The sim_vid, hba_vid, and dev_name fields of struct ccb_pathinq are
fixed-length strings. AFAICT the only place they're read is in
sbin/camcontrol/camcontrol.c, which assumes they'll be null-terminated.
However, the kernel doesn't null-terminate them. A bunch of copy-pasted code
uses strncpy to write them, and doesn't guarantee null-termination. For at
least 4 drivers (mpr, mps, ciss, and hyperv), the hba_vid field actually
overflows. You can see the result by doing "camcontrol negotiate da0 -v".
This change null-terminates those fields everywhere they're set in the
kernel. It also shortens a few strings to ensure they'll fit within the
16-character field.
ngie [Wed, 4 Jan 2017 17:50:52 +0000 (17:50 +0000)]
bridge_do_pfctl: allocate mib_name dynamically using asprintf
This is being done to reduce wasted space, simplify complexity in
the code, and to quell a Coverity warning about buffer overruns.
warning about buffer overruns.
kib [Wed, 4 Jan 2017 16:10:52 +0000 (16:10 +0000)]
__vdso_gettc(): be extra careful with /dev/hpet mappings, never unmap
the mapping which might be accessed by other threads.
If a pointer to the /dev/hpet register page mapping was stored into
the hpet_dev_map, other threads might access the page at any time.
Never unmap it, instead, keep track of mappings for all hpet units in
smal array. Store pointer to the newly mapped registers page using
CAS, to detect parallel mappings.
It appeared relatively easy to demonstrate the problem by arranging
two threads which perform gettimeofday(2) concurently, first time in
the process address space, when HPET is used for timecounter.
PR: 215715
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
kib [Wed, 4 Jan 2017 16:09:45 +0000 (16:09 +0000)]
The callers of kern_getfsstat(UIO_SYSSPACE) expect that *buf always
returns memory which must be freed, regardless of the error. Assign
NULL to *buf in case we are not going to allocate any memory due to
invalid mode.
Reported and tested by: pho
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
MFC after: 3 weeks (together with r310638)
Differential revision: https://reviews.freebsd.org/D9042
trasz [Wed, 4 Jan 2017 14:43:57 +0000 (14:43 +0000)]
Fix bug that would result in a kernel crash in some cases involving
a symlink and an autofs mount request. The crash was caused by namei()
calling bcopy() with a negative length, caused by numeric underflow:
in lookup(), in the relookup path, the ni_pathlen was decremented too
many times. The bug was introduced in r296715.
Big thanks to Alex Deiter for his help with debugging this.
Reviewed by: kib@
Tested by: Alex Deiter <alex.deiter at gmail.com>
MFC after: 1 month
trasz [Wed, 4 Jan 2017 12:50:44 +0000 (12:50 +0000)]
Don't release the cfiscsi session refcount too early. It wasn't
observed to fix any actual error, but it's the right thing to do
from the correctness point of view.
Tested by: Eugene M. Zheganin <emz at norma.perm.ru>
MFC after: 1 month
delphij [Wed, 4 Jan 2017 09:30:47 +0000 (09:30 +0000)]
Restructure libz, place vendor files in contrib/zlib like other third
party software, this provides more standarized import workflow and
makes future upgrades easier.
The following files are new with this commit:
zconf.h.in
zlib.map
zlib.pc.in
They are not connected to build, but were kept in tree for reference
for future maintenance.
All our local trivial changes were applied to contrib/zlib, and the
contrib/zlib vendor source code is intended to 100% match lib/libz
before this commit.
ngie [Wed, 4 Jan 2017 08:25:31 +0000 (08:25 +0000)]
Clarify lifetime of child(..) function
Ensure child exits when complete as it's always run in a forked
process.
Add a missing break statement in :pselect_sigmask when calling
child(..) for clarity and to avoid weird domino effects if the
child process somehow does something it's not supposed to do
with the logfiles, file descriptors, etc
ngie [Wed, 4 Jan 2017 07:53:01 +0000 (07:53 +0000)]
Use calloc instead of malloc with buffers in snmp_{recv,send}_packet
This doesn't fix the issue noted in the PR, but at the very least it
cleans up the error so it looks a bit more sane, and in the event
that bsnmp did wander off into the weeds, the likelihood of it
crashing with more sensible output is greater, in my opinion
MFC counter set high so I have enough time to resolve the real
underlying bug in bsnmpwalk
gnn [Wed, 4 Jan 2017 02:19:13 +0000 (02:19 +0000)]
Fix DTrace TCP tracepoints to not use mtod() as it is both unnecessary and
dangerous. Those wanting data from an mbuf should use DTrace itself to get
the data.
asomers [Wed, 4 Jan 2017 00:39:06 +0000 (00:39 +0000)]
Quell Coverity for diskinfo(8)
* CID 1198994: Don't run the speed disk on a disk with no sectors
* CID 1011442: Don't call close(2) if open(2) fails
* CID 1011161: Use snprintf instead of sprintf
* CID 1009825: Check the return value of lseek
ngie [Tue, 3 Jan 2017 22:31:05 +0000 (22:31 +0000)]
Make /usr/lib/libbsnmptools.so.0 into an INTERRNALLIB
Although it increases the size of the bsnmp{get,set,walk} binaries by
four on my [amd64] system, it removes the need for producing .debug
files, profiled libraries, and for installing the library itself,
reducing the overall size use on disk by the utilities noted
previously.
Plus, it guards against ABI/API compatibility issues with the library
as it's only used internal to the tools themselves.
cxgbe(4): Update T4, T5 and T6 firmwares to 1.16.26.0. Changelog for
all public firmwares for all chips since the last release (1.15.37.0)
follows (it's a straight copy-paste from the Release Notes for the
12/30/2016 Unified Wire release on Chelsio's website).
T6 Firmware
++++++++++++
Version : 1.16.26.0
Date : 12/28/2016
Fixes
-----
BASE:
- Max number of egress and control queues adjusted to accomodate
co-processor mode queues.
- Fixed intermittent DDR3/4 ECC errors.
- Fixed a traffic stall when ETS BW is configured as 0%.
- Max number of ethctrl queue in VF set to 1.
ETH:
- Added a new config file option 'speed' under port section to set the
port speed. Use only when auto negotiation is off.
- FEC option removed from firmware config file. cxgbtool can be used to
change the fec setting.
- CPL_TX_TNL_LSO cpl handling added in ETH_TX_PKT_VM handler. This fixes
large tunnel tcp packet support for VxLAN.
Version : 1.16.22.0
Date : 12/05/2016
Fixes
-----
BASE:
- fw_port_type updated in fw API to match kernel.org definitions.
- Saved power by disaling unused MAC lanes.
- Configures correct power bin.
- Enhanced DDR4 performance.
- Enabled interrupts.
- Fixed an issue where filter rule for 'unicast hash' is not working.
ETH:
- Disabled auto negotiation by default because most of 100G switches do
not support AN as of today.
- Fixed flow control not getting disabled problem.
- Fixed an issue where port0 doesn't come up sometimes.
- Fixed 10G link not coming up issue.
- Fixed an issue with promiscuous mode when dcbx disabled.
OFLD:
- Fixed a connection stuck issue when abort is received during out of tx
pages backpressure.
ENHANCEMENTS
------------
BASE:
- Added inline TLS mode support.
Version : 1.16.12.0
Date : 11/11/2016
ENHANCEMENTS
------------
BASE:
- Added T6 support.
- Added T6 1G/10G/25G/40G/100G link speeds.
- Added T6 co-processor mode crypto support.
- Added facility to increase link AN+AEC timeout.
OFLD:
- Added support for all T5 offload protocols except FCoE.
BASE:
- Max number of ethctrl queue in VF set to 1.
Version : 1.16.22.0
Date : 12/05/2016
FIXES
-----
BASE:
- Fixed an issue where filter rule for 'unicast hash' is not working.
ETH:
- Fixed an issue with promiscuous mode when dcbx disabled.
ENHANCEMENTS
------------
ETH:
- Added 40G-KR support.
Version : 1.16.12.0
Date : 11/11/2016
FIXES
-----
BASE:
- Fixed multiple issues related with VFs FLR processing.
- Fixed channel assignment based on number of ports in adapter.
- Fixed a crash when VM having PF assigned as passthrough mode is
rebooted.
- Handled 2nd HELLO command from the same PF without seeing BYE from the
same PF and if that is the only PF.
- A warning is printed in firmware log if PCI-E cookie generation is
enabled in serial initialization file.
- Fixed multiple issues related with Filtering.
- Enabled DSGL memory write for iscsi and rdma.
- Added new FW_PARAMS_CMD[DEV] options to retrieve Serial Configuration
and VPD version numbers.
- Fixed an issue where LVDS output was not getting enabled using vpd.
DCBX:
- Fixed DCBX CEE Incorrect class to pririty mapping.
- Fixed incorrect interpretation of DCBX IEEE PFC.
ETH:
- Adjusted the link related delay timings according to the QSFP spec.
- Improved 40G link bringup time with few switches.
OFLD:
- Do not reserve qp/cq if rdma capability is not enabled.
- Fixed an issue where approx 1600+ TOE connections were causing a
firmware fatal error.
FOiSCSI:
- Fixed an issue where unloading foiscsi driver causes mailbox timeout.
ENHANCEMENTS
------------
BASE:
- Added 10G KR/KX support.
- Added T540-BT adapter support.
- Added 4 new rss key modes for PFs and VFs.
OFLD:
- Added new WR FW_RI_FR_NSMR_TPTE_WR to improve fast MR write
performance in RDMA.
Version : 1.16.5.0
Date : 10/26/2016
FIXES
-----
BASE:
- Fixed multiple issues where FLR from multiple VFs can cause firmware
crash.
- Fixed channel assignment based on number of ports in adapter.
- Fixed the HELLO command master force api to handle the 2nd HELLO
correctly without getting BYE from the PF driver.
- Added facility to retrieve Serial configuration and VPD version. Two
new FW_PARAMS_CMD[DEV] options added to retrieve these values.
- Fixed multiple issues where FLR from multiple VFs are not completing.
- Added new RSS hash secret key modes.
- Fixed an issue where LVDS output was not getting enabled using vpd.
DCBX:
- Fixed an issue where iscsi tlv is sent incorrectly to host (DCBX CEE).
- Fixed an issue where app priority values are not handled correctly
in fw (DCBX IEEE).
ETH:
- Adjusts the link related delay timings according to the QSFP spec.
- Changed 2.5G mac speed bit to 25G mac speed bit in fw API.
- Improvement in 40G link bringup time with few switches.
OFLD:
- Do not reserve qp/cq if rdma capability is not enabled.
- Fixed an issue where approx 1600+ TOE connections were causing a
firmware fatal error.
- Fixed DSGL memory write in T5. Now iwarp and iscsi can use DSGL to do
memory write.
- Fixed multiple issues in hash filter mode where incorrect protocol
mask was getting used and affecting hash filter functionality.
- New fastpath WR FW_RI_FR_NSMR_TPTE_WR (with fully populated TPTE) is
added for small REG_MR operations.
FOiSCSI:
- Fixed an issue in foiscsi recovery path.
- Fixed an issue where foiscsi (in VM in PCIE passthrough mode) didn't
come up after VM FLR.
BASE:
- Fixed an issue where reading temperature sesors using ldst command
causes mailbox timeout.
- Added new FW_PARAMS_CMD[DEV] options to retrieve Serial Configuration
and VPD version numbers.
ETH:
- Fixed DCBX CEE Incorrect class to pririty mapping.
FOiSCSI:
- Fixed an issue where unloading foiscsi driver causes mailbox timeout.
MFC after: 3 days
Sponsored by: Chelsio Communications
mjg [Tue, 3 Jan 2017 21:36:15 +0000 (21:36 +0000)]
mtx: reduce lock accesses
Instead of spuriously re-reading the lock value, read it once.
This change also has a side effect of fixing a performance bug:
on failed _mtx_obtain_lock, it was possible that re-read would find
the lock is unowned, but in this case the primitive would make a trip
through turnstile code.
This is diff reduction to a variant which uses atomic_fcmpset.
mjg [Tue, 3 Jan 2017 21:02:30 +0000 (21:02 +0000)]
Revert r309619 "ifndef atomic_cas_* in cddl code"
It was a temporary change to ease an import of native atomic_cas primitives.
Instead, atomic_fcmpset was devised with different semantics. See r311168.
asomers [Tue, 3 Jan 2017 17:35:16 +0000 (17:35 +0000)]
misc minor fixes in mpr(4)
sys/dev/mpr/mpr_sas.c
* Fix a potential null pointer dereference (CID 1305731)
* Check for overrun of the ccb_scsiio.cdb_io.cdb_bytes buffer (CID 1211934)
sys/dev/mpr/mpr_sas_lsi.c
* Nullify a dangling pointer in mprsas_get_sata_identify
* Fix a memory leak in mprsas_SSU_to_SATA_devices (CID 1211935)
sbruno [Tue, 3 Jan 2017 14:52:39 +0000 (14:52 +0000)]
Restore r302384 that was dropped when r303816 updated the driver to 1.6.6.-k
Original log:
Do not initialize the adapter on MTU change when adapter status is down.
This fixes long-standing problems when changing settings of the adapter.
jhb [Tue, 3 Jan 2017 01:39:05 +0000 (01:39 +0000)]
Update libsysdecode for getfsstat() 'flags' argument changing to 'mode'.
As a followup to r310638, update libsysdecode (and kdump) to decode the
'mode' argument to getfsstat(). sysdecode_getfsstat_flags() has been
renamed to sysdecode_getfsstat_mode() and now treats the argument as an
enumerated value rather than a mask of flags.
markj [Tue, 3 Jan 2017 00:05:44 +0000 (00:05 +0000)]
Add a page queue for holding dirty anonymous unswappable pages.
On systems without a configured swap device, an attempt to launder pages
from a swap object will always fail and result in the page being
reactivated. This means that the page daemon will continuously scan pages
that can never be evicted. With this change, anonymous pages are instead
moved to PQ_UNSWAPPABLE after a failed laundering attempt when no swap
devices are configured. PQ_UNSWAPPABLE is not scanned unless a swap device
is configured, so unreferenced unswappable pages are excluded from the page
daemon's workload.
ngie [Mon, 2 Jan 2017 20:29:50 +0000 (20:29 +0000)]
Only bake krb5_config.h support in to ssh(3), etc if both MK_GSSAPI and
MK_KERBEROS_SUPPORT != no
This fixes the odd case where someone specified MK_GSSAPI=no and
MK_KERBEROS_SUPPORT=yes (which admittedly, probably doesn't make sense,
but the build system doesn't prevent this case today, and it didn't when
I filed the bug back in 2011 either).
pstef [Mon, 2 Jan 2017 20:23:46 +0000 (20:23 +0000)]
indent(1): add option -P for loading user-provided files as profiles
Without this change, indent(1) would only look to load options from ~/.indent.pro if it's there and -npro wasn't used on the command line. This option lets the user set their own path to the file.
ngie [Mon, 2 Jan 2017 19:55:18 +0000 (19:55 +0000)]
Move the "MK_* options..." section before the "... MK_*_SUPPORT..." section
For the case that someone set WITHOUT_GSSAPI=, now WITHOUT_KERBEROS_SUPPORT
will be properly set.
This will likely fix the issue for the default case noted in the PR I filed
back in 2011. I am trying to fix the less obvious case documented in the PR
still.