ngie [Sat, 4 Feb 2017 15:52:08 +0000 (15:52 +0000)]
MFC r312105,r312162:
r312105:
Conditionalize libwrap support into inetd based on MK_TCP_WRAPPERS
This will allow inetd to stand by itself without libwrap.
Relnotes: yes
r312162:
Fix up r312105
- Only #include tcpd.h when LIBWRAP is true to avoid header include errors
- Only define whichaf when LIBWRAP is true to avoid -Wunused warning and
to avoid issues with structs being defined that should only be defined
when tcpd.h is included.
ngie [Sat, 4 Feb 2017 15:45:51 +0000 (15:45 +0000)]
MFC r311263:
Use calloc instead of malloc with buffers in snmp_{recv,send}_packet
This doesn't fix the issue noted in the PR, but at the very least it
cleans up the error so it looks a bit more sane, and in the event
that bsnmp did wander off into the weeds, the likelihood of it
crashing with more sensible output is greater, in my opinion
MFC counter set high so I have enough time to resolve the real
underlying bug in bsnmpwalk
pfg [Fri, 3 Feb 2017 16:36:14 +0000 (16:36 +0000)]
MFC r312001:
Remove __nonnull() attributes from x86 machine check architecture.
In this case the attributes serve little purpose as they just don't
enforce run time checks, If anything the attributes would cause NULL pointer
checks to be ignored but there are no such checks so the only effect is
cosmetic.
asomers [Thu, 2 Feb 2017 23:04:01 +0000 (23:04 +0000)]
MFC r310180, r310327
r310180:
Fix panic during lagg destruction with simultaneous status check
If you run "ifconfig lagg0 destroy" and "ifconfig lagg0" at the same time a
page fault may result. The first process will destroy ifp->if_lagg in
lagg_clone_destroy (called by if_clone_destroy). Then the second process
will observe that ifp->if_lagg is NULL at the top of lagg_port_ioctl and
goto fallback: where it will promptly dereference ifp->if_lagg anyway.
The solution is to repeat the NULL check for ifp->if_lagg
sys/dev/mpr/mpr_sas.c
* Fix a potential null pointer dereference (CID 1305731)
* Check for overrun of the ccb_scsiio.cdb_io.cdb_bytes buffer (CID 1211934)
sys/dev/mpr/mpr_sas_lsi.c
* Nullify a dangling pointer in mprsas_get_sata_identify
* Fix a memory leak in mprsas_SSU_to_SATA_devices (CID 1211935)
* CID 1198994: Don't run the speed disk on a disk with no sectors
* CID 1011442: Don't call close(2) if open(2) fails
* CID 1011161: Use snprintf instead of sprintf
* CID 1009825: Check the return value of lseek
bridge: Release the bridge lock when calling bridge_set_ifcap()
This calls ioctl() handlers for the different interfaces in the bridge.
These handlers expect to get called in an ioctl context where it's safe
for them to sleep. We may not sleep with the bridge lock held.
However, we still need to protect the interface list, to ensure it
doesn't get changed while we iterate over it.
Use BRIDGE_XLOCK(), which prevents bridge members from being removed.
Adding bridge members is safe, because it uses LIST_INSERT_HEAD().
This caused panics when adding xen interfaces to a bridge.
rpokala [Wed, 1 Feb 2017 04:54:23 +0000 (04:54 +0000)]
MFC r312678: Eliminate misleading comments and dead code in
lacp_port_create()
Variables "fast" and "active" are both constant in lacp_port_create(), but
comments mispleadingly suggest that "fast" can be changed via ioctl. The
constant values control the value of "lp->lp_state", so it too is constant,
and the code for assigning different value to it is essentially dead.
Remove both "fast" and "active", and set "lp->lp_state" unconditionally;
that gets rid of the dead code and misleading comments.
julian [Fri, 27 Jan 2017 09:07:11 +0000 (09:07 +0000)]
MFH: r310426
If you are going to be run individually to make a new timezone set
then ensure the destination directories exist.
Especially if you define OLDTIMEZONES because the mtree pass
doesn't do it for you.
Originally a crash in 32-bit build was reported CHACHA20-POLY1305
cipher. The crash is triggered by truncated packet and is result
of excessive hashing to the edge of accessible memory (or bogus
MAC value is produced if x86 MD5 assembly module is involved). Since
hash operation is read-only it is not considered to be exploitable
beyond a DoS condition.
mav [Thu, 26 Jan 2017 21:00:49 +0000 (21:00 +0000)]
MFC r311804: Rewrite CTL statistics in more simple and scalable way.
Instead of collecting statistics for each combination of ports and logical
units, that consumed ~45KB per LU with present number of ports, collect
separate statistics for every port and every logical unit separately, that
consume only 176 bytes per each single LU/port. This reduces struct
ctl_lun size down to just 6KB.
Also new IOCTL API/ABI does not hardcode number of LUs/ports, and should
allow handling of very large quantities.
Old API is still enabled in stable branches for compatibility reasons.
mav [Thu, 26 Jan 2017 20:50:01 +0000 (20:50 +0000)]
MFC r310778, r310782: Improve use of I/O's private area.
- Since I/Os are allocates from per-port pools, make allocations store
pointer to CTL softc there, and use it where needed instead of global.
- Created bunch of helper macros to access LUN, port and CTL softc.
asomers [Thu, 26 Jan 2017 20:10:31 +0000 (20:10 +0000)]
MFC r310786, r310803, r310985, r311894
r310786:
Reduce the runtime of the GELI tests
There is no reduction in test coverage. On my system runtime is reduced
from 38m32s to 6m24s.
tests/sys/geom/class/eli/conf.sh
tests/sys/geom/class/eli/init_a_test.sh
tests/sys/geom/class/eli/init_test.sh
tests/sys/geom/class/eli/integrity_copy_test.sh
tests/sys/geom/class/eli/integrity_data_test.sh
tests/sys/geom/class/eli/integrity_hmac_test.sh
tests/sys/geom/class/eli/onetime_a_test.sh
tests/sys/geom/class/eli/onetime_test.sh
Move the looping code into common functions in conf.sh, and remove
alias ciphers from the list.
tests/sys/geom/class/eli/init_a_test.sh
tests/sys/geom/class/eli/init_test.sh
tests/sys/geom/class/eli/integrity_copy_test.sh
tests/sys/geom/class/eli/integrity_data_test.sh
tests/sys/geom/class/eli/integrity_hmac_test.sh
tests/sys/geom/class/eli/onetime_a_test.sh
Move a few commands that don't need to be in the inner loop out.
tests/sys/geom/class/eli/init_test.sh
tests/sys/geom/class/eli/onetime_a_test.sh
Reduce the sector count
tests/sys/geom/class/eli/Makefile
tests/sys/geom/class/eli/init_alias_test.sh
Add a test for initializing a GELI device using one of the cipher
aliases, and check that the alias is correctly interpreted.
avg [Thu, 26 Jan 2017 16:38:53 +0000 (16:38 +0000)]
MFC r312532: don't abort writing of a core dump after EFAULT
Note that this change substantially differs from the change in head
because of an unmerged earlier change that probably can not be merged
for POLA reasons.
dim [Wed, 25 Jan 2017 20:12:07 +0000 (20:12 +0000)]
MFC r311933:
Use proper prototypes in struct boot_module_t
With clang 4.0.0, we are getting the following warnings about struct
boot_module_t in efi's boot_module.h:
In file included from sys/boot/efi/boot1/ufs_module.c:41:
sys/boot/efi/boot1/boot_module.h:67:14: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
void (*init)();
^
void
sys/boot/efi/boot1/boot_module.h:92:16: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
void (*status)();
^
void
sys/boot/efi/boot1/boot_module.h:95:24: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
dev_info_t *(*devices)();
^
void
3 errors generated.
Fix this by adding 'void' to the parameter lists. No functional change.
dim [Wed, 25 Jan 2017 19:55:35 +0000 (19:55 +0000)]
MFC r311932:
Make EFI_RESERVED_SERVICE a proper prototype
With clang 4.0.0, the EFI API header causes the following warning:
In file included from sys/boot/efi/loader/bootinfo.c:43:
In file included from sys/boot/efi/loader/../include/efi.h:52:
sys/boot/efi/include/efiapi.h:534:32: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
(EFIAPI *EFI_RESERVED_SERVICE) (
^
dim [Wed, 25 Jan 2017 19:16:24 +0000 (19:16 +0000)]
MFC r311929:
Don't include <errno.h> in reloc_elf.c, as it includes <stand.h> just
after it, which has a conflicting definition of errno. This leads to
the following warning with clang 4.0.0:
In file included from sys/boot/common/reloc_elf32.c:6:
In file included from sys/boot/common/reloc_elf.c:37:
/usr/obj/usr/src/tmp/usr/include/stand.h:155:12: error: this function declaration is not a prototype [-Werror,-Wstrict-prototypes]
extern int errno;
^
sys/sys/errno.h:46:26: note: expanded from macro 'errno'
#define errno (* __error())
^
There were several places where reference to compression were left
unfinished. Furthermore, KASSERTs contained references to MPPC_INVALID
which is not defined in the tree and therefore were sure to break with
INVARIANTS: comment them out.
jilles [Sun, 22 Jan 2017 21:34:26 +0000 (21:34 +0000)]
MFC r312230: skel: Do not set -o emacs in .shrc.
sh has defaulted to 'set -o emacs' since FreeBSD 9.0. Therefore, do not set
this again in .shrc, since that only serves to prevent invocations like
'sh -o vi' and 'sh +o emacs' to have the intended effect.
mav [Sat, 21 Jan 2017 08:39:39 +0000 (08:39 +0000)]
MFC r310646: Do not update "saved" mode page on every MODE SELECT.
We do not have non-volatile memory to really save those values, so we
neither report nor support this capability. Also saved mode pages are
not replicated between HA peers now.
mav [Sat, 21 Jan 2017 08:34:27 +0000 (08:34 +0000)]
MFC r310635: Decouple limits on number of LUNs per port and LUs per CTL.
Those two values are not directly related, so make them independent.
This does not change any limits immediately, but makes number of LUNs
per port controllable via tunable/sysctl kern.cam.ctl.lun_map_size.
After this change increasing CTL_MAX_LUNS should be pretty cheap,
and even making it tunable should be easy.
ngie [Fri, 20 Jan 2017 06:24:31 +0000 (06:24 +0000)]
MFC r312331:
r312331 (by glebius):
Fix regression from r310655, which broke operation of bsnmpd if it is bound
to a non-wildcard address. As documented in ip(4), doing sendmsg(2) with
IP_SENDSRCADDR on a socket that is bound to non-wildcard address is
completely different to using this control message on a wildcard one.
A fix is to add a bool to mark whether we did setsockopt(IP_RECVDSTADDR)
on the socket, and use IP_SENDSRCADDR control message only if we did.
While here, garbage collect absolutely useless udp_recv() function that
establishes some structures on stack to never use them later.
rpokala [Thu, 19 Jan 2017 23:44:05 +0000 (23:44 +0000)]
MFC r311963: Remove writability requirement for single-mbuf, contiguous-
range m_pulldown()
m_pulldown() only needs to determine if a mbuf is writable if it is going to
copy data into the data region of an existing mbuf. It does this to create a
contiguous data region in a single mbuf from multiple mbufs in the chain. If
the requested memory region is already contiguous and nothing needs to
change, the mbuf does not need to be writeable.
jpaetzel [Thu, 19 Jan 2017 23:42:26 +0000 (23:42 +0000)]
MFC 310847 310864
Harden CARP against network loops.
If there is a loop in the network a CARP that is in MASTER state will see it's
own broadcasts, which will then cause it to assume BACKUP state. When it
assumes BACKUP it will stop sending advertisements. In that state it will no
longer see advertisements and will assume MASTER...
We can't catch all the cases where we are seeing our own CARP broadcast, but
we can catch the obvious case.
Unbreak ip_carp with WITHOUT_INET6 enabled by conditionalizing all IPv6
structs under the INET6 #ifdef. Similarly (even though it doesn't seem
to affect the build), conditionalize all IPv4 structs under the INET
#ifdef
This also unbreaks the LINT-NOINET6 tinderbox target on amd64; I have not
verified other MACHINE/TARGET pairs (e.g. armv6/arm).
o Use correct response bits for MMC_RSP_R4-R7 types
o Make sdhci(4) work after suspend/resume for chipsets that require
the frequency quirk. This makes it work on eg ThinkPad T420.
o Add a convenience macro that masks all the bits related to clock divisors
in all versions of the sdhci spec (the HI bits are just unused reserved
bits in earlier versions).
o In mmcsd_task(), bio_resid was not being set to 0 on a successful read
or write, resulting in random short-read and short-write returns for
requests. Fixing this fixes nominal block I/O via mmcsd(4).
pfg [Wed, 18 Jan 2017 15:23:40 +0000 (15:23 +0000)]
MFC r311947, r311981:
rpcgen(1): Avoid unused variable warning on generated code.
Avoid "unused variable 'i'" warnings in generated .c files by only
emitting the "int i;" for non-opaque arrays. Opaque arrays use
xdr_opaque() rather than iterating over the array.
Obtained from: OpenBSD (CVS rev 1.28)
rpcgen(1): Check getrlimit() return for generated code.
yongari [Wed, 18 Jan 2017 02:41:13 +0000 (02:41 +0000)]
MFC r302548:
Belatedly remove CSUM_IP_FRAGS and CSUM_FRAGMENT offloading
capabilities. It was removed in r243624 and r254804/r271006
respectively.
This file and mbuf(9) needs updates for other offloading
capabilities(i.e. CSUM_SCTP and CSUM_TSO).
yongari [Wed, 18 Jan 2017 01:53:07 +0000 (01:53 +0000)]
MFC r304574-304575,304584:
r304574:
Correct DMA channel number selection on AR816x family of
controllers. For Gigabit Ethernet version of AR816x, AR813x/AR815x
except L1D controller, use vendor recommended ASPM parameters.
While here, increase alc_dma_burst array size. Broken H/W can
return bogus value in theory.
r304575:
Add Killer E2400 Gigabit Ethernet support.
It seems Killer E2200/E2400 has a BIOS misconfiguration or silicon
bug which triggers DMA write errors when driver uses advertised
maximum payload size. Force the maximum payload size to 128 bytes
in DMA configuration.
This change should fix occasional DMA write errors reported on
Killer E2200.