hselasky [Mon, 15 Aug 2016 09:03:05 +0000 (09:03 +0000)]
MFC r303765:
Keep a reference count on USB keyboard polling to allow recursive
cngrab() during a panic for example, similar to what the AT-keyboard
driver is doing.
hselasky [Fri, 12 Aug 2016 07:59:06 +0000 (07:59 +0000)]
MFC r301039:
Add support for simplex USB MIDI devices, which only provide BULK or
INTERRUPT endpoints for moving data in one direction, like the KeyRig
49 from M-Audio.
dim [Tue, 9 Aug 2016 18:53:57 +0000 (18:53 +0000)]
MFC r228395 (by ed):
Add missing "static const" to long options table.
This table is only used in this C file and passed to getopt_long(), so
we can safely add static and const to it.
MFC r241737 (by ed):
More -Wmissing-variable-declarations fixes.
MFC r270132 (by gabor):
- Do not look for more matching lines if -L is specified
Submitted by: eadler (based on)
MFC r296799 (by ian):
Fix a bug in bsdgrep that caused the program to hang in a tight loop for
some combinations of command line options and search patterns. The code was
examining regexec flags looking for a regcomp flag value. The fix is to
look in the struct field where the decoded regcomp flag was stored when the
regex was compiled.
With this fix, it's possible to build WITHOUT_GNU_GREP_COMPAT and
WITH_BSDGREP and have a usable GPL-free grep (which of course lacks gnugrep
extensions). It now passes the kyua tests except for one test that requires
the -z/--null-data gnu extension, and one test involving outputting context
lines across multiple files which appears to sometimes output an extra
delimiter line ("--") between matches (a rather obscure failure of a rather
obscure feature, so bsdgrep should be generally usable now).
MFC r303676:
Fix a segfault in bsdgrep when parsing the invalid extended regexps "?"
or "+" (these are invalid, because there is no preceding operand).
When bsdgrep attempts to emulate GNU grep in discarding and ignoring the
invalid ? or + operators, some later logic in tre_compile_fast() goes
beyond the end of the buffer, leading to a crash.
Fix this by bailing out, and reporting a bad pattern instead.
jhb [Sat, 6 Aug 2016 23:53:33 +0000 (23:53 +0000)]
MFC 303076,303225: Use MTX_SYSINIT for the VESA lock.
303076:
vesa: fix panic on suspend
Fix the following panic seen when migrating a FreeBSD guest on Xen:
panic: mtx_lock() of destroyed mutex @ /usr/src/sys/dev/fb/vesa.c:541
cpuid = 0
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe001d2fa4f0
vpanic() at vpanic+0x182/frame 0xfffffe001d2fa570
kassert_panic() at kassert_panic+0x126/frame 0xfffffe001d2fa5e0
__mtx_lock_flags() at __mtx_lock_flags+0x15b/frame 0xfffffe001d2fa630
vesa_bios_save_restore() at vesa_bios_save_restore+0x78/frame 0xfffffe001d2fa680
vga_suspend() at vga_suspend+0xa3/frame 0xfffffe001d2fa6b0
isavga_suspend() at isavga_suspend+0x1d/frame 0xfffffe001d2fa6d0
bus_generic_suspend_child() at bus_generic_suspend_child+0x44/frame
[...]
This is caused because vga_sub_configure (which is called if the VGA adapter
is attached after VESA tried to initialize), points to vesa_configure, which
doesn't initialize the VESA mutex. In order to fix it, make sure
vga_sub_configure points to vesa_load, so that all the needed vesa
components are properly initialized.
303225:
Use MTX_SYSINIT for the VESA lock.
vesa_init_done isn't a reliable guard for the mutex init. If
vesa_configure() doesn't find valid VESA info it will not set
vesa_init_done, but the lock will remain initialized. Revert r303076
and use MTX_SYSINIT to deterministically init the lock.
jhb [Fri, 5 Aug 2016 17:14:45 +0000 (17:14 +0000)]
MFC 302181: Add a tunable to disable migration of MSI-X interrupts.
The new 'machdep.disable_msix_migration' tunable can be set to 1 to
disable migration of MSI-X interrupts.
Xen versions prior to 4.6.0 do not properly handle updates to MSI-X
table entries after the initial write. In particular, the operation
to unmask a table entry after updating it during migration is not
propagated to the "real" table for passthrough devices causing the
interrupt to remain masked. At least some systems in EC2 are
affected by this bug when using SRIOV. The tunable can be set in
loader.conf as a workaround.
ngie [Wed, 3 Aug 2016 01:26:02 +0000 (01:26 +0000)]
MFstable/10 r303692:
MFstable/11 r303691:
MFC r302550,r302551,r302552,r302553:
r302550:
Deobfuscate cleanup path in clnt_dg_create(..)
Similar to r300836 and r301800, cl and cu will always be non-NULL as they're
allocated using the mem_alloc routines, which always use
`malloc(..., M_WAITOK)`.
Deobfuscating the cleanup path fixes a leak where if cl was NULL and
cu was not, cu would not be free'd, and also removes a duplicate test for
cl not being NULL.
Similar to r300836, r301800, and r302550, cl and ct will always
be non-NULL as they're allocated using the mem_alloc routines,
which always use `malloc(..., M_WAITOK)`.
MFC 303109: Update crashinfo to work with newer gdb from ports.
If gdb from ports is installed, use it instead of the base system gdb
to extract variables from a kernel. Note that base gdb and ports gdb
do not support the same options for invoking a single command in batch
mode, so a wrapper shell function is used. In addition, prefer kgdb
from ports when generating a backtrace if present.
MFC 302899: Add documentation for the sigevent structure.
- Add a sigevent(3) manpage to give a general overview of the sigevent
structure and the available notification mechanisms.
- Document that AIO requests contain a nested sigevent structure that can
be used to request completion notification.
- Expand the sigevent details in other manuals to note details such as
the extra values stored in a queued signal's information or in a posted
kevent.
MFC 299977: Use polling spin loops for timeouts during early boot.
Some ACPI operations such as mutex acquires and event waits accept a
timeout. The ACPI OSD layer implements these timeouts by using regular
sleep timeouts. However, this doesn't work during early boot before
event timers are setup. Instead, use polling combined with DELAY()
to spin.
This fixes booting on upcoming Intel systems with Kaby Lake processors.
Allow - in distribution names. This is needed for freebsd-update to work
with 11.0+, where the debugging symbols use a new naming scheme for release
distribution files.
hselasky [Wed, 29 Jun 2016 10:46:10 +0000 (10:46 +0000)]
MFC r301842:
Implement code to stop all USB endpoints before executing a USB device
reset command, alternate setting command or set configuration
command. Else LibUSB v1.0 will not re-open the endpoints which the
kernel closes and the USB application might wait infinitely for
transfers to complete.
hselasky [Wed, 29 Jun 2016 10:23:19 +0000 (10:23 +0000)]
MFC r302076:
Update the definition for number of scratch pages to match the latest
version of the XHCI specification. Make sure the code can handle the
maximum number of allowed scratch pages.
pfg [Fri, 24 Jun 2016 02:28:24 +0000 (02:28 +0000)]
MFC r300683:
libc: regexec(3) adjustment.
Change the behavior of when REG_STARTEND is combined with REG_NOTBOL.
From the original posting[1]:
"Enable the assumption that pmatch[0].rm_so is a continuation offset
to a string and allows us to do a proper assessment of the character
in regards to it's word position ('^' or '\<'), without risking going
into unallocated memory."
This change makes us similar to how glibc handles REG_STARTEND |
REG_NOTBOL, and is closely related to a soon-to-land fix to sed.
Special thanks to Martijn van Duren and Ingo Schwarze for working
out some consistent behaviour.
Differential Revision: https://reviews.freebsd.org/D6257
Taken from: openbsd-tech 2016-05-24 [1] (Martijn van Duren)
Support for compression has been available from July 2007 but it
was never imported due to concerns with patents once held by
STAC/HiFn. The issues have clearly been resolved so bring it
in now.
Special thanks to Brett Glass for preserving the code and
pointing documentation for the expiration case.
vangyzen [Wed, 15 Jun 2016 14:12:22 +0000 (14:12 +0000)]
MFC r301532
newsyslog: Eliminate unnecessary sleep(10) when -R and -s are specified
After going through the signal work list, during which do_sigwork()
is called and essentially does nothing because -s and -R were
specified on the command line, newsyslog will sleep for 10 seconds
as the (verbose) code says: "Pause 10 seconds to allow daemon(s)
to close log file(s)".
However, the man page verbiage for -R (and -s) seems quite clear
that this sleep() is unnecessary because the daemon was expected
to have already closed the log file before calling newsyslog.
PR: 210020
Submitted by: David A. Bright <david_a_bright@dell.com>
Sponsored by: Dell Inc.
ngie [Sun, 12 Jun 2016 08:32:39 +0000 (08:32 +0000)]
MFstable/10 r301836:
MFC r300395:
Silence top(1) compiler warnings
The contrib/top code is no longer maintained upstream (last pulled 16 years
ago). The K&R-style followed by the code spews -Wimplicit-int and -Wreturn-type
warnings, amongst others. This silences 131 warnings with as little modification
as possible by adding necessary return types, definitions, headers, and header
guards, and missing header includes.
The 5 warnings that remain are due to undeclared ncurses references. I didn't
include curses.h and term.h because there are several local functions and macros
that conflict with those definitions.
ngie [Fri, 10 Jun 2016 18:22:21 +0000 (18:22 +0000)]
MFstable/10 r301809:
MFC r299513,r299515:
r299513 (by cem):
rtadvd(8): Don't use-after-free
This whole block of code as committed fully formed in r224144. I'm not really
sure what the intent was, but it seems plausible that !persist ifis could need
other member cleanup. Don't free the object until after we've finished
cleaning its members.
ngie [Fri, 10 Jun 2016 18:12:11 +0000 (18:12 +0000)]
MFstable/10 r301806:
MFC r299510:
r299510 (by cem):
libmp: Fix trivial buffer overrun
fgetln yields a non-NUL-terminated buffer and its length. This routine
attempted to NUL-terminate it, but did not allocate space for the NUL. So,
allocate space for the NUL.
ngie [Fri, 10 Jun 2016 18:04:54 +0000 (18:04 +0000)]
MFstable/10 r301803:
MFC r299507:
r299507 (by cem):
rtadvd(8): Fix a typo in full msg receive logic
Check against the size of the struct, not the pointer. Previously, a message
with a cm_len between 9 and 23 (inclusive) could cause int msglen to underflow
and read(2) to be invoked with msglen size (implicitly cast to signed),
overrunning the caller-provided buffer.
All users of cm_recv() supply a stack buffer.
On the other hand, the rtadvd control socket appears to only be writable by the
owner, who is probably root.
While here, correct some types to be size_t or ssize_t.
CID: 1008477
Security: unix socket remotes may overflow stack in rtadvd
ngie [Fri, 10 Jun 2016 17:59:30 +0000 (17:59 +0000)]
MFstable/10 r301801:
MFC r300836:
Quell false positives in svc_vc_create and svc_vc_create_conn with cd and xprt
Both cd and xprt will be non-NULL after their respective malloc(9) wrappers are
called (mem_alloc and svc_xprt_alloc, which calls mem_alloc) as mem_alloc
always gets called with M_WAITOK|M_ZERO today. Thus, testing for them being
non-NULL is incorrect -- it misleads Coverity and it misleads the reader.
Remove some unnecessary NULL initializations as a follow up to help solidify
the fact that these pointers will be initialized properly in sys/rpc/.. with
the interfaces the way they are currently.
ngie [Fri, 10 Jun 2016 14:42:36 +0000 (14:42 +0000)]
MFstable/10 r301789:
MFC r299491:
r299491 (by cem):
route6d(8): Fix potential double-free
In the case that the subsequent sysctl(3) call failed, 'buf' could be free(3)ed
repeatedly. It isn't clear to me that that case is possible, but be clear and
do the right thing in case it is.
ngie [Fri, 10 Jun 2016 14:10:51 +0000 (14:10 +0000)]
MFstable/10 r301782:
MFC r299460:
r299460 (by cem):
fsck_ffs: Don't overrun mount device buffer
Maybe this case is impossible. Either way, when attempting to "/dev/"-prefix a
non-global device name, check that we do not overrun the f_mntfromname buffer.
In this case, truncating (with strlcpy or similar) would not be useful, since
the f_mntfromname result of getmntpt() is passed directly to open(2) later.
ngie [Wed, 8 Jun 2016 19:31:12 +0000 (19:31 +0000)]
MFstable/10 r301655:
MFC r299766:
Fix logically dead code pointed out by clang/Coverity
parse_context, parse_user_security: test for validity of results from
parse_ascii(..) with by casting to int32_t and comparing to -1; comparing
unsigned types to negative values will always be false.
ngie [Wed, 8 Jun 2016 18:23:33 +0000 (18:23 +0000)]
MFstable/10 r301680:
MFC r300625:
Remove unnecessary memset(.., 0, ..)'s
The mem_alloc macro calls calloc (userspace) / malloc(.., M_WAITOK|M_ZERO)
under the covers, so zeroing out memory is already handled by the underlying
calls