- In audit_bsm.c, make sure all the arguments: ARG_AUID, ARG_ASID, ARG_AMASK,
and ARG_TERMID{_ADDR} are valid before auditing their arguments. (This is done
for both setaudit and setaudit_addr.
- Audit the arguments passed to setaudit_addr(2)
- AF_INET6 does not equate to AU_IPv6. Change this in au_to_in_addr_ex() so the
audit token is created with the correct type. This fixes the processing of the
in_addr_ex token in users pace.
- Change the size of the token (as generated by the kernel) from 5*4 bytes to
4*4 bytes (the correct size of an ip6 address)
- Correct regression from ucred work which resulted in getaudit() not returning
E2BIG if the subject had an ip6 termid
- Correct slight regression in getaudit(2) which resulted in the size of a pointer
being passed instead of the size of the structure. (This resulted in invalid
auditinfo data being returned via getaudit(2))
Reviewed by: rwatson
Approved by: re@ (kensmith)
Obtained from: TrustedBSD Project
MFC after: 1 month
- Fix logic handling execve(). We will not be able to
obtain information otherwise.
- truss coredump [1].
- truss does not work against itself [2].
PR: bin/58970 [1], bin/45193 [2]
Submitted by: Howard Su
Approved by: re (kensmith)
some false positives but at this moment it is better to add
support then to dont have it at all (comment from Soren).
PR: kern/111516
Submitted by: Thomas Nystrom <thn at saeab dot se>
Approved by: re (kensmith)
Approved by: imp (mentor)
OK'ed by: sos (With the comment noted above about false
positives).
could lead to a deadlock).
- sleepq_set_timeout acquires callout_lock (via callout_reset()) only
with sleepq chain lock held
- msleep_spin in _callout_stop_safe lock the sleepqueue chain with
callout_lock held
In order to solve this don't use msleep_spin in _callout_stop_safe() but
use directly sleepqueues as inline msleep_spin code. Rearrange the
wakeup path in order to have it consistent too.
Reported by: kris (via stress2 test suite)
Tested by: Timothy Redaelli <drizzt@gufi.org>
Reviewed by: jhb
Approved by: jeff (mentor)
Approved by: re
This is very similar to sx_init_flags: it initializes the rwlock using
special flags passed as third argument (RW_DUPOK, RW_NOPROFILE,
RW_NOWITNESS, RW_QUIET, RW_RECURSE).
Among these, the most important new feature is probabilly that rwlocks
can be acquired recursively now (for both shared and exclusive paths).
Because of the recursion counter, the ABI is changed.
Tested by: Timothy Redaelli <drizzt@gufi.org>
Reviewed by: jhb
Approved by: jeff (mentor)
Approved by: re
put out a ispreqt2e_t structure onto the request queue- not a ispreqt2_t
structure. I forgot that the 23XX can use a t2 structure.
Approved by: re (ken, implicitly)
MFC after: 3 days
possibly installed thirdparte zoneinfo databases (from ports for example).
PR: bin/104713
Submitted by: Mark Andrews <Mark_Andrews at isc dot org> (original patch
rewritten by me to be more consistent with the new practise).
Approved by: re (kensmith)
Approved by: imp (mentor)
Reviewed by: ru (some time ago already)
mpo_check_proc_setaudit_addr to be used when controlling use of
setaudit_addr(), rather than mpo_check_proc_setaudit(), which takes a
different argument type.
Reviewed by: csjp
Approved by: re (kensmith)
changes for example:
(From Craig Leres):
tip to a rocketport line
run "/etc/rc.d/devfs restart"
exit tip
(wait for the system to reboot)
Thanks to Robert Watson for poking me to fix this.
PR: kern/109152
Approved by: imp (mentor)
Approved by: re (kensmith)
Reviewed by: jhb
Submitted by: Craig Leres <leres@ee dot lbl dot gov>
of the file numerically for vendors and then each product numerically
by vendor (with all the foo2's sorting after the foo's). Someday, all
the usbdevs will be merged, I hope, but until then, we have these
mega-merges.
This also finishes the LINKSYS4 -> CISCOLINKSYS rename.
Approved by: re@ (blanket)
skip() callback to skip over data when reading uncompressed
archives. This gets invoked, for example, during tar -t
or tar -x with a filename argument. The revised code
only calls [lf]seek() on regular files, instead of depending
on the kernel to return an error.
Thanks to: bde for explaining the implementation of lseek()
Thanks to: Daniel O'Connor for testing
Approved by: re (Ken Smith)
MFC after: 5 days
firmware reset. Also zero out struct iwi_rateset although its not strictly
necessary.
Reported by: Maxim Konovalov
Reviewed by: sam
Approved by: re (bmah)
in errno) - Found by Weongyo Jeong
- Remove two extra un-needed memset() after calloc()'s - Found by
Weongyo Jeong
- Tightened up parameter requirement checking on input to
bindx/connectx per socket api spec.
Approved by: re@freebsd.org(Ken Smith)
- Remove tmpfs_zone_xxx KPI, the uma(9) wrapper, since
they does not bring any value now.
- Use |= instead of = when applying VV_ROOT flag.
- Remove tm_avariable_nodes list. Use uma to hold the
released nodes.
- init/destory interlock mutex of node when init/fini
instead of ctor/dtor.
- Change memory computing using u_int to fix negative
value in 2G mem machine.
- Remove unnecessary bzero's
- Rely uma logic to make file id allocation harder to
guess.
- Fix some unsigned/signed related things. Make sure
we respect -o size=xxxx
- Use wire instead of hold a page.
- Pass allocate_zero to obtain zeroed pages upon first
use.
Submitted by: Howard Su
Approved by: re (tmpfs blanket, kensmith)
to put out a ispreqt3e_t structure onto the request queue-
not a ispreqt3_t structure. We weren't. This turns out only
to really matter for big endian machines.
Approved by: re (ken)
MFC after: 3 days
around an output freezing problem (see the CVS log for details). This
is the same approach that sio takes to solve that problem. However,
ucom has a problem that sio doesn't have.
Consider the case where output is pending, and the device is closed.
ttyclose calls tt_close (which indirects to ucomclose) and then calls
ttyflush which calls tt_stop (which indirects to ucomstop). Since
ucomclose removed all the usb transfer points, sc_oxfer will be NULL
when ucomstop calls ucomstart. This results in a null pointer
dereference.
Since calling ucomstart in ucomstart solves other problems, we need to
work with this calling sequence. The easiest way to do that is to
bail early if sc_oxfer is NULL.
Kazuaki ODA-san came up with this patch, and filed a PR. I had seen
this bug at work and this patch does seem to solve it. He had no idea
why it worked, but knew that either this patch, or backing out ucom.c
1.56 fixed his panic. I just did the legwork of chasing down the code
paths that would cause this, and added a comment. This is obscure
enough to warrant a comment, I think.
Submitted by: Kazuaki ODA-san
PR: 113964
Approved by: re (bmah)
around to force the IO port to a fixed address. They were only turned
on in the module build and were present since the original import. This
breaks soft power-off on the Asus A7V since it reprograms the SMBus base
address to a different one than the BIOS expects. A similar issue was
found in the alpm(4) module build.
PR: kern/113986, i386/97468
MFC after: 3 days
Approved by: re
where a device timeout that occurs with a mgt frame on the tx q
will leave the net80211 layer w/o any way to make progress.
Reviewed by: thompsa, sephe
Approved by: re (hrs)
request queues rather than shove it down a word at a time, we have
to remember to put it into little endian format. Use the macros
ISP_IOXPUT_{16,32} for this purpose. Otherwise, on sparc the firmware
is loaded garbled and we get a (not surprisingly) firmware checksum
failure and the card won't start and we don't attach it.
Approved by: re (bruce)
MFC after: 3 days