Commit Graph

219146 Commits

Author SHA1 Message Date
Enji Cooper
994c8618ec op_usm_users: fix indentation in SNMP_OP_SET block
MFC after:	3 days
2017-01-05 08:27:23 +00:00
Enji Cooper
446bd8a476 Use calloc instead of malloc + memset(.., 0, ..)
MFC after:	3 days
2017-01-05 08:17:17 +00:00
Enji Cooper
70157df618 lsock_init_port: address issues with initializing sockaddr_un object
- Use strlcpy to ensure p->name doesn't overflow sa.sun_path [*].
- Use SUN_LEN(..) instead of spelling out calculation longhand (inspired
  by comment by jmallett).

Tested with:	dgram and stream support with both bsnmpwalk and snmpwalk

MFC after:	1 week
Reported by:	Coverity
CID:		1006825
2017-01-05 08:14:20 +00:00
Enji Cooper
10a0306a2e lm_load: fix string copying issues
- Ensure `section` doesn't overrun section by using strlcpy instead of
  strcpy [*].
- Use strdup instead of malloc + strcpy (this wasn't flagged by Coverity,
  but is an opportunistic change).

MFC after:	1 week
Reported by:	Coverity
CID:		1006826 [*]
2017-01-05 07:55:17 +00:00
Enji Cooper
20a4ce8bf2 Redo fix for CID 979581
The previous change was flawed in terms of how it calculated the
buffer length for the sockaddr_un object. Use SUN_LEN where
appropriate and mute the Coverity complaint by using memset(.., 0, ..)
to zero out the entire structure instead of setting .sun_len to a bogus
value and strlcpy'ing in the contents of argv[1].

SUN_LEN is now being passed to bind(2) as well. For some odd reason
this wasn't flagged as a bug with Coverity.

Reported by:	jilles, jmallett
MFC after:	2 days
X-MFC with:	r311233
2017-01-05 07:46:57 +00:00
Adrian Chadd
4747f0df83 [net80211] correct VHT ieee80211com state bits.
* rename the ieee80211com field for vht mcsinfo to be ic_, not iv;
* add a vht config field, stealing from the spares I left there.

This doesn't change the ABI.
2017-01-05 05:03:11 +00:00
Adrian Chadd
eee8e3627b [ath_hal] mad, mad hacks to get some semblence of correct HT/40 channels populated.
The HT40 channel population logic was "just" doing pairs of channels starting with
the band entry frequency.  Trouble is, a lot of the rules start way off at 5120MHz,
which isn't a valid 5GHz channel.  Then, eg for HT40U, it would populate:

* (5120,5140)
* (5160,5180)
* (5200,5220)
* (5240,5260)

.. as the HT40U pairs, with the first being the primary channel.  Channel 36
is 5180MHz, and since it's not a primary channel here, it wouldn't populate it.
Then, the next HT40U would be 5200/5220, which is highly wrong.

HT40D had the same problem.

So, this just forces that 5GHz HT40 channels start at channel 36 (5180),
no matter what the band edge says.  This includes eg doing 4.9GHz channels.

This erm, meant that the HT40 channels for the low band was always wrong.

Oops!

Tested:

* AR9380, STA mode
* AR9344 SoC, AP mode

MFC after:	1 week
2017-01-05 04:56:04 +00:00
Adrian Chadd
f69a29b5f9 [net80211] add VHT media types in the media layer. 2017-01-05 04:49:23 +00:00
Hiroki Sato
1232b86014 Fix build when WITHOUT_INET6 is defined. 2017-01-05 03:25:16 +00:00
Mark Johnston
8d65cba217 Remove a redundant use of min().
Reported by:	rpokala
X-MFC With:	r311346
2017-01-05 03:13:45 +00:00
Ravi Pokala
d3c06026c2 In the same vein as r311350, fix whitespace in handling of XPT_PATH_INQ in
several more drivers.

Sponsored by:	Panasas
2017-01-05 03:08:57 +00:00
Ravi Pokala
fa2c752c00 Fix whitespace in handling of XPT_PATH_INQ in adw(4).
Came across this while doing some other minor CAM cleanup. Whitespace-only
change, so not bothering w/ a review.

Sponsored by:	Panasas
2017-01-05 02:54:03 +00:00
Alan Somers
371f86d244 tabs -> spaces in etc/mtree
MFC after:	4 weeks
2017-01-05 02:47:56 +00:00
Mark Johnston
1f7967e13b Add a reasonable bound on the symbol table index size. 2017-01-05 02:33:10 +00:00
Kevin Lo
d01f7b29a9 In rtl8188eu, read R92C_HSSI_PARAM2(0)) register to detect whether it needs
to enable CCK high power feature or not.

Reviewed by:	avos
2017-01-05 02:04:53 +00:00
Mark Johnston
ec492b13f1 Add a small allocator for exec_map entries.
Upon each execve, we allocate a KVA range for use in copying data to the
new image. Pages must be faulted into the range, and when the range is
freed, the backing pages are freed and their mappings are destroyed. This
is a lot of needless overhead, and the exec_map management becomes a
bottleneck when many CPUs are executing execve concurrently. Moreover, the
number of available ranges is fixed at 16, which is insufficient on large
systems and potentially excessive on 32-bit systems.

The new allocator reduces overhead by making exec_map allocations
persistent. When a range is freed, pages backing the range are marked clean
and made easy to reclaim. With this change, the exec_map is sized based on
the number of CPUs.

Reviewed by:	kib
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D8921
2017-01-05 01:44:12 +00:00
Mark Johnston
eeeaa7ba22 Sort includes in kern_exec.c.
MFC after:	1 week
2017-01-05 01:28:08 +00:00
John Baldwin
58ffa42f64 Use db_printsym() to display function names in stack traces.
Previously, the stack unwinder tried to locate the start of the function
in each frame by walking backwards until it found an instruction that
modified the stack pointer and then assumed that was the first instruction
in a function.  The unwinder would only print a function name if the
starting instruction's address was an exact match for a symbol name.
However, not all functions generated by modern compilers start off functions
with that instruction.  For those functions, the unwinder would fail to
find a matching function name.  As a result, most frames in a stack
trace would be printed as raw hex PC's instead of a function name.

Stop depending on this incorrect assumption and just use db_printsym()
like other platforms to display the function name and offset for each
frame.  This generates a far more useful stack trace.

While here, don't print out curproc's pid at the end of the trace.  The
pid was always from curproc even if tracing some other process.

In addition, remove some rotted comments about hardcoded constants that
are no longer hardcoded.

Sponsored by:	DARPA / AFRL
2017-01-05 00:59:53 +00:00
John Baldwin
da53b41194 Only call stacktrace_subr() from DDB.
There was a single call to stacktrace() under an #ifdef DEBUG to obtain
a stack trace during a fault that resulted in a function pointer to a
printf function being passed to stacktrace_subr() in db_trace.c.  The
kernel now has existing interfaces for obtaining a stack trace outside
of DDB (kdb_backtrace(), or the stack_*() API) that should be used instead.
Rather than fix the one call however, remove it since the kernel will
dump a trace anyway once it panics.

Make stacktrace_subr() static, remove the function pointer and change it
to use db_printf() explicitly.

Discussed with:	kan
Sponsored by:	DARPA / AFRL
2017-01-05 00:08:04 +00:00
Alan Somers
2277edc8a6 Misc Coverity fixes for tail(1)
CID 1006402:	Initialize stack variable
CID 271580:	Don't leak memory when ENOMEM.

Reported by:	Coverity
CID:		271580 1006402
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2017-01-04 23:22:34 +00:00
Gleb Smirnoff
1e0c121f3a Fix assertion that checks that pages are consecutive to properly
handle bogus_page insertion(s).
2017-01-04 22:31:09 +00:00
Gleb Smirnoff
bfc8c24c73 Move bogus_page declaration to vm_page.h and initialization to vm_page.c.
Reviewed by:	kib
2017-01-04 22:27:19 +00:00
Jung-uk Kim
4c3d1ae2b2 Remove llvm-objdump when Clang is disabled. It was missed in r310889.
Submitted by:	dim
2017-01-04 21:55:52 +00:00
John Baldwin
887cc8f480 Further refine MIPS stack traces across trapframes.
Use the trapframe unwinder recently added for kernel stack overflow
panics for frames crossing MipsKernGenException and MipsKernIntr.
This provides more reliably unwinding across nested interrupts and
exceptions in the kernel.

While here, dump the value of the CAUSE and BADVADDR registers when
crossing a trapframe.

Submitted by:	rwatson (original version)
Obtained from:	CheriBSD
Sponsored by:	DARPA / AFRL
2017-01-04 21:13:21 +00:00
Alan Somers
4195c7de24 Always null-terminate ccb_pathinq.(sim_vid|hba_vid|dev_name)
The sim_vid, hba_vid, and dev_name fields of struct ccb_pathinq are
fixed-length strings. AFAICT the only place they're read is in
sbin/camcontrol/camcontrol.c, which assumes they'll be null-terminated.
However, the kernel doesn't null-terminate them. A bunch of copy-pasted code
uses strncpy to write them, and doesn't guarantee null-termination. For at
least 4 drivers (mpr, mps, ciss, and hyperv), the hba_vid field actually
overflows. You can see the result by doing "camcontrol negotiate da0 -v".

This change null-terminates those fields everywhere they're set in the
kernel. It also shortens a few strings to ensure they'll fit within the
16-character field.

PR:		215474
Reported by:	Coverity
CID:		1009997 1010000 1010001 1010002 1010003 1010004 1010005
CID:		1331519 1010006 1215097 1010007 1288967 1010008 1306000
CID:		1211924 1010009 1010010 1010011 1010012 1010013 1010014
CID:		1147190 1010017 1010016 1010018 1216435 1010020 1010021
CID:		1010022 1009666 1018185 1010023 1010025 1010026 1010027
CID:		1010028 1010029 1010030 1010031 1010033 1018186 1018187
CID:		1010035 1010036 1010042 1010041 1010040 1010039
Reviewed by:	imp, sephe, slm
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D9037
Differential Revision:	https://reviews.freebsd.org/D9038
2017-01-04 20:26:42 +00:00
Alexander Kabaev
e39ff5dd0b Remove duplicate iic and iicbus devices from JZ4780 kernel 2017-01-04 18:36:30 +00:00
Alan Somers
4a8c3cd0df Remove dead code in dhclient(8)
The offending code has been dead ever since the import from OpenBSD in
r195805.  OpenBSD later deleted that entire function.

Reported by:	Coverity
CID:		500059
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2017-01-04 18:13:05 +00:00
Enji Cooper
640b69be3a style cleanup
- bridge_pf_dump: use nitems instead of spelling it out longhand
- bridge_do_pfctl: sort variables by alignment for type

MFC after:	1 week
2017-01-04 17:54:44 +00:00
Enji Cooper
9577c300d8 bridge_do_pfctl: allocate mib_name dynamically using asprintf
This is being done to reduce wasted space, simplify complexity in
the code, and to quell a Coverity warning about buffer overruns.
warning about buffer overruns.

MFC after:	1 week
Reported by:	Coverity
CID:		1006736
2017-01-04 17:50:52 +00:00
Alan Somers
398b756be8 Remove dead code in rpc_parse.c
It's been dead ever since it was imported from TI-RPC in 1995.  The dead
code is still present in Illumos today, but was removed from NetBSD in 2006.

Reported by:	Coverity
CID:		270097
Obtained from:	NetBSD
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2017-01-04 17:39:20 +00:00
Enji Cooper
758268dcae bridge_get_pfval: use nitems instead of spelling it out longhand
MFC after:	3 days
2017-01-04 17:38:18 +00:00
Enji Cooper
a0cc1855e3 Use strlcpy instead of strcpy when copying the bridge name to ifr.ifr_name
to avoid buffer overflows

MFC after:	1 week
Reported by:	Coverity
CID:		1006735, 1006737, 1006738
2017-01-04 17:33:18 +00:00
Alan Somers
f9fe16497a Delete dead code in chat(8)
It's always been dead, ever since first import in 1994.  It's still dead in
OpenBSD's version, too.

Reported by:	Coverity
CID:		270586
MFC after:	4 weeks
Sponsored by:	Spectra Logic Corp
2017-01-04 16:24:40 +00:00
Konstantin Belousov
4f64c5b3cf __vdso_gettc(): be extra careful with /dev/hpet mappings, never unmap
the mapping which might be accessed by other threads.

If a pointer to the /dev/hpet register page mapping was stored into
the hpet_dev_map, other threads might access the page at any time.
Never unmap it, instead, keep track of mappings for all hpet units in
smal array.  Store pointer to the newly mapped registers page using
CAS, to detect parallel mappings.

It appeared relatively easy to demonstrate the problem by arranging
two threads which perform gettimeofday(2) concurently, first time in
the process address space, when HPET is used for timecounter.

PR:	215715
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2017-01-04 16:10:52 +00:00
Konstantin Belousov
6c4338f2ef The callers of kern_getfsstat(UIO_SYSSPACE) expect that *buf always
returns memory which must be freed, regardless of the error.  Assign
NULL to *buf in case we are not going to allocate any memory due to
invalid mode.

Reported and tested by:	pho
Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	3 weeks (together with r310638)
Differential revision:	https://reviews.freebsd.org/D9042
2017-01-04 16:09:45 +00:00
Xin LI
a94dccbe27 MFV r311279: zlib 1.2.10.
MFC after:	1 month
2017-01-04 16:09:08 +00:00
Edward Tomasz Napierala
5ec7cde488 Fix bug that would result in a kernel crash in some cases involving
a symlink and an autofs mount request.  The crash was caused by namei()
calling bcopy() with a negative length, caused by numeric underflow:
in lookup(), in the relookup path, the ni_pathlen was decremented too
many times.  The bug was introduced in r296715.

Big thanks to Alex Deiter for his help with debugging this.

Reviewed by:	kib@
Tested by:	Alex Deiter <alex.deiter at gmail.com>
MFC after:	1 month
2017-01-04 14:43:57 +00:00
Edward Tomasz Napierala
3a408ce90d Don't release the cfiscsi session refcount too early. It wasn't
observed to fix any actual error, but it's the right thing to do
from the correctness point of view.

Tested by:	Eugene M. Zheganin <emz at norma.perm.ru>
MFC after:	1 month
2017-01-04 12:50:44 +00:00
Enji Cooper
ccd0cf8ffa snmp_mibII(3) requires net/if.h and net/if_mib.h
Document that requirement

MFC after:	1 week
2017-01-04 10:08:18 +00:00
Xin LI
ea3017ea00 Vendor import of zlib 1.2.10. 2017-01-04 09:37:45 +00:00
Xin LI
e16f0839c6 Restructure libz, place vendor files in contrib/zlib like other third
party software, this provides more standarized import workflow and
makes future upgrades easier.

The following files are new with this commit:

	zconf.h.in
	zlib.map
	zlib.pc.in

They are not connected to build, but were kept in tree for reference
for future maintenance.

All our local trivial changes were applied to contrib/zlib, and the
contrib/zlib vendor source code is intended to 100% match lib/libz
before this commit.

MFC after:	2 weeks
2017-01-04 09:30:47 +00:00
Enji Cooper
d6766132c2 run: ensure pthread_condattr_{init,setclock} is successful
MFC after:	1 week
Reported by:	Coverity
CID:		1268631, 1268633
2017-01-04 09:06:49 +00:00
Enji Cooper
dca7cc9815 setrlimit_basic: don't leak buf; free it on completion
MFC after:	3 days
Reported by:	Coverity
CID:		978311
2017-01-04 09:00:16 +00:00
Enji Cooper
fcc9604d43 revoke_perm: don't leak fd at the end of the test; close it
This code is unused on FreeBSD, but it mutes a valid Coverity warning
which would be true on NetBSD

MFC after:	3 days
Reported by:	Coverity
CID:		978311
2017-01-04 08:59:06 +00:00
Enji Cooper
621b0f13af stat_symlink: don't leak fd; close the file descriptor when done
MFC after:	3 days
Reported by:	Coverity
CID:		978314
2017-01-04 08:49:07 +00:00
Enji Cooper
c0b11b8e04 pipe_restart: free f on function exit to quell complaint from Coverity
MFC after:	3 days
Reported by:	Coverity
CID:		978307
2017-01-04 08:43:27 +00:00
Enji Cooper
64af3fbaba swapcontext1: test for getcontext(3) and swapcontext(3) success properly
The beforementioned libcalls both succeed if the return codes aren't -1

MFC after:	3 days
Reported by:	Coverity
CID:		976790, 976791
2017-01-04 08:35:46 +00:00
Enji Cooper
7251167f52 Clarify lifetime of child(..) function
Ensure child exits when complete as it's always run in a forked
process.

Add a missing break statement in :pselect_sigmask when calling
child(..) for clarity and to avoid weird domino effects if the
child process somehow does something it's not supposed to do
with the logfiles, file descriptors, etc

MFC after:	1 week
Reported by:	Coverity
CID:		1223369, 1223370, 1300301
2017-01-04 08:25:31 +00:00
Xin LI
0594943177 Add missing files in zlib 1.2.8. 2017-01-04 08:12:31 +00:00
Adrian Chadd
f0ab3d3668 [net80211] Add VHT flags for printf/debugging.
Whilst here, note that the last bit is currently used by ifconfig (_CHAN_HT)
so don't use it without fixing that first.
2017-01-04 08:08:50 +00:00