svn commit: r360325 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Sat Apr 25 21:45:31 2020
New Revision: 360325
URL: https://svnweb.freebsd.org/changeset/base/360325
Log:
Avoid the GEOM topology lock recursion when we automatically expand a pool.
The steps to reproduce the problem:
mdconfig -a -t swap -s 3g -u 0
gpart create -s GPT md0
gpart add -t freebsd-zfs -s 1g md0
zpool create -o autoexpand=on foo md0p1
gpart resize -i 1 -s 2g md0
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Apr
25 21:41:38 2020(r360324)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Apr
25 21:45:31 2020(r360325)
@@ -973,18 +973,22 @@ static void
vdev_geom_close(vdev_t *vd)
{
struct g_consumer *cp;
+ int locked;
cp = vd->vdev_tsd;
DROP_GIANT();
- g_topology_lock();
+ locked = g_topology_locked();
+ if (!locked)
+ g_topology_lock();
if (!vd->vdev_reopening ||
(cp != NULL && ((cp->flags & G_CF_ORPHAN) != 0 ||
(cp->provider != NULL && cp->provider->error != 0
vdev_geom_close_locked(vd);
- g_topology_unlock();
+ if (!locked)
+ g_topology_unlock();
PICKUP_GIANT();
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r360323 - head/sys/geom
Author: pjd
Date: Sat Apr 25 21:41:09 2020
New Revision: 360323
URL: https://svnweb.freebsd.org/changeset/base/360323
Log:
Add g_topology_locked() macro that returns true if we already hold the GEOM
topology lock.
Modified:
head/sys/geom/geom.h
Modified: head/sys/geom/geom.h
==
--- head/sys/geom/geom.hSat Apr 25 20:24:41 2020(r360322)
+++ head/sys/geom/geom.hSat Apr 25 21:41:09 2020(r360323)
@@ -395,6 +395,8 @@ g_free(void *ptr)
sx_xunlock(_lock); \
} while (0)
+#define g_topology_locked()sx_xlocked(_lock)
+
#define g_topology_assert()\
do {\
sx_assert(_lock, SX_XLOCKED); \
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357363 - head/sys/geom
Author: pjd
Date: Sat Feb 1 10:15:23 2020
New Revision: 357363
URL: https://svnweb.freebsd.org/changeset/base/357363
Log:
The error variable is not really needed. Remove it.
Modified:
head/sys/geom/geom_disk.c
Modified: head/sys/geom/geom_disk.c
==
--- head/sys/geom/geom_disk.c Sat Feb 1 09:13:11 2020(r357362)
+++ head/sys/geom/geom_disk.c Sat Feb 1 10:15:23 2020(r357363)
@@ -268,7 +268,6 @@ g_disk_ioctl(struct g_provider *pp, u_long cmd, void *
{
struct disk *dp;
struct g_disk_softc *sc;
- int error;
sc = pp->private;
dp = sc->dp;
@@ -277,8 +276,7 @@ g_disk_ioctl(struct g_provider *pp, u_long cmd, void *
if (dp->d_ioctl == NULL)
return (ENOIOCTL);
- error = dp->d_ioctl(dp, cmd, data, fflag, td);
- return (error);
+ return (dp->d_ioctl(dp, cmd, data, fflag, td));
}
static off_t
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r357138 - head/bin/pwait
On 1/30/20 14:47, Jilles Tjoelker wrote:
> On 26-01-2020 11:49, Pawel Jakub Dawidek wrote:
>> Author: pjd
>> Date: Sun Jan 26 10:49:24 2020
>> New Revision: 357138
>> URL: https://svnweb.freebsd.org/changeset/base/357138
>>
>> Log:
>> - Be consistent with using sysexits(3) codes.
>> - Turn fprintf()+exit() into errx().
>> Sponsored by: Fudo Security
>>
>> Modified:
>> head/bin/pwait/pwait.c
>>
>> Modified: head/bin/pwait/pwait.c
>> ==
>>
>> --- head/bin/pwait/pwait.c Sun Jan 26 07:24:49 2020 (r357137)
>> +++ head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020 (r357138)
>> @@ -53,8 +53,7 @@ static void
>> usage(void)
>> {
>> - fprintf(stderr, "usage: pwait [-t timeout] [-v] pid ...\n");
>> - exit(EX_USAGE);
>> + errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ...");
>
> This adds a "pwait: " before the line, which most other programs do not do.
>
Reverted in r357362. Thanks.
--
Pawel Jakub Dawidek
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357362 - head/bin/pwait
Author: pjd
Date: Sat Feb 1 09:13:11 2020
New Revision: 357362
URL: https://svnweb.freebsd.org/changeset/base/357362
Log:
Restore previous usage presentation (without "pwait: " prefix).
Pointed out by: jilles
Modified:
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.c
==
--- head/bin/pwait/pwait.c Sat Feb 1 06:46:55 2020(r357361)
+++ head/bin/pwait/pwait.c Sat Feb 1 09:13:11 2020(r357362)
@@ -53,7 +53,8 @@ static void
usage(void)
{
- errx(EX_USAGE, "usage: pwait [-t timeout] [-ov] pid ...");
+ fprintf(stderr, "usage: pwait [-t timeout] [-ov] pid ...\n");
+ exit(EX_USAGE);
}
/*
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357143 - head/bin/pwait
Author: pjd
Date: Sun Jan 26 11:13:34 2020
New Revision: 357143
URL: https://svnweb.freebsd.org/changeset/base/357143
Log:
Style changes, mostly usage of braces around single line statements -
it is safer and allowed for some time now by style(9).
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.c
==
--- head/bin/pwait/pwait.c Sun Jan 26 11:03:45 2020(r357142)
+++ head/bin/pwait/pwait.c Sun Jan 26 11:13:34 2020(r357143)
@@ -63,12 +63,11 @@ int
main(int argc, char *argv[])
{
struct itimerval itv;
- int kq;
struct kevent *e;
int oflag, tflag, verbose;
- int opt, nleft, n, i, status;
+ int i, kq, n, nleft, opt, status;
long pid;
- char *s, *end;
+ char *end, *s;
double timeout;
oflag = 0;
@@ -76,7 +75,7 @@ main(int argc, char *argv[])
verbose = 0;
memset(, 0, sizeof(itv));
- while ((opt = getopt(argc, argv, "t:ov")) != -1) {
+ while ((opt = getopt(argc, argv, "ot:v")) != -1) {
switch (opt) {
case 'o':
oflag = 1;
@@ -85,9 +84,9 @@ main(int argc, char *argv[])
tflag = 1;
errno = 0;
timeout = strtod(optarg, );
- if (end == optarg || errno == ERANGE ||
- timeout < 0)
+ if (end == optarg || errno == ERANGE || timeout < 0) {
errx(EX_DATAERR, "timeout value");
+ }
switch(*end) {
case 0:
case 's':
@@ -101,8 +100,9 @@ main(int argc, char *argv[])
default:
errx(EX_DATAERR, "timeout unit");
}
- if (timeout > 1L)
+ if (timeout > 1L) {
errx(EX_DATAERR, "timeout value");
+ }
itv.it_value.tv_sec = (time_t)timeout;
timeout -= (time_t)timeout;
itv.it_value.tv_usec =
@@ -120,21 +120,26 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;
- if (argc == 0)
+ if (argc == 0) {
usage();
+ }
kq = kqueue();
- if (kq == -1)
+ if (kq == -1) {
err(EX_OSERR, "kqueue");
+ }
e = malloc((argc + tflag) * sizeof(struct kevent));
- if (e == NULL)
+ if (e == NULL) {
err(EX_OSERR, "malloc");
+ }
nleft = 0;
for (n = 0; n < argc; n++) {
s = argv[n];
- if (!strncmp(s, "/proc/", 6)) /* Undocumented Solaris compat */
+ /* Undocumented Solaris compat */
+ if (!strncmp(s, "/proc/", 6)) {
s += 6;
+ }
errno = 0;
pid = strtol(s, , 10);
if (pid < 0 || *end != '\0' || errno != 0) {
@@ -142,8 +147,9 @@ main(int argc, char *argv[])
continue;
}
for (i = 0; i < nleft; i++) {
- if (e[i].ident == (uintptr_t)pid)
+ if (e[i].ident == (uintptr_t)pid) {
break;
+ }
}
if (i < nleft) {
/* Duplicate. */
@@ -152,8 +158,9 @@ main(int argc, char *argv[])
EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL);
if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) {
warn("%ld", pid);
- if (oflag)
+ if (oflag) {
exit(EX_OK);
+ }
} else {
nleft++;
}
@@ -165,39 +172,45 @@ main(int argc, char *argv[])
* can be returned rather than 142.
*/
EV_SET(e + nleft, SIGALRM, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL);
- if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1)
+ if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) {
err(EX_OSERR, "kevent");
+ }
/* Ignore SIGALRM to not interrupt kevent(2). */
signal(SIGALRM, SIG_IGN);
- if (setitimer(ITIMER_REAL, , NULL) == -1)
+ if (setitimer(ITIMER_REAL, , NULL) == -1) {
err(EX_OSERR, "setitimer");
+ }
}
while (nleft > 0) {
n = kevent(kq, NULL, 0, e, nleft + tflag, NULL);
- if (n == -1)
+ if (n == -1) {
svn commit: r357142 - head/bin/pwait/tests
Author: pjd
Date: Sun Jan 26 11:03:45 2020
New Revision: 357142
URL: https://svnweb.freebsd.org/changeset/base/357142
Log:
Implement tests for the newly added -o flag.
Sponsored by: Fudo Security
Modified:
head/bin/pwait/tests/pwait_test.sh
Modified: head/bin/pwait/tests/pwait_test.sh
==
--- head/bin/pwait/tests/pwait_test.sh Sun Jan 26 11:02:51 2020
(r357141)
+++ head/bin/pwait/tests/pwait_test.sh Sun Jan 26 11:03:45 2020
(r357142)
@@ -232,6 +232,85 @@ timeout_many_cleanup()
wait $p1 $p5 $p10 >/dev/null 2>&1
}
+atf_test_case or_flag
+or_flag_head()
+{
+ atf_set "descr" "Test OR flag"
+}
+
+or_flag_body()
+{
+ sleep 2 &
+ p2=$!
+
+ sleep 4 &
+ p4=$!
+
+ sleep 6 &
+ p6=$!
+
+ atf_check \
+ -o inline:"$p2: exited with status 0.\n" \
+ -e empty \
+ -s exit:0 \
+ timeout --preserve-status 15 pwait -o -v $p2 $p4 $p6
+
+ atf_check \
+ -o empty \
+ -e inline:"pwait: $p2: No such process\n" \
+ -s exit:0 \
+ timeout --preserve-status 15 pwait -o $p2 $p4 $p6
+
+ atf_check \
+ -o empty \
+ -e empty \
+ -s exit:0 \
+ timeout --preserve-status 15 pwait -o $p4 $p6
+
+ atf_check \
+ -o empty \
+ -e inline:"pwait: $p4: No such process\n" \
+ -s exit:0 \
+ timeout --preserve-status 15 pwait -o $p4 $p6
+
+ atf_check \
+ -o inline:"$p6: exited with status 0.\n" \
+ -e empty \
+ -s exit:0 \
+ timeout --preserve-status 15 pwait -o -v $p6
+
+ atf_check \
+ -o empty \
+ -e inline:"pwait: $p6: No such process\n" \
+ -s exit:0 \
+ timeout --preserve-status 15 pwait -o $p6
+
+ atf_check \
+ -o empty \
+ -e inline:"kill: $p2: No such process\n" \
+ -s exit:1 \
+ kill -0 $p2
+
+ atf_check \
+ -o empty \
+ -e inline:"kill: $p4: No such process\n" \
+ -s exit:1 \
+ kill -0 $p4
+
+ atf_check \
+ -o empty \
+ -e inline:"kill: $p6: No such process\n" \
+ -s exit:1 \
+ kill -0 $p6
+
+}
+
+or_flag_cleanup()
+{
+ kill $p2 $p4 $p6 >/dev/null 2>&1
+ wait $p2 $p4 $p6 >/dev/null 2>&1
+}
+
atf_init_test_cases()
{
atf_add_test_case basic
@@ -239,4 +318,5 @@ atf_init_test_cases()
atf_add_test_case timeout_trigger_timeout
atf_add_test_case timeout_no_timeout
atf_add_test_case timeout_many
+ atf_add_test_case or_flag
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357141 - head/bin/pwait
Author: pjd
Date: Sun Jan 26 11:02:51 2020
New Revision: 357141
URL: https://svnweb.freebsd.org/changeset/base/357141
Log:
Implement -o flag which tells pwait(1) to exit if any of the given processes
has terminated.
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.1
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.1
==
--- head/bin/pwait/pwait.1 Sun Jan 26 10:54:16 2020(r357140)
+++ head/bin/pwait/pwait.1 Sun Jan 26 11:02:51 2020(r357141)
@@ -32,7 +32,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd March 7, 2017
+.Dd January 26, 2020
.Dt PWAIT 1
.Os
.Sh NAME
@@ -41,7 +41,7 @@
.Sh SYNOPSIS
.Nm
.Op Fl t Ar duration
-.Op Fl v
+.Op Fl ov
.Ar pid
\&...
.Sh DESCRIPTION
@@ -51,6 +51,8 @@ utility will wait until each of the given processes ha
.Pp
The following option is available:
.Bl -tag -width indent
+.It Fl o
+Exit when any of the given processes has terminated.
.It Fl t Ar duration
If any process is still running after
.Ar duration ,
Modified: head/bin/pwait/pwait.c
==
--- head/bin/pwait/pwait.c Sun Jan 26 10:54:16 2020(r357140)
+++ head/bin/pwait/pwait.c Sun Jan 26 11:02:51 2020(r357141)
@@ -53,7 +53,7 @@ static void
usage(void)
{
- errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ...");
+ errx(EX_USAGE, "usage: pwait [-t timeout] [-ov] pid ...");
}
/*
@@ -65,16 +65,22 @@ main(int argc, char *argv[])
struct itimerval itv;
int kq;
struct kevent *e;
- int tflag, verbose;
+ int oflag, tflag, verbose;
int opt, nleft, n, i, status;
long pid;
char *s, *end;
double timeout;
- tflag = verbose = 0;
+ oflag = 0;
+ tflag = 0;
+ verbose = 0;
memset(, 0, sizeof(itv));
- while ((opt = getopt(argc, argv, "t:v")) != -1) {
+
+ while ((opt = getopt(argc, argv, "t:ov")) != -1) {
switch (opt) {
+ case 'o':
+ oflag = 1;
+ break;
case 't':
tflag = 1;
errno = 0;
@@ -144,10 +150,13 @@ main(int argc, char *argv[])
continue;
}
EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL);
- if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1)
+ if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) {
warn("%ld", pid);
- else
+ if (oflag)
+ exit(EX_OK);
+ } else {
nleft++;
+ }
}
if (nleft > 0 && tflag) {
@@ -187,6 +196,8 @@ main(int argc, char *argv[])
printf("%ld: terminated.\n",
(long)e[i].ident);
}
+ if (oflag)
+ exit(EX_OK);
--nleft;
}
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357140 - head/bin/pwait
Author: pjd
Date: Sun Jan 26 10:54:16 2020
New Revision: 357140
URL: https://svnweb.freebsd.org/changeset/base/357140
Log:
Don't setup a timeout if we are exiting.
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.c
==
--- head/bin/pwait/pwait.c Sun Jan 26 10:51:57 2020(r357139)
+++ head/bin/pwait/pwait.c Sun Jan 26 10:54:16 2020(r357140)
@@ -150,7 +150,7 @@ main(int argc, char *argv[])
nleft++;
}
- if (tflag) {
+ if (nleft > 0 && tflag) {
/*
* Explicitly detect SIGALRM so that an exit status of 124
* can be returned rather than 142.
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357139 - head/bin/pwait
Author: pjd
Date: Sun Jan 26 10:51:57 2020
New Revision: 357139
URL: https://svnweb.freebsd.org/changeset/base/357139
Log:
Check for duplicated PID without using additional variable.
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.c
==
--- head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020(r357138)
+++ head/bin/pwait/pwait.c Sun Jan 26 10:51:57 2020(r357139)
@@ -66,7 +66,7 @@ main(int argc, char *argv[])
int kq;
struct kevent *e;
int tflag, verbose;
- int opt, nleft, n, i, duplicate, status;
+ int opt, nleft, n, i, status;
long pid;
char *s, *end;
double timeout;
@@ -135,18 +135,19 @@ main(int argc, char *argv[])
warnx("%s: bad process id", s);
continue;
}
- duplicate = 0;
- for (i = 0; i < nleft; i++)
+ for (i = 0; i < nleft; i++) {
if (e[i].ident == (uintptr_t)pid)
- duplicate = 1;
- if (!duplicate) {
- EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT,
- 0, NULL);
- if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1)
- warn("%ld", pid);
- else
- nleft++;
+ break;
}
+ if (i < nleft) {
+ /* Duplicate. */
+ continue;
+ }
+ EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL);
+ if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1)
+ warn("%ld", pid);
+ else
+ nleft++;
}
if (tflag) {
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357138 - head/bin/pwait
Author: pjd
Date: Sun Jan 26 10:49:24 2020
New Revision: 357138
URL: https://svnweb.freebsd.org/changeset/base/357138
Log:
- Be consistent with using sysexits(3) codes.
- Turn fprintf()+exit() into errx().
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.c
==
--- head/bin/pwait/pwait.c Sun Jan 26 07:24:49 2020(r357137)
+++ head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020(r357138)
@@ -53,8 +53,7 @@ static void
usage(void)
{
- fprintf(stderr, "usage: pwait [-t timeout] [-v] pid ...\n");
- exit(EX_USAGE);
+ errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ...");
}
/*
@@ -120,11 +119,11 @@ main(int argc, char *argv[])
kq = kqueue();
if (kq == -1)
- err(1, "kqueue");
+ err(EX_OSERR, "kqueue");
e = malloc((argc + tflag) * sizeof(struct kevent));
if (e == NULL)
- err(1, "malloc");
+ err(EX_OSERR, "malloc");
nleft = 0;
for (n = 0; n < argc; n++) {
s = argv[n];
@@ -166,12 +165,12 @@ main(int argc, char *argv[])
while (nleft > 0) {
n = kevent(kq, NULL, 0, e, nleft + tflag, NULL);
if (n == -1)
- err(1, "kevent");
+ err(EX_OSERR, "kevent");
for (i = 0; i < n; i++) {
if (e[i].filter == EVFILT_SIGNAL) {
if (verbose)
printf("timeout\n");
- return (124);
+ exit(124);
}
if (verbose) {
status = e[i].data;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345864 - head/tests/sys/geom/class/eli
Author: pjd
Date: Thu Apr 4 00:05:36 2019
New Revision: 345864
URL: https://svnweb.freebsd.org/changeset/base/345864
Log:
Implement tests for online expansion:
- init, init -R
- onetime, onetime -R
- 512 and 4k sectors
- encryption only
- encryption and authentication
- configure -r/-R for detached providers
- configure -r/-R for attached providers
- all keys allocated (10, 20 and 30MB provider sizes)
- keys allocated on demand (10, 20 and 30PB provider sizes)
- reading and writing to provider after expansion (10-30MB only)
- checking if metadata in old location is cleared.
Obtained from:Fudo Security
Added:
head/tests/sys/geom/class/eli/online_resize_test.sh (contents, props
changed)
Modified:
head/tests/sys/geom/class/eli/Makefile
Modified: head/tests/sys/geom/class/eli/Makefile
==
--- head/tests/sys/geom/class/eli/Makefile Wed Apr 3 23:58:58 2019
(r345863)
+++ head/tests/sys/geom/class/eli/Makefile Thu Apr 4 00:05:36 2019
(r345864)
@@ -16,6 +16,7 @@ ATF_TESTS_SH+=integrity_test
ATF_TESTS_SH+= kill_test
ATF_TESTS_SH+= misc_test
ATF_TESTS_SH+= onetime_test
+ATF_TESTS_SH+= online_resize_test
ATF_TESTS_SH+= resize_test
ATF_TESTS_SH+= setkey_test
Added: head/tests/sys/geom/class/eli/online_resize_test.sh
==
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/tests/sys/geom/class/eli/online_resize_test.sh Thu Apr 4 00:05:36
2019(r345864)
@@ -0,0 +1,196 @@
+#!/bin/sh
+# $FreeBSD$
+
+. $(atf_get_srcdir)/conf.sh
+
+atf_test_case online_resize cleanup
+online_resize_head()
+{
+ atf_set "descr" "online resize of geli providers"
+ atf_set "require.user" "root"
+}
+online_resize_body()
+{
+ geli_test_setup
+
+ (
+ echo "m 512 none 10485248 1 1 20971008 1 1 31456768 1 1"
+ echo "m 4096 none 10481664 1 1 20967424 1 1 31453184 1 1"
+ echo "m 512 HMAC/SHA256 5242368 1 1 10485248 1 1 15728128 1 1"
+ echo "m 4096 HMAC/SHA256 9318400 1 1 18640896 1 1 27959296 1 1"
+ echo "p 512 none 11258999068425728 [0-9] 20971520
22517998136851968 [0-9] 41943040 33776997205278208 [0-9] 62914560"
+ echo "p 4096 none 11258999068422144 [0-9] 2621440
22517998136848384 [0-9] 5242880 33776997205274624 [0-9] 7864320"
+ echo "p 512 HMAC/SHA256 5629499534212608 [0-9] 20971520
11258999068425728 [0-9] 41943040 16888498602638848 [0-9] 62914560"
+ echo "p 4096 HMAC/SHA256 10007999171932160 [0-9] 20971520
20015998343868416 [0-9] 41943040 30023997515800576 [0-9] 62914560"
+ ) | while read prefix sector auth esize10 ka10 kt10 esize20 ka20 kt20
esize30 ka30 kt30; do
+ if [ "${auth}" = "none" ]; then
+ aalgo=""
+ eflags="0x200"
+ dflags="0x0"
+ else
+ aalgo="-a ${auth}"
+ eflags="0x210"
+ dflags="0x10"
+ fi
+
+ if [ "${prefix}" = "m" ]; then
+ psize10="10485760"
+ psize20="20971520"
+ psize30="31457280"
+ else
+ psize10="11258999068426240"
+ psize20="22517998136852480"
+ psize30="33776997205278720"
+ fi
+
+ md=$(attach_md -t malloc -s40${prefix})
+
+ # Initialise
+ atf_check -s exit:0 -o ignore gpart create -s GPT ${md}
+ atf_check -s exit:0 -o ignore gpart add -t freebsd-ufs -s
10${prefix} ${md}
+
+ echo secret >tmp.key
+
+ atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key
${md}p1
+ # Autoresize is set by default.
+ atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump
${md}p1
+
+ atf_check geli configure -R ${md}p1
+ atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump
${md}p1
+ atf_check geli configure -r ${md}p1
+ atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump
${md}p1
+
+ atf_check geli init -R ${aalgo} -s ${sector} -Bnone -PKtmp.key
${md}p1
+ atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump
${md}p1
+
+ atf_check geli configure -r ${md}p1
+ atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump
${md}p1
+ atf_check geli configure -R ${md}p1
+ atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump
${md}p1
+
+ atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key
${md}p1
+ atf_check geli attach -pk tmp.key ${md}p1
+ atf_check -s exit:0 -o
svn commit: r345863 - head/tests/sys/geom/class/eli
Author: pjd
Date: Wed Apr 3 23:58:58 2019
New Revision: 345863
URL: https://svnweb.freebsd.org/changeset/base/345863
Log:
Update configure tests after addition of the online expansion.
Obtained from:Fudo Security
Modified:
head/tests/sys/geom/class/eli/configure_test.sh
Modified: head/tests/sys/geom/class/eli/configure_test.sh
==
--- head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:57:37
2019(r345862)
+++ head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:58:58
2019(r345863)
@@ -17,19 +17,19 @@ configure_b_B_body()
atf_check geli init -B none -P -K /dev/null ${md}
- atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md}
atf_check geli init -B none -b -P -K /dev/null ${md}
- atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md}
atf_check geli configure -B ${md}
- atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md}
atf_check geli configure -b ${md}
- atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md}
atf_check geli attach -p -k /dev/null ${md}
@@ -39,13 +39,13 @@ configure_b_B_body()
atf_check -o not-match:'^Flags: .*BOOT' geli list ${md}.eli
- atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md}
atf_check geli configure -b ${md}
atf_check -s exit:0 -o match:'^Flags: .*BOOT' geli list ${md}.eli
- atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md}
atf_check geli detach ${md}
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345861 - head/lib/geom/eli
Author: pjd
Date: Wed Apr 3 23:50:52 2019
New Revision: 345861
URL: https://svnweb.freebsd.org/changeset/base/345861
Log:
- Add missing -T (notrim) option to the label subcommand.
- Add missing -T option in the onetime subcommand comment.
Obtained from:Fudo Security
Modified:
head/lib/geom/eli/geom_eli.c
Modified: head/lib/geom/eli/geom_eli.c
==
--- head/lib/geom/eli/geom_eli.cWed Apr 3 22:30:20 2019
(r345860)
+++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019
(r345861)
@@ -96,7 +96,7 @@ static int eli_backup_create(struct gctl_req *req, con
* attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ...
* detach [-fl] prov ...
* stop - alias for 'detach'
- * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov
+ * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov
* configure [-bBgGtT] prov ...
* setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K
newkeyfile] prov
* delkey [-afv] [-n keyno] prov
@@ -145,6 +145,7 @@ struct g_command class_commands[] = {
{ 'l', "keylen", "0", G_TYPE_NUMBER },
{ 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
{ 's', "sectorsize", "0", G_TYPE_NUMBER },
+ { 'T', "notrim", NULL, G_TYPE_BOOL },
{ 'V', "mdversion", "-1", G_TYPE_NUMBER },
G_OPT_SENTINEL
},
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345862 - in head: lib/geom/eli sys/geom/eli
Author: pjd Date: Wed Apr 3 23:57:37 2019 New Revision: 345862 URL: https://svnweb.freebsd.org/changeset/base/345862 Log: Implement automatic online expansion of GELI providers - if the underlying provider grows, GELI will expand automatically and will move the metadata to the new location of the last sector. This functionality is turned on by default. It can be turned off with the -R flag, but it is not recommended - if the underlying provider grows and automatic expansion is turned off, it won't be possible to attach this provider again, as the metadata is no longer located in the last sector. If the automatic expansion is turned off and the underlying provider grows, GELI will only log a message with the previous size of the provider, so recovery can be easier. Obtained from:Fudo Security Modified: head/lib/geom/eli/geli.8 head/lib/geom/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c head/sys/geom/eli/g_eli_key_cache.c Modified: head/lib/geom/eli/geli.8 == --- head/lib/geom/eli/geli.8Wed Apr 3 23:50:52 2019(r345861) +++ head/lib/geom/eli/geli.8Wed Apr 3 23:57:37 2019(r345862) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2005-2011 Pawel Jakub Dawidek +.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 24, 2018 +.Dd April 3, 2019 .Dt GELI 8 .Os .Sh NAME @@ -51,7 +51,7 @@ utility: .Pp .Nm .Cm init -.Op Fl bdgPTv +.Op Fl bdgPRTv .Op Fl a Ar aalgo .Op Fl B Ar backupfile .Op Fl e Ar ealgo @@ -81,7 +81,7 @@ utility: .Cm detach .Nm .Cm onetime -.Op Fl dT +.Op Fl dRT .Op Fl a Ar aalgo .Op Fl e Ar ealgo .Op Fl l Ar keylen @@ -89,7 +89,7 @@ utility: .Ar prov .Nm .Cm configure -.Op Fl bBdDgGtT +.Op Fl bBdDgGrRtT .Ar prov ... .Nm .Cm setkey @@ -375,6 +375,18 @@ Change decrypted provider's sector size. Increasing the sector size allows increased performance, because encryption/decryption which requires an initialization vector is done per sector; fewer sectors means less computational work. +.It Fl R +Turn off automatic expansion. +By default, if the underlying provider grows, the encrypted provider will +grow automatically too. +The metadata will be moved to the new location. +If automatic expansion if turned off and the underlying provider changes +size, attaching encrypted provider will no longer be possible as the metadata +will no longer be located in the last sector. +In this case +.Nm GELI +will only log the previous size of the underlying provider, so metadata can +be found easier, if resize was done by mistake. .It Fl T Don't pass through .Dv BIO_DELETE @@ -506,6 +518,11 @@ Change decrypted provider's sector size. For more information, see the description of the .Cm init subcommand. +.It Fl R +Turn off automatic expansion. +For more information, see the description of the +.Cm init +subcommand. .It Fl T Disable TRIM/UNMAP passthru. For more information, see the description of the @@ -540,6 +557,13 @@ The boot loader prompts for the passphrase and loads from the encrypted partition. .It Fl G Deactivate booting from this encrypted root partition. +.It Fl r +Turn on automatic expansion. +For more information, see the description of the +.Cm init +subcommand. +.It Fl R +Turn off automatic expansion. .It Fl t Enable TRIM/UNMAP passthru. For more information, see the description of the Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:57:37 2019 (r345862) @@ -1,7 +1,7 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * - * Copyright (c) 2004-2010 Pawel Jakub Dawidek + * Copyright (c) 2004-2019 Pawel Jakub Dawidek * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -91,13 +91,13 @@ static int eli_backup_create(struct gctl_req *req, con /* * Available commands: * - * init [-bdgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... + * init [-bdgPRTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... * label - alias for 'init' * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov - * configure [-bBgGtT] prov ... + * onetime [-dRT] [-a aalgo] [-e ealgo] [-l keylen] prov + * configure [-bBgGrRtT] prov ... * se
svn commit: r345726 - head/sys/dev/xen/blkfront
Author: pjd
Date: Sat Mar 30 07:20:28 2019
New Revision: 345726
URL: https://svnweb.freebsd.org/changeset/base/345726
Log:
Implement support for online disk capacity changes.
Obtained from:Fudo Security
Tested in:AWS
Modified:
head/sys/dev/xen/blkfront/blkfront.c
Modified: head/sys/dev/xen/blkfront/blkfront.c
==
--- head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 01:56:53 2019
(r345725)
+++ head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 07:20:28 2019
(r345726)
@@ -1227,11 +1227,40 @@ xbd_connect(struct xbd_softc *sc)
int err, feature_barrier, feature_flush;
int i, j;
- if (sc->xbd_state == XBD_STATE_CONNECTED ||
- sc->xbd_state == XBD_STATE_SUSPENDED)
+ DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev));
+
+ if (sc->xbd_state == XBD_STATE_SUSPENDED) {
return;
+ }
- DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev));
+ if (sc->xbd_state == XBD_STATE_CONNECTED) {
+ struct disk *disk;
+
+ disk = sc->xbd_disk;
+ if (disk == NULL) {
+ return;
+ }
+ err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
+ "sectors", "%lu", , NULL);
+ if (err != 0) {
+ xenbus_dev_error(dev, err,
+ "reading sectors at %s",
+ xenbus_get_otherend_path(dev));
+ return;
+ }
+ disk->d_mediasize = disk->d_sectorsize * sectors;
+ err = disk_resize(disk, M_NOWAIT);
+ if (err) {
+ xenbus_dev_error(dev, err,
+ "unable to resize disk %s%u",
+ disk->d_name, disk->d_unit);
+ return;
+ }
+ device_printf(sc->xbd_dev,
+ "changed capacity to %jd\n",
+ (intmax_t)disk->d_mediasize);
+ return;
+ }
err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
"sectors", "%lu", ,
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345728 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Sat Mar 30 07:29:20 2019
New Revision: 345728
URL: https://svnweb.freebsd.org/changeset/base/345728
Log:
If the autoexpand pool property is turned on and vdev is healthy try to
expand the pool automatically when we detect underlying GEOM provider
size change.
Obtained from:Fudo Security
Tested in:AWS
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar
30 07:24:34 2019(r345727)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar
30 07:29:20 2019(r345728)
@@ -158,6 +158,29 @@ vdev_geom_attrchanged(struct g_consumer *cp, const cha
}
static void
+vdev_geom_resize(struct g_consumer *cp)
+{
+ struct consumer_priv_t *priv;
+ struct consumer_vdev_elem *elem;
+ spa_t *spa;
+ vdev_t *vd;
+
+ priv = (struct consumer_priv_t *)>private;
+ if (SLIST_EMPTY(priv))
+ return;
+
+ SLIST_FOREACH(elem, priv, elems) {
+ vd = elem->vd;
+ if (vd->vdev_state != VDEV_STATE_HEALTHY)
+ continue;
+ spa = vd->vdev_spa;
+ if (!spa->spa_autoexpand)
+ continue;
+ vdev_online(spa, vd->vdev_guid, ZFS_ONLINE_EXPAND, NULL);
+ }
+}
+
+static void
vdev_geom_orphan(struct g_consumer *cp)
{
struct consumer_priv_t *priv;
@@ -229,6 +252,7 @@ vdev_geom_attach(struct g_provider *pp, vdev_t *vd, bo
gp = g_new_geomf(_vdev_class, "zfs::vdev");
gp->orphan = vdev_geom_orphan;
gp->attrchanged = vdev_geom_attrchanged;
+ gp->resize = vdev_geom_resize;
cp = g_new_consumer(gp);
error = g_attach(cp, pp);
if (error != 0) {
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345727 - in head: sbin/devd sys/geom
Author: pjd
Date: Sat Mar 30 07:24:34 2019
New Revision: 345727
URL: https://svnweb.freebsd.org/changeset/base/345727
Log:
Introduce new event SIZECHANGE within GEOM system to inform about GEOM
providers mediasize changes.
While here, use GEOM nomenclature to describe providers instead of calling
them device nodes.
Obtained from:Fudo Security
Tested in:AWS
Modified:
head/sbin/devd/devd.conf.5
head/sys/geom/geom_dev.c
Modified: head/sbin/devd/devd.conf.5
==
--- head/sbin/devd/devd.conf.5 Sat Mar 30 07:20:28 2019(r345726)
+++ head/sbin/devd/devd.conf.5 Sat Mar 30 07:24:34 2019(r345727)
@@ -41,7 +41,7 @@
.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
.\" SOFTWARE.
.\"
-.Dd July 20, 2018
+.Dd March 29, 2019
.Dt DEVD.CONF 5
.Os
.Sh NAME
@@ -432,15 +432,19 @@ only includes disk-like devices.
.It Li CREATE
A
.Xr geom 4
-device node is created.
+provider is created.
.It Li DESTROY
A
.Xr geom 4
-device node is destroyed.
+provider is destroyed.
.It Li GEOM::physpath
The physical path of a device has changed.
.It Li MEDIACHANGE
Physical media has changed.
+.It Li SIZECHANGE
+A
+.Xr geom 4
+provider size has changed.
.El
.El
.Pp
Modified: head/sys/geom/geom_dev.c
==
--- head/sys/geom/geom_dev.cSat Mar 30 07:20:28 2019(r345726)
+++ head/sys/geom/geom_dev.cSat Mar 30 07:24:34 2019(r345727)
@@ -92,6 +92,7 @@ static g_fini_t g_dev_fini;
static g_taste_t g_dev_taste;
static g_orphan_t g_dev_orphan;
static g_attrchanged_t g_dev_attrchanged;
+static g_resize_t g_dev_resize;
static struct g_class g_dev_class = {
.name = "DEV",
@@ -100,7 +101,8 @@ static struct g_class g_dev_class = {
.fini = g_dev_fini,
.taste = g_dev_taste,
.orphan = g_dev_orphan,
- .attrchanged = g_dev_attrchanged
+ .attrchanged = g_dev_attrchanged,
+ .resize = g_dev_resize
};
/*
@@ -300,6 +302,15 @@ g_dev_attrchanged(struct g_consumer *cp, const char *a
g_dev_set_physpath(cp);
return;
}
+}
+
+static void
+g_dev_resize(struct g_consumer *cp)
+{
+ char buf[SPECNAMELEN + 6];
+
+ snprintf(buf, sizeof(buf), "cdev=%s", cp->provider->name);
+ devctl_notify_f("GEOM", "DEV", "SIZECHANGE", buf, M_WAITOK);
}
struct g_provider *
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345864 - head/tests/sys/geom/class/eli
Author: pjd
Date: Thu Apr 4 00:05:36 2019
New Revision: 345864
URL: https://svnweb.freebsd.org/changeset/base/345864
Log:
Implement tests for online expansion:
- init, init -R
- onetime, onetime -R
- 512 and 4k sectors
- encryption only
- encryption and authentication
- configure -r/-R for detached providers
- configure -r/-R for attached providers
- all keys allocated (10, 20 and 30MB provider sizes)
- keys allocated on demand (10, 20 and 30PB provider sizes)
- reading and writing to provider after expansion (10-30MB only)
- checking if metadata in old location is cleared.
Obtained from:Fudo Security
Added:
head/tests/sys/geom/class/eli/online_resize_test.sh (contents, props
changed)
Modified:
head/tests/sys/geom/class/eli/Makefile
Modified: head/tests/sys/geom/class/eli/Makefile
==
--- head/tests/sys/geom/class/eli/Makefile Wed Apr 3 23:58:58 2019
(r345863)
+++ head/tests/sys/geom/class/eli/Makefile Thu Apr 4 00:05:36 2019
(r345864)
@@ -16,6 +16,7 @@ ATF_TESTS_SH+=integrity_test
ATF_TESTS_SH+= kill_test
ATF_TESTS_SH+= misc_test
ATF_TESTS_SH+= onetime_test
+ATF_TESTS_SH+= online_resize_test
ATF_TESTS_SH+= resize_test
ATF_TESTS_SH+= setkey_test
Added: head/tests/sys/geom/class/eli/online_resize_test.sh
==
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/tests/sys/geom/class/eli/online_resize_test.sh Thu Apr 4 00:05:36
2019(r345864)
@@ -0,0 +1,196 @@
+#!/bin/sh
+# $FreeBSD$
+
+. $(atf_get_srcdir)/conf.sh
+
+atf_test_case online_resize cleanup
+online_resize_head()
+{
+ atf_set "descr" "online resize of geli providers"
+ atf_set "require.user" "root"
+}
+online_resize_body()
+{
+ geli_test_setup
+
+ (
+ echo "m 512 none 10485248 1 1 20971008 1 1 31456768 1 1"
+ echo "m 4096 none 10481664 1 1 20967424 1 1 31453184 1 1"
+ echo "m 512 HMAC/SHA256 5242368 1 1 10485248 1 1 15728128 1 1"
+ echo "m 4096 HMAC/SHA256 9318400 1 1 18640896 1 1 27959296 1 1"
+ echo "p 512 none 11258999068425728 [0-9] 20971520
22517998136851968 [0-9] 41943040 33776997205278208 [0-9] 62914560"
+ echo "p 4096 none 11258999068422144 [0-9] 2621440
22517998136848384 [0-9] 5242880 33776997205274624 [0-9] 7864320"
+ echo "p 512 HMAC/SHA256 5629499534212608 [0-9] 20971520
11258999068425728 [0-9] 41943040 16888498602638848 [0-9] 62914560"
+ echo "p 4096 HMAC/SHA256 10007999171932160 [0-9] 20971520
20015998343868416 [0-9] 41943040 30023997515800576 [0-9] 62914560"
+ ) | while read prefix sector auth esize10 ka10 kt10 esize20 ka20 kt20
esize30 ka30 kt30; do
+ if [ "${auth}" = "none" ]; then
+ aalgo=""
+ eflags="0x200"
+ dflags="0x0"
+ else
+ aalgo="-a ${auth}"
+ eflags="0x210"
+ dflags="0x10"
+ fi
+
+ if [ "${prefix}" = "m" ]; then
+ psize10="10485760"
+ psize20="20971520"
+ psize30="31457280"
+ else
+ psize10="11258999068426240"
+ psize20="22517998136852480"
+ psize30="33776997205278720"
+ fi
+
+ md=$(attach_md -t malloc -s40${prefix})
+
+ # Initialise
+ atf_check -s exit:0 -o ignore gpart create -s GPT ${md}
+ atf_check -s exit:0 -o ignore gpart add -t freebsd-ufs -s
10${prefix} ${md}
+
+ echo secret >tmp.key
+
+ atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key
${md}p1
+ # Autoresize is set by default.
+ atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump
${md}p1
+
+ atf_check geli configure -R ${md}p1
+ atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump
${md}p1
+ atf_check geli configure -r ${md}p1
+ atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump
${md}p1
+
+ atf_check geli init -R ${aalgo} -s ${sector} -Bnone -PKtmp.key
${md}p1
+ atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump
${md}p1
+
+ atf_check geli configure -r ${md}p1
+ atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump
${md}p1
+ atf_check geli configure -R ${md}p1
+ atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump
${md}p1
+
+ atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key
${md}p1
+ atf_check geli attach -pk tmp.key ${md}p1
+ atf_check -s exit:0 -o
svn commit: r345863 - head/tests/sys/geom/class/eli
Author: pjd
Date: Wed Apr 3 23:58:58 2019
New Revision: 345863
URL: https://svnweb.freebsd.org/changeset/base/345863
Log:
Update configure tests after addition of the online expansion.
Obtained from:Fudo Security
Modified:
head/tests/sys/geom/class/eli/configure_test.sh
Modified: head/tests/sys/geom/class/eli/configure_test.sh
==
--- head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:57:37
2019(r345862)
+++ head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:58:58
2019(r345863)
@@ -17,19 +17,19 @@ configure_b_B_body()
atf_check geli init -B none -P -K /dev/null ${md}
- atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md}
atf_check geli init -B none -b -P -K /dev/null ${md}
- atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md}
atf_check geli configure -B ${md}
- atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md}
atf_check geli configure -b ${md}
- atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md}
atf_check geli attach -p -k /dev/null ${md}
@@ -39,13 +39,13 @@ configure_b_B_body()
atf_check -o not-match:'^Flags: .*BOOT' geli list ${md}.eli
- atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md}
atf_check geli configure -b ${md}
atf_check -s exit:0 -o match:'^Flags: .*BOOT' geli list ${md}.eli
- atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md}
+ atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md}
atf_check geli detach ${md}
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345862 - in head: lib/geom/eli sys/geom/eli
Author: pjd Date: Wed Apr 3 23:57:37 2019 New Revision: 345862 URL: https://svnweb.freebsd.org/changeset/base/345862 Log: Implement automatic online expansion of GELI providers - if the underlying provider grows, GELI will expand automatically and will move the metadata to the new location of the last sector. This functionality is turned on by default. It can be turned off with the -R flag, but it is not recommended - if the underlying provider grows and automatic expansion is turned off, it won't be possible to attach this provider again, as the metadata is no longer located in the last sector. If the automatic expansion is turned off and the underlying provider grows, GELI will only log a message with the previous size of the provider, so recovery can be easier. Obtained from:Fudo Security Modified: head/lib/geom/eli/geli.8 head/lib/geom/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c head/sys/geom/eli/g_eli_key_cache.c Modified: head/lib/geom/eli/geli.8 == --- head/lib/geom/eli/geli.8Wed Apr 3 23:50:52 2019(r345861) +++ head/lib/geom/eli/geli.8Wed Apr 3 23:57:37 2019(r345862) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2005-2011 Pawel Jakub Dawidek +.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 24, 2018 +.Dd April 3, 2019 .Dt GELI 8 .Os .Sh NAME @@ -51,7 +51,7 @@ utility: .Pp .Nm .Cm init -.Op Fl bdgPTv +.Op Fl bdgPRTv .Op Fl a Ar aalgo .Op Fl B Ar backupfile .Op Fl e Ar ealgo @@ -81,7 +81,7 @@ utility: .Cm detach .Nm .Cm onetime -.Op Fl dT +.Op Fl dRT .Op Fl a Ar aalgo .Op Fl e Ar ealgo .Op Fl l Ar keylen @@ -89,7 +89,7 @@ utility: .Ar prov .Nm .Cm configure -.Op Fl bBdDgGtT +.Op Fl bBdDgGrRtT .Ar prov ... .Nm .Cm setkey @@ -375,6 +375,18 @@ Change decrypted provider's sector size. Increasing the sector size allows increased performance, because encryption/decryption which requires an initialization vector is done per sector; fewer sectors means less computational work. +.It Fl R +Turn off automatic expansion. +By default, if the underlying provider grows, the encrypted provider will +grow automatically too. +The metadata will be moved to the new location. +If automatic expansion if turned off and the underlying provider changes +size, attaching encrypted provider will no longer be possible as the metadata +will no longer be located in the last sector. +In this case +.Nm GELI +will only log the previous size of the underlying provider, so metadata can +be found easier, if resize was done by mistake. .It Fl T Don't pass through .Dv BIO_DELETE @@ -506,6 +518,11 @@ Change decrypted provider's sector size. For more information, see the description of the .Cm init subcommand. +.It Fl R +Turn off automatic expansion. +For more information, see the description of the +.Cm init +subcommand. .It Fl T Disable TRIM/UNMAP passthru. For more information, see the description of the @@ -540,6 +557,13 @@ The boot loader prompts for the passphrase and loads from the encrypted partition. .It Fl G Deactivate booting from this encrypted root partition. +.It Fl r +Turn on automatic expansion. +For more information, see the description of the +.Cm init +subcommand. +.It Fl R +Turn off automatic expansion. .It Fl t Enable TRIM/UNMAP passthru. For more information, see the description of the Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:57:37 2019 (r345862) @@ -1,7 +1,7 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * - * Copyright (c) 2004-2010 Pawel Jakub Dawidek + * Copyright (c) 2004-2019 Pawel Jakub Dawidek * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -91,13 +91,13 @@ static int eli_backup_create(struct gctl_req *req, con /* * Available commands: * - * init [-bdgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... + * init [-bdgPRTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... * label - alias for 'init' * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov - * configure [-bBgGtT] prov ... + * onetime [-dRT] [-a aalgo] [-e ealgo] [-l keylen] prov + * configure [-bBgGrRtT] prov ... * se
svn commit: r345861 - head/lib/geom/eli
Author: pjd
Date: Wed Apr 3 23:50:52 2019
New Revision: 345861
URL: https://svnweb.freebsd.org/changeset/base/345861
Log:
- Add missing -T (notrim) option to the label subcommand.
- Add missing -T option in the onetime subcommand comment.
Obtained from:Fudo Security
Modified:
head/lib/geom/eli/geom_eli.c
Modified: head/lib/geom/eli/geom_eli.c
==
--- head/lib/geom/eli/geom_eli.cWed Apr 3 22:30:20 2019
(r345860)
+++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019
(r345861)
@@ -96,7 +96,7 @@ static int eli_backup_create(struct gctl_req *req, con
* attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ...
* detach [-fl] prov ...
* stop - alias for 'detach'
- * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov
+ * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov
* configure [-bBgGtT] prov ...
* setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K
newkeyfile] prov
* delkey [-afv] [-n keyno] prov
@@ -145,6 +145,7 @@ struct g_command class_commands[] = {
{ 'l', "keylen", "0", G_TYPE_NUMBER },
{ 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
{ 's', "sectorsize", "0", G_TYPE_NUMBER },
+ { 'T', "notrim", NULL, G_TYPE_BOOL },
{ 'V', "mdversion", "-1", G_TYPE_NUMBER },
G_OPT_SENTINEL
},
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345728 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Sat Mar 30 07:29:20 2019
New Revision: 345728
URL: https://svnweb.freebsd.org/changeset/base/345728
Log:
If the autoexpand pool property is turned on and vdev is healthy try to
expand the pool automatically when we detect underlying GEOM provider
size change.
Obtained from:Fudo Security
Tested in:AWS
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar
30 07:24:34 2019(r345727)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar
30 07:29:20 2019(r345728)
@@ -158,6 +158,29 @@ vdev_geom_attrchanged(struct g_consumer *cp, const cha
}
static void
+vdev_geom_resize(struct g_consumer *cp)
+{
+ struct consumer_priv_t *priv;
+ struct consumer_vdev_elem *elem;
+ spa_t *spa;
+ vdev_t *vd;
+
+ priv = (struct consumer_priv_t *)>private;
+ if (SLIST_EMPTY(priv))
+ return;
+
+ SLIST_FOREACH(elem, priv, elems) {
+ vd = elem->vd;
+ if (vd->vdev_state != VDEV_STATE_HEALTHY)
+ continue;
+ spa = vd->vdev_spa;
+ if (!spa->spa_autoexpand)
+ continue;
+ vdev_online(spa, vd->vdev_guid, ZFS_ONLINE_EXPAND, NULL);
+ }
+}
+
+static void
vdev_geom_orphan(struct g_consumer *cp)
{
struct consumer_priv_t *priv;
@@ -229,6 +252,7 @@ vdev_geom_attach(struct g_provider *pp, vdev_t *vd, bo
gp = g_new_geomf(_vdev_class, "zfs::vdev");
gp->orphan = vdev_geom_orphan;
gp->attrchanged = vdev_geom_attrchanged;
+ gp->resize = vdev_geom_resize;
cp = g_new_consumer(gp);
error = g_attach(cp, pp);
if (error != 0) {
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345727 - in head: sbin/devd sys/geom
Author: pjd
Date: Sat Mar 30 07:24:34 2019
New Revision: 345727
URL: https://svnweb.freebsd.org/changeset/base/345727
Log:
Introduce new event SIZECHANGE within GEOM system to inform about GEOM
providers mediasize changes.
While here, use GEOM nomenclature to describe providers instead of calling
them device nodes.
Obtained from:Fudo Security
Tested in:AWS
Modified:
head/sbin/devd/devd.conf.5
head/sys/geom/geom_dev.c
Modified: head/sbin/devd/devd.conf.5
==
--- head/sbin/devd/devd.conf.5 Sat Mar 30 07:20:28 2019(r345726)
+++ head/sbin/devd/devd.conf.5 Sat Mar 30 07:24:34 2019(r345727)
@@ -41,7 +41,7 @@
.\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
.\" SOFTWARE.
.\"
-.Dd July 20, 2018
+.Dd March 29, 2019
.Dt DEVD.CONF 5
.Os
.Sh NAME
@@ -432,15 +432,19 @@ only includes disk-like devices.
.It Li CREATE
A
.Xr geom 4
-device node is created.
+provider is created.
.It Li DESTROY
A
.Xr geom 4
-device node is destroyed.
+provider is destroyed.
.It Li GEOM::physpath
The physical path of a device has changed.
.It Li MEDIACHANGE
Physical media has changed.
+.It Li SIZECHANGE
+A
+.Xr geom 4
+provider size has changed.
.El
.El
.Pp
Modified: head/sys/geom/geom_dev.c
==
--- head/sys/geom/geom_dev.cSat Mar 30 07:20:28 2019(r345726)
+++ head/sys/geom/geom_dev.cSat Mar 30 07:24:34 2019(r345727)
@@ -92,6 +92,7 @@ static g_fini_t g_dev_fini;
static g_taste_t g_dev_taste;
static g_orphan_t g_dev_orphan;
static g_attrchanged_t g_dev_attrchanged;
+static g_resize_t g_dev_resize;
static struct g_class g_dev_class = {
.name = "DEV",
@@ -100,7 +101,8 @@ static struct g_class g_dev_class = {
.fini = g_dev_fini,
.taste = g_dev_taste,
.orphan = g_dev_orphan,
- .attrchanged = g_dev_attrchanged
+ .attrchanged = g_dev_attrchanged,
+ .resize = g_dev_resize
};
/*
@@ -300,6 +302,15 @@ g_dev_attrchanged(struct g_consumer *cp, const char *a
g_dev_set_physpath(cp);
return;
}
+}
+
+static void
+g_dev_resize(struct g_consumer *cp)
+{
+ char buf[SPECNAMELEN + 6];
+
+ snprintf(buf, sizeof(buf), "cdev=%s", cp->provider->name);
+ devctl_notify_f("GEOM", "DEV", "SIZECHANGE", buf, M_WAITOK);
}
struct g_provider *
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345726 - head/sys/dev/xen/blkfront
Author: pjd
Date: Sat Mar 30 07:20:28 2019
New Revision: 345726
URL: https://svnweb.freebsd.org/changeset/base/345726
Log:
Implement support for online disk capacity changes.
Obtained from:Fudo Security
Tested in:AWS
Modified:
head/sys/dev/xen/blkfront/blkfront.c
Modified: head/sys/dev/xen/blkfront/blkfront.c
==
--- head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 01:56:53 2019
(r345725)
+++ head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 07:20:28 2019
(r345726)
@@ -1227,11 +1227,40 @@ xbd_connect(struct xbd_softc *sc)
int err, feature_barrier, feature_flush;
int i, j;
- if (sc->xbd_state == XBD_STATE_CONNECTED ||
- sc->xbd_state == XBD_STATE_SUSPENDED)
+ DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev));
+
+ if (sc->xbd_state == XBD_STATE_SUSPENDED) {
return;
+ }
- DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev));
+ if (sc->xbd_state == XBD_STATE_CONNECTED) {
+ struct disk *disk;
+
+ disk = sc->xbd_disk;
+ if (disk == NULL) {
+ return;
+ }
+ err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
+ "sectors", "%lu", , NULL);
+ if (err != 0) {
+ xenbus_dev_error(dev, err,
+ "reading sectors at %s",
+ xenbus_get_otherend_path(dev));
+ return;
+ }
+ disk->d_mediasize = disk->d_sectorsize * sectors;
+ err = disk_resize(disk, M_NOWAIT);
+ if (err) {
+ xenbus_dev_error(dev, err,
+ "unable to resize disk %s%u",
+ disk->d_name, disk->d_unit);
+ return;
+ }
+ device_printf(sc->xbd_dev,
+ "changed capacity to %jd\n",
+ (intmax_t)disk->d_mediasize);
+ return;
+ }
err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
"sectors", "%lu", ,
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344690 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Fri Mar 1 05:54:13 2019
New Revision: 344690
URL: https://svnweb.freebsd.org/changeset/base/344690
Log:
Improve readability of the code by making it explicit where the 'c' variable
starts. It is also more consistent with similar code in this file.
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cFri Mar
1 05:04:29 2019(r344689)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cFri Mar
1 05:54:13 2019(r344690)
@@ -568,7 +568,7 @@ vdev_raidz_map_alloc(abd_t *abd, uint64_t size, uint64
abd_alloc_linear(rm->rm_col[c].rc_size, B_TRUE);
}
- for (off = 0; c < acols; c++) {
+ for (off = 0, c = rm->rm_firstdatacol; c < acols; c++) {
rm->rm_col[c].rc_abd = abd_get_offset(abd, off);
off += rm->rm_col[c].rc_size;
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344325 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Wed Feb 20 00:25:45 2019
New Revision: 344325
URL: https://svnweb.freebsd.org/changeset/base/344325
Log:
Simplify the code. No functional changes.
Reviewed by: rpokala
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cWed Feb
20 00:19:11 2019(r344324)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cWed Feb
20 00:25:45 2019(r344325)
@@ -568,10 +568,7 @@ vdev_raidz_map_alloc(abd_t *abd, uint64_t size, uint64
abd_alloc_linear(rm->rm_col[c].rc_size, B_TRUE);
}
- rm->rm_col[c].rc_abd = abd_get_offset(abd, 0);
- off = rm->rm_col[c].rc_size;
-
- for (c = c + 1; c < acols; c++) {
+ for (off = 0; c < acols; c++) {
rm->rm_col[c].rc_abd = abd_get_offset(abd, off);
off += rm->rm_col[c].rc_size;
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344320 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Tue Feb 19 23:53:33 2019
New Revision: 344320
URL: https://svnweb.freebsd.org/changeset/base/344320
Log:
Simplify the code.
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c Tue Feb
19 23:44:00 2019(r344319)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c Tue Feb
19 23:53:33 2019(r344320)
@@ -360,16 +360,13 @@ trim_map_write_start(zio_t *zio)
return (B_FALSE);
}
- ts = avl_find(>tm_queued_frees, , NULL);
- if (ts != NULL) {
- /*
-* Loop until all overlapping segments are removed.
-*/
- do {
- trim_map_segment_remove(tm, ts, start, end);
- ts = avl_find(>tm_queued_frees, , NULL);
- } while (ts != NULL);
+ /*
+* Loop until all overlapping segments are removed.
+*/
+ while ((ts = avl_find(>tm_queued_frees, , NULL)) != NULL) {
+ trim_map_segment_remove(tm, ts, start, end);
}
+
avl_add(>tm_inflight_writes, zio);
mutex_exit(>tm_lock);
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344319 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:44:00 2019 New Revision: 344319 URL: https://svnweb.freebsd.org/changeset/base/344319 Log: Correct typo in the comment. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:43:15 2019(r344318) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:44:00 2019(r344319) @@ -2558,7 +2558,7 @@ vdev_raidz_io_done(zio_t *zio) /* * We're here because either: * -* total_errors == rm_first_datacol, or +* total_errors == rm_firstdatacol, or * vdev_raidz_combrec() failed * * In either case, there is enough bad data to prevent ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344318 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:43:15 2019 New Revision: 344318 URL: https://svnweb.freebsd.org/changeset/base/344318 Log: Change assertion to log the incorrect io_type we've got. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:41:23 2019(r344317) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:43:15 2019(r344318) @@ -2020,7 +2020,7 @@ vdev_raidz_io_start(zio_t *zio) return; } - ASSERT(zio->io_type == ZIO_TYPE_READ); + ASSERT3U(zio->io_type, ==, ZIO_TYPE_READ); /* * Iterate over the columns in reverse order so that we hit the parity ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344317 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Tue Feb 19 23:41:23 2019
New Revision: 344317
URL: https://svnweb.freebsd.org/changeset/base/344317
Log:
Grabage-collect no longer used variable.
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb
19 23:35:55 2019(r344316)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb
19 23:41:23 2019(r344317)
@@ -270,7 +270,6 @@ static void
vdev_raidz_map_free(raidz_map_t *rm)
{
int c;
- size_t size;
for (c = 0; c < rm->rm_firstdatacol; c++) {
if (rm->rm_col[c].rc_abd != NULL)
@@ -281,11 +280,9 @@ vdev_raidz_map_free(raidz_map_t *rm)
rm->rm_col[c].rc_size);
}
- size = 0;
for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) {
if (rm->rm_col[c].rc_abd != NULL)
abd_put(rm->rm_col[c].rc_abd);
- size += rm->rm_col[c].rc_size;
}
if (rm->rm_abd_copy != NULL)
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344316 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Tue Feb 19 23:35:55 2019
New Revision: 344316
URL: https://svnweb.freebsd.org/changeset/base/344316
Log:
The way ZFS searches for its vdevs is the following: first it looks for
a vdev that has the same name as the one stored in metadata and that has
all VDEV labels in place. If it cannot find a GEOM provider with the given
name and all VDEV labels it will scan all GEOM providers for the best match
(the most VDEV labels available), but here the name is ignored.
In case the ZFS pool is created, eg. using GPT partition label:
# zpool create tank /dev/gpt/tank
everything works, and on every import ZFS will pick /dev/gpt/tank and
not /dev/da0p4.
The problem occurs when da0p4 is extended and ZFS is unable to find all
VDEV labels in /dev/gpt/tank anymore (the VDEV labels stored at the end
of the partition are now somewhere else). In this case it will scan all
GEOM providers and will pick the first one with the best match, ie. da0p4.
Fix this problem by checking the VDEV/provider name even if we get the same
match. If the name is the same as the one we have in pool's metadata, prefer
this GEOM provider.
Reported by: oshogbo, Michal Mroz
Tested by:Michal Mroz
Obtained from:Fudo Security
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb
19 23:24:39 2019(r344315)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb
19 23:35:55 2019(r344316)
@@ -692,10 +692,12 @@ vdev_geom_attach_by_guids(vdev_t *vd)
struct g_geom *gp;
struct g_provider *pp, *best_pp;
struct g_consumer *cp;
+ const char *vdpath;
enum match match, best_match;
g_topology_assert();
+ vdpath = vd->vdev_path + sizeof("/dev/") - 1;
cp = NULL;
best_pp = NULL;
best_match = NO_MATCH;
@@ -710,6 +712,10 @@ vdev_geom_attach_by_guids(vdev_t *vd)
if (match > best_match) {
best_match = match;
best_pp = pp;
+ } else if (match == best_match) {
+ if (strcmp(pp->name, vdpath) == 0) {
+ best_pp = pp;
+ }
}
if (match == FULL_MATCH)
goto out;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344314 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Tue Feb 19 23:22:39 2019
New Revision: 344314
URL: https://svnweb.freebsd.org/changeset/base/344314
Log:
In the vdev_geom_open_by_path() function we assume that vdev path starts
with "/dev/". Make sure this is the case.
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb
19 22:46:50 2019(r344313)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb
19 23:22:39 2019(r344314)
@@ -794,7 +794,7 @@ vdev_geom_open(vdev_t *vd, uint64_t *psize, uint64_t *
/*
* We must have a pathname, and it must be absolute.
*/
- if (vd->vdev_path == NULL || vd->vdev_path[0] != '/') {
+ if (vd->vdev_path == NULL || strncmp(vd->vdev_path, "/dev/", 5) != 0) {
vd->vdev_stat.vs_aux = VDEV_AUX_BAD_LABEL;
return (EINVAL);
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r342873 - head/contrib/openbsm/libauditd
Author: pjd Date: Wed Jan 9 01:16:35 2019 New Revision: 342873 URL: https://svnweb.freebsd.org/changeset/base/342873 Log: In r316006 the getstrfromtype_locked() function was modified to return an empty string, instead of NULL, if an entry is missing in the audit_control file. Because of that change the getachost() function started to return success even if the host name was not defined in the audit_control. This in turn led to auditd_hostlen always being set (for an empty host it was set to 0). If auditd_hostlen was not equal to -1 we were trying to append the host name to trail file name. All this led to situation where when host name is not defined in audit_control, auditd will create trail files with a leading '.', which breaks auditdistd as it doesn't work with longer audit trail file names. Fix this by appending host name to the trail file name only if the host name is not empty. Modified: head/contrib/openbsm/libauditd/auditd_lib.c Modified: head/contrib/openbsm/libauditd/auditd_lib.c == --- head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 9 01:11:19 2019 (r342872) +++ head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 9 01:16:35 2019 (r342873) @@ -193,7 +193,7 @@ affixdir(char *name, struct dir_ent *dirent) /* * If the host is set then also add the hostname to the filename. */ - if (auditd_hostlen != -1) + if (auditd_hostlen > 0) asprintf(, "%s/%s.%s", dirent->dirname, name, auditd_host); else asprintf(, "%s/%s", dirent->dirname, name); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r341675 - head/contrib/openbsm/bin/auditdistd
Author: pjd
Date: Fri Dec 7 03:13:36 2018
New Revision: 341675
URL: https://svnweb.freebsd.org/changeset/base/341675
Log:
Consider the following situation:
The sender has .not_terminated file. It gets disconnected. The last trail
file is then terminated without adding new data (this can happen for example
when auditd is being stopped on the sender). After reconnect the
.not_terminated
was not renamed on the receiver as it should.
We were already handling similar situation where the sender crashed and the
.not_terminated trail file was renamed to .crash_recovery. Extend this case to
handle the situation above.
Modified:
head/contrib/openbsm/bin/auditdistd/trail.c
Modified: head/contrib/openbsm/bin/auditdistd/trail.c
==
--- head/contrib/openbsm/bin/auditdistd/trail.c Fri Dec 7 02:44:04 2018
(r341674)
+++ head/contrib/openbsm/bin/auditdistd/trail.c Fri Dec 7 03:13:36 2018
(r341675)
@@ -264,6 +264,12 @@ again:
* 2. It is fully sent, but is not terminated, so new data can be
*appended still, or
* 3. It is fully sent but file name has changed.
+*There are two cases here:
+*3a. Sender has crashed and the name has changed from
+*.not_terminated to .crash_recovery.
+*3b. Sender was disconnected, no new data was added to the file,
+*but its name has changed from .not_terminated to terminated
+*name.
*
* Note that we are fine if our .not_terminated or .crash_recovery file
* is smaller than the one on the receiver side, as it is possible that
@@ -275,7 +281,7 @@ again:
(offset >= sb.st_size &&
trail_is_not_terminated(trail->tr_filename)) ||
(offset >= sb.st_size && trail_is_not_terminated(filename) &&
-trail_is_crash_recovery(trail->tr_filename))) {
+!trail_is_not_terminated(trail->tr_filename))) {
/* File was not fully send. Let's finish it. */
if (lseek(fd, offset, SEEK_SET) == -1) {
pjdlog_errno(LOG_ERR,
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r339178 - head/contrib/openbsm/bin/auditdistd
Author: pjd
Date: Thu Oct 4 05:57:27 2018
New Revision: 339178
URL: https://svnweb.freebsd.org/changeset/base/339178
Log:
Remove invalid comments and correct some typos.
Approved by: re (kib)
Modified:
head/contrib/openbsm/bin/auditdistd/receiver.c
head/contrib/openbsm/bin/auditdistd/sender.c
Modified: head/contrib/openbsm/bin/auditdistd/receiver.c
==
--- head/contrib/openbsm/bin/auditdistd/receiver.c Thu Oct 4 05:54:57
2018(r339177)
+++ head/contrib/openbsm/bin/auditdistd/receiver.c Thu Oct 4 05:57:27
2018(r339178)
@@ -140,7 +140,7 @@ static void
adreq_decode_and_validate_header(struct adreq *adreq)
{
- /* Byte-swap only is the sender is using different byte order. */
+ /* Byte-swap only if the sender is using different byte order. */
if (adreq->adr_byteorder != ADIST_BYTEORDER) {
adreq->adr_byteorder = ADIST_BYTEORDER;
adreq->adr_seq = bswap64(adreq->adr_seq);
Modified: head/contrib/openbsm/bin/auditdistd/sender.c
==
--- head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:54:57
2018(r339177)
+++ head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:57:27
2018(r339178)
@@ -512,9 +512,6 @@ keepalive_send(void)
pjdlog_debug(3, "keepalive_send: Request sent.");
}
-/*
- * Thread sends request to secondary node.
- */
static void *
send_thread(void *arg __unused)
{
@@ -574,7 +571,7 @@ static void
adrep_decode_header(struct adrep *adrep)
{
- /* Byte-swap only is the receiver is using different byte order. */
+ /* Byte-swap only if the receiver is using different byte order. */
if (adrep->adrp_byteorder != ADIST_BYTEORDER) {
adrep->adrp_byteorder = ADIST_BYTEORDER;
adrep->adrp_seq = bswap64(adrep->adrp_seq);
@@ -582,10 +579,6 @@ adrep_decode_header(struct adrep *adrep)
}
}
-/*
- * Thread receives answer from secondary node and passes it to ggate_send
- * thread.
- */
static void *
recv_thread(void *arg __unused)
{
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r339177 - head/contrib/openbsm/bin/auditdistd
Author: pjd
Date: Thu Oct 4 05:54:57 2018
New Revision: 339177
URL: https://svnweb.freebsd.org/changeset/base/339177
Log:
When the adist_free list is empty and we lose connection to the receiver we
move all elements from the adist_send and adist_recv lists back onto the
adist_free list, but we don't wake consumers waitings for the adist_free list
to become non-empty. This can lead to the sender process stopping audit trail
files distribution and waiting forever.
Fix the problem by adding the missing wakeup.
While here slow down spinning on CPU in case of a short race in
sender_disconnect() and add an explaination when it can occur.
PR: 201953
Reported by: peter
Approved by: re (kib)
Modified:
head/contrib/openbsm/bin/auditdistd/auditdistd.h
head/contrib/openbsm/bin/auditdistd/sender.c
Modified: head/contrib/openbsm/bin/auditdistd/auditdistd.h
==
--- head/contrib/openbsm/bin/auditdistd/auditdistd.hThu Oct 4 05:48:09
2018(r339176)
+++ head/contrib/openbsm/bin/auditdistd/auditdistd.hThu Oct 4 05:54:57
2018(r339177)
@@ -248,6 +248,21 @@ struct adrep {
if (_wakeup)\
cv_signal(list##_cond); \
} while (0)
+#defineQUEUE_CONCAT2(tolist, fromlist1, fromlist2) do {
\
+ bool _wakeup; \
+ \
+ mtx_lock(tolist##_lock);\
+ _wakeup = TAILQ_EMPTY(tolist); \
+ mtx_lock(fromlist1##_lock); \
+ TAILQ_CONCAT((tolist), (fromlist1), adr_next); \
+ mtx_unlock(fromlist1##_lock); \
+ mtx_lock(fromlist2##_lock); \
+ TAILQ_CONCAT((tolist), (fromlist2), adr_next); \
+ mtx_unlock(fromlist2##_lock); \
+ mtx_unlock(tolist##_lock); \
+ if (_wakeup)\
+ cv_signal(tolist##_cond); \
+} while (0)
#defineQUEUE_WAIT(list)do {
\
mtx_lock(list##_lock); \
while (TAILQ_EMPTY(list)) \
Modified: head/contrib/openbsm/bin/auditdistd/sender.c
==
--- head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:48:09
2018(r339176)
+++ head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:54:57
2018(r339177)
@@ -342,14 +342,7 @@ sender_disconnect(void)
pjdlog_warning("Disconnected from %s.", adhost->adh_remoteaddr);
/* Move all in-flight requests back onto free list. */
- mtx_lock(_free_list_lock);
- mtx_lock(_send_list_lock);
- TAILQ_CONCAT(_free_list, _send_list, adr_next);
- mtx_unlock(_send_list_lock);
- mtx_lock(_recv_list_lock);
- TAILQ_CONCAT(_free_list, _recv_list, adr_next);
- mtx_unlock(_recv_list_lock);
- mtx_unlock(_free_list_lock);
+ QUEUE_CONCAT2(_free_list, _send_list, _recv_list);
}
static void
@@ -609,9 +602,13 @@ recv_thread(void *arg __unused)
if (adhost->adh_remote == NULL) {
/*
* Connection is dead.
-* XXX: We shouldn't be here.
+* There is a short race in sender_disconnect() between
+* setting adh_remote to NULL and removing entries from
+* the recv list, which can result in us being here.
+* To avoid just spinning, wait for 0.1s.
*/
rw_unlock(_remote_lock);
+ usleep(10);
continue;
}
if (proto_recv(adhost->adh_remote, ,
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r339176 - head/contrib/openbsm/bin/auditdistd
Author: pjd
Date: Thu Oct 4 05:48:09 2018
New Revision: 339176
URL: https://svnweb.freebsd.org/changeset/base/339176
Log:
When we look for a new trail file there might be a race between find trail
file name and opening it. This race was not properly handled, because we were
copying new name before checking for openat(2) error and when we were trying
again we were starting with the next trail file. This could result in skipping
distribution of such a trail file.
Fix this problem by checking for ENOENT first (only for .not_terminated files)
and then updating (or not) tr_filename before restarting the search.
PR: 200139
Reported by: peter
Approved by: re (kib)
Modified:
head/contrib/openbsm/bin/auditdistd/trail.c
Modified: head/contrib/openbsm/bin/auditdistd/trail.c
==
--- head/contrib/openbsm/bin/auditdistd/trail.c Thu Oct 4 01:46:56 2018
(r339175)
+++ head/contrib/openbsm/bin/auditdistd/trail.c Thu Oct 4 05:48:09 2018
(r339176)
@@ -361,17 +361,38 @@ again:
pjdlog_debug(1, "No new trail files.");
return;
}
- PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile,
- sizeof(trail->tr_filename)) < sizeof(trail->tr_filename));
dfd = dirfd(trail->tr_dirfp);
PJDLOG_ASSERT(dfd >= 0);
- trail->tr_filefd = openat(dfd, trail->tr_filename, O_RDONLY);
+ trail->tr_filefd = openat(dfd, curfile, O_RDONLY);
if (trail->tr_filefd == -1) {
- pjdlog_errno(LOG_ERR,
- "Unable to open file \"%s/%s\", skipping",
- trail->tr_dirname, trail->tr_filename);
+ if (errno == ENOENT && trail_is_not_terminated(curfile)) {
+ /*
+* The .not_terminated file was most likely renamed.
+* Keep trail->tr_filename as a starting point and
+* search again.
+*/
+ pjdlog_debug(1,
+ "Unable to open \"%s/%s\", most likely renamed in
the meantime, retrying.",
+ trail->tr_dirname, curfile);
+ } else {
+ /*
+* We were unable to open the file, but not because of
+* the above. This shouldn't happen, but it did.
+* We don't know why it happen, so the best we can do
+* is to just skip this file - this is why we copy the
+* name, so we can start and the next entry.
+*/
+ PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile,
+ sizeof(trail->tr_filename)) <
+ sizeof(trail->tr_filename));
+ pjdlog_errno(LOG_ERR,
+ "Unable to open file \"%s/%s\", skipping",
+ trail->tr_dirname, curfile);
+ }
goto again;
}
+ PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile,
+ sizeof(trail->tr_filename)) < sizeof(trail->tr_filename));
pjdlog_debug(1, "Found next trail file: \"%s/%s\".", trail->tr_dirname,
trail->tr_filename);
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r292310 - head
Author: pjd Date: Wed Dec 16 01:05:50 2015 New Revision: 292310 URL: https://svnweb.freebsd.org/changeset/base/292310 Log: Keep maintainance of GELI and make it clear which directories I'm interested in. Modified: head/MAINTAINERS Modified: head/MAINTAINERS == --- head/MAINTAINERSWed Dec 16 00:56:45 2015(r292309) +++ head/MAINTAINERSWed Dec 16 01:05:50 2015(r292310) @@ -42,6 +42,7 @@ dev/usb/wlan adrian Pre-commit review re etc/mail gshapiroPre-commit review requested. Keep in sync with -STABLE. etc/sendmail gshapiroPre-commit review requested. Keep in sync with -STABLE. fetch des Pre-commit review requested. +geli pjd Pre-commit review requested (both sys/geom/eli/ and sbin/geom/class/eli/). isci(4)jimharris Pre-commit review requested. iwm(4) adrian Pre-commit review requested, send to freebsd-wirel...@freebsd.org iwn(4) adrian Pre-commit review requested, send to freebsd-wirel...@freebsd.org @@ -125,7 +126,6 @@ fileobrien Insists to keep file blocke contrib/bzip2 obrien Pre-commit review required. geom freebsd-g...@freebsd.org geom_concatpjd Pre-commit review preferred. -geom_eli pjd Pre-commit review preferred. geom_gate pjd Pre-commit review preferred. geom_label pjd Pre-commit review preferred. geom_mirrorpjd Pre-commit review preferred. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r289941 - head/sys/kern
Author: pjd
Date: Sun Oct 25 18:48:09 2015
New Revision: 289941
URL: https://svnweb.freebsd.org/changeset/base/289941
Log:
The aio_waitcomplete(2) syscall should not sleep when the given timeout
is 0. Without this change it was sleeping for one tick. Maybe not a big
deal, but it makes share/dtrace/blocking script to report that.
Reviewed by: jhb
Differential Revision:https://reviews.freebsd.org/D3814
Sponsored by: Wheel Systems, http://wheelsystems.com
Modified:
head/sys/kern/vfs_aio.c
Modified: head/sys/kern/vfs_aio.c
==
--- head/sys/kern/vfs_aio.c Sun Oct 25 18:09:03 2015(r289940)
+++ head/sys/kern/vfs_aio.c Sun Oct 25 18:48:09 2015(r289941)
@@ -2494,8 +2494,11 @@ kern_aio_waitcomplete(struct thread *td,
ops->store_aiocb(aiocbp, NULL);
- timo = 0;
- if (ts) {
+ if (ts == NULL) {
+ timo = 0;
+ } else if (ts->tv_sec == 0 && ts->tv_nsec == 0) {
+ timo = -1;
+ } else {
if ((ts->tv_nsec < 0) || (ts->tv_nsec >= 10))
return (EINVAL);
@@ -2513,6 +2516,10 @@ kern_aio_waitcomplete(struct thread *td,
cb = NULL;
AIO_LOCK(ki);
while ((cb = TAILQ_FIRST(>kaio_done)) == NULL) {
+ if (timo == -1) {
+ error = EWOULDBLOCK;
+ break;
+ }
ki->kaio_flags |= KAIO_WAKEUP;
error = msleep(>p_aioinfo, AIO_MTX(ki), PRIBIO | PCATCH,
"aiowc", timo);
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r288644 - head/share/dtrace
Author: pjd
Date: Sun Oct 4 00:40:12 2015
New Revision: 288644
URL: https://svnweb.freebsd.org/changeset/base/288644
Log:
Add a little, but very useful script for use with programs that work using an
event loop and should sleep only when waiting for events (eg. via kevent(2)).
When a program is going to sleep in the kernel, the script will show its name,
PID, kernel stack trace and userland stack trace. Sleeping in kevent(2) is
ignored as it is expected to be valid.
Sample output:
# ./blocking lynxd
lynxd(15042) is blocking...
kernel`_cv_wait_sig+0x124
kernel`seltdwait+0xae
kernel`sys_poll+0x3a3
kernel`amd64_syscall+0x343
kernel`0x806c79ab
lynxd`poll+0xa
lynxd`pqSocketCheck+0xa2
lynxd`pqWaitTimed+0x29
lynxd`connectDBComplete+0xd7
lynxd`PQsetdbLogin+0x2ec
lynxd`db_connect+0x3c
lynxd`main+0x198
lynxd`_start+0x16f
0x2
lynxd(1925) is blocking...
kernel`_cv_wait+0x125
zfs.ko`zio_wait+0x5b
zfs.ko`dmu_buf_hold_array_by_dnode+0x1dc
zfs.ko`dmu_read+0xcb
zfs.ko`zfs_freebsd_getpages+0x37b
kernel`VOP_GETPAGES_APV+0xa7
kernel`vnode_pager_getpages+0x9a
kernel`vm_fault_hold+0x885
kernel`vm_fault+0x77
kernel`trap_pfault+0x211
kernel`trap+0x506
kernel`0x806c76c2
lynxd`EVP_add_cipher+0x13
lynxd`SSL_library_init+0x11
lynxd`main+0x94
lynxd`_start+0x16f
0x2
lynxd(1925) is blocking...
kernel`_cv_wait+0x125
zfs.ko`zio_wait+0x5b
zfs.ko`dbuf_read+0x791
zfs.ko`dbuf_findbp+0x12f
zfs.ko`dbuf_hold_impl+0xa2
zfs.ko`dbuf_hold+0x1b
zfs.ko`dmu_buf_hold_array_by_dnode+0x153
zfs.ko`dmu_read_uio+0x66
zfs.ko`zfs_freebsd_read+0x3a3
kernel`VOP_READ_APV+0xa1
kernel`vn_read+0x13a
kernel`vn_io_fault+0x10b
kernel`dofileread+0x95
kernel`kern_readv+0x68
kernel`sys_read+0x63
kernel`amd64_syscall+0x343
kernel`0x806c79ab
lynxd`_read+0xa
lynxd`__srefill+0x122
lynxd`fgets+0x78
lynxd`file_gets+0x1d
lynxd`BIO_gets+0x64
lynxd`PEM_read_bio+0xf5
lynxd`PEM_X509_INFO_read_bio+0x90
lynxd`X509_load_cert_crl_file+0x47
lynxd`by_file_ctrl+0x2e
lynxd`X509_STORE_load_locations+0x4a
lynxd`sslctx_init+0x255
lynxd`main+0x215
lynxd`_start+0x16f
0x2
Requested by: gnn
Obtained from:Wheel Systems http://wheelsystems.com
Added:
head/share/dtrace/blocking (contents, props changed)
Modified:
head/share/dtrace/Makefile
Modified: head/share/dtrace/Makefile
==
--- head/share/dtrace/Makefile Sat Oct 3 22:38:08 2015(r288643)
+++ head/share/dtrace/Makefile Sun Oct 4 00:40:12 2015(r288644)
@@ -12,7 +12,8 @@ SUBDIR= ${_toolkit}
_toolkit= toolkit
.endif
-SCRIPTS= disklatency \
+SCRIPTS= blocking \
+ disklatency \
disklatencycmd \
hotopen \
nfsattrstats \
Added: head/share/dtrace/blocking
==
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/share/dtrace/blocking Sun Oct 4 00:40:12 2015(r288644)
@@ -0,0 +1,57 @@
+#!/usr/sbin/dtrace -s
+/*-
+ * Copyright (c) 2015 Pawel Jakub Dawidek <pa...@dawidek.net>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE A
svn commit: r286444 - in head: sbin/geom/class/eli sys/geom/eli
Author: pjd
Date: Sat Aug 8 09:51:38 2015
New Revision: 286444
URL: https://svnweb.freebsd.org/changeset/base/286444
Log:
Enable BIO_DELETE passthru in GELI, so TRIM/UNMAP can work as expected when
GELI is used on a SSD or inside virtual machine, so that guest can tell
host that it is no longer using some of the storage.
Enabling BIO_DELETE passthru comes with a small security consequence - an
attacker can tell how much space is being really used on encrypted device and
has less data no analyse then. This is why the -T option can be given to the
init subcommand to turn off this behaviour and -t/T options for the configure
subcommand can be used to adjust this setting later.
PR: 198863
Submitted by: Matthew D. Fuller fullermd at over-yonder dot net
This commit also includes a fix from Fabian Keil freebsd-listen at
fabiankeil.de for 'configure' on onetime providers which is not strictly
related, but is entangled in the same code, so would cause conflicts if
separated out.
Modified:
head/sbin/geom/class/eli/geli.8
head/sbin/geom/class/eli/geom_eli.c
head/sys/geom/eli/g_eli.c
head/sys/geom/eli/g_eli.h
head/sys/geom/eli/g_eli_ctl.c
Modified: head/sbin/geom/class/eli/geli.8
==
--- head/sbin/geom/class/eli/geli.8 Sat Aug 8 08:40:36 2015
(r286443)
+++ head/sbin/geom/class/eli/geli.8 Sat Aug 8 09:51:38 2015
(r286444)
@@ -24,7 +24,7 @@
.\
.\ $FreeBSD$
.\
-.Dd June 2, 2015
+.Dd July 10, 2015
.Dt GELI 8
.Os
.Sh NAME
@@ -51,7 +51,7 @@ utility:
.Pp
.Nm
.Cm init
-.Op Fl bPv
+.Op Fl bPTv
.Op Fl a Ar aalgo
.Op Fl B Ar backupfile
.Op Fl e Ar ealgo
@@ -80,7 +80,7 @@ utility:
.Cm detach
.Nm
.Cm onetime
-.Op Fl d
+.Op Fl dT
.Op Fl a Ar aalgo
.Op Fl e Ar ealgo
.Op Fl l Ar keylen
@@ -88,7 +88,7 @@ utility:
.Ar prov
.Nm
.Cm configure
-.Op Fl bB
+.Op Fl bBtT
.Ar prov ...
.Nm
.Cm setkey
@@ -351,6 +351,17 @@ Change decrypted provider's sector size.
Increasing the sector size allows increased performance,
because encryption/decryption which requires an initialization vector
is done per sector; fewer sectors means less computational work.
+.It Fl T
+Don't pass through
+.Dv BIO_DELETE
+calls (i.e., TRIM/UNMAP).
+This can prevent an attacker from knowing how much space you're actually
+using and which sectors contain live data, but will also prevent the
+backing store (SSD, etc) from reclaiming space you're not using, which
+may degrade its performance and lifespan.
+The underlying provider may or may not actually obliterate the deleted
+sectors when TRIM is enabled, so it should not be considered to add any
+security.
.It Fl V Ar version
Metadata version to use.
This option is helpful when creating a provider that may be used by older
@@ -456,6 +467,11 @@ Change decrypted provider's sector size.
For more information, see the description of the
.Cm init
subcommand.
+.It Fl T
+Disable TRIM/UNMAP passthru.
+For more information, see the description of the
+.Cm init
+subcommand.
.El
.It Cm configure
Change configuration of the given providers.
@@ -469,6 +485,13 @@ For more information, see the descriptio
subcommand.
.It Fl B
Remove the BOOT flag from the given providers.
+.It Fl t
+Enable TRIM/UNMAP passthru.
+For more information, see the description of the
+.Cm init
+subcommand.
+.It Fl T
+Disable TRIM/UNMAP passthru.
.El
.It Cm setkey
Install a copy of the Master Key into the selected slot, encrypted with
Modified: head/sbin/geom/class/eli/geom_eli.c
==
--- head/sbin/geom/class/eli/geom_eli.c Sat Aug 8 08:40:36 2015
(r286443)
+++ head/sbin/geom/class/eli/geom_eli.c Sat Aug 8 09:51:38 2015
(r286444)
@@ -114,10 +114,11 @@ struct g_command class_commands[] = {
{ 'l', keylen, 0, G_TYPE_NUMBER },
{ 'P', nonewpassphrase, NULL, G_TYPE_BOOL },
{ 's', sectorsize, 0, G_TYPE_NUMBER },
+ { 'T', notrim, NULL, G_TYPE_BOOL },
{ 'V', mdversion, -1, G_TYPE_NUMBER },
G_OPT_SENTINEL
},
- [-bPv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l
keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov
+ [-bPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l
keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov
},
{ label, G_FLAG_VERBOSE, eli_main,
{
@@ -170,17 +171,20 @@ struct g_command class_commands[] = {
{ 'e', ealgo, GELI_ENC_ALGO, G_TYPE_STRING },
{ 'l', keylen, 0, G_TYPE_NUMBER },
{ 's', sectorsize, 0, G_TYPE_NUMBER },
+ { 'T', notrim, NULL, G_TYPE_BOOL },
G_OPT_SENTINEL
},
- [-d] [-a aalgo] [-e ealgo] [-l keylen] [-s sectorsize] prov
+
svn commit: r286445 - in head: sbin/swapon share/man/man5
Author: pjd
Date: Sat Aug 8 09:57:38 2015
New Revision: 286445
URL: https://svnweb.freebsd.org/changeset/base/286445
Log:
Allow to disable BIO_DELETE passthru in fstab for swap-on-geli devices by
passing 'notrim' option.
PR: 198863
Submitted by: Matthew D. Fuller fullermd at over-yonder dot net
Modified:
head/sbin/swapon/swapon.c
head/share/man/man5/fstab.5
Modified: head/sbin/swapon/swapon.c
==
--- head/sbin/swapon/swapon.c Sat Aug 8 09:51:38 2015(r286444)
+++ head/sbin/swapon/swapon.c Sat Aug 8 09:57:38 2015(r286445)
@@ -313,7 +313,7 @@ static char *
swap_on_geli_args(const char *mntops)
{
const char *aalgo, *ealgo, *keylen_str, *sectorsize_str;
- const char *aflag, *eflag, *lflag, *sflag;
+ const char *aflag, *eflag, *lflag, *Tflag, *sflag;
char *p, *args, *token, *string, *ops;
int argsize, pagesize;
size_t pagesize_len;
@@ -321,7 +321,7 @@ swap_on_geli_args(const char *mntops)
/* Use built-in defaults for geli(8). */
aalgo = ealgo = keylen_str = ;
- aflag = eflag = lflag = ;
+ aflag = eflag = lflag = Tflag = ;
/* We will always specify sectorsize. */
sflag = -s ;
@@ -365,6 +365,8 @@ swap_on_geli_args(const char *mntops)
free(ops);
return (NULL);
}
+ } else if ((p = strstr(token, notrim)) == token) {
+ Tflag = -T ;
} else if (strcmp(token, sw) != 0) {
warnx(Invalid option: %s, token);
free(ops);
@@ -387,8 +389,8 @@ swap_on_geli_args(const char *mntops)
sectorsize_str = p;
}
- argsize = asprintf(args, %s%s%s%s%s%s%s%s -d,
- aflag, aalgo, eflag, ealgo, lflag, keylen_str,
+ argsize = asprintf(args, %s%s%s%s%s%s%s%s%s -d,
+ aflag, aalgo, eflag, ealgo, lflag, keylen_str, Tflag,
sflag, sectorsize_str);
free(ops);
Modified: head/share/man/man5/fstab.5
==
--- head/share/man/man5/fstab.5 Sat Aug 8 09:51:38 2015(r286444)
+++ head/share/man/man5/fstab.5 Sat Aug 8 09:57:38 2015(r286445)
@@ -242,6 +242,7 @@ The
.Dq ealgo ,
.Dq aalgo ,
.Dq keylen ,
+.Dq notrim ,
and
.Dq sectorsize
options may be passed to control those
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r286373 - head/sys/geom/eli
Author: pjd
Date: Thu Aug 6 17:13:34 2015
New Revision: 286373
URL: https://svnweb.freebsd.org/changeset/base/286373
Log:
After crypto_dispatch() bio might be already delivered and destroyed,
so we cannot access it anymore. Setting an error later lead to memory
corruption.
Assert that crypto_dispatch() was successful. It can fail only if we pass a
bogus crypto request, which is a bug in the program, not a runtime condition.
PR: 199705
Submitted by: luke.tw
Reviewed by: emaste
MFC after:3 days
Modified:
head/sys/geom/eli/g_eli_integrity.c
head/sys/geom/eli/g_eli_privacy.c
Modified: head/sys/geom/eli/g_eli_integrity.c
==
--- head/sys/geom/eli/g_eli_integrity.c Thu Aug 6 17:07:21 2015
(r286372)
+++ head/sys/geom/eli/g_eli_integrity.c Thu Aug 6 17:13:34 2015
(r286373)
@@ -408,8 +408,8 @@ g_eli_auth_run(struct g_eli_worker *wr,
struct cryptodesc *crde, *crda;
u_int i, lsec, nsec, data_secsize, decr_secsize, encr_secsize;
off_t dstoff;
- int err, error;
u_char *p, *data, *auth, *authkey, *plaindata;
+ int error;
G_ELI_LOGREQ(3, bp, %s, __func__);
@@ -451,7 +451,6 @@ g_eli_auth_run(struct g_eli_worker *wr,
bp-bio_inbed = 0;
bp-bio_children = nsec;
- error = 0;
for (i = 1; i = nsec; i++, dstoff += encr_secsize) {
crp = (struct cryptop *)p; p += sizeof(*crp);
crde = (struct cryptodesc *)p; p += sizeof(*crde);
@@ -519,10 +518,8 @@ g_eli_auth_run(struct g_eli_worker *wr,
crda-crd_klen = G_ELI_AUTH_SECKEYLEN * 8;
crp-crp_etype = 0;
- err = crypto_dispatch(crp);
- if (err != 0 error == 0)
- error = err;
+ error = crypto_dispatch(crp);
+ KASSERT(error == 0, (crypto_dispatch() failed (error=%d),
+ error));
}
- if (bp-bio_error == 0)
- bp-bio_error = error;
}
Modified: head/sys/geom/eli/g_eli_privacy.c
==
--- head/sys/geom/eli/g_eli_privacy.c Thu Aug 6 17:07:21 2015
(r286372)
+++ head/sys/geom/eli/g_eli_privacy.c Thu Aug 6 17:13:34 2015
(r286373)
@@ -230,10 +230,10 @@ g_eli_crypto_run(struct g_eli_worker *wr
struct cryptop *crp;
struct cryptodesc *crd;
u_int i, nsec, secsize;
- int err, error;
off_t dstoff;
size_t size;
u_char *p, *data;
+ int error;
G_ELI_LOGREQ(3, bp, %s, __func__);
@@ -271,7 +271,6 @@ g_eli_crypto_run(struct g_eli_worker *wr
bcopy(bp-bio_data, data, bp-bio_length);
}
- error = 0;
for (i = 0, dstoff = bp-bio_offset; i nsec; i++, dstoff += secsize) {
crp = (struct cryptop *)p; p += sizeof(*crp);
crd = (struct cryptodesc *)p; p += sizeof(*crd);
@@ -308,10 +307,8 @@ g_eli_crypto_run(struct g_eli_worker *wr
crd-crd_next = NULL;
crp-crp_etype = 0;
- err = crypto_dispatch(crp);
- if (error == 0)
- error = err;
+ error = crypto_dispatch(crp);
+ KASSERT(error == 0, (crypto_dispatch() failed (error=%d),
+ error));
}
- if (bp-bio_error == 0)
- bp-bio_error = error;
}
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r285021 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
On Mon, Aug 03, 2015 at 04:20:04PM +0300, Andriy Gapon wrote: On 30/07/2015 10:24, K. Macy wrote: Just FYI this change introduces a deadlock with with the spa_namespace_lock. Mount will be holding this lock while trying to acquire the spa_namespace_lock. zfskern on the other hand holds the spa_namespace_lock when calling zfs_freebsd_access which in turn tries to acquire the teardown lock. I missed the fact that zpool.cache file is being written with spa_namespace_lock held. I'll try to either resolve the problem in the next day or I will revert the change. FYI, I'm hitting this deadlock on my laptop. Reverting the change fixes the problem. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgp3vIPthvTlm.pgp Description: PGP signature
svn commit: r285363 - head/sys/geom/eli
Author: pjd Date: Fri Jul 10 19:27:19 2015 New Revision: 285363 URL: https://svnweb.freebsd.org/changeset/base/285363 Log: Spoil even can happen for some time now even on providers opened exclusively (on the media change event). Update GELI to handle that situation. PR: 201185 Submitted by: Matthew D. Fuller Modified: head/sys/geom/eli/g_eli.c Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Fri Jul 10 19:24:36 2015(r285362) +++ head/sys/geom/eli/g_eli.c Fri Jul 10 19:27:19 2015(r285363) @@ -730,10 +730,10 @@ g_eli_create(struct gctl_req *req, struc sc = malloc(sizeof(*sc), M_ELI, M_WAITOK | M_ZERO); gp-start = g_eli_start; /* -* Spoiling cannot happen actually, because we keep provider open for -* writing all the time or provider is read-only. +* Spoiling can happen even though we have the provider open +* exclusively, e.g. through media change events. */ - gp-spoiled = g_eli_orphan_spoil_assert; + gp-spoiled = g_eli_orphan; gp-orphan = g_eli_orphan; gp-dumpconf = g_eli_dumpconf; /* ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r285023 - in head: sbin/geom/class/eli sys/geom/eli
Author: pjd
Date: Thu Jul 2 10:55:32 2015
New Revision: 285023
URL: https://svnweb.freebsd.org/changeset/base/285023
Log:
Allow to omit keyfile number for the first keyfile.
Modified:
head/sbin/geom/class/eli/geli.8
head/sys/geom/eli/g_eli.c
Modified: head/sbin/geom/class/eli/geli.8
==
--- head/sbin/geom/class/eli/geli.8 Thu Jul 2 10:31:08 2015
(r285022)
+++ head/sbin/geom/class/eli/geli.8 Thu Jul 2 10:55:32 2015
(r285023)
@@ -24,7 +24,7 @@
.\
.\ $FreeBSD$
.\
-.Dd June 18, 2014
+.Dd June 2, 2015
.Dt GELI 8
.Os
.Sh NAME
@@ -893,6 +893,13 @@ geli_da1s3a_keyfile0_type=da1s3a:geli_k
geli_da1s3a_keyfile0_name=/boot/keys/da1s3a.key
.Ed
.Pp
+If there is only one keyfile, the index might be omitted:
+.Bd -literal -offset indent
+geli_da1s3a_keyfile_load=YES
+geli_da1s3a_keyfile_type=da1s3a:geli_keyfile
+geli_da1s3a_keyfile_name=/boot/keys/da1s3a.key
+.Ed
+.Pp
Not only configure encryption, but also data integrity verification using
.Nm HMAC/SHA256 .
.Bd -literal -offset indent
Modified: head/sys/geom/eli/g_eli.c
==
--- head/sys/geom/eli/g_eli.c Thu Jul 2 10:31:08 2015(r285022)
+++ head/sys/geom/eli/g_eli.c Thu Jul 2 10:55:32 2015(r285023)
@@ -998,6 +998,13 @@ g_eli_keyfiles_load(struct hmac_ctx *ctx
for (i = 0; ; i++) {
snprintf(name, sizeof(name), %s:geli_keyfile%d, provider, i);
keyfile = preload_search_by_type(name);
+ if (keyfile == NULL i == 0) {
+ /*
+* If there is only one keyfile, allow simpler name.
+*/
+ snprintf(name, sizeof(name), %s:geli_keyfile,
provider);
+ keyfile = preload_search_by_type(name);
+ }
if (keyfile == NULL)
return (i); /* Return number of loaded keyfiles. */
data = preload_fetch_addr(keyfile);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r285024 - head/sys/geom/eli
Author: pjd Date: Thu Jul 2 10:57:34 2015 New Revision: 285024 URL: https://svnweb.freebsd.org/changeset/base/285024 Log: Properly propagate errors in metadata reading. PR: 198860 Submitted by: Matthew D. Fuller Modified: head/sys/geom/eli/g_eli.c Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Thu Jul 2 10:55:32 2015(r285023) +++ head/sys/geom/eli/g_eli.c Thu Jul 2 10:57:34 2015(r285024) @@ -633,7 +633,10 @@ g_eli_read_metadata(struct g_class *mp, g_topology_lock(); if (buf == NULL) goto end; - eli_metadata_decode(buf, md); + error = eli_metadata_decode(buf, md); + if (error != 0) + goto end; + /* Metadata was read and decoded successfully. */ end: if (buf != NULL) g_free(buf); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277921 - head/lib/libnv
Author: pjd
Date: Fri Jan 30 10:08:38 2015
New Revision: 277921
URL: https://svnweb.freebsd.org/changeset/base/277921
Log:
Modify nvlist_get_parent() API to take additional cookie argument.
This allow for non-recursive iteration over nested nvlists, as in documented
example.
Submitted by: Mariusz Zaborski osho...@freebsd.org
Modified:
head/lib/libnv/nv.3
head/lib/libnv/nv.h
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nv.3
==
--- head/lib/libnv/nv.3 Fri Jan 30 09:44:29 2015(r277920)
+++ head/lib/libnv/nv.3 Fri Jan 30 10:08:38 2015(r277921)
@@ -28,7 +28,7 @@
.\
.\ $FreeBSD$
.\
-.Dd September 25, 2014
+.Dd January 30, 2015
.Dt NV 3
.Os
.Sh NAME
@@ -151,7 +151,7 @@
.Ft const void *
.Fn nvlist_get_binary const nvlist_t *nvl const char *name size_t *sizep
.Ft const nvlist_t *
-.Fn nvlist_get_parent const nvlist_t *nvl
+.Fn nvlist_get_parent const nvlist_t *nvl void **cookiep
.\
.Ft bool
.Fn nvlist_take_bool nvlist_t *nvl const char *name
@@ -588,6 +588,28 @@ while ((name = nvlist_next(nvl, type,
printf(\\n);
}
.Ed
+.Pp
+Iterating over every nested nvlist:
+.Bd -literal
+nvlist_t *nvl;
+const char *name;
+void *cookie;
+int type;
+
+nvl = nvlist_recv(sock);
+if (nvl == NULL)
+ err(1, nvlist_recv() failed);
+
+cookie = NULL;
+do {
+ while ((name = nvlist_next(nvl, type, cookie)) != NULL) {
+ if (type == NV_TYPE_NVLIST) {
+ nvl = nvlist_get_nvlist(nvl, name);
+ cookie = NULL;
+ }
+ }
+} while ((nvl = nvlist_get_parent(nvl, cookie)) != NULL);
+.Ed
.Sh SEE ALSO
.Xr close 2 ,
.Xr dup 2 ,
Modified: head/lib/libnv/nv.h
==
--- head/lib/libnv/nv.h Fri Jan 30 09:44:29 2015(r277920)
+++ head/lib/libnv/nv.h Fri Jan 30 10:08:38 2015(r277921)
@@ -83,7 +83,7 @@ nvlist_t *nvlist_xfer(int sock, nvlist_t
const char *nvlist_next(const nvlist_t *nvl, int *typep, void **cookiep);
-const nvlist_t *nvlist_get_parent(const nvlist_t *nvl);
+const nvlist_t *nvlist_get_parent(const nvlist_t *nvl, void **cookiep);
/*
* The nvlist_exists functions check if the given name (optionally of the given
Modified: head/lib/libnv/nvlist.c
==
--- head/lib/libnv/nvlist.c Fri Jan 30 09:44:29 2015(r277920)
+++ head/lib/libnv/nvlist.c Fri Jan 30 10:08:38 2015(r277921)
@@ -159,15 +159,19 @@ nvlist_get_nvpair_parent(const nvlist_t
}
const nvlist_t *
-nvlist_get_parent(const nvlist_t *nvl)
+nvlist_get_parent(const nvlist_t *nvl, void **cookiep)
{
+ nvpair_t *nvp;
NVLIST_ASSERT(nvl);
- if (nvl-nvl_parent == NULL)
+ nvp = nvl-nvl_parent;
+ if (cookiep != NULL)
+ *cookiep = nvp;
+ if (nvp == NULL)
return (NULL);
- return (nvpair_nvlist(nvl-nvl_parent));
+ return (nvpair_nvlist(nvp));
}
void
@@ -384,11 +388,10 @@ nvlist_dump(const nvlist_t *nvl, int fd)
dprintf(fd, \n);
nvl = nvpair_get_nvlist(nvp);
if (nvlist_dump_error_check(nvl, fd, level + 1)) {
- nvl = nvlist_get_parent(nvl);
+ nvl = nvlist_get_parent(nvl, (void **)nvp);
break;
}
- level += 1;
- nvp = nvlist_first_nvpair(nvl);
+ level++;
continue;
case NV_TYPE_DESCRIPTOR:
dprintf(fd, %d\n, nvpair_get_descriptor(nvp));
@@ -411,11 +414,10 @@ nvlist_dump(const nvlist_t *nvl, int fd)
}
while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) {
- nvp = nvlist_get_nvpair_parent(nvl);
- if (nvp == NULL)
+ nvl = nvlist_get_parent(nvl, (void **)nvp);
+ if (nvl == NULL)
return;
- nvl = nvlist_get_parent(nvl);
- level --;
+ level--;
}
}
}
@@ -457,10 +459,9 @@ nvlist_size(const nvlist_t *nvl)
}
while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) {
- nvp = nvlist_get_nvpair_parent(nvl);
- if (nvp == NULL)
+ nvl = nvlist_get_parent(nvl, (void **)nvp);
+ if (nvl == NULL)
goto out;
- nvl = nvlist_get_parent(nvl);
}
}
@@ -635,13 +636,12 @@ nvlist_xpack(const nvlist_t *nvl, int64_
return (NULL);
}
svn commit: r277920 - head/lib/libnv
Author: pjd
Date: Fri Jan 30 09:44:29 2015
New Revision: 277920
URL: https://svnweb.freebsd.org/changeset/base/277920
Log:
If moving descriptor or binary data to an nvlist fails, we need to close the
descriptor or free the memory before returning.
Submitted by: Mariusz Zaborski osho...@freebsd.org
While here, protect errno, so it won't be overwritted by close(2) or free(3).
Modified:
head/lib/libnv/nvpair.c
Modified: head/lib/libnv/nvpair.c
==
--- head/lib/libnv/nvpair.c Fri Jan 30 09:05:43 2015(r277919)
+++ head/lib/libnv/nvpair.c Fri Jan 30 09:44:29 2015(r277920)
@@ -1100,6 +1100,7 @@ nvpair_t *
nvpair_movev_string(char *value, const char *namefmt, va_list nameap)
{
nvpair_t *nvp;
+ int serrno;
if (value == NULL) {
errno = EINVAL;
@@ -1108,8 +1109,11 @@ nvpair_movev_string(char *value, const c
nvp = nvpair_allocv(NV_TYPE_STRING, (uint64_t)(uintptr_t)value,
strlen(value) + 1, namefmt, nameap);
- if (nvp == NULL)
+ if (nvp == NULL) {
+ serrno = errno;
free(value);
+ errno = serrno;
+ }
return (nvp);
}
@@ -1137,28 +1141,46 @@ nvpair_movev_nvlist(nvlist_t *value, con
nvpair_t *
nvpair_movev_descriptor(int value, const char *namefmt, va_list nameap)
{
+ nvpair_t *nvp;
+ int serrno;
if (value 0 || !fd_is_valid(value)) {
errno = EBADF;
return (NULL);
}
- return (nvpair_allocv(NV_TYPE_DESCRIPTOR, (uint64_t)value,
- sizeof(int64_t), namefmt, nameap));
+ nvp = nvpair_allocv(NV_TYPE_DESCRIPTOR, (uint64_t)value,
+ sizeof(int64_t), namefmt, nameap);
+ if (nvp == NULL) {
+ serrno = errno;
+ close(value);
+ errno = serrno;
+ }
+
+ return (nvp);
}
nvpair_t *
nvpair_movev_binary(void *value, size_t size, const char *namefmt,
va_list nameap)
{
+ nvpair_t *nvp;
+ int serrno;
if (value == NULL || size == 0) {
errno = EINVAL;
return (NULL);
}
- return (nvpair_allocv(NV_TYPE_BINARY, (uint64_t)(uintptr_t)value, size,
- namefmt, nameap));
+ nvp = nvpair_allocv(NV_TYPE_BINARY, (uint64_t)(uintptr_t)value, size,
+ namefmt, nameap);
+ if (nvp == NULL) {
+ serrno = errno;
+ free(value);
+ errno = serrno;
+ }
+
+ return (nvp);
}
bool
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277927 - head/lib/libnv
Author: pjd
Date: Fri Jan 30 13:03:36 2015
New Revision: 277927
URL: https://svnweb.freebsd.org/changeset/base/277927
Log:
Make gcc happy.
Reported by: bz
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
==
--- head/lib/libnv/nvlist.c Fri Jan 30 12:57:35 2015(r277926)
+++ head/lib/libnv/nvlist.c Fri Jan 30 13:03:36 2015(r277927)
@@ -358,6 +358,7 @@ nvlist_dump(const nvlist_t *nvl, int fd)
{
const nvlist_t *tmpnvl;
nvpair_t *nvp, *tmpnvp;
+ void *cookie;
int level;
level = 0;
@@ -419,9 +420,11 @@ nvlist_dump(const nvlist_t *nvl, int fd)
}
while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) {
- nvl = nvlist_get_parent(nvl, (void **)nvp);
+ cookie = NULL;
+ nvl = nvlist_get_parent(nvl, cookie);
if (nvl == NULL)
return;
+ nvp = cookie;
level--;
}
}
@@ -443,6 +446,7 @@ nvlist_size(const nvlist_t *nvl)
{
const nvlist_t *tmpnvl;
const nvpair_t *nvp, *tmpnvp;
+ void *cookie;
size_t size;
NVLIST_ASSERT(nvl);
@@ -469,9 +473,11 @@ nvlist_size(const nvlist_t *nvl)
}
while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) {
- nvl = nvlist_get_parent(nvl, (void **)nvp);
+ cookie = NULL;
+ nvl = nvlist_get_parent(nvl, cookie);
if (nvl == NULL)
goto out;
+ nvp = cookie;
}
}
@@ -587,6 +593,7 @@ nvlist_xpack(const nvlist_t *nvl, int64_
size_t left, size;
const nvlist_t *tmpnvl;
nvpair_t *nvp, *tmpnvp;
+ void *cookie;
NVLIST_ASSERT(nvl);
@@ -655,9 +662,11 @@ nvlist_xpack(const nvlist_t *nvl, int64_
return (NULL);
}
while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) {
- nvl = nvlist_get_parent(nvl, (void **)nvp);
+ cookie = NULL;
+ nvl = nvlist_get_parent(nvl, cookie);
if (nvl == NULL)
goto out;
+ nvp = cookie;
ptr = nvpair_pack_nvlist_up(ptr, left);
if (ptr == NULL)
goto out;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277926 - head/lib/libnv
Author: pjd Date: Fri Jan 30 12:57:35 2015 New Revision: 277926 URL: https://svnweb.freebsd.org/changeset/base/277926 Log: Add missing nvlist_get_parent(3) link. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/Makefile Modified: head/lib/libnv/Makefile == --- head/lib/libnv/Makefile Fri Jan 30 12:31:29 2015(r277925) +++ head/lib/libnv/Makefile Fri Jan 30 12:57:35 2015(r277926) @@ -61,6 +61,7 @@ MLINKS+=nv.3 nvlist_create.3 \ nv.3 nvlist_get_nvlist.3 \ nv.3 nvlist_get_descriptor.3 \ nv.3 nvlist_get_binary.3 \ + nv.3 nvlist_get_parent.3 \ nv.3 nvlist_take_bool.3 \ nv.3 nvlist_take_number.3 \ nv.3 nvlist_take_string.3 \ ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277925 - head/lib/libnv
Author: pjd
Date: Fri Jan 30 12:31:29 2015
New Revision: 277925
URL: https://svnweb.freebsd.org/changeset/base/277925
Log:
Handle empty nvlists correctly.
Submitted by: Mariusz Zaborski osho...@freebsd.org
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
==
--- head/lib/libnv/nvlist.c Fri Jan 30 12:07:43 2015(r277924)
+++ head/lib/libnv/nvlist.c Fri Jan 30 12:31:29 2015(r277925)
@@ -356,7 +356,8 @@ nvlist_dump_error_check(const nvlist_t *
void
nvlist_dump(const nvlist_t *nvl, int fd)
{
- nvpair_t *nvp;
+ const nvlist_t *tmpnvl;
+ nvpair_t *nvp, *tmpnvp;
int level;
level = 0;
@@ -386,13 +387,17 @@ nvlist_dump(const nvlist_t *nvl, int fd)
break;
case NV_TYPE_NVLIST:
dprintf(fd, \n);
- nvl = nvpair_get_nvlist(nvp);
- if (nvlist_dump_error_check(nvl, fd, level + 1)) {
- nvl = nvlist_get_parent(nvl, (void **)nvp);
+ tmpnvl = nvpair_get_nvlist(nvp);
+ if (nvlist_dump_error_check(tmpnvl, fd, level + 1))
break;
+ tmpnvp = nvlist_first_nvpair(tmpnvl);
+ if (tmpnvp != NULL) {
+ nvl = tmpnvl;
+ nvp = tmpnvp;
+ level++;
+ continue;
}
- level++;
- continue;
+ break;
case NV_TYPE_DESCRIPTOR:
dprintf(fd, %d\n, nvpair_get_descriptor(nvp));
break;
@@ -436,7 +441,8 @@ nvlist_fdump(const nvlist_t *nvl, FILE *
size_t
nvlist_size(const nvlist_t *nvl)
{
- const nvpair_t *nvp;
+ const nvlist_t *tmpnvl;
+ const nvpair_t *nvp, *tmpnvp;
size_t size;
NVLIST_ASSERT(nvl);
@@ -450,10 +456,14 @@ nvlist_size(const nvlist_t *nvl)
if (nvpair_type(nvp) == NV_TYPE_NVLIST) {
size += sizeof(struct nvlist_header);
size += nvpair_header_size() + 1;
- nvl = nvpair_get_nvlist(nvp);
- PJDLOG_ASSERT(nvl-nvl_error == 0);
- nvp = nvlist_first_nvpair(nvl);
- continue;
+ tmpnvl = nvpair_get_nvlist(nvp);
+ PJDLOG_ASSERT(tmpnvl-nvl_error == 0);
+ tmpnvp = nvlist_first_nvpair(tmpnvl);
+ if (tmpnvp != NULL) {
+ nvl = tmpnvl;
+ nvp = tmpnvp;
+ continue;
+ }
} else {
size += nvpair_size(nvp);
}
@@ -575,7 +585,8 @@ nvlist_xpack(const nvlist_t *nvl, int64_
{
unsigned char *buf, *ptr;
size_t left, size;
- nvpair_t *nvp;
+ const nvlist_t *tmpnvl;
+ nvpair_t *nvp, *tmpnvp;
NVLIST_ASSERT(nvl);
@@ -618,10 +629,18 @@ nvlist_xpack(const nvlist_t *nvl, int64_
ptr = nvpair_pack_string(nvp, ptr, left);
break;
case NV_TYPE_NVLIST:
- nvl = nvpair_get_nvlist(nvp);
- nvp = nvlist_first_nvpair(nvl);
- ptr = nvlist_pack_header(nvl, ptr, left);
- continue;
+ tmpnvl = nvpair_get_nvlist(nvp);
+ ptr = nvlist_pack_header(tmpnvl, ptr, left);
+ if (ptr == NULL)
+ goto out;
+ tmpnvp = nvlist_first_nvpair(tmpnvl);
+ if (tmpnvp != NULL) {
+ nvl = tmpnvl;
+ nvp = tmpnvp;
+ continue;
+ }
+ ptr = nvpair_pack_nvlist_up(ptr, left);
+ break;
case NV_TYPE_DESCRIPTOR:
ptr = nvpair_pack_descriptor(nvp, ptr, fdidxp, left);
break;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r274366 - in head/sys: dev/null geom kern sys
Author: pjd
Date: Tue Nov 11 04:48:09 2014
New Revision: 274366
URL: https://svnweb.freebsd.org/changeset/base/274366
Log:
Add missing privilege check when setting the dump device. Before that change
it
was possible for a regular user to setup the dump device if he had write
access
to the given device. In theory it is a security issue as user might get access
to kernel's memory after provoking kernel crash, but in practise it is not
recommended to give regular users direct access to storage devices.
Rework the code so that we do privileges check within the set_dumper()
function
to avoid similar problems in the future.
Discussed with: secteam
Modified:
head/sys/dev/null/null.c
head/sys/geom/geom_dev.c
head/sys/kern/kern_shutdown.c
head/sys/sys/conf.h
Modified: head/sys/dev/null/null.c
==
--- head/sys/dev/null/null.cTue Nov 11 04:07:41 2014(r274365)
+++ head/sys/dev/null/null.cTue Nov 11 04:48:09 2014(r274366)
@@ -37,7 +37,6 @@ __FBSDID($FreeBSD$);
#include sys/kernel.h
#include sys/malloc.h
#include sys/module.h
-#include sys/priv.h
#include sys/disk.h
#include sys/bus.h
#include sys/filio.h
@@ -110,9 +109,7 @@ null_ioctl(struct cdev *dev __unused, u_
switch (cmd) {
case DIOCSKERNELDUMP:
- error = priv_check(td, PRIV_SETDUMPER);
- if (error == 0)
- error = set_dumper(NULL, NULL);
+ error = set_dumper(NULL, NULL, td);
break;
case FIONBIO:
break;
Modified: head/sys/geom/geom_dev.c
==
--- head/sys/geom/geom_dev.cTue Nov 11 04:07:41 2014(r274365)
+++ head/sys/geom/geom_dev.cTue Nov 11 04:48:09 2014(r274366)
@@ -127,14 +127,14 @@ g_dev_fini(struct g_class *mp)
}
static int
-g_dev_setdumpdev(struct cdev *dev)
+g_dev_setdumpdev(struct cdev *dev, struct thread *td)
{
struct g_kerneldump kd;
struct g_consumer *cp;
int error, len;
if (dev == NULL)
- return (set_dumper(NULL, NULL));
+ return (set_dumper(NULL, NULL, td));
cp = dev-si_drv2;
len = sizeof(kd);
@@ -142,7 +142,7 @@ g_dev_setdumpdev(struct cdev *dev)
kd.length = OFF_MAX;
error = g_io_getattr(GEOM::kerneldump, cp, len, kd);
if (error == 0) {
- error = set_dumper(kd.di, devtoname(dev));
+ error = set_dumper(kd.di, devtoname(dev), td);
if (error == 0)
dev-si_flags |= SI_DUMPDEV;
}
@@ -157,7 +157,7 @@ init_dumpdev(struct cdev *dev)
return;
if (strcmp(devtoname(dev), dumpdev) != 0)
return;
- if (g_dev_setdumpdev(dev) == 0) {
+ if (g_dev_setdumpdev(dev, curthread) == 0) {
freeenv(dumpdev);
dumpdev = NULL;
}
@@ -453,9 +453,9 @@ g_dev_ioctl(struct cdev *dev, u_long cmd
break;
case DIOCSKERNELDUMP:
if (*(u_int *)data == 0)
- error = g_dev_setdumpdev(NULL);
+ error = g_dev_setdumpdev(NULL, td);
else
- error = g_dev_setdumpdev(dev);
+ error = g_dev_setdumpdev(dev, td);
break;
case DIOCGFLUSH:
error = g_io_flush(cp);
@@ -673,7 +673,7 @@ g_dev_orphan(struct g_consumer *cp)
/* Reset any dump-area set on this device */
if (dev-si_flags SI_DUMPDEV)
- (void)set_dumper(NULL, NULL);
+ (void)set_dumper(NULL, NULL, curthread);
/* Destroy the struct cdev *so we get no more requests */
destroy_dev_sched_cb(dev, g_dev_callback, cp);
Modified: head/sys/kern/kern_shutdown.c
==
--- head/sys/kern/kern_shutdown.c Tue Nov 11 04:07:41 2014
(r274365)
+++ head/sys/kern/kern_shutdown.c Tue Nov 11 04:48:09 2014
(r274366)
@@ -827,9 +827,14 @@ SYSCTL_STRING(_kern_shutdown, OID_AUTO,
/* Registration of dumpers */
int
-set_dumper(struct dumperinfo *di, const char *devname)
+set_dumper(struct dumperinfo *di, const char *devname, struct thread *td)
{
size_t wantcopy;
+ int error;
+
+ error = priv_check(td, PRIV_SETDUMPER);
+ if (error != 0)
+ return (error);
if (di == NULL) {
bzero(dumper, sizeof dumper);
Modified: head/sys/sys/conf.h
==
--- head/sys/sys/conf.h Tue Nov 11 04:07:41 2014(r274365)
+++ head/sys/sys/conf.h Tue Nov 11 04:48:09 2014(r274366)
@@ -336,7 +336,7 @@ struct dumperinfo {
off_t mediasize; /* Space available in bytes. */
svn commit: r272843 - head/lib/libnv
Author: pjd
Date: Thu Oct 9 20:55:05 2014
New Revision: 272843
URL: https://svnweb.freebsd.org/changeset/base/272843
Log:
Fix problem on big endian systems introduced in r271579 - when we were
returning from handling a nested nvlist we were resetting big-endian flag.
Reported by: Kuleshov Aleksey @ yandex.ru
Tested by:Kuleshov Aleksey @ yandex.ru
Modified:
head/lib/libnv/nvlist.c
head/lib/libnv/nvlist_impl.h
head/lib/libnv/nvpair.c
head/lib/libnv/nvpair_impl.h
Modified: head/lib/libnv/nvlist.c
==
--- head/lib/libnv/nvlist.c Thu Oct 9 20:39:18 2014(r272842)
+++ head/lib/libnv/nvlist.c Thu Oct 9 20:55:05 2014(r272843)
@@ -698,7 +698,7 @@ nvlist_check_header(struct nvlist_header
const unsigned char *
nvlist_unpack_header(nvlist_t *nvl, const unsigned char *ptr, size_t nfds,
-int *flagsp, size_t *leftp)
+bool *isbep, size_t *leftp)
{
struct nvlist_header nvlhdr;
@@ -725,7 +725,8 @@ nvlist_unpack_header(nvlist_t *nvl, cons
nvl-nvl_flags = (nvlhdr.nvlh_flags NV_FLAG_PUBLIC_MASK);
ptr += sizeof(nvlhdr);
- *flagsp = (int)nvlhdr.nvlh_flags;
+ if (isbep != NULL)
+ *isbep = (((int)nvlhdr.nvlh_flags NV_FLAG_BIG_ENDIAN) != 0);
*leftp -= sizeof(nvlhdr);
return (ptr);
@@ -741,7 +742,7 @@ nvlist_xunpack(const void *buf, size_t s
nvlist_t *nvl, *retnvl, *tmpnvl;
nvpair_t *nvp;
size_t left;
- int flags;
+ bool isbe;
left = size;
ptr = buf;
@@ -751,44 +752,43 @@ nvlist_xunpack(const void *buf, size_t s
if (nvl == NULL)
goto failed;
- ptr = nvlist_unpack_header(nvl, ptr, nfds, flags, left);
+ ptr = nvlist_unpack_header(nvl, ptr, nfds, isbe, left);
if (ptr == NULL)
goto failed;
while (left 0) {
- ptr = nvpair_unpack(flags, ptr, left, nvp);
+ ptr = nvpair_unpack(isbe, ptr, left, nvp);
if (ptr == NULL)
goto failed;
switch (nvpair_type(nvp)) {
case NV_TYPE_NULL:
- ptr = nvpair_unpack_null(flags, nvp, ptr, left);
+ ptr = nvpair_unpack_null(isbe, nvp, ptr, left);
break;
case NV_TYPE_BOOL:
- ptr = nvpair_unpack_bool(flags, nvp, ptr, left);
+ ptr = nvpair_unpack_bool(isbe, nvp, ptr, left);
break;
case NV_TYPE_NUMBER:
- ptr = nvpair_unpack_number(flags, nvp, ptr, left);
+ ptr = nvpair_unpack_number(isbe, nvp, ptr, left);
break;
case NV_TYPE_STRING:
- ptr = nvpair_unpack_string(flags, nvp, ptr, left);
+ ptr = nvpair_unpack_string(isbe, nvp, ptr, left);
break;
case NV_TYPE_NVLIST:
- ptr = nvpair_unpack_nvlist(flags, nvp, ptr, left,
- nfds, tmpnvl);
+ ptr = nvpair_unpack_nvlist(isbe, nvp, ptr, left, nfds,
+ tmpnvl);
nvlist_set_parent(tmpnvl, nvp);
break;
case NV_TYPE_DESCRIPTOR:
- ptr = nvpair_unpack_descriptor(flags, nvp, ptr, left,
+ ptr = nvpair_unpack_descriptor(isbe, nvp, ptr, left,
fds, nfds);
break;
case NV_TYPE_BINARY:
- ptr = nvpair_unpack_binary(flags, nvp, ptr, left);
+ ptr = nvpair_unpack_binary(isbe, nvp, ptr, left);
break;
case NV_TYPE_NVLIST_UP:
if (nvl-nvl_parent == NULL)
goto failed;
nvl = nvpair_nvlist(nvl-nvl_parent);
- flags = nvl-nvl_flags;
continue;
default:
PJDLOG_ABORT(Invalid type (%d)., nvpair_type(nvp));
Modified: head/lib/libnv/nvlist_impl.h
==
--- head/lib/libnv/nvlist_impl.hThu Oct 9 20:39:18 2014
(r272842)
+++ head/lib/libnv/nvlist_impl.hThu Oct 9 20:55:05 2014
(r272843)
@@ -42,6 +42,6 @@ nvlist_t *nvlist_xunpack(const void *buf
nvpair_t *nvlist_get_nvpair_parent(const nvlist_t *nvl);
const unsigned char *nvlist_unpack_header(nvlist_t *nvl,
-const unsigned char *ptr, size_t nfds, int *flagsp, size_t *leftp);
+const unsigned char *ptr, size_t nfds, bool *isbep, size_t *leftp);
#endif /* !_NVLIST_IMPL_H_ */
Modified: head/lib/libnv/nvpair.c
svn commit: r272297 - head/sys/geom
Author: pjd
Date: Tue Sep 30 11:51:32 2014
New Revision: 272297
URL: http://svnweb.freebsd.org/changeset/base/272297
Log:
Style fixes.
Modified:
head/sys/geom/geom_dev.c
Modified: head/sys/geom/geom_dev.c
==
--- head/sys/geom/geom_dev.cTue Sep 30 07:28:31 2014(r272296)
+++ head/sys/geom/geom_dev.cTue Sep 30 11:51:32 2014(r272297)
@@ -281,7 +281,7 @@ g_dev_open(struct cdev *dev, int flags,
cp = dev-si_drv2;
if (cp == NULL)
- return(ENXIO); /* g_dev_taste() not done yet */
+ return (ENXIO); /* g_dev_taste() not done yet */
g_trace(G_T_ACCESS, g_dev_open(%s, %d, %d, %p),
cp-geom-name, flags, fmt, td);
@@ -312,7 +312,7 @@ g_dev_open(struct cdev *dev, int flags,
sc-sc_open += r + w + e;
mtx_unlock(sc-sc_mtx);
}
- return(error);
+ return (error);
}
static int
@@ -324,10 +324,10 @@ g_dev_close(struct cdev *dev, int flags,
cp = dev-si_drv2;
if (cp == NULL)
- return(ENXIO);
+ return (ENXIO);
g_trace(G_T_ACCESS, g_dev_close(%s, %d, %d, %p),
cp-geom-name, flags, fmt, td);
-
+
r = flags FREAD ? -1 : 0;
w = flags FWRITE ? -1 : 0;
#ifdef notyet
@@ -361,7 +361,6 @@ g_dev_ioctl(struct cdev *dev, u_long cmd
struct g_kerneldump kd;
off_t offset, length, chunk;
int i, error;
- u_int u;
cp = dev-si_drv2;
pp = cp-provider;
@@ -396,8 +395,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd
error = g_io_getattr(GEOM::frontstuff, cp, i, data);
break;
case DIOCSKERNELDUMP:
- u = *((u_int *)data);
- if (!u) {
+ if (*(u_int *)data != 0) {
set_dumper(NULL, NULL);
error = 0;
break;
@@ -406,9 +404,9 @@ g_dev_ioctl(struct cdev *dev, u_long cmd
kd.length = OFF_MAX;
i = sizeof kd;
error = g_io_getattr(GEOM::kerneldump, cp, i, kd);
- if (!error) {
+ if (error == 0) {
error = set_dumper(kd.di, devtoname(dev));
- if (!error)
+ if (error == 0)
dev-si_flags |= SI_DUMPDEV;
}
break;
@@ -425,7 +423,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd
error = EINVAL;
break;
}
- while (length 0) {
+ while (length 0) {
chunk = length;
if (g_dev_del_max_sectors != 0 chunk
g_dev_del_max_sectors * cp-provider-sectorsize) {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r272298 - head/sys/geom
Author: pjd
Date: Tue Sep 30 12:00:50 2014
New Revision: 272298
URL: http://svnweb.freebsd.org/changeset/base/272298
Log:
Be prepared that set_dumper() might fail even when resetting it or prefix
the call with (void) to document that we intentionally ignore the return
value - no way to handle an error in case of device disappearing.
Modified:
head/sys/geom/geom_dev.c
Modified: head/sys/geom/geom_dev.c
==
--- head/sys/geom/geom_dev.cTue Sep 30 11:51:32 2014(r272297)
+++ head/sys/geom/geom_dev.cTue Sep 30 12:00:50 2014(r272298)
@@ -396,8 +396,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd
break;
case DIOCSKERNELDUMP:
if (*(u_int *)data != 0) {
- set_dumper(NULL, NULL);
- error = 0;
+ error = set_dumper(NULL, NULL);
break;
}
kd.offset = 0;
@@ -616,7 +615,7 @@ g_dev_orphan(struct g_consumer *cp)
/* Reset any dump-area set on this device */
if (dev-si_flags SI_DUMPDEV)
- set_dumper(NULL, NULL);
+ (void)set_dumper(NULL, NULL);
/* Destroy the struct cdev *so we get no more requests */
destroy_dev_sched_cb(dev, g_dev_callback, cp);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r271241 - head/lib/libnv
On Sun, Sep 07, 2014 at 10:56:57PM +, Garrett Cooper wrote: Author: ngie Date: Sun Sep 7 22:56:57 2014 New Revision: 271241 URL: http://svnweb.freebsd.org/changeset/base/271241 Log: Include src.opts.mk after SHLIBDIR has been defined so libnv is installed to /lib , not /usr/lib Don't forget to add /usr/lib/libnv* to ObsoleteFiles.inc. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r272102 - head/lib/libnv
Author: pjd Date: Thu Sep 25 10:59:01 2014 New Revision: 272102 URL: http://svnweb.freebsd.org/changeset/base/272102 Log: Document the new nvlist_get_parent() function. Submitted by: Mariusz Zaborski Modified: head/lib/libnv/nv.3 Modified: head/lib/libnv/nv.3 == --- head/lib/libnv/nv.3 Thu Sep 25 09:12:11 2014(r272101) +++ head/lib/libnv/nv.3 Thu Sep 25 10:59:01 2014(r272102) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd March 21, 2014 +.Dd September 25, 2014 .Dt NV 3 .Os .Sh NAME @@ -150,6 +150,8 @@ .Fn nvlist_get_descriptor const nvlist_t *nvl const char *name .Ft const void * .Fn nvlist_get_binary const nvlist_t *nvl const char *name size_t *sizep +.Ft const nvlist_t * +.Fn nvlist_get_parent const nvlist_t *nvl .\ .Ft bool .Fn nvlist_take_bool nvlist_t *nvl const char *name @@ -437,6 +439,10 @@ extension, which allows to provide defau The nvlist must not be in error state. .Pp The +.Fn nvlist_get_parent +function allows to obtain the parent nvlist from the nested nvlist. +.Pp +The .Fn nvlist_take_bool , .Fn nvlist_take_number , .Fn nvlist_take_string , ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271847 - head/lib/libnv
Author: pjd Date: Thu Sep 18 22:34:52 2014 New Revision: 271847 URL: http://svnweb.freebsd.org/changeset/base/271847 Log: Don't use nvl in case of a failure. Reported by: Coverity CID: 1238922 Modified: head/lib/libnv/nvpair.c Modified: head/lib/libnv/nvpair.c == --- head/lib/libnv/nvpair.c Thu Sep 18 22:27:02 2014(r271846) +++ head/lib/libnv/nvpair.c Thu Sep 18 22:34:52 2014(r271847) @@ -963,7 +963,8 @@ nvpair_createv_nvlist(const nvlist_t *va namefmt, nameap); if (nvp == NULL) nvlist_destroy(nvl); - nvlist_set_parent(nvl, nvp); + else + nvlist_set_parent(nvl, nvp); return (nvp); } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271577 - head/contrib/openbsm/bin/auditdistd
Author: pjd
Date: Sun Sep 14 09:26:33 2014
New Revision: 271577
URL: http://svnweb.freebsd.org/changeset/base/271577
Log:
Fix descriptors leak.
PR: bin/191002
Reported by: Ryan Steinmetz
Submitted by: mjg
Modified:
head/contrib/openbsm/bin/auditdistd/subr.c
Modified: head/contrib/openbsm/bin/auditdistd/subr.c
==
--- head/contrib/openbsm/bin/auditdistd/subr.c Sun Sep 14 09:20:01 2014
(r271576)
+++ head/contrib/openbsm/bin/auditdistd/subr.c Sun Sep 14 09:26:33 2014
(r271577)
@@ -228,6 +228,11 @@ wait_for_file_init(int fd)
PJDLOG_ASSERT(fd != -1);
#ifdef HAVE_KQUEUE
+ if (wait_for_file_kq != -1) {
+ close(wait_for_file_kq);
+ wait_for_file_kq = -1;
+ }
+
kq = kqueue();
if (kq == -1) {
pjdlog_errno(LOG_WARNING, kqueue() failed);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271578 - head/lib/libnv
Author: pjd
Date: Sun Sep 14 09:27:12 2014
New Revision: 271578
URL: http://svnweb.freebsd.org/changeset/base/271578
Log:
Remove the limit on descriptors that can be send in one nvlist.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/msgio.c
Modified: head/lib/libnv/msgio.c
==
--- head/lib/libnv/msgio.c Sun Sep 14 09:26:33 2014(r271577)
+++ head/lib/libnv/msgio.c Sun Sep 14 09:27:12 2014(r271578)
@@ -31,7 +31,7 @@
#include sys/cdefs.h
__FBSDID($FreeBSD$);
-#include sys/types.h
+#include sys/param.h
#include sys/socket.h
#include errno.h
@@ -56,6 +56,8 @@ __FBSDID($FreeBSD$);
#definePJDLOG_ABORT(...) abort()
#endif
+#definePKG_MAX_SIZE(MCLBYTES / CMSG_SPACE(sizeof(int)) - 1)
+
static int
msghdr_add_fd(struct cmsghdr *cmsg, int fd)
{
@@ -234,22 +236,31 @@ cred_recv(int sock, struct cmsgcred *cre
return (0);
}
-int
-fd_send(int sock, const int *fds, size_t nfds)
+static int
+fd_package_send(int sock, const int *fds, size_t nfds)
{
struct msghdr msg;
struct cmsghdr *cmsg;
+ struct iovec iov;
unsigned int i;
int serrno, ret;
+ uint8_t dummy;
- if (nfds == 0 || fds == NULL) {
- errno = EINVAL;
- return (-1);
- }
+ PJDLOG_ASSERT(sock = 0);
+ PJDLOG_ASSERT(fds != NULL);
+ PJDLOG_ASSERT(nfds 0);
bzero(msg, sizeof(msg));
- msg.msg_iov = NULL;
- msg.msg_iovlen = 0;
+
+ /*
+* XXX: Look into cred_send function for more details.
+*/
+ dummy = 0;
+ iov.iov_base = dummy;
+ iov.iov_len = sizeof(dummy);
+
+ msg.msg_iov = iov;
+ msg.msg_iovlen = 1;
msg.msg_controllen = nfds * CMSG_SPACE(sizeof(int));
msg.msg_control = calloc(1, msg.msg_controllen);
if (msg.msg_control == NULL)
@@ -274,22 +285,32 @@ end:
return (ret);
}
-int
-fd_recv(int sock, int *fds, size_t nfds)
+static int
+fd_package_recv(int sock, int *fds, size_t nfds)
{
struct msghdr msg;
struct cmsghdr *cmsg;
unsigned int i;
int serrno, ret;
+ struct iovec iov;
+ uint8_t dummy;
- if (nfds == 0 || fds == NULL) {
- errno = EINVAL;
- return (-1);
- }
+ PJDLOG_ASSERT(sock = 0);
+ PJDLOG_ASSERT(nfds 0);
+ PJDLOG_ASSERT(fds != NULL);
+ i = 0;
bzero(msg, sizeof(msg));
- msg.msg_iov = NULL;
- msg.msg_iovlen = 0;
+ bzero(iov, sizeof(iov));
+
+ /*
+* XXX: Look into cred_send function for more details.
+*/
+ iov.iov_base = dummy;
+ iov.iov_len = sizeof(dummy);
+
+ msg.msg_iov = iov;
+ msg.msg_iovlen = 1;
msg.msg_controllen = nfds * CMSG_SPACE(sizeof(int));
msg.msg_control = calloc(1, msg.msg_controllen);
if (msg.msg_control == NULL)
@@ -333,6 +354,64 @@ end:
}
int
+fd_recv(int sock, int *fds, size_t nfds)
+{
+ unsigned int i, step, j;
+ int ret, serrno;
+
+ if (nfds == 0 || fds == NULL) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ ret = i = step = 0;
+ while (i nfds) {
+ if (PKG_MAX_SIZE nfds - i)
+ step = PKG_MAX_SIZE;
+ else
+ step = nfds - i;
+ ret = fd_package_recv(sock, fds + i, step);
+ if (ret != 0) {
+ /* Close all received descriptors. */
+ serrno = errno;
+ for (j = 0; j i; j++)
+ close(fds[j]);
+ errno = serrno;
+ break;
+ }
+ i += step;
+ }
+
+ return (ret);
+}
+
+int
+fd_send(int sock, const int *fds, size_t nfds)
+{
+ unsigned int i, step;
+ int ret;
+
+ if (nfds == 0 || fds == NULL) {
+ errno = EINVAL;
+ return (-1);
+ }
+
+ ret = i = step = 0;
+ while (i nfds) {
+ if (PKG_MAX_SIZE nfds - i)
+ step = PKG_MAX_SIZE;
+ else
+ step = nfds - i;
+ ret = fd_package_send(sock, fds + i, step);
+ if (ret != 0)
+ break;
+ i += step;
+ }
+
+ return (ret);
+}
+
+int
buf_send(int sock, void *buf, size_t size)
{
ssize_t done;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271579 - head/lib/libnv
Author: pjd
Date: Sun Sep 14 09:30:09 2014
New Revision: 271579
URL: http://svnweb.freebsd.org/changeset/base/271579
Log:
Use non-recursive algorithm for traversing nvlists. This also removes
the limit on number of nested nvlists.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/nv.h
head/lib/libnv/nv_impl.h
head/lib/libnv/nvlist.c
head/lib/libnv/nvlist_impl.h
head/lib/libnv/nvpair.c
head/lib/libnv/nvpair_impl.h
Modified: head/lib/libnv/nv.h
==
--- head/lib/libnv/nv.h Sun Sep 14 09:27:12 2014(r271578)
+++ head/lib/libnv/nv.h Sun Sep 14 09:30:09 2014(r271579)
@@ -83,6 +83,8 @@ nvlist_t *nvlist_xfer(int sock, nvlist_t
const char *nvlist_next(const nvlist_t *nvl, int *typep, void **cookiep);
+const nvlist_t *nvlist_get_parent(const nvlist_t *nvl);
+
/*
* The nvlist_exists functions check if the given name (optionally of the given
* type) exists on nvlist.
Modified: head/lib/libnv/nv_impl.h
==
--- head/lib/libnv/nv_impl.hSun Sep 14 09:27:12 2014(r271578)
+++ head/lib/libnv/nv_impl.hSun Sep 14 09:30:09 2014(r271579)
@@ -39,6 +39,8 @@ struct nvpair;
typedef struct nvpair nvpair_t;
#endif
+#defineNV_TYPE_NVLIST_UP 255
+
#defineNV_TYPE_FIRST NV_TYPE_NULL
#defineNV_TYPE_LASTNV_TYPE_BINARY
@@ -55,6 +57,8 @@ void nvlist_add_nvpair(nvlist_t *nvl, co
void nvlist_move_nvpair(nvlist_t *nvl, nvpair_t *nvp);
+void nvlist_set_parent(nvlist_t *nvl, nvpair_t *parent);
+
const nvpair_t *nvlist_get_nvpair(const nvlist_t *nvl, const char *name);
nvpair_t *nvlist_take_nvpair(nvlist_t *nvl, const char *name);
Modified: head/lib/libnv/nvlist.c
==
--- head/lib/libnv/nvlist.c Sun Sep 14 09:27:12 2014(r271578)
+++ head/lib/libnv/nvlist.c Sun Sep 14 09:30:09 2014(r271579)
@@ -73,10 +73,11 @@ __FBSDID($FreeBSD$);
#defineNVLIST_MAGIC0x6e766c/* nvl */
struct nvlist {
- int nvl_magic;
- int nvl_error;
- int nvl_flags;
- struct nvl_head nvl_head;
+ int nvl_magic;
+ int nvl_error;
+ int nvl_flags;
+ nvpair_t*nvl_parent;
+ struct nvl_head nvl_head;
};
#defineNVLIST_ASSERT(nvl) do {
\
@@ -106,6 +107,7 @@ nvlist_create(int flags)
nvl = malloc(sizeof(*nvl));
nvl-nvl_error = 0;
nvl-nvl_flags = flags;
+ nvl-nvl_parent = NULL;
TAILQ_INIT(nvl-nvl_head);
nvl-nvl_magic = NVLIST_MAGIC;
@@ -147,6 +149,36 @@ nvlist_error(const nvlist_t *nvl)
return (nvl-nvl_error);
}
+nvpair_t *
+nvlist_get_nvpair_parent(const nvlist_t *nvl)
+{
+
+ NVLIST_ASSERT(nvl);
+
+ return (nvl-nvl_parent);
+}
+
+const nvlist_t *
+nvlist_get_parent(const nvlist_t *nvl)
+{
+
+ NVLIST_ASSERT(nvl);
+
+ if (nvl-nvl_parent == NULL)
+ return (NULL);
+
+ return (nvpair_nvlist(nvl-nvl_parent));
+}
+
+void
+nvlist_set_parent(nvlist_t *nvl, nvpair_t *parent)
+{
+
+ NVLIST_ASSERT(nvl);
+
+ nvl-nvl_parent = parent;
+}
+
bool
nvlist_empty(const nvlist_t *nvl)
{
@@ -301,24 +333,34 @@ nvlist_clone(const nvlist_t *nvl)
return (newnvl);
}
+static bool
+nvlist_dump_error_check(const nvlist_t *nvl, int fd, int level)
+{
+
+ if (nvlist_error(nvl) != 0) {
+ dprintf(fd, %*serror: %d\n, level * 4, ,
+ nvlist_error(nvl));
+ return (true);
+ }
+
+ return (false);
+}
+
/*
* Dump content of nvlist.
*/
-static void
-nvlist_xdump(const nvlist_t *nvl, int fd, int level)
+void
+nvlist_dump(const nvlist_t *nvl, int fd)
{
nvpair_t *nvp;
+ int level;
- PJDLOG_ASSERT(level 3);
-
- if (nvlist_error(nvl) != 0) {
- dprintf(fd, %*serror: %d\n, level * 4, ,
- nvlist_error(nvl));
+ level = 0;
+ if (nvlist_dump_error_check(nvl, fd, level))
return;
- }
- for (nvp = nvlist_first_nvpair(nvl); nvp != NULL;
- nvp = nvlist_next_nvpair(nvl, nvp)) {
+ nvp = nvlist_first_nvpair(nvl);
+ while (nvp != NULL) {
dprintf(fd, %*s%s (%s):, level * 4, , nvpair_name(nvp),
nvpair_type_string(nvpair_type(nvp)));
switch (nvpair_type(nvp)) {
@@ -340,8 +382,14 @@ nvlist_xdump(const nvlist_t *nvl, int fd
break;
case NV_TYPE_NVLIST:
dprintf(fd, \n);
- nvlist_xdump(nvpair_get_nvlist(nvp), fd, level + 1);
- break;
+ nvl =
svn commit: r271026 - head/lib/libnv
Author: pjd
Date: Wed Sep 3 14:44:23 2014
New Revision: 271026
URL: http://svnweb.freebsd.org/changeset/base/271026
Log:
Fix descriptors leak in case of nvlist_xunpack() failure.
Submitted by: Mariusz Zaborski osho...@freebsd.org
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
==
--- head/lib/libnv/nvlist.c Wed Sep 3 14:16:50 2014(r271025)
+++ head/lib/libnv/nvlist.c Wed Sep 3 14:44:23 2014(r271026)
@@ -760,8 +760,11 @@ nvlist_recv(int sock)
}
nvl = nvlist_xunpack(buf, size, fds, nfds);
- if (nvl == NULL)
+ if (nvl == NULL) {
+ for (i = 0; i nfds; i++)
+ close(fds[i]);
goto out;
+ }
ret = nvl;
out:
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271028 - head/lib/libnv
Author: pjd Date: Wed Sep 3 15:08:33 2014 New Revision: 271028 URL: http://svnweb.freebsd.org/changeset/base/271028 Log: Use better type for i. Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Wed Sep 3 15:06:47 2014(r271027) +++ head/lib/libnv/nvlist.c Wed Sep 3 15:08:33 2014(r271028) @@ -727,8 +727,8 @@ nvlist_recv(int sock) struct nvlist_header nvlhdr; nvlist_t *nvl, *ret; unsigned char *buf; - size_t nfds, size; - int serrno, i, *fds; + size_t nfds, size, i; + int serrno, *fds; if (buf_recv(sock, nvlhdr, sizeof(nvlhdr)) == -1) return (NULL); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271027 - head/lib/libnv
Author: pjd Date: Wed Sep 3 15:06:47 2014 New Revision: 271027 URL: http://svnweb.freebsd.org/changeset/base/271027 Log: Declare i. Reported by: sbruno Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Wed Sep 3 14:44:23 2014(r271026) +++ head/lib/libnv/nvlist.c Wed Sep 3 15:06:47 2014(r271027) @@ -728,7 +728,7 @@ nvlist_recv(int sock) nvlist_t *nvl, *ret; unsigned char *buf; size_t nfds, size; - int serrno, *fds; + int serrno, i, *fds; if (buf_recv(sock, nvlhdr, sizeof(nvlhdr)) == -1) return (NULL); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r267914 - in head: sbin/dhclient sys/kern
Author: pjd Date: Thu Jun 26 13:57:44 2014 New Revision: 267914 URL: http://svnweb.freebsd.org/changeset/base/267914 Log: Remove duplicated includes. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/sbin/dhclient/bpf.c head/sbin/dhclient/dhclient.c head/sys/kern/kern_exec.c head/sys/kern/subr_capability.c Modified: head/sbin/dhclient/bpf.c == --- head/sbin/dhclient/bpf.cThu Jun 26 13:02:21 2014(r267913) +++ head/sbin/dhclient/bpf.cThu Jun 26 13:57:44 2014(r267914) @@ -43,8 +43,6 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/capsicum.h - #include dhcpd.h #include privsep.h #include sys/capsicum.h Modified: head/sbin/dhclient/dhclient.c == --- head/sbin/dhclient/dhclient.c Thu Jun 26 13:02:21 2014 (r267913) +++ head/sbin/dhclient/dhclient.c Thu Jun 26 13:57:44 2014 (r267914) @@ -56,8 +56,6 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/capsicum.h - #include dhcpd.h #include privsep.h Modified: head/sys/kern/kern_exec.c == --- head/sys/kern/kern_exec.c Thu Jun 26 13:02:21 2014(r267913) +++ head/sys/kern/kern_exec.c Thu Jun 26 13:57:44 2014(r267914) @@ -35,7 +35,6 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/capsicum.h #include sys/systm.h -#include sys/capsicum.h #include sys/eventhandler.h #include sys/lock.h #include sys/mutex.h Modified: head/sys/kern/subr_capability.c == --- head/sys/kern/subr_capability.c Thu Jun 26 13:02:21 2014 (r267913) +++ head/sys/kern/subr_capability.c Thu Jun 26 13:57:44 2014 (r267914) @@ -34,16 +34,14 @@ __FBSDID($FreeBSD$); * Note that this file is compiled into the kernel and into libc. */ -#ifdef _KERNEL #include sys/types.h #include sys/capsicum.h + +#ifdef _KERNEL #include sys/systm.h #include machine/stdarg.h #else /* !_KERNEL */ -#include sys/types.h -#include sys/capsicum.h - #include assert.h #include stdarg.h #include stdbool.h ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r267159 - head/sbin/geom/class/stripe
Author: pjd
Date: Fri Jun 6 13:00:53 2014
New Revision: 267159
URL: http://svnweb.freebsd.org/changeset/base/267159
Log:
The 'create' subcommand doesn't have '-h' option.
Modified:
head/sbin/geom/class/stripe/geom_stripe.c
Modified: head/sbin/geom/class/stripe/geom_stripe.c
==
--- head/sbin/geom/class/stripe/geom_stripe.c Fri Jun 6 12:52:44 2014
(r267158)
+++ head/sbin/geom/class/stripe/geom_stripe.c Fri Jun 6 13:00:53 2014
(r267159)
@@ -62,7 +62,7 @@ struct g_command class_commands[] = {
{ 's', stripesize, GSTRIPE_STRIPESIZE, G_TYPE_NUMBER },
G_OPT_SENTINEL
},
- [-hv] [-s stripesize] name prov prov ...
+ [-v] [-s stripesize] name prov prov ...
},
{ destroy, G_FLAG_VERBOSE, NULL,
{
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r265145 - head/lib/libcapsicum
Author: pjd
Date: Wed Apr 30 09:58:28 2014
New Revision: 265145
URL: http://svnweb.freebsd.org/changeset/base/265145
Log:
Don't forget to remember previous element at the end of the loop.
Reported by: brueffer
Found with: Coverity Prevent(tm)
CID: 1135301
Modified:
head/lib/libcapsicum/libcapsicum_dns.c
Modified: head/lib/libcapsicum/libcapsicum_dns.c
==
--- head/lib/libcapsicum/libcapsicum_dns.c Wed Apr 30 09:57:38 2014
(r265144)
+++ head/lib/libcapsicum/libcapsicum_dns.c Wed Apr 30 09:58:28 2014
(r265145)
@@ -247,6 +247,7 @@ cap_getaddrinfo(cap_channel_t *chan, con
prevai-ai_next = curai;
else if (firstai == NULL)
firstai = curai;
+ prevai = curai;
}
nvlist_destroy(nvl);
if (curai == NULL nvlai != NULL) {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r264236 - head/sys/bsm
Author: pjd Date: Mon Apr 7 20:44:00 2014 New Revision: 264236 URL: http://svnweb.freebsd.org/changeset/base/264236 Log: IFp4 @1192291: - Don't include sys/caprights.h, leverage the fact that cap_rights_t is also defined in sys/types.h. - Include sys/types.h directly. - For systems that do not have cap_rights_t, define it, so we can use it in au_to_rights() prototype. Discussed with: rwatson Modified: head/sys/bsm/audit_record.h Modified: head/sys/bsm/audit_record.h == --- head/sys/bsm/audit_record.h Mon Apr 7 19:32:56 2014(r264235) +++ head/sys/bsm/audit_record.h Mon Apr 7 20:44:00 2014(r264236) @@ -33,8 +33,8 @@ #ifndef _BSM_AUDIT_RECORD_H_ #define _BSM_AUDIT_RECORD_H_ +#include sys/types.h #include sys/time.h /* struct timeval */ -#include sys/caprights.h /* cap_rights_t */ /* * Token type identifiers. @@ -191,6 +191,13 @@ struct sockaddr_un; struct vnode_au_info; #endif +#ifndef_CAP_RIGHTS_T_DECLARED +#define_CAP_RIGHTS_T_DECLARED +struct cap_rights; + +typedefstruct cap_rights cap_rights_t; +#endif + int au_open(void); int au_write(int d, token_t *m); int au_close(int d, int keep, short event); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r262405 - head/usr.bin/kdump
Author: pjd Date: Sun Feb 23 22:13:16 2014 New Revision: 262405 URL: http://svnweb.freebsd.org/changeset/base/262405 Log: Capability rights are held by descriptors, not processes. Reported by: jonathan Modified: head/usr.bin/kdump/kdump.c Modified: head/usr.bin/kdump/kdump.c == --- head/usr.bin/kdump/kdump.c Sun Feb 23 22:12:25 2014(r262404) +++ head/usr.bin/kdump/kdump.c Sun Feb 23 22:13:16 2014(r262405) @@ -1877,7 +1877,7 @@ ktrcapfail(struct ktr_cap_fail *ktr) /* operation on fd with insufficient capabilities */ printf(operation requires ); capname(ktr-cap_needed); - printf(, process holds ); + printf(, descriptor holds ); capname(ktr-cap_held); break; case CAPFAIL_INCREASE: ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261742 - head/gnu/usr.bin/groff/tmac
Author: pjd Date: Tue Feb 11 09:17:17 2014 New Revision: 261742 URL: http://svnweb.freebsd.org/changeset/base/261742 Log: Add missing libraries here as well, so a warning is not printed when one tries to view their manual pages. Reported by: rwatson Explained by: pluknet Modified: head/gnu/usr.bin/groff/tmac/mdoc.local Modified: head/gnu/usr.bin/groff/tmac/mdoc.local == --- head/gnu/usr.bin/groff/tmac/mdoc.local Tue Feb 11 08:20:45 2014 (r261741) +++ head/gnu/usr.bin/groff/tmac/mdoc.local Tue Feb 11 09:17:17 2014 (r261742) @@ -34,11 +34,13 @@ .\ FreeBSD .Lb values .ds doc-str-Lb-libarchive Streaming Archive Library (libarchive, \-larchive) .ds doc-str-Lb-libbluetooth Bluetooth User Library (libbluetooth, \-lbluetooth) +.ds doc-str-Lb-libcapsicum Capsicum Library (libcapsicum, \-lcapsicum) .ds doc-str-Lb-libedit Line Editor and History Library (libedit, \-ledit) .ds doc-str-Lb-libefi EFI Runtime Services Library (libefi, \-lefi) .ds doc-str-Lb-libelf ELF Parsing Library (libelf, \-lelf) .ds doc-str-Lb-libexecinfo Backtrace Access Library (libexecinfo, \-lexecinfo) .ds doc-str-Lb-libfetchFile Transfer Library (libfetch, \-lfetch) +.ds doc-str-Lb-libnv Name/value pairs library (libnv, \-lnv) .ds doc-str-Lb-libpmc Performance Monitoring Counters Interface Library (libpmc, \-lpmc) .ds doc-str-Lb-libproc Processor Monitoring and Analysis Library (libproc, \-lproc) .ds doc-str-Lb-libprocstat Process and Files Information Retrieval (libprocstat, \-lprocstat) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261692 - head/sbin/casperd
Author: pjd
Date: Sun Feb 9 21:42:01 2014
New Revision: 261692
URL: http://svnweb.freebsd.org/changeset/base/261692
Log:
If the main casperd process exits, zygote process should exit as well
instead of spinning.
Reported by: Mikhail m...@lenta.ru
Modified:
head/sbin/casperd/zygote.c
Modified: head/sbin/casperd/zygote.c
==
--- head/sbin/casperd/zygote.c Sun Feb 9 21:27:32 2014(r261691)
+++ head/sbin/casperd/zygote.c Sun Feb 9 21:42:01 2014(r261692)
@@ -132,8 +132,13 @@ zygote_main(int sock)
for (;;) {
nvlin = nvlist_recv(sock);
- if (nvlin == NULL)
+ if (nvlin == NULL) {
+ if (errno == ENOTCONN) {
+ /* Casperd exited. */
+ exit(0);
+ }
continue;
+ }
func = (zygote_func_t *)(uintptr_t)nvlist_get_number(nvlin,
func);
flags = (int)nvlist_get_number(nvlin, flags);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261693 - head/lib/libcasper
Author: pjd
Date: Sun Feb 9 21:47:46 2014
New Revision: 261693
URL: http://svnweb.freebsd.org/changeset/base/261693
Log:
Fix descriptor leak.
Modified:
head/lib/libcasper/libcasper.c
Modified: head/lib/libcasper/libcasper.c
==
--- head/lib/libcasper/libcasper.c Sun Feb 9 21:42:01 2014
(r261692)
+++ head/lib/libcasper/libcasper.c Sun Feb 9 21:47:46 2014
(r261693)
@@ -344,7 +344,7 @@ service_message(struct service *service,
if (sock == -1) {
error = errno;
} else {
- nvlist_add_descriptor(nvlout, sock, sock);
+ nvlist_move_descriptor(nvlout, sock, sock);
error = 0;
}
} else {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261612 - head/share/man/man4
Author: pjd Date: Fri Feb 7 22:15:48 2014 New Revision: 261612 URL: http://svnweb.freebsd.org/changeset/base/261612 Log: Add cross-references to casperd(8) and libcapsicum(3). Suggested by: rwatson Modified: head/share/man/man4/capsicum.4 Modified: head/share/man/man4/capsicum.4 == --- head/share/man/man4/capsicum.4 Fri Feb 7 22:04:56 2014 (r261611) +++ head/share/man/man4/capsicum.4 Fri Feb 7 22:15:48 2014 (r261612) @@ -104,7 +104,9 @@ associated with file descriptors; descri .Xr shm_open 2 , .Xr write 2 , .Xr cap_rights_get 3 , -.Xr procdesc 4 +.Xr libcapsicum 3 , +.Xr procdesc 4 , +.Xr casperd 8 .Sh HISTORY .Nm first appeared in ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261498 - head/sbin/ping
Author: pjd
Date: Tue Feb 4 21:43:53 2014
New Revision: 261498
URL: http://svnweb.freebsd.org/changeset/base/261498
Log:
Protect ping(8) using Capsicum and Casper. This is protection against
malicious
network packets that we parse and not against local users trying to gain root
access through ping's set-uid bit - this is handled by dropping privileges
very
early in ping.
Submitted by: Mikhail m...@lenta.ru
Modified:
head/sbin/ping/Makefile
head/sbin/ping/ping.c
Modified: head/sbin/ping/Makefile
==
--- head/sbin/ping/Makefile Tue Feb 4 21:23:12 2014(r261497)
+++ head/sbin/ping/Makefile Tue Feb 4 21:43:53 2014(r261498)
@@ -1,6 +1,8 @@
# @(#)Makefile8.1 (Berkeley) 6/5/93
# $FreeBSD$
+.include bsd.own.mk
+
PROG= ping
MAN= ping.8
BINOWN=root
@@ -9,6 +11,12 @@ WARNS?= 2
DPADD= ${LIBM}
LDADD= -lm
+.if ${MK_CASPER} != no !defined(RESCUE)
+DPADD+=${LIBCAPSICUM}
+LDADD+=-lcapsicum
+CFLAGS+=-DHAVE_LIBCAPSICUM
+.endif
+
.if !defined(RELEASE_CRUNCH)
CFLAGS+=-DIPSEC
DPADD+=${LIBIPSEC}
Modified: head/sbin/ping/ping.c
==
--- head/sbin/ping/ping.c Tue Feb 4 21:23:12 2014(r261497)
+++ head/sbin/ping/ping.c Tue Feb 4 21:43:53 2014(r261498)
@@ -63,6 +63,7 @@ __FBSDID($FreeBSD$);
*/
#include sys/param.h /* NB: we rely on this for sys/types.h */
+#include sys/capability.h
#include sys/socket.h
#include sys/sysctl.h
#include sys/time.h
@@ -74,6 +75,11 @@ __FBSDID($FreeBSD$);
#include netinet/ip_icmp.h
#include netinet/ip_var.h
#include arpa/inet.h
+#ifdef HAVE_LIBCAPSICUM
+#include libcapsicum.h
+#include libcapsicum_dns.h
+#include libcapsicum_service.h
+#endif
#ifdef IPSEC
#include netipsec/ipsec.h
@@ -157,7 +163,8 @@ char rcvd_tbl[MAX_DUP_CHK / 8];
struct sockaddr_in whereto;/* who to ping */
int datalen = DEFDATALEN;
int maxpayload;
-int s; /* socket file descriptor */
+int ssend; /* send socket file descriptor */
+int srecv; /* receive socket file descriptor */
u_char outpackhdr[IP_MAXPACKET], *outpack;
char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */
char BSPACE = '\b';/* characters written for flood */
@@ -197,8 +204,15 @@ double tsumsq = 0.0; /* sum of all time
volatile sig_atomic_t finish_up; /* nonzero if we've been told to finish up */
volatile sig_atomic_t siginfo_p;
+#ifdef HAVE_LIBCAPSICUM
+static cap_channel_t *capdns;
+#endif
+
static void fill(char *, char *);
static u_short in_cksum(u_short *, int);
+#ifdef HAVE_LIBCAPSICUM
+static cap_channel_t *capdns_setup(void);
+#endif
static void check_status(void);
static void finish(void) __dead2;
static void pinger(void);
@@ -233,8 +247,8 @@ main(int argc, char *const *argv)
struct sockaddr_in *to;
double t;
u_long alarmtimeout, ultmp;
- int almost_done, ch, df, hold, i, icmp_len, mib[4], preload, sockerrno,
- tos, ttl;
+ int almost_done, ch, df, hold, i, icmp_len, mib[4], preload;
+ int ssend_errno, srecv_errno, tos, ttl;
char ctrl[CMSG_SPACE(sizeof(struct timeval))];
char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN];
#ifdef IP_OPTIONS
@@ -246,14 +260,26 @@ main(int argc, char *const *argv)
#ifdef IPSEC_POLICY_IPSEC
policy_in = policy_out = NULL;
#endif
+ cap_rights_t rights;
+ bool cansandbox;
/*
* Do the stuff that we need root priv's for *first*, and
* then drop our setuid bit. Save error reporting for
* after arg parsing.
+*
+* Historicaly ping was using one socket 's' for sending and for
+* receiving. After capsicum(4) related changes we use two
+* sockets. It was done for special ping use case - when user
+* issue ping on multicast or broadcast address replies come
+* from different addresses, not from the address we
+* connect(2)'ed to, and send socket do not receive those
+* packets.
*/
- s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
- sockerrno = errno;
+ ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
+ ssend_errno = errno;
+ srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP);
+ srecv_errno = errno;
if (setuid(getuid()) != 0)
err(EX_NOPERM, setuid() failed);
@@ -527,13 +553,22 @@ main(int argc, char *const *argv)
if (options F_PINGFILLED) {
fill((char *)datap, payload);
}
+#ifdef HAVE_LIBCAPSICUM
+ capdns = capdns_setup();
+#endif
if (source) {
bzero((char *)sock_in, sizeof(sock_in));
sock_in.sin_family = AF_INET;
if (inet_aton(source,
svn commit: r261499 - head/crypto/openssh
Author: pjd Date: Tue Feb 4 21:48:09 2014 New Revision: 261499 URL: http://svnweb.freebsd.org/changeset/base/261499 Log: Fix installations that use kernels without CAPABILITIES support. Approved by: des Modified: head/crypto/openssh/sandbox-capsicum.c Modified: head/crypto/openssh/sandbox-capsicum.c == --- head/crypto/openssh/sandbox-capsicum.c Tue Feb 4 21:43:53 2014 (r261498) +++ head/crypto/openssh/sandbox-capsicum.c Tue Feb 4 21:48:09 2014 (r261499) @@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *bo fatal(can't limit stderr: %m); cap_rights_init(rights, CAP_READ, CAP_WRITE); - if (cap_rights_limit(box-monitor-m_recvfd, rights) == -1) + if (cap_rights_limit(box-monitor-m_recvfd, rights) == -1 + errno != ENOSYS) fatal(%s: failed to limit the network socket, __func__); cap_rights_init(rights, CAP_WRITE); - if (cap_rights_limit(box-monitor-m_log_sendfd, rights) == -1) + if (cap_rights_limit(box-monitor-m_log_sendfd, rights) == -1 + errno != ENOSYS) fatal(%s: failed to limit the logging socket, __func__); if (cap_enter() 0 errno != ENOSYS) fatal(%s: failed to enter capability mode, __func__); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261407 - head/lib/libnv
Author: pjd
Date: Sun Feb 2 19:03:52 2014
New Revision: 261407
URL: http://svnweb.freebsd.org/changeset/base/261407
Log:
Fix sending empty nvlist.
Submitted by: Mariusz Zaborski osho...@freebsd.org
Modified:
head/lib/libnv/msgio.c
Modified: head/lib/libnv/msgio.c
==
--- head/lib/libnv/msgio.c Sun Feb 2 17:48:06 2014(r261406)
+++ head/lib/libnv/msgio.c Sun Feb 2 19:03:52 2014(r261407)
@@ -364,7 +364,7 @@ buf_recv(int sock, void *buf, size_t siz
unsigned char *ptr;
ptr = buf;
- do {
+ while (size 0) {
fd_wait(sock, true);
done = recv(sock, ptr, size, 0);
if (done == -1) {
@@ -377,7 +377,7 @@ buf_recv(int sock, void *buf, size_t siz
}
size -= done;
ptr += done;
- } while (size 0);
+ }
return (0);
}
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261408 - head/lib/libnv
Author: pjd
Date: Sun Feb 2 19:06:00 2014
New Revision: 261408
URL: http://svnweb.freebsd.org/changeset/base/261408
Log:
Assert input arguments to buf_send() and buf_recv().
Submitted by: Mariusz Zaborski osho...@freebsd.org
Modified:
head/lib/libnv/msgio.c
Modified: head/lib/libnv/msgio.c
==
--- head/lib/libnv/msgio.c Sun Feb 2 19:03:52 2014(r261407)
+++ head/lib/libnv/msgio.c Sun Feb 2 19:06:00 2014(r261408)
@@ -338,6 +338,10 @@ buf_send(int sock, void *buf, size_t siz
ssize_t done;
unsigned char *ptr;
+ PJDLOG_ASSERT(sock = 0);
+ PJDLOG_ASSERT(size 0);
+ PJDLOG_ASSERT(buf != NULL);
+
ptr = buf;
do {
fd_wait(sock, false);
@@ -363,6 +367,9 @@ buf_recv(int sock, void *buf, size_t siz
ssize_t done;
unsigned char *ptr;
+ PJDLOG_ASSERT(sock = 0);
+ PJDLOG_ASSERT(buf != NULL);
+
ptr = buf;
while (size 0) {
fd_wait(sock, true);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260471 - head/sbin/casperd
Author: pjd Date: Thu Jan 9 09:19:59 2014 New Revision: 260471 URL: http://svnweb.freebsd.org/changeset/base/260471 Log: Always create /var/run/casper with correct permissions and don't depend on the calling process' umask. Submitted by: Mikhail m...@lenta.ru Modified: head/sbin/casperd/casperd.c Modified: head/sbin/casperd/casperd.c == --- head/sbin/casperd/casperd.c Thu Jan 9 09:16:35 2014(r260470) +++ head/sbin/casperd/casperd.c Thu Jan 9 09:19:59 2014(r260471) @@ -541,6 +541,7 @@ main_loop(const char *sockpath, struct p struct casper_service *casserv; struct service_connection *sconn, *sconntmp; int lsock, sock, maxfd, ret; + mode_t oldumask; lsock = socket(AF_UNIX, SOCK_STREAM, 0); if (lsock == -1) @@ -554,8 +555,10 @@ main_loop(const char *sockpath, struct p sizeof(sun.sun_path)); sun.sun_len = SUN_LEN(sun); + oldumask = umask(S_IXUSR | S_IXGRP | S_IXOTH); if (bind(lsock, (struct sockaddr *)sun, sizeof(sun)) == -1) pjdlog_exit(1, Unable to bind to %s, sockpath); + (void)umask(oldumask); if (listen(lsock, 8) == -1) pjdlog_exit(1, Unable to listen on %s, sockpath); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260253 - head/tools/regression/capsicum/libcapsicum
Author: pjd
Date: Sat Jan 4 09:25:27 2014
New Revision: 260253
URL: http://svnweb.freebsd.org/changeset/base/260253
Log:
MFp4 @1189766:
- Compile the tests with .t suffix, so prove can use them directly.
- The CHECKX() macro should increment ntest just like the CHECK() macro.
- For consistency remove # from the pwd.t output.
Submitted by: Mariusz Zaborski osho...@freebsd.org
Modified:
head/tools/regression/capsicum/libcapsicum/Makefile
head/tools/regression/capsicum/libcapsicum/dns.c
head/tools/regression/capsicum/libcapsicum/grp.c
head/tools/regression/capsicum/libcapsicum/pwd.c
head/tools/regression/capsicum/libcapsicum/sysctl.c
Modified: head/tools/regression/capsicum/libcapsicum/Makefile
==
--- head/tools/regression/capsicum/libcapsicum/Makefile Sat Jan 4 04:48:58
2014(r260252)
+++ head/tools/regression/capsicum/libcapsicum/Makefile Sat Jan 4 09:25:27
2014(r260253)
@@ -15,12 +15,14 @@ CFLAGS+=-Wold-style-definition -Wno-poi
CFLAGS+= -I${.CURDIR}/../../../../lib/libcapsicum
CFLAGS+= -ggdb
-all: ${SERVICES}
+SERVTEST= ${SERVICES:=.t}
+
+all: ${SERVTEST}
.for SERVICE in ${SERVICES}
-${SERVICE}:${SERVICE}.c
- ${CC} ${CFLAGS} ${@}.c -o $@ -lcapsicum -lnv
+${SERVICE}.t: ${SERVICE}.c
+ ${CC} ${CFLAGS} ${@:.t=.c} -o $@ -lcapsicum -lnv
.endfor
@@ -28,4 +30,4 @@ test: all
@prove -r ${.CURDIR}
clean:
- rm -f ${SERVICES}
+ rm -f ${SERVTEST}
Modified: head/tools/regression/capsicum/libcapsicum/dns.c
==
--- head/tools/regression/capsicum/libcapsicum/dns.cSat Jan 4 04:48:58
2014(r260252)
+++ head/tools/regression/capsicum/libcapsicum/dns.cSat Jan 4 09:25:27
2014(r260253)
@@ -64,6 +64,7 @@ static int ntest = 1;
printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__); \
exit(1);\
} \
+ ntest++;\
} while (0)
#defineGETHOSTBYNAME 0x01
@@ -223,7 +224,7 @@ main(void)
const char *types[2];
int families[2];
- printf(1..89\n);
+ printf(1..91\n);
capcas = cap_init();
CHECKX(capcas != NULL);
Modified: head/tools/regression/capsicum/libcapsicum/grp.c
==
--- head/tools/regression/capsicum/libcapsicum/grp.cSat Jan 4 04:48:58
2014(r260252)
+++ head/tools/regression/capsicum/libcapsicum/grp.cSat Jan 4 09:25:27
2014(r260253)
@@ -61,6 +61,7 @@ static int ntest = 1;
printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__); \
exit(1);\
} \
+ ntest++;\
} while (0)
#defineGID_WHEEL 0
@@ -1522,7 +1523,7 @@ main(void)
{
cap_channel_t *capcas, *capgrp;
- printf(1..197\n);
+ printf(1..199\n);
capcas = cap_init();
CHECKX(capcas != NULL);
Modified: head/tools/regression/capsicum/libcapsicum/pwd.c
==
--- head/tools/regression/capsicum/libcapsicum/pwd.cSat Jan 4 04:48:58
2014(r260252)
+++ head/tools/regression/capsicum/libcapsicum/pwd.cSat Jan 4 09:25:27
2014(r260253)
@@ -49,18 +49,19 @@ static int ntest = 1;
#define CHECK(expr) do { \
if ((expr)) \
- printf(ok # %d %s:%u\n, ntest, __FILE__, __LINE__); \
+ printf(ok %d %s:%u\n, ntest, __FILE__, __LINE__); \
else\
- printf(not ok # %d %s:%u\n, ntest, __FILE__, __LINE__);\
+ printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__);\
ntest++;\
} while (0)
#define CHECKX(expr) do { \
if ((expr)) { \
- printf(ok # %d %s:%u\n, ntest, __FILE__, __LINE__); \
+ printf(ok %d %s:%u\n, ntest, __FILE__, __LINE__); \
} else {\
- printf(not ok # %d %s:%u\n, ntest, __FILE__, __LINE__);\
+ printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__);\
exit(1);\
}
svn commit: r260254 - head/sbin/geom/class/eli
Author: pjd
Date: Sat Jan 4 09:27:49 2014
New Revision: 260254
URL: http://svnweb.freebsd.org/changeset/base/260254
Log:
Don't allow to create GELI providers with a sector size, which is no a
power of 2.
Noticed by: rwatson
MFC after:3 days
Modified:
head/sbin/geom/class/eli/geom_eli.c
Modified: head/sbin/geom/class/eli/geom_eli.c
==
--- head/sbin/geom/class/eli/geom_eli.c Sat Jan 4 09:25:27 2014
(r260253)
+++ head/sbin/geom/class/eli/geom_eli.c Sat Jan 4 09:27:49 2014
(r260254)
@@ -789,7 +789,7 @@ eli_init(struct gctl_req *req)
if (val == 0)
md.md_sectorsize = secsize;
else {
- if (val 0 || (val % secsize) != 0) {
+ if (val 0 || (val % secsize) != 0 || !powerof2(val)) {
gctl_error(req, Invalid sector size.);
return;
}
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260290 - head/sys/sys
Author: pjd
Date: Sat Jan 4 21:55:06 2014
New Revision: 260290
URL: http://svnweb.freebsd.org/changeset/base/260290
Log:
Bring back the old size of the kinfo_file structure to preserve ABI.
Keep only one uint64_t spare for further cap_rights_t expension.
Add a comment clarifying that if the size of this structure changes,
a new sysctl MIB has to be allocate for it and the old structure has
to be returned by the old sysctl MIB.
Requested by: re
MFC after:3 days
Modified:
head/sys/sys/user.h
Modified: head/sys/sys/user.h
==
--- head/sys/sys/user.h Sat Jan 4 21:45:52 2014(r260289)
+++ head/sys/sys/user.h Sat Jan 4 21:55:06 2014(r260290)
@@ -320,7 +320,13 @@ struct kinfo_ofile {
};
#if defined(__amd64__) || defined(__i386__)
-#defineKINFO_FILE_SIZE 1424
+/*
+ * This size should never be changed. If you really need to, you must provide
+ * backward ABI compatibility by allocating a new sysctl MIB that will return
+ * the new structure. The current structure has to be returned by the current
+ * sysctl MIB. See how it is done for the kinfo_ofile structure.
+ */
+#defineKINFO_FILE_SIZE 1392
#endif
struct kinfo_file {
@@ -391,8 +397,7 @@ struct kinfo_file {
uint16_tkf_pad1;/* Round to 32 bit alignment. */
int _kf_ispare0;/* Space for more stuff. */
cap_rights_tkf_cap_rights; /* Capability rights. */
- uint64_t_kf_cap_spare[3]; /* Space for future
cap_rights_t. */
- int _kf_ispare[4]; /* Space for more stuff. */
+ uint64_t_kf_cap_spare; /* Space for future
cap_rights_t. */
/* Truncated before copyout in sysctl */
charkf_path[PATH_MAX]; /* Path to file, if any. */
};
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260222 - head/lib/libnv
Author: pjd
Date: Fri Jan 3 09:07:03 2014
New Revision: 260222
URL: http://svnweb.freebsd.org/changeset/base/260222
Log:
MFp4 @1189711:
Fix resource leaks on nvlist_destroy().
Reported by: Mariusz Zaborski osho...@freebsd.org
MFC after:3 days
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
==
--- head/lib/libnv/nvlist.c Fri Jan 3 08:31:42 2014(r260221)
+++ head/lib/libnv/nvlist.c Fri Jan 3 09:07:03 2014(r260222)
@@ -125,8 +125,10 @@ nvlist_destroy(nvlist_t *nvl)
NVLIST_ASSERT(nvl);
- while ((nvp = nvlist_first_nvpair(nvl)) != NULL)
+ while ((nvp = nvlist_first_nvpair(nvl)) != NULL) {
nvlist_remove_nvpair(nvl, nvp);
+ nvpair_free(nvp);
+ }
nvl-nvl_magic = 0;
free(nvl);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260223 - head/lib/libcasper
Author: pjd
Date: Fri Jan 3 09:10:04 2014
New Revision: 260223
URL: http://svnweb.freebsd.org/changeset/base/260223
Log:
MFp4 @1189741:
- Add missing nvlist_destroy().
- Don't override nvlout.
Submitted by: Mariusz Zaborski osho...@freebsd.org
MFC after:3 days
Modified:
head/lib/libcasper/libcasper.c
Modified: head/lib/libcasper/libcasper.c
==
--- head/lib/libcasper/libcasper.c Fri Jan 3 09:07:03 2014
(r260222)
+++ head/lib/libcasper/libcasper.c Fri Jan 3 09:10:04 2014
(r260223)
@@ -348,7 +348,6 @@ service_message(struct service *service,
error = 0;
}
} else {
- nvlout = nvlist_create(0);
error = service-s_command(cmd,
service_connection_get_limits(sconn), nvlin, nvlout);
}
@@ -362,8 +361,9 @@ service_message(struct service *service,
if (cap_send_nvlist(service_connection_get_chan(sconn), nvlout) == -1) {
pjdlog_errno(LOG_ERR, Unable to send message to client);
service_connection_remove(service, sconn);
- return;
}
+
+ nvlist_destroy(nvlout);
}
static int
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Wed, Jan 01, 2014 at 11:16:22PM -0800, Stanislav Sedov wrote:
On Sep 4, 2013, at 5:09 PM, Pawel Jakub Dawidek p...@freebsd.org wrote:
This commit also breaks compatibility with some existing Capsicum system
calls,
but I see no other way to do that. This should be fine as Capsicum is still
experimental and this change is not going to 9.x.
Hi!
This change also increases the size of kinfo_file structure, which won’t allow
programs not compiled against HEAD and working with kern.info.filedesc sysctl
to run properly on HEAD (e.g. 8.x, 9.x and 10.x jails won’t run properly on
HEAD,
and it also broke valgrind). Is there absolutely no way to avoid extending
the size
of this struct?
Well, I made this change to have space for future cap_rights_t
expension. I did that change for a major branch, so we don't have to do
it in the middle of 10.x or to not block the work until 11.0.
Note that the structure changed size not only because of _kf_cap_spare[3]
field, but also because cap_rights_t is not uint64_t anymore, it is now
struct that contains two uint64_t (1424 - 1392 = 4 * 8).
I'm afraid it is too late to change it for 10.0 at this point anyway.
Not sure if you are aware this was merged to 10, because you write about
10.x jails not working properly on HEAD. 10.x jails will work properly
on HEAD.
BTW. I'd love if we stop using such structures for a running kernel.
We should really move to using libnv to export data like that.
#if defined(__amd64__) || defined(__i386__)
-#defineKINFO_FILE_SIZE 1392
+#defineKINFO_FILE_SIZE 1424
#endif
struct kinfo_file {
@@ -389,6 +390,7 @@
uint16_tkf_pad1;/* Round to 32 bit
alignment. */
int _kf_ispare0;/* Space for more stuff. */
cap_rights_tkf_cap_rights; /* Capability rights. */
+ uint64_t_kf_cap_spare[3]; /* Space for future
cap_rights_t. */
int _kf_ispare[4]; /* Space for more stuff. */
/* Truncated before copyout in sysctl */
charkf_path[PATH_MAX]; /* Path to file, if any. */
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://mobter.com
pgpAKlvQ0I1pi.pgp
Description: PGP signature
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Thu, Jan 02, 2014 at 02:28:57AM -0800, Alfred Perlstein wrote:
On 1/2/14 1:33 AM, Pawel Jakub Dawidek wrote:
On Wed, Jan 01, 2014 at 11:16:22PM -0800, Stanislav Sedov wrote:
On Sep 4, 2013, at 5:09 PM, Pawel Jakub Dawidek p...@freebsd.org wrote:
This commit also breaks compatibility with some existing Capsicum
system calls,
but I see no other way to do that. This should be fine as Capsicum is
still
experimental and this change is not going to 9.x.
Hi!
This change also increases the size of kinfo_file structure, which won’t
allow
programs not compiled against HEAD and working with kern.info.filedesc
sysctl
to run properly on HEAD (e.g. 8.x, 9.x and 10.x jails won’t run properly
on HEAD,
and it also broke valgrind). Is there absolutely no way to avoid
extending the size
of this struct?
Well, I made this change to have space for future cap_rights_t
expension. I did that change for a major branch, so we don't have to do
it in the middle of 10.x or to not block the work until 11.0.
Note that the structure changed size not only because of _kf_cap_spare[3]
field, but also because cap_rights_t is not uint64_t anymore, it is now
struct that contains two uint64_t (1424 - 1392 = 4 * 8).
I'm afraid it is too late to change it for 10.0 at this point anyway.
Not sure if you are aware this was merged to 10, because you write about
10.x jails not working properly on HEAD. 10.x jails will work properly
on HEAD.
BTW. I'd love if we stop using such structures for a running kernel.
We should really move to using libnv to export data like that.
Aren't there enough bits in int _kf_ispare[4]; /* Space
for more stuff. */
to make this work for the time being until you can provide an alternate
way to fetch the cap stuff from the kernel.
I don't plan to provide alternative way to fetch the cap stuff. Well, I
implemented libnv, which can be used to reimplement how we fetch all
data like kinfo_file in a ABI friendly way, but I don't plan to modify
this specific code myself.
Afaik you could just remove the spare and steal 2 or 4 entries from
_kf_ispare until it is sorted.
Yes, this would work for current cap_rights_t structure, at least for
i386 and amd64, but would only allow to expand the structure by one
uint64_t in the future (which might or might not be enough). The
cap_rights_t structure is designed to be expanded to 5 uint64_ts without
breaking ABI. I don't want to stuck with current cap_rights_t that is
designed to expand, but cannot be, because kinfo_file wasn't modified at
the start of a major branch.
Can you please make use of that and discuss merge to 10 with re@?
I'm Bccing re@, but I'm pretty sure it is too late for such a change,
especially that it breaks ABI with all 10-RCs. I'm also not changing my
mind. I'd like to structure to stay as-is.
It really sounds like breaking top/etc under jails is something that
should and can be avoided.
I agree. Maybe it should be done every 10 major releases (I'm still fine
with that rule), but we cannot just stuck with it forever.
My suggestions would be:
1. Move to libnv.
2. Detect that the given binary was compiled against some older version
of this structure and copy old structure to userland. Not sure if we
can do that now or not, but I'd expect we can detect that.
#if defined(__amd64__) || defined(__i386__)
-#defineKINFO_FILE_SIZE 1392
+#defineKINFO_FILE_SIZE 1424
#endif
struct kinfo_file {
@@ -389,6 +390,7 @@
uint16_tkf_pad1;/* Round to 32 bit
alignment. */
int _kf_ispare0;/* Space for more stuff.
*/
cap_rights_tkf_cap_rights; /* Capability rights. */
+ uint64_t_kf_cap_spare[3]; /* Space for future
cap_rights_t. */
int _kf_ispare[4]; /* Space for more stuff.
*/
/* Truncated before copyout in sysctl */
charkf_path[PATH_MAX]; /* Path to file, if any.
*/
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://mobter.com
pgpes5xRY9JCs.pgp
Description: PGP signature
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Thu, Jan 02, 2014 at 03:13:08PM +0200, Konstantin Belousov wrote: On Thu, Jan 02, 2014 at 11:49:04AM +0100, Pawel Jakub Dawidek wrote: I don't plan to provide alternative way to fetch the cap stuff. Well, I implemented libnv, which can be used to reimplement how we fetch all data like kinfo_file in a ABI friendly way, but I don't plan to modify this specific code myself. I.e. you break something and decline to fix it, putting the burden on somebody else. That's a bit too far. I wasn't declining fixing a bug I introduced. I was declining implementing an improvement. That's two very different things. Chose your words more carefully and not only this time. Yes, this would work for current cap_rights_t structure, at least for i386 and amd64, but would only allow to expand the structure by one uint64_t in the future (which might or might not be enough). The cap_rights_t structure is designed to be expanded to 5 uint64_ts without breaking ABI. I don't want to stuck with current cap_rights_t that is designed to expand, but cannot be, because kinfo_file wasn't modified at the start of a major branch. The ABI stability is not limited to the single branch. It must be preserved across whole project lifetime. [...] To address your statement that either entire ABI is stable or not and there is nothing in between. That's of course incorrect. First of all, we, as a project, don't consider all existing interfaces as stable. This would be a suicide. There are plenty of private interfaces we must and we do break from release to release. There was at least one case, AFAIR, where we broke ABI because of a security issue. I also think that breaking ABI on unused interfaces can be fine too. We don't support ABI compatibility with FreeBSD 1, no matter how close we are, and we had this discussion in the past. I'm also in opinion that even if one day we run out of spare fields in kinfo_* structures the FreeBSD project should not be terminated. Ok, let's be more constructive. I can use existing spare ints. This would move the problem into the future and will break ABI for existing 10-RCs. We can also investigate how huge breakage that is. The sysctl interface is not public API, so I don't believe we should be concerned by its direct consumers. We have two public interfaces for this: libutil's kinfo_getfile(3) which has exactly one in-base consumer - libprocstat, so this change breaks procstat(1) and fstat(1). This is just awful breakage of _ABI_. We cannot leave it as is, unless we also claim that project gave up on ABI stability at all. [...] My own opinion is that the kinfo change must be removed, and the bug is so critical that another RC must be issued. I personally don't consider it so awful and critical as you do, clearly, but I do recognize it as a problem. I'm happy to consume spares, which should fix compatibility with older releases at the cost of breaking compatibility with 10-RCs. At least for i386 and amd64, not sure how using ints for uint64_t will work for other archs. I'll leave it for re@ to decide. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpbwoYDuzFrD.pgp Description: PGP signature
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Thu, Jan 02, 2014 at 10:27:57PM +0100, Pawel Jakub Dawidek wrote: I'll leave it for re@ to decide. Proposed patch: http://people.freebsd.org/~pjd/patches/sys_user.h.patch -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpVLF904ptQE.pgp Description: PGP signature
Re: svn commit: r259678 - head/contrib/tcpdump
On Sat, Dec 21, 2013 at 12:45:36PM +, Glen Barber wrote: Author: gjb Date: Sat Dec 21 12:45:35 2013 New Revision: 259678 URL: http://svnweb.freebsd.org/changeset/base/259678 Log: Fix build with WITHOUT_CAPSICUM. Thanks. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259576 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd
Date: Wed Dec 18 21:45:46 2013
New Revision: 259576
URL: http://svnweb.freebsd.org/changeset/base/259576
Log:
MFV r258923: 4188 assertion failed in dmu_tx_hold_free(): dn_datablkshift != 0
illumos/illumos-gate@bb411a08b05466bfe0c7095b6373bbc1587e259a
MFC after:3 days
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu_tx.c
Directory Properties:
head/sys/cddl/contrib/opensolaris/ (props changed)
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu_tx.c
==
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu_tx.cWed Dec
18 21:29:23 2013(r259575)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu_tx.cWed Dec
18 21:45:46 2013(r259576)
@@ -636,9 +636,16 @@ dmu_tx_hold_free(dmu_tx_t *tx, uint64_t
uint64_t start = off shift;
uint64_t end = (off + len) shift;
- ASSERT(dn-dn_datablkshift != 0);
ASSERT(dn-dn_indblkshift != 0);
+ /*
+* dnode_reallocate() can result in an object with indirect
+* blocks having an odd data block size. In this case,
+* just check the single block.
+*/
+ if (dn-dn_datablkshift == 0)
+ start = end = 0;
+
zio = zio_root(tx-tx_pool-dp_spa,
NULL, NULL, ZIO_FLAG_CANFAIL);
for (uint64_t i = start; i = end; i++) {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259580 - in head: contrib/tcpdump usr.bin/kdump
Author: pjd
Date: Thu Dec 19 00:51:48 2013
New Revision: 259580
URL: http://svnweb.freebsd.org/changeset/base/259580
Log:
If we cannot connect to casperd we don't enter sandbox, but if we can connect
to casperd, but we cannot access the service we need we exit with an error.
This should not happen and just indicates some configuration error which
should be fixed, so we force the user to do it by failing.
Discussed with: emaste
Modified:
head/contrib/tcpdump/tcpdump.c
head/usr.bin/kdump/kdump.c
Modified: head/contrib/tcpdump/tcpdump.c
==
--- head/contrib/tcpdump/tcpdump.c Wed Dec 18 23:39:42 2013
(r259579)
+++ head/contrib/tcpdump/tcpdump.c Thu Dec 19 00:51:48 2013
(r259580)
@@ -710,24 +710,16 @@ capdns_setup(void)
capdnsloc = cap_service_open(capcas, system.dns);
/* Casper capability no longer needed. */
cap_close(capcas);
- if (capdnsloc == NULL) {
- warning(unable to open system.dns service);
- return (NULL);
- }
+ if (capdnsloc == NULL)
+ error(unable to open system.dns service);
/* Limit system.dns to reverse DNS lookups. */
types[0] = ADDR;
- if (cap_dns_type_limit(capdnsloc, types, 1) 0) {
- warning(unable to limit access to system.dns service);
- cap_close(capdnsloc);
- return (NULL);
- }
+ if (cap_dns_type_limit(capdnsloc, types, 1) 0)
+ error(unable to limit access to system.dns service);
families[0] = AF_INET;
families[1] = AF_INET6;
- if (cap_dns_family_limit(capdnsloc, families, 2) 0) {
- warning(unable to limit access to system.dns service);
- cap_close(capdnsloc);
- return (NULL);
- }
+ if (cap_dns_family_limit(capdnsloc, families, 2) 0)
+ error(unable to limit access to system.dns service);
return (capdnsloc);
}
Modified: head/usr.bin/kdump/kdump.c
==
--- head/usr.bin/kdump/kdump.c Wed Dec 18 23:39:42 2013(r259579)
+++ head/usr.bin/kdump/kdump.c Thu Dec 19 00:51:48 2013(r259580)
@@ -215,7 +215,7 @@ cappwdgrp_setup(cap_channel_t **cappwdp,
capcas = cap_init();
if (capcas == NULL) {
warn(unable to contact casperd);
- return (NULL);
+ return (-1);
}
cappwdloc = cap_service_open(capcas, system.pwd);
capgrploc = cap_service_open(capcas, system.grp);
@@ -226,40 +226,26 @@ cappwdgrp_setup(cap_channel_t **cappwdp,
warn(unable to open system.pwd service);
if (capgrploc == NULL)
warn(unable to open system.grp service);
- goto fail;
+ exit(1);
}
/* Limit system.pwd to only getpwuid() function and pw_name field. */
cmds[0] = getpwuid;
- if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) 0) {
- warn(unable to limit access to system.pwd service);
- goto fail;
- }
+ if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) 0)
+ err(1, unable to limit system.pwd service);
fields[0] = pw_name;
- if (cap_pwd_limit_fields(cappwdloc, fields, 1) 0) {
- warn(unable to limit access to system.pwd service);
- goto fail;
- }
+ if (cap_pwd_limit_fields(cappwdloc, fields, 1) 0)
+ err(1, unable to limit system.pwd service);
/* Limit system.grp to only getgrgid() function and gr_name field. */
cmds[0] = getgrgid;
- if (cap_grp_limit_cmds(capgrploc, cmds, 1) 0) {
- warn(unable to limit access to system.grp service);
- goto fail;
- }
+ if (cap_grp_limit_cmds(capgrploc, cmds, 1) 0)
+ err(1, unable to limit system.grp service);
fields[0] = gr_name;
- if (cap_grp_limit_fields(capgrploc, fields, 1) 0) {
- warn(unable to limit access to system.grp service);
- goto fail;
- }
+ if (cap_grp_limit_fields(capgrploc, fields, 1) 0)
+ err(1, unable to limit system.grp service);
*cappwdp = cappwdloc;
*capgrpp = capgrploc;
return (0);
-fail:
- if (capgrploc == NULL)
- cap_close(cappwdloc);
- if (capgrploc == NULL)
- cap_close(capgrploc);
- return (-1);
}
#endif /* HAVE_LIBCAPSICUM */
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259581 - head/etc/defaults
Author: pjd Date: Thu Dec 19 00:53:11 2013 New Revision: 259581 URL: http://svnweb.freebsd.org/changeset/base/259581 Log: Make the world a bit more secure place (hopefully) and turn the casperd on by default. Sponsored by: The FreeBSD Foundation Modified: head/etc/defaults/rc.conf Modified: head/etc/defaults/rc.conf == --- head/etc/defaults/rc.conf Thu Dec 19 00:51:48 2013(r259580) +++ head/etc/defaults/rc.conf Thu Dec 19 00:53:11 2013(r259581) @@ -658,7 +658,7 @@ newsyslog_enable=YES # Run newsyslog a newsyslog_flags=-CN # Newsyslog flags to create marked files mixer_enable=YES # Run the sound mixer. opensm_enable=NO # Opensm(8) for infiniband devices defaults to off -casperd_enable=NO# casperd(8) daemon +casperd_enable=YES # casperd(8) daemon ## ### Jail Configuration (see rc.conf(5) manual page) ## ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259463 - in head/etc: defaults rc.d
Author: pjd
Date: Mon Dec 16 11:03:59 2013
New Revision: 259463
URL: http://svnweb.freebsd.org/changeset/base/259463
Log:
Start-up script for casperd daemon.
Sponsored by: The FreeBSD Foundation
Added:
head/etc/rc.d/casperd (contents, props changed)
Modified:
head/etc/defaults/rc.conf
head/etc/rc.d/Makefile
Modified: head/etc/defaults/rc.conf
==
--- head/etc/defaults/rc.conf Mon Dec 16 10:50:13 2013(r259462)
+++ head/etc/defaults/rc.conf Mon Dec 16 11:03:59 2013(r259463)
@@ -658,6 +658,7 @@ newsyslog_enable=YES # Run newsyslog a
newsyslog_flags=-CN # Newsyslog flags to create marked files
mixer_enable=YES # Run the sound mixer.
opensm_enable=NO # Opensm(8) for infiniband devices defaults to off
+casperd_enable=NO# casperd(8) daemon
##
### Jail Configuration (see rc.conf(5) manual page) ##
Modified: head/etc/rc.d/Makefile
==
--- head/etc/rc.d/Makefile Mon Dec 16 10:50:13 2013(r259462)
+++ head/etc/rc.d/Makefile Mon Dec 16 11:03:59 2013(r259463)
@@ -26,6 +26,7 @@ FILES=DAEMON \
bridge \
bsnmpd \
${_bthidd} \
+ casperd \
ccd \
cleanvar \
cleartmp \
Added: head/etc/rc.d/casperd
==
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/etc/rc.d/casperd Mon Dec 16 11:03:59 2013(r259463)
@@ -0,0 +1,19 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: casperd
+# REQUIRE: NETWORKING syslogd
+# BEFORE: DAEMON
+# KEYWORD: shutdown
+
+. /etc/rc.subr
+
+name=casperd
+rcvar=casperd_enable
+pidfile=/var/run/${name}.pid
+command=/sbin/${name}
+
+load_rc_config $name
+run_rc_command $1
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259428 - head/sys/geom/eli
Author: pjd Date: Sun Dec 15 22:51:26 2013 New Revision: 259428 URL: http://svnweb.freebsd.org/changeset/base/259428 Log: Clear content of keyfiles loaded by the loader after processing them. Pointed out by: rwatson MFC after:1 week Modified: head/sys/geom/eli/g_eli.c Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Sun Dec 15 20:47:27 2013(r259427) +++ head/sys/geom/eli/g_eli.c Sun Dec 15 22:51:26 2013(r259428) @@ -990,6 +990,7 @@ g_eli_keyfiles_load(struct hmac_ctx *ctx G_ELI_DEBUG(1, Loaded keyfile %s for %s (type: %s)., file, provider, name); g_eli_crypto_hmac_update(ctx, data, size); + bzero(data, size); } } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259429 - head/sys/geom/eli
Author: pjd Date: Sun Dec 15 22:52:18 2013 New Revision: 259429 URL: http://svnweb.freebsd.org/changeset/base/259429 Log: Clear some more places with potentially sensitive data. MFC after:1 week Modified: head/sys/geom/eli/g_eli_crypto.c Modified: head/sys/geom/eli/g_eli_crypto.c == --- head/sys/geom/eli/g_eli_crypto.cSun Dec 15 22:51:26 2013 (r259428) +++ head/sys/geom/eli/g_eli_crypto.cSun Dec 15 22:52:18 2013 (r259429) @@ -288,10 +288,12 @@ g_eli_crypto_hmac_final(struct hmac_ctx bzero(ctx, sizeof(*ctx)); SHA512_Update(lctx, digest, sizeof(digest)); SHA512_Final(digest, lctx); + bzero(lctx, sizeof(lctx)); /* mdsize == 0 means Give me the whole hash! */ if (mdsize == 0) mdsize = SHA512_MDLEN; bcopy(digest, md, mdsize); + bzero(digest, sizeof(digest)); } void ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259430 - head/lib/libnv
Author: pjd
Date: Sun Dec 15 22:58:09 2013
New Revision: 259430
URL: http://svnweb.freebsd.org/changeset/base/259430
Log:
MFp4 @1189139:
Get rid of the msg_peek() function, which has a problem. If there was less
data in the socket buffer than requested by the caller, the function would
busy
loop, as select(2) will always return immediately.
We can just receive nvlhdr now, because some time ago we splitted receive of
data from the receive of descriptors.
MFC after:1 week
Modified:
head/lib/libnv/msgio.c
head/lib/libnv/msgio.h
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/msgio.c
==
--- head/lib/libnv/msgio.c Sun Dec 15 22:52:18 2013(r259429)
+++ head/lib/libnv/msgio.c Sun Dec 15 22:58:09 2013(r259430)
@@ -113,30 +113,6 @@ fd_wait(int fd, bool doread)
NULL, NULL);
}
-int
-msg_peek(int sock, void *buf, size_t size)
-{
- ssize_t done;
-
- PJDLOG_ASSERT(sock = 0);
- PJDLOG_ASSERT(size 0);
-
- do {
- fd_wait(sock, true);
- done = recv(sock, buf, size, MSG_PEEK | MSG_WAITALL);
- if (done == -1) {
- if (errno == EAGAIN || errno == EINTR)
- continue;
- return (-1);
- } else if (done == 0) {
- errno = ENOTCONN;
- return (-1);
- }
- } while (done != (ssize_t)size);
-
- return (0);
-}
-
static int
msg_recv(int sock, struct msghdr *msg)
{
Modified: head/lib/libnv/msgio.h
==
--- head/lib/libnv/msgio.h Sun Dec 15 22:52:18 2013(r259429)
+++ head/lib/libnv/msgio.h Sun Dec 15 22:58:09 2013(r259430)
@@ -38,8 +38,6 @@ struct cmsgcred;
struct iovec;
struct msghdr;
-int msg_peek(int sock, void *buf, size_t size);
-
int cred_send(int sock);
int cred_recv(int sock, struct cmsgcred *cred);
Modified: head/lib/libnv/nvlist.c
==
--- head/lib/libnv/nvlist.c Sun Dec 15 22:52:18 2013(r259429)
+++ head/lib/libnv/nvlist.c Sun Dec 15 22:58:09 2013(r259430)
@@ -724,11 +724,11 @@ nvlist_recv(int sock)
{
struct nvlist_header nvlhdr;
nvlist_t *nvl, *ret;
+ unsigned char *buf;
size_t nfds, size;
- void *buf;
int serrno, *fds;
- if (msg_peek(sock, nvlhdr, sizeof(nvlhdr)) == -1)
+ if (buf_recv(sock, nvlhdr, sizeof(nvlhdr)) == -1)
return (NULL);
if (!nvlist_check_header(nvlhdr))
@@ -741,10 +741,12 @@ nvlist_recv(int sock)
if (buf == NULL)
return (NULL);
+ memcpy(buf, nvlhdr, sizeof(nvlhdr));
+
ret = NULL;
fds = NULL;
- if (buf_recv(sock, buf, size) == -1)
+ if (buf_recv(sock, buf + sizeof(nvlhdr), size - sizeof(nvlhdr)) == -1)
goto out;
if (nfds 0) {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259431 - head/sbin/casperd
Author: pjd Date: Sun Dec 15 22:59:34 2013 New Revision: 259431 URL: http://svnweb.freebsd.org/changeset/base/259431 Log: MFp4 @1189141: Change casperd's zygote process title. MFC after:1 week Modified: head/sbin/casperd/zygote.c Modified: head/sbin/casperd/zygote.c == --- head/sbin/casperd/zygote.c Sun Dec 15 22:58:09 2013(r259430) +++ head/sbin/casperd/zygote.c Sun Dec 15 22:59:34 2013(r259431) @@ -122,6 +122,8 @@ zygote_main(int sock) assert(sock STDERR_FILENO); + setproctitle(zygote); + if (pjdlog_mode_get() != PJDLOG_MODE_STD) stdnull(); for (fd = STDERR_FILENO + 1; fd sock; fd++) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259432 - head/contrib/tcpdump
Author: pjd
Date: Sun Dec 15 23:02:36 2013
New Revision: 259432
URL: http://svnweb.freebsd.org/changeset/base/259432
Log:
Make use of casperd's system.dns service when running without the -n option.
Now tcpdump(8) is sandboxed even if DNS resolution is required.
Sponsored by: The FreeBSD Foundation
Modified:
head/contrib/tcpdump/addrtoname.c
head/contrib/tcpdump/tcpdump.c
Modified: head/contrib/tcpdump/addrtoname.c
==
--- head/contrib/tcpdump/addrtoname.c Sun Dec 15 22:59:34 2013
(r259431)
+++ head/contrib/tcpdump/addrtoname.c Sun Dec 15 23:02:36 2013
(r259432)
@@ -32,6 +32,10 @@ static const char rcsid[] _U_ =
#include config.h
#endif
+#ifdef __FreeBSD__
+#include libcapsicum.h
+#include libcapsicum_dns.h
+#endif
#include tcpdump-stdinc.h
#ifdef USE_ETHER_NTOHOST
@@ -203,6 +207,9 @@ intoa(u_int32_t addr)
static u_int32_t f_netmask;
static u_int32_t f_localnet;
+#ifdef HAVE_LIBCAPSICUM
+extern cap_channel_t *capdns;
+#endif
/*
* Return a name for the IP address pointed to by ap. This address
@@ -248,7 +255,13 @@ getname(const u_char *ap)
*/
if (!nflag
(addr f_netmask) == f_localnet) {
- hp = gethostbyaddr((char *)addr, 4, AF_INET);
+#ifdef HAVE_LIBCAPSICUM
+ if (capdns != NULL) {
+ hp = cap_gethostbyaddr(capdns, (char *)addr, 4,
+ AF_INET);
+ } else
+#endif
+ hp = gethostbyaddr((char *)addr, 4, AF_INET);
if (hp) {
char *dotp;
@@ -293,7 +306,13 @@ getname6(const u_char *ap)
* Do not print names if -n was given.
*/
if (!nflag) {
- hp = gethostbyaddr((char *)addr, sizeof(addr), AF_INET6);
+#ifdef HAVE_LIBCAPSICUM
+ if (capdns != NULL) {
+ hp = cap_gethostbyaddr(capdns, (char *)addr,
+ sizeof(addr), AF_INET6);
+ } else
+#endif
+ hp = gethostbyaddr((char *)addr, sizeof(addr),
AF_INET6);
if (hp) {
char *dotp;
Modified: head/contrib/tcpdump/tcpdump.c
==
--- head/contrib/tcpdump/tcpdump.c Sun Dec 15 22:59:34 2013
(r259431)
+++ head/contrib/tcpdump/tcpdump.c Sun Dec 15 23:02:36 2013
(r259432)
@@ -76,6 +76,12 @@ extern int SIZE_BUF;
#include net/bpf.h
#include fcntl.h
#include libgen.h
+#ifdef HAVE_LIBCAPSICUM
+#include libcapsicum.h
+#include libcapsicum_dns.h
+#include libcapsicum_service.h
+#include nv.h
+#endif /* HAVE_LIBCAPSICUM */
#endif /* __FreeBSD__ */
#ifndef WIN32
#include sys/wait.h
@@ -123,6 +129,10 @@ static int infoprint;
char *program_name;
+#ifdef HAVE_LIBCAPSICUM
+cap_channel_t *capdns;
+#endif
+
int32_t thiszone; /* seconds offset from gmt to local time */
/* Forwards */
@@ -684,6 +694,45 @@ get_next_file(FILE *VFile, char *ptr)
return ret;
}
+#ifdef HAVE_LIBCAPSICUM
+static cap_channel_t *
+capdns_setup(void)
+{
+ cap_channel_t *capcas, *capdnsloc;
+ const char *types[1];
+ int families[2];
+
+ capcas = cap_init();
+ if (capcas == NULL) {
+ warning(unable to contact casperd);
+ return (NULL);
+ }
+ capdnsloc = cap_service_open(capcas, system.dns);
+ /* Casper capability no longer needed. */
+ cap_close(capcas);
+ if (capdnsloc == NULL) {
+ warning(unable to open system.dns service);
+ return (NULL);
+ }
+ /* Limit system.dns to reverse DNS lookups. */
+ types[0] = ADDR;
+ if (cap_dns_type_limit(capdnsloc, types, 1) 0) {
+ warning(unable to limit access to system.dns service);
+ cap_close(capdnsloc);
+ return (NULL);
+ }
+ families[0] = AF_INET;
+ families[1] = AF_INET6;
+ if (cap_dns_family_limit(capdnsloc, families, 2) 0) {
+ warning(unable to limit access to system.dns service);
+ cap_close(capdnsloc);
+ return (NULL);
+ }
+
+ return (capdnsloc);
+}
+#endif /* HAVE_LIBCAPSICUM */
+
int
main(int argc, char **argv)
{
@@ -1417,6 +1466,12 @@ main(int argc, char **argv)
free(cmdbuf);
exit(0);
}
+
+#ifdef HAVE_LIBCAPSICUM
+ if (!nflag)
+ capdns = capdns_setup();
+#endif /* HAVE_LIBCAPSICUM */
+
init_addrtoname(localnet, netmask);
init_checksum();
@@ -1615,7 +1670,12 @@ main(int argc, char **argv)
#endif /* WIN32 */
#ifdef __FreeBSD__
- cansandbox = (nflag VFileName == NULL zflag == NULL);
+ cansandbox = (VFileName == NULL zflag == NULL);
+#ifdef HAVE_LIBCAPSICUM
+ cansandbox = (cansandbox (nflag || capdns !=
svn commit: r259433 - head/usr.sbin/tcpdump/tcpdump
Author: pjd
Date: Sun Dec 15 23:05:19 2013
New Revision: 259433
URL: http://svnweb.freebsd.org/changeset/base/259433
Log:
Add Casper support.
Sponsored by: The FreeBSD Foundation
Modified:
head/usr.sbin/tcpdump/tcpdump/Makefile
Modified: head/usr.sbin/tcpdump/tcpdump/Makefile
==
--- head/usr.sbin/tcpdump/tcpdump/Makefile Sun Dec 15 23:02:36 2013
(r259432)
+++ head/usr.sbin/tcpdump/tcpdump/Makefile Sun Dec 15 23:05:19 2013
(r259433)
@@ -162,6 +162,11 @@ CFLAGS+= -DLBL_ALIGN
DPADD= ${LIBL} ${LIBPCAP}
LDADD= -ll -lpcap
+.if ${MK_CASPER} != no
+DPADD+=${LIBCAPSICUM} ${LIBNV}
+LDADD+=-lcapsicum -lnv
+CFLAGS+=-DHAVE_LIBCAPSICUM
+.endif
.if ${MK_OPENSSL} != no !defined(RELEASE_CRUNCH)
DPADD+= ${LIBCRYPTO}
LDADD+= -lcrypto
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
