svn commit: r308241 - stable/10/sys/fs/nfsserver

[Rick Macklem]

Author: rmacklem
Date: Thu Nov  3 00:58:50 2016
New Revision: 308241
URL: https://svnweb.freebsd.org/changeset/base/308241

Log:
  MFC: r307694
  A problem w.r.t. interoperation between the FreeBSD NFSv4.1 server with
  delegations enabled and the Linux NFSv4.1 client was reported in
  reviews.freebsd.org/D7891.
  I believe that the FreeBSD server behaviour conforms to the RFC and that
  the Linux client has a bug. Therefore, I do not think the proposed patch
  is appropriate. When nfsrv_writedelegifpos is non-zero, the FreeBSD
  server will issue a write delegation for a read open if possible.
  The Linux client then erroneously assumes that the credentials used for
  the read open can write the file.
  This patch reverses the default value for nfsrv_writedelegifpos to 0 so
  that the default behaviour is Linux compatible and adds a sysctl that can
  be used to set nfsrv_writedelegifpos.
  
  This change should only affect users that are mounting a FreeBSD server
  with delegations enabled (they are not enabled by default) with a Linux
  NFSv4.1 client mount.

Modified:
  stable/10/sys/fs/nfsserver/nfs_nfsdstate.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/fs/nfsserver/nfs_nfsdstate.c
==
--- stable/10/sys/fs/nfsserver/nfs_nfsdstate.c  Thu Nov  3 00:56:59 2016
(r308240)
+++ stable/10/sys/fs/nfsserver/nfs_nfsdstate.c  Thu Nov  3 00:58:50 2016
(r308241)
@@ -75,6 +75,11 @@ SYSCTL_INT(_vfs_nfsd, OID_AUTO, v4statel
 _v4statelimit, 0,
 "High water limit for NFSv4 opens+locks+delegations");
 
+static int nfsrv_writedelegifpos = 0;
+SYSCTL_INT(_vfs_nfsd, OID_AUTO, writedelegifpos, CTLFLAG_RW,
+_writedelegifpos, 0,
+"Issue a write delegation for read opens if possible");
+
 /*
  * Hash lists for nfs V4.
  */
@@ -85,7 +90,6 @@ struct nfssessionhash *nfssessionhash;
 
 static u_int32_t nfsrv_openpluslock = 0, nfsrv_delegatecnt = 0;
 static time_t nfsrvboottime;
-static int nfsrv_writedelegifpos = 1;
 static int nfsrv_returnoldstateid = 0, nfsrv_clients = 0;
 static int nfsrv_clienthighwater = NFSRV_CLIENTHIGHWATER;
 static int nfsrv_nogsscallback = 0;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308240 - head/sys/dev/atkbdc

[Oleksandr Tymoshenko]

Author: gonzo
Date: Thu Nov  3 00:56:59 2016
New Revision: 308240
URL: https://svnweb.freebsd.org/changeset/base/308240

Log:
  [evdev] Add evdev support to atkbd(4) driver
  
  To enable event sourcing from atkbd kern.evdev.rcpt_mask value
  should have bit 3 set.
  
  Submitted by: Vladimir Kondratiev 
  MFC after:1 week
  Differential Revision:https://reviews.freebsd.org/D8381

Modified:
  head/sys/dev/atkbdc/atkbd.c
  head/sys/dev/atkbdc/atkbd_atkbdc.c

Modified: head/sys/dev/atkbdc/atkbd.c
==
--- head/sys/dev/atkbdc/atkbd.c Thu Nov  3 00:50:20 2016(r308239)
+++ head/sys/dev/atkbdc/atkbd.c Thu Nov  3 00:56:59 2016(r308240)
@@ -31,6 +31,7 @@ __FBSDID("$FreeBSD$");
 #include "opt_compat.h"
 #include "opt_kbd.h"
 #include "opt_atkbd.h"
+#include "opt_evdev.h"
 
 #include 
 #include 
@@ -49,6 +50,11 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#ifdef EVDEV_SUPPORT
+#include 
+#include 
+#endif
+
 typedef struct atkbd_state {
KBDCkbdc;   /* keyboard controller */
int ks_mode;/* input mode (K_XLATE,K_RAW,K_CODE) */
@@ -60,6 +66,10 @@ typedef struct atkbd_state {
u_int   ks_composed_char; /* composed char code (> 0) */
u_char  ks_prefix;  /* AT scan code prefix */
struct callout  ks_timer;
+#ifdef EVDEV_SUPPORT
+   struct evdev_dev *ks_evdev;
+   int ks_evdev_state;
+#endif
 } atkbd_state_t;
 
 static voidatkbd_timeout(void *arg);
@@ -72,6 +82,11 @@ static int   atkbd_reset(KBDC kbdc, int f
 #define DEFAULT_DELAY  0x1  /* 500ms */
 #define DEFAULT_RATE   0x10 /* 14Hz */
 
+#ifdef EVDEV_SUPPORT
+#define PS2_KEYBOARD_VENDOR1
+#define PS2_KEYBOARD_PRODUCT   1
+#endif
+
 int
 atkbd_probe_unit(device_t dev, int irq, int flags)
 {
@@ -250,6 +265,12 @@ static int typematic(int delay, int rat
 static int typematic_delay(int delay);
 static int typematic_rate(int rate);
 
+#ifdef EVDEV_SUPPORT
+static const struct evdev_methods atkbd_evdev_methods = {
+   .ev_event = evdev_ev_kbd_event,
+};
+#endif
+
 /* local variables */
 
 /* the initial key map, accent map and fkey strings */
@@ -352,6 +373,10 @@ atkbd_init(int unit, keyboard_t **kbdp, 
int delay[2];
int *data = (int *)arg; /* data[0]: controller, data[1]: irq */
int error, needfree;
+#ifdef EVDEV_SUPPORT
+   struct evdev_dev *evdev;
+   char phys_loc[8];
+#endif
 
/* XXX */
if (unit == ATKBD_DEFAULT) {
@@ -436,6 +461,34 @@ atkbd_init(int unit, keyboard_t **kbdp, 
delay[0] = kbd->kb_delay1;
delay[1] = kbd->kb_delay2;
atkbd_ioctl(kbd, KDSETREPEAT, (caddr_t)delay);
+
+#ifdef EVDEV_SUPPORT
+   /* register as evdev provider on first init */
+   if (state->ks_evdev == NULL) {
+   snprintf(phys_loc, sizeof(phys_loc), "atkbd%d", unit);
+   evdev = evdev_alloc();
+   evdev_set_name(evdev, "AT keyboard");
+   evdev_set_phys(evdev, phys_loc);
+   evdev_set_id(evdev, BUS_I8042, PS2_KEYBOARD_VENDOR,
+   PS2_KEYBOARD_PRODUCT, 0);
+   evdev_set_methods(evdev, kbd, _evdev_methods);
+   evdev_support_event(evdev, EV_SYN);
+   evdev_support_event(evdev, EV_KEY);
+   evdev_support_event(evdev, EV_LED);
+   evdev_support_event(evdev, EV_REP);
+   evdev_support_all_known_keys(evdev);
+   evdev_support_led(evdev, LED_NUML);
+   evdev_support_led(evdev, LED_CAPSL);
+   evdev_support_led(evdev, LED_SCROLLL);
+
+   if (evdev_register(evdev))
+   evdev_free(evdev);
+   else
+   state->ks_evdev = evdev;
+   state->ks_evdev_state = 0;
+   }
+#endif
+
KBD_INIT_DONE(kbd);
}
if (!KBD_IS_CONFIGURED(kbd)) {
@@ -620,6 +673,20 @@ next_code:
printf("atkbd_read_char(): scancode:0x%x\n", scancode);
 #endif
 
+#ifdef EVDEV_SUPPORT
+   /* push evdev event */
+   if (evdev_rcpt_mask & EVDEV_RCPT_HW_KBD && state->ks_evdev != NULL) {
+   keycode = evdev_scancode2key(>ks_evdev_state,
+   scancode);
+
+   if (keycode != KEY_RESERVED) {
+   evdev_push_event(state->ks_evdev, EV_KEY,
+   (uint16_t)keycode, scancode & 0x80 ? 0 : 1);
+   evdev_sync(state->ks_evdev);
+   }
+   }
+#endif
+
/* return the byte as is for the K_RAW mode */
if (state->ks_mode == K_RAW)
  

svn commit: r308239 - stable/11/sys/fs/nfsserver

[Rick Macklem]

Author: rmacklem
Date: Thu Nov  3 00:50:20 2016
New Revision: 308239
URL: https://svnweb.freebsd.org/changeset/base/308239

Log:
  MFC: r307694
  A problem w.r.t. interoperation between the FreeBSD NFSv4.1 server with
  delegations enabled and the Linux NFSv4.1 client was reported in
  reviews.freebsd.org/D7891.
  I believe that the FreeBSD server behaviour conforms to the RFC and that
  the Linux client has a bug. Therefore, I do not think the proposed patch
  is appropriate. When nfsrv_writedelegifpos is non-zero, the FreeBSD
  server will issue a write delegation for a read open if possible.
  The Linux client then erroneously assumes that the credentials used for
  the read open can write the file.
  This patch reverses the default value for nfsrv_writedelegifpos to 0 so
  that the default behaviour is Linux compatible and adds a sysctl that can
  be used to set nfsrv_writedelegifpos.
  
  This change should only affect users that are mounting a FreeBSD server
  with delegations enabled (they are not enabled by default) with a Linux
  NFSv4.1 client mount.

Modified:
  stable/11/sys/fs/nfsserver/nfs_nfsdstate.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/fs/nfsserver/nfs_nfsdstate.c
==
--- stable/11/sys/fs/nfsserver/nfs_nfsdstate.c  Thu Nov  3 00:34:37 2016
(r308238)
+++ stable/11/sys/fs/nfsserver/nfs_nfsdstate.c  Thu Nov  3 00:50:20 2016
(r308239)
@@ -70,6 +70,11 @@ SYSCTL_INT(_vfs_nfsd, OID_AUTO, v4statel
 _v4statelimit, 0,
 "High water limit for NFSv4 opens+locks+delegations");
 
+static int nfsrv_writedelegifpos = 0;
+SYSCTL_INT(_vfs_nfsd, OID_AUTO, writedelegifpos, CTLFLAG_RW,
+_writedelegifpos, 0,
+"Issue a write delegation for read opens if possible");
+
 /*
  * Hash lists for nfs V4.
  */
@@ -80,7 +85,6 @@ struct nfssessionhash *nfssessionhash;
 
 static u_int32_t nfsrv_openpluslock = 0, nfsrv_delegatecnt = 0;
 static time_t nfsrvboottime;
-static int nfsrv_writedelegifpos = 1;
 static int nfsrv_returnoldstateid = 0, nfsrv_clients = 0;
 static int nfsrv_clienthighwater = NFSRV_CLIENTHIGHWATER;
 static int nfsrv_nogsscallback = 0;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308238 - in stable/11: etc gnu/lib/libgcc share/examples usr.bin/calendar

[Glen Barber]

Author: gjb
Date: Thu Nov  3 00:34:37 2016
New Revision: 308238
URL: https://svnweb.freebsd.org/changeset/base/308238

Log:
  MFC r308148, r308150, r308156:
  
   r308148:
Fix packaging calendar(1) files.
  
   r308150:
Fix packaging /usr/share/examples/etc.
  
   r308156:
Fix packaging /usr/lib{,32}/libgcc_eh{,_p}.a.
  
  Sponsored by: The FreeBSD Foundation

Modified:
  stable/11/etc/Makefile
  stable/11/gnu/lib/libgcc/Makefile
  stable/11/share/examples/Makefile
  stable/11/usr.bin/calendar/Makefile
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/etc/Makefile
==
--- stable/11/etc/Makefile  Thu Nov  3 00:26:58 2016(r308237)
+++ stable/11/etc/Makefile  Thu Nov  3 00:34:37 2016(r308238)
@@ -459,7 +459,7 @@ distrib-dirs: ${MTREES:N/*} distrib-clea
 .endif
 
 etc-examples-install: ${META_DEPS}
-   cd ${.CURDIR}; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 444 \
+   cd ${.CURDIR}; ${INSTALL} ${TAG_ARGS} -o ${BINOWN} -g ${BINGRP} -m 444 \
${BIN1} ${BIN2} nsmb.conf opieaccess \
${DESTDIR}${SHAREDIR}/examples/etc
 

Modified: stable/11/gnu/lib/libgcc/Makefile
==
--- stable/11/gnu/lib/libgcc/Makefile   Thu Nov  3 00:26:58 2016
(r308237)
+++ stable/11/gnu/lib/libgcc/Makefile   Thu Nov  3 00:34:37 2016
(r308238)
@@ -393,11 +393,11 @@ _libinstall: _lib-eh-install
 
 _lib-eh-install:
 .if ${MK_INSTALLLIB} != "no"
-   ${INSTALL} -C -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} \
+   ${INSTALL} ${TAG_ARGS} -C -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} \
${_INSTALLFLAGS} libgcc_eh.a ${DESTDIR}${LIBDIR}
 .endif
 .if ${MK_PROFILE} != "no"
-   ${INSTALL} -C -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} \
+   ${INSTALL} ${TAG_ARGS} -C -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} \
${_INSTALLFLAGS} libgcc_eh_p.a ${DESTDIR}${LIBDIR}
 .endif
 

Modified: stable/11/share/examples/Makefile
==
--- stable/11/share/examples/Makefile   Thu Nov  3 00:26:58 2016
(r308237)
+++ stable/11/share/examples/Makefile   Thu Nov  3 00:34:37 2016
(r308238)
@@ -250,7 +250,7 @@ copies:
 symlinks:
 .for i in ${LDIRS}
rm -rf ${DESTDIR}${BINDIR}/$i
-   ln -s ${.CURDIR}/$i ${DESTDIR}${BINDIR}/$i
+   ${INSTALL} ${TAG_ARGS} -l s ${.CURDIR}/$i ${DESTDIR}${BINDIR}/$i
 .endfor
 
 etc-examples:

Modified: stable/11/usr.bin/calendar/Makefile
==
--- stable/11/usr.bin/calendar/Makefile Thu Nov  3 00:26:58 2016
(r308237)
+++ stable/11/usr.bin/calendar/Makefile Thu Nov  3 00:34:37 2016
(r308238)
@@ -15,20 +15,22 @@ FR_LINKS=   fr_FR.ISO8859-15
 TEXTMODE?= 444
 
 beforeinstall:
-   ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m ${TEXTMODE} \
+   ${INSTALL} ${TAG_ARGS} -o ${BINOWN} -g ${BINGRP} -m ${TEXTMODE} \
${.CURDIR}/calendars/calendar.* ${DESTDIR}${SHAREDIR}/calendar
 .for lang in ${INTER}
-   ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m ${TEXTMODE} \
+   ${INSTALL} ${TAG_ARGS} -o ${BINOWN} -g ${BINGRP} -m ${TEXTMODE} \
${.CURDIR}/calendars/${lang}/calendar.* \
${DESTDIR}${SHAREDIR}/calendar/${lang} 
 .endfor
 .for link in ${DE_LINKS}
rm -rf ${DESTDIR}${SHAREDIR}/calendar/${link}
-   ln -s de_DE.ISO8859-1 ${DESTDIR}${SHAREDIR}/calendar/${link}
+   ${INSTALL} ${TAG_ARGS} -l s de_DE.ISO8859-1 \
+   ${DESTDIR}${SHAREDIR}/calendar/${link}
 .endfor
 .for link in ${FR_LINKS}
rm -rf ${DESTDIR}${SHAREDIR}/calendar/${link}
-   ln -s fr_FR.ISO8859-1 ${DESTDIR}${SHAREDIR}/calendar/${link}
+   ${INSTALL} ${TAG_ARGS} -l s fr_FR.ISO8859-1 \
+   ${DESTDIR}${SHAREDIR}/calendar/${link}
 .endfor
 
 .if ${MK_TESTS} != "no"
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308237 - head/sys/netpfil/ipfw

[Luiz Otavio O Souza]

Author: loos
Date: Thu Nov  3 00:26:58 2016
New Revision: 308237
URL: https://svnweb.freebsd.org/changeset/base/308237

Log:
  Remove the mbuf tag after use (for reinjected packets).
  
  Fixes the packet processing in dummynet l2 rules.
  
  Obtained from:pfSense
  MFC after:2 weeks
  Sponsored by: Rubicon Communications, LLC (Netgate)

Modified:
  head/sys/netpfil/ipfw/ip_fw_pfil.c

Modified: head/sys/netpfil/ipfw/ip_fw_pfil.c
==
--- head/sys/netpfil/ipfw/ip_fw_pfil.c  Wed Nov  2 23:58:10 2016
(r308236)
+++ head/sys/netpfil/ipfw/ip_fw_pfil.c  Thu Nov  3 00:26:58 2016
(r308237)
@@ -315,20 +315,15 @@ ipfw_check_frame(void *arg, struct mbuf 
struct ip_fw_args args;
struct m_tag *mtag;
 
-   /* fetch start point from rule, if any */
+   /* fetch start point from rule, if any.  remove the tag if present. */
mtag = m_tag_locate(*m0, MTAG_IPFW_RULE, 0, NULL);
if (mtag == NULL) {
args.rule.slot = 0;
} else {
-   /* dummynet packet, already partially processed */
-   struct ipfw_rule_ref *r;
-
-   /* XXX can we free it after use ? */
-   mtag->m_tag_id = PACKET_TAG_NONE;
-   r = (struct ipfw_rule_ref *)(mtag + 1);
-   if (r->info & IPFW_ONEPASS)
+   args.rule = *((struct ipfw_rule_ref *)(mtag+1));
+   m_tag_delete(*m0, mtag);
+   if (args.rule.info & IPFW_ONEPASS)
return (0);
-   args.rule = *r;
}
 
/* I need some amt of data to be contiguous */
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r308200 - in stable: 10/crypto/openssl/ssl 9/crypto/openssl/ssl

[Cy Schubert]

In message 
, Oliver Pinter writes:
> On 11/2/16, Cy Schubert  wrote:
> > In message <201611020709.ua279wm3070...@repo.freebsd.org>, Xin LI writes:
> >> Author: delphij
> >> Date: Wed Nov  2 07:09:31 2016
> >> New Revision: 308200
> >> URL: https://svnweb.freebsd.org/changeset/base/308200
> >>
> >> Log:
> >>   Backport OpenSSL commit af58be768ebb690f78530f796e92b8ae5c9a4401:
> >>
> >> Don't allow too many consecutive warning alerts
> >>
> >> Certain warning alerts are ignored if they are received. This can mean
> >> th
> >> at
> >> no progress will be made if one peer continually sends those warning
> >> aler
> >> ts.
> >> Implement a count so that we abort the connection if we receive too
> >> many.
> >>
> >> Issue reported by Shi Lei.
> >>
> >>   This is a direct commit to stable/10 and stable/9.
> >>
> >>   Security:CVE-2016-8610
> >>
> >> Modified:
> >>   stable/10/crypto/openssl/ssl/d1_pkt.c
> >>   stable/10/crypto/openssl/ssl/s3_pkt.c
> >>   stable/10/crypto/openssl/ssl/ssl.h
> >>   stable/10/crypto/openssl/ssl/ssl3.h
> >>   stable/10/crypto/openssl/ssl/ssl_locl.h
> >>
> >> Changes in other areas also in this revision:
> >> Modified:
> >>   stable/9/crypto/openssl/ssl/d1_pkt.c
> >>   stable/9/crypto/openssl/ssl/s3_pkt.c
> >>   stable/9/crypto/openssl/ssl/ssl.h
> >>   stable/9/crypto/openssl/ssl/ssl3.h
> >>   stable/9/crypto/openssl/ssl/ssl_locl.h
> >>
> >> Modified: stable/10/crypto/openssl/ssl/d1_pkt.c
> >> ==
> ===
> >> =
> >> --- stable/10/crypto/openssl/ssl/d1_pkt.c  Wed Nov  2 06:58:47 2016
> >>(r308199)
> >> +++ stable/10/crypto/openssl/ssl/d1_pkt.c  Wed Nov  2 07:09:31 2016
> >>(r308200)
> >> @@ -924,6 +924,13 @@ int dtls1_read_bytes(SSL *s, int type, u
> >>  goto start;
> >>  }
> >>
> >> +/*
> >> + * Reset the count of consecutive warning alerts if we've got a
> >> non-empt
> >> y
> >> + * record that isn't an alert.
> >> + */
> >> +if (rr->type != SSL3_RT_ALERT && rr->length != 0)
> >> +s->s3->alert_count = 0;
> >> +
> >>  /* we now have a packet which can be read and processed */
> >>
> >>  if (s->s3->change_cipher_spec /* set when we receive
> >> ChangeCipherSpec,
> >> @@ -1190,6 +1197,14 @@ int dtls1_read_bytes(SSL *s, int type, u
> >>
> >>  if (alert_level == SSL3_AL_WARNING) {
> >>  s->s3->warn_alert = alert_descr;
> >> +
> >> +s->s3->alert_count++;
> >> +if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
> >> +al = SSL_AD_UNEXPECTED_MESSAGE;
> >> +SSLerr(SSL_F_DTLS1_READ_BYTES,
> >> SSL_R_TOO_MANY_WARN_ALERTS);
> >> +goto f_err;
> >> +}
> >> +
> >>  if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
> >>  #ifndef OPENSSL_NO_SCTP
> >>  /*
> >>
> >> Modified: stable/10/crypto/openssl/ssl/s3_pkt.c
> >> ==
> ===
> >> =
> >> --- stable/10/crypto/openssl/ssl/s3_pkt.c  Wed Nov  2 06:58:47 2016
> >>(r308199)
> >> +++ stable/10/crypto/openssl/ssl/s3_pkt.c  Wed Nov  2 07:09:31 2016
> >>(r308200)
> >> @@ -1057,6 +1057,13 @@ int ssl3_read_bytes(SSL *s, int type, un
> >>  return (ret);
> >>  }
> >>
> >> +/*
> >> + * Reset the count of consecutive warning alerts if we've got a
> >> non-empt
> >> y
> >> + * record that isn't an alert.
> >> + */
> >> +if (rr->type != SSL3_RT_ALERT && rr->length != 0)
> >> +s->s3->alert_count = 0;
> >> +
> >>  /* we now have a packet which can be read and processed */
> >>
> >>  if (s->s3->change_cipher_spec /* set when we receive
> >> ChangeCipherSpec,
> >> @@ -1271,6 +1278,14 @@ int ssl3_read_bytes(SSL *s, int type, un
> >>
> >>  if (alert_level == SSL3_AL_WARNING) {
> >>  s->s3->warn_alert = alert_descr;
> >> +
> >> +s->s3->alert_count++;
> >> +if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
> >> +al = SSL_AD_UNEXPECTED_MESSAGE;
> >> +SSLerr(SSL_F_SSL3_READ_BYTES,
> >> SSL_R_TOO_MANY_WARN_ALERTS);
> >> +goto f_err;
> >> +}
> >> +
> >>  if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
> >>  s->shutdown |= SSL_RECEIVED_SHUTDOWN;
> >>  return (0);
> >>
> >> Modified: stable/10/crypto/openssl/ssl/ssl.h
> >> ==
> ===
> >> =
> >> --- stable/10/crypto/openssl/ssl/ssl.h Wed Nov  2 06:58:47 2016
> >>(r308199)
> >> +++ stable/10/crypto/openssl/ssl/ssl.h Wed Nov  2 07:09:31 2016
> >>(r308200)
> >> @@ -2717,6 +2717,7 @@ void ERR_load_SSL_strings(void);
> >>  # define SSL_R_TLS_HEARTBEAT_PENDING  366
> >>  # define 

svn commit: r308236 - head/sys/arm/allwinner

[Jared McNeill]

Author: jmcneill
Date: Wed Nov  2 23:58:10 2016
New Revision: 308236
URL: https://svnweb.freebsd.org/changeset/base/308236

Log:
  Add support for the integrated DMA controller found in the Allwinner A31,
  A64, A83T, and H3 SoCs.
  
  Relnotes: yes

Added:
  head/sys/arm/allwinner/a31_dmac.c   (contents, props changed)
Modified:
  head/sys/arm/allwinner/files.allwinner

Added: head/sys/arm/allwinner/a31_dmac.c
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/sys/arm/allwinner/a31_dmac.c   Wed Nov  2 23:58:10 2016
(r308236)
@@ -0,0 +1,557 @@
+/*-
+ * Copyright (c) 2016 Jared D. McNeill 
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+/*
+ * Allwinner DMA controller
+ */
+
+#include 
+__FBSDID("$FreeBSD$");
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+#include "sunxi_dma_if.h"
+
+#defineDMA_IRQ_EN_REG0 0x00
+#defineDMA_IRQ_EN_REG1 0x04
+#defineDMA_IRQ_EN_REG(ch)  (DMA_IRQ_EN_REG0 + ((ch) / 8) * 4)
+#define DMA_PKG_IRQ_EN(ch) (1 << (((ch) % 8) * 4 + 1))
+#define DMA_PKG_IRQ_MASK   0xULL
+#defineDMA_IRQ_PEND_REG0   0x10
+#defineDMA_IRQ_PEND_REG1   0x14
+#defineDMA_IRQ_PEND_REG(ch)(DMA_IRQ_PEND_REG0 + ((ch) / 8) * 4)
+#defineDMA_STA_REG 0x30
+#defineDMA_EN_REG(n)   (0x100 + (n) * 0x40 + 0x00)
+#define DMA_EN (1 << 0)
+#defineDMA_PAU_REG(n)  (0x100 + (n) * 0x40 + 0x04)
+#defineDMA_STAR_ADDR_REG(n)(0x100 + (n) * 0x40 + 0x08)
+#defineDMA_CFG_REG(n)  (0x100 + (n) * 0x40 + 0x0c)
+#define DMA_DEST_DATA_WIDTH(0x3 << 25)
+#define DMA_DEST_DATA_WIDTH_SHIFT  25
+#define DMA_DEST_BST_LEN   (0x3 << 22)
+#define DMA_DEST_BST_LEN_SHIFT 22
+#define DMA_DEST_ADDR_MODE (0x1 << 21)
+#define DMA_DEST_ADDR_MODE_SHIFT   21
+#define DMA_DEST_DRQ_TYPE  (0x1f << 16)
+#define DMA_DEST_DRQ_TYPE_SHIFT16
+#define DMA_SRC_DATA_WIDTH (0x3 << 9)
+#define DMA_SRC_DATA_WIDTH_SHIFT   9
+#define DMA_SRC_BST_LEN(0x3 << 6)
+#define DMA_SRC_BST_LEN_SHIFT  6
+#define DMA_SRC_ADDR_MODE  (0x1 << 5)
+#define DMA_SRC_ADDR_MODE_SHIFT5
+#define DMA_SRC_DRQ_TYPE   (0x1f << 0)
+#define DMA_SRC_DRQ_TYPE_SHIFT 0   
+#define DMA_DATA_WIDTH_8BIT0
+#define DMA_DATA_WIDTH_16BIT   1
+#define DMA_DATA_WIDTH_32BIT   2
+#define DMA_DATA_WIDTH_64BIT   3
+#define DMA_ADDR_MODE_LINEAR   0
+#define DMA_ADDR_MODE_IO   1
+#define DMA_BST_LEN_1  0
+#define DMA_BST_LEN_4  1
+#define DMA_BST_LEN_8  2
+#define DMA_BST_LEN_16 3
+#defineDMA_CUR_SRC_REG(n)  (0x100 + (n) * 0x40 + 0x10)
+#defineDMA_CUR_DEST_REG(n) (0x100 + (n) * 0x40 + 0x14)
+#defineDMA_BCNT_LEFT_REG(n)(0x100 + (n) * 0x40 + 0x18)
+#defineDMA_PARA_REG(n) (0x100 + (n) * 0x40 + 0x1c)
+#define WAIT_CYC   (0xff << 0)
+#define WAIT_CYC_SHIFT 0
+
+struct a31dmac_desc {
+   uint32_tconfig;
+   uint32_t

svn commit: r308235 - head/sys/arm/allwinner

[Jared McNeill]

Author: jmcneill
Date: Wed Nov  2 23:53:47 2016
New Revision: 308235
URL: https://svnweb.freebsd.org/changeset/base/308235

Log:
  Register the device's xref handle at attach time.

Modified:
  head/sys/arm/allwinner/a10_dmac.c

Modified: head/sys/arm/allwinner/a10_dmac.c
==
--- head/sys/arm/allwinner/a10_dmac.c   Wed Nov  2 23:49:57 2016
(r308234)
+++ head/sys/arm/allwinner/a10_dmac.c   Wed Nov  2 23:53:47 2016
(r308235)
@@ -168,6 +168,7 @@ a10dmac_attach(device_t dev)
return (ENXIO);
}
 
+   OF_device_register_xref(OF_xref_from_node(ofw_bus_get_node(dev)), dev);
return (0);
 }
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308234 - head/sys/arm/allwinner/clk

[Jared McNeill]

Author: jmcneill
Date: Wed Nov  2 23:49:57 2016
New Revision: 308234
URL: https://svnweb.freebsd.org/changeset/base/308234

Log:
  Add support for H3 PLL2 (PLL_Audio).

Modified:
  head/sys/arm/allwinner/clk/aw_pll.c

Modified: head/sys/arm/allwinner/clk/aw_pll.c
==
--- head/sys/arm/allwinner/clk/aw_pll.c Wed Nov  2 23:46:23 2016
(r308233)
+++ head/sys/arm/allwinner/clk/aw_pll.c Wed Nov  2 23:49:57 2016
(r308234)
@@ -171,6 +171,15 @@ __FBSDID("$FreeBSD$");
 #defineA83T_PLLCPUX_POSTDIV_M  (0x3 << 0)
 #defineA83T_PLLCPUX_POSTDIV_M_SHIFT0
 
+#defineH3_PLL2_LOCK(1 << 28)
+#defineH3_PLL2_SDM_EN  (1 << 24)
+#defineH3_PLL2_POST_DIV(0xf << 16)
+#defineH3_PLL2_POST_DIV_SHIFT  16
+#defineH3_PLL2_FACTOR_N(0x7f << 8)
+#defineH3_PLL2_FACTOR_N_SHIFT  8
+#defineH3_PLL2_PRE_DIV (0x1f << 0)
+#defineH3_PLL2_PRE_DIV_SHIFT   0
+
 #defineCLKID_A10_PLL3_1X   0
 #defineCLKID_A10_PLL3_2X   1
 
@@ -278,6 +287,11 @@ static struct aw_pll_factor aw_a23_pll1_
PLLFACTOR(25, 2, 0, 0, 187200),
 };
 
+static struct aw_pll_factor aw_h3_pll2_factors[] = {
+   PLLFACTOR(13, 0, 0, 13, 24576000),
+   PLLFACTOR(6, 0, 0, 7, 22579200),
+};
+
 enum aw_pll_type {
AWPLL_A10_PLL1 = 1,
AWPLL_A10_PLL2,
@@ -292,6 +306,7 @@ enum aw_pll_type {
AWPLL_A80_PLL4,
AWPLL_A83T_PLLCPUX,
AWPLL_H3_PLL1,
+   AWPLL_H3_PLL2,
 };
 
 struct aw_pll_sc {
@@ -698,6 +713,85 @@ a13_pll2_set_freq(struct aw_pll_sc *sc, 
 }
 
 static int
+h3_pll2_recalc(struct aw_pll_sc *sc, uint64_t *freq)
+{
+   uint32_t val, p, n, m;
+
+   DEVICE_LOCK(sc);
+   PLL_READ(sc, );
+   DEVICE_UNLOCK(sc);
+
+   p = ((val & H3_PLL2_POST_DIV) >> H3_PLL2_POST_DIV_SHIFT) + 1;
+   n = ((val & H3_PLL2_FACTOR_N) >> H3_PLL2_FACTOR_N_SHIFT) + 1;
+   m = ((val & H3_PLL2_PRE_DIV) >> H3_PLL2_PRE_DIV_SHIFT) + 1;
+
+   switch (sc->id) {
+   case SUN4I_A10_PLL2_1X:
+   *freq = (*freq * n) / (m * p);
+   break;
+   case SUN4I_A10_PLL2_2X:
+   *freq = (*freq * 2 * n) / m / 4;
+   break;
+   case SUN4I_A10_PLL2_4X:
+   *freq = (*freq * 2 * n) / m / 2;
+   break;
+   case SUN4I_A10_PLL2_8X:
+   *freq = (*freq * 2 * n) / m;
+   break;
+   default:
+   return (EINVAL);
+   }
+
+   return (0);
+}
+
+static int
+h3_pll2_set_freq(struct aw_pll_sc *sc, uint64_t fin, uint64_t *fout,
+int flags)
+{
+   struct aw_pll_factor *f;
+   uint32_t val;
+   int n, error, retry;
+
+   if (sc->id != SUN4I_A10_PLL2_1X)
+   return (ENXIO);
+
+   f = NULL;
+   for (n = 0; n < nitems(aw_h3_pll2_factors); n++) {
+   if (aw_h3_pll2_factors[n].freq == *fout) {
+   f = _h3_pll2_factors[n];
+   break;
+   }
+   }
+   if (f == NULL)
+   return (EINVAL);
+
+   DEVICE_LOCK(sc);
+   PLL_READ(sc, );
+   val &= ~(H3_PLL2_POST_DIV|H3_PLL2_FACTOR_N|H3_PLL2_PRE_DIV);
+   val |= (f->p << H3_PLL2_POST_DIV_SHIFT);
+   val |= (f->n << H3_PLL2_FACTOR_N_SHIFT);
+   val |= (f->m << H3_PLL2_PRE_DIV_SHIFT);
+   val |= AW_PLL_ENABLE;
+   PLL_WRITE(sc, val);
+
+   /* Wait for lock */
+   error = 0;
+   for (retry = 0; retry < 1000; retry++) {
+   PLL_READ(sc, );
+   if ((val & H3_PLL2_LOCK) != 0)
+   break;
+   DELAY(100);
+   }
+   if (retry == 0)
+   error = ETIMEDOUT;
+
+   DEVICE_UNLOCK(sc);
+
+   return (error);
+}
+
+static int
 a23_pll1_set_freq(struct aw_pll_sc *sc, uint64_t fin, uint64_t *fout,
 int flags)
 {
@@ -1006,6 +1100,7 @@ static struct aw_pll_funcs aw_pll_func[]
PLL(AWPLL_A83T_PLLCPUX, a83t_pllcpux_recalc, a83t_pllcpux_set_freq, 
NULL),
PLL(AWPLL_A64_PLLHSIC, a64_pllhsic_recalc, NULL, a64_pllhsic_init),
PLL(AWPLL_H3_PLL1, a23_pll1_recalc, h3_pll1_set_freq, NULL),
+   PLL(AWPLL_H3_PLL2, h3_pll2_recalc, h3_pll2_set_freq, NULL),
 };
 
 static struct ofw_compat_data compat_data[] = {
@@ -1020,6 +1115,7 @@ static struct ofw_compat_data compat_dat
{ "allwinner,sun8i-a23-pll1-clk",   AWPLL_A23_PLL1 },
{ "allwinner,sun8i-a83t-pllcpux-clk",   AWPLL_A83T_PLLCPUX },
{ "allwinner,sun8i-h3-pll1-clk",AWPLL_H3_PLL1 },
+   { "allwinner,sun8i-h3-pll2-clk",AWPLL_H3_PLL2 },
{ "allwinner,sun9i-a80-pll4-clk",   AWPLL_A80_PLL4 },
{ "allwinner,sun50i-a64-pllhsic-clk",   AWPLL_A64_PLLHSIC },
{ NULL, 0 }
___

svn commit: r308233 - head/sys/arm/allwinner/clk

[Jared McNeill]

Author: jmcneill
Date: Wed Nov  2 23:46:23 2016
New Revision: 308233
URL: https://svnweb.freebsd.org/changeset/base/308233

Log:
  The DTS may report fewer than 4 parents for a module clock. Avoid setting
  the module clock parent to an out-of-range index in these cases.

Modified:
  head/sys/arm/allwinner/clk/aw_modclk.c

Modified: head/sys/arm/allwinner/clk/aw_modclk.c
==
--- head/sys/arm/allwinner/clk/aw_modclk.c  Wed Nov  2 23:44:30 2016
(r308232)
+++ head/sys/arm/allwinner/clk/aw_modclk.c  Wed Nov  2 23:46:23 2016
(r308233)
@@ -53,7 +53,6 @@ __FBSDID("$FreeBSD$");
 #defineSCLK_GATING (1 << 31)
 #defineCLK_SRC_SEL (0x3 << 24)
 #defineCLK_SRC_SEL_SHIFT   24
-#defineCLK_SRC_SEL_MAX 0x3
 #defineCLK_RATIO_N (0x3 << 16)
 #defineCLK_RATIO_N_SHIFT   16
 #defineCLK_RATIO_N_MAX 0x3
@@ -69,6 +68,7 @@ static struct ofw_compat_data compat_dat
 struct aw_modclk_sc {
device_tclkdev;
bus_addr_t  reg;
+   u_int   parent_cnt;
 };
 
 #defineMODCLK_READ(sc, val)CLKDEV_READ_4((sc)->clkdev, (sc)->reg, 
(val))
@@ -102,7 +102,7 @@ aw_modclk_set_mux(struct clknode *clk, i
 
sc = clknode_get_softc(clk);
 
-   if (index < 0 || index > CLK_SRC_SEL_MAX)
+   if (index < 0 || index >= sc->parent_cnt)
return (ERANGE);
 
DEVICE_LOCK(sc);
@@ -170,7 +170,7 @@ aw_modclk_set_freq(struct clknode *clk, 
best_diff = (int64_t)*fout; 
best_src = 0;
 
-   for (src = 0; src < CLK_SRC_SEL_MAX; src++) {
+   for (src = 0; src < sc->parent_cnt; src++) {
error = clknode_set_parent_by_idx(clk, src);
if (error != 0)
continue;
@@ -299,6 +299,7 @@ aw_modclk_attach(device_t dev)
sc = clknode_get_softc(clk);
sc->reg = paddr;
sc->clkdev = device_get_parent(dev);
+   sc->parent_cnt = def.parent_cnt;
 
clknode_register(clkdom, clk);
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308232 - head/sys/dev/sdhci

[Justin Hibbits]

Author: jhibbits
Date: Wed Nov  2 23:44:30 2016
New Revision: 308232
URL: https://svnweb.freebsd.org/changeset/base/308232

Log:
  Since it's no longer accessing a powerpc-specific register, drop the #ifdef.

Modified:
  head/sys/dev/sdhci/fsl_sdhci.c

Modified: head/sys/dev/sdhci/fsl_sdhci.c
==
--- head/sys/dev/sdhci/fsl_sdhci.c  Wed Nov  2 23:43:18 2016
(r308231)
+++ head/sys/dev/sdhci/fsl_sdhci.c  Wed Nov  2 23:44:30 2016
(r308232)
@@ -869,12 +869,10 @@ fsl_sdhci_attach(device_t dev)
 *
 * XXX need named constants for this stuff.
 */
-#ifdef __powerpc__
/* P1022 has the '*_BRST_LEN' fields as reserved, always reading 0x10 */
if (ofw_bus_is_compatible(dev, "fsl,p1022-esdhc"))
WR4(sc, SDHC_WTMK_LVL, 0x10801080);
else
-#endif
WR4(sc, SDHC_WTMK_LVL, 0x08800880);
 
/*
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308231 - head/sys/dev/sdhci

[Justin Hibbits]

Author: jhibbits
Date: Wed Nov  2 23:43:18 2016
New Revision: 308231
URL: https://svnweb.freebsd.org/changeset/base/308231

Log:
  Fix the build.  protctl is only used on powerpc.
  
  While here, remove the need to check the SVR SPR, as others may be compatible
  with the p1022-esdhc type.

Replaced:
  head/sys/dev/sdhci/fsl_sdhci.c
 - copied, changed from r308095, head/sys/arm/freescale/imx/imx_sdhci.c

Copied and modified: head/sys/dev/sdhci/fsl_sdhci.c (from r308095, 
head/sys/arm/freescale/imx/imx_sdhci.c)
==
--- head/sys/arm/freescale/imx/imx_sdhci.c  Sat Oct 29 18:47:28 2016
(r308095, copy source)
+++ head/sys/dev/sdhci/fsl_sdhci.c  Wed Nov  2 23:43:18 2016
(r308231)
@@ -28,7 +28,7 @@
 __FBSDID("$FreeBSD$");
 
 /*
- * SDHCI driver glue for Freescale i.MX SoC family.
+ * SDHCI driver glue for Freescale i.MX SoC and QorIQ families.
  *
  * This supports both eSDHC (earlier SoCs) and uSDHC (more recent SoCs).
  */
@@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -52,9 +53,11 @@ __FBSDID("$FreeBSD$");
 
 #include 
 #include 
+#ifdef __arm__
 #include 
 
 #include 
+#endif
 
 #include 
 #include 
@@ -66,7 +69,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include "sdhci_if.h"
 
-struct imx_sdhci_softc {
+struct fsl_sdhci_softc {
device_tdev;
struct resource *   mem_res;
struct resource *   irq_res;
@@ -88,8 +91,8 @@ struct imx_sdhci_softc {
 #defineR1BFIX_AC12 2   /* Wait for busy after auto command 12. 
*/
 
 #defineHWTYPE_NONE 0   /* Hardware not recognized/supported. */
-#defineHWTYPE_ESDHC1   /* imx5x and earlier. */
-#defineHWTYPE_USDHC2   /* imx6. */
+#defineHWTYPE_ESDHC1   /* fsl5x and earlier. */
+#defineHWTYPE_USDHC2   /* fsl6. */
 
 /*
  * Freescale-specific registers, or in some cases the layout of bits within the
@@ -146,7 +149,6 @@ struct imx_sdhci_softc {
 #define SDHC_PROT_CDSS (1 << 7)
 
 #defineSDHC_SYS_CTRL   0x2c
-#defineSDHC_INT_STATUS 0x30
 
 /*
  * The clock enable bits exist in different registers for ESDHC vs USDHC, but
@@ -169,31 +171,32 @@ static struct ofw_compat_data compat_dat
{"fsl,imx6sl-usdhc",HWTYPE_USDHC},
{"fsl,imx53-esdhc", HWTYPE_ESDHC},
{"fsl,imx51-esdhc", HWTYPE_ESDHC},
+   {"fsl,esdhc",   HWTYPE_ESDHC},
{NULL,  HWTYPE_NONE},
 };
 
-static uint16_t imx_sdhc_get_clock(struct imx_sdhci_softc *sc);
-static void imx_sdhc_set_clock(struct imx_sdhci_softc *sc, uint16_t val);
-static void imx_sdhci_r1bfix_func(void *arg);
+static uint16_t fsl_sdhc_get_clock(struct fsl_sdhci_softc *sc);
+static void fsl_sdhc_set_clock(struct fsl_sdhci_softc *sc, uint16_t val);
+static void fsl_sdhci_r1bfix_func(void *arg);
 
 static inline uint32_t
-RD4(struct imx_sdhci_softc *sc, bus_size_t off)
+RD4(struct fsl_sdhci_softc *sc, bus_size_t off)
 {
 
return (bus_read_4(sc->mem_res, off));
 }
 
 static inline void
-WR4(struct imx_sdhci_softc *sc, bus_size_t off, uint32_t val)
+WR4(struct fsl_sdhci_softc *sc, bus_size_t off, uint32_t val)
 {
 
bus_write_4(sc->mem_res, off, val);
 }
 
 static uint8_t
-imx_sdhci_read_1(device_t dev, struct sdhci_slot *slot, bus_size_t off)
+fsl_sdhci_read_1(device_t dev, struct sdhci_slot *slot, bus_size_t off)
 {
-   struct imx_sdhci_softc *sc = device_get_softc(dev);
+   struct fsl_sdhci_softc *sc = device_get_softc(dev);
uint32_t val32, wrk32;
 
/*
@@ -246,9 +249,9 @@ imx_sdhci_read_1(device_t dev, struct sd
 }
 
 static uint16_t
-imx_sdhci_read_2(device_t dev, struct sdhci_slot *slot, bus_size_t off)
+fsl_sdhci_read_2(device_t dev, struct sdhci_slot *slot, bus_size_t off)
 {
-   struct imx_sdhci_softc *sc = device_get_softc(dev);
+   struct fsl_sdhci_softc *sc = device_get_softc(dev);
uint32_t val32;
 
if (sc->hwtype == HWTYPE_USDHC) {
@@ -297,16 +300,16 @@ imx_sdhci_read_2(device_t dev, struct sd
 * hardware type, complex enough to have their own function.
 */
if (off == SDHCI_CLOCK_CONTROL) {
-   return (imx_sdhc_get_clock(sc));
+   return (fsl_sdhc_get_clock(sc));
}
 
return ((RD4(sc, off & ~3) >> (off & 3) * 8) & 0x);
 }
 
 static uint32_t
-imx_sdhci_read_4(device_t dev, struct sdhci_slot *slot, bus_size_t off)
+fsl_sdhci_read_4(device_t dev, struct sdhci_slot *slot, bus_size_t off)
 {
-   struct imx_sdhci_softc *sc = device_get_softc(dev);
+   struct fsl_sdhci_softc *sc = device_get_softc(dev);
uint32_t val32, wrk32;
 
val32 = RD4(sc, off);
@@ -348,7 +351,7 @@ imx_sdhci_read_4(device_t dev, struct sd
}
 
/*
-* imx_sdhci_intr() can synthesize a 

svn commit: r308230 - head/sys/dev/ioat

[Conrad E. Meyer]

Author: cem
Date: Wed Nov  2 23:18:16 2016
New Revision: 308230
URL: https://svnweb.freebsd.org/changeset/base/308230

Log:
  ioat(4): Read CHANSTS register for suspended/halted checks
  
  The device doesn't accurately update the CHANCMP address with the device state
  when the device is suspended or halted.  So, read the CHANSTS register to 
check
  for those states.
  
  We still need to read the CHANCMP address for the last completed descriptor.
  
  Sponsored by: Dell EMC Isilon

Modified:
  head/sys/dev/ioat/ioat.c

Modified: head/sys/dev/ioat/ioat.c
==
--- head/sys/dev/ioat/ioat.cWed Nov  2 22:33:37 2016(r308229)
+++ head/sys/dev/ioat/ioat.cWed Nov  2 23:18:16 2016(r308230)
@@ -747,6 +747,12 @@ out:
wakeup(>tail);
}
 
+   /*
+* The device doesn't seem to reliably push suspend/halt statuses to
+* the channel completion memory address, so poll the device register
+* here.
+*/
+   comp_update = ioat_get_chansts(ioat) & IOAT_CHANSTS_STATUS;
if (!is_ioat_halted(comp_update) && !is_ioat_suspended(comp_update))
return;
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308229 - head/bin/sh/tests/execution

[Jilles Tjoelker]

Author: jilles
Date: Wed Nov  2 22:33:37 2016
New Revision: 308229
URL: https://svnweb.freebsd.org/changeset/base/308229

Log:
  sh: Add simple test for 'set -C' (noclobber).
  
  To ensure fast test runs, race conditions are not tested.

Added:
  head/bin/sh/tests/execution/set-C1.0   (contents, props changed)
Modified:
  head/bin/sh/tests/execution/Makefile

Modified: head/bin/sh/tests/execution/Makefile
==
--- head/bin/sh/tests/execution/MakefileWed Nov  2 20:57:20 2016
(r308228)
+++ head/bin/sh/tests/execution/MakefileWed Nov  2 22:33:37 2016
(r308229)
@@ -37,6 +37,7 @@ ${PACKAGE}FILES+= redir4.0
 ${PACKAGE}FILES+=  redir5.0
 ${PACKAGE}FILES+=  redir6.0
 ${PACKAGE}FILES+=  redir7.0
+${PACKAGE}FILES+=  set-C1.0
 ${PACKAGE}FILES+=  set-n1.0
 ${PACKAGE}FILES+=  set-n2.0
 ${PACKAGE}FILES+=  set-n3.0

Added: head/bin/sh/tests/execution/set-C1.0
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/bin/sh/tests/execution/set-C1.0Wed Nov  2 22:33:37 2016
(r308229)
@@ -0,0 +1,12 @@
+# $FreeBSD$
+
+T=$(mktemp -d "${TMPDIR:-/tmp}/sh-test.") || exit
+trap 'rm -rf "$T"' 0
+
+set -C
+echo . >"$T/a" &&
+[ -s "$T/a" ] &&
+{ ! true >"$T/a"; } 2>/dev/null &&
+[ -s "$T/a" ] &&
+ln -s /dev/null "$T/b" &&
+true >"$T/b"
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308228 - head/sys/kern

[Konstantin Belousov]

Author: kib
Date: Wed Nov  2 20:57:20 2016
New Revision: 308228
URL: https://svnweb.freebsd.org/changeset/base/308228

Log:
  Remove remnants of the recursive sleep support.  Instead assert that
  we never try to sleep while the thread is on a sleepqueue.
  
  Reviewed by:  jhb
  Tested by:pho
  Sponsored by: The FreeBSD Foundation
  MFC after:1 week
  Differential revision:https://reviews.freebsd.org/D8422

Modified:
  head/sys/kern/kern_synch.c

Modified: head/sys/kern/kern_synch.c
==
--- head/sys/kern/kern_synch.c  Wed Nov  2 19:18:24 2016(r308227)
+++ head/sys/kern/kern_synch.c  Wed Nov  2 20:57:20 2016(r308228)
@@ -170,13 +170,7 @@ _sleep(void *ident, struct lock_object *
catch = priority & PCATCH;
pri = priority & PRIMASK;
 
-   /*
-* If we are already on a sleep queue, then remove us from that
-* sleep queue first.  We have to do this to handle recursive
-* sleeps.
-*/
-   if (TD_ON_SLEEPQ(td))
-   sleepq_remove(td, td->td_wchan);
+   KASSERT(!TD_ON_SLEEPQ(td), ("recursive sleep"));
 
if ((uint8_t *)ident >= _wchan[0] &&
(uint8_t *)ident <= _wchan[MAXCPU - 1])
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308226 - in stable: 10/release/doc/share/xml 11/release/doc/share/xml 9/release/doc/share/xml

[Glen Barber]

Author: gjb
Date: Wed Nov  2 18:11:06 2016
New Revision: 308226
URL: https://svnweb.freebsd.org/changeset/base/308226

Log:
  Document SA-16:33-35.
  
  Sponsored by: The FreeBSD Foundation

Modified:
  stable/11/release/doc/share/xml/security.xml

Changes in other areas also in this revision:
Modified:
  stable/10/release/doc/share/xml/security.xml
  stable/9/release/doc/share/xml/security.xml

Modified: stable/11/release/doc/share/xml/security.xml
==
--- stable/11/release/doc/share/xml/security.xmlWed Nov  2 17:47:19 
2016(r308225)
+++ stable/11/release/doc/share/xml/security.xmlWed Nov  2 18:11:06 
2016(r308226)
@@ -24,6 +24,14 @@
25October2016
Privilege escalation vulnerability
   
+
+  
+   FreeBSD-SA-16:33.openssh
+   2November2016
+   Remote Denial of Service
+   vulnerability
+  
 
   
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308226 - in stable: 10/release/doc/share/xml 11/release/doc/share/xml 9/release/doc/share/xml

[Glen Barber]

Author: gjb
Date: Wed Nov  2 18:11:06 2016
New Revision: 308226
URL: https://svnweb.freebsd.org/changeset/base/308226

Log:
  Document SA-16:33-35.
  
  Sponsored by: The FreeBSD Foundation

Modified:
  stable/9/release/doc/share/xml/security.xml

Changes in other areas also in this revision:
Modified:
  stable/10/release/doc/share/xml/security.xml
  stable/11/release/doc/share/xml/security.xml

Modified: stable/9/release/doc/share/xml/security.xml
==
--- stable/9/release/doc/share/xml/security.xml Wed Nov  2 17:47:19 2016
(r308225)
+++ stable/9/release/doc/share/xml/security.xml Wed Nov  2 18:11:06 2016
(r308226)
@@ -496,6 +496,22 @@
10October2016
Multiple vulnerabilities
   
+
+  
+   FreeBSD-SA-16:34.bind
+   2November2016
+   Remote Denial of Service
+   vulnerability
+  
+
+  
+   FreeBSD-SA-16:35.openssl
+   2November2016
+   Remote Denial of Service
+   vulnerability
+  
 
   
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308226 - in stable: 10/release/doc/share/xml 11/release/doc/share/xml 9/release/doc/share/xml

[Glen Barber]

Author: gjb
Date: Wed Nov  2 18:11:06 2016
New Revision: 308226
URL: https://svnweb.freebsd.org/changeset/base/308226

Log:
  Document SA-16:33-35.
  
  Sponsored by: The FreeBSD Foundation

Modified:
  stable/10/release/doc/share/xml/security.xml

Changes in other areas also in this revision:
Modified:
  stable/11/release/doc/share/xml/security.xml
  stable/9/release/doc/share/xml/security.xml

Modified: stable/10/release/doc/share/xml/security.xml
==
--- stable/10/release/doc/share/xml/security.xmlWed Nov  2 17:47:19 
2016(r308225)
+++ stable/10/release/doc/share/xml/security.xmlWed Nov  2 18:11:06 
2016(r308226)
@@ -131,6 +131,22 @@
10October2016
Multiple vulnerabilities
   
+
+  
+   FreeBSD-SA-16:33.openssh
+   2November2016
+   Remote Denial of Service
+   vulnerability
+  
+
+  
+   FreeBSD-SA-16:35.openssl
+   2November2016
+   Remote Denial of Service
+   vulnerability
+  
 
   
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308225 - head/sys/dev/cpuctl

[Andriy Gapon]

Author: avg
Date: Wed Nov  2 17:47:19 2016
New Revision: 308225
URL: https://svnweb.freebsd.org/changeset/base/308225

Log:
  dev/cpuctl: put debug output under CPUCTL_DEBUG rather than DEBUG
  
  DEBUG is a well-known flag.
  It doesn't imply that there is a particular interest in cpuctl.
  
  MFC after:1 week

Modified:
  head/sys/dev/cpuctl/cpuctl.c

Modified: head/sys/dev/cpuctl/cpuctl.c
==
--- head/sys/dev/cpuctl/cpuctl.cWed Nov  2 17:34:33 2016
(r308224)
+++ head/sys/dev/cpuctl/cpuctl.cWed Nov  2 17:47:19 2016
(r308225)
@@ -57,7 +57,7 @@ static d_ioctl_t cpuctl_ioctl;
 
 #defineCPUCTL_VERSION 1
 
-#ifdef DEBUG
+#ifdef CPUCTL_DEBUG
 # define   DPRINTF(format,...) printf(format, __VA_ARGS__);
 #else
 # define   DPRINTF(...)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308224 - vendor-sys/illumos/dist/common/nvpair

[Andriy Gapon]

Author: avg
Date: Wed Nov  2 17:34:33 2016
New Revision: 308224
URL: https://svnweb.freebsd.org/changeset/base/308224

Log:
  5778 nvpair_type_is_array() does not recognize DATA_TYPE_INT8_ARRAY
  
  illumos/illumos-gate@bf4d553b8a4685dc5ba4549cc9ba6d94e9306a81
  
https://github.com/illumos/illumos-gate/commit/bf4d553b8a4685dc5ba4549cc9ba6d94e9306a81
  
  https://www.illumos.org/issues/5778
DATA_TYPE_INT8_ARRAY is missing from the array check in 
nvpair_type_is_array()
  
  Reviewed by: Matthew Ahrens 
  Reviewed by: Prakash Surya 
  Approved by: Dan McDonald 
  Author: Andriy Gapon 

Modified:
  vendor-sys/illumos/dist/common/nvpair/nvpair.c

Modified: vendor-sys/illumos/dist/common/nvpair/nvpair.c
==
--- vendor-sys/illumos/dist/common/nvpair/nvpair.c  Wed Nov  2 17:33:22 
2016(r308223)
+++ vendor-sys/illumos/dist/common/nvpair/nvpair.c  Wed Nov  2 17:34:33 
2016(r308224)
@@ -1230,6 +1230,7 @@ nvpair_type_is_array(nvpair_t *nvp)
data_type_t type = NVP_TYPE(nvp);
 
if ((type == DATA_TYPE_BYTE_ARRAY) ||
+   (type == DATA_TYPE_INT8_ARRAY) ||
(type == DATA_TYPE_UINT8_ARRAY) ||
(type == DATA_TYPE_INT16_ARRAY) ||
(type == DATA_TYPE_UINT16_ARRAY) ||
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308223 - vendor/illumos/dist/lib/libnvpair

[Andriy Gapon]

Author: avg
Date: Wed Nov  2 17:33:22 2016
New Revision: 308223
URL: https://svnweb.freebsd.org/changeset/base/308223

Log:
  5752 dump_nvlist() is not aware of boolean array
  
  illumos/illumos-gate@ee3c499ad1e4fc884a11b2bc6490787b788bf84a
  
https://github.com/illumos/illumos-gate/commit/ee3c499ad1e4fc884a11b2bc6490787b788bf84a
  
  https://www.illumos.org/issues/5752
dump_nvlist() is not aware of the boolean array value type:
bad config type 24 for "foobar"
  
  Reviewed by: Dan Kimmel 
  Reviewed by: Matthew Ahrens 
  Reviewed by: Will Andrews 
  Approved by: Robert Mustacchi 
  Author: Andriy Gapon 

Modified:
  vendor/illumos/dist/lib/libnvpair/libnvpair.c

Modified: vendor/illumos/dist/lib/libnvpair/libnvpair.c
==
--- vendor/illumos/dist/lib/libnvpair/libnvpair.c   Wed Nov  2 17:32:31 
2016(r308222)
+++ vendor/illumos/dist/lib/libnvpair/libnvpair.c   Wed Nov  2 17:33:22 
2016(r308223)
@@ -794,6 +794,7 @@ dump_nvlist(nvlist_t *list, int indent)
 {
nvpair_t*elem = NULL;
boolean_t   bool_value;
+   boolean_t   *bool_array_value;
nvlist_t*nvlist_value;
nvlist_t**nvlist_array_value;
uint_t  i, count;
@@ -854,6 +855,16 @@ dump_nvlist(nvlist_t *list, int indent)
NVP(elem, string, char *, char *, "'%s'");
break;
 
+   case DATA_TYPE_BOOLEAN_ARRAY:
+   (void) nvpair_value_boolean_array(elem,
+   _array_value, );
+   for (i = 0; i < count; i++) {
+   (void) printf("%*s%s[%d]: %s\n", indent, "",
+   nvpair_name(elem), i,
+   bool_array_value[i] ? "true" : "false");
+   }
+   break;
+
case DATA_TYPE_BYTE_ARRAY:
NVPA(elem, byte_array, uchar_t, int, "%u");
break;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308222 - vendor/illumos/dist/lib/libzfs_core/common

[Andriy Gapon]

Author: avg
Date: Wed Nov  2 17:32:31 2016
New Revision: 308222
URL: https://svnweb.freebsd.org/changeset/base/308222

Log:
  6051 lzc_receive: allow the caller to read the begin record
  
  illumos/illumos-gate@620f322510b2d6433f7f6af60fa52380c07756ad
  
https://github.com/illumos/illumos-gate/commit/620f322510b2d6433f7f6af60fa52380c07756ad
  
  https://www.illumos.org/issues/6051
Currently lzc_receive() requires that its snapname argument is a snapshot 
name
(contains '').
@zfs receive allows to specify just a dataset name and would try to deduce 
the
snapshot name from the stream.
I propose to allow lzc_receive() to do the same.
That seems to be quite easy to implement, it requires only a small amount of
logic, it does not require any additional system calls or any additional 
data
from the stream.
The benefit is that the new behavior would allow to keep the snapshot names 
the
same between the sender and receiver at zero cost, without a need to pass 
the
names out of band.
  
  Reviewed by: Matthew Ahrens 
  Reviewed by: Paul Dagnelie 
  Approved by: Robert Mustacchi 
  Author: Andriy Gapon 

Modified:
  vendor/illumos/dist/lib/libzfs_core/common/libzfs_core.c
  vendor/illumos/dist/lib/libzfs_core/common/libzfs_core.h

Modified: vendor/illumos/dist/lib/libzfs_core/common/libzfs_core.c
==
--- vendor/illumos/dist/lib/libzfs_core/common/libzfs_core.cWed Nov  2 
17:12:15 2016(r308221)
+++ vendor/illumos/dist/lib/libzfs_core/common/libzfs_core.cWed Nov  2 
17:32:31 2016(r308222)
@@ -549,8 +549,9 @@ recv_read(int fd, void *buf, int ilen)
 }
 
 static int
-lzc_receive_impl(const char *snapname, nvlist_t *props, const char *origin,
-boolean_t force, boolean_t resumable, int fd)
+recv_impl(const char *snapname, nvlist_t *props, const char *origin,
+boolean_t force, boolean_t resumable, int fd,
+const dmu_replay_record_t *begin_record)
 {
/*
 * The receive ioctl is still legacy, so we need to construct our own
@@ -595,9 +596,14 @@ lzc_receive_impl(const char *snapname, n
(void) strlcpy(zc.zc_string, origin, sizeof (zc.zc_string));
 
/* zc_begin_record is non-byteswapped BEGIN record */
-   error = recv_read(fd, _begin_record, sizeof (zc.zc_begin_record));
-   if (error != 0)
-   goto out;
+   if (begin_record == NULL) {
+   error = recv_read(fd, _begin_record,
+   sizeof (zc.zc_begin_record));
+   if (error != 0)
+   goto out;
+   } else {
+   zc.zc_begin_record = *begin_record;
+   }
 
/* zc_cookie is fd to read from */
zc.zc_cookie = fd;
@@ -638,7 +644,7 @@ int
 lzc_receive(const char *snapname, nvlist_t *props, const char *origin,
 boolean_t force, int fd)
 {
-   return (lzc_receive_impl(snapname, props, origin, force, B_FALSE, fd));
+   return (recv_impl(snapname, props, origin, force, B_FALSE, fd, NULL));
 }
 
 /*
@@ -651,7 +657,29 @@ int
 lzc_receive_resumable(const char *snapname, nvlist_t *props, const char 
*origin,
 boolean_t force, int fd)
 {
-   return (lzc_receive_impl(snapname, props, origin, force, B_TRUE, fd));
+   return (recv_impl(snapname, props, origin, force, B_TRUE, fd, NULL));
+}
+
+/*
+ * Like lzc_receive, but allows the caller to read the begin record and then to
+ * pass it in.  That could be useful if the caller wants to derive, for 
example,
+ * the snapname or the origin parameters based on the information contained in
+ * the begin record.
+ * The begin record must be in its original form as read from the stream,
+ * in other words, it should not be byteswapped.
+ *
+ * The 'resumable' parameter allows to obtain the same behavior as with
+ * lzc_receive_resumable.
+ */
+int
+lzc_receive_with_header(const char *snapname, nvlist_t *props,
+const char *origin, boolean_t force, boolean_t resumable, int fd,
+const dmu_replay_record_t *begin_record)
+{
+   if (begin_record == NULL)
+   return (EINVAL);
+   return (recv_impl(snapname, props, origin, force, resumable, fd,
+   begin_record));
 }
 
 /*

Modified: vendor/illumos/dist/lib/libzfs_core/common/libzfs_core.h
==
--- vendor/illumos/dist/lib/libzfs_core/common/libzfs_core.hWed Nov  2 
17:12:15 2016(r308221)
+++ vendor/illumos/dist/lib/libzfs_core/common/libzfs_core.hWed Nov  2 
17:32:31 2016(r308222)
@@ -68,10 +68,15 @@ enum lzc_send_flags {
 int lzc_send(const char *, const char *, int, enum lzc_send_flags);
 int lzc_send_resume(const char *, const char *, int,
 enum lzc_send_flags, uint64_t, uint64_t);
+int lzc_send_space(const char *, const char *, uint64_t *);
+
+struct 

svn commit: r308221 - head/sys/dev/ichiic

[Andriy Gapon]

Author: avg
Date: Wed Nov  2 17:12:15 2016
New Revision: 308221
URL: https://svnweb.freebsd.org/changeset/base/308221

Log:
  fix typo in a comment
  
  MFC after:5 weeks
  X-MFC with:   r308219

Modified:
  head/sys/dev/ichiic/ig4_iic.c

Modified: head/sys/dev/ichiic/ig4_iic.c
==
--- head/sys/dev/ichiic/ig4_iic.c   Wed Nov  2 17:07:18 2016
(r308220)
+++ head/sys/dev/ichiic/ig4_iic.c   Wed Nov  2 17:12:15 2016
(r308221)
@@ -37,7 +37,7 @@
 __FBSDID("$FreeBSD$");
 
 /*
- * Intel fourth generation mobile cpus integrated I2C deviceer.
+ * Intel fourth generation mobile cpus integrated I2C device.
  *
  * See ig4_reg.h for datasheet reference and notes.
  * See ig4_var.h for locking semantics.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308220 - head/sys/dev/smbus

[Andriy Gapon]

Author: avg
Date: Wed Nov  2 17:07:18 2016
New Revision: 308220
URL: https://svnweb.freebsd.org/changeset/base/308220

Log:
  smbus: remove the potentially very dangerous slave probing code
  
  MFC after:5 weeks

Modified:
  head/sys/dev/smbus/smbus.c

Modified: head/sys/dev/smbus/smbus.c
==
--- head/sys/dev/smbus/smbus.c  Wed Nov  2 17:04:00 2016(r308219)
+++ head/sys/dev/smbus/smbus.c  Wed Nov  2 17:07:18 2016(r308220)
@@ -50,7 +50,6 @@ struct smbus_ivar
 /*
  * Autoconfiguration and support routines for System Management bus
  */
-static void smbus_probe_device(device_t dev, u_char addr);
 
 static int
 smbus_probe(device_t dev)
@@ -65,13 +64,9 @@ static int
 smbus_attach(device_t dev)
 {
struct smbus_softc *sc = device_get_softc(dev);
-   unsigned char addr;
 
mtx_init(>lock, device_get_nameunit(dev), "smbus", MTX_DEF);
bus_generic_probe(dev);
-   for (addr = SMBUS_ADDR_MIN; addr < SMBUS_ADDR_MAX; ++addr) {
-   smbus_probe_device(dev, addr);
-   }
bus_enumerate_hinted_children(dev);
bus_generic_attach(dev);
 
@@ -98,30 +93,6 @@ smbus_generic_intr(device_t dev, u_char 
 {
 }
 
-static void
-smbus_probe_device(device_t dev, u_char addr)
-{
-   device_t child;
-   int error;
-   u_char cmd;
-   u_char buf[2];
-   struct smbus_ivar *devi;
-
-   cmd = 0x01;
-   error = smbus_trans(dev, addr, cmd,
-   SMB_TRANS_NOCNT | SMB_TRANS_NOREPORT,
-   NULL, 0, buf, 1, NULL);
-   if (error == 0) {
-   if (bootverbose)
-   device_printf(dev, "Probed address 0x%02x\n", addr);
-   child = BUS_ADD_CHILD(dev, SMBUS_ORDER_PNP, NULL, -1);
-   if (child == NULL)
-   return;
-   devi = device_get_ivars(child);
-   devi->addr = addr;
-   }
-}
-
 static device_t
 smbus_add_child(device_t dev, u_int order, const char *name, int unit)
 {
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308219 - head/sys/dev/ichiic

[Andriy Gapon]

Author: avg
Date: Wed Nov  2 17:04:00 2016
New Revision: 308219
URL: https://svnweb.freebsd.org/changeset/base/308219

Log:
  ichiic/ig4: completely disengage from smbus
  
  MFC after:5 weeks

Modified:
  head/sys/dev/ichiic/ig4_iic.c
  head/sys/dev/ichiic/ig4_pci.c
  head/sys/dev/ichiic/ig4_reg.h
  head/sys/dev/ichiic/ig4_var.h

Modified: head/sys/dev/ichiic/ig4_iic.c
==
--- head/sys/dev/ichiic/ig4_iic.c   Wed Nov  2 16:15:49 2016
(r308218)
+++ head/sys/dev/ichiic/ig4_iic.c   Wed Nov  2 17:04:00 2016
(r308219)
@@ -37,7 +37,7 @@
 __FBSDID("$FreeBSD$");
 
 /*
- * Intel fourth generation mobile cpus integrated I2C device, smbus driver.
+ * Intel fourth generation mobile cpus integrated I2C deviceer.
  *
  * See ig4_reg.h for datasheet reference and notes.
  * See ig4_var.h for locking semantics.
@@ -60,7 +60,6 @@ __FBSDID("$FreeBSD$");
 
 #include 
 #include 
-#include 
 #include 
 #include 
 
@@ -236,18 +235,13 @@ data_read(ig4iic_softc_t *sc)
  * the target address for when the controller later issues a START.
  */
 static void
-set_slave_addr(ig4iic_softc_t *sc, uint8_t slave, int trans_op)
+set_slave_addr(ig4iic_softc_t *sc, uint8_t slave)
 {
uint32_t tar;
uint32_t ctl;
int use_10bit;
 
-   use_10bit = sc->use_10bit;
-   if (trans_op & SMB_TRANS_7BIT)
-   use_10bit = 0;
-   if (trans_op & SMB_TRANS_10BIT)
-   use_10bit = 1;
-
+   use_10bit = 0;
if (sc->slave_valid && sc->last_slave == slave &&
sc->use_10bit == use_10bit) {
return;
@@ -291,208 +285,12 @@ set_slave_addr(ig4iic_softc_t *sc, uint8
 }
 
 /*
- * Issue START with byte command, possible count, and a variable length
- * read or write buffer, then possible turn-around read.  The read also
- * has a possible count received.
- *
- * For SMBUS -
- *
- * Quick:  START+ADDR+RD/WR STOP
- *
- * Normal: START+ADDR+WR CMD DATA..DATA STOP
- *
- * START+ADDR+RD CMD
- * RESTART+ADDR RDATA..RDATA STOP
- * (can also be used for I2C transactions)
- *
- * Process Call:   START+ADDR+WR CMD DATAL DATAH
- * RESTART+ADDR+RD RDATAL RDATAH STOP
- *
- * Block:  START+ADDR+RD CMD
- * RESTART+ADDR+RD RCOUNT DATA... STOP
- *
- * START+ADDR+WR CMD
- * RESTART+ADDR+WR WCOUNT DATA... STOP
- *
- * For I2C - basically, no *COUNT fields, possibly no *CMD field.  If the
- *  sender needs to issue a 2-byte command it will incorporate it
- *  into the write buffer and also set NOCMD.
- *
- * Generally speaking, the START+ADDR / RESTART+ADDR is handled automatically
- * by the controller at the beginning of a command sequence or on a data
- * direction turn-around, and we only need to tell it when to issue the STOP.
- */
-static int
-smb_transaction(ig4iic_softc_t *sc, char cmd, int op,
-   char *wbuf, int wcount, char *rbuf, int rcount, int *actualp)
-{
-   int error;
-   int unit;
-   uint32_t last;
-
-   /*
-* Debugging - dump registers
-*/
-   if (ig4_dump) {
-   unit = device_get_unit(sc->dev);
-   if (ig4_dump & (1 << unit)) {
-   ig4_dump &= ~(1 << unit);
-   ig4iic_dump(sc);
-   }
-   }
-
-   /*
-* Issue START or RESTART with next data byte, clear any previous
-* abort condition that may have been holding the txfifo in reset.
-*/
-   last = IG4_DATA_RESTART;
-   reg_read(sc, IG4_REG_CLR_TX_ABORT);
-   if (actualp)
-   *actualp = 0;
-
-   /*
-* Issue command if not told otherwise (smbus).
-*/
-   if ((op & SMB_TRANS_NOCMD) == 0) {
-   error = wait_status(sc, IG4_STATUS_TX_NOTFULL);
-   if (error)
-   goto done;
-   last |= (u_char)cmd;
-   if (wcount == 0 && rcount == 0 && (op & SMB_TRANS_NOSTOP) == 0)
-   last |= IG4_DATA_STOP;
-   reg_write(sc, IG4_REG_DATA_CMD, last);
-   last = 0;
-   }
-
-   /*
-* Clean out any previously received data.
-*/
-   if (sc->rpos != sc->rnext &&
-   (op & SMB_TRANS_NOREPORT) == 0) {
-   device_printf(sc->dev,
- "discarding %d bytes of spurious data\n",
- sc->rnext - sc->rpos);
-   }
-   sc->rpos = 0;
-   sc->rnext = 0;
-
-   /*
-* If writing and not told otherwise, issue the write count (smbus).
-*/
-   if (wcount && (op & SMB_TRANS_NOCNT) == 0) {
-   error = wait_status(sc, IG4_STATUS_TX_NOTFULL);
-   if (error)
-   goto done;
-   last |= 

Re: svn commit: r308181 - in head: . share/mk

[Brooks Davis]

On Wed, Nov 02, 2016 at 04:55:22AM -0230, Jonathan Anderson wrote:
> Hi,
> 
> On 1 Nov 2016, at 21:10, Dimitry Andric wrote:
> 
> > Please note, I reverted r307823 (which changed the suffixes from .bco
> > and .llo to .bc and .ll) in r308003, since it caused a number of ports
> > failures.  These ports were already using .ll as a suffix for C++ lex
> > scripts.
> 
> The changes to bsd.suffixes-posix.mk (included by sys.mk) would have affected 
> anything compiled with bmake, and indeed, I'd imagine that adding a .c->.ll 
> rule alongside .c->.o could cause problems with C++ lex rules. In fact, part 
> of brooks' original motivation for introducing .llo suffixes was to avoid 
> name conflicts (although conflicts with program IR like we're introducing in 
> this commit). The changes in this commit should only be picked up by things 
> that explicit include bsd.{lib,prog}.mk, however, and they also have slightly 
> more esoteric names (e.g., progname.full.ll) that are less likely to cause a 
> conflict. Perhaps I ought to have done an exp-run, but I suspect that this 
> commit will cause much less / no fallout. I don't suppose you have a list of 
> the ports that failed after your r307823 change so that I could do spot 
> checks?

As a bit of background, the original motivation for the .bco and .llo
files what that I wanted to differentiate between IR files produced from
single translation units (.c files) and IR files produced by llvm-link
so I didn't have to worry about things like name space collisions in the
case of transitions like:

  clang   llvm-link  opt  ld
(prog.c, utils.c) => (prog.llo, util.llo) => prog.ll => prog.o => prog

Part of the fun is that you might instead want:

  clang   opt ld
(prog.c, utils.c) => (prog.llo, util.llo) => (prog.o, util.o) => prog

and for extra fun you might insert instrumentation at any IR stage so
yet more suffixes may be required if your tools don't fit neatly into
clang, opt, etc plugins.

Make is lousy at this stuff so a certain about of ugliness is likely
to remain required.

-- Brooks


signature.asc
Description: PGP signature

svn commit: r308218 - in head: sys/dev/cpuctl usr.sbin/cpucontrol

[Andriy Gapon]

Author: avg
Date: Wed Nov  2 16:15:49 2016
New Revision: 308218
URL: https://svnweb.freebsd.org/changeset/base/308218

Log:
  Add support for microcode update on newer AMD CPUs (10h+)
  
  This includes new code for parsing microcode files as well as
  the kernel-side change to apply the update on all processors
  at the same time.
  
  Developed with help from Borislav Petkov, formerly b...@amd64.org.
  
  Tested using Athlon II X2 processor on a system where BIOS does
  not have the latest microcode version:
  /boot/firmware/microcode_amd.bin: updating cpu /dev/cpuctl0 to revision 
0x1c7... done.
  
  The microcode file is taken from here:
  https://web.archive.org/web/20160528230514/http://www.amd64.org/microcode.html
  (note that the original site seems to be down at the moment)
  It can also be found here:
  
https://git.kernel.org/cgit/linux/kernel/git/firmware/linux-firmware.git/tree/amd-ucode
  
  Reviewed by:  kib, stas
  MFC after:2 weeks
  Relnotes: maybe
  Differential Revision: https://reviews.freebsd.org/D8384

Added:
  head/usr.sbin/cpucontrol/amd10h.c   (contents, props changed)
Modified:
  head/sys/dev/cpuctl/cpuctl.c
  head/usr.sbin/cpucontrol/Makefile
  head/usr.sbin/cpucontrol/amd.h
  head/usr.sbin/cpucontrol/cpucontrol.c

Modified: head/sys/dev/cpuctl/cpuctl.c
==
--- head/sys/dev/cpuctl/cpuctl.cWed Nov  2 15:13:25 2016
(r308217)
+++ head/sys/dev/cpuctl/cpuctl.cWed Nov  2 16:15:49 2016
(r308218)
@@ -377,13 +377,24 @@ fail:
return (ret);
 }
 
+/*
+ * NB: MSR 0xc0010020, MSR_K8_UCODE_UPDATE, is not documented by AMD.
+ * Coreboot, illumos and Linux source code was used to understand
+ * its workings.
+ */
+static void
+amd_ucode_wrmsr(void *ucode_ptr)
+{
+   uint32_t tmp[4];
+
+   wrmsr_safe(MSR_K8_UCODE_UPDATE, (uintptr_t)ucode_ptr);
+   do_cpuid(0, tmp);
+}
+
 static int
 update_amd(int cpu, cpuctl_update_args_t *args, struct thread *td)
 {
-   void *ptr = NULL;
-   uint32_t tmp[4];
-   int is_bound = 0;
-   int oldcpu;
+   void *ptr;
int ret;
 
if (args->size == 0 || args->data == NULL) {
@@ -394,41 +405,23 @@ update_amd(int cpu, cpuctl_update_args_t
DPRINTF("[cpuctl,%d]: firmware image too large", __LINE__);
return (EINVAL);
}
+
/*
-* XXX Might not require contignous address space - needs check
+* 16 byte alignment required.  Rely on the fact that
+* malloc(9) always returns the pointer aligned at least on
+* the size of the allocation.
 */
-   ptr = contigmalloc(args->size, M_CPUCTL, 0, 0, 0x, 16, 0);
-   if (ptr == NULL) {
-   DPRINTF("[cpuctl,%d]: cannot allocate %zd bytes of memory",
-   __LINE__, args->size);
-   return (ENOMEM);
-   }
+   ptr = malloc(args->size + 16, M_CPUCTL, M_ZERO | M_WAITOK);
if (copyin(args->data, ptr, args->size) != 0) {
DPRINTF("[cpuctl,%d]: copyin %p->%p of %zd bytes failed",
__LINE__, args->data, ptr, args->size);
ret = EFAULT;
goto fail;
}
-   oldcpu = td->td_oncpu;
-   is_bound = cpu_sched_is_bound(td);
-   set_cpu(cpu, td);
-   critical_enter();
-
-   /*
-* Perform update.
-*/
-   wrmsr_safe(MSR_K8_UCODE_UPDATE, (uintptr_t)ptr);
-
-   /*
-* Serialize instruction flow.
-*/
-   do_cpuid(0, tmp);
-   critical_exit();
-   restore_cpu(oldcpu, is_bound, td);
+   smp_rendezvous(NULL, amd_ucode_wrmsr, NULL, ptr);
ret = 0;
 fail:
-   if (ptr != NULL)
-   contigfree(ptr, args->size, M_CPUCTL);
+   free(ptr, M_CPUCTL);
return (ret);
 }
 

Modified: head/usr.sbin/cpucontrol/Makefile
==
--- head/usr.sbin/cpucontrol/Makefile   Wed Nov  2 15:13:25 2016
(r308217)
+++ head/usr.sbin/cpucontrol/Makefile   Wed Nov  2 16:15:49 2016
(r308218)
@@ -2,7 +2,7 @@
 
 PROG=  cpucontrol
 MAN=   cpucontrol.8
-SRCS=  cpucontrol.c intel.c amd.c via.c
+SRCS=  cpucontrol.c intel.c amd.c amd10h.c via.c
 
 NO_WCAST_ALIGN=
 

Modified: head/usr.sbin/cpucontrol/amd.h
==
--- head/usr.sbin/cpucontrol/amd.h  Wed Nov  2 15:13:25 2016
(r308217)
+++ head/usr.sbin/cpucontrol/amd.h  Wed Nov  2 16:15:49 2016
(r308218)
@@ -33,6 +33,8 @@
  */
 ucode_probe_t  amd_probe;
 ucode_update_t amd_update;
+ucode_probe_t  amd10h_probe;
+ucode_update_t amd10h_update;
 
 typedef struct amd_fw_header {
uint32_tdate;   /* Update creation date. */
@@ -46,4 +48,45 @@ typedef struct amd_fw_header {
 
 #defineAMD_MAGIC   0xaa
 
+/*
+ * AMD family 10h and later.
+ */

svn commit: r308217 - in head/sys/dev: mpr mps

[Scott Long]

Author: scottl
Date: Wed Nov  2 15:13:25 2016
New Revision: 308217
URL: https://svnweb.freebsd.org/changeset/base/308217

Log:
  Add a fallback to the device mapper logic.  We've seen systems in the field
  that are apparently misconfigured by the manufacturer and cause the mapping
  logic to fail.  The fallback allows drive numbers to be assigned based on the
  PHY number that they're attached to.  Add sysctls and tunables to overrid
  this new behavior, but they should be considered only necessary for debugging.
  
  Reviewed by:   imp, smh
  Obtained from:Netflix
  MFC after:3 days
  Sponsored by: D8403

Modified:
  head/sys/dev/mpr/mpr.c
  head/sys/dev/mpr/mpr_sas_lsi.c
  head/sys/dev/mpr/mprvar.h
  head/sys/dev/mps/mps.c
  head/sys/dev/mps/mps_sas_lsi.c
  head/sys/dev/mps/mpsvar.h

Modified: head/sys/dev/mpr/mpr.c
==
--- head/sys/dev/mpr/mpr.c  Wed Nov  2 15:11:23 2016(r308216)
+++ head/sys/dev/mpr/mpr.c  Wed Nov  2 15:13:25 2016(r308217)
@@ -1376,6 +1376,7 @@ mpr_get_tunables(struct mpr_softc *sc)
sc->max_io_pages = MPR_MAXIO_PAGES;
sc->enable_ssu = MPR_SSU_ENABLE_SSD_DISABLE_HDD;
sc->spinup_wait_time = DEFAULT_SPINUP_WAIT;
+   sc->use_phynum = 1;
 
/*
 * Grab the global variables.
@@ -1387,6 +1388,7 @@ mpr_get_tunables(struct mpr_softc *sc)
TUNABLE_INT_FETCH("hw.mpr.max_io_pages", >max_io_pages);
TUNABLE_INT_FETCH("hw.mpr.enable_ssu", >enable_ssu);
TUNABLE_INT_FETCH("hw.mpr.spinup_wait_time", >spinup_wait_time);
+   TUNABLE_INT_FETCH("hw.mpr.use_phy_num", >use_phynum);
 
/* Grab the unit-instance variables */
snprintf(tmpstr, sizeof(tmpstr), "dev.mpr.%d.debug_level",
@@ -1421,6 +1423,10 @@ mpr_get_tunables(struct mpr_softc *sc)
snprintf(tmpstr, sizeof(tmpstr), "dev.mpr.%d.spinup_wait_time",
device_get_unit(sc->mpr_dev));
TUNABLE_INT_FETCH(tmpstr, >spinup_wait_time);
+
+   snprintf(tmpstr, sizeof(tmpstr), "dev.mpr.%d.use_phy_num",
+   device_get_unit(sc->mpr_dev));
+   TUNABLE_INT_FETCH(tmpstr, >use_phynum);
 }
 
 static void
@@ -1510,6 +1516,10 @@ mpr_setup_sysctl(struct mpr_softc *sc)
OID_AUTO, "spinup_wait_time", CTLFLAG_RD,
>spinup_wait_time, DEFAULT_SPINUP_WAIT, "seconds to wait for "
"spinup after SATA ID error");
+
+   SYSCTL_ADD_INT(sysctl_ctx, SYSCTL_CHILDREN(sysctl_tree),
+   OID_AUTO, "use_phy_num", CTLFLAG_RD, >use_phynum, 0,
+   "Use the phy number for enumeration");
 }
 
 int

Modified: head/sys/dev/mpr/mpr_sas_lsi.c
==
--- head/sys/dev/mpr/mpr_sas_lsi.c  Wed Nov  2 15:11:23 2016
(r308216)
+++ head/sys/dev/mpr/mpr_sas_lsi.c  Wed Nov  2 15:13:25 2016
(r308217)
@@ -757,13 +757,24 @@ mprsas_add_device(struct mpr_softc *sc, 
}
}
 
-   id = mpr_mapping_get_sas_id(sc, sas_address, handle);
+   /*
+* use_phynum:
+*  1 - use the PhyNum field as a fallback to the mapping logic
+*  0 - never use the PhyNum field
+* -1 - only use the PhyNum field
+*/
+   id = MPR_MAP_BAD_ID;
+   if (sc->use_phynum != -1) 
+   id = mpr_mapping_get_sas_id(sc, sas_address, handle);
if (id == MPR_MAP_BAD_ID) {
-   printf("failure at %s:%d/%s()! Could not get ID for device "
-   "with handle 0x%04x\n", __FILE__, __LINE__, __func__,
-   handle);
-   error = ENXIO;
-   goto out;
+   if ((sc->use_phynum == 0)
+|| ((id = config_page.PhyNum) > sassc->maxtargets)) {
+   mpr_dprint(sc, MPR_INFO, "failure at %s:%d/%s()! "
+   "Could not get ID for device with handle 0x%04x\n",
+   __FILE__, __LINE__, __func__, handle);
+   error = ENXIO;
+   goto out;
+   }
}
 
if (mprsas_check_id(sassc, id) != 0) {
@@ -772,9 +783,16 @@ mprsas_add_device(struct mpr_softc *sc, 
goto out;
}
 
+   targ = >targets[id];
+   if (targ->handle != 0x0) {
+   mpr_dprint(sc, MPR_MAPPING, "Attempting to reuse target id "
+   "%d handle 0x%04x\n", id, targ->handle);
+   error = ENXIO;
+   goto out;
+   }
+
mpr_dprint(sc, MPR_MAPPING, "SAS Address from SAS device page0 = %jx\n",
sas_address);
-   targ = >targets[id];
targ->devinfo = device_info;
targ->devname = le32toh(config_page.DeviceName.High);
targ->devname = (targ->devname << 32) | 

Modified: head/sys/dev/mpr/mprvar.h
==
--- head/sys/dev/mpr/mprvar.h   Wed Nov  2 15:11:23 

svn commit: r308216 - head/usr.sbin/rtadvd

[Fabien Thomas]

Author: fabient
Date: Wed Nov  2 15:11:23 2016
New Revision: 308216
URL: https://svnweb.freebsd.org/changeset/base/308216

Log:
  In rtadvd, interface lookup calls if_indextoname() many times in a loop,
  (it takes a long time on systems with many interfaces)
  without reason and without checking its return value.
  
  Reviewed by: cem
  Obtained from: Maryse Levavasseur 
  MFC after: 1 month
  Sponsored by: Stormshield
  Differential Revision: https://reviews.freebsd.org/D6979

Modified:
  head/usr.sbin/rtadvd/if.c

Modified: head/usr.sbin/rtadvd/if.c
==
--- head/usr.sbin/rtadvd/if.c   Wed Nov  2 14:25:30 2016(r308215)
+++ head/usr.sbin/rtadvd/if.c   Wed Nov  2 15:11:23 2016(r308216)
@@ -470,11 +470,18 @@ update_ifinfo(struct ifilist_head_t *ifi
ifindex != ifm->ifm_index)
continue;
 
+   /* ifname */
+   if (if_indextoname(ifm->ifm_index, ifname) == NULL) {
+   syslog(LOG_WARNING,
+   "<%s> ifname not found (idx=%d)",
+   __func__, ifm->ifm_index);
+   continue;
+   }
+
/* lookup an entry with the same ifindex */
TAILQ_FOREACH(ifi, ifi_head, ifi_next) {
if (ifm->ifm_index == ifi->ifi_ifindex)
break;
-   if_indextoname(ifm->ifm_index, ifname);
if (strncmp(ifname, ifi->ifi_ifname,
sizeof(ifname)) == 0)
break;
@@ -493,15 +500,7 @@ update_ifinfo(struct ifilist_head_t *ifi
ifi->ifi_ifindex = ifm->ifm_index;
 
/* ifname */
-   if_indextoname(ifm->ifm_index, ifi->ifi_ifname);
-   if (ifi->ifi_ifname == NULL) {
-   syslog(LOG_WARNING,
-   "<%s> ifname not found (idx=%d)",
-   __func__, ifm->ifm_index);
-   if (ifi_new)
-   free(ifi);
-   continue;
-   }
+   strlcpy(ifi->ifi_ifname, ifname, IFNAMSIZ);
 
if ((s = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) {
syslog(LOG_ERR,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308215 - head/sys/dev/e1000

[Sean Bruno]

Author: sbruno
Date: Wed Nov  2 14:25:30 2016
New Revision: 308215
URL: https://svnweb.freebsd.org/changeset/base/308215

Log:
  Removed unused M_TSO_LEN.
  
  MFC after:2 weeks

Modified:
  head/sys/dev/e1000/if_em.c

Modified: head/sys/dev/e1000/if_em.c
==
--- head/sys/dev/e1000/if_em.c  Wed Nov  2 13:11:19 2016(r308214)
+++ head/sys/dev/e1000/if_em.c  Wed Nov  2 14:25:30 2016(r308215)
@@ -365,7 +365,6 @@ MODULE_DEPEND(em, netmap, 1, 1, 1);
 
 #define EM_TICKS_TO_USECS(ticks)   ((1024 * (ticks) + 500) / 1000)
 #define EM_USECS_TO_TICKS(usecs)   ((1000 * (usecs) + 512) / 1024)
-#define M_TSO_LEN  66
 
 #define MAX_INTS_PER_SEC   8000
 #define DEFAULT_ITR(10/(MAX_INTS_PER_SEC * 256))
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r308181 - in head: . share/mk

[Jonathan Anderson]

On 2 Nov 2016, at 6:11, Antoine Brodin wrote:

On Wed, Nov 2, 2016 at 7:53 AM, Dimitry Andric  
wrote:


Hi Antoine, you pointed me at some of these port failures due to the 
.ll

change, do you still have a list of them?


The failures were:

http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/super-smack-1.3_2.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/dprog-0.3.1_2.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/ebnf2yacc-0.1.1.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/gnuchess-6.2.3.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/bugle-0.0.20100508_2.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/hfst-3.8.2.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/grap-1.45.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/g-cows-1.12.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/worker-3.8.4.log


Thanks very much for that list. I've checked all of these ports with the 
new IR binary and library changes, and they all build successfully. So, 
I propose that we keep the new use of .bc and .ll within 
bsd.{lib,prog}.mk, as those changes only affect consumers that 
explicitly include these makefiles (vs the sys.mk changes that affect 
everybody).



Jon
--
Jonathan Anderson
jonat...@freebsd.org
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r308200 - in stable: 10/crypto/openssl/ssl 9/crypto/openssl/ssl

[Oliver Pinter]

On 11/2/16, Cy Schubert  wrote:
> In message <201611020709.ua279wm3070...@repo.freebsd.org>, Xin LI writes:
>> Author: delphij
>> Date: Wed Nov  2 07:09:31 2016
>> New Revision: 308200
>> URL: https://svnweb.freebsd.org/changeset/base/308200
>>
>> Log:
>>   Backport OpenSSL commit af58be768ebb690f78530f796e92b8ae5c9a4401:
>>
>> Don't allow too many consecutive warning alerts
>>
>> Certain warning alerts are ignored if they are received. This can mean
>> th
>> at
>> no progress will be made if one peer continually sends those warning
>> aler
>> ts.
>> Implement a count so that we abort the connection if we receive too
>> many.
>>
>> Issue reported by Shi Lei.
>>
>>   This is a direct commit to stable/10 and stable/9.
>>
>>   Security:  CVE-2016-8610
>>
>> Modified:
>>   stable/10/crypto/openssl/ssl/d1_pkt.c
>>   stable/10/crypto/openssl/ssl/s3_pkt.c
>>   stable/10/crypto/openssl/ssl/ssl.h
>>   stable/10/crypto/openssl/ssl/ssl3.h
>>   stable/10/crypto/openssl/ssl/ssl_locl.h
>>
>> Changes in other areas also in this revision:
>> Modified:
>>   stable/9/crypto/openssl/ssl/d1_pkt.c
>>   stable/9/crypto/openssl/ssl/s3_pkt.c
>>   stable/9/crypto/openssl/ssl/ssl.h
>>   stable/9/crypto/openssl/ssl/ssl3.h
>>   stable/9/crypto/openssl/ssl/ssl_locl.h
>>
>> Modified: stable/10/crypto/openssl/ssl/d1_pkt.c
>> =
>> =
>> --- stable/10/crypto/openssl/ssl/d1_pkt.cWed Nov  2 06:58:47 2016
>>  (r308199)
>> +++ stable/10/crypto/openssl/ssl/d1_pkt.cWed Nov  2 07:09:31 2016
>>  (r308200)
>> @@ -924,6 +924,13 @@ int dtls1_read_bytes(SSL *s, int type, u
>>  goto start;
>>  }
>>
>> +/*
>> + * Reset the count of consecutive warning alerts if we've got a
>> non-empt
>> y
>> + * record that isn't an alert.
>> + */
>> +if (rr->type != SSL3_RT_ALERT && rr->length != 0)
>> +s->s3->alert_count = 0;
>> +
>>  /* we now have a packet which can be read and processed */
>>
>>  if (s->s3->change_cipher_spec /* set when we receive
>> ChangeCipherSpec,
>> @@ -1190,6 +1197,14 @@ int dtls1_read_bytes(SSL *s, int type, u
>>
>>  if (alert_level == SSL3_AL_WARNING) {
>>  s->s3->warn_alert = alert_descr;
>> +
>> +s->s3->alert_count++;
>> +if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
>> +al = SSL_AD_UNEXPECTED_MESSAGE;
>> +SSLerr(SSL_F_DTLS1_READ_BYTES,
>> SSL_R_TOO_MANY_WARN_ALERTS);
>> +goto f_err;
>> +}
>> +
>>  if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
>>  #ifndef OPENSSL_NO_SCTP
>>  /*
>>
>> Modified: stable/10/crypto/openssl/ssl/s3_pkt.c
>> =
>> =
>> --- stable/10/crypto/openssl/ssl/s3_pkt.cWed Nov  2 06:58:47 2016
>>  (r308199)
>> +++ stable/10/crypto/openssl/ssl/s3_pkt.cWed Nov  2 07:09:31 2016
>>  (r308200)
>> @@ -1057,6 +1057,13 @@ int ssl3_read_bytes(SSL *s, int type, un
>>  return (ret);
>>  }
>>
>> +/*
>> + * Reset the count of consecutive warning alerts if we've got a
>> non-empt
>> y
>> + * record that isn't an alert.
>> + */
>> +if (rr->type != SSL3_RT_ALERT && rr->length != 0)
>> +s->s3->alert_count = 0;
>> +
>>  /* we now have a packet which can be read and processed */
>>
>>  if (s->s3->change_cipher_spec /* set when we receive
>> ChangeCipherSpec,
>> @@ -1271,6 +1278,14 @@ int ssl3_read_bytes(SSL *s, int type, un
>>
>>  if (alert_level == SSL3_AL_WARNING) {
>>  s->s3->warn_alert = alert_descr;
>> +
>> +s->s3->alert_count++;
>> +if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
>> +al = SSL_AD_UNEXPECTED_MESSAGE;
>> +SSLerr(SSL_F_SSL3_READ_BYTES,
>> SSL_R_TOO_MANY_WARN_ALERTS);
>> +goto f_err;
>> +}
>> +
>>  if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
>>  s->shutdown |= SSL_RECEIVED_SHUTDOWN;
>>  return (0);
>>
>> Modified: stable/10/crypto/openssl/ssl/ssl.h
>> =
>> =
>> --- stable/10/crypto/openssl/ssl/ssl.h   Wed Nov  2 06:58:47 2016
>>  (r308199)
>> +++ stable/10/crypto/openssl/ssl/ssl.h   Wed Nov  2 07:09:31 2016
>>  (r308200)
>> @@ -2717,6 +2717,7 @@ void ERR_load_SSL_strings(void);
>>  # define SSL_R_TLS_HEARTBEAT_PENDING  366
>>  # define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
>>  # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
>> +# define SSL_R_TOO_MANY_WARN_ALERTS   409
>>  # define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
>>  # define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG234
>>  # define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER

Re: svn commit: r308200 - in stable: 10/crypto/openssl/ssl 9/crypto/openssl/ssl

[Cy Schubert]

In message <201611020709.ua279wm3070...@repo.freebsd.org>, Xin LI writes:
> Author: delphij
> Date: Wed Nov  2 07:09:31 2016
> New Revision: 308200
> URL: https://svnweb.freebsd.org/changeset/base/308200
> 
> Log:
>   Backport OpenSSL commit af58be768ebb690f78530f796e92b8ae5c9a4401:
>   
> Don't allow too many consecutive warning alerts
>   
> Certain warning alerts are ignored if they are received. This can mean th
> at
> no progress will be made if one peer continually sends those warning aler
> ts.
> Implement a count so that we abort the connection if we receive too many.
>   
> Issue reported by Shi Lei.
>   
>   This is a direct commit to stable/10 and stable/9.
>   
>   Security:   CVE-2016-8610
> 
> Modified:
>   stable/10/crypto/openssl/ssl/d1_pkt.c
>   stable/10/crypto/openssl/ssl/s3_pkt.c
>   stable/10/crypto/openssl/ssl/ssl.h
>   stable/10/crypto/openssl/ssl/ssl3.h
>   stable/10/crypto/openssl/ssl/ssl_locl.h
> 
> Changes in other areas also in this revision:
> Modified:
>   stable/9/crypto/openssl/ssl/d1_pkt.c
>   stable/9/crypto/openssl/ssl/s3_pkt.c
>   stable/9/crypto/openssl/ssl/ssl.h
>   stable/9/crypto/openssl/ssl/ssl3.h
>   stable/9/crypto/openssl/ssl/ssl_locl.h
> 
> Modified: stable/10/crypto/openssl/ssl/d1_pkt.c
> =
> =
> --- stable/10/crypto/openssl/ssl/d1_pkt.c Wed Nov  2 06:58:47 2016
>   (r308199)
> +++ stable/10/crypto/openssl/ssl/d1_pkt.c Wed Nov  2 07:09:31 2016
>   (r308200)
> @@ -924,6 +924,13 @@ int dtls1_read_bytes(SSL *s, int type, u
>  goto start;
>  }
>  
> +/*
> + * Reset the count of consecutive warning alerts if we've got a non-empt
> y
> + * record that isn't an alert.
> + */
> +if (rr->type != SSL3_RT_ALERT && rr->length != 0)
> +s->s3->alert_count = 0;
> +
>  /* we now have a packet which can be read and processed */
>  
>  if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
> @@ -1190,6 +1197,14 @@ int dtls1_read_bytes(SSL *s, int type, u
>  
>  if (alert_level == SSL3_AL_WARNING) {
>  s->s3->warn_alert = alert_descr;
> +
> +s->s3->alert_count++;
> +if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
> +al = SSL_AD_UNEXPECTED_MESSAGE;
> +SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
> +goto f_err;
> +}
> +
>  if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
>  #ifndef OPENSSL_NO_SCTP
>  /*
> 
> Modified: stable/10/crypto/openssl/ssl/s3_pkt.c
> =
> =
> --- stable/10/crypto/openssl/ssl/s3_pkt.c Wed Nov  2 06:58:47 2016
>   (r308199)
> +++ stable/10/crypto/openssl/ssl/s3_pkt.c Wed Nov  2 07:09:31 2016
>   (r308200)
> @@ -1057,6 +1057,13 @@ int ssl3_read_bytes(SSL *s, int type, un
>  return (ret);
>  }
>  
> +/*
> + * Reset the count of consecutive warning alerts if we've got a non-empt
> y
> + * record that isn't an alert.
> + */
> +if (rr->type != SSL3_RT_ALERT && rr->length != 0)
> +s->s3->alert_count = 0;
> +
>  /* we now have a packet which can be read and processed */
>  
>  if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
> @@ -1271,6 +1278,14 @@ int ssl3_read_bytes(SSL *s, int type, un
>  
>  if (alert_level == SSL3_AL_WARNING) {
>  s->s3->warn_alert = alert_descr;
> +
> +s->s3->alert_count++;
> +if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
> +al = SSL_AD_UNEXPECTED_MESSAGE;
> +SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
> +goto f_err;
> +}
> +
>  if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
>  s->shutdown |= SSL_RECEIVED_SHUTDOWN;
>  return (0);
> 
> Modified: stable/10/crypto/openssl/ssl/ssl.h
> =
> =
> --- stable/10/crypto/openssl/ssl/ssl.hWed Nov  2 06:58:47 2016
>   (r308199)
> +++ stable/10/crypto/openssl/ssl/ssl.hWed Nov  2 07:09:31 2016
>   (r308200)
> @@ -2717,6 +2717,7 @@ void ERR_load_SSL_strings(void);
>  # define SSL_R_TLS_HEARTBEAT_PENDING  366
>  # define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
>  # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
> +# define SSL_R_TOO_MANY_WARN_ALERTS   409
>  # define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
>  # define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG234
>  # define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER235
> 
> Modified: stable/10/crypto/openssl/ssl/ssl3.h
> =
> =
> --- 

svn commit: r308214 - head/sys/arm/conf

[Andrew Turner]

Author: andrew
Date: Wed Nov  2 13:11:19 2016
New Revision: 308214
URL: https://svnweb.freebsd.org/changeset/base/308214

Log:
  Add BeagleBone Black support to GENERIC on armv6.
  
  Reviewed by:  mmel, imp
  Relnotes: yes
  Sponsored by: ABT Systems Ltd
  Differential Revision:https://reviews.freebsd.org/D8335

Modified:
  head/sys/arm/conf/GENERIC

Modified: head/sys/arm/conf/GENERIC
==
--- head/sys/arm/conf/GENERIC   Wed Nov  2 13:10:08 2016(r308213)
+++ head/sys/arm/conf/GENERIC   Wed Nov  2 13:11:19 2016(r308214)
@@ -21,6 +21,7 @@
 ident  GENERIC
 
 cpuCPU_CORTEXA_MP
+cpuCPU_CORTEXA8
 machinearm armv6
 makeoptionsCONF_CFLAGS="-march=armv7a"
 
@@ -37,6 +38,8 @@ files "../broadcom/bcm2835/files.bcm283
 files  "../broadcom/bcm2835/files.bcm283x"
 files  "../nvidia/tegra124/files.tegra124"
 files  "../qemu/files.qemu"
+files  "../ti/files.ti"
+files  "../ti/am335x/files.am335x"
 
 optionsSOC_ALLWINNER_A20
 optionsSOC_ALLWINNER_A31
@@ -44,6 +47,7 @@ options   SOC_ALLWINNER_A31S
 optionsSOC_ALLWINNER_A83T
 optionsSOC_ALLWINNER_H3
 optionsSOC_BCM2836
+optionsSOC_TI_AM335X
 
 optionsSCHED_ULE   # ULE scheduler
 optionsSMP # Enable multiple cores
@@ -66,6 +70,9 @@ devicecpufreq
 optionsINTRNG
 device gic
 
+# PMU support (for CCNT).
+device pmu
+
 # ARM Generic Timer
 device generic_timer
 
@@ -113,9 +120,14 @@ device axp81x  # AXP813/818 
Power Mana
 device bcm2835_bsc
 device icee
 device sy8106a # SY8106A Buck Regulator
+device ti_i2c
+device am335x_pmic # AM335x Power Management IC (TPC65217)
+device am335x_rtc  # RTC support (power management only)
+#defineam335x_dmtpps   # Pulse Per Second capture driver
 
 # GPIO
 device gpio
+device gpiobacklight
 device gpioled
 device gpioregulator
 
@@ -128,6 +140,16 @@ device aw_cir
 # SPI
 device spibus
 device bcm2835_spi
+device ti_spi
+
+# ADC support
+device ti_adc
+
+# Watchdog support
+# If we don't enable the watchdog driver, the BealeBone could potentially
+# reboot automatically because the boot loader might have enabled the
+# watchdog.
+device ti_wdt
 
 device scbus   # SCSI bus (required for ATA/SCSI)
 device da  # Direct Access (disks)
@@ -141,11 +163,16 @@ deviceusb
 device ohci
 device ehci
 device dwcotg  # DWC OTG controller
+device musb
 
 device umass   # Disks/Mass storage - Requires scbus 
and da
 device uhid# "Human Interface Devices"
 device ukbd# Allow keyboard like HIDs to control 
console
 
+# Device mode support and USFS template
+device usb_template# Control of the gadget
+device usfs
+
 # Ethernet
 device loop
 device ether
@@ -176,6 +203,12 @@ device vchiq
 # Pinmux
 device fdt_pinctrl
 
+# TI Programmable Realtime Unit support
+device ti_pruss
+
+# Mailbox support
+device ti_mbox
+
 # Extensible Firmware Interface
 optionsEFI
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308212 - in head/sys: fs/nfsserver kern sys

[Konstantin Belousov]

Author: kib
Date: Wed Nov  2 12:43:15 2016
New Revision: 308212
URL: https://svnweb.freebsd.org/changeset/base/308212

Log:
  Allow some dotdot lookups in capability mode.
  
  If dotdot lookup does not escape from the file descriptor passed as
  the lookup root, we can allow the component traversal.  Track the
  directories traversed, and check the result of dotdot lookup against
  the recorded list of the directory vnodes.
  
  Dotdot lookups are enabled by sysctl vfs.lookup_cap_dotdot, currently
  disabled by default until more verification of the approach is done.
  
  Disallow non-local filesystems for dotdot, since remote server might
  conspire with the local process to allow it to escape the namespace.
  This might be too cautious, provide the knob
  vfs.lookup_cap_dotdot_nonlocal to override as well.
  
  Idea by:  rwatson
  Discussed with:   emaste, jonathan, rwatson
  Reviewed by:  mjg (previous version)
  Tested by:pho (previous version)
  Sponsored by: The FreeBSD Foundation
  MFC after:2 week
  Differential revision:https://reviews.freebsd.org/D8110

Modified:
  head/sys/fs/nfsserver/nfs_nfsdport.c
  head/sys/kern/vfs_lookup.c
  head/sys/kern/vfs_syscalls.c
  head/sys/sys/namei.h

Modified: head/sys/fs/nfsserver/nfs_nfsdport.c
==
--- head/sys/fs/nfsserver/nfs_nfsdport.cWed Nov  2 12:10:39 2016
(r308211)
+++ head/sys/fs/nfsserver/nfs_nfsdport.cWed Nov  2 12:43:15 2016
(r308212)
@@ -350,7 +350,7 @@ nfsvno_namei(struct nfsrv_descript *nd, 
 
*retdirp = NULL;
cnp->cn_nameptr = cnp->cn_pnbuf;
-   ndp->ni_strictrelative = 0;
+   ndp->ni_lcf = 0;
/*
 * Extract and set starting directory.
 */

Modified: head/sys/kern/vfs_lookup.c
==
--- head/sys/kern/vfs_lookup.c  Wed Nov  2 12:10:39 2016(r308211)
+++ head/sys/kern/vfs_lookup.c  Wed Nov  2 12:43:15 2016(r308212)
@@ -79,12 +79,22 @@ uma_zone_t namei_zone;
 /* Placeholder vnode for mp traversal. */
 static struct vnode *vp_crossmp;
 
+struct nameicap_tracker {
+   struct vnode *dp;
+   TAILQ_ENTRY(nameicap_tracker) nm_link;
+};
+
+/* Zone for cap mode tracker elements used for dotdot capability checks. */
+static uma_zone_t nt_zone;
+
 static void
 nameiinit(void *dummy __unused)
 {
 
namei_zone = uma_zcreate("NAMEI", MAXPATHLEN, NULL, NULL, NULL, NULL,
UMA_ALIGN_PTR, 0);
+   nt_zone = uma_zcreate("rentr", sizeof(struct nameicap_tracker),
+   NULL, NULL, NULL, NULL, sizeof(void *), 0);
getnewvnode("crossmp", NULL, _vnodeops, _crossmp);
vn_lock(vp_crossmp, LK_EXCLUSIVE);
VN_LOCK_ASHARE(vp_crossmp);
@@ -96,6 +106,76 @@ static int lookup_shared = 1;
 SYSCTL_INT(_vfs, OID_AUTO, lookup_shared, CTLFLAG_RWTUN, _shared, 0,
 "enables shared locks for path name translation");
 
+/*
+ * Intent is that lookup_cap_dotdot becomes unconditionally enabled,
+ * but it defaults to the disabled state until verification efforts
+ * are complete.
+ */
+static int lookup_cap_dotdot = 0;
+SYSCTL_INT(_vfs, OID_AUTO, lookup_cap_dotdot, CTLFLAG_RWTUN,
+_cap_dotdot, 0,
+"enables \"..\" components in path lookup in capability mode");
+static int lookup_cap_dotdot_nonlocal = 0;
+SYSCTL_INT(_vfs, OID_AUTO, lookup_cap_dotdot_nonlocal, CTLFLAG_RWTUN,
+_cap_dotdot_nonlocal, 0,
+"enables \"..\" components in path lookup in capability mode "
+"on non-local mount");
+
+static void
+nameicap_tracker_add(struct nameidata *ndp, struct vnode *dp)
+{
+   struct nameicap_tracker *nt;
+
+   if ((ndp->ni_lcf & NI_LCF_CAP_DOTDOT) == 0 || dp->v_type != VDIR)
+   return;
+   nt = uma_zalloc(nt_zone, M_WAITOK);
+   vhold(dp);
+   nt->dp = dp;
+   TAILQ_INSERT_TAIL(>ni_cap_tracker, nt, nm_link);
+}
+
+static void
+nameicap_cleanup(struct nameidata *ndp)
+{
+   struct nameicap_tracker *nt, *nt1;
+
+   KASSERT(TAILQ_EMPTY(>ni_cap_tracker) ||
+   (ndp->ni_lcf & NI_LCF_CAP_DOTDOT) != 0, ("not strictrelative"));
+   TAILQ_FOREACH_SAFE(nt, >ni_cap_tracker, nm_link, nt1) {
+   TAILQ_REMOVE(>ni_cap_tracker, nt, nm_link);
+   vdrop(nt->dp);
+   uma_zfree(nt_zone, nt);
+   }
+}
+
+/*
+ * For dotdot lookups in capability mode, only allow the component
+ * lookup to succeed if the resulting directory was already traversed
+ * during the operation.  Also fail dotdot lookups for non-local
+ * filesystems, where external agents might assist local lookups to
+ * escape the compartment.
+ */
+static int
+nameicap_check_dotdot(struct nameidata *ndp, struct vnode *dp)
+{
+   struct nameicap_tracker *nt;
+   struct mount *mp;
+
+   if ((ndp->ni_lcf & NI_LCF_CAP_DOTDOT) == 0 || dp == NULL ||
+   dp->v_type != VDIR)
+   return (0);
+   mp 

svn commit: r308211 - head/sys/kern

[Konstantin Belousov]

Author: kib
Date: Wed Nov  2 12:10:39 2016
New Revision: 308211
URL: https://svnweb.freebsd.org/changeset/base/308211

Log:
  Remove tautological casts.
  
  Sponsored by: The FreeBSD Foundation
  MFC after:1 week

Modified:
  head/sys/kern/vfs_lookup.c

Modified: head/sys/kern/vfs_lookup.c
==
--- head/sys/kern/vfs_lookup.c  Wed Nov  2 12:02:31 2016(r308210)
+++ head/sys/kern/vfs_lookup.c  Wed Nov  2 12:10:39 2016(r308211)
@@ -188,11 +188,11 @@ namei(struct nameidata *ndp)
if ((cnp->cn_flags & HASBUF) == 0)
cnp->cn_pnbuf = uma_zalloc(namei_zone, M_WAITOK);
if (ndp->ni_segflg == UIO_SYSSPACE)
-   error = copystr(ndp->ni_dirp, cnp->cn_pnbuf,
-   MAXPATHLEN, (size_t *)>ni_pathlen);
+   error = copystr(ndp->ni_dirp, cnp->cn_pnbuf, MAXPATHLEN,
+   >ni_pathlen);
else
-   error = copyinstr(ndp->ni_dirp, cnp->cn_pnbuf,
-   MAXPATHLEN, (size_t *)>ni_pathlen);
+   error = copyinstr(ndp->ni_dirp, cnp->cn_pnbuf, MAXPATHLEN,
+   >ni_pathlen);
 
/*
 * Don't allow empty pathnames.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308210 - head/sys/kern

[Konstantin Belousov]

Author: kib
Date: Wed Nov  2 12:02:31 2016
New Revision: 308210
URL: https://svnweb.freebsd.org/changeset/base/308210

Log:
  Style fixes.
  
  Discussed with:   emaste
  Sponsored by: The FreeBSD Foundation
  MFC after:1 week

Modified:
  head/sys/kern/vfs_lookup.c

Modified: head/sys/kern/vfs_lookup.c
==
--- head/sys/kern/vfs_lookup.c  Wed Nov  2 09:43:19 2016(r308209)
+++ head/sys/kern/vfs_lookup.c  Wed Nov  2 12:02:31 2016(r308210)
@@ -73,13 +73,10 @@ SDT_PROBE_DEFINE3(vfs, namei, lookup, en
 "unsigned long");
 SDT_PROBE_DEFINE2(vfs, namei, lookup, return, "int", "struct vnode *");
 
-/*
- * Allocation zone for namei
- */
+/* Allocation zone for namei. */
 uma_zone_t namei_zone;
-/*
- * Placeholder vnode for mp traversal
- */
+
+/* Placeholder vnode for mp traversal. */
 static struct vnode *vp_crossmp;
 
 static void
@@ -97,11 +94,12 @@ SYSINIT(vfs, SI_SUB_VFS, SI_ORDER_SECOND
 
 static int lookup_shared = 1;
 SYSCTL_INT(_vfs, OID_AUTO, lookup_shared, CTLFLAG_RWTUN, _shared, 0,
-"Enables/Disables shared locks for path name translation");
+"enables shared locks for path name translation");
 
 static void
 namei_cleanup_cnp(struct componentname *cnp)
 {
+
uma_zfree(namei_zone, cnp->cn_pnbuf);
 #ifdef DIAGNOSTIC
cnp->cn_pnbuf = NULL;
@@ -158,12 +156,16 @@ namei(struct nameidata *ndp)
char *cp;   /* pointer into pathname argument */
struct vnode *dp;   /* the directory we are searching */
struct iovec aiov;  /* uio for reading symbolic links */
+   struct componentname *cnp;
+   struct thread *td;
+   struct proc *p;
+   cap_rights_t rights;
struct uio auio;
int error, linklen, startdir_used;
-   struct componentname *cnp = >ni_cnd;
-   struct thread *td = cnp->cn_thread;
-   struct proc *p = td->td_proc;
 
+   cnp = >ni_cnd;
+   td = cnp->cn_thread;
+   p = td->td_proc;
ndp->ni_cnd.cn_cred = ndp->ni_cnd.cn_thread->td_ucred;
KASSERT(cnp->cn_cred && p, ("namei: bad cred/proc"));
KASSERT((cnp->cn_nameiop & (~OPMASK)) == 0,
@@ -258,8 +260,6 @@ namei(struct nameidata *ndp)
dp = fdp->fd_cdir;
VREF(dp);
} else {
-   cap_rights_t rights;
-
rights = ndp->ni_rightsneeded;
cap_rights_set(, CAP_LOOKUP);
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308209 - head/sys/kern

[Edward Tomasz Napierala]

Author: trasz
Date: Wed Nov  2 09:43:19 2016
New Revision: 308209
URL: https://svnweb.freebsd.org/changeset/base/308209

Log:
  Fix getfsstat(2) with MNT_WAIT to not skip filesystems that are in the
  process of being unmounted.  Previously it would skip them, even if the
  unmount eventually failed eg due to the filesystem being busy.
  
  This behaviour broke autounmountd(8) - if you tried to manually unmount
  a mounted filesystem, using 'automount -u', and the autounmountd attempted
  to refresh the filesystem list in that very moment, it would conclude that
  the filesystem got unmounted and not try to unmount it afterwards.
  
  Reviewed by:  kib@
  Tested by:pho@
  MFC after:1 month
  Differential Revision:https://reviews.freebsd.org/D8030

Modified:
  head/sys/kern/vfs_syscalls.c

Modified: head/sys/kern/vfs_syscalls.c
==
--- head/sys/kern/vfs_syscalls.cWed Nov  2 08:46:04 2016
(r308208)
+++ head/sys/kern/vfs_syscalls.cWed Nov  2 09:43:19 2016
(r308209)
@@ -446,16 +446,19 @@ kern_getfsstat(struct thread *td, struct
 size_t *countp, enum uio_seg bufseg, int flags)
 {
struct mount *mp, *nmp;
-   struct statfs *sfsp, *sp, sb;
+   struct statfs *sfsp, *sp, sb, *tofree;
size_t count, maxcount;
int error;
 
+restart:
maxcount = bufsize / sizeof(struct statfs);
-   if (bufsize == 0)
+   if (bufsize == 0) {
sfsp = NULL;
-   else if (bufseg == UIO_USERSPACE)
+   tofree = NULL;
+   } else if (bufseg == UIO_USERSPACE) {
sfsp = *buf;
-   else /* if (bufseg == UIO_SYSSPACE) */ {
+   tofree = NULL;
+   } else /* if (bufseg == UIO_SYSSPACE) */ {
count = 0;
mtx_lock(_mtx);
TAILQ_FOREACH(mp, , mnt_list) {
@@ -464,8 +467,8 @@ kern_getfsstat(struct thread *td, struct
mtx_unlock(_mtx);
if (maxcount > count)
maxcount = count;
-   sfsp = *buf = malloc(maxcount * sizeof(struct statfs), M_TEMP,
-   M_WAITOK);
+   tofree = sfsp = *buf = malloc(maxcount * sizeof(struct statfs),
+   M_TEMP, M_WAITOK);
}
count = 0;
mtx_lock(_mtx);
@@ -480,9 +483,24 @@ kern_getfsstat(struct thread *td, struct
continue;
}
 #endif
-   if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK)) {
-   nmp = TAILQ_NEXT(mp, mnt_list);
-   continue;
+   if (flags == MNT_WAIT) {
+   if (vfs_busy(mp, MBF_MNTLSTLOCK) != 0) {
+   /*
+* If vfs_busy() failed, and MBF_NOWAIT
+* wasn't passed, then the mp is gone.
+* Furthermore, because of MBF_MNTLSTLOCK,
+* the mountlist_mtx was dropped.  We have
+* no other choice than to start over.
+*/
+   mtx_unlock(_mtx);
+   free(tofree, M_TEMP);
+   goto restart;
+   }
+   } else {
+   if (vfs_busy(mp, MBF_NOWAIT | MBF_MNTLSTLOCK) != 0) {
+   nmp = TAILQ_NEXT(mp, mnt_list);
+   continue;
+   }
}
if (sfsp && count < maxcount) {
sp = >mnt_stat;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r308181 - in head: . share/mk

[Antoine Brodin]

On Wed, Nov 2, 2016 at 7:53 AM, Dimitry Andric  wrote:
> On 02 Nov 2016, at 08:25, Jonathan Anderson  wrote:
>>
>> On 1 Nov 2016, at 21:10, Dimitry Andric wrote:
>>
>>> Please note, I reverted r307823 (which changed the suffixes from .bco
>>> and .llo to .bc and .ll) in r308003, since it caused a number of ports
>>> failures.  These ports were already using .ll as a suffix for C++ lex
>>> scripts.
>>
>> The changes to bsd.suffixes-posix.mk (included by sys.mk) would have 
>> affected anything compiled with bmake, and indeed, I'd imagine that adding a 
>> .c->.ll rule alongside .c->.o could cause problems with C++ lex rules. In 
>> fact, part of brooks' original motivation for introducing .llo suffixes was 
>> to avoid name conflicts (although conflicts with program IR like we're 
>> introducing in this commit). The changes in this commit should only be 
>> picked up by things that explicit include bsd.{lib,prog}.mk, however, and 
>> they also have slightly more esoteric names (e.g., progname.full.ll) that 
>> are less likely to cause a conflict. Perhaps I ought to have done an 
>> exp-run, but I suspect that this commit will cause much less / no fallout. I 
>> don't suppose you have a list of the ports that failed after your r307823 
>> change so that I could do spot checks?
>
> Hi Antoine, you pointed me at some of these port failures due to the .ll
> change, do you still have a list of them?

The failures were:

http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/super-smack-1.3_2.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/dprog-0.3.1_2.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/ebnf2yacc-0.1.1.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/gnuchess-6.2.3.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/bugle-0.0.20100508_2.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/hfst-3.8.2.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/grap-1.45.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/g-cows-1.12.log
http://gohan2.ysv.freebsd.org/data/head-amd64-default-baseline/p424659_s307951/logs/worker-3.8.4.log

Antoine
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308208 - stable/11/sys/ufs/ffs

[Konstantin Belousov]

Author: kib
Date: Wed Nov  2 08:46:04 2016
New Revision: 308208
URL: https://svnweb.freebsd.org/changeset/base/308208

Log:
  MFC r307626:
  Add FFS pager, which uses buffer cache read operation to validate pages.
  
  For now, the pager is disabled by default in the stable branch.

Modified:
  stable/11/sys/ufs/ffs/ffs_vnops.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/ufs/ffs/ffs_vnops.c
==
--- stable/11/sys/ufs/ffs/ffs_vnops.c   Wed Nov  2 08:41:01 2016
(r308207)
+++ stable/11/sys/ufs/ffs/ffs_vnops.c   Wed Nov  2 08:46:04 2016
(r308208)
@@ -77,6 +77,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -86,6 +87,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
@@ -102,8 +104,9 @@ __FBSDID("$FreeBSD$");
 #ifdef DIRECTIO
 extern int ffs_rawread(struct vnode *vp, struct uio *uio, int *workdone);
 #endif
-static vop_fsync_t ffs_fsync;
 static vop_fdatasync_t ffs_fdatasync;
+static vop_fsync_t ffs_fsync;
+static vop_getpages_t  ffs_getpages;
 static vop_lock1_t ffs_lock;
 static vop_read_t  ffs_read;
 static vop_write_t ffs_write;
@@ -119,13 +122,12 @@ static vop_openextattr_t  ffs_openextattr
 static vop_setextattr_tffs_setextattr;
 static vop_vptofh_tffs_vptofh;
 
-
 /* Global vfs data structures for ufs. */
 struct vop_vector ffs_vnodeops1 = {
.vop_default =  _vnodeops,
.vop_fsync =ffs_fsync,
.vop_fdatasync =ffs_fdatasync,
-   .vop_getpages = vnode_pager_local_getpages,
+   .vop_getpages = ffs_getpages,
.vop_getpages_async =   vnode_pager_local_getpages_async,
.vop_lock1 =ffs_lock,
.vop_read = ffs_read,
@@ -147,7 +149,7 @@ struct vop_vector ffs_vnodeops2 = {
.vop_default =  _vnodeops,
.vop_fsync =ffs_fsync,
.vop_fdatasync =ffs_fdatasync,
-   .vop_getpages = vnode_pager_local_getpages,
+   .vop_getpages = ffs_getpages,
.vop_getpages_async =   vnode_pager_local_getpages_async,
.vop_lock1 =ffs_lock,
.vop_read = ffs_read,
@@ -1784,3 +1786,165 @@ vop_vptofh {
ufhp->ufid_gen = ip->i_gen;
return (0);
 }
+
+SYSCTL_DECL(_vfs_ffs);
+static int use_buf_pager = 0;
+SYSCTL_INT(_vfs_ffs, OID_AUTO, use_buf_pager, CTLFLAG_RWTUN, _buf_pager, 0,
+"Always use buffer pager instead of bmap");
+static int buf_pager_relbuf;
+SYSCTL_INT(_vfs_ffs, OID_AUTO, buf_pager_relbuf, CTLFLAG_RWTUN,
+_pager_relbuf, 0,
+"Make buffer pager release buffers after reading");
+
+/*
+ * The FFS pager.  It uses buffer reads to validate pages.
+ *
+ * In contrast to the generic local pager from vm/vnode_pager.c, this
+ * pager correctly and easily handles volumes where the underlying
+ * device block size is greater than the machine page size.  The
+ * buffer cache transparently extends the requested page run to be
+ * aligned at the block boundary, and does the necessary bogus page
+ * replacements in the addends to avoid obliterating already valid
+ * pages.
+ *
+ * The only non-trivial issue is that the exclusive busy state for
+ * pages, which is assumed by the vm_pager_getpages() interface, is
+ * incompatible with the VMIO buffer cache's desire to share-busy the
+ * pages.  This function performs a trivial downgrade of the pages'
+ * state before reading buffers, and a less trivial upgrade from the
+ * shared-busy to excl-busy state after the read.
+ */
+static int
+ffs_getpages(struct vop_getpages_args *ap)
+{
+   struct vnode *vp;
+   vm_page_t *ma, m;
+   vm_object_t object;
+   struct buf *bp;
+   struct ufsmount *um;
+   ufs_lbn_t lbn, lbnp;
+   vm_ooffset_t la, lb;
+   long bsize;
+   int bo_bs, count, error, i;
+   bool redo, lpart;
+
+   vp = ap->a_vp;
+   ma = ap->a_m;
+   count = ap->a_count;
+
+   um = VFSTOUFS(ap->a_vp->v_mount);
+   bo_bs = um->um_devvp->v_bufobj.bo_bsize;
+   if (!use_buf_pager && bo_bs <= PAGE_SIZE)
+   return (vnode_pager_generic_getpages(vp, ma, count,
+   ap->a_rbehind, ap->a_rahead, NULL, NULL));
+
+   object = vp->v_object;
+   la = IDX_TO_OFF(ma[count - 1]->pindex);
+   if (la >= object->un_pager.vnp.vnp_size)
+   return (VM_PAGER_BAD);
+   lpart = la + PAGE_SIZE > object->un_pager.vnp.vnp_size;
+   if (ap->a_rbehind != NULL) {
+   lb = IDX_TO_OFF(ma[0]->pindex);
+   *ap->a_rbehind = OFF_TO_IDX(lb - rounddown2(lb, bo_bs));
+   }
+   if (ap->a_rahead != NULL) {
+   *ap->a_rahead = OFF_TO_IDX(roundup2(la, bo_bs) - la);
+   if (la + IDX_TO_OFF(*ap->a_rahead) >=
+   

svn commit: r308207 - stable/11/sys/dev/e1000

[Konstantin Belousov]

Author: kib
Date: Wed Nov  2 08:41:01 2016
New Revision: 308207
URL: https://svnweb.freebsd.org/changeset/base/308207

Log:
  MFC r307649:
  Partial workaround for Intel PCI adapters reading past the end of the
  host-programmed DMA regions.

Modified:
  stable/11/sys/dev/e1000/if_lem.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/dev/e1000/if_lem.c
==
--- stable/11/sys/dev/e1000/if_lem.cWed Nov  2 08:12:37 2016
(r308206)
+++ stable/11/sys/dev/e1000/if_lem.cWed Nov  2 08:41:01 2016
(r308207)
@@ -591,8 +591,16 @@ lem_attach(device_t dev)
}
 #endif /* NIC_PARAVIRT */
 
-   tsize = roundup2(adapter->num_tx_desc * sizeof(struct e1000_tx_desc),
-   EM_DBA_ALIGN);
+   /*
+* It seems that the descriptor DMA engine on some PCI cards
+* fetches memory past the end of the last descriptor in the
+* ring.  These reads are problematic when VT-d (DMAR) busdma
+* is used.  Allocate the scratch space to avoid getting
+* faults from DMAR, by requesting scratch memory for one more
+* descriptor.
+*/
+   tsize = roundup2((adapter->num_tx_desc + 1) *
+   sizeof(struct e1000_tx_desc), EM_DBA_ALIGN);
 
/* Allocate Transmit Descriptor ring */
if (lem_dma_malloc(adapter, tsize, >txdma, BUS_DMA_NOWAIT)) {
@@ -603,8 +611,11 @@ lem_attach(device_t dev)
adapter->tx_desc_base = 
(struct e1000_tx_desc *)adapter->txdma.dma_vaddr;
 
-   rsize = roundup2(adapter->num_rx_desc * sizeof(struct e1000_rx_desc),
-   EM_DBA_ALIGN);
+   /*
+* See comment above txdma allocation for rationale behind +1.
+*/
+   rsize = roundup2((adapter->num_rx_desc + 1) *
+   sizeof(struct e1000_rx_desc), EM_DBA_ALIGN);
 
/* Allocate Receive Descriptor ring */
if (lem_dma_malloc(adapter, rsize, >rxdma, BUS_DMA_NOWAIT)) {
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308206 - head/usr.sbin/autofs

[Edward Tomasz Napierala]

Author: trasz
Date: Wed Nov  2 08:12:37 2016
New Revision: 308206
URL: https://svnweb.freebsd.org/changeset/base/308206

Log:
  Make autounmountd(8) not die when traced with "truss -p".
  
  MFC after:1 month

Modified:
  head/usr.sbin/autofs/autounmountd.c

Modified: head/usr.sbin/autofs/autounmountd.c
==
--- head/usr.sbin/autofs/autounmountd.c Wed Nov  2 07:24:34 2016
(r308205)
+++ head/usr.sbin/autofs/autounmountd.c Wed Nov  2 08:12:37 2016
(r308206)
@@ -244,8 +244,11 @@ do_wait(int kq, double sleep_time)
log_debugx("waiting for filesystem event");
nevents = kevent(kq, NULL, 0, , 1, NULL);
}
-   if (nevents < 0)
+   if (nevents < 0) {
+   if (errno == EINTR)
+   return;
log_err(1, "kevent");
+   }
 
if (nevents == 0) {
log_debugx("timeout reached");
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r308181 - in head: . share/mk

[Dimitry Andric]

On 02 Nov 2016, at 08:25, Jonathan Anderson  wrote:
> 
> On 1 Nov 2016, at 21:10, Dimitry Andric wrote:
> 
>> Please note, I reverted r307823 (which changed the suffixes from .bco
>> and .llo to .bc and .ll) in r308003, since it caused a number of ports
>> failures.  These ports were already using .ll as a suffix for C++ lex
>> scripts.
> 
> The changes to bsd.suffixes-posix.mk (included by sys.mk) would have affected 
> anything compiled with bmake, and indeed, I'd imagine that adding a .c->.ll 
> rule alongside .c->.o could cause problems with C++ lex rules. In fact, part 
> of brooks' original motivation for introducing .llo suffixes was to avoid 
> name conflicts (although conflicts with program IR like we're introducing in 
> this commit). The changes in this commit should only be picked up by things 
> that explicit include bsd.{lib,prog}.mk, however, and they also have slightly 
> more esoteric names (e.g., progname.full.ll) that are less likely to cause a 
> conflict. Perhaps I ought to have done an exp-run, but I suspect that this 
> commit will cause much less / no fallout. I don't suppose you have a list of 
> the ports that failed after your r307823 change so that I could do spot 
> checks?

Hi Antoine, you pointed me at some of these port failures due to the .ll
change, do you still have a list of them?

-Dimitry



signature.asc
Description: Message signed with OpenPGP using GPGMail

svn commit: r308205 - in releng/9.3: . contrib/bind9/lib/dns crypto/openssl/ssl sys/conf

[Xin LI]

Author: delphij
Date: Wed Nov  2 07:24:34 2016
New Revision: 308205
URL: https://svnweb.freebsd.org/changeset/base/308205

Log:
  Fix BIND remote Denial of Service vulnerability. [SA-16:34]
  
  Fix OpenSSL remote DoS vulnerability. [SA-16:35]
  
  Security: FreeBSD-SA-16:34.bind
  Security: FreeBSD-SA-16:35.openssl
  Approved by:  so

Modified:
  releng/9.3/UPDATING
  releng/9.3/contrib/bind9/lib/dns/resolver.c
  releng/9.3/crypto/openssl/ssl/d1_pkt.c
  releng/9.3/crypto/openssl/ssl/s3_pkt.c
  releng/9.3/crypto/openssl/ssl/ssl.h
  releng/9.3/crypto/openssl/ssl/ssl3.h
  releng/9.3/crypto/openssl/ssl/ssl_locl.h
  releng/9.3/sys/conf/newvers.sh

Modified: releng/9.3/UPDATING
==
--- releng/9.3/UPDATING Wed Nov  2 07:24:14 2016(r308204)
+++ releng/9.3/UPDATING Wed Nov  2 07:24:34 2016(r308205)
@@ -11,6 +11,13 @@ handbook:
 Items affecting the ports and packages system can be found in
 /usr/ports/UPDATING.  Please read that file before running portupgrade.
 
+20161102   p50 FreeBSD-SA-16:34.bind
+   FreeBSD-SA-16:35.openssl
+
+   Fix BIND remote Denial of Service vulnerability. [SA-16:34]
+
+   Fix OpenSSL remote DoS vulnerability. [SA-16:35]
+
 20161025   p49 FreeBSD-SA-16:15.sysarch [revised]
 
Fix incorrect argument validation in sysarch(2). [SA-16:15]

Modified: releng/9.3/contrib/bind9/lib/dns/resolver.c
==
--- releng/9.3/contrib/bind9/lib/dns/resolver.c Wed Nov  2 07:24:14 2016
(r308204)
+++ releng/9.3/contrib/bind9/lib/dns/resolver.c Wed Nov  2 07:24:34 2016
(r308205)
@@ -524,7 +524,9 @@ valcreate(fetchctx_t *fctx, dns_adbaddri
valarg->addrinfo = addrinfo;
 
if (!ISC_LIST_EMPTY(fctx->validators))
-   INSIST((valoptions & DNS_VALIDATOR_DEFER) != 0);
+   valoptions |= DNS_VALIDATOR_DEFER;
+   else
+   valoptions &= ~DNS_VALIDATOR_DEFER;
 
result = dns_validator_create(fctx->res->view, name, type, rdataset,
  sigrdataset, fctx->rmessage,
@@ -4849,13 +4851,6 @@ cache_name(fetchctx_t *fctx, dns_name_t 
   rdataset,
   sigrdataset,
   valoptions, task);
-   /*
-* Defer any further validations.
-* This prevents multiple validators
-* from manipulating fctx->rmessage
-* simultaneously.
-*/
-   valoptions |= DNS_VALIDATOR_DEFER;
}
} else if (CHAINING(rdataset)) {
if (rdataset->type == dns_rdatatype_cname)
@@ -4961,6 +4956,11 @@ cache_name(fetchctx_t *fctx, dns_name_t 
   eresult == DNS_R_NCACHENXRRSET);
}
event->result = eresult;
+   if (adbp != NULL && *adbp != NULL) {
+   if (anodep != NULL && *anodep != NULL)
+   dns_db_detachnode(*adbp, anodep);
+   dns_db_detach(adbp);
+   }
dns_db_attach(fctx->cache, adbp);
dns_db_transfernode(fctx->cache, , anodep);
clone_results(fctx);
@@ -5208,6 +5208,11 @@ ncache_message(fetchctx_t *fctx, dns_adb
fctx->attributes |= FCTX_ATTR_HAVEANSWER;
if (event != NULL) {
event->result = eresult;
+   if (adbp != NULL && *adbp != NULL) {
+   if (anodep != NULL && *anodep != NULL)
+   dns_db_detachnode(*adbp, anodep);
+   dns_db_detach(adbp);
+   }
dns_db_attach(fctx->cache, adbp);
dns_db_transfernode(fctx->cache, , anodep);
clone_results(fctx);
@@ -6016,13 +6021,15 @@ static isc_result_t
 answer_response(fetchctx_t *fctx) {
isc_result_t result;
dns_message_t *message;
-   dns_name_t *name, *dname = NULL, *qname, tname, *ns_name;
+   dns_name_t *name, *dname = NULL, *qname, *dqname, tname, *ns_name;
+   dns_name_t *cname = NULL;
dns_rdataset_t *rdataset, *ns_rdataset;
isc_boolean_t done, external, chaining, aa, found, want_chaining;
-   isc_boolean_t have_a

svn commit: r308204 - in releng: 10.1 10.1/crypto/openssl/ssl 10.1/sys/conf 10.2 10.2/crypto/openssl/ssl 10.2/sys/conf

[Xin LI]

Author: delphij
Date: Wed Nov  2 07:24:14 2016
New Revision: 308204
URL: https://svnweb.freebsd.org/changeset/base/308204

Log:
  Fix OpenSSL remote DoS vulnerability. [SA-16:35]
  
  Security: FreeBSD-SA-16:35.openssl
  Approved by:  so

Modified:
  releng/10.1/UPDATING
  releng/10.1/crypto/openssl/ssl/d1_pkt.c
  releng/10.1/crypto/openssl/ssl/s3_pkt.c
  releng/10.1/crypto/openssl/ssl/ssl.h
  releng/10.1/crypto/openssl/ssl/ssl3.h
  releng/10.1/crypto/openssl/ssl/ssl_locl.h
  releng/10.1/sys/conf/newvers.sh
  releng/10.2/UPDATING
  releng/10.2/crypto/openssl/ssl/d1_pkt.c
  releng/10.2/crypto/openssl/ssl/s3_pkt.c
  releng/10.2/crypto/openssl/ssl/ssl.h
  releng/10.2/crypto/openssl/ssl/ssl3.h
  releng/10.2/crypto/openssl/ssl/ssl_locl.h
  releng/10.2/sys/conf/newvers.sh

Modified: releng/10.1/UPDATING
==
--- releng/10.1/UPDATINGWed Nov  2 07:23:36 2016(r308203)
+++ releng/10.1/UPDATINGWed Nov  2 07:24:14 2016(r308204)
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITH
 stable/10, and then rebuild without this option. The bootstrap process from
 older version of current is a bit fragile.
 
+20161102   p42 FreeBSD-SA-16:35.openssl
+
+   Fix OpenSSL remote DoS vulnerability. [SA-16:35]
+
 20161025   p41 FreeBSD-SA-16:15.sysarch [revised]
 
Fix incorrect argument validation in sysarch(2). [SA-16:15]

Modified: releng/10.1/crypto/openssl/ssl/d1_pkt.c
==
--- releng/10.1/crypto/openssl/ssl/d1_pkt.c Wed Nov  2 07:23:36 2016
(r308203)
+++ releng/10.1/crypto/openssl/ssl/d1_pkt.c Wed Nov  2 07:24:14 2016
(r308204)
@@ -924,6 +924,13 @@ int dtls1_read_bytes(SSL *s, int type, u
 goto start;
 }
 
+/*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+s->s3->alert_count = 0;
+
 /* we now have a packet which can be read and processed */
 
 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1190,6 +1197,14 @@ int dtls1_read_bytes(SSL *s, int type, u
 
 if (alert_level == SSL3_AL_WARNING) {
 s->s3->warn_alert = alert_descr;
+
+s->s3->alert_count++;
+if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+al = SSL_AD_UNEXPECTED_MESSAGE;
+SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+goto f_err;
+}
+
 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 #ifndef OPENSSL_NO_SCTP
 /*

Modified: releng/10.1/crypto/openssl/ssl/s3_pkt.c
==
--- releng/10.1/crypto/openssl/ssl/s3_pkt.c Wed Nov  2 07:23:36 2016
(r308203)
+++ releng/10.1/crypto/openssl/ssl/s3_pkt.c Wed Nov  2 07:24:14 2016
(r308204)
@@ -1057,6 +1057,13 @@ int ssl3_read_bytes(SSL *s, int type, un
 return (ret);
 }
 
+/*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+s->s3->alert_count = 0;
+
 /* we now have a packet which can be read and processed */
 
 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1271,6 +1278,14 @@ int ssl3_read_bytes(SSL *s, int type, un
 
 if (alert_level == SSL3_AL_WARNING) {
 s->s3->warn_alert = alert_descr;
+
+s->s3->alert_count++;
+if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+al = SSL_AD_UNEXPECTED_MESSAGE;
+SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+goto f_err;
+}
+
 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
 return (0);

Modified: releng/10.1/crypto/openssl/ssl/ssl.h
==
--- releng/10.1/crypto/openssl/ssl/ssl.hWed Nov  2 07:23:36 2016
(r308203)
+++ releng/10.1/crypto/openssl/ssl/ssl.hWed Nov  2 07:24:14 2016
(r308204)
@@ -2713,6 +2713,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_TLS_HEARTBEAT_PENDING  366
 # define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
 # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TOO_MANY_WARN_ALERTS   409
 # define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
 # define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG234
 # define SSL_R_TRIE

Re: svn commit: r308181 - in head: . share/mk

[Jonathan Anderson]

Hi,

On 1 Nov 2016, at 21:10, Dimitry Andric wrote:

> Please note, I reverted r307823 (which changed the suffixes from .bco
> and .llo to .bc and .ll) in r308003, since it caused a number of ports
> failures.  These ports were already using .ll as a suffix for C++ lex
> scripts.

The changes to bsd.suffixes-posix.mk (included by sys.mk) would have affected 
anything compiled with bmake, and indeed, I'd imagine that adding a .c->.ll 
rule alongside .c->.o could cause problems with C++ lex rules. In fact, part of 
brooks' original motivation for introducing .llo suffixes was to avoid name 
conflicts (although conflicts with program IR like we're introducing in this 
commit). The changes in this commit should only be picked up by things that 
explicit include bsd.{lib,prog}.mk, however, and they also have slightly more 
esoteric names (e.g., progname.full.ll) that are less likely to cause a 
conflict. Perhaps I ought to have done an exp-run, but I suspect that this 
commit will cause much less / no fallout. I don't suppose you have a list of 
the ports that failed after your r307823 change so that I could do spot checks?


>> # prefer .s to a .c, add .po, remove stuff not used in the BSD libraries
>> # .pico used for PIC object files
>> -.SUFFIXES: .out .o .po .pico .S .asm .s .c .cc .cpp .cxx .C .f .y .l .ln
>> +.SUFFIXES: .out .o .bc .ll .po .pico .S .asm .s .c .cc .cpp .cxx .C .f .y 
>> .l .ln
>
> So here, please use .bco and .llo.

The "o" in the suffix indicates that the file is analogous to an object file, 
which is not really the case with the rules added here in r308181. I'd be happy 
to consider a different suffix if we get ports fallout, but I'd like to wait 
for evidence of such fallout before renaming these suffixes away from 
upstream's usage. I think that we should stick with the upstream suffixes 
unless there's a good reason not to (such as collisions with lex things as 
affected r307823).


>> @@ -199,6 +199,18 @@ lib${LIB_PRIVATE}${LIB}_p.a: ${POBJS}
>>  ${RANLIB} ${RANLIBFLAGS} ${.TARGET}
>> .endif
>>
>> +.if defined(LLVM_LINK)
>> +BCOBJS= ${OBJS:.o=.bco} ${STATICOBJS:.o=.bco}
>> +LLOBJS= ${OBJS:.o=.llo} ${STATICOBJS:.o=.llo}
>
> But apparently you already used those suffixes here.

Yup, because of the "object file" analogy.


>> -.SUFFIXES: .out .o .c .cc .cpp .cxx .C .m .y .l .ln .s .S .asm
>> +.SUFFIXES: .out .o .bc .c .cc .cpp .cxx .C .m .y .l .ll .ln .s .S .asm
>
> But not here, these should also be changed.  Sorry for any confusion.

The .bco and .llo suffixes should already be included because of 
bsd.suffixes-posix.mk (included from sys.mk). This SUFFIXES change, on the 
other hand, is to add the .ll and .bc suffixes for the final build products (IR 
"binaries" and "libraries").

I hope this clears up any confusion,


Jon
--
Jonathan Anderson
jonat...@freebsd.org

signature.asc
Description: OpenPGP digital signature

svn commit: r308202 - in releng/11.0: . crypto/openssh sys/conf

[Xin LI]

Author: delphij
Date: Wed Nov  2 07:23:19 2016
New Revision: 308202
URL: https://svnweb.freebsd.org/changeset/base/308202

Log:
  Fix Fix OpenSSH remote Denial of Service vulnerability.
  
  Security: FreeBSD-SA-16:33.openssh
  Approved by:  so

Modified:
  releng/11.0/UPDATING
  releng/11.0/crypto/openssh/kex.c
  releng/11.0/sys/conf/newvers.sh

Modified: releng/11.0/UPDATING
==
--- releng/11.0/UPDATINGWed Nov  2 07:18:27 2016(r308201)
+++ releng/11.0/UPDATINGWed Nov  2 07:23:19 2016(r308202)
@@ -16,6 +16,10 @@ from older versions of FreeBSD, try WITH
 the tip of head, and then rebuild without this option. The bootstrap process
 from older version of current across the gcc/clang cutover is a bit fragile.
 
+20161102   p3  FreeBSD-SA-16:33.openssh
+
+   Fix Fix OpenSSH remote Denial of Service vulnerability.
+
 20161025   p2  FreeBSD-SA-16:15.sysarch [revised]
FreeBSD-SA-16:32.bhyve
 

Modified: releng/11.0/crypto/openssh/kex.c
==
--- releng/11.0/crypto/openssh/kex.cWed Nov  2 07:18:27 2016
(r308201)
+++ releng/11.0/crypto/openssh/kex.cWed Nov  2 07:23:19 2016
(r308202)
@@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
 
+   ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, );
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;

Modified: releng/11.0/sys/conf/newvers.sh
==
--- releng/11.0/sys/conf/newvers.sh Wed Nov  2 07:18:27 2016
(r308201)
+++ releng/11.0/sys/conf/newvers.sh Wed Nov  2 07:23:19 2016
(r308202)
@@ -32,7 +32,7 @@
 
 TYPE="FreeBSD"
 REVISION="11.0"
-BRANCH="RELEASE-p2"
+BRANCH="RELEASE-p3"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
BRANCH=${BRANCH_OVERRIDE}
 fi
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308203 - in releng/10.3: . crypto/openssh crypto/openssl/ssl sys/conf

[Xin LI]

Author: delphij
Date: Wed Nov  2 07:23:36 2016
New Revision: 308203
URL: https://svnweb.freebsd.org/changeset/base/308203

Log:
  Fix OpenSSH remote Denial of Service vulnerability. [SA-16:33]
  
  Fix OpenSSL remote DoS vulnerability. [SA-16:35]
  
  Security: FreeBSD-SA-16:33.openssh
  Security: FreeBSD-SA-16:35.openssl
  Approved by:  so

Modified:
  releng/10.3/UPDATING
  releng/10.3/crypto/openssh/kex.c
  releng/10.3/crypto/openssl/ssl/d1_pkt.c
  releng/10.3/crypto/openssl/ssl/s3_pkt.c
  releng/10.3/crypto/openssl/ssl/ssl.h
  releng/10.3/crypto/openssl/ssl/ssl3.h
  releng/10.3/crypto/openssl/ssl/ssl_locl.h
  releng/10.3/sys/conf/newvers.sh

Modified: releng/10.3/UPDATING
==
--- releng/10.3/UPDATINGWed Nov  2 07:23:19 2016(r308202)
+++ releng/10.3/UPDATINGWed Nov  2 07:23:36 2016(r308203)
@@ -16,6 +16,13 @@ from older versions of FreeBSD, try WITH
 stable/10, and then rebuild without this option. The bootstrap process from
 older version of current is a bit fragile.
 
+20161102   p12 FreeBSD-SA-16:33.openssh
+   FreeBSD-SA-16:35.openssl
+
+   Fix OpenSSH remote Denial of Service vulnerability. [SA-16:33]
+
+   Fix OpenSSL remote DoS vulnerability. [SA-16:35]
+
 20161025   p11 FreeBSD-SA-16:15.sysarch [revised]
FreeBSD-EN-16:17.vm
 

Modified: releng/10.3/crypto/openssh/kex.c
==
--- releng/10.3/crypto/openssh/kex.cWed Nov  2 07:23:19 2016
(r308202)
+++ releng/10.3/crypto/openssh/kex.cWed Nov  2 07:23:36 2016
(r308203)
@@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
 
+   ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, );
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;

Modified: releng/10.3/crypto/openssl/ssl/d1_pkt.c
==
--- releng/10.3/crypto/openssl/ssl/d1_pkt.c Wed Nov  2 07:23:19 2016
(r308202)
+++ releng/10.3/crypto/openssl/ssl/d1_pkt.c Wed Nov  2 07:23:36 2016
(r308203)
@@ -924,6 +924,13 @@ int dtls1_read_bytes(SSL *s, int type, u
 goto start;
 }
 
+/*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+s->s3->alert_count = 0;
+
 /* we now have a packet which can be read and processed */
 
 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1190,6 +1197,14 @@ int dtls1_read_bytes(SSL *s, int type, u
 
 if (alert_level == SSL3_AL_WARNING) {
 s->s3->warn_alert = alert_descr;
+
+s->s3->alert_count++;
+if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+al = SSL_AD_UNEXPECTED_MESSAGE;
+SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+goto f_err;
+}
+
 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 #ifndef OPENSSL_NO_SCTP
 /*

Modified: releng/10.3/crypto/openssl/ssl/s3_pkt.c
==
--- releng/10.3/crypto/openssl/ssl/s3_pkt.c Wed Nov  2 07:23:19 2016
(r308202)
+++ releng/10.3/crypto/openssl/ssl/s3_pkt.c Wed Nov  2 07:23:36 2016
(r308203)
@@ -1057,6 +1057,13 @@ int ssl3_read_bytes(SSL *s, int type, un
 return (ret);
 }
 
+/*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+s->s3->alert_count = 0;
+
 /* we now have a packet which can be read and processed */
 
 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1271,6 +1278,14 @@ int ssl3_read_bytes(SSL *s, int type, un
 
 if (alert_level == SSL3_AL_WARNING) {
 s->s3->warn_alert = alert_descr;
+
+s->s3->alert_count++;
+if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+al = SSL_AD_UNEXPECTED_MESSAGE;
+SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+goto f_err;
+}
+
 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
 return (0);

Modified: releng/10.3/crypto/openssl/ssl/ssl.h
==
--- releng/10.3/crypto/openssl/ssl/ssl.hWed Nov  2 07:23:19 2016
(r308

svn commit: r308201 - in head: contrib/hyperv/tools sys/dev/hyperv/utilities

[Sepherosa Ziehau]

Author: sephe
Date: Wed Nov  2 07:18:27 2016
New Revision: 308201
URL: https://svnweb.freebsd.org/changeset/base/308201

Log:
  hyperv/kvp: Don't mix message status codes and function return values.
  
  While I'm here, move message status codes to hv_utilreg.h, since they
  will be used by the upcoming VSS stuffs.
  
  Submitted by: Hongjiang Zhang 
  MFC after:1 week
  Sponsored by: Microsoft
  Differential Revision:https://reviews.freebsd.org/D8391

Modified:
  head/contrib/hyperv/tools/hv_kvp_daemon.c
  head/sys/dev/hyperv/utilities/hv_kvp.c
  head/sys/dev/hyperv/utilities/hv_kvp.h
  head/sys/dev/hyperv/utilities/hv_utilreg.h

Modified: head/contrib/hyperv/tools/hv_kvp_daemon.c
==
--- head/contrib/hyperv/tools/hv_kvp_daemon.c   Wed Nov  2 07:09:31 2016
(r308200)
+++ head/contrib/hyperv/tools/hv_kvp_daemon.c   Wed Nov  2 07:18:27 2016
(r308201)
@@ -52,9 +52,10 @@
 #include 
 #include 
 #include 
+#include 
 
 #include "hv_kvp.h"
-
+#include "hv_utilreg.h"
 typedef uint8_t__u8;
 typedef uint16_t   __u16;
 typedef uint32_t   __u32;
@@ -684,18 +685,16 @@ kvp_get_ipconfig_info(char *if_name, str
 */
kvp_process_ipconfig_file(cmd, (char *)buffer->gate_way,
(MAX_GATEWAY_SIZE * 2), INET_ADDRSTRLEN, 0);
-
/*
 * Retrieve the IPV6 address of default gateway.
 */
-   snprintf(cmd, sizeof(cmd), "netstat -rn inet6 | grep %s | awk 
'/default/ {print $2 }", if_name);
+   snprintf(cmd, sizeof(cmd), "netstat -rn inet6 | grep %s | awk 
'/default/ {print $2 }'", if_name);
 
/*
 * Execute the command to gather gateway IPV6 info.
 */
kvp_process_ipconfig_file(cmd, (char *)buffer->gate_way,
(MAX_GATEWAY_SIZE * 2), INET6_ADDRSTRLEN, 1);
-
/*
 * we just invoke an external script to get the DNS info.
 *
@@ -782,11 +781,11 @@ kvp_process_ip_address(void *addrp,
}
 
if ((length - *offset) < addr_length + 1) {
-   return (HV_KVP_E_FAIL);
+   return (EINVAL);
}
if (str == NULL) {
strlcpy(buffer, "inet_ntop failed\n", length);
-   return (HV_KVP_E_FAIL);
+   return (errno);
}
if (*offset == 0) {
strlcpy(buffer, tmp, length);
@@ -832,7 +831,7 @@ kvp_get_ip_info(int family, char *if_nam
 
if (getifaddrs()) {
strlcpy(buffer, "getifaddrs failed\n", buffer_length);
-   return (HV_KVP_E_FAIL);
+   return (errno);
}
 
curp = ifap;
@@ -924,7 +923,6 @@ kvp_get_ip_info(int family, char *if_nam
/*
 * Collect other ip configuration info.
 */
-
kvp_get_ipconfig_info(if_name, ip_buffer);
}
 
@@ -954,7 +952,7 @@ kvp_write_file(FILE *f, const char *s1, 
ret = fprintf(f, "%s%s%s%s\n", s1, s2, "=", s3);
 
if (ret < 0) {
-   return (HV_KVP_E_FAIL);
+   return (EIO);
}
 
return (0);
@@ -979,7 +977,7 @@ kvp_set_ip_info(char *if_name, struct hv
 
if (file == NULL) {
KVP_LOG(LOG_ERR, "FreeBSD Failed to open config file\n");
-   return (HV_KVP_E_FAIL);
+   return (errno);
}
 
/*
@@ -988,7 +986,7 @@ kvp_set_ip_info(char *if_name, struct hv
 
mac_addr = kvp_if_name_to_mac(if_name);
if (mac_addr == NULL) {
-   error = HV_KVP_E_FAIL;
+   error = EINVAL;
goto kvp_set_ip_info_error;
}
/* MAC Address */
@@ -1091,28 +1089,30 @@ kvp_op_getipinfo(struct hv_kvp_msg *op_m
 {
struct hv_kvp_ipaddr_value *ip_val;
char *if_name;
+   int error = 0;
 
assert(op_msg != NULL);
KVP_LOG(LOG_DEBUG, "In kvp_op_getipinfo.\n");
 
ip_val = _msg->body.kvp_ip_val;
-   op_msg->hdr.error = HV_KVP_S_OK;
+   op_msg->hdr.error = HV_S_OK;
 
if_name = kvp_mac_to_if_name((char *)ip_val->adapter_id);
 
if (if_name == NULL) {
/* No interface found with the mac address. */
-   op_msg->hdr.error = HV_KVP_E_FAIL;
+   op_msg->hdr.error = HV_E_FAIL;
goto kvp_op_getipinfo_done;
}
 
-   op_msg->hdr.error = kvp_get_ip_info(0, if_name,
+   error = kvp_get_ip_info(0, if_name,
HV_KVP_OP_GET_IP_INFO, ip_val, (MAX_IP_ADDR_SIZE * 2));
-
+   if (error)
+   op_msg->hdr.error = HV_E_FAIL;
free(if_name);
 
 kvp_op_getipinfo_done:
-   return(op_msg->hdr.error);
+   return (error);
 }
 
 
@@ -1121,25 +1121,27 @@ kvp_op_setipinfo(struct hv_kvp_msg *op_m
 {
struct hv_kvp_ipaddr_value *ip_val;
char *if_name;
+   int error = 0;
 
assert(op_msg != NULL);

svn commit: r308200 - in stable: 10/crypto/openssl/ssl 9/crypto/openssl/ssl

[Xin LI]

Author: delphij
Date: Wed Nov  2 07:09:31 2016
New Revision: 308200
URL: https://svnweb.freebsd.org/changeset/base/308200

Log:
  Backport OpenSSL commit af58be768ebb690f78530f796e92b8ae5c9a4401:
  
Don't allow too many consecutive warning alerts
  
Certain warning alerts are ignored if they are received. This can mean that
no progress will be made if one peer continually sends those warning alerts.
Implement a count so that we abort the connection if we receive too many.
  
Issue reported by Shi Lei.
  
  This is a direct commit to stable/10 and stable/9.
  
  Security: CVE-2016-8610

Modified:
  stable/9/crypto/openssl/ssl/d1_pkt.c
  stable/9/crypto/openssl/ssl/s3_pkt.c
  stable/9/crypto/openssl/ssl/ssl.h
  stable/9/crypto/openssl/ssl/ssl3.h
  stable/9/crypto/openssl/ssl/ssl_locl.h

Changes in other areas also in this revision:
Modified:
  stable/10/crypto/openssl/ssl/d1_pkt.c
  stable/10/crypto/openssl/ssl/s3_pkt.c
  stable/10/crypto/openssl/ssl/ssl.h
  stable/10/crypto/openssl/ssl/ssl3.h
  stable/10/crypto/openssl/ssl/ssl_locl.h

Modified: stable/9/crypto/openssl/ssl/d1_pkt.c
==
--- stable/9/crypto/openssl/ssl/d1_pkt.cWed Nov  2 06:58:47 2016
(r308199)
+++ stable/9/crypto/openssl/ssl/d1_pkt.cWed Nov  2 07:09:31 2016
(r308200)
@@ -820,6 +820,13 @@ int dtls1_read_bytes(SSL *s, int type, u
 goto start;
 }
 
+/*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+s->s3->alert_count = 0;
+
 /* we now have a packet which can be read and processed */
 
 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1043,6 +1050,14 @@ int dtls1_read_bytes(SSL *s, int type, u
 
 if (alert_level == 1) { /* warning */
 s->s3->warn_alert = alert_descr;
+
+s->s3->alert_count++;
+if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+al = SSL_AD_UNEXPECTED_MESSAGE;
+SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+goto f_err;
+}
+
 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
 return (0);

Modified: stable/9/crypto/openssl/ssl/s3_pkt.c
==
--- stable/9/crypto/openssl/ssl/s3_pkt.cWed Nov  2 06:58:47 2016
(r308199)
+++ stable/9/crypto/openssl/ssl/s3_pkt.cWed Nov  2 07:09:31 2016
(r308200)
@@ -922,6 +922,13 @@ int ssl3_read_bytes(SSL *s, int type, un
 return (ret);
 }
 
+/*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+s->s3->alert_count = 0;
+
 /* we now have a packet which can be read and processed */
 
 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1121,6 +1128,14 @@ int ssl3_read_bytes(SSL *s, int type, un
 
 if (alert_level == 1) { /* warning */
 s->s3->warn_alert = alert_descr;
+
+s->s3->alert_count++;
+if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+al = SSL_AD_UNEXPECTED_MESSAGE;
+SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+goto f_err;
+}
+
 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
 return (0);

Modified: stable/9/crypto/openssl/ssl/ssl.h
==
--- stable/9/crypto/openssl/ssl/ssl.h   Wed Nov  2 06:58:47 2016
(r308199)
+++ stable/9/crypto/openssl/ssl/ssl.h   Wed Nov  2 07:09:31 2016
(r308200)
@@ -2195,6 +2195,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_TLSV1_UNSUPPORTED_EXTENSION1110
 # define SSL_R_TLS_CLIENT_CERT_REQ_WITH_ANON_CIPHER   232
 # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 227
+# define SSL_R_TOO_MANY_WARN_ALERTS   409
 # define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
 # define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG234
 # define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER235

Modified: stable/9/crypto/openssl/ssl/ssl3.h
==
--- stable/9/crypto/openssl/ssl/ssl3.h  Wed Nov  2 06:58:47 2016
(r308199)
+++ stable/9/crypto/openssl/ssl/ssl3.h  Wed Nov  2 07:09:31 2016
(r308200)
@@ -491,6 +491,8 @@ typedef struct ssl3_state_st {
 char is_probably_safari;
 #  endif/* !OPENSSL_NO_EC */
 # endif 

svn commit: r308200 - in stable: 10/crypto/openssl/ssl 9/crypto/openssl/ssl

[Xin LI]

Author: delphij
Date: Wed Nov  2 07:09:31 2016
New Revision: 308200
URL: https://svnweb.freebsd.org/changeset/base/308200

Log:
  Backport OpenSSL commit af58be768ebb690f78530f796e92b8ae5c9a4401:
  
Don't allow too many consecutive warning alerts
  
Certain warning alerts are ignored if they are received. This can mean that
no progress will be made if one peer continually sends those warning alerts.
Implement a count so that we abort the connection if we receive too many.
  
Issue reported by Shi Lei.
  
  This is a direct commit to stable/10 and stable/9.
  
  Security: CVE-2016-8610

Modified:
  stable/10/crypto/openssl/ssl/d1_pkt.c
  stable/10/crypto/openssl/ssl/s3_pkt.c
  stable/10/crypto/openssl/ssl/ssl.h
  stable/10/crypto/openssl/ssl/ssl3.h
  stable/10/crypto/openssl/ssl/ssl_locl.h

Changes in other areas also in this revision:
Modified:
  stable/9/crypto/openssl/ssl/d1_pkt.c
  stable/9/crypto/openssl/ssl/s3_pkt.c
  stable/9/crypto/openssl/ssl/ssl.h
  stable/9/crypto/openssl/ssl/ssl3.h
  stable/9/crypto/openssl/ssl/ssl_locl.h

Modified: stable/10/crypto/openssl/ssl/d1_pkt.c
==
--- stable/10/crypto/openssl/ssl/d1_pkt.c   Wed Nov  2 06:58:47 2016
(r308199)
+++ stable/10/crypto/openssl/ssl/d1_pkt.c   Wed Nov  2 07:09:31 2016
(r308200)
@@ -924,6 +924,13 @@ int dtls1_read_bytes(SSL *s, int type, u
 goto start;
 }
 
+/*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+s->s3->alert_count = 0;
+
 /* we now have a packet which can be read and processed */
 
 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1190,6 +1197,14 @@ int dtls1_read_bytes(SSL *s, int type, u
 
 if (alert_level == SSL3_AL_WARNING) {
 s->s3->warn_alert = alert_descr;
+
+s->s3->alert_count++;
+if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+al = SSL_AD_UNEXPECTED_MESSAGE;
+SSLerr(SSL_F_DTLS1_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+goto f_err;
+}
+
 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 #ifndef OPENSSL_NO_SCTP
 /*

Modified: stable/10/crypto/openssl/ssl/s3_pkt.c
==
--- stable/10/crypto/openssl/ssl/s3_pkt.c   Wed Nov  2 06:58:47 2016
(r308199)
+++ stable/10/crypto/openssl/ssl/s3_pkt.c   Wed Nov  2 07:09:31 2016
(r308200)
@@ -1057,6 +1057,13 @@ int ssl3_read_bytes(SSL *s, int type, un
 return (ret);
 }
 
+/*
+ * Reset the count of consecutive warning alerts if we've got a non-empty
+ * record that isn't an alert.
+ */
+if (rr->type != SSL3_RT_ALERT && rr->length != 0)
+s->s3->alert_count = 0;
+
 /* we now have a packet which can be read and processed */
 
 if (s->s3->change_cipher_spec /* set when we receive ChangeCipherSpec,
@@ -1271,6 +1278,14 @@ int ssl3_read_bytes(SSL *s, int type, un
 
 if (alert_level == SSL3_AL_WARNING) {
 s->s3->warn_alert = alert_descr;
+
+s->s3->alert_count++;
+if (s->s3->alert_count == MAX_WARN_ALERT_COUNT) {
+al = SSL_AD_UNEXPECTED_MESSAGE;
+SSLerr(SSL_F_SSL3_READ_BYTES, SSL_R_TOO_MANY_WARN_ALERTS);
+goto f_err;
+}
+
 if (alert_descr == SSL_AD_CLOSE_NOTIFY) {
 s->shutdown |= SSL_RECEIVED_SHUTDOWN;
 return (0);

Modified: stable/10/crypto/openssl/ssl/ssl.h
==
--- stable/10/crypto/openssl/ssl/ssl.h  Wed Nov  2 06:58:47 2016
(r308199)
+++ stable/10/crypto/openssl/ssl/ssl.h  Wed Nov  2 07:09:31 2016
(r308200)
@@ -2717,6 +2717,7 @@ void ERR_load_SSL_strings(void);
 # define SSL_R_TLS_HEARTBEAT_PENDING  366
 # define SSL_R_TLS_ILLEGAL_EXPORTER_LABEL 367
 # define SSL_R_TLS_INVALID_ECPOINTFORMAT_LIST 157
+# define SSL_R_TOO_MANY_WARN_ALERTS   409
 # define SSL_R_TLS_PEER_DID_NOT_RESPOND_WITH_CERTIFICATE_LIST 233
 # define SSL_R_TLS_RSA_ENCRYPTED_VALUE_LENGTH_IS_WRONG234
 # define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER235

Modified: stable/10/crypto/openssl/ssl/ssl3.h
==
--- stable/10/crypto/openssl/ssl/ssl3.h Wed Nov  2 06:58:47 2016
(r308199)
+++ stable/10/crypto/openssl/ssl/ssl3.h Wed Nov  2 07:09:31 2016
(r308200)
@@ -587,6 +587,8 @@ typedef struct ssl3_state_st {
 char is_probably_safari;
 #   endif   /* !OPENSSL_NO_EC */
 #  endif/* !OPENSSL_NO_TLSEXT */
+/* 

svn commit: r308199 - stable/10/crypto/openssh

[Xin LI]

Author: delphij
Date: Wed Nov  2 06:58:47 2016
New Revision: 308199
URL: https://svnweb.freebsd.org/changeset/base/308199

Log:
  MFC r308197: MFV r308196:
  
  Fix OpenSSH remote Denial of Service vulnerability.
  
  Security: CVE-2016-8858

Modified:
  stable/10/crypto/openssh/kex.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/crypto/openssh/kex.c
==
--- stable/10/crypto/openssh/kex.c  Wed Nov  2 06:56:35 2016
(r308198)
+++ stable/10/crypto/openssh/kex.c  Wed Nov  2 06:58:47 2016
(r308199)
@@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
 
+   ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, );
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308198 - stable/11/crypto/openssh

[Xin LI]

Author: delphij
Date: Wed Nov  2 06:56:35 2016
New Revision: 308198
URL: https://svnweb.freebsd.org/changeset/base/308198

Log:
  MFC r308197: MFV r308196:
  
  Fix OpenSSH remote Denial of Service vulnerability.
  
  Security: CVE-2016-8858

Modified:
  stable/11/crypto/openssh/kex.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/crypto/openssh/kex.c
==
--- stable/11/crypto/openssh/kex.c  Wed Nov  2 06:49:25 2016
(r308197)
+++ stable/11/crypto/openssh/kex.c  Wed Nov  2 06:56:35 2016
(r308198)
@@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
 
+   ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, );
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308197 - head/crypto/openssh

[Xin LI]

Author: delphij
Date: Wed Nov  2 06:49:25 2016
New Revision: 308197
URL: https://svnweb.freebsd.org/changeset/base/308197

Log:
  MFV r308196:
  
  Fix OpenSSH remote Denial of Service vulnerability.
  
  Security: CVE-2016-8858

Modified:
  head/crypto/openssh/kex.c
Directory Properties:
  head/crypto/openssh/   (props changed)

Modified: head/crypto/openssh/kex.c
==
--- head/crypto/openssh/kex.c   Wed Nov  2 06:43:20 2016(r308196)
+++ head/crypto/openssh/kex.c   Wed Nov  2 06:49:25 2016(r308197)
@@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
 
+   ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, );
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308196 - vendor-crypto/openssh/dist

[Xin LI]

Author: delphij
Date: Wed Nov  2 06:43:20 2016
New Revision: 308196
URL: https://svnweb.freebsd.org/changeset/base/308196

Log:
  Apply upstream fix for CVE-2016-8858:
  
Unregister the KEXINIT handler after message has been received.
Otherwise an unauthenticated peer can repeat the KEXINIT and cause
allocation of up to 128MB -- until the connection is closed.
Reported by shilei-c at 360.cn
  
  Obtained from:OpenBSD

Modified:
  vendor-crypto/openssh/dist/kex.c

Modified: vendor-crypto/openssh/dist/kex.c
==
--- vendor-crypto/openssh/dist/kex.cWed Nov  2 06:37:35 2016
(r308195)
+++ vendor-crypto/openssh/dist/kex.cWed Nov  2 06:43:20 2016
(r308196)
@@ -468,6 +468,7 @@ kex_input_kexinit(int type, u_int32_t se
if (kex == NULL)
return SSH_ERR_INVALID_ARGUMENT;
 
+   ssh_dispatch_set(ssh, SSH2_MSG_KEXINIT, NULL);
ptr = sshpkt_ptr(ssh, );
if ((r = sshbuf_put(kex->peer, ptr, dlen)) != 0)
return r;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r308195 - head/sys/boot/efi/libefi

[Toomas Soome]

Author: tsoome
Date: Wed Nov  2 06:37:35 2016
New Revision: 308195
URL: https://svnweb.freebsd.org/changeset/base/308195

Log:
  efinet_dev_print should honor verbose option.
  
  lsdev should display detailed information about net devices only with -v
  switch. This will make EFI and BIOS version of the loader to have the
  same behavior.
  
  Reviewed by:  bapt, imp
  Approved by:  imp (mentor)
  Differential Revision:https://reviews.freebsd.org/D8415

Modified:
  head/sys/boot/efi/libefi/efinet.c

Modified: head/sys/boot/efi/libefi/efinet.c
==
--- head/sys/boot/efi/libefi/efinet.c   Wed Nov  2 05:41:23 2016
(r308194)
+++ head/sys/boot/efi/libefi/efinet.c   Wed Nov  2 06:37:35 2016
(r308195)
@@ -357,10 +357,12 @@ efinet_dev_print(int verbose)
for (unit = 0, h = efi_find_handle(_dev, 0);
h != NULL; h = efi_find_handle(_dev, ++unit)) {
printf("%s%d:", efinet_dev.dv_name, unit);
-   text = efi_devpath_name(efi_lookup_devpath(h));
-   if (text != NULL) {
-   printf("%S", text);
-   efi_free_devpath_name(text);
+   if (verbose) {
+   text = efi_devpath_name(efi_lookup_devpath(h));
+   if (text != NULL) {
+   printf("%S", text);
+   efi_free_devpath_name(text);
+   }
}
if (pager_output("\n"))
break;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"