ngie [Mon, 23 May 2016 06:01:04 +0000 (06:01 +0000)]
MFC r299710,r299711,r299763,r299783,r299811:
r299710:
Staticize global variables only used in bsnmpimport.c to fix
-Wmissing-variable-declarations warnings
r299711:
Fold two malloc + memset(.., 0, ..) calls into equivalent calloc calls
r299763:
Mute -Wstrlcpy-strlcat-size warning by using nitems with the size of the buffer
This is a no-op as the malloc above set the size of the buffer to the size used
below, but this keeps things consistent in case the malloc call changes somehow.
r299783:
Convert tok from enum tok to int32_t in function calls
get_token(..) returns int32_t, not enum tok, and in many cases tests for items
not in enum tok (e.g. '('). Make the typing consistent with get_token, which
includes a domino effect of changing enum tok to int32_t.
ngie [Mon, 23 May 2016 05:41:53 +0000 (05:41 +0000)]
MFC r299712,r299759,r299760,r299761,r299762:
r299712:
Fix some trivial clang/gcc warnings in bsnmptc.c
- By definition, `enum snmp_tc` can't be false (the implied starting sequence
index for the enum is 0). Don't test for it being < 0.
- Staticize `struct snmp_text_conv` to mute a -Wmissing-variable-declarations
warning from clang.
- Remove set but unused variable, ptr, in parse_bridge_id(..) and
parse_bport_id(..) to mute warning from gcc 4.9+.
- Mark value and string unused in snmp_inetaddr2oct(..) and parse_inetaddr(..)
as they're just stub functions.
r299759:
Use calloc instead of memset(.., 0, ..) + malloc
r299760:
Sort variables in parse_ascii(..) per style(9)
r299761:
parse_ascii: make count size_t to mute a -Wsign-compare issue
count is always unsigned.
r299762:
Mark snmptoolctx unused in parse_authentication(..), parse_privacy(..),
parse_context(..), and parse_user_security(..).
truckman [Mon, 23 May 2016 05:38:40 +0000 (05:38 +0000)]
MFC r299988
Set ai2 to NULL in in find_host() before the loop and after calling
freeaddrinfo() on it to indicate that it doesn't point to a valid
addrinfo list. This fixes this Coverity issues: 1006368 Uninitialized pointer read 1018506 Double free 1305590 Resource leak
that can be triggered in the hp->hostname[0] != '\0' case.
Don't treat a character as a boolean.
Fix these Coverity issues: 1009293 Unchecked return value from library 1194246 Wrong size argument
by tweaking the status file extend code.
truckman [Mon, 23 May 2016 05:27:31 +0000 (05:27 +0000)]
MFC r299986
Actually use the loop interation limit so carefully computed on the
previous line to prevent buffer overflow. This turns out to not be
important because the upstream xdr code already capped the object
size at the proper value. Using the correct limit here looks a lot
less scary and should please Coverity.
ngie [Mon, 23 May 2016 05:11:31 +0000 (05:11 +0000)]
MFC r299654:
Read the contents of the snapshot files properly
- Use fgetln instead of fgets; localize complexity related to fgetln(3)
inside the loop.
- Skip over blank lines.
- Skip over lines (properly) that start with a "#"
truckman [Mon, 23 May 2016 05:11:08 +0000 (05:11 +0000)]
MFC r299926
Hoist the getpwnam() call outside the first if/else block in
pam_sm_chauthtok(). Set user = getlogin() inside the true
branch so that it is initialized for the following PAM_LOG()
call. This is how it is done in pam_sm_authenticate().
rmacklem [Sun, 22 May 2016 20:44:11 +0000 (20:44 +0000)]
MFC: r299242
Make "-S" a default option for mountd.
After a discussion on freebsd-fs@ there seemed to be a consensus that
the "-S" option for mountd should become the default.
Since the only known issue w.r.t. using "-S" was fixed by r299201,
this commit adds "-S" to the default mountd_flags.
rmacklem [Sat, 21 May 2016 20:50:25 +0000 (20:50 +0000)]
MFC: r299226
Don't increment srvrpccnt[] for the NFSv4.1 operations.
When support for NFSv4.1 was added to the NFS server, it broke
the server rpc count stats, since newnfsstats.srvrpccnt[] doesn't
have entries for the new NFSv4.1 operations.
Without this patch, the code was incrementing bogus entries in
newnfsstats for the new NFSv4.1 operations.
This patch is an interim fix. The nfsstats structure needs to be
updated and that will come in a future commit.
emaste [Fri, 20 May 2016 19:14:15 +0000 (19:14 +0000)]
MFC r292000: Remove historical GNUC test
The requirement is for a GCC-compatible compiler and not necessarily
GCC itself. However, we currently expect any compiler used for building
the whole of FreeBSD to be GCC-compatible and many things will break if
not; there's no longer a need to have an explicit test for this in csu.
Since rdata is only used as an argument to the immediately following
call to res_nopt_rdata(), revert r299879 and fix CID 603941 by moving
rdata = &buf[n];
inside the if block.
truckman [Fri, 20 May 2016 06:41:26 +0000 (06:41 +0000)]
MFC r299591
Always return either a dynamically allocated string or NULL from
expand(). Never return the name parameter, which could be a the buf[]
buffer which is allocated on the stack by getdeadletter() and which
would then be used after getdeadletter() has returned.
truckman [Fri, 20 May 2016 06:35:14 +0000 (06:35 +0000)]
MFC r299581
Use strlcpy() instead of strncpy() to ensure that qf->fsname is NUL
terminated. Don't bother checking for truncation since the subsequent
stat() call should detect that and fail.
truckman [Fri, 20 May 2016 06:33:02 +0000 (06:33 +0000)]
MFC r299580
Use strlcpy() instead of strncpy() to ensure that ret->name is
NUL terminated. The source and destination buffers are the same
size and the source *should* be NUL terminated, but be paranoid.
truckman [Fri, 20 May 2016 06:27:58 +0000 (06:27 +0000)]
MFC r299579
Use strlcpy() instead of strncpy() to ensure that qup->fsname is NUL
terminated. Don't bother checking for truncation since the subsequent
quota_read() should detect that and fail.
Avoid Coverity NUL termination warning about strncpy() by using
memcpy() instead. It's probably a bit more optimal in this case
anyway. [1]
The program logic leading up to the creation of the strncpy/memcpy
destination buffer is a bit hairy. Add a call to assert() to make
it clear what is happening here and detect any potential buffer
overruns in the future.
Check a couple syscall error returns. Ignore the EEXIST error from
link() to preserve existing behavior. [2] [3]
Instead of ignoring the EEXIST from link(), unconditionally unlink
the terget before calling link(). This should prevent links to an
old copy of the file from being retained.
Use strlcpy() instead of strncpy() when copying to dom_domain to
ensure that the latter is NUL terminated since it is passed
as an argument to *printf().
truckman [Fri, 20 May 2016 06:02:44 +0000 (06:02 +0000)]
MFC r299524
Use strlcpy() instead of strncpy() when copying the encoding value
to ensure that the destination is NUL terminated. Length truncation
of one more character should not be an issue since encoding values
that long are not supported by libc. The destination string is
treated as a NUL terminated string, but it is only passed to strcmp()
for comparison to a set of shorter, fixed length strings, so this
is not a serious problem.
rmacklem [Fri, 20 May 2016 01:19:30 +0000 (01:19 +0000)]
MFC: r299201
Give mountd -S priority over outstanding RPC requests when suspending the nfsd.
It was reported via email that under certain heavy RPC loads
long delays before the exports would be updated was observed
when using "mountd -S". This patch reverses the priority between
the exclusive lock request to suspend the nfsd threads and the
shared lock request for performing RPCs.
As such, when mountd attempts to suspend the nfsd threads, it
gets priority over outstanding RPC requests to do this.
I suspect that the case reported was an artificial test load,
but this patch did fix the problem for the reporter.
jkim [Mon, 16 May 2016 22:42:09 +0000 (22:42 +0000)]
Hide OPENSSL_cpuid_setup and OPENSSL_ia32cap_P symbols from libcrypto.so.
Note this is a direct commit because it is merged from OpenSSL upstream and
head (OpenSSL 1.0.2 branch) already has the same change:
jkim [Mon, 16 May 2016 19:30:27 +0000 (19:30 +0000)]
- Make libcrypto.so position independent on i386.
- Enable linker error when libcrypto.so contains a relocation against text.
- Add "Do not modify" comment to generated source files.
- Set CC environment variable for Perl scripts to enable AVX instructions.
- Update __FreeBSD_version to indicate libcrypto.so is position independent.
Note this is a direct commit because head has OpenSSL 1.0.2 branch but based
on r299389, r299462, r299464, r299479, and r299480.
- (r299263) Update MPI headers to version 42.
- (r299265) Several style changes and add copyrights for 2016.
- (r299266) Add support for the Broadcom (Avago/LSI) 9305 16 and 24 port HBA's.
- (r299267) No log bit in IOCStatus and endian-safe changes.
Use MPI2_IOCSTATUS_MASK when checking IOCStatus to mask off the log bit, and
make a few more things endian-safe.
- (r299268) Change logging level for a debug string to use MPR_LOG instead of
MPR_INFO.
- (r299269) Fix possible use of invalid pointer.
It was possible to use an invalid pointer to get the target ID value. To fix
this, initialize a local Target ID variable to an invalid value and change that
variable to a valid value only if the pointer to the Target ID is not NULL.
- (r299270) No need to set the MPRSAS_SHUTDOWN flag because it's never used.
- (r299271) Use callout_reset_sbt() instead of callout_reset() if FreeBSD ver
is >= 1000029
- (r299272) done_ccb pointer can be used if it is NULL.
To prevent this, move check for done_ccb == NULL to before done_ccb is used in
mprsas_stop_unit_done().
- (r299274) Disks can go missing until a reboot is done in some cases.
This is due to the DevHandle not being released, which causes the Firmware to
not allow that disk to be re-added.
- (r299275) Bump version of mpr driver to 13.00.00.00-fbsd
asomers [Mon, 16 May 2016 17:23:57 +0000 (17:23 +0000)]
MFC r298072
Don't corrupt ZFS label's physpath attribute when booting while a disk is
missing
Prior to this change, vdev_geom_open_by_path would call vdev_geom_attach
prior to verifying the device's GUIDs. vdev_geom_attach calls
vdev_geom_attrchange to set the physpath in the vdev object. The result is
that if the disk could not be found, then the labels for other disks in the
same TLD would overwrite the missing disk's physpath with the physpath of
whichever disk currently has the same devname as the missing one used to
have.
pfg [Mon, 16 May 2016 16:29:56 +0000 (16:29 +0000)]
MFC r298901:
restore: promote some getfiles() parameters to size_t.
This is based on a change from OpenBSD:
"Fix restore so that it can actually restore files larger than 4GB by
changing the type of "size" to off_t in getfiles() plus little dependent
type cleanup, from Daniel Lucq."
It is an important for machines with 32 bit longs.
While here unsign the flags, also from OpenBSD.
kib [Mon, 16 May 2016 02:23:58 +0000 (02:23 +0000)]
MFC r298922:
Issue NOTE_EXTEND when a directory entry is added to or removed from
the monitored directory as the result of rename(2) operation. The
renames staying in the directory are not reported.
dim [Sat, 14 May 2016 10:18:27 +0000 (10:18 +0000)]
MFC r275385 (by bapt):
Sync the svn template with the one from ports
MFC r289180 (by peter):
Update from svn-1.8.14 to 1.9.2.
Formal release notes are available:
https://subversion.apache.org/docs/release-notes/1.9.html
Of particular note, the client checkout format has *not* changed so
upgrades should *not* be required.
When reading a repository (file:// or running as a local server), an
improved fsfs version 7 is available with significant performance
improvements. An optional upgrade is possible to use the new features.
Without the upgrade, this is fully read/write compatible with the
version 6 fsfs as in svn-1.8.
MFC r298845:
Update from subversion 1.9.2 to 1.9.4.
This contains only bug fixes, no new features. The repository format is
also unchanged from 1.9.2. Full list of changes between 1.9.4 and
earlier versions:
Note that the two security issues fixed in 1.9.4 (CVE-2016-2167 and
CVE-2016-2168) do not affect the version of Subversion in the FreeBSD
base system, since neither SASL nor Apache modules are enabled.
MFC r298996:
Re-sync the FreeBSD-specific Subversion template with the one from
ports.
ngie [Fri, 13 May 2016 09:52:39 +0000 (09:52 +0000)]
MFC r298839:
Fix memory allocation edgecases in kvm_argv(..)
- Don't leak nbufp on realloc failure in kvm_argv
- Catch malloc errors with bufp
- Set buflen last in the "buflen == 0" case to ensure that
bufp/nbufp is properly reallocated on the next go around
ngie [Fri, 13 May 2016 09:14:43 +0000 (09:14 +0000)]
MFC r298462:
Return `ret` in op_ifentry(..) to mute a -Wunused-but-set-variable warning
This will also now detect error conditions with
value->var.subs[sub - 1] == LEAF_ifPhysAddress where `string_get(..)`
could fail if iifp->physaddr and/or iifp->physaddrlen were deemed
invalid.
ngie [Fri, 13 May 2016 09:06:52 +0000 (09:06 +0000)]
MFC r298665:
r298665 (by cem):
aacraid(4): Fix some mostly trivial buffer overruns
strcpy(3) emits a trailing nul byte, trampling fields after the intended
destination. Instead, use strncpy(3), intentionally leaving these fields
not nul-terminated.