svn commit: r347058 - head/sys/security/mac
Author: rwatson Date: Fri May 3 20:38:43 2019 New Revision: 347058 URL: https://svnweb.freebsd.org/changeset/base/347058 Log: When MAC is enabled and a policy module is loaded, don't unconditionally lock mac_ifnet_mtx, which protects labels on struct ifnet, unless at least one policy is actively using labels on ifnets. This avoids a global mutex acquire in certain fast paths -- most noticeably ifnet transmit. This was previously invisible by default, as no MAC policies were loaded by default, but recently became visible due to mac_ntpd being enabled by default. gallatin@ reports a reduction in PPS overhead from 300% to 2.2% with this change. We will want to explore further MAC Framework optimisation to reduce overhead further, but this brings things more back into the world of the sane. MFC after:3 days Modified: head/sys/security/mac/mac_inet.c head/sys/security/mac/mac_internal.h head/sys/security/mac/mac_net.c Modified: head/sys/security/mac/mac_inet.c == --- head/sys/security/mac/mac_inet.cFri May 3 20:05:31 2019 (r347057) +++ head/sys/security/mac/mac_inet.cFri May 3 20:38:43 2019 (r347058) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002, 2007, 2009 Robert N. M. Watson + * Copyright (c) 1999-2002, 2007, 2009, 2019 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2004 Networks Associates Technology, Inc. * Copyright (c) 2006 SPARTA, Inc. @@ -266,16 +266,17 @@ void mac_netinet_arp_send(struct ifnet *ifp, struct mbuf *m) { struct label *mlabel; + int locked; if (mac_policy_count == 0) return; mlabel = mac_mbuf_to_label(m); - MAC_IFNET_LOCK(ifp); + MAC_IFNET_LOCK(ifp, locked); MAC_POLICY_PERFORM_NOSLEEP(netinet_arp_send, ifp, ifp->if_label, m, mlabel); - MAC_IFNET_UNLOCK(ifp); + MAC_IFNET_UNLOCK(ifp, locked); } void @@ -310,16 +311,17 @@ void mac_netinet_igmp_send(struct ifnet *ifp, struct mbuf *m) { struct label *mlabel; + int locked; if (mac_policy_count == 0) return; mlabel = mac_mbuf_to_label(m); - MAC_IFNET_LOCK(ifp); + MAC_IFNET_LOCK(ifp, locked); MAC_POLICY_PERFORM_NOSLEEP(netinet_igmp_send, ifp, ifp->if_label, m, mlabel); - MAC_IFNET_UNLOCK(ifp); + MAC_IFNET_UNLOCK(ifp, locked); } void Modified: head/sys/security/mac/mac_internal.h == --- head/sys/security/mac/mac_internal.hFri May 3 20:05:31 2019 (r347057) +++ head/sys/security/mac/mac_internal.hFri May 3 20:38:43 2019 (r347058) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002, 2006, 2009 Robert N. M. Watson + * Copyright (c) 1999-2002, 2006, 2009, 2019 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2004 Networks Associates Technology, Inc. * Copyright (c) 2006 nCircle Network Security, Inc. @@ -216,8 +216,24 @@ void mac_destroy_label(struct label *label); intmac_check_structmac_consistent(struct mac *mac); intmac_allocate_slot(void); -#define MAC_IFNET_LOCK(ifp)mtx_lock(_ifnet_mtx) -#define MAC_IFNET_UNLOCK(ifp) mtx_unlock(_ifnet_mtx) +/* + * Lock ifnets to protect labels only if ifnet labels are in use. + */ +#define MAC_IFNET_LOCK(ifp, locked)do {\ + if (mac_labeled & MPC_OBJECT_IFNET) { \ + mtx_lock(_ifnet_mtx); \ + locked = 1; \ + } else {\ + locked = 0; \ + } \ +} while (0) + +#define MAC_IFNET_UNLOCK(ifp, locked) do {\ + if (locked) { \ + mtx_unlock(_ifnet_mtx); \ + locked = 0; \ + } \ +} while (0) /* * MAC Framework per-object type functions. It's not yet clear how the Modified: head/sys/security/mac/mac_net.c == --- head/sys/security/mac/mac_net.c Fri May 3 20:05:31 2019 (r347057) +++ head/sys/security/mac/mac_net.c Fri May 3 20:38:43 2019 (r347058) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 1999-2002, 2009 Robert N. M. Watson + * Copyright (c) 1999-2002, 2009, 2019 Robert N. M. Watson * Copyright (c) 2001 Ilmar S. Habibulin * Copyright (c) 2001-2004 Networks Associates Technology,
svn commit: r346846 - head/share/man/man4
Author: rwatson Date: Sun Apr 28 16:28:36 2019 New Revision: 346846 URL: https://svnweb.freebsd.org/changeset/base/346846 Log: Update the audit(4) man page to talk about dtaudit(4), and also add a dtaudit(4) cross reference to auditpipe(4). MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/share/man/man4/audit.4 head/share/man/man4/auditpipe.4 Modified: head/share/man/man4/audit.4 == --- head/share/man/man4/audit.4 Sun Apr 28 15:08:57 2019(r346845) +++ head/share/man/man4/audit.4 Sun Apr 28 16:28:36 2019(r346846) @@ -1,6 +1,11 @@ -.\" Copyright (c) 2006 Robert N. M. Watson +.\" Copyright (c) 2006, 2019 Robert N. M. Watson .\" All rights reserved. .\" +.\" This software was developed in part by BAE Systems, the University of +.\" Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL +.\" contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent +.\" Computing (TC) research program. +.\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: @@ -24,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 31, 2009 +.Dd April 28, 2019 .Dt AUDIT 4 .Os .Sh NAME @@ -74,6 +79,12 @@ Audit pipe special devices, discussed in provide a configurable live tracking mechanism to allow applications to tee the audit trail, as well as to configure custom preselection parameters to track users and events in a fine-grained manner. +.Ss DTrace Audit Provider +The DTrace Audit Provider, +.Xr dtaudit 4 , +allows D scripts to enable capture of in-kernel audit records for kernel audit +event types, and then process their contents during audit commit or BSM +generation. .Sh SEE ALSO .Xr auditreduce 1 , .Xr praudit 1 , @@ -88,6 +99,7 @@ to track users and events in a fine-grained manner. .Xr setauid 2 , .Xr libbsm 3 , .Xr auditpipe 4 , +.Xr dtaudit 4 , .Xr audit.log 5 , .Xr audit_class 5 , .Xr audit_control 5 , Modified: head/share/man/man4/auditpipe.4 == --- head/share/man/man4/auditpipe.4 Sun Apr 28 15:08:57 2019 (r346845) +++ head/share/man/man4/auditpipe.4 Sun Apr 28 16:28:36 2019 (r346846) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 30, 2018 +.Dd April 28, 2019 .Dt AUDITPIPE 4 .Os .Sh NAME @@ -221,6 +221,7 @@ to review the default audit trail. .Xr poll 2 , .Xr select 2 , .Xr audit 4 , +.Xr dtaudit 4 , .Xr audit_control 5 , .Xr audit 8 , .Xr auditd 8 ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346814 - head/share/man/man4
taudit +provider relies on +.Xr audit 4 +being compiled into the kernel. +.Nm dtaudit +probes become available only once there is an event-to-name mapping installed +in the kernel, normally done by +.Xr auditd 8 +during the boot process, if audit is enabled in +.Xr rc.conf 5 : +.Bd -literal -offset indent +auditd_enable="YES" +.Ed +.Pp +If +.Nm dtaudit +probes are required earlier in boot -- for example, in single-user mode -- or +without enabling +.Xr audit 4 , +they can be preloaded in the boot loader by adding this line to +.Xr loader.conf 5 . +.Bd -literal -offset indent +audit_event_load="YES" +.Ed +.Ss Probes +The +.Fn audit:event:aue_*:commit +probes fire synchronously during system-call return, giving access to two +arguments: a +.Vt char * +audit event name, and +the +.Vt struct audit_record * +in-kernel audit record. +Because the probe fires in system-call return, the user thread has not yet +regained control, and additional information from the thread and process +remains available for capture by the script. +.Pp +The +.Fn audit:event:aue_*:bsm +probes fire asynchonously from system-call return, following BSM conversion +and just prior to being written to disk, giving access to four arguments: a +.Vt char * +audit event name, the +.Vt struct audit_record * +in-kernel audit record, a +.Vt const void * +pointer to the converted BSM record, and a +.Vt size_t +for the length of the BSM record. +.Sh IMPLEMENTATION NOTES +When a set of +.Nm dtaudit +probes are registered, corresponding in-kernel audit records will be captured +and their probes will fire regardless of whether the +.Xr audit 4 +subsystem itself would have captured the record for the purposes of writing it +to the audit trail, or for delivery to a +.Xr auditpipe 4 . +In-kernel audit records allocated only because of enabled +.Xr dtaudit 4 +probes will not be unnecessarily written to the audit trail or enabled pipes. +.Sh SEE ALSO +.Xr dtrace 1 , +.Xr audit 4 , +.Xr audit.log 5 , +.Xr loader.conf 5 , +.Xr rc.conf 5 , +.Xr auditd 8 +.Sh HISTORY +The +.Nm dtaudit +provider first appeared in +.Fx 12.0 . +.Sh AUTHORS +This software and this manual page were developed by BAE Systems, the +University of Cambridge Computer Laboratory, and Memorial University under +DARPA/AFRL contract +.Pq FA8650-15-C-7558 +.Pq Do CADETS Dc , +as part of the DARPA Transparent Computing (TC) research program. +The +.Nm dtaudit +provider and this manual page were written by +.An Robert Watson Aq Mt rwat...@freebsd.org . +.Sh BUGS +Because +.Xr audit 4 +maintains its primary event-to-name mapping database in userspace, that +database must be loaded into the kernel before +.Nm dtaudit +probes become available. +.Pp +.Nm dtaudit +is only able to provide access to system-call audit events, not the full +scope of userspace events, such as those relating to login, password change, +and so on. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r339085 - head/sys/security/audit
Author: rwatson Date: Tue Oct 2 15:58:17 2018 New Revision: 339085 URL: https://svnweb.freebsd.org/changeset/base/339085 Log: Rework the logic around quick checks for auditing that take place at system-call entry and whenever audit arguments or return values are captured: 1. Expose a single global, audit_syscalls_enabled, which controls whether the audit framework is entered, rather than exposing components of the policy -- e.g., if the trail is enabled, suspended, etc. 2. Introduce a new function audit_syscalls_enabled_update(), which is called to update audit_syscalls_enabled whenever an aspect of the policy changes, so that the value can be updated. 3. Remove a check of trail enablement/suspension from audit_new() -- at the point where this function has been entered, we believe that system-call auditing is already in force, or we wouldn't get here, so simply proceed to more expensive policy checks. 4. Use an audit-provided global, audit_dtrace_enabled, rather than a dtaudit-provided global, to provide policy indicating whether dtaudit would like system calls to be audited. 5. Do some minor cosmetic renaming to clarify what various variables are for. These changes collectively arrange it so that traditional audit (trail, pipes) or the DTrace audit provider can enable system-call probes without the other configured. Otherwise, dtaudit cannot capture system-call data without auditd(8) started. Reviewed by: gnn Sponsored by: DARPA, AFRL Approved by: re (gjb) Differential Revision:https://reviews.freebsd.org/D17348 Modified: head/sys/security/audit/audit.c head/sys/security/audit/audit.h head/sys/security/audit/audit_dtrace.c head/sys/security/audit/audit_private.h head/sys/security/audit/audit_syscalls.c head/sys/security/audit/audit_worker.c Modified: head/sys/security/audit/audit.c == --- head/sys/security/audit/audit.c Tue Oct 2 15:18:48 2018 (r339084) +++ head/sys/security/audit/audit.c Tue Oct 2 15:58:17 2018 (r339085) @@ -2,7 +2,7 @@ * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1999-2005 Apple Inc. - * Copyright (c) 2006-2007, 2016-2017 Robert N. M. Watson + * Copyright (c) 2006-2007, 2016-2018 Robert N. M. Watson * All rights reserved. * * Portions of this software were developed by BAE Systems, the University of @@ -98,8 +98,12 @@ static SYSCTL_NODE(_security, OID_AUTO, audit, CTLFLAG * * Define the audit control flags. */ -int __read_frequently audit_enabled; -intaudit_suspended; +intaudit_trail_enabled; +intaudit_trail_suspended; +#ifdef KDTRACE_HOOKS +u_int audit_dtrace_enabled; +#endif +int __read_frequently audit_syscalls_enabled; /* * Flags controlling behavior in low storage situations. Should we panic if @@ -198,7 +202,34 @@ static struct rwlock audit_kinfo_lock; #defineKINFO_RUNLOCK() rw_runlock(_kinfo_lock) #defineKINFO_WUNLOCK() rw_wunlock(_kinfo_lock) +/* + * Check various policies to see if we should enable system-call audit hooks. + * Note that despite the mutex being held, we want to assign a value exactly + * once, as checks of the flag are performed lock-free for performance + * reasons. The mutex is used to get a consistent snapshot of policy state -- + * e.g., safely accessing the two audit_trail flags. + */ void +audit_syscalls_enabled_update(void) +{ + + mtx_lock(_mtx); +#ifdef KDTRACE_HOOKS + if (audit_dtrace_enabled) + audit_syscalls_enabled = 1; + else { +#endif + if (audit_trail_enabled && !audit_trail_suspended) + audit_syscalls_enabled = 1; + else + audit_syscalls_enabled = 0; +#ifdef KDTRACE_HOOKS + } +#endif + mtx_unlock(_mtx); +} + +void audit_set_kinfo(struct auditinfo_addr *ak) { @@ -303,8 +334,9 @@ static void audit_init(void) { - audit_enabled = 0; - audit_suspended = 0; + audit_trail_enabled = 0; + audit_trail_suspended = 0; + audit_syscalls_enabled = 0; audit_panic_on_write_fail = 0; audit_fail_stop = 0; audit_in_failure = 0; @@ -337,6 +369,9 @@ audit_init(void) sizeof(struct kaudit_record), audit_record_ctor, audit_record_dtor, NULL, NULL, UMA_ALIGN_PTR, 0); + /* First initialisation of audit_syscalls_enabled. */ + audit_syscalls_enabled_update(); + /* Initialize the BSM audit subsystem. */ kau_init(); @@ -378,10 +413,6 @@ currecord(void) } /* - * XXXAUDIT: There are a number of races present in the code below due to - * release and re-grab of the mutex. The code should be revised to become - * slightly
svn commit: r338443 - in head: stand/defaults sys/security/audit
Author: rwatson Date: Mon Sep 3 14:26:43 2018 New Revision: 338443 URL: https://svnweb.freebsd.org/changeset/base/338443 Log: The kernel DTrace audit provider (dtaudit) relies on auditd(8) to load /etc/security/audit_event to provide a list of audit event-number <-> name mappings. However, this occurs too late for anonymous tracing. With this change, adding 'audit_event_load="YES"' to /boot/loader.conf will cause the boot loader to preload the file, and then the kernel audit code will parse it to register an initial set of audit event-number <-> name mappings. Those mappings can later be updated by auditd(8) if the configuration file changes. Reviewed by: gnn, asomers, markj, allanjude Discussed with: jhb Approved by: re (kib) MFC after:1 week Sponsored by: DARPA, AFRL Differential Revision:https://reviews.freebsd.org/D16589 Modified: head/stand/defaults/loader.conf head/sys/security/audit/audit_bsm_db.c Modified: head/stand/defaults/loader.conf == --- head/stand/defaults/loader.conf Mon Sep 3 08:57:09 2018 (r338442) +++ head/stand/defaults/loader.conf Mon Sep 3 14:26:43 2018 (r338443) @@ -67,6 +67,11 @@ acpi_dsdt_name="/boot/acpi_dsdt.aml" # Override DSDT in BIOS by this file acpi_video_load="NO" # Load the ACPI video extension driver +### Audit settings # +audit_event_load="NO" # Preload audit_event config +audit_event_name="/etc/security/audit_event" +audit_event_type="etc_security_audit_event" + ### Initial memory disk settings ### #mdroot_load="YES" # The "mdroot" prefix is arbitrary. #mdroot_type="md_image"# Create md(4) disk at boot. Modified: head/sys/security/audit/audit_bsm_db.c == --- head/sys/security/audit/audit_bsm_db.c Mon Sep 3 08:57:09 2018 (r338442) +++ head/sys/security/audit/audit_bsm_db.c Mon Sep 3 14:26:43 2018 (r338443) @@ -1,6 +1,6 @@ /* * Copyright (c) 1999-2009 Apple Inc. - * Copyright (c) 2005, 2016-2017 Robert N. M. Watson + * Copyright (c) 2005, 2016-2018 Robert N. M. Watson * All rights reserved. * * Portions of this software were developed by BAE Systems, the University of @@ -41,6 +41,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -91,6 +92,7 @@ static struct evclass_listevclass_hash[EVCLASSMAP_HAS * struct evname_elem is defined in audit_private.h so that audit_dtrace.c can * use the definition. */ +#defineEVNAMEMAP_HASH_TABLE_MODULE "etc_security_audit_event" #defineEVNAMEMAP_HASH_TABLE_SIZE 251 struct evname_list { LIST_HEAD(, evname_elem)enl_head; @@ -261,6 +263,85 @@ au_evnamemap_insert(au_event_t event, const char *name EVNAMEMAP_WUNLOCK(); } +/* + * If /etc/security/audit_event has been preloaded by the boot loader, parse + * it to build an initial set of event number<->name mappings. + */ +static void +au_evnamemap_init_preload(void) +{ + caddr_t kmdp; + char *endptr, *line, *nextline, *ptr; + const char *evnum_str, *evname; + size_t size; + long evnum; + u_int lineno; + + kmdp = preload_search_by_type(EVNAMEMAP_HASH_TABLE_MODULE); + if (kmdp == NULL) + return; + ptr = preload_fetch_addr(kmdp); + size = preload_fetch_size(kmdp); + + /* +* Parse preloaded configuration file "in place". Assume that the +* last character is a new line, meaning that we can replace it with a +* nul byte safely. We can then use strsep(3) to process the full +* buffer. +*/ + ptr[size - 1] = '\0'; + + /* +* Process line by line. +*/ + nextline = ptr; + lineno = 0; + while ((line = strsep(, "\n")) != NULL) { + /* +* Skip any leading white space. +*/ + while (line[0] == ' ' || line[0] == '\t') + line++; + + /* +* Skip blank lines and comment lines. +*/ + if (line[0] == '\0' || line[0] == '#') { + lineno++; + continue; + } + + /* +* Parse each line -- ":"-separated tuple of event number, +* event name, and other material we are less interested in. +*/ + evnum_str = strsep(, ":"); + if (evnum_str == NULL || *evnum_str == '\0') { + printf("%s: Invalid line %u - evnum strsep\n", + __func__, lineno); + lineno++; +
svn commit: r316450 - in head/sys: conf security/audit
Author: rwatson Date: Mon Apr 3 10:15:58 2017 New Revision: 316450 URL: https://svnweb.freebsd.org/changeset/base/316450 Log: Break audit_bsm_klib.c into two files: one (audit_bsm_klib.c) retaining various utility functions used during BSM generation, and a second (audit_bsm_db.c) that contains the various in-kernel databases supporting various audit activities (the class and event-name tables). (No functional change is intended.) Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Added: head/sys/security/audit/audit_bsm_db.c - copied, changed from r316446, head/sys/security/audit/audit_bsm_klib.c Modified: head/sys/conf/files head/sys/security/audit/audit_bsm_klib.c Modified: head/sys/conf/files == --- head/sys/conf/files Mon Apr 3 09:41:43 2017(r316449) +++ head/sys/conf/files Mon Apr 3 10:15:58 2017(r316450) @@ -4595,6 +4595,7 @@ rpc/rpcsec_gss/svc_rpcsec_gss.c optional security/audit/audit.c optional audit security/audit/audit_arg.c optional audit security/audit/audit_bsm.c optional audit +security/audit/audit_bsm_db.c optional audit security/audit/audit_bsm_klib.coptional audit security/audit/audit_dtrace.c optional dtaudit audit | dtraceall audit compile-with "${CDDL_C}" security/audit/audit_pipe.coptional audit Copied and modified: head/sys/security/audit/audit_bsm_db.c (from r316446, head/sys/security/audit/audit_bsm_klib.c) == --- head/sys/security/audit/audit_bsm_klib.cMon Apr 3 08:50:54 2017 (r316446, copy source) +++ head/sys/security/audit/audit_bsm_db.c Mon Apr 3 10:15:58 2017 (r316450) @@ -106,64 +106,6 @@ static struct evname_list evnamemap_hash #defineEVNAMEMAP_WLOCK() sx_xlock(_lock) #defineEVNAMEMAP_WUNLOCK() sx_xunlock(_lock) -struct aue_open_event { - int aoe_flags; - au_event_t aoe_event; -}; - -static const struct aue_open_event aue_open[] = { - { O_RDONLY, AUE_OPEN_R }, - { (O_RDONLY | O_CREAT), AUE_OPEN_RC }, - { (O_RDONLY | O_CREAT | O_TRUNC), AUE_OPEN_RTC }, - { (O_RDONLY | O_TRUNC), AUE_OPEN_RT }, - { O_RDWR, AUE_OPEN_RW }, - { (O_RDWR | O_CREAT), AUE_OPEN_RWC }, - { (O_RDWR | O_CREAT | O_TRUNC), AUE_OPEN_RWTC }, - { (O_RDWR | O_TRUNC), AUE_OPEN_RWT }, - { O_WRONLY, AUE_OPEN_W }, - { (O_WRONLY | O_CREAT), AUE_OPEN_WC }, - { (O_WRONLY | O_CREAT | O_TRUNC), AUE_OPEN_WTC }, - { (O_WRONLY | O_TRUNC), AUE_OPEN_WT }, -}; - -static const struct aue_open_event aue_openat[] = { - { O_RDONLY, AUE_OPENAT_R }, - { (O_RDONLY | O_CREAT), AUE_OPENAT_RC }, - { (O_RDONLY | O_CREAT | O_TRUNC), AUE_OPENAT_RTC }, - { (O_RDONLY | O_TRUNC), AUE_OPENAT_RT }, - { O_RDWR, AUE_OPENAT_RW }, - { (O_RDWR | O_CREAT), AUE_OPENAT_RWC }, - { (O_RDWR | O_CREAT | O_TRUNC), AUE_OPENAT_RWTC }, - { (O_RDWR | O_TRUNC), AUE_OPENAT_RWT }, - { O_WRONLY, AUE_OPENAT_W }, - { (O_WRONLY | O_CREAT), AUE_OPENAT_WC }, - { (O_WRONLY | O_CREAT | O_TRUNC), AUE_OPENAT_WTC }, - { (O_WRONLY | O_TRUNC), AUE_OPENAT_WT }, -}; - -static const int aue_msgsys[] = { - /* 0 */ AUE_MSGCTL, - /* 1 */ AUE_MSGGET, - /* 2 */ AUE_MSGSND, - /* 3 */ AUE_MSGRCV, -}; -static const int aue_msgsys_count = sizeof(aue_msgsys) / sizeof(int); - -static const int aue_semsys[] = { - /* 0 */ AUE_SEMCTL, - /* 1 */ AUE_SEMGET, - /* 2 */ AUE_SEMOP, -}; -static const int aue_semsys_count = sizeof(aue_semsys) / sizeof(int); - -static const int aue_shmsys[] = { - /* 0 */ AUE_SHMAT, - /* 1 */ AUE_SHMDT, - /* 2 */ AUE_SHMGET, - /* 3 */ AUE_SHMCTL, -}; -static const int aue_shmsys_count = sizeof(aue_shmsys) / sizeof(int); - /* * Look up the class for an audit event in the class mapping table. */ @@ -248,33 +190,6 @@ au_evclassmap_init(void) } /* - * Check whether an event is aditable by comparing the mask of classes this - * event is part of against the given mask. - */ -int -au_preselect(au_event_t event, au_class_t class, au_mask_t *mask_p, int sorf) -{ - au_class_t effmask = 0; - -
svn commit: r316339 - head/contrib/less
Author: rwatson Date: Fri Mar 31 21:29:43 2017 New Revision: 316339 URL: https://svnweb.freebsd.org/changeset/base/316339 Log: Currently, less(1) uses K prototypes, which both fails to provide useful compiler-time type checking, and also causes problems for targets where multiple incompatible calling conventions may be selected based on argument types. This change switches less(1) to ANSI prototypes. While there, we also remove use of "register", and attempt to use "const" a bit better now that the compiler can check argument types. Reviewed by: cem, emaste MFC after:3 weeks Sponsored by: DARPA, AFRL Differential Revision:https://reviews.freebsd.org/D10152 Modified: head/contrib/less/brac.c head/contrib/less/ch.c head/contrib/less/charset.c head/contrib/less/cmdbuf.c head/contrib/less/command.c head/contrib/less/cvt.c head/contrib/less/decode.c head/contrib/less/edit.c head/contrib/less/filename.c head/contrib/less/forwback.c head/contrib/less/funcs.h head/contrib/less/ifile.c head/contrib/less/input.c head/contrib/less/jump.c head/contrib/less/less.h head/contrib/less/lessecho.c head/contrib/less/lesskey.c head/contrib/less/line.c head/contrib/less/linenum.c head/contrib/less/lsystem.c head/contrib/less/main.c head/contrib/less/mark.c head/contrib/less/mkhelp.c head/contrib/less/optfunc.c head/contrib/less/option.c head/contrib/less/opttbl.c head/contrib/less/os.c head/contrib/less/output.c head/contrib/less/pattern.c head/contrib/less/position.c head/contrib/less/prompt.c head/contrib/less/regexp.c head/contrib/less/screen.c head/contrib/less/scrsize.c head/contrib/less/search.c head/contrib/less/signal.c head/contrib/less/tags.c head/contrib/less/ttyin.c Modified: head/contrib/less/brac.c == --- head/contrib/less/brac.cFri Mar 31 20:17:30 2017(r316338) +++ head/contrib/less/brac.cFri Mar 31 21:29:43 2017(r316339) @@ -24,18 +24,14 @@ * "close bracket" are given. */ public void -match_brac(obrac, cbrac, forwdir, n) - register int obrac; - register int cbrac; - int forwdir; - int n; +match_brac(int obrac, int cbrac, int forwdir, int n) { - register int c; - register int nest; + int c; + int nest; POSITION pos; - int (*chget)(); + int (*chget)(void); - extern int ch_forw_get(), ch_back_get(); + extern int ch_forw_get(void), ch_back_get(void); /* * Seek to the line containing the open bracket. Modified: head/contrib/less/ch.c == --- head/contrib/less/ch.c Fri Mar 31 20:17:30 2017(r316338) +++ head/contrib/less/ch.c Fri Mar 31 21:29:43 2017(r316339) @@ -144,13 +144,13 @@ static int ch_addbuf(); * Get the character pointed to by the read pointer. */ int -ch_get() +ch_get(void) { - register struct buf *bp; - register struct bufnode *bn; - register int n; - register int slept; - register int h; + struct buf *bp; + struct bufnode *bn; + int n; + int slept; + int h; POSITION pos; POSITION len; @@ -378,8 +378,7 @@ ch_get() * a single char onto an input file descriptor. */ public void -ch_ungetchar(c) - int c; +ch_ungetchar(int c) { if (c != -1 && ch_ungotchar != -1) error("ch_ungetchar overrun", NULL_PARG); @@ -392,7 +391,7 @@ ch_ungetchar(c) * If we haven't read all of standard input into it, do that now. */ public void -end_logfile() +end_logfile(void) { static int tried = FALSE; @@ -417,10 +416,10 @@ end_logfile() * Write all the existing buffered data to the log file. */ public void -sync_logfile() +sync_logfile(void) { - register struct buf *bp; - register struct bufnode *bn; + struct buf *bp; + struct bufnode *bn; int warned = FALSE; BLOCKNUM block; BLOCKNUM nblocks; @@ -454,12 +453,11 @@ sync_logfile() * Determine if a specific block is currently in one of the buffers. */ static int -buffered(block) - BLOCKNUM block; +buffered(BLOCKNUM block) { - register struct buf *bp; - register struct bufnode *bn; - register int h; + struct buf *bp; + struct bufnode *bn; + int h; h = BUFHASH(block); FOR_BUFS_IN_CHAIN(h, bn) @@ -476,8 +474,7 @@ buffered(block) * Return 0 if successful, non-zero if can't seek there. */ public int -ch_seek(pos) - register POSITION pos; +ch_seek(POSITION pos) { BLOCKNUM new_block; POSITION len; @@ -515,7 +512,7 @@ ch_seek(pos) * Seek to the end of the file. */ public int -ch_end_seek() +ch_end_seek(void) { POSITION len;
svn commit: r316334 - head/sys/kern
Author: rwatson Date: Fri Mar 31 14:17:14 2017 New Revision: 316334 URL: https://svnweb.freebsd.org/changeset/base/316334 Log: Audit arguments to posix_fallocate(2) and posix_fadvise(2) system calls. As posix_fadvise() does not lock the vnode argument, don't capture detailed vnode information for the time being. Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/kern/vfs_syscalls.c Modified: head/sys/kern/vfs_syscalls.c == --- head/sys/kern/vfs_syscalls.cFri Mar 31 14:13:13 2017 (r316333) +++ head/sys/kern/vfs_syscalls.cFri Mar 31 14:17:14 2017 (r316334) @@ -4452,15 +4452,21 @@ kern_posix_fallocate(struct thread *td, cap_rights_t rights; off_t olen, ooffset; int error; +#ifdef AUDIT + int audited_vnode1 = 0; +#endif + AUDIT_ARG_FD(fd); if (offset < 0 || len <= 0) return (EINVAL); /* Check for wrap. */ if (offset > OFF_MAX - len) return (EFBIG); + AUDIT_ARG_FD(fd); error = fget(td, fd, cap_rights_init(, CAP_WRITE), ); if (error != 0) return (error); + AUDIT_ARG_FILE(td->td_proc, fp); if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) { error = ESPIPE; goto out; @@ -4494,6 +4500,12 @@ kern_posix_fallocate(struct thread *td, vn_finished_write(mp); break; } +#ifdef AUDIT + if (!audited_vnode1) { + AUDIT_ARG_VNODE1(vp); + audited_vnode1 = 1; + } +#endif #ifdef MAC error = mac_vnode_check_write(td->td_ucred, fp->f_cred, vp); if (error == 0) @@ -4544,6 +4556,7 @@ kern_posix_fadvise(struct thread *td, in if (offset < 0 || len < 0 || offset > OFF_MAX - len) return (EINVAL); + AUDIT_ARG_VALUE(advice); switch (advice) { case POSIX_FADV_SEQUENTIAL: case POSIX_FADV_RANDOM: @@ -4559,9 +4572,11 @@ kern_posix_fadvise(struct thread *td, in return (EINVAL); } /* XXX: CAP_POSIX_FADVISE? */ + AUDIT_ARG_FD(fd); error = fget(td, fd, cap_rights_init(), ); if (error != 0) goto out; + AUDIT_ARG_FILE(td->td_proc, fp); if ((fp->f_ops->fo_flags & DFLAG_SEEKABLE) == 0) { error = ESPIPE; goto out; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r316333 - head/sys/security/audit
Author: rwatson Date: Fri Mar 31 14:13:13 2017 New Revision: 316333 URL: https://svnweb.freebsd.org/changeset/base/316333 Log: Correct macro names and signatures for !AUDIT versions of canonical path auditing. Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/security/audit/audit.h Modified: head/sys/security/audit/audit.h == --- head/sys/security/audit/audit.h Fri Mar 31 13:43:00 2017 (r316332) +++ head/sys/security/audit/audit.h Fri Mar 31 14:13:13 2017 (r316333) @@ -431,9 +431,9 @@ void audit_thread_free(struct thread *t #defineAUDIT_ARG_TEXT(text) #defineAUDIT_ARG_UID(uid) #defineAUDIT_ARG_UPATH1(td, dirfd, upath) -#defineAUDIT_ARG_UPATH1_NONCANON(td, upath) +#defineAUDIT_ARG_UPATH1_CANON(upath) #defineAUDIT_ARG_UPATH2(td, dirfd, upath) -#defineAUDIT_ARG_UPATH2_NONCANON(td, upath) +#defineAUDIT_ARG_UPATH2_CANON(upath) #defineAUDIT_ARG_VALUE(value) #defineAUDIT_ARG_VNODE1(vp) #defineAUDIT_ARG_VNODE2(vp) ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r316332 - in head/sys: kern security/audit
Author: rwatson Date: Fri Mar 31 13:43:00 2017 New Revision: 316332 URL: https://svnweb.freebsd.org/changeset/base/316332 Log: Audit arguments to POSIX message queues, semaphores, and shared memory. This requires minor changes to the audit framework to allow capturing paths that are not filesystem paths (i.e., will not be canonicalised relative to the process current working directory and/or filesystem root). Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/kern/uipc_mqueue.c head/sys/kern/uipc_sem.c head/sys/kern/uipc_shm.c head/sys/security/audit/audit.h head/sys/security/audit/audit_arg.c Modified: head/sys/kern/uipc_mqueue.c == --- head/sys/kern/uipc_mqueue.c Fri Mar 31 11:40:59 2017(r316331) +++ head/sys/kern/uipc_mqueue.c Fri Mar 31 13:43:00 2017(r316332) @@ -1,7 +1,13 @@ /*- * Copyright (c) 2005 David Xu+ * Copyright (c) 2016-2017 Robert N. M. Watson * All rights reserved. * + * Portions of this software were developed by BAE Systems, the University of + * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL + * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent + * Computing (TC) research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -86,6 +92,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + FEATURE(p1003_1b_mqueue, "POSIX P1003.1B message queues support"); /* @@ -2012,6 +2020,9 @@ kern_kmq_open(struct thread *td, const c struct mqueue *mq; int fd, error, len, cmode; + AUDIT_ARG_FFLAGS(flags); + AUDIT_ARG_MODE(mode); + fdp = td->td_proc->p_fd; cmode = (((mode & ~fdp->fd_cmask) & ALLPERMS) & ~S_ISTXT); mq = NULL; @@ -2034,6 +2045,7 @@ kern_kmq_open(struct thread *td, const c len = strlen(path); if (len < 2 || path[0] != '/' || strchr(path + 1, '/') != NULL) return (EINVAL); + AUDIT_ARG_UPATH1_CANON(path); error = falloc(td, , , O_CLOEXEC); if (error) @@ -2133,6 +2145,7 @@ sys_kmq_unlink(struct thread *td, struct len = strlen(path); if (len < 2 || path[0] != '/' || strchr(path + 1, '/') != NULL) return (EINVAL); + AUDIT_ARG_UPATH1_CANON(path); sx_xlock(_data.mi_lock); pn = mqfs_search(mqfs_data.mi_root, path + 1, len - 1, td->td_ucred); @@ -2210,6 +2223,7 @@ kern_kmq_setattr(struct thread *td, int u_int oflag, flag; int error; + AUDIT_ARG_FD(mqd); if (attr != NULL && (attr->mq_flags & ~O_NONBLOCK) != 0) return (EINVAL); error = getmq(td, mqd, , NULL, ); @@ -2260,6 +2274,7 @@ sys_kmq_timedreceive(struct thread *td, int error; int waitok; + AUDIT_ARG_FD(uap->mqd); error = getmq_read(td, uap->mqd, , NULL, ); if (error) return (error); @@ -2285,6 +2300,7 @@ sys_kmq_timedsend(struct thread *td, str struct timespec *abs_timeout, ets; int error, waitok; + AUDIT_ARG_FD(uap->mqd); error = getmq_write(td, uap->mqd, , NULL, ); if (error) return (error); @@ -2315,6 +2331,7 @@ kern_kmq_notify(struct thread *td, int m struct mqueue_notifier *nt, *newnt = NULL; int error; + AUDIT_ARG_FD(mqd); if (sigev != NULL) { if (sigev->sigev_notify != SIGEV_SIGNAL && sigev->sigev_notify != SIGEV_THREAD_ID && @@ -2780,6 +2797,7 @@ freebsd32_kmq_timedsend(struct thread *t int error; int waitok; + AUDIT_ARG_FD(uap->mqd); error = getmq_write(td, uap->mqd, , NULL, ); if (error) return (error); @@ -2809,6 +2827,7 @@ freebsd32_kmq_timedreceive(struct thread struct timespec *abs_timeout, ets; int error, waitok; + AUDIT_ARG_FD(uap->mqd); error = getmq_read(td, uap->mqd, , NULL, ); if (error) return (error); Modified: head/sys/kern/uipc_sem.c == --- head/sys/kern/uipc_sem.cFri Mar 31 11:40:59 2017(r316331) +++ head/sys/kern/uipc_sem.cFri Mar 31 13:43:00 2017(r316332) @@ -1,7 +1,7 @@ /*- * Copyright (c) 2002 Alfred Perlstein * Copyright (c) 2003-2005 SPARTA, Inc. - * Copyright (c) 2005 Robert N. M. Watson + * Copyright (c) 2005, 2016-2017 Robert N. M. Watson * All rights reserved. * * This software was developed for the FreeBSD Project in part by Network @@ -9,6 +9,11 @@ * Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), * as part of the DARPA CHATS research program. * + *
svn commit: r316308 - in head/sys: kern security/audit
Author: rwatson Date: Thu Mar 30 22:26:15 2017 New Revision: 316308 URL: https://svnweb.freebsd.org/changeset/base/316308 Log: Audit arguments to System V IPC system calls implementing sempahores, message queues, and shared memory. Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/kern/sysv_msg.c head/sys/kern/sysv_sem.c head/sys/kern/sysv_shm.c head/sys/security/audit/audit.h Modified: head/sys/kern/sysv_msg.c == --- head/sys/kern/sysv_msg.cThu Mar 30 22:00:58 2017(r316307) +++ head/sys/kern/sysv_msg.cThu Mar 30 22:26:15 2017(r316308) @@ -18,6 +18,7 @@ */ /*- * Copyright (c) 2003-2005 McAfee, Inc. + * Copyright (c) 2016-2017 Robert N. M. Watson * All rights reserved. * * This software was developed for the FreeBSD Project in part by McAfee @@ -25,6 +26,11 @@ * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research * program. * + * Portions of this software were developed by BAE Systems, the University of + * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL + * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent + * Computing (TC) research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -508,6 +514,8 @@ kern_msgctl(td, msqid, cmd, msqbuf) if (rpr == NULL) return (ENOSYS); + AUDIT_ARG_SVIPC_CMD(cmd); + AUDIT_ARG_SVIPC_ID(msqid); msqix = IPCID_TO_IX(msqid); if (msqix < 0 || msqix >= msginfo.msgmni) { @@ -579,6 +587,7 @@ kern_msgctl(td, msqid, cmd, msqbuf) break; case IPC_SET: + AUDIT_ARG_SVIPC_PERM(>msg_perm); if ((error = ipcperm(td, >u.msg_perm, IPC_M))) goto done2; if (msqbuf->msg_qbytes > msqkptr->u.msg_qbytes) { @@ -667,6 +676,8 @@ sys_msgget(td, uap) error = EEXIST; goto done2; } + AUDIT_ARG_SVIPC_ID(IXSEQ_TO_IPCID(msqid, + msqkptr->u.msg_perm)); if ((error = ipcperm(td, >u.msg_perm, msgflg & 0700))) { DPRINTF(("requester doesn't have 0%o access\n", @@ -735,6 +746,7 @@ sys_msgget(td, uap) #ifdef MAC mac_sysvmsq_create(cred, msqkptr); #endif + AUDIT_ARG_SVIPC_PERM(>u.msg_perm); } else { DPRINTF(("didn't find it and wasn't asked to create it\n")); error = ENOENT; @@ -780,6 +792,7 @@ kern_msgsnd(td, msqid, msgp, msgsz, msgf return (ENOSYS); mtx_lock(_mtx); + AUDIT_ARG_SVIPC_ID(msqid); msqix = IPCID_TO_IX(msqid); if (msqix < 0 || msqix >= msginfo.msgmni) { @@ -790,6 +803,7 @@ kern_msgsnd(td, msqid, msgp, msgsz, msgf } msqkptr = [msqix]; + AUDIT_ARG_SVIPC_PERM(>u.msg_perm); if (msqkptr->u.msg_qbytes == 0) { DPRINTF(("no such message queue id\n")); error = EINVAL; @@ -1152,6 +1166,7 @@ kern_msgrcv(td, msqid, msgp, msgsz, msgt if (rpr == NULL) return (ENOSYS); + AUDIT_ARG_SVIPC_ID(msqid); msqix = IPCID_TO_IX(msqid); if (msqix < 0 || msqix >= msginfo.msgmni) { @@ -1162,6 +1177,7 @@ kern_msgrcv(td, msqid, msgp, msgsz, msgt msqkptr = [msqix]; mtx_lock(_mtx); + AUDIT_ARG_SVIPC_PERM(>u.msg_perm); if (msqkptr->u.msg_qbytes == 0) { DPRINTF(("no such message queue id\n")); error = EINVAL; Modified: head/sys/kern/sysv_sem.c == --- head/sys/kern/sysv_sem.cThu Mar 30 22:00:58 2017(r316307) +++ head/sys/kern/sysv_sem.cThu Mar 30 22:26:15 2017(r316308) @@ -7,6 +7,7 @@ */ /*- * Copyright (c) 2003-2005 McAfee, Inc. + * Copyright (c) 2016-2017 Robert N. M. Watson * All rights reserved. * * This software was developed for the FreeBSD Project in part by McAfee @@ -14,6 +15,11 @@ * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS research * program. * + * Portions of this software were developed by BAE Systems, the University of + * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL + * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent + * Computing (TC) research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -691,6 +697,9 @@ kern_semctl(struct thread *td, int semid DPRINTF(("call to
svn commit: r316307 - head/sys/kern
Author: rwatson Date: Thu Mar 30 22:00:58 2017 New Revision: 316307 URL: https://svnweb.freebsd.org/changeset/base/316307 Log: Add system-call argument auditing for ACL-related system calls. Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/kern/vfs_acl.c Modified: head/sys/kern/vfs_acl.c == --- head/sys/kern/vfs_acl.c Thu Mar 30 21:54:57 2017(r316306) +++ head/sys/kern/vfs_acl.c Thu Mar 30 22:00:58 2017(r316307) @@ -1,9 +1,14 @@ /*- - * Copyright (c) 1999-2006 Robert N. M. Watson + * Copyright (c) 1999-2006, 2016-2017 Robert N. M. Watson * All rights reserved. * * This software was developed by Robert Watson for the TrustedBSD Project. * + * Portions of this software were developed by BAE Systems, the University of + * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL + * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent + * Computing (TC) research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -53,6 +58,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include CTASSERT(ACL_MAX_ENTRIES >= OLDACL_MAX_ENTRIES); @@ -216,6 +222,7 @@ vacl_set_acl(struct thread *td, struct v struct mount *mp; int error; + AUDIT_ARG_VALUE(type); inkernelacl = acl_alloc(M_WAITOK); error = acl_copyin(aclp, inkernelacl, type); if (error != 0) @@ -224,6 +231,7 @@ vacl_set_acl(struct thread *td, struct v if (error != 0) goto out; vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); + AUDIT_ARG_VNODE1(vp); #ifdef MAC error = mac_vnode_check_setacl(td->td_ucred, vp, type, inkernelacl); if (error != 0) @@ -251,8 +259,10 @@ vacl_get_acl(struct thread *td, struct v struct acl *inkernelacl; int error; + AUDIT_ARG_VALUE(type); inkernelacl = acl_alloc(M_WAITOK | M_ZERO); vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); + AUDIT_ARG_VNODE1(vp); #ifdef MAC error = mac_vnode_check_getacl(td->td_ucred, vp, type); if (error != 0) @@ -280,10 +290,12 @@ vacl_delete(struct thread *td, struct vn struct mount *mp; int error; + AUDIT_ARG_VALUE(type); error = vn_start_write(vp, , V_WAIT | PCATCH); if (error != 0) return (error); vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); + AUDIT_ARG_VNODE1(vp); #ifdef MAC error = mac_vnode_check_deleteacl(td->td_ucred, vp, type); if (error != 0) @@ -300,6 +312,8 @@ out: /* * Given a vnode, check whether an ACL is appropriate for it + * + * XXXRW: No vnode lock held so can't audit vnode state...? */ static int vacl_aclcheck(struct thread *td, struct vnode *vp, acl_type_t type, @@ -333,7 +347,8 @@ sys___acl_get_file(struct thread *td, st struct nameidata nd; int error; - NDINIT(, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, + td); error = namei(); if (error == 0) { error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp); @@ -351,7 +366,8 @@ sys___acl_get_link(struct thread *td, st struct nameidata nd; int error; - NDINIT(, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, + td); error = namei(); if (error == 0) { error = vacl_get_acl(td, nd.ni_vp, uap->type, uap->aclp); @@ -369,7 +385,8 @@ sys___acl_set_file(struct thread *td, st struct nameidata nd; int error; - NDINIT(, LOOKUP, FOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(, LOOKUP, FOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, + td); error = namei(); if (error == 0) { error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp); @@ -387,7 +404,8 @@ sys___acl_set_link(struct thread *td, st struct nameidata nd; int error; - NDINIT(, LOOKUP, NOFOLLOW, UIO_USERSPACE, uap->path, td); + NDINIT(, LOOKUP, NOFOLLOW | AUDITVNODE1, UIO_USERSPACE, uap->path, + td); error = namei(); if (error == 0) { error = vacl_set_acl(td, nd.ni_vp, uap->type, uap->aclp); @@ -406,6 +424,7 @@ sys___acl_get_fd(struct thread *td, stru cap_rights_t rights; int error; + AUDIT_ARG_FD(uap->filedes); error = getvnode(td, uap->filedes, cap_rights_init(, CAP_ACL_GET), ); if (error == 0) { @@ -425,6 +444,7 @@ sys___acl_set_fd(struct thread *td, stru cap_r
svn commit: r316305 - head/sys/security/audit
Author: rwatson Date: Thu Mar 30 21:39:03 2017 New Revision: 316305 URL: https://svnweb.freebsd.org/changeset/base/316305 Log: Various BSM generation improvements when auditing AUE_ACCEPT, AUE_PROCCTL, AUE_SENDFILE, AUE_ACL_*, and AUE_POSIX_FALLOCATE. Audit AUE_SHMUNLINK path in the path token rather than as a text string, and AUE_SHMOPEN flags as an integer token rather than a System V IPC address token. Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/security/audit/audit_bsm.c Modified: head/sys/security/audit/audit_bsm.c == --- head/sys/security/audit/audit_bsm.c Thu Mar 30 20:42:16 2017 (r316304) +++ head/sys/security/audit/audit_bsm.c Thu Mar 30 21:39:03 2017 (r316305) @@ -530,6 +530,23 @@ kaudit_to_bsm(struct kaudit_record *kar, */ switch(ar->ar_event) { case AUE_ACCEPT: + if (ARG_IS_VALID(kar, ARG_FD)) { + tok = au_to_arg32(1, "fd", ar->ar_arg_fd); + kau_write(rec, tok); + } + if (ARG_IS_VALID(kar, ARG_SADDRINET)) { + tok = au_to_sock_inet((struct sockaddr_in *) + >ar_arg_sockaddr); + kau_write(rec, tok); + } + if (ARG_IS_VALID(kar, ARG_SADDRUNIX)) { + tok = au_to_sock_unix((struct sockaddr_un *) + >ar_arg_sockaddr); + kau_write(rec, tok); + UPATH1_TOKENS; + } + break; + case AUE_BIND: case AUE_LISTEN: case AUE_CONNECT: @@ -537,7 +554,6 @@ kaudit_to_bsm(struct kaudit_record *kar, case AUE_RECVFROM: case AUE_RECVMSG: case AUE_SEND: - case AUE_SENDFILE: case AUE_SENDMSG: case AUE_SENDTO: /* @@ -576,6 +592,22 @@ kaudit_to_bsm(struct kaudit_record *kar, } break; + case AUE_SENDFILE: + FD_VNODE1_TOKENS; + if (ARG_IS_VALID(kar, ARG_SADDRINET)) { + tok = au_to_sock_inet((struct sockaddr_in *) + >ar_arg_sockaddr); + kau_write(rec, tok); + } + if (ARG_IS_VALID(kar, ARG_SADDRUNIX)) { + tok = au_to_sock_unix((struct sockaddr_un *) + >ar_arg_sockaddr); + kau_write(rec, tok); + UPATH1_TOKENS; + } + /* XXX Need to handle ARG_SADDRINET6 */ + break; + case AUE_SOCKET: case AUE_SOCKETPAIR: if (ARG_IS_VALID(kar, ARG_SOCKINFO)) { @@ -749,6 +781,26 @@ kaudit_to_bsm(struct kaudit_record *kar, */ break; + case AUE_ACL_DELETE_FD: + case AUE_ACL_DELETE_FILE: + case AUE_ACL_CHECK_FD: + case AUE_ACL_CHECK_FILE: + case AUE_ACL_CHECK_LINK: + case AUE_ACL_DELETE_LINK: + case AUE_ACL_GET_FD: + case AUE_ACL_GET_FILE: + case AUE_ACL_GET_LINK: + case AUE_ACL_SET_FD: + case AUE_ACL_SET_FILE: + case AUE_ACL_SET_LINK: + if (ARG_IS_VALID(kar, ARG_VALUE)) { + tok = au_to_arg32(1, "type", ar->ar_arg_value); + kau_write(rec, tok); + } + ATFD1_TOKENS(1); + UPATH1_VNODE1_TOKENS; + break; + case AUE_CHDIR: case AUE_CHROOT: case AUE_FSTATAT: @@ -959,6 +1011,7 @@ kaudit_to_bsm(struct kaudit_record *kar, case AUE_GETDIRENTRIESATTR: case AUE_LSEEK: case AUE_POLL: + case AUE_POSIX_FALLOCATE: case AUE_PREAD: case AUE_PWRITE: case AUE_READ: @@ -1245,6 +1298,18 @@ kaudit_to_bsm(struct kaudit_record *kar, UPATH1_VNODE1_TOKENS; break; + case AUE_PROCCTL: + if (ARG_IS_VALID(kar, ARG_VALUE)) { + tok = au_to_arg32(1, "idtype", ar->ar_arg_value); + kau_write(rec, tok); + } + if (ARG_IS_VALID(kar, ARG_CMD)) { + tok = au_to_arg32(2, "com", ar->ar_arg_cmd); + kau_write(rec, tok); + } + PROCESS_PID_TOKENS(3); + break; + case AUE_PTRACE: if (ARG_IS_VALID(kar, ARG_CMD)) { tok = au_to_arg32(1, "request", ar->ar_arg_cmd); @@ -1499,7 +1564,7 @@ kaudit_to_bsm(struct kaudit_record *kar, /* AUE_SHMOPEN, AUE_SHMUNLINK, AUE_SEMOPEN, AUE_SEMCLOSE * and AUE_SEMUNLINK are Posix IPC */ case AUE_SHMOPEN: - if (ARG_IS_VALID(kar, ARG_SVIPC_ADDR)) { + if
svn commit: r316271 - head/sys/security/audit
Author: rwatson Date: Thu Mar 30 12:35:56 2017 New Revision: 316271 URL: https://svnweb.freebsd.org/changeset/base/316271 Log: Don't ifdef KDTRACE_HOOKS struct, variable, and function prototype definitions for the DTrace audit provider, so that the dtaudit module can compile in the absence of kernel DTrace support. This doesn't really make run-time sense (since the binary dependencies for the module won't be present), but it allows the dtaudit module to compile successfully regardless of the kernel configuration. MFC after:3 weeks Sponsored by: DARPA, AFRL Reported by: kib Modified: head/sys/security/audit/audit_private.h Modified: head/sys/security/audit/audit_private.h == --- head/sys/security/audit/audit_private.h Thu Mar 30 08:43:56 2017 (r316270) +++ head/sys/security/audit/audit_private.h Thu Mar 30 12:35:56 2017 (r316271) @@ -327,9 +327,7 @@ struct kaudit_record { void*k_udata; /* User data. */ u_intk_ulen;/* User data length. */ struct uthread *k_uthread; /* Audited thread. */ -#ifdef KDTRACE_HOOKS void*k_dtaudit_state; -#endif TAILQ_ENTRY(kaudit_record) k_q; }; TAILQ_HEAD(kaudit_queue, kaudit_record); @@ -401,7 +399,6 @@ struct evname_elem { LIST_ENTRY(evname_elem) ene_entry; /* (m) */ struct mtx ene_lock; -#ifdef KDTRACE_HOOKS /* DTrace probe IDs; 0 if not yet registered. */ uint32_tene_commit_probe_id;/* (M) */ uint32_tene_bsm_probe_id; /* (M) */ @@ -409,7 +406,6 @@ struct evname_elem { /* Flags indicating if the probes enabled or not. */ int ene_commit_probe_enabled; /* (M) */ int ene_bsm_probe_enabled; /* (M) */ -#endif }; #defineEVNAME_LOCK(ene)mtx_lock(&(ene)->ene_lock) @@ -424,7 +420,6 @@ typedef void(*au_evnamemap_callback_t)( * DTrace audit provider (dtaudit) hooks -- to be set non-NULL when the audit * provider is loaded and ready to be called into. */ -#ifdef KDTRACE_HOOKS extern void*(*dtaudit_hook_preselect)(au_id_t auid, au_event_t event, au_class_t class); extern int (*dtaudit_hook_commit)(struct kaudit_record *kar, @@ -433,7 +428,6 @@ extern int (*dtaudit_hook_commit)(struct extern void(*dtaudit_hook_bsm)(struct kaudit_record *kar, au_id_t auid, au_event_t event, au_class_t class, int sorf, void *bsm_data, size_t bsm_len); -#endif /* !KDTRACE_HOOKS */ #include #include @@ -457,9 +451,7 @@ au_class_t au_event_class(au_event_t ev voidau_evnamemap_init(void); voidau_evnamemap_insert(au_event_t event, const char *name); voidau_evnamemap_foreach(au_evnamemap_callback_t callback); -#ifdef KDTRACE_HOOKS struct evname_elem *au_evnamemap_lookup(au_event_t event); -#endif int au_event_name(au_event_t event, char *name); au_event_t audit_ctlname_to_sysctlevent(int name[], uint64_t valid_arg); au_event_t audit_flags_and_error_to_openevent(int oflags, int error); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r316182 - in head/sys: compat/freebsd32 kern sys
On Thu, 30 Mar 2017, Konstantin Belousov wrote: Hook up new audit event identifiers for various non-Orange Book/CAPP system calls supported by OpenBSM 1.2-alpha5. Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/compat/freebsd32/freebsd32_proto.h head/sys/compat/freebsd32/freebsd32_sysent.c head/sys/compat/freebsd32/syscalls.master head/sys/kern/init_sysent.c head/sys/kern/syscalls.master head/sys/sys/sysproto.h This was already discussed somewhere, might be the place was not public enough. The change, as committed, is impossible to read. Please do not mix human-made changes and generated files in one commit. For head it is no much harm to split the syscalls.master commits in way it was always done, for sake of the people reading either commit mails or VCS diffs. I have no opinion on the split/single commit on stable branches. Hi Kostik: My apologies -- I'm afriad I lost track of that convention during the merge. I have to say, though, that if we want to make changes easier to follow, the problem here is not so much generated files as poor formatting in generated files. Reading syscalls.master changes is always hard when multiple system calls are affected, due to the choice of putting all metadata for a system call on one line in the file. We could fix this in the generated files easily, though, by having the structs in init_sysent.c add carriage returns after each field assignment -- in which case the generated changes would make it easier to understand what was going on for multi-syscall commits, and help catch errors better. (I.e., by having the assignment of various system-call-related fields in the struct each appear on their own line.) At which point I suspect I'd generally prefer to see the commits combined. (The other reason we used to not combine commits related to generated $FreeBSD$ IDs in the files .. but that seems to have gone away. Robert ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r316185 - in head/sys: kern security/audit
Author: rwatson Date: Wed Mar 29 23:31:35 2017 New Revision: 316185 URL: https://svnweb.freebsd.org/changeset/base/316185 Log: When handling msgsys(2), semsys(2), and shmsys(2) multiplex system calls, map the 'which' argument into a suitable audit event identifier for the specific operation requested. Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/kern/sysv_msg.c head/sys/kern/sysv_sem.c head/sys/kern/sysv_shm.c head/sys/security/audit/audit.c head/sys/security/audit/audit.h head/sys/security/audit/audit_arg.c head/sys/security/audit/audit_bsm_klib.c head/sys/security/audit/audit_private.h Modified: head/sys/kern/sysv_msg.c == --- head/sys/kern/sysv_msg.cWed Mar 29 23:13:04 2017(r316184) +++ head/sys/kern/sysv_msg.cWed Mar 29 23:31:35 2017(r316185) @@ -73,6 +73,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include FEATURE(sysv_msg, "System V message queues support"); @@ -1639,6 +1640,7 @@ freebsd32_msgsys(struct thread *td, stru #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) + AUDIT_ARG_SVIPC_WHICH(uap->which); switch (uap->which) { case 0: return (freebsd7_freebsd32_msgctl(td, @@ -1810,6 +1812,7 @@ sys_msgsys(td, uap) { int error; + AUDIT_ARG_SVIPC_WHICH(uap->which); if (uap->which < 0 || uap->which >= nitems(msgcalls)) return (EINVAL); error = (*msgcalls[uap->which])(td, >a2); Modified: head/sys/kern/sysv_sem.c == --- head/sys/kern/sysv_sem.cWed Mar 29 23:13:04 2017(r316184) +++ head/sys/kern/sysv_sem.cWed Mar 29 23:31:35 2017(r316185) @@ -62,6 +62,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include FEATURE(sysv_sem, "System V semaphores support"); @@ -1692,6 +1693,7 @@ sys_semsys(td, uap) { int error; + AUDIT_ARG_SVIPC_WHICH(uap->which); if (uap->which < 0 || uap->which >= nitems(semcalls)) return (EINVAL); error = (*semcalls[uap->which])(td, >a2); @@ -1791,6 +1793,7 @@ freebsd32_semsys(struct thread *td, stru #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) + AUDIT_ARG_SVIPC_WHICH(uap->which); switch (uap->which) { case 0: return (freebsd7_freebsd32_semctl(td, Modified: head/sys/kern/sysv_shm.c == --- head/sys/kern/sysv_shm.cWed Mar 29 23:13:04 2017(r316184) +++ head/sys/kern/sysv_shm.cWed Mar 29 23:31:35 2017(r316185) @@ -87,6 +87,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include @@ -1300,6 +1301,7 @@ int sys_shmsys(struct thread *td, struct shmsys_args *uap) { + AUDIT_ARG_SVIPC_WHICH(uap->which); if (uap->which < 0 || uap->which >= nitems(shmcalls)) return (EINVAL); return ((*shmcalls[uap->which])(td, >a2)); @@ -1315,6 +1317,7 @@ freebsd32_shmsys(struct thread *td, stru #if defined(COMPAT_FREEBSD4) || defined(COMPAT_FREEBSD5) || \ defined(COMPAT_FREEBSD6) || defined(COMPAT_FREEBSD7) + AUDIT_ARG_SVIPC_WHICH(uap->which); switch (uap->which) { case 0: { /* shmat */ struct shmat_args ap; Modified: head/sys/security/audit/audit.c == --- head/sys/security/audit/audit.c Wed Mar 29 23:13:04 2017 (r316184) +++ head/sys/security/audit/audit.c Wed Mar 29 23:31:35 2017 (r316185) @@ -1,6 +1,6 @@ /*- * Copyright (c) 1999-2005 Apple Inc. - * Copyright (c) 2006-2007, 2016 Robert N. M. Watson + * Copyright (c) 2006-2007, 2016-2017 Robert N. M. Watson * All rights reserved. * * Portions of this software were developed by BAE Systems, the University of @@ -472,6 +472,24 @@ audit_commit(struct kaudit_record *ar, i /* Convert the auditon() command to an event. */ ar->k_ar.ar_event = auditon_command_event(ar->k_ar.ar_arg_cmd); break; + + case AUE_MSGSYS: + if (ARG_IS_VALID(ar, ARG_SVIPC_WHICH)) + ar->k_ar.ar_event = + audit_msgsys_to_event(ar->k_ar.ar_arg_svipc_which); + break; + + case AUE_SEMSYS: + if (ARG_IS_VALID(ar, ARG_SVIPC_WHICH)) + ar->k_ar.ar_event = + audit_semsys_to_event(ar->k_ar.ar_arg_svipc_which); + break; + + case AUE_SHMSYS: + if (ARG_IS_VALID(ar, ARG_SVIPC_WHICH)) +
svn commit: r316182 - in head/sys: compat/freebsd32 kern sys
Author: rwatson Date: Wed Mar 29 22:33:56 2017 New Revision: 316182 URL: https://svnweb.freebsd.org/changeset/base/316182 Log: Hook up new audit event identifiers for various non-Orange Book/CAPP system calls supported by OpenBSM 1.2-alpha5. Obtained from:TrustedBSD Project MFC after:3 weeks Sponsored by: DARPA, AFRL Modified: head/sys/compat/freebsd32/freebsd32_proto.h head/sys/compat/freebsd32/freebsd32_sysent.c head/sys/compat/freebsd32/syscalls.master head/sys/kern/init_sysent.c head/sys/kern/syscalls.master head/sys/sys/sysproto.h Modified: head/sys/compat/freebsd32/freebsd32_proto.h == --- head/sys/compat/freebsd32/freebsd32_proto.h Wed Mar 29 21:31:45 2017 (r316181) +++ head/sys/compat/freebsd32/freebsd32_proto.h Wed Mar 29 22:33:56 2017 (r316182) @@ -1139,7 +1139,7 @@ int freebsd10_freebsd32_pipe(struct thre #defineFREEBSD32_SYS_AUE_ofreebsd32_sigprocmaskAUE_SIGPROCMASK #defineFREEBSD32_SYS_AUE_ofreebsd32_sigpending AUE_SIGPENDING #defineFREEBSD32_SYS_AUE_freebsd32_sigaltstack AUE_SIGALTSTACK -#defineFREEBSD32_SYS_AUE_freebsd32_ioctl AUE_NULL +#defineFREEBSD32_SYS_AUE_freebsd32_ioctl AUE_IOCTL #defineFREEBSD32_SYS_AUE_freebsd32_execve AUE_EXECVE #defineFREEBSD32_SYS_AUE_ofreebsd32_fstat AUE_FSTAT #defineFREEBSD32_SYS_AUE_ofreebsd32_getpagesizeAUE_NULL @@ -1148,7 +1148,7 @@ int freebsd10_freebsd32_pipe(struct thre #defineFREEBSD32_SYS_AUE_freebsd32_getitimer AUE_GETITIMER #defineFREEBSD32_SYS_AUE_freebsd32_fcntl AUE_FCNTL #defineFREEBSD32_SYS_AUE_freebsd32_select AUE_SELECT -#defineFREEBSD32_SYS_AUE_ofreebsd32_sigreturn AUE_NULL +#defineFREEBSD32_SYS_AUE_ofreebsd32_sigreturn AUE_SIGRETURN #defineFREEBSD32_SYS_AUE_ofreebsd32_sigvec AUE_O_SIGVEC #defineFREEBSD32_SYS_AUE_ofreebsd32_sigblock AUE_O_SIGBLOCK #defineFREEBSD32_SYS_AUE_ofreebsd32_sigsetmask AUE_O_SIGSETMASK @@ -1194,48 +1194,48 @@ int freebsd10_freebsd32_pipe(struct thre #defineFREEBSD32_SYS_AUE_freebsd32_nanosleep AUE_NULL #defineFREEBSD32_SYS_AUE_freebsd32_clock_nanosleep AUE_NULL #defineFREEBSD32_SYS_AUE_freebsd32_clock_getcpuclockid2AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd32_aio_readAUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd32_aio_write AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd32_lio_listio AUE_NULL +#defineFREEBSD32_SYS_AUE_freebsd32_aio_readAUE_AIO_READ +#defineFREEBSD32_SYS_AUE_freebsd32_aio_write AUE_AIO_WRITE +#defineFREEBSD32_SYS_AUE_freebsd32_lio_listio AUE_LIO_LISTIO #defineFREEBSD32_SYS_AUE_freebsd32_lutimes AUE_LUTIMES #defineFREEBSD32_SYS_AUE_freebsd32_preadv AUE_PREADV #defineFREEBSD32_SYS_AUE_freebsd32_pwritev AUE_PWRITEV #defineFREEBSD32_SYS_AUE_freebsd4_freebsd32_fhstatfs AUE_FHSTATFS #defineFREEBSD32_SYS_AUE_freebsd32_modstat AUE_NULL #defineFREEBSD32_SYS_AUE_freebsd32_kldstat AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd32_aio_return AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd32_aio_suspend AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd32_aio_error AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_read AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_write AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_NULL +#defineFREEBSD32_SYS_AUE_freebsd32_aio_return AUE_AIO_RETURN +#defineFREEBSD32_SYS_AUE_freebsd32_aio_suspend AUE_AIO_SUSPEND +#defineFREEBSD32_SYS_AUE_freebsd32_aio_error AUE_AIO_ERROR +#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_read AUE_AIO_READ +#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_aio_write AUE_AIO_WRITE +#defineFREEBSD32_SYS_AUE_freebsd6_freebsd32_lio_listio AUE_LIO_LISTIO #defineFREEBSD32_SYS_AUE_freebsd4_freebsd32_sendfile AUE_SENDFILE #defineFREEBSD32_SYS_AUE_freebsd32_jailAUE_JAIL #defineFREEBSD32_SYS_AUE_freebsd4_freebsd32_sigaction AUE_SIGACTION #defineFREEBSD32_SYS_AUE_freebsd4_freebsd32_sigreturn AUE_SIGRETURN #defineFREEBSD32_SYS_AUE_freebsd32_sigtimedwaitAUE_SIGWAIT #defineFREEBSD32_SYS_AUE_freebsd32_sigwaitinfo AUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd32_aio_waitcompleteAUE_NULL -#defineFREEBSD32_SYS_AUE_freebsd32_kevent AUE_NULL +#defineFREEBSD32_SYS_AUE_freebsd32_aio_waitcomplete AUE_AIO_WAITCOMPLETE +#defineFREEBSD32_SYS_AUE_freebsd32_kevent AUE_KEVENT #defineFREEBSD32_SYS_AUE_freebsd32_nmount AUE_NMOUNT #defineFREEBSD32_SYS_AUE_freebsd32_sendfileAUE_SENDFILE -#define
svn commit: r316176 - in head/sys: conf modules/dtrace modules/dtrace/dtaudit security/audit
Author: rwatson Date: Wed Mar 29 19:58:00 2017 New Revision: 316176 URL: https://svnweb.freebsd.org/changeset/base/316176 Log: Add an experimental DTrace audit provider, which allows users of DTrace to instrument security event auditing rather than relying on conventional BSM trail files or audit pipes: - Add a set of per-event 'commit' probes, which provide access to particular auditable events at the time of commit in system-call return. These probes gain access to audit data via the in-kernel audit_record data structure, providing convenient access to system-call arguments and return values in a single probe. - Add a set of per-event 'bsm' probes, which provide access to particular auditable events at the time of BSM record generation in the audit worker thread. These probes have access to the in-kernel audit_record data structure and BSM representation as would be written to a trail file or audit pipe -- i.e., asynchronously in the audit worker thread. DTrace probe arguments consist of the name of the audit event (to support future mechanisms of instrumenting multiple events via a single probe -- e.g., using classes), a pointer to the in-kernel audit record, and an optional pointer to the BSM data and its length. For human convenience, upper-case audit event names (AUE_...) are converted to lower case in DTrace. DTrace scripts can now cause additional audit-based data to be collected on system calls, and inspect internal and BSM representations of the data. They do not affect data captured in the audit trail or audit pipes configured in the system. auditd(8) must be configured and running in order to provide a database of event information, as well as other audit configuration parameters (e.g., to capture command-line arguments or environmental variables) for the provider to operate. Reviewed by: gnn, jonathan, markj Sponsored by: DARPA, AFRL MFC after:3 weeks Differential Revision:https://reviews.freebsd.org/D10149 Added: head/sys/modules/dtrace/dtaudit/ head/sys/modules/dtrace/dtaudit/Makefile (contents, props changed) head/sys/security/audit/audit_dtrace.c (contents, props changed) Modified: head/sys/conf/files head/sys/modules/dtrace/Makefile head/sys/security/audit/audit.c head/sys/security/audit/audit_bsm_klib.c head/sys/security/audit/audit_private.h head/sys/security/audit/audit_worker.c Modified: head/sys/conf/files == --- head/sys/conf/files Wed Mar 29 19:39:07 2017(r316175) +++ head/sys/conf/files Wed Mar 29 19:58:00 2017(r316176) @@ -4593,6 +4593,7 @@ security/audit/audit.coptional audit security/audit/audit_arg.c optional audit security/audit/audit_bsm.c optional audit security/audit/audit_bsm_klib.coptional audit +security/audit/audit_dtrace.c optional dtaudit audit | dtraceall audit compile-with "${CDDL_C}" security/audit/audit_pipe.coptional audit security/audit/audit_syscalls.cstandard security/audit/audit_trigger.c optional audit Modified: head/sys/modules/dtrace/Makefile == --- head/sys/modules/dtrace/MakefileWed Mar 29 19:39:07 2017 (r316175) +++ head/sys/modules/dtrace/MakefileWed Mar 29 19:58:00 2017 (r316176) @@ -2,7 +2,8 @@ .include "Makefile.inc" -SUBDIR=dtmalloc\ +SUBDIR=dtaudit \ + dtmalloc\ dtnfscl \ dtrace \ dtraceall \ Added: head/sys/modules/dtrace/dtaudit/Makefile == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/modules/dtrace/dtaudit/MakefileWed Mar 29 19:58:00 2017 (r316176) @@ -0,0 +1,17 @@ +# $FreeBSD$ + +SYSDIR?= ${.CURDIR}/../../.. + +.PATH: ${SYSDIR}/security/audit + +KMOD= dtaudit +SRCS= audit_dtrace.c \ + vnode_if.h + +CFLAGS+= -I${SYSDIR}/cddl/compat/opensolaris \ + -I${SYSDIR}/cddl/contrib/opensolaris/uts/common \ + -I${SYSDIR} + +.include + +CFLAGS+= -include ${SYSDIR}/cddl/compat/opensolaris/sys/debug_compat.h Modified: head/sys/security/audit/audit.c == --- head/sys/security/audit/audit.c Wed Mar 29 19:39:07 2017 (r316175) +++ head/sys/security/audit/audit.c Wed Mar 29 19:58:00 2017 (r316176) @@ -1,8 +1,13 @@ /*- * Copyright (c) 1999-2005 Apple Inc. - * Copyright (c) 2006-2007 Robert N. M. Watson + * Copyright (c) 2006-2007, 2016 Robert N. M. Watson * All rights reserved. * + * Portions of this software were developed by BAE Systems,
svn commit: r316018 - head/sys/security/audit
Author: rwatson Date: Mon Mar 27 10:38:53 2017 New Revision: 316018 URL: https://svnweb.freebsd.org/changeset/base/316018 Log: Introduce an audit event identifier -> audit event name mapping database in the kernel audit implementation, similar the exist class mapping database. This will be used by the DTrace audit provider to map audit event identifiers originating in the system-call table back into strings for the purposes of setting probe names. The database is initialised and maintained by auditd(8), which reads values in from the audit_events configuration file, and then manages them using the A_GETEVENT and A_SETEVENT auditon(2) operations. Obtained from:TrustedBSD Project Sponsored by: DARPA, AFRL MFC after:3 weeks Modified: head/sys/security/audit/audit_bsm.c head/sys/security/audit/audit_bsm_klib.c head/sys/security/audit/audit_private.h head/sys/security/audit/audit_syscalls.c Modified: head/sys/security/audit/audit_bsm.c == --- head/sys/security/audit/audit_bsm.c Mon Mar 27 09:45:27 2017 (r316017) +++ head/sys/security/audit/audit_bsm.c Mon Mar 27 10:38:53 2017 (r316018) @@ -1,7 +1,13 @@ /* * Copyright (c) 1999-2009 Apple Inc. + * Copyright (c) 2016-2017 Robert N. M. Watson * All rights reserved. * + * Portions of this software were developed by BAE Systems, the University of + * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL + * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent + * Computing (TC) research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -67,6 +73,7 @@ kau_init(void) { au_evclassmap_init(); + au_evnamemap_init(); } /* Modified: head/sys/security/audit/audit_bsm_klib.c == --- head/sys/security/audit/audit_bsm_klib.cMon Mar 27 09:45:27 2017 (r316017) +++ head/sys/security/audit/audit_bsm_klib.cMon Mar 27 10:38:53 2017 (r316018) @@ -1,8 +1,13 @@ /* * Copyright (c) 1999-2009 Apple Inc. - * Copyright (c) 2005 Robert N. M. Watson + * Copyright (c) 2005, 2016 Robert N. M. Watson * All rights reserved. * + * Portions of this software were developed by BAE Systems, the University of + * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL + * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent + * Computing (TC) research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -42,6 +47,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -76,6 +82,30 @@ static struct evclass_list evclass_hash[ #defineEVCLASS_WLOCK() rw_wlock(_lock) #defineEVCLASS_WUNLOCK() rw_wunlock(_lock) +/* + * Hash table maintaining a mapping from audit event numbers to audit event + * names. For now, used only by DTrace, but present always so that userspace + * tools can register and inspect fields consistently even if DTrace is not + * present. + * + * struct evname_elem is defined in audit_private.h so that audit_dtrace.c can + * use the definition. + */ +#defineEVNAMEMAP_HASH_TABLE_SIZE 251 +struct evname_list { + LIST_HEAD(, evname_elem)enl_head; +}; + +static MALLOC_DEFINE(M_AUDITEVNAME, "audit_evname", "Audit event name"); +static struct sx evnamemap_lock; +static struct evname_list evnamemap_hash[EVNAMEMAP_HASH_TABLE_SIZE]; + +#defineEVNAMEMAP_LOCK_INIT() sx_init(_lock, "evnamemap_lock"); +#defineEVNAMEMAP_RLOCK() sx_slock(_lock) +#defineEVNAMEMAP_RUNLOCK() sx_sunlock(_lock) +#defineEVNAMEMAP_WLOCK() sx_xlock(_lock) +#defineEVNAMEMAP_WUNLOCK() sx_xunlock(_lock) + struct aue_open_event { int aoe_flags; au_event_t aoe_event; @@ -222,6 +252,117 @@ au_preselect(au_event_t event, au_class_ } /* + * Look up the name for an audit event in the event-to-name mapping table. + */ +int +au_event_name(au_event_t event, char *name) +{ + struct evname_list *enl; + struct evname_elem *ene; + int error; + + error = ENOENT; + EVNAMEMAP_RLOCK(); + enl = _hash[event % EVNAMEMAP_HASH_TABLE_SIZE]; + LIST_FOREACH(ene, >enl_head, ene_entry) { + if (ene->ene_event == event) { + strlcpy(name, ene->ene_name, EVNAMEMAP_NAME_SIZE); + error = 0; + goto out; + } + } +out: + EVNAMEMAP_RUNLOCK(); + return (error); +} + +/* + * Insert a event-to-name mapping. If
svn commit: r316015 - head/sys/security/audit
Author: rwatson Date: Mon Mar 27 08:29:17 2017 New Revision: 316015 URL: https://svnweb.freebsd.org/changeset/base/316015 Log: Extend comment describing path canonicalisation in audit. Sponsored by: DARPA, AFRL Obtained from:TrustedBSD Project MFC after:3 days Modified: head/sys/security/audit/audit_arg.c Modified: head/sys/security/audit/audit_arg.c == --- head/sys/security/audit/audit_arg.c Mon Mar 27 08:29:02 2017 (r316014) +++ head/sys/security/audit/audit_arg.c Mon Mar 27 08:29:17 2017 (r316015) @@ -708,7 +708,8 @@ audit_arg_file(struct proc *p, struct fi * Store a path as given by the user process for auditing into the audit * record stored on the user thread. This function will allocate the memory * to store the path info if not already available. This memory will be - * freed when the audit record is freed. + * freed when the audit record is freed. The path is canonlicalised with + * respect to the thread and directory descriptor passed. */ static void audit_arg_upath(struct thread *td, int dirfd, char *upath, char **pathp) ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r316006 - in head: contrib/openbsm contrib/openbsm/bin contrib/openbsm/bin/audit contrib/openbsm/bin/auditd contrib/openbsm/bin/auditdistd contrib/openbsm/bin/auditfilterd contrib/openb...
Author: rwatson Date: Sun Mar 26 21:14:49 2017 New Revision: 316006 URL: https://svnweb.freebsd.org/changeset/base/316006 Log: Merge OpenBSM 1.2-alpha5 from vendor branch to FreeBSD -CURRENT: - Add a new "qsize" parameter in audit_control and the getacqsize(3) API to query it, allowing to set the kernel's maximum audit queue length. - Add support to push a mapping between audit event names and event numbers into the kernel (where supported) using new A_GETEVENT and A_SETEVENT auditon(2) operations. - Add audit event identifiers for a number of new (and not-so-new) FreeBSD system calls including those for asynchronous I/O, thread management, SCTP, jails, multi-FIB support, and misc. POSIX interfaces such as posix_fallocate(2) and posix_fadvise(2). - On operating systems supporting Capsicum, auditreduce(1) and praudit(1) now run sandboxed. - Empty "flags" and "naflags" fields are now permitted in audit_control(5). Many thanks to Christian Brueffer for producing the OpenBSM release and importing/tagging it in the vendor branch. This release will allow improved auditing of a range of new FreeBSD functionality, as well as non-traditional events (e.g., fine-grained I/O auditing) not required by the Orange Book or Common Criteria. Obtained from:TrustedBSD Project Sponsored by: DARPA, AFRL MFC after:3 weeks Modified: head/contrib/openbsm/.travis.yml head/contrib/openbsm/CREDITS head/contrib/openbsm/INSTALL head/contrib/openbsm/LICENSE head/contrib/openbsm/Makefile.in head/contrib/openbsm/NEWS head/contrib/openbsm/README head/contrib/openbsm/VERSION head/contrib/openbsm/aclocal.m4 head/contrib/openbsm/bin/Makefile.in head/contrib/openbsm/bin/audit/Makefile.in head/contrib/openbsm/bin/auditd/Makefile.in head/contrib/openbsm/bin/auditd/auditd.c head/contrib/openbsm/bin/auditdistd/Makefile.am head/contrib/openbsm/bin/auditdistd/Makefile.in head/contrib/openbsm/bin/auditdistd/pjdlog.c head/contrib/openbsm/bin/auditfilterd/Makefile.in head/contrib/openbsm/bin/auditreduce/Makefile.in head/contrib/openbsm/bin/auditreduce/auditreduce.c head/contrib/openbsm/bin/praudit/Makefile.in head/contrib/openbsm/bin/praudit/praudit.c head/contrib/openbsm/bsm/Makefile.in head/contrib/openbsm/bsm/auditd_lib.h head/contrib/openbsm/bsm/libbsm.h head/contrib/openbsm/config/config.h head/contrib/openbsm/config/config.h.in head/contrib/openbsm/config/depcomp head/contrib/openbsm/config/ltmain.sh head/contrib/openbsm/config/missing head/contrib/openbsm/configure head/contrib/openbsm/configure.ac head/contrib/openbsm/etc/audit_event head/contrib/openbsm/libauditd/Makefile.in head/contrib/openbsm/libauditd/auditd_lib.c head/contrib/openbsm/libbsm/Makefile.am head/contrib/openbsm/libbsm/Makefile.in head/contrib/openbsm/libbsm/au_control.3 head/contrib/openbsm/libbsm/au_token.3 head/contrib/openbsm/libbsm/bsm_control.c head/contrib/openbsm/libbsm/bsm_wrappers.c head/contrib/openbsm/m4/libtool.m4 head/contrib/openbsm/m4/ltoptions.m4 head/contrib/openbsm/m4/ltsugar.m4 head/contrib/openbsm/m4/ltversion.m4 head/contrib/openbsm/man/Makefile.in head/contrib/openbsm/man/audit_control.5 head/contrib/openbsm/man/auditon.2 head/contrib/openbsm/modules/Makefile.in head/contrib/openbsm/modules/auditfilter_noop/Makefile.in head/contrib/openbsm/sys/Makefile.in head/contrib/openbsm/sys/bsm/Makefile.in head/contrib/openbsm/sys/bsm/audit.h head/contrib/openbsm/sys/bsm/audit_kevents.h head/contrib/openbsm/sys/bsm/audit_record.h head/contrib/openbsm/test/Makefile.in head/contrib/openbsm/test/bsm/Makefile.in head/contrib/openbsm/tools/Makefile.in head/contrib/openbsm/tools/audump.c head/lib/libbsm/Makefile head/sys/bsm/audit.h head/sys/bsm/audit_kevents.h head/usr.sbin/praudit/Makefile Directory Properties: head/contrib/openbsm/ (props changed) Modified: head/contrib/openbsm/.travis.yml == --- head/contrib/openbsm/.travis.ymlSun Mar 26 20:36:35 2017 (r316005) +++ head/contrib/openbsm/.travis.ymlSun Mar 26 21:14:49 2017 (r316006) @@ -14,5 +14,7 @@ before_install: sudo apt-get -qq install byacc flex; elif [ $TRAVIS_OS_NAME == "osx" ]; then brew update; - brew install byacc flex; + brew install byacc flex openssl; + export CFLAGS="-I/usr/local/opt/openssl/include $CFLAGS"; + export LDFLAGS="-L/usr/local/opt/openssl/lib $LDFLAGS"; fi Modified: head/contrib/openbsm/CREDITS == --- head/contrib/openbsm/CREDITSSun Mar 26 20:36:35 2017 (r316005) +++ head/contrib/openbsm/CREDITSSun Mar 26 21:14:49 2017 (r316006) @@ -35,6 +35,7 @@ the development of OpenBSM: Joel Dahl Ryan Steinmetz The FreeBSD Foundation +
Re: svn commit: r315948 - in head: bin/csh contrib/tcsh contrib/tcsh/config contrib/tcsh/nls contrib/tcsh/nls/C contrib/tcsh/nls/et contrib/tcsh/nls/finnish contrib/tcsh/nls/french contrib/tcsh/nls/ge
On Sat, 25 Mar 2017, Chagin Dmitry wrote: Author: dchagin Date: Sat Mar 25 13:32:28 2017 New Revision: 315948 URL: https://svnweb.freebsd.org/changeset/base/315948 Log: Update to tcsh 6.20.00 Relnotes: yes don't think it matters, Should this be MFCed? I did not plan It may be helpful to us if the out-of-bounds fix in tcsh could be merged to 11.x to appear in a future release. If it's not too much trouble, anyway..? Robert ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r316004 - head/share/man/man9
Author: rwatson Date: Sun Mar 26 20:24:27 2017 New Revision: 316004 URL: https://svnweb.freebsd.org/changeset/base/316004 Log: Slightly improve consistency of "fooint" vs "foo_int" in DPCPU(9) examples. MFC after:3 days Modified: head/share/man/man9/dpcpu.9 Modified: head/share/man/man9/dpcpu.9 == --- head/share/man/man9/dpcpu.9 Sun Mar 26 20:15:08 2017(r316003) +++ head/share/man/man9/dpcpu.9 Sun Mar 26 20:24:27 2017(r316004) @@ -57,20 +57,20 @@ Arbitrary C types may be used, including If no initialization is provided, then each per-CPU instance of the variable will be zero-filled (i.e., as though allocated in BSS): .Bd -literal -offset 1234 -DPCPU_DEFINE(int, fooint); +DPCPU_DEFINE(int, foo_int); .Ed .Pp Values may also be initialized statically with the definition, causing each per-CPU instance to be initialized with the value: .Bd -literal -offset 1234 -DPCPU_DEFINE(int, fooint) = 1; +DPCPU_DEFINE(int, foo_int) = 1; .Ed .Pp Syntactically, the definition may be treated as a variable. For example, a dynamic per-CPU variable may be declared as .Dv static : .Bd -literal -offset 1234 -static DPCPU_DEFINE(int, fooint); +static DPCPU_DEFINE(int, foo_int); .Ed .Pp .Fn DPCPU_DECLARE ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r316003 - head/share/man/man9
Author: rwatson Date: Sun Mar 26 20:15:08 2017 New Revision: 316003 URL: https://svnweb.freebsd.org/changeset/base/316003 Log: Add a man page for the kernel's dynamic per-CPU memory allocator. MFC after: 3 days Added: head/share/man/man9/dpcpu.9 (contents, props changed) Modified: head/share/man/man9/Makefile Modified: head/share/man/man9/Makefile == --- head/share/man/man9/MakefileSun Mar 26 19:47:43 2017 (r316002) +++ head/share/man/man9/MakefileSun Mar 26 20:15:08 2017 (r316003) @@ -116,6 +116,7 @@ MAN=accept_filter.9 \ disk.9 \ dnv.9 \ domain.9 \ + dpcpu.9 \ drbr.9 \ driver.9 \ DRIVER_MODULE.9 \ Added: head/share/man/man9/dpcpu.9 == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/man/man9/dpcpu.9 Sun Mar 26 20:15:08 2017(r316003) @@ -0,0 +1,163 @@ +.\"- +.\" Copyright (c) 2017 Robert N. M. Watson +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\"notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\"notice, this list of conditions and the following disclaimer in the +.\"documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd March 26, 2017 +.Dt DPCPU 9 +.Os +.Sh NAME +.Nm dpcpu +.Nd Kernel Dynamic Per-CPU Memory Allocator +.Sh SYNOPSIS +.In sys/pcpu.h +.Ss Per-CPU Variable Definition and Declaration +.Fn DPCPU_DEFINE "type" "name" +.Fn DPCPU_DECLARE "type" "name" +.Ss Current CPU Accessor Functions +.Fn DPCPU_PTR "name" +.Fn DPCPU_GET "name" +.Fn DPCPU_SET "name" "value" +.Ss Named CPU Accessor Functions +.Fn DPCPU_ID_PTR "cpu" "name" +.Fn DPCPU_ID_GET "cpu" "name" +.Fn DPCPU_ID_SET "cpu" "name" "value" +.Sh DESCRIPTION +.Nm +instantiates one instance of a global variable with each CPU in the system. +Dynamically allocated per-CPU variables are defined using +.Fn DPCPU_DEFINE , +which defines a variable of name +.Ar name +and type +.Ar type . +Arbitrary C types may be used, including structures and arrays. +If no initialization is provided, then each per-CPU instance of the variable +will be zero-filled (i.e., as though allocated in BSS): +.Bd -literal -offset 1234 +DPCPU_DEFINE(int, fooint); +.Ed +.Pp +Values may also be initialized statically with the definition, causing each +per-CPU instance to be initialized with the value: +.Bd -literal -offset 1234 +DPCPU_DEFINE(int, fooint) = 1; +.Ed +.Pp +Syntactically, the definition may be treated as a variable. +For example, a dynamic per-CPU variable may be declared as +.Dv static : +.Bd -literal -offset 1234 +static DPCPU_DEFINE(int, fooint); +.Ed +.Pp +.Fn DPCPU_DECLARE +produces a declaration of the per-CPU variable suitable for use in header +files. +.Pp +The current CPU's variable instance can be accessed via +.Nm DPCPU_PTR +(which returns a pointer to the per-CPU instance), +.Nm DPCPU_GET +(which retrieves the value of the per-CPU instance), +and +.Nm DPCPU_SET +(which sets the value of the per-CPU instance). +.Pp +Instances of variables associated with specific CPUs can be accessed via the +.Nm DPCPU_ID_PTR , +.Nm DPCPU_ID_GET , +and +.Nm DPGPU_ID_SET +accessor functions, which accept an additional CPU ID argument, +.Ar cpu . +.Ss Synchronization +In addition to the ordinary synchronization concerns associated with global +variables, which may imply the use of +.Xr atomic 9 , +.Xr mutex 9 , +or other kernel synchronization primitives, it is further the case that +thread migration could dynamically change the instance of a variable being +accessed by a thread between operations. +This requires additional care when reasoning about and protecting per-CPU +variables. +.Pp +For example, it may be desirable to protect
svn commit: r315990 - in head: contrib/top usr.bin/top
Author: rwatson Date: Sun Mar 26 17:22:44 2017 New Revision: 315990 URL: https://svnweb.freebsd.org/changeset/base/315990 Log: Provide proper contemporary function prototypes for many of the functions implemented in top(1), rather than relying on K prototypes, which can cause problems on targets where there are multiple incompatible calling conventions and the compiler requires argument information to select the correct one. (There's a bit more to do here, since it looks like top(1) also sometimes provides prototypes for various curses functions rather than relying on the header file...) Sponsored by: DARPA, AFRL MFC after:1 week Modified: head/contrib/top/machine.h head/contrib/top/top.c head/usr.bin/top/machine.c Modified: head/contrib/top/machine.h == --- head/contrib/top/machine.h Sun Mar 26 16:49:20 2017(r315989) +++ head/contrib/top/machine.h Sun Mar 26 17:22:44 2017(r315990) @@ -81,14 +81,15 @@ struct process_select /* routines defined by the machine dependent module */ -char *format_header(); -char *format_next_process(); +char *format_header(char *uname_field); +char *format_next_process(caddr_t handle, char *(*get_userid)(int), + int flags); voidtoggle_pcpustats(void); voidget_system_info(struct system_info *si); int machine_init(struct statics *statics, char do_unames); int proc_owner(int pid); /* non-int routines typically used by the machine dependent module */ -char *printable(); +char *printable(char *string); #endif /* MACHINE_H */ Modified: head/contrib/top/top.c == --- head/contrib/top/top.c Sun Mar 26 16:49:20 2017(r315989) +++ head/contrib/top/top.c Sun Mar 26 17:22:44 2017(r315990) @@ -112,7 +112,8 @@ extern int io_compare(); #endif time_t time(); -caddr_t get_process_info(); +caddr_t get_process_info(struct system_info *si, struct process_select *sel, +int (*compare)(const void *, const void *)); /* different routines for displaying the user's identification */ /* (values assigned to get_userid) */ @@ -120,16 +121,16 @@ char *username(); char *itoa7(); /* pointers to display routines */ -void (*d_loadave)() = i_loadave; -void (*d_procstates)() = i_procstates; -void (*d_cpustates)() = i_cpustates; -void (*d_memory)() = i_memory; -void (*d_arc)() = i_arc; -void (*d_carc)() = i_carc; -void (*d_swap)() = i_swap; -void (*d_message)() = i_message; -void (*d_header)() = i_header; -void (*d_process)() = i_process; +void (*d_loadave)(int mpid, double *avenrun) = i_loadave; +void (*d_procstates)(int total, int *brkdn) = i_procstates; +void (*d_cpustates)(int *states) = i_cpustates; +void (*d_memory)(int *stats) = i_memory; +void (*d_arc)(int *stats) = i_arc; +void (*d_carc)(int *stats) = i_carc; +void (*d_swap)(int *stats) = i_swap; +void (*d_message)(void) = i_message; +void (*d_header)(char *text) = i_header; +void (*d_process)(int line, char *thisline) = i_process; void reset_display(void); Modified: head/usr.bin/top/machine.c == --- head/usr.bin/top/machine.c Sun Mar 26 16:49:20 2017(r315989) +++ head/usr.bin/top/machine.c Sun Mar 26 17:22:44 2017(r315990) @@ -241,7 +241,7 @@ static int pageshift; /* log base 2 of ((kip)->ki_swrss > (kip)->ki_rssize ? (kip)->ki_swrss - (kip)->ki_rssize : 0) /* useful externals */ -long percentages(); +long percentages(int cnt, int *out, long *new, long *old, long *diffs); #ifdef ORDER /* ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r315987 - in head/libexec/bootpd: . tools/bootptest
Author: rwatson Date: Sun Mar 26 14:37:12 2017 New Revision: 315987 URL: https://svnweb.freebsd.org/changeset/base/315987 Log: Emply contemporary function prototypes in bootpd, rather than relying on locally defined K prototypes in .c files; use appropriate casts for pointer types now that types for arguments are available at compile time. This ensures that compilers with multiple incompatible calling conventions can select the correct calling convention for external functions. Sponsored by: DARPA, AFRL MFC after:1 week Modified: head/libexec/bootpd/getif.c head/libexec/bootpd/tools/bootptest/bootptest.c head/libexec/bootpd/tools/bootptest/bootptest.h head/libexec/bootpd/tools/bootptest/print-bootp.c Modified: head/libexec/bootpd/getif.c == --- head/libexec/bootpd/getif.c Sun Mar 26 14:31:29 2017(r315986) +++ head/libexec/bootpd/getif.c Sun Mar 26 14:37:12 2017(r315987) @@ -36,7 +36,7 @@ static struct ifreq ifreq[10]; /* Holds interface configuration */ static struct ifconf ifconf; /* points to ifreq */ -static int nmatch(); +static int nmatch(u_char *ca, u_char *cb); /* Return a pointer to the interface struct for the passed address. */ struct ifreq * Modified: head/libexec/bootpd/tools/bootptest/bootptest.c == --- head/libexec/bootpd/tools/bootptest/bootptest.c Sun Mar 26 14:31:29 2017(r315986) +++ head/libexec/bootpd/tools/bootptest/bootptest.c Sun Mar 26 14:37:12 2017(r315987) @@ -71,7 +71,7 @@ char *usage = "bootptest [-h] server-nam #include "patchlevel.h" -static void send_request(); +static void send_request(int s); #define LOG_ERR 1 #define BUFLEN 1024 @@ -122,9 +122,6 @@ unsigned char vm_cmu[4] = VM_CMU; unsigned char vm_rfc1048[4] = VM_RFC1048; short secs;/* How long client has waited */ -char *get_errmsg(); -extern void bootp_print(); - /* * Initialization such as command-line processing is done, then * the receiver loop is started. Die when interrupted. @@ -429,7 +426,7 @@ main(argc, argv) /* set globals needed by bootp_print() */ snaplen = n; snapend = (unsigned char *) rcvbuf + snaplen; - bootp_print(rcvbuf, n, sin_from.sin_port, 0); + bootp_print((struct bootp *)rcvbuf, n, sin_from.sin_port, 0); putchar('\n'); /* * This no longer exits immediately after receiving @@ -447,7 +444,7 @@ send_request(s) { /* Print the request packet. */ printf("Sending to %s", inet_ntoa(sin_server.sin_addr)); - bootp_print(sndbuf, snaplen, sin_from.sin_port, 0); + bootp_print((struct bootp *)sndbuf, snaplen, sin_from.sin_port, 0); putchar('\n'); /* Send the request packet. */ Modified: head/libexec/bootpd/tools/bootptest/bootptest.h == --- head/libexec/bootpd/tools/bootptest/bootptest.h Sun Mar 26 14:31:29 2017(r315986) +++ head/libexec/bootpd/tools/bootptest/bootptest.h Sun Mar 26 14:37:12 2017(r315987) @@ -20,4 +20,7 @@ extern int vflag; /* verbose flag */ extern unsigned char *packetp; extern unsigned char *snapend; -extern char *ipaddr_string(struct in_addr *); +voidbootp_print(struct bootp *bp, int length, u_short sport, + u_short dport); +char *ipaddr_string(struct in_addr *); +int printfn(u_char *s, u_char *ep); Modified: head/libexec/bootpd/tools/bootptest/print-bootp.c == --- head/libexec/bootpd/tools/bootptest/print-bootp.c Sun Mar 26 14:31:29 2017(r315986) +++ head/libexec/bootpd/tools/bootptest/print-bootp.c Sun Mar 26 14:37:12 2017(r315987) @@ -42,11 +42,10 @@ #include "bootptest.h" /* These decode the vendor data. */ -extern int printfn(); -static void rfc1048_print(); -static void cmu_print(); -static void other_print(); -static void dump_hex(); +static void rfc1048_print(u_char *bp, int length); +static void cmu_print(u_char *bp, int length); +static void other_print(u_char *bp, int length); +static void dump_hex(u_char *bp, int len); /* * Print bootp requests ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r315862 - head/lib/libcasper/libcasper
Author: rwatson Date: Thu Mar 23 14:35:21 2017 New Revision: 315862 URL: https://svnweb.freebsd.org/changeset/base/315862 Log: In libcasper, prefer to send a function index or service name over the IPC channel to a zygote process, rather than sending a function pointer or service pointer. This avoids transfering pointers between address spaces, which while robust in this case (due to the zygote being forked() from the parent) is not generally a good idea, especially in the presence of increasingly popular control-flow integrity and pointer protection mitigation schemes. With this change, ping(8) and other sandboxed tools using libcasper for DNS resolution now work on architectures with tagged memory again. Reviewed by: oshogbo MFC after:1 week Sponsored by: DARPA, AFRL Modified: head/lib/libcasper/libcasper/libcasper_service.c head/lib/libcasper/libcasper/zygote.c head/lib/libcasper/libcasper/zygote.h Modified: head/lib/libcasper/libcasper/libcasper_service.c == --- head/lib/libcasper/libcasper/libcasper_service.cThu Mar 23 14:12:21 2017(r315861) +++ head/lib/libcasper/libcasper/libcasper_service.cThu Mar 23 14:35:21 2017(r315862) @@ -1,11 +1,16 @@ /*- * Copyright (c) 2012 The FreeBSD Foundation * Copyright (c) 2015 Mariusz Zaborski+ * Copyright (c) 2017 Robert N. M. Watson * All rights reserved. * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * + * This software was developed by SRI International and the University of + * Cambridge Computer Laboratory under DARPA/AFRL contract (FA8750-10-C-0237) + * ("CTSRD"), as part of the DARPA CRASH research programme. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -130,18 +135,25 @@ casper_limit(const nvlist_t *oldlimits, return (0); } -static void +void service_execute(int chanfd) { + struct casper_service *casserv; struct service *service; + const char *servname; nvlist_t *nvl; int procfd; nvl = nvlist_recv(chanfd, 0); if (nvl == NULL) exit(1); - service = (struct service *)(uintptr_t)nvlist_take_number(nvl, - "service"); + if (!nvlist_exists_string(nvl, "service")) + exit(1); + servname = nvlist_get_string(nvl, "service"); + casserv = service_find(servname); + if (casserv == NULL) + exit(1); + service = casserv->cs_service; procfd = nvlist_take_descriptor(nvl, "procfd"); nvlist_destroy(nvl); @@ -172,12 +184,11 @@ casper_command(const char *cmd, const nv if (!casper_allowed_service(limits, servname)) return (ENOTCAPABLE); - if (zygote_clone(service_execute, , ) == -1) + if (zygote_clone_service_execute(, ) == -1) return (errno); nvl = nvlist_create(0); - nvlist_add_number(nvl, "service", - (uint64_t)(uintptr_t)casserv->cs_service); + nvlist_add_string(nvl, "service", servname); nvlist_move_descriptor(nvl, "procfd", procfd); if (nvlist_send(chanfd, nvl) == -1) { error = errno; Modified: head/lib/libcasper/libcasper/zygote.c == --- head/lib/libcasper/libcasper/zygote.c Thu Mar 23 14:12:21 2017 (r315861) +++ head/lib/libcasper/libcasper/zygote.c Thu Mar 23 14:35:21 2017 (r315862) @@ -1,11 +1,16 @@ /*- * Copyright (c) 2012 The FreeBSD Foundation * Copyright (c) 2015 Mariusz Zaborski - * All rights reserved. + * Copyright (c) 2017 Robert N. M. Watson * * This software was developed by Pawel Jakub Dawidek under sponsorship from * the FreeBSD Foundation. * + * All rights reserved. + * This software was developed by SRI International and the University of + * Cambridge Computer Laboratory under DARPA/AFRL contract (FA8750-10-C-0237) + * ("CTSRD"), as part of the DARPA CRASH research programme. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -50,8 +55,10 @@ __FBSDID("$FreeBSD$"); /* Zygote info. */ static int zygote_sock = -1; +#defineZYGOTE_SERVICE_EXECUTE 1 + int -zygote_clone(zygote_func_t *func, int *chanfdp, int *procfdp) +zygote_clone(uint64_t funcidx, int *chanfdp, int *procfdp) { nvlist_t *nvl; int error; @@ -63,7 +70,7 @@ zygote_clone(zygote_func_t *func, int *c } nvl = nvlist_create(0); - nvlist_add_number(nvl, "func", (uint64_t)(uintptr_t)func); + nvlist_add_number(nvl, "funcidx", funcidx); nvl =
svn commit: r312922 - head/sys/dev/altera/avgen
Author: rwatson Date: Sat Jan 28 13:25:06 2017 New Revision: 312922 URL: https://svnweb.freebsd.org/changeset/base/312922 Log: Merge enhancements to the ALTERA Avalon bus generic device attachment driver to support exposing a GEOM device, which can be used to mount Avalon-attached ROMs, reserved areas of DRAM, etc, as a filesystem: commit 9deb1e60eaaaf7a3687e48c58af5efd756f32ec6 Author: Robert N. M. WatsonDate: Sat Mar 5 20:33:12 2016 + Use format strings with make_dev(9) in avgen(4). commit 0bf2176c23e7425bfa042c08a24f8a25fe6d8885 Author: Robert N. M. Watson Date: Tue Mar 1 10:23:23 2016 + Implement a new "geomio" configuration argument to altera_avgen(4), the generic I/O device we attach to various BERI peripherals. The new option requests that, instead of exposing the underlying device via a special device node in /dev, it instead be exposed via geom(4), allowing it to be used with filesystems. The current implementation does not allow a device to be exposed both for file/mmap and geom, so one of the two models must be selected when configuring it via FDT or device.hints. A typical use of the new option will be: sri-cambridge,geomio = "rw"; MFC after:1 week Sponsored by: DARPA, AFRL Modified: head/sys/dev/altera/avgen/altera_avgen.c head/sys/dev/altera/avgen/altera_avgen.h head/sys/dev/altera/avgen/altera_avgen_fdt.c head/sys/dev/altera/avgen/altera_avgen_nexus.c Modified: head/sys/dev/altera/avgen/altera_avgen.c == --- head/sys/dev/altera/avgen/altera_avgen.cSat Jan 28 13:09:18 2017 (r312921) +++ head/sys/dev/altera/avgen/altera_avgen.cSat Jan 28 13:25:06 2017 (r312922) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2012-2013 Robert N. M. Watson + * Copyright (c) 2012-2013, 2016 Robert N. M. Watson * All rights reserved. * * This software was developed by SRI International and the University of @@ -32,6 +32,7 @@ __FBSDID("$FreeBSD$"); #include +#include #include #include #include @@ -45,6 +46,8 @@ __FBSDID("$FreeBSD$"); #include #include +#include + #include #include @@ -65,14 +68,19 @@ static d_mmap_t altera_avgen_mmap; static d_read_t altera_avgen_read; static d_write_t altera_avgen_write; +#defineALTERA_AVGEN_DEVNAME"altera_avgen" +#defineALTERA_AVGEN_DEVNAME_FMT(ALTERA_AVGEN_DEVNAME "%d") + static struct cdevsw avg_cdevsw = { .d_version =D_VERSION, .d_mmap = altera_avgen_mmap, .d_read = altera_avgen_read, .d_write = altera_avgen_write, - .d_name = "altera_avgen", + .d_name = ALTERA_AVGEN_DEVNAME, }; +#defineALTERA_AVGEN_SECTORSIZE 512 /* Not configurable at this time. */ + static int altera_avgen_read(struct cdev *dev, struct uio *uio, int flag) { @@ -227,11 +235,103 @@ altera_avgen_mmap(struct cdev *dev, vm_o return (0); } +/* + * NB: We serialise block reads and writes in case the OS is generating + * concurrent I/O against the same block, in which case we want one I/O (or + * another) to win. This is not sufficient to provide atomicity for the + * sector in the presence of a fail stop -- however, we're just writing this + * to non-persistent DRAM .. right? + */ +static void +altera_avgen_disk_strategy(struct bio *bp) +{ + struct altera_avgen_softc *sc; + void *data; + long bcount; + daddr_t pblkno; + + sc = bp->bio_disk->d_drv1; + data = bp->bio_data; + bcount = bp->bio_bcount; + pblkno = bp->bio_pblkno; + + /* +* Serialize block reads / writes. +*/ + mtx_lock(>avg_disk_mtx); + switch (bp->bio_cmd) { + case BIO_READ: + if (!(sc->avg_flags & ALTERA_AVALON_FLAG_GEOM_READ)) { + biofinish(bp, NULL, EIO); + break; + } + switch (sc->avg_width) { + case 1: + bus_read_region_1(sc->avg_res, + bp->bio_pblkno * ALTERA_AVGEN_SECTORSIZE, + (uint8_t *)data, bcount); + break; + + case 2: + bus_read_region_2(sc->avg_res, + bp->bio_pblkno * ALTERA_AVGEN_SECTORSIZE, + (uint16_t *)data, bcount / 2); + break; + + case 4: + bus_read_region_4(sc->avg_res, + bp->bio_pblkno * ALTERA_AVGEN_SECTORSIZE, + (uint32_t *)data, bcount / 4); + break; + + default: + panic("%s: unexpected width %u", __func__, +
svn commit: r312920 - head/sys/dev/altera/jtag_uart
Author: rwatson Date: Sat Jan 28 12:43:19 2017 New Revision: 312920 URL: https://svnweb.freebsd.org/changeset/base/312920 Log: Merge robustness improvements for the ALTERA JTAG UART driver from CheriBSD, which attempt to work around an inherent race in the UART's control-register design in detecting whether JTAG is currently, present, which will otherwise lead to moderately frequent output drops when running in polled rather than interrupt-driven operation. Now, these drops are quite infrequent. commit 9f33fddac9215e32781a4f016ba17eab804fb6d4 Author: Robert N. M. WatsonDate: Thu Jul 16 17:34:12 2015 + Add a new sysctl, hw.altera_jtag_uart.ac_poll_delay, which allows the (default 10ms) delay associated with a full JTAG UART buffer combined with a lack of a JTAG-present flag to be tuned. Setting this higher may cause some JTAG configurations to be more reliable when printing out low-level console output at a speed greater than the JTAG UART is willing to carry data. Or it may not. commit 73992ef7607738b2973736e409ccd644b30eadba Author: Robert N. M. Watson Date: Sun Jan 1 15:13:07 2017 + Minor improvements to the Altera JTAG UART device driver: - Minor rework to the logic to detect JTAG presence in order to be a bit more resilient to inevitable races: increase the retry period from two seconds to four seconds for trying to find JTAG, and more agressively clear the miss counter if JTAG has been reconnected. Once JTAG has vanished, stop prodding the miss counter. - Do a bit of reworking of the output code to frob the control register less by checking whether write interrupts are enabled/disabled before changing their state. This should reduce the opportunity for races with JTAG discovery (which are inherent to the Altera hardware-software interface, but can at least be minimised). - Add statistics relating to interrupt enable/disable/JTAG discovery/etc. With these changes, polled-mode JTAG UART ttys appear substantially more robust. MFC after:1 week Sponsored by: DARPA, AFRL Modified: head/sys/dev/altera/jtag_uart/altera_jtag_uart_cons.c head/sys/dev/altera/jtag_uart/altera_jtag_uart_tty.c Modified: head/sys/dev/altera/jtag_uart/altera_jtag_uart_cons.c == --- head/sys/dev/altera/jtag_uart/altera_jtag_uart_cons.c Sat Jan 28 12:26:22 2017(r312919) +++ head/sys/dev/altera/jtag_uart/altera_jtag_uart_cons.c Sat Jan 28 12:43:19 2017(r312920) @@ -40,6 +40,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -49,6 +50,9 @@ __FBSDID("$FreeBSD$"); devclass_t altera_jtag_uart_devclass; +static SYSCTL_NODE(_hw, OID_AUTO, altera_jtag_uart, CTLFLAG_RW, 0, +"Altera JTAG UART configuration knobs"); + /* * One-byte buffer as we can't check whether the UART is readable without * actually reading from it, synchronised by a spinlock; this lock also @@ -82,6 +86,11 @@ static cn_ungrab_t aju_cnungrab; * no AC bit set. */ #defineALTERA_JTAG_UART_AC_POLL_DELAY 1 +static u_int altera_jtag_uart_ac_poll_delay = + ALTERA_JTAG_UART_AC_POLL_DELAY; +SYSCTL_UINT(_hw_altera_jtag_uart, OID_AUTO, ac_poll_delay, +CTLFLAG_RW, _jtag_uart_ac_poll_delay, 0, +"Maximum delay waiting for JTAG present flag when buffer is full"); /* * I/O routines lifted from Deimos. This is not only MIPS-specific, but also @@ -220,10 +229,10 @@ aju_cons_write(char ch) * layer clearing of the bit doesn't trigger a TTY-layer * disconnection. * -* XXXRW: The polling delay may require tuning. -* * XXXRW: Notice the inherent race with hardware: in clearing the -* bit, we may race with hardware setting the same bit. +* bit, we may race with hardware setting the same bit. This can +* cause real-world reliability problems due to lost output on the +* console. */ v = aju_cons_control_read(); if (v & ALTERA_JTAG_UART_CONTROL_AC) { @@ -235,7 +244,7 @@ aju_cons_write(char ch) while ((v & ALTERA_JTAG_UART_CONTROL_WSPACE) == 0) { if (!aju_cons_jtag_present) return; - DELAY(ALTERA_JTAG_UART_AC_POLL_DELAY); + DELAY(altera_jtag_uart_ac_poll_delay); v = aju_cons_control_read(); if (v & ALTERA_JTAG_UART_CONTROL_AC) { aju_cons_jtag_present = 1; Modified: head/sys/dev/altera/jtag_uart/altera_jtag_uart_tty.c == --- head/sys/dev/altera/jtag_uart/altera_jtag_uart_tty.cSat
svn commit: r312919 - head/tests/sys/aio
Author: rwatson Date: Sat Jan 28 12:26:22 2017 New Revision: 312919 URL: https://svnweb.freebsd.org/changeset/base/312919 Log: Fix build of aio_test on MIPS, where the compiler warns about the local variable 'err' shadowing the global function err(3). Which it does. Sponsored by: DARPA, AFRL Modified: head/tests/sys/aio/aio_test.c Modified: head/tests/sys/aio/aio_test.c == --- head/tests/sys/aio/aio_test.c Sat Jan 28 11:38:51 2017 (r312918) +++ head/tests/sys/aio/aio_test.c Sat Jan 28 12:26:22 2017 (r312919) @@ -188,31 +188,31 @@ aio_context_init(struct aio_context *ac, static ssize_t poll(struct aiocb *aio) { - int err; + int error; - while ((err = aio_error(aio)) == EINPROGRESS && !aio_timedout) + while ((error = aio_error(aio)) == EINPROGRESS && !aio_timedout) usleep(25000); - switch (err) { + switch (error) { case EINPROGRESS: errno = EINTR; return (-1); case 0: return (aio_return(aio)); default: - return (err); + return (error); } } static ssize_t suspend(struct aiocb *aio) { const struct aiocb *const iocbs[] = {aio}; - int err; + int error; - err = aio_suspend(iocbs, 1, NULL); - if (err == 0) + error = aio_suspend(iocbs, 1, NULL); + if (error == 0) return (aio_return(aio)); else - return (err); + return (error); } static ssize_t ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r312918 - head/sys/mips/conf
Author: rwatson Date: Sat Jan 28 11:38:51 2017 New Revision: 312918 URL: https://svnweb.freebsd.org/changeset/base/312918 Log: As with GENERIC on other architectures, include COMPAT_FREEBSD10 and COMPAT_FREEBSD11 in the generic BERI kernel configuration template. MFC after:1 week Sponsored by: DARPA, AFRL Modified: head/sys/mips/conf/BERI_TEMPLATE Modified: head/sys/mips/conf/BERI_TEMPLATE == --- head/sys/mips/conf/BERI_TEMPLATESat Jan 28 09:58:00 2017 (r312917) +++ head/sys/mips/conf/BERI_TEMPLATESat Jan 28 11:38:51 2017 (r312918) @@ -33,6 +33,9 @@ options KTRACE optionsCAPABILITY_MODE optionsCAPABILITIES +optionsCOMPAT_FREEBSD10 +optionsCOMPAT_FREEBSD11 + optionsSCHED_ULE optionsFFS #Berkeley Fast Filesystem ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r309678 - in head/sys: kern sys
Author: rwatson Date: Wed Dec 7 16:12:27 2016 New Revision: 309678 URL: https://svnweb.freebsd.org/changeset/base/309678 Log: Regnerate system-call definitions following r309677 correcting a whitespace glitch in syscalls.master. Modified: head/sys/kern/init_sysent.c head/sys/kern/syscalls.c head/sys/sys/syscall.h head/sys/sys/syscall.mk head/sys/sys/sysproto.h Modified: head/sys/kern/init_sysent.c == --- head/sys/kern/init_sysent.c Wed Dec 7 16:11:55 2016(r309677) +++ head/sys/kern/init_sysent.c Wed Dec 7 16:12:27 2016(r309678) @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 10:50:40Z gnn + * created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 16:11:55Z rwatson */ #include "opt_compat.h" Modified: head/sys/kern/syscalls.c == --- head/sys/kern/syscalls.cWed Dec 7 16:11:55 2016(r309677) +++ head/sys/kern/syscalls.cWed Dec 7 16:12:27 2016(r309678) @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 10:50:40Z gnn + * created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 16:11:55Z rwatson */ const char *syscallnames[] = { Modified: head/sys/sys/syscall.h == --- head/sys/sys/syscall.h Wed Dec 7 16:11:55 2016(r309677) +++ head/sys/sys/syscall.h Wed Dec 7 16:12:27 2016(r309678) @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 10:50:40Z gnn + * created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 16:11:55Z rwatson */ #defineSYS_syscall 0 Modified: head/sys/sys/syscall.mk == --- head/sys/sys/syscall.mk Wed Dec 7 16:11:55 2016(r309677) +++ head/sys/sys/syscall.mk Wed Dec 7 16:12:27 2016(r309678) @@ -1,7 +1,7 @@ # FreeBSD system call object files. # DO NOT EDIT-- this file is automatically generated. # $FreeBSD$ -# created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 10:50:40Z gnn +# created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 16:11:55Z rwatson MIASM = \ syscall.o \ exit.o \ Modified: head/sys/sys/sysproto.h == --- head/sys/sys/sysproto.h Wed Dec 7 16:11:55 2016(r309677) +++ head/sys/sys/sysproto.h Wed Dec 7 16:12:27 2016(r309678) @@ -3,7 +3,7 @@ * * DO NOT EDIT-- this file is automatically generated. * $FreeBSD$ - * created from FreeBSD: head/sys/kern/syscalls.master 304395 2016-08-18 10:50:40Z gnn + * created from FreeBSD: head/sys/kern/syscalls.master 309677 2016-12-07 16:11:55Z rwatson */ #ifndef _SYS_SYSPROTO_H_ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r309677 - head/sys/kern
Author: rwatson Date: Wed Dec 7 16:11:55 2016 New Revision: 309677 URL: https://svnweb.freebsd.org/changeset/base/309677 Log: Replace spaces with tabs in definition of SCTP system calls, for consistency with the remainder of the syscalls.master file. This problem does not occur in the freebsd32 version of the same system calls. Modified: head/sys/kern/syscalls.master Modified: head/sys/kern/syscalls.master == --- head/sys/kern/syscalls.master Wed Dec 7 15:04:22 2016 (r309676) +++ head/sys/kern/syscalls.master Wed Dec 7 16:11:55 2016 (r309677) @@ -838,13 +838,13 @@ 469AUE_NULLUNIMPL __getpath_fromfd 470AUE_NULLUNIMPL __getpath_fromaddr 471AUE_NULLNOSTD { int sctp_peeloff(int sd, uint32_t name); } -472 AUE_NULLNOSTD { int sctp_generic_sendmsg(int sd, caddr_t msg, int mlen, \ - caddr_t to, __socklen_t tolen, \ +472AUE_NULLNOSTD { int sctp_generic_sendmsg(int sd, caddr_t msg, int mlen, \ + caddr_t to, __socklen_t tolen, \ struct sctp_sndrcvinfo *sinfo, int flags); } -473 AUE_NULLNOSTD { int sctp_generic_sendmsg_iov(int sd, struct iovec *iov, int iovlen, \ - caddr_t to, __socklen_t tolen, \ +473AUE_NULLNOSTD { int sctp_generic_sendmsg_iov(int sd, struct iovec *iov, int iovlen, \ + caddr_t to, __socklen_t tolen, \ struct sctp_sndrcvinfo *sinfo, int flags); } -474 AUE_NULLNOSTD { int sctp_generic_recvmsg(int sd, struct iovec *iov, int iovlen, \ +474AUE_NULLNOSTD { int sctp_generic_recvmsg(int sd, struct iovec *iov, int iovlen, \ struct sockaddr * from, __socklen_t *fromlenaddr, \ struct sctp_sndrcvinfo *sinfo, int *msg_flags); } 475AUE_PREAD STD { ssize_t pread(int fd, void *buf, \ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r309326 - head/usr.bin/login
Author: rwatson Date: Wed Nov 30 14:02:36 2016 New Revision: 309326 URL: https://svnweb.freebsd.org/changeset/base/309326 Log: Clarify warning message when failing to configure audit on user login: when au_user_mask() fails, it's not a failure to set the audit mask, but to calculate the audit mask -- and hence a condfiguration-file issue (of some sort). MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/usr.bin/login/login_audit.c Modified: head/usr.bin/login/login_audit.c == --- head/usr.bin/login/login_audit.cWed Nov 30 12:06:03 2016 (r309325) +++ head/usr.bin/login/login_audit.cWed Nov 30 14:02:36 2016 (r309326) @@ -80,7 +80,7 @@ au_login_success(void) /* Compute and set the user's preselection mask. */ if (au_user_mask(pwd->pw_name, ) == -1) - errx(1, "could not set audit mask"); + errx(1, "could not calculate audit mask"); /* Set the audit info for the user. */ auinfo.ai_auid = uid; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r308947 - in head/sys: kern security/audit
Author: rwatson Date: Tue Nov 22 00:41:24 2016 New Revision: 308947 URL: https://svnweb.freebsd.org/changeset/base/308947 Log: Audit 'fd' and 'cmd' arguments to fcntl(2), and when generating BSM, always audit the file-descriptor number and vnode information for all fnctl(2) commands, not just locking-related ones. This was likely an oversight in the original adaptation of this code from XNU. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/kern/kern_descrip.c head/sys/security/audit/audit_bsm.c Modified: head/sys/kern/kern_descrip.c == --- head/sys/kern/kern_descrip.cTue Nov 22 00:27:19 2016 (r308946) +++ head/sys/kern/kern_descrip.cTue Nov 22 00:41:24 2016 (r308947) @@ -495,6 +495,8 @@ kern_fcntl(struct thread *td, int fd, in p = td->td_proc; fdp = p->p_fd; + AUDIT_ARG_FD(cmd); + AUDIT_ARG_CMD(cmd); switch (cmd) { case F_DUPFD: tmp = arg; Modified: head/sys/security/audit/audit_bsm.c == --- head/sys/security/audit/audit_bsm.c Tue Nov 22 00:27:19 2016 (r308946) +++ head/sys/security/audit/audit_bsm.c Tue Nov 22 00:41:24 2016 (r308947) @@ -979,10 +979,7 @@ kaudit_to_bsm(struct kaudit_record *kar, au_fcntl_cmd_to_bsm(ar->ar_arg_cmd)); kau_write(rec, tok); } - if (ar->ar_arg_cmd == F_GETLK || ar->ar_arg_cmd == F_SETLK || - ar->ar_arg_cmd == F_SETLKW) { - FD_VNODE1_TOKENS; - } + FD_VNODE1_TOKENS; break; case AUE_FCHFLAGS: ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r304544 - in head/sys: kern security/audit
Author: rwatson Date: Sat Aug 20 20:28:08 2016 New Revision: 304544 URL: https://svnweb.freebsd.org/changeset/base/304544 Log: Audit the accepted (or rejected) username argument to setlogin(2). (NB: This was likely a mismerge from XNU in audit support, where the text argument to setlogin(2) is captured -- but as a text token, whereas this change uses the dedicated login-name field in struct audit_record.) MFC after:2 weeks Sponsored by: DARPA, AFRL Modified: head/sys/kern/kern_prot.c head/sys/security/audit/audit.h head/sys/security/audit/audit_bsm.c Modified: head/sys/kern/kern_prot.c == --- head/sys/kern/kern_prot.c Sat Aug 20 20:15:36 2016(r304543) +++ head/sys/kern/kern_prot.c Sat Aug 20 20:28:08 2016(r304544) @@ -2105,6 +2105,7 @@ sys_setlogin(struct thread *td, struct s error = EINVAL; return (error); } + AUDIT_ARG_LOGIN(logintmp); PROC_LOCK(p); SESS_LOCK(p->p_session); strcpy(p->p_session->s_login, logintmp); Modified: head/sys/security/audit/audit.h == --- head/sys/security/audit/audit.h Sat Aug 20 20:15:36 2016 (r304543) +++ head/sys/security/audit/audit.h Sat Aug 20 20:28:08 2016 (r304544) @@ -212,6 +212,11 @@ voidaudit_thread_free(struct thread *t audit_arg_groupset((gidset), (gidset_size));\ } while (0) +#defineAUDIT_ARG_LOGIN(login) do { \ + if (AUDITING_TD(curthread)) \ + audit_arg_login((login)); \ +} while (0) + #defineAUDIT_ARG_MODE(mode) do { \ if (AUDITING_TD(curthread)) \ audit_arg_mode((mode)); \ @@ -354,6 +359,7 @@ void audit_thread_free(struct thread *t #defineAUDIT_ARG_FFLAGS(fflags) #defineAUDIT_ARG_GID(gid) #defineAUDIT_ARG_GROUPSET(gidset, gidset_size) +#defineAUDIT_ARG_LOGIN(login) #defineAUDIT_ARG_MODE(mode) #defineAUDIT_ARG_OWNER(uid, gid) #defineAUDIT_ARG_PID(pid) Modified: head/sys/security/audit/audit_bsm.c == --- head/sys/security/audit/audit_bsm.c Sat Aug 20 20:15:36 2016 (r304543) +++ head/sys/security/audit/audit_bsm.c Sat Aug 20 20:28:08 2016 (r304544) @@ -1394,8 +1394,8 @@ kaudit_to_bsm(struct kaudit_record *kar, break; case AUE_SETLOGIN: - if (ARG_IS_VALID(kar, ARG_TEXT)) { - tok = au_to_text(ar->ar_arg_text); + if (ARG_IS_VALID(kar, ARG_LOGIN)) { + tok = au_to_text(ar->ar_arg_login); kau_write(rec, tok); } break; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r304537 - head/sys/kern
Author: rwatson Date: Sat Aug 20 18:51:48 2016 New Revision: 304537 URL: https://svnweb.freebsd.org/changeset/base/304537 Log: Audit additional vnode information in the implementation of the ftruncate(2) system call. This was not required by the Common Criteria, which needed only open-time audit. MFC after:2 weeks Sponsored by: DARPA, AFRL Modified: head/sys/kern/vfs_vnops.c Modified: head/sys/kern/vfs_vnops.c == --- head/sys/kern/vfs_vnops.c Sat Aug 20 18:45:25 2016(r304536) +++ head/sys/kern/vfs_vnops.c Sat Aug 20 18:51:48 2016(r304537) @@ -1302,6 +1302,7 @@ vn_truncate(struct file *fp, off_t lengt if (error) goto out1; vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); + AUDIT_ARG_VNODE1(vp); if (vp->v_type == VDIR) { error = EISDIR; goto out; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r302577 - head/sys/dev/drm2
On Mon, 11 Jul 2016, Garrett Cooper wrote: Add missing default case to capable(..) function definition By definition (enum __drm_capabilities), cases other than CAP_SYS_ADMIN aren't possible. Add in a KASSERT safety belt and return false in !INVARIANTS case if an invalid value is passed in, as it would be a programmer error. This fixes a -Wreturn-type error with gcc 5.3.0. Differential Revision: https://reviews.freebsd.org/D7188 MFC after: 1 week Reported by: devel/amd64-gcc (5.3.0) Reviewed by: dumbbell Sponsored by: EMC / Isilon Storage Division Per my comment in the review, I think a panic() here would be preferable to a KASSERT(), as it would come without perceptible runtime cost, and failstop the system if we were violating a design-time security invariant. Robert ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r302564 - head/sys/security/audit
Author: rwatson Date: Mon Jul 11 13:06:17 2016 New Revision: 302564 URL: https://svnweb.freebsd.org/changeset/base/302564 Log: Add AUE_WAIT6 handling to the BSM conversion switch statement, reusing the BSM encoding used for AUE_WAIT4. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/security/audit/audit_bsm.c Modified: head/sys/security/audit/audit_bsm.c == --- head/sys/security/audit/audit_bsm.c Mon Jul 11 13:01:42 2016 (r302563) +++ head/sys/security/audit/audit_bsm.c Mon Jul 11 13:06:17 2016 (r302564) @@ -1606,6 +1606,7 @@ kaudit_to_bsm(struct kaudit_record *kar, break; case AUE_WAIT4: + case AUE_WAIT6: PROCESS_PID_TOKENS(1); if (ARG_IS_VALID(kar, ARG_VALUE)) { tok = au_to_arg32(3, "options", ar->ar_arg_value); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r302526 - head/sys/kern
Author: rwatson Date: Sun Jul 10 14:17:36 2016 New Revision: 302526 URL: https://svnweb.freebsd.org/changeset/base/302526 Log: In process-descriptor close(2) and fstat(2), audit target process information. pgkill(2) already audits target process ID. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/kern/sys_procdesc.c Modified: head/sys/kern/sys_procdesc.c == --- head/sys/kern/sys_procdesc.cSun Jul 10 13:42:33 2016 (r302525) +++ head/sys/kern/sys_procdesc.cSun Jul 10 14:17:36 2016 (r302526) @@ -1,10 +1,15 @@ /*- - * Copyright (c) 2009 Robert N. M. Watson + * Copyright (c) 2009, 2016 Robert N. M. Watson * All rights reserved. * * This software was developed at the University of Cambridge Computer * Laboratory with support from a grant from Google, Inc. * + * Portions of this software were developed by BAE Systems, the University of + * Cambridge Computer Laboratory, and Memorial University under DARPA/AFRL + * contract FA8650-15-C-7558 ("CADETS"), as part of the DARPA Transparent + * Computing (TC) research program. + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -383,6 +388,7 @@ procdesc_close(struct file *fp, struct t sx_xunlock(_lock); } else { PROC_LOCK(p); + AUDIT_ARG_PROCESS(p); if (p->p_state == PRS_ZOMBIE) { /* * If the process is already dead and just awaiting @@ -529,6 +535,7 @@ procdesc_stat(struct file *fp, struct st sx_slock(_lock); if (pd->pd_proc != NULL) { PROC_LOCK(pd->pd_proc); + AUDIT_ARG_PROCESS(pd->pd_proc); /* Set birth and [acm] times to process start time. */ pstart = pd->pd_proc->p_stats->p_start; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r302525 - in head/sys: kern sys
Author: rwatson Date: Sun Jul 10 13:42:33 2016 New Revision: 302525 URL: https://svnweb.freebsd.org/changeset/base/302525 Log: Do allow auditing of read(2) and write(2) system calls, by assigning those system calls audit event identifiers AUE_READ and AUE_WRITE. While auditing file-descriptor I/O is not required by the Common Criteria, in practice this proves useful for both live and forensic analysis. NB: freebsd32 already assigns AUE_READ and AUE_WRITE to read(2) and write(2). MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/kern/init_sysent.c head/sys/kern/syscalls.master head/sys/sys/sysproto.h Modified: head/sys/kern/init_sysent.c == --- head/sys/kern/init_sysent.c Sun Jul 10 11:49:10 2016(r302524) +++ head/sys/kern/init_sysent.c Sun Jul 10 13:42:33 2016(r302525) @@ -49,8 +49,8 @@ struct sysent sysent[] = { { 0, (sy_call_t *)nosys, AUE_NULL, NULL, 0, 0, 0, SY_THR_STATIC }, /* 0 = syscall */ { AS(sys_exit_args), (sy_call_t *)sys_sys_exit, AUE_EXIT, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 1 = exit */ { 0, (sy_call_t *)sys_fork, AUE_FORK, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 2 = fork */ - { AS(read_args), (sy_call_t *)sys_read, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 3 = read */ - { AS(write_args), (sy_call_t *)sys_write, AUE_NULL, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC },/* 4 = write */ + { AS(read_args), (sy_call_t *)sys_read, AUE_READ, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 3 = read */ + { AS(write_args), (sy_call_t *)sys_write, AUE_WRITE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 4 = write */ { AS(open_args), (sy_call_t *)sys_open, AUE_OPEN_RWTC, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 5 = open */ { AS(close_args), (sy_call_t *)sys_close, AUE_CLOSE, NULL, 0, 0, SYF_CAPENABLED, SY_THR_STATIC }, /* 6 = close */ { AS(wait4_args), (sy_call_t *)sys_wait4, AUE_WAIT4, NULL, 0, 0, 0, SY_THR_STATIC },/* 7 = wait4 */ Modified: head/sys/kern/syscalls.master == --- head/sys/kern/syscalls.master Sun Jul 10 11:49:10 2016 (r302524) +++ head/sys/kern/syscalls.master Sun Jul 10 13:42:33 2016 (r302525) @@ -62,9 +62,9 @@ 1 AUE_EXITSTD { void sys_exit(int rval); } exit \ sys_exit_args void 2 AUE_FORKSTD { int fork(void); } -3 AUE_NULLSTD { ssize_t read(int fd, void *buf, \ +3 AUE_READSTD { ssize_t read(int fd, void *buf, \ size_t nbyte); } -4 AUE_NULLSTD { ssize_t write(int fd, const void *buf, \ +4 AUE_WRITE STD { ssize_t write(int fd, const void *buf, \ size_t nbyte); } 5 AUE_OPEN_RWTC STD { int open(char *path, int flags, int mode); } ; XXX should be{ int open(const char *path, int flags, ...); } Modified: head/sys/sys/sysproto.h == --- head/sys/sys/sysproto.h Sun Jul 10 11:49:10 2016(r302524) +++ head/sys/sys/sysproto.h Sun Jul 10 13:42:33 2016(r302525) @@ -2508,8 +2508,8 @@ int freebsd10_pipe(struct thread *, stru #defineSYS_AUE_syscall AUE_NULL #defineSYS_AUE_exitAUE_EXIT #defineSYS_AUE_forkAUE_FORK -#defineSYS_AUE_readAUE_NULL -#defineSYS_AUE_write AUE_NULL +#defineSYS_AUE_readAUE_READ +#defineSYS_AUE_write AUE_WRITE #defineSYS_AUE_openAUE_OPEN_RWTC #defineSYS_AUE_close AUE_CLOSE #defineSYS_AUE_wait4 AUE_WAIT4 ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r302524 - head/sys/vm
Author: rwatson Date: Sun Jul 10 11:49:10 2016 New Revision: 302524 URL: https://svnweb.freebsd.org/changeset/base/302524 Log: When mmap(2) is used with a vnode, capture vnode attributes in the audit trail. This was not required for Common Criteria auditing (which requires only that the intent to read or write be audited at the time of open(2)), but is useful for contemporary live analysis and forensics. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/vm/vm_mmap.c Modified: head/sys/vm/vm_mmap.c == --- head/sys/vm/vm_mmap.c Sun Jul 10 10:53:50 2016(r302523) +++ head/sys/vm/vm_mmap.c Sun Jul 10 11:49:10 2016(r302524) @@ -1245,6 +1245,7 @@ vm_mmap_vnode(struct thread *td, vm_size locktype = LK_SHARED; if ((error = vget(vp, locktype, td)) != 0) return (error); + AUDIT_ARG_VNODE1(vp); foff = *foffp; flags = *flagsp; obj = vp->v_object; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r302519 - head/sys/kern
Author: rwatson Date: Sun Jul 10 09:50:21 2016 New Revision: 302519 URL: https://svnweb.freebsd.org/changeset/base/302519 Log: Audit the file-descriptor number argument for openat(2). Remove a comment about the desirability of auditing the number, as it was in fact in the wrong place (in the common path for open(2) and openat(2), and only the latter accepts a file-descriptor argument). Where other ABIs support openat(2), it may be necessary to do additional argument auditing as it is not performed in kern_openat(9). MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/kern/vfs_syscalls.c Modified: head/sys/kern/vfs_syscalls.c == --- head/sys/kern/vfs_syscalls.cSun Jul 10 08:38:10 2016 (r302518) +++ head/sys/kern/vfs_syscalls.cSun Jul 10 09:50:21 2016 (r302519) @@ -942,6 +942,7 @@ int sys_openat(struct thread *td, struct openat_args *uap) { + AUDIT_ARG_FD(uap->fd); return (kern_openat(td, uap->fd, uap->path, UIO_USERSPACE, uap->flag, uap->mode)); } @@ -962,7 +963,6 @@ kern_openat(struct thread *td, int fd, c AUDIT_ARG_FFLAGS(flags); AUDIT_ARG_MODE(mode); - /* XXX: audit dirfd */ cap_rights_init(, CAP_LOOKUP); flags_to_rights(flags, ); /* ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r302514 - in head/sys: kern vm
Author: rwatson Date: Sun Jul 10 08:04:02 2016 New Revision: 302514 URL: https://svnweb.freebsd.org/changeset/base/302514 Log: Audit file-descriptor arguments to I/O system calls such as read(2), write(2), dup(2), and mmap(2). This auditing is not required by the Common Criteria (and hence was not being performed), but is valuable in both contemporary live analysis and forensic use cases. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/kern/kern_descrip.c head/sys/kern/sys_generic.c head/sys/vm/vm_mmap.c Modified: head/sys/kern/kern_descrip.c == --- head/sys/kern/kern_descrip.cSun Jul 10 04:33:16 2016 (r302513) +++ head/sys/kern/kern_descrip.cSun Jul 10 08:04:02 2016 (r302514) @@ -820,6 +820,9 @@ kern_dup(struct thread *td, u_int mode, MPASS((flags & ~(FDDUP_FLAG_CLOEXEC)) == 0); MPASS(mode < FDDUP_LASTMODE); + AUDIT_ARG_FD(old); + /* XXXRW: if (flags & FDDUP_FIXED) AUDIT_ARG_FD2(new); */ + /* * Verify we have a valid descriptor to dup from and possibly to * dup to. Unlike dup() and dup2(), fcntl()'s F_DUPFD should Modified: head/sys/kern/sys_generic.c == --- head/sys/kern/sys_generic.c Sun Jul 10 04:33:16 2016(r302513) +++ head/sys/kern/sys_generic.c Sun Jul 10 08:04:02 2016(r302514) @@ -363,6 +363,8 @@ dofileread(td, fd, fp, auio, offset, fla struct uio *ktruio = NULL; #endif + AUDIT_ARG_FD(fd); + /* Finish zero length reads right here */ if (auio->uio_resid == 0) { td->td_retval[0] = 0; @@ -576,6 +578,7 @@ dofilewrite(td, fd, fp, auio, offset, fl struct uio *ktruio = NULL; #endif + AUDIT_ARG_FD(fd); auio->uio_rw = UIO_WRITE; auio->uio_td = td; auio->uio_offset = offset; Modified: head/sys/vm/vm_mmap.c == --- head/sys/vm/vm_mmap.c Sun Jul 10 04:33:16 2016(r302513) +++ head/sys/vm/vm_mmap.c Sun Jul 10 08:04:02 2016(r302514) @@ -74,6 +74,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include #include @@ -206,6 +207,7 @@ sys_mmap(td, uap) pos = uap->pos; fp = NULL; + AUDIT_ARG_FD(uap->fd); /* * Ignore old flags that used to be defined but did not do anything. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r302345 - head/sys/kern
Author: rwatson Date: Tue Jul 5 16:37:01 2016 New Revision: 302345 URL: https://svnweb.freebsd.org/changeset/base/302345 Log: Call audit hooks to capture vnode attributes for three file-descriptor method implementations: fstat(2), close(2), and poll(2). This change synchronises auditing here with similar auditing for VFS-specific system calls such as stat(2) that audit more complete vnode information. Sponsored by: DARPA, AFRL Approved by: re (kib) MFC after:1 week Modified: head/sys/kern/vfs_vnops.c Modified: head/sys/kern/vfs_vnops.c == --- head/sys/kern/vfs_vnops.c Tue Jul 5 14:46:06 2016(r302344) +++ head/sys/kern/vfs_vnops.c Tue Jul 5 16:37:01 2016(r302345) @@ -440,6 +440,7 @@ vn_close(vp, flags, file_cred, td) vn_start_write(vp, , V_WAIT); vn_lock(vp, lock_flags | LK_RETRY); + AUDIT_ARG_VNODE1(vp); if ((flags & (FWRITE | FOPENFAILED)) == FWRITE) { VNASSERT(vp->v_writecount > 0, vp, ("vn_close: negative writecount")); @@ -1362,6 +1363,7 @@ vn_stat(vp, sb, active_cred, file_cred, int error; u_short mode; + AUDIT_ARG_VNODE1(vp); #ifdef MAC error = mac_vnode_check_stat(active_cred, file_cred, vp); if (error) @@ -1511,6 +1513,7 @@ vn_poll(fp, events, active_cred, td) vp = fp->f_vnode; #ifdef MAC vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); + AUDIT_ARG_VNODE1(vp); error = mac_vnode_check_poll(active_cred, fp->f_cred, vp); VOP_UNLOCK(vp, 0); if (!error) ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r301867 - head/sys/security/audit
Author: rwatson Date: Mon Jun 13 09:22:20 2016 New Revision: 301867 URL: https://svnweb.freebsd.org/changeset/base/301867 Log: Implement AUE_PREAD and AUE_PWRITE BSM conversion support, eliminating console warnings when pread(2) and pwrite(2) are used with full system-call auditing enabled. We audit the same file-descriptor data for these calls as we do read(2) and write(2). Approved by: re (kib) MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/security/audit/audit_bsm.c Modified: head/sys/security/audit/audit_bsm.c == --- head/sys/security/audit/audit_bsm.c Mon Jun 13 09:02:08 2016 (r301866) +++ head/sys/security/audit/audit_bsm.c Mon Jun 13 09:22:20 2016 (r301867) @@ -952,6 +952,8 @@ kaudit_to_bsm(struct kaudit_record *kar, case AUE_GETDIRENTRIESATTR: case AUE_LSEEK: case AUE_POLL: + case AUE_PREAD: + case AUE_PWRITE: case AUE_READ: case AUE_READV: case AUE_WRITE: ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r300306 - head/sys/mips/include
Author: rwatson Date: Fri May 20 15:34:03 2016 New Revision: 300306 URL: https://svnweb.freebsd.org/changeset/base/300306 Log: Garbage collect unused prototype for clockintr(). MFC after:3 days Modified: head/sys/mips/include/clock.h Modified: head/sys/mips/include/clock.h == --- head/sys/mips/include/clock.h Fri May 20 15:32:48 2016 (r300305) +++ head/sys/mips/include/clock.h Fri May 20 15:34:03 2016 (r300306) @@ -17,8 +17,6 @@ extern int cpu_clock; -extern uint32_t clockintr(uint32_t, struct trapframe *); - #define wall_cmos_clock 0 #define adjkerntz 0 ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r298859 - in head/sys/mips: include mips
Author: rwatson Date: Sat Apr 30 19:29:03 2016 New Revision: 298859 URL: https://svnweb.freebsd.org/changeset/base/298859 Log: When attempting to satisfy mmap() requests for superpage alignment on 64-bit MIPS, use superpage rather than physical-segment constants, or we may improperly fail to apply suitable alignment -- yet still allow mmap() to appear to succeed. Reviewed by: sson MFC after:1 week Sponsored by: DARPA, AFRL Modified: head/sys/mips/include/param.h head/sys/mips/mips/pmap.c Modified: head/sys/mips/include/param.h == --- head/sys/mips/include/param.h Sat Apr 30 19:04:59 2016 (r298858) +++ head/sys/mips/include/param.h Sat Apr 30 19:29:03 2016 (r298859) @@ -146,12 +146,14 @@ #defineSEGSHIFT(PAGE_SHIFT + NPTEPGSHIFT + NPDEPGSHIFT) #defineNBSEG (1ul << SEGSHIFT) #definePDRSHIFT(PAGE_SHIFT + NPTEPGSHIFT) +#definePDRSIZE (1ul << PDRSHIFT) #definePDRMASK ((1 << PDRSHIFT) - 1) #else #defineNPDEPGSHIFT 10 /* LOG2(NPTEPG) */ #defineSEGSHIFT(PAGE_SHIFT + NPTEPGSHIFT) #defineNBSEG (1 << SEGSHIFT) /* bytes/segment */ #definePDRSHIFTSEGSHIFT/* alias for SEG in 32 bit */ +#definePDRSIZE (1ul << PDRSHIFT) #definePDRMASK ((1 << PDRSHIFT) - 1) #endif #defineNBPDR (1 << PDRSHIFT) /* bytes/pagedir */ Modified: head/sys/mips/mips/pmap.c == --- head/sys/mips/mips/pmap.c Sat Apr 30 19:04:59 2016(r298858) +++ head/sys/mips/mips/pmap.c Sat Apr 30 19:29:03 2016(r298859) @@ -3299,18 +3299,18 @@ pmap_align_superpage(vm_object_t object, { vm_offset_t superpage_offset; - if (size < NBSEG) + if (size < PDRSIZE) return; if (object != NULL && (object->flags & OBJ_COLORED) != 0) offset += ptoa(object->pg_color); - superpage_offset = offset & SEGMASK; - if (size - ((NBSEG - superpage_offset) & SEGMASK) < NBSEG || - (*addr & SEGMASK) == superpage_offset) + superpage_offset = offset & PDRMASK; + if (size - ((PDRSIZE - superpage_offset) & PDRMASK) < PDRSIZE || + (*addr & PDRMASK) == superpage_offset) return; - if ((*addr & SEGMASK) < superpage_offset) - *addr = (*addr & ~SEGMASK) + superpage_offset; + if ((*addr & PDRMASK) < superpage_offset) + *addr = (*addr & ~PDRMASK) + superpage_offset; else - *addr = ((*addr + SEGMASK) & ~SEGMASK) + superpage_offset; + *addr = ((*addr + PDRMASK) & ~PDRMASK) + superpage_offset; } #ifdef DDB ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r296806 - head/sys/netipsec
Author: rwatson Date: Sun Mar 13 19:27:46 2016 New Revision: 296806 URL: https://svnweb.freebsd.org/changeset/base/296806 Log: Put IPSec's anouncement of its successful intialisation under bootverbose: now that it's a default kernel option, we don't really need to tell the world about it on every boot, especially as it won't be used by most users. Modified: head/sys/netipsec/key.c Modified: head/sys/netipsec/key.c == --- head/sys/netipsec/key.c Sun Mar 13 19:17:48 2016(r296805) +++ head/sys/netipsec/key.c Sun Mar 13 19:27:46 2016(r296806) @@ -7640,7 +7640,8 @@ key_init(void) /* initialize key statistics */ keystat.getspi_count = 1; - printf("IPsec: Initialized Security Association Processing.\n"); + if (bootverbose) + printf("IPsec: Initialized Security Association Processing.\n"); } #ifdef VIMAGE ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r288662 - in head/sys/arm: arm include
Author: rwatson Date: Sun Oct 4 09:39:40 2015 New Revision: 288662 URL: https://svnweb.freebsd.org/changeset/base/288662 Log: Add missing stack unwind information to several assembly functions on ARMv6/7: - Define _SAVE() macro to allow unwind data to be conditionally defined for ARM assembly code in the kernel. - Use _SAVE() to provide unwind information for bcopy_page(), and two (of many) instances of copyin() and copyout(). Reviewed by: andrew, imp MFC after:3 days Sponsored by: University of Cambridge Modified: head/sys/arm/arm/bcopy_page.S head/sys/arm/arm/bcopyinout.S head/sys/arm/include/asm.h Modified: head/sys/arm/arm/bcopy_page.S == --- head/sys/arm/arm/bcopy_page.S Sun Oct 4 09:25:57 2015 (r288661) +++ head/sys/arm/arm/bcopy_page.S Sun Oct 4 09:39:40 2015 (r288662) @@ -75,7 +75,7 @@ __FBSDID("$FreeBSD$"); #endif /* ! COPY_CHUNK */ #ifndef SAVE_REGS -#defineSAVE_REGS stmfd sp!, {r4-r8, lr} +#defineSAVE_REGS stmfd sp!, {r4-r8, lr}; _SAVE({r4-r8, lr}) #defineRESTORE_REGSldmfd sp!, {r4-r8, pc} #endif @@ -134,6 +134,7 @@ END(bcopy_page) ENTRY(bzero_page) stmfd sp!, {r4-r8, lr} + _SAVE({r4-r8, lr}) #ifdef BIG_LOOPS mov r2, #(PAGE_SIZE >> 9) #else @@ -189,6 +190,7 @@ END(bzero_page) ENTRY(bcopy_page) pld [r0] stmfd sp!, {r4, r5} + _SAVE({r4, r5}) mov ip, #32 ldr r2, [r0], #0x04 /* 0x00 */ ldr r3, [r0], #0x04 /* 0x04 */ Modified: head/sys/arm/arm/bcopyinout.S == --- head/sys/arm/arm/bcopyinout.S Sun Oct 4 09:25:57 2015 (r288661) +++ head/sys/arm/arm/bcopyinout.S Sun Oct 4 09:39:40 2015 (r288662) @@ -68,7 +68,7 @@ __FBSDID("$FreeBSD$"); #endif -#define SAVE_REGS stmfd sp!, {r4-r11} +#define SAVE_REGS stmfd sp!, {r4-r11}; _SAVE({r4-r11}) #define RESTORE_REGS ldmfd sp!, {r4-r11} #if defined(_ARM_ARCH_5E) @@ -341,6 +341,7 @@ ENTRY(copyout) cmp r2, r3 blt .Lnormale stmfd sp!, {r0-r2, r4, lr} + _SAVE({r0-r2, r4, lr}) mov r3, r0 mov r0, r1 mov r1, r3 Modified: head/sys/arm/include/asm.h == --- head/sys/arm/include/asm.h Sun Oct 4 09:25:57 2015(r288661) +++ head/sys/arm/include/asm.h Sun Oct 4 09:39:40 2015(r288662) @@ -53,10 +53,12 @@ #defineSTOP_UNWINDING .cantunwind #define_FNSTART.fnstart #define_FNEND .fnend +#define_SAVE(...) .save __VA_ARGS__ #else #defineSTOP_UNWINDING #define_FNSTART #define_FNEND +#define_SAVE(...) #endif /* ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r281983 - head/sys/cddl/dev/profile
Author: rwatson Date: Sat Apr 25 15:43:12 2015 New Revision: 281983 URL: https://svnweb.freebsd.org/changeset/base/281983 Log: Adjust PROF_ARTIFICIAL_FRAMES in the DTrace profile provider on ARM to skip 10, rather than 9, frames. This appears to work quite well in practice on the BeagleBone Black, so remove a comment about the value being bogus and replace it with a slightly less negative one. However, the number of frames to skip is quite sensitive to details of the timer and interrupt handling paths, so this is necessarily fragile -- but no more so than on x86. Sponsored by: DARPA, AFRL Modified: head/sys/cddl/dev/profile/profile.c Modified: head/sys/cddl/dev/profile/profile.c == --- head/sys/cddl/dev/profile/profile.c Sat Apr 25 13:34:25 2015 (r281982) +++ head/sys/cddl/dev/profile/profile.c Sat Apr 25 15:43:12 2015 (r281983) @@ -134,8 +134,10 @@ struct profile_probe_percpu; #endif #ifdef __arm__ -/* bogus */ -#definePROF_ARTIFICIAL_FRAMES 9 +/* + * At least on ARMv7, this appears to work quite well. + */ +#definePROF_ARTIFICIAL_FRAMES 10 #endif typedef struct profile_probe { ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf
On Fri, 3 Apr 2015, Hans Petter Selasky wrote: Will you mind if I rephrase that paragraph in the inet.4 manual page from: This closes a minor information leak which allows remote observers to determine the rate of packet generation on the machine by watching the counter. Into: This prevents high-speed information exchange between internal and external observers using packet frequency modulation. An outside observer can ping the outside facing port at a fixed rate watching the counter. An inside observer can ping the inside facing port watching the same counter. Even though packets don't flow between the two ports, data can be exchanged by watching changes in the packet rate. It is believed that data can be exchanged in Kb/s range this way. Setting this sysctl also prevents remote and internal observers to determine the rate of packet generation on the machine by watching the counter. Yes, I think this is overly alarmist, and it suggests that other covert channels might not exist to be exploited if the knob is set -- which isn't true. We don't promise that there are no covert channels in FreeBSD, and we would be foolish if we did promise that. Robert ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf
On Fri, 3 Apr 2015, Emeric POUPON wrote: A good ip id random would be certainly better. But the current implementation is far from being optimized: a lock is being held inside arc4rand, and another one for protecting the ip_id internals. We already have contention problems with the IV generated for ESP packets. The randomized ip id, using this implementation, is my opinion not an acceptable solution. Presumably, arc4random() should draw from per-CPU PRNGs to avoid contention, which would have positive scalability effects elsewhere in the stack as well. It is, of course, important that they be seeded independently in order to provide different pseudo-random number sequences! However, the point made earlier in the thread holds: I'm not convinced that our IP ID randomisation is suitable for use given conflation of the IP ID spaces. There's just too much chance of a collision if you are actually seeing a lot of fragmentation with multiple 2-tuple pairs. Robert Regards, Emeric - Mail original - De: Hans Petter Selasky h...@selasky.org À: Gleb Smirnoff gleb...@freebsd.org Cc: Mateusz Guzik mjgu...@gmail.com, Ian Lepore i...@freebsd.org, svn-src-...@freebsd.org, src-committ...@freebsd.org, Robert N. M. Watson rwat...@freebsd.org, svn-src-head@freebsd.org Envoyé: Vendredi 3 Avril 2015 15:06:51 Objet: Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf On 04/03/15 14:41, Hans Petter Selasky wrote: On 04/03/15 13:29, Gleb Smirnoff wrote: On Fri, Apr 03, 2015 at 12:41:54PM +0200, Hans Petter Selasky wrote: H ip_do_randomid is zero by default, and is not documented anywhere: H H grep -r ip_do_randomid share/ It is documented in inet(4). The actual sysctl knob doesn't match the kernel symbol name, which is allowed in sysctl(9). Hi, Will you mind if I rephrase that paragraph in the inet.4 manual page from: This closes a minor information leak which allows remote observers to determine the rate of packet generation on the machine by watching the counter. Into: This prevents high-speed information exchange between internal and external observers using packet frequency modulation. An outside observer can ping the outside facing port at a fixed rate watching the counter. An inside observer can ping the inside facing port watching the same counter. Even though packets don't flow between the two ports, data can be exchanged by watching changes in the packet rate. It is believed that data can be exchanged in Kb/s range this way. Setting this sysctl also prevents remote and internal observers to determine the rate of packet generation on the machine by watching the counter. Hi, Maybe there will be some new applications after this discovery. No need for uPnP any more. Could be nice to send text messages through firewalls. Depends how many implement the IP ID counting the same way like FreeBSD does ;-) --HPS ___ svn-src-...@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to svn-src-all-unsubscr...@freebsd.org ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf
On Thu, 2 Apr 2015, Mateusz Guzik wrote: If you carefully read the thread I referred to, you would notice that on many arches, save amd64 and i386, all systems stats are prone to mangling the stats due to migration within PCPU_INC. Look here: grep '^#define PCPU_ADD' sys/*/include/pcpu.h Do we have reports on not precise enough statistics, yet? How many non-x86 installations with multiple cpus and high traffic are out there? Not sure if this was a rhetorical question or not, but: quite a few. We have support for several highly threaded 64-bit MIPS systems including those from Cavium and Broadcom (was NetLogic Micro was RMI). Several reference systems are in the netperf cluster including 16- and 32-thread systems normally deployed in high-performance network products. It's possible that ARMv8 systems will gradually displayce 64-bit MIPS systems in this arena in the future, but hard to say. Either way, it's not x86. :-) Robert ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r280971 - in head: contrib/ipfilter/tools share/man/man4 sys/contrib/ipfilter/netinet sys/netinet sys/netipsec sys/netpfil/pf
On Thu, 2 Apr 2015, Hans Petter Selasky wrote: Does somebody here know what happens in these two cases: If we are transmitting using TSO, will the network adapter increment the IP ID field somehow? What happens if an outgoing IP packet resulting from a TSO packet get fragmented by a router? Quite possibly -- this is presumably specified by the NIC vendor, but it would be good to do a bit of a survey and see what happens in practice. In ip_fragment() when we create fragments we should increment the ip_id value for each fragment? I'm asking because the code in FreeBSD, since the beginning probably, just copies the IP header, and use the same IP ID for all the fragments ! This just hit my mind after some recent work in this area. I honestly cannot believe you are proposing that. Please go read about how IP fragmentation works. Having an identical IP ID in ip_fragment() is the point of the function! Robert ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r280148 - head/sys/sys
Author: rwatson Date: Mon Mar 16 17:42:53 2015 New Revision: 280148 URL: https://svnweb.freebsd.org/changeset/base/280148 Log: Introduce a cap_ioctl_t used for the 'cmds' arguments to cap_ioctls_limit() and cap_ioctls_get(). On FreeBSD, these are 'unsigned long', but on Linux, ioctl(2) takes an 'int', making mild abstraction desirable. MFC after:3 days Sponsored by: Google, Inc. Modified: head/sys/sys/capsicum.h head/sys/sys/types.h Modified: head/sys/sys/capsicum.h == --- head/sys/sys/capsicum.h Mon Mar 16 16:29:33 2015(r280147) +++ head/sys/sys/capsicum.h Mon Mar 16 17:42:53 2015(r280148) @@ -1,5 +1,5 @@ /*- - * Copyright (c) 2008-2010 Robert N. M. Watson + * Copyright (c) 2008-2010, 2015 Robert N. M. Watson * Copyright (c) 2012 FreeBSD Foundation * All rights reserved. * @@ -398,13 +398,13 @@ int __cap_rights_get(int version, int fd /* * Limits allowed ioctls for the given descriptor. */ -int cap_ioctls_limit(int fd, const unsigned long *cmds, size_t ncmds); +int cap_ioctls_limit(int fd, const cap_ioctl_t *cmds, size_t ncmds); /* * Returns array of allowed ioctls for the given descriptor. * If all ioctls are allowed, the cmds array is not populated and * the function returns CAP_IOCTLS_ALL. */ -ssize_t cap_ioctls_get(int fd, unsigned long *cmds, size_t maxcmds); +ssize_t cap_ioctls_get(int fd, cap_ioctl_t *cmds, size_t maxcmds); /* * Limits allowed fcntls for the given descriptor (CAP_FCNTL_*). */ Modified: head/sys/sys/types.h == --- head/sys/sys/types.hMon Mar 16 16:29:33 2015(r280147) +++ head/sys/sys/types.hMon Mar 16 17:42:53 2015(r280148) @@ -232,6 +232,11 @@ typedef__useconds_tuseconds_t; /* micr #define_USECONDS_T_DECLARED #endif +#ifndef _CAP_IOCTL_T_DECLARED +#define_CAP_IOCTL_T_DECLARED +typedefunsigned long cap_ioctl_t; +#endif + #ifndef _CAP_RIGHTS_T_DECLARED #define_CAP_RIGHTS_T_DECLARED struct cap_rights; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r280038 - head/sys/cddl/dev/dtrace/arm
Author: rwatson Date: Sun Mar 15 15:17:34 2015 New Revision: 280038 URL: https://svnweb.freebsd.org/changeset/base/280038 Log: On ARM, unlike some other architectures, saved $pc values from in-kernel traps do appear in the regular call stack, rather than only in a special trap frame, so we don't need to inject the trap-frame $pc into a returned stack trace in DTrace. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/cddl/dev/dtrace/arm/dtrace_isa.c Modified: head/sys/cddl/dev/dtrace/arm/dtrace_isa.c == --- head/sys/cddl/dev/dtrace/arm/dtrace_isa.c Sun Mar 15 14:57:11 2015 (r280037) +++ head/sys/cddl/dev/dtrace/arm/dtrace_isa.c Sun Mar 15 15:17:34 2015 (r280038) @@ -73,7 +73,6 @@ dtrace_getpcstack(pc_t *pcstack, int pcs register_t sp; int scp_offset; int depth = 0; - pc_t caller = (pc_t) solaris_cpu[curcpu].cpu_dtrace_caller; if (intrpc != 0) pcstack[depth++] = (pc_t) intrpc; @@ -92,13 +91,14 @@ dtrace_getpcstack(pc_t *pcstack, int pcs done = unwind_stack_one(state, 1); + /* +* NB: Unlike some other architectures, we don't need to +* explicitly insert cpu_dtrace_caller as it appears in the +* normal kernel stack trace rather than a special trap frame. +*/ if (aframes 0) { aframes--; - if ((aframes == 0) (caller != 0)) { - pcstack[depth++] = caller; - } - } - else { + } else { pcstack[depth++] = state.registers[PC]; } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r280035 - head/sys/cddl/dev/profile
Author: rwatson Date: Sun Mar 15 14:12:40 2015 New Revision: 280035 URL: https://svnweb.freebsd.org/changeset/base/280035 Log: Replace the completely arbitrary '3' with '9' for the number of frames to skip using the DTrace 'profile' provider on ARM. This causes stack traces to skip various driver-and callout-related things as they do on x86, where the likewise arbitrary values are '6' (32-bit) and '10' (64-bit) for similar sorts of reasons. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/cddl/dev/profile/profile.c Modified: head/sys/cddl/dev/profile/profile.c == --- head/sys/cddl/dev/profile/profile.c Sun Mar 15 14:05:55 2015 (r280034) +++ head/sys/cddl/dev/profile/profile.c Sun Mar 15 14:12:40 2015 (r280035) @@ -135,7 +135,7 @@ struct profile_probe_percpu; #ifdef __arm__ /* bogus */ -#definePROF_ARTIFICIAL_FRAMES 3 +#definePROF_ARTIFICIAL_FRAMES 9 #endif typedef struct profile_probe { ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r280039 - head/sys/cddl/dev/fbt/arm
Author: rwatson Date: Sun Mar 15 15:19:02 2015 New Revision: 280039 URL: https://svnweb.freebsd.org/changeset/base/280039 Log: Now that DTrace stack traces handle exception frames better, skip fewer stack frames for FBT 'entry' probes on ARM. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/sys/cddl/dev/fbt/arm/fbt_isa.c Modified: head/sys/cddl/dev/fbt/arm/fbt_isa.c == --- head/sys/cddl/dev/fbt/arm/fbt_isa.c Sun Mar 15 15:17:34 2015 (r280038) +++ head/sys/cddl/dev/fbt/arm/fbt_isa.c Sun Mar 15 15:19:02 2015 (r280039) @@ -172,7 +172,7 @@ again: fbt-fbtp_name = name; if (retfbt == NULL) { fbt-fbtp_id = dtrace_probe_create(fbt_id, modname, - name, FBT_RETURN, 5, fbt); + name, FBT_RETURN, 3, fbt); } else { retfbt-fbtp_next = fbt; fbt-fbtp_id = retfbt-fbtp_id; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r279626 - head/sys/cddl/dev/fbt/arm
Author: rwatson Date: Thu Mar 5 07:40:41 2015 New Revision: 279626 URL: https://svnweb.freebsd.org/changeset/base/279626 Log: Don't all DTrace's FBT on ARM to instrument undefinedinstruction(), as this would lead to DTrace reentrance. Sponsored by: DARPA, AFRL Modified: head/sys/cddl/dev/fbt/arm/fbt_isa.c Modified: head/sys/cddl/dev/fbt/arm/fbt_isa.c == --- head/sys/cddl/dev/fbt/arm/fbt_isa.c Thu Mar 5 07:30:48 2015 (r279625) +++ head/sys/cddl/dev/fbt/arm/fbt_isa.c Thu Mar 5 07:40:41 2015 (r279626) @@ -105,6 +105,13 @@ fbt_provide_module_function(linker_file_ if (name[0] == '_' name[1] == '_') return (0); + /* +* Architecture-specific exclusion list, largely to do with FBT trap +* processing, to prevent reentrance. +*/ + if (strcmp(name, undefinedinstruction) == 0) + return (0); + instr = (uint32_t *)symval-value; limit = (uint32_t *)(symval-value + symval-size); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r277652 - in head/usr.sbin/pw: . tests
On Sun, 25 Jan 2015, Bruce Evans wrote: Negative ids have historical abuses in places like mountd. mountd still hard-codes -2 and -2 for the default uid and gid of an unprivileged user. It at least casts these values to uid_t and gid_t before using them. This gives the ids the non-random values of UINT32_MAX-1 if uid_t and gid_t are uint32_t. (If uid_t and gid_t were signed, then it would leave the values as negative, so invalid.) These magic values may work better than when ids were 16 bits, since there is less risk of them conflicting with a normal id. However, the non-conflict is probably a bug. FreeBSD uses the magic ids of 65534 for user nobody: group nobody. These would have been (id_t)-2 with 16-bit ids. They no longer match, so ls displays (id_t)-2 numerically. FreeBSD also has a group nogroup = 65553 that doesn't match the nfs usage. However2, in FreeBSD-1 wher ids were 16-bits, nobody was 32767 and nogroup was 32766. so they didn't match nfs for other reasons. The 2 non-groups now seem to be just a bug -- FreeBSD-1 didn't have group nobody. 4.4BSD-Lite2 has the same values as FreeBSD-1. I'm sure it goes without saying, but for those that don't know (i.e., some subset of people who are not Bruce): (-1) has a defined value both for our system-call interface (chown(2), fchown(2), etc, use (-1) to indicate that no change is requested). This is also used inside the kernel to similar end, where VNOVAL also takes on a value of (-1). This problem also used to exist in NFS, where in NFSv2, (-1) was also used to indicate which fields not to update, but this was fixed in NFSv3 by introducing discriminated unions. I personally find myself a fan of fixing (eliminating) VNOVAL, but in the end it would likely just be disruptive and confusing. Robert ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r277203 - in head/sys: kern sys
Author: rwatson Date: Wed Jan 14 23:44:00 2015 New Revision: 277203 URL: https://svnweb.freebsd.org/changeset/base/277203 Log: In order to support ongoing work to implement variable-size mbufs, and more generally make it easier to extend 'struct mbuf in the future', make a number of changes to the data structure: - As we anticipate embedding mbufs headers within variable-size regions of memory in the future, change the definitions of byte arrays embedded in mbufs to be of size [0] rather than [MLEN] and [MHLEN]. In fact, the cxgbe driver already uses 'struct mbuf' on the front of other storage sizes, but we would like the global mbuf allocator do be able to do this as well. - Fold 'struct m_hdr' into 'struct mbuf' itself, eliminating a set of macros that aliased 'mh_foo' field names to 'm_foo' names such as 'm_next'. These present a particular problem as we would like to add new mbuf-header fields -- e.g., 'm_size' -- that, if similarly named via macros, would introduce collisions with many other variable names in the kernel. - Rename 'struct m_ext' to 'struct struct_m_ext' so that we can add compile-time assertions without bumping into the still-extant 'm_ext' macro. - Remove the MSIZE compile-time assertion for 'struct mbuf', but add new assertions for alignment of embedded data arrays (64-bit alignment even on 32-bit platforms), and for the sizes the mbuf header, packet header, and m_ext structure. - Document that these assertions exist in comments in mbuf.h. This change is not intended to cause (non-trivial) behavioural differences, but is a precursor to further mbuf-allocator work. Differential Revision:https://reviews.freebsd.org/D1483 Reviewed by: bz, gnn, np, glebius (go ahead, I trust you) Sponsored by: EMC / Isilon Storage Division Modified: head/sys/kern/uipc_mbuf.c head/sys/sys/mbuf.h Modified: head/sys/kern/uipc_mbuf.c == --- head/sys/kern/uipc_mbuf.c Wed Jan 14 23:34:00 2015(r277202) +++ head/sys/kern/uipc_mbuf.c Wed Jan 14 23:44:00 2015(r277203) @@ -88,11 +88,38 @@ SYSCTL_INT(_kern_ipc, OID_AUTO, m_defrag * Ensure the correct size of various mbuf parameters. It could be off due * to compiler-induced padding and alignment artifacts. */ -CTASSERT(sizeof(struct mbuf) == MSIZE); CTASSERT(MSIZE - offsetof(struct mbuf, m_dat) == MLEN); CTASSERT(MSIZE - offsetof(struct mbuf, m_pktdat) == MHLEN); /* + * mbuf data storage should be 64-bit aligned regardless of architectural + * pointer size; check this is the case with and without a packet header. + */ +CTASSERT(offsetof(struct mbuf, m_dat) % 8 == 0); +CTASSERT(offsetof(struct mbuf, m_pktdat) % 8 == 0); + +/* + * While the specific values here don't matter too much (i.e., +/- a few + * words), we do want to ensure that changes to these values are carefully + * reasoned about and properly documented. This is especially the case as + * network-protocol and device-driver modules encode these layouts, and must + * be recompiled if the structures change. Check these values at compile time + * against the ones documented in comments in mbuf.h. + * + * NB: Possibly they should be documented there via #define's and not just + * comments. + */ +#if defined(__LP64__) +CTASSERT(offsetof(struct mbuf, m_dat) == 32); +CTASSERT(sizeof(struct pkthdr) == 56); +CTASSERT(sizeof(struct struct_m_ext) == 48); +#else +CTASSERT(offsetof(struct mbuf, m_dat) == 24); +CTASSERT(sizeof(struct pkthdr) == 48); +CTASSERT(sizeof(struct struct_m_ext) == 28); +#endif + +/* * m_get2() allocates minimum mbuf that would fit size argument. */ struct mbuf * Modified: head/sys/sys/mbuf.h == --- head/sys/sys/mbuf.h Wed Jan 14 23:34:00 2015(r277202) +++ head/sys/sys/mbuf.h Wed Jan 14 23:44:00 2015(r277203) @@ -60,9 +60,15 @@ * MLEN is data length in a normal mbuf. * MHLEN is data length in an mbuf with pktheader. * MINCLSIZE is a smallest amount of data that should be put into cluster. + * + * Compile-time assertions in uipc_mbuf.c test these values to ensure that + * they are sensible. */ -#defineMLEN((int)(MSIZE - sizeof(struct m_hdr))) -#defineMHLEN ((int)(MLEN - sizeof(struct pkthdr))) +struct mbuf; +#defineMHSIZE offsetof(struct mbuf, M_dat.M_databuf) +#defineMPKTHSIZE offsetof(struct mbuf, M_dat.MH.MH_dat.MH_databuf) +#defineMLEN((int)(MSIZE - MHSIZE)) +#defineMHLEN ((int)(MSIZE - MPKTHSIZE)) #defineMINCLSIZE (MHLEN + 1) #ifdef _KERNEL @@ -87,23 +93,6 @@ struct mb_args { #endif /* _KERNEL */ /* - * Header present at the beginning of every mbuf. - * Size ILP32: 24 - * LP64: 32 - */ -struct m_hdr { - struct mbuf
svn commit: r276910 - in head/sys: kern sys
Author: rwatson Date: Sat Jan 10 10:41:23 2015 New Revision: 276910 URL: https://svnweb.freebsd.org/changeset/base/276910 Log: Garbage collect m_copymdata(), an mbuf utility routine introduced in FreeBSD 7 that has not been used since. It contains a number of unresolved bugs including an inverted bcopy() and incorrect handling of read-only mbufs using internal storage. Removing this unused code is substantially essier than fixing it in order to update it to the coming mbuf world order -- but it can always be restored from revision history if it turns out to prove useful for future work. Pointed out by: jmallett Sponsored by: EMC / Isilon Storage Division Modified: head/sys/kern/uipc_mbuf.c head/sys/sys/mbuf.h Modified: head/sys/kern/uipc_mbuf.c == --- head/sys/kern/uipc_mbuf.c Sat Jan 10 10:16:22 2015(r276909) +++ head/sys/kern/uipc_mbuf.c Sat Jan 10 10:41:23 2015(r276910) @@ -648,152 +648,6 @@ nospace: } /* - * Returns mbuf chain with new head for the prepending case. - * Copies from mbuf (chain) n from off for len to mbuf (chain) m - * either prepending or appending the data. - * The resulting mbuf (chain) m is fully writeable. - * m is destination (is made writeable) - * n is source, off is offset in source, len is len from offset - * dir, 0 append, 1 prepend - * how, wait or nowait - */ - -static int -m_bcopyxxx(void *s, void *t, u_int len) -{ - bcopy(s, t, (size_t)len); - return 0; -} - -struct mbuf * -m_copymdata(struct mbuf *m, struct mbuf *n, int off, int len, -int prep, int how) -{ - struct mbuf *mm, *x, *z, *prev = NULL; - caddr_t p; - int i, nlen = 0; - caddr_t buf[MLEN]; - - KASSERT(m != NULL n != NULL, (m_copymdata, no target or source)); - KASSERT(off = 0, (m_copymdata, negative off %d, off)); - KASSERT(len = 0, (m_copymdata, negative len %d, len)); - KASSERT(prep == 0 || prep == 1, (m_copymdata, unknown direction %d, prep)); - - mm = m; - if (!prep) { - while(mm-m_next) { - prev = mm; - mm = mm-m_next; - } - } - for (z = n; z != NULL; z = z-m_next) - nlen += z-m_len; - if (len == M_COPYALL) - len = nlen - off; - if (off + len nlen || len 1) - return NULL; - - if (!M_WRITABLE(mm)) { - /* XXX: Use proper m_xxx function instead. */ - x = m_getcl(how, MT_DATA, mm-m_flags); - if (x == NULL) - return NULL; - bcopy(mm-m_ext.ext_buf, x-m_ext.ext_buf, x-m_ext.ext_size); - p = x-m_ext.ext_buf + (mm-m_data - mm-m_ext.ext_buf); - x-m_data = p; - mm-m_next = NULL; - if (mm != m) - prev-m_next = x; - m_free(mm); - mm = x; - } - - /* -* Append/prepend the data. Allocating mbufs as necessary. -*/ - /* Shortcut if enough free space in first/last mbuf. */ - if (!prep M_TRAILINGSPACE(mm) = len) { - m_apply(n, off, len, m_bcopyxxx, mtod(mm, caddr_t) + -mm-m_len); - mm-m_len += len; - mm-m_pkthdr.len += len; - return m; - } - if (prep M_LEADINGSPACE(mm) = len) { - mm-m_data = mtod(mm, caddr_t) - len; - m_apply(n, off, len, m_bcopyxxx, mtod(mm, caddr_t)); - mm-m_len += len; - mm-m_pkthdr.len += len; - return mm; - } - - /* Expand first/last mbuf to cluster if possible. */ - if (!prep !(mm-m_flags M_EXT) len M_TRAILINGSPACE(mm)) { - bcopy(mm-m_data, buf, mm-m_len); - m_clget(mm, how); - if (!(mm-m_flags M_EXT)) - return NULL; - bcopy(buf, mm-m_ext.ext_buf, mm-m_len); - mm-m_data = mm-m_ext.ext_buf; - } - if (prep !(mm-m_flags M_EXT) len M_LEADINGSPACE(mm)) { - bcopy(mm-m_data, buf, mm-m_len); - m_clget(mm, how); - if (!(mm-m_flags M_EXT)) - return NULL; - bcopy(buf, (caddr_t *)mm-m_ext.ext_buf + - mm-m_ext.ext_size - mm-m_len, mm-m_len); - mm-m_data = (caddr_t)mm-m_ext.ext_buf + - mm-m_ext.ext_size - mm-m_len; - } - - /* Append/prepend as many mbuf (clusters) as necessary to fit len. */ - if (!prep len M_TRAILINGSPACE(mm)) { - if (!m_getm(mm, len - M_TRAILINGSPACE(mm), how, MT_DATA)) - return NULL; - } - if (prep len M_LEADINGSPACE(mm)) { - if (!(z = m_getm(NULL, len - M_LEADINGSPACE(mm), how, MT_DATA))) - return
svn commit: r276888 - head/sys/sys
Author: rwatson Date: Fri Jan 9 15:21:53 2015 New Revision: 276888 URL: https://svnweb.freebsd.org/changeset/base/276888 Log: Uninline M_SIZE() in m_align() to reduce direct use of MLEN and MHLEN. Differential Revision:https://reviews.freebsd.org/D1471 Reviewed by: glebius, bz, rpaulo Sponsored by: EMC / Isilon Storage Division Modified: head/sys/sys/mbuf.h Modified: head/sys/sys/mbuf.h == --- head/sys/sys/mbuf.h Fri Jan 9 14:50:08 2015(r276887) +++ head/sys/sys/mbuf.h Fri Jan 9 15:21:53 2015(r276888) @@ -848,14 +848,7 @@ m_align(struct mbuf *m, int len) KASSERT(m-m_data == M_START(m), (msg, __func__)); - if (m-m_flags M_EXT) { - adjust = m-m_ext.ext_size - len; - } else if (m-m_flags M_PKTHDR) { - adjust = MHLEN - len; - } else { - adjust = MLEN - len; - } - + adjust = M_SIZE(m) - len; m-m_data += adjust ~ (sizeof(long)-1); } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r276884 - head/sys/kern
Author: rwatson Date: Fri Jan 9 12:08:51 2015 New Revision: 276884 URL: https://svnweb.freebsd.org/changeset/base/276884 Log: Remove a 'This is dumb' comment that has been incorrect for at least a decade: m_pulldown() is willing to consider ordinary mbufs writable. Retain another, related, and also outdated comment, but with a caveat that it is partially stale. Do not, for now, address the problem that it raises (that only EXT_CLUSTER external storage is considered writable, regardless of the results of M_WRITABLE() on the mbuf). MFC after:3 days Sponsored by: EMC / Isilon Storage Division Modified: head/sys/kern/uipc_mbuf2.c Modified: head/sys/kern/uipc_mbuf2.c == --- head/sys/kern/uipc_mbuf2.c Fri Jan 9 10:59:49 2015(r276883) +++ head/sys/kern/uipc_mbuf2.c Fri Jan 9 12:08:51 2015(r276884) @@ -131,6 +131,8 @@ m_pulldown(struct mbuf *m, int off, int } /* +* The following comment is dated but still partially applies: +* * XXX: This code is flawed because it considers a writable mbuf * data region to require all of the following: *(i) mbuf _has_ to have M_EXT set; if it is just a regular @@ -148,10 +150,6 @@ m_pulldown(struct mbuf *m, int off, int * M_WRITABLE(). For now, we only evaluate once at the beginning and * live with this. */ - /* -* XXX: This is dumb. If we're just a regular mbuf with no M_EXT, -* then we're not writable, according to this code. -*/ writable = 0; if ((n-m_flags M_EXT) == 0 || (n-m_ext.ext_type == EXT_CLUSTER M_WRITABLE(n))) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r276818 - head/sys/kern
Author: rwatson Date: Thu Jan 8 11:16:21 2015 New Revision: 276818 URL: https://svnweb.freebsd.org/changeset/base/276818 Log: Replace hand-crafted versions of M_SIZE() and M_START() in uipc_mbuf.c with calls to the centralised macros, reducing direct use of MLEN and MHLEN. Differential Revision:https://reviews.freebsd.org/D1444 Reviewed by: bz Sponsored by: EMC / Isilon Storage Division Modified: head/sys/kern/uipc_mbuf.c Modified: head/sys/kern/uipc_mbuf.c == --- head/sys/kern/uipc_mbuf.c Thu Jan 8 10:53:20 2015(r276817) +++ head/sys/kern/uipc_mbuf.c Thu Jan 8 11:16:21 2015(r276818) @@ -196,8 +196,7 @@ m_getm2(struct mbuf *m, int len, int how } /* Book keeping. */ - len -= (mb-m_flags M_EXT) ? mb-m_ext.ext_size : - ((mb-m_flags M_PKTHDR) ? MHLEN : MLEN); + len -= M_SIZE(mb); if (mtail != NULL) mtail-m_next = mb; else @@ -430,11 +429,8 @@ m_sanity(struct mbuf *m0, int sanitize) * unrelated kernel memory before or after us is trashed. * No way to recover from that. */ - a = ((m-m_flags M_EXT) ? m-m_ext.ext_buf : - ((m-m_flags M_PKTHDR) ? (caddr_t)(m-m_pktdat) : -(caddr_t)(m-m_dat)) ); - b = (caddr_t)(a + (m-m_flags M_EXT ? m-m_ext.ext_size : - ((m-m_flags M_PKTHDR) ? MHLEN : MLEN))); + a = M_START(m); + b = a + M_SIZE(m); if ((caddr_t)m-m_data a) M_SANITY_ACTION(m_data outside mbuf data range left); if ((caddr_t)m-m_data b) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r276781 - head/sys/sys
Author: rwatson Date: Wed Jan 7 18:24:42 2015 New Revision: 276781 URL: https://svnweb.freebsd.org/changeset/base/276781 Log: Bump __FreeBSD_version to 1100053 reflecting the addition of a return value to MCLGET(). Suggested by: jmg Sponsored by: EMC / Isilon Storage Division Modified: head/sys/sys/param.h Modified: head/sys/sys/param.h == --- head/sys/sys/param.hWed Jan 7 17:22:56 2015(r276780) +++ head/sys/sys/param.hWed Jan 7 18:24:42 2015(r276781) @@ -58,7 +58,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 1100052 /* Master, propagated to newvers */ +#define __FreeBSD_version 1100053 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r276750 - in head: share/man/man9 sys/contrib/ipfilter/netinet sys/dev/an sys/dev/bge sys/dev/ce sys/dev/cm sys/dev/cp sys/dev/cs sys/dev/ctau sys/dev/ed sys/dev/ex sys/dev/fe sys/dev/
On Wed, 7 Jan 2015, John-Mark Gurney wrote: Log: In order to reduce use of M_EXT outside of the mbuf allocator and socket-buffer implementations, introduce a return value for MCLGET() (and m_cljget() that underlies it) to allow the caller to avoid testing M_EXT itself. Update all callers to use the return value. With this change, very few network device drivers remain aware of M_EXT; the primary exceptions lie in mbuf-chain pretty printers for debugging, and in a few cases, custom mbuf and cluster allocation implementations. NB: This is a difficult-to-test change as it touches many drivers for which I don't have physical devices. Instead we've gone for intensive review, but further post-commit review would definitely be appreciated to spot errors where changes could not easily be made mechanically, but were largely mechanical in nature. Shouldn't this come w/ a FreeBSD version bump for drivers to use? Yes, probably. Old drivers will continue to work fine in not checking the return value (for now), but drivers seeing backporting will probably want a __FreeBSD_version ifdef. I'll do a commit to bump the version number today. (In my local tree, M_EXT is renamed _M_EXT unless MBUF_PRIVATE is defined, which really is quite a significant KPI change -- I'm not yet sure if I'm going to push that into FreeBSD 11 or not.) Robert ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r276780 - in head/sys: fs/nfs fs/nfsserver nfsserver
Author: rwatson Date: Wed Jan 7 17:22:56 2015 New Revision: 276780 URL: https://svnweb.freebsd.org/changeset/base/276780 Log: Use M_SIZE() instead of hand-crafted (and mostly correct) NFSMSIZ() macro in the NFS server; garbage collect now-unused NFSMSIZ() and M_HASCL() macros. Also garbage collect now-unused versions in headers for the removed previous NFS client and server. Reviewed by: rmacklem Sponsored by: EMC / Isilon Storage Division Modified: head/sys/fs/nfs/nfsm_subs.h head/sys/fs/nfsserver/nfs_nfsdport.c head/sys/nfsserver/nfsm_subs.h Modified: head/sys/fs/nfs/nfsm_subs.h == --- head/sys/fs/nfs/nfsm_subs.h Wed Jan 7 16:55:55 2015(r276779) +++ head/sys/fs/nfs/nfsm_subs.h Wed Jan 7 17:22:56 2015(r276780) @@ -46,9 +46,6 @@ /* * First define what the actual subs. return */ -#defineM_HASCL(m) ((m)-m_flags M_EXT) -#defineNFSMSIZ(m) ((M_HASCL(m))?MCLBYTES: \ - (((m)-m_flags M_PKTHDR)?MHLEN:MLEN)) #defineNFSM_DATAP(m, s)(m)-m_data += (s) /* Modified: head/sys/fs/nfsserver/nfs_nfsdport.c == --- head/sys/fs/nfsserver/nfs_nfsdport.cWed Jan 7 16:55:55 2015 (r276779) +++ head/sys/fs/nfsserver/nfs_nfsdport.cWed Jan 7 17:22:56 2015 (r276780) @@ -575,7 +575,7 @@ nfsvno_readlink(struct vnode *vp, struct while (len NFS_MAXPATHLEN) { NFSMGET(mp); MCLGET(mp, M_WAITOK); - mp-m_len = NFSMSIZ(mp); + mp-m_len = M_SIZE(mp); if (len == 0) { mp3 = mp2 = mp; } else { Modified: head/sys/nfsserver/nfsm_subs.h == --- head/sys/nfsserver/nfsm_subs.h Wed Jan 7 16:55:55 2015 (r276779) +++ head/sys/nfsserver/nfsm_subs.h Wed Jan 7 17:22:56 2015 (r276780) @@ -47,14 +47,6 @@ */ /* - * First define what the actual subs. return - */ - -#defineM_HASCL(m) ((m)-m_flags M_EXT) -#defineNFSMSIZ(m) ((M_HASCL(m))?MCLBYTES: \ - (((m)-m_flags M_PKTHDR)?MHLEN:MLEN)) - -/* * Now for the macros that do the simple stuff and call the functions * for the hard stuff. * These macros use several vars. declared in nfsm_reqhead and these ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r276750 - in head: share/man/man9 sys/contrib/ipfilter/netinet sys/dev/an sys/dev/bge sys/dev/ce sys/dev/cm sys/dev/cp sys/dev/cs sys/dev/ctau sys/dev/ed sys/dev/ex sys/dev/fe sys/dev/h...
Author: rwatson Date: Tue Jan 6 12:59:37 2015 New Revision: 276750 URL: https://svnweb.freebsd.org/changeset/base/276750 Log: In order to reduce use of M_EXT outside of the mbuf allocator and socket-buffer implementations, introduce a return value for MCLGET() (and m_cljget() that underlies it) to allow the caller to avoid testing M_EXT itself. Update all callers to use the return value. With this change, very few network device drivers remain aware of M_EXT; the primary exceptions lie in mbuf-chain pretty printers for debugging, and in a few cases, custom mbuf and cluster allocation implementations. NB: This is a difficult-to-test change as it touches many drivers for which I don't have physical devices. Instead we've gone for intensive review, but further post-commit review would definitely be appreciated to spot errors where changes could not easily be made mechanically, but were largely mechanical in nature. Differential Revision:https://reviews.freebsd.org/D1440 Reviewed by: adrian, bz, gnn Sponsored by: EMC / Isilon Storage Division Modified: head/share/man/man9/mbuf.9 head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c head/sys/dev/an/if_an.c head/sys/dev/bge/if_bge.c head/sys/dev/ce/if_ce.c head/sys/dev/cm/smc90cx6.c head/sys/dev/cp/if_cp.c head/sys/dev/cs/if_cs.c head/sys/dev/ctau/if_ct.c head/sys/dev/ed/if_ed.c head/sys/dev/ex/if_ex.c head/sys/dev/fe/if_fe.c head/sys/dev/hifn/hifn7751.c head/sys/dev/ie/if_ie.c head/sys/dev/le/lance.c head/sys/dev/lmc/if_lmc.c head/sys/dev/mn/if_mn.c head/sys/dev/my/if_my.c head/sys/dev/pcn/if_pcn.c head/sys/dev/pdq/pdq_freebsd.h head/sys/dev/pdq/pdq_ifsubr.c head/sys/dev/pdq/pdqvar.h head/sys/dev/safe/safe.c head/sys/dev/sbni/if_sbni.c head/sys/dev/smc/if_smc.c head/sys/dev/sn/if_sn.c head/sys/dev/snc/dp83932.c head/sys/dev/ti/if_ti.c head/sys/dev/tl/if_tl.c head/sys/dev/usb/misc/udbp.c head/sys/dev/vx/if_vx.c head/sys/dev/wb/if_wb.c head/sys/dev/xe/if_xe.c head/sys/dev/xen/netfront/netfront.c head/sys/mips/adm5120/if_admsw.c head/sys/netgraph/atm/ngatmbase.c head/sys/netgraph/atm/sscop/ng_sscop_cust.h head/sys/netgraph/bluetooth/drivers/bt3c/ng_bt3c_pccard.c head/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c head/sys/netgraph/ng_vjc.c head/sys/netipsec/key.c head/sys/netipsec/keysock.c head/sys/sys/mbuf.h Modified: head/share/man/man9/mbuf.9 == --- head/share/man/man9/mbuf.9 Tue Jan 6 10:02:14 2015(r276749) +++ head/share/man/man9/mbuf.9 Tue Jan 6 12:59:37 2015(r276750) @@ -24,7 +24,7 @@ .\ .\ $FreeBSD$ .\ -.Dd October 21, 2014 +.Dd January 5, 2015 .Dt MBUF 9 .Os .\ @@ -40,6 +40,7 @@ .Ss Mbuf allocation macros .Fn MGET struct mbuf *mbuf int how short type .Fn MGETHDR struct mbuf *mbuf int how short type +.Ft int .Fn MCLGET struct mbuf *mbuf int how .Fo MEXTADD .Fa struct mbuf *mbuf @@ -436,10 +437,12 @@ Allocate and attach an .Vt mbuf cluster to .Fa mbuf . -If the macro fails, the +On success, a non-zero value returned; otherwise, 0. +Historically, consumers would check for success by testing the .Dv M_EXT -flag will not be set in -.Fa mbuf . +flag on the mbuf, but this is now discouraged to avoid unnecessary awareness +of the implementation of external storage in protocol stacks and device +drivers. .It Fn M_ALIGN mbuf len Set the pointer .Fa mbuf-m_data Modified: head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c == --- head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c Tue Jan 6 10:02:14 2015(r276749) +++ head/sys/contrib/ipfilter/netinet/ip_fil_freebsd.c Tue Jan 6 12:59:37 2015(r276750) @@ -386,8 +386,7 @@ ipf_send_reset(fin) if (m == NULL) return -1; if (sizeof(*tcp2) + hlen MLEN) { - MCLGET(m, M_NOWAIT); - if ((m-m_flags M_EXT) == 0) { + if (!(MCLGET(m, M_NOWAIT))) { FREE_MB_T(m); return -1; } @@ -610,8 +609,7 @@ ipf_send_icmp_err(type, fin, dst) code = icmptoicmp6unreach[code]; if (iclen + max_linkhdr + fin-fin_plen avail) { - MCLGET(m, M_NOWAIT); - if ((m-m_flags M_EXT) == 0) { + if (!(MCLGET(m, M_NOWAIT))) { FREE_MB_T(m); return -1; } Modified: head/sys/dev/an/if_an.c == --- head/sys/dev/an/if_an.c Tue Jan 6 10:02:14 2015(r276749) +++ head/sys/dev/an/if_an.c Tue Jan 6 12:59:37 2015(r276750) @@ -943,8 +943,7 @@ an_rxeof(struct an_softc *sc)
svn commit: r276752 - head/sys/netinet
Author: rwatson Date: Tue Jan 6 14:32:28 2015 New Revision: 276752 URL: https://svnweb.freebsd.org/changeset/base/276752 Log: Use M_WRITABLE() and M_LEADINGSPACE() rather than checking M_EXT and doing hand-crafted length calculations in the IP options code. Reviewed by: bz Sponsored by: EMC / Isilon Storage Division Modified: head/sys/netinet/ip_options.c Modified: head/sys/netinet/ip_options.c == --- head/sys/netinet/ip_options.c Tue Jan 6 13:07:13 2015 (r276751) +++ head/sys/netinet/ip_options.c Tue Jan 6 14:32:28 2015 (r276752) @@ -500,7 +500,7 @@ ip_insertoptions(struct mbuf *m, struct } if (p-ipopt_dst.s_addr) ip-ip_dst = p-ipopt_dst; - if (m-m_flags M_EXT || m-m_data - optlen m-m_pktdat) { + if (!M_WRITABLE(m) || M_LEADINGSPACE(m) optlen) { n = m_gethdr(M_NOWAIT, MT_DATA); if (n == NULL) { *phlen = 0; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r276692 - in head/sys: dev/en dev/fatm dev/iscsi_initiator dev/patm kern net80211 netinet netinet6 sys
Author: rwatson Date: Mon Jan 5 09:58:32 2015 New Revision: 276692 URL: https://svnweb.freebsd.org/changeset/base/276692 Log: To ease changes to underlying mbuf structure and the mbuf allocator, reduce the knowledge of mbuf layout, and in particular constants such as M_EXT, MLEN, MHLEN, and so on, in mbuf consumers by unifying various alignment utility functions (M_ALIGN(), MH_ALIGN(), MEXT_ALIGN() in a single M_ALIGN() macro, implemented by a now-inlined m_align() function: - Move m_align() from uipc_mbuf.c to mbuf.h; mark as __inline. - Reimplement M_ALIGN(), MH_ALIGN(), and MEXT_ALIGN() using m_align(). - Update consumers around the tree to simply use M_ALIGN(). This change eliminates a number of cases where mbuf consumers must be aware of whether or not mbufs returned by the allocator use external storage, but also assumptions about the size of the returned mbuf. This will make it easier to introduce changes in how we use external storage, as well as features such as variable-size mbufs. Differential Revision:https://reviews.freebsd.org/D1436 Reviewed by: glebius, trasz, gnn, bz Sponsored by: EMC / Isilon Storage Division Modified: head/sys/dev/en/midway.c head/sys/dev/fatm/if_fatm.c head/sys/dev/iscsi_initiator/isc_soc.c head/sys/dev/patm/if_patm_rx.c head/sys/kern/uipc_mbuf.c head/sys/net80211/ieee80211_freebsd.c head/sys/netinet/if_ether.c head/sys/netinet/igmp.c head/sys/netinet/ip_carp.c head/sys/netinet/sctp_os_bsd.h head/sys/netinet/tcp_output.c head/sys/netinet6/ip6_output.c head/sys/netinet6/mld6.c head/sys/netinet6/nd6_nbr.c head/sys/sys/mbuf.h Modified: head/sys/dev/en/midway.c == --- head/sys/dev/en/midway.cMon Jan 5 05:30:07 2015(r276691) +++ head/sys/dev/en/midway.cMon Jan 5 09:58:32 2015(r276692) @@ -1935,7 +1935,7 @@ en_mget(struct en_softc *sc, u_int pktle m-m_pkthdr.rcvif = NULL; m-m_pkthdr.len = pktlen; m-m_len = EN_RX1BUF; - MH_ALIGN(m, EN_RX1BUF); + M_ALIGN(m, EN_RX1BUF); if (m-m_len = totlen) { m-m_len = totlen; Modified: head/sys/dev/fatm/if_fatm.c == --- head/sys/dev/fatm/if_fatm.c Mon Jan 5 05:30:07 2015(r276691) +++ head/sys/dev/fatm/if_fatm.c Mon Jan 5 09:58:32 2015(r276692) @@ -1105,7 +1105,7 @@ fatm_supply_small_buffers(struct fatm_so LIST_INSERT_HEAD(sc-rbuf_free, rb, link); break; } - MH_ALIGN(m, SMALL_BUFFER_LEN); + M_ALIGN(m, SMALL_BUFFER_LEN); error = bus_dmamap_load(sc-rbuf_tag, rb-map, m-m_data, SMALL_BUFFER_LEN, dmaload_helper, phys, BUS_DMA_NOWAIT); Modified: head/sys/dev/iscsi_initiator/isc_soc.c == --- head/sys/dev/iscsi_initiator/isc_soc.c Mon Jan 5 05:30:07 2015 (r276691) +++ head/sys/dev/iscsi_initiator/isc_soc.c Mon Jan 5 09:58:32 2015 (r276692) @@ -110,7 +110,7 @@ isc_sendPDU(isc_session_t *sp, pduq_t *p | Add any AHS to the iSCSI hdr mbuf */ if((mh-m_len + pp-ahs_len) MHLEN) { - MH_ALIGN(mh, mh-m_len + pp-ahs_len); + M_ALIGN(mh, mh-m_len + pp-ahs_len); bcopy(pp-ipdu, mh-m_data, mh-m_len); bcopy(pp-ahs_addr, mh-m_data + mh-m_len, pp-ahs_len); mh-m_len += pp-ahs_len; @@ -119,7 +119,7 @@ isc_sendPDU(isc_session_t *sp, pduq_t *p panic(len AHS=%d too big, not impleneted yet, pp-ahs_len); } else { - MH_ALIGN(mh, mh-m_len); + M_ALIGN(mh, mh-m_len); bcopy(pp-ipdu, mh-m_data, mh-m_len); } mh-m_pkthdr.len = mh-m_len; Modified: head/sys/dev/patm/if_patm_rx.c == --- head/sys/dev/patm/if_patm_rx.c Mon Jan 5 05:30:07 2015 (r276691) +++ head/sys/dev/patm/if_patm_rx.c Mon Jan 5 09:58:32 2015 (r276692) @@ -471,7 +471,7 @@ patm_rx_raw(struct patm_softc *sc, u_cha default: case PATM_RAW_CELL: m-m_len = m-m_pkthdr.len = 53; - MH_ALIGN(m, 53); + M_ALIGN(m, 53); dst = mtod(m, u_char *); *dst++ = *cell++; *dst++ = *cell++; @@ -483,7 +483,7 @@ patm_rx_raw(struct patm_softc *sc, u_cha case PATM_RAW_NOHEC: m-m_len = m-m_pkthdr.len = 52; - MH_ALIGN(m, 52); + M_ALIGN(m, 52); dst = mtod(m, u_char *); *dst++ = *cell++; *dst++ = *cell++; @@ -494,7 +494,7 @@
svn commit: r276563 - head/sys/dev/cxgb/ulp/tom
Author: rwatson Date: Fri Jan 2 19:06:27 2015 New Revision: 276563 URL: https://svnweb.freebsd.org/changeset/base/276563 Log: In mbuf_to_synq_entry(), use M_START() and M_SIZE() to calculate an offset into mbuf storage, to reduce knowledge about mbuf/cluster layout in the cxgb device driver. Reviewed by: np Sponsored by: EMC / Isilon Storage Division Modified: head/sys/dev/cxgb/ulp/tom/cxgb_listen.c Modified: head/sys/dev/cxgb/ulp/tom/cxgb_listen.c == --- head/sys/dev/cxgb/ulp/tom/cxgb_listen.c Fri Jan 2 19:05:39 2015 (r276562) +++ head/sys/dev/cxgb/ulp/tom/cxgb_listen.c Fri Jan 2 19:06:27 2015 (r276563) @@ -442,26 +442,13 @@ static struct synq_entry * mbuf_to_synq_entry(struct mbuf *m) { int len = roundup(sizeof (struct synq_entry), 8); - uint8_t *buf; - int buflen; if (__predict_false(M_TRAILINGSPACE(m) len)) { panic(%s: no room for synq_entry (%td, %d)\n, __func__, M_TRAILINGSPACE(m), len); } - if (m-m_flags M_EXT) { - buf = m-m_ext.ext_buf; - buflen = m-m_ext.ext_size; - } else if (m-m_flags M_PKTHDR) { - buf = m-m_pktdat[0]; - buflen = MHLEN; - } else { - buf = m-m_dat[0]; - buflen = MLEN; - } - - return ((void *)(buf + buflen - len)); + return ((void *)(M_START(m) + M_SIZE(m) - len)); } #ifdef KTR ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r273028 - in head/sys/dev: msk nfe sk
Author: rwatson Date: Mon Oct 13 06:51:40 2014 New Revision: 273028 URL: https://svnweb.freebsd.org/changeset/base/273028 Log: Eliminate unnecessary checking for M_EXT on mbufs returned by m_getjcl(). Reviewed by: bz, glebius, yongari MFC after:3 days Sponsored by: EMC / Isilon Storage Division Differential Revision:https://reviews.freebsd.org/D938 Modified: head/sys/dev/msk/if_msk.c head/sys/dev/nfe/if_nfe.c head/sys/dev/sk/if_sk.c Modified: head/sys/dev/msk/if_msk.c == --- head/sys/dev/msk/if_msk.c Mon Oct 13 06:50:08 2014(r273027) +++ head/sys/dev/msk/if_msk.c Mon Oct 13 06:51:40 2014(r273028) @@ -962,10 +962,6 @@ msk_jumbo_newbuf(struct msk_if_softc *sc m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUM9BYTES); if (m == NULL) return (ENOBUFS); - if ((m-m_flags M_EXT) == 0) { - m_freem(m); - return (ENOBUFS); - } m-m_len = m-m_pkthdr.len = MJUM9BYTES; if ((sc_if-msk_flags MSK_FLAG_RAMBUF) == 0) m_adj(m, ETHER_ALIGN); Modified: head/sys/dev/nfe/if_nfe.c == --- head/sys/dev/nfe/if_nfe.c Mon Oct 13 06:50:08 2014(r273027) +++ head/sys/dev/nfe/if_nfe.c Mon Oct 13 06:51:40 2014(r273028) @@ -2063,10 +2063,6 @@ nfe_jnewbuf(struct nfe_softc *sc, int id m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUM9BYTES); if (m == NULL) return (ENOBUFS); - if ((m-m_flags M_EXT) == 0) { - m_freem(m); - return (ENOBUFS); - } m-m_pkthdr.len = m-m_len = MJUM9BYTES; m_adj(m, ETHER_ALIGN); Modified: head/sys/dev/sk/if_sk.c == --- head/sys/dev/sk/if_sk.c Mon Oct 13 06:50:08 2014(r273027) +++ head/sys/dev/sk/if_sk.c Mon Oct 13 06:51:40 2014(r273028) @@ -1012,10 +1012,6 @@ sk_jumbo_newbuf(sc_if, idx) m = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUM9BYTES); if (m == NULL) return (ENOBUFS); - if ((m-m_flags M_EXT) == 0) { - m_freem(m); - return (ENOBUFS); - } m-m_pkthdr.len = m-m_len = MJUM9BYTES; /* * Adjust alignment so packet payload begins on a ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r272984 - in head/sys: netinet netinet6
Author: rwatson Date: Sun Oct 12 15:49:52 2014 New Revision: 272984 URL: https://svnweb.freebsd.org/changeset/base/272984 Log: When deciding whether to call m_pullup() even though there is adequate data in an mbuf, use M_WRITABLE() instead of a direct test of M_EXT; the latter both unnecessarily exposes mbuf-allocator internals in the protocol stack and is also insufficient to catch all cases of non-writability. (NB: m_pullup() does not actually guarantee that a writable mbuf is returned, so further refinement of all of these code paths continues to be required.) Reviewed by: bz MFC after:3 days Sponsored by: EMC / Isilon Storage Division Differential Revision: https://reviews.freebsd.org/D900 Modified: head/sys/netinet/igmp.c head/sys/netinet/ip_mroute.c head/sys/netinet/ip_output.c head/sys/netinet6/icmp6.c head/sys/netinet6/ip6_mroute.c head/sys/netinet6/ip6_output.c Modified: head/sys/netinet/igmp.c == --- head/sys/netinet/igmp.c Sun Oct 12 13:12:06 2014(r272983) +++ head/sys/netinet/igmp.c Sun Oct 12 15:49:52 2014(r272984) @@ -1466,7 +1466,7 @@ igmp_input(struct mbuf **mp, int *offp, minlen += IGMP_V3_QUERY_MINLEN; else minlen += IGMP_MINLEN; - if ((m-m_flags M_EXT || m-m_len minlen) + if ((!M_WRITABLE(m) || m-m_len minlen) (m = m_pullup(m, minlen)) == 0) { IGMPSTAT_INC(igps_rcv_tooshort); return (IPPROTO_DONE); @@ -1557,7 +1557,7 @@ igmp_input(struct mbuf **mp, int *offp, */ igmpv3len = iphlen + IGMP_V3_QUERY_MINLEN + srclen; - if ((m-m_flags M_EXT || + if ((!M_WRITABLE(m) || m-m_len igmpv3len) (m = m_pullup(m, igmpv3len)) == NULL) { IGMPSTAT_INC(igps_rcv_tooshort); Modified: head/sys/netinet/ip_mroute.c == --- head/sys/netinet/ip_mroute.cSun Oct 12 13:12:06 2014 (r272983) +++ head/sys/netinet/ip_mroute.cSun Oct 12 15:49:52 2014 (r272984) @@ -121,7 +121,6 @@ __FBSDID($FreeBSD$); #endif #defineVIFI_INVALID((vifi_t) -1) -#defineM_HASCL(m) ((m)-m_flags M_EXT) static VNET_DEFINE(uint32_t, last_tv_sec); /* last time we processed this */ #defineV_last_tv_sec VNET(last_tv_sec) @@ -1304,7 +1303,7 @@ X_ip_mforward(struct ip *ip, struct ifne } mb0 = m_copypacket(m, M_NOWAIT); - if (mb0 (M_HASCL(mb0) || mb0-m_len hlen)) + if (mb0 (!M_WRITABLE(mb0) || mb0-m_len hlen)) mb0 = m_pullup(mb0, hlen); if (mb0 == NULL) { free(rte, M_MRTABLE); @@ -1544,7 +1543,7 @@ ip_mdq(struct mbuf *m, struct ifnet *ifp int hlen = ip-ip_hl 2; struct mbuf *mm = m_copy(m, 0, hlen); - if (mm (M_HASCL(mm) || mm-m_len hlen)) + if (mm (!M_WRITABLE(mm) || mm-m_len hlen)) mm = m_pullup(mm, hlen); if (mm == NULL) return ENOBUFS; @@ -1665,7 +1664,7 @@ phyint_send(struct ip *ip, struct vif *v * so that ip_output() only scribbles on the copy. */ mb_copy = m_copypacket(m, M_NOWAIT); -if (mb_copy (M_HASCL(mb_copy) || mb_copy-m_len hlen)) +if (mb_copy (!M_WRITABLE(mb_copy) || mb_copy-m_len hlen)) mb_copy = m_pullup(mb_copy, hlen); if (mb_copy == NULL) return; Modified: head/sys/netinet/ip_output.c == --- head/sys/netinet/ip_output.cSun Oct 12 13:12:06 2014 (r272983) +++ head/sys/netinet/ip_output.cSun Oct 12 15:49:52 2014 (r272984) @@ -1365,7 +1365,7 @@ ip_mloopback(struct ifnet *ifp, struct m * modify the pack in order to generate checksums. */ copym = m_dup(m, M_NOWAIT); - if (copym != NULL (copym-m_flags M_EXT || copym-m_len hlen)) + if (copym != NULL (!M_WRITABLE(copym) || copym-m_len hlen)) copym = m_pullup(copym, hlen); if (copym != NULL) { /* If needed, compute the checksum and mark it as valid. */ Modified: head/sys/netinet6/icmp6.c == --- head/sys/netinet6/icmp6.c Sun Oct 12 13:12:06 2014(r272983) +++ head/sys/netinet6/icmp6.c Sun Oct 12 15:49:52 2014(r272984) @@ -63,6 +63,8 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); +#defineMBUF_PRIVATE/* XXXRW: Optimisation tries to avoid M_EXT mbufs */ + #include opt_inet.h
Re: svn commit: r271504 - in head/sys: dev/oce dev/vmware/vmxnet3 dev/xen/netfront net netinet ofed/drivers/net/mlx4
On Sat, 13 Sep 2014, Rick Macklem wrote: Well, there are spare fields (if_ispare[4]) in struct ifnet that I believe can be used for new u_ints when MFC'ng a patch that adds fields to struct ifnet in head. (If I have this wrong, someone please correct me.) In my notes from a few years ago on KBIs, it looked like we could potentially convert ifnet from only use spares to OK to append to the structure in a stable branch. It used to be that ifnet was embedded in driver softcs, and so ifnet changes broke compiled driver modules, but this is no longer the case. A careful review might suggest to us that it's OK to simply add the new fields we want to the end, but need to do that review before assuming it. Robert ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271420 - in head/sys: dev/cxgbe/common sys
Author: rwatson Date: Thu Sep 11 07:16:15 2014 New Revision: 271420 URL: http://svnweb.freebsd.org/changeset/base/271420 Log: Add new a M_START() mbuf macro that returns a pointer to the start of an mbuf's storage (internal or external). Add a new M_SIZE() mbuf macro that returns the size of an mbuf's storage (internal or external). These contrast with m_data and m_len, which are with respect to data in the buffer, rather than the buffer itself. Rewrite M_LEADINGSPACE() and M_TRAILINGSPACE() in terms of M_START() and M_SIZE(). This is done as we currently have many instances of using mbuf flags to generate pointers or lengths for internal storage in header and regular mbufs, as well as to external storage. Rather than replicate this logic throughout the network stack, centralising the implementation will make it easier for us to refine mbuf storage. This should also help reduce bugs by limiting the amount of mbuf-type-specific pointer arithmetic. Followup changes will propagate use of the macros throughout the stack. M_SIZE() conflicts with one macro in the Chelsio driver; rename that macro in a slightly unsatisfying way to eliminate the collision. MFC after:3 days Obtained from:jeff (with enhancements) Sponsored by: EMC / Isilon Storage Division Reviewed by: bz, glebius, np Differential Revision:https://reviews.freebsd.org/D753 Modified: head/sys/dev/cxgbe/common/t4_regs.h head/sys/sys/mbuf.h Modified: head/sys/dev/cxgbe/common/t4_regs.h == --- head/sys/dev/cxgbe/common/t4_regs.h Thu Sep 11 06:17:56 2014 (r271419) +++ head/sys/dev/cxgbe/common/t4_regs.h Thu Sep 11 07:16:15 2014 (r271420) @@ -1073,9 +1073,9 @@ #define A_SGE_FL_BUFFER_SIZE0 0x1044 #define S_SIZE4 -#define M_SIZE0xfffU +#define CXGBE_M_SIZE0xfffU #define V_SIZE(x) ((x) S_SIZE) -#define G_SIZE(x) (((x) S_SIZE) M_SIZE) +#define G_SIZE(x) (((x) S_SIZE) CXGBE_M_SIZE) #define A_SGE_FL_BUFFER_SIZE1 0x1048 #define A_SGE_FL_BUFFER_SIZE2 0x104c Modified: head/sys/sys/mbuf.h == --- head/sys/sys/mbuf.h Thu Sep 11 06:17:56 2014(r271419) +++ head/sys/sys/mbuf.h Thu Sep 11 07:16:15 2014(r271420) @@ -843,29 +843,50 @@ m_last(struct mbuf *m) } while (0) /* + * Return the address of the start of the buffer associated with an mbuf, + * handling external storage, packet-header mbufs, and regular data mbufs. + */ +#defineM_START(m) \ + (((m)-m_flags M_EXT) ? (m)-m_ext.ext_buf : \ +((m)-m_flags M_PKTHDR) ? (m)-m_pktdat[0] :\ +(m)-m_dat[0]) + +/* + * Return the size of the buffer associated with an mbuf, handling external + * storage, packet-header mbufs, and regular data mbufs. + */ +#defineM_SIZE(m) \ + (((m)-m_flags M_EXT) ? (m)-m_ext.ext_size : \ +((m)-m_flags M_PKTHDR) ? MHLEN :\ +MLEN) + +/* * Compute the amount of space available before the current start of data in * an mbuf. * * The M_WRITABLE() is a temporary, conservative safety measure: the burden * of checking writability of the mbuf data area rests solely with the caller. + * + * NB: In previous versions, M_LEADINGSPACE() would only check M_WRITABLE() + * for mbufs with external storage. We now allow mbuf-embedded data to be + * read-only as well. */ #defineM_LEADINGSPACE(m) \ - ((m)-m_flags M_EXT ? \ - (M_WRITABLE(m) ? (m)-m_data - (m)-m_ext.ext_buf : 0): \ - (m)-m_flags M_PKTHDR ? (m)-m_data - (m)-m_pktdat : \ - (m)-m_data - (m)-m_dat) + (M_WRITABLE(m) ? ((m)-m_data - M_START(m)) : 0) /* * Compute the amount of space available after the end of data in an mbuf. * * The M_WRITABLE() is a temporary, conservative safety measure: the burden * of checking writability of the mbuf data area rests solely with the caller. + * + * NB: In previous versions, M_TRAILINGSPACE() would only check M_WRITABLE() + * for mbufs with external storage. We now allow mbuf-embedded data to be + * read-only as well. */ #defineM_TRAILINGSPACE(m) \ - ((m)-m_flags M_EXT ? \ - (M_WRITABLE(m) ? (m)-m_ext.ext_buf + (m)-m_ext.ext_size \ - - ((m)-m_data + (m)-m_len) : 0) : \ - (m)-m_dat[MLEN] - ((m)-m_data + (m)-m_len)) + (M_WRITABLE(m) ?\ + ((M_START(m) + M_SIZE(m)) - ((m)-m_data +
Re: svn commit: r271418 - head/sbin/dhclient
A bit behind on commits, but: does this mean that an older userspace dhclient will no longer work with a newer kernel? Robert On Thu, 11 Sep 2014, Gleb Smirnoff wrote: Author: glebius Date: Thu Sep 11 05:48:39 2014 New Revision: 271418 URL: http://svnweb.freebsd.org/changeset/base/271418 Log: Since r270929 raw sockets expect network byte order. Submitted by: avg Modified: head/sbin/dhclient/packet.c Modified: head/sbin/dhclient/packet.c == --- head/sbin/dhclient/packet.c Thu Sep 11 03:16:57 2014(r271417) +++ head/sbin/dhclient/packet.c Thu Sep 11 05:48:39 2014(r271418) @@ -127,17 +127,6 @@ assemble_udp_ip_header(unsigned char *bu ip.ip_dst.s_addr = to; ip.ip_sum = wrapsum(checksum((unsigned char *)ip, sizeof(ip), 0)); - - /* -* While the BPF -- used for broadcasts -- expects a true IP header -* with all the bytes in network byte order, the raw socket interface -* which is used for unicasts expects the ip_len field to be in host -* byte order. In both cases, the checksum has to be correct, so this -* is as good a place as any to turn the bytes around again. -*/ - if (to != INADDR_BROADCAST) - ip.ip_len = ntohs(ip.ip_len); - memcpy(buf[*bufix], ip, sizeof(ip)); *bufix += sizeof(ip); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271373 - in head/sys/dev: ce cp ctau cx
Author: rwatson Date: Wed Sep 10 09:57:32 2014 New Revision: 271373 URL: http://svnweb.freebsd.org/changeset/base/271373 Log: Replace local copy-and-paste implementations of printmbuf() in several device drivers with calls to the centralised m_print() implementation. While the formatting and output details differ a little, the content is essentially the same, and it is unlikely anyone has used this debugging output in some time. This change reduces awareness of mbuf cluster allocation (and, especially, the M_EXT flag) outside of the mbuf allocator, which will make it easier to refine the external storage mechanism without disrupting drivers in the future. Style bugs are preserved. Reviewed by: bz, glebius MFC after:3 days Sponsored by: EMC / Isilon Storage Division Modified: head/sys/dev/ce/if_ce.c head/sys/dev/cp/if_cp.c head/sys/dev/ctau/if_ct.c head/sys/dev/cx/if_cx.c Modified: head/sys/dev/ce/if_ce.c == --- head/sys/dev/ce/if_ce.c Wed Sep 10 09:47:16 2014(r271372) +++ head/sys/dev/ce/if_ce.c Wed Sep 10 09:57:32 2014(r271373) @@ -298,22 +298,6 @@ static struct cdevsw ce_cdevsw = { #endif /* - * Print the mbuf chain, for debug purposes only. - */ -static void printmbuf (struct mbuf *m) -{ - printf (mbuf:); - for (; m; m=m-m_next) { - if (m-m_flags M_PKTHDR) - printf ( HDR %d:, m-m_pkthdr.len); - if (m-m_flags M_EXT) - printf ( EXT:); - printf ( %d, m-m_len); - } - printf (\n); -} - -/* * Make an mbuf from data. */ static struct mbuf *makembuf (void *buf, unsigned len) @@ -1140,7 +1124,7 @@ static void ce_receive (ce_chan_t *c, un return; } if (c-debug 1) - printmbuf (m); + m_print (m, 0); #ifdef NETGRAPH m-m_pkthdr.rcvif = 0; IF_ENQUEUE(d-rqueue, m); Modified: head/sys/dev/cp/if_cp.c == --- head/sys/dev/cp/if_cp.c Wed Sep 10 09:47:16 2014(r271372) +++ head/sys/dev/cp/if_cp.c Wed Sep 10 09:57:32 2014(r271373) @@ -182,22 +182,6 @@ static struct cdevsw cp_cdevsw = { }; /* - * Print the mbuf chain, for debug purposes only. - */ -static void printmbuf (struct mbuf *m) -{ - printf (mbuf:); - for (; m; m=m-m_next) { - if (m-m_flags M_PKTHDR) - printf ( HDR %d:, m-m_pkthdr.len); - if (m-m_flags M_EXT) - printf ( EXT:); - printf ( %d, m-m_len); - } - printf (\n); -} - -/* * Make an mbuf from data. */ static struct mbuf *makembuf (void *buf, unsigned len) @@ -909,7 +893,7 @@ static void cp_receive (cp_chan_t *c, un return; } if (c-debug 1) - printmbuf (m); + m_print (m, 0); #ifdef NETGRAPH m-m_pkthdr.rcvif = 0; NG_SEND_DATA_ONLY (error, d-hook, m); Modified: head/sys/dev/ctau/if_ct.c == --- head/sys/dev/ctau/if_ct.c Wed Sep 10 09:47:16 2014(r271372) +++ head/sys/dev/ctau/if_ct.c Wed Sep 10 09:57:32 2014(r271373) @@ -185,22 +185,6 @@ static struct cdevsw ct_cdevsw = { }; /* - * Print the mbuf chain, for debug purposes only. - */ -static void printmbuf (struct mbuf *m) -{ - printf (mbuf:); - for (; m; m=m-m_next) { - if (m-m_flags M_PKTHDR) - printf ( HDR %d:, m-m_pkthdr.len); - if (m-m_flags M_EXT) - printf ( EXT:); - printf ( %d, m-m_len); - } - printf (\n); -} - -/* * Make an mbuf from data. */ static struct mbuf *makembuf (void *buf, u_int len) @@ -1127,7 +,7 @@ static void ct_receive (ct_chan_t *c, ch return; } if (c-debug 1) - printmbuf (m); + m_print (m, 0); #ifdef NETGRAPH m-m_pkthdr.rcvif = 0; NG_SEND_DATA_ONLY (error, d-hook, m); Modified: head/sys/dev/cx/if_cx.c == --- head/sys/dev/cx/if_cx.c Wed Sep 10 09:47:16 2014(r271372) +++ head/sys/dev/cx/if_cx.c Wed Sep 10 09:57:32 2014(r271373) @@ -232,22 +232,6 @@ static struct cdevsw cx_cdevsw = { static int MY_SOFT_INTR; /* - * Print the mbuf chain, for debug purposes only. - */ -static void printmbuf (struct mbuf *m) -{ - printf (mbuf:); - for (; m; m=m-m_next) { - if (m-m_flags M_PKTHDR) - printf ( HDR %d:, m-m_pkthdr.len); - if (m-m_flags M_EXT) - printf ( EXT:); - printf ( %d, m-m_len); - } - printf (\n); -} -
svn commit: r271174 - head/sys/sys
Author: rwatson Date: Fri Sep 5 16:46:28 2014 New Revision: 271174 URL: http://svnweb.freebsd.org/changeset/base/271174 Log: Clarify a diagnostic printf() in the mbuf code: M_EXT doesn't necessarily imply a cluster is attached; it could also refer to some other sort of external storage (e.g., an sf_buf). MFC after:3 days Sponsored by: EMC / Isilon Storage Division Modified: head/sys/sys/mbuf.h Modified: head/sys/sys/mbuf.h == --- head/sys/sys/mbuf.h Fri Sep 5 16:40:47 2014(r271173) +++ head/sys/sys/mbuf.h Fri Sep 5 16:46:28 2014(r271174) @@ -672,7 +672,7 @@ m_clget(struct mbuf *m, int how) { if (m-m_flags M_EXT) - printf(%s: %p mbuf already has cluster\n, __func__, m); + printf(%s: %p mbuf already has external storage\n, __func__, m); m-m_ext.ext_buf = (char *)NULL; uma_zalloc_arg(zone_clust, m, how); /* @@ -698,7 +698,7 @@ m_cljget(struct mbuf *m, int how, int si uma_zone_t zone; if (m m-m_flags M_EXT) - printf(%s: %p mbuf already has cluster\n, __func__, m); + printf(%s: %p mbuf already has external storage\n, __func__, m); if (m != NULL) m-m_ext.ext_buf = NULL; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r271175 - head/sys/fs/nfs
Author: rwatson Date: Fri Sep 5 17:05:51 2014 New Revision: 271175 URL: http://svnweb.freebsd.org/changeset/base/271175 Log: Garbage collect NFSMINOFF() from the NFS stack; this unused macro replicates mbuf-initialisation logic that is best left to centralised mbuf utility code rather than scattered around the kernel. MFC after:3 days Sponsored by: EMC / Isilon Storage Division Modified: head/sys/fs/nfs/nfsm_subs.h Modified: head/sys/fs/nfs/nfsm_subs.h == --- head/sys/fs/nfs/nfsm_subs.h Fri Sep 5 16:46:28 2014(r271174) +++ head/sys/fs/nfs/nfsm_subs.h Fri Sep 5 17:05:51 2014(r271175) @@ -47,13 +47,6 @@ * First define what the actual subs. return */ #defineM_HASCL(m) ((m)-m_flags M_EXT) -#defineNFSMINOFF(m) \ - if (M_HASCL(m)) \ - (m)-m_data = (m)-m_ext.ext_buf; \ - else if ((m)-m_flags M_PKTHDR) \ - (m)-m_data = (m)-m_pktdat;\ - else\ - (m)-m_data = (m)-m_dat #defineNFSMSIZ(m) ((M_HASCL(m))?MCLBYTES: \ (((m)-m_flags M_PKTHDR)?MHLEN:MLEN)) #defineNFSM_DATAP(m, s)(m)-m_data += (s) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r268925 - head/usr.bin/procstat
Author: rwatson Date: Sun Jul 20 20:11:34 2014 New Revision: 268925 URL: http://svnweb.freebsd.org/changeset/base/268925 Log: In procstat -v (VM), spell out 'FL' to 'FLAG' since there are two extra columns available anyway. Also left align as we tend to do for flags fields, although you can't see that currently as the string fully fills that available columns. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/usr.bin/procstat/procstat.1 head/usr.bin/procstat/procstat_vm.c Modified: head/usr.bin/procstat/procstat.1 == --- head/usr.bin/procstat/procstat.1Sun Jul 20 20:05:39 2014 (r268924) +++ head/usr.bin/procstat/procstat.1Sun Jul 20 20:11:34 2014 (r268925) @@ -445,7 +445,7 @@ private resident pages reference count .It SHD shadow page count -.It FL +.It FLAG mapping flags .It TP VM object type Modified: head/usr.bin/procstat/procstat_vm.c == --- head/usr.bin/procstat/procstat_vm.c Sun Jul 20 20:05:39 2014 (r268924) +++ head/usr.bin/procstat/procstat_vm.c Sun Jul 20 20:11:34 2014 (r268925) @@ -50,9 +50,9 @@ procstat_vm(struct procstat *procstat, s ptrwidth = 2*sizeof(void *) + 2; if (!hflag) - printf(%5s %*s %*s %3s %4s %4s %3s %3s %4s %-2s %-s\n, + printf(%5s %*s %*s %3s %4s %4s %3s %3s %-4s %-2s %-s\n, PID, ptrwidth, START, ptrwidth, END, PRT, RES, - PRES, REF, SHD, FL, TP, PATH); + PRES, REF, SHD, FLAG, TP, PATH); freep = procstat_getvmmap(procstat, kipp, cnt); if (freep == NULL) ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r268879 - head/usr.bin/procstat
Author: rwatson Date: Sat Jul 19 15:09:53 2014 New Revision: 268879 URL: http://svnweb.freebsd.org/changeset/base/268879 Log: Better align headers and data for 'procstat -f' with and without '-C'. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/usr.bin/procstat/procstat_files.c Modified: head/usr.bin/procstat/procstat_files.c == --- head/usr.bin/procstat/procstat_files.c Sat Jul 19 14:34:06 2014 (r268878) +++ head/usr.bin/procstat/procstat_files.c Sat Jul 19 15:09:53 2014 (r268879) @@ -317,12 +317,12 @@ procstat_files(struct procstat *procstat if (!hflag) { if (Cflag) - printf(%5s %-16s %4s %1s %-9s %-*s + printf(%5s %-16s %5s %1s %-8s %-*s %-3s %-12s\n, PID, COMM, FD, T, FLAGS, capwidth, CAPABILITIES, PRO, NAME); else - printf(%5s %-16s %4s %1s %1s %-9s + printf(%5s %-16s %5s %1s %1s %-8s %3s %7s %-3s %-12s\n, PID, COMM, FD, T, V, FLAGS, REF, OFFSET, PRO, NAME); } @@ -450,6 +450,7 @@ procstat_files(struct procstat *procstat printf(%s, fst-fs_fflags PS_FST_FFLAG_NONBLOCK ? n : -); printf(%s, fst-fs_fflags PS_FST_FFLAG_DIRECT ? d : -); printf(%s, fst-fs_fflags PS_FST_FFLAG_HASLOCK ? l : -); + printf( ); if (!Cflag) { if (fst-fs_ref_count -1) printf(%3d , fst-fs_ref_count); ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r265432 - head/sys/sys
Author: rwatson Date: Tue May 6 10:53:51 2014 New Revision: 265432 URL: http://svnweb.freebsd.org/changeset/base/265432 Log: Spell raccdt in a more conventional way in a comment. MFC after:3 days Modified: head/sys/sys/kernel.h Modified: head/sys/sys/kernel.h == --- head/sys/sys/kernel.h Tue May 6 09:55:49 2014(r265431) +++ head/sys/sys/kernel.h Tue May 6 10:53:51 2014(r265432) @@ -166,7 +166,7 @@ enum sysinit_sub_id { SI_SUB_KTHREAD_UPDATE = 0xec0,/* update daemon*/ SI_SUB_KTHREAD_IDLE = 0xee0,/* idle procs*/ SI_SUB_SMP = 0xf00,/* start the APs*/ - SI_SUB_RACCTD = 0xf10,/* start raccd*/ + SI_SUB_RACCTD = 0xf10,/* start racctd*/ SI_SUB_LAST = 0xfff /* final initialization */ }; ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r265396 - head/sys/sys
Author: rwatson Date: Mon May 5 21:46:10 2014 New Revision: 265396 URL: http://svnweb.freebsd.org/changeset/base/265396 Log: Garbage collect two more unused sysinit subsystems: SI_SUB_KVM_RSRC and SI_SUB_CLISTS. MFC after:3 days Modified: head/sys/sys/kernel.h Modified: head/sys/sys/kernel.h == --- head/sys/sys/kernel.h Mon May 5 21:44:53 2014(r265395) +++ head/sys/sys/kernel.h Mon May 5 21:46:10 2014(r265396) @@ -94,7 +94,6 @@ enum sysinit_sub_id { SI_SUB_MTX_POOL_STATIC = 0x090,/* static mutex pool */ SI_SUB_VM = 0x100,/* virtual memory system init*/ SI_SUB_KMEM = 0x180,/* kernel memory*/ - SI_SUB_KVM_RSRC = 0x1A0,/* kvm operational limits*/ SI_SUB_HYPERVISOR = 0x1A4,/* * Hypervisor detection and * virtualization support @@ -138,7 +137,6 @@ enum sysinit_sub_id { SI_SUB_CONFIGURE= 0x380,/* Configure devices */ SI_SUB_VFS = 0x400,/* virtual filesystem*/ SI_SUB_CLOCKS = 0x480,/* real time and stat clocks*/ - SI_SUB_CLIST= 0x580,/* clists*/ SI_SUB_SYSV_SHM = 0x640,/* System V shared memory*/ SI_SUB_SYSV_SEM = 0x680,/* System V semaphores*/ SI_SUB_SYSV_MSG = 0x6C0,/* System V message queues*/ ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r265216 - in head/sys: kern sys
Author: rwatson Date: Fri May 2 07:57:40 2014 New Revision: 265216 URL: http://svnweb.freebsd.org/changeset/base/265216 Log: Garbage collect mtxpool_lockbuilder, the mutex pool historically used for lockmgr and sx interlocks, but unused since optimised versions of those sleep locks were introduced. This will save a (quite) small amount of memory in all kernel configurations. The sleep mutex pool is retained as it is used for 'struct bio' and several other consumers. Discussed with: jhb MFC after:3 days Modified: head/sys/kern/kern_mtxpool.c head/sys/sys/kernel.h head/sys/sys/mutex.h Modified: head/sys/kern/kern_mtxpool.c == --- head/sys/kern/kern_mtxpool.cFri May 2 07:14:22 2014 (r265215) +++ head/sys/kern/kern_mtxpool.cFri May 2 07:57:40 2014 (r265216) @@ -59,9 +59,6 @@ __FBSDID($FreeBSD$); static MALLOC_DEFINE(M_MTXPOOL, mtx_pool, mutex pool); /* Pool sizes must be a power of two */ -#ifndef MTX_POOL_LOCKBUILDER_SIZE -#define MTX_POOL_LOCKBUILDER_SIZE 128 -#endif #ifndef MTX_POOL_SLEEP_SIZE #define MTX_POOL_SLEEP_SIZE128 #endif @@ -78,18 +75,12 @@ struct mtx_pool { struct mtx mtx_pool_ary[1]; }; -static struct mtx_pool_lockbuilder { - struct mtxpool_header mtx_pool_header; - struct mtx mtx_pool_ary[MTX_POOL_LOCKBUILDER_SIZE]; -} lockbuilder_pool; - #define mtx_pool_size mtx_pool_header.mtxpool_size #define mtx_pool_mask mtx_pool_header.mtxpool_mask #define mtx_pool_shift mtx_pool_header.mtxpool_shift #define mtx_pool_next mtx_pool_header.mtxpool_next struct mtx_pool *mtxpool_sleep; -struct mtx_pool *mtxpool_lockbuilder; #if UINTPTR_MAX == UINT64_MAX /* 64 bits */ # define POINTER_BITS 64 @@ -166,15 +157,6 @@ mtx_pool_destroy(struct mtx_pool **poolp } static void -mtx_pool_setup_static(void *dummy __unused) -{ - mtx_pool_initialize((struct mtx_pool *)lockbuilder_pool, - lockbuilder mtxpool, MTX_POOL_LOCKBUILDER_SIZE, - MTX_DEF | MTX_NOWITNESS | MTX_QUIET); - mtxpool_lockbuilder = (struct mtx_pool *)lockbuilder_pool; -} - -static void mtx_pool_setup_dynamic(void *dummy __unused) { mtxpool_sleep = mtx_pool_create(sleep mtxpool, @@ -202,17 +184,5 @@ mtx_pool_alloc(struct mtx_pool *pool) return (pool-mtx_pool_ary[i]); } -/* - * The lockbuilder pool must be initialized early because the lockmgr - * and sx locks depend on it. The sx locks are used in the kernel - * memory allocator. The lockmgr subsystem is initialized by - * SYSINIT(..., SI_SUB_LOCKMGR, ...). - * - * We can't call malloc() to dynamically allocate the sleep pool - * until after kmeminit() has been called, which is done by - * SYSINIT(..., SI_SUB_KMEM, ...). - */ -SYSINIT(mtxpooli1, SI_SUB_MTX_POOL_STATIC, SI_ORDER_FIRST, -mtx_pool_setup_static, NULL); SYSINIT(mtxpooli2, SI_SUB_MTX_POOL_DYNAMIC, SI_ORDER_FIRST, mtx_pool_setup_dynamic, NULL); Modified: head/sys/sys/kernel.h == --- head/sys/sys/kernel.h Fri May 2 07:14:22 2014(r265215) +++ head/sys/sys/kernel.h Fri May 2 07:57:40 2014(r265216) @@ -92,7 +92,6 @@ enum sysinit_sub_id { SI_SUB_COPYRIGHT= 0x081,/* first use of console*/ SI_SUB_SETTINGS = 0x088,/* check and recheck settings */ SI_SUB_MTX_POOL_STATIC = 0x090,/* static mutex pool */ - SI_SUB_LOCKMGR = 0x098,/* lockmgr locks */ SI_SUB_VM = 0x100,/* virtual memory system init*/ SI_SUB_KMEM = 0x180,/* kernel memory*/ SI_SUB_KVM_RSRC = 0x1A0,/* kvm operational limits*/ Modified: head/sys/sys/mutex.h == --- head/sys/sys/mutex.hFri May 2 07:14:22 2014(r265215) +++ head/sys/sys/mutex.hFri May 2 07:57:40 2014(r265216) @@ -323,12 +323,8 @@ struct mtx *mtx_pool_alloc(struct mtx_po mtx_unlock_spin(mtx_pool_find((pool), (ptr))) /* - * mtxpool_lockbuilder is a pool of sleep locks that is not witness - * checked and should only be used for building higher level locks. - * * mtxpool_sleep is a general purpose pool of sleep mutexes. */ -extern struct mtx_pool *mtxpool_lockbuilder; extern struct mtx_pool *mtxpool_sleep; #ifndef LOCK_DEBUG ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r264625 - head/sys/mips/mips
Author: rwatson Date: Thu Apr 17 20:42:03 2014 New Revision: 264625 URL: http://svnweb.freebsd.org/changeset/base/264625 Log: Fix typo and case inconsistency in MIPS CP0 register names. MFC after:3 days Modified: head/sys/mips/mips/pm_machdep.c Modified: head/sys/mips/mips/pm_machdep.c == --- head/sys/mips/mips/pm_machdep.c Thu Apr 17 20:09:41 2014 (r264624) +++ head/sys/mips/mips/pm_machdep.c Thu Apr 17 20:42:03 2014 (r264625) @@ -413,7 +413,7 @@ set_mcontext(struct thread *td, const mc td-td_frame-mullo = mcp-mullo; td-td_frame-mulhi = mcp-mulhi; td-td_md.md_tls = mcp-mc_tls; - /* Dont let user to set any bits in Status and casue registers */ + /* Dont let user to set any bits in status and cause registers. */ return (0); } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r263842 - in head/lib/libc: capability gen sys
Author: rwatson Date: Thu Mar 27 21:43:00 2014 New Revision: 263842 URL: http://svnweb.freebsd.org/changeset/base/263842 Log: Update system man pages for s/capability.h/capsicum.h/. MFC after:3 weeks Modified: head/lib/libc/capability/cap_rights_init.3 head/lib/libc/gen/cap_rights_get.3 head/lib/libc/gen/cap_sandboxed.3 head/lib/libc/sys/cap_enter.2 head/lib/libc/sys/cap_fcntls_limit.2 head/lib/libc/sys/cap_ioctls_limit.2 head/lib/libc/sys/cap_rights_limit.2 Modified: head/lib/libc/capability/cap_rights_init.3 == --- head/lib/libc/capability/cap_rights_init.3 Thu Mar 27 21:32:02 2014 (r263841) +++ head/lib/libc/capability/cap_rights_init.3 Thu Mar 27 21:43:00 2014 (r263842) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd September 23, 2013 +.Dd March 27, 2014 .Dt CAP_RIGHTS_INIT 3 .Os .Sh NAME @@ -44,7 +44,7 @@ .Sh LIBRARY .Lb libc .Sh SYNOPSIS -.In sys/capability.h +.In sys/capsicum.h .Ft cap_rights_t * .Fn cap_rights_init cap_rights_t *rights ... .Ft cap_rights_t * Modified: head/lib/libc/gen/cap_rights_get.3 == --- head/lib/libc/gen/cap_rights_get.3 Thu Mar 27 21:32:02 2014 (r263841) +++ head/lib/libc/gen/cap_rights_get.3 Thu Mar 27 21:43:00 2014 (r263842) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd September 23, 2013 +.Dd March 27, 2014 .Dt CAP_RIGHTS_GET 3 .Os .Sh NAME @@ -37,7 +37,7 @@ .Sh LIBRARY .Lb libc .Sh SYNOPSIS -.In sys/capability.h +.In sys/capsicum.h .Ft int .Fn cap_rights_get int fd cap_rights_t *rights .Sh DESCRIPTION Modified: head/lib/libc/gen/cap_sandboxed.3 == --- head/lib/libc/gen/cap_sandboxed.3 Thu Mar 27 21:32:02 2014 (r263841) +++ head/lib/libc/gen/cap_sandboxed.3 Thu Mar 27 21:43:00 2014 (r263842) @@ -1,3 +1,4 @@ +.\ .\ Copyright (c) 2012 The FreeBSD Foundation .\ All rights reserved. .\ @@ -27,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd September 18, 2012 +.Dd March 27, 2014 .Dt CAP_SANDBOXED 3 .Os .Sh NAME @@ -36,7 +37,7 @@ .Sh LIBRARY .Lb libc .Sh SYNOPSIS -.In sys/capability.h +.In sys/capsicum.h .In stdbool.h .Ft bool .Fn cap_sandboxed void Modified: head/lib/libc/sys/cap_enter.2 == --- head/lib/libc/sys/cap_enter.2 Thu Mar 27 21:32:02 2014 (r263841) +++ head/lib/libc/sys/cap_enter.2 Thu Mar 27 21:43:00 2014 (r263842) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd February 25, 2012 +.Dd March 27, 2014 .Dt CAP_ENTER 2 .Os .Sh NAME @@ -38,7 +38,7 @@ .Sh LIBRARY .Lb libc .Sh SYNOPSIS -.In sys/capability.h +.In sys/capsicum.h .Ft int .Fn cap_enter void .Ft int Modified: head/lib/libc/sys/cap_fcntls_limit.2 == --- head/lib/libc/sys/cap_fcntls_limit.2Thu Mar 27 21:32:02 2014 (r263841) +++ head/lib/libc/sys/cap_fcntls_limit.2Thu Mar 27 21:43:00 2014 (r263842) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd September 20, 2012 +.Dd March 27, 2014 .Dt CAP_FCNTLS_LIMIT 2 .Os .Sh NAME @@ -38,7 +38,7 @@ .Sh LIBRARY .Lb libc .Sh SYNOPSIS -.In sys/capability.h +.In sys/capsicum.h .Ft int .Fn cap_fcntls_limit int fd uint32_t fcntlrights .Ft int Modified: head/lib/libc/sys/cap_ioctls_limit.2 == --- head/lib/libc/sys/cap_ioctls_limit.2Thu Mar 27 21:32:02 2014 (r263841) +++ head/lib/libc/sys/cap_ioctls_limit.2Thu Mar 27 21:43:00 2014 (r263842) @@ -28,7 +28,7 @@ .\ .\ $FreeBSD$ .\ -.Dd September 20, 2012 +.Dd March 27, 2014 .Dt CAP_IOCTLS_LIMIT 2 .Os .Sh NAME @@ -38,7 +38,7 @@ .Sh LIBRARY .Lb libc .Sh SYNOPSIS -.In sys/capability.h +.In sys/capsicum.h .Ft int .Fn cap_ioctls_limit int fd const unsigned long *cmds size_t ncmds .Ft ssize_t Modified: head/lib/libc/sys/cap_rights_limit.2 == --- head/lib/libc/sys/cap_rights_limit.2Thu Mar 27 21:32:02 2014 (r263841) +++ head/lib/libc/sys/cap_rights_limit.2Thu Mar 27 21:43:00 2014 (r263842) @@ -32,7 +32,7 @@ .\ .\ $FreeBSD$ .\ -.Dd February 23, 2013 +.Dd March 27, 2014 .Dt CAP_RIGHTS_LIMIT 2 .Os .Sh NAME @@ -41,7 +41,7 @@ .Sh LIBRARY .Lb libc .Sh SYNOPSIS -.In sys/capability.h +.In sys/capsicum.h .Ft int .Fn cap_rights_limit int fd const cap_rights_t *rights .Sh DESCRIPTION ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r263266 - head/usr.sbin/jail
Author: rwatson Date: Mon Mar 17 14:19:42 2014 New Revision: 263266 URL: http://svnweb.freebsd.org/changeset/base/263266 Log: Line-wrapping tweak: make the sample jail command line fit in 80 characters. MFC after:3 days Modified: head/usr.sbin/jail/jail.8 Modified: head/usr.sbin/jail/jail.8 == --- head/usr.sbin/jail/jail.8 Mon Mar 17 13:54:53 2014(r263265) +++ head/usr.sbin/jail/jail.8 Mon Mar 17 14:19:42 2014(r263266) @@ -898,8 +898,9 @@ or for running a virtual server. .Pp Start a shell in the jail: .Bd -literal -offset indent -jail -c path=/data/jail/testjail mount.devfs host.hostname=testhostname \\ - ip4.addr=192.0.2.100 command=/bin/sh +jail -c path=/data/jail/testjail mount.devfs \\ + host.hostname=testhostname ip4.addr=192.0.2.100 \\ + command=/bin/sh .Ed .Pp Assuming no errors, you will end up with a shell prompt within the jail. ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r263215 - head/sys/crypto/sha2
On Sun, 16 Mar 2014, John-Mark Gurney wrote: Log: copy these files from lib/libmd in preperation for moving these files into the kernel... I was sure that there was a sha256 implementation in the kernel already, and indeed there is -- in the ZFS code. Having it in the crypto tree makes (much) more sense (and I remain surprised it wasn't there already). I wonder if this means we can GC at least the copy in the zfs tree (if not the boot copy as well). Robert Added: head/sys/crypto/sha2/sha256.h - copied unchanged from r263213, head/lib/libmd/sha256.h head/sys/crypto/sha2/sha256c.c - copied unchanged from r263213, head/lib/libmd/sha256c.c Copied: head/sys/crypto/sha2/sha256.h (from r263213, head/lib/libmd/sha256.h) == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/sha2/sha256.h Sun Mar 16 00:57:26 2014 (r263215, copy of r263213, head/lib/libmd/sha256.h) @@ -0,0 +1,50 @@ +/*- + * Copyright 2005 Colin Percival + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _SHA256_H_ +#define _SHA256_H_ + +#include sys/types.h + +typedef struct SHA256Context { + uint32_t state[8]; + uint64_t count; + unsigned char buf[64]; +} SHA256_CTX; + +__BEGIN_DECLS +void SHA256_Init(SHA256_CTX *); +void SHA256_Update(SHA256_CTX *, const void *, size_t); +void SHA256_Final(unsigned char [32], SHA256_CTX *); +char *SHA256_End(SHA256_CTX *, char *); +char *SHA256_File(const char *, char *); +char *SHA256_FileChunk(const char *, char *, off_t, off_t); +char *SHA256_Data(const void *, unsigned int, char *); +__END_DECLS + +#endif /* !_SHA256_H_ */ Copied: head/sys/crypto/sha2/sha256c.c (from r263213, head/lib/libmd/sha256c.c) == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/sha2/sha256c.c Sun Mar 16 00:57:26 2014 (r263215, copy of r263213, head/lib/libmd/sha256c.c) @@ -0,0 +1,297 @@ +/*- + * Copyright 2005 Colin Percival + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include sys/cdefs.h +__FBSDID($FreeBSD$); + +#include sys/endian.h +#include sys/types.h + +#include string.h + +#include sha256.h + +#if BYTE_ORDER == BIG_ENDIAN + +/* Copy a vector of
Re: svn commit: r263215 - head/sys/crypto/sha2
On Sun, 16 Mar 2014, Robert Watson wrote: copy these files from lib/libmd in preperation for moving these files into the kernel... I was sure that there was a sha256 implementation in the kernel already, and indeed there is -- in the ZFS code. Having it in the crypto tree makes (much) more sense (and I remain surprised it wasn't there already). I wonder if this means we can GC at least the copy in the zfs tree (if not the boot copy as well). Reading the follow-up commit I now understand better. I do wonder if we can drop the ZFS copy, however -- in general, we seem to prefer FreeBSD versions of things (e.g., the ACL code) when they are available. Robert Robert Added: head/sys/crypto/sha2/sha256.h - copied unchanged from r263213, head/lib/libmd/sha256.h head/sys/crypto/sha2/sha256c.c - copied unchanged from r263213, head/lib/libmd/sha256c.c Copied: head/sys/crypto/sha2/sha256.h (from r263213, head/lib/libmd/sha256.h) == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/sha2/sha256.h Sun Mar 16 00:57:26 2014 (r263215, copy of r263213, head/lib/libmd/sha256.h) @@ -0,0 +1,50 @@ +/*- + * Copyright 2005 Colin Percival + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * $FreeBSD$ + */ + +#ifndef _SHA256_H_ +#define _SHA256_H_ + +#include sys/types.h + +typedef struct SHA256Context { + uint32_t state[8]; + uint64_t count; + unsigned char buf[64]; +} SHA256_CTX; + +__BEGIN_DECLS +void SHA256_Init(SHA256_CTX *); +void SHA256_Update(SHA256_CTX *, const void *, size_t); +void SHA256_Final(unsigned char [32], SHA256_CTX *); +char *SHA256_End(SHA256_CTX *, char *); +char *SHA256_File(const char *, char *); +char *SHA256_FileChunk(const char *, char *, off_t, off_t); +char *SHA256_Data(const void *, unsigned int, char *); +__END_DECLS + +#endif /* !_SHA256_H_ */ Copied: head/sys/crypto/sha2/sha256c.c (from r263213, head/lib/libmd/sha256c.c) == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/crypto/sha2/sha256c.c Sun Mar 16 00:57:26 2014 (r263215, copy of r263213, head/lib/libmd/sha256c.c) @@ -0,0 +1,297 @@ +/*- + * Copyright 2005 Colin Percival + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY
svn commit: r263232 - head/sys/sys
Author: rwatson Date: Sun Mar 16 10:49:16 2014 New Revision: 263232 URL: http://svnweb.freebsd.org/changeset/base/263232 Log: Rename capability.h to capsicum.h: the original name conflicts with the draft POSIX.1e capability.h used on some systems (e.g., Linux). On FreeBSD, leave a wrapper header so that current code continues to compile. We will eventually want to deprecate the old header as the presence of a capability.h may be confusing some configure scripts. Suggested by: David Drysdale drysdale at google.com Discussed on: cl-capsicum-discuss MFC after:3 weeks Added: head/sys/sys/capsicum.h - copied, changed from r263197, head/sys/sys/capability.h Modified: head/sys/sys/capability.h Modified: head/sys/sys/capability.h == --- head/sys/sys/capability.h Sun Mar 16 09:40:05 2014(r263231) +++ head/sys/sys/capability.h Sun Mar 16 10:49:16 2014(r263232) @@ -1,14 +1,10 @@ /*- - * Copyright (c) 2008-2010 Robert N. M. Watson - * Copyright (c) 2012 FreeBSD Foundation + * Copyright (c) 2014 Robert N. M. Watson * All rights reserved. * * This software was developed at the University of Cambridge Computer * Laboratory with support from a grant from Google, Inc. * - * Portions of this software were developed by Pawel Jakub Dawidek under - * sponsorship from the FreeBSD Foundation. - * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: @@ -34,391 +30,14 @@ */ /* - * Definitions for FreeBSD capabilities facility. + * Historically, the key userspace and kernel Capsicum definitions were found + * in this file. However, it conflicted with POSIX.1e's capability.h, so has + * been renamed capability.h. The file remains for backwards compatibility + * reasons as a nested include. */ #ifndef _SYS_CAPABILITY_H_ #define_SYS_CAPABILITY_H_ -#include sys/cdefs.h -#include sys/param.h - -#include sys/caprights.h -#include sys/file.h -#include sys/fcntl.h - -#ifndef _KERNEL -#include stdbool.h -#endif - -#defineCAPRIGHT(idx, bit) ((1ULL (57 + (idx))) | (bit)) - -/* - * Possible rights on capabilities. - * - * Notes: - * Some system calls don't require a capability in order to perform an - * operation on an fd. These include: close, dup, dup2. - * - * sendfile is authorized using CAP_READ on the file and CAP_WRITE on the - * socket. - * - * mmap() and aio*() system calls will need special attention as they may - * involve reads or writes depending a great deal on context. - */ - -/* INDEX 0 */ - -/* - * General file I/O. - */ -/* Allows for openat(O_RDONLY), read(2), readv(2). */ -#defineCAP_READCAPRIGHT(0, 0x0001ULL) -/* Allows for openat(O_WRONLY | O_APPEND), write(2), writev(2). */ -#defineCAP_WRITE CAPRIGHT(0, 0x0002ULL) -/* Allows for lseek(fd, 0, SEEK_CUR). */ -#defineCAP_SEEK_TELL CAPRIGHT(0, 0x0004ULL) -/* Allows for lseek(2). */ -#defineCAP_SEEK(CAP_SEEK_TELL | 0x0008ULL) -/* Allows for aio_read(2), pread(2), preadv(2). */ -#defineCAP_PREAD (CAP_SEEK | CAP_READ) -/* - * Allows for aio_write(2), openat(O_WRONLY) (without O_APPEND), pwrite(2), - * pwritev(2). - */ -#defineCAP_PWRITE (CAP_SEEK | CAP_WRITE) -/* Allows for mmap(PROT_NONE). */ -#defineCAP_MMAPCAPRIGHT(0, 0x0010ULL) -/* Allows for mmap(PROT_READ). */ -#defineCAP_MMAP_R (CAP_MMAP | CAP_SEEK | CAP_READ) -/* Allows for mmap(PROT_WRITE). */ -#defineCAP_MMAP_W (CAP_MMAP | CAP_SEEK | CAP_WRITE) -/* Allows for mmap(PROT_EXEC). */ -#defineCAP_MMAP_X (CAP_MMAP | CAP_SEEK | 0x0020ULL) -/* Allows for mmap(PROT_READ | PROT_WRITE). */ -#defineCAP_MMAP_RW (CAP_MMAP_R | CAP_MMAP_W) -/* Allows for mmap(PROT_READ | PROT_EXEC). */ -#defineCAP_MMAP_RX (CAP_MMAP_R | CAP_MMAP_X) -/* Allows for mmap(PROT_WRITE | PROT_EXEC). */ -#defineCAP_MMAP_WX (CAP_MMAP_W | CAP_MMAP_X) -/* Allows for mmap(PROT_READ | PROT_WRITE | PROT_EXEC). */ -#defineCAP_MMAP_RWX(CAP_MMAP_R | CAP_MMAP_W | CAP_MMAP_X) -/* Allows for openat(O_CREAT). */ -#defineCAP_CREATE CAPRIGHT(0, 0x0040ULL) -/* Allows for openat(O_EXEC) and fexecve(2) in turn. */ -#defineCAP_FEXECVE CAPRIGHT(0, 0x0080ULL) -/* Allows for openat(O_SYNC), openat(O_FSYNC), fsync(2), aio_fsync(2). */ -#defineCAP_FSYNC CAPRIGHT(0, 0x0100ULL) -/* Allows for openat(O_TRUNC), ftruncate(2). */ -#defineCAP_FTRUNCATE CAPRIGHT(0, 0x0200ULL) - -/* Lookups - used to constrain *at() calls.
svn commit: r263233 - in head/sys: amd64/amd64 amd64/linux32 arm/arm cam/ctl cddl/compat/opensolaris/sys compat/freebsd32 compat/linux compat/svr4 dev/aac dev/aacraid dev/amr dev/filemon dev/hwpmc ...
Author: rwatson Date: Sun Mar 16 10:55:57 2014 New Revision: 263233 URL: http://svnweb.freebsd.org/changeset/base/263233 Log: Update kernel inclusions of capability.h to use capsicum.h instead; some further refinement is required as some device drivers intended to be portable over FreeBSD versions rely on __FreeBSD_version to decide whether to include capability.h. MFC after:3 weeks Modified: head/sys/amd64/amd64/sys_machdep.c head/sys/amd64/linux32/linux32_machdep.c head/sys/arm/arm/sys_machdep.c head/sys/cam/ctl/ctl_frontend_iscsi.c head/sys/cddl/compat/opensolaris/sys/file.h head/sys/compat/freebsd32/freebsd32_capability.c head/sys/compat/freebsd32/freebsd32_ioctl.c head/sys/compat/freebsd32/freebsd32_misc.c head/sys/compat/linux/linux_file.c head/sys/compat/linux/linux_ioctl.c head/sys/compat/linux/linux_socket.c head/sys/compat/svr4/svr4_fcntl.c head/sys/compat/svr4/svr4_filio.c head/sys/compat/svr4/svr4_ioctl.c head/sys/compat/svr4/svr4_misc.c head/sys/compat/svr4/svr4_stream.c head/sys/dev/aac/aac_linux.c head/sys/dev/aacraid/aacraid_linux.c head/sys/dev/amr/amr_linux.c head/sys/dev/filemon/filemon.c head/sys/dev/hwpmc/hwpmc_logging.c head/sys/dev/ipmi/ipmi_linux.c head/sys/dev/iscsi/icl.c head/sys/dev/iscsi/icl_proxy.c head/sys/dev/iscsi_initiator/iscsi.c head/sys/dev/mfi/mfi_linux.c head/sys/dev/tdfx/tdfx_linux.c head/sys/fs/fdescfs/fdesc_vnops.c head/sys/fs/fuse/fuse_vfsops.c head/sys/fs/nfsclient/nfs_clport.c head/sys/fs/nfsserver/nfs_nfsdport.c head/sys/i386/i386/sys_machdep.c head/sys/i386/ibcs2/ibcs2_fcntl.c head/sys/i386/ibcs2/ibcs2_ioctl.c head/sys/i386/ibcs2/ibcs2_misc.c head/sys/i386/linux/linux_machdep.c head/sys/kern/imgact_elf.c head/sys/kern/kern_descrip.c head/sys/kern/kern_event.c head/sys/kern/kern_exec.c head/sys/kern/kern_exit.c head/sys/kern/kern_ktrace.c head/sys/kern/kern_sig.c head/sys/kern/kern_sysctl.c head/sys/kern/subr_capability.c head/sys/kern/subr_syscall.c head/sys/kern/subr_trap.c head/sys/kern/sys_capability.c head/sys/kern/sys_generic.c head/sys/kern/sys_procdesc.c head/sys/kern/tty.c head/sys/kern/uipc_mqueue.c head/sys/kern/uipc_sem.c head/sys/kern/uipc_shm.c head/sys/kern/uipc_syscalls.c head/sys/kern/uipc_usrreq.c head/sys/kern/vfs_acl.c head/sys/kern/vfs_aio.c head/sys/kern/vfs_extattr.c head/sys/kern/vfs_lookup.c head/sys/kern/vfs_syscalls.c head/sys/netsmb/smb_dev.c head/sys/nfsserver/nfs_srvkrpc.c head/sys/security/mac/mac_syscalls.c head/sys/sparc64/sparc64/sys_machdep.c head/sys/ufs/ffs/ffs_alloc.c head/sys/vm/vm_mmap.c Modified: head/sys/amd64/amd64/sys_machdep.c == --- head/sys/amd64/amd64/sys_machdep.c Sun Mar 16 10:49:16 2014 (r263232) +++ head/sys/amd64/amd64/sys_machdep.c Sun Mar 16 10:55:57 2014 (r263233) @@ -37,7 +37,7 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/systm.h -#include sys/capability.h +#include sys/capsicum.h #include sys/kernel.h #include sys/lock.h #include sys/malloc.h Modified: head/sys/amd64/linux32/linux32_machdep.c == --- head/sys/amd64/linux32/linux32_machdep.cSun Mar 16 10:49:16 2014 (r263232) +++ head/sys/amd64/linux32/linux32_machdep.cSun Mar 16 10:55:57 2014 (r263233) @@ -34,7 +34,7 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/kernel.h #include sys/systm.h -#include sys/capability.h +#include sys/capsicum.h #include sys/file.h #include sys/fcntl.h #include sys/clock.h Modified: head/sys/arm/arm/sys_machdep.c == --- head/sys/arm/arm/sys_machdep.c Sun Mar 16 10:49:16 2014 (r263232) +++ head/sys/arm/arm/sys_machdep.c Sun Mar 16 10:55:57 2014 (r263233) @@ -36,7 +36,7 @@ __FBSDID($FreeBSD$); #include sys/param.h #include sys/systm.h -#include sys/capability.h +#include sys/capsicum.h #include sys/proc.h #include sys/sysproto.h #include sys/syscall.h Modified: head/sys/cam/ctl/ctl_frontend_iscsi.c == --- head/sys/cam/ctl/ctl_frontend_iscsi.c Sun Mar 16 10:49:16 2014 (r263232) +++ head/sys/cam/ctl/ctl_frontend_iscsi.c Sun Mar 16 10:55:57 2014 (r263233) @@ -37,7 +37,7 @@ __FBSDID($FreeBSD$); #include sys/param.h -#include sys/capability.h +#include sys/capsicum.h #include sys/condvar.h #include sys/file.h #include sys/kernel.h Modified: head/sys/cddl/compat/opensolaris/sys/file.h == --- head/sys/cddl/compat/opensolaris/sys/file.h Sun Mar 16 10:49:16 2014 (r263232) +++ head/sys/cddl/compat/opensolaris/sys/file.h Sun Mar 16 10:55:57 2014
svn commit: r263234 - in head: contrib/tcpdump crypto/openssh lib/libc/gen lib/libcasper lib/libprocstat sbin/casperd sbin/dhclient sbin/hastd sbin/ping tools/regression/capsicum/libcapsicum tools/...
Author: rwatson Date: Sun Mar 16 11:04:44 2014 New Revision: 263234 URL: http://svnweb.freebsd.org/changeset/base/263234 Log: Update most userspace consumers of capability.h to use capsicum.h instead. auditdistd is not updated as I will make the change upstream and then do a vendor import sometime in the next week or two. MFC after:3 weeks Modified: head/contrib/tcpdump/tcpdump.c head/crypto/openssh/sandbox-capsicum.c head/lib/libc/gen/cap_sandboxed.c head/lib/libcasper/libcasper.c head/lib/libprocstat/libprocstat.c head/sbin/casperd/casperd.c head/sbin/casperd/zygote.c head/sbin/dhclient/bpf.c head/sbin/dhclient/dhclient.c head/sbin/hastd/subr.c head/sbin/ping/ping.c head/tools/regression/capsicum/libcapsicum/dns.c head/tools/regression/capsicum/libcapsicum/grp.c head/tools/regression/capsicum/libcapsicum/pwd.c head/tools/regression/capsicum/libcapsicum/sysctl.c head/tools/regression/capsicum/syscalls/cap_fcntls_limit.c head/tools/regression/capsicum/syscalls/cap_getmode.c head/tools/regression/capsicum/syscalls/cap_ioctls_limit.c head/tools/regression/security/cap_test/cap_test_capabilities.c head/tools/regression/security/cap_test/cap_test_capmode.c head/tools/regression/security/cap_test/cap_test_fcntl.c head/tools/regression/security/cap_test/cap_test_pdfork.c head/tools/regression/security/cap_test/cap_test_pdkill.c head/tools/regression/security/cap_test/cap_test_relative.c head/tools/regression/security/cap_test/cap_test_sysctl.c head/usr.bin/kdump/kdump.c head/usr.bin/kdump/mksubr head/usr.bin/procstat/procstat_files.c head/usr.bin/rwho/rwho.c head/usr.bin/uniq/uniq.c head/usr.sbin/ctld/kernel.c head/usr.sbin/iscsid/iscsid.c head/usr.sbin/rwhod/rwhod.c Modified: head/contrib/tcpdump/tcpdump.c == --- head/contrib/tcpdump/tcpdump.c Sun Mar 16 10:55:57 2014 (r263233) +++ head/contrib/tcpdump/tcpdump.c Sun Mar 16 11:04:44 2014 (r263234) @@ -69,7 +69,7 @@ extern int SIZE_BUF; #include string.h #include limits.h #ifdef __FreeBSD__ -#include sys/capability.h +#include sys/capsicum.h #include sys/ioccom.h #include sys/types.h #include sys/sysctl.h Modified: head/crypto/openssh/sandbox-capsicum.c == --- head/crypto/openssh/sandbox-capsicum.c Sun Mar 16 10:55:57 2014 (r263233) +++ head/crypto/openssh/sandbox-capsicum.c Sun Mar 16 11:04:44 2014 (r263234) @@ -22,7 +22,7 @@ #include sys/param.h #include sys/time.h #include sys/resource.h -#include sys/capability.h +#include sys/capsicum.h #include errno.h #include stdarg.h Modified: head/lib/libc/gen/cap_sandboxed.c == --- head/lib/libc/gen/cap_sandboxed.c Sun Mar 16 10:55:57 2014 (r263233) +++ head/lib/libc/gen/cap_sandboxed.c Sun Mar 16 11:04:44 2014 (r263234) @@ -30,7 +30,7 @@ #include sys/cdefs.h __FBSDID($FreeBSD$); -#include sys/capability.h +#include sys/capsicum.h #include assert.h #include errno.h Modified: head/lib/libcasper/libcasper.c == --- head/lib/libcasper/libcasper.c Sun Mar 16 10:55:57 2014 (r263233) +++ head/lib/libcasper/libcasper.c Sun Mar 16 11:04:44 2014 (r263234) @@ -31,7 +31,7 @@ __FBSDID($FreeBSD$); #include sys/types.h -#include sys/capability.h +#include sys/capsicum.h #include sys/queue.h #include sys/socket.h #include sys/stat.h Modified: head/lib/libprocstat/libprocstat.c == --- head/lib/libprocstat/libprocstat.c Sun Mar 16 10:55:57 2014 (r263233) +++ head/lib/libprocstat/libprocstat.c Sun Mar 16 11:04:44 2014 (r263234) @@ -61,7 +61,7 @@ __FBSDID($FreeBSD$); #include sys/conf.h #include sys/ksem.h #include sys/mman.h -#include sys/capability.h +#include sys/capsicum.h #define_KERNEL #include sys/mount.h #include sys/pipe.h Modified: head/sbin/casperd/casperd.c == --- head/sbin/casperd/casperd.c Sun Mar 16 10:55:57 2014(r263233) +++ head/sbin/casperd/casperd.c Sun Mar 16 11:04:44 2014(r263234) @@ -31,7 +31,7 @@ __FBSDID($FreeBSD$); #include sys/types.h -#include sys/capability.h +#include sys/capsicum.h #include sys/queue.h #include sys/socket.h #include sys/stat.h Modified: head/sbin/casperd/zygote.c == --- head/sbin/casperd/zygote.c Sun Mar 16 10:55:57 2014(r263233) +++ head/sbin/casperd/zygote.c Sun Mar 16 11:04:44 2014(r263234) @@ -31,7 +31,7 @@ __FBSDID($FreeBSD$); #include sys/types.h -#include sys/capability.h
svn commit: r263235 - head/sys/sys
Author: rwatson Date: Sun Mar 16 11:06:05 2014 New Revision: 263235 URL: http://svnweb.freebsd.org/changeset/base/263235 Log: Bump __FreeBSD_version to reflect capability.h - capsicum.h change. MFC after:3 weeks Modified: head/sys/sys/param.h Modified: head/sys/sys/param.h == --- head/sys/sys/param.hSun Mar 16 11:04:44 2014(r263234) +++ head/sys/sys/param.hSun Mar 16 11:06:05 2014(r263235) @@ -58,7 +58,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 1100013 /* Master, propagated to newvers */ +#define __FreeBSD_version 1100014 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r263252 - head/sys/sys
Author: rwatson Date: Sun Mar 16 21:05:00 2014 New Revision: 263252 URL: http://svnweb.freebsd.org/changeset/base/263252 Log: Fix a comment in capability.h: it got renamed to capsicum.h, not capability.h. MFC after:3 weeks Spotted by: alc, mcdouga9 at egr.msu.edu, thompsa Modified: head/sys/sys/capability.h Modified: head/sys/sys/capability.h == --- head/sys/sys/capability.h Sun Mar 16 20:39:39 2014(r263251) +++ head/sys/sys/capability.h Sun Mar 16 21:05:00 2014(r263252) @@ -32,7 +32,7 @@ /* * Historically, the key userspace and kernel Capsicum definitions were found * in this file. However, it conflicted with POSIX.1e's capability.h, so has - * been renamed capability.h. The file remains for backwards compatibility + * been renamed capsicum.h. The file remains for backwards compatibility * reasons as a nested include. */ #ifndef _SYS_CAPABILITY_H_ ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r263198 - in head/sys: amd64/conf conf net netinet netinet6 sys
Author: rwatson Date: Sat Mar 15 00:57:50 2014 New Revision: 263198 URL: http://svnweb.freebsd.org/changeset/base/263198 Log: Several years after initial development, merge prototype support for linking NIC Receive Side Scaling (RSS) to the network stack's connection-group implementation. This prototype (and derived patches) are in use at Juniper and several other FreeBSD-using companies, so despite some reservations about its maturity, merge the patch to the base tree so that it can be iteratively refined in collaboration rather than maintained as a set of gradually diverging patch sets. (1) Merge a software implementation of the Toeplitz hash specified in RSS implemented by David Malone. This is used to allow suitable pcbgroup placement of connections before the first packet is received from the NIC. Software hashing is generally avoided, however, due to high cost of the hash on general-purpose CPUs. (2) In in_rss.c, maintain authoritative versions of RSS state intended to be pushed to each NIC, including keying material, hash algorithm/ configuration, and buckets. Provide software-facing interfaces to hash 2- and 4-tuples for IPv4 and IPv6 using both the RSS standardised Toeplitz and a 'naive' variation with a hash efficient in software but with poor distribution properties. Implement rss_m2cpuid()to be used by netisr and other load balancing code to look up the CPU on which an mbuf should be processed. (3) In the Ethernet link layer, allow netisr distribution using RSS as a source of policy as an alternative to source ordering; continue to default to direct dispatch (i.e., don't try and requeue packets for processing on the 'right' CPU if they arrive in a directly dispatchable context). (4) Allow RSS to control tuning of connection groups in order to align groups with RSS buckets. If a packet arrives on a protocol using connection groups, and contains a suitable hardware-generated hash, use that hash value to select the connection group for pcb lookup for both IPv4 and IPv6. If no hardware-generated Toeplitz hash is available, we fall back on regular PCB lookup risking contention rather than pay the cost of Toeplitz in software -- this is a less scalable but, at my last measurement, faster approach. As core counts go up, we may want to revise this strategy despite CPU overhead. Where device drivers suitably configure NICs, and connection groups / RSS are enabled, this should avoid both lock and line contention during connection lookup for TCP. This commit does not modify any device drivers to tune device RSS configuration to the global RSS configuration; patches are in circulation to do this for at least Chelsio T3 and Intel 1G/10G drivers. Currently, the KPI for device drivers is not particularly robust, nor aware of more advanced features such as runtime reconfiguration/rebalancing. This will hopefully prove a useful starting point for refinement. No MFC is scheduled as we will first want to nail down a more mature and maintainable KPI/KBI for device drivers. Sponsored by: Juniper Networks (original work) Sponsored by: EMC/Isilon (patch update and merge) Added: head/sys/netinet/in_rss.c (contents, props changed) head/sys/netinet/in_rss.h (contents, props changed) head/sys/netinet/toeplitz.c (contents, props changed) head/sys/netinet/toeplitz.h (contents, props changed) Modified: head/sys/amd64/conf/GENERIC head/sys/conf/files head/sys/conf/options head/sys/net/if_ethersubr.c head/sys/netinet/in_pcb.c head/sys/netinet/in_pcbgroup.c head/sys/netinet6/in6_pcb.c head/sys/netinet6/in6_pcbgroup.c head/sys/sys/priv.h Modified: head/sys/amd64/conf/GENERIC == --- head/sys/amd64/conf/GENERIC Sat Mar 15 00:23:35 2014(r263197) +++ head/sys/amd64/conf/GENERIC Sat Mar 15 00:57:50 2014(r263198) @@ -28,6 +28,8 @@ options SCHED_ULE # ULE scheduler optionsPREEMPTION # Enable kernel thread preemption optionsINET# InterNETworking optionsINET6 # IPv6 communications protocols +optionsPCBGROUP# Protocol control-block groups +optionsRSS # Receive-side scaling support optionsTCP_OFFLOAD # TCP offload optionsSCTP# Stream Control Transmission Protocol optionsFFS # Berkeley Fast Filesystem Modified: head/sys/conf/files == --- head/sys/conf/files Sat Mar 15 00:23:35 2014(r263197) +++ head/sys/conf/files Sat Mar 15 00:57:50 2014(r263198) @@ -3267,6 +3267,7
svn commit: r263200 - head/sys/amd64/conf
Author: rwatson Date: Sat Mar 15 00:59:23 2014 New Revision: 263200 URL: http://svnweb.freebsd.org/changeset/base/263200 Log: Revert a small portion of r263198 left over from local testing: don't enable PCB groups and RSS by default [yet]. Modified: head/sys/amd64/conf/GENERIC Modified: head/sys/amd64/conf/GENERIC == --- head/sys/amd64/conf/GENERIC Sat Mar 15 00:58:08 2014(r263199) +++ head/sys/amd64/conf/GENERIC Sat Mar 15 00:59:23 2014(r263200) @@ -28,8 +28,6 @@ options SCHED_ULE # ULE scheduler optionsPREEMPTION # Enable kernel thread preemption optionsINET# InterNETworking optionsINET6 # IPv6 communications protocols -optionsPCBGROUP# Protocol control-block groups -optionsRSS # Receive-side scaling support optionsTCP_OFFLOAD # TCP offload optionsSCTP# Stream Control Transmission Protocol optionsFFS # Berkeley Fast Filesystem ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
Re: svn commit: r262882 - head/tools/tools/net80211/wlanstats
On Fri, 7 Mar 2014, Bruce Evans wrote: Log: wlanstats: add help - add a help (-h) flag - move usage into itsown function it looks like the only change now is that usage info always go to stdout, and exit code differs. i don't think it should be mfced. It also removes the double printing of the program name (correct) and the printing of usage: , and has mounds of style bugs. gnu utilities have a --help flag that causes similar behaviour (printing to stdout and exiting with status 0), but they still print error messages about usage to stderr. They can also return a non-zero status if printing the man pages encounters problems. This leads to some curious text in the GNU info page for 'true' explaining that it can sometimes return false. Robert ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org
svn commit: r262690 - head/lib/libprocstat
Author: rwatson Date: Sun Mar 2 13:26:08 2014 New Revision: 262690 URL: http://svnweb.freebsd.org/changeset/base/262690 Log: When querying a process's umask via sysctl in libprocstat(), don't print a warning if EPERM is returned as this is an expected failure mode rather than error -- similar to current handling of ESRCH. This makes the output of 'procstat -as' vastly more palatable. MFC after:3 days Sponsored by: DARPA, AFRL Modified: head/lib/libprocstat/libprocstat.c Modified: head/lib/libprocstat/libprocstat.c == --- head/lib/libprocstat/libprocstat.c Sun Mar 2 13:12:06 2014 (r262689) +++ head/lib/libprocstat/libprocstat.c Sun Mar 2 13:26:08 2014 (r262690) @@ -2052,7 +2052,7 @@ procstat_getumask_sysctl(pid_t pid, unsi mib[3] = pid; len = sizeof(*maskp); error = sysctl(mib, 4, maskp, len, NULL, 0); - if (error != 0 errno != ESRCH) + if (error != 0 errno != ESRCH errno != EPERM) warn(sysctl: kern.proc.umask: %d, pid); return (error); } ___ svn-src-head@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to svn-src-head-unsubscr...@freebsd.org