svn commit: r223780 - head/sbin/hastd
Author: trociny Date: Tue Jul 5 06:12:28 2011 New Revision: 223780 URL: http://svn.freebsd.org/changeset/base/223780 Log: Remove useless initialization. Approved by: pjd (mentor) MFC after:3 days Modified: head/sbin/hastd/control.c Modified: head/sbin/hastd/control.c == --- head/sbin/hastd/control.c Tue Jul 5 02:51:27 2011(r223779) +++ head/sbin/hastd/control.c Tue Jul 5 06:12:28 2011(r223780) @@ -155,8 +155,7 @@ control_status_worker(struct hast_resour const char *str; int error; - cnvin = cnvout = NULL; - error = 0; + cnvin = NULL; /* * Prepare and send command to worker process. ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r223715 - head/contrib/gcc
* Ed Schouten e...@80386.nl, 20110704 13:49: I could do another run at WARNS=1 if you like. Done. Everything still builds. -- Ed Schouten e...@80386.nl WWW: http://80386.nl/ pgprjQMHevEZR.pgp Description: PGP signature
svn commit: r223785 - in head/sys: kern sys
Author: jonathan Date: Tue Jul 5 13:45:10 2011 New Revision: 223785 URL: http://svn.freebsd.org/changeset/base/223785 Log: Rework _fget to accept capability parameters. This new version of _fget() requires new parameters: - cap_rights_t needrights the rights that we expect the capability's rights mask to include (e.g. CAP_READ if we are going to read from the file) - cap_rights_t *haverights used to return the capability's rights mask (ignored if NULL) - u_char *maxprotp the maximum mmap() rights (e.g. VM_PROT_READ) that can be permitted (only used if we are going to mmap the file; ignored if NULL) - int fget_flags FGET_GETCAP if we want to return the capability itself, rather than the underlying object which it wraps Approved by: mentor (rwatson), re (Capsicum blanket) Sponsored by: Google Inc Modified: head/sys/kern/kern_descrip.c head/sys/sys/file.h Modified: head/sys/kern/kern_descrip.c == --- head/sys/kern/kern_descrip.cTue Jul 5 10:37:17 2011 (r223784) +++ head/sys/kern/kern_descrip.cTue Jul 5 13:45:10 2011 (r223785) @@ -37,6 +37,7 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); +#include opt_capsicum.h #include opt_compat.h #include opt_ddb.h #include opt_ktrace.h @@ -44,6 +45,7 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/systm.h +#include sys/capability.h #include sys/conf.h #include sys/domain.h #include sys/fcntl.h @@ -91,6 +93,7 @@ __FBSDID($FreeBSD$); #include security/audit/audit.h #include vm/uma.h +#include vm/vm.h #include ddb/ddb.h @@ -2259,15 +2262,27 @@ fget_unlocked(struct filedesc *fdp, int * If the descriptor doesn't exist or doesn't match 'flags', EBADF is * returned. * + * If the FGET_GETCAP flag is set, the capability itself will be returned. + * Calling _fget() with FGET_GETCAP on a non-capability will return EINVAL. + * Otherwise, if the file is a capability, its rights will be checked against + * the capability rights mask, and if successful, the object will be unwrapped. + * * If an error occured the non-zero error is returned and *fpp is set to * NULL. Otherwise *fpp is held and set and zero is returned. Caller is * responsible for fdrop(). */ +#defineFGET_GETCAP 0x0001 static __inline int -_fget(struct thread *td, int fd, struct file **fpp, int flags) +_fget(struct thread *td, int fd, struct file **fpp, int flags, +cap_rights_t needrights, cap_rights_t *haverights, u_char *maxprotp, +int fget_flags) { struct filedesc *fdp; struct file *fp; +#ifdef CAPABILITIES + struct file *fp_fromcap; + int error; +#endif *fpp = NULL; if (td == NULL || (fdp = td-td_proc-p_fd) == NULL) @@ -2278,6 +2293,47 @@ _fget(struct thread *td, int fd, struct fdrop(fp, td); return (EBADF); } + +#ifdef CAPABILITIES + /* +* If a capability has been requested, return the capability directly. +* Otherwise, check capability rights, extract the underlying object, +* and check its access flags. +*/ + if (fget_flags FGET_GETCAP) { + if (fp-f_type != DTYPE_CAPABILITY) { + fdrop(fp, td); + return (EINVAL); + } + } else { + if (maxprotp == NULL) + error = cap_funwrap(fp, needrights, fp_fromcap); + else + error = cap_funwrap_mmap(fp, needrights, maxprotp, + fp_fromcap); + if (error) { + fdrop(fp, td); + return (error); + } + + /* +* If we've unwrapped a file, drop the original capability +* and hold the new descriptor. fp after this point refers to +* the actual (unwrapped) object, not the capability. +*/ + if (fp != fp_fromcap) { + fhold(fp_fromcap); + fdrop(fp, td); + fp = fp_fromcap; + } + } +#else /* !CAPABILITIES */ + KASSERT(fp-f_type != DTYPE_CAPABILITY, + (%s: saw capability, __func__)); + if (maxprotp != NULL) + *maxprotp = VM_PROT_ALL; +#endif /* CAPABILITIES */ + /* * FREAD and FWRITE failure return EBADF as per POSIX. * @@ -2296,23 +2352,36 @@ int fget(struct thread *td, int fd, struct file **fpp) { - return(_fget(td, fd, fpp, 0)); + return(_fget(td, fd, fpp, 0, 0, NULL, NULL, 0)); } int fget_read(struct thread *td, int fd, struct file **fpp) { - return(_fget(td, fd, fpp, FREAD)); + return(_fget(td, fd, fpp, FREAD, 0, NULL, NULL, 0)); } int fget_write(struct thread *td, int fd, struct file
svn commit: r223786 - head/usr.bin/w
Author: ed Date: Tue Jul 5 14:12:48 2011 New Revision: 223786 URL: http://svn.freebsd.org/changeset/base/223786 Log: Only print entries for which ut_host points to a character device. Now that we use utmpx, we more often have entries for which the ut_line is left blank. To prevent us from returning struct stat for /dev/, check that the resulting stat structure belongs to a character device. Modified: head/usr.bin/w/w.c Modified: head/usr.bin/w/w.c == --- head/usr.bin/w/w.c Tue Jul 5 13:45:10 2011(r223785) +++ head/usr.bin/w/w.c Tue Jul 5 14:12:48 2011(r223786) @@ -497,7 +497,7 @@ ttystat(char *line) char ttybuf[MAXPATHLEN]; (void)snprintf(ttybuf, sizeof(ttybuf), %s%s, _PATH_DEV, line); - if (stat(ttybuf, sb) == 0) { + if (stat(ttybuf, sb) == 0 S_ISCHR(sb.st_mode)) { return (sb); } else return (NULL); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223788 - head/usr.sbin/flowctl
Author: glebius Date: Tue Jul 5 14:50:06 2011 New Revision: 223788 URL: http://svn.freebsd.org/changeset/base/223788 Log: Rewrite the flowctl utility to add it support for displaying both IPv4 and IPv4 flows. Modified: head/usr.sbin/flowctl/Makefile head/usr.sbin/flowctl/flowctl.c Modified: head/usr.sbin/flowctl/Makefile == --- head/usr.sbin/flowctl/Makefile Tue Jul 5 14:48:39 2011 (r223787) +++ head/usr.sbin/flowctl/Makefile Tue Jul 5 14:50:06 2011 (r223788) @@ -2,6 +2,8 @@ # $FreeBSD$ # +.include bsd.own.mk + PROG= flowctl MAN= flowctl.8 @@ -9,4 +11,10 @@ WARNS?= 2 DPADD= ${LIBNETGRAPH} LDADD= -lnetgraph +.if ${MK_INET6_SUPPORT} != no +CFLAGS+= -DINET6 +.endif + +CFLAGS+= -I. + .include bsd.prog.mk Modified: head/usr.sbin/flowctl/flowctl.c == --- head/usr.sbin/flowctl/flowctl.c Tue Jul 5 14:48:39 2011 (r223787) +++ head/usr.sbin/flowctl/flowctl.c Tue Jul 5 14:50:06 2011 (r223788) @@ -46,6 +46,7 @@ static const char rcs_id[] = #include stdio.h #include stdlib.h #include string.h +#include sysexits.h #include unistd.h #include netgraph.h @@ -54,21 +55,32 @@ static const char rcs_id[] = #defineCISCO_SH_FLOW_HEADERSrcIf SrcIPaddressDstIf DstIPaddressPr SrcP DstP Pkts\n #defineCISCO_SH_FLOW %-13s %-15s %-13s %-15s %2u %4.4x %4.4x %6lu\n +#defineCISCO_SH_FLOW6_HEADER SrcIf SrcIPaddress DstIf DstIPaddress Pr SrcP DstP Pkts\n +#defineCISCO_SH_FLOW6 %-13s %-30s %-13s %-30s %2u %4.4x %4.4x %6lu\n + #defineCISCO_SH_VERB_FLOW_HEADER SrcIf SrcIPaddressDstIf DstIPaddressPr TOS Flgs Pkts\n \ Port Msk ASPort Msk ASNextHop B/Pk Active\n #defineCISCO_SH_VERB_FLOW %-14s %-15s %-14s %-15s %2u %3x %4x %6lu\n \ %4.4x /%-2u %-5u %4.4x /%-2u %-5u %-15s %9u %8u\n\n -static int flow_cache_print(struct ngnf_flows *recs); -static int flow_cache_print_verbose(struct ngnf_flows *recs); -static int ctl_show(int, char **); +#defineCISCO_SH_VERB_FLOW6_HEADER SrcIf SrcIPaddress DstIf DstIPaddress Pr TOS Flgs Pkts\n \ +Port Msk ASPort Msk ASNextHop B/Pk Active\n + +#defineCISCO_SH_VERB_FLOW6 %-14s %-30s %-14s %-30s %2u %3x %4x %6lu\n \ + %4.4x /%-2u %-5u %4.4x /%-2u %-5u %-30s %9u %8u\n\n +static void flow_cache_print(struct ngnf_show_header *resp); +static void flow_cache_print6(struct ngnf_show_header *resp); +static void flow_cache_print_verbose(struct ngnf_show_header *resp); +static void flow_cache_print6_verbose(struct ngnf_show_header *resp); +static void ctl_show(int, char **); +static void do_show(int, void (*func)(struct ngnf_show_header *)); static void help(void); static void execute_command(int, char **); struct ip_ctl_cmd { char*cmd_name; - int (*cmd_func)(int argc, char **argv); + void(*cmd_func)(int argc, char **argv); }; struct ip_ctl_cmd cmds[] = { @@ -77,7 +89,7 @@ struct ip_ctl_cmd cmds[] = { }; intcs; -char ng_nodename[NG_PATHSIZ]; +char *ng_path; int main(int argc, char **argv) @@ -85,7 +97,6 @@ main(int argc, char **argv) int c; char sname[NG_NODESIZ]; int rcvbuf = SORCVBUF_SIZE; - char*ng_name; /* parse options */ while ((c = getopt(argc, argv, d:)) != -1) { @@ -98,14 +109,12 @@ main(int argc, char **argv) argc -= optind; argv += optind; - ng_name = argv[0]; - if (ng_name == NULL) + ng_path = argv[0]; + if (ng_path == NULL || (strlen(ng_path) NG_PATHSIZ)) help(); argc--; argv++; - snprintf(ng_nodename, sizeof(ng_nodename), %s:, ng_name); - /* create control socket. */ snprintf(sname, sizeof(sname), flowctl%i, getpid()); @@ -145,74 +154,99 @@ execute_command(int argc, char **argv) (*cmds[cindex].cmd_func)(argc, argv); } -static int +static void ctl_show(int argc, char **argv) { - struct ng_mesg *ng_mesg; - struct ngnf_flows *data; - char path[NG_PATHSIZ]; - int token, nread, last = 0; - int verbose = 0; + int ipv4 = 1, ipv6 = 1, verbose = 0; + + if (argc 0 !strncmp(argv[0], ipv4, 4)) { + ipv6 = 0; + argc--; + argv++; + } + if (argc 0 !strncmp(argv[0], ipv6, 4)) { + ipv4 = 0; + argc--; + argv++; + } if (argc 0 !strncmp(argv[0], verbose, strlen(argv[0]))) verbose = 1; + if (ipv4) { +
svn commit: r223787 - head/sys/netgraph/netflow
Author: glebius Date: Tue Jul 5 14:48:39 2011 New Revision: 223787 URL: http://svn.freebsd.org/changeset/base/223787 Log: o Eliminate flow6_hash_entry in favor of flow_hash_entry. We don't need a separate struct to start a slist of semi-opaque structs. This makes some code more compact. o Rewrite ng_netflow_flow_show() and its API/ABI: - Support for IPv6 is added. - Request and response now use same struct. Structure specifies version (6 or 4), index of last retrieved hash, and also index of last retrieved entry in the hash entry. Modified: head/sys/netgraph/netflow/netflow.c head/sys/netgraph/netflow/ng_netflow.c head/sys/netgraph/netflow/ng_netflow.h Modified: head/sys/netgraph/netflow/netflow.c == --- head/sys/netgraph/netflow/netflow.c Tue Jul 5 14:12:48 2011 (r223786) +++ head/sys/netgraph/netflow/netflow.c Tue Jul 5 14:48:39 2011 (r223787) @@ -100,7 +100,7 @@ static int export_send(priv_p, fib_expor static int hash_insert(priv_p, struct flow_hash_entry *, struct flow_rec *, int, uint8_t); #ifdef INET6 -static int hash6_insert(priv_p, struct flow6_hash_entry *, struct flow6_rec *, int, uint8_t); +static int hash6_insert(priv_p, struct flow_hash_entry *, struct flow6_rec *, int, uint8_t); #endif static __inline void expire_flow(priv_p, fib_export_p, struct flow_entry *, int); @@ -412,7 +412,7 @@ hash_insert(priv_p priv, struct flow_has bitcount32((x).__u6_addr.__u6_addr32[3]) /* XXX: Do we need inline here ? */ static __inline int -hash6_insert(priv_p priv, struct flow6_hash_entry *hsh6, struct flow6_rec *r, +hash6_insert(priv_p priv, struct flow_hash_entry *hsh6, struct flow6_rec *r, int plen, uint8_t tcp_flags) { struct flow6_entry *fle6; @@ -491,7 +491,7 @@ hash6_insert(priv_p priv, struct flow6_h } /* Push new flow at the and of hash. */ - TAILQ_INSERT_TAIL(hsh6-head, fle6, fle6_hash); + TAILQ_INSERT_TAIL(hsh6-head, (struct flow_entry *)fle6, fle_hash); return (0); } @@ -507,9 +507,6 @@ void ng_netflow_cache_init(priv_p priv) { struct flow_hash_entry *hsh; -#ifdef INET6 - struct flow6_hash_entry *hsh6; -#endif int i; /* Initialize cache UMA zone. */ @@ -534,13 +531,13 @@ ng_netflow_cache_init(priv_p priv) #ifdef INET6 /* Allocate hash. */ - priv-hash6 = malloc(NBUCKETS * sizeof(struct flow6_hash_entry), + priv-hash6 = malloc(NBUCKETS * sizeof(struct flow_hash_entry), M_NETFLOW_HASH, M_WAITOK | M_ZERO); /* Initialize hash. */ - for (i = 0, hsh6 = priv-hash6; i NBUCKETS; i++, hsh6++) { - mtx_init(hsh6-mtx, hash mutex, NULL, MTX_DEF); - TAILQ_INIT(hsh6-head); + for (i = 0, hsh = priv-hash6; i NBUCKETS; i++, hsh++) { + mtx_init(hsh-mtx, hash mutex, NULL, MTX_DEF); + TAILQ_INIT(hsh-head); } #endif @@ -588,10 +585,6 @@ ng_netflow_cache_flush(priv_p priv) { struct flow_entry *fle, *fle1; struct flow_hash_entry *hsh; -#ifdef INET6 - struct flow6_entry *fle6, *fle61; - struct flow6_hash_entry *hsh6; -#endif struct netflow_export_item exp; fib_export_p fe; int i; @@ -610,11 +603,11 @@ ng_netflow_cache_flush(priv_p priv) expire_flow(priv, fe, fle, NG_QUEUE); } #ifdef INET6 - for (hsh6 = priv-hash6, i = 0; i NBUCKETS; hsh6++, i++) - TAILQ_FOREACH_SAFE(fle6, hsh6-head, fle6_hash, fle61) { - TAILQ_REMOVE(hsh6-head, fle6, fle6_hash); - fe = priv_to_fib(priv, fle6-f.r.fib); - expire_flow(priv, fe, (struct flow_entry *)fle6, NG_QUEUE); + for (hsh = priv-hash6, i = 0; i NBUCKETS; hsh++, i++) + TAILQ_FOREACH_SAFE(fle, hsh-head, fle_hash, fle1) { + TAILQ_REMOVE(hsh-head, fle, fle_hash); + fe = priv_to_fib(priv, fle-f.r.fib); + expire_flow(priv, fe, fle, NG_QUEUE); } #endif @@ -629,8 +622,8 @@ ng_netflow_cache_flush(priv_p priv) #ifdef INET6 uma_zdestroy(priv-zone6); /* Destroy hash mutexes. */ - for (i = 0, hsh6 = priv-hash6; i NBUCKETS; i++, hsh6++) - mtx_destroy(hsh6-mtx); + for (i = 0, hsh = priv-hash6; i NBUCKETS; i++, hsh++) + mtx_destroy(hsh-mtx); /* Free hash memory. */ if (priv-hash6 != NULL) @@ -790,8 +783,9 @@ int ng_netflow_flow6_add(priv_p priv, fib_export_p fe, struct ip6_hdr *ip6, caddr_t upper_ptr, uint8_t upper_proto, uint8_t is_frag, unsigned int src_if_index) { - register struct flow6_entry *fle6 = NULL, *fle61; - struct flow6_hash_entry *hsh6; + register struct flow_entry *fle =
svn commit: r223790 - head/usr.sbin/flowctl
Author: glebius Date: Tue Jul 5 14:55:17 2011 New Revision: 223790 URL: http://svn.freebsd.org/changeset/base/223790 Log: Update manual page. Mention IPv6 support, and notice that main argument isn't actually a node, but a netgraph path. Modified: head/usr.sbin/flowctl/flowctl.8 Modified: head/usr.sbin/flowctl/flowctl.8 == --- head/usr.sbin/flowctl/flowctl.8 Tue Jul 5 14:54:33 2011 (r223789) +++ head/usr.sbin/flowctl/flowctl.8 Tue Jul 5 14:55:17 2011 (r223790) @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd March 23, 2005 +.Dd July 5, 2011 .Dt FLOWCTL 8 .Os .Sh NAME @@ -35,7 +35,7 @@ control utility .Sh SYNOPSIS .Nm .Op Fl d Ar level -.Ar node command +.Ar path command .Sh DESCRIPTION The .Nm @@ -55,11 +55,16 @@ Currently, .Nm supports only one command. .Bl -tag -width .Cm show -.It Cm show +.It Cm show Op Cm ipv4|ipv6 This command is the analog of the .Dq show ip cache flow command of a Cisco router. It dumps the contents of the flow cache in Cisco-like format. +Specifing either +.Cm ipv4 +or +.Cm ipv6 +would extract only IPv4 or IPv6 flows respectively. It has optional parameter .Cm verbose , which is analog of the ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223792 - head/sys/powerpc/ps3
Author: nwhitehorn Date: Tue Jul 5 15:00:55 2011 New Revision: 223792 URL: http://svn.freebsd.org/changeset/base/223792 Log: Follow Linux by unconditionally stripping the RX vlan tag from incoming packets. It turns out that all firmware versions insert it, whether or not they support VLAN tagging. Submitted by: glevand geoffrey.levand at mail dot ru Modified: head/sys/powerpc/ps3/if_glc.c Modified: head/sys/powerpc/ps3/if_glc.c == --- head/sys/powerpc/ps3/if_glc.c Tue Jul 5 14:58:10 2011 (r223791) +++ head/sys/powerpc/ps3/if_glc.c Tue Jul 5 15:00:55 2011 (r223792) @@ -155,7 +155,7 @@ glc_attach(device_t dev) lv1_net_control(sc-sc_bus, sc-sc_dev, GELIC_GET_MAC_ADDRESS, 0, 0, 0, mac64, junk); memcpy(sc-sc_enaddr, ((uint8_t *)mac64)[2], sizeof(sc-sc_enaddr)); - sc-sc_tx_vlan = sc-sc_rx_vlan = -1; + sc-sc_tx_vlan = sc-sc_rx_vlan = -1; err = lv1_net_control(sc-sc_bus, sc-sc_dev, GELIC_GET_VLAN_ID, GELIC_VLAN_TX_ETHERNET, 0, 0, val, junk); if (err == 0) @@ -178,7 +178,7 @@ glc_attach(device_t dev) } bus_setup_intr(dev, sc-sc_irq, - INTR_TYPE_MISC | INTR_MPSAFE | INTR_ENTROPY, + INTR_TYPE_NET | INTR_MPSAFE | INTR_ENTROPY, glc_intr_filter, glc_intr, sc, sc-sc_irqctx); sc-sc_hwirq_status = (uint64_t *)contigmalloc(8, M_GLC, M_ZERO, 0, BUS_SPACE_MAXADDR_32BIT, 8, PAGE_SIZE); @@ -755,8 +755,11 @@ glc_rxintr(struct glc_softc *sc) m-m_len = sc-sc_rxdmadesc[i].valid_size; m-m_pkthdr.len = m-m_len; - if (sc-sc_rx_vlan = 0) - m_adj(m, 2); + /* +* Remove VLAN tag. Even on early firmwares that do not allow +* multiple VLANs, the VLAN tag is still in place here. +*/ + m_adj(m, 2); mtx_unlock(sc-sc_mtx); (*ifp-if_input)(ifp, m); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r223788 - head/usr.sbin/flowctl
On 5 July 2011 18:50, Gleb Smirnoff gleb...@freebsd.org wrote: Author: glebius Date: Tue Jul 5 14:50:06 2011 New Revision: 223788 URL: http://svn.freebsd.org/changeset/base/223788 Log: Rewrite the flowctl utility to add it support for displaying both IPv4 and IPv4 flows. Modified: head/usr.sbin/flowctl/Makefile head/usr.sbin/flowctl/flowctl.c Modified: head/usr.sbin/flowctl/Makefile == --- head/usr.sbin/flowctl/Makefile Tue Jul 5 14:48:39 2011 (r223787) +++ head/usr.sbin/flowctl/Makefile Tue Jul 5 14:50:06 2011 (r223788) @@ -2,6 +2,8 @@ # $FreeBSD$ # +.include bsd.own.mk + PROG= flowctl MAN= flowctl.8 @@ -9,4 +11,10 @@ WARNS?= 2 DPADD= ${LIBNETGRAPH} LDADD= -lnetgraph +.if ${MK_INET6_SUPPORT} != no +CFLAGS+= -DINET6 +.endif [...] It's broken for WITHOUT_INET6=yes. Please consider taking a look at the change below on top of r223788. The patch adds handling for WITHOUT_INET, too. Index: usr.sbin/flowctl/flowctl.c === --- usr.sbin/flowctl/flowctl.c (revision 223792) +++ usr.sbin/flowctl/flowctl.c (working copy) @@ -69,12 +69,18 @@ #defineCISCO_SH_VERB_FLOW6 %-14s %-30s %-14s %-30s %2u %3x %4x %6lu\n \ %4.4x /%-2u %-5u %4.4x /%-2u %-5u %-30s %9u %8u\n\n +#ifdef INET static void flow_cache_print(struct ngnf_show_header *resp); +static void flow_cache_print_verbose(struct ngnf_show_header *resp); +#endif +#ifdef INET6 static void flow_cache_print6(struct ngnf_show_header *resp); -static void flow_cache_print_verbose(struct ngnf_show_header *resp); static void flow_cache_print6_verbose(struct ngnf_show_header *resp); +#endif static void ctl_show(int, char **); +#if defined(INET) || defined(INET6) static void do_show(int, void (*func)(struct ngnf_show_header *)); +#endif static void help(void); static void execute_command(int, char **); @@ -157,8 +163,11 @@ static void ctl_show(int argc, char **argv) { - int ipv4 = 1, ipv6 = 1, verbose = 0; + int ipv4, ipv6, verbose = 0; + ipv4 = feature_present(inet); + ipv6 = feature_present(inet6); + if (argc 0 !strncmp(argv[0], ipv4, 4)) { ipv6 = 0; argc--; @@ -173,21 +182,26 @@ if (argc 0 !strncmp(argv[0], verbose, strlen(argv[0]))) verbose = 1; +#ifdef INET if (ipv4) { if (verbose) do_show(4, flow_cache_print_verbose); else do_show(4, flow_cache_print); } +#endif +#ifdef INET6 if (ipv6) { if (verbose) do_show(6, flow_cache_print6_verbose); else do_show(6, flow_cache_print6); } +#endif } +#if defined(INET) || defined(INET6) static void do_show(int version, void (*func)(struct ngnf_show_header *)) { @@ -230,7 +244,9 @@ req.list_id = resp-list_id; } } +#endif +#ifdef INET static void flow_cache_print(struct ngnf_show_header *resp) { @@ -261,6 +277,7 @@ } } +#endif #ifdef INET6 static void @@ -295,6 +312,7 @@ } #endif +#ifdef INET static void flow_cache_print_verbose(struct ngnf_show_header *resp) { @@ -335,6 +353,7 @@ } } +#endif #ifdef INET6 static void Index: usr.sbin/flowctl/Makefile === --- usr.sbin/flowctl/Makefile (revision 223792) +++ usr.sbin/flowctl/Makefile (working copy) @@ -14,7 +14,8 @@ .if ${MK_INET6_SUPPORT} != no CFLAGS+= -DINET6 .endif +.if ${MK_INET_SUPPORT} != no +CFLAGS+= -DINET +.endif -CFLAGS+= -I. - .include bsd.prog.mk -- wbr, pluknet ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223794 - head
Author: rmacklem Date: Tue Jul 5 18:40:19 2011 New Revision: 223794 URL: http://svn.freebsd.org/changeset/base/223794 Log: Delete files made obsolete by the change in default NFS client and the move of nfs_kdtrace.h to sys/nfs. Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Tue Jul 5 18:29:32 2011(r223793) +++ head/ObsoleteFiles.inc Tue Jul 5 18:40:19 2011(r223794) @@ -38,6 +38,10 @@ # xargs -n1 | sort | uniq -d; # done +# 20110705: the switch of default NFS client to the new one +OLD_FILES+=sbin/mount_newnfs +OLD_FILES+=usr/share/man/man8/mount_newnfs.8.gz +OLD_FILES+=usr/include/nfsclient/nfs_kdtrace.h # 20110502: new clang import which bumps version from 2.9 to 3.0 OLD_FILES+=usr/include/clang/2.9/emmintrin.h OLD_FILES+=usr/include/clang/2.9/mm_malloc.h ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223795 - in head/sys: kern sparc64/sparc64
Author: marius Date: Tue Jul 5 18:40:37 2011 New Revision: 223795 URL: http://svn.freebsd.org/changeset/base/223795 Log: Call pmap_qremove() before freeing or unwiring the pages, otherwise there's a window during which a page can be re-used before its previous mapping is removed. Reviewed by: alc MFC after:1 week Modified: head/sys/kern/vfs_bio.c head/sys/sparc64/sparc64/pmap.c Modified: head/sys/kern/vfs_bio.c == --- head/sys/kern/vfs_bio.c Tue Jul 5 18:40:19 2011(r223794) +++ head/sys/kern/vfs_bio.c Tue Jul 5 18:40:37 2011(r223795) @@ -1625,6 +1625,7 @@ vfs_vmio_release(struct buf *bp) int i; vm_page_t m; + pmap_qremove(trunc_page((vm_offset_t)bp-b_data), bp-b_npages); VM_OBJECT_LOCK(bp-b_bufobj-bo_object); for (i = 0; i bp-b_npages; i++) { m = bp-b_pages[i]; @@ -1658,7 +1659,6 @@ vfs_vmio_release(struct buf *bp) vm_page_unlock(m); } VM_OBJECT_UNLOCK(bp-b_bufobj-bo_object); - pmap_qremove(trunc_page((vm_offset_t) bp-b_data), bp-b_npages); if (bp-b_bufsize) { bufspacewakeup(); @@ -3012,6 +3012,10 @@ allocbuf(struct buf *bp, int size) if (desiredpages bp-b_npages) { vm_page_t m; + pmap_qremove((vm_offset_t)trunc_page( + (vm_offset_t)bp-b_data) + + (desiredpages PAGE_SHIFT), + (bp-b_npages - desiredpages)); VM_OBJECT_LOCK(bp-b_bufobj-bo_object); for (i = desiredpages; i bp-b_npages; i++) { /* @@ -3032,8 +3036,6 @@ allocbuf(struct buf *bp, int size) vm_page_unlock(m); } VM_OBJECT_UNLOCK(bp-b_bufobj-bo_object); - pmap_qremove((vm_offset_t) trunc_page((vm_offset_t)bp-b_data) + - (desiredpages PAGE_SHIFT), (bp-b_npages - desiredpages)); bp-b_npages = desiredpages; } } else if (size bp-b_bcount) { Modified: head/sys/sparc64/sparc64/pmap.c == --- head/sys/sparc64/sparc64/pmap.c Tue Jul 5 18:40:19 2011 (r223794) +++ head/sys/sparc64/sparc64/pmap.c Tue Jul 5 18:40:37 2011 (r223795) @@ -1294,6 +1294,7 @@ pmap_release(pmap_t pm) pc-pc_pmap = NULL; mtx_unlock_spin(sched_lock); + pmap_qremove((vm_offset_t)pm-pm_tsb, TSB_PAGES); obj = pm-pm_tsb_obj; VM_OBJECT_LOCK(obj); KASSERT(obj-ref_count == 1, (pmap_release: tsbobj ref count != 1)); @@ -1305,7 +1306,6 @@ pmap_release(pmap_t pm) vm_page_free_zero(m); } VM_OBJECT_UNLOCK(obj); - pmap_qremove((vm_offset_t)pm-pm_tsb, TSB_PAGES); PMAP_LOCK_DESTROY(pm); } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223796 - in head/sys: amd64/include i386/include
Author: jkim Date: Tue Jul 5 18:42:10 2011 New Revision: 223796 URL: http://svn.freebsd.org/changeset/base/223796 Log: Correct cpu_monitor() and cpu_mwait() for amd64. These instructions take %rcx as extensions in long mode. If any unused bit is set in %rcx, these instructions cause general protection fault. Fix style nits and synchronize i386 with amd64. Modified: head/sys/amd64/include/cpufunc.h head/sys/i386/include/cpufunc.h Modified: head/sys/amd64/include/cpufunc.h == --- head/sys/amd64/include/cpufunc.hTue Jul 5 18:40:37 2011 (r223795) +++ head/sys/amd64/include/cpufunc.hTue Jul 5 18:42:10 2011 (r223796) @@ -467,16 +467,18 @@ load_es(u_short sel) } static __inline void -cpu_monitor(const void *addr, int extensions, int hints) +cpu_monitor(const void *addr, u_long extensions, u_int hints) { - __asm __volatile(monitor; - : :a (addr), c (extensions), d(hints)); + + __asm __volatile(monitor + : : a (addr), c (extensions), d (hints)); } static __inline void -cpu_mwait(int extensions, int hints) +cpu_mwait(u_long extensions, u_int hints) { - __asm __volatile(mwait; : :a (hints), c (extensions)); + + __asm __volatile(mwait : : a (hints), c (extensions)); } #ifdef _KERNEL Modified: head/sys/i386/include/cpufunc.h == --- head/sys/i386/include/cpufunc.h Tue Jul 5 18:40:37 2011 (r223795) +++ head/sys/i386/include/cpufunc.h Tue Jul 5 18:42:10 2011 (r223796) @@ -133,16 +133,18 @@ enable_intr(void) } static __inline void -cpu_monitor(const void *addr, int extensions, int hints) +cpu_monitor(const void *addr, u_long extensions, u_int hints) { - __asm __volatile(monitor; - : :a (addr), c (extensions), d(hints)); + + __asm __volatile(monitor + : : a (addr), c (extensions), d (hints)); } static __inline void -cpu_mwait(int extensions, int hints) +cpu_mwait(u_long extensions, u_int hints) { - __asm __volatile(mwait; : :a (hints), c (extensions)); + + __asm __volatile(mwait : : a (hints), c (extensions)); } static __inline void ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223797 - head/sys/netinet
Author: cperciva Date: Tue Jul 5 18:43:54 2011 New Revision: 223797 URL: http://svn.freebsd.org/changeset/base/223797 Log: Don't allow lro-len to exceed 65535, as this will result in overflow when len is inserted back into the synthetic IP packet and cause a multiple of 2^16 bytes of TCP packet loss. This improves Linux-FreeBSD netperf bandwidth by a factor of 300 in testing on Amazon EC2. Reviewed by: jfv MFC after:2 weeks Modified: head/sys/netinet/tcp_lro.c Modified: head/sys/netinet/tcp_lro.c == --- head/sys/netinet/tcp_lro.c Tue Jul 5 18:42:10 2011(r223796) +++ head/sys/netinet/tcp_lro.c Tue Jul 5 18:43:54 2011(r223797) @@ -277,6 +277,14 @@ tcp_lro_rx(struct lro_ctrl *cntl, struct lro-dest_port == tcp-th_dport lro-source_ip == ip-ip_src.s_addr lro-dest_ip == ip-ip_dst.s_addr) { + /* Flush now if appending will result in overflow. */ + if (lro-len (65535 - tcp_data_len)) { + SLIST_REMOVE(cntl-lro_active, lro, +lro_entry, next); + tcp_lro_flush(cntl, lro); + break; + } + /* Try to append it */ if (__predict_false(seq != lro-next_seq || ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223798 - head/sys/sparc64/sparc64
Author: marius Date: Tue Jul 5 18:46:19 2011 New Revision: 223798 URL: http://svn.freebsd.org/changeset/base/223798 Log: In pmap_remove_all() assert that the page is neither fictitious nor unmanaged as also done on other architectures. Reviewed by: alc Modified: head/sys/sparc64/sparc64/pmap.c Modified: head/sys/sparc64/sparc64/pmap.c == --- head/sys/sparc64/sparc64/pmap.c Tue Jul 5 18:43:54 2011 (r223797) +++ head/sys/sparc64/sparc64/pmap.c Tue Jul 5 18:46:19 2011 (r223798) @@ -1387,6 +1387,8 @@ pmap_remove_all(vm_page_t m) struct tte *tp; vm_offset_t va; + KASSERT((m-flags (PG_FICTITIOUS | PG_UNMANAGED)) == 0, + (pmap_remove_all: page %p is not managed, m)); vm_page_lock_queues(); for (tp = TAILQ_FIRST(m-md.tte_list); tp != NULL; tp = tpn) { tpn = TAILQ_NEXT(tp, tte_link); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223799 - head/sys/netinet
Author: cperciva Date: Tue Jul 5 18:49:55 2011 New Revision: 223799 URL: http://svn.freebsd.org/changeset/base/223799 Log: Remove #ifdef notyet code dating back to 4.3BSD Net/2 (and possibly earlier). I think the benefit of making the code cleaner and easier to understand outweighs the humour of leaving this intact (or possibly changing it to #ifdef not_yet_and_probably_never). MFC after:2 weeks Modified: head/sys/netinet/tcp_output.c Modified: head/sys/netinet/tcp_output.c == --- head/sys/netinet/tcp_output.c Tue Jul 5 18:46:19 2011 (r223798) +++ head/sys/netinet/tcp_output.c Tue Jul 5 18:49:55 2011 (r223799) @@ -84,10 +84,6 @@ __FBSDID($FreeBSD$); #include security/mac/mac_framework.h -#ifdef notyet -extern struct mbuf *m_copypack(); -#endif - VNET_DEFINE(int, path_mtu_discovery) = 1; SYSCTL_VNET_INT(_net_inet_tcp, OID_AUTO, path_mtu_discovery, CTLFLAG_RW, VNET_NAME(path_mtu_discovery), 1, @@ -820,19 +816,6 @@ send: TCPSTAT_INC(tcps_sndpack); TCPSTAT_ADD(tcps_sndbyte, len); } -#ifdef notyet - if ((m = m_copypack(so-so_snd.sb_mb, off, - (int)len, max_linkhdr + hdrlen)) == 0) { - SOCKBUF_UNLOCK(so-so_snd); - error = ENOBUFS; - goto out; - } - /* -* m_copypack left space for our hdr; use it. -*/ - m-m_len += hdrlen; - m-m_data -= hdrlen; -#else MGETHDR(m, M_DONTWAIT, MT_DATA); if (m == NULL) { SOCKBUF_UNLOCK(so-so_snd); @@ -872,7 +855,7 @@ send: goto out; } } -#endif /* notyet */ + /* * If we're sending everything we've got, set PUSH. * (This will keep happy those implementations which only ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223800 - in head/sys/sparc64: include sparc64
Author: marius Date: Tue Jul 5 18:50:40 2011 New Revision: 223800 URL: http://svn.freebsd.org/changeset/base/223800 Log: - pmap_cache_remove() and pmap_protect_tte() are only used within pmap.c so static'ize them. - Correct a typo. Modified: head/sys/sparc64/include/pmap.h head/sys/sparc64/sparc64/pmap.c Modified: head/sys/sparc64/include/pmap.h == --- head/sys/sparc64/include/pmap.h Tue Jul 5 18:49:55 2011 (r223799) +++ head/sys/sparc64/include/pmap.h Tue Jul 5 18:50:40 2011 (r223800) @@ -90,12 +90,9 @@ void pmap_kremove_flags(vm_offset_t va); boolean_t pmap_page_is_mapped(vm_page_t m); intpmap_cache_enter(vm_page_t m, vm_offset_t va); -void pmap_cache_remove(vm_page_t m, vm_offset_t va); intpmap_remove_tte(struct pmap *pm1, struct pmap *pm2, struct tte *tp, vm_offset_t va); -intpmap_protect_tte(struct pmap *pm1, struct pmap *pm2, struct tte *tp, -vm_offset_t va); void pmap_map_tsb(void); void pmap_set_kctx(void); Modified: head/sys/sparc64/sparc64/pmap.c == --- head/sys/sparc64/sparc64/pmap.c Tue Jul 5 18:49:55 2011 (r223799) +++ head/sys/sparc64/sparc64/pmap.c Tue Jul 5 18:50:40 2011 (r223800) @@ -152,6 +152,9 @@ struct pmap kernel_pmap_store; static vm_paddr_t pmap_bootstrap_alloc(vm_size_t size, uint32_t colors); static void pmap_bootstrap_set_tte(struct tte *tp, u_long vpn, u_long data); +static void pmap_cache_remove(vm_page_t m, vm_offset_t va); +static int pmap_protect_tte(struct pmap *pm1, struct pmap *pm2, +struct tte *tp, vm_offset_t va); /* * Map the given physical page at the specified virtual address in the @@ -956,7 +959,7 @@ pmap_cache_enter(vm_page_t m, vm_offset_ return (0); } -void +static void pmap_cache_remove(vm_page_t m, vm_offset_t va) { struct tte *tp; @@ -1415,7 +1418,7 @@ pmap_remove_all(vm_page_t m) vm_page_unlock_queues(); } -int +static int pmap_protect_tte(struct pmap *pm, struct pmap *pm2, struct tte *tp, vm_offset_t va) { @@ -1984,7 +1987,7 @@ pmap_page_wired_mappings(vm_page_t m) /* * Remove all pages from specified address space, this aids process exit - * speeds. This is much faster than pmap_remove n the case of running down + * speeds. This is much faster than pmap_remove in the case of running down * an entire address space. Only works for the current pmap. */ void ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223801 - head/sys/sparc64/sparc64
Author: marius Date: Tue Jul 5 18:55:56 2011 New Revision: 223801 URL: http://svn.freebsd.org/changeset/base/223801 Log: It can be useful to know which page still has mappings. Modified: head/sys/sparc64/sparc64/vm_machdep.c Modified: head/sys/sparc64/sparc64/vm_machdep.c == --- head/sys/sparc64/sparc64/vm_machdep.c Tue Jul 5 18:50:40 2011 (r223800) +++ head/sys/sparc64/sparc64/vm_machdep.c Tue Jul 5 18:55:56 2011 (r223801) @@ -525,7 +525,7 @@ uma_small_alloc(uma_zone_t zone, int byt pa = VM_PAGE_TO_PHYS(m); if (dcache_color_ignore == 0 m-md.color != DCACHE_COLOR(pa)) { KASSERT(m-md.colors[0] == 0 m-md.colors[1] == 0, - (uma_small_alloc: free page still has mappings!)); + (uma_small_alloc: free page %p still has mappings!, m)); PMAP_STATS_INC(uma_nsmall_alloc_oc); m-md.color = DCACHE_COLOR(pa); dcache_page_inval(pa); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223802 - head
Author: rmacklem Date: Tue Jul 5 19:26:58 2011 New Revision: 223802 URL: http://svn.freebsd.org/changeset/base/223802 Log: Delete files made obsolete because they were moved to sys/nfs in order to be shared by both NFS clients. Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Tue Jul 5 18:55:56 2011(r223801) +++ head/ObsoleteFiles.inc Tue Jul 5 19:26:58 2011(r223802) @@ -38,6 +38,9 @@ # xargs -n1 | sort | uniq -d; # done +# 20110705: files moved so both NFS clients can share them +OLD_FILES+=usr/include/nfsclient/krpc.h +OLD_FILES+=usr/include/nfsclient/nfsdiskless.h # 20110705: the switch of default NFS client to the new one OLD_FILES+=sbin/mount_newnfs OLD_FILES+=usr/share/man/man8/mount_newnfs.8.gz ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223806 - head/sys/sparc64/sparc64
Author: marius Date: Tue Jul 5 20:05:06 2011 New Revision: 223806 URL: http://svn.freebsd.org/changeset/base/223806 Log: Remove the IDR_CHEETAH_MAX_BN_PAIRS limit from cheetah_ipi_selected(). This is just a simple approach. For reasons unknown OpenSolaris uses a more sophisticated one involving IPIing the remaining CPUs in reverse order after the first batch of 32. Modified: head/sys/sparc64/sparc64/mp_machdep.c Modified: head/sys/sparc64/sparc64/mp_machdep.c == --- head/sys/sparc64/sparc64/mp_machdep.c Tue Jul 5 19:48:57 2011 (r223805) +++ head/sys/sparc64/sparc64/mp_machdep.c Tue Jul 5 20:05:06 2011 (r223806) @@ -139,8 +139,6 @@ static cpu_ipi_single_t spitfire_ipi_sin SYSINIT(cpu_mp_unleash, SI_SUB_SMP, SI_ORDER_FIRST, cpu_mp_unleash, NULL); -CTASSERT(MAXCPU = IDR_CHEETAH_MAX_BN_PAIRS); - void mp_init(u_int cpu_impl) { @@ -696,6 +694,8 @@ cheetah_ipi_selected(cpuset_t cpus, u_lo ASI_SDB_INTR_W, 0); membar(Sync); bnp++; + if (bnp == IDR_CHEETAH_MAX_BN_PAIRS) + break; } } while (((ids = ldxa(0, ASI_INTR_DISPATCH_STATUS)) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223811 - head/contrib/bind9/lib/isc/sparc64/include/isc
Author: dougb Date: Wed Jul 6 00:47:27 2011 New Revision: 223811 URL: http://svn.freebsd.org/changeset/base/223811 Log: Apply bug fixes Submitted by: marius Modified: head/contrib/bind9/lib/isc/sparc64/include/isc/atomic.h Modified: head/contrib/bind9/lib/isc/sparc64/include/isc/atomic.h == --- head/contrib/bind9/lib/isc/sparc64/include/isc/atomic.h Tue Jul 5 23:31:40 2011(r223810) +++ head/contrib/bind9/lib/isc/sparc64/include/isc/atomic.h Wed Jul 6 00:47:27 2011(r223811) @@ -72,9 +72,9 @@ isc_atomic_xadd(isc_int32_t *p, isc_int3 for (prev = *(volatile isc_int32_t *)p; ; prev = swapped) { swapped = prev + val; __asm__ volatile( - casa [%1] %2, %3, %0 - : +r(swapped) - : r(p), n(ASI_P), r(prev)); + casa [%2] %3, %4, %0 + : +r(swapped), =m(*p) + : r(p), n(ASI_P), r(prev), m(*p)); if (swapped == prev) break; } @@ -92,10 +92,9 @@ isc_atomic_store(isc_int32_t *p, isc_int for (prev = *(volatile isc_int32_t *)p; ; prev = swapped) { swapped = val; __asm__ volatile( - casa [%1] %2, %3, %0 - : +r(swapped) - : r(p), n(ASI_P), r(prev) - : memory); + casa [%2] %3, %4, %0 + : +r(swapped), =m(*p) + : r(p), n(ASI_P), r(prev), m(*p)); if (swapped == prev) break; } @@ -111,9 +110,9 @@ isc_atomic_cmpxchg(isc_int32_t *p, isc_i isc_int32_t temp = val; __asm__ volatile( - casa [%1] %2, %3, %0 - : +r(temp) - : r(p), n(ASI_P), r(cmpval)); + casa [%2] %3, %4, %0 + : +r(temp), =m(*p) + : r(p), n(ASI_P), r(cmpval), m(*p)); return (temp); } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r223812 - in head/contrib/bind9: . bin/named lib/dns lib/dns/include/dns
Author: dougb Date: Wed Jul 6 00:48:31 2011 New Revision: 223812 URL: http://svn.freebsd.org/changeset/base/223812 Log: Update to version 9.6-ESV-R4-P3 ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY This update addresses the following vulnerability: CVE-2011-2464 = Severity: High Exploitable: Remotely Description: A defect in the affected BIND 9 versions allows an attacker to remotely cause the named process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 https://www.isc.org/software/bind/advisories/cve-2011-2464 Modified: head/contrib/bind9/CHANGES head/contrib/bind9/bin/named/bind9.xsl.h head/contrib/bind9/lib/dns/api head/contrib/bind9/lib/dns/include/dns/masterdump.h head/contrib/bind9/lib/dns/include/dns/rdataset.h head/contrib/bind9/lib/dns/masterdump.c head/contrib/bind9/lib/dns/message.c head/contrib/bind9/lib/dns/ncache.c head/contrib/bind9/lib/dns/rbtdb.c head/contrib/bind9/lib/dns/rdataset.c head/contrib/bind9/lib/dns/resolver.c head/contrib/bind9/lib/dns/validator.c head/contrib/bind9/version Directory Properties: head/contrib/bind9/ (props changed) Modified: head/contrib/bind9/CHANGES == --- head/contrib/bind9/CHANGES Wed Jul 6 00:47:27 2011(r223811) +++ head/contrib/bind9/CHANGES Wed Jul 6 00:48:31 2011(r223812) @@ -1,3 +1,16 @@ + --- 9.6-ESV-R4-P3 released --- + +3124. [bug] Use an rdataset attribute flag to indicate + negative-cache records rather than using rrtype 0; + this will prevent problems when that rrtype is + used in actual DNS packets. [RT #24777] + + --- 9.6-ESV-R4-P2 released (withdrawn) --- + +3123. [security] Change #2912 exposed a latent flaw in + dns_rdataset_totext() that could cause named to + crash with an assertion failure. [RT #24777] + --- 9.6-ESV-R4-P1 released --- 3121. [security] An authoritative name server sending a negative Modified: head/contrib/bind9/bin/named/bind9.xsl.h == --- head/contrib/bind9/bin/named/bind9.xsl.hWed Jul 6 00:47:27 2011 (r223811) +++ head/contrib/bind9/bin/named/bind9.xsl.hWed Jul 6 00:48:31 2011 (r223812) @@ -1,6 +1,6 @@ /* - * Generated by convertxsl.pl 1.14 2008/07/17 23:43:26 jinmei Exp - * From bind9.xsl 1.19.82.2 2009/01/29 23:47:43 tbox Exp + * Generated by convertxsl.pl 1.14 2008-07-17 23:43:26 jinmei Exp + * From bind9.xsl 1.19.82.2 2009-01-29 23:47:43 tbox Exp */ static char xslmsg[] = ?xml version=\1.0\ encoding=\UTF-8\?\n @@ -20,7 +20,7 @@ static char xslmsg[] = - PERFORMANCE OF THIS SOFTWARE.\n --\n \n - !-- \045Id: bind9.xsl,v 1.19.82.2 2009/01/29 23:47:43 tbox Exp \045 --\n + !-- \045Id: bind9.xsl,v 1.19.82.2 2009-01-29 23:47:43 tbox Exp \045 --\n \n xsl:stylesheet version=\1.0\\n xmlns:xsl=\http://www.w3.org/1999/XSL/Transform\\n; Modified: head/contrib/bind9/lib/dns/api == --- head/contrib/bind9/lib/dns/api Wed Jul 6 00:47:27 2011 (r223811) +++ head/contrib/bind9/lib/dns/api Wed Jul 6 00:48:31 2011 (r223812) @@ -1,3 +1,3 @@ LIBINTERFACE = 59 -LIBREVISION = 4 +LIBREVISION = 5 LIBAGE = 1 Modified: head/contrib/bind9/lib/dns/include/dns/masterdump.h == --- head/contrib/bind9/lib/dns/include/dns/masterdump.h Wed Jul 6 00:47:27 2011(r223811) +++ head/contrib/bind9/lib/dns/include/dns/masterdump.h Wed Jul 6 00:48:31 2011(r223812) @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2008 Internet Systems Consortium, Inc. (ISC) + * Copyright (C) 2004-2008, 2011 Internet Systems Consortium, Inc. (ISC) * Copyright (C) 1999-2002 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: masterdump.h,v 1.42.602.1 2011-05-27 00:19:19 each Exp $ */ +/* $Id: masterdump.h,v 1.42.602.2 2011-06-02 23:46:22 tbox Exp $ */ #ifndef DNS_MASTERDUMP_H #define DNS_MASTERDUMP_H 1 Modified: head/contrib/bind9/lib/dns/include/dns/rdataset.h == --- head/contrib/bind9/lib/dns/include/dns/rdataset.h Wed Jul 6 00:47:27 2011(r223811) +++