Fix bogus check. It was possible to panic the kernel by giving 0 length.
This is actually a local DoS, as every user can use /dev/crypto if there
is crypto hardware in the system and cryptodev.ko is loaded (or compiled
into the kernel).
Reported by: Mike Tancsa <mike@sentex.net>
Security: Local DoS on systems with crypto HW and with /dev/crypto available
Approved by: re (kensmith)
Not sure why, but SYSCTL_OUT() can sometimes keep returning ENOMEM
in sysctl_jail_list(). Because of this, jls(8) could enter into
an endless loop. The strange thing is, that we can call jls(8) while
the other one is in loop and it will succeed - SYSCTL_OUT() will
not return ENOMEM there.
Approved by: re (kensmith)
Implement a new feature for ping(8) - sweeping pings. In a sweeping
ping ICMP payload of packets being sent is increased with given step.
Sweeping pings are useful for testing problematic channels, MTU
issues or traffic policing functions in networks.
PR: bin/82625
Submitted by: Chris Hellberg <chellberg juniper.net> (with some cleanups)
Approved by: re (kensmith)
date: 2005/08/18 22:30:52; author: csjp; state: Exp; lines: +4 -2
Add missing braces around bpf_filter which were missed when I
merged the bpfstat code.
Approved by: re (kensmith)
MFC revision 1.167
date: 2005/08/08 21:06:42; author: csjp; state: Exp; lines: +2 -0
Drop in a WITNESS_WARN into SYSCTL_IN to make sure that we are
not holding any non-sleep-able-locks locks when copyin is called.
This gets executed un-conditionally since we have no function
to wire the buffer in this direction.
MFC revision 1.166
date: 2005/08/08 18:54:35; author: csjp; state: Exp; lines: +6 -1
Check to see if we wired the user-supplied buffers in SYSCTL_OUT, if
the buffer has not been wired and we are holding any non-sleep-able locks,
drop a witness warning. If the buffer has not been wired, it is possible
that the writing of the data can sleep, especially if the page is not in
memory. This can result in a number of different locking issues, including
dead locks.
Approved by: re (kensmith)
BRANCH_OVERRIDE environment variable (which, if set, overrides the
BRANCH specified here). These make my FreeBSD Update build code
simpler by making it easier to recognize when two kernels are identical
modulo version numbers.
Approved by: re (kensmith)
> Ensure that we are holding the lock when initialising the bridge interface. We
> could initialise while unlocked if the bridge is not up when setting the inet
> address, ether_ioctl() would call bridge_init.
>
> Change it so bridge_init is always called unlocked and then locks before
> calling bstp_initialization().
Approved by: re (kensmith), mlaier (mentor)
Teach vmstat -m and vmstat -z to use libmemstat(3). Certain
statistics from -z are now a bit different due to changes in the
way statistics are now measured. Reproduce with some amount of
accuracy the slightly obscure layouts adopted by the two kernel
sysctls. In the future, we might want to normalize them.
GC dosysctl(), which is now no longer used.
Merge vmstat.c:1.88 from HEAD to RELENG_6:
Minor syntax tweaks:
- Remove some extra blank lines.
- Remove comments that don't contribute to understanding.
- Remove additional blank lines in output added to maximize
compatibility with older vmstat output, but that is actually
somewhat gratuitous.
Submitted by: bde
Approved by: re (kensmith)
In multicast routines:
Compare pointers with NULL rather than treating them as booleans.
Compare pointers with NULL rather than 0 to make it more clear
they are pointers.
Assign pointers value of NULL rather than 0 to make it more clear
they are pointers.
Approved by: re (kensmith)
Rename equal() macro to sa_equal(), which matches the definitions
of sa_equal() in other files, and makes it more clear what equal()
is comparing.
Approved by: re (kensmith)
>restore the ability to mount cd9660 filesystems as root by inverting
>some of the options test, specifically the joliet and rockridge tests.
> ...
Approved by: re (Ken Smith)
To prevent a race between RTM_DELETE message and
arptimer() deleting stale entry, we need to lock
rtentry before unlocking radix head.
Approved by: re (kensmith)
o Make rt_check() function more strict:
- rt0 passed to rt_check() must not be NULL, assert this.
- rt returned by rt_check() must be valid locked rtentry,
if no error occured.
o Modify callers, so that they never pass NULL rt0
to rt_check().
o Modify callers, so that they unlock rtentry.
Revisions merged:
net/if_atmsubr.c - 1.39, 1.41
net/if_fwsubr.c - 1.13, 1.15
net/if_iso88025subr.c - 1.69, 1.71
net/route.c - 1.110, 1.111
netinet6/nd6.c - 1.51-1.53
netinet/if_ether.c intentionally not touched by this merge.
Approved by: re (kensmith)
This should keep 'ugidfw list' to stop complaining about "Data error in
security.mac.bsdextended.rules.N: Unknown error: 0" if there is a "hole"
within the rule set.
Approved by: re (hrs)
space in /, /var, and /tmp, and if the device is large enough, provide
extra space to /var sufficient to store a crash dump.
Approved by: re (kensmith)
> Log:
> The /stand directory now disappears out from under sysinstall while
> it is running during installations. The vsystem() function does get
> used after this happens (e.g. if you manually configure the network
> interface and ask it to enable the interface) so it needs to be a
> little smarter about whether it uses /stand/sh or /bin/sh.
Approved by: re (hrs)
- add missing ether_poll_deregister
- add per-device polling
- move the setting of if_capenable further down so that the
VLAN caps are honored as well
Approved by: re (kensmith), ru
etc/defaults/rc.conf 1.255,1.256,1.257
- Remove gbde_swap_enable variable (it has no effect).
- Add geli_swap_flags variable which holds flags used by geli(8) when
configuring GELI-encrypted swap partitions.
- Add variables used by rc.d/geli and rc.d/geli2 scripts.
Approved by: re (kensmith)
Add scripts for GELI device configuration on boot.
rc.d/geli - configures encryption (ask for passphrases, etc.);
rc.d/geli2 - is called after file systems are mounted and mark devices for
detach on last close.
Approved by: re (kensmith)
Add if_addr_mtx to struct ifnet, a mutex to protect ifnet-related address
lists. Add accessor macros.
This changes the size of struct ifnet, but ideally, all ifnet consumers
are now using if_alloc() to allocate these structures rather than
embedding them into device driver softc's, so this won't modify the
network device driver ABI.
Approved by: re (hrs)
When keys were configured without passphrase, number of iterations in
metadata is equal to -1. if we then wanted to attach provider (or change
keys) and forget about '-p' flag it failed on assertion (quite ok, without
assertion it could call PKCS#5v2 with 4294967295 iterations).
Instead of failing on assertion, remind about '-p' flag.
Approved by: re (kensmith)
