svn commit: r347058 - head/sys/security/mac

[Robert Watson]

Author: rwatson
Date: Fri May  3 20:38:43 2019
New Revision: 347058
URL: https://svnweb.freebsd.org/changeset/base/347058

Log:
  When MAC is enabled and a policy module is loaded, don't unconditionally
  lock mac_ifnet_mtx, which protects labels on struct ifnet, unless at least
  one policy is actively using labels on ifnets.  This avoids a global mutex
  acquire in certain fast paths -- most noticeably ifnet transmit.  This was
  previously invisible by default, as no MAC policies were loaded by default,
  but recently became visible due to mac_ntpd being enabled by default.
  
  gallatin@ reports a reduction in PPS overhead from 300% to 2.2% with this
  change.  We will want to explore further MAC Framework optimisation to
  reduce overhead further, but this brings things more back into the world
  of the sane.
  
  MFC after:3 days

Modified:
  head/sys/security/mac/mac_inet.c
  head/sys/security/mac/mac_internal.h
  head/sys/security/mac/mac_net.c

Modified: head/sys/security/mac/mac_inet.c
==
--- head/sys/security/mac/mac_inet.cFri May  3 20:05:31 2019
(r347057)
+++ head/sys/security/mac/mac_inet.cFri May  3 20:38:43 2019
(r347058)
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2007, 2009 Robert N. M. Watson
+ * Copyright (c) 1999-2002, 2007, 2009, 2019 Robert N. M. Watson
  * Copyright (c) 2001 Ilmar S. Habibulin
  * Copyright (c) 2001-2004 Networks Associates Technology, Inc.
  * Copyright (c) 2006 SPARTA, Inc.
@@ -266,16 +266,17 @@ void
 mac_netinet_arp_send(struct ifnet *ifp, struct mbuf *m)
 {
struct label *mlabel;
+   int locked;
 
if (mac_policy_count == 0)
return;
 
mlabel = mac_mbuf_to_label(m);
 
-   MAC_IFNET_LOCK(ifp);
+   MAC_IFNET_LOCK(ifp, locked);
MAC_POLICY_PERFORM_NOSLEEP(netinet_arp_send, ifp, ifp->if_label, m,
mlabel);
-   MAC_IFNET_UNLOCK(ifp);
+   MAC_IFNET_UNLOCK(ifp, locked);
 }
 
 void
@@ -310,16 +311,17 @@ void
 mac_netinet_igmp_send(struct ifnet *ifp, struct mbuf *m)
 {
struct label *mlabel;
+   int locked;
 
if (mac_policy_count == 0)
return;
 
mlabel = mac_mbuf_to_label(m);
 
-   MAC_IFNET_LOCK(ifp);
+   MAC_IFNET_LOCK(ifp, locked);
MAC_POLICY_PERFORM_NOSLEEP(netinet_igmp_send, ifp, ifp->if_label, m,
mlabel);
-   MAC_IFNET_UNLOCK(ifp);
+   MAC_IFNET_UNLOCK(ifp, locked);
 }
 
 void

Modified: head/sys/security/mac/mac_internal.h
==
--- head/sys/security/mac/mac_internal.hFri May  3 20:05:31 2019
(r347057)
+++ head/sys/security/mac/mac_internal.hFri May  3 20:38:43 2019
(r347058)
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2006, 2009 Robert N. M. Watson
+ * Copyright (c) 1999-2002, 2006, 2009, 2019 Robert N. M. Watson
  * Copyright (c) 2001 Ilmar S. Habibulin
  * Copyright (c) 2001-2004 Networks Associates Technology, Inc.
  * Copyright (c) 2006 nCircle Network Security, Inc.
@@ -216,8 +216,24 @@ void   mac_destroy_label(struct label *label);
 intmac_check_structmac_consistent(struct mac *mac);
 intmac_allocate_slot(void);
 
-#define MAC_IFNET_LOCK(ifp)mtx_lock(_ifnet_mtx)
-#define MAC_IFNET_UNLOCK(ifp)  mtx_unlock(_ifnet_mtx)
+/*
+ * Lock ifnets to protect labels only if ifnet labels are in use.
+ */
+#define MAC_IFNET_LOCK(ifp, locked)do {\
+   if (mac_labeled & MPC_OBJECT_IFNET) {   \
+   mtx_lock(_ifnet_mtx);   \
+   locked = 1; \
+   } else {\
+   locked = 0; \
+   }   \
+} while (0)
+
+#define MAC_IFNET_UNLOCK(ifp, locked)  do {\
+   if (locked) {   \
+   mtx_unlock(_ifnet_mtx); \
+   locked = 0; \
+   }   \
+} while (0)
 
 /*
  * MAC Framework per-object type functions.  It's not yet clear how the

Modified: head/sys/security/mac/mac_net.c
==
--- head/sys/security/mac/mac_net.c Fri May  3 20:05:31 2019
(r347057)
+++ head/sys/security/mac/mac_net.c Fri May  3 20:38:43 2019
(r347058)
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 1999-2002, 2009 Robert N. M. Watson
+ * Copyright (c) 1999-2002, 2009, 2019 Robert N. M. Watson
  * Copyright (c) 2001 Ilmar S. Habibulin
  * Copyright (c) 2001-2004 Networks Associates Technology, 

svn commit: r346846 - head/share/man/man4

[Robert Watson]

Author: rwatson
Date: Sun Apr 28 16:28:36 2019
New Revision: 346846
URL: https://svnweb.freebsd.org/changeset/base/346846

Log:
  Update the audit(4) man page to talk about dtaudit(4), and also add a
  dtaudit(4) cross reference to auditpipe(4).
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/share/man/man4/audit.4
  head/share/man/man4/auditpipe.4

Modified: head/share/man/man4/audit.4
==
--- head/share/man/man4/audit.4 Sun Apr 28 15:08:57 2019(r346845)
+++ head/share/man/man4/audit.4 Sun Apr 28 16:28:36 2019(r346846)
@@ -1,6 +1,11 @@
-.\" Copyright (c) 2006 Robert N. M. Watson
+.\" Copyright (c) 2006, 2019 Robert N. M. Watson
 .\" All rights reserved.
 .\"
+.\" This software was developed in part by BAE Systems, the University of
+.\" Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+.\" contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+.\" Computing (TC) research program.
+.\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
 .\" are met:
@@ -24,7 +29,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd May 31, 2009
+.Dd April 28, 2019
 .Dt AUDIT 4
 .Os
 .Sh NAME
@@ -74,6 +79,12 @@ Audit pipe special devices, discussed in
 provide a configurable live tracking mechanism to allow applications to
 tee the audit trail, as well as to configure custom preselection parameters
 to track users and events in a fine-grained manner.
+.Ss DTrace Audit Provider
+The DTrace Audit Provider,
+.Xr dtaudit 4 ,
+allows D scripts to enable capture of in-kernel audit records for kernel audit
+event types, and then process their contents during audit commit or BSM
+generation.
 .Sh SEE ALSO
 .Xr auditreduce 1 ,
 .Xr praudit 1 ,
@@ -88,6 +99,7 @@ to track users and events in a fine-grained manner.
 .Xr setauid 2 ,
 .Xr libbsm 3 ,
 .Xr auditpipe 4 ,
+.Xr dtaudit 4 ,
 .Xr audit.log 5 ,
 .Xr audit_class 5 ,
 .Xr audit_control 5 ,

Modified: head/share/man/man4/auditpipe.4
==
--- head/share/man/man4/auditpipe.4 Sun Apr 28 15:08:57 2019
(r346845)
+++ head/share/man/man4/auditpipe.4 Sun Apr 28 16:28:36 2019
(r346846)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd May 30, 2018
+.Dd April 28, 2019
 .Dt AUDITPIPE 4
 .Os
 .Sh NAME
@@ -221,6 +221,7 @@ to review the default audit trail.
 .Xr poll 2 ,
 .Xr select 2 ,
 .Xr audit 4 ,
+.Xr dtaudit 4 ,
 .Xr audit_control 5 ,
 .Xr audit 8 ,
 .Xr auditd 8
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r346814 - head/share/man/man4

[Robert Watson]

taudit
+provider relies on
+.Xr audit 4
+being compiled into the kernel.
+.Nm dtaudit
+probes become available only once there is an event-to-name mapping installed
+in the kernel, normally done by
+.Xr auditd 8
+during the boot process, if audit is enabled in
+.Xr rc.conf 5 :
+.Bd -literal -offset indent
+auditd_enable="YES"
+.Ed
+.Pp
+If
+.Nm dtaudit
+probes are required earlier in boot -- for example, in single-user mode -- or
+without enabling
+.Xr audit 4 ,
+they can be preloaded in the boot loader by adding this line to
+.Xr loader.conf 5 .
+.Bd -literal -offset indent
+audit_event_load="YES"
+.Ed
+.Ss Probes
+The
+.Fn audit:event:aue_*:commit
+probes fire synchronously during system-call return, giving access to two
+arguments: a
+.Vt char *
+audit event name, and
+the
+.Vt struct audit_record *
+in-kernel audit record.
+Because the probe fires in system-call return, the user thread has not yet
+regained control, and additional information from the thread and process
+remains available for capture by the script.
+.Pp
+The
+.Fn audit:event:aue_*:bsm
+probes fire asynchonously from system-call return, following BSM conversion
+and just prior to being written to disk, giving access to four arguments: a
+.Vt char *
+audit event name, the
+.Vt struct audit_record *
+in-kernel audit record, a
+.Vt const void *
+pointer to the converted BSM record, and a
+.Vt size_t
+for the length of the BSM record.
+.Sh IMPLEMENTATION NOTES
+When a set of
+.Nm dtaudit
+probes are registered, corresponding in-kernel audit records will be captured
+and their probes will fire regardless of whether the
+.Xr audit 4
+subsystem itself would have captured the record for the purposes of writing it
+to the audit trail, or for delivery to a
+.Xr auditpipe 4 .
+In-kernel audit records allocated only because of enabled
+.Xr dtaudit 4
+probes will not be unnecessarily written to the audit trail or enabled pipes.
+.Sh SEE ALSO
+.Xr dtrace 1 ,
+.Xr audit 4 ,
+.Xr audit.log 5 ,
+.Xr loader.conf 5 ,
+.Xr rc.conf 5 ,
+.Xr auditd 8
+.Sh HISTORY
+The
+.Nm dtaudit
+provider first appeared in
+.Fx 12.0 .
+.Sh AUTHORS
+This software and this manual page were developed by BAE Systems, the
+University of Cambridge Computer Laboratory, and Memorial University under
+DARPA/AFRL contract
+.Pq FA8650-15-C-7558
+.Pq Do CADETS Dc ,
+as part of the DARPA Transparent Computing (TC) research program.
+The
+.Nm dtaudit
+provider and this manual page were written by
+.An Robert Watson Aq Mt rwat...@freebsd.org .
+.Sh BUGS
+Because
+.Xr audit 4
+maintains its primary event-to-name mapping database in userspace, that
+database must be loaded into the kernel before
+.Nm dtaudit
+probes become available.
+.Pp
+.Nm dtaudit
+is only able to provide access to system-call audit events, not the full
+scope of userspace events, such as those relating to login, password change,
+and so on.
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r339085 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Tue Oct  2 15:58:17 2018
New Revision: 339085
URL: https://svnweb.freebsd.org/changeset/base/339085

Log:
  Rework the logic around quick checks for auditing that take place at
  system-call entry and whenever audit arguments or return values are
  captured:
  
  1. Expose a single global, audit_syscalls_enabled, which controls
 whether the audit framework is entered, rather than exposing
 components of the policy -- e.g., if the trail is enabled,
 suspended, etc.
  
  2. Introduce a new function audit_syscalls_enabled_update(), which is
 called to update audit_syscalls_enabled whenever an aspect of the
 policy changes, so that the value can be updated.
  
  3. Remove a check of trail enablement/suspension from audit_new() --
 at the point where this function has been entered, we believe that
 system-call auditing is already in force, or we wouldn't get here,
 so simply proceed to more expensive policy checks.
  
  4. Use an audit-provided global, audit_dtrace_enabled, rather than a
 dtaudit-provided global, to provide policy indicating whether
 dtaudit would like system calls to be audited.
  
  5. Do some minor cosmetic renaming to clarify what various variables
 are for.
  
  These changes collectively arrange it so that traditional audit
  (trail, pipes) or the DTrace audit provider can enable system-call
  probes without the other configured.  Otherwise, dtaudit cannot
  capture system-call data without auditd(8) started.
  
  Reviewed by:  gnn
  Sponsored by: DARPA, AFRL
  Approved by:  re (gjb)
  Differential Revision:https://reviews.freebsd.org/D17348

Modified:
  head/sys/security/audit/audit.c
  head/sys/security/audit/audit.h
  head/sys/security/audit/audit_dtrace.c
  head/sys/security/audit/audit_private.h
  head/sys/security/audit/audit_syscalls.c
  head/sys/security/audit/audit_worker.c

Modified: head/sys/security/audit/audit.c
==
--- head/sys/security/audit/audit.c Tue Oct  2 15:18:48 2018
(r339084)
+++ head/sys/security/audit/audit.c Tue Oct  2 15:58:17 2018
(r339085)
@@ -2,7 +2,7 @@
  * SPDX-License-Identifier: BSD-3-Clause
  *
  * Copyright (c) 1999-2005 Apple Inc.
- * Copyright (c) 2006-2007, 2016-2017 Robert N. M. Watson
+ * Copyright (c) 2006-2007, 2016-2018 Robert N. M. Watson
  * All rights reserved.
  *
  * Portions of this software were developed by BAE Systems, the University of
@@ -98,8 +98,12 @@ static SYSCTL_NODE(_security, OID_AUTO, audit, CTLFLAG
  *
  * Define the audit control flags.
  */
-int __read_frequently  audit_enabled;
-intaudit_suspended;
+intaudit_trail_enabled;
+intaudit_trail_suspended;
+#ifdef KDTRACE_HOOKS
+u_int  audit_dtrace_enabled;
+#endif
+int __read_frequently  audit_syscalls_enabled;
 
 /*
  * Flags controlling behavior in low storage situations.  Should we panic if
@@ -198,7 +202,34 @@ static struct rwlock   audit_kinfo_lock;
 #defineKINFO_RUNLOCK() rw_runlock(_kinfo_lock)
 #defineKINFO_WUNLOCK() rw_wunlock(_kinfo_lock)
 
+/*
+ * Check various policies to see if we should enable system-call audit hooks.
+ * Note that despite the mutex being held, we want to assign a value exactly
+ * once, as checks of the flag are performed lock-free for performance
+ * reasons.  The mutex is used to get a consistent snapshot of policy state --
+ * e.g., safely accessing the two audit_trail flags.
+ */
 void
+audit_syscalls_enabled_update(void)
+{
+
+   mtx_lock(_mtx);
+#ifdef KDTRACE_HOOKS
+   if (audit_dtrace_enabled)
+   audit_syscalls_enabled = 1;
+   else {
+#endif
+   if (audit_trail_enabled && !audit_trail_suspended)
+   audit_syscalls_enabled = 1;
+   else
+   audit_syscalls_enabled = 0;
+#ifdef KDTRACE_HOOKS
+   }
+#endif
+   mtx_unlock(_mtx);
+}
+
+void
 audit_set_kinfo(struct auditinfo_addr *ak)
 {
 
@@ -303,8 +334,9 @@ static void
 audit_init(void)
 {
 
-   audit_enabled = 0;
-   audit_suspended = 0;
+   audit_trail_enabled = 0;
+   audit_trail_suspended = 0;
+   audit_syscalls_enabled = 0;
audit_panic_on_write_fail = 0;
audit_fail_stop = 0;
audit_in_failure = 0;
@@ -337,6 +369,9 @@ audit_init(void)
sizeof(struct kaudit_record), audit_record_ctor,
audit_record_dtor, NULL, NULL, UMA_ALIGN_PTR, 0);
 
+   /* First initialisation of audit_syscalls_enabled. */
+   audit_syscalls_enabled_update();
+
/* Initialize the BSM audit subsystem. */
kau_init();
 
@@ -378,10 +413,6 @@ currecord(void)
 }
 
 /*
- * XXXAUDIT: There are a number of races present in the code below due to
- * release and re-grab of the mutex.  The code should be revised to become
- * slightly 

svn commit: r338443 - in head: stand/defaults sys/security/audit

[Robert Watson]

Author: rwatson
Date: Mon Sep  3 14:26:43 2018
New Revision: 338443
URL: https://svnweb.freebsd.org/changeset/base/338443

Log:
  The kernel DTrace audit provider (dtaudit) relies on auditd(8) to load
  /etc/security/audit_event to provide a list of audit event-number <->
  name mappings.  However, this occurs too late for anonymous tracing.
  With this change, adding 'audit_event_load="YES"' to /boot/loader.conf
  will cause the boot loader to preload the file, and then the kernel
  audit code will parse it to register an initial set of audit event-number
  <-> name mappings.  Those mappings can later be updated by auditd(8) if
  the configuration file changes.
  
  Reviewed by:  gnn, asomers, markj, allanjude
  Discussed with:   jhb
  Approved by:  re (kib)
  MFC after:1 week
  Sponsored by: DARPA, AFRL
  Differential Revision:https://reviews.freebsd.org/D16589

Modified:
  head/stand/defaults/loader.conf
  head/sys/security/audit/audit_bsm_db.c

Modified: head/stand/defaults/loader.conf
==
--- head/stand/defaults/loader.conf Mon Sep  3 08:57:09 2018
(r338442)
+++ head/stand/defaults/loader.conf Mon Sep  3 14:26:43 2018
(r338443)
@@ -67,6 +67,11 @@ acpi_dsdt_name="/boot/acpi_dsdt.aml"
# Override DSDT in BIOS by this file
 acpi_video_load="NO"   # Load the ACPI video extension driver
 
+###  Audit settings  #
+audit_event_load="NO"  # Preload audit_event config
+audit_event_name="/etc/security/audit_event"
+audit_event_type="etc_security_audit_event"
+
 ###  Initial memory disk settings  ###
 #mdroot_load="YES" # The "mdroot" prefix is arbitrary.
 #mdroot_type="md_image"# Create md(4) disk at boot.

Modified: head/sys/security/audit/audit_bsm_db.c
==
--- head/sys/security/audit/audit_bsm_db.c  Mon Sep  3 08:57:09 2018
(r338442)
+++ head/sys/security/audit/audit_bsm_db.c  Mon Sep  3 14:26:43 2018
(r338443)
@@ -1,6 +1,6 @@
 /*
  * Copyright (c) 1999-2009 Apple Inc.
- * Copyright (c) 2005, 2016-2017 Robert N. M. Watson
+ * Copyright (c) 2005, 2016-2018 Robert N. M. Watson
  * All rights reserved.
  *
  * Portions of this software were developed by BAE Systems, the University of
@@ -41,6 +41,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -91,6 +92,7 @@ static struct evclass_listevclass_hash[EVCLASSMAP_HAS
  * struct evname_elem is defined in audit_private.h so that audit_dtrace.c can
  * use the definition.
  */
+#defineEVNAMEMAP_HASH_TABLE_MODULE "etc_security_audit_event"
 #defineEVNAMEMAP_HASH_TABLE_SIZE   251
 struct evname_list {
LIST_HEAD(, evname_elem)enl_head;
@@ -261,6 +263,85 @@ au_evnamemap_insert(au_event_t event, const char *name
EVNAMEMAP_WUNLOCK();
 }
 
+/*
+ * If /etc/security/audit_event has been preloaded by the boot loader, parse
+ * it to build an initial set of event number<->name mappings.
+ */
+static void
+au_evnamemap_init_preload(void)
+{
+   caddr_t kmdp;
+   char *endptr, *line, *nextline, *ptr;
+   const char *evnum_str, *evname;
+   size_t size;
+   long evnum;
+   u_int lineno;
+
+   kmdp = preload_search_by_type(EVNAMEMAP_HASH_TABLE_MODULE);
+   if (kmdp == NULL)
+   return;
+   ptr = preload_fetch_addr(kmdp);
+   size = preload_fetch_size(kmdp);
+
+   /*
+* Parse preloaded configuration file "in place".  Assume that the
+* last character is a new line, meaning that we can replace it with a
+* nul byte safely.  We can then use strsep(3) to process the full
+* buffer.
+*/
+   ptr[size - 1] = '\0';
+
+   /*
+* Process line by line.
+*/
+   nextline = ptr;
+   lineno = 0;
+   while ((line = strsep(, "\n")) != NULL) {
+   /*
+* Skip any leading white space.
+*/
+   while (line[0] == ' ' || line[0] == '\t')
+   line++;
+
+   /*
+* Skip blank lines and comment lines.
+*/
+   if (line[0] == '\0' || line[0] == '#') {
+   lineno++;
+   continue;
+   }
+
+   /*
+* Parse each line -- ":"-separated tuple of event number,
+* event name, and other material we are less interested in.
+*/
+   evnum_str = strsep(, ":");
+   if (evnum_str == NULL || *evnum_str == '\0') {
+   printf("%s: Invalid line %u - evnum strsep\n",
+   __func__, lineno);
+   lineno++;
+  

svn commit: r316450 - in head/sys: conf security/audit

[Robert Watson]

Author: rwatson
Date: Mon Apr  3 10:15:58 2017
New Revision: 316450
URL: https://svnweb.freebsd.org/changeset/base/316450

Log:
  Break audit_bsm_klib.c into two files: one (audit_bsm_klib.c)
  retaining various utility functions used during BSM generation,
  and a second (audit_bsm_db.c) that contains the various in-kernel
  databases supporting various audit activities (the class and
  event-name tables).
  
  (No functional change is intended.)
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Added:
  head/sys/security/audit/audit_bsm_db.c
 - copied, changed from r316446, head/sys/security/audit/audit_bsm_klib.c
Modified:
  head/sys/conf/files
  head/sys/security/audit/audit_bsm_klib.c

Modified: head/sys/conf/files
==
--- head/sys/conf/files Mon Apr  3 09:41:43 2017(r316449)
+++ head/sys/conf/files Mon Apr  3 10:15:58 2017(r316450)
@@ -4595,6 +4595,7 @@ rpc/rpcsec_gss/svc_rpcsec_gss.c   optional
 security/audit/audit.c optional audit
 security/audit/audit_arg.c optional audit
 security/audit/audit_bsm.c optional audit
+security/audit/audit_bsm_db.c  optional audit
 security/audit/audit_bsm_klib.coptional audit
 security/audit/audit_dtrace.c  optional dtaudit audit | dtraceall audit 
compile-with "${CDDL_C}"
 security/audit/audit_pipe.coptional audit

Copied and modified: head/sys/security/audit/audit_bsm_db.c (from r316446, 
head/sys/security/audit/audit_bsm_klib.c)
==
--- head/sys/security/audit/audit_bsm_klib.cMon Apr  3 08:50:54 2017
(r316446, copy source)
+++ head/sys/security/audit/audit_bsm_db.c  Mon Apr  3 10:15:58 2017
(r316450)
@@ -106,64 +106,6 @@ static struct evname_list  evnamemap_hash
 #defineEVNAMEMAP_WLOCK()   sx_xlock(_lock)
 #defineEVNAMEMAP_WUNLOCK() sx_xunlock(_lock)
 
-struct aue_open_event {
-   int aoe_flags;
-   au_event_t  aoe_event;
-};
-
-static const struct aue_open_event aue_open[] = {
-   { O_RDONLY, AUE_OPEN_R },
-   { (O_RDONLY | O_CREAT), AUE_OPEN_RC },
-   { (O_RDONLY | O_CREAT | O_TRUNC),   AUE_OPEN_RTC },
-   { (O_RDONLY | O_TRUNC), AUE_OPEN_RT },
-   { O_RDWR,   AUE_OPEN_RW },
-   { (O_RDWR | O_CREAT),   AUE_OPEN_RWC },
-   { (O_RDWR | O_CREAT | O_TRUNC), AUE_OPEN_RWTC },
-   { (O_RDWR | O_TRUNC),   AUE_OPEN_RWT },
-   { O_WRONLY, AUE_OPEN_W },
-   { (O_WRONLY | O_CREAT), AUE_OPEN_WC },
-   { (O_WRONLY | O_CREAT | O_TRUNC),   AUE_OPEN_WTC },
-   { (O_WRONLY | O_TRUNC), AUE_OPEN_WT },
-};
-
-static const struct aue_open_event aue_openat[] = {
-   { O_RDONLY, AUE_OPENAT_R },
-   { (O_RDONLY | O_CREAT), AUE_OPENAT_RC },
-   { (O_RDONLY | O_CREAT | O_TRUNC),   AUE_OPENAT_RTC },
-   { (O_RDONLY | O_TRUNC), AUE_OPENAT_RT },
-   { O_RDWR,   AUE_OPENAT_RW },
-   { (O_RDWR | O_CREAT),   AUE_OPENAT_RWC },
-   { (O_RDWR | O_CREAT | O_TRUNC), AUE_OPENAT_RWTC },
-   { (O_RDWR | O_TRUNC),   AUE_OPENAT_RWT },
-   { O_WRONLY, AUE_OPENAT_W },
-   { (O_WRONLY | O_CREAT), AUE_OPENAT_WC },
-   { (O_WRONLY | O_CREAT | O_TRUNC),   AUE_OPENAT_WTC },
-   { (O_WRONLY | O_TRUNC), AUE_OPENAT_WT },
-};
-
-static const int aue_msgsys[] = {
-   /* 0 */ AUE_MSGCTL,
-   /* 1 */ AUE_MSGGET,
-   /* 2 */ AUE_MSGSND,
-   /* 3 */ AUE_MSGRCV,
-};
-static const int aue_msgsys_count = sizeof(aue_msgsys) / sizeof(int);
-
-static const int aue_semsys[] = {
-   /* 0 */ AUE_SEMCTL,
-   /* 1 */ AUE_SEMGET,
-   /* 2 */ AUE_SEMOP,
-};
-static const int aue_semsys_count = sizeof(aue_semsys) / sizeof(int);
-
-static const int aue_shmsys[] = {
-   /* 0 */ AUE_SHMAT,
-   /* 1 */ AUE_SHMDT,
-   /* 2 */ AUE_SHMGET,
-   /* 3 */ AUE_SHMCTL,
-};
-static const int aue_shmsys_count = sizeof(aue_shmsys) / sizeof(int);
-
 /*
  * Look up the class for an audit event in the class mapping table.
  */
@@ -248,33 +190,6 @@ au_evclassmap_init(void)
 }
 
 /*
- * Check whether an event is aditable by comparing the mask of classes this
- * event is part of against the given mask.
- */
-int
-au_preselect(au_event_t event, au_class_t class, au_mask_t *mask_p, int sorf)
-{
-   au_class_t effmask = 0;
-
-   

svn commit: r316339 - head/contrib/less

[Robert Watson]

Author: rwatson
Date: Fri Mar 31 21:29:43 2017
New Revision: 316339
URL: https://svnweb.freebsd.org/changeset/base/316339

Log:
  Currently, less(1) uses K prototypes, which both fails to provide useful
  compiler-time type checking, and also causes problems for targets where
  multiple incompatible calling conventions may be selected based on argument
  types.  This change switches less(1) to ANSI prototypes.
  
  While there, we also remove use of "register", and attempt to use "const" a
  bit better now that the compiler can check argument types.
  
  Reviewed by:  cem, emaste
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL
  Differential Revision:https://reviews.freebsd.org/D10152

Modified:
  head/contrib/less/brac.c
  head/contrib/less/ch.c
  head/contrib/less/charset.c
  head/contrib/less/cmdbuf.c
  head/contrib/less/command.c
  head/contrib/less/cvt.c
  head/contrib/less/decode.c
  head/contrib/less/edit.c
  head/contrib/less/filename.c
  head/contrib/less/forwback.c
  head/contrib/less/funcs.h
  head/contrib/less/ifile.c
  head/contrib/less/input.c
  head/contrib/less/jump.c
  head/contrib/less/less.h
  head/contrib/less/lessecho.c
  head/contrib/less/lesskey.c
  head/contrib/less/line.c
  head/contrib/less/linenum.c
  head/contrib/less/lsystem.c
  head/contrib/less/main.c
  head/contrib/less/mark.c
  head/contrib/less/mkhelp.c
  head/contrib/less/optfunc.c
  head/contrib/less/option.c
  head/contrib/less/opttbl.c
  head/contrib/less/os.c
  head/contrib/less/output.c
  head/contrib/less/pattern.c
  head/contrib/less/position.c
  head/contrib/less/prompt.c
  head/contrib/less/regexp.c
  head/contrib/less/screen.c
  head/contrib/less/scrsize.c
  head/contrib/less/search.c
  head/contrib/less/signal.c
  head/contrib/less/tags.c
  head/contrib/less/ttyin.c

Modified: head/contrib/less/brac.c
==
--- head/contrib/less/brac.cFri Mar 31 20:17:30 2017(r316338)
+++ head/contrib/less/brac.cFri Mar 31 21:29:43 2017(r316339)
@@ -24,18 +24,14 @@
  * "close bracket" are given.
  */
public void
-match_brac(obrac, cbrac, forwdir, n)
-   register int obrac;
-   register int cbrac;
-   int forwdir;
-   int n;
+match_brac(int obrac, int cbrac, int forwdir, int n)
 {
-   register int c;
-   register int nest;
+   int c;
+   int nest;
POSITION pos;
-   int (*chget)();
+   int (*chget)(void);
 
-   extern int ch_forw_get(), ch_back_get();
+   extern int ch_forw_get(void), ch_back_get(void);
 
/*
 * Seek to the line containing the open bracket.

Modified: head/contrib/less/ch.c
==
--- head/contrib/less/ch.c  Fri Mar 31 20:17:30 2017(r316338)
+++ head/contrib/less/ch.c  Fri Mar 31 21:29:43 2017(r316339)
@@ -144,13 +144,13 @@ static int ch_addbuf();
  * Get the character pointed to by the read pointer.
  */
int
-ch_get()
+ch_get(void)
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
-   register int n;
-   register int slept;
-   register int h;
+   struct buf *bp;
+   struct bufnode *bn;
+   int n;
+   int slept;
+   int h;
POSITION pos;
POSITION len;
 
@@ -378,8 +378,7 @@ ch_get()
  * a single char onto an input file descriptor.
  */
public void
-ch_ungetchar(c)
-   int c;
+ch_ungetchar(int c)
 {
if (c != -1 && ch_ungotchar != -1)
error("ch_ungetchar overrun", NULL_PARG);
@@ -392,7 +391,7 @@ ch_ungetchar(c)
  * If we haven't read all of standard input into it, do that now.
  */
public void
-end_logfile()
+end_logfile(void)
 {
static int tried = FALSE;
 
@@ -417,10 +416,10 @@ end_logfile()
  * Write all the existing buffered data to the log file.
  */
public void
-sync_logfile()
+sync_logfile(void)
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
+   struct buf *bp;
+   struct bufnode *bn;
int warned = FALSE;
BLOCKNUM block;
BLOCKNUM nblocks;
@@ -454,12 +453,11 @@ sync_logfile()
  * Determine if a specific block is currently in one of the buffers.
  */
static int
-buffered(block)
-   BLOCKNUM block;
+buffered(BLOCKNUM block)
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
-   register int h;
+   struct buf *bp;
+   struct bufnode *bn;
+   int h;
 
h = BUFHASH(block);
FOR_BUFS_IN_CHAIN(h, bn)
@@ -476,8 +474,7 @@ buffered(block)
  * Return 0 if successful, non-zero if can't seek there.
  */
public int
-ch_seek(pos)
-   register POSITION pos;
+ch_seek(POSITION pos)
 {
BLOCKNUM new_block;
POSITION len;
@@ -515,7 +512,7 @@ ch_seek(pos)
  * Seek to the end of the file.
  */
public int
-ch_end_seek()
+ch_end_seek(void)
 {
POSITION len;
 

svn commit: r316334 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Fri Mar 31 14:17:14 2017
New Revision: 316334
URL: https://svnweb.freebsd.org/changeset/base/316334

Log:
  Audit arguments to posix_fallocate(2) and posix_fadvise(2) system calls.
  
  As posix_fadvise() does not lock the vnode argument, don't capture
  detailed vnode information for the time being.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/vfs_syscalls.c

Modified: head/sys/kern/vfs_syscalls.c
==
--- head/sys/kern/vfs_syscalls.cFri Mar 31 14:13:13 2017
(r316333)
+++ head/sys/kern/vfs_syscalls.cFri Mar 31 14:17:14 2017
(r316334)
@@ -4452,15 +4452,21 @@ kern_posix_fallocate(struct thread *td, 
cap_rights_t rights;
off_t olen, ooffset;
int error;
+#ifdef AUDIT
+   int audited_vnode1 = 0;
+#endif
 
+   AUDIT_ARG_FD(fd);
if (offset < 0 || len <= 0)
return (EINVAL);
/* Check for wrap. */
if (offset > OFF_MAX - len)
return (EFBIG);
+   AUDIT_ARG_FD(fd);
error = fget(td, fd, cap_rights_init(, CAP_WRITE), );
if (error != 0)
return (error);
+   AUDIT_ARG_FILE(td->td_proc, fp);
if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
error = ESPIPE;
goto out;
@@ -4494,6 +4500,12 @@ kern_posix_fallocate(struct thread *td, 
vn_finished_write(mp);
break;
}
+#ifdef AUDIT
+   if (!audited_vnode1) {
+   AUDIT_ARG_VNODE1(vp);
+   audited_vnode1 = 1;
+   }
+#endif
 #ifdef MAC
error = mac_vnode_check_write(td->td_ucred, fp->f_cred, vp);
if (error == 0)
@@ -4544,6 +4556,7 @@ kern_posix_fadvise(struct thread *td, in
 
if (offset < 0 || len < 0 || offset > OFF_MAX - len)
return (EINVAL);
+   AUDIT_ARG_VALUE(advice);
switch (advice) {
case POSIX_FADV_SEQUENTIAL:
case POSIX_FADV_RANDOM:
@@ -4559,9 +4572,11 @@ kern_posix_fadvise(struct thread *td, in
return (EINVAL);
}
/* XXX: CAP_POSIX_FADVISE? */
+   AUDIT_ARG_FD(fd);
error = fget(td, fd, cap_rights_init(), );
if (error != 0)
goto out;
+   AUDIT_ARG_FILE(td->td_proc, fp);
if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) {
error = ESPIPE;
goto out;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r316333 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Fri Mar 31 14:13:13 2017
New Revision: 316333
URL: https://svnweb.freebsd.org/changeset/base/316333

Log:
  Correct macro names and signatures for !AUDIT versions of canonical
  path auditing.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/security/audit/audit.h

Modified: head/sys/security/audit/audit.h
==
--- head/sys/security/audit/audit.h Fri Mar 31 13:43:00 2017
(r316332)
+++ head/sys/security/audit/audit.h Fri Mar 31 14:13:13 2017
(r316333)
@@ -431,9 +431,9 @@ void audit_thread_free(struct thread *t
 #defineAUDIT_ARG_TEXT(text)
 #defineAUDIT_ARG_UID(uid)
 #defineAUDIT_ARG_UPATH1(td, dirfd, upath)
-#defineAUDIT_ARG_UPATH1_NONCANON(td, upath)
+#defineAUDIT_ARG_UPATH1_CANON(upath)
 #defineAUDIT_ARG_UPATH2(td, dirfd, upath)
-#defineAUDIT_ARG_UPATH2_NONCANON(td, upath)
+#defineAUDIT_ARG_UPATH2_CANON(upath)
 #defineAUDIT_ARG_VALUE(value)
 #defineAUDIT_ARG_VNODE1(vp)
 #defineAUDIT_ARG_VNODE2(vp)
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r316332 - in head/sys: kern security/audit

[Robert Watson]

Author: rwatson
Date: Fri Mar 31 13:43:00 2017
New Revision: 316332
URL: https://svnweb.freebsd.org/changeset/base/316332

Log:
  Audit arguments to POSIX message queues, semaphores, and shared memory.
  
  This requires minor changes to the audit framework to allow capturing
  paths that are not filesystem paths (i.e., will not be canonicalised
  relative to the process current working directory and/or filesystem
  root).
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/uipc_mqueue.c
  head/sys/kern/uipc_sem.c
  head/sys/kern/uipc_shm.c
  head/sys/security/audit/audit.h
  head/sys/security/audit/audit_arg.c

Modified: head/sys/kern/uipc_mqueue.c
==
--- head/sys/kern/uipc_mqueue.c Fri Mar 31 11:40:59 2017(r316331)
+++ head/sys/kern/uipc_mqueue.c Fri Mar 31 13:43:00 2017(r316332)
@@ -1,7 +1,13 @@
 /*-
  * Copyright (c) 2005 David Xu 
+ * Copyright (c) 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
+ * Portions of this software were developed by BAE Systems, the University of
+ * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+ * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+ * Computing (TC) research program.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -86,6 +92,8 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#include 
+
 FEATURE(p1003_1b_mqueue, "POSIX P1003.1B message queues support");
 
 /*
@@ -2012,6 +2020,9 @@ kern_kmq_open(struct thread *td, const c
struct mqueue *mq;
int fd, error, len, cmode;
 
+   AUDIT_ARG_FFLAGS(flags);
+   AUDIT_ARG_MODE(mode);
+
fdp = td->td_proc->p_fd;
cmode = (((mode & ~fdp->fd_cmask) & ALLPERMS) & ~S_ISTXT);
mq = NULL;
@@ -2034,6 +2045,7 @@ kern_kmq_open(struct thread *td, const c
len = strlen(path);
if (len < 2 || path[0] != '/' || strchr(path + 1, '/') != NULL)
return (EINVAL);
+   AUDIT_ARG_UPATH1_CANON(path);
 
error = falloc(td, , , O_CLOEXEC);
if (error)
@@ -2133,6 +2145,7 @@ sys_kmq_unlink(struct thread *td, struct
len = strlen(path);
if (len < 2 || path[0] != '/' || strchr(path + 1, '/') != NULL)
return (EINVAL);
+   AUDIT_ARG_UPATH1_CANON(path);
 
sx_xlock(_data.mi_lock);
pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1, td->td_ucred);
@@ -2210,6 +2223,7 @@ kern_kmq_setattr(struct thread *td, int 
u_int oflag, flag;
int error;
 
+   AUDIT_ARG_FD(mqd);
if (attr != NULL && (attr->mq_flags & ~O_NONBLOCK) != 0)
return (EINVAL);
error = getmq(td, mqd, , NULL, );
@@ -2260,6 +2274,7 @@ sys_kmq_timedreceive(struct thread *td, 
int error;
int waitok;
 
+   AUDIT_ARG_FD(uap->mqd);
error = getmq_read(td, uap->mqd, , NULL, );
if (error)
return (error);
@@ -2285,6 +2300,7 @@ sys_kmq_timedsend(struct thread *td, str
struct timespec *abs_timeout, ets;
int error, waitok;
 
+   AUDIT_ARG_FD(uap->mqd);
error = getmq_write(td, uap->mqd, , NULL, );
if (error)
return (error);
@@ -2315,6 +2331,7 @@ kern_kmq_notify(struct thread *td, int m
struct mqueue_notifier *nt, *newnt = NULL;
int error;
 
+   AUDIT_ARG_FD(mqd);
if (sigev != NULL) {
if (sigev->sigev_notify != SIGEV_SIGNAL &&
sigev->sigev_notify != SIGEV_THREAD_ID &&
@@ -2780,6 +2797,7 @@ freebsd32_kmq_timedsend(struct thread *t
int error;
int waitok;
 
+   AUDIT_ARG_FD(uap->mqd);
error = getmq_write(td, uap->mqd, , NULL, );
if (error)
return (error);
@@ -2809,6 +2827,7 @@ freebsd32_kmq_timedreceive(struct thread
struct timespec *abs_timeout, ets;
int error, waitok;
 
+   AUDIT_ARG_FD(uap->mqd);
error = getmq_read(td, uap->mqd, , NULL, );
if (error)
return (error);

Modified: head/sys/kern/uipc_sem.c
==
--- head/sys/kern/uipc_sem.cFri Mar 31 11:40:59 2017(r316331)
+++ head/sys/kern/uipc_sem.cFri Mar 31 13:43:00 2017(r316332)
@@ -1,7 +1,7 @@
 /*-
  * Copyright (c) 2002 Alfred Perlstein 
  * Copyright (c) 2003-2005 SPARTA, Inc.
- * Copyright (c) 2005 Robert N. M. Watson
+ * Copyright (c) 2005, 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project in part by Network
@@ -9,6 +9,11 @@
  * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"),
  * as part of the DARPA CHATS research program.
  *
+ * 

svn commit: r316308 - in head/sys: kern security/audit

[Robert Watson]

Author: rwatson
Date: Thu Mar 30 22:26:15 2017
New Revision: 316308
URL: https://svnweb.freebsd.org/changeset/base/316308

Log:
  Audit arguments to System V IPC system calls implementing sempahores,
  message queues, and shared memory.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/sysv_msg.c
  head/sys/kern/sysv_sem.c
  head/sys/kern/sysv_shm.c
  head/sys/security/audit/audit.h

Modified: head/sys/kern/sysv_msg.c
==
--- head/sys/kern/sysv_msg.cThu Mar 30 22:00:58 2017(r316307)
+++ head/sys/kern/sysv_msg.cThu Mar 30 22:26:15 2017(r316308)
@@ -18,6 +18,7 @@
  */
 /*-
  * Copyright (c) 2003-2005 McAfee, Inc.
+ * Copyright (c) 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project in part by McAfee
@@ -25,6 +26,11 @@
  * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research
  * program.
  *
+ * Portions of this software were developed by BAE Systems, the University of
+ * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+ * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+ * Computing (TC) research program.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -508,6 +514,8 @@ kern_msgctl(td, msqid, cmd, msqbuf)
if (rpr == NULL)
return (ENOSYS);
 
+   AUDIT_ARG_SVIPC_CMD(cmd);
+   AUDIT_ARG_SVIPC_ID(msqid);
msqix = IPCID_TO_IX(msqid);
 
if (msqix < 0 || msqix >= msginfo.msgmni) {
@@ -579,6 +587,7 @@ kern_msgctl(td, msqid, cmd, msqbuf)
break;
 
case IPC_SET:
+   AUDIT_ARG_SVIPC_PERM(>msg_perm);
if ((error = ipcperm(td, >u.msg_perm, IPC_M)))
goto done2;
if (msqbuf->msg_qbytes > msqkptr->u.msg_qbytes) {
@@ -667,6 +676,8 @@ sys_msgget(td, uap)
error = EEXIST;
goto done2;
}
+   AUDIT_ARG_SVIPC_ID(IXSEQ_TO_IPCID(msqid,
+   msqkptr->u.msg_perm));
if ((error = ipcperm(td, >u.msg_perm,
msgflg & 0700))) {
DPRINTF(("requester doesn't have 0%o access\n",
@@ -735,6 +746,7 @@ sys_msgget(td, uap)
 #ifdef MAC
mac_sysvmsq_create(cred, msqkptr);
 #endif
+   AUDIT_ARG_SVIPC_PERM(>u.msg_perm);
} else {
DPRINTF(("didn't find it and wasn't asked to create it\n"));
error = ENOENT;
@@ -780,6 +792,7 @@ kern_msgsnd(td, msqid, msgp, msgsz, msgf
return (ENOSYS);
 
mtx_lock(_mtx);
+   AUDIT_ARG_SVIPC_ID(msqid);
msqix = IPCID_TO_IX(msqid);
 
if (msqix < 0 || msqix >= msginfo.msgmni) {
@@ -790,6 +803,7 @@ kern_msgsnd(td, msqid, msgp, msgsz, msgf
}
 
msqkptr = [msqix];
+   AUDIT_ARG_SVIPC_PERM(>u.msg_perm);
if (msqkptr->u.msg_qbytes == 0) {
DPRINTF(("no such message queue id\n"));
error = EINVAL;
@@ -1152,6 +1166,7 @@ kern_msgrcv(td, msqid, msgp, msgsz, msgt
if (rpr == NULL)
return (ENOSYS);
 
+   AUDIT_ARG_SVIPC_ID(msqid);
msqix = IPCID_TO_IX(msqid);
 
if (msqix < 0 || msqix >= msginfo.msgmni) {
@@ -1162,6 +1177,7 @@ kern_msgrcv(td, msqid, msgp, msgsz, msgt
 
msqkptr = [msqix];
mtx_lock(_mtx);
+   AUDIT_ARG_SVIPC_PERM(>u.msg_perm);
if (msqkptr->u.msg_qbytes == 0) {
DPRINTF(("no such message queue id\n"));
error = EINVAL;

Modified: head/sys/kern/sysv_sem.c
==
--- head/sys/kern/sysv_sem.cThu Mar 30 22:00:58 2017(r316307)
+++ head/sys/kern/sysv_sem.cThu Mar 30 22:26:15 2017(r316308)
@@ -7,6 +7,7 @@
  */
 /*-
  * Copyright (c) 2003-2005 McAfee, Inc.
+ * Copyright (c) 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project in part by McAfee
@@ -14,6 +15,11 @@
  * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research
  * program.
  *
+ * Portions of this software were developed by BAE Systems, the University of
+ * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+ * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+ * Computing (TC) research program.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -691,6 +697,9 @@ kern_semctl(struct thread *td, int semid
DPRINTF(("call to 

svn commit: r316307 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Thu Mar 30 22:00:58 2017
New Revision: 316307
URL: https://svnweb.freebsd.org/changeset/base/316307

Log:
  Add system-call argument auditing for ACL-related system calls.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/vfs_acl.c

Modified: head/sys/kern/vfs_acl.c
==
--- head/sys/kern/vfs_acl.c Thu Mar 30 21:54:57 2017(r316306)
+++ head/sys/kern/vfs_acl.c Thu Mar 30 22:00:58 2017(r316307)
@@ -1,9 +1,14 @@
 /*-
- * Copyright (c) 1999-2006 Robert N. M. Watson
+ * Copyright (c) 1999-2006, 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed by Robert Watson for the TrustedBSD Project.
  *
+ * Portions of this software were developed by BAE Systems, the University of
+ * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+ * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+ * Computing (TC) research program.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -53,6 +58,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#include 
 #include 
 
 CTASSERT(ACL_MAX_ENTRIES >= OLDACL_MAX_ENTRIES);
@@ -216,6 +222,7 @@ vacl_set_acl(struct thread *td, struct v
struct mount *mp;
int error;
 
+   AUDIT_ARG_VALUE(type);
inkernelacl = acl_alloc(M_WAITOK);
error = acl_copyin(aclp, inkernelacl, type);
if (error != 0)
@@ -224,6 +231,7 @@ vacl_set_acl(struct thread *td, struct v
if (error != 0)
goto out;
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
+   AUDIT_ARG_VNODE1(vp);
 #ifdef MAC
error = mac_vnode_check_setacl(td->td_ucred, vp, type, inkernelacl);
if (error != 0)
@@ -251,8 +259,10 @@ vacl_get_acl(struct thread *td, struct v
struct acl *inkernelacl;
int error;
 
+   AUDIT_ARG_VALUE(type);
inkernelacl = acl_alloc(M_WAITOK | M_ZERO);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
+   AUDIT_ARG_VNODE1(vp);
 #ifdef MAC
error = mac_vnode_check_getacl(td->td_ucred, vp, type);
if (error != 0)
@@ -280,10 +290,12 @@ vacl_delete(struct thread *td, struct vn
struct mount *mp;
int error;
 
+   AUDIT_ARG_VALUE(type);
error = vn_start_write(vp, , V_WAIT | PCATCH);
if (error != 0)
return (error);
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
+   AUDIT_ARG_VNODE1(vp);
 #ifdef MAC
error = mac_vnode_check_deleteacl(td->td_ucred, vp, type);
if (error != 0)
@@ -300,6 +312,8 @@ out:
 
 /*
  * Given a vnode, check whether an ACL is appropriate for it
+ *
+ * XXXRW: No vnode lock held so can't audit vnode state...?
  */
 static int
 vacl_aclcheck(struct thread *td, struct vnode *vp, acl_type_t type,
@@ -333,7 +347,8 @@ sys___acl_get_file(struct thread *td, st
struct nameidata nd;
int error;
 
-   NDINIT(, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
+   NDINIT(, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
+   td);
error = namei();
if (error == 0) {
error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp);
@@ -351,7 +366,8 @@ sys___acl_get_link(struct thread *td, st
struct nameidata nd;
int error;
 
-   NDINIT(, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
+   NDINIT(, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
+   td);
error = namei();
if (error == 0) {
error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp);
@@ -369,7 +385,8 @@ sys___acl_set_file(struct thread *td, st
struct nameidata nd;
int error;
 
-   NDINIT(, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td);
+   NDINIT(, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
+   td);
error = namei();
if (error == 0) {
error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp);
@@ -387,7 +404,8 @@ sys___acl_set_link(struct thread *td, st
struct nameidata nd;
int error;
 
-   NDINIT(, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td);
+   NDINIT(, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path,
+   td);
error = namei();
if (error == 0) {
error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp);
@@ -406,6 +424,7 @@ sys___acl_get_fd(struct thread *td, stru
cap_rights_t rights;
int error;
 
+   AUDIT_ARG_FD(uap->filedes);
error = getvnode(td, uap->filedes,
cap_rights_init(, CAP_ACL_GET), );
if (error == 0) {
@@ -425,6 +444,7 @@ sys___acl_set_fd(struct thread *td, stru
cap_r

svn commit: r316305 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Thu Mar 30 21:39:03 2017
New Revision: 316305
URL: https://svnweb.freebsd.org/changeset/base/316305

Log:
  Various BSM generation improvements when auditing AUE_ACCEPT,
  AUE_PROCCTL, AUE_SENDFILE, AUE_ACL_*, and AUE_POSIX_FALLOCATE.
  Audit AUE_SHMUNLINK path in the path token rather than as a
  text string, and AUE_SHMOPEN flags as an integer token rather
  than a System V IPC address token.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/security/audit/audit_bsm.c

Modified: head/sys/security/audit/audit_bsm.c
==
--- head/sys/security/audit/audit_bsm.c Thu Mar 30 20:42:16 2017
(r316304)
+++ head/sys/security/audit/audit_bsm.c Thu Mar 30 21:39:03 2017
(r316305)
@@ -530,6 +530,23 @@ kaudit_to_bsm(struct kaudit_record *kar,
 */
switch(ar->ar_event) {
case AUE_ACCEPT:
+   if (ARG_IS_VALID(kar, ARG_FD)) {
+   tok = au_to_arg32(1, "fd", ar->ar_arg_fd);
+   kau_write(rec, tok);
+   }
+   if (ARG_IS_VALID(kar, ARG_SADDRINET)) {
+   tok = au_to_sock_inet((struct sockaddr_in *)
+   >ar_arg_sockaddr);
+   kau_write(rec, tok);
+   }
+   if (ARG_IS_VALID(kar, ARG_SADDRUNIX)) {
+   tok = au_to_sock_unix((struct sockaddr_un *)
+   >ar_arg_sockaddr);
+   kau_write(rec, tok);
+   UPATH1_TOKENS;
+   }
+   break;
+
case AUE_BIND:
case AUE_LISTEN:
case AUE_CONNECT:
@@ -537,7 +554,6 @@ kaudit_to_bsm(struct kaudit_record *kar,
case AUE_RECVFROM:
case AUE_RECVMSG:
case AUE_SEND:
-   case AUE_SENDFILE:
case AUE_SENDMSG:
case AUE_SENDTO:
/*
@@ -576,6 +592,22 @@ kaudit_to_bsm(struct kaudit_record *kar,
}
break;
 
+   case AUE_SENDFILE:
+   FD_VNODE1_TOKENS;
+   if (ARG_IS_VALID(kar, ARG_SADDRINET)) {
+   tok = au_to_sock_inet((struct sockaddr_in *)
+   >ar_arg_sockaddr);
+   kau_write(rec, tok);
+   }
+   if (ARG_IS_VALID(kar, ARG_SADDRUNIX)) {
+   tok = au_to_sock_unix((struct sockaddr_un *)
+   >ar_arg_sockaddr);
+   kau_write(rec, tok);
+   UPATH1_TOKENS;
+   }
+   /* XXX Need to handle ARG_SADDRINET6 */
+   break;
+
case AUE_SOCKET:
case AUE_SOCKETPAIR:
if (ARG_IS_VALID(kar, ARG_SOCKINFO)) {
@@ -749,6 +781,26 @@ kaudit_to_bsm(struct kaudit_record *kar,
 */
break;
 
+   case AUE_ACL_DELETE_FD:
+   case AUE_ACL_DELETE_FILE:
+   case AUE_ACL_CHECK_FD:
+   case AUE_ACL_CHECK_FILE:
+   case AUE_ACL_CHECK_LINK:
+   case AUE_ACL_DELETE_LINK:
+   case AUE_ACL_GET_FD:
+   case AUE_ACL_GET_FILE:
+   case AUE_ACL_GET_LINK:
+   case AUE_ACL_SET_FD:
+   case AUE_ACL_SET_FILE:
+   case AUE_ACL_SET_LINK:
+   if (ARG_IS_VALID(kar, ARG_VALUE)) {
+   tok = au_to_arg32(1, "type", ar->ar_arg_value);
+   kau_write(rec, tok);
+   }
+   ATFD1_TOKENS(1);
+   UPATH1_VNODE1_TOKENS;
+   break;
+
case AUE_CHDIR:
case AUE_CHROOT:
case AUE_FSTATAT:
@@ -959,6 +1011,7 @@ kaudit_to_bsm(struct kaudit_record *kar,
case AUE_GETDIRENTRIESATTR:
case AUE_LSEEK:
case AUE_POLL:
+   case AUE_POSIX_FALLOCATE:
case AUE_PREAD:
case AUE_PWRITE:
case AUE_READ:
@@ -1245,6 +1298,18 @@ kaudit_to_bsm(struct kaudit_record *kar,
UPATH1_VNODE1_TOKENS;
break;
 
+   case AUE_PROCCTL:
+   if (ARG_IS_VALID(kar, ARG_VALUE)) {
+   tok = au_to_arg32(1, "idtype", ar->ar_arg_value);
+   kau_write(rec, tok);
+   }
+   if (ARG_IS_VALID(kar, ARG_CMD)) {
+   tok = au_to_arg32(2, "com", ar->ar_arg_cmd);
+   kau_write(rec, tok);
+   }
+   PROCESS_PID_TOKENS(3);
+   break;
+
case AUE_PTRACE:
if (ARG_IS_VALID(kar, ARG_CMD)) {
tok = au_to_arg32(1, "request", ar->ar_arg_cmd);
@@ -1499,7 +1564,7 @@ kaudit_to_bsm(struct kaudit_record *kar,
/* AUE_SHMOPEN, AUE_SHMUNLINK, AUE_SEMOPEN, AUE_SEMCLOSE
 * and AUE_SEMUNLINK are Posix IPC */
case AUE_SHMOPEN:
-   if (ARG_IS_VALID(kar, ARG_SVIPC_ADDR)) {
+   if 

svn commit: r316271 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Thu Mar 30 12:35:56 2017
New Revision: 316271
URL: https://svnweb.freebsd.org/changeset/base/316271

Log:
  Don't ifdef KDTRACE_HOOKS struct, variable, and function prototype
  definitions for the DTrace audit provider, so that the dtaudit module
  can compile in the absence of kernel DTrace support.  This doesn't
  really make run-time sense (since the binary dependencies for the
  module won't be present), but it allows the dtaudit module to compile
  successfully regardless of the kernel configuration.
  
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL
  Reported by:  kib

Modified:
  head/sys/security/audit/audit_private.h

Modified: head/sys/security/audit/audit_private.h
==
--- head/sys/security/audit/audit_private.h Thu Mar 30 08:43:56 2017
(r316270)
+++ head/sys/security/audit/audit_private.h Thu Mar 30 12:35:56 2017
(r316271)
@@ -327,9 +327,7 @@ struct kaudit_record {
void*k_udata;   /* User data. */
u_intk_ulen;/* User data length. */
struct uthread  *k_uthread; /* Audited thread. */
-#ifdef KDTRACE_HOOKS
void*k_dtaudit_state;
-#endif
TAILQ_ENTRY(kaudit_record)   k_q;
 };
 TAILQ_HEAD(kaudit_queue, kaudit_record);
@@ -401,7 +399,6 @@ struct evname_elem {
LIST_ENTRY(evname_elem) ene_entry;  /* (m) */
struct mtx  ene_lock;
 
-#ifdef KDTRACE_HOOKS
/* DTrace probe IDs; 0 if not yet registered. */
uint32_tene_commit_probe_id;/* (M) */
uint32_tene_bsm_probe_id;   /* (M) */
@@ -409,7 +406,6 @@ struct evname_elem {
/* Flags indicating if the probes enabled or not. */
int ene_commit_probe_enabled;   /* (M) */
int ene_bsm_probe_enabled;  /* (M) */
-#endif
 };
 
 #defineEVNAME_LOCK(ene)mtx_lock(&(ene)->ene_lock)
@@ -424,7 +420,6 @@ typedef void(*au_evnamemap_callback_t)(
  * DTrace audit provider (dtaudit) hooks -- to be set non-NULL when the audit
  * provider is loaded and ready to be called into.
  */
-#ifdef KDTRACE_HOOKS
 extern void*(*dtaudit_hook_preselect)(au_id_t auid, au_event_t event,
au_class_t class);
 extern int (*dtaudit_hook_commit)(struct kaudit_record *kar,
@@ -433,7 +428,6 @@ extern int  (*dtaudit_hook_commit)(struct
 extern void(*dtaudit_hook_bsm)(struct kaudit_record *kar, au_id_t auid,
au_event_t event, au_class_t class, int sorf,
void *bsm_data, size_t bsm_len);
-#endif /* !KDTRACE_HOOKS */
 
 #include 
 #include 
@@ -457,9 +451,7 @@ au_class_t   au_event_class(au_event_t ev
 voidau_evnamemap_init(void);
 voidau_evnamemap_insert(au_event_t event, const char *name);
 voidau_evnamemap_foreach(au_evnamemap_callback_t callback);
-#ifdef KDTRACE_HOOKS
 struct evname_elem *au_evnamemap_lookup(au_event_t event);
-#endif
 int au_event_name(au_event_t event, char *name);
 au_event_t  audit_ctlname_to_sysctlevent(int name[], uint64_t valid_arg);
 au_event_t  audit_flags_and_error_to_openevent(int oflags, int error);
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Re: svn commit: r316182 - in head/sys: compat/freebsd32 kern sys

[Robert Watson]

On Thu, 30 Mar 2017, Konstantin Belousov wrote:


  Hook up new audit event identifiers for various non-Orange Book/CAPP
  system calls supported by OpenBSM 1.2-alpha5.

  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/compat/freebsd32/freebsd32_proto.h
  head/sys/compat/freebsd32/freebsd32_sysent.c
  head/sys/compat/freebsd32/syscalls.master
  head/sys/kern/init_sysent.c
  head/sys/kern/syscalls.master
  head/sys/sys/sysproto.h


This was already discussed somewhere, might be the place was not public 
enough.


The change, as committed, is impossible to read. Please do not mix 
human-made changes and generated files in one commit. For head it is no much 
harm to split the syscalls.master commits in way it was always done, for 
sake of the people reading either commit mails or VCS diffs.


I have no opinion on the split/single commit on stable branches.


Hi Kostik:

My apologies -- I'm afriad I lost track of that convention during the merge. 
I have to say, though, that if we want to make changes easier to follow, the 
problem here is not so much generated files as poor formatting in generated 
files.  Reading syscalls.master changes is always hard when multiple system 
calls are affected, due to the choice of putting all metadata for a system 
call on one line in the file.  We could fix this in the generated files 
easily, though, by having the structs in init_sysent.c add carriage returns 
after each field assignment -- in which case the generated changes would make 
it easier to understand what was going on for multi-syscall commits, and help 
catch errors better.  (I.e., by having the assignment of various 
system-call-related fields in the struct each appear on their own line.)  At 
which point I suspect I'd generally prefer to see the commits combined.  (The 
other reason we used to not combine commits related to generated $FreeBSD$ IDs 
in the files .. but that seems to have gone away.


Robert
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r316185 - in head/sys: kern security/audit

[Robert Watson]

Author: rwatson
Date: Wed Mar 29 23:31:35 2017
New Revision: 316185
URL: https://svnweb.freebsd.org/changeset/base/316185

Log:
  When handling msgsys(2), semsys(2), and shmsys(2) multiplex system calls,
  map the 'which' argument into a suitable audit event identifier for the
  specific operation requested.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/sysv_msg.c
  head/sys/kern/sysv_sem.c
  head/sys/kern/sysv_shm.c
  head/sys/security/audit/audit.c
  head/sys/security/audit/audit.h
  head/sys/security/audit/audit_arg.c
  head/sys/security/audit/audit_bsm_klib.c
  head/sys/security/audit/audit_private.h

Modified: head/sys/kern/sysv_msg.c
==
--- head/sys/kern/sysv_msg.cWed Mar 29 23:13:04 2017(r316184)
+++ head/sys/kern/sysv_msg.cWed Mar 29 23:31:35 2017(r316185)
@@ -73,6 +73,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#include 
 #include 
 
 FEATURE(sysv_msg, "System V message queues support");
@@ -1639,6 +1640,7 @@ freebsd32_msgsys(struct thread *td, stru
 
 #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \
 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7)
+   AUDIT_ARG_SVIPC_WHICH(uap->which);
switch (uap->which) {
case 0:
return (freebsd7_freebsd32_msgctl(td,
@@ -1810,6 +1812,7 @@ sys_msgsys(td, uap)
 {
int error;
 
+   AUDIT_ARG_SVIPC_WHICH(uap->which);
if (uap->which < 0 || uap->which >= nitems(msgcalls))
return (EINVAL);
error = (*msgcalls[uap->which])(td, >a2);

Modified: head/sys/kern/sysv_sem.c
==
--- head/sys/kern/sysv_sem.cWed Mar 29 23:13:04 2017(r316184)
+++ head/sys/kern/sysv_sem.cWed Mar 29 23:31:35 2017(r316185)
@@ -62,6 +62,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#include 
 #include 
 
 FEATURE(sysv_sem, "System V semaphores support");
@@ -1692,6 +1693,7 @@ sys_semsys(td, uap)
 {
int error;
 
+   AUDIT_ARG_SVIPC_WHICH(uap->which);
if (uap->which < 0 || uap->which >= nitems(semcalls))
return (EINVAL);
error = (*semcalls[uap->which])(td, >a2);
@@ -1791,6 +1793,7 @@ freebsd32_semsys(struct thread *td, stru
 
 #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \
 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7)
+   AUDIT_ARG_SVIPC_WHICH(uap->which);
switch (uap->which) {
case 0:
return (freebsd7_freebsd32_semctl(td,

Modified: head/sys/kern/sysv_shm.c
==
--- head/sys/kern/sysv_shm.cWed Mar 29 23:13:04 2017(r316184)
+++ head/sys/kern/sysv_shm.cWed Mar 29 23:31:35 2017(r316185)
@@ -87,6 +87,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#include 
 #include 
 
 #include 
@@ -1300,6 +1301,7 @@ int
 sys_shmsys(struct thread *td, struct shmsys_args *uap)
 {
 
+   AUDIT_ARG_SVIPC_WHICH(uap->which);
if (uap->which < 0 || uap->which >= nitems(shmcalls))
return (EINVAL);
return ((*shmcalls[uap->which])(td, >a2));
@@ -1315,6 +1317,7 @@ freebsd32_shmsys(struct thread *td, stru
 
 #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \
 defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7)
+   AUDIT_ARG_SVIPC_WHICH(uap->which);
switch (uap->which) {
case 0: {   /* shmat */
struct shmat_args ap;

Modified: head/sys/security/audit/audit.c
==
--- head/sys/security/audit/audit.c Wed Mar 29 23:13:04 2017
(r316184)
+++ head/sys/security/audit/audit.c Wed Mar 29 23:31:35 2017
(r316185)
@@ -1,6 +1,6 @@
 /*-
  * Copyright (c) 1999-2005 Apple Inc.
- * Copyright (c) 2006-2007, 2016 Robert N. M. Watson
+ * Copyright (c) 2006-2007, 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
  * Portions of this software were developed by BAE Systems, the University of
@@ -472,6 +472,24 @@ audit_commit(struct kaudit_record *ar, i
/* Convert the auditon() command to an event. */
ar->k_ar.ar_event = auditon_command_event(ar->k_ar.ar_arg_cmd);
break;
+
+   case AUE_MSGSYS:
+   if (ARG_IS_VALID(ar, ARG_SVIPC_WHICH))
+   ar->k_ar.ar_event =
+   audit_msgsys_to_event(ar->k_ar.ar_arg_svipc_which);
+   break;
+
+   case AUE_SEMSYS:
+   if (ARG_IS_VALID(ar, ARG_SVIPC_WHICH))
+   ar->k_ar.ar_event =
+   audit_semsys_to_event(ar->k_ar.ar_arg_svipc_which);
+   break;
+
+   case AUE_SHMSYS:
+   if (ARG_IS_VALID(ar, ARG_SVIPC_WHICH))
+

svn commit: r316182 - in head/sys: compat/freebsd32 kern sys

[Robert Watson]

Author: rwatson
Date: Wed Mar 29 22:33:56 2017
New Revision: 316182
URL: https://svnweb.freebsd.org/changeset/base/316182

Log:
  Hook up new audit event identifiers for various non-Orange Book/CAPP
  system calls supported by OpenBSM 1.2-alpha5.
  
  Obtained from:TrustedBSD Project
  MFC after:3 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/compat/freebsd32/freebsd32_proto.h
  head/sys/compat/freebsd32/freebsd32_sysent.c
  head/sys/compat/freebsd32/syscalls.master
  head/sys/kern/init_sysent.c
  head/sys/kern/syscalls.master
  head/sys/sys/sysproto.h

Modified: head/sys/compat/freebsd32/freebsd32_proto.h
==
--- head/sys/compat/freebsd32/freebsd32_proto.h Wed Mar 29 21:31:45 2017
(r316181)
+++ head/sys/compat/freebsd32/freebsd32_proto.h Wed Mar 29 22:33:56 2017
(r316182)
@@ -1139,7 +1139,7 @@ int   freebsd10_freebsd32_pipe(struct thre
 #defineFREEBSD32_SYS_AUE_ofreebsd32_sigprocmaskAUE_SIGPROCMASK
 #defineFREEBSD32_SYS_AUE_ofreebsd32_sigpending AUE_SIGPENDING
 #defineFREEBSD32_SYS_AUE_freebsd32_sigaltstack AUE_SIGALTSTACK
-#defineFREEBSD32_SYS_AUE_freebsd32_ioctl   AUE_NULL
+#defineFREEBSD32_SYS_AUE_freebsd32_ioctl   AUE_IOCTL
 #defineFREEBSD32_SYS_AUE_freebsd32_execve  AUE_EXECVE
 #defineFREEBSD32_SYS_AUE_ofreebsd32_fstat  AUE_FSTAT
 #defineFREEBSD32_SYS_AUE_ofreebsd32_getpagesizeAUE_NULL
@@ -1148,7 +1148,7 @@ int   freebsd10_freebsd32_pipe(struct thre
 #defineFREEBSD32_SYS_AUE_freebsd32_getitimer   AUE_GETITIMER
 #defineFREEBSD32_SYS_AUE_freebsd32_fcntl   AUE_FCNTL
 #defineFREEBSD32_SYS_AUE_freebsd32_select  AUE_SELECT
-#defineFREEBSD32_SYS_AUE_ofreebsd32_sigreturn  AUE_NULL
+#defineFREEBSD32_SYS_AUE_ofreebsd32_sigreturn  AUE_SIGRETURN
 #defineFREEBSD32_SYS_AUE_ofreebsd32_sigvec AUE_O_SIGVEC
 #defineFREEBSD32_SYS_AUE_ofreebsd32_sigblock   AUE_O_SIGBLOCK
 #defineFREEBSD32_SYS_AUE_ofreebsd32_sigsetmask AUE_O_SIGSETMASK
@@ -1194,48 +1194,48 @@ int freebsd10_freebsd32_pipe(struct thre
 #defineFREEBSD32_SYS_AUE_freebsd32_nanosleep   AUE_NULL
 #defineFREEBSD32_SYS_AUE_freebsd32_clock_nanosleep AUE_NULL
 #defineFREEBSD32_SYS_AUE_freebsd32_clock_getcpuclockid2AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd32_aio_readAUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd32_aio_write   AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd32_lio_listio  AUE_NULL
+#defineFREEBSD32_SYS_AUE_freebsd32_aio_readAUE_AIO_READ
+#defineFREEBSD32_SYS_AUE_freebsd32_aio_write   AUE_AIO_WRITE
+#defineFREEBSD32_SYS_AUE_freebsd32_lio_listio  AUE_LIO_LISTIO
 #defineFREEBSD32_SYS_AUE_freebsd32_lutimes AUE_LUTIMES
 #defineFREEBSD32_SYS_AUE_freebsd32_preadv  AUE_PREADV
 #defineFREEBSD32_SYS_AUE_freebsd32_pwritev AUE_PWRITEV
 #defineFREEBSD32_SYS_AUE_freebsd4_freebsd32_fhstatfs   AUE_FHSTATFS
 #defineFREEBSD32_SYS_AUE_freebsd32_modstat AUE_NULL
 #defineFREEBSD32_SYS_AUE_freebsd32_kldstat AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd32_aio_return  AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd32_aio_suspend AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd32_aio_error   AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_read   AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_write  AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_NULL
+#defineFREEBSD32_SYS_AUE_freebsd32_aio_return  AUE_AIO_RETURN
+#defineFREEBSD32_SYS_AUE_freebsd32_aio_suspend AUE_AIO_SUSPEND
+#defineFREEBSD32_SYS_AUE_freebsd32_aio_error   AUE_AIO_ERROR
+#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_read   AUE_AIO_READ
+#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_write  AUE_AIO_WRITE
+#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_LIO_LISTIO
 #defineFREEBSD32_SYS_AUE_freebsd4_freebsd32_sendfile   AUE_SENDFILE
 #defineFREEBSD32_SYS_AUE_freebsd32_jailAUE_JAIL
 #defineFREEBSD32_SYS_AUE_freebsd4_freebsd32_sigaction  AUE_SIGACTION
 #defineFREEBSD32_SYS_AUE_freebsd4_freebsd32_sigreturn  AUE_SIGRETURN
 #defineFREEBSD32_SYS_AUE_freebsd32_sigtimedwaitAUE_SIGWAIT
 #defineFREEBSD32_SYS_AUE_freebsd32_sigwaitinfo AUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd32_aio_waitcompleteAUE_NULL
-#defineFREEBSD32_SYS_AUE_freebsd32_kevent  AUE_NULL
+#defineFREEBSD32_SYS_AUE_freebsd32_aio_waitcomplete
AUE_AIO_WAITCOMPLETE
+#defineFREEBSD32_SYS_AUE_freebsd32_kevent  AUE_KEVENT
 #defineFREEBSD32_SYS_AUE_freebsd32_nmount  AUE_NMOUNT
 #defineFREEBSD32_SYS_AUE_freebsd32_sendfileAUE_SENDFILE
-#define

svn commit: r316176 - in head/sys: conf modules/dtrace modules/dtrace/dtaudit security/audit

[Robert Watson]

Author: rwatson
Date: Wed Mar 29 19:58:00 2017
New Revision: 316176
URL: https://svnweb.freebsd.org/changeset/base/316176

Log:
  Add an experimental DTrace audit provider, which allows users of DTrace to
  instrument security event auditing rather than relying on conventional BSM
  trail files or audit pipes:
  
  - Add a set of per-event 'commit' probes, which provide access to
particular auditable events at the time of commit in system-call return.
These probes gain access to audit data via the in-kernel audit_record
data structure, providing convenient access to system-call arguments and
return values in a single probe.
  
  - Add a set of per-event 'bsm' probes, which provide access to particular
auditable events at the time of BSM record generation in the audit
worker thread. These probes have access to the in-kernel audit_record
data structure and BSM representation as would be written to a trail
file or audit pipe -- i.e., asynchronously in the audit worker thread.
  
  DTrace probe arguments consist of the name of the audit event (to support
  future mechanisms of instrumenting multiple events via a single probe --
  e.g., using classes), a pointer to the in-kernel audit record, and an
  optional pointer to the BSM data and its length. For human convenience,
  upper-case audit event names (AUE_...) are converted to lower case in
  DTrace.
  
  DTrace scripts can now cause additional audit-based data to be collected
  on system calls, and inspect internal and BSM representations of the data.
  They do not affect data captured in the audit trail or audit pipes
  configured in the system. auditd(8) must be configured and running in
  order to provide a database of event information, as well as other audit
  configuration parameters (e.g., to capture command-line arguments or
  environmental variables) for the provider to operate.
  
  Reviewed by:  gnn, jonathan, markj
  Sponsored by: DARPA, AFRL
  MFC after:3 weeks
  Differential Revision:https://reviews.freebsd.org/D10149

Added:
  head/sys/modules/dtrace/dtaudit/
  head/sys/modules/dtrace/dtaudit/Makefile   (contents, props changed)
  head/sys/security/audit/audit_dtrace.c   (contents, props changed)
Modified:
  head/sys/conf/files
  head/sys/modules/dtrace/Makefile
  head/sys/security/audit/audit.c
  head/sys/security/audit/audit_bsm_klib.c
  head/sys/security/audit/audit_private.h
  head/sys/security/audit/audit_worker.c

Modified: head/sys/conf/files
==
--- head/sys/conf/files Wed Mar 29 19:39:07 2017(r316175)
+++ head/sys/conf/files Wed Mar 29 19:58:00 2017(r316176)
@@ -4593,6 +4593,7 @@ security/audit/audit.coptional audit
 security/audit/audit_arg.c optional audit
 security/audit/audit_bsm.c optional audit
 security/audit/audit_bsm_klib.coptional audit
+security/audit/audit_dtrace.c  optional dtaudit audit | dtraceall audit 
compile-with "${CDDL_C}"
 security/audit/audit_pipe.coptional audit
 security/audit/audit_syscalls.cstandard
 security/audit/audit_trigger.c optional audit

Modified: head/sys/modules/dtrace/Makefile
==
--- head/sys/modules/dtrace/MakefileWed Mar 29 19:39:07 2017
(r316175)
+++ head/sys/modules/dtrace/MakefileWed Mar 29 19:58:00 2017
(r316176)
@@ -2,7 +2,8 @@
 
 .include "Makefile.inc"
 
-SUBDIR=dtmalloc\
+SUBDIR=dtaudit \
+   dtmalloc\
dtnfscl \
dtrace  \
dtraceall   \

Added: head/sys/modules/dtrace/dtaudit/Makefile
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/sys/modules/dtrace/dtaudit/MakefileWed Mar 29 19:58:00 2017
(r316176)
@@ -0,0 +1,17 @@
+# $FreeBSD$
+
+SYSDIR?=   ${.CURDIR}/../../..
+
+.PATH: ${SYSDIR}/security/audit
+
+KMOD=  dtaudit
+SRCS=  audit_dtrace.c  \
+   vnode_if.h
+
+CFLAGS+=   -I${SYSDIR}/cddl/compat/opensolaris \
+   -I${SYSDIR}/cddl/contrib/opensolaris/uts/common \
+   -I${SYSDIR}
+
+.include 
+
+CFLAGS+=   -include ${SYSDIR}/cddl/compat/opensolaris/sys/debug_compat.h

Modified: head/sys/security/audit/audit.c
==
--- head/sys/security/audit/audit.c Wed Mar 29 19:39:07 2017
(r316175)
+++ head/sys/security/audit/audit.c Wed Mar 29 19:58:00 2017
(r316176)
@@ -1,8 +1,13 @@
 /*-
  * Copyright (c) 1999-2005 Apple Inc.
- * Copyright (c) 2006-2007 Robert N. M. Watson
+ * Copyright (c) 2006-2007, 2016 Robert N. M. Watson
  * All rights reserved.
  *
+ * Portions of this software were developed by BAE Systems, 

svn commit: r316018 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Mon Mar 27 10:38:53 2017
New Revision: 316018
URL: https://svnweb.freebsd.org/changeset/base/316018

Log:
  Introduce an audit event identifier -> audit event name mapping
  database in the kernel audit implementation, similar the exist
  class mapping database.  This will be used by the DTrace audit
  provider to map audit event identifiers originating in the
  system-call table back into strings for the purposes of setting
  probe names.  The database is initialised and maintained by
  auditd(8), which reads values in from the audit_events
  configuration file, and then manages them using the A_GETEVENT
  and A_SETEVENT auditon(2) operations.
  
  Obtained from:TrustedBSD Project
  Sponsored by: DARPA, AFRL
  MFC after:3 weeks

Modified:
  head/sys/security/audit/audit_bsm.c
  head/sys/security/audit/audit_bsm_klib.c
  head/sys/security/audit/audit_private.h
  head/sys/security/audit/audit_syscalls.c

Modified: head/sys/security/audit/audit_bsm.c
==
--- head/sys/security/audit/audit_bsm.c Mon Mar 27 09:45:27 2017
(r316017)
+++ head/sys/security/audit/audit_bsm.c Mon Mar 27 10:38:53 2017
(r316018)
@@ -1,7 +1,13 @@
 /*
  * Copyright (c) 1999-2009 Apple Inc.
+ * Copyright (c) 2016-2017 Robert N. M. Watson
  * All rights reserved.
  *
+ * Portions of this software were developed by BAE Systems, the University of
+ * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+ * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+ * Computing (TC) research program.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -67,6 +73,7 @@ kau_init(void)
 {
 
au_evclassmap_init();
+   au_evnamemap_init();
 }
 
 /*

Modified: head/sys/security/audit/audit_bsm_klib.c
==
--- head/sys/security/audit/audit_bsm_klib.cMon Mar 27 09:45:27 2017
(r316017)
+++ head/sys/security/audit/audit_bsm_klib.cMon Mar 27 10:38:53 2017
(r316018)
@@ -1,8 +1,13 @@
 /*
  * Copyright (c) 1999-2009 Apple Inc.
- * Copyright (c) 2005 Robert N. M. Watson
+ * Copyright (c) 2005, 2016 Robert N. M. Watson
  * All rights reserved.
  *
+ * Portions of this software were developed by BAE Systems, the University of
+ * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+ * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+ * Computing (TC) research program.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -42,6 +47,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -76,6 +82,30 @@ static struct evclass_list   evclass_hash[
 #defineEVCLASS_WLOCK() rw_wlock(_lock)
 #defineEVCLASS_WUNLOCK()   rw_wunlock(_lock)
 
+/*
+ * Hash table maintaining a mapping from audit event numbers to audit event
+ * names.  For now, used only by DTrace, but present always so that userspace
+ * tools can register and inspect fields consistently even if DTrace is not
+ * present.
+ *
+ * struct evname_elem is defined in audit_private.h so that audit_dtrace.c can
+ * use the definition.
+ */
+#defineEVNAMEMAP_HASH_TABLE_SIZE   251
+struct evname_list {
+   LIST_HEAD(, evname_elem)enl_head;
+};
+
+static MALLOC_DEFINE(M_AUDITEVNAME, "audit_evname", "Audit event name");
+static struct sx   evnamemap_lock;
+static struct evname_list  evnamemap_hash[EVNAMEMAP_HASH_TABLE_SIZE];
+
+#defineEVNAMEMAP_LOCK_INIT()   sx_init(_lock, 
"evnamemap_lock");
+#defineEVNAMEMAP_RLOCK()   sx_slock(_lock)
+#defineEVNAMEMAP_RUNLOCK() sx_sunlock(_lock)
+#defineEVNAMEMAP_WLOCK()   sx_xlock(_lock)
+#defineEVNAMEMAP_WUNLOCK() sx_xunlock(_lock)
+
 struct aue_open_event {
int aoe_flags;
au_event_t  aoe_event;
@@ -222,6 +252,117 @@ au_preselect(au_event_t event, au_class_
 }
 
 /*
+ * Look up the name for an audit event in the event-to-name mapping table.
+ */
+int
+au_event_name(au_event_t event, char *name)
+{
+   struct evname_list *enl;
+   struct evname_elem *ene;
+   int error;
+
+   error = ENOENT;
+   EVNAMEMAP_RLOCK();
+   enl = _hash[event % EVNAMEMAP_HASH_TABLE_SIZE];
+   LIST_FOREACH(ene, >enl_head, ene_entry) {
+   if (ene->ene_event == event) {
+   strlcpy(name, ene->ene_name, EVNAMEMAP_NAME_SIZE);
+   error = 0;
+   goto out;
+   }
+   }
+out:
+   EVNAMEMAP_RUNLOCK();
+   return (error);
+}
+
+/*
+ * Insert a event-to-name mapping.  If 

svn commit: r316015 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Mon Mar 27 08:29:17 2017
New Revision: 316015
URL: https://svnweb.freebsd.org/changeset/base/316015

Log:
  Extend comment describing path canonicalisation in audit.
  
  Sponsored by: DARPA, AFRL
  Obtained from:TrustedBSD Project
  MFC after:3 days

Modified:
  head/sys/security/audit/audit_arg.c

Modified: head/sys/security/audit/audit_arg.c
==
--- head/sys/security/audit/audit_arg.c Mon Mar 27 08:29:02 2017
(r316014)
+++ head/sys/security/audit/audit_arg.c Mon Mar 27 08:29:17 2017
(r316015)
@@ -708,7 +708,8 @@ audit_arg_file(struct proc *p, struct fi
  * Store a path as given by the user process for auditing into the audit
  * record stored on the user thread.  This function will allocate the memory
  * to store the path info if not already available.  This memory will be
- * freed when the audit record is freed.
+ * freed when the audit record is freed.  The path is canonlicalised with
+ * respect to the thread and directory descriptor passed.
  */
 static void
 audit_arg_upath(struct thread *td, int dirfd, char *upath, char **pathp)
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r316006 - in head: contrib/openbsm contrib/openbsm/bin contrib/openbsm/bin/audit contrib/openbsm/bin/auditd contrib/openbsm/bin/auditdistd contrib/openbsm/bin/auditfilterd contrib/openb...

[Robert Watson]

Author: rwatson
Date: Sun Mar 26 21:14:49 2017
New Revision: 316006
URL: https://svnweb.freebsd.org/changeset/base/316006

Log:
  Merge OpenBSM 1.2-alpha5 from vendor branch to FreeBSD -CURRENT:
  
  - Add a new "qsize" parameter in audit_control and the getacqsize(3) API to
query it, allowing to set the kernel's maximum audit queue length.
  - Add support to push a mapping between audit event names and event numbers
into the kernel (where supported) using new A_GETEVENT and A_SETEVENT
auditon(2) operations.
  - Add audit event identifiers for a number of new (and not-so-new) FreeBSD
system calls including those for asynchronous I/O, thread management, SCTP,
jails, multi-FIB support, and misc. POSIX interfaces such as
posix_fallocate(2) and posix_fadvise(2).
  - On operating systems supporting Capsicum, auditreduce(1) and praudit(1) now
run sandboxed.
  - Empty "flags" and "naflags" fields are now permitted in audit_control(5).
  
  Many thanks to Christian Brueffer for producing the OpenBSM release and
  importing/tagging it in the vendor branch.  This release will allow improved
  auditing of a range of new FreeBSD functionality, as well as non-traditional
  events (e.g., fine-grained I/O auditing) not required by the Orange Book or
  Common Criteria.
  
  Obtained from:TrustedBSD Project
  Sponsored by: DARPA, AFRL
  MFC after:3 weeks

Modified:
  head/contrib/openbsm/.travis.yml
  head/contrib/openbsm/CREDITS
  head/contrib/openbsm/INSTALL
  head/contrib/openbsm/LICENSE
  head/contrib/openbsm/Makefile.in
  head/contrib/openbsm/NEWS
  head/contrib/openbsm/README
  head/contrib/openbsm/VERSION
  head/contrib/openbsm/aclocal.m4
  head/contrib/openbsm/bin/Makefile.in
  head/contrib/openbsm/bin/audit/Makefile.in
  head/contrib/openbsm/bin/auditd/Makefile.in
  head/contrib/openbsm/bin/auditd/auditd.c
  head/contrib/openbsm/bin/auditdistd/Makefile.am
  head/contrib/openbsm/bin/auditdistd/Makefile.in
  head/contrib/openbsm/bin/auditdistd/pjdlog.c
  head/contrib/openbsm/bin/auditfilterd/Makefile.in
  head/contrib/openbsm/bin/auditreduce/Makefile.in
  head/contrib/openbsm/bin/auditreduce/auditreduce.c
  head/contrib/openbsm/bin/praudit/Makefile.in
  head/contrib/openbsm/bin/praudit/praudit.c
  head/contrib/openbsm/bsm/Makefile.in
  head/contrib/openbsm/bsm/auditd_lib.h
  head/contrib/openbsm/bsm/libbsm.h
  head/contrib/openbsm/config/config.h
  head/contrib/openbsm/config/config.h.in
  head/contrib/openbsm/config/depcomp
  head/contrib/openbsm/config/ltmain.sh
  head/contrib/openbsm/config/missing
  head/contrib/openbsm/configure
  head/contrib/openbsm/configure.ac
  head/contrib/openbsm/etc/audit_event
  head/contrib/openbsm/libauditd/Makefile.in
  head/contrib/openbsm/libauditd/auditd_lib.c
  head/contrib/openbsm/libbsm/Makefile.am
  head/contrib/openbsm/libbsm/Makefile.in
  head/contrib/openbsm/libbsm/au_control.3
  head/contrib/openbsm/libbsm/au_token.3
  head/contrib/openbsm/libbsm/bsm_control.c
  head/contrib/openbsm/libbsm/bsm_wrappers.c
  head/contrib/openbsm/m4/libtool.m4
  head/contrib/openbsm/m4/ltoptions.m4
  head/contrib/openbsm/m4/ltsugar.m4
  head/contrib/openbsm/m4/ltversion.m4
  head/contrib/openbsm/man/Makefile.in
  head/contrib/openbsm/man/audit_control.5
  head/contrib/openbsm/man/auditon.2
  head/contrib/openbsm/modules/Makefile.in
  head/contrib/openbsm/modules/auditfilter_noop/Makefile.in
  head/contrib/openbsm/sys/Makefile.in
  head/contrib/openbsm/sys/bsm/Makefile.in
  head/contrib/openbsm/sys/bsm/audit.h
  head/contrib/openbsm/sys/bsm/audit_kevents.h
  head/contrib/openbsm/sys/bsm/audit_record.h
  head/contrib/openbsm/test/Makefile.in
  head/contrib/openbsm/test/bsm/Makefile.in
  head/contrib/openbsm/tools/Makefile.in
  head/contrib/openbsm/tools/audump.c
  head/lib/libbsm/Makefile
  head/sys/bsm/audit.h
  head/sys/bsm/audit_kevents.h
  head/usr.sbin/praudit/Makefile
Directory Properties:
  head/contrib/openbsm/   (props changed)

Modified: head/contrib/openbsm/.travis.yml
==
--- head/contrib/openbsm/.travis.ymlSun Mar 26 20:36:35 2017
(r316005)
+++ head/contrib/openbsm/.travis.ymlSun Mar 26 21:14:49 2017
(r316006)
@@ -14,5 +14,7 @@ before_install:
   sudo apt-get -qq install byacc flex;
 elif [ $TRAVIS_OS_NAME == "osx" ]; then
   brew update;
-  brew install byacc flex;
+  brew install byacc flex openssl;
+  export CFLAGS="-I/usr/local/opt/openssl/include $CFLAGS";
+  export LDFLAGS="-L/usr/local/opt/openssl/lib $LDFLAGS";
 fi

Modified: head/contrib/openbsm/CREDITS
==
--- head/contrib/openbsm/CREDITSSun Mar 26 20:36:35 2017
(r316005)
+++ head/contrib/openbsm/CREDITSSun Mar 26 21:14:49 2017
(r316006)
@@ -35,6 +35,7 @@ the development of OpenBSM:
 Joel Dahl
 Ryan Steinmetz
 The FreeBSD Foundation
+  

Re: svn commit: r315948 - in head: bin/csh contrib/tcsh contrib/tcsh/config contrib/tcsh/nls contrib/tcsh/nls/C contrib/tcsh/nls/et contrib/tcsh/nls/finnish contrib/tcsh/nls/french contrib/tcsh/nls/ge

[Robert Watson]

On Sat, 25 Mar 2017, Chagin Dmitry wrote:


Author: dchagin
Date: Sat Mar 25 13:32:28 2017
New Revision: 315948
URL: https://svnweb.freebsd.org/changeset/base/315948

Log:
 Update to tcsh 6.20.00


Relnotes: yes


don't think it matters,


Should this be MFCed?


I did not plan


It may be helpful to us if the out-of-bounds fix in tcsh could be merged to 
11.x to appear in a future release.  If it's not too much trouble, anyway..?


Robert
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r316004 - head/share/man/man9

[Robert Watson]

Author: rwatson
Date: Sun Mar 26 20:24:27 2017
New Revision: 316004
URL: https://svnweb.freebsd.org/changeset/base/316004

Log:
  Slightly improve consistency of "fooint" vs "foo_int" in DPCPU(9) examples.
  
  MFC after:3 days

Modified:
  head/share/man/man9/dpcpu.9

Modified: head/share/man/man9/dpcpu.9
==
--- head/share/man/man9/dpcpu.9 Sun Mar 26 20:15:08 2017(r316003)
+++ head/share/man/man9/dpcpu.9 Sun Mar 26 20:24:27 2017(r316004)
@@ -57,20 +57,20 @@ Arbitrary C types may be used, including
 If no initialization is provided, then each per-CPU instance of the variable
 will be zero-filled (i.e., as though allocated in BSS):
 .Bd -literal -offset 1234
-DPCPU_DEFINE(int, fooint);
+DPCPU_DEFINE(int, foo_int);
 .Ed
 .Pp
 Values may also be initialized statically with the definition, causing each
 per-CPU instance to be initialized with the value:
 .Bd -literal -offset 1234
-DPCPU_DEFINE(int, fooint) = 1;
+DPCPU_DEFINE(int, foo_int) = 1;
 .Ed
 .Pp
 Syntactically, the definition may be treated as a variable.
 For example, a dynamic per-CPU variable may be declared as
 .Dv static :
 .Bd -literal -offset 1234
-static DPCPU_DEFINE(int, fooint);
+static DPCPU_DEFINE(int, foo_int);
 .Ed
 .Pp
 .Fn DPCPU_DECLARE
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r316003 - head/share/man/man9

[Robert Watson]

Author: rwatson
Date: Sun Mar 26 20:15:08 2017
New Revision: 316003
URL: https://svnweb.freebsd.org/changeset/base/316003

Log:
  Add a man page for the kernel's dynamic per-CPU memory allocator.
  
  MFC after: 3 days

Added:
  head/share/man/man9/dpcpu.9   (contents, props changed)
Modified:
  head/share/man/man9/Makefile

Modified: head/share/man/man9/Makefile
==
--- head/share/man/man9/MakefileSun Mar 26 19:47:43 2017
(r316002)
+++ head/share/man/man9/MakefileSun Mar 26 20:15:08 2017
(r316003)
@@ -116,6 +116,7 @@ MAN=accept_filter.9 \
disk.9 \
dnv.9 \
domain.9 \
+   dpcpu.9 \
drbr.9 \
driver.9 \
DRIVER_MODULE.9 \

Added: head/share/man/man9/dpcpu.9
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/share/man/man9/dpcpu.9 Sun Mar 26 20:15:08 2017(r316003)
@@ -0,0 +1,163 @@
+.\"-
+.\" Copyright (c) 2017 Robert N. M. Watson
+.\" All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\"notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\"notice, this list of conditions and the following disclaimer in the
+.\"documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" $FreeBSD$
+.\"
+.Dd March 26, 2017
+.Dt DPCPU 9
+.Os
+.Sh NAME
+.Nm dpcpu
+.Nd Kernel Dynamic Per-CPU Memory Allocator
+.Sh SYNOPSIS
+.In sys/pcpu.h
+.Ss Per-CPU Variable Definition and Declaration
+.Fn DPCPU_DEFINE "type" "name"
+.Fn DPCPU_DECLARE "type" "name"
+.Ss Current CPU Accessor Functions
+.Fn DPCPU_PTR "name"
+.Fn DPCPU_GET "name"
+.Fn DPCPU_SET "name" "value"
+.Ss Named CPU Accessor Functions
+.Fn DPCPU_ID_PTR "cpu" "name"
+.Fn DPCPU_ID_GET "cpu" "name"
+.Fn DPCPU_ID_SET "cpu" "name" "value"
+.Sh DESCRIPTION
+.Nm
+instantiates one instance of a global variable with each CPU in the system.
+Dynamically allocated per-CPU variables are defined using
+.Fn DPCPU_DEFINE ,
+which defines a variable of name
+.Ar name
+and type
+.Ar type .
+Arbitrary C types may be used, including structures and arrays.
+If no initialization is provided, then each per-CPU instance of the variable
+will be zero-filled (i.e., as though allocated in BSS):
+.Bd -literal -offset 1234
+DPCPU_DEFINE(int, fooint);
+.Ed
+.Pp
+Values may also be initialized statically with the definition, causing each
+per-CPU instance to be initialized with the value:
+.Bd -literal -offset 1234
+DPCPU_DEFINE(int, fooint) = 1;
+.Ed
+.Pp
+Syntactically, the definition may be treated as a variable.
+For example, a dynamic per-CPU variable may be declared as
+.Dv static :
+.Bd -literal -offset 1234
+static DPCPU_DEFINE(int, fooint);
+.Ed
+.Pp
+.Fn DPCPU_DECLARE
+produces a declaration of the per-CPU variable suitable for use in header
+files.
+.Pp
+The current CPU's variable instance can be accessed via
+.Nm DPCPU_PTR
+(which returns a pointer to the per-CPU instance),
+.Nm DPCPU_GET
+(which retrieves the value of the per-CPU instance),
+and
+.Nm DPCPU_SET
+(which sets the value of the per-CPU instance).
+.Pp
+Instances of variables associated with specific CPUs can be accessed via the
+.Nm DPCPU_ID_PTR ,
+.Nm DPCPU_ID_GET ,
+and
+.Nm DPGPU_ID_SET
+accessor functions, which accept an additional CPU ID argument,
+.Ar cpu .
+.Ss Synchronization
+In addition to the ordinary synchronization concerns associated with global
+variables, which may imply the use of
+.Xr atomic 9 ,
+.Xr mutex 9 ,
+or other kernel synchronization primitives, it is further the case that
+thread migration could dynamically change the instance of a variable being
+accessed by a thread between operations.
+This requires additional care when reasoning about and protecting per-CPU
+variables.
+.Pp
+For example, it may be desirable to protect 

svn commit: r315990 - in head: contrib/top usr.bin/top

[Robert Watson]

Author: rwatson
Date: Sun Mar 26 17:22:44 2017
New Revision: 315990
URL: https://svnweb.freebsd.org/changeset/base/315990

Log:
  Provide proper contemporary function prototypes for many of the functions
  implemented in top(1), rather than relying on K prototypes, which can
  cause problems on targets where there are multiple incompatible calling
  conventions and the compiler requires argument information to select the
  correct one.
  
  (There's a bit more to do here, since it looks like top(1) also sometimes
  provides prototypes for various curses functions rather than relying on
  the header file...)
  
  Sponsored by: DARPA, AFRL
  MFC after:1 week

Modified:
  head/contrib/top/machine.h
  head/contrib/top/top.c
  head/usr.bin/top/machine.c

Modified: head/contrib/top/machine.h
==
--- head/contrib/top/machine.h  Sun Mar 26 16:49:20 2017(r315989)
+++ head/contrib/top/machine.h  Sun Mar 26 17:22:44 2017(r315990)
@@ -81,14 +81,15 @@ struct process_select
 
 /* routines defined by the machine dependent module */
 
-char   *format_header();
-char   *format_next_process();
+char   *format_header(char *uname_field);
+char   *format_next_process(caddr_t handle, char *(*get_userid)(int),
+   int flags);
 voidtoggle_pcpustats(void);
 voidget_system_info(struct system_info *si);
 int machine_init(struct statics *statics, char do_unames);
 int proc_owner(int pid);
 
 /* non-int routines typically used by the machine dependent module */
-char   *printable();
+char   *printable(char *string);
 
 #endif /* MACHINE_H */

Modified: head/contrib/top/top.c
==
--- head/contrib/top/top.c  Sun Mar 26 16:49:20 2017(r315989)
+++ head/contrib/top/top.c  Sun Mar 26 17:22:44 2017(r315990)
@@ -112,7 +112,8 @@ extern int io_compare();
 #endif
 time_t time();
 
-caddr_t get_process_info();
+caddr_t get_process_info(struct system_info *si, struct process_select *sel,
+int (*compare)(const void *, const void *));
 
 /* different routines for displaying the user's identification */
 /* (values assigned to get_userid) */
@@ -120,16 +121,16 @@ char *username();
 char *itoa7();
 
 /* pointers to display routines */
-void (*d_loadave)() = i_loadave;
-void (*d_procstates)() = i_procstates;
-void (*d_cpustates)() = i_cpustates;
-void (*d_memory)() = i_memory;
-void (*d_arc)() = i_arc;
-void (*d_carc)() = i_carc;
-void (*d_swap)() = i_swap;
-void (*d_message)() = i_message;
-void (*d_header)() = i_header;
-void (*d_process)() = i_process;
+void (*d_loadave)(int mpid, double *avenrun) = i_loadave;
+void (*d_procstates)(int total, int *brkdn) = i_procstates;
+void (*d_cpustates)(int *states) = i_cpustates;
+void (*d_memory)(int *stats) = i_memory;
+void (*d_arc)(int *stats) = i_arc;
+void (*d_carc)(int *stats) = i_carc;
+void (*d_swap)(int *stats) = i_swap;
+void (*d_message)(void) = i_message;
+void (*d_header)(char *text) = i_header;
+void (*d_process)(int line, char *thisline) = i_process;
 
 void reset_display(void);
 

Modified: head/usr.bin/top/machine.c
==
--- head/usr.bin/top/machine.c  Sun Mar 26 16:49:20 2017(r315989)
+++ head/usr.bin/top/machine.c  Sun Mar 26 17:22:44 2017(r315990)
@@ -241,7 +241,7 @@ static int pageshift;   /* log base 2 of 
 ((kip)->ki_swrss > (kip)->ki_rssize ? (kip)->ki_swrss - (kip)->ki_rssize : 
0)
 
 /* useful externals */
-long percentages();
+long percentages(int cnt, int *out, long *new, long *old, long *diffs);
 
 #ifdef ORDER
 /*
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r315987 - in head/libexec/bootpd: . tools/bootptest

[Robert Watson]

Author: rwatson
Date: Sun Mar 26 14:37:12 2017
New Revision: 315987
URL: https://svnweb.freebsd.org/changeset/base/315987

Log:
  Emply contemporary function prototypes in bootpd, rather than relying on
  locally defined K prototypes in .c files; use appropriate casts for
  pointer types now that types for arguments are available at compile time.
  This ensures that compilers with multiple incompatible calling conventions
  can select the correct calling convention for external functions.
  
  Sponsored by: DARPA, AFRL
  MFC after:1 week

Modified:
  head/libexec/bootpd/getif.c
  head/libexec/bootpd/tools/bootptest/bootptest.c
  head/libexec/bootpd/tools/bootptest/bootptest.h
  head/libexec/bootpd/tools/bootptest/print-bootp.c

Modified: head/libexec/bootpd/getif.c
==
--- head/libexec/bootpd/getif.c Sun Mar 26 14:31:29 2017(r315986)
+++ head/libexec/bootpd/getif.c Sun Mar 26 14:37:12 2017(r315987)
@@ -36,7 +36,7 @@
 static struct ifreq ifreq[10]; /* Holds interface configuration */
 static struct ifconf ifconf;   /* points to ifreq */
 
-static int nmatch();
+static int nmatch(u_char *ca, u_char *cb);
 
 /* Return a pointer to the interface struct for the passed address. */
 struct ifreq *

Modified: head/libexec/bootpd/tools/bootptest/bootptest.c
==
--- head/libexec/bootpd/tools/bootptest/bootptest.c Sun Mar 26 14:31:29 
2017(r315986)
+++ head/libexec/bootpd/tools/bootptest/bootptest.c Sun Mar 26 14:37:12 
2017(r315987)
@@ -71,7 +71,7 @@ char *usage = "bootptest [-h] server-nam
 
 #include "patchlevel.h"
 
-static void send_request();
+static void send_request(int s);
 
 #define LOG_ERR 1
 #define BUFLEN 1024
@@ -122,9 +122,6 @@ unsigned char vm_cmu[4] = VM_CMU;
 unsigned char vm_rfc1048[4] = VM_RFC1048;
 short secs;/* How long client has 
waited */
 
-char *get_errmsg();
-extern void bootp_print();
-
 /*
  * Initialization such as command-line processing is done, then
  * the receiver loop is started.  Die when interrupted.
@@ -429,7 +426,7 @@ main(argc, argv)
/* set globals needed by bootp_print() */
snaplen = n;
snapend = (unsigned char *) rcvbuf + snaplen;
-   bootp_print(rcvbuf, n, sin_from.sin_port, 0);
+   bootp_print((struct bootp *)rcvbuf, n, sin_from.sin_port, 0);
putchar('\n');
/*
 * This no longer exits immediately after receiving
@@ -447,7 +444,7 @@ send_request(s)
 {
/* Print the request packet. */
printf("Sending to %s", inet_ntoa(sin_server.sin_addr));
-   bootp_print(sndbuf, snaplen, sin_from.sin_port, 0);
+   bootp_print((struct bootp *)sndbuf, snaplen, sin_from.sin_port, 0);
putchar('\n');
 
/* Send the request packet. */

Modified: head/libexec/bootpd/tools/bootptest/bootptest.h
==
--- head/libexec/bootpd/tools/bootptest/bootptest.h Sun Mar 26 14:31:29 
2017(r315986)
+++ head/libexec/bootpd/tools/bootptest/bootptest.h Sun Mar 26 14:37:12 
2017(r315987)
@@ -20,4 +20,7 @@ extern int vflag; /* verbose flag */
 extern unsigned char *packetp;
 extern unsigned char *snapend;
 
-extern char *ipaddr_string(struct in_addr *);
+voidbootp_print(struct bootp *bp, int length, u_short sport,
+   u_short dport);
+char   *ipaddr_string(struct in_addr *);
+int printfn(u_char *s, u_char *ep);

Modified: head/libexec/bootpd/tools/bootptest/print-bootp.c
==
--- head/libexec/bootpd/tools/bootptest/print-bootp.c   Sun Mar 26 14:31:29 
2017(r315986)
+++ head/libexec/bootpd/tools/bootptest/print-bootp.c   Sun Mar 26 14:37:12 
2017(r315987)
@@ -42,11 +42,10 @@
 #include "bootptest.h"
 
 /* These decode the vendor data. */
-extern int printfn();
-static void rfc1048_print();
-static void cmu_print();
-static void other_print();
-static void dump_hex();
+static void rfc1048_print(u_char *bp, int length);
+static void cmu_print(u_char *bp, int length);
+static void other_print(u_char *bp, int length);
+static void dump_hex(u_char *bp, int len);
 
 /*
  * Print bootp requests
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r315862 - head/lib/libcasper/libcasper

[Robert Watson]

Author: rwatson
Date: Thu Mar 23 14:35:21 2017
New Revision: 315862
URL: https://svnweb.freebsd.org/changeset/base/315862

Log:
  In libcasper, prefer to send a function index or service name over the IPC
  channel to a zygote process, rather than sending a function pointer or
  service pointer.  This avoids transfering pointers between address spaces,
  which while robust in this case (due to the zygote being forked() from the
  parent) is not generally a good idea, especially in the presence of
  increasingly popular control-flow integrity and pointer protection
  mitigation schemes.  With this change, ping(8) and other sandboxed tools
  using libcasper for DNS resolution now work on architectures with tagged
  memory again.
  
  Reviewed by:  oshogbo
  MFC after:1 week
  Sponsored by: DARPA, AFRL

Modified:
  head/lib/libcasper/libcasper/libcasper_service.c
  head/lib/libcasper/libcasper/zygote.c
  head/lib/libcasper/libcasper/zygote.h

Modified: head/lib/libcasper/libcasper/libcasper_service.c
==
--- head/lib/libcasper/libcasper/libcasper_service.cThu Mar 23 14:12:21 
2017(r315861)
+++ head/lib/libcasper/libcasper/libcasper_service.cThu Mar 23 14:35:21 
2017(r315862)
@@ -1,11 +1,16 @@
 /*-
  * Copyright (c) 2012 The FreeBSD Foundation
  * Copyright (c) 2015 Mariusz Zaborski 
+ * Copyright (c) 2017 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
  *
+ * This software was developed by SRI International and the University of
+ * Cambridge Computer Laboratory under DARPA/AFRL contract (FA8750-10-C-0237)
+ * ("CTSRD"), as part of the DARPA CRASH research programme.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -130,18 +135,25 @@ casper_limit(const nvlist_t *oldlimits, 
return (0);
 }
 
-static void
+void
 service_execute(int chanfd)
 {
+   struct casper_service *casserv;
struct service *service;
+   const char *servname;
nvlist_t *nvl;
int procfd;
 
nvl = nvlist_recv(chanfd, 0);
if (nvl == NULL)
exit(1);
-   service = (struct service *)(uintptr_t)nvlist_take_number(nvl,
-   "service");
+   if (!nvlist_exists_string(nvl, "service"))
+   exit(1);
+   servname = nvlist_get_string(nvl, "service");
+   casserv = service_find(servname);
+   if (casserv == NULL)
+   exit(1);
+   service = casserv->cs_service;
procfd = nvlist_take_descriptor(nvl, "procfd");
nvlist_destroy(nvl);
 
@@ -172,12 +184,11 @@ casper_command(const char *cmd, const nv
if (!casper_allowed_service(limits, servname))
return (ENOTCAPABLE);
 
-   if (zygote_clone(service_execute, , ) == -1)
+   if (zygote_clone_service_execute(, ) == -1)
return (errno);
 
nvl = nvlist_create(0);
-   nvlist_add_number(nvl, "service",
-   (uint64_t)(uintptr_t)casserv->cs_service);
+   nvlist_add_string(nvl, "service", servname);
nvlist_move_descriptor(nvl, "procfd", procfd);
if (nvlist_send(chanfd, nvl) == -1) {
error = errno;

Modified: head/lib/libcasper/libcasper/zygote.c
==
--- head/lib/libcasper/libcasper/zygote.c   Thu Mar 23 14:12:21 2017
(r315861)
+++ head/lib/libcasper/libcasper/zygote.c   Thu Mar 23 14:35:21 2017
(r315862)
@@ -1,11 +1,16 @@
 /*-
  * Copyright (c) 2012 The FreeBSD Foundation
  * Copyright (c) 2015 Mariusz Zaborski 
- * All rights reserved.
+ * Copyright (c) 2017 Robert N. M. Watson
  *
  * This software was developed by Pawel Jakub Dawidek under sponsorship from
  * the FreeBSD Foundation.
  *
+ * All rights reserved.
+ * This software was developed by SRI International and the University of
+ * Cambridge Computer Laboratory under DARPA/AFRL contract (FA8750-10-C-0237)
+ * ("CTSRD"), as part of the DARPA CRASH research programme.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -50,8 +55,10 @@ __FBSDID("$FreeBSD$");
 /* Zygote info. */
 static int zygote_sock = -1;
 
+#defineZYGOTE_SERVICE_EXECUTE  1
+
 int
-zygote_clone(zygote_func_t *func, int *chanfdp, int *procfdp)
+zygote_clone(uint64_t funcidx, int *chanfdp, int *procfdp)
 {
nvlist_t *nvl;
int error;
@@ -63,7 +70,7 @@ zygote_clone(zygote_func_t *func, int *c
}
 
nvl = nvlist_create(0);
-   nvlist_add_number(nvl, "func", (uint64_t)(uintptr_t)func);
+   nvlist_add_number(nvl, "funcidx", funcidx);
nvl = 

svn commit: r312922 - head/sys/dev/altera/avgen

[Robert Watson]

Author: rwatson
Date: Sat Jan 28 13:25:06 2017
New Revision: 312922
URL: https://svnweb.freebsd.org/changeset/base/312922

Log:
  Merge enhancements to the ALTERA Avalon bus generic device attachment
  driver to support exposing a GEOM device, which can be used to mount
  Avalon-attached ROMs, reserved areas of DRAM, etc, as a filesystem:
  
  commit 9deb1e60eaaaf7a3687e48c58af5efd756f32ec6
  Author: Robert N. M. Watson 
  Date:   Sat Mar 5 20:33:12 2016 +
  
  Use format strings with make_dev(9) in avgen(4).
  
  commit 0bf2176c23e7425bfa042c08a24f8a25fe6d8885
  Author: Robert N. M. Watson 
  Date:   Tue Mar 1 10:23:23 2016 +
  
  Implement a new "geomio" configuration argument to altera_avgen(4),
  the generic I/O device we attach to various BERI peripherals.  The new
  option requests that, instead of exposing the underlying device via a
  special device node in /dev, it instead be exposed via geom(4),
  allowing it to be used with filesystems.  The current implementation
  does not allow a device to be exposed both for file/mmap and geom, so
  one of the two models must be selected when configuring it via FDT or
  device.hints.  A typical use of the new option will be:
  
sri-cambridge,geomio = "rw";
  
  MFC after:1 week
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/dev/altera/avgen/altera_avgen.c
  head/sys/dev/altera/avgen/altera_avgen.h
  head/sys/dev/altera/avgen/altera_avgen_fdt.c
  head/sys/dev/altera/avgen/altera_avgen_nexus.c

Modified: head/sys/dev/altera/avgen/altera_avgen.c
==
--- head/sys/dev/altera/avgen/altera_avgen.cSat Jan 28 13:09:18 2017
(r312921)
+++ head/sys/dev/altera/avgen/altera_avgen.cSat Jan 28 13:25:06 2017
(r312922)
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2012-2013 Robert N. M. Watson
+ * Copyright (c) 2012-2013, 2016 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed by SRI International and the University of
@@ -32,6 +32,7 @@
 __FBSDID("$FreeBSD$");
 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -45,6 +46,8 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#include 
+
 #include 
 #include 
 
@@ -65,14 +68,19 @@ static d_mmap_t altera_avgen_mmap;
 static d_read_t altera_avgen_read;
 static d_write_t altera_avgen_write;
 
+#defineALTERA_AVGEN_DEVNAME"altera_avgen"
+#defineALTERA_AVGEN_DEVNAME_FMT(ALTERA_AVGEN_DEVNAME "%d")
+
 static struct cdevsw avg_cdevsw = {
.d_version =D_VERSION,
.d_mmap =   altera_avgen_mmap,
.d_read =   altera_avgen_read,
.d_write =  altera_avgen_write,
-   .d_name =   "altera_avgen",
+   .d_name =   ALTERA_AVGEN_DEVNAME,
 };
 
+#defineALTERA_AVGEN_SECTORSIZE 512 /* Not configurable at this 
time. */
+
 static int
 altera_avgen_read(struct cdev *dev, struct uio *uio, int flag)
 {
@@ -227,11 +235,103 @@ altera_avgen_mmap(struct cdev *dev, vm_o
return (0);
 }
 
+/*
+ * NB: We serialise block reads and writes in case the OS is generating
+ * concurrent I/O against the same block, in which case we want one I/O (or
+ * another) to win.  This is not sufficient to provide atomicity for the
+ * sector in the presence of a fail stop -- however, we're just writing this
+ * to non-persistent DRAM .. right?
+ */
+static void
+altera_avgen_disk_strategy(struct bio *bp)
+{
+   struct altera_avgen_softc *sc;
+   void *data;
+   long bcount;
+   daddr_t pblkno;
+
+   sc = bp->bio_disk->d_drv1;
+   data = bp->bio_data;
+   bcount = bp->bio_bcount;
+   pblkno = bp->bio_pblkno;
+
+   /*
+* Serialize block reads / writes.
+*/
+   mtx_lock(>avg_disk_mtx);
+   switch (bp->bio_cmd) {
+   case BIO_READ:
+   if (!(sc->avg_flags & ALTERA_AVALON_FLAG_GEOM_READ)) {
+   biofinish(bp, NULL, EIO);
+   break;
+   }
+   switch (sc->avg_width) {
+   case 1:
+   bus_read_region_1(sc->avg_res,
+   bp->bio_pblkno * ALTERA_AVGEN_SECTORSIZE,
+   (uint8_t *)data, bcount);
+   break;
+
+   case 2:
+   bus_read_region_2(sc->avg_res,
+   bp->bio_pblkno * ALTERA_AVGEN_SECTORSIZE,
+   (uint16_t *)data, bcount / 2);
+   break;
+
+   case 4:
+   bus_read_region_4(sc->avg_res,
+   bp->bio_pblkno * ALTERA_AVGEN_SECTORSIZE,
+   (uint32_t *)data, bcount / 4);
+   break;
+
+   default:
+   panic("%s: unexpected width %u", __func__,
+   

svn commit: r312920 - head/sys/dev/altera/jtag_uart

[Robert Watson]

Author: rwatson
Date: Sat Jan 28 12:43:19 2017
New Revision: 312920
URL: https://svnweb.freebsd.org/changeset/base/312920

Log:
  Merge robustness improvements for the ALTERA JTAG UART driver from
  CheriBSD, which attempt to work around an inherent race in the UART's
  control-register design in detecting whether JTAG is currently,
  present, which will otherwise lead to moderately frequent output
  drops when running in polled rather than interrupt-driven operation.
  Now, these drops are quite infrequent.
  
  commit 9f33fddac9215e32781a4f016ba17eab804fb6d4
  Author: Robert N. M. Watson 
  Date:   Thu Jul 16 17:34:12 2015 +
  
  Add a new sysctl, hw.altera_jtag_uart.ac_poll_delay, which allows the
  (default 10ms) delay associated with a full JTAG UART buffer combined
  with a lack of a JTAG-present flag to be tuned.  Setting this higher
  may cause some JTAG configurations to be more reliable when printing
  out low-level console output at a speed greater than the JTAG UART is
  willing to carry data.  Or it may not.
  
  commit 73992ef7607738b2973736e409ccd644b30eadba
  Author: Robert N. M. Watson 
  Date:   Sun Jan 1 15:13:07 2017 +
  
  Minor improvements to the Altera JTAG UART device driver:
  
  - Minor rework to the logic to detect JTAG presence in order to be a bit
more resilient to inevitable races: increase the retry period from two
seconds to four seconds for trying to find JTAG, and more agressively
clear the miss counter if JTAG has been reconnected.  Once JTAG has
vanished, stop prodding the miss counter.
  
  - Do a bit of reworking of the output code to frob the control register
less by checking whether write interrupts are enabled/disabled before
changing their state.  This should reduce the opportunity for races
with JTAG discovery (which are inherent to the Altera
hardware-software interface, but can at least be minimised).
  
  - Add statistics relating to interrupt enable/disable/JTAG
discovery/etc.
  
  With these changes, polled-mode JTAG UART ttys appear substantially
  more robust.
  
  MFC after:1 week
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/dev/altera/jtag_uart/altera_jtag_uart_cons.c
  head/sys/dev/altera/jtag_uart/altera_jtag_uart_tty.c

Modified: head/sys/dev/altera/jtag_uart/altera_jtag_uart_cons.c
==
--- head/sys/dev/altera/jtag_uart/altera_jtag_uart_cons.c   Sat Jan 28 
12:26:22 2017(r312919)
+++ head/sys/dev/altera/jtag_uart/altera_jtag_uart_cons.c   Sat Jan 28 
12:43:19 2017(r312920)
@@ -40,6 +40,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 
@@ -49,6 +50,9 @@ __FBSDID("$FreeBSD$");
 
 devclass_t altera_jtag_uart_devclass;
 
+static SYSCTL_NODE(_hw, OID_AUTO, altera_jtag_uart, CTLFLAG_RW, 0,
+"Altera JTAG UART configuration knobs");
+
 /*
  * One-byte buffer as we can't check whether the UART is readable without
  * actually reading from it, synchronised by a spinlock; this lock also
@@ -82,6 +86,11 @@ static cn_ungrab_t   aju_cnungrab;
  * no AC bit set.
  */
 #defineALTERA_JTAG_UART_AC_POLL_DELAY  1
+static u_int   altera_jtag_uart_ac_poll_delay =
+   ALTERA_JTAG_UART_AC_POLL_DELAY;
+SYSCTL_UINT(_hw_altera_jtag_uart, OID_AUTO, ac_poll_delay,
+CTLFLAG_RW, _jtag_uart_ac_poll_delay, 0,
+"Maximum delay waiting for JTAG present flag when buffer is full");
 
 /*
  * I/O routines lifted from Deimos.  This is not only MIPS-specific, but also
@@ -220,10 +229,10 @@ aju_cons_write(char ch)
 * layer clearing of the bit doesn't trigger a TTY-layer
 * disconnection.
 *
-* XXXRW: The polling delay may require tuning.
-*
 * XXXRW: Notice the inherent race with hardware: in clearing the
-* bit, we may race with hardware setting the same bit.
+* bit, we may race with hardware setting the same bit.  This can
+* cause real-world reliability problems due to lost output on the
+* console.
 */
v = aju_cons_control_read();
if (v & ALTERA_JTAG_UART_CONTROL_AC) {
@@ -235,7 +244,7 @@ aju_cons_write(char ch)
while ((v & ALTERA_JTAG_UART_CONTROL_WSPACE) == 0) {
if (!aju_cons_jtag_present)
return;
-   DELAY(ALTERA_JTAG_UART_AC_POLL_DELAY);
+   DELAY(altera_jtag_uart_ac_poll_delay);
v = aju_cons_control_read();
if (v & ALTERA_JTAG_UART_CONTROL_AC) {
aju_cons_jtag_present = 1;

Modified: head/sys/dev/altera/jtag_uart/altera_jtag_uart_tty.c
==
--- head/sys/dev/altera/jtag_uart/altera_jtag_uart_tty.cSat 

svn commit: r312919 - head/tests/sys/aio

[Robert Watson]

Author: rwatson
Date: Sat Jan 28 12:26:22 2017
New Revision: 312919
URL: https://svnweb.freebsd.org/changeset/base/312919

Log:
  Fix build of aio_test on MIPS, where the compiler warns about the local
  variable 'err' shadowing the global function err(3).  Which it does.
  
  Sponsored by: DARPA, AFRL

Modified:
  head/tests/sys/aio/aio_test.c

Modified: head/tests/sys/aio/aio_test.c
==
--- head/tests/sys/aio/aio_test.c   Sat Jan 28 11:38:51 2017
(r312918)
+++ head/tests/sys/aio/aio_test.c   Sat Jan 28 12:26:22 2017
(r312919)
@@ -188,31 +188,31 @@ aio_context_init(struct aio_context *ac,
 
 static ssize_t
 poll(struct aiocb *aio) {
-   int err;
+   int error;
 
-   while ((err = aio_error(aio)) == EINPROGRESS && !aio_timedout)
+   while ((error = aio_error(aio)) == EINPROGRESS && !aio_timedout)
usleep(25000);
-   switch (err) {
+   switch (error) {
case EINPROGRESS:
errno = EINTR;
return (-1);
case 0:
return (aio_return(aio));
default:
-   return (err);
+   return (error);
}
 }
 
 static ssize_t
 suspend(struct aiocb *aio) {
const struct aiocb *const iocbs[] = {aio};
-   int err;
+   int error;
 
-   err = aio_suspend(iocbs, 1, NULL);
-   if (err == 0)
+   error = aio_suspend(iocbs, 1, NULL);
+   if (error == 0)
return (aio_return(aio));
else
-   return (err);
+   return (error);
 }
 
 static ssize_t
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r312918 - head/sys/mips/conf

[Robert Watson]

Author: rwatson
Date: Sat Jan 28 11:38:51 2017
New Revision: 312918
URL: https://svnweb.freebsd.org/changeset/base/312918

Log:
  As with GENERIC on other architectures, include COMPAT_FREEBSD10 and
  COMPAT_FREEBSD11 in the generic BERI kernel configuration template.
  
  MFC after:1 week
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/mips/conf/BERI_TEMPLATE

Modified: head/sys/mips/conf/BERI_TEMPLATE
==
--- head/sys/mips/conf/BERI_TEMPLATESat Jan 28 09:58:00 2017
(r312917)
+++ head/sys/mips/conf/BERI_TEMPLATESat Jan 28 11:38:51 2017
(r312918)
@@ -33,6 +33,9 @@ options   KTRACE
 optionsCAPABILITY_MODE
 optionsCAPABILITIES
 
+optionsCOMPAT_FREEBSD10
+optionsCOMPAT_FREEBSD11
+
 optionsSCHED_ULE
 
 optionsFFS #Berkeley Fast Filesystem
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r309678 - in head/sys: kern sys

[Robert Watson]

Author: rwatson
Date: Wed Dec  7 16:12:27 2016
New Revision: 309678
URL: https://svnweb.freebsd.org/changeset/base/309678

Log:
  Regnerate system-call definitions following r309677 correcting a whitespace
  glitch in syscalls.master.

Modified:
  head/sys/kern/init_sysent.c
  head/sys/kern/syscalls.c
  head/sys/sys/syscall.h
  head/sys/sys/syscall.mk
  head/sys/sys/sysproto.h

Modified: head/sys/kern/init_sysent.c
==
--- head/sys/kern/init_sysent.c Wed Dec  7 16:11:55 2016(r309677)
+++ head/sys/kern/init_sysent.c Wed Dec  7 16:12:27 2016(r309678)
@@ -3,7 +3,7 @@
  *
  * DO NOT EDIT-- this file is automatically generated.
  * $FreeBSD$
- * created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 
10:50:40Z gnn 
+ * created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 
16:11:55Z rwatson
  */
 
 #include "opt_compat.h"

Modified: head/sys/kern/syscalls.c
==
--- head/sys/kern/syscalls.cWed Dec  7 16:11:55 2016(r309677)
+++ head/sys/kern/syscalls.cWed Dec  7 16:12:27 2016(r309678)
@@ -3,7 +3,7 @@
  *
  * DO NOT EDIT-- this file is automatically generated.
  * $FreeBSD$
- * created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 
10:50:40Z gnn 
+ * created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 
16:11:55Z rwatson
  */
 
 const char *syscallnames[] = {

Modified: head/sys/sys/syscall.h
==
--- head/sys/sys/syscall.h  Wed Dec  7 16:11:55 2016(r309677)
+++ head/sys/sys/syscall.h  Wed Dec  7 16:12:27 2016(r309678)
@@ -3,7 +3,7 @@
  *
  * DO NOT EDIT-- this file is automatically generated.
  * $FreeBSD$
- * created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 
10:50:40Z gnn 
+ * created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 
16:11:55Z rwatson
  */
 
 #defineSYS_syscall 0

Modified: head/sys/sys/syscall.mk
==
--- head/sys/sys/syscall.mk Wed Dec  7 16:11:55 2016(r309677)
+++ head/sys/sys/syscall.mk Wed Dec  7 16:12:27 2016(r309678)
@@ -1,7 +1,7 @@
 # FreeBSD system call object files.
 # DO NOT EDIT-- this file is automatically generated.
 # $FreeBSD$
-# created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 
10:50:40Z gnn 
+# created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 
16:11:55Z rwatson
 MIASM =  \
syscall.o \
exit.o \

Modified: head/sys/sys/sysproto.h
==
--- head/sys/sys/sysproto.h Wed Dec  7 16:11:55 2016(r309677)
+++ head/sys/sys/sysproto.h Wed Dec  7 16:12:27 2016(r309678)
@@ -3,7 +3,7 @@
  *
  * DO NOT EDIT-- this file is automatically generated.
  * $FreeBSD$
- * created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 
10:50:40Z gnn 
+ * created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 
16:11:55Z rwatson
  */
 
 #ifndef _SYS_SYSPROTO_H_
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r309677 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Wed Dec  7 16:11:55 2016
New Revision: 309677
URL: https://svnweb.freebsd.org/changeset/base/309677

Log:
  Replace spaces with tabs in definition of SCTP system calls, for consistency
  with the remainder of the syscalls.master file.  This problem does not occur
  in the freebsd32 version of the same system calls.

Modified:
  head/sys/kern/syscalls.master

Modified: head/sys/kern/syscalls.master
==
--- head/sys/kern/syscalls.master   Wed Dec  7 15:04:22 2016
(r309676)
+++ head/sys/kern/syscalls.master   Wed Dec  7 16:11:55 2016
(r309677)
@@ -838,13 +838,13 @@
 469AUE_NULLUNIMPL  __getpath_fromfd
 470AUE_NULLUNIMPL  __getpath_fromaddr
 471AUE_NULLNOSTD   { int sctp_peeloff(int sd, uint32_t name); }
-472 AUE_NULLNOSTD  { int sctp_generic_sendmsg(int sd, caddr_t msg, 
int mlen, \
-   caddr_t to, __socklen_t tolen, \
+472AUE_NULLNOSTD   { int sctp_generic_sendmsg(int sd, caddr_t msg, 
int mlen, \
+   caddr_t to, __socklen_t tolen, \
struct sctp_sndrcvinfo *sinfo, int flags); }
-473 AUE_NULLNOSTD  { int sctp_generic_sendmsg_iov(int sd, struct 
iovec *iov, int iovlen, \
-   caddr_t to, __socklen_t tolen, \
+473AUE_NULLNOSTD   { int sctp_generic_sendmsg_iov(int sd, struct 
iovec *iov, int iovlen, \
+   caddr_t to, __socklen_t tolen, \
struct sctp_sndrcvinfo *sinfo, int flags); }
-474 AUE_NULLNOSTD  { int sctp_generic_recvmsg(int sd, struct iovec 
*iov, int iovlen, \
+474AUE_NULLNOSTD   { int sctp_generic_recvmsg(int sd, struct iovec 
*iov, int iovlen, \
struct sockaddr * from, __socklen_t 
*fromlenaddr, \
struct sctp_sndrcvinfo *sinfo, int 
*msg_flags); }
 475AUE_PREAD   STD { ssize_t pread(int fd, void *buf, \
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r309326 - head/usr.bin/login

[Robert Watson]

Author: rwatson
Date: Wed Nov 30 14:02:36 2016
New Revision: 309326
URL: https://svnweb.freebsd.org/changeset/base/309326

Log:
  Clarify warning message when failing to configure audit on user login:
  when au_user_mask() fails, it's not a failure to set the audit mask,
  but to calculate the audit mask -- and hence a condfiguration-file
  issue (of some sort).
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/usr.bin/login/login_audit.c

Modified: head/usr.bin/login/login_audit.c
==
--- head/usr.bin/login/login_audit.cWed Nov 30 12:06:03 2016
(r309325)
+++ head/usr.bin/login/login_audit.cWed Nov 30 14:02:36 2016
(r309326)
@@ -80,7 +80,7 @@ au_login_success(void)
 
/* Compute and set the user's preselection mask. */
if (au_user_mask(pwd->pw_name, ) == -1)
-   errx(1, "could not set audit mask");
+   errx(1, "could not calculate audit mask");
 
/* Set the audit info for the user. */
auinfo.ai_auid = uid;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r308947 - in head/sys: kern security/audit

[Robert Watson]

Author: rwatson
Date: Tue Nov 22 00:41:24 2016
New Revision: 308947
URL: https://svnweb.freebsd.org/changeset/base/308947

Log:
  Audit 'fd' and 'cmd' arguments to fcntl(2), and when generating BSM,
  always audit the file-descriptor number and vnode information for all
  fnctl(2) commands, not just locking-related ones.  This was likely an
  oversight in the original adaptation of this code from XNU.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/kern_descrip.c
  head/sys/security/audit/audit_bsm.c

Modified: head/sys/kern/kern_descrip.c
==
--- head/sys/kern/kern_descrip.cTue Nov 22 00:27:19 2016
(r308946)
+++ head/sys/kern/kern_descrip.cTue Nov 22 00:41:24 2016
(r308947)
@@ -495,6 +495,8 @@ kern_fcntl(struct thread *td, int fd, in
p = td->td_proc;
fdp = p->p_fd;
 
+   AUDIT_ARG_FD(cmd);
+   AUDIT_ARG_CMD(cmd);
switch (cmd) {
case F_DUPFD:
tmp = arg;

Modified: head/sys/security/audit/audit_bsm.c
==
--- head/sys/security/audit/audit_bsm.c Tue Nov 22 00:27:19 2016
(r308946)
+++ head/sys/security/audit/audit_bsm.c Tue Nov 22 00:41:24 2016
(r308947)
@@ -979,10 +979,7 @@ kaudit_to_bsm(struct kaudit_record *kar,
au_fcntl_cmd_to_bsm(ar->ar_arg_cmd));
kau_write(rec, tok);
}
-   if (ar->ar_arg_cmd == F_GETLK || ar->ar_arg_cmd == F_SETLK ||
-   ar->ar_arg_cmd == F_SETLKW) {
-   FD_VNODE1_TOKENS;
-   }
+   FD_VNODE1_TOKENS;
break;
 
case AUE_FCHFLAGS:
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r304544 - in head/sys: kern security/audit

[Robert Watson]

Author: rwatson
Date: Sat Aug 20 20:28:08 2016
New Revision: 304544
URL: https://svnweb.freebsd.org/changeset/base/304544

Log:
  Audit the accepted (or rejected) username argument to setlogin(2).
  
  (NB: This was likely a mismerge from XNU in audit support, where the
  text argument to setlogin(2) is captured -- but as a text token,
  whereas this change uses the dedicated login-name field in struct
  audit_record.)
  
  MFC after:2 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/kern_prot.c
  head/sys/security/audit/audit.h
  head/sys/security/audit/audit_bsm.c

Modified: head/sys/kern/kern_prot.c
==
--- head/sys/kern/kern_prot.c   Sat Aug 20 20:15:36 2016(r304543)
+++ head/sys/kern/kern_prot.c   Sat Aug 20 20:28:08 2016(r304544)
@@ -2105,6 +2105,7 @@ sys_setlogin(struct thread *td, struct s
error = EINVAL;
return (error);
}
+   AUDIT_ARG_LOGIN(logintmp);
PROC_LOCK(p);
SESS_LOCK(p->p_session);
strcpy(p->p_session->s_login, logintmp);

Modified: head/sys/security/audit/audit.h
==
--- head/sys/security/audit/audit.h Sat Aug 20 20:15:36 2016
(r304543)
+++ head/sys/security/audit/audit.h Sat Aug 20 20:28:08 2016
(r304544)
@@ -212,6 +212,11 @@ voidaudit_thread_free(struct thread *t
audit_arg_groupset((gidset), (gidset_size));\
 } while (0)
 
+#defineAUDIT_ARG_LOGIN(login) do { 
\
+   if (AUDITING_TD(curthread)) \
+   audit_arg_login((login));   \
+} while (0)
+
 #defineAUDIT_ARG_MODE(mode) do {   
\
if (AUDITING_TD(curthread)) \
audit_arg_mode((mode)); \
@@ -354,6 +359,7 @@ void audit_thread_free(struct thread *t
 #defineAUDIT_ARG_FFLAGS(fflags)
 #defineAUDIT_ARG_GID(gid)
 #defineAUDIT_ARG_GROUPSET(gidset, gidset_size)
+#defineAUDIT_ARG_LOGIN(login)
 #defineAUDIT_ARG_MODE(mode)
 #defineAUDIT_ARG_OWNER(uid, gid)
 #defineAUDIT_ARG_PID(pid)

Modified: head/sys/security/audit/audit_bsm.c
==
--- head/sys/security/audit/audit_bsm.c Sat Aug 20 20:15:36 2016
(r304543)
+++ head/sys/security/audit/audit_bsm.c Sat Aug 20 20:28:08 2016
(r304544)
@@ -1394,8 +1394,8 @@ kaudit_to_bsm(struct kaudit_record *kar,
break;
 
case AUE_SETLOGIN:
-   if (ARG_IS_VALID(kar, ARG_TEXT)) {
-   tok = au_to_text(ar->ar_arg_text);
+   if (ARG_IS_VALID(kar, ARG_LOGIN)) {
+   tok = au_to_text(ar->ar_arg_login);
kau_write(rec, tok);
}
break;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r304537 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Sat Aug 20 18:51:48 2016
New Revision: 304537
URL: https://svnweb.freebsd.org/changeset/base/304537

Log:
  Audit additional vnode information in the implementation of the
  ftruncate(2) system call.  This was not required by the Common
  Criteria, which needed only open-time audit.
  
  MFC after:2 weeks
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/vfs_vnops.c

Modified: head/sys/kern/vfs_vnops.c
==
--- head/sys/kern/vfs_vnops.c   Sat Aug 20 18:45:25 2016(r304536)
+++ head/sys/kern/vfs_vnops.c   Sat Aug 20 18:51:48 2016(r304537)
@@ -1302,6 +1302,7 @@ vn_truncate(struct file *fp, off_t lengt
if (error)
goto out1;
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
+   AUDIT_ARG_VNODE1(vp);
if (vp->v_type == VDIR) {
error = EISDIR;
goto out;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Re: svn commit: r302577 - head/sys/dev/drm2

[Robert Watson]

On Mon, 11 Jul 2016, Garrett Cooper wrote:


 Add missing default case to capable(..) function definition

 By definition (enum __drm_capabilities), cases other than CAP_SYS_ADMIN
 aren't possible. Add in a KASSERT safety belt and return false in
 !INVARIANTS case if an invalid value is passed in, as it would be a
 programmer error.

 This fixes a -Wreturn-type error with gcc 5.3.0.

 Differential Revision: https://reviews.freebsd.org/D7188
 MFC after: 1 week
 Reported by:   devel/amd64-gcc (5.3.0)
 Reviewed by:   dumbbell
 Sponsored by:  EMC / Isilon Storage Division


Per my comment in the review, I think a panic() here would be preferable to a 
KASSERT(), as it would come without perceptible runtime cost, and failstop the 
system if we were violating a design-time security invariant.


Robert
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302564 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Mon Jul 11 13:06:17 2016
New Revision: 302564
URL: https://svnweb.freebsd.org/changeset/base/302564

Log:
  Add AUE_WAIT6 handling to the BSM conversion switch statement, reusing
  the BSM encoding used for AUE_WAIT4.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/security/audit/audit_bsm.c

Modified: head/sys/security/audit/audit_bsm.c
==
--- head/sys/security/audit/audit_bsm.c Mon Jul 11 13:01:42 2016
(r302563)
+++ head/sys/security/audit/audit_bsm.c Mon Jul 11 13:06:17 2016
(r302564)
@@ -1606,6 +1606,7 @@ kaudit_to_bsm(struct kaudit_record *kar,
break;
 
case AUE_WAIT4:
+   case AUE_WAIT6:
PROCESS_PID_TOKENS(1);
if (ARG_IS_VALID(kar, ARG_VALUE)) {
tok = au_to_arg32(3, "options", ar->ar_arg_value);
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302526 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Sun Jul 10 14:17:36 2016
New Revision: 302526
URL: https://svnweb.freebsd.org/changeset/base/302526

Log:
  In process-descriptor close(2) and fstat(2), audit target process
  information.  pgkill(2) already audits target process ID.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/sys_procdesc.c

Modified: head/sys/kern/sys_procdesc.c
==
--- head/sys/kern/sys_procdesc.cSun Jul 10 13:42:33 2016
(r302525)
+++ head/sys/kern/sys_procdesc.cSun Jul 10 14:17:36 2016
(r302526)
@@ -1,10 +1,15 @@
 /*-
- * Copyright (c) 2009 Robert N. M. Watson
+ * Copyright (c) 2009, 2016 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed at the University of Cambridge Computer
  * Laboratory with support from a grant from Google, Inc.
  *
+ * Portions of this software were developed by BAE Systems, the University of
+ * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL
+ * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent
+ * Computing (TC) research program.
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -383,6 +388,7 @@ procdesc_close(struct file *fp, struct t
sx_xunlock(_lock);
} else {
PROC_LOCK(p);
+   AUDIT_ARG_PROCESS(p);
if (p->p_state == PRS_ZOMBIE) {
/*
 * If the process is already dead and just awaiting
@@ -529,6 +535,7 @@ procdesc_stat(struct file *fp, struct st
sx_slock(_lock);
if (pd->pd_proc != NULL) {
PROC_LOCK(pd->pd_proc);
+   AUDIT_ARG_PROCESS(pd->pd_proc);
 
/* Set birth and [acm] times to process start time. */
pstart = pd->pd_proc->p_stats->p_start;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302525 - in head/sys: kern sys

[Robert Watson]

Author: rwatson
Date: Sun Jul 10 13:42:33 2016
New Revision: 302525
URL: https://svnweb.freebsd.org/changeset/base/302525

Log:
  Do allow auditing of read(2) and write(2) system calls, by assigning
  those system calls audit event identifiers AUE_READ and AUE_WRITE.
  While auditing file-descriptor I/O is not required by the Common
  Criteria, in practice this proves useful for both live and forensic
  analysis.
  
  NB: freebsd32 already assigns AUE_READ and AUE_WRITE to read(2) and
  write(2).
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/init_sysent.c
  head/sys/kern/syscalls.master
  head/sys/sys/sysproto.h

Modified: head/sys/kern/init_sysent.c
==
--- head/sys/kern/init_sysent.c Sun Jul 10 11:49:10 2016(r302524)
+++ head/sys/kern/init_sysent.c Sun Jul 10 13:42:33 2016(r302525)
@@ -49,8 +49,8 @@ struct sysent sysent[] = {
{ 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC },  
/* 0 = syscall */
{ AS(sys_exit_args), (sy_call_t *)sys_sys_exit, AUE_EXIT, NULL, 0, 0, 
SYF_CAPENABLED, SY_THR_STATIC },  /* 1 = exit */
{ 0, (sy_call_t *)sys_fork, AUE_FORK, NULL, 0, 0, SYF_CAPENABLED, 
SY_THR_STATIC },  /* 2 = fork */
-   { AS(read_args), (sy_call_t *)sys_read, AUE_NULL, NULL, 0, 0, 
SYF_CAPENABLED, SY_THR_STATIC },  /* 3 = read */
-   { AS(write_args), (sy_call_t *)sys_write, AUE_NULL, NULL, 0, 0, 
SYF_CAPENABLED, SY_THR_STATIC },/* 4 = write */
+   { AS(read_args), (sy_call_t *)sys_read, AUE_READ, NULL, 0, 0, 
SYF_CAPENABLED, SY_THR_STATIC },  /* 3 = read */
+   { AS(write_args), (sy_call_t *)sys_write, AUE_WRITE, NULL, 0, 0, 
SYF_CAPENABLED, SY_THR_STATIC },   /* 4 = write */
{ AS(open_args), (sy_call_t *)sys_open, AUE_OPEN_RWTC, NULL, 0, 0, 
SYF_CAPENABLED, SY_THR_STATIC }, /* 5 = open */
{ AS(close_args), (sy_call_t *)sys_close, AUE_CLOSE, NULL, 0, 0, 
SYF_CAPENABLED, SY_THR_STATIC },   /* 6 = close */
{ AS(wait4_args), (sy_call_t *)sys_wait4, AUE_WAIT4, NULL, 0, 0, 0, 
SY_THR_STATIC },/* 7 = wait4 */

Modified: head/sys/kern/syscalls.master
==
--- head/sys/kern/syscalls.master   Sun Jul 10 11:49:10 2016
(r302524)
+++ head/sys/kern/syscalls.master   Sun Jul 10 13:42:33 2016
(r302525)
@@ -62,9 +62,9 @@
 1  AUE_EXITSTD { void sys_exit(int rval); } exit \
sys_exit_args void
 2  AUE_FORKSTD { int fork(void); }
-3  AUE_NULLSTD { ssize_t read(int fd, void *buf, \
+3  AUE_READSTD { ssize_t read(int fd, void *buf, \
size_t nbyte); }
-4  AUE_NULLSTD { ssize_t write(int fd, const void *buf, \
+4  AUE_WRITE   STD { ssize_t write(int fd, const void *buf, \
size_t nbyte); }
 5  AUE_OPEN_RWTC   STD { int open(char *path, int flags, int mode); }
 ; XXX should be{ int open(const char *path, int flags, ...); }

Modified: head/sys/sys/sysproto.h
==
--- head/sys/sys/sysproto.h Sun Jul 10 11:49:10 2016(r302524)
+++ head/sys/sys/sysproto.h Sun Jul 10 13:42:33 2016(r302525)
@@ -2508,8 +2508,8 @@ int   freebsd10_pipe(struct thread *, stru
 #defineSYS_AUE_syscall AUE_NULL
 #defineSYS_AUE_exitAUE_EXIT
 #defineSYS_AUE_forkAUE_FORK
-#defineSYS_AUE_readAUE_NULL
-#defineSYS_AUE_write   AUE_NULL
+#defineSYS_AUE_readAUE_READ
+#defineSYS_AUE_write   AUE_WRITE
 #defineSYS_AUE_openAUE_OPEN_RWTC
 #defineSYS_AUE_close   AUE_CLOSE
 #defineSYS_AUE_wait4   AUE_WAIT4
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302524 - head/sys/vm

[Robert Watson]

Author: rwatson
Date: Sun Jul 10 11:49:10 2016
New Revision: 302524
URL: https://svnweb.freebsd.org/changeset/base/302524

Log:
  When mmap(2) is used with a vnode, capture vnode attributes in the
  audit trail.  This was not required for Common Criteria auditing
  (which requires only that the intent to read or write be audited
  at the time of open(2)), but is useful for contemporary live
  analysis and forensics.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/vm/vm_mmap.c

Modified: head/sys/vm/vm_mmap.c
==
--- head/sys/vm/vm_mmap.c   Sun Jul 10 10:53:50 2016(r302523)
+++ head/sys/vm/vm_mmap.c   Sun Jul 10 11:49:10 2016(r302524)
@@ -1245,6 +1245,7 @@ vm_mmap_vnode(struct thread *td, vm_size
locktype = LK_SHARED;
if ((error = vget(vp, locktype, td)) != 0)
return (error);
+   AUDIT_ARG_VNODE1(vp);
foff = *foffp;
flags = *flagsp;
obj = vp->v_object;
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302519 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Sun Jul 10 09:50:21 2016
New Revision: 302519
URL: https://svnweb.freebsd.org/changeset/base/302519

Log:
  Audit the file-descriptor number argument for openat(2).  Remove a comment
  about the desirability of auditing the number, as it was in fact in the
  wrong place (in the common path for open(2) and openat(2), and only the
  latter accepts a file-descriptor argument).  Where other ABIs support
  openat(2), it may be necessary to do additional argument auditing as it is
  not performed in kern_openat(9).
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/vfs_syscalls.c

Modified: head/sys/kern/vfs_syscalls.c
==
--- head/sys/kern/vfs_syscalls.cSun Jul 10 08:38:10 2016
(r302518)
+++ head/sys/kern/vfs_syscalls.cSun Jul 10 09:50:21 2016
(r302519)
@@ -942,6 +942,7 @@ int
 sys_openat(struct thread *td, struct openat_args *uap)
 {
 
+   AUDIT_ARG_FD(uap->fd);
return (kern_openat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag,
uap->mode));
 }
@@ -962,7 +963,6 @@ kern_openat(struct thread *td, int fd, c
 
AUDIT_ARG_FFLAGS(flags);
AUDIT_ARG_MODE(mode);
-   /* XXX: audit dirfd */
cap_rights_init(, CAP_LOOKUP);
flags_to_rights(flags, );
/*
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302514 - in head/sys: kern vm

[Robert Watson]

Author: rwatson
Date: Sun Jul 10 08:04:02 2016
New Revision: 302514
URL: https://svnweb.freebsd.org/changeset/base/302514

Log:
  Audit file-descriptor arguments to I/O system calls such as
  read(2), write(2), dup(2), and mmap(2).  This auditing is not
  required by the Common Criteria (and hence was not being
  performed), but is valuable in both contemporary live analysis
  and forensic use cases.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/kern/kern_descrip.c
  head/sys/kern/sys_generic.c
  head/sys/vm/vm_mmap.c

Modified: head/sys/kern/kern_descrip.c
==
--- head/sys/kern/kern_descrip.cSun Jul 10 04:33:16 2016
(r302513)
+++ head/sys/kern/kern_descrip.cSun Jul 10 08:04:02 2016
(r302514)
@@ -820,6 +820,9 @@ kern_dup(struct thread *td, u_int mode, 
MPASS((flags & ~(FDDUP_FLAG_CLOEXEC)) == 0);
MPASS(mode < FDDUP_LASTMODE);
 
+   AUDIT_ARG_FD(old);
+   /* XXXRW: if (flags & FDDUP_FIXED) AUDIT_ARG_FD2(new); */
+
/*
 * Verify we have a valid descriptor to dup from and possibly to
 * dup to. Unlike dup() and dup2(), fcntl()'s F_DUPFD should

Modified: head/sys/kern/sys_generic.c
==
--- head/sys/kern/sys_generic.c Sun Jul 10 04:33:16 2016(r302513)
+++ head/sys/kern/sys_generic.c Sun Jul 10 08:04:02 2016(r302514)
@@ -363,6 +363,8 @@ dofileread(td, fd, fp, auio, offset, fla
struct uio *ktruio = NULL;
 #endif
 
+   AUDIT_ARG_FD(fd);
+
/* Finish zero length reads right here */
if (auio->uio_resid == 0) {
td->td_retval[0] = 0;
@@ -576,6 +578,7 @@ dofilewrite(td, fd, fp, auio, offset, fl
struct uio *ktruio = NULL;
 #endif
 
+   AUDIT_ARG_FD(fd);
auio->uio_rw = UIO_WRITE;
auio->uio_td = td;
auio->uio_offset = offset;

Modified: head/sys/vm/vm_mmap.c
==
--- head/sys/vm/vm_mmap.c   Sun Jul 10 04:33:16 2016(r302513)
+++ head/sys/vm/vm_mmap.c   Sun Jul 10 08:04:02 2016(r302514)
@@ -74,6 +74,7 @@ __FBSDID("$FreeBSD$");
 #include 
 #include 
 
+#include 
 #include 
 
 #include 
@@ -206,6 +207,7 @@ sys_mmap(td, uap)
pos = uap->pos;
 
fp = NULL;
+   AUDIT_ARG_FD(uap->fd);
 
/*
 * Ignore old flags that used to be defined but did not do anything.
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r302345 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Tue Jul  5 16:37:01 2016
New Revision: 302345
URL: https://svnweb.freebsd.org/changeset/base/302345

Log:
  Call audit hooks to capture vnode attributes for three file-descriptor
  method implementations: fstat(2), close(2), and poll(2).  This change
  synchronises auditing here with similar auditing for VFS-specific system
  calls such as stat(2) that audit more complete vnode information.
  
  Sponsored by: DARPA, AFRL
  Approved by:  re (kib)
  MFC after:1 week

Modified:
  head/sys/kern/vfs_vnops.c

Modified: head/sys/kern/vfs_vnops.c
==
--- head/sys/kern/vfs_vnops.c   Tue Jul  5 14:46:06 2016(r302344)
+++ head/sys/kern/vfs_vnops.c   Tue Jul  5 16:37:01 2016(r302345)
@@ -440,6 +440,7 @@ vn_close(vp, flags, file_cred, td)
 
vn_start_write(vp, , V_WAIT);
vn_lock(vp, lock_flags | LK_RETRY);
+   AUDIT_ARG_VNODE1(vp);
if ((flags & (FWRITE | FOPENFAILED)) == FWRITE) {
VNASSERT(vp->v_writecount > 0, vp, 
("vn_close: negative writecount"));
@@ -1362,6 +1363,7 @@ vn_stat(vp, sb, active_cred, file_cred, 
int error;
u_short mode;
 
+   AUDIT_ARG_VNODE1(vp);
 #ifdef MAC
error = mac_vnode_check_stat(active_cred, file_cred, vp);
if (error)
@@ -1511,6 +1513,7 @@ vn_poll(fp, events, active_cred, td)
vp = fp->f_vnode;
 #ifdef MAC
vn_lock(vp, LK_EXCLUSIVE | LK_RETRY);
+   AUDIT_ARG_VNODE1(vp);
error = mac_vnode_check_poll(active_cred, fp->f_cred, vp);
VOP_UNLOCK(vp, 0);
if (!error)
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r301867 - head/sys/security/audit

[Robert Watson]

Author: rwatson
Date: Mon Jun 13 09:22:20 2016
New Revision: 301867
URL: https://svnweb.freebsd.org/changeset/base/301867

Log:
  Implement AUE_PREAD and AUE_PWRITE BSM conversion support, eliminating
  console warnings when pread(2) and pwrite(2) are used with full
  system-call auditing enabled.  We audit the same file-descriptor data
  for these calls as we do read(2) and write(2).
  
  Approved by:  re (kib)
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/security/audit/audit_bsm.c

Modified: head/sys/security/audit/audit_bsm.c
==
--- head/sys/security/audit/audit_bsm.c Mon Jun 13 09:02:08 2016
(r301866)
+++ head/sys/security/audit/audit_bsm.c Mon Jun 13 09:22:20 2016
(r301867)
@@ -952,6 +952,8 @@ kaudit_to_bsm(struct kaudit_record *kar,
case AUE_GETDIRENTRIESATTR:
case AUE_LSEEK:
case AUE_POLL:
+   case AUE_PREAD:
+   case AUE_PWRITE:
case AUE_READ:
case AUE_READV:
case AUE_WRITE:
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r300306 - head/sys/mips/include

[Robert Watson]

Author: rwatson
Date: Fri May 20 15:34:03 2016
New Revision: 300306
URL: https://svnweb.freebsd.org/changeset/base/300306

Log:
  Garbage collect unused prototype for clockintr().
  
  MFC after:3 days

Modified:
  head/sys/mips/include/clock.h

Modified: head/sys/mips/include/clock.h
==
--- head/sys/mips/include/clock.h   Fri May 20 15:32:48 2016
(r300305)
+++ head/sys/mips/include/clock.h   Fri May 20 15:34:03 2016
(r300306)
@@ -17,8 +17,6 @@
 
 extern int cpu_clock;
 
-extern uint32_t clockintr(uint32_t, struct trapframe *);
-
 #define wall_cmos_clock 0
 #define adjkerntz 0
 
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r298859 - in head/sys/mips: include mips

[Robert Watson]

Author: rwatson
Date: Sat Apr 30 19:29:03 2016
New Revision: 298859
URL: https://svnweb.freebsd.org/changeset/base/298859

Log:
  When attempting to satisfy mmap() requests for superpage alignment on
  64-bit MIPS, use superpage rather than physical-segment constants, or
  we may improperly fail to apply suitable alignment -- yet still allow
  mmap() to appear to succeed.
  
  Reviewed by:  sson
  MFC after:1 week
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/mips/include/param.h
  head/sys/mips/mips/pmap.c

Modified: head/sys/mips/include/param.h
==
--- head/sys/mips/include/param.h   Sat Apr 30 19:04:59 2016
(r298858)
+++ head/sys/mips/include/param.h   Sat Apr 30 19:29:03 2016
(r298859)
@@ -146,12 +146,14 @@
 #defineSEGSHIFT(PAGE_SHIFT + NPTEPGSHIFT + NPDEPGSHIFT)
 #defineNBSEG   (1ul << SEGSHIFT)
 #definePDRSHIFT(PAGE_SHIFT + NPTEPGSHIFT)
+#definePDRSIZE (1ul << PDRSHIFT)
 #definePDRMASK ((1 << PDRSHIFT) - 1)
 #else
 #defineNPDEPGSHIFT 10   /* LOG2(NPTEPG) */
 #defineSEGSHIFT(PAGE_SHIFT + NPTEPGSHIFT)
 #defineNBSEG   (1 << SEGSHIFT) /* bytes/segment */
 #definePDRSHIFTSEGSHIFT/* alias for SEG in 32 
bit */
+#definePDRSIZE (1ul << PDRSHIFT)
 #definePDRMASK ((1 << PDRSHIFT) - 1)
 #endif
 #defineNBPDR   (1 << PDRSHIFT) /* bytes/pagedir */

Modified: head/sys/mips/mips/pmap.c
==
--- head/sys/mips/mips/pmap.c   Sat Apr 30 19:04:59 2016(r298858)
+++ head/sys/mips/mips/pmap.c   Sat Apr 30 19:29:03 2016(r298859)
@@ -3299,18 +3299,18 @@ pmap_align_superpage(vm_object_t object,
 {
vm_offset_t superpage_offset;
 
-   if (size < NBSEG)
+   if (size < PDRSIZE)
return;
if (object != NULL && (object->flags & OBJ_COLORED) != 0)
offset += ptoa(object->pg_color);
-   superpage_offset = offset & SEGMASK;
-   if (size - ((NBSEG - superpage_offset) & SEGMASK) < NBSEG ||
-   (*addr & SEGMASK) == superpage_offset)
+   superpage_offset = offset & PDRMASK;
+   if (size - ((PDRSIZE - superpage_offset) & PDRMASK) < PDRSIZE ||
+   (*addr & PDRMASK) == superpage_offset)
return;
-   if ((*addr & SEGMASK) < superpage_offset)
-   *addr = (*addr & ~SEGMASK) + superpage_offset;
+   if ((*addr & PDRMASK) < superpage_offset)
+   *addr = (*addr & ~PDRMASK) + superpage_offset;
else
-   *addr = ((*addr + SEGMASK) & ~SEGMASK) + superpage_offset;
+   *addr = ((*addr + PDRMASK) & ~PDRMASK) + superpage_offset;
 }
 
 #ifdef DDB
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r296806 - head/sys/netipsec

[Robert Watson]

Author: rwatson
Date: Sun Mar 13 19:27:46 2016
New Revision: 296806
URL: https://svnweb.freebsd.org/changeset/base/296806

Log:
  Put IPSec's anouncement of its successful intialisation under bootverbose:
  now that it's a default kernel option, we don't really need to tell the
  world about it on every boot, especially as it won't be used by most users.

Modified:
  head/sys/netipsec/key.c

Modified: head/sys/netipsec/key.c
==
--- head/sys/netipsec/key.c Sun Mar 13 19:17:48 2016(r296805)
+++ head/sys/netipsec/key.c Sun Mar 13 19:27:46 2016(r296806)
@@ -7640,7 +7640,8 @@ key_init(void)
/* initialize key statistics */
keystat.getspi_count = 1;
 
-   printf("IPsec: Initialized Security Association Processing.\n");
+   if (bootverbose)
+   printf("IPsec: Initialized Security Association Processing.\n");
 }
 
 #ifdef VIMAGE
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r288662 - in head/sys/arm: arm include

[Robert Watson]

Author: rwatson
Date: Sun Oct  4 09:39:40 2015
New Revision: 288662
URL: https://svnweb.freebsd.org/changeset/base/288662

Log:
  Add missing stack unwind information to several assembly functions on
  ARMv6/7:
  
  - Define _SAVE() macro to allow unwind data to be conditionally defined for
ARM assembly code in the kernel.
  
  - Use _SAVE() to provide unwind information for bcopy_page(), and two (of
many) instances of copyin() and copyout().
  
  Reviewed by:  andrew, imp
  MFC after:3 days
  Sponsored by: University of Cambridge

Modified:
  head/sys/arm/arm/bcopy_page.S
  head/sys/arm/arm/bcopyinout.S
  head/sys/arm/include/asm.h

Modified: head/sys/arm/arm/bcopy_page.S
==
--- head/sys/arm/arm/bcopy_page.S   Sun Oct  4 09:25:57 2015
(r288661)
+++ head/sys/arm/arm/bcopy_page.S   Sun Oct  4 09:39:40 2015
(r288662)
@@ -75,7 +75,7 @@ __FBSDID("$FreeBSD$");
 #endif /* ! COPY_CHUNK */
 
 #ifndef SAVE_REGS
-#defineSAVE_REGS   stmfd   sp!, {r4-r8, lr}
+#defineSAVE_REGS   stmfd   sp!, {r4-r8, lr}; _SAVE({r4-r8, lr})
 #defineRESTORE_REGSldmfd   sp!, {r4-r8, pc}
 #endif
 
@@ -134,6 +134,7 @@ END(bcopy_page)
 
 ENTRY(bzero_page)
stmfd   sp!, {r4-r8, lr}
+   _SAVE({r4-r8, lr})
 #ifdef BIG_LOOPS
mov r2, #(PAGE_SIZE >> 9)
 #else
@@ -189,6 +190,7 @@ END(bzero_page)
 ENTRY(bcopy_page)
pld [r0]
stmfd   sp!, {r4, r5}
+   _SAVE({r4, r5})
mov ip, #32
ldr r2, [r0], #0x04 /* 0x00 */
ldr r3, [r0], #0x04 /* 0x04 */

Modified: head/sys/arm/arm/bcopyinout.S
==
--- head/sys/arm/arm/bcopyinout.S   Sun Oct  4 09:25:57 2015
(r288661)
+++ head/sys/arm/arm/bcopyinout.S   Sun Oct  4 09:39:40 2015
(r288662)
@@ -68,7 +68,7 @@ __FBSDID("$FreeBSD$");
 #endif
 
 
-#define SAVE_REGS  stmfd   sp!, {r4-r11}
+#define SAVE_REGS  stmfd   sp!, {r4-r11}; _SAVE({r4-r11})
 #define RESTORE_REGS   ldmfd   sp!, {r4-r11}
 
 #if defined(_ARM_ARCH_5E)
@@ -341,6 +341,7 @@ ENTRY(copyout)
cmp r2, r3
blt .Lnormale
stmfd   sp!, {r0-r2, r4, lr}
+   _SAVE({r0-r2, r4, lr})
mov r3, r0
mov r0, r1
mov r1, r3

Modified: head/sys/arm/include/asm.h
==
--- head/sys/arm/include/asm.h  Sun Oct  4 09:25:57 2015(r288661)
+++ head/sys/arm/include/asm.h  Sun Oct  4 09:39:40 2015(r288662)
@@ -53,10 +53,12 @@
 #defineSTOP_UNWINDING  .cantunwind
 #define_FNSTART.fnstart
 #define_FNEND  .fnend
+#define_SAVE(...)  .save __VA_ARGS__
 #else
 #defineSTOP_UNWINDING
 #define_FNSTART
 #define_FNEND
+#define_SAVE(...)
 #endif
 
 /*
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

svn commit: r281983 - head/sys/cddl/dev/profile

[Robert Watson]

Author: rwatson
Date: Sat Apr 25 15:43:12 2015
New Revision: 281983
URL: https://svnweb.freebsd.org/changeset/base/281983

Log:
  Adjust PROF_ARTIFICIAL_FRAMES in the DTrace profile provider on ARM to
  skip 10, rather than 9, frames.  This appears to work quite well in
  practice on the BeagleBone Black, so remove a comment about the value
  being bogus and replace it with a slightly less negative one.  However,
  the number of frames to skip is quite sensitive to details of the timer
  and interrupt handling paths, so this is necessarily fragile -- but no
  more so than on x86.
  
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/cddl/dev/profile/profile.c

Modified: head/sys/cddl/dev/profile/profile.c
==
--- head/sys/cddl/dev/profile/profile.c Sat Apr 25 13:34:25 2015
(r281982)
+++ head/sys/cddl/dev/profile/profile.c Sat Apr 25 15:43:12 2015
(r281983)
@@ -134,8 +134,10 @@ struct profile_probe_percpu;
 #endif
 
 #ifdef __arm__
-/* bogus */
-#definePROF_ARTIFICIAL_FRAMES  9
+/*
+ * At least on ARMv7, this appears to work quite well.
+ */
+#definePROF_ARTIFICIAL_FRAMES  10
 #endif
 
 typedef struct profile_probe {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf

[Robert Watson]

On Fri, 3 Apr 2015, Hans Petter Selasky wrote:


Will you mind if I rephrase that paragraph in the inet.4 manual page from:

This closes a minor information leak which allows remote observers to 
determine the rate of packet generation on the machine by watching the 
counter.


Into:

This prevents high-speed information exchange between internal and external 
observers using packet frequency modulation. An outside observer can ping 
the outside facing port at a fixed rate watching the counter. An inside 
observer can ping the inside facing port watching the same counter. Even 
though packets don't flow between the two ports, data can be exchanged by 
watching changes in the packet rate. It is believed that data can be 
exchanged in Kb/s range this way. Setting this sysctl also prevents remote 
and internal observers to determine the rate of packet generation on the 
machine by watching the counter.


Yes, I think this is overly alarmist, and it suggests that other covert 
channels might not exist to be exploited if the knob is set -- which isn't 
true.  We don't promise that there are no covert channels in FreeBSD, and we 
would be foolish if we did promise that.


Robert
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf

[Robert Watson]

On Fri, 3 Apr 2015, Emeric POUPON wrote:

A good ip id random would be certainly better. But the current 
implementation is far from being optimized: a lock is being held inside 
arc4rand, and another one for protecting the ip_id internals. We already 
have contention problems with the IV generated for ESP packets. The 
randomized ip id, using this implementation, is my opinion not an acceptable 
solution.


Presumably, arc4random() should draw from per-CPU PRNGs to avoid contention, 
which would have positive scalability effects elsewhere in the stack as well. 
It is, of course, important that they be seeded independently in order to 
provide different pseudo-random number sequences!


However, the point made earlier in the thread holds: I'm not convinced that 
our IP ID randomisation is suitable for use given conflation of the IP ID 
spaces.  There's just too much chance of a collision if you are actually 
seeing a lot of fragmentation with multiple 2-tuple pairs.


Robert



Regards,

Emeric


- Mail original -
De: Hans Petter Selasky h...@selasky.org
À: Gleb Smirnoff gleb...@freebsd.org
Cc: Mateusz Guzik mjgu...@gmail.com, Ian Lepore i...@freebsd.org, 
svn-src-...@freebsd.org, src-committ...@freebsd.org, Robert N. M. Watson rwat...@freebsd.org, 
svn-src-head@freebsd.org
Envoyé: Vendredi 3 Avril 2015 15:06:51
Objet: Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 
sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf

On 04/03/15 14:41, Hans Petter Selasky wrote:

On 04/03/15 13:29, Gleb Smirnoff wrote:

On Fri, Apr 03, 2015 at 12:41:54PM +0200, Hans Petter Selasky wrote:
H ip_do_randomid is zero by default, and is not documented anywhere:
H
H grep -r ip_do_randomid share/

It is documented in inet(4).

The actual sysctl knob doesn't match the kernel symbol name, which is
allowed in sysctl(9).



Hi,

Will you mind if I rephrase that paragraph in the inet.4 manual page
from:

This closes a minor information leak which allows remote observers to
determine the rate of packet generation on the machine by watching the
counter.

Into:

This prevents high-speed information exchange between internal and
external observers using packet frequency modulation. An outside
observer can ping the outside facing port at a fixed rate watching the
counter. An inside observer can ping the inside facing port watching the
same counter. Even though packets don't flow between the two ports, data
can be exchanged by watching changes in the packet rate. It is believed
that data can be exchanged in Kb/s range this way. Setting this sysctl
also prevents remote and internal observers to determine the rate of
packet generation on the machine by watching the counter.



Hi,

Maybe there will be some new applications after this discovery. No need
for uPnP any more. Could be nice to send text messages through
firewalls. Depends how many implement the IP ID counting the same way
like FreeBSD does ;-)

--HPS

___
svn-src-...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org



___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf

[Robert Watson]

On Thu, 2 Apr 2015, Mateusz Guzik wrote:

If you carefully read the thread I referred to, you would notice that on 
many arches, save amd64 and i386, all systems stats are prone to mangling 
the stats due to migration within PCPU_INC. Look here:


grep '^#define  PCPU_ADD' sys/*/include/pcpu.h

Do we have reports on not precise enough statistics, yet?


How many non-x86 installations with multiple cpus and high traffic are out 
there?


Not sure if this was a rhetorical question or not, but: quite a few.  We have 
support for several highly threaded 64-bit MIPS systems including those from 
Cavium and Broadcom (was NetLogic Micro was RMI).  Several reference systems 
are in the netperf cluster including 16- and 32-thread systems normally 
deployed in high-performance network products.  It's possible that ARMv8 
systems will gradually displayce 64-bit MIPS systems in this arena in the 
future, but hard to say.  Either way, it's not x86. :-)


Robert
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf

[Robert Watson]

On Thu, 2 Apr 2015, Hans Petter Selasky wrote:


Does somebody here know what happens in these two cases:

If we are transmitting using TSO, will the network adapter increment the 
IP ID field somehow? What happens if an outgoing IP packet resulting from 
a TSO packet get fragmented by a router?


Quite possibly -- this is presumably specified by the NIC vendor, but it 
would be good to do a bit of a survey and see what happens in practice.


In ip_fragment() when we create fragments we should increment the ip_id 
value for each fragment?


I'm asking because the code in FreeBSD, since the beginning probably, just 
copies the IP header, and use the same IP ID for all the fragments ! This 
just hit my mind after some recent work in this area.


I honestly cannot believe you are proposing that.

Please go read about how IP fragmentation works.  Having an identical IP ID in 
ip_fragment() is the point of the function!


Robert
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r280148 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Mon Mar 16 17:42:53 2015
New Revision: 280148
URL: https://svnweb.freebsd.org/changeset/base/280148

Log:
  Introduce a cap_ioctl_t used for the 'cmds' arguments to cap_ioctls_limit()
  and cap_ioctls_get().  On FreeBSD, these are 'unsigned long', but on Linux,
  ioctl(2) takes an 'int', making mild abstraction desirable.
  
  MFC after:3 days
  Sponsored by: Google, Inc.

Modified:
  head/sys/sys/capsicum.h
  head/sys/sys/types.h

Modified: head/sys/sys/capsicum.h
==
--- head/sys/sys/capsicum.h Mon Mar 16 16:29:33 2015(r280147)
+++ head/sys/sys/capsicum.h Mon Mar 16 17:42:53 2015(r280148)
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2008-2010 Robert N. M. Watson
+ * Copyright (c) 2008-2010, 2015 Robert N. M. Watson
  * Copyright (c) 2012 FreeBSD Foundation
  * All rights reserved.
  *
@@ -398,13 +398,13 @@ int __cap_rights_get(int version, int fd
 /*
  * Limits allowed ioctls for the given descriptor.
  */
-int cap_ioctls_limit(int fd, const unsigned long *cmds, size_t ncmds);
+int cap_ioctls_limit(int fd, const cap_ioctl_t *cmds, size_t ncmds);
 /*
  * Returns array of allowed ioctls for the given descriptor.
  * If all ioctls are allowed, the cmds array is not populated and
  * the function returns CAP_IOCTLS_ALL.
  */
-ssize_t cap_ioctls_get(int fd, unsigned long *cmds, size_t maxcmds);
+ssize_t cap_ioctls_get(int fd, cap_ioctl_t *cmds, size_t maxcmds);
 /*
  * Limits allowed fcntls for the given descriptor (CAP_FCNTL_*).
  */

Modified: head/sys/sys/types.h
==
--- head/sys/sys/types.hMon Mar 16 16:29:33 2015(r280147)
+++ head/sys/sys/types.hMon Mar 16 17:42:53 2015(r280148)
@@ -232,6 +232,11 @@ typedef__useconds_tuseconds_t; /* micr
 #define_USECONDS_T_DECLARED
 #endif
 
+#ifndef _CAP_IOCTL_T_DECLARED
+#define_CAP_IOCTL_T_DECLARED
+typedefunsigned long   cap_ioctl_t;
+#endif
+
 #ifndef _CAP_RIGHTS_T_DECLARED
 #define_CAP_RIGHTS_T_DECLARED
 struct cap_rights;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r280038 - head/sys/cddl/dev/dtrace/arm

[Robert Watson]

Author: rwatson
Date: Sun Mar 15 15:17:34 2015
New Revision: 280038
URL: https://svnweb.freebsd.org/changeset/base/280038

Log:
  On ARM, unlike some other architectures, saved $pc values from in-kernel
  traps do appear in the regular call stack, rather than only in a special
  trap frame, so we don't need to inject the trap-frame $pc into a returned
  stack trace in DTrace.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/cddl/dev/dtrace/arm/dtrace_isa.c

Modified: head/sys/cddl/dev/dtrace/arm/dtrace_isa.c
==
--- head/sys/cddl/dev/dtrace/arm/dtrace_isa.c   Sun Mar 15 14:57:11 2015
(r280037)
+++ head/sys/cddl/dev/dtrace/arm/dtrace_isa.c   Sun Mar 15 15:17:34 2015
(r280038)
@@ -73,7 +73,6 @@ dtrace_getpcstack(pc_t *pcstack, int pcs
register_t sp;
int scp_offset;
int depth = 0;
-   pc_t caller = (pc_t) solaris_cpu[curcpu].cpu_dtrace_caller;
 
if (intrpc != 0)
pcstack[depth++] = (pc_t) intrpc;
@@ -92,13 +91,14 @@ dtrace_getpcstack(pc_t *pcstack, int pcs
 
done = unwind_stack_one(state, 1);
 
+   /*
+* NB: Unlike some other architectures, we don't need to
+* explicitly insert cpu_dtrace_caller as it appears in the
+* normal kernel stack trace rather than a special trap frame.
+*/
if (aframes  0) {
aframes--;
-   if ((aframes == 0)  (caller != 0)) {
-   pcstack[depth++] = caller;
-   }
-   }
-   else {
+   } else {
pcstack[depth++] = state.registers[PC];
}
 
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r280035 - head/sys/cddl/dev/profile

[Robert Watson]

Author: rwatson
Date: Sun Mar 15 14:12:40 2015
New Revision: 280035
URL: https://svnweb.freebsd.org/changeset/base/280035

Log:
  Replace the completely arbitrary '3' with '9' for the number of frames to
  skip using the DTrace 'profile' provider on ARM.  This causes stack traces
  to skip various driver-and callout-related things as they do on x86, where
  the likewise arbitrary values are '6' (32-bit) and '10' (64-bit) for
  similar sorts of reasons.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/cddl/dev/profile/profile.c

Modified: head/sys/cddl/dev/profile/profile.c
==
--- head/sys/cddl/dev/profile/profile.c Sun Mar 15 14:05:55 2015
(r280034)
+++ head/sys/cddl/dev/profile/profile.c Sun Mar 15 14:12:40 2015
(r280035)
@@ -135,7 +135,7 @@ struct profile_probe_percpu;
 
 #ifdef __arm__
 /* bogus */
-#definePROF_ARTIFICIAL_FRAMES  3
+#definePROF_ARTIFICIAL_FRAMES  9
 #endif
 
 typedef struct profile_probe {
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r280039 - head/sys/cddl/dev/fbt/arm

[Robert Watson]

Author: rwatson
Date: Sun Mar 15 15:19:02 2015
New Revision: 280039
URL: https://svnweb.freebsd.org/changeset/base/280039

Log:
  Now that DTrace stack traces handle exception frames better, skip fewer
  stack frames for FBT 'entry' probes on ARM.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/cddl/dev/fbt/arm/fbt_isa.c

Modified: head/sys/cddl/dev/fbt/arm/fbt_isa.c
==
--- head/sys/cddl/dev/fbt/arm/fbt_isa.c Sun Mar 15 15:17:34 2015
(r280038)
+++ head/sys/cddl/dev/fbt/arm/fbt_isa.c Sun Mar 15 15:19:02 2015
(r280039)
@@ -172,7 +172,7 @@ again:
fbt-fbtp_name = name;
if (retfbt == NULL) {
fbt-fbtp_id = dtrace_probe_create(fbt_id, modname,
-   name, FBT_RETURN, 5, fbt);
+   name, FBT_RETURN, 3, fbt);
} else {
retfbt-fbtp_next = fbt;
fbt-fbtp_id = retfbt-fbtp_id;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r279626 - head/sys/cddl/dev/fbt/arm

[Robert Watson]

Author: rwatson
Date: Thu Mar  5 07:40:41 2015
New Revision: 279626
URL: https://svnweb.freebsd.org/changeset/base/279626

Log:
  Don't all DTrace's FBT on ARM to instrument undefinedinstruction(), as
  this would lead to DTrace reentrance.
  
  Sponsored by: DARPA, AFRL

Modified:
  head/sys/cddl/dev/fbt/arm/fbt_isa.c

Modified: head/sys/cddl/dev/fbt/arm/fbt_isa.c
==
--- head/sys/cddl/dev/fbt/arm/fbt_isa.c Thu Mar  5 07:30:48 2015
(r279625)
+++ head/sys/cddl/dev/fbt/arm/fbt_isa.c Thu Mar  5 07:40:41 2015
(r279626)
@@ -105,6 +105,13 @@ fbt_provide_module_function(linker_file_
if (name[0] == '_'  name[1] == '_')
return (0);
 
+   /*
+* Architecture-specific exclusion list, largely to do with FBT trap
+* processing, to prevent reentrance.
+*/
+   if (strcmp(name, undefinedinstruction) == 0)
+   return (0);
+
instr = (uint32_t *)symval-value;
limit = (uint32_t *)(symval-value + symval-size);
 
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r277652 - in head/usr.sbin/pw: . tests

[Robert Watson]

On Sun, 25 Jan 2015, Bruce Evans wrote:

Negative ids have historical abuses in places like mountd.  mountd still 
hard-codes -2 and -2 for the default uid and gid of an unprivileged user. It 
at least casts these values to uid_t and gid_t before using them. This gives 
the ids the non-random values of UINT32_MAX-1 if uid_t and gid_t are 
uint32_t.  (If uid_t and gid_t were signed, then it would leave the values 
as negative, so invalid.)  These magic values may work better than when ids 
were 16 bits, since there is less risk of them conflicting with a normal id. 
However, the non-conflict is probably a bug.  FreeBSD uses the magic ids of 
65534 for user nobody: group nobody.  These would have been (id_t)-2 with 
16-bit ids.  They no longer match, so ls displays (id_t)-2 numerically. 
FreeBSD also has a group nogroup = 65553 that doesn't match the nfs usage. 
However2, in FreeBSD-1 wher ids were 16-bits, nobody was 32767 and nogroup 
was 32766. so they didn't match nfs for other reasons.  The 2 non-groups now 
seem to be just a bug -- FreeBSD-1 didn't have group nobody. 4.4BSD-Lite2 
has the same values as FreeBSD-1.


I'm sure it goes without saying, but for those that don't know (i.e., some 
subset of people who are not Bruce):


(-1) has a defined value both for our system-call interface (chown(2), 
fchown(2), etc, use (-1) to indicate that no change is requested).


This is also used inside the kernel to similar end, where VNOVAL also takes on 
a value of (-1).


This problem also used to exist in NFS, where in NFSv2, (-1) was also used to 
indicate which fields not to update, but this was fixed in NFSv3 by 
introducing discriminated unions.


I personally find myself a fan of fixing (eliminating) VNOVAL, but in the end 
it would likely just be disruptive and confusing.


Robert
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r277203 - in head/sys: kern sys

[Robert Watson]

Author: rwatson
Date: Wed Jan 14 23:44:00 2015
New Revision: 277203
URL: https://svnweb.freebsd.org/changeset/base/277203

Log:
  In order to support ongoing work to implement variable-size mbufs, and
  more generally make it easier to extend 'struct mbuf in the future', make
  a number of changes to the data structure:
  
  - As we anticipate embedding mbufs headers within variable-size regions of
memory in the future, change the definitions of byte arrays embedded in
mbufs to be of size [0] rather than [MLEN] and [MHLEN].  In fact, the
cxgbe driver already uses 'struct mbuf' on the front of other storage
sizes, but we would like the global mbuf allocator do be able to do this
as well.
  
  - Fold 'struct m_hdr' into 'struct mbuf' itself, eliminating a set of
macros that aliased 'mh_foo' field names to 'm_foo' names such as
'm_next'.  These present a particular problem as we would like to add
new mbuf-header fields -- e.g., 'm_size' -- that, if similarly named via
macros, would introduce collisions with many other variable names in the
kernel.
  
  - Rename 'struct m_ext' to 'struct struct_m_ext' so that we can add
compile-time assertions without bumping into the still-extant 'm_ext'
macro.
  
  - Remove the MSIZE compile-time assertion for 'struct mbuf', but add new
assertions for alignment of embedded data arrays (64-bit alignment even
on 32-bit platforms), and for the sizes the mbuf header, packet header,
and m_ext structure.
  
  - Document that these assertions exist in comments in mbuf.h.
  
  This change is not intended to cause (non-trivial) behavioural
  differences, but is a precursor to further mbuf-allocator work.
  
  Differential Revision:https://reviews.freebsd.org/D1483
  Reviewed by:  bz, gnn, np, glebius (go ahead, I trust you)
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/kern/uipc_mbuf.c
  head/sys/sys/mbuf.h

Modified: head/sys/kern/uipc_mbuf.c
==
--- head/sys/kern/uipc_mbuf.c   Wed Jan 14 23:34:00 2015(r277202)
+++ head/sys/kern/uipc_mbuf.c   Wed Jan 14 23:44:00 2015(r277203)
@@ -88,11 +88,38 @@ SYSCTL_INT(_kern_ipc, OID_AUTO, m_defrag
  * Ensure the correct size of various mbuf parameters.  It could be off due
  * to compiler-induced padding and alignment artifacts.
  */
-CTASSERT(sizeof(struct mbuf) == MSIZE);
 CTASSERT(MSIZE - offsetof(struct mbuf, m_dat) == MLEN);
 CTASSERT(MSIZE - offsetof(struct mbuf, m_pktdat) == MHLEN);
 
 /*
+ * mbuf data storage should be 64-bit aligned regardless of architectural
+ * pointer size; check this is the case with and without a packet header.
+ */
+CTASSERT(offsetof(struct mbuf, m_dat) % 8 == 0);
+CTASSERT(offsetof(struct mbuf, m_pktdat) % 8 == 0);
+
+/*
+ * While the specific values here don't matter too much (i.e., +/- a few
+ * words), we do want to ensure that changes to these values are carefully
+ * reasoned about and properly documented.  This is especially the case as
+ * network-protocol and device-driver modules encode these layouts, and must
+ * be recompiled if the structures change.  Check these values at compile time
+ * against the ones documented in comments in mbuf.h.
+ *
+ * NB: Possibly they should be documented there via #define's and not just
+ * comments.
+ */
+#if defined(__LP64__)
+CTASSERT(offsetof(struct mbuf, m_dat) == 32);
+CTASSERT(sizeof(struct pkthdr) == 56);
+CTASSERT(sizeof(struct struct_m_ext) == 48);
+#else
+CTASSERT(offsetof(struct mbuf, m_dat) == 24);
+CTASSERT(sizeof(struct pkthdr) == 48);
+CTASSERT(sizeof(struct struct_m_ext) == 28);
+#endif
+
+/*
  * m_get2() allocates minimum mbuf that would fit size argument.
  */
 struct mbuf *

Modified: head/sys/sys/mbuf.h
==
--- head/sys/sys/mbuf.h Wed Jan 14 23:34:00 2015(r277202)
+++ head/sys/sys/mbuf.h Wed Jan 14 23:44:00 2015(r277203)
@@ -60,9 +60,15 @@
  * MLEN is data length in a normal mbuf.
  * MHLEN is data length in an mbuf with pktheader.
  * MINCLSIZE is a smallest amount of data that should be put into cluster.
+ *
+ * Compile-time assertions in uipc_mbuf.c test these values to ensure that
+ * they are sensible.
  */
-#defineMLEN((int)(MSIZE - sizeof(struct m_hdr)))
-#defineMHLEN   ((int)(MLEN - sizeof(struct pkthdr)))
+struct mbuf;
+#defineMHSIZE  offsetof(struct mbuf, M_dat.M_databuf)
+#defineMPKTHSIZE   offsetof(struct mbuf, 
M_dat.MH.MH_dat.MH_databuf)
+#defineMLEN((int)(MSIZE - MHSIZE))
+#defineMHLEN   ((int)(MSIZE - MPKTHSIZE))
 #defineMINCLSIZE   (MHLEN + 1)
 
 #ifdef _KERNEL
@@ -87,23 +93,6 @@ struct mb_args {
 #endif /* _KERNEL */
 
 /*
- * Header present at the beginning of every mbuf.
- * Size ILP32: 24
- *  LP64: 32
- */
-struct m_hdr {
-   struct mbuf

svn commit: r276910 - in head/sys: kern sys

[Robert Watson]

Author: rwatson
Date: Sat Jan 10 10:41:23 2015
New Revision: 276910
URL: https://svnweb.freebsd.org/changeset/base/276910

Log:
  Garbage collect m_copymdata(), an mbuf utility routine introduced
  in FreeBSD 7 that has not been used since.  It contains a number
  of unresolved bugs including an inverted bcopy() and incorrect
  handling of read-only mbufs using internal storage.  Removing this
  unused code is substantially essier than fixing it in order to
  update it to the coming mbuf world order -- but it can always be
  restored from revision history if it turns out to prove useful for
  future work.
  
  Pointed out by:   jmallett
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/kern/uipc_mbuf.c
  head/sys/sys/mbuf.h

Modified: head/sys/kern/uipc_mbuf.c
==
--- head/sys/kern/uipc_mbuf.c   Sat Jan 10 10:16:22 2015(r276909)
+++ head/sys/kern/uipc_mbuf.c   Sat Jan 10 10:41:23 2015(r276910)
@@ -648,152 +648,6 @@ nospace:
 }
 
 /*
- * Returns mbuf chain with new head for the prepending case.
- * Copies from mbuf (chain) n from off for len to mbuf (chain) m
- * either prepending or appending the data.
- * The resulting mbuf (chain) m is fully writeable.
- * m is destination (is made writeable)
- * n is source, off is offset in source, len is len from offset
- * dir, 0 append, 1 prepend
- * how, wait or nowait
- */
-
-static int
-m_bcopyxxx(void *s, void *t, u_int len)
-{
-   bcopy(s, t, (size_t)len);
-   return 0;
-}
-
-struct mbuf *
-m_copymdata(struct mbuf *m, struct mbuf *n, int off, int len,
-int prep, int how)
-{
-   struct mbuf *mm, *x, *z, *prev = NULL;
-   caddr_t p;
-   int i, nlen = 0;
-   caddr_t buf[MLEN];
-
-   KASSERT(m != NULL  n != NULL, (m_copymdata, no target or source));
-   KASSERT(off = 0, (m_copymdata, negative off %d, off));
-   KASSERT(len = 0, (m_copymdata, negative len %d, len));
-   KASSERT(prep == 0 || prep == 1, (m_copymdata, unknown direction %d, 
prep));
-
-   mm = m;
-   if (!prep) {
-   while(mm-m_next) {
-   prev = mm;
-   mm = mm-m_next;
-   }
-   }
-   for (z = n; z != NULL; z = z-m_next)
-   nlen += z-m_len;
-   if (len == M_COPYALL)
-   len = nlen - off;
-   if (off + len  nlen || len  1)
-   return NULL;
-
-   if (!M_WRITABLE(mm)) {
-   /* XXX: Use proper m_xxx function instead. */
-   x = m_getcl(how, MT_DATA, mm-m_flags);
-   if (x == NULL)
-   return NULL;
-   bcopy(mm-m_ext.ext_buf, x-m_ext.ext_buf, x-m_ext.ext_size);
-   p = x-m_ext.ext_buf + (mm-m_data - mm-m_ext.ext_buf);
-   x-m_data = p;
-   mm-m_next = NULL;
-   if (mm != m)
-   prev-m_next = x;
-   m_free(mm);
-   mm = x;
-   }
-
-   /*
-* Append/prepend the data.  Allocating mbufs as necessary.
-*/
-   /* Shortcut if enough free space in first/last mbuf. */
-   if (!prep  M_TRAILINGSPACE(mm) = len) {
-   m_apply(n, off, len, m_bcopyxxx, mtod(mm, caddr_t) +
-mm-m_len);
-   mm-m_len += len;
-   mm-m_pkthdr.len += len;
-   return m;
-   }
-   if (prep  M_LEADINGSPACE(mm) = len) {
-   mm-m_data = mtod(mm, caddr_t) - len;
-   m_apply(n, off, len, m_bcopyxxx, mtod(mm, caddr_t));
-   mm-m_len += len;
-   mm-m_pkthdr.len += len;
-   return mm;
-   }
-
-   /* Expand first/last mbuf to cluster if possible. */
-   if (!prep  !(mm-m_flags  M_EXT)  len  M_TRAILINGSPACE(mm)) {
-   bcopy(mm-m_data, buf, mm-m_len);
-   m_clget(mm, how);
-   if (!(mm-m_flags  M_EXT))
-   return NULL;
-   bcopy(buf, mm-m_ext.ext_buf, mm-m_len);
-   mm-m_data = mm-m_ext.ext_buf;
-   }
-   if (prep  !(mm-m_flags  M_EXT)  len  M_LEADINGSPACE(mm)) {
-   bcopy(mm-m_data, buf, mm-m_len);
-   m_clget(mm, how);
-   if (!(mm-m_flags  M_EXT))
-   return NULL;
-   bcopy(buf, (caddr_t *)mm-m_ext.ext_buf +
-   mm-m_ext.ext_size - mm-m_len, mm-m_len);
-   mm-m_data = (caddr_t)mm-m_ext.ext_buf +
-   mm-m_ext.ext_size - mm-m_len;
-   }
-
-   /* Append/prepend as many mbuf (clusters) as necessary to fit len. */
-   if (!prep  len  M_TRAILINGSPACE(mm)) {
-   if (!m_getm(mm, len - M_TRAILINGSPACE(mm), how, MT_DATA))
-   return NULL;
-   }
-   if (prep  len  M_LEADINGSPACE(mm)) {
-   if (!(z = m_getm(NULL, len - M_LEADINGSPACE(mm), how, MT_DATA)))
-   return 

svn commit: r276888 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Fri Jan  9 15:21:53 2015
New Revision: 276888
URL: https://svnweb.freebsd.org/changeset/base/276888

Log:
  Uninline M_SIZE() in m_align() to reduce direct use of MLEN and MHLEN.
  
  Differential Revision:https://reviews.freebsd.org/D1471
  Reviewed by:  glebius, bz, rpaulo
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/sys/mbuf.h

Modified: head/sys/sys/mbuf.h
==
--- head/sys/sys/mbuf.h Fri Jan  9 14:50:08 2015(r276887)
+++ head/sys/sys/mbuf.h Fri Jan  9 15:21:53 2015(r276888)
@@ -848,14 +848,7 @@ m_align(struct mbuf *m, int len)
 
KASSERT(m-m_data == M_START(m), (msg, __func__));
 
-   if (m-m_flags  M_EXT) {
-   adjust = m-m_ext.ext_size - len;
-   } else if (m-m_flags  M_PKTHDR) {
-   adjust = MHLEN - len;
-   } else {
-   adjust = MLEN - len;
-   }
-
+   adjust = M_SIZE(m) - len;
m-m_data += adjust ~ (sizeof(long)-1);
 }
 
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r276884 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Fri Jan  9 12:08:51 2015
New Revision: 276884
URL: https://svnweb.freebsd.org/changeset/base/276884

Log:
  Remove a 'This is dumb' comment that has been incorrect for at least a
  decade: m_pulldown() is willing to consider ordinary mbufs writable.
  Retain another, related, and also outdated comment, but with a caveat
  that it is partially stale.  Do not, for now, address the problem that
  it raises (that only EXT_CLUSTER external storage is considered
  writable, regardless of the results of M_WRITABLE() on the mbuf).
  
  MFC after:3 days
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/kern/uipc_mbuf2.c

Modified: head/sys/kern/uipc_mbuf2.c
==
--- head/sys/kern/uipc_mbuf2.c  Fri Jan  9 10:59:49 2015(r276883)
+++ head/sys/kern/uipc_mbuf2.c  Fri Jan  9 12:08:51 2015(r276884)
@@ -131,6 +131,8 @@ m_pulldown(struct mbuf *m, int off, int 
}
 
/*
+* The following comment is dated but still partially applies:
+*
 * XXX: This code is flawed because it considers a writable mbuf
 *  data region to require all of the following:
 *(i) mbuf _has_ to have M_EXT set; if it is just a regular
@@ -148,10 +150,6 @@ m_pulldown(struct mbuf *m, int off, int 
 * M_WRITABLE(). For now, we only evaluate once at the beginning and
 * live with this.
 */
-   /*
-* XXX: This is dumb. If we're just a regular mbuf with no M_EXT,
-*  then we're not writable, according to this code.
-*/
writable = 0;
if ((n-m_flags  M_EXT) == 0 ||
(n-m_ext.ext_type == EXT_CLUSTER  M_WRITABLE(n)))
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r276818 - head/sys/kern

[Robert Watson]

Author: rwatson
Date: Thu Jan  8 11:16:21 2015
New Revision: 276818
URL: https://svnweb.freebsd.org/changeset/base/276818

Log:
  Replace hand-crafted versions of M_SIZE() and M_START() in uipc_mbuf.c
  with calls to the centralised macros, reducing direct use of MLEN and
  MHLEN.
  
  Differential Revision:https://reviews.freebsd.org/D1444
  Reviewed by:  bz
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/kern/uipc_mbuf.c

Modified: head/sys/kern/uipc_mbuf.c
==
--- head/sys/kern/uipc_mbuf.c   Thu Jan  8 10:53:20 2015(r276817)
+++ head/sys/kern/uipc_mbuf.c   Thu Jan  8 11:16:21 2015(r276818)
@@ -196,8 +196,7 @@ m_getm2(struct mbuf *m, int len, int how
}
 
/* Book keeping. */
-   len -= (mb-m_flags  M_EXT) ? mb-m_ext.ext_size :
-   ((mb-m_flags  M_PKTHDR) ? MHLEN : MLEN);
+   len -= M_SIZE(mb);
if (mtail != NULL)
mtail-m_next = mb;
else
@@ -430,11 +429,8 @@ m_sanity(struct mbuf *m0, int sanitize)
 * unrelated kernel memory before or after us is trashed.
 * No way to recover from that.
 */
-   a = ((m-m_flags  M_EXT) ? m-m_ext.ext_buf :
-   ((m-m_flags  M_PKTHDR) ? (caddr_t)(m-m_pktdat) :
-(caddr_t)(m-m_dat)) );
-   b = (caddr_t)(a + (m-m_flags  M_EXT ? m-m_ext.ext_size :
-   ((m-m_flags  M_PKTHDR) ? MHLEN : MLEN)));
+   a = M_START(m);
+   b = a + M_SIZE(m);
if ((caddr_t)m-m_data  a)
M_SANITY_ACTION(m_data outside mbuf data range left);
if ((caddr_t)m-m_data  b)
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r276781 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Wed Jan  7 18:24:42 2015
New Revision: 276781
URL: https://svnweb.freebsd.org/changeset/base/276781

Log:
  Bump __FreeBSD_version to 1100053 reflecting the addition of a return value
  to MCLGET().
  
  Suggested by: jmg
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/sys/param.h

Modified: head/sys/sys/param.h
==
--- head/sys/sys/param.hWed Jan  7 17:22:56 2015(r276780)
+++ head/sys/sys/param.hWed Jan  7 18:24:42 2015(r276781)
@@ -58,7 +58,7 @@
  * in the range 5 to 9.
  */
 #undef __FreeBSD_version
-#define __FreeBSD_version 1100052  /* Master, propagated to newvers */
+#define __FreeBSD_version 1100053  /* Master, propagated to newvers */
 
 /*
  * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r276750 - in head: share/man/man9 sys/contrib/ipfilter/netinet sys/dev/an sys/dev/bge sys/dev/ce sys/dev/cm sys/dev/cp sys/dev/cs sys/dev/ctau sys/dev/ed sys/dev/ex sys/dev/fe sys/dev/

[Robert Watson]

On Wed, 7 Jan 2015, John-Mark Gurney wrote:


Log:
  In order to reduce use of M_EXT outside of the mbuf allocator and
  socket-buffer implementations, introduce a return value for MCLGET()
  (and m_cljget() that underlies it) to allow the caller to avoid testing
  M_EXT itself.  Update all callers to use the return value.

  With this change, very few network device drivers remain aware of
  M_EXT; the primary exceptions lie in mbuf-chain pretty printers for
  debugging, and in a few cases, custom mbuf and cluster allocation
  implementations.

  NB: This is a difficult-to-test change as it touches many drivers for
  which I don't have physical devices.  Instead we've gone for intensive
  review, but further post-commit review would definitely be appreciated
  to spot errors where changes could not easily be made mechanically,
  but were largely mechanical in nature.


Shouldn't this come w/ a FreeBSD version bump for drivers to use?


Yes, probably.  Old drivers will continue to work fine in not checking the 
return value (for now), but drivers seeing backporting will probably want a 
__FreeBSD_version ifdef.  I'll do a commit to bump the version number today.


(In my local tree, M_EXT is renamed _M_EXT unless MBUF_PRIVATE is defined, 
which really is quite a significant KPI change -- I'm not yet sure if I'm 
going to push that into FreeBSD 11 or not.)


Robert
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r276780 - in head/sys: fs/nfs fs/nfsserver nfsserver

[Robert Watson]

Author: rwatson
Date: Wed Jan  7 17:22:56 2015
New Revision: 276780
URL: https://svnweb.freebsd.org/changeset/base/276780

Log:
  Use M_SIZE() instead of hand-crafted (and mostly correct) NFSMSIZ() macro
  in the NFS server; garbage collect now-unused NFSMSIZ() and M_HASCL()
  macros.  Also garbage collect now-unused versions in headers for the
  removed previous NFS client and server.
  
  Reviewed by:  rmacklem
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/fs/nfs/nfsm_subs.h
  head/sys/fs/nfsserver/nfs_nfsdport.c
  head/sys/nfsserver/nfsm_subs.h

Modified: head/sys/fs/nfs/nfsm_subs.h
==
--- head/sys/fs/nfs/nfsm_subs.h Wed Jan  7 16:55:55 2015(r276779)
+++ head/sys/fs/nfs/nfsm_subs.h Wed Jan  7 17:22:56 2015(r276780)
@@ -46,9 +46,6 @@
 /*
  * First define what the actual subs. return
  */
-#defineM_HASCL(m)  ((m)-m_flags  M_EXT)
-#defineNFSMSIZ(m)  ((M_HASCL(m))?MCLBYTES: 
\
-   (((m)-m_flags  M_PKTHDR)?MHLEN:MLEN))
 #defineNFSM_DATAP(m, s)(m)-m_data += (s)
 
 /*

Modified: head/sys/fs/nfsserver/nfs_nfsdport.c
==
--- head/sys/fs/nfsserver/nfs_nfsdport.cWed Jan  7 16:55:55 2015
(r276779)
+++ head/sys/fs/nfsserver/nfs_nfsdport.cWed Jan  7 17:22:56 2015
(r276780)
@@ -575,7 +575,7 @@ nfsvno_readlink(struct vnode *vp, struct
while (len  NFS_MAXPATHLEN) {
NFSMGET(mp);
MCLGET(mp, M_WAITOK);
-   mp-m_len = NFSMSIZ(mp);
+   mp-m_len = M_SIZE(mp);
if (len == 0) {
mp3 = mp2 = mp;
} else {

Modified: head/sys/nfsserver/nfsm_subs.h
==
--- head/sys/nfsserver/nfsm_subs.h  Wed Jan  7 16:55:55 2015
(r276779)
+++ head/sys/nfsserver/nfsm_subs.h  Wed Jan  7 17:22:56 2015
(r276780)
@@ -47,14 +47,6 @@
  */
 
 /*
- * First define what the actual subs. return
- */
-
-#defineM_HASCL(m)  ((m)-m_flags  M_EXT)
-#defineNFSMSIZ(m)  ((M_HASCL(m))?MCLBYTES: \
-   (((m)-m_flags  M_PKTHDR)?MHLEN:MLEN))
-
-/*
  * Now for the macros that do the simple stuff and call the functions
  * for the hard stuff.
  * These macros use several vars. declared in nfsm_reqhead and these
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r276750 - in head: share/man/man9 sys/contrib/ipfilter/netinet sys/dev/an sys/dev/bge sys/dev/ce sys/dev/cm sys/dev/cp sys/dev/cs sys/dev/ctau sys/dev/ed sys/dev/ex sys/dev/fe sys/dev/h...

[Robert Watson]

Author: rwatson
Date: Tue Jan  6 12:59:37 2015
New Revision: 276750
URL: https://svnweb.freebsd.org/changeset/base/276750

Log:
  In order to reduce use of M_EXT outside of the mbuf allocator and
  socket-buffer implementations, introduce a return value for MCLGET()
  (and m_cljget() that underlies it) to allow the caller to avoid testing
  M_EXT itself.  Update all callers to use the return value.
  
  With this change, very few network device drivers remain aware of
  M_EXT; the primary exceptions lie in mbuf-chain pretty printers for
  debugging, and in a few cases, custom mbuf and cluster allocation
  implementations.
  
  NB: This is a difficult-to-test change as it touches many drivers for
  which I don't have physical devices.  Instead we've gone for intensive
  review, but further post-commit review would definitely be appreciated
  to spot errors where changes could not easily be made mechanically,
  but were largely mechanical in nature.
  
  Differential Revision:https://reviews.freebsd.org/D1440
  Reviewed by:  adrian, bz, gnn
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/share/man/man9/mbuf.9
  head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
  head/sys/dev/an/if_an.c
  head/sys/dev/bge/if_bge.c
  head/sys/dev/ce/if_ce.c
  head/sys/dev/cm/smc90cx6.c
  head/sys/dev/cp/if_cp.c
  head/sys/dev/cs/if_cs.c
  head/sys/dev/ctau/if_ct.c
  head/sys/dev/ed/if_ed.c
  head/sys/dev/ex/if_ex.c
  head/sys/dev/fe/if_fe.c
  head/sys/dev/hifn/hifn7751.c
  head/sys/dev/ie/if_ie.c
  head/sys/dev/le/lance.c
  head/sys/dev/lmc/if_lmc.c
  head/sys/dev/mn/if_mn.c
  head/sys/dev/my/if_my.c
  head/sys/dev/pcn/if_pcn.c
  head/sys/dev/pdq/pdq_freebsd.h
  head/sys/dev/pdq/pdq_ifsubr.c
  head/sys/dev/pdq/pdqvar.h
  head/sys/dev/safe/safe.c
  head/sys/dev/sbni/if_sbni.c
  head/sys/dev/smc/if_smc.c
  head/sys/dev/sn/if_sn.c
  head/sys/dev/snc/dp83932.c
  head/sys/dev/ti/if_ti.c
  head/sys/dev/tl/if_tl.c
  head/sys/dev/usb/misc/udbp.c
  head/sys/dev/vx/if_vx.c
  head/sys/dev/wb/if_wb.c
  head/sys/dev/xe/if_xe.c
  head/sys/dev/xen/netfront/netfront.c
  head/sys/mips/adm5120/if_admsw.c
  head/sys/netgraph/atm/ngatmbase.c
  head/sys/netgraph/atm/sscop/ng_sscop_cust.h
  head/sys/netgraph/bluetooth/drivers/bt3c/ng_bt3c_pccard.c
  head/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c
  head/sys/netgraph/ng_vjc.c
  head/sys/netipsec/key.c
  head/sys/netipsec/keysock.c
  head/sys/sys/mbuf.h

Modified: head/share/man/man9/mbuf.9
==
--- head/share/man/man9/mbuf.9  Tue Jan  6 10:02:14 2015(r276749)
+++ head/share/man/man9/mbuf.9  Tue Jan  6 12:59:37 2015(r276750)
@@ -24,7 +24,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd October 21, 2014
+.Dd January 5, 2015
 .Dt MBUF 9
 .Os
 .\
@@ -40,6 +40,7 @@
 .Ss Mbuf allocation macros
 .Fn MGET struct mbuf *mbuf int how short type
 .Fn MGETHDR struct mbuf *mbuf int how short type
+.Ft int
 .Fn MCLGET struct mbuf *mbuf int how
 .Fo MEXTADD
 .Fa struct mbuf *mbuf
@@ -436,10 +437,12 @@ Allocate and attach an
 .Vt mbuf cluster
 to
 .Fa mbuf .
-If the macro fails, the
+On success, a non-zero value returned; otherwise, 0.
+Historically, consumers would check for success by testing the
 .Dv M_EXT
-flag will not be set in
-.Fa mbuf .
+flag on the mbuf, but this is now discouraged to avoid unnecessary awareness
+of the implementation of external storage in protocol stacks and device
+drivers.
 .It Fn M_ALIGN mbuf len
 Set the pointer
 .Fa mbuf-m_data

Modified: head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c
==
--- head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c  Tue Jan  6 10:02:14 
2015(r276749)
+++ head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c  Tue Jan  6 12:59:37 
2015(r276750)
@@ -386,8 +386,7 @@ ipf_send_reset(fin)
if (m == NULL)
return -1;
if (sizeof(*tcp2) + hlen  MLEN) {
-   MCLGET(m, M_NOWAIT);
-   if ((m-m_flags  M_EXT) == 0) {
+   if (!(MCLGET(m, M_NOWAIT))) {
FREE_MB_T(m);
return -1;
}
@@ -610,8 +609,7 @@ ipf_send_icmp_err(type, fin, dst)
code = icmptoicmp6unreach[code];
 
if (iclen + max_linkhdr + fin-fin_plen  avail) {
-   MCLGET(m, M_NOWAIT);
-   if ((m-m_flags  M_EXT) == 0) {
+   if (!(MCLGET(m, M_NOWAIT))) {
FREE_MB_T(m);
return -1;
}

Modified: head/sys/dev/an/if_an.c
==
--- head/sys/dev/an/if_an.c Tue Jan  6 10:02:14 2015(r276749)
+++ head/sys/dev/an/if_an.c Tue Jan  6 12:59:37 2015(r276750)
@@ -943,8 +943,7 @@ an_rxeof(struct an_softc *sc)

svn commit: r276752 - head/sys/netinet

[Robert Watson]

Author: rwatson
Date: Tue Jan  6 14:32:28 2015
New Revision: 276752
URL: https://svnweb.freebsd.org/changeset/base/276752

Log:
  Use M_WRITABLE() and M_LEADINGSPACE() rather than checking M_EXT and
  doing hand-crafted length calculations in the IP options code.
  
  Reviewed by:  bz
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/netinet/ip_options.c

Modified: head/sys/netinet/ip_options.c
==
--- head/sys/netinet/ip_options.c   Tue Jan  6 13:07:13 2015
(r276751)
+++ head/sys/netinet/ip_options.c   Tue Jan  6 14:32:28 2015
(r276752)
@@ -500,7 +500,7 @@ ip_insertoptions(struct mbuf *m, struct 
}
if (p-ipopt_dst.s_addr)
ip-ip_dst = p-ipopt_dst;
-   if (m-m_flags  M_EXT || m-m_data - optlen  m-m_pktdat) {
+   if (!M_WRITABLE(m) || M_LEADINGSPACE(m)  optlen) {
n = m_gethdr(M_NOWAIT, MT_DATA);
if (n == NULL) {
*phlen = 0;
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r276692 - in head/sys: dev/en dev/fatm dev/iscsi_initiator dev/patm kern net80211 netinet netinet6 sys

[Robert Watson]

Author: rwatson
Date: Mon Jan  5 09:58:32 2015
New Revision: 276692
URL: https://svnweb.freebsd.org/changeset/base/276692

Log:
  To ease changes to underlying mbuf structure and the mbuf allocator, reduce
  the knowledge of mbuf layout, and in particular constants such as M_EXT,
  MLEN, MHLEN, and so on, in mbuf consumers by unifying various alignment
  utility functions (M_ALIGN(), MH_ALIGN(), MEXT_ALIGN() in a single
  M_ALIGN() macro, implemented by a now-inlined m_align() function:
  
  - Move m_align() from uipc_mbuf.c to mbuf.h; mark as __inline.
  - Reimplement M_ALIGN(), MH_ALIGN(), and MEXT_ALIGN() using m_align().
  - Update consumers around the tree to simply use M_ALIGN().
  
  This change eliminates a number of cases where mbuf consumers must be aware
  of whether or not mbufs returned by the allocator use external storage, but
  also assumptions about the size of the returned mbuf. This will make it
  easier to introduce changes in how we use external storage, as well as
  features such as variable-size mbufs.
  
  Differential Revision:https://reviews.freebsd.org/D1436
  Reviewed by:  glebius, trasz, gnn, bz
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/dev/en/midway.c
  head/sys/dev/fatm/if_fatm.c
  head/sys/dev/iscsi_initiator/isc_soc.c
  head/sys/dev/patm/if_patm_rx.c
  head/sys/kern/uipc_mbuf.c
  head/sys/net80211/ieee80211_freebsd.c
  head/sys/netinet/if_ether.c
  head/sys/netinet/igmp.c
  head/sys/netinet/ip_carp.c
  head/sys/netinet/sctp_os_bsd.h
  head/sys/netinet/tcp_output.c
  head/sys/netinet6/ip6_output.c
  head/sys/netinet6/mld6.c
  head/sys/netinet6/nd6_nbr.c
  head/sys/sys/mbuf.h

Modified: head/sys/dev/en/midway.c
==
--- head/sys/dev/en/midway.cMon Jan  5 05:30:07 2015(r276691)
+++ head/sys/dev/en/midway.cMon Jan  5 09:58:32 2015(r276692)
@@ -1935,7 +1935,7 @@ en_mget(struct en_softc *sc, u_int pktle
m-m_pkthdr.rcvif = NULL;
m-m_pkthdr.len = pktlen;
m-m_len = EN_RX1BUF;
-   MH_ALIGN(m, EN_RX1BUF);
+   M_ALIGN(m, EN_RX1BUF);
if (m-m_len = totlen) {
m-m_len = totlen;
 

Modified: head/sys/dev/fatm/if_fatm.c
==
--- head/sys/dev/fatm/if_fatm.c Mon Jan  5 05:30:07 2015(r276691)
+++ head/sys/dev/fatm/if_fatm.c Mon Jan  5 09:58:32 2015(r276692)
@@ -1105,7 +1105,7 @@ fatm_supply_small_buffers(struct fatm_so
LIST_INSERT_HEAD(sc-rbuf_free, rb, link);
break;
}
-   MH_ALIGN(m, SMALL_BUFFER_LEN);
+   M_ALIGN(m, SMALL_BUFFER_LEN);
error = bus_dmamap_load(sc-rbuf_tag, rb-map,
m-m_data, SMALL_BUFFER_LEN, dmaload_helper,
phys, BUS_DMA_NOWAIT);

Modified: head/sys/dev/iscsi_initiator/isc_soc.c
==
--- head/sys/dev/iscsi_initiator/isc_soc.c  Mon Jan  5 05:30:07 2015
(r276691)
+++ head/sys/dev/iscsi_initiator/isc_soc.c  Mon Jan  5 09:58:32 2015
(r276692)
@@ -110,7 +110,7 @@ isc_sendPDU(isc_session_t *sp, pduq_t *p
   | Add any AHS to the iSCSI hdr mbuf
   */
  if((mh-m_len + pp-ahs_len)  MHLEN) {
-  MH_ALIGN(mh, mh-m_len + pp-ahs_len);
+  M_ALIGN(mh, mh-m_len + pp-ahs_len);
   bcopy(pp-ipdu, mh-m_data, mh-m_len);
   bcopy(pp-ahs_addr, mh-m_data + mh-m_len, pp-ahs_len);
   mh-m_len += pp-ahs_len;
@@ -119,7 +119,7 @@ isc_sendPDU(isc_session_t *sp, pduq_t *p
   panic(len AHS=%d too big, not impleneted yet, pp-ahs_len);
  }
  else {
- MH_ALIGN(mh, mh-m_len);
+ M_ALIGN(mh, mh-m_len);
  bcopy(pp-ipdu, mh-m_data, mh-m_len);
  }
  mh-m_pkthdr.len = mh-m_len;

Modified: head/sys/dev/patm/if_patm_rx.c
==
--- head/sys/dev/patm/if_patm_rx.c  Mon Jan  5 05:30:07 2015
(r276691)
+++ head/sys/dev/patm/if_patm_rx.c  Mon Jan  5 09:58:32 2015
(r276692)
@@ -471,7 +471,7 @@ patm_rx_raw(struct patm_softc *sc, u_cha
  default:
  case PATM_RAW_CELL:
m-m_len = m-m_pkthdr.len = 53;
-   MH_ALIGN(m, 53);
+   M_ALIGN(m, 53);
dst = mtod(m, u_char *);
*dst++ = *cell++;
*dst++ = *cell++;
@@ -483,7 +483,7 @@ patm_rx_raw(struct patm_softc *sc, u_cha
 
  case PATM_RAW_NOHEC:
m-m_len = m-m_pkthdr.len = 52;
-   MH_ALIGN(m, 52);
+   M_ALIGN(m, 52);
dst = mtod(m, u_char *);
*dst++ = *cell++;
*dst++ = *cell++;
@@ -494,7 +494,7 @@ 

svn commit: r276563 - head/sys/dev/cxgb/ulp/tom

[Robert Watson]

Author: rwatson
Date: Fri Jan  2 19:06:27 2015
New Revision: 276563
URL: https://svnweb.freebsd.org/changeset/base/276563

Log:
  In mbuf_to_synq_entry(), use M_START() and M_SIZE() to calculate an offset
  into mbuf storage, to reduce knowledge about mbuf/cluster layout in the
  cxgb device driver.
  
  Reviewed by:  np
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/dev/cxgb/ulp/tom/cxgb_listen.c

Modified: head/sys/dev/cxgb/ulp/tom/cxgb_listen.c
==
--- head/sys/dev/cxgb/ulp/tom/cxgb_listen.c Fri Jan  2 19:05:39 2015
(r276562)
+++ head/sys/dev/cxgb/ulp/tom/cxgb_listen.c Fri Jan  2 19:06:27 2015
(r276563)
@@ -442,26 +442,13 @@ static struct synq_entry *
 mbuf_to_synq_entry(struct mbuf *m)
 {
int len = roundup(sizeof (struct synq_entry), 8);
-   uint8_t *buf;
-   int buflen;
 
if (__predict_false(M_TRAILINGSPACE(m)  len)) {
panic(%s: no room for synq_entry (%td, %d)\n, __func__,
M_TRAILINGSPACE(m), len);
}
 
-   if (m-m_flags  M_EXT) {
-   buf = m-m_ext.ext_buf;
-   buflen = m-m_ext.ext_size;
-   } else if (m-m_flags  M_PKTHDR) {
-   buf = m-m_pktdat[0];
-   buflen = MHLEN;
-   } else {
-   buf = m-m_dat[0];
-   buflen = MLEN;
-   }
-
-   return ((void *)(buf + buflen - len));
+   return ((void *)(M_START(m) + M_SIZE(m) - len));
 }
 
 #ifdef KTR
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r273028 - in head/sys/dev: msk nfe sk

[Robert Watson]

Author: rwatson
Date: Mon Oct 13 06:51:40 2014
New Revision: 273028
URL: https://svnweb.freebsd.org/changeset/base/273028

Log:
  Eliminate unnecessary checking for M_EXT on mbufs returned by m_getjcl().
  
  Reviewed by:  bz, glebius, yongari
  MFC after:3 days
  Sponsored by: EMC / Isilon Storage Division
  Differential Revision:https://reviews.freebsd.org/D938

Modified:
  head/sys/dev/msk/if_msk.c
  head/sys/dev/nfe/if_nfe.c
  head/sys/dev/sk/if_sk.c

Modified: head/sys/dev/msk/if_msk.c
==
--- head/sys/dev/msk/if_msk.c   Mon Oct 13 06:50:08 2014(r273027)
+++ head/sys/dev/msk/if_msk.c   Mon Oct 13 06:51:40 2014(r273028)
@@ -962,10 +962,6 @@ msk_jumbo_newbuf(struct msk_if_softc *sc
m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUM9BYTES);
if (m == NULL)
return (ENOBUFS);
-   if ((m-m_flags  M_EXT) == 0) {
-   m_freem(m);
-   return (ENOBUFS);
-   }
m-m_len = m-m_pkthdr.len = MJUM9BYTES;
if ((sc_if-msk_flags  MSK_FLAG_RAMBUF) == 0)
m_adj(m, ETHER_ALIGN);

Modified: head/sys/dev/nfe/if_nfe.c
==
--- head/sys/dev/nfe/if_nfe.c   Mon Oct 13 06:50:08 2014(r273027)
+++ head/sys/dev/nfe/if_nfe.c   Mon Oct 13 06:51:40 2014(r273028)
@@ -2063,10 +2063,6 @@ nfe_jnewbuf(struct nfe_softc *sc, int id
m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUM9BYTES);
if (m == NULL)
return (ENOBUFS);
-   if ((m-m_flags  M_EXT) == 0) {
-   m_freem(m);
-   return (ENOBUFS);
-   }
m-m_pkthdr.len = m-m_len = MJUM9BYTES;
m_adj(m, ETHER_ALIGN);
 

Modified: head/sys/dev/sk/if_sk.c
==
--- head/sys/dev/sk/if_sk.c Mon Oct 13 06:50:08 2014(r273027)
+++ head/sys/dev/sk/if_sk.c Mon Oct 13 06:51:40 2014(r273028)
@@ -1012,10 +1012,6 @@ sk_jumbo_newbuf(sc_if, idx)
m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUM9BYTES);
if (m == NULL)
return (ENOBUFS);
-   if ((m-m_flags  M_EXT) == 0) {
-   m_freem(m);
-   return (ENOBUFS);
-   }
m-m_pkthdr.len = m-m_len = MJUM9BYTES;
/*
 * Adjust alignment so packet payload begins on a
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r272984 - in head/sys: netinet netinet6

[Robert Watson]

Author: rwatson
Date: Sun Oct 12 15:49:52 2014
New Revision: 272984
URL: https://svnweb.freebsd.org/changeset/base/272984

Log:
  When deciding whether to call m_pullup() even though there is adequate
  data in an mbuf, use M_WRITABLE() instead of a direct test of M_EXT;
  the latter both unnecessarily exposes mbuf-allocator internals in the
  protocol stack and is also insufficient to catch all cases of
  non-writability.
  
  (NB: m_pullup() does not actually guarantee that a writable mbuf is
  returned, so further refinement of all of these code paths continues to
  be required.)
  
  Reviewed by:  bz
  MFC after:3 days
  Sponsored by: EMC / Isilon Storage Division
  Differential Revision: https://reviews.freebsd.org/D900

Modified:
  head/sys/netinet/igmp.c
  head/sys/netinet/ip_mroute.c
  head/sys/netinet/ip_output.c
  head/sys/netinet6/icmp6.c
  head/sys/netinet6/ip6_mroute.c
  head/sys/netinet6/ip6_output.c

Modified: head/sys/netinet/igmp.c
==
--- head/sys/netinet/igmp.c Sun Oct 12 13:12:06 2014(r272983)
+++ head/sys/netinet/igmp.c Sun Oct 12 15:49:52 2014(r272984)
@@ -1466,7 +1466,7 @@ igmp_input(struct mbuf **mp, int *offp, 
minlen += IGMP_V3_QUERY_MINLEN;
else
minlen += IGMP_MINLEN;
-   if ((m-m_flags  M_EXT || m-m_len  minlen) 
+   if ((!M_WRITABLE(m) || m-m_len  minlen) 
(m = m_pullup(m, minlen)) == 0) {
IGMPSTAT_INC(igps_rcv_tooshort);
return (IPPROTO_DONE);
@@ -1557,7 +1557,7 @@ igmp_input(struct mbuf **mp, int *offp, 
 */
igmpv3len = iphlen + IGMP_V3_QUERY_MINLEN +
srclen;
-   if ((m-m_flags  M_EXT ||
+   if ((!M_WRITABLE(m) ||
 m-m_len  igmpv3len) 
(m = m_pullup(m, igmpv3len)) == NULL) {
IGMPSTAT_INC(igps_rcv_tooshort);

Modified: head/sys/netinet/ip_mroute.c
==
--- head/sys/netinet/ip_mroute.cSun Oct 12 13:12:06 2014
(r272983)
+++ head/sys/netinet/ip_mroute.cSun Oct 12 15:49:52 2014
(r272984)
@@ -121,7 +121,6 @@ __FBSDID($FreeBSD$);
 #endif
 
 #defineVIFI_INVALID((vifi_t) -1)
-#defineM_HASCL(m)  ((m)-m_flags  M_EXT)
 
 static VNET_DEFINE(uint32_t, last_tv_sec); /* last time we processed this */
 #defineV_last_tv_sec   VNET(last_tv_sec)
@@ -1304,7 +1303,7 @@ X_ip_mforward(struct ip *ip, struct ifne
}
 
mb0 = m_copypacket(m, M_NOWAIT);
-   if (mb0  (M_HASCL(mb0) || mb0-m_len  hlen))
+   if (mb0  (!M_WRITABLE(mb0) || mb0-m_len  hlen))
mb0 = m_pullup(mb0, hlen);
if (mb0 == NULL) {
free(rte, M_MRTABLE);
@@ -1544,7 +1543,7 @@ ip_mdq(struct mbuf *m, struct ifnet *ifp
int hlen = ip-ip_hl  2;
struct mbuf *mm = m_copy(m, 0, hlen);
 
-   if (mm  (M_HASCL(mm) || mm-m_len  hlen))
+   if (mm  (!M_WRITABLE(mm) || mm-m_len  hlen))
mm = m_pullup(mm, hlen);
if (mm == NULL)
return ENOBUFS;
@@ -1665,7 +1664,7 @@ phyint_send(struct ip *ip, struct vif *v
  * so that ip_output() only scribbles on the copy.
  */
 mb_copy = m_copypacket(m, M_NOWAIT);
-if (mb_copy  (M_HASCL(mb_copy) || mb_copy-m_len  hlen))
+if (mb_copy  (!M_WRITABLE(mb_copy) || mb_copy-m_len  hlen))
mb_copy = m_pullup(mb_copy, hlen);
 if (mb_copy == NULL)
return;

Modified: head/sys/netinet/ip_output.c
==
--- head/sys/netinet/ip_output.cSun Oct 12 13:12:06 2014
(r272983)
+++ head/sys/netinet/ip_output.cSun Oct 12 15:49:52 2014
(r272984)
@@ -1365,7 +1365,7 @@ ip_mloopback(struct ifnet *ifp, struct m
 * modify the pack in order to generate checksums.
 */
copym = m_dup(m, M_NOWAIT);
-   if (copym != NULL  (copym-m_flags  M_EXT || copym-m_len  hlen))
+   if (copym != NULL  (!M_WRITABLE(copym) || copym-m_len  hlen))
copym = m_pullup(copym, hlen);
if (copym != NULL) {
/* If needed, compute the checksum and mark it as valid. */

Modified: head/sys/netinet6/icmp6.c
==
--- head/sys/netinet6/icmp6.c   Sun Oct 12 13:12:06 2014(r272983)
+++ head/sys/netinet6/icmp6.c   Sun Oct 12 15:49:52 2014(r272984)
@@ -63,6 +63,8 @@
 #include sys/cdefs.h
 __FBSDID($FreeBSD$);
 
+#defineMBUF_PRIVATE/* XXXRW: Optimisation tries to avoid M_EXT 
mbufs */
+
 #include opt_inet.h
 

Re: svn commit: r271504 - in head/sys: dev/oce dev/vmware/vmxnet3 dev/xen/netfront net netinet ofed/drivers/net/mlx4

[Robert Watson]

On Sat, 13 Sep 2014, Rick Macklem wrote:

Well, there are spare fields (if_ispare[4]) in struct ifnet that I believe 
can be used for new u_ints when MFC'ng a patch that adds fields to struct 
ifnet in head. (If I have this wrong, someone please correct me.)


In my notes from a few years ago on KBIs, it looked like we could potentially 
convert ifnet from only use spares to OK to append to the structure in a 
stable branch.  It used to be that ifnet was embedded in driver softcs, and 
so ifnet changes broke compiled driver modules, but this is no longer the 
case.  A careful review might suggest to us that it's OK to simply add the new 
fields we want to the end, but need to do that review before assuming it.


Robert
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r271420 - in head/sys: dev/cxgbe/common sys

[Robert Watson]

Author: rwatson
Date: Thu Sep 11 07:16:15 2014
New Revision: 271420
URL: http://svnweb.freebsd.org/changeset/base/271420

Log:
  Add new a M_START() mbuf macro that returns a pointer to the start of
  an mbuf's storage (internal or external).
  
  Add a new M_SIZE() mbuf macro that returns the size of an mbuf's
  storage (internal or external).
  
  These contrast with m_data and m_len, which are with respect to data
  in the buffer, rather than the buffer itself.
  
  Rewrite M_LEADINGSPACE() and M_TRAILINGSPACE() in terms of M_START()
  and M_SIZE().
  
  This is done as we currently have many instances of using mbuf flags
  to generate pointers or lengths for internal storage in header and
  regular mbufs, as well as to external storage. Rather than replicate
  this logic throughout the network stack, centralising the
  implementation will make it easier for us to refine mbuf storage.
  This should also help reduce bugs by limiting the amount of
  mbuf-type-specific pointer arithmetic.  Followup changes will
  propagate use of the macros throughout the stack.
  
  M_SIZE() conflicts with one macro in the Chelsio driver; rename that
  macro in a slightly unsatisfying way to eliminate the collision.
  
  MFC after:3 days
  Obtained from:jeff (with enhancements)
  Sponsored by: EMC / Isilon Storage Division
  Reviewed by:  bz, glebius, np
  Differential Revision:https://reviews.freebsd.org/D753

Modified:
  head/sys/dev/cxgbe/common/t4_regs.h
  head/sys/sys/mbuf.h

Modified: head/sys/dev/cxgbe/common/t4_regs.h
==
--- head/sys/dev/cxgbe/common/t4_regs.h Thu Sep 11 06:17:56 2014
(r271419)
+++ head/sys/dev/cxgbe/common/t4_regs.h Thu Sep 11 07:16:15 2014
(r271420)
@@ -1073,9 +1073,9 @@
 #define A_SGE_FL_BUFFER_SIZE0 0x1044
 
 #define S_SIZE4
-#define M_SIZE0xfffU
+#define CXGBE_M_SIZE0xfffU
 #define V_SIZE(x) ((x)  S_SIZE)
-#define G_SIZE(x) (((x)  S_SIZE)  M_SIZE)
+#define G_SIZE(x) (((x)  S_SIZE)  CXGBE_M_SIZE)
 
 #define A_SGE_FL_BUFFER_SIZE1 0x1048
 #define A_SGE_FL_BUFFER_SIZE2 0x104c

Modified: head/sys/sys/mbuf.h
==
--- head/sys/sys/mbuf.h Thu Sep 11 06:17:56 2014(r271419)
+++ head/sys/sys/mbuf.h Thu Sep 11 07:16:15 2014(r271420)
@@ -843,29 +843,50 @@ m_last(struct mbuf *m)
 } while (0)
 
 /*
+ * Return the address of the start of the buffer associated with an mbuf,
+ * handling external storage, packet-header mbufs, and regular data mbufs.
+ */
+#defineM_START(m)  
\
+   (((m)-m_flags  M_EXT) ? (m)-m_ext.ext_buf :  \
+((m)-m_flags  M_PKTHDR) ? (m)-m_pktdat[0] :\
+(m)-m_dat[0])
+
+/*
+ * Return the size of the buffer associated with an mbuf, handling external
+ * storage, packet-header mbufs, and regular data mbufs.
+ */
+#defineM_SIZE(m)   
\
+   (((m)-m_flags  M_EXT) ? (m)-m_ext.ext_size : \
+((m)-m_flags  M_PKTHDR) ? MHLEN :\
+MLEN)
+
+/*
  * Compute the amount of space available before the current start of data in
  * an mbuf.
  *
  * The M_WRITABLE() is a temporary, conservative safety measure: the burden
  * of checking writability of the mbuf data area rests solely with the caller.
+ *
+ * NB: In previous versions, M_LEADINGSPACE() would only check M_WRITABLE()
+ * for mbufs with external storage.  We now allow mbuf-embedded data to be
+ * read-only as well.
  */
 #defineM_LEADINGSPACE(m)   
\
-   ((m)-m_flags  M_EXT ? \
-   (M_WRITABLE(m) ? (m)-m_data - (m)-m_ext.ext_buf : 0): \
-   (m)-m_flags  M_PKTHDR ? (m)-m_data - (m)-m_pktdat : \
-   (m)-m_data - (m)-m_dat)
+   (M_WRITABLE(m) ? ((m)-m_data - M_START(m)) : 0)
 
 /*
  * Compute the amount of space available after the end of data in an mbuf.
  *
  * The M_WRITABLE() is a temporary, conservative safety measure: the burden
  * of checking writability of the mbuf data area rests solely with the caller.
+ *
+ * NB: In previous versions, M_TRAILINGSPACE() would only check M_WRITABLE()
+ * for mbufs with external storage.  We now allow mbuf-embedded data to be
+ * read-only as well.
  */
 #defineM_TRAILINGSPACE(m)  
\
-   ((m)-m_flags  M_EXT ? \
-   (M_WRITABLE(m) ? (m)-m_ext.ext_buf + (m)-m_ext.ext_size   \
-   - ((m)-m_data + (m)-m_len) : 0) : \
-   (m)-m_dat[MLEN] - ((m)-m_data + (m)-m_len))
+   (M_WRITABLE(m) ?\
+   ((M_START(m) + M_SIZE(m)) - ((m)-m_data + 

Re: svn commit: r271418 - head/sbin/dhclient

[Robert Watson]

A bit behind on commits, but: does this mean that an older userspace dhclient 
will no longer work with a newer kernel?


Robert

On Thu, 11 Sep 2014, Gleb Smirnoff wrote:


Author: glebius
Date: Thu Sep 11 05:48:39 2014
New Revision: 271418
URL: http://svnweb.freebsd.org/changeset/base/271418

Log:
 Since r270929 raw sockets expect network byte order.

 Submitted by:  avg

Modified:
 head/sbin/dhclient/packet.c

Modified: head/sbin/dhclient/packet.c
==
--- head/sbin/dhclient/packet.c Thu Sep 11 03:16:57 2014(r271417)
+++ head/sbin/dhclient/packet.c Thu Sep 11 05:48:39 2014(r271418)
@@ -127,17 +127,6 @@ assemble_udp_ip_header(unsigned char *bu
ip.ip_dst.s_addr = to;

ip.ip_sum = wrapsum(checksum((unsigned char *)ip, sizeof(ip), 0));
-
-   /*
-* While the BPF -- used for broadcasts -- expects a true IP header
-* with all the bytes in network byte order, the raw socket interface
-* which is used for unicasts expects the ip_len field to be in host
-* byte order.  In both cases, the checksum has to be correct, so this
-* is as good a place as any to turn the bytes around again.
-*/
-   if (to != INADDR_BROADCAST)
-   ip.ip_len = ntohs(ip.ip_len);
-
memcpy(buf[*bufix], ip, sizeof(ip));
*bufix += sizeof(ip);




___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r271373 - in head/sys/dev: ce cp ctau cx

[Robert Watson]

Author: rwatson
Date: Wed Sep 10 09:57:32 2014
New Revision: 271373
URL: http://svnweb.freebsd.org/changeset/base/271373

Log:
  Replace local copy-and-paste implementations of printmbuf() in several
  device drivers with calls to the centralised m_print() implementation.
  While the formatting and output details differ a little, the content
  is essentially the same, and it is unlikely anyone has used this
  debugging output in some time.
  
  This change reduces awareness of mbuf cluster allocation (and,
  especially, the M_EXT flag) outside of the mbuf allocator, which will
  make it easier to refine the external storage mechanism without
  disrupting drivers in the future.
  
  Style bugs are preserved.
  
  Reviewed by:  bz, glebius
  MFC after:3 days
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/dev/ce/if_ce.c
  head/sys/dev/cp/if_cp.c
  head/sys/dev/ctau/if_ct.c
  head/sys/dev/cx/if_cx.c

Modified: head/sys/dev/ce/if_ce.c
==
--- head/sys/dev/ce/if_ce.c Wed Sep 10 09:47:16 2014(r271372)
+++ head/sys/dev/ce/if_ce.c Wed Sep 10 09:57:32 2014(r271373)
@@ -298,22 +298,6 @@ static struct cdevsw ce_cdevsw = {
 #endif
 
 /*
- * Print the mbuf chain, for debug purposes only.
- */
-static void printmbuf (struct mbuf *m)
-{
-   printf (mbuf:);
-   for (; m; m=m-m_next) {
-   if (m-m_flags  M_PKTHDR)
-   printf ( HDR %d:, m-m_pkthdr.len);
-   if (m-m_flags  M_EXT)
-   printf ( EXT:);
-   printf ( %d, m-m_len);
-   }
-   printf (\n);
-}
-
-/*
  * Make an mbuf from data.
  */
 static struct mbuf *makembuf (void *buf, unsigned len)
@@ -1140,7 +1124,7 @@ static void ce_receive (ce_chan_t *c, un
return;
}
if (c-debug  1)
-   printmbuf (m);
+   m_print (m, 0);
 #ifdef NETGRAPH
m-m_pkthdr.rcvif = 0;
IF_ENQUEUE(d-rqueue, m);

Modified: head/sys/dev/cp/if_cp.c
==
--- head/sys/dev/cp/if_cp.c Wed Sep 10 09:47:16 2014(r271372)
+++ head/sys/dev/cp/if_cp.c Wed Sep 10 09:57:32 2014(r271373)
@@ -182,22 +182,6 @@ static struct cdevsw cp_cdevsw = {
 };
 
 /*
- * Print the mbuf chain, for debug purposes only.
- */
-static void printmbuf (struct mbuf *m)
-{
-   printf (mbuf:);
-   for (; m; m=m-m_next) {
-   if (m-m_flags  M_PKTHDR)
-   printf ( HDR %d:, m-m_pkthdr.len);
-   if (m-m_flags  M_EXT)
-   printf ( EXT:);
-   printf ( %d, m-m_len);
-   }
-   printf (\n);
-}
-
-/*
  * Make an mbuf from data.
  */
 static struct mbuf *makembuf (void *buf, unsigned len)
@@ -909,7 +893,7 @@ static void cp_receive (cp_chan_t *c, un
return;
}
if (c-debug  1)
-   printmbuf (m);
+   m_print (m, 0);
 #ifdef NETGRAPH
m-m_pkthdr.rcvif = 0;
NG_SEND_DATA_ONLY (error, d-hook, m);

Modified: head/sys/dev/ctau/if_ct.c
==
--- head/sys/dev/ctau/if_ct.c   Wed Sep 10 09:47:16 2014(r271372)
+++ head/sys/dev/ctau/if_ct.c   Wed Sep 10 09:57:32 2014(r271373)
@@ -185,22 +185,6 @@ static struct cdevsw ct_cdevsw = {
 };
 
 /*
- * Print the mbuf chain, for debug purposes only.
- */
-static void printmbuf (struct mbuf *m)
-{
-   printf (mbuf:);
-   for (; m; m=m-m_next) {
-   if (m-m_flags  M_PKTHDR)
-   printf ( HDR %d:, m-m_pkthdr.len);
-   if (m-m_flags  M_EXT)
-   printf ( EXT:);
-   printf ( %d, m-m_len);
-   }
-   printf (\n);
-}
-
-/*
  * Make an mbuf from data.
  */
 static struct mbuf *makembuf (void *buf, u_int len)
@@ -1127,7 +,7 @@ static void ct_receive (ct_chan_t *c, ch
return;
}
if (c-debug  1)
-   printmbuf (m);
+   m_print (m, 0);
 #ifdef NETGRAPH
m-m_pkthdr.rcvif = 0;
NG_SEND_DATA_ONLY (error, d-hook, m);

Modified: head/sys/dev/cx/if_cx.c
==
--- head/sys/dev/cx/if_cx.c Wed Sep 10 09:47:16 2014(r271372)
+++ head/sys/dev/cx/if_cx.c Wed Sep 10 09:57:32 2014(r271373)
@@ -232,22 +232,6 @@ static struct cdevsw cx_cdevsw = {
 static int MY_SOFT_INTR;
 
 /*
- * Print the mbuf chain, for debug purposes only.
- */
-static void printmbuf (struct mbuf *m)
-{
-   printf (mbuf:);
-   for (; m; m=m-m_next) {
-   if (m-m_flags  M_PKTHDR)
-   printf ( HDR %d:, m-m_pkthdr.len);
-   if (m-m_flags  M_EXT)
-   printf ( EXT:);
-   printf ( %d, m-m_len);
-   }
-   printf (\n);
-}
-

svn commit: r271174 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Fri Sep  5 16:46:28 2014
New Revision: 271174
URL: http://svnweb.freebsd.org/changeset/base/271174

Log:
  Clarify a diagnostic printf() in the mbuf code: M_EXT doesn't necessarily
  imply a cluster is attached; it could also refer to some other sort of
  external storage (e.g., an sf_buf).
  
  MFC after:3 days
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/sys/mbuf.h

Modified: head/sys/sys/mbuf.h
==
--- head/sys/sys/mbuf.h Fri Sep  5 16:40:47 2014(r271173)
+++ head/sys/sys/mbuf.h Fri Sep  5 16:46:28 2014(r271174)
@@ -672,7 +672,7 @@ m_clget(struct mbuf *m, int how)
 {
 
if (m-m_flags  M_EXT)
-   printf(%s: %p mbuf already has cluster\n, __func__, m);
+   printf(%s: %p mbuf already has external storage\n, __func__, 
m);
m-m_ext.ext_buf = (char *)NULL;
uma_zalloc_arg(zone_clust, m, how);
/*
@@ -698,7 +698,7 @@ m_cljget(struct mbuf *m, int how, int si
uma_zone_t zone;
 
if (m  m-m_flags  M_EXT)
-   printf(%s: %p mbuf already has cluster\n, __func__, m);
+   printf(%s: %p mbuf already has external storage\n, __func__, 
m);
if (m != NULL)
m-m_ext.ext_buf = NULL;
 
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r271175 - head/sys/fs/nfs

[Robert Watson]

Author: rwatson
Date: Fri Sep  5 17:05:51 2014
New Revision: 271175
URL: http://svnweb.freebsd.org/changeset/base/271175

Log:
  Garbage collect NFSMINOFF() from the NFS stack; this unused macro replicates
  mbuf-initialisation logic that is best left to centralised mbuf utility
  code rather than scattered around the kernel.
  
  MFC after:3 days
  Sponsored by: EMC / Isilon Storage Division

Modified:
  head/sys/fs/nfs/nfsm_subs.h

Modified: head/sys/fs/nfs/nfsm_subs.h
==
--- head/sys/fs/nfs/nfsm_subs.h Fri Sep  5 16:46:28 2014(r271174)
+++ head/sys/fs/nfs/nfsm_subs.h Fri Sep  5 17:05:51 2014(r271175)
@@ -47,13 +47,6 @@
  * First define what the actual subs. return
  */
 #defineM_HASCL(m)  ((m)-m_flags  M_EXT)
-#defineNFSMINOFF(m)
\
-   if (M_HASCL(m)) \
-   (m)-m_data = (m)-m_ext.ext_buf;   \
-   else if ((m)-m_flags  M_PKTHDR)   \
-   (m)-m_data = (m)-m_pktdat;\
-   else\
-   (m)-m_data = (m)-m_dat
 #defineNFSMSIZ(m)  ((M_HASCL(m))?MCLBYTES: 
\
(((m)-m_flags  M_PKTHDR)?MHLEN:MLEN))
 #defineNFSM_DATAP(m, s)(m)-m_data += (s)
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r268925 - head/usr.bin/procstat

[Robert Watson]

Author: rwatson
Date: Sun Jul 20 20:11:34 2014
New Revision: 268925
URL: http://svnweb.freebsd.org/changeset/base/268925

Log:
  In procstat -v (VM), spell out 'FL' to 'FLAG' since there are two extra
  columns available anyway.  Also left align as we tend to do for flags
  fields, although you can't see that currently as the string fully fills
  that available columns.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/usr.bin/procstat/procstat.1
  head/usr.bin/procstat/procstat_vm.c

Modified: head/usr.bin/procstat/procstat.1
==
--- head/usr.bin/procstat/procstat.1Sun Jul 20 20:05:39 2014
(r268924)
+++ head/usr.bin/procstat/procstat.1Sun Jul 20 20:11:34 2014
(r268925)
@@ -445,7 +445,7 @@ private resident pages
 reference count
 .It SHD
 shadow page count
-.It FL
+.It FLAG
 mapping flags
 .It TP
 VM object type

Modified: head/usr.bin/procstat/procstat_vm.c
==
--- head/usr.bin/procstat/procstat_vm.c Sun Jul 20 20:05:39 2014
(r268924)
+++ head/usr.bin/procstat/procstat_vm.c Sun Jul 20 20:11:34 2014
(r268925)
@@ -50,9 +50,9 @@ procstat_vm(struct procstat *procstat, s
 
ptrwidth = 2*sizeof(void *) + 2;
if (!hflag)
-   printf(%5s %*s %*s %3s %4s %4s %3s %3s %4s %-2s %-s\n,
+   printf(%5s %*s %*s %3s %4s %4s %3s %3s %-4s %-2s %-s\n,
PID, ptrwidth, START, ptrwidth, END, PRT, RES,
-   PRES, REF, SHD, FL, TP, PATH);
+   PRES, REF, SHD, FLAG, TP, PATH);
 
freep = procstat_getvmmap(procstat, kipp, cnt);
if (freep == NULL)
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r268879 - head/usr.bin/procstat

[Robert Watson]

Author: rwatson
Date: Sat Jul 19 15:09:53 2014
New Revision: 268879
URL: http://svnweb.freebsd.org/changeset/base/268879

Log:
  Better align headers and data for 'procstat -f' with and without '-C'.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/usr.bin/procstat/procstat_files.c

Modified: head/usr.bin/procstat/procstat_files.c
==
--- head/usr.bin/procstat/procstat_files.c  Sat Jul 19 14:34:06 2014
(r268878)
+++ head/usr.bin/procstat/procstat_files.c  Sat Jul 19 15:09:53 2014
(r268879)
@@ -317,12 +317,12 @@ procstat_files(struct procstat *procstat
 
if (!hflag) {
if (Cflag)
-   printf(%5s %-16s %4s %1s %-9s %-*s 
+   printf(%5s %-16s %5s %1s %-8s %-*s 
%-3s %-12s\n, PID, COMM, FD, T,
FLAGS, capwidth, CAPABILITIES, PRO,
NAME);
else
-   printf(%5s %-16s %4s %1s %1s %-9s 
+   printf(%5s %-16s %5s %1s %1s %-8s 
%3s %7s %-3s %-12s\n, PID, COMM, FD, T,
V, FLAGS, REF, OFFSET, PRO, NAME);
}
@@ -450,6 +450,7 @@ procstat_files(struct procstat *procstat
printf(%s, fst-fs_fflags  PS_FST_FFLAG_NONBLOCK ? n : 
-);
printf(%s, fst-fs_fflags  PS_FST_FFLAG_DIRECT ? d : -);
printf(%s, fst-fs_fflags  PS_FST_FFLAG_HASLOCK ? l : -);
+   printf( );
if (!Cflag) {
if (fst-fs_ref_count  -1)
printf(%3d , fst-fs_ref_count);
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r265432 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Tue May  6 10:53:51 2014
New Revision: 265432
URL: http://svnweb.freebsd.org/changeset/base/265432

Log:
  Spell raccdt in a more conventional way in a comment.
  
  MFC after:3 days

Modified:
  head/sys/sys/kernel.h

Modified: head/sys/sys/kernel.h
==
--- head/sys/sys/kernel.h   Tue May  6 09:55:49 2014(r265431)
+++ head/sys/sys/kernel.h   Tue May  6 10:53:51 2014(r265432)
@@ -166,7 +166,7 @@ enum sysinit_sub_id {
SI_SUB_KTHREAD_UPDATE   = 0xec0,/* update daemon*/
SI_SUB_KTHREAD_IDLE = 0xee0,/* idle procs*/
SI_SUB_SMP  = 0xf00,/* start the APs*/
-   SI_SUB_RACCTD   = 0xf10,/* start raccd*/
+   SI_SUB_RACCTD   = 0xf10,/* start racctd*/
SI_SUB_LAST = 0xfff /* final initialization */
 };
 
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r265396 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Mon May  5 21:46:10 2014
New Revision: 265396
URL: http://svnweb.freebsd.org/changeset/base/265396

Log:
  Garbage collect two more unused sysinit subsystems: SI_SUB_KVM_RSRC and
  SI_SUB_CLISTS.
  
  MFC after:3 days

Modified:
  head/sys/sys/kernel.h

Modified: head/sys/sys/kernel.h
==
--- head/sys/sys/kernel.h   Mon May  5 21:44:53 2014(r265395)
+++ head/sys/sys/kernel.h   Mon May  5 21:46:10 2014(r265396)
@@ -94,7 +94,6 @@ enum sysinit_sub_id {
SI_SUB_MTX_POOL_STATIC  = 0x090,/* static mutex pool */
SI_SUB_VM   = 0x100,/* virtual memory system init*/
SI_SUB_KMEM = 0x180,/* kernel memory*/
-   SI_SUB_KVM_RSRC = 0x1A0,/* kvm operational limits*/
SI_SUB_HYPERVISOR   = 0x1A4,/*
 * Hypervisor detection and
 * virtualization support 
@@ -138,7 +137,6 @@ enum sysinit_sub_id {
SI_SUB_CONFIGURE= 0x380,/* Configure devices */
SI_SUB_VFS  = 0x400,/* virtual filesystem*/
SI_SUB_CLOCKS   = 0x480,/* real time and stat clocks*/
-   SI_SUB_CLIST= 0x580,/* clists*/
SI_SUB_SYSV_SHM = 0x640,/* System V shared memory*/
SI_SUB_SYSV_SEM = 0x680,/* System V semaphores*/
SI_SUB_SYSV_MSG = 0x6C0,/* System V message queues*/
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r265216 - in head/sys: kern sys

[Robert Watson]

Author: rwatson
Date: Fri May  2 07:57:40 2014
New Revision: 265216
URL: http://svnweb.freebsd.org/changeset/base/265216

Log:
  Garbage collect mtxpool_lockbuilder, the mutex pool historically used
  for lockmgr and sx interlocks, but unused since optimised versions of
  those sleep locks were introduced.  This will save a (quite) small
  amount of memory in all kernel configurations.  The sleep mutex pool is
  retained as it is used for 'struct bio' and several other consumers.
  
  Discussed with:   jhb
  MFC after:3 days

Modified:
  head/sys/kern/kern_mtxpool.c
  head/sys/sys/kernel.h
  head/sys/sys/mutex.h

Modified: head/sys/kern/kern_mtxpool.c
==
--- head/sys/kern/kern_mtxpool.cFri May  2 07:14:22 2014
(r265215)
+++ head/sys/kern/kern_mtxpool.cFri May  2 07:57:40 2014
(r265216)
@@ -59,9 +59,6 @@ __FBSDID($FreeBSD$);
 static MALLOC_DEFINE(M_MTXPOOL, mtx_pool, mutex pool);
 
 /* Pool sizes must be a power of two */
-#ifndef MTX_POOL_LOCKBUILDER_SIZE
-#define MTX_POOL_LOCKBUILDER_SIZE  128
-#endif
 #ifndef MTX_POOL_SLEEP_SIZE
 #define MTX_POOL_SLEEP_SIZE128
 #endif
@@ -78,18 +75,12 @@ struct mtx_pool {
struct mtx  mtx_pool_ary[1];
 };
 
-static struct mtx_pool_lockbuilder {
-   struct mtxpool_header mtx_pool_header;
-   struct mtx  mtx_pool_ary[MTX_POOL_LOCKBUILDER_SIZE];
-} lockbuilder_pool;
-
 #define mtx_pool_size  mtx_pool_header.mtxpool_size
 #define mtx_pool_mask  mtx_pool_header.mtxpool_mask
 #define mtx_pool_shift mtx_pool_header.mtxpool_shift
 #define mtx_pool_next  mtx_pool_header.mtxpool_next
 
 struct mtx_pool *mtxpool_sleep;
-struct mtx_pool *mtxpool_lockbuilder;
 
 #if UINTPTR_MAX == UINT64_MAX  /* 64 bits */
 # define POINTER_BITS  64
@@ -166,15 +157,6 @@ mtx_pool_destroy(struct mtx_pool **poolp
 }
 
 static void
-mtx_pool_setup_static(void *dummy __unused)
-{
-   mtx_pool_initialize((struct mtx_pool *)lockbuilder_pool,
-   lockbuilder mtxpool, MTX_POOL_LOCKBUILDER_SIZE,
-   MTX_DEF | MTX_NOWITNESS | MTX_QUIET);
-   mtxpool_lockbuilder = (struct mtx_pool *)lockbuilder_pool;
-}
-
-static void
 mtx_pool_setup_dynamic(void *dummy __unused)
 {
mtxpool_sleep = mtx_pool_create(sleep mtxpool,
@@ -202,17 +184,5 @@ mtx_pool_alloc(struct mtx_pool *pool)
return (pool-mtx_pool_ary[i]);
 }
 
-/*
- * The lockbuilder pool must be initialized early because the lockmgr
- * and sx locks depend on it.  The sx locks are used in the kernel
- * memory allocator.  The lockmgr subsystem is initialized by
- * SYSINIT(..., SI_SUB_LOCKMGR, ...).
- *
- * We can't call malloc() to dynamically allocate the sleep pool
- * until after kmeminit() has been called, which is done by
- * SYSINIT(..., SI_SUB_KMEM, ...).
- */
-SYSINIT(mtxpooli1, SI_SUB_MTX_POOL_STATIC, SI_ORDER_FIRST,
-mtx_pool_setup_static, NULL);
 SYSINIT(mtxpooli2, SI_SUB_MTX_POOL_DYNAMIC, SI_ORDER_FIRST,
 mtx_pool_setup_dynamic, NULL);

Modified: head/sys/sys/kernel.h
==
--- head/sys/sys/kernel.h   Fri May  2 07:14:22 2014(r265215)
+++ head/sys/sys/kernel.h   Fri May  2 07:57:40 2014(r265216)
@@ -92,7 +92,6 @@ enum sysinit_sub_id {
SI_SUB_COPYRIGHT= 0x081,/* first use of console*/
SI_SUB_SETTINGS = 0x088,/* check and recheck settings */
SI_SUB_MTX_POOL_STATIC  = 0x090,/* static mutex pool */
-   SI_SUB_LOCKMGR  = 0x098,/* lockmgr locks */
SI_SUB_VM   = 0x100,/* virtual memory system init*/
SI_SUB_KMEM = 0x180,/* kernel memory*/
SI_SUB_KVM_RSRC = 0x1A0,/* kvm operational limits*/

Modified: head/sys/sys/mutex.h
==
--- head/sys/sys/mutex.hFri May  2 07:14:22 2014(r265215)
+++ head/sys/sys/mutex.hFri May  2 07:57:40 2014(r265216)
@@ -323,12 +323,8 @@ struct mtx *mtx_pool_alloc(struct mtx_po
mtx_unlock_spin(mtx_pool_find((pool), (ptr)))
 
 /*
- * mtxpool_lockbuilder is a pool of sleep locks that is not witness
- * checked and should only be used for building higher level locks.
- *
  * mtxpool_sleep is a general purpose pool of sleep mutexes.
  */
-extern struct mtx_pool *mtxpool_lockbuilder;
 extern struct mtx_pool *mtxpool_sleep;
 
 #ifndef LOCK_DEBUG
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r264625 - head/sys/mips/mips

[Robert Watson]

Author: rwatson
Date: Thu Apr 17 20:42:03 2014
New Revision: 264625
URL: http://svnweb.freebsd.org/changeset/base/264625

Log:
  Fix typo and case inconsistency in MIPS CP0 register names.
  
  MFC after:3 days

Modified:
  head/sys/mips/mips/pm_machdep.c

Modified: head/sys/mips/mips/pm_machdep.c
==
--- head/sys/mips/mips/pm_machdep.c Thu Apr 17 20:09:41 2014
(r264624)
+++ head/sys/mips/mips/pm_machdep.c Thu Apr 17 20:42:03 2014
(r264625)
@@ -413,7 +413,7 @@ set_mcontext(struct thread *td, const mc
td-td_frame-mullo = mcp-mullo;
td-td_frame-mulhi = mcp-mulhi;
td-td_md.md_tls = mcp-mc_tls;
-   /* Dont let user to set any bits in Status and casue registers */
+   /* Dont let user to set any bits in status and cause registers. */
 
return (0);
 }
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r263842 - in head/lib/libc: capability gen sys

[Robert Watson]

Author: rwatson
Date: Thu Mar 27 21:43:00 2014
New Revision: 263842
URL: http://svnweb.freebsd.org/changeset/base/263842

Log:
  Update system man pages for s/capability.h/capsicum.h/.
  
  MFC after:3 weeks

Modified:
  head/lib/libc/capability/cap_rights_init.3
  head/lib/libc/gen/cap_rights_get.3
  head/lib/libc/gen/cap_sandboxed.3
  head/lib/libc/sys/cap_enter.2
  head/lib/libc/sys/cap_fcntls_limit.2
  head/lib/libc/sys/cap_ioctls_limit.2
  head/lib/libc/sys/cap_rights_limit.2

Modified: head/lib/libc/capability/cap_rights_init.3
==
--- head/lib/libc/capability/cap_rights_init.3  Thu Mar 27 21:32:02 2014
(r263841)
+++ head/lib/libc/capability/cap_rights_init.3  Thu Mar 27 21:43:00 2014
(r263842)
@@ -28,7 +28,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd September 23, 2013
+.Dd March 27, 2014
 .Dt CAP_RIGHTS_INIT 3
 .Os
 .Sh NAME
@@ -44,7 +44,7 @@
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
-.In sys/capability.h
+.In sys/capsicum.h
 .Ft cap_rights_t *
 .Fn cap_rights_init cap_rights_t *rights ...
 .Ft cap_rights_t *

Modified: head/lib/libc/gen/cap_rights_get.3
==
--- head/lib/libc/gen/cap_rights_get.3  Thu Mar 27 21:32:02 2014
(r263841)
+++ head/lib/libc/gen/cap_rights_get.3  Thu Mar 27 21:43:00 2014
(r263842)
@@ -28,7 +28,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd September 23, 2013
+.Dd March 27, 2014
 .Dt CAP_RIGHTS_GET 3
 .Os
 .Sh NAME
@@ -37,7 +37,7 @@
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
-.In sys/capability.h
+.In sys/capsicum.h
 .Ft int
 .Fn cap_rights_get int fd cap_rights_t *rights
 .Sh DESCRIPTION

Modified: head/lib/libc/gen/cap_sandboxed.3
==
--- head/lib/libc/gen/cap_sandboxed.3   Thu Mar 27 21:32:02 2014
(r263841)
+++ head/lib/libc/gen/cap_sandboxed.3   Thu Mar 27 21:43:00 2014
(r263842)
@@ -1,3 +1,4 @@
+.\
 .\ Copyright (c) 2012 The FreeBSD Foundation
 .\ All rights reserved.
 .\
@@ -27,7 +28,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd September 18, 2012
+.Dd March 27, 2014
 .Dt CAP_SANDBOXED 3
 .Os
 .Sh NAME
@@ -36,7 +37,7 @@
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
-.In sys/capability.h
+.In sys/capsicum.h
 .In stdbool.h
 .Ft bool
 .Fn cap_sandboxed void

Modified: head/lib/libc/sys/cap_enter.2
==
--- head/lib/libc/sys/cap_enter.2   Thu Mar 27 21:32:02 2014
(r263841)
+++ head/lib/libc/sys/cap_enter.2   Thu Mar 27 21:43:00 2014
(r263842)
@@ -28,7 +28,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd February 25, 2012
+.Dd March 27, 2014
 .Dt CAP_ENTER 2
 .Os
 .Sh NAME
@@ -38,7 +38,7 @@
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
-.In sys/capability.h
+.In sys/capsicum.h
 .Ft int
 .Fn cap_enter void
 .Ft int

Modified: head/lib/libc/sys/cap_fcntls_limit.2
==
--- head/lib/libc/sys/cap_fcntls_limit.2Thu Mar 27 21:32:02 2014
(r263841)
+++ head/lib/libc/sys/cap_fcntls_limit.2Thu Mar 27 21:43:00 2014
(r263842)
@@ -28,7 +28,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd September 20, 2012
+.Dd March 27, 2014
 .Dt CAP_FCNTLS_LIMIT 2
 .Os
 .Sh NAME
@@ -38,7 +38,7 @@
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
-.In sys/capability.h
+.In sys/capsicum.h
 .Ft int
 .Fn cap_fcntls_limit int fd uint32_t fcntlrights
 .Ft int

Modified: head/lib/libc/sys/cap_ioctls_limit.2
==
--- head/lib/libc/sys/cap_ioctls_limit.2Thu Mar 27 21:32:02 2014
(r263841)
+++ head/lib/libc/sys/cap_ioctls_limit.2Thu Mar 27 21:43:00 2014
(r263842)
@@ -28,7 +28,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd September 20, 2012
+.Dd March 27, 2014
 .Dt CAP_IOCTLS_LIMIT 2
 .Os
 .Sh NAME
@@ -38,7 +38,7 @@
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
-.In sys/capability.h
+.In sys/capsicum.h
 .Ft int
 .Fn cap_ioctls_limit int fd const unsigned long *cmds size_t ncmds
 .Ft ssize_t

Modified: head/lib/libc/sys/cap_rights_limit.2
==
--- head/lib/libc/sys/cap_rights_limit.2Thu Mar 27 21:32:02 2014
(r263841)
+++ head/lib/libc/sys/cap_rights_limit.2Thu Mar 27 21:43:00 2014
(r263842)
@@ -32,7 +32,7 @@
 .\
 .\ $FreeBSD$
 .\
-.Dd February 23, 2013
+.Dd March 27, 2014
 .Dt CAP_RIGHTS_LIMIT 2
 .Os
 .Sh NAME
@@ -41,7 +41,7 @@
 .Sh LIBRARY
 .Lb libc
 .Sh SYNOPSIS
-.In sys/capability.h
+.In sys/capsicum.h
 .Ft int
 .Fn cap_rights_limit int fd const cap_rights_t *rights
 .Sh DESCRIPTION
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r263266 - head/usr.sbin/jail

[Robert Watson]

Author: rwatson
Date: Mon Mar 17 14:19:42 2014
New Revision: 263266
URL: http://svnweb.freebsd.org/changeset/base/263266

Log:
  Line-wrapping tweak: make the sample jail command line fit in 80 characters.
  
  MFC after:3 days

Modified:
  head/usr.sbin/jail/jail.8

Modified: head/usr.sbin/jail/jail.8
==
--- head/usr.sbin/jail/jail.8   Mon Mar 17 13:54:53 2014(r263265)
+++ head/usr.sbin/jail/jail.8   Mon Mar 17 14:19:42 2014(r263266)
@@ -898,8 +898,9 @@ or for running a virtual server.
 .Pp
 Start a shell in the jail:
 .Bd -literal -offset indent
-jail -c path=/data/jail/testjail mount.devfs host.hostname=testhostname \\
-   ip4.addr=192.0.2.100 command=/bin/sh
+jail -c path=/data/jail/testjail mount.devfs \\
+   host.hostname=testhostname ip4.addr=192.0.2.100 \\
+   command=/bin/sh
 .Ed
 .Pp
 Assuming no errors, you will end up with a shell prompt within the jail.
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r263215 - head/sys/crypto/sha2

[Robert Watson]

On Sun, 16 Mar 2014, John-Mark Gurney wrote:


Log:
 copy these files from lib/libmd in preperation for moving these files
 into the kernel...


I was sure that there was a sha256 implementation in the kernel already, and 
indeed there is -- in the ZFS code.  Having it in the crypto tree makes (much) 
more sense (and I remain surprised it wasn't there already).  I wonder if this 
means we can GC at least the copy in the zfs tree (if not the boot copy as 
well).


Robert




Added:
 head/sys/crypto/sha2/sha256.h
- copied unchanged from r263213, head/lib/libmd/sha256.h
 head/sys/crypto/sha2/sha256c.c
- copied unchanged from r263213, head/lib/libmd/sha256c.c

Copied: head/sys/crypto/sha2/sha256.h (from r263213, head/lib/libmd/sha256.h)
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/sys/crypto/sha2/sha256.h   Sun Mar 16 00:57:26 2014
(r263215, copy of r263213, head/lib/libmd/sha256.h)
@@ -0,0 +1,50 @@
+/*-
+ * Copyright 2005 Colin Percival
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _SHA256_H_
+#define _SHA256_H_
+
+#include sys/types.h
+
+typedef struct SHA256Context {
+   uint32_t state[8];
+   uint64_t count;
+   unsigned char buf[64];
+} SHA256_CTX;
+
+__BEGIN_DECLS
+void   SHA256_Init(SHA256_CTX *);
+void   SHA256_Update(SHA256_CTX *, const void *, size_t);
+void   SHA256_Final(unsigned char [32], SHA256_CTX *);
+char   *SHA256_End(SHA256_CTX *, char *);
+char   *SHA256_File(const char *, char *);
+char   *SHA256_FileChunk(const char *, char *, off_t, off_t);
+char   *SHA256_Data(const void *, unsigned int, char *);
+__END_DECLS
+
+#endif /* !_SHA256_H_ */

Copied: head/sys/crypto/sha2/sha256c.c (from r263213, head/lib/libmd/sha256c.c)
==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/sys/crypto/sha2/sha256c.c  Sun Mar 16 00:57:26 2014
(r263215, copy of r263213, head/lib/libmd/sha256c.c)
@@ -0,0 +1,297 @@
+/*-
+ * Copyright 2005 Colin Percival
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include sys/cdefs.h
+__FBSDID($FreeBSD$);
+
+#include sys/endian.h
+#include sys/types.h
+
+#include string.h
+
+#include sha256.h
+
+#if BYTE_ORDER == BIG_ENDIAN
+
+/* Copy a vector of 

Re: svn commit: r263215 - head/sys/crypto/sha2

[Robert Watson]

On Sun, 16 Mar 2014, Robert Watson wrote:


 copy these files from lib/libmd in preperation for moving these files
 into the kernel...


I was sure that there was a sha256 implementation in the kernel already, and 
indeed there is -- in the ZFS code.  Having it in the crypto tree makes 
(much) more sense (and I remain surprised it wasn't there already).  I 
wonder if this means we can GC at least the copy in the zfs tree (if not the 
boot copy as well).


Reading the follow-up commit I now understand better.  I do wonder if we can 
drop the ZFS copy, however -- in general, we seem to prefer FreeBSD versions 
of things (e.g., the ACL code) when they are available.


Robert




Robert




Added:
 head/sys/crypto/sha2/sha256.h
- copied unchanged from r263213, head/lib/libmd/sha256.h
 head/sys/crypto/sha2/sha256c.c
- copied unchanged from r263213, head/lib/libmd/sha256c.c

Copied: head/sys/crypto/sha2/sha256.h (from r263213, 
head/lib/libmd/sha256.h)

==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/sys/crypto/sha2/sha256.h	Sun Mar 16 00:57:26 2014 
(r263215, copy of r263213, head/lib/libmd/sha256.h)

@@ -0,0 +1,50 @@
+/*-
+ * Copyright 2005 Colin Percival
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
PURPOSE

+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
CONSEQUENTIAL

+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY 
WAY

+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _SHA256_H_
+#define _SHA256_H_
+
+#include sys/types.h
+
+typedef struct SHA256Context {
+   uint32_t state[8];
+   uint64_t count;
+   unsigned char buf[64];
+} SHA256_CTX;
+
+__BEGIN_DECLS
+void   SHA256_Init(SHA256_CTX *);
+void   SHA256_Update(SHA256_CTX *, const void *, size_t);
+void   SHA256_Final(unsigned char [32], SHA256_CTX *);
+char   *SHA256_End(SHA256_CTX *, char *);
+char   *SHA256_File(const char *, char *);
+char   *SHA256_FileChunk(const char *, char *, off_t, off_t);
+char   *SHA256_Data(const void *, unsigned int, char *);
+__END_DECLS
+
+#endif /* !_SHA256_H_ */

Copied: head/sys/crypto/sha2/sha256c.c (from r263213, 
head/lib/libmd/sha256c.c)

==
--- /dev/null   00:00:00 1970   (empty, because file is newly added)
+++ head/sys/crypto/sha2/sha256c.c	Sun Mar 16 00:57:26 2014 
(r263215, copy of r263213, head/lib/libmd/sha256c.c)

@@ -0,0 +1,297 @@
+/*-
+ * Copyright 2005 Colin Percival
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *notice, this list of conditions and the following disclaimer in the
+ *documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
PURPOSE

+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 
CONSEQUENTIAL

+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 
STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY 
WAY

+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY

svn commit: r263232 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Sun Mar 16 10:49:16 2014
New Revision: 263232
URL: http://svnweb.freebsd.org/changeset/base/263232

Log:
  Rename capability.h to capsicum.h: the original name conflicts with the
  draft POSIX.1e capability.h used on some systems (e.g., Linux).  On
  FreeBSD, leave a wrapper header so that current code continues to compile.
  
  We will eventually want to deprecate the old header as the presence of a
  capability.h may be confusing some configure scripts.
  
  Suggested by: David Drysdale drysdale at google.com
  Discussed on: cl-capsicum-discuss
  MFC after:3 weeks

Added:
  head/sys/sys/capsicum.h
 - copied, changed from r263197, head/sys/sys/capability.h
Modified:
  head/sys/sys/capability.h

Modified: head/sys/sys/capability.h
==
--- head/sys/sys/capability.h   Sun Mar 16 09:40:05 2014(r263231)
+++ head/sys/sys/capability.h   Sun Mar 16 10:49:16 2014(r263232)
@@ -1,14 +1,10 @@
 /*-
- * Copyright (c) 2008-2010 Robert N. M. Watson
- * Copyright (c) 2012 FreeBSD Foundation
+ * Copyright (c) 2014 Robert N. M. Watson
  * All rights reserved.
  *
  * This software was developed at the University of Cambridge Computer
  * Laboratory with support from a grant from Google, Inc.
  *
- * Portions of this software were developed by Pawel Jakub Dawidek under
- * sponsorship from the FreeBSD Foundation.
- *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -34,391 +30,14 @@
  */
 
 /*
- * Definitions for FreeBSD capabilities facility.
+ * Historically, the key userspace and kernel Capsicum definitions were found
+ * in this file.  However, it conflicted with POSIX.1e's capability.h, so has
+ * been renamed capability.h.  The file remains for backwards compatibility
+ * reasons as a nested include.
  */
 #ifndef _SYS_CAPABILITY_H_
 #define_SYS_CAPABILITY_H_
 
-#include sys/cdefs.h
-#include sys/param.h
-
-#include sys/caprights.h
-#include sys/file.h
-#include sys/fcntl.h
-
-#ifndef _KERNEL
-#include stdbool.h
-#endif
-
-#defineCAPRIGHT(idx, bit)  ((1ULL  (57 + (idx))) | (bit))
-
-/*
- * Possible rights on capabilities.
- *
- * Notes:
- * Some system calls don't require a capability in order to perform an
- * operation on an fd.  These include: close, dup, dup2.
- *
- * sendfile is authorized using CAP_READ on the file and CAP_WRITE on the
- * socket.
- *
- * mmap() and aio*() system calls will need special attention as they may
- * involve reads or writes depending a great deal on context.
- */
-
-/* INDEX 0 */
-
-/*
- * General file I/O.
- */
-/* Allows for openat(O_RDONLY), read(2), readv(2). */
-#defineCAP_READCAPRIGHT(0, 0x0001ULL)
-/* Allows for openat(O_WRONLY | O_APPEND), write(2), writev(2). */
-#defineCAP_WRITE   CAPRIGHT(0, 0x0002ULL)
-/* Allows for lseek(fd, 0, SEEK_CUR). */
-#defineCAP_SEEK_TELL   CAPRIGHT(0, 0x0004ULL)
-/* Allows for lseek(2). */
-#defineCAP_SEEK(CAP_SEEK_TELL | 0x0008ULL)
-/* Allows for aio_read(2), pread(2), preadv(2). */
-#defineCAP_PREAD   (CAP_SEEK | CAP_READ)
-/*
- * Allows for aio_write(2), openat(O_WRONLY) (without O_APPEND), pwrite(2),
- * pwritev(2).
- */
-#defineCAP_PWRITE  (CAP_SEEK | CAP_WRITE)
-/* Allows for mmap(PROT_NONE). */
-#defineCAP_MMAPCAPRIGHT(0, 0x0010ULL)
-/* Allows for mmap(PROT_READ). */
-#defineCAP_MMAP_R  (CAP_MMAP | CAP_SEEK | CAP_READ)
-/* Allows for mmap(PROT_WRITE). */
-#defineCAP_MMAP_W  (CAP_MMAP | CAP_SEEK | CAP_WRITE)
-/* Allows for mmap(PROT_EXEC). */
-#defineCAP_MMAP_X  (CAP_MMAP | CAP_SEEK | 
0x0020ULL)
-/* Allows for mmap(PROT_READ | PROT_WRITE). */
-#defineCAP_MMAP_RW (CAP_MMAP_R | CAP_MMAP_W)
-/* Allows for mmap(PROT_READ | PROT_EXEC). */
-#defineCAP_MMAP_RX (CAP_MMAP_R | CAP_MMAP_X)
-/* Allows for mmap(PROT_WRITE | PROT_EXEC). */
-#defineCAP_MMAP_WX (CAP_MMAP_W | CAP_MMAP_X)
-/* Allows for mmap(PROT_READ | PROT_WRITE | PROT_EXEC). */
-#defineCAP_MMAP_RWX(CAP_MMAP_R | CAP_MMAP_W | CAP_MMAP_X)
-/* Allows for openat(O_CREAT). */
-#defineCAP_CREATE  CAPRIGHT(0, 0x0040ULL)
-/* Allows for openat(O_EXEC) and fexecve(2) in turn. */
-#defineCAP_FEXECVE CAPRIGHT(0, 0x0080ULL)
-/* Allows for openat(O_SYNC), openat(O_FSYNC), fsync(2), aio_fsync(2). */
-#defineCAP_FSYNC   CAPRIGHT(0, 0x0100ULL)
-/* Allows for openat(O_TRUNC), ftruncate(2). */
-#defineCAP_FTRUNCATE   CAPRIGHT(0, 0x0200ULL)
-
-/* Lookups - used to constrain *at() calls. 

svn commit: r263233 - in head/sys: amd64/amd64 amd64/linux32 arm/arm cam/ctl cddl/compat/opensolaris/sys compat/freebsd32 compat/linux compat/svr4 dev/aac dev/aacraid dev/amr dev/filemon dev/hwpmc ...

[Robert Watson]

Author: rwatson
Date: Sun Mar 16 10:55:57 2014
New Revision: 263233
URL: http://svnweb.freebsd.org/changeset/base/263233

Log:
  Update kernel inclusions of capability.h to use capsicum.h instead; some
  further refinement is required as some device drivers intended to be
  portable over FreeBSD versions rely on __FreeBSD_version to decide whether
  to include capability.h.
  
  MFC after:3 weeks

Modified:
  head/sys/amd64/amd64/sys_machdep.c
  head/sys/amd64/linux32/linux32_machdep.c
  head/sys/arm/arm/sys_machdep.c
  head/sys/cam/ctl/ctl_frontend_iscsi.c
  head/sys/cddl/compat/opensolaris/sys/file.h
  head/sys/compat/freebsd32/freebsd32_capability.c
  head/sys/compat/freebsd32/freebsd32_ioctl.c
  head/sys/compat/freebsd32/freebsd32_misc.c
  head/sys/compat/linux/linux_file.c
  head/sys/compat/linux/linux_ioctl.c
  head/sys/compat/linux/linux_socket.c
  head/sys/compat/svr4/svr4_fcntl.c
  head/sys/compat/svr4/svr4_filio.c
  head/sys/compat/svr4/svr4_ioctl.c
  head/sys/compat/svr4/svr4_misc.c
  head/sys/compat/svr4/svr4_stream.c
  head/sys/dev/aac/aac_linux.c
  head/sys/dev/aacraid/aacraid_linux.c
  head/sys/dev/amr/amr_linux.c
  head/sys/dev/filemon/filemon.c
  head/sys/dev/hwpmc/hwpmc_logging.c
  head/sys/dev/ipmi/ipmi_linux.c
  head/sys/dev/iscsi/icl.c
  head/sys/dev/iscsi/icl_proxy.c
  head/sys/dev/iscsi_initiator/iscsi.c
  head/sys/dev/mfi/mfi_linux.c
  head/sys/dev/tdfx/tdfx_linux.c
  head/sys/fs/fdescfs/fdesc_vnops.c
  head/sys/fs/fuse/fuse_vfsops.c
  head/sys/fs/nfsclient/nfs_clport.c
  head/sys/fs/nfsserver/nfs_nfsdport.c
  head/sys/i386/i386/sys_machdep.c
  head/sys/i386/ibcs2/ibcs2_fcntl.c
  head/sys/i386/ibcs2/ibcs2_ioctl.c
  head/sys/i386/ibcs2/ibcs2_misc.c
  head/sys/i386/linux/linux_machdep.c
  head/sys/kern/imgact_elf.c
  head/sys/kern/kern_descrip.c
  head/sys/kern/kern_event.c
  head/sys/kern/kern_exec.c
  head/sys/kern/kern_exit.c
  head/sys/kern/kern_ktrace.c
  head/sys/kern/kern_sig.c
  head/sys/kern/kern_sysctl.c
  head/sys/kern/subr_capability.c
  head/sys/kern/subr_syscall.c
  head/sys/kern/subr_trap.c
  head/sys/kern/sys_capability.c
  head/sys/kern/sys_generic.c
  head/sys/kern/sys_procdesc.c
  head/sys/kern/tty.c
  head/sys/kern/uipc_mqueue.c
  head/sys/kern/uipc_sem.c
  head/sys/kern/uipc_shm.c
  head/sys/kern/uipc_syscalls.c
  head/sys/kern/uipc_usrreq.c
  head/sys/kern/vfs_acl.c
  head/sys/kern/vfs_aio.c
  head/sys/kern/vfs_extattr.c
  head/sys/kern/vfs_lookup.c
  head/sys/kern/vfs_syscalls.c
  head/sys/netsmb/smb_dev.c
  head/sys/nfsserver/nfs_srvkrpc.c
  head/sys/security/mac/mac_syscalls.c
  head/sys/sparc64/sparc64/sys_machdep.c
  head/sys/ufs/ffs/ffs_alloc.c
  head/sys/vm/vm_mmap.c

Modified: head/sys/amd64/amd64/sys_machdep.c
==
--- head/sys/amd64/amd64/sys_machdep.c  Sun Mar 16 10:49:16 2014
(r263232)
+++ head/sys/amd64/amd64/sys_machdep.c  Sun Mar 16 10:55:57 2014
(r263233)
@@ -37,7 +37,7 @@ __FBSDID($FreeBSD$);
 
 #include sys/param.h
 #include sys/systm.h
-#include sys/capability.h
+#include sys/capsicum.h
 #include sys/kernel.h
 #include sys/lock.h
 #include sys/malloc.h

Modified: head/sys/amd64/linux32/linux32_machdep.c
==
--- head/sys/amd64/linux32/linux32_machdep.cSun Mar 16 10:49:16 2014
(r263232)
+++ head/sys/amd64/linux32/linux32_machdep.cSun Mar 16 10:55:57 2014
(r263233)
@@ -34,7 +34,7 @@ __FBSDID($FreeBSD$);
 #include sys/param.h
 #include sys/kernel.h
 #include sys/systm.h
-#include sys/capability.h
+#include sys/capsicum.h
 #include sys/file.h
 #include sys/fcntl.h
 #include sys/clock.h

Modified: head/sys/arm/arm/sys_machdep.c
==
--- head/sys/arm/arm/sys_machdep.c  Sun Mar 16 10:49:16 2014
(r263232)
+++ head/sys/arm/arm/sys_machdep.c  Sun Mar 16 10:55:57 2014
(r263233)
@@ -36,7 +36,7 @@ __FBSDID($FreeBSD$);
 
 #include sys/param.h
 #include sys/systm.h
-#include sys/capability.h
+#include sys/capsicum.h
 #include sys/proc.h
 #include sys/sysproto.h
 #include sys/syscall.h

Modified: head/sys/cam/ctl/ctl_frontend_iscsi.c
==
--- head/sys/cam/ctl/ctl_frontend_iscsi.c   Sun Mar 16 10:49:16 2014
(r263232)
+++ head/sys/cam/ctl/ctl_frontend_iscsi.c   Sun Mar 16 10:55:57 2014
(r263233)
@@ -37,7 +37,7 @@
 __FBSDID($FreeBSD$);
 
 #include sys/param.h
-#include sys/capability.h
+#include sys/capsicum.h
 #include sys/condvar.h
 #include sys/file.h
 #include sys/kernel.h

Modified: head/sys/cddl/compat/opensolaris/sys/file.h
==
--- head/sys/cddl/compat/opensolaris/sys/file.h Sun Mar 16 10:49:16 2014
(r263232)
+++ head/sys/cddl/compat/opensolaris/sys/file.h Sun Mar 16 10:55:57 2014

svn commit: r263234 - in head: contrib/tcpdump crypto/openssh lib/libc/gen lib/libcasper lib/libprocstat sbin/casperd sbin/dhclient sbin/hastd sbin/ping tools/regression/capsicum/libcapsicum tools/...

[Robert Watson]

Author: rwatson
Date: Sun Mar 16 11:04:44 2014
New Revision: 263234
URL: http://svnweb.freebsd.org/changeset/base/263234

Log:
  Update most userspace consumers of capability.h to use capsicum.h instead.
  
  auditdistd is not updated as I will make the change upstream and then do a
  vendor import sometime in the next week or two.
  
  MFC after:3 weeks

Modified:
  head/contrib/tcpdump/tcpdump.c
  head/crypto/openssh/sandbox-capsicum.c
  head/lib/libc/gen/cap_sandboxed.c
  head/lib/libcasper/libcasper.c
  head/lib/libprocstat/libprocstat.c
  head/sbin/casperd/casperd.c
  head/sbin/casperd/zygote.c
  head/sbin/dhclient/bpf.c
  head/sbin/dhclient/dhclient.c
  head/sbin/hastd/subr.c
  head/sbin/ping/ping.c
  head/tools/regression/capsicum/libcapsicum/dns.c
  head/tools/regression/capsicum/libcapsicum/grp.c
  head/tools/regression/capsicum/libcapsicum/pwd.c
  head/tools/regression/capsicum/libcapsicum/sysctl.c
  head/tools/regression/capsicum/syscalls/cap_fcntls_limit.c
  head/tools/regression/capsicum/syscalls/cap_getmode.c
  head/tools/regression/capsicum/syscalls/cap_ioctls_limit.c
  head/tools/regression/security/cap_test/cap_test_capabilities.c
  head/tools/regression/security/cap_test/cap_test_capmode.c
  head/tools/regression/security/cap_test/cap_test_fcntl.c
  head/tools/regression/security/cap_test/cap_test_pdfork.c
  head/tools/regression/security/cap_test/cap_test_pdkill.c
  head/tools/regression/security/cap_test/cap_test_relative.c
  head/tools/regression/security/cap_test/cap_test_sysctl.c
  head/usr.bin/kdump/kdump.c
  head/usr.bin/kdump/mksubr
  head/usr.bin/procstat/procstat_files.c
  head/usr.bin/rwho/rwho.c
  head/usr.bin/uniq/uniq.c
  head/usr.sbin/ctld/kernel.c
  head/usr.sbin/iscsid/iscsid.c
  head/usr.sbin/rwhod/rwhod.c

Modified: head/contrib/tcpdump/tcpdump.c
==
--- head/contrib/tcpdump/tcpdump.c  Sun Mar 16 10:55:57 2014
(r263233)
+++ head/contrib/tcpdump/tcpdump.c  Sun Mar 16 11:04:44 2014
(r263234)
@@ -69,7 +69,7 @@ extern int SIZE_BUF;
 #include string.h
 #include limits.h
 #ifdef __FreeBSD__
-#include sys/capability.h
+#include sys/capsicum.h
 #include sys/ioccom.h
 #include sys/types.h
 #include sys/sysctl.h

Modified: head/crypto/openssh/sandbox-capsicum.c
==
--- head/crypto/openssh/sandbox-capsicum.c  Sun Mar 16 10:55:57 2014
(r263233)
+++ head/crypto/openssh/sandbox-capsicum.c  Sun Mar 16 11:04:44 2014
(r263234)
@@ -22,7 +22,7 @@
 #include sys/param.h
 #include sys/time.h
 #include sys/resource.h
-#include sys/capability.h
+#include sys/capsicum.h
 
 #include errno.h
 #include stdarg.h

Modified: head/lib/libc/gen/cap_sandboxed.c
==
--- head/lib/libc/gen/cap_sandboxed.c   Sun Mar 16 10:55:57 2014
(r263233)
+++ head/lib/libc/gen/cap_sandboxed.c   Sun Mar 16 11:04:44 2014
(r263234)
@@ -30,7 +30,7 @@
 #include sys/cdefs.h
 __FBSDID($FreeBSD$);
 
-#include sys/capability.h
+#include sys/capsicum.h
 
 #include assert.h
 #include errno.h

Modified: head/lib/libcasper/libcasper.c
==
--- head/lib/libcasper/libcasper.c  Sun Mar 16 10:55:57 2014
(r263233)
+++ head/lib/libcasper/libcasper.c  Sun Mar 16 11:04:44 2014
(r263234)
@@ -31,7 +31,7 @@
 __FBSDID($FreeBSD$);
 
 #include sys/types.h
-#include sys/capability.h
+#include sys/capsicum.h
 #include sys/queue.h
 #include sys/socket.h
 #include sys/stat.h

Modified: head/lib/libprocstat/libprocstat.c
==
--- head/lib/libprocstat/libprocstat.c  Sun Mar 16 10:55:57 2014
(r263233)
+++ head/lib/libprocstat/libprocstat.c  Sun Mar 16 11:04:44 2014
(r263234)
@@ -61,7 +61,7 @@ __FBSDID($FreeBSD$);
 #include sys/conf.h
 #include sys/ksem.h
 #include sys/mman.h
-#include sys/capability.h
+#include sys/capsicum.h
 #define_KERNEL
 #include sys/mount.h
 #include sys/pipe.h

Modified: head/sbin/casperd/casperd.c
==
--- head/sbin/casperd/casperd.c Sun Mar 16 10:55:57 2014(r263233)
+++ head/sbin/casperd/casperd.c Sun Mar 16 11:04:44 2014(r263234)
@@ -31,7 +31,7 @@
 __FBSDID($FreeBSD$);
 
 #include sys/types.h
-#include sys/capability.h
+#include sys/capsicum.h
 #include sys/queue.h
 #include sys/socket.h
 #include sys/stat.h

Modified: head/sbin/casperd/zygote.c
==
--- head/sbin/casperd/zygote.c  Sun Mar 16 10:55:57 2014(r263233)
+++ head/sbin/casperd/zygote.c  Sun Mar 16 11:04:44 2014(r263234)
@@ -31,7 +31,7 @@
 __FBSDID($FreeBSD$);
 
 #include sys/types.h
-#include sys/capability.h

svn commit: r263235 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Sun Mar 16 11:06:05 2014
New Revision: 263235
URL: http://svnweb.freebsd.org/changeset/base/263235

Log:
  Bump __FreeBSD_version to reflect capability.h - capsicum.h change.
  
  MFC after:3 weeks

Modified:
  head/sys/sys/param.h

Modified: head/sys/sys/param.h
==
--- head/sys/sys/param.hSun Mar 16 11:04:44 2014(r263234)
+++ head/sys/sys/param.hSun Mar 16 11:06:05 2014(r263235)
@@ -58,7 +58,7 @@
  * in the range 5 to 9.
  */
 #undef __FreeBSD_version
-#define __FreeBSD_version 1100013  /* Master, propagated to newvers */
+#define __FreeBSD_version 1100014  /* Master, propagated to newvers */
 
 /*
  * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r263252 - head/sys/sys

[Robert Watson]

Author: rwatson
Date: Sun Mar 16 21:05:00 2014
New Revision: 263252
URL: http://svnweb.freebsd.org/changeset/base/263252

Log:
  Fix a comment in capability.h: it got renamed to capsicum.h, not
  capability.h.
  
  MFC after:3 weeks
  Spotted by:   alc, mcdouga9 at egr.msu.edu, thompsa

Modified:
  head/sys/sys/capability.h

Modified: head/sys/sys/capability.h
==
--- head/sys/sys/capability.h   Sun Mar 16 20:39:39 2014(r263251)
+++ head/sys/sys/capability.h   Sun Mar 16 21:05:00 2014(r263252)
@@ -32,7 +32,7 @@
 /*
  * Historically, the key userspace and kernel Capsicum definitions were found
  * in this file.  However, it conflicted with POSIX.1e's capability.h, so has
- * been renamed capability.h.  The file remains for backwards compatibility
+ * been renamed capsicum.h.  The file remains for backwards compatibility
  * reasons as a nested include.
  */
 #ifndef _SYS_CAPABILITY_H_
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r263198 - in head/sys: amd64/conf conf net netinet netinet6 sys

[Robert Watson]

Author: rwatson
Date: Sat Mar 15 00:57:50 2014
New Revision: 263198
URL: http://svnweb.freebsd.org/changeset/base/263198

Log:
  Several years after initial development, merge prototype support for
  linking NIC Receive Side Scaling (RSS) to the network stack's
  connection-group implementation.  This prototype (and derived patches)
  are in use at Juniper and several other FreeBSD-using companies, so
  despite some reservations about its maturity, merge the patch to the
  base tree so that it can be iteratively refined in collaboration rather
  than maintained as a set of gradually diverging patch sets.
  
  (1) Merge a software implementation of the Toeplitz hash specified in
  RSS implemented by David Malone.  This is used to allow suitable
  pcbgroup placement of connections before the first packet is
  received from the NIC.  Software hashing is generally avoided,
  however, due to high cost of the hash on general-purpose CPUs.
  
  (2) In in_rss.c, maintain authoritative versions of RSS state intended
  to be pushed to each NIC, including keying material, hash
  algorithm/ configuration, and buckets.  Provide software-facing
  interfaces to hash 2- and 4-tuples for IPv4 and IPv6 using both
  the RSS standardised Toeplitz and a 'naive' variation with a hash
  efficient in software but with poor distribution properties.
  Implement rss_m2cpuid()to be used by netisr and other load
  balancing code to look up the CPU on which an mbuf should be
  processed.
  
  (3) In the Ethernet link layer, allow netisr distribution using RSS as
  a source of policy as an alternative to source ordering; continue
  to default to direct dispatch (i.e., don't try and requeue packets
  for processing on the 'right' CPU if they arrive in a directly
  dispatchable context).
  
  (4) Allow RSS to control tuning of connection groups in order to align
  groups with RSS buckets.  If a packet arrives on a protocol using
  connection groups, and contains a suitable hardware-generated
  hash, use that hash value to select the connection group for pcb
  lookup for both IPv4 and IPv6.  If no hardware-generated Toeplitz
  hash is available, we fall back on regular PCB lookup risking
  contention rather than pay the cost of Toeplitz in software --
  this is a less scalable but, at my last measurement, faster
  approach.  As core counts go up, we may want to revise this
  strategy despite CPU overhead.
  
  Where device drivers suitably configure NICs, and connection groups /
  RSS are enabled, this should avoid both lock and line contention during
  connection lookup for TCP.  This commit does not modify any device
  drivers to tune device RSS configuration to the global RSS
  configuration; patches are in circulation to do this for at least
  Chelsio T3 and Intel 1G/10G drivers.  Currently, the KPI for device
  drivers is not particularly robust, nor aware of more advanced features
  such as runtime reconfiguration/rebalancing.  This will hopefully prove
  a useful starting point for refinement.
  
  No MFC is scheduled as we will first want to nail down a more mature
  and maintainable KPI/KBI for device drivers.
  
  Sponsored by:   Juniper Networks (original work)
  Sponsored by:   EMC/Isilon (patch update and merge)

Added:
  head/sys/netinet/in_rss.c   (contents, props changed)
  head/sys/netinet/in_rss.h   (contents, props changed)
  head/sys/netinet/toeplitz.c   (contents, props changed)
  head/sys/netinet/toeplitz.h   (contents, props changed)
Modified:
  head/sys/amd64/conf/GENERIC
  head/sys/conf/files
  head/sys/conf/options
  head/sys/net/if_ethersubr.c
  head/sys/netinet/in_pcb.c
  head/sys/netinet/in_pcbgroup.c
  head/sys/netinet6/in6_pcb.c
  head/sys/netinet6/in6_pcbgroup.c
  head/sys/sys/priv.h

Modified: head/sys/amd64/conf/GENERIC
==
--- head/sys/amd64/conf/GENERIC Sat Mar 15 00:23:35 2014(r263197)
+++ head/sys/amd64/conf/GENERIC Sat Mar 15 00:57:50 2014(r263198)
@@ -28,6 +28,8 @@ options   SCHED_ULE   # ULE scheduler
 optionsPREEMPTION  # Enable kernel thread preemption
 optionsINET# InterNETworking
 optionsINET6   # IPv6 communications protocols
+optionsPCBGROUP# Protocol control-block groups
+optionsRSS # Receive-side scaling support
 optionsTCP_OFFLOAD # TCP offload
 optionsSCTP# Stream Control Transmission Protocol
 optionsFFS # Berkeley Fast Filesystem

Modified: head/sys/conf/files
==
--- head/sys/conf/files Sat Mar 15 00:23:35 2014(r263197)
+++ head/sys/conf/files Sat Mar 15 00:57:50 2014(r263198)
@@ -3267,6 +3267,7 

svn commit: r263200 - head/sys/amd64/conf

[Robert Watson]

Author: rwatson
Date: Sat Mar 15 00:59:23 2014
New Revision: 263200
URL: http://svnweb.freebsd.org/changeset/base/263200

Log:
  Revert a small portion of r263198 left over from local testing: don't
  enable PCB groups and RSS by default [yet].

Modified:
  head/sys/amd64/conf/GENERIC

Modified: head/sys/amd64/conf/GENERIC
==
--- head/sys/amd64/conf/GENERIC Sat Mar 15 00:58:08 2014(r263199)
+++ head/sys/amd64/conf/GENERIC Sat Mar 15 00:59:23 2014(r263200)
@@ -28,8 +28,6 @@ options   SCHED_ULE   # ULE scheduler
 optionsPREEMPTION  # Enable kernel thread preemption
 optionsINET# InterNETworking
 optionsINET6   # IPv6 communications protocols
-optionsPCBGROUP# Protocol control-block groups
-optionsRSS # Receive-side scaling support
 optionsTCP_OFFLOAD # TCP offload
 optionsSCTP# Stream Control Transmission Protocol
 optionsFFS # Berkeley Fast Filesystem
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

Re: svn commit: r262882 - head/tools/tools/net80211/wlanstats

[Robert Watson]

On Fri, 7 Mar 2014, Bruce Evans wrote:


Log:
  wlanstats: add help

  - add a help (-h) flag
  - move usage into itsown function


it looks like the only change now is that usage info always go to stdout, 
and exit code differs.  i don't think it should be mfced.


It also removes the double printing of the program name (correct) and the 
printing of usage: , and has mounds of style bugs.


gnu utilities have a --help flag that causes similar behaviour (printing to 
stdout and exiting with status 0), but they still print error messages about 
usage to stderr.


They can also return a non-zero status if printing the man pages encounters 
problems.  This leads to some curious text in the GNU info page for 'true' 
explaining that it can sometimes return false.


Robert
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org

svn commit: r262690 - head/lib/libprocstat

[Robert Watson]

Author: rwatson
Date: Sun Mar  2 13:26:08 2014
New Revision: 262690
URL: http://svnweb.freebsd.org/changeset/base/262690

Log:
  When querying a process's umask via sysctl in libprocstat(), don't
  print a warning if EPERM is returned as this is an expected failure
  mode rather than error -- similar to current handling of ESRCH.
  This makes the output of 'procstat -as' vastly more palatable.
  
  MFC after:3 days
  Sponsored by: DARPA, AFRL

Modified:
  head/lib/libprocstat/libprocstat.c

Modified: head/lib/libprocstat/libprocstat.c
==
--- head/lib/libprocstat/libprocstat.c  Sun Mar  2 13:12:06 2014
(r262689)
+++ head/lib/libprocstat/libprocstat.c  Sun Mar  2 13:26:08 2014
(r262690)
@@ -2052,7 +2052,7 @@ procstat_getumask_sysctl(pid_t pid, unsi
mib[3] = pid;
len = sizeof(*maskp);
error = sysctl(mib, 4, maskp, len, NULL, 0);
-   if (error != 0  errno != ESRCH)
+   if (error != 0  errno != ESRCH  errno != EPERM)
warn(sysctl: kern.proc.umask: %d, pid);
return (error);
 }
___
svn-src-head@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org