svn commit: r253833 - head/sbin/mdconfig
Author: delphij Date: Wed Jul 31 07:06:58 2013 New Revision: 253833 URL: http://svnweb.freebsd.org/changeset/base/253833 Log: Resolve fflag with realpath(). MFC after:2 weeks Modified: head/sbin/mdconfig/mdconfig.c Modified: head/sbin/mdconfig/mdconfig.c == --- head/sbin/mdconfig/mdconfig.c Wed Jul 31 06:23:10 2013 (r253832) +++ head/sbin/mdconfig/mdconfig.c Wed Jul 31 07:06:58 2013 (r253833) @@ -161,7 +161,9 @@ main(int argc, char **argv) case 'f': if (fflag != NULL) errx(1, "-f can be passed only once"); - fflag = optarg; + fflag = realpath(optarg, NULL); + if (fflag == NULL) + err(1, "realpath"); break; case 'o': if (!strcmp(optarg, "async")) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253834 - head/sbin/swapon
Author: delphij Date: Wed Jul 31 07:09:35 2013 New Revision: 253834 URL: http://svnweb.freebsd.org/changeset/base/253834 Log: Make two buffer variables static for now. It is not safe to reference stack memory after return. MFC after:2 weeks Modified: head/sbin/swapon/swapon.c Modified: head/sbin/swapon/swapon.c == --- head/sbin/swapon/swapon.c Wed Jul 31 07:06:58 2013(r253833) +++ head/sbin/swapon/swapon.c Wed Jul 31 07:09:35 2013(r253834) @@ -446,7 +446,7 @@ swap_on_off_md(const char *name, char *m FILE *sfd; int fd, mdunit, error; const char *ret; - char mdpath[PATH_MAX], linebuf[PATH_MAX]; + static char mdpath[PATH_MAX], linebuf[PATH_MAX]; char *p, *vnodefile; size_t linelen; u_long ul; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253786 - in head/sys: dev/random modules/padlock_rng modules/rdrand_rng modules/yarrow_rng
"David O'Brien" writes: > Dag-Erling Smørgrav writes: > > We've had a policy for several years now that all changes to the > > PRNG code in the kernel and libc must be reviewed by so@. > Where was this policy published or communicated? > There is no MAINTAINER line in sys/dev/random/, nor an entry in > /usr/src/MAINTAINERS. It is hard to follow some policy that cannot > be found. If it isn't adequately documented, then we need to look into that. It's not the only such case - jfv@'s hard lock on Intel NIC drivers isn't documented either. That doesn't mean we shouldn't enforce it. > This change does not change any of the PRNG algorithms. You know as well as I do that "I didn't change anything" is in the top five on the list of "programmers' famous last words". > Do you have any specific concerns? I don't have any major issues with the patch, but it should still have been submitted for pre-commit review. I have two minor issues: - The sysctl is currently a space-separated list with an extraneous leading space and a magic string (which contains separators) to indicate an empty list. At the very least, the leading space should be removed and the magic string should be changed to not include spaces; "none" should suffice. I would prefer a comma-separated list and an empty string to indicate an empty list. - The non-standard (at least in an IT context) spelling of "adapter". I'll try to get a second opinion within the day. DES -- Dag-Erling Smørgrav - d...@des.no ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253786 - in head/sys: dev/random modules/padlock_rng modules/rdrand_rng modules/yarrow_rng
Dag-Erling Smørgrav writes: > I don't have any major issues with the patch, but it should still have > been submitted for pre-commit review. Actually, I forgot the most important issue: you seem to have committed only a tiny part of the patch. DES -- Dag-Erling Smørgrav - d...@des.no ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253786 - in head/sys: dev/random modules/padlock_rng modules/rdrand_rng modules/yarrow_rng
Dag-Erling Smørgrav writes: > Actually, I forgot the most important issue: you seem to have committed > only a tiny part of the patch. Never mind, I found the rest. DES -- Dag-Erling Smørgrav - d...@des.no ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253786 - in head/sys: dev/random modules/padlock_rng modules/rdrand_rng modules/yarrow_rng
"David E. O'Brien" writes: > * Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" > option. > The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow. Please revert this, as anybody with a custom kernel config who doesn't have a hardware RNG is now without a PRNG. DES -- Dag-Erling Smørgrav - d...@des.no ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253779 - in head: . share/man/man4 sys/amd64/conf sys/arm/conf sys/conf sys/dev/random sys/i386/conf sys/ia64/conf sys/mips/conf sys/modules sys/modules/random sys/pc98/conf sys/power
On 2013-07-29 20:26:27 (+), David E. O'Brien wrote: > Author: obrien > Date: Mon Jul 29 20:26:27 2013 > New Revision: 253779 > URL: http://svnweb.freebsd.org/changeset/base/253779 > > Log: > Decouple yarrow from random(4) device. As Dag-Erling already pointed out in relpy to r253789: please submit any RNG changes to secteam@ to review before committing them. That aside, it would have been easier to review this if it were split into more than two commits. > * Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" > option. > The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow. I would really prefer to see this logic reversed. Of course, we expect people to read UPDATING, but disabling functionality that has been enabled by default "forever" without any warning, especially in a security-related context is not cool. Please change YARROW_RNG to RNG_NO_YARROW or something similar and keep it in by default. If you think there's a really good reason to kick support out by default, there are mailing lists to discuss this. > * Add random_adaptors.[ch] which is basically a store of random_adaptor's. > random_adaptor is basically an adapter that plugs in to random(4). This is a good idea. I've briefly read through the code (ie: not a thorough review) and it looks okay at first glance. It would have been good if this were a separate commit and given a chance to be reviewed by people familiar with the RNG code. > Unplugging random_adaptor from random(4) is not supported, and is > probably a > bad idea anyway, due to potential loss of entropy pools. I agree. But what happens to the adaptors if you kldunload random? > * If the kernel doesn't have any random_adaptor adapters present then the > creation of /dev/random is postponed until next random_adaptor is > kldload'ed. This worries me. A fast-booting system might want random numbers in userland before a random_adaptor is loaded (and properly seeded?). We don't have particularly stellar support for early random numbers, but we should be careful not to make it worse. Also: what happens to in-kernel consumers of random (like TCP) before the first random_adaptor is attached (and properly seeded)? I'd really like to see this get some more review. Philip -- Philip Paeps Senior Reality Engineer Ministry of Information ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253802 - head/contrib/llvm/tools/clang/lib/Headers
On Jul 30, 2013, at 18:16, John Baldwin wrote: > On Tuesday, July 30, 2013 10:09:35 am Matthew Fleming wrote: >> On Tue, Jul 30, 2013 at 5:33 AM, Dimitry Andric wrote: >> >>> Author: dim >>> Date: Tue Jul 30 12:33:21 2013 >>> New Revision: 253802 >>> URL: http://svnweb.freebsd.org/changeset/base/253802 ... >> PIC mode on amd64 also uses %ebx. The difference is that FreeBSD makefiles >> set -fPIC for i386 kernel compile but not amd64. Locally we use -fPIC for >> amd64 (it was added 6 years ago to our environment because it gave better >> kernel debugging). > > Note that this is used in userland and the kernel. > >> Anyways, is there some way to detect PIC mode and use that to decide >> whether to use %ebx for the cpuid instruction, rather than using i386? > > Does clang supply a reliable #define to indicate that PIC is in use? If not, > then this should use the PIC path always to be safe. Just like gcc, clang defines both __pic__ and __PIC__ as 1 for -fpic, and as 2 for -fPIC (though on x86, there is no difference between the two). Similarly, __pie__ and __PIE__ are defined as 1 for -fpie, and as 2 for -fPIE. -Dimitry ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253839 - head/contrib/binutils/ld
Author: bapt Date: Wed Jul 31 12:35:06 2013 New Revision: 253839 URL: http://svnweb.freebsd.org/changeset/base/253839 Log: Change default behaviour of ld(1) to not recursively copy DT_NEEDED This is the default behaviour of the newer binutils as well as most alternative linkers. All the ports tree has been fixed to be able to link properly with this new behaviour. Modified: head/contrib/binutils/ld/ldmain.c Modified: head/contrib/binutils/ld/ldmain.c == --- head/contrib/binutils/ld/ldmain.c Wed Jul 31 11:45:40 2013 (r253838) +++ head/contrib/binutils/ld/ldmain.c Wed Jul 31 12:35:06 2013 (r253839) @@ -98,7 +98,7 @@ bfd_boolean as_needed; /* Nonzero means never create DT_NEEDED entries for dynamic libraries in DT_NEEDED tags. */ -bfd_boolean add_needed = TRUE; +bfd_boolean add_needed = FALSE; /* TRUE if we should demangle symbol names. */ bfd_boolean demangling; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253825 - in head/sys: dev/wi modules modules/wi powerpc/powermac
On Wed, 2013-07-31 at 09:41 +0400, Sergey Kandaurov wrote: > On 31 July 2013 05:13, Justin Hibbits wrote: > > Author: jhibbits > > Date: Wed Jul 31 01:13:29 2013 > > New Revision: 253825 > > URL: http://svnweb.freebsd.org/changeset/base/253825 > > > > Log: > > Add the macio attachment for wi(4). Partially obtained from NetBSD. > > > > Reviewed by: adrian > > Obtained from:NetBSD (partially) > > > > Added: > > head/sys/dev/wi/if_wi_macio.c (contents, props changed) > > Modified: > > head/sys/modules/Makefile > > head/sys/modules/wi/Makefile > > head/sys/powerpc/powermac/macio.c > > head/sys/powerpc/powermac/maciovar.h > > > > Added: head/sys/dev/wi/if_wi_macio.c > > == > > --- /dev/null 00:00:00 1970 (empty, because file is newly added) > > +++ head/sys/dev/wi/if_wi_macio.c Wed Jul 31 01:13:29 2013 > > (r253825) > > @@ -0,0 +1,141 @@ > > +/*- > > + * Copyright (c) 2013 Justin Hibbits > > + * All rights reserved. > > + * Copyright (c) 1997, 1998, 1999 > > + * Bill Paul . All rights reserved. > > + * > > + * Redistribution and use in source and binary forms, with or without > > + * modification, are permitted provided that the following conditions > > + * are met: > > + * 1. Redistributions of source code must retain the above copyright > > + *notice, this list of conditions and the following disclaimer. > > + * 2. Redistributions in binary form must reproduce the above copyright > > + *notice, this list of conditions and the following disclaimer in the > > + *documentation and/or other materials provided with the distribution. > > + * 3. All advertising materials mentioning features or use of this software > > + *must display the following acknowledgement: > > + * This product includes software developed by Bill Paul. > > + * 4. Neither the name of the author nor the names of any co-contributors > > + *may be used to endorse or promote products derived from this software > > + *without specific prior written permission. > > + * > > + * THIS SOFTWARE IS PROVIDED BY Bill Paul AND CONTRIBUTORS ``AS IS'' AND > > + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE > > + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR > > PURPOSE > > + * ARE DISCLAIMED. IN NO EVENT SHALL Bill Paul OR THE VOICES IN HIS HEAD > > Oh noes! You must be kidding :) > > $ grep -ri 'or the voices in his head' /usr/src | wc -l > 156 > I think the "voices" thing is kind of harmless and cute, if a bit unprofessional. I'm more concerned about the 201 files in the base that say I have to give Mr. Paul credit in any product documentation and advertising materials (the marketing department is going to love that one, huh?). How many other such one-off requirements are buried in the license blocks of the source that I had no idea existed and am failing to comply with? -- Ian ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253840 - head/sys/kern
Author: scottl Date: Wed Jul 31 15:55:01 2013 New Revision: 253840 URL: http://svnweb.freebsd.org/changeset/base/253840 Log: Another fix for r253823; retain the default of 1 readahead block for sendfile. Submitted by: glebius Obtained from:Netflix MFC after:3 days Modified: head/sys/kern/uipc_syscalls.c Modified: head/sys/kern/uipc_syscalls.c == --- head/sys/kern/uipc_syscalls.c Wed Jul 31 12:35:06 2013 (r253839) +++ head/sys/kern/uipc_syscalls.c Wed Jul 31 15:55:01 2013 (r253840) @@ -122,7 +122,7 @@ counter_u64_t sfstat[sizeof(struct sfsta int nsfbufs; int nsfbufspeak; int nsfbufsused; -static int sfreadahead = MAXPHYS / MAXBSIZE; +static int sfreadahead = 1; SYSCTL_INT(_kern_ipc, OID_AUTO, nsfbufs, CTLFLAG_RDTUN, &nsfbufs, 0, "Maximum number of sendfile(2) sf_bufs available"); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253841 - head/sys/netinet6
Author: hrs
Date: Wed Jul 31 16:24:49 2013
New Revision: 253841
URL: http://svnweb.freebsd.org/changeset/base/253841
Log:
Allocate in6_ifextra (ifp->if_afdata[AF_INET6]) only for IPv6-capable
interfaces. This eliminates unnecessary IPv6 processing for non-IPv6
interfaces.
MFC after:3 days
Modified:
head/sys/netinet6/in6.c
head/sys/netinet6/in6_ifattach.c
head/sys/netinet6/nd6.c
Modified: head/sys/netinet6/in6.c
==
--- head/sys/netinet6/in6.c Wed Jul 31 15:55:01 2013(r253840)
+++ head/sys/netinet6/in6.c Wed Jul 31 16:24:49 2013(r253841)
@@ -2746,6 +2746,13 @@ in6_domifattach(struct ifnet *ifp)
{
struct in6_ifextra *ext;
+ /* There are not IPv6-capable interfaces. */
+ switch (ifp->if_type) {
+ case IFT_PFLOG:
+ case IFT_PFSYNC:
+ case IFT_USB:
+ return (NULL);
+ }
ext = (struct in6_ifextra *)malloc(sizeof(*ext), M_IFADDR, M_WAITOK);
bzero(ext, sizeof(*ext));
Modified: head/sys/netinet6/in6_ifattach.c
==
--- head/sys/netinet6/in6_ifattach.cWed Jul 31 15:55:01 2013
(r253840)
+++ head/sys/netinet6/in6_ifattach.cWed Jul 31 16:24:49 2013
(r253841)
@@ -724,15 +724,8 @@ in6_ifattach(struct ifnet *ifp, struct i
struct in6_ifaddr *ia;
struct in6_addr in6;
- /* some of the interfaces are inherently not IPv6 capable */
- switch (ifp->if_type) {
- case IFT_PFLOG:
- case IFT_PFSYNC:
- ND_IFINFO(ifp)->flags &= ~ND6_IFF_AUTO_LINKLOCAL;
- ND_IFINFO(ifp)->flags |= ND6_IFF_IFDISABLED;
+ if (ifp->if_afdata[AF_INET6] == NULL)
return;
- }
-
/*
* quirks based on interface type
*/
Modified: head/sys/netinet6/nd6.c
==
--- head/sys/netinet6/nd6.c Wed Jul 31 15:55:01 2013(r253840)
+++ head/sys/netinet6/nd6.c Wed Jul 31 16:24:49 2013(r253841)
@@ -1227,6 +1227,8 @@ nd6_ioctl(u_long cmd, caddr_t data, stru
struct nd_prefix *pr;
int i = 0, error = 0;
+ if (ifp->if_afdata[AF_INET6] == NULL)
+ return (EPFNOSUPPORT);
switch (cmd) {
case SIOCGDRLST_IN6:
/*
@@ -1801,6 +1803,8 @@ nd6_slowtimo(void *arg)
nd6_slowtimo, curvnet);
IFNET_RLOCK_NOSLEEP();
TAILQ_FOREACH(ifp, &V_ifnet, if_list) {
+ if (ifp->if_afdata[AF_INET6] == NULL)
+ continue;
nd6if = ND_IFINFO(ifp);
if (nd6if->basereachable && /* already initialized */
(nd6if->recalctm -= ND6_SLOWTIMER_INTERVAL) <= 0) {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253842 - head/sys/mips/conf
Author: sbruno Date: Wed Jul 31 16:26:34 2013 New Revision: 253842 URL: http://svnweb.freebsd.org/changeset/base/253842 Log: device if_bridge gets me a bridge device Modified: head/sys/mips/conf/DIR-825 Modified: head/sys/mips/conf/DIR-825 == --- head/sys/mips/conf/DIR-825 Wed Jul 31 16:24:49 2013(r253841) +++ head/sys/mips/conf/DIR-825 Wed Jul 31 16:26:34 2013(r253842) @@ -25,7 +25,7 @@ nodevice gpio nodevice gpioled nodevice gif nodevice gre -nodevice bridge +nodevice if_bridge nodevice usb nodevice ehci nodevice wlan ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253843 - head/share/man/man4
Author: hrs Date: Wed Jul 31 16:26:41 2013 New Revision: 253843 URL: http://svnweb.freebsd.org/changeset/base/253843 Log: Document net.link.bridge.allow_llz_overlap. Modified: head/share/man/man4/bridge.4 Modified: head/share/man/man4/bridge.4 == --- head/share/man/man4/bridge.4Wed Jul 31 16:26:34 2013 (r253842) +++ head/share/man/man4/bridge.4Wed Jul 31 16:26:41 2013 (r253843) @@ -35,7 +35,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 3, 2013 +.Dd July 27, 2013 .Dt IF_BRIDGE 4 .Os .Sh NAME @@ -185,7 +185,7 @@ and applications use both of them. .Pp To prevent this situation, .Nm -checks whether an link-local scoped IPv6 address is configured on +checks whether a link-local scoped IPv6 address is configured on a member interface to be added and the .Nm interface. @@ -194,13 +194,13 @@ When the interface has IPv6 addresses, IPv6 addresses on the member interface will be automatically removed before the interface is added. -When both -.Nm -interface and the existing member interfaces do not have one, -adding an interface with IPv6 addresses as a new member interface is allowed. -These means only one interface in the link-local scope zone where the -.Nm -interface forms can have link-local scoped IPv6 addresses. +.Pp +This behavior can be disabled by setting +.Xr sysctl 8 +variable +.Va net.link.bridge.allow_llz_overlap +to +.Li 1 . .Pp Note that .Li ACCEPT_RTADV ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253844 - head/sys/mips/conf
Author: sbruno Date: Wed Jul 31 16:27:56 2013 New Revision: 253844 URL: http://svnweb.freebsd.org/changeset/base/253844 Log: Adjust magic numbers to allow attachment of ath(4) modules. Modified: head/sys/mips/conf/DIR-825.hints Modified: head/sys/mips/conf/DIR-825.hints == --- head/sys/mips/conf/DIR-825.hintsWed Jul 31 16:26:41 2013 (r253843) +++ head/sys/mips/conf/DIR-825.hintsWed Jul 31 16:27:56 2013 (r253844) @@ -15,11 +15,11 @@ hint.arge.1.media=1000 hint.arge.1.fduplex=1 # ath0 - slot 17 -hint.pcib.0.bus.0.17.0.ath_fixup_addr=0x1fff1000 +hint.pcib.0.bus.0.17.0.ath_fixup_addr=0x1f661000 hint.pcib.0.bus.0.17.0.ath_fixup_size=4096 # ath1 - slot 18 -hint.pcib.0.bus.0.18.0.ath_fixup_addr=0x1fff5000 +hint.pcib.0.bus.0.18.0.ath_fixup_addr=0x1f665000 hint.pcib.0.bus.0.18.0.ath_fixup_size=4096 # .. and now, telling each ath(4) NIC where to find the firmware ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253845 - in head: . share/man/man4 sys/amd64/conf sys/arm/conf sys/conf sys/dev/random sys/i386/conf sys/ia64/conf sys/mips/conf sys/modules sys/modules/padlock_rng sys/modules/random ...
Author: obrien Date: Wed Jul 31 17:21:18 2013 New Revision: 253845 URL: http://svnweb.freebsd.org/changeset/base/253845 Log: Back out r253779 & r253786. Deleted: head/sys/dev/random/random_adaptors.c head/sys/dev/random/random_adaptors.h head/sys/modules/padlock_rng/ head/sys/modules/rdrand_rng/ head/sys/modules/yarrow_rng/ Modified: head/UPDATING head/share/man/man4/random.4 head/sys/amd64/conf/GENERIC head/sys/arm/conf/AC100 head/sys/arm/conf/ARMADAXP head/sys/arm/conf/ARNDALE head/sys/arm/conf/ATMEL head/sys/arm/conf/AVILA head/sys/arm/conf/BEAGLEBONE head/sys/arm/conf/BWCT head/sys/arm/conf/CAMBRIA head/sys/arm/conf/CNS11XXNAS head/sys/arm/conf/CRB head/sys/arm/conf/CUBIEBOARD head/sys/arm/conf/DB-78XXX head/sys/arm/conf/DB-88F5XXX head/sys/arm/conf/DB-88F6XXX head/sys/arm/conf/DOCKSTAR head/sys/arm/conf/DREAMPLUG-1001 head/sys/arm/conf/EA3250 head/sys/arm/conf/EB9200 head/sys/arm/conf/EFIKA_MX head/sys/arm/conf/EP80219 head/sys/arm/conf/ETHERNUT5 head/sys/arm/conf/GUMSTIX head/sys/arm/conf/HL200 head/sys/arm/conf/HL201 head/sys/arm/conf/IQ31244 head/sys/arm/conf/KB920X head/sys/arm/conf/LN2410SBC head/sys/arm/conf/NSLU head/sys/arm/conf/PANDABOARD head/sys/arm/conf/QILA9G20 head/sys/arm/conf/RPI-B head/sys/arm/conf/SAM9260EK head/sys/arm/conf/SAM9G20EK head/sys/arm/conf/SAM9X25EK head/sys/arm/conf/SHEEVAPLUG head/sys/arm/conf/SN9G45 head/sys/arm/conf/TS7800 head/sys/arm/conf/VERSATILEPB head/sys/arm/conf/ZEDBOARD head/sys/conf/NOTES head/sys/conf/files head/sys/conf/options head/sys/dev/random/ivy.c head/sys/dev/random/nehemiah.c head/sys/dev/random/probe.c head/sys/dev/random/randomdev.c head/sys/dev/random/randomdev.h head/sys/dev/random/randomdev_soft.c head/sys/dev/random/randomdev_soft.h head/sys/dev/random/yarrow.c head/sys/i386/conf/GENERIC head/sys/i386/conf/XBOX head/sys/i386/conf/XEN head/sys/ia64/conf/GENERIC head/sys/mips/conf/AR71XX_BASE head/sys/mips/conf/AR724X_BASE head/sys/mips/conf/AR91XX_BASE head/sys/mips/conf/AR933X_BASE head/sys/mips/conf/BERI_TEMPLATE head/sys/mips/conf/DIR-825 head/sys/mips/conf/GXEMUL head/sys/mips/conf/OCTEON1 head/sys/mips/conf/PB92 head/sys/mips/conf/RT305X head/sys/mips/conf/XLR64 head/sys/mips/conf/XLRN32 head/sys/mips/conf/std.SWARM head/sys/mips/conf/std.XLP head/sys/modules/Makefile head/sys/modules/random/Makefile head/sys/pc98/conf/GENERIC head/sys/powerpc/conf/GENERIC head/sys/powerpc/conf/GENERIC64 head/sys/powerpc/conf/MPC85XX head/sys/powerpc/conf/WII head/sys/sparc64/conf/GENERIC head/tools/tools/sysdoc/sysdoc.sh head/tools/tools/sysdoc/tunables.mdoc Modified: head/UPDATING == --- head/UPDATING Wed Jul 31 16:27:56 2013(r253844) +++ head/UPDATING Wed Jul 31 17:21:18 2013(r253845) @@ -31,19 +31,6 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 10 disable the most expensive debugging functionality run "ln -s 'abort:false,junk:false' /etc/malloc.conf".) -20130729: - random(4) and actual RNG implementations (aka, adaptors) have been - further decoupled. If you are running a custom kernel, you may - need to explicitly enable at least one RNG adaptor in your kernel - config. For example, to use Yarrow, add "options YARROW_RNG" to - your kernel config. For hardware backed RNGs, use either - "RDRAND_RNG" or "PADLOCK_RNG" options. - If you use random.ko via 'random_load="YES"' in /boot/loader.conf - instead of "device random", you will need to change that to - 'yarrow_rng_load="YES"', 'rdrand_rng_load="YES"', or - 'padlock_rng_load="YES"'. random.ko will be loaded automatically - as a dependency module. - 20130726: Behavior of devfs rules path matching has been changed. Pattern is now always matched against fully qualified devfs Modified: head/share/man/man4/random.4 == --- head/share/man/man4/random.4Wed Jul 31 16:27:56 2013 (r253844) +++ head/share/man/man4/random.4Wed Jul 31 17:21:18 2013 (r253845) @@ -23,7 +23,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 29, 2013 +.Dd September 7, 2012 .Dt RANDOM 4 .Os .Sh NAME @@ -43,13 +43,6 @@ The device will probe for certain hardware entropy sources, and use these in preference to the fallback, which is a generator implemented in software. -If the kernel environment MIB's -.Va hw.nehemiah_rng_enable -or -.Va hw.ivy_rng_enable -are set to -.Dq Li 0 , -the associated hardware entropy source will be ignored. .Pp If the device is using the software generator, @@ -81,7 +74,6 @@ device, use the command line: .Pp which results in something like: .Bd -literal -offset indent -kern.random.adaptors: yarrow kern.random.sys.seeded: 1 ker
Re: svn commit: r253786 - in head/sys: dev/random modules/padlock_rng modules/rdrand_rng modules/yarrow_rng
On Wed, Jul 31, 2013 at 05:58:43AM +0400, Andrey Chernov wrote: > On 31.07.2013 4:07, David O'Brien wrote: > > I believe you're talking about this code in > > sys/libkern/arc4random.c:arc4rand() > > > > if (atomic_cmpset_int(&arc4rand_iniseed_state, ARC4_ENTR_HAVE, > > ARC4_ENTR_SEED) || reseed || > >(arc4_numruns > ARC4_RESEED_BYTES) || > >(tv.tv_sec > arc4_t_reseed)) > > arc4_randomstir(); > > > > Without setting 'arc4rand_iniseed_state' from ARC4_ENTR_NONE -> > > ARC4_ENTR_HAVE, we would still call arc4_randomstir() periodically due > > to (tv.tv_sec > arc4_t_reseed) and (arc4_numruns > ARC4_RESEED_BYTES). > > The whole problem is that arc4 is poorly initialized right after boot, > but immediately used in many places like tcp. It reseeds again only > after 5 minutes after boot making vulnerability window at this interval. I realize the motivation for your r249631 change. But as it relates to the change I committed, there is no change in behavior in this. If one is using a hardware RNG, yarrow is not initialized and so the ARC4_ENTR_NONE -> ARC4_ENTR_HAVE transition does not happen. -- -- David (obr...@freebsd.org) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253825 - in head/sys: dev/wi modules modules/wi powerpc/powermac
On 31 July 2013 07:07, Ian Lepore wrote: > I'm more concerned about the 201 files in the base that say I have to > give Mr. Paul credit in any product documentation and advertising > materials (the marketing department is going to love that one, huh?). Welcome to licencing terms hell. This is why there have been occasional sprints in "fixing" the licence terms to be more consistent. > How many other such one-off requirements are buried in the license > blocks of the source that I had no idea existed and am failing to comply > with? That's what well written perl scripts to extract / process copyright notices are for. -adrian ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253779 - in head: . share/man/man4 sys/amd64/conf sys/arm/conf sys/conf sys/dev/random sys/i386/conf sys/ia64/conf sys/mips/conf sys/modules sys/modules/random sys/pc98/conf sys/power
On 31 July 2013 03:40, Philip Paeps wrote: >> * Make Yarrow an optional kernel component -- enabled by "YARROW_RNG" >> option. >> The files sha2.c, hash.c, randomdev_soft.c and yarrow.c comprise yarrow. > > I would really prefer to see this logic reversed. Of course, we expect > people to read UPDATING, but disabling functionality that has been > enabled by default "forever" without any warning, especially in a > security-related context is not cool. Please change YARROW_RNG to > RNG_NO_YARROW or something similar and keep it in by default. If you > think there's a really good reason to kick support out by default, there > are mailing lists to discuss this. I'm 100% against this. I'm getting extremely fed up with the "default is on" bloat that is everywhere in our sub-systems. David is actually _tidying things up_ by making optional devices be standalone devices - that way they show up as very simple to include and expand when making modules of things. Otherwise you turn this into a single, monolithic module that has compile options.. and that sucks. David's way is clean, simple and architecturally well-designed. It's how it should've been done in the first place. I'd like to see people bite the bullet in 10.0 for this and other devices / subsystems. > But what happens to the adaptors if you kldunload random? Things should be correctly refcounted so you can't actually do that if any of the users of it are loaded. >> * If the kernel doesn't have any random_adaptor adapters present then the >> creation of /dev/random is postponed until next random_adaptor is >> kldload'ed. > > This worries me. A fast-booting system might want random numbers in > userland before a random_adaptor is loaded (and properly seeded?). We > don't have particularly stellar support for early random numbers, but we > should be careful not to make it worse. We have an infrastructure for this - it's called /boot/loader.conf . > Also: what happens to in-kernel consumers of random (like TCP) before > the first random_adaptor is attached (and properly seeded)? > > I'd really like to see this get some more review. I'd like to see the architectural changes needed for a cleanup like this take place, rather than getting lost in discussion. For the MIPS boards I hack on/for, I don't have any guaranteed random number generator. So it's Yarrow or bust. So we need to "properly seed" things as best as we can before any hardware random number generators are loaded. The same problem exists for i386/amd64 with hardware PRNGs.. we should ensure yarrow is properly seeded here. Tsk, -adrian ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253846 - head
Author: jimharris Date: Wed Jul 31 18:18:02 2013 New Revision: 253846 URL: http://svnweb.freebsd.org/changeset/base/253846 Log: Add myself as maintainer for nvme(4), nvd(4) and nvmecontrol(8). Modified: head/MAINTAINERS Modified: head/MAINTAINERS == --- head/MAINTAINERSWed Jul 31 17:21:18 2013(r253845) +++ head/MAINTAINERSWed Jul 31 18:18:02 2013(r253846) @@ -128,3 +128,6 @@ sysdoc trhodes Pre-commit review prefe sh(1) jilles Pre-commit review requested. This also applies to kill(1), printf(1) and test(1) which are compiled in as builtins. +nvme(4)jimharris Pre-commit review requested. +nvd(4) jimharris Pre-commit review requested. +nvmecontrol(8) jimharris Pre-commit review requested. ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253825 - in head/sys: dev/wi modules modules/wi powerpc/powermac
On Jul 31, 2013, at 1:09 PM, Adrian Chadd wrote: > On 31 July 2013 07:07, Ian Lepore wrote: > >> I'm more concerned about the 201 files in the base that say I have to >> give Mr. Paul credit in any product documentation and advertising >> materials (the marketing department is going to love that one, huh?). > > Welcome to licencing terms hell. This is why there have been > occasional sprints in "fixing" the licence terms to be more > consistent. > >> How many other such one-off requirements are buried in the license >> blocks of the source that I had no idea existed and am failing to comply >> with? > > That's what well written perl scripts to extract / process copyright > notices are for. Any pointers to freely-available scripts? Thx, Guy ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253825 - in head/sys: dev/wi modules modules/wi powerpc/powermac
On 31 July 2013 11:15, Guy Helmer wrote:
>> That's what well written perl scripts to extract / process copyright
>> notices are for.
>
> Any pointers to freely-available scripts?
Nope. This crap goes for ${STUPID_AMOUNTS_OF_CASH} to companies who
actually have a vested interest in surveying the licencing of files in
software projects.
It's kinda scary.
-adrian
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253786 - in head/sys: dev/random modules/padlock_rng modules/rdrand_rng modules/yarrow_rng
On 31.07.2013 21:46, David O'Brien wrote: > I realize the motivation for your r249631 change. > > But as it relates to the change I committed, there is no change in > behavior in this. If one is using a hardware RNG, yarrow is not > initialized and so the ARC4_ENTR_NONE -> ARC4_ENTR_HAVE transition > does not happen. > Uh, I never claim that it was you who makes this thing broken) I only notice that you touch this area and bring your attention that hardware RNGs should be the same way fixed for arc4 too assuming you have appropriate hardware for tests since you touch it. I don't have such hardware so ever not examine path hardware RNGs go in this case. I hope your commit backing out is not final, but will be returned after secteam@ review with this thing fixed. -- http://ache.vniz.net/ bitcoin:1G6ugdNY6e5jx1GVnAU2ntj2NEfmjKG85r ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253847 - in head/sys: kern nfs
Author: ian
Date: Wed Jul 31 19:14:00 2013
New Revision: 253847
URL: http://svnweb.freebsd.org/changeset/base/253847
Log:
Changes to allow using BOOTP_NFSROOT and mounting an nfs root filesystem
other than the one specified by the BOOTP server. This configures NFS
using the BOOTP protocol while also respecting other root-path options such
as setting vfs.root.mountfrom in the environment or using the RB_DFLTROOT
boot option. It allows you to override the root path provided by the
server, or to supply a root path when the server provides IP configuration
but no root path info.
This maintains the historical BOOTP_NFSROOT behavior of panicking on a
failure to mount the root path provided by the server, unless you've
provided an alternative via the ROOTDEVNAME kernel option or by setting
vfs.root.mountfrom. The behavior of panicking when given no other options
is preserved because it amounts to a bit of a retry loop that could
eventually recover from a transient network or server problem.
The user can now override the root path from loader(8) even if the
kernel is compiled with BOOTP_NFSROOT. If vfs.root.mountfrom is set in
the environment it is used unconditionally -- it always overrides the
BOOTP info. If it begins with [old]nfs: then the BOOTP code uses it
instead of the server-provided info. If it specifies some other
filesystem then the bootp code will not panic like it used to and the code
in vfs_mountroot.c will invoke the right filesystem to do the mount.
If the kernel is compiled with the ROOTDEVNAME option, then that name is
used by the BOOTP code if either
* The server doesn't provide a pathname.
* The boothowto flags include RB_DFLTROOT.
The latter allows the user to compile in alternate path in ROOTDEVNAME
such as ufs:/dev/da0s1a and boot from that path by setting
boot_dftlroot=1 in loader(8) or using the '-r' option in boot(8).
The one thing not provided here is automatic failover from a
server-provided path to a compiled-in one without the user manually
requesting that. The code just isn't currently structured in a way that
makes that possible with a lot of rewrite. I think the ability to set
vfs.root.mountfrom and to use ROOTDEVNAME automatically when the server
doesn't provide a name covers the most common needs.
A set of patches submitted by Lars Eggert provided the part I couldn't
figure out by myself when I tried to do this last year; many thanks.
Reviewed by: rodrigc
Modified:
head/sys/kern/vfs_mountroot.c
head/sys/nfs/bootp_subr.c
Modified: head/sys/kern/vfs_mountroot.c
==
--- head/sys/kern/vfs_mountroot.c Wed Jul 31 18:18:02 2013
(r253846)
+++ head/sys/kern/vfs_mountroot.c Wed Jul 31 19:14:00 2013
(r253847)
@@ -714,8 +714,8 @@ parse_mount(char **conf)
goto out;
}
- if (strcmp(fs, "zfs") != 0 && dev[0] != '\0' &&
- !parse_mount_dev_present(dev)) {
+ if (strcmp(fs, "zfs") != 0 && strstr(fs, "nfs") == NULL &&
+ dev[0] != '\0' && !parse_mount_dev_present(dev)) {
printf("mountroot: waiting for device %s ...\n", dev);
delay = hz / 10;
timeout = root_mount_timeout * hz;
Modified: head/sys/nfs/bootp_subr.c
==
--- head/sys/nfs/bootp_subr.c Wed Jul 31 18:18:02 2013(r253846)
+++ head/sys/nfs/bootp_subr.c Wed Jul 31 19:14:00 2013(r253847)
@@ -45,6 +45,7 @@ __FBSDID("$FreeBSD$");
#include "opt_bootp.h"
#include "opt_nfs.h"
+#include "opt_rootdevname.h"
#include
#include
@@ -55,6 +56,7 @@ __FBSDID("$FreeBSD$");
#include
#include
#include
+#include
#include
#include
#include
@@ -167,6 +169,7 @@ struct bootpc_tagcontext {
struct bootpc_globalcontext {
STAILQ_HEAD(, bootpc_ifcontext) interfaces;
u_int32_t xid;
+ int any_root_overrides;
int gotrootpath;
int gotgw;
int ifnum;
@@ -865,13 +868,14 @@ bootpc_call(struct bootpc_globalcontext
BOOTP_SETTLE_DELAY;
} else
printf(" (ignored)");
- if (ifctx->gotrootpath) {
+ if (ifctx->gotrootpath ||
+ gctx->any_root_overrides) {
gotrootpath = 1;
rtimo = time_second +
BOOTP_SETTLE_DELAY;
- printf(" (got root path)");
- } else
- printf(" (no root path)");
+ if (ifctx->gotrootpath)
+
svn commit: r253849 - head/sys/amd64/vmm/intel
Author: grehan
Date: Thu Aug 1 01:18:51 2013
New Revision: 253849
URL: http://svnweb.freebsd.org/changeset/base/253849
Log:
Correctly maintain the CR0/CR4 shadow registers.
This was exposed with AP spinup of Linux, and
booting OpenBSD, where the CR0 register is unconditionally
written to prior to the longjump to enter protected
mode. The CR-vmexit handling was not updating CPU state which
resulted in a vmentry failure with invalid guest state.
A follow-on submit will fix the CPU state issue, but this
fix prevents the CR-vmexit prior to entering protected
mode by properly initializing and maintaining CR* state.
Reviewed by: neel
Reported by: Gopakumar.T @ netapp
Modified:
head/sys/amd64/vmm/intel/vmx.c
Modified: head/sys/amd64/vmm/intel/vmx.c
==
--- head/sys/amd64/vmm/intel/vmx.c Wed Jul 31 22:54:02 2013
(r253848)
+++ head/sys/amd64/vmm/intel/vmx.c Thu Aug 1 01:18:51 2013
(r253849)
@@ -647,10 +647,10 @@ vmx_vpid(void)
}
static int
-vmx_setup_cr_shadow(int which, struct vmcs *vmcs)
+vmx_setup_cr_shadow(int which, struct vmcs *vmcs, uint32_t initial)
{
int error, mask_ident, shadow_ident;
- uint64_t mask_value, shadow_value;
+ uint64_t mask_value;
if (which != 0 && which != 4)
panic("vmx_setup_cr_shadow: unknown cr%d", which);
@@ -659,26 +659,24 @@ vmx_setup_cr_shadow(int which, struct vm
mask_ident = VMCS_CR0_MASK;
mask_value = cr0_ones_mask | cr0_zeros_mask;
shadow_ident = VMCS_CR0_SHADOW;
- shadow_value = cr0_ones_mask;
} else {
mask_ident = VMCS_CR4_MASK;
mask_value = cr4_ones_mask | cr4_zeros_mask;
shadow_ident = VMCS_CR4_SHADOW;
- shadow_value = cr4_ones_mask;
}
error = vmcs_setreg(vmcs, 0, VMCS_IDENT(mask_ident), mask_value);
if (error)
return (error);
- error = vmcs_setreg(vmcs, 0, VMCS_IDENT(shadow_ident), shadow_value);
+ error = vmcs_setreg(vmcs, 0, VMCS_IDENT(shadow_ident), initial);
if (error)
return (error);
return (0);
}
-#definevmx_setup_cr0_shadow(vmcs) vmx_setup_cr_shadow(0, (vmcs))
-#definevmx_setup_cr4_shadow(vmcs) vmx_setup_cr_shadow(4, (vmcs))
+#definevmx_setup_cr0_shadow(vmcs,init) vmx_setup_cr_shadow(0, (vmcs),
(init))
+#definevmx_setup_cr4_shadow(vmcs,init) vmx_setup_cr_shadow(4, (vmcs),
(init))
static void *
vmx_vminit(struct vm *vm)
@@ -784,11 +782,17 @@ vmx_vminit(struct vm *vm)
if (error != 0)
panic("vmcs_set_msr_save error %d", error);
- error = vmx_setup_cr0_shadow(&vmx->vmcs[i]);
+ /*
+* Set up the CR0/4 shadows, and init the read shadow
+* to the power-on register value from the Intel Sys Arch.
+* CR0 - 0x6010
+* CR4 - 0
+*/
+ error = vmx_setup_cr0_shadow(&vmx->vmcs[i], 0x6010);
if (error != 0)
panic("vmx_setup_cr0_shadow %d", error);
- error = vmx_setup_cr4_shadow(&vmx->vmcs[i]);
+ error = vmx_setup_cr4_shadow(&vmx->vmcs[i], 0);
if (error != 0)
panic("vmx_setup_cr4_shadow %d", error);
}
@@ -1079,7 +1083,7 @@ cantinject:
static int
vmx_emulate_cr_access(struct vmx *vmx, int vcpu, uint64_t exitqual)
{
- int error, cr, vmcs_guest_cr;
+ int error, cr, vmcs_guest_cr, vmcs_shadow_cr;
uint64_t regval, ones_mask, zeros_mask;
const struct vmxctx *vmxctx;
@@ -1156,11 +1160,20 @@ vmx_emulate_cr_access(struct vmx *vmx, i
ones_mask = cr0_ones_mask;
zeros_mask = cr0_zeros_mask;
vmcs_guest_cr = VMCS_GUEST_CR0;
+ vmcs_shadow_cr = VMCS_CR0_SHADOW;
} else {
ones_mask = cr4_ones_mask;
zeros_mask = cr4_zeros_mask;
vmcs_guest_cr = VMCS_GUEST_CR4;
+ vmcs_shadow_cr = VMCS_CR4_SHADOW;
+ }
+
+ error = vmwrite(vmcs_shadow_cr, regval);
+ if (error) {
+ panic("vmx_emulate_cr_access: error %d writing cr%d shadow",
+ error, cr);
}
+
regval |= ones_mask;
regval &= ~zeros_mask;
error = vmwrite(vmcs_guest_cr, regval);
@@ -1615,6 +1628,27 @@ vmxctx_setreg(struct vmxctx *vmxctx, int
}
static int
+vmx_shadow_reg(int reg)
+{
+ int shreg;
+
+ shreg = -1;
+
+ switch (reg) {
+ case VM_REG_GUEST_CR0:
+ shreg = VMCS_CR0_SHADOW;
+break;
+case VM_REG_GUEST_CR4:
+ shreg = VMCS_CR4_SHADOW;
+ break;
+ default:
+ break;
+
svn commit: r253850 - head/usr.bin/truss
Author: markj
Date: Thu Aug 1 02:57:04 2013
New Revision: 253850
URL: http://svnweb.freebsd.org/changeset/base/253850
Log:
Properly print arguments to vfork(2) and rfork(2).
PR: 180976
Submitted by: Yuri (original patch)
MFC after:1 week
Modified:
head/usr.bin/truss/syscall.h
head/usr.bin/truss/syscalls.c
Modified: head/usr.bin/truss/syscall.h
==
--- head/usr.bin/truss/syscall.hThu Aug 1 01:18:51 2013
(r253849)
+++ head/usr.bin/truss/syscall.hThu Aug 1 02:57:04 2013
(r253850)
@@ -40,7 +40,7 @@ enum Argtype { None = 1, Hex, Octal, Int
Fd_set, Sigaction, Fcntl, Mprot, Mmapflags, Whence, Readlinkres,
Umtx, Sigset, Sigprocmask, Kevent, Sockdomain, Socktype, Open,
Fcntlflag, Rusage, BinString, Shutdown, Resource, Rlimit, Timeval2,
- Pathconf };
+ Pathconf, Rforkflags };
#defineARG_MASK0xff
#defineOUT 0x100
Modified: head/usr.bin/truss/syscalls.c
==
--- head/usr.bin/truss/syscalls.c Thu Aug 1 01:18:51 2013
(r253849)
+++ head/usr.bin/truss/syscalls.c Thu Aug 1 02:57:04 2013
(r253850)
@@ -93,6 +93,9 @@ static struct syscall syscalls[] = {
{ .name = "fcntl", .ret_type = 1, .nargs = 3,
.args = { { Int, 0 } , { Fcntl, 1 }, { Fcntlflag | OUT, 2 } } },
{ .name = "fork", .ret_type = 1, .nargs = 0 },
+ { .name = "vfork", .ret_type = 1, .nargs = 0 },
+ { .name = "rfork", .ret_type = 1, .nargs = 1,
+ .args = { { Rforkflags, 0 } } },
{ .name = "getegid", .ret_type = 1, .nargs = 0 },
{ .name = "geteuid", .ret_type = 1, .nargs = 0 },
{ .name = "getgid", .ret_type = 1, .nargs = 0 },
@@ -369,6 +372,11 @@ static struct xlat pathconf_arg[] = {
XEND
};
+static struct xlat rfork_flags[] = {
+ X(RFPROC) X(RFNOWAIT) X(RFFDG) X(RFCFDG) X(RFTHREAD) X(RFMEM)
+ X(RFSIGSHARE) X(RFTSIGZMB) X(RFLINUXTHPN) XEND
+};
+
#undef X
#undef XEND
@@ -906,6 +914,9 @@ print_arg(struct syscall_args *sc, unsig
case Pathconf:
tmp = strdup(xlookup(pathconf_arg, args[sc->offset]));
break;
+ case Rforkflags:
+ tmp = strdup(xlookup_bits(rfork_flags, args[sc->offset]));
+ break;
case Sockaddr: {
struct sockaddr_storage ss;
char addr[64];
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253825 - in head/sys: dev/wi modules modules/wi powerpc/powermac
On 8/1/13 2:09 AM, Adrian Chadd wrote: On 31 July 2013 07:07, Ian Lepore wrote: I'm more concerned about the 201 files in the base that say I have to give Mr. Paul credit in any product documentation and advertising materials (the marketing department is going to love that one, huh?). That's why apple put out a little brochure with each iphone that has MY NAME IN IT! :-) Honestly I think it's a pain and we have been trying to reduce it but it's not that easy. you can't take rights away from someone without asking them. Welcome to licencing terms hell. This is why there have been occasional sprints in "fixing" the licence terms to be more consistent. How many other such one-off requirements are buried in the license blocks of the source that I had no idea existed and am failing to comply with? That's what well written perl scripts to extract / process copyright notices are for. -adrian ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253852 - head/sbin/route
Author: hrs
Date: Thu Aug 1 04:50:46 2013
New Revision: 253852
URL: http://svnweb.freebsd.org/changeset/base/253852
Log:
Fix boundary check of sockaddr array.
Reported by: uqs
Modified:
head/sbin/route/route.c
Modified: head/sbin/route/route.c
==
--- head/sbin/route/route.c Thu Aug 1 03:43:52 2013(r253851)
+++ head/sbin/route/route.c Thu Aug 1 04:50:46 2013(r253852)
@@ -1146,6 +1146,8 @@ getaddr(int idx, char *str, struct hoste
char *q;
#endif
+ if (idx < 0 || idx >= RTAX_MAX)
+ usage("internal error");
if (af == 0) {
#if defined(INET)
af = AF_INET;
@@ -1162,9 +1164,6 @@ getaddr(int idx, char *str, struct hoste
hpp = NULL;
#endif
rtm_addrs |= (1 << idx);
-
- if (idx > RTAX_MAX)
- usage("internal error");
sa = (struct sockaddr *)&so[idx];
sa->sa_family = af;
sa->sa_len = aflen;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r253504 - head/sbin/route
Ulrich Spörlein wrote
in <20130724130046.gd9...@acme.spoerlein.net>:
uq> On Sat, 2013-07-20 at 16:46:51 +, Hiroki Sato wrote:
uq> > Author: hrs
uq> > Date: Sat Jul 20 16:46:51 2013
uq> > New Revision: 253504
uq> > URL: http://svnweb.freebsd.org/changeset/base/253504
uq> >
uq> > Log:
uq> > - Simplify getaddr() and print_getmsg() by using RTAX_* instead of RTA_*
uq> > as the argument.
uq> > - Reduce unnecessary loop in print_getmsg().
uq> >
uq> > Modified:
uq> > head/sbin/route/route.c
uq> >
uq> > Modified: head/sbin/route/route.c
uq> >
==
uq> > --- head/sbin/route/route.c Sat Jul 20 15:58:43 2013
(r253503)
uq> > +++ head/sbin/route/route.c Sat Jul 20 16:46:51 2013
(r253504)
uq> > @@ -1105,7 +1105,7 @@ inet6_makenetandmask(struct sockaddr_in6
uq> > * returning 1 if a host address, 0 if a network address.
uq> > */
uq> > static int
uq> > -getaddr(int which, char *str, struct hostent **hpp, int nrflags)
uq> > +getaddr(int idx, char *str, struct hostent **hpp, int nrflags)
uq> > {
uq> > struct sockaddr *sa;
uq> > #if defined(INET)
uq> > @@ -1130,36 +1130,16 @@ getaddr(int which, char *str, struct hos
uq> > aflen = sizeof(struct sockaddr_dl);
uq> > #endif
uq> > }
uq> > - rtm_addrs |= which;
uq> > + rtm_addrs |= (1 << idx);
uq> >
uq> > - switch (which) {
uq> > - case RTA_DST:
uq> > - sa = (struct sockaddr *)&so[RTAX_DST];
uq> > - break;
uq> > - case RTA_GATEWAY:
uq> > - sa = (struct sockaddr *)&so[RTAX_GATEWAY];
uq> > - break;
uq> > - case RTA_NETMASK:
uq> > - sa = (struct sockaddr *)&so[RTAX_NETMASK];
uq> > - break;
uq> > - case RTA_GENMASK:
uq> > - sa = (struct sockaddr *)&so[RTAX_GENMASK];
uq> > - break;
uq> > - case RTA_IFA:
uq> > - sa = (struct sockaddr *)&so[RTAX_IFA];
uq> > - break;
uq> > - case RTA_IFP:
uq> > - sa = (struct sockaddr *)&so[RTAX_IFP];
uq> > - break;
uq> > - default:
uq> > + if (idx > RTAX_MAX)
uq> > usage("internal error");
uq> > - /*NOTREACHED*/
uq> > - }
uq> > + sa = (struct sockaddr *)&so[idx];
uq>
uq> Coverity Scan flags this as an out-of-bounds write. RTAX_MAX is 8, so
uq> idx can be up to 8 (inclusive) in the check above. Do you want to check
uq> for idx >= RTAX_MAX maybe? idx is also signed ...
uq>
uq> Coverity CID is 1054779, btw.
Sorry for the delay. Thank you for pointing out it. Yes, the check
was wrong by one. Fixed in r253852.
-- Hiroki
pgpzTdefq6VBC.pgp
Description: PGP signature
svn commit: r253853 - head/etc
Author: jlh Date: Thu Aug 1 05:50:42 2013 New Revision: 253853 URL: http://svnweb.freebsd.org/changeset/base/253853 Log: Include /usr/local/etc/libmap.d/ by default. PR: 180568 Reviewed by: bapt Obtained from:kib MFC after:3 days Added: head/etc/libmap.conf (contents, props changed) Modified: head/etc/Makefile Modified: head/etc/Makefile == --- head/etc/Makefile Thu Aug 1 04:50:46 2013(r253852) +++ head/etc/Makefile Thu Aug 1 05:50:42 2013(r253853) @@ -22,6 +22,7 @@ BIN1= crontab \ hosts.equiv \ inetd.conf \ libalias.conf \ + libmap.conf \ login.access \ login.conf \ mac.conf \ Added: head/etc/libmap.conf == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/etc/libmap.confThu Aug 1 05:50:42 2013(r253853) @@ -0,0 +1,2 @@ +# $FreeBSD$ +includedir /usr/local/etc/libmap.d ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r253854 - head/sys/amd64/vmm
Author: grehan Date: Thu Aug 1 05:59:28 2013 New Revision: 253854 URL: http://svnweb.freebsd.org/changeset/base/253854 Log: Moved clearing of vmm_initialized to avoid the case of unloading the module while VMs existed. This would result in EBUSY, but would prevent further operations on VMs resulting in the module being impossible to unload. Submitted by: Tycho Nightingale (tycho.nightingale plurisbusnetworks.com) Reviewed by: grehan, neel Modified: head/sys/amd64/vmm/vmm.c Modified: head/sys/amd64/vmm/vmm.c == --- head/sys/amd64/vmm/vmm.cThu Aug 1 05:50:42 2013(r253853) +++ head/sys/amd64/vmm/vmm.cThu Aug 1 05:59:28 2013(r253854) @@ -224,8 +224,13 @@ vmm_handler(module_t mod, int what, void iommu_cleanup(); vmm_ipi_cleanup(); error = VMM_CLEANUP(); + /* +* Something bad happened - prevent new +* VMs from being created +*/ + if (error) + vmm_initialized = 0; } - vmm_initialized = 0; break; default: error = 0; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
