Add a new 'clear driver' command for devctl along with the accompanying
ioctl and devctl_clear_driver() library routine to reset a device to
use a wildcard devclass instead of a fixed devclass. This can be used
to undo a previous 'set driver' command. After the device's name has
been reset to permit wildcard names, it is reprobed so that it can
attach to newly-available (to it) device drivers.
MFC after: 1 month
Sponsored by: Chelsio Communications
to newsyslog, etc made in the past month.
The issue is being root-caused as part of the bug noted below. This commit
will need to be partially reverted once the issue has been found/fixed
PR: 212160
Reported by: Jenkins
Sponsored by: EMC / Isilon Storage Division
Decouple the send and receive limits on the amount of data in a single
iSCSI PDU. MaxRecvDataSegmentLength is declarative, not negotiated, and
is direction-specific so there is no reason for both ends to limit
themselves to the same min(initiator, target) value in both directions.
Allow iSCSI drivers to report their send, receive, first burst, and max
burst limits explicitly instead of using hardcoded values or trying to
derive all of them from the receive limit (which was the only limit
reported by the drivers prior to this change).
Display the send and receive limits separately in the userspace iSCSI
utilities.
Reviewed by: jpaetzel@ (earlier version), trasz@
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D7279
This makes it possible to use it with external supervisors.
The "-n" flag name is compatible with Linux, NetBSD, and OpenBSD.
Reviewed by: jilles, pfg, wblock
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D7581
The wl(4) driver supports pre-802.11 PCCard wireless adapters that
are slower than 802.11b. They do not work with any of the 802.11
framework and the driver hasn't been reported to actually work in a
long time.
Relnotes: yes
The si(4) driver supported multiport serial adapters for ISA, EISA, and
PCI buses. This driver does not use bus_space, instead it depends on
direct use of the pointer returned by rman_get_virtual(). It is also
still locked by Giant and calls for patch testing to convert it to use
bus_space were unanswered.
Relnotes: yes
Uses of commas instead of a semicolons can easily go undetected. The comma
can serve as a statement separator but this shouldn't be abused when
statements are meant to be standalone.
Detected with devel/coccinelle following a hint from DragonFlyBSD.
MFC after: 1 month
The interpretation of the Electromechanical Interlock Status was
inverted, so we disengaged the EI if a card was inserted.
Fix it to engage the EI if a card is inserted.
When displaying the slot capabilites/status with pciconf:
- We inverted the sense of the Power Controller Control bit,
saying the power was off when it was really on (according to
this bit). Fix that.
- Display the status of the Electromechanical Interlock:
EI(engaged)
EI(disengaged)
Reviewed by: jhb
MFC after: 3 days
Sponsored by: Dell Inc.
Differential Revision: https://reviews.freebsd.org/D7426
During the last attempt to rmeove GNU rcs, 2 blockers were spotted:
We need an ident(1) and etcupdate(8) uses merge(1).
Now nothing should prevent to remove rcs from base
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D7401
kgzip is only useful on i386 and has a number of other limitations.
We're better served by officially deprecating it and encouraging users
to use loader(8) instead.
Reviewed by: dteske, wblock
Differential Revision: https://reviews.freebsd.org/D7098
The most recent version of bsdinstall does not seem to respect any of
the checkboxes in the "Choose the services you would like to be started
at boot" dialog. None of the chosen services end up in the rc.conf file
that is installed onto the target system.
This is caused by the bsdinstall/scripts/hardening script, which
implements the new hardening options dialog. The script starts by
overwriting the previously written rc.conf.services file:
echo -n > $BSDINSTALL_TMPETC/rc.conf.services
which is obviously incorrect. It should clear out rc.conf.hardening
instead.
Reviewed by: allanjude
PR: 211506
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D7387
Just like with freelocale(3), I haven't been able to find any piece of
code that actually makes use of this function's return value, both in
base and in ports. The reason for this is that FreeBSD seems to be the
only operating system to have such a prototype. This is why I'm deciding
to not use symbol versioning for this.
It does seem that the pw(8) utility depends on the function's typing and
already had a switch in place to toggle between the FreeBSD and POSIX
variant of this function. Clean this up by always expecting the POSIX
variant.
There is also a single port that has a couple of local declarations of
setgrent(3) that need to be patched up. This is in the process of being
fixed.
PR: 211394 (exp-run)
Pull copies of the input pathname string before calling basename() and
dirname() to make this comply to POSIX. Free these copies at the end of
this function. While there, remove the duplication of the 's' ->
'logfname' string. There is no need for this.
"io" is the default, and allows VGA i/o registers to be
accessed. This is required by Win7/2k8 graphics guests that
use a combination of BIOS int10 and UEFI.
"off" disables all VGA i/o and mem accesses.
"on" is not yet hooked up, but will enable full VGA rendering.
OpenBSD/UEFI >= 5.9 graphics guests can be booted using "vga=off"
- Allow "rfb" to be used instead of "tcp" for the fbuf VNC
description. "tcp" will be removed at a future point and is
kept as an alias.
Discussed with: Leon Dang
MFC after: 3 days
injected without state being set up.
This fixes a core dump when dropping to the UEFI prompt
with graphics enabled and moving the mouse around.
Discussed with: Leon Dang
MFC after: 3 days
The target must reply with the selected value of MaxBurstSize instead of
just echoing back the initiator's offered value.
Reviewed by: mav@
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D7278
If gdb from ports is installed, use it instead of the base system gdb
to extract variables from a kernel. Note that base gdb and ports gdb
do not support the same options for invoking a single command in batch
mode, so a wrapper shell function is used. In addition, prefer kgdb
from ports when generating a backtrace if present.
PR: 193335
Reviewed by: emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D7218
May 22 21:51:39 2011 +0000 (christos):
From Nathan Whitehorn (nwhitehorn at freebsd dot org):
Add code to generate bootable ISOs on Powermac and CHRP systems.
Synthesize some partition maps (APM and MBR, respectively) pointing
to (a) the whole disk, and (b) relevant El Torito boot images that
have been added by other code. These partition maps are a little
bit funny looking, but they seem to work. FreeBSD has been using
this successfully in their release generation on powerpc, as well
as generating all non-SPARC install media. SPARC support could
probably be added as an extension of this patch.
makefs.8 1.33
Tue Aug 23 17:09:11 2011 +0000 (christos):
PR/45285: Martin Matuska: makefs does not properly convert ISO level 1 and 2
filenames (buffer overflow)
makefs does not properly verify the maximum filename length in the
special "." case for both ISO level 1 and ISO level 2 filename
conversion. This creates broken images or causes a buffer overflow
(ISO level 2).
ISO level 1:
If a filename contains only dots or up to 8 characters followed by
dots the 8+3 limit check doesn't work.
ISO level 2:
If a filename contains a dot in the first 30 characters and a dot
on the 30th character, the length limit check doesn't work and the
buffer is overflowed.
$ mkdir level1
$ touch level1/12345............
$ makefs -t cd9660 -o isolevel=1 test.iso level1
$ mkdir level2
$ touch level2/1234567890.2345678901234567.....34567890123456789012345
$ makefs -t cd9660 -o isolevel=2 test.iso level2
cd9660.c 1.32
Sun Oct 9 21:33:43 2011 +0000 (christos):
add support for setting the ufs label. (Nathan Whitehorn)
ffs.c 1.45
ffs.h 1.2
mkfs.c 1.22
makefs.8 1.37
Obtained from: NetBSD
From NetBSD, Mon Aug 15 14:45:01 2011 +0000 (wiz)
Re-order `usage' alphabetically;
rename option arguments in the manpage's `SYNOPSIS' section to
match those from `usage' (not the other way around; the `usage'-line
(and other parts of makefs.c) contain the correct names);
minor punctuation improvements.
From Snader_LB.
makefs.8 1.36
makefs.c 1.30
Obtained from: NetBSD
printed. The HW_REDUCED flag is useful as it should be set on arm64 to
comply with the ARM Server Base Boot Requirements.
Obtained from: ABT Systems Ltd
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
If an encrypted install is attempted and fails for any reason, the disk
cannot be erased by the installer because the partition is in use by GELI
At the start of the installation process, all ZFS pools are exported and
all GELI instances are detached, to allow a restarted install to proceed
PR: 210814
Reported by: jonathan
MFC after: 10 days
The pools are exported and reimported in order to write the bootcode
This causes an error when the bootpool is later mounted by common code
The bootpool is now imported with the -N flag to prevent mounting
Reported by: Michael Dexter
MFC after: 5 days
There seems no hard limit on number of segments per packet in the chip,
and 20 appeared insufficient. Hope 64 will be enough, but if not -- add
check to report that and drop the packet instead of corrupting stack.
This patch add new 'hardening' file responsible for new bsdinstall
'System Hardening' menu allowing users to set some sane and carefully
picked system security options (like random process id's, hiding
other users/groups processes and others).
All options are OFF by default in this patch due to POLA principle
with intention to turn change some of them to ON by default in future.
Reviewed by: adrian, allanjude, bdrewery, nwhitehorn
Approved by: adrian, allanjude
MFC after: 7 days
This makes factual interrupt routing match one shipped with UEFI firmware.
With old firmware this make legacy interrupts work reliable for functions 0
of PCI slots 3-6. Updated UEFI image fixes problem completely.
Not having the correct date and time makes many PKI based things not work
In 10 and 11, it can mean that Unbound, ntpd, and sshd won't start
Submitted by: des (original patch)
MFC after: 7 days
Otherwise, it will silently disable the login for the selected account if
the argument is unrecognizable.
usr.sbin/pw/pw.h
usr.sbin/pw/pw_conf.c
usr.sbin/pw/pw_user.c
Use separate rules to validate boolean parameters and passwd
parameters. Error out if a password parameter cannot be parsed.
usr.sbin/pw/tests/Makefile
usr.sbin/pw/tests/crypt.c
usr.sbin/pw/tests/pw_useradd.sh
usr.sbin/pw/tests/pw_usermod.sh
Add tests for the validation. Also, enhance existing
password-related tests to actually validate that the correct hash is
written to master.passwd.
Reviewed by: bapt
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6840
New .meta files will be created without filemon data, but any future build
that wants filemon data will force a rebuild due to the missing data
due to use of bmake's .MAKE.MODE=missing-filemon=yes feature.
Reported by: np
Sponsored by: EMC / Isilon Storage Division
MFC after: 3 days
with 11.0+, where the debugging symbols use a new naming scheme for release
distribution files.
Errata candidate.
Approved by: cperciva
Differential Revision: https://reviews.freebsd.org/D7170
The code was successfully tested with FreeBSD, Linux, Solaris and Windows
guests. This interface is predictably slower (about 2x) then virtio-net,
but it is very helpful for guests not supporting virtio-net by default.
Thanks to Jeremiah Lott and Peter Grehan for doing original heavy lifting.
It was useless before, but may improve performance now if multiple devices
are configured and guest supports this feature.
Sponsored by: iXsystems, Inc.
While old syntax is still supported, new syntax looks like this:
-s 3,ahci,hd:/dev/zvol/XXX,hd:/dev/zvol/YYY,cd:/storage/ZZZ.iso
Sponsored by: iXsystems, Inc.
any open vnodes before proceeding. Make autounmound(8) use this flag.
Without it, even an unsuccessfull unmount causes filesystem flush,
which interferes with normal operation.
Reviewed by: kib@
Approved by: re (gjb@)
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D7047
Add `WRAPPED_CTASSERT` macro by annotating CTASSERTs with __unused
to deal with -Wunused-local-typedefs warnings from gcc 4.8+.
All other compilers (clang, etc) use CTASSERT as-is. A more generic
solution for this issue will be proposed after ^/stable/11 is forked.
Consolidate all CTASSERTs under one block instead of inlining them in
functions.
Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D7119
MFC after: 1 week
Reported by: Jenkins
Reviewed by: grehan (maintainer)
Sponsored by: EMC / Isilon Storage Division
Put cfl/prdt under AHCI_DEBUG #defines as they are only used in
those cases.
Approved by: re (gjb)
Differential Revision: https://reviews.freebsd.org/D7119
MFC after: 1 week
Reported by: Jenkins
Reviewed by: grehan (maintainer)
Sponsored by: EMC / Isilon Storage Division
this on the branch.
Original commit message:
Initial bhyve native graphics support.
This adds emulations for a raw framebuffer device, PS2 keyboard/mouse,
XHCI USB controller and a USB tablet.
A simple VNC server is provided for keyboard/mouse input, and graphics
output.
A VGA emulation is included, but is currently disconnected until an
additional bhyve change to block out VGA memory is committed.
Credits:
- raw framebuffer, VNC server, XHCI controller, USB bus/device emulation
and UEFI f/w support by Leon Dang
- VGA, console/g, initial VNC server by tychon@
- PS2 keyboard/mouse jointly done by tychon@ and Leon Dang
- hypervisor framebuffer mem support by neel@
Tested by: Michael Dexter, in a number of revisions of this code.
With the appropriate UEFI image, FreeBSD, Windows and Linux guests can
installed and run in graphics mode using the UEFI/GOP framebuffer.
Approved by: re (gjb)
Apply the LenovoFix (fake partition in pMBR is 2nd rather than 1st)
and GPT Active fix (mark the fake pMBR partition active) to respective
hardware that is confirmed to require such to boot correct.
Submitted by: Sam Fourman Jr. <sfourman@gmail.com> (ThinkPad W520)
Submitted by: Matthias Apitz <guru@unixarea.de> (Latitude E6330)
Approved by: re (gjb)
Sponsored by: ScaleEngine Inc.
A separate bootpool is used when the selected partition type is MBR
or when the disk is GELI encrypted and a UEFI loader is selected.
BIOS avoids the bootpool by using bootcode and loader that support GELI.
bsdinstall did not remount the bootpool after creating the main pool,
which caused an error when mkdir tried to create /boot/zfs
PR: 210717
Approved by: re (gjb)
Sponsored by: ScaleEngine Inc.
A couple of minor memory size option related nits:
- use common name 'memsize' (instead of 'max-size' or just 'size')
- bhyve: update usage with memsize unit suffix, drop legacy "MB"
unit
- bhyveload: update usage with memsize unit suffix
- bhyve(8): document default size
- bhyveload(8): use memsize formatting like it's done
in bhyve(8)
Reviewed by: wblock, grehan
Approved by: re (kib), wblock, grehan
Differential Revision: https://reviews.freebsd.org/D6952
usr.bin/lastcom/tests/Makefile
usr.sbin/sa/tests/Makefile
Set allow_architectures appropriately. These tests depend on golden
files that must be generated for each architecture, and haven't yet
been generated for all of them.
PR: 210566
PR: 204154
Reviewed by: ngie
Approved by: re (gjb)
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6960
curses and libedit don't play well together. After last year's libedit
upgrade in head, they play even less well together. This change resets some
curses settings after they get screwed up by libedit calls. Without it,
gstat's interactive commands require an extra "enter", screw up the terminal
on exit, and screw up the display if the user enters an invalid filter
string.
PR: 204852
Submitted by: Keith White
Reviewed by: pfg
Approved by: re (gjb)
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6934
A larger EFI file system size will facilitate multi-boot configurations
and the installation other EFI applications like firmware update tools.
200MB matches OS X.
Note that this changes only the partition size, not the file system that
bsdinstall places there. We need to do both, but as the partition size
is difficult to adjust later make this change for now so that at least
systems installed with FreeBSD 11.0 have a partition layout with room
to grow.
Reviewed by: allanjude, imp
Approved by: re (gjb)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D6935
usr.sbin/rpcbind/tests/addrmerge_test.c
Fix some sizeof calculations that work only by luck on 64-bit
platforms.
PR: 210314
Reviewed by: ngie
Approved by: re (kib)
Reported by: Mark Millard
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6855
This is taken from the NetBSD versions listed below and adapted to the
makefs version in FreeBSD, along with a bug fix from cem@ that will be
sent to NetBSD.
Reviewed by: pfg
Approved by: re (gjb)
Obtained from: NetBSD
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D6835
This will help ensure that the right error is trickled up when the
function is called if the lock status is NFS_RESERR
Differential Revision: https://reviews.freebsd.org/D6622
Reviewed by: rmacklem
Approved by: re (gjb)
Tested with: fsx; svn info/svnversion (uses bdb locking); locktests from Bull http://nfsv4.bullopensource.org/tools/tests/locktest.php
MFC after: 2 weeks
Reported by: Coverity
CID: 1008161, 1304956
Sponsored by: EMC / Isilon Storage Division
Fix an error where vfs.root.mountfrom was not always set as required
when creating a bootpool. After the recent geliboot changes, it was only
set if the main pool was encrypted.
Also resolve an error where the bootpool was unmounted twice causing
bsdinstall to stop with an error message about the failed command.
Approved by: re (gjb)
Sponsored by: BSDCan Hacker Lounge
xdr_rpcproc, xdr_rpcprog and xdr_rpcvers were broken in older
versions of FreeBSD but fixed in r296394. Give them some use
hoping they help make the code somewhat more readable.
Allow to setup country and/or regulatory domain before scanning
(since channel list is affected by regulatory restrictions this may
impact scan results).
PR: 182600 (originally)
Differential Revision: https://reviews.freebsd.org/D6325
Not returning if rtype == RPCBVERS_STAT will cause us to overrun the inf array, as
it's defined to be exactly RPCBVERS_STAT elements in rpcb_prot.x:
> include/rpc/rpcb_prot.x:typedef rpcb_stat rpcb_stat_byvers[RPCBVERS_STAT];
The proposed change also matches the rest of the rtype upper bound checks in the
file, so the original change was likely a typo.
MFC after: 2 weeks
Reported by: Coverity
CID: 1007567
Reviewed by: truckman
Sponsored by: EMC / Isilon Storage Division
This is influenced by the ath3k driver from linux (circa 2013, this is
how long I've been sitting on this.)
It handles loading in firmware using the newer model, where it assembles
the right set of firmware blobs and board configuration based on the
device list and querying the device.
The older utility could only load in a single image - which sometimes
was ath3k-1.fw and sometimes was ath3k-2.fw. However, the ath3k maintainers
didn't want to keep adding in binaries that were just derivatives with a
separate board config, so they deleted ath3k-2.fw from the Linux firmware
repository and instead, well, did this.
Now, this has been tested against AR3011 and AR3012 NICs from the AR9285+BT
combo up through to the QCA9565+BT combo. It doesn't yet work with the
QCAFN222 NIC as that is some newer chip.
The firmware can be grabbed from https://github.com/erikarn/ath3kfw/ in
the share/firmware/ath3k directory. I'll update this utility over time
to support the newer firmware drops (newer than mid-2013) which should
pull in the QCNFA222 and subsequent chips.
Tested:
* AR9285 + BT
* AR9287 + BT
* AR9485 + BT
* AR9462 + BT
* QCA9565 + BT
nis_ypldap_enable and nis_ypldap_flags.
Also add an entry on ypldap(8) that it is a feature ready and
appears on FreeBSD 11.0.
Requested by: rodrigc
Relnotes: Yes
After going through the signal work list, during which do_sigwork()
is called and essentially does nothing because -s and -R were
specified on the command line, newsyslog will sleep for 10 seconds
as the (verbose) code says: "Pause 10 seconds to allow daemon(s)
to close log file(s)".
However, the man page verbiage for -R (and -s) seems quite clear
that this sleep() is unnecessary because the daemon was expected
to have already closed the log file before calling newsyslog.
PR: 210020
Submitted by: David A. Bright <david_a_bright@dell.com>
MFC after: 1 week
Sponsored by: Dell Inc.
Differential Revision: https://reviews.freebsd.org/D6727
The first file in these lists will generate everything else so only
it should be getting a .meta file. With bmake's missing=yes meta
feature these would otherwise cause a rebuild without the
.NOMETA hint.
Sponsored by: EMC / Isilon Storage Division
Install the blacklistd.conf man page, missed in the original commit.
Submitted by: Herbert J. Skuhra ( herbert at mailbox.org )
Reviewed by: rpaulo
Approved by: rpaulo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D6702
for the CONFS issue with dma.conf and ppp.conf.
Thank you very much to Bryan Drewery for looking into the
problem and providing this fix.
Pointyhat: gjb
Sponsored by: The FreeBSD Foundation
Files listed in 'CONFS' are not properly included in new
installations (missing from base.txz), for reasons I still
do not fully understand.
This reverts the change excluding /etc/ppp/ppp.conf from
a new installation. /etc/dma/dma.conf is also affected,
but requires a different solution, still being investigated.
Reported by: Ben Woods
Sponsored by: The FreeBSD Foundation
If tzsetup UTC is run then it successfully configured the system for UTC
including installing /etc/localtime however if the user ran just tzsetup
for interactive configuration and select UTC no /etc/localtime was installed
which resulted in failures for utilities which require said file.
Change set_zone_utc to call install_zoneinfo("UTC") to ensure that
/etc/localtime is created for interactive UTC selection.
Users who have previously run tzsetup in interactive mode and select UTC
can install the missing /etc/localtime by running tzsetup -r.
Also correct static miss-match for set_zone_utc.
MFC after: 2 weeks
Relnotes: Yes
Sponsored by: Multiplay
Comparing a character array against NULL serves no purpose. In any case
we are always asigning a value just before using the value so obviate
the comparison altogether.
Reviewed by: ngie
Differential Revision: https://reviews.freebsd.org/D6651
CID: 1008422
In the event MK_INET6 != no in userspace, but is disabled in the
kernel, or if there aren't any IPv6 addresses configured in userspace
(for lo0 and all physical interfaces), rpcbind would terminate
immediately instead of silently failing on
Skip over the IPv6 block to its respective cleanup with freeifaddrs if
creating the socket failed instead of terminating rpcbind immediately
MFC after: 6 days
X-MFC with: r300932
Reported by: O. Hartmann <ohartman@zedat.fu-berlin.de>
Sponsored by: EMC / Isilon Storage Division
- getaddrinfo() sets res = NULL on failure and freeaddrinfo() always
dereferences its argument, so we should only free the address list after
a successful call.
- Address a second potential leak caused by getaddrinfo(AF_INET6)
overwriting the address list returned by getaddrinfo(AF_INET).
X-MFC-With: r300941
POSIX requires that the argument of dirname() is of type "char *". In
other words, the input buffer can be modified by the function to store
the directory name.
Pull a copy of the string before calling dirname(). We don't care about
freeing up the memory afterwards, as this is done at the very bottom of
main(), right before the program terminates.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D6628
- malloc failing will result in a delayed segfault
- socket failing will result in delayed failures with setsockopt
Exit in the event that either of these high-level conditions are met.
Reported by: Coverity
CID: 976288, 976321, 976858
Sponsored by: EMC / Isilon Storage Division
When bhyve cannot open a backing file, it now says explicitly which file
could not be opened
Note that the change has only be maed in block_if.c and not in
pci_virtio_block.c as the error will always be catched by the first
PR: 202321 (different patch)
Reviewed by: grehan
MFC after: 3 day
Sponsored by: Gandi.net
Differential Revision: https://reviews.freebsd.org/D6576
Passing MAKEOBJDIRPREFIX to the main prog build (rescue) would confuse
WITH_AUTO_OBJ and cause it to create a recursed object directory that
then broke the actual prog build. This is normally not a problem since
we do not call 'make -f prog.mk obj' before building anything in it.
Crunchgen(1) also assumes that if -o is not passed then if an object
directory does not already exist then it should build in the source
directories. The normal buildworld process will have already ran 'make
obj' in each of the component directories so this is not a problem.
With WITH_AUTO_OBJ though this is not the case. So we must tell
crunchgen(1) that MK_AUTO_OBJ=yes will create the directory and to not
require it be present before generating its Makefile.
Sponsored by: EMC / Isilon Storage Division
The POSIX basename() function is allowed to modify its input buffer,
which means its argument is "char *". Pull a copy of the input string
before computing the base.
Reviewed by: jtl
Differential Revision: https://reviews.freebsd.org/D6465
At line 479 of ldapclient.c in client_build_req(), the error return
leaks ldap_attrs (CID 1340544). It looks like this can happen if
the first utoa() call in aldap_get_stringset() fails. It looks
like other leaks can happen if other utoa() calls fail since scanning
this array when it is freed stops when the first NULL is encountered.
Fix these problems by not storing NULL in the array when utoa()
fails, and by freeing ret and returning NULL if nothing is stored
in the array. That way the caller will never see the
ldap_attrs[0] == NULL case, so delete that check.
The ber_printf_element() calls ber_free_elements() on its ber
argument and returns NULL on failure. When each of its callers
detects failure, they do a goto fail, which then calls ber_free_elements()
with the same pointer (CID 1340543). Fix is to delete the
ber_free_elements() from ber_printf_element()
Reported by: Coverity
CID: 1340543, 1340544
Reviewed by: araujo
Differential Revision: https://reviews.freebsd.org/D6550
1199380 (Resource leak).
load_dsdt() calls strncpy() to copy a filename and Coverity warns
that the destination buffer may not be NUL terminated. Fix this
by using strlcpy() instead. If silent truncation occurs, then the
filename was not valid anyway.
load_dsdt() leaks an fd (CID 978405) and a memory region allocated
using mmap() (CID 1199380) when it returns. Fix these by calling
close() and munmap() as appropriate.
Don't bother fixing the minor memory leak "list", allocated by
AcGetAllTablesFromFile() (CID 1355191).
Check for truncation when creating the temp file name.
Set a flag to indicate that the temp file should be unlinked.
Relying on a strcmp() test could delete the input file in contrived
cases.
Reported by: Coverity
CID: 1011279, 978405, 1199380
Reviewed by: jkim
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D6368
Coverity reports that a buffer used for temporary file generation
might not be NUL terminated by strncpy(). This is probably not
true because the input gets passed through realpath(), but if the
path name is sufficiently long the name could be truncated and cause
other problems. The code for generating the temp file names is
also overly complex. Instead of a bunch of calls to strncpy() and
and strncat(), simplify the code by using snprintf() and add checks
for unexpected truncation.
The output file created by iasl -d is predictable. Fix this by
using mkdtemp() to create a directory to hold the iasl input and
output files.
Check the return values of more syscalls.
Reported by: Coverity
CID: 1011278
Reviewed by: jkim
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D6360
The length of the name returned from the $LOGNAME and $USER can be
very long and it was being concatenated to a fixed length buffer
with no bounds checking. Fix this problem by limiting the length
of the name copied.
Additionally, this name is actually used to create a format string
to be used in adding log file entries so embedded % characters in
the name could confuse *printf(), and embedded whitespace could
confuse a log file parser. Handle the former by escaping each %
with an additional %, and handle the latter by simply stripping it
out.
Clean up the code by moving the variable declarations to the top
of the function, formatting them to conform with style, and moving
intialization elsewhere.
Reduce code indentation by returning early in a couple of places.
Reported by: Coverity
CID: 1006692
Reviewed by: markj (previous version)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D6490
The currently used idiom for clearing the part of a ccb after its
header generates one or two Coverity errors for each time it is
used. All instances generate an Out-of-bounds access (ARRAY_VS_SINGLETON)
error because of the treatment of the header as a two element array,
with a pointer to the non-existent second element being passed as
the starting address to bzero(). Some instances also alsp generate
Out-of-bounds access (OVERRUN) errors, probably because the space
being cleared is larger than the sizeofstruct ccb_hdr).
In addition, this idiom is difficult for humans to understand and
it is error prone. The user has to chose the proper struct ccb_*
type (which does not appear in the surrounding code) for the sizeof()
in the length calculation. I found several instances where the
length was incorrect, which could cause either an actual out of
bounds write, or incompletely clear the ccb.
A better way is to write the code to clear the ccb itself starting
at sizeof(ccb_hdr) bytes from the start of the ccb, and calculate
the length based on the specific type of struct ccb_* being cleared
as specified by the union ccb member being used. The latter can
normally be seen in the nearby code. This is friendlier for Coverity
and other static analysis tools because they will see that the
intent is to clear the trailing part of the ccb.
Wrap all of the boilerplate code in a convenient macro that only
requires a pointer to the desired union ccb member (or a pointer
to the union ccb itself) as an argument.
Reported by: Coverity
CID: 1007578, 1008684, 1009724, 1009773, 1011304, 1011306
CID: 1011307, 1011308, 1011309, 1011310, 1011311, 1011312
CID: 1011313, 1011314, 1011315, 1011316, 1011317, 1011318
CID: 1011319, 1011320, 1011321, 1011322, 1011324, 1011325
CID: 1011326, 1011327, 1011328, 1011329, 1011330, 1011374
CID: 1011390, 1011391, 1011392, 1011393, 1011394, 1011395
CID: 1011396, 1011397, 1011398, 1011399, 1011400, 1011401
CID: 1011402, 1011403, 1011404, 1011405, 1011406, 1011408
CID: 1011409, 1011410, 1011411, 1011412, 1011413, 1011414
CID: 1017461, 1018387, 1086860, 1086874, 1194257, 1229897
CID: 1229968, 1306229, 1306234, 1331282, 1331283, 1331294
CID: 1331295, 1331535, 1331536, 1331539, 1331540, 1341623
CID: 1341624, 1341637, 1341638, 1355264, 1355324
Reviewed by: scottl, ken, delphij, imp
MFH: 1 month
Differential Revision: https://reviews.freebsd.org/D6496
Do not set canmount=noauto on the boot environment at create time, because
this causes / to not be mounted, and since the chroot is read only, new
mountpoints cannot be created.
The property is set later, when other properties are adjusted
Reported by: HardenedBSD
Sponsored by: ScaleEngine Inc.
In this configuration, a separate bootpool is not required.
This allows ZFS Boot Environments to be used with GELI encrypted ZFS pools.
Support for GPT+EFI+GELI is planned for the future.
Tested by: Joseph Mingrone, HardenedBSD
Relnotes: yes
Sponsored by: ScaleEngine Inc.
Differential Revision: https://reviews.freebsd.org/D5869
As a positive side-effect, this eliminates the double semicolons reported by Coverity:
the macro contained a trailing semicolon, in addition to the semicolon placed on
each line where EXPAND(..) was called.
MFC after: 1 week
Reported by: Coverity
CID: 1194269
Sponsored by: EMC / Isilon Storage Division
The root file system is mounted early via vfs.root.mountfrom.
The canmount=noauto property only affects the zfs rc.d script.
This ensures that the 'default' BE is not mounted overtop of another BE when
one is selected from the beastie menu
Sponsored by: ScaleEngine Inc.
