svn commit: r316343 - in head/sys: boot/geli boot/i386/common boot/i386/gptboot boot/i386/libi386 boot/i386/loader boot/i386/zfsboot boot/zfs crypto geom/eli opencrypto sys

[Allan Jude]

Author: allanjude
Date: Sat Apr  1 05:05:22 2017
New Revision: 316343
URL: https://svnweb.freebsd.org/changeset/base/316343

Log:
  Implement boot-time encryption key passing (keybuf)
  
  This patch adds a general mechanism for providing encryption keys to the
  kernel from the boot loader. This is intended to enable GELI support at
  boot time, providing a better mechanism for passing keys to the kernel
  than environment variables. It is designed to be extensible to other
  applications, and can easily handle multiple encrypted volumes with
  different keys.
  
  This mechanism is currently used by the pending GELI EFI work.
  Additionally, this mechanism can potentially be used to interface with
  GRUB, opening up options for coreboot+GRUB configurations with completely
  encrypted disks.
  
  Another benefit over the existing system is that it does not require
  re-deriving the user key from the password at each boot stage.
  
  Most of this patch was written by Eric McCorkle. It was extended by
  Allan Jude with a number of minor enhancements and extending the keybuf
  feature into boot2.
  
  GELI user keys are now derived once, in boot2, then passed to the loader,
  which reuses the key, then passes it to the kernel, where the GELI module
  destroys the keybuf after decrypting the volumes.
  
  Submitted by: Eric McCorkle  (Original Version)
  Reviewed by:  oshogbo (earlier version), cem (earlier version)
  MFC after:3 weeks
  Relnotes: yes
  Sponsored by: ScaleEngine Inc.
  Differential Revision:https://reviews.freebsd.org/D9575

Added:
  head/sys/boot/geli/geliboot_internal.h   (contents, props changed)
  head/sys/crypto/intake.h   (contents, props changed)
Modified:
  head/sys/boot/geli/Makefile
  head/sys/boot/geli/geliboot.c
  head/sys/boot/geli/geliboot.h
  head/sys/boot/geli/geliboot_crypto.c
  head/sys/boot/i386/common/bootargs.h
  head/sys/boot/i386/gptboot/Makefile
  head/sys/boot/i386/gptboot/gptboot.c
  head/sys/boot/i386/libi386/biosdisk.c
  head/sys/boot/i386/libi386/bootinfo32.c
  head/sys/boot/i386/libi386/bootinfo64.c
  head/sys/boot/i386/loader/Makefile
  head/sys/boot/i386/loader/main.c
  head/sys/boot/i386/zfsboot/zfsboot.c
  head/sys/boot/zfs/libzfs.h
  head/sys/geom/eli/g_eli.c
  head/sys/geom/eli/g_eli.h
  head/sys/opencrypto/crypto.c
  head/sys/sys/linker.h

Modified: head/sys/boot/geli/Makefile
==
--- head/sys/boot/geli/Makefile Sat Apr  1 04:42:35 2017(r316342)
+++ head/sys/boot/geli/Makefile Sat Apr  1 05:05:22 2017(r316343)
@@ -39,6 +39,7 @@ SRCS+=md5c.c
 # AES implementation from sys/crypto
 .PATH: ${.CURDIR}/../../crypto/rijndael
 CFLAGS+=   -I${.CURDIR}/../../
+CFLAGS+=   -I${.CURDIR}/../common/
 # Remove asserts
 CFLAGS+=   -DNDEBUG
 SRCS+= rijndael-alg-fst.c rijndael-api-fst.c rijndael-api.c

Modified: head/sys/boot/geli/geliboot.c
==
--- head/sys/boot/geli/geliboot.c   Sat Apr  1 04:42:35 2017
(r316342)
+++ head/sys/boot/geli/geliboot.c   Sat Apr  1 05:05:22 2017
(r316343)
@@ -27,17 +27,75 @@
  * $FreeBSD$
  */
 
+#include "geliboot_internal.h"
 #include "geliboot.h"
 
 SLIST_HEAD(geli_list, geli_entry) geli_head = 
SLIST_HEAD_INITIALIZER(geli_head);
 struct geli_list *geli_headp;
 
+typedef u_char geli_ukey[G_ELI_USERKEYLEN];
+
+static geli_ukey saved_keys[GELI_MAX_KEYS];
+static unsigned int nsaved_keys = 0;
+
+/*
+ * Copy keys from local storage to the keybuf struct.
+ * Destroy the local storage when finished.
+ */
+void
+geli_fill_keybuf(struct keybuf *fkeybuf)
+{
+   unsigned int i;
+
+   for (i = 0; i < nsaved_keys; i++) {
+   fkeybuf->kb_ents[i].ke_type = KEYBUF_TYPE_GELI;
+   memcpy(fkeybuf->kb_ents[i].ke_data, saved_keys[i],
+   G_ELI_USERKEYLEN);
+   }
+   fkeybuf->kb_nents = nsaved_keys;
+   explicit_bzero(saved_keys, sizeof(saved_keys));
+}
+
+/*
+ * Copy keys from a keybuf struct into local storage.
+ * Zero out the keybuf.
+ */
+void
+geli_save_keybuf(struct keybuf *skeybuf)
+{
+   unsigned int i;
+
+   for (i = 0; i < skeybuf->kb_nents && i < GELI_MAX_KEYS; i++) {
+   memcpy(saved_keys[i], skeybuf->kb_ents[i].ke_data,
+   G_ELI_USERKEYLEN);
+   explicit_bzero(skeybuf->kb_ents[i].ke_data,
+   G_ELI_USERKEYLEN);
+   skeybuf->kb_ents[i].ke_type = KEYBUF_TYPE_NONE;
+   }
+   nsaved_keys = skeybuf->kb_nents;
+   skeybuf->kb_nents = 0;
+}
+
+static void
+save_key(geli_ukey key)
+{
+
+   /*
+* If we run out of key space, the worst that will happen is
+* it will ask the user for the password again.
+*/
+   if (nsaved_keys < GELI_MAX_KEYS) {
+   memcpy(saved_keys[nsaved_keys], key, G_ELI_USERKEYLEN);
+   

svn commit: r316342 - in head: etc/defaults etc/periodic/daily share/man/man5 usr.sbin/periodic

[Alan Somers]

Author: asomers
Date: Sat Apr  1 04:42:35 2017
New Revision: 316342
URL: https://svnweb.freebsd.org/changeset/base/316342

Log:
  Consolidate random sleeps in periodic scripts
  
  Multiple periodic scripts sleep for a random amount of time in order to
  mitigate the thundering herd problem. This is bad, because the sum of
  multiple uniformly distributed random variables approaches a normal
  distribution, so the problem isn't mitigated as effectively as it would be
  with a single sleep.
  
  This change creates a single configurable anticongestion sleep. periodic
  will only sleep if at least one script requires it, and it will never sleep
  more than once per invocation. It also won't sleep if periodic was run
  interactively, fixing an unrelated longstanding bug.
  
  PR:   217055
  PR:   210188
  Reviewed by:  cy
  MFC after:3 weeks
  Differential Revision:https://reviews.freebsd.org/D10211

Modified:
  head/etc/defaults/periodic.conf
  head/etc/periodic/daily/480.leapfile-ntpd
  head/share/man/man5/periodic.conf.5
  head/usr.sbin/periodic/periodic.sh

Modified: head/etc/defaults/periodic.conf
==
--- head/etc/defaults/periodic.conf Sat Apr  1 01:00:36 2017
(r316341)
+++ head/etc/defaults/periodic.conf Sat Apr  1 04:42:35 2017
(r316342)
@@ -22,6 +22,8 @@ periodic_conf_files="/etc/periodic.conf 
 # periodic script dirs
 local_periodic="/usr/local/etc/periodic"
 
+# Max time to sleep to avoid causing congestion on download servers
+anticongestion_sleeptime=3600
 
 # Daily options
 
@@ -136,8 +138,6 @@ daily_status_mail_rejects_shorten="NO"  
 
 # 480.leapfile-ntpd
 daily_ntpd_leapfile_enable="YES"   # Fetch NTP leapfile
-daily_ntpd_avoid_congestion="YES"  # Avoid congesting
-   # leapfile sources
 
 # 480.status-ntpd
 daily_status_ntpd_enable="NO"  # Check NTP status
@@ -307,6 +307,18 @@ security_status_tcpwrap_period="daily"
 if [ -z "${source_periodic_confs_defined}" ]; then
 source_periodic_confs_defined=yes
 
+   # Sleep for a random amount of time in order to mitigate the thundering
+   # herd problem of multiple hosts running periodic simultaneously.
+   # Will not sleep when used interactively.
+   # Will sleep at most once per invocation of periodic
+   anticongestion() {
+   [ -n "$PERIODIC_IS_INTERACTIVE" ] && return
+   if [ -f "$PERIODIC_ANTICONGESTION_FILE" ]; then
+   rm -f $PERIODIC_ANTICONGESTION_FILE
+   sleep `jot -r 1 0 ${anticongestion_sleeptime}`
+   fi
+   }
+
# Compatibility with old daily variable names.
# They can be removed in stable/11.
security_daily_compat_var() {

Modified: head/etc/periodic/daily/480.leapfile-ntpd
==
--- head/etc/periodic/daily/480.leapfile-ntpd   Sat Apr  1 01:00:36 2017
(r316341)
+++ head/etc/periodic/daily/480.leapfile-ntpd   Sat Apr  1 04:42:35 2017
(r316342)
@@ -13,16 +13,9 @@ fi
 
 case "$daily_ntpd_leapfile_enable" in
 [Yy][Ee][Ss])
-   case "$daily_ntpd_avoid_congestion" in
-   [Yy][Ee][Ss])
-   # Avoid dogpiling
-   (sleep $(jot -r 1 0 3600); service ntpd onefetch) &
-   ;;
-   *)
-   service ntpd onefetch
-   ;;
-   esac
-   ;;
+anticongestion
+service ntpd onefetch
+;;
 esac
 
 exit $rc

Modified: head/share/man/man5/periodic.conf.5
==
--- head/share/man/man5/periodic.conf.5 Sat Apr  1 01:00:36 2017
(r316341)
+++ head/share/man/man5/periodic.conf.5 Sat Apr  1 04:42:35 2017
(r316342)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 26, 2015
+.Dd March 31, 2015
 .Dt PERIODIC.CONF 5
 .Os
 .Sh NAME
@@ -133,6 +133,10 @@ respectively.
 Refer to the
 .Xr periodic 8
 manual page for how script return codes are interpreted.
+.It Va anticongestion_sleeptime
+.Pq Vt int
+The maximum number of seconds to randomly sleep in order to smooth bursty loads
+on a shared resource, such as a download mirror.
 .El
 .Pp
 The following variables are used by the standard scripts that reside in

Modified: head/usr.sbin/periodic/periodic.sh
==
--- head/usr.sbin/periodic/periodic.sh  Sat Apr  1 01:00:36 2017
(r316341)
+++ head/usr.sbin/periodic/periodic.sh  Sat Apr  1 04:42:35 2017
(r316342)
@@ -76,6 +76,12 @@ fi
 shift
 arg=$1
 
+if [ -z "$PERIODIC_ANTICONGESTION_FILE" ] ; then
+   export PERIODIC_ANTICONGESTION_FILE=`mktemp 
${TMPDIR:-/tmp}/periodic.anticongestion.XX`
+fi
+if tty > /dev/null 2>&1; then
+   

svn commit: r316341 - in head/sys: conf fs/ext2fs modules/ext2fs

[Pedro F. Giffuni]

Author: pfg
Date: Sat Apr  1 01:00:36 2017
New Revision: 316341
URL: https://svnweb.freebsd.org/changeset/base/316341

Log:
  ext2fs: Initial support for Extended Attributes.
  
  Currently read-only.
  
  Submitted by: Fedor Uporov
  MFC after:3 weeks
  Differential Revision:https://reviews.freebsd.org/D10151

Added:
  head/sys/fs/ext2fs/ext2_extattr.c   (contents, props changed)
  head/sys/fs/ext2fs/ext2_extattr.h   (contents, props changed)
Modified:
  head/sys/conf/files
  head/sys/fs/ext2fs/ext2_inode_cnv.c
  head/sys/fs/ext2fs/ext2_vnops.c
  head/sys/fs/ext2fs/ext2fs.h
  head/sys/fs/ext2fs/inode.h
  head/sys/modules/ext2fs/Makefile

Modified: head/sys/conf/files
==
--- head/sys/conf/files Fri Mar 31 22:05:10 2017(r316340)
+++ head/sys/conf/files Sat Apr  1 01:00:36 2017(r316341)
@@ -3533,6 +3533,7 @@ geom/zero/g_zero.coptional geom_zero
 fs/ext2fs/ext2_alloc.c optional ext2fs
 fs/ext2fs/ext2_balloc.coptional ext2fs
 fs/ext2fs/ext2_bmap.c  optional ext2fs
+fs/ext2fs/ext2_extattr.c   optional ext2fs
 fs/ext2fs/ext2_extents.c   optional ext2fs
 fs/ext2fs/ext2_inode.c optional ext2fs
 fs/ext2fs/ext2_inode_cnv.c optional ext2fs

Added: head/sys/fs/ext2fs/ext2_extattr.c
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/sys/fs/ext2fs/ext2_extattr.c   Sat Apr  1 01:00:36 2017
(r316341)
@@ -0,0 +1,330 @@
+/*-
+ * Copyright (c) 2017, Fedor Uporov
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+
+static int
+ext2_extattr_index_to_bsd(int index)
+{
+   switch (index) {
+   case EXT4_XATTR_INDEX_USER:
+   return EXTATTR_NAMESPACE_USER;
+
+   case EXT4_XATTR_INDEX_SYSTEM:
+   return EXTATTR_NAMESPACE_SYSTEM;
+
+   default:
+   return EXTATTR_NAMESPACE_EMPTY;
+   }
+}
+
+int
+ext2_extattr_inode_list(struct inode *ip, int attrnamespace,
+struct uio *uio, size_t *size)
+{
+   struct m_ext2fs *fs;
+   struct buf *bp;
+   struct ext2fs_extattr_dinode_header *header;
+   struct ext2fs_extattr_entry *entry;
+   struct ext2fs_extattr_entry *next;
+   char *end;
+   int error;
+
+   fs = ip->i_e2fs;
+
+   if ((error = bread(ip->i_devvp,
+   fsbtodb(fs, ino_to_fsba(fs, ip->i_number)),
+   (int)fs->e2fs_bsize, NOCRED, )) != 0) {
+   brelse(bp);
+   return (error);
+   }
+
+   struct ext2fs_dinode *dinode = (struct ext2fs_dinode *)
+   ((char *)bp->b_data +
+   EXT2_INODE_SIZE(fs) * ino_to_fsbo(fs, ip->i_number));
+
+   /* Check attributes magic value */
+   header = (struct ext2fs_extattr_dinode_header *)((char *)dinode +
+   E2FS_REV0_INODE_SIZE + dinode->e2di_extra_isize);
+
+   if (header->h_magic != EXTATTR_MAGIC) {
+   brelse(bp);
+   return (0);
+   }
+
+   /* Check attributes integrity */
+   entry = EXT2_IFIRST(header);
+   end = (char *)dinode + EXT2_INODE_SIZE(fs);
+   while (!EXT2_IS_LAST_ENTRY(entry)) {
+   next = EXT2_EXTATTR_NEXT(entry);
+   if ((char *)next >= end) {
+   brelse(bp);
+   return (EIO);
+   }
+
+   

svn commit: r316340 - head/sbin/ifconfig

[Adrian Chadd]

Author: adrian
Date: Fri Mar 31 22:05:10 2017
New Revision: 316340
URL: https://svnweb.freebsd.org/changeset/base/316340

Log:
  [ifconfig] add some comments around missing net80211 VHT configuration.
  
  VHT STBC, A-MPDU density and A-MPDU size configuration parameters are
  different when doing VHT.

Modified:
  head/sbin/ifconfig/ifieee80211.c

Modified: head/sbin/ifconfig/ifieee80211.c
==
--- head/sbin/ifconfig/ifieee80211.cFri Mar 31 21:29:43 2017
(r316339)
+++ head/sbin/ifconfig/ifieee80211.cFri Mar 31 22:05:10 2017
(r316340)
@@ -1758,6 +1758,7 @@ set80211shortgi(const char *val, int d, 
0, NULL);
 }
 
+/* XXX 11ac density/size is different */
 static void
 set80211ampdu(const char *val, int d, int s, const struct afswtch *rafp)
 {
@@ -1831,6 +1832,7 @@ DECL_CMD_FUNC(set80211ampdulimit, val, d
set80211(s, IEEE80211_IOC_AMPDU_LIMIT, v, 0, NULL);
 }
 
+/* XXX 11ac density/size is different */
 static
 DECL_CMD_FUNC(set80211ampdudensity, val, d)
 {
@@ -4957,6 +4959,7 @@ end:
break;
}
}
+   /* XXX 11ac density/size is different */
if (get80211val(s, IEEE80211_IOC_AMPDU_LIMIT, ) != -1) {
switch (val) {
case IEEE80211_HTCAP_MAXRXAMPDU_8K:
@@ -4973,6 +4976,7 @@ end:
break;
}
}
+   /* XXX 11ac density/size is different */
if (get80211val(s, IEEE80211_IOC_AMPDU_DENSITY, ) != -1) {
switch (val) {
case IEEE80211_HTCAP_MPDUDENSITY_NA:
@@ -5054,6 +5058,8 @@ end:
else if (verbose)
LINE_CHECK("-rifs");
}
+
+   /* XXX VHT STBC? */
if (get80211val(s, IEEE80211_IOC_STBC, ) != -1) {
switch (val) {
case 0:
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316339 - head/contrib/less

[Robert Watson]

Author: rwatson
Date: Fri Mar 31 21:29:43 2017
New Revision: 316339
URL: https://svnweb.freebsd.org/changeset/base/316339

Log:
  Currently, less(1) uses K prototypes, which both fails to provide useful
  compiler-time type checking, and also causes problems for targets where
  multiple incompatible calling conventions may be selected based on argument
  types.  This change switches less(1) to ANSI prototypes.
  
  While there, we also remove use of "register", and attempt to use "const" a
  bit better now that the compiler can check argument types.
  
  Reviewed by:  cem, emaste
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL
  Differential Revision:https://reviews.freebsd.org/D10152

Modified:
  head/contrib/less/brac.c
  head/contrib/less/ch.c
  head/contrib/less/charset.c
  head/contrib/less/cmdbuf.c
  head/contrib/less/command.c
  head/contrib/less/cvt.c
  head/contrib/less/decode.c
  head/contrib/less/edit.c
  head/contrib/less/filename.c
  head/contrib/less/forwback.c
  head/contrib/less/funcs.h
  head/contrib/less/ifile.c
  head/contrib/less/input.c
  head/contrib/less/jump.c
  head/contrib/less/less.h
  head/contrib/less/lessecho.c
  head/contrib/less/lesskey.c
  head/contrib/less/line.c
  head/contrib/less/linenum.c
  head/contrib/less/lsystem.c
  head/contrib/less/main.c
  head/contrib/less/mark.c
  head/contrib/less/mkhelp.c
  head/contrib/less/optfunc.c
  head/contrib/less/option.c
  head/contrib/less/opttbl.c
  head/contrib/less/os.c
  head/contrib/less/output.c
  head/contrib/less/pattern.c
  head/contrib/less/position.c
  head/contrib/less/prompt.c
  head/contrib/less/regexp.c
  head/contrib/less/screen.c
  head/contrib/less/scrsize.c
  head/contrib/less/search.c
  head/contrib/less/signal.c
  head/contrib/less/tags.c
  head/contrib/less/ttyin.c

Modified: head/contrib/less/brac.c
==
--- head/contrib/less/brac.cFri Mar 31 20:17:30 2017(r316338)
+++ head/contrib/less/brac.cFri Mar 31 21:29:43 2017(r316339)
@@ -24,18 +24,14 @@
  * "close bracket" are given.
  */
public void
-match_brac(obrac, cbrac, forwdir, n)
-   register int obrac;
-   register int cbrac;
-   int forwdir;
-   int n;
+match_brac(int obrac, int cbrac, int forwdir, int n)
 {
-   register int c;
-   register int nest;
+   int c;
+   int nest;
POSITION pos;
-   int (*chget)();
+   int (*chget)(void);
 
-   extern int ch_forw_get(), ch_back_get();
+   extern int ch_forw_get(void), ch_back_get(void);
 
/*
 * Seek to the line containing the open bracket.

Modified: head/contrib/less/ch.c
==
--- head/contrib/less/ch.c  Fri Mar 31 20:17:30 2017(r316338)
+++ head/contrib/less/ch.c  Fri Mar 31 21:29:43 2017(r316339)
@@ -144,13 +144,13 @@ static int ch_addbuf();
  * Get the character pointed to by the read pointer.
  */
int
-ch_get()
+ch_get(void)
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
-   register int n;
-   register int slept;
-   register int h;
+   struct buf *bp;
+   struct bufnode *bn;
+   int n;
+   int slept;
+   int h;
POSITION pos;
POSITION len;
 
@@ -378,8 +378,7 @@ ch_get()
  * a single char onto an input file descriptor.
  */
public void
-ch_ungetchar(c)
-   int c;
+ch_ungetchar(int c)
 {
if (c != -1 && ch_ungotchar != -1)
error("ch_ungetchar overrun", NULL_PARG);
@@ -392,7 +391,7 @@ ch_ungetchar(c)
  * If we haven't read all of standard input into it, do that now.
  */
public void
-end_logfile()
+end_logfile(void)
 {
static int tried = FALSE;
 
@@ -417,10 +416,10 @@ end_logfile()
  * Write all the existing buffered data to the log file.
  */
public void
-sync_logfile()
+sync_logfile(void)
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
+   struct buf *bp;
+   struct bufnode *bn;
int warned = FALSE;
BLOCKNUM block;
BLOCKNUM nblocks;
@@ -454,12 +453,11 @@ sync_logfile()
  * Determine if a specific block is currently in one of the buffers.
  */
static int
-buffered(block)
-   BLOCKNUM block;
+buffered(BLOCKNUM block)
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
-   register int h;
+   struct buf *bp;
+   struct bufnode *bn;
+   int h;
 
h = BUFHASH(block);
FOR_BUFS_IN_CHAIN(h, bn)
@@ -476,8 +474,7 @@ buffered(block)
  * Return 0 if successful, non-zero if can't seek there.
  */
public int
-ch_seek(pos)
-   register POSITION pos;
+ch_seek(POSITION pos)
 {
BLOCKNUM new_block;
POSITION len;
@@ -515,7 +512,7 @@ ch_seek(pos)
  * Seek to the end of the file.
  */
public int
-ch_end_seek()
+ch_end_seek(void)
 {
POSITION len;
 

svn commit: r316338 - in stable/10: contrib/libarchive contrib/libarchive/cpio contrib/libarchive/libarchive contrib/libarchive/libarchive/test contrib/libarchive/tar contrib/libarchive/tar/test co...

[Martin Matuska]

Author: mm
Date: Fri Mar 31 20:17:30 2017
New Revision: 316338
URL: https://svnweb.freebsd.org/changeset/base/316338

Log:
  MFC r315636,315876,316095:
  Sync libarchive with vendor
  
  Vendor changes/bugfixes (FreeBSD-related):
  r315636:
PR 867 (bsdcpio): show numeric uid/gid when names are not found
PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers
PR 880 (pax): Fix handling of "size" pax header keyword
PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream
OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser
Break ACL read/write code into platform-specific source files
  
  r315876:
Store extended attributes with extattr_set_link() if no fd is provided
Add extended attribute tests to libarchive and bsdtar
Fix tar's test_option_acls
Support the UF_HIDDEN file flag
  
  r316095:
Constify variables in several places
Unify platform ACL code in a single source file
Fix unused variable if compiling on FreeBSD without NFSv4 ACL support

Added:
  stable/10/contrib/libarchive/libarchive/archive_disk_acl_freebsd.c
 - copied unchanged from r316095, 
head/contrib/libarchive/libarchive/archive_disk_acl_freebsd.c
  stable/10/contrib/libarchive/libarchive/archive_platform_acl.h
 - copied unchanged from r315636, 
head/contrib/libarchive/libarchive/archive_platform_acl.h
  stable/10/contrib/libarchive/libarchive/archive_platform_xattr.h
 - copied unchanged from r315876, 
head/contrib/libarchive/libarchive/archive_platform_xattr.h
  stable/10/contrib/libarchive/libarchive/archive_version_details.c
 - copied unchanged from r315636, 
head/contrib/libarchive/libarchive/archive_version_details.c
  stable/10/contrib/libarchive/libarchive/test/test_xattr_platform.c
 - copied unchanged from r315876, 
head/contrib/libarchive/libarchive/test/test_xattr_platform.c
  stable/10/contrib/libarchive/tar/test/test_option_xattrs.c
 - copied unchanged from r315876, 
head/contrib/libarchive/tar/test/test_option_xattrs.c
Deleted:
  stable/10/contrib/libarchive/libarchive/archive_write_disk_acl.c
Modified:
  stable/10/contrib/libarchive/FREEBSD-Xlist
  stable/10/contrib/libarchive/NEWS
  stable/10/contrib/libarchive/cpio/cpio.c
  stable/10/contrib/libarchive/libarchive/archive_entry.3
  stable/10/contrib/libarchive/libarchive/archive_entry.c
  stable/10/contrib/libarchive/libarchive/archive_entry_acl.3
  stable/10/contrib/libarchive/libarchive/archive_getdate.c
  stable/10/contrib/libarchive/libarchive/archive_pack_dev.c
  stable/10/contrib/libarchive/libarchive/archive_platform.h
  stable/10/contrib/libarchive/libarchive/archive_random.c
  stable/10/contrib/libarchive/libarchive/archive_read_disk_entry_from_file.c
  stable/10/contrib/libarchive/libarchive/archive_read_disk_private.h
  stable/10/contrib/libarchive/libarchive/archive_read_open.3
  stable/10/contrib/libarchive/libarchive/archive_read_support_format_cab.c
  stable/10/contrib/libarchive/libarchive/archive_read_support_format_lha.c
  stable/10/contrib/libarchive/libarchive/archive_read_support_format_mtree.c
  stable/10/contrib/libarchive/libarchive/archive_read_support_format_tar.c
  stable/10/contrib/libarchive/libarchive/archive_read_support_format_zip.c
  stable/10/contrib/libarchive/libarchive/archive_string_sprintf.c
  stable/10/contrib/libarchive/libarchive/archive_util.c
  stable/10/contrib/libarchive/libarchive/archive_write_add_filter.c
  stable/10/contrib/libarchive/libarchive/archive_write_add_filter_by_name.c
  stable/10/contrib/libarchive/libarchive/archive_write_add_filter_lz4.c
  stable/10/contrib/libarchive/libarchive/archive_write_add_filter_program.c
  stable/10/contrib/libarchive/libarchive/archive_write_disk_posix.c
  stable/10/contrib/libarchive/libarchive/archive_write_disk_private.h
  stable/10/contrib/libarchive/libarchive/archive_write_set_format.c
  stable/10/contrib/libarchive/libarchive/archive_write_set_format_by_name.c
  
stable/10/contrib/libarchive/libarchive/archive_write_set_format_filter_by_ext.c
  stable/10/contrib/libarchive/libarchive/archive_write_set_format_warc.c
  stable/10/contrib/libarchive/libarchive/test/test_acl_platform_nfs4.c
  stable/10/contrib/libarchive/libarchive/test/test_acl_platform_posix1e.c
  stable/10/contrib/libarchive/tar/bsdtar.1
  stable/10/contrib/libarchive/tar/test/test_option_acls.c
  stable/10/contrib/libarchive/test_utils/test_common.h
  stable/10/contrib/libarchive/test_utils/test_main.c
  stable/10/lib/libarchive/Makefile
  stable/10/lib/libarchive/config_freebsd.h
  stable/10/lib/libarchive/tests/Makefile
  stable/10/usr.bin/bsdcat/tests/Makefile
  stable/10/usr.bin/cpio/tests/Makefile
  stable/10/usr.bin/tar/tests/Makefile
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/contrib/libarchive/FREEBSD-Xlist
==
--- stable/10/contrib/libarchive/FREEBSD-Xlist  Fri Mar 31 20:16:24 2017

svn commit: r316337 - in stable/11: contrib/libarchive contrib/libarchive/cpio contrib/libarchive/libarchive contrib/libarchive/libarchive/test contrib/libarchive/tar contrib/libarchive/tar/test co...

[Martin Matuska]

Author: mm
Date: Fri Mar 31 20:16:24 2017
New Revision: 316337
URL: https://svnweb.freebsd.org/changeset/base/316337

Log:
  MFC r315636,315876,316095:
  Sync libarchive with vendor
  
  Vendor changes/bugfixes (FreeBSD-related):
  r315636:
PR 867 (bsdcpio): show numeric uid/gid when names are not found
PR 870 (seekable zip): accept files with valid ZIP64 EOCD headers
PR 880 (pax): Fix handling of "size" pax header keyword
PR 887 (crypto): Discard 3072 bytes instead of 1024 of first keystream
OSS-Fuzz issue 806 (mtree): rework mtree_atol10 integer parser
Break ACL read/write code into platform-specific source files
  
  r315876:
Store extended attributes with extattr_set_link() if no fd is provided
Add extended attribute tests to libarchive and bsdtar
Fix tar's test_option_acls
Support the UF_HIDDEN file flag
  
  r316095:
Constify variables in several places
Unify platform ACL code in a single source file
Fix unused variable if compiling on FreeBSD without NFSv4 ACL support

Added:
  stable/11/contrib/libarchive/libarchive/archive_disk_acl_freebsd.c
 - copied unchanged from r316095, 
head/contrib/libarchive/libarchive/archive_disk_acl_freebsd.c
  stable/11/contrib/libarchive/libarchive/archive_platform_acl.h
 - copied unchanged from r315636, 
head/contrib/libarchive/libarchive/archive_platform_acl.h
  stable/11/contrib/libarchive/libarchive/archive_platform_xattr.h
 - copied unchanged from r315876, 
head/contrib/libarchive/libarchive/archive_platform_xattr.h
  stable/11/contrib/libarchive/libarchive/archive_version_details.c
 - copied unchanged from r315636, 
head/contrib/libarchive/libarchive/archive_version_details.c
  stable/11/contrib/libarchive/libarchive/test/test_xattr_platform.c
 - copied unchanged from r315876, 
head/contrib/libarchive/libarchive/test/test_xattr_platform.c
  stable/11/contrib/libarchive/tar/test/test_option_xattrs.c
 - copied unchanged from r315876, 
head/contrib/libarchive/tar/test/test_option_xattrs.c
Deleted:
  stable/11/contrib/libarchive/libarchive/archive_write_disk_acl.c
Modified:
  stable/11/contrib/libarchive/FREEBSD-Xlist
  stable/11/contrib/libarchive/NEWS
  stable/11/contrib/libarchive/cpio/cpio.c
  stable/11/contrib/libarchive/libarchive/archive_entry.3
  stable/11/contrib/libarchive/libarchive/archive_entry.c
  stable/11/contrib/libarchive/libarchive/archive_entry_acl.3
  stable/11/contrib/libarchive/libarchive/archive_getdate.c
  stable/11/contrib/libarchive/libarchive/archive_pack_dev.c
  stable/11/contrib/libarchive/libarchive/archive_platform.h
  stable/11/contrib/libarchive/libarchive/archive_random.c
  stable/11/contrib/libarchive/libarchive/archive_read_disk_entry_from_file.c
  stable/11/contrib/libarchive/libarchive/archive_read_disk_private.h
  stable/11/contrib/libarchive/libarchive/archive_read_open.3
  stable/11/contrib/libarchive/libarchive/archive_read_support_format_cab.c
  stable/11/contrib/libarchive/libarchive/archive_read_support_format_lha.c
  stable/11/contrib/libarchive/libarchive/archive_read_support_format_mtree.c
  stable/11/contrib/libarchive/libarchive/archive_read_support_format_tar.c
  stable/11/contrib/libarchive/libarchive/archive_read_support_format_zip.c
  stable/11/contrib/libarchive/libarchive/archive_string_sprintf.c
  stable/11/contrib/libarchive/libarchive/archive_util.c
  stable/11/contrib/libarchive/libarchive/archive_write_add_filter.c
  stable/11/contrib/libarchive/libarchive/archive_write_add_filter_by_name.c
  stable/11/contrib/libarchive/libarchive/archive_write_add_filter_lz4.c
  stable/11/contrib/libarchive/libarchive/archive_write_add_filter_program.c
  stable/11/contrib/libarchive/libarchive/archive_write_disk_posix.c
  stable/11/contrib/libarchive/libarchive/archive_write_disk_private.h
  stable/11/contrib/libarchive/libarchive/archive_write_set_format.c
  stable/11/contrib/libarchive/libarchive/archive_write_set_format_by_name.c
  
stable/11/contrib/libarchive/libarchive/archive_write_set_format_filter_by_ext.c
  stable/11/contrib/libarchive/libarchive/archive_write_set_format_warc.c
  stable/11/contrib/libarchive/libarchive/test/test_acl_platform_nfs4.c
  stable/11/contrib/libarchive/libarchive/test/test_acl_platform_posix1e.c
  stable/11/contrib/libarchive/tar/bsdtar.1
  stable/11/contrib/libarchive/tar/test/test_option_acls.c
  stable/11/contrib/libarchive/test_utils/test_common.h
  stable/11/contrib/libarchive/test_utils/test_main.c
  stable/11/lib/libarchive/Makefile
  stable/11/lib/libarchive/config_freebsd.h
  stable/11/lib/libarchive/tests/Makefile
  stable/11/usr.bin/bsdcat/tests/Makefile
  stable/11/usr.bin/cpio/tests/Makefile
  stable/11/usr.bin/tar/tests/Makefile
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/contrib/libarchive/FREEBSD-Xlist
==
--- stable/11/contrib/libarchive/FREEBSD-Xlist  Fri Mar 31 18:04:34 2017

Re: svn commit: r316311 - in head: lib/libstand sys/boot/geli sys/boot/i386/gptboot sys/boot/i386/loader sys/boot/i386/zfsboot

[Brooks Davis]

On Fri, Mar 31, 2017 at 11:29:20AM -0700, John Baldwin wrote:
> On Friday, March 31, 2017 09:04:51 AM Peter Grehan wrote:
> > > So... can anyone provide a clue what's "explicit" (or different in any
> > > way) between explicit_bzero() and normal bzero()?
> > 
> >  
> > https://www.freebsd.org/cgi/man.cgi?query=explicit_bzero=3=FreeBSD+12-current
> 
> It should be called 'bzero_now_I_mean_it()'
> 
> (but then we would need some other function called anybody_want_a_peanut())

It's sole purpose is to prevent the compiler from observing a pattern
like:

char a_secret_key[len];
...
bzero(a_secret_key, len);
return;

or

char *a_secret_key = malloc(len);
...
bzero(a_secret_key, len);
free(a_secret_key);

And optimizing away bzero() because it knows what bzero() does and that
nothing will ever access it as far as the C language is concerned..

The moment you enable LTO all bets are off because it can pattern match
the code for explicit_bzero(), realize that it is that same as bzero()
and combine them.  Declaring a_secret_key volatile likely makes things
work, but the C language is deficient in not providing a way to express
something like explicit_bzero() sanely and reliable.

-- Brooks


signature.asc
Description: PGP signature

Re: svn commit: r316311 - in head: lib/libstand sys/boot/geli sys/boot/i386/gptboot sys/boot/i386/loader sys/boot/i386/zfsboot

[John Baldwin]

On Friday, March 31, 2017 09:04:51 AM Peter Grehan wrote:
> > So... can anyone provide a clue what's "explicit" (or different in any
> > way) between explicit_bzero() and normal bzero()?
> 
>  
> https://www.freebsd.org/cgi/man.cgi?query=explicit_bzero=3=FreeBSD+12-current

It should be called 'bzero_now_I_mean_it()'

(but then we would need some other function called anybody_want_a_peanut())

-- 
John Baldwin
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316336 - head/sys/dev/vnic

[Zbigniew Bodek]

Author: zbb
Date: Fri Mar 31 18:04:34 2017
New Revision: 316336
URL: https://svnweb.freebsd.org/changeset/base/316336

Log:
  Rework BGX detection to support both new and old firmware
  
  Improve existing BGX detection and adjust it to support both
  new and older ThunderX firmwares. Match BGX FDT nodes by name
  and reg. Match PHY instances by qlm-mode and name.
  Tested on Firmware Version: 2016-09-30 09:12:11
  
  Obtained from:Semihalf
  Differential Revision:https://reviews.freebsd.org/D9863

Modified:
  head/sys/dev/vnic/thunder_bgx_fdt.c

Modified: head/sys/dev/vnic/thunder_bgx_fdt.c
==
--- head/sys/dev/vnic/thunder_bgx_fdt.c Fri Mar 31 15:46:47 2017
(r316335)
+++ head/sys/dev/vnic/thunder_bgx_fdt.c Fri Mar 31 18:04:34 2017
(r316336)
@@ -64,6 +64,8 @@ __FBSDID("$FreeBSD$");
 
 #defineBGX_NODE_NAME   "bgx"
 #defineBGX_MAXID   9
+/* BGX func. 0, i.e.: reg = <0x8000 0 0 0 0>; DEVFN = 0x80 */
+#defineBGX_DEVFN_0 0x80
 
 #defineFDT_NAME_MAXLEN 31
 
@@ -82,57 +84,136 @@ bgx_fdt_get_macaddr(phandle_t phy, uint8
 }
 
 static boolean_t
-bgx_fdt_phy_mode_match(struct bgx *bgx, char *qlm_mode, size_t size)
+bgx_fdt_phy_mode_match(struct bgx *bgx, char *qlm_mode, ssize_t size)
 {
-
-   size -= CONN_TYPE_OFFSET;
+   const char *type;
+   ssize_t sz;
+   ssize_t offset;
 
switch (bgx->qlm_mode) {
case QLM_MODE_SGMII:
-   if (strncmp(_mode[CONN_TYPE_OFFSET], "sgmii", size) == 0)
-   return (TRUE);
+   type = "sgmii";
+   sz = sizeof("sgmii") - 1;
+   offset = size - sz;
break;
case QLM_MODE_XAUI_1X4:
-   if (strncmp(_mode[CONN_TYPE_OFFSET], "xaui", size) == 0)
-   return (TRUE);
-   if (strncmp(_mode[CONN_TYPE_OFFSET], "dxaui", size) == 0)
+   type = "xaui";
+   sz = sizeof("xaui") - 1;
+   offset = size - sz;
+   if (offset < 0)
+   return (FALSE);
+   if (strncmp(_mode[offset], type, sz) == 0)
return (TRUE);
+   type = "dxaui";
+   sz = sizeof("dxaui") - 1;
+   offset = size - sz;
break;
case QLM_MODE_RXAUI_2X2:
-   if (strncmp(_mode[CONN_TYPE_OFFSET], "raui", size) == 0)
-   return (TRUE);
+   type = "raui";
+   sz = sizeof("raui") - 1;
+   offset = size - sz;
break;
case QLM_MODE_XFI_4X1:
-   if (strncmp(_mode[CONN_TYPE_OFFSET], "xfi", size) == 0)
-   return (TRUE);
+   type = "xfi";
+   sz = sizeof("xfi") - 1;
+   offset = size - sz;
break;
case QLM_MODE_XLAUI_1X4:
-   if (strncmp(_mode[CONN_TYPE_OFFSET], "xlaui", size) == 0)
-   return (TRUE);
+   type = "xlaui";
+   sz = sizeof("xlaui") - 1;
+   offset = size - sz;
break;
case QLM_MODE_10G_KR_4X1:
-   if (strncmp(_mode[CONN_TYPE_OFFSET], "xfi-10g-kr", size) == 
0)
-   return (TRUE);
+   type = "xfi-10g-kr";
+   sz = sizeof("xfi-10g-kr") - 1;
+   offset = size - sz;
break;
case QLM_MODE_40G_KR4_1X4:
-   if (strncmp(_mode[CONN_TYPE_OFFSET], "xlaui-40g-kr", size) 
== 0)
+   type = "xlaui-40g-kr";
+   sz = sizeof("xlaui-40g-kr") - 1;
+   offset = size - sz;
+   break;
+   default:
+   return (FALSE);
+   }
+
+   if (offset < 0)
+   return (FALSE);
+
+   if (strncmp(_mode[offset], type, sz) == 0)
+   return (TRUE);
+
+   return (FALSE);
+}
+
+static boolean_t
+bgx_fdt_phy_name_match(struct bgx *bgx, char *phy_name, ssize_t size)
+{
+   const char *type;
+   ssize_t sz;
+
+   switch (bgx->qlm_mode) {
+   case QLM_MODE_SGMII:
+   type = "sgmii";
+   sz = sizeof("sgmii") - 1;
+   break;
+   case QLM_MODE_XAUI_1X4:
+   type = "xaui";
+   sz = sizeof("xaui") - 1;
+   if (sz < size)
+   return (FALSE);
+   if (strncmp(phy_name, type, sz) == 0)
return (TRUE);
+   type = "dxaui";
+   sz = sizeof("dxaui") - 1;
+   break;
+   case QLM_MODE_RXAUI_2X2:
+   type = "raui";
+   sz = sizeof("raui") - 1;
+   break;
+   case QLM_MODE_XFI_4X1:
+   type = "xfi";
+   sz = sizeof("xfi") - 1;
+   break;
+   case QLM_MODE_XLAUI_1X4:
+   

Re: svn commit: r316311 - in head: lib/libstand sys/boot/geli sys/boot/i386/gptboot sys/boot/i386/loader sys/boot/i386/zfsboot

[Peter Grehan]

So... can anyone provide a clue what's "explicit" (or different in any
way) between explicit_bzero() and normal bzero()?



https://www.freebsd.org/cgi/man.cgi?query=explicit_bzero=3=FreeBSD+12-current

later,

Peter.

___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316335 - stable/11/sys/x86/iommu

[Konstantin Belousov]

Author: kib
Date: Fri Mar 31 15:46:47 2017
New Revision: 316335
URL: https://svnweb.freebsd.org/changeset/base/316335

Log:
  MFC r309551:
  Release DMAR table after using it.

Modified:
  stable/11/sys/x86/iommu/intel_drv.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/x86/iommu/intel_drv.c
==
--- stable/11/sys/x86/iommu/intel_drv.c Fri Mar 31 14:17:14 2017
(r316334)
+++ stable/11/sys/x86/iommu/intel_drv.c Fri Mar 31 15:46:47 2017
(r316335)
@@ -109,6 +109,7 @@ dmar_iterate_tbl(dmar_iter_t iter, void 
if (!iter(dmarh, arg))
break;
}
+   AcpiPutTable((ACPI_TABLE_HEADER *)dmartbl);
 }
 
 struct find_iter_args {
@@ -184,6 +185,7 @@ dmar_identify(driver_t *driver, device_t
(unsigned)dmartbl->Flags,
"\020\001INTR_REMAP\002X2APIC_OPT_OUT");
}
+   AcpiPutTable((ACPI_TABLE_HEADER *)dmartbl);
 
dmar_iterate_tbl(dmar_count_iter, NULL);
if (dmar_devcnt == 0)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r316311 - in head: lib/libstand sys/boot/geli sys/boot/i386/gptboot sys/boot/i386/loader sys/boot/i386/zfsboot

[Ian Lepore]

 On Fri, 2017-03-31 at 16:27 +0100, Steven Hartland wrote:
> On 31/03/2017 16:16, Ian Lepore wrote:
> > 
> > On Fri, 2017-03-31 at 00:04 +, Allan Jude wrote:
> > > 
> > >    Add explicit_bzero() to libstand, and switch GELIBoot to using
> > > it
> >  revolution > man explicit_bzero
> >  No manual entry for explicit_bzero
> > 
> >  revolution > svn log -v explicit_bzero.c
> >  ...
> >  r272673 | delphij | 2014-10-06 22:54:11 -0600 (Mon, 06 Oct
> > 2014) | 5 lines
> > 
> >  Add explicit_bzero(3) and its kernel counterpart.
> > 
> >  Obtained from:  OpenBSD
> > 
> > So... can anyone provide a clue what's "explicit" (or different in
> > any
> > way) between explicit_bzero() and normal bzero()?
> > 
> Not sure why your system doesn't find the main page, as it works on
> my 
> 11 box, however does this help:
> https://www.freebsd.org/cgi/man.cgi?query=explicit_bzero=0
> ktion=3=FreeBSD+11-current=html
> 
>  Regards
>  Steve

Oh, my bad, I forgot to check for a manpage on a newer system (I'm
running 10.3-stable on my desktop but working with 11-stable all day,
so I tend to forget that).

Thanks.

-- Ian
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r316311 - in head: lib/libstand sys/boot/geli sys/boot/i386/gptboot sys/boot/i386/loader sys/boot/i386/zfsboot

[Steven Hartland]

On 31/03/2017 16:16, Ian Lepore wrote:

On Fri, 2017-03-31 at 00:04 +, Allan Jude wrote:

   Add explicit_bzero() to libstand, and switch GELIBoot to using it

 revolution > man explicit_bzero
 No manual entry for explicit_bzero

 revolution > svn log -v explicit_bzero.c
 ...
 r272673 | delphij | 2014-10-06 22:54:11 -0600 (Mon, 06 Oct 2014) | 5 lines

 Add explicit_bzero(3) and its kernel counterpart.

 Obtained from:  OpenBSD

So... can anyone provide a clue what's "explicit" (or different in any
way) between explicit_bzero() and normal bzero()?

Not sure why your system doesn't find the main page, as it works on my 
11 box, however does this help:

https://www.freebsd.org/cgi/man.cgi?query=explicit_bzero=0=3=FreeBSD+11-current=html

Regards
Steve
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r316311 - in head: lib/libstand sys/boot/geli sys/boot/i386/gptboot sys/boot/i386/loader sys/boot/i386/zfsboot

[Ian Lepore]

On Fri, 2017-03-31 at 00:04 +, Allan Jude wrote:
> 
>   Add explicit_bzero() to libstand, and switch GELIBoot to using it

revolution > man explicit_bzero
No manual entry for explicit_bzero

revolution > svn log -v explicit_bzero.c
...
r272673 | delphij | 2014-10-06 22:54:11 -0600 (Mon, 06 Oct 2014) | 5 lines

Add explicit_bzero(3) and its kernel counterpart.

Obtained from:  OpenBSD

So... can anyone provide a clue what's "explicit" (or different in any
way) between explicit_bzero() and normal bzero()?

-- Ian

___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316334 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Fri Mar 31 14:17:14 2017
New Revision: 316334
URL: https://svnweb.freebsd.org/changeset/base/316334

Log:
  Audit arguments to posix_fallocate(2) and posix_fadvise(2) system calls.
  
  As posix_fadvise() does not lock the vnode argument, don't capture
  detailed vnode information for the time being.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/vfs_syscalls.c

Modified: head/sys/kern/vfs_syscalls.c
==
--- head/sys/kern/vfs_syscalls.cFri Mar 31 14:13:13 2017
(r316333)
+++ head/sys/kern/vfs_syscalls.cFri Mar 31 14:17:14 2017
(r316334)
@@ -4452,15 +4452,21 @@ kern_posix_fallocate(struct thread *td, 
cap_rights_t rights;
off_t olen, ooffset;
int error;
+#ifdef AUDIT
+   int audited_vnode1 = 0;
+#endif
 
+   AUDIT_ARG_FD(fd);
if (offset < 0 || len <= 0)
return (EINVAL);
/* Check for wrap. */
if (offset > OFF_MAX - len)
return (EFBIG);
+   AUDIT_ARG_FD(fd);
error = fget(td, fd, cap_rights_init(, CAP_WRITE), );
if (error != 0)
return (error);
+   AUDIT_ARG_FILE(td->td_proc, fp);
if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
error = ESPIPE;
goto out;
@@ -4494,6 +4500,12 @@ kern_posix_fallocate(struct thread *td, 
vn_finished_write(mp);
break;
}
+#ifdef AUDIT
+   if (!audited_vnode1) {
+   AUDIT_ARG_VNODE1(vp);
+   audited_vnode1 = 1;
+   }
+#endif
 #ifdef MAC
error = mac_vnode_check_write(td->td_ucred, fp->f_cred, vp);
if (error == 0)
@@ -4544,6 +4556,7 @@ kern_posix_fadvise(struct thread *td, in
 
if (offset < 0 || len < 0 || offset > OFF_MAX - len)
return (EINVAL);
+   AUDIT_ARG_VALUE(advice);
switch (advice) {
case POSIX_FADV_SEQUENTIAL:
case POSIX_FADV_RANDOM:
@@ -4559,9 +4572,11 @@ kern_posix_fadvise(struct thread *td, in
return (EINVAL);
}
/* XXX: CAP_POSIX_FADVISE? */
+   AUDIT_ARG_FD(fd);
error = fget(td, fd, cap_rights_init(), );
if (error != 0)
goto out;
+   AUDIT_ARG_FILE(td->td_proc, fp);
if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
error = ESPIPE;
goto out;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316333 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Fri Mar 31 14:13:13 2017
New Revision: 316333
URL: https://svnweb.freebsd.org/changeset/base/316333

Log:
  Correct macro names and signatures for !AUDIT versions of canonical
  path auditing.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/security/audit/audit.h

Modified: head/sys/security/audit/audit.h
==
--- head/sys/security/audit/audit.h Fri Mar 31 13:43:00 2017
(r316332)
+++ head/sys/security/audit/audit.h Fri Mar 31 14:13:13 2017
(r316333)
@@ -431,9 +431,9 @@ void audit_thread_free(struct thread *t
 #defineAUDIT_ARG_TEXT(text)
 #defineAUDIT_ARG_UID(uid)
 #defineAUDIT_ARG_UPATH1(td, dirfd, upath)
-#defineAUDIT_ARG_UPATH1_NONCANON(td, upath)
+#defineAUDIT_ARG_UPATH1_CANON(upath)
 #defineAUDIT_ARG_UPATH2(td, dirfd, upath)
-#defineAUDIT_ARG_UPATH2_NONCANON(td, upath)
+#defineAUDIT_ARG_UPATH2_CANON(upath)
 #defineAUDIT_ARG_VALUE(value)
 #defineAUDIT_ARG_VNODE1(vp)
 #defineAUDIT_ARG_VNODE2(vp)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316332 - in head/sys: kern security/audit

[Robert Watson]

Author: rwatson
Date: Fri Mar 31 13:43:00 2017
New Revision: 316332
URL: https://svnweb.freebsd.org/changeset/base/316332

Log:
  Audit arguments to POSIX message queues, semaphores, and shared memory.
  
  This requires minor changes to the audit framework to allow capturing
  paths that are not filesystem paths (i.e., will not be canonicalised
  relative to the process current working directory and/or filesystem
  root).
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/uipc_mqueue.c
  head/sys/kern/uipc_sem.c
  head/sys/kern/uipc_shm.c
  head/sys/security/audit/audit.h
  head/sys/security/audit/audit_arg.c

Modified: head/sys/kern/uipc_mqueue.c
==
--- head/sys/kern/uipc_mqueue.c Fri Mar 31 11:40:59 2017(r316331)
+++ head/sys/kern/uipc_mqueue.c Fri Mar 31 13:43:00 2017(r316332)
@@ -1,7 +1,13 @@
 /*-
  * Copyright (c) 2005 David Xu 
+ * Copyright (c) 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
+ * Portions of this software were developed by BAE Systems, the University of
+ * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+ * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+ * Computing (TC) research program.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -86,6 +92,8 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#include 
+
 FEATURE(p1003_1b_mqueue, "POSIX P1003.1B message queues support");
 
 /*
@@ -2012,6 +2020,9 @@ kern_kmq_open(struct thread *td, const c
struct mqueue *mq;
int fd, error, len, cmode;
 
+   AUDIT_ARG_FFLAGS(flags);
+   AUDIT_ARG_MODE(mode);
+
fdp = td->td_proc->p_fd;
cmode = (((mode & ~fdp->fd_cmask) & ALLPERMS) & ~S_ISTXT);
mq = NULL;
@@ -2034,6 +2045,7 @@ kern_kmq_open(struct thread *td, const c
len = strlen(path);
if (len < 2 || path[0] != '/' || strchr(path + 1, '/') != NULL)
return (EINVAL);
+   AUDIT_ARG_UPATH1_CANON(path);
 
error = falloc(td, , , O_CLOEXEC);
if (error)
@@ -2133,6 +2145,7 @@ sys_kmq_unlink(struct thread *td, struct
len = strlen(path);
if (len < 2 || path[0] != '/' || strchr(path + 1, '/') != NULL)
return (EINVAL);
+   AUDIT_ARG_UPATH1_CANON(path);
 
sx_xlock(_data.mi_lock);
pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1, td->td_ucred);
@@ -2210,6 +2223,7 @@ kern_kmq_setattr(struct thread *td, int 
u_int oflag, flag;
int error;
 
+   AUDIT_ARG_FD(mqd);
if (attr != NULL && (attr->mq_flags & ~O_NONBLOCK) != 0)
return (EINVAL);
error = getmq(td, mqd, , NULL, );
@@ -2260,6 +2274,7 @@ sys_kmq_timedreceive(struct thread *td, 
int error;
int waitok;
 
+   AUDIT_ARG_FD(uap->mqd);
error = getmq_read(td, uap->mqd, , NULL, );
if (error)
return (error);
@@ -2285,6 +2300,7 @@ sys_kmq_timedsend(struct thread *td, str
struct timespec *abs_timeout, ets;
int error, waitok;
 
+   AUDIT_ARG_FD(uap->mqd);
error = getmq_write(td, uap->mqd, , NULL, );
if (error)
return (error);
@@ -2315,6 +2331,7 @@ kern_kmq_notify(struct thread *td, int m
struct mqueue_notifier *nt, *newnt = NULL;
int error;
 
+   AUDIT_ARG_FD(mqd);
if (sigev != NULL) {
if (sigev->sigev_notify != SIGEV_SIGNAL &&
sigev->sigev_notify != SIGEV_THREAD_ID &&
@@ -2780,6 +2797,7 @@ freebsd32_kmq_timedsend(struct thread *t
int error;
int waitok;
 
+   AUDIT_ARG_FD(uap->mqd);
error = getmq_write(td, uap->mqd, , NULL, );
if (error)
return (error);
@@ -2809,6 +2827,7 @@ freebsd32_kmq_timedreceive(struct thread
struct timespec *abs_timeout, ets;
int error, waitok;
 
+   AUDIT_ARG_FD(uap->mqd);
error = getmq_read(td, uap->mqd, , NULL, );
if (error)
return (error);

Modified: head/sys/kern/uipc_sem.c
==
--- head/sys/kern/uipc_sem.cFri Mar 31 11:40:59 2017(r316331)
+++ head/sys/kern/uipc_sem.cFri Mar 31 13:43:00 2017(r316332)
@@ -1,7 +1,7 @@
 /*-
  * Copyright (c) 2002 Alfred Perlstein 
  * Copyright (c) 2003-2005 SPARTA, Inc.
- * Copyright (c) 2005 Robert N. M. Watson
+ * Copyright (c) 2005, 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project in part by Network
@@ -9,6 +9,11 @@
  * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
  * as part of the DARPA CHATS research program.
  *
+ * 

svn commit: r316330 - stable/11/sys/x86/acpica

[Roger Pau Monné]

Author: royger
Date: Fri Mar 31 10:26:14 2017
New Revision: 316330
URL: https://svnweb.freebsd.org/changeset/base/316330

Log:
  MFC r315402:
  
  x86/srat: fix parsing of APIC IDs > MAX_APIC_ID

Modified:
  stable/11/sys/x86/acpica/srat.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/x86/acpica/srat.c
==
--- stable/11/sys/x86/acpica/srat.c Fri Mar 31 09:26:08 2017
(r316329)
+++ stable/11/sys/x86/acpica/srat.c Fri Mar 31 10:26:14 2017
(r316330)
@@ -202,6 +202,12 @@ srat_parse_entry(ACPI_SUBTABLE_HEADER *e
"enabled" : "disabled");
if (!(cpu->Flags & ACPI_SRAT_CPU_ENABLED))
break;
+   if (cpu->ApicId > MAX_APIC_ID) {
+   printf("SRAT: Ignoring local APIC ID %u (too high)\n",
+   cpu->ApicId);
+   break;
+   }
+
if (cpus[cpu->ApicId].enabled) {
printf("SRAT: Duplicate local APIC ID %u\n",
cpu->ApicId);
@@ -220,6 +226,12 @@ srat_parse_entry(ACPI_SUBTABLE_HEADER *e
"enabled" : "disabled");
if (!(x2apic->Flags & ACPI_SRAT_CPU_ENABLED))
break;
+   if (x2apic->ApicId > MAX_APIC_ID) {
+   printf("SRAT: Ignoring local APIC ID %u (too high)\n",
+   x2apic->ApicId);
+   break;
+   }
+
KASSERT(!cpus[x2apic->ApicId].enabled,
("Duplicate local APIC ID %u", x2apic->ApicId));
cpus[x2apic->ApicId].domain = x2apic->ProximityDomain;
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316329 - head/sys/netpfil/ipfw

[Andrey V. Elsukov]

Author: ae
Date: Fri Mar 31 09:26:08 2017
New Revision: 316329
URL: https://svnweb.freebsd.org/changeset/base/316329

Log:
  Reset the cached state of last lookup in the dynamic states when an
  external action is completed, but the rule search is continued.
  
  External action handler can change the content of @args argument,
  that is used for dynamic state lookup. Enforce the new lookup to be able
  install new state, when the search is continued.
  
  Obtained from:Yandex LLC
  MFC after:1 week
  Sponsored by: Yandex LLC

Modified:
  head/sys/netpfil/ipfw/ip_fw2.c

Modified: head/sys/netpfil/ipfw/ip_fw2.c
==
--- head/sys/netpfil/ipfw/ip_fw2.c  Fri Mar 31 09:10:05 2017
(r316328)
+++ head/sys/netpfil/ipfw/ip_fw2.c  Fri Mar 31 09:26:08 2017
(r316329)
@@ -2616,8 +2616,17 @@ do { 
\
 * consider this as rule matching and
 * update counters.
 */
-   if (retval == 0 && done == 0)
+   if (retval == 0 && done == 0) {
IPFW_INC_RULE_COUNTER(f, pktlen);
+   /*
+* Reset the result of the last
+* dynamic state lookup.
+* External action can change
+* @args content, and it may be
+* used for new state lookup later.
+*/
+   dyn_dir = MATCH_UNKNOWN;
+   }
break;
 
default:
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316328 - in head: . sys/netinet6

[Steven Hartland]

Author: smh
Date: Fri Mar 31 09:10:05 2017
New Revision: 316328
URL: https://svnweb.freebsd.org/changeset/base/316328

Log:
  Allow explicitly assigned IPv6 loopback address to be used in jails
  
  If a jail has an explicitly assigned IPv6 loopback address then allow it
  to be used instead of remapping requests for the loopback adddress to the
  first IPv6 address assigned to the jail.
  
  This fixes issues where applications attempt to detect their bound port
  where they requested a loopback address, which was available, but instead
  the kernel remapped it to the jails first address.
  
  This is the same fix applied to IPv4 fix by: r316313
  
  Also:
  * Correct the description of prison_check_ip6_locked to match the code.
  
  MFC after:2 weeks
  Relnotes: Yes
  Sponsored by: Multiplay

Modified:
  head/UPDATING
  head/sys/netinet6/in6_jail.c

Modified: head/UPDATING
==
--- head/UPDATING   Fri Mar 31 08:43:07 2017(r316327)
+++ head/UPDATING   Fri Mar 31 09:10:05 2017(r316328)
@@ -52,9 +52,9 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 12
 ** SPECIAL WARNING: **
 
 20170331:
-   Binds and sends to the IPv4 loopback address (127.0.0.1) will now
+   Binds and sends to the loopback addresses, IPv6 and IPv4, will now
use any explicitly assigned loopback address available in the jail
-   instead of using the first assigned IPv4 address of the jail.
+   instead of using the first assigned address of the jail.
 
 20170329:
The ctl.ko module no longer implements the iSCSI target frontend:

Modified: head/sys/netinet6/in6_jail.c
==
--- head/sys/netinet6/in6_jail.cFri Mar 31 08:43:07 2017
(r316327)
+++ head/sys/netinet6/in6_jail.cFri Mar 31 09:10:05 2017
(r316328)
@@ -293,12 +293,6 @@ prison_local_ip6(struct ucred *cred, str
return (EAFNOSUPPORT);
}
 
-   if (IN6_IS_ADDR_LOOPBACK(ia6)) {
-   bcopy(>pr_ip6[0], ia6, sizeof(struct in6_addr));
-   mtx_unlock(>pr_mtx);
-   return (0);
-   }
-
if (IN6_IS_ADDR_UNSPECIFIED(ia6)) {
/*
 * In case there is only 1 IPv6 address, and v6only is true,
@@ -311,6 +305,11 @@ prison_local_ip6(struct ucred *cred, str
}
 
error = prison_check_ip6_locked(pr, ia6);
+   if (error == EADDRNOTAVAIL && IN6_IS_ADDR_LOOPBACK(ia6)) {
+   bcopy(>pr_ip6[0], ia6, sizeof(struct in6_addr));
+   error = 0;
+   }
+
mtx_unlock(>pr_mtx);
return (error);
 }
@@ -341,7 +340,8 @@ prison_remote_ip6(struct ucred *cred, st
return (EAFNOSUPPORT);
}
 
-   if (IN6_IS_ADDR_LOOPBACK(ia6)) {
+   if (IN6_IS_ADDR_LOOPBACK(ia6) &&
+prison_check_ip6_locked(pr, ia6) == EADDRNOTAVAIL) {
bcopy(>pr_ip6[0], ia6, sizeof(struct in6_addr));
mtx_unlock(>pr_mtx);
return (0);
@@ -357,9 +357,8 @@ prison_remote_ip6(struct ucred *cred, st
 /*
  * Check if given address belongs to the jail referenced by cred/prison.
  *
- * Returns 0 if jail doesn't restrict IPv6 or if address belongs to jail,
- * EADDRNOTAVAIL if the address doesn't belong, or EAFNOSUPPORT if the jail
- * doesn't allow IPv6.
+ * Returns 0 if address belongs to jail,
+ * EADDRNOTAVAIL if the address doesn't belong to the jail.
  */
 int
 prison_check_ip6_locked(const struct prison *pr, const struct in6_addr *ia6)
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316327 - stable/11/sys/compat/cloudabi

[Ed Schouten]

Author: ed
Date: Fri Mar 31 08:43:07 2017
New Revision: 316327
URL: https://svnweb.freebsd.org/changeset/base/316327

Log:
  MFC r315892:
  
Include  to obtain the memcpy() prototype.
  
I got a report of this source file not building on Raspberry Pi. It's
interesting that this only fails for that target and not for others.
Again, that's no reason not to include the right headers.
  
  PR:   217969
  Reported by:  Johannes Jost Meixner

Modified:
  stable/11/sys/compat/cloudabi/cloudabi_clock.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/compat/cloudabi/cloudabi_clock.c
==
--- stable/11/sys/compat/cloudabi/cloudabi_clock.c  Fri Mar 31 08:20:59 
2017(r316326)
+++ stable/11/sys/compat/cloudabi/cloudabi_clock.c  Fri Mar 31 08:43:07 
2017(r316327)
@@ -29,6 +29,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r316326 - in head: share/man/man4 sys/dev/usb sys/dev/usb/misc

[Kevin Lo]

Author: kevlo
Date: Fri Mar 31 08:20:59 2017
New Revision: 316326
URL: https://svnweb.freebsd.org/changeset/base/316326

Log:
  Add support for ThingM blink(1) notification LED to uled(4).

Modified:
  head/share/man/man4/uled.4
  head/sys/dev/usb/misc/uled.c
  head/sys/dev/usb/usbdevs

Modified: head/share/man/man4/uled.4
==
--- head/share/man/man4/uled.4  Fri Mar 31 06:33:20 2017(r316325)
+++ head/share/man/man4/uled.4  Fri Mar 31 08:20:59 2017(r316326)
@@ -25,7 +25,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd September 5, 2014
+.Dd March 31, 2017
 .Dt ULED 4
 .Os
 .Sh NAME
@@ -48,7 +48,8 @@ uled_load="YES"
 .Sh DESCRIPTION
 The
 .Nm
-driver provides support for the Dream Cheeky WebMail Notifier device.
+driver provides support for Dream Cheeky WebMail Notifier and
+ThingM blink(1) notification LED.
 .Pp
 Subsequently, the
 .Pa /dev/uled0

Modified: head/sys/dev/usb/misc/uled.c
==
--- head/sys/dev/usb/misc/uled.cFri Mar 31 06:33:20 2017
(r316325)
+++ head/sys/dev/usb/misc/uled.cFri Mar 31 08:20:59 2017
(r316326)
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2014 Kevin Lo
+ * Copyright (c) 2014, 2017 Kevin Lo
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -68,10 +68,16 @@ struct uled_softc {
 
uint8_t sc_state;
 #defineULED_ENABLED0x01
+
+   int sc_flags;
+#defineULED_FLAG_BLINK10x0001
 };
 
-/* prototypes */
+/* Initial commands. */
+static uint8_t blink1[] = { 0x1, 'v', 0, 0, 0, 0, 0, 0 };
+static uint8_t dl100b[] = { 0x1f, 0x2, 0, 0x5f, 0, 0, 0x1a, 0x3 };
 
+/* Prototypes. */
 static device_probe_t  uled_probe;
 static device_attach_t uled_attach;
 static device_detach_t uled_detach;
@@ -88,7 +94,7 @@ static struct usb_fifo_methods uled_fifo
 };
 
 static usb_error_t uled_ctrl_msg(struct uled_softc *, uint8_t, uint8_t,
-   uint16_t, uint16_t, void *buf, uint16_t);
+   uint16_t, uint16_t, void *, uint16_t);
 static int uled_enable(struct uled_softc *);
 
 static devclass_t uled_devclass;
@@ -108,7 +114,10 @@ static driver_t uled_driver = {
 };
 
 static const STRUCT_USB_HOST_ID uled_devs[] = {
-   {USB_VPI(USB_VENDOR_DREAMLINK, USB_PRODUCT_DREAMLINK_DL100B, 0)},
+#defineULED_DEV(v,p,i) { USB_VPI(USB_VENDOR_##v, 
USB_PRODUCT_##v##_##p, i) }
+   ULED_DEV(DREAMLINK, DL100B, 0),
+   ULED_DEV(THINGM, BLINK1, ULED_FLAG_BLINK1),
+#undef ULED_DEV
 };
 
 DRIVER_MODULE(uled, uhub, uled_driver, uled_devclass, NULL, NULL);
@@ -141,6 +150,7 @@ uled_attach(device_t dev)
uaa = device_get_ivars(dev);
sc = device_get_softc(dev);
unit = device_get_unit(dev);
+   sc->sc_flags = USB_GET_DRIVER_INFO(uaa);
 
device_set_usb_desc(dev);
mtx_init(>sc_mtx, "uled lock", NULL, MTX_DEF | MTX_RECURSE);
@@ -194,10 +204,11 @@ uled_ctrl_msg(struct uled_softc *sc, uin
 static int
 uled_enable(struct uled_softc *sc)
 {
-   static uint8_t cmdbuf[] = { 0x1f, 0x02, 0x00, 0x5f, 0x00, 0x00, 0x1a,
-   0x03 };
+   uint8_t *cmdbuf;
int error;
 
+   cmdbuf = (sc->sc_flags & ULED_FLAG_BLINK1) ? blink1 : dl100b;
+
sc->sc_state |= ULED_ENABLED;
mtx_lock(>sc_mtx);
error = uled_ctrl_msg(sc, UT_WRITE_CLASS_INTERFACE, UR_SET_REPORT,
@@ -257,12 +268,21 @@ uled_ioctl(struct usb_fifo *fifo, u_long
sc->sc_color.green = color.green;
sc->sc_color.blue = color.blue;
 
-   buf[0] = color.red;
-   buf[1] = color.green;
-   buf[2] = color.blue;
-   buf[3] = buf[4] = buf[5] = 0;
-   buf[6] = 0x1a;
-   buf[7] = 0x05;
+   if (sc->sc_flags & ULED_FLAG_BLINK1) {
+   buf[0] = 0x1;
+   buf[1] = 'n';
+   buf[2] = color.red;
+   buf[3] = color.green;
+   buf[4] = color.blue;
+   buf[5] = buf[6] = buf[7] = 0;
+   } else {
+   buf[0] = color.red;
+   buf[1] = color.green;
+   buf[2] = color.blue;
+   buf[3] = buf[4] = buf[5] = 0;
+   buf[6] = 0x1a;
+   buf[7] = 0x05;
+   }
error = uled_ctrl_msg(sc, UT_WRITE_CLASS_INTERFACE,
UR_SET_REPORT, 0x200, 0, buf, sizeof(buf));
break;

Modified: head/sys/dev/usb/usbdevs
==
--- head/sys/dev/usb/usbdevsFri Mar 31 06:33:20 2017(r316325)
+++ head/sys/dev/usb/usbdevsFri Mar 31 08:20:59 2017(r316326)
@@ -747,6 +747,7 @@ vendor 

svn commit: r316325 - stable/10/sys/netpfil/ipfw

[Don Lewis]

Author: truckman
Date: Fri Mar 31 06:33:20 2017
New Revision: 316325
URL: https://svnweb.freebsd.org/changeset/base/316325

Log:
  MFC r315516
  
  Change several constants used by the PIE algorithm from unsigned to signed.
  
   - PIE_MAX_PROB is compared to variable of int64_t and the type promotion
 rules can cause the value of that variable to be treated as unsigned.
 If the value is actually negative, then the result of the comparsion
 is incorrect, causing the algorithm to perform poorly in some
 situations.  Changing the constant to be signed cause the comparision
 to work correctly.
  
   - PIE_SCALE is also compared to signed values.  Fortunately they are
 also compared to zero and negative values are discarded so this is
 more of a cosmetic fix.
  
   - PIE_DQ_THRESHOLD is only compared to unsigned values, but it is small
 enough that the automatic promotion to unsigned is harmless.
  
  Submitted by: Rasool Al-Saadi 

Modified:
  stable/10/sys/netpfil/ipfw/dn_aqm_pie.h
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/netpfil/ipfw/dn_aqm_pie.h
==
--- stable/10/sys/netpfil/ipfw/dn_aqm_pie.h Fri Mar 31 06:20:06 2017
(r316324)
+++ stable/10/sys/netpfil/ipfw/dn_aqm_pie.h Fri Mar 31 06:33:20 2017
(r316325)
@@ -37,16 +37,16 @@
 #define DN_AQM_PIE 2
 #define PIE_DQ_THRESHOLD_BITS 14
 /* 2^14 =16KB */
-#define PIE_DQ_THRESHOLD (1UL << PIE_DQ_THRESHOLD_BITS) 
+#define PIE_DQ_THRESHOLD (1L << PIE_DQ_THRESHOLD_BITS) 
 #define MEAN_PKTSIZE 800
 
 /* 31-bits because random() generates range from 0->(2**31)-1 */
 #define PIE_PROB_BITS 31
-#define PIE_MAX_PROB ((1ULL<

svn commit: r316324 - stable/11/sys/netpfil/ipfw

[Don Lewis]

Author: truckman
Date: Fri Mar 31 06:20:06 2017
New Revision: 316324
URL: https://svnweb.freebsd.org/changeset/base/316324

Log:
  MFC r315516
  
  Change several constants used by the PIE algorithm from unsigned to signed.
  
   - PIE_MAX_PROB is compared to variable of int64_t and the type promotion
 rules can cause the value of that variable to be treated as unsigned.
 If the value is actually negative, then the result of the comparsion
 is incorrect, causing the algorithm to perform poorly in some
 situations.  Changing the constant to be signed cause the comparision
 to work correctly.
  
   - PIE_SCALE is also compared to signed values.  Fortunately they are
 also compared to zero and negative values are discarded so this is
 more of a cosmetic fix.
  
   - PIE_DQ_THRESHOLD is only compared to unsigned values, but it is small
 enough that the automatic promotion to unsigned is harmless.
  
  Submitted by: Rasool Al-Saadi 

Modified:
  stable/11/sys/netpfil/ipfw/dn_aqm_pie.h
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/sys/netpfil/ipfw/dn_aqm_pie.h
==
--- stable/11/sys/netpfil/ipfw/dn_aqm_pie.h Fri Mar 31 04:51:08 2017
(r316323)
+++ stable/11/sys/netpfil/ipfw/dn_aqm_pie.h Fri Mar 31 06:20:06 2017
(r316324)
@@ -37,16 +37,16 @@
 #define DN_AQM_PIE 2
 #define PIE_DQ_THRESHOLD_BITS 14
 /* 2^14 =16KB */
-#define PIE_DQ_THRESHOLD (1UL << PIE_DQ_THRESHOLD_BITS) 
+#define PIE_DQ_THRESHOLD (1L << PIE_DQ_THRESHOLD_BITS) 
 #define MEAN_PKTSIZE 800
 
 /* 31-bits because random() generates range from 0->(2**31)-1 */
 #define PIE_PROB_BITS 31
-#define PIE_MAX_PROB ((1ULL<