From 30a44bb93bc7c505922a37c3e8587947d58bd1df Mon Sep 17 00:00:00 2001 From: Alexander Leidinger Date: Sat, 11 Aug 2018 13:01:46 +0000 Subject: [PATCH 01/14] Add "ESI Juli@ XTe" as a supported device. Submitted by: Vladislav Movchan PR: 222025 Sponsored by: Essen Hackathon --- share/man/man4/snd_envy24ht.4 | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/share/man/man4/snd_envy24ht.4 b/share/man/man4/snd_envy24ht.4 index 086d5cd81105..a4f8084807b9 100644 --- a/share/man/man4/snd_envy24ht.4 +++ b/share/man/man4/snd_envy24ht.4 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd June 1, 2014 +.Dd August 11, 2018 .Dt SND_ENVY24HT 4 .Os .Sh NAME @@ -69,6 +69,8 @@ Audiotrak Prodigy HD2 .It ESI Juli@ .It +ESI Juli@ XTe +.It M-Audio Audiophile 192 .It M-Audio Revolution 5.1 From c046b2a9e0ef206533cac3cc6e3ee260ccda7c8e Mon Sep 17 00:00:00 2001 From: Alexander Leidinger Date: Sat, 11 Aug 2018 13:18:19 +0000 Subject: [PATCH 02/14] Add svnlite to places where svn is mentioned. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The Makefile part in the PR is solved already differently, so this part is skipped form the PR The man page change change is slightly changed to adapt to the way the Makefile works and to the spirit of what is intended here. Submitted by: Juan Ramón Molina Menor PR: 194910 Sponsored by: Essen Hackathon --- share/man/man5/make.conf.5 | 7 ++++--- share/man/man7/build.7 | 5 ++++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/share/man/man5/make.conf.5 b/share/man/man5/make.conf.5 index f139709ef29b..77c93f980118 100644 --- a/share/man/man5/make.conf.5 +++ b/share/man/man5/make.conf.5 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 20, 2018 +.Dd August 11, 2018 .Dt MAKE.CONF 5 .Os .Sh NAME @@ -234,12 +234,13 @@ Set this to not update the ports tree during .Pq Vt bool Set this to use .Xr svn 1 +or +.Xr svnlite 1 to update your .Pa src tree with .Dq Li "make update" . -Note that since a subversion client is not included in the base system, -you will need to set +Note that you can set .Va SVN to the full path of a .Xr svn 1 diff --git a/share/man/man7/build.7 b/share/man/man7/build.7 index d3f01661835d..17f8daf7c4ad 100644 --- a/share/man/man7/build.7 +++ b/share/man/man7/build.7 @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 24, 2017 +.Dd August 11, 2018 .Dt BUILD 7 .Os .Sh NAME @@ -42,6 +42,8 @@ and These directories may be initially empty or non-existent until updated with .Xr svn 1 or +.Xr svnlite 1 +or .Xr portsnap 8 . Directory .Pa /usr/src @@ -789,6 +791,7 @@ make TARGET_ARCH=armv6 DESTDIR=/clients/arm64 installworld installkernel .Xr install 1 , .Xr make 1 , .Xr svn 1 , +.Xr svnlite 1 , .Xr make.conf 5 , .Xr src.conf 5 , .Xr arch 7 , From 9584f61992f90d1099bcbcc00b03d2fd8d201c63 Mon Sep 17 00:00:00 2001 From: Brad Davis Date: Sat, 11 Aug 2018 13:23:09 +0000 Subject: [PATCH 03/14] Move OpenBSM to CONFS This helps with pkgbase as these config files will be properly tagged as config files. Approved by: allanjude (mentor), oshogbo Differential Revision: https://reviews.freebsd.org/D16679 --- etc/Makefile | 14 -------------- usr.sbin/auditd/Makefile | 12 ++++++++++++ 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/etc/Makefile b/etc/Makefile index 6d37ff73013b..53ff1305a70e 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -56,14 +56,6 @@ BIN1+= etc.${MACHINE_CPUARCH}/ttys .error etc.MACHINE/ttys missing .endif -OPENBSMDIR= ${SRCTOP}/contrib/openbsm -BSM_ETC_OPEN_FILES= ${OPENBSMDIR}/etc/audit_class \ - ${OPENBSMDIR}/etc/audit_event -BSM_ETC_RESTRICTED_FILES= ${OPENBSMDIR}/etc/audit_control \ - ${OPENBSMDIR}/etc/audit_user -BSM_ETC_EXEC_FILES= ${OPENBSMDIR}/etc/audit_warn -BSM_ETC_DIR= ${DESTDIR}/etc/security - # NB: keep these sorted by MK_* knobs .if ${MK_AMD} != "no" @@ -203,12 +195,6 @@ distribution: ${_+_}cd ${.CURDIR}/syslog.d; ${MAKE} install ${_+_}cd ${SRCTOP}/usr.sbin/rmt; ${MAKE} etc-rmt ${_+_}cd ${.CURDIR}/pam.d; ${MAKE} install - cd ${.CURDIR}; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 0444 \ - ${BSM_ETC_OPEN_FILES} ${BSM_ETC_DIR} - cd ${.CURDIR}; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 0600 \ - ${BSM_ETC_RESTRICTED_FILES} ${BSM_ETC_DIR} - cd ${.CURDIR}; ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 0500 \ - ${BSM_ETC_EXEC_FILES} ${BSM_ETC_DIR} .if ${MK_UNBOUND} != "no" if [ ! -e ${DESTDIR}/etc/unbound ]; then \ ${INSTALL_SYMLINK} ../var/unbound ${DESTDIR}/etc/unbound; \ diff --git a/usr.sbin/auditd/Makefile b/usr.sbin/auditd/Makefile index 45fcd7591572..5385463a6e3b 100644 --- a/usr.sbin/auditd/Makefile +++ b/usr.sbin/auditd/Makefile @@ -7,6 +7,18 @@ OPENBSMDIR=${SRCTOP}/contrib/openbsm CFLAGS+= -I${OPENBSMDIR} +OPENBSMETCDIR= ${OPENBSMDIR}/etc +CONFS= ${OPENBSMETCDIR}/audit_class +CONFSMODE_${OPENBSMETCDIR}/audit_class= 444 +CONFS+= ${OPENBSMETCDIR}/audit_control +CONFSMODE_${OPENBSMETCDIR}/audit_control= 600 +CONFS+= ${OPENBSMETCDIR}/audit_event +CONFSMODE_${OPENBSMETCDIR}/audit_event= 444 +CONFS+= ${OPENBSMETCDIR}/audit_user +CONFSMODE_${OPENBSMETCDIR}/audit_user= 600 +CONFS+= ${OPENBSMETCDIR}/audit_warn +CONFSMODE_${OPENBSMETCDIR}/audit_warn= 500 +CONFSDIR= /etc/security PROG= auditd SRCS= auditd.c audit_warn.c auditd_fbsd.c MAN= auditd.8 From cea9c033f2db7b768bc48fe5c3e8d140d23da4e2 Mon Sep 17 00:00:00 2001 From: Brad Davis Date: Sat, 11 Aug 2018 13:25:39 +0000 Subject: [PATCH 04/14] Move ddb.conf to sbin/ddb/ and switch to CONFS. This helps pkgbase as this config file will now be tagged as a config file. Approved by: allanjude (mentor) Differential Revision: https://reviews.freebsd.org/D16675 --- etc/Makefile | 1 - sbin/ddb/Makefile | 1 + {etc => sbin/ddb}/ddb.conf | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename {etc => sbin/ddb}/ddb.conf (100%) diff --git a/etc/Makefile b/etc/Makefile index 53ff1305a70e..dad095e43bee 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -15,7 +15,6 @@ SUBDIR+=sendmail BIN1= crontab \ devd.conf \ devfs.conf \ - ddb.conf \ dhclient.conf \ disktab \ fbtab \ diff --git a/sbin/ddb/Makefile b/sbin/ddb/Makefile index 44d002d6c229..f1bf75e41b36 100644 --- a/sbin/ddb/Makefile +++ b/sbin/ddb/Makefile @@ -1,5 +1,6 @@ # $FreeBSD$ +CONFS= ddb.conf PACKAGE=runtime PROG= ddb SRCS= ddb.c ddb_capture.c ddb_script.c diff --git a/etc/ddb.conf b/sbin/ddb/ddb.conf similarity index 100% rename from etc/ddb.conf rename to sbin/ddb/ddb.conf From 40557b99f5966e4224d8eff9a127b5f9ad8aaa19 Mon Sep 17 00:00:00 2001 From: Brad Davis Date: Sat, 11 Aug 2018 13:28:03 +0000 Subject: [PATCH 05/14] Move sysctl.conf to sbin/sysctl/ and switch to CONFS. This helps with pkgbase to tag this config file as a config file. Approved by: allanjude (mentor), will (mentor) Differential Revision: https://reviews.freebsd.org/D16559 --- etc/Makefile | 1 - sbin/sysctl/Makefile | 1 + {etc => sbin/sysctl}/sysctl.conf | 0 3 files changed, 1 insertion(+), 1 deletion(-) rename {etc => sbin/sysctl}/sysctl.conf (100%) diff --git a/etc/Makefile b/etc/Makefile index dad095e43bee..8b492ed64563 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -41,7 +41,6 @@ BIN1= crontab \ remote \ rpc \ services \ - sysctl.conf \ syslog.conf \ termcap.small diff --git a/sbin/sysctl/Makefile b/sbin/sysctl/Makefile index 30099aedb34c..2069bd3382d2 100644 --- a/sbin/sysctl/Makefile +++ b/sbin/sysctl/Makefile @@ -2,6 +2,7 @@ # $FreeBSD$ PACKAGE=runtime +CONFS= sysctl.conf PROG= sysctl WARNS?= 3 MAN= sysctl.8 diff --git a/etc/sysctl.conf b/sbin/sysctl/sysctl.conf similarity index 100% rename from etc/sysctl.conf rename to sbin/sysctl/sysctl.conf From c2d948fa77193fdac58e881256ff296d6cac2dfe Mon Sep 17 00:00:00 2001 From: Brad Davis Date: Sat, 11 Aug 2018 13:47:28 +0000 Subject: [PATCH 06/14] Move snmpd.config to usr.sbin/bsnmpd/bsnmpd/ This helps with pkgbase as this config file will now be tagged as a config file Approved by: allanjude (mentor) Sponsored by: Essen Hackathon Differential Revision: https://reviews.freebsd.org/D16674 --- etc/Makefile | 5 ----- usr.sbin/bsnmpd/bsnmpd/Makefile | 2 ++ {etc => usr.sbin/bsnmpd/bsnmpd}/snmpd.config | 0 3 files changed, 2 insertions(+), 5 deletions(-) rename {etc => usr.sbin/bsnmpd/bsnmpd}/snmpd.config (100%) diff --git a/etc/Makefile b/etc/Makefile index 8b492ed64563..68b3c15d1c3c 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -158,11 +158,6 @@ distribution: ${DESTDIR}/etc/services; .endif -.if ${MK_BSNMP} != "no" - cd ${.CURDIR}; \ - ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 600 \ - snmpd.config ${DESTDIR}/etc; -.endif .if ${MK_TCSH} == "no" sed -i "" -e 's;/bin/csh;/bin/sh;' ${DESTDIR}/etc/master.passwd .endif diff --git a/usr.sbin/bsnmpd/bsnmpd/Makefile b/usr.sbin/bsnmpd/bsnmpd/Makefile index 24d583610993..06fac61f9371 100644 --- a/usr.sbin/bsnmpd/bsnmpd/Makefile +++ b/usr.sbin/bsnmpd/bsnmpd/Makefile @@ -7,6 +7,8 @@ CONTRIB=${SRCTOP}/contrib/bsnmp .PATH: ${CONTRIB}/snmpd +CONFS= snmpd.config +CONFSMODE= 600 PROG= bsnmpd SRCS= main.c action.c config.c export.c trap.c trans_udp.c trans_lsock.c SRCS+= oid.h tree.c tree.h diff --git a/etc/snmpd.config b/usr.sbin/bsnmpd/bsnmpd/snmpd.config similarity index 100% rename from etc/snmpd.config rename to usr.sbin/bsnmpd/bsnmpd/snmpd.config From bf8a86cd148750ce577f389cb3799189d83c7ee9 Mon Sep 17 00:00:00 2001 From: Brad Davis Date: Sat, 11 Aug 2018 13:52:23 +0000 Subject: [PATCH 07/14] Move cron.d/at to usr.bin/at/ This helps with pkgbase as it tags this as a config file so it is handled as such Approved by: allanjude (mentor) Sponsored by: Essen Hackathon Differential Revision: https://reviews.freebsd.org/D16673 --- etc/Makefile | 1 - etc/cron.d/Makefile | 11 ----------- usr.bin/at/Makefile | 3 +++ etc/cron.d/at => usr.bin/at/atrun | 0 4 files changed, 3 insertions(+), 12 deletions(-) delete mode 100644 etc/cron.d/Makefile rename etc/cron.d/at => usr.bin/at/atrun (100%) diff --git a/etc/Makefile b/etc/Makefile index 68b3c15d1c3c..d48538d9e10f 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -174,7 +174,6 @@ distribution: .if ${MK_BLUETOOTH} != "no" ${_+_}cd ${.CURDIR}/bluetooth; ${MAKE} install .endif - ${_+_}cd ${.CURDIR}/cron.d; ${MAKE} install ${_+_}cd ${.CURDIR}/defaults; ${MAKE} install ${_+_}cd ${.CURDIR}/devd; ${MAKE} install ${_+_}cd ${.CURDIR}/gss; ${MAKE} install diff --git a/etc/cron.d/Makefile b/etc/cron.d/Makefile deleted file mode 100644 index 3ddc5fb438ac..000000000000 --- a/etc/cron.d/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -# $FreeBSD$ - -.include - -.if ${MK_AT} != "no" -FILES+= at -.endif - -BINDIR= /etc/cron.d - -.include diff --git a/usr.bin/at/Makefile b/usr.bin/at/Makefile index 5e9cfc9302fd..7dde46f28e67 100644 --- a/usr.bin/at/Makefile +++ b/usr.bin/at/Makefile @@ -2,6 +2,9 @@ .include "${.CURDIR}/Makefile.inc" +CONFS= atrun +CONFSDIR= /etc/cron.d +CONFSNAME= at PROG= at SRCS= at.c panic.c parsetime.c perm.c LINKS= ${BINDIR}/at ${BINDIR}/atq \ diff --git a/etc/cron.d/at b/usr.bin/at/atrun similarity index 100% rename from etc/cron.d/at rename to usr.bin/at/atrun From 6d76ed56a022c04a7b3c9856090c98239f36eb4e Mon Sep 17 00:00:00 2001 From: Brad Davis Date: Sat, 11 Aug 2018 13:58:26 +0000 Subject: [PATCH 08/14] Move pf.os to sbin/pfctl/ Approved by: will (mentor) Glanced at by: kp Sponsored by: Essen Hackathon Differential Revision: https://reviews.freebsd.org/D16557 --- etc/Makefile | 4 ---- sbin/pfctl/Makefile | 1 + {etc => sbin/pfctl}/pf.os | 0 3 files changed, 1 insertion(+), 4 deletions(-) rename {etc => sbin/pfctl}/pf.os (100%) diff --git a/etc/Makefile b/etc/Makefile index d48538d9e10f..72d855698ee4 100644 --- a/etc/Makefile +++ b/etc/Makefile @@ -93,10 +93,6 @@ SSH= ${SRCTOP}/crypto/openssh/ssh_config \ SSL= ${SRCTOP}/crypto/openssl/apps/openssl.cnf .endif -.if ${MK_PF} != "no" -BIN1+= pf.os -.endif - .if ${MK_SENDMAIL} != "no" BIN1+= rc.sendmail .endif diff --git a/sbin/pfctl/Makefile b/sbin/pfctl/Makefile index de1f64dd0269..8ca3b5d86285 100644 --- a/sbin/pfctl/Makefile +++ b/sbin/pfctl/Makefile @@ -6,6 +6,7 @@ .PATH: ${SRCTOP}/sys/netpfil/pf PACKAGE=pf +CONFS= pf.os PROG= pfctl MAN= pfctl.8 diff --git a/etc/pf.os b/sbin/pfctl/pf.os similarity index 100% rename from etc/pf.os rename to sbin/pfctl/pf.os From 40bb18ef11a449b97eb54a4bbb463a783736d8df Mon Sep 17 00:00:00 2001 From: Kevin Lo Date: Sat, 11 Aug 2018 14:45:33 +0000 Subject: [PATCH 09/14] Remove unused MAPDESCFILE. --- usr.sbin/bsdinstall/scripts/keymap | 5 ----- 1 file changed, 5 deletions(-) diff --git a/usr.sbin/bsdinstall/scripts/keymap b/usr.sbin/bsdinstall/scripts/keymap index aaaffc8cb28e..739d0223c4f4 100755 --- a/usr.sbin/bsdinstall/scripts/keymap +++ b/usr.sbin/bsdinstall/scripts/keymap @@ -43,11 +43,6 @@ f_include $BSDCFG_SHARE/sysrc.subr # : ${KEYMAPFILE:=$BSDINSTALL_TMPETC/rc.conf.keymap} -# -# Default path to keymap INDEX containing descriptions -# -: ${MAPDESCFILE:=/usr/share/syscons/keymaps/INDEX.keymaps} - ############################################################ GLOBALS # From edb1df35b08f85ed6c082d924ca078e43854071c Mon Sep 17 00:00:00 2001 From: Brad Davis Date: Sat, 11 Aug 2018 16:06:32 +0000 Subject: [PATCH 10/14] Fix the build by just installing systop since testing shows it works with: dwatch -X systop Reviewed by: kp Approved by: allanjude (mentor) --- cddl/usr.sbin/dwatch/libexec/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cddl/usr.sbin/dwatch/libexec/Makefile b/cddl/usr.sbin/dwatch/libexec/Makefile index 9a575d16d6a1..d84fc370519b 100644 --- a/cddl/usr.sbin/dwatch/libexec/Makefile +++ b/cddl/usr.sbin/dwatch/libexec/Makefile @@ -12,6 +12,7 @@ FILES= chmod \ rw \ sched \ sendrecv \ + systop \ tcp \ udp \ udplite \ @@ -62,7 +63,6 @@ LINKS+= ${LIBEXECDIR}/dwatch/sendrecv ${LIBEXECDIR}/dwatch/recvmsg LINKS+= ${LIBEXECDIR}/dwatch/sendrecv ${LIBEXECDIR}/dwatch/send LINKS+= ${LIBEXECDIR}/dwatch/sendrecv ${LIBEXECDIR}/dwatch/sendmsg LINKS+= ${LIBEXECDIR}/dwatch/sendrecv ${LIBEXECDIR}/dwatch/sendto -LINKS+= ${LIBEXECDIR}/dwatch/systop ${LIBEXECDIR}/dwatch/systop LINKS+= ${LIBEXECDIR}/dwatch/tcp ${LIBEXECDIR}/dwatch/tcp-accept LINKS+= ${LIBEXECDIR}/dwatch/tcp ${LIBEXECDIR}/dwatch/tcp-accept-established LINKS+= ${LIBEXECDIR}/dwatch/tcp ${LIBEXECDIR}/dwatch/tcp-accept-refused From bce2f1d7b9067b8db97942e6ae26fd681b698e9b Mon Sep 17 00:00:00 2001 From: Alexander Leidinger Date: Sat, 11 Aug 2018 16:12:23 +0000 Subject: [PATCH 11/14] Re-enable reading byte swapped NFS_MAGIC dumps. Fix bug introduced in r98542: previously to this revision the byte-swapped value was compared at this place. The current check is in a conditional section where the non-byte-swapped value was already checked to be not the value which is checked again. As byte-swapping is activated afterwards, it only makes sense if the byte-swapped value is checked. Submitted by: Keith White PR: 200059 MFC after: 1 month Sponsored by: Essen Hackathon --- sbin/restore/tape.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sbin/restore/tape.c b/sbin/restore/tape.c index 04cda7ebd636..16dba12e673c 100644 --- a/sbin/restore/tape.c +++ b/sbin/restore/tape.c @@ -1314,8 +1314,8 @@ gethead(struct s_spcl *buf) return (FAIL); } if (swabl(buf->c_magic) != FS_UFS2_MAGIC && - buf->c_magic != NFS_MAGIC) { - if (buf->c_magic == OFS_MAGIC) { + swabl(buf->c_magic) != NFS_MAGIC) { + if (swabl(buf->c_magic) == OFS_MAGIC) { fprintf(stderr, "Format of dump tape is too old. Must use\n"); fprintf(stderr, From bb50c31811a4e25516f02026e52b00be2739f4f3 Mon Sep 17 00:00:00 2001 From: Alexander Leidinger Date: Sat, 11 Aug 2018 16:29:54 +0000 Subject: [PATCH 12/14] - Correct the description when jobs are executed related to load avg to match reality (slightly different to what was submitted in the PR: use english word instead of math-symbol). - Wrap the corresponding part to below 80 characters per line. Submitted by: yamagi@yamagi.org PR: 202202 Sponsored by: Essen Hackathon --- usr.bin/at/at.man | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/usr.bin/at/at.man b/usr.bin/at/at.man index a3267ca83239..fc1d55bababd 100644 --- a/usr.bin/at/at.man +++ b/usr.bin/at/at.man @@ -1,5 +1,5 @@ .\" $FreeBSD$ -.Dd June 1, 2018 +.Dd August 11, 2018 .Dt "AT" 1 .Os .Sh NAME @@ -64,8 +64,9 @@ case, everybody's jobs are listed; .It Nm atrm deletes jobs; .It Nm batch -executes commands when system load levels permit; in other words, when the load average -drops below _LOADAVG_MX, or the value specified in the invocation of +executes commands when system load levels permit; in other words, when +the load average drops below _LOADAVG_MX times number of active CPUs, +or the value specified in the invocation of .Nm atrun . .El .Pp From 33b242b5335698c979b0ced7e9c299dc48b866e5 Mon Sep 17 00:00:00 2001 From: Kristof Provost Date: Sat, 11 Aug 2018 16:34:30 +0000 Subject: [PATCH 13/14] pf: Fix 'set skip on' for groups The pfi_skip_if() function sometimes caused skipping of groups to work, if the members of the group used the groupname as a name prefix. This is often the case, e.g. group lo usually contains lo0, lo1, ..., but not always. Rather than relying on the name explicitly check for group memberships. Obtained from: OpenBSD (pf_if.c,v 1.62, pf_if.c,v 1.63) Sponsored by: Essen Hackathon --- sys/netpfil/pf/pf_if.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c index 15c19e747c86..68d626dc6204 100644 --- a/sys/netpfil/pf/pf_if.c +++ b/sys/netpfil/pf/pf_if.c @@ -735,6 +735,7 @@ pfi_get_ifaces(const char *name, struct pfi_kif *buf, int *size) static int pfi_skip_if(const char *filter, struct pfi_kif *p) { + struct ifg_list *i; int n; if (filter == NULL || !*filter) @@ -745,10 +746,19 @@ pfi_skip_if(const char *filter, struct pfi_kif *p) if (n < 1 || n >= IFNAMSIZ) return (1); /* sanity check */ if (filter[n-1] >= '0' && filter[n-1] <= '9') - return (1); /* only do exact match in that case */ - if (strncmp(p->pfik_name, filter, n)) - return (1); /* prefix doesn't match */ - return (p->pfik_name[n] < '0' || p->pfik_name[n] > '9'); + return (1); /* group names may not end in a digit */ + if (p->pfik_ifp != NULL) { + IF_ADDR_RLOCK(p->pfik_ifp); + CK_STAILQ_FOREACH(i, &p->pfik_ifp->if_groups, ifgl_next) { + if (!strncmp(i->ifgl_group->ifg_group, filter, + IFNAMSIZ)) { + IF_ADDR_RUNLOCK(p->pfik_ifp); + return (0); /* iface is in group "filter" */ + } + } + IF_ADDR_RUNLOCK(p->pfik_ifp); + } + return (1); } int From e9ddca4a40c9cf37e1cb1b3954034503ca248def Mon Sep 17 00:00:00 2001 From: Kristof Provost Date: Sat, 11 Aug 2018 16:37:55 +0000 Subject: [PATCH 14/14] pf: Take the IF_ADDR_RLOCK() when iterating over the group list We did do this elsewhere in pf, but the lock was missing here. Sponsored by: Essen Hackathon --- sys/netpfil/pf/pf_if.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/sys/netpfil/pf/pf_if.c b/sys/netpfil/pf/pf_if.c index 68d626dc6204..cc9c2f800119 100644 --- a/sys/netpfil/pf/pf_if.c +++ b/sys/netpfil/pf/pf_if.c @@ -297,11 +297,16 @@ pfi_kif_match(struct pfi_kif *rule_kif, struct pfi_kif *packet_kif) if (rule_kif == NULL || rule_kif == packet_kif) return (1); - if (rule_kif->pfik_group != NULL) - /* XXXGL: locking? */ + if (rule_kif->pfik_group != NULL) { + IF_ADDR_RLOCK(packet_kif->pfik_ifp); CK_STAILQ_FOREACH(p, &packet_kif->pfik_ifp->if_groups, ifgl_next) - if (p->ifgl_group == rule_kif->pfik_group) + if (p->ifgl_group == rule_kif->pfik_group) { + IF_ADDR_RUNLOCK(packet_kif->pfik_ifp); return (1); + } + IF_ADDR_RUNLOCK(packet_kif->pfik_ifp); + } + return (0); }