Commit Graph

8398 Commits

Author SHA1 Message Date
Alexander Motin
d8880fd450 Always allow setting number of iterations for the first time.
Before this change it was impossible to set number of PKCS#5v2 iterations,
required to set passphrase, if it has two keys and never had any passphrase.
Due to present metadata format limitations there are still cases when number
of iterations can not be changed, but now it works in cases when it can.

PR:		218512
MFC after:	2 weeks
Sponsored by:	iXsystems, Inc.
Differential Revision:	https://reviews.freebsd.org/D10338
2017-04-21 07:16:07 +00:00
Patrick Kelsey
2f8c6c0a58 Fix userland tools that don't check the format of routing socket
messages before accessing message fields that may not be present,
removing dead/duplicate/misleading code along the way.

Document the message format for each routing socket message in
route.h.

Fix a bug in usr.bin/netstat introduced in r287351 that resulted in
pointer computation with essentially random 16-bit offsets and
dereferencing of the results.

Reviewed by:	ae
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D10330
2017-04-16 19:17:10 +00:00
Enji Cooper
6f11c9ca7c Switch back to non-IEC units for 1024 bytes
I was swayed a little too quickly when I saw the wiki page discussing
kB vs KiB. Switch back as none of the code in base openly uses
IEC units via humanize_number(3) (which was my next step), and there's
a large degree of dislike with IEC vs more SI-like units.

MFC after:	7 weeks
Submitted by:	jhb, rgrimes
Sponsored by:	Dell EMC Isilon
2017-04-15 06:53:07 +00:00
Enji Cooper
f09cb4f208 savecore: fix space calculation with respect to minfree in check_space(..)
- Use strtoll(3) instead of atoi(3), because atoi(3) limits the
  representable data to INT_MAX. Check the values received from
  strtoll(3), trimming trailing whitespace off the end to maintain
  POLA.
- Use `KiB` instead of `kB` when describing free space, total space,
  etc. I am now fully aware of `KiB` being the IEC standard for 1024
  bytes and `kB` being the IEC standard for 1000 bytes.
- Store available number of KiB in `available` so it can be more
  easily queried and compared to ensure that there are enough KiB to
  store the dump image on disk.
- Print out the reserved space on disk, per `minfree`, so end-users
  can troubleshoot why check_space(..) is reporting that there isn't
  enough free space.

MFC after:	7 weeks
Reviewed by:	Anton Rang <rang@acm.com> (earlier diff), cem (earlier diff)
Tested with:	positive/negative cases (see review); make tinderbox
Sponsored by:	Dell EMC Isilon
Differential Revision:	D10379
2017-04-14 19:41:48 +00:00
Konstantin Belousov
f4247773fa In fsck_ffs pass1, prevent the inosused variable from wrapping.
The loop that scans the used inode map when soft updates is in use
assumes that the inosused variable is signed.  However, ino_t is
unsigned, so the loop invariant is incorrect and the check for
inosused wrapping to < 0 can never be true.

Instead of checking for wrap after the fact just prevent it from
happening in the first place.

PR:	218592
Submitted by:	Todd Miller <todd.miller@courtesan.com>
Reviewed by:	mckusick
MFC after:	1 week
2017-04-14 15:22:00 +00:00
Conrad Meyer
bcbaf9fd47 fsck(8): Don't overrun mount device buffer
Apply a very similar fix to r299460 (fsck_ffs) to apparently duplicated code
in fsck.

Reported by:	Coverity
CID:		1006789
Sponsored by:	Dell EMC Isilon
2017-04-14 00:22:28 +00:00
Conrad Meyer
63298eb19c restore(8): Prevent some heap overflows
The environment variable TMPDIR was copied unchecked into a fixed-size heap
buffer.  Use a length-limiting snprintf in place of ordinary sprintf to
prevent the overflow.  Long TMPDIR variables can still cause odd truncated
filenames, which may be undesirable.

Reported by:	Coverity (CWE-120)
CIDs:		1006706, 1006707
Sponsored by:	Dell EMC Isilon
2017-04-14 00:14:40 +00:00
Rick Macklem
19625f29fe Document the "oneopenown" option added by r316792.
This is a content change.

MFC after:	2 weeks
2017-04-13 22:05:24 +00:00
Andrey V. Elsukov
4e0e8f3107 Add large replay widow support to setkey(8) and libipsec.
When the replay window size is large than UINT8_MAX, add to the request
the SADB_X_EXT_SA_REPLAY extension header that was added in r309144.

Also add support of SADB_X_EXT_NAT_T_TYPE, SADB_X_EXT_NAT_T_SPORT,
SADB_X_EXT_NAT_T_DPORT, SADB_X_EXT_NAT_T_OAI, SADB_X_EXT_NAT_T_OAR,
SADB_X_EXT_SA_REPLAY, SADB_X_EXT_NEW_ADDRESS_SRC, SADB_X_EXT_NEW_ADDRESS_DST
extension headers to the key_debug that is used by `setkey -x`.

Modify kdebug_sockaddr() to use inet_ntop() for IP addresses formatting.
And modify kdebug_sadb_x_policy() to show policy scope and priority.

Reviewed by:	gnn, Emeric Poupon
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D10375
2017-04-13 14:44:17 +00:00
Enji Cooper
397b5714d3 Clarify units for mediasize and sectorsize in DoFile(..)
They're byte quantities.

MFC after:	7 weeks
Sponsored by:	Dell EMC Isilon
2017-04-12 20:20:04 +00:00
Enji Cooper
e1f7a5d672 Clarify minfree warning message in check_space(..)
- State that the units are kB.
- Be more complete/concise in terms of what is required (in this case
  `minfree` must be at least `X`kB)

MFC after:	7 weeks
Sponsored by:	Dell EMC Isilon
2017-04-12 20:08:39 +00:00
Maxim Sobolev
bf43319445 Fix an issue in the rev.316718 causing variable to be unsed uninitialized.
Reported by:    Coverity
Nudged by:      cem
MFC after:	2 weeks
2017-04-12 19:23:41 +00:00
Maxim Sobolev
591e89c89b Work around an issue with mksnap_ffs not working in chroot'ed environment.
The problem is that the statfs(2) system call used to determine the relevant
mount point returns path within real root in the f_mntonname, causing
nmount(2) system call to fail with ENOENT.

Use a bit of heuristics to skip over few starting path elements when it
happens until we hit an actual mount point.

For this to work properly the whole mount should be accessible within the
chroot, it's going to still fail if chroot only has access to a part of the
mounted fs.

Reviewed by:	mckusick
Approved by:	mckusick
MFC after:	2 weeks
2017-04-11 21:55:39 +00:00
Benedict Reuschling
23852d5ce3 Make setkey(8) more clear about anti-replay window size option semantics.
PR:			172913
Submitted by:		john@saltant.com
Reviewed by:		ae@
MFC after:		2 weeks
Differential Revision:	https://reviews.freebsd.org/D10304
2017-04-09 15:17:55 +00:00
Brooks Davis
2558567984 Remove support for long gone oldnfs.
The code was calling nmount with an fstype of everything in the program
name after the last '_'. This was there to support mount_nfs being
linked to mount_oldnfs. Support for the link was removed in 2015 with
r281691.

Reviewed by:	rmacklem
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
Differential Revision:	https://reviews.freebsd.org/D10301
2017-04-07 18:31:31 +00:00
Alan Somers
6e24000a72 sbin/mount: strcpy -> strlcpy
Reported by:	Coverity
CID:		1011173, 1011174
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
2017-04-07 15:39:41 +00:00
Alan Somers
4db3787dd9 Fix memory leak in "gpart bootcode"
Also, annotate that gpart_issue never returns

Reported by:	Coverity
CID:		1007105
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
2017-04-05 18:31:26 +00:00
Alan Somers
fc9437c886 Fix clearing geom metadata if DIOCGSECTORSIZE fails
An unhandled error case would result in passing SIZE_MAX to malloc.
While I'm here, remove an unnecessary NULL check before free

Reported by:	Coverity
CID:		1017793
MFC after:	3 weeks
Sponsored by:	Spectra Logic Corp
2017-04-05 17:17:18 +00:00
Andrey V. Elsukov
1bbe19e65b Use unique SPI.
MFC after:	1 week
2017-04-04 23:30:05 +00:00
Andrey V. Elsukov
b72ff4a149 In the example section show that TCP-MD5 connection needs SA for both
directions.

Submitted by:	Mike Tancsa <mike at sentex net>
MFC after:	1 week
2017-04-04 23:28:22 +00:00
Sevan Janiyan
a40dd3caf2 Whilst mount_pcfs originated as a patch in 386BSD, NetBSD 0.8 actually
was the first release of an OS to ship with it.
Heads up by Ingo Schwarze.

Approved by:	bcr (mentor)
MFC after:	5 days
Differential Revision:	https://reviews.freebsd.org/D10209
2017-04-03 18:50:04 +00:00
Andrey V. Elsukov
aac74aeac7 Add ipfw_pmod kernel module.
The module is designed for modification of a packets of any protocols.
For now it implements only TCP MSS modification. It adds the external
action handler for "tcp-setmss" action.

A rule with tcp-setmss action does additional check for protocol and
TCP flags. If SYN flag is present, it parses TCP options and modifies
MSS option if its value is greater than configured value in the rule.
Then it adjustes TCP checksum if needed. After handling the search
continues with the next rule.

Obtained from:	Yandex LLC
MFC after:	2 weeks
Relnotes:	yes
Sponsored by:	Yandex LLC
No objection from: #network
Differential Revision:	https://reviews.freebsd.org/D10150
2017-04-03 03:07:48 +00:00
Andrey V. Elsukov
11c56650f0 Add O_EXTERNAL_DATA opcode support.
This opcode can be used to attach some data to external action opcode.
And unlike to O_EXTERNAL_INSTANCE opcode, this opcode does not require
creating of named instance to pass configuration arguments to external
action handler. The data is coming just next to O_EXTERNAL_ACTION opcode.

The userlevel part currenly supports formatting for opcode with ipfw_insn
size, by default it expects u16 numeric value in the arg1.

Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
2017-04-03 02:44:40 +00:00
Adrian Chadd
8d98753e33 [ifconfig] add some comments around missing net80211 VHT configuration.
VHT STBC, A-MPDU density and A-MPDU size configuration parameters are
different when doing VHT.
2017-03-31 22:05:10 +00:00
Nick Hibma
1fb4382cb2 Make dhcp-lease-time option supersedable as well.
Note: It is not recommended to set this value to above the value that
the server provided, unless that value is bogus.
2017-03-30 18:20:04 +00:00
Nick Hibma
c13fa60c22 Allow superseding the lease renewal and rebind times.
Also make sure that the renewal is never more than 1/2 * expiry and
rebind never more than 7/4 * renewal (the default values in the spec).
This should allow adjusting high values from the server as well as
making sure the values from the server make sense.

Renewal and rebind times will be adjusted down if the expiry time is set
very high in a server, not the other way around. This change just makes
sure the values keep making sense.
2017-03-30 17:31:12 +00:00
Enji Cooper
4914b39f09 Don't use K&R style prototypes; ANSIfy them
This fixes several -Wold-style-definition warnings.

X-MFC with:	313191
Reported by:	amd64-gcc-6.3.0 (devel/amd64-xtoolchain-gcc)
Sponsored by:	Dell EMC Isilon
2017-03-28 20:34:02 +00:00
Warner Losh
416823b103 Use a more stream-lined version of fix_value.
Submitted by: ian@
2017-03-24 13:46:26 +00:00
Enji Cooper
acc3e91350 Add a post-humous manpage for cd9660(5), the ISO-9660 file system
Describe (briefly) how to compile the filesystem into the kernel and
load as a module.

Reference cd9660(5) in mount(8) and mount_cd9660(8).

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-23 02:57:08 +00:00
Enji Cooper
53de181604 mount.conf(8): fix a .Xr call
Add the missing section number for devfs(5)

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-03-23 02:50:35 +00:00
Warner Losh
192af3b7c3 Implement quote escaping. String values may now contain " if you
it is preceded by \.

foo="I \"like\" C++"

gives the value 'I "like" C++' to the variable 'foo'. If a character
other than " follows the \, both the \ and that character are passed
through.

Differential Revision: https://reviews.freebsd.org/D6286
Sponsored by: Netflix
2017-03-23 02:36:51 +00:00
Alexander Motin
f988d55683 Fix printing bits above first eight.
Reported by:	Coverity
CID:		1372596
MFC after:	1 week
2017-03-22 13:53:21 +00:00
Enji Cooper
c9f1eca5c4 Delete trailing whitespace (no functional change)
MFC after:	3 days
Sponsored by:	Dell EMC Isilon
2017-03-21 22:00:52 +00:00
Maxim Konovalov
1d44b7e821 The .Cm macro usage fixed.
PR:		217977
Submitted by:	tobik
2017-03-21 13:01:08 +00:00
Edward Tomasz Napierala
2132a4ef05 Document how to use reroot with NFS.
MFC after:	2 weeks
Sponsored by:	DARPA, AFRL
2017-03-19 15:49:51 +00:00
Andrey V. Elsukov
6ed1473867 Change the syntax of ipfw's named states.
Since the state name is an optional argument, it often can conflict
with other options. To avoid ambiguity now the state name must be
prefixed with a colon.

Obtained from:	Yandex LLC
MFC after:	2 week
Sponsored by:	Yandex LLC
2017-03-15 13:36:35 +00:00
Dmitry Marakasov
8d27c2000b Fix late and noauto with geli swap
With the following in /etc/fstab:

/dev/gpt/swap.eli none swap sw,late 0 0

swap will not be enabled, with `swapon -aL' complaining:

swapon: Invalid option: late

This happens because swap_on_geli_args() which parses geli arguments
out of all mount options does not expect late or noauto among them.
Fix this by explicitly allowing these arguments.

Reviewed by:	jilles
Approved by:	jilles
MFC after:	2 weeks
Differential Revision:	D9835
2017-03-14 12:39:19 +00:00
Cy Schubert
48fa9d448d Disconnect ipftest and ipresend from the build until it can be verified
that they still work. These utilities have become out of sync with the
code in the kernel and need work to bring them back into shape.
Most people test on real systems or VMs on real networks.

Suggested by:	glebius
2017-03-14 02:10:37 +00:00
Cy Schubert
92044f3e36 Revert r315218 so that it may be committed together with r315219. 2017-03-14 02:06:12 +00:00
Cy Schubert
f0a7513344 Disconnect ipftest and ipresend from the build until it can be verified
that they still work. These utilities have become out of sync with the
code in the kernel and need work to bring them back into shape.
Most people test on real systems or VMs on real networks.

Sugested by:	glebius
2017-03-14 01:00:09 +00:00
Enji Cooper
7e431900a5 sbin/dhclient: fix vendor storage leak in parse_option_decl(..)
This ensures the storage isn't leaked when non-NULL and the function
returns early, prior to the `free(vendor)` later on in the function.

MFC after:	1 week
Reported by:	Coverity
CID:		1007111-1007113
Reviewed by:	cem
Sponsored by:	Dell EMC Isilon
Differential Revision:	D9993
2017-03-13 17:45:00 +00:00
Enji Cooper
513bdaa141 Fix -Wunused-but-set-warning with ret
While here, resolve Coverity warnings by demonstrating that vfprintf's
return value is being explicitly ignored.

MFC after:	1 week
Reported by:	gcc 6.3.0
Tested with:	clang, gcc 4.2.1, gcc 6.3.0
Sponsored by:	Dell EMC Isilon
2017-03-13 17:15:45 +00:00
Enji Cooper
6c5b1b394d sbin/dhclient: fix a memory leak in parse_client_lease_statement(..)
The memory stored by `lease` would have previously been leaked if an
unterminated lease declaration was found in an early-return code path.

MFC after:	1 week
Reported by:	clang static analyzer, Coverity
CID:		1007114
Submitted by:	Tom Rix <trix@juniper.net>
Sponsored by:	Dell EMC Isilon; Juniper, Inc
Differential Revision:	D9992
2017-03-13 17:05:49 +00:00
Enji Cooper
12211016f5 Fix CFLAGS for including netipsec headers #includes
The netipsec headers are referenced via netipsec/..., not ./... .
Thus, assuming that the netipsec/... is nested under ${SRCTOP}/sys/netipsec
is wrong.

This tripped up some individuals building ^/head on systems pre-r314812.

MFC after:	1 week
Reported by:	Roberto Rodriguez Jr <rob.rodz.jr9@gmail.com>
Sponsored by:	Dell EMC Isilon
2017-03-13 01:05:25 +00:00
Marcelo Araujo
2ae0afa8ee Add the capability to refresh the gpart(8) label without need a reboot.
gpart(8) has functionality to change the label of an GPT partition.
This functionality works like it should, however, after a label change
the /dev/gpt/ entries remain unchanged. glabel(8) status output remains
unchanged. The change only takes effect after a reboot.

PR:		162690
Submitted by:	sub.mesa@gmail, Ben RUBSON <ben.rubson@gmail.com>, ae
Reviewed by:	allanjude, bapt, bcr
MFC after:	6 weeks.
Differential Revision:	https://reviews.freebsd.org/D9935
2017-03-12 04:15:56 +00:00
Enji Cooper
e96ea26ddd Delete duplicate -I <SRCTOP>/lib/libipsec added in r171135
It's already handled earlier on in the Makefile, per the change made
in r80029.

MFC after:	1 month
Sponsored by:	Dell EMC Isilon
2017-03-12 02:21:16 +00:00
Mark Johnston
7554e75851 Typo.
MFC after:	3 days
2017-03-10 19:13:38 +00:00
Alexander Motin
16eb31fd21 Decode modern PIM flags.
MFC after:	2 weeks
2017-03-09 16:34:55 +00:00
Enji Cooper
c3e412c083 sbin/devfs: clarify usage
- Note existence of -m option.
- Note that -s applies to rule keyword, only, by adding usage text
  specifically for the `rule` and `ruleset` keywords.

Don't go into any further detail in usage(..) -- it's best that one
reads the manpage to get a better idea of how things work as there are
a number of different option-specific keywords and arguments, as well
as some rule grammar.

MFC after:	1 week
Sponsored by:	Dell EMC Isilon
2017-03-08 23:58:10 +00:00
Andrey V. Elsukov
22986c6740 Introduce the concept of IPsec security policies scope.
Currently are defined three scopes: global, ifnet, and pcb.
Generic security policies that IKE daemon can add via PF_KEY interface
or an administrator creates with setkey(8) utility have GLOBAL scope.
Such policies can be applied by the kernel to outgoing packets and checked
agains inbound packets after IPsec processing.
Security policies created by if_ipsec(4) interfaces have IFNET scope.
Such policies are applied to packets that are passed through if_ipsec(4)
interface.
And security policies created by application using setsockopt()
IP_IPSEC_POLICY option have PCB scope. Such policies are applied to
packets related to specific socket. Currently there is no way to list
PCB policies via setkey(8) utility.

Modify setkey(8) and libipsec(3) to be able distinguish the scope of
security policies in the `setkey -DP` listing. Add two optional flags:
'-t' to list only policies related to virtual *tunneling* interfaces,
i.e. policies with IFNET scope, and '-g' to list only policies with GLOBAL
scope. By default policies from all scopes are listed.

To implement this PF_KEY's sadb_x_policy structure was modified.
sadb_x_policy_reserved field is used to pass the policy scope from the
kernel to userland. SADB_SPDDUMP message extended to support filtering
by scope: sadb_msg_satype field is used to specify bit mask of requested
scopes.

For IFNET policies the sadb_x_policy_priority field of struct sadb_x_policy
is used to pass if_ipsec's interface if_index to the userland. For GLOBAL
policies sadb_x_policy_priority is used only to manage order of security
policies in the SPDB. For IFNET policies it is not used, so it can be used
to keep if_index.

After this change the output of `setkey -DP` now looks like:
# setkey -DPt
0.0.0.0/0[any] 0.0.0.0/0[any] any
	in ipsec
	esp/tunnel/87.250.242.144-87.250.242.145/unique:145
	spid=7 seq=3 pid=58025 scope=ifnet ifname=ipsec0
	refcnt=1
# setkey -DPg
::/0 ::/0 icmp6 135,0
	out none
	spid=5 seq=1 pid=872 scope=global
	refcnt=1

No objection from:	#network
Obtained from:	Yandex LLC
MFC after:	2 weeks
Sponsored by:	Yandex LLC
Differential Revision:	https://reviews.freebsd.org/D9805
2017-03-07 00:13:53 +00:00