The current read from network is working from up to down - we have some
protocol needing the data from the network, so we build the buffer space
for that protocol, add the extra space for headers and pass this buffer
down to be filled by nif get call in hope, we have guessed the incoming
packet size right. Amazingly enough this approach mostly does work, but
not always...
So, this update does work from down to up - we allocate buffer (based
on MTU or frame size info), fill it up, and pass on for upper layers.
The obvious problem is that when we should free the buffer - if at all.
In the current implementation the upper layer will free the packet on error
or when the packet is no longer needed.
While working on the issue, the additional issue did pop up - the bios
implementation does not have generic get/put interface but is using pxe
udpsend/udpreceive instead. So the udp calls are gone and undi interface
is implemented instead. Which in turn means slight other changes as we
do not need to have duplicated pxe implementation and can just use dev_net.
To align packet content, the actual read from nic is using shifted buffer by
ETHER_ALIGN (2).
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D10232
Don't use DHCP 150 option to decide which protocol use to netboot. When
root-path includes ip address - go thru NFS, if ip address not exists in
root-path - go thru TFTP from server which ip address is in next-server. But
there is one limitation - only one tftp server in network to provide loader and
everything else. Does enybody use more than only one?
Submitted by: kczekirda
Sponsored by: Oktawave
MFC after: 3 weeks
Relnote: Yes
Differential Revision: https://reviews.freebsd.org/D8740
The previous misuse of sys_sigqueue() was sending random register or
stack garbage to 64-bit targets. The freebsd32 implementation preserves
the sival_int member of value when signaling a 64-bit process.
Document the mixed ABI implementation of union sigval and the
incompability of sival_ptr with pointer integrity schemes.
Reviewed by: kib, wblock
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D10605
Trivial style(9) fix, no functional change. There are also some 81
characters lines below, but I don't see a good way to shorten them.
Sponsored by: Dell EMC Isilon
Adapt glob's match() routine to use a greedy algorithm that avoids
exponential runtime in byzantine inputs.
While here, add a testcase for the byzantine input.
Prompted by: https://research.swtch.com/glob
Authored by: Yves Orton <demerphq at gmail.com>
Obtained from: Perl (33252c318625f3c6c89b816ee88481940e3e6f95)
Sponsored by: Dell EMC Isilon
When passed the invalid regular expression "a**", the error is
eventually detected and seterr() is called. It sets p->error
appropriatly and p->next and p->end to nuls which is a never used char
nuls[10] which is zeros due to .bss initialization. Unfortunatly,
p_ere_exp() and p_simp_re() both have fall through cases where they set
the error, decrement p->next and access it which means a read from what
ever .bss variable comes before nuls.
Found with regex_test:repet_multi and CHERI bounds checking.
Reviewed by: ngie, pfg, emaste
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D10541
Accomplish this by allocating space for it in __svc_xports and allowing
it to be registered. The failure to allocate space was causing an
out-of-bounds read in svc_getreq_common(). The failure to register
caused PR 211804.
The bug was found with CHERI bounds checking.
PR: 211804
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Reviewed by: ngie
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D10528
The mutex is used in sem_open() and sem_close(), which cannot
recurse. The atfork handlers cannot collide with the open and close
code.
Reviewed by: vangyzen
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D10545
Do not retest for the found semaphore after the loop to look it up.
Instead, handle both cases of last and non-last close simultaneously,
which allows to consolidate the list unlock and successful return.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
The H_SET operation of the history() function takes an int argument which is
the position of the item to which the cursor should be moved to.
Submitted by: Abhinav Upadhyay <abhinav@NetBSD.org>
The sysctl(HW_PAGESIZE) call cannot fail on FreeBSD kernels at least.
And even if it failed for some improbable reason, PAGE_SIZE is a safe
value to return.
Discussed with: jilles
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
patm(4) devices.
Maintaining an address family and framework has real costs when we make
infrastructure improvements. In the case of NATM we support no devices
manufactured in the last 20 years and some will not even work in modern
motherboards (some newer devices that patm(4) could be updated to
support apparently exist, but we do not currently have support).
With this change, support remains for some netgraph modules that don't
require NATM support code. It is unclear if all these should remain,
though ng_atmllc certainly stands alone.
Note well: FreeBSD 11 supports NATM and will continue to do so until at
least September 30, 2021. Improvements to the code in FreeBSD 11 are
certainly welcome.
Reviewed by: philip
Approved by: harti
The internal array size goes through a loop and is compared with numitems
which at its limits makes can be unreachably higher than arraysz.
Prevent an hypothetical overflow by matching the types.
MFC after: 1 week
Taking some hints from the regex variant in nvi(1) and higher-level
compiler warnings, update some types in our regex(3) implementation.
Joint work with: Kyle Evans
MFC after: 2 weeks
gctl_dump(3) is only exposed when stdio.h is #include'd first, per its
addition in r112510. The reasoning noted for the conditional "exposure"
of the function was to "limit #include pollution".
This addresses an issue I found with the documentation when looking at
bug 218809, which in turn addresses a -Wimplicit-function-declaration
compiler warning in `tools/regression/geom_gpt/test.c` (it uses
gctl_dump(3)).
MFC after: 5 weeks
Sponsored by: Dell EMC Isilon
- Use .Dv when mentioning NULL per mdoc(7).
- Reword `g_device_path`, `g_open_by_ident`, and `g_providername`'s descriptions
so they're less wordy.
- Fix a typo in `g_device_path` (can not -> cannot).
MFC after: 5 weeks
Tested with: igor, make manlint
Sponsored by: Dell EMC Isilon
Make some use of reallocarray, attempting to limit it to cases where the
parameters are unsigned and there is some theoretical chance of overflow.
MFC afer: 2 weeks
Differential Revision: https://reviews.freebsd.org/D9980
properly anyway. (Upstream has reorganized this somewhat in the mean
time, but for proper backtraces we would need llvm-symbolizer in base.)
MFC after: 3 days
I inadvertedly soubled the size of the memset without noticing the
start address had changed. The size for the memset in pt_map_thread()
shouldn't actually match the reallocarray() so undo that part of r317200.
This is a re-commit of r317201 to clarify the log.
X-MFC with: r317200
Lengths are not negative, so map_len should be unsigned. Unsign the
corresponding indexes too and bring a small use of reallocarray(3).
Reorder the memset to be consistent with the realloc: it appears we
were only clearing half the memory in pt_map_thread().
MFC after: 2 weeks
When application reads large directory, calling telldir() for each entry,
like Samba does, it creates exponential performance drop as number of
entries reach tenths to hundreds of thousands. It is caused by full search
through the internal list, that never finds matches in that scenario, but
creates O(n^2) delays. This patch optimizes that search, limiting it to
entries of the same buffer, turning time closer to O(n) in case of linear
directory scan.
PR: 218622
Reviewed by: jhb, jilles
MFC after: 2 weeks
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D10408
Unsign some variables involved in allocation as they will never be
negative anyways. Provide some bounds checking through reallocarray(3).
This is all very unlikely to have any visible effect.
Reviewed by: jamie
MFC after: 3 weeks
