Displaying 1 50 of 253,326 commits (0.026s)

HardenedBSD — sys/cddl/contrib/opensolaris/uts/common/fs/zfs spa_misc.c

MFC r316854: rename vfs.zfs.debug_flags to vfs.zfs.debugflags

Since this is a stable branch vfs.zfs.debug_flags sysctl is also kept.
The corresponing tunable could never work.

HardenedBSD — cddl/contrib/opensolaris/lib/libdtrace/common dt_consume.c

MFC r316853: dtrace: fix normalization of stddev aggregation

Sponsored by:        Panzura

HardenedBSD — sys/netinet ip_divert.c

MFC r318399:
  Set M_BCAST and M_MCAST flags on mbuf sent via divert socket.

  r290383 has changed how mbufs sent by divert socket are handled.
  Previously they are always handled by slow path processing in ip_input().
  Now ip_tryforward() is invoked from ip_input() before in_broadcast() check.
  Since diverted packet lost all mbuf flags, it passes the broadcast check
  in ip_tryforward() due to missing M_BCAST flag. In the result the broadcast
  packet is forwarded to the wire instead of be consumed by network stack.

  Add in_broadcast() check to the div_output() function. And restore the
  M_BCAST flag if destination address is broadcast for the given network

  PR:                209491
Delta File
+8 -0 sys/netinet/ip_divert.c
+8 -0 1 file

HardenedBSD — sbin/ipfw tables.c

MFC r318400:
  Allow zero port specification in table entries with type flow.

  PR:                217620
Delta File
+6 -10 sbin/ipfw/tables.c
+6 -10 1 file

HardenedBSD — contrib/binutils/gas/config tc-arm.c

MFC r318135:

  Fix parsing of 'vmov Q<n>.F32,Q<n>.F32' instruction.

HardenedBSD — sys/dev/cxgbe/common t4_msg.h

MFC r311846:
cxgbe(4): Refresh t4_msg.h, mainly for definitions related to the crypto
Delta File
+594 -1 sys/dev/cxgbe/common/t4_msg.h
+594 -1 1 file

HardenedBSD — lib/libsysdecode sysdecode_ioctlname.3

MFC 315310: Spell "const" properly.

PR:                217797

HardenedBSD — share/man/man9 Makefile

Add missing MLINKS for functions decribed in iflibdd(9), iflibdi(9), and
Delta File
+55 -0 share/man/man9/Makefile
+55 -0 1 file

HardenedBSD — sys/dev/ath if_ath_ahb.c

    [ath] begin migration of AHB support to use the PCI style board data API for 
calibration data.
    This brings the AHB support in line with the PCI support - now other "things"
    can wrap up the calibration / board data into a firmware blob and have them
    probe/attach after the system has finished booting.
    Note that this change requires /all/ of the AHB using kernel configurations
    to change - so until I drop those changes in, this breaks AHB.
    Fear not, I'll do that soon.
    * the above stuff.
    * AR9331, carambola 2, loading if_ath / wlan as modules at run time
Delta File
+38 -60 sys/dev/ath/if_ath_ahb.c
+38 -60 1 file

HardenedBSD — sys/compat/freebsd32 freebsd32_sysent.c, sys/kern init_sysent.c

Followup to r318765 (capsicumize cpuset_*affinity)

Update *sysent files

HardenedBSD — share/man/man9 iflibdi.9

Remove duplicate definition of iflib_led_create().
Delta File
+1 -5 share/man/man9/iflibdi.9
+1 -5 1 file

HardenedBSD — lib/libc/sys cpuset_getaffinity.2, share/man/man4 capsicum.4

Allow cpuset_{get,set}affinity in capabilities mode

bhyve was recently sandboxed with capsicum, and needs to be able to
control the CPU sets of its vcpu threads

Reviewed by:        emaste, oshogbo, rwatson
MFC after:        2 weeks
Sponsored by:        ScaleEngine Inc.
Differential Revision:        https://reviews.freebsd.org/D10170

HardenedBSD — lib/libsysdecode flags.c

MFC 315283:
Fix sysdecode_cap_rights which currently prints bogus capability rights.

PR:                217787
Delta File
+1 -9 lib/libsysdecode/flags.c
+1 -9 1 file

HardenedBSD — sys/amd64/conf GENERIC MINIMAL, sys/i386/conf GENERIC

MFC 310177: Enable EARLY_AP_STARTUP on amd64 and i386 kernels by default.

PR:                199321, 203682
Discussed with:        re (kib)
Relnotes:        yes

HardenedBSD — sys/conf files, sys/dev/cxgbe/firmware t6fw- t5fw-

cxgbe(4): Update the T4, T5, and T6 firmwares to

The latest firmware has a number of link related fixes, support for a
new custom card, and the fix for a bug that affected rate limiting on

Obtained from:        Chelsio Communications
MFC after:        1 week
Sponsored by:        Chelsio Communications

HardenedBSD — sys/i386/i386 machdep.c, sys/x86/include segments.h

Remove the BSD/OS 2.1 system call gate LDT entry.

An extra copy of the system call gate was added to the default LDT back
in 1996 (r18513 / r18514).  However, the ability to run BSD/OS 2.1
i386 binaries under FreeBSD's native ABI is most likely no longer

Discussed with:        kib

HardenedBSD — sys/dev/bhnd/nvram bhnd_nvram_data_sprom.c bhnd_sprom.c

bhnd(4): Fix a SPROM identification regression introduced in r315866

In r315866, we introduced a direct read of the 8-bit sromrev field from the
memory mapped SPROM/OTP device. On OTP devices that require 16-bit access
alignment, this read fails, preventing identification of the SPROM layout.

So, let's perform an aligned read of the combined 16-bit sromrev/crc field

Approved by:        adrian (mentor, implicit)

HardenedBSD — usr.bin/sed sed.1

MFC r316030, r317378: Add some useful examples to the sed man page.

Reviewed by:        wblock, bcr
Differential Revision:        https://reviews.freebsd.org/D9958
Delta File
+31 -1 usr.bin/sed/sed.1
+31 -1 1 file

HardenedBSD — . UPDATING

UPDATING: ino64 upgrade should include COMPAT_FREEBSD11

The upgrade process requires COMPAT_FREEBSD11 to support the combination
of "old" userland and "new" kernel that exists after "make kernel" and
reboot.  Mention this explicitly for those using custom kernel configs.
Once the "new" world is installed the COMPAT_FREEBSD11 could be removed
again, but that does not seem necessary to mention in UPDATING.

Reported by:        kib
Sponsored by:        The FreeBSD Foundation
Delta File
+2 -1 1 file

HardenedBSD — . UPDATING

Add note to UPDATING for ino64 to follow the standard upgrade process

The existing upgrade process documented in UPDATING is both necessary
and sufficient for upgrading across the ino64 change.  However, the
shortcut of installing both kernel + world before a single reboot has
been possible for quite some time, and several developers and users
were surprised by fallout from ino64.  Add an explicit entry pointing
out that the full process must be followed.

Reviewed by:        allanjude, gjb, vangyzen
Sponsored by:        The FreeBSD Foundation
Differential Revision:        https://reviews.freebsd.org/D10877
Delta File
+8 -0 1 file

HardenedBSD — contrib/netbsd-tests/lib/libc/rpc t_rpc.c

:raw no longer SIGSEGVs on FreeBSD; revert the signal expectation

This is a direct commit to ^/stable/10, since this expectation was only
added to ^/stable/10's copy of t_raw.c.

PR:                216954
Sponsored by:        Dell EMC Isilon

HardenedBSD — release/doc/en_US.ISO8859-1/relnotes article.xml

Move the SA entry to the tcpmd5 module addition.

Submitted by:        ae
Sponsored by:        The FreeBSD Foundation

HardenedBSD — release/doc/en_US.ISO8859-1/relnotes article.xml

Document the requirement for two SA entries, following the IPSEC

Submitted by:        vangyzen
Sponsored by:        The FreeBSD Foundation

HardenedBSD — sys/amd64/conf HARDENEDBSD


It'll be required with the ino64 work, which just landed in FreeBSD

Signed-off-by:        Shawn Webb <shawn.webb at hardenedbsd.org>
Sponsored-by:        SoldierX
Delta File
+1 -0 sys/amd64/conf/HARDENEDBSD
+1 -0 1 file

HardenedBSD — usr.bin/nc Makefile

    HBSD: Disable cfi-icall for nc
    The atomicio[1] function in netcat's sources takes a function pointer as
    an argument. The functions passed in as an argument are located within
    libc (read, write). Since HardenedBSD doesn't support Cross-DSO CFI yet,
    netcat crashes due to failed cfi-icall checks when netcat is called with
    proxy support (eg, using ProxyCommand in ssh).
    When HardenedBSD gains support for Cross-DSO CFI, this should hopefully
    no longer be a problem.
    Signed-off-by:        Shawn Webb <shawn.webb at hardenedbsd.org>
    Sponsored-by:        SoldierX
Delta File
+2 -0 usr.bin/nc/Makefile
+2 -0 1 file

HardenedBSD — sys/netipsec xform_ah.c xform_esp.c

Fix possible double releasing for SA reference.

There are two possible ways how crypto callback are called: directly from
caller and deffered from crypto thread.

For inbound packets the direct call chain is the following:
 IPSEC_INPUT() method -> ipsec_common_input() -> xform_input() ->
 -> crypto_dispatch() -> crypto_invoke() -> crypto_done() ->
 -> xform_input_cb() -> ipsec[46]_common_input_cb() -> netisr_queue().

The SA reference is held while crypto processing is not finished.
The error handling code wrongly expected that crypto callback always called
from the crypto thread context, and it did SA reference releasing in
xform_input_cb(). But when the crypto callback called directly, in case of
error (e.g. data authentification failed) the error handling in
ipsec_common_input() also did SA reference releasing.

To fix this, remove error handling from ipsec_common_input() and do it
in xform_input() before crypto_dispatch().

PR:                219356
MFC after:        10 days

HardenedBSD — bin/stty stty.1

MFC r317904:

.Xr resizewin from stty(1) man page.
Delta File
+1 -0 bin/stty/stty.1
+1 -0 1 file

HardenedBSD — usr.bin/resizewin resizewin.1

MFC r318481:

Language fixes.
Delta File
+2 -2 usr.bin/resizewin/resizewin.1
+2 -2 1 file

HardenedBSD — usr.bin/resizewin resizewin.1

MFC r318138:

Revert to pre-r318116 wording to not give the false impression
that setting the kernels' idea of terminal size is somehow an
alternative to environment variables.
Delta File
+2 -2 usr.bin/resizewin/resizewin.1
+2 -2 1 file

HardenedBSD — usr.bin/resizewin resizewin.1

MFC r318116:

Random updates to resizewin(1) man page.
Delta File
+24 -16 usr.bin/resizewin/resizewin.1
+24 -16 1 file

HardenedBSD — usr.bin/resizewin resizewin.c

MFC r317935:

Sort variable declarations; no functional changes.
Delta File
+2 -2 usr.bin/resizewin/resizewin.c
+2 -2 1 file

HardenedBSD — usr.bin/resizewin resizewin.c resizewin.1

MFC rr317934:

Add resizewin -z. It makes resizewin not do anything if the terminal
size is already set to something other than zero. It's supposed to be
called from eg /etc/profile - it's not neccessary to query terminal
size when logging in over the network, because the protocol used already
takes care of this, but it's neccessary when logging over a serial line.

HardenedBSD — usr.bin/resizewin resizewin.c

MFC r317933:

Use tcflush(3) instead of (nonstandard) TIOCFLUSH.
Delta File
+3 -4 usr.bin/resizewin/resizewin.c
+3 -4 1 file

HardenedBSD — usr.bin/resizewin resizewin.c

MFC r317909:

Make resizewin(1) discard the terminal queues, to lower the chance
for "unable to parse response" error which happens when youre typing
too fast for the machine you're running it on.
Delta File
+7 -1 usr.bin/resizewin/resizewin.c
+7 -1 1 file

HardenedBSD — usr.bin/resizewin resizewin.c

MFC r317905:

Rename a variable, hopefully fixing build after r317901.
Delta File
+9 -9 usr.bin/resizewin/resizewin.c
+9 -9 1 file

HardenedBSD — usr.bin/resizewin resizewin.c

MFC r317901:

Improve error reporting in resizewin(1).
Delta File
+4 -4 usr.bin/resizewin/resizewin.c
+4 -4 1 file

HardenedBSD — sys/amd64/amd64 pmap.c, sys/arm64/arm64 pmap.c

MFC r308474, r308691, r309203, r309365, r309703, r309898, r310720,
r308489, r308706:
Add PQ_LAUNDRY and remove PG_CACHED pages.
Delta File
+181 -583 sys/vm/vm_page.c
+551 -142 sys/vm/vm_pageout.c
+37 -72 sys/vm/vm_reserv.c
+11 -64 sys/vm/vm_radix.c
+12 -44 sys/vm/vm_object.c
+32 -17 sys/vm/vm_page.h
+135 -204 25 files not shown
+959 -1,126 31 files

HardenedBSD — contrib/gcc libgcc-std.ver, contrib/gcc/config/arm libunwind-arm.S libgcc-bpabi.ver

MFC r318024,r318025:

    Fix _Unwind_Backtrace symbol version for ARM.
    Revert accidentally changed std.armv6 in r318024.

HardenedBSD — sys/net if_vlan.c

Add parent interface reference counting to if_vlan.

Using plain ifunit() looks like a request for troubles.

MFC after:        1 week
Delta File
+26 -14 sys/net/if_vlan.c
+26 -14 1 file

HardenedBSD — sys/sys ata.h

"struct ata_params" field "reserved206[2]" actually starts at offset 20*7*.

MFC after:        1 week
Sponsored by:        Panasas
Delta File
+1 -1 sys/sys/ata.h
+1 -1 1 file

HardenedBSD — lib/libproc proc_sym.c

Ensure that the mappings table is populated in proc_objname().

MFC after:        1 week
Sponsored by:        Dell EMC Isilon
Delta File
+3 -0 lib/libproc/proc_sym.c
+3 -0 1 file

HardenedBSD — include ndbm.h

ndbm.h: Add a comment pointing out our non-compliance with POSIX.

Changing it to full conformance breaks the ABI.


Discussion at:        https://reviews.freebsd.org/D10544
Delta File
+1 -1 include/ndbm.h
+1 -1 1 file

HardenedBSD — sys/fs/nfsclient nfs_clcomsubs.c

MFC: r318287
Make nfscl_mtofh() return ENXIO when *nfhpp == NULL.

r317272 introduced a case where nfscl_mtofh() could return 0 when
*nfhpp is NULL. This patch makes it return ENXIO for this case.
Delta File
+1 -0 sys/fs/nfsclient/nfs_clcomsubs.c
+1 -0 1 file

HardenedBSD — sbin/mount_nfs mount_nfs.c

MFC: r317931
Fix mount_nfs so that it doesn't create mounttab entries for NFSv4 mounts.

The NFSv4 protocol doesn't use the Mount protocol, so it doesn't make sense
to add an entry for an NFSv4 mount to /var/db/mounttab. Also, r308871
modified umount so that it doesn't remove any entry created by mount_nfs.
Delta File
+1 -1 sbin/mount_nfs/mount_nfs.c
+1 -1 1 file

HardenedBSD — cddl/contrib/opensolaris/cmd/dtrace/test/tst/common/proc tst.exitcore.c tst.exitcore.ksh, cddl/usr.sbin/dtrace/tests/common/proc Makefile

Add a little helper program for tst.exitcore.ksh.

sleep(1) is capsicumized, which means that we cannot rely on it to dump
core as required by the test.

MFC after:        1 week
Sponsored by:        Dell EMC Isilon

HardenedBSD — sys/dev/mpr mpr_sas.c

Fix powerpc compiler error.

Approved by:        ken
Delta File
+2 -2 sys/dev/mpr/mpr_sas.c
+2 -2 1 file

HardenedBSD — sys/boot/common dev_net.c

Replacing iterating over rootpath by strsep(3).

Submitted by:        kczekirda
Reviewed by:        tsoome, bapt, jhb, oshogbo
MFC after:        3 weeks
Sponsored by:        Oktawave
Differential Revision:        https://reviews.freebsd.org/D10726
Delta File
+6 -8 sys/boot/common/dev_net.c
+6 -8 1 file

HardenedBSD — sys/compat/ndis kern_ndis.c subr_ndis.c, sys/dev/if_ndis if_ndis.c if_ndisvar.h

Fix regression in ndis(4) after r286410. This adds a bunch of checks for
whether this is a Ethernet or 802.11 device and does proper dereferencing.

PR:                213237
Submitted by:        <ota j.email.ne.jp>
MFC after:        2 weeks

HardenedBSD — sys/dev/qlnx/qlnxe qlnx_os.c

Check for IPV6 TCP/UDP CSUM offload in pkt header during transmits.

Submitted by:Shminderjit.Singh at cavium.com
Delta File
+2 -1 sys/dev/qlnx/qlnxe/qlnx_os.c
+2 -1 1 file

HardenedBSD — sys/rpc clnt_vc.c

MFC: r317906
Fix the client side krpc from doing TCP reconnects for ERESTART from sosend().

When sosend() replies ERESTART in the client side krpc, it indicates that
the RPC message hasn't yet been sent and that the send queue is full or
locked while a signal is posted for the process.
Without this patch, this would result in a RPC_CANTSEND reply from
clnt_vc_call(), which would cause clnt_reconnect_call() to create a new
TCP transport connection. For most NFS servers, this wasn't a serious problem,
although it did imply retries of outstanding RPCs, which could possibly
have missed the DRC.
For an NFSv4.1 mount to AmazonEFS, this caused a serious problem, since
AmazonEFS often didn't retain the NFSv4.1 session and would reply with
NFS4ERR_BAD_SESSION. This implies to the client a crash/reboot which
requires open/lock state recovery.

Three options were considered to fix this:
- Return the ERESTART all the way up to the system call boundary and then
  have the system call redone. This is fraught with risk, due to convoluted
  code paths, asynchronous I/O RPCs etc. cperciva@ worked on this, but it
  is still a work in prgress and may not be feasible.
- Set SB_NOINTR for the socket buffer. This fixes the problem, but makes
  the sosend() completely non interruptible, which kib@ considered
  inappropriate. It also would break forced dismount when a thread
  was blocked in sosend().

    [11 lines not shown]
Delta File
+20 -2 sys/rpc/clnt_vc.c
+20 -2 1 file