Displaying 1 50 of 264,682 commits (0.036s)

HardenedBSD — release/arm BEAGLEBONE.conf GUMSTIX.conf

MFC r332674:
 Increase the msdosfs partition size on arm SoC images where the
 current size may not be sufficiently large for development and/or
 testing.

PR:                227548
Sponsored by:        The FreeBSD Foundation

HardenedBSD — share/misc committers-src.dot

MFC r332386, r332430:
  Updated mentors information.
  Added entry in the correct section.

Approved by: mav
Delta File
+3 -0 share/misc/committers-src.dot
+3 -0 1 file

HardenedBSD — sys/dev/ocs_fc ocs_os.h ocs_os.c

MFC r332471, r332646:
   Check if STACK is defined before using the stack(9).
   Moved opts-stack.h include before all other includes.

Approved by: mav

HardenedBSD — usr.bin/grep file.c

bsdgrep: Fix build failure WITHOUT_LZMA (incorrect bracket placement)

Submitted by:        sbruno
Reported by:        sbruno
Delta File
+1 -1 usr.bin/grep/file.c
+1 -1 1 file

HardenedBSD — usr.sbin/pwd_mkdb pwd_mkdb.8

pwd_mkdb: add deprecation notice in manpage too

Followon to r332789; as reported on the -current and -stable lists and
in review D15144 the -l option will be removed before FreeBSD 12.0.
Delta File
+6 -1 usr.sbin/pwd_mkdb/pwd_mkdb.8
+6 -1 1 file

HardenedBSD — share/misc committers-src.dot

    Update committers-src.dot to show the mentorship arrangement for myself: eadler has 
agreed to mentor me.
Delta File
+2 -1 share/misc/committers-src.dot
+2 -1 1 file

HardenedBSD — share/misc committers-src.dot, usr.bin/calendar/calendars calendar.freebsd

Update account and given names in committers-src.dot and calendar.freebsd

I have changed my given name from Bruce to Rebecca, and my FreeBSD account
from brucec to bcran.
Update committers-src.dot and calendar.freebsd to show these changes.

Reviewed by:        rrs
Differential Revision: https://reviews.freebsd.org/D15125

HardenedBSD — sys/kern vfs_bio.c

Make bufdaemon and bufspacedaemon use kthread_suspend_check instead of
kproc_suspend_check.  In r329612 bufspacedaemon was turned into a thread
of the bufdaemon process causing both to call kproc_suspend_check with the
same proc argument and that function contains the following while loop:

while (SIGISMEMBER(p->p_siglist, SIGSTOP)) {
        wakeup(&p->p_siglist);
        msleep(&p->p_siglist, &p->p_mtx, PPAUSE, "kpsusp", 0);
}

So one thread wakes up the other and the other wakes up the first again,
locking up UP machines on shutdown.

Also register the shutdown handlers with SHUTDOWN_PRI_LAST + 100 so they
run after the syncer has shutdown, because the syncer can cause a
situation where bufdaemon help is needed to proceed.

PR:                227404
Reviewed by:        kib
Tested by:        cy, rmacklem
Delta File
+7 -4 sys/kern/vfs_bio.c
+7 -4 1 file

HardenedBSD — sys/kern kern_descrip.c kern_lockf.c

lockf: slightly depessimize

1. check if P_ADVLOCK is already set and if so, don't lock to set it
(stolen from DragonFly)
2. when trying for fast path unlock, check that we are doing unlock
first instead of taking the interlock for no reason (e.g. if we want
to *lock*). whilere make it more likely that falling fast path will
not take the interlock either by checking for state

Note the code is severely pessimized both single- and multithreaded.
Delta File
+10 -6 sys/kern/kern_descrip.c
+4 -4 sys/kern/kern_lockf.c
+14 -10 2 files

HardenedBSD — contrib/ofed/libibverbs init.c

Remove the "load drivers" logic from libibverbs.

The "load drivers" logic in the libibverbs configuration file is relevant
for Linux only.

MFC after:        3 days
Sponsored by:        Mellanox Technologies
Delta File
+0 -263 contrib/ofed/libibverbs/init.c
+0 -263 1 file

HardenedBSD — sys/powerpc/include cpu.h, sys/powerpc/powerpc cpu.c

Fix the build post r332859

sysentvec::sv_hwcap/sv_hwcap2 are pointers to  u_long, so cpu_features* need
to be u_long to use the pointers.  This also requires a temporary cast in
printing the bitfields, which is fine because the feature flag fields are
only 32 bits anyway.

HardenedBSD — cddl/usr.sbin/dwatch/libexec sendrecv

dwatch(1): Remove the line used to demonstrate `-dev' option

In recently added sendrecv profile, there was a line purposefully
added to introduce a compilation error in which `-dev' is used to
debug the entry. Removing the entry.

Sponsored by:        Smule, Inc.

HardenedBSD — cddl/usr.sbin/dwatch/libexec sendrecv Makefile

dwatch(1): Add profile for send(2)/recv(2) syscalls

Sponsored by:        Smule, Inc.

HardenedBSD — cddl/usr.sbin/dwatch dwatch

dwatch(1): Add `-dev' option to aid debugging of profiles

The options `-d' (debug), `-e' (exit after compile), and `-v' (verbose)
when combined in any order (though best remembered as `-dev') will run
the conflated script through dtrace(1), test for error conditions, and
show the line that dtrace(1) failed at (with context).

If no errors are found, the output is the same as `-e[v]'.

When writing a new profile for dwatch(1), you can quickly test to
make sure it compiles by running `dwatch -devX profile_name' where
profiles live in /usr/libexec/dwatch or /usr/local/libexec/dwatch
(the latter being where profiles installed via ports should go).

Sponsored by:        Smule, Inc.
Delta File
+63 -1 cddl/usr.sbin/dwatch/dwatch
+63 -1 1 file

HardenedBSD — etc/rc.d ddb

MFC r332773: Fix ddb rc script

r288291 added a call to limits(1), which isn't available before partitions
are mounted. This broke the ddb rc script, which does not provide its own
start_cmd.

Alleviate the situation here by providing a start_cmd. We still have other
problems with diskless setups that need to be considered, but this is a
start.

PR:                206291
Delta File
+6 -0 etc/rc.d/ddb
+6 -0 1 file

HardenedBSD — sys/powerpc/powerpc elf32_machdep.c

HBSD: Resolve merge conflict

Signed-off-by:        Shawn Webb <shawn.webb at hardenedbsd.org>
Sponsored-by:        SoldierX

HardenedBSD — sys/powerpc/powerpc elf32_machdep.c elf64_machdep.c

Export powerpc CPU features for auxvec

FreeBSD exports the AT_HWCAP* auxvec items if provided by the ELF sysentvec
structure.  Add the CPU features to be exported, so user space can more
easily check for them without using the hw.cpu_features and hw.cpu_features2
sysctls.

HardenedBSD — usr.bin/grep util.c

bsdgrep: Use grep_strdup instead of grep_malloc+strcpy
Delta File
+1 -2 usr.bin/grep/util.c
+1 -2 1 file

HardenedBSD — etc/defaults rc.conf, etc/rc.d cfumass Makefile

Add cfumass rc script, to create a LUN for cfumass(4).

MFC after:        2 weeks
Relnotes:        yes
Sponsored by:        The FreeBSD Foundation
Differential Revision:        https://reviews.freebsd.org/D14844

HardenedBSD — usr.bin/grep util.c

bsdgrep: Fix --include/--exclude ordering issues

Prior to r332851:
* --exclude always win out over --include
* --exclude-dir always wins out over --include-dir

r332851 broke that behavior, resulting in:
* First of --exclude, --include wins
* First of --exclude-dir, --include-dir wins

As it turns out, both behaviors are wrong by modern grep standards- the
latest rule wins. e.g.:

`grep --exclude foo --include foo 'thing' foo`
foo is included

`grep --include foo --exclude foo 'thing' foo`
foo is excluded

As tested with GNU grep 3.1.

This commit makes bsdgrep follow this behavior.

Reported by:        se
Delta File
+10 -4 usr.bin/grep/util.c
+10 -4 1 file

HardenedBSD — usr.bin/clang/clang clang.1

MFC r332414:

Regenerate clang man page after upstream change to document the possible
values for the -std= option.

Noticed by:        Steve Kargl
Obtained from:        https://reviews.llvm.org/rL329827
Delta File
+258 -3 usr.bin/clang/clang/clang.1
+258 -3 1 file

HardenedBSD — sys/conf files, sys/modules/blake2 Makefile

blake2: Disable warnings (not just error) for code we will not modify

Leave libb2 pristine and silence the warnings for mjg.

HardenedBSD — usr.bin/grep file.c

bsdgrep: if chain => switch

This makes some of this a little easier to follow (in my opinion).
Delta File
+71 -50 usr.bin/grep/file.c
+71 -50 1 file

HardenedBSD — usr.bin/grep util.c

bsdgrep: More trivial cleanup/style cleanup

We can avoid branching for these easily reduced patterns
Delta File
+5 -14 usr.bin/grep/util.c
+5 -14 1 file

HardenedBSD — usr.bin/grep util.c

bsdgrep: Some light cleanup

There's no point checking for a bunch of file modes if we're not a
practicing believer of DIR_SKIP or DEV_SKIP.

This also reduces some style violations that were particularly ugly looking
when browsing through.
Delta File
+5 -5 usr.bin/grep/util.c
+5 -5 1 file

HardenedBSD — contrib/llvm/tools/lldb/source/Plugins/Process/FreeBSD ProcessMonitor.cpp

lldb: propagate error to user if memory read fails

Previously, an attempt to read an unreadable access reported zeros:

(lldb) memory read -format hex -size 8 0
0x00000000: 0x0000000000000000 0x0000000000000000
0x00000010: 0x0000000000000000 0x0000000000000000
...

Now, if DoReadMemory encounters error then return 0 (bytes read) so we
report the error to the user:

(lldb) memory read -format hex -size 8 0
error: Bad address

LLVM PR:        37190

MFC after:        1 week
Sponsored by:        The FreeBSD Foundation

HardenedBSD — tools/tools README

MFC r332673: Remove mention of tools/recoverdisk, now in sbin

PR:                227570
Delta File
+0 -1 tools/tools/README
+0 -1 1 file

HardenedBSD — sys/dev/extres/regulator regulator.c

regulator: Check status before disabling

When disabling regulator when they are unused, check before is they are
enabled.
While here don't check the enable_cnt on the regulator entry as it is
checked by regnode_stop.
This solve the panic on any board using a fixed regulator that is driven
by a gpio when the regulator is unused.

Tested On: OrangePi One
Pointy Hat to:            myself
Reported by:        kevans, Milan Obuch (freebsd-arm at dino.sk)

HardenedBSD — sys/netinet6 ip6_output.c

MFC r319216:
  Fix an unnecessary/incorrect check in the PKTOPT_EXTHDRCPY macro.

  This macro allocates memory and, if malloc does not return NULL, copies
  data into the new memory. However, it doesn't just check whether malloc
  returns NULL. It also checks whether we called malloc with M_NOWAIT. That
  is not necessary.

  While it may be that malloc() will only return NULL when the M_NOWAIT flag
  is set, we don't need to check for this when checking malloc's return
  value. Further, in this case, the check was not completely accurate,
  because it checked for flags == M_NOWAIT, rather than treating it as a bit
  field and checking for (flags & M_NOWAIT).

Sponsored by:        Netflix, Inc.
Delta File
+1 -1 sys/netinet6/ip6_output.c
+1 -1 1 file

HardenedBSD — sys/netinet6 icmp6.c

MFC r319215:
  Fix two places in the ICMP6 code where we could dereference a NULL pointer
  in the icmp6_input() function.

  When processing an ICMP6_ECHO_REQUEST, if IP6_EXTHDR_GET fails, it will
  set nicmp6 and n to NULL. Therefore, we should condition our modification
  to nicmp6 on n being not NULL.

  And, when processing an ICMP6_WRUREQUEST in the (mode != FQDN) case, if
  m_dup_pkthdr() fails, the code will set n to NULL. However, the very next
  line dereferences n. Therefore, when m_dup_pkthdr() fails, we should
  discontinue further processing and follow the same path as when m_gethdr()
  fails.

Reported by:        clang static analyzer
Sponsored by:        Netflix, Inc.
Delta File
+3 -2 sys/netinet6/icmp6.c
+3 -2 1 file

HardenedBSD — sys/netinet ip_icmp.c, sys/netinet6 udp6_usrreq.c

MFC r319214:
  Enforce the limit on ICMP messages before doing work to formulate the
  response.

  Delete an unneeded rate limit for UDP under IPv6. Because ICMP6
  messages have their own rate limit, it is unnecessary to apply a
  second rate limit to UDP messages.

Sponsored by:        Netflix, Inc.

HardenedBSD — sys/net ieee8023ad_lacp.c

MFC r314286:
  Do some minimal work to better conform to the 802.3ad (LACP) standard.
  In particular, don't set the synchronized bit for the peer unless it truly
  appears to be synchronized to us. Also, don't set our own synchronized bit
  unless we have actually seen a remote system.

  Prior to this change, we were seeing some strange behavior, such as:

  1. We send an advertisement with the Activity, Aggregation, and Default
  flags, followed by an advertisement with the Activity, Aggregation,
  Synchronization, and Default flags. However, we hadn't seen an
  advertisement from another peer and were still advertising the default
  (NULL) peer. A closer examination of the in-kernel data structures (using
  kgdb) showed that the system had added the default (NULL) peer as a valid
  aggregator for the segment.
  2. We were receiving an advertisement from a peer that included the
  default (NULL) peer instead of including our system information. However,
  we responded with an advertisement that included the Synchronization flag
  for both our system and the peer. (Since the peer's advertisement did not
  include our system information, we shouldn't add the synchronization bit
  for the peer.)

  This patch corrects those two items.

Sponsored by:        Netflix, Inc.
Delta File
+13 -5 sys/net/ieee8023ad_lacp.c
+13 -5 1 file

HardenedBSD — sys/kern subr_terminal.c

MFC r314116:
  Fix a panic during boot caused by inadequate locking of some vt(4) driver
  data structures.

  vt_change_font() calls vtbuf_grow() to change some vt driver data
  structures. It uses TF_MUTE to prevent the console from trying to use
  those data structures while it changes them.

  During the early stage of the boot process, the vt driver's tc_done
  routine uses those data structures; however, it is currently called
  outside the TF_MUTE check.

  Move the tc_done routine inside the locked TF_MUTE check.

PR:                217282
Sponsored by:        Netflix, Inc.
Delta File
+5 -3 sys/kern/subr_terminal.c
+5 -3 1 file

HardenedBSD — sys/dev/acpica acpi_cpu.c, sys/x86/x86 cpu_machdep.c

MFC r313447:
  Ensure the idle thread's loop services interrupts in a timely way when
  using the ACPI C1/mwait sleep method.

  Previously, the mwait instruction would return when an interrupt was
  pending; however, the idle loop did not actually enable interrupts when
  this occurred. This led to a situation where the idle loop could quickly
  spin through the C1/mwait sleep method a number of times when an interrupt
  was pending. (Eventually, the situation corrected itself when something
  other than an interrupt triggered the idle loop to either enable
  interrupts or schedule another thread.)

Sponsored by:        Netflix, Inc.

HardenedBSD — sys/netinet tcp_input.c

MFC r307083:
 Currently, when tcp_input() receives a packet on a session that matches a
 TCPCB, it checks (so->so_options & SO_ACCEPTCONN) to determine whether or
 not the socket is a listening socket. However, this causes the code to
 access a different cacheline. If we first check if the socket is in the
 LISTEN state, we can avoid accessing so->so_options when processing packets
 received for ESTABLISHED sessions.

 If INVARIANTS is defined, the code still needs to access both variables to
 check that so->so_options is consistent with the state.

Sponsored by:        Netflix, Inc.
Delta File
+3 -3 sys/netinet/tcp_input.c
+3 -3 1 file

HardenedBSD — sys/netinet tcp_output.c

MFC r306768:
  If the new window size is less than the old window size, skip the
  calculations to check if we should advertise a larger window.
Delta File
+4 -3 sys/netinet/tcp_output.c
+4 -3 1 file

HardenedBSD — sys/amd64/amd64 pmap.c

MFC r330511:
  We shouldn't need to execute code in the recursive page table mappings;
  therefore, it should be safe to set the NX bit on the PML4E for the
  recursive page table mappings.  According to the Intel docs, the effect
  of the NX bit should propogate to any page reached through a PML4E which
  has the NX bit set.

Sponsored by:        Netflix, Inc.
Delta File
+1 -1 sys/amd64/amd64/pmap.c
+1 -1 1 file

HardenedBSD — sys/amd64/amd64 pmap.c

MFC r330510:
  Prior to r329071, pmap_bootstrap() used pmap_kmem_choose() to round the
  first available virtual address to a 2MB boundary. After r329071,
  create_pagetables() rounds firstaddr up to a 2MB boundary. This ensures
  the kernel is mapped in super-pages, which is the point of the logic
  in pmap_kmem_choose(). Therefore, it is no longer necessary for
  pmap_bootstrap() to round up to the 2MB boundary again.

  As pmap_bootstrap() was the only user of pmap_kmem_choose(), we can
  delete pmap_kmem_choose().

Sponsored by:        Netflix, Inc.
Delta File
+0 -17 sys/amd64/amd64/pmap.c
+0 -17 1 file

HardenedBSD — sys/dev/nvme nvme_ns.c

MFC r332780,r332783:
    Intel drives have an optimal alignment for I/O. While they honor I/Os
    that cross this boundary, they perform better when this isn't the
    case. Intel uses the 3rd byte in the vendor specific area for
    this. The DC P3500 was previously listed without any explanation. Add
    the DC P3520 and DC P4500 to the list.

    There won't be any others drives needing this quirk. Intel has
    standardized a field in the namespace data in 1.3 (noiob).  A future
    patch will use that if it exists, with fallback to this method.

    Submitted by: Keith Busch
    Reviewed by: jimharris@
    [[ plus tweak comments from 332783 ]]

Sponsored by: Netflix
Delta File
+16 -3 sys/dev/nvme/nvme_ns.c
+16 -3 1 file

HardenedBSD — sys/amd64/amd64 pmap.c

MFC r329171:
  Mark the pages used for the initial page-table entries as wired. This
  makes them consistent with the way other page-table pages are allocated.
  It also provides the rest of the VM system a good clue that these pages
  are used.

Sponsored by:        Netflix, Inc.
Delta File
+2 -0 sys/amd64/amd64/pmap.c
+2 -0 1 file

HardenedBSD — sys/amd64/amd64 pmap.c

MFC r329071:
  On bootup, the amd64 pmap initialization code creates page-table
  mappings for the pages used for the kernel and some initial allocations
  used for the page table. It maps the kernel and the blocks used for
  these initial allocations using 2MB pages.

  However, if the kernel does not end on a 2MB boundary, it still maps the
  last portion using a 2MB page, but reports that the unused 4K blocks
  within this 2MB allocation are free physical blocks. This means that
  these same physical blocks could also be mapped elsewhere - for example,
  into a user process. Given the proximity to the kernel text and data
  area, it seems wise to avoid allowing someone to write data to physical
  blocks also mapped into these virtual addresses.

  (Note that this isn't a security vulnerability: the direct map makes
  most/all memory on the system mapped into kernel space. And, nothing
  in the kernel should be trying to access these pages, as the virtual
  addresses are unused. It simply seems wise to avoid reusing these
  physical blocks while they are mapped to virtual addresses so close
  to the kernel text and data area.)

  Consequently, let's reserve the physical blocks covered by the
  page-table mappings for these initial allocations.

Sponsored by:        Netflix, Inc.
Delta File
+7 -0 sys/amd64/amd64/pmap.c
+7 -0 1 file

HardenedBSD — sys/netinet in_pcb.c, sys/netinet6 in6_pcb.c

MFC r331309:
  If the INP lock is uncontested, avoid taking a reference and jumping
  through the lock-switching hoops.

  A few of the INP lookup operations that lock INPs after the lookup do
  so using this mechanism (to maintain lock ordering):

  1. Lock lookup structure.
  2. Find INP.
  3. Acquire reference on INP.
  4. Drop lock on lookup structure.
  5. Acquire INP lock.
  6. Drop reference on INP.

  This change provides a slightly shorter path for cases where the INP
  lock is uncontested:

  1. Lock lookup structure.
  2. Find INP.
  3. Try to acquire the INP lock.
  4. If successful, drop lock on lookup structure.

  Of course, if the INP lock is contested, the functions will need to
  revert to the previous way of switching locks safely.


    [3 lines not shown]
Delta File
+52 -22 sys/netinet/in_pcb.c
+52 -22 sys/netinet6/in6_pcb.c
+104 -44 2 files

HardenedBSD — sys/netinet6 dest6.c ip6_output.c

MFC r331484:
  Remove some unneccessary variable sets in IPv6 code, as detected by
  clang's static analyzer.

Sponsored by:        Netflix, Inc.

HardenedBSD — sys/netinet6 nd6_nbr.c

MFC r331488:
  This change adds a flag to the DAD entry to indicate whether it is
  currently on the queue. This prevents accidentally doubly-removing a DAD
  entry from the queue, while also simplifying some of the logic in
  nd6_dad_stop().

Sponsored by:        Netflix, Inc.
Delta File
+17 -12 sys/netinet6/nd6_nbr.c
+17 -12 1 file

HardenedBSD — sys/netinet tcp_seq.h

MFC r331926:
  r330675 introduced an extra window check in the LRO code to ensure it
  captured and reported the highest window advertisement with the same
  SEQ/ACK.  However, the window comparison uses modulo 2**16 math, rather
  than directly comparing the absolute values.  Because windows use
  absolute values and not modulo 2**16 math (i.e. they don't wrap), we
  need to compare the absolute values.

Sponsored by:        Netflix, Inc.
Delta File
+4 -4 sys/netinet/tcp_seq.h
+4 -4 1 file

HardenedBSD — sys/netinet tcp_usrreq.c

MFC r332120:
  If a user closes the socket before we call tcp_usr_abort(), then
  tcp_drop() may unlock the INP.  Currently, tcp_usr_abort() does not
  check for this case, which results in a panic while trying to unlock
  the already-unlocked INP (not to mention, a use-after-free violation).

  Make tcp_usr_abort() check the return value of tcp_drop(). In the case
  where tcp_drop() returns NULL, tcp_usr_abort() can skip further steps
  to abort the connection and simply unlock the INP_INFO lock prior to
  returning.

Sponsored by:        Netflix, Inc.
Delta File
+4 -1 sys/netinet/tcp_usrreq.c
+4 -1 1 file

HardenedBSD — sys/pc98/cbus scterm-sck.c

- Use __FBSDID().
- Fix pc98 build.
  Merge from sys/dev/syscons/scterm-teken.c r330918.
Delta File
+4 -11 sys/pc98/cbus/scterm-sck.c
+4 -11 1 file

HardenedBSD — sys/conf files.pc98

MFi386: r329199

  Move signal trampolines out of locore.s into separate source file.

This fixes pc98 build.
Delta File
+1 -0 sys/conf/files.pc98
+1 -0 1 file

HardenedBSD — sys/netpfil/ipfw/nat64 nat64lsn.c

MFC r332467:
  To avoid possible deadlock do not acquire JQUEUE_LOCK before callout_drain.
Delta File
+0 -3 sys/netpfil/ipfw/nat64/nat64lsn.c
+0 -3 1 file

HardenedBSD — sys/netinet6 ip6_fastfwd.c

MFC r332475:
  Add check that mbuf had not multicast layer2 address.
  Such packets should be handled by ip6_mforward().
Delta File
+2 -1 sys/netinet6/ip6_fastfwd.c
+2 -1 1 file