Displaying 1 50 of 253,442 commits (0.099s)

HardenedBSD — tests/sys/kern unix_seqpacket_test.c

Send all of `data`, not just a portion of it

It was sending only a long's worth (4 or 8 bytes) of data previously
(instead of the entire buffer) via send(2).

MFC after:        1 week
Reported by:        Coverity
CID:                1229966, 1229967, 1230004, 1230005
Sponsored by:        Dell EMC Isilon

HardenedBSD — tests/sys/netinet tcp_user_cookie.c

Initial `srv` before using it in bind(2)

MFC after:        3 days
Reported by:        Coverity
CID:                1357526
Sponsored by:        Dell EMC Isilon

HardenedBSD — tests/sys/file newfileops_on_fork_test.c

Don't leak accept_fd on thread completion

MFC after:        3 days
Reported by:        Coverity
CID:                1296068
Sponsored by:        Dell EMC Isilon

HardenedBSD — tests/sys/file newfileops_on_fork_test.c

Use main(void) instead of main(argc __unused, argv __unused)

MFC after:        3 days
Sponsored by:        Dell EMC Isilon

HardenedBSD — tests/sys/file newfileops_on_fork_test.c

Use an exit code of 1 instead of -1 for reasons noted in r319056

MFC after:        3 days
Sponsored by:        Dell EMC Isilon

HardenedBSD — tests/sys/file ftruncate_test.c

Create a deterministic file in the kyua sandbox, instead of a
temporary file outside the kyua sandbox

This helps ensure that the file is removed at test exit, and as
a side effect, cures a warning about umasks with Coverity.

MFC after:        3 days
Sponsored by:        Dell EMC Isilon
Delta File
+4 -5 tests/sys/file/ftruncate_test.c
+4 -5 1 file

HardenedBSD — sys/amd64/linux linux.h

In r246085 some bits that are MI movied out into headers in compat/linux,
but I missed that when I commited x86_64 Linuxulator. So remove the duplicates.

MFC after:        1 week
Delta File
+0 -22 sys/amd64/linux/linux.h
+0 -22 1 file

HardenedBSD — tests/sys/file ftruncate_test.c

tests/sys/file/ftruncate_test: use an exit code of 1 instead
of -1 with err*(3).

An exit code of -1 is implementation defined -- it's best to stick
with something well-defined (1).

MFC after:        3 days
Sponsored by:        Dell EMC Isilon
Delta File
+16 -16 tests/sys/file/ftruncate_test.c
+16 -16 1 file

HardenedBSD — sys/mips/atheros ar71xxreg.h

[ar71xx] undo read-after-write to flush; some bus devices dislike this.

This broke the PCI fixup on at least the AR7240 + AR9280 reference design
board that I have.

Tested:

* Atheros AP93 reference design - AR7240 + AR9280
Delta File
+7 -6 sys/mips/atheros/ar71xxreg.h
+7 -6 1 file

HardenedBSD — lib/libc/tests/nss gethostby_test.c

hostent_test_getaddrinfo_eq(..): call freeaddrinfo on `ai` when done

This plugs a leak of memory allocated via getaddrinfo.

MFC after:        1 week
Reported by:        Coverity
CID:                1346866
Sponsored by:        Dell EMC Isilon
Delta File
+10 -8 lib/libc/tests/nss/gethostby_test.c
+10 -8 1 file

HardenedBSD — sys/compat/linux linux_misc.c, sys/conf config.mk

On success, getrandom() Linux system call returns the number of bytes that
were copied to the buffer supplied by the user.

Also fix getrandom() if Linuxulator modules are built without the kernel.

PR:                219464
Submitted by:        Maciej Pasternacki
Reported by:        Maciej Pasternacki
MFC after:        1 week

HardenedBSD — sys/modules/linux Makefile, sys/modules/linux64 Makefile

Strip _binary_linux_locore_o_size from ${VDSO}.so as it is a low absolute
symbol, and this breaks symbol lookup in ddb.

Requested by:        bde@

MFC after:        1 week

HardenedBSD — lib/libc/tests/nss gethostby_test.c

hostent_test_getnameinfo_eq(..): initialize found_a_host to false

MFC after:        1 week
Reported by:        Coverity
CID:                1368943
Sponsored by:        Dell EMC Isilon

HardenedBSD — lib/libkvm Makefile

MFC r315698:

libkvm: bump WARNS to 6 after recent commits done to resolve warnings issues

Tested with:        make tinderbox; clang 4.0.0 (amd64), gcc 4.2.1/6.3.0 (amd64)
Delta File
+1 -1 lib/libkvm/Makefile
+1 -1 1 file

HardenedBSD — release/tools vmimage.subr

MFC r318872:
 Enable DHCP and IPv6 autoconfig on non-cloud VM images.

PR:                203653
Sponsored by:        The FreeBSD Foundation
Delta File
+5 -0 release/tools/vmimage.subr
+5 -0 1 file

HardenedBSD — lib/libc/tests/nss gethostby_test.c getgr_test.c

lib/libc/tests/nss: use calloc appropriately

The pattern used prior to this commit was `calloc(1, n * sizeof(type))`;
the pattern that should be used however is `calloc(n, sizeof(type))`.

MFC after:        3 days
Sponsored by:        Dell EMC Isilon

HardenedBSD — usr.sbin/pw/tests pw_groupshow_test.sh pw_usershow_test.sh

pw: add some basic testcases for groupshow and usershow

- groupshow: test out -a/-g/-n .
- usershow: test out -a/-n/-u .

MFC after:        1 week
Sponsored by:        Dell EMC Isilon

HardenedBSD — sys/boot Makefile.inc, sys/boot/efi/boot1 Makefile

MFC r309412,r316109,r316132:

r309412 (by imp):

dd is currently a bootstrap tool. It really doesn't have any business
being a bootstrap tool. However, for reproducible build output,
FreeBSD added dd status=none because it was otherwise difficult to
suppress the status information, but retain any errors that might
happen. There's no real reason that dd has to be a build tool, other
than we use status=none unconditional. Remove dd from a bootstrap tool
entirely by only using status=none when available. This may also help
efforts to build the system on non-FreeBSD hosts as well.

r316109:

Don't hardcode input files for stage 1/2 bootloaders; use .ALLSRC instead

This is a better pattern to follow when creating the bootloaders and doing
the relevant space checks to make sure that the sizes aren't exceeded (and
thus, copy-pasting is a bit less error prone).

r316132:

Parameterize out 7680 (15 * 512) as BOOT2SIZE, similar to sys/boot/i386/zfsboot/...


    [3 lines not shown]

HardenedBSD — usr.sbin/bsdinstall/scripts mirrorselect

    HBSD: use http instead of https in mirrorselect, since by default no certs are 
installed on installer
    
    MFC-to: 10-STABLE
    MFC-to: 11-STABLE
    X-MFC-with: eee3a095d26e5e3706c6fc94875cd82cb34a6c01
    Signed-off-by: Oliver Pinter <oliver.pinter at hardenedbsd.org>

HardenedBSD — contrib/binutils/ld configure.tgt

Align text correctly by using tabs instead of spaces.

The text was copy-pasted from the lines that carry the bogus spaces.
This is a non-functional change.
Delta File
+2 -2 contrib/binutils/ld/configure.tgt
+2 -2 1 file

HardenedBSD — sys/boot/common dev_net.c

Update the comments concerning net_parse_rootpath to reflect what it is now
really doing

Reported by:        rgrimes
Reviewed by:        rgrimes
Differential Revision:        https://reviews.freebsd.org/D10959
Delta File
+14 -2 sys/boot/common/dev_net.c
+14 -2 1 file

HardenedBSD — sys/contrib/ipfilter/netinet ip_sync.c

Fix return value of ip_sync_nat. Previously, regardless of error it
always returned a return code of 0.

Obtained from:        NetBSD ip_sync.c r1.5
MFC after:        1 week

HardenedBSD — sys/cddl/contrib/opensolaris/uts/common/fs/zfs zfs_ctldir.c zfs_vnops.c, sys/fs/nfsclient nfs_clport.c

Use whole mnt_stat.f_fsid bits for st_dev.

Since ino64 expanded dev_t to 64bit, make VOP_GETATTR(9) provide all
bits of mnt_stat.f_fsid as va_fsid for vnodes on filesystems which use
f_fsid.  In particular, NFSv3 and sometimes NFSv4, and ZFS use this
method or reporting st_dev by stat(2).

Provide a new helper vn_fsid() to avoid duplicating code to copy
f_fsid to va_fsid.

Note that the change is mostly cosmetic.  Its motivation is to avoid
sign-extension of f_fsid[0] into 64bit dev_t value which happens after
dev_t becomes 64bit..

Reviewed by:        avg(zfs), rmacklem (nfs) (both for previous version)
Sponsored by:        The FreeBSD Foundation

HardenedBSD — usr.bin/netstat ipsec.c

Add descriptions for AES-GCM IPSec authentication (AH) counters.

MFC after:        1 week
Sponsored by:        Chelsio Communications
Delta File
+9 -0 usr.bin/netstat/ipsec.c
+9 -0 1 file

HardenedBSD — sys/vm swap_pager.c

In r118390, the swap pager's approach to striping swap allocation over
multiple devices was changed.  However, swapoff_one() was not fully and
correctly converted.  In particular, with r118390's introduction of a per-
device blist, the maximum swap block size, "dmmax", became irrelevant to
swapoff_one()'s operation.  Moreover, swapoff_one() was performing out-of-
range operations on the per-device blist that were silently ignored by
blist_fill().

This change corrects both of these problems with swapoff_one(), which will
allow us to potentially increase MAX_PAGEOUT_CLUSTER.  Previously,
swapoff_one() would panic inside of blist_fill() if you increased
MAX_PAGEOUT_CLUSTER.

Reviewed by:        kib, markj
MFC after:        3 days
Delta File
+6 -2 sys/vm/swap_pager.c
+6 -2 1 file

HardenedBSD — sys/boot/i386/pxeldr pxeboot.8

Catch with the change in the user class
Delta File
+1 -1 sys/boot/i386/pxeldr/pxeboot.8
+1 -1 1 file

HardenedBSD — lib/libstand bootp.c

Use the usual FreeBSD spelling for the DHCP user class

Reported by:        lidl
Delta File
+1 -1 lib/libstand/bootp.c
+1 -1 1 file

HardenedBSD — sys/boot/i386/pxeldr pxeboot.8

Capitalize DHCP

Reported by:        danfe
Delta File
+1 -1 sys/boot/i386/pxeldr/pxeboot.8
+1 -1 1 file

HardenedBSD — sys/boot/i386/pxeldr pxeboot.8

Document recent changes on pxeboot
Delta File
+30 -1 sys/boot/i386/pxeldr/pxeboot.8
+30 -1 1 file

HardenedBSD — sys/boot/common dev_net.c

Partially revert r314948

While it sounds like a good idea to extract the RFC1048 data from PXE, in the
end it is not and it is causing lots of issues.  Our pxeloader might need
options which are incompatible with other pxe servers (for example iPXE, but
not only).

Our pxe loaders are also now settings their own user class, so it is useful to
issue our own pxe request at startup

Reviewed by:        tsoome
Differential Revision:        https://reviews.freebsd.org/D10953
Delta File
+2 -21 sys/boot/common/dev_net.c
+2 -21 1 file

HardenedBSD — lib/libstand bootp.c bootp.h, sys/boot/common dev_net.c

Always issue the pxe request

All the code are now only issueing one single dhcp request at startup of the
loader meaning we can always request a the PXE informations from the
dhcp server.

Previous code lost that information, meaning no option 55 anymore (meaning not
working with the kea dhcp server) and no request for rootpath etc, no user class

Remove the flags from the bootp function which is not needed anymore

Reviewed by:        tsoome
Differential Revision:        https://reviews.freebsd.org/D10952

HardenedBSD — sys/boot/i386/loader Makefile

Always build tftpfs support along with nfs for pxeboot

This change was already done for loader.efi
Delta File
+4 -2 sys/boot/i386/loader/Makefile
+4 -2 1 file

HardenedBSD — sys/boot/common dev_net.c

Support URI scheme for root-path in netbooting

Rather that previous attempts to add tftpfs support at the same time as NFS
support. This time decide on a proper URI parser rather than hacks.

root-path can now be define the following way:
For tftpfs:

tftp://ip/path
tftp:/path (this one will consider the tftp server is the same as the one where
the pxeboot file was fetched from)

For nfs:
nfs:/path
nfs://ip/path

The historical
ip:/path
/path

are kept on NFS

Reviewed by:        tsoom, rgrimes
Differential Revision:        https://reviews.freebsd.org/D10947
Delta File
+52 -10 sys/boot/common/dev_net.c
+52 -10 1 file

HardenedBSD — lib/libstand bootp.c

add a comment on vendor index 19 and 20 to avoid confusion

Suggested by:        tsoome
Delta File
+2 -0 lib/libstand/bootp.c
+2 -0 1 file

HardenedBSD — usr.sbin/bsdinstall/scripts mirrorselect

HBSD: add our second mirror: allbsd.org @Japan

Thanks to Hiroki Sato!

MFC-to: 11-STABLE
MFC-to: 10-STABLE
Signed-off-by: Oliver Pinter <oliver.pinter at hardenedbsd.org>

HardenedBSD — sys/dev/sound/pcm feeder_mixer.c, sys/tools/sound snd_fxdiv_gen.awk

MFC r318820:
Increase the allowed maximum number of audio channels from 31 to 127
in the PCM feeder mixer. Without this change a value of 32 channels is
treated like zero, due to using a mask of 0x1f, causing a kernel
assert when trying to playback bitperfect 32-channel audio. Also
update the AWK script which is generating the division tables to
handle more than 18 channels. This commit complements r282650.

HardenedBSD — sys/arm/arm busdma_machdep-v6.c busdma_machdep.c, sys/x86/x86 busdma_bounce.c

MFC r318353:
Avoid use of contiguous memory allocations in busdma when possible.

This patch improves the boundary checks in busdma to allow more cases
using the regular page based kernel memory allocator. Especially in
the case of having a non-zero boundary in the parent DMA tag. For
example AMD64 based platforms set the PCI DMA tag boundary to
PCI_DMA_BOUNDARY, 4GB, which before this patch caused contiguous
memory allocations to be preferred when allocating more than PAGE_SIZE
bytes. Even if the required alignment was less than PAGE_SIZE bytes.

This patch also fixes the nsegments check for using kmem_alloc_attr()
when the maximum segment size is less than PAGE_SIZE bytes.

Updated some comments describing the code in question.

Differential Revision:        https://reviews.freebsd.org/D10645
Reviewed by:                kib, jhb, gallatin, scottl
Sponsored by:                Mellanox Technologies

HardenedBSD — sys/dev/uart uart_bus_pci.c

uart: add AMT SOL PCI ID

I adjusted the description to be similar to existing AMT entries.

PR:                219384
Submitted by:        "Tooker"
MFC after:        1 week
Delta File
+1 -0 sys/dev/uart/uart_bus_pci.c
+1 -0 1 file

HardenedBSD — contrib/ofed/libcxgb4/src qp.c

libcxgb4: Use memcpy instead of copying WRs 8B at a time in the userspace
RDMA library for cxgbe(4).

MFC after:        3 days
Sponsored by:        Chelsio Communications
Delta File
+33 -23 contrib/ofed/libcxgb4/src/qp.c
+33 -23 1 file

HardenedBSD — sys/sys elf64.h elf_common.h

MFC r312599 (cem): Add remaining ELF compression definitions and structs

PR:                219417
Delta File
+7 -0 sys/sys/elf64.h
+7 -0 sys/sys/elf_common.h
+6 -0 sys/sys/elf32.h
+20 -0 3 files

HardenedBSD — lib/libc/gen sem_timedwait.3, lib/libc/sys fsync.2

MFC r318794, r318795:
 Update the "first appeared in" version in several manual pages.

Sponsored by:        The FreeBSD Foundation

HardenedBSD — usr.bin/procstat procstat.c procstat.1

Add missing usage and getopt(3) options

- Add the missing option 'n' to the getopt(3) string
- Add the missing options 'libxo' and 'N' to the usage message
- Add the missing options 'M' and 'N' to the man-page

Submitted by:        Keegan Drake H.P. <kdrakehp at zoho.com>
MFC after:        1 week
Differential Revision:        https://reviews.freebsd.org/D10915

HardenedBSD — sys/dev/cxgbe/crypto t4_crypto.c

Fail large requests with EFBIG.

The adapter firmware in general does not accept PDUs larger than 64k - 1
bytes in size.  Sending crypto requests larger than this size result in
hangs or incorrect output, so reject them with EFBIG.  For requests
chaining an AES cipher with an HMAC, the firmware appears to require
slightly smaller requests (around 512 bytes).

Sponsored by:        Chelsio Communications
Delta File
+44 -1 sys/dev/cxgbe/crypto/t4_crypto.c
+44 -1 1 file

HardenedBSD — sys/net if_lagg.c

Improve applying unified capabilities to the lagg ports.

Some NICs have some capabilities dependent, so that disabling one require
disabling some other (TXCSUM/RXCSUM on em).  This code tries to reach the
consensus more insistently.

PR:                219453
MFC after:        1 week
Delta File
+24 -11 sys/net/if_lagg.c
+24 -11 1 file

HardenedBSD — etc/rc.d ipfw routing

MFC 317729:

        Silence sysctl in startup scripts.

        This makes 'stop' behave consistently with 'start' in the script.
        Also use $SYSCTL instead of sysctl for consistency within that script.
Delta File
+5 -5 etc/rc.d/ipfw
+1 -1 etc/rc.d/routing
+6 -6 2 files

HardenedBSD — release/tools ec2.conf

MFC r314935 (thompsa):
 Change ec2.conf to use the pkg tool from a chroot rather than trying
 to bootstrap it and fail from the livecd readonly filesystem.

Sponsored by:        The FreeBSD Foundation
Delta File
+2 -1 release/tools/ec2.conf
+2 -1 1 file

HardenedBSD — contrib/blacklist/bin blacklistd.c, contrib/blacklist/include blacklist.h bl.h

MFC r318755: Extend libblacklist support with new action types

The original blacklist library supported two notification types:
 - failed auth attempt, which incremented the failed login count
   by one for the remote address
 - successful auth attempt, which reset the failed login count
   to zero for that remote address

When the failed login count reached the limit in the configuration
file, the remote address would be blocked by a packet filter.

This patch implements a new notification type, "abusive behavior",
and accepts, but does not act on an additional type, "bad username".
It is envisioned that a system administrator will configure a small
list of "known bad usernames" that should be blocked immediately.

Sponsored by:        The FreeBSD Foundation

HardenedBSD — tools/build/mk OptionalObsoleteFiles.inc

MFC r318748:
 Honor WITHOUT_TFTP for check-old* and delete-old* targets.

PR:                217949
Sponsored by:        The FreeBSD Foundation

HardenedBSD — sys/dev/xen/netfront netfront.c

MFC r318523, r318631:

xen/netfront: don't drop the ring RX lock with inconsistent ring state
xen/netfront: don't drop the RX lock in xn_rxeof
Delta File
+37 -43 sys/dev/xen/netfront/netfront.c
+37 -43 1 file

HardenedBSD — sys/dev/xen/blkfront blkfront.c

MFC r318520:

xen/blkfront: correctly detach a disk with active users
Delta File
+7 -4 sys/dev/xen/blkfront/blkfront.c
+7 -4 1 file