svn commit: r360325 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Sat Apr 25 21:45:31 2020 New Revision: 360325 URL: https://svnweb.freebsd.org/changeset/base/360325 Log: Avoid the GEOM topology lock recursion when we automatically expand a pool. The steps to reproduce the problem: mdconfig -a -t swap -s 3g -u 0 gpart create -s GPT md0 gpart add -t freebsd-zfs -s 1g md0 zpool create -o autoexpand=on foo md0p1 gpart resize -i 1 -s 2g md0 Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Apr 25 21:41:38 2020(r360324) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Apr 25 21:45:31 2020(r360325) @@ -973,18 +973,22 @@ static void vdev_geom_close(vdev_t *vd) { struct g_consumer *cp; + int locked; cp = vd->vdev_tsd; DROP_GIANT(); - g_topology_lock(); + locked = g_topology_locked(); + if (!locked) + g_topology_lock(); if (!vd->vdev_reopening || (cp != NULL && ((cp->flags & G_CF_ORPHAN) != 0 || (cp->provider != NULL && cp->provider->error != 0 vdev_geom_close_locked(vd); - g_topology_unlock(); + if (!locked) + g_topology_unlock(); PICKUP_GIANT(); } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r360323 - head/sys/geom
Author: pjd Date: Sat Apr 25 21:41:09 2020 New Revision: 360323 URL: https://svnweb.freebsd.org/changeset/base/360323 Log: Add g_topology_locked() macro that returns true if we already hold the GEOM topology lock. Modified: head/sys/geom/geom.h Modified: head/sys/geom/geom.h == --- head/sys/geom/geom.hSat Apr 25 20:24:41 2020(r360322) +++ head/sys/geom/geom.hSat Apr 25 21:41:09 2020(r360323) @@ -395,6 +395,8 @@ g_free(void *ptr) sx_xunlock(_lock); \ } while (0) +#define g_topology_locked()sx_xlocked(_lock) + #define g_topology_assert()\ do {\ sx_assert(_lock, SX_XLOCKED); \ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357363 - head/sys/geom
Author: pjd Date: Sat Feb 1 10:15:23 2020 New Revision: 357363 URL: https://svnweb.freebsd.org/changeset/base/357363 Log: The error variable is not really needed. Remove it. Modified: head/sys/geom/geom_disk.c Modified: head/sys/geom/geom_disk.c == --- head/sys/geom/geom_disk.c Sat Feb 1 09:13:11 2020(r357362) +++ head/sys/geom/geom_disk.c Sat Feb 1 10:15:23 2020(r357363) @@ -268,7 +268,6 @@ g_disk_ioctl(struct g_provider *pp, u_long cmd, void * { struct disk *dp; struct g_disk_softc *sc; - int error; sc = pp->private; dp = sc->dp; @@ -277,8 +276,7 @@ g_disk_ioctl(struct g_provider *pp, u_long cmd, void * if (dp->d_ioctl == NULL) return (ENOIOCTL); - error = dp->d_ioctl(dp, cmd, data, fflag, td); - return (error); + return (dp->d_ioctl(dp, cmd, data, fflag, td)); } static off_t ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r357138 - head/bin/pwait
On 1/30/20 14:47, Jilles Tjoelker wrote: > On 26-01-2020 11:49, Pawel Jakub Dawidek wrote: >> Author: pjd >> Date: Sun Jan 26 10:49:24 2020 >> New Revision: 357138 >> URL: https://svnweb.freebsd.org/changeset/base/357138 >> >> Log: >> - Be consistent with using sysexits(3) codes. >> - Turn fprintf()+exit() into errx(). >> Sponsored by: Fudo Security >> >> Modified: >> head/bin/pwait/pwait.c >> >> Modified: head/bin/pwait/pwait.c >> == >> >> --- head/bin/pwait/pwait.c Sun Jan 26 07:24:49 2020 (r357137) >> +++ head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020 (r357138) >> @@ -53,8 +53,7 @@ static void >> usage(void) >> { >> - fprintf(stderr, "usage: pwait [-t timeout] [-v] pid ...\n"); >> - exit(EX_USAGE); >> + errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ..."); > > This adds a "pwait: " before the line, which most other programs do not do. > Reverted in r357362. Thanks. -- Pawel Jakub Dawidek ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357362 - head/bin/pwait
Author: pjd Date: Sat Feb 1 09:13:11 2020 New Revision: 357362 URL: https://svnweb.freebsd.org/changeset/base/357362 Log: Restore previous usage presentation (without "pwait: " prefix). Pointed out by: jilles Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sat Feb 1 06:46:55 2020(r357361) +++ head/bin/pwait/pwait.c Sat Feb 1 09:13:11 2020(r357362) @@ -53,7 +53,8 @@ static void usage(void) { - errx(EX_USAGE, "usage: pwait [-t timeout] [-ov] pid ..."); + fprintf(stderr, "usage: pwait [-t timeout] [-ov] pid ...\n"); + exit(EX_USAGE); } /* ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357143 - head/bin/pwait
Author: pjd Date: Sun Jan 26 11:13:34 2020 New Revision: 357143 URL: https://svnweb.freebsd.org/changeset/base/357143 Log: Style changes, mostly usage of braces around single line statements - it is safer and allowed for some time now by style(9). Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 11:03:45 2020(r357142) +++ head/bin/pwait/pwait.c Sun Jan 26 11:13:34 2020(r357143) @@ -63,12 +63,11 @@ int main(int argc, char *argv[]) { struct itimerval itv; - int kq; struct kevent *e; int oflag, tflag, verbose; - int opt, nleft, n, i, status; + int i, kq, n, nleft, opt, status; long pid; - char *s, *end; + char *end, *s; double timeout; oflag = 0; @@ -76,7 +75,7 @@ main(int argc, char *argv[]) verbose = 0; memset(, 0, sizeof(itv)); - while ((opt = getopt(argc, argv, "t:ov")) != -1) { + while ((opt = getopt(argc, argv, "ot:v")) != -1) { switch (opt) { case 'o': oflag = 1; @@ -85,9 +84,9 @@ main(int argc, char *argv[]) tflag = 1; errno = 0; timeout = strtod(optarg, ); - if (end == optarg || errno == ERANGE || - timeout < 0) + if (end == optarg || errno == ERANGE || timeout < 0) { errx(EX_DATAERR, "timeout value"); + } switch(*end) { case 0: case 's': @@ -101,8 +100,9 @@ main(int argc, char *argv[]) default: errx(EX_DATAERR, "timeout unit"); } - if (timeout > 1L) + if (timeout > 1L) { errx(EX_DATAERR, "timeout value"); + } itv.it_value.tv_sec = (time_t)timeout; timeout -= (time_t)timeout; itv.it_value.tv_usec = @@ -120,21 +120,26 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; - if (argc == 0) + if (argc == 0) { usage(); + } kq = kqueue(); - if (kq == -1) + if (kq == -1) { err(EX_OSERR, "kqueue"); + } e = malloc((argc + tflag) * sizeof(struct kevent)); - if (e == NULL) + if (e == NULL) { err(EX_OSERR, "malloc"); + } nleft = 0; for (n = 0; n < argc; n++) { s = argv[n]; - if (!strncmp(s, "/proc/", 6)) /* Undocumented Solaris compat */ + /* Undocumented Solaris compat */ + if (!strncmp(s, "/proc/", 6)) { s += 6; + } errno = 0; pid = strtol(s, , 10); if (pid < 0 || *end != '\0' || errno != 0) { @@ -142,8 +147,9 @@ main(int argc, char *argv[]) continue; } for (i = 0; i < nleft; i++) { - if (e[i].ident == (uintptr_t)pid) + if (e[i].ident == (uintptr_t)pid) { break; + } } if (i < nleft) { /* Duplicate. */ @@ -152,8 +158,9 @@ main(int argc, char *argv[]) EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) { warn("%ld", pid); - if (oflag) + if (oflag) { exit(EX_OK); + } } else { nleft++; } @@ -165,39 +172,45 @@ main(int argc, char *argv[]) * can be returned rather than 142. */ EV_SET(e + nleft, SIGALRM, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL); - if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) + if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) { err(EX_OSERR, "kevent"); + } /* Ignore SIGALRM to not interrupt kevent(2). */ signal(SIGALRM, SIG_IGN); - if (setitimer(ITIMER_REAL, , NULL) == -1) + if (setitimer(ITIMER_REAL, , NULL) == -1) { err(EX_OSERR, "setitimer"); + } } while (nleft > 0) { n = kevent(kq, NULL, 0, e, nleft + tflag, NULL); - if (n == -1) + if (n == -1) {
svn commit: r357142 - head/bin/pwait/tests
Author: pjd Date: Sun Jan 26 11:03:45 2020 New Revision: 357142 URL: https://svnweb.freebsd.org/changeset/base/357142 Log: Implement tests for the newly added -o flag. Sponsored by: Fudo Security Modified: head/bin/pwait/tests/pwait_test.sh Modified: head/bin/pwait/tests/pwait_test.sh == --- head/bin/pwait/tests/pwait_test.sh Sun Jan 26 11:02:51 2020 (r357141) +++ head/bin/pwait/tests/pwait_test.sh Sun Jan 26 11:03:45 2020 (r357142) @@ -232,6 +232,85 @@ timeout_many_cleanup() wait $p1 $p5 $p10 >/dev/null 2>&1 } +atf_test_case or_flag +or_flag_head() +{ + atf_set "descr" "Test OR flag" +} + +or_flag_body() +{ + sleep 2 & + p2=$! + + sleep 4 & + p4=$! + + sleep 6 & + p6=$! + + atf_check \ + -o inline:"$p2: exited with status 0.\n" \ + -e empty \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o -v $p2 $p4 $p6 + + atf_check \ + -o empty \ + -e inline:"pwait: $p2: No such process\n" \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o $p2 $p4 $p6 + + atf_check \ + -o empty \ + -e empty \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o $p4 $p6 + + atf_check \ + -o empty \ + -e inline:"pwait: $p4: No such process\n" \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o $p4 $p6 + + atf_check \ + -o inline:"$p6: exited with status 0.\n" \ + -e empty \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o -v $p6 + + atf_check \ + -o empty \ + -e inline:"pwait: $p6: No such process\n" \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o $p6 + + atf_check \ + -o empty \ + -e inline:"kill: $p2: No such process\n" \ + -s exit:1 \ + kill -0 $p2 + + atf_check \ + -o empty \ + -e inline:"kill: $p4: No such process\n" \ + -s exit:1 \ + kill -0 $p4 + + atf_check \ + -o empty \ + -e inline:"kill: $p6: No such process\n" \ + -s exit:1 \ + kill -0 $p6 + +} + +or_flag_cleanup() +{ + kill $p2 $p4 $p6 >/dev/null 2>&1 + wait $p2 $p4 $p6 >/dev/null 2>&1 +} + atf_init_test_cases() { atf_add_test_case basic @@ -239,4 +318,5 @@ atf_init_test_cases() atf_add_test_case timeout_trigger_timeout atf_add_test_case timeout_no_timeout atf_add_test_case timeout_many + atf_add_test_case or_flag } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357141 - head/bin/pwait
Author: pjd Date: Sun Jan 26 11:02:51 2020 New Revision: 357141 URL: https://svnweb.freebsd.org/changeset/base/357141 Log: Implement -o flag which tells pwait(1) to exit if any of the given processes has terminated. Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.1 head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.1 == --- head/bin/pwait/pwait.1 Sun Jan 26 10:54:16 2020(r357140) +++ head/bin/pwait/pwait.1 Sun Jan 26 11:02:51 2020(r357141) @@ -32,7 +32,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 7, 2017 +.Dd January 26, 2020 .Dt PWAIT 1 .Os .Sh NAME @@ -41,7 +41,7 @@ .Sh SYNOPSIS .Nm .Op Fl t Ar duration -.Op Fl v +.Op Fl ov .Ar pid \&... .Sh DESCRIPTION @@ -51,6 +51,8 @@ utility will wait until each of the given processes ha .Pp The following option is available: .Bl -tag -width indent +.It Fl o +Exit when any of the given processes has terminated. .It Fl t Ar duration If any process is still running after .Ar duration , Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 10:54:16 2020(r357140) +++ head/bin/pwait/pwait.c Sun Jan 26 11:02:51 2020(r357141) @@ -53,7 +53,7 @@ static void usage(void) { - errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ..."); + errx(EX_USAGE, "usage: pwait [-t timeout] [-ov] pid ..."); } /* @@ -65,16 +65,22 @@ main(int argc, char *argv[]) struct itimerval itv; int kq; struct kevent *e; - int tflag, verbose; + int oflag, tflag, verbose; int opt, nleft, n, i, status; long pid; char *s, *end; double timeout; - tflag = verbose = 0; + oflag = 0; + tflag = 0; + verbose = 0; memset(, 0, sizeof(itv)); - while ((opt = getopt(argc, argv, "t:v")) != -1) { + + while ((opt = getopt(argc, argv, "t:ov")) != -1) { switch (opt) { + case 'o': + oflag = 1; + break; case 't': tflag = 1; errno = 0; @@ -144,10 +150,13 @@ main(int argc, char *argv[]) continue; } EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); - if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) + if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) { warn("%ld", pid); - else + if (oflag) + exit(EX_OK); + } else { nleft++; + } } if (nleft > 0 && tflag) { @@ -187,6 +196,8 @@ main(int argc, char *argv[]) printf("%ld: terminated.\n", (long)e[i].ident); } + if (oflag) + exit(EX_OK); --nleft; } } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357140 - head/bin/pwait
Author: pjd Date: Sun Jan 26 10:54:16 2020 New Revision: 357140 URL: https://svnweb.freebsd.org/changeset/base/357140 Log: Don't setup a timeout if we are exiting. Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 10:51:57 2020(r357139) +++ head/bin/pwait/pwait.c Sun Jan 26 10:54:16 2020(r357140) @@ -150,7 +150,7 @@ main(int argc, char *argv[]) nleft++; } - if (tflag) { + if (nleft > 0 && tflag) { /* * Explicitly detect SIGALRM so that an exit status of 124 * can be returned rather than 142. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357139 - head/bin/pwait
Author: pjd Date: Sun Jan 26 10:51:57 2020 New Revision: 357139 URL: https://svnweb.freebsd.org/changeset/base/357139 Log: Check for duplicated PID without using additional variable. Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020(r357138) +++ head/bin/pwait/pwait.c Sun Jan 26 10:51:57 2020(r357139) @@ -66,7 +66,7 @@ main(int argc, char *argv[]) int kq; struct kevent *e; int tflag, verbose; - int opt, nleft, n, i, duplicate, status; + int opt, nleft, n, i, status; long pid; char *s, *end; double timeout; @@ -135,18 +135,19 @@ main(int argc, char *argv[]) warnx("%s: bad process id", s); continue; } - duplicate = 0; - for (i = 0; i < nleft; i++) + for (i = 0; i < nleft; i++) { if (e[i].ident == (uintptr_t)pid) - duplicate = 1; - if (!duplicate) { - EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, - 0, NULL); - if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) - warn("%ld", pid); - else - nleft++; + break; } + if (i < nleft) { + /* Duplicate. */ + continue; + } + EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); + if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) + warn("%ld", pid); + else + nleft++; } if (tflag) { ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r357138 - head/bin/pwait
Author: pjd Date: Sun Jan 26 10:49:24 2020 New Revision: 357138 URL: https://svnweb.freebsd.org/changeset/base/357138 Log: - Be consistent with using sysexits(3) codes. - Turn fprintf()+exit() into errx(). Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 07:24:49 2020(r357137) +++ head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020(r357138) @@ -53,8 +53,7 @@ static void usage(void) { - fprintf(stderr, "usage: pwait [-t timeout] [-v] pid ...\n"); - exit(EX_USAGE); + errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ..."); } /* @@ -120,11 +119,11 @@ main(int argc, char *argv[]) kq = kqueue(); if (kq == -1) - err(1, "kqueue"); + err(EX_OSERR, "kqueue"); e = malloc((argc + tflag) * sizeof(struct kevent)); if (e == NULL) - err(1, "malloc"); + err(EX_OSERR, "malloc"); nleft = 0; for (n = 0; n < argc; n++) { s = argv[n]; @@ -166,12 +165,12 @@ main(int argc, char *argv[]) while (nleft > 0) { n = kevent(kq, NULL, 0, e, nleft + tflag, NULL); if (n == -1) - err(1, "kevent"); + err(EX_OSERR, "kevent"); for (i = 0; i < n; i++) { if (e[i].filter == EVFILT_SIGNAL) { if (verbose) printf("timeout\n"); - return (124); + exit(124); } if (verbose) { status = e[i].data; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345864 - head/tests/sys/geom/class/eli
Author: pjd Date: Thu Apr 4 00:05:36 2019 New Revision: 345864 URL: https://svnweb.freebsd.org/changeset/base/345864 Log: Implement tests for online expansion: - init, init -R - onetime, onetime -R - 512 and 4k sectors - encryption only - encryption and authentication - configure -r/-R for detached providers - configure -r/-R for attached providers - all keys allocated (10, 20 and 30MB provider sizes) - keys allocated on demand (10, 20 and 30PB provider sizes) - reading and writing to provider after expansion (10-30MB only) - checking if metadata in old location is cleared. Obtained from:Fudo Security Added: head/tests/sys/geom/class/eli/online_resize_test.sh (contents, props changed) Modified: head/tests/sys/geom/class/eli/Makefile Modified: head/tests/sys/geom/class/eli/Makefile == --- head/tests/sys/geom/class/eli/Makefile Wed Apr 3 23:58:58 2019 (r345863) +++ head/tests/sys/geom/class/eli/Makefile Thu Apr 4 00:05:36 2019 (r345864) @@ -16,6 +16,7 @@ ATF_TESTS_SH+=integrity_test ATF_TESTS_SH+= kill_test ATF_TESTS_SH+= misc_test ATF_TESTS_SH+= onetime_test +ATF_TESTS_SH+= online_resize_test ATF_TESTS_SH+= resize_test ATF_TESTS_SH+= setkey_test Added: head/tests/sys/geom/class/eli/online_resize_test.sh == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tests/sys/geom/class/eli/online_resize_test.sh Thu Apr 4 00:05:36 2019(r345864) @@ -0,0 +1,196 @@ +#!/bin/sh +# $FreeBSD$ + +. $(atf_get_srcdir)/conf.sh + +atf_test_case online_resize cleanup +online_resize_head() +{ + atf_set "descr" "online resize of geli providers" + atf_set "require.user" "root" +} +online_resize_body() +{ + geli_test_setup + + ( + echo "m 512 none 10485248 1 1 20971008 1 1 31456768 1 1" + echo "m 4096 none 10481664 1 1 20967424 1 1 31453184 1 1" + echo "m 512 HMAC/SHA256 5242368 1 1 10485248 1 1 15728128 1 1" + echo "m 4096 HMAC/SHA256 9318400 1 1 18640896 1 1 27959296 1 1" + echo "p 512 none 11258999068425728 [0-9] 20971520 22517998136851968 [0-9] 41943040 33776997205278208 [0-9] 62914560" + echo "p 4096 none 11258999068422144 [0-9] 2621440 22517998136848384 [0-9] 5242880 33776997205274624 [0-9] 7864320" + echo "p 512 HMAC/SHA256 5629499534212608 [0-9] 20971520 11258999068425728 [0-9] 41943040 16888498602638848 [0-9] 62914560" + echo "p 4096 HMAC/SHA256 10007999171932160 [0-9] 20971520 20015998343868416 [0-9] 41943040 30023997515800576 [0-9] 62914560" + ) | while read prefix sector auth esize10 ka10 kt10 esize20 ka20 kt20 esize30 ka30 kt30; do + if [ "${auth}" = "none" ]; then + aalgo="" + eflags="0x200" + dflags="0x0" + else + aalgo="-a ${auth}" + eflags="0x210" + dflags="0x10" + fi + + if [ "${prefix}" = "m" ]; then + psize10="10485760" + psize20="20971520" + psize30="31457280" + else + psize10="11258999068426240" + psize20="22517998136852480" + psize30="33776997205278720" + fi + + md=$(attach_md -t malloc -s40${prefix}) + + # Initialise + atf_check -s exit:0 -o ignore gpart create -s GPT ${md} + atf_check -s exit:0 -o ignore gpart add -t freebsd-ufs -s 10${prefix} ${md} + + echo secret >tmp.key + + atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + # Autoresize is set by default. + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + + atf_check geli configure -R ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + atf_check geli configure -r ${md}p1 + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + + atf_check geli init -R ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + + atf_check geli configure -r ${md}p1 + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + atf_check geli configure -R ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + + atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + atf_check geli attach -pk tmp.key ${md}p1 + atf_check -s exit:0 -o
svn commit: r345863 - head/tests/sys/geom/class/eli
Author: pjd Date: Wed Apr 3 23:58:58 2019 New Revision: 345863 URL: https://svnweb.freebsd.org/changeset/base/345863 Log: Update configure tests after addition of the online expansion. Obtained from:Fudo Security Modified: head/tests/sys/geom/class/eli/configure_test.sh Modified: head/tests/sys/geom/class/eli/configure_test.sh == --- head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:57:37 2019(r345862) +++ head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:58:58 2019(r345863) @@ -17,19 +17,19 @@ configure_b_B_body() atf_check geli init -B none -P -K /dev/null ${md} - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli init -B none -b -P -K /dev/null ${md} - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli configure -B ${md} - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli configure -b ${md} - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli attach -p -k /dev/null ${md} @@ -39,13 +39,13 @@ configure_b_B_body() atf_check -o not-match:'^Flags: .*BOOT' geli list ${md}.eli - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli configure -b ${md} atf_check -s exit:0 -o match:'^Flags: .*BOOT' geli list ${md}.eli - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli detach ${md} } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345861 - head/lib/geom/eli
Author: pjd Date: Wed Apr 3 23:50:52 2019 New Revision: 345861 URL: https://svnweb.freebsd.org/changeset/base/345861 Log: - Add missing -T (notrim) option to the label subcommand. - Add missing -T option in the onetime subcommand comment. Obtained from:Fudo Security Modified: head/lib/geom/eli/geom_eli.c Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 22:30:20 2019 (r345860) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) @@ -96,7 +96,7 @@ static int eli_backup_create(struct gctl_req *req, con * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov + * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov * configure [-bBgGtT] prov ... * setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov * delkey [-afv] [-n keyno] prov @@ -145,6 +145,7 @@ struct g_command class_commands[] = { { 'l', "keylen", "0", G_TYPE_NUMBER }, { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL }, { 's', "sectorsize", "0", G_TYPE_NUMBER }, + { 'T', "notrim", NULL, G_TYPE_BOOL }, { 'V', "mdversion", "-1", G_TYPE_NUMBER }, G_OPT_SENTINEL }, ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345862 - in head: lib/geom/eli sys/geom/eli
Author: pjd Date: Wed Apr 3 23:57:37 2019 New Revision: 345862 URL: https://svnweb.freebsd.org/changeset/base/345862 Log: Implement automatic online expansion of GELI providers - if the underlying provider grows, GELI will expand automatically and will move the metadata to the new location of the last sector. This functionality is turned on by default. It can be turned off with the -R flag, but it is not recommended - if the underlying provider grows and automatic expansion is turned off, it won't be possible to attach this provider again, as the metadata is no longer located in the last sector. If the automatic expansion is turned off and the underlying provider grows, GELI will only log a message with the previous size of the provider, so recovery can be easier. Obtained from:Fudo Security Modified: head/lib/geom/eli/geli.8 head/lib/geom/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c head/sys/geom/eli/g_eli_key_cache.c Modified: head/lib/geom/eli/geli.8 == --- head/lib/geom/eli/geli.8Wed Apr 3 23:50:52 2019(r345861) +++ head/lib/geom/eli/geli.8Wed Apr 3 23:57:37 2019(r345862) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2005-2011 Pawel Jakub Dawidek +.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 24, 2018 +.Dd April 3, 2019 .Dt GELI 8 .Os .Sh NAME @@ -51,7 +51,7 @@ utility: .Pp .Nm .Cm init -.Op Fl bdgPTv +.Op Fl bdgPRTv .Op Fl a Ar aalgo .Op Fl B Ar backupfile .Op Fl e Ar ealgo @@ -81,7 +81,7 @@ utility: .Cm detach .Nm .Cm onetime -.Op Fl dT +.Op Fl dRT .Op Fl a Ar aalgo .Op Fl e Ar ealgo .Op Fl l Ar keylen @@ -89,7 +89,7 @@ utility: .Ar prov .Nm .Cm configure -.Op Fl bBdDgGtT +.Op Fl bBdDgGrRtT .Ar prov ... .Nm .Cm setkey @@ -375,6 +375,18 @@ Change decrypted provider's sector size. Increasing the sector size allows increased performance, because encryption/decryption which requires an initialization vector is done per sector; fewer sectors means less computational work. +.It Fl R +Turn off automatic expansion. +By default, if the underlying provider grows, the encrypted provider will +grow automatically too. +The metadata will be moved to the new location. +If automatic expansion if turned off and the underlying provider changes +size, attaching encrypted provider will no longer be possible as the metadata +will no longer be located in the last sector. +In this case +.Nm GELI +will only log the previous size of the underlying provider, so metadata can +be found easier, if resize was done by mistake. .It Fl T Don't pass through .Dv BIO_DELETE @@ -506,6 +518,11 @@ Change decrypted provider's sector size. For more information, see the description of the .Cm init subcommand. +.It Fl R +Turn off automatic expansion. +For more information, see the description of the +.Cm init +subcommand. .It Fl T Disable TRIM/UNMAP passthru. For more information, see the description of the @@ -540,6 +557,13 @@ The boot loader prompts for the passphrase and loads from the encrypted partition. .It Fl G Deactivate booting from this encrypted root partition. +.It Fl r +Turn on automatic expansion. +For more information, see the description of the +.Cm init +subcommand. +.It Fl R +Turn off automatic expansion. .It Fl t Enable TRIM/UNMAP passthru. For more information, see the description of the Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:57:37 2019 (r345862) @@ -1,7 +1,7 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * - * Copyright (c) 2004-2010 Pawel Jakub Dawidek + * Copyright (c) 2004-2019 Pawel Jakub Dawidek * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -91,13 +91,13 @@ static int eli_backup_create(struct gctl_req *req, con /* * Available commands: * - * init [-bdgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... + * init [-bdgPRTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... * label - alias for 'init' * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov - * configure [-bBgGtT] prov ... + * onetime [-dRT] [-a aalgo] [-e ealgo] [-l keylen] prov + * configure [-bBgGrRtT] prov ... * se
svn commit: r345726 - head/sys/dev/xen/blkfront
Author: pjd Date: Sat Mar 30 07:20:28 2019 New Revision: 345726 URL: https://svnweb.freebsd.org/changeset/base/345726 Log: Implement support for online disk capacity changes. Obtained from:Fudo Security Tested in:AWS Modified: head/sys/dev/xen/blkfront/blkfront.c Modified: head/sys/dev/xen/blkfront/blkfront.c == --- head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 01:56:53 2019 (r345725) +++ head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 07:20:28 2019 (r345726) @@ -1227,11 +1227,40 @@ xbd_connect(struct xbd_softc *sc) int err, feature_barrier, feature_flush; int i, j; - if (sc->xbd_state == XBD_STATE_CONNECTED || - sc->xbd_state == XBD_STATE_SUSPENDED) + DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev)); + + if (sc->xbd_state == XBD_STATE_SUSPENDED) { return; + } - DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev)); + if (sc->xbd_state == XBD_STATE_CONNECTED) { + struct disk *disk; + + disk = sc->xbd_disk; + if (disk == NULL) { + return; + } + err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev), + "sectors", "%lu", , NULL); + if (err != 0) { + xenbus_dev_error(dev, err, + "reading sectors at %s", + xenbus_get_otherend_path(dev)); + return; + } + disk->d_mediasize = disk->d_sectorsize * sectors; + err = disk_resize(disk, M_NOWAIT); + if (err) { + xenbus_dev_error(dev, err, + "unable to resize disk %s%u", + disk->d_name, disk->d_unit); + return; + } + device_printf(sc->xbd_dev, + "changed capacity to %jd\n", + (intmax_t)disk->d_mediasize); + return; + } err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev), "sectors", "%lu", , ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345728 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Sat Mar 30 07:29:20 2019 New Revision: 345728 URL: https://svnweb.freebsd.org/changeset/base/345728 Log: If the autoexpand pool property is turned on and vdev is healthy try to expand the pool automatically when we detect underlying GEOM provider size change. Obtained from:Fudo Security Tested in:AWS Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar 30 07:24:34 2019(r345727) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar 30 07:29:20 2019(r345728) @@ -158,6 +158,29 @@ vdev_geom_attrchanged(struct g_consumer *cp, const cha } static void +vdev_geom_resize(struct g_consumer *cp) +{ + struct consumer_priv_t *priv; + struct consumer_vdev_elem *elem; + spa_t *spa; + vdev_t *vd; + + priv = (struct consumer_priv_t *)>private; + if (SLIST_EMPTY(priv)) + return; + + SLIST_FOREACH(elem, priv, elems) { + vd = elem->vd; + if (vd->vdev_state != VDEV_STATE_HEALTHY) + continue; + spa = vd->vdev_spa; + if (!spa->spa_autoexpand) + continue; + vdev_online(spa, vd->vdev_guid, ZFS_ONLINE_EXPAND, NULL); + } +} + +static void vdev_geom_orphan(struct g_consumer *cp) { struct consumer_priv_t *priv; @@ -229,6 +252,7 @@ vdev_geom_attach(struct g_provider *pp, vdev_t *vd, bo gp = g_new_geomf(_vdev_class, "zfs::vdev"); gp->orphan = vdev_geom_orphan; gp->attrchanged = vdev_geom_attrchanged; + gp->resize = vdev_geom_resize; cp = g_new_consumer(gp); error = g_attach(cp, pp); if (error != 0) { ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345727 - in head: sbin/devd sys/geom
Author: pjd Date: Sat Mar 30 07:24:34 2019 New Revision: 345727 URL: https://svnweb.freebsd.org/changeset/base/345727 Log: Introduce new event SIZECHANGE within GEOM system to inform about GEOM providers mediasize changes. While here, use GEOM nomenclature to describe providers instead of calling them device nodes. Obtained from:Fudo Security Tested in:AWS Modified: head/sbin/devd/devd.conf.5 head/sys/geom/geom_dev.c Modified: head/sbin/devd/devd.conf.5 == --- head/sbin/devd/devd.conf.5 Sat Mar 30 07:20:28 2019(r345726) +++ head/sbin/devd/devd.conf.5 Sat Mar 30 07:24:34 2019(r345727) @@ -41,7 +41,7 @@ .\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS .\" SOFTWARE. .\" -.Dd July 20, 2018 +.Dd March 29, 2019 .Dt DEVD.CONF 5 .Os .Sh NAME @@ -432,15 +432,19 @@ only includes disk-like devices. .It Li CREATE A .Xr geom 4 -device node is created. +provider is created. .It Li DESTROY A .Xr geom 4 -device node is destroyed. +provider is destroyed. .It Li GEOM::physpath The physical path of a device has changed. .It Li MEDIACHANGE Physical media has changed. +.It Li SIZECHANGE +A +.Xr geom 4 +provider size has changed. .El .El .Pp Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cSat Mar 30 07:20:28 2019(r345726) +++ head/sys/geom/geom_dev.cSat Mar 30 07:24:34 2019(r345727) @@ -92,6 +92,7 @@ static g_fini_t g_dev_fini; static g_taste_t g_dev_taste; static g_orphan_t g_dev_orphan; static g_attrchanged_t g_dev_attrchanged; +static g_resize_t g_dev_resize; static struct g_class g_dev_class = { .name = "DEV", @@ -100,7 +101,8 @@ static struct g_class g_dev_class = { .fini = g_dev_fini, .taste = g_dev_taste, .orphan = g_dev_orphan, - .attrchanged = g_dev_attrchanged + .attrchanged = g_dev_attrchanged, + .resize = g_dev_resize }; /* @@ -300,6 +302,15 @@ g_dev_attrchanged(struct g_consumer *cp, const char *a g_dev_set_physpath(cp); return; } +} + +static void +g_dev_resize(struct g_consumer *cp) +{ + char buf[SPECNAMELEN + 6]; + + snprintf(buf, sizeof(buf), "cdev=%s", cp->provider->name); + devctl_notify_f("GEOM", "DEV", "SIZECHANGE", buf, M_WAITOK); } struct g_provider * ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345864 - head/tests/sys/geom/class/eli
Author: pjd Date: Thu Apr 4 00:05:36 2019 New Revision: 345864 URL: https://svnweb.freebsd.org/changeset/base/345864 Log: Implement tests for online expansion: - init, init -R - onetime, onetime -R - 512 and 4k sectors - encryption only - encryption and authentication - configure -r/-R for detached providers - configure -r/-R for attached providers - all keys allocated (10, 20 and 30MB provider sizes) - keys allocated on demand (10, 20 and 30PB provider sizes) - reading and writing to provider after expansion (10-30MB only) - checking if metadata in old location is cleared. Obtained from:Fudo Security Added: head/tests/sys/geom/class/eli/online_resize_test.sh (contents, props changed) Modified: head/tests/sys/geom/class/eli/Makefile Modified: head/tests/sys/geom/class/eli/Makefile == --- head/tests/sys/geom/class/eli/Makefile Wed Apr 3 23:58:58 2019 (r345863) +++ head/tests/sys/geom/class/eli/Makefile Thu Apr 4 00:05:36 2019 (r345864) @@ -16,6 +16,7 @@ ATF_TESTS_SH+=integrity_test ATF_TESTS_SH+= kill_test ATF_TESTS_SH+= misc_test ATF_TESTS_SH+= onetime_test +ATF_TESTS_SH+= online_resize_test ATF_TESTS_SH+= resize_test ATF_TESTS_SH+= setkey_test Added: head/tests/sys/geom/class/eli/online_resize_test.sh == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tests/sys/geom/class/eli/online_resize_test.sh Thu Apr 4 00:05:36 2019(r345864) @@ -0,0 +1,196 @@ +#!/bin/sh +# $FreeBSD$ + +. $(atf_get_srcdir)/conf.sh + +atf_test_case online_resize cleanup +online_resize_head() +{ + atf_set "descr" "online resize of geli providers" + atf_set "require.user" "root" +} +online_resize_body() +{ + geli_test_setup + + ( + echo "m 512 none 10485248 1 1 20971008 1 1 31456768 1 1" + echo "m 4096 none 10481664 1 1 20967424 1 1 31453184 1 1" + echo "m 512 HMAC/SHA256 5242368 1 1 10485248 1 1 15728128 1 1" + echo "m 4096 HMAC/SHA256 9318400 1 1 18640896 1 1 27959296 1 1" + echo "p 512 none 11258999068425728 [0-9] 20971520 22517998136851968 [0-9] 41943040 33776997205278208 [0-9] 62914560" + echo "p 4096 none 11258999068422144 [0-9] 2621440 22517998136848384 [0-9] 5242880 33776997205274624 [0-9] 7864320" + echo "p 512 HMAC/SHA256 5629499534212608 [0-9] 20971520 11258999068425728 [0-9] 41943040 16888498602638848 [0-9] 62914560" + echo "p 4096 HMAC/SHA256 10007999171932160 [0-9] 20971520 20015998343868416 [0-9] 41943040 30023997515800576 [0-9] 62914560" + ) | while read prefix sector auth esize10 ka10 kt10 esize20 ka20 kt20 esize30 ka30 kt30; do + if [ "${auth}" = "none" ]; then + aalgo="" + eflags="0x200" + dflags="0x0" + else + aalgo="-a ${auth}" + eflags="0x210" + dflags="0x10" + fi + + if [ "${prefix}" = "m" ]; then + psize10="10485760" + psize20="20971520" + psize30="31457280" + else + psize10="11258999068426240" + psize20="22517998136852480" + psize30="33776997205278720" + fi + + md=$(attach_md -t malloc -s40${prefix}) + + # Initialise + atf_check -s exit:0 -o ignore gpart create -s GPT ${md} + atf_check -s exit:0 -o ignore gpart add -t freebsd-ufs -s 10${prefix} ${md} + + echo secret >tmp.key + + atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + # Autoresize is set by default. + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + + atf_check geli configure -R ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + atf_check geli configure -r ${md}p1 + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + + atf_check geli init -R ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + + atf_check geli configure -r ${md}p1 + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + atf_check geli configure -R ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + + atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + atf_check geli attach -pk tmp.key ${md}p1 + atf_check -s exit:0 -o
svn commit: r345863 - head/tests/sys/geom/class/eli
Author: pjd Date: Wed Apr 3 23:58:58 2019 New Revision: 345863 URL: https://svnweb.freebsd.org/changeset/base/345863 Log: Update configure tests after addition of the online expansion. Obtained from:Fudo Security Modified: head/tests/sys/geom/class/eli/configure_test.sh Modified: head/tests/sys/geom/class/eli/configure_test.sh == --- head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:57:37 2019(r345862) +++ head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:58:58 2019(r345863) @@ -17,19 +17,19 @@ configure_b_B_body() atf_check geli init -B none -P -K /dev/null ${md} - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli init -B none -b -P -K /dev/null ${md} - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli configure -B ${md} - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli configure -b ${md} - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli attach -p -k /dev/null ${md} @@ -39,13 +39,13 @@ configure_b_B_body() atf_check -o not-match:'^Flags: .*BOOT' geli list ${md}.eli - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli configure -b ${md} atf_check -s exit:0 -o match:'^Flags: .*BOOT' geli list ${md}.eli - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli detach ${md} } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345862 - in head: lib/geom/eli sys/geom/eli
Author: pjd Date: Wed Apr 3 23:57:37 2019 New Revision: 345862 URL: https://svnweb.freebsd.org/changeset/base/345862 Log: Implement automatic online expansion of GELI providers - if the underlying provider grows, GELI will expand automatically and will move the metadata to the new location of the last sector. This functionality is turned on by default. It can be turned off with the -R flag, but it is not recommended - if the underlying provider grows and automatic expansion is turned off, it won't be possible to attach this provider again, as the metadata is no longer located in the last sector. If the automatic expansion is turned off and the underlying provider grows, GELI will only log a message with the previous size of the provider, so recovery can be easier. Obtained from:Fudo Security Modified: head/lib/geom/eli/geli.8 head/lib/geom/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c head/sys/geom/eli/g_eli_key_cache.c Modified: head/lib/geom/eli/geli.8 == --- head/lib/geom/eli/geli.8Wed Apr 3 23:50:52 2019(r345861) +++ head/lib/geom/eli/geli.8Wed Apr 3 23:57:37 2019(r345862) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2005-2011 Pawel Jakub Dawidek +.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 24, 2018 +.Dd April 3, 2019 .Dt GELI 8 .Os .Sh NAME @@ -51,7 +51,7 @@ utility: .Pp .Nm .Cm init -.Op Fl bdgPTv +.Op Fl bdgPRTv .Op Fl a Ar aalgo .Op Fl B Ar backupfile .Op Fl e Ar ealgo @@ -81,7 +81,7 @@ utility: .Cm detach .Nm .Cm onetime -.Op Fl dT +.Op Fl dRT .Op Fl a Ar aalgo .Op Fl e Ar ealgo .Op Fl l Ar keylen @@ -89,7 +89,7 @@ utility: .Ar prov .Nm .Cm configure -.Op Fl bBdDgGtT +.Op Fl bBdDgGrRtT .Ar prov ... .Nm .Cm setkey @@ -375,6 +375,18 @@ Change decrypted provider's sector size. Increasing the sector size allows increased performance, because encryption/decryption which requires an initialization vector is done per sector; fewer sectors means less computational work. +.It Fl R +Turn off automatic expansion. +By default, if the underlying provider grows, the encrypted provider will +grow automatically too. +The metadata will be moved to the new location. +If automatic expansion if turned off and the underlying provider changes +size, attaching encrypted provider will no longer be possible as the metadata +will no longer be located in the last sector. +In this case +.Nm GELI +will only log the previous size of the underlying provider, so metadata can +be found easier, if resize was done by mistake. .It Fl T Don't pass through .Dv BIO_DELETE @@ -506,6 +518,11 @@ Change decrypted provider's sector size. For more information, see the description of the .Cm init subcommand. +.It Fl R +Turn off automatic expansion. +For more information, see the description of the +.Cm init +subcommand. .It Fl T Disable TRIM/UNMAP passthru. For more information, see the description of the @@ -540,6 +557,13 @@ The boot loader prompts for the passphrase and loads from the encrypted partition. .It Fl G Deactivate booting from this encrypted root partition. +.It Fl r +Turn on automatic expansion. +For more information, see the description of the +.Cm init +subcommand. +.It Fl R +Turn off automatic expansion. .It Fl t Enable TRIM/UNMAP passthru. For more information, see the description of the Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:57:37 2019 (r345862) @@ -1,7 +1,7 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * - * Copyright (c) 2004-2010 Pawel Jakub Dawidek + * Copyright (c) 2004-2019 Pawel Jakub Dawidek * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -91,13 +91,13 @@ static int eli_backup_create(struct gctl_req *req, con /* * Available commands: * - * init [-bdgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... + * init [-bdgPRTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... * label - alias for 'init' * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov - * configure [-bBgGtT] prov ... + * onetime [-dRT] [-a aalgo] [-e ealgo] [-l keylen] prov + * configure [-bBgGrRtT] prov ... * se
svn commit: r345861 - head/lib/geom/eli
Author: pjd Date: Wed Apr 3 23:50:52 2019 New Revision: 345861 URL: https://svnweb.freebsd.org/changeset/base/345861 Log: - Add missing -T (notrim) option to the label subcommand. - Add missing -T option in the onetime subcommand comment. Obtained from:Fudo Security Modified: head/lib/geom/eli/geom_eli.c Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 22:30:20 2019 (r345860) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) @@ -96,7 +96,7 @@ static int eli_backup_create(struct gctl_req *req, con * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov + * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov * configure [-bBgGtT] prov ... * setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov * delkey [-afv] [-n keyno] prov @@ -145,6 +145,7 @@ struct g_command class_commands[] = { { 'l', "keylen", "0", G_TYPE_NUMBER }, { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL }, { 's', "sectorsize", "0", G_TYPE_NUMBER }, + { 'T', "notrim", NULL, G_TYPE_BOOL }, { 'V', "mdversion", "-1", G_TYPE_NUMBER }, G_OPT_SENTINEL }, ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345728 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Sat Mar 30 07:29:20 2019 New Revision: 345728 URL: https://svnweb.freebsd.org/changeset/base/345728 Log: If the autoexpand pool property is turned on and vdev is healthy try to expand the pool automatically when we detect underlying GEOM provider size change. Obtained from:Fudo Security Tested in:AWS Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar 30 07:24:34 2019(r345727) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar 30 07:29:20 2019(r345728) @@ -158,6 +158,29 @@ vdev_geom_attrchanged(struct g_consumer *cp, const cha } static void +vdev_geom_resize(struct g_consumer *cp) +{ + struct consumer_priv_t *priv; + struct consumer_vdev_elem *elem; + spa_t *spa; + vdev_t *vd; + + priv = (struct consumer_priv_t *)>private; + if (SLIST_EMPTY(priv)) + return; + + SLIST_FOREACH(elem, priv, elems) { + vd = elem->vd; + if (vd->vdev_state != VDEV_STATE_HEALTHY) + continue; + spa = vd->vdev_spa; + if (!spa->spa_autoexpand) + continue; + vdev_online(spa, vd->vdev_guid, ZFS_ONLINE_EXPAND, NULL); + } +} + +static void vdev_geom_orphan(struct g_consumer *cp) { struct consumer_priv_t *priv; @@ -229,6 +252,7 @@ vdev_geom_attach(struct g_provider *pp, vdev_t *vd, bo gp = g_new_geomf(_vdev_class, "zfs::vdev"); gp->orphan = vdev_geom_orphan; gp->attrchanged = vdev_geom_attrchanged; + gp->resize = vdev_geom_resize; cp = g_new_consumer(gp); error = g_attach(cp, pp); if (error != 0) { ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345727 - in head: sbin/devd sys/geom
Author: pjd Date: Sat Mar 30 07:24:34 2019 New Revision: 345727 URL: https://svnweb.freebsd.org/changeset/base/345727 Log: Introduce new event SIZECHANGE within GEOM system to inform about GEOM providers mediasize changes. While here, use GEOM nomenclature to describe providers instead of calling them device nodes. Obtained from:Fudo Security Tested in:AWS Modified: head/sbin/devd/devd.conf.5 head/sys/geom/geom_dev.c Modified: head/sbin/devd/devd.conf.5 == --- head/sbin/devd/devd.conf.5 Sat Mar 30 07:20:28 2019(r345726) +++ head/sbin/devd/devd.conf.5 Sat Mar 30 07:24:34 2019(r345727) @@ -41,7 +41,7 @@ .\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS .\" SOFTWARE. .\" -.Dd July 20, 2018 +.Dd March 29, 2019 .Dt DEVD.CONF 5 .Os .Sh NAME @@ -432,15 +432,19 @@ only includes disk-like devices. .It Li CREATE A .Xr geom 4 -device node is created. +provider is created. .It Li DESTROY A .Xr geom 4 -device node is destroyed. +provider is destroyed. .It Li GEOM::physpath The physical path of a device has changed. .It Li MEDIACHANGE Physical media has changed. +.It Li SIZECHANGE +A +.Xr geom 4 +provider size has changed. .El .El .Pp Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cSat Mar 30 07:20:28 2019(r345726) +++ head/sys/geom/geom_dev.cSat Mar 30 07:24:34 2019(r345727) @@ -92,6 +92,7 @@ static g_fini_t g_dev_fini; static g_taste_t g_dev_taste; static g_orphan_t g_dev_orphan; static g_attrchanged_t g_dev_attrchanged; +static g_resize_t g_dev_resize; static struct g_class g_dev_class = { .name = "DEV", @@ -100,7 +101,8 @@ static struct g_class g_dev_class = { .fini = g_dev_fini, .taste = g_dev_taste, .orphan = g_dev_orphan, - .attrchanged = g_dev_attrchanged + .attrchanged = g_dev_attrchanged, + .resize = g_dev_resize }; /* @@ -300,6 +302,15 @@ g_dev_attrchanged(struct g_consumer *cp, const char *a g_dev_set_physpath(cp); return; } +} + +static void +g_dev_resize(struct g_consumer *cp) +{ + char buf[SPECNAMELEN + 6]; + + snprintf(buf, sizeof(buf), "cdev=%s", cp->provider->name); + devctl_notify_f("GEOM", "DEV", "SIZECHANGE", buf, M_WAITOK); } struct g_provider * ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r345726 - head/sys/dev/xen/blkfront
Author: pjd Date: Sat Mar 30 07:20:28 2019 New Revision: 345726 URL: https://svnweb.freebsd.org/changeset/base/345726 Log: Implement support for online disk capacity changes. Obtained from:Fudo Security Tested in:AWS Modified: head/sys/dev/xen/blkfront/blkfront.c Modified: head/sys/dev/xen/blkfront/blkfront.c == --- head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 01:56:53 2019 (r345725) +++ head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 07:20:28 2019 (r345726) @@ -1227,11 +1227,40 @@ xbd_connect(struct xbd_softc *sc) int err, feature_barrier, feature_flush; int i, j; - if (sc->xbd_state == XBD_STATE_CONNECTED || - sc->xbd_state == XBD_STATE_SUSPENDED) + DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev)); + + if (sc->xbd_state == XBD_STATE_SUSPENDED) { return; + } - DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev)); + if (sc->xbd_state == XBD_STATE_CONNECTED) { + struct disk *disk; + + disk = sc->xbd_disk; + if (disk == NULL) { + return; + } + err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev), + "sectors", "%lu", , NULL); + if (err != 0) { + xenbus_dev_error(dev, err, + "reading sectors at %s", + xenbus_get_otherend_path(dev)); + return; + } + disk->d_mediasize = disk->d_sectorsize * sectors; + err = disk_resize(disk, M_NOWAIT); + if (err) { + xenbus_dev_error(dev, err, + "unable to resize disk %s%u", + disk->d_name, disk->d_unit); + return; + } + device_printf(sc->xbd_dev, + "changed capacity to %jd\n", + (intmax_t)disk->d_mediasize); + return; + } err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev), "sectors", "%lu", , ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344690 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Fri Mar 1 05:54:13 2019 New Revision: 344690 URL: https://svnweb.freebsd.org/changeset/base/344690 Log: Improve readability of the code by making it explicit where the 'c' variable starts. It is also more consistent with similar code in this file. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cFri Mar 1 05:04:29 2019(r344689) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cFri Mar 1 05:54:13 2019(r344690) @@ -568,7 +568,7 @@ vdev_raidz_map_alloc(abd_t *abd, uint64_t size, uint64 abd_alloc_linear(rm->rm_col[c].rc_size, B_TRUE); } - for (off = 0; c < acols; c++) { + for (off = 0, c = rm->rm_firstdatacol; c < acols; c++) { rm->rm_col[c].rc_abd = abd_get_offset(abd, off); off += rm->rm_col[c].rc_size; } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344325 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Wed Feb 20 00:25:45 2019 New Revision: 344325 URL: https://svnweb.freebsd.org/changeset/base/344325 Log: Simplify the code. No functional changes. Reviewed by: rpokala Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cWed Feb 20 00:19:11 2019(r344324) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cWed Feb 20 00:25:45 2019(r344325) @@ -568,10 +568,7 @@ vdev_raidz_map_alloc(abd_t *abd, uint64_t size, uint64 abd_alloc_linear(rm->rm_col[c].rc_size, B_TRUE); } - rm->rm_col[c].rc_abd = abd_get_offset(abd, 0); - off = rm->rm_col[c].rc_size; - - for (c = c + 1; c < acols; c++) { + for (off = 0; c < acols; c++) { rm->rm_col[c].rc_abd = abd_get_offset(abd, off); off += rm->rm_col[c].rc_size; } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344320 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:53:33 2019 New Revision: 344320 URL: https://svnweb.freebsd.org/changeset/base/344320 Log: Simplify the code. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c Tue Feb 19 23:44:00 2019(r344319) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c Tue Feb 19 23:53:33 2019(r344320) @@ -360,16 +360,13 @@ trim_map_write_start(zio_t *zio) return (B_FALSE); } - ts = avl_find(>tm_queued_frees, , NULL); - if (ts != NULL) { - /* -* Loop until all overlapping segments are removed. -*/ - do { - trim_map_segment_remove(tm, ts, start, end); - ts = avl_find(>tm_queued_frees, , NULL); - } while (ts != NULL); + /* +* Loop until all overlapping segments are removed. +*/ + while ((ts = avl_find(>tm_queued_frees, , NULL)) != NULL) { + trim_map_segment_remove(tm, ts, start, end); } + avl_add(>tm_inflight_writes, zio); mutex_exit(>tm_lock); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344319 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:44:00 2019 New Revision: 344319 URL: https://svnweb.freebsd.org/changeset/base/344319 Log: Correct typo in the comment. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:43:15 2019(r344318) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:44:00 2019(r344319) @@ -2558,7 +2558,7 @@ vdev_raidz_io_done(zio_t *zio) /* * We're here because either: * -* total_errors == rm_first_datacol, or +* total_errors == rm_firstdatacol, or * vdev_raidz_combrec() failed * * In either case, there is enough bad data to prevent ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344318 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:43:15 2019 New Revision: 344318 URL: https://svnweb.freebsd.org/changeset/base/344318 Log: Change assertion to log the incorrect io_type we've got. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:41:23 2019(r344317) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:43:15 2019(r344318) @@ -2020,7 +2020,7 @@ vdev_raidz_io_start(zio_t *zio) return; } - ASSERT(zio->io_type == ZIO_TYPE_READ); + ASSERT3U(zio->io_type, ==, ZIO_TYPE_READ); /* * Iterate over the columns in reverse order so that we hit the parity ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344317 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:41:23 2019 New Revision: 344317 URL: https://svnweb.freebsd.org/changeset/base/344317 Log: Grabage-collect no longer used variable. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:35:55 2019(r344316) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:41:23 2019(r344317) @@ -270,7 +270,6 @@ static void vdev_raidz_map_free(raidz_map_t *rm) { int c; - size_t size; for (c = 0; c < rm->rm_firstdatacol; c++) { if (rm->rm_col[c].rc_abd != NULL) @@ -281,11 +280,9 @@ vdev_raidz_map_free(raidz_map_t *rm) rm->rm_col[c].rc_size); } - size = 0; for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { if (rm->rm_col[c].rc_abd != NULL) abd_put(rm->rm_col[c].rc_abd); - size += rm->rm_col[c].rc_size; } if (rm->rm_abd_copy != NULL) ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344316 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:35:55 2019 New Revision: 344316 URL: https://svnweb.freebsd.org/changeset/base/344316 Log: The way ZFS searches for its vdevs is the following: first it looks for a vdev that has the same name as the one stored in metadata and that has all VDEV labels in place. If it cannot find a GEOM provider with the given name and all VDEV labels it will scan all GEOM providers for the best match (the most VDEV labels available), but here the name is ignored. In case the ZFS pool is created, eg. using GPT partition label: # zpool create tank /dev/gpt/tank everything works, and on every import ZFS will pick /dev/gpt/tank and not /dev/da0p4. The problem occurs when da0p4 is extended and ZFS is unable to find all VDEV labels in /dev/gpt/tank anymore (the VDEV labels stored at the end of the partition are now somewhere else). In this case it will scan all GEOM providers and will pick the first one with the best match, ie. da0p4. Fix this problem by checking the VDEV/provider name even if we get the same match. If the name is the same as the one we have in pool's metadata, prefer this GEOM provider. Reported by: oshogbo, Michal Mroz Tested by:Michal Mroz Obtained from:Fudo Security Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb 19 23:24:39 2019(r344315) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb 19 23:35:55 2019(r344316) @@ -692,10 +692,12 @@ vdev_geom_attach_by_guids(vdev_t *vd) struct g_geom *gp; struct g_provider *pp, *best_pp; struct g_consumer *cp; + const char *vdpath; enum match match, best_match; g_topology_assert(); + vdpath = vd->vdev_path + sizeof("/dev/") - 1; cp = NULL; best_pp = NULL; best_match = NO_MATCH; @@ -710,6 +712,10 @@ vdev_geom_attach_by_guids(vdev_t *vd) if (match > best_match) { best_match = match; best_pp = pp; + } else if (match == best_match) { + if (strcmp(pp->name, vdpath) == 0) { + best_pp = pp; + } } if (match == FULL_MATCH) goto out; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344314 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:22:39 2019 New Revision: 344314 URL: https://svnweb.freebsd.org/changeset/base/344314 Log: In the vdev_geom_open_by_path() function we assume that vdev path starts with "/dev/". Make sure this is the case. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb 19 22:46:50 2019(r344313) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb 19 23:22:39 2019(r344314) @@ -794,7 +794,7 @@ vdev_geom_open(vdev_t *vd, uint64_t *psize, uint64_t * /* * We must have a pathname, and it must be absolute. */ - if (vd->vdev_path == NULL || vd->vdev_path[0] != '/') { + if (vd->vdev_path == NULL || strncmp(vd->vdev_path, "/dev/", 5) != 0) { vd->vdev_stat.vs_aux = VDEV_AUX_BAD_LABEL; return (EINVAL); } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r342873 - head/contrib/openbsm/libauditd
Author: pjd Date: Wed Jan 9 01:16:35 2019 New Revision: 342873 URL: https://svnweb.freebsd.org/changeset/base/342873 Log: In r316006 the getstrfromtype_locked() function was modified to return an empty string, instead of NULL, if an entry is missing in the audit_control file. Because of that change the getachost() function started to return success even if the host name was not defined in the audit_control. This in turn led to auditd_hostlen always being set (for an empty host it was set to 0). If auditd_hostlen was not equal to -1 we were trying to append the host name to trail file name. All this led to situation where when host name is not defined in audit_control, auditd will create trail files with a leading '.', which breaks auditdistd as it doesn't work with longer audit trail file names. Fix this by appending host name to the trail file name only if the host name is not empty. Modified: head/contrib/openbsm/libauditd/auditd_lib.c Modified: head/contrib/openbsm/libauditd/auditd_lib.c == --- head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 9 01:11:19 2019 (r342872) +++ head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 9 01:16:35 2019 (r342873) @@ -193,7 +193,7 @@ affixdir(char *name, struct dir_ent *dirent) /* * If the host is set then also add the hostname to the filename. */ - if (auditd_hostlen != -1) + if (auditd_hostlen > 0) asprintf(, "%s/%s.%s", dirent->dirname, name, auditd_host); else asprintf(, "%s/%s", dirent->dirname, name); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r341675 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Fri Dec 7 03:13:36 2018 New Revision: 341675 URL: https://svnweb.freebsd.org/changeset/base/341675 Log: Consider the following situation: The sender has .not_terminated file. It gets disconnected. The last trail file is then terminated without adding new data (this can happen for example when auditd is being stopped on the sender). After reconnect the .not_terminated was not renamed on the receiver as it should. We were already handling similar situation where the sender crashed and the .not_terminated trail file was renamed to .crash_recovery. Extend this case to handle the situation above. Modified: head/contrib/openbsm/bin/auditdistd/trail.c Modified: head/contrib/openbsm/bin/auditdistd/trail.c == --- head/contrib/openbsm/bin/auditdistd/trail.c Fri Dec 7 02:44:04 2018 (r341674) +++ head/contrib/openbsm/bin/auditdistd/trail.c Fri Dec 7 03:13:36 2018 (r341675) @@ -264,6 +264,12 @@ again: * 2. It is fully sent, but is not terminated, so new data can be *appended still, or * 3. It is fully sent but file name has changed. +*There are two cases here: +*3a. Sender has crashed and the name has changed from +*.not_terminated to .crash_recovery. +*3b. Sender was disconnected, no new data was added to the file, +*but its name has changed from .not_terminated to terminated +*name. * * Note that we are fine if our .not_terminated or .crash_recovery file * is smaller than the one on the receiver side, as it is possible that @@ -275,7 +281,7 @@ again: (offset >= sb.st_size && trail_is_not_terminated(trail->tr_filename)) || (offset >= sb.st_size && trail_is_not_terminated(filename) && -trail_is_crash_recovery(trail->tr_filename))) { +!trail_is_not_terminated(trail->tr_filename))) { /* File was not fully send. Let's finish it. */ if (lseek(fd, offset, SEEK_SET) == -1) { pjdlog_errno(LOG_ERR, ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r339178 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Thu Oct 4 05:57:27 2018 New Revision: 339178 URL: https://svnweb.freebsd.org/changeset/base/339178 Log: Remove invalid comments and correct some typos. Approved by: re (kib) Modified: head/contrib/openbsm/bin/auditdistd/receiver.c head/contrib/openbsm/bin/auditdistd/sender.c Modified: head/contrib/openbsm/bin/auditdistd/receiver.c == --- head/contrib/openbsm/bin/auditdistd/receiver.c Thu Oct 4 05:54:57 2018(r339177) +++ head/contrib/openbsm/bin/auditdistd/receiver.c Thu Oct 4 05:57:27 2018(r339178) @@ -140,7 +140,7 @@ static void adreq_decode_and_validate_header(struct adreq *adreq) { - /* Byte-swap only is the sender is using different byte order. */ + /* Byte-swap only if the sender is using different byte order. */ if (adreq->adr_byteorder != ADIST_BYTEORDER) { adreq->adr_byteorder = ADIST_BYTEORDER; adreq->adr_seq = bswap64(adreq->adr_seq); Modified: head/contrib/openbsm/bin/auditdistd/sender.c == --- head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:54:57 2018(r339177) +++ head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:57:27 2018(r339178) @@ -512,9 +512,6 @@ keepalive_send(void) pjdlog_debug(3, "keepalive_send: Request sent."); } -/* - * Thread sends request to secondary node. - */ static void * send_thread(void *arg __unused) { @@ -574,7 +571,7 @@ static void adrep_decode_header(struct adrep *adrep) { - /* Byte-swap only is the receiver is using different byte order. */ + /* Byte-swap only if the receiver is using different byte order. */ if (adrep->adrp_byteorder != ADIST_BYTEORDER) { adrep->adrp_byteorder = ADIST_BYTEORDER; adrep->adrp_seq = bswap64(adrep->adrp_seq); @@ -582,10 +579,6 @@ adrep_decode_header(struct adrep *adrep) } } -/* - * Thread receives answer from secondary node and passes it to ggate_send - * thread. - */ static void * recv_thread(void *arg __unused) { ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r339177 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Thu Oct 4 05:54:57 2018 New Revision: 339177 URL: https://svnweb.freebsd.org/changeset/base/339177 Log: When the adist_free list is empty and we lose connection to the receiver we move all elements from the adist_send and adist_recv lists back onto the adist_free list, but we don't wake consumers waitings for the adist_free list to become non-empty. This can lead to the sender process stopping audit trail files distribution and waiting forever. Fix the problem by adding the missing wakeup. While here slow down spinning on CPU in case of a short race in sender_disconnect() and add an explaination when it can occur. PR: 201953 Reported by: peter Approved by: re (kib) Modified: head/contrib/openbsm/bin/auditdistd/auditdistd.h head/contrib/openbsm/bin/auditdistd/sender.c Modified: head/contrib/openbsm/bin/auditdistd/auditdistd.h == --- head/contrib/openbsm/bin/auditdistd/auditdistd.hThu Oct 4 05:48:09 2018(r339176) +++ head/contrib/openbsm/bin/auditdistd/auditdistd.hThu Oct 4 05:54:57 2018(r339177) @@ -248,6 +248,21 @@ struct adrep { if (_wakeup)\ cv_signal(list##_cond); \ } while (0) +#defineQUEUE_CONCAT2(tolist, fromlist1, fromlist2) do { \ + bool _wakeup; \ + \ + mtx_lock(tolist##_lock);\ + _wakeup = TAILQ_EMPTY(tolist); \ + mtx_lock(fromlist1##_lock); \ + TAILQ_CONCAT((tolist), (fromlist1), adr_next); \ + mtx_unlock(fromlist1##_lock); \ + mtx_lock(fromlist2##_lock); \ + TAILQ_CONCAT((tolist), (fromlist2), adr_next); \ + mtx_unlock(fromlist2##_lock); \ + mtx_unlock(tolist##_lock); \ + if (_wakeup)\ + cv_signal(tolist##_cond); \ +} while (0) #defineQUEUE_WAIT(list)do { \ mtx_lock(list##_lock); \ while (TAILQ_EMPTY(list)) \ Modified: head/contrib/openbsm/bin/auditdistd/sender.c == --- head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:48:09 2018(r339176) +++ head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:54:57 2018(r339177) @@ -342,14 +342,7 @@ sender_disconnect(void) pjdlog_warning("Disconnected from %s.", adhost->adh_remoteaddr); /* Move all in-flight requests back onto free list. */ - mtx_lock(_free_list_lock); - mtx_lock(_send_list_lock); - TAILQ_CONCAT(_free_list, _send_list, adr_next); - mtx_unlock(_send_list_lock); - mtx_lock(_recv_list_lock); - TAILQ_CONCAT(_free_list, _recv_list, adr_next); - mtx_unlock(_recv_list_lock); - mtx_unlock(_free_list_lock); + QUEUE_CONCAT2(_free_list, _send_list, _recv_list); } static void @@ -609,9 +602,13 @@ recv_thread(void *arg __unused) if (adhost->adh_remote == NULL) { /* * Connection is dead. -* XXX: We shouldn't be here. +* There is a short race in sender_disconnect() between +* setting adh_remote to NULL and removing entries from +* the recv list, which can result in us being here. +* To avoid just spinning, wait for 0.1s. */ rw_unlock(_remote_lock); + usleep(10); continue; } if (proto_recv(adhost->adh_remote, , ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r339176 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Thu Oct 4 05:48:09 2018 New Revision: 339176 URL: https://svnweb.freebsd.org/changeset/base/339176 Log: When we look for a new trail file there might be a race between find trail file name and opening it. This race was not properly handled, because we were copying new name before checking for openat(2) error and when we were trying again we were starting with the next trail file. This could result in skipping distribution of such a trail file. Fix this problem by checking for ENOENT first (only for .not_terminated files) and then updating (or not) tr_filename before restarting the search. PR: 200139 Reported by: peter Approved by: re (kib) Modified: head/contrib/openbsm/bin/auditdistd/trail.c Modified: head/contrib/openbsm/bin/auditdistd/trail.c == --- head/contrib/openbsm/bin/auditdistd/trail.c Thu Oct 4 01:46:56 2018 (r339175) +++ head/contrib/openbsm/bin/auditdistd/trail.c Thu Oct 4 05:48:09 2018 (r339176) @@ -361,17 +361,38 @@ again: pjdlog_debug(1, "No new trail files."); return; } - PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, - sizeof(trail->tr_filename)) < sizeof(trail->tr_filename)); dfd = dirfd(trail->tr_dirfp); PJDLOG_ASSERT(dfd >= 0); - trail->tr_filefd = openat(dfd, trail->tr_filename, O_RDONLY); + trail->tr_filefd = openat(dfd, curfile, O_RDONLY); if (trail->tr_filefd == -1) { - pjdlog_errno(LOG_ERR, - "Unable to open file \"%s/%s\", skipping", - trail->tr_dirname, trail->tr_filename); + if (errno == ENOENT && trail_is_not_terminated(curfile)) { + /* +* The .not_terminated file was most likely renamed. +* Keep trail->tr_filename as a starting point and +* search again. +*/ + pjdlog_debug(1, + "Unable to open \"%s/%s\", most likely renamed in the meantime, retrying.", + trail->tr_dirname, curfile); + } else { + /* +* We were unable to open the file, but not because of +* the above. This shouldn't happen, but it did. +* We don't know why it happen, so the best we can do +* is to just skip this file - this is why we copy the +* name, so we can start and the next entry. +*/ + PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, + sizeof(trail->tr_filename)) < + sizeof(trail->tr_filename)); + pjdlog_errno(LOG_ERR, + "Unable to open file \"%s/%s\", skipping", + trail->tr_dirname, curfile); + } goto again; } + PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, + sizeof(trail->tr_filename)) < sizeof(trail->tr_filename)); pjdlog_debug(1, "Found next trail file: \"%s/%s\".", trail->tr_dirname, trail->tr_filename); } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r292310 - head
Author: pjd Date: Wed Dec 16 01:05:50 2015 New Revision: 292310 URL: https://svnweb.freebsd.org/changeset/base/292310 Log: Keep maintainance of GELI and make it clear which directories I'm interested in. Modified: head/MAINTAINERS Modified: head/MAINTAINERS == --- head/MAINTAINERSWed Dec 16 00:56:45 2015(r292309) +++ head/MAINTAINERSWed Dec 16 01:05:50 2015(r292310) @@ -42,6 +42,7 @@ dev/usb/wlan adrian Pre-commit review re etc/mail gshapiroPre-commit review requested. Keep in sync with -STABLE. etc/sendmail gshapiroPre-commit review requested. Keep in sync with -STABLE. fetch des Pre-commit review requested. +geli pjd Pre-commit review requested (both sys/geom/eli/ and sbin/geom/class/eli/). isci(4)jimharris Pre-commit review requested. iwm(4) adrian Pre-commit review requested, send to freebsd-wirel...@freebsd.org iwn(4) adrian Pre-commit review requested, send to freebsd-wirel...@freebsd.org @@ -125,7 +126,6 @@ fileobrien Insists to keep file blocke contrib/bzip2 obrien Pre-commit review required. geom freebsd-g...@freebsd.org geom_concatpjd Pre-commit review preferred. -geom_eli pjd Pre-commit review preferred. geom_gate pjd Pre-commit review preferred. geom_label pjd Pre-commit review preferred. geom_mirrorpjd Pre-commit review preferred. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r289941 - head/sys/kern
Author: pjd Date: Sun Oct 25 18:48:09 2015 New Revision: 289941 URL: https://svnweb.freebsd.org/changeset/base/289941 Log: The aio_waitcomplete(2) syscall should not sleep when the given timeout is 0. Without this change it was sleeping for one tick. Maybe not a big deal, but it makes share/dtrace/blocking script to report that. Reviewed by: jhb Differential Revision:https://reviews.freebsd.org/D3814 Sponsored by: Wheel Systems, http://wheelsystems.com Modified: head/sys/kern/vfs_aio.c Modified: head/sys/kern/vfs_aio.c == --- head/sys/kern/vfs_aio.c Sun Oct 25 18:09:03 2015(r289940) +++ head/sys/kern/vfs_aio.c Sun Oct 25 18:48:09 2015(r289941) @@ -2494,8 +2494,11 @@ kern_aio_waitcomplete(struct thread *td, ops->store_aiocb(aiocbp, NULL); - timo = 0; - if (ts) { + if (ts == NULL) { + timo = 0; + } else if (ts->tv_sec == 0 && ts->tv_nsec == 0) { + timo = -1; + } else { if ((ts->tv_nsec < 0) || (ts->tv_nsec >= 10)) return (EINVAL); @@ -2513,6 +2516,10 @@ kern_aio_waitcomplete(struct thread *td, cb = NULL; AIO_LOCK(ki); while ((cb = TAILQ_FIRST(>kaio_done)) == NULL) { + if (timo == -1) { + error = EWOULDBLOCK; + break; + } ki->kaio_flags |= KAIO_WAKEUP; error = msleep(>p_aioinfo, AIO_MTX(ki), PRIBIO | PCATCH, "aiowc", timo); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r288644 - head/share/dtrace
Author: pjd Date: Sun Oct 4 00:40:12 2015 New Revision: 288644 URL: https://svnweb.freebsd.org/changeset/base/288644 Log: Add a little, but very useful script for use with programs that work using an event loop and should sleep only when waiting for events (eg. via kevent(2)). When a program is going to sleep in the kernel, the script will show its name, PID, kernel stack trace and userland stack trace. Sleeping in kevent(2) is ignored as it is expected to be valid. Sample output: # ./blocking lynxd lynxd(15042) is blocking... kernel`_cv_wait_sig+0x124 kernel`seltdwait+0xae kernel`sys_poll+0x3a3 kernel`amd64_syscall+0x343 kernel`0x806c79ab lynxd`poll+0xa lynxd`pqSocketCheck+0xa2 lynxd`pqWaitTimed+0x29 lynxd`connectDBComplete+0xd7 lynxd`PQsetdbLogin+0x2ec lynxd`db_connect+0x3c lynxd`main+0x198 lynxd`_start+0x16f 0x2 lynxd(1925) is blocking... kernel`_cv_wait+0x125 zfs.ko`zio_wait+0x5b zfs.ko`dmu_buf_hold_array_by_dnode+0x1dc zfs.ko`dmu_read+0xcb zfs.ko`zfs_freebsd_getpages+0x37b kernel`VOP_GETPAGES_APV+0xa7 kernel`vnode_pager_getpages+0x9a kernel`vm_fault_hold+0x885 kernel`vm_fault+0x77 kernel`trap_pfault+0x211 kernel`trap+0x506 kernel`0x806c76c2 lynxd`EVP_add_cipher+0x13 lynxd`SSL_library_init+0x11 lynxd`main+0x94 lynxd`_start+0x16f 0x2 lynxd(1925) is blocking... kernel`_cv_wait+0x125 zfs.ko`zio_wait+0x5b zfs.ko`dbuf_read+0x791 zfs.ko`dbuf_findbp+0x12f zfs.ko`dbuf_hold_impl+0xa2 zfs.ko`dbuf_hold+0x1b zfs.ko`dmu_buf_hold_array_by_dnode+0x153 zfs.ko`dmu_read_uio+0x66 zfs.ko`zfs_freebsd_read+0x3a3 kernel`VOP_READ_APV+0xa1 kernel`vn_read+0x13a kernel`vn_io_fault+0x10b kernel`dofileread+0x95 kernel`kern_readv+0x68 kernel`sys_read+0x63 kernel`amd64_syscall+0x343 kernel`0x806c79ab lynxd`_read+0xa lynxd`__srefill+0x122 lynxd`fgets+0x78 lynxd`file_gets+0x1d lynxd`BIO_gets+0x64 lynxd`PEM_read_bio+0xf5 lynxd`PEM_X509_INFO_read_bio+0x90 lynxd`X509_load_cert_crl_file+0x47 lynxd`by_file_ctrl+0x2e lynxd`X509_STORE_load_locations+0x4a lynxd`sslctx_init+0x255 lynxd`main+0x215 lynxd`_start+0x16f 0x2 Requested by: gnn Obtained from:Wheel Systems http://wheelsystems.com Added: head/share/dtrace/blocking (contents, props changed) Modified: head/share/dtrace/Makefile Modified: head/share/dtrace/Makefile == --- head/share/dtrace/Makefile Sat Oct 3 22:38:08 2015(r288643) +++ head/share/dtrace/Makefile Sun Oct 4 00:40:12 2015(r288644) @@ -12,7 +12,8 @@ SUBDIR= ${_toolkit} _toolkit= toolkit .endif -SCRIPTS= disklatency \ +SCRIPTS= blocking \ + disklatency \ disklatencycmd \ hotopen \ nfsattrstats \ Added: head/share/dtrace/blocking == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/dtrace/blocking Sun Oct 4 00:40:12 2015(r288644) @@ -0,0 +1,57 @@ +#!/usr/sbin/dtrace -s +/*- + * Copyright (c) 2015 Pawel Jakub Dawidek <pa...@dawidek.net> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE A
svn commit: r286444 - in head: sbin/geom/class/eli sys/geom/eli
Author: pjd Date: Sat Aug 8 09:51:38 2015 New Revision: 286444 URL: https://svnweb.freebsd.org/changeset/base/286444 Log: Enable BIO_DELETE passthru in GELI, so TRIM/UNMAP can work as expected when GELI is used on a SSD or inside virtual machine, so that guest can tell host that it is no longer using some of the storage. Enabling BIO_DELETE passthru comes with a small security consequence - an attacker can tell how much space is being really used on encrypted device and has less data no analyse then. This is why the -T option can be given to the init subcommand to turn off this behaviour and -t/T options for the configure subcommand can be used to adjust this setting later. PR: 198863 Submitted by: Matthew D. Fuller fullermd at over-yonder dot net This commit also includes a fix from Fabian Keil freebsd-listen at fabiankeil.de for 'configure' on onetime providers which is not strictly related, but is entangled in the same code, so would cause conflicts if separated out. Modified: head/sbin/geom/class/eli/geli.8 head/sbin/geom/class/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c Modified: head/sbin/geom/class/eli/geli.8 == --- head/sbin/geom/class/eli/geli.8 Sat Aug 8 08:40:36 2015 (r286443) +++ head/sbin/geom/class/eli/geli.8 Sat Aug 8 09:51:38 2015 (r286444) @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd June 2, 2015 +.Dd July 10, 2015 .Dt GELI 8 .Os .Sh NAME @@ -51,7 +51,7 @@ utility: .Pp .Nm .Cm init -.Op Fl bPv +.Op Fl bPTv .Op Fl a Ar aalgo .Op Fl B Ar backupfile .Op Fl e Ar ealgo @@ -80,7 +80,7 @@ utility: .Cm detach .Nm .Cm onetime -.Op Fl d +.Op Fl dT .Op Fl a Ar aalgo .Op Fl e Ar ealgo .Op Fl l Ar keylen @@ -88,7 +88,7 @@ utility: .Ar prov .Nm .Cm configure -.Op Fl bB +.Op Fl bBtT .Ar prov ... .Nm .Cm setkey @@ -351,6 +351,17 @@ Change decrypted provider's sector size. Increasing the sector size allows increased performance, because encryption/decryption which requires an initialization vector is done per sector; fewer sectors means less computational work. +.It Fl T +Don't pass through +.Dv BIO_DELETE +calls (i.e., TRIM/UNMAP). +This can prevent an attacker from knowing how much space you're actually +using and which sectors contain live data, but will also prevent the +backing store (SSD, etc) from reclaiming space you're not using, which +may degrade its performance and lifespan. +The underlying provider may or may not actually obliterate the deleted +sectors when TRIM is enabled, so it should not be considered to add any +security. .It Fl V Ar version Metadata version to use. This option is helpful when creating a provider that may be used by older @@ -456,6 +467,11 @@ Change decrypted provider's sector size. For more information, see the description of the .Cm init subcommand. +.It Fl T +Disable TRIM/UNMAP passthru. +For more information, see the description of the +.Cm init +subcommand. .El .It Cm configure Change configuration of the given providers. @@ -469,6 +485,13 @@ For more information, see the descriptio subcommand. .It Fl B Remove the BOOT flag from the given providers. +.It Fl t +Enable TRIM/UNMAP passthru. +For more information, see the description of the +.Cm init +subcommand. +.It Fl T +Disable TRIM/UNMAP passthru. .El .It Cm setkey Install a copy of the Master Key into the selected slot, encrypted with Modified: head/sbin/geom/class/eli/geom_eli.c == --- head/sbin/geom/class/eli/geom_eli.c Sat Aug 8 08:40:36 2015 (r286443) +++ head/sbin/geom/class/eli/geom_eli.c Sat Aug 8 09:51:38 2015 (r286444) @@ -114,10 +114,11 @@ struct g_command class_commands[] = { { 'l', keylen, 0, G_TYPE_NUMBER }, { 'P', nonewpassphrase, NULL, G_TYPE_BOOL }, { 's', sectorsize, 0, G_TYPE_NUMBER }, + { 'T', notrim, NULL, G_TYPE_BOOL }, { 'V', mdversion, -1, G_TYPE_NUMBER }, G_OPT_SENTINEL }, - [-bPv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov + [-bPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov }, { label, G_FLAG_VERBOSE, eli_main, { @@ -170,17 +171,20 @@ struct g_command class_commands[] = { { 'e', ealgo, GELI_ENC_ALGO, G_TYPE_STRING }, { 'l', keylen, 0, G_TYPE_NUMBER }, { 's', sectorsize, 0, G_TYPE_NUMBER }, + { 'T', notrim, NULL, G_TYPE_BOOL }, G_OPT_SENTINEL }, - [-d] [-a aalgo] [-e ealgo] [-l keylen] [-s sectorsize] prov +
svn commit: r286445 - in head: sbin/swapon share/man/man5
Author: pjd Date: Sat Aug 8 09:57:38 2015 New Revision: 286445 URL: https://svnweb.freebsd.org/changeset/base/286445 Log: Allow to disable BIO_DELETE passthru in fstab for swap-on-geli devices by passing 'notrim' option. PR: 198863 Submitted by: Matthew D. Fuller fullermd at over-yonder dot net Modified: head/sbin/swapon/swapon.c head/share/man/man5/fstab.5 Modified: head/sbin/swapon/swapon.c == --- head/sbin/swapon/swapon.c Sat Aug 8 09:51:38 2015(r286444) +++ head/sbin/swapon/swapon.c Sat Aug 8 09:57:38 2015(r286445) @@ -313,7 +313,7 @@ static char * swap_on_geli_args(const char *mntops) { const char *aalgo, *ealgo, *keylen_str, *sectorsize_str; - const char *aflag, *eflag, *lflag, *sflag; + const char *aflag, *eflag, *lflag, *Tflag, *sflag; char *p, *args, *token, *string, *ops; int argsize, pagesize; size_t pagesize_len; @@ -321,7 +321,7 @@ swap_on_geli_args(const char *mntops) /* Use built-in defaults for geli(8). */ aalgo = ealgo = keylen_str = ; - aflag = eflag = lflag = ; + aflag = eflag = lflag = Tflag = ; /* We will always specify sectorsize. */ sflag = -s ; @@ -365,6 +365,8 @@ swap_on_geli_args(const char *mntops) free(ops); return (NULL); } + } else if ((p = strstr(token, notrim)) == token) { + Tflag = -T ; } else if (strcmp(token, sw) != 0) { warnx(Invalid option: %s, token); free(ops); @@ -387,8 +389,8 @@ swap_on_geli_args(const char *mntops) sectorsize_str = p; } - argsize = asprintf(args, %s%s%s%s%s%s%s%s -d, - aflag, aalgo, eflag, ealgo, lflag, keylen_str, + argsize = asprintf(args, %s%s%s%s%s%s%s%s%s -d, + aflag, aalgo, eflag, ealgo, lflag, keylen_str, Tflag, sflag, sectorsize_str); free(ops); Modified: head/share/man/man5/fstab.5 == --- head/share/man/man5/fstab.5 Sat Aug 8 09:51:38 2015(r286444) +++ head/share/man/man5/fstab.5 Sat Aug 8 09:57:38 2015(r286445) @@ -242,6 +242,7 @@ The .Dq ealgo , .Dq aalgo , .Dq keylen , +.Dq notrim , and .Dq sectorsize options may be passed to control those ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r286373 - head/sys/geom/eli
Author: pjd Date: Thu Aug 6 17:13:34 2015 New Revision: 286373 URL: https://svnweb.freebsd.org/changeset/base/286373 Log: After crypto_dispatch() bio might be already delivered and destroyed, so we cannot access it anymore. Setting an error later lead to memory corruption. Assert that crypto_dispatch() was successful. It can fail only if we pass a bogus crypto request, which is a bug in the program, not a runtime condition. PR: 199705 Submitted by: luke.tw Reviewed by: emaste MFC after:3 days Modified: head/sys/geom/eli/g_eli_integrity.c head/sys/geom/eli/g_eli_privacy.c Modified: head/sys/geom/eli/g_eli_integrity.c == --- head/sys/geom/eli/g_eli_integrity.c Thu Aug 6 17:07:21 2015 (r286372) +++ head/sys/geom/eli/g_eli_integrity.c Thu Aug 6 17:13:34 2015 (r286373) @@ -408,8 +408,8 @@ g_eli_auth_run(struct g_eli_worker *wr, struct cryptodesc *crde, *crda; u_int i, lsec, nsec, data_secsize, decr_secsize, encr_secsize; off_t dstoff; - int err, error; u_char *p, *data, *auth, *authkey, *plaindata; + int error; G_ELI_LOGREQ(3, bp, %s, __func__); @@ -451,7 +451,6 @@ g_eli_auth_run(struct g_eli_worker *wr, bp-bio_inbed = 0; bp-bio_children = nsec; - error = 0; for (i = 1; i = nsec; i++, dstoff += encr_secsize) { crp = (struct cryptop *)p; p += sizeof(*crp); crde = (struct cryptodesc *)p; p += sizeof(*crde); @@ -519,10 +518,8 @@ g_eli_auth_run(struct g_eli_worker *wr, crda-crd_klen = G_ELI_AUTH_SECKEYLEN * 8; crp-crp_etype = 0; - err = crypto_dispatch(crp); - if (err != 0 error == 0) - error = err; + error = crypto_dispatch(crp); + KASSERT(error == 0, (crypto_dispatch() failed (error=%d), + error)); } - if (bp-bio_error == 0) - bp-bio_error = error; } Modified: head/sys/geom/eli/g_eli_privacy.c == --- head/sys/geom/eli/g_eli_privacy.c Thu Aug 6 17:07:21 2015 (r286372) +++ head/sys/geom/eli/g_eli_privacy.c Thu Aug 6 17:13:34 2015 (r286373) @@ -230,10 +230,10 @@ g_eli_crypto_run(struct g_eli_worker *wr struct cryptop *crp; struct cryptodesc *crd; u_int i, nsec, secsize; - int err, error; off_t dstoff; size_t size; u_char *p, *data; + int error; G_ELI_LOGREQ(3, bp, %s, __func__); @@ -271,7 +271,6 @@ g_eli_crypto_run(struct g_eli_worker *wr bcopy(bp-bio_data, data, bp-bio_length); } - error = 0; for (i = 0, dstoff = bp-bio_offset; i nsec; i++, dstoff += secsize) { crp = (struct cryptop *)p; p += sizeof(*crp); crd = (struct cryptodesc *)p; p += sizeof(*crd); @@ -308,10 +307,8 @@ g_eli_crypto_run(struct g_eli_worker *wr crd-crd_next = NULL; crp-crp_etype = 0; - err = crypto_dispatch(crp); - if (error == 0) - error = err; + error = crypto_dispatch(crp); + KASSERT(error == 0, (crypto_dispatch() failed (error=%d), + error)); } - if (bp-bio_error == 0) - bp-bio_error = error; } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r285021 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
On Mon, Aug 03, 2015 at 04:20:04PM +0300, Andriy Gapon wrote: On 30/07/2015 10:24, K. Macy wrote: Just FYI this change introduces a deadlock with with the spa_namespace_lock. Mount will be holding this lock while trying to acquire the spa_namespace_lock. zfskern on the other hand holds the spa_namespace_lock when calling zfs_freebsd_access which in turn tries to acquire the teardown lock. I missed the fact that zpool.cache file is being written with spa_namespace_lock held. I'll try to either resolve the problem in the next day or I will revert the change. FYI, I'm hitting this deadlock on my laptop. Reverting the change fixes the problem. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgp3vIPthvTlm.pgp Description: PGP signature
svn commit: r285363 - head/sys/geom/eli
Author: pjd Date: Fri Jul 10 19:27:19 2015 New Revision: 285363 URL: https://svnweb.freebsd.org/changeset/base/285363 Log: Spoil even can happen for some time now even on providers opened exclusively (on the media change event). Update GELI to handle that situation. PR: 201185 Submitted by: Matthew D. Fuller Modified: head/sys/geom/eli/g_eli.c Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Fri Jul 10 19:24:36 2015(r285362) +++ head/sys/geom/eli/g_eli.c Fri Jul 10 19:27:19 2015(r285363) @@ -730,10 +730,10 @@ g_eli_create(struct gctl_req *req, struc sc = malloc(sizeof(*sc), M_ELI, M_WAITOK | M_ZERO); gp-start = g_eli_start; /* -* Spoiling cannot happen actually, because we keep provider open for -* writing all the time or provider is read-only. +* Spoiling can happen even though we have the provider open +* exclusively, e.g. through media change events. */ - gp-spoiled = g_eli_orphan_spoil_assert; + gp-spoiled = g_eli_orphan; gp-orphan = g_eli_orphan; gp-dumpconf = g_eli_dumpconf; /* ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r285023 - in head: sbin/geom/class/eli sys/geom/eli
Author: pjd Date: Thu Jul 2 10:55:32 2015 New Revision: 285023 URL: https://svnweb.freebsd.org/changeset/base/285023 Log: Allow to omit keyfile number for the first keyfile. Modified: head/sbin/geom/class/eli/geli.8 head/sys/geom/eli/g_eli.c Modified: head/sbin/geom/class/eli/geli.8 == --- head/sbin/geom/class/eli/geli.8 Thu Jul 2 10:31:08 2015 (r285022) +++ head/sbin/geom/class/eli/geli.8 Thu Jul 2 10:55:32 2015 (r285023) @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd June 18, 2014 +.Dd June 2, 2015 .Dt GELI 8 .Os .Sh NAME @@ -893,6 +893,13 @@ geli_da1s3a_keyfile0_type=da1s3a:geli_k geli_da1s3a_keyfile0_name=/boot/keys/da1s3a.key .Ed .Pp +If there is only one keyfile, the index might be omitted: +.Bd -literal -offset indent +geli_da1s3a_keyfile_load=YES +geli_da1s3a_keyfile_type=da1s3a:geli_keyfile +geli_da1s3a_keyfile_name=/boot/keys/da1s3a.key +.Ed +.Pp Not only configure encryption, but also data integrity verification using .Nm HMAC/SHA256 . .Bd -literal -offset indent Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Thu Jul 2 10:31:08 2015(r285022) +++ head/sys/geom/eli/g_eli.c Thu Jul 2 10:55:32 2015(r285023) @@ -998,6 +998,13 @@ g_eli_keyfiles_load(struct hmac_ctx *ctx for (i = 0; ; i++) { snprintf(name, sizeof(name), %s:geli_keyfile%d, provider, i); keyfile = preload_search_by_type(name); + if (keyfile == NULL i == 0) { + /* +* If there is only one keyfile, allow simpler name. +*/ + snprintf(name, sizeof(name), %s:geli_keyfile, provider); + keyfile = preload_search_by_type(name); + } if (keyfile == NULL) return (i); /* Return number of loaded keyfiles. */ data = preload_fetch_addr(keyfile); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r285024 - head/sys/geom/eli
Author: pjd Date: Thu Jul 2 10:57:34 2015 New Revision: 285024 URL: https://svnweb.freebsd.org/changeset/base/285024 Log: Properly propagate errors in metadata reading. PR: 198860 Submitted by: Matthew D. Fuller Modified: head/sys/geom/eli/g_eli.c Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Thu Jul 2 10:55:32 2015(r285023) +++ head/sys/geom/eli/g_eli.c Thu Jul 2 10:57:34 2015(r285024) @@ -633,7 +633,10 @@ g_eli_read_metadata(struct g_class *mp, g_topology_lock(); if (buf == NULL) goto end; - eli_metadata_decode(buf, md); + error = eli_metadata_decode(buf, md); + if (error != 0) + goto end; + /* Metadata was read and decoded successfully. */ end: if (buf != NULL) g_free(buf); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277921 - head/lib/libnv
Author: pjd Date: Fri Jan 30 10:08:38 2015 New Revision: 277921 URL: https://svnweb.freebsd.org/changeset/base/277921 Log: Modify nvlist_get_parent() API to take additional cookie argument. This allow for non-recursive iteration over nested nvlists, as in documented example. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/nv.3 head/lib/libnv/nv.h head/lib/libnv/nvlist.c Modified: head/lib/libnv/nv.3 == --- head/lib/libnv/nv.3 Fri Jan 30 09:44:29 2015(r277920) +++ head/lib/libnv/nv.3 Fri Jan 30 10:08:38 2015(r277921) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd September 25, 2014 +.Dd January 30, 2015 .Dt NV 3 .Os .Sh NAME @@ -151,7 +151,7 @@ .Ft const void * .Fn nvlist_get_binary const nvlist_t *nvl const char *name size_t *sizep .Ft const nvlist_t * -.Fn nvlist_get_parent const nvlist_t *nvl +.Fn nvlist_get_parent const nvlist_t *nvl void **cookiep .\ .Ft bool .Fn nvlist_take_bool nvlist_t *nvl const char *name @@ -588,6 +588,28 @@ while ((name = nvlist_next(nvl, type, printf(\\n); } .Ed +.Pp +Iterating over every nested nvlist: +.Bd -literal +nvlist_t *nvl; +const char *name; +void *cookie; +int type; + +nvl = nvlist_recv(sock); +if (nvl == NULL) + err(1, nvlist_recv() failed); + +cookie = NULL; +do { + while ((name = nvlist_next(nvl, type, cookie)) != NULL) { + if (type == NV_TYPE_NVLIST) { + nvl = nvlist_get_nvlist(nvl, name); + cookie = NULL; + } + } +} while ((nvl = nvlist_get_parent(nvl, cookie)) != NULL); +.Ed .Sh SEE ALSO .Xr close 2 , .Xr dup 2 , Modified: head/lib/libnv/nv.h == --- head/lib/libnv/nv.h Fri Jan 30 09:44:29 2015(r277920) +++ head/lib/libnv/nv.h Fri Jan 30 10:08:38 2015(r277921) @@ -83,7 +83,7 @@ nvlist_t *nvlist_xfer(int sock, nvlist_t const char *nvlist_next(const nvlist_t *nvl, int *typep, void **cookiep); -const nvlist_t *nvlist_get_parent(const nvlist_t *nvl); +const nvlist_t *nvlist_get_parent(const nvlist_t *nvl, void **cookiep); /* * The nvlist_exists functions check if the given name (optionally of the given Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Fri Jan 30 09:44:29 2015(r277920) +++ head/lib/libnv/nvlist.c Fri Jan 30 10:08:38 2015(r277921) @@ -159,15 +159,19 @@ nvlist_get_nvpair_parent(const nvlist_t } const nvlist_t * -nvlist_get_parent(const nvlist_t *nvl) +nvlist_get_parent(const nvlist_t *nvl, void **cookiep) { + nvpair_t *nvp; NVLIST_ASSERT(nvl); - if (nvl-nvl_parent == NULL) + nvp = nvl-nvl_parent; + if (cookiep != NULL) + *cookiep = nvp; + if (nvp == NULL) return (NULL); - return (nvpair_nvlist(nvl-nvl_parent)); + return (nvpair_nvlist(nvp)); } void @@ -384,11 +388,10 @@ nvlist_dump(const nvlist_t *nvl, int fd) dprintf(fd, \n); nvl = nvpair_get_nvlist(nvp); if (nvlist_dump_error_check(nvl, fd, level + 1)) { - nvl = nvlist_get_parent(nvl); + nvl = nvlist_get_parent(nvl, (void **)nvp); break; } - level += 1; - nvp = nvlist_first_nvpair(nvl); + level++; continue; case NV_TYPE_DESCRIPTOR: dprintf(fd, %d\n, nvpair_get_descriptor(nvp)); @@ -411,11 +414,10 @@ nvlist_dump(const nvlist_t *nvl, int fd) } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvp = nvlist_get_nvpair_parent(nvl); - if (nvp == NULL) + nvl = nvlist_get_parent(nvl, (void **)nvp); + if (nvl == NULL) return; - nvl = nvlist_get_parent(nvl); - level --; + level--; } } } @@ -457,10 +459,9 @@ nvlist_size(const nvlist_t *nvl) } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvp = nvlist_get_nvpair_parent(nvl); - if (nvp == NULL) + nvl = nvlist_get_parent(nvl, (void **)nvp); + if (nvl == NULL) goto out; - nvl = nvlist_get_parent(nvl); } } @@ -635,13 +636,12 @@ nvlist_xpack(const nvlist_t *nvl, int64_ return (NULL); }
svn commit: r277920 - head/lib/libnv
Author: pjd Date: Fri Jan 30 09:44:29 2015 New Revision: 277920 URL: https://svnweb.freebsd.org/changeset/base/277920 Log: If moving descriptor or binary data to an nvlist fails, we need to close the descriptor or free the memory before returning. Submitted by: Mariusz Zaborski osho...@freebsd.org While here, protect errno, so it won't be overwritted by close(2) or free(3). Modified: head/lib/libnv/nvpair.c Modified: head/lib/libnv/nvpair.c == --- head/lib/libnv/nvpair.c Fri Jan 30 09:05:43 2015(r277919) +++ head/lib/libnv/nvpair.c Fri Jan 30 09:44:29 2015(r277920) @@ -1100,6 +1100,7 @@ nvpair_t * nvpair_movev_string(char *value, const char *namefmt, va_list nameap) { nvpair_t *nvp; + int serrno; if (value == NULL) { errno = EINVAL; @@ -1108,8 +1109,11 @@ nvpair_movev_string(char *value, const c nvp = nvpair_allocv(NV_TYPE_STRING, (uint64_t)(uintptr_t)value, strlen(value) + 1, namefmt, nameap); - if (nvp == NULL) + if (nvp == NULL) { + serrno = errno; free(value); + errno = serrno; + } return (nvp); } @@ -1137,28 +1141,46 @@ nvpair_movev_nvlist(nvlist_t *value, con nvpair_t * nvpair_movev_descriptor(int value, const char *namefmt, va_list nameap) { + nvpair_t *nvp; + int serrno; if (value 0 || !fd_is_valid(value)) { errno = EBADF; return (NULL); } - return (nvpair_allocv(NV_TYPE_DESCRIPTOR, (uint64_t)value, - sizeof(int64_t), namefmt, nameap)); + nvp = nvpair_allocv(NV_TYPE_DESCRIPTOR, (uint64_t)value, + sizeof(int64_t), namefmt, nameap); + if (nvp == NULL) { + serrno = errno; + close(value); + errno = serrno; + } + + return (nvp); } nvpair_t * nvpair_movev_binary(void *value, size_t size, const char *namefmt, va_list nameap) { + nvpair_t *nvp; + int serrno; if (value == NULL || size == 0) { errno = EINVAL; return (NULL); } - return (nvpair_allocv(NV_TYPE_BINARY, (uint64_t)(uintptr_t)value, size, - namefmt, nameap)); + nvp = nvpair_allocv(NV_TYPE_BINARY, (uint64_t)(uintptr_t)value, size, + namefmt, nameap); + if (nvp == NULL) { + serrno = errno; + free(value); + errno = serrno; + } + + return (nvp); } bool ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277927 - head/lib/libnv
Author: pjd Date: Fri Jan 30 13:03:36 2015 New Revision: 277927 URL: https://svnweb.freebsd.org/changeset/base/277927 Log: Make gcc happy. Reported by: bz Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Fri Jan 30 12:57:35 2015(r277926) +++ head/lib/libnv/nvlist.c Fri Jan 30 13:03:36 2015(r277927) @@ -358,6 +358,7 @@ nvlist_dump(const nvlist_t *nvl, int fd) { const nvlist_t *tmpnvl; nvpair_t *nvp, *tmpnvp; + void *cookie; int level; level = 0; @@ -419,9 +420,11 @@ nvlist_dump(const nvlist_t *nvl, int fd) } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvl = nvlist_get_parent(nvl, (void **)nvp); + cookie = NULL; + nvl = nvlist_get_parent(nvl, cookie); if (nvl == NULL) return; + nvp = cookie; level--; } } @@ -443,6 +446,7 @@ nvlist_size(const nvlist_t *nvl) { const nvlist_t *tmpnvl; const nvpair_t *nvp, *tmpnvp; + void *cookie; size_t size; NVLIST_ASSERT(nvl); @@ -469,9 +473,11 @@ nvlist_size(const nvlist_t *nvl) } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvl = nvlist_get_parent(nvl, (void **)nvp); + cookie = NULL; + nvl = nvlist_get_parent(nvl, cookie); if (nvl == NULL) goto out; + nvp = cookie; } } @@ -587,6 +593,7 @@ nvlist_xpack(const nvlist_t *nvl, int64_ size_t left, size; const nvlist_t *tmpnvl; nvpair_t *nvp, *tmpnvp; + void *cookie; NVLIST_ASSERT(nvl); @@ -655,9 +662,11 @@ nvlist_xpack(const nvlist_t *nvl, int64_ return (NULL); } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvl = nvlist_get_parent(nvl, (void **)nvp); + cookie = NULL; + nvl = nvlist_get_parent(nvl, cookie); if (nvl == NULL) goto out; + nvp = cookie; ptr = nvpair_pack_nvlist_up(ptr, left); if (ptr == NULL) goto out; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277926 - head/lib/libnv
Author: pjd Date: Fri Jan 30 12:57:35 2015 New Revision: 277926 URL: https://svnweb.freebsd.org/changeset/base/277926 Log: Add missing nvlist_get_parent(3) link. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/Makefile Modified: head/lib/libnv/Makefile == --- head/lib/libnv/Makefile Fri Jan 30 12:31:29 2015(r277925) +++ head/lib/libnv/Makefile Fri Jan 30 12:57:35 2015(r277926) @@ -61,6 +61,7 @@ MLINKS+=nv.3 nvlist_create.3 \ nv.3 nvlist_get_nvlist.3 \ nv.3 nvlist_get_descriptor.3 \ nv.3 nvlist_get_binary.3 \ + nv.3 nvlist_get_parent.3 \ nv.3 nvlist_take_bool.3 \ nv.3 nvlist_take_number.3 \ nv.3 nvlist_take_string.3 \ ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277925 - head/lib/libnv
Author: pjd Date: Fri Jan 30 12:31:29 2015 New Revision: 277925 URL: https://svnweb.freebsd.org/changeset/base/277925 Log: Handle empty nvlists correctly. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Fri Jan 30 12:07:43 2015(r277924) +++ head/lib/libnv/nvlist.c Fri Jan 30 12:31:29 2015(r277925) @@ -356,7 +356,8 @@ nvlist_dump_error_check(const nvlist_t * void nvlist_dump(const nvlist_t *nvl, int fd) { - nvpair_t *nvp; + const nvlist_t *tmpnvl; + nvpair_t *nvp, *tmpnvp; int level; level = 0; @@ -386,13 +387,17 @@ nvlist_dump(const nvlist_t *nvl, int fd) break; case NV_TYPE_NVLIST: dprintf(fd, \n); - nvl = nvpair_get_nvlist(nvp); - if (nvlist_dump_error_check(nvl, fd, level + 1)) { - nvl = nvlist_get_parent(nvl, (void **)nvp); + tmpnvl = nvpair_get_nvlist(nvp); + if (nvlist_dump_error_check(tmpnvl, fd, level + 1)) break; + tmpnvp = nvlist_first_nvpair(tmpnvl); + if (tmpnvp != NULL) { + nvl = tmpnvl; + nvp = tmpnvp; + level++; + continue; } - level++; - continue; + break; case NV_TYPE_DESCRIPTOR: dprintf(fd, %d\n, nvpair_get_descriptor(nvp)); break; @@ -436,7 +441,8 @@ nvlist_fdump(const nvlist_t *nvl, FILE * size_t nvlist_size(const nvlist_t *nvl) { - const nvpair_t *nvp; + const nvlist_t *tmpnvl; + const nvpair_t *nvp, *tmpnvp; size_t size; NVLIST_ASSERT(nvl); @@ -450,10 +456,14 @@ nvlist_size(const nvlist_t *nvl) if (nvpair_type(nvp) == NV_TYPE_NVLIST) { size += sizeof(struct nvlist_header); size += nvpair_header_size() + 1; - nvl = nvpair_get_nvlist(nvp); - PJDLOG_ASSERT(nvl-nvl_error == 0); - nvp = nvlist_first_nvpair(nvl); - continue; + tmpnvl = nvpair_get_nvlist(nvp); + PJDLOG_ASSERT(tmpnvl-nvl_error == 0); + tmpnvp = nvlist_first_nvpair(tmpnvl); + if (tmpnvp != NULL) { + nvl = tmpnvl; + nvp = tmpnvp; + continue; + } } else { size += nvpair_size(nvp); } @@ -575,7 +585,8 @@ nvlist_xpack(const nvlist_t *nvl, int64_ { unsigned char *buf, *ptr; size_t left, size; - nvpair_t *nvp; + const nvlist_t *tmpnvl; + nvpair_t *nvp, *tmpnvp; NVLIST_ASSERT(nvl); @@ -618,10 +629,18 @@ nvlist_xpack(const nvlist_t *nvl, int64_ ptr = nvpair_pack_string(nvp, ptr, left); break; case NV_TYPE_NVLIST: - nvl = nvpair_get_nvlist(nvp); - nvp = nvlist_first_nvpair(nvl); - ptr = nvlist_pack_header(nvl, ptr, left); - continue; + tmpnvl = nvpair_get_nvlist(nvp); + ptr = nvlist_pack_header(tmpnvl, ptr, left); + if (ptr == NULL) + goto out; + tmpnvp = nvlist_first_nvpair(tmpnvl); + if (tmpnvp != NULL) { + nvl = tmpnvl; + nvp = tmpnvp; + continue; + } + ptr = nvpair_pack_nvlist_up(ptr, left); + break; case NV_TYPE_DESCRIPTOR: ptr = nvpair_pack_descriptor(nvp, ptr, fdidxp, left); break; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r274366 - in head/sys: dev/null geom kern sys
Author: pjd Date: Tue Nov 11 04:48:09 2014 New Revision: 274366 URL: https://svnweb.freebsd.org/changeset/base/274366 Log: Add missing privilege check when setting the dump device. Before that change it was possible for a regular user to setup the dump device if he had write access to the given device. In theory it is a security issue as user might get access to kernel's memory after provoking kernel crash, but in practise it is not recommended to give regular users direct access to storage devices. Rework the code so that we do privileges check within the set_dumper() function to avoid similar problems in the future. Discussed with: secteam Modified: head/sys/dev/null/null.c head/sys/geom/geom_dev.c head/sys/kern/kern_shutdown.c head/sys/sys/conf.h Modified: head/sys/dev/null/null.c == --- head/sys/dev/null/null.cTue Nov 11 04:07:41 2014(r274365) +++ head/sys/dev/null/null.cTue Nov 11 04:48:09 2014(r274366) @@ -37,7 +37,6 @@ __FBSDID($FreeBSD$); #include sys/kernel.h #include sys/malloc.h #include sys/module.h -#include sys/priv.h #include sys/disk.h #include sys/bus.h #include sys/filio.h @@ -110,9 +109,7 @@ null_ioctl(struct cdev *dev __unused, u_ switch (cmd) { case DIOCSKERNELDUMP: - error = priv_check(td, PRIV_SETDUMPER); - if (error == 0) - error = set_dumper(NULL, NULL); + error = set_dumper(NULL, NULL, td); break; case FIONBIO: break; Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cTue Nov 11 04:07:41 2014(r274365) +++ head/sys/geom/geom_dev.cTue Nov 11 04:48:09 2014(r274366) @@ -127,14 +127,14 @@ g_dev_fini(struct g_class *mp) } static int -g_dev_setdumpdev(struct cdev *dev) +g_dev_setdumpdev(struct cdev *dev, struct thread *td) { struct g_kerneldump kd; struct g_consumer *cp; int error, len; if (dev == NULL) - return (set_dumper(NULL, NULL)); + return (set_dumper(NULL, NULL, td)); cp = dev-si_drv2; len = sizeof(kd); @@ -142,7 +142,7 @@ g_dev_setdumpdev(struct cdev *dev) kd.length = OFF_MAX; error = g_io_getattr(GEOM::kerneldump, cp, len, kd); if (error == 0) { - error = set_dumper(kd.di, devtoname(dev)); + error = set_dumper(kd.di, devtoname(dev), td); if (error == 0) dev-si_flags |= SI_DUMPDEV; } @@ -157,7 +157,7 @@ init_dumpdev(struct cdev *dev) return; if (strcmp(devtoname(dev), dumpdev) != 0) return; - if (g_dev_setdumpdev(dev) == 0) { + if (g_dev_setdumpdev(dev, curthread) == 0) { freeenv(dumpdev); dumpdev = NULL; } @@ -453,9 +453,9 @@ g_dev_ioctl(struct cdev *dev, u_long cmd break; case DIOCSKERNELDUMP: if (*(u_int *)data == 0) - error = g_dev_setdumpdev(NULL); + error = g_dev_setdumpdev(NULL, td); else - error = g_dev_setdumpdev(dev); + error = g_dev_setdumpdev(dev, td); break; case DIOCGFLUSH: error = g_io_flush(cp); @@ -673,7 +673,7 @@ g_dev_orphan(struct g_consumer *cp) /* Reset any dump-area set on this device */ if (dev-si_flags SI_DUMPDEV) - (void)set_dumper(NULL, NULL); + (void)set_dumper(NULL, NULL, curthread); /* Destroy the struct cdev *so we get no more requests */ destroy_dev_sched_cb(dev, g_dev_callback, cp); Modified: head/sys/kern/kern_shutdown.c == --- head/sys/kern/kern_shutdown.c Tue Nov 11 04:07:41 2014 (r274365) +++ head/sys/kern/kern_shutdown.c Tue Nov 11 04:48:09 2014 (r274366) @@ -827,9 +827,14 @@ SYSCTL_STRING(_kern_shutdown, OID_AUTO, /* Registration of dumpers */ int -set_dumper(struct dumperinfo *di, const char *devname) +set_dumper(struct dumperinfo *di, const char *devname, struct thread *td) { size_t wantcopy; + int error; + + error = priv_check(td, PRIV_SETDUMPER); + if (error != 0) + return (error); if (di == NULL) { bzero(dumper, sizeof dumper); Modified: head/sys/sys/conf.h == --- head/sys/sys/conf.h Tue Nov 11 04:07:41 2014(r274365) +++ head/sys/sys/conf.h Tue Nov 11 04:48:09 2014(r274366) @@ -336,7 +336,7 @@ struct dumperinfo { off_t mediasize; /* Space available in bytes. */
svn commit: r272843 - head/lib/libnv
Author: pjd Date: Thu Oct 9 20:55:05 2014 New Revision: 272843 URL: https://svnweb.freebsd.org/changeset/base/272843 Log: Fix problem on big endian systems introduced in r271579 - when we were returning from handling a nested nvlist we were resetting big-endian flag. Reported by: Kuleshov Aleksey @ yandex.ru Tested by:Kuleshov Aleksey @ yandex.ru Modified: head/lib/libnv/nvlist.c head/lib/libnv/nvlist_impl.h head/lib/libnv/nvpair.c head/lib/libnv/nvpair_impl.h Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Thu Oct 9 20:39:18 2014(r272842) +++ head/lib/libnv/nvlist.c Thu Oct 9 20:55:05 2014(r272843) @@ -698,7 +698,7 @@ nvlist_check_header(struct nvlist_header const unsigned char * nvlist_unpack_header(nvlist_t *nvl, const unsigned char *ptr, size_t nfds, -int *flagsp, size_t *leftp) +bool *isbep, size_t *leftp) { struct nvlist_header nvlhdr; @@ -725,7 +725,8 @@ nvlist_unpack_header(nvlist_t *nvl, cons nvl-nvl_flags = (nvlhdr.nvlh_flags NV_FLAG_PUBLIC_MASK); ptr += sizeof(nvlhdr); - *flagsp = (int)nvlhdr.nvlh_flags; + if (isbep != NULL) + *isbep = (((int)nvlhdr.nvlh_flags NV_FLAG_BIG_ENDIAN) != 0); *leftp -= sizeof(nvlhdr); return (ptr); @@ -741,7 +742,7 @@ nvlist_xunpack(const void *buf, size_t s nvlist_t *nvl, *retnvl, *tmpnvl; nvpair_t *nvp; size_t left; - int flags; + bool isbe; left = size; ptr = buf; @@ -751,44 +752,43 @@ nvlist_xunpack(const void *buf, size_t s if (nvl == NULL) goto failed; - ptr = nvlist_unpack_header(nvl, ptr, nfds, flags, left); + ptr = nvlist_unpack_header(nvl, ptr, nfds, isbe, left); if (ptr == NULL) goto failed; while (left 0) { - ptr = nvpair_unpack(flags, ptr, left, nvp); + ptr = nvpair_unpack(isbe, ptr, left, nvp); if (ptr == NULL) goto failed; switch (nvpair_type(nvp)) { case NV_TYPE_NULL: - ptr = nvpair_unpack_null(flags, nvp, ptr, left); + ptr = nvpair_unpack_null(isbe, nvp, ptr, left); break; case NV_TYPE_BOOL: - ptr = nvpair_unpack_bool(flags, nvp, ptr, left); + ptr = nvpair_unpack_bool(isbe, nvp, ptr, left); break; case NV_TYPE_NUMBER: - ptr = nvpair_unpack_number(flags, nvp, ptr, left); + ptr = nvpair_unpack_number(isbe, nvp, ptr, left); break; case NV_TYPE_STRING: - ptr = nvpair_unpack_string(flags, nvp, ptr, left); + ptr = nvpair_unpack_string(isbe, nvp, ptr, left); break; case NV_TYPE_NVLIST: - ptr = nvpair_unpack_nvlist(flags, nvp, ptr, left, - nfds, tmpnvl); + ptr = nvpair_unpack_nvlist(isbe, nvp, ptr, left, nfds, + tmpnvl); nvlist_set_parent(tmpnvl, nvp); break; case NV_TYPE_DESCRIPTOR: - ptr = nvpair_unpack_descriptor(flags, nvp, ptr, left, + ptr = nvpair_unpack_descriptor(isbe, nvp, ptr, left, fds, nfds); break; case NV_TYPE_BINARY: - ptr = nvpair_unpack_binary(flags, nvp, ptr, left); + ptr = nvpair_unpack_binary(isbe, nvp, ptr, left); break; case NV_TYPE_NVLIST_UP: if (nvl-nvl_parent == NULL) goto failed; nvl = nvpair_nvlist(nvl-nvl_parent); - flags = nvl-nvl_flags; continue; default: PJDLOG_ABORT(Invalid type (%d)., nvpair_type(nvp)); Modified: head/lib/libnv/nvlist_impl.h == --- head/lib/libnv/nvlist_impl.hThu Oct 9 20:39:18 2014 (r272842) +++ head/lib/libnv/nvlist_impl.hThu Oct 9 20:55:05 2014 (r272843) @@ -42,6 +42,6 @@ nvlist_t *nvlist_xunpack(const void *buf nvpair_t *nvlist_get_nvpair_parent(const nvlist_t *nvl); const unsigned char *nvlist_unpack_header(nvlist_t *nvl, -const unsigned char *ptr, size_t nfds, int *flagsp, size_t *leftp); +const unsigned char *ptr, size_t nfds, bool *isbep, size_t *leftp); #endif /* !_NVLIST_IMPL_H_ */ Modified: head/lib/libnv/nvpair.c
svn commit: r272297 - head/sys/geom
Author: pjd Date: Tue Sep 30 11:51:32 2014 New Revision: 272297 URL: http://svnweb.freebsd.org/changeset/base/272297 Log: Style fixes. Modified: head/sys/geom/geom_dev.c Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cTue Sep 30 07:28:31 2014(r272296) +++ head/sys/geom/geom_dev.cTue Sep 30 11:51:32 2014(r272297) @@ -281,7 +281,7 @@ g_dev_open(struct cdev *dev, int flags, cp = dev-si_drv2; if (cp == NULL) - return(ENXIO); /* g_dev_taste() not done yet */ + return (ENXIO); /* g_dev_taste() not done yet */ g_trace(G_T_ACCESS, g_dev_open(%s, %d, %d, %p), cp-geom-name, flags, fmt, td); @@ -312,7 +312,7 @@ g_dev_open(struct cdev *dev, int flags, sc-sc_open += r + w + e; mtx_unlock(sc-sc_mtx); } - return(error); + return (error); } static int @@ -324,10 +324,10 @@ g_dev_close(struct cdev *dev, int flags, cp = dev-si_drv2; if (cp == NULL) - return(ENXIO); + return (ENXIO); g_trace(G_T_ACCESS, g_dev_close(%s, %d, %d, %p), cp-geom-name, flags, fmt, td); - + r = flags FREAD ? -1 : 0; w = flags FWRITE ? -1 : 0; #ifdef notyet @@ -361,7 +361,6 @@ g_dev_ioctl(struct cdev *dev, u_long cmd struct g_kerneldump kd; off_t offset, length, chunk; int i, error; - u_int u; cp = dev-si_drv2; pp = cp-provider; @@ -396,8 +395,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd error = g_io_getattr(GEOM::frontstuff, cp, i, data); break; case DIOCSKERNELDUMP: - u = *((u_int *)data); - if (!u) { + if (*(u_int *)data != 0) { set_dumper(NULL, NULL); error = 0; break; @@ -406,9 +404,9 @@ g_dev_ioctl(struct cdev *dev, u_long cmd kd.length = OFF_MAX; i = sizeof kd; error = g_io_getattr(GEOM::kerneldump, cp, i, kd); - if (!error) { + if (error == 0) { error = set_dumper(kd.di, devtoname(dev)); - if (!error) + if (error == 0) dev-si_flags |= SI_DUMPDEV; } break; @@ -425,7 +423,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd error = EINVAL; break; } - while (length 0) { + while (length 0) { chunk = length; if (g_dev_del_max_sectors != 0 chunk g_dev_del_max_sectors * cp-provider-sectorsize) { ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r272298 - head/sys/geom
Author: pjd Date: Tue Sep 30 12:00:50 2014 New Revision: 272298 URL: http://svnweb.freebsd.org/changeset/base/272298 Log: Be prepared that set_dumper() might fail even when resetting it or prefix the call with (void) to document that we intentionally ignore the return value - no way to handle an error in case of device disappearing. Modified: head/sys/geom/geom_dev.c Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cTue Sep 30 11:51:32 2014(r272297) +++ head/sys/geom/geom_dev.cTue Sep 30 12:00:50 2014(r272298) @@ -396,8 +396,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd break; case DIOCSKERNELDUMP: if (*(u_int *)data != 0) { - set_dumper(NULL, NULL); - error = 0; + error = set_dumper(NULL, NULL); break; } kd.offset = 0; @@ -616,7 +615,7 @@ g_dev_orphan(struct g_consumer *cp) /* Reset any dump-area set on this device */ if (dev-si_flags SI_DUMPDEV) - set_dumper(NULL, NULL); + (void)set_dumper(NULL, NULL); /* Destroy the struct cdev *so we get no more requests */ destroy_dev_sched_cb(dev, g_dev_callback, cp); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r271241 - head/lib/libnv
On Sun, Sep 07, 2014 at 10:56:57PM +, Garrett Cooper wrote: Author: ngie Date: Sun Sep 7 22:56:57 2014 New Revision: 271241 URL: http://svnweb.freebsd.org/changeset/base/271241 Log: Include src.opts.mk after SHLIBDIR has been defined so libnv is installed to /lib , not /usr/lib Don't forget to add /usr/lib/libnv* to ObsoleteFiles.inc. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r272102 - head/lib/libnv
Author: pjd Date: Thu Sep 25 10:59:01 2014 New Revision: 272102 URL: http://svnweb.freebsd.org/changeset/base/272102 Log: Document the new nvlist_get_parent() function. Submitted by: Mariusz Zaborski Modified: head/lib/libnv/nv.3 Modified: head/lib/libnv/nv.3 == --- head/lib/libnv/nv.3 Thu Sep 25 09:12:11 2014(r272101) +++ head/lib/libnv/nv.3 Thu Sep 25 10:59:01 2014(r272102) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd March 21, 2014 +.Dd September 25, 2014 .Dt NV 3 .Os .Sh NAME @@ -150,6 +150,8 @@ .Fn nvlist_get_descriptor const nvlist_t *nvl const char *name .Ft const void * .Fn nvlist_get_binary const nvlist_t *nvl const char *name size_t *sizep +.Ft const nvlist_t * +.Fn nvlist_get_parent const nvlist_t *nvl .\ .Ft bool .Fn nvlist_take_bool nvlist_t *nvl const char *name @@ -437,6 +439,10 @@ extension, which allows to provide defau The nvlist must not be in error state. .Pp The +.Fn nvlist_get_parent +function allows to obtain the parent nvlist from the nested nvlist. +.Pp +The .Fn nvlist_take_bool , .Fn nvlist_take_number , .Fn nvlist_take_string , ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271847 - head/lib/libnv
Author: pjd Date: Thu Sep 18 22:34:52 2014 New Revision: 271847 URL: http://svnweb.freebsd.org/changeset/base/271847 Log: Don't use nvl in case of a failure. Reported by: Coverity CID: 1238922 Modified: head/lib/libnv/nvpair.c Modified: head/lib/libnv/nvpair.c == --- head/lib/libnv/nvpair.c Thu Sep 18 22:27:02 2014(r271846) +++ head/lib/libnv/nvpair.c Thu Sep 18 22:34:52 2014(r271847) @@ -963,7 +963,8 @@ nvpair_createv_nvlist(const nvlist_t *va namefmt, nameap); if (nvp == NULL) nvlist_destroy(nvl); - nvlist_set_parent(nvl, nvp); + else + nvlist_set_parent(nvl, nvp); return (nvp); } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271577 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Sun Sep 14 09:26:33 2014 New Revision: 271577 URL: http://svnweb.freebsd.org/changeset/base/271577 Log: Fix descriptors leak. PR: bin/191002 Reported by: Ryan Steinmetz Submitted by: mjg Modified: head/contrib/openbsm/bin/auditdistd/subr.c Modified: head/contrib/openbsm/bin/auditdistd/subr.c == --- head/contrib/openbsm/bin/auditdistd/subr.c Sun Sep 14 09:20:01 2014 (r271576) +++ head/contrib/openbsm/bin/auditdistd/subr.c Sun Sep 14 09:26:33 2014 (r271577) @@ -228,6 +228,11 @@ wait_for_file_init(int fd) PJDLOG_ASSERT(fd != -1); #ifdef HAVE_KQUEUE + if (wait_for_file_kq != -1) { + close(wait_for_file_kq); + wait_for_file_kq = -1; + } + kq = kqueue(); if (kq == -1) { pjdlog_errno(LOG_WARNING, kqueue() failed); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271578 - head/lib/libnv
Author: pjd Date: Sun Sep 14 09:27:12 2014 New Revision: 271578 URL: http://svnweb.freebsd.org/changeset/base/271578 Log: Remove the limit on descriptors that can be send in one nvlist. Submitted by: Mariusz Zaborski Modified: head/lib/libnv/msgio.c Modified: head/lib/libnv/msgio.c == --- head/lib/libnv/msgio.c Sun Sep 14 09:26:33 2014(r271577) +++ head/lib/libnv/msgio.c Sun Sep 14 09:27:12 2014(r271578) @@ -31,7 +31,7 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/types.h +#include sys/param.h #include sys/socket.h #include errno.h @@ -56,6 +56,8 @@ __FBSDID($FreeBSD$); #definePJDLOG_ABORT(...) abort() #endif +#definePKG_MAX_SIZE(MCLBYTES / CMSG_SPACE(sizeof(int)) - 1) + static int msghdr_add_fd(struct cmsghdr *cmsg, int fd) { @@ -234,22 +236,31 @@ cred_recv(int sock, struct cmsgcred *cre return (0); } -int -fd_send(int sock, const int *fds, size_t nfds) +static int +fd_package_send(int sock, const int *fds, size_t nfds) { struct msghdr msg; struct cmsghdr *cmsg; + struct iovec iov; unsigned int i; int serrno, ret; + uint8_t dummy; - if (nfds == 0 || fds == NULL) { - errno = EINVAL; - return (-1); - } + PJDLOG_ASSERT(sock = 0); + PJDLOG_ASSERT(fds != NULL); + PJDLOG_ASSERT(nfds 0); bzero(msg, sizeof(msg)); - msg.msg_iov = NULL; - msg.msg_iovlen = 0; + + /* +* XXX: Look into cred_send function for more details. +*/ + dummy = 0; + iov.iov_base = dummy; + iov.iov_len = sizeof(dummy); + + msg.msg_iov = iov; + msg.msg_iovlen = 1; msg.msg_controllen = nfds * CMSG_SPACE(sizeof(int)); msg.msg_control = calloc(1, msg.msg_controllen); if (msg.msg_control == NULL) @@ -274,22 +285,32 @@ end: return (ret); } -int -fd_recv(int sock, int *fds, size_t nfds) +static int +fd_package_recv(int sock, int *fds, size_t nfds) { struct msghdr msg; struct cmsghdr *cmsg; unsigned int i; int serrno, ret; + struct iovec iov; + uint8_t dummy; - if (nfds == 0 || fds == NULL) { - errno = EINVAL; - return (-1); - } + PJDLOG_ASSERT(sock = 0); + PJDLOG_ASSERT(nfds 0); + PJDLOG_ASSERT(fds != NULL); + i = 0; bzero(msg, sizeof(msg)); - msg.msg_iov = NULL; - msg.msg_iovlen = 0; + bzero(iov, sizeof(iov)); + + /* +* XXX: Look into cred_send function for more details. +*/ + iov.iov_base = dummy; + iov.iov_len = sizeof(dummy); + + msg.msg_iov = iov; + msg.msg_iovlen = 1; msg.msg_controllen = nfds * CMSG_SPACE(sizeof(int)); msg.msg_control = calloc(1, msg.msg_controllen); if (msg.msg_control == NULL) @@ -333,6 +354,64 @@ end: } int +fd_recv(int sock, int *fds, size_t nfds) +{ + unsigned int i, step, j; + int ret, serrno; + + if (nfds == 0 || fds == NULL) { + errno = EINVAL; + return (-1); + } + + ret = i = step = 0; + while (i nfds) { + if (PKG_MAX_SIZE nfds - i) + step = PKG_MAX_SIZE; + else + step = nfds - i; + ret = fd_package_recv(sock, fds + i, step); + if (ret != 0) { + /* Close all received descriptors. */ + serrno = errno; + for (j = 0; j i; j++) + close(fds[j]); + errno = serrno; + break; + } + i += step; + } + + return (ret); +} + +int +fd_send(int sock, const int *fds, size_t nfds) +{ + unsigned int i, step; + int ret; + + if (nfds == 0 || fds == NULL) { + errno = EINVAL; + return (-1); + } + + ret = i = step = 0; + while (i nfds) { + if (PKG_MAX_SIZE nfds - i) + step = PKG_MAX_SIZE; + else + step = nfds - i; + ret = fd_package_send(sock, fds + i, step); + if (ret != 0) + break; + i += step; + } + + return (ret); +} + +int buf_send(int sock, void *buf, size_t size) { ssize_t done; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271579 - head/lib/libnv
Author: pjd Date: Sun Sep 14 09:30:09 2014 New Revision: 271579 URL: http://svnweb.freebsd.org/changeset/base/271579 Log: Use non-recursive algorithm for traversing nvlists. This also removes the limit on number of nested nvlists. Submitted by: Mariusz Zaborski Modified: head/lib/libnv/nv.h head/lib/libnv/nv_impl.h head/lib/libnv/nvlist.c head/lib/libnv/nvlist_impl.h head/lib/libnv/nvpair.c head/lib/libnv/nvpair_impl.h Modified: head/lib/libnv/nv.h == --- head/lib/libnv/nv.h Sun Sep 14 09:27:12 2014(r271578) +++ head/lib/libnv/nv.h Sun Sep 14 09:30:09 2014(r271579) @@ -83,6 +83,8 @@ nvlist_t *nvlist_xfer(int sock, nvlist_t const char *nvlist_next(const nvlist_t *nvl, int *typep, void **cookiep); +const nvlist_t *nvlist_get_parent(const nvlist_t *nvl); + /* * The nvlist_exists functions check if the given name (optionally of the given * type) exists on nvlist. Modified: head/lib/libnv/nv_impl.h == --- head/lib/libnv/nv_impl.hSun Sep 14 09:27:12 2014(r271578) +++ head/lib/libnv/nv_impl.hSun Sep 14 09:30:09 2014(r271579) @@ -39,6 +39,8 @@ struct nvpair; typedef struct nvpair nvpair_t; #endif +#defineNV_TYPE_NVLIST_UP 255 + #defineNV_TYPE_FIRST NV_TYPE_NULL #defineNV_TYPE_LASTNV_TYPE_BINARY @@ -55,6 +57,8 @@ void nvlist_add_nvpair(nvlist_t *nvl, co void nvlist_move_nvpair(nvlist_t *nvl, nvpair_t *nvp); +void nvlist_set_parent(nvlist_t *nvl, nvpair_t *parent); + const nvpair_t *nvlist_get_nvpair(const nvlist_t *nvl, const char *name); nvpair_t *nvlist_take_nvpair(nvlist_t *nvl, const char *name); Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Sun Sep 14 09:27:12 2014(r271578) +++ head/lib/libnv/nvlist.c Sun Sep 14 09:30:09 2014(r271579) @@ -73,10 +73,11 @@ __FBSDID($FreeBSD$); #defineNVLIST_MAGIC0x6e766c/* nvl */ struct nvlist { - int nvl_magic; - int nvl_error; - int nvl_flags; - struct nvl_head nvl_head; + int nvl_magic; + int nvl_error; + int nvl_flags; + nvpair_t*nvl_parent; + struct nvl_head nvl_head; }; #defineNVLIST_ASSERT(nvl) do { \ @@ -106,6 +107,7 @@ nvlist_create(int flags) nvl = malloc(sizeof(*nvl)); nvl-nvl_error = 0; nvl-nvl_flags = flags; + nvl-nvl_parent = NULL; TAILQ_INIT(nvl-nvl_head); nvl-nvl_magic = NVLIST_MAGIC; @@ -147,6 +149,36 @@ nvlist_error(const nvlist_t *nvl) return (nvl-nvl_error); } +nvpair_t * +nvlist_get_nvpair_parent(const nvlist_t *nvl) +{ + + NVLIST_ASSERT(nvl); + + return (nvl-nvl_parent); +} + +const nvlist_t * +nvlist_get_parent(const nvlist_t *nvl) +{ + + NVLIST_ASSERT(nvl); + + if (nvl-nvl_parent == NULL) + return (NULL); + + return (nvpair_nvlist(nvl-nvl_parent)); +} + +void +nvlist_set_parent(nvlist_t *nvl, nvpair_t *parent) +{ + + NVLIST_ASSERT(nvl); + + nvl-nvl_parent = parent; +} + bool nvlist_empty(const nvlist_t *nvl) { @@ -301,24 +333,34 @@ nvlist_clone(const nvlist_t *nvl) return (newnvl); } +static bool +nvlist_dump_error_check(const nvlist_t *nvl, int fd, int level) +{ + + if (nvlist_error(nvl) != 0) { + dprintf(fd, %*serror: %d\n, level * 4, , + nvlist_error(nvl)); + return (true); + } + + return (false); +} + /* * Dump content of nvlist. */ -static void -nvlist_xdump(const nvlist_t *nvl, int fd, int level) +void +nvlist_dump(const nvlist_t *nvl, int fd) { nvpair_t *nvp; + int level; - PJDLOG_ASSERT(level 3); - - if (nvlist_error(nvl) != 0) { - dprintf(fd, %*serror: %d\n, level * 4, , - nvlist_error(nvl)); + level = 0; + if (nvlist_dump_error_check(nvl, fd, level)) return; - } - for (nvp = nvlist_first_nvpair(nvl); nvp != NULL; - nvp = nvlist_next_nvpair(nvl, nvp)) { + nvp = nvlist_first_nvpair(nvl); + while (nvp != NULL) { dprintf(fd, %*s%s (%s):, level * 4, , nvpair_name(nvp), nvpair_type_string(nvpair_type(nvp))); switch (nvpair_type(nvp)) { @@ -340,8 +382,14 @@ nvlist_xdump(const nvlist_t *nvl, int fd break; case NV_TYPE_NVLIST: dprintf(fd, \n); - nvlist_xdump(nvpair_get_nvlist(nvp), fd, level + 1); - break; + nvl =
svn commit: r271026 - head/lib/libnv
Author: pjd Date: Wed Sep 3 14:44:23 2014 New Revision: 271026 URL: http://svnweb.freebsd.org/changeset/base/271026 Log: Fix descriptors leak in case of nvlist_xunpack() failure. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Wed Sep 3 14:16:50 2014(r271025) +++ head/lib/libnv/nvlist.c Wed Sep 3 14:44:23 2014(r271026) @@ -760,8 +760,11 @@ nvlist_recv(int sock) } nvl = nvlist_xunpack(buf, size, fds, nfds); - if (nvl == NULL) + if (nvl == NULL) { + for (i = 0; i nfds; i++) + close(fds[i]); goto out; + } ret = nvl; out: ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271028 - head/lib/libnv
Author: pjd Date: Wed Sep 3 15:08:33 2014 New Revision: 271028 URL: http://svnweb.freebsd.org/changeset/base/271028 Log: Use better type for i. Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Wed Sep 3 15:06:47 2014(r271027) +++ head/lib/libnv/nvlist.c Wed Sep 3 15:08:33 2014(r271028) @@ -727,8 +727,8 @@ nvlist_recv(int sock) struct nvlist_header nvlhdr; nvlist_t *nvl, *ret; unsigned char *buf; - size_t nfds, size; - int serrno, i, *fds; + size_t nfds, size, i; + int serrno, *fds; if (buf_recv(sock, nvlhdr, sizeof(nvlhdr)) == -1) return (NULL); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271027 - head/lib/libnv
Author: pjd Date: Wed Sep 3 15:06:47 2014 New Revision: 271027 URL: http://svnweb.freebsd.org/changeset/base/271027 Log: Declare i. Reported by: sbruno Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Wed Sep 3 14:44:23 2014(r271026) +++ head/lib/libnv/nvlist.c Wed Sep 3 15:06:47 2014(r271027) @@ -728,7 +728,7 @@ nvlist_recv(int sock) nvlist_t *nvl, *ret; unsigned char *buf; size_t nfds, size; - int serrno, *fds; + int serrno, i, *fds; if (buf_recv(sock, nvlhdr, sizeof(nvlhdr)) == -1) return (NULL); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r267914 - in head: sbin/dhclient sys/kern
Author: pjd Date: Thu Jun 26 13:57:44 2014 New Revision: 267914 URL: http://svnweb.freebsd.org/changeset/base/267914 Log: Remove duplicated includes. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/sbin/dhclient/bpf.c head/sbin/dhclient/dhclient.c head/sys/kern/kern_exec.c head/sys/kern/subr_capability.c Modified: head/sbin/dhclient/bpf.c == --- head/sbin/dhclient/bpf.cThu Jun 26 13:02:21 2014(r267913) +++ head/sbin/dhclient/bpf.cThu Jun 26 13:57:44 2014(r267914) @@ -43,8 +43,6 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/capsicum.h - #include dhcpd.h #include privsep.h #include sys/capsicum.h Modified: head/sbin/dhclient/dhclient.c == --- head/sbin/dhclient/dhclient.c Thu Jun 26 13:02:21 2014 (r267913) +++ head/sbin/dhclient/dhclient.c Thu Jun 26 13:57:44 2014 (r267914) @@ -56,8 +56,6 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/capsicum.h - #include dhcpd.h #include privsep.h Modified: head/sys/kern/kern_exec.c == --- head/sys/kern/kern_exec.c Thu Jun 26 13:02:21 2014(r267913) +++ head/sys/kern/kern_exec.c Thu Jun 26 13:57:44 2014(r267914) @@ -35,7 +35,6 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/capsicum.h #include sys/systm.h -#include sys/capsicum.h #include sys/eventhandler.h #include sys/lock.h #include sys/mutex.h Modified: head/sys/kern/subr_capability.c == --- head/sys/kern/subr_capability.c Thu Jun 26 13:02:21 2014 (r267913) +++ head/sys/kern/subr_capability.c Thu Jun 26 13:57:44 2014 (r267914) @@ -34,16 +34,14 @@ __FBSDID($FreeBSD$); * Note that this file is compiled into the kernel and into libc. */ -#ifdef _KERNEL #include sys/types.h #include sys/capsicum.h + +#ifdef _KERNEL #include sys/systm.h #include machine/stdarg.h #else /* !_KERNEL */ -#include sys/types.h -#include sys/capsicum.h - #include assert.h #include stdarg.h #include stdbool.h ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r267159 - head/sbin/geom/class/stripe
Author: pjd Date: Fri Jun 6 13:00:53 2014 New Revision: 267159 URL: http://svnweb.freebsd.org/changeset/base/267159 Log: The 'create' subcommand doesn't have '-h' option. Modified: head/sbin/geom/class/stripe/geom_stripe.c Modified: head/sbin/geom/class/stripe/geom_stripe.c == --- head/sbin/geom/class/stripe/geom_stripe.c Fri Jun 6 12:52:44 2014 (r267158) +++ head/sbin/geom/class/stripe/geom_stripe.c Fri Jun 6 13:00:53 2014 (r267159) @@ -62,7 +62,7 @@ struct g_command class_commands[] = { { 's', stripesize, GSTRIPE_STRIPESIZE, G_TYPE_NUMBER }, G_OPT_SENTINEL }, - [-hv] [-s stripesize] name prov prov ... + [-v] [-s stripesize] name prov prov ... }, { destroy, G_FLAG_VERBOSE, NULL, { ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r265145 - head/lib/libcapsicum
Author: pjd Date: Wed Apr 30 09:58:28 2014 New Revision: 265145 URL: http://svnweb.freebsd.org/changeset/base/265145 Log: Don't forget to remember previous element at the end of the loop. Reported by: brueffer Found with: Coverity Prevent(tm) CID: 1135301 Modified: head/lib/libcapsicum/libcapsicum_dns.c Modified: head/lib/libcapsicum/libcapsicum_dns.c == --- head/lib/libcapsicum/libcapsicum_dns.c Wed Apr 30 09:57:38 2014 (r265144) +++ head/lib/libcapsicum/libcapsicum_dns.c Wed Apr 30 09:58:28 2014 (r265145) @@ -247,6 +247,7 @@ cap_getaddrinfo(cap_channel_t *chan, con prevai-ai_next = curai; else if (firstai == NULL) firstai = curai; + prevai = curai; } nvlist_destroy(nvl); if (curai == NULL nvlai != NULL) { ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r264236 - head/sys/bsm
Author: pjd Date: Mon Apr 7 20:44:00 2014 New Revision: 264236 URL: http://svnweb.freebsd.org/changeset/base/264236 Log: IFp4 @1192291: - Don't include sys/caprights.h, leverage the fact that cap_rights_t is also defined in sys/types.h. - Include sys/types.h directly. - For systems that do not have cap_rights_t, define it, so we can use it in au_to_rights() prototype. Discussed with: rwatson Modified: head/sys/bsm/audit_record.h Modified: head/sys/bsm/audit_record.h == --- head/sys/bsm/audit_record.h Mon Apr 7 19:32:56 2014(r264235) +++ head/sys/bsm/audit_record.h Mon Apr 7 20:44:00 2014(r264236) @@ -33,8 +33,8 @@ #ifndef _BSM_AUDIT_RECORD_H_ #define _BSM_AUDIT_RECORD_H_ +#include sys/types.h #include sys/time.h /* struct timeval */ -#include sys/caprights.h /* cap_rights_t */ /* * Token type identifiers. @@ -191,6 +191,13 @@ struct sockaddr_un; struct vnode_au_info; #endif +#ifndef_CAP_RIGHTS_T_DECLARED +#define_CAP_RIGHTS_T_DECLARED +struct cap_rights; + +typedefstruct cap_rights cap_rights_t; +#endif + int au_open(void); int au_write(int d, token_t *m); int au_close(int d, int keep, short event); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r262405 - head/usr.bin/kdump
Author: pjd Date: Sun Feb 23 22:13:16 2014 New Revision: 262405 URL: http://svnweb.freebsd.org/changeset/base/262405 Log: Capability rights are held by descriptors, not processes. Reported by: jonathan Modified: head/usr.bin/kdump/kdump.c Modified: head/usr.bin/kdump/kdump.c == --- head/usr.bin/kdump/kdump.c Sun Feb 23 22:12:25 2014(r262404) +++ head/usr.bin/kdump/kdump.c Sun Feb 23 22:13:16 2014(r262405) @@ -1877,7 +1877,7 @@ ktrcapfail(struct ktr_cap_fail *ktr) /* operation on fd with insufficient capabilities */ printf(operation requires ); capname(ktr-cap_needed); - printf(, process holds ); + printf(, descriptor holds ); capname(ktr-cap_held); break; case CAPFAIL_INCREASE: ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261742 - head/gnu/usr.bin/groff/tmac
Author: pjd Date: Tue Feb 11 09:17:17 2014 New Revision: 261742 URL: http://svnweb.freebsd.org/changeset/base/261742 Log: Add missing libraries here as well, so a warning is not printed when one tries to view their manual pages. Reported by: rwatson Explained by: pluknet Modified: head/gnu/usr.bin/groff/tmac/mdoc.local Modified: head/gnu/usr.bin/groff/tmac/mdoc.local == --- head/gnu/usr.bin/groff/tmac/mdoc.local Tue Feb 11 08:20:45 2014 (r261741) +++ head/gnu/usr.bin/groff/tmac/mdoc.local Tue Feb 11 09:17:17 2014 (r261742) @@ -34,11 +34,13 @@ .\ FreeBSD .Lb values .ds doc-str-Lb-libarchive Streaming Archive Library (libarchive, \-larchive) .ds doc-str-Lb-libbluetooth Bluetooth User Library (libbluetooth, \-lbluetooth) +.ds doc-str-Lb-libcapsicum Capsicum Library (libcapsicum, \-lcapsicum) .ds doc-str-Lb-libedit Line Editor and History Library (libedit, \-ledit) .ds doc-str-Lb-libefi EFI Runtime Services Library (libefi, \-lefi) .ds doc-str-Lb-libelf ELF Parsing Library (libelf, \-lelf) .ds doc-str-Lb-libexecinfo Backtrace Access Library (libexecinfo, \-lexecinfo) .ds doc-str-Lb-libfetchFile Transfer Library (libfetch, \-lfetch) +.ds doc-str-Lb-libnv Name/value pairs library (libnv, \-lnv) .ds doc-str-Lb-libpmc Performance Monitoring Counters Interface Library (libpmc, \-lpmc) .ds doc-str-Lb-libproc Processor Monitoring and Analysis Library (libproc, \-lproc) .ds doc-str-Lb-libprocstat Process and Files Information Retrieval (libprocstat, \-lprocstat) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261692 - head/sbin/casperd
Author: pjd Date: Sun Feb 9 21:42:01 2014 New Revision: 261692 URL: http://svnweb.freebsd.org/changeset/base/261692 Log: If the main casperd process exits, zygote process should exit as well instead of spinning. Reported by: Mikhail m...@lenta.ru Modified: head/sbin/casperd/zygote.c Modified: head/sbin/casperd/zygote.c == --- head/sbin/casperd/zygote.c Sun Feb 9 21:27:32 2014(r261691) +++ head/sbin/casperd/zygote.c Sun Feb 9 21:42:01 2014(r261692) @@ -132,8 +132,13 @@ zygote_main(int sock) for (;;) { nvlin = nvlist_recv(sock); - if (nvlin == NULL) + if (nvlin == NULL) { + if (errno == ENOTCONN) { + /* Casperd exited. */ + exit(0); + } continue; + } func = (zygote_func_t *)(uintptr_t)nvlist_get_number(nvlin, func); flags = (int)nvlist_get_number(nvlin, flags); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261693 - head/lib/libcasper
Author: pjd Date: Sun Feb 9 21:47:46 2014 New Revision: 261693 URL: http://svnweb.freebsd.org/changeset/base/261693 Log: Fix descriptor leak. Modified: head/lib/libcasper/libcasper.c Modified: head/lib/libcasper/libcasper.c == --- head/lib/libcasper/libcasper.c Sun Feb 9 21:42:01 2014 (r261692) +++ head/lib/libcasper/libcasper.c Sun Feb 9 21:47:46 2014 (r261693) @@ -344,7 +344,7 @@ service_message(struct service *service, if (sock == -1) { error = errno; } else { - nvlist_add_descriptor(nvlout, sock, sock); + nvlist_move_descriptor(nvlout, sock, sock); error = 0; } } else { ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261612 - head/share/man/man4
Author: pjd Date: Fri Feb 7 22:15:48 2014 New Revision: 261612 URL: http://svnweb.freebsd.org/changeset/base/261612 Log: Add cross-references to casperd(8) and libcapsicum(3). Suggested by: rwatson Modified: head/share/man/man4/capsicum.4 Modified: head/share/man/man4/capsicum.4 == --- head/share/man/man4/capsicum.4 Fri Feb 7 22:04:56 2014 (r261611) +++ head/share/man/man4/capsicum.4 Fri Feb 7 22:15:48 2014 (r261612) @@ -104,7 +104,9 @@ associated with file descriptors; descri .Xr shm_open 2 , .Xr write 2 , .Xr cap_rights_get 3 , -.Xr procdesc 4 +.Xr libcapsicum 3 , +.Xr procdesc 4 , +.Xr casperd 8 .Sh HISTORY .Nm first appeared in ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261498 - head/sbin/ping
Author: pjd Date: Tue Feb 4 21:43:53 2014 New Revision: 261498 URL: http://svnweb.freebsd.org/changeset/base/261498 Log: Protect ping(8) using Capsicum and Casper. This is protection against malicious network packets that we parse and not against local users trying to gain root access through ping's set-uid bit - this is handled by dropping privileges very early in ping. Submitted by: Mikhail m...@lenta.ru Modified: head/sbin/ping/Makefile head/sbin/ping/ping.c Modified: head/sbin/ping/Makefile == --- head/sbin/ping/Makefile Tue Feb 4 21:23:12 2014(r261497) +++ head/sbin/ping/Makefile Tue Feb 4 21:43:53 2014(r261498) @@ -1,6 +1,8 @@ # @(#)Makefile8.1 (Berkeley) 6/5/93 # $FreeBSD$ +.include bsd.own.mk + PROG= ping MAN= ping.8 BINOWN=root @@ -9,6 +11,12 @@ WARNS?= 2 DPADD= ${LIBM} LDADD= -lm +.if ${MK_CASPER} != no !defined(RESCUE) +DPADD+=${LIBCAPSICUM} +LDADD+=-lcapsicum +CFLAGS+=-DHAVE_LIBCAPSICUM +.endif + .if !defined(RELEASE_CRUNCH) CFLAGS+=-DIPSEC DPADD+=${LIBIPSEC} Modified: head/sbin/ping/ping.c == --- head/sbin/ping/ping.c Tue Feb 4 21:23:12 2014(r261497) +++ head/sbin/ping/ping.c Tue Feb 4 21:43:53 2014(r261498) @@ -63,6 +63,7 @@ __FBSDID($FreeBSD$); */ #include sys/param.h /* NB: we rely on this for sys/types.h */ +#include sys/capability.h #include sys/socket.h #include sys/sysctl.h #include sys/time.h @@ -74,6 +75,11 @@ __FBSDID($FreeBSD$); #include netinet/ip_icmp.h #include netinet/ip_var.h #include arpa/inet.h +#ifdef HAVE_LIBCAPSICUM +#include libcapsicum.h +#include libcapsicum_dns.h +#include libcapsicum_service.h +#endif #ifdef IPSEC #include netipsec/ipsec.h @@ -157,7 +163,8 @@ char rcvd_tbl[MAX_DUP_CHK / 8]; struct sockaddr_in whereto;/* who to ping */ int datalen = DEFDATALEN; int maxpayload; -int s; /* socket file descriptor */ +int ssend; /* send socket file descriptor */ +int srecv; /* receive socket file descriptor */ u_char outpackhdr[IP_MAXPACKET], *outpack; char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */ char BSPACE = '\b';/* characters written for flood */ @@ -197,8 +204,15 @@ double tsumsq = 0.0; /* sum of all time volatile sig_atomic_t finish_up; /* nonzero if we've been told to finish up */ volatile sig_atomic_t siginfo_p; +#ifdef HAVE_LIBCAPSICUM +static cap_channel_t *capdns; +#endif + static void fill(char *, char *); static u_short in_cksum(u_short *, int); +#ifdef HAVE_LIBCAPSICUM +static cap_channel_t *capdns_setup(void); +#endif static void check_status(void); static void finish(void) __dead2; static void pinger(void); @@ -233,8 +247,8 @@ main(int argc, char *const *argv) struct sockaddr_in *to; double t; u_long alarmtimeout, ultmp; - int almost_done, ch, df, hold, i, icmp_len, mib[4], preload, sockerrno, - tos, ttl; + int almost_done, ch, df, hold, i, icmp_len, mib[4], preload; + int ssend_errno, srecv_errno, tos, ttl; char ctrl[CMSG_SPACE(sizeof(struct timeval))]; char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN]; #ifdef IP_OPTIONS @@ -246,14 +260,26 @@ main(int argc, char *const *argv) #ifdef IPSEC_POLICY_IPSEC policy_in = policy_out = NULL; #endif + cap_rights_t rights; + bool cansandbox; /* * Do the stuff that we need root priv's for *first*, and * then drop our setuid bit. Save error reporting for * after arg parsing. +* +* Historicaly ping was using one socket 's' for sending and for +* receiving. After capsicum(4) related changes we use two +* sockets. It was done for special ping use case - when user +* issue ping on multicast or broadcast address replies come +* from different addresses, not from the address we +* connect(2)'ed to, and send socket do not receive those +* packets. */ - s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); - sockerrno = errno; + ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); + ssend_errno = errno; + srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); + srecv_errno = errno; if (setuid(getuid()) != 0) err(EX_NOPERM, setuid() failed); @@ -527,13 +553,22 @@ main(int argc, char *const *argv) if (options F_PINGFILLED) { fill((char *)datap, payload); } +#ifdef HAVE_LIBCAPSICUM + capdns = capdns_setup(); +#endif if (source) { bzero((char *)sock_in, sizeof(sock_in)); sock_in.sin_family = AF_INET; if (inet_aton(source,
svn commit: r261499 - head/crypto/openssh
Author: pjd Date: Tue Feb 4 21:48:09 2014 New Revision: 261499 URL: http://svnweb.freebsd.org/changeset/base/261499 Log: Fix installations that use kernels without CAPABILITIES support. Approved by: des Modified: head/crypto/openssh/sandbox-capsicum.c Modified: head/crypto/openssh/sandbox-capsicum.c == --- head/crypto/openssh/sandbox-capsicum.c Tue Feb 4 21:43:53 2014 (r261498) +++ head/crypto/openssh/sandbox-capsicum.c Tue Feb 4 21:48:09 2014 (r261499) @@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *bo fatal(can't limit stderr: %m); cap_rights_init(rights, CAP_READ, CAP_WRITE); - if (cap_rights_limit(box-monitor-m_recvfd, rights) == -1) + if (cap_rights_limit(box-monitor-m_recvfd, rights) == -1 + errno != ENOSYS) fatal(%s: failed to limit the network socket, __func__); cap_rights_init(rights, CAP_WRITE); - if (cap_rights_limit(box-monitor-m_log_sendfd, rights) == -1) + if (cap_rights_limit(box-monitor-m_log_sendfd, rights) == -1 + errno != ENOSYS) fatal(%s: failed to limit the logging socket, __func__); if (cap_enter() 0 errno != ENOSYS) fatal(%s: failed to enter capability mode, __func__); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261407 - head/lib/libnv
Author: pjd Date: Sun Feb 2 19:03:52 2014 New Revision: 261407 URL: http://svnweb.freebsd.org/changeset/base/261407 Log: Fix sending empty nvlist. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/msgio.c Modified: head/lib/libnv/msgio.c == --- head/lib/libnv/msgio.c Sun Feb 2 17:48:06 2014(r261406) +++ head/lib/libnv/msgio.c Sun Feb 2 19:03:52 2014(r261407) @@ -364,7 +364,7 @@ buf_recv(int sock, void *buf, size_t siz unsigned char *ptr; ptr = buf; - do { + while (size 0) { fd_wait(sock, true); done = recv(sock, ptr, size, 0); if (done == -1) { @@ -377,7 +377,7 @@ buf_recv(int sock, void *buf, size_t siz } size -= done; ptr += done; - } while (size 0); + } return (0); } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r261408 - head/lib/libnv
Author: pjd Date: Sun Feb 2 19:06:00 2014 New Revision: 261408 URL: http://svnweb.freebsd.org/changeset/base/261408 Log: Assert input arguments to buf_send() and buf_recv(). Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/msgio.c Modified: head/lib/libnv/msgio.c == --- head/lib/libnv/msgio.c Sun Feb 2 19:03:52 2014(r261407) +++ head/lib/libnv/msgio.c Sun Feb 2 19:06:00 2014(r261408) @@ -338,6 +338,10 @@ buf_send(int sock, void *buf, size_t siz ssize_t done; unsigned char *ptr; + PJDLOG_ASSERT(sock = 0); + PJDLOG_ASSERT(size 0); + PJDLOG_ASSERT(buf != NULL); + ptr = buf; do { fd_wait(sock, false); @@ -363,6 +367,9 @@ buf_recv(int sock, void *buf, size_t siz ssize_t done; unsigned char *ptr; + PJDLOG_ASSERT(sock = 0); + PJDLOG_ASSERT(buf != NULL); + ptr = buf; while (size 0) { fd_wait(sock, true); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260471 - head/sbin/casperd
Author: pjd Date: Thu Jan 9 09:19:59 2014 New Revision: 260471 URL: http://svnweb.freebsd.org/changeset/base/260471 Log: Always create /var/run/casper with correct permissions and don't depend on the calling process' umask. Submitted by: Mikhail m...@lenta.ru Modified: head/sbin/casperd/casperd.c Modified: head/sbin/casperd/casperd.c == --- head/sbin/casperd/casperd.c Thu Jan 9 09:16:35 2014(r260470) +++ head/sbin/casperd/casperd.c Thu Jan 9 09:19:59 2014(r260471) @@ -541,6 +541,7 @@ main_loop(const char *sockpath, struct p struct casper_service *casserv; struct service_connection *sconn, *sconntmp; int lsock, sock, maxfd, ret; + mode_t oldumask; lsock = socket(AF_UNIX, SOCK_STREAM, 0); if (lsock == -1) @@ -554,8 +555,10 @@ main_loop(const char *sockpath, struct p sizeof(sun.sun_path)); sun.sun_len = SUN_LEN(sun); + oldumask = umask(S_IXUSR | S_IXGRP | S_IXOTH); if (bind(lsock, (struct sockaddr *)sun, sizeof(sun)) == -1) pjdlog_exit(1, Unable to bind to %s, sockpath); + (void)umask(oldumask); if (listen(lsock, 8) == -1) pjdlog_exit(1, Unable to listen on %s, sockpath); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260253 - head/tools/regression/capsicum/libcapsicum
Author: pjd Date: Sat Jan 4 09:25:27 2014 New Revision: 260253 URL: http://svnweb.freebsd.org/changeset/base/260253 Log: MFp4 @1189766: - Compile the tests with .t suffix, so prove can use them directly. - The CHECKX() macro should increment ntest just like the CHECK() macro. - For consistency remove # from the pwd.t output. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/tools/regression/capsicum/libcapsicum/Makefile head/tools/regression/capsicum/libcapsicum/dns.c head/tools/regression/capsicum/libcapsicum/grp.c head/tools/regression/capsicum/libcapsicum/pwd.c head/tools/regression/capsicum/libcapsicum/sysctl.c Modified: head/tools/regression/capsicum/libcapsicum/Makefile == --- head/tools/regression/capsicum/libcapsicum/Makefile Sat Jan 4 04:48:58 2014(r260252) +++ head/tools/regression/capsicum/libcapsicum/Makefile Sat Jan 4 09:25:27 2014(r260253) @@ -15,12 +15,14 @@ CFLAGS+=-Wold-style-definition -Wno-poi CFLAGS+= -I${.CURDIR}/../../../../lib/libcapsicum CFLAGS+= -ggdb -all: ${SERVICES} +SERVTEST= ${SERVICES:=.t} + +all: ${SERVTEST} .for SERVICE in ${SERVICES} -${SERVICE}:${SERVICE}.c - ${CC} ${CFLAGS} ${@}.c -o $@ -lcapsicum -lnv +${SERVICE}.t: ${SERVICE}.c + ${CC} ${CFLAGS} ${@:.t=.c} -o $@ -lcapsicum -lnv .endfor @@ -28,4 +30,4 @@ test: all @prove -r ${.CURDIR} clean: - rm -f ${SERVICES} + rm -f ${SERVTEST} Modified: head/tools/regression/capsicum/libcapsicum/dns.c == --- head/tools/regression/capsicum/libcapsicum/dns.cSat Jan 4 04:48:58 2014(r260252) +++ head/tools/regression/capsicum/libcapsicum/dns.cSat Jan 4 09:25:27 2014(r260253) @@ -64,6 +64,7 @@ static int ntest = 1; printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__); \ exit(1);\ } \ + ntest++;\ } while (0) #defineGETHOSTBYNAME 0x01 @@ -223,7 +224,7 @@ main(void) const char *types[2]; int families[2]; - printf(1..89\n); + printf(1..91\n); capcas = cap_init(); CHECKX(capcas != NULL); Modified: head/tools/regression/capsicum/libcapsicum/grp.c == --- head/tools/regression/capsicum/libcapsicum/grp.cSat Jan 4 04:48:58 2014(r260252) +++ head/tools/regression/capsicum/libcapsicum/grp.cSat Jan 4 09:25:27 2014(r260253) @@ -61,6 +61,7 @@ static int ntest = 1; printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__); \ exit(1);\ } \ + ntest++;\ } while (0) #defineGID_WHEEL 0 @@ -1522,7 +1523,7 @@ main(void) { cap_channel_t *capcas, *capgrp; - printf(1..197\n); + printf(1..199\n); capcas = cap_init(); CHECKX(capcas != NULL); Modified: head/tools/regression/capsicum/libcapsicum/pwd.c == --- head/tools/regression/capsicum/libcapsicum/pwd.cSat Jan 4 04:48:58 2014(r260252) +++ head/tools/regression/capsicum/libcapsicum/pwd.cSat Jan 4 09:25:27 2014(r260253) @@ -49,18 +49,19 @@ static int ntest = 1; #define CHECK(expr) do { \ if ((expr)) \ - printf(ok # %d %s:%u\n, ntest, __FILE__, __LINE__); \ + printf(ok %d %s:%u\n, ntest, __FILE__, __LINE__); \ else\ - printf(not ok # %d %s:%u\n, ntest, __FILE__, __LINE__);\ + printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__);\ ntest++;\ } while (0) #define CHECKX(expr) do { \ if ((expr)) { \ - printf(ok # %d %s:%u\n, ntest, __FILE__, __LINE__); \ + printf(ok %d %s:%u\n, ntest, __FILE__, __LINE__); \ } else {\ - printf(not ok # %d %s:%u\n, ntest, __FILE__, __LINE__);\ + printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__);\ exit(1);\ }
svn commit: r260254 - head/sbin/geom/class/eli
Author: pjd Date: Sat Jan 4 09:27:49 2014 New Revision: 260254 URL: http://svnweb.freebsd.org/changeset/base/260254 Log: Don't allow to create GELI providers with a sector size, which is no a power of 2. Noticed by: rwatson MFC after:3 days Modified: head/sbin/geom/class/eli/geom_eli.c Modified: head/sbin/geom/class/eli/geom_eli.c == --- head/sbin/geom/class/eli/geom_eli.c Sat Jan 4 09:25:27 2014 (r260253) +++ head/sbin/geom/class/eli/geom_eli.c Sat Jan 4 09:27:49 2014 (r260254) @@ -789,7 +789,7 @@ eli_init(struct gctl_req *req) if (val == 0) md.md_sectorsize = secsize; else { - if (val 0 || (val % secsize) != 0) { + if (val 0 || (val % secsize) != 0 || !powerof2(val)) { gctl_error(req, Invalid sector size.); return; } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260290 - head/sys/sys
Author: pjd Date: Sat Jan 4 21:55:06 2014 New Revision: 260290 URL: http://svnweb.freebsd.org/changeset/base/260290 Log: Bring back the old size of the kinfo_file structure to preserve ABI. Keep only one uint64_t spare for further cap_rights_t expension. Add a comment clarifying that if the size of this structure changes, a new sysctl MIB has to be allocate for it and the old structure has to be returned by the old sysctl MIB. Requested by: re MFC after:3 days Modified: head/sys/sys/user.h Modified: head/sys/sys/user.h == --- head/sys/sys/user.h Sat Jan 4 21:45:52 2014(r260289) +++ head/sys/sys/user.h Sat Jan 4 21:55:06 2014(r260290) @@ -320,7 +320,13 @@ struct kinfo_ofile { }; #if defined(__amd64__) || defined(__i386__) -#defineKINFO_FILE_SIZE 1424 +/* + * This size should never be changed. If you really need to, you must provide + * backward ABI compatibility by allocating a new sysctl MIB that will return + * the new structure. The current structure has to be returned by the current + * sysctl MIB. See how it is done for the kinfo_ofile structure. + */ +#defineKINFO_FILE_SIZE 1392 #endif struct kinfo_file { @@ -391,8 +397,7 @@ struct kinfo_file { uint16_tkf_pad1;/* Round to 32 bit alignment. */ int _kf_ispare0;/* Space for more stuff. */ cap_rights_tkf_cap_rights; /* Capability rights. */ - uint64_t_kf_cap_spare[3]; /* Space for future cap_rights_t. */ - int _kf_ispare[4]; /* Space for more stuff. */ + uint64_t_kf_cap_spare; /* Space for future cap_rights_t. */ /* Truncated before copyout in sysctl */ charkf_path[PATH_MAX]; /* Path to file, if any. */ }; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260222 - head/lib/libnv
Author: pjd Date: Fri Jan 3 09:07:03 2014 New Revision: 260222 URL: http://svnweb.freebsd.org/changeset/base/260222 Log: MFp4 @1189711: Fix resource leaks on nvlist_destroy(). Reported by: Mariusz Zaborski osho...@freebsd.org MFC after:3 days Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Fri Jan 3 08:31:42 2014(r260221) +++ head/lib/libnv/nvlist.c Fri Jan 3 09:07:03 2014(r260222) @@ -125,8 +125,10 @@ nvlist_destroy(nvlist_t *nvl) NVLIST_ASSERT(nvl); - while ((nvp = nvlist_first_nvpair(nvl)) != NULL) + while ((nvp = nvlist_first_nvpair(nvl)) != NULL) { nvlist_remove_nvpair(nvl, nvp); + nvpair_free(nvp); + } nvl-nvl_magic = 0; free(nvl); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r260223 - head/lib/libcasper
Author: pjd Date: Fri Jan 3 09:10:04 2014 New Revision: 260223 URL: http://svnweb.freebsd.org/changeset/base/260223 Log: MFp4 @1189741: - Add missing nvlist_destroy(). - Don't override nvlout. Submitted by: Mariusz Zaborski osho...@freebsd.org MFC after:3 days Modified: head/lib/libcasper/libcasper.c Modified: head/lib/libcasper/libcasper.c == --- head/lib/libcasper/libcasper.c Fri Jan 3 09:07:03 2014 (r260222) +++ head/lib/libcasper/libcasper.c Fri Jan 3 09:10:04 2014 (r260223) @@ -348,7 +348,6 @@ service_message(struct service *service, error = 0; } } else { - nvlout = nvlist_create(0); error = service-s_command(cmd, service_connection_get_limits(sconn), nvlin, nvlout); } @@ -362,8 +361,9 @@ service_message(struct service *service, if (cap_send_nvlist(service_connection_get_chan(sconn), nvlout) == -1) { pjdlog_errno(LOG_ERR, Unable to send message to client); service_connection_remove(service, sconn); - return; } + + nvlist_destroy(nvlout); } static int ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Wed, Jan 01, 2014 at 11:16:22PM -0800, Stanislav Sedov wrote: On Sep 4, 2013, at 5:09 PM, Pawel Jakub Dawidek p...@freebsd.org wrote: This commit also breaks compatibility with some existing Capsicum system calls, but I see no other way to do that. This should be fine as Capsicum is still experimental and this change is not going to 9.x. Hi! This change also increases the size of kinfo_file structure, which won’t allow programs not compiled against HEAD and working with kern.info.filedesc sysctl to run properly on HEAD (e.g. 8.x, 9.x and 10.x jails won’t run properly on HEAD, and it also broke valgrind). Is there absolutely no way to avoid extending the size of this struct? Well, I made this change to have space for future cap_rights_t expension. I did that change for a major branch, so we don't have to do it in the middle of 10.x or to not block the work until 11.0. Note that the structure changed size not only because of _kf_cap_spare[3] field, but also because cap_rights_t is not uint64_t anymore, it is now struct that contains two uint64_t (1424 - 1392 = 4 * 8). I'm afraid it is too late to change it for 10.0 at this point anyway. Not sure if you are aware this was merged to 10, because you write about 10.x jails not working properly on HEAD. 10.x jails will work properly on HEAD. BTW. I'd love if we stop using such structures for a running kernel. We should really move to using libnv to export data like that. #if defined(__amd64__) || defined(__i386__) -#defineKINFO_FILE_SIZE 1392 +#defineKINFO_FILE_SIZE 1424 #endif struct kinfo_file { @@ -389,6 +390,7 @@ uint16_tkf_pad1;/* Round to 32 bit alignment. */ int _kf_ispare0;/* Space for more stuff. */ cap_rights_tkf_cap_rights; /* Capability rights. */ + uint64_t_kf_cap_spare[3]; /* Space for future cap_rights_t. */ int _kf_ispare[4]; /* Space for more stuff. */ /* Truncated before copyout in sysctl */ charkf_path[PATH_MAX]; /* Path to file, if any. */ -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpAKlvQ0I1pi.pgp Description: PGP signature
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Thu, Jan 02, 2014 at 02:28:57AM -0800, Alfred Perlstein wrote: On 1/2/14 1:33 AM, Pawel Jakub Dawidek wrote: On Wed, Jan 01, 2014 at 11:16:22PM -0800, Stanislav Sedov wrote: On Sep 4, 2013, at 5:09 PM, Pawel Jakub Dawidek p...@freebsd.org wrote: This commit also breaks compatibility with some existing Capsicum system calls, but I see no other way to do that. This should be fine as Capsicum is still experimental and this change is not going to 9.x. Hi! This change also increases the size of kinfo_file structure, which won’t allow programs not compiled against HEAD and working with kern.info.filedesc sysctl to run properly on HEAD (e.g. 8.x, 9.x and 10.x jails won’t run properly on HEAD, and it also broke valgrind). Is there absolutely no way to avoid extending the size of this struct? Well, I made this change to have space for future cap_rights_t expension. I did that change for a major branch, so we don't have to do it in the middle of 10.x or to not block the work until 11.0. Note that the structure changed size not only because of _kf_cap_spare[3] field, but also because cap_rights_t is not uint64_t anymore, it is now struct that contains two uint64_t (1424 - 1392 = 4 * 8). I'm afraid it is too late to change it for 10.0 at this point anyway. Not sure if you are aware this was merged to 10, because you write about 10.x jails not working properly on HEAD. 10.x jails will work properly on HEAD. BTW. I'd love if we stop using such structures for a running kernel. We should really move to using libnv to export data like that. Aren't there enough bits in int _kf_ispare[4]; /* Space for more stuff. */ to make this work for the time being until you can provide an alternate way to fetch the cap stuff from the kernel. I don't plan to provide alternative way to fetch the cap stuff. Well, I implemented libnv, which can be used to reimplement how we fetch all data like kinfo_file in a ABI friendly way, but I don't plan to modify this specific code myself. Afaik you could just remove the spare and steal 2 or 4 entries from _kf_ispare until it is sorted. Yes, this would work for current cap_rights_t structure, at least for i386 and amd64, but would only allow to expand the structure by one uint64_t in the future (which might or might not be enough). The cap_rights_t structure is designed to be expanded to 5 uint64_ts without breaking ABI. I don't want to stuck with current cap_rights_t that is designed to expand, but cannot be, because kinfo_file wasn't modified at the start of a major branch. Can you please make use of that and discuss merge to 10 with re@? I'm Bccing re@, but I'm pretty sure it is too late for such a change, especially that it breaks ABI with all 10-RCs. I'm also not changing my mind. I'd like to structure to stay as-is. It really sounds like breaking top/etc under jails is something that should and can be avoided. I agree. Maybe it should be done every 10 major releases (I'm still fine with that rule), but we cannot just stuck with it forever. My suggestions would be: 1. Move to libnv. 2. Detect that the given binary was compiled against some older version of this structure and copy old structure to userland. Not sure if we can do that now or not, but I'd expect we can detect that. #if defined(__amd64__) || defined(__i386__) -#defineKINFO_FILE_SIZE 1392 +#defineKINFO_FILE_SIZE 1424 #endif struct kinfo_file { @@ -389,6 +390,7 @@ uint16_tkf_pad1;/* Round to 32 bit alignment. */ int _kf_ispare0;/* Space for more stuff. */ cap_rights_tkf_cap_rights; /* Capability rights. */ + uint64_t_kf_cap_spare[3]; /* Space for future cap_rights_t. */ int _kf_ispare[4]; /* Space for more stuff. */ /* Truncated before copyout in sysctl */ charkf_path[PATH_MAX]; /* Path to file, if any. */ -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpes5xRY9JCs.pgp Description: PGP signature
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Thu, Jan 02, 2014 at 03:13:08PM +0200, Konstantin Belousov wrote: On Thu, Jan 02, 2014 at 11:49:04AM +0100, Pawel Jakub Dawidek wrote: I don't plan to provide alternative way to fetch the cap stuff. Well, I implemented libnv, which can be used to reimplement how we fetch all data like kinfo_file in a ABI friendly way, but I don't plan to modify this specific code myself. I.e. you break something and decline to fix it, putting the burden on somebody else. That's a bit too far. I wasn't declining fixing a bug I introduced. I was declining implementing an improvement. That's two very different things. Chose your words more carefully and not only this time. Yes, this would work for current cap_rights_t structure, at least for i386 and amd64, but would only allow to expand the structure by one uint64_t in the future (which might or might not be enough). The cap_rights_t structure is designed to be expanded to 5 uint64_ts without breaking ABI. I don't want to stuck with current cap_rights_t that is designed to expand, but cannot be, because kinfo_file wasn't modified at the start of a major branch. The ABI stability is not limited to the single branch. It must be preserved across whole project lifetime. [...] To address your statement that either entire ABI is stable or not and there is nothing in between. That's of course incorrect. First of all, we, as a project, don't consider all existing interfaces as stable. This would be a suicide. There are plenty of private interfaces we must and we do break from release to release. There was at least one case, AFAIR, where we broke ABI because of a security issue. I also think that breaking ABI on unused interfaces can be fine too. We don't support ABI compatibility with FreeBSD 1, no matter how close we are, and we had this discussion in the past. I'm also in opinion that even if one day we run out of spare fields in kinfo_* structures the FreeBSD project should not be terminated. Ok, let's be more constructive. I can use existing spare ints. This would move the problem into the future and will break ABI for existing 10-RCs. We can also investigate how huge breakage that is. The sysctl interface is not public API, so I don't believe we should be concerned by its direct consumers. We have two public interfaces for this: libutil's kinfo_getfile(3) which has exactly one in-base consumer - libprocstat, so this change breaks procstat(1) and fstat(1). This is just awful breakage of _ABI_. We cannot leave it as is, unless we also claim that project gave up on ABI stability at all. [...] My own opinion is that the kinfo change must be removed, and the bug is so critical that another RC must be issued. I personally don't consider it so awful and critical as you do, clearly, but I do recognize it as a problem. I'm happy to consume spares, which should fix compatibility with older releases at the cost of breaking compatibility with 10-RCs. At least for i386 and amd64, not sure how using ints for uint64_t will work for other archs. I'll leave it for re@ to decide. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpbwoYDuzFrD.pgp Description: PGP signature
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Thu, Jan 02, 2014 at 10:27:57PM +0100, Pawel Jakub Dawidek wrote: I'll leave it for re@ to decide. Proposed patch: http://people.freebsd.org/~pjd/patches/sys_user.h.patch -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpVLF904ptQE.pgp Description: PGP signature
Re: svn commit: r259678 - head/contrib/tcpdump
On Sat, Dec 21, 2013 at 12:45:36PM +, Glen Barber wrote: Author: gjb Date: Sat Dec 21 12:45:35 2013 New Revision: 259678 URL: http://svnweb.freebsd.org/changeset/base/259678 Log: Fix build with WITHOUT_CAPSICUM. Thanks. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259576 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Wed Dec 18 21:45:46 2013 New Revision: 259576 URL: http://svnweb.freebsd.org/changeset/base/259576 Log: MFV r258923: 4188 assertion failed in dmu_tx_hold_free(): dn_datablkshift != 0 illumos/illumos-gate@bb411a08b05466bfe0c7095b6373bbc1587e259a MFC after:3 days Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu_tx.c Directory Properties: head/sys/cddl/contrib/opensolaris/ (props changed) Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu_tx.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu_tx.cWed Dec 18 21:29:23 2013(r259575) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/dmu_tx.cWed Dec 18 21:45:46 2013(r259576) @@ -636,9 +636,16 @@ dmu_tx_hold_free(dmu_tx_t *tx, uint64_t uint64_t start = off shift; uint64_t end = (off + len) shift; - ASSERT(dn-dn_datablkshift != 0); ASSERT(dn-dn_indblkshift != 0); + /* +* dnode_reallocate() can result in an object with indirect +* blocks having an odd data block size. In this case, +* just check the single block. +*/ + if (dn-dn_datablkshift == 0) + start = end = 0; + zio = zio_root(tx-tx_pool-dp_spa, NULL, NULL, ZIO_FLAG_CANFAIL); for (uint64_t i = start; i = end; i++) { ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259580 - in head: contrib/tcpdump usr.bin/kdump
Author: pjd Date: Thu Dec 19 00:51:48 2013 New Revision: 259580 URL: http://svnweb.freebsd.org/changeset/base/259580 Log: If we cannot connect to casperd we don't enter sandbox, but if we can connect to casperd, but we cannot access the service we need we exit with an error. This should not happen and just indicates some configuration error which should be fixed, so we force the user to do it by failing. Discussed with: emaste Modified: head/contrib/tcpdump/tcpdump.c head/usr.bin/kdump/kdump.c Modified: head/contrib/tcpdump/tcpdump.c == --- head/contrib/tcpdump/tcpdump.c Wed Dec 18 23:39:42 2013 (r259579) +++ head/contrib/tcpdump/tcpdump.c Thu Dec 19 00:51:48 2013 (r259580) @@ -710,24 +710,16 @@ capdns_setup(void) capdnsloc = cap_service_open(capcas, system.dns); /* Casper capability no longer needed. */ cap_close(capcas); - if (capdnsloc == NULL) { - warning(unable to open system.dns service); - return (NULL); - } + if (capdnsloc == NULL) + error(unable to open system.dns service); /* Limit system.dns to reverse DNS lookups. */ types[0] = ADDR; - if (cap_dns_type_limit(capdnsloc, types, 1) 0) { - warning(unable to limit access to system.dns service); - cap_close(capdnsloc); - return (NULL); - } + if (cap_dns_type_limit(capdnsloc, types, 1) 0) + error(unable to limit access to system.dns service); families[0] = AF_INET; families[1] = AF_INET6; - if (cap_dns_family_limit(capdnsloc, families, 2) 0) { - warning(unable to limit access to system.dns service); - cap_close(capdnsloc); - return (NULL); - } + if (cap_dns_family_limit(capdnsloc, families, 2) 0) + error(unable to limit access to system.dns service); return (capdnsloc); } Modified: head/usr.bin/kdump/kdump.c == --- head/usr.bin/kdump/kdump.c Wed Dec 18 23:39:42 2013(r259579) +++ head/usr.bin/kdump/kdump.c Thu Dec 19 00:51:48 2013(r259580) @@ -215,7 +215,7 @@ cappwdgrp_setup(cap_channel_t **cappwdp, capcas = cap_init(); if (capcas == NULL) { warn(unable to contact casperd); - return (NULL); + return (-1); } cappwdloc = cap_service_open(capcas, system.pwd); capgrploc = cap_service_open(capcas, system.grp); @@ -226,40 +226,26 @@ cappwdgrp_setup(cap_channel_t **cappwdp, warn(unable to open system.pwd service); if (capgrploc == NULL) warn(unable to open system.grp service); - goto fail; + exit(1); } /* Limit system.pwd to only getpwuid() function and pw_name field. */ cmds[0] = getpwuid; - if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) 0) { - warn(unable to limit access to system.pwd service); - goto fail; - } + if (cap_pwd_limit_cmds(cappwdloc, cmds, 1) 0) + err(1, unable to limit system.pwd service); fields[0] = pw_name; - if (cap_pwd_limit_fields(cappwdloc, fields, 1) 0) { - warn(unable to limit access to system.pwd service); - goto fail; - } + if (cap_pwd_limit_fields(cappwdloc, fields, 1) 0) + err(1, unable to limit system.pwd service); /* Limit system.grp to only getgrgid() function and gr_name field. */ cmds[0] = getgrgid; - if (cap_grp_limit_cmds(capgrploc, cmds, 1) 0) { - warn(unable to limit access to system.grp service); - goto fail; - } + if (cap_grp_limit_cmds(capgrploc, cmds, 1) 0) + err(1, unable to limit system.grp service); fields[0] = gr_name; - if (cap_grp_limit_fields(capgrploc, fields, 1) 0) { - warn(unable to limit access to system.grp service); - goto fail; - } + if (cap_grp_limit_fields(capgrploc, fields, 1) 0) + err(1, unable to limit system.grp service); *cappwdp = cappwdloc; *capgrpp = capgrploc; return (0); -fail: - if (capgrploc == NULL) - cap_close(cappwdloc); - if (capgrploc == NULL) - cap_close(capgrploc); - return (-1); } #endif /* HAVE_LIBCAPSICUM */ ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259581 - head/etc/defaults
Author: pjd Date: Thu Dec 19 00:53:11 2013 New Revision: 259581 URL: http://svnweb.freebsd.org/changeset/base/259581 Log: Make the world a bit more secure place (hopefully) and turn the casperd on by default. Sponsored by: The FreeBSD Foundation Modified: head/etc/defaults/rc.conf Modified: head/etc/defaults/rc.conf == --- head/etc/defaults/rc.conf Thu Dec 19 00:51:48 2013(r259580) +++ head/etc/defaults/rc.conf Thu Dec 19 00:53:11 2013(r259581) @@ -658,7 +658,7 @@ newsyslog_enable=YES # Run newsyslog a newsyslog_flags=-CN # Newsyslog flags to create marked files mixer_enable=YES # Run the sound mixer. opensm_enable=NO # Opensm(8) for infiniband devices defaults to off -casperd_enable=NO# casperd(8) daemon +casperd_enable=YES # casperd(8) daemon ## ### Jail Configuration (see rc.conf(5) manual page) ## ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259463 - in head/etc: defaults rc.d
Author: pjd Date: Mon Dec 16 11:03:59 2013 New Revision: 259463 URL: http://svnweb.freebsd.org/changeset/base/259463 Log: Start-up script for casperd daemon. Sponsored by: The FreeBSD Foundation Added: head/etc/rc.d/casperd (contents, props changed) Modified: head/etc/defaults/rc.conf head/etc/rc.d/Makefile Modified: head/etc/defaults/rc.conf == --- head/etc/defaults/rc.conf Mon Dec 16 10:50:13 2013(r259462) +++ head/etc/defaults/rc.conf Mon Dec 16 11:03:59 2013(r259463) @@ -658,6 +658,7 @@ newsyslog_enable=YES # Run newsyslog a newsyslog_flags=-CN # Newsyslog flags to create marked files mixer_enable=YES # Run the sound mixer. opensm_enable=NO # Opensm(8) for infiniband devices defaults to off +casperd_enable=NO# casperd(8) daemon ## ### Jail Configuration (see rc.conf(5) manual page) ## Modified: head/etc/rc.d/Makefile == --- head/etc/rc.d/Makefile Mon Dec 16 10:50:13 2013(r259462) +++ head/etc/rc.d/Makefile Mon Dec 16 11:03:59 2013(r259463) @@ -26,6 +26,7 @@ FILES=DAEMON \ bridge \ bsnmpd \ ${_bthidd} \ + casperd \ ccd \ cleanvar \ cleartmp \ Added: head/etc/rc.d/casperd == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/etc/rc.d/casperd Mon Dec 16 11:03:59 2013(r259463) @@ -0,0 +1,19 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: casperd +# REQUIRE: NETWORKING syslogd +# BEFORE: DAEMON +# KEYWORD: shutdown + +. /etc/rc.subr + +name=casperd +rcvar=casperd_enable +pidfile=/var/run/${name}.pid +command=/sbin/${name} + +load_rc_config $name +run_rc_command $1 ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259428 - head/sys/geom/eli
Author: pjd Date: Sun Dec 15 22:51:26 2013 New Revision: 259428 URL: http://svnweb.freebsd.org/changeset/base/259428 Log: Clear content of keyfiles loaded by the loader after processing them. Pointed out by: rwatson MFC after:1 week Modified: head/sys/geom/eli/g_eli.c Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Sun Dec 15 20:47:27 2013(r259427) +++ head/sys/geom/eli/g_eli.c Sun Dec 15 22:51:26 2013(r259428) @@ -990,6 +990,7 @@ g_eli_keyfiles_load(struct hmac_ctx *ctx G_ELI_DEBUG(1, Loaded keyfile %s for %s (type: %s)., file, provider, name); g_eli_crypto_hmac_update(ctx, data, size); + bzero(data, size); } } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259429 - head/sys/geom/eli
Author: pjd Date: Sun Dec 15 22:52:18 2013 New Revision: 259429 URL: http://svnweb.freebsd.org/changeset/base/259429 Log: Clear some more places with potentially sensitive data. MFC after:1 week Modified: head/sys/geom/eli/g_eli_crypto.c Modified: head/sys/geom/eli/g_eli_crypto.c == --- head/sys/geom/eli/g_eli_crypto.cSun Dec 15 22:51:26 2013 (r259428) +++ head/sys/geom/eli/g_eli_crypto.cSun Dec 15 22:52:18 2013 (r259429) @@ -288,10 +288,12 @@ g_eli_crypto_hmac_final(struct hmac_ctx bzero(ctx, sizeof(*ctx)); SHA512_Update(lctx, digest, sizeof(digest)); SHA512_Final(digest, lctx); + bzero(lctx, sizeof(lctx)); /* mdsize == 0 means Give me the whole hash! */ if (mdsize == 0) mdsize = SHA512_MDLEN; bcopy(digest, md, mdsize); + bzero(digest, sizeof(digest)); } void ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259430 - head/lib/libnv
Author: pjd Date: Sun Dec 15 22:58:09 2013 New Revision: 259430 URL: http://svnweb.freebsd.org/changeset/base/259430 Log: MFp4 @1189139: Get rid of the msg_peek() function, which has a problem. If there was less data in the socket buffer than requested by the caller, the function would busy loop, as select(2) will always return immediately. We can just receive nvlhdr now, because some time ago we splitted receive of data from the receive of descriptors. MFC after:1 week Modified: head/lib/libnv/msgio.c head/lib/libnv/msgio.h head/lib/libnv/nvlist.c Modified: head/lib/libnv/msgio.c == --- head/lib/libnv/msgio.c Sun Dec 15 22:52:18 2013(r259429) +++ head/lib/libnv/msgio.c Sun Dec 15 22:58:09 2013(r259430) @@ -113,30 +113,6 @@ fd_wait(int fd, bool doread) NULL, NULL); } -int -msg_peek(int sock, void *buf, size_t size) -{ - ssize_t done; - - PJDLOG_ASSERT(sock = 0); - PJDLOG_ASSERT(size 0); - - do { - fd_wait(sock, true); - done = recv(sock, buf, size, MSG_PEEK | MSG_WAITALL); - if (done == -1) { - if (errno == EAGAIN || errno == EINTR) - continue; - return (-1); - } else if (done == 0) { - errno = ENOTCONN; - return (-1); - } - } while (done != (ssize_t)size); - - return (0); -} - static int msg_recv(int sock, struct msghdr *msg) { Modified: head/lib/libnv/msgio.h == --- head/lib/libnv/msgio.h Sun Dec 15 22:52:18 2013(r259429) +++ head/lib/libnv/msgio.h Sun Dec 15 22:58:09 2013(r259430) @@ -38,8 +38,6 @@ struct cmsgcred; struct iovec; struct msghdr; -int msg_peek(int sock, void *buf, size_t size); - int cred_send(int sock); int cred_recv(int sock, struct cmsgcred *cred); Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Sun Dec 15 22:52:18 2013(r259429) +++ head/lib/libnv/nvlist.c Sun Dec 15 22:58:09 2013(r259430) @@ -724,11 +724,11 @@ nvlist_recv(int sock) { struct nvlist_header nvlhdr; nvlist_t *nvl, *ret; + unsigned char *buf; size_t nfds, size; - void *buf; int serrno, *fds; - if (msg_peek(sock, nvlhdr, sizeof(nvlhdr)) == -1) + if (buf_recv(sock, nvlhdr, sizeof(nvlhdr)) == -1) return (NULL); if (!nvlist_check_header(nvlhdr)) @@ -741,10 +741,12 @@ nvlist_recv(int sock) if (buf == NULL) return (NULL); + memcpy(buf, nvlhdr, sizeof(nvlhdr)); + ret = NULL; fds = NULL; - if (buf_recv(sock, buf, size) == -1) + if (buf_recv(sock, buf + sizeof(nvlhdr), size - sizeof(nvlhdr)) == -1) goto out; if (nfds 0) { ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259431 - head/sbin/casperd
Author: pjd Date: Sun Dec 15 22:59:34 2013 New Revision: 259431 URL: http://svnweb.freebsd.org/changeset/base/259431 Log: MFp4 @1189141: Change casperd's zygote process title. MFC after:1 week Modified: head/sbin/casperd/zygote.c Modified: head/sbin/casperd/zygote.c == --- head/sbin/casperd/zygote.c Sun Dec 15 22:58:09 2013(r259430) +++ head/sbin/casperd/zygote.c Sun Dec 15 22:59:34 2013(r259431) @@ -122,6 +122,8 @@ zygote_main(int sock) assert(sock STDERR_FILENO); + setproctitle(zygote); + if (pjdlog_mode_get() != PJDLOG_MODE_STD) stdnull(); for (fd = STDERR_FILENO + 1; fd sock; fd++) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r259432 - head/contrib/tcpdump
Author: pjd Date: Sun Dec 15 23:02:36 2013 New Revision: 259432 URL: http://svnweb.freebsd.org/changeset/base/259432 Log: Make use of casperd's system.dns service when running without the -n option. Now tcpdump(8) is sandboxed even if DNS resolution is required. Sponsored by: The FreeBSD Foundation Modified: head/contrib/tcpdump/addrtoname.c head/contrib/tcpdump/tcpdump.c Modified: head/contrib/tcpdump/addrtoname.c == --- head/contrib/tcpdump/addrtoname.c Sun Dec 15 22:59:34 2013 (r259431) +++ head/contrib/tcpdump/addrtoname.c Sun Dec 15 23:02:36 2013 (r259432) @@ -32,6 +32,10 @@ static const char rcsid[] _U_ = #include config.h #endif +#ifdef __FreeBSD__ +#include libcapsicum.h +#include libcapsicum_dns.h +#endif #include tcpdump-stdinc.h #ifdef USE_ETHER_NTOHOST @@ -203,6 +207,9 @@ intoa(u_int32_t addr) static u_int32_t f_netmask; static u_int32_t f_localnet; +#ifdef HAVE_LIBCAPSICUM +extern cap_channel_t *capdns; +#endif /* * Return a name for the IP address pointed to by ap. This address @@ -248,7 +255,13 @@ getname(const u_char *ap) */ if (!nflag (addr f_netmask) == f_localnet) { - hp = gethostbyaddr((char *)addr, 4, AF_INET); +#ifdef HAVE_LIBCAPSICUM + if (capdns != NULL) { + hp = cap_gethostbyaddr(capdns, (char *)addr, 4, + AF_INET); + } else +#endif + hp = gethostbyaddr((char *)addr, 4, AF_INET); if (hp) { char *dotp; @@ -293,7 +306,13 @@ getname6(const u_char *ap) * Do not print names if -n was given. */ if (!nflag) { - hp = gethostbyaddr((char *)addr, sizeof(addr), AF_INET6); +#ifdef HAVE_LIBCAPSICUM + if (capdns != NULL) { + hp = cap_gethostbyaddr(capdns, (char *)addr, + sizeof(addr), AF_INET6); + } else +#endif + hp = gethostbyaddr((char *)addr, sizeof(addr), AF_INET6); if (hp) { char *dotp; Modified: head/contrib/tcpdump/tcpdump.c == --- head/contrib/tcpdump/tcpdump.c Sun Dec 15 22:59:34 2013 (r259431) +++ head/contrib/tcpdump/tcpdump.c Sun Dec 15 23:02:36 2013 (r259432) @@ -76,6 +76,12 @@ extern int SIZE_BUF; #include net/bpf.h #include fcntl.h #include libgen.h +#ifdef HAVE_LIBCAPSICUM +#include libcapsicum.h +#include libcapsicum_dns.h +#include libcapsicum_service.h +#include nv.h +#endif /* HAVE_LIBCAPSICUM */ #endif /* __FreeBSD__ */ #ifndef WIN32 #include sys/wait.h @@ -123,6 +129,10 @@ static int infoprint; char *program_name; +#ifdef HAVE_LIBCAPSICUM +cap_channel_t *capdns; +#endif + int32_t thiszone; /* seconds offset from gmt to local time */ /* Forwards */ @@ -684,6 +694,45 @@ get_next_file(FILE *VFile, char *ptr) return ret; } +#ifdef HAVE_LIBCAPSICUM +static cap_channel_t * +capdns_setup(void) +{ + cap_channel_t *capcas, *capdnsloc; + const char *types[1]; + int families[2]; + + capcas = cap_init(); + if (capcas == NULL) { + warning(unable to contact casperd); + return (NULL); + } + capdnsloc = cap_service_open(capcas, system.dns); + /* Casper capability no longer needed. */ + cap_close(capcas); + if (capdnsloc == NULL) { + warning(unable to open system.dns service); + return (NULL); + } + /* Limit system.dns to reverse DNS lookups. */ + types[0] = ADDR; + if (cap_dns_type_limit(capdnsloc, types, 1) 0) { + warning(unable to limit access to system.dns service); + cap_close(capdnsloc); + return (NULL); + } + families[0] = AF_INET; + families[1] = AF_INET6; + if (cap_dns_family_limit(capdnsloc, families, 2) 0) { + warning(unable to limit access to system.dns service); + cap_close(capdnsloc); + return (NULL); + } + + return (capdnsloc); +} +#endif /* HAVE_LIBCAPSICUM */ + int main(int argc, char **argv) { @@ -1417,6 +1466,12 @@ main(int argc, char **argv) free(cmdbuf); exit(0); } + +#ifdef HAVE_LIBCAPSICUM + if (!nflag) + capdns = capdns_setup(); +#endif /* HAVE_LIBCAPSICUM */ + init_addrtoname(localnet, netmask); init_checksum(); @@ -1615,7 +1670,12 @@ main(int argc, char **argv) #endif /* WIN32 */ #ifdef __FreeBSD__ - cansandbox = (nflag VFileName == NULL zflag == NULL); + cansandbox = (VFileName == NULL zflag == NULL); +#ifdef HAVE_LIBCAPSICUM + cansandbox = (cansandbox (nflag || capdns !=
svn commit: r259433 - head/usr.sbin/tcpdump/tcpdump
Author: pjd Date: Sun Dec 15 23:05:19 2013 New Revision: 259433 URL: http://svnweb.freebsd.org/changeset/base/259433 Log: Add Casper support. Sponsored by: The FreeBSD Foundation Modified: head/usr.sbin/tcpdump/tcpdump/Makefile Modified: head/usr.sbin/tcpdump/tcpdump/Makefile == --- head/usr.sbin/tcpdump/tcpdump/Makefile Sun Dec 15 23:02:36 2013 (r259432) +++ head/usr.sbin/tcpdump/tcpdump/Makefile Sun Dec 15 23:05:19 2013 (r259433) @@ -162,6 +162,11 @@ CFLAGS+= -DLBL_ALIGN DPADD= ${LIBL} ${LIBPCAP} LDADD= -ll -lpcap +.if ${MK_CASPER} != no +DPADD+=${LIBCAPSICUM} ${LIBNV} +LDADD+=-lcapsicum -lnv +CFLAGS+=-DHAVE_LIBCAPSICUM +.endif .if ${MK_OPENSSL} != no !defined(RELEASE_CRUNCH) DPADD+= ${LIBCRYPTO} LDADD+= -lcrypto ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org