svn commit: r360325 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Sat Apr 25 21:45:31 2020 New Revision: 360325 URL: https://svnweb.freebsd.org/changeset/base/360325 Log: Avoid the GEOM topology lock recursion when we automatically expand a pool. The steps to reproduce the problem: mdconfig -a -t swap -s 3g -u 0 gpart create -s GPT md0 gpart add -t freebsd-zfs -s 1g md0 zpool create -o autoexpand=on foo md0p1 gpart resize -i 1 -s 2g md0 Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Apr 25 21:41:38 2020(r360324) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Apr 25 21:45:31 2020(r360325) @@ -973,18 +973,22 @@ static void vdev_geom_close(vdev_t *vd) { struct g_consumer *cp; + int locked; cp = vd->vdev_tsd; DROP_GIANT(); - g_topology_lock(); + locked = g_topology_locked(); + if (!locked) + g_topology_lock(); if (!vd->vdev_reopening || (cp != NULL && ((cp->flags & G_CF_ORPHAN) != 0 || (cp->provider != NULL && cp->provider->error != 0 vdev_geom_close_locked(vd); - g_topology_unlock(); + if (!locked) + g_topology_unlock(); PICKUP_GIANT(); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r360323 - head/sys/geom
Author: pjd Date: Sat Apr 25 21:41:09 2020 New Revision: 360323 URL: https://svnweb.freebsd.org/changeset/base/360323 Log: Add g_topology_locked() macro that returns true if we already hold the GEOM topology lock. Modified: head/sys/geom/geom.h Modified: head/sys/geom/geom.h == --- head/sys/geom/geom.hSat Apr 25 20:24:41 2020(r360322) +++ head/sys/geom/geom.hSat Apr 25 21:41:09 2020(r360323) @@ -395,6 +395,8 @@ g_free(void *ptr) sx_xunlock(_lock); \ } while (0) +#define g_topology_locked()sx_xlocked(_lock) + #define g_topology_assert()\ do {\ sx_assert(_lock, SX_XLOCKED); \ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r357363 - head/sys/geom
Author: pjd Date: Sat Feb 1 10:15:23 2020 New Revision: 357363 URL: https://svnweb.freebsd.org/changeset/base/357363 Log: The error variable is not really needed. Remove it. Modified: head/sys/geom/geom_disk.c Modified: head/sys/geom/geom_disk.c == --- head/sys/geom/geom_disk.c Sat Feb 1 09:13:11 2020(r357362) +++ head/sys/geom/geom_disk.c Sat Feb 1 10:15:23 2020(r357363) @@ -268,7 +268,6 @@ g_disk_ioctl(struct g_provider *pp, u_long cmd, void * { struct disk *dp; struct g_disk_softc *sc; - int error; sc = pp->private; dp = sc->dp; @@ -277,8 +276,7 @@ g_disk_ioctl(struct g_provider *pp, u_long cmd, void * if (dp->d_ioctl == NULL) return (ENOIOCTL); - error = dp->d_ioctl(dp, cmd, data, fflag, td); - return (error); + return (dp->d_ioctl(dp, cmd, data, fflag, td)); } static off_t ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r357138 - head/bin/pwait
On 1/30/20 14:47, Jilles Tjoelker wrote: > On 26-01-2020 11:49, Pawel Jakub Dawidek wrote: >> Author: pjd >> Date: Sun Jan 26 10:49:24 2020 >> New Revision: 357138 >> URL: https://svnweb.freebsd.org/changeset/base/357138 >> >> Log: >> - Be consistent with using sysexits(3) codes. >> - Turn fprintf()+exit() into errx(). >> Sponsored by: Fudo Security >> >> Modified: >> head/bin/pwait/pwait.c >> >> Modified: head/bin/pwait/pwait.c >> == >> >> --- head/bin/pwait/pwait.c Sun Jan 26 07:24:49 2020 (r357137) >> +++ head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020 (r357138) >> @@ -53,8 +53,7 @@ static void >> usage(void) >> { >> - fprintf(stderr, "usage: pwait [-t timeout] [-v] pid ...\n"); >> - exit(EX_USAGE); >> + errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ..."); > > This adds a "pwait: " before the line, which most other programs do not do. > Reverted in r357362. Thanks. -- Pawel Jakub Dawidek ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r357362 - head/bin/pwait
Author: pjd Date: Sat Feb 1 09:13:11 2020 New Revision: 357362 URL: https://svnweb.freebsd.org/changeset/base/357362 Log: Restore previous usage presentation (without "pwait: " prefix). Pointed out by: jilles Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sat Feb 1 06:46:55 2020(r357361) +++ head/bin/pwait/pwait.c Sat Feb 1 09:13:11 2020(r357362) @@ -53,7 +53,8 @@ static void usage(void) { - errx(EX_USAGE, "usage: pwait [-t timeout] [-ov] pid ..."); + fprintf(stderr, "usage: pwait [-t timeout] [-ov] pid ...\n"); + exit(EX_USAGE); } /* ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r357143 - head/bin/pwait
Author: pjd Date: Sun Jan 26 11:13:34 2020 New Revision: 357143 URL: https://svnweb.freebsd.org/changeset/base/357143 Log: Style changes, mostly usage of braces around single line statements - it is safer and allowed for some time now by style(9). Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 11:03:45 2020(r357142) +++ head/bin/pwait/pwait.c Sun Jan 26 11:13:34 2020(r357143) @@ -63,12 +63,11 @@ int main(int argc, char *argv[]) { struct itimerval itv; - int kq; struct kevent *e; int oflag, tflag, verbose; - int opt, nleft, n, i, status; + int i, kq, n, nleft, opt, status; long pid; - char *s, *end; + char *end, *s; double timeout; oflag = 0; @@ -76,7 +75,7 @@ main(int argc, char *argv[]) verbose = 0; memset(, 0, sizeof(itv)); - while ((opt = getopt(argc, argv, "t:ov")) != -1) { + while ((opt = getopt(argc, argv, "ot:v")) != -1) { switch (opt) { case 'o': oflag = 1; @@ -85,9 +84,9 @@ main(int argc, char *argv[]) tflag = 1; errno = 0; timeout = strtod(optarg, ); - if (end == optarg || errno == ERANGE || - timeout < 0) + if (end == optarg || errno == ERANGE || timeout < 0) { errx(EX_DATAERR, "timeout value"); + } switch(*end) { case 0: case 's': @@ -101,8 +100,9 @@ main(int argc, char *argv[]) default: errx(EX_DATAERR, "timeout unit"); } - if (timeout > 1L) + if (timeout > 1L) { errx(EX_DATAERR, "timeout value"); + } itv.it_value.tv_sec = (time_t)timeout; timeout -= (time_t)timeout; itv.it_value.tv_usec = @@ -120,21 +120,26 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; - if (argc == 0) + if (argc == 0) { usage(); + } kq = kqueue(); - if (kq == -1) + if (kq == -1) { err(EX_OSERR, "kqueue"); + } e = malloc((argc + tflag) * sizeof(struct kevent)); - if (e == NULL) + if (e == NULL) { err(EX_OSERR, "malloc"); + } nleft = 0; for (n = 0; n < argc; n++) { s = argv[n]; - if (!strncmp(s, "/proc/", 6)) /* Undocumented Solaris compat */ + /* Undocumented Solaris compat */ + if (!strncmp(s, "/proc/", 6)) { s += 6; + } errno = 0; pid = strtol(s, , 10); if (pid < 0 || *end != '\0' || errno != 0) { @@ -142,8 +147,9 @@ main(int argc, char *argv[]) continue; } for (i = 0; i < nleft; i++) { - if (e[i].ident == (uintptr_t)pid) + if (e[i].ident == (uintptr_t)pid) { break; + } } if (i < nleft) { /* Duplicate. */ @@ -152,8 +158,9 @@ main(int argc, char *argv[]) EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) { warn("%ld", pid); - if (oflag) + if (oflag) { exit(EX_OK); + } } else { nleft++; } @@ -165,39 +172,45 @@ main(int argc, char *argv[]) * can be returned rather than 142. */ EV_SET(e + nleft, SIGALRM, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL); - if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) + if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) { err(EX_OSERR, "kevent"); + } /* Ignore SIGALRM to not interrupt kevent(2). */ signal(SIGALRM, SIG_IGN); - if (setitimer(ITIMER_REAL, , NULL) == -1) + if (setitimer(ITIMER_REAL, , NULL) == -1) { err(EX_OSERR, "setitimer"); + } } while (nleft > 0) { n = kevent(kq, NULL, 0, e, nleft + tflag, NULL); - if (n == -1) + if (n == -1) {
svn commit: r357142 - head/bin/pwait/tests
Author: pjd Date: Sun Jan 26 11:03:45 2020 New Revision: 357142 URL: https://svnweb.freebsd.org/changeset/base/357142 Log: Implement tests for the newly added -o flag. Sponsored by: Fudo Security Modified: head/bin/pwait/tests/pwait_test.sh Modified: head/bin/pwait/tests/pwait_test.sh == --- head/bin/pwait/tests/pwait_test.sh Sun Jan 26 11:02:51 2020 (r357141) +++ head/bin/pwait/tests/pwait_test.sh Sun Jan 26 11:03:45 2020 (r357142) @@ -232,6 +232,85 @@ timeout_many_cleanup() wait $p1 $p5 $p10 >/dev/null 2>&1 } +atf_test_case or_flag +or_flag_head() +{ + atf_set "descr" "Test OR flag" +} + +or_flag_body() +{ + sleep 2 & + p2=$! + + sleep 4 & + p4=$! + + sleep 6 & + p6=$! + + atf_check \ + -o inline:"$p2: exited with status 0.\n" \ + -e empty \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o -v $p2 $p4 $p6 + + atf_check \ + -o empty \ + -e inline:"pwait: $p2: No such process\n" \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o $p2 $p4 $p6 + + atf_check \ + -o empty \ + -e empty \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o $p4 $p6 + + atf_check \ + -o empty \ + -e inline:"pwait: $p4: No such process\n" \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o $p4 $p6 + + atf_check \ + -o inline:"$p6: exited with status 0.\n" \ + -e empty \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o -v $p6 + + atf_check \ + -o empty \ + -e inline:"pwait: $p6: No such process\n" \ + -s exit:0 \ + timeout --preserve-status 15 pwait -o $p6 + + atf_check \ + -o empty \ + -e inline:"kill: $p2: No such process\n" \ + -s exit:1 \ + kill -0 $p2 + + atf_check \ + -o empty \ + -e inline:"kill: $p4: No such process\n" \ + -s exit:1 \ + kill -0 $p4 + + atf_check \ + -o empty \ + -e inline:"kill: $p6: No such process\n" \ + -s exit:1 \ + kill -0 $p6 + +} + +or_flag_cleanup() +{ + kill $p2 $p4 $p6 >/dev/null 2>&1 + wait $p2 $p4 $p6 >/dev/null 2>&1 +} + atf_init_test_cases() { atf_add_test_case basic @@ -239,4 +318,5 @@ atf_init_test_cases() atf_add_test_case timeout_trigger_timeout atf_add_test_case timeout_no_timeout atf_add_test_case timeout_many + atf_add_test_case or_flag } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r357141 - head/bin/pwait
Author: pjd Date: Sun Jan 26 11:02:51 2020 New Revision: 357141 URL: https://svnweb.freebsd.org/changeset/base/357141 Log: Implement -o flag which tells pwait(1) to exit if any of the given processes has terminated. Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.1 head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.1 == --- head/bin/pwait/pwait.1 Sun Jan 26 10:54:16 2020(r357140) +++ head/bin/pwait/pwait.1 Sun Jan 26 11:02:51 2020(r357141) @@ -32,7 +32,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 7, 2017 +.Dd January 26, 2020 .Dt PWAIT 1 .Os .Sh NAME @@ -41,7 +41,7 @@ .Sh SYNOPSIS .Nm .Op Fl t Ar duration -.Op Fl v +.Op Fl ov .Ar pid \&... .Sh DESCRIPTION @@ -51,6 +51,8 @@ utility will wait until each of the given processes ha .Pp The following option is available: .Bl -tag -width indent +.It Fl o +Exit when any of the given processes has terminated. .It Fl t Ar duration If any process is still running after .Ar duration , Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 10:54:16 2020(r357140) +++ head/bin/pwait/pwait.c Sun Jan 26 11:02:51 2020(r357141) @@ -53,7 +53,7 @@ static void usage(void) { - errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ..."); + errx(EX_USAGE, "usage: pwait [-t timeout] [-ov] pid ..."); } /* @@ -65,16 +65,22 @@ main(int argc, char *argv[]) struct itimerval itv; int kq; struct kevent *e; - int tflag, verbose; + int oflag, tflag, verbose; int opt, nleft, n, i, status; long pid; char *s, *end; double timeout; - tflag = verbose = 0; + oflag = 0; + tflag = 0; + verbose = 0; memset(, 0, sizeof(itv)); - while ((opt = getopt(argc, argv, "t:v")) != -1) { + + while ((opt = getopt(argc, argv, "t:ov")) != -1) { switch (opt) { + case 'o': + oflag = 1; + break; case 't': tflag = 1; errno = 0; @@ -144,10 +150,13 @@ main(int argc, char *argv[]) continue; } EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); - if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) + if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) { warn("%ld", pid); - else + if (oflag) + exit(EX_OK); + } else { nleft++; + } } if (nleft > 0 && tflag) { @@ -187,6 +196,8 @@ main(int argc, char *argv[]) printf("%ld: terminated.\n", (long)e[i].ident); } + if (oflag) + exit(EX_OK); --nleft; } } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r357140 - head/bin/pwait
Author: pjd Date: Sun Jan 26 10:54:16 2020 New Revision: 357140 URL: https://svnweb.freebsd.org/changeset/base/357140 Log: Don't setup a timeout if we are exiting. Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 10:51:57 2020(r357139) +++ head/bin/pwait/pwait.c Sun Jan 26 10:54:16 2020(r357140) @@ -150,7 +150,7 @@ main(int argc, char *argv[]) nleft++; } - if (tflag) { + if (nleft > 0 && tflag) { /* * Explicitly detect SIGALRM so that an exit status of 124 * can be returned rather than 142. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r357139 - head/bin/pwait
Author: pjd Date: Sun Jan 26 10:51:57 2020 New Revision: 357139 URL: https://svnweb.freebsd.org/changeset/base/357139 Log: Check for duplicated PID without using additional variable. Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020(r357138) +++ head/bin/pwait/pwait.c Sun Jan 26 10:51:57 2020(r357139) @@ -66,7 +66,7 @@ main(int argc, char *argv[]) int kq; struct kevent *e; int tflag, verbose; - int opt, nleft, n, i, duplicate, status; + int opt, nleft, n, i, status; long pid; char *s, *end; double timeout; @@ -135,18 +135,19 @@ main(int argc, char *argv[]) warnx("%s: bad process id", s); continue; } - duplicate = 0; - for (i = 0; i < nleft; i++) + for (i = 0; i < nleft; i++) { if (e[i].ident == (uintptr_t)pid) - duplicate = 1; - if (!duplicate) { - EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, - 0, NULL); - if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) - warn("%ld", pid); - else - nleft++; + break; } + if (i < nleft) { + /* Duplicate. */ + continue; + } + EV_SET(e + nleft, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, NULL); + if (kevent(kq, e + nleft, 1, NULL, 0, NULL) == -1) + warn("%ld", pid); + else + nleft++; } if (tflag) { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r357138 - head/bin/pwait
Author: pjd Date: Sun Jan 26 10:49:24 2020 New Revision: 357138 URL: https://svnweb.freebsd.org/changeset/base/357138 Log: - Be consistent with using sysexits(3) codes. - Turn fprintf()+exit() into errx(). Sponsored by: Fudo Security Modified: head/bin/pwait/pwait.c Modified: head/bin/pwait/pwait.c == --- head/bin/pwait/pwait.c Sun Jan 26 07:24:49 2020(r357137) +++ head/bin/pwait/pwait.c Sun Jan 26 10:49:24 2020(r357138) @@ -53,8 +53,7 @@ static void usage(void) { - fprintf(stderr, "usage: pwait [-t timeout] [-v] pid ...\n"); - exit(EX_USAGE); + errx(EX_USAGE, "usage: pwait [-t timeout] [-v] pid ..."); } /* @@ -120,11 +119,11 @@ main(int argc, char *argv[]) kq = kqueue(); if (kq == -1) - err(1, "kqueue"); + err(EX_OSERR, "kqueue"); e = malloc((argc + tflag) * sizeof(struct kevent)); if (e == NULL) - err(1, "malloc"); + err(EX_OSERR, "malloc"); nleft = 0; for (n = 0; n < argc; n++) { s = argv[n]; @@ -166,12 +165,12 @@ main(int argc, char *argv[]) while (nleft > 0) { n = kevent(kq, NULL, 0, e, nleft + tflag, NULL); if (n == -1) - err(1, "kevent"); + err(EX_OSERR, "kevent"); for (i = 0; i < n; i++) { if (e[i].filter == EVFILT_SIGNAL) { if (verbose) printf("timeout\n"); - return (124); + exit(124); } if (verbose) { status = e[i].data; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r356962 - stable/12/contrib/openbsm/libauditd
Author: pjd Date: Wed Jan 22 01:10:23 2020 New Revision: 356962 URL: https://svnweb.freebsd.org/changeset/base/356962 Log: MFC r342873: In r316006 the getstrfromtype_locked() function was modified to return an empty string, instead of NULL, if an entry is missing in the audit_control file. Because of that change the getachost() function started to return success even if the host name was not defined in the audit_control. This in turn led to auditd_hostlen always being set (for an empty host it was set to 0). If auditd_hostlen was not equal to -1 we were trying to append the host name to trail file name. All this led to situation where when host name is not defined in audit_control, auditd will create trail files with a leading '.', which breaks auditdistd as it doesn't work with longer audit trail file names. Fix this by appending host name to the trail file name only if the host name is not empty. Sponsored by: Fudo Security Modified: stable/12/contrib/openbsm/libauditd/auditd_lib.c Directory Properties: stable/12/ (props changed) Modified: stable/12/contrib/openbsm/libauditd/auditd_lib.c == --- stable/12/contrib/openbsm/libauditd/auditd_lib.cWed Jan 22 01:08:27 2020(r356961) +++ stable/12/contrib/openbsm/libauditd/auditd_lib.cWed Jan 22 01:10:23 2020(r356962) @@ -193,7 +193,7 @@ affixdir(char *name, struct dir_ent *dirent) /* * If the host is set then also add the hostname to the filename. */ - if (auditd_hostlen != -1) + if (auditd_hostlen > 0) asprintf(, "%s/%s.%s", dirent->dirname, name, auditd_host); else asprintf(, "%s/%s", dirent->dirname, name); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345863 - head/tests/sys/geom/class/eli
Author: pjd Date: Wed Apr 3 23:58:58 2019 New Revision: 345863 URL: https://svnweb.freebsd.org/changeset/base/345863 Log: Update configure tests after addition of the online expansion. Obtained from:Fudo Security Modified: head/tests/sys/geom/class/eli/configure_test.sh Modified: head/tests/sys/geom/class/eli/configure_test.sh == --- head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:57:37 2019(r345862) +++ head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:58:58 2019(r345863) @@ -17,19 +17,19 @@ configure_b_B_body() atf_check geli init -B none -P -K /dev/null ${md} - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli init -B none -b -P -K /dev/null ${md} - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli configure -B ${md} - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli configure -b ${md} - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli attach -p -k /dev/null ${md} @@ -39,13 +39,13 @@ configure_b_B_body() atf_check -o not-match:'^Flags: .*BOOT' geli list ${md}.eli - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli configure -b ${md} atf_check -s exit:0 -o match:'^Flags: .*BOOT' geli list ${md}.eli - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli detach ${md} } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345864 - head/tests/sys/geom/class/eli
Author: pjd Date: Thu Apr 4 00:05:36 2019 New Revision: 345864 URL: https://svnweb.freebsd.org/changeset/base/345864 Log: Implement tests for online expansion: - init, init -R - onetime, onetime -R - 512 and 4k sectors - encryption only - encryption and authentication - configure -r/-R for detached providers - configure -r/-R for attached providers - all keys allocated (10, 20 and 30MB provider sizes) - keys allocated on demand (10, 20 and 30PB provider sizes) - reading and writing to provider after expansion (10-30MB only) - checking if metadata in old location is cleared. Obtained from:Fudo Security Added: head/tests/sys/geom/class/eli/online_resize_test.sh (contents, props changed) Modified: head/tests/sys/geom/class/eli/Makefile Modified: head/tests/sys/geom/class/eli/Makefile == --- head/tests/sys/geom/class/eli/Makefile Wed Apr 3 23:58:58 2019 (r345863) +++ head/tests/sys/geom/class/eli/Makefile Thu Apr 4 00:05:36 2019 (r345864) @@ -16,6 +16,7 @@ ATF_TESTS_SH+=integrity_test ATF_TESTS_SH+= kill_test ATF_TESTS_SH+= misc_test ATF_TESTS_SH+= onetime_test +ATF_TESTS_SH+= online_resize_test ATF_TESTS_SH+= resize_test ATF_TESTS_SH+= setkey_test Added: head/tests/sys/geom/class/eli/online_resize_test.sh == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tests/sys/geom/class/eli/online_resize_test.sh Thu Apr 4 00:05:36 2019(r345864) @@ -0,0 +1,196 @@ +#!/bin/sh +# $FreeBSD$ + +. $(atf_get_srcdir)/conf.sh + +atf_test_case online_resize cleanup +online_resize_head() +{ + atf_set "descr" "online resize of geli providers" + atf_set "require.user" "root" +} +online_resize_body() +{ + geli_test_setup + + ( + echo "m 512 none 10485248 1 1 20971008 1 1 31456768 1 1" + echo "m 4096 none 10481664 1 1 20967424 1 1 31453184 1 1" + echo "m 512 HMAC/SHA256 5242368 1 1 10485248 1 1 15728128 1 1" + echo "m 4096 HMAC/SHA256 9318400 1 1 18640896 1 1 27959296 1 1" + echo "p 512 none 11258999068425728 [0-9] 20971520 22517998136851968 [0-9] 41943040 33776997205278208 [0-9] 62914560" + echo "p 4096 none 11258999068422144 [0-9] 2621440 22517998136848384 [0-9] 5242880 33776997205274624 [0-9] 7864320" + echo "p 512 HMAC/SHA256 5629499534212608 [0-9] 20971520 11258999068425728 [0-9] 41943040 16888498602638848 [0-9] 62914560" + echo "p 4096 HMAC/SHA256 10007999171932160 [0-9] 20971520 20015998343868416 [0-9] 41943040 30023997515800576 [0-9] 62914560" + ) | while read prefix sector auth esize10 ka10 kt10 esize20 ka20 kt20 esize30 ka30 kt30; do + if [ "${auth}" = "none" ]; then + aalgo="" + eflags="0x200" + dflags="0x0" + else + aalgo="-a ${auth}" + eflags="0x210" + dflags="0x10" + fi + + if [ "${prefix}" = "m" ]; then + psize10="10485760" + psize20="20971520" + psize30="31457280" + else + psize10="11258999068426240" + psize20="22517998136852480" + psize30="33776997205278720" + fi + + md=$(attach_md -t malloc -s40${prefix}) + + # Initialise + atf_check -s exit:0 -o ignore gpart create -s GPT ${md} + atf_check -s exit:0 -o ignore gpart add -t freebsd-ufs -s 10${prefix} ${md} + + echo secret >tmp.key + + atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + # Autoresize is set by default. + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + + atf_check geli configure -R ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + atf_check geli configure -r ${md}p1 + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + + atf_check geli init -R ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + + atf_check geli configure -r ${md}p1 + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + atf_check geli configure -R ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + + atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + atf_check geli attach -pk tmp.key ${md}p1 + atf_check -s exit:0 -o
svn commit: r345861 - head/lib/geom/eli
Author: pjd Date: Wed Apr 3 23:50:52 2019 New Revision: 345861 URL: https://svnweb.freebsd.org/changeset/base/345861 Log: - Add missing -T (notrim) option to the label subcommand. - Add missing -T option in the onetime subcommand comment. Obtained from:Fudo Security Modified: head/lib/geom/eli/geom_eli.c Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 22:30:20 2019 (r345860) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) @@ -96,7 +96,7 @@ static int eli_backup_create(struct gctl_req *req, con * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov + * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov * configure [-bBgGtT] prov ... * setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov * delkey [-afv] [-n keyno] prov @@ -145,6 +145,7 @@ struct g_command class_commands[] = { { 'l', "keylen", "0", G_TYPE_NUMBER }, { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL }, { 's', "sectorsize", "0", G_TYPE_NUMBER }, + { 'T', "notrim", NULL, G_TYPE_BOOL }, { 'V', "mdversion", "-1", G_TYPE_NUMBER }, G_OPT_SENTINEL }, ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345862 - in head: lib/geom/eli sys/geom/eli
Author: pjd Date: Wed Apr 3 23:57:37 2019 New Revision: 345862 URL: https://svnweb.freebsd.org/changeset/base/345862 Log: Implement automatic online expansion of GELI providers - if the underlying provider grows, GELI will expand automatically and will move the metadata to the new location of the last sector. This functionality is turned on by default. It can be turned off with the -R flag, but it is not recommended - if the underlying provider grows and automatic expansion is turned off, it won't be possible to attach this provider again, as the metadata is no longer located in the last sector. If the automatic expansion is turned off and the underlying provider grows, GELI will only log a message with the previous size of the provider, so recovery can be easier. Obtained from:Fudo Security Modified: head/lib/geom/eli/geli.8 head/lib/geom/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c head/sys/geom/eli/g_eli_key_cache.c Modified: head/lib/geom/eli/geli.8 == --- head/lib/geom/eli/geli.8Wed Apr 3 23:50:52 2019(r345861) +++ head/lib/geom/eli/geli.8Wed Apr 3 23:57:37 2019(r345862) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2005-2011 Pawel Jakub Dawidek +.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 24, 2018 +.Dd April 3, 2019 .Dt GELI 8 .Os .Sh NAME @@ -51,7 +51,7 @@ utility: .Pp .Nm .Cm init -.Op Fl bdgPTv +.Op Fl bdgPRTv .Op Fl a Ar aalgo .Op Fl B Ar backupfile .Op Fl e Ar ealgo @@ -81,7 +81,7 @@ utility: .Cm detach .Nm .Cm onetime -.Op Fl dT +.Op Fl dRT .Op Fl a Ar aalgo .Op Fl e Ar ealgo .Op Fl l Ar keylen @@ -89,7 +89,7 @@ utility: .Ar prov .Nm .Cm configure -.Op Fl bBdDgGtT +.Op Fl bBdDgGrRtT .Ar prov ... .Nm .Cm setkey @@ -375,6 +375,18 @@ Change decrypted provider's sector size. Increasing the sector size allows increased performance, because encryption/decryption which requires an initialization vector is done per sector; fewer sectors means less computational work. +.It Fl R +Turn off automatic expansion. +By default, if the underlying provider grows, the encrypted provider will +grow automatically too. +The metadata will be moved to the new location. +If automatic expansion if turned off and the underlying provider changes +size, attaching encrypted provider will no longer be possible as the metadata +will no longer be located in the last sector. +In this case +.Nm GELI +will only log the previous size of the underlying provider, so metadata can +be found easier, if resize was done by mistake. .It Fl T Don't pass through .Dv BIO_DELETE @@ -506,6 +518,11 @@ Change decrypted provider's sector size. For more information, see the description of the .Cm init subcommand. +.It Fl R +Turn off automatic expansion. +For more information, see the description of the +.Cm init +subcommand. .It Fl T Disable TRIM/UNMAP passthru. For more information, see the description of the @@ -540,6 +557,13 @@ The boot loader prompts for the passphrase and loads from the encrypted partition. .It Fl G Deactivate booting from this encrypted root partition. +.It Fl r +Turn on automatic expansion. +For more information, see the description of the +.Cm init +subcommand. +.It Fl R +Turn off automatic expansion. .It Fl t Enable TRIM/UNMAP passthru. For more information, see the description of the Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:57:37 2019 (r345862) @@ -1,7 +1,7 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * - * Copyright (c) 2004-2010 Pawel Jakub Dawidek + * Copyright (c) 2004-2019 Pawel Jakub Dawidek * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -91,13 +91,13 @@ static int eli_backup_create(struct gctl_req *req, con /* * Available commands: * - * init [-bdgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... + * init [-bdgPRTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... * label - alias for 'init' * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov - * configure [-bBgGtT] prov ... + * onetime [-dRT] [-a aalgo] [-e ealgo] [-l keylen] prov + * configure [-bBgGrRtT] prov ... * se
svn commit: r345727 - in head: sbin/devd sys/geom
Author: pjd Date: Sat Mar 30 07:24:34 2019 New Revision: 345727 URL: https://svnweb.freebsd.org/changeset/base/345727 Log: Introduce new event SIZECHANGE within GEOM system to inform about GEOM providers mediasize changes. While here, use GEOM nomenclature to describe providers instead of calling them device nodes. Obtained from:Fudo Security Tested in:AWS Modified: head/sbin/devd/devd.conf.5 head/sys/geom/geom_dev.c Modified: head/sbin/devd/devd.conf.5 == --- head/sbin/devd/devd.conf.5 Sat Mar 30 07:20:28 2019(r345726) +++ head/sbin/devd/devd.conf.5 Sat Mar 30 07:24:34 2019(r345727) @@ -41,7 +41,7 @@ .\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS .\" SOFTWARE. .\" -.Dd July 20, 2018 +.Dd March 29, 2019 .Dt DEVD.CONF 5 .Os .Sh NAME @@ -432,15 +432,19 @@ only includes disk-like devices. .It Li CREATE A .Xr geom 4 -device node is created. +provider is created. .It Li DESTROY A .Xr geom 4 -device node is destroyed. +provider is destroyed. .It Li GEOM::physpath The physical path of a device has changed. .It Li MEDIACHANGE Physical media has changed. +.It Li SIZECHANGE +A +.Xr geom 4 +provider size has changed. .El .El .Pp Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cSat Mar 30 07:20:28 2019(r345726) +++ head/sys/geom/geom_dev.cSat Mar 30 07:24:34 2019(r345727) @@ -92,6 +92,7 @@ static g_fini_t g_dev_fini; static g_taste_t g_dev_taste; static g_orphan_t g_dev_orphan; static g_attrchanged_t g_dev_attrchanged; +static g_resize_t g_dev_resize; static struct g_class g_dev_class = { .name = "DEV", @@ -100,7 +101,8 @@ static struct g_class g_dev_class = { .fini = g_dev_fini, .taste = g_dev_taste, .orphan = g_dev_orphan, - .attrchanged = g_dev_attrchanged + .attrchanged = g_dev_attrchanged, + .resize = g_dev_resize }; /* @@ -300,6 +302,15 @@ g_dev_attrchanged(struct g_consumer *cp, const char *a g_dev_set_physpath(cp); return; } +} + +static void +g_dev_resize(struct g_consumer *cp) +{ + char buf[SPECNAMELEN + 6]; + + snprintf(buf, sizeof(buf), "cdev=%s", cp->provider->name); + devctl_notify_f("GEOM", "DEV", "SIZECHANGE", buf, M_WAITOK); } struct g_provider * ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345726 - head/sys/dev/xen/blkfront
Author: pjd Date: Sat Mar 30 07:20:28 2019 New Revision: 345726 URL: https://svnweb.freebsd.org/changeset/base/345726 Log: Implement support for online disk capacity changes. Obtained from:Fudo Security Tested in:AWS Modified: head/sys/dev/xen/blkfront/blkfront.c Modified: head/sys/dev/xen/blkfront/blkfront.c == --- head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 01:56:53 2019 (r345725) +++ head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 07:20:28 2019 (r345726) @@ -1227,11 +1227,40 @@ xbd_connect(struct xbd_softc *sc) int err, feature_barrier, feature_flush; int i, j; - if (sc->xbd_state == XBD_STATE_CONNECTED || - sc->xbd_state == XBD_STATE_SUSPENDED) + DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev)); + + if (sc->xbd_state == XBD_STATE_SUSPENDED) { return; + } - DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev)); + if (sc->xbd_state == XBD_STATE_CONNECTED) { + struct disk *disk; + + disk = sc->xbd_disk; + if (disk == NULL) { + return; + } + err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev), + "sectors", "%lu", , NULL); + if (err != 0) { + xenbus_dev_error(dev, err, + "reading sectors at %s", + xenbus_get_otherend_path(dev)); + return; + } + disk->d_mediasize = disk->d_sectorsize * sectors; + err = disk_resize(disk, M_NOWAIT); + if (err) { + xenbus_dev_error(dev, err, + "unable to resize disk %s%u", + disk->d_name, disk->d_unit); + return; + } + device_printf(sc->xbd_dev, + "changed capacity to %jd\n", + (intmax_t)disk->d_mediasize); + return; + } err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev), "sectors", "%lu", , ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345728 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Sat Mar 30 07:29:20 2019 New Revision: 345728 URL: https://svnweb.freebsd.org/changeset/base/345728 Log: If the autoexpand pool property is turned on and vdev is healthy try to expand the pool automatically when we detect underlying GEOM provider size change. Obtained from:Fudo Security Tested in:AWS Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar 30 07:24:34 2019(r345727) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar 30 07:29:20 2019(r345728) @@ -158,6 +158,29 @@ vdev_geom_attrchanged(struct g_consumer *cp, const cha } static void +vdev_geom_resize(struct g_consumer *cp) +{ + struct consumer_priv_t *priv; + struct consumer_vdev_elem *elem; + spa_t *spa; + vdev_t *vd; + + priv = (struct consumer_priv_t *)>private; + if (SLIST_EMPTY(priv)) + return; + + SLIST_FOREACH(elem, priv, elems) { + vd = elem->vd; + if (vd->vdev_state != VDEV_STATE_HEALTHY) + continue; + spa = vd->vdev_spa; + if (!spa->spa_autoexpand) + continue; + vdev_online(spa, vd->vdev_guid, ZFS_ONLINE_EXPAND, NULL); + } +} + +static void vdev_geom_orphan(struct g_consumer *cp) { struct consumer_priv_t *priv; @@ -229,6 +252,7 @@ vdev_geom_attach(struct g_provider *pp, vdev_t *vd, bo gp = g_new_geomf(_vdev_class, "zfs::vdev"); gp->orphan = vdev_geom_orphan; gp->attrchanged = vdev_geom_attrchanged; + gp->resize = vdev_geom_resize; cp = g_new_consumer(gp); error = g_attach(cp, pp); if (error != 0) { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345864 - head/tests/sys/geom/class/eli
Author: pjd Date: Thu Apr 4 00:05:36 2019 New Revision: 345864 URL: https://svnweb.freebsd.org/changeset/base/345864 Log: Implement tests for online expansion: - init, init -R - onetime, onetime -R - 512 and 4k sectors - encryption only - encryption and authentication - configure -r/-R for detached providers - configure -r/-R for attached providers - all keys allocated (10, 20 and 30MB provider sizes) - keys allocated on demand (10, 20 and 30PB provider sizes) - reading and writing to provider after expansion (10-30MB only) - checking if metadata in old location is cleared. Obtained from:Fudo Security Added: head/tests/sys/geom/class/eli/online_resize_test.sh (contents, props changed) Modified: head/tests/sys/geom/class/eli/Makefile Modified: head/tests/sys/geom/class/eli/Makefile == --- head/tests/sys/geom/class/eli/Makefile Wed Apr 3 23:58:58 2019 (r345863) +++ head/tests/sys/geom/class/eli/Makefile Thu Apr 4 00:05:36 2019 (r345864) @@ -16,6 +16,7 @@ ATF_TESTS_SH+=integrity_test ATF_TESTS_SH+= kill_test ATF_TESTS_SH+= misc_test ATF_TESTS_SH+= onetime_test +ATF_TESTS_SH+= online_resize_test ATF_TESTS_SH+= resize_test ATF_TESTS_SH+= setkey_test Added: head/tests/sys/geom/class/eli/online_resize_test.sh == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/tests/sys/geom/class/eli/online_resize_test.sh Thu Apr 4 00:05:36 2019(r345864) @@ -0,0 +1,196 @@ +#!/bin/sh +# $FreeBSD$ + +. $(atf_get_srcdir)/conf.sh + +atf_test_case online_resize cleanup +online_resize_head() +{ + atf_set "descr" "online resize of geli providers" + atf_set "require.user" "root" +} +online_resize_body() +{ + geli_test_setup + + ( + echo "m 512 none 10485248 1 1 20971008 1 1 31456768 1 1" + echo "m 4096 none 10481664 1 1 20967424 1 1 31453184 1 1" + echo "m 512 HMAC/SHA256 5242368 1 1 10485248 1 1 15728128 1 1" + echo "m 4096 HMAC/SHA256 9318400 1 1 18640896 1 1 27959296 1 1" + echo "p 512 none 11258999068425728 [0-9] 20971520 22517998136851968 [0-9] 41943040 33776997205278208 [0-9] 62914560" + echo "p 4096 none 11258999068422144 [0-9] 2621440 22517998136848384 [0-9] 5242880 33776997205274624 [0-9] 7864320" + echo "p 512 HMAC/SHA256 5629499534212608 [0-9] 20971520 11258999068425728 [0-9] 41943040 16888498602638848 [0-9] 62914560" + echo "p 4096 HMAC/SHA256 10007999171932160 [0-9] 20971520 20015998343868416 [0-9] 41943040 30023997515800576 [0-9] 62914560" + ) | while read prefix sector auth esize10 ka10 kt10 esize20 ka20 kt20 esize30 ka30 kt30; do + if [ "${auth}" = "none" ]; then + aalgo="" + eflags="0x200" + dflags="0x0" + else + aalgo="-a ${auth}" + eflags="0x210" + dflags="0x10" + fi + + if [ "${prefix}" = "m" ]; then + psize10="10485760" + psize20="20971520" + psize30="31457280" + else + psize10="11258999068426240" + psize20="22517998136852480" + psize30="33776997205278720" + fi + + md=$(attach_md -t malloc -s40${prefix}) + + # Initialise + atf_check -s exit:0 -o ignore gpart create -s GPT ${md} + atf_check -s exit:0 -o ignore gpart add -t freebsd-ufs -s 10${prefix} ${md} + + echo secret >tmp.key + + atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + # Autoresize is set by default. + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + + atf_check geli configure -R ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + atf_check geli configure -r ${md}p1 + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + + atf_check geli init -R ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + + atf_check geli configure -r ${md}p1 + atf_check -s exit:0 -o match:"flags: ${eflags}$" geli dump ${md}p1 + atf_check geli configure -R ${md}p1 + atf_check -s exit:0 -o match:"flags: ${dflags}$" geli dump ${md}p1 + + atf_check geli init ${aalgo} -s ${sector} -Bnone -PKtmp.key ${md}p1 + atf_check geli attach -pk tmp.key ${md}p1 + atf_check -s exit:0 -o
svn commit: r345863 - head/tests/sys/geom/class/eli
Author: pjd Date: Wed Apr 3 23:58:58 2019 New Revision: 345863 URL: https://svnweb.freebsd.org/changeset/base/345863 Log: Update configure tests after addition of the online expansion. Obtained from:Fudo Security Modified: head/tests/sys/geom/class/eli/configure_test.sh Modified: head/tests/sys/geom/class/eli/configure_test.sh == --- head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:57:37 2019(r345862) +++ head/tests/sys/geom/class/eli/configure_test.sh Wed Apr 3 23:58:58 2019(r345863) @@ -17,19 +17,19 @@ configure_b_B_body() atf_check geli init -B none -P -K /dev/null ${md} - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli init -B none -b -P -K /dev/null ${md} - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli configure -B ${md} - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli configure -b ${md} - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli attach -p -k /dev/null ${md} @@ -39,13 +39,13 @@ configure_b_B_body() atf_check -o not-match:'^Flags: .*BOOT' geli list ${md}.eli - atf_check -s exit:0 -o match:'flags: 0x0$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x200$' geli dump ${md} atf_check geli configure -b ${md} atf_check -s exit:0 -o match:'^Flags: .*BOOT' geli list ${md}.eli - atf_check -s exit:0 -o match:'flags: 0x2$' geli dump ${md} + atf_check -s exit:0 -o match:'flags: 0x202$' geli dump ${md} atf_check geli detach ${md} } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345862 - in head: lib/geom/eli sys/geom/eli
Author: pjd Date: Wed Apr 3 23:57:37 2019 New Revision: 345862 URL: https://svnweb.freebsd.org/changeset/base/345862 Log: Implement automatic online expansion of GELI providers - if the underlying provider grows, GELI will expand automatically and will move the metadata to the new location of the last sector. This functionality is turned on by default. It can be turned off with the -R flag, but it is not recommended - if the underlying provider grows and automatic expansion is turned off, it won't be possible to attach this provider again, as the metadata is no longer located in the last sector. If the automatic expansion is turned off and the underlying provider grows, GELI will only log a message with the previous size of the provider, so recovery can be easier. Obtained from:Fudo Security Modified: head/lib/geom/eli/geli.8 head/lib/geom/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c head/sys/geom/eli/g_eli_key_cache.c Modified: head/lib/geom/eli/geli.8 == --- head/lib/geom/eli/geli.8Wed Apr 3 23:50:52 2019(r345861) +++ head/lib/geom/eli/geli.8Wed Apr 3 23:57:37 2019(r345862) @@ -1,4 +1,4 @@ -.\" Copyright (c) 2005-2011 Pawel Jakub Dawidek +.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd July 24, 2018 +.Dd April 3, 2019 .Dt GELI 8 .Os .Sh NAME @@ -51,7 +51,7 @@ utility: .Pp .Nm .Cm init -.Op Fl bdgPTv +.Op Fl bdgPRTv .Op Fl a Ar aalgo .Op Fl B Ar backupfile .Op Fl e Ar ealgo @@ -81,7 +81,7 @@ utility: .Cm detach .Nm .Cm onetime -.Op Fl dT +.Op Fl dRT .Op Fl a Ar aalgo .Op Fl e Ar ealgo .Op Fl l Ar keylen @@ -89,7 +89,7 @@ utility: .Ar prov .Nm .Cm configure -.Op Fl bBdDgGtT +.Op Fl bBdDgGrRtT .Ar prov ... .Nm .Cm setkey @@ -375,6 +375,18 @@ Change decrypted provider's sector size. Increasing the sector size allows increased performance, because encryption/decryption which requires an initialization vector is done per sector; fewer sectors means less computational work. +.It Fl R +Turn off automatic expansion. +By default, if the underlying provider grows, the encrypted provider will +grow automatically too. +The metadata will be moved to the new location. +If automatic expansion if turned off and the underlying provider changes +size, attaching encrypted provider will no longer be possible as the metadata +will no longer be located in the last sector. +In this case +.Nm GELI +will only log the previous size of the underlying provider, so metadata can +be found easier, if resize was done by mistake. .It Fl T Don't pass through .Dv BIO_DELETE @@ -506,6 +518,11 @@ Change decrypted provider's sector size. For more information, see the description of the .Cm init subcommand. +.It Fl R +Turn off automatic expansion. +For more information, see the description of the +.Cm init +subcommand. .It Fl T Disable TRIM/UNMAP passthru. For more information, see the description of the @@ -540,6 +557,13 @@ The boot loader prompts for the passphrase and loads from the encrypted partition. .It Fl G Deactivate booting from this encrypted root partition. +.It Fl r +Turn on automatic expansion. +For more information, see the description of the +.Cm init +subcommand. +.It Fl R +Turn off automatic expansion. .It Fl t Enable TRIM/UNMAP passthru. For more information, see the description of the Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:57:37 2019 (r345862) @@ -1,7 +1,7 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * - * Copyright (c) 2004-2010 Pawel Jakub Dawidek + * Copyright (c) 2004-2019 Pawel Jakub Dawidek * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -91,13 +91,13 @@ static int eli_backup_create(struct gctl_req *req, con /* * Available commands: * - * init [-bdgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... + * init [-bdgPRTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov ... * label - alias for 'init' * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov - * configure [-bBgGtT] prov ... + * onetime [-dRT] [-a aalgo] [-e ealgo] [-l keylen] prov + * configure [-bBgGrRtT] prov ... * se
svn commit: r345861 - head/lib/geom/eli
Author: pjd Date: Wed Apr 3 23:50:52 2019 New Revision: 345861 URL: https://svnweb.freebsd.org/changeset/base/345861 Log: - Add missing -T (notrim) option to the label subcommand. - Add missing -T option in the onetime subcommand comment. Obtained from:Fudo Security Modified: head/lib/geom/eli/geom_eli.c Modified: head/lib/geom/eli/geom_eli.c == --- head/lib/geom/eli/geom_eli.cWed Apr 3 22:30:20 2019 (r345860) +++ head/lib/geom/eli/geom_eli.cWed Apr 3 23:50:52 2019 (r345861) @@ -96,7 +96,7 @@ static int eli_backup_create(struct gctl_req *req, con * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov ... * detach [-fl] prov ... * stop - alias for 'detach' - * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov + * onetime [-dT] [-a aalgo] [-e ealgo] [-l keylen] prov * configure [-bBgGtT] prov ... * setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov * delkey [-afv] [-n keyno] prov @@ -145,6 +145,7 @@ struct g_command class_commands[] = { { 'l', "keylen", "0", G_TYPE_NUMBER }, { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL }, { 's', "sectorsize", "0", G_TYPE_NUMBER }, + { 'T', "notrim", NULL, G_TYPE_BOOL }, { 'V', "mdversion", "-1", G_TYPE_NUMBER }, G_OPT_SENTINEL }, ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345728 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Sat Mar 30 07:29:20 2019 New Revision: 345728 URL: https://svnweb.freebsd.org/changeset/base/345728 Log: If the autoexpand pool property is turned on and vdev is healthy try to expand the pool automatically when we detect underlying GEOM provider size change. Obtained from:Fudo Security Tested in:AWS Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar 30 07:24:34 2019(r345727) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Sat Mar 30 07:29:20 2019(r345728) @@ -158,6 +158,29 @@ vdev_geom_attrchanged(struct g_consumer *cp, const cha } static void +vdev_geom_resize(struct g_consumer *cp) +{ + struct consumer_priv_t *priv; + struct consumer_vdev_elem *elem; + spa_t *spa; + vdev_t *vd; + + priv = (struct consumer_priv_t *)>private; + if (SLIST_EMPTY(priv)) + return; + + SLIST_FOREACH(elem, priv, elems) { + vd = elem->vd; + if (vd->vdev_state != VDEV_STATE_HEALTHY) + continue; + spa = vd->vdev_spa; + if (!spa->spa_autoexpand) + continue; + vdev_online(spa, vd->vdev_guid, ZFS_ONLINE_EXPAND, NULL); + } +} + +static void vdev_geom_orphan(struct g_consumer *cp) { struct consumer_priv_t *priv; @@ -229,6 +252,7 @@ vdev_geom_attach(struct g_provider *pp, vdev_t *vd, bo gp = g_new_geomf(_vdev_class, "zfs::vdev"); gp->orphan = vdev_geom_orphan; gp->attrchanged = vdev_geom_attrchanged; + gp->resize = vdev_geom_resize; cp = g_new_consumer(gp); error = g_attach(cp, pp); if (error != 0) { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345726 - head/sys/dev/xen/blkfront
Author: pjd Date: Sat Mar 30 07:20:28 2019 New Revision: 345726 URL: https://svnweb.freebsd.org/changeset/base/345726 Log: Implement support for online disk capacity changes. Obtained from:Fudo Security Tested in:AWS Modified: head/sys/dev/xen/blkfront/blkfront.c Modified: head/sys/dev/xen/blkfront/blkfront.c == --- head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 01:56:53 2019 (r345725) +++ head/sys/dev/xen/blkfront/blkfront.cSat Mar 30 07:20:28 2019 (r345726) @@ -1227,11 +1227,40 @@ xbd_connect(struct xbd_softc *sc) int err, feature_barrier, feature_flush; int i, j; - if (sc->xbd_state == XBD_STATE_CONNECTED || - sc->xbd_state == XBD_STATE_SUSPENDED) + DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev)); + + if (sc->xbd_state == XBD_STATE_SUSPENDED) { return; + } - DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev)); + if (sc->xbd_state == XBD_STATE_CONNECTED) { + struct disk *disk; + + disk = sc->xbd_disk; + if (disk == NULL) { + return; + } + err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev), + "sectors", "%lu", , NULL); + if (err != 0) { + xenbus_dev_error(dev, err, + "reading sectors at %s", + xenbus_get_otherend_path(dev)); + return; + } + disk->d_mediasize = disk->d_sectorsize * sectors; + err = disk_resize(disk, M_NOWAIT); + if (err) { + xenbus_dev_error(dev, err, + "unable to resize disk %s%u", + disk->d_name, disk->d_unit); + return; + } + device_printf(sc->xbd_dev, + "changed capacity to %jd\n", + (intmax_t)disk->d_mediasize); + return; + } err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev), "sectors", "%lu", , ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r345727 - in head: sbin/devd sys/geom
Author: pjd Date: Sat Mar 30 07:24:34 2019 New Revision: 345727 URL: https://svnweb.freebsd.org/changeset/base/345727 Log: Introduce new event SIZECHANGE within GEOM system to inform about GEOM providers mediasize changes. While here, use GEOM nomenclature to describe providers instead of calling them device nodes. Obtained from:Fudo Security Tested in:AWS Modified: head/sbin/devd/devd.conf.5 head/sys/geom/geom_dev.c Modified: head/sbin/devd/devd.conf.5 == --- head/sbin/devd/devd.conf.5 Sat Mar 30 07:20:28 2019(r345726) +++ head/sbin/devd/devd.conf.5 Sat Mar 30 07:24:34 2019(r345727) @@ -41,7 +41,7 @@ .\" ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS .\" SOFTWARE. .\" -.Dd July 20, 2018 +.Dd March 29, 2019 .Dt DEVD.CONF 5 .Os .Sh NAME @@ -432,15 +432,19 @@ only includes disk-like devices. .It Li CREATE A .Xr geom 4 -device node is created. +provider is created. .It Li DESTROY A .Xr geom 4 -device node is destroyed. +provider is destroyed. .It Li GEOM::physpath The physical path of a device has changed. .It Li MEDIACHANGE Physical media has changed. +.It Li SIZECHANGE +A +.Xr geom 4 +provider size has changed. .El .El .Pp Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cSat Mar 30 07:20:28 2019(r345726) +++ head/sys/geom/geom_dev.cSat Mar 30 07:24:34 2019(r345727) @@ -92,6 +92,7 @@ static g_fini_t g_dev_fini; static g_taste_t g_dev_taste; static g_orphan_t g_dev_orphan; static g_attrchanged_t g_dev_attrchanged; +static g_resize_t g_dev_resize; static struct g_class g_dev_class = { .name = "DEV", @@ -100,7 +101,8 @@ static struct g_class g_dev_class = { .fini = g_dev_fini, .taste = g_dev_taste, .orphan = g_dev_orphan, - .attrchanged = g_dev_attrchanged + .attrchanged = g_dev_attrchanged, + .resize = g_dev_resize }; /* @@ -300,6 +302,15 @@ g_dev_attrchanged(struct g_consumer *cp, const char *a g_dev_set_physpath(cp); return; } +} + +static void +g_dev_resize(struct g_consumer *cp) +{ + char buf[SPECNAMELEN + 6]; + + snprintf(buf, sizeof(buf), "cdev=%s", cp->provider->name); + devctl_notify_f("GEOM", "DEV", "SIZECHANGE", buf, M_WAITOK); } struct g_provider * ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r344690 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Fri Mar 1 05:54:13 2019 New Revision: 344690 URL: https://svnweb.freebsd.org/changeset/base/344690 Log: Improve readability of the code by making it explicit where the 'c' variable starts. It is also more consistent with similar code in this file. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cFri Mar 1 05:04:29 2019(r344689) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cFri Mar 1 05:54:13 2019(r344690) @@ -568,7 +568,7 @@ vdev_raidz_map_alloc(abd_t *abd, uint64_t size, uint64 abd_alloc_linear(rm->rm_col[c].rc_size, B_TRUE); } - for (off = 0; c < acols; c++) { + for (off = 0, c = rm->rm_firstdatacol; c < acols; c++) { rm->rm_col[c].rc_abd = abd_get_offset(abd, off); off += rm->rm_col[c].rc_size; } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r344325 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Wed Feb 20 00:25:45 2019 New Revision: 344325 URL: https://svnweb.freebsd.org/changeset/base/344325 Log: Simplify the code. No functional changes. Reviewed by: rpokala Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cWed Feb 20 00:19:11 2019(r344324) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cWed Feb 20 00:25:45 2019(r344325) @@ -568,10 +568,7 @@ vdev_raidz_map_alloc(abd_t *abd, uint64_t size, uint64 abd_alloc_linear(rm->rm_col[c].rc_size, B_TRUE); } - rm->rm_col[c].rc_abd = abd_get_offset(abd, 0); - off = rm->rm_col[c].rc_size; - - for (c = c + 1; c < acols; c++) { + for (off = 0; c < acols; c++) { rm->rm_col[c].rc_abd = abd_get_offset(abd, off); off += rm->rm_col[c].rc_size; } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r344320 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:53:33 2019 New Revision: 344320 URL: https://svnweb.freebsd.org/changeset/base/344320 Log: Simplify the code. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c Tue Feb 19 23:44:00 2019(r344319) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c Tue Feb 19 23:53:33 2019(r344320) @@ -360,16 +360,13 @@ trim_map_write_start(zio_t *zio) return (B_FALSE); } - ts = avl_find(>tm_queued_frees, , NULL); - if (ts != NULL) { - /* -* Loop until all overlapping segments are removed. -*/ - do { - trim_map_segment_remove(tm, ts, start, end); - ts = avl_find(>tm_queued_frees, , NULL); - } while (ts != NULL); + /* +* Loop until all overlapping segments are removed. +*/ + while ((ts = avl_find(>tm_queued_frees, , NULL)) != NULL) { + trim_map_segment_remove(tm, ts, start, end); } + avl_add(>tm_inflight_writes, zio); mutex_exit(>tm_lock); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r344319 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:44:00 2019 New Revision: 344319 URL: https://svnweb.freebsd.org/changeset/base/344319 Log: Correct typo in the comment. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:43:15 2019(r344318) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:44:00 2019(r344319) @@ -2558,7 +2558,7 @@ vdev_raidz_io_done(zio_t *zio) /* * We're here because either: * -* total_errors == rm_first_datacol, or +* total_errors == rm_firstdatacol, or * vdev_raidz_combrec() failed * * In either case, there is enough bad data to prevent ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r344318 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:43:15 2019 New Revision: 344318 URL: https://svnweb.freebsd.org/changeset/base/344318 Log: Change assertion to log the incorrect io_type we've got. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:41:23 2019(r344317) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:43:15 2019(r344318) @@ -2020,7 +2020,7 @@ vdev_raidz_io_start(zio_t *zio) return; } - ASSERT(zio->io_type == ZIO_TYPE_READ); + ASSERT3U(zio->io_type, ==, ZIO_TYPE_READ); /* * Iterate over the columns in reverse order so that we hit the parity ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r344317 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:41:23 2019 New Revision: 344317 URL: https://svnweb.freebsd.org/changeset/base/344317 Log: Grabage-collect no longer used variable. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:35:55 2019(r344316) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.cTue Feb 19 23:41:23 2019(r344317) @@ -270,7 +270,6 @@ static void vdev_raidz_map_free(raidz_map_t *rm) { int c; - size_t size; for (c = 0; c < rm->rm_firstdatacol; c++) { if (rm->rm_col[c].rc_abd != NULL) @@ -281,11 +280,9 @@ vdev_raidz_map_free(raidz_map_t *rm) rm->rm_col[c].rc_size); } - size = 0; for (c = rm->rm_firstdatacol; c < rm->rm_cols; c++) { if (rm->rm_col[c].rc_abd != NULL) abd_put(rm->rm_col[c].rc_abd); - size += rm->rm_col[c].rc_size; } if (rm->rm_abd_copy != NULL) ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r344316 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:35:55 2019 New Revision: 344316 URL: https://svnweb.freebsd.org/changeset/base/344316 Log: The way ZFS searches for its vdevs is the following: first it looks for a vdev that has the same name as the one stored in metadata and that has all VDEV labels in place. If it cannot find a GEOM provider with the given name and all VDEV labels it will scan all GEOM providers for the best match (the most VDEV labels available), but here the name is ignored. In case the ZFS pool is created, eg. using GPT partition label: # zpool create tank /dev/gpt/tank everything works, and on every import ZFS will pick /dev/gpt/tank and not /dev/da0p4. The problem occurs when da0p4 is extended and ZFS is unable to find all VDEV labels in /dev/gpt/tank anymore (the VDEV labels stored at the end of the partition are now somewhere else). In this case it will scan all GEOM providers and will pick the first one with the best match, ie. da0p4. Fix this problem by checking the VDEV/provider name even if we get the same match. If the name is the same as the one we have in pool's metadata, prefer this GEOM provider. Reported by: oshogbo, Michal Mroz Tested by:Michal Mroz Obtained from:Fudo Security Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb 19 23:24:39 2019(r344315) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb 19 23:35:55 2019(r344316) @@ -692,10 +692,12 @@ vdev_geom_attach_by_guids(vdev_t *vd) struct g_geom *gp; struct g_provider *pp, *best_pp; struct g_consumer *cp; + const char *vdpath; enum match match, best_match; g_topology_assert(); + vdpath = vd->vdev_path + sizeof("/dev/") - 1; cp = NULL; best_pp = NULL; best_match = NO_MATCH; @@ -710,6 +712,10 @@ vdev_geom_attach_by_guids(vdev_t *vd) if (match > best_match) { best_match = match; best_pp = pp; + } else if (match == best_match) { + if (strcmp(pp->name, vdpath) == 0) { + best_pp = pp; + } } if (match == FULL_MATCH) goto out; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r344314 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Author: pjd Date: Tue Feb 19 23:22:39 2019 New Revision: 344314 URL: https://svnweb.freebsd.org/changeset/base/344314 Log: In the vdev_geom_open_by_path() function we assume that vdev path starts with "/dev/". Make sure this is the case. Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c == --- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb 19 22:46:50 2019(r344313) +++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c Tue Feb 19 23:22:39 2019(r344314) @@ -794,7 +794,7 @@ vdev_geom_open(vdev_t *vd, uint64_t *psize, uint64_t * /* * We must have a pathname, and it must be absolute. */ - if (vd->vdev_path == NULL || vd->vdev_path[0] != '/') { + if (vd->vdev_path == NULL || strncmp(vd->vdev_path, "/dev/", 5) != 0) { vd->vdev_stat.vs_aux = VDEV_AUX_BAD_LABEL; return (EINVAL); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r342873 - head/contrib/openbsm/libauditd
Author: pjd Date: Wed Jan 9 01:16:35 2019 New Revision: 342873 URL: https://svnweb.freebsd.org/changeset/base/342873 Log: In r316006 the getstrfromtype_locked() function was modified to return an empty string, instead of NULL, if an entry is missing in the audit_control file. Because of that change the getachost() function started to return success even if the host name was not defined in the audit_control. This in turn led to auditd_hostlen always being set (for an empty host it was set to 0). If auditd_hostlen was not equal to -1 we were trying to append the host name to trail file name. All this led to situation where when host name is not defined in audit_control, auditd will create trail files with a leading '.', which breaks auditdistd as it doesn't work with longer audit trail file names. Fix this by appending host name to the trail file name only if the host name is not empty. Modified: head/contrib/openbsm/libauditd/auditd_lib.c Modified: head/contrib/openbsm/libauditd/auditd_lib.c == --- head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 9 01:11:19 2019 (r342872) +++ head/contrib/openbsm/libauditd/auditd_lib.c Wed Jan 9 01:16:35 2019 (r342873) @@ -193,7 +193,7 @@ affixdir(char *name, struct dir_ent *dirent) /* * If the host is set then also add the hostname to the filename. */ - if (auditd_hostlen != -1) + if (auditd_hostlen > 0) asprintf(, "%s/%s.%s", dirent->dirname, name, auditd_host); else asprintf(, "%s/%s", dirent->dirname, name); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r341675 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Fri Dec 7 03:13:36 2018 New Revision: 341675 URL: https://svnweb.freebsd.org/changeset/base/341675 Log: Consider the following situation: The sender has .not_terminated file. It gets disconnected. The last trail file is then terminated without adding new data (this can happen for example when auditd is being stopped on the sender). After reconnect the .not_terminated was not renamed on the receiver as it should. We were already handling similar situation where the sender crashed and the .not_terminated trail file was renamed to .crash_recovery. Extend this case to handle the situation above. Modified: head/contrib/openbsm/bin/auditdistd/trail.c Modified: head/contrib/openbsm/bin/auditdistd/trail.c == --- head/contrib/openbsm/bin/auditdistd/trail.c Fri Dec 7 02:44:04 2018 (r341674) +++ head/contrib/openbsm/bin/auditdistd/trail.c Fri Dec 7 03:13:36 2018 (r341675) @@ -264,6 +264,12 @@ again: * 2. It is fully sent, but is not terminated, so new data can be *appended still, or * 3. It is fully sent but file name has changed. +*There are two cases here: +*3a. Sender has crashed and the name has changed from +*.not_terminated to .crash_recovery. +*3b. Sender was disconnected, no new data was added to the file, +*but its name has changed from .not_terminated to terminated +*name. * * Note that we are fine if our .not_terminated or .crash_recovery file * is smaller than the one on the receiver side, as it is possible that @@ -275,7 +281,7 @@ again: (offset >= sb.st_size && trail_is_not_terminated(trail->tr_filename)) || (offset >= sb.st_size && trail_is_not_terminated(filename) && -trail_is_crash_recovery(trail->tr_filename))) { +!trail_is_not_terminated(trail->tr_filename))) { /* File was not fully send. Let's finish it. */ if (lseek(fd, offset, SEEK_SET) == -1) { pjdlog_errno(LOG_ERR, ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r339178 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Thu Oct 4 05:57:27 2018 New Revision: 339178 URL: https://svnweb.freebsd.org/changeset/base/339178 Log: Remove invalid comments and correct some typos. Approved by: re (kib) Modified: head/contrib/openbsm/bin/auditdistd/receiver.c head/contrib/openbsm/bin/auditdistd/sender.c Modified: head/contrib/openbsm/bin/auditdistd/receiver.c == --- head/contrib/openbsm/bin/auditdistd/receiver.c Thu Oct 4 05:54:57 2018(r339177) +++ head/contrib/openbsm/bin/auditdistd/receiver.c Thu Oct 4 05:57:27 2018(r339178) @@ -140,7 +140,7 @@ static void adreq_decode_and_validate_header(struct adreq *adreq) { - /* Byte-swap only is the sender is using different byte order. */ + /* Byte-swap only if the sender is using different byte order. */ if (adreq->adr_byteorder != ADIST_BYTEORDER) { adreq->adr_byteorder = ADIST_BYTEORDER; adreq->adr_seq = bswap64(adreq->adr_seq); Modified: head/contrib/openbsm/bin/auditdistd/sender.c == --- head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:54:57 2018(r339177) +++ head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:57:27 2018(r339178) @@ -512,9 +512,6 @@ keepalive_send(void) pjdlog_debug(3, "keepalive_send: Request sent."); } -/* - * Thread sends request to secondary node. - */ static void * send_thread(void *arg __unused) { @@ -574,7 +571,7 @@ static void adrep_decode_header(struct adrep *adrep) { - /* Byte-swap only is the receiver is using different byte order. */ + /* Byte-swap only if the receiver is using different byte order. */ if (adrep->adrp_byteorder != ADIST_BYTEORDER) { adrep->adrp_byteorder = ADIST_BYTEORDER; adrep->adrp_seq = bswap64(adrep->adrp_seq); @@ -582,10 +579,6 @@ adrep_decode_header(struct adrep *adrep) } } -/* - * Thread receives answer from secondary node and passes it to ggate_send - * thread. - */ static void * recv_thread(void *arg __unused) { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r339177 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Thu Oct 4 05:54:57 2018 New Revision: 339177 URL: https://svnweb.freebsd.org/changeset/base/339177 Log: When the adist_free list is empty and we lose connection to the receiver we move all elements from the adist_send and adist_recv lists back onto the adist_free list, but we don't wake consumers waitings for the adist_free list to become non-empty. This can lead to the sender process stopping audit trail files distribution and waiting forever. Fix the problem by adding the missing wakeup. While here slow down spinning on CPU in case of a short race in sender_disconnect() and add an explaination when it can occur. PR: 201953 Reported by: peter Approved by: re (kib) Modified: head/contrib/openbsm/bin/auditdistd/auditdistd.h head/contrib/openbsm/bin/auditdistd/sender.c Modified: head/contrib/openbsm/bin/auditdistd/auditdistd.h == --- head/contrib/openbsm/bin/auditdistd/auditdistd.hThu Oct 4 05:48:09 2018(r339176) +++ head/contrib/openbsm/bin/auditdistd/auditdistd.hThu Oct 4 05:54:57 2018(r339177) @@ -248,6 +248,21 @@ struct adrep { if (_wakeup)\ cv_signal(list##_cond); \ } while (0) +#defineQUEUE_CONCAT2(tolist, fromlist1, fromlist2) do { \ + bool _wakeup; \ + \ + mtx_lock(tolist##_lock);\ + _wakeup = TAILQ_EMPTY(tolist); \ + mtx_lock(fromlist1##_lock); \ + TAILQ_CONCAT((tolist), (fromlist1), adr_next); \ + mtx_unlock(fromlist1##_lock); \ + mtx_lock(fromlist2##_lock); \ + TAILQ_CONCAT((tolist), (fromlist2), adr_next); \ + mtx_unlock(fromlist2##_lock); \ + mtx_unlock(tolist##_lock); \ + if (_wakeup)\ + cv_signal(tolist##_cond); \ +} while (0) #defineQUEUE_WAIT(list)do { \ mtx_lock(list##_lock); \ while (TAILQ_EMPTY(list)) \ Modified: head/contrib/openbsm/bin/auditdistd/sender.c == --- head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:48:09 2018(r339176) +++ head/contrib/openbsm/bin/auditdistd/sender.cThu Oct 4 05:54:57 2018(r339177) @@ -342,14 +342,7 @@ sender_disconnect(void) pjdlog_warning("Disconnected from %s.", adhost->adh_remoteaddr); /* Move all in-flight requests back onto free list. */ - mtx_lock(_free_list_lock); - mtx_lock(_send_list_lock); - TAILQ_CONCAT(_free_list, _send_list, adr_next); - mtx_unlock(_send_list_lock); - mtx_lock(_recv_list_lock); - TAILQ_CONCAT(_free_list, _recv_list, adr_next); - mtx_unlock(_recv_list_lock); - mtx_unlock(_free_list_lock); + QUEUE_CONCAT2(_free_list, _send_list, _recv_list); } static void @@ -609,9 +602,13 @@ recv_thread(void *arg __unused) if (adhost->adh_remote == NULL) { /* * Connection is dead. -* XXX: We shouldn't be here. +* There is a short race in sender_disconnect() between +* setting adh_remote to NULL and removing entries from +* the recv list, which can result in us being here. +* To avoid just spinning, wait for 0.1s. */ rw_unlock(_remote_lock); + usleep(10); continue; } if (proto_recv(adhost->adh_remote, , ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r339176 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Thu Oct 4 05:48:09 2018 New Revision: 339176 URL: https://svnweb.freebsd.org/changeset/base/339176 Log: When we look for a new trail file there might be a race between find trail file name and opening it. This race was not properly handled, because we were copying new name before checking for openat(2) error and when we were trying again we were starting with the next trail file. This could result in skipping distribution of such a trail file. Fix this problem by checking for ENOENT first (only for .not_terminated files) and then updating (or not) tr_filename before restarting the search. PR: 200139 Reported by: peter Approved by: re (kib) Modified: head/contrib/openbsm/bin/auditdistd/trail.c Modified: head/contrib/openbsm/bin/auditdistd/trail.c == --- head/contrib/openbsm/bin/auditdistd/trail.c Thu Oct 4 01:46:56 2018 (r339175) +++ head/contrib/openbsm/bin/auditdistd/trail.c Thu Oct 4 05:48:09 2018 (r339176) @@ -361,17 +361,38 @@ again: pjdlog_debug(1, "No new trail files."); return; } - PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, - sizeof(trail->tr_filename)) < sizeof(trail->tr_filename)); dfd = dirfd(trail->tr_dirfp); PJDLOG_ASSERT(dfd >= 0); - trail->tr_filefd = openat(dfd, trail->tr_filename, O_RDONLY); + trail->tr_filefd = openat(dfd, curfile, O_RDONLY); if (trail->tr_filefd == -1) { - pjdlog_errno(LOG_ERR, - "Unable to open file \"%s/%s\", skipping", - trail->tr_dirname, trail->tr_filename); + if (errno == ENOENT && trail_is_not_terminated(curfile)) { + /* +* The .not_terminated file was most likely renamed. +* Keep trail->tr_filename as a starting point and +* search again. +*/ + pjdlog_debug(1, + "Unable to open \"%s/%s\", most likely renamed in the meantime, retrying.", + trail->tr_dirname, curfile); + } else { + /* +* We were unable to open the file, but not because of +* the above. This shouldn't happen, but it did. +* We don't know why it happen, so the best we can do +* is to just skip this file - this is why we copy the +* name, so we can start and the next entry. +*/ + PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, + sizeof(trail->tr_filename)) < + sizeof(trail->tr_filename)); + pjdlog_errno(LOG_ERR, + "Unable to open file \"%s/%s\", skipping", + trail->tr_dirname, curfile); + } goto again; } + PJDLOG_VERIFY(strlcpy(trail->tr_filename, curfile, + sizeof(trail->tr_filename)) < sizeof(trail->tr_filename)); pjdlog_debug(1, "Found next trail file: \"%s/%s\".", trail->tr_dirname, trail->tr_filename); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r308439 - svnadmin/conf
Author: pjd Date: Tue Nov 8 09:54:11 2016 New Revision: 308439 URL: https://svnweb.freebsd.org/changeset/base/308439 Log: Please welcome Konrad Witaszczyk (def@) as a new source committer. Konrad is interested in working on encrypted kernel dumps and memory deduplication, at least initially. Approved by: core Modified: svnadmin/conf/access svnadmin/conf/mentors Modified: svnadmin/conf/access == --- svnadmin/conf/accessTue Nov 8 09:51:55 2016(r308438) +++ svnadmin/conf/accessTue Nov 8 09:54:11 2016(r308439) @@ -65,6 +65,7 @@ das davidch davidcs dchagin +def deischen delphij des Modified: svnadmin/conf/mentors == --- svnadmin/conf/mentors Tue Nov 8 09:51:55 2016(r308438) +++ svnadmin/conf/mentors Tue Nov 8 09:54:11 2016(r308439) @@ -18,6 +18,7 @@ benl philip Co-mentor: simon carl jimharris cherry gibbs dabvangyzen +defpjd dexuan sephe erignn Co-mentor: thompsa ivadaszadrian Co-mentor: cognet ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r301036 - svnadmin/conf
Author: pjd Date: Tue May 31 12:39:54 2016 New Revision: 301036 URL: https://svnweb.freebsd.org/changeset/base/301036 Log: Release Mariusz Zaborski (oshogbo) from mentorship. Modified: svnadmin/conf/mentors Modified: svnadmin/conf/mentors == ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r292310 - head
Author: pjd Date: Wed Dec 16 01:05:50 2015 New Revision: 292310 URL: https://svnweb.freebsd.org/changeset/base/292310 Log: Keep maintainance of GELI and make it clear which directories I'm interested in. Modified: head/MAINTAINERS Modified: head/MAINTAINERS == --- head/MAINTAINERSWed Dec 16 00:56:45 2015(r292309) +++ head/MAINTAINERSWed Dec 16 01:05:50 2015(r292310) @@ -42,6 +42,7 @@ dev/usb/wlan adrian Pre-commit review re etc/mail gshapiroPre-commit review requested. Keep in sync with -STABLE. etc/sendmail gshapiroPre-commit review requested. Keep in sync with -STABLE. fetch des Pre-commit review requested. +geli pjd Pre-commit review requested (both sys/geom/eli/ and sbin/geom/class/eli/). isci(4)jimharris Pre-commit review requested. iwm(4) adrian Pre-commit review requested, send to freebsd-wirel...@freebsd.org iwn(4) adrian Pre-commit review requested, send to freebsd-wirel...@freebsd.org @@ -125,7 +126,6 @@ fileobrien Insists to keep file blocke contrib/bzip2 obrien Pre-commit review required. geom freebsd-g...@freebsd.org geom_concatpjd Pre-commit review preferred. -geom_eli pjd Pre-commit review preferred. geom_gate pjd Pre-commit review preferred. geom_label pjd Pre-commit review preferred. geom_mirrorpjd Pre-commit review preferred. ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r289941 - head/sys/kern
Author: pjd Date: Sun Oct 25 18:48:09 2015 New Revision: 289941 URL: https://svnweb.freebsd.org/changeset/base/289941 Log: The aio_waitcomplete(2) syscall should not sleep when the given timeout is 0. Without this change it was sleeping for one tick. Maybe not a big deal, but it makes share/dtrace/blocking script to report that. Reviewed by: jhb Differential Revision:https://reviews.freebsd.org/D3814 Sponsored by: Wheel Systems, http://wheelsystems.com Modified: head/sys/kern/vfs_aio.c Modified: head/sys/kern/vfs_aio.c == --- head/sys/kern/vfs_aio.c Sun Oct 25 18:09:03 2015(r289940) +++ head/sys/kern/vfs_aio.c Sun Oct 25 18:48:09 2015(r289941) @@ -2494,8 +2494,11 @@ kern_aio_waitcomplete(struct thread *td, ops->store_aiocb(aiocbp, NULL); - timo = 0; - if (ts) { + if (ts == NULL) { + timo = 0; + } else if (ts->tv_sec == 0 && ts->tv_nsec == 0) { + timo = -1; + } else { if ((ts->tv_nsec < 0) || (ts->tv_nsec >= 10)) return (EINVAL); @@ -2513,6 +2516,10 @@ kern_aio_waitcomplete(struct thread *td, cb = NULL; AIO_LOCK(ki); while ((cb = TAILQ_FIRST(>kaio_done)) == NULL) { + if (timo == -1) { + error = EWOULDBLOCK; + break; + } ki->kaio_flags |= KAIO_WAKEUP; error = msleep(>p_aioinfo, AIO_MTX(ki), PRIBIO | PCATCH, "aiowc", timo); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r288644 - head/share/dtrace
Author: pjd Date: Sun Oct 4 00:40:12 2015 New Revision: 288644 URL: https://svnweb.freebsd.org/changeset/base/288644 Log: Add a little, but very useful script for use with programs that work using an event loop and should sleep only when waiting for events (eg. via kevent(2)). When a program is going to sleep in the kernel, the script will show its name, PID, kernel stack trace and userland stack trace. Sleeping in kevent(2) is ignored as it is expected to be valid. Sample output: # ./blocking lynxd lynxd(15042) is blocking... kernel`_cv_wait_sig+0x124 kernel`seltdwait+0xae kernel`sys_poll+0x3a3 kernel`amd64_syscall+0x343 kernel`0x806c79ab lynxd`poll+0xa lynxd`pqSocketCheck+0xa2 lynxd`pqWaitTimed+0x29 lynxd`connectDBComplete+0xd7 lynxd`PQsetdbLogin+0x2ec lynxd`db_connect+0x3c lynxd`main+0x198 lynxd`_start+0x16f 0x2 lynxd(1925) is blocking... kernel`_cv_wait+0x125 zfs.ko`zio_wait+0x5b zfs.ko`dmu_buf_hold_array_by_dnode+0x1dc zfs.ko`dmu_read+0xcb zfs.ko`zfs_freebsd_getpages+0x37b kernel`VOP_GETPAGES_APV+0xa7 kernel`vnode_pager_getpages+0x9a kernel`vm_fault_hold+0x885 kernel`vm_fault+0x77 kernel`trap_pfault+0x211 kernel`trap+0x506 kernel`0x806c76c2 lynxd`EVP_add_cipher+0x13 lynxd`SSL_library_init+0x11 lynxd`main+0x94 lynxd`_start+0x16f 0x2 lynxd(1925) is blocking... kernel`_cv_wait+0x125 zfs.ko`zio_wait+0x5b zfs.ko`dbuf_read+0x791 zfs.ko`dbuf_findbp+0x12f zfs.ko`dbuf_hold_impl+0xa2 zfs.ko`dbuf_hold+0x1b zfs.ko`dmu_buf_hold_array_by_dnode+0x153 zfs.ko`dmu_read_uio+0x66 zfs.ko`zfs_freebsd_read+0x3a3 kernel`VOP_READ_APV+0xa1 kernel`vn_read+0x13a kernel`vn_io_fault+0x10b kernel`dofileread+0x95 kernel`kern_readv+0x68 kernel`sys_read+0x63 kernel`amd64_syscall+0x343 kernel`0x806c79ab lynxd`_read+0xa lynxd`__srefill+0x122 lynxd`fgets+0x78 lynxd`file_gets+0x1d lynxd`BIO_gets+0x64 lynxd`PEM_read_bio+0xf5 lynxd`PEM_X509_INFO_read_bio+0x90 lynxd`X509_load_cert_crl_file+0x47 lynxd`by_file_ctrl+0x2e lynxd`X509_STORE_load_locations+0x4a lynxd`sslctx_init+0x255 lynxd`main+0x215 lynxd`_start+0x16f 0x2 Requested by: gnn Obtained from:Wheel Systems http://wheelsystems.com Added: head/share/dtrace/blocking (contents, props changed) Modified: head/share/dtrace/Makefile Modified: head/share/dtrace/Makefile == --- head/share/dtrace/Makefile Sat Oct 3 22:38:08 2015(r288643) +++ head/share/dtrace/Makefile Sun Oct 4 00:40:12 2015(r288644) @@ -12,7 +12,8 @@ SUBDIR= ${_toolkit} _toolkit= toolkit .endif -SCRIPTS= disklatency \ +SCRIPTS= blocking \ + disklatency \ disklatencycmd \ hotopen \ nfsattrstats \ Added: head/share/dtrace/blocking == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/dtrace/blocking Sun Oct 4 00:40:12 2015(r288644) @@ -0,0 +1,57 @@ +#!/usr/sbin/dtrace -s +/*- + * Copyright (c) 2015 Pawel Jakub Dawidek <pa...@dawidek.net> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE A
svn commit: r286444 - in head: sbin/geom/class/eli sys/geom/eli
Author: pjd Date: Sat Aug 8 09:51:38 2015 New Revision: 286444 URL: https://svnweb.freebsd.org/changeset/base/286444 Log: Enable BIO_DELETE passthru in GELI, so TRIM/UNMAP can work as expected when GELI is used on a SSD or inside virtual machine, so that guest can tell host that it is no longer using some of the storage. Enabling BIO_DELETE passthru comes with a small security consequence - an attacker can tell how much space is being really used on encrypted device and has less data no analyse then. This is why the -T option can be given to the init subcommand to turn off this behaviour and -t/T options for the configure subcommand can be used to adjust this setting later. PR: 198863 Submitted by: Matthew D. Fuller fullermd at over-yonder dot net This commit also includes a fix from Fabian Keil freebsd-listen at fabiankeil.de for 'configure' on onetime providers which is not strictly related, but is entangled in the same code, so would cause conflicts if separated out. Modified: head/sbin/geom/class/eli/geli.8 head/sbin/geom/class/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c Modified: head/sbin/geom/class/eli/geli.8 == --- head/sbin/geom/class/eli/geli.8 Sat Aug 8 08:40:36 2015 (r286443) +++ head/sbin/geom/class/eli/geli.8 Sat Aug 8 09:51:38 2015 (r286444) @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd June 2, 2015 +.Dd July 10, 2015 .Dt GELI 8 .Os .Sh NAME @@ -51,7 +51,7 @@ utility: .Pp .Nm .Cm init -.Op Fl bPv +.Op Fl bPTv .Op Fl a Ar aalgo .Op Fl B Ar backupfile .Op Fl e Ar ealgo @@ -80,7 +80,7 @@ utility: .Cm detach .Nm .Cm onetime -.Op Fl d +.Op Fl dT .Op Fl a Ar aalgo .Op Fl e Ar ealgo .Op Fl l Ar keylen @@ -88,7 +88,7 @@ utility: .Ar prov .Nm .Cm configure -.Op Fl bB +.Op Fl bBtT .Ar prov ... .Nm .Cm setkey @@ -351,6 +351,17 @@ Change decrypted provider's sector size. Increasing the sector size allows increased performance, because encryption/decryption which requires an initialization vector is done per sector; fewer sectors means less computational work. +.It Fl T +Don't pass through +.Dv BIO_DELETE +calls (i.e., TRIM/UNMAP). +This can prevent an attacker from knowing how much space you're actually +using and which sectors contain live data, but will also prevent the +backing store (SSD, etc) from reclaiming space you're not using, which +may degrade its performance and lifespan. +The underlying provider may or may not actually obliterate the deleted +sectors when TRIM is enabled, so it should not be considered to add any +security. .It Fl V Ar version Metadata version to use. This option is helpful when creating a provider that may be used by older @@ -456,6 +467,11 @@ Change decrypted provider's sector size. For more information, see the description of the .Cm init subcommand. +.It Fl T +Disable TRIM/UNMAP passthru. +For more information, see the description of the +.Cm init +subcommand. .El .It Cm configure Change configuration of the given providers. @@ -469,6 +485,13 @@ For more information, see the descriptio subcommand. .It Fl B Remove the BOOT flag from the given providers. +.It Fl t +Enable TRIM/UNMAP passthru. +For more information, see the description of the +.Cm init +subcommand. +.It Fl T +Disable TRIM/UNMAP passthru. .El .It Cm setkey Install a copy of the Master Key into the selected slot, encrypted with Modified: head/sbin/geom/class/eli/geom_eli.c == --- head/sbin/geom/class/eli/geom_eli.c Sat Aug 8 08:40:36 2015 (r286443) +++ head/sbin/geom/class/eli/geom_eli.c Sat Aug 8 09:51:38 2015 (r286444) @@ -114,10 +114,11 @@ struct g_command class_commands[] = { { 'l', keylen, 0, G_TYPE_NUMBER }, { 'P', nonewpassphrase, NULL, G_TYPE_BOOL }, { 's', sectorsize, 0, G_TYPE_NUMBER }, + { 'T', notrim, NULL, G_TYPE_BOOL }, { 'V', mdversion, -1, G_TYPE_NUMBER }, G_OPT_SENTINEL }, - [-bPv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov + [-bPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov }, { label, G_FLAG_VERBOSE, eli_main, { @@ -170,17 +171,20 @@ struct g_command class_commands[] = { { 'e', ealgo, GELI_ENC_ALGO, G_TYPE_STRING }, { 'l', keylen, 0, G_TYPE_NUMBER }, { 's', sectorsize, 0, G_TYPE_NUMBER }, + { 'T', notrim, NULL, G_TYPE_BOOL }, G_OPT_SENTINEL }, - [-d] [-a aalgo] [-e ealgo] [-l keylen] [-s sectorsize] prov +
svn commit: r286445 - in head: sbin/swapon share/man/man5
Author: pjd Date: Sat Aug 8 09:57:38 2015 New Revision: 286445 URL: https://svnweb.freebsd.org/changeset/base/286445 Log: Allow to disable BIO_DELETE passthru in fstab for swap-on-geli devices by passing 'notrim' option. PR: 198863 Submitted by: Matthew D. Fuller fullermd at over-yonder dot net Modified: head/sbin/swapon/swapon.c head/share/man/man5/fstab.5 Modified: head/sbin/swapon/swapon.c == --- head/sbin/swapon/swapon.c Sat Aug 8 09:51:38 2015(r286444) +++ head/sbin/swapon/swapon.c Sat Aug 8 09:57:38 2015(r286445) @@ -313,7 +313,7 @@ static char * swap_on_geli_args(const char *mntops) { const char *aalgo, *ealgo, *keylen_str, *sectorsize_str; - const char *aflag, *eflag, *lflag, *sflag; + const char *aflag, *eflag, *lflag, *Tflag, *sflag; char *p, *args, *token, *string, *ops; int argsize, pagesize; size_t pagesize_len; @@ -321,7 +321,7 @@ swap_on_geli_args(const char *mntops) /* Use built-in defaults for geli(8). */ aalgo = ealgo = keylen_str = ; - aflag = eflag = lflag = ; + aflag = eflag = lflag = Tflag = ; /* We will always specify sectorsize. */ sflag = -s ; @@ -365,6 +365,8 @@ swap_on_geli_args(const char *mntops) free(ops); return (NULL); } + } else if ((p = strstr(token, notrim)) == token) { + Tflag = -T ; } else if (strcmp(token, sw) != 0) { warnx(Invalid option: %s, token); free(ops); @@ -387,8 +389,8 @@ swap_on_geli_args(const char *mntops) sectorsize_str = p; } - argsize = asprintf(args, %s%s%s%s%s%s%s%s -d, - aflag, aalgo, eflag, ealgo, lflag, keylen_str, + argsize = asprintf(args, %s%s%s%s%s%s%s%s%s -d, + aflag, aalgo, eflag, ealgo, lflag, keylen_str, Tflag, sflag, sectorsize_str); free(ops); Modified: head/share/man/man5/fstab.5 == --- head/share/man/man5/fstab.5 Sat Aug 8 09:51:38 2015(r286444) +++ head/share/man/man5/fstab.5 Sat Aug 8 09:57:38 2015(r286445) @@ -242,6 +242,7 @@ The .Dq ealgo , .Dq aalgo , .Dq keylen , +.Dq notrim , and .Dq sectorsize options may be passed to control those ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r286373 - head/sys/geom/eli
Author: pjd Date: Thu Aug 6 17:13:34 2015 New Revision: 286373 URL: https://svnweb.freebsd.org/changeset/base/286373 Log: After crypto_dispatch() bio might be already delivered and destroyed, so we cannot access it anymore. Setting an error later lead to memory corruption. Assert that crypto_dispatch() was successful. It can fail only if we pass a bogus crypto request, which is a bug in the program, not a runtime condition. PR: 199705 Submitted by: luke.tw Reviewed by: emaste MFC after:3 days Modified: head/sys/geom/eli/g_eli_integrity.c head/sys/geom/eli/g_eli_privacy.c Modified: head/sys/geom/eli/g_eli_integrity.c == --- head/sys/geom/eli/g_eli_integrity.c Thu Aug 6 17:07:21 2015 (r286372) +++ head/sys/geom/eli/g_eli_integrity.c Thu Aug 6 17:13:34 2015 (r286373) @@ -408,8 +408,8 @@ g_eli_auth_run(struct g_eli_worker *wr, struct cryptodesc *crde, *crda; u_int i, lsec, nsec, data_secsize, decr_secsize, encr_secsize; off_t dstoff; - int err, error; u_char *p, *data, *auth, *authkey, *plaindata; + int error; G_ELI_LOGREQ(3, bp, %s, __func__); @@ -451,7 +451,6 @@ g_eli_auth_run(struct g_eli_worker *wr, bp-bio_inbed = 0; bp-bio_children = nsec; - error = 0; for (i = 1; i = nsec; i++, dstoff += encr_secsize) { crp = (struct cryptop *)p; p += sizeof(*crp); crde = (struct cryptodesc *)p; p += sizeof(*crde); @@ -519,10 +518,8 @@ g_eli_auth_run(struct g_eli_worker *wr, crda-crd_klen = G_ELI_AUTH_SECKEYLEN * 8; crp-crp_etype = 0; - err = crypto_dispatch(crp); - if (err != 0 error == 0) - error = err; + error = crypto_dispatch(crp); + KASSERT(error == 0, (crypto_dispatch() failed (error=%d), + error)); } - if (bp-bio_error == 0) - bp-bio_error = error; } Modified: head/sys/geom/eli/g_eli_privacy.c == --- head/sys/geom/eli/g_eli_privacy.c Thu Aug 6 17:07:21 2015 (r286372) +++ head/sys/geom/eli/g_eli_privacy.c Thu Aug 6 17:13:34 2015 (r286373) @@ -230,10 +230,10 @@ g_eli_crypto_run(struct g_eli_worker *wr struct cryptop *crp; struct cryptodesc *crd; u_int i, nsec, secsize; - int err, error; off_t dstoff; size_t size; u_char *p, *data; + int error; G_ELI_LOGREQ(3, bp, %s, __func__); @@ -271,7 +271,6 @@ g_eli_crypto_run(struct g_eli_worker *wr bcopy(bp-bio_data, data, bp-bio_length); } - error = 0; for (i = 0, dstoff = bp-bio_offset; i nsec; i++, dstoff += secsize) { crp = (struct cryptop *)p; p += sizeof(*crp); crd = (struct cryptodesc *)p; p += sizeof(*crd); @@ -308,10 +307,8 @@ g_eli_crypto_run(struct g_eli_worker *wr crd-crd_next = NULL; crp-crp_etype = 0; - err = crypto_dispatch(crp); - if (error == 0) - error = err; + error = crypto_dispatch(crp); + KASSERT(error == 0, (crypto_dispatch() failed (error=%d), + error)); } - if (bp-bio_error == 0) - bp-bio_error = error; } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
Re: svn commit: r285021 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
On Mon, Aug 03, 2015 at 04:20:04PM +0300, Andriy Gapon wrote: On 30/07/2015 10:24, K. Macy wrote: Just FYI this change introduces a deadlock with with the spa_namespace_lock. Mount will be holding this lock while trying to acquire the spa_namespace_lock. zfskern on the other hand holds the spa_namespace_lock when calling zfs_freebsd_access which in turn tries to acquire the teardown lock. I missed the fact that zpool.cache file is being written with spa_namespace_lock held. I'll try to either resolve the problem in the next day or I will revert the change. FYI, I'm hitting this deadlock on my laptop. Reverting the change fixes the problem. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpQSZVhmhx0p.pgp Description: PGP signature
svn commit: r285363 - head/sys/geom/eli
Author: pjd Date: Fri Jul 10 19:27:19 2015 New Revision: 285363 URL: https://svnweb.freebsd.org/changeset/base/285363 Log: Spoil even can happen for some time now even on providers opened exclusively (on the media change event). Update GELI to handle that situation. PR: 201185 Submitted by: Matthew D. Fuller Modified: head/sys/geom/eli/g_eli.c Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Fri Jul 10 19:24:36 2015(r285362) +++ head/sys/geom/eli/g_eli.c Fri Jul 10 19:27:19 2015(r285363) @@ -730,10 +730,10 @@ g_eli_create(struct gctl_req *req, struc sc = malloc(sizeof(*sc), M_ELI, M_WAITOK | M_ZERO); gp-start = g_eli_start; /* -* Spoiling cannot happen actually, because we keep provider open for -* writing all the time or provider is read-only. +* Spoiling can happen even though we have the provider open +* exclusively, e.g. through media change events. */ - gp-spoiled = g_eli_orphan_spoil_assert; + gp-spoiled = g_eli_orphan; gp-orphan = g_eli_orphan; gp-dumpconf = g_eli_dumpconf; /* ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r285023 - in head: sbin/geom/class/eli sys/geom/eli
Author: pjd Date: Thu Jul 2 10:55:32 2015 New Revision: 285023 URL: https://svnweb.freebsd.org/changeset/base/285023 Log: Allow to omit keyfile number for the first keyfile. Modified: head/sbin/geom/class/eli/geli.8 head/sys/geom/eli/g_eli.c Modified: head/sbin/geom/class/eli/geli.8 == --- head/sbin/geom/class/eli/geli.8 Thu Jul 2 10:31:08 2015 (r285022) +++ head/sbin/geom/class/eli/geli.8 Thu Jul 2 10:55:32 2015 (r285023) @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd June 18, 2014 +.Dd June 2, 2015 .Dt GELI 8 .Os .Sh NAME @@ -893,6 +893,13 @@ geli_da1s3a_keyfile0_type=da1s3a:geli_k geli_da1s3a_keyfile0_name=/boot/keys/da1s3a.key .Ed .Pp +If there is only one keyfile, the index might be omitted: +.Bd -literal -offset indent +geli_da1s3a_keyfile_load=YES +geli_da1s3a_keyfile_type=da1s3a:geli_keyfile +geli_da1s3a_keyfile_name=/boot/keys/da1s3a.key +.Ed +.Pp Not only configure encryption, but also data integrity verification using .Nm HMAC/SHA256 . .Bd -literal -offset indent Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Thu Jul 2 10:31:08 2015(r285022) +++ head/sys/geom/eli/g_eli.c Thu Jul 2 10:55:32 2015(r285023) @@ -998,6 +998,13 @@ g_eli_keyfiles_load(struct hmac_ctx *ctx for (i = 0; ; i++) { snprintf(name, sizeof(name), %s:geli_keyfile%d, provider, i); keyfile = preload_search_by_type(name); + if (keyfile == NULL i == 0) { + /* +* If there is only one keyfile, allow simpler name. +*/ + snprintf(name, sizeof(name), %s:geli_keyfile, provider); + keyfile = preload_search_by_type(name); + } if (keyfile == NULL) return (i); /* Return number of loaded keyfiles. */ data = preload_fetch_addr(keyfile); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r285024 - head/sys/geom/eli
Author: pjd Date: Thu Jul 2 10:57:34 2015 New Revision: 285024 URL: https://svnweb.freebsd.org/changeset/base/285024 Log: Properly propagate errors in metadata reading. PR: 198860 Submitted by: Matthew D. Fuller Modified: head/sys/geom/eli/g_eli.c Modified: head/sys/geom/eli/g_eli.c == --- head/sys/geom/eli/g_eli.c Thu Jul 2 10:55:32 2015(r285023) +++ head/sys/geom/eli/g_eli.c Thu Jul 2 10:57:34 2015(r285024) @@ -633,7 +633,10 @@ g_eli_read_metadata(struct g_class *mp, g_topology_lock(); if (buf == NULL) goto end; - eli_metadata_decode(buf, md); + error = eli_metadata_decode(buf, md); + if (error != 0) + goto end; + /* Metadata was read and decoded successfully. */ end: if (buf != NULL) g_free(buf); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r283928 - stable/10/sbin/geom/class/eli
Author: pjd Date: Tue Jun 2 20:29:58 2015 New Revision: 283928 URL: https://svnweb.freebsd.org/changeset/base/283928 Log: MFC r265950 (by thomas): Add mention of metadata version 7 in FreeBSD 10.0. Modified: stable/10/sbin/geom/class/eli/geli.8 Directory Properties: stable/10/ (props changed) Modified: stable/10/sbin/geom/class/eli/geli.8 == --- stable/10/sbin/geom/class/eli/geli.8Tue Jun 2 19:20:39 2015 (r283927) +++ stable/10/sbin/geom/class/eli/geli.8Tue Jun 2 20:29:58 2015 (r283928) @@ -1053,6 +1053,8 @@ metadata version supported by the given .It Li 8.2 Ta 5 .Pp .It Li 9.0 Ta 6 +.Pp +.It Li 10.0 Ta 7 .El .Sh AUTHORS .An Pawel Jakub Dawidek Aq p...@freebsd.org ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r281856 - svnadmin/conf
Author: pjd Date: Wed Apr 22 16:06:49 2015 New Revision: 281856 URL: https://svnweb.freebsd.org/changeset/base/281856 Log: Welcome Mariusz Zaborski (oshogbo) as a new src committer. Mariusz will be working (at least initially) on Capsicum, Casper, libnv and surroundings. Approved by: core Modified: svnadmin/conf/access Modified: svnadmin/conf/access == --- svnadmin/conf/accessWed Apr 22 14:38:58 2015(r281855) +++ svnadmin/conf/accessWed Apr 22 16:06:49 2015(r281856) @@ -166,6 +166,7 @@ nwhitehorn nyan obrien oleg +oshogbo peter pe...@wemm.org peterj pfg ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r277920 - head/lib/libnv
Author: pjd Date: Fri Jan 30 09:44:29 2015 New Revision: 277920 URL: https://svnweb.freebsd.org/changeset/base/277920 Log: If moving descriptor or binary data to an nvlist fails, we need to close the descriptor or free the memory before returning. Submitted by: Mariusz Zaborski osho...@freebsd.org While here, protect errno, so it won't be overwritted by close(2) or free(3). Modified: head/lib/libnv/nvpair.c Modified: head/lib/libnv/nvpair.c == --- head/lib/libnv/nvpair.c Fri Jan 30 09:05:43 2015(r277919) +++ head/lib/libnv/nvpair.c Fri Jan 30 09:44:29 2015(r277920) @@ -1100,6 +1100,7 @@ nvpair_t * nvpair_movev_string(char *value, const char *namefmt, va_list nameap) { nvpair_t *nvp; + int serrno; if (value == NULL) { errno = EINVAL; @@ -1108,8 +1109,11 @@ nvpair_movev_string(char *value, const c nvp = nvpair_allocv(NV_TYPE_STRING, (uint64_t)(uintptr_t)value, strlen(value) + 1, namefmt, nameap); - if (nvp == NULL) + if (nvp == NULL) { + serrno = errno; free(value); + errno = serrno; + } return (nvp); } @@ -1137,28 +1141,46 @@ nvpair_movev_nvlist(nvlist_t *value, con nvpair_t * nvpair_movev_descriptor(int value, const char *namefmt, va_list nameap) { + nvpair_t *nvp; + int serrno; if (value 0 || !fd_is_valid(value)) { errno = EBADF; return (NULL); } - return (nvpair_allocv(NV_TYPE_DESCRIPTOR, (uint64_t)value, - sizeof(int64_t), namefmt, nameap)); + nvp = nvpair_allocv(NV_TYPE_DESCRIPTOR, (uint64_t)value, + sizeof(int64_t), namefmt, nameap); + if (nvp == NULL) { + serrno = errno; + close(value); + errno = serrno; + } + + return (nvp); } nvpair_t * nvpair_movev_binary(void *value, size_t size, const char *namefmt, va_list nameap) { + nvpair_t *nvp; + int serrno; if (value == NULL || size == 0) { errno = EINVAL; return (NULL); } - return (nvpair_allocv(NV_TYPE_BINARY, (uint64_t)(uintptr_t)value, size, - namefmt, nameap)); + nvp = nvpair_allocv(NV_TYPE_BINARY, (uint64_t)(uintptr_t)value, size, + namefmt, nameap); + if (nvp == NULL) { + serrno = errno; + free(value); + errno = serrno; + } + + return (nvp); } bool ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r277921 - head/lib/libnv
Author: pjd Date: Fri Jan 30 10:08:38 2015 New Revision: 277921 URL: https://svnweb.freebsd.org/changeset/base/277921 Log: Modify nvlist_get_parent() API to take additional cookie argument. This allow for non-recursive iteration over nested nvlists, as in documented example. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/nv.3 head/lib/libnv/nv.h head/lib/libnv/nvlist.c Modified: head/lib/libnv/nv.3 == --- head/lib/libnv/nv.3 Fri Jan 30 09:44:29 2015(r277920) +++ head/lib/libnv/nv.3 Fri Jan 30 10:08:38 2015(r277921) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd September 25, 2014 +.Dd January 30, 2015 .Dt NV 3 .Os .Sh NAME @@ -151,7 +151,7 @@ .Ft const void * .Fn nvlist_get_binary const nvlist_t *nvl const char *name size_t *sizep .Ft const nvlist_t * -.Fn nvlist_get_parent const nvlist_t *nvl +.Fn nvlist_get_parent const nvlist_t *nvl void **cookiep .\ .Ft bool .Fn nvlist_take_bool nvlist_t *nvl const char *name @@ -588,6 +588,28 @@ while ((name = nvlist_next(nvl, type, printf(\\n); } .Ed +.Pp +Iterating over every nested nvlist: +.Bd -literal +nvlist_t *nvl; +const char *name; +void *cookie; +int type; + +nvl = nvlist_recv(sock); +if (nvl == NULL) + err(1, nvlist_recv() failed); + +cookie = NULL; +do { + while ((name = nvlist_next(nvl, type, cookie)) != NULL) { + if (type == NV_TYPE_NVLIST) { + nvl = nvlist_get_nvlist(nvl, name); + cookie = NULL; + } + } +} while ((nvl = nvlist_get_parent(nvl, cookie)) != NULL); +.Ed .Sh SEE ALSO .Xr close 2 , .Xr dup 2 , Modified: head/lib/libnv/nv.h == --- head/lib/libnv/nv.h Fri Jan 30 09:44:29 2015(r277920) +++ head/lib/libnv/nv.h Fri Jan 30 10:08:38 2015(r277921) @@ -83,7 +83,7 @@ nvlist_t *nvlist_xfer(int sock, nvlist_t const char *nvlist_next(const nvlist_t *nvl, int *typep, void **cookiep); -const nvlist_t *nvlist_get_parent(const nvlist_t *nvl); +const nvlist_t *nvlist_get_parent(const nvlist_t *nvl, void **cookiep); /* * The nvlist_exists functions check if the given name (optionally of the given Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Fri Jan 30 09:44:29 2015(r277920) +++ head/lib/libnv/nvlist.c Fri Jan 30 10:08:38 2015(r277921) @@ -159,15 +159,19 @@ nvlist_get_nvpair_parent(const nvlist_t } const nvlist_t * -nvlist_get_parent(const nvlist_t *nvl) +nvlist_get_parent(const nvlist_t *nvl, void **cookiep) { + nvpair_t *nvp; NVLIST_ASSERT(nvl); - if (nvl-nvl_parent == NULL) + nvp = nvl-nvl_parent; + if (cookiep != NULL) + *cookiep = nvp; + if (nvp == NULL) return (NULL); - return (nvpair_nvlist(nvl-nvl_parent)); + return (nvpair_nvlist(nvp)); } void @@ -384,11 +388,10 @@ nvlist_dump(const nvlist_t *nvl, int fd) dprintf(fd, \n); nvl = nvpair_get_nvlist(nvp); if (nvlist_dump_error_check(nvl, fd, level + 1)) { - nvl = nvlist_get_parent(nvl); + nvl = nvlist_get_parent(nvl, (void **)nvp); break; } - level += 1; - nvp = nvlist_first_nvpair(nvl); + level++; continue; case NV_TYPE_DESCRIPTOR: dprintf(fd, %d\n, nvpair_get_descriptor(nvp)); @@ -411,11 +414,10 @@ nvlist_dump(const nvlist_t *nvl, int fd) } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvp = nvlist_get_nvpair_parent(nvl); - if (nvp == NULL) + nvl = nvlist_get_parent(nvl, (void **)nvp); + if (nvl == NULL) return; - nvl = nvlist_get_parent(nvl); - level --; + level--; } } } @@ -457,10 +459,9 @@ nvlist_size(const nvlist_t *nvl) } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvp = nvlist_get_nvpair_parent(nvl); - if (nvp == NULL) + nvl = nvlist_get_parent(nvl, (void **)nvp); + if (nvl == NULL) goto out; - nvl = nvlist_get_parent(nvl); } } @@ -635,13 +636,12 @@ nvlist_xpack(const nvlist_t *nvl, int64_ return (NULL); }
svn commit: r277927 - head/lib/libnv
Author: pjd Date: Fri Jan 30 13:03:36 2015 New Revision: 277927 URL: https://svnweb.freebsd.org/changeset/base/277927 Log: Make gcc happy. Reported by: bz Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Fri Jan 30 12:57:35 2015(r277926) +++ head/lib/libnv/nvlist.c Fri Jan 30 13:03:36 2015(r277927) @@ -358,6 +358,7 @@ nvlist_dump(const nvlist_t *nvl, int fd) { const nvlist_t *tmpnvl; nvpair_t *nvp, *tmpnvp; + void *cookie; int level; level = 0; @@ -419,9 +420,11 @@ nvlist_dump(const nvlist_t *nvl, int fd) } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvl = nvlist_get_parent(nvl, (void **)nvp); + cookie = NULL; + nvl = nvlist_get_parent(nvl, cookie); if (nvl == NULL) return; + nvp = cookie; level--; } } @@ -443,6 +446,7 @@ nvlist_size(const nvlist_t *nvl) { const nvlist_t *tmpnvl; const nvpair_t *nvp, *tmpnvp; + void *cookie; size_t size; NVLIST_ASSERT(nvl); @@ -469,9 +473,11 @@ nvlist_size(const nvlist_t *nvl) } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvl = nvlist_get_parent(nvl, (void **)nvp); + cookie = NULL; + nvl = nvlist_get_parent(nvl, cookie); if (nvl == NULL) goto out; + nvp = cookie; } } @@ -587,6 +593,7 @@ nvlist_xpack(const nvlist_t *nvl, int64_ size_t left, size; const nvlist_t *tmpnvl; nvpair_t *nvp, *tmpnvp; + void *cookie; NVLIST_ASSERT(nvl); @@ -655,9 +662,11 @@ nvlist_xpack(const nvlist_t *nvl, int64_ return (NULL); } while ((nvp = nvlist_next_nvpair(nvl, nvp)) == NULL) { - nvl = nvlist_get_parent(nvl, (void **)nvp); + cookie = NULL; + nvl = nvlist_get_parent(nvl, cookie); if (nvl == NULL) goto out; + nvp = cookie; ptr = nvpair_pack_nvlist_up(ptr, left); if (ptr == NULL) goto out; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r277926 - head/lib/libnv
Author: pjd Date: Fri Jan 30 12:57:35 2015 New Revision: 277926 URL: https://svnweb.freebsd.org/changeset/base/277926 Log: Add missing nvlist_get_parent(3) link. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/Makefile Modified: head/lib/libnv/Makefile == --- head/lib/libnv/Makefile Fri Jan 30 12:31:29 2015(r277925) +++ head/lib/libnv/Makefile Fri Jan 30 12:57:35 2015(r277926) @@ -61,6 +61,7 @@ MLINKS+=nv.3 nvlist_create.3 \ nv.3 nvlist_get_nvlist.3 \ nv.3 nvlist_get_descriptor.3 \ nv.3 nvlist_get_binary.3 \ + nv.3 nvlist_get_parent.3 \ nv.3 nvlist_take_bool.3 \ nv.3 nvlist_take_number.3 \ nv.3 nvlist_take_string.3 \ ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r277925 - head/lib/libnv
Author: pjd Date: Fri Jan 30 12:31:29 2015 New Revision: 277925 URL: https://svnweb.freebsd.org/changeset/base/277925 Log: Handle empty nvlists correctly. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Fri Jan 30 12:07:43 2015(r277924) +++ head/lib/libnv/nvlist.c Fri Jan 30 12:31:29 2015(r277925) @@ -356,7 +356,8 @@ nvlist_dump_error_check(const nvlist_t * void nvlist_dump(const nvlist_t *nvl, int fd) { - nvpair_t *nvp; + const nvlist_t *tmpnvl; + nvpair_t *nvp, *tmpnvp; int level; level = 0; @@ -386,13 +387,17 @@ nvlist_dump(const nvlist_t *nvl, int fd) break; case NV_TYPE_NVLIST: dprintf(fd, \n); - nvl = nvpair_get_nvlist(nvp); - if (nvlist_dump_error_check(nvl, fd, level + 1)) { - nvl = nvlist_get_parent(nvl, (void **)nvp); + tmpnvl = nvpair_get_nvlist(nvp); + if (nvlist_dump_error_check(tmpnvl, fd, level + 1)) break; + tmpnvp = nvlist_first_nvpair(tmpnvl); + if (tmpnvp != NULL) { + nvl = tmpnvl; + nvp = tmpnvp; + level++; + continue; } - level++; - continue; + break; case NV_TYPE_DESCRIPTOR: dprintf(fd, %d\n, nvpair_get_descriptor(nvp)); break; @@ -436,7 +441,8 @@ nvlist_fdump(const nvlist_t *nvl, FILE * size_t nvlist_size(const nvlist_t *nvl) { - const nvpair_t *nvp; + const nvlist_t *tmpnvl; + const nvpair_t *nvp, *tmpnvp; size_t size; NVLIST_ASSERT(nvl); @@ -450,10 +456,14 @@ nvlist_size(const nvlist_t *nvl) if (nvpair_type(nvp) == NV_TYPE_NVLIST) { size += sizeof(struct nvlist_header); size += nvpair_header_size() + 1; - nvl = nvpair_get_nvlist(nvp); - PJDLOG_ASSERT(nvl-nvl_error == 0); - nvp = nvlist_first_nvpair(nvl); - continue; + tmpnvl = nvpair_get_nvlist(nvp); + PJDLOG_ASSERT(tmpnvl-nvl_error == 0); + tmpnvp = nvlist_first_nvpair(tmpnvl); + if (tmpnvp != NULL) { + nvl = tmpnvl; + nvp = tmpnvp; + continue; + } } else { size += nvpair_size(nvp); } @@ -575,7 +585,8 @@ nvlist_xpack(const nvlist_t *nvl, int64_ { unsigned char *buf, *ptr; size_t left, size; - nvpair_t *nvp; + const nvlist_t *tmpnvl; + nvpair_t *nvp, *tmpnvp; NVLIST_ASSERT(nvl); @@ -618,10 +629,18 @@ nvlist_xpack(const nvlist_t *nvl, int64_ ptr = nvpair_pack_string(nvp, ptr, left); break; case NV_TYPE_NVLIST: - nvl = nvpair_get_nvlist(nvp); - nvp = nvlist_first_nvpair(nvl); - ptr = nvlist_pack_header(nvl, ptr, left); - continue; + tmpnvl = nvpair_get_nvlist(nvp); + ptr = nvlist_pack_header(tmpnvl, ptr, left); + if (ptr == NULL) + goto out; + tmpnvp = nvlist_first_nvpair(tmpnvl); + if (tmpnvp != NULL) { + nvl = tmpnvl; + nvp = tmpnvp; + continue; + } + ptr = nvpair_pack_nvlist_up(ptr, left); + break; case NV_TYPE_DESCRIPTOR: ptr = nvpair_pack_descriptor(nvp, ptr, fdidxp, left); break; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r274366 - in head/sys: dev/null geom kern sys
Author: pjd Date: Tue Nov 11 04:48:09 2014 New Revision: 274366 URL: https://svnweb.freebsd.org/changeset/base/274366 Log: Add missing privilege check when setting the dump device. Before that change it was possible for a regular user to setup the dump device if he had write access to the given device. In theory it is a security issue as user might get access to kernel's memory after provoking kernel crash, but in practise it is not recommended to give regular users direct access to storage devices. Rework the code so that we do privileges check within the set_dumper() function to avoid similar problems in the future. Discussed with: secteam Modified: head/sys/dev/null/null.c head/sys/geom/geom_dev.c head/sys/kern/kern_shutdown.c head/sys/sys/conf.h Modified: head/sys/dev/null/null.c == --- head/sys/dev/null/null.cTue Nov 11 04:07:41 2014(r274365) +++ head/sys/dev/null/null.cTue Nov 11 04:48:09 2014(r274366) @@ -37,7 +37,6 @@ __FBSDID($FreeBSD$); #include sys/kernel.h #include sys/malloc.h #include sys/module.h -#include sys/priv.h #include sys/disk.h #include sys/bus.h #include sys/filio.h @@ -110,9 +109,7 @@ null_ioctl(struct cdev *dev __unused, u_ switch (cmd) { case DIOCSKERNELDUMP: - error = priv_check(td, PRIV_SETDUMPER); - if (error == 0) - error = set_dumper(NULL, NULL); + error = set_dumper(NULL, NULL, td); break; case FIONBIO: break; Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cTue Nov 11 04:07:41 2014(r274365) +++ head/sys/geom/geom_dev.cTue Nov 11 04:48:09 2014(r274366) @@ -127,14 +127,14 @@ g_dev_fini(struct g_class *mp) } static int -g_dev_setdumpdev(struct cdev *dev) +g_dev_setdumpdev(struct cdev *dev, struct thread *td) { struct g_kerneldump kd; struct g_consumer *cp; int error, len; if (dev == NULL) - return (set_dumper(NULL, NULL)); + return (set_dumper(NULL, NULL, td)); cp = dev-si_drv2; len = sizeof(kd); @@ -142,7 +142,7 @@ g_dev_setdumpdev(struct cdev *dev) kd.length = OFF_MAX; error = g_io_getattr(GEOM::kerneldump, cp, len, kd); if (error == 0) { - error = set_dumper(kd.di, devtoname(dev)); + error = set_dumper(kd.di, devtoname(dev), td); if (error == 0) dev-si_flags |= SI_DUMPDEV; } @@ -157,7 +157,7 @@ init_dumpdev(struct cdev *dev) return; if (strcmp(devtoname(dev), dumpdev) != 0) return; - if (g_dev_setdumpdev(dev) == 0) { + if (g_dev_setdumpdev(dev, curthread) == 0) { freeenv(dumpdev); dumpdev = NULL; } @@ -453,9 +453,9 @@ g_dev_ioctl(struct cdev *dev, u_long cmd break; case DIOCSKERNELDUMP: if (*(u_int *)data == 0) - error = g_dev_setdumpdev(NULL); + error = g_dev_setdumpdev(NULL, td); else - error = g_dev_setdumpdev(dev); + error = g_dev_setdumpdev(dev, td); break; case DIOCGFLUSH: error = g_io_flush(cp); @@ -673,7 +673,7 @@ g_dev_orphan(struct g_consumer *cp) /* Reset any dump-area set on this device */ if (dev-si_flags SI_DUMPDEV) - (void)set_dumper(NULL, NULL); + (void)set_dumper(NULL, NULL, curthread); /* Destroy the struct cdev *so we get no more requests */ destroy_dev_sched_cb(dev, g_dev_callback, cp); Modified: head/sys/kern/kern_shutdown.c == --- head/sys/kern/kern_shutdown.c Tue Nov 11 04:07:41 2014 (r274365) +++ head/sys/kern/kern_shutdown.c Tue Nov 11 04:48:09 2014 (r274366) @@ -827,9 +827,14 @@ SYSCTL_STRING(_kern_shutdown, OID_AUTO, /* Registration of dumpers */ int -set_dumper(struct dumperinfo *di, const char *devname) +set_dumper(struct dumperinfo *di, const char *devname, struct thread *td) { size_t wantcopy; + int error; + + error = priv_check(td, PRIV_SETDUMPER); + if (error != 0) + return (error); if (di == NULL) { bzero(dumper, sizeof dumper); Modified: head/sys/sys/conf.h == --- head/sys/sys/conf.h Tue Nov 11 04:07:41 2014(r274365) +++ head/sys/sys/conf.h Tue Nov 11 04:48:09 2014(r274366) @@ -336,7 +336,7 @@ struct dumperinfo { off_t mediasize; /* Space available in bytes. */
svn commit: r272843 - head/lib/libnv
Author: pjd Date: Thu Oct 9 20:55:05 2014 New Revision: 272843 URL: https://svnweb.freebsd.org/changeset/base/272843 Log: Fix problem on big endian systems introduced in r271579 - when we were returning from handling a nested nvlist we were resetting big-endian flag. Reported by: Kuleshov Aleksey @ yandex.ru Tested by:Kuleshov Aleksey @ yandex.ru Modified: head/lib/libnv/nvlist.c head/lib/libnv/nvlist_impl.h head/lib/libnv/nvpair.c head/lib/libnv/nvpair_impl.h Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Thu Oct 9 20:39:18 2014(r272842) +++ head/lib/libnv/nvlist.c Thu Oct 9 20:55:05 2014(r272843) @@ -698,7 +698,7 @@ nvlist_check_header(struct nvlist_header const unsigned char * nvlist_unpack_header(nvlist_t *nvl, const unsigned char *ptr, size_t nfds, -int *flagsp, size_t *leftp) +bool *isbep, size_t *leftp) { struct nvlist_header nvlhdr; @@ -725,7 +725,8 @@ nvlist_unpack_header(nvlist_t *nvl, cons nvl-nvl_flags = (nvlhdr.nvlh_flags NV_FLAG_PUBLIC_MASK); ptr += sizeof(nvlhdr); - *flagsp = (int)nvlhdr.nvlh_flags; + if (isbep != NULL) + *isbep = (((int)nvlhdr.nvlh_flags NV_FLAG_BIG_ENDIAN) != 0); *leftp -= sizeof(nvlhdr); return (ptr); @@ -741,7 +742,7 @@ nvlist_xunpack(const void *buf, size_t s nvlist_t *nvl, *retnvl, *tmpnvl; nvpair_t *nvp; size_t left; - int flags; + bool isbe; left = size; ptr = buf; @@ -751,44 +752,43 @@ nvlist_xunpack(const void *buf, size_t s if (nvl == NULL) goto failed; - ptr = nvlist_unpack_header(nvl, ptr, nfds, flags, left); + ptr = nvlist_unpack_header(nvl, ptr, nfds, isbe, left); if (ptr == NULL) goto failed; while (left 0) { - ptr = nvpair_unpack(flags, ptr, left, nvp); + ptr = nvpair_unpack(isbe, ptr, left, nvp); if (ptr == NULL) goto failed; switch (nvpair_type(nvp)) { case NV_TYPE_NULL: - ptr = nvpair_unpack_null(flags, nvp, ptr, left); + ptr = nvpair_unpack_null(isbe, nvp, ptr, left); break; case NV_TYPE_BOOL: - ptr = nvpair_unpack_bool(flags, nvp, ptr, left); + ptr = nvpair_unpack_bool(isbe, nvp, ptr, left); break; case NV_TYPE_NUMBER: - ptr = nvpair_unpack_number(flags, nvp, ptr, left); + ptr = nvpair_unpack_number(isbe, nvp, ptr, left); break; case NV_TYPE_STRING: - ptr = nvpair_unpack_string(flags, nvp, ptr, left); + ptr = nvpair_unpack_string(isbe, nvp, ptr, left); break; case NV_TYPE_NVLIST: - ptr = nvpair_unpack_nvlist(flags, nvp, ptr, left, - nfds, tmpnvl); + ptr = nvpair_unpack_nvlist(isbe, nvp, ptr, left, nfds, + tmpnvl); nvlist_set_parent(tmpnvl, nvp); break; case NV_TYPE_DESCRIPTOR: - ptr = nvpair_unpack_descriptor(flags, nvp, ptr, left, + ptr = nvpair_unpack_descriptor(isbe, nvp, ptr, left, fds, nfds); break; case NV_TYPE_BINARY: - ptr = nvpair_unpack_binary(flags, nvp, ptr, left); + ptr = nvpair_unpack_binary(isbe, nvp, ptr, left); break; case NV_TYPE_NVLIST_UP: if (nvl-nvl_parent == NULL) goto failed; nvl = nvpair_nvlist(nvl-nvl_parent); - flags = nvl-nvl_flags; continue; default: PJDLOG_ABORT(Invalid type (%d)., nvpair_type(nvp)); Modified: head/lib/libnv/nvlist_impl.h == --- head/lib/libnv/nvlist_impl.hThu Oct 9 20:39:18 2014 (r272842) +++ head/lib/libnv/nvlist_impl.hThu Oct 9 20:55:05 2014 (r272843) @@ -42,6 +42,6 @@ nvlist_t *nvlist_xunpack(const void *buf nvpair_t *nvlist_get_nvpair_parent(const nvlist_t *nvl); const unsigned char *nvlist_unpack_header(nvlist_t *nvl, -const unsigned char *ptr, size_t nfds, int *flagsp, size_t *leftp); +const unsigned char *ptr, size_t nfds, bool *isbep, size_t *leftp); #endif /* !_NVLIST_IMPL_H_ */ Modified: head/lib/libnv/nvpair.c
svn commit: r272297 - head/sys/geom
Author: pjd Date: Tue Sep 30 11:51:32 2014 New Revision: 272297 URL: http://svnweb.freebsd.org/changeset/base/272297 Log: Style fixes. Modified: head/sys/geom/geom_dev.c Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cTue Sep 30 07:28:31 2014(r272296) +++ head/sys/geom/geom_dev.cTue Sep 30 11:51:32 2014(r272297) @@ -281,7 +281,7 @@ g_dev_open(struct cdev *dev, int flags, cp = dev-si_drv2; if (cp == NULL) - return(ENXIO); /* g_dev_taste() not done yet */ + return (ENXIO); /* g_dev_taste() not done yet */ g_trace(G_T_ACCESS, g_dev_open(%s, %d, %d, %p), cp-geom-name, flags, fmt, td); @@ -312,7 +312,7 @@ g_dev_open(struct cdev *dev, int flags, sc-sc_open += r + w + e; mtx_unlock(sc-sc_mtx); } - return(error); + return (error); } static int @@ -324,10 +324,10 @@ g_dev_close(struct cdev *dev, int flags, cp = dev-si_drv2; if (cp == NULL) - return(ENXIO); + return (ENXIO); g_trace(G_T_ACCESS, g_dev_close(%s, %d, %d, %p), cp-geom-name, flags, fmt, td); - + r = flags FREAD ? -1 : 0; w = flags FWRITE ? -1 : 0; #ifdef notyet @@ -361,7 +361,6 @@ g_dev_ioctl(struct cdev *dev, u_long cmd struct g_kerneldump kd; off_t offset, length, chunk; int i, error; - u_int u; cp = dev-si_drv2; pp = cp-provider; @@ -396,8 +395,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd error = g_io_getattr(GEOM::frontstuff, cp, i, data); break; case DIOCSKERNELDUMP: - u = *((u_int *)data); - if (!u) { + if (*(u_int *)data != 0) { set_dumper(NULL, NULL); error = 0; break; @@ -406,9 +404,9 @@ g_dev_ioctl(struct cdev *dev, u_long cmd kd.length = OFF_MAX; i = sizeof kd; error = g_io_getattr(GEOM::kerneldump, cp, i, kd); - if (!error) { + if (error == 0) { error = set_dumper(kd.di, devtoname(dev)); - if (!error) + if (error == 0) dev-si_flags |= SI_DUMPDEV; } break; @@ -425,7 +423,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd error = EINVAL; break; } - while (length 0) { + while (length 0) { chunk = length; if (g_dev_del_max_sectors != 0 chunk g_dev_del_max_sectors * cp-provider-sectorsize) { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r272298 - head/sys/geom
Author: pjd Date: Tue Sep 30 12:00:50 2014 New Revision: 272298 URL: http://svnweb.freebsd.org/changeset/base/272298 Log: Be prepared that set_dumper() might fail even when resetting it or prefix the call with (void) to document that we intentionally ignore the return value - no way to handle an error in case of device disappearing. Modified: head/sys/geom/geom_dev.c Modified: head/sys/geom/geom_dev.c == --- head/sys/geom/geom_dev.cTue Sep 30 11:51:32 2014(r272297) +++ head/sys/geom/geom_dev.cTue Sep 30 12:00:50 2014(r272298) @@ -396,8 +396,7 @@ g_dev_ioctl(struct cdev *dev, u_long cmd break; case DIOCSKERNELDUMP: if (*(u_int *)data != 0) { - set_dumper(NULL, NULL); - error = 0; + error = set_dumper(NULL, NULL); break; } kd.offset = 0; @@ -616,7 +615,7 @@ g_dev_orphan(struct g_consumer *cp) /* Reset any dump-area set on this device */ if (dev-si_flags SI_DUMPDEV) - set_dumper(NULL, NULL); + (void)set_dumper(NULL, NULL); /* Destroy the struct cdev *so we get no more requests */ destroy_dev_sched_cb(dev, g_dev_callback, cp); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
Re: svn commit: r271241 - head/lib/libnv
On Sun, Sep 07, 2014 at 10:56:57PM +, Garrett Cooper wrote: Author: ngie Date: Sun Sep 7 22:56:57 2014 New Revision: 271241 URL: http://svnweb.freebsd.org/changeset/base/271241 Log: Include src.opts.mk after SHLIBDIR has been defined so libnv is installed to /lib , not /usr/lib Don't forget to add /usr/lib/libnv* to ObsoleteFiles.inc. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r272102 - head/lib/libnv
Author: pjd Date: Thu Sep 25 10:59:01 2014 New Revision: 272102 URL: http://svnweb.freebsd.org/changeset/base/272102 Log: Document the new nvlist_get_parent() function. Submitted by: Mariusz Zaborski Modified: head/lib/libnv/nv.3 Modified: head/lib/libnv/nv.3 == --- head/lib/libnv/nv.3 Thu Sep 25 09:12:11 2014(r272101) +++ head/lib/libnv/nv.3 Thu Sep 25 10:59:01 2014(r272102) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd March 21, 2014 +.Dd September 25, 2014 .Dt NV 3 .Os .Sh NAME @@ -150,6 +150,8 @@ .Fn nvlist_get_descriptor const nvlist_t *nvl const char *name .Ft const void * .Fn nvlist_get_binary const nvlist_t *nvl const char *name size_t *sizep +.Ft const nvlist_t * +.Fn nvlist_get_parent const nvlist_t *nvl .\ .Ft bool .Fn nvlist_take_bool nvlist_t *nvl const char *name @@ -437,6 +439,10 @@ extension, which allows to provide defau The nvlist must not be in error state. .Pp The +.Fn nvlist_get_parent +function allows to obtain the parent nvlist from the nested nvlist. +.Pp +The .Fn nvlist_take_bool , .Fn nvlist_take_number , .Fn nvlist_take_string , ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r272042 - stable/9/contrib/openbsm/bin/auditdistd
Author: pjd Date: Tue Sep 23 21:56:15 2014 New Revision: 272042 URL: http://svnweb.freebsd.org/changeset/base/272042 Log: MFC r271577: Fix descriptors leak. PR: bin/191002 Reported by: Ryan Steinmetz Submitted by: mjg Modified: stable/9/contrib/openbsm/bin/auditdistd/subr.c Directory Properties: stable/9/contrib/openbsm/ (props changed) Modified: stable/9/contrib/openbsm/bin/auditdistd/subr.c == --- stable/9/contrib/openbsm/bin/auditdistd/subr.c Tue Sep 23 21:38:05 2014(r272041) +++ stable/9/contrib/openbsm/bin/auditdistd/subr.c Tue Sep 23 21:56:15 2014(r272042) @@ -228,6 +228,11 @@ wait_for_file_init(int fd) PJDLOG_ASSERT(fd != -1); #ifdef HAVE_KQUEUE + if (wait_for_file_kq != -1) { + close(wait_for_file_kq); + wait_for_file_kq = -1; + } + kq = kqueue(); if (kq == -1) { pjdlog_errno(LOG_WARNING, kqueue() failed); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r272048 - stable/9/sys/kern
Author: pjd Date: Tue Sep 23 22:27:34 2014 New Revision: 272048 URL: http://svnweb.freebsd.org/changeset/base/272048 Log: MFC r236360,r236361: - Add missing system calls. - Remove rmdirat system call which doesn't exist. Modified: stable/9/sys/kern/capabilities.conf Directory Properties: stable/9/sys/ (props changed) Modified: stable/9/sys/kern/capabilities.conf == --- stable/9/sys/kern/capabilities.conf Tue Sep 23 22:23:58 2014 (r272047) +++ stable/9/sys/kern/capabilities.conf Tue Sep 23 22:27:34 2014 (r272048) @@ -445,13 +445,17 @@ olio_listio faccessat fstatat fchmodat +fchownat futimesat +linkat mkdirat -rmdirat mkfifoat mknodat openat +readlinkat renameat +symlinkat +unlinkat ## ## Allow entry into open(2). This system call will fail, since access to the ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r271844 - stable/10/contrib/openbsm/bin/auditdistd
Author: pjd Date: Thu Sep 18 22:17:46 2014 New Revision: 271844 URL: http://svnweb.freebsd.org/changeset/base/271844 Log: MFC r271577: Fix descriptors leak. PR: bin/191002 Reported by: Ryan Steinmetz Submitted by: mjg Approved by: re (gjb) Modified: stable/10/contrib/openbsm/bin/auditdistd/subr.c Directory Properties: stable/10/ (props changed) Modified: stable/10/contrib/openbsm/bin/auditdistd/subr.c == --- stable/10/contrib/openbsm/bin/auditdistd/subr.c Thu Sep 18 22:16:20 2014(r271843) +++ stable/10/contrib/openbsm/bin/auditdistd/subr.c Thu Sep 18 22:17:46 2014(r271844) @@ -228,6 +228,11 @@ wait_for_file_init(int fd) PJDLOG_ASSERT(fd != -1); #ifdef HAVE_KQUEUE + if (wait_for_file_kq != -1) { + close(wait_for_file_kq); + wait_for_file_kq = -1; + } + kq = kqueue(); if (kq == -1) { pjdlog_errno(LOG_WARNING, kqueue() failed); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r271847 - head/lib/libnv
Author: pjd Date: Thu Sep 18 22:34:52 2014 New Revision: 271847 URL: http://svnweb.freebsd.org/changeset/base/271847 Log: Don't use nvl in case of a failure. Reported by: Coverity CID: 1238922 Modified: head/lib/libnv/nvpair.c Modified: head/lib/libnv/nvpair.c == --- head/lib/libnv/nvpair.c Thu Sep 18 22:27:02 2014(r271846) +++ head/lib/libnv/nvpair.c Thu Sep 18 22:34:52 2014(r271847) @@ -963,7 +963,8 @@ nvpair_createv_nvlist(const nvlist_t *va namefmt, nameap); if (nvp == NULL) nvlist_destroy(nvl); - nvlist_set_parent(nvl, nvp); + else + nvlist_set_parent(nvl, nvp); return (nvp); } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r271577 - head/contrib/openbsm/bin/auditdistd
Author: pjd Date: Sun Sep 14 09:26:33 2014 New Revision: 271577 URL: http://svnweb.freebsd.org/changeset/base/271577 Log: Fix descriptors leak. PR: bin/191002 Reported by: Ryan Steinmetz Submitted by: mjg Modified: head/contrib/openbsm/bin/auditdistd/subr.c Modified: head/contrib/openbsm/bin/auditdistd/subr.c == --- head/contrib/openbsm/bin/auditdistd/subr.c Sun Sep 14 09:20:01 2014 (r271576) +++ head/contrib/openbsm/bin/auditdistd/subr.c Sun Sep 14 09:26:33 2014 (r271577) @@ -228,6 +228,11 @@ wait_for_file_init(int fd) PJDLOG_ASSERT(fd != -1); #ifdef HAVE_KQUEUE + if (wait_for_file_kq != -1) { + close(wait_for_file_kq); + wait_for_file_kq = -1; + } + kq = kqueue(); if (kq == -1) { pjdlog_errno(LOG_WARNING, kqueue() failed); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r271578 - head/lib/libnv
Author: pjd Date: Sun Sep 14 09:27:12 2014 New Revision: 271578 URL: http://svnweb.freebsd.org/changeset/base/271578 Log: Remove the limit on descriptors that can be send in one nvlist. Submitted by: Mariusz Zaborski Modified: head/lib/libnv/msgio.c Modified: head/lib/libnv/msgio.c == --- head/lib/libnv/msgio.c Sun Sep 14 09:26:33 2014(r271577) +++ head/lib/libnv/msgio.c Sun Sep 14 09:27:12 2014(r271578) @@ -31,7 +31,7 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/types.h +#include sys/param.h #include sys/socket.h #include errno.h @@ -56,6 +56,8 @@ __FBSDID($FreeBSD$); #definePJDLOG_ABORT(...) abort() #endif +#definePKG_MAX_SIZE(MCLBYTES / CMSG_SPACE(sizeof(int)) - 1) + static int msghdr_add_fd(struct cmsghdr *cmsg, int fd) { @@ -234,22 +236,31 @@ cred_recv(int sock, struct cmsgcred *cre return (0); } -int -fd_send(int sock, const int *fds, size_t nfds) +static int +fd_package_send(int sock, const int *fds, size_t nfds) { struct msghdr msg; struct cmsghdr *cmsg; + struct iovec iov; unsigned int i; int serrno, ret; + uint8_t dummy; - if (nfds == 0 || fds == NULL) { - errno = EINVAL; - return (-1); - } + PJDLOG_ASSERT(sock = 0); + PJDLOG_ASSERT(fds != NULL); + PJDLOG_ASSERT(nfds 0); bzero(msg, sizeof(msg)); - msg.msg_iov = NULL; - msg.msg_iovlen = 0; + + /* +* XXX: Look into cred_send function for more details. +*/ + dummy = 0; + iov.iov_base = dummy; + iov.iov_len = sizeof(dummy); + + msg.msg_iov = iov; + msg.msg_iovlen = 1; msg.msg_controllen = nfds * CMSG_SPACE(sizeof(int)); msg.msg_control = calloc(1, msg.msg_controllen); if (msg.msg_control == NULL) @@ -274,22 +285,32 @@ end: return (ret); } -int -fd_recv(int sock, int *fds, size_t nfds) +static int +fd_package_recv(int sock, int *fds, size_t nfds) { struct msghdr msg; struct cmsghdr *cmsg; unsigned int i; int serrno, ret; + struct iovec iov; + uint8_t dummy; - if (nfds == 0 || fds == NULL) { - errno = EINVAL; - return (-1); - } + PJDLOG_ASSERT(sock = 0); + PJDLOG_ASSERT(nfds 0); + PJDLOG_ASSERT(fds != NULL); + i = 0; bzero(msg, sizeof(msg)); - msg.msg_iov = NULL; - msg.msg_iovlen = 0; + bzero(iov, sizeof(iov)); + + /* +* XXX: Look into cred_send function for more details. +*/ + iov.iov_base = dummy; + iov.iov_len = sizeof(dummy); + + msg.msg_iov = iov; + msg.msg_iovlen = 1; msg.msg_controllen = nfds * CMSG_SPACE(sizeof(int)); msg.msg_control = calloc(1, msg.msg_controllen); if (msg.msg_control == NULL) @@ -333,6 +354,64 @@ end: } int +fd_recv(int sock, int *fds, size_t nfds) +{ + unsigned int i, step, j; + int ret, serrno; + + if (nfds == 0 || fds == NULL) { + errno = EINVAL; + return (-1); + } + + ret = i = step = 0; + while (i nfds) { + if (PKG_MAX_SIZE nfds - i) + step = PKG_MAX_SIZE; + else + step = nfds - i; + ret = fd_package_recv(sock, fds + i, step); + if (ret != 0) { + /* Close all received descriptors. */ + serrno = errno; + for (j = 0; j i; j++) + close(fds[j]); + errno = serrno; + break; + } + i += step; + } + + return (ret); +} + +int +fd_send(int sock, const int *fds, size_t nfds) +{ + unsigned int i, step; + int ret; + + if (nfds == 0 || fds == NULL) { + errno = EINVAL; + return (-1); + } + + ret = i = step = 0; + while (i nfds) { + if (PKG_MAX_SIZE nfds - i) + step = PKG_MAX_SIZE; + else + step = nfds - i; + ret = fd_package_send(sock, fds + i, step); + if (ret != 0) + break; + i += step; + } + + return (ret); +} + +int buf_send(int sock, void *buf, size_t size) { ssize_t done; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r271579 - head/lib/libnv
Author: pjd Date: Sun Sep 14 09:30:09 2014 New Revision: 271579 URL: http://svnweb.freebsd.org/changeset/base/271579 Log: Use non-recursive algorithm for traversing nvlists. This also removes the limit on number of nested nvlists. Submitted by: Mariusz Zaborski Modified: head/lib/libnv/nv.h head/lib/libnv/nv_impl.h head/lib/libnv/nvlist.c head/lib/libnv/nvlist_impl.h head/lib/libnv/nvpair.c head/lib/libnv/nvpair_impl.h Modified: head/lib/libnv/nv.h == --- head/lib/libnv/nv.h Sun Sep 14 09:27:12 2014(r271578) +++ head/lib/libnv/nv.h Sun Sep 14 09:30:09 2014(r271579) @@ -83,6 +83,8 @@ nvlist_t *nvlist_xfer(int sock, nvlist_t const char *nvlist_next(const nvlist_t *nvl, int *typep, void **cookiep); +const nvlist_t *nvlist_get_parent(const nvlist_t *nvl); + /* * The nvlist_exists functions check if the given name (optionally of the given * type) exists on nvlist. Modified: head/lib/libnv/nv_impl.h == --- head/lib/libnv/nv_impl.hSun Sep 14 09:27:12 2014(r271578) +++ head/lib/libnv/nv_impl.hSun Sep 14 09:30:09 2014(r271579) @@ -39,6 +39,8 @@ struct nvpair; typedef struct nvpair nvpair_t; #endif +#defineNV_TYPE_NVLIST_UP 255 + #defineNV_TYPE_FIRST NV_TYPE_NULL #defineNV_TYPE_LASTNV_TYPE_BINARY @@ -55,6 +57,8 @@ void nvlist_add_nvpair(nvlist_t *nvl, co void nvlist_move_nvpair(nvlist_t *nvl, nvpair_t *nvp); +void nvlist_set_parent(nvlist_t *nvl, nvpair_t *parent); + const nvpair_t *nvlist_get_nvpair(const nvlist_t *nvl, const char *name); nvpair_t *nvlist_take_nvpair(nvlist_t *nvl, const char *name); Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Sun Sep 14 09:27:12 2014(r271578) +++ head/lib/libnv/nvlist.c Sun Sep 14 09:30:09 2014(r271579) @@ -73,10 +73,11 @@ __FBSDID($FreeBSD$); #defineNVLIST_MAGIC0x6e766c/* nvl */ struct nvlist { - int nvl_magic; - int nvl_error; - int nvl_flags; - struct nvl_head nvl_head; + int nvl_magic; + int nvl_error; + int nvl_flags; + nvpair_t*nvl_parent; + struct nvl_head nvl_head; }; #defineNVLIST_ASSERT(nvl) do { \ @@ -106,6 +107,7 @@ nvlist_create(int flags) nvl = malloc(sizeof(*nvl)); nvl-nvl_error = 0; nvl-nvl_flags = flags; + nvl-nvl_parent = NULL; TAILQ_INIT(nvl-nvl_head); nvl-nvl_magic = NVLIST_MAGIC; @@ -147,6 +149,36 @@ nvlist_error(const nvlist_t *nvl) return (nvl-nvl_error); } +nvpair_t * +nvlist_get_nvpair_parent(const nvlist_t *nvl) +{ + + NVLIST_ASSERT(nvl); + + return (nvl-nvl_parent); +} + +const nvlist_t * +nvlist_get_parent(const nvlist_t *nvl) +{ + + NVLIST_ASSERT(nvl); + + if (nvl-nvl_parent == NULL) + return (NULL); + + return (nvpair_nvlist(nvl-nvl_parent)); +} + +void +nvlist_set_parent(nvlist_t *nvl, nvpair_t *parent) +{ + + NVLIST_ASSERT(nvl); + + nvl-nvl_parent = parent; +} + bool nvlist_empty(const nvlist_t *nvl) { @@ -301,24 +333,34 @@ nvlist_clone(const nvlist_t *nvl) return (newnvl); } +static bool +nvlist_dump_error_check(const nvlist_t *nvl, int fd, int level) +{ + + if (nvlist_error(nvl) != 0) { + dprintf(fd, %*serror: %d\n, level * 4, , + nvlist_error(nvl)); + return (true); + } + + return (false); +} + /* * Dump content of nvlist. */ -static void -nvlist_xdump(const nvlist_t *nvl, int fd, int level) +void +nvlist_dump(const nvlist_t *nvl, int fd) { nvpair_t *nvp; + int level; - PJDLOG_ASSERT(level 3); - - if (nvlist_error(nvl) != 0) { - dprintf(fd, %*serror: %d\n, level * 4, , - nvlist_error(nvl)); + level = 0; + if (nvlist_dump_error_check(nvl, fd, level)) return; - } - for (nvp = nvlist_first_nvpair(nvl); nvp != NULL; - nvp = nvlist_next_nvpair(nvl, nvp)) { + nvp = nvlist_first_nvpair(nvl); + while (nvp != NULL) { dprintf(fd, %*s%s (%s):, level * 4, , nvpair_name(nvp), nvpair_type_string(nvpair_type(nvp))); switch (nvpair_type(nvp)) { @@ -340,8 +382,14 @@ nvlist_xdump(const nvlist_t *nvl, int fd break; case NV_TYPE_NVLIST: dprintf(fd, \n); - nvlist_xdump(nvpair_get_nvlist(nvp), fd, level + 1); - break; + nvl =
svn commit: r271026 - head/lib/libnv
Author: pjd Date: Wed Sep 3 14:44:23 2014 New Revision: 271026 URL: http://svnweb.freebsd.org/changeset/base/271026 Log: Fix descriptors leak in case of nvlist_xunpack() failure. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Wed Sep 3 14:16:50 2014(r271025) +++ head/lib/libnv/nvlist.c Wed Sep 3 14:44:23 2014(r271026) @@ -760,8 +760,11 @@ nvlist_recv(int sock) } nvl = nvlist_xunpack(buf, size, fds, nfds); - if (nvl == NULL) + if (nvl == NULL) { + for (i = 0; i nfds; i++) + close(fds[i]); goto out; + } ret = nvl; out: ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r271027 - head/lib/libnv
Author: pjd Date: Wed Sep 3 15:06:47 2014 New Revision: 271027 URL: http://svnweb.freebsd.org/changeset/base/271027 Log: Declare i. Reported by: sbruno Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Wed Sep 3 14:44:23 2014(r271026) +++ head/lib/libnv/nvlist.c Wed Sep 3 15:06:47 2014(r271027) @@ -728,7 +728,7 @@ nvlist_recv(int sock) nvlist_t *nvl, *ret; unsigned char *buf; size_t nfds, size; - int serrno, *fds; + int serrno, i, *fds; if (buf_recv(sock, nvlhdr, sizeof(nvlhdr)) == -1) return (NULL); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r271028 - head/lib/libnv
Author: pjd Date: Wed Sep 3 15:08:33 2014 New Revision: 271028 URL: http://svnweb.freebsd.org/changeset/base/271028 Log: Use better type for i. Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Wed Sep 3 15:06:47 2014(r271027) +++ head/lib/libnv/nvlist.c Wed Sep 3 15:08:33 2014(r271028) @@ -727,8 +727,8 @@ nvlist_recv(int sock) struct nvlist_header nvlhdr; nvlist_t *nvl, *ret; unsigned char *buf; - size_t nfds, size; - int serrno, i, *fds; + size_t nfds, size, i; + int serrno, *fds; if (buf_recv(sock, nvlhdr, sizeof(nvlhdr)) == -1) return (NULL); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r267914 - in head: sbin/dhclient sys/kern
Author: pjd Date: Thu Jun 26 13:57:44 2014 New Revision: 267914 URL: http://svnweb.freebsd.org/changeset/base/267914 Log: Remove duplicated includes. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/sbin/dhclient/bpf.c head/sbin/dhclient/dhclient.c head/sys/kern/kern_exec.c head/sys/kern/subr_capability.c Modified: head/sbin/dhclient/bpf.c == --- head/sbin/dhclient/bpf.cThu Jun 26 13:02:21 2014(r267913) +++ head/sbin/dhclient/bpf.cThu Jun 26 13:57:44 2014(r267914) @@ -43,8 +43,6 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/capsicum.h - #include dhcpd.h #include privsep.h #include sys/capsicum.h Modified: head/sbin/dhclient/dhclient.c == --- head/sbin/dhclient/dhclient.c Thu Jun 26 13:02:21 2014 (r267913) +++ head/sbin/dhclient/dhclient.c Thu Jun 26 13:57:44 2014 (r267914) @@ -56,8 +56,6 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/capsicum.h - #include dhcpd.h #include privsep.h Modified: head/sys/kern/kern_exec.c == --- head/sys/kern/kern_exec.c Thu Jun 26 13:02:21 2014(r267913) +++ head/sys/kern/kern_exec.c Thu Jun 26 13:57:44 2014(r267914) @@ -35,7 +35,6 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/capsicum.h #include sys/systm.h -#include sys/capsicum.h #include sys/eventhandler.h #include sys/lock.h #include sys/mutex.h Modified: head/sys/kern/subr_capability.c == --- head/sys/kern/subr_capability.c Thu Jun 26 13:02:21 2014 (r267913) +++ head/sys/kern/subr_capability.c Thu Jun 26 13:57:44 2014 (r267914) @@ -34,16 +34,14 @@ __FBSDID($FreeBSD$); * Note that this file is compiled into the kernel and into libc. */ -#ifdef _KERNEL #include sys/types.h #include sys/capsicum.h + +#ifdef _KERNEL #include sys/systm.h #include machine/stdarg.h #else /* !_KERNEL */ -#include sys/types.h -#include sys/capsicum.h - #include assert.h #include stdarg.h #include stdbool.h ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r267159 - head/sbin/geom/class/stripe
Author: pjd Date: Fri Jun 6 13:00:53 2014 New Revision: 267159 URL: http://svnweb.freebsd.org/changeset/base/267159 Log: The 'create' subcommand doesn't have '-h' option. Modified: head/sbin/geom/class/stripe/geom_stripe.c Modified: head/sbin/geom/class/stripe/geom_stripe.c == --- head/sbin/geom/class/stripe/geom_stripe.c Fri Jun 6 12:52:44 2014 (r267158) +++ head/sbin/geom/class/stripe/geom_stripe.c Fri Jun 6 13:00:53 2014 (r267159) @@ -62,7 +62,7 @@ struct g_command class_commands[] = { { 's', stripesize, GSTRIPE_STRIPESIZE, G_TYPE_NUMBER }, G_OPT_SENTINEL }, - [-hv] [-s stripesize] name prov prov ... + [-v] [-s stripesize] name prov prov ... }, { destroy, G_FLAG_VERBOSE, NULL, { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
Re: svn commit: r266749 - stable/10/sys/geom/eli
On Tue, May 27, 2014 at 05:40:47PM +0200, Marius Strobl wrote: On Tue, May 27, 2014 at 05:20:58PM +0200, Fabian Keil wrote: Marius Strobl mar...@freebsd.org wrote: Author: marius Date: Tue May 27 14:55:09 2014 New Revision: 266749 URL: http://svnweb.freebsd.org/changeset/base/266749 Log: MFC: r259428 Clear content of keyfiles loaded by the loader after processing them. kern/185084 (Keyfile content potentially cleared prematurely after r259428) is now probably relevant for STABLE, too: http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/185084 Ah, okay, thanks for bringing this to attention. It's probably best for pjd@ (CC'ed) to decided what to do regarding that PR, though. Brad (CCed) already proposed a fix. I believe he is planning to commit it shortly. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r265145 - head/lib/libcapsicum
Author: pjd Date: Wed Apr 30 09:58:28 2014 New Revision: 265145 URL: http://svnweb.freebsd.org/changeset/base/265145 Log: Don't forget to remember previous element at the end of the loop. Reported by: brueffer Found with: Coverity Prevent(tm) CID: 1135301 Modified: head/lib/libcapsicum/libcapsicum_dns.c Modified: head/lib/libcapsicum/libcapsicum_dns.c == --- head/lib/libcapsicum/libcapsicum_dns.c Wed Apr 30 09:57:38 2014 (r265144) +++ head/lib/libcapsicum/libcapsicum_dns.c Wed Apr 30 09:58:28 2014 (r265145) @@ -247,6 +247,7 @@ cap_getaddrinfo(cap_channel_t *chan, con prevai-ai_next = curai; else if (firstai == NULL) firstai = curai; + prevai = curai; } nvlist_destroy(nvl); if (curai == NULL nvlai != NULL) { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r264236 - head/sys/bsm
Author: pjd Date: Mon Apr 7 20:44:00 2014 New Revision: 264236 URL: http://svnweb.freebsd.org/changeset/base/264236 Log: IFp4 @1192291: - Don't include sys/caprights.h, leverage the fact that cap_rights_t is also defined in sys/types.h. - Include sys/types.h directly. - For systems that do not have cap_rights_t, define it, so we can use it in au_to_rights() prototype. Discussed with: rwatson Modified: head/sys/bsm/audit_record.h Modified: head/sys/bsm/audit_record.h == --- head/sys/bsm/audit_record.h Mon Apr 7 19:32:56 2014(r264235) +++ head/sys/bsm/audit_record.h Mon Apr 7 20:44:00 2014(r264236) @@ -33,8 +33,8 @@ #ifndef _BSM_AUDIT_RECORD_H_ #define _BSM_AUDIT_RECORD_H_ +#include sys/types.h #include sys/time.h /* struct timeval */ -#include sys/caprights.h /* cap_rights_t */ /* * Token type identifiers. @@ -191,6 +191,13 @@ struct sockaddr_un; struct vnode_au_info; #endif +#ifndef_CAP_RIGHTS_T_DECLARED +#define_CAP_RIGHTS_T_DECLARED +struct cap_rights; + +typedefstruct cap_rights cap_rights_t; +#endif + int au_open(void); int au_write(int d, token_t *m); int au_close(int d, int keep, short event); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
Re: svn commit: r262566 - in stable/10: crypto/openssh crypto/openssh/contrib/caldera crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-com
On Tue, Mar 04, 2014 at 11:46:57AM -0500, John Baldwin wrote: On Tuesday, March 04, 2014 3:40:47 am Dag-Erling Smørgrav wrote: Pawel Jakub Dawidek p...@freebsd.org writes: Dimitry Andric dimi...@andric.com writes: Wouldn't it be enough to merge r261499 (Fix installations that use kernels without CAPABILITIES support) by pjd? Yes, my change should be definiately merged with OpenSSH merge. If nobody beats me to it, I should be able to merge it tomorrow. Please do. I thought I had included it in the MFC since it was already in head, but I'd forgotten that it had been committed separately. Xin already did it. BTW, IWBNI there were a cap_available() predicate or something like that which we could check up front, and short-circuit the entire Capsicum part of ssh_sandbox_child() if it failed. If the capsicum code adds a FEATURE(capsicum) macro in the kernel bits, you can use 'if (feature_present(capsicum))' in userland to check. It does add the following: FEATURE(security_capability_mode, Capsicum Capability Mode); FEATURE(security_capabilities, Capsicum Capabilities); -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgp1_FBv_pGRz.pgp Description: PGP signature
Re: svn commit: r262566 - in stable/10: crypto/openssh crypto/openssh/contrib/caldera crypto/openssh/contrib/cygwin crypto/openssh/contrib/redhat crypto/openssh/contrib/suse crypto/openssh/openbsd-com
On Mon, Mar 03, 2014 at 10:47:43PM +0100, Dimitry Andric wrote: On 03 Mar 2014, at 21:36, John Baldwin j...@freebsd.org wrote: On Thursday, February 27, 2014 12:29:02 pm Dag-Erling SmXXrgrav wrote: Author: des Date: Thu Feb 27 17:29:02 2014 New Revision: 262566 URL: http://svnweb.freebsd.org/changeset/base/262566 Log: MFH (r261320): upgrade openssh to 6.5p1 MFH (r261340): enable sandboxing by default Mails on stable@ suggest that this latter change may be a bit of a POLA violation as if people are using a custom kernel configuration that doesn't include CAPSICUM they are now locked out of their boxes as sshd fails. It seems that this is at least worth a note in UPDATING if not adding a workaround to handle the case of a kernel without CAPSICUM. Wouldn't it be enough to merge r261499 (Fix installations that use kernels without CAPABILITIES support) by pjd? Yes, my change should be definiately merged with OpenSSH merge. If nobody beats me to it, I should be able to merge it tomorrow. -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgp6dSgCuTJph.pgp Description: PGP signature
svn commit: r262405 - head/usr.bin/kdump
Author: pjd Date: Sun Feb 23 22:13:16 2014 New Revision: 262405 URL: http://svnweb.freebsd.org/changeset/base/262405 Log: Capability rights are held by descriptors, not processes. Reported by: jonathan Modified: head/usr.bin/kdump/kdump.c Modified: head/usr.bin/kdump/kdump.c == --- head/usr.bin/kdump/kdump.c Sun Feb 23 22:12:25 2014(r262404) +++ head/usr.bin/kdump/kdump.c Sun Feb 23 22:13:16 2014(r262405) @@ -1877,7 +1877,7 @@ ktrcapfail(struct ktr_cap_fail *ktr) /* operation on fd with insufficient capabilities */ printf(operation requires ); capname(ktr-cap_needed); - printf(, process holds ); + printf(, descriptor holds ); capname(ktr-cap_held); break; case CAPFAIL_INCREASE: ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r261742 - head/gnu/usr.bin/groff/tmac
Author: pjd Date: Tue Feb 11 09:17:17 2014 New Revision: 261742 URL: http://svnweb.freebsd.org/changeset/base/261742 Log: Add missing libraries here as well, so a warning is not printed when one tries to view their manual pages. Reported by: rwatson Explained by: pluknet Modified: head/gnu/usr.bin/groff/tmac/mdoc.local Modified: head/gnu/usr.bin/groff/tmac/mdoc.local == --- head/gnu/usr.bin/groff/tmac/mdoc.local Tue Feb 11 08:20:45 2014 (r261741) +++ head/gnu/usr.bin/groff/tmac/mdoc.local Tue Feb 11 09:17:17 2014 (r261742) @@ -34,11 +34,13 @@ .\ FreeBSD .Lb values .ds doc-str-Lb-libarchive Streaming Archive Library (libarchive, \-larchive) .ds doc-str-Lb-libbluetooth Bluetooth User Library (libbluetooth, \-lbluetooth) +.ds doc-str-Lb-libcapsicum Capsicum Library (libcapsicum, \-lcapsicum) .ds doc-str-Lb-libedit Line Editor and History Library (libedit, \-ledit) .ds doc-str-Lb-libefi EFI Runtime Services Library (libefi, \-lefi) .ds doc-str-Lb-libelf ELF Parsing Library (libelf, \-lelf) .ds doc-str-Lb-libexecinfo Backtrace Access Library (libexecinfo, \-lexecinfo) .ds doc-str-Lb-libfetchFile Transfer Library (libfetch, \-lfetch) +.ds doc-str-Lb-libnv Name/value pairs library (libnv, \-lnv) .ds doc-str-Lb-libpmc Performance Monitoring Counters Interface Library (libpmc, \-lpmc) .ds doc-str-Lb-libproc Processor Monitoring and Analysis Library (libproc, \-lproc) .ds doc-str-Lb-libprocstat Process and Files Information Retrieval (libprocstat, \-lprocstat) ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r261692 - head/sbin/casperd
Author: pjd Date: Sun Feb 9 21:42:01 2014 New Revision: 261692 URL: http://svnweb.freebsd.org/changeset/base/261692 Log: If the main casperd process exits, zygote process should exit as well instead of spinning. Reported by: Mikhail m...@lenta.ru Modified: head/sbin/casperd/zygote.c Modified: head/sbin/casperd/zygote.c == --- head/sbin/casperd/zygote.c Sun Feb 9 21:27:32 2014(r261691) +++ head/sbin/casperd/zygote.c Sun Feb 9 21:42:01 2014(r261692) @@ -132,8 +132,13 @@ zygote_main(int sock) for (;;) { nvlin = nvlist_recv(sock); - if (nvlin == NULL) + if (nvlin == NULL) { + if (errno == ENOTCONN) { + /* Casperd exited. */ + exit(0); + } continue; + } func = (zygote_func_t *)(uintptr_t)nvlist_get_number(nvlin, func); flags = (int)nvlist_get_number(nvlin, flags); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r261693 - head/lib/libcasper
Author: pjd Date: Sun Feb 9 21:47:46 2014 New Revision: 261693 URL: http://svnweb.freebsd.org/changeset/base/261693 Log: Fix descriptor leak. Modified: head/lib/libcasper/libcasper.c Modified: head/lib/libcasper/libcasper.c == --- head/lib/libcasper/libcasper.c Sun Feb 9 21:42:01 2014 (r261692) +++ head/lib/libcasper/libcasper.c Sun Feb 9 21:47:46 2014 (r261693) @@ -344,7 +344,7 @@ service_message(struct service *service, if (sock == -1) { error = errno; } else { - nvlist_add_descriptor(nvlout, sock, sock); + nvlist_move_descriptor(nvlout, sock, sock); error = 0; } } else { ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r261612 - head/share/man/man4
Author: pjd Date: Fri Feb 7 22:15:48 2014 New Revision: 261612 URL: http://svnweb.freebsd.org/changeset/base/261612 Log: Add cross-references to casperd(8) and libcapsicum(3). Suggested by: rwatson Modified: head/share/man/man4/capsicum.4 Modified: head/share/man/man4/capsicum.4 == --- head/share/man/man4/capsicum.4 Fri Feb 7 22:04:56 2014 (r261611) +++ head/share/man/man4/capsicum.4 Fri Feb 7 22:15:48 2014 (r261612) @@ -104,7 +104,9 @@ associated with file descriptors; descri .Xr shm_open 2 , .Xr write 2 , .Xr cap_rights_get 3 , -.Xr procdesc 4 +.Xr libcapsicum 3 , +.Xr procdesc 4 , +.Xr casperd 8 .Sh HISTORY .Nm first appeared in ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r261498 - head/sbin/ping
Author: pjd Date: Tue Feb 4 21:43:53 2014 New Revision: 261498 URL: http://svnweb.freebsd.org/changeset/base/261498 Log: Protect ping(8) using Capsicum and Casper. This is protection against malicious network packets that we parse and not against local users trying to gain root access through ping's set-uid bit - this is handled by dropping privileges very early in ping. Submitted by: Mikhail m...@lenta.ru Modified: head/sbin/ping/Makefile head/sbin/ping/ping.c Modified: head/sbin/ping/Makefile == --- head/sbin/ping/Makefile Tue Feb 4 21:23:12 2014(r261497) +++ head/sbin/ping/Makefile Tue Feb 4 21:43:53 2014(r261498) @@ -1,6 +1,8 @@ # @(#)Makefile8.1 (Berkeley) 6/5/93 # $FreeBSD$ +.include bsd.own.mk + PROG= ping MAN= ping.8 BINOWN=root @@ -9,6 +11,12 @@ WARNS?= 2 DPADD= ${LIBM} LDADD= -lm +.if ${MK_CASPER} != no !defined(RESCUE) +DPADD+=${LIBCAPSICUM} +LDADD+=-lcapsicum +CFLAGS+=-DHAVE_LIBCAPSICUM +.endif + .if !defined(RELEASE_CRUNCH) CFLAGS+=-DIPSEC DPADD+=${LIBIPSEC} Modified: head/sbin/ping/ping.c == --- head/sbin/ping/ping.c Tue Feb 4 21:23:12 2014(r261497) +++ head/sbin/ping/ping.c Tue Feb 4 21:43:53 2014(r261498) @@ -63,6 +63,7 @@ __FBSDID($FreeBSD$); */ #include sys/param.h /* NB: we rely on this for sys/types.h */ +#include sys/capability.h #include sys/socket.h #include sys/sysctl.h #include sys/time.h @@ -74,6 +75,11 @@ __FBSDID($FreeBSD$); #include netinet/ip_icmp.h #include netinet/ip_var.h #include arpa/inet.h +#ifdef HAVE_LIBCAPSICUM +#include libcapsicum.h +#include libcapsicum_dns.h +#include libcapsicum_service.h +#endif #ifdef IPSEC #include netipsec/ipsec.h @@ -157,7 +163,8 @@ char rcvd_tbl[MAX_DUP_CHK / 8]; struct sockaddr_in whereto;/* who to ping */ int datalen = DEFDATALEN; int maxpayload; -int s; /* socket file descriptor */ +int ssend; /* send socket file descriptor */ +int srecv; /* receive socket file descriptor */ u_char outpackhdr[IP_MAXPACKET], *outpack; char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */ char BSPACE = '\b';/* characters written for flood */ @@ -197,8 +204,15 @@ double tsumsq = 0.0; /* sum of all time volatile sig_atomic_t finish_up; /* nonzero if we've been told to finish up */ volatile sig_atomic_t siginfo_p; +#ifdef HAVE_LIBCAPSICUM +static cap_channel_t *capdns; +#endif + static void fill(char *, char *); static u_short in_cksum(u_short *, int); +#ifdef HAVE_LIBCAPSICUM +static cap_channel_t *capdns_setup(void); +#endif static void check_status(void); static void finish(void) __dead2; static void pinger(void); @@ -233,8 +247,8 @@ main(int argc, char *const *argv) struct sockaddr_in *to; double t; u_long alarmtimeout, ultmp; - int almost_done, ch, df, hold, i, icmp_len, mib[4], preload, sockerrno, - tos, ttl; + int almost_done, ch, df, hold, i, icmp_len, mib[4], preload; + int ssend_errno, srecv_errno, tos, ttl; char ctrl[CMSG_SPACE(sizeof(struct timeval))]; char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN]; #ifdef IP_OPTIONS @@ -246,14 +260,26 @@ main(int argc, char *const *argv) #ifdef IPSEC_POLICY_IPSEC policy_in = policy_out = NULL; #endif + cap_rights_t rights; + bool cansandbox; /* * Do the stuff that we need root priv's for *first*, and * then drop our setuid bit. Save error reporting for * after arg parsing. +* +* Historicaly ping was using one socket 's' for sending and for +* receiving. After capsicum(4) related changes we use two +* sockets. It was done for special ping use case - when user +* issue ping on multicast or broadcast address replies come +* from different addresses, not from the address we +* connect(2)'ed to, and send socket do not receive those +* packets. */ - s = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); - sockerrno = errno; + ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); + ssend_errno = errno; + srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); + srecv_errno = errno; if (setuid(getuid()) != 0) err(EX_NOPERM, setuid() failed); @@ -527,13 +553,22 @@ main(int argc, char *const *argv) if (options F_PINGFILLED) { fill((char *)datap, payload); } +#ifdef HAVE_LIBCAPSICUM + capdns = capdns_setup(); +#endif if (source) { bzero((char *)sock_in, sizeof(sock_in)); sock_in.sin_family = AF_INET; if (inet_aton(source,
svn commit: r261499 - head/crypto/openssh
Author: pjd Date: Tue Feb 4 21:48:09 2014 New Revision: 261499 URL: http://svnweb.freebsd.org/changeset/base/261499 Log: Fix installations that use kernels without CAPABILITIES support. Approved by: des Modified: head/crypto/openssh/sandbox-capsicum.c Modified: head/crypto/openssh/sandbox-capsicum.c == --- head/crypto/openssh/sandbox-capsicum.c Tue Feb 4 21:43:53 2014 (r261498) +++ head/crypto/openssh/sandbox-capsicum.c Tue Feb 4 21:48:09 2014 (r261499) @@ -94,10 +94,12 @@ ssh_sandbox_child(struct ssh_sandbox *bo fatal(can't limit stderr: %m); cap_rights_init(rights, CAP_READ, CAP_WRITE); - if (cap_rights_limit(box-monitor-m_recvfd, rights) == -1) + if (cap_rights_limit(box-monitor-m_recvfd, rights) == -1 + errno != ENOSYS) fatal(%s: failed to limit the network socket, __func__); cap_rights_init(rights, CAP_WRITE); - if (cap_rights_limit(box-monitor-m_log_sendfd, rights) == -1) + if (cap_rights_limit(box-monitor-m_log_sendfd, rights) == -1 + errno != ENOSYS) fatal(%s: failed to limit the logging socket, __func__); if (cap_enter() 0 errno != ENOSYS) fatal(%s: failed to enter capability mode, __func__); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r261407 - head/lib/libnv
Author: pjd Date: Sun Feb 2 19:03:52 2014 New Revision: 261407 URL: http://svnweb.freebsd.org/changeset/base/261407 Log: Fix sending empty nvlist. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/msgio.c Modified: head/lib/libnv/msgio.c == --- head/lib/libnv/msgio.c Sun Feb 2 17:48:06 2014(r261406) +++ head/lib/libnv/msgio.c Sun Feb 2 19:03:52 2014(r261407) @@ -364,7 +364,7 @@ buf_recv(int sock, void *buf, size_t siz unsigned char *ptr; ptr = buf; - do { + while (size 0) { fd_wait(sock, true); done = recv(sock, ptr, size, 0); if (done == -1) { @@ -377,7 +377,7 @@ buf_recv(int sock, void *buf, size_t siz } size -= done; ptr += done; - } while (size 0); + } return (0); } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r261408 - head/lib/libnv
Author: pjd Date: Sun Feb 2 19:06:00 2014 New Revision: 261408 URL: http://svnweb.freebsd.org/changeset/base/261408 Log: Assert input arguments to buf_send() and buf_recv(). Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/lib/libnv/msgio.c Modified: head/lib/libnv/msgio.c == --- head/lib/libnv/msgio.c Sun Feb 2 19:03:52 2014(r261407) +++ head/lib/libnv/msgio.c Sun Feb 2 19:06:00 2014(r261408) @@ -338,6 +338,10 @@ buf_send(int sock, void *buf, size_t siz ssize_t done; unsigned char *ptr; + PJDLOG_ASSERT(sock = 0); + PJDLOG_ASSERT(size 0); + PJDLOG_ASSERT(buf != NULL); + ptr = buf; do { fd_wait(sock, false); @@ -363,6 +367,9 @@ buf_recv(int sock, void *buf, size_t siz ssize_t done; unsigned char *ptr; + PJDLOG_ASSERT(sock = 0); + PJDLOG_ASSERT(buf != NULL); + ptr = buf; while (size 0) { fd_wait(sock, true); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r260471 - head/sbin/casperd
Author: pjd Date: Thu Jan 9 09:19:59 2014 New Revision: 260471 URL: http://svnweb.freebsd.org/changeset/base/260471 Log: Always create /var/run/casper with correct permissions and don't depend on the calling process' umask. Submitted by: Mikhail m...@lenta.ru Modified: head/sbin/casperd/casperd.c Modified: head/sbin/casperd/casperd.c == --- head/sbin/casperd/casperd.c Thu Jan 9 09:16:35 2014(r260470) +++ head/sbin/casperd/casperd.c Thu Jan 9 09:19:59 2014(r260471) @@ -541,6 +541,7 @@ main_loop(const char *sockpath, struct p struct casper_service *casserv; struct service_connection *sconn, *sconntmp; int lsock, sock, maxfd, ret; + mode_t oldumask; lsock = socket(AF_UNIX, SOCK_STREAM, 0); if (lsock == -1) @@ -554,8 +555,10 @@ main_loop(const char *sockpath, struct p sizeof(sun.sun_path)); sun.sun_len = SUN_LEN(sun); + oldumask = umask(S_IXUSR | S_IXGRP | S_IXOTH); if (bind(lsock, (struct sockaddr *)sun, sizeof(sun)) == -1) pjdlog_exit(1, Unable to bind to %s, sockpath); + (void)umask(oldumask); if (listen(lsock, 8) == -1) pjdlog_exit(1, Unable to listen on %s, sockpath); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r260402 - stable/10/sys/sys
Author: pjd Date: Tue Jan 7 19:46:17 2014 New Revision: 260402 URL: http://svnweb.freebsd.org/changeset/base/260402 Log: MFC r260290: Bring back the old size of the kinfo_file structure to preserve ABI. Keep only one uint64_t spare for further cap_rights_t expension. Add a comment clarifying that if the size of this structure changes, a new sysctl MIB has to be allocate for it and the old structure has to be returned by the old sysctl MIB. Requested by: re Modified: stable/10/sys/sys/user.h Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/sys/user.h == --- stable/10/sys/sys/user.hTue Jan 7 19:33:17 2014(r260401) +++ stable/10/sys/sys/user.hTue Jan 7 19:46:17 2014(r260402) @@ -320,7 +320,13 @@ struct kinfo_ofile { }; #if defined(__amd64__) || defined(__i386__) -#defineKINFO_FILE_SIZE 1424 +/* + * This size should never be changed. If you really need to, you must provide + * backward ABI compatibility by allocating a new sysctl MIB that will return + * the new structure. The current structure has to be returned by the current + * sysctl MIB. See how it is done for the kinfo_ofile structure. + */ +#defineKINFO_FILE_SIZE 1392 #endif struct kinfo_file { @@ -391,8 +397,7 @@ struct kinfo_file { uint16_tkf_pad1;/* Round to 32 bit alignment. */ int _kf_ispare0;/* Space for more stuff. */ cap_rights_tkf_cap_rights; /* Capability rights. */ - uint64_t_kf_cap_spare[3]; /* Space for future cap_rights_t. */ - int _kf_ispare[4]; /* Space for more stuff. */ + uint64_t_kf_cap_spare; /* Space for future cap_rights_t. */ /* Truncated before copyout in sysctl */ charkf_path[PATH_MAX]; /* Path to file, if any. */ }; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r260406 - releng/10.0/sys/sys
Author: pjd Date: Tue Jan 7 20:12:02 2014 New Revision: 260406 URL: http://svnweb.freebsd.org/changeset/base/260406 Log: MFstable/10 r260402: Bring back the old size of the kinfo_file structure to preserve ABI. Keep only one uint64_t spare for further cap_rights_t expension. Add a comment clarifying that if the size of this structure changes, a new sysctl MIB has to be allocate for it and the old structure has to be returned by the old sysctl MIB. Requested by: re Approved by: re (gjb) Modified: releng/10.0/sys/sys/user.h Directory Properties: releng/10.0/ (props changed) Modified: releng/10.0/sys/sys/user.h == --- releng/10.0/sys/sys/user.h Tue Jan 7 20:06:20 2014(r260405) +++ releng/10.0/sys/sys/user.h Tue Jan 7 20:12:02 2014(r260406) @@ -320,7 +320,13 @@ struct kinfo_ofile { }; #if defined(__amd64__) || defined(__i386__) -#defineKINFO_FILE_SIZE 1424 +/* + * This size should never be changed. If you really need to, you must provide + * backward ABI compatibility by allocating a new sysctl MIB that will return + * the new structure. The current structure has to be returned by the current + * sysctl MIB. See how it is done for the kinfo_ofile structure. + */ +#defineKINFO_FILE_SIZE 1392 #endif struct kinfo_file { @@ -391,8 +397,7 @@ struct kinfo_file { uint16_tkf_pad1;/* Round to 32 bit alignment. */ int _kf_ispare0;/* Space for more stuff. */ cap_rights_tkf_cap_rights; /* Capability rights. */ - uint64_t_kf_cap_spare[3]; /* Space for future cap_rights_t. */ - int _kf_ispare[4]; /* Space for more stuff. */ + uint64_t_kf_cap_spare; /* Space for future cap_rights_t. */ /* Truncated before copyout in sysctl */ charkf_path[PATH_MAX]; /* Path to file, if any. */ }; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r260253 - head/tools/regression/capsicum/libcapsicum
Author: pjd Date: Sat Jan 4 09:25:27 2014 New Revision: 260253 URL: http://svnweb.freebsd.org/changeset/base/260253 Log: MFp4 @1189766: - Compile the tests with .t suffix, so prove can use them directly. - The CHECKX() macro should increment ntest just like the CHECK() macro. - For consistency remove # from the pwd.t output. Submitted by: Mariusz Zaborski osho...@freebsd.org Modified: head/tools/regression/capsicum/libcapsicum/Makefile head/tools/regression/capsicum/libcapsicum/dns.c head/tools/regression/capsicum/libcapsicum/grp.c head/tools/regression/capsicum/libcapsicum/pwd.c head/tools/regression/capsicum/libcapsicum/sysctl.c Modified: head/tools/regression/capsicum/libcapsicum/Makefile == --- head/tools/regression/capsicum/libcapsicum/Makefile Sat Jan 4 04:48:58 2014(r260252) +++ head/tools/regression/capsicum/libcapsicum/Makefile Sat Jan 4 09:25:27 2014(r260253) @@ -15,12 +15,14 @@ CFLAGS+=-Wold-style-definition -Wno-poi CFLAGS+= -I${.CURDIR}/../../../../lib/libcapsicum CFLAGS+= -ggdb -all: ${SERVICES} +SERVTEST= ${SERVICES:=.t} + +all: ${SERVTEST} .for SERVICE in ${SERVICES} -${SERVICE}:${SERVICE}.c - ${CC} ${CFLAGS} ${@}.c -o $@ -lcapsicum -lnv +${SERVICE}.t: ${SERVICE}.c + ${CC} ${CFLAGS} ${@:.t=.c} -o $@ -lcapsicum -lnv .endfor @@ -28,4 +30,4 @@ test: all @prove -r ${.CURDIR} clean: - rm -f ${SERVICES} + rm -f ${SERVTEST} Modified: head/tools/regression/capsicum/libcapsicum/dns.c == --- head/tools/regression/capsicum/libcapsicum/dns.cSat Jan 4 04:48:58 2014(r260252) +++ head/tools/regression/capsicum/libcapsicum/dns.cSat Jan 4 09:25:27 2014(r260253) @@ -64,6 +64,7 @@ static int ntest = 1; printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__); \ exit(1);\ } \ + ntest++;\ } while (0) #defineGETHOSTBYNAME 0x01 @@ -223,7 +224,7 @@ main(void) const char *types[2]; int families[2]; - printf(1..89\n); + printf(1..91\n); capcas = cap_init(); CHECKX(capcas != NULL); Modified: head/tools/regression/capsicum/libcapsicum/grp.c == --- head/tools/regression/capsicum/libcapsicum/grp.cSat Jan 4 04:48:58 2014(r260252) +++ head/tools/regression/capsicum/libcapsicum/grp.cSat Jan 4 09:25:27 2014(r260253) @@ -61,6 +61,7 @@ static int ntest = 1; printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__); \ exit(1);\ } \ + ntest++;\ } while (0) #defineGID_WHEEL 0 @@ -1522,7 +1523,7 @@ main(void) { cap_channel_t *capcas, *capgrp; - printf(1..197\n); + printf(1..199\n); capcas = cap_init(); CHECKX(capcas != NULL); Modified: head/tools/regression/capsicum/libcapsicum/pwd.c == --- head/tools/regression/capsicum/libcapsicum/pwd.cSat Jan 4 04:48:58 2014(r260252) +++ head/tools/regression/capsicum/libcapsicum/pwd.cSat Jan 4 09:25:27 2014(r260253) @@ -49,18 +49,19 @@ static int ntest = 1; #define CHECK(expr) do { \ if ((expr)) \ - printf(ok # %d %s:%u\n, ntest, __FILE__, __LINE__); \ + printf(ok %d %s:%u\n, ntest, __FILE__, __LINE__); \ else\ - printf(not ok # %d %s:%u\n, ntest, __FILE__, __LINE__);\ + printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__);\ ntest++;\ } while (0) #define CHECKX(expr) do { \ if ((expr)) { \ - printf(ok # %d %s:%u\n, ntest, __FILE__, __LINE__); \ + printf(ok %d %s:%u\n, ntest, __FILE__, __LINE__); \ } else {\ - printf(not ok # %d %s:%u\n, ntest, __FILE__, __LINE__);\ + printf(not ok %d %s:%u\n, ntest, __FILE__, __LINE__);\ exit(1);\ }
svn commit: r260254 - head/sbin/geom/class/eli
Author: pjd Date: Sat Jan 4 09:27:49 2014 New Revision: 260254 URL: http://svnweb.freebsd.org/changeset/base/260254 Log: Don't allow to create GELI providers with a sector size, which is no a power of 2. Noticed by: rwatson MFC after:3 days Modified: head/sbin/geom/class/eli/geom_eli.c Modified: head/sbin/geom/class/eli/geom_eli.c == --- head/sbin/geom/class/eli/geom_eli.c Sat Jan 4 09:25:27 2014 (r260253) +++ head/sbin/geom/class/eli/geom_eli.c Sat Jan 4 09:27:49 2014 (r260254) @@ -789,7 +789,7 @@ eli_init(struct gctl_req *req) if (val == 0) md.md_sectorsize = secsize; else { - if (val 0 || (val % secsize) != 0) { + if (val 0 || (val % secsize) != 0 || !powerof2(val)) { gctl_error(req, Invalid sector size.); return; } ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r260290 - head/sys/sys
Author: pjd Date: Sat Jan 4 21:55:06 2014 New Revision: 260290 URL: http://svnweb.freebsd.org/changeset/base/260290 Log: Bring back the old size of the kinfo_file structure to preserve ABI. Keep only one uint64_t spare for further cap_rights_t expension. Add a comment clarifying that if the size of this structure changes, a new sysctl MIB has to be allocate for it and the old structure has to be returned by the old sysctl MIB. Requested by: re MFC after:3 days Modified: head/sys/sys/user.h Modified: head/sys/sys/user.h == --- head/sys/sys/user.h Sat Jan 4 21:45:52 2014(r260289) +++ head/sys/sys/user.h Sat Jan 4 21:55:06 2014(r260290) @@ -320,7 +320,13 @@ struct kinfo_ofile { }; #if defined(__amd64__) || defined(__i386__) -#defineKINFO_FILE_SIZE 1424 +/* + * This size should never be changed. If you really need to, you must provide + * backward ABI compatibility by allocating a new sysctl MIB that will return + * the new structure. The current structure has to be returned by the current + * sysctl MIB. See how it is done for the kinfo_ofile structure. + */ +#defineKINFO_FILE_SIZE 1392 #endif struct kinfo_file { @@ -391,8 +397,7 @@ struct kinfo_file { uint16_tkf_pad1;/* Round to 32 bit alignment. */ int _kf_ispare0;/* Space for more stuff. */ cap_rights_tkf_cap_rights; /* Capability rights. */ - uint64_t_kf_cap_spare[3]; /* Space for future cap_rights_t. */ - int _kf_ispare[4]; /* Space for more stuff. */ + uint64_t_kf_cap_spare; /* Space for future cap_rights_t. */ /* Truncated before copyout in sysctl */ charkf_path[PATH_MAX]; /* Path to file, if any. */ }; ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r260222 - head/lib/libnv
Author: pjd Date: Fri Jan 3 09:07:03 2014 New Revision: 260222 URL: http://svnweb.freebsd.org/changeset/base/260222 Log: MFp4 @1189711: Fix resource leaks on nvlist_destroy(). Reported by: Mariusz Zaborski osho...@freebsd.org MFC after:3 days Modified: head/lib/libnv/nvlist.c Modified: head/lib/libnv/nvlist.c == --- head/lib/libnv/nvlist.c Fri Jan 3 08:31:42 2014(r260221) +++ head/lib/libnv/nvlist.c Fri Jan 3 09:07:03 2014(r260222) @@ -125,8 +125,10 @@ nvlist_destroy(nvlist_t *nvl) NVLIST_ASSERT(nvl); - while ((nvp = nvlist_first_nvpair(nvl)) != NULL) + while ((nvp = nvlist_first_nvpair(nvl)) != NULL) { nvlist_remove_nvpair(nvl, nvp); + nvpair_free(nvp); + } nvl-nvl_magic = 0; free(nvl); ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
svn commit: r260223 - head/lib/libcasper
Author: pjd Date: Fri Jan 3 09:10:04 2014 New Revision: 260223 URL: http://svnweb.freebsd.org/changeset/base/260223 Log: MFp4 @1189741: - Add missing nvlist_destroy(). - Don't override nvlout. Submitted by: Mariusz Zaborski osho...@freebsd.org MFC after:3 days Modified: head/lib/libcasper/libcasper.c Modified: head/lib/libcasper/libcasper.c == --- head/lib/libcasper/libcasper.c Fri Jan 3 09:07:03 2014 (r260222) +++ head/lib/libcasper/libcasper.c Fri Jan 3 09:10:04 2014 (r260223) @@ -348,7 +348,6 @@ service_message(struct service *service, error = 0; } } else { - nvlout = nvlist_create(0); error = service-s_command(cmd, service_connection_get_limits(sconn), nvlin, nvlout); } @@ -362,8 +361,9 @@ service_message(struct service *service, if (cap_send_nvlist(service_connection_get_chan(sconn), nvlout) == -1) { pjdlog_errno(LOG_ERR, Unable to send message to client); service_connection_remove(service, sconn); - return; } + + nvlist_destroy(nvlout); } static int ___ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Wed, Jan 01, 2014 at 11:16:22PM -0800, Stanislav Sedov wrote: On Sep 4, 2013, at 5:09 PM, Pawel Jakub Dawidek p...@freebsd.org wrote: This commit also breaks compatibility with some existing Capsicum system calls, but I see no other way to do that. This should be fine as Capsicum is still experimental and this change is not going to 9.x. Hi! This change also increases the size of kinfo_file structure, which won’t allow programs not compiled against HEAD and working with kern.info.filedesc sysctl to run properly on HEAD (e.g. 8.x, 9.x and 10.x jails won’t run properly on HEAD, and it also broke valgrind). Is there absolutely no way to avoid extending the size of this struct? Well, I made this change to have space for future cap_rights_t expension. I did that change for a major branch, so we don't have to do it in the middle of 10.x or to not block the work until 11.0. Note that the structure changed size not only because of _kf_cap_spare[3] field, but also because cap_rights_t is not uint64_t anymore, it is now struct that contains two uint64_t (1424 - 1392 = 4 * 8). I'm afraid it is too late to change it for 10.0 at this point anyway. Not sure if you are aware this was merged to 10, because you write about 10.x jails not working properly on HEAD. 10.x jails will work properly on HEAD. BTW. I'd love if we stop using such structures for a running kernel. We should really move to using libnv to export data like that. #if defined(__amd64__) || defined(__i386__) -#defineKINFO_FILE_SIZE 1392 +#defineKINFO_FILE_SIZE 1424 #endif struct kinfo_file { @@ -389,6 +390,7 @@ uint16_tkf_pad1;/* Round to 32 bit alignment. */ int _kf_ispare0;/* Space for more stuff. */ cap_rights_tkf_cap_rights; /* Capability rights. */ + uint64_t_kf_cap_spare[3]; /* Space for future cap_rights_t. */ int _kf_ispare[4]; /* Space for more stuff. */ /* Truncated before copyout in sysctl */ charkf_path[PATH_MAX]; /* Path to file, if any. */ -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpTcuR9z57yc.pgp Description: PGP signature
Re: svn commit: r255219 - in head: contrib/tcpdump lib/libc lib/libc/capability lib/libc/include lib/libc/sys lib/libprocstat sbin/dhclient sbin/hastd sys/amd64/linux32 sys/bsm sys/cddl/compat/opensol
On Thu, Jan 02, 2014 at 02:28:57AM -0800, Alfred Perlstein wrote: On 1/2/14 1:33 AM, Pawel Jakub Dawidek wrote: On Wed, Jan 01, 2014 at 11:16:22PM -0800, Stanislav Sedov wrote: On Sep 4, 2013, at 5:09 PM, Pawel Jakub Dawidek p...@freebsd.org wrote: This commit also breaks compatibility with some existing Capsicum system calls, but I see no other way to do that. This should be fine as Capsicum is still experimental and this change is not going to 9.x. Hi! This change also increases the size of kinfo_file structure, which won’t allow programs not compiled against HEAD and working with kern.info.filedesc sysctl to run properly on HEAD (e.g. 8.x, 9.x and 10.x jails won’t run properly on HEAD, and it also broke valgrind). Is there absolutely no way to avoid extending the size of this struct? Well, I made this change to have space for future cap_rights_t expension. I did that change for a major branch, so we don't have to do it in the middle of 10.x or to not block the work until 11.0. Note that the structure changed size not only because of _kf_cap_spare[3] field, but also because cap_rights_t is not uint64_t anymore, it is now struct that contains two uint64_t (1424 - 1392 = 4 * 8). I'm afraid it is too late to change it for 10.0 at this point anyway. Not sure if you are aware this was merged to 10, because you write about 10.x jails not working properly on HEAD. 10.x jails will work properly on HEAD. BTW. I'd love if we stop using such structures for a running kernel. We should really move to using libnv to export data like that. Aren't there enough bits in int _kf_ispare[4]; /* Space for more stuff. */ to make this work for the time being until you can provide an alternate way to fetch the cap stuff from the kernel. I don't plan to provide alternative way to fetch the cap stuff. Well, I implemented libnv, which can be used to reimplement how we fetch all data like kinfo_file in a ABI friendly way, but I don't plan to modify this specific code myself. Afaik you could just remove the spare and steal 2 or 4 entries from _kf_ispare until it is sorted. Yes, this would work for current cap_rights_t structure, at least for i386 and amd64, but would only allow to expand the structure by one uint64_t in the future (which might or might not be enough). The cap_rights_t structure is designed to be expanded to 5 uint64_ts without breaking ABI. I don't want to stuck with current cap_rights_t that is designed to expand, but cannot be, because kinfo_file wasn't modified at the start of a major branch. Can you please make use of that and discuss merge to 10 with re@? I'm Bccing re@, but I'm pretty sure it is too late for such a change, especially that it breaks ABI with all 10-RCs. I'm also not changing my mind. I'd like to structure to stay as-is. It really sounds like breaking top/etc under jails is something that should and can be avoided. I agree. Maybe it should be done every 10 major releases (I'm still fine with that rule), but we cannot just stuck with it forever. My suggestions would be: 1. Move to libnv. 2. Detect that the given binary was compiled against some older version of this structure and copy old structure to userland. Not sure if we can do that now or not, but I'd expect we can detect that. #if defined(__amd64__) || defined(__i386__) -#defineKINFO_FILE_SIZE 1392 +#defineKINFO_FILE_SIZE 1424 #endif struct kinfo_file { @@ -389,6 +390,7 @@ uint16_tkf_pad1;/* Round to 32 bit alignment. */ int _kf_ispare0;/* Space for more stuff. */ cap_rights_tkf_cap_rights; /* Capability rights. */ + uint64_t_kf_cap_spare[3]; /* Space for future cap_rights_t. */ int _kf_ispare[4]; /* Space for more stuff. */ /* Truncated before copyout in sysctl */ charkf_path[PATH_MAX]; /* Path to file, if any. */ -- Pawel Jakub Dawidek http://www.wheelsystems.com FreeBSD committer http://www.FreeBSD.org Am I Evil? Yes, I Am! http://mobter.com pgpebZ6hRAjZ8.pgp Description: PGP signature