The general stack protector is known to be weak and has pretty small
coverage. While setting stack-protector-all would give better protection
it would come with a performance cost: for this reason Google's Chrome OS
team developed a new stack-protector-strong variant.
In addition to the protections offered by -fstack-protector, the new option
will guard any function that declares any type or length of local array,
even those in structs or unions. It will also protect functions that use a
local variable's address in a function argument or on the right-hand side
of an assignment.
The option was introduced in GCC-4.9, but support for it has been
back-ported to our base GCC (r286074) and is also available in clang.
The change was tested with dbench and doesn't introduce performance
regressions. An exp-run over the ports tree revealed no failures when
using the stricter stack-protector-all. Thanks to all testers involved.
Reference:
https://outflux.net/blog/archives/2014/01/27/fstack-protector-strong/
Tested by: pho, portmgr (antoine)
Discussed with: secteam (delphij)
Differential Revision: https://reviews.freebsd.org/D3463
PR: 203394 (exp-run)
Relnotes: yes
MFC: no (not supported in older clang)
For case (7) (new entry) nothing has to be done except lle_event.
Invoke this event directly from "create new lle" code block.
For case (4) (existing entry, same mac) useless mac update was performed,
along with LLENTRY_RESOLVED lle_event. There was no sense in doing that,
since nothing really had changed. Simply avoid this condition instead.
Given that, condition was simplified to (3),(5) states which can be merged
with previous block.
ARMv6/7:
- Define _SAVE() macro to allow unwind data to be conditionally defined for
ARM assembly code in the kernel.
- Use _SAVE() to provide unwind information for bcopy_page(), and two (of
many) instances of copyin() and copyout().
Reviewed by: andrew, imp
MFC after: 3 days
Sponsored by: University of Cambridge
The remove began with revision r271733.
NOTE: This patch must never be merge to 10-Stable
Reviewed by: glebius
Approved by: bapt (mentor)
Relnotes: Yes
Sponsored by: EuroBSDCon Sweden.
Differential Revision: D3786
* Remove obsolete drm_agp_*_memory() prototypes.
* Fix comment in drm_fops.c (outisde -> outside).
* Fix some formatting issues in drm_stub.c (spaces -> tabs).
* Add missing case statement (gen == 3) in intel_gpu_reset().
* Restore pci_enable_busmaster() call in the init path (fixes gpu hang on i945GM).
* Replace M_WAITOK with M_NOWAIT when the return value of malloc is checked (may be incorrect).
Submitted by: <s3erios@gmail.com>
Reviewed by: dumbbell
Approved by: dumbbell
Differential Revision: https://reviews.freebsd.org/D3413
Effectively it always returned NULL so SAS was always performed and
sometimes the result might have been different.
Fix state machine change accidentally introduced in r287985:
state (4) inside nd6_cache_lladdr() (existing entry got nd message
with the same lladdress) started to cause lle state transition to STALE
instead of no-action.
event loop and should sleep only when waiting for events (eg. via kevent(2)).
When a program is going to sleep in the kernel, the script will show its name,
PID, kernel stack trace and userland stack trace. Sleeping in kevent(2) is
ignored as it is expected to be valid.
Sample output:
# ./blocking lynxd
lynxd(15042) is blocking...
kernel`_cv_wait_sig+0x124
kernel`seltdwait+0xae
kernel`sys_poll+0x3a3
kernel`amd64_syscall+0x343
kernel`0xffffffff806c79ab
lynxd`poll+0xa
lynxd`pqSocketCheck+0xa2
lynxd`pqWaitTimed+0x29
lynxd`connectDBComplete+0xd7
lynxd`PQsetdbLogin+0x2ec
lynxd`db_connect+0x3c
lynxd`main+0x198
lynxd`_start+0x16f
0x2
lynxd(1925) is blocking...
kernel`_cv_wait+0x125
zfs.ko`zio_wait+0x5b
zfs.ko`dmu_buf_hold_array_by_dnode+0x1dc
zfs.ko`dmu_read+0xcb
zfs.ko`zfs_freebsd_getpages+0x37b
kernel`VOP_GETPAGES_APV+0xa7
kernel`vnode_pager_getpages+0x9a
kernel`vm_fault_hold+0x885
kernel`vm_fault+0x77
kernel`trap_pfault+0x211
kernel`trap+0x506
kernel`0xffffffff806c76c2
lynxd`EVP_add_cipher+0x13
lynxd`SSL_library_init+0x11
lynxd`main+0x94
lynxd`_start+0x16f
0x2
lynxd(1925) is blocking...
kernel`_cv_wait+0x125
zfs.ko`zio_wait+0x5b
zfs.ko`dbuf_read+0x791
zfs.ko`dbuf_findbp+0x12f
zfs.ko`dbuf_hold_impl+0xa2
zfs.ko`dbuf_hold+0x1b
zfs.ko`dmu_buf_hold_array_by_dnode+0x153
zfs.ko`dmu_read_uio+0x66
zfs.ko`zfs_freebsd_read+0x3a3
kernel`VOP_READ_APV+0xa1
kernel`vn_read+0x13a
kernel`vn_io_fault+0x10b
kernel`dofileread+0x95
kernel`kern_readv+0x68
kernel`sys_read+0x63
kernel`amd64_syscall+0x343
kernel`0xffffffff806c79ab
lynxd`_read+0xa
lynxd`__srefill+0x122
lynxd`fgets+0x78
lynxd`file_gets+0x1d
lynxd`BIO_gets+0x64
lynxd`PEM_read_bio+0xf5
lynxd`PEM_X509_INFO_read_bio+0x90
lynxd`X509_load_cert_crl_file+0x47
lynxd`by_file_ctrl+0x2e
lynxd`X509_STORE_load_locations+0x4a
lynxd`sslctx_init+0x255
lynxd`main+0x215
lynxd`_start+0x16f
0x2
Requested by: gnn
Obtained from: Wheel Systems http://wheelsystems.com
Now run(4) fetches parameters from ic->ic_wme.wme_params array, which is never initialized
(and can be safely removed). This patch replaces &ic->ic_wme.wme_params with
&ic->ic_wme.wme_chanParams.cap_wmeParams (contains parameters for local station;
used by other drivers with WME support).
Tested:
* me: STA: run0: MAC/BBP RT5390 (rev 0x0502), RF RT5370 (MIMO 1T1R), address 38:83:45:11:78:ae
Now device will use retry limit, which is set via 'ifconfig <interface>
maxretry <number>'.
Tested:
* Tested on WUSB54GC, STA mode.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3689
The MAC can be fetched from the key struct.
I added the ndis updates to make it compile.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3657
This diff includes:
* Transmitter Addresses, Keys and TKIP MIC addition to the Security Key Table.
* Proper SEC Control Registers initialization and maintenance.
* Additional flags and values in TX descriptor, which are required for encryption support.
* Error checking in RX path.
Tested:
* Tested on WUSB54GC, STA (WEP, TKIP, CCMP), HOSTAP (CCMP) and IBSS (CCMP, WPA-None) modes.
* rum0: MAC/BBP RT2573 (rev 0x2573a), RF RT2528, STA mode (CCMP+TKIP)
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3640
Note: I manually had to merge this; I merged in the "put beacon_offsets
into vap" commit before this.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3628
Don't override the NIC MAC address with an overridden MAC address for
a VAP.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3625
Tested:
* rum0: MAC/BBP RT2573 (rev 0x2573a), RF RT2528, STA mode
Note: haven't tested AP mode yet; will do once the rest of the
AP mode / power save commits are in.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3624
Move the mbuf free responsibility to the caller of the hardware xmit
function, not the hardware xmit function itself.
Submitted by: <s3erios@gmail.com>
Differential Revision: https://reviews.freebsd.org/D3621