From owner-svn-src-releng@freebsd.org Sun Jul 26 17:57:54 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3002B9AB2CA; Sun, 26 Jul 2015 17:57:54 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0737210A4; Sun, 26 Jul 2015 17:57:54 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6QHvrYi070303; Sun, 26 Jul 2015 17:57:53 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6QHvrBW070302; Sun, 26 Jul 2015 17:57:53 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507261757.t6QHvrBW070302@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Sun, 26 Jul 2015 17:57:53 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285895 - releng/10.2/release/doc/en_US.ISO8859-1/relnotes X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jul 2015 17:57:54 -0000 Author: gjb Date: Sun Jul 26 17:57:53 2015 New Revision: 285895 URL: https://svnweb.freebsd.org/changeset/base/285895 Log: Further refine the PAE_TABLES entry, based on feedback from alc. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 17:57:35 2015 (r285894) +++ releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 17:57:53 2015 (r285895) @@ -353,13 +353,16 @@ The PAE_TABLES kernel configuration option has been added for &os;/&arch.i386;, which instructs &man.pmap.9; - to use PAE format for page tables with - 32-bit physical addresses. Unlike the PAE - option, PAE_TABLES preserves kernel binary - interface (KBI) compatibility with - non-PAE kernels, allowing - non-PAE kernel modules and drivers to work - with a PAE_TABLES-enabled kernel. + to use PAE format for page tables while + maintaining a 32-bit physical address size elsewhere in the + kernel. The use of this option can enhance application-level + security by enabling the creation of no execute + mappings on modern &arch.i386; processors. Unlike the + PAE option, PAE_TABLES + preserves kernel binary interface (KBI) + compatibility with non-PAE kernels, + allowing non-PAE kernel modules and drivers + to work with a PAE_TABLES-enabled kernel. Additionally, system limits are tuned for 4GB maximum RAM, avoiding kernel virtual address space (KVA) exhaustion. From owner-svn-src-releng@freebsd.org Sun Jul 26 19:47:40 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 006CA9ABFCB; Sun, 26 Jul 2015 19:47:40 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D87D31F0C; Sun, 26 Jul 2015 19:47:39 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6QJld4w032552; Sun, 26 Jul 2015 19:47:39 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6QJldJU032551; Sun, 26 Jul 2015 19:47:39 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507261947.t6QJldJU032551@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Sun, 26 Jul 2015 19:47:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285899 - releng/10.2/release/doc/en_US.ISO8859-1/relnotes X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jul 2015 19:47:40 -0000 Author: gjb Date: Sun Jul 26 19:47:38 2015 New Revision: 285899 URL: https://svnweb.freebsd.org/changeset/base/285899 Log: Document r273838, PLPMTUD blackhole detection (RFC 4821). Submitted by: sbruno Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 19:47:08 2015 (r285898) +++ releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 19:47:38 2015 (r285899) @@ -730,7 +730,80 @@ Network Procols -   + Support for PLPMTUD + blackhole detection (RFC 4821) has been + added to the &man.tcp.4; stack, disabled by default. New + control tunables have been added: + + + + + + + + Tunable + Description + + + + + + net.inet.tcp.pmtud_blackhole_detection + Enables or disables PLPMTUD + blackhole detection + + + + net.inet.tcp.pmtud_blackhole_mss + MSS to try for IPv4 + + + + net.inet.tcp.v6pmtud_blackhole_mss + MSS to try for IPv6 + + + + + + New monitoring &man.sysctl.8;s haven been added: + + + + + + + + Tunable + Description + + + + + + net.inet.tcp.pmtud_blackhole_activated + Number of times the code was activated to attempt + downshifting the MSS + + + + net.inet.tcp.pmtud_blackhole_min_activated + Number of times the blackhole + MSS was used in an attempt to + downshift + + + + net.inet.tcp.pmtud_blackhole_failed + Number of times that the blackhole failed to + connect after downshifting the + MSS + + + + + From owner-svn-src-releng@freebsd.org Sun Jul 26 19:47:42 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 45A109ABFE9; Sun, 26 Jul 2015 19:47:42 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 33E511F0D; Sun, 26 Jul 2015 19:47:42 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6QJlgpH032597; Sun, 26 Jul 2015 19:47:42 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6QJlgU2032596; Sun, 26 Jul 2015 19:47:42 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507261947.t6QJlgU2032596@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Sun, 26 Jul 2015 19:47:42 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285900 - releng/10.2/release/doc/en_US.ISO8859-1/relnotes X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jul 2015 19:47:42 -0000 Author: gjb Date: Sun Jul 26 19:47:41 2015 New Revision: 285900 URL: https://svnweb.freebsd.org/changeset/base/285900 Log: Document r285769, bsdinstall(8) updates to workaround various problematic BIOSes when booting from GPT, and partition scheme selection in the UFS partition menu. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 19:47:38 2015 (r285899) +++ releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 19:47:41 2015 (r285900) @@ -274,7 +274,18 @@ Installation and Configuration Tools -   + Support for detecting and implementing + a workaround for various laptops and motherboards that do not + boot properly from GPT-partitioned disks + has been added to &man.bsdinstall.8;. Additionally, the + active flag will be set on the partition + when needed. + + Support for selecting the partitioning + scheme when installing on the UFS + filesystem has been added to &man.bsdinstall.8;. From owner-svn-src-releng@freebsd.org Sun Jul 26 19:47:48 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E964F9AB03D; Sun, 26 Jul 2015 19:47:47 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C649BE4; Sun, 26 Jul 2015 19:47:47 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6QJllPY032691; Sun, 26 Jul 2015 19:47:47 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6QJllZJ032690; Sun, 26 Jul 2015 19:47:47 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507261947.t6QJllZJ032690@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Sun, 26 Jul 2015 19:47:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285902 - releng/10.2/release/doc/en_US.ISO8859-1/relnotes X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jul 2015 19:47:48 -0000 Author: gjb Date: Sun Jul 26 19:47:46 2015 New Revision: 285902 URL: https://svnweb.freebsd.org/changeset/base/285902 Log: Document r285721, bsdinstall aligns zfs partitions on 1Mb boundaries. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 19:47:43 2015 (r285901) +++ releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 19:47:46 2015 (r285902) @@ -287,6 +287,11 @@ active flag will be set on the partition when needed. + Support for detecting and implementing + aligning partitions on 1Mb boundaries has been added to + &man.bsdinstall.8;. + Support for selecting the partitioning scheme when installing on the UFS From owner-svn-src-releng@freebsd.org Sun Jul 26 19:47:45 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A38499AB01D; Sun, 26 Jul 2015 19:47:45 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4D4E91FB1; Sun, 26 Jul 2015 19:47:45 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6QJljAb032646; Sun, 26 Jul 2015 19:47:45 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6QJli2J032644; Sun, 26 Jul 2015 19:47:44 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507261947.t6QJli2J032644@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Sun, 26 Jul 2015 19:47:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285901 - in releng/10.2/release/doc: en_US.ISO8859-1/relnotes share/xml X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Jul 2015 19:47:45 -0000 Author: gjb Date: Sun Jul 26 19:47:43 2015 New Revision: 285901 URL: https://svnweb.freebsd.org/changeset/base/285901 Log: Document r285750, ssh(1) hostname canonicalization before looking for the host in known_hosts. Add Dell, Inc. to sponsors.ent. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml releng/10.2/release/doc/share/xml/sponsor.ent Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 19:47:41 2015 (r285900) +++ releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Sun Jul 26 19:47:43 2015 (r285901) @@ -269,6 +269,11 @@ The ntp suite has been updated to version 4.2.8p3. + + The + &man.ssh.1; utility has been updated to re-implement hostname + canonicalization before locating the host in + known_hosts. Modified: releng/10.2/release/doc/share/xml/sponsor.ent ============================================================================== --- releng/10.2/release/doc/share/xml/sponsor.ent Sun Jul 26 19:47:41 2015 (r285900) +++ releng/10.2/release/doc/share/xml/sponsor.ent Sun Jul 26 19:47:43 2015 (r285901) @@ -15,6 +15,7 @@ + From owner-svn-src-releng@freebsd.org Mon Jul 27 17:50:06 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5110C9ACF11; Mon, 27 Jul 2015 17:50:06 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 419273A4; Mon, 27 Jul 2015 17:50:06 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6RHo6GR079311; Mon, 27 Jul 2015 17:50:06 GMT (envelope-from jimharris@FreeBSD.org) Received: (from jimharris@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6RHo6NC079310; Mon, 27 Jul 2015 17:50:06 GMT (envelope-from jimharris@FreeBSD.org) Message-Id: <201507271750.t6RHo6NC079310@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jimharris set sender to jimharris@FreeBSD.org using -f From: Jim Harris Date: Mon, 27 Jul 2015 17:50:06 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285919 - releng/10.2/sys/dev/nvd X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2015 17:50:06 -0000 Author: jimharris Date: Mon Jul 27 17:50:05 2015 New Revision: 285919 URL: https://svnweb.freebsd.org/changeset/base/285919 Log: MFS r285915: MFC r285767: nvd: set d_delmaxsize to full capacity of NVMe namespace The NVMe specification has no ability to specify a maximum delete size that is less than the full capacity of the namespace - so just using the namespace size is the correct value here. This fixes reported issues where ZFS trim on init looked like it was hanging the system - previously the default I/O max size (128KB on Intel NVMe controllers) was used for delete operations which worked out to only about 8MB/s. With this patch I can add an 800GB DC P3700 drive to a ZFS pool in about 15-20 seconds. Approved by: re (gjb) Sponsored by: Intel Modified: releng/10.2/sys/dev/nvd/nvd.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/dev/nvd/nvd.c ============================================================================== --- releng/10.2/sys/dev/nvd/nvd.c Mon Jul 27 15:37:02 2015 (r285918) +++ releng/10.2/sys/dev/nvd/nvd.c Mon Jul 27 17:50:05 2015 (r285919) @@ -278,6 +278,7 @@ nvd_new_disk(struct nvme_namespace *ns, disk->d_maxsize = nvme_ns_get_max_io_xfer_size(ns); disk->d_sectorsize = nvme_ns_get_sector_size(ns); disk->d_mediasize = (off_t)nvme_ns_get_size(ns); + disk->d_delmaxsize = (off_t)nvme_ns_get_size(ns); if (TAILQ_EMPTY(&disk_head)) disk->d_unit = 0; From owner-svn-src-releng@freebsd.org Mon Jul 27 17:51:13 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2ADE89ACF5D; Mon, 27 Jul 2015 17:51:13 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1B55D902; Mon, 27 Jul 2015 17:51:13 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6RHpCap083022; Mon, 27 Jul 2015 17:51:12 GMT (envelope-from jimharris@FreeBSD.org) Received: (from jimharris@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6RHpCXu083021; Mon, 27 Jul 2015 17:51:12 GMT (envelope-from jimharris@FreeBSD.org) Message-Id: <201507271751.t6RHpCXu083021@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jimharris set sender to jimharris@FreeBSD.org using -f From: Jim Harris Date: Mon, 27 Jul 2015 17:51:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285920 - releng/10.2/sbin/nvmecontrol X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2015 17:51:13 -0000 Author: jimharris Date: Mon Jul 27 17:51:12 2015 New Revision: 285920 URL: https://svnweb.freebsd.org/changeset/base/285920 Log: MFS r285916: MFC r285796: nvmecontrol: read controller identify data before any log page operations Approved by: re (gjb) Sponsored by: Intel Modified: releng/10.2/sbin/nvmecontrol/logpage.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sbin/nvmecontrol/logpage.c ============================================================================== --- releng/10.2/sbin/nvmecontrol/logpage.c Mon Jul 27 17:50:05 2015 (r285919) +++ releng/10.2/sbin/nvmecontrol/logpage.c Mon Jul 27 17:51:12 2015 (r285920) @@ -298,6 +298,8 @@ logpage(int argc, char *argv[]) open_dev(argv[optind], &fd, 1, 1); } + read_controller_data(fd, &cdata); + /* * The log page attribtues indicate whether or not the controller * supports the SMART/Health information log page on a per @@ -307,7 +309,6 @@ logpage(int argc, char *argv[]) if (log_page != NVME_LOG_HEALTH_INFORMATION) errx(1, "log page %d valid only at controller level", log_page); - read_controller_data(fd, &cdata); if (cdata.lpa.ns_smart == 0) errx(1, "controller does not support per namespace " From owner-svn-src-releng@freebsd.org Mon Jul 27 17:52:18 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 88DD39AC055; Mon, 27 Jul 2015 17:52:18 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6C74FADF; Mon, 27 Jul 2015 17:52:18 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6RHqI3p083214; Mon, 27 Jul 2015 17:52:18 GMT (envelope-from jimharris@FreeBSD.org) Received: (from jimharris@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6RHqIXM083213; Mon, 27 Jul 2015 17:52:18 GMT (envelope-from jimharris@FreeBSD.org) Message-Id: <201507271752.t6RHqIXM083213@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jimharris set sender to jimharris@FreeBSD.org using -f From: Jim Harris Date: Mon, 27 Jul 2015 17:52:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285921 - releng/10.2/sys/dev/nvme X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2015 17:52:18 -0000 Author: jimharris Date: Mon Jul 27 17:52:17 2015 New Revision: 285921 URL: https://svnweb.freebsd.org/changeset/base/285921 Log: MFS r285917: MFC r285815: nvme: properly handle case where pci_alloc_msix does not alloc all vectors Approved by: re (gjb) Sponsored by: Intel Modified: releng/10.2/sys/dev/nvme/nvme_ctrlr.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/dev/nvme/nvme_ctrlr.c ============================================================================== --- releng/10.2/sys/dev/nvme/nvme_ctrlr.c Mon Jul 27 17:51:12 2015 (r285920) +++ releng/10.2/sys/dev/nvme/nvme_ctrlr.c Mon Jul 27 17:52:17 2015 (r285921) @@ -930,7 +930,8 @@ nvme_ctrlr_construct(struct nvme_control { union cap_lo_register cap_lo; union cap_hi_register cap_hi; - int i, num_vectors, per_cpu_io_queues, rid; + int i, per_cpu_io_queues, rid; + int num_vectors_requested, num_vectors_allocated; int status, timeout_period; ctrlr->dev = dev; @@ -988,7 +989,7 @@ nvme_ctrlr_construct(struct nvme_control } /* One vector per IO queue, plus one vector for admin queue. */ - num_vectors = ctrlr->num_io_queues + 1; + num_vectors_requested = ctrlr->num_io_queues + 1; /* * If we cannot even allocate 2 vectors (one for admin, one for @@ -997,15 +998,36 @@ nvme_ctrlr_construct(struct nvme_control if (pci_msix_count(dev) < 2) { ctrlr->msix_enabled = 0; goto intx; - } else if (pci_msix_count(dev) < num_vectors) { + } else if (pci_msix_count(dev) < num_vectors_requested) { ctrlr->per_cpu_io_queues = FALSE; ctrlr->num_io_queues = 1; - num_vectors = 2; /* one for admin, one for I/O */ + num_vectors_requested = 2; /* one for admin, one for I/O */ } - if (pci_alloc_msix(dev, &num_vectors) != 0) { + num_vectors_allocated = num_vectors_requested; + if (pci_alloc_msix(dev, &num_vectors_allocated) != 0) { ctrlr->msix_enabled = 0; goto intx; + } else if (num_vectors_allocated < num_vectors_requested) { + if (num_vectors_allocated < 2) { + pci_release_msi(dev); + ctrlr->msix_enabled = 0; + goto intx; + } else { + ctrlr->per_cpu_io_queues = FALSE; + ctrlr->num_io_queues = 1; + /* + * Release whatever vectors were allocated, and just + * reallocate the two needed for the admin and single + * I/O qpair. + */ + num_vectors_allocated = 2; + pci_release_msi(dev); + if (pci_alloc_msix(dev, &num_vectors_allocated) != 0) + panic("could not reallocate any vectors\n"); + if (num_vectors_allocated != 2) + panic("could not reallocate 2 vectors\n"); + } } /* @@ -1022,7 +1044,7 @@ nvme_ctrlr_construct(struct nvme_control * vendors wishing to import this driver into kernels based on * older versions of FreeBSD. */ - for (i = 0; i < num_vectors; i++) { + for (i = 0; i < num_vectors_allocated; i++) { rid = i + 1; ctrlr->msi_res[i] = bus_alloc_resource_any(ctrlr->dev, SYS_RES_IRQ, &rid, RF_ACTIVE); From owner-svn-src-releng@freebsd.org Mon Jul 27 17:53:12 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D17999AC0D1; Mon, 27 Jul 2015 17:53:12 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B5D1AD0E; Mon, 27 Jul 2015 17:53:12 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6RHrCXO083506; Mon, 27 Jul 2015 17:53:12 GMT (envelope-from jimharris@FreeBSD.org) Received: (from jimharris@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6RHrChN083505; Mon, 27 Jul 2015 17:53:12 GMT (envelope-from jimharris@FreeBSD.org) Message-Id: <201507271753.t6RHrChN083505@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jimharris set sender to jimharris@FreeBSD.org using -f From: Jim Harris Date: Mon, 27 Jul 2015 17:53:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285922 - releng/10.2/sys/dev/nvme X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Jul 2015 17:53:13 -0000 Author: jimharris Date: Mon Jul 27 17:53:11 2015 New Revision: 285922 URL: https://svnweb.freebsd.org/changeset/base/285922 Log: MFS r285918: MFC r285816: nvme: ensure csts.rdy bit is cleared before returning from nvme_ctrlr_disable Approved by: re (gjb) Sponsored by: Intel Modified: releng/10.2/sys/dev/nvme/nvme_ctrlr.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/dev/nvme/nvme_ctrlr.c ============================================================================== --- releng/10.2/sys/dev/nvme/nvme_ctrlr.c Mon Jul 27 17:52:17 2015 (r285921) +++ releng/10.2/sys/dev/nvme/nvme_ctrlr.c Mon Jul 27 17:53:11 2015 (r285922) @@ -1,5 +1,5 @@ /*- - * Copyright (C) 2012-2014 Intel Corporation + * Copyright (C) 2012-2015 Intel Corporation * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -207,7 +207,7 @@ nvme_ctrlr_fail_req_task(void *arg, int } static int -nvme_ctrlr_wait_for_ready(struct nvme_controller *ctrlr) +nvme_ctrlr_wait_for_ready(struct nvme_controller *ctrlr, int desired_val) { int ms_waited; union cc_register cc; @@ -216,18 +216,19 @@ nvme_ctrlr_wait_for_ready(struct nvme_co cc.raw = nvme_mmio_read_4(ctrlr, cc); csts.raw = nvme_mmio_read_4(ctrlr, csts); - if (!cc.bits.en) { - nvme_printf(ctrlr, "%s called with cc.en = 0\n", __func__); + if (cc.bits.en != desired_val) { + nvme_printf(ctrlr, "%s called with desired_val = %d " + "but cc.en = %d\n", __func__, desired_val, cc.bits.en); return (ENXIO); } ms_waited = 0; - while (!csts.bits.rdy) { + while (csts.bits.rdy != desired_val) { DELAY(1000); if (ms_waited++ > ctrlr->ready_timeout_in_ms) { - nvme_printf(ctrlr, "controller did not become ready " - "within %d ms\n", ctrlr->ready_timeout_in_ms); + nvme_printf(ctrlr, "controller ready did not become %d " + "within %d ms\n", desired_val, ctrlr->ready_timeout_in_ms); return (ENXIO); } csts.raw = nvme_mmio_read_4(ctrlr, csts); @@ -246,11 +247,12 @@ nvme_ctrlr_disable(struct nvme_controlle csts.raw = nvme_mmio_read_4(ctrlr, csts); if (cc.bits.en == 1 && csts.bits.rdy == 0) - nvme_ctrlr_wait_for_ready(ctrlr); + nvme_ctrlr_wait_for_ready(ctrlr, 1); cc.bits.en = 0; nvme_mmio_write_4(ctrlr, cc, cc.raw); DELAY(5000); + nvme_ctrlr_wait_for_ready(ctrlr, 0); } static int @@ -267,7 +269,7 @@ nvme_ctrlr_enable(struct nvme_controller if (csts.bits.rdy == 1) return (0); else - return (nvme_ctrlr_wait_for_ready(ctrlr)); + return (nvme_ctrlr_wait_for_ready(ctrlr, 1)); } nvme_mmio_write_8(ctrlr, asq, ctrlr->adminq.cmd_bus_addr); @@ -295,7 +297,7 @@ nvme_ctrlr_enable(struct nvme_controller nvme_mmio_write_4(ctrlr, cc, cc.raw); DELAY(5000); - return (nvme_ctrlr_wait_for_ready(ctrlr)); + return (nvme_ctrlr_wait_for_ready(ctrlr, 1)); } int From owner-svn-src-releng@freebsd.org Tue Jul 28 12:52:23 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B29649AC4E3; Tue, 28 Jul 2015 12:52:23 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A0E991F0; Tue, 28 Jul 2015 12:52:23 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SCqNod005940; Tue, 28 Jul 2015 12:52:23 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SCqNLZ005939; Tue, 28 Jul 2015 12:52:23 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201507281252.t6SCqNLZ005939@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Tue, 28 Jul 2015 12:52:23 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285953 - releng/10.2/usr.sbin/mfiutil X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 12:52:23 -0000 Author: emaste Date: Tue Jul 28 12:52:22 2015 New Revision: 285953 URL: https://svnweb.freebsd.org/changeset/base/285953 Log: MFS r285950: mfiutil: increase buffer size to accommodate sprintf string PR: 201289 Approved by: re (gjb) Modified: releng/10.2/usr.sbin/mfiutil/mfi_foreign.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/usr.sbin/mfiutil/mfi_foreign.c ============================================================================== --- releng/10.2/usr.sbin/mfiutil/mfi_foreign.c Tue Jul 28 12:46:37 2015 (r285952) +++ releng/10.2/usr.sbin/mfiutil/mfi_foreign.c Tue Jul 28 12:52:22 2015 (r285953) @@ -110,7 +110,7 @@ static int foreign_show_cfg(int fd, uint32_t opcode, uint8_t cfgidx, int diagnostic) { struct mfi_config_data *config; - char prefix[26]; + char prefix[64]; int error; uint8_t mbox[4]; From owner-svn-src-releng@freebsd.org Tue Jul 28 13:11:32 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 638939ACB52; Tue, 28 Jul 2015 13:11:32 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3B8B23BF; Tue, 28 Jul 2015 13:11:32 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SDBWZO014702; Tue, 28 Jul 2015 13:11:32 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SDBWZC014701; Tue, 28 Jul 2015 13:11:32 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201507281311.t6SDBWZC014701@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Tue, 28 Jul 2015 13:11:32 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285956 - releng/10.2/sys/boot/efi/libefi X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 13:11:32 -0000 Author: emaste Date: Tue Jul 28 13:11:31 2015 New Revision: 285956 URL: https://svnweb.freebsd.org/changeset/base/285956 Log: MFS r285951: Avoid creating invalid UEFI device path The UEFI loader on the 10.1 release install disk (disc1) modifies an existing EFI_DEVICE_PATH_PROTOCOL instance in an apparent attempt to truncate the device path. In doing so it creates an invalid device path. Perform the equivalent action without modification of structures allocated by firmware. PR: 197641 Submitted by: Chris Ruffin Approved by: re (gjb) Modified: releng/10.2/sys/boot/efi/libefi/efipart.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/boot/efi/libefi/efipart.c ============================================================================== --- releng/10.2/sys/boot/efi/libefi/efipart.c Tue Jul 28 13:09:16 2015 (r285955) +++ releng/10.2/sys/boot/efi/libefi/efipart.c Tue Jul 28 13:11:31 2015 (r285956) @@ -63,13 +63,14 @@ static int efipart_init(void) { EFI_BLOCK_IO *blkio; - EFI_DEVICE_PATH *devpath, *node; + EFI_DEVICE_PATH *devpath, *devpathcpy, *tmpdevpath, *node; EFI_HANDLE *hin, *hout, *aliases, handle; EFI_STATUS status; UINTN sz; CHAR16 *path; u_int n, nin, nout; int err; + size_t devpathlen; sz = 0; hin = NULL; @@ -98,9 +99,15 @@ efipart_init(void) if (EFI_ERROR(status)) { continue; } + node = devpath; - while (!IsDevicePathEnd(NextDevicePathNode(node))) + devpathlen = DevicePathNodeLength(node); + while (!IsDevicePathEnd(NextDevicePathNode(node))) { node = NextDevicePathNode(node); + devpathlen += DevicePathNodeLength(node); + } + devpathlen += DevicePathNodeLength(NextDevicePathNode(node)); + status = BS->HandleProtocol(hin[n], &blkio_guid, (void**)&blkio); if (EFI_ERROR(status)) @@ -117,10 +124,16 @@ efipart_init(void) */ if (DevicePathType(node) == MEDIA_DEVICE_PATH && DevicePathSubType(node) == MEDIA_CDROM_DP) { - node->Type = END_DEVICE_PATH_TYPE; - node->SubType = END_ENTIRE_DEVICE_PATH_SUBTYPE; - status = BS->LocateDevicePath(&blkio_guid, &devpath, + devpathcpy = malloc(devpathlen); + memcpy(devpathcpy, devpath, devpathlen); + node = devpathcpy; + while (!IsDevicePathEnd(NextDevicePathNode(node))) + node = NextDevicePathNode(node); + SetDevicePathEndNode(node); + tmpdevpath = devpathcpy; + status = BS->LocateDevicePath(&blkio_guid, &tmpdevpath, &handle); + free(devpathcpy); if (EFI_ERROR(status)) continue; hout[nout] = handle; From owner-svn-src-releng@freebsd.org Tue Jul 28 15:05:20 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2FAD79AC278; Tue, 28 Jul 2015 15:05:20 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 206B8F4E; Tue, 28 Jul 2015 15:05:20 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SF5JRV066768; Tue, 28 Jul 2015 15:05:19 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SF5JiS066767; Tue, 28 Jul 2015 15:05:19 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507281505.t6SF5JiS066767@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Tue, 28 Jul 2015 15:05:19 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285962 - releng/10.2/release/doc/en_US.ISO8859-1/relnotes X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 15:05:20 -0000 Author: gjb Date: Tue Jul 28 15:05:19 2015 New Revision: 285962 URL: https://svnweb.freebsd.org/changeset/base/285962 Log: Fix the description for r274486. Submitted by: glebius Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Tue Jul 28 15:03:56 2015 (r285961) +++ releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Tue Jul 28 15:05:19 2015 (r285962) @@ -504,7 +504,7 @@ Network Drivers - The &man.pfil.9; interface default hash + The &man.pf.4; interface default hash has been changed from Jenkins to Murmur3, providing a 3-percent performance increase in packets-per-second. From owner-svn-src-releng@freebsd.org Tue Jul 28 17:00:04 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1AB409AD86E; Tue, 28 Jul 2015 17:00:04 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 0B5E4C63; Tue, 28 Jul 2015 17:00:04 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SH03sS018106; Tue, 28 Jul 2015 17:00:03 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SH03RZ018105; Tue, 28 Jul 2015 17:00:03 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201507281700.t6SH03RZ018105@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Tue, 28 Jul 2015 17:00:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285964 - releng/10.2/sys/kern X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 17:00:04 -0000 Author: kib Date: Tue Jul 28 17:00:03 2015 New Revision: 285964 URL: https://svnweb.freebsd.org/changeset/base/285964 Log: MFC r285134 (by mjg): fd: de-k&r-ify functions + some whitespace fixes MFC r285269: Handle copyout for the fcntl(F_OGETLK) using oflock structure. Approved by: re (gjb) Modified: releng/10.2/sys/kern/kern_descrip.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/kern/kern_descrip.c ============================================================================== --- releng/10.2/sys/kern/kern_descrip.c Tue Jul 28 16:39:36 2015 (r285963) +++ releng/10.2/sys/kern/kern_descrip.c Tue Jul 28 17:00:03 2015 (r285964) @@ -418,9 +418,10 @@ kern_fcntl_freebsd(struct thread *td, in struct flock fl; struct __oflock ofl; intptr_t arg1; - int error; + int error, newcmd; error = 0; + newcmd = cmd; switch (cmd) { case F_OGETLK: case F_OSETLK: @@ -438,31 +439,31 @@ kern_fcntl_freebsd(struct thread *td, in switch (cmd) { case F_OGETLK: - cmd = F_GETLK; - break; + newcmd = F_GETLK; + break; case F_OSETLK: - cmd = F_SETLK; - break; + newcmd = F_SETLK; + break; case F_OSETLKW: - cmd = F_SETLKW; - break; + newcmd = F_SETLKW; + break; } arg1 = (intptr_t)&fl; break; - case F_GETLK: - case F_SETLK: - case F_SETLKW: + case F_GETLK: + case F_SETLK: + case F_SETLKW: case F_SETLK_REMOTE: - error = copyin((void *)(intptr_t)arg, &fl, sizeof(fl)); - arg1 = (intptr_t)&fl; - break; + error = copyin((void *)(intptr_t)arg, &fl, sizeof(fl)); + arg1 = (intptr_t)&fl; + break; default: arg1 = arg; break; } if (error) return (error); - error = kern_fcntl(td, fd, cmd, arg1); + error = kern_fcntl(td, fd, newcmd, arg1); if (error) return (error); if (cmd == F_OGETLK) { @@ -746,7 +747,7 @@ kern_fcntl(struct thread *td, int fd, in if ((flp->l_start > 0 && foffset > OFF_MAX - flp->l_start) || (flp->l_start < 0 && - foffset < OFF_MIN - flp->l_start)) { + foffset < OFF_MIN - flp->l_start)) { FILEDESC_SUNLOCK(fdp); error = EOVERFLOW; fdrop(fp, td); @@ -954,13 +955,13 @@ funsetown(struct sigio **sigiop) struct pgrp *pg = (sigio)->sio_pgrp; PGRP_LOCK(pg); SLIST_REMOVE(&sigio->sio_pgrp->pg_sigiolst, sigio, - sigio, sio_pgsigio); + sigio, sio_pgsigio); PGRP_UNLOCK(pg); } else { struct proc *p = (sigio)->sio_proc; PROC_LOCK(p); SLIST_REMOVE(&sigio->sio_proc->p_sigiolst, sigio, - sigio, sio_pgsigio); + sigio, sio_pgsigio); PROC_UNLOCK(p); } SIGIO_UNLOCK(); @@ -1214,18 +1215,14 @@ struct close_args { #endif /* ARGSUSED */ int -sys_close(td, uap) - struct thread *td; - struct close_args *uap; +sys_close(struct thread *td, struct close_args *uap) { return (kern_close(td, uap->fd)); } int -kern_close(td, fd) - struct thread *td; - int fd; +kern_close(struct thread *td, int fd) { struct filedesc *fdp; struct file *fp; @@ -2312,10 +2309,10 @@ closef(struct file *fp, struct thread *t fdp = td->td_proc->p_fd; FILEDESC_XLOCK(fdp); for (fdtol = fdtol->fdl_next; - fdtol != td->td_proc->p_fdtol; - fdtol = fdtol->fdl_next) { + fdtol != td->td_proc->p_fdtol; + fdtol = fdtol->fdl_next) { if ((fdtol->fdl_leader->p_flag & - P_ADVLOCK) == 0) + P_ADVLOCK) == 0) continue; fdtol->fdl_holdcount++; FILEDESC_XUNLOCK(fdp); @@ -2933,8 +2930,7 @@ filedesc_to_leader_alloc(struct filedesc struct filedesc_to_leader *fdtol; fdtol = malloc(sizeof(struct filedesc_to_leader), - M_FILEDESC_TO_LEADER, - M_WAITOK); + M_FILEDESC_TO_LEADER, M_WAITOK); fdtol->fdl_refcount = 1; fdtol->fdl_holdcount = 0; fdtol->fdl_wakeup = 0; From owner-svn-src-releng@freebsd.org Tue Jul 28 19:59:08 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 32FC39AD2F1; Tue, 28 Jul 2015 19:59:08 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 00808EB9; Tue, 28 Jul 2015 19:59:07 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SJx7D0002632; Tue, 28 Jul 2015 19:59:07 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SJx5Pr002625; Tue, 28 Jul 2015 19:59:05 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201507281959.t6SJx5Pr002625@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Tue, 28 Jul 2015 19:59:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285978 - in releng/10.2: crypto/openssh sys/netinet usr.bin/patch X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 19:59:08 -0000 Author: delphij Date: Tue Jul 28 19:59:04 2015 New Revision: 285978 URL: https://svnweb.freebsd.org/changeset/base/285978 Log: Fix patch(1) shell injection vulnerability. [SA-15:14] Fix resource exhaustion in TCP reassembly. [SA-15:15] Fix OpenSSH multiple vulnerabilities. [SA-15:16] Approved by: re (so blanket) Modified: releng/10.2/crypto/openssh/auth2-chall.c releng/10.2/crypto/openssh/sshconnect.c releng/10.2/sys/netinet/tcp_reass.c releng/10.2/sys/netinet/tcp_subr.c releng/10.2/sys/netinet/tcp_var.h releng/10.2/usr.bin/patch/common.h releng/10.2/usr.bin/patch/inp.c Modified: releng/10.2/crypto/openssh/auth2-chall.c ============================================================================== --- releng/10.2/crypto/openssh/auth2-chall.c Tue Jul 28 19:58:54 2015 (r285977) +++ releng/10.2/crypto/openssh/auth2-chall.c Tue Jul 28 19:59:04 2015 (r285978) @@ -82,6 +82,7 @@ struct KbdintAuthctxt void *ctxt; KbdintDevice *device; u_int nreq; + u_int devices_done; }; #ifdef USE_PAM @@ -168,11 +169,15 @@ kbdint_next_device(Authctxt *authctxt, K if (len == 0) break; for (i = 0; devices[i]; i++) { - if (!auth2_method_allowed(authctxt, + if ((kbdintctxt->devices_done & (1 << i)) != 0 || + !auth2_method_allowed(authctxt, "keyboard-interactive", devices[i]->name)) continue; - if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) + if (strncmp(kbdintctxt->devices, devices[i]->name, + len) == 0) { kbdintctxt->device = devices[i]; + kbdintctxt->devices_done |= 1 << i; + } } t = kbdintctxt->devices; kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; Modified: releng/10.2/crypto/openssh/sshconnect.c ============================================================================== --- releng/10.2/crypto/openssh/sshconnect.c Tue Jul 28 19:58:54 2015 (r285977) +++ releng/10.2/crypto/openssh/sshconnect.c Tue Jul 28 19:59:04 2015 (r285978) @@ -1246,29 +1246,39 @@ verify_host_key(char *host, struct socka { int flags = 0; char *fp; + Key *plain = NULL; fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); debug("Server host key: %s %s", key_type(host_key), fp); free(fp); - /* XXX certs are not yet supported for DNS */ - if (!key_is_cert(host_key) && options.verify_host_key_dns && - verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) { - if (flags & DNS_VERIFY_FOUND) { - - if (options.verify_host_key_dns == 1 && - flags & DNS_VERIFY_MATCH && - flags & DNS_VERIFY_SECURE) - return 0; - - if (flags & DNS_VERIFY_MATCH) { - matching_host_key_dns = 1; - } else { - warn_changed_key(host_key); - error("Update the SSHFP RR in DNS with the new " - "host key to get rid of this message."); + if (options.verify_host_key_dns) { + /* + * XXX certs are not yet supported for DNS, so downgrade + * them and try the plain key. + */ + plain = key_from_private(host_key); + if (key_is_cert(plain)) + key_drop_cert(plain); + if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { + if (flags & DNS_VERIFY_FOUND) { + if (options.verify_host_key_dns == 1 && + flags & DNS_VERIFY_MATCH && + flags & DNS_VERIFY_SECURE) { + key_free(plain); + return 0; + } + if (flags & DNS_VERIFY_MATCH) { + matching_host_key_dns = 1; + } else { + warn_changed_key(plain); + error("Update the SSHFP RR in DNS " + "with the new host key to get rid " + "of this message."); + } } } + key_free(plain); } return check_host_key(host, hostaddr, options.port, host_key, RDRW, Modified: releng/10.2/sys/netinet/tcp_reass.c ============================================================================== --- releng/10.2/sys/netinet/tcp_reass.c Tue Jul 28 19:58:54 2015 (r285977) +++ releng/10.2/sys/netinet/tcp_reass.c Tue Jul 28 19:59:04 2015 (r285978) @@ -79,25 +79,22 @@ static int tcp_reass_sysctl_qsize(SYSCTL static SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0, "TCP Segment Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_maxseg) = 0; -#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg) -SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, - &VNET_NAME(tcp_reass_maxseg), 0, +static int tcp_reass_maxseg = 0; +SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, + &tcp_reass_maxseg, 0, "Global maximum number of TCP Segments in Reassembly Queue"); -SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, +SYSCTL_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, (CTLTYPE_INT | CTLFLAG_RD), NULL, 0, &tcp_reass_sysctl_qsize, "I", "Global number of TCP Segments currently in Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_overflows) = 0; -#define V_tcp_reass_overflows VNET(tcp_reass_overflows) -SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows, +static int tcp_reass_overflows = 0; +SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLFLAG_RD, - &VNET_NAME(tcp_reass_overflows), 0, + &tcp_reass_overflows, 0, "Global number of TCP Segment Reassembly Queue Overflows"); -static VNET_DEFINE(uma_zone_t, tcp_reass_zone); -#define V_tcp_reass_zone VNET(tcp_reass_zone) +static uma_zone_t tcp_reass_zone; /* Initialize TCP reassembly queue */ static void @@ -105,36 +102,27 @@ tcp_reass_zone_change(void *tag) { /* Set the zone limit and read back the effective value. */ - V_tcp_reass_maxseg = nmbclusters / 16; - V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone, - V_tcp_reass_maxseg); + tcp_reass_maxseg = nmbclusters / 16; + tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone, + tcp_reass_maxseg); } void -tcp_reass_init(void) +tcp_reass_global_init(void) { - V_tcp_reass_maxseg = nmbclusters / 16; + tcp_reass_maxseg = nmbclusters / 16; TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments", - &V_tcp_reass_maxseg); - V_tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), + &tcp_reass_maxseg); + tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); /* Set the zone limit and read back the effective value. */ - V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone, - V_tcp_reass_maxseg); + tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone, + tcp_reass_maxseg); EVENTHANDLER_REGISTER(nmbclusters_change, tcp_reass_zone_change, NULL, EVENTHANDLER_PRI_ANY); } -#ifdef VIMAGE -void -tcp_reass_destroy(void) -{ - - uma_zdestroy(V_tcp_reass_zone); -} -#endif - void tcp_reass_flush(struct tcpcb *tp) { @@ -145,7 +133,7 @@ tcp_reass_flush(struct tcpcb *tp) while ((qe = LIST_FIRST(&tp->t_segq)) != NULL) { LIST_REMOVE(qe, tqe_q); m_freem(qe->tqe_m); - uma_zfree(V_tcp_reass_zone, qe); + uma_zfree(tcp_reass_zone, qe); tp->t_segqlen--; } @@ -159,7 +147,7 @@ tcp_reass_sysctl_qsize(SYSCTL_HANDLER_AR { int qsize; - qsize = uma_zone_get_cur(V_tcp_reass_zone); + qsize = uma_zone_get_cur(tcp_reass_zone); return (sysctl_handle_int(oidp, &qsize, 0, req)); } @@ -207,7 +195,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd */ if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) && tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) { - V_tcp_reass_overflows++; + tcp_reass_overflows++; TCPSTAT_INC(tcps_rcvmemdrop); m_freem(m); *tlenp = 0; @@ -226,7 +214,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd * Use a temporary structure on the stack for the missing segment * when the zone is exhausted. Otherwise we may get stuck. */ - te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT); + te = uma_zalloc(tcp_reass_zone, M_NOWAIT); if (te == NULL) { if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) { TCPSTAT_INC(tcps_rcvmemdrop); @@ -277,7 +265,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp); m_freem(m); if (te != &tqs) - uma_zfree(V_tcp_reass_zone, te); + uma_zfree(tcp_reass_zone, te); tp->t_segqlen--; /* * Try to present any queued data @@ -314,7 +302,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd nq = LIST_NEXT(q, tqe_q); LIST_REMOVE(q, tqe_q); m_freem(q->tqe_m); - uma_zfree(V_tcp_reass_zone, q); + uma_zfree(tcp_reass_zone, q); tp->t_segqlen--; q = nq; } @@ -353,7 +341,7 @@ present: else sbappendstream_locked(&so->so_rcv, q->tqe_m); if (q != &tqs) - uma_zfree(V_tcp_reass_zone, q); + uma_zfree(tcp_reass_zone, q); tp->t_segqlen--; q = nq; } while (q && q->tqe_th->th_seq == tp->rcv_nxt); Modified: releng/10.2/sys/netinet/tcp_subr.c ============================================================================== --- releng/10.2/sys/netinet/tcp_subr.c Tue Jul 28 19:58:54 2015 (r285977) +++ releng/10.2/sys/netinet/tcp_subr.c Tue Jul 28 19:59:04 2015 (r285978) @@ -376,7 +376,6 @@ tcp_init(void) tcp_tw_init(); syncache_init(); tcp_hc_init(); - tcp_reass_init(); TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack); V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole), @@ -386,6 +385,8 @@ tcp_init(void) if (!IS_DEFAULT_VNET(curvnet)) return; + tcp_reass_global_init(); + /* XXX virtualize those bellow? */ tcp_delacktime = TCPTV_DELACK; tcp_keepinit = TCPTV_KEEP_INIT; @@ -433,7 +434,6 @@ void tcp_destroy(void) { - tcp_reass_destroy(); tcp_hc_destroy(); syncache_destroy(); tcp_tw_destroy(); Modified: releng/10.2/sys/netinet/tcp_var.h ============================================================================== --- releng/10.2/sys/netinet/tcp_var.h Tue Jul 28 19:58:54 2015 (r285977) +++ releng/10.2/sys/netinet/tcp_var.h Tue Jul 28 19:59:04 2015 (r285978) @@ -679,11 +679,8 @@ char *tcp_log_addrs(struct in_conninfo * char *tcp_log_vain(struct in_conninfo *, struct tcphdr *, void *, const void *); int tcp_reass(struct tcpcb *, struct tcphdr *, int *, struct mbuf *); -void tcp_reass_init(void); +void tcp_reass_global_init(void); void tcp_reass_flush(struct tcpcb *); -#ifdef VIMAGE -void tcp_reass_destroy(void); -#endif void tcp_input(struct mbuf *, int); u_long tcp_maxmtu(struct in_conninfo *, struct tcp_ifcap *); u_long tcp_maxmtu6(struct in_conninfo *, struct tcp_ifcap *); Modified: releng/10.2/usr.bin/patch/common.h ============================================================================== --- releng/10.2/usr.bin/patch/common.h Tue Jul 28 19:58:54 2015 (r285977) +++ releng/10.2/usr.bin/patch/common.h Tue Jul 28 19:59:04 2015 (r285978) @@ -43,12 +43,10 @@ #define LINENUM_MAX LONG_MAX #define SCCSPREFIX "s." -#define GET "get -e %s" -#define SCCSDIFF "get -p %s | diff - %s >/dev/null" #define RCSSUFFIX ",v" -#define CHECKOUT "co -l %s" -#define RCSDIFF "rcsdiff %s > /dev/null" +#define CHECKOUT "/usr/bin/co" +#define RCSDIFF "/usr/bin/rcsdiff" #define ORIGEXT ".orig" #define REJEXT ".rej" Modified: releng/10.2/usr.bin/patch/inp.c ============================================================================== --- releng/10.2/usr.bin/patch/inp.c Tue Jul 28 19:58:54 2015 (r285977) +++ releng/10.2/usr.bin/patch/inp.c Tue Jul 28 19:59:04 2015 (r285978) @@ -31,8 +31,10 @@ #include #include #include +#include #include +#include #include #include #include @@ -132,12 +134,14 @@ reallocate_lines(size_t *lines_allocated static bool plan_a(const char *filename) { - int ifd, statfailed; + int ifd, statfailed, devnull, pstat; char *p, *s, lbuf[INITLINELEN]; struct stat filestat; ptrdiff_t sz; size_t i; size_t iline, lines_allocated; + pid_t pid; + char *argp[4] = {NULL}; #ifdef DEBUGGING if (debug & 8) @@ -165,13 +169,14 @@ plan_a(const char *filename) } if (statfailed && check_only) fatal("%s not found, -C mode, can't probe further\n", filename); - /* For nonexistent or read-only files, look for RCS or SCCS versions. */ + /* For nonexistent or read-only files, look for RCS versions. */ + if (statfailed || /* No one can write to it. */ (filestat.st_mode & 0222) == 0 || /* I can't write to it. */ ((filestat.st_mode & 0022) == 0 && filestat.st_uid != getuid())) { - const char *cs = NULL, *filebase, *filedir; + char *filebase, *filedir; struct stat cstat; char *tmp_filename1, *tmp_filename2; @@ -179,43 +184,26 @@ plan_a(const char *filename) tmp_filename2 = strdup(filename); if (tmp_filename1 == NULL || tmp_filename2 == NULL) fatal("strdupping filename"); + filebase = basename(tmp_filename1); filedir = dirname(tmp_filename2); - /* Leave room in lbuf for the diff command. */ - s = lbuf + 20; - #define try(f, a1, a2, a3) \ - (snprintf(s, buf_size - 20, f, a1, a2, a3), stat(s, &cstat) == 0) - - if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) || - try("%s/RCS/%s%s", filedir, filebase, "") || - try("%s/%s%s", filedir, filebase, RCSSUFFIX)) { - snprintf(buf, buf_size, CHECKOUT, filename); - snprintf(lbuf, sizeof lbuf, RCSDIFF, filename); - cs = "RCS"; - } else if (try("%s/SCCS/%s%s", filedir, SCCSPREFIX, filebase) || - try("%s/%s%s", filedir, SCCSPREFIX, filebase)) { - snprintf(buf, buf_size, GET, s); - snprintf(lbuf, sizeof lbuf, SCCSDIFF, s, filename); - cs = "SCCS"; - } else if (statfailed) - fatal("can't find %s\n", filename); - - free(tmp_filename1); - free(tmp_filename2); + (snprintf(lbuf, sizeof(lbuf), f, a1, a2, a3), stat(lbuf, &cstat) == 0) /* * else we can't write to it but it's not under a version * control system, so just proceed. */ - if (cs) { + if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) || + try("%s/RCS/%s%s", filedir, filebase, "") || + try("%s/%s%s", filedir, filebase, RCSSUFFIX)) { if (!statfailed) { if ((filestat.st_mode & 0222) != 0) /* The owner can write to it. */ fatal("file %s seems to be locked " - "by somebody else under %s\n", - filename, cs); + "by somebody else under RCS\n", + filename); /* * It might be checked out unlocked. See if * it's safe to check out the default version @@ -223,21 +211,59 @@ plan_a(const char *filename) */ if (verbose) say("Comparing file %s to default " - "%s version...\n", - filename, cs); - if (system(lbuf)) + "RCS version...\n", filename); + + switch (pid = fork()) { + case -1: + fatal("can't fork: %s\n", + strerror(errno)); + case 0: + devnull = open("/dev/null", O_RDONLY); + if (devnull == -1) { + fatal("can't open /dev/null: %s", + strerror(errno)); + } + (void)dup2(devnull, STDOUT_FILENO); + argp[0] = strdup(RCSDIFF); + argp[1] = strdup(filename); + execv(RCSDIFF, argp); + exit(127); + } + pid = waitpid(pid, &pstat, 0); + if (pid == -1 || WEXITSTATUS(pstat) != 0) { fatal("can't check out file %s: " - "differs from default %s version\n", - filename, cs); + "differs from default RCS version\n", + filename); + } } + if (verbose) - say("Checking out file %s from %s...\n", - filename, cs); - if (system(buf) || stat(filename, &filestat)) - fatal("can't check out file %s from %s\n", - filename, cs); + say("Checking out file %s from RCS...\n", + filename); + + switch (pid = fork()) { + case -1: + fatal("can't fork: %s\n", strerror(errno)); + case 0: + argp[0] = strdup(CHECKOUT); + argp[1] = strdup("-l"); + argp[2] = strdup(filename); + execv(CHECKOUT, argp); + exit(127); + } + pid = waitpid(pid, &pstat, 0); + if (pid == -1 || WEXITSTATUS(pstat) != 0 || + stat(filename, &filestat)) { + fatal("can't check out file %s from RCS\n", + filename); + } + } else if (statfailed) { + fatal("can't find %s\n", filename); } + free(tmp_filename1); + free(tmp_filename2); } + filemode = filestat.st_mode; if (!S_ISREG(filemode)) fatal("%s is not a normal file--can't patch\n", filename); From owner-svn-src-releng@freebsd.org Tue Jul 28 19:59:16 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3AEB49AD32B; Tue, 28 Jul 2015 19:59:16 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CA6A51049; Tue, 28 Jul 2015 19:59:15 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SJxFUp002689; Tue, 28 Jul 2015 19:59:15 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SJxCLx002679; Tue, 28 Jul 2015 19:59:12 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201507281959.t6SJxCLx002679@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Tue, 28 Jul 2015 19:59:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285979 - in releng/10.1: . crypto/openssh sys/netinet usr.bin/patch X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 19:59:16 -0000 Author: delphij Date: Tue Jul 28 19:59:11 2015 New Revision: 285979 URL: https://svnweb.freebsd.org/changeset/base/285979 Log: Fix patch(1) shell injection vulnerability. [SA-15:14] Fix resource exhaustion in TCP reassembly. [SA-15:15] Fix OpenSSH multiple vulnerabilities. [SA-15:16] Approved by: so Modified: releng/10.1/UPDATING releng/10.1/crypto/openssh/auth2-chall.c releng/10.1/crypto/openssh/sshconnect.c releng/10.1/sys/netinet/tcp_reass.c releng/10.1/sys/netinet/tcp_subr.c releng/10.1/sys/netinet/tcp_var.h releng/10.1/usr.bin/patch/common.h releng/10.1/usr.bin/patch/inp.c Modified: releng/10.1/UPDATING ============================================================================== --- releng/10.1/UPDATING Tue Jul 28 19:59:04 2015 (r285978) +++ releng/10.1/UPDATING Tue Jul 28 19:59:11 2015 (r285979) @@ -16,6 +16,16 @@ from older versions of FreeBSD, try WITH stable/10, and then rebuild without this option. The bootstrap process from older version of current is a bit fragile. +20150728: p16 FreeBSD-SA-15:14.bsdpatch + FreeBSD-SA-15:15.tcp + FreeBSD-SA-15:16.openssh + + Fix patch(1) shell injection vulnerability. [SA-15:14] + + Fix resource exhaustion in TCP reassembly. [SA-15:15] + + Fix OpenSSH multiple vulnerabilities. [SA-15:16] + 20150721: p15 FreeBSD-SA-15:13.tcp Fix resource exhaustion due to sessions stuck in LAST_ACK state. Modified: releng/10.1/crypto/openssh/auth2-chall.c ============================================================================== --- releng/10.1/crypto/openssh/auth2-chall.c Tue Jul 28 19:59:04 2015 (r285978) +++ releng/10.1/crypto/openssh/auth2-chall.c Tue Jul 28 19:59:11 2015 (r285979) @@ -82,6 +82,7 @@ struct KbdintAuthctxt void *ctxt; KbdintDevice *device; u_int nreq; + u_int devices_done; }; #ifdef USE_PAM @@ -168,11 +169,15 @@ kbdint_next_device(Authctxt *authctxt, K if (len == 0) break; for (i = 0; devices[i]; i++) { - if (!auth2_method_allowed(authctxt, + if ((kbdintctxt->devices_done & (1 << i)) != 0 || + !auth2_method_allowed(authctxt, "keyboard-interactive", devices[i]->name)) continue; - if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) + if (strncmp(kbdintctxt->devices, devices[i]->name, + len) == 0) { kbdintctxt->device = devices[i]; + kbdintctxt->devices_done |= 1 << i; + } } t = kbdintctxt->devices; kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; Modified: releng/10.1/crypto/openssh/sshconnect.c ============================================================================== --- releng/10.1/crypto/openssh/sshconnect.c Tue Jul 28 19:59:04 2015 (r285978) +++ releng/10.1/crypto/openssh/sshconnect.c Tue Jul 28 19:59:11 2015 (r285979) @@ -1246,29 +1246,39 @@ verify_host_key(char *host, struct socka { int flags = 0; char *fp; + Key *plain = NULL; fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); debug("Server host key: %s %s", key_type(host_key), fp); free(fp); - /* XXX certs are not yet supported for DNS */ - if (!key_is_cert(host_key) && options.verify_host_key_dns && - verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) { - if (flags & DNS_VERIFY_FOUND) { - - if (options.verify_host_key_dns == 1 && - flags & DNS_VERIFY_MATCH && - flags & DNS_VERIFY_SECURE) - return 0; - - if (flags & DNS_VERIFY_MATCH) { - matching_host_key_dns = 1; - } else { - warn_changed_key(host_key); - error("Update the SSHFP RR in DNS with the new " - "host key to get rid of this message."); + if (options.verify_host_key_dns) { + /* + * XXX certs are not yet supported for DNS, so downgrade + * them and try the plain key. + */ + plain = key_from_private(host_key); + if (key_is_cert(plain)) + key_drop_cert(plain); + if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { + if (flags & DNS_VERIFY_FOUND) { + if (options.verify_host_key_dns == 1 && + flags & DNS_VERIFY_MATCH && + flags & DNS_VERIFY_SECURE) { + key_free(plain); + return 0; + } + if (flags & DNS_VERIFY_MATCH) { + matching_host_key_dns = 1; + } else { + warn_changed_key(plain); + error("Update the SSHFP RR in DNS " + "with the new host key to get rid " + "of this message."); + } } } + key_free(plain); } return check_host_key(host, hostaddr, options.port, host_key, RDRW, Modified: releng/10.1/sys/netinet/tcp_reass.c ============================================================================== --- releng/10.1/sys/netinet/tcp_reass.c Tue Jul 28 19:59:04 2015 (r285978) +++ releng/10.1/sys/netinet/tcp_reass.c Tue Jul 28 19:59:11 2015 (r285979) @@ -79,25 +79,22 @@ static int tcp_reass_sysctl_qsize(SYSCTL static SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0, "TCP Segment Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_maxseg) = 0; -#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg) -SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, - &VNET_NAME(tcp_reass_maxseg), 0, +static int tcp_reass_maxseg = 0; +SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, + &tcp_reass_maxseg, 0, "Global maximum number of TCP Segments in Reassembly Queue"); -SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, +SYSCTL_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, (CTLTYPE_INT | CTLFLAG_RD), NULL, 0, &tcp_reass_sysctl_qsize, "I", "Global number of TCP Segments currently in Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_overflows) = 0; -#define V_tcp_reass_overflows VNET(tcp_reass_overflows) -SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows, +static int tcp_reass_overflows = 0; +SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLTYPE_INT | CTLFLAG_RD, - &VNET_NAME(tcp_reass_overflows), 0, + &tcp_reass_overflows, 0, "Global number of TCP Segment Reassembly Queue Overflows"); -static VNET_DEFINE(uma_zone_t, tcp_reass_zone); -#define V_tcp_reass_zone VNET(tcp_reass_zone) +static uma_zone_t tcp_reass_zone; /* Initialize TCP reassembly queue */ static void @@ -105,36 +102,27 @@ tcp_reass_zone_change(void *tag) { /* Set the zone limit and read back the effective value. */ - V_tcp_reass_maxseg = nmbclusters / 16; - V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone, - V_tcp_reass_maxseg); + tcp_reass_maxseg = nmbclusters / 16; + tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone, + tcp_reass_maxseg); } void -tcp_reass_init(void) +tcp_reass_global_init(void) { - V_tcp_reass_maxseg = nmbclusters / 16; + tcp_reass_maxseg = nmbclusters / 16; TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments", - &V_tcp_reass_maxseg); - V_tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), + &tcp_reass_maxseg); + tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); /* Set the zone limit and read back the effective value. */ - V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone, - V_tcp_reass_maxseg); + tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone, + tcp_reass_maxseg); EVENTHANDLER_REGISTER(nmbclusters_change, tcp_reass_zone_change, NULL, EVENTHANDLER_PRI_ANY); } -#ifdef VIMAGE -void -tcp_reass_destroy(void) -{ - - uma_zdestroy(V_tcp_reass_zone); -} -#endif - void tcp_reass_flush(struct tcpcb *tp) { @@ -145,7 +133,7 @@ tcp_reass_flush(struct tcpcb *tp) while ((qe = LIST_FIRST(&tp->t_segq)) != NULL) { LIST_REMOVE(qe, tqe_q); m_freem(qe->tqe_m); - uma_zfree(V_tcp_reass_zone, qe); + uma_zfree(tcp_reass_zone, qe); tp->t_segqlen--; } @@ -159,7 +147,7 @@ tcp_reass_sysctl_qsize(SYSCTL_HANDLER_AR { int qsize; - qsize = uma_zone_get_cur(V_tcp_reass_zone); + qsize = uma_zone_get_cur(tcp_reass_zone); return (sysctl_handle_int(oidp, &qsize, 0, req)); } @@ -207,7 +195,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd */ if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) && tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) { - V_tcp_reass_overflows++; + tcp_reass_overflows++; TCPSTAT_INC(tcps_rcvmemdrop); m_freem(m); *tlenp = 0; @@ -226,7 +214,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd * Use a temporary structure on the stack for the missing segment * when the zone is exhausted. Otherwise we may get stuck. */ - te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT); + te = uma_zalloc(tcp_reass_zone, M_NOWAIT); if (te == NULL) { if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) { TCPSTAT_INC(tcps_rcvmemdrop); @@ -277,7 +265,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp); m_freem(m); if (te != &tqs) - uma_zfree(V_tcp_reass_zone, te); + uma_zfree(tcp_reass_zone, te); tp->t_segqlen--; /* * Try to present any queued data @@ -314,7 +302,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd nq = LIST_NEXT(q, tqe_q); LIST_REMOVE(q, tqe_q); m_freem(q->tqe_m); - uma_zfree(V_tcp_reass_zone, q); + uma_zfree(tcp_reass_zone, q); tp->t_segqlen--; q = nq; } @@ -353,7 +341,7 @@ present: else sbappendstream_locked(&so->so_rcv, q->tqe_m); if (q != &tqs) - uma_zfree(V_tcp_reass_zone, q); + uma_zfree(tcp_reass_zone, q); tp->t_segqlen--; q = nq; } while (q && q->tqe_th->th_seq == tp->rcv_nxt); Modified: releng/10.1/sys/netinet/tcp_subr.c ============================================================================== --- releng/10.1/sys/netinet/tcp_subr.c Tue Jul 28 19:59:04 2015 (r285978) +++ releng/10.1/sys/netinet/tcp_subr.c Tue Jul 28 19:59:11 2015 (r285979) @@ -375,7 +375,6 @@ tcp_init(void) tcp_tw_init(); syncache_init(); tcp_hc_init(); - tcp_reass_init(); TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack); V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole), @@ -385,6 +384,8 @@ tcp_init(void) if (!IS_DEFAULT_VNET(curvnet)) return; + tcp_reass_global_init(); + /* XXX virtualize those bellow? */ tcp_delacktime = TCPTV_DELACK; tcp_keepinit = TCPTV_KEEP_INIT; @@ -432,7 +433,6 @@ void tcp_destroy(void) { - tcp_reass_destroy(); tcp_hc_destroy(); syncache_destroy(); tcp_tw_destroy(); Modified: releng/10.1/sys/netinet/tcp_var.h ============================================================================== --- releng/10.1/sys/netinet/tcp_var.h Tue Jul 28 19:59:04 2015 (r285978) +++ releng/10.1/sys/netinet/tcp_var.h Tue Jul 28 19:59:11 2015 (r285979) @@ -666,11 +666,8 @@ char *tcp_log_addrs(struct in_conninfo * char *tcp_log_vain(struct in_conninfo *, struct tcphdr *, void *, const void *); int tcp_reass(struct tcpcb *, struct tcphdr *, int *, struct mbuf *); -void tcp_reass_init(void); +void tcp_reass_global_init(void); void tcp_reass_flush(struct tcpcb *); -#ifdef VIMAGE -void tcp_reass_destroy(void); -#endif void tcp_input(struct mbuf *, int); u_long tcp_maxmtu(struct in_conninfo *, struct tcp_ifcap *); u_long tcp_maxmtu6(struct in_conninfo *, struct tcp_ifcap *); Modified: releng/10.1/usr.bin/patch/common.h ============================================================================== --- releng/10.1/usr.bin/patch/common.h Tue Jul 28 19:59:04 2015 (r285978) +++ releng/10.1/usr.bin/patch/common.h Tue Jul 28 19:59:11 2015 (r285979) @@ -42,12 +42,10 @@ #define BUFFERSIZE 4096 #define SCCSPREFIX "s." -#define GET "get -e %s" -#define SCCSDIFF "get -p %s | diff - %s >/dev/null" #define RCSSUFFIX ",v" -#define CHECKOUT "co -l %s" -#define RCSDIFF "rcsdiff %s > /dev/null" +#define CHECKOUT "/usr/bin/co" +#define RCSDIFF "/usr/bin/rcsdiff" #define ORIGEXT ".orig" #define REJEXT ".rej" Modified: releng/10.1/usr.bin/patch/inp.c ============================================================================== --- releng/10.1/usr.bin/patch/inp.c Tue Jul 28 19:59:04 2015 (r285978) +++ releng/10.1/usr.bin/patch/inp.c Tue Jul 28 19:59:11 2015 (r285979) @@ -31,8 +31,10 @@ #include #include #include +#include #include +#include #include #include #include @@ -132,12 +134,14 @@ reallocate_lines(size_t *lines_allocated static bool plan_a(const char *filename) { - int ifd, statfailed; + int ifd, statfailed, devnull, pstat; char *p, *s, lbuf[INITLINELEN]; struct stat filestat; ptrdiff_t sz; size_t i; size_t iline, lines_allocated; + pid_t pid; + char *argp[4] = {NULL}; #ifdef DEBUGGING if (debug & 8) @@ -165,13 +169,14 @@ plan_a(const char *filename) } if (statfailed && check_only) fatal("%s not found, -C mode, can't probe further\n", filename); - /* For nonexistent or read-only files, look for RCS or SCCS versions. */ + /* For nonexistent or read-only files, look for RCS versions. */ + if (statfailed || /* No one can write to it. */ (filestat.st_mode & 0222) == 0 || /* I can't write to it. */ ((filestat.st_mode & 0022) == 0 && filestat.st_uid != getuid())) { - const char *cs = NULL, *filebase, *filedir; + char *filebase, *filedir; struct stat cstat; char *tmp_filename1, *tmp_filename2; @@ -179,43 +184,26 @@ plan_a(const char *filename) tmp_filename2 = strdup(filename); if (tmp_filename1 == NULL || tmp_filename2 == NULL) fatal("strdupping filename"); + filebase = basename(tmp_filename1); filedir = dirname(tmp_filename2); - /* Leave room in lbuf for the diff command. */ - s = lbuf + 20; - #define try(f, a1, a2, a3) \ - (snprintf(s, buf_size - 20, f, a1, a2, a3), stat(s, &cstat) == 0) - - if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) || - try("%s/RCS/%s%s", filedir, filebase, "") || - try("%s/%s%s", filedir, filebase, RCSSUFFIX)) { - snprintf(buf, buf_size, CHECKOUT, filename); - snprintf(lbuf, sizeof lbuf, RCSDIFF, filename); - cs = "RCS"; - } else if (try("%s/SCCS/%s%s", filedir, SCCSPREFIX, filebase) || - try("%s/%s%s", filedir, SCCSPREFIX, filebase)) { - snprintf(buf, buf_size, GET, s); - snprintf(lbuf, sizeof lbuf, SCCSDIFF, s, filename); - cs = "SCCS"; - } else if (statfailed) - fatal("can't find %s\n", filename); - - free(tmp_filename1); - free(tmp_filename2); + (snprintf(lbuf, sizeof(lbuf), f, a1, a2, a3), stat(lbuf, &cstat) == 0) /* * else we can't write to it but it's not under a version * control system, so just proceed. */ - if (cs) { + if (try("%s/RCS/%s%s", filedir, filebase, RCSSUFFIX) || + try("%s/RCS/%s%s", filedir, filebase, "") || + try("%s/%s%s", filedir, filebase, RCSSUFFIX)) { if (!statfailed) { if ((filestat.st_mode & 0222) != 0) /* The owner can write to it. */ fatal("file %s seems to be locked " - "by somebody else under %s\n", - filename, cs); + "by somebody else under RCS\n", + filename); /* * It might be checked out unlocked. See if * it's safe to check out the default version @@ -223,21 +211,59 @@ plan_a(const char *filename) */ if (verbose) say("Comparing file %s to default " - "%s version...\n", - filename, cs); - if (system(lbuf)) + "RCS version...\n", filename); + + switch (pid = fork()) { + case -1: + fatal("can't fork: %s\n", + strerror(errno)); + case 0: + devnull = open("/dev/null", O_RDONLY); + if (devnull == -1) { + fatal("can't open /dev/null: %s", + strerror(errno)); + } + (void)dup2(devnull, STDOUT_FILENO); + argp[0] = strdup(RCSDIFF); + argp[1] = strdup(filename); + execv(RCSDIFF, argp); + exit(127); + } + pid = waitpid(pid, &pstat, 0); + if (pid == -1 || WEXITSTATUS(pstat) != 0) { fatal("can't check out file %s: " - "differs from default %s version\n", - filename, cs); + "differs from default RCS version\n", + filename); + } } + if (verbose) - say("Checking out file %s from %s...\n", - filename, cs); - if (system(buf) || stat(filename, &filestat)) - fatal("can't check out file %s from %s\n", - filename, cs); + say("Checking out file %s from RCS...\n", + filename); + + switch (pid = fork()) { + case -1: + fatal("can't fork: %s\n", strerror(errno)); + case 0: + argp[0] = strdup(CHECKOUT); + argp[1] = strdup("-l"); + argp[2] = strdup(filename); + execv(CHECKOUT, argp); + exit(127); + } + pid = waitpid(pid, &pstat, 0); + if (pid == -1 || WEXITSTATUS(pstat) != 0 || + stat(filename, &filestat)) { + fatal("can't check out file %s from RCS\n", + filename); + } + } else if (statfailed) { + fatal("can't find %s\n", filename); } + free(tmp_filename1); + free(tmp_filename2); } + filemode = filestat.st_mode; if (!S_ISREG(filemode)) fatal("%s is not a normal file--can't patch\n", filename); From owner-svn-src-releng@freebsd.org Tue Jul 28 19:59:29 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 42EEF9AD364; Tue, 28 Jul 2015 19:59:29 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2538811BB; Tue, 28 Jul 2015 19:59:29 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SJxTPi002756; Tue, 28 Jul 2015 19:59:29 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SJxNAJ002737; Tue, 28 Jul 2015 19:59:23 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201507281959.t6SJxNAJ002737@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Tue, 28 Jul 2015 19:59:23 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285980 - in releng: 8.4 8.4/contrib/bind9/lib/dns 8.4/crypto/openssh 8.4/sys/conf 8.4/sys/netinet 9.3 9.3/contrib/bind9/lib/dns 9.3/crypto/openssh 9.3/sys/conf 9.3/sys/netinet X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 19:59:29 -0000 Author: delphij Date: Tue Jul 28 19:59:22 2015 New Revision: 285980 URL: https://svnweb.freebsd.org/changeset/base/285980 Log: Fix resource exhaustion in TCP reassembly. [SA-15:15] Fix OpenSSH multiple vulnerabilities. [SA-15:16] Fix BIND remote denial of service vulnerability. [SA-15:17] Approved by: so Modified: releng/8.4/UPDATING releng/8.4/contrib/bind9/lib/dns/tkey.c releng/8.4/crypto/openssh/auth2-chall.c releng/8.4/crypto/openssh/sshconnect.c releng/8.4/sys/conf/newvers.sh releng/8.4/sys/netinet/tcp_reass.c releng/8.4/sys/netinet/tcp_subr.c releng/8.4/sys/netinet/tcp_var.h releng/9.3/UPDATING releng/9.3/contrib/bind9/lib/dns/tkey.c releng/9.3/crypto/openssh/auth2-chall.c releng/9.3/crypto/openssh/sshconnect.c releng/9.3/sys/conf/newvers.sh releng/9.3/sys/netinet/tcp_reass.c releng/9.3/sys/netinet/tcp_subr.c releng/9.3/sys/netinet/tcp_var.h Modified: releng/8.4/UPDATING ============================================================================== --- releng/8.4/UPDATING Tue Jul 28 19:59:11 2015 (r285979) +++ releng/8.4/UPDATING Tue Jul 28 19:59:22 2015 (r285980) @@ -15,6 +15,16 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. debugging tools present in HEAD were left in place because sun4v support still needs work to become production ready. +20150728: p35 FreeBSD-SA-15:15.tcp + FreeBSD-SA-15:16.openssh + FreeBSD-SA-15:17.bind + + Fix resource exhaustion in TCP reassembly. [SA-15:15] + + Fix OpenSSH multiple vulnerabilities. [SA-15:16] + + Fix BIND remote denial of service vulnerability. [SA-15:17] + 20150721: p34 FreeBSD-SA-15:13.tcp Fix resource exhaustion due to sessions stuck in LAST_ACK state. Modified: releng/8.4/contrib/bind9/lib/dns/tkey.c ============================================================================== --- releng/8.4/contrib/bind9/lib/dns/tkey.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/8.4/contrib/bind9/lib/dns/tkey.c Tue Jul 28 19:59:22 2015 (r285980) @@ -650,6 +650,7 @@ dns_tkey_processquery(dns_message_t *msg * Try the answer section, since that's where Win2000 * puts it. */ + name = NULL; if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname, dns_rdatatype_tkey, 0, &name, &tkeyset) != ISC_R_SUCCESS) { Modified: releng/8.4/crypto/openssh/auth2-chall.c ============================================================================== --- releng/8.4/crypto/openssh/auth2-chall.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/8.4/crypto/openssh/auth2-chall.c Tue Jul 28 19:59:22 2015 (r285980) @@ -82,6 +82,7 @@ struct KbdintAuthctxt void *ctxt; KbdintDevice *device; u_int nreq; + u_int devices_done; }; #ifdef USE_PAM @@ -169,9 +170,14 @@ kbdint_next_device(KbdintAuthctxt *kbdin if (len == 0) break; - for (i = 0; devices[i]; i++) - if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) + for (i = 0; devices[i]; i++) { + if ((kbdintctxt->devices_done & (1 << i)) != 0) + continue; + if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) { kbdintctxt->device = devices[i]; + kbdintctxt->devices_done |= 1 << i; + } + } t = kbdintctxt->devices; kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; xfree(t); Modified: releng/8.4/crypto/openssh/sshconnect.c ============================================================================== --- releng/8.4/crypto/openssh/sshconnect.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/8.4/crypto/openssh/sshconnect.c Tue Jul 28 19:59:22 2015 (r285980) @@ -1141,29 +1141,39 @@ verify_host_key(char *host, struct socka { int flags = 0; char *fp; + Key *plain = NULL; fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); debug("Server host key: %s %s", key_type(host_key), fp); xfree(fp); - /* XXX certs are not yet supported for DNS */ - if (!key_is_cert(host_key) && options.verify_host_key_dns && - verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) { - if (flags & DNS_VERIFY_FOUND) { - - if (options.verify_host_key_dns == 1 && - flags & DNS_VERIFY_MATCH && - flags & DNS_VERIFY_SECURE) - return 0; - - if (flags & DNS_VERIFY_MATCH) { - matching_host_key_dns = 1; - } else { - warn_changed_key(host_key); - error("Update the SSHFP RR in DNS with the new " - "host key to get rid of this message."); + if (options.verify_host_key_dns) { + /* + * XXX certs are not yet supported for DNS, so downgrade + * them and try the plain key. + */ + plain = key_from_private(host_key); + if (key_is_cert(plain)) + key_drop_cert(plain); + if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { + if (flags & DNS_VERIFY_FOUND) { + if (options.verify_host_key_dns == 1 && + flags & DNS_VERIFY_MATCH && + flags & DNS_VERIFY_SECURE) { + key_free(plain); + return 0; + } + if (flags & DNS_VERIFY_MATCH) { + matching_host_key_dns = 1; + } else { + warn_changed_key(plain); + error("Update the SSHFP RR in DNS " + "with the new host key to get rid " + "of this message."); + } } } + key_free(plain); } return check_host_key(host, hostaddr, options.port, host_key, RDRW, Modified: releng/8.4/sys/conf/newvers.sh ============================================================================== --- releng/8.4/sys/conf/newvers.sh Tue Jul 28 19:59:11 2015 (r285979) +++ releng/8.4/sys/conf/newvers.sh Tue Jul 28 19:59:22 2015 (r285980) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="8.4" -BRANCH="RELEASE-p34" +BRANCH="RELEASE-p35" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/8.4/sys/netinet/tcp_reass.c ============================================================================== --- releng/8.4/sys/netinet/tcp_reass.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/8.4/sys/netinet/tcp_reass.c Tue Jul 28 19:59:22 2015 (r285980) @@ -80,62 +80,49 @@ static int tcp_reass_sysctl_qsize(SYSCTL SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0, "TCP Segment Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_maxseg) = 0; -#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg) +static int tcp_reass_maxseg = 0; SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLTYPE_INT | CTLFLAG_RDTUN, - &VNET_NAME(tcp_reass_maxseg), 0, &tcp_reass_sysctl_maxseg, "I", + &tcp_reass_maxseg, 0, &tcp_reass_sysctl_maxseg, "I", "Global maximum number of TCP Segments in Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_qsize) = 0; -#define V_tcp_reass_qsize VNET(tcp_reass_qsize) -SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, +static int tcp_reass_qsize = 0; +SYSCTL_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, CTLTYPE_INT | CTLFLAG_RD, - &VNET_NAME(tcp_reass_qsize), 0, &tcp_reass_sysctl_qsize, "I", + &tcp_reass_qsize, 0, &tcp_reass_sysctl_qsize, "I", "Global number of TCP Segments currently in Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_overflows) = 0; -#define V_tcp_reass_overflows VNET(tcp_reass_overflows) -SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows, +static int tcp_reass_overflows = 0; +SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLTYPE_INT | CTLFLAG_RD, - &VNET_NAME(tcp_reass_overflows), 0, + &tcp_reass_overflows, 0, "Global number of TCP Segment Reassembly Queue Overflows"); -static VNET_DEFINE(uma_zone_t, tcp_reass_zone); -#define V_tcp_reass_zone VNET(tcp_reass_zone) +static uma_zone_t tcp_reass_zone; /* Initialize TCP reassembly queue */ static void tcp_reass_zone_change(void *tag) { - V_tcp_reass_maxseg = nmbclusters / 16; - uma_zone_set_max(V_tcp_reass_zone, V_tcp_reass_maxseg); + tcp_reass_maxseg = nmbclusters / 16; + uma_zone_set_max(tcp_reass_zone, tcp_reass_maxseg); } void -tcp_reass_init(void) +tcp_reass_global_init(void) { - V_tcp_reass_maxseg = nmbclusters / 16; + tcp_reass_maxseg = nmbclusters / 16; TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments", - &V_tcp_reass_maxseg); - V_tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), + &tcp_reass_maxseg); + tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); - uma_zone_set_max(V_tcp_reass_zone, V_tcp_reass_maxseg); + uma_zone_set_max(tcp_reass_zone, tcp_reass_maxseg); EVENTHANDLER_REGISTER(nmbclusters_change, tcp_reass_zone_change, NULL, EVENTHANDLER_PRI_ANY); } -#ifdef VIMAGE -void -tcp_reass_destroy(void) -{ - - uma_zdestroy(V_tcp_reass_zone); -} -#endif - void tcp_reass_flush(struct tcpcb *tp) { @@ -146,7 +133,7 @@ tcp_reass_flush(struct tcpcb *tp) while ((qe = LIST_FIRST(&tp->t_segq)) != NULL) { LIST_REMOVE(qe, tqe_q); m_freem(qe->tqe_m); - uma_zfree(V_tcp_reass_zone, qe); + uma_zfree(tcp_reass_zone, qe); tp->t_segqlen--; } @@ -158,14 +145,14 @@ tcp_reass_flush(struct tcpcb *tp) static int tcp_reass_sysctl_maxseg(SYSCTL_HANDLER_ARGS) { - V_tcp_reass_maxseg = uma_zone_get_max(V_tcp_reass_zone); + tcp_reass_maxseg = uma_zone_get_max(tcp_reass_zone); return (sysctl_handle_int(oidp, arg1, arg2, req)); } static int tcp_reass_sysctl_qsize(SYSCTL_HANDLER_ARGS) { - V_tcp_reass_qsize = uma_zone_get_cur(V_tcp_reass_zone); + tcp_reass_qsize = uma_zone_get_cur(tcp_reass_zone); return (sysctl_handle_int(oidp, arg1, arg2, req)); } @@ -213,7 +200,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd */ if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) && tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) { - V_tcp_reass_overflows++; + tcp_reass_overflows++; TCPSTAT_INC(tcps_rcvmemdrop); m_freem(m); *tlenp = 0; @@ -232,7 +219,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd * Use a temporary structure on the stack for the missing segment * when the zone is exhausted. Otherwise we may get stuck. */ - te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT); + te = uma_zalloc(tcp_reass_zone, M_NOWAIT); if (te == NULL) { if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) { TCPSTAT_INC(tcps_rcvmemdrop); @@ -283,7 +270,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp); m_freem(m); if (te != &tqs) - uma_zfree(V_tcp_reass_zone, te); + uma_zfree(tcp_reass_zone, te); tp->t_segqlen--; /* * Try to present any queued data @@ -320,7 +307,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd nq = LIST_NEXT(q, tqe_q); LIST_REMOVE(q, tqe_q); m_freem(q->tqe_m); - uma_zfree(V_tcp_reass_zone, q); + uma_zfree(tcp_reass_zone, q); tp->t_segqlen--; q = nq; } @@ -359,7 +346,7 @@ present: else sbappendstream_locked(&so->so_rcv, q->tqe_m); if (q != &tqs) - uma_zfree(V_tcp_reass_zone, q); + uma_zfree(tcp_reass_zone, q); tp->t_segqlen--; q = nq; } while (q && q->tqe_th->th_seq == tp->rcv_nxt); Modified: releng/8.4/sys/netinet/tcp_subr.c ============================================================================== --- releng/8.4/sys/netinet/tcp_subr.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/8.4/sys/netinet/tcp_subr.c Tue Jul 28 19:59:22 2015 (r285980) @@ -375,7 +375,6 @@ tcp_init(void) tcp_tw_init(); syncache_init(); tcp_hc_init(); - tcp_reass_init(); TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack); V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole), @@ -385,6 +384,8 @@ tcp_init(void) if (!IS_DEFAULT_VNET(curvnet)) return; + tcp_reass_global_init(); + /* XXX virtualize those bellow? */ tcp_delacktime = TCPTV_DELACK; tcp_keepinit = TCPTV_KEEP_INIT; @@ -424,7 +425,6 @@ void tcp_destroy(void) { - tcp_reass_destroy(); tcp_hc_destroy(); syncache_destroy(); tcp_tw_destroy(); Modified: releng/8.4/sys/netinet/tcp_var.h ============================================================================== --- releng/8.4/sys/netinet/tcp_var.h Tue Jul 28 19:59:11 2015 (r285979) +++ releng/8.4/sys/netinet/tcp_var.h Tue Jul 28 19:59:22 2015 (r285980) @@ -653,11 +653,8 @@ char *tcp_log_addrs(struct in_conninfo char *tcp_log_vain(struct in_conninfo *, struct tcphdr *, void *, const void *); int tcp_reass(struct tcpcb *, struct tcphdr *, int *, struct mbuf *); -void tcp_reass_init(void); +void tcp_reass_global_init(void); void tcp_reass_flush(struct tcpcb *); -#ifdef VIMAGE -void tcp_reass_destroy(void); -#endif void tcp_input(struct mbuf *, int); u_long tcp_maxmtu(struct in_conninfo *, int *); u_long tcp_maxmtu6(struct in_conninfo *, int *); Modified: releng/9.3/UPDATING ============================================================================== --- releng/9.3/UPDATING Tue Jul 28 19:59:11 2015 (r285979) +++ releng/9.3/UPDATING Tue Jul 28 19:59:22 2015 (r285980) @@ -11,6 +11,16 @@ handbook: Items affecting the ports and packages system can be found in /usr/ports/UPDATING. Please read that file before running portupgrade. +20150728: p21 FreeBSD-SA-15:15.tcp + FreeBSD-SA-15:16.openssh + FreeBSD-SA-15:17.bind + + Fix resource exhaustion in TCP reassembly. [SA-15:15] + + Fix OpenSSH multiple vulnerabilities. [SA-15:16] + + Fix BIND remote denial of service vulnerability. [SA-15:17] + 20150721: p20 FreeBSD-SA-15:13.tcp Fix resource exhaustion due to sessions stuck in LAST_ACK state. Modified: releng/9.3/contrib/bind9/lib/dns/tkey.c ============================================================================== --- releng/9.3/contrib/bind9/lib/dns/tkey.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/9.3/contrib/bind9/lib/dns/tkey.c Tue Jul 28 19:59:22 2015 (r285980) @@ -650,6 +650,7 @@ dns_tkey_processquery(dns_message_t *msg * Try the answer section, since that's where Win2000 * puts it. */ + name = NULL; if (dns_message_findname(msg, DNS_SECTION_ANSWER, qname, dns_rdatatype_tkey, 0, &name, &tkeyset) != ISC_R_SUCCESS) { Modified: releng/9.3/crypto/openssh/auth2-chall.c ============================================================================== --- releng/9.3/crypto/openssh/auth2-chall.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/9.3/crypto/openssh/auth2-chall.c Tue Jul 28 19:59:22 2015 (r285980) @@ -82,6 +82,7 @@ struct KbdintAuthctxt void *ctxt; KbdintDevice *device; u_int nreq; + u_int devices_done; }; #ifdef USE_PAM @@ -168,11 +169,15 @@ kbdint_next_device(Authctxt *authctxt, K if (len == 0) break; for (i = 0; devices[i]; i++) { - if (!auth2_method_allowed(authctxt, + if ((kbdintctxt->devices_done & (1 << i)) != 0 || + !auth2_method_allowed(authctxt, "keyboard-interactive", devices[i]->name)) continue; - if (strncmp(kbdintctxt->devices, devices[i]->name, len) == 0) + if (strncmp(kbdintctxt->devices, devices[i]->name, + len) == 0) { kbdintctxt->device = devices[i]; + kbdintctxt->devices_done |= 1 << i; + } } t = kbdintctxt->devices; kbdintctxt->devices = t[len] ? xstrdup(t+len+1) : NULL; Modified: releng/9.3/crypto/openssh/sshconnect.c ============================================================================== --- releng/9.3/crypto/openssh/sshconnect.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/9.3/crypto/openssh/sshconnect.c Tue Jul 28 19:59:22 2015 (r285980) @@ -1247,29 +1247,39 @@ verify_host_key(char *host, struct socka { int flags = 0; char *fp; + Key *plain = NULL; fp = key_fingerprint(host_key, SSH_FP_MD5, SSH_FP_HEX); debug("Server host key: %s %s", key_type(host_key), fp); free(fp); - /* XXX certs are not yet supported for DNS */ - if (!key_is_cert(host_key) && options.verify_host_key_dns && - verify_host_key_dns(host, hostaddr, host_key, &flags) == 0) { - if (flags & DNS_VERIFY_FOUND) { - - if (options.verify_host_key_dns == 1 && - flags & DNS_VERIFY_MATCH && - flags & DNS_VERIFY_SECURE) - return 0; - - if (flags & DNS_VERIFY_MATCH) { - matching_host_key_dns = 1; - } else { - warn_changed_key(host_key); - error("Update the SSHFP RR in DNS with the new " - "host key to get rid of this message."); + if (options.verify_host_key_dns) { + /* + * XXX certs are not yet supported for DNS, so downgrade + * them and try the plain key. + */ + plain = key_from_private(host_key); + if (key_is_cert(plain)) + key_drop_cert(plain); + if (verify_host_key_dns(host, hostaddr, plain, &flags) == 0) { + if (flags & DNS_VERIFY_FOUND) { + if (options.verify_host_key_dns == 1 && + flags & DNS_VERIFY_MATCH && + flags & DNS_VERIFY_SECURE) { + key_free(plain); + return 0; + } + if (flags & DNS_VERIFY_MATCH) { + matching_host_key_dns = 1; + } else { + warn_changed_key(plain); + error("Update the SSHFP RR in DNS " + "with the new host key to get rid " + "of this message."); + } } } + key_free(plain); } return check_host_key(host, hostaddr, options.port, host_key, RDRW, Modified: releng/9.3/sys/conf/newvers.sh ============================================================================== --- releng/9.3/sys/conf/newvers.sh Tue Jul 28 19:59:11 2015 (r285979) +++ releng/9.3/sys/conf/newvers.sh Tue Jul 28 19:59:22 2015 (r285980) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="9.3" -BRANCH="RELEASE-p20" +BRANCH="RELEASE-p21" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi Modified: releng/9.3/sys/netinet/tcp_reass.c ============================================================================== --- releng/9.3/sys/netinet/tcp_reass.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/9.3/sys/netinet/tcp_reass.c Tue Jul 28 19:59:22 2015 (r285980) @@ -79,25 +79,22 @@ static int tcp_reass_sysctl_qsize(SYSCTL static SYSCTL_NODE(_net_inet_tcp, OID_AUTO, reass, CTLFLAG_RW, 0, "TCP Segment Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_maxseg) = 0; -#define V_tcp_reass_maxseg VNET(tcp_reass_maxseg) -SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, - &VNET_NAME(tcp_reass_maxseg), 0, +static int tcp_reass_maxseg = 0; +SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, CTLFLAG_RDTUN, + &tcp_reass_maxseg, 0, "Global maximum number of TCP Segments in Reassembly Queue"); -SYSCTL_VNET_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, +SYSCTL_PROC(_net_inet_tcp_reass, OID_AUTO, cursegments, (CTLTYPE_INT | CTLFLAG_RD), NULL, 0, &tcp_reass_sysctl_qsize, "I", "Global number of TCP Segments currently in Reassembly Queue"); -static VNET_DEFINE(int, tcp_reass_overflows) = 0; -#define V_tcp_reass_overflows VNET(tcp_reass_overflows) -SYSCTL_VNET_INT(_net_inet_tcp_reass, OID_AUTO, overflows, +static int tcp_reass_overflows = 0; +SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, overflows, CTLTYPE_INT | CTLFLAG_RD, - &VNET_NAME(tcp_reass_overflows), 0, + &tcp_reass_overflows, 0, "Global number of TCP Segment Reassembly Queue Overflows"); -static VNET_DEFINE(uma_zone_t, tcp_reass_zone); -#define V_tcp_reass_zone VNET(tcp_reass_zone) +static uma_zone_t tcp_reass_zone; /* Initialize TCP reassembly queue */ static void @@ -105,36 +102,27 @@ tcp_reass_zone_change(void *tag) { /* Set the zone limit and read back the effective value. */ - V_tcp_reass_maxseg = nmbclusters / 16; - V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone, - V_tcp_reass_maxseg); + tcp_reass_maxseg = nmbclusters / 16; + tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone, + tcp_reass_maxseg); } void -tcp_reass_init(void) +tcp_reass_global_init(void) { - V_tcp_reass_maxseg = nmbclusters / 16; + tcp_reass_maxseg = nmbclusters / 16; TUNABLE_INT_FETCH("net.inet.tcp.reass.maxsegments", - &V_tcp_reass_maxseg); - V_tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), + &tcp_reass_maxseg); + tcp_reass_zone = uma_zcreate("tcpreass", sizeof (struct tseg_qent), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, UMA_ZONE_NOFREE); /* Set the zone limit and read back the effective value. */ - V_tcp_reass_maxseg = uma_zone_set_max(V_tcp_reass_zone, - V_tcp_reass_maxseg); + tcp_reass_maxseg = uma_zone_set_max(tcp_reass_zone, + tcp_reass_maxseg); EVENTHANDLER_REGISTER(nmbclusters_change, tcp_reass_zone_change, NULL, EVENTHANDLER_PRI_ANY); } -#ifdef VIMAGE -void -tcp_reass_destroy(void) -{ - - uma_zdestroy(V_tcp_reass_zone); -} -#endif - void tcp_reass_flush(struct tcpcb *tp) { @@ -145,7 +133,7 @@ tcp_reass_flush(struct tcpcb *tp) while ((qe = LIST_FIRST(&tp->t_segq)) != NULL) { LIST_REMOVE(qe, tqe_q); m_freem(qe->tqe_m); - uma_zfree(V_tcp_reass_zone, qe); + uma_zfree(tcp_reass_zone, qe); tp->t_segqlen--; } @@ -159,7 +147,7 @@ tcp_reass_sysctl_qsize(SYSCTL_HANDLER_AR { int qsize; - qsize = uma_zone_get_cur(V_tcp_reass_zone); + qsize = uma_zone_get_cur(tcp_reass_zone); return (sysctl_handle_int(oidp, &qsize, 0, req)); } @@ -207,7 +195,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd */ if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) && tp->t_segqlen >= (so->so_rcv.sb_hiwat / tp->t_maxseg) + 1) { - V_tcp_reass_overflows++; + tcp_reass_overflows++; TCPSTAT_INC(tcps_rcvmemdrop); m_freem(m); *tlenp = 0; @@ -226,7 +214,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd * Use a temporary structure on the stack for the missing segment * when the zone is exhausted. Otherwise we may get stuck. */ - te = uma_zalloc(V_tcp_reass_zone, M_NOWAIT); + te = uma_zalloc(tcp_reass_zone, M_NOWAIT); if (te == NULL) { if (th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) { TCPSTAT_INC(tcps_rcvmemdrop); @@ -277,7 +265,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp); m_freem(m); if (te != &tqs) - uma_zfree(V_tcp_reass_zone, te); + uma_zfree(tcp_reass_zone, te); tp->t_segqlen--; /* * Try to present any queued data @@ -314,7 +302,7 @@ tcp_reass(struct tcpcb *tp, struct tcphd nq = LIST_NEXT(q, tqe_q); LIST_REMOVE(q, tqe_q); m_freem(q->tqe_m); - uma_zfree(V_tcp_reass_zone, q); + uma_zfree(tcp_reass_zone, q); tp->t_segqlen--; q = nq; } @@ -353,7 +341,7 @@ present: else sbappendstream_locked(&so->so_rcv, q->tqe_m); if (q != &tqs) - uma_zfree(V_tcp_reass_zone, q); + uma_zfree(tcp_reass_zone, q); tp->t_segqlen--; q = nq; } while (q && q->tqe_th->th_seq == tp->rcv_nxt); Modified: releng/9.3/sys/netinet/tcp_subr.c ============================================================================== --- releng/9.3/sys/netinet/tcp_subr.c Tue Jul 28 19:59:11 2015 (r285979) +++ releng/9.3/sys/netinet/tcp_subr.c Tue Jul 28 19:59:22 2015 (r285980) @@ -314,7 +314,6 @@ tcp_init(void) tcp_tw_init(); syncache_init(); tcp_hc_init(); - tcp_reass_init(); TUNABLE_INT_FETCH("net.inet.tcp.sack.enable", &V_tcp_do_sack); V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole), @@ -324,6 +323,8 @@ tcp_init(void) if (!IS_DEFAULT_VNET(curvnet)) return; + tcp_reass_global_init(); + /* XXX virtualize those bellow? */ tcp_delacktime = TCPTV_DELACK; tcp_keepinit = TCPTV_KEEP_INIT; @@ -371,7 +372,6 @@ void tcp_destroy(void) { - tcp_reass_destroy(); tcp_hc_destroy(); syncache_destroy(); tcp_tw_destroy(); Modified: releng/9.3/sys/netinet/tcp_var.h ============================================================================== --- releng/9.3/sys/netinet/tcp_var.h Tue Jul 28 19:59:11 2015 (r285979) +++ releng/9.3/sys/netinet/tcp_var.h Tue Jul 28 19:59:22 2015 (r285980) @@ -680,11 +680,8 @@ char *tcp_log_addrs(struct in_conninfo * char *tcp_log_vain(struct in_conninfo *, struct tcphdr *, void *, const void *); int tcp_reass(struct tcpcb *, struct tcphdr *, int *, struct mbuf *); -void tcp_reass_init(void); +void tcp_reass_global_init(void); void tcp_reass_flush(struct tcpcb *); -#ifdef VIMAGE -void tcp_reass_destroy(void); -#endif void tcp_input(struct mbuf *, int); u_long tcp_maxmtu(struct in_conninfo *, struct tcp_ifcap *); u_long tcp_maxmtu6(struct in_conninfo *, struct tcp_ifcap *); From owner-svn-src-releng@freebsd.org Tue Jul 28 20:42:37 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7F6BD9AD0D2; Tue, 28 Jul 2015 20:42:37 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 7009216AA; Tue, 28 Jul 2015 20:42:37 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SKgb1r023211; Tue, 28 Jul 2015 20:42:37 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SKgbN0023210; Tue, 28 Jul 2015 20:42:37 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507282042.t6SKgbN0023210@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Tue, 28 Jul 2015 20:42:37 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285983 - releng/10.2/release/doc/share/xml X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 20:42:37 -0000 Author: gjb Date: Tue Jul 28 20:42:36 2015 New Revision: 285983 URL: https://svnweb.freebsd.org/changeset/base/285983 Log: Document SA-15:14 through SA-15:16. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/share/xml/security.xml Modified: releng/10.2/release/doc/share/xml/security.xml ============================================================================== --- releng/10.2/release/doc/share/xml/security.xml Tue Jul 28 20:38:52 2015 (r285982) +++ releng/10.2/release/doc/share/xml/security.xml Tue Jul 28 20:42:36 2015 (r285983) @@ -133,6 +133,28 @@ resource exhaustion due to sessions stuck in LAST_ACK state. + + + FreeBSD-SA-15:14.bsdpatch + 28 July 2015 + Shell injection vulnerability + + + + FreeBSD-SA-15:15.tcp + 28 July 2015 + resource exhaustion in TCP + reassembly + + + + FreeBSD-SA-15:16.openssh + 28 July 2015 + Multiple vulnerabilities + From owner-svn-src-releng@freebsd.org Tue Jul 28 21:43:24 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CA3459ADBC9; Tue, 28 Jul 2015 21:43:24 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BB048B97; Tue, 28 Jul 2015 21:43:24 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6SLhOwi050081; Tue, 28 Jul 2015 21:43:24 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6SLhOjM050080; Tue, 28 Jul 2015 21:43:24 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201507282143.t6SLhOjM050080@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Tue, 28 Jul 2015 21:43:24 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285987 - releng/10.1/sys/conf X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Jul 2015 21:43:24 -0000 Author: delphij Date: Tue Jul 28 21:43:23 2015 New Revision: 285987 URL: https://svnweb.freebsd.org/changeset/base/285987 Log: Correct patchlevel. Noticed by: Piotr Kubaj Approved by: so Modified: releng/10.1/sys/conf/newvers.sh Modified: releng/10.1/sys/conf/newvers.sh ============================================================================== --- releng/10.1/sys/conf/newvers.sh Tue Jul 28 21:39:58 2015 (r285986) +++ releng/10.1/sys/conf/newvers.sh Tue Jul 28 21:43:23 2015 (r285987) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="10.1" -BRANCH="RELEASE-p15" +BRANCH="RELEASE-p16" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-svn-src-releng@freebsd.org Wed Jul 29 00:57:57 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2E7519ADD2B; Wed, 29 Jul 2015 00:57:57 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 188C51C00; Wed, 29 Jul 2015 00:57:57 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6T0vvgq034276; Wed, 29 Jul 2015 00:57:57 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6T0vtsu034270; Wed, 29 Jul 2015 00:57:55 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507290057.t6T0vtsu034270@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Wed, 29 Jul 2015 00:57:55 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r285991 - in releng/10.2/sys/dev: pccbb pci X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 00:57:57 -0000 Author: gjb Date: Wed Jul 29 00:57:54 2015 New Revision: 285991 URL: https://svnweb.freebsd.org/changeset/base/285991 Log: MFS r285863 (jhb): Partially revert r284034. In particular, revert the final change in this MFC (281874). It broke suspend and resume on several Thinkpads (though not all) in 10 even though it works fine on the same laptops in HEAD. PR: 201239 Reported by: Kevin Oberman and several others Approved by: re (kib) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/sys/dev/pccbb/pccbb_pci.c releng/10.2/sys/dev/pci/pci.c releng/10.2/sys/dev/pci/pci_pci.c releng/10.2/sys/dev/pci/pcib_private.h releng/10.2/sys/dev/pci/pcivar.h Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/dev/pccbb/pccbb_pci.c ============================================================================== --- releng/10.2/sys/dev/pccbb/pccbb_pci.c Tue Jul 28 22:48:58 2015 (r285990) +++ releng/10.2/sys/dev/pccbb/pccbb_pci.c Wed Jul 29 00:57:54 2015 (r285991) @@ -259,6 +259,32 @@ cbb_pci_probe(device_t brdev) } /* + * Still need this because the pci code only does power for type 0 + * header devices. + */ +static void +cbb_powerstate_d0(device_t dev) +{ + u_int32_t membase, irq; + + if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) { + /* Save important PCI config data. */ + membase = pci_read_config(dev, CBBR_SOCKBASE, 4); + irq = pci_read_config(dev, PCIR_INTLINE, 4); + + /* Reset the power state. */ + device_printf(dev, "chip is in D%d power mode " + "-- setting to D0\n", pci_get_powerstate(dev)); + + pci_set_powerstate(dev, PCI_POWERSTATE_D0); + + /* Restore PCI config data. */ + pci_write_config(dev, CBBR_SOCKBASE, membase, 4); + pci_write_config(dev, PCIR_INTLINE, irq, 4); + } +} + +/* * Print out the config space */ static void @@ -295,15 +321,15 @@ cbb_pci_attach(device_t brdev) sc->cbdev = NULL; sc->exca[0].pccarddev = NULL; sc->domain = pci_get_domain(brdev); + sc->bus.sec = pci_read_config(brdev, PCIR_SECBUS_2, 1); + sc->bus.sub = pci_read_config(brdev, PCIR_SUBBUS_2, 1); sc->pribus = pcib_get_bus(parent); #if defined(NEW_PCIB) && defined(PCI_RES_BUS) pci_write_config(brdev, PCIR_PRIBUS_2, sc->pribus, 1); pcib_setup_secbus(brdev, &sc->bus, 1); -#else - sc->bus.sec = pci_read_config(brdev, PCIR_SECBUS_2, 1); - sc->bus.sub = pci_read_config(brdev, PCIR_SUBBUS_2, 1); #endif SLIST_INIT(&sc->rl); + cbb_powerstate_d0(brdev); rid = CBBR_SOCKBASE; sc->base_res = bus_alloc_resource_any(brdev, SYS_RES_MEMORY, &rid, @@ -448,6 +474,11 @@ cbb_chipinit(struct cbb_softc *sc) if (pci_read_config(sc->dev, PCIR_LATTIMER, 1) < 0x20) pci_write_config(sc->dev, PCIR_LATTIMER, 0x20, 1); + /* Restore bus configuration */ + pci_write_config(sc->dev, PCIR_PRIBUS_2, sc->pribus, 1); + pci_write_config(sc->dev, PCIR_SECBUS_2, sc->bus.sec, 1); + pci_write_config(sc->dev, PCIR_SUBBUS_2, sc->bus.sub, 1); + /* Enable DMA, memory access for this card and I/O acces for children */ pci_enable_busmaster(sc->dev); pci_enable_io(sc->dev, SYS_RES_IOPORT); @@ -875,10 +906,15 @@ cbb_pci_resume(device_t brdev) * from D0 and back to D0 cause the bridge to lose its config space, so * all the bus mappings and such are preserved. * - * The PCI layer handles standard PCI registers like the - * command register and BARs, but cbb-specific registers are - * handled here. + * For most drivers, the PCI layer handles this saving. However, since + * there's much black magic and arcane art hidden in these few lines of + * code that would be difficult to transition into the PCI + * layer. chipinit was several years of trial and error to write. */ + pci_write_config(brdev, CBBR_SOCKBASE, rman_get_start(sc->base_res), 4); + DEVPRINTF((brdev, "PCI Memory allocated: %08lx\n", + rman_get_start(sc->base_res))); + sc->chipinit(sc); /* reset interrupt -- Do we really need to do this? */ Modified: releng/10.2/sys/dev/pci/pci.c ============================================================================== --- releng/10.2/sys/dev/pci/pci.c Tue Jul 28 22:48:58 2015 (r285990) +++ releng/10.2/sys/dev/pci/pci.c Wed Jul 29 00:57:54 2015 (r285991) @@ -590,19 +590,9 @@ pci_hdrtypedata(device_t pcib, int b, in cfg->nummaps = PCI_MAXMAPS_0; break; case PCIM_HDRTYPE_BRIDGE: - cfg->bridge.br_seclat = REG(PCIR_SECLAT_1, 1); - cfg->bridge.br_subbus = REG(PCIR_SUBBUS_1, 1); - cfg->bridge.br_secbus = REG(PCIR_SECBUS_1, 1); - cfg->bridge.br_pribus = REG(PCIR_PRIBUS_1, 1); - cfg->bridge.br_control = REG(PCIR_BRIDGECTL_1, 2); cfg->nummaps = PCI_MAXMAPS_1; break; case PCIM_HDRTYPE_CARDBUS: - cfg->bridge.br_seclat = REG(PCIR_SECLAT_2, 1); - cfg->bridge.br_subbus = REG(PCIR_SUBBUS_2, 1); - cfg->bridge.br_secbus = REG(PCIR_SECBUS_2, 1); - cfg->bridge.br_pribus = REG(PCIR_PRIBUS_2, 1); - cfg->bridge.br_control = REG(PCIR_BRIDGECTL_2, 2); cfg->subvendor = REG(PCIR_SUBVEND_2, 2); cfg->subdevice = REG(PCIR_SUBDEV_2, 2); cfg->nummaps = PCI_MAXMAPS_2; @@ -4948,6 +4938,16 @@ pci_cfg_restore(device_t dev, struct pci { /* + * Only do header type 0 devices. Type 1 devices are bridges, + * which we know need special treatment. Type 2 devices are + * cardbus bridges which also require special treatment. + * Other types are unknown, and we err on the side of safety + * by ignoring them. + */ + if ((dinfo->cfg.hdrtype & PCIM_HDRTYPE) != PCIM_HDRTYPE_NORMAL) + return; + + /* * Restore the device to full power mode. We must do this * before we restore the registers because moving from D3 to * D0 will cause the chip's BARs and some other registers to @@ -4957,44 +4957,16 @@ pci_cfg_restore(device_t dev, struct pci */ if (pci_get_powerstate(dev) != PCI_POWERSTATE_D0) pci_set_powerstate(dev, PCI_POWERSTATE_D0); + pci_restore_bars(dev); pci_write_config(dev, PCIR_COMMAND, dinfo->cfg.cmdreg, 2); pci_write_config(dev, PCIR_INTLINE, dinfo->cfg.intline, 1); pci_write_config(dev, PCIR_INTPIN, dinfo->cfg.intpin, 1); + pci_write_config(dev, PCIR_MINGNT, dinfo->cfg.mingnt, 1); + pci_write_config(dev, PCIR_MAXLAT, dinfo->cfg.maxlat, 1); pci_write_config(dev, PCIR_CACHELNSZ, dinfo->cfg.cachelnsz, 1); pci_write_config(dev, PCIR_LATTIMER, dinfo->cfg.lattimer, 1); pci_write_config(dev, PCIR_PROGIF, dinfo->cfg.progif, 1); pci_write_config(dev, PCIR_REVID, dinfo->cfg.revid, 1); - switch (dinfo->cfg.hdrtype & PCIM_HDRTYPE) { - case PCIM_HDRTYPE_NORMAL: - pci_write_config(dev, PCIR_MINGNT, dinfo->cfg.mingnt, 1); - pci_write_config(dev, PCIR_MAXLAT, dinfo->cfg.maxlat, 1); - break; - case PCIM_HDRTYPE_BRIDGE: - pci_write_config(dev, PCIR_SECLAT_1, - dinfo->cfg.bridge.br_seclat, 1); - pci_write_config(dev, PCIR_SUBBUS_1, - dinfo->cfg.bridge.br_subbus, 1); - pci_write_config(dev, PCIR_SECBUS_1, - dinfo->cfg.bridge.br_secbus, 1); - pci_write_config(dev, PCIR_PRIBUS_1, - dinfo->cfg.bridge.br_pribus, 1); - pci_write_config(dev, PCIR_BRIDGECTL_1, - dinfo->cfg.bridge.br_control, 2); - break; - case PCIM_HDRTYPE_CARDBUS: - pci_write_config(dev, PCIR_SECLAT_2, - dinfo->cfg.bridge.br_seclat, 1); - pci_write_config(dev, PCIR_SUBBUS_2, - dinfo->cfg.bridge.br_subbus, 1); - pci_write_config(dev, PCIR_SECBUS_2, - dinfo->cfg.bridge.br_secbus, 1); - pci_write_config(dev, PCIR_PRIBUS_2, - dinfo->cfg.bridge.br_pribus, 1); - pci_write_config(dev, PCIR_BRIDGECTL_2, - dinfo->cfg.bridge.br_control, 2); - break; - } - pci_restore_bars(dev); /* * Restore extended capabilities for PCI-Express and PCI-X @@ -5063,57 +5035,40 @@ pci_cfg_save(device_t dev, struct pci_de int ps; /* + * Only do header type 0 devices. Type 1 devices are bridges, which + * we know need special treatment. Type 2 devices are cardbus bridges + * which also require special treatment. Other types are unknown, and + * we err on the side of safety by ignoring them. Powering down + * bridges should not be undertaken lightly. + */ + if ((dinfo->cfg.hdrtype & PCIM_HDRTYPE) != PCIM_HDRTYPE_NORMAL) + return; + + /* * Some drivers apparently write to these registers w/o updating our * cached copy. No harm happens if we update the copy, so do so here * so we can restore them. The COMMAND register is modified by the * bus w/o updating the cache. This should represent the normally - * writable portion of the 'defined' part of type 0/1/2 headers. + * writable portion of the 'defined' part of type 0 headers. In + * theory we also need to save/restore the PCI capability structures + * we know about, but apart from power we don't know any that are + * writable. */ + dinfo->cfg.subvendor = pci_read_config(dev, PCIR_SUBVEND_0, 2); + dinfo->cfg.subdevice = pci_read_config(dev, PCIR_SUBDEV_0, 2); dinfo->cfg.vendor = pci_read_config(dev, PCIR_VENDOR, 2); dinfo->cfg.device = pci_read_config(dev, PCIR_DEVICE, 2); dinfo->cfg.cmdreg = pci_read_config(dev, PCIR_COMMAND, 2); dinfo->cfg.intline = pci_read_config(dev, PCIR_INTLINE, 1); dinfo->cfg.intpin = pci_read_config(dev, PCIR_INTPIN, 1); + dinfo->cfg.mingnt = pci_read_config(dev, PCIR_MINGNT, 1); + dinfo->cfg.maxlat = pci_read_config(dev, PCIR_MAXLAT, 1); dinfo->cfg.cachelnsz = pci_read_config(dev, PCIR_CACHELNSZ, 1); dinfo->cfg.lattimer = pci_read_config(dev, PCIR_LATTIMER, 1); dinfo->cfg.baseclass = pci_read_config(dev, PCIR_CLASS, 1); dinfo->cfg.subclass = pci_read_config(dev, PCIR_SUBCLASS, 1); dinfo->cfg.progif = pci_read_config(dev, PCIR_PROGIF, 1); dinfo->cfg.revid = pci_read_config(dev, PCIR_REVID, 1); - switch (dinfo->cfg.hdrtype & PCIM_HDRTYPE) { - case PCIM_HDRTYPE_NORMAL: - dinfo->cfg.subvendor = pci_read_config(dev, PCIR_SUBVEND_0, 2); - dinfo->cfg.subdevice = pci_read_config(dev, PCIR_SUBDEV_0, 2); - dinfo->cfg.mingnt = pci_read_config(dev, PCIR_MINGNT, 1); - dinfo->cfg.maxlat = pci_read_config(dev, PCIR_MAXLAT, 1); - break; - case PCIM_HDRTYPE_BRIDGE: - dinfo->cfg.bridge.br_seclat = pci_read_config(dev, - PCIR_SECLAT_1, 1); - dinfo->cfg.bridge.br_subbus = pci_read_config(dev, - PCIR_SUBBUS_1, 1); - dinfo->cfg.bridge.br_secbus = pci_read_config(dev, - PCIR_SECBUS_1, 1); - dinfo->cfg.bridge.br_pribus = pci_read_config(dev, - PCIR_PRIBUS_1, 1); - dinfo->cfg.bridge.br_control = pci_read_config(dev, - PCIR_BRIDGECTL_1, 2); - break; - case PCIM_HDRTYPE_CARDBUS: - dinfo->cfg.bridge.br_seclat = pci_read_config(dev, - PCIR_SECLAT_2, 1); - dinfo->cfg.bridge.br_subbus = pci_read_config(dev, - PCIR_SUBBUS_2, 1); - dinfo->cfg.bridge.br_secbus = pci_read_config(dev, - PCIR_SECBUS_2, 1); - dinfo->cfg.bridge.br_pribus = pci_read_config(dev, - PCIR_PRIBUS_2, 1); - dinfo->cfg.bridge.br_control = pci_read_config(dev, - PCIR_BRIDGECTL_2, 2); - dinfo->cfg.subvendor = pci_read_config(dev, PCIR_SUBVEND_2, 2); - dinfo->cfg.subdevice = pci_read_config(dev, PCIR_SUBDEV_2, 2); - break; - } if (dinfo->cfg.pcie.pcie_location != 0) pci_cfg_save_pcie(dev, dinfo); Modified: releng/10.2/sys/dev/pci/pci_pci.c ============================================================================== --- releng/10.2/sys/dev/pci/pci_pci.c Tue Jul 28 22:48:58 2015 (r285990) +++ releng/10.2/sys/dev/pci/pci_pci.c Wed Jul 29 00:57:54 2015 (r285991) @@ -549,22 +549,18 @@ void pcib_setup_secbus(device_t dev, struct pcib_secbus *bus, int min_count) { char buf[64]; - int error, rid, sec_reg; + int error, rid; switch (pci_read_config(dev, PCIR_HDRTYPE, 1) & PCIM_HDRTYPE) { case PCIM_HDRTYPE_BRIDGE: - sec_reg = PCIR_SECBUS_1; bus->sub_reg = PCIR_SUBBUS_1; break; case PCIM_HDRTYPE_CARDBUS: - sec_reg = PCIR_SECBUS_2; bus->sub_reg = PCIR_SUBBUS_2; break; default: panic("not a PCI bridge"); } - bus->sec = pci_read_config(dev, sec_reg, 1); - bus->sub = pci_read_config(dev, bus->sub_reg, 1); bus->dev = dev; bus->rman.rm_start = 0; bus->rman.rm_end = PCI_BUSMAX; @@ -849,16 +845,20 @@ pcib_set_mem_decode(struct pcib_softc *s static void pcib_cfg_save(struct pcib_softc *sc) { -#ifndef NEW_PCIB device_t dev; - uint16_t command; dev = sc->dev; - command = pci_read_config(dev, PCIR_COMMAND, 2); - if (command & PCIM_CMD_PORTEN) + sc->command = pci_read_config(dev, PCIR_COMMAND, 2); + sc->pribus = pci_read_config(dev, PCIR_PRIBUS_1, 1); + sc->bus.sec = pci_read_config(dev, PCIR_SECBUS_1, 1); + sc->bus.sub = pci_read_config(dev, PCIR_SUBBUS_1, 1); + sc->bridgectl = pci_read_config(dev, PCIR_BRIDGECTL_1, 2); + sc->seclat = pci_read_config(dev, PCIR_SECLAT_1, 1); +#ifndef NEW_PCIB + if (sc->command & PCIM_CMD_PORTEN) pcib_get_io_decode(sc); - if (command & PCIM_CMD_MEMEN) + if (sc->command & PCIM_CMD_MEMEN) pcib_get_mem_decode(sc); #endif } @@ -870,18 +870,21 @@ static void pcib_cfg_restore(struct pcib_softc *sc) { device_t dev; -#ifndef NEW_PCIB - uint16_t command; -#endif + dev = sc->dev; + pci_write_config(dev, PCIR_COMMAND, sc->command, 2); + pci_write_config(dev, PCIR_PRIBUS_1, sc->pribus, 1); + pci_write_config(dev, PCIR_SECBUS_1, sc->bus.sec, 1); + pci_write_config(dev, PCIR_SUBBUS_1, sc->bus.sub, 1); + pci_write_config(dev, PCIR_BRIDGECTL_1, sc->bridgectl, 2); + pci_write_config(dev, PCIR_SECLAT_1, sc->seclat, 1); #ifdef NEW_PCIB pcib_write_windows(sc, WIN_IO | WIN_MEM | WIN_PMEM); #else - command = pci_read_config(dev, PCIR_COMMAND, 2); - if (command & PCIM_CMD_PORTEN) + if (sc->command & PCIM_CMD_PORTEN) pcib_set_io_decode(sc); - if (command & PCIM_CMD_MEMEN) + if (sc->command & PCIM_CMD_MEMEN) pcib_set_mem_decode(sc); #endif } @@ -915,11 +918,7 @@ pcib_attach_common(device_t dev) * Get current bridge configuration. */ sc->domain = pci_get_domain(dev); -#if !(defined(NEW_PCIB) && defined(PCI_RES_BUS)) - sc->bus.sec = pci_read_config(dev, PCIR_SECBUS_1, 1); - sc->bus.sub = pci_read_config(dev, PCIR_SUBBUS_1, 1); -#endif - sc->bridgectl = pci_read_config(dev, PCIR_BRIDGECTL_1, 2); + sc->secstat = pci_read_config(dev, PCIR_SECSTAT_1, 2); pcib_cfg_save(sc); /* Modified: releng/10.2/sys/dev/pci/pcib_private.h ============================================================================== --- releng/10.2/sys/dev/pci/pcib_private.h Tue Jul 28 22:48:58 2015 (r285990) +++ releng/10.2/sys/dev/pci/pcib_private.h Wed Jul 29 00:57:54 2015 (r285991) @@ -106,6 +106,7 @@ struct pcib_softc #define PCIB_DISABLE_MSI 0x2 #define PCIB_DISABLE_MSIX 0x4 #define PCIB_ENABLE_ARI 0x8 + uint16_t command; /* command register */ u_int domain; /* domain number */ u_int pribus; /* primary bus number */ struct pcib_secbus bus; /* secondary bus numbers */ @@ -121,7 +122,9 @@ struct pcib_softc uint32_t iobase; /* base address of port window */ uint32_t iolimit; /* topmost address of port window */ #endif + uint16_t secstat; /* secondary bus status register */ uint16_t bridgectl; /* bridge control register */ + uint8_t seclat; /* secondary bus latency timer */ }; #define PCIB_SUPPORTED_ARI_VER 1 Modified: releng/10.2/sys/dev/pci/pcivar.h ============================================================================== --- releng/10.2/sys/dev/pci/pcivar.h Tue Jul 28 22:48:58 2015 (r285990) +++ releng/10.2/sys/dev/pci/pcivar.h Wed Jul 29 00:57:54 2015 (r285991) @@ -39,15 +39,6 @@ typedef uint64_t pci_addr_t; -/* Config registers for PCI-PCI and PCI-Cardbus bridges. */ -struct pcicfg_bridge { - uint8_t br_seclat; - uint8_t br_subbus; - uint8_t br_secbus; - uint8_t br_pribus; - uint16_t br_control; -}; - /* Interesting values for PCI power management */ struct pcicfg_pp { uint16_t pp_cap; /* PCI power management capabilities */ @@ -188,7 +179,6 @@ typedef struct pcicfg { uint8_t slot; /* config space slot address */ uint8_t func; /* config space function number */ - struct pcicfg_bridge bridge; /* Bridges */ struct pcicfg_pp pp; /* Power management */ struct pcicfg_vpd vpd; /* Vital product data */ struct pcicfg_msi msi; /* PCI MSI */ From owner-svn-src-releng@freebsd.org Wed Jul 29 14:16:27 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AD8D09ADC33; Wed, 29 Jul 2015 14:16:27 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9C4031A7C; Wed, 29 Jul 2015 14:16:27 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6TEGRHD067761; Wed, 29 Jul 2015 14:16:27 GMT (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6TEGQg6067758; Wed, 29 Jul 2015 14:16:26 GMT (envelope-from glebius@FreeBSD.org) Message-Id: <201507291416.t6TEGQg6067758@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: glebius set sender to glebius@FreeBSD.org using -f From: Gleb Smirnoff Date: Wed, 29 Jul 2015 14:16:26 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286014 - in releng/10.2/sys: net netpfil/pf X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 14:16:27 -0000 Author: glebius Date: Wed Jul 29 14:16:25 2015 New Revision: 286014 URL: https://svnweb.freebsd.org/changeset/base/286014 Log: Merge r285939-285941,285943,286004 from stable/10: - Protect against ioctl() vs ioctl() races. - Always lock hash row of a source node when updating its 'states' counter. [1] - Don't dereference NULL is pf_get_mtag() fails. [2] - During module unload drop locks before destroying UMA zone. PR: 182401 [1] PR: 200222 [2] Approved by: re (gjb) Modified: releng/10.2/sys/net/pfvar.h releng/10.2/sys/netpfil/pf/pf.c releng/10.2/sys/netpfil/pf/pf_ioctl.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/net/pfvar.h ============================================================================== --- releng/10.2/sys/net/pfvar.h Wed Jul 29 14:07:43 2015 (r286013) +++ releng/10.2/sys/net/pfvar.h Wed Jul 29 14:16:25 2015 (r286014) @@ -1549,7 +1549,6 @@ extern struct pf_state *pf_find_state_a extern struct pf_src_node *pf_find_src_node(struct pf_addr *, struct pf_rule *, sa_family_t, int); extern void pf_unlink_src_node(struct pf_src_node *); -extern void pf_unlink_src_node_locked(struct pf_src_node *); extern u_int pf_free_src_nodes(struct pf_src_node_list *); extern void pf_print_state(struct pf_state *); extern void pf_print_flags(u_int8_t); Modified: releng/10.2/sys/netpfil/pf/pf.c ============================================================================== --- releng/10.2/sys/netpfil/pf/pf.c Wed Jul 29 14:07:43 2015 (r286013) +++ releng/10.2/sys/netpfil/pf/pf.c Wed Jul 29 14:16:25 2015 (r286014) @@ -655,7 +655,10 @@ pf_find_src_node(struct pf_addr *src, st ((af == AF_INET && n->addr.v4.s_addr == src->v4.s_addr) || (af == AF_INET6 && bcmp(&n->addr, src, sizeof(*src)) == 0))) break; - if (n != NULL || returnlocked == 0) + if (n != NULL) { + n->states++; + PF_HASHROW_UNLOCK(sh); + } else if (returnlocked == 0) PF_HASHROW_UNLOCK(sh); return (n); @@ -699,6 +702,7 @@ pf_insert_src_node(struct pf_src_node ** LIST_INSERT_HEAD(&sh->nodes, *sn, entry); (*sn)->creation = time_uptime; (*sn)->ruletype = rule->action; + (*sn)->states = 1; if ((*sn)->rule.ptr != NULL) counter_u64_add((*sn)->rule.ptr->src_nodes, 1); PF_HASHROW_UNLOCK(sh); @@ -715,37 +719,13 @@ pf_insert_src_node(struct pf_src_node ** } void -pf_unlink_src_node_locked(struct pf_src_node *src) +pf_unlink_src_node(struct pf_src_node *src) { -#ifdef INVARIANTS - struct pf_srchash *sh; - sh = &V_pf_srchash[pf_hashsrc(&src->addr, src->af)]; - PF_HASHROW_ASSERT(sh); -#endif + PF_HASHROW_ASSERT(&V_pf_srchash[pf_hashsrc(&src->addr, src->af)]); LIST_REMOVE(src, entry); if (src->rule.ptr) counter_u64_add(src->rule.ptr->src_nodes, -1); - counter_u64_add(V_pf_status.scounters[SCNT_SRC_NODE_REMOVALS], 1); -} - -void -pf_unlink_src_node(struct pf_src_node *src) -{ - struct pf_srchash *sh; - - sh = &V_pf_srchash[pf_hashsrc(&src->addr, src->af)]; - PF_HASHROW_LOCK(sh); - pf_unlink_src_node_locked(src); - PF_HASHROW_UNLOCK(sh); -} - -static void -pf_free_src_node(struct pf_src_node *sn) -{ - - KASSERT(sn->states == 0, ("%s: %p has refs", __func__, sn)); - uma_zfree(V_pf_sources_z, sn); } u_int @@ -755,10 +735,12 @@ pf_free_src_nodes(struct pf_src_node_lis u_int count = 0; LIST_FOREACH_SAFE(sn, head, entry, tmp) { - pf_free_src_node(sn); + uma_zfree(V_pf_sources_z, sn); count++; } + counter_u64_add(V_pf_status.scounters[SCNT_SRC_NODE_REMOVALS], count); + return (count); } @@ -1550,7 +1532,7 @@ pf_purge_expired_src_nodes() PF_HASHROW_LOCK(sh); LIST_FOREACH_SAFE(cur, &sh->nodes, entry, next) if (cur->states == 0 && cur->expire <= time_uptime) { - pf_unlink_src_node_locked(cur); + pf_unlink_src_node(cur); LIST_INSERT_HEAD(&freelist, cur, entry); } else if (cur->rule.ptr != NULL) cur->rule.ptr->rule_flag |= PFRULE_REFS; @@ -1565,27 +1547,31 @@ pf_purge_expired_src_nodes() static void pf_src_tree_remove_state(struct pf_state *s) { - u_int32_t timeout; + struct pf_src_node *sn; + struct pf_srchash *sh; + uint32_t timeout; + + timeout = s->rule.ptr->timeout[PFTM_SRC_NODE] ? + s->rule.ptr->timeout[PFTM_SRC_NODE] : + V_pf_default_rule.timeout[PFTM_SRC_NODE]; if (s->src_node != NULL) { + sn = s->src_node; + sh = &V_pf_srchash[pf_hashsrc(&sn->addr, sn->af)]; + PF_HASHROW_LOCK(sh); if (s->src.tcp_est) - --s->src_node->conn; - if (--s->src_node->states == 0) { - timeout = s->rule.ptr->timeout[PFTM_SRC_NODE]; - if (!timeout) - timeout = - V_pf_default_rule.timeout[PFTM_SRC_NODE]; - s->src_node->expire = time_uptime + timeout; - } + --sn->conn; + if (--sn->states == 0) + sn->expire = time_uptime + timeout; + PF_HASHROW_UNLOCK(sh); } if (s->nat_src_node != s->src_node && s->nat_src_node != NULL) { - if (--s->nat_src_node->states == 0) { - timeout = s->rule.ptr->timeout[PFTM_SRC_NODE]; - if (!timeout) - timeout = - V_pf_default_rule.timeout[PFTM_SRC_NODE]; - s->nat_src_node->expire = time_uptime + timeout; - } + sn = s->nat_src_node; + sh = &V_pf_srchash[pf_hashsrc(&sn->addr, sn->af)]; + PF_HASHROW_LOCK(sh); + if (--sn->states == 0) + sn->expire = time_uptime + timeout; + PF_HASHROW_UNLOCK(sh); } s->src_node = s->nat_src_node = NULL; } @@ -3571,15 +3557,12 @@ pf_create_state(struct pf_rule *r, struc s->creation = time_uptime; s->expire = time_uptime; - if (sn != NULL) { + if (sn != NULL) s->src_node = sn; - s->src_node->states++; - } if (nsn != NULL) { /* XXX We only modify one side for now. */ PF_ACPY(&nsn->raddr, &nk->addr[1], pd->af); s->nat_src_node = nsn; - s->nat_src_node->states++; } if (pd->proto == IPPROTO_TCP) { if ((pd->flags & PFDESC_TCP_NORM) && pf_normalize_tcp_init(m, @@ -3677,14 +3660,32 @@ csfailed: if (nk != NULL) uma_zfree(V_pf_state_key_z, nk); - if (sn != NULL && sn->states == 0 && sn->expire == 0) { - pf_unlink_src_node(sn); - pf_free_src_node(sn); + if (sn != NULL) { + struct pf_srchash *sh; + + sh = &V_pf_srchash[pf_hashsrc(&sn->addr, sn->af)]; + PF_HASHROW_LOCK(sh); + if (--sn->states == 0 && sn->expire == 0) { + pf_unlink_src_node(sn); + uma_zfree(V_pf_sources_z, sn); + counter_u64_add( + V_pf_status.scounters[SCNT_SRC_NODE_REMOVALS], 1); + } + PF_HASHROW_UNLOCK(sh); } - if (nsn != sn && nsn != NULL && nsn->states == 0 && nsn->expire == 0) { - pf_unlink_src_node(nsn); - pf_free_src_node(nsn); + if (nsn != sn && nsn != NULL) { + struct pf_srchash *sh; + + sh = &V_pf_srchash[pf_hashsrc(&nsn->addr, nsn->af)]; + PF_HASHROW_LOCK(sh); + if (--nsn->states == 0 && nsn->expire == 0) { + pf_unlink_src_node(nsn); + uma_zfree(V_pf_sources_z, nsn); + counter_u64_add( + V_pf_status.scounters[SCNT_SRC_NODE_REMOVALS], 1); + } + PF_HASHROW_UNLOCK(sh); } return (PF_DROP); @@ -5911,13 +5912,14 @@ done: ((pd.pf_mtag = pf_get_mtag(m)) == NULL)) { action = PF_DROP; REASON_SET(&reason, PFRES_MEMORY); + } else { + if (pqid || (pd.tos & IPTOS_LOWDELAY)) + pd.pf_mtag->qid = r->pqid; + else + pd.pf_mtag->qid = r->qid; + /* Add hints for ecn. */ + pd.pf_mtag->hdr = h; } - if (pqid || (pd.tos & IPTOS_LOWDELAY)) - pd.pf_mtag->qid = r->pqid; - else - pd.pf_mtag->qid = r->qid; - /* add hints for ecn */ - pd.pf_mtag->hdr = h; } #endif /* ALTQ */ @@ -5956,9 +5958,11 @@ done: log = 1; DPFPRINTF(PF_DEBUG_MISC, ("pf: failed to allocate tag\n")); + } else { + pd.pf_mtag->flags |= + PF_FASTFWD_OURS_PRESENT; + m->m_flags &= ~M_FASTFWD_OURS; } - pd.pf_mtag->flags |= PF_FASTFWD_OURS_PRESENT; - m->m_flags &= ~M_FASTFWD_OURS; } ip_divert_ptr(*m0, dir == PF_IN ? DIR_IN : DIR_OUT); *m0 = NULL; @@ -6340,13 +6344,14 @@ done: ((pd.pf_mtag = pf_get_mtag(m)) == NULL)) { action = PF_DROP; REASON_SET(&reason, PFRES_MEMORY); + } else { + if (pd.tos & IPTOS_LOWDELAY) + pd.pf_mtag->qid = r->pqid; + else + pd.pf_mtag->qid = r->qid; + /* Add hints for ecn. */ + pd.pf_mtag->hdr = h; } - if (pd.tos & IPTOS_LOWDELAY) - pd.pf_mtag->qid = r->pqid; - else - pd.pf_mtag->qid = r->qid; - /* add hints for ecn */ - pd.pf_mtag->hdr = h; } #endif /* ALTQ */ Modified: releng/10.2/sys/netpfil/pf/pf_ioctl.c ============================================================================== --- releng/10.2/sys/netpfil/pf/pf_ioctl.c Wed Jul 29 14:07:43 2015 (r286013) +++ releng/10.2/sys/netpfil/pf/pf_ioctl.c Wed Jul 29 14:16:25 2015 (r286014) @@ -188,6 +188,7 @@ static volatile VNET_DEFINE(int, pf_pfil VNET_DEFINE(int, pf_end_threads); struct rwlock pf_rules_lock; +struct sx pf_ioctl_lock; /* pfsync */ pfsync_state_import_t *pfsync_state_import_ptr = NULL; @@ -1090,20 +1091,18 @@ pfioctl(struct cdev *dev, u_long cmd, ca switch (cmd) { case DIOCSTART: - PF_RULES_WLOCK(); + sx_xlock(&pf_ioctl_lock); if (V_pf_status.running) error = EEXIST; else { int cpu; - PF_RULES_WUNLOCK(); error = hook_pf(); if (error) { DPFPRINTF(PF_DEBUG_MISC, ("pf: pfil registration failed\n")); break; } - PF_RULES_WLOCK(); V_pf_status.running = 1; V_pf_status.since = time_second; @@ -1112,27 +1111,23 @@ pfioctl(struct cdev *dev, u_long cmd, ca DPFPRINTF(PF_DEBUG_MISC, ("pf: started\n")); } - PF_RULES_WUNLOCK(); break; case DIOCSTOP: - PF_RULES_WLOCK(); + sx_xlock(&pf_ioctl_lock); if (!V_pf_status.running) error = ENOENT; else { V_pf_status.running = 0; - PF_RULES_WUNLOCK(); error = dehook_pf(); if (error) { V_pf_status.running = 1; DPFPRINTF(PF_DEBUG_MISC, ("pf: pfil unregistration failed\n")); } - PF_RULES_WLOCK(); V_pf_status.since = time_second; DPFPRINTF(PF_DEBUG_MISC, ("pf: stopped\n")); } - PF_RULES_WUNLOCK(); break; case DIOCADDRULE: { @@ -3256,6 +3251,8 @@ DIOCCHANGEADDR_error: break; } fail: + if (sx_xlocked(&pf_ioctl_lock)) + sx_xunlock(&pf_ioctl_lock); CURVNET_RESTORE(); return (error); @@ -3433,7 +3430,7 @@ pf_kill_srcnodes(struct pfioc_src_node_k &psnk->psnk_dst.addr.v.a.addr, &psnk->psnk_dst.addr.v.a.mask, &sn->raddr, sn->af)) { - pf_unlink_src_node_locked(sn); + pf_unlink_src_node(sn); LIST_INSERT_HEAD(&kill, sn, entry); sn->expire = 1; } @@ -3446,18 +3443,10 @@ pf_kill_srcnodes(struct pfioc_src_node_k PF_HASHROW_LOCK(ih); LIST_FOREACH(s, &ih->states, entry) { - if (s->src_node && s->src_node->expire == 1) { -#ifdef INVARIANTS - s->src_node->states--; -#endif + if (s->src_node && s->src_node->expire == 1) s->src_node = NULL; - } - if (s->nat_src_node && s->nat_src_node->expire == 1) { -#ifdef INVARIANTS - s->nat_src_node->states--; -#endif + if (s->nat_src_node && s->nat_src_node->expire == 1) s->nat_src_node = NULL; - } } PF_HASHROW_UNLOCK(ih); } @@ -3728,6 +3717,7 @@ pf_load(void) VNET_LIST_RUNLOCK(); rw_init(&pf_rules_lock, "pf rulesets"); + sx_init(&pf_ioctl_lock, "pf ioctl"); pf_dev = make_dev(&pf_cdevsw, 0, 0, 0, 0600, PF_NAME); if ((error = pfattach()) != 0) @@ -3741,9 +3731,7 @@ pf_unload(void) { int error = 0; - PF_RULES_WLOCK(); V_pf_status.running = 0; - PF_RULES_WUNLOCK(); swi_remove(V_pf_swi_cookie); error = dehook_pf(); if (error) { @@ -3762,6 +3750,7 @@ pf_unload(void) wakeup_one(pf_purge_thread); rw_sleep(pf_purge_thread, &pf_rules_lock, 0, "pftmo", 0); } + PF_RULES_WUNLOCK(); pf_normalize_cleanup(); pfi_cleanup(); pfr_cleanup(); @@ -3769,9 +3758,9 @@ pf_unload(void) pf_cleanup(); if (IS_DEFAULT_VNET(curvnet)) pf_mtag_cleanup(); - PF_RULES_WUNLOCK(); destroy_dev(pf_dev); rw_destroy(&pf_rules_lock); + sx_destroy(&pf_ioctl_lock); return (error); } From owner-svn-src-releng@freebsd.org Wed Jul 29 17:25:19 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 842629AE4DD; Wed, 29 Jul 2015 17:25:19 +0000 (UTC) (envelope-from brueffer@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6800F1136; Wed, 29 Jul 2015 17:25:19 +0000 (UTC) (envelope-from brueffer@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6THPJCL048730; Wed, 29 Jul 2015 17:25:19 GMT (envelope-from brueffer@FreeBSD.org) Received: (from brueffer@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6THPIqh048728; Wed, 29 Jul 2015 17:25:18 GMT (envelope-from brueffer@FreeBSD.org) Message-Id: <201507291725.t6THPIqh048728@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brueffer set sender to brueffer@FreeBSD.org using -f From: Christian Brueffer Date: Wed, 29 Jul 2015 17:25:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286022 - releng/10.2/share/man/man4 X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 17:25:19 -0000 Author: brueffer Date: Wed Jul 29 17:25:18 2015 New Revision: 286022 URL: https://svnweb.freebsd.org/changeset/base/286022 Log: MFC: r285858, r286017 Add a basic manpage for the pms driver. Approved by: re (gjb) Added: releng/10.2/share/man/man4/pms.4 - copied unchanged from r286018, stable/10/share/man/man4/pms.4 Modified: releng/10.2/share/man/man4/Makefile Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/share/man/man4/Makefile ============================================================================== --- releng/10.2/share/man/man4/Makefile Wed Jul 29 17:18:27 2015 (r286021) +++ releng/10.2/share/man/man4/Makefile Wed Jul 29 17:25:18 2015 (r286022) @@ -382,6 +382,7 @@ MAN= aac.4 \ ${_pflog.4} \ ${_pfsync.4} \ pim.4 \ + pms.4 \ polling.4 \ ppbus.4 \ ppc.4 \ Copied: releng/10.2/share/man/man4/pms.4 (from r286018, stable/10/share/man/man4/pms.4) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/10.2/share/man/man4/pms.4 Wed Jul 29 17:25:18 2015 (r286022, copy of r286018, stable/10/share/man/man4/pms.4) @@ -0,0 +1,126 @@ +.\" Copyright (c) 2015 Christian Brueffer +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd July 29, 2015 +.Dt PMS 4 +.Os +.Sh NAME +.Nm pms +.Nd "PMC-Sierra PM8001/8081/8088/8089/8074/8076/8077 SAS/SATA HBA Controller driver" +.Sh SYNOPSIS +To compile the driver into the kernel, +place the following line in the +kernel configuration file: +.Bd -ragged -offset indent +.Cd "device pms" +.Ed +.Pp +Alternatively, to load the driver as a +module at boot time, place the following line in +.Xr loader.conf 5 : +.Bd -literal -offset indent +pms_load="YES" +.Ed +.Sh DESCRIPTION +The +.Nm +driver provides support for the PMC-Sierra PM8001/8081/8088/8089/8074/8076/8077 +range of SAS/SATA HBA controllers. +.Sh HARDWARE +The +.Nm +driver supports the following hardware: +.Pp +.Bl -bullet -compact +.It +Tachyon TS Fibre Channel Card +.It +Tachyon TL Fibre Channel Card +.It +Tachyon XL2 Fibre Channel Card +.It +Tachyon DX2 Fibre Channel Card +.It +Tachyon DX2+ Fibre Channel Card +.It +Tachyon DX4+ Fibre Channel Card +.It +Tachyon QX2 Fibre Channel Card +.It +Tachyon QX4 Fibre Channel Card +.It +Tachyon DE4 Fibre Channel Card +.It +Tachyon QE4 Fibre Channel Card +.It +Tachyon XL10 Fibre Channel Card +.It +PMC Sierra SPC SAS-SATA Card +.It +PMC Sierra SPC-V SAS-SATA Card +.It +PMC Sierra SPC-VE SAS-SATA Card +.It +PMC Sierra SPC-V 16 Port SAS-SATA Card +.It +PMC Sierra SPC-VE 16 Port SAS-SATA Card +.It +PMC Sierra SPC-V SAS-SATA Card 12Gig +.It +PMC Sierra SPC-VE SAS-SATA Card 12Gig +.It +PMC Sierra SPC-V 16 Port SAS-SATA Card 12Gig +.It +PMC Sierra SPC-VE 16 Port SAS-SATA Card 12Gig +.It +Adaptec Hialeah 4/8 Port SAS-SATA HBA Card 6Gig +.It +Adaptec Hialeah 4/8 Port SAS-SATA RAID Card 6Gig +.It +Adaptec Hialeah 8/16 Port SAS-SATA HBA Card 6Gig +.It +Adaptec Hialeah 8/16 Port SAS-SATA RAID Card 6Gig +.It +Adaptec Hialeah 8/16 Port SAS-SATA HBA Encryption Card 6Gig +.It +Adaptec Hialeah 8/16 Port SAS-SATA RAID Encryption Card 6Gig +.It +Adaptec Delray 8 Port SAS-SATA HBA Card 12Gig +.It +Adaptec Delray 8 Port SAS-SATA HBA Encryption Card 12Gig +.It +Adaptec Delray 16 Port SAS-SATA HBA Card 12Gig +.It +Adaptec Delray 16 Port SAS-SATA HBA Encryption Card 12Gig +.El +.Sh SEE ALSO +.Xr cam 4 , +.Xr camcontrol 8 +.Sh HISTORY +The +.Nm +device driver first appeared in +.Fx 10.2 . From owner-svn-src-releng@freebsd.org Wed Jul 29 17:28:05 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 484589AE51D; Wed, 29 Jul 2015 17:28:05 +0000 (UTC) (envelope-from brueffer@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3841313DC; Wed, 29 Jul 2015 17:28:05 +0000 (UTC) (envelope-from brueffer@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6THS5hC048923; Wed, 29 Jul 2015 17:28:05 GMT (envelope-from brueffer@FreeBSD.org) Received: (from brueffer@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6THS5Zb048922; Wed, 29 Jul 2015 17:28:05 GMT (envelope-from brueffer@FreeBSD.org) Message-Id: <201507291728.t6THS5Zb048922@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brueffer set sender to brueffer@FreeBSD.org using -f From: Christian Brueffer Date: Wed, 29 Jul 2015 17:28:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286023 - releng/10.2/release/doc/en_US.ISO8859-1/hardware X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 17:28:05 -0000 Author: brueffer Date: Wed Jul 29 17:28:04 2015 New Revision: 286023 URL: https://svnweb.freebsd.org/changeset/base/286023 Log: MFC: r285859 (via r286019) Auto-generate hardware notes for pms(4). Approved by: re (gjb) Modified: releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Wed Jul 29 17:25:18 2015 (r286022) +++ releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Wed Jul 29 17:28:04 2015 (r286023) @@ -765,6 +765,8 @@ &hwlist.nsp; + &hwlist.pms; + &hwlist.pst; &hwlist.siis; From owner-svn-src-releng@freebsd.org Wed Jul 29 20:17:30 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7EAAD9ADD0C; Wed, 29 Jul 2015 20:17:30 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6F7681D0; Wed, 29 Jul 2015 20:17:30 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6TKHUYA018754; Wed, 29 Jul 2015 20:17:30 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6TKHUsV018753; Wed, 29 Jul 2015 20:17:30 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507292017.t6TKHUsV018753@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Wed, 29 Jul 2015 20:17:30 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286039 - releng/10.2/release/doc/en_US.ISO8859-1/hardware X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 20:17:30 -0000 Author: gjb Date: Wed Jul 29 20:17:29 2015 New Revision: 286039 URL: https://svnweb.freebsd.org/changeset/base/286039 Log: Add ixl(4) to the hardware notes. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Wed Jul 29 20:17:26 2015 (r286038) +++ releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Wed Jul 29 20:17:29 2015 (r286039) @@ -900,6 +900,8 @@ &hwlist.ixgbe; + &hwlist.ixl; + &hwlist.jme; &hwlist.kue; From owner-svn-src-releng@freebsd.org Wed Jul 29 20:17:28 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1084E9ADCFE; Wed, 29 Jul 2015 20:17:28 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 00AED1CD; Wed, 29 Jul 2015 20:17:28 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6TKHRSi018713; Wed, 29 Jul 2015 20:17:27 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6TKHRNS018712; Wed, 29 Jul 2015 20:17:27 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507292017.t6TKHRNS018712@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Wed, 29 Jul 2015 20:17:27 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286038 - releng/10.2/release/doc/en_US.ISO8859-1/hardware X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 20:17:28 -0000 Author: gjb Date: Wed Jul 29 20:17:26 2015 New Revision: 286038 URL: https://svnweb.freebsd.org/changeset/base/286038 Log: Update copyright after r286023. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Wed Jul 29 20:10:36 2015 (r286037) +++ releng/10.2/release/doc/en_US.ISO8859-1/hardware/article.xml Wed Jul 29 20:17:26 2015 (r286038) @@ -31,6 +31,7 @@ 2012 2013 2014 + 2015 The &os; Documentation Project From owner-svn-src-releng@freebsd.org Wed Jul 29 23:34:39 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 187C59AE7B1; Wed, 29 Jul 2015 23:34:39 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 09368104C; Wed, 29 Jul 2015 23:34:39 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6TNYces001575; Wed, 29 Jul 2015 23:34:38 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6TNYcdj001574; Wed, 29 Jul 2015 23:34:38 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507292334.t6TNYcdj001574@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Wed, 29 Jul 2015 23:34:38 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286048 - releng/10.2/release X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Jul 2015 23:34:39 -0000 Author: gjb Date: Wed Jul 29 23:34:38 2015 New Revision: 286048 URL: https://svnweb.freebsd.org/changeset/base/286048 Log: Set the default VHD file format to the fixed-size image for the 10.2-RELEASE, as the issue preventing the dynamic-size image from booting is not yet resolved. This is a direct commit to releng/10.2. Approved by: re (kib) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/Makefile.vm Modified: releng/10.2/release/Makefile.vm ============================================================================== --- releng/10.2/release/Makefile.vm Wed Jul 29 23:26:14 2015 (r286047) +++ releng/10.2/release/Makefile.vm Wed Jul 29 23:34:38 2015 (r286048) @@ -6,7 +6,7 @@ # VMTARGETS= vm-image -VMFORMATS?= vhd vmdk qcow2 raw +VMFORMATS?= vhdf vmdk qcow2 raw VMSIZE?= 20G VMBASE?= vm From owner-svn-src-releng@freebsd.org Thu Jul 30 02:22:39 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 40B689A7777; Thu, 30 Jul 2015 02:22:39 +0000 (UTC) (envelope-from whu@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 176991335; Thu, 30 Jul 2015 02:22:39 +0000 (UTC) (envelope-from whu@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6U2Mc1T071281; Thu, 30 Jul 2015 02:22:38 GMT (envelope-from whu@FreeBSD.org) Received: (from whu@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6U2Mcl1071280; Thu, 30 Jul 2015 02:22:38 GMT (envelope-from whu@FreeBSD.org) Message-Id: <201507300222.t6U2Mcl1071280@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: whu set sender to whu@FreeBSD.org using -f From: Wei Hu Date: Thu, 30 Jul 2015 02:22:38 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286058 - releng/10.2/sys/dev/hyperv/netvsc X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 02:22:39 -0000 Author: whu Date: Thu Jul 30 02:22:38 2015 New Revision: 286058 URL: https://svnweb.freebsd.org/changeset/base/286058 Log: MFC r285928 Do not enable UDP checksum offloading when running on the Hyper-V on Windows Server 2012 and earlier hosts. Submitted by: whu Reviewed by: royger Approved by: re (gjb) Sponsored by: Microsoft OSTC Differential Revision: https://reviews.freebsd.org/D3102 Modified: releng/10.2/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c ============================================================================== --- releng/10.2/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c Thu Jul 30 02:09:03 2015 (r286057) +++ releng/10.2/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c Thu Jul 30 02:22:38 2015 (r286058) @@ -343,7 +343,15 @@ netvsc_attach(device_t dev) IFCAP_VLAN_HWTAGGING | IFCAP_VLAN_MTU | IFCAP_HWCSUM | IFCAP_TSO; ifp->if_capenable |= IFCAP_VLAN_HWTAGGING | IFCAP_VLAN_MTU | IFCAP_HWCSUM | IFCAP_TSO; - ifp->if_hwassist = CSUM_TCP | CSUM_UDP | CSUM_TSO; + /* + * Only enable UDP checksum offloading when it is on 2012R2 or + * later. UDP checksum offloading doesn't work on earlier + * Windows releases. + */ + if (hv_vmbus_protocal_version >= HV_VMBUS_VERSION_WIN8_1) + ifp->if_hwassist = CSUM_TCP | CSUM_UDP | CSUM_TSO; + else + ifp->if_hwassist = CSUM_TCP | CSUM_TSO; ret = hv_rf_on_device_add(device_ctx, &device_info); if (ret != 0) { @@ -1110,7 +1118,17 @@ hn_ioctl(struct ifnet *ifp, u_long cmd, ifp->if_hwassist &= ~(CSUM_TCP | CSUM_UDP); } else { ifp->if_capenable |= IFCAP_TXCSUM; - ifp->if_hwassist |= (CSUM_TCP | CSUM_UDP); + /* + * Only enable UDP checksum offloading on + * Windows Server 2012R2 or later releases. + */ + if (hv_vmbus_protocal_version >= + HV_VMBUS_VERSION_WIN8_1) { + ifp->if_hwassist |= + (CSUM_TCP | CSUM_UDP); + } else { + ifp->if_hwassist |= CSUM_TCP; + } } } From owner-svn-src-releng@freebsd.org Thu Jul 30 02:45:38 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74F7B9A7CDF; Thu, 30 Jul 2015 02:45:38 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5C0FE1F9A; Thu, 30 Jul 2015 02:45:38 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6U2jc5t079640; Thu, 30 Jul 2015 02:45:38 GMT (envelope-from marius@FreeBSD.org) Received: (from marius@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6U2jaWJ079635; Thu, 30 Jul 2015 02:45:36 GMT (envelope-from marius@FreeBSD.org) Message-Id: <201507300245.t6U2jaWJ079635@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: marius set sender to marius@FreeBSD.org using -f From: Marius Strobl Date: Thu, 30 Jul 2015 02:45:36 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286060 - in releng/10.2/sys: kern sparc64/include sparc64/sparc64 X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 02:45:38 -0000 Author: marius Date: Thu Jul 30 02:45:35 2015 New Revision: 286060 URL: https://svnweb.freebsd.org/changeset/base/286060 Log: MFC: r285839 (r286055 in stable/10) o Revert the other functional half of r239864, i. e. the merge of r134227 from x86 to use smp_ipi_mtx spin lock not only for smp_rendezvous_cpus() but also for the MD cache invalidation, TLB demapping and remote register reading IPIs due to the following reasons: - The cross-IPI SMP deadlock x86 otherwise is subject to can't happen on sparc64. That's because on sparc64, spin locks don't disable interrupts completely but only raise the processor interrupt level to PIL_TICK. This means that IPIs still get delivered and direct dispatch IPIs such as the cache invalidation etc. IPIs in question are still executed. - In smp_rendezvous_cpus(), smp_ipi_mtx is held not only while sending an IPI_RENDEZVOUS, but until all CPUs have processed smp_rendezvous_action(). Consequently, smp_ipi_mtx may be locked for an extended amount of time as queued IPIs (as opposed to the direct ones) such as IPI_RENDEZVOUS are scheduled via a soft interrupt. Moreover, given that this soft interrupt is only delivered at PIL_RENDEZVOUS, processing of smp_rendezvous_action() on a target may be interrupted by f. e. a tick interrupt at PIL_TICK, in turn leading to the target in question trying to send an IPI by itself while IPI_RENDEZVOUS isn't fully handled, yet, and, thus, resulting in a deadlock. o As mentioned in the commit message of r245850, on least some sun4u platforms concurrent sending of IPIs by different CPUs is fatal. Therefore, hold the reintroduced MD ipi_mtx also while delivering cross-traps via MI helpers, i. e. ipi_{all_but_self,cpu,selected}(). o Akin to x86, let the last CPU to process cpu_mp_bootstrap() set smp_started instead of the BSP in cpu_mp_unleash(). This ensures that all APs actually are started, when smp_started is no longer 0. o In all MD and MI IPI helpers, check for smp_started == 1 rather than for smp_cpus > 1 or nothing at all. This avoids races during boot causing IPIs trying to be delivered to APs that in fact aren't up and running, yet. While at it, move setting of the cpu_ipi_{selected,single}() pointers to the appropriate delivery functions from mp_init() to cpu_mp_start() where it's better suited and allows to get rid of the global isjbus variable. o Given that now concurrent IPI delivery no longer is possible, also nuke the delays before completely disabling interrupts again in the CPU-specific cross-trap delivery functions, previously giving other CPUs a window for sending IPIs on their part. Actually, we now should be able to entirely get rid of completely disabling interrupts in these functions. Such a change needs more testing, though. o In {s,}tick_get_timecount_mp(), make the {s,}tick variable static. While not necessary for correctness, this avoids page faults when accessing the stack of a foreign CPU as {s,}tick now is locked into the TLBs as part of static kernel data. Hence, {s,}tick_get_timecount_mp() always execute as fast as possible, avoiding jitter. PR: 201245 Approved by: re (gjb) Modified: releng/10.2/sys/kern/subr_witness.c releng/10.2/sys/sparc64/include/smp.h releng/10.2/sys/sparc64/sparc64/machdep.c releng/10.2/sys/sparc64/sparc64/mp_machdep.c releng/10.2/sys/sparc64/sparc64/tick.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/kern/subr_witness.c ============================================================================== --- releng/10.2/sys/kern/subr_witness.c Thu Jul 30 02:23:09 2015 (r286059) +++ releng/10.2/sys/kern/subr_witness.c Thu Jul 30 02:45:35 2015 (r286060) @@ -666,6 +666,9 @@ static struct witness_order_list_entry o */ { "intrcnt", &lock_class_mtx_spin }, { "icu", &lock_class_mtx_spin }, +#if defined(SMP) && defined(__sparc64__) + { "ipi", &lock_class_mtx_spin }, +#endif #ifdef __i386__ { "allpmaps", &lock_class_mtx_spin }, { "descriptor tables", &lock_class_mtx_spin }, Modified: releng/10.2/sys/sparc64/include/smp.h ============================================================================== --- releng/10.2/sys/sparc64/include/smp.h Thu Jul 30 02:23:09 2015 (r286059) +++ releng/10.2/sys/sparc64/include/smp.h Thu Jul 30 02:45:35 2015 (r286060) @@ -39,13 +39,15 @@ #ifndef LOCORE +#include #include +#include +#include #include #include #include #include -#include #include #define IDR_BUSY 0x0000000000000001ULL @@ -96,6 +98,7 @@ struct ipi_tlb_args { }; #define ita_va ita_start +struct pcb; struct pcpu; extern struct pcb stoppcbs[]; @@ -108,8 +111,9 @@ extern cpu_ipi_selected_t *cpu_ipi_selec typedef void cpu_ipi_single_t(u_int, u_long, u_long, u_long); extern cpu_ipi_single_t *cpu_ipi_single; -void mp_init(u_int cpu_impl); +void mp_init(void); +extern struct mtx ipi_mtx; extern struct ipi_cache_args ipi_cache_args; extern struct ipi_rd_args ipi_rd_args; extern struct ipi_tlb_args ipi_tlb_args; @@ -139,23 +143,37 @@ ipi_all_but_self(u_int ipi) { cpuset_t cpus; + if (__predict_false(smp_started == 0)) + return; cpus = all_cpus; + sched_pin(); CPU_CLR(PCPU_GET(cpuid), &cpus); + mtx_lock_spin(&ipi_mtx); cpu_ipi_selected(cpus, 0, (u_long)tl_ipi_level, ipi); + mtx_unlock_spin(&ipi_mtx); + sched_unpin(); } static __inline void ipi_selected(cpuset_t cpus, u_int ipi) { + if (__predict_false(smp_started == 0 || CPU_EMPTY(&cpus))) + return; + mtx_lock_spin(&ipi_mtx); cpu_ipi_selected(cpus, 0, (u_long)tl_ipi_level, ipi); + mtx_unlock_spin(&ipi_mtx); } static __inline void ipi_cpu(int cpu, u_int ipi) { + if (__predict_false(smp_started == 0)) + return; + mtx_lock_spin(&ipi_mtx); cpu_ipi_single(cpu, 0, (u_long)tl_ipi_level, ipi); + mtx_unlock_spin(&ipi_mtx); } #if defined(_MACHINE_PMAP_H_) && defined(_SYS_MUTEX_H_) @@ -165,11 +183,11 @@ ipi_dcache_page_inval(void *func, vm_pad { struct ipi_cache_args *ica; - if (smp_cpus == 1) + if (__predict_false(smp_started == 0)) return (NULL); sched_pin(); ica = &ipi_cache_args; - mtx_lock_spin(&smp_ipi_mtx); + mtx_lock_spin(&ipi_mtx); ica->ica_mask = all_cpus; CPU_CLR(PCPU_GET(cpuid), &ica->ica_mask); ica->ica_pa = pa; @@ -182,11 +200,11 @@ ipi_icache_page_inval(void *func, vm_pad { struct ipi_cache_args *ica; - if (smp_cpus == 1) + if (__predict_false(smp_started == 0)) return (NULL); sched_pin(); ica = &ipi_cache_args; - mtx_lock_spin(&smp_ipi_mtx); + mtx_lock_spin(&ipi_mtx); ica->ica_mask = all_cpus; CPU_CLR(PCPU_GET(cpuid), &ica->ica_mask); ica->ica_pa = pa; @@ -199,11 +217,11 @@ ipi_rd(u_int cpu, void *func, u_long *va { struct ipi_rd_args *ira; - if (smp_cpus == 1) + if (__predict_false(smp_started == 0)) return (NULL); sched_pin(); ira = &ipi_rd_args; - mtx_lock_spin(&smp_ipi_mtx); + mtx_lock_spin(&ipi_mtx); CPU_SETOF(cpu, &ira->ira_mask); ira->ira_val = val; cpu_ipi_single(cpu, 0, (u_long)func, (u_long)ira); @@ -216,7 +234,7 @@ ipi_tlb_context_demap(struct pmap *pm) struct ipi_tlb_args *ita; cpuset_t cpus; - if (smp_cpus == 1) + if (__predict_false(smp_started == 0)) return (NULL); sched_pin(); cpus = pm->pm_active; @@ -227,7 +245,7 @@ ipi_tlb_context_demap(struct pmap *pm) return (NULL); } ita = &ipi_tlb_args; - mtx_lock_spin(&smp_ipi_mtx); + mtx_lock_spin(&ipi_mtx); ita->ita_mask = cpus; ita->ita_pmap = pm; cpu_ipi_selected(cpus, 0, (u_long)tl_ipi_tlb_context_demap, @@ -241,7 +259,7 @@ ipi_tlb_page_demap(struct pmap *pm, vm_o struct ipi_tlb_args *ita; cpuset_t cpus; - if (smp_cpus == 1) + if (__predict_false(smp_started == 0)) return (NULL); sched_pin(); cpus = pm->pm_active; @@ -252,7 +270,7 @@ ipi_tlb_page_demap(struct pmap *pm, vm_o return (NULL); } ita = &ipi_tlb_args; - mtx_lock_spin(&smp_ipi_mtx); + mtx_lock_spin(&ipi_mtx); ita->ita_mask = cpus; ita->ita_pmap = pm; ita->ita_va = va; @@ -266,7 +284,7 @@ ipi_tlb_range_demap(struct pmap *pm, vm_ struct ipi_tlb_args *ita; cpuset_t cpus; - if (smp_cpus == 1) + if (__predict_false(smp_started == 0)) return (NULL); sched_pin(); cpus = pm->pm_active; @@ -277,7 +295,7 @@ ipi_tlb_range_demap(struct pmap *pm, vm_ return (NULL); } ita = &ipi_tlb_args; - mtx_lock_spin(&smp_ipi_mtx); + mtx_lock_spin(&ipi_mtx); ita->ita_mask = cpus; ita->ita_pmap = pm; ita->ita_start = start; @@ -292,10 +310,10 @@ ipi_wait(void *cookie) { volatile cpuset_t *mask; - if ((mask = cookie) != NULL) { + if (__predict_false((mask = cookie) != NULL)) { while (!CPU_EMPTY(mask)) ; - mtx_unlock_spin(&smp_ipi_mtx); + mtx_unlock_spin(&ipi_mtx); sched_unpin(); } } Modified: releng/10.2/sys/sparc64/sparc64/machdep.c ============================================================================== --- releng/10.2/sys/sparc64/sparc64/machdep.c Thu Jul 30 02:23:09 2015 (r286059) +++ releng/10.2/sys/sparc64/sparc64/machdep.c Thu Jul 30 02:45:35 2015 (r286060) @@ -503,7 +503,7 @@ sparc64_init(caddr_t mdp, u_long o1, u_l } #ifdef SMP - mp_init(cpu_impl); + mp_init(); #endif /* Modified: releng/10.2/sys/sparc64/sparc64/mp_machdep.c ============================================================================== --- releng/10.2/sys/sparc64/sparc64/mp_machdep.c Thu Jul 30 02:23:09 2015 (r286059) +++ releng/10.2/sys/sparc64/sparc64/mp_machdep.c Thu Jul 30 02:45:35 2015 (r286060) @@ -82,6 +82,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -113,12 +114,13 @@ struct ipi_rd_args ipi_rd_args; struct ipi_tlb_args ipi_tlb_args; struct pcb stoppcbs[MAXCPU]; +struct mtx ipi_mtx; + cpu_ipi_selected_t *cpu_ipi_selected; cpu_ipi_single_t *cpu_ipi_single; static vm_offset_t mp_tramp; static u_int cpuid_to_mid[MAXCPU]; -static int isjbus; static volatile cpuset_t shutdown_cpus; static void ap_count(phandle_t node, u_int mid, u_int cpu_impl); @@ -138,7 +140,7 @@ static cpu_ipi_single_t spitfire_ipi_sin SYSINIT(cpu_mp_unleash, SI_SUB_SMP, SI_ORDER_FIRST, cpu_mp_unleash, NULL); void -mp_init(u_int cpu_impl) +mp_init(void) { struct tte *tp; int i; @@ -157,24 +159,6 @@ mp_init(u_int cpu_impl) } for (i = 0; i < PAGE_SIZE; i += sizeof(vm_offset_t)) flush(mp_tramp + i); - - /* - * On UP systems cpu_ipi_selected() can be called while - * cpu_mp_start() wasn't so initialize these here. - */ - if (cpu_impl == CPU_IMPL_ULTRASPARCIIIi || - cpu_impl == CPU_IMPL_ULTRASPARCIIIip) { - isjbus = 1; - cpu_ipi_selected = jalapeno_ipi_selected; - cpu_ipi_single = jalapeno_ipi_single; - } else if (cpu_impl == CPU_IMPL_SPARC64V || - cpu_impl >= CPU_IMPL_ULTRASPARCIII) { - cpu_ipi_selected = cheetah_ipi_selected; - cpu_ipi_single = cheetah_ipi_single; - } else { - cpu_ipi_selected = spitfire_ipi_selected; - cpu_ipi_single = spitfire_ipi_single; - } } static void @@ -219,7 +203,7 @@ foreach_ap(phandle_t node, void (*func)( * Probe for other CPUs. */ void -cpu_mp_setmaxid() +cpu_mp_setmaxid(void) { CPU_SETOF(curcpu, &all_cpus); @@ -277,6 +261,25 @@ sun4u_startcpu(phandle_t cpu, void *func void cpu_mp_start(void) { + u_int cpu_impl, isjbus; + + mtx_init(&ipi_mtx, "ipi", NULL, MTX_SPIN); + + isjbus = 0; + cpu_impl = PCPU_GET(impl); + if (cpu_impl == CPU_IMPL_ULTRASPARCIIIi || + cpu_impl == CPU_IMPL_ULTRASPARCIIIip) { + isjbus = 1; + cpu_ipi_selected = jalapeno_ipi_selected; + cpu_ipi_single = jalapeno_ipi_single; + } else if (cpu_impl == CPU_IMPL_SPARC64V || + cpu_impl >= CPU_IMPL_ULTRASPARCIII) { + cpu_ipi_selected = cheetah_ipi_selected; + cpu_ipi_single = cheetah_ipi_single; + } else { + cpu_ipi_selected = spitfire_ipi_selected; + cpu_ipi_single = spitfire_ipi_single; + } intr_setup(PIL_AST, cpu_ipi_ast, -1, NULL, NULL); intr_setup(PIL_RENDEZVOUS, (ih_func_t *)smp_rendezvous_action, @@ -360,7 +363,7 @@ cpu_mp_announce(void) } static void -cpu_mp_unleash(void *v) +cpu_mp_unleash(void *v __unused) { volatile struct cpu_start_args *csa; struct pcpu *pc; @@ -407,7 +410,6 @@ cpu_mp_unleash(void *v) membar(StoreLoad); csa->csa_count = 0; - smp_started = 1; } void @@ -464,6 +466,9 @@ cpu_mp_bootstrap(struct pcpu *pc) while (csa->csa_count != 0) ; + if (smp_cpus == mp_ncpus) + atomic_store_rel_int(&smp_started, 1); + /* Start per-CPU event timers. */ cpu_initclocks_ap(); @@ -530,7 +535,7 @@ cpu_ipi_stop(struct trapframe *tf __unus } static void -cpu_ipi_preempt(struct trapframe *tf) +cpu_ipi_preempt(struct trapframe *tf __unused) { sched_preempt(curthread); @@ -573,9 +578,11 @@ spitfire_ipi_single(u_int cpu, u_long d0 u_int mid; int i; + mtx_assert(&ipi_mtx, MA_OWNED); KASSERT(cpu != curcpu, ("%s: CPU can't IPI itself", __func__)); KASSERT((ldxa(0, ASI_INTR_DISPATCH_STATUS) & IDR_BUSY) == 0, ("%s: outstanding dispatch", __func__)); + mid = cpuid_to_mid[cpu]; for (i = 0; i < IPI_RETRIES; i++) { s = intr_disable(); @@ -601,12 +608,6 @@ spitfire_ipi_single(u_int cpu, u_long d0 intr_restore(s); if ((ids & (IDR_BUSY | IDR_NACK)) == 0) return; - /* - * Leave interrupts enabled for a bit before retrying - * in order to avoid deadlocks if the other CPU is also - * trying to send an IPI. - */ - DELAY(2); } if (kdb_active != 0 || panicstr != NULL) printf("%s: couldn't send IPI to module 0x%u\n", @@ -624,10 +625,12 @@ cheetah_ipi_single(u_int cpu, u_long d0, u_int mid; int i; + mtx_assert(&ipi_mtx, MA_OWNED); KASSERT(cpu != curcpu, ("%s: CPU can't IPI itself", __func__)); KASSERT((ldxa(0, ASI_INTR_DISPATCH_STATUS) & IDR_CHEETAH_ALL_BUSY) == 0, ("%s: outstanding dispatch", __func__)); + mid = cpuid_to_mid[cpu]; for (i = 0; i < IPI_RETRIES; i++) { s = intr_disable(); @@ -644,12 +647,6 @@ cheetah_ipi_single(u_int cpu, u_long d0, intr_restore(s); if ((ids & (IDR_BUSY | IDR_NACK)) == 0) return; - /* - * Leave interrupts enabled for a bit before retrying - * in order to avoid deadlocks if the other CPU is also - * trying to send an IPI. - */ - DELAY(2); } if (kdb_active != 0 || panicstr != NULL) printf("%s: couldn't send IPI to module 0x%u\n", @@ -669,13 +666,14 @@ cheetah_ipi_selected(cpuset_t cpus, u_lo u_int cpu; int i; + mtx_assert(&ipi_mtx, MA_OWNED); + KASSERT(!CPU_EMPTY(&cpus), ("%s: no CPUs to IPI", __func__)); KASSERT(!CPU_ISSET(curcpu, &cpus), ("%s: CPU can't IPI itself", __func__)); KASSERT((ldxa(0, ASI_INTR_DISPATCH_STATUS) & IDR_CHEETAH_ALL_BUSY) == 0, ("%s: outstanding dispatch", __func__)); - if (CPU_EMPTY(&cpus)) - return; + ids = 0; for (i = 0; i < IPI_RETRIES * mp_ncpus; i++) { s = intr_disable(); @@ -709,12 +707,6 @@ cheetah_ipi_selected(cpuset_t cpus, u_lo } if (CPU_EMPTY(&cpus)) return; - /* - * Leave interrupts enabled for a bit before retrying - * in order to avoid deadlocks if the other CPUs are - * also trying to send IPIs. - */ - DELAY(2 * mp_ncpus); } if (kdb_active != 0 || panicstr != NULL) printf("%s: couldn't send IPI (cpus=%s ids=0x%lu)\n", @@ -732,10 +724,12 @@ jalapeno_ipi_single(u_int cpu, u_long d0 u_int busy, busynack, mid; int i; + mtx_assert(&ipi_mtx, MA_OWNED); KASSERT(cpu != curcpu, ("%s: CPU can't IPI itself", __func__)); KASSERT((ldxa(0, ASI_INTR_DISPATCH_STATUS) & IDR_CHEETAH_ALL_BUSY) == 0, ("%s: outstanding dispatch", __func__)); + mid = cpuid_to_mid[cpu]; busy = IDR_BUSY << (2 * mid); busynack = (IDR_BUSY | IDR_NACK) << (2 * mid); @@ -754,12 +748,6 @@ jalapeno_ipi_single(u_int cpu, u_long d0 intr_restore(s); if ((ids & busynack) == 0) return; - /* - * Leave interrupts enabled for a bit before retrying - * in order to avoid deadlocks if the other CPU is also - * trying to send an IPI. - */ - DELAY(2); } if (kdb_active != 0 || panicstr != NULL) printf("%s: couldn't send IPI to module 0x%u\n", @@ -778,13 +766,14 @@ jalapeno_ipi_selected(cpuset_t cpus, u_l u_int cpu; int i; + mtx_assert(&ipi_mtx, MA_OWNED); + KASSERT(!CPU_EMPTY(&cpus), ("%s: no CPUs to IPI", __func__)); KASSERT(!CPU_ISSET(curcpu, &cpus), ("%s: CPU can't IPI itself", __func__)); KASSERT((ldxa(0, ASI_INTR_DISPATCH_STATUS) & IDR_CHEETAH_ALL_BUSY) == 0, ("%s: outstanding dispatch", __func__)); - if (CPU_EMPTY(&cpus)) - return; + ids = 0; for (i = 0; i < IPI_RETRIES * mp_ncpus; i++) { s = intr_disable(); @@ -811,12 +800,6 @@ jalapeno_ipi_selected(cpuset_t cpus, u_l if ((ids & (IDR_NACK << (2 * cpuid_to_mid[cpu]))) == 0) CPU_CLR(cpu, &cpus); - /* - * Leave interrupts enabled for a bit before retrying - * in order to avoid deadlocks if the other CPUs are - * also trying to send IPIs. - */ - DELAY(2 * mp_ncpus); } if (kdb_active != 0 || panicstr != NULL) printf("%s: couldn't send IPI (cpus=%s ids=0x%lu)\n", Modified: releng/10.2/sys/sparc64/sparc64/tick.c ============================================================================== --- releng/10.2/sys/sparc64/sparc64/tick.c Thu Jul 30 02:23:09 2015 (r286059) +++ releng/10.2/sys/sparc64/sparc64/tick.c Thu Jul 30 02:45:35 2015 (r286060) @@ -31,8 +31,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include -#include #include #include #include @@ -46,7 +44,6 @@ __FBSDID("$FreeBSD$"); #include #include -#include #include #include #include @@ -326,7 +323,7 @@ tick_get_timecount_up(struct timecounter static u_int stick_get_timecount_mp(struct timecounter *tc) { - u_long stick; + static u_long stick; sched_pin(); if (curcpu == 0) @@ -340,7 +337,7 @@ stick_get_timecount_mp(struct timecounte static u_int tick_get_timecount_mp(struct timecounter *tc) { - u_long tick; + static u_long tick; sched_pin(); if (curcpu == 0) From owner-svn-src-releng@freebsd.org Thu Jul 30 03:06:13 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 175DE9AE1AE; Thu, 30 Jul 2015 03:06:13 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 07E511111; Thu, 30 Jul 2015 03:06:13 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6U36Cem088820; Thu, 30 Jul 2015 03:06:12 GMT (envelope-from marius@FreeBSD.org) Received: (from marius@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6U36Cpe088818; Thu, 30 Jul 2015 03:06:12 GMT (envelope-from marius@FreeBSD.org) Message-Id: <201507300306.t6U36Cpe088818@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: marius set sender to marius@FreeBSD.org using -f From: Marius Strobl Date: Thu, 30 Jul 2015 03:06:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286061 - releng/10.2/sys/dev/uart X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 03:06:13 -0000 Author: marius Date: Thu Jul 30 03:06:11 2015 New Revision: 286061 URL: https://svnweb.freebsd.org/changeset/base/286061 Log: MFC: r285843 (r286059 in stable/10) - Since r253161, uart_intr() abuses FILTER_SCHEDULE_THREAD for signaling uart_bus_attach() during its test that 20 iterations weren't sufficient for clearing all pending interrupts, assuming this means that hardware is broken and doesn't deassert interrupts. However, under pressure, 20 iterations also can be insufficient for clearing all pending interrupts, leading to a panic as intr_event_handle() tries to schedule an interrupt handler not registered. Solve this by introducing a flag that is set in test mode and otherwise restores pre-r253161 behavior of uart_intr(). The approach of additionally registering uart_intr() as handler as suggested in PR 194979 is not taken as that in turn would abuse special pccard and pccbb handling code of intr_event_handle(). [1] - Const'ify uart_driver_name. - Fix some minor style bugs. PR: 194979 [1] Reviewed by: marcel (earlier version) Approved by: re (gjb) Modified: releng/10.2/sys/dev/uart/uart_bus.h releng/10.2/sys/dev/uart/uart_core.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/dev/uart/uart_bus.h ============================================================================== --- releng/10.2/sys/dev/uart/uart_bus.h Thu Jul 30 02:45:35 2015 (r286060) +++ releng/10.2/sys/dev/uart/uart_bus.h Thu Jul 30 03:06:11 2015 (r286061) @@ -98,6 +98,7 @@ struct uart_softc { int sc_polled:1; /* This UART has no interrupts. */ int sc_txbusy:1; /* This UART is transmitting. */ int sc_isquelch:1; /* This UART has input squelched. */ + int sc_testintr:1; /* This UART is under int. testing. */ struct uart_devinfo *sc_sysdev; /* System device (or NULL). */ @@ -134,7 +135,7 @@ struct uart_softc { }; extern devclass_t uart_devclass; -extern char uart_driver_name[]; +extern const char uart_driver_name[]; int uart_bus_attach(device_t dev); int uart_bus_detach(device_t dev); @@ -156,14 +157,16 @@ void uart_tty_intr(void *arg); static __inline int uart_rx_empty(struct uart_softc *sc) { + return ((sc->sc_rxget == sc->sc_rxput) ? 1 : 0); } static __inline int uart_rx_full(struct uart_softc *sc) { - return ((sc->sc_rxput + 1 < sc->sc_rxbufsz) - ? (sc->sc_rxput + 1 == sc->sc_rxget) : (sc->sc_rxget == 0)); + + return ((sc->sc_rxput + 1 < sc->sc_rxbufsz) ? + (sc->sc_rxput + 1 == sc->sc_rxget) : (sc->sc_rxget == 0)); } static __inline int Modified: releng/10.2/sys/dev/uart/uart_core.c ============================================================================== --- releng/10.2/sys/dev/uart/uart_core.c Thu Jul 30 02:45:35 2015 (r286060) +++ releng/10.2/sys/dev/uart/uart_core.c Thu Jul 30 03:06:11 2015 (r286061) @@ -51,7 +51,7 @@ __FBSDID("$FreeBSD$"); #include "uart_if.h" devclass_t uart_devclass; -char uart_driver_name[] = "uart"; +const char uart_driver_name[] = "uart"; SLIST_HEAD(uart_devinfo_list, uart_devinfo) uart_sysdevs = SLIST_HEAD_INITIALIZER(uart_sysdevs); @@ -248,13 +248,14 @@ static int uart_intr(void *arg) { struct uart_softc *sc = arg; - int cnt, ipend; + int cnt, ipend, testintr; if (sc->sc_leaving) return (FILTER_STRAY); cnt = 0; - while (cnt < 20 && (ipend = UART_IPEND(sc)) != 0) { + testintr = sc->sc_testintr; + while ((!testintr || cnt < 20) && (ipend = UART_IPEND(sc)) != 0) { cnt++; if (ipend & SER_INT_OVERRUN) uart_intr_overrun(sc); @@ -265,7 +266,7 @@ uart_intr(void *arg) if (ipend & SER_INT_SIGCHG) uart_intr_sigchg(sc); if (ipend & SER_INT_TXIDLE) - uart_intr_txidle(sc); + uart_intr_txidle(sc); } if (sc->sc_polled) { @@ -274,7 +275,8 @@ uart_intr(void *arg) } return ((cnt == 0) ? FILTER_STRAY : - ((cnt == 20) ? FILTER_SCHEDULE_THREAD : FILTER_HANDLED)); + ((testintr && cnt == 20) ? FILTER_SCHEDULE_THREAD : + FILTER_HANDLED)); } serdev_intr_t * @@ -421,7 +423,7 @@ uart_bus_attach(device_t dev) /* * Protect ourselves against interrupts while we're not completely * finished attaching and initializing. We don't expect interrupts - * until after UART_ATTACH() though. + * until after UART_ATTACH(), though. */ sc->sc_leaving = 1; @@ -501,7 +503,9 @@ uart_bus_attach(device_t dev) pps_init(&sc->sc_pps); sc->sc_leaving = 0; + sc->sc_testintr = 1; filt = uart_intr(sc); + sc->sc_testintr = 0; /* * Don't use interrupts if we couldn't clear any pending interrupt From owner-svn-src-releng@freebsd.org Thu Jul 30 10:09:33 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 644989AB1AB; Thu, 30 Jul 2015 10:09:33 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 3B9331112; Thu, 30 Jul 2015 10:09:33 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6UA9Xlj059490; Thu, 30 Jul 2015 10:09:33 GMT (envelope-from delphij@FreeBSD.org) Received: (from delphij@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6UA9WF5059486; Thu, 30 Jul 2015 10:09:32 GMT (envelope-from delphij@FreeBSD.org) Message-Id: <201507301009.t6UA9WF5059486@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: delphij set sender to delphij@FreeBSD.org using -f From: Xin LI Date: Thu, 30 Jul 2015 10:09:32 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286068 - in releng/8.4: . crypto/openssh sys/conf X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 10:09:33 -0000 Author: delphij Date: Thu Jul 30 10:09:31 2015 New Revision: 286068 URL: https://svnweb.freebsd.org/changeset/base/286068 Log: Fix a regression introduced with previous SA-15:16.openssl changeset. The problem is specific to FreeBSD 8.x. Submitted by: jkim Pointy hat to: delphij Approved by: so Modified: releng/8.4/UPDATING releng/8.4/crypto/openssh/auth2-chall.c releng/8.4/sys/conf/newvers.sh Modified: releng/8.4/UPDATING ============================================================================== --- releng/8.4/UPDATING Thu Jul 30 10:09:07 2015 (r286067) +++ releng/8.4/UPDATING Thu Jul 30 10:09:31 2015 (r286068) @@ -15,6 +15,10 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 8. debugging tools present in HEAD were left in place because sun4v support still needs work to become production ready. +20150730: p36 FreeBSD-SA-15:16.openssh [REVISED] + Fix a regression introduced in SA-15:16 patch that would break + keyboard-interactive authentication. + 20150728: p35 FreeBSD-SA-15:15.tcp FreeBSD-SA-15:16.openssh FreeBSD-SA-15:17.bind Modified: releng/8.4/crypto/openssh/auth2-chall.c ============================================================================== --- releng/8.4/crypto/openssh/auth2-chall.c Thu Jul 30 10:09:07 2015 (r286067) +++ releng/8.4/crypto/openssh/auth2-chall.c Thu Jul 30 10:09:31 2015 (r286068) @@ -131,6 +131,7 @@ kbdint_alloc(const char *devs) kbdintctxt->ctxt = NULL; kbdintctxt->device = NULL; kbdintctxt->nreq = 0; + kbdintctxt->devices_done = 0; return kbdintctxt; } Modified: releng/8.4/sys/conf/newvers.sh ============================================================================== --- releng/8.4/sys/conf/newvers.sh Thu Jul 30 10:09:07 2015 (r286067) +++ releng/8.4/sys/conf/newvers.sh Thu Jul 30 10:09:31 2015 (r286068) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="8.4" -BRANCH="RELEASE-p35" +BRANCH="RELEASE-p36" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-svn-src-releng@freebsd.org Thu Jul 30 17:06:29 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 268629AF3FC; Thu, 30 Jul 2015 17:06:29 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 174A081B; Thu, 30 Jul 2015 17:06:29 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6UH6SQW032545; Thu, 30 Jul 2015 17:06:28 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6UH6Sn4032544; Thu, 30 Jul 2015 17:06:28 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507301706.t6UH6Sn4032544@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Thu, 30 Jul 2015 17:06:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286083 - releng/10.2/sys/netpfil/pf X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 17:06:29 -0000 Author: gjb Date: Thu Jul 30 17:06:28 2015 New Revision: 286083 URL: https://svnweb.freebsd.org/changeset/base/286083 Log: MFS 286079: MFC r285999 (kp): pf: Always initialise pf_fragment.fr_flags When we allocate the struct pf_fragment in pf_fillup_fragment() we forgot to initialise the fr_flags field. As a result we sometimes mistakenly thought the fragment to not be a buffered fragment. This resulted in panics because we'd end up freeing the pf_fragment but not removing it from V_pf_fragqueue (believing it to be part of V_pf_cachequeue). The next time we iterated V_pf_fragqueue we'd use a freed object and panic. While here also fix a pf_fragment use after free in pf_normalize_ip(). pf_reassemble() frees the pf_fragment, so we can't use it any more. Approved by: re (glebius) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/sys/netpfil/pf/pf_norm.c Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/netpfil/pf/pf_norm.c ============================================================================== --- releng/10.2/sys/netpfil/pf/pf_norm.c Thu Jul 30 17:04:15 2015 (r286082) +++ releng/10.2/sys/netpfil/pf/pf_norm.c Thu Jul 30 17:06:28 2015 (r286083) @@ -433,6 +433,7 @@ pf_fillup_fragment(struct pf_fragment_cm } *(struct pf_fragment_cmp *)frag = *key; + frag->fr_flags = 0; frag->fr_timeout = time_second; frag->fr_maxlen = frent->fe_len; TAILQ_INIT(&frag->fr_queue); @@ -1298,9 +1299,6 @@ pf_normalize_ip(struct mbuf **m0, int di } } #endif - if (frag != NULL && (frag->fr_flags & PFFRAG_DROP)) - goto drop; - h = mtod(m, struct ip *); } else { /* non-buffering fragment cache (drops or masks overlaps) */ From owner-svn-src-releng@freebsd.org Thu Jul 30 18:00:39 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 7BCD29AFBEF; Thu, 30 Jul 2015 18:00:39 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6A3481FB2; Thu, 30 Jul 2015 18:00:39 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6UI0dIU056530; Thu, 30 Jul 2015 18:00:39 GMT (envelope-from bdrewery@FreeBSD.org) Received: (from bdrewery@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6UI0cB2056318; Thu, 30 Jul 2015 18:00:38 GMT (envelope-from bdrewery@FreeBSD.org) Message-Id: <201507301800.t6UI0cB2056318@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bdrewery set sender to bdrewery@FreeBSD.org using -f From: Bryan Drewery Date: Thu, 30 Jul 2015 18:00:38 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286084 - in releng/10.2: contrib/libarchive/libarchive contrib/libarchive/libarchive/test lib/libarchive/test X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 18:00:39 -0000 Author: bdrewery Date: Thu Jul 30 18:00:37 2015 New Revision: 286084 URL: https://svnweb.freebsd.org/changeset/base/286084 Log: MFS r286082: MFC r285972: MFV r285970: Apply upstream changeset bf4f6ec64e: Fix issue 356: properly skip a sparse file entry in a tar file. PR: 201506 Relnotes: yes Approved by: re (gjb) Added: releng/10.2/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.c - copied unchanged from r286082, stable/10/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.c releng/10.2/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.tar.Z.uu - copied unchanged from r286082, stable/10/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.tar.Z.uu Modified: releng/10.2/contrib/libarchive/libarchive/archive_read_support_format_tar.c releng/10.2/lib/libarchive/test/Makefile Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/contrib/libarchive/libarchive/archive_read_support_format_tar.c ============================================================================== --- releng/10.2/contrib/libarchive/libarchive/archive_read_support_format_tar.c Thu Jul 30 17:06:28 2015 (r286083) +++ releng/10.2/contrib/libarchive/libarchive/archive_read_support_format_tar.c Thu Jul 30 18:00:37 2015 (r286084) @@ -585,13 +585,23 @@ static int archive_read_format_tar_skip(struct archive_read *a) { int64_t bytes_skipped; + int64_t request; + struct sparse_block *p; struct tar* tar; tar = (struct tar *)(a->format->data); - bytes_skipped = __archive_read_consume(a, - tar->entry_bytes_remaining + tar->entry_padding + - tar->entry_bytes_unconsumed); + /* Do not consume the hole of a sparse file. */ + request = 0; + for (p = tar->sparse_list; p != NULL; p = p->next) { + if (!p->hole) + request += p->remaining; + } + if (request > tar->entry_bytes_remaining) + request = tar->entry_bytes_remaining; + request += tar->entry_padding + tar->entry_bytes_unconsumed; + + bytes_skipped = __archive_read_consume(a, request); if (bytes_skipped < 0) return (ARCHIVE_FATAL); Copied: releng/10.2/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.c (from r286082, stable/10/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/10.2/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.c Thu Jul 30 18:00:37 2015 (r286084, copy of r286082, stable/10/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.c) @@ -0,0 +1,135 @@ +/*- + * Copyright (c) 2014 Michihiro NAKAJIMA + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR(S) ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL THE AUTHOR(S) BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +#include "test.h" +__FBSDID("$FreeBSD"); + +/* + * To test skip a sparse file entry, this test does not read file data. + */ +DEFINE_TEST(test_read_format_gtar_sparse_skip_entry) +{ +#ifndef __FreeBSD__ /* Backport test. */ + const char *refname = "test_read_format_gtar_sparse_skip_entry.tar.Z.uu"; +#else + const char *refname = "test_read_format_gtar_sparse_skip_entry.tar.Z"; +#endif + struct archive *a; + struct archive_entry *ae; + const void *p; + size_t s; + int64_t o; + +#ifndef __FreeBSD__ /* Backport test. */ + copy_reference_file(refname); +#else + extract_reference_file(refname); +#endif + assert((a = archive_read_new()) != NULL); + assertEqualIntA(a, ARCHIVE_OK, archive_read_support_filter_all(a)); + assertEqualIntA(a, ARCHIVE_OK, archive_read_support_format_all(a)); + assertEqualIntA(a, ARCHIVE_OK, + archive_read_open_filename(a, refname, 10240)); + + /* Verify regular first file. */ + assertEqualIntA(a, ARCHIVE_OK, archive_read_next_header(a, &ae)); + assertEqualString("a", archive_entry_pathname(ae)); + assertEqualInt(10737418244, archive_entry_size(ae)); +#ifndef __FreeBSD__ /* Backport test. */ + assertEqualInt(archive_entry_is_encrypted(ae), 0); + assertEqualIntA(a, archive_read_has_encrypted_entries(a), + ARCHIVE_READ_FORMAT_ENCRYPTION_UNSUPPORTED); +#endif + + /* Verify regular second file. */ + assertEqualIntA(a, ARCHIVE_OK, archive_read_next_header(a, &ae)); + assertEqualString("b", archive_entry_pathname(ae)); + assertEqualInt(4, archive_entry_size(ae)); +#ifndef __FreeBSD__ /* Backport test. */ + assertEqualInt(archive_entry_is_encrypted(ae), 0); + assertEqualIntA(a, archive_read_has_encrypted_entries(a), + ARCHIVE_READ_FORMAT_ENCRYPTION_UNSUPPORTED); +#endif + + + /* End of archive. */ + assertEqualIntA(a, ARCHIVE_EOF, archive_read_next_header(a, &ae)); + + /* Verify archive format. */ + assertEqualIntA(a, ARCHIVE_FILTER_COMPRESS, archive_filter_code(a, 0)); + assertEqualIntA(a, ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE, + archive_format(a)); + + /* Close the archive. */ + assertEqualInt(ARCHIVE_OK, archive_read_close(a)); + assertEqualInt(ARCHIVE_OK, archive_read_free(a)); + + + /* + * Read just one block of a sparse file and skip it. + */ + assert((a = archive_read_new()) != NULL); + assertEqualIntA(a, ARCHIVE_OK, archive_read_support_filter_all(a)); + assertEqualIntA(a, ARCHIVE_OK, archive_read_support_format_all(a)); + assertEqualIntA(a, ARCHIVE_OK, + archive_read_open_filename(a, refname, 10240)); + + /* Verify regular first file. */ + assertEqualIntA(a, ARCHIVE_OK, archive_read_next_header(a, &ae)); + assertEqualString("a", archive_entry_pathname(ae)); + assertEqualInt(10737418244, archive_entry_size(ae)); +#ifndef __FreeBSD__ /* Backport test. */ + assertEqualInt(archive_entry_is_encrypted(ae), 0); + assertEqualIntA(a, archive_read_has_encrypted_entries(a), + ARCHIVE_READ_FORMAT_ENCRYPTION_UNSUPPORTED); +#endif + assertEqualInt(0, archive_read_data_block(a, &p, &s, &o)); + assertEqualInt(4096, s); + assertEqualInt(0, o); + + + /* Verify regular second file. */ + assertEqualIntA(a, ARCHIVE_OK, archive_read_next_header(a, &ae)); + assertEqualString("b", archive_entry_pathname(ae)); + assertEqualInt(4, archive_entry_size(ae)); +#ifndef __FreeBSD__ /* Backport test. */ + assertEqualInt(archive_entry_is_encrypted(ae), 0); + assertEqualIntA(a, archive_read_has_encrypted_entries(a), + ARCHIVE_READ_FORMAT_ENCRYPTION_UNSUPPORTED); +#endif + + + /* End of archive. */ + assertEqualIntA(a, ARCHIVE_EOF, archive_read_next_header(a, &ae)); + + /* Verify archive format. */ + assertEqualIntA(a, ARCHIVE_FILTER_COMPRESS, archive_filter_code(a, 0)); + assertEqualIntA(a, ARCHIVE_FORMAT_TAR_PAX_INTERCHANGE, + archive_format(a)); + + /* Close the archive. */ + assertEqualInt(ARCHIVE_OK, archive_read_close(a)); + assertEqualInt(ARCHIVE_OK, archive_read_free(a)); +} + Copied: releng/10.2/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.tar.Z.uu (from r286082, stable/10/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.tar.Z.uu) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/10.2/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.tar.Z.uu Thu Jul 30 18:00:37 2015 (r286084, copy of r286082, stable/10/contrib/libarchive/libarchive/test/test_read_format_gtar_sparse_skip_entry.tar.Z.uu) @@ -0,0 +1,15 @@ +begin 644 - +M'YV04,+@05(F#)DRBD:;,V!@T8-6)NE&'#10T<-#;>R(%CAEV28_3R9?LW\(P8-F[`<#%C +M)@T<->#6>`PBC.2^E07;J#'#Q>J-F5DJ<`GBB),J+N;`<3JGC(LV8=2\D<-V +M]DO;N'7S]MTFC9OA/6#,CE'[=N[=$V +M9]RY=212"9YD1EOO*&`DE!&*>645%9IY9589JGE +MEEQVZ>678(8IYIADEFGFF6BFJ>::;+;IYIMPQBGGG'36:>>=>.:IYYY\]NGG +MGX`&*NB@A!9JJ)YB](D@1PZ>U&B#*468484RT11###7<8!8(&-)4PX=^DN@4 +B5%*E6.J*746JTHN'2LFDDZW&*NNLM-9JZZVXYJKKKKR&!0`` +` +end Modified: releng/10.2/lib/libarchive/test/Makefile ============================================================================== --- releng/10.2/lib/libarchive/test/Makefile Thu Jul 30 17:06:28 2015 (r286083) +++ releng/10.2/lib/libarchive/test/Makefile Thu Jul 30 18:00:37 2015 (r286084) @@ -121,6 +121,7 @@ TESTS= \ test_read_format_gtar_gz.c \ test_read_format_gtar_lzma.c \ test_read_format_gtar_sparse.c \ + test_read_format_gtar_sparse_skip_entry.c \ test_read_format_iso_Z.c \ test_read_format_iso_multi_extent.c \ test_read_format_iso_xorriso.c \ From owner-svn-src-releng@freebsd.org Thu Jul 30 23:58:54 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 69D7D9AF626; Thu, 30 Jul 2015 23:58:54 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5A300AC0; Thu, 30 Jul 2015 23:58:54 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6UNws16001660; Thu, 30 Jul 2015 23:58:54 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6UNwsDe001659; Thu, 30 Jul 2015 23:58:54 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507302358.t6UNwsDe001659@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Thu, 30 Jul 2015 23:58:54 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286096 - releng/10.2/release/doc/en_US.ISO8859-1/relnotes X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 23:58:54 -0000 Author: gjb Date: Thu Jul 30 23:58:53 2015 New Revision: 286096 URL: https://svnweb.freebsd.org/changeset/base/286096 Log: Document r285830, specifically that the default pkg(8) repository was switched from 'latest' to 'quarterly' for 10.2-RELEASE. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Thu Jul 30 20:56:27 2015 (r286095) +++ releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Thu Jul 30 23:58:53 2015 (r286096) @@ -887,6 +887,16 @@ &os;/&arch.i386; memory stick installation images are now created using the &man.mkimg.1; utility, matching the way the &os;/&arch.amd64; images are created. + + The + default &man.pkg.8; repository set in + /etc/pkg/FreeBSD.conf now defaults to + the quarterly package set. To use the + latest branch (as was the previous + default), the comment at the top of + /etc/pkg/FreeBSD.conf explains how to + disable the default repository and specify an alternative + repository. From owner-svn-src-releng@freebsd.org Thu Jul 30 23:58:57 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 049609AF630; Thu, 30 Jul 2015 23:58:57 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E97BBACA; Thu, 30 Jul 2015 23:58:56 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6UNwuXR001701; Thu, 30 Jul 2015 23:58:56 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6UNwuxr001700; Thu, 30 Jul 2015 23:58:56 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507302358.t6UNwuxr001700@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Thu, 30 Jul 2015 23:58:56 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286097 - releng/10.2/release/doc/en_US.ISO8859-1/relnotes X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Jul 2015 23:58:57 -0000 Author: gjb Date: Thu Jul 30 23:58:55 2015 New Revision: 286097 URL: https://svnweb.freebsd.org/changeset/base/286097 Log: Document r286084, tar(1) sparse file fix. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Modified: releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml ============================================================================== --- releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Thu Jul 30 23:58:53 2015 (r286096) +++ releng/10.2/release/doc/en_US.ISO8859-1/relnotes/article.xml Thu Jul 30 23:58:55 2015 (r286097) @@ -274,6 +274,10 @@ &man.ssh.1; utility has been updated to re-implement hostname canonicalization before locating the host in known_hosts. + + The &man.tar.1; utility has been updated + to fix an issue that would prevent compressing sparse + files. From owner-svn-src-releng@freebsd.org Fri Jul 31 00:01:00 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2318F9AF6C8; Fri, 31 Jul 2015 00:01:00 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1382FE2E; Fri, 31 Jul 2015 00:01:00 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6V00xtr002914; Fri, 31 Jul 2015 00:00:59 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6V00xXT002913; Fri, 31 Jul 2015 00:00:59 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507310000.t6V00xXT002913@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Fri, 31 Jul 2015 00:00:59 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286098 - releng/10.2/sys/conf X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2015 00:01:00 -0000 Author: gjb Date: Fri Jul 31 00:00:59 2015 New Revision: 286098 URL: https://svnweb.freebsd.org/changeset/base/286098 Log: Update releng/10.2 to RC2 in preparation for the next set of builds. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/sys/conf/newvers.sh Modified: releng/10.2/sys/conf/newvers.sh ============================================================================== --- releng/10.2/sys/conf/newvers.sh Thu Jul 30 23:58:55 2015 (r286097) +++ releng/10.2/sys/conf/newvers.sh Fri Jul 31 00:00:59 2015 (r286098) @@ -32,7 +32,7 @@ TYPE="FreeBSD" REVISION="10.2" -BRANCH="RC1" +BRANCH="RC2" if [ "X${BRANCH_OVERRIDE}" != "X" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-svn-src-releng@freebsd.org Fri Jul 31 16:44:59 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0BB469AFC60; Fri, 31 Jul 2015 16:44:59 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F11BF1D4E; Fri, 31 Jul 2015 16:44:58 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6VGiw6a018492; Fri, 31 Jul 2015 16:44:58 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6VGiwau018490; Fri, 31 Jul 2015 16:44:58 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507311644.t6VGiwau018490@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Fri, 31 Jul 2015 16:44:58 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286135 - in releng/10.2/sys: amd64/conf i386/conf X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2015 16:44:59 -0000 Author: gjb Date: Fri Jul 31 16:44:57 2015 New Revision: 286135 URL: https://svnweb.freebsd.org/changeset/base/286135 Log: MFS r286132: MFC r286131: Pull pmspcv (pms(4)) from GENERIC. It has PCI ID conflicts with ahd(4), mvs(4), and likely other drivers. Approved by: re (implicit, release blocker) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/sys/amd64/conf/GENERIC releng/10.2/sys/i386/conf/GENERIC Directory Properties: releng/10.2/ (props changed) Modified: releng/10.2/sys/amd64/conf/GENERIC ============================================================================== --- releng/10.2/sys/amd64/conf/GENERIC Fri Jul 31 15:54:34 2015 (r286134) +++ releng/10.2/sys/amd64/conf/GENERIC Fri Jul 31 16:44:57 2015 (r286135) @@ -160,7 +160,8 @@ device ida # Compaq Smart RAID device mfi # LSI MegaRAID SAS device mlx # Mylex DAC960 family device mrsas # LSI/Avago MegaRAID SAS/SATA, 6Gb/s and 12Gb/s -device pmspcv # PMC-Sierra SAS/SATA Controller driver +#XXX PCI ID conflicts with ahd(4) and mvs(4) +#device pmspcv # PMC-Sierra SAS/SATA Controller driver #XXX pointer/int warnings #device pst # Promise Supertrak SX6000 device twe # 3ware ATA RAID Modified: releng/10.2/sys/i386/conf/GENERIC ============================================================================== --- releng/10.2/sys/i386/conf/GENERIC Fri Jul 31 15:54:34 2015 (r286134) +++ releng/10.2/sys/i386/conf/GENERIC Fri Jul 31 16:44:57 2015 (r286135) @@ -166,7 +166,8 @@ device ida # Compaq Smart RAID device mfi # LSI MegaRAID SAS device mlx # Mylex DAC960 family device mrsas # LSI/Avago MegaRAID SAS/SATA, 6Gb/s and 12Gb/s -device pmspcv # PMC-Sierra SAS/SATA Controller driver +#XXX PCI ID conflicts with ahd(4) and mvs(4) +#device pmspcv # PMC-Sierra SAS/SATA Controller driver device pst # Promise Supertrak SX6000 device twe # 3ware ATA RAID From owner-svn-src-releng@freebsd.org Fri Jul 31 16:46:31 2015 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B4C899AFD16; Fri, 31 Jul 2015 16:46:31 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8CC24100C; Fri, 31 Jul 2015 16:46:31 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.70]) by repo.freebsd.org (8.14.9/8.14.9) with ESMTP id t6VGkVVJ018727; Fri, 31 Jul 2015 16:46:31 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.14.9/8.14.9/Submit) id t6VGkVvF018726; Fri, 31 Jul 2015 16:46:31 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201507311646.t6VGkVvF018726@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Fri, 31 Jul 2015 16:46:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r286137 - releng/10.2/sys/conf X-SVN-Group: releng MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 31 Jul 2015 16:46:31 -0000 Author: gjb Date: Fri Jul 31 16:46:30 2015 New Revision: 286137 URL: https://svnweb.freebsd.org/changeset/base/286137 Log: Forced commit to mark the real 10.2-RC2 point. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/10.2/sys/conf/newvers.sh Modified: releng/10.2/sys/conf/newvers.sh ==============================================================================