- Use strlcpy() instead of strcpy().
- Use strlcat() instead of a strlcpy() with a magic number subtracted
from the length.
- Replace strncmp(..., strlen(foo) + 1) with strcmp(...).
Differential Revision: https://reviews.freebsd.org/D1814
Reviewed by: rpaulo
MFC after: 2 weeks
- Add bzipfs to the list of supported filesystems in the EFI loader.
- Increase the heap size allocated for the EFI loader from 2MB to 3MB.
Differential Revision: https://reviews.freebsd.org/D2053
Reviewed by: benno, emaste, imp
MFC after: 2 weeks
Sponsored by: Cisco Systems, Inc.
redzone below the stack pointer for scratch space and requires
interrupt and signal frames to avoid overwriting it. However, EFI uses
the Windows ABI which does not support this. As a result, interrupt
handlers in EFI push their interrupt frames directly on top of the
stack pointer. If the compiler used the red zone in a function in the
EFI loader, then a device interrupt that occurred while that function
was running could trash its local variables. In practice this happens
fairly reliable when using gzipfs as an interrupt during decompression
can trash the local variables in the inflate_table() function
resulting in corrupted output or hangs.
Fix this by disabling the redzone for amd64 EFI binaries. This
requires building not only the loader but any libraries used by the
loader without redzone support.
Thanks to Jilles for pointing me at the redzone once I found the stack
corruption.
Differential Revision: https://reviews.freebsd.org/D2054
Reviewed by: imp
MFC after: 2 weeks
Sponsored by: Cisco Systems, Inc.
to obtain IPv4 next hop address in tablearg case.
Add `fwd tablearg' support for IPv6. ipfw(8) uses INADDR_ANY as next hop
address in O_FORWARD_IP opcode for specifying tablearg case. For IPv6 we
still use this opcode, but when packet identified as IPv6 packet, we
obtain next hop address from dedicated field nh6 in struct table_value.
Replace hopstore field in struct ip_fw_args with anonymous union and add
hopstore6 field. Use this field to copy tablearg value for IPv6.
Replace spare1 field in struct table_value with zoneid. Use it to keep
scope zone id for link-local IPv6 addresses. Since spare1 was used
internally, replace spare0 array with two variables spare0 and spare1.
Use getaddrinfo(3)/getnameinfo(3) functions for parsing and formatting
IPv6 addresses in table_value. Use zoneid field in struct table_value
to store sin6_scope_id value.
Since the kernel still uses embedded scope zone id to represent
link-local addresses, convert next_hop6 address into this form before
return from pfil processing. This also fixes in6_localip() check
for link-local addresses.
Differential Revision: https://reviews.freebsd.org/D2015
Obtained from: Yandex LLC
Sponsored by: Yandex LLC
This is slightly different to the other switches - the VLAN table
(VTU) programs in the vlan port mapping /and/ the port config
(tagged, untagged, passthrough, any.)
So:
* Add VTU operations to program the VTU (vlan table)
* abstract out the mirror-disable function so it's .. well, a function.
* setup the port to have a dot1q configuration for dot1q - the
port security is VLAN (not per-port VLAN) and requires an entry
in the VLAN table;
* add set_dot1q / get_dot1q to program the VLAN table;
* since the tagged/untagged ports are now programmed into the VTU,
rather than global - plumb the ports /and/ untagged ports bitmaps
through the arswitch API.
Tested:
* AP135 - QCA9558 SoC + AR8327N switch
(for example, a large mfsroot). Note that for EFI the kernel and
modules (as well as other metadata files such as splash screens or
memory disk images) are loaded into a statically-sized staging area.
When the EFI loader exits it copies this staging area down to the
location the kernel expects to run at.
- Add bounds checking to the copy routines to fail attempts to access
memory outside of the staging area. Previously loading a combined
kernel + modules larger than the staging size (32MB) would overflow
the staging area trashing whatever memory was afterwards. Under
Intel's OVMF firmware for qemu this resulted in fatal faults in the
firmware itself. Now the attempt will fail with ENOMEM.
- Allow the staging area size to be configured at compile time via
an EFI_STAGING_SIZE variable in src.conf or on the command line.
It accepts the size of the staging area in MB. The default size
remains 32MB.
MFC after: 2 weeks
Sponsored by: Cisco Systems, Inc.
packets and does not schedule interrupts for any packets currently
enqueued. Close two races where enqueued packets may not ever trigger
interrupts. The first of these, at adapter initialization time, was
especially severe since a rush of enqueued packets could actually fill
the receive buffer completely, stalling the interface forever.
MFC after: 2 weeks
initialization, when no input method specified before if_attach().
This prevents panics when if_input() method called directly e.g.
from bpf(4) code.
PR: 192426
Reviewed by: glebius
MFC after: 1 week
Do not report GEOM::candelete if none of providers support BIO_DELETE.
If consumer still requests BIO_DELETE, report error instead of hanging.
MFC after: 2 weeks
The in-tree binutils does not support arm64, so will not work for the
forthcoming FreeBSD arm64 port. BROKEN_OPTIONS will include
BINUTILS_BOOTSTRAP, so provide a default CROSS_BINUTILS_PREFIX for this
case.
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
don't actually use these files at the moment, so eliminate them until
we actually do. In the mean time, freebsd-update will be updated
to eliminate the issues.
Requested by: cperciva
any defaults or user specified actions on the command line. This would
be useful for specifying features that are always broken or that
cannot make sense on a specific architecture, like ACPI on pc98 or
EISA on !i386 (!x86 usage of EISA is broken and there's no supported
hardware that could have it in any event). Any items in
BROKEN_OPTIONS are forced to "no" regardless of other settings.
Clients are expected change BROKEN_OPTIONS with +=. It will not
be unset, so other parts of the build system can have visibility
into the options that are broken on this platform, though this
should be very rare.
Differential Revision: https://reviews.freebsd.org/D2009
not on head.. otherwise the file pointer will be NULL and when
you try to do something with it you will crash. Make the #else
be the old capabilites, and then remove the erroneous ifdefs for
11.
MFC after: 1 week (with the other MFC I was going to do until the panic)
drivers can use it. This avoids some code duplication. Add missing
default case to all switch statements while at it. Also move the
hashing of the IPv6 flow field to layer 4 because the IPv6 flow field
is constant on a per L4 connection basis and not on a per L3 network.
Differential Revision: https://reviews.freebsd.org/D1987
Sponsored by: Mellanox Technologies
MFC after: 1 month
