Re: svn commit: r360964 - in head: lib/libclang_rt lib/libthr lib/msun libexec/rtld-elf libexec/tftpd/tests share/mk stand stand/arm/uboot stand/efi stand/efi/boot1 stand/efi/loader stand/i386/boot2 s
Why is this marked for MFC? FreeBSD 12 uses base GCC 4.2.1 on some platforms.
On Tue, May 12, 2020, at 1:34 PM, Ravi Pokala wrote:
> This feels like it deserves an UPDATING (and possibly a RELNOTES) entry.
>
> -Ravi (rpokala@)
>
> -Original Message-
> From: on behalf of Eric van Gyzen
>
> Date: 2020-05-12, Tuesday at 08:22
> To: , ,
>
> Subject: svn commit: r360964 - in head: lib/libclang_rt lib/libthr
> lib/msun libexec/rtld-elf libexec/tftpd/tests share/mk stand
> stand/arm/uboot stand/efi stand/efi/boot1 stand/efi/loader
> stand/i386/boot2 st...
>
> Author: vangyzen
> Date: Tue May 12 15:22:40 2020
> New Revision: 360964
> URL: https://svnweb.freebsd.org/changeset/base/360964
>
> Log:
> Remove tests for obsolete compilers in the build system
>
> Assume gcc is at least 6.4, the oldest xtoolchain in the ports tree.
> Assume clang is at least 6, which was in 11.2-RELEASE. Drop conditions
> for older compilers.
>
> Reviewed by:imp (earlier version), emaste, jhb
> MFC after: 2 weeks
> Sponsored by: Dell EMC Isilon
> Differential Revision: https://reviews.freebsd.org/D24802
>
> Modified:
> head/lib/libclang_rt/Makefile.inc
> head/lib/libthr/Makefile
> head/lib/msun/Makefile
> head/libexec/rtld-elf/Makefile
> head/libexec/tftpd/tests/Makefile
> head/share/mk/bsd.compiler.mk
> head/share/mk/bsd.sys.mk
> head/stand/arm/uboot/Makefile
> head/stand/defs.mk
> head/stand/efi/Makefile
> head/stand/efi/boot1/Makefile
> head/stand/efi/loader/Makefile
> head/stand/i386/boot2/Makefile
> head/stand/i386/isoboot/Makefile
> head/stand/libsa/Makefile
> head/sys/conf/Makefile.arm
> head/sys/conf/Makefile.powerpc
> head/sys/conf/kern.mk
> head/sys/conf/kern.post.mk
> head/sys/conf/kern.pre.mk
> head/sys/conf/kmod.mk
> head/sys/modules/Makefile
> head/usr.sbin/acpi/acpidb/Makefile
> head/usr.sbin/trpt/Makefile
> head/usr.sbin/zic/zic/Makefile
>
> Modified: head/lib/libclang_rt/Makefile.inc
>
> ==
> --- head/lib/libclang_rt/Makefile.inc Tue May 12 14:47:38
> 2020 (r360963)
> +++ head/lib/libclang_rt/Makefile.inc Tue May 12 15:22:40
> 2020 (r360964)
> @@ -32,7 +32,7 @@ CFLAGS+=${PICFLAG}
> CFLAGS+= -fno-builtin
> CFLAGS+= -fno-exceptions
> CXXFLAGS+= -fno-rtti
> -.if ${COMPILER_TYPE} == clang && ${COMPILER_VERSION} >= 30700
> +.if ${COMPILER_TYPE} == clang
> CFLAGS+= -fno-sanitize=safe-stack
> .endif
> CFLAGS+= -fno-stack-protector
>
> Modified: head/lib/libthr/Makefile
>
> ==
> --- head/lib/libthr/Makefile Tue May 12 14:47:38 2020
> (r360963)
> +++ head/lib/libthr/Makefile Tue May 12 15:22:40 2020
> (r360964)
> @@ -29,10 +29,7 @@ CFLAGS+=-Winline
>
> CFLAGS.thr_stack.c+= -Wno-cast-align
> CFLAGS.rtld_malloc.c+= -Wno-cast-align
> -.include
> -.if !(${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} < 40300)
> CFLAGS.thr_symbols.c+= -Wno-missing-variable-declarations
> -.endif
>
> .ifndef NO_THREAD_UNWIND_STACK
> CFLAGS+=-fexceptions
>
> Modified: head/lib/msun/Makefile
>
> ==
> --- head/lib/msun/MakefileTue May 12 14:47:38 2020
> (r360963)
> +++ head/lib/msun/MakefileTue May 12 15:22:40 2020
> (r360964)
> @@ -108,13 +108,13 @@ COMMON_SRCS+= catrigl.c \
> s_nextafterl.c s_nexttoward.c s_remquol.c s_rintl.c s_roundl.c \
> s_scalbnl.c s_sinl.c s_sincosl.c \
> s_tanhl.c s_tanl.c s_truncl.c w_cabsl.c
> -# Work around this warning from gcc 6:
> +# Work around this warning from gcc:
> # lib/msun/ld80/e_powl.c:275:1: error: floating constant
> exceeds range of
> # 'long double' [-Werror=overflow]
> # if( y >= LDBL_MAX )
> # See also:
> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=130067
> .include
> -.if ${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} >= 6
> +.if ${COMPILER_TYPE} == "gcc"
> CFLAGS.e_powl.c+= -Wno-error=overflow
> .endif
> .endif
>
> Modified: head/libexec/rtld-elf/Makefile
>
> ==
> --- head/libexec/rtld-elf/MakefileTue May 12 14:47:38
> 2020 (r360963)
> +++ head/libexec/rtld-elf/MakefileTue May 12 15:22:40
> 2020 (r360964)
> @@ -90,8 +90,4 @@ ${PROG_FULL}: ${VERSION_MAP}
> # GCC warns about redeclarations even though they have __exported
> # and are therefore not identical to the
svn commit: r361000 - head/usr.sbin/inetd
Author: kevans Date: Wed May 13 02:17:27 2020 New Revision: 361000 URL: https://svnweb.freebsd.org/changeset/base/361000 Log: inetd(8): Provide HTTP proxy example using netcat One of the fortunes that are included in freebsd-tips talks about how the superserver can be used to proxy connections with netcat, but there are no examples provided. This commit adds an example with comment explaining what it does. Submitted by: debdrup MFC after:1 week Differential Revision:https://reviews.freebsd.org/D24800 Modified: head/usr.sbin/inetd/inetd.8 Modified: head/usr.sbin/inetd/inetd.8 == --- head/usr.sbin/inetd/inetd.8 Wed May 13 00:18:44 2020(r360999) +++ head/usr.sbin/inetd/inetd.8 Wed May 13 02:17:27 2020(r361000) @@ -28,7 +28,7 @@ .\" from: @(#)inetd.8 8.3 (Berkeley) 4/13/94 .\" $FreeBSD$ .\" -.Dd January 12, 2008 +.Dd May 12, 2020 .Dt INETD 8 .Os .Sh NAME @@ -800,6 +800,8 @@ shellstream tcp46 nowait root /usr/libexec/ tcpmux/+date stream tcp nowait guest /bin/datedate tcpmux/phonebook stream tcp nowait guest /usr/local/bin/phonebook phonebook rstatd/1-3 dgram rpc/udp wait root /usr/libexec/rpc.rstatd rpc.rstatd +# Use netcat as a one-shot HTTP proxy with nc (from freebsd-tips fortune) +http stream tcp nowait nobody /usr/bin/nc nc -N dest-ip 80 /var/run/echo stream unix nowait root internal #@ ipsec ah/require chargen stream tcp nowait root internal @@ -914,6 +916,7 @@ in the database. .El .Sh SEE ALSO +.Xr nc 1 , .Xr ipsec_set_policy 3 , .Xr hosts_access 5 , .Xr hosts_options 5 , ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360833 - head
On Tue, May 12, 2020 at 5:16 PM Brooks Davis wrote:
>
> On Mon, May 11, 2020 at 01:45:14PM -0500, Kyle Evans wrote:
> > On Mon, May 11, 2020 at 1:10 PM Brooks Davis wrote:
> > >
> > > On Sat, May 09, 2020 at 02:01:29AM +, Kyle Evans wrote:
> > > > Author: kevans
> > > > Date: Sat May 9 02:01:29 2020
> > > > New Revision: 360833
> > > > URL: https://svnweb.freebsd.org/changeset/base/360833
> > > >
> > > > Log:
> > > > installworld: attempt a certctl rehash at the tail end
> > > >
> > > > This can be run as root or normal user with no problem; if they hadn't
> > > > twisted the WITHOUT_CAROOT knob, we'll attempt to use the host
> > > > certctl to
> > > > rehash the DESTDIR. This would allow one to build systems
> > > > WITHOUT_OPENSSL +
> > > > WITH_CAROOT with a populated /etc/ssl that they can then use with an
> > > > appropriate *ssl from somewhere else.
> > > >
> > > > Cross-builds are fine because this will always use the host certctl,
> > > > or just
> > > > nag if it's missing and it wasn't a WITHOUT_CAROOT build.
> > > >
> > > > MFC after: 1 week
> > > > Differential Revision: https://reviews.freebsd.org/D24641
> > > >
> > > > Modified:
> > > > head/Makefile.inc1
> > > >
> > > > Modified: head/Makefile.inc1
> > > > ==
> > > > --- head/Makefile.inc1Sat May 9 01:48:08 2020(r360832)
> > > > +++ head/Makefile.inc1Sat May 9 02:01:29 2020(r360833)
> > > > @@ -1403,6 +1403,16 @@ distributeworld installworld stageworld:
> > > > _installcheck
> > > > ${DESTDIR}/${DISTDIR}/${dist}.debug.meta
> > > > .endfor
> > > > .endif
> > > > +.elif make(installworld) && ${MK_CAROOT} != "no"
> > > > + # We could make certctl a bootstrap tool, but it requires OpenSSL
> > > > and
> > > > + # friends, which we likely don't want. We'll rehash on a
> > > > best-effort
> > > > + # basis, otherwise we'll just mention that we're not doing it to
> > > > raise
> > > > + # awareness.
> > > > + @if which certctl>/dev/null; then \
> > > > + certctl rehash \
> > >
> > > Does this update METALOG with the added links?
> > >
> > > It seems a little weird to rely on DESTDIR from the environment.
> > >
> > > In general I'm not enthusiastic about additions to installworld that do
> > > anything other than copying files, creating links, etc in simple ways.
> >
> > I will happily back this out if I can get some qualified eyes to
> > review/improve it. It does not update METALOG, and it probably should.
> > Agreed on DESTDIR. As for point #3, I guess we can continue spreading
> > `certctl rehash` all over the tree in various points that may need it;
> > the release(7) scripts will need to be done if we don't do it here at
> > a minimum, and I haven't put much thought into it beyond that.
>
> I'm not in a rush to back this out given that it's solving a real
> problem, but lets talk about improvements.
>
> I kind of feel like this belongs in distribution (which I think would
> deal with release scripts) or in etcupdate/mergemaster, but I'm not
> sure either of those are correct. I'd be happy to review changes to
> update the METALOG (I guess we'd extend certctl with an option to do
> that?) I think that's the most important things because we really
> should be routinely validating that DESTDIR only contains things in the
> METALOG. A quick and dirty fix for the DESTDIR weirdness might be adding
> "env DESTDIR=${DESTDIR}" so it's explicit.
>
Got it- not an egregious enough violation to promptly back out, but we
will work towards a better solution.
For the larger picture, distribution is probably the correct spot for
this; we currently rehash at the following points:
- mergemaster/etcupdate
- freebsd-update
- post-install of the caroot pkg (pkgbase)
This leaves two primary final blind spots, which this commit was
attempting to resolve:
1.) Install media (including VM images)
2.) Initial installs (e.g. from bsdinstall)
#1 could be solved by directly adding it to the release(7) scripts and
#2 could be solved by having bsdinstall do it at config time, but
there seem to be multiple potential points that could instead hit both
(with a single stone) while also making covering the array of other
images that re@ produces (e.g. AWS images) and perhaps other points
that we've not immediately considered.
To this end, distribution or installworld are probably equally
sufficient, but I'm incredibly unfamiliar with the former. My
understanding from glancing at it over the years is that it may be
executed into a tempdir and merged with mergemaster/etcupdate, or
directly into the new root if we're looking at a new install that
doesn't have potential local changes to merge in.
Part of the problem that I see in my head is probably solved by just
having a var that mergemaster/etcupdate can pass in to distribution to
not bother with the rehash. We want to keep the
svn commit: r360999 - head/sys/cam/ata
Author: imp
Date: Wed May 13 00:18:44 2020
New Revision: 360999
URL: https://svnweb.freebsd.org/changeset/base/360999
Log:
Make the ata probe* and xpt* routines aprobe* and axpt* respectively.
Often, in traiging core files, one only has a traceback of where a
panic occurred. We have probe* and xpt* routines that live in both the
scsi and ata layers with identical names. To make one or the other
stand out, prefix all the probe and xpt routines in ata with an
'a'. I've left the scsi ones alone since they were there first and are
more numerous. I also rejected using #define to do this as being too
confusing. I chose this method because the CAM name for the probe
device was already 'aprobe'.
Normally, this doesn't matter because file scope protects one from
interfering with the other. However, due to the indirect nature of
CAM's state machine, you don't know if the following traceback is
SCSI or ATA:
xpt_done
probedone
xpt_done_process
xpt_done_td
fork_exit
nvme and mmc already have unique names.
MFC: 1 week
Differential revision: https://reviews.freebsd.org/D24825
Modified:
head/sys/cam/ata/ata_xpt.c
Modified: head/sys/cam/ata/ata_xpt.c
==
--- head/sys/cam/ata/ata_xpt.c Wed May 13 00:05:11 2020(r360998)
+++ head/sys/cam/ata/ata_xpt.c Wed May 13 00:18:44 2020(r360999)
@@ -71,16 +71,16 @@ struct ata_quirk_entry {
u_int maxtags;
};
-static periph_init_t probe_periph_init;
+static periph_init_t aprobe_periph_init;
-static struct periph_driver probe_driver =
+static struct periph_driver aprobe_driver =
{
- probe_periph_init, "aprobe",
- TAILQ_HEAD_INITIALIZER(probe_driver.units), /* generation */ 0,
+ aprobe_periph_init, "aprobe",
+ TAILQ_HEAD_INITIALIZER(aprobe_driver.units), /* generation */ 0,
CAM_PERIPH_DRV_EARLY
};
-PERIPHDRIVER_DECLARE(aprobe, probe_driver);
+PERIPHDRIVER_DECLARE(aprobe, aprobe_driver);
typedef enum {
PROBE_RESET,
@@ -100,7 +100,7 @@ typedef enum {
PROBE_IDENTIFY_SAFTE,
PROBE_DONE,
PROBE_INVALID
-} probe_action;
+} aprobe_action;
static char *probe_action_text[] = {
"PROBE_RESET",
@@ -134,13 +134,13 @@ do {
\
typedef enum {
PROBE_NO_ANNOUNCE = 0x04
-} probe_flags;
+} aprobe_flags;
typedef struct {
TAILQ_HEAD(, ccb_hdr) request_ccbs;
struct ata_params ident_data;
- probe_actionaction;
- probe_flags flags;
+ aprobe_action action;
+ aprobe_flagsflags;
uint32_tpm_pid;
uint32_tpm_prv;
int restart;
@@ -162,19 +162,18 @@ static struct ata_quirk_entry ata_quirk_table[] =
},
};
-static cam_status proberegister(struct cam_periph *periph,
- void *arg);
-static void probeschedule(struct cam_periph *probe_periph);
-static void probestart(struct cam_periph *periph, union ccb *start_ccb);
-static void proberequestdefaultnegotiation(struct cam_periph *periph);
-static void probedone(struct cam_periph *periph, union ccb *done_ccb);
-static void probecleanup(struct cam_periph *periph);
+static cam_status aproberegister(struct cam_periph *periph, void *arg);
+static void aprobeschedule(struct cam_periph *probe_periph);
+static void aprobestart(struct cam_periph *periph, union ccb *start_ccb);
+static void aproberequestdefaultnegotiation(struct cam_periph *periph);
+static void aprobedone(struct cam_periph *periph, union ccb *done_ccb);
+static void aprobecleanup(struct cam_periph *periph);
static void ata_find_quirk(struct cam_ed *device);
static void ata_scan_bus(struct cam_periph *periph, union ccb *ccb);
static void ata_scan_lun(struct cam_periph *periph,
struct cam_path *path, cam_flags flags,
union ccb *ccb);
-static void xptscandone(struct cam_periph *periph, union ccb *done_ccb);
+static void axptscandone(struct cam_periph *periph, union ccb *done_ccb);
static struct cam_ed *
ata_alloc_device(struct cam_eb *bus, struct cam_et *target,
lun_id_t lun_id);
@@ -271,12 +270,12 @@ CAM_XPT_PROTO(ata_proto_satapm);
CAM_XPT_PROTO(ata_proto_semb);
static void
-probe_periph_init()
+aprobe_periph_init()
{
}
static cam_status
-proberegister(struct cam_periph *periph, void *arg)
+aproberegister(struct cam_periph *periph, void *arg)
{
union ccb *request_ccb; /* CCB representing the probe request */
probe_softc *softc;
@@ -307,12 +306,12 @@ proberegister(struct cam_periph *periph, void *arg)
CAM_DEBUG(periph->path, CAM_DEBUG_PROBE, ("Probe started\n"));
svn commit: r360998 - in head/sys/dev/ath: . ath_rate/amrr ath_rate/onoe ath_rate/sample
Author: adrian
Date: Wed May 13 00:05:11 2020
New Revision: 360998
URL: https://svnweb.freebsd.org/changeset/base/360998
Log:
[ath] [ath_rate] Add some extra data into the rate control lookup.
Right now (well, since I did this in 2011/2012) the rate control code
makes some super bad choices for 11n aggregates/rates, and it tracks
statistics even more questionably.
It's been long enough and I'm now trying to use it again daily, so let's
start by:
* telling the rate control code if it's an aggregate or not;
* being clearer about the TID - yes it can be extracted from the
ath_buf but this way it can be overridden by the caller without
changing the TID itself.
(This is for doing experiments with voice/video QoS at some point..)
* Return an optional field to limit how long the aggregate is in
microseconds. Right now the rate control code supplies a rate table
and the ath aggr form code will look at the rate table and limit
the aggregate size to 4ms at the slowest rate. Yeah, this is pretty
terrible.
* Add some more TODO comments around handling txpower, rate and
handling filtered frames status so if I continue to have spoons for
this I can go poke at it.
Modified:
head/sys/dev/ath/ath_rate/amrr/amrr.c
head/sys/dev/ath/ath_rate/onoe/onoe.c
head/sys/dev/ath/ath_rate/sample/sample.c
head/sys/dev/ath/if_ath.c
head/sys/dev/ath/if_ath_tx.c
head/sys/dev/ath/if_athrate.h
Modified: head/sys/dev/ath/ath_rate/amrr/amrr.c
==
--- head/sys/dev/ath/ath_rate/amrr/amrr.c Wed May 13 00:03:39 2020
(r360997)
+++ head/sys/dev/ath/ath_rate/amrr/amrr.c Wed May 13 00:05:11 2020
(r360998)
@@ -104,8 +104,8 @@ ath_rate_node_cleanup(struct ath_softc *sc, struct ath
void
ath_rate_findrate(struct ath_softc *sc, struct ath_node *an,
- int shortPreamble, size_t frameLen,
- u_int8_t *rix, int *try0, u_int8_t *txrate)
+ int shortPreamble, size_t frameLen, int tid, bool is_aggr,
+ u_int8_t *rix, int *try0, u_int8_t *txrate, int *maxdur)
{
struct amrr_node *amn = ATH_NODE_AMRR(an);
@@ -115,6 +115,7 @@ ath_rate_findrate(struct ath_softc *sc, struct ath_nod
*txrate = amn->amn_tx_rate0sp;
else
*txrate = amn->amn_tx_rate0;
+ maxdur = -1;
}
/*
Modified: head/sys/dev/ath/ath_rate/onoe/onoe.c
==
--- head/sys/dev/ath/ath_rate/onoe/onoe.c Wed May 13 00:03:39 2020
(r360997)
+++ head/sys/dev/ath/ath_rate/onoe/onoe.c Wed May 13 00:05:11 2020
(r360998)
@@ -112,8 +112,8 @@ ath_rate_node_cleanup(struct ath_softc *sc, struct ath
void
ath_rate_findrate(struct ath_softc *sc, struct ath_node *an,
- int shortPreamble, size_t frameLen,
- u_int8_t *rix, int *try0, u_int8_t *txrate)
+ int shortPreamble, size_t frameLen, int tid, bool is_aggr,
+ u_int8_t *rix, int *try0, u_int8_t *txrate, int *maxdur)
{
struct onoe_node *on = ATH_NODE_ONOE(an);
@@ -123,6 +123,7 @@ ath_rate_findrate(struct ath_softc *sc, struct ath_nod
*txrate = on->on_tx_rate0sp;
else
*txrate = on->on_tx_rate0;
+ *maxdur = -1;
}
/*
Modified: head/sys/dev/ath/ath_rate/sample/sample.c
==
--- head/sys/dev/ath/ath_rate/sample/sample.c Wed May 13 00:03:39 2020
(r360997)
+++ head/sys/dev/ath/ath_rate/sample/sample.c Wed May 13 00:05:11 2020
(r360998)
@@ -482,8 +482,9 @@ ath_rate_pick_seed_rate_ht(struct ath_softc *sc, struc
void
ath_rate_findrate(struct ath_softc *sc, struct ath_node *an,
- int shortPreamble, size_t frameLen,
- u_int8_t *rix0, int *try0, u_int8_t *txrate)
+ int shortPreamble, size_t frameLen, int tid,
+ bool is_aggr, u_int8_t *rix0, int *try0,
+ u_int8_t *txrate, int *maxdur)
{
#defineDOT11RATE(ix) (rt->info[ix].dot11Rate & IEEE80211_RATE_VAL)
#defineMCS(ix) (rt->info[ix].dot11Rate | IEEE80211_RATE_MCS)
@@ -497,6 +498,10 @@ ath_rate_findrate(struct ath_softc *sc, struct ath_nod
unsigned average_tx_time;
ath_rate_update_static_rix(sc, >an_node);
+
+ /* For now don't take TID, is_aggr into account */
+ /* Also for now don't calculate a max duration; that'll come later */
+ *maxdur = -1;
if (sn->currates != sc->sc_currates) {
device_printf(sc->sc_dev, "%s: currates != sc_currates!\n",
Modified: head/sys/dev/ath/if_ath.c
==
--- head/sys/dev/ath/if_ath.c Wed May 13 00:03:39 2020(r360997)
+++ head/sys/dev/ath/if_ath.c Wed May 13 00:05:11 2020(r360998)
@@ -4312,6
svn commit: r360996 - stable/12/contrib/elftoolchain/elfcopy
Author: emaste
Date: Tue May 12 23:51:04 2020
New Revision: 360996
URL: https://svnweb.freebsd.org/changeset/base/360996
Log:
MFC r359166: objcopy: add new sections also when there is no .shstrtab
Previously objcopy (elfcopy) --add-sections inserted new sections before
.shstrtab, but omitted them if there was no .shstrtab.
Now, after processing existing sections add new sections if they were
not yet added.
PR: 241437
Reported by: arrowd
Submitted by: Tiger Gao
Sponsored by: The FreeBSD Foundation
Modified:
stable/12/contrib/elftoolchain/elfcopy/sections.c
Directory Properties:
stable/12/ (props changed)
Modified: stable/12/contrib/elftoolchain/elfcopy/sections.c
==
--- stable/12/contrib/elftoolchain/elfcopy/sections.c Tue May 12 23:46:52
2020(r360995)
+++ stable/12/contrib/elftoolchain/elfcopy/sections.c Tue May 12 23:51:04
2020(r360996)
@@ -28,6 +28,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -341,6 +342,7 @@ create_scn(struct elfcopy *ecp)
size_t indx;
uint64_t oldndx, newndx;
int elferr, sec_flags, reorder;
+ bool sections_added;
/*
* Insert a pseudo section that contains the ELF header
@@ -364,6 +366,7 @@ create_scn(struct elfcopy *ecp)
errx(EXIT_FAILURE, "elf_getshstrndx failed: %s",
elf_errmsg(-1));
+ sections_added = false;
reorder = 0;
is = NULL;
while ((is = elf_nextscn(ecp->ein, is)) != NULL) {
@@ -438,12 +441,14 @@ create_scn(struct elfcopy *ecp)
oldndx = newndx = SHN_UNDEF;
if (strcmp(name, ".symtab") != 0 &&
strcmp(name, ".strtab") != 0) {
+ /* Add new sections before .shstrtab if we have one. */
if (!strcmp(name, ".shstrtab")) {
/*
* Add sections specified by --add-section and
* gnu debuglink. we want these sections have
* smaller index than .shstrtab section.
*/
+ sections_added = true;
if (ecp->debuglink != NULL)
add_gnu_debuglink(ecp);
if (ecp->flags & SEC_ADD)
@@ -504,6 +509,12 @@ create_scn(struct elfcopy *ecp)
ecp->strtab = s;
insert_to_sec_list(ecp, s, 0);
+ }
+ if (!sections_added) {
+ if (ecp->debuglink != NULL)
+ add_gnu_debuglink(ecp);
+ if (ecp->flags & SEC_ADD)
+ insert_sections(ecp);
}
elferr = elf_errno();
if (elferr != 0)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360995 - head/sys/net/route
Author: imp Date: Tue May 12 23:46:52 2020 New Revision: 360995 URL: https://svnweb.freebsd.org/changeset/base/360995 Log: Kill trailing newline while I'm here... Modified: head/sys/net/route/route_ddb.c Modified: head/sys/net/route/route_ddb.c == --- head/sys/net/route/route_ddb.c Tue May 12 23:33:03 2020 (r360994) +++ head/sys/net/route/route_ddb.c Tue May 12 23:46:52 2020 (r360995) @@ -268,4 +268,3 @@ usage: " Currently accepts only IPv4 and IPv6 addresses\n"); db_skip_to_eol(); } - ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360993 - head/usr.bin/uname
Author: imp Date: Tue May 12 22:44:51 2020 New Revision: 360993 URL: https://svnweb.freebsd.org/changeset/base/360993 Log: Refine the history of uname. It appeared in 4.4BSD. It was not in v7 unix. It was one of the additions in PWB, and appeared in System III and later commercial versions of Unix. The different args to uname weren't aded until System III. Add a quick note to note the late entry into the BSD fork of Unix since PWB otherwise implies a pre-fork date. Modified: head/usr.bin/uname/uname.1 Modified: head/usr.bin/uname/uname.1 == --- head/usr.bin/uname/uname.1 Tue May 12 21:59:21 2020(r360992) +++ head/usr.bin/uname/uname.1 Tue May 12 22:44:51 2020(r360993) @@ -146,7 +146,11 @@ specification. .Sh HISTORY The .Nm -command appeared in PWB UNIX. +command appeared in PWB UNIX 1.0, however +.Bx 4.4 +was the first Berkeley release with the +.Nm +command. .Pp The .Fl K ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360833 - head
On Mon, May 11, 2020 at 01:45:14PM -0500, Kyle Evans wrote:
> On Mon, May 11, 2020 at 1:10 PM Brooks Davis wrote:
> >
> > On Sat, May 09, 2020 at 02:01:29AM +, Kyle Evans wrote:
> > > Author: kevans
> > > Date: Sat May 9 02:01:29 2020
> > > New Revision: 360833
> > > URL: https://svnweb.freebsd.org/changeset/base/360833
> > >
> > > Log:
> > > installworld: attempt a certctl rehash at the tail end
> > >
> > > This can be run as root or normal user with no problem; if they hadn't
> > > twisted the WITHOUT_CAROOT knob, we'll attempt to use the host certctl
> > > to
> > > rehash the DESTDIR. This would allow one to build systems
> > > WITHOUT_OPENSSL +
> > > WITH_CAROOT with a populated /etc/ssl that they can then use with an
> > > appropriate *ssl from somewhere else.
> > >
> > > Cross-builds are fine because this will always use the host certctl, or
> > > just
> > > nag if it's missing and it wasn't a WITHOUT_CAROOT build.
> > >
> > > MFC after: 1 week
> > > Differential Revision: https://reviews.freebsd.org/D24641
> > >
> > > Modified:
> > > head/Makefile.inc1
> > >
> > > Modified: head/Makefile.inc1
> > > ==
> > > --- head/Makefile.inc1Sat May 9 01:48:08 2020(r360832)
> > > +++ head/Makefile.inc1Sat May 9 02:01:29 2020(r360833)
> > > @@ -1403,6 +1403,16 @@ distributeworld installworld stageworld:
> > > _installcheck
> > > ${DESTDIR}/${DISTDIR}/${dist}.debug.meta
> > > .endfor
> > > .endif
> > > +.elif make(installworld) && ${MK_CAROOT} != "no"
> > > + # We could make certctl a bootstrap tool, but it requires OpenSSL
> > > and
> > > + # friends, which we likely don't want. We'll rehash on a
> > > best-effort
> > > + # basis, otherwise we'll just mention that we're not doing it to
> > > raise
> > > + # awareness.
> > > + @if which certctl>/dev/null; then \
> > > + certctl rehash \
> >
> > Does this update METALOG with the added links?
> >
> > It seems a little weird to rely on DESTDIR from the environment.
> >
> > In general I'm not enthusiastic about additions to installworld that do
> > anything other than copying files, creating links, etc in simple ways.
>
> I will happily back this out if I can get some qualified eyes to
> review/improve it. It does not update METALOG, and it probably should.
> Agreed on DESTDIR. As for point #3, I guess we can continue spreading
> `certctl rehash` all over the tree in various points that may need it;
> the release(7) scripts will need to be done if we don't do it here at
> a minimum, and I haven't put much thought into it beyond that.
I'm not in a rush to back this out given that it's solving a real
problem, but lets talk about improvements.
I kind of feel like this belongs in distribution (which I think would
deal with release scripts) or in etcupdate/mergemaster, but I'm not
sure either of those are correct. I'd be happy to review changes to
update the METALOG (I guess we'd extend certctl with an option to do
that?) I think that's the most important things because we really
should be routinely validating that DESTDIR only contains things in the
METALOG. A quick and dirty fix for the DESTDIR weirdness might be adding
"env DESTDIR=${DESTDIR}" so it's explicit.
> The close-to-infuriating part of the caroot project has been that it's
> incredibly hard to get almost anyone else (with some obvious
> exceptions) to do more than informal discussion on the matter; actual
> review, in particular, is difficult to obtain.
Thanks for doing all this work! I'm afraid the whole thing gives me
third-rail vibes (not the idea or the implementation, but the potential
for things to go wrong) so I've veered away from the larger reviews. :(
-- Brooks
signature.asc
Description: PGP signature
svn commit: r360992 - head/bin/sh/tests/parser
Author: jilles
Date: Tue May 12 21:59:21 2020
New Revision: 360992
URL: https://svnweb.freebsd.org/changeset/base/360992
Log:
sh/tests: Test some obscure cases with aliasing keywords
Added:
head/bin/sh/tests/parser/alias19.0 (contents, props changed)
head/bin/sh/tests/parser/alias19.0.stdout (contents, props changed)
head/bin/sh/tests/parser/alias20.0 (contents, props changed)
head/bin/sh/tests/parser/alias20.0.stdout (contents, props changed)
Modified:
head/bin/sh/tests/parser/Makefile
Modified: head/bin/sh/tests/parser/Makefile
==
--- head/bin/sh/tests/parser/Makefile Tue May 12 21:51:56 2020
(r360991)
+++ head/bin/sh/tests/parser/Makefile Tue May 12 21:59:21 2020
(r360992)
@@ -25,6 +25,8 @@ ${PACKAGE}FILES+= alias15.0 alias15.0.stdout
${PACKAGE}FILES+= alias16.0
${PACKAGE}FILES+= alias17.0
${PACKAGE}FILES+= alias18.0
+${PACKAGE}FILES+= alias19.0 alias19.0.stdout
+${PACKAGE}FILES+= alias20.0 alias20.0.stdout
${PACKAGE}FILES+= and-pipe-not.0
${PACKAGE}FILES+= case1.0
${PACKAGE}FILES+= case2.0
Added: head/bin/sh/tests/parser/alias19.0
==
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/bin/sh/tests/parser/alias19.0 Tue May 12 21:59:21 2020
(r360992)
@@ -0,0 +1,8 @@
+# $FreeBSD$
+
+alias begin={ end=}
+begin
+cat
svn commit: r360991 - stable/12/sys/mips/cavium/octe
Author: jhibbits Date: Tue May 12 21:51:56 2020 New Revision: 360991 URL: https://svnweb.freebsd.org/changeset/base/360991 Log: MFC r343969 by nwhitehorn: Performance improvements for octe(4): - Distribute RX load across multiple cores, if present. This reverts r217212, which is no longer relevant (I think because of the newer SDK). - Use newer APIs for pinning taskqueue entries to specific cores. - Deepen RX buffers. This more than doubles NAT forwarding throughput on an EdgeRouter Lite from, with typical packet mixture, 90 Mbps to over 200 Mbps. The result matches forwarding throughput in Linux without the UBNT hardware offload on the same hardware, and thus likely reflects hardware limits. Modified: stable/12/sys/mips/cavium/octe/ethernet-defines.h stable/12/sys/mips/cavium/octe/ethernet-rx.c stable/12/sys/mips/cavium/octe/ethernet.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/mips/cavium/octe/ethernet-defines.h == --- stable/12/sys/mips/cavium/octe/ethernet-defines.h Tue May 12 21:00:13 2020(r360990) +++ stable/12/sys/mips/cavium/octe/ethernet-defines.h Tue May 12 21:51:56 2020(r360991) @@ -38,14 +38,14 @@ AND WITH ALL FAULTS AND CAVIUM NETWORKS MAKES NO PROM * the driver uses the default from below. */ -#define INTERRUPT_LIMIT 1 /* Max interrupts per second per core */ +#define INTERRUPT_LIMIT 1000 /* Max interrupts per second per core */ /*#define INTERRUPT_LIMIT 0 *//* Don't limit the number of interrupts */ #define USE_RED 1 /* Enable Random Early Dropping under load */ #define USE_10MBPS_PREAMBLE_WORKAROUND 1/* Allow SW based preamble removal at 10Mbps to workaround PHYs giving us bad preambles */ #define DONT_WRITEBACK(x) (x) /* Use this to have all FPA frees also tell the L2 not to write data to memory */ /*#define DONT_WRITEBACK(x) 0 *//* Use this to not have FPA frees control L2 */ -#define MAX_RX_PACKETS 120 /* Maximum number of packets to process per interrupt. */ +#define MAX_RX_PACKETS 1024 /* Maximum number of packets to process per interrupt. */ #define MAX_OUT_QUEUE_DEPTH 1000 #define FAU_NUM_PACKET_BUFFERS_TO_FREE (CVMX_FAU_REG_END - sizeof(uint32_t)) Modified: stable/12/sys/mips/cavium/octe/ethernet-rx.c == --- stable/12/sys/mips/cavium/octe/ethernet-rx.cTue May 12 21:00:13 2020(r360990) +++ stable/12/sys/mips/cavium/octe/ethernet-rx.cTue May 12 21:51:56 2020(r360991) @@ -57,8 +57,6 @@ extern struct ifnet *cvm_oct_device[]; static struct task cvm_oct_task; static struct taskqueue *cvm_oct_taskq; -static int cvm_oct_rx_active; - /** * Interrupt handler. The interrupt occurs whenever the POW * transitions from 0->1 packets in our group. @@ -77,10 +75,9 @@ int cvm_oct_do_interrupt(void *dev_id) cvmx_write_csr(CVMX_POW_WQ_INT, 0x10001
svn commit: r360990 - head/sys/arm64/arm64
Author: andrew
Date: Tue May 12 21:00:13 2020
New Revision: 360990
URL: https://svnweb.freebsd.org/changeset/base/360990
Log:
Fix the name reported when the core supports a 64-bit CCIDX
Modified:
head/sys/arm64/arm64/identcpu.c
Modified: head/sys/arm64/arm64/identcpu.c
==
--- head/sys/arm64/arm64/identcpu.c Tue May 12 20:05:34 2020
(r360989)
+++ head/sys/arm64/arm64/identcpu.c Tue May 12 21:00:13 2020
(r360990)
@@ -601,7 +601,7 @@ static struct mrs_field_value id_aa64mmfr2_nv[] = {
static struct mrs_field_value id_aa64mmfr2_ccidx[] = {
MRS_FIELD_VALUE(ID_AA64MMFR2_CCIDX_32, "32bit CCIDX"),
- MRS_FIELD_VALUE(ID_AA64MMFR2_CCIDX_64, "32bit CCIDX"),
+ MRS_FIELD_VALUE(ID_AA64MMFR2_CCIDX_64, "64bit CCIDX"),
MRS_FIELD_VALUE_END,
};
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360989 - releng/11.4/release/doc/en_US.ISO8859-1/relnotes
Author: gjb Date: Tue May 12 20:05:34 2020 New Revision: 360989 URL: https://svnweb.freebsd.org/changeset/base/360989 Log: Release notes documentation: - r350801: camcontrol(8) AMA support. - r351582: camcontrol(8) 'modepage' block descriptor support. - r351843: usbconfig(8) detach_kernel_driver command. - r351873: jot(1) '-r 0 start end' fix. - r352758: freebsd-update(8) 'updatesready' and 'showconfig' commands. - r353134: crontab(5)/cron(8) '-n' and '-q' flags. - r353759: zfs(8) bookmark renaming support. - r356290: OpenSSL 1.0.2u. - r356401: usbconfig(8) dump_stats command. - r356905: fsck_ffs(8) recovery information fix with 64k sectors. - r357082: certctl(8) added. - r357791: env(1) -L/-U user/class options. - r359554: ZFS ZIL max block size tunable. - r359696: libalias(3)/ipfw(4) RFC-6598 support. - r359740: syslogd(8) property-based filters. Approved by: re (implicit) Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: releng/11.4/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/11.4/release/doc/en_US.ISO8859-1/relnotes/article.xml == --- releng/11.4/release/doc/en_US.ISO8859-1/relnotes/article.xmlTue May 12 20:05:33 2020(r360988) +++ releng/11.4/release/doc/en_US.ISO8859-1/relnotes/article.xmlTue May 12 20:05:34 2020(r360989) @@ -165,7 +165,56 @@ Userland Application Changes - + The +utility has been updated to include support + for Accessible Max Address Configuration + (AMA). + + The utility has been + updated to support block descriptors with the + modepage subcommand. + + The utility has been + updated to include the detach_kernel_driver + command. + + The utility has been updated + to allow an endless stream of random data within the specified + bounds. + + The utility has + been updated to include two new commands, + updatesready and + showconfig. + + The utility has been + updated to support two new flags in , + -n and -q, which + suppress mail on successful runs and suppress logging of + command execution, respectively. + + The utility has been updated + to support renaming bookmarks. + + The utility has been + updated to include the dump_stats + command. + + The and + utilities has been updated to fix recovery information with + sector sizes up to 64k. + + The utility has been + added. + + The utility has been updated + to include the -L and -U + options, which are used to set the environment of the + specified user from login.conf and + ~/.login_conf, respectively. + + The utility has been + updated to add property-based filters. @@ -186,6 +235,9 @@ The library has been updated to version 2.2.9. + OpenSSL has + been update to version 1.0.2u. + The library has been updated to version 1.9.1. @@ -374,7 +426,9 @@ ZFS - + The ZFS + ZIL (ZFS intent log) + maximum block size is now tunable. @@ -418,7 +472,10 @@ Network Protocols - + The library and +packet filter have been updated to add support + for RFC 6598/Carrier Grade + NAT subnets. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360988 - releng/11.4/release/doc/en_US.ISO8859-1/relnotes
Author: gjb Date: Tue May 12 20:05:33 2020 New Revision: 360988 URL: https://svnweb.freebsd.org/changeset/base/360988 Log: Release notes documentation: - r351007: bzip2(1) 1.0.8. - r351611: WPA 2.9. - r354195: tcsh(1) 6.21.0. - r355504: less(1) 551. - r355604: libbsdxml(3) 2.2.9. - r356341: pcap(3) 1.9.1. - r356341: tcpdump(1) 4.9.3. - r356345: unbound 1.9.6. - r356533: mtree(8) various fixes. - r358088: libarchive(3) 3.4.2. - r358659: ntpd(8) 4.2.8p14. - r360362: tzdata 2020a. - r360521: file(1) 5.38. - r360523: xz(1) 5.2.5. - r360822: clang (and friends) 10.0.0. Approved by: re (implicit) Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: releng/11.4/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/11.4/release/doc/en_US.ISO8859-1/relnotes/article.xml == --- releng/11.4/release/doc/en_US.ISO8859-1/relnotes/article.xmlTue May 12 20:02:18 2020(r360987) +++ releng/11.4/release/doc/en_US.ISO8859-1/relnotes/article.xmlTue May 12 20:05:33 2020(r360988) @@ -171,7 +171,57 @@ Contributed Software - + The utility has been + updated to version 1.0.8. + + The WPA + utilities have been updated to version 2.9. + + The utility has been + updated to version 6.21.0. + + The utility has been + updated to version 551. + + The library has + been updated to version 2.2.9. + + The library has been + updated to version 1.9.1. + + The utility has been + updated to version 4.9.3. + + The utility has been + updated to version 1.9.6. + + The utility has been + updated to include several bug fixes. + + The library has been + updated to version 3.4.2. + + The utilities have been + updated to version 4.2.8p14. + + The timezone database files have been + updated to version 2020a. + + The utility has been + updated to version 5.38. + + The utility has been updated + to version 5.2.5. + + The clang, + llvm, + lld, + lldb, + libunwind, + openmp, + compiler-rt utilities and + libc++ have been updated to version + 10.0.0. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360987 - releng/11.4/release/doc/share/xml
Author: gjb Date: Tue May 12 20:02:18 2020 New Revision: 360987 URL: https://svnweb.freebsd.org/changeset/base/360987 Log: Document EN-20:08 through EN-20:09, and SA-20:12 through SA-20:16. Approved by: re (implicit) Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: releng/11.4/release/doc/share/xml/security.xml Modified: releng/11.4/release/doc/share/xml/security.xml == --- releng/11.4/release/doc/share/xml/security.xml Tue May 12 20:02:01 2020(r360986) +++ releng/11.4/release/doc/share/xml/security.xml Tue May 12 20:02:18 2020(r360987) @@ -185,6 +185,21 @@ 21April2020 Invalid handling + + + FreeBSD-SA-20:12.libalias + 12May2020 + Insufficient packet length + validation + + + + FreeBSD-SA-20:13.libalias + 12May2020 + Memory disclosure vulnerability + ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360986 - stable/11/release/doc/share/xml
Author: gjb Date: Tue May 12 20:02:01 2020 New Revision: 360986 URL: https://svnweb.freebsd.org/changeset/base/360986 Log: Document EN-20:08 through EN-20:09, and SA-20:12 through SA-20:16. Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: stable/11/release/doc/share/xml/errata.xml stable/11/release/doc/share/xml/security.xml Modified: stable/11/release/doc/share/xml/errata.xml == --- stable/11/release/doc/share/xml/errata.xml Tue May 12 18:44:41 2020 (r360985) +++ stable/11/release/doc/share/xml/errata.xml Tue May 12 20:02:01 2020 (r360986) @@ -91,6 +91,21 @@ Regression with certain NFS servers + + + FreeBSD-EN-20:08.tzdata + 12May2020 + Timezone database update + + + + FreeBSD-EN-20:10.build + 12May2020 + Incorrect build host clang version + detection + Modified: stable/11/release/doc/share/xml/security.xml == --- stable/11/release/doc/share/xml/security.xmlTue May 12 18:44:41 2020(r360985) +++ stable/11/release/doc/share/xml/security.xmlTue May 12 20:02:01 2020(r360986) @@ -185,6 +185,36 @@ 21April2020 Invalid handling + + + FreeBSD-SA-20:12.libalias + 12May2020 + Insufficient packet length + validation + + + + FreeBSD-SA-20:13.libalias + 12May2020 + Memory disclosure vulnerability + + + + FreeBSD-SA-20:14.sctp + 12May2020 + Improper checking in shared key + update + + + + FreeBSD-SA-20:14.cryptodev + 12May2020 + Use-after-free condition + ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360983 - head/include
On Tue, May 12, 2020 at 11:39:17AM -0700, Conrad Meyer wrote: > Why not just use _Bool and leave the compatibility definition only for > C++ (#define _Bool bool)? There was such version in interim, see https://reviews.freebsd.org/D24297?vs=on=70906#toc Exp-run reported issues with this variant, please look at the bug trail yourself. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360985 - stable/12/sys/dev/ena
wt., 12 maj 2020 o 20:44 Marcin Wojtas napisał(a): > > Author: mw > Date: Tue May 12 18:44:41 2020 > New Revision: 360985 > URL: https://svnweb.freebsd.org/changeset/base/360985 > > Log: > MFC r360777: Optimize ENA Rx refill for low memory conditions > > Sometimes, especially when there is not much memory in the system left, > allocating mbuf jumbo clusters (like 9KB or 16KB) can take a lot of time > and it is not guaranteed that it'll succeed. In that situation, the > fallback will work, but if the refill needs to take a place for a lot of > descriptors at once, the time spent in m_getjcl looking for memory can > cause system unresponsiveness due to high priority of the Rx task. This > can also lead to driver reset, because Tx cleanup routine is being > blocked and timer service could detect that Tx packets aren't cleaned > up. The reset routine can further create another unresponsiveness - Rx > rings are being refilled there, so m_getjcl will again burn the CPU. > This was causing NVMe driver timeouts and resets, because network driver > is having higher priority. > > Instead of 16KB jumbo clusters for the Rx buffers, 9KB clusters are > enough - ENA MTU is being set to 9K anyway, so it's very unlikely that > more space than 9KB will be needed. > > However, 9KB jumbo clusters can still cause issues, so by default the > page size mbuf cluster will be used for the Rx descriptors. This can have a > small (~2%) impact on the throughput of the device, so to restore > original behavior, one must change sysctl "hw.ena.enable_9k_mbufs" to > "1" in "/boot/loader.conf" file. > > As a part of this patch (important fix), the version of the driver > was updated to v2.1.2. > For the record - on stable/12 the version was bumped to 0.8.5 with this commit. Marcin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360985 - stable/12/sys/dev/ena
Author: mw
Date: Tue May 12 18:44:41 2020
New Revision: 360985
URL: https://svnweb.freebsd.org/changeset/base/360985
Log:
MFC r360777: Optimize ENA Rx refill for low memory conditions
Sometimes, especially when there is not much memory in the system left,
allocating mbuf jumbo clusters (like 9KB or 16KB) can take a lot of time
and it is not guaranteed that it'll succeed. In that situation, the
fallback will work, but if the refill needs to take a place for a lot of
descriptors at once, the time spent in m_getjcl looking for memory can
cause system unresponsiveness due to high priority of the Rx task. This
can also lead to driver reset, because Tx cleanup routine is being
blocked and timer service could detect that Tx packets aren't cleaned
up. The reset routine can further create another unresponsiveness - Rx
rings are being refilled there, so m_getjcl will again burn the CPU.
This was causing NVMe driver timeouts and resets, because network driver
is having higher priority.
Instead of 16KB jumbo clusters for the Rx buffers, 9KB clusters are
enough - ENA MTU is being set to 9K anyway, so it's very unlikely that
more space than 9KB will be needed.
However, 9KB jumbo clusters can still cause issues, so by default the
page size mbuf cluster will be used for the Rx descriptors. This can have a
small (~2%) impact on the throughput of the device, so to restore
original behavior, one must change sysctl "hw.ena.enable_9k_mbufs" to
"1" in "/boot/loader.conf" file.
As a part of this patch (important fix), the version of the driver
was updated to v2.1.2.
Submitted by: cperciva
PR: 225791, 234838, 235856, 236989, 243531
Modified:
stable/12/sys/dev/ena/ena.c
stable/12/sys/dev/ena/ena.h
Directory Properties:
stable/12/ (props changed)
Modified: stable/12/sys/dev/ena/ena.c
==
--- stable/12/sys/dev/ena/ena.c Tue May 12 18:17:57 2020(r360984)
+++ stable/12/sys/dev/ena/ena.c Tue May 12 18:44:41 2020(r360985)
@@ -200,6 +200,19 @@ int ena_log_level = ENA_ALERT | ENA_WARNING;
SYSCTL_INT(_hw_ena, OID_AUTO, log_level, CTLFLAG_RWTUN,
_log_level, 0, "Logging level indicating verbosity of the logs");
+/*
+ * Use 9k mbufs for the Rx buffers. Default to 0 (use page size mbufs instead).
+ * Using 9k mbufs in low memory conditions might cause allocation to take a lot
+ * of time and lead to the OS instability as it needs to look for the
contiguous
+ * pages.
+ * However, page size mbufs has a bit smaller throughput than 9k mbufs, so if
+ * the network performance is the priority, the 9k mbufs can be used.
+ */
+int ena_enable_9k_mbufs = 0;
+SYSCTL_INT(_hw_ena, OID_AUTO, enable_9k_mbufs, CTLFLAG_RDTUN,
+_enable_9k_mbufs, 0, "Use 9 kB mbufs for Rx descriptors");
+#define ena_mbuf_sz (ena_enable_9k_mbufs ? MJUM9BYTES : MJUMPAGESIZE)
+
static ena_vendor_info_t ena_vendor_info_array[] = {
{ PCI_VENDOR_ID_AMAZON, PCI_DEV_ID_ENA_PF, 0},
{ PCI_VENDOR_ID_AMAZON, PCI_DEV_ID_ENA_LLQ_PF, 0},
@@ -470,6 +483,7 @@ ena_init_io_rings(struct ena_adapter *adapter)
rxr->que = que;
rxr->empty_rx_queue = 0;
+ rxr->rx_mbuf_sz = ena_mbuf_sz;
}
}
@@ -548,9 +562,9 @@ ena_setup_rx_dma_tag(struct ena_adapter *adapter)
ENA_DMA_BIT_MASK(adapter->dma_width), /* lowaddr of excl window */
BUS_SPACE_MAXADDR,/* highaddr of excl window */
NULL, NULL, /* filter, filterarg */
- MJUM16BYTES, /* maxsize */
+ ena_mbuf_sz, /* maxsize */
adapter->max_rx_sgl_size, /* nsegments */
- MJUM16BYTES, /* maxsegsize */
+ ena_mbuf_sz, /* maxsegsize */
0,/* flags */
NULL, /* lockfunc*/
NULL, /* lockarg */
@@ -957,7 +971,8 @@ ena_alloc_rx_mbuf(struct ena_adapter *adapter,
return (0);
/* Get mbuf using UMA allocator */
- rx_info->mbuf = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUM16BYTES);
+ rx_info->mbuf = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR,
+ rx_ring->rx_mbuf_sz);
if (unlikely(rx_info->mbuf == NULL)) {
counter_u64_add(rx_ring->rx_stats.mjum_alloc_fail, 1);
@@ -968,7 +983,7 @@ ena_alloc_rx_mbuf(struct ena_adapter *adapter,
}
mlen = MCLBYTES;
} else {
- mlen = MJUM16BYTES;
+ mlen = rx_ring->rx_mbuf_sz;
}
/* Set mbuf length*/
rx_info->mbuf->m_pkthdr.len =
Re: svn commit: r360983 - head/include
Why not just use _Bool and leave the compatibility definition only for
C++ (#define _Bool bool)?
On Tue, May 12, 2020 at 11:12 AM Konstantin Belousov wrote:
>
> Author: kib
> Date: Tue May 12 18:12:20 2020
> New Revision: 360983
> URL: https://svnweb.freebsd.org/changeset/base/360983
>
> Log:
> Clear namespace pollution in include/malloc_np.h
>
> Do not include stdbool.h, it makes the header incompatible with some
> third-party code that typedefs bool manually.
> Remove inclusion of strings.h, which typically conflicts with the use
> of symbol 'index'.
> Separate inclusion of sys/cdefs.h is not needed because sys/types.h
> already handles that.
>
> Exp-run by: antoine (PR 245366)
> Sponsored by: The FreeBSD Foundation
> MFC after:1 week
> Differential revision:https://reviews.freebsd.org/D24297
>
> Modified:
> head/include/malloc_np.h
>
> Modified: head/include/malloc_np.h
> ==
> --- head/include/malloc_np.hTue May 12 17:18:44 2020(r360982)
> +++ head/include/malloc_np.hTue May 12 18:12:20 2020(r360983)
> @@ -33,29 +33,33 @@
>
> #ifndef _MALLOC_NP_H_
> #define_MALLOC_NP_H_
> -#include
> +
> #include
> -#include
> -#include
>
> +#ifdef __cplusplus
> +#define__MyBoolbool
> +#else
> +#define__MyBool_Bool
> +#endif
> +
> __BEGIN_DECLS
> typedef struct extent_hooks_s extent_hooks_t;
> -typedef void *(extent_alloc_t)(extent_hooks_t *, void *, size_t, size_t,
> bool *,
> -bool *, unsigned);
> -typedef bool (extent_dalloc_t)(extent_hooks_t *, void *, size_t, bool,
> +typedef void *(extent_alloc_t)(extent_hooks_t *, void *, size_t, size_t,
> +__MyBool *, __MyBool *, unsigned);
> +typedef __MyBool (extent_dalloc_t)(extent_hooks_t *, void *, size_t,
> __MyBool,
> unsigned);
> -typedef void (extent_destroy_t)(extent_hooks_t *, void *, size_t, bool,
> +typedef void (extent_destroy_t)(extent_hooks_t *, void *, size_t, __MyBool,
> unsigned);
> -typedef bool (extent_commit_t)(extent_hooks_t *, void *, size_t, size_t,
> size_t,
> -unsigned);
> -typedef bool (extent_decommit_t)(extent_hooks_t *, void *, size_t, size_t,
> +typedef __MyBool (extent_commit_t)(extent_hooks_t *, void *, size_t, size_t,
> size_t, unsigned);
> -typedef bool (extent_purge_t)(extent_hooks_t *, void *, size_t, size_t,
> size_t,
> +typedef __MyBool (extent_decommit_t)(extent_hooks_t *, void *, size_t,
> size_t,
> +size_t, unsigned);
> +typedef __MyBool (extent_purge_t)(extent_hooks_t *, void *, size_t, size_t,
> size_t,
> unsigned);
> -typedef bool (extent_split_t)(extent_hooks_t *, void *, size_t, size_t,
> size_t,
> -bool, unsigned);
> -typedef bool (extent_merge_t)(extent_hooks_t *, void *, size_t, void *,
> size_t,
> -bool, unsigned);
> +typedef __MyBool (extent_split_t)(extent_hooks_t *, void *, size_t, size_t,
> size_t,
> +__MyBool, unsigned);
> +typedef __MyBool (extent_merge_t)(extent_hooks_t *, void *, size_t, void *,
> size_t,
> +__MyBool, unsigned);
> struct extent_hooks_s {
> extent_alloc_t *alloc;
> extent_dalloc_t *dalloc;
> @@ -119,5 +123,7 @@ void__dallocx(void *ptr, int flags);
> void __sdallocx(void *ptr, size_t size, int flags);
> size_t __nallocx(size_t size, int flags);
> __END_DECLS
> +
> +#undef __MyBool
>
> #endif /* _MALLOC_NP_H_ */
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r360964 - in head: lib/libclang_rt lib/libthr lib/msun libexec/rtld-elf libexec/tftpd/tests share/mk stand stand/arm/uboot stand/efi stand/efi/boot1 stand/efi/loader stand/i386/boot2 s
This feels like it deserves an UPDATING (and possibly a RELNOTES) entry.
-Ravi (rpokala@)
-Original Message-
From: on behalf of Eric van Gyzen
Date: 2020-05-12, Tuesday at 08:22
To: , ,
Subject: svn commit: r360964 - in head: lib/libclang_rt lib/libthr lib/msun
libexec/rtld-elf libexec/tftpd/tests share/mk stand stand/arm/uboot stand/efi
stand/efi/boot1 stand/efi/loader stand/i386/boot2 st...
Author: vangyzen
Date: Tue May 12 15:22:40 2020
New Revision: 360964
URL: https://svnweb.freebsd.org/changeset/base/360964
Log:
Remove tests for obsolete compilers in the build system
Assume gcc is at least 6.4, the oldest xtoolchain in the ports tree.
Assume clang is at least 6, which was in 11.2-RELEASE. Drop conditions
for older compilers.
Reviewed by: imp (earlier version), emaste, jhb
MFC after:2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision:https://reviews.freebsd.org/D24802
Modified:
head/lib/libclang_rt/Makefile.inc
head/lib/libthr/Makefile
head/lib/msun/Makefile
head/libexec/rtld-elf/Makefile
head/libexec/tftpd/tests/Makefile
head/share/mk/bsd.compiler.mk
head/share/mk/bsd.sys.mk
head/stand/arm/uboot/Makefile
head/stand/defs.mk
head/stand/efi/Makefile
head/stand/efi/boot1/Makefile
head/stand/efi/loader/Makefile
head/stand/i386/boot2/Makefile
head/stand/i386/isoboot/Makefile
head/stand/libsa/Makefile
head/sys/conf/Makefile.arm
head/sys/conf/Makefile.powerpc
head/sys/conf/kern.mk
head/sys/conf/kern.post.mk
head/sys/conf/kern.pre.mk
head/sys/conf/kmod.mk
head/sys/modules/Makefile
head/usr.sbin/acpi/acpidb/Makefile
head/usr.sbin/trpt/Makefile
head/usr.sbin/zic/zic/Makefile
Modified: head/lib/libclang_rt/Makefile.inc
==
--- head/lib/libclang_rt/Makefile.inc Tue May 12 14:47:38 2020
(r360963)
+++ head/lib/libclang_rt/Makefile.inc Tue May 12 15:22:40 2020
(r360964)
@@ -32,7 +32,7 @@ CFLAGS+= ${PICFLAG}
CFLAGS+= -fno-builtin
CFLAGS+= -fno-exceptions
CXXFLAGS+= -fno-rtti
-.if ${COMPILER_TYPE} == clang && ${COMPILER_VERSION} >= 30700
+.if ${COMPILER_TYPE} == clang
CFLAGS+= -fno-sanitize=safe-stack
.endif
CFLAGS+= -fno-stack-protector
Modified: head/lib/libthr/Makefile
==
--- head/lib/libthr/MakefileTue May 12 14:47:38 2020
(r360963)
+++ head/lib/libthr/MakefileTue May 12 15:22:40 2020
(r360964)
@@ -29,10 +29,7 @@ CFLAGS+=-Winline
CFLAGS.thr_stack.c+= -Wno-cast-align
CFLAGS.rtld_malloc.c+= -Wno-cast-align
-.include
-.if !(${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} < 40300)
CFLAGS.thr_symbols.c+= -Wno-missing-variable-declarations
-.endif
.ifndef NO_THREAD_UNWIND_STACK
CFLAGS+=-fexceptions
Modified: head/lib/msun/Makefile
==
--- head/lib/msun/Makefile Tue May 12 14:47:38 2020(r360963)
+++ head/lib/msun/Makefile Tue May 12 15:22:40 2020(r360964)
@@ -108,13 +108,13 @@ COMMON_SRCS+= catrigl.c \
s_nextafterl.c s_nexttoward.c s_remquol.c s_rintl.c s_roundl.c \
s_scalbnl.c s_sinl.c s_sincosl.c \
s_tanhl.c s_tanl.c s_truncl.c w_cabsl.c
-# Work around this warning from gcc 6:
+# Work around this warning from gcc:
# lib/msun/ld80/e_powl.c:275:1: error: floating constant exceeds range
of
# 'long double' [-Werror=overflow]
# if( y >= LDBL_MAX )
# See also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=130067
.include
-.if ${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} >= 6
+.if ${COMPILER_TYPE} == "gcc"
CFLAGS.e_powl.c+= -Wno-error=overflow
.endif
.endif
Modified: head/libexec/rtld-elf/Makefile
==
--- head/libexec/rtld-elf/Makefile Tue May 12 14:47:38 2020
(r360963)
+++ head/libexec/rtld-elf/Makefile Tue May 12 15:22:40 2020
(r360964)
@@ -90,8 +90,4 @@ ${PROG_FULL}: ${VERSION_MAP}
# GCC warns about redeclarations even though they have __exported
# and are therefore not identical to the ones from the system headers.
CFLAGS+= -Wno-redundant-decls
-.if ${COMPILER_VERSION} < 40300
-# Silence -Wshadow false positives in ancient GCC
-CFLAGS+= -Wno-shadow
-.endif
.endif
Modified: head/libexec/tftpd/tests/Makefile
==
---
svn commit: r360984 - head/include
Author: kib Date: Tue May 12 18:17:57 2020 New Revision: 360984 URL: https://svnweb.freebsd.org/changeset/base/360984 Log: Make include/malloc.h usable again. Lot of third-party Linux code uses #include , expecting to find the malloc extensions there. Instead of trying to fight them, accept that attempt to deprecate the header causes more troubles than solves potential portability issues, and provide our jemalloc extensions. PR: 155429 Reviewed by: imp, jhibbits, dab, hselasky, philip, emaste, jilles Exp-run by: antoine (PR 245366) Sponsored by: The FreeBSD Foundation MFC after:2 weeks Differential revision:https://reviews.freebsd.org/D24297 Modified: head/include/malloc.h Modified: head/include/malloc.h == --- head/include/malloc.h Tue May 12 18:12:20 2020(r360983) +++ head/include/malloc.h Tue May 12 18:17:57 2020(r360984) @@ -1,6 +1,6 @@ -/* $FreeBSD$ */ -#if __STDC__ -#error " has been replaced by " -#else +/*- + * This file is in the public domain. + * $FreeBSD$ + */ #include -#endif +#include ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360983 - head/include
Author: kib
Date: Tue May 12 18:12:20 2020
New Revision: 360983
URL: https://svnweb.freebsd.org/changeset/base/360983
Log:
Clear namespace pollution in include/malloc_np.h
Do not include stdbool.h, it makes the header incompatible with some
third-party code that typedefs bool manually.
Remove inclusion of strings.h, which typically conflicts with the use
of symbol 'index'.
Separate inclusion of sys/cdefs.h is not needed because sys/types.h
already handles that.
Exp-run by: antoine (PR 245366)
Sponsored by: The FreeBSD Foundation
MFC after:1 week
Differential revision:https://reviews.freebsd.org/D24297
Modified:
head/include/malloc_np.h
Modified: head/include/malloc_np.h
==
--- head/include/malloc_np.hTue May 12 17:18:44 2020(r360982)
+++ head/include/malloc_np.hTue May 12 18:12:20 2020(r360983)
@@ -33,29 +33,33 @@
#ifndef _MALLOC_NP_H_
#define_MALLOC_NP_H_
-#include
+
#include
-#include
-#include
+#ifdef __cplusplus
+#define__MyBoolbool
+#else
+#define__MyBool_Bool
+#endif
+
__BEGIN_DECLS
typedef struct extent_hooks_s extent_hooks_t;
-typedef void *(extent_alloc_t)(extent_hooks_t *, void *, size_t, size_t, bool
*,
-bool *, unsigned);
-typedef bool (extent_dalloc_t)(extent_hooks_t *, void *, size_t, bool,
+typedef void *(extent_alloc_t)(extent_hooks_t *, void *, size_t, size_t,
+__MyBool *, __MyBool *, unsigned);
+typedef __MyBool (extent_dalloc_t)(extent_hooks_t *, void *, size_t, __MyBool,
unsigned);
-typedef void (extent_destroy_t)(extent_hooks_t *, void *, size_t, bool,
+typedef void (extent_destroy_t)(extent_hooks_t *, void *, size_t, __MyBool,
unsigned);
-typedef bool (extent_commit_t)(extent_hooks_t *, void *, size_t, size_t,
size_t,
-unsigned);
-typedef bool (extent_decommit_t)(extent_hooks_t *, void *, size_t, size_t,
+typedef __MyBool (extent_commit_t)(extent_hooks_t *, void *, size_t, size_t,
size_t, unsigned);
-typedef bool (extent_purge_t)(extent_hooks_t *, void *, size_t, size_t, size_t,
+typedef __MyBool (extent_decommit_t)(extent_hooks_t *, void *, size_t, size_t,
+size_t, unsigned);
+typedef __MyBool (extent_purge_t)(extent_hooks_t *, void *, size_t, size_t,
size_t,
unsigned);
-typedef bool (extent_split_t)(extent_hooks_t *, void *, size_t, size_t, size_t,
-bool, unsigned);
-typedef bool (extent_merge_t)(extent_hooks_t *, void *, size_t, void *, size_t,
-bool, unsigned);
+typedef __MyBool (extent_split_t)(extent_hooks_t *, void *, size_t, size_t,
size_t,
+__MyBool, unsigned);
+typedef __MyBool (extent_merge_t)(extent_hooks_t *, void *, size_t, void *,
size_t,
+__MyBool, unsigned);
struct extent_hooks_s {
extent_alloc_t *alloc;
extent_dalloc_t *dalloc;
@@ -119,5 +123,7 @@ void__dallocx(void *ptr, int flags);
void __sdallocx(void *ptr, size_t size, int flags);
size_t __nallocx(size_t size, int flags);
__END_DECLS
+
+#undef __MyBool
#endif /* _MALLOC_NP_H_ */
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360982 - head/sys/netinet6
Author: gallatin
Date: Tue May 12 17:18:44 2020
New Revision: 360982
URL: https://svnweb.freebsd.org/changeset/base/360982
Log:
IPv6: Fix a panic in the nd6 code with unmapped mbufs.
If the neighbor entry for an IPv6 TCP session using unmapped
mbufs times out, IPv6 will send an icmp6 dest. unreachable
message. In doing this, it will try to do a software checksum
on the reflected packet. If this is a TCP session using unmapped
mbufs, then there will be a kernel panic.
To fix this, just free packets with unmapped mbufs, rather
than sending the icmp.
Reviewed by: np, rrs
Sponsored by: Netflix
Differential Revision:https://reviews.freebsd.org/D24821
Modified:
head/sys/netinet6/nd6.c
Modified: head/sys/netinet6/nd6.c
==
--- head/sys/netinet6/nd6.c Tue May 12 17:07:28 2020(r360981)
+++ head/sys/netinet6/nd6.c Tue May 12 17:18:44 2020(r360982)
@@ -821,9 +821,27 @@ nd6_llinfo_timer(void *arg)
clear_llinfo_pqueue(ln);
}
nd6_free(, 0);
- if (m != NULL)
- icmp6_error2(m, ICMP6_DST_UNREACH,
- ICMP6_DST_UNREACH_ADDR, 0, ifp);
+ if (m != NULL) {
+ struct mbuf *n = m;
+
+ /*
+* if there are any ummapped mbufs, we
+* must free them, rather than using
+* them for an ICMP, as they cannot be
+* checksummed.
+*/
+ while ((n = n->m_next) != NULL) {
+ if (n->m_flags & M_EXTPG)
+ break;
+ }
+ if (n != NULL) {
+ m_freem(m);
+ m = NULL;
+ } else {
+ icmp6_error2(m, ICMP6_DST_UNREACH,
+ ICMP6_DST_UNREACH_ADDR, 0, ifp);
+ }
+ }
}
break;
case ND6_LLINFO_REACHABLE:
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360981 - releng/11.4/usr.sbin/bhyve
Author: jhb Date: Tue May 12 17:07:28 2020 New Revision: 360981 URL: https://svnweb.freebsd.org/changeset/base/360981 Log: MF11 360965: Use stream_read() to read all 12 bytes of the RFB client version. read() can return a short read, whereas stream_read() waits until the full version string is read. Approved by: re (gjb) Modified: releng/11.4/usr.sbin/bhyve/rfb.c Directory Properties: releng/11.4/ (props changed) Modified: releng/11.4/usr.sbin/bhyve/rfb.c == --- releng/11.4/usr.sbin/bhyve/rfb.cTue May 12 17:05:55 2020 (r360980) +++ releng/11.4/usr.sbin/bhyve/rfb.cTue May 12 17:07:28 2020 (r360981) @@ -72,6 +72,7 @@ static int rfb_debug = 0; #defineDPRINTF(params) if (rfb_debug) printf params #defineWPRINTF(params) printf params +#define VERSION_LENGTH 12 #define AUTH_LENGTH16 #define PASSWD_LENGTH 8 @@ -765,7 +766,7 @@ rfb_handle(struct rfb_softc *rc, int cfd) stream_write(cfd, vbuf, strlen(vbuf)); /* 1b. Read client version */ - len = read(cfd, buf, sizeof(buf)); + len = stream_read(cfd, buf, VERSION_LENGTH); /* 2a. Send security type */ buf[0] = 1; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360980 - head/lib/libproc/tests
Author: markj
Date: Tue May 12 17:05:55 2020
New Revision: 360980
URL: https://svnweb.freebsd.org/changeset/base/360980
Log:
Re-enable proc_test:symbol_lookup after r360979.
PR: 244732
MFC after:2 weeks
Sponsored by: The FreeBSD Foundation
Modified:
head/lib/libproc/tests/proc_test.c
Modified: head/lib/libproc/tests/proc_test.c
==
--- head/lib/libproc/tests/proc_test.c Tue May 12 17:00:47 2020
(r360979)
+++ head/lib/libproc/tests/proc_test.c Tue May 12 17:05:55 2020
(r360980)
@@ -270,9 +270,6 @@ ATF_TC_BODY(symbol_lookup, tc)
u_long saved;
int error;
- if (atf_tc_get_config_var_as_bool_wd(tc, "ci", false))
- atf_tc_skip("https://bugs.freebsd.org/244732;);
-
phdl = start_prog(tc, false);
error = proc_name2sym(phdl, target_prog_file, "main", _sym, NULL);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360979 - head/lib/librtld_db
Author: markj
Date: Tue May 12 17:00:47 2020
New Revision: 360979
URL: https://svnweb.freebsd.org/changeset/base/360979
Log:
librtld_db: Fix shlib mapping offsets.
kve_offset gives the offset into the backing file, which is not what we
want since different segments may map the same page. Use the base of
the mapping to determine the offset exported by librtld_db instead.
PR: 244732
Reported by: Jenkins, Nicolò Mazzucato
MFC after:2 weeks
Sponsored by: The FreeBSD Foundation
Modified:
head/lib/librtld_db/rtld_db.c
Modified: head/lib/librtld_db/rtld_db.c
==
--- head/lib/librtld_db/rtld_db.c Tue May 12 17:00:23 2020
(r360978)
+++ head/lib/librtld_db/rtld_db.c Tue May 12 17:00:47 2020
(r360979)
@@ -160,9 +160,12 @@ rd_err_e
rd_loadobj_iter(rd_agent_t *rdap, rl_iter_f *cb, void *clnt_data)
{
struct kinfo_vmentry *kves, *kve;
+ const char *path;
+ uint64_t fileid;
rd_loadobj_t rdl;
rd_err_e ret;
- int cnt, i, lastvn;
+ uintptr_t base;
+ int cnt, i;
DPRINTF("%s\n", __func__);
@@ -171,27 +174,38 @@ rd_loadobj_iter(rd_agent_t *rdap, rl_iter_f *cb, void
return (RD_ERR);
}
+ base = 0;
+ fileid = 0;
+ path = NULL;
ret = RD_OK;
- lastvn = 0;
for (i = 0; i < cnt; i++) {
- kve = kves + i;
- if (kve->kve_type == KVME_TYPE_VNODE)
- lastvn = i;
+ kve = [i];
+ /*
+* Cache the base offset of the file mapping. The kve_offset
+* field gives the file offset of a particular mapping into the
+* file, but we want the mapping offset relative to the base
+* mapping.
+*/
+ if (kve->kve_type == KVME_TYPE_VNODE &&
+ kve->kve_vn_fileid != fileid) {
+ base = kve->kve_start;
+ fileid = kve->kve_vn_fileid;
+ path = kve->kve_path;
+ }
memset(, 0, sizeof(rdl));
/*
* Map the kinfo_vmentry struct to the rd_loadobj structure.
*/
rdl.rdl_saddr = kve->kve_start;
rdl.rdl_eaddr = kve->kve_end;
- rdl.rdl_offset = kve->kve_offset;
+ rdl.rdl_offset = kve->kve_start - base;
if (kve->kve_protection & KVME_PROT_READ)
rdl.rdl_prot |= RD_RDL_R;
if (kve->kve_protection & KVME_PROT_WRITE)
rdl.rdl_prot |= RD_RDL_W;
if (kve->kve_protection & KVME_PROT_EXEC)
rdl.rdl_prot |= RD_RDL_X;
- strlcpy(rdl.rdl_path, kves[lastvn].kve_path,
- sizeof(rdl.rdl_path));
+ strlcpy(rdl.rdl_path, path, sizeof(rdl.rdl_path));
if ((*cb)(, clnt_data) != 0) {
ret = RD_ERR;
break;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360978 - in releng: 11.3 11.3/sys/conf 11.4 11.4/sys/conf 12.1 12.1/sys/conf
Author: gordon
Date: Tue May 12 17:00:23 2020
New Revision: 360978
URL: https://svnweb.freebsd.org/changeset/base/360978
Log:
Add UPDATING entries and bump version.
Approved by: so
Approved by: re (implicit)
Modified:
releng/11.3/UPDATING
releng/11.3/sys/conf/newvers.sh
releng/11.4/UPDATING
releng/11.4/sys/conf/newvers.sh
releng/12.1/UPDATING
releng/12.1/sys/conf/newvers.sh
Modified: releng/11.3/UPDATING
==
--- releng/11.3/UPDATINGTue May 12 16:59:09 2020(r360977)
+++ releng/11.3/UPDATINGTue May 12 17:00:23 2020(r360978)
@@ -16,6 +16,25 @@ from older versions of FreeBSD, try WITHOUT_CLANG and
the tip of head, and then rebuild without this option. The bootstrap process
from older version of current across the gcc/clang cutover is a bit fragile.
+20200512 p9 FreeBSD-EN-20:08.tzdata
+ FreeBSD-EN-20:10.build
+ FreeBSD-SA-20:12.libalias
+ FreeBSD-SA-20:13.libalias
+ FreeBSD-SA-20:14.sctp
+ FreeBSD-SA-20:15.cryptodev
+
+Import tzdata 2020a. [EN-20:08.tzdata]
+
+Fix incorrect build host Clang version detection [EN-20:10.build]
+
+ Fix insufficient packet length validation in libalias
[SA-20:12.libalias]
+
+ Fix memory disclosure vulnerability in libalias [SA-20:13.libalias]
+
+ Fix improper checking in SCTP-AUTH shared key update [SA-20:14.sctp]
+
+ Fix use after free in cryptodev module [SA-20:15.cryptodev]
+
20200421 p8 FreeBSD-EN-20:07.quotad
FreeBSD-SA-20:10.ipfw
Modified: releng/11.3/sys/conf/newvers.sh
==
--- releng/11.3/sys/conf/newvers.sh Tue May 12 16:59:09 2020
(r360977)
+++ releng/11.3/sys/conf/newvers.sh Tue May 12 17:00:23 2020
(r360978)
@@ -44,7 +44,7 @@
TYPE="FreeBSD"
REVISION="11.3"
-BRANCH="RELEASE-p8"
+BRANCH="RELEASE-p9"
if [ -n "${BRANCH_OVERRIDE}" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/11.4/UPDATING
==
--- releng/11.4/UPDATINGTue May 12 16:59:09 2020(r360977)
+++ releng/11.4/UPDATINGTue May 12 17:00:23 2020(r360978)
@@ -16,6 +16,13 @@ from older versions of FreeBSD, try WITHOUT_CLANG and
the tip of head, and then rebuild without this option. The bootstrap process
from older version of current across the gcc/clang cutover is a bit fragile.
+20200512: 11.4-BETA1-p1FreeBSD-SA-20:12.libalias
+ FreeBSD-SA-20:13.libalias
+
+ Fix insufficient packet length validation in libalias
[SA-20:12.libalias]
+
+ Fix memory disclosure vulnerability in libalias [SA-20:13.libalias]
+
20200507:
Clang, llvm, lld, lldb, compiler-rt, libc++, libunwind and openmp have
been upgraded to 10.0.0. Please see the 20141231 entry below for
Modified: releng/11.4/sys/conf/newvers.sh
==
--- releng/11.4/sys/conf/newvers.sh Tue May 12 16:59:09 2020
(r360977)
+++ releng/11.4/sys/conf/newvers.sh Tue May 12 17:00:23 2020
(r360978)
@@ -44,7 +44,7 @@
TYPE="FreeBSD"
REVISION="11.4"
-BRANCH="BETA1"
+BRANCH="BETA1-p1"
if [ -n "${BRANCH_OVERRIDE}" ]; then
BRANCH=${BRANCH_OVERRIDE}
fi
Modified: releng/12.1/UPDATING
==
--- releng/12.1/UPDATINGTue May 12 16:59:09 2020(r360977)
+++ releng/12.1/UPDATINGTue May 12 17:00:23 2020(r360978)
@@ -16,6 +16,28 @@ from older versions of FreeBSD, try WITHOUT_CLANG and
the tip of head, and then rebuild without this option. The bootstrap process
from older version of current across the gcc/clang cutover is a bit fragile.
+20200512 p5 FreeBSD-EN-20:08.tzdata
+ FreeBSD-EN-20:09.igb
+ FreeBSD-EN-20:10.build
+ FreeBSD-SA-20:12.libalias
+ FreeBSD-SA-20:13.libalias
+ FreeBSD-SA-20:15.cryptodev
+ FreeBSD-SA-20:16.cryptodev
+
+Import tzdata 2020a. [EN-20:08.tzdata]
+
+Fix igb interfaces failing to switch to inactive state [EN-20:09.igb]
+
+Fix incorrect build host Clang version detection [EN-20:10.build]
+
+ Fix insufficient packet length validation in libalias
[SA-20:12.libalias]
+
+ Fix memory disclosure vulnerability in libalias [SA-20:13.libalias]
+
+ Fix use after free in cryptodev module [SA-20:15.cryptodev]
+
+ Fix insufficient cryptodev MAC key length check [SA-2
svn commit: r360977 - releng/12.1/sys/opencrypto
Author: gordon
Date: Tue May 12 16:59:09 2020
New Revision: 360977
URL: https://svnweb.freebsd.org/changeset/base/360977
Log:
Fix insufficient cryptodev MAC key length check.
Approved by: so
Security: FreeBSD-SA-20:16.cryptodev
Security: CVE-2019-15880
Modified:
releng/12.1/sys/opencrypto/cryptodev.c
Modified: releng/12.1/sys/opencrypto/cryptodev.c
==
--- releng/12.1/sys/opencrypto/cryptodev.c Tue May 12 16:57:47 2020
(r360976)
+++ releng/12.1/sys/opencrypto/cryptodev.c Tue May 12 16:59:09 2020
(r360977)
@@ -602,8 +602,8 @@ cryptof_ioctl(
if (thash) {
cria.cri_alg = thash->type;
cria.cri_klen = sop->mackeylen * 8;
- if (thash->keysize != 0 &&
- sop->mackeylen > thash->keysize) {
+ if (sop->mackeylen > thash->keysize ||
+ sop->mackeylen < 0) {
CRYPTDEB("invalid mac key length");
error = EINVAL;
SDT_PROBE1(opencrypto, dev, ioctl, error,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360976 - in releng: 11.3/sys/opencrypto 12.1/sys/opencrypto
Author: gordon
Date: Tue May 12 16:57:47 2020
New Revision: 360976
URL: https://svnweb.freebsd.org/changeset/base/360976
Log:
Fix use after free in cryptodev module.
Approved by: so
Security: FreeBSD-SA-20:15.cryptodev
Security: CVE-2019-15879
Modified:
releng/11.3/sys/opencrypto/cryptodev.c
releng/12.1/sys/opencrypto/cryptodev.c
Modified: releng/11.3/sys/opencrypto/cryptodev.c
==
--- releng/11.3/sys/opencrypto/cryptodev.c Tue May 12 16:55:32 2020
(r360975)
+++ releng/11.3/sys/opencrypto/cryptodev.c Tue May 12 16:57:47 2020
(r360976)
@@ -268,6 +268,7 @@ crypt_kop_to_32(const struct crypt_kop *from, struct c
struct csession {
TAILQ_ENTRY(csession) next;
u_int64_t sid;
+ volatile u_int refs;
u_int32_t ses;
struct mtx lock; /* for op submission */
@@ -294,6 +295,7 @@ struct cryptop_data {
struct fcrypt {
TAILQ_HEAD(csessionlist, csession) csessions;
int sesn;
+ struct mtx lock;
};
static int cryptof_ioctl(struct file *, u_long, void *,
@@ -320,8 +322,7 @@ static struct fileops cryptofops = {
};
static struct csession *csefind(struct fcrypt *, u_int);
-static int csedelete(struct fcrypt *, struct csession *);
-static struct csession *cseadd(struct fcrypt *, struct csession *);
+static int csedelete(struct fcrypt *, u_int);
static struct csession *csecreate(struct fcrypt *, u_int64_t, caddr_t,
u_int64_t, caddr_t, u_int64_t, u_int32_t, u_int32_t, struct enc_xform *,
struct auth_hash *);
@@ -612,13 +613,9 @@ bail:
break;
case CIOCFSESSION:
ses = *(u_int32_t *)data;
- cse = csefind(fcr, ses);
- if (cse == NULL) {
+ error = csedelete(fcr, ses);
+ if (error != 0)
SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
- return (EINVAL);
- }
- csedelete(fcr, cse);
- error = csefree(cse);
break;
case CIOCCRYPT:
#ifdef COMPAT_FREEBSD32
@@ -635,6 +632,7 @@ bail:
return (EINVAL);
}
error = cryptodev_op(cse, cop, active_cred, td);
+ (void)csefree(cse);
#ifdef COMPAT_FREEBSD32
if (error == 0 && cmd == CIOCCRYPT32)
crypt_op_to_32(cop, data);
@@ -701,6 +699,7 @@ bail:
return (EINVAL);
}
error = cryptodev_aead(cse, caead, active_cred, td);
+ (void)csefree(cse);
break;
default:
error = EINVAL;
@@ -1275,6 +1274,9 @@ cryptof_close(struct file *fp, struct thread *td)
while ((cse = TAILQ_FIRST(>csessions))) {
TAILQ_REMOVE(>csessions, cse, next);
+ KASSERT(cse->refs == 1,
+ ("%s: crypto session %p with %d refs", __func__, cse,
+ cse->refs));
(void)csefree(cse);
}
free(fcr, M_XDATA);
@@ -1295,34 +1297,35 @@ csefind(struct fcrypt *fcr, u_int ses)
{
struct csession *cse;
- TAILQ_FOREACH(cse, >csessions, next)
- if (cse->ses == ses)
+ mtx_lock(>lock);
+ TAILQ_FOREACH(cse, >csessions, next) {
+ if (cse->ses == ses) {
+ refcount_acquire(>refs);
+ mtx_unlock(>lock);
return (cse);
+ }
+ }
+ mtx_unlock(>lock);
return (NULL);
}
static int
-csedelete(struct fcrypt *fcr, struct csession *cse_del)
+csedelete(struct fcrypt *fcr, u_int ses)
{
struct csession *cse;
+ mtx_lock(>lock);
TAILQ_FOREACH(cse, >csessions, next) {
- if (cse == cse_del) {
+ if (cse->ses == ses) {
TAILQ_REMOVE(>csessions, cse, next);
- return (1);
+ mtx_unlock(>lock);
+ return (csefree(cse));
}
}
- return (0);
+ mtx_unlock(>lock);
+ return (EINVAL);
}
-static struct csession *
-cseadd(struct fcrypt *fcr, struct csession *cse)
-{
- TAILQ_INSERT_TAIL(>csessions, cse, next);
- cse->ses = fcr->sesn++;
- return (cse);
-}
-
struct csession *
csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t key, u_int64_t keylen,
caddr_t mackey, u_int64_t mackeylen, u_int32_t cipher, u_int32_t mac,
@@ -1334,6 +1337,7 @@ csecreate(struct fcrypt *fcr, u_int64_t sid, caddr_t k
if (cse == NULL)
return NULL;
mtx_init(>lock, "cryptodev", "crypto session lock", MTX_DEF);
+ refcount_init(>refs, 1);
cse->key = key;
cse->keylen = keylen/8;
cse->mackey = mackey;
@@ -1343,7 +1347,10 @@
svn commit: r360975 - releng/11.3/sys/netinet
Author: gordon
Date: Tue May 12 16:55:32 2020
New Revision: 360975
URL: https://svnweb.freebsd.org/changeset/base/360975
Log:
Fix improper checking in SCTP-AUTH shared key update.
Approved by: so
Security: FreeBSD-SA-20:14.sctp
Security: CVE-2019-15878
Modified:
releng/11.3/sys/netinet/sctp_auth.c
Modified: releng/11.3/sys/netinet/sctp_auth.c
==
--- releng/11.3/sys/netinet/sctp_auth.c Tue May 12 16:54:39 2020
(r360974)
+++ releng/11.3/sys/netinet/sctp_auth.c Tue May 12 16:55:32 2020
(r360975)
@@ -521,7 +521,7 @@ sctp_insert_sharedkey(struct sctp_keyhead *shared_keys
} else if (new_skey->keyid == skey->keyid) {
/* replace the existing key */
/* verify this key *can* be replaced */
- if ((skey->deactivated) && (skey->refcount > 1)) {
+ if ((skey->deactivated) || (skey->refcount > 1)) {
SCTPDBG(SCTP_DEBUG_AUTH1,
"can't replace shared key id %u\n",
new_skey->keyid);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360974 - in releng: 11.3/sys/netinet/libalias 11.4/sys/netinet/libalias 12.1/sys/netinet/libalias
Author: gordon
Date: Tue May 12 16:54:39 2020
New Revision: 360974
URL: https://svnweb.freebsd.org/changeset/base/360974
Log:
Fix memory disclosure vulnerability in libalias.
Approved by: so
Approved by: re (implicit)
Security: FreeBSD-SA-20:13.libalias
Security: CVE-2020-7455
Modified:
releng/11.3/sys/netinet/libalias/alias_ftp.c
releng/11.4/sys/netinet/libalias/alias_ftp.c
releng/12.1/sys/netinet/libalias/alias_ftp.c
Modified: releng/11.3/sys/netinet/libalias/alias_ftp.c
==
--- releng/11.3/sys/netinet/libalias/alias_ftp.cTue May 12 16:52:08
2020(r360973)
+++ releng/11.3/sys/netinet/libalias/alias_ftp.cTue May 12 16:54:39
2020(r360974)
@@ -752,7 +752,8 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
{
u_short new_len;
- new_len = htons(hlen + slen);
+ new_len = htons(hlen +
+ MIN(slen, maxpacketsize - hlen));
DifferentialChecksum(>ip_sum,
_len,
>ip_len,
Modified: releng/11.4/sys/netinet/libalias/alias_ftp.c
==
--- releng/11.4/sys/netinet/libalias/alias_ftp.cTue May 12 16:52:08
2020(r360973)
+++ releng/11.4/sys/netinet/libalias/alias_ftp.cTue May 12 16:54:39
2020(r360974)
@@ -752,7 +752,8 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
{
u_short new_len;
- new_len = htons(hlen + slen);
+ new_len = htons(hlen +
+ MIN(slen, maxpacketsize - hlen));
DifferentialChecksum(>ip_sum,
_len,
>ip_len,
Modified: releng/12.1/sys/netinet/libalias/alias_ftp.c
==
--- releng/12.1/sys/netinet/libalias/alias_ftp.cTue May 12 16:52:08
2020(r360973)
+++ releng/12.1/sys/netinet/libalias/alias_ftp.cTue May 12 16:54:39
2020(r360974)
@@ -754,7 +754,8 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
{
u_short new_len;
- new_len = htons(hlen + slen);
+ new_len = htons(hlen +
+ MIN(slen, maxpacketsize - hlen));
DifferentialChecksum(>ip_sum,
_len,
>ip_len,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360973 - in stable: 11/sys/netinet/libalias 12/sys/netinet/libalias
Author: emaste
Date: Tue May 12 16:52:08 2020
New Revision: 360973
URL: https://svnweb.freebsd.org/changeset/base/360973
Log:
MFC r360968: libalias: fix potential memory disclosure from ftp module
admbugs: 956
Submitted by: markj
Reported by: Vishnu Dev TJ working with Trend Micro Zero Day Initiative
Approved by: so
Security: FreeBSD-SA-20:13.libalias
Security: CVE-2020-7455
Security: ZDI-CAN-10849
Modified:
stable/11/sys/netinet/libalias/alias_ftp.c
Directory Properties:
stable/11/ (props changed)
Changes in other areas also in this revision:
Modified:
stable/12/sys/netinet/libalias/alias_ftp.c
Directory Properties:
stable/12/ (props changed)
Modified: stable/11/sys/netinet/libalias/alias_ftp.c
==
--- stable/11/sys/netinet/libalias/alias_ftp.c Tue May 12 16:51:11 2020
(r360972)
+++ stable/11/sys/netinet/libalias/alias_ftp.c Tue May 12 16:52:08 2020
(r360973)
@@ -752,7 +752,8 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
{
u_short new_len;
- new_len = htons(hlen + slen);
+ new_len = htons(hlen +
+ MIN(slen, maxpacketsize - hlen));
DifferentialChecksum(>ip_sum,
_len,
>ip_len,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360973 - in stable: 11/sys/netinet/libalias 12/sys/netinet/libalias
Author: emaste
Date: Tue May 12 16:52:08 2020
New Revision: 360973
URL: https://svnweb.freebsd.org/changeset/base/360973
Log:
MFC r360968: libalias: fix potential memory disclosure from ftp module
admbugs: 956
Submitted by: markj
Reported by: Vishnu Dev TJ working with Trend Micro Zero Day Initiative
Approved by: so
Security: FreeBSD-SA-20:13.libalias
Security: CVE-2020-7455
Security: ZDI-CAN-10849
Modified:
stable/12/sys/netinet/libalias/alias_ftp.c
Directory Properties:
stable/12/ (props changed)
Changes in other areas also in this revision:
Modified:
stable/11/sys/netinet/libalias/alias_ftp.c
Directory Properties:
stable/11/ (props changed)
Modified: stable/12/sys/netinet/libalias/alias_ftp.c
==
--- stable/12/sys/netinet/libalias/alias_ftp.c Tue May 12 16:51:11 2020
(r360972)
+++ stable/12/sys/netinet/libalias/alias_ftp.c Tue May 12 16:52:08 2020
(r360973)
@@ -754,7 +754,8 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
{
u_short new_len;
- new_len = htons(hlen + slen);
+ new_len = htons(hlen +
+ MIN(slen, maxpacketsize - hlen));
DifferentialChecksum(>ip_sum,
_len,
>ip_len,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360972 - in releng: 11.3/sys/netinet/libalias 11.4/sys/netinet/libalias 12.1/sys/netinet/libalias
Author: gordon
Date: Tue May 12 16:51:11 2020
New Revision: 360972
URL: https://svnweb.freebsd.org/changeset/base/360972
Log:
Fix insufficient packet length validation in libalias.
Approved by: so
Approved by: re (implicit)
Security: FreeBSD-SA-20:12.libalias
Security: CVE-2020-7454
Modified:
releng/11.3/sys/netinet/libalias/alias.c
releng/11.4/sys/netinet/libalias/alias.c
releng/12.1/sys/netinet/libalias/alias.c
Modified: releng/11.3/sys/netinet/libalias/alias.c
==
--- releng/11.3/sys/netinet/libalias/alias.cTue May 12 16:49:04 2020
(r360971)
+++ releng/11.3/sys/netinet/libalias/alias.cTue May 12 16:51:11 2020
(r360972)
@@ -439,10 +439,15 @@ fragment contained in ICMP data section */
static int
IcmpAliasIn(struct libalias *la, struct ip *pip)
{
- int iresult;
struct icmp *ic;
+ int dlen, iresult;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < ICMP_MINLEN)
+ return (PKT_ALIAS_IGNORED);
+
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@@ -461,6 +466,9 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
case ICMP_SOURCEQUENCH:
case ICMP_TIMXCEED:
case ICMP_PARAMPROB:
+ if (dlen < ICMP_ADVLENMIN ||
+ dlen < ICMP_ADVLEN(ic))
+ return (PKT_ALIAS_IGNORED);
iresult = IcmpAliasIn2(la, pip);
break;
case ICMP_ECHO:
@@ -729,10 +737,17 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
{
struct udphdr *ud;
struct alias_link *lnk;
+ int dlen;
LIBALIAS_LOCK_ASSERT(la);
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct udphdr))
+ return (PKT_ALIAS_IGNORED);
+
ud = (struct udphdr *)ip_next(pip);
+ if (dlen < ntohs(ud->uh_ulen))
+ return (PKT_ALIAS_IGNORED);
lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
@@ -821,12 +836,19 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int m
u_short dest_port;
u_short proxy_server_port;
int proxy_type;
- int error;
+ int dlen, error;
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled and not proxyrule found.*/
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct udphdr))
+ return (PKT_ALIAS_IGNORED);
+
ud = (struct udphdr *)ip_next(pip);
+ if (dlen < ntohs(ud->uh_ulen))
+ return (PKT_ALIAS_IGNORED);
+
proxy_type = ProxyCheck(la, _server_address,
_server_port, pip->ip_src, pip->ip_dst,
ud->uh_dport, pip->ip_p);
@@ -919,8 +941,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
{
struct tcphdr *tc;
struct alias_link *lnk;
+ int dlen;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct tcphdr))
+ return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
@@ -1039,7 +1066,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
static int
TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
{
- int proxy_type, error;
+ int dlen, proxy_type, error;
u_short dest_port;
u_short proxy_server_port;
struct in_addr dest_address;
@@ -1048,6 +1075,10 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int m
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct tcphdr))
+ return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
if (create)
Modified: releng/11.4/sys/netinet/libalias/alias.c
==
--- releng/11.4/sys/netinet/libalias/alias.cTue May 12 16:49:04 2020
(r360971)
+++ releng/11.4/sys/netinet/libalias/alias.cTue May 12 16:51:11 2020
(r360972)
@@ -439,10 +439,15 @@ fragment contained in ICMP data section */
static int
IcmpAliasIn(struct libalias *la, struct ip *pip)
{
- int iresult;
struct icmp *ic;
+ int dlen, iresult;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < ICMP_MINLEN)
+ return (PKT_ALIAS_IGNORED);
+
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@@ -461,6 +466,9 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
case
svn commit: r360971 - in stable: 11/sys/netinet/libalias 12/sys/netinet/libalias
Author: emaste
Date: Tue May 12 16:49:04 2020
New Revision: 360971
URL: https://svnweb.freebsd.org/changeset/base/360971
Log:
MFC r360967: libalias: validate packet lengths before accessing headers
admbugs: 956
Submitted by: ae
Reported by: Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative
Reported by: Vishnu working with Trend Micro Zero Day Initiative
Approved by: so
Security: FreeBSD-SA-20:12.libalias
Security: CVE-2020-7454
Security: ZDI-CAN-10624, ZDI-CAN-10850
Modified:
stable/11/sys/netinet/libalias/alias.c
Directory Properties:
stable/11/ (props changed)
Changes in other areas also in this revision:
Modified:
stable/12/sys/netinet/libalias/alias.c
Directory Properties:
stable/12/ (props changed)
Modified: stable/11/sys/netinet/libalias/alias.c
==
--- stable/11/sys/netinet/libalias/alias.c Tue May 12 16:46:14 2020
(r360970)
+++ stable/11/sys/netinet/libalias/alias.c Tue May 12 16:49:04 2020
(r360971)
@@ -439,10 +439,15 @@ fragment contained in ICMP data section */
static int
IcmpAliasIn(struct libalias *la, struct ip *pip)
{
- int iresult;
struct icmp *ic;
+ int dlen, iresult;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < ICMP_MINLEN)
+ return (PKT_ALIAS_IGNORED);
+
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@@ -461,6 +466,9 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
case ICMP_SOURCEQUENCH:
case ICMP_TIMXCEED:
case ICMP_PARAMPROB:
+ if (dlen < ICMP_ADVLENMIN ||
+ dlen < ICMP_ADVLEN(ic))
+ return (PKT_ALIAS_IGNORED);
iresult = IcmpAliasIn2(la, pip);
break;
case ICMP_ECHO:
@@ -729,10 +737,17 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
{
struct udphdr *ud;
struct alias_link *lnk;
+ int dlen;
LIBALIAS_LOCK_ASSERT(la);
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct udphdr))
+ return (PKT_ALIAS_IGNORED);
+
ud = (struct udphdr *)ip_next(pip);
+ if (dlen < ntohs(ud->uh_ulen))
+ return (PKT_ALIAS_IGNORED);
lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
@@ -821,12 +836,19 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int m
u_short dest_port;
u_short proxy_server_port;
int proxy_type;
- int error;
+ int dlen, error;
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled and not proxyrule found.*/
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct udphdr))
+ return (PKT_ALIAS_IGNORED);
+
ud = (struct udphdr *)ip_next(pip);
+ if (dlen < ntohs(ud->uh_ulen))
+ return (PKT_ALIAS_IGNORED);
+
proxy_type = ProxyCheck(la, _server_address,
_server_port, pip->ip_src, pip->ip_dst,
ud->uh_dport, pip->ip_p);
@@ -919,8 +941,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
{
struct tcphdr *tc;
struct alias_link *lnk;
+ int dlen;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct tcphdr))
+ return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
@@ -1039,7 +1066,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
static int
TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
{
- int proxy_type, error;
+ int dlen, proxy_type, error;
u_short dest_port;
u_short proxy_server_port;
struct in_addr dest_address;
@@ -1048,6 +1075,10 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int m
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct tcphdr))
+ return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
if (create)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360971 - in stable: 11/sys/netinet/libalias 12/sys/netinet/libalias
Author: emaste
Date: Tue May 12 16:49:04 2020
New Revision: 360971
URL: https://svnweb.freebsd.org/changeset/base/360971
Log:
MFC r360967: libalias: validate packet lengths before accessing headers
admbugs: 956
Submitted by: ae
Reported by: Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative
Reported by: Vishnu working with Trend Micro Zero Day Initiative
Approved by: so
Security: FreeBSD-SA-20:12.libalias
Security: CVE-2020-7454
Security: ZDI-CAN-10624, ZDI-CAN-10850
Modified:
stable/12/sys/netinet/libalias/alias.c
Directory Properties:
stable/12/ (props changed)
Changes in other areas also in this revision:
Modified:
stable/11/sys/netinet/libalias/alias.c
Directory Properties:
stable/11/ (props changed)
Modified: stable/12/sys/netinet/libalias/alias.c
==
--- stable/12/sys/netinet/libalias/alias.c Tue May 12 16:46:14 2020
(r360970)
+++ stable/12/sys/netinet/libalias/alias.c Tue May 12 16:49:04 2020
(r360971)
@@ -441,10 +441,15 @@ fragment contained in ICMP data section */
static int
IcmpAliasIn(struct libalias *la, struct ip *pip)
{
- int iresult;
struct icmp *ic;
+ int dlen, iresult;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < ICMP_MINLEN)
+ return (PKT_ALIAS_IGNORED);
+
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@@ -463,6 +468,9 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
case ICMP_SOURCEQUENCH:
case ICMP_TIMXCEED:
case ICMP_PARAMPROB:
+ if (dlen < ICMP_ADVLENMIN ||
+ dlen < ICMP_ADVLEN(ic))
+ return (PKT_ALIAS_IGNORED);
iresult = IcmpAliasIn2(la, pip);
break;
case ICMP_ECHO:
@@ -731,10 +739,17 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
{
struct udphdr *ud;
struct alias_link *lnk;
+ int dlen;
LIBALIAS_LOCK_ASSERT(la);
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct udphdr))
+ return (PKT_ALIAS_IGNORED);
+
ud = (struct udphdr *)ip_next(pip);
+ if (dlen < ntohs(ud->uh_ulen))
+ return (PKT_ALIAS_IGNORED);
lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
@@ -823,12 +838,19 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int m
u_short dest_port;
u_short proxy_server_port;
int proxy_type;
- int error;
+ int dlen, error;
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled and not proxyrule found.*/
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct udphdr))
+ return (PKT_ALIAS_IGNORED);
+
ud = (struct udphdr *)ip_next(pip);
+ if (dlen < ntohs(ud->uh_ulen))
+ return (PKT_ALIAS_IGNORED);
+
proxy_type = ProxyCheck(la, _server_address,
_server_port, pip->ip_src, pip->ip_dst,
ud->uh_dport, pip->ip_p);
@@ -921,8 +943,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
{
struct tcphdr *tc;
struct alias_link *lnk;
+ int dlen;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct tcphdr))
+ return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
@@ -1041,7 +1068,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
static int
TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
{
- int proxy_type, error;
+ int dlen, proxy_type, error;
u_short dest_port;
u_short proxy_server_port;
struct in_addr dest_address;
@@ -1050,6 +1077,10 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int m
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct tcphdr))
+ return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
if (create)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360970 - releng/12.1/sys/dev/e1000
Author: gordon
Date: Tue May 12 16:46:14 2020
New Revision: 360970
URL: https://svnweb.freebsd.org/changeset/base/360970
Log:
Fix igb interfaces failing to switch to inactive state.
Approved by: so
Security: FreeBSD-EN-20:09.igb
Modified:
releng/12.1/sys/dev/e1000/if_em.c
Modified: releng/12.1/sys/dev/e1000/if_em.c
==
--- releng/12.1/sys/dev/e1000/if_em.c Tue May 12 16:44:13 2020
(r360969)
+++ releng/12.1/sys/dev/e1000/if_em.c Tue May 12 16:46:14 2020
(r360970)
@@ -1395,10 +1395,8 @@ em_intr(void *arg)
IFDI_INTR_DISABLE(ctx);
/* Link status change */
- if (reg_icr & (E1000_ICR_RXSEQ | E1000_ICR_LSC)) {
- adapter->hw.mac.get_link_status = 1;
- iflib_admin_intr_deferred(ctx);
- }
+ if (reg_icr & (E1000_ICR_RXSEQ | E1000_ICR_LSC))
+ em_handle_link(ctx);
if (reg_icr & E1000_ICR_RXO)
adapter->rx_overruns++;
@@ -1481,22 +1479,24 @@ em_msix_link(void *arg)
if (reg_icr & (E1000_ICR_RXSEQ | E1000_ICR_LSC)) {
em_handle_link(adapter->ctx);
- } else {
- E1000_WRITE_REG(>hw, E1000_IMS,
- EM_MSIX_LINK | E1000_IMS_LSC);
- if (adapter->hw.mac.type >= igb_mac_min)
- E1000_WRITE_REG(>hw, E1000_EIMS,
adapter->link_mask);
+ } else if (adapter->hw.mac.type == e1000_82574) {
+ /* Only re-arm 82574 if em_if_update_admin_status() won't. */
+ E1000_WRITE_REG(>hw, E1000_IMS, EM_MSIX_LINK |
+ E1000_IMS_LSC);
}
- /*
-* Because we must read the ICR for this interrupt
-* it may clear other causes using autoclear, for
-* this reason we simply create a soft interrupt
-* for all these vectors.
-*/
- if (reg_icr && adapter->hw.mac.type < igb_mac_min) {
- E1000_WRITE_REG(>hw,
- E1000_ICS, adapter->ims);
+ if (adapter->hw.mac.type == e1000_82574) {
+ /*
+* Because we must read the ICR for this interrupt it may
+* clear other causes using autoclear, for this reason we
+* simply create a soft interrupt for all these vectors.
+*/
+ if (reg_icr)
+ E1000_WRITE_REG(>hw, E1000_ICS, adapter->ims);
+ } else {
+ /* Re-arm unconditionally */
+ E1000_WRITE_REG(>hw, E1000_IMS, E1000_IMS_LSC);
+ E1000_WRITE_REG(>hw, E1000_EIMS, adapter->link_mask);
}
return (FILTER_HANDLED);
@@ -1512,7 +1512,6 @@ em_handle_link(void *context)
iflib_admin_intr_deferred(ctx);
}
-
/*
*
* Media Ioctl callback
@@ -1829,14 +1828,15 @@ em_if_update_admin_status(if_ctx_t ctx)
em_update_stats_counters(adapter);
/* Reset LAA into RAR[0] on 82571 */
- if ((adapter->hw.mac.type == e1000_82571) &&
- e1000_get_laa_state_82571(>hw))
- e1000_rar_set(>hw, adapter->hw.mac.addr, 0);
+ if (hw->mac.type == e1000_82571 && e1000_get_laa_state_82571(hw))
+ e1000_rar_set(hw, hw->mac.addr, 0);
- if (adapter->hw.mac.type < em_mac_min)
+ if (hw->mac.type < em_mac_min)
lem_smartspeed(adapter);
-
- E1000_WRITE_REG(>hw, E1000_IMS, EM_MSIX_LINK | E1000_IMS_LSC);
+ else if (hw->mac.type == e1000_82574 &&
+ adapter->intr_type == IFLIB_INTR_MSIX)
+ E1000_WRITE_REG(>hw, E1000_IMS, EM_MSIX_LINK |
+ E1000_IMS_LSC);
}
static void
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360969 - in releng: 11.3/contrib/tzdata 12.1/contrib/tzdata
Author: gordon Date: Tue May 12 16:44:13 2020 New Revision: 360969 URL: https://svnweb.freebsd.org/changeset/base/360969 Log: Update to tzdata 2020a. Approved by: so Security: EN-20:08.tzdata Modified: releng/11.3/contrib/tzdata/Makefile releng/11.3/contrib/tzdata/NEWS releng/11.3/contrib/tzdata/africa releng/11.3/contrib/tzdata/asia releng/11.3/contrib/tzdata/backward releng/11.3/contrib/tzdata/backzone releng/11.3/contrib/tzdata/europe releng/11.3/contrib/tzdata/leap-seconds.list releng/11.3/contrib/tzdata/leapseconds releng/11.3/contrib/tzdata/leapseconds.awk releng/11.3/contrib/tzdata/northamerica releng/11.3/contrib/tzdata/theory.html releng/11.3/contrib/tzdata/version releng/11.3/contrib/tzdata/zone.tab releng/11.3/contrib/tzdata/zone1970.tab releng/12.1/contrib/tzdata/Makefile releng/12.1/contrib/tzdata/NEWS releng/12.1/contrib/tzdata/africa releng/12.1/contrib/tzdata/asia releng/12.1/contrib/tzdata/backward releng/12.1/contrib/tzdata/backzone releng/12.1/contrib/tzdata/europe releng/12.1/contrib/tzdata/leap-seconds.list releng/12.1/contrib/tzdata/leapseconds releng/12.1/contrib/tzdata/leapseconds.awk releng/12.1/contrib/tzdata/northamerica releng/12.1/contrib/tzdata/theory.html releng/12.1/contrib/tzdata/version releng/12.1/contrib/tzdata/zone.tab releng/12.1/contrib/tzdata/zone1970.tab Modified: releng/11.3/contrib/tzdata/Makefile == --- releng/11.3/contrib/tzdata/Makefile Tue May 12 16:38:28 2020 (r360968) +++ releng/11.3/contrib/tzdata/Makefile Tue May 12 16:44:13 2020 (r360969) @@ -150,6 +150,15 @@ TIME_T_ALTERNATIVES_TAIL = int32_t uint32_t uint64_t REDO= posix_right +# Whether to put an "Expires" line in the leapseconds file. +# Use EXPIRES_LINE=1 to put the line in, 0 to omit it. +# The EXPIRES_LINE value matters only if REDO's value contains "right". +# If you change EXPIRES_LINE, remove the leapseconds file before running "make". +# zic's support for the Expires line was introduced in tzdb 2020a, +# and EXPIRES_LINE defaults to 0 for now so that the leapseconds file +# can be given to older zic implementations. +EXPIRES_LINE= 0 + # To install data in text form that has all the information of the TZif data, # (optionally incorporating leap second information), use # TZDATA_TEXT=tzdata.zi leapseconds @@ -295,8 +304,9 @@ GCC_DEBUG_FLAGS = -DGCC_LINT -g3 -O3 -fno-common \ # than TM_GMTOFF and TM_ZONE. However, most of them are standardized. # # # # To omit or support the external variable "tzname", add one of: -# #-DHAVE_TZNAME=0 -# #-DHAVE_TZNAME=1 +# #-DHAVE_TZNAME=0 # do not support "tzname" +# #-DHAVE_TZNAME=1 # support "tzname", which is defined by system library +# #-DHAVE_TZNAME=2 # support and define "tzname" # # to the "CFLAGS=" line. "tzname" is required by POSIX 1988 and later. # # If not defined, the code attempts to guess HAVE_TZNAME from other macros. # # Warning: unless time_tz is also defined, HAVE_TZNAME=1 can cause @@ -304,16 +314,20 @@ GCC_DEBUG_FLAGS = -DGCC_LINT -g3 -O3 -fno-common \ # # presumably due to memory allocation issues. # # # # To omit or support the external variables "timezone" and "daylight", add -# #-DUSG_COMPAT=0 -# #-DUSG_COMPAT=1 +# #-DUSG_COMPAT=0 # do not support +# #-DUSG_COMPAT=1 # support, and variables are defined by system library +# #-DUSG_COMPAT=2 # support and define variables # # to the "CFLAGS=" line; "timezone" and "daylight" are inspired by # # Unix Systems Group code and are required by POSIX 2008 (with XSI) and later. # # If not defined, the code attempts to guess USG_COMPAT from other macros. # # # # To support the external variable "altzone", add -# #-DALTZONE +# #-DALTZONE=0 # do not support +# #-DALTZONE=1 # support "altzone", which is defined by system library +# #-DALTZONE=2 # support and define "altzone" # # to the end of the "CFLAGS=" line; although "altzone" appeared in # # System V Release 3.1 it has not been standardized. +# # If not defined, the code attempts to guess ALTZONE from other macros. # # If you want functions that were inspired by early versions of X3J11's work, # add @@ -321,9 +335,7 @@ GCC_DEBUG_FLAGS = -DGCC_LINT -g3 -O3 -fno-common \ # to the end of the "CFLAGS=" line. This arranges for the functions # "tzsetwall", "offtime", "timelocal", "timegm", "timeoff", # "posix2time", and "time2posix" to be added to the time conversion library. -# "tzsetwall" is like "tzset" except that it arranges for local wall clock -# time (rather than the timezone specified in the TZ environment variable) -# to be used. +# "tzsetwall" is deprecated and is intended to be removed soon; see NEWS. # "offtime" is like "gmtime" except that it accepts a second (long) argument # that gives an offset to add to the time_t when converting it. # "timelocal" is
svn commit: r360968 - head/sys/netinet/libalias
Author: emaste
Date: Tue May 12 16:38:28 2020
New Revision: 360968
URL: https://svnweb.freebsd.org/changeset/base/360968
Log:
libalias: fix potential memory disclosure from ftp module
admbugs: 956
Submitted by: markj
Reported by: Vishnu Dev TJ working with Trend Micro Zero Day Initiative
Security: FreeBSD-SA-20:13.libalias
Security: CVE-2020-7455
Security: ZDI-CAN-10849
Modified:
head/sys/netinet/libalias/alias_ftp.c
Modified: head/sys/netinet/libalias/alias_ftp.c
==
--- head/sys/netinet/libalias/alias_ftp.c Tue May 12 16:33:04 2020
(r360967)
+++ head/sys/netinet/libalias/alias_ftp.c Tue May 12 16:38:28 2020
(r360968)
@@ -754,7 +754,8 @@ NewFtpMessage(struct libalias *la, struct ip *pip,
{
u_short new_len;
- new_len = htons(hlen + slen);
+ new_len = htons(hlen +
+ MIN(slen, maxpacketsize - hlen));
DifferentialChecksum(>ip_sum,
_len,
>ip_len,
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360967 - head/sys/netinet/libalias
Author: emaste
Date: Tue May 12 16:33:04 2020
New Revision: 360967
URL: https://svnweb.freebsd.org/changeset/base/360967
Log:
libalias: validate packet lengths before accessing headers
admbugs: 956
Submitted by: ae
Reported by: Lucas Leong (@_wmliang_) of Trend Micro Zero Day Initiative
Reported by: Vishnu working with Trend Micro Zero Day Initiative
Security: FreeBSD-SA-20:12.libalias
Modified:
head/sys/netinet/libalias/alias.c
Modified: head/sys/netinet/libalias/alias.c
==
--- head/sys/netinet/libalias/alias.c Tue May 12 16:10:07 2020
(r360966)
+++ head/sys/netinet/libalias/alias.c Tue May 12 16:33:04 2020
(r360967)
@@ -442,10 +442,15 @@ fragment contained in ICMP data section */
static int
IcmpAliasIn(struct libalias *la, struct ip *pip)
{
- int iresult;
struct icmp *ic;
+ int dlen, iresult;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < ICMP_MINLEN)
+ return (PKT_ALIAS_IGNORED);
+
/* Return if proxy-only mode is enabled */
if (la->packetAliasMode & PKT_ALIAS_PROXY_ONLY)
return (PKT_ALIAS_OK);
@@ -464,6 +469,9 @@ IcmpAliasIn(struct libalias *la, struct ip *pip)
case ICMP_SOURCEQUENCH:
case ICMP_TIMXCEED:
case ICMP_PARAMPROB:
+ if (dlen < ICMP_ADVLENMIN ||
+ dlen < ICMP_ADVLEN(ic))
+ return (PKT_ALIAS_IGNORED);
iresult = IcmpAliasIn2(la, pip);
break;
case ICMP_ECHO:
@@ -732,10 +740,17 @@ UdpAliasIn(struct libalias *la, struct ip *pip)
{
struct udphdr *ud;
struct alias_link *lnk;
+ int dlen;
LIBALIAS_LOCK_ASSERT(la);
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct udphdr))
+ return (PKT_ALIAS_IGNORED);
+
ud = (struct udphdr *)ip_next(pip);
+ if (dlen < ntohs(ud->uh_ulen))
+ return (PKT_ALIAS_IGNORED);
lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
ud->uh_sport, ud->uh_dport,
@@ -824,12 +839,19 @@ UdpAliasOut(struct libalias *la, struct ip *pip, int m
u_short dest_port;
u_short proxy_server_port;
int proxy_type;
- int error;
+ int dlen, error;
LIBALIAS_LOCK_ASSERT(la);
/* Return if proxy-only mode is enabled and not proxyrule found.*/
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct udphdr))
+ return (PKT_ALIAS_IGNORED);
+
ud = (struct udphdr *)ip_next(pip);
+ if (dlen < ntohs(ud->uh_ulen))
+ return (PKT_ALIAS_IGNORED);
+
proxy_type = ProxyCheck(la, _server_address,
_server_port, pip->ip_src, pip->ip_dst,
ud->uh_dport, pip->ip_p);
@@ -922,8 +944,13 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
{
struct tcphdr *tc;
struct alias_link *lnk;
+ int dlen;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct tcphdr))
+ return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
lnk = FindUdpTcpIn(la, pip->ip_src, pip->ip_dst,
@@ -1042,7 +1069,7 @@ TcpAliasIn(struct libalias *la, struct ip *pip)
static int
TcpAliasOut(struct libalias *la, struct ip *pip, int maxpacketsize, int create)
{
- int proxy_type, error;
+ int dlen, proxy_type, error;
u_short dest_port;
u_short proxy_server_port;
struct in_addr dest_address;
@@ -1051,6 +1078,10 @@ TcpAliasOut(struct libalias *la, struct ip *pip, int m
struct alias_link *lnk;
LIBALIAS_LOCK_ASSERT(la);
+
+ dlen = ntohs(pip->ip_len) - (pip->ip_hl << 2);
+ if (dlen < sizeof(struct tcphdr))
+ return (PKT_ALIAS_IGNORED);
tc = (struct tcphdr *)ip_next(pip);
if (create)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360966 - in head: share/man/man4 sys/dev/rtwn/usb sys/dev/usb
Author: markj
Date: Tue May 12 16:10:07 2020
New Revision: 360966
URL: https://svnweb.freebsd.org/changeset/base/360966
Log:
rtwn: Add a USB ID for the TP-Link TL-WN727N.
PR: 246417
Submitted by: Viktor G.
MFC after:1 week
Modified:
head/share/man/man4/rtwn_usb.4
head/sys/dev/rtwn/usb/rtwn_usb_attach.h
head/sys/dev/usb/usbdevs
Modified: head/share/man/man4/rtwn_usb.4
==
--- head/share/man/man4/rtwn_usb.4 Tue May 12 16:05:21 2020
(r360965)
+++ head/share/man/man4/rtwn_usb.4 Tue May 12 16:10:07 2020
(r360966)
@@ -29,7 +29,7 @@
.\"
.\" $FreeBSD$
.\"/
-.Dd May 9, 2020
+.Dd May 12, 2020
.Dt RTWN_USB 4
.Os
.Sh NAME
@@ -103,6 +103,7 @@ based USB wireless network adapters, including:
.It "TP-Link TL-WN722N v2" Ta RTL8188EU Ta USB 2.0
.It "TP-LINK TL-WN723N v3" Ta RTL8188EU Ta USB 2.0
.It "TP-LINK TL-WN725N v2" Ta RTL8188EU Ta USB 2.0
+.It "TP-LINK TL-WN727N v5" Ta RTL8188EU Ta USB 2.0
.It "TP-LINK TL-WN821N v4" Ta RTL8192CU Ta USB 2.0
.It "TP-LINK TL-WN821N v5" Ta RTL8192EU Ta USB 2.0
.It "TP-LINK TL-WN822N v4" Ta RTL8192EU Ta USB 2.0
Modified: head/sys/dev/rtwn/usb/rtwn_usb_attach.h
==
--- head/sys/dev/rtwn/usb/rtwn_usb_attach.h Tue May 12 16:05:21 2020
(r360965)
+++ head/sys/dev/rtwn/usb/rtwn_usb_attach.h Tue May 12 16:10:07 2020
(r360966)
@@ -120,6 +120,7 @@ static const STRUCT_USB_HOST_ID rtwn_devs[] = {
RTWN_RTL8188EU_DEV(DLINK, DWA125D1),
RTWN_RTL8188EU_DEV(ELECOM, WDC150SU2M),
RTWN_RTL8188EU_DEV(TPLINK, WN722NV2),
+ RTWN_RTL8188EU_DEV(TPLINK, WN727NV5),
RTWN_RTL8188EU_DEV(REALTEK, RTL8188ETV),
RTWN_RTL8188EU_DEV(REALTEK, RTL8188EU),
#undef RTWN_RTL8188EU_DEV
Modified: head/sys/dev/usb/usbdevs
==
--- head/sys/dev/usb/usbdevsTue May 12 16:05:21 2020(r360965)
+++ head/sys/dev/usb/usbdevsTue May 12 16:10:07 2020(r360966)
@@ -4664,6 +4664,7 @@ product TPLINK WN821NV5 0x0107 TL-WN821N v5
product TPLINK WN822NV40x0108 TL-WN822N v4
product TPLINK WN823NV20x0109 TL-WN823N v2
product TPLINK WN722NV20x010c TL-WN722N v2
+product TPLINK WN727NV50x0111 TL-WN727N v5
product TPLINK T4UV2 0x010d Archer T4U ver 2
product TPLINK T4UHV1 0x0103 Archer T4UH ver 1
product TPLINK T4UHV2 0x010e Archer T4UH ver 2
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360965 - in stable: 11/usr.sbin/bhyve 12/usr.sbin/bhyve
Author: jhb Date: Tue May 12 16:05:21 2020 New Revision: 360965 URL: https://svnweb.freebsd.org/changeset/base/360965 Log: MFC 358394: Use stream_read() to read all 12 bytes of the RFB client version. read() can return a short read, whereas stream_read() waits until the full version string is read. Modified: stable/11/usr.sbin/bhyve/rfb.c Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/usr.sbin/bhyve/rfb.c Directory Properties: stable/12/ (props changed) Modified: stable/11/usr.sbin/bhyve/rfb.c == --- stable/11/usr.sbin/bhyve/rfb.c Tue May 12 15:22:40 2020 (r360964) +++ stable/11/usr.sbin/bhyve/rfb.c Tue May 12 16:05:21 2020 (r360965) @@ -72,6 +72,7 @@ static int rfb_debug = 0; #defineDPRINTF(params) if (rfb_debug) printf params #defineWPRINTF(params) printf params +#define VERSION_LENGTH 12 #define AUTH_LENGTH16 #define PASSWD_LENGTH 8 @@ -765,7 +766,7 @@ rfb_handle(struct rfb_softc *rc, int cfd) stream_write(cfd, vbuf, strlen(vbuf)); /* 1b. Read client version */ - len = read(cfd, buf, sizeof(buf)); + len = stream_read(cfd, buf, VERSION_LENGTH); /* 2a. Send security type */ buf[0] = 1; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360965 - in stable: 11/usr.sbin/bhyve 12/usr.sbin/bhyve
Author: jhb Date: Tue May 12 16:05:21 2020 New Revision: 360965 URL: https://svnweb.freebsd.org/changeset/base/360965 Log: MFC 358394: Use stream_read() to read all 12 bytes of the RFB client version. read() can return a short read, whereas stream_read() waits until the full version string is read. Modified: stable/12/usr.sbin/bhyve/rfb.c Directory Properties: stable/12/ (props changed) Changes in other areas also in this revision: Modified: stable/11/usr.sbin/bhyve/rfb.c Directory Properties: stable/11/ (props changed) Modified: stable/12/usr.sbin/bhyve/rfb.c == --- stable/12/usr.sbin/bhyve/rfb.c Tue May 12 15:22:40 2020 (r360964) +++ stable/12/usr.sbin/bhyve/rfb.c Tue May 12 16:05:21 2020 (r360965) @@ -76,6 +76,7 @@ static int rfb_debug = 0; #defineDPRINTF(params) if (rfb_debug) PRINTLN params #defineWPRINTF(params) PRINTLN params +#define VERSION_LENGTH 12 #define AUTH_LENGTH16 #define PASSWD_LENGTH 8 @@ -769,7 +770,7 @@ rfb_handle(struct rfb_softc *rc, int cfd) stream_write(cfd, vbuf, strlen(vbuf)); /* 1b. Read client version */ - len = read(cfd, buf, sizeof(buf)); + len = stream_read(cfd, buf, VERSION_LENGTH); /* 2a. Send security type */ buf[0] = 1; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360964 - in head: lib/libclang_rt lib/libthr lib/msun libexec/rtld-elf libexec/tftpd/tests share/mk stand stand/arm/uboot stand/efi stand/efi/boot1 stand/efi/loader stand/i386/boot2 st...
Author: vangyzen
Date: Tue May 12 15:22:40 2020
New Revision: 360964
URL: https://svnweb.freebsd.org/changeset/base/360964
Log:
Remove tests for obsolete compilers in the build system
Assume gcc is at least 6.4, the oldest xtoolchain in the ports tree.
Assume clang is at least 6, which was in 11.2-RELEASE. Drop conditions
for older compilers.
Reviewed by: imp (earlier version), emaste, jhb
MFC after:2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision:https://reviews.freebsd.org/D24802
Modified:
head/lib/libclang_rt/Makefile.inc
head/lib/libthr/Makefile
head/lib/msun/Makefile
head/libexec/rtld-elf/Makefile
head/libexec/tftpd/tests/Makefile
head/share/mk/bsd.compiler.mk
head/share/mk/bsd.sys.mk
head/stand/arm/uboot/Makefile
head/stand/defs.mk
head/stand/efi/Makefile
head/stand/efi/boot1/Makefile
head/stand/efi/loader/Makefile
head/stand/i386/boot2/Makefile
head/stand/i386/isoboot/Makefile
head/stand/libsa/Makefile
head/sys/conf/Makefile.arm
head/sys/conf/Makefile.powerpc
head/sys/conf/kern.mk
head/sys/conf/kern.post.mk
head/sys/conf/kern.pre.mk
head/sys/conf/kmod.mk
head/sys/modules/Makefile
head/usr.sbin/acpi/acpidb/Makefile
head/usr.sbin/trpt/Makefile
head/usr.sbin/zic/zic/Makefile
Modified: head/lib/libclang_rt/Makefile.inc
==
--- head/lib/libclang_rt/Makefile.inc Tue May 12 14:47:38 2020
(r360963)
+++ head/lib/libclang_rt/Makefile.inc Tue May 12 15:22:40 2020
(r360964)
@@ -32,7 +32,7 @@ CFLAGS+= ${PICFLAG}
CFLAGS+= -fno-builtin
CFLAGS+= -fno-exceptions
CXXFLAGS+= -fno-rtti
-.if ${COMPILER_TYPE} == clang && ${COMPILER_VERSION} >= 30700
+.if ${COMPILER_TYPE} == clang
CFLAGS+= -fno-sanitize=safe-stack
.endif
CFLAGS+= -fno-stack-protector
Modified: head/lib/libthr/Makefile
==
--- head/lib/libthr/MakefileTue May 12 14:47:38 2020(r360963)
+++ head/lib/libthr/MakefileTue May 12 15:22:40 2020(r360964)
@@ -29,10 +29,7 @@ CFLAGS+=-Winline
CFLAGS.thr_stack.c+= -Wno-cast-align
CFLAGS.rtld_malloc.c+= -Wno-cast-align
-.include
-.if !(${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} < 40300)
CFLAGS.thr_symbols.c+= -Wno-missing-variable-declarations
-.endif
.ifndef NO_THREAD_UNWIND_STACK
CFLAGS+=-fexceptions
Modified: head/lib/msun/Makefile
==
--- head/lib/msun/Makefile Tue May 12 14:47:38 2020(r360963)
+++ head/lib/msun/Makefile Tue May 12 15:22:40 2020(r360964)
@@ -108,13 +108,13 @@ COMMON_SRCS+= catrigl.c \
s_nextafterl.c s_nexttoward.c s_remquol.c s_rintl.c s_roundl.c \
s_scalbnl.c s_sinl.c s_sincosl.c \
s_tanhl.c s_tanl.c s_truncl.c w_cabsl.c
-# Work around this warning from gcc 6:
+# Work around this warning from gcc:
# lib/msun/ld80/e_powl.c:275:1: error: floating constant exceeds range of
# 'long double' [-Werror=overflow]
# if( y >= LDBL_MAX )
# See also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=130067
.include
-.if ${COMPILER_TYPE} == "gcc" && ${COMPILER_VERSION} >= 6
+.if ${COMPILER_TYPE} == "gcc"
CFLAGS.e_powl.c+= -Wno-error=overflow
.endif
.endif
Modified: head/libexec/rtld-elf/Makefile
==
--- head/libexec/rtld-elf/Makefile Tue May 12 14:47:38 2020
(r360963)
+++ head/libexec/rtld-elf/Makefile Tue May 12 15:22:40 2020
(r360964)
@@ -90,8 +90,4 @@ ${PROG_FULL}: ${VERSION_MAP}
# GCC warns about redeclarations even though they have __exported
# and are therefore not identical to the ones from the system headers.
CFLAGS+= -Wno-redundant-decls
-.if ${COMPILER_VERSION} < 40300
-# Silence -Wshadow false positives in ancient GCC
-CFLAGS+= -Wno-shadow
-.endif
.endif
Modified: head/libexec/tftpd/tests/Makefile
==
--- head/libexec/tftpd/tests/Makefile Tue May 12 14:47:38 2020
(r360963)
+++ head/libexec/tftpd/tests/Makefile Tue May 12 15:22:40 2020
(r360964)
@@ -2,11 +2,8 @@
.include
-# Skip on GCC 4.2, because it lacks __COUNTER__
-.if ${COMPILER_TYPE} != "gcc" || ${COMPILER_VERSION} >= 40300
ATF_TESTS_C= functional
TEST_METADATA.functional+= timeout=15
-.endif
LIBADD=util
WARNS?=6
Modified: head/share/mk/bsd.compiler.mk
==
--- head/share/mk/bsd.compiler.mk Tue May 12 14:47:38 2020
(r360963)
+++ head/share/mk/bsd.compiler.mk Tue May 12 15:22:40 2020
(r360964)
@@ -205,20 +205,12 @@ ${X_}COMPILER_FREEBSD_VERSION=unknown
${X_}COMPILER_RESOURCE_DIR!=
svn commit: r360963 - stable/11/release/doc/share/xml
Author: gjb Date: Tue May 12 14:47:38 2020 New Revision: 360963 URL: https://svnweb.freebsd.org/changeset/base/360963 Log: Bump version numbers in the stable/11 release notes. Sponsored by: Rubicon Communications, LLC (netgate.com) Modified: stable/11/release/doc/share/xml/release.ent Modified: stable/11/release/doc/share/xml/release.ent == --- stable/11/release/doc/share/xml/release.ent Tue May 12 14:01:14 2020 (r360962) +++ stable/11/release/doc/share/xml/release.ent Tue May 12 14:47:38 2020 (r360963) @@ -6,7 +6,7 @@ - + - + - + - + https://www.FreeBSD.org/snapshots/;> ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360962 - stable/12/sys/kern
Author: markj
Date: Tue May 12 14:01:14 2020
New Revision: 360962
URL: https://svnweb.freebsd.org/changeset/base/360962
Log:
MFC r360438:
Make sendfile(SF_SYNC)'s CV wait interruptible.
Modified:
stable/12/sys/kern/kern_sendfile.c
Directory Properties:
stable/12/ (props changed)
Modified: stable/12/sys/kern/kern_sendfile.c
==
--- stable/12/sys/kern/kern_sendfile.c Tue May 12 14:01:12 2020
(r360961)
+++ stable/12/sys/kern/kern_sendfile.c Tue May 12 14:01:14 2020
(r360962)
@@ -95,8 +95,36 @@ struct sendfile_sync {
struct mtx mtx;
struct cv cv;
unsignedcount;
+ boolwaiting;
};
+static void
+sendfile_sync_destroy(struct sendfile_sync *sfs)
+{
+ KASSERT(sfs->count == 0, ("sendfile sync %p still busy", sfs));
+
+ cv_destroy(>cv);
+ mtx_destroy(>mtx);
+ free(sfs, M_SENDFILE);
+}
+
+static void
+sendfile_sync_signal(struct sendfile_sync *sfs)
+{
+ mtx_lock(>mtx);
+ KASSERT(sfs->count > 0, ("sendfile sync %p not busy", sfs));
+ if (--sfs->count == 0) {
+ if (!sfs->waiting) {
+ /* The sendfile() waiter was interrupted by a signal. */
+ sendfile_sync_destroy(sfs);
+ return;
+ } else {
+ cv_signal(>cv);
+ }
+ }
+ mtx_unlock(>mtx);
+}
+
counter_u64_t sfstat[sizeof(struct sfstat) / sizeof(uint64_t)];
static void
@@ -140,12 +168,7 @@ sendfile_free_mext(struct mbuf *m)
if (m->m_ext.ext_flags & EXT_FLAG_SYNC) {
struct sendfile_sync *sfs = m->m_ext.ext_arg2;
-
- mtx_lock(>mtx);
- KASSERT(sfs->count > 0, ("Sendfile sync botchup count == 0"));
- if (--sfs->count == 0)
- cv_signal(>cv);
- mtx_unlock(>mtx);
+ sendfile_sync_signal(sfs);
}
}
@@ -535,6 +558,7 @@ vn_sendfile(struct file *fp, int sockfd, struct uio *h
sfs = malloc(sizeof(*sfs), M_SENDFILE, M_WAITOK | M_ZERO);
mtx_init(>mtx, "sendfile", NULL, MTX_DEF);
cv_init(>cv, "sendfile");
+ sfs->waiting = true;
}
rem = nbytes ? omin(nbytes, obj_size - offset) : obj_size - offset;
@@ -896,11 +920,13 @@ out:
if (sfs != NULL) {
mtx_lock(>mtx);
if (sfs->count != 0)
- cv_wait(>cv, >mtx);
- KASSERT(sfs->count == 0, ("sendfile sync still busy"));
- cv_destroy(>cv);
- mtx_destroy(>mtx);
- free(sfs, M_SENDFILE);
+ error = cv_wait_sig(>cv, >mtx);
+ if (sfs->count == 0) {
+ sendfile_sync_destroy(sfs);
+ } else {
+ sfs->waiting = false;
+ mtx_unlock(>mtx);
+ }
}
if (error == ERESTART)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360961 - head/sys/netinet6
Author: gallatin
Date: Tue May 12 14:01:12 2020
New Revision: 360961
URL: https://svnweb.freebsd.org/changeset/base/360961
Log:
IPv6: sync IP_NO_SND_TAG_RL support from IPv4
The IP_NO_SND_TAG_RL flag to ip{,6}_output() means that the packets
being sent should bypass hardware rate limiting. This is typically used
by modern TCP stacks for rexmits.
This support was added to IPv4 in r352657, but never added to IPv6, even
though rack and bbr call ip6_output() with this flag.
Reviewed by: rrs
Sponsored by: Netflix
Differential Revision:https://reviews.freebsd.org/D24822
Modified:
head/sys/netinet6/ip6_output.c
Modified: head/sys/netinet6/ip6_output.c
==
--- head/sys/netinet6/ip6_output.c Tue May 12 13:23:25 2020
(r360960)
+++ head/sys/netinet6/ip6_output.c Tue May 12 14:01:12 2020
(r360961)
@@ -322,7 +322,8 @@ ip6_fragment(struct ifnet *ifp, struct mbuf *m0, int h
static int
ip6_output_send(struct inpcb *inp, struct ifnet *ifp, struct ifnet *origifp,
-struct mbuf *m, struct sockaddr_in6 *dst, struct route_in6 *ro)
+struct mbuf *m, struct sockaddr_in6 *dst, struct route_in6 *ro,
+bool stamp_tag)
{
#ifdef KERN_TLS
struct ktls_session *tls = NULL;
@@ -353,6 +354,10 @@ ip6_output_send(struct inpcb *inp, struct ifnet *ifp,
error = EAGAIN;
goto done;
}
+ /*
+* Always stamp tags that include NIC ktls.
+*/
+ stamp_tag = true;
}
#endif
#ifdef RATELIMIT
@@ -366,7 +371,7 @@ ip6_output_send(struct inpcb *inp, struct ifnet *ifp,
mst = inp->inp_snd_tag;
}
#endif
- if (mst != NULL) {
+ if (stamp_tag && mst != NULL) {
KASSERT(m->m_pkthdr.rcvif == NULL,
("trying to add a send tag to a forwarded packet"));
if (mst->ifp != ifp) {
@@ -1165,7 +1170,8 @@ passout:
m->m_pkthdr.len);
ifa_free(>ia_ifa);
}
- error = ip6_output_send(inp, ifp, origifp, m, dst, ro);
+ error = ip6_output_send(inp, ifp, origifp, m, dst, ro,
+ (flags & IP_NO_SND_TAG_RL) ? false : true);
goto done;
}
@@ -1256,7 +1262,8 @@ sendorfree:
counter_u64_add(ia->ia_ifa.ifa_obytes,
m->m_pkthdr.len);
}
- error = ip6_output_send(inp, ifp, origifp, m, dst, ro);
+ error = ip6_output_send(inp, ifp, origifp, m, dst, ro,
+ true);
} else
m_freem(m);
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360960 - in head/sys/fs: nfs nfsclient nfsserver
Author: freqlabs
Date: Tue May 12 13:23:25 2020
New Revision: 360960
URL: https://svnweb.freebsd.org/changeset/base/360960
Log:
nfs: Remove APPLESTATIC macro
It is no longer useful.
Reviewed by: rmacklem
Approved by: mav (mentor)
MFC after:1 week
Sponsored by: iXsystems, Inc.
Differential Revision:https://reviews.freebsd.org/D24811
Modified:
head/sys/fs/nfs/nfs_commonacl.c
head/sys/fs/nfs/nfs_commonsubs.c
head/sys/fs/nfs/nfsport.h
head/sys/fs/nfsclient/nfs_clcomsubs.c
head/sys/fs/nfsclient/nfs_clport.c
head/sys/fs/nfsclient/nfs_clrpcops.c
head/sys/fs/nfsclient/nfs_clstate.c
head/sys/fs/nfsserver/nfs_nfsdcache.c
head/sys/fs/nfsserver/nfs_nfsdserv.c
head/sys/fs/nfsserver/nfs_nfsdsocket.c
head/sys/fs/nfsserver/nfs_nfsdstate.c
head/sys/fs/nfsserver/nfs_nfsdsubs.c
Modified: head/sys/fs/nfs/nfs_commonacl.c
==
--- head/sys/fs/nfs/nfs_commonacl.c Tue May 12 12:29:39 2020
(r360959)
+++ head/sys/fs/nfs/nfs_commonacl.c Tue May 12 13:23:25 2020
(r360960)
@@ -40,7 +40,7 @@ static int nfsrv_acemasktoperm(u_int32_t acetype, u_in
/*
* Handle xdr for an ace.
*/
-APPLESTATIC int
+int
nfsrv_dissectace(struct nfsrv_descript *nd, struct acl_entry *acep,
int *aceerrp, int *acesizep, NFSPROC_T *p)
{
@@ -388,7 +388,7 @@ nfsrv_buildace(struct nfsrv_descript *nd, u_char *name
/*
* Build an NFSv4 ACL.
*/
-APPLESTATIC int
+int
nfsrv_buildacl(struct nfsrv_descript *nd, NFSACL_T *aclp, enum vtype type,
NFSPROC_T *p)
{
@@ -451,7 +451,7 @@ nfsrv_buildacl(struct nfsrv_descript *nd, NFSACL_T *ac
* Compare two NFSv4 acls.
* Return 0 if they are the same, 1 if not the same.
*/
-APPLESTATIC int
+int
nfsrv_compareacl(NFSACL_T *aclp1, NFSACL_T *aclp2)
{
int i;
Modified: head/sys/fs/nfs/nfs_commonsubs.c
==
--- head/sys/fs/nfs/nfs_commonsubs.cTue May 12 12:29:39 2020
(r360959)
+++ head/sys/fs/nfs/nfs_commonsubs.cTue May 12 13:23:25 2020
(r360960)
@@ -314,7 +314,7 @@ static int nfs_bigrequest[NFSV42_NPROCS] = {
* Start building a request. Mostly just put the first file handle in
* place.
*/
-APPLESTATIC void
+void
nfscl_reqstart(struct nfsrv_descript *nd, int procnum, struct nfsmount *nmp,
u_int8_t *nfhp, int fhlen, u_int32_t **opcntpp, struct nfsclsession *sep,
int vers, int minorvers)
@@ -453,7 +453,7 @@ nfscl_reqstart(struct nfsrv_descript *nd, int procnum,
/*
* Put a state Id in the mbuf list.
*/
-APPLESTATIC void
+void
nfsm_stateidtom(struct nfsrv_descript *nd, nfsv4stateid_t *stateidp, int flag)
{
nfsv4stateid_t *st;
@@ -689,7 +689,7 @@ out:
* This is used by the macro NFSM_DISSECT for tough
* cases.
*/
-APPLESTATIC void *
+void *
nfsm_dissct(struct nfsrv_descript *nd, int siz, int how)
{
struct mbuf *mp2;
@@ -755,7 +755,7 @@ nfsm_dissct(struct nfsrv_descript *nd, int siz, int ho
* here than check for offs > 0 for all calls to nfsm_advance.
* If left == -1, it should be calculated here.
*/
-APPLESTATIC int
+int
nfsm_advance(struct nfsrv_descript *nd, int offs, int left)
{
int error = 0;
@@ -803,7 +803,7 @@ out:
* Copy a string into mbuf(s).
* Return the number of bytes output, including XDR overheads.
*/
-APPLESTATIC int
+int
nfsm_strtom(struct nfsrv_descript *nd, const char *cp, int siz)
{
struct mbuf *m2;
@@ -860,7 +860,7 @@ nfsm_strtom(struct nfsrv_descript *nd, const char *cp,
/*
* Called once to initialize data structures...
*/
-APPLESTATIC void
+void
newnfs_init(void)
{
static int nfs_inited = 0;
@@ -890,7 +890,7 @@ newnfs_init(void)
* set_true == 1 if there should be an newnfs_true prepended on the file
handle.
* Return the number of bytes output, including XDR overhead.
*/
-APPLESTATIC int
+int
nfsm_fhtom(struct nfsrv_descript *nd, u_int8_t *fhp, int size, int set_true)
{
u_int32_t *tl;
@@ -933,7 +933,7 @@ nfsm_fhtom(struct nfsrv_descript *nd, u_int8_t *fhp, i
* The AF_INET family is handled as a special case so that address mbufs
* don't need to be saved to store "struct in_addr", which is only 4 bytes.
*/
-APPLESTATIC int
+int
nfsaddr_match(int family, union nethostaddr *haddr, NFSSOCKADDR_T nam)
{
#ifdef INET
@@ -970,7 +970,7 @@ nfsaddr_match(int family, union nethostaddr *haddr, NF
/*
* Similar to the above, but takes to NFSSOCKADDR_T args.
*/
-APPLESTATIC int
+int
nfsaddr2_match(NFSSOCKADDR_T nam1, NFSSOCKADDR_T nam2)
{
struct sockaddr_in *addr1, *addr2;
@@ -1007,7 +1007,7 @@ nfsaddr2_match(NFSSOCKADDR_T nam1, NFSSOCKADDR_T nam2)
/*
* Trim trailing data off the mbuf list being built.
*/
-APPLESTATIC void
+void
newnfs_trimtrailing(nd, mb, bpos)
struct nfsrv_descript *nd;
struct mbuf *mb;
@@ -1026,7 +1026,7 @@ newnfs_trimtrailing(nd, mb, bpos)
/*
* Dissect a file handle on
svn commit: r360959 - stable/12/share/man/man3
Author: kib Date: Tue May 12 12:29:39 2020 New Revision: 360959 URL: https://svnweb.freebsd.org/changeset/base/360959 Log: MFC r360844: Document BUS_OOMERR. Modified: stable/12/share/man/man3/siginfo.3 Directory Properties: stable/12/ (props changed) Modified: stable/12/share/man/man3/siginfo.3 == --- stable/12/share/man/man3/siginfo.3 Tue May 12 11:18:14 2020 (r360958) +++ stable/12/share/man/man3/siginfo.3 Tue May 12 12:29:39 2020 (r360959) @@ -27,7 +27,7 @@ .\" .\" $FreeBSD$ .\" -.Dd April 24, 2018 +.Dd May 8, 2020 .Dt SIGINFO 3 .Os .Sh NAME @@ -150,6 +150,8 @@ invalid address alignment nonexistent physical address .It Ta Dv BUS_OBJERR Ta object-specific hardware error +.It Ta Dv BUS_OOMERR Ta +cannot alloc a page to map at fault .It Dv SIGTRAP Ta Dv TRAP_BRKPT Ta process breakpoint .It Ta Dv TRAP_TRACE Ta ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360958 - head/usr.sbin/bhyve
Author: afedorov
Date: Tue May 12 11:18:14 2020
New Revision: 360958
URL: https://svnweb.freebsd.org/changeset/base/360958
Log:
Add a new bhyve network backend that allow to connect the VM to the
netgraph(4) network.
The backend uses the socket API with the PF_NETGRAPH protocol family, which
is provided by the ng_socket(4).
To use the new backend, provide the following bhyve option:
-s X:Y:Z,[virtio-net|e1000],netgraph,socket=[ng_socket
name],path=[destination node],hook=[our socket src hook],peerhook=[dst node
hook]
Reviewed by: vmaffione, lutz_donnerhacke.de
Approved by: vmaffione (mentor)
Sponsored by: vstack.com
Differential Revision:https://reviews.freebsd.org/D24620
Modified:
head/usr.sbin/bhyve/Makefile
head/usr.sbin/bhyve/net_backends.c
Modified: head/usr.sbin/bhyve/Makefile
==
--- head/usr.sbin/bhyve/MakefileTue May 12 09:31:48 2020
(r360957)
+++ head/usr.sbin/bhyve/MakefileTue May 12 11:18:14 2020
(r360958)
@@ -90,6 +90,10 @@ CFLAGS+=-DINET
.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+=-DINET6
.endif
+.if ${MK_NETGRAPH_SUPPORT} != "no"
+CFLAGS+=-DNETGRAPH
+LIBADD+=netgraph
+.endif
.if ${MK_OPENSSL} == "no"
CFLAGS+=-DNO_OPENSSL
.else
Modified: head/usr.sbin/bhyve/net_backends.c
==
--- head/usr.sbin/bhyve/net_backends.c Tue May 12 09:31:48 2020
(r360957)
+++ head/usr.sbin/bhyve/net_backends.c Tue May 12 11:18:14 2020
(r360958)
@@ -69,6 +69,11 @@ __FBSDID("$FreeBSD$");
#include
#include
+#ifdef NETGRAPH
+#include
+#include
+#include
+#endif
#include "debug.h"
#include "iov.h"
@@ -382,6 +387,194 @@ static struct net_backend vmnet_backend = {
DATA_SET(net_backend_set, tap_backend);
DATA_SET(net_backend_set, vmnet_backend);
+
+#ifdef NETGRAPH
+
+/*
+ * Netgraph backend
+ */
+
+#define NG_SBUF_MAX_SIZE (4 * 1024 * 1024)
+
+static int
+ng_init(struct net_backend *be, const char *devname,
+const char *opts, net_be_rxeof_t cb, void *param)
+{
+ struct tap_priv *p = (struct tap_priv *)be->opaque;
+ struct ngm_connect ngc;
+ char *ngopts, *tofree;
+ char nodename[NG_NODESIZ];
+ int sbsz;
+ int ctrl_sock;
+ int flags;
+ int path_provided;
+ int peerhook_provided;
+ int socket_provided;
+ unsigned long maxsbsz;
+ size_t msbsz;
+#ifndef WITHOUT_CAPSICUM
+ cap_rights_t rights;
+#endif
+
+ if (cb == NULL) {
+ WPRINTF(("Netgraph backend requires non-NULL callback"));
+ return (-1);
+ }
+
+ be->fd = -1;
+
+ memset(, 0, sizeof(ngc));
+
+ strncpy(ngc.ourhook, "vmlink", NG_HOOKSIZ - 1);
+
+ tofree = ngopts = strdup(opts);
+
+ if (ngopts == NULL) {
+ WPRINTF(("strdup error"));
+ return (-1);
+ }
+
+ socket_provided = 0;
+ path_provided = 0;
+ peerhook_provided = 0;
+
+ (void)strsep(, ",");
+
+ while (ngopts != NULL) {
+ char *value = ngopts;
+ char *key;
+
+ key = strsep(, "=");
+ if (value == NULL)
+ break;
+ ngopts = value;
+ (void) strsep(, ",");
+
+ if (strcmp(key, "socket") == 0) {
+ strncpy(nodename, value, NG_NODESIZ - 1);
+ socket_provided = 1;
+ } else if (strcmp(key, "path") == 0) {
+ strncpy(ngc.path, value, NG_PATHSIZ - 1);
+ path_provided = 1;
+ } else if (strcmp(key, "hook") == 0) {
+ strncpy(ngc.ourhook, value, NG_HOOKSIZ - 1);
+ } else if (strcmp(key, "peerhook") == 0) {
+ strncpy(ngc.peerhook, value, NG_HOOKSIZ - 1);
+ peerhook_provided = 1;
+ }
+ }
+
+ free(tofree);
+
+ if (!path_provided) {
+ WPRINTF(("path must be provided"));
+ return (-1);
+ }
+
+ if (!peerhook_provided) {
+ WPRINTF(("peer hook must be provided"));
+ return (-1);
+ }
+
+ if (NgMkSockNode(socket_provided ? nodename : NULL,
+ _sock, >fd) < 0) {
+ WPRINTF(("can't get Netgraph sockets"));
+ return (-1);
+ }
+
+ if (NgSendMsg(ctrl_sock, ".",
+ NGM_GENERIC_COOKIE,
+ NGM_CONNECT, , sizeof(ngc)) < 0) {
+ WPRINTF(("can't connect to node"));
+ close(ctrl_sock);
+ goto error;
+ }
+
+ close(ctrl_sock);
+
+ flags = fcntl(be->fd, F_GETFL);
+
+ if (flags < 0) {
+ WPRINTF(("can't get socket flags"));
+ goto error;
+ }
+
+ if (fcntl(be->fd, F_SETFL, flags |
Re: svn commit: r360956 - head/cddl/contrib/opensolaris/cmd/zfs
Andriy Gapon wrote: Author: avg Date: Tue May 12 09:04:57 2020 New Revision: 360956 URL: https://svnweb.freebsd.org/changeset/base/360956 Log: zfs allow/unallow should work with numeric uid/gid And that should work even (especially) if there is no matching user or group name. This change allows to see and modify delegations for deleted groups and users. The change is originally by Xin Li. illumos report: https://www.illumos.org/issues/6037 OpenZFS (ZoL) PR: https://github.com/openzfs/zfs/pull/10280 Obtained from: delphij MFC after: 2 weeks Also, PR: 200663. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360957 - head/sys/amd64/amd64
Author: avg
Date: Tue May 12 09:31:48 2020
New Revision: 360957
URL: https://svnweb.freebsd.org/changeset/base/360957
Log:
amd64/pmap: unbreak !NUMA case for fictitious pages
A fictitious page can have a physical address beyond the end of the RAM.
In the NUMA case there is some special code to handle such pages, but in
the other case the pages are handled the same as normal pages. So, we
cannot assert that the physical address is within RAM addresses.
Suggested by: kib
Reviewed by: kib
X-MFC note: NUMA support has not been MFC-ed
Modified:
head/sys/amd64/amd64/pmap.c
Modified: head/sys/amd64/amd64/pmap.c
==
--- head/sys/amd64/amd64/pmap.c Tue May 12 09:04:57 2020(r360956)
+++ head/sys/amd64/amd64/pmap.c Tue May 12 09:31:48 2020(r360957)
@@ -323,12 +323,12 @@ pmap_pku_mask_bit(pmap_t pmap)
#endif
#undef pa_index
+#ifdef NUMA
#definepa_index(pa)({ \
KASSERT((pa) <= vm_phys_segs[vm_phys_nsegs - 1].end,\
("address %lx beyond the last segment", (pa))); \
(pa) >> PDRSHIFT; \
})
-#ifdef NUMA
#definepa_to_pmdp(pa) (_table[pa_index(pa)])
#definepa_to_pvh(pa) (&(pa_to_pmdp(pa)->pv_page))
#definePHYS_TO_PV_LIST_LOCK(pa)({ \
@@ -340,6 +340,7 @@ pmap_pku_mask_bit(pmap_t pmap)
_lock; \
})
#else
+#definepa_index(pa)((pa) >> PDRSHIFT)
#definepa_to_pvh(pa) (_table[pa_index(pa)])
#defineNPV_LIST_LOCKS MAXCPU
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360956 - head/cddl/contrib/opensolaris/cmd/zfs
Author: avg
Date: Tue May 12 09:04:57 2020
New Revision: 360956
URL: https://svnweb.freebsd.org/changeset/base/360956
Log:
zfs allow/unallow should work with numeric uid/gid
And that should work even (especially) if there is no matching user or
group name. This change allows to see and modify delegations for
deleted groups and users.
The change is originally by Xin Li.
illumos report: https://www.illumos.org/issues/6037
OpenZFS (ZoL) PR: https://github.com/openzfs/zfs/pull/10280
Obtained from:delphij
MFC after:2 weeks
Modified:
head/cddl/contrib/opensolaris/cmd/zfs/zfs_main.c
Modified: head/cddl/contrib/opensolaris/cmd/zfs/zfs_main.c
==
--- head/cddl/contrib/opensolaris/cmd/zfs/zfs_main.cTue May 12 04:34:26
2020(r360955)
+++ head/cddl/contrib/opensolaris/cmd/zfs/zfs_main.cTue May 12 09:04:57
2020(r360956)
@@ -4696,6 +4696,14 @@ parse_fs_perm(fs_perm_t *fsperm, nvlist_t *nvl)
(void) strlcpy(
node->who_perm.who_ug_name,
nice_name, 256);
+ else {
+ /* User or group unknown */
+ (void) snprintf(
+ node->who_perm.who_ug_name,
+ sizeof (
+ node->who_perm.who_ug_name),
+ "(unknown: %d)", rid);
+ }
}
uu_avl_insert(avl, node, idx);
@@ -5194,9 +5202,9 @@ construct_fsacl_list(boolean_t un, struct allow_opts *
if (p != NULL)
rid = p->pw_uid;
- else {
+ else if (*endch != '\0') {
(void) snprintf(errbuf, 256, gettext(
- "invalid user %s"), curr);
+ "invalid user %s\n"), curr);
allow_usage(un, B_TRUE, errbuf);
}
} else if (opts->group) {
@@ -5208,9 +5216,9 @@ construct_fsacl_list(boolean_t un, struct allow_opts *
if (g != NULL)
rid = g->gr_gid;
- else {
+ else if (*endch != '\0') {
(void) snprintf(errbuf, 256, gettext(
- "invalid group %s"), curr);
+ "invalid group %s\n"), curr);
allow_usage(un, B_TRUE, errbuf);
}
} else {
@@ -5236,7 +5244,7 @@ construct_fsacl_list(boolean_t un, struct allow_opts *
rid = g->gr_gid;
} else {
(void) snprintf(errbuf, 256, gettext(
- "invalid user/group %s"), curr);
+ "invalid user/group %s\n"), curr);
allow_usage(un, B_TRUE, errbuf);
}
}
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
