svn commit: r360186 - stable/12/usr.bin/gzip

[Xin LI]

Author: delphij
Date: Wed Apr 22 05:54:46 2020
New Revision: 360186
URL: https://svnweb.freebsd.org/changeset/base/360186

Log:
  MFC r358988: Remove unneeded checks for prelen.

Modified:
  stable/12/usr.bin/gzip/gzip.c
  stable/12/usr.bin/gzip/unlz.c
  stable/12/usr.bin/gzip/unpack.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/usr.bin/gzip/gzip.c
==
--- stable/12/usr.bin/gzip/gzip.c   Wed Apr 22 05:14:52 2020
(r360185)
+++ stable/12/usr.bin/gzip/gzip.c   Wed Apr 22 05:54:46 2020
(r360186)
@@ -1443,7 +1443,7 @@ file_uncompress(char *file, char *outfile, size_t outs
struct stat isb, osb;
off_t size;
ssize_t rbytes;
-   unsigned char header1[4];
+   unsigned char fourbytes[4];
enum filetype method;
int fd, ofd, zfd = -1;
int error;
@@ -1477,8 +1477,8 @@ file_uncompress(char *file, char *outfile, size_t outs
goto lose;
}
 
-   rbytes = read(fd, header1, sizeof header1);
-   if (rbytes != sizeof header1) {
+   rbytes = read(fd, fourbytes, sizeof fourbytes);
+   if (rbytes != sizeof fourbytes) {
/* we don't want to fail here. */
 #ifndef SMALL
if (fflag)
@@ -1492,7 +1492,7 @@ file_uncompress(char *file, char *outfile, size_t outs
}
infile_newdata(rbytes);
 
-   method = file_gettype(header1);
+   method = file_gettype(fourbytes);
 #ifndef SMALL
if (fflag == 0 && method == FT_UNKNOWN) {
maybe_warnx("%s: not in gzip format", file);
@@ -1516,7 +1516,7 @@ file_uncompress(char *file, char *outfile, size_t outs
infile_newdata(rv);
timestamp = le32dec([0]);
 
-   if (header1[3] & ORIG_NAME) {
+   if (fourbytes[3] & ORIG_NAME) {
rbytes = pread(fd, name, sizeof(name) - 1, 
GZIP_ORIGNAME);
if (rbytes < 0) {
maybe_warn("can't read %s", file);
@@ -1818,7 +1818,7 @@ static void
 handle_stdin(void)
 {
struct stat isb;
-   unsigned char header1[4];
+   unsigned char fourbytes[4];
size_t in_size;
off_t usize, gsize;
enum filetype method;
@@ -1849,16 +1849,16 @@ handle_stdin(void)
goto out;
}
 
-   bytes_read = read_retry(STDIN_FILENO, header1, sizeof header1);
+   bytes_read = read_retry(STDIN_FILENO, fourbytes, sizeof fourbytes);
if (bytes_read == -1) {
maybe_warn("can't read stdin");
goto out;
-   } else if (bytes_read != sizeof(header1)) {
+   } else if (bytes_read != sizeof(fourbytes)) {
maybe_warnx("(stdin): unexpected end of file");
goto out;
}
 
-   method = file_gettype(header1);
+   method = file_gettype(fourbytes);
switch (method) {
default:
 #ifndef SMALL
@@ -1866,17 +1866,17 @@ handle_stdin(void)
maybe_warnx("unknown compression format");
goto out;
}
-   usize = cat_fd(header1, sizeof header1, , STDIN_FILENO);
+   usize = cat_fd(fourbytes, sizeof fourbytes, , 
STDIN_FILENO);
break;
 #endif
case FT_GZIP:
usize = gz_uncompress(STDIN_FILENO, STDOUT_FILENO,
- (char *)header1, sizeof header1, , 
"(stdin)");
+ (char *)fourbytes, sizeof fourbytes, , 
"(stdin)");
break;
 #ifndef NO_BZIP2_SUPPORT
case FT_BZIP2:
usize = unbzip2(STDIN_FILENO, STDOUT_FILENO,
-   (char *)header1, sizeof header1, );
+   (char *)fourbytes, sizeof fourbytes, );
break;
 #endif
 #ifndef NO_COMPRESS_SUPPORT
@@ -1886,27 +1886,27 @@ handle_stdin(void)
goto out;
}
 
-   usize = zuncompress(in, stdout, (char *)header1,
-   sizeof header1, );
+   usize = zuncompress(in, stdout, (char *)fourbytes,
+   sizeof fourbytes, );
fclose(in);
break;
 #endif
 #ifndef NO_PACK_SUPPORT
case FT_PACK:
usize = unpack(STDIN_FILENO, STDOUT_FILENO,
-  (char *)header1, sizeof header1, );
+  (char *)fourbytes, sizeof fourbytes, );
break;
 #endif
 #ifndef NO_XZ_SUPPORT
case FT_XZ:
usize = unxz(STDIN_FILENO, STDOUT_FILENO,
-(char *)header1, sizeof header1, );
+(char *)fourbytes, sizeof fourbytes, );
break;
 #endif
 #ifndef NO_LZ_SUPPORT
case FT_LZ:
usize = unlz(STDIN_FILENO, STDOUT_FILENO,
-(char *)header1, 

svn commit: r360185 - stable/11/sys/dev/evdev

[Xin LI]

Author: delphij
Date: Wed Apr 22 05:14:52 2020
New Revision: 360185
URL: https://svnweb.freebsd.org/changeset/base/360185

Log:
  MFC r360104: Use LIST_FOREACH_SAFE instead of LIST_FOREACH as we are
  removing elements in the middle.
  
  This fixes a panic when detaching USB mouse.
  
  PR:   245732
  Reviewed by:  wulf

Modified:
  stable/11/sys/dev/evdev/evdev.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/dev/evdev/evdev.c
==
--- stable/11/sys/dev/evdev/evdev.c Wed Apr 22 05:08:42 2020
(r360184)
+++ stable/11/sys/dev/evdev/evdev.c Wed Apr 22 05:14:52 2020
(r360185)
@@ -354,7 +354,7 @@ evdev_register_mtx(struct evdev_dev *evdev, struct mtx
 int
 evdev_unregister(struct evdev_dev *evdev)
 {
-   struct evdev_client *client;
+   struct evdev_client *client, *tmp;
int ret;
debugf(evdev, "%s: unregistered evdev provider: %s\n",
evdev->ev_shortname, evdev->ev_name);
@@ -364,7 +364,7 @@ evdev_unregister(struct evdev_dev *evdev)
EVDEV_LOCK(evdev);
evdev->ev_cdev->si_drv1 = NULL;
/* Wake up sleepers */
-   LIST_FOREACH(client, >ev_clients, ec_link) {
+   LIST_FOREACH_SAFE(client, >ev_clients, ec_link, tmp) {
evdev_revoke_client(client);
evdev_dispose_client(evdev, client);
EVDEV_CLIENT_LOCKQ(client);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360184 - stable/12/sys/dev/evdev

[Xin LI]

Author: delphij
Date: Wed Apr 22 05:08:42 2020
New Revision: 360184
URL: https://svnweb.freebsd.org/changeset/base/360184

Log:
  MFC r360104: Use LIST_FOREACH_SAFE instead of LIST_FOREACH as we are
  removing elements in the middle.
  
  This fixes a panic when detaching USB mouse.
  
  PR:   245732
  Reviewed by:  wulf

Modified:
  stable/12/sys/dev/evdev/evdev.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/sys/dev/evdev/evdev.c
==
--- stable/12/sys/dev/evdev/evdev.c Wed Apr 22 04:05:02 2020
(r360183)
+++ stable/12/sys/dev/evdev/evdev.c Wed Apr 22 05:08:42 2020
(r360184)
@@ -356,7 +356,7 @@ evdev_register_mtx(struct evdev_dev *evdev, struct mtx
 int
 evdev_unregister(struct evdev_dev *evdev)
 {
-   struct evdev_client *client;
+   struct evdev_client *client, *tmp;
int ret;
debugf(evdev, "%s: unregistered evdev provider: %s\n",
evdev->ev_shortname, evdev->ev_name);
@@ -366,7 +366,7 @@ evdev_unregister(struct evdev_dev *evdev)
EVDEV_LOCK(evdev);
evdev->ev_cdev->si_drv1 = NULL;
/* Wake up sleepers */
-   LIST_FOREACH(client, >ev_clients, ec_link) {
+   LIST_FOREACH_SAFE(client, >ev_clients, ec_link, tmp) {
evdev_revoke_client(client);
evdev_dispose_client(evdev, client);
EVDEV_CLIENT_LOCKQ(client);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360183 - head/lib/libc/sys

[Kyle Evans]

Author: kevans
Date: Wed Apr 22 04:05:02 2020
New Revision: 360183
URL: https://svnweb.freebsd.org/changeset/base/360183

Log:
  kqueue(2): de-vandalize the random sentence in the middle
  
  A last minute change appears to have inadvertently vandalized unrelated
  parts of the manpage with the date. =-(
  
  Reported by:  rpokala

Modified:
  head/lib/libc/sys/kqueue.2

Modified: head/lib/libc/sys/kqueue.2
==
--- head/lib/libc/sys/kqueue.2  Wed Apr 22 03:45:52 2020(r360182)
+++ head/lib/libc/sys/kqueue.2  Wed Apr 22 04:05:02 2020(r360183)
@@ -63,7 +63,8 @@ the event no longer holds, the kevent is removed from 
 is not returned.
 .Pp
 Multiple events which trigger the filter do not result in multiple
-kevents being placed on the kqueue; instead, the filter wiApril 21, 2020the 
events into a single struct kevent.
+kevents being placed on the kqueue; instead, the filter will aggregate
+the events into a single struct kevent.
 Calling
 .Fn close
 on a file descriptor will remove any kevents that reference the descriptor.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360182 - head/lib/libc/sys

[Kyle Evans]

Author: kevans
Date: Wed Apr 22 03:45:52 2020
New Revision: 360182
URL: https://svnweb.freebsd.org/changeset/base/360182

Log:
  kqueue(2): add a note about EV_RECEIPT
  
  In the below-referenced PR, a case is attached of a simple reproducer that
  exhibits suboptimal behavior: EVFILT_READ and EVFILT_WRITE being set in the
  same kevent(2) call will only honor the first one. This is, in-fact, how
  it's supposed to work.
  
  A read of the manpage leads me to believe we could be more clear about this;
  right now there's a logical leap to make in the relevant statement: "When
  passed as input, it forces EV_ERROR to always be returned." -- the logical
  leap being that this indicates the caller should have allocated space for
  the change to be returned with EV_ERROR indicated in the events, or
  subsequent filters will get dropped on the floor.
  
  Another possible workaround that accomplishes similar effect without needing
  space for all events is just setting EV_RECEIPT on the final change being
  passed in; if any errored before it, the kqueue would not be drained. If we
  made it to the final change with EV_RECEIPT set, then we would return that
  one with EV_ERROR and still not drain the kqueue. This would seem to not be
  all that advisable.
  
  PR:   229741
  MFC after:1 week

Modified:
  head/lib/libc/sys/kqueue.2

Modified: head/lib/libc/sys/kqueue.2
==
--- head/lib/libc/sys/kqueue.2  Wed Apr 22 00:42:10 2020(r360181)
+++ head/lib/libc/sys/kqueue.2  Wed Apr 22 03:45:52 2020(r360182)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd July 27, 2018
+.Dd April 21, 2020
 .Dt KQUEUE 2
 .Os
 .Sh NAME
@@ -63,8 +63,7 @@ the event no longer holds, the kevent is removed from 
 is not returned.
 .Pp
 Multiple events which trigger the filter do not result in multiple
-kevents being placed on the kqueue; instead, the filter will aggregate
-the events into a single struct kevent.
+kevents being placed on the kqueue; instead, the filter wiApril 21, 2020the 
events into a single struct kevent.
 Calling
 .Fn close
 on a file descriptor will remove any kevents that reference the descriptor.
@@ -233,6 +232,11 @@ to always be returned.
 When a filter is successfully added the
 .Va data
 field will be zero.
+Note that if this flag is encountered and there is no remaining space in
+.Fa eventlist
+to hold the
+.Dv EV_ERROR
+event, then subsequent changes will not get processed.
 .It Dv EV_ONESHOT
 Causes the event to return only the first occurrence of the filter
 being triggered.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360181 - in head/sys: arm64/broadcom/genet arm64/conf arm64/include conf

[Mike Karels]

Author: karels
Date: Wed Apr 22 00:42:10 2020
New Revision: 360181
URL: https://svnweb.freebsd.org/changeset/base/360181

Log:
  Add genet driver for Raspberry Pi 4B Ethernet
  
  Add driver for Broadcom "GENET" version 5, as found in BCM-2711 on
  Raspberry Pi 4B. The driver is derived in part from the bcmgenet.c
  driver in NetBSD, along with bcmgenetreg.h.
  
  Reviewed by:  manu
  Obtained from:in part from NetBSD
  Relnotes: yes, note addition
  Differential Revision:https://reviews.freebsd.org/D24436

Added:
  head/sys/arm64/broadcom/genet/
  head/sys/arm64/broadcom/genet/if_genet.c   (contents, props changed)
  head/sys/arm64/broadcom/genet/if_genetreg.h   (contents, props changed)
Modified:
  head/sys/arm64/conf/GENERIC
  head/sys/arm64/include/bus.h
  head/sys/conf/files.arm64

Added: head/sys/arm64/broadcom/genet/if_genet.c
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/sys/arm64/broadcom/genet/if_genet.cWed Apr 22 00:42:10 2020
(r360181)
@@ -0,0 +1,1678 @@
+/*-
+ * Copyright (c) 2020 Michael J Karels
+ * Copyright (c) 2016, 2020 Jared McNeill 
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+ * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+ * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+/*
+ * RPi4 (BCM 2711) Gigabit Ethernet ("GENET") controller
+ *
+ * This driver is derived in large part from bcmgenet.c from NetBSD by
+ * Jared McNeill.  Parts of the structure and other common code in
+ * this driver have been copied from if_awg.c for the Allwinner EMAC,
+ * also by Jared McNeill.
+ */
+
+#include "opt_device_polling.h"
+
+#include 
+__FBSDID("$FreeBSD$");
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+
+#include 
+#include 
+
+#define __BIT(_x)  (1 << (_x))
+#include "if_genetreg.h"
+
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+#include "syscon_if.h"
+#include "miibus_if.h"
+#include "gpio_if.h"
+
+#defineRD4(sc, reg)bus_read_4((sc)->res[_RES_MAC], (reg))
+#defineWR4(sc, reg, val)   bus_write_4((sc)->res[_RES_MAC], (reg), 
(val))
+
+#defineGEN_LOCK(sc)mtx_lock(&(sc)->mtx)
+#defineGEN_UNLOCK(sc)  mtx_unlock(&(sc)->mtx)
+#defineGEN_ASSERT_LOCKED(sc)   mtx_assert(&(sc)->mtx, MA_OWNED)
+#defineGEN_ASSERT_UNLOCKED(sc) mtx_assert(&(sc)->mtx, MA_NOTOWNED)
+
+#defineTX_DESC_COUNT   GENET_DMA_DESC_COUNT
+#defineRX_DESC_COUNT   GENET_DMA_DESC_COUNT
+
+#defineTX_NEXT(n, count)   (((n) + 1) & ((count) - 1))
+#defineRX_NEXT(n, count)   (((n) + 1) & ((count) - 1))
+
+
+#defineTX_MAX_SEGS 20
+
+/* Maximum number of mbufs to send to if_input */
+static int gen_rx_batch = 16 /* RX_BATCH_DEFAULT */;
+TUNABLE_INT("hw.gen.rx_batch", _rx_batch);
+
+static struct ofw_compat_data compat_data[] = {
+   { "brcm,genet-v1",  1 },
+   { "brcm,genet-v2",  2 },
+   { "brcm,genet-v3",  3 },
+   { "brcm,genet-v4",  4 },
+   { "brcm,genet-v5",  5 },
+   { NULL, 0 }
+};
+
+enum {
+   _RES_MAC,   /* what to call this? */
+   _RES_IRQ1,
+   _RES_IRQ2,
+   _RES_NITEMS
+};
+
+static struct resource_spec gen_spec[] = {
+   { SYS_RES_MEMORY,   0,  RF_ACTIVE },
+   { SYS_RES_IRQ,  0,  RF_ACTIVE },
+   { SYS_RES_IRQ,  1,  RF_ACTIVE },
+   { -1, 0 }
+};
+
+/* structure per ring entry */
+struct 

svn commit: r360180 - in head/sys/netinet: . tcp_stacks

[Richard Scheffenegger]

Author: rscheff
Date: Wed Apr 22 00:16:42 2020
New Revision: 360180
URL: https://svnweb.freebsd.org/changeset/base/360180

Log:
  revert rS360143 - Correctly set up  initial cwnd
  due to syzkaller panics found
  
  Reported by:  tuexen
  Approved by:  tuexen (mentor)
  Sponsored by: NetApp, Inc.

Modified:
  head/sys/netinet/tcp_input.c
  head/sys/netinet/tcp_stacks/bbr.c
  head/sys/netinet/tcp_stacks/rack.c

Modified: head/sys/netinet/tcp_input.c
==
--- head/sys/netinet/tcp_input.cTue Apr 21 23:38:54 2020
(r360179)
+++ head/sys/netinet/tcp_input.cWed Apr 22 00:16:42 2020
(r360180)
@@ -2374,6 +2374,12 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru
if (IS_FASTOPEN(tp->t_flags) && tp->t_tfo_pending) {
tcp_fastopen_decrement_counter(tp->t_tfo_pending);
tp->t_tfo_pending = NULL;
+
+   /*
+* Account for the ACK of our SYN prior to
+* regular ACK processing below.
+*/
+   tp->snd_una++;
}
if (tp->t_flags & TF_NEEDFIN) {
tcp_state_change(tp, TCPS_FIN_WAIT_1);
@@ -2393,12 +2399,6 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru
cc_conn_init(tp);
tcp_timer_activate(tp, TT_KEEP, TP_KEEPIDLE(tp));
}
-   if (SEQ_GT(th->th_ack, tp->snd_una))
-   /*
-* Account for the ACK of our SYN prior to
-* regular ACK processing below.
-*/
-   tp->snd_una++;
/*
 * If segment contains data or ACK, will call tcp_reass()
 * later; if not, do so now to pass queued data to user.

Modified: head/sys/netinet/tcp_stacks/bbr.c
==
--- head/sys/netinet/tcp_stacks/bbr.c   Tue Apr 21 23:38:54 2020
(r360179)
+++ head/sys/netinet/tcp_stacks/bbr.c   Wed Apr 22 00:16:42 2020
(r360180)
@@ -9325,6 +9325,11 @@ bbr_do_syn_recv(struct mbuf *m, struct tcphdr *th, str
 
tcp_fastopen_decrement_counter(tp->t_tfo_pending);
tp->t_tfo_pending = NULL;
+   /*
+* Account for the ACK of our SYN prior to regular
+* ACK processing below.
+*/
+   tp->snd_una++;
}
/*
 * Make transitions: SYN-RECEIVED  -> ESTABLISHED SYN-RECEIVED* ->
@@ -9347,12 +9352,6 @@ bbr_do_syn_recv(struct mbuf *m, struct tcphdr *th, str
if (!IS_FASTOPEN(tp->t_flags))
cc_conn_init(tp);
}
-   if (SEQ_GT(th->th_ack, tp->snd_una))
-   /*
-* Account for the ACK of our SYN prior to
-* regular ACK processing below.
-*/
-   tp->snd_una++;
/*
 * If segment contains data or ACK, will call tcp_reass() later; if
 * not, do so now to pass queued data to user.

Modified: head/sys/netinet/tcp_stacks/rack.c
==
--- head/sys/netinet/tcp_stacks/rack.c  Tue Apr 21 23:38:54 2020
(r360179)
+++ head/sys/netinet/tcp_stacks/rack.c  Wed Apr 22 00:16:42 2020
(r360180)
@@ -6539,6 +6539,12 @@ rack_do_syn_recv(struct mbuf *m, struct tcphdr *th, st
if (IS_FASTOPEN(tp->t_flags) && tp->t_tfo_pending) {
tcp_fastopen_decrement_counter(tp->t_tfo_pending);
tp->t_tfo_pending = NULL;
+
+   /*
+* Account for the ACK of our SYN prior to
+* regular ACK processing below.
+*/
+   tp->snd_una++;
}
if (tp->t_flags & TF_NEEDFIN) {
tcp_state_change(tp, TCPS_FIN_WAIT_1);
@@ -6556,12 +6562,6 @@ rack_do_syn_recv(struct mbuf *m, struct tcphdr *th, st
if (!IS_FASTOPEN(tp->t_flags))
cc_conn_init(tp);
}
-   if (SEQ_GT(th->th_ack, tp->snd_una))
-   /*
-* Account for the ACK of our SYN prior to
-* regular ACK processing below.
-*/
-   tp->snd_una++;
/*
 * If segment contains data or ACK, will call tcp_reass() later; if
 * not, do so now to pass queued data to user.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360179 - head/sys/cam/scsi

[John Baldwin]

Author: jhb
Date: Tue Apr 21 23:38:54 2020
New Revision: 360179
URL: https://svnweb.freebsd.org/changeset/base/360179

Log:
  Don't pass a user buffer pointer as the data pointer in a CCB.
  
  Allocate a temporary buffer in the kernel to serve as the CCB data
  pointer for a pass-through transaction and use copyin/copyout to
  shuffle the data to/from the user buffer.
  
  Reviewed by:  scottl, brooks
  Obtained from:CheriBSD
  MFC after:2 weeks
  Sponsored by: DARPA
  Differential Revision:https://reviews.freebsd.org/D24489

Modified:
  head/sys/cam/scsi/scsi_sg.c

Modified: head/sys/cam/scsi/scsi_sg.c
==
--- head/sys/cam/scsi/scsi_sg.c Tue Apr 21 21:48:35 2020(r360178)
+++ head/sys/cam/scsi/scsi_sg.c Tue Apr 21 23:38:54 2020(r360179)
@@ -508,6 +508,7 @@ sgioctl(struct cdev *dev, u_long cmd, caddr_t arg, int
struct cam_periph *periph;
struct sg_softc *softc;
struct sg_io_hdr *req;
+   void *data_ptr;
int dir, error;
 
periph = (struct cam_periph *)dev->si_drv1;
@@ -552,12 +553,20 @@ sgioctl(struct cdev *dev, u_long cmd, caddr_t arg, int
break;
}
 
+   if (req->dxfer_len > MAXPHYS) {
+   error = EINVAL;
+   break;
+   }
+
+   data_ptr = malloc(req->dxfer_len, M_DEVBUF, M_WAITOK);
+
ccb = cam_periph_getccb(periph, CAM_PRIORITY_NORMAL);
csio = >csio;
 
error = copyin(req->cmdp, >cdb_io.cdb_bytes,
req->cmd_len);
if (error) {
+   free(data_ptr, M_DEVBUF);
xpt_release_ccb(ccb);
break;
}
@@ -570,7 +579,7 @@ sgioctl(struct cdev *dev, u_long cmd, caddr_t arg, int
dir = CAM_DIR_IN;
break;
case SG_DXFER_TO_FROM_DEV:
-   dir = CAM_DIR_IN | CAM_DIR_OUT;
+   dir = CAM_DIR_BOTH;
break;
case SG_DXFER_NONE:
default:
@@ -578,12 +587,21 @@ sgioctl(struct cdev *dev, u_long cmd, caddr_t arg, int
break;
}
 
+   if (dir == CAM_DIR_IN || dir == CAM_DIR_BOTH) {
+   error = copyin(req->dxferp, data_ptr, req->dxfer_len);
+   if (error) {
+   free(data_ptr, M_DEVBUF);
+   xpt_release_ccb(ccb);
+   break;
+   }
+   }
+
cam_fill_csio(csio,
  /*retries*/1,
  /*cbfcnp*/NULL,
  dir|CAM_DEV_QFRZDIS,
  MSG_SIMPLE_Q_TAG,
- req->dxferp,
+ data_ptr,
  req->dxfer_len,
  req->mx_sb_len,
  req->cmd_len,
@@ -593,6 +611,7 @@ sgioctl(struct cdev *dev, u_long cmd, caddr_t arg, int
if (error) {
req->host_status = DID_ERROR;
req->driver_status = DRIVER_INVALID;
+   free(data_ptr, M_DEVBUF);
xpt_release_ccb(ccb);
break;
}
@@ -611,6 +630,10 @@ sgioctl(struct cdev *dev, u_long cmd, caddr_t arg, int
req->sb_len_wr);
}
 
+   if ((dir == CAM_DIR_OUT || dir == CAM_DIR_BOTH) && error == 0)
+   error = copyout(data_ptr, req->dxferp, req->dxfer_len);
+
+   free(data_ptr, M_DEVBUF);
xpt_release_ccb(ccb);
break;

___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360178 - head/lib/libvmmapi

[John Baldwin]

Author: jhb
Date: Tue Apr 21 21:48:35 2020
New Revision: 360178
URL: https://svnweb.freebsd.org/changeset/base/360178

Log:
  Map negative types passed to vm_capability_type2name to NULL.
  
  Submitted by: vangyzen

Modified:
  head/lib/libvmmapi/vmmapi.c

Modified: head/lib/libvmmapi/vmmapi.c
==
--- head/lib/libvmmapi/vmmapi.c Tue Apr 21 21:34:24 2020(r360177)
+++ head/lib/libvmmapi/vmmapi.c Tue Apr 21 21:48:35 2020(r360178)
@@ -841,7 +841,7 @@ vm_capability_name2type(const char *capname)
 const char *
 vm_capability_type2name(int type)
 {
-   if (type < nitems(capstrmap))
+   if (type >= 0 && type < nitems(capstrmap))
return (capstrmap[type]);
 
return (NULL);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360177 - head/sys/amd64/vmm

[Conrad Meyer]

Author: cem
Date: Tue Apr 21 21:34:24 2020
New Revision: 360177
URL: https://svnweb.freebsd.org/changeset/base/360177

Log:
  vmm(4): Decode and emulate BEXTR
  
  Clang 10 -march=native kernels on znver1 emit BEXTR for APIC reads,
  apparently.  Decode and emulate the instruction.
  
  Reviewed by:  grehan
  Differential Revision:https://reviews.freebsd.org/D24463

Modified:
  head/sys/amd64/vmm/vmm_instruction_emul.c

Modified: head/sys/amd64/vmm/vmm_instruction_emul.c
==
--- head/sys/amd64/vmm/vmm_instruction_emul.c   Tue Apr 21 21:33:06 2020
(r360176)
+++ head/sys/amd64/vmm/vmm_instruction_emul.c   Tue Apr 21 21:34:24 2020
(r360177)
@@ -84,6 +84,7 @@ enum {
VIE_OP_TYPE_TWOB_GRP15,
VIE_OP_TYPE_ADD,
VIE_OP_TYPE_TEST,
+   VIE_OP_TYPE_BEXTR,
VIE_OP_TYPE_LAST
 };
 
@@ -95,6 +96,10 @@ enum {
 #defineVIE_OP_F_NO_GLA_VERIFICATION (1 << 4)
 
 static const struct vie_op three_byte_opcodes_0f38[256] = {
+   [0xF7] = {
+   .op_byte = 0xF7,
+   .op_type = VIE_OP_TYPE_BEXTR,
+   },
 };
 
 static const struct vie_op two_byte_opcodes[256] = {
@@ -1318,6 +1323,83 @@ emulate_test(void *vm, int vcpuid, uint64_t gpa, struc
 }
 
 static int
+emulate_bextr(void *vm, int vcpuid, uint64_t gpa, struct vie *vie,
+struct vm_guest_paging *paging, mem_region_read_t memread,
+mem_region_write_t memwrite, void *arg)
+{
+   uint64_t src1, src2, dst, rflags;
+   unsigned start, len;
+   int error, size;
+
+   size = vie->opsize;
+   error = EINVAL;
+
+   /*
+* VEX.LZ.0F38.W0 F7 /r BEXTR r32a, r/m32, r32b
+* VEX.LZ.0F38.W1 F7 /r BEXTR r64a, r/m64, r64b
+*
+* Destination operand is ModRM:reg.  Source operands are ModRM:r/m and
+* Vex..
+*
+* Operand size is always 32-bit if not in 64-bit mode (W1 is ignored).
+*/
+   if (size != 4 && paging->cpu_mode != CPU_MODE_64BIT)
+   size = 4;
+
+   /*
+* Extracts contiguous bits from the first /source/ operand (second
+* operand) using an index and length specified in the second /source/
+* operand (third operand).
+*/
+   error = memread(vm, vcpuid, gpa, , size, arg);
+   if (error)
+   return (error);
+   error = vie_read_register(vm, vcpuid, gpr_map[vie->vex_reg], );
+   if (error)
+   return (error);
+   error = vie_read_register(vm, vcpuid, VM_REG_GUEST_RFLAGS, );
+   if (error)
+   return (error);
+
+   start = (src2 & 0xff);
+   len = (src2 & 0xff00) >> 8;
+
+   /* If no bits are extracted, the destination register is cleared. */
+   dst = 0;
+
+   /* If START exceeds the operand size, no bits are extracted. */
+   if (start > size * 8)
+   goto done;
+   /* Length is bounded by both the destination size and start offset. */
+   if (start + len > size * 8)
+   len = (size * 8) - start;
+   if (len == 0)
+   goto done;
+
+   if (start > 0)
+   src1 = (src1 >> start);
+   if (len < 64)
+   src1 = src1 & ((1ull << len) - 1);
+   dst = src1;
+
+done:
+   error = vie_update_register(vm, vcpuid, gpr_map[vie->reg], dst, size);
+   if (error)
+   return (error);
+
+   /*
+* AMD: OF, CF cleared; SF/AF/PF undefined; ZF set by result.
+* Intel: ZF is set by result; AF/SF/PF undefined; all others cleared.
+*/
+   rflags &= ~RFLAGS_STATUS_BITS;
+   if (dst == 0)
+   rflags |= PSL_Z;
+   error = vie_update_register(vm, vcpuid, VM_REG_GUEST_RFLAGS, rflags,
+   8);
+   return (error);
+}
+
+static int
 emulate_add(void *vm, int vcpuid, uint64_t gpa, struct vie *vie,
mem_region_read_t memread, mem_region_write_t memwrite, void *arg)
 {
@@ -1744,6 +1826,10 @@ vmm_emulate_instruction(void *vm, int vcpuid, uint64_t
break;
case VIE_OP_TYPE_TEST:
error = emulate_test(vm, vcpuid, gpa, vie,
+   memread, memwrite, memarg);
+   break;
+   case VIE_OP_TYPE_BEXTR:
+   error = emulate_bextr(vm, vcpuid, gpa, vie, paging,
memread, memwrite, memarg);
break;
default:
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360176 - in head/sys/amd64: include vmm

[Conrad Meyer]

Author: cem
Date: Tue Apr 21 21:33:06 2020
New Revision: 360176
URL: https://svnweb.freebsd.org/changeset/base/360176

Log:
  vmm(4): Decode 3-byte VEX-prefixed instructions
  
  Reviewed by:  grehan
  Differential Revision:https://reviews.freebsd.org/D24462

Modified:
  head/sys/amd64/include/vmm.h
  head/sys/amd64/vmm/vmm_instruction_emul.c

Modified: head/sys/amd64/include/vmm.h
==
--- head/sys/amd64/include/vmm.hTue Apr 21 19:38:32 2020
(r360175)
+++ head/sys/amd64/include/vmm.hTue Apr 21 21:33:06 2020
(r360176)
@@ -541,7 +541,8 @@ struct vie {
rm:4;
 
uint8_t ss:2,   /* SIB byte */
-   _sparebits:2,
+   vex_present:1,  /* VEX prefixed */
+   vex_l:1,/* L bit */
index:4,/* SIB byte */
base:4; /* SIB byte */
 
@@ -550,7 +551,11 @@ struct vie {
 
uint8_t scale;
 
-   uint8_t _sparebytes[3];
+   uint8_t vex_reg:4,  /* : first source register 
specifier */
+   vex_pp:2,   /* pp */
+   _sparebits:2;
+
+   uint8_t _sparebytes[2];
 
int base_register;  /* VM_REG_GUEST_xyz */
int index_register; /* VM_REG_GUEST_xyz */

Modified: head/sys/amd64/vmm/vmm_instruction_emul.c
==
--- head/sys/amd64/vmm/vmm_instruction_emul.c   Tue Apr 21 19:38:32 2020
(r360175)
+++ head/sys/amd64/vmm/vmm_instruction_emul.c   Tue Apr 21 21:33:06 2020
(r360176)
@@ -94,10 +94,13 @@ enum {
 #defineVIE_OP_F_NO_MODRM   (1 << 3)
 #defineVIE_OP_F_NO_GLA_VERIFICATION (1 << 4)
 
+static const struct vie_op three_byte_opcodes_0f38[256] = {
+};
+
 static const struct vie_op two_byte_opcodes[256] = {
[0xAE] = {
- .op_byte = 0xAE,
- .op_type = VIE_OP_TYPE_TWOB_GRP15,
+   .op_byte = 0xAE,
+   .op_type = VIE_OP_TYPE_TWOB_GRP15,
},
[0xB6] = {
.op_byte = 0xB6,
@@ -2286,6 +2289,81 @@ decode_prefixes(struct vie *vie, enum vm_cpu_mode cpu_
}
 
/*
+* § 2.3.5, "The VEX Prefix", SDM Vol 2.
+*/
+   if ((cpu_mode == CPU_MODE_64BIT || cpu_mode == CPU_MODE_COMPATIBILITY)
+   && x == 0xC4) {
+   const struct vie_op *optab;
+
+   /* 3-byte VEX prefix. */
+   vie->vex_present = 1;
+
+   vie_advance(vie);
+   if (vie_peek(vie, ))
+   return (-1);
+
+   /*
+* 2nd byte: [R', X', B', m[4:0]].  Bits are inverted
+* relative to REX encoding.
+*/
+   vie->rex_r = x & 0x80 ? 0 : 1;
+   vie->rex_x = x & 0x40 ? 0 : 1;
+   vie->rex_b = x & 0x20 ? 0 : 1;
+
+   switch (x & 0x1F) {
+   case 0x2:
+   /* 0F 38. */
+   optab = three_byte_opcodes_0f38;
+   break;
+   case 0x1:
+   /* 0F class - nothing handled here yet. */
+   /* FALLTHROUGH */
+   case 0x3:
+   /* 0F 3A class - nothing handled here yet. */
+   /* FALLTHROUGH */
+   default:
+   /* Reserved (#UD). */
+   return (-1);
+   }
+
+   vie_advance(vie);
+   if (vie_peek(vie, ))
+   return (-1);
+
+   /* 3rd byte: [W, [6:3], L, pp[1:0]]. */
+   vie->rex_w = x & 0x80 ? 1 : 0;
+
+   vie->vex_reg = ((~(unsigned)x & 0x78u) >> 3);
+   vie->vex_l = !!(x & 0x4);
+   vie->vex_pp = (x & 0x3);
+
+   /* PP: 1=66 2=F3 3=F2 prefixes. */
+   switch (vie->vex_pp) {
+   case 0x1:
+   vie->opsize_override = 1;
+   break;
+   case 0x2:
+   vie->repz_present = 1;
+   break;
+   case 0x3:
+   vie->repnz_present = 1;
+   break;
+   }
+
+   vie_advance(vie);
+
+   /* Opcode, sans literal prefix prefix. */
+   if (vie_peek(vie, ))
+   return (-1);
+
+   vie->op = optab[x];
+   if (vie->op.op_type == VIE_OP_TYPE_NONE)
+   return (-1);
+
+   vie_advance(vie);
+   }
+
+   /*
 * Section "Operand-Size And Address-Size Attributes", Intel SDM, Vol 1
 

svn commit: r360175 - in head: crypto/openssl crypto/openssl/apps crypto/openssl/crypto/aes crypto/openssl/crypto/asn1 crypto/openssl/crypto/bio crypto/openssl/crypto/ec crypto/openssl/crypto/evp c...

[Jung-uk Kim]

Author: jkim
Date: Tue Apr 21 19:38:32 2020
New Revision: 360175
URL: https://svnweb.freebsd.org/changeset/base/360175

Log:
  Merge OpenSSL 1.1.1g.

Added:
  head/crypto/openssl/doc/man3/X509_check_purpose.pod
 - copied unchanged from r360173, 
vendor-crypto/openssl/dist/doc/man3/X509_check_purpose.pod
  head/secure/lib/libcrypto/man/man3/X509_check_purpose.3   (contents, props 
changed)
Modified:
  head/crypto/openssl/CHANGES
  head/crypto/openssl/INSTALL
  head/crypto/openssl/NEWS
  head/crypto/openssl/README
  head/crypto/openssl/apps/build.info
  head/crypto/openssl/apps/dhparam.c
  head/crypto/openssl/apps/dsa.c
  head/crypto/openssl/apps/dsaparam.c
  head/crypto/openssl/apps/ec.c
  head/crypto/openssl/apps/ecparam.c
  head/crypto/openssl/apps/engine.c
  head/crypto/openssl/apps/gendsa.c
  head/crypto/openssl/apps/genrsa.c
  head/crypto/openssl/apps/ocsp.c
  head/crypto/openssl/apps/pkcs12.c
  head/crypto/openssl/apps/rsa.c
  head/crypto/openssl/apps/rsautl.c
  head/crypto/openssl/apps/s_time.c
  head/crypto/openssl/apps/srp.c
  head/crypto/openssl/apps/ts.c
  head/crypto/openssl/crypto/aes/aes_core.c
  head/crypto/openssl/crypto/aes/aes_local.h
  head/crypto/openssl/crypto/asn1/asn1_lib.c
  head/crypto/openssl/crypto/bio/bss_acpt.c
  head/crypto/openssl/crypto/ec/ec_asn1.c
  head/crypto/openssl/crypto/ec/ec_lib.c
  head/crypto/openssl/crypto/ec/ec_mult.c
  head/crypto/openssl/crypto/ec/ecp_smpl.c
  head/crypto/openssl/crypto/evp/e_aes.c
  head/crypto/openssl/crypto/rand/build.info
  head/crypto/openssl/crypto/rand/drbg_ctr.c
  head/crypto/openssl/crypto/x509/x509_vfy.c
  head/crypto/openssl/crypto/x509v3/v3_purp.c
  head/crypto/openssl/doc/man1/s_time.pod
  head/crypto/openssl/doc/man3/EVP_aes.pod
  head/crypto/openssl/doc/man3/RAND_set_rand_method.pod
  head/crypto/openssl/include/openssl/opensslv.h
  head/secure/lib/libcrypto/Makefile.inc
  head/secure/lib/libcrypto/man/man3/ADMISSIONS.3
  head/secure/lib/libcrypto/man/man3/ASN1_INTEGER_get_int64.3
  head/secure/lib/libcrypto/man/man3/ASN1_ITEM_lookup.3
  head/secure/lib/libcrypto/man/man3/ASN1_OBJECT_new.3
  head/secure/lib/libcrypto/man/man3/ASN1_STRING_TABLE_add.3
  head/secure/lib/libcrypto/man/man3/ASN1_STRING_length.3
  head/secure/lib/libcrypto/man/man3/ASN1_STRING_new.3
  head/secure/lib/libcrypto/man/man3/ASN1_STRING_print_ex.3
  head/secure/lib/libcrypto/man/man3/ASN1_TIME_set.3
  head/secure/lib/libcrypto/man/man3/ASN1_TYPE_get.3
  head/secure/lib/libcrypto/man/man3/ASN1_generate_nconf.3
  head/secure/lib/libcrypto/man/man3/ASYNC_WAIT_CTX_new.3
  head/secure/lib/libcrypto/man/man3/ASYNC_start_job.3
  head/secure/lib/libcrypto/man/man3/BF_encrypt.3
  head/secure/lib/libcrypto/man/man3/BIO_ADDR.3
  head/secure/lib/libcrypto/man/man3/BIO_ADDRINFO.3
  head/secure/lib/libcrypto/man/man3/BIO_connect.3
  head/secure/lib/libcrypto/man/man3/BIO_ctrl.3
  head/secure/lib/libcrypto/man/man3/BIO_f_base64.3
  head/secure/lib/libcrypto/man/man3/BIO_f_buffer.3
  head/secure/lib/libcrypto/man/man3/BIO_f_cipher.3
  head/secure/lib/libcrypto/man/man3/BIO_f_md.3
  head/secure/lib/libcrypto/man/man3/BIO_f_null.3
  head/secure/lib/libcrypto/man/man3/BIO_f_ssl.3
  head/secure/lib/libcrypto/man/man3/BIO_find_type.3
  head/secure/lib/libcrypto/man/man3/BIO_get_data.3
  head/secure/lib/libcrypto/man/man3/BIO_get_ex_new_index.3
  head/secure/lib/libcrypto/man/man3/BIO_meth_new.3
  head/secure/lib/libcrypto/man/man3/BIO_new.3
  head/secure/lib/libcrypto/man/man3/BIO_new_CMS.3
  head/secure/lib/libcrypto/man/man3/BIO_parse_hostserv.3
  head/secure/lib/libcrypto/man/man3/BIO_printf.3
  head/secure/lib/libcrypto/man/man3/BIO_push.3
  head/secure/lib/libcrypto/man/man3/BIO_read.3
  head/secure/lib/libcrypto/man/man3/BIO_s_accept.3
  head/secure/lib/libcrypto/man/man3/BIO_s_bio.3
  head/secure/lib/libcrypto/man/man3/BIO_s_connect.3
  head/secure/lib/libcrypto/man/man3/BIO_s_fd.3
  head/secure/lib/libcrypto/man/man3/BIO_s_file.3
  head/secure/lib/libcrypto/man/man3/BIO_s_mem.3
  head/secure/lib/libcrypto/man/man3/BIO_s_null.3
  head/secure/lib/libcrypto/man/man3/BIO_s_socket.3
  head/secure/lib/libcrypto/man/man3/BIO_set_callback.3
  head/secure/lib/libcrypto/man/man3/BIO_should_retry.3
  head/secure/lib/libcrypto/man/man3/BN_BLINDING_new.3
  head/secure/lib/libcrypto/man/man3/BN_CTX_new.3
  head/secure/lib/libcrypto/man/man3/BN_CTX_start.3
  head/secure/lib/libcrypto/man/man3/BN_add.3
  head/secure/lib/libcrypto/man/man3/BN_add_word.3
  head/secure/lib/libcrypto/man/man3/BN_bn2bin.3
  head/secure/lib/libcrypto/man/man3/BN_cmp.3
  head/secure/lib/libcrypto/man/man3/BN_copy.3
  head/secure/lib/libcrypto/man/man3/BN_generate_prime.3
  head/secure/lib/libcrypto/man/man3/BN_mod_inverse.3
  head/secure/lib/libcrypto/man/man3/BN_mod_mul_montgomery.3
  head/secure/lib/libcrypto/man/man3/BN_mod_mul_reciprocal.3
  head/secure/lib/libcrypto/man/man3/BN_new.3
  head/secure/lib/libcrypto/man/man3/BN_num_bytes.3
  head/secure/lib/libcrypto/man/man3/BN_rand.3
  

svn commit: r360174 - vendor-crypto/openssl/1.1.1g

[Jung-uk Kim]

Author: jkim
Date: Tue Apr 21 19:08:22 2020
New Revision: 360174
URL: https://svnweb.freebsd.org/changeset/base/360174

Log:
  Tag OpenSSL 1.1.1g.

Added:
  vendor-crypto/openssl/1.1.1g/
 - copied from r360173, vendor-crypto/openssl/dist/
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360173 - in vendor-crypto/openssl/dist: . apps crypto/aes crypto/asn1 crypto/bio crypto/ec crypto/evp crypto/rand crypto/x509 crypto/x509v3 doc/man1 doc/man3 include/openssl ssl

[Jung-uk Kim]

Author: jkim
Date: Tue Apr 21 19:07:46 2020
New Revision: 360173
URL: https://svnweb.freebsd.org/changeset/base/360173

Log:
  Import OpenSSL 1.1.1g.

Added:
  vendor-crypto/openssl/dist/doc/man3/X509_check_purpose.pod
Modified:
  vendor-crypto/openssl/dist/CHANGES
  vendor-crypto/openssl/dist/FREEBSD-upgrade
  vendor-crypto/openssl/dist/INSTALL
  vendor-crypto/openssl/dist/NEWS
  vendor-crypto/openssl/dist/README
  vendor-crypto/openssl/dist/apps/build.info
  vendor-crypto/openssl/dist/apps/dhparam.c
  vendor-crypto/openssl/dist/apps/dsa.c
  vendor-crypto/openssl/dist/apps/dsaparam.c
  vendor-crypto/openssl/dist/apps/ec.c
  vendor-crypto/openssl/dist/apps/ecparam.c
  vendor-crypto/openssl/dist/apps/engine.c
  vendor-crypto/openssl/dist/apps/gendsa.c
  vendor-crypto/openssl/dist/apps/genrsa.c
  vendor-crypto/openssl/dist/apps/ocsp.c
  vendor-crypto/openssl/dist/apps/pkcs12.c
  vendor-crypto/openssl/dist/apps/rsa.c
  vendor-crypto/openssl/dist/apps/rsautl.c
  vendor-crypto/openssl/dist/apps/s_time.c
  vendor-crypto/openssl/dist/apps/srp.c
  vendor-crypto/openssl/dist/apps/ts.c
  vendor-crypto/openssl/dist/crypto/aes/aes_core.c
  vendor-crypto/openssl/dist/crypto/aes/aes_local.h
  vendor-crypto/openssl/dist/crypto/asn1/asn1_lib.c
  vendor-crypto/openssl/dist/crypto/bio/bss_acpt.c
  vendor-crypto/openssl/dist/crypto/ec/ec_asn1.c
  vendor-crypto/openssl/dist/crypto/ec/ec_lib.c
  vendor-crypto/openssl/dist/crypto/ec/ec_mult.c
  vendor-crypto/openssl/dist/crypto/ec/ecp_smpl.c
  vendor-crypto/openssl/dist/crypto/evp/e_aes.c
  vendor-crypto/openssl/dist/crypto/rand/build.info
  vendor-crypto/openssl/dist/crypto/rand/drbg_ctr.c
  vendor-crypto/openssl/dist/crypto/x509/x509_vfy.c
  vendor-crypto/openssl/dist/crypto/x509v3/v3_purp.c
  vendor-crypto/openssl/dist/doc/man1/s_time.pod
  vendor-crypto/openssl/dist/doc/man3/EVP_aes.pod
  vendor-crypto/openssl/dist/doc/man3/RAND_set_rand_method.pod
  vendor-crypto/openssl/dist/include/openssl/opensslv.h
  vendor-crypto/openssl/dist/ssl/t1_lib.c

Modified: vendor-crypto/openssl/dist/CHANGES
==
--- vendor-crypto/openssl/dist/CHANGES  Tue Apr 21 17:51:54 2020
(r360172)
+++ vendor-crypto/openssl/dist/CHANGES  Tue Apr 21 19:07:46 2020
(r360173)
@@ -7,6 +7,27 @@
  https://github.com/openssl/openssl/commits/ and pick the appropriate
  release branch.
 
+ Changes between 1.1.1f and 1.1.1g [21 Apr 2020]
+
+  *) Fixed segmentation fault in SSL_check_chain()
+ Server or client applications that call the SSL_check_chain() function
+ during or after a TLS 1.3 handshake may crash due to a NULL pointer
+ dereference as a result of incorrect handling of the
+ "signature_algorithms_cert" TLS extension. The crash occurs if an invalid
+ or unrecognised signature algorithm is received from the peer. This could
+ be exploited by a malicious peer in a Denial of Service attack.
+ (CVE-2020-1967)
+ [Benjamin Kaduk]
+
+  *) Added AES consttime code for no-asm configurations
+ an optional constant time support for AES was added
+ when building openssl for no-asm.
+ Enable with: ./config no-asm -DOPENSSL_AES_CONST_TIME
+ Disable with: ./config no-asm -DOPENSSL_NO_AES_CONST_TIME
+ At this time this feature is by default disabled.
+ It will be enabled by default in 3.0.
+ [Bernd Edlinger]
+
  Changes between 1.1.1e and 1.1.1f [31 Mar 2020]
 
   *) Revert the change of EOF detection while reading in libssl to avoid

Modified: vendor-crypto/openssl/dist/FREEBSD-upgrade
==
--- vendor-crypto/openssl/dist/FREEBSD-upgrade  Tue Apr 21 17:51:54 2020
(r360172)
+++ vendor-crypto/openssl/dist/FREEBSD-upgrade  Tue Apr 21 19:07:46 2020
(r360173)
@@ -11,7 +11,7 @@ First, read http://wiki.freebsd.org/SubversionPrimer/V
 # Xlist
 setenv XLIST /FreeBSD/work/openssl/svn-FREEBSD-files/FREEBSD-Xlist
 setenv FSVN "svn+ssh://repo.freebsd.org/base"
-setenv OSSLVER 1.1.1e
+setenv OSSLVER 1.1.1g
 
 ###setenv OSSLTAG v`echo ${OSSLVER} | tr . _`
 

Modified: vendor-crypto/openssl/dist/INSTALL
==
--- vendor-crypto/openssl/dist/INSTALL  Tue Apr 21 17:51:54 2020
(r360172)
+++ vendor-crypto/openssl/dist/INSTALL  Tue Apr 21 19:07:46 2020
(r360173)
@@ -535,9 +535,9 @@
conjunction with the "-DPEDANTIC" option (or the
--strict-warnings option).
 
-  no-ui
-   Don't build with the "UI" capability (i.e. the set of
-   features enabling text based prompts).
+  no-ui-console
+   Don't build with the "UI" console method (i.e. the "UI"
+   method that enables text based console prompts).
 
   enable-unit-test
Enable additional unit test APIs. This should not typically

Modified: 

svn commit: r360172 - head/usr.sbin/bluetooth/hccontrol

[Hans Petter Selasky]

Author: hselasky
Date: Tue Apr 21 17:51:54 2020
New Revision: 360172
URL: https://svnweb.freebsd.org/changeset/base/360172

Log:
  Update string tables in hccontrol(8).
  
  Submitted by: Marc Veldman 
  PR:   245796
  MFC after:1 week
  Sponsored by: Mellanox Technologies

Modified:
  head/usr.sbin/bluetooth/hccontrol/util.c

Modified: head/usr.sbin/bluetooth/hccontrol/util.c
==
--- head/usr.sbin/bluetooth/hccontrol/util.cTue Apr 21 17:47:05 2020
(r360171)
+++ head/usr.sbin/bluetooth/hccontrol/util.cTue Apr 21 17:51:54 2020
(r360172)
@@ -160,7 +160,10 @@ hci_ver2str(int ver)
/* 0x05 */ "Bluetooth HCI Specification 3.0",
/* 0x06 */ "Bluetooth HCI Specification 4.0",
/* 0x07 */ "Bluetooth HCI Specification 4.1",
-   /* 0x08 */ "Bluetooth HCI Specification 4.2"
+   /* 0x08 */ "Bluetooth HCI Specification 4.2",
+   /* 0x09 */ "Bluetooth HCI Specification 5.0",
+   /* 0x0a */ "Bluetooth HCI Specification 5.1",
+   /* 0x0b */ "Bluetooth HCI Specification 5.2"
};
 
return (ver >= SIZE(t)? "?" : t[ver]);
@@ -175,10 +178,13 @@ hci_lmpver2str(int ver)
/* 0x02 */ "Bluetooth LMP 1.2",
/* 0x03 */ "Bluetooth LMP 2.0",
/* 0x04 */ "Bluetooth LMP 2.1",
-   /* 0x04 */ "Bluetooth LMP 3.0",
-   /* 0x04 */ "Bluetooth LMP 4.0",
-   /* 0x04 */ "Bluetooth LMP 4.1",
-   /* 0x04 */ "Bluetooth LMP 4.2"  
+   /* 0x05 */ "Bluetooth LMP 3.0",
+   /* 0x06 */ "Bluetooth LMP 4.0",
+   /* 0x07 */ "Bluetooth LMP 4.1",
+   /* 0x08 */ "Bluetooth LMP 4.2",
+   /* 0x09 */ "Bluetooth LMP 5.0",
+   /* 0x0a */ "Bluetooth LMP 5.1",
+   /* 0x0b */ "Bluetooth LMP 5.2"
};
 
return (ver >= SIZE(t)? "?" : t[ver]);
@@ -198,7 +204,7 @@ hci_manufacturer2str(int m)
/* 0007 */ "Lucent",
/* 0008 */ "Motorola",
/* 0009 */ "Infineon Technologies AG",
-   /* 0010 */ "Cambridge Silicon Radio",
+   /* 0010 */ "Qualcomm Technologies International, Ltd. (QTIL)",
/* 0011 */ "Silicon Wave",
/* 0012 */ "Digianswer A/S",
/* 0013 */ "Texas Instruments Inc.",
@@ -213,7 +219,7 @@ hci_manufacturer2str(int m)
/* 0022 */ "KC Technology Inc.",
/* 0023 */ "Newlogic",
/* 0024 */ "Transilica, Inc.",
-   /* 0025 */ "Rohde & Schwartz GmbH & Co. KG",
+   /* 0025 */ "Rohde & Schwarz GmbH & Co. KG",
/* 0026 */ "TTPCom Limited",
/* 0027 */ "Signia Technologies, Inc.",
/* 0028 */ "Conexant Systems Inc.",
@@ -225,7 +231,7 @@ hci_manufacturer2str(int m)
/* 0034 */ "NEC Corporation",
/* 0035 */ "WavePlus Technology Co., Ltd.",
/* 0036 */ "Alcatel",
-   /* 0037 */ "Philips Semiconductors",
+   /* 0037 */ "NXP Semiconductors (formerly Philips 
Semiconductors)",
/* 0038 */ "C Technologies",
/* 0039 */ "Open Interface",
/* 0040 */ "R F Micro Devices",
@@ -237,22 +243,2187 @@ hci_manufacturer2str(int m)
/* 0046 */ "Norwood Systems",
/* 0047 */ "MewTel Technology Inc.",
/* 0048 */ "ST Microelectronics",
-   /* 0049 */ "Synopsys",
+   /* 0049 */ "Synopsys, Inc.",
/* 0050 */ "Red-M (Communications) Ltd",
/* 0051 */ "Commil Ltd",
/* 0052 */ "Computer Access Technology Corporation (CATC)",
/* 0053 */ "Eclipse (HQ Espana) S.L.",
-   /* 0054 */ "Renesas Technology Corp.",
+   /* 0054 */ "Renesas Electronics Corporation",
/* 0055 */ "Mobilian Corporation",
-   /* 0056 */ "Terax",
+   /* 0056 */ "Syntronix Corporation",
/* 0057 */ "Integrated System Solution Corp.",
-   /* 0058 */ "Matsushita Electric Industrial Co., Ltd.",
+   /* 0058 */ "Panasonic Corporation (formerly Matsushita Electric 
Industrial Co., Ltd.)",
/* 0059 */ "Gennum Corporation",
-   /* 0060 */ "Research In Motion",
+   /* 0060 */ "BlackBerry Limited (formerly Research In Motion)",
/* 0061 */ "IPextreme, Inc.",
/* 0062 */ "Systems and Chips, Inc",
/* 0063 */ "Bluetooth SIG, Inc",
-   /* 0064 */ "Seiko Epson Corporation"
+   /* 0064 */ "Seiko Epson Corporation",
+   /* 0065 */ "Integrated Silicon Solution Taiwan, Inc.",
+   /* 0066 */ "CONWISE Technology Corporation 

svn commit: r360171 - head/sys/cam/scsi

[John Baldwin]

Author: jhb
Date: Tue Apr 21 17:47:05 2020
New Revision: 360171
URL: https://svnweb.freebsd.org/changeset/base/360171

Log:
  Don't access a user buffer directly from the kernel.
  
  The handle_string callback for the ENCIOC_SETSTRING ioctl was passing
  a user pointer to memcpy().  Fix by using copyin() instead.
  
  For ENCIOC_GETSTRING ioctls, the handler was storing the user pointer
  in a CCB's data_ptr field where it was indirected by other code.  Fix
  this by allocating a temporary buffer (which ENCIOC_SETSTRING already
  did) and copying the result out to the user buffer after the CCB has
  been processed.
  
  Reviewed by:  kib
  Obtained from:CheriBSD
  MFC after:1 week
  Sponsored by: DARPA
  Differential Revision:https://reviews.freebsd.org/D24487

Modified:
  head/sys/cam/scsi/scsi_enc_ses.c

Modified: head/sys/cam/scsi/scsi_enc_ses.c
==
--- head/sys/cam/scsi/scsi_enc_ses.cTue Apr 21 17:42:32 2020
(r360170)
+++ head/sys/cam/scsi/scsi_enc_ses.cTue Apr 21 17:47:05 2020
(r360171)
@@ -2904,13 +2904,19 @@ ses_handle_string(enc_softc_t *enc, encioc_string_t *s
buf[1] = 0;
buf[2] = sstr->bufsiz >> 8;
buf[3] = sstr->bufsiz & 0xff;
-   memcpy([4], sstr->buf, sstr->bufsiz);
+   ret = copyin(sstr->buf, [4], sstr->bufsiz);
+   if (ret != 0) {
+   ENC_FREE(buf);
+   return (ret);
+   }
break;
case ENCIOC_GETSTRING:
payload = sstr->bufsiz;
amt = payload;
+   buf = ENC_MALLOC(payload);
+   if (buf == NULL)
+   return (ENOMEM);
ses_page_cdb(cdb, payload, SesStringIn, CAM_DIR_IN);
-   buf = sstr->buf;
break;
case ENCIOC_GETENCNAME:
if (ses_cache->ses_nsubencs < 1)
@@ -2950,6 +2956,8 @@ ses_handle_string(enc_softc_t *enc, encioc_string_t *s
return (EINVAL);
}
ret = enc_runcmd(enc, cdb, 6, buf, );
+   if (ret == 0 && ioc == ENCIOC_GETSTRING)
+   ret = copyout(buf, sstr->buf, sstr->bufsiz);
if (ioc == ENCIOC_SETSTRING)
ENC_FREE(buf);
return (ret);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360170 - head/sys/ufs/ffs

[John Baldwin]

Author: jhb
Date: Tue Apr 21 17:42:32 2020
New Revision: 360170
URL: https://svnweb.freebsd.org/changeset/base/360170

Log:
  Retire two unused background fsck sysctls.
  
  These two sysctls were added to support UFS softupdates journalling
  with snapshots.  However, the changes to fsck to use them were never
  committed and there have never been any in-tree uses of these sysctls.
  
  More details from Kirk:
  
  When journalling got added to soft updates, its journal rollback freed
  blocks that it thought were no longer in use. But it does not take
  snapshots into account (i.e., if a snapshot is still using it, then it
  cannot be freed). So I added the needed logic to fsck by having the
  free go through the kernel's blkfree code so it could grab blocks that
  were still needed by snapshots. That is done using the setbufoutput
  hack. I never got that code working reliably, so it is still sitting
  in my work directory. Which also explains why you still cannot take
  snapshots on filesystems running with journalling...
  
  In looking over my use of this feature, and in particular the troubles
  I was having with it, I conclude that it may be better to extract the
  code from the kernel that handles freeing blocks claimed by snapshots
  and putting it into fsck directly. My original intent was that it is
  complex and at the time changing, so only having to maintain it in one
  place was appealing. But at this point it has not changed in years and
  the hacks like setinode and setbufoutput to be able to use the kernel
  code is sufficiently ugly, that I am leaning towards just extracting
  it.
  
  Reviewed by:  mckusick
  MFC after:1 week
  Sponsored by: DARPA
  Differential Revision:https://reviews.freebsd.org/D24484

Modified:
  head/sys/ufs/ffs/ffs_alloc.c
  head/sys/ufs/ffs/fs.h

Modified: head/sys/ufs/ffs/ffs_alloc.c
==
--- head/sys/ufs/ffs/ffs_alloc.cTue Apr 21 17:40:23 2020
(r360169)
+++ head/sys/ufs/ffs/ffs_alloc.cTue Apr 21 17:42:32 2020
(r360170)
@@ -3086,18 +3086,6 @@ ffs_fserr(fs, inum, cp)
  * in the current directory is oldvalue then change it to newvalue.
  * unlink(nameptr, oldvalue) - Verify that the inode number associated
  * with nameptr in the current directory is oldvalue then unlink it.
- *
- * The following functions may only be used on a quiescent filesystem
- * by the soft updates journal. They are not safe to be run on an active
- * filesystem.
- *
- * setinode(inode, dip) - the specified disk inode is replaced with the
- * contents pointed to by dip.
- * setbufoutput(fd, flags) - output associated with the specified file
- * descriptor (which must reference the character device supporting
- * the filesystem) switches from using physio to running through the
- * buffer cache when flags is set to 1. The descriptor reverts to
- * physio for output when flags is set to zero.
  */
 
 static int sysctl_ffs_fsck(SYSCTL_HANDLER_ARGS);
@@ -3163,23 +3151,12 @@ static SYSCTL_NODE(_vfs_ffs, FFS_UNLINK, unlink,
 CTLFLAG_WR | CTLFLAG_NEEDGIANT, sysctl_ffs_fsck,
 "Unlink a Duplicate Name");
 
-static SYSCTL_NODE(_vfs_ffs, FFS_SET_INODE, setinode,
-CTLFLAG_WR | CTLFLAG_NEEDGIANT, sysctl_ffs_fsck,
-"Update an On-Disk Inode");
-
-static SYSCTL_NODE(_vfs_ffs, FFS_SET_BUFOUTPUT, setbufoutput,
-CTLFLAG_WR | CTLFLAG_NEEDGIANT, sysctl_ffs_fsck,
-"Set Buffered Writing for Descriptor");
-
 #ifdef DIAGNOSTIC
 static int fsckcmds = 0;
 SYSCTL_INT(_debug, OID_AUTO, ffs_fsckcmds, CTLFLAG_RW, , 0,
"print out fsck_ffs-based filesystem update commands");
 #endif /* DIAGNOSTIC */
 
-static int buffered_write(struct file *, struct uio *, struct ucred *,
-   int, struct thread *);
-
 static int
 sysctl_ffs_fsck(SYSCTL_HANDLER_ARGS)
 {
@@ -3194,10 +3171,9 @@ sysctl_ffs_fsck(SYSCTL_HANDLER_ARGS)
ufs2_daddr_t blkno;
long blkcnt, blksize;
u_long key;
-   struct file *fp, *vfp;
+   struct file *fp;
cap_rights_t rights;
int filetype, error;
-   static struct fileops *origops, bufferedops;
 
if (req->newlen > sizeof cmd)
return (EBADRPC);
@@ -3490,76 +3466,6 @@ sysctl_ffs_fsck(SYSCTL_HANDLER_ARGS)
0, (ino_t)cmd.size);
break;
 
-   case FFS_SET_INODE:
-   if (ump->um_fsckpid != td->td_proc->p_pid) {
-   error = EPERM;
-   break;
-   }
-#ifdef DIAGNOSTIC
-   if (fsckcmds) {
-   printf("%s: update inode %jd\n",
-   mp->mnt_stat.f_mntonname, (intmax_t)cmd.value);
-   }
-#endif /* DIAGNOSTIC */
-   if ((error = ffs_vget(mp, (ino_t)cmd.value, LK_EXCLUSIVE, )))
-   break;
-   AUDIT_ARG_VNODE1(vp);
-   ip = VTOI(vp);
-   if 

svn commit: r360169 - head/lib/libc/riscv/gen

[John Baldwin]

Author: jhb
Date: Tue Apr 21 17:40:23 2020
New Revision: 360169
URL: https://svnweb.freebsd.org/changeset/base/360169

Log:
  Check the magic value in longjmp() before calling sigprocmask().
  
  This avoids passing garbage to sigprocmask() if the jump buffer is
  invalid.
  
  Reviewed by:  mhorne
  Obtained from:CheriBSD
  Sponsored by: DARPA
  Differential Revision:https://reviews.freebsd.org/D24483

Modified:
  head/lib/libc/riscv/gen/setjmp.S

Modified: head/lib/libc/riscv/gen/setjmp.S
==
--- head/lib/libc/riscv/gen/setjmp.STue Apr 21 17:38:07 2020
(r360168)
+++ head/lib/libc/riscv/gen/setjmp.STue Apr 21 17:40:23 2020
(r360169)
@@ -100,6 +100,11 @@ ENTRY(setjmp)
 END(setjmp)
 
 ENTRY(longjmp)
+   /* Check the magic value */
+   ld  t0, 0(a0)
+   ld  t1, .Lmagic
+   bne t0, t1, botch
+
addisp, sp, -(4 * 8)
sd  a0, (0 * 8)(sp)
sd  ra, (1 * 8)(sp)
@@ -115,11 +120,6 @@ ENTRY(longjmp)
ld  ra, (1 * 8)(sp)
ld  a0, (0 * 8)(sp)
addisp, sp, (4 * 8)
-
-   /* Check the magic value */
-   ld  t0, 0(a0)
-   ld  t1, .Lmagic
-   bne t0, t1, botch
 
/* Restore the stack pointer */
ld  t0, 8(a0)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360168 - in head/sys: cddl/dev/dtrace/mips mips/mips

[John Baldwin]

Author: jhb
Date: Tue Apr 21 17:38:07 2020
New Revision: 360168
URL: https://svnweb.freebsd.org/changeset/base/360168

Log:
  Handle non-dtrace-triggered kernel breakpoint traps in mips.
  
  If DTRACE is enabled at compile time, all kernel breakpoint traps are
  first given to dtrace to see if they are triggered by a FBT probe.
  Previously if dtrace didn't recognize the trap, it was silently
  ignored breaking the handling of other kernel breakpoint traps such as
  the debug.kdb.enter sysctl.  This only returns early from the trap
  handler if dtrace recognizes the trap and handles it.
  
  Submitted by: Nicolò Mazzucato 
  Reviewed by:  markj
  Obtained from:CheriBSD
  Differential Revision:https://reviews.freebsd.org/D24478

Modified:
  head/sys/cddl/dev/dtrace/mips/dtrace_subr.c
  head/sys/mips/mips/trap.c

Modified: head/sys/cddl/dev/dtrace/mips/dtrace_subr.c
==
--- head/sys/cddl/dev/dtrace/mips/dtrace_subr.c Tue Apr 21 17:32:57 2020
(r360167)
+++ head/sys/cddl/dev/dtrace/mips/dtrace_subr.c Tue Apr 21 17:38:07 2020
(r360168)
@@ -251,6 +251,9 @@ dtrace_invop_start(struct trapframe *frame)
int invop;
 
invop = dtrace_invop(frame->pc, frame, frame->pc);
+   if (invop == 0)
+   return (-1);
+
offs = (invop & LDSD_DATA_MASK);
sp = (register_t *)((uint8_t *)frame->sp + offs);
 

Modified: head/sys/mips/mips/trap.c
==
--- head/sys/mips/mips/trap.c   Tue Apr 21 17:32:57 2020(r360167)
+++ head/sys/mips/mips/trap.c   Tue Apr 21 17:38:07 2020(r360168)
@@ -807,10 +807,9 @@ dofault:
 #if defined(KDTRACE_HOOKS) || defined(DDB)
case T_BREAK:
 #ifdef KDTRACE_HOOKS
-   if (!usermode && dtrace_invop_jump_addr != 0) {
-   dtrace_invop_jump_addr(trapframe);
+   if (!usermode && dtrace_invop_jump_addr != NULL &&
+   dtrace_invop_jump_addr(trapframe) == 0)
return (trapframe->pc);
-   }
 #endif
 #ifdef DDB
kdb_trap(type, 0, trapframe);
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360167 - head/libexec/tftpd

[John Baldwin]

Author: jhb
Date: Tue Apr 21 17:32:57 2020
New Revision: 360167
URL: https://svnweb.freebsd.org/changeset/base/360167

Log:
  Abort transfer if fseeko() fails.
  
  CID:  1420215
  Reviewed by:  asomers
  MFC after:1 week
  Sponsored by: DARPA
  Differential Revision:https://reviews.freebsd.org/D24454

Modified:
  head/libexec/tftpd/tftp-transfer.c

Modified: head/libexec/tftpd/tftp-transfer.c
==
--- head/libexec/tftpd/tftp-transfer.c  Tue Apr 21 17:30:56 2020
(r360166)
+++ head/libexec/tftpd/tftp-transfer.c  Tue Apr 21 17:32:57 2020
(r360167)
@@ -40,6 +40,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include "tftp-file.h"
@@ -124,7 +125,13 @@ read_block:
 
acktry++;
ts->retries++;
-   seek_file(window[0].offset);
+   if (seek_file(window[0].offset) != 0) {
+   tftp_log(LOG_ERR,
+   "seek_file failed: %s",
+   strerror(errno));
+   send_error(peer, errno + 100);
+   goto abort;
+   }
*block = window[0].block;
windowblock = 0;
goto read_block;
@@ -158,7 +165,13 @@ read_block:
 
/* Resend the current window. */
ts->retries++;
-   seek_file(window[0].offset);
+   if (seek_file(window[0].offset) != 0) {
+   tftp_log(LOG_ERR,
+   "seek_file failed: %s",
+   strerror(errno));
+   send_error(peer, errno + 100);
+   goto abort;
+   }
*block = window[0].block;
windowblock = 0;
goto read_block;
@@ -183,7 +196,14 @@ read_block:
if (debug_SIMPLE)
tftp_log(LOG_DEBUG,
"Partial ACK");
-   seek_file(window[i + 1].offset);
+   if (seek_file(window[i + 1].offset) !=
+   0) {
+   tftp_log(LOG_ERR,
+   "seek_file failed: %s",
+   strerror(errno));
+   send_error(peer, errno + 100);
+   goto abort;
+   }
*block = window[i + 1].block;
windowblock = 0;
ts->retries++;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360166 - head/lib/libvmmapi

[John Baldwin]

Author: jhb
Date: Tue Apr 21 17:30:56 2020
New Revision: 360166
URL: https://svnweb.freebsd.org/changeset/base/360166

Log:
  Add description string for VM_CAP_BPT_EXIT.
  
  While here, replace the array of mapping structures with an array of
  string pointers where the index is the capability value.
  
  Submitted by: Rob Fairbanks 
  Reviewed by:  rgrimes
  MFC after:1 week
  Differential Revision:https://reviews.freebsd.org/D24289

Modified:
  head/lib/libvmmapi/vmmapi.c

Modified: head/lib/libvmmapi/vmmapi.c
==
--- head/lib/libvmmapi/vmmapi.c Tue Apr 21 17:17:32 2020(r360165)
+++ head/lib/libvmmapi/vmmapi.c Tue Apr 21 17:30:56 2020(r360166)
@@ -816,16 +816,13 @@ vm_inject_nmi(struct vmctx *ctx, int vcpu)
return (ioctl(ctx->fd, VM_INJECT_NMI, ));
 }
 
-static struct {
-   const char  *name;
-   int type;
-} capstrmap[] = {
-   { "hlt_exit",   VM_CAP_HALT_EXIT },
-   { "mtrap_exit", VM_CAP_MTRAP_EXIT },
-   { "pause_exit", VM_CAP_PAUSE_EXIT },
-   { "unrestricted_guest", VM_CAP_UNRESTRICTED_GUEST },
-   { "enable_invpcid", VM_CAP_ENABLE_INVPCID },
-   { 0 }
+static const char *capstrmap[] = {
+   [VM_CAP_HALT_EXIT]  = "hlt_exit",
+   [VM_CAP_MTRAP_EXIT] = "mtrap_exit",
+   [VM_CAP_PAUSE_EXIT] = "pause_exit",
+   [VM_CAP_UNRESTRICTED_GUEST] = "unrestricted_guest",
+   [VM_CAP_ENABLE_INVPCID] = "enable_invpcid",
+   [VM_CAP_BPT_EXIT] = "bpt_exit",
 };
 
 int
@@ -833,9 +830,9 @@ vm_capability_name2type(const char *capname)
 {
int i;
 
-   for (i = 0; capstrmap[i].name != NULL && capname != NULL; i++) {
-   if (strcmp(capstrmap[i].name, capname) == 0)
-   return (capstrmap[i].type);
+   for (i = 0; i < nitems(capstrmap); i++) {
+   if (strcmp(capstrmap[i], capname) == 0)
+   return (i);
}
 
return (-1);
@@ -844,12 +841,8 @@ vm_capability_name2type(const char *capname)
 const char *
 vm_capability_type2name(int type)
 {
-   int i;
-
-   for (i = 0; capstrmap[i].name != NULL; i++) {
-   if (capstrmap[i].type == type)
-   return (capstrmap[i].name);
-   }
+   if (type < nitems(capstrmap))
+   return (capstrmap[type]);
 
return (NULL);
 }
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360165 - head/share/man/man4

[Li-Wen Hsu]

Author: lwhsu
Date: Tue Apr 21 17:17:32 2020
New Revision: 360165
URL: https://svnweb.freebsd.org/changeset/base/360165

Log:
  Also update est(4) as r360162 and r360164
  
  MFC after:3 days

Modified:
  head/share/man/man4/est.4

Modified: head/share/man/man4/est.4
==
--- head/share/man/man4/est.4   Tue Apr 21 17:14:08 2020(r360164)
+++ head/share/man/man4/est.4   Tue Apr 21 17:17:32 2020(r360165)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd October 18, 2012
+.Dd April 21, 2020
 .Dt EST 4
 .Os
 .Sh NAME
@@ -66,7 +66,7 @@ Attempt to infer information from direct probing of th
 Should only be used in diagnostic cases.
 .Pq default 0
 .It hw.est.strict
-Validate frequency requested is accepted by the cpu when set.
+Validate frequency requested is accepted by the CPU when set.
 It appears that this will only work on single core cpus.
 .Pq default 0
 .El
@@ -75,17 +75,17 @@ The following
 .Xr sysctl 8
 values are available
 .Bl -tag -width indent
-.It Va dev.est.%d.\%desc
+.It Va dev.est.%d.%desc
 Description of support, almost always Enhanced SpeedStep Frequency Control.
 .It dev.est.0.%desc: Enhanced SpeedStep Frequency Control
-.It Va dev.est.%d.\%driver
+.It Va dev.est.%d.%driver
 Driver in use, always est.
 .It dev.est.0.%driver: est
-.It Va dev.est.%d.\%parent
-.It dev.est.0.%parent: cpu0
-The cpu that is exposing these frequencies.
+.It Va dev.est.%d.%parent
+The CPU that is exposing these frequencies.
 For example
 .Va cpu0 .
+.It dev.est.0.%parent: cpu0
 .It Va dev.est.%d.freq_settings .
 The valid frequencies that are allowed by this CPU and their step values.
 .It dev.est.0.freq_settings: 2201/45000 2200/45000 2000/39581 1900/37387
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360164 - head/share/man/man4

[Li-Wen Hsu]

Author: lwhsu
Date: Tue Apr 21 17:14:08 2020
New Revision: 360164
URL: https://svnweb.freebsd.org/changeset/base/360164

Log:
  Update .Dd

Modified:
  head/share/man/man4/hwpstate_intel.4

Modified: head/share/man/man4/hwpstate_intel.4
==
--- head/share/man/man4/hwpstate_intel.4Tue Apr 21 17:13:06 2020
(r360163)
+++ head/share/man/man4/hwpstate_intel.4Tue Apr 21 17:14:08 2020
(r360164)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd February 1, 2020
+.Dd April 21, 2020
 .Dt HWPSTATE_INTEL 4
 .Os
 .Sh NAME
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360163 - in head/sys: kern sys

[Mark Johnston]

Author: markj
Date: Tue Apr 21 17:13:06 2020
New Revision: 360163
URL: https://svnweb.freebsd.org/changeset/base/360163

Log:
  Handle PCATCH in blockcount_sleep() so it can be interrupted.
  
  blockcount_wait() still unconditionally waits for the count to reach
  zero before returning.
  
  Tested by:pho (a larger patch)
  Reviewed by:  kib
  Sponsored by: The FreeBSD Foundation
  Differential Revision:https://reviews.freebsd.org/D24513

Modified:
  head/sys/kern/kern_synch.c
  head/sys/sys/blockcount.h

Modified: head/sys/kern/kern_synch.c
==
--- head/sys/kern/kern_synch.c  Tue Apr 21 17:07:02 2020(r360162)
+++ head/sys/kern/kern_synch.c  Tue Apr 21 17:13:06 2020(r360163)
@@ -400,12 +400,12 @@ _blockcount_wakeup(blockcount_t *bc, u_int old)
 }
 
 /*
- * Wait for a wakeup.  This does not guarantee that the count is still zero on
- * return and may be subject to transient wakeups.  Callers wanting a precise
- * answer should use blockcount_wait() with an interlock.
+ * Wait for a wakeup or a signal.  This does not guarantee that the count is
+ * still zero on return.  Callers wanting a precise answer should use
+ * blockcount_wait() with an interlock.
  *
- * Return 0 if there is no work to wait for, and 1 if we slept waiting for work
- * to complete.  In the latter case the counter value must be re-read.
+ * If there is no work to wait for, return 0.  If the sleep was interrupted by 
a
+ * signal, return EINTR or ERESTART, and return EAGAIN otherwise.
  */
 int
 _blockcount_sleep(blockcount_t *bc, struct lock_object *lock, const char 
*wmesg,
@@ -415,10 +415,15 @@ _blockcount_sleep(blockcount_t *bc, struct lock_object
uintptr_t lock_state;
u_int old;
int ret;
+   bool catch, drop;
 
KASSERT(lock != _object,
("%s: cannot use Giant as the interlock", __func__));
 
+   catch = (prio & PCATCH) != 0;
+   drop = (prio & PDROP) != 0;
+   prio &= PRIMASK;
+
/*
 * Synchronize with the fence in blockcount_release().  If we end up
 * waiting, the sleepqueue lock acquisition will provide the required
@@ -428,7 +433,7 @@ _blockcount_sleep(blockcount_t *bc, struct lock_object
 * ourselves to sleep to avoid jumping ahead.
 */
if (atomic_load_acq_int(>__count) == 0) {
-   if (lock != NULL && (prio & PDROP) != 0)
+   if (lock != NULL && drop)
LOCK_CLASS(lock)->lc_unlock(lock);
return (0);
}
@@ -439,23 +444,27 @@ _blockcount_sleep(blockcount_t *bc, struct lock_object
if (lock != NULL)
lock_state = LOCK_CLASS(lock)->lc_unlock(lock);
old = blockcount_read(bc);
+   ret = 0;
do {
if (_BLOCKCOUNT_COUNT(old) == 0) {
sleepq_release(wchan);
-   ret = 0;
goto out;
}
if (_BLOCKCOUNT_WAITERS(old))
break;
} while (!atomic_fcmpset_int(>__count, ,
old | _BLOCKCOUNT_WAITERS_FLAG));
-   sleepq_add(wchan, NULL, wmesg, 0, 0);
-   sleepq_wait(wchan, prio);
-   ret = 1;
+   sleepq_add(wchan, NULL, wmesg, catch ? SLEEPQ_INTERRUPTIBLE : 0, 0);
+   if (catch)
+   ret = sleepq_wait_sig(wchan, prio);
+   else
+   sleepq_wait(wchan, prio);
+   if (ret == 0)
+   ret = EAGAIN;
 
 out:
PICKUP_GIANT();
-   if (lock != NULL && (prio & PDROP) == 0)
+   if (lock != NULL && !drop)
LOCK_CLASS(lock)->lc_lock(lock, lock_state);
 
return (ret);

Modified: head/sys/sys/blockcount.h
==
--- head/sys/sys/blockcount.h   Tue Apr 21 17:07:02 2020(r360162)
+++ head/sys/sys/blockcount.h   Tue Apr 21 17:13:06 2020(r360163)
@@ -80,9 +80,9 @@ static __inline void
 _blockcount_wait(blockcount_t *bc, struct lock_object *lo, const char *wmesg,
 int prio)
 {
-   KASSERT((prio & PDROP) == 0, ("%s: invalid prio %x", __func__, prio));
+   KASSERT((prio & ~PRIMASK) == 0, ("%s: invalid prio %x", __func__, 
prio));
 
-   while (_blockcount_sleep(bc, lo, wmesg, prio) != 0)
+   while (_blockcount_sleep(bc, lo, wmesg, prio) == EAGAIN)
;
 }
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360162 - head/share/man/man4

[Li-Wen Hsu]

Author: lwhsu
Date: Tue Apr 21 17:07:02 2020
New Revision: 360162
URL: https://svnweb.freebsd.org/changeset/base/360162

Log:
  hwpstate_intel(4): small text tweaks
  
  The sysctl output looks like this:
  
  dev.hwpstate_intel.0.epp: 50
  dev.hwpstate_intel.0.%parent: cpu0
  dev.hwpstate_intel.0.%pnpinfo:
  dev.hwpstate_intel.0.%location:
  dev.hwpstate_intel.0.%driver: hwpstate_intel
  dev.hwpstate_intel.0.%desc: Intel Speed Shift
  
  but all the '%' got escaped in the manual page, un-escape them.
  
  While here:
  - Move the example of dev.hwpstate_intel.%d.%parent after the description to
align with others.
  - Capitalize "CPU" (*)
  
  Submitted by: danfe (*)
  Reviewed by:  cem
  Differential Revision:https://reviews.freebsd.org/D24520

Modified:
  head/share/man/man4/hwpstate_intel.4

Modified: head/share/man/man4/hwpstate_intel.4
==
--- head/share/man/man4/hwpstate_intel.4Tue Apr 21 17:05:21 2020
(r360161)
+++ head/share/man/man4/hwpstate_intel.4Tue Apr 21 17:07:02 2020
(r360162)
@@ -64,17 +64,17 @@ The following
 .Xr sysctl 8
 values are available
 .Bl -tag -width indent
-.It Va dev.hwpstate_intel.%d.\%desc
+.It Va dev.hwpstate_intel.%d.%desc
 Describes the attached driver
 .It dev.hwpstate_intel.0.%desc: Intel Speed Shift
-.It Va dev.hwpstate_intel.%d.\%driver
+.It Va dev.hwpstate_intel.%d.%driver
 Driver in use, always hwpstate_intel.
 .It dev.hwpstate_intel.0.%driver: hwpstate_intel
-.It Va dev.hwpstate_intel.%d.\%parent
-.It dev.hwpstate_intel.0.%parent: cpu0
-The cpu that is exposing these frequencies.
+.It Va dev.hwpstate_intel.%d.%parent
+The CPU that is exposing these frequencies.
 For example
 .Va cpu0 .
+.It dev.hwpstate_intel.0.%parent: cpu0
 .It Va dev.hwpstate_intel.%d.epp
 Energy/Performance Preference.
 Valid values range from 0 to 100.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360161 - stable/11/release/doc/share/xml

[Glen Barber]

Author: gjb
Date: Tue Apr 21 17:05:21 2020
New Revision: 360161
URL: https://svnweb.freebsd.org/changeset/base/360161

Log:
  Document EN-20:07, SA-20:10.
  
  Sponsored by: Rubicon Communications, LLC (netgate.com)

Modified:
  stable/11/release/doc/share/xml/errata.xml
  stable/11/release/doc/share/xml/security.xml

Modified: stable/11/release/doc/share/xml/errata.xml
==
--- stable/11/release/doc/share/xml/errata.xml  Tue Apr 21 17:03:09 2020
(r360160)
+++ stable/11/release/doc/share/xml/errata.xml  Tue Apr 21 17:05:21 2020
(r360161)
@@ -83,6 +83,14 @@
18March2020
Incorrect checksum calculations
   
+
+  
+   FreeBSD-EN-20:07.quotad
+   21April2020
+   Regression with certain NFS
+ servers
+  
 
   
 

Modified: stable/11/release/doc/share/xml/security.xml
==
--- stable/11/release/doc/share/xml/security.xmlTue Apr 21 17:03:09 
2020(r360160)
+++ stable/11/release/doc/share/xml/security.xmlTue Apr 21 17:05:21 
2020(r360161)
@@ -178,6 +178,13 @@
18March2020
Multiple denial of service
   
+
+  
+   FreeBSD-SA-20:10.ipfw
+   21April2020
+   Invalid  handling
+  
 
   
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360160 - svnadmin/conf

[Cy Schubert]

Author: cy
Date: Tue Apr 21 17:03:09 2020
New Revision: 360160
URL: https://svnweb.freebsd.org/changeset/base/360160

Log:
  sqlite3 import into the vendor branch is now complete.

Modified:
  svnadmin/conf/sizelimit.conf

Modified: svnadmin/conf/sizelimit.conf
==
--- svnadmin/conf/sizelimit.confTue Apr 21 17:01:12 2020
(r360159)
+++ svnadmin/conf/sizelimit.confTue Apr 21 17:03:09 2020
(r360160)
@@ -16,7 +16,6 @@
 # First field is username, second field is the raised limit required.
 achim
 bapt
-cy
 davidcs
 dim2048
 imp
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360159 - vendor/sqlite3/sqlite-3310100

[Cy Schubert]

Author: cy
Date: Tue Apr 21 17:01:12 2020
New Revision: 360159
URL: https://svnweb.freebsd.org/changeset/base/360159

Log:
  Tag import of sqlite3-3.31.1 (3310100)

Added:
  vendor/sqlite3/sqlite-3310100/
 - copied from r360158, vendor/sqlite3/dist/
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360158 - in vendor/sqlite3/dist: . tea

[Cy Schubert]

Author: cy
Date: Tue Apr 21 16:58:19 2020
New Revision: 360158
URL: https://svnweb.freebsd.org/changeset/base/360158

Log:
  Import sqlite3-3.31.1 (3310100)

Modified:
  vendor/sqlite3/dist/configure
  vendor/sqlite3/dist/configure.ac
  vendor/sqlite3/dist/sqlite3.c
  vendor/sqlite3/dist/sqlite3.h
  vendor/sqlite3/dist/sqlite3ext.h
  vendor/sqlite3/dist/tea/configure
  vendor/sqlite3/dist/tea/configure.ac

Modified: vendor/sqlite3/dist/configure
==
--- vendor/sqlite3/dist/configure   Tue Apr 21 16:57:15 2020
(r360157)
+++ vendor/sqlite3/dist/configure   Tue Apr 21 16:58:19 2020
(r360158)
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for sqlite 3.31.0.
+# Generated by GNU Autoconf 2.69 for sqlite 3.31.1.
 #
 # Report bugs to .
 #
@@ -590,8 +590,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='sqlite'
 PACKAGE_TARNAME='sqlite'
-PACKAGE_VERSION='3.31.0'
-PACKAGE_STRING='sqlite 3.31.0'
+PACKAGE_VERSION='3.31.1'
+PACKAGE_STRING='sqlite 3.31.1'
 PACKAGE_BUGREPORT='http://www.sqlite.org'
 PACKAGE_URL=''
 
@@ -1341,7 +1341,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures sqlite 3.31.0 to adapt to many kinds of systems.
+\`configure' configures sqlite 3.31.1 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1412,7 +1412,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
- short | recursive ) echo "Configuration of sqlite 3.31.0:";;
+ short | recursive ) echo "Configuration of sqlite 3.31.1:";;
esac
   cat <<\_ACEOF
 
@@ -1537,7 +1537,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sqlite configure 3.31.0
+sqlite configure 3.31.1
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1952,7 +1952,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sqlite $as_me 3.31.0, which was
+It was created by sqlite $as_me 3.31.1, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2818,7 +2818,7 @@ fi
 
 # Define the identity of the package.
  PACKAGE='sqlite'
- VERSION='3.31.0'
+ VERSION='3.31.1'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -14438,7 +14438,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sqlite $as_me 3.31.0, which was
+This file was extended by sqlite $as_me 3.31.1, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES= $CONFIG_FILES
@@ -14495,7 +14495,7 @@ _ACEOF
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; 
s/[\\""\`\$]/&/g'`"
 ac_cs_version="\\
-sqlite config.status 3.31.0
+sqlite config.status 3.31.1
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 

Modified: vendor/sqlite3/dist/configure.ac
==
--- vendor/sqlite3/dist/configure.acTue Apr 21 16:57:15 2020
(r360157)
+++ vendor/sqlite3/dist/configure.acTue Apr 21 16:58:19 2020
(r360158)
@@ -10,7 +10,7 @@
 #
 
 AC_PREREQ(2.61)
-AC_INIT(sqlite, 3.31.0, http://www.sqlite.org)
+AC_INIT(sqlite, 3.31.1, http://www.sqlite.org)
 AC_CONFIG_SRCDIR([sqlite3.c])
 AC_CONFIG_AUX_DIR([.])
 

Modified: vendor/sqlite3/dist/sqlite3.c
==
--- vendor/sqlite3/dist/sqlite3.c   Tue Apr 21 16:57:15 2020
(r360157)
+++ vendor/sqlite3/dist/sqlite3.c   Tue Apr 21 16:58:19 2020
(r360158)
@@ -1,6 +1,6 @@
 /**
 ** This file is an amalgamation of many separate C source files from SQLite
-** version 3.31.0.  By combining all the individual C code files into this
+** version 3.31.1.  By combining all the individual C code files into this
 ** single large file, the entire code can be compiled as a single translation
 ** unit.  This allows many compilers to do optimizations that would not be
 ** possible if the files were compiled separately.  Performance improvements
@@ -1165,9 +1165,9 @@ extern "C" {
 ** [sqlite3_libversion_number()], [sqlite3_sourceid()],
 ** [sqlite_version()] and [sqlite_source_id()].
 */
-#define SQLITE_VERSION"3.31.0"
-#define SQLITE_VERSION_NUMBER 3031000
-#define SQLITE_SOURCE_ID  "2020-01-22 18:38:59 

svn commit: r360157 - svnadmin/conf

[Cy Schubert]

Author: cy
Date: Tue Apr 21 16:57:15 2020
New Revision: 360157
URL: https://svnweb.freebsd.org/changeset/base/360157

Log:
  Sizelimit for sqlite3-3.31.1 (3310100) import.

Modified:
  svnadmin/conf/sizelimit.conf

Modified: svnadmin/conf/sizelimit.conf
==
--- svnadmin/conf/sizelimit.confTue Apr 21 16:52:56 2020
(r360156)
+++ svnadmin/conf/sizelimit.confTue Apr 21 16:57:15 2020
(r360157)
@@ -16,6 +16,7 @@
 # First field is username, second field is the raised limit required.
 achim
 bapt
+cy
 davidcs
 dim2048
 imp
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360156 - stable/12/sys/dev/ipmi

[Alexander Motin]

Author: mav
Date: Tue Apr 21 16:52:56 2020
New Revision: 360156
URL: https://svnweb.freebsd.org/changeset/base/360156

Log:
  MFC r348996 (by jtl):
  The current IPMI KCS code is waiting 100us for all transitions (roughly
  between each byte either sent or received). However, most transitions
  actually complete in 2-3 microseconds.
  
  By polling the status register with a delay of 4us with exponential
  backoff, the performance of most IPMI operations is significantly
  improved:
- A BMC update on a Supermicro x9 or x11 motherboard goes from ~1 hour
  to ~6-8 minutes.
- An ipmitool sensor list time improves by a factor of 4.
  
  Testing showed no significant improvements on a modern server by using
  a lower delay.
  
  The changes should also generally reduce the total amount of CPU or
  I/O bandwidth used for a given IPMI operation.

Modified:
  stable/12/sys/dev/ipmi/ipmi_kcs.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/sys/dev/ipmi/ipmi_kcs.c
==
--- stable/12/sys/dev/ipmi/ipmi_kcs.c   Tue Apr 21 16:13:22 2020
(r360155)
+++ stable/12/sys/dev/ipmi/ipmi_kcs.c   Tue Apr 21 16:52:56 2020
(r360156)
@@ -48,55 +48,46 @@ __FBSDID("$FreeBSD$");
 #include 
 #endif
 
+#definePOLLING_DELAY_MIN 4 /* Waits are 2-3 usecs on typical 
systems */
+#definePOLLING_DELAY_MAX 256
+
 static voidkcs_clear_obf(struct ipmi_softc *, int);
 static voidkcs_error(struct ipmi_softc *);
-static int kcs_wait_for_ibf(struct ipmi_softc *, int);
-static int kcs_wait_for_obf(struct ipmi_softc *, int);
+static int kcs_wait_for_ibf(struct ipmi_softc *, bool);
+static int kcs_wait_for_obf(struct ipmi_softc *, bool);
 
 static int
-kcs_wait_for_ibf(struct ipmi_softc *sc, int state)
+kcs_wait(struct ipmi_softc *sc, int value, int mask)
 {
int status, start = ticks;
+   int delay_usec = POLLING_DELAY_MIN;
 
status = INB(sc, KCS_CTL_STS);
-   if (state == 0) {
-   /* WAIT FOR IBF = 0 */
-   while (ticks - start < MAX_TIMEOUT && status & KCS_STATUS_IBF) {
-   DELAY(100);
-   status = INB(sc, KCS_CTL_STS);
-   }
-   } else {
-   /* WAIT FOR IBF = 1 */
-   while (ticks - start < MAX_TIMEOUT &&
-   !(status & KCS_STATUS_IBF)) {
-   DELAY(100);
-   status = INB(sc, KCS_CTL_STS);
-   }
+   while (ticks - start < MAX_TIMEOUT && (status & mask) != value) {
+   /*
+* The wait delay is increased exponentially to avoid putting
+* significant load on I/O bus.
+*/
+   DELAY(delay_usec);
+   status = INB(sc, KCS_CTL_STS);
+   if (delay_usec < POLLING_DELAY_MAX)
+   delay_usec *= 2;
}
return (status);
 }
 
 static int
-kcs_wait_for_obf(struct ipmi_softc *sc, int state)
+kcs_wait_for_ibf(struct ipmi_softc *sc, bool level)
 {
-   int status, start = ticks;
 
-   status = INB(sc, KCS_CTL_STS);
-   if (state == 0) {
-   /* WAIT FOR OBF = 0 */
-   while (ticks - start < MAX_TIMEOUT && status & KCS_STATUS_OBF) {
-   DELAY(100);
-   status = INB(sc, KCS_CTL_STS);
-   }
-   } else {
-   /* WAIT FOR OBF = 1 */
-   while (ticks - start < MAX_TIMEOUT &&
-   !(status & KCS_STATUS_OBF)) {
-   DELAY(100);
-   status = INB(sc, KCS_CTL_STS);
-   }
-   }
-   return (status);
+   return (kcs_wait(sc, level ? KCS_STATUS_IBF : 0, KCS_STATUS_IBF));
+}
+
+static int
+kcs_wait_for_obf(struct ipmi_softc *sc, bool level)
+{
+
+   return (kcs_wait(sc, level ? KCS_STATUS_OBF : 0, KCS_STATUS_OBF));
 }
 
 static void
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360155 - head/sys/sys

[Kyle Evans]

Author: kevans
Date: Tue Apr 21 16:13:22 2020
New Revision: 360155
URL: https://svnweb.freebsd.org/changeset/base/360155

Log:
  kevent32: fix the split of data into data1/data2
  
  The current situation results in intermittent breakage if data gets split up
  with the sign bit set on the data1 half of it, as PAIR32TO64 will then:
  data1 | (data2 << 32) -> resulting in data1 getting sign-extended when it's
  implicitly widened and clobbering the result. AFAICT, there's no compelling
  reason for these to be signed.
  
  This was most exposed by flakiness in the kqueue timer tests under compat32
  after the ABSTIME test got switched over to using a better clock and
  microseconds.
  
  Reviewed by:  kib
  MFC after:3 days
  Differential Revision:https://reviews.freebsd.org/D24518

Modified:
  head/sys/sys/event.h

Modified: head/sys/sys/event.h
==
--- head/sys/sys/event.hTue Apr 21 16:01:44 2020(r360154)
+++ head/sys/sys/event.hTue Apr 21 16:13:22 2020(r360155)
@@ -111,7 +111,7 @@ struct kevent32 {
 #ifndef __amd64__
uint32_tpad0;
 #endif
-   int32_t data1, data2;
+   uint32_tdata1, data2;
uint32_tudata;  /* opaque user data identifier */
 #ifndef __amd64__
uint32_tpad1;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360154 - head/sys/vm

[Mark Johnston]

Author: markj
Date: Tue Apr 21 16:01:44 2020
New Revision: 360154
URL: https://svnweb.freebsd.org/changeset/base/360154

Log:
  Factor out the kmem contig page alloc and reclamation code.
  
  kmem_alloc_attr_domain() and kmem_alloc_contig_domain() duplicated each
  other's page allocation and reclamation logic.  Place it in a single
  function to make it easier to add additional consumers.  No functional
  change intended.
  
  Reviewed by:  jeff, kib
  MFC after:1 week
  Sponsored by: The FreeBSD Foundation
  Differential Revision:https://reviews.freebsd.org/D24475

Modified:
  head/sys/vm/vm_kern.c

Modified: head/sys/vm/vm_kern.c
==
--- head/sys/vm/vm_kern.c   Tue Apr 21 15:55:28 2020(r360153)
+++ head/sys/vm/vm_kern.c   Tue Apr 21 16:01:44 2020(r360154)
@@ -169,6 +169,35 @@ kva_free(vm_offset_t addr, vm_size_t size)
vmem_free(kernel_arena, addr, size);
 }
 
+static vm_page_t
+kmem_alloc_contig_pages(vm_object_t object, vm_pindex_t pindex, int domain,
+int pflags, u_long npages, vm_paddr_t low, vm_paddr_t high,
+u_long alignment, vm_paddr_t boundary, vm_memattr_t memattr)
+{
+   vm_page_t m;
+   int tries;
+   bool wait;
+
+   VM_OBJECT_ASSERT_WLOCKED(object);
+
+   wait = (pflags & VM_ALLOC_WAITOK) != 0;
+   pflags &= ~(VM_ALLOC_NOWAIT | VM_ALLOC_WAITOK | VM_ALLOC_WAITFAIL);
+   pflags |= VM_ALLOC_NOWAIT;
+   for (tries = wait ? 3 : 1;; tries--) {
+   m = vm_page_alloc_contig_domain(object, pindex, domain, pflags,
+   npages, low, high, alignment, boundary, memattr);
+   if (m != NULL || tries == 0)
+   break;
+
+   VM_OBJECT_WUNLOCK(object);
+   if (!vm_page_reclaim_contig_domain(domain, pflags, npages,
+   low, high, alignment, boundary) && wait)
+   vm_wait_domain(domain);
+   VM_OBJECT_WLOCK(object);
+   }
+   return (m);
+}
+
 /*
  * Allocates a region from the kernel address map and physical pages
  * within the specified address range to the kernel object.  Creates a
@@ -182,38 +211,26 @@ kmem_alloc_attr_domain(int domain, vm_size_t size, int
 vm_paddr_t high, vm_memattr_t memattr)
 {
vmem_t *vmem;
-   vm_object_t object = kernel_object;
+   vm_object_t object;
vm_offset_t addr, i, offset;
vm_page_t m;
-   int pflags, tries;
+   int pflags;
vm_prot_t prot;
 
+   object = kernel_object;
size = round_page(size);
vmem = vm_dom[domain].vmd_kernel_arena;
if (vmem_alloc(vmem, size, M_BESTFIT | flags, ))
return (0);
offset = addr - VM_MIN_KERNEL_ADDRESS;
pflags = malloc2vm_flags(flags) | VM_ALLOC_WIRED;
-   pflags &= ~(VM_ALLOC_NOWAIT | VM_ALLOC_WAITOK | VM_ALLOC_WAITFAIL);
-   pflags |= VM_ALLOC_NOWAIT;
prot = (flags & M_EXEC) != 0 ? VM_PROT_ALL : VM_PROT_RW;
VM_OBJECT_WLOCK(object);
for (i = 0; i < size; i += PAGE_SIZE) {
-   tries = 0;
-retry:
-   m = vm_page_alloc_contig_domain(object, atop(offset + i),
+   m = kmem_alloc_contig_pages(object, atop(offset + i),
domain, pflags, 1, low, high, PAGE_SIZE, 0, memattr);
if (m == NULL) {
VM_OBJECT_WUNLOCK(object);
-   if (tries < ((flags & M_NOWAIT) != 0 ? 1 : 3)) {
-   if (!vm_page_reclaim_contig_domain(domain,
-   pflags, 1, low, high, PAGE_SIZE, 0) &&
-   (flags & M_WAITOK) != 0)
-   vm_wait_domain(domain);
-   VM_OBJECT_WLOCK(object);
-   tries++;
-   goto retry;
-   }
kmem_unback(object, addr, i);
vmem_free(vmem, addr, size);
return (0);
@@ -273,37 +290,25 @@ kmem_alloc_contig_domain(int domain, vm_size_t size, i
 vm_memattr_t memattr)
 {
vmem_t *vmem;
-   vm_object_t object = kernel_object;
+   vm_object_t object;
vm_offset_t addr, offset, tmp;
vm_page_t end_m, m;
u_long npages;
-   int pflags, tries;
- 
+   int pflags;
+
+   object = kernel_object;
size = round_page(size);
vmem = vm_dom[domain].vmd_kernel_arena;
if (vmem_alloc(vmem, size, flags | M_BESTFIT, ))
return (0);
offset = addr - VM_MIN_KERNEL_ADDRESS;
pflags = malloc2vm_flags(flags) | VM_ALLOC_WIRED;
-   pflags &= ~(VM_ALLOC_NOWAIT | VM_ALLOC_WAITOK | VM_ALLOC_WAITFAIL);
-   pflags |= VM_ALLOC_NOWAIT;
npages = atop(size);
VM_OBJECT_WLOCK(object);
-   tries = 0;
-retry:
-   m = 

svn commit: r360153 - head/sys/vm

[Mark Johnston]

Author: markj
Date: Tue Apr 21 15:55:28 2020
New Revision: 360153
URL: https://svnweb.freebsd.org/changeset/base/360153

Log:
  Minimize conditional compilation for handling of M_EXEC.
  
  This simplifies some planned changes.  No functional change intended.
  
  Reviewed by:  kib
  MFC after:1 week
  Sponsored by: The FreeBSD Foundation
  Differential Revision:https://reviews.freebsd.org/D24474

Modified:
  head/sys/vm/vm_kern.c

Modified: head/sys/vm/vm_kern.c
==
--- head/sys/vm/vm_kern.c   Tue Apr 21 15:55:08 2020(r360152)
+++ head/sys/vm/vm_kern.c   Tue Apr 21 15:55:28 2020(r360153)
@@ -402,14 +402,10 @@ kmem_malloc_domain(int domain, vm_size_t size, int fla
vm_offset_t addr;
int rv;
 
-#if VM_NRESERVLEVEL > 0
if (__predict_true((flags & M_EXEC) == 0))
arena = vm_dom[domain].vmd_kernel_arena;
else
arena = vm_dom[domain].vmd_kernel_rwx_arena;
-#else
-   arena = vm_dom[domain].vmd_kernel_arena;
-#endif
size = round_page(size);
if (vmem_alloc(arena, size, flags | M_BESTFIT, ))
return (0);
@@ -501,10 +497,8 @@ retry:
vm_page_valid(m);
pmap_enter(kernel_pmap, addr + i, m, prot,
prot | PMAP_ENTER_WIRED, 0);
-#if VM_NRESERVLEVEL > 0
if (__predict_false((prot & VM_PROT_EXECUTE) != 0))
m->oflags |= VPO_KMEM_EXEC;
-#endif
}
VM_OBJECT_WUNLOCK(object);
 
@@ -578,14 +572,10 @@ _kmem_unback(vm_object_t object, vm_offset_t addr, vm_
VM_OBJECT_WLOCK(object);
m = vm_page_lookup(object, atop(offset)); 
domain = vm_phys_domain(m);
-#if VM_NRESERVLEVEL > 0
if (__predict_true((m->oflags & VPO_KMEM_EXEC) == 0))
arena = vm_dom[domain].vmd_kernel_arena;
else
arena = vm_dom[domain].vmd_kernel_rwx_arena;
-#else
-   arena = vm_dom[domain].vmd_kernel_arena;
-#endif
for (; offset < end; offset += PAGE_SIZE, m = next) {
next = vm_page_next(m);
vm_page_xbusy_claim(m);
@@ -814,6 +804,9 @@ kmem_init(vm_offset_t start, vm_offset_t end)
vmem_set_import(vm_dom[domain].vmd_kernel_rwx_arena,
kva_import_domain, (vmem_release_t *)vmem_xfree,
kernel_arena, KVA_QUANTUM);
+#else
+   vm_dom[domain].vmd_kernel_rwx_arena =
+   vm_dom[domain].vmd_kernel_arena;
 #endif
}
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360152 - head/tests/sys/kqueue/libkqueue

[Alex Richardson]

Author: arichardson
Date: Tue Apr 21 15:55:08 2020
New Revision: 360152
URL: https://svnweb.freebsd.org/changeset/base/360152

Log:
  Remove extern from function declarations in common.h
  
  Suggested by: cem

Modified:
  head/tests/sys/kqueue/libkqueue/common.h

Modified: head/tests/sys/kqueue/libkqueue/common.h
==
--- head/tests/sys/kqueue/libkqueue/common.hTue Apr 21 15:54:08 2020
(r360151)
+++ head/tests/sys/kqueue/libkqueue/common.hTue Apr 21 15:55:08 2020
(r360152)
@@ -43,7 +43,7 @@
 extern int vnode_fd;
 extern int kqfd;
 
-extern char * kevent_to_str(struct kevent *);
+char * kevent_to_str(struct kevent *);
 struct kevent * kevent_get(int);
 struct kevent * kevent_get_timeout(int, int);
 
@@ -70,19 +70,19 @@ kevent_add(int kqfd, struct kevent *kev, 
 } while (0);
 
 /* Checks if any events are pending, which is an error. */
-extern void test_no_kevents(void);
-extern void test_no_kevents_quietly(void);
+void test_no_kevents(void);
+void test_no_kevents_quietly(void);
 
-extern void test_begin(const char *);
-extern void success(void);
+void test_begin(const char *);
+void success(void);
 
-extern void test_evfilt_read(void);
-extern void test_evfilt_signal(void);
-extern void test_evfilt_vnode(void);
-extern void test_evfilt_timer(void);
-extern void test_evfilt_proc(void);
+void test_evfilt_read(void);
+void test_evfilt_signal(void);
+void test_evfilt_vnode(void);
+void test_evfilt_timer(void);
+void test_evfilt_proc(void);
 #if HAVE_EVFILT_USER
-extern void test_evfilt_user(void);
+void test_evfilt_user(void);
 #endif
 
 #endif  /* _COMMON_H */
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360151 - in releng: 11.3 11.3/sys/conf 12.1 12.1/sys/conf

[Gordon Tetlow]

Author: gordon
Date: Tue Apr 21 15:54:08 2020
New Revision: 360151
URL: https://svnweb.freebsd.org/changeset/base/360151

Log:
  Add UPDATING entries and bump version.
  
  Approved by:  so

Modified:
  releng/11.3/UPDATING
  releng/11.3/sys/conf/newvers.sh
  releng/12.1/UPDATING
  releng/12.1/sys/conf/newvers.sh

Modified: releng/11.3/UPDATING
==
--- releng/11.3/UPDATINGTue Apr 21 15:53:08 2020(r360150)
+++ releng/11.3/UPDATINGTue Apr 21 15:54:08 2020(r360151)
@@ -16,6 +16,13 @@ from older versions of FreeBSD, try WITHOUT_CLANG and 
 the tip of head, and then rebuild without this option. The bootstrap process
 from older version of current across the gcc/clang cutover is a bit fragile.
 
+20200421   p8  FreeBSD-EN-20:07.quotad
+   FreeBSD-SA-20:10.ipfw
+
+Fix regression in rpc.rquotad with certain NFS servers 
[EN-20:07.quotad]
+
+Fix ipfw invalid mbuf handling [SA-20:10.ipfw]
+
 20200319   p7  FreeBSD-EN-20:04.pfctl
FreeBSD-EN-20:06.ipv6
FreeBSD-SA-20:04.tcp

Modified: releng/11.3/sys/conf/newvers.sh
==
--- releng/11.3/sys/conf/newvers.sh Tue Apr 21 15:53:08 2020
(r360150)
+++ releng/11.3/sys/conf/newvers.sh Tue Apr 21 15:54:08 2020
(r360151)
@@ -44,7 +44,7 @@
 
 TYPE="FreeBSD"
 REVISION="11.3"
-BRANCH="RELEASE-p7"
+BRANCH="RELEASE-p8"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
BRANCH=${BRANCH_OVERRIDE}
 fi

Modified: releng/12.1/UPDATING
==
--- releng/12.1/UPDATINGTue Apr 21 15:53:08 2020(r360150)
+++ releng/12.1/UPDATINGTue Apr 21 15:54:08 2020(r360151)
@@ -16,6 +16,16 @@ from older versions of FreeBSD, try WITHOUT_CLANG and 
 the tip of head, and then rebuild without this option. The bootstrap process
 from older version of current across the gcc/clang cutover is a bit fragile.
 
+20200421   p4  FreeBSD-EN-20:07.quotad
+   FreeBSD-SA-20:10.ipfw
+   FreeBSD-SA-20:11.openssl
+
+Fix regression in rpc.rquotad with certain NFS servers 
[EN-20:07.quotad]
+
+Fix ipfw invalid mbuf handling [SA-20:10.ipfw]
+
+Fix OpenSSL remote denial of service vulnerability [SA-20:11.openssl]
+
 20200319   p3  FreeBSD-EN-20:03.sshd
FreeBSD-EN-20:05.mlx5en
FreeBSD-EN-20:06.ipv6

Modified: releng/12.1/sys/conf/newvers.sh
==
--- releng/12.1/sys/conf/newvers.sh Tue Apr 21 15:53:08 2020
(r360150)
+++ releng/12.1/sys/conf/newvers.sh Tue Apr 21 15:54:08 2020
(r360151)
@@ -46,7 +46,7 @@
 
 TYPE="FreeBSD"
 REVISION="12.1"
-BRANCH="RELEASE-p3"
+BRANCH="RELEASE-p4"
 if [ -n "${BRANCH_OVERRIDE}" ]; then
BRANCH=${BRANCH_OVERRIDE}
 fi
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360150 - releng/12.1/crypto/openssl/ssl

[Gordon Tetlow]

Author: gordon
Date: Tue Apr 21 15:53:08 2020
New Revision: 360150
URL: https://svnweb.freebsd.org/changeset/base/360150

Log:
  Fix OpenSSL remote denial of service vulnerability.
  
  Approved by:  so
  Security: FreeBSD-SA-20:11.openssl
  Security: CVE-2020-1967

Modified:
  releng/12.1/crypto/openssl/ssl/t1_lib.c

Modified: releng/12.1/crypto/openssl/ssl/t1_lib.c
==
--- releng/12.1/crypto/openssl/ssl/t1_lib.c Tue Apr 21 15:52:22 2020
(r360149)
+++ releng/12.1/crypto/openssl/ssl/t1_lib.c Tue Apr 21 15:53:08 2020
(r360150)
@@ -2099,7 +2099,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int def
 sigalg = use_pc_sigalgs
  ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
  : s->shared_sigalgs[i];
-if (sig_nid == sigalg->sigandhash)
+if (sigalg != NULL && sig_nid == sigalg->sigandhash)
 return 1;
 }
 return 0;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360149 - in releng: 11.3/sys/netpfil/ipfw 12.1/sys/netpfil/ipfw

[Gordon Tetlow]

Author: gordon
Date: Tue Apr 21 15:52:22 2020
New Revision: 360149
URL: https://svnweb.freebsd.org/changeset/base/360149

Log:
  Fix ipfw invalid mbuf handling.
  
  Approved by:  so
  Security: FreeBSD-SA-20:10.ipfw
  Security: CVE-2019-5614
  Security: CVE-2019-15874

Modified:
  releng/11.3/sys/netpfil/ipfw/ip_fw2.c
  releng/12.1/sys/netpfil/ipfw/ip_fw2.c

Modified: releng/11.3/sys/netpfil/ipfw/ip_fw2.c
==
--- releng/11.3/sys/netpfil/ipfw/ip_fw2.c   Tue Apr 21 15:50:57 2020
(r360148)
+++ releng/11.3/sys/netpfil/ipfw/ip_fw2.c   Tue Apr 21 15:52:22 2020
(r360149)
@@ -328,53 +328,74 @@ ipopts_match(struct ip *ip, ipfw_insn *cmd)
return (flags_match(cmd, bits));
 }
 
+/*
+ * Parse TCP options. The logic copied from tcp_dooptions().
+ */
 static int
-tcpopts_match(struct tcphdr *tcp, ipfw_insn *cmd)
+tcpopts_parse(const struct tcphdr *tcp, uint16_t *mss)
 {
+   const u_char *cp = (const u_char *)(tcp + 1);
int optlen, bits = 0;
-   u_char *cp = (u_char *)(tcp + 1);
-   int x = (tcp->th_off << 2) - sizeof(struct tcphdr);
+   int cnt = (tcp->th_off << 2) - sizeof(struct tcphdr);
 
-   for (; x > 0; x -= optlen, cp += optlen) {
+   for (; cnt > 0; cnt -= optlen, cp += optlen) {
int opt = cp[0];
if (opt == TCPOPT_EOL)
break;
if (opt == TCPOPT_NOP)
optlen = 1;
else {
+   if (cnt < 2)
+   break;
optlen = cp[1];
-   if (optlen <= 0)
+   if (optlen < 2 || optlen > cnt)
break;
}
 
switch (opt) {
-
default:
break;
 
case TCPOPT_MAXSEG:
+   if (optlen != TCPOLEN_MAXSEG)
+   break;
bits |= IP_FW_TCPOPT_MSS;
+   if (mss != NULL)
+   *mss = be16dec(cp + 2);
break;
 
case TCPOPT_WINDOW:
-   bits |= IP_FW_TCPOPT_WINDOW;
+   if (optlen == TCPOLEN_WINDOW)
+   bits |= IP_FW_TCPOPT_WINDOW;
break;
 
case TCPOPT_SACK_PERMITTED:
+   if (optlen == TCPOLEN_SACK_PERMITTED)
+   bits |= IP_FW_TCPOPT_SACK;
+   break;
+
case TCPOPT_SACK:
-   bits |= IP_FW_TCPOPT_SACK;
+   if (optlen > 2 && (optlen - 2) % TCPOLEN_SACK == 0)
+   bits |= IP_FW_TCPOPT_SACK;
break;
 
case TCPOPT_TIMESTAMP:
-   bits |= IP_FW_TCPOPT_TS;
+   if (optlen == TCPOLEN_TIMESTAMP)
+   bits |= IP_FW_TCPOPT_TS;
break;
-
}
}
-   return (flags_match(cmd, bits));
+   return (bits);
 }
 
 static int
+tcpopts_match(struct tcphdr *tcp, ipfw_insn *cmd)
+{
+
+   return (flags_match(cmd, tcpopts_parse(tcp, NULL)));
+}
+
+static int
 iface_match(struct ifnet *ifp, ipfw_insn_if *cmd, struct ip_fw_chain *chain,
 uint32_t *tablearg)
 {
@@ -1419,17 +1440,31 @@ ipfw_chk(struct ip_fw_args *args)
  * this way).
  */
 #define PULLUP_TO(_len, p, T)  PULLUP_LEN(_len, p, sizeof(T))
-#define PULLUP_LEN(_len, p, T) \
+#define_PULLUP_LOCKED(_len, p, T, unlock)  \
 do {   \
int x = (_len) + T; \
if ((m)->m_len < x) {   \
args->m = m = m_pullup(m, x);   \
-   if (m == NULL)  \
+   if (m == NULL) {\
+   unlock; \
goto pullup_failed; \
+   }   \
}   \
p = (mtod(m, char *) + (_len)); \
 } while (0)
 
+#definePULLUP_LEN(_len, p, T)  _PULLUP_LOCKED(_len, p, T, )
+#definePULLUP_LEN_LOCKED(_len, p, T)   \
+_PULLUP_LOCKED(_len, p, T, IPFW_PF_RUNLOCK(chain));\
+UPDATE_POINTERS()
+/*
+ * In case pointers got stale after pullups, update them.
+ */
+#defineUPDATE_POINTERS()   \
+do {   \
+   ip = mtod(m, struct ip *);  \
+} while (0)
+
/*
 * if we have an 

svn commit: r360148 - in releng: 11.3/usr.bin/quota 12.1/usr.bin/quota

[Gordon Tetlow]

Author: gordon
Date: Tue Apr 21 15:50:57 2020
New Revision: 360148
URL: https://svnweb.freebsd.org/changeset/base/360148

Log:
  Fix regression in rpc.rquotad with certain NFS servers.
  
  Approved by:  so
  Security: FreeBSD-EN-20:07.quotad

Modified:
  releng/11.3/usr.bin/quota/quota.c
  releng/12.1/usr.bin/quota/quota.c

Modified: releng/11.3/usr.bin/quota/quota.c
==
--- releng/11.3/usr.bin/quota/quota.c   Tue Apr 21 15:47:58 2020
(r360147)
+++ releng/11.3/usr.bin/quota/quota.c   Tue Apr 21 15:50:57 2020
(r360148)
@@ -604,7 +604,7 @@ getnfsquota(struct statfs *fst, struct quotause *qup, 
call_stat = callaurpc(host, RQUOTAPROG, EXT_RQUOTAVERS,
  RQUOTAPROC_GETQUOTA, 
(xdrproc_t)xdr_ext_getquota_args, (char *)_args,
  (xdrproc_t)xdr_getquota_rslt, (char *)_rslt);
-   if (call_stat == RPC_PROGVERSMISMATCH) {
+   if (call_stat == RPC_PROGVERSMISMATCH || call_stat == 
RPC_PROGNOTREGISTERED) {
if (quotatype == USRQUOTA) {
old_gq_args.gqa_pathp = cp + 1;
old_gq_args.gqa_uid = id;

Modified: releng/12.1/usr.bin/quota/quota.c
==
--- releng/12.1/usr.bin/quota/quota.c   Tue Apr 21 15:47:58 2020
(r360147)
+++ releng/12.1/usr.bin/quota/quota.c   Tue Apr 21 15:50:57 2020
(r360148)
@@ -606,7 +606,7 @@ getnfsquota(struct statfs *fst, struct quotause *qup, 
call_stat = callaurpc(host, RQUOTAPROG, EXT_RQUOTAVERS,
  RQUOTAPROC_GETQUOTA, 
(xdrproc_t)xdr_ext_getquota_args, (char *)_args,
  (xdrproc_t)xdr_getquota_rslt, (char *)_rslt);
-   if (call_stat == RPC_PROGVERSMISMATCH) {
+   if (call_stat == RPC_PROGVERSMISMATCH || call_stat == 
RPC_PROGNOTREGISTERED) {
if (quotatype == USRQUOTA) {
old_gq_args.gqa_pathp = cp + 1;
old_gq_args.gqa_uid = id;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360147 - stable/12/crypto/openssl/ssl

[Gordon Tetlow]

Author: gordon
Date: Tue Apr 21 15:47:58 2020
New Revision: 360147
URL: https://svnweb.freebsd.org/changeset/base/360147

Log:
  MFC: r360146
  Fix OpenSSL remote denial of service.
  
  See https://www.openssl.org/news/secadv/20200421.txt for details.
  
  Approved by:  so
  Security: FreeBSD-SA-20:11.openssl
  Security: CVE-2020-1967

Modified:
  stable/12/crypto/openssl/ssl/t1_lib.c
Directory Properties:
  stable/12/   (props changed)

Modified: stable/12/crypto/openssl/ssl/t1_lib.c
==
--- stable/12/crypto/openssl/ssl/t1_lib.c   Tue Apr 21 15:44:20 2020
(r360146)
+++ stable/12/crypto/openssl/ssl/t1_lib.c   Tue Apr 21 15:47:58 2020
(r360147)
@@ -2130,7 +2130,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int def
 sigalg = use_pc_sigalgs
  ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
  : s->shared_sigalgs[i];
-if (sig_nid == sigalg->sigandhash)
+if (sigalg != NULL && sig_nid == sigalg->sigandhash)
 return 1;
 }
 return 0;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360146 - head/crypto/openssl/ssl

[Gordon Tetlow]

Author: gordon
Date: Tue Apr 21 15:44:20 2020
New Revision: 360146
URL: https://svnweb.freebsd.org/changeset/base/360146

Log:
  Fix OpenSSL remote denial of service.
  
  See https://www.openssl.org/news/secadv/20200421.txt for details.
  
  Approved by:  so
  Security: CVE-2020-1967

Modified:
  head/crypto/openssl/ssl/t1_lib.c

Modified: head/crypto/openssl/ssl/t1_lib.c
==
--- head/crypto/openssl/ssl/t1_lib.cTue Apr 21 13:57:51 2020
(r360145)
+++ head/crypto/openssl/ssl/t1_lib.cTue Apr 21 15:44:20 2020
(r360146)
@@ -2130,7 +2130,7 @@ static int tls1_check_sig_alg(SSL *s, X509 *x, int def
 sigalg = use_pc_sigalgs
  ? tls1_lookup_sigalg(s->s3->tmp.peer_cert_sigalgs[i])
  : s->shared_sigalgs[i];
-if (sig_nid == sigalg->sigandhash)
+if (sigalg != NULL && sig_nid == sigalg->sigandhash)
 return 1;
 }
 return 0;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r360126 - head/sys/dev/evdev

[Justin Hibbits]

On Mon, 20 Apr 2020 22:13:51 +0300
Vladimir Kondratyev  wrote:

> On 20.04.2020 19:39, Justin Hibbits wrote:
> > But I'm curious, why not attach to sysmouse(4) and kbdmux(4)?  What
> > breakage does that cause?  I could maybe see not attaching to
> > sysmouse(4) by default, if the protocol isn't expressive enough, but
> > kbdmux(4) should be sufficient.
> >
> > - Justin  
> 
> kbdmux(4) is pretty good for standard 102-104-keys keyboards found at
> common desktops.
> 
> But it does not work that good with some laptop ones.
> 
> There are no "Flight mode on/off", "Touchpad on/off" e.t.c. events
> defined in AT-keyset but they exist in evdev-keyset.
> 
> Unfortunately, we do not support keymap uploading in our drivers yet
> to make utilization of this advantage easy
> 
> but IMO its better to switch to direct key-event reporting earlier
> rather than later.
> 

Thanks for that explanation.  I tried thinking of any way these
capabilities could be added to kbdmux, but they really are keyboard
specific events, so wouldn't belong in kbdmux anyway.

I'd be interested in adding the necessary capabilities to adb(4), to
remove this special casing.  I have a PowerBook G4 Ti to use for such a
task.

- Justin
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360145 - head/sys/fs/autofs

[Edward Tomasz Napierala]

Author: trasz
Date: Tue Apr 21 13:57:51 2020
New Revision: 360145
URL: https://svnweb.freebsd.org/changeset/base/360145

Log:
  Silence down a warning which should really be a debug message.
  
  MFC after:2 weeks
  Sponsored by: DARPA

Modified:
  head/sys/fs/autofs/autofs_vfsops.c

Modified: head/sys/fs/autofs/autofs_vfsops.c
==
--- head/sys/fs/autofs/autofs_vfsops.c  Tue Apr 21 13:30:00 2020
(r360144)
+++ head/sys/fs/autofs/autofs_vfsops.c  Tue Apr 21 13:57:51 2020
(r360145)
@@ -128,7 +128,7 @@ autofs_unmount(struct mount *mp, int mntflags)
flags |= FORCECLOSE;
error = vflush(mp, 0, flags, curthread);
if (error != 0) {
-   AUTOFS_WARN("vflush failed with error %d", error);
+   AUTOFS_DEBUG("vflush failed with error %d", error);
return (error);
}
 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360144 - head/contrib/blacklist/bin

[Ed Maste]

Author: emaste
Date: Tue Apr 21 13:30:00 2020
New Revision: 360144
URL: https://svnweb.freebsd.org/changeset/base/360144

Log:
  blacklistd.8: fix db file path
  
  PR:   245781
  Submitted by: Jose Luis Duran
  MFC after:3 days

Modified:
  head/contrib/blacklist/bin/blacklistd.8

Modified: head/contrib/blacklist/bin/blacklistd.8
==
--- head/contrib/blacklist/bin/blacklistd.8 Tue Apr 21 13:05:44 2020
(r360143)
+++ head/contrib/blacklist/bin/blacklistd.8 Tue Apr 21 13:30:00 2020
(r360144)
@@ -153,7 +153,7 @@ The name of the configuration file to read, usually
 The Berkeley DB file where
 .Nm
 stores its state, usually
-.Pa /var/run/blacklistd.db .
+.Pa /var/db/blacklistd.db .
 .It Fl d
 Normally,
 .Nm
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r360143 - in head/sys/netinet: . tcp_stacks

[Richard Scheffenegger]

Author: rscheff
Date: Tue Apr 21 13:05:44 2020
New Revision: 360143
URL: https://svnweb.freebsd.org/changeset/base/360143

Log:
  Correctly set up the initial TCP congestion window
  in all cases, by adjust snd_una right after the
  connection initialization, to include the one byte
  in sequence space occupied by the SYN bit.
  
  This does not change the regular ACK processing,
  while making the BYTES_THIS_ACK macro to work properly.
  
  PR:   235256
  Reviewed by:  tuexen (mentor), rgrimes (mentor)
  Approved by:  tuexen (mentor), rgrimes (mentor)
  MFC after:2 weeks
  Sponsored by: NetApp, Inc.
  Differential Revision:https://reviews.freebsd.org/D19000

Modified:
  head/sys/netinet/tcp_input.c
  head/sys/netinet/tcp_stacks/bbr.c
  head/sys/netinet/tcp_stacks/rack.c

Modified: head/sys/netinet/tcp_input.c
==
--- head/sys/netinet/tcp_input.cTue Apr 21 05:00:35 2020
(r360142)
+++ head/sys/netinet/tcp_input.cTue Apr 21 13:05:44 2020
(r360143)
@@ -2374,12 +2374,6 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru
if (IS_FASTOPEN(tp->t_flags) && tp->t_tfo_pending) {
tcp_fastopen_decrement_counter(tp->t_tfo_pending);
tp->t_tfo_pending = NULL;
-
-   /*
-* Account for the ACK of our SYN prior to
-* regular ACK processing below.
-*/
-   tp->snd_una++;
}
if (tp->t_flags & TF_NEEDFIN) {
tcp_state_change(tp, TCPS_FIN_WAIT_1);
@@ -2399,6 +2393,12 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru
cc_conn_init(tp);
tcp_timer_activate(tp, TT_KEEP, TP_KEEPIDLE(tp));
}
+   if (SEQ_GT(th->th_ack, tp->snd_una))
+   /*
+* Account for the ACK of our SYN prior to
+* regular ACK processing below.
+*/
+   tp->snd_una++;
/*
 * If segment contains data or ACK, will call tcp_reass()
 * later; if not, do so now to pass queued data to user.

Modified: head/sys/netinet/tcp_stacks/bbr.c
==
--- head/sys/netinet/tcp_stacks/bbr.c   Tue Apr 21 05:00:35 2020
(r360142)
+++ head/sys/netinet/tcp_stacks/bbr.c   Tue Apr 21 13:05:44 2020
(r360143)
@@ -9325,11 +9325,6 @@ bbr_do_syn_recv(struct mbuf *m, struct tcphdr *th, str
 
tcp_fastopen_decrement_counter(tp->t_tfo_pending);
tp->t_tfo_pending = NULL;
-   /*
-* Account for the ACK of our SYN prior to regular
-* ACK processing below.
-*/
-   tp->snd_una++;
}
/*
 * Make transitions: SYN-RECEIVED  -> ESTABLISHED SYN-RECEIVED* ->
@@ -9352,6 +9347,12 @@ bbr_do_syn_recv(struct mbuf *m, struct tcphdr *th, str
if (!IS_FASTOPEN(tp->t_flags))
cc_conn_init(tp);
}
+   if (SEQ_GT(th->th_ack, tp->snd_una))
+   /*
+* Account for the ACK of our SYN prior to
+* regular ACK processing below.
+*/
+   tp->snd_una++;
/*
 * If segment contains data or ACK, will call tcp_reass() later; if
 * not, do so now to pass queued data to user.

Modified: head/sys/netinet/tcp_stacks/rack.c
==
--- head/sys/netinet/tcp_stacks/rack.c  Tue Apr 21 05:00:35 2020
(r360142)
+++ head/sys/netinet/tcp_stacks/rack.c  Tue Apr 21 13:05:44 2020
(r360143)
@@ -6539,12 +6539,6 @@ rack_do_syn_recv(struct mbuf *m, struct tcphdr *th, st
if (IS_FASTOPEN(tp->t_flags) && tp->t_tfo_pending) {
tcp_fastopen_decrement_counter(tp->t_tfo_pending);
tp->t_tfo_pending = NULL;
-
-   /*
-* Account for the ACK of our SYN prior to
-* regular ACK processing below.
-*/
-   tp->snd_una++;
}
if (tp->t_flags & TF_NEEDFIN) {
tcp_state_change(tp, TCPS_FIN_WAIT_1);
@@ -6562,6 +6556,12 @@ rack_do_syn_recv(struct mbuf *m, struct tcphdr *th, st
if (!IS_FASTOPEN(tp->t_flags))
cc_conn_init(tp);
}
+   if (SEQ_GT(th->th_ack, tp->snd_una))
+   /*
+* Account for the ACK of our SYN prior to
+* regular ACK processing below.
+*/
+   tp->snd_una++;
/*
 * If segment contains data or ACK, will call tcp_reass() later; if
 * not, do so now 

Re: svn commit: r360068 - in head/sys: kern net sys

[Kristof Provost]

On 21 Apr 2020, at 4:34, Kyle Evans wrote:

On Mon, Apr 20, 2020 at 9:14 PM Kyle Evans  wrote:


On Mon, Apr 20, 2020 at 8:15 PM Eric van Gyzen  
wrote:



+  sz = asprintf(, M_TEMP, "%s-%s-%s", uuid, if_name(ifp),
+  jailname);
+  if (sz < 0) {
+  /* Fall back to a random mac address. */



I was wondering if it would be valuable to give this fall back 
something

like:

printf("%s: unable to create fixed mac address; using 
random

mac address", if_name(ifp));

This will only be printed in rare circumstances. But in that case 
will

provide valuable information.

That would potentially be valuable, yes. On the other hand, we 
traditionally
don???t sprinkle a lot of printf()s around in the kernel. This is 
extremely
unlikely to happen, and if it does odds are attaching the 
interface will
fail at an earlier or later point, you may struggle to pass 
packets and run

into any number of other issues.
It???s also possible to diagnose absent the printf(), because the 
MAC
address will be locally administered rather than within the 
FreeBSD OUI.


So, in short: not a bad idea. You can argue it both ways, and I 
find myself

(weakly) on the opposite side.


Would displaying the message only when verbose boot mode is enabled 
be

a suitable compromise?


We could completely avoid the problems of dynamic allocation by 
calling

SHA1Update three times, feeding each piece of data separately.

For bonus points, use a single char[] to save stack space, too.  
Maybe
use a union, for legibility, and to ensure the proper size without 
ugly

assertions.



To be honest, I'd be more inclined to just revert this part of it and
push it all back onto the stack. It's still < 512 bytes and pretty
much always called in short paths because it's generally only used
during initial creation of some ifnet; I found the concern about the
stack usage here, specifically, a bit dubious in the first place, and
this follow-up hasn't left me enjoying it any further.



Sorry, to clarify: I'm also pretty much OK with SHA1Update 3x if I'm
alone in the "don't really care about this particular stack usage"
camp, but I've found it useful that they're currently joined into a
single buffer as I've had occasion to dump it in the past to confirm
my understanding of the pedigree of the output, in case of, e.g.,
generated conflicts.


For what it’s worth, I’m in your camp: a few hundred bytes of stack 
use doesn’t matter much here. Straightforward code is more important.


Best regards,
Kristof
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"