svn commit: r287810 - stable/10/usr.sbin/pkg
Author: bapt Date: Tue Sep 15 05:56:16 2015 New Revision: 287810 URL: https://svnweb.freebsd.org/changeset/base/287810 Log: MFC: r287580 Remove extra debug that crept in Modified: stable/10/usr.sbin/pkg/pkg.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/pkg/pkg.c == --- stable/10/usr.sbin/pkg/pkg.cTue Sep 15 05:46:55 2015 (r287809) +++ stable/10/usr.sbin/pkg/pkg.cTue Sep 15 05:56:16 2015 (r287810) @@ -555,16 +555,16 @@ rsa_verify_cert(int fd, const char *sigf } if (EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, pkey) != 1) { - warnx("la %s", ERR_error_string(ERR_get_error(), errbuf)); + warnx("%s", ERR_error_string(ERR_get_error(), errbuf)); goto error; } if (EVP_DigestVerifyUpdate(mdctx, sha256, strlen(sha256)) != 1) { - warnx("ici: %s", ERR_error_string(ERR_get_error(), errbuf)); + warnx("%s", ERR_error_string(ERR_get_error(), errbuf)); goto error; } if (EVP_DigestVerifyFinal(mdctx, sig, siglen) != 1) { - warnx("merde %s", ERR_error_string(ERR_get_error(), errbuf)); + warnx("%s", ERR_error_string(ERR_get_error(), errbuf)); goto error; } ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287809 - stable/10/usr.sbin/pkg
Author: bapt Date: Tue Sep 15 05:46:55 2015 New Revision: 287809 URL: https://svnweb.freebsd.org/changeset/base/287809 Log: MFC: r287579 Implement pubkey support for the bootstrap Note that to not interfer with finger print it expects a signature on pkg itself which is named pkg.txz.pubkeysign To genrate it: echo -n "$(sha256 -q pkg.txz)" | openssl dgst -sha256 -sign /thekey \ -binary -out ./pkg.txz.pubkeysig Note the "echo -n" which prevent signing the '\n' one would get otherwise PR: 202622 Modified: stable/10/usr.sbin/pkg/config.c stable/10/usr.sbin/pkg/config.h stable/10/usr.sbin/pkg/pkg.c Modified: stable/10/usr.sbin/pkg/config.c == --- stable/10/usr.sbin/pkg/config.c Tue Sep 15 05:19:10 2015 (r287808) +++ stable/10/usr.sbin/pkg/config.c Tue Sep 15 05:46:55 2015 (r287809) @@ -131,6 +131,15 @@ static struct config_entry c[] = { false, true, }, + [PUBKEY] = { + PKG_CONFIG_STRING, + "PUBKEY", + NULL, + NULL, + NULL, + false, + false + } }; static int @@ -231,6 +240,8 @@ config_parse(const ucl_object_t *obj, pk sbuf_cpy(buf, "SIGNATURE_TYPE"); else if (strcasecmp(key, "fingerprints") == 0) sbuf_cpy(buf, "FINGERPRINTS"); + else if (strcasecmp(key, "pubkey") == 0) + sbuf_cpy(buf, "PUBKEY"); else if (strcasecmp(key, "enabled") == 0) { if ((cur->type != UCL_BOOLEAN) || !ucl_object_toboolean(cur)) Modified: stable/10/usr.sbin/pkg/config.h == --- stable/10/usr.sbin/pkg/config.h Tue Sep 15 05:19:10 2015 (r287808) +++ stable/10/usr.sbin/pkg/config.h Tue Sep 15 05:46:55 2015 (r287809) @@ -40,6 +40,7 @@ typedef enum { SIGNATURE_TYPE, FINGERPRINTS, REPOS_DIR, + PUBKEY, CONFIG_SIZE } pkg_config_key; Modified: stable/10/usr.sbin/pkg/pkg.c == --- stable/10/usr.sbin/pkg/pkg.cTue Sep 15 05:19:10 2015 (r287808) +++ stable/10/usr.sbin/pkg/pkg.cTue Sep 15 05:46:55 2015 (r287809) @@ -65,6 +65,11 @@ struct sig_cert { bool trusted; }; +struct pubkey { + unsigned char *sig; + int siglen; +}; + typedef enum { HASH_UNKNOWN, HASH_SHA256, @@ -470,6 +475,25 @@ cleanup: } static EVP_PKEY * +load_public_key_file(const char *file) +{ + EVP_PKEY *pkey; + BIO *bp; + char errbuf[1024]; + + bp = BIO_new_file(file, "r"); + if (!bp) + errx(EXIT_FAILURE, "Unable to read %s", file); + + if ((pkey = PEM_read_bio_PUBKEY(bp, NULL, NULL, NULL)) == NULL) + warnx("ici: %s", ERR_error_string(ERR_get_error(), errbuf)); + + BIO_free(bp); + + return (pkey); +} + +static EVP_PKEY * load_public_key_buf(const unsigned char *cert, int certlen) { EVP_PKEY *pkey; @@ -487,8 +511,8 @@ load_public_key_buf(const unsigned char } static bool -rsa_verify_cert(int fd, const unsigned char *key, int keylen, -unsigned char *sig, int siglen) +rsa_verify_cert(int fd, const char *sigfile, const unsigned char *key, +int keylen, unsigned char *sig, int siglen) { EVP_MD_CTX *mdctx; EVP_PKEY *pkey; @@ -500,6 +524,8 @@ rsa_verify_cert(int fd, const unsigned c mdctx = NULL; ret = false; + SSL_load_error_strings(); + /* Compute SHA256 of the package. */ if (lseek(fd, 0, 0) == -1) { warn("lseek"); @@ -510,9 +536,16 @@ rsa_verify_cert(int fd, const unsigned c goto cleanup; } - if ((pkey = load_public_key_buf(key, keylen)) == NULL) { - warnx("Error reading public key"); - goto cleanup; + if (sigfile != NULL) { + if ((pkey = load_public_key_file(sigfile)) == NULL) { + warnx("Error reading public key"); + goto cleanup; + } + } else { + if ((pkey = load_public_key_buf(key, keylen)) == NULL) { + warnx("Error reading public key"); + goto cleanup; + } } /* Verify signature of the SHA256(pkg) is valid. */ @@ -522,16 +555,16 @@ rsa_verify_cert(int fd, const unsigned c } if (EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, pkey) != 1) { - warnx("%s", ERR_error_string(ERR_get_error(), errbuf)); + warnx("la %s", ERR_error_s
svn commit: r287808 - in stable/10: sbin/ifconfig sys/net
Author: hiren Date: Tue Sep 15 05:19:10 2015 New Revision: 287808 URL: https://svnweb.freebsd.org/changeset/base/287808 Log: MFC r286700 Make LAG LACP fast timeout tunable through IOCTL. Modified: stable/10/sbin/ifconfig/ifconfig.8 stable/10/sbin/ifconfig/iflagg.c stable/10/sys/net/ieee8023ad_lacp.c stable/10/sys/net/ieee8023ad_lacp.h stable/10/sys/net/if_lagg.c stable/10/sys/net/if_lagg.h Directory Properties: stable/10/ (props changed) Modified: stable/10/sbin/ifconfig/ifconfig.8 == --- stable/10/sbin/ifconfig/ifconfig.8 Tue Sep 15 05:16:26 2015 (r287807) +++ stable/10/sbin/ifconfig/ifconfig.8 Tue Sep 15 05:19:10 2015 (r287808) @@ -2445,6 +2445,10 @@ Disable local hash computation for RSS h Set a shift parameter for RSS local hash computation. Hash is calculated by using flowid bits in a packet header mbuf which are shifted by the number of this parameter. +.It Cm lacp_fast_timeout +Enable lacp fast-timeout on the interface. +.It Cm -lacp_fast_timeout +Disable lacp fast-timeout on the interface. .El .Pp The following parameters are specific to IP tunnel interfaces, Modified: stable/10/sbin/ifconfig/iflagg.c == --- stable/10/sbin/ifconfig/iflagg.cTue Sep 15 05:16:26 2015 (r287807) +++ stable/10/sbin/ifconfig/iflagg.cTue Sep 15 05:19:10 2015 (r287808) @@ -115,6 +115,8 @@ setlaggsetopt(const char *val, int d, in case -LAGG_OPT_LACP_TXTEST: case LAGG_OPT_LACP_RXTEST: case -LAGG_OPT_LACP_RXTEST: + case LAGG_OPT_LACP_TIMEOUT: + case -LAGG_OPT_LACP_TIMEOUT: break; default: err(1, "Invalid lagg option"); @@ -293,6 +295,8 @@ static struct cmd lagg_cmds[] = { DEF_CMD("-lacp_txtest", -LAGG_OPT_LACP_TXTEST, setlaggsetopt), DEF_CMD("lacp_rxtest", LAGG_OPT_LACP_RXTEST, setlaggsetopt), DEF_CMD("-lacp_rxtest", -LAGG_OPT_LACP_RXTEST, setlaggsetopt), + DEF_CMD("lacp_fast_timeout",LAGG_OPT_LACP_TIMEOUT, setlaggsetopt), + DEF_CMD("-lacp_fast_timeout", -LAGG_OPT_LACP_TIMEOUT, setlaggsetopt), DEF_CMD_ARG("flowid_shift", setlaggflowidshift), }; static struct afswtch af_lagg = { Modified: stable/10/sys/net/ieee8023ad_lacp.c == --- stable/10/sys/net/ieee8023ad_lacp.c Tue Sep 15 05:16:26 2015 (r287807) +++ stable/10/sys/net/ieee8023ad_lacp.c Tue Sep 15 05:19:10 2015 (r287808) @@ -519,7 +519,7 @@ lacp_port_create(struct lagg_port *lgp) int error; boolean_t active = TRUE; /* XXX should be configurable */ - boolean_t fast = FALSE; /* XXX should be configurable */ + boolean_t fast = FALSE; /* Configurable via ioctl */ bzero((char *)&sdl, sizeof(sdl)); sdl.sdl_len = sizeof(sdl); Modified: stable/10/sys/net/ieee8023ad_lacp.h == --- stable/10/sys/net/ieee8023ad_lacp.h Tue Sep 15 05:16:26 2015 (r287807) +++ stable/10/sys/net/ieee8023ad_lacp.h Tue Sep 15 05:19:10 2015 (r287808) @@ -251,6 +251,7 @@ struct lacp_softc { u_int32_t lsc_tx_test; } lsc_debug; u_int32_t lsc_strict_mode; + boolean_t lsc_fast_timeout; /* if set, fast timeout */ }; #defineLACP_TYPE_ACTORINFO 1 Modified: stable/10/sys/net/if_lagg.c == --- stable/10/sys/net/if_lagg.c Tue Sep 15 05:16:26 2015(r287807) +++ stable/10/sys/net/if_lagg.c Tue Sep 15 05:19:10 2015(r287808) @@ -1081,6 +1081,8 @@ lagg_ioctl(struct ifnet *ifp, u_long cmd ro->ro_opts |= LAGG_OPT_LACP_RXTEST; if (lsc->lsc_strict_mode != 0) ro->ro_opts |= LAGG_OPT_LACP_STRICT; + if (lsc->lsc_fast_timeout != 0) + ro->ro_opts |= LAGG_OPT_LACP_TIMEOUT; ro->ro_active = sc->sc_active; } else { @@ -1116,6 +1118,8 @@ lagg_ioctl(struct ifnet *ifp, u_long cmd case -LAGG_OPT_LACP_RXTEST: case LAGG_OPT_LACP_STRICT: case -LAGG_OPT_LACP_STRICT: + case LAGG_OPT_LACP_TIMEOUT: + case -LAGG_OPT_LACP_TIMEOUT: valid = lacp = 1; break; default: @@ -1144,6 +1148,7 @@ lagg_ioctl(struct ifnet *ifp, u_long cmd sc->sc_opts &= ~ro->ro_opts; } else { struct lacp_softc *lsc; + struct lacp_port *lp; lsc = (struct lacp_softc *)sc->sc_psc; @@ -
Re: svn commit: r287782 - stable/10/sys/dev/vt
On Mon, Sep 14, 2015 at 02:42:07PM +, Aleksandr Rybalko wrote: > New Revision: 287782 > URL: https://svnweb.freebsd.org/changeset/base/287782 > > Log: > MFC: r272715 > Allow vt(4) to disable terminal bell with > `sysctl kern.vt.bell_enable=0`, similar as syscons(4) do. > [...] > +VT_SYSCTL_INT(enable_bell, 1, "Enable bell"); I think you've meant `sysctl kern.vt.enable_bell=0' in the commit log. > + if (!vt_enable_bell) > + return; > + > if (vd->vd_flags & VDF_QUIET_BELL) > return; Hm, I'm wondering why having another sysctl is required when there's already a way to shut the bell up with VDF_QUIET_BELL flag? Also, there's certain naming inconsistency between syscons(4) and vt(4). On my stable/8 laptop, I see this: $ sysctl -d hw.syscons.bell hw.syscons.bell: enable bell On my -CURRENT desktop, this: $ sysctl -d kern.vt.enable_bell kern.vt.enable_bell: Enable bell ./danfe ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287801 - in stable/10/sys: dev/xen/blkfront xen/interface/io
Author: cperciva Date: Mon Sep 14 19:35:33 2015 New Revision: 287801 URL: https://svnweb.freebsd.org/changeset/base/287801 Log: MFC r284618, r284663, r284664, r284670, r284723 Reorganization of blkfront code and updates to comments. No functional changes. Modified: stable/10/sys/dev/xen/blkfront/blkfront.c stable/10/sys/dev/xen/blkfront/block.h stable/10/sys/xen/interface/io/blkif.h Modified: stable/10/sys/dev/xen/blkfront/blkfront.c == --- stable/10/sys/dev/xen/blkfront/blkfront.c Mon Sep 14 19:32:04 2015 (r287800) +++ stable/10/sys/dev/xen/blkfront/blkfront.c Mon Sep 14 19:35:33 2015 (r287801) @@ -156,45 +156,14 @@ xbd_free_command(struct xbd_command *cm) } static void -xbd_queue_cb(void *arg, bus_dma_segment_t *segs, int nsegs, int error) +xbd_mksegarray(bus_dma_segment_t *segs, int nsegs, +grant_ref_t * gref_head, int otherend_id, int readonly, +grant_ref_t * sg_ref, blkif_request_segment_t * sg) { - struct xbd_softc *sc; - struct xbd_command *cm; - blkif_request_t *ring_req; - struct blkif_request_segment *sg; - struct blkif_request_segment *last_block_sg; - grant_ref_t *sg_ref; + struct blkif_request_segment *last_block_sg = sg + nsegs; vm_paddr_t buffer_ma; uint64_t fsect, lsect; int ref; - int op; - - cm = arg; - sc = cm->cm_sc; - - if (error) { - cm->cm_bp->bio_error = EIO; - biodone(cm->cm_bp); - xbd_free_command(cm); - return; - } - - KASSERT(nsegs <= BLKIF_MAX_SEGMENTS_PER_REQUEST, - ("Too many segments in a blkfront I/O")); - - /* Fill out a communications ring structure. */ - ring_req = RING_GET_REQUEST(&sc->xbd_ring, sc->xbd_ring.req_prod_pvt); - sc->xbd_ring.req_prod_pvt++; - ring_req->id = cm->cm_id; - ring_req->operation = cm->cm_operation; - ring_req->sector_number = cm->cm_sector_number; - ring_req->handle = (blkif_vdev_t)(uintptr_t)sc->xbd_disk; - ring_req->nr_segments = nsegs; - cm->cm_nseg = nsegs; - - sg= ring_req->seg; - last_block_sg = sg + nsegs; - sg_ref= cm->cm_sg_refs; while (sg < last_block_sg) { buffer_ma = segs->ds_addr; @@ -205,7 +174,7 @@ xbd_queue_cb(void *arg, bus_dma_segment_ "cross a page boundary")); /* install a grant reference. */ - ref = gnttab_claim_grant_reference(&cm->cm_gref_head); + ref = gnttab_claim_grant_reference(gref_head); /* * GNTTAB_LIST_END == 0x, but it is private @@ -215,9 +184,9 @@ xbd_queue_cb(void *arg, bus_dma_segment_ gnttab_grant_foreign_access_ref( ref, - xenbus_get_otherend_id(sc->xbd_dev), + otherend_id, buffer_ma >> PAGE_SHIFT, - ring_req->operation == BLKIF_OP_WRITE); + readonly); *sg_ref = ref; *sg = (struct blkif_request_segment) { @@ -229,6 +198,42 @@ xbd_queue_cb(void *arg, bus_dma_segment_ sg_ref++; segs++; } +} + +static void +xbd_queue_cb(void *arg, bus_dma_segment_t *segs, int nsegs, int error) +{ + struct xbd_softc *sc; + struct xbd_command *cm; + blkif_request_t *ring_req; + int op; + + cm = arg; + sc = cm->cm_sc; + + if (error) { + cm->cm_bp->bio_error = EIO; + biodone(cm->cm_bp); + xbd_free_command(cm); + return; + } + + KASSERT(nsegs <= BLKIF_MAX_SEGMENTS_PER_REQUEST, + ("Too many segments in a blkfront I/O")); + + /* Fill out a communications ring structure. */ + ring_req = RING_GET_REQUEST(&sc->xbd_ring, sc->xbd_ring.req_prod_pvt); + sc->xbd_ring.req_prod_pvt++; + ring_req->id = cm->cm_id; + ring_req->operation = cm->cm_operation; + ring_req->sector_number = cm->cm_sector_number; + ring_req->handle = (blkif_vdev_t)(uintptr_t)sc->xbd_disk; + ring_req->nr_segments = nsegs; + cm->cm_nseg = nsegs; + xbd_mksegarray(segs, nsegs, &cm->cm_gref_head, + xenbus_get_otherend_id(sc->xbd_dev), + cm->cm_operation == BLKIF_OP_WRITE, + cm->cm_sg_refs, ring_req->seg); if (cm->cm_operation == BLKIF_OP_READ) op = BUS_DMASYNC_PREREAD; @@ -1034,7 +1039,6 @@ xbd_initialize(struct xbd_softc *sc) const char *node_path; uint32_t max_ring_page_order; int error; - int i; if (xenbus_get_state(sc->xbd_dev) != XenbusStateInitialising) { /* Initialization has already been performed. */ @@ -1105,53 +1109,6 @@ xbd_initialize(struct xbd_softc *sc)
svn commit: r287802 - in stable/10: release/tools sys/dev/xen/blkfront sys/xen/interface/io
Author: cperciva Date: Mon Sep 14 19:37:51 2015 New Revision: 287802 URL: https://svnweb.freebsd.org/changeset/base/287802 Log: MFC r286062, r286063 Add support to blkfront for blkif indirect segment I/Os. Turn this support off by default in EC2 builds due to performance issues on some EC2 instance types. Modified: stable/10/release/tools/ec2.conf stable/10/sys/dev/xen/blkfront/blkfront.c stable/10/sys/dev/xen/blkfront/block.h stable/10/sys/xen/interface/io/blkif.h Modified: stable/10/release/tools/ec2.conf == --- stable/10/release/tools/ec2.confMon Sep 14 19:35:33 2015 (r287801) +++ stable/10/release/tools/ec2.confMon Sep 14 19:37:51 2015 (r287802) @@ -70,6 +70,11 @@ vm_extra_pre_umount() { # nodes, but apply the workaround just in case. echo 'hw.broken_txfifo="1"' >> ${DESTDIR}/boot/loader.conf + # Some EC2 instances suffer a significant (~40%) reduction in + # throughput when using blkif indirect segment I/Os. Disable this + # by default for now. + echo 'hw.xbd.xbd_enable_indirect="0"' >> ${DESTDIR}/boot/loader.conf + # The first time the AMI boots, the installed "first boot" scripts # should be allowed to run: # * ec2_configinit (download and process EC2 user-data) Modified: stable/10/sys/dev/xen/blkfront/blkfront.c == --- stable/10/sys/dev/xen/blkfront/blkfront.c Mon Sep 14 19:35:33 2015 (r287801) +++ stable/10/sys/dev/xen/blkfront/blkfront.c Mon Sep 14 19:37:51 2015 (r287802) @@ -84,6 +84,11 @@ static void xbd_startio(struct xbd_softc /* Global Static Data */ static MALLOC_DEFINE(M_XENBLOCKFRONT, "xbd", "Xen Block Front driver data"); +static int xbd_enable_indirect = 1; +SYSCTL_NODE(_hw, OID_AUTO, xbd, CTLFLAG_RD, 0, "xbd driver parameters"); +SYSCTL_INT(_hw_xbd, OID_AUTO, xbd_enable_indirect, CTLFLAG_RDTUN, +&xbd_enable_indirect, 0, "Enable xbd indirect segments"); + /* Command Processing */ static void xbd_freeze(struct xbd_softc *sc, xbd_flag_t xbd_flag) @@ -205,7 +210,6 @@ xbd_queue_cb(void *arg, bus_dma_segment_ { struct xbd_softc *sc; struct xbd_command *cm; - blkif_request_t *ring_req; int op; cm = arg; @@ -218,22 +222,47 @@ xbd_queue_cb(void *arg, bus_dma_segment_ return; } - KASSERT(nsegs <= BLKIF_MAX_SEGMENTS_PER_REQUEST, + KASSERT(nsegs <= sc->xbd_max_request_segments, ("Too many segments in a blkfront I/O")); - /* Fill out a communications ring structure. */ - ring_req = RING_GET_REQUEST(&sc->xbd_ring, sc->xbd_ring.req_prod_pvt); - sc->xbd_ring.req_prod_pvt++; - ring_req->id = cm->cm_id; - ring_req->operation = cm->cm_operation; - ring_req->sector_number = cm->cm_sector_number; - ring_req->handle = (blkif_vdev_t)(uintptr_t)sc->xbd_disk; - ring_req->nr_segments = nsegs; - cm->cm_nseg = nsegs; - xbd_mksegarray(segs, nsegs, &cm->cm_gref_head, - xenbus_get_otherend_id(sc->xbd_dev), - cm->cm_operation == BLKIF_OP_WRITE, - cm->cm_sg_refs, ring_req->seg); + if (nsegs <= BLKIF_MAX_SEGMENTS_PER_REQUEST) { + blkif_request_t *ring_req; + + /* Fill out a blkif_request_t structure. */ + ring_req = (blkif_request_t *) + RING_GET_REQUEST(&sc->xbd_ring, sc->xbd_ring.req_prod_pvt); + sc->xbd_ring.req_prod_pvt++; + ring_req->id = cm->cm_id; + ring_req->operation = cm->cm_operation; + ring_req->sector_number = cm->cm_sector_number; + ring_req->handle = (blkif_vdev_t)(uintptr_t)sc->xbd_disk; + ring_req->nr_segments = nsegs; + cm->cm_nseg = nsegs; + xbd_mksegarray(segs, nsegs, &cm->cm_gref_head, + xenbus_get_otherend_id(sc->xbd_dev), + cm->cm_operation == BLKIF_OP_WRITE, + cm->cm_sg_refs, ring_req->seg); + } else { + blkif_request_indirect_t *ring_req; + + /* Fill out a blkif_request_indirect_t structure. */ + ring_req = (blkif_request_indirect_t *) + RING_GET_REQUEST(&sc->xbd_ring, sc->xbd_ring.req_prod_pvt); + sc->xbd_ring.req_prod_pvt++; + ring_req->id = cm->cm_id; + ring_req->operation = BLKIF_OP_INDIRECT; + ring_req->indirect_op = cm->cm_operation; + ring_req->sector_number = cm->cm_sector_number; + ring_req->handle = (blkif_vdev_t)(uintptr_t)sc->xbd_disk; + ring_req->nr_segments = nsegs; + cm->cm_nseg = nsegs; +
svn commit: r287800 - stable/10/sys/dev/xen/blkfront
Author: cperciva Date: Mon Sep 14 19:32:04 2015 New Revision: 287800 URL: https://svnweb.freebsd.org/changeset/base/287800 Log: MFC r284615, r284662 Code cleanup; fix an error code; add a KASSERT. Modified: stable/10/sys/dev/xen/blkfront/blkfront.c Modified: stable/10/sys/dev/xen/blkfront/blkfront.c == --- stable/10/sys/dev/xen/blkfront/blkfront.c Mon Sep 14 19:23:00 2015 (r287799) +++ stable/10/sys/dev/xen/blkfront/blkfront.c Mon Sep 14 19:32:04 2015 (r287800) @@ -168,7 +168,6 @@ xbd_queue_cb(void *arg, bus_dma_segment_ uint64_t fsect, lsect; int ref; int op; - int block_segs; cm = arg; sc = cm->cm_sc; @@ -180,6 +179,9 @@ xbd_queue_cb(void *arg, bus_dma_segment_ return; } + KASSERT(nsegs <= BLKIF_MAX_SEGMENTS_PER_REQUEST, + ("Too many segments in a blkfront I/O")); + /* Fill out a communications ring structure. */ ring_req = RING_GET_REQUEST(&sc->xbd_ring, sc->xbd_ring.req_prod_pvt); sc->xbd_ring.req_prod_pvt++; @@ -190,9 +192,8 @@ xbd_queue_cb(void *arg, bus_dma_segment_ ring_req->nr_segments = nsegs; cm->cm_nseg = nsegs; - block_segs= MIN(nsegs, BLKIF_MAX_SEGMENTS_PER_REQUEST); sg= ring_req->seg; - last_block_sg = sg + block_segs; + last_block_sg = sg + nsegs; sg_ref= cm->cm_sg_refs; while (sg < last_block_sg) { @@ -227,7 +228,6 @@ xbd_queue_cb(void *arg, bus_dma_segment_ sg++; sg_ref++; segs++; - nsegs--; } if (cm->cm_operation == BLKIF_OP_READ) @@ -1130,7 +1130,7 @@ xbd_initialize(struct xbd_softc *sc) M_XENBLOCKFRONT, M_NOWAIT|M_ZERO); if (sc->xbd_shadow == NULL) { bus_dma_tag_destroy(sc->xbd_io_dmat); - xenbus_dev_fatal(sc->xbd_dev, error, + xenbus_dev_fatal(sc->xbd_dev, ENOMEM, "Cannot allocate request structures\n"); return; } ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287795 - stable/10/usr.bin/tftp
Author: delphij Date: Mon Sep 14 18:57:50 2015 New Revision: 287795 URL: https://svnweb.freebsd.org/changeset/base/287795 Log: MFC r287320: - uri is expected to be nul-terminated (strchr used later), so use strlcpy instead of strncpy. - replace the other two cases of strncpy+\0 with strlcpy. Modified: stable/10/usr.bin/tftp/main.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.bin/tftp/main.c == --- stable/10/usr.bin/tftp/main.c Mon Sep 14 18:52:41 2015 (r287794) +++ stable/10/usr.bin/tftp/main.c Mon Sep 14 18:57:50 2015 (r287795) @@ -223,7 +223,7 @@ urihandling(char *URI) charline[MAXLINE]; int i; - strncpy(uri, URI, ARG_MAX); + strlcpy(uri, URI, ARG_MAX); host = uri + 7; if ((s = strchr(host, '/')) == NULL) { @@ -320,11 +320,10 @@ setpeer0(char *host, const char *lport) /* res->ai_addr <= sizeof(peeraddr) is guaranteed */ memcpy(&peer_sock, res->ai_addr, res->ai_addrlen); if (res->ai_canonname) { - (void) strncpy(hostname, res->ai_canonname, + (void) strlcpy(hostname, res->ai_canonname, sizeof(hostname)); } else - (void) strncpy(hostname, host, sizeof(hostname)); - hostname[sizeof(hostname)-1] = 0; + (void) strlcpy(hostname, host, sizeof(hostname)); connected = 1; } ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287794 - stable/10/usr.bin/iconv
Author: delphij Date: Mon Sep 14 18:52:41 2015 New Revision: 287794 URL: https://svnweb.freebsd.org/changeset/base/287794 Log: MFC r287319: Constify opt_f and opt_t and eliminate unneeded copying. This fixes memory leaks. Reported by: clang static analyzer Modified: stable/10/usr.bin/iconv/iconv.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.bin/iconv/iconv.c == --- stable/10/usr.bin/iconv/iconv.c Mon Sep 14 18:44:13 2015 (r287793) +++ stable/10/usr.bin/iconv/iconv.c Mon Sep 14 18:52:41 2015 (r287794) @@ -156,11 +156,11 @@ int main(int argc, char **argv) { FILE *fp; - char *opt_f, *opt_t; + const char *opt_f, *opt_t; int ch, i, res; bool opt_c = false, opt_s = false; - opt_f = opt_t = strdup(""); + opt_f = opt_t = ""; setlocale(LC_ALL, ""); setprogname(argv[0]); @@ -186,12 +186,12 @@ main(int argc, char **argv) case 'f': /* from */ if (optarg != NULL) - opt_f = strdup(optarg); + opt_f = optarg; break; case 't': /* to */ if (optarg != NULL) - opt_t = strdup(optarg); + opt_t = optarg; break; default: usage(); ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287792 - stable/10/lib/libgeom
Author: delphij Date: Mon Sep 14 18:05:27 2015 New Revision: 287792 URL: https://svnweb.freebsd.org/changeset/base/287792 Log: MFC r287247: Plug memory leaks when running out of memory. Reported by: clang scan-build Modified: stable/10/lib/libgeom/geom_xml2tree.c Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libgeom/geom_xml2tree.c == --- stable/10/lib/libgeom/geom_xml2tree.c Mon Sep 14 17:57:01 2015 (r287791) +++ stable/10/lib/libgeom/geom_xml2tree.c Mon Sep 14 18:05:27 2015 (r287792) @@ -275,15 +275,17 @@ EndElement(void *userData, const char *n XML_StopParser(mt->parser, 0); warn("Cannot allocate memory during processing of '%s' " "element", name); + free(p); return; } gc->lg_name = strdup(name); if (gc->lg_name == NULL) { - free(gc); mt->error = errno; XML_StopParser(mt->parser, 0); warn("Cannot allocate memory during processing of '%s' " "element", name); + free(gc); + free(p); return; } gc->lg_val = p; ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287791 - stable/10/bin/rm
Author: delphij Date: Mon Sep 14 17:57:01 2015 New Revision: 287791 URL: https://svnweb.freebsd.org/changeset/base/287791 Log: MFC r287237: Respect locale settings. Modified: stable/10/bin/rm/rm.c Directory Properties: stable/10/ (props changed) Modified: stable/10/bin/rm/rm.c == --- stable/10/bin/rm/rm.c Mon Sep 14 17:40:57 2015(r287790) +++ stable/10/bin/rm/rm.c Mon Sep 14 17:57:01 2015(r287791) @@ -50,6 +50,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -86,6 +87,8 @@ main(int argc, char *argv[]) int ch; char *p; + (void)setlocale(LC_ALL, ""); + /* * Test for the special case where the utility is called as * "unlink", for which the functionality provided is greatly ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287790 - stable/10/bin/df
Author: delphij Date: Mon Sep 14 17:40:57 2015 New Revision: 287790 URL: https://svnweb.freebsd.org/changeset/base/287790 Log: MFC r287236: Use exit() instead of return in main(). The difference in practice is subtle: C standard requires the language runtime to make return of int from main() behave like calling exit(), and in FreeBSD we do: exit(main(argc, argv, env)) In lib/csu/${ARCH}/crt1.c, so the real difference is using exit() explicitly would use an additional stack frame. Note however, if there is a on stack pointer is the last reference of an allocated memory block, returning from the function would, technically, result in a memory leak because we lost the last reference to the memory block, and calling exit() from C runtime could potentionally overwrite that stack frame that used to belong to the main() function. In practice, this is normally Okay because eventually the kernel would tear down the whole address space that belongs to the process in the _exit(2) system call, but the difference could confuse compilers (which may want to do stack overflow checks) and static analyzers. Replacing return with exit() in main() allows compilers/static analyzers to correctly omit or generate the right warnings when they do not treat main() specifically. With the current version of clang on FreeBSD/amd64, use of exit() would result in slightly smaller code being generated and eliminated a false positive warning of memory leak. Modified: stable/10/bin/df/df.c Directory Properties: stable/10/ (props changed) Modified: stable/10/bin/df/df.c == --- stable/10/bin/df/df.c Mon Sep 14 16:48:19 2015(r287789) +++ stable/10/bin/df/df.c Mon Sep 14 17:40:57 2015(r287790) @@ -296,7 +296,7 @@ main(int argc, char *argv[]) prtstat(&mntbuf[i], &maxwidths); if (cflag) prtstat(&totalbuf, &maxwidths); - return (rv); + exit(rv); } static char * ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287782 - stable/10/sys/dev/vt
Author: ray Date: Mon Sep 14 14:42:06 2015 New Revision: 287782 URL: https://svnweb.freebsd.org/changeset/base/287782 Log: MFC: r272715 Allow vt(4) to disable terminal bell with `sysctl kern.vt.bell_enable=0`, similar as syscons(4) do. Submitted by: Tiwei Bie Sponsored by: The FreeBSD Foundation Modified: stable/10/sys/dev/vt/vt_core.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/vt/vt_core.c == --- stable/10/sys/dev/vt/vt_core.c Mon Sep 14 12:25:45 2015 (r287781) +++ stable/10/sys/dev/vt/vt_core.c Mon Sep 14 14:42:06 2015 (r287782) @@ -121,6 +121,7 @@ const struct terminal_class vt_termclass static SYSCTL_NODE(_kern, OID_AUTO, vt, CTLFLAG_RD, 0, "vt(9) parameters"); VT_SYSCTL_INT(enable_altgr, 1, "Enable AltGr key (Do not assume R.Alt as Alt)"); +VT_SYSCTL_INT(enable_bell, 1, "Enable bell"); VT_SYSCTL_INT(debug, 0, "vt(9) debug level"); VT_SYSCTL_INT(deadtimer, 15, "Time to wait busy process in VT_PROCESS mode"); VT_SYSCTL_INT(suspendswitch, 1, "Switch to VT0 before suspend"); @@ -935,6 +936,9 @@ vtterm_bell(struct terminal *tm) struct vt_window *vw = tm->tm_softc; struct vt_device *vd = vw->vw_device; + if (!vt_enable_bell) + return; + if (vd->vd_flags & VDF_QUIET_BELL) return; @@ -946,6 +950,9 @@ vtterm_beep(struct terminal *tm, u_int p { u_int freq, period; + if (!vt_enable_bell) + return; + if ((param == 0) || ((param & 0x) == 0)) { vtterm_bell(tm); return; ___ svn-src-stable-10@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10 To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
svn commit: r287776 - stable/10/sys/teken
Author: ed Date: Mon Sep 14 09:12:28 2015 New Revision: 287776 URL: https://svnweb.freebsd.org/changeset/base/287776 Log: MFC r286798 and r286827: Stop parsing digits if the value already exceeds UINT_MAX / 100. There is no need for us to support parsing values that are larger than the maximum terminal window size. In this case that would be the maximum of unsigned short. The problem with parsing larger values is that they can cause integer overflows when adjusting the cursor position, leading to all sorts of failing assertions. MFC r286981 and r287098: Don't truncate cursor arithmetic to 16 bits. When updating the row number when the cursor position escape sequence is issued, we should make sure to store the intermediate result in a 32-bit integer. If we fail to do this, the cursor may be set above the origin region, which is bad. This could cause libteken to crash when INVARIANTS is enabled, due to the strict set of assertions that libteken has. PR: 202326, 202540, 202612 Submitted by: kwcu csie org Modified: stable/10/sys/teken/teken.c stable/10/sys/teken/teken_subr.h Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/teken/teken.c == --- stable/10/sys/teken/teken.c Mon Sep 14 08:36:22 2015(r287775) +++ stable/10/sys/teken/teken.c Mon Sep 14 09:12:28 2015(r287776) @@ -29,12 +29,14 @@ #include #if defined(__FreeBSD__) && defined(_KERNEL) #include +#include #include #include #defineteken_assert(x) MPASS(x) #else /* !(__FreeBSD__ && _KERNEL) */ #include #include +#include #include #include #include @@ -405,18 +407,24 @@ teken_state_numbers(teken_t *t, teken_ch teken_assert(t->t_curnum < T_NUMSIZE); if (c >= '0' && c <= '9') { - /* -* Don't do math with the default value of 1 when a -* custom number is inserted. -*/ if (t->t_stateflags & TS_FIRSTDIGIT) { + /* First digit. */ t->t_stateflags &= ~TS_FIRSTDIGIT; - t->t_nums[t->t_curnum] = 0; - } else { - t->t_nums[t->t_curnum] *= 10; + t->t_nums[t->t_curnum] = c - '0'; + } else if (t->t_nums[t->t_curnum] < UINT_MAX / 100) { + /* +* There is no need to continue parsing input +* once the value exceeds the size of the +* terminal. It would only allow for integer +* overflows when performing arithmetic on the +* cursor position. +* +* Ignore any further digits if the value is +* already UINT_MAX / 100. +*/ + t->t_nums[t->t_curnum] = + t->t_nums[t->t_curnum] * 10 + c - '0'; } - - t->t_nums[t->t_curnum] += c - '0'; return (1); } else if (c == ';') { if (t->t_stateflags & TS_FIRSTDIGIT) Modified: stable/10/sys/teken/teken_subr.h == --- stable/10/sys/teken/teken_subr.hMon Sep 14 08:36:22 2015 (r287775) +++ stable/10/sys/teken/teken_subr.hMon Sep 14 09:12:28 2015 (r287776) @@ -324,13 +324,13 @@ static void teken_subr_cursor_position(teken_t *t, unsigned int row, unsigned int col) { - t->t_cursor.tp_row = t->t_originreg.ts_begin + row - 1; - if (t->t_cursor.tp_row >= t->t_originreg.ts_end) - t->t_cursor.tp_row = t->t_originreg.ts_end - 1; - - t->t_cursor.tp_col = col - 1; - if (t->t_cursor.tp_col >= t->t_winsize.tp_col) - t->t_cursor.tp_col = t->t_winsize.tp_col - 1; + row = row - 1 + t->t_originreg.ts_begin; + t->t_cursor.tp_row = row < t->t_originreg.ts_end ? + row : t->t_originreg.ts_end - 1; + + col--; + t->t_cursor.tp_col = col < t->t_winsize.tp_col ? + col : t->t_winsize.tp_col - 1; t->t_stateflags &= ~TS_WRAPPED; teken_funcs_cursor(t); @@ -583,9 +583,9 @@ static void teken_subr_horizontal_position_absolute(teken_t *t, unsigned int col) { - t->t_cursor.tp_col = col - 1; - if (t->t_cursor.tp_col >= t->t_winsize.tp_col) - t->t_cursor.tp_col = t->t_winsize.tp_col - 1; + col--; + t->t_cursor.tp_col = col < t->t_winsize.tp_col ? + col : t->t_winsize.tp_col - 1; t->t_stateflags &= ~TS_WRAPPED; teken_funcs_cursor(t); @@ -1297,9 +1297,9 @@ static void teken_subr_vertical_position_absolute(teken_t *t, unsigned int row) { - t->t_cursor.tp_row