mm [Thu, 30 Jun 2016 12:44:15 +0000 (12:44 +0000)]
MFC r302075:
Update libarchive to 3.2.1 (bugfix and security fix release)
List of vendor fixes:
- fix exploitable heap overflow vulnerability in Rar decompression
(vendor issue 719, CVE-2016-4302, TALOS-2016-0154)
- fix exploitable stack based buffer overflow vulnebarility in mtree
parse_device functionality (vendor PR 715, CVE-2016-4301, TALOS-2016-0153)
- fix exploitable heap overflow vulnerability in 7-zip read_SubStreamsInfo
(vendor issue 718, CVE-2016-4300, TALOS-2016-152)
- fix integer overflow when computing location of volume descriptor
(vendor issue 717)
- fix buffer overflow when reading a crafred rar archive (vendor issue 521)
- fix possible buffer overflow when reading ISO9660 archives on machines
where sizeof(int) < sizeof(size_t) (vendor issue 711)
- tar and cpio should fail if an input file named on the command line is
missing (vendor issue 708)
- fix incorrect writing of gnutar filenames that are exactly 512 bytes
long (vendor issue 682)
- allow tests to be run from paths that are equal or longer than 128
characters (vendor issue 657)
- add memory allocation errors in archive_entry_xattr.c (vendor PR 603)
- remove dead code in archive_entry_xattr_add_entry() (vendor PR 716)
- fix broken decryption of ZIP files (vendor issue 553)
- manpage style, typo and description fixes
Post-3.2.1 vendor fixes:
- fix typo in cpio version reporting (Vendor PR 725, 726)
- fix argument range of ctype functions in libarchive_fe/passphrase.c
- fix ctype use and avoid empty loop bodies in WARC reader
hselasky [Wed, 29 Jun 2016 10:43:31 +0000 (10:43 +0000)]
MFC r301842:
Implement code to stop all USB endpoints before executing a USB device
reset command, alternate setting command or set configuration
command. Else LibUSB v1.0 will not re-open the endpoints which the
kernel closes and the USB application might wait infinitely for
transfers to complete.
hselasky [Wed, 29 Jun 2016 10:33:11 +0000 (10:33 +0000)]
MFC r301545:
Add SR-IOV guest support to the mlx5en driver.
This patch adds the missing pieces needed for device setup using the
mlx5en driver inside a virtual machine which is providing hardware
access through SR-IOV.
hselasky [Wed, 29 Jun 2016 10:21:45 +0000 (10:21 +0000)]
MFC r302076:
Update the definition for number of scratch pages to match the latest
version of the XHCI specification. Make sure the code can handle the
maximum number of allowed scratch pages.
dchagin [Wed, 29 Jun 2016 06:04:45 +0000 (06:04 +0000)]
MFC r302213:
Fix a bug introduced in r283433.
[1] Remove unneeded sockaddr conversion before kern_recvit() call as the from
argument is used to record result (the source address of the received message) only.
[2] In Linux the type of msg_namelen member of struct msghdr is signed but native
msg_namelen has a unsigned type (socklen_t). So use the proper storage to fetch fromlen
from userspace and than check the user supplied value and return EINVAL if it is less
than 0 as a Linux do.
Reported by: Thomas Mueller <tmueller at sysgo dot com> [1]
Tested by: Thomas Mueller <tmueller at sysgo dot com> [both]
Reviewed by: kib@
bdrewery [Mon, 27 Jun 2016 22:21:29 +0000 (22:21 +0000)]
MFC r300809,r300890,r300891:
r300809:
filemon exec: Use imgp->execpath rather than vn_fullpath(9).
r300890:
exec: Cease tracing if credentials will change with the new image.
r300891:
Write to the log using the tracer's credentials.
bdrewery [Mon, 27 Jun 2016 22:12:11 +0000 (22:12 +0000)]
MFC r300792,r300851,r301580:
r300792:
exec: Add credential change information into imgp for process_exec hook.
r300851:
exec: get rid of one vnode lock/unlock pair in do_execve
r301580:
Old process credentials for setuid execve must not be dereferenced when the
process credentials were not changed. This can happen if an error occured
trying to activate the setuid binary. And on error, if new credentials
were not yet assigned, they must be freed to not create the leak.
pfg [Mon, 27 Jun 2016 20:54:02 +0000 (20:54 +0000)]
sed(1): convert sed to use REG_STARTEND more explicitly.
Summarizing the findings in the OpenBSD list:
This solves a reproduceable issue with very recent Mesa where REG_NOTBOL
combined with a match at the begin of the string causes our regex library
to treat the word as not begin of word.
Bump __FreeBSD_version: JIC we hit the issue in recent Mesa ports.
PR: 209352, 209387 (exp-run)
Taken from: openbsd-tech (Martijn van Duren)
MFC after: 1 month
slm [Mon, 27 Jun 2016 17:01:26 +0000 (17:01 +0000)]
MFC r302031
- No log bit in IOCStatus and endian-safe changes.
Use MPI2_IOCSTATUS_MASK when checking IOCStatus to mask off the log bit, and
make a few more things endian-safe.
- Fix possible use of invalid pointer.
It was possible to use an invalid pointer to get the target ID value. To fix
this, initialize a local Target ID variable to an invalid value and change that
variable to a valid value only if the pointer to the Target ID is not NULL.
- No need to set the MPSSAS_SHUTDOWN flag because it's never used.
- done_ccb pointer can be used if it is NULL.
To prevent this, move check for done_ccb == NULL to before done_ccb is used in
mpssas_stop_unit_done().
- Disks can go missing until a reboot is done in some cases.
This is due to the DevHandle not being released, which causes the Firmware to
not allow that disk to be re-added.
ed [Sat, 25 Jun 2016 10:08:04 +0000 (10:08 +0000)]
MFC r300775:
Let l64a() properly null terminate its result.
Though the buffer used by l64a() is initialized with null bytes,
repetetive calls may end up having trailing garbage of previous
invocations because we don't end up terminating the string.
Instead of importing NetBSD's fix, use this opportunity to simplify this
function dramatically, for example by just storing the Base64 character
set in a string. There is also no need to do the bitmasking, as we can
just use the proper integer type from <stdint.h>.
kib [Sat, 25 Jun 2016 09:32:35 +0000 (09:32 +0000)]
MFC r302013:
After the vnode unlock, mount point might be destroyed immediately,
dropping the reference on mnt_cred. Prevent this by referencing the
temporal credentials before unlock.
pfg [Fri, 24 Jun 2016 02:24:34 +0000 (02:24 +0000)]
MFC r300683:
libc: regexec(3) adjustment.
Change the behavior of when REG_STARTEND is combined with REG_NOTBOL.
From the original posting[1]:
"Enable the assumption that pmatch[0].rm_so is a continuation offset
to a string and allows us to do a proper assessment of the character
in regards to it's word position ('^' or '\<'), without risking going
into unallocated memory."
This change makes us similar to how glibc handles REG_STARTEND |
REG_NOTBOL, and is closely related to a soon-to-land fix to sed.
Special thanks to Martijn van Duren and Ingo Schwarze for working
out some consistent behaviour.
Differential Revision: https://reviews.freebsd.org/D6257
Taken from: openbsd-tech 2016-05-24 [1] (Martijn van Duren)
- Make sure that STIMER0 is disabled before writting to it, since
writing to an enabled STIMER will result in undefined behaviour.
- It is unnecessary to reconfigure STIMER0 upon each et_start().
- Make sure that MSR_HV_REF_TIME_COUNT will not return 0, since
writing 0 to STIMER_COUNT will disable the target STIMER.
sephe [Thu, 23 Jun 2016 08:38:01 +0000 (08:38 +0000)]
MFC 300981
tcp: Don't prematurely drop receiving-only connections
If the connection was persistent and receiving-only, several (12)
sporadic device insufficient buffers would cause the connection be
dropped prematurely:
Upon ENOBUFS in tcp_output() for an ACK, retransmission timer is
started. No one will stop this retransmission timer for receiving-
only connection, so the retransmission timer promises to expire and
t_rxtshift is promised to be increased. And t_rxtshift will not be
reset to 0, since no RTT measurement will be done for receiving-only
connection. If this receiving-only connection lived long enough
(e.g. >350sec, given the RTO starts from 200ms), and it suffered 12
sporadic device insufficient buffers, i.e. t_rxtshift >= 12, this
receiving-only connection would be dropped prematurely by the
retransmission timer.
We now assert that for data segments, SYNs or FINs either rexmit or
persist timer was wired upon ENOBUFS. And don't set rexmit timer
for other cases, i.e. ENOBUFS upon ACKs.
Discussed with: lstewart, hiren, jtl, Mike Karels
MFC after: 3 weeks
Sponsored by: Microsoft OSTC
Differential Revision: https://reviews.freebsd.org/D5872
For channel0, it will never be processed on event handling path,
so there is no need to install it. After skipping in the channel0
installation, we could discard the channel0 check on event
handling hot code path.
r300892:
Rename function to be less generic.
r300893:
Don't truncate existing error when writing the log.
r301130:
Enable filemon on all architectures.
r301404:
Support all architectures by just using sysent.
r301414:
Fix build after r301404.
r301460:
Cleanup COMPAT_FREEBSD32 support.
r297156:
Track filemon usage via a proc.p_filemon pointer rather than its own lists.
r297157:
Stop tracking stat(2).
r297158:
Consolidate open(2) and openat(2) code.
r297159:
Use curthread for vn_fullpath.
r297161:
Attempt to use the namecache for openat(2) path resolution.
r297172:
Consolidate common link(2) logic.
r297200:
Follow-up r297156: Close the log in filemon_dtr rather than in the last
reference.
r297201:
Return any log write failure encountered when closing the filemon fd.
r297202:
Remove unused done argument to copyinstr(9).
r297203:
Handle copyin failures.
r297256:
Remove unneeded return left from refactoring.
Support for compression has been available from July 2007 but it
was never imported due to concerns with patents once held by
STAC/HiFn. The issues have clearly been resolved so bring it
in now.
Special thanks to Brett Glass for preserving the code and
pointing documentation for the expiration case.
sephe [Tue, 21 Jun 2016 05:33:26 +0000 (05:33 +0000)]
MFC 298449,298568
298449
hyperv/et: Make Hyper-V event timer a device.
Submitted by: Jun Su <junsu microsoft com>
Reviewed by: sephe, Dexuan Cui <decui microsoft com>
MFC after: 1 week
Sponsored by: Microsoft OSTC
Differential Revision: https://reviews.freebsd.org/D5957
298568
hyperv/et: Strip extra white space in function name
sephe [Tue, 21 Jun 2016 04:51:55 +0000 (04:51 +0000)]
MFC 297931,298022
297931
Expose doreti as a global symbol on amd64 and i386.
doreti provides the common code path for returning from interrupt
andlers on x86. Exposing doreti as a global symbol allows kernel
modules to include low-level interrupt handlers instead of requiring
all low-level handlers to be statically compiled into the kernel.
Submitted by: Howard Su <howard0su@gmail.com>
Reviewed by: kib
298022
hyperv: Deprecate HYPERV option by moving Hyper-V IDT vector into vmbus
Submitted by: Jun Su <junsu microsoft com>
Reviewed by: jhb, kib, sephe
Sponsored by: Microsoft OSTC
Differential Revision: https://reviews.freebsd.org/D5910
truckman [Mon, 20 Jun 2016 19:00:47 +0000 (19:00 +0000)]
MFC r300240
Change net.inet.tcp.ecn.enable sysctl mib from a binary off/on
control to a three way setting.
0 - Totally disable ECN. (no change)
1 - Enable ECN if incoming connections request it. Outgoing
connections will request ECN. (no change from present != 0 setting)
2 - Enable ECN if incoming connections request it. Outgoing
conections will not request ECN.
Change the default value of net.inet.tcp.ecn.enable from 0 to 2.
Linux version 2.4.20 and newer, Solaris, and Mac OS X 10.5 and newer have
similar capabilities. The actual values above match Linux, and the default
matches the current Linux default.
cy [Sun, 19 Jun 2016 00:39:23 +0000 (00:39 +0000)]
MFC r300259:
Enable the two ip_frag tuneables. The code is there but the two
ip_frag tuneables aren't registered in the ipf_tuners linked list.
This commmit enables the two existing ip_frag tuneables by registering
them.
ed [Sat, 18 Jun 2016 12:44:14 +0000 (12:44 +0000)]
MFC r301406:
Don't test for INKERNEL to check whether we're in kernel space.
It turns out that <machine/param.h> actually defines a macro under this
name, even when we're not in kernelspace. This causes us to suppress
some macro definitions that are used by userspace apps.
emaste [Sat, 18 Jun 2016 01:23:38 +0000 (01:23 +0000)]
MFC r300231: elf_common.h: add section header flag and dynamic types
SHF_COMPRESSED section contains compressed data
DT_TLSDESC_PLT Location of PLT entry for TLS descriptor resolver calls
DT_TLSDESC_GOT Location of GOT entry used by resolver PLT entry
mm [Fri, 17 Jun 2016 22:40:10 +0000 (22:40 +0000)]
MFC r299529,r299540,r299576,r299896:
r299529,r299540:
Update libarchive to 3.2.0
New features:
- new bsdcat command-line utility
- LZ4 compression (in src only via external utility from ports)
- Warc format support
- 'Raw' format writer
- Zip: Support archives >4GB, entries >4GB
- Zip: Support encrypting and decrypting entries
- Zip: Support experimental streaming extension
- Identify encrypted entries in several formats
- New --clear-nochange-flags option to bsdtar tries to remove noschg and
similar flags before deleting files
- New --ignore-zeros option to bsdtar to handle concatenated tar archives
- Use multi-threaded LZMA decompression if liblzma supports it
- Expose version info for libraries used by libarchive
arybchik [Fri, 17 Jun 2016 09:04:06 +0000 (09:04 +0000)]
MFC r301427
sfxge(4): allow firmware to auto-configure event queues on Medford
On Medford, licenses are required to enable RX and event cut through and to
disable RX batching. To avoid the need for the driver to make decisions based on
the licensing state, the MC_CMD_INIT_EVQ has been extended to allow us to leave
the decision to the firmware. If the adapter is licensed for low-latency use,
the firmware will choose the optimal settings for latency, otherwise it will use
the best settings for throughput.
For Huntington we still need to choose the settings ourselves.
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D6717
arybchik [Fri, 17 Jun 2016 09:02:51 +0000 (09:02 +0000)]
MFC r301309
sfxge(4): always be ready to receive batched events
When the low-latency firmware variant is running, it is reported as not
being capable of batching RX events, but it can still do so if the
FORCE_EV_MERGING flag is set on an RXQ. Therefore we need to handle
batched RX events even if the capability isn't set.
If this bug is fixed in the firmware such that the capability is set
even when running the low-latency firmware variant, it will almost
always be reported so I don't think we lose much by removing the check.
Submitted by: Mark Spender <mspender at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D6705
arybchik [Fri, 17 Jun 2016 09:01:11 +0000 (09:01 +0000)]
MFC r301308
sfxge(4): add helper to compute timer quantum
This also adjusts the timer values used to match the Linux net
driver implementation:
a) non-zero time intervals should result in at least one quantum
b) timer load/reload values are only zero biased for Falcon/Siena
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/D6704
arybchik [Fri, 17 Jun 2016 08:59:08 +0000 (08:59 +0000)]
MFC r301237
sfxge(4): support EVQ timer workaround via MCDI
Submitted by: Andy Moreton <amoreton at solarflare.com>
Sponsored by: Solarflare Communications, Inc.
Differential Revision: https://reviews.freebsd.org/6675