truckman [Fri, 20 May 2016 06:41:26 +0000 (06:41 +0000)]
MFC r299591
Always return either a dynamically allocated string or NULL from
expand(). Never return the name parameter, which could be a the buf[]
buffer which is allocated on the stack by getdeadletter() and which
would then be used after getdeadletter() has returned.
truckman [Fri, 20 May 2016 06:35:14 +0000 (06:35 +0000)]
MFC r299581
Use strlcpy() instead of strncpy() to ensure that qf->fsname is NUL
terminated. Don't bother checking for truncation since the subsequent
stat() call should detect that and fail.
truckman [Fri, 20 May 2016 06:33:02 +0000 (06:33 +0000)]
MFC r299580
Use strlcpy() instead of strncpy() to ensure that ret->name is
NUL terminated. The source and destination buffers are the same
size and the source *should* be NUL terminated, but be paranoid.
truckman [Fri, 20 May 2016 06:27:58 +0000 (06:27 +0000)]
MFC r299579
Use strlcpy() instead of strncpy() to ensure that qup->fsname is NUL
terminated. Don't bother checking for truncation since the subsequent
quota_read() should detect that and fail.
Avoid Coverity NUL termination warning about strncpy() by using
memcpy() instead. It's probably a bit more optimal in this case
anyway. [1]
The program logic leading up to the creation of the strncpy/memcpy
destination buffer is a bit hairy. Add a call to assert() to make
it clear what is happening here and detect any potential buffer
overruns in the future.
Check a couple syscall error returns. Ignore the EEXIST error from
link() to preserve existing behavior. [2] [3]
Instead of ignoring the EEXIST from link(), unconditionally unlink
the terget before calling link(). This should prevent links to an
old copy of the file from being retained.
Use strlcpy() instead of strncpy() when copying to dom_domain to
ensure that the latter is NUL terminated since it is passed
as an argument to *printf().
truckman [Fri, 20 May 2016 06:02:44 +0000 (06:02 +0000)]
MFC r299524
Use strlcpy() instead of strncpy() when copying the encoding value
to ensure that the destination is NUL terminated. Length truncation
of one more character should not be an issue since encoding values
that long are not supported by libc. The destination string is
treated as a NUL terminated string, but it is only passed to strcmp()
for comparison to a set of shorter, fixed length strings, so this
is not a serious problem.
rmacklem [Fri, 20 May 2016 01:19:30 +0000 (01:19 +0000)]
MFC: r299201
Give mountd -S priority over outstanding RPC requests when suspending the nfsd.
It was reported via email that under certain heavy RPC loads
long delays before the exports would be updated was observed
when using "mountd -S". This patch reverses the priority between
the exclusive lock request to suspend the nfsd threads and the
shared lock request for performing RPCs.
As such, when mountd attempts to suspend the nfsd threads, it
gets priority over outstanding RPC requests to do this.
I suspect that the case reported was an artificial test load,
but this patch did fix the problem for the reporter.
jkim [Mon, 16 May 2016 22:42:09 +0000 (22:42 +0000)]
Hide OPENSSL_cpuid_setup and OPENSSL_ia32cap_P symbols from libcrypto.so.
Note this is a direct commit because it is merged from OpenSSL upstream and
head (OpenSSL 1.0.2 branch) already has the same change:
jkim [Mon, 16 May 2016 19:30:27 +0000 (19:30 +0000)]
- Make libcrypto.so position independent on i386.
- Enable linker error when libcrypto.so contains a relocation against text.
- Add "Do not modify" comment to generated source files.
- Set CC environment variable for Perl scripts to enable AVX instructions.
- Update __FreeBSD_version to indicate libcrypto.so is position independent.
Note this is a direct commit because head has OpenSSL 1.0.2 branch but based
on r299389, r299462, r299464, r299479, and r299480.
- (r299263) Update MPI headers to version 42.
- (r299265) Several style changes and add copyrights for 2016.
- (r299266) Add support for the Broadcom (Avago/LSI) 9305 16 and 24 port HBA's.
- (r299267) No log bit in IOCStatus and endian-safe changes.
Use MPI2_IOCSTATUS_MASK when checking IOCStatus to mask off the log bit, and
make a few more things endian-safe.
- (r299268) Change logging level for a debug string to use MPR_LOG instead of
MPR_INFO.
- (r299269) Fix possible use of invalid pointer.
It was possible to use an invalid pointer to get the target ID value. To fix
this, initialize a local Target ID variable to an invalid value and change that
variable to a valid value only if the pointer to the Target ID is not NULL.
- (r299270) No need to set the MPRSAS_SHUTDOWN flag because it's never used.
- (r299271) Use callout_reset_sbt() instead of callout_reset() if FreeBSD ver
is >= 1000029
- (r299272) done_ccb pointer can be used if it is NULL.
To prevent this, move check for done_ccb == NULL to before done_ccb is used in
mprsas_stop_unit_done().
- (r299274) Disks can go missing until a reboot is done in some cases.
This is due to the DevHandle not being released, which causes the Firmware to
not allow that disk to be re-added.
- (r299275) Bump version of mpr driver to 13.00.00.00-fbsd
asomers [Mon, 16 May 2016 17:23:57 +0000 (17:23 +0000)]
MFC r298072
Don't corrupt ZFS label's physpath attribute when booting while a disk is
missing
Prior to this change, vdev_geom_open_by_path would call vdev_geom_attach
prior to verifying the device's GUIDs. vdev_geom_attach calls
vdev_geom_attrchange to set the physpath in the vdev object. The result is
that if the disk could not be found, then the labels for other disks in the
same TLD would overwrite the missing disk's physpath with the physpath of
whichever disk currently has the same devname as the missing one used to
have.
pfg [Mon, 16 May 2016 16:29:56 +0000 (16:29 +0000)]
MFC r298901:
restore: promote some getfiles() parameters to size_t.
This is based on a change from OpenBSD:
"Fix restore so that it can actually restore files larger than 4GB by
changing the type of "size" to off_t in getfiles() plus little dependent
type cleanup, from Daniel Lucq."
It is an important for machines with 32 bit longs.
While here unsign the flags, also from OpenBSD.
kib [Mon, 16 May 2016 02:23:58 +0000 (02:23 +0000)]
MFC r298922:
Issue NOTE_EXTEND when a directory entry is added to or removed from
the monitored directory as the result of rename(2) operation. The
renames staying in the directory are not reported.
dim [Sat, 14 May 2016 10:18:27 +0000 (10:18 +0000)]
MFC r275385 (by bapt):
Sync the svn template with the one from ports
MFC r289180 (by peter):
Update from svn-1.8.14 to 1.9.2.
Formal release notes are available:
https://subversion.apache.org/docs/release-notes/1.9.html
Of particular note, the client checkout format has *not* changed so
upgrades should *not* be required.
When reading a repository (file:// or running as a local server), an
improved fsfs version 7 is available with significant performance
improvements. An optional upgrade is possible to use the new features.
Without the upgrade, this is fully read/write compatible with the
version 6 fsfs as in svn-1.8.
MFC r298845:
Update from subversion 1.9.2 to 1.9.4.
This contains only bug fixes, no new features. The repository format is
also unchanged from 1.9.2. Full list of changes between 1.9.4 and
earlier versions:
Note that the two security issues fixed in 1.9.4 (CVE-2016-2167 and
CVE-2016-2168) do not affect the version of Subversion in the FreeBSD
base system, since neither SASL nor Apache modules are enabled.
MFC r298996:
Re-sync the FreeBSD-specific Subversion template with the one from
ports.
ngie [Fri, 13 May 2016 09:52:39 +0000 (09:52 +0000)]
MFC r298839:
Fix memory allocation edgecases in kvm_argv(..)
- Don't leak nbufp on realloc failure in kvm_argv
- Catch malloc errors with bufp
- Set buflen last in the "buflen == 0" case to ensure that
bufp/nbufp is properly reallocated on the next go around
ngie [Fri, 13 May 2016 09:14:43 +0000 (09:14 +0000)]
MFC r298462:
Return `ret` in op_ifentry(..) to mute a -Wunused-but-set-variable warning
This will also now detect error conditions with
value->var.subs[sub - 1] == LEAF_ifPhysAddress where `string_get(..)`
could fail if iifp->physaddr and/or iifp->physaddrlen were deemed
invalid.
ngie [Fri, 13 May 2016 09:06:52 +0000 (09:06 +0000)]
MFC r298665:
r298665 (by cem):
aacraid(4): Fix some mostly trivial buffer overruns
strcpy(3) emits a trailing nul byte, trampling fields after the intended
destination. Instead, use strncpy(3), intentionally leaving these fields
not nul-terminated.
ngie [Fri, 13 May 2016 09:05:29 +0000 (09:05 +0000)]
MFC r298670:
r298670 (by cem):
ciss(4): Fix overrun of array
The softc member 'ciss_logical' is an array of 'ciss_max_logical_bus' members.
Most of the time it is iterated correctly. This patch fixes the two instances
where the driver iterated off the end of the array.
ngie [Fri, 13 May 2016 08:54:08 +0000 (08:54 +0000)]
MFC r298671,r298672:
r298671 (by cem):
g_part_bsd64: Check for valid on-disk npartitions value
This value is u32 on disk, but assigned to an int in memory. After we do the
implicit conversion via assignment, check that the result is at least one[1]
(non-negative[2]).
1. The subsequent for-loop iterates from gpt_entries minus one, down, until
reaching zero. A negative or zero initial index results in undefined signed
integer overflow.
2. It is also used to index into arrays later.
In practice, we expected non-malicious disks to contain small positive values.
ngie [Fri, 13 May 2016 08:41:09 +0000 (08:41 +0000)]
MFC r298337:
r298337 (by cem):
pty(4): Use strlcpy to guarantee destination buffer isn't overrun
The devtoname() name is strcpyed into a small stack buffer. Sure, we always
expect the name to be ttyXX (or ptyXX). If that's the case, strlcpy() doesn't
hurt.
ism_stop() already destroys and frees 'sp', including a call to ic_destroy().
Don't dereference 'sp' after ism_stop() and don't invoke ic_destroy() on the
freed memory either.
ngie [Fri, 13 May 2016 08:17:42 +0000 (08:17 +0000)]
MFC r298333:
r298333 (by cem):
Make Racct macro slightly more gracious given RACCT_UNDEFINED
rctl_string_to_rule could previously index below the zeroth element of
racct_types via the macro. Maybe it shouldn't use the macro on
RACCT_UNDEFINED. But given every other RACCT_ definition is non-negative, it
seems pretty easy to foot-shoot this one without the check.
The facility_initialized and facility arrays are the same size and were
intended to be indexed the same. I believe this mismatch was just a
typo/braino in r208731.
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Paul Dagnelie <pcd@delphix.com>
Author: Alexander Motin <mav@FreeBSD.org>
Improve speculative prefetch of indirect blocks.
Scalability of many operations on wide ZFS pool can be limited by
requirement to prefetch indirect blocks first. Recently added
asynchronous indirect block read partially helped, but did not
solve the problem completely. This patch extends existing prefetcher
functionality to explicitly work with indirect blocks.
Before this change prefetcher issued reads for up to 8MB of data in
advance. With this change it also issues indirect block reads
for up to 64MB of data in advance, so that when it will be time to
actually read those data, it can be done immediately. Alike effect
can be achieved by just increasing maximal data prefetch distance,
but at higher memory cost.
Also this change introduces indirect block prefetch for rewrite
operations, that was never done before. Previously ARC miss for
Indirect blocks regularly blocked rewrites, converting perfectly
aligned asynchronous operations into synchronous read-write pairs,
significantly reducing maximal rewrite speed.
While being there this issue was also fixed:
- prefetch was done always, even if caching for the dataset was
completely disabled.
Testing on FreeBSD with zvol on top of 6x striped 2x mirrored pool
of 12 assorted HDDs shown me such performance numbers:
------- BEFORE --------
Write 491363677 bytes/sec
Read 312430631 bytes/sec
Rewrite 97680464 bytes/sec
-------- AFTER --------
Write 493524146 bytes/sec
Read 438598079 bytes/sec
Rewrite 277506044 bytes/sec
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Dan Kimmel <dan.kimmel@delphix.com>
Reviewed by: Paul Dagnelie <pcd@delphix.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: Eli Rosenthal <eli.rosenthal@delphix.com>
mav [Wed, 11 May 2016 11:31:51 +0000 (11:31 +0000)]
MFC r297507: MFV r297504:
6681 zfs list burning lots of time in dodefault() via dsl_prop_*
Reviewed by: Patrick Mooney <patrick.mooney@joyent.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Approved by: Matthew Ahrens <mahrens@delphix.com>
Author: Alex Wilson <alex.wilson@joyent.com>
mav [Wed, 11 May 2016 11:24:59 +0000 (11:24 +0000)]
MFC r297763: MFV r297760: 6418 zpool should have a label clearing command
Reviewed by: Yuri Pankov <yuri.pankov@nexenta.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Author: Will Andrews <will@firepipe.net>
mav [Wed, 11 May 2016 11:23:22 +0000 (11:23 +0000)]
MFC r297508: MFV r297505:
6739 userland version of cv_timedwait_hires() always assumes absolute time
Reviewed by: Paul Dagnelie <pcd@delphix.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Robert Mustacchi <rm@joyent.com>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: George Wilson <george.wilson@delphix.com>
asomers [Tue, 10 May 2016 17:34:35 +0000 (17:34 +0000)]
MFC 294923
Fix grep_test:recurse with ZFS and TMPFS tmpdirs
contrib/netbsd-tests/usr.bin/grep/t_grep.sh
Fix grep_test:recurse when /tmp is either zfs or tmpfs. The test was
relying on an implicit ordering of directory recursion which happens to
be true when using UFS. grep's specification requires no such ordering.
The solution is to ignore the order of grep's results.
asomers [Tue, 10 May 2016 16:49:50 +0000 (16:49 +0000)]
MFC 297868
Fix rare double free in vdev_geom_attrchanged
sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
Don't drop the g_topology_lock before freeing old_physpath. That
opens up a race where one thread can call vdev_geom_attrchanged,
set old_physpath, drop the g_topology_lock, then block trying to
acquire the SCL_STATE lock. Then another thread can come into
vdev_geom_attrchanged, set old_physpath to the same value, and
proceed to free it. When the first thread resumes, it will free
the same location.
It turns out that the SCL_STATE lock isn't needed. It was
originally added by gibbs to protect vd->vdev_physpath while
updating the same. However, the update process subsequently was
switched to an atomic operation (a pointer swap). Now, there is
no need for the SCL_STATE lock, and hence no need to drop the
g_topology_lock.
jhb [Tue, 10 May 2016 03:42:18 +0000 (03:42 +0000)]
MFC 299205: Restore name=value format of PCI location strings.
When devctl was added, the location string for PCI devices was changed to
use the PCI "selector" that pciconf and devctl accept. However, devd
assumes that location strings are formatted as a list of name=value pairs.
As a result, devd is no longer parsing any of the values out of PCI
device events. Restore the previous format of the PCI location strings
to restore the location and slot keywords in case any devd scripts are
using this. Add the "selector" as a new 'dbsf' location variable.
davidcs [Tue, 10 May 2016 02:26:26 +0000 (02:26 +0000)]
MFC r298294
1. modify fwdump (a.k.a grcdump) so that grcdump memory is allocated
and freed on as needed basis.
2. grcdump can be taken at failure points by invoking bxe_grc_dump()
when trigger_grcdump sysctl flag is set. When grcdump is taken
grcdump_done sysctl flag is set.
3. grcdump_done can be monitored by the user to retrieve the grcdump