If realpath() allocated memory for result and failed, the memory is
freed in each place where return is performed. More, the function
needs to track the allocation status, to not free user-supplied
buffer.
Consolidate the memory handling in the wrapper, freeing the buffer if
the actual worker failed.
Reviewed by: emaste (previous version)
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D10670
- The statement "left_len -= s - left;" does not take the slash into
account if one was found. This results in the invariant
"left[left_len] == '\0'" being violated (and possible buffer
overflows). The patch replaces the variable "s" with a size_t
"next_token_len" for more clarity.
- "slen" from readlink(2) can be 0 when encountering empty
symlinks. Then, further down, "symlink[slen - 1]" underflows the
buffer. When slen == 0, realpath(3) should probably return ENOENT
(http://austingroupbugs.net/view.php?id=825,
https://lwn.net/Articles/551224/).
Some other minor issues:
- The condition "resolved_len >= PATH_MAX" cannot be true.
- Similarly, "s - left >= sizeof(next_token)" cannot be true, as long
as "sizeof(next_token) >= sizeof(left)".
- Return ENAMETOOLONG when a resolved symlink from readlink(2) is too
long for the symlink buffer (instead of just truncating it).
- "resolved_len > 1" below the call to readlink(2) is always true as
"strlcat(resolved, next_token, PATH_MAX);" always results in a
string of length > 1. Also, "resolved[resolved_len - 1] = '\0';" is
not needed; there can never be a trailing slash here.
- The truncation check for "strlcat(symlink, left, sizeof(symlink));"
should be against "sizeof(symlink)" (the third argument to strlcat)
instead of "sizeof(left)".
Submitted by: Jan Kokemц╪ller <jan.kokemueller@gmail.com>
PR: 219154
MFC after: 2 weeks
Two blocks in e1000_ich8lan.c are misaligned, causing noise with some
compilers (gcc 6).
Reviewed by: imp, erj
Differential Revision: https://reviews.freebsd.org/D10741
Previously, when the VI_TRYLOCK failed, we would spin under the mutex
that protects the vnode active list until we either succeeded or
noticed that we had hogged the CPU. Since we were violating the lock
order, this would guarantee that we would become a hog under any
deadlock condition (e.g. a race with vdrop(9) on the same vnode). In
the presence of many concurrent threads in sync(2) or vdrop etc, the
victim could hang for a long time.
Now, avoid spinning by dropping and reacquiring the locks in the
conventional lock order when the trylock fails. This requires a dance
with the vnode hold count.
Submitted by: Tom Rix <trix@juniper.net>
Tested by: pho
Differential revision: https://reviews.freebsd.org/D10692
pools, implement outputting of IPv6 addresses in the ippool debug list
of hash type pools (ippool -l -d -t hash). Currently IPv6 in ippool tree
type pool handling is mostly implemented.
This continues theseries of commits to remediate ippool.
This will be MFCed with a yet to be committed series of fixes to ippool
after it has been fully remediated.
PR: 218433
and Braswell eMMC and SDXC controllers share the same IDs. Like in
the PCI case, Braswell eMMC needs the SDHCI_QUIRK_DATA_TIMEOUT_1MHZ
quirk (see r311794 for the corresponding change to the sdhci(4) PCI
PCI front-end), though. However, due to the shared ACPI IDs, this
is trickier to do.
- Intel Apollo Lake eMMC and SDXC controllers are affected by the
APL18 ("Using 32-bit Addressing Mode With SD/eMMC Controller May
Lead to Unpredictable System Behavior") silicon bug [1]. When this
erratum hits, typically both SDHCI and XHCI controllers wedge.
According to Intel, using ADMA2 with 64-bit addressing and 96-bit
descriptors serves as a workaround. Until such times when sdhci(4)
has ADMA2 support, flag DMA as broken for affected interfaces.
This turns out to work around the problem, too, at the cost of
performance.
- In the sdhci(4) ACPI front-end, probe the Intel Apollo Lake eMMC
and SDXC controllers, too.
1: http://www.intel.com/content/dam/www/public/us/en/documents/specification-updates/pentium-celeron-n-series-j-series-datasheet-spec-update.pdf
The _Noreturn attribute was added to placate Coverity and other static
analysis tools. The __printflike attribute was added to catch issues
with the calls related to printf(3) abuse.
- Modify the code to facilitate the __printflike attribute addition.
- Convert errf calls in to_mb(..) and to_mb_string(..) to warn(..) so
the calls will return instead of exiting, as the code suggests it
should.
Differential Revision: D10704
MFC after: 1 month
Reviewed by: pfg
Sponsored by: Dell EMC Isilon
It does not make much sense to generate the '-' in a pattern bracket
expression using arithmetic expansion, but it does not make sense to forbid
it either.
Try to avoid reprocessing the string if it is unnecessary.
The default values found in /etc/passwd and /etc/group are 65534, 65533.
In mountd.c, the defaults were -2, which was 65534 back when uid_t was 16bits.
Without this patch, a file created by root on an NFS exported volume without
the "-root=" export option will end up owned by uid 4**32 - 2.
When discussed on freebsd-current@, it seemed that users preferred the
values being changed to 65534/65533.
I have not added code to acquire these values from the databases, since
the mountd daemon might get "stuck" during startup waiting for a non-responsive
password database server.
Discussed on: freebsd-current
an inexact floating point exception. The variable cannot be eliminated,
unfortunately, otherwise the desired addition triggering the exception
will be emitted neither by clang, nor by gcc.
Reviewed by: Steve Kargl, bde
MFC after: 3 days
It does not make much sense to generate the '-' in a pattern bracket
expression using arithmetic expansion, but it does not make sense to forbid
it either.
This test already passes.
partially sort them by style(9). Move locals declarations from nested
blocks into the block at function start.
Discussed with: emaste
MFC after: 1 week
compiled into the kernel
This ensures that .iss_asm (the number of ASM listeners) isn't incorrectly
decremented for MLD-layer source datagrams when inspecting im*s_st[1]
(the second state in the structure).
MFC after: 2 months
PR: 217509 [1]
Reported by: Coverity (Isilon)
Reviewed by: ae ("This patch looks correct to me." [1])
Submitted by: Miles Ohlrich <miles.ohlrich@isilon.com>
Sponsored by: Dell EMC Isilon
VM_MEMATTR_WRITE_COMBINING in the kernel. This fixes a bug where Xorg would
use write back cached memory for its graphics buffers. This would produce
artifacts on the screen as cachelines were written to memory.
MFC after: 1 week
Sponsored by: DARPA, AFRL
src.conf(5) knobs
This will allow consumers of FreeBSD to use the unmodified configuration
files out of the box more than previously.
Both newsyslog.conf and syslog.conf:
- /var/log/lpd-errs (MK_LPR != no)
- /var/log/ppp.log (MK_PPP != no)
- /var/log/xferlog (MK_FTP != no)
newsyslog.conf:
- /var/log/amd.log (MK_AMD != no)
- /var/log/pflog (MK_PF != no)
- /var/log/sendmail.st (MK_SENDMAIL != no)
MFC after: 3 weeks
Sponsored by: Dell EMC Isilon
is blocked. The spurious wakeup might result in spurious EINTR.
The reschedule_signals() function is called when the calling thread
has the signal mask changed. For each newly blocked signal, we try to
find a thread which might have the signal not blocked. If no such
thread exists, sigtd() returns random thread, which must not be waken
up. I decided that re-checking, as suggested by PR submitter, is more
reasonable change than to change sigtd() interface, due to other uses
of sigtd(). signotify() already performs this check.
Submitted by: Duane <parakleta@darkreality.org>
PR: 219228
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Adjust notification points slightly to catch all auth failures,
rather than just the ones caused by bad usernames.
Modify notification point for bad usernames to send new type of
BLACKLIST_BAD_USER. (Support in libblacklist will be forthcoming soon.)
Add guards to allow library headers to expose the enum of action values.
Reviewed by: des
Approved by: des
Sponsored by: The FreeBSD Foundation
* This fixes cases where the group id of wide commands got lost, e.g. this
happened to the IWM_SCAN_ABORT_UMAC command.
Obtained from: dragonflybsd.git 71310fab0caca79bb5da43d9d642e77a4c27eea2
* Since a RUN -> INIT/SCAN transition seems to immediately destroy the
ieee80211_node for the AP, we can't read the in_assoc value from there.
Instead just directly pass that information via a boolean_t argument.
* Adds iwm_mvm_rm_sta_id() function, which just unconditionally removes
the station from the firmware.
* The iwm_mvm_rm_sta() function shouldn't actually remove the station from
firmware when we are still associated (i.e. during a RUN -> INIT/SCAN
transition).
* So when disassociating we will first call iwm_mvm_rm_sta() to drain the
queues/fifos. Later during disassociation we will then use
iwm_mvm_rm_sta_id() to actually remove the station.
Inspired-By: Linux iwlwifi
Obtained from: dragonflybsd.git 81b3c1fe9122fa22f33d97103039cc375f656231
* Add a per-vap ps_disabled flag, and use it for a workaround which fixes
an association issue when powersaving is enabled.
* Compute flag that should correpsond to the mvmif->bss_conf.ps flag in
Linux's iwlwifi (e.g. this disallows powersaving when not associated
yet).
Inspired-By: Linux iwlwifi
Obtained from: dragonflybsd.git dc2e69bdfe8c9d7049c8a28da0adffbfbc6de5c0
* Power management handling is per-vap, not per-node, so we should pass
the iwm_vap in these arguments.
Obtained from: dragonflybsd.git 62a4e7957a736b4de38938b02fa7eb9b45bc5d0d
* Otherwise we would never update powersaving settings until we complete
an association, after the first authentication attempt.
* This corresponds to what Linux iwlwifi seems to do.
Obtained from: dragonflybsd.git aa128dc02a17c2e616232ef0fa997121e969c995
* Tear down the relevant firmware state (i.e. the station, the vif binding)
in these transition cases.
* Before this case would leave the firmware state lying around, resulting
in errors and firmware panics in the subsequent association attempts.
Obtained from: dragonflybsd.git 94b501399fde6368ae388a669c95b099a6e66e93
* This adds iwm_mvm_rm_sta(), which will be used to tear down firmware
state for better/cleaner iwm_newstate() handling.
* Makes iwm_enable_txq() and iwm_mvm_flush_tx_path() non-static, add
the declarations to if_iwm_util.h for now.
Obtained from: dragonflybsd.git 85d1c6190c4c3564b1a347f253e823aa95c202b2
* Hence no need to keep stuff in separate iwm_assoc() function, just
inline the stuff into iwm_newstate().
Obtained from: dragonflybsd.git e8f7d88e0d030f138f95ecdb7c1a729d9fb0d6ab
* Inspired by iwn(4) and Linux iwlwifi.
* Read wme parameters into a buffer within struct iwm_vap in
iwm_wme_update().
* If we aren't associated yet, the new settings will soon be sent
by iwm_mvm_mac_ctxt_changed() during association.
* If we are already associated, explicitly call iwm_mvm_mac_ctxt_changed()
from iwm_wme_update() to send the new settings to the firmware.
* Change iwm_mvm_ac_to_tx_fifo mapping, to fit the freebsd net80211
WME stream class numbering, instead of Linux's enum ieee80211_ac_numbers.
Obtained from: dragonflybsd.git b8bd6cd746d1f45e616ccfcbeed06dfe452a1108
* Factor out iwm_handle_rxb() function from iwm_notif_intr().
* Removing the IWM_FH_RCSR_CHNL0_RX_CONFIG_SINGLE_FRAME_MSK flag allows
the device to put multiple frames (both command responses and 80211
frames) into a single RX buffer.
* Uses m_copym() to split up the receive buffers when multiple 80211
frames are received in one RX buffer. The effect is basically the same
as when using m_split(), but we want to keep the original mbuf around
when calling iwm_mvm_rx_rx_mpdu() to make error handling a bit easier
for now.
* Contains a small optimization to avoid the m_copym() when only a single
80211 frame is received in one RX buffer (i.e. matching the existing
behaviour).
Obtained from: dragonflybsd.git b5eb43f0280bbcfd26af51cf5a4b8e8ff3590b67
* Fixes oversight from commit 757eecf0e6c92745aa2eee95811e573c8300850e.
fw_has_api now uses the isset macro instead of a simple logical-and.
Obtained from: dragonflybsd.git c00575de8491dc402abf52c8c7e1cca1ef79e257
* Store macid and color values in struct iwm_vap, to avoid hardcoded
constants a bit.
* Add iwm_mvm_binding_remove_vif() function (will be used in disconnecting
from an access point without resetting the whole device).
* Not adding code from Linux iwlwifi yet, to handle one PHY context to
be bound to several VAPs/virtual-interfaces, it's definitely not needed
in the near future.
Obtained from: dragonflybsd.git f16ef74977e51e1bfc7a625dd18b98b02158e0e5
