Martin Matuska [Thu, 12 May 2016 10:16:16 +0000 (10:16 +0000)]
MFV r299425:
Update libarchive to 3.2.0
New features:
- new bsdcat command-line utility
- LZ4 compression (in src only via external utility from ports)
- Warc format support
- 'Raw' format writer
- Zip: Support archives >4GB, entries >4GB
- Zip: Support encrypting and decrypting entries
- Zip: Support experimental streaming extension
- Identify encrypted entries in several formats
- New --clear-nochange-flags option to bsdtar tries to remove noschg and
similar flags before deleting files
- New --ignore-zeros option to bsdtar to handle concatenated tar archives
- Use multi-threaded LZMA decompression if liblzma supports it
- Expose version info for libraries used by libarchive
Create a dummy "task_struct" on the stack which is returned by
"current" inside all LinuxKPI file operation callbacks. The "current"
is frequently used for various debug prints, printing the thread name
and thread ID for example.
Don Lewis [Thu, 12 May 2016 08:41:22 +0000 (08:41 +0000)]
Use strlcpy() instead of strncpy() when copying the encoding value
to ensure that the destination is NUL terminated. Length truncation
of one more character should not be an issue since encoding values
that long are not supported by libc. The destination string is
treated as a NUL terminated string, but it is only passed to strcmp()
for comparison to a set of shorter, fixed length strings, so this
is not a serious problem.
Stop hiding errors that result in failure to mount /dev. Otherwise,
missing /dev directory makes one end up with a completely deaf (init
without stdout/stderr) system with no hints on the console, unless
you've booted up with bootverbose.
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Don Lewis [Thu, 12 May 2016 06:39:13 +0000 (06:39 +0000)]
Use strlcpy() instead of strncpy() to copy the string returned by
setlocale() so that static analyzers know that the string is NUL
terminated. This was causing a false positive in Coverity even
though the longest string returned by setlocale() is ENCODING_LEN
(31) and we are copying into a 64 byte buffer. This change is also
a bit of an optimization since we don't need the strncpy() feature
of padding the rest of the destination buffer with NUL characters.
When the multicast filters we're allowed to insert are controlled by the
hypervisor, it may be that we can insert some but not others. So we need
to have fallbacks where we insert any filters we can without rolling back
when one fails to insert.
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D6318
Conrad Meyer [Thu, 12 May 2016 04:54:32 +0000 (04:54 +0000)]
rtadvd(8): Don't use-after-free
This whole block of code as committed fully formed in r224144. I'm not really
sure what the intent was, but it seems plausible that !persist ifis could need
other member cleanup. Don't free the object until after we've finished
cleaning its members.
Conrad Meyer [Thu, 12 May 2016 04:28:22 +0000 (04:28 +0000)]
dhclient: Fix some trivial buffer overruns
There was some confusion about how to limit a hardware address to at most 16
bytes. In some cases it would overrun a byte off the end of the array.
Correct the types and rectify the overrun.
Conrad Meyer [Thu, 12 May 2016 03:53:20 +0000 (03:53 +0000)]
libmp: Fix trivial buffer overrun
fgetln yields a non-NUL-terminated buffer and its length. This routine
attempted to NUL-terminate it, but did not allocate space for the NUL. So,
allocate space for the NUL.
Conrad Meyer [Thu, 12 May 2016 03:37:17 +0000 (03:37 +0000)]
rtadvd(8): Fix a typo in full msg receive logic
Check against the size of the struct, not the pointer. Previously, a message
with a cm_len between 9 and 23 (inclusive) could cause int msglen to underflow
and read(2) to be invoked with msglen size (implicitly cast to signed),
overrunning the caller-provided buffer.
All users of cm_recv() supply a stack buffer.
On the other hand, the rtadvd control socket appears to only be writable by the
owner, who is probably root.
While here, correct some types to be size_t or ssize_t.
Conrad Meyer [Thu, 12 May 2016 02:41:38 +0000 (02:41 +0000)]
snd_hda(4): Don't pass bogus sizeof()s to unused sysctl arg2 parameter
None of the sysctl handlers in hdaa use the arg2 parameter, so just pass zero
instead. Additionally, the sizes being passed in were suspect (size of the
pointer rather than the value).
Conrad Meyer [Wed, 11 May 2016 23:25:59 +0000 (23:25 +0000)]
libkrb5: Fix potential double-free
If krb5_make_principal fails, tmp_creds.server may remain a pointer to freed
memory and then be double-freed. After freeing it the first time, initialize
it to NULL, which causes subsequent krb5_free_principal calls to do the right
thing.
Conrad Meyer [Wed, 11 May 2016 22:33:20 +0000 (22:33 +0000)]
route6d(8): Fix potential double-free
In the case that the subsequent sysctl(3) call failed, 'buf' could be free(3)ed
repeatedly. It isn't clear to me that that case is possible, but be clear and
do the right thing in case it is.
Conrad Meyer [Wed, 11 May 2016 22:04:28 +0000 (22:04 +0000)]
random(6): Fix double-close
In the case where a file lacks a trailing newline, there is some "evil" code to
reverse goto the tokenizing code ("make_token") for the final token in the
file. In this case, 'fd' is closed more than once. Use a negative sentinel
value to guard close(2), preventing the double close.
Ideally, this code would be restructured to avoid this ugly construction.
Add OF_prop_free function as a counterpart for OF_*prop_alloc
- Introduce new OF API function OF_prop_free to free memory allocated by
OF_getprop_alloc and OF_getencprop_alloc. Current code just calls free(9)
with M_OFWPROP memory class which assumes knowledge about OF_*prop_alloc
functions' internals and leads to unneccessary code coupling
- Convert some of the free(..., M_OFWPROP) instances to OF_prop_free
Files affected by this commit are the ones I was able to test on real
hardware. The rest of free(..., M_OFWPROP) instances will be handled with
idividual maintainers
Reviewed by: andrew
Differential Revision: https://reviews.freebsd.org/D6315
gpiokey driver implements functional subset of gpiokeys device-tree bindings:
https://www.kernel.org/doc/Documentation/devicetree/bindings/input/gpio-keys.txt
It acts as a virtual keyboard, so keys are visible through kbdmux(4)
Driver maps linux scancodes for most common keys to FreeBSD scancodes and
also extends spec by introducing freebsd,code property to specify
FreeBSD-native scancodes.
Ed Maste [Wed, 11 May 2016 17:55:09 +0000 (17:55 +0000)]
Deorbit ALLOW_SHARED_TEXTREL
We want to avoid .text relocations in shared objects. libcrypto was the
only consumer and it is now fixed (as of r299389). Remove the now-unused
support for turning off the linker warning.
Conrad Meyer [Wed, 11 May 2016 17:52:06 +0000 (17:52 +0000)]
whois(1): Pull out async multiple host connection code into a routine
This logic was added to the whois() function in r281959, but could easily be
its own routine. In this case, I think the abstraction makes both functions
easier to reason about.
The idr_for_each() function is now part of the LinuxKPI. Use the
LinuxKPI's idr_for_each() function instead of the local one to avoid
compilation issues.
Andrew Turner [Wed, 11 May 2016 17:07:29 +0000 (17:07 +0000)]
Add a new get_id interface to pci and pcib. This will allow us to both
detect failures, and get different PCI IDs.
For the former the interface returns an int to signal an error. The ID is
returned at a uintptr_t * argument.
For the latter there is a type argument that allows selecting the ID type.
This only specifies a single type, however a MSI type will be added
to handle the need to find the ID the hardware passes to the ARM GICv3
interrupt controller.
A follow up commit will be made to remove pci_get_rid.
Reviewed by: jhb, rstone
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D6239
Andrew Turner [Wed, 11 May 2016 16:53:41 +0000 (16:53 +0000)]
On arm64 always create a bus_dmamap_t object. This will be use to hold the
list of memory that the kernel will need to sync when operating with a
non-cache coherent DMA engine.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
Conrad Meyer [Wed, 11 May 2016 16:20:23 +0000 (16:20 +0000)]
fsck_ffs: Don't overrun mount device buffer
Maybe this case is impossible. Either way, when attempting to "/dev/"-prefix a
non-global device name, check that we do not overrun the f_mntfromname buffer.
In this case, truncating (with strlcpy or similar) would not be useful, since
the f_mntfromname result of getmntpt() is passed directly to open(2) later.
Conrad Meyer [Wed, 11 May 2016 15:31:31 +0000 (15:31 +0000)]
Fix buffer overrun in gcore(1) NT_PRPSINFO
Use size of destination buffer, rather than a constant that may or may not
correspond to the source buffer, to restrict the length of copied strings. In
particular, pr_fname has 16+1 characters but MAXCOMLEN is 18+1.
Use strlcpy instead of strncpy to ensure the result is nul-terminated. This
seems to be what is expected of these fields.
Andrew Turner [Wed, 11 May 2016 14:59:54 +0000 (14:59 +0000)]
Add data barriers to the arm64 bus_dmamap_sync function. We need these
to ensure ordering between the CPU and device. As the CPU and DMA target
may be in different shareability domains they need to be full system
barriers.
Obtained from: ABT Systems Ltd
Sponsored by: The FreeBSD Foundation
Zbigniew Bodek [Wed, 11 May 2016 13:42:20 +0000 (13:42 +0000)]
Add support for MTU chaning and Jumbo frames to VNIC
Enable previously added code for MTU handling (based on
Cavium 1.0 driver released on BSD license).
This commit enables possibility to change MTU on VNIC driver.
Zbigniew Bodek [Wed, 11 May 2016 13:38:29 +0000 (13:38 +0000)]
Fix deadlock in VNIC when using single CPU only
Number of free Tx descriptors does not need to be locked since
it can be modified atomically between SND and CQ tasks.
It will also block Tx routine from sending packets while CQ will not
be able to free descriptors.
Zbigniew Bodek [Wed, 11 May 2016 13:22:13 +0000 (13:22 +0000)]
Add HW RSS support to VNIC driver
Based on v1.0 driver provided by Cavium under BSD license.
Support in-hardware RSS to distribute IP, UDP and TCP traffic
among available RX Queues and hence multiple CPUs.
Alexander Motin [Wed, 11 May 2016 12:54:00 +0000 (12:54 +0000)]
MFV r299440: 6736 ZFS per-vdev ZAPs
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: John Kennedy <john.kennedy@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Don Brady <don.brady@intel.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
Author: Joe Stein <joe.stein@delphix.com>
Alexander Motin [Wed, 11 May 2016 12:50:58 +0000 (12:50 +0000)]
6736 ZFS per-vdev ZAPs
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Reviewed by: John Kennedy <john.kennedy@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Don Brady <don.brady@intel.com>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
Author: Joe Stein <joe.stein@delphix.com>
Alexander Motin [Wed, 11 May 2016 12:38:07 +0000 (12:38 +0000)]
MFV r299434: 6841 Undirty freed spill blocks
Reviewed by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: Tim Chase <tim@chase2k.com>
Alexander Motin [Wed, 11 May 2016 12:36:19 +0000 (12:36 +0000)]
6841 Undirty freed spill blocks
Reviewed by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed by: Dan McDonald <danmcd@omniti.com>
Reviewed by: Matthew Ahrens <mahrens@delphix.com>
Approved by: Robert Mustacchi <rm@joyent.com>
Author: Tim Chase <tim@chase2k.com>
This is quite harmless on HEAD, but it's worse on stable/10 where
lapic_ipi_vectored is the local APIC native IPI implementation. On
stable/10 cpu_ops.ipi_vectored should be used instead.
MFC after: 5 days
Sponsored by: Citrix Systems R&D
When rerooting, take the init(8) path from argv[0] instead of fetching
it via kern.proc.pathname sysctl(2). In some cases - booting from NFS
or rerooting after replacing the init binary with a new one - the sysctl
would fail. In other cases - after upgrading, which moves the old init
to /sbin/init.bak - it would return /sbin/init.bak, which is the actual
path of the running init, instead of /sbin/init.
Reported by: Melissa Jenkins <melissa-freebsd at littlebluecar.co.uk>, jilles@
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
When rerooting, ignore ESRCH returned from kill(2). I couldn't reproduce
this by myself, but apparently it sometimes happens when rerooting from
single user mode.
Reported by: jilles@
MFC after: 1 month
Sponsored by: The FreeBSD Foundation