Author: pjd
Date: Sat Apr 25 21:45:31 2020
New Revision: 360325
URL: https://svnweb.freebsd.org/changeset/base/360325
Log:
Avoid the GEOM topology lock recursion when we automatically expand a pool.
The steps to reproduce the problem:
mdconfig -a -t swap -s 3g -u 0
gpart
Author: pjd
Date: Sat Apr 25 21:41:09 2020
New Revision: 360323
URL: https://svnweb.freebsd.org/changeset/base/360323
Log:
Add g_topology_locked() macro that returns true if we already hold the GEOM
topology lock.
Modified:
head/sys/geom/geom.h
Modified: head/sys/geom/geom.h
==
Author: pjd
Date: Sat Feb 1 10:15:23 2020
New Revision: 357363
URL: https://svnweb.freebsd.org/changeset/base/357363
Log:
The error variable is not really needed. Remove it.
Modified:
head/sys/geom/geom_disk.c
Modified: head/sys/geom/geom_disk.c
=
On 1/30/20 14:47, Jilles Tjoelker wrote:
> On 26-01-2020 11:49, Pawel Jakub Dawidek wrote:
>> Author: pjd
>> Date: Sun Jan 26 10:49:24 2020
>> New Revision: 357138
>> URL: https://svnweb.freebsd.org/changeset/base/357138
>>
>> Log:
>> - Be consiste
Author: pjd
Date: Sat Feb 1 09:13:11 2020
New Revision: 357362
URL: https://svnweb.freebsd.org/changeset/base/357362
Log:
Restore previous usage presentation (without "pwait: " prefix).
Pointed out by: jilles
Modified:
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.c
=
Author: pjd
Date: Sun Jan 26 11:13:34 2020
New Revision: 357143
URL: https://svnweb.freebsd.org/changeset/base/357143
Log:
Style changes, mostly usage of braces around single line statements -
it is safer and allowed for some time now by style(9).
Sponsored by: Fudo Security
Modified:
Author: pjd
Date: Sun Jan 26 11:03:45 2020
New Revision: 357142
URL: https://svnweb.freebsd.org/changeset/base/357142
Log:
Implement tests for the newly added -o flag.
Sponsored by: Fudo Security
Modified:
head/bin/pwait/tests/pwait_test.sh
Modified: head/bin/pwait/tests/pwait_test.sh
=
Author: pjd
Date: Sun Jan 26 11:02:51 2020
New Revision: 357141
URL: https://svnweb.freebsd.org/changeset/base/357141
Log:
Implement -o flag which tells pwait(1) to exit if any of the given processes
has terminated.
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.1
head/bi
Author: pjd
Date: Sun Jan 26 10:54:16 2020
New Revision: 357140
URL: https://svnweb.freebsd.org/changeset/base/357140
Log:
Don't setup a timeout if we are exiting.
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.c
=
Author: pjd
Date: Sun Jan 26 10:51:57 2020
New Revision: 357139
URL: https://svnweb.freebsd.org/changeset/base/357139
Log:
Check for duplicated PID without using additional variable.
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.c
Modified: head/bin/pwait/pwait.c
==
Author: pjd
Date: Sun Jan 26 10:49:24 2020
New Revision: 357138
URL: https://svnweb.freebsd.org/changeset/base/357138
Log:
- Be consistent with using sysexits(3) codes.
- Turn fprintf()+exit() into errx().
Sponsored by: Fudo Security
Modified:
head/bin/pwait/pwait.c
Modified: head/bin
Author: pjd
Date: Thu Apr 4 00:05:36 2019
New Revision: 345864
URL: https://svnweb.freebsd.org/changeset/base/345864
Log:
Implement tests for online expansion:
- init, init -R
- onetime, onetime -R
- 512 and 4k sectors
- encryption only
- encryption and authentication
- configure -r
Author: pjd
Date: Wed Apr 3 23:58:58 2019
New Revision: 345863
URL: https://svnweb.freebsd.org/changeset/base/345863
Log:
Update configure tests after addition of the online expansion.
Obtained from:Fudo Security
Modified:
head/tests/sys/geom/class/eli/configure_test.sh
Modifie
Author: pjd
Date: Wed Apr 3 23:50:52 2019
New Revision: 345861
URL: https://svnweb.freebsd.org/changeset/base/345861
Log:
- Add missing -T (notrim) option to the label subcommand.
- Add missing -T option in the onetime subcommand comment.
Obtained from:Fudo Security
Modified:
pr 3 23:50:52 2019(r345861)
+++ head/lib/geom/eli/geli.8Wed Apr 3 23:57:37 2019(r345862)
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2005-2011 Pawel Jakub Dawidek
+.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek
.\" All rights reserved.
.\"
.\" Redistributio
Author: pjd
Date: Sat Mar 30 07:20:28 2019
New Revision: 345726
URL: https://svnweb.freebsd.org/changeset/base/345726
Log:
Implement support for online disk capacity changes.
Obtained from:Fudo Security
Tested in:AWS
Modified:
head/sys/dev/xen/blkfront/blkfront.c
Modified:
Author: pjd
Date: Sat Mar 30 07:29:20 2019
New Revision: 345728
URL: https://svnweb.freebsd.org/changeset/base/345728
Log:
If the autoexpand pool property is turned on and vdev is healthy try to
expand the pool automatically when we detect underlying GEOM provider
size change.
Obtained
Author: pjd
Date: Sat Mar 30 07:24:34 2019
New Revision: 345727
URL: https://svnweb.freebsd.org/changeset/base/345727
Log:
Introduce new event SIZECHANGE within GEOM system to inform about GEOM
providers mediasize changes.
While here, use GEOM nomenclature to describe providers instead of
Author: pjd
Date: Thu Apr 4 00:05:36 2019
New Revision: 345864
URL: https://svnweb.freebsd.org/changeset/base/345864
Log:
Implement tests for online expansion:
- init, init -R
- onetime, onetime -R
- 512 and 4k sectors
- encryption only
- encryption and authentication
- configure -r
Author: pjd
Date: Wed Apr 3 23:58:58 2019
New Revision: 345863
URL: https://svnweb.freebsd.org/changeset/base/345863
Log:
Update configure tests after addition of the online expansion.
Obtained from:Fudo Security
Modified:
head/tests/sys/geom/class/eli/configure_test.sh
Modifie
pr 3 23:50:52 2019(r345861)
+++ head/lib/geom/eli/geli.8Wed Apr 3 23:57:37 2019(r345862)
@@ -1,4 +1,4 @@
-.\" Copyright (c) 2005-2011 Pawel Jakub Dawidek
+.\" Copyright (c) 2005-2019 Pawel Jakub Dawidek
.\" All rights reserved.
.\"
.\" Redistributio
Author: pjd
Date: Wed Apr 3 23:50:52 2019
New Revision: 345861
URL: https://svnweb.freebsd.org/changeset/base/345861
Log:
- Add missing -T (notrim) option to the label subcommand.
- Add missing -T option in the onetime subcommand comment.
Obtained from:Fudo Security
Modified:
Author: pjd
Date: Sat Mar 30 07:29:20 2019
New Revision: 345728
URL: https://svnweb.freebsd.org/changeset/base/345728
Log:
If the autoexpand pool property is turned on and vdev is healthy try to
expand the pool automatically when we detect underlying GEOM provider
size change.
Obtained
Author: pjd
Date: Sat Mar 30 07:24:34 2019
New Revision: 345727
URL: https://svnweb.freebsd.org/changeset/base/345727
Log:
Introduce new event SIZECHANGE within GEOM system to inform about GEOM
providers mediasize changes.
While here, use GEOM nomenclature to describe providers instead of
Author: pjd
Date: Sat Mar 30 07:20:28 2019
New Revision: 345726
URL: https://svnweb.freebsd.org/changeset/base/345726
Log:
Implement support for online disk capacity changes.
Obtained from:Fudo Security
Tested in:AWS
Modified:
head/sys/dev/xen/blkfront/blkfront.c
Modified:
Author: pjd
Date: Fri Mar 1 05:54:13 2019
New Revision: 344690
URL: https://svnweb.freebsd.org/changeset/base/344690
Log:
Improve readability of the code by making it explicit where the 'c' variable
starts. It is also more consistent with similar code in this file.
Modified:
head/sys/cddl/
Author: pjd
Date: Wed Feb 20 00:25:45 2019
New Revision: 344325
URL: https://svnweb.freebsd.org/changeset/base/344325
Log:
Simplify the code. No functional changes.
Reviewed by: rpokala
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
Modified: head/sys/cddl/c
Author: pjd
Date: Tue Feb 19 23:53:33 2019
New Revision: 344320
URL: https://svnweb.freebsd.org/changeset/base/344320
Log:
Simplify the code.
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c
Author: pjd
Date: Tue Feb 19 23:44:00 2019
New Revision: 344319
URL: https://svnweb.freebsd.org/changeset/base/344319
Log:
Correct typo in the comment.
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vde
Author: pjd
Date: Tue Feb 19 23:43:15 2019
New Revision: 344318
URL: https://svnweb.freebsd.org/changeset/base/344318
Log:
Change assertion to log the incorrect io_type we've got.
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
Modified: head/sys/cddl/contrib/opens
Author: pjd
Date: Tue Feb 19 23:41:23 2019
New Revision: 344317
URL: https://svnweb.freebsd.org/changeset/base/344317
Log:
Grabage-collect no longer used variable.
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_raidz.c
Modified: head/sys/cddl/contrib/opensolaris/uts/commo
Author: pjd
Date: Tue Feb 19 23:35:55 2019
New Revision: 344316
URL: https://svnweb.freebsd.org/changeset/base/344316
Log:
The way ZFS searches for its vdevs is the following: first it looks for
a vdev that has the same name as the one stored in metadata and that has
all VDEV labels in place
Author: pjd
Date: Tue Feb 19 23:22:39 2019
New Revision: 344314
URL: https://svnweb.freebsd.org/changeset/base/344314
Log:
In the vdev_geom_open_by_path() function we assume that vdev path starts
with "/dev/". Make sure this is the case.
Modified:
head/sys/cddl/contrib/opensolaris/uts/commo
Author: pjd
Date: Wed Jan 9 01:16:35 2019
New Revision: 342873
URL: https://svnweb.freebsd.org/changeset/base/342873
Log:
In r316006 the getstrfromtype_locked() function was modified to return
an empty string, instead of NULL, if an entry is missing in the audit_control
file. Because of tha
Author: pjd
Date: Fri Dec 7 03:13:36 2018
New Revision: 341675
URL: https://svnweb.freebsd.org/changeset/base/341675
Log:
Consider the following situation:
The sender has .not_terminated file. It gets disconnected. The last trail
file is then terminated without adding new data (this can hap
Author: pjd
Date: Thu Oct 4 05:57:27 2018
New Revision: 339178
URL: https://svnweb.freebsd.org/changeset/base/339178
Log:
Remove invalid comments and correct some typos.
Approved by: re (kib)
Modified:
head/contrib/openbsm/bin/auditdistd/receiver.c
head/contrib/openbsm/bin/auditdistd
Author: pjd
Date: Thu Oct 4 05:54:57 2018
New Revision: 339177
URL: https://svnweb.freebsd.org/changeset/base/339177
Log:
When the adist_free list is empty and we lose connection to the receiver we
move all elements from the adist_send and adist_recv lists back onto the
adist_free list, but
Author: pjd
Date: Thu Oct 4 05:48:09 2018
New Revision: 339176
URL: https://svnweb.freebsd.org/changeset/base/339176
Log:
When we look for a new trail file there might be a race between find trail
file name and opening it. This race was not properly handled, because we were
copying new name
Author: pjd
Date: Wed Dec 16 01:05:50 2015
New Revision: 292310
URL: https://svnweb.freebsd.org/changeset/base/292310
Log:
Keep maintainance of GELI and make it clear which directories I'm interested
in.
Modified:
head/MAINTAINERS
Modified: head/MAINTAINERS
=
Author: pjd
Date: Sun Oct 25 18:48:09 2015
New Revision: 289941
URL: https://svnweb.freebsd.org/changeset/base/289941
Log:
The aio_waitcomplete(2) syscall should not sleep when the given timeout
is 0. Without this change it was sleeping for one tick. Maybe not a big
deal, but it makes share/
==
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/share/dtrace/blocking Sun Oct 4 00:40:12 2015(r288644)
@@ -0,0 +1,57 @@
+#!/usr/sbin/dtrace -s
+/*-
+ * Copyright (c) 2015 Pawel Jakub Dawidek
+ * All rights reserved.
+ *
+ * Redistribution and use in
Author: pjd
Date: Sat Aug 8 09:57:38 2015
New Revision: 286445
URL: https://svnweb.freebsd.org/changeset/base/286445
Log:
Allow to disable BIO_DELETE passthru in fstab for swap-on-geli devices by
passing 'notrim' option.
PR: 198863
Submitted by: Matthew D. Fuller fullermd at
Author: pjd
Date: Sat Aug 8 09:51:38 2015
New Revision: 286444
URL: https://svnweb.freebsd.org/changeset/base/286444
Log:
Enable BIO_DELETE passthru in GELI, so TRIM/UNMAP can work as expected when
GELI is used on a SSD or inside virtual machine, so that guest can tell
host that it is no lo
Author: pjd
Date: Thu Aug 6 17:13:34 2015
New Revision: 286373
URL: https://svnweb.freebsd.org/changeset/base/286373
Log:
After crypto_dispatch() bio might be already delivered and destroyed,
so we cannot access it anymore. Setting an error later lead to memory
corruption.
Assert that
olve the problem in the next day or I will revert the
> change.
FYI, I'm hitting this deadlock on my laptop. Reverting the change fixes
the problem.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.or
Author: pjd
Date: Fri Jul 10 19:27:19 2015
New Revision: 285363
URL: https://svnweb.freebsd.org/changeset/base/285363
Log:
Spoil even can happen for some time now even on providers opened exclusively
(on the media change event). Update GELI to handle that situation.
PR: 201185
Author: pjd
Date: Thu Jul 2 10:57:34 2015
New Revision: 285024
URL: https://svnweb.freebsd.org/changeset/base/285024
Log:
Properly propagate errors in metadata reading.
PR: 198860
Submitted by: Matthew D. Fuller
Modified:
head/sys/geom/eli/g_eli.c
Modified: head/sys/geom/el
Author: pjd
Date: Thu Jul 2 10:55:32 2015
New Revision: 285023
URL: https://svnweb.freebsd.org/changeset/base/285023
Log:
Allow to omit keyfile number for the first keyfile.
Modified:
head/sbin/geom/class/eli/geli.8
head/sys/geom/eli/g_eli.c
Modified: head/sbin/geom/class/eli/geli.8
=
Author: pjd
Date: Fri Jan 30 13:03:36 2015
New Revision: 277927
URL: https://svnweb.freebsd.org/changeset/base/277927
Log:
Make gcc happy.
Reported by: bz
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
===
Author: pjd
Date: Fri Jan 30 12:57:35 2015
New Revision: 277926
URL: https://svnweb.freebsd.org/changeset/base/277926
Log:
Add missing nvlist_get_parent(3) link.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/Makefile
Modified: head/lib/libnv/Makefile
=
Author: pjd
Date: Fri Jan 30 12:31:29 2015
New Revision: 277925
URL: https://svnweb.freebsd.org/changeset/base/277925
Log:
Handle empty nvlists correctly.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
Author: pjd
Date: Fri Jan 30 10:08:38 2015
New Revision: 277921
URL: https://svnweb.freebsd.org/changeset/base/277921
Log:
Modify nvlist_get_parent() API to take additional cookie argument.
This allow for non-recursive iteration over nested nvlists, as in documented
example.
Submitted b
Author: pjd
Date: Fri Jan 30 09:44:29 2015
New Revision: 277920
URL: https://svnweb.freebsd.org/changeset/base/277920
Log:
If moving descriptor or binary data to an nvlist fails, we need to close the
descriptor or free the memory before returning.
Submitted by: Mariusz Zaborski
Whil
Author: pjd
Date: Tue Nov 11 04:48:09 2014
New Revision: 274366
URL: https://svnweb.freebsd.org/changeset/base/274366
Log:
Add missing privilege check when setting the dump device. Before that change
it
was possible for a regular user to setup the dump device if he had write
access
to the
Author: pjd
Date: Thu Oct 9 20:55:05 2014
New Revision: 272843
URL: https://svnweb.freebsd.org/changeset/base/272843
Log:
Fix problem on big endian systems introduced in r271579 - when we were
returning from handling a nested nvlist we were resetting big-endian flag.
Reported by: Kulesh
Author: pjd
Date: Tue Sep 30 12:00:50 2014
New Revision: 272298
URL: http://svnweb.freebsd.org/changeset/base/272298
Log:
Be prepared that set_dumper() might fail even when resetting it or prefix
the call with (void) to document that we intentionally ignore the return
value - no way to handl
Author: pjd
Date: Tue Sep 30 11:51:32 2014
New Revision: 272297
URL: http://svnweb.freebsd.org/changeset/base/272297
Log:
Style fixes.
Modified:
head/sys/geom/geom_dev.c
Modified: head/sys/geom/geom_dev.c
==
--- head
led to
> /lib , not /usr/lib
Don't forget to add /usr/lib/libnv* to ObsoleteFiles.inc.
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am!
Author: pjd
Date: Thu Sep 25 10:59:01 2014
New Revision: 272102
URL: http://svnweb.freebsd.org/changeset/base/272102
Log:
Document the new nvlist_get_parent() function.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/nv.3
Modified: head/lib/libnv/nv.3
===
Author: pjd
Date: Thu Sep 18 22:34:52 2014
New Revision: 271847
URL: http://svnweb.freebsd.org/changeset/base/271847
Log:
Don't use nvl in case of a failure.
Reported by: Coverity
CID: 1238922
Modified:
head/lib/libnv/nvpair.c
Modified: head/lib/libnv/nvpair.c
==
Author: pjd
Date: Sun Sep 14 09:30:09 2014
New Revision: 271579
URL: http://svnweb.freebsd.org/changeset/base/271579
Log:
Use non-recursive algorithm for traversing nvlists. This also removes
the limit on number of nested nvlists.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv
Author: pjd
Date: Sun Sep 14 09:27:12 2014
New Revision: 271578
URL: http://svnweb.freebsd.org/changeset/base/271578
Log:
Remove the limit on descriptors that can be send in one nvlist.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/msgio.c
Modified: head/lib/libnv/msgio.c
Author: pjd
Date: Sun Sep 14 09:26:33 2014
New Revision: 271577
URL: http://svnweb.freebsd.org/changeset/base/271577
Log:
Fix descriptors leak.
PR: bin/191002
Reported by: Ryan Steinmetz
Submitted by: mjg
Modified:
head/contrib/openbsm/bin/auditdistd/subr.c
Modified: head
Author: pjd
Date: Wed Sep 3 15:06:47 2014
New Revision: 271027
URL: http://svnweb.freebsd.org/changeset/base/271027
Log:
Declare i.
Reported by: sbruno
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
=
Author: pjd
Date: Wed Sep 3 15:08:33 2014
New Revision: 271028
URL: http://svnweb.freebsd.org/changeset/base/271028
Log:
Use better type for i.
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
==
Author: pjd
Date: Wed Sep 3 14:44:23 2014
New Revision: 271026
URL: http://svnweb.freebsd.org/changeset/base/271026
Log:
Fix descriptors leak in case of nvlist_xunpack() failure.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/nvlist.c
Modified: head/lib/libnv/nvlist.c
===
Author: pjd
Date: Thu Jun 26 13:57:44 2014
New Revision: 267914
URL: http://svnweb.freebsd.org/changeset/base/267914
Log:
Remove duplicated includes.
Submitted by: Mariusz Zaborski
Modified:
head/sbin/dhclient/bpf.c
head/sbin/dhclient/dhclient.c
head/sys/kern/kern_exec.c
head/sys/
Author: pjd
Date: Fri Jun 6 13:00:53 2014
New Revision: 267159
URL: http://svnweb.freebsd.org/changeset/base/267159
Log:
The 'create' subcommand doesn't have '-h' option.
Modified:
head/sbin/geom/class/stripe/geom_stripe.c
Modified: head/sbin/geom/class/stripe/geom_stripe.c
Author: pjd
Date: Wed Apr 30 09:58:28 2014
New Revision: 265145
URL: http://svnweb.freebsd.org/changeset/base/265145
Log:
Don't forget to remember previous element at the end of the loop.
Reported by: brueffer
Found with: Coverity Prevent(tm)
CID: 1135301
Modified:
head/l
Author: pjd
Date: Mon Apr 7 20:44:00 2014
New Revision: 264236
URL: http://svnweb.freebsd.org/changeset/base/264236
Log:
IFp4 @1192291:
- Don't include sys/caprights.h, leverage the fact that cap_rights_t
is also defined in sys/types.h.
- Include sys/types.h directly.
- For systems
Author: pjd
Date: Sun Feb 23 22:13:16 2014
New Revision: 262405
URL: http://svnweb.freebsd.org/changeset/base/262405
Log:
Capability rights are held by descriptors, not processes.
Reported by: jonathan
Modified:
head/usr.bin/kdump/kdump.c
Modified: head/usr.bin/kdump/kdump.c
==
Author: pjd
Date: Tue Feb 11 09:17:17 2014
New Revision: 261742
URL: http://svnweb.freebsd.org/changeset/base/261742
Log:
Add missing libraries here as well, so a warning is not printed when one
tries to view their manual pages.
Reported by: rwatson
Explained by: pluknet
Modified:
h
Author: pjd
Date: Sun Feb 9 21:47:46 2014
New Revision: 261693
URL: http://svnweb.freebsd.org/changeset/base/261693
Log:
Fix descriptor leak.
Modified:
head/lib/libcasper/libcasper.c
Modified: head/lib/libcasper/libcasper.c
===
Author: pjd
Date: Sun Feb 9 21:42:01 2014
New Revision: 261692
URL: http://svnweb.freebsd.org/changeset/base/261692
Log:
If the main casperd process exits, zygote process should exit as well
instead of spinning.
Reported by: Mikhail
Modified:
head/sbin/casperd/zygote.c
Modified: he
Author: pjd
Date: Fri Feb 7 22:15:48 2014
New Revision: 261612
URL: http://svnweb.freebsd.org/changeset/base/261612
Log:
Add cross-references to casperd(8) and libcapsicum(3).
Suggested by: rwatson
Modified:
head/share/man/man4/capsicum.4
Modified: head/share/man/man4/capsicum.4
==
Author: pjd
Date: Tue Feb 4 21:48:09 2014
New Revision: 261499
URL: http://svnweb.freebsd.org/changeset/base/261499
Log:
Fix installations that use kernels without CAPABILITIES support.
Approved by: des
Modified:
head/crypto/openssh/sandbox-capsicum.c
Modified: head/crypto/openssh/san
Author: pjd
Date: Tue Feb 4 21:43:53 2014
New Revision: 261498
URL: http://svnweb.freebsd.org/changeset/base/261498
Log:
Protect ping(8) using Capsicum and Casper. This is protection against
malicious
network packets that we parse and not against local users trying to gain root
access thro
Author: pjd
Date: Sun Feb 2 19:06:00 2014
New Revision: 261408
URL: http://svnweb.freebsd.org/changeset/base/261408
Log:
Assert input arguments to buf_send() and buf_recv().
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/msgio.c
Modified: head/lib/libnv/msgio.c
==
Author: pjd
Date: Sun Feb 2 19:03:52 2014
New Revision: 261407
URL: http://svnweb.freebsd.org/changeset/base/261407
Log:
Fix sending empty nvlist.
Submitted by: Mariusz Zaborski
Modified:
head/lib/libnv/msgio.c
Modified: head/lib/libnv/msgio.c
=
Author: pjd
Date: Thu Jan 9 09:19:59 2014
New Revision: 260471
URL: http://svnweb.freebsd.org/changeset/base/260471
Log:
Always create /var/run/casper with correct permissions and don't depend on the
calling process' umask.
Submitted by: Mikhail
Modified:
head/sbin/casperd/casperd.c
Author: pjd
Date: Sat Jan 4 21:55:06 2014
New Revision: 260290
URL: http://svnweb.freebsd.org/changeset/base/260290
Log:
Bring back the old size of the kinfo_file structure to preserve ABI.
Keep only one uint64_t spare for further cap_rights_t expension.
Add a comment clarifying that if
Author: pjd
Date: Sat Jan 4 09:27:49 2014
New Revision: 260254
URL: http://svnweb.freebsd.org/changeset/base/260254
Log:
Don't allow to create GELI providers with a sector size, which is no a
power of 2.
Noticed by: rwatson
MFC after:3 days
Modified:
head/sbin/geom/class/eli/g
Author: pjd
Date: Sat Jan 4 09:25:27 2014
New Revision: 260253
URL: http://svnweb.freebsd.org/changeset/base/260253
Log:
MFp4 @1189766:
- Compile the tests with .t suffix, so prove can use them directly.
- The CHECKX() macro should increment ntest just like the CHECK() macro.
- For con
Author: pjd
Date: Fri Jan 3 09:10:04 2014
New Revision: 260223
URL: http://svnweb.freebsd.org/changeset/base/260223
Log:
MFp4 @1189741:
- Add missing nvlist_destroy().
- Don't override nvlout.
Submitted by: Mariusz Zaborski
MFC after:3 days
Modified:
head/lib/libcasper/lib
Author: pjd
Date: Fri Jan 3 09:07:03 2014
New Revision: 260222
URL: http://svnweb.freebsd.org/changeset/base/260222
Log:
MFp4 @1189711:
Fix resource leaks on nvlist_destroy().
Reported by: Mariusz Zaborski
MFC after:3 days
Modified:
head/lib/libnv/nvlist.c
Modified: head/l
On Thu, Jan 02, 2014 at 10:27:57PM +0100, Pawel Jakub Dawidek wrote:
> I'll leave it for re@ to decide.
Proposed patch:
http://people.freebsd.org/~pjd/patches/sys_user.h.patch
--
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD c
On Thu, Jan 02, 2014 at 03:13:08PM +0200, Konstantin Belousov wrote:
> On Thu, Jan 02, 2014 at 11:49:04AM +0100, Pawel Jakub Dawidek wrote:
> > I don't plan to provide alternative way to fetch the cap stuff. Well, I
> > implemented libnv, which can be used to reimplement how w
On Thu, Jan 02, 2014 at 02:28:57AM -0800, Alfred Perlstein wrote:
> On 1/2/14 1:33 AM, Pawel Jakub Dawidek wrote:
> > On Wed, Jan 01, 2014 at 11:16:22PM -0800, Stanislav Sedov wrote:
> >> On Sep 4, 2013, at 5:09 PM, Pawel Jakub Dawidek wrote:
> >>
> >>>
On Wed, Jan 01, 2014 at 11:16:22PM -0800, Stanislav Sedov wrote:
>
> On Sep 4, 2013, at 5:09 PM, Pawel Jakub Dawidek wrote:
>
> > This commit also breaks compatibility with some existing Capsicum system
> > calls,
> > but I see no other way to do that. This sh
On Sat, Dec 21, 2013 at 12:45:36PM +, Glen Barber wrote:
> Author: gjb
> Date: Sat Dec 21 12:45:35 2013
> New Revision: 259678
> URL: http://svnweb.freebsd.org/changeset/base/259678
>
> Log:
> Fix build with WITHOUT_CAPSICUM.
Thanks.
--
Pawel Jakub Dawidek
Author: pjd
Date: Thu Dec 19 00:53:11 2013
New Revision: 259581
URL: http://svnweb.freebsd.org/changeset/base/259581
Log:
Make the world a bit more secure place (hopefully) and turn the casperd on
by default.
Sponsored by: The FreeBSD Foundation
Modified:
head/etc/defaults/rc.conf
Mod
Author: pjd
Date: Thu Dec 19 00:51:48 2013
New Revision: 259580
URL: http://svnweb.freebsd.org/changeset/base/259580
Log:
If we cannot connect to casperd we don't enter sandbox, but if we can connect
to casperd, but we cannot access the service we need we exit with an error.
This should not
Author: pjd
Date: Wed Dec 18 21:45:46 2013
New Revision: 259576
URL: http://svnweb.freebsd.org/changeset/base/259576
Log:
MFV r258923: 4188 assertion failed in dmu_tx_hold_free(): dn_datablkshift != 0
illumos/illumos-gate@bb411a08b05466bfe0c7095b6373bbc1587e259a
MFC after:3 days
M
Author: pjd
Date: Mon Dec 16 11:03:59 2013
New Revision: 259463
URL: http://svnweb.freebsd.org/changeset/base/259463
Log:
Start-up script for casperd daemon.
Sponsored by: The FreeBSD Foundation
Added:
head/etc/rc.d/casperd (contents, props changed)
Modified:
head/etc/defaults/rc.con
Author: pjd
Date: Sun Dec 15 23:49:42 2013
New Revision: 259440
URL: http://svnweb.freebsd.org/changeset/base/259440
Log:
Include bsd.own.mk for MK_CASPER to work.
Reported by: nwhitehorn
Modified:
head/usr.bin/kdump/Makefile
Modified: head/usr.bin/kdump/Makefile
==
Author: pjd
Date: Sun Dec 15 23:20:26 2013
New Revision: 259439
URL: http://svnweb.freebsd.org/changeset/base/259439
Log:
Regenerate after r259438.
Modified:
head/sys/kern/init_sysent.c
Modified: head/sys/kern/init_sysent.c
Author: pjd
Date: Sun Dec 15 23:19:42 2013
New Revision: 259438
URL: http://svnweb.freebsd.org/changeset/base/259438
Log:
Fix syscalls that can be loaded as kernel modules - they were not given
the flag allowing to call them from capability mode sandbox.
Noticed by: David Drysdale
Mod
Author: pjd
Date: Sun Dec 15 23:15:12 2013
New Revision: 259437
URL: http://svnweb.freebsd.org/changeset/base/259437
Log:
Regenerate after r259436.
Modified:
head/sys/kern/init_sysent.c
Modified: head/sys/kern/init_sysent.c
Author: pjd
Date: Sun Dec 15 23:14:27 2013
New Revision: 259436
URL: http://svnweb.freebsd.org/changeset/base/259436
Log:
Allow for pselect(2) in capability mode.
Noticed by: David Drysdale
Modified:
head/sys/kern/capabilities.conf
Modified: head/sys/kern/capabilities.conf
==
Author: pjd
Date: Sun Dec 15 23:12:42 2013
New Revision: 259435
URL: http://svnweb.freebsd.org/changeset/base/259435
Log:
Forgot to regenerate after r257736.
Modified:
head/sys/kern/init_sysent.c
Modified: head/sys/kern/init_sysent.c
==
1 - 100 of 1363 matches
Mail list logo
