From owner-svn-src-stable-10@freebsd.org Sun Feb 14 17:21:20 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E18A9AA8EB1; Sun, 14 Feb 2016 17:21:20 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B13351C6F; Sun, 14 Feb 2016 17:21:20 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1EHLJY8016037; Sun, 14 Feb 2016 17:21:19 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1EHLJmD016036; Sun, 14 Feb 2016 17:21:19 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201602141721.u1EHLJmD016036@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Sun, 14 Feb 2016 17:21:19 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295613 - stable/10/sys/fs/devfs X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Feb 2016 17:21:21 -0000 Author: kib Date: Sun Feb 14 17:21:19 2016 New Revision: 295613 URL: https://svnweb.freebsd.org/changeset/base/295613 Log: MFC r294595: When devfs dirent is freed, a vnode might still keep a pointer to it, apparently. Interlock and clear the pointer to avoid free memory dereference. Approved by: re (marius) Modified: stable/10/sys/fs/devfs/devfs_devs.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/fs/devfs/devfs_devs.c ============================================================================== --- stable/10/sys/fs/devfs/devfs_devs.c Sun Feb 14 16:38:32 2016 (r295612) +++ stable/10/sys/fs/devfs/devfs_devs.c Sun Feb 14 17:21:19 2016 (r295613) @@ -304,6 +304,13 @@ devfs_vmkdir(struct devfs_mount *dmp, ch void devfs_dirent_free(struct devfs_dirent *de) { + struct vnode *vp; + + vp = de->de_vnode; + mtx_lock(&devfs_de_interlock); + if (vp != NULL && vp->v_data == de) + vp->v_data = NULL; + mtx_unlock(&devfs_de_interlock); free(de, M_DEVFS3); } From owner-svn-src-stable-10@freebsd.org Sun Feb 14 18:17:59 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 82C57AA885B; Sun, 14 Feb 2016 18:17:59 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 539E71A1E; Sun, 14 Feb 2016 18:17:59 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1EIHwa3033912; Sun, 14 Feb 2016 18:17:58 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1EIHwVi033911; Sun, 14 Feb 2016 18:17:58 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201602141817.u1EIHwVi033911@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Sun, 14 Feb 2016 18:17:58 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295614 - stable/10/sys/kern X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Feb 2016 18:17:59 -0000 Author: kib Date: Sun Feb 14 18:17:58 2016 New Revision: 295614 URL: https://svnweb.freebsd.org/changeset/base/295614 Log: MFC r294596: Limit the accesses to file' f_advice member to VREG vnodes only. Recheck that f_advice is not NULL after lock is taken. Approved by: re (marius) Modified: stable/10/sys/kern/vfs_vnops.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/vfs_vnops.c ============================================================================== --- stable/10/sys/kern/vfs_vnops.c Sun Feb 14 17:21:19 2016 (r295613) +++ stable/10/sys/kern/vfs_vnops.c Sun Feb 14 18:17:58 2016 (r295614) @@ -733,12 +733,13 @@ get_advice(struct file *fp, struct uio * int ret; ret = POSIX_FADV_NORMAL; - if (fp->f_advice == NULL) + if (fp->f_advice == NULL || fp->f_vnode->v_type != VREG) return (ret); mtxp = mtx_pool_find(mtxpool_sleep, fp); mtx_lock(mtxp); - if (uio->uio_offset >= fp->f_advice->fa_start && + if (fp->f_advice != NULL && + uio->uio_offset >= fp->f_advice->fa_start && uio->uio_offset + uio->uio_resid <= fp->f_advice->fa_end) ret = fp->f_advice->fa_advice; mtx_unlock(mtxp); From owner-svn-src-stable-10@freebsd.org Sun Feb 14 18:57:41 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E6D9FAA8838; Sun, 14 Feb 2016 18:57:41 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B3A6D128D; Sun, 14 Feb 2016 18:57:41 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1EIvei6045986; Sun, 14 Feb 2016 18:57:40 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1EIveiN045985; Sun, 14 Feb 2016 18:57:40 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201602141857.u1EIveiN045985@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Sun, 14 Feb 2016 18:57:40 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295615 - stable/10/sys/kern X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Feb 2016 18:57:42 -0000 Author: kib Date: Sun Feb 14 18:57:40 2016 New Revision: 295615 URL: https://svnweb.freebsd.org/changeset/base/295615 Log: MFC r294598: In tty_dealloc(), clear the queues. Approved by: re (marius) Modified: stable/10/sys/kern/tty.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/tty.c ============================================================================== --- stable/10/sys/kern/tty.c Sun Feb 14 18:17:58 2016 (r295614) +++ stable/10/sys/kern/tty.c Sun Feb 14 18:57:40 2016 (r295615) @@ -215,7 +215,7 @@ ttydev_leave(struct tty *tp) ttydisc_close(tp); - /* Destroy associated buffers already. */ + /* Free i/o queues now since they might be large. */ ttyinq_free(&tp->t_inq); tp->t_inlow = 0; ttyoutq_free(&tp->t_outq); @@ -1052,10 +1052,15 @@ tty_dealloc(void *arg) { struct tty *tp = arg; - /* Make sure we haven't leaked buffers. */ - MPASS(ttyinq_getsize(&tp->t_inq) == 0); - MPASS(ttyoutq_getsize(&tp->t_outq) == 0); - + /* + * ttyydev_leave() usually frees the i/o queues earlier, but it is + * not always called between queue allocation and here. The queues + * may be allocated by ioctls on a pty control device without the + * corresponding pty slave device ever being open, or after it is + * closed. + */ + ttyinq_free(&tp->t_inq); + ttyoutq_free(&tp->t_outq); seldrain(&tp->t_inpoll); seldrain(&tp->t_outpoll); knlist_destroy(&tp->t_inpoll.si_note); From owner-svn-src-stable-10@freebsd.org Sun Feb 14 22:31:39 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F3059AA8151; Sun, 14 Feb 2016 22:31:39 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C732F32B; Sun, 14 Feb 2016 22:31:39 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1EMVcbQ019421; Sun, 14 Feb 2016 22:31:38 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1EMVc6u019419; Sun, 14 Feb 2016 22:31:38 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201602142231.u1EMVc6u019419@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Sun, 14 Feb 2016 22:31:38 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295617 - stable/10/share/man/man8 X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Feb 2016 22:31:40 -0000 Author: emaste Date: Sun Feb 14 22:31:38 2016 New Revision: 295617 URL: https://svnweb.freebsd.org/changeset/base/295617 Log: MFC r295496: Document boot1.efi's handling of /boot.config Approved by: re (marius) Modified: stable/10/share/man/man8/uefi.8 Directory Properties: stable/10/ (props changed) Modified: stable/10/share/man/man8/uefi.8 ============================================================================== --- stable/10/share/man/man8/uefi.8 Sun Feb 14 19:52:50 2016 (r295616) +++ stable/10/share/man/man8/uefi.8 Sun Feb 14 22:31:38 2016 (r295617) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 26, 2015 +.Dd February 14, 2016 .Dt UEFI 8 .Os .Sh NAME @@ -73,6 +73,16 @@ as .Pa /EFI/BOOT/BOOTX64.EFI . .It .Pa boot1.efi +reads boot configuration from +.Pa /boot.config +or +.Pa /boot/config . +Unlike other first-stage boot loaders, +.Pa boot1.efi +passes the configuration to the next stage boot loader and does not +itself act on the contents of the file. +.It +.Pa boot1.efi locates the first partition with the type .Li freebsd-ufs , and from it loads @@ -112,6 +122,7 @@ typical non-default kernel (optional) .El .Sh SEE ALSO .Xr vt 4 , +.Xr boot.config 5 , .Xr msdosfs 5 , .Xr boot 8 , .Xr gpart 8 , From owner-svn-src-stable-10@freebsd.org Sun Feb 14 23:04:54 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 57003AA80A2; Sun, 14 Feb 2016 23:04:54 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2615A1AD9; Sun, 14 Feb 2016 23:04:54 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1EN4rxI030489; Sun, 14 Feb 2016 23:04:53 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1EN4rYU030488; Sun, 14 Feb 2016 23:04:53 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201602142304.u1EN4rYU030488@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Sun, 14 Feb 2016 23:04:53 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295619 - stable/10/etc/rc.d X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Feb 2016 23:04:54 -0000 Author: cy Date: Sun Feb 14 23:04:52 2016 New Revision: 295619 URL: https://svnweb.freebsd.org/changeset/base/295619 Log: MFC r295495 - Update leapsecond file in non-chroot environments. PR: 207095 Submitted by: madpilot Approved by: re (marius) Modified: stable/10/etc/rc.d/ntpd Directory Properties: stable/10/ (props changed) Modified: stable/10/etc/rc.d/ntpd ============================================================================== --- stable/10/etc/rc.d/ntpd Sun Feb 14 22:37:28 2016 (r295618) +++ stable/10/etc/rc.d/ntpd Sun Feb 14 23:04:52 2016 (r295619) @@ -28,14 +28,14 @@ ntpd_precmd() rc_flags="-g $rc_flags" fi - if [ -z "$ntpd_chrootdir" ]; then - return 0; - fi - if [ ! -f $ntp_db_leapfile ]; then ntpd_fetch_leapfile fi + if [ -z "$ntpd_chrootdir" ]; then + return 0; + fi + # If running in a chroot cage, ensure that the appropriate files # exist inside the cage, as well as helper symlinks into the cage # from outside. From owner-svn-src-stable-10@freebsd.org Mon Feb 15 07:35:42 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id ABFBDAA893A; Mon, 15 Feb 2016 07:35:42 +0000 (UTC) (envelope-from dumbbell@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 8488B11D7; Mon, 15 Feb 2016 07:35:42 +0000 (UTC) (envelope-from dumbbell@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1F7ZfBM077425; Mon, 15 Feb 2016 07:35:41 GMT (envelope-from dumbbell@FreeBSD.org) Received: (from dumbbell@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1F7ZfSO077419; Mon, 15 Feb 2016 07:35:41 GMT (envelope-from dumbbell@FreeBSD.org) Message-Id: <201602150735.u1F7ZfSO077419@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dumbbell set sender to dumbbell@FreeBSD.org using -f From: =?UTF-8?Q?Jean-S=c3=a9bastien_P=c3=a9dron?= Date: Mon, 15 Feb 2016 07:35:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295623 - in stable/10/sys/dev/drm2: . i915 X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 15 Feb 2016 07:35:42 -0000 Author: dumbbell Date: Mon Feb 15 07:35:40 2016 New Revision: 295623 URL: https://svnweb.freebsd.org/changeset/base/295623 Log: drm/i915: Restore pci_enable_busmaster() call in the init path This fixes a GPU hang on i945GM. While here, merge some minor fixes to DRM core and i915: * Remove obsolete drm_agp_*_memory() prototypes * Fix comment in drm_fops.c (outisde -> outside) * Fix some formatting issues in drm_stub.c (spaces -> tabs) Approved by: re (marius) MFC of: r288653, r288952, r293851 Submitted by: Differential Revision: https://reviews.freebsd.org/D3413 Modified: stable/10/sys/dev/drm2/drmP.h stable/10/sys/dev/drm2/drm_fops.c stable/10/sys/dev/drm2/drm_stub.c stable/10/sys/dev/drm2/i915/i915_dma.c stable/10/sys/dev/drm2/i915/intel_opregion.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/drm2/drmP.h ============================================================================== --- stable/10/sys/dev/drm2/drmP.h Sun Feb 14 23:51:13 2016 (r295622) +++ stable/10/sys/dev/drm2/drmP.h Mon Feb 15 07:35:40 2016 (r295623) @@ -1757,12 +1757,6 @@ void drm_driver_irq_preinstall(struct dr void drm_driver_irq_postinstall(struct drm_device *dev); void drm_driver_irq_uninstall(struct drm_device *dev); -/* AGP/PCI Express/GART support (drm_agpsupport.c) */ -void *drm_agp_allocate_memory(size_t pages, u32 type); -int drm_agp_free_memory(void *handle); -int drm_agp_bind_memory(void *handle, off_t start); -int drm_agp_unbind_memory(void *handle); - /* sysctl support (drm_sysctl.h) */ extern int drm_sysctl_init(struct drm_device *dev); extern int drm_sysctl_cleanup(struct drm_device *dev); Modified: stable/10/sys/dev/drm2/drm_fops.c ============================================================================== --- stable/10/sys/dev/drm2/drm_fops.c Sun Feb 14 23:51:13 2016 (r295622) +++ stable/10/sys/dev/drm2/drm_fops.c Mon Feb 15 07:35:40 2016 (r295623) @@ -136,7 +136,7 @@ int drm_open(struct cdev *kdev, int flag sx_xlock(&drm_global_mutex); /* - * FIXME Linux<->FreeBSD: On Linux, counter updated outisde + * FIXME Linux<->FreeBSD: On Linux, counter updated outside * global mutex. */ if (!dev->open_count++) Modified: stable/10/sys/dev/drm2/drm_stub.c ============================================================================== --- stable/10/sys/dev/drm2/drm_stub.c Sun Feb 14 23:51:13 2016 (r295622) +++ stable/10/sys/dev/drm2/drm_stub.c Mon Feb 15 07:35:40 2016 (r295623) @@ -94,9 +94,9 @@ static int drm_minor_get_id(struct drm_d if (type == DRM_MINOR_CONTROL) { new_id += 64; - } else if (type == DRM_MINOR_RENDER) { - new_id += 128; - } + } else if (type == DRM_MINOR_RENDER) { + new_id += 128; + } return new_id; } Modified: stable/10/sys/dev/drm2/i915/i915_dma.c ============================================================================== --- stable/10/sys/dev/drm2/i915/i915_dma.c Sun Feb 14 23:51:13 2016 (r295622) +++ stable/10/sys/dev/drm2/i915/i915_dma.c Mon Feb 15 07:35:40 2016 (r295623) @@ -1458,6 +1458,8 @@ i915_driver_load(struct drm_device *dev, } } + pci_enable_busmaster(dev->dev); + intel_opregion_init(dev); callout_init(&dev_priv->hangcheck_timer, 1); Modified: stable/10/sys/dev/drm2/i915/intel_opregion.c ============================================================================== --- stable/10/sys/dev/drm2/i915/intel_opregion.c Sun Feb 14 23:51:13 2016 (r295622) +++ stable/10/sys/dev/drm2/i915/intel_opregion.c Mon Feb 15 07:35:40 2016 (r295623) @@ -533,11 +533,9 @@ void intel_opregion_fini(struct drm_devi opregion->vbt = NULL; } #else -int +void intel_opregion_init(struct drm_device *dev) { - - return (0); } void From owner-svn-src-stable-10@freebsd.org Tue Feb 16 03:50:58 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 55CE6AA8720; Tue, 16 Feb 2016 03:50:58 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 232FAFE3; Tue, 16 Feb 2016 03:50:58 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1G3ovKb038967; Tue, 16 Feb 2016 03:50:57 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1G3ov8U038966; Tue, 16 Feb 2016 03:50:57 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201602160350.u1G3ov8U038966@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Tue, 16 Feb 2016 03:50:57 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295652 - stable/10/share/man/man8 X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Feb 2016 03:50:58 -0000 Author: emaste Date: Tue Feb 16 03:50:56 2016 New Revision: 295652 URL: https://svnweb.freebsd.org/changeset/base/295652 Log: MFC r295497: Update uefi.8 for ZFS and multi device boot support Approved by: re (gjb) Modified: stable/10/share/man/man8/uefi.8 Directory Properties: stable/10/ (props changed) Modified: stable/10/share/man/man8/uefi.8 ============================================================================== --- stable/10/share/man/man8/uefi.8 Tue Feb 16 02:23:39 2016 (r295651) +++ stable/10/share/man/man8/uefi.8 Tue Feb 16 03:50:56 2016 (r295652) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 14, 2016 +.Dd February 15, 2016 .Dt UEFI 8 .Os .Sh NAME @@ -83,9 +83,17 @@ passes the configuration to the next sta itself act on the contents of the file. .It .Pa boot1.efi -locates the first partition with the type -.Li freebsd-ufs , -and from it loads +searches partitions of type +.Li freebsd-ufs +and +.Li freebsd-zfs +for +.Pa loader.efi . +The search begins with partitions on the device from which +.Pa boot1.efi +was loaded, and continues with other available partitions. +.Pa boot1.efi +then loads and executes .Pa loader.efi . .It .Pa loader.efi @@ -146,19 +154,3 @@ Foundation sponsored portions of the wor EFI environment variables are not supported by .Xr loader 8 or the kernel. -.Pp -.Pa boot1.efi -loads -.Pa loader.efi -from the first FreeBSD-UFS file system it locates, even if it is on a -different disk. -.Pp -.Pa boot1.efi -cannot load -.Pa loader.efi -from a -.Xr ZFS 8 -file system. -As a result, -.Nm -does not support a typical root file system on ZFS configuration. From owner-svn-src-stable-10@freebsd.org Tue Feb 16 12:57:05 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id B2CD8AA9F26; Tue, 16 Feb 2016 12:57:05 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id 7BC5D17B1; Tue, 16 Feb 2016 12:57:05 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id 8264FC62C; Tue, 16 Feb 2016 12:57:04 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id B042746296; Tue, 16 Feb 2016 13:56:59 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Slawa Olhovchenkov Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: Re: svn commit: r294693 - in stable/10: . crypto/openssh secure/lib/libssh secure/usr.bin/ssh secure/usr.sbin/sshd share/mk tools/build/options References: <201601242228.u0OMSIn7032949@repo.freebsd.org> <20160213192402.GC37895@zxy.spb.ru> Date: Tue, 16 Feb 2016 13:56:59 +0100 In-Reply-To: <20160213192402.GC37895@zxy.spb.ru> (Slawa Olhovchenkov's message of "Sat, 13 Feb 2016 22:24:02 +0300") Message-ID: <86wpq4vmn8.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Feb 2016 12:57:05 -0000 Slawa Olhovchenkov writes: > Now ssh terminated if found `noneenabled` in .ssh/config % perl -n -i -e 'print unless m/noneenabled/i' ~/.ssh/config DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-svn-src-stable-10@freebsd.org Tue Feb 16 21:36:50 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 434D3AA952D; Tue, 16 Feb 2016 21:36:50 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id ED27C1505; Tue, 16 Feb 2016 21:36:49 +0000 (UTC) (envelope-from jhb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1GLam1c053854; Tue, 16 Feb 2016 21:36:48 GMT (envelope-from jhb@FreeBSD.org) Received: (from jhb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1GLama9053852; Tue, 16 Feb 2016 21:36:48 GMT (envelope-from jhb@FreeBSD.org) Message-Id: <201602162136.u1GLama9053852@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jhb set sender to jhb@FreeBSD.org using -f From: John Baldwin Date: Tue, 16 Feb 2016 21:36:48 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295674 - stable/10/sys/kern X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Feb 2016 21:36:50 -0000 Author: jhb Date: Tue Feb 16 21:36:48 2016 New Revision: 295674 URL: https://svnweb.freebsd.org/changeset/base/295674 Log: MFC 295418,295419: Fix hangs or panics when misbehaved kernel threads return from their main function. 295418: Mark proc0 as a kernel process via the P_KTHREAD flag. All other kernel processes have this flag set and all threads in proc0 (including thread0) have the similar TDP_KTHREAD flag set. 295419: Call kthread_exit() rather than kproc_exit() for a premature kthread exit. Kernel threads (and processes) are supposed to call kthread_exit() (or kproc_exit()) to terminate. However, the kernel includes a fallback in fork_exit() to force a kthread exit if a kernel thread's "main" routine returns. This fallback was added back when the kernel only had processes and was not updated to call kthread_exit() instead of kproc_exit() when threads were added to the kernel. This mistake was particularly exciting when the errant thread belonged to proc0. Due to the missing P_KTHREAD flag the fallback did not kick in and instead tried to return to userland via whatever garbage was in the trapframe. With P_KTHREAD set it tried to terminate proc0 resulting in other amusements. PR: 204999 Approved by: re (glebius) Modified: stable/10/sys/kern/init_main.c stable/10/sys/kern/kern_fork.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/kern/init_main.c ============================================================================== --- stable/10/sys/kern/init_main.c Tue Feb 16 21:30:55 2016 (r295673) +++ stable/10/sys/kern/init_main.c Tue Feb 16 21:36:48 2016 (r295674) @@ -479,7 +479,7 @@ proc0_init(void *dummy __unused) session0.s_leader = p; p->p_sysent = &null_sysvec; - p->p_flag = P_SYSTEM | P_INMEM; + p->p_flag = P_SYSTEM | P_INMEM | P_KTHREAD; p->p_flag2 = 0; p->p_state = PRS_NORMAL; knlist_init_mtx(&p->p_klist, &p->p_mtx); Modified: stable/10/sys/kern/kern_fork.c ============================================================================== --- stable/10/sys/kern/kern_fork.c Tue Feb 16 21:30:55 2016 (r295673) +++ stable/10/sys/kern/kern_fork.c Tue Feb 16 21:36:48 2016 (r295674) @@ -1033,7 +1033,7 @@ fork_exit(void (*callout)(void *, struct if (p->p_flag & P_KTHREAD) { printf("Kernel thread \"%s\" (pid %d) exited prematurely.\n", td->td_name, p->p_pid); - kproc_exit(0); + kthread_exit(); } mtx_assert(&Giant, MA_NOTOWNED); From owner-svn-src-stable-10@freebsd.org Tue Feb 16 22:37:25 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E621FAAAEE1; Tue, 16 Feb 2016 22:37:25 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B87F818BD; Tue, 16 Feb 2016 22:37:25 +0000 (UTC) (envelope-from bapt@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1GMbOA0071412; Tue, 16 Feb 2016 22:37:24 GMT (envelope-from bapt@FreeBSD.org) Received: (from bapt@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1GMbOUW071411; Tue, 16 Feb 2016 22:37:24 GMT (envelope-from bapt@FreeBSD.org) Message-Id: <201602162237.u1GMbOUW071411@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: bapt set sender to bapt@FreeBSD.org using -f From: Baptiste Daroussin Date: Tue, 16 Feb 2016 22:37:24 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295679 - stable/10 X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Feb 2016 22:37:26 -0000 Author: bapt Date: Tue Feb 16 22:37:24 2016 New Revision: 295679 URL: https://svnweb.freebsd.org/changeset/base/295679 Log: MFC r295455 Fix make universe when running with non POSIX/C locales using a locale sensitive pattern Approved by: re@ (gjb, marius) Modified: stable/10/Makefile Directory Properties: stable/10/ (props changed) Modified: stable/10/Makefile ============================================================================== --- stable/10/Makefile Tue Feb 16 22:13:25 2016 (r295678) +++ stable/10/Makefile Tue Feb 16 22:37:24 2016 (r295679) @@ -482,7 +482,8 @@ _THINNER=cat _THINNER=xargs grep -L "^.NO_UNIVERSE" || true .endif KERNCONFS!= cd ${KERNSRCDIR}/${TARGET}/conf && \ - find [A-Z0-9]*[A-Z0-9] -type f -maxdepth 0 \ + find [[:upper:][:digit:]]*[[:upper:][:digit:]] \ + -type f -maxdepth 0 \ ! -name DEFAULTS ! -name NOTES | \ ${_THINNER} universe_kernconfs: From owner-svn-src-stable-10@freebsd.org Wed Feb 17 11:36:47 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AFAE2AAA5E0; Wed, 17 Feb 2016 11:36:47 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5F5A494E; Wed, 17 Feb 2016 11:36:47 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1HBakwe098276; Wed, 17 Feb 2016 11:36:46 GMT (envelope-from des@FreeBSD.org) Received: (from des@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1HBaknN098273; Wed, 17 Feb 2016 11:36:46 GMT (envelope-from des@FreeBSD.org) Message-Id: <201602171136.u1HBaknN098273@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org using -f From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Date: Wed, 17 Feb 2016 11:36:46 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295690 - in stable/10: . tools/build/mk usr.sbin/unbound/control X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 11:36:47 -0000 Author: des Date: Wed Feb 17 11:36:45 2016 New Revision: 295690 URL: https://svnweb.freebsd.org/changeset/base/295690 Log: MFH (r295533): remove broken unbound-control-setup script Approved by: re (glebius) Relnotes: yes Modified: stable/10/ObsoleteFiles.inc stable/10/tools/build/mk/OptionalObsoleteFiles.inc stable/10/usr.sbin/unbound/control/Makefile Directory Properties: stable/10/ (props changed) Modified: stable/10/ObsoleteFiles.inc ============================================================================== --- stable/10/ObsoleteFiles.inc Wed Feb 17 07:59:18 2016 (r295689) +++ stable/10/ObsoleteFiles.inc Wed Feb 17 11:36:45 2016 (r295690) @@ -38,6 +38,8 @@ # xargs -n1 | sort | uniq -d; # done +# 20160216: Remove obsolete unbound-control-setup +OLD_FILES+=usr/sbin/unbound-control-setup # 20151222: liblzma header OLD_FILES+=usr/include/lzma/lzma.h # 20151115: added missing _test suffix on multiple tests in lib/libc Modified: stable/10/tools/build/mk/OptionalObsoleteFiles.inc ============================================================================== --- stable/10/tools/build/mk/OptionalObsoleteFiles.inc Wed Feb 17 07:59:18 2016 (r295689) +++ stable/10/tools/build/mk/OptionalObsoleteFiles.inc Wed Feb 17 11:36:45 2016 (r295690) @@ -5010,7 +5010,6 @@ OLD_FILES+=usr/sbin/unbound OLD_FILES+=usr/sbin/unbound-anchor OLD_FILES+=usr/sbin/unbound-checkconf OLD_FILES+=usr/sbin/unbound-control -OLD_FILES+=usr/sbin/unbound-control-setup .endif .if ${MK_USB} == no Modified: stable/10/usr.sbin/unbound/control/Makefile ============================================================================== --- stable/10/usr.sbin/unbound/control/Makefile Wed Feb 17 07:59:18 2016 (r295689) +++ stable/10/usr.sbin/unbound/control/Makefile Wed Feb 17 11:36:45 2016 (r295690) @@ -7,7 +7,6 @@ UNBOUNDDIR= ${.CURDIR}/../../../contrib/ .PATH: ${UNBOUNDDIR} ${UNBOUNDDIR}/smallapp ${UNBOUNDDIR}/doc PROG= unbound-control -SCRIPTS= unbound-control-setup.sh SRCS= unbound-control.c worker_cb.c CFLAGS= -I${UNBOUNDDIR} -I${LDNSDIR} DPADD= ${LIBUNBOUND} ${LIBLDNS} ${LIBUTIL} ${LIBSSL} ${LIBCRYPTO} ${LIBPTHREAD} From owner-svn-src-stable-10@freebsd.org Wed Feb 17 11:38:46 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C3E33AAA6FD; Wed, 17 Feb 2016 11:38:46 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 84F1AAD8; Wed, 17 Feb 2016 11:38:46 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1HBcjcH098401; Wed, 17 Feb 2016 11:38:45 GMT (envelope-from des@FreeBSD.org) Received: (from des@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1HBcikd098384; Wed, 17 Feb 2016 11:38:44 GMT (envelope-from des@FreeBSD.org) Message-Id: <201602171138.u1HBcikd098384@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org using -f From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Date: Wed, 17 Feb 2016 11:38:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295691 - in stable/10: contrib/unbound contrib/unbound/doc contrib/unbound/services contrib/unbound/util contrib/unbound/validator lib/libunbound usr.sbin/unbound/local-setup X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 11:38:46 -0000 Author: des Date: Wed Feb 17 11:38:43 2016 New Revision: 295691 URL: https://svnweb.freebsd.org/changeset/base/295691 Log: MFH (r295535): use insecure-lan-zones option instead of hardcoded list Approved by: re (glebius) Relnotes: yes Added: stable/10/contrib/unbound/util/as112.c - copied unchanged from r295535, head/contrib/unbound/util/as112.c stable/10/contrib/unbound/util/as112.h - copied unchanged from r295535, head/contrib/unbound/util/as112.h Modified: stable/10/contrib/unbound/Makefile.in stable/10/contrib/unbound/doc/example.conf stable/10/contrib/unbound/doc/example.conf.in stable/10/contrib/unbound/doc/unbound.conf.5 stable/10/contrib/unbound/doc/unbound.conf.5.in stable/10/contrib/unbound/services/localzone.c stable/10/contrib/unbound/util/config_file.c stable/10/contrib/unbound/util/config_file.h stable/10/contrib/unbound/util/configlexer.lex stable/10/contrib/unbound/util/configparser.y stable/10/contrib/unbound/validator/val_anchor.c stable/10/lib/libunbound/Makefile stable/10/usr.sbin/unbound/local-setup/local-unbound-setup.sh Directory Properties: stable/10/ (props changed) Modified: stable/10/contrib/unbound/Makefile.in ============================================================================== --- stable/10/contrib/unbound/Makefile.in Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/Makefile.in Wed Feb 17 11:38:43 2016 (r295691) @@ -95,7 +95,7 @@ PYUNBOUND_SRC= # libunbound_wrap.lo if python libunbound wrapper enabled. PYUNBOUND_OBJ=@PYUNBOUND_OBJ@ COMMON_SRC=services/cache/dns.c services/cache/infra.c services/cache/rrset.c \ -util/data/dname.c util/data/msgencode.c util/data/msgparse.c \ +util/as112.c util/data/dname.c util/data/msgencode.c util/data/msgparse.c \ util/data/msgreply.c util/data/packed_rrset.c iterator/iterator.c \ iterator/iter_delegpt.c iterator/iter_donotq.c iterator/iter_fwd.c \ iterator/iter_hints.c iterator/iter_priv.c iterator/iter_resptype.c \ @@ -113,7 +113,7 @@ validator/val_neg.c validator/val_nsec3. validator/val_secalgo.c validator/val_sigcrypt.c \ validator/val_utils.c dns64/dns64.c $(CHECKLOCK_SRC) $(DNSTAP_SRC) COMMON_OBJ_WITHOUT_NETCALL=dns.lo infra.lo rrset.lo dname.lo msgencode.lo \ -msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \ +as112.lo msgparse.lo msgreply.lo packed_rrset.lo iterator.lo iter_delegpt.lo \ iter_donotq.lo iter_fwd.lo iter_hints.lo iter_priv.lo iter_resptype.lo \ iter_scrub.lo iter_utils.lo localzone.lo mesh.lo modstack.lo \ outbound_list.lo alloc.lo config_file.lo configlexer.lo configparser.lo \ @@ -595,6 +595,7 @@ depend: rm -f $(DEPEND_TMP) $(DEPEND_TMP2) # Dependencies +as112.lo as112.o: $(srcdir)/util/as112.c $(srcdir)/util/as112.h dns.lo dns.o: $(srcdir)/services/cache/dns.c config.h $(srcdir)/iterator/iter_delegpt.h $(srcdir)/util/log.h \ $(srcdir)/validator/val_nsec.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h \ $(srcdir)/util/locks.h $(srcdir)/services/cache/dns.h $(srcdir)/util/data/msgreply.h \ @@ -702,7 +703,7 @@ localzone.lo localzone.o: $(srcdir)/serv $(srcdir)/sldns/sbuffer.h $(srcdir)/util/regional.h $(srcdir)/util/config_file.h $(srcdir)/util/data/dname.h \ $(srcdir)/util/storage/lruhash.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgencode.h \ $(srcdir)/util/net_help.h $(srcdir)/util/netevent.h $(srcdir)/util/data/msgreply.h \ - $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h + $(srcdir)/util/data/msgparse.h $(srcdir)/sldns/pkthdr.h $(srcdir)/util/as112.h mesh.lo mesh.o: $(srcdir)/services/mesh.c config.h $(srcdir)/services/mesh.h $(srcdir)/util/rbtree.h \ $(srcdir)/util/netevent.h $(srcdir)/util/data/msgparse.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h \ $(srcdir)/util/log.h $(srcdir)/sldns/pkthdr.h $(srcdir)/sldns/rrdef.h $(srcdir)/util/module.h \ @@ -821,7 +822,7 @@ val_anchor.lo val_anchor.o: $(srcdir)/va $(srcdir)/util/rbtree.h $(srcdir)/util/locks.h $(srcdir)/util/log.h $(srcdir)/validator/val_sigcrypt.h \ $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/storage/lruhash.h $(srcdir)/validator/autotrust.h \ $(srcdir)/util/data/dname.h $(srcdir)/util/net_help.h $(srcdir)/util/config_file.h $(srcdir)/sldns/sbuffer.h \ - $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/str2wire.h + $(srcdir)/sldns/rrdef.h $(srcdir)/sldns/str2wire.h $(srcdir)/util/as112.h validator.lo validator.o: $(srcdir)/validator/validator.c config.h $(srcdir)/validator/validator.h \ $(srcdir)/util/module.h $(srcdir)/util/storage/lruhash.h $(srcdir)/util/locks.h $(srcdir)/util/log.h \ $(srcdir)/util/data/msgreply.h $(srcdir)/util/data/packed_rrset.h $(srcdir)/util/data/msgparse.h \ Modified: stable/10/contrib/unbound/doc/example.conf ============================================================================== --- stable/10/contrib/unbound/doc/example.conf Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/doc/example.conf Wed Feb 17 11:38:43 2016 (r295691) @@ -508,13 +508,17 @@ server: # local-zone: "8.b.d.0.1.0.0.2.ip6.arpa." nodefault # And for 64.100.in-addr.arpa. to 127.100.in-addr.arpa. - # if unbound is running service for the local host then it is useful + # If unbound is running service for the local host then it is useful # to perform lan-wide lookups to the upstream, and unblock the # long list of local-zones above. If this unbound is a dns server # for a network of computers, disabled is better and stops information # leakage of local lan information. # unblock-lan-zones: no + # The insecure-lan-zones option disables validation for + # these zones, as if they were all listed as domain-insecure. + # insecure-lan-zones: no + # a number of locally served zones can be configured. # local-zone: # local-data: "" Modified: stable/10/contrib/unbound/doc/example.conf.in ============================================================================== --- stable/10/contrib/unbound/doc/example.conf.in Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/doc/example.conf.in Wed Feb 17 11:38:43 2016 (r295691) @@ -508,13 +508,17 @@ server: # local-zone: "8.b.d.0.1.0.0.2.ip6.arpa." nodefault # And for 64.100.in-addr.arpa. to 127.100.in-addr.arpa. - # if unbound is running service for the local host then it is useful + # If unbound is running service for the local host then it is useful # to perform lan-wide lookups to the upstream, and unblock the # long list of local-zones above. If this unbound is a dns server # for a network of computers, disabled is better and stops information # leakage of local lan information. # unblock-lan-zones: no + # The insecure-lan-zones option disables validation for + # these zones, as if they were all listed as domain-insecure. + # insecure-lan-zones: no + # a number of locally served zones can be configured. # local-zone: # local-data: "" Modified: stable/10/contrib/unbound/doc/unbound.conf.5 ============================================================================== --- stable/10/contrib/unbound/doc/unbound.conf.5 Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/doc/unbound.conf.5 Wed Feb 17 11:38:43 2016 (r295691) @@ -841,6 +841,11 @@ as a (DHCP-) DNS network resolver for a lookups should be filtered (RFC compliance), this also stops potential data leakage about the local network to the upstream DNS servers. .TP +.B insecure\-lan\-zones: \fI +Default is disabled. If enabled, then reverse lookups in private +address space are not validated. This is usually required whenever +\fIunblock\-lan\-zones\fR is used. +.TP .B local\-zone: \fI Configure a local zone. The type determines the answer to give if there is no match from local\-data. The types are deny, refuse, static, Modified: stable/10/contrib/unbound/doc/unbound.conf.5.in ============================================================================== --- stable/10/contrib/unbound/doc/unbound.conf.5.in Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/doc/unbound.conf.5.in Wed Feb 17 11:38:43 2016 (r295691) @@ -841,6 +841,11 @@ as a (DHCP-) DNS network resolver for a lookups should be filtered (RFC compliance), this also stops potential data leakage about the local network to the upstream DNS servers. .TP +.B insecure\-lan\-zones: \fI +Default is disabled. If enabled, then reverse lookups in private +address space are not validated. This is usually required whenever +\fIunblock\-lan\-zones\fR is used. +.TP .B local\-zone: \fI Configure a local zone. The type determines the answer to give if there is no match from local\-data. The types are deny, refuse, static, Modified: stable/10/contrib/unbound/services/localzone.c ============================================================================== --- stable/10/contrib/unbound/services/localzone.c Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/services/localzone.c Wed Feb 17 11:38:43 2016 (r295691) @@ -51,6 +51,7 @@ #include "util/netevent.h" #include "util/data/msgreply.h" #include "util/data/msgparse.h" +#include "util/as112.h" struct local_zones* local_zones_create(void) @@ -592,6 +593,7 @@ static int lz_enter_defaults(struct local_zones* zones, struct config_file* cfg) { struct local_zone* z; + const char** zstr; /* this list of zones is from RFC 6303 */ @@ -654,110 +656,14 @@ lz_enter_defaults(struct local_zones* zo lock_rw_unlock(&z->lock); } - /* if unblock lan-zones, then do not add the zones below. - * we do add the zones above, about 127.0.0.1, because localhost is - * not on the lan. */ - if(cfg->unblock_lan_zones) - return 1; - - /* block LAN level zones */ - if ( !add_as112_default(zones, cfg, "10.in-addr.arpa.") || - !add_as112_default(zones, cfg, "16.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "17.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "18.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "19.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "20.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "21.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "22.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "23.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "24.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "25.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "26.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "27.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "28.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "29.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "30.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "31.172.in-addr.arpa.") || - !add_as112_default(zones, cfg, "168.192.in-addr.arpa.") || - !add_as112_default(zones, cfg, "0.in-addr.arpa.") || - !add_as112_default(zones, cfg, "64.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "65.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "66.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "67.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "68.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "69.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "70.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "71.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "72.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "73.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "74.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "75.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "76.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "77.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "78.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "79.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "80.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "81.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "82.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "83.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "84.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "85.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "86.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "87.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "88.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "89.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "90.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "91.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "92.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "93.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "94.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "95.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "96.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "97.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "98.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "99.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "100.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "101.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "102.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "103.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "104.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "105.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "106.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "107.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "108.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "109.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "110.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "111.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "112.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "113.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "114.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "115.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "116.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "117.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "118.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "119.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "120.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "121.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "122.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "123.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "124.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "125.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "126.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "127.100.in-addr.arpa.") || - !add_as112_default(zones, cfg, "254.169.in-addr.arpa.") || - !add_as112_default(zones, cfg, "2.0.192.in-addr.arpa.") || - !add_as112_default(zones, cfg, "100.51.198.in-addr.arpa.") || - !add_as112_default(zones, cfg, "113.0.203.in-addr.arpa.") || - !add_as112_default(zones, cfg, "255.255.255.255.in-addr.arpa.") || - !add_as112_default(zones, cfg, "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.") || - !add_as112_default(zones, cfg, "d.f.ip6.arpa.") || - !add_as112_default(zones, cfg, "8.e.f.ip6.arpa.") || - !add_as112_default(zones, cfg, "9.e.f.ip6.arpa.") || - !add_as112_default(zones, cfg, "a.e.f.ip6.arpa.") || - !add_as112_default(zones, cfg, "b.e.f.ip6.arpa.") || - !add_as112_default(zones, cfg, "8.b.d.0.1.0.0.2.ip6.arpa.")) { - log_err("out of memory adding default zone"); - return 0; + /* block AS112 zones, unless asked not to */ + if(!cfg->unblock_lan_zones) { + for(zstr = as112_zones; *zstr; zstr++) { + if(!add_as112_default(zones, cfg, *zstr)) { + log_err("out of memory adding default zone"); + return 0; + } + } } return 1; } Copied: stable/10/contrib/unbound/util/as112.c (from r295535, head/contrib/unbound/util/as112.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/contrib/unbound/util/as112.c Wed Feb 17 11:38:43 2016 (r295691, copy of r295535, head/contrib/unbound/util/as112.c) @@ -0,0 +1,143 @@ +/* + * util/as112.c - list of local zones. + * + * Copyright (c) 2007, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * \file + * + * This file provides a list of lan zones. + */ + +#include "util/as112.h" + +static const char* as112_zone_array[] = { + "10.in-addr.arpa.", + "16.172.in-addr.arpa.", + "17.172.in-addr.arpa.", + "18.172.in-addr.arpa.", + "19.172.in-addr.arpa.", + "20.172.in-addr.arpa.", + "21.172.in-addr.arpa.", + "22.172.in-addr.arpa.", + "23.172.in-addr.arpa.", + "24.172.in-addr.arpa.", + "25.172.in-addr.arpa.", + "26.172.in-addr.arpa.", + "27.172.in-addr.arpa.", + "28.172.in-addr.arpa.", + "29.172.in-addr.arpa.", + "30.172.in-addr.arpa.", + "31.172.in-addr.arpa.", + "168.192.in-addr.arpa.", + "0.in-addr.arpa.", + "64.100.in-addr.arpa.", + "65.100.in-addr.arpa.", + "66.100.in-addr.arpa.", + "67.100.in-addr.arpa.", + "68.100.in-addr.arpa.", + "69.100.in-addr.arpa.", + "70.100.in-addr.arpa.", + "71.100.in-addr.arpa.", + "72.100.in-addr.arpa.", + "73.100.in-addr.arpa.", + "74.100.in-addr.arpa.", + "75.100.in-addr.arpa.", + "76.100.in-addr.arpa.", + "77.100.in-addr.arpa.", + "78.100.in-addr.arpa.", + "79.100.in-addr.arpa.", + "80.100.in-addr.arpa.", + "81.100.in-addr.arpa.", + "82.100.in-addr.arpa.", + "83.100.in-addr.arpa.", + "84.100.in-addr.arpa.", + "85.100.in-addr.arpa.", + "86.100.in-addr.arpa.", + "87.100.in-addr.arpa.", + "88.100.in-addr.arpa.", + "89.100.in-addr.arpa.", + "90.100.in-addr.arpa.", + "91.100.in-addr.arpa.", + "92.100.in-addr.arpa.", + "93.100.in-addr.arpa.", + "94.100.in-addr.arpa.", + "95.100.in-addr.arpa.", + "96.100.in-addr.arpa.", + "97.100.in-addr.arpa.", + "98.100.in-addr.arpa.", + "99.100.in-addr.arpa.", + "100.100.in-addr.arpa.", + "101.100.in-addr.arpa.", + "102.100.in-addr.arpa.", + "103.100.in-addr.arpa.", + "104.100.in-addr.arpa.", + "105.100.in-addr.arpa.", + "106.100.in-addr.arpa.", + "107.100.in-addr.arpa.", + "108.100.in-addr.arpa.", + "109.100.in-addr.arpa.", + "110.100.in-addr.arpa.", + "111.100.in-addr.arpa.", + "112.100.in-addr.arpa.", + "113.100.in-addr.arpa.", + "114.100.in-addr.arpa.", + "115.100.in-addr.arpa.", + "116.100.in-addr.arpa.", + "117.100.in-addr.arpa.", + "118.100.in-addr.arpa.", + "119.100.in-addr.arpa.", + "120.100.in-addr.arpa.", + "121.100.in-addr.arpa.", + "122.100.in-addr.arpa.", + "123.100.in-addr.arpa.", + "124.100.in-addr.arpa.", + "125.100.in-addr.arpa.", + "126.100.in-addr.arpa.", + "127.100.in-addr.arpa.", + "254.169.in-addr.arpa.", + "2.0.192.in-addr.arpa.", + "100.51.198.in-addr.arpa.", + "113.0.203.in-addr.arpa.", + "255.255.255.255.in-addr.arpa.", + "0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa.", + "d.f.ip6.arpa.", + "8.e.f.ip6.arpa.", + "9.e.f.ip6.arpa.", + "a.e.f.ip6.arpa.", + "b.e.f.ip6.arpa.", + "8.b.d.0.1.0.0.2.ip6.arpa.", + 0 +}; + +const char** as112_zones = as112_zone_array; Copied: stable/10/contrib/unbound/util/as112.h (from r295535, head/contrib/unbound/util/as112.h) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/contrib/unbound/util/as112.h Wed Feb 17 11:38:43 2016 (r295691, copy of r295535, head/contrib/unbound/util/as112.h) @@ -0,0 +1,57 @@ +/* + * util/as112.c - list of local zones. + * + * Copyright (c) 2007, NLnet Labs. All rights reserved. + * + * This software is open source. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * Neither the name of the NLNET LABS nor the names of its contributors may + * be used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR + * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT + * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED + * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF + * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING + * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/** + * \file + * + * This file provides a list of lan zones + */ + +#ifndef UTIL_AS112_H +#define UTIL_AS112_H + +/** + * Array of text-format domain names of the AS112 zones. + * The array ends with NULL. "AS112" is a service on the internet that + * that this array is named after. The names in this list (or some of them) + * are null-routed by this service to avoid load on central servers caused by + * mistaken lookups for local content on the global internet. + * + * This is the list of names that unbound should not normally be sending + * on towards the internet, because they are local-use. + */ +extern const char** as112_zones; + +#endif Modified: stable/10/contrib/unbound/util/config_file.c ============================================================================== --- stable/10/contrib/unbound/util/config_file.c Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/util/config_file.c Wed Feb 17 11:38:43 2016 (r295691) @@ -210,6 +210,7 @@ config_create(void) cfg->local_zones_nodefault = NULL; cfg->local_data = NULL; cfg->unblock_lan_zones = 0; + cfg->insecure_lan_zones = 0; cfg->python_script = NULL; cfg->remote_control_enable = 0; cfg->control_ifs = NULL; @@ -458,6 +459,7 @@ int config_set_option(struct config_file else S_YNO("rrset-roundrobin:", rrset_roundrobin) else S_STRLIST("local-data:", local_data) else S_YNO("unblock-lan-zones:", unblock_lan_zones) + else S_YNO("insecure-lan-zones:", insecure_lan_zones) else S_YNO("control-enable:", remote_control_enable) else S_STRLIST("control-interface:", control_ifs) else S_NUMBER_NONZERO("control-port:", control_port) @@ -739,6 +741,7 @@ config_get_option(struct config_file* cf else O_YNO(opt, "minimal-responses", minimal_responses) else O_YNO(opt, "rrset-roundrobin", rrset_roundrobin) else O_YNO(opt, "unblock-lan-zones", unblock_lan_zones) + else O_YNO(opt, "insecure-lan-zones", insecure_lan_zones) else O_DEC(opt, "max-udp-size", max_udp_size) else O_STR(opt, "python-script", python_script) else O_DEC(opt, "ratelimit", ratelimit) Modified: stable/10/contrib/unbound/util/config_file.h ============================================================================== --- stable/10/contrib/unbound/util/config_file.h Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/util/config_file.h Wed Feb 17 11:38:43 2016 (r295691) @@ -285,8 +285,10 @@ struct config_file { struct config_strlist* local_zones_nodefault; /** local data RRs configured */ struct config_strlist* local_data; - /** unblock lan zones (reverse lookups for 10/8 and so on) */ + /** unblock lan zones (reverse lookups for AS112 zones) */ int unblock_lan_zones; + /** insecure lan zones (don't validate AS112 zones) */ + int insecure_lan_zones; /** remote control section. enable toggle. */ int remote_control_enable; Modified: stable/10/contrib/unbound/util/configlexer.lex ============================================================================== --- stable/10/contrib/unbound/util/configlexer.lex Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/util/configlexer.lex Wed Feb 17 11:38:43 2016 (r295691) @@ -321,6 +321,7 @@ local-zone{COLON} { YDVAR(2, VAR_LOCAL_ local-data{COLON} { YDVAR(1, VAR_LOCAL_DATA) } local-data-ptr{COLON} { YDVAR(1, VAR_LOCAL_DATA_PTR) } unblock-lan-zones{COLON} { YDVAR(1, VAR_UNBLOCK_LAN_ZONES) } +insecure-lan-zones{COLON} { YDVAR(1, VAR_INSECURE_LAN_ZONES) } statistics-interval{COLON} { YDVAR(1, VAR_STATISTICS_INTERVAL) } statistics-cumulative{COLON} { YDVAR(1, VAR_STATISTICS_CUMULATIVE) } extended-statistics{COLON} { YDVAR(1, VAR_EXTENDED_STATISTICS) } Modified: stable/10/contrib/unbound/util/configparser.y ============================================================================== --- stable/10/contrib/unbound/util/configparser.y Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/util/configparser.y Wed Feb 17 11:38:43 2016 (r295691) @@ -106,7 +106,8 @@ extern struct config_parser_state* cfg_p %token VAR_IGNORE_CD_FLAG VAR_LOG_QUERIES VAR_TCP_UPSTREAM VAR_SSL_UPSTREAM %token VAR_SSL_SERVICE_KEY VAR_SSL_SERVICE_PEM VAR_SSL_PORT VAR_FORWARD_FIRST %token VAR_STUB_FIRST VAR_MINIMAL_RESPONSES VAR_RRSET_ROUNDROBIN -%token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE VAR_UNBLOCK_LAN_ZONES +%token VAR_MAX_UDP_SIZE VAR_DELAY_CLOSE +%token VAR_UNBLOCK_LAN_ZONES VAR_INSECURE_LAN_ZONES %token VAR_INFRA_CACHE_MIN_RTT %token VAR_DNS64_PREFIX VAR_DNS64_SYNTHALL %token VAR_DNSTAP VAR_DNSTAP_ENABLE VAR_DNSTAP_SOCKET_PATH @@ -180,7 +181,8 @@ content_server: server_num_threads | ser server_log_queries | server_tcp_upstream | server_ssl_upstream | server_ssl_service_key | server_ssl_service_pem | server_ssl_port | server_minimal_responses | server_rrset_roundrobin | server_max_udp_size | - server_so_reuseport | server_delay_close | server_unblock_lan_zones | + server_so_reuseport | server_delay_close | + server_unblock_lan_zones | server_insecure_lan_zones | server_dns64_prefix | server_dns64_synthall | server_infra_cache_min_rtt | server_harden_algo_downgrade | server_ip_transparent | server_ratelimit | server_ratelimit_slabs | @@ -722,6 +724,16 @@ server_unblock_lan_zones: VAR_UNBLOCK_LA free($2); } ; +server_insecure_lan_zones: VAR_INSECURE_LAN_ZONES STRING_ARG + { + OUTYY(("P(server_insecure_lan_zones:%s)\n", $2)); + if(strcmp($2, "yes") != 0 && strcmp($2, "no") != 0) + yyerror("expected yes or no."); + else cfg_parser->cfg->insecure_lan_zones = + (strcmp($2, "yes")==0); + free($2); + } + ; server_rrset_cache_size: VAR_RRSET_CACHE_SIZE STRING_ARG { OUTYY(("P(server_rrset_cache_size:%s)\n", $2)); Modified: stable/10/contrib/unbound/validator/val_anchor.c ============================================================================== --- stable/10/contrib/unbound/validator/val_anchor.c Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/contrib/unbound/validator/val_anchor.c Wed Feb 17 11:38:43 2016 (r295691) @@ -48,6 +48,7 @@ #include "util/log.h" #include "util/net_help.h" #include "util/config_file.h" +#include "util/as112.h" #include "sldns/sbuffer.h" #include "sldns/rrdef.h" #include "sldns/str2wire.h" @@ -1044,8 +1045,18 @@ int anchors_apply_cfg(struct val_anchors* anchors, struct config_file* cfg) { struct config_strlist* f; + const char** zstr; char* nm; sldns_buffer* parsebuf = sldns_buffer_new(65535); + if(cfg->insecure_lan_zones) { + for(zstr = as112_zones; *zstr; zstr++) { + if(!anchor_insert_insecure(anchors, *zstr)) { + log_err("error in insecure-lan-zones: %s", *zstr); + sldns_buffer_free(parsebuf); + return 0; + } + } + } for(f = cfg->domain_insecure; f; f = f->next) { if(!f->str || f->str[0] == 0) /* empty "" */ continue; Modified: stable/10/lib/libunbound/Makefile ============================================================================== --- stable/10/lib/libunbound/Makefile Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/lib/libunbound/Makefile Wed Feb 17 11:38:43 2016 (r295691) @@ -12,7 +12,7 @@ PRIVATELIB= CFLAGS= -I${UNBOUNDDIR} -I${LDNSDIR} -I${.OBJDIR} -SRCS= alloc.c autotrust.c config_file.c configlexer.l configparser.y \ +SRCS= alloc.c as112.c autotrust.c config_file.c configlexer.l configparser.y \ context.c dname.c dns.c dns64.c dnstree.c fptr_wlist.c infra.c \ iter_delegpt.c iter_donotq.c iter_fwd.c iter_hints.c iter_priv.c \ iter_resptype.c iter_scrub.c iter_utils.c iterator.c keyraw.c \ Modified: stable/10/usr.sbin/unbound/local-setup/local-unbound-setup.sh ============================================================================== --- stable/10/usr.sbin/unbound/local-setup/local-unbound-setup.sh Wed Feb 17 11:36:45 2016 (r295690) +++ stable/10/usr.sbin/unbound/local-setup/local-unbound-setup.sh Wed Feb 17 11:38:43 2016 (r295691) @@ -210,31 +210,7 @@ gen_lanzones_conf() { echo "server:" echo " # Unblock reverse lookups for LAN addresses" echo " unblock-lan-zones: yes" - echo " domain-insecure: 10.in-addr.arpa." - echo " domain-insecure: 127.in-addr.arpa." - echo " domain-insecure: 16.172.in-addr.arpa." - echo " domain-insecure: 17.172.in-addr.arpa." - echo " domain-insecure: 18.172.in-addr.arpa." - echo " domain-insecure: 19.172.in-addr.arpa." - echo " domain-insecure: 20.172.in-addr.arpa." - echo " domain-insecure: 21.172.in-addr.arpa." - echo " domain-insecure: 22.172.in-addr.arpa." - echo " domain-insecure: 23.172.in-addr.arpa." - echo " domain-insecure: 24.172.in-addr.arpa." - echo " domain-insecure: 25.172.in-addr.arpa." - echo " domain-insecure: 26.172.in-addr.arpa." - echo " domain-insecure: 27.172.in-addr.arpa." - echo " domain-insecure: 28.172.in-addr.arpa." - echo " domain-insecure: 29.172.in-addr.arpa." - echo " domain-insecure: 30.172.in-addr.arpa." - echo " domain-insecure: 31.172.in-addr.arpa." - echo " domain-insecure: 168.192.in-addr.arpa." - echo " domain-insecure: 254.169.in-addr.arpa." - echo " domain-insecure: d.f.ip6.arpa." - echo " domain-insecure: 8.e.ip6.arpa." - echo " domain-insecure: 9.e.ip6.arpa." - echo " domain-insecure: a.e.ip6.arpa." - echo " domain-insecure: b.e.ip6.arpa." + echo " insecure-lan-zones: yes" } # From owner-svn-src-stable-10@freebsd.org Wed Feb 17 11:40:05 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 11190AAA805; Wed, 17 Feb 2016 11:40:05 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D27C3CF1; Wed, 17 Feb 2016 11:40:04 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1HBe3Xq098504; Wed, 17 Feb 2016 11:40:03 GMT (envelope-from des@FreeBSD.org) Received: (from des@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1HBe3sq098503; Wed, 17 Feb 2016 11:40:03 GMT (envelope-from des@FreeBSD.org) Message-Id: <201602171140.u1HBe3sq098503@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org using -f From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Date: Wed, 17 Feb 2016 11:40:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295692 - stable/10/lib/libfetch X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 11:40:05 -0000 Author: des Date: Wed Feb 17 11:40:03 2016 New Revision: 295692 URL: https://svnweb.freebsd.org/changeset/base/295692 Log: MFH (r295536): fix double-free error when SSL connection fails PR: 206774 Submitted by: Christian Heckendorf Approved by: re (glebius) Modified: stable/10/lib/libfetch/http.c Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libfetch/http.c ============================================================================== --- stable/10/lib/libfetch/http.c Wed Feb 17 11:38:43 2016 (r295691) +++ stable/10/lib/libfetch/http.c Wed Feb 17 11:40:03 2016 (r295692) @@ -1435,7 +1435,6 @@ http_connect(struct url *URL, struct url } if (strcasecmp(URL->scheme, SCHEME_HTTPS) == 0 && fetch_ssl(conn, URL, verbose) == -1) { - fetch_close(conn); /* grrr */ errno = EAUTH; fetch_syserr(); From owner-svn-src-stable-10@freebsd.org Wed Feb 17 15:05:33 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 54D6FAAB295 for ; Wed, 17 Feb 2016 15:05:33 +0000 (UTC) (envelope-from junchoon@dec.sakura.ne.jp) Received: from dec.sakura.ne.jp (dec.sakura.ne.jp [210.188.226.8]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id F28991C26; Wed, 17 Feb 2016 15:05:32 +0000 (UTC) (envelope-from junchoon@dec.sakura.ne.jp) Received: from fortune.joker.local (123-48-23-227.dz.commufa.jp [123.48.23.227]) (authenticated bits=0) by dec.sakura.ne.jp (8.15.2/8.15.2/[SAKURA-WEB]/20080708) with ESMTPA id u1HF5P0c057745; Thu, 18 Feb 2016 00:05:25 +0900 (JST) (envelope-from junchoon@dec.sakura.ne.jp) Date: Thu, 18 Feb 2016 00:05:24 +0900 From: Tomoaki AOKI To: svn-src-stable-10@freebsd.org Cc: emaste@FreeBSD.org Subject: Re: svn commit: r295652 - stable/10/share/man/man8 Message-Id: <20160218000524.015d66e0ed13fc0cf665f226@dec.sakura.ne.jp> Organization: Junchoon corps X-Mailer: Sylpheed 3.5.0 (GTK+ 2.24.29; amd64-portbld-freebsd10.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 15:05:33 -0000 Hi! Maybe too late but to be more clearer to describe the behaviour... > Author: emaste > Date: Tue Feb 16 03:50:56 2016 > New Revision: 295652 > URL: https://svnweb.freebsd.org/changeset/base/295652 > > Log: > MFC r295497: Update uefi.8 for ZFS and multi device boot support > > Approved by: re (gjb) > > Modified: > stable/10/share/man/man8/uefi.8 > Directory Properties: > stable/10/ (props changed) > > Modified: stable/10/share/man/man8/uefi.8 > ============================================================================== > --- stable/10/share/man/man8/uefi.8 Tue Feb 16 02:23:39 > 2016 (r295651) +++ stable/10/share/man/man8/uefi.8 Tue > Feb 16 03:50:56 2016 (r295652) @@ -24,7 +24,7 @@ > .\" > .\" $FreeBSD$ > .\" > -.Dd February 14, 2016 > +.Dd February 15, 2016 > .Dt UEFI 8 > .Os > .Sh NAME > @@ -83,9 +83,17 @@ passes the configuration to the next sta > itself act on the contents of the file. > .It > .Pa boot1.efi > -locates the first partition with the type > -.Li freebsd-ufs , > -and from it loads > +searches partitions of type > +.Li freebsd-ufs > +and > +.Li freebsd-zfs This would be better +searches partitions of type +.Li freebsd-zfs +and if none, +Li freebsd-ufs > +for > +.Pa loader.efi . > +The search begins with partitions on the device from which > +.Pa boot1.efi > +was loaded, and continues with other available partitions. > +.Pa boot1.efi > +then loads and executes > .Pa loader.efi . > .It > .Pa loader.efi > @@ -146,19 +154,3 @@ Foundation sponsored portions of the wor > EFI environment variables are not supported by > .Xr loader 8 > or the kernel. > -.Pp > -.Pa boot1.efi > -loads > -.Pa loader.efi > -from the first FreeBSD-UFS file system it locates, even if it is on a > -different disk. > -.Pp > -.Pa boot1.efi > -cannot load > -.Pa loader.efi > -from a > -.Xr ZFS 8 > -file system. > -As a result, > -.Nm > -does not support a typical root file system on ZFS configuration. Thanks in advance! Regards. -- Tomoaki AOKI junchoon@dec.sakura.ne.jp From owner-svn-src-stable-10@freebsd.org Wed Feb 17 15:36:03 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E6239AABF64; Wed, 17 Feb 2016 15:36:03 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9CD371D03; Wed, 17 Feb 2016 15:36:03 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1HFa2hG069563; Wed, 17 Feb 2016 15:36:02 GMT (envelope-from jimharris@FreeBSD.org) Received: (from jimharris@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1HFa2e3069562; Wed, 17 Feb 2016 15:36:02 GMT (envelope-from jimharris@FreeBSD.org) Message-Id: <201602171536.u1HFa2e3069562@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jimharris set sender to jimharris@FreeBSD.org using -f From: Jim Harris Date: Wed, 17 Feb 2016 15:36:02 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295704 - stable/10/sys/dev/nvme X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 15:36:04 -0000 Author: jimharris Date: Wed Feb 17 15:36:02 2016 New Revision: 295704 URL: https://svnweb.freebsd.org/changeset/base/295704 Log: MFC r295532: nvme: avoid duplicate SET_NUM_QUEUES commands nvme(4) issues a SET_NUM_QUEUES command during device initialization to ensure enough I/O queues exists for each of the MSI-X vectors we have allocated. The SET_NUM_QUEUES command is then issued again during nvme_ctrlr_start(), to ensure that is properly set after any controller reset. At least one NVMe drive exists which fails this second SET_NUM_QUEUES command during device initialization. So change nvme_ctrlr_start() to only issue its SET_NUM_QUEUES command when it is coming out of a reset - avoiding the duplicate SET_NUM_QUEUES during device initialization. Approved by: re (glebius) Sponsored by: Intel Modified: stable/10/sys/dev/nvme/nvme_ctrlr.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/dev/nvme/nvme_ctrlr.c ============================================================================== --- stable/10/sys/dev/nvme/nvme_ctrlr.c Wed Feb 17 14:39:29 2016 (r295703) +++ stable/10/sys/dev/nvme/nvme_ctrlr.c Wed Feb 17 15:36:02 2016 (r295704) @@ -725,15 +725,17 @@ nvme_ctrlr_start(void *ctrlr_arg) * explicit specify how many queues it will use. This value should * never change between resets, so panic if somehow that does happen. */ - old_num_io_queues = ctrlr->num_io_queues; - if (nvme_ctrlr_set_num_qpairs(ctrlr) != 0) { - nvme_ctrlr_fail(ctrlr); - return; - } + if (ctrlr->is_resetting) { + old_num_io_queues = ctrlr->num_io_queues; + if (nvme_ctrlr_set_num_qpairs(ctrlr) != 0) { + nvme_ctrlr_fail(ctrlr); + return; + } - if (old_num_io_queues != ctrlr->num_io_queues) { - panic("num_io_queues changed from %u to %u", old_num_io_queues, - ctrlr->num_io_queues); + if (old_num_io_queues != ctrlr->num_io_queues) { + panic("num_io_queues changed from %u to %u", + old_num_io_queues, ctrlr->num_io_queues); + } } if (nvme_ctrlr_create_qpairs(ctrlr) != 0) { From owner-svn-src-stable-10@freebsd.org Wed Feb 17 15:38:06 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 945C8AAA0B5; Wed, 17 Feb 2016 15:38:06 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6E9251FBD; Wed, 17 Feb 2016 15:38:06 +0000 (UTC) (envelope-from jimharris@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1HFc5hi069683; Wed, 17 Feb 2016 15:38:05 GMT (envelope-from jimharris@FreeBSD.org) Received: (from jimharris@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1HFc5Mr069681; Wed, 17 Feb 2016 15:38:05 GMT (envelope-from jimharris@FreeBSD.org) Message-Id: <201602171538.u1HFc5Mr069681@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jimharris set sender to jimharris@FreeBSD.org using -f From: Jim Harris Date: Wed, 17 Feb 2016 15:38:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295705 - in stable/10: share/man/man4 sys/dev/nvd X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 15:38:06 -0000 Author: jimharris Date: Wed Feb 17 15:38:05 2016 New Revision: 295705 URL: https://svnweb.freebsd.org/changeset/base/295705 Log: MFC r295022: nvd: add hw.nvd.delete_max tunable The NVMe specification does not define a maximum or optimal delete size, so technically max delete size is min(full size of namespace, 2^32 - 1 LBAs). A single delete operation for a multi-TB NVMe namespace though may take much longer to complete than the nvme(4) I/O timeout period. So choose a sensible default here that is still suitably large to minimize the number of overall delete operations. This also fixes possible uint32_t overflow on initial TRIM operation for zpool create operations for NVMe namespaces with >4G LBAs. Approved by: re (glebius) Sponsored by: Intel Modified: stable/10/share/man/man4/nvd.4 stable/10/sys/dev/nvd/nvd.c Directory Properties: stable/10/ (props changed) Modified: stable/10/share/man/man4/nvd.4 ============================================================================== --- stable/10/share/man/man4/nvd.4 Wed Feb 17 15:36:02 2016 (r295704) +++ stable/10/share/man/man4/nvd.4 Wed Feb 17 15:38:05 2016 (r295705) @@ -1,5 +1,5 @@ .\" -.\" Copyright (c) 2012-2014 Intel Corporation +.\" Copyright (c) 2012-2016 Intel Corporation .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without @@ -33,7 +33,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 18, 2014 +.Dd January 28, 2016 .Dt NVD 4 .Os .Sh NAME @@ -74,6 +74,15 @@ Note that device nodes from the driver are not .Xr GEOM 4 disks and cannot be partitioned. +.Sh CONFIGURATION +The +.Nm +driver defines a system-wide maximum delete size for NVMe devices. The +default is 1GB. To select a different value, set the following tunable in +.Xr loader.conf 5 : +.Bd -literal -offset indent +hw.nvd.delete_max= +.Ed .Sh SEE ALSO .Xr GEOM 4 , .Xr nvme 4 , Modified: stable/10/sys/dev/nvd/nvd.c ============================================================================== --- stable/10/sys/dev/nvd/nvd.c Wed Feb 17 15:36:02 2016 (r295704) +++ stable/10/sys/dev/nvd/nvd.c Wed Feb 17 15:38:05 2016 (r295705) @@ -1,5 +1,5 @@ /*- - * Copyright (C) 2012-2013 Intel Corporation + * Copyright (C) 2012-2016 Intel Corporation * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -32,6 +32,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -88,6 +89,19 @@ struct nvd_controller { static TAILQ_HEAD(, nvd_controller) ctrlr_head; static TAILQ_HEAD(disk_list, nvd_disk) disk_head; +static SYSCTL_NODE(_hw, OID_AUTO, nvd, CTLFLAG_RD, 0, "nvd driver parameters"); +/* + * The NVMe specification does not define a maximum or optimal delete size, so + * technically max delete size is min(full size of the namespace, 2^32 - 1 + * LBAs). A single delete for a multi-TB NVMe namespace though may take much + * longer to complete than the nvme(4) I/O timeout period. So choose a sensible + * default here that is still suitably large to minimize the number of overall + * delete operations. + */ +static uint64_t nvd_delete_max = (1024 * 1024 * 1024); /* 1GB */ +SYSCTL_UQUAD(_hw_nvd, OID_AUTO, delete_max, CTLFLAG_RDTUN, &nvd_delete_max, 0, + "nvd maximum BIO_DELETE size in bytes"); + static int nvd_modevent(module_t mod, int type, void *arg) { int error = 0; @@ -295,6 +309,8 @@ nvd_new_disk(struct nvme_namespace *ns, disk->d_sectorsize = nvme_ns_get_sector_size(ns); disk->d_mediasize = (off_t)nvme_ns_get_size(ns); disk->d_delmaxsize = (off_t)nvme_ns_get_size(ns); + if (disk->d_delmaxsize > nvd_delete_max) + disk->d_delmaxsize = nvd_delete_max; disk->d_stripesize = nvme_ns_get_optimal_sector_size(ns); if (TAILQ_EMPTY(&disk_head)) From owner-svn-src-stable-10@freebsd.org Wed Feb 17 19:09:08 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 42FCEAAB4AD; Wed, 17 Feb 2016 19:09:08 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1483A17BD; Wed, 17 Feb 2016 19:09:08 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1HJ97Ut031479; Wed, 17 Feb 2016 19:09:07 GMT (envelope-from pfg@FreeBSD.org) Received: (from pfg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1HJ97KH031478; Wed, 17 Feb 2016 19:09:07 GMT (envelope-from pfg@FreeBSD.org) Message-Id: <201602171909.u1HJ97KH031478@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org using -f From: "Pedro F. Giffuni" Date: Wed, 17 Feb 2016 19:09:07 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295714 - stable/10/sys/fs/ext2fs X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Feb 2016 19:09:08 -0000 Author: pfg Date: Wed Feb 17 19:09:06 2016 New Revision: 295714 URL: https://svnweb.freebsd.org/changeset/base/295714 Log: MFC r295616: ext2fs: Remove panics for rename() race conditions. Sync with r84642 from UFS: The panics are inappropriate because the IN_RENAME flag only fixes a few of the huge number of race conditions that can result in the source path becoming invalid even prior to the VOP_RENAME() call. Approved by: re (glebius) Modified: stable/10/sys/fs/ext2fs/ext2_vnops.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/fs/ext2fs/ext2_vnops.c ============================================================================== --- stable/10/sys/fs/ext2fs/ext2_vnops.c Wed Feb 17 18:41:55 2016 (r295713) +++ stable/10/sys/fs/ext2fs/ext2_vnops.c Wed Feb 17 19:09:06 2016 (r295714) @@ -985,10 +985,10 @@ abortit: dp = VTOI(fdvp); } else { /* - * From name has disappeared. + * From name has disappeared. IN_RENAME is not sufficient + * to protect against directory races due to timing windows, + * so we can't panic here. */ - if (doingdirectory) - panic("ext2_rename: lost dir entry"); vrele(ap->a_fvp); return (0); } @@ -1003,8 +1003,11 @@ abortit: * rename. */ if (xp != ip) { - if (doingdirectory) - panic("ext2_rename: lost dir entry"); + /* + * From name resolves to a different inode. IN_RENAME is + * not sufficient protection against timing window races + * so we can't panic here. + */ } else { /* * If the source is a directory with a From owner-svn-src-stable-10@freebsd.org Thu Feb 18 22:24:05 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 423CFAADB22; Thu, 18 Feb 2016 22:24:05 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id 2A5E3872; Thu, 18 Feb 2016 22:24:05 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from mail.xzibition.com (localhost [IPv6:::1]) by freefall.freebsd.org (Postfix) with ESMTP id 1FD481935; Thu, 18 Feb 2016 22:24:05 +0000 (UTC) (envelope-from bdrewery@FreeBSD.org) Received: from mail.xzibition.com (localhost [172.31.3.2]) by mail.xzibition.com (Postfix) with ESMTP id C8877DFE9; Thu, 18 Feb 2016 22:24:04 +0000 (UTC) X-Virus-Scanned: amavisd-new at mail.xzibition.com Received: from mail.xzibition.com ([172.31.3.2]) by mail.xzibition.com (mail.xzibition.com [172.31.3.2]) (amavisd-new, port 10026) with LMTP id 69X3yS0bXZRU; Thu, 18 Feb 2016 22:24:01 +0000 (UTC) Subject: Re: svn commit: r294693 - in stable/10: . crypto/openssh secure/lib/libssh secure/usr.bin/ssh secure/usr.sbin/sshd share/mk tools/build/options DKIM-Filter: OpenDKIM Filter v2.9.2 mail.xzibition.com 1BE6BDFE4 To: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= , Slawa Olhovchenkov References: <201601242228.u0OMSIn7032949@repo.freebsd.org> <20160213192402.GC37895@zxy.spb.ru> <86wpq4vmn8.fsf@desk.des.no> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org From: Bryan Drewery Openpgp: id=F9173CB2C3AAEA7A5C8A1F0935D771BB6E4697CF; url=http://www.shatow.net/bryan/bryan2.asc Organization: FreeBSD Message-ID: <56C6448D.3050501@FreeBSD.org> Date: Thu, 18 Feb 2016 14:24:13 -0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1 MIME-Version: 1.0 In-Reply-To: <86wpq4vmn8.fsf@desk.des.no> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="eilEPWagumUeVAB4Q2M74CxwbN8p8q8ek" X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Feb 2016 22:24:05 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --eilEPWagumUeVAB4Q2M74CxwbN8p8q8ek Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2/16/2016 4:56 AM, Dag-Erling Sm=C3=B8rgrav wrote: > Slawa Olhovchenkov writes: >> Now ssh terminated if found `noneenabled` in .ssh/config >=20 > % perl -n -i -e 'print unless m/noneenabled/i' ~/.ssh/config >=20 If this is true it needs to be fixed. We can't be causing sshd to not come up on a minor upgrade. --=20 Regards, Bryan Drewery --eilEPWagumUeVAB4Q2M74CxwbN8p8q8ek Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBAgAGBQJWxkSNAAoJEDXXcbtuRpfP5uwIAJMSkz0q3aJvCcd+YYN0ubmN i4y46U+47tvRlFM9k/+huSUn1uKNqUQM6coJPs00hs8KKXcWQEd36GGCHEDXDOZr Qgdg/Qsqn9G5uP0hRMgi+ZqhBL+uXUy9wPMHGxv4L/kBD0gFU+lhRjLBMzIZLsVd uNZlYbTMYptGHXuTDCXDM/fVRAZ+KW30owfBSjX7Ka68gafwzyIFKHhs7VDcWyIM TB/0OflGrgOg93xZQU+20v+d68XJftahyuCWkrX6ivFeO5HJFLBtfvytfJoHiEI0 oWnd32ClcM4WSMWSjpPL3XjOKcLTLkFX1LeJ0g93JrFLf+k9mp65thrfU1uN8HU= =MpUY -----END PGP SIGNATURE----- --eilEPWagumUeVAB4Q2M74CxwbN8p8q8ek-- From owner-svn-src-stable-10@freebsd.org Fri Feb 19 02:03:17 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6D2C8AAC925; Fri, 19 Feb 2016 02:03:17 +0000 (UTC) (envelope-from sephe@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 36E061588; Fri, 19 Feb 2016 02:03:17 +0000 (UTC) (envelope-from sephe@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1J23Gc6098403; Fri, 19 Feb 2016 02:03:16 GMT (envelope-from sephe@FreeBSD.org) Received: (from sephe@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1J23FIZ098390; Fri, 19 Feb 2016 02:03:15 GMT (envelope-from sephe@FreeBSD.org) Message-Id: <201602190203.u1J23FIZ098390@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: sephe set sender to sephe@FreeBSD.org using -f From: Sepherosa Ziehau Date: Fri, 19 Feb 2016 02:03:15 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295789 - in stable/10/sys: conf dev/hyperv/include dev/hyperv/netvsc dev/hyperv/vmbus modules/hyperv/vmbus x86/x86 X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Feb 2016 02:03:17 -0000 Author: sephe Date: Fri Feb 19 02:03:14 2016 New Revision: 295789 URL: https://svnweb.freebsd.org/changeset/base/295789 Log: MFC [Hyper-V]: r293719-r293722, r293869-r293871, r293873-r293875, r293877 r293719 hyperv/hn: Implement LRO r293720 hyperv/hn: Implement SIOC[SG]IFMEDIA support r293721 hyperv/hn: Avoid mbuf cluster allocation, if the packet is small. r293722 hyperv/hn: Removed unused netvsc_init() r293869 hyperv/hn: Unbreak LINT-NOIP r293870 hyperv: use x86 generic code to do the hypervisor detection r293871 hyperv: remove unused vmbus definitions r293873 hyperv: implement an event timer r293874 hyperv: add interrupt counters r293875 hyperv: set receive buffer size according to NVSP protocol version r293877 Unbreak `make depend` with sys/modules/hyperv/vmbus after r293870 Approved by: re (glebius), adrian (mentor) Sponsored by: Microsoft OSTC Added: stable/10/sys/dev/hyperv/vmbus/hv_et.c - copied unchanged from r293873, head/sys/dev/hyperv/vmbus/hv_et.c Modified: stable/10/sys/conf/files.amd64 stable/10/sys/conf/files.i386 stable/10/sys/dev/hyperv/include/hyperv.h stable/10/sys/dev/hyperv/netvsc/hv_net_vsc.c stable/10/sys/dev/hyperv/netvsc/hv_net_vsc.h stable/10/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c stable/10/sys/dev/hyperv/netvsc/hv_rndis.h stable/10/sys/dev/hyperv/netvsc/hv_rndis_filter.c stable/10/sys/dev/hyperv/netvsc/hv_rndis_filter.h stable/10/sys/dev/hyperv/vmbus/hv_connection.c stable/10/sys/dev/hyperv/vmbus/hv_hv.c stable/10/sys/dev/hyperv/vmbus/hv_vmbus_drv_freebsd.c stable/10/sys/dev/hyperv/vmbus/hv_vmbus_priv.h stable/10/sys/modules/hyperv/vmbus/Makefile stable/10/sys/x86/x86/identcpu.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/conf/files.amd64 ============================================================================== --- stable/10/sys/conf/files.amd64 Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/conf/files.amd64 Fri Feb 19 02:03:14 2016 (r295789) @@ -270,6 +270,7 @@ dev/hyperv/vmbus/hv_channel.c optiona dev/hyperv/vmbus/hv_channel_mgmt.c optional hyperv dev/hyperv/vmbus/hv_connection.c optional hyperv dev/hyperv/vmbus/hv_hv.c optional hyperv +dev/hyperv/vmbus/hv_et.c optional hyperv dev/hyperv/vmbus/hv_ring_buffer.c optional hyperv dev/hyperv/vmbus/hv_vmbus_drv_freebsd.c optional hyperv dev/kbd/kbd.c optional atkbd | sc | ukbd | vt Modified: stable/10/sys/conf/files.i386 ============================================================================== --- stable/10/sys/conf/files.i386 Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/conf/files.i386 Fri Feb 19 02:03:14 2016 (r295789) @@ -248,6 +248,7 @@ dev/hyperv/vmbus/hv_channel.c optiona dev/hyperv/vmbus/hv_channel_mgmt.c optional hyperv dev/hyperv/vmbus/hv_connection.c optional hyperv dev/hyperv/vmbus/hv_hv.c optional hyperv +dev/hyperv/vmbus/hv_et.c optional hyperv dev/hyperv/vmbus/hv_ring_buffer.c optional hyperv dev/hyperv/vmbus/hv_vmbus_drv_freebsd.c optional hyperv dev/ichwd/ichwd.c optional ichwd Modified: stable/10/sys/dev/hyperv/include/hyperv.h ============================================================================== --- stable/10/sys/dev/hyperv/include/hyperv.h Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/include/hyperv.h Fri Feb 19 02:03:14 2016 (r295789) @@ -335,11 +335,6 @@ typedef enum { HV_CHANNEL_MESSAGE_INITIATED_CONTACT = 14, HV_CHANNEL_MESSAGE_VERSION_RESPONSE = 15, HV_CHANNEL_MESSAGE_UNLOAD = 16, - -#ifdef HV_VMBUS_FEATURE_PARENT_OR_PEER_MEMORY_MAPPED_INTO_A_CHILD - HV_CHANNEL_MESSAGE_VIEW_RANGE_ADD = 17, - HV_CHANNEL_MESSAGE_VIEW_RANGE_REMOVE = 18, -#endif HV_CHANNEL_MESSAGE_COUNT } hv_vmbus_channel_msg_type; Modified: stable/10/sys/dev/hyperv/netvsc/hv_net_vsc.c ============================================================================== --- stable/10/sys/dev/hyperv/netvsc/hv_net_vsc.c Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/netvsc/hv_net_vsc.c Fri Feb 19 02:03:14 2016 (r295789) @@ -641,6 +641,12 @@ hv_nv_connect_to_vsp(struct hv_device *d /* sema_wait(&NetVscChannel->channel_init_sema); */ /* Post the big receive buffer to NetVSP */ + if (net_dev->nvsp_version <= NVSP_PROTOCOL_VERSION_2) + net_dev->rx_buf_size = NETVSC_RECEIVE_BUFFER_SIZE_LEGACY; + else + net_dev->rx_buf_size = NETVSC_RECEIVE_BUFFER_SIZE; + net_dev->send_buf_size = NETVSC_SEND_BUFFER_SIZE; + ret = hv_nv_init_rx_buffer_with_net_vsp(device); if (ret == 0) ret = hv_nv_init_send_buffer_with_net_vsp(device); @@ -675,9 +681,6 @@ hv_nv_on_device_add(struct hv_device *de goto cleanup; /* Initialize the NetVSC channel extension */ - net_dev->rx_buf_size = NETVSC_RECEIVE_BUFFER_SIZE; - - net_dev->send_buf_size = NETVSC_SEND_BUFFER_SIZE; sema_init(&net_dev->channel_init_sema, 0, "netdev_sema"); @@ -918,6 +921,7 @@ hv_nv_on_receive(netvsc_dev *net_dev, st */ hv_nv_on_receive_completion(device, vm_xfer_page_pkt->d.transaction_id, status); + hv_rf_receive_rollup(net_dev); } /* Modified: stable/10/sys/dev/hyperv/netvsc/hv_net_vsc.h ============================================================================== --- stable/10/sys/dev/hyperv/netvsc/hv_net_vsc.h Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/netvsc/hv_net_vsc.h Fri Feb 19 02:03:14 2016 (r295789) @@ -44,6 +44,12 @@ #include #include +#include +#include + +#include +#include + #include MALLOC_DECLARE(M_NETVSC); @@ -851,7 +857,7 @@ typedef struct nvsp_msg_ { #define NETVSC_SEND_BUFFER_SIZE (1024*1024*15) /* 15M */ #define NETVSC_SEND_BUFFER_ID 0xface - +#define NETVSC_RECEIVE_BUFFER_SIZE_LEGACY (1024*1024*15) /* 15MB */ #define NETVSC_RECEIVE_BUFFER_SIZE (1024*1024*16) /* 16MB */ #define NETVSC_RECEIVE_BUFFER_ID 0xcafe @@ -984,6 +990,7 @@ typedef struct { typedef struct hn_softc { struct ifnet *hn_ifp; struct arpcom arpcom; + struct ifmedia hn_media; device_t hn_dev; uint8_t hn_unit; int hn_carrier; @@ -994,6 +1001,18 @@ typedef struct hn_softc { int temp_unusable; struct hv_device *hn_dev_obj; netvsc_dev *net_dev; + + struct lro_ctrl hn_lro; + int hn_lro_hiwat; + + /* Trust tcp segments verification on host side */ + int hn_trust_hosttcp; + + u_long hn_csum_ip; + u_long hn_csum_tcp; + u_long hn_csum_trusted; + u_long hn_lro_tried; + u_long hn_small_pkts; } hn_softc_t; Modified: stable/10/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c ============================================================================== --- stable/10/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/netvsc/hv_netvsc_drv_freebsd.c Fri Feb 19 02:03:14 2016 (r295789) @@ -69,6 +69,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -138,13 +139,14 @@ __FBSDID("$FreeBSD$"); CSUM_IP_ISCSI|CSUM_IP6_UDP|CSUM_IP6_TCP|CSUM_IP6_SCTP| \ CSUM_IP6_TSO|CSUM_IP6_ISCSI) -/* - * Data types - */ - -struct hv_netvsc_driver_context { - uint32_t drv_inited; -}; +/* XXX move to netinet/tcp_lro.h */ +#define HN_LRO_HIWAT_MAX 65535 +#define HN_LRO_HIWAT_DEF HN_LRO_HIWAT_MAX +/* YYY 2*MTU is a bit rough, but should be good enough. */ +#define HN_LRO_HIWAT_MTULIM(ifp) (2 * (ifp)->if_mtu) +#define HN_LRO_HIWAT_ISVALID(sc, hiwat) \ + ((hiwat) >= HN_LRO_HIWAT_MTULIM((sc)->hn_ifp) || \ + (hiwat) <= HN_LRO_HIWAT_MAX) /* * Be aware that this sleepable mutex will exhibit WITNESS errors when @@ -168,9 +170,9 @@ struct hv_netvsc_driver_context { int hv_promisc_mode = 0; /* normal mode by default */ -/* The one and only one */ -static struct hv_netvsc_driver_context g_netvsc_drv; - +/* Trust tcp segements verification on host side. */ +static int hn_trust_hosttcp = 0; +TUNABLE_INT("dev.hn.trust_hosttcp", &hn_trust_hosttcp); /* * Forward declarations @@ -181,6 +183,21 @@ static void hn_ifinit(void *xsc); static int hn_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data); static int hn_start_locked(struct ifnet *ifp); static void hn_start(struct ifnet *ifp); +static int hn_ifmedia_upd(struct ifnet *ifp); +static void hn_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr); +#ifdef HN_LRO_HIWAT +static int hn_lro_hiwat_sysctl(SYSCTL_HANDLER_ARGS); +#endif +static int hn_check_iplen(const struct mbuf *, int); + +static __inline void +hn_set_lro_hiwat(struct hn_softc *sc, int hiwat) +{ + sc->hn_lro_hiwat = hiwat; +#ifdef HN_LRO_HIWAT + sc->hn_lro.lro_hiwat = sc->hn_lro_hiwat; +#endif +} /* * NetVsc get message transport protocol type @@ -238,35 +255,27 @@ static uint32_t get_transport_proto_type return (ret_val); } -/* - * NetVsc driver initialization - * Note: Filter init is no longer required - */ static int -netvsc_drv_init(void) +hn_ifmedia_upd(struct ifnet *ifp __unused) { - return (0); + + return EOPNOTSUPP; } -/* - * NetVsc global initialization entry point - */ static void -netvsc_init(void) +hn_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr) { - if (bootverbose) - printf("Netvsc initializing... "); + struct hn_softc *sc = ifp->if_softc; - /* - * XXXKYS: cleanup initialization - */ - if (!cold && !g_netvsc_drv.drv_inited) { - g_netvsc_drv.drv_inited = 1; - netvsc_drv_init(); - if (bootverbose) - printf("done!\n"); - } else if (bootverbose) - printf("Already initialized!\n"); + ifmr->ifm_status = IFM_AVALID; + ifmr->ifm_active = IFM_ETHER; + + if (!sc->hn_carrier) { + ifmr->ifm_active |= IFM_NONE; + return; + } + ifmr->ifm_status |= IFM_ACTIVE; + ifmr->ifm_active |= IFM_10G_T | IFM_FDX; } /* {F8615163-DF3E-46c5-913F-F2D2F965ED0E} */ @@ -310,10 +319,10 @@ netvsc_attach(device_t dev) hn_softc_t *sc; int unit = device_get_unit(dev); struct ifnet *ifp; + struct sysctl_oid_list *child; + struct sysctl_ctx_list *ctx; int ret; - netvsc_init(); - sc = device_get_softc(dev); if (sc == NULL) { return (ENOMEM); @@ -322,6 +331,8 @@ netvsc_attach(device_t dev) bzero(sc, sizeof(hn_softc_t)); sc->hn_unit = unit; sc->hn_dev = dev; + sc->hn_lro_hiwat = HN_LRO_HIWAT_DEF; + sc->hn_trust_hosttcp = hn_trust_hosttcp; NV_LOCK_INIT(sc, "NetVSCLock"); @@ -344,14 +355,22 @@ netvsc_attach(device_t dev) ifp->if_snd.ifq_drv_maxlen = 511; IFQ_SET_READY(&ifp->if_snd); + ifmedia_init(&sc->hn_media, 0, hn_ifmedia_upd, hn_ifmedia_sts); + ifmedia_add(&sc->hn_media, IFM_ETHER | IFM_AUTO, 0, NULL); + ifmedia_set(&sc->hn_media, IFM_ETHER | IFM_AUTO); + /* XXX ifmedia_set really should do this for us */ + sc->hn_media.ifm_media = sc->hn_media.ifm_cur->ifm_media; + /* * Tell upper layers that we support full VLAN capability. */ ifp->if_data.ifi_hdrlen = sizeof(struct ether_vlan_header); ifp->if_capabilities |= - IFCAP_VLAN_HWTAGGING | IFCAP_VLAN_MTU | IFCAP_HWCSUM | IFCAP_TSO; + IFCAP_VLAN_HWTAGGING | IFCAP_VLAN_MTU | IFCAP_HWCSUM | IFCAP_TSO | + IFCAP_LRO; ifp->if_capenable |= - IFCAP_VLAN_HWTAGGING | IFCAP_VLAN_MTU | IFCAP_HWCSUM | IFCAP_TSO; + IFCAP_VLAN_HWTAGGING | IFCAP_VLAN_MTU | IFCAP_HWCSUM | IFCAP_TSO | + IFCAP_LRO; /* * Only enable UDP checksum offloading when it is on 2012R2 or * later. UDP checksum offloading doesn't work on earlier @@ -372,8 +391,63 @@ netvsc_attach(device_t dev) sc->hn_carrier = 1; } +#if defined(INET) || defined(INET6) + tcp_lro_init(&sc->hn_lro); + /* Driver private LRO settings */ + sc->hn_lro.ifp = ifp; +#ifdef HN_LRO_HIWAT + sc->hn_lro.lro_hiwat = sc->hn_lro_hiwat; +#endif +#endif /* INET || INET6 */ + ether_ifattach(ifp, device_info.mac_addr); + ctx = device_get_sysctl_ctx(dev); + child = SYSCTL_CHILDREN(device_get_sysctl_tree(dev)); + + SYSCTL_ADD_INT(ctx, child, OID_AUTO, "lro_queued", + CTLFLAG_RW, &sc->hn_lro.lro_queued, 0, "LRO queued"); + SYSCTL_ADD_INT(ctx, child, OID_AUTO, "lro_flushed", + CTLFLAG_RW, &sc->hn_lro.lro_flushed, 0, "LRO flushed"); + SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "lro_tried", + CTLFLAG_RW, &sc->hn_lro_tried, "# of LRO tries"); +#ifdef HN_LRO_HIWAT + SYSCTL_ADD_PROC(ctx, child, OID_AUTO, "lro_hiwat", + CTLTYPE_INT | CTLFLAG_RW, sc, 0, hn_lro_hiwat_sysctl, + "I", "LRO high watermark"); +#endif + SYSCTL_ADD_INT(ctx, child, OID_AUTO, "trust_hosttcp", + CTLFLAG_RW, &sc->hn_trust_hosttcp, 0, + "Trust tcp segement verification on host side, " + "when csum info is missing"); + SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "csum_ip", + CTLFLAG_RW, &sc->hn_csum_ip, "RXCSUM IP"); + SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "csum_tcp", + CTLFLAG_RW, &sc->hn_csum_tcp, "RXCSUM TCP"); + SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "csum_trusted", + CTLFLAG_RW, &sc->hn_csum_trusted, + "# of TCP segements that we trust host's csum verification"); + SYSCTL_ADD_ULONG(ctx, child, OID_AUTO, "small_pkts", + CTLFLAG_RW, &sc->hn_small_pkts, "# of small packets received"); + + if (unit == 0) { + struct sysctl_ctx_list *dc_ctx; + struct sysctl_oid_list *dc_child; + devclass_t dc; + + /* + * Add sysctl nodes for devclass + */ + dc = device_get_devclass(dev); + dc_ctx = devclass_get_sysctl_ctx(dc); + dc_child = SYSCTL_CHILDREN(devclass_get_sysctl_tree(dc)); + + SYSCTL_ADD_INT(dc_ctx, dc_child, OID_AUTO, "trust_hosttcp", + CTLFLAG_RD, &hn_trust_hosttcp, 0, + "Trust tcp segement verification on host side, " + "when csum info is missing (global setting)"); + } + return (0); } @@ -383,6 +457,7 @@ netvsc_attach(device_t dev) static int netvsc_detach(device_t dev) { + struct hn_softc *sc = device_get_softc(dev); struct hv_device *hv_device = vmbus_get_devctx(dev); if (bootverbose) @@ -401,6 +476,11 @@ netvsc_detach(device_t dev) hv_rf_on_device_remove(hv_device, HV_RF_NV_DESTROY_CHANNEL); + ifmedia_removeall(&sc->hn_media); +#if defined(INET) || defined(INET6) + tcp_lro_free(&sc->hn_lro); +#endif + return (0); } @@ -887,7 +967,7 @@ netvsc_recv(struct hv_device *device_ctx struct mbuf *m_new; struct ifnet *ifp; device_t dev = device_ctx->device; - int size; + int size, do_lro = 0; if (sc == NULL) { return (0); /* TODO: KYS how can this be! */ @@ -906,40 +986,44 @@ netvsc_recv(struct hv_device *device_ctx */ if (packet->tot_data_buf_len > (ifp->if_mtu + ETHER_HDR_LEN)) { return (0); - } - - /* - * Get an mbuf with a cluster. For packets 2K or less, - * get a standard 2K cluster. For anything larger, get a - * 4K cluster. Any buffers larger than 4K can cause problems - * if looped around to the Hyper-V TX channel, so avoid them. - */ - size = MCLBYTES; - - if (packet->tot_data_buf_len > MCLBYTES) { - /* 4096 */ - size = MJUMPAGESIZE; - } + } else if (packet->tot_data_buf_len <= MHLEN) { + m_new = m_gethdr(M_NOWAIT, MT_DATA); + if (m_new == NULL) + return (0); + memcpy(mtod(m_new, void *), packet->data, + packet->tot_data_buf_len); + m_new->m_pkthdr.len = m_new->m_len = packet->tot_data_buf_len; + sc->hn_small_pkts++; + } else { + /* + * Get an mbuf with a cluster. For packets 2K or less, + * get a standard 2K cluster. For anything larger, get a + * 4K cluster. Any buffers larger than 4K can cause problems + * if looped around to the Hyper-V TX channel, so avoid them. + */ + size = MCLBYTES; + if (packet->tot_data_buf_len > MCLBYTES) { + /* 4096 */ + size = MJUMPAGESIZE; + } - m_new = m_getjcl(M_DONTWAIT, MT_DATA, M_PKTHDR, size); + m_new = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, size); + if (m_new == NULL) { + device_printf(dev, "alloc mbuf failed.\n"); + return (0); + } - if (m_new == NULL) { - device_printf(dev, "alloc mbuf failed.\n"); - return (0); + hv_m_append(m_new, packet->tot_data_buf_len, packet->data); } - - hv_m_append(m_new, packet->tot_data_buf_len, - packet->data); - m_new->m_pkthdr.rcvif = ifp; /* receive side checksum offload */ - m_new->m_pkthdr.csum_flags = 0; if (NULL != csum_info) { /* IP csum offload */ if (csum_info->receive.ip_csum_succeeded) { m_new->m_pkthdr.csum_flags |= (CSUM_IP_CHECKED | CSUM_IP_VALID); + sc->hn_csum_ip++; } /* TCP csum offload */ @@ -947,9 +1031,50 @@ netvsc_recv(struct hv_device *device_ctx m_new->m_pkthdr.csum_flags |= (CSUM_DATA_VALID | CSUM_PSEUDO_HDR); m_new->m_pkthdr.csum_data = 0xffff; + sc->hn_csum_tcp++; } - } + if (csum_info->receive.ip_csum_succeeded && + csum_info->receive.tcp_csum_succeeded) + do_lro = 1; + } else { + const struct ether_header *eh; + uint16_t etype; + int hoff; + + hoff = sizeof(*eh); + if (m_new->m_len < hoff) + goto skip; + eh = mtod(m_new, struct ether_header *); + etype = ntohs(eh->ether_type); + if (etype == ETHERTYPE_VLAN) { + const struct ether_vlan_header *evl; + + hoff = sizeof(*evl); + if (m_new->m_len < hoff) + goto skip; + evl = mtod(m_new, struct ether_vlan_header *); + etype = ntohs(evl->evl_proto); + } + + if (etype == ETHERTYPE_IP) { + int pr; + + pr = hn_check_iplen(m_new, hoff); + if (pr == IPPROTO_TCP) { + if (sc->hn_trust_hosttcp) { + sc->hn_csum_trusted++; + m_new->m_pkthdr.csum_flags |= + (CSUM_IP_CHECKED | CSUM_IP_VALID | + CSUM_DATA_VALID | CSUM_PSEUDO_HDR); + m_new->m_pkthdr.csum_data = 0xffff; + } + /* Rely on SW csum verification though... */ + do_lro = 1; + } + } + } +skip: if ((packet->vlan_tci != 0) && (ifp->if_capenable & IFCAP_VLAN_HWTAGGING) != 0) { m_new->m_pkthdr.ether_vtag = packet->vlan_tci; @@ -963,12 +1088,41 @@ netvsc_recv(struct hv_device *device_ctx ifp->if_ipackets++; + if ((ifp->if_capenable & IFCAP_LRO) && do_lro) { +#if defined(INET) || defined(INET6) + struct lro_ctrl *lro = &sc->hn_lro; + + if (lro->lro_cnt) { + sc->hn_lro_tried++; + if (tcp_lro_rx(lro, m_new, 0) == 0) { + /* DONE! */ + return 0; + } + } +#endif + } + /* We're not holding the lock here, so don't release it */ (*ifp->if_input)(ifp, m_new); return (0); } +void +netvsc_recv_rollup(struct hv_device *device_ctx) +{ +#if defined(INET) || defined(INET6) + hn_softc_t *sc = device_get_softc(device_ctx->device); + struct lro_ctrl *lro = &sc->hn_lro; + struct lro_entry *queued; + + while ((queued = SLIST_FIRST(&lro->lro_active)) != NULL) { + SLIST_REMOVE_HEAD(&lro->lro_active, next); + tcp_lro_flush(lro, queued); + } +#endif +} + /* * Rules for using sc->temp_unusable: * 1. sc->temp_unusable can only be read or written while holding NV_LOCK() @@ -1024,7 +1178,13 @@ hn_ioctl(struct ifnet *ifp, u_long cmd, /* Obtain and record requested MTU */ ifp->if_mtu = ifr->ifr_mtu; - + /* + * Make sure that LRO high watermark is still valid, + * after MTU change (the 2*MTU limit). + */ + if (!HN_LRO_HIWAT_ISVALID(sc, sc->hn_lro_hiwat)) + hn_set_lro_hiwat(sc, HN_LRO_HIWAT_MTULIM(ifp)); + do { NV_LOCK(sc); if (!sc->temp_unusable) { @@ -1149,6 +1309,8 @@ hn_ioctl(struct ifnet *ifp, u_long cmd, ifp->if_capenable |= IFCAP_RXCSUM; } } + if (mask & IFCAP_LRO) + ifp->if_capenable ^= IFCAP_LRO; if (mask & IFCAP_TSO4) { ifp->if_capenable ^= IFCAP_TSO4; @@ -1173,10 +1335,11 @@ hn_ioctl(struct ifnet *ifp, u_long cmd, error = 0; } #endif - /* FALLTHROUGH */ + error = EINVAL; + break; case SIOCSIFMEDIA: case SIOCGIFMEDIA: - error = EINVAL; + error = ifmedia_ioctl(ifp, ifr, &sc->hn_media, cmd); break; default: error = ether_ioctl(ifp, cmd, data); @@ -1294,6 +1457,102 @@ hn_watchdog(struct ifnet *ifp) } #endif +#ifdef HN_LRO_HIWAT +static int +hn_lro_hiwat_sysctl(SYSCTL_HANDLER_ARGS) +{ + struct hn_softc *sc = arg1; + int hiwat, error; + + hiwat = sc->hn_lro_hiwat; + error = sysctl_handle_int(oidp, &hiwat, 0, req); + if (error || req->newptr == NULL) + return error; + + if (!HN_LRO_HIWAT_ISVALID(sc, hiwat)) + return EINVAL; + + if (sc->hn_lro_hiwat != hiwat) + hn_set_lro_hiwat(sc, hiwat); + return 0; +} +#endif /* HN_LRO_HIWAT */ + +static int +hn_check_iplen(const struct mbuf *m, int hoff) +{ + const struct ip *ip; + int len, iphlen, iplen; + const struct tcphdr *th; + int thoff; /* TCP data offset */ + + len = hoff + sizeof(struct ip); + + /* The packet must be at least the size of an IP header. */ + if (m->m_pkthdr.len < len) + return IPPROTO_DONE; + + /* The fixed IP header must reside completely in the first mbuf. */ + if (m->m_len < len) + return IPPROTO_DONE; + + ip = mtodo(m, hoff); + + /* Bound check the packet's stated IP header length. */ + iphlen = ip->ip_hl << 2; + if (iphlen < sizeof(struct ip)) /* minimum header length */ + return IPPROTO_DONE; + + /* The full IP header must reside completely in the one mbuf. */ + if (m->m_len < hoff + iphlen) + return IPPROTO_DONE; + + iplen = ntohs(ip->ip_len); + + /* + * Check that the amount of data in the buffers is as + * at least much as the IP header would have us expect. + */ + if (m->m_pkthdr.len < hoff + iplen) + return IPPROTO_DONE; + + /* + * Ignore IP fragments. + */ + if (ntohs(ip->ip_off) & (IP_OFFMASK | IP_MF)) + return IPPROTO_DONE; + + /* + * The TCP/IP or UDP/IP header must be entirely contained within + * the first fragment of a packet. + */ + switch (ip->ip_p) { + case IPPROTO_TCP: + if (iplen < iphlen + sizeof(struct tcphdr)) + return IPPROTO_DONE; + if (m->m_len < hoff + iphlen + sizeof(struct tcphdr)) + return IPPROTO_DONE; + th = (const struct tcphdr *)((const uint8_t *)ip + iphlen); + thoff = th->th_off << 2; + if (thoff < sizeof(struct tcphdr) || thoff + iphlen > iplen) + return IPPROTO_DONE; + if (m->m_len < hoff + iphlen + thoff) + return IPPROTO_DONE; + break; + case IPPROTO_UDP: + if (iplen < iphlen + sizeof(struct udphdr)) + return IPPROTO_DONE; + if (m->m_len < hoff + iphlen + sizeof(struct udphdr)) + return IPPROTO_DONE; + break; + default: + if (iplen < iphlen) + return IPPROTO_DONE; + break; + } + return ip->ip_p; +} + static device_method_t netvsc_methods[] = { /* Device interface */ DEVMETHOD(device_probe, netvsc_probe), @@ -1315,6 +1574,3 @@ static devclass_t netvsc_devclass; DRIVER_MODULE(hn, vmbus, netvsc_driver, netvsc_devclass, 0, 0); MODULE_VERSION(hn, 1); MODULE_DEPEND(hn, vmbus, 1, 1, 1); -SYSINIT(netvsc_initx, SI_SUB_KTHREAD_IDLE, SI_ORDER_MIDDLE + 1, netvsc_init, - NULL); - Modified: stable/10/sys/dev/hyperv/netvsc/hv_rndis.h ============================================================================== --- stable/10/sys/dev/hyperv/netvsc/hv_rndis.h Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/netvsc/hv_rndis.h Fri Feb 19 02:03:14 2016 (r295789) @@ -1049,6 +1049,7 @@ typedef struct rndismp_rx_bufs_info_ { int netvsc_recv(struct hv_device *device_ctx, netvsc_packet *packet, rndis_tcp_ip_csum_info *csum_info); +void netvsc_recv_rollup(struct hv_device *device_ctx); void* hv_set_rppi_data(rndis_msg *rndis_mesg, uint32_t rppi_size, Modified: stable/10/sys/dev/hyperv/netvsc/hv_rndis_filter.c ============================================================================== --- stable/10/sys/dev/hyperv/netvsc/hv_rndis_filter.c Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/netvsc/hv_rndis_filter.c Fri Feb 19 02:03:14 2016 (r295789) @@ -963,3 +963,14 @@ hv_rf_on_send_request_halt_completion(vo request->halt_complete_flag = 1; } +/* + * RNDIS filter when "all" reception is done + */ +void +hv_rf_receive_rollup(netvsc_dev *net_dev) +{ + rndis_device *rndis_dev; + + rndis_dev = (rndis_device *)net_dev->extension; + netvsc_recv_rollup(rndis_dev->net_dev->dev); +} Modified: stable/10/sys/dev/hyperv/netvsc/hv_rndis_filter.h ============================================================================== --- stable/10/sys/dev/hyperv/netvsc/hv_rndis_filter.h Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/netvsc/hv_rndis_filter.h Fri Feb 19 02:03:14 2016 (r295789) @@ -98,6 +98,7 @@ typedef struct rndis_device_ { int hv_rf_on_receive(netvsc_dev *net_dev, struct hv_device *device, netvsc_packet *pkt); +void hv_rf_receive_rollup(netvsc_dev *net_dev); int hv_rf_on_device_add(struct hv_device *device, void *additl_info); int hv_rf_on_device_remove(struct hv_device *device, boolean_t destroy_channel); int hv_rf_on_open(struct hv_device *device); Modified: stable/10/sys/dev/hyperv/vmbus/hv_connection.c ============================================================================== --- stable/10/sys/dev/hyperv/vmbus/hv_connection.c Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/vmbus/hv_connection.c Fri Feb 19 02:03:14 2016 (r295789) @@ -254,7 +254,7 @@ hv_vmbus_connect(void) { hv_vmbus_protocal_version = version; if (bootverbose) - printf("VMBUS: Portocal Version: %d.%d\n", + printf("VMBUS: Protocol Version: %d.%d\n", version >> 16, version & 0xFFFF); sema_destroy(&msg_info->wait_sema); @@ -426,12 +426,6 @@ VmbusProcessChannelEvent(uint32_t relid) // mtx_unlock(&channel->inbound_lock); } -#ifdef HV_DEBUG_INTR -extern uint32_t hv_intr_count; -extern uint32_t hv_vmbus_swintr_event_cpu[MAXCPU]; -extern uint32_t hv_vmbus_intr_cpu[MAXCPU]; -#endif - /** * Handler for events */ @@ -452,17 +446,6 @@ hv_vmbus_on_events(void *arg) KASSERT(cpu <= mp_maxid, ("VMBUS: hv_vmbus_on_events: " "cpu out of range!")); -#ifdef HV_DEBUG_INTR - int i; - hv_vmbus_swintr_event_cpu[cpu]++; - if (hv_intr_count % 10000 == 0) { - printf("VMBUS: Total interrupt %d\n", hv_intr_count); - for (i = 0; i < mp_ncpus; i++) - printf("VMBUS: hw cpu[%d]: %d, event sw intr cpu[%d]: %d\n", - i, hv_vmbus_intr_cpu[i], i, hv_vmbus_swintr_event_cpu[i]); - } -#endif - if ((hv_vmbus_protocal_version == HV_VMBUS_VERSION_WS2008) || (hv_vmbus_protocal_version == HV_VMBUS_VERSION_WIN7)) { maxdword = HV_MAX_NUM_CHANNELS_SUPPORTED >> 5; Copied: stable/10/sys/dev/hyperv/vmbus/hv_et.c (from r293873, head/sys/dev/hyperv/vmbus/hv_et.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/10/sys/dev/hyperv/vmbus/hv_et.c Fri Feb 19 02:03:14 2016 (r295789, copy of r293873, head/sys/dev/hyperv/vmbus/hv_et.c) @@ -0,0 +1,131 @@ +/*- + * Copyright (c) 2015 Microsoft Corp. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include +#include +#include +#include +#include +#include + +#include "hv_vmbus_priv.h" + +#define HV_TIMER_FREQUENCY (10 * 1000 * 1000LL) /* 100ns period */ +#define HV_MAX_DELTA_TICKS 0xffffffffLL +#define HV_MIN_DELTA_TICKS 1LL + +static struct eventtimer et; +static uint64_t periodticks[MAXCPU]; + +static inline uint64_t +sbintime2tick(sbintime_t time) +{ + struct timespec val; + + val = sbttots(time); + return val.tv_sec * HV_TIMER_FREQUENCY + val.tv_nsec / 100; +} + +static int +hv_et_start(struct eventtimer *et, sbintime_t firsttime, sbintime_t periodtime) +{ + union hv_timer_config timer_cfg; + uint64_t current; + + timer_cfg.as_uint64 = 0; + timer_cfg.auto_enable = 1; + timer_cfg.sintx = HV_VMBUS_MESSAGE_SINT; + + periodticks[curcpu] = sbintime2tick(periodtime); + if (firsttime == 0) + firsttime = periodtime; + + current = rdmsr(HV_X64_MSR_TIME_REF_COUNT); + current += sbintime2tick(firsttime); + + wrmsr(HV_X64_MSR_STIMER0_CONFIG, timer_cfg.as_uint64); + wrmsr(HV_X64_MSR_STIMER0_COUNT, current); + + return (0); +} + +static int +hv_et_stop(struct eventtimer *et) +{ + wrmsr(HV_X64_MSR_STIMER0_CONFIG, 0); + wrmsr(HV_X64_MSR_STIMER0_COUNT, 0); + + return (0); +} + +void +hv_et_intr(struct trapframe *frame) +{ + union hv_timer_config timer_cfg; + struct trapframe *oldframe; + struct thread *td; + + if (periodticks[curcpu] != 0) { + uint64_t tick = sbintime2tick(periodticks[curcpu]); + timer_cfg.as_uint64 = rdmsr(HV_X64_MSR_STIMER0_CONFIG); + timer_cfg.enable = 0; + timer_cfg.auto_enable = 1; + timer_cfg.periodic = 1; + periodticks[curcpu] = 0; + + wrmsr(HV_X64_MSR_STIMER0_CONFIG, timer_cfg.as_uint64); + wrmsr(HV_X64_MSR_STIMER0_COUNT, tick); + } + + if (et.et_active) { + td = curthread; + td->td_intr_nesting_level++; + oldframe = td->td_intr_frame; + td->td_intr_frame = frame; + et.et_event_cb(&et, et.et_arg); + td->td_intr_frame = oldframe; + td->td_intr_nesting_level--; + } +} + +void +hv_et_init(void) +{ + et.et_name = "HyperV"; + et.et_flags = ET_FLAGS_ONESHOT | ET_FLAGS_PERCPU | ET_FLAGS_PERIODIC; + et.et_quality = 1000; + et.et_frequency = HV_TIMER_FREQUENCY; + et.et_min_period = (1LL << 32) / HV_TIMER_FREQUENCY; + et.et_max_period = HV_MAX_DELTA_TICKS * ((1LL << 32) / HV_TIMER_FREQUENCY); + et.et_start = hv_et_start; + et.et_stop = hv_et_stop; + et.et_priv = &et; + et_register(&et); +} + Modified: stable/10/sys/dev/hyperv/vmbus/hv_hv.c ============================================================================== --- stable/10/sys/dev/hyperv/vmbus/hv_hv.c Fri Feb 19 01:57:51 2016 (r295788) +++ stable/10/sys/dev/hyperv/vmbus/hv_hv.c Fri Feb 19 02:03:14 2016 (r295789) @@ -37,6 +37,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -44,23 +45,11 @@ __FBSDID("$FreeBSD$"); #include "hv_vmbus_priv.h" -#define HV_X64_MSR_GUEST_OS_ID 0x40000000 - -#define HV_X64_CPUID_MIN 0x40000005 -#define HV_X64_CPUID_MAX 0x4000ffff -#define HV_X64_MSR_TIME_REF_COUNT 0x40000020 - #define HV_NANOSECONDS_PER_SEC 1000000000L static u_int hv_get_timecount(struct timecounter *tc); -static inline void do_cpuid_inline(unsigned int op, unsigned int *eax, - unsigned int *ebx, unsigned int *ecx, unsigned int *edx) { - __asm__ __volatile__("cpuid" : "=a" (*eax), "=b" (*ebx), "=c" (*ecx), - "=d" (*edx) : "0" (op), "c" (ecx)); -} - /** * Globals */ @@ -86,27 +75,10 @@ hv_get_timecount(struct timecounter *tc) int hv_vmbus_query_hypervisor_presence(void) { - u_int regs[4]; - int hyper_v_detected = 0; - - /* - * When Xen is detected and native Xen PV support is enabled, - * ignore Xen's HyperV emulation. - */ - if (vm_guest == VM_GUEST_XEN) + if (vm_guest != VM_GUEST_HV) return (0); - do_cpuid(1, regs); - if (regs[2] & 0x80000000) { /* if(a hypervisor is detected) */ - /* make sure this really is Hyper-V */ - /* we look at the CPUID info */ - do_cpuid(HV_X64_MSR_GUEST_OS_ID, regs); - hyper_v_detected = - regs[0] >= HV_X64_CPUID_MIN && - regs[0] <= HV_X64_CPUID_MAX && - !memcmp("Microsoft Hv", ®s[1], 12); - } - return (hyper_v_detected); + return (hv_high >= HV_X64_CPUID_MIN && hv_high <= HV_X64_CPUID_MAX); } /** @@ -115,10 +87,7 @@ hv_vmbus_query_hypervisor_presence(void) static int hv_vmbus_get_hypervisor_version(void) { - unsigned int eax; - unsigned int ebx; - unsigned int ecx; - unsigned int edx; + u_int regs[4]; unsigned int maxLeaf; unsigned int op; @@ -127,28 +96,16 @@ hv_vmbus_get_hypervisor_version(void) * Viridian is present * Query id and revision. */ - eax = 0; - ebx = 0; - ecx = 0; - edx = 0; op = HV_CPU_ID_FUNCTION_HV_VENDOR_AND_MAX_FUNCTION; - do_cpuid_inline(op, &eax, &ebx, &ecx, &edx); + do_cpuid(op, regs); - maxLeaf = eax; - eax = 0; - ebx = 0; - ecx = 0; - edx = 0; + maxLeaf = regs[0]; op = HV_CPU_ID_FUNCTION_HV_INTERFACE; - do_cpuid_inline(op, &eax, &ebx, &ecx, &edx); + do_cpuid(op, regs); if (maxLeaf >= HV_CPU_ID_FUNCTION_MS_HV_VERSION) { - eax = 0; - ebx = 0; - ecx = 0; *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable-10@freebsd.org Fri Feb 19 09:58:15 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E99BFAAD369; Fri, 19 Feb 2016 09:58:15 +0000 (UTC) (envelope-from des@des.no) Received: from smtp.des.no (smtp.des.no [194.63.250.102]) by mx1.freebsd.org (Postfix) with ESMTP id B34F515E9; Fri, 19 Feb 2016 09:58:15 +0000 (UTC) (envelope-from des@des.no) Received: from desk.des.no (smtp.des.no [194.63.250.102]) by smtp.des.no (Postfix) with ESMTP id B5ED8C58C; Fri, 19 Feb 2016 09:58:13 +0000 (UTC) Received: by desk.des.no (Postfix, from userid 1001) id DEF184653B; Fri, 19 Feb 2016 10:58:04 +0100 (CET) From: =?utf-8?Q?Dag-Erling_Sm=C3=B8rgrav?= To: Bryan Drewery Cc: Slawa Olhovchenkov , src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: Re: svn commit: r294693 - in stable/10: . crypto/openssh secure/lib/libssh secure/usr.bin/ssh secure/usr.sbin/sshd share/mk tools/build/options References: <201601242228.u0OMSIn7032949@repo.freebsd.org> <20160213192402.GC37895@zxy.spb.ru> <86wpq4vmn8.fsf@desk.des.no> <56C6448D.3050501@FreeBSD.org> Date: Fri, 19 Feb 2016 10:58:04 +0100 In-Reply-To: <56C6448D.3050501@FreeBSD.org> (Bryan Drewery's message of "Thu, 18 Feb 2016 14:24:13 -0800") Message-ID: <86egc9konn.fsf@desk.des.no> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Feb 2016 09:58:16 -0000 Bryan Drewery writes: > If this is true it needs to be fixed. We can't be causing sshd to not > come up on a minor upgrade. It's ssh, not sshd. DES --=20 Dag-Erling Sm=C3=B8rgrav - des@des.no From owner-svn-src-stable-10@freebsd.org Fri Feb 19 17:14:35 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6EF69AAEEDA; Fri, 19 Feb 2016 17:14:35 +0000 (UTC) (envelope-from ken@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 400ED1D0D; Fri, 19 Feb 2016 17:14:35 +0000 (UTC) (envelope-from ken@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1JHEYnb067242; Fri, 19 Feb 2016 17:14:34 GMT (envelope-from ken@FreeBSD.org) Received: (from ken@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1JHEYVA067241; Fri, 19 Feb 2016 17:14:34 GMT (envelope-from ken@FreeBSD.org) Message-Id: <201602191714.u1JHEYVA067241@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: ken set sender to ken@FreeBSD.org using -f From: "Kenneth D. Merry" Date: Fri, 19 Feb 2016 17:14:34 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295819 - stable/10/sys/cam/scsi X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 19 Feb 2016 17:14:35 -0000 Author: ken Date: Fri Feb 19 17:14:34 2016 New Revision: 295819 URL: https://svnweb.freebsd.org/changeset/base/295819 Log: MFC, r295417: r295417 | ken | 2016-02-08 15:13:08 -0700 (Mon, 08 Feb 2016) | 9 lines Fix the SCSI Extended INQUIRY probe case when an error is returned and a retry is scheduled. Instead of leaving the device queue frozen, unfreeze the device queue so that the retry can happen. Sponsored by: Spectra Logic Approved by: re (gjb) Modified: stable/10/sys/cam/scsi/scsi_xpt.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/cam/scsi/scsi_xpt.c ============================================================================== --- stable/10/sys/cam/scsi/scsi_xpt.c Fri Feb 19 16:56:07 2016 (r295818) +++ stable/10/sys/cam/scsi/scsi_xpt.c Fri Feb 19 17:14:34 2016 (r295819) @@ -1521,7 +1521,7 @@ out: } else if (cam_periph_error(done_ccb, 0, SF_RETRY_UA, &softc->saved_ccb) == ERESTART) { - return; + goto outr; } else if ((done_ccb->ccb_h.status & CAM_DEV_QFRZN) != 0) { /* Don't wedge the queue */ xpt_release_devq(done_ccb->ccb_h.path, /*count*/1, From owner-svn-src-stable-10@freebsd.org Sat Feb 20 10:56:47 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id CB5CAAAFA9C; Sat, 20 Feb 2016 10:56:47 +0000 (UTC) (envelope-from smh@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 94C5DA3B; Sat, 20 Feb 2016 10:56:47 +0000 (UTC) (envelope-from smh@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1KAukTF078957; Sat, 20 Feb 2016 10:56:46 GMT (envelope-from smh@FreeBSD.org) Received: (from smh@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1KAukrV078956; Sat, 20 Feb 2016 10:56:46 GMT (envelope-from smh@FreeBSD.org) Message-Id: <201602201056.u1KAukrV078956@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: smh set sender to smh@FreeBSD.org using -f From: Steven Hartland Date: Sat, 20 Feb 2016 10:56:46 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295835 - stable/10/sys/boot/i386/gptboot X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Feb 2016 10:56:47 -0000 Author: smh Date: Sat Feb 20 10:56:46 2016 New Revision: 295835 URL: https://svnweb.freebsd.org/changeset/base/295835 Log: MFC r272785: Null terminate boot config buffer PR: 207070 Approved by: re (gjb) Sponsored by: Multiplay Modified: stable/10/sys/boot/i386/gptboot/gptboot.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/boot/i386/gptboot/gptboot.c ============================================================================== --- stable/10/sys/boot/i386/gptboot/gptboot.c Sat Feb 20 07:45:21 2016 (r295834) +++ stable/10/sys/boot/i386/gptboot/gptboot.c Sat Feb 20 10:56:46 2016 (r295835) @@ -132,6 +132,7 @@ int main(void) { char cmd[512], cmdtmp[512]; + ssize_t sz; int autoboot, dskupdated; ufs_ino_t ino; @@ -160,9 +161,10 @@ main(void) for (;;) { *kname = '\0'; if ((ino = lookup(PATH_CONFIG)) || - (ino = lookup(PATH_DOTCONFIG))) - fsread(ino, cmd, sizeof(cmd)); - + (ino = lookup(PATH_DOTCONFIG))) { + sz = fsread(ino, cmd, sizeof(cmd) - 1); + cmd[(sz < 0) ? 0 : sz] = '\0'; + } if (*cmd != '\0') { memcpy(cmdtmp, cmd, sizeof(cmdtmp)); if (parse(cmdtmp, &dskupdated)) From owner-svn-src-stable-10@freebsd.org Sat Feb 20 22:58:34 2016 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A5614AAF0F2; Sat, 20 Feb 2016 22:58:34 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 78BDCD88; Sat, 20 Feb 2016 22:58:34 +0000 (UTC) (envelope-from des@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u1KMwXRr091212; Sat, 20 Feb 2016 22:58:33 GMT (envelope-from des@FreeBSD.org) Received: (from des@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u1KMwXOD091211; Sat, 20 Feb 2016 22:58:33 GMT (envelope-from des@FreeBSD.org) Message-Id: <201602202258.u1KMwXOD091211@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: des set sender to des@FreeBSD.org using -f From: =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= Date: Sat, 20 Feb 2016 22:58:33 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r295843 - stable/10/lib/libfetch X-SVN-Group: stable-10 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 20 Feb 2016 22:58:34 -0000 Author: des Date: Sat Feb 20 22:58:33 2016 New Revision: 295843 URL: https://svnweb.freebsd.org/changeset/base/295843 Log: MFH (r294326): fall back to standard / configured CA store PR: 193871 Approved by: re (gjb) Modified: stable/10/lib/libfetch/common.c Directory Properties: stable/10/ (props changed) Modified: stable/10/lib/libfetch/common.c ============================================================================== --- stable/10/lib/libfetch/common.c Sat Feb 20 17:29:04 2016 (r295842) +++ stable/10/lib/libfetch/common.c Sat Feb 20 22:58:33 2016 (r295843) @@ -705,7 +705,8 @@ fetch_ssl_setup_peer_verification(SSL_CT if (ca_cert_file == NULL && access(LOCAL_CERT_FILE, R_OK) == 0) ca_cert_file = LOCAL_CERT_FILE; - if (ca_cert_file == NULL) + if (ca_cert_file == NULL && + access(BASE_CERT_FILE, R_OK) == 0) ca_cert_file = BASE_CERT_FILE; ca_cert_path = getenv("SSL_CA_CERT_PATH"); if (verbose) { @@ -716,11 +717,17 @@ fetch_ssl_setup_peer_verification(SSL_CT if (ca_cert_path != NULL) fetch_info("Using CA cert path: %s", ca_cert_path); + if (ca_cert_file == NULL && ca_cert_path == NULL) + fetch_info("Using OpenSSL default " + "CA cert file and path"); } SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, fetch_ssl_cb_verify_crt); - SSL_CTX_load_verify_locations(ctx, ca_cert_file, - ca_cert_path); + if (ca_cert_file != NULL || ca_cert_path != NULL) + SSL_CTX_load_verify_locations(ctx, ca_cert_file, + ca_cert_path); + else + SSL_CTX_set_default_verify_paths(ctx); if ((crl_file = getenv("SSL_CRL_FILE")) != NULL) { if (verbose) fetch_info("Using CRL file: %s", crl_file);