r299460 (by cem):
fsck_ffs: Don't overrun mount device buffer
Maybe this case is impossible. Either way, when attempting to "/dev/"-prefix a
non-global device name, check that we do not overrun the f_mntfromname buffer.
In this case, truncating (with strlcpy or similar) would not be useful, since
the f_mntfromname result of getmntpt() is passed directly to open(2) later.
CID: 1006789
r299387 (by cem):
netipsec: Fix minor style nit
Coverity points out that 'continue' is equivalent to 'break' in a do {}
while(false) loop.
CID: 1354983
r300779 | truckman | 2016-05-26 14:40:13 -0700 (Thu, 26 May 2016) | 64 lines
Import Dummynet AQM version 0.2.1 (CoDel, FQ-CoDel, PIE and FQ-PIE).
Centre for Advanced Internet Architectures
Implementing AQM in FreeBSD
* Overview <http://caia.swin.edu.au/freebsd/aqm/index.html>
* Articles, Papers and Presentations
<http://caia.swin.edu.au/freebsd/aqm/papers.html>
* Patches and Tools <http://caia.swin.edu.au/freebsd/aqm/downloads.html>
Overview
Recent years have seen a resurgence of interest in better managing
the depth of bottleneck queues in routers, switches and other places
that get congested. Solutions include transport protocol enhancements
at the end-hosts (such as delay-based or hybrid congestion control
schemes) and active queue management (AQM) schemes applied within
bottleneck queues.
The notion of AQM has been around since at least the late 1990s
(e.g. RFC 2309). In recent years the proliferation of oversized
buffers in all sorts of network devices (aka bufferbloat) has
stimulated keen community interest in four new AQM schemes -- CoDel,
FQ-CoDel, PIE and FQ-PIE.
The IETF AQM working group is looking to document these schemes,
and independent implementations are a corner-stone of the IETF's
process for confirming the clarity of publicly available protocol
descriptions. While significant development work on all three schemes
has occured in the Linux kernel, there is very little in FreeBSD.
Project Goals
This project began in late 2015, and aims to design and implement
functionally-correct versions of CoDel, FQ-CoDel, PIE and FQ_PIE
in FreeBSD (with code BSD-licensed as much as practical). We have
chosen to do this as extensions to FreeBSD's ipfw/dummynet firewall
and traffic shaper. Implementation of these AQM schemes in FreeBSD
will:
* Demonstrate whether the publicly available documentation is
sufficient to enable independent, functionally equivalent implementations
* Provide a broader suite of AQM options for sections the networking
community that rely on FreeBSD platforms
Program Members:
* Rasool Al Saadi (developer)
* Grenville Armitage (project lead)
Acknowledgements:
This project has been made possible in part by a gift from the
Comcast Innovation Fund.
Submitted by: Rasool Al-Saadi <ralsaadi@swin.edu.au>
X-No objection: core
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D6388
[Remove some code that was added to the mq_append() inline function in
HEAD by r258457, which was not merged to stable/10. The AQM patch
moved mq_append() from ip_dn_io.c to the new file ip_dn_private.h, so
we need to remove that copy of the r258457 changes.]
------------------------------------------------------------------------
r300781 | truckman | 2016-05-26 14:44:52 -0700 (Thu, 26 May 2016) | 7 lines
Modify BOUND_VAR() macro to wrap all of its arguments in () and tweak
its expression to work on powerpc and sparc64 (gcc compatibility).
Correct a typo in a nearby comment.
MFC after: 2 weeks (with r300779)
------------------------------------------------------------------------
r300783 | truckman | 2016-05-26 15:03:28 -0700 (Thu, 26 May 2016) | 4 lines
Correct a typo in a comment.
MFC after: 2 weeks (with r300779)
------------------------------------------------------------------------
r300784 | truckman | 2016-05-26 15:07:09 -0700 (Thu, 26 May 2016) | 5 lines
Include the new AQM files when compiling a kernel with options DUMMYNET.
Reported by: Nikolay Denev <nike_d AT cytexbg DOT com>
MFC after: 2 weeks (with r300779)
------------------------------------------------------------------------
r300949 | truckman | 2016-05-29 00:23:56 -0700 (Sun, 29 May 2016) | 10 lines
Cast some expressions that multiply a long long constant by a
floating point constant to int64_t. This avoids the runtime
conversion of the the other operand in a set of comparisons from
int64_t to floating point and doing the comparisions in floating
point.
Suggested by: lidl
Submitted by: Rasool Al-Saadi <ralsaadi@swin.edu.au>
MFC after: 2 weeks (with r300779)
------------------------------------------------------------------------
r301162 | truckman | 2016-06-01 13:04:24 -0700 (Wed, 01 Jun 2016) | 9 lines
Replace constant expressions that contain multiplications by
fractional floating point values with integer divides. This will
eliminate any chance that the compiler will generate code to evaluate
the expression using floating point at runtime.
Suggested by: bde
Submitted by: Rasool Al-Saadi <ralsaadi@swin.edu.au>
MFC after: 8 days (with r300779 and r300949)
------------------------------------------------------------------------
r301180 | truckman | 2016-06-01 17:42:15 -0700 (Wed, 01 Jun 2016) | 2 lines
Belatedly bump .Dd date for Dummynet AQM import in r300779.
Relnotes: yes
r300870:
Unbreak the zfs(4) build
vm/vm_pageout.h grew a dependency on the bool typedef in r300865
arc.c didn't include sys/types.h, which included the definition for the typedef
Other items (ofed, drm2) might need to be chased for this commit.
Pointyhat to: alc
r300884:
Fix up r300870
The sys/types.h fix I proposed was only tested with zfs(4), not with
libzpool, which is where the build failure actually existed
Remove vm/vm_pageout.h from arc.c and zfs_vnops.c because they're both
unneeded
In collaboration with: kib
Fix up r300385
I accidentally glossed over the fact that tmp is manipulated via strchr, so
if we tried to free `tmp` after r300385, it would have crashed.
Create a separate pointer (tmp2) to track the original allocation of `tmp`,
and free `tmp2` if `p->nc_lookups` can't be malloced
CID: 1356026
Remove unnecessary memset(.., 0, ..)'s
The mem_alloc macro calls calloc (userspace) / malloc(.., M_WAITOK|M_ZERO)
under the covers, so zeroing out memory is already handled by the underlying
calls
r300856:
Initialize `t` with memset(.., 0, ..)
This will help ensure that we're not using random garbage on the stack by
accident with respect to the variable
r300857:
Document the default behavior for -c (0)
Bump .Dd for the change
r300858:
Fix description for -V in the -r case
t.verify_test = true is always set when -V is specified, regardless of whether
or not the tool is being run in raw mode
r300874:
Update usage(..)
- Document missing options
- Sync options with ioatcontrol(8).
- Make it clear that the first 2 parameters are always required.
Remove NO_WERROR from libbsnmp/Makefile.inc
This has been compiling without warnings with clang/gcc for a while now
Tested with: clang 3.8.0, gcc 4.2.x, gcc 5.x
r294507 (by harti):
Fill the ifAlias leaf of the ifXTable with the interface description
if there is one available and it fits into the maximum size (64 characters).
r294567 (by bz):
Change the variable to a #define in order to make gcc happy which
otherwise will complain about "variably modified 'alias' at file scope".
Unbreaks the build on gcc platforms.
r299466 (by cem):
bsnmpd: Fix size of trapsink::comm to match other community arrays
This fixes a number of possible strcpy() buffer overruns between the various
community strings in trap.c.
CIDs: 1006820, 1006821, 1006822
r256678 (by syrinx):
Fix SNMP Error response PDUs and properly encode them when using v3 auth/encryption.
r256680 (by syrinx):
Fix the -Wconversion warnings produced when compiling the SNMP agent.
r260986 (by harti):
Fix a problem with OBJECT IDENTIFIER encoding: need to check the
second subid to be less than 40, not the first when the first
subid is 0 or 1.
r272878 (by syrinx):
Fix a bug in decoding string indexes in snmp_target(3), thus causing
bsnmpd(1) to not send v3 notifications properly; while here add two
missing return statements which could lead to abort() in case of a
rollback
r286402 (by araujo):
Fix variable 'old' is used uninitialized whenever '&&' condition is false.
Spotted by clang.
Move _bsnmptools_debug extern from bsnmpmap.c to bsnmptools.h
It was used in bsnmpmap.c but was stored in bsnmptools.c; moving the extern
to the header allows us to cover all of our bases for the variable, and allows
_bsnmptools_debug to be used in the future elsewhere -- not just bsnmpmap.c.
Use a consistent errno save/restore pattern before running strtoul
- Save errno
- Set errno to 0
- Call strtoul
- Test errno (optional, but many calls to strtoul did this afterwards)
Some of the code was setting errno = 0 after calling strtoul, not setting
errno = 0, or setting errno to saved_errno after the call, but before the
test. These all have unwanted behavioral side-effects, depending on the
initial value of errno and whether or not the input to strtoul was correct
or incorrect.
Fix logically dead code pointed out by clang/Coverity
parse_context, parse_user_security: test for validity of results from
parse_ascii(..) with by casting to int32_t and comparing to -1; comparing
unsigned types to negative values will always be false.
CID: 1011432, 1011433
r300867:
Only expose `hint_uaddr` in the ND_DEBUG case
This fixes a -Wunused-but-set-variable warning with gcc
r300932:
Catch malloc(3) errors and socket(2) errors
- malloc failing will result in a delayed segfault
- socket failing will result in delayed failures with setsockopt
Exit in the event that either of these high-level conditions are met.
CID: 976288, 976321, 976858
r300934:
Plug leak with ifp by calling freeifaddrs after calling getifaddrs
Obtained from: NetBSD v1.18
r300941:
Don't leak res in network_init(..)
Call freeaddrinfo on it after it's been used
CID: 1225050
r300972 (by markj):
Fix rpcbind init after r300941.
- getaddrinfo() sets res = NULL on failure and freeaddrinfo() always
dereferences its argument, so we should only free the address list after
a successful call.
- Address a second potential leak caused by getaddrinfo(AF_INET6)
overwriting the address list returned by getaddrinfo(AF_INET).
X-MFC-With: r300941
r300973:
Follow up to r300932
In the event MK_INET6 != no in userspace, but is disabled in the
kernel, or if there aren't any IPv6 addresses configured in userspace
(for lo0 and all physical interfaces), rpcbind would terminate
immediately instead of silently failing on
Skip over the IPv6 block to its respective cleanup with freeifaddrs if
creating the socket failed instead of terminating rpcbind immediately
r300387:
getnetid(..): consistently fclose fd at the end of the function
This mutes a false positive with cppcheck, but also helps eliminate future
potential issues with this variable
r300388:
Call endnetconfig on nc_handle sooner to avoid leaking nc_handle if tmpnconf
was NULL
This would theoretically happen if the netconfig protocol family and protocol
semantics were never matched.
CID: 978179
r300389:
nis_rpcent: don't leak resultbuf from yp_first(..)/yp_next(..)
If the buffer couldn't be adequately resized to accomodate an additional "\n",
it would leak resultbuf by breaking from the loop early
CID: 1016702
Use require.progs with bc instead of require.files with /usr/bin/bc
This will make things more flexible if the program path changes in the future,
and the test in and of itself doesn't call /usr/bin/bc -- it just calls bc
r300620:
Use reallocf instead of malloc to fix leak with outbuf_pmap
The previous code overwrote outbuf_pmap's memory with malloc once per
loop iteration, which leaked its memory; use reallocf instead to ensure
that memory is properly free'd each loop iteration.
Add a outbuf_pmap = NULL in the failure case to avoid a double-free
at the bottom of the function.
CID: 1038776
r300621:
Remove redundant NULLing of outbuf_pmap
If reallocf ever failed, outbuf_pmap would already be NULL
Wrap EXPAND(..) macro with a do-while(0) loop and put a single statement on each line
As a positive side-effect, this eliminates the double semicolons reported by Coverity:
the macro contained a trailing semicolon, in addition to the semicolon placed on
each line where EXPAND(..) was called.
CID: 1194269
Fix humanized decoding of struct stat with respect to .st_mtim
st_mtim was being incorrectly described as "stime=", not "mtime=". This was
introduced with the original feature commit (r176471).
PR: 209699
r299844:
Make hostid_save depend on hostid
r300931:
Make netif REQUIRE hostid
As noted in the PR, if etc/rc.d/zvol is removed, netif will be run before
hostid, and the MAC address generated for any bridge devices will be
non-deterministic. Make the MAC address generated be deterministic for
bridge devices by explicitly REQUIRE'ing hostid.
This fixes up the rest of the PR, inadvertently committed in r299844
PR: 195188
Fix broken dependency with routed when MK_ROUTED != no
Remove routed as a requirement in NETWORKING, and put it in routed as a BEFORE
requirement instead
r299839:
Make FILESYSTEMS, dumpon, and var not depend on zfs and zvol
Make zfs and zvol come before all of the items that depended on them
previously
r299840:
Conditionalize etc/rc.d/{zfs,zvol} install on MK_ZFS != no
r299841:
Remove etc/rc.d/{zfs,zvol} if MK_ZFS != no
The (i < PROMPTLEN - 1) test added by r300442 in the code for the default
case of \c in the prompt format string is a no-op. We already passed
this test at the top of the loop, and i has not yet been incremented in
this path. Change this test to (i < PROMPTLEN - 2).
Reported by: Coverity
CID: 1008328
Reviewed by: cem
Differential Revision: https://reviews.freebsd.org/D6552
Fix CID 1006692 in /usr/sbin/pw pw_log() function and other fixes
The length of the name returned from the $LOGNAME and $USER can be
very long and it was being concatenated to a fixed length buffer
with no bounds checking. Fix this problem by limiting the length
of the name copied.
Additionally, this name is actually used to create a format string
to be used in adding log file entries so embedded % characters in
the name could confuse *printf(), and embedded whitespace could
confuse a log file parser. Handle the former by escaping each %
with an additional %, and handle the latter by simply stripping it
out.
Clean up the code by moving the variable declarations to the top
of the function, formatting them to conform with style, and moving
intialization elsewhere.
Reduce code indentation by returning early in a couple of places.
Reported by: Coverity
CID: 1006692
Reviewed by: markj (previous version)
Differential Revision: https://reviews.freebsd.org/D6490
Add an assertion to catch a potential underflow in an array index
calculation, though this should not happen in the current code.
Reported by: Coverity
CID: 1008486
dhclient(1): correct obvious mismatch in get_char().
Correct switch between current and previous line buffers when
encountering a carriage return in the input.
CID: 1305719
Obtained from: OpenBSD (CVS rev. 1.30)
