrastructure for static
rtld.
GNU ld populates rela relocation addends and GOT entries with the same
values, and rtld's run-time dynamic executable check relied on this.
Alternate toolchains may not populate the GOT entries, which caused
RTLD_IS_DYNAMIC to return false. Simplify rtld by just removing the
unused check.
If we want to restore static rtld support later on we ought to introduce
a build-time #ifdef flag.
PR: 214972
Reviewed by: kan
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8687
Vendor bugfixes:
Fix for heap-buffer-overflow in archive_le16dec()
Fix for heap-buffer-overflow in uudecode_bidder_bid()
Reworked fix for compatibility with archives created by Perl Archive::Tar
hselasky [Fri, 2 Dec 2016 09:29:22 +0000 (09:29 +0000)]
Fix return value from ng_uncallout().
callout_stop() recently started returning -1 when the callout is already
stopped, which is not handled by the netgraph code. Properly filter
the return value. Netgraph callers only want to know if the callout
was cancelled and not draining or already stopped.
Vendor bugfixes:
Fix for heap-buffer-overflow in archive_le16dec()
Fix for heap-buffer-overflow in uudecode_bidder_bid()
Reworked fix for compatibility with archives created by Perl Archive::Tar
hselasky [Fri, 2 Dec 2016 08:21:08 +0000 (08:21 +0000)]
Fix for endless recursion in the ACPI GPE handler during boot.
When handling a GPE ACPI interrupt object the EcSpaceHandler()
function can be called which checks the EC_EVENT_SCI bit and then
recurse on the EcGpeQueryHandler() function. If there are multiple GPE
events pending the EC_EVENT_SCI bit will be set at the next call to
EcSpaceHandler() causing it to recurse again via the
EcGpeQueryHandler() function. This leads to a slow never ending
recursion during boot which prevents proper system startup, because
the EC_EVENT_SCI bit never gets cleared in this scenario.
The behaviour is reproducible with the ALASKA AMI in combination with
a newer Skylake based mainboard in the following way:
Enter BIOS and adjust the clock one hour forward. Save and exit the
BIOS. System fails to boot due to the above mentioned bug in
EcGpeQueryHandler() which was observed recursing multiple times.
This patch adds a simple recursion guard to the EcGpeQueryHandler()
function and also also adds logic to detect if new GPE events occurred
during the execution of EcGpeQueryHandler() and then loop on this
function instead of recursing.
tuexen [Fri, 2 Dec 2016 08:02:31 +0000 (08:02 +0000)]
Fix the handling of TCP FIN-segments in the CLOSED state
When a TCP segment with the FIN bit set was received in the CLOSED state,
a TCP RST-ACK-segment is sent. When computing SEG.ACK for this, the
FIN counts as one byte. This accounting was missing and is fixed by this
patch.
Reviewed by: hiren
MFC after: 1 month
Sponsored by: Netflix, Inc.
Differential Revision: https://svn.freebsd.org/base/head
marcel [Fri, 2 Dec 2016 06:15:59 +0000 (06:15 +0000)]
Fix use-after-free bugs in pfsync(4)
Use after free happens for state that is deleted. The reference
count is what prevents the state from being freed. When the
state is dequeued, the reference count is dropped and the memory
freed. We can't dereference the next pointer or re-queue the
state.
pfg [Fri, 2 Dec 2016 01:25:51 +0000 (01:25 +0000)]
indent(1): Fix indent's confusion about custom FreeBSD macros.
Teach indent(1) about storage-class specifiers. Don't assume
"in_parameter_declaration" state if "in_decl" hasn't been set. Don't set
"in_decl" for storage-class specifiers.
That set of changes helps with recognizing the difference between file
scope declarations like this:
static int
do_execve(td, args, mac_p)
struct thread *td;
struct image_args *args;
struct mac *mac_p;
{
Unfortunately, at the same time this change makes indent(1) require
explicit int in declarations like "static a;", in order to understand that
it's part of a declaration. On the other hand, declarations like in the
first example are no longer indented as if ald_shuttingdown and ald_thread
were parameters of a function named LIST_HEAD.
ken [Thu, 1 Dec 2016 22:20:27 +0000 (22:20 +0000)]
Add SCSI REPORT TIMESTAMP and SET TIMESTAMP support.
This adds support to camcontrol(8) and libcam(3) for getting and setting
the time on SCSI protocol drives. This is more commonly found on tape
drives, but is a SPC (SCSI Primary Commands) command, and may be found
on any device that speaks SCSI.
The new camcontrol timestamp subcommand allows getting the current device
time or setting the time to the current system time or any arbitrary time.
sbin/camcontrol/Makefile:
Add timestamp.c.
sbin/camcontrol/camcontrol.8:
Document the new timestamp subcommand.
sbin/camcontrol/camcontrol.c:
Add the timestamp subcommand to camcontrol.
sbin/camcontrol/camcontrol.h:
Add the timestamp() function prototype.
sbin/camcontrol/timestamp.c:
Timestamp setting and reporting functionality.
sys/cam/scsi/scsi_all.c:
Add two new CCB building functions, scsi_set_timestamp() and
scsi_report_timestamp(). Also, add a new helper function,
scsi_create_timestamp().
sys/cam/scsi/scsi_all.h:
Add CDB and parameter data for the the set and report timestamp
commands.
Add function declarations for the new CCB building and helper
functions.
bdrewery [Thu, 1 Dec 2016 22:12:58 +0000 (22:12 +0000)]
Fix setrlimit_test:setrlimit_memlock when the system has exceeded vm.max_wired.
This uses the same fix as r294894 did for the mlock test. The code from
that commit is moved into a common object file which PROGS supports
building first.
rstone [Thu, 1 Dec 2016 21:08:42 +0000 (21:08 +0000)]
Fix a false positive in a buf_ring assert
buf_ring contains an assert that checks whether an item being
enqueued already exists on the ring. There is a subtle bug in
this assert. An item can be returned by a peek() function and
freed, and then the consumer thread can be preempted before
calling advance(). If this happens the item appears to still be
on the queue, but another thread may allocate the item from the
free pool and wind up trying to enqueue it again, causing the
assert to trigger incorrectly.
Fix this by skipping the head of the consumer's portion of the
ring, as this index is what will be returned by peek().
vangyzen [Thu, 1 Dec 2016 17:36:31 +0000 (17:36 +0000)]
locale: enable more warnings; fix them
Do not set WARNS, so it gets the current default of 6.
Fix the warnings by sprinkling static, const, or strdup.
Make some constant data tables const. Fix whitespace.
cem [Thu, 1 Dec 2016 17:28:45 +0000 (17:28 +0000)]
capsicum_helpers: Squash errors from closed fds
Squash EBADF from closed stdin, stdout, or stderr in caph_limit_stdio().
Any program used during special shell scripts may commonly be forked
from a parent process with closed standard stream. Do the common sense
thing for this common use.
Reported by: Iblis Lin <iblis AT hs.ntnu.edu.tw>
Reviewed by: oshogbo@ (earlier version)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8657
alc [Thu, 1 Dec 2016 17:26:37 +0000 (17:26 +0000)]
During vm_page_cache()'s call to vm_radix_insert(), if vm_page_alloc() was
called to allocate a new page of radix trie nodes, there could be a call to
vm_radix_remove() on the same trie (of PG_CACHED pages) as the in-progress
vm_radix_insert(). With the removal of PG_CACHED pages, we can simplify
vm_radix_insert() and vm_radix_remove() by removing the flags on the root of
the trie that were used to detect this case and the code for restarting
vm_radix_insert() when it happened.
danfe [Thu, 1 Dec 2016 14:31:05 +0000 (14:31 +0000)]
- Mention mismatching numbers in MSR vs. ACPI _PSS count warning: seeing
actual numbers would help debugging (also, `MSR' and `ACPI' are standard
abbreviations and thus should be properly capitalized)
- Rephrase unsupported AMD CPUs message and wrap as an overly long line:
`sorry' 1) is wrongly spelled after period (starts with a small letter)
and 2) carries emotional "tinge" that is unnecessary and even bogus in
debug message; `implemented' is not the best word as `supported' suits
better in this context
- Improve readability when reporting resulted P-state transition (debug)
emaste [Thu, 1 Dec 2016 14:28:37 +0000 (14:28 +0000)]
EFI loaders: parse rela relocations on amd64
Prior to this change the loader self relocation code interpreted amd64's
rela relocations as if they were rel relocations, discarding the addend.
This "works" because GNU ld 2.17.50 stores the addend value in both the
r_addend field of the relocation (as expected) and at the target of the
relocation.
Other linkers, and possibly other versions of GNU ld, won't have this
behaviour, so interpret the relocations correctly.
Reported by: George Rimar
Reviewed by: andrew
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D8681
peter [Thu, 1 Dec 2016 07:50:44 +0000 (07:50 +0000)]
Update from subversion 1.9.4 to 1.9.5.
This includes a security fix for a component that we do not build, and
two potentially useful client side fixes for reintegrate merges and tree
conflict handling. See CHANGES for full details.
imp [Thu, 1 Dec 2016 04:35:43 +0000 (04:35 +0000)]
Revert the 'performance' setting to 'NONE' from C2. C2 has issues with
USB in places, as well as having the potential for reducing
performance. Since this is used even when powerd isn't enabled, these
two problems can cause on servers. Supermicro X9 motherboards, for
example, have problems with the virtual IPMI USB keyboards and mice
attaching and detaching repeatedly. Since there are issues on some
CPUs with C2, fail safe by defaulting to not altering it.