NUL terminated. The source and destination buffers are the same
size and the source *should* be NUL terminated, but be paranoid.
Reported by: Coverity
CID: 1011274
MFC after: 1 week
terminated. Don't bother checking for truncation since the subsequent
quota_read() should detect that and fail.
Reported by: Coverity
CID: 1009980
MFC after: 1 week
ensure that the latter is NUL terminated since it is passed
as an argument to *printf().
Warn about NIS domains that are too long.
Reported by: Coverity
CID: 1009620, 1009621
MFH: 1 week
cm_send() closes 'fd' on error. In that case, bail out early without trying to
recv from or close 'fd' again.
Reported by: Coverity
CID: 1006078
Sponsored by: EMC / Isilon Storage Division
This whole block of code as committed fully formed in r224144. I'm not really
sure what the intent was, but it seems plausible that !persist ifis could need
other member cleanup. Don't free the object until after we've finished
cleaning its members.
Reported by: Coverity
CID: 1006079
Sponsored by: EMC / Isilon Storage Division
Check against the size of the struct, not the pointer. Previously, a message
with a cm_len between 9 and 23 (inclusive) could cause int msglen to underflow
and read(2) to be invoked with msglen size (implicitly cast to signed),
overrunning the caller-provided buffer.
All users of cm_recv() supply a stack buffer.
On the other hand, the rtadvd control socket appears to only be writable by the
owner, who is probably root.
While here, correct some types to be size_t or ssize_t.
Reported by: Coverity
CID: 1008477
Security: unix socket remotes may overflow stack in rtadvd
Sponsored by: EMC / Isilon Storage Division
In the case that the subsequent sysctl(3) call failed, 'buf' could be free(3)ed
repeatedly. It isn't clear to me that that case is possible, but be clear and
do the right thing in case it is.
Reported by: Coverity
CID: 272537
Sponsored by: EMC / Isilon Storage Division
Coverity really should have figured this out from the exit(3) call at the end
of the routine, but just make it explicit.
No functional change.
Reported by: Coverity
CID: 1304866 (false positive double-close of 'baz')
Sponsored by: EMC / Isilon Storage Division
after r298107
Summary of changes:
- Replace all instances of FILES/TESTS with ${PACKAGE}FILES. This ensures that
namespacing is kept with FILES appropriately, and that this shouldn't need
to be repeated if the namespace changes -- only the definition of PACKAGE
needs to be changed
- Allow PACKAGE to be overridden by callers instead of forcing it to always be
`tests`. In the event we get to the point where things can be split up
enough in the base system, it would make more sense to group the tests
with the blocks they're a part of, e.g. byacc with byacc-tests, etc
- Remove PACKAGE definitions where possible, i.e. where FILES wasn't used
previously.
- Remove unnecessary TESTSPACKAGE definitions; this has been elided into
bsd.tests.mk
- Remove unnecessary BINDIRs used previously with ${PACKAGE}FILES;
${PACKAGE}FILESDIR is now automatically defined in bsd.test.mk.
- Fix installation of files under data/ subdirectories in lib/libc/tests/hash
and lib/libc/tests/net/getaddrinfo
- Remove unnecessary .include <bsd.own.mk>s (some opportunistic cleanup)
Document the proposed changes in share/examples/tests/tests/... via examples
so it's clear that ${PACKAGES}FILES is the suggested way forward in terms of
replacing FILES. share/mk/bsd.README didn't seem like the appropriate method
of communicating that info.
MFC after: never probably
X-MFC with: r298107
PR: 209114
Relnotes: yes
Tested with: buildworld, installworld, checkworld; buildworld, packageworld
Sponsored by: EMC / Isilon Storage Division
Two new functions are provided, bit_ffs_at() and bit_ffc_at(), which allow
for efficient searching of set or cleared bits starting from any bit offset
within the bit string.
Performance is improved by operating on longs instead of bytes and using
ffsl() for searches within a long. ffsl() is a compiler builtin in both
clang and gcc for most architectures, converting what was a brute force
while loop search into a couple of instructions.
All of the bitstring(3) API continues to be contained in the header file.
Some of the functions are large enough that perhaps they should be uninlined
and moved to a library, but that is beyond the scope of this commit.
sys/sys/bitstring.h:
Convert the majority of the existing bit string implementation from
macros to inline functions.
Properly protect the implementation from inadvertant macro expansion
when included in a user's program by prefixing all private
macros/functions and local variables with '_'.
Add bit_ffs_at() and bit_ffc_at(). Implement bit_ffs() and
bit_ffc() in terms of their "at" counterparts.
Provide a kernel implementation of bit_alloc(), making the full API
usable in the kernel.
Improve code documenation.
share/man/man3/bitstring.3:
Add pre-exisiting API bit_ffc() to the synopsis.
Document new APIs.
Document the initialization state of the bit strings
allocated/declared by bit_alloc() and bit_decl().
Correct documentation for bitstr_size(). The original code comments
indicate the size is in bytes, not "elements of bitstr_t". The new
implementation follows this lead. Only hastd assumed "elements"
rather than bytes and it has been corrected.
etc/mtree/BSD.tests.dist:
tests/sys/Makefile:
tests/sys/sys/Makefile:
tests/sys/sys/bitstring.c:
Add tests for all existing and new functionality.
include/bitstring.h
Include all headers needed by sys/bitstring.h
lib/libbluetooth/bluetooth.h:
usr.sbin/bluetooth/hccontrol/le.c:
Include bitstring.h instead of sys/bitstring.h.
sbin/hastd/activemap.c:
Correct usage of bitstr_size().
sys/dev/xen/blkback/blkback.c
Use new bit_alloc.
sys/kern/subr_unit.c:
Remove hard-coded assumption that sizeof(bitstr_t) is 1. Get rid of
unrb.busy, which caches the number of bits set in unrb.map. When
INVARIANTS are disabled, nothing needs to know that information.
callapse_unr can be adapted to use bit_ffs and bit_ffc instead.
Eliminating unrb.busy saves memory, simplifies the code, and
provides a slight speedup when INVARIANTS are disabled.
sys/net/flowtable.c:
Use the new kernel implementation of bit-alloc, instead of hacking
the old libc-dependent macro.
sys/sys/param.h
Update __FreeBSD_version to indicate availability of new API
Submitted by: gibbs, asomers
Reviewed by: gibbs, ngie
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6004
extattr/rmextattr.c
When printing hex output, treat all attribute values as unsigned
char arrays instead of sign extending them to 32 bit values.
extattr/tests/extattr_test.sh
Add a regression test
PR: 209039
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Add the -i option to setextattr. This option allow extended attribute data
to be provided via stdin. Add a -qq option to getextattr, which omits the
trailing newline. Together these options can be used to work with extended
attributes whose values are large and/or binary.
usr.sbin/extattr/Makefile:
Link against libsbuf which is used for processing stdin data.
usr.sbin/extattr/rmextattr.8:
Document setextattr's -i option, getextattr's -qq option, and remove
the BUG about setextattr only being useful for strings.
usr.sbin/extattr/rmextattr.c:
For setextattr operations, buffer attribute data in an sbuf. If -i
is specified, pull the data from stdin, otherwise from the
appropriate argurment.
Update usage text and argument validation code for setextattr's -i
option.
usr.sbin/extattr/tests/extattr_test.sh
Add tests for -q and -i.
Reviewed by: wblock (manpage)
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D6090
Fix a related typo while here.
Note, this change results in the Kyuafile inclusion in the runtime
package, which needs to be fixed, however addresses the PR as far
as I can tell in my tests.
PR: 209114
Submitted by: ngie
Sponsored by: The FreeBSD Foundation
Instead of copy-pasting the string literal for "UTC" 3 times and using
strlen, use a static char[3] buffer and sizeof(..).
MFC after: 3 days
X-MFC with: r298507
Submitted by: kib
Sponsored by: EMC / Isilon Storage Division
usr.sbin/extattr/tests/Makefile
Add boiler plate required by 298107 but omitted by 298483. These
two changes passed through CR in parallel. I think this should get
the full test suite running in Jenkins again.
MFC after: 22 days
X-MFC-with: 298483
Sponsored by: Spectra Logic Corp
'devctl delete' can be used to delete a device that is no longer present.
As an anti-foot-shooting measure, 'delete' will not delete a device
unless it's parent bus says it is no longer present. This can be
overridden by passing the force ('-f') flag.
Note that this command should be used with care. If a device is deleted
that is actually present it can't be resurrected unless the parent bus
device's driver supports rescans.
Differential Revision: https://reviews.freebsd.org/D6019
The BUS_RESCAN() method rescans a single bus device checking for devices
that have been added or removed from the bus. A new 'rescan' command is
added to devctl(8) to trigger a rescan.
Differential Revision: https://reviews.freebsd.org/D6016
The POSIX version of basename() doesn't use a 'const char *' argument;
the function may overwrite its input buffer. Instead of copying the
input string, let's just simplify this code by using our getprogname()
function that already returns the name of the application in the right
format.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D6094
sysvmsg, sysvsem, and sysvshm, with the following bahavior:
inherit: allow full access to the IPC primitives. This is the same as
the current setup with allow.sysvipc is on. Jails and the base system
can see (and moduly) each other's objects, which is generally considered
a bad thing (though may be useful in some circumstances).
disable: all no access, same as the current setup with allow.sysvipc off.
new: A jail may see use the IPC objects that it has created. It also
gets its own IPC key namespace, so different jails may have their own
objects using the same key value. The parent jail (or base system) can
see the jail's IPC objects, but not its keys.
PR: 48471
Submitted by: based on work by kikuchan98@gmail.com
MFC after: 5 days
Previously, many errors (such as the PCI device not being attached
to the ppt(4) driver) resulted in bhyve silently exiting without
starting the virtual machine. Now any errors encountered when
configuring a virtual slot for a PCI passthru device should be noted
on stderr.
Reviewed by: neel
Differential Revision: https://reviews.freebsd.org/D5990
Installs both pmbr+gptzfsboot as well as boot1.efifat in separate partitions
The resulting system can be booted with either UEFI or BIOS/CSM.
Preference is controlled by the user's firmware boot settings.
This is now the default for zfsboot installs
PR: 208629
Submitted by: Galael LAPLANCHE <ganael.laplanche@corp.ovh.com> (original version)
fgetln(3) will returns NULL if cannot get a line from a stream.
strsep(3) it will returns NULL if the end of the string was reached.
jemalloc(3) malloc will returns NULL if it cannot allocate memory.
fgetln(3) it will returns NULL if it cannot get a line from a stream.
MFC after: 4 weeks
fopen(3) returns NULL in case it can't open the STREAM.
fgetln(3) returns NULL if it can't get a line from a STREAM.
malloc returns NULL if it can't allocate memory.
fopen(3) will return NULL in case it can't open the STREAM.
The malloc will return a pointer to the allocated memory if successful,
otherwise a NULL pointer is returned.
Also add an extra DEBUG1 to print out the error to open a file.
Reviewed by: ed
Differential Revision: https://svnweb.freebsd.org/changeset/base/297959
If the PBA shares a page with the MSI-X table, map the shared page via
/dev/mem and emulate accesses to the portion of the PBA in the shared
page by accessing the mapped page.
Reviewed by: grehan
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D5919
If a user requested encrypted swap, but 0 sized, it would still be added to fstab
PR: 208630
Submitted by: Ganael LAPLANCHE <ganael.laplanche@corp.ovh.com>
MFC after: 2 weeks
Sponsored by: ScaleEngine Inc.
We were setting an incorrect/undefined size and as it came out the st
struct was not really being used at all. This was actually a bug but
by sheer luck it had no visual effect.
CID: 1194320
Reviewed by: grehan
ncq was not being inititialized properly but it was not actually
necessary either, so make the code smaller by removing it.
CID: 1248842
Reviewed by: grehan
- Group the output so that it follows the capability register set more
closely. The first line now contains device information and the
second line contains link information. As a result, ARI status is now
output on the first line, and the link width is moved down to the second
line of link information.
- Only read the DEVICE_CAP2 register to check for ARI if the capability
version is >= 2.
- Don't output any link information if the link capability and status
registers are zero.
- Label the MSI interrupt index value as "MSI" instead of "IRQ".
case 'g' makes use of value n, which is initialized for case 'b'
and passe through to case 'g'. If case 'g' is called directly
value 'n' is not initialized.
Avoid the issue by initializing n before entering the switch.
CID: 1006375
Reviewed by: bms
On some architectures, u_long isn't large enough for resource definitions.
Particularly, powerpc and arm allow 36-bit (or larger) physical addresses, but
type `long' is only 32-bit. This extends rman's resources to uintmax_t. With
this change, any resource can feasibly be placed anywhere in physical memory
(within the constraints of the driver).
Why uintmax_t and not something machine dependent, or uint64_t? Though it's
possible for uintmax_t to grow, it's highly unlikely it will become 128-bit on
32-bit architectures. 64-bit architectures should have plenty of RAM to absorb
the increase on resource sizes if and when this occurs, and the number of
resources on memory-constrained systems should be sufficiently small as to not
pose a drastic overhead. That being said, uintmax_t was chosen for source
clarity. If it's specified as uint64_t, all printf()-like calls would either
need casts to uintmax_t, or be littered with PRI*64 macros. Casts to uintmax_t
aren't horrible, but it would also bake into the API for
resource_list_print_type() either a hidden assumption that entries get cast to
uintmax_t for printing, or these calls would need the PRI*64 macros. Since
source code is meant to be read more often than written, I chose the clearest
path of simply using uintmax_t.
Tested on a PowerPC p5020-based board, which places all device resources in
0xfxxxxxxxx, and has 8GB RAM.
Regression tested on qemu-system-i386
Regression tested on qemu-system-mips (malta profile)
Tested PAE and devinfo on virtualbox (live CD)
Special thanks to bz for his testing on ARM.
Reviewed By: bz, jhb (previous)
Relnotes: Yes
Sponsored by: Alex Perez/Inertial Computing
Differential Revision: https://reviews.freebsd.org/D4544
The buffer length should be checked to avoid overflow, but there
is no API to get the slot length, so the hardcoded value is used.
Return the currently-first request chain back to the available
queue if there are no more packets.
Report the link as up if we managed to open vale port.
Use consistent coding style.
Submitted by: btw
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D5595
- Try to guess what is provided as a pin spec for -t or for get/set
operation: number or name. Fails in case of ambiguity.
- Add -p and -N switches to force pin specification interpretation:
-p forces spec to be pin number, -N forces it to be name
Submitted by: Emmanuel Vadot <manu@bidouilliste.com>
Differential Revision: https://reviews.freebsd.org/D5201
The default process title is taken from the argv[0] value (any
particular hardlink name). Add a -t option to override the default.
PR: 205016
Submitted by: Yuri <yuri@rawbw.com>
No objection from: freebsd-current@
Sponsored by: EMC / Isilon Storage Division
After calling the cap_init(3) function Casper will fork from it's original
process, using pdfork(2). Forking from a process has a lot of advantages:
1. We have the same cwd as the original process.
2. The same uid, gid and groups.
3. The same MAC labels.
4. The same descriptor table.
5. The same routing table.
6. The same umask.
7. The same cpuset(1).
From now services are also in form of libraries.
We also removed libcapsicum at all and converts existing program using Casper
to new architecture.
Discussed with: pjd, jonathan, ed, drysdale@google.com, emaste
Partially reviewed by: drysdale@google.com, bdrewery
Approved by: pjd (mentor)
Differential Revision: https://reviews.freebsd.org/D4277
These are no longer needed after the recent 'beforebuild: depend' changes
and hooking DIRDEPS_BUILD into a subset of FAST_DEPEND which supports
skipping 'make depend'.
Sponsored by: EMC / Isilon Storage Division
Renamed some local variables for compatibility with -Wshadow
Reported by: Andrew Turner
Tested by: ken
MFC after: 4 weeks
X-MFC-with: 295768
Sponsored by: Spectra Logic Corp
Some invalid PCI device selectors could cause read access to an initialized
variable next to the array (local loop index variable).
While here, the parser has been made more strict with regard to the syntax
of PCI device selectors as documented in the man-page. E.g. "pci:" used to
be interpreted as "pci0:0".
MFC after: 3 days
Raise WARNS from 1 to 6 (the default)
Fix warnings:
* Use C99 designated initializers for structs, and initialize all fields
* Mark global variables as static
* Mark unused function arguments
* Be careful about signed/unsigned comparisons
Reviewed by: eadler
MFC after: 4 weeks
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D5328
This builds fine with FAST_DEPEND but the mkdep method requires that
include/ generates the headers during 'make depend' so the subsequent
directories can find them when running mkdep.
Sponsored by: EMC / Isilon Storage Division
This fixes connection errors for some initiators not starting CmdSN
from zero.
While there, fix wrong status details reported for couple errors.
MFC after: 3 days
The services db is created as a temporary file that is moved over the
existing file after completion. Thus there is no need to immediately
flush all created db records to the temporary file.
This speeds up creation of the services db by a factor of 500 on my
ZFS based /var/db filesytem (from 110 seconds to 0.235 seconds).
MFC after: 1 week
This makes runnig f_substr() faster than it was when running under bash,
but both sh and dash are still faster when using the non-bash recipe which
features dynamically unrolled loops.
sysrc(8) supports key+=value and key-=value, but can be told what the
delimiter is by being passed as char1 (e.g., "sysrc key+=",value" to use a
comma as the delimiter instead of space). For convenience, if the first char
is alpha-numeric, it is assumed you wanted whitespace as the delimiter.
However, if you naively (as I just did) execute:
sysrc rc_conf_files+=/etc/rc.conf.other
the result is unexpected.
This commit makes `.' and `/' in-addition to alpha-numeric first-characters
to cause the default of whitespace to be used as the delimiter. This also
means that you can no longer use these as a delimiter.
When using col(1) piped to vim(1) as pager for man(1), the former sequence
of (Qo \ Qc) renders as "" without the space. Replace with (Qo (space) Qc)
which renders properly in more (all?) pagers.
bash lacks the ksh93 optimization that makes sub-shells fast if they do
not alter io. bash 3.1-alpha1 introduced printf -v var_to_set which is not
as fast but is still significantly faster than var_to_set=$( printf ) when
using any version of bash. If we find our interpreter to somehow be bash
by invocation or inclusion, use the feature that provides fastest results.
Enable repeated line compression for lines of any length, instead of only
short lines. AFAICT repeated line compression was limited to short lines as
a RAM optimization, which made sense when karels added it in 1988, but no
longer. The penalty is a paltry 904B of RAM per file logged.
Reviewed by: rpaulo
MFC after: 32 days
Sponsored by: Spectra Logic Corp
Differential Revision: https://reviews.freebsd.org/D4475
In some cases the test system might not have mount_cd9660(8). Don't
implicitly rely on it while testing cd9660 support; explicitly rely
on it
MFC after: 1 week
Reported by: mjohnston
Sponsored by: EMC / Isilon Storage Division
tunable. Also it gets more close with the original implementation from
OpenBSD.
Requested by: rodrigc
Approved by: rodrigc (mentor)
Differential Revision: https://reviews.freebsd.org/D4970
to be used with eg "vidcontrol -s".
Reviewed by: emaste@
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D4968
If the bootpool does not start at the first sector of the BSD partition
then zfsldr seeks to the wrong offset inside the ZFS vdev label, and is
unable to find zfsboot, so the system does not boot
If 4k alignment is requested, align the BSD partition in the MBR table,
and align the swap and data pool, but the bootpool must start at sector 1
While here, if 4k alignment is requested, disable MBR CHS alignment, as
this results in not-4k aligned partitions.
Reported by: Alex Wilkinson
MFC after: 5 days
Sponsored by: ScaleEngine Inc.
The Dell Precision Tower 5810 fails to boot from GPT in Legacy/BIOS mode
without the Active flag in the Protective MBR. Suggest the workaround
during installation.
Since an increasing number of Dell systems exhibit this behavior,
I imagine all Dells past a certain date will do so. I would like
to suggest the workaround for all Dells with a BIOS date of, say,
2014 or later, but I would need to test a variety of systems before
committing such a change.
Reviewed by: allanjude, dteske
MFC after: 5 days
Relnotes: We should probably suggest using GPT+Active on "recent" Dells.
Sponsored by: Dell Inc.
Differential Revision: https://reviews.freebsd.org/D4075
rpcbind/check_bound.c
Fix CID1347798, a memory leak in mergeaddr.
rpcbind/tests/addrmerge_test.c
Fix CID1347800 through CID1347803, memory leaks in ATF tests. They
are harmless because each ATF test case runs in its own process, but
they are trivial to fix. Fix a few other leaks that Coverity didn't
detect, too.
Coverity CID: 1347798, 1347800, 1347801, 1347802, 1347803
MFC after: 2 weeks
X-MFC-With: 293229
Sponsored by: Spectra Logic Corp
This commit, fix a core dump on ypldap(8) related with memory allocation.
Also an example of how to set the ypldap.conf(5) properly is added to
examples files.
A new user _ypldap is required to be able to run ypldap(8) as well as
in a chroot mode.
Reviewed by: rodrigc (mentor), bjk
Approved by: bapt (mentor)
Relnotes: Yes
Sponsored by: gandi.net
Differential Revision: https://reviews.freebsd.org/D4744
