Commit Graph

201545 Commits

Author SHA1 Message Date
tuexen
e167d96026 Change SCTP sysctl from auth_disable to auth_enable. This is
consistent with other similar sysctl variable used in SCTP.
2014-08-12 13:13:11 +00:00
ume
99fed74ba7 Fix broken pointer overflow check ns_name_unpack()
Many compilers may optimize away the overflow check `msg + l < msg',
where `msg' is a pointer and `l' is an integer, because pointer
overflow is undefined behavior in C.

Use a safe precondition test `l >= eom - msg' instead.

Reference:
https://android-review.googlesource.com/#/c/50570/

Requested by:	pfg
Obtained from:	NetBSD (CVS rev. 1.10)
2014-08-12 13:09:32 +00:00
gavin
034eb30570 Clarify descriptions of pthread_cond_wait() and pthread_cond_timedwait()
Requested by:	Malcolm Douglas via freebsd-doc
Reviewed by:	jhb
MFC after:	1 week
2014-08-12 12:44:52 +00:00
ume
228ba577ee Update our stub resolver to final version of libbind.
Obtained from:	ISC
2014-08-12 12:36:06 +00:00
ume
e288c07405 Bring the md5 functions into libc for internal use only.
It is required to support ID randomization for our stub
resolver.
2014-08-12 12:25:56 +00:00
hselasky
fa73754636 - Fix radix tree memory leakage when unloading modules using radix
trees. This happens because the logic inserting items into the radix
tree is allocating empty radix levels, when index zero does not
contain any items.
- Add proper error case handling, so that the radix tree does not end
up in a bad state, if memory cannot be allocated during insertion of
an item.
- Add check for inserting NULL items into the radix tree.
- Add check for radix tree getting too big.

MFC after:	1 week
Sponsored by:	Mellanox Technologies
2014-08-12 11:45:57 +00:00
tuexen
b57b7cb252 Add support for the SCTP_AUTH_SUPPORTED and SCTP_ASCONF_SUPPORTED
socket options. Add also a sysctl to control the support of ASCONF.

MFC after: 1 week
2014-08-12 11:30:16 +00:00
ae
74e6245779 Turn off kern.geom.part.mbr.enforce_chs by default. 2014-08-12 10:31:31 +00:00
ae
bce854ccde Remove duplicate entry. 2014-08-12 09:34:53 +00:00
kib
c721b1c6ff Revision r269457 removed the Giant around mount and unmount code, but
r269533, which was tested before r269457 was committed, implicitely
relied on the Giant to protect the manipulations of the softdepmounts
list.  Use softdep global lock consistently to guarantee the list
structure now.

Insert the new struct mount_softdeps into the softdepmounts only after
it is sufficiently initialized, to prevent softdep_speedup() from
accessing bare memory.  Similarly, remove struct mount_softdeps for
the unmounted filesystem from the tailq before destroying structure
rwlock.

Reported and tested by:	pho
Reviewed by:	mckusick
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
2014-08-12 09:33:00 +00:00
ae
e3be5d165d Add sysctl and loader tunable kern.geom.part.mbr.enforce_chs that is set
by default. It can be used to disable automatic alignment to CHS geometry,
that GEOM_PART_MBR does.

Reviewed by:	wblock
MFC after:	1 week
2014-08-12 09:10:13 +00:00
peter
feb26e5057 Update sqlite-3.7.17 -> 3.8.5 2014-08-12 02:09:00 +00:00
rpaulo
9cc5beedc7 Revert r269839.
This doesn't work like I expected and the if clause is never matched.
It turns out that the problem with the older make is unrelated.

MFC after:	3 days
2014-08-11 22:43:44 +00:00
rpaulo
dcd8c2c691 Add .d files to the reverse matching pattern in bsd.dep.mk to account
for source file dependencies.

This follows the .y and .l behaviour.

MFC after:	3 days
2014-08-11 21:42:06 +00:00
rpaulo
9b782f6cd9 Fix another typoe in the definition of DTrace SOBJS.
MFC after:	3 days
2014-08-11 21:14:08 +00:00
rpaulo
01b82793f2 bsd.dep.mk: use the empty() function with the check for .d files.
Seems to work better with the old make.

MFC after:	3 days
2014-08-11 20:44:57 +00:00
rpaulo
e8743ccfa0 Fix an error in the dependency of the DTrace object file.
MFC after:	3 days
2014-08-11 20:41:14 +00:00
peter
f9b5f7791d Update serf-1.3.6 -> 1.3.7
Update subversion-1.8.9 -> 1.8.10

Security:	CVE-2014-3504, CVE-2014-3522, CVE-2014-3528
2014-08-11 19:41:01 +00:00
peter
0d1e05fe9c Import svn-1.8.10 2014-08-11 19:19:17 +00:00
jmg
60583246f3 add myself as opencrypto maintainer as I'm doing some work in the
area...

Note that documentation is requires for commits to what I maintain...
2014-08-11 19:03:20 +00:00
jhb
a773a4db5c Fix a typo.
PR:		192294
Submitted by:	Conrad Meyer <conrad.meyer@isilon.com>
2014-08-11 18:26:57 +00:00
alc
21653d7852 Change {_,}pmap_allocpte() so that they look for the flag PMAP_ENTER_NOSLEEP
instead of M_NOWAIT/M_WAITOK when deciding whether to sleep on page table
page allocation.  (The same functions in the i386/xen and mips pmap
implementations already use PMAP_ENTER_NOSLEEP.)

X-MFC with:	r269728
Sponsored by:	EMC / Isilon Storage Division
2014-08-11 17:45:41 +00:00
ngie
d3567c0525 Similar to r250143, optimize MODULES_OVERRIDE such that SUBDIR isn't
automatically defined if MODULES_OVERRIDE is defined

Approved by: jmmv (mentor)
Reviewed by: imp
Phabric: D578
Sponsored by: EMC / Isilon Storage Division
2014-08-11 17:04:04 +00:00
gjb
92720de965 In arm/release.sh, continue if 'xdev-links' target fails
where the target is not valid (stable/10), instead of doing
per-branch evaluation on if xdev-links needs to be invoked.

Sponsored by:	The FreeBSD Foundation
2014-08-11 16:31:28 +00:00
ache
a4c7667eaa Add otp-sha
MFC after:      1 week
2014-08-11 15:41:55 +00:00
royger
38d76d5727 blkfront: add support for unmapped IO
Using unmapped IO is really beneficial when running inside of a VM,
since it avoids IPIs to other vCPUs in order to invalidate the
mappings.

This patch adds unmapped IO support to blkfront. The following tests
results have been obtained when running on a Xen host without HAP:

PVHVM
     3165.84 real      6354.17 user      4483.32 sys
PVHVM with unmapped IO
     2099.46 real      4624.52 user      2967.38 sys

This is because when running using shadow page tables TLB flushes and
range invalidations are much more expensive, so using unmapped IO
provides a very important performance boost.

Sponsored by:	Citrix Systems R&D
Tested by:	robak
MFC after:	1 week
PR:		191173

dev/xen/blkfront/blkfront.c:
 - Add and announce support for unmapped IO.
2014-08-11 15:37:02 +00:00
glebius
674240e020 Move KASSERT into locked region.
Submitted by:	kib
2014-08-11 15:06:07 +00:00
imp
b20344b2e9 Remove dependence on source tree options. Move all kernel module
options into kern.opts.mk and change all the places where we use
src.opts.mk to pull in the options. Conditionally define SYSDIR and
use SYSDIR/conf/kern.opts.mk instead of a CURDIR path. Replace all
instances of CURDIR/../../etc with STSDIR, but only in the affected
files.

As a special compatibility hack, include bsd.owm.mk at the top of
kern.opts.mk to allow the bare build of sys/modules to work on older
systems. If the defaults ever change between 9.x, 10.x and current for
these options, however, you'll wind up with the host OS' defaults
rather than the -current defaults. This hack will be removed when
we no longer need to support this build scenario.

Reviewed by: jhb
Differential Revision: https://phabric.freebsd.org/D529
2014-08-11 14:50:49 +00:00
ache
46245d1658 Last '/' for program name, not first one
MFC after:      1 week
2014-08-11 14:46:09 +00:00
ache
6e6c17d1a4 Link otp-sha1 to match real challenge prompt, not otp-sha
MFC after:      1 week
2014-08-11 14:37:57 +00:00
ache
5fded323c9 When sha1 support was added, they forget to increase OPIE_HASHNAME_MAX
MFC after:      1 week
2014-08-11 13:36:02 +00:00
glebius
f517095e72 Use M_WAITOK in sf_buf_init().
Sponsored by:	Netflix
Sponsored by:	Nginx, Inc.
2014-08-11 13:12:18 +00:00
glebius
22028ff4aa Provide sf_buf_ref() to optimize refcounting of already allocated
sendfile(2) buffers.

Sponsored by:	Netflix
Sponsored by:	Nginx, Inc.
2014-08-11 12:59:55 +00:00
ache
41f23f3992 Fix too long (seed length >12 chars) challenge handling.
1) " ext" length should be included into OPIE_CHALLENGE_MAX (as all places
of opie code expects that).
2) Overflow check in challenge.c is off by 1 even with corrected
OPIE_CHALLENGE_MAX
3) When fallback to randomchallenge() happens and rval is 0 (i.e.
challenge is too long), its value should be set to error state too.

To demonstrate the bug, run opiepasswd with valid seed:
opiepasswd -s 1234567890123456
and notice that it falls back to randomchallenge() (i.e. no
1234567890123456 in the prompt).

PR:             191511
Submitted by:   mitsururike@gmail.com (partially)
MFC after:      1 week
2014-08-11 12:26:48 +00:00
araujo
9abce0e567 - Remove unneeded include.
Phabric:	D563
Reviewed by:	kevlo
Approved by:	kevlo
2014-08-11 03:04:16 +00:00
adrian
61ad4c7509 Add some more OS_MARK() probes to the AR9300 HAL. 2014-08-11 00:03:50 +00:00
dumbbell
39f8672844 Fix two files forgotten in r269783 (vt_generate_cons_palette)
Reported by:	bz
MFC after:	1 week
MFC with:	269783
2014-08-10 22:24:14 +00:00
rmacklem
d9417510df Document the use of the vfs.nfsd sysctls that control the size of
the NFS server's DRC for TCP.
This is a content change.

MFC after:	1 week
2014-08-10 20:05:13 +00:00
dumbbell
385b74b7ff vt(4): Colors are indexed against a console palette, not a VGA palette
Rename vt_generate_vga_palette() to vt_generate_cons_palette() and
change it to build a palette where the color index is the same than in
terminal escape codes, not the VGA index. That's what TCHAR_CREATE()
uses and passes to vt(4).

The main differences between both orders are:
    o  Blue and red are swapped (1 <-> 4)
    o  Yellow and cyan are swapped (3 <-> 6)

The problem remained unnoticed, because the RGB bit indexes passed to
vt_generate_vga_palette() were reversed. This inversion was cancelled
by the colors inversions in the generated palette. For instance, red
(0xff0000) and blue (0x0000ff) have bytes in opposite order, but were
swapped in the palette. But after changing the value of blue (see last
paragraph), the modified color was in fact the red one.

This commit includes a fix to creator_vt.c, submitted by Nathan
Whitehorn: fb_cmsize is set to 16. Before this, the generated palette
would be overwritte. This fixes colors on sparc64 with a Creator3D
adapter.

While here, tune the palette to better match console colors and improve
the readability (especially the dark blue).

Submitted by:	nwhitehorn (fix to creator_vt.c)
MFC after:	1 week
2014-08-10 17:04:10 +00:00
kib
6eda5993e9 On sparc64, do not keep mappings for the destroyed sf_bufs. Sparc64
pmap, unlike i386, and similar to i386/xen pv, does not tolerate
abandoned mappings for the freed pages.

Reported and tested by:	dumbbell
Diagnosed and reviewed by:	alc
Sponsored by:	The FreeBSD Foundation
2014-08-10 16:59:39 +00:00
dumbbell
2a8fc9388e vt(4): Add vtbuf_dirty*_locked() to lock vtbuf once, not twice
In several functions, vtbuf_putchar() in particular, the lock on vtbuf
is acquired twice:
    1. once by the said functions;
    2. once in vtbuf_dirty().

Now, vtbuf_dirty_locked() and vtbuf_dirty_cell_locked() allow to
acquire that lock only once.

This improves the input speed of vt(4). To measure the gain, a
50,000-lines file was displayed on the console using cat(1). The time
taken by cat(1) is reported below:
    o  On amd64, with vt_vga:
        - before: 1.0"
	- after:  0.5"
    o  On sparc64, with creator_vt:
        - before: 13.6"
	- after:  10.5"

MFC after:	1 week
2014-08-10 15:02:51 +00:00
dumbbell
49b200df0d fbd: Fix a bug where vt_fb_attach() success would be considered a failure
vt_fb_attach() currently always returns 0, but it could return a code
defined in errno.h. However, it doesn't return a CN_* code. So checking
its return value against CN_DEAD (which is 0) is incorrect, and in this
case, a success becomes a failure.

The consequence was unimportant, because the caller (drm_fb_helper.c)
would only log an error message in this case. The console would still
work.

Approved by:	nwhitehorn
2014-08-10 14:55:39 +00:00
adrian
5d48d93213 Undo r195846 for now - allow raw frame transmit in monitor mode.
The original commit was supposed to stop the ability to do raw frame
injection in monitor mode to arbitrary channels (whether supported
by regulatory or not) however it doesn't seem to have been followed
by any useful way of doing it.

Apparently AHDEMO is supposed to be that way, but it seems to require
too much fiddly things (disable scanning, set a garbage SSID, etc)
for it to actually be useful for spoofing things.

So for now let's just disable it and instead look to filter transmit
in the output path if the channel isn't allowed by regulatory.
That way monitor RX works fine but TX will be blocked.

I don't plan on MFC'ing this to -10 until the regulatory enforcement
bits are written.
2014-08-10 08:35:42 +00:00
hselasky
e253e43882 Fix string length argument passed to "sysctl_handle_string()" so that
the complete string is returned by the function and not just only one
byte.

PR:	192544
MFC after:	2 weeks
2014-08-10 07:51:55 +00:00
rpaulo
18059e8e63 Remove the BROKEN_LIBELF section.
This problem was fixed by Kai Wang in 2011.

MFC after:	3 days
2014-08-10 06:56:43 +00:00
rpaulo
336929ba09 Fix a few problems with the USDT probes:
* Include OBJDIR to make sure the generated file is found;
* Simplify the definition of OBJS;
* Add targets for shared objects and for profiled objects.

MFC after:	3 days
2014-08-10 06:43:40 +00:00
adrian
5dd648cc55 Fix paths. 2014-08-10 03:09:35 +00:00
rmacklem
cb34fe67aa Change the NFS server's printf related to hitting
the DRC cache's flood level so that it suggests
increasing vfs.nfsd.tcphighwater.

Suggested by:	h.schmalzbauer@omnilan.de
2014-08-10 01:13:32 +00:00
ian
ff74079d9b Handle various ways that interrupt config data can be malformed by
warning and assuming more or less reasonable values.
2014-08-10 00:30:12 +00:00
ian
e746f577af Use a separate variable for resource id, because 'i' may increment at a
rate greater than 1 on each iteration.
2014-08-10 00:23:57 +00:00