From owner-svn-src-releng@freebsd.org Mon Nov 19 13:59:13 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8317811046BD; Mon, 19 Nov 2018 13:59:13 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 262ED76542; Mon, 19 Nov 2018 13:59:13 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DE55022EE1; Mon, 19 Nov 2018 13:59:12 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAJDxCKR052072; Mon, 19 Nov 2018 13:59:12 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAJDxCc9052068; Mon, 19 Nov 2018 13:59:12 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201811191359.wAJDxCc9052068@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Mon, 19 Nov 2018 13:59:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340627 - in releng/12.0/sys: amd64/vmm/intel x86/include x86/x86 X-SVN-Group: releng X-SVN-Commit-Author: kib X-SVN-Commit-Paths: in releng/12.0/sys: amd64/vmm/intel x86/include x86/x86 X-SVN-Commit-Revision: 340627 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 262ED76542 X-Spamd-Result: default: False [0.73 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.58)[0.584,0]; NEURAL_SPAM_MEDIUM(0.15)[0.147,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Nov 2018 13:59:13 -0000 Author: kib Date: Mon Nov 19 13:59:11 2018 New Revision: 340627 URL: https://svnweb.freebsd.org/changeset/base/340627 Log: MFS r340605: Align IA32_ARCH_CAP MSR definitions and use with SDM rev. 068. Approved by: re (gjb) Modified: releng/12.0/sys/amd64/vmm/intel/vmx.c releng/12.0/sys/x86/include/specialreg.h releng/12.0/sys/x86/x86/cpu_machdep.c releng/12.0/sys/x86/x86/identcpu.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/amd64/vmm/intel/vmx.c ============================================================================== --- releng/12.0/sys/amd64/vmm/intel/vmx.c Mon Nov 19 10:01:03 2018 (r340626) +++ releng/12.0/sys/amd64/vmm/intel/vmx.c Mon Nov 19 13:59:11 2018 (r340627) @@ -814,7 +814,8 @@ vmx_init(int ipinum) return (error); } - guest_l1d_flush = (cpu_ia32_arch_caps & IA32_ARCH_CAP_RDCL_NO) == 0; + guest_l1d_flush = (cpu_ia32_arch_caps & + IA32_ARCH_CAP_SKIP_L1DFL_VMENTRY) == 0; TUNABLE_INT_FETCH("hw.vmm.l1d_flush", &guest_l1d_flush); /* Modified: releng/12.0/sys/x86/include/specialreg.h ============================================================================== --- releng/12.0/sys/x86/include/specialreg.h Mon Nov 19 10:01:03 2018 (r340626) +++ releng/12.0/sys/x86/include/specialreg.h Mon Nov 19 13:59:11 2018 (r340627) @@ -434,7 +434,9 @@ /* MSR IA32_ARCH_CAP(ABILITIES) bits */ #define IA32_ARCH_CAP_RDCL_NO 0x00000001 #define IA32_ARCH_CAP_IBRS_ALL 0x00000002 -#define IA32_ARCH_CAP_SSBD_NO 0x00000004 +#define IA32_ARCH_CAP_RSBA 0x00000004 +#define IA32_ARCH_CAP_SKIP_L1DFL_VMENTRY 0x00000008 +#define IA32_ARCH_CAP_SSB_NO 0x00000010 /* * CPUID manufacturers identifiers Modified: releng/12.0/sys/x86/x86/cpu_machdep.c ============================================================================== --- releng/12.0/sys/x86/x86/cpu_machdep.c Mon Nov 19 10:01:03 2018 (r340626) +++ releng/12.0/sys/x86/x86/cpu_machdep.c Mon Nov 19 13:59:11 2018 (r340627) @@ -891,7 +891,7 @@ hw_ssb_recalculate(bool all_cpus) hw_ssb_set(true, all_cpus); break; case 2: /* auto */ - hw_ssb_set((cpu_ia32_arch_caps & IA32_ARCH_CAP_SSBD_NO) != 0 ? + hw_ssb_set((cpu_ia32_arch_caps & IA32_ARCH_CAP_SSB_NO) != 0 ? false : true, all_cpus); break; } Modified: releng/12.0/sys/x86/x86/identcpu.c ============================================================================== --- releng/12.0/sys/x86/x86/identcpu.c Mon Nov 19 10:01:03 2018 (r340626) +++ releng/12.0/sys/x86/x86/identcpu.c Mon Nov 19 13:59:11 2018 (r340627) @@ -1014,6 +1014,9 @@ printcpuinfo(void) "\020" "\001RDCL_NO" "\002IBRS_ALL" + "\003RSBA" + "\004SKIP_L1DFL_VME" + "\005SSB_NO" ); } From owner-svn-src-releng@freebsd.org Mon Nov 19 14:19:29 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EEB1C1104CC0; Mon, 19 Nov 2018 14:19:28 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 9476176FFF; Mon, 19 Nov 2018 14:19:28 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 731FF23221; Mon, 19 Nov 2018 14:19:28 +0000 (UTC) (envelope-from kib@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAJEJSl5062375; Mon, 19 Nov 2018 14:19:28 GMT (envelope-from kib@FreeBSD.org) Received: (from kib@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAJEJSl4062374; Mon, 19 Nov 2018 14:19:28 GMT (envelope-from kib@FreeBSD.org) Message-Id: <201811191419.wAJEJSl4062374@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kib set sender to kib@FreeBSD.org using -f From: Konstantin Belousov Date: Mon, 19 Nov 2018 14:19:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340628 - releng/12.0/sys/kern X-SVN-Group: releng X-SVN-Commit-Author: kib X-SVN-Commit-Paths: releng/12.0/sys/kern X-SVN-Commit-Revision: 340628 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 9476176FFF X-Spamd-Result: default: False [0.48 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.46)[0.460,0]; NEURAL_SPAM_MEDIUM(0.02)[0.018,0] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Nov 2018 14:19:29 -0000 Author: kib Date: Mon Nov 19 14:19:27 2018 New Revision: 340628 URL: https://svnweb.freebsd.org/changeset/base/340628 Log: MFS r340603: Allow set ether/vlan PCP operation from the VNET jails. Approved by: re (gjb) Modified: releng/12.0/sys/kern/kern_jail.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/kern/kern_jail.c ============================================================================== --- releng/12.0/sys/kern/kern_jail.c Mon Nov 19 13:59:11 2018 (r340627) +++ releng/12.0/sys/kern/kern_jail.c Mon Nov 19 14:19:27 2018 (r340628) @@ -3062,6 +3062,7 @@ prison_priv_check(struct ucred *cred, int priv) case PRIV_NET_SETIFMETRIC: case PRIV_NET_SETIFPHYS: case PRIV_NET_SETIFMAC: + case PRIV_NET_SETLANPCP: case PRIV_NET_ADDMULTI: case PRIV_NET_DELMULTI: case PRIV_NET_HWIOCTL: From owner-svn-src-releng@freebsd.org Mon Nov 19 15:49:41 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DA07111074EE; Mon, 19 Nov 2018 15:49:40 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 81A2C7B620; Mon, 19 Nov 2018 15:49:40 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 48A9B2410A; Mon, 19 Nov 2018 15:49:40 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAJFne3H009052; Mon, 19 Nov 2018 15:49:40 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAJFnd6S009050; Mon, 19 Nov 2018 15:49:39 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201811191549.wAJFnd6S009050@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Mon, 19 Nov 2018 15:49:39 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340633 - in releng/12.0/sys: amd64/conf riscv/conf X-SVN-Group: releng X-SVN-Commit-Author: gjb X-SVN-Commit-Paths: in releng/12.0/sys: amd64/conf riscv/conf X-SVN-Commit-Revision: 340633 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 81A2C7B620 X-Spamd-Result: default: False [0.58 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.55)[0.550,0]; NEURAL_SPAM_MEDIUM(0.03)[0.027,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Nov 2018 15:49:41 -0000 Author: gjb Date: Mon Nov 19 15:49:39 2018 New Revision: 340633 URL: https://svnweb.freebsd.org/changeset/base/340633 Log: MFS12 r340630: Remove debugging options from amd64 MINIMAL [1] and riscv GENERIC kernel configuration files. This should have been turned off when stable/12 branched. Submitted by: Harry Schmalzbauer [1] Approved by: re (kib) Sponsored by: The FreeBSD Foundation Modified: releng/12.0/sys/amd64/conf/MINIMAL releng/12.0/sys/riscv/conf/GENERIC Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/amd64/conf/MINIMAL ============================================================================== --- releng/12.0/sys/amd64/conf/MINIMAL Mon Nov 19 15:36:58 2018 (r340632) +++ releng/12.0/sys/amd64/conf/MINIMAL Mon Nov 19 15:49:39 2018 (r340633) @@ -82,15 +82,6 @@ options INCLUDE_CONFIG_FILE # Include this file in ke # Debugging support. Always need this: options KDB # Enable kernel debugger support. options KDB_TRACE # Print a stack trace for a panic. -# For full debugger support use (turn off in stable branch): -options DDB # Support DDB. -options GDB # Support remote GDB. -options DEADLKRES # Enable the deadlock resolver -options INVARIANTS # Enable calls of extra sanity checking -options INVARIANT_SUPPORT # Extra sanity checks of internal structures, required by INVARIANTS -options WITNESS # Enable checks to detect deadlocks and cycles -options WITNESS_SKIPSPIN # Don't run witness on spinlocks for speed -options MALLOC_DEBUG_MAXZONES=8 # Separate malloc(9) zones # Make an SMP-capable kernel by default options SMP # Symmetric MultiProcessor Kernel Modified: releng/12.0/sys/riscv/conf/GENERIC ============================================================================== --- releng/12.0/sys/riscv/conf/GENERIC Mon Nov 19 15:36:58 2018 (r340632) +++ releng/12.0/sys/riscv/conf/GENERIC Mon Nov 19 15:49:39 2018 (r340633) @@ -114,17 +114,6 @@ device uart_ns8250 # ns8250-type UART driver # Debugging support. Always need this: options KDB # Enable kernel debugger support. options KDB_TRACE # Print a stack trace for a panic. -# For full debugger support use (turn off in stable branch): -options DDB # Support DDB. -# options GDB # Support remote GDB. -options DEADLKRES # Enable the deadlock resolver -options INVARIANTS # Enable calls of extra sanity checking -options INVARIANT_SUPPORT # Extra sanity checks of internal structures, required by INVARIANTS -# options WITNESS # Enable checks to detect deadlocks and cycles -# options WITNESS_SKIPSPIN # Don't run witness on spinlocks for speed -options MALLOC_DEBUG_MAXZONES=8 # Separate malloc(9) zones -# options EARLY_PRINTF -# options VERBOSE_SYSINIT # Kernel dump features. options ZSTDIO # zstd-compressed kernel and user dumps From owner-svn-src-releng@freebsd.org Mon Nov 19 16:40:20 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9DB0611092D3; Mon, 19 Nov 2018 16:40:20 +0000 (UTC) (envelope-from shurd@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3CE477DF6E; Mon, 19 Nov 2018 16:40:20 +0000 (UTC) (envelope-from shurd@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1D80B24942; Mon, 19 Nov 2018 16:40:20 +0000 (UTC) (envelope-from shurd@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAJGeKqf035825; Mon, 19 Nov 2018 16:40:20 GMT (envelope-from shurd@FreeBSD.org) Received: (from shurd@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAJGeJDb035824; Mon, 19 Nov 2018 16:40:19 GMT (envelope-from shurd@FreeBSD.org) Message-Id: <201811191640.wAJGeJDb035824@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: shurd set sender to shurd@FreeBSD.org using -f From: Stephen Hurd Date: Mon, 19 Nov 2018 16:40:19 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340634 - releng/12.0/sys/net X-SVN-Group: releng X-SVN-Commit-Author: shurd X-SVN-Commit-Paths: releng/12.0/sys/net X-SVN-Commit-Revision: 340634 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 3CE477DF6E X-Spamd-Result: default: False [0.51 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_MEDIUM(0.03)[0.027,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_SPAM_SHORT(0.49)[0.487,0] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Nov 2018 16:40:20 -0000 Author: shurd Date: Mon Nov 19 16:40:19 2018 New Revision: 340634 URL: https://svnweb.freebsd.org/changeset/base/340634 Log: MFS r340629 r340434: Fix leaks caused by ifc_nhwtxqs never being initialized (broken by r333502) and clear the last ring in the case where isc_nfl != isc_nrxqs r340445: Clear RX completion queue state variables in iflib_stop() Approved by: re (gjb) Sponsored by: Limelight Networks Modified: releng/12.0/sys/net/iflib.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/net/iflib.c ============================================================================== --- releng/12.0/sys/net/iflib.c Mon Nov 19 15:49:39 2018 (r340633) +++ releng/12.0/sys/net/iflib.c Mon Nov 19 16:40:19 2018 (r340634) @@ -175,8 +175,6 @@ struct iflib_ctx { struct sx ifc_ctx_sx; struct mtx ifc_state_mtx; - uint16_t ifc_nhwtxqs; - iflib_txq_t ifc_txqs; iflib_rxq_t ifc_rxqs; uint32_t ifc_if_flags; @@ -1771,6 +1769,7 @@ iflib_txq_setup(iflib_txq_t txq) { if_ctx_t ctx = txq->ift_ctx; if_softc_ctx_t scctx = &ctx->ifc_softc_ctx; + if_shared_ctx_t sctx = ctx->ifc_sctx; iflib_dma_info_t di; int i; @@ -1784,11 +1783,11 @@ iflib_txq_setup(iflib_txq_t txq) txq->ift_pidx = txq->ift_cidx = txq->ift_npending = 0; txq->ift_size = scctx->isc_ntxd[txq->ift_br_offset]; - for (i = 0, di = txq->ift_ifdi; i < ctx->ifc_nhwtxqs; i++, di++) + for (i = 0, di = txq->ift_ifdi; i < sctx->isc_ntxqs; i++, di++) bzero((void *)di->idi_vaddr, di->idi_size); IFDI_TXQ_SETUP(ctx, txq->ift_id); - for (i = 0, di = txq->ift_ifdi; i < ctx->ifc_nhwtxqs; i++, di++) + for (i = 0, di = txq->ift_ifdi; i < sctx->isc_ntxqs; i++, di++) bus_dmamap_sync(di->idi_tag, di->idi_map, BUS_DMASYNC_PREREAD | BUS_DMASYNC_PREWRITE); return (0); @@ -2375,6 +2374,7 @@ iflib_stop(if_ctx_t ctx) iflib_txq_t txq = ctx->ifc_txqs; iflib_rxq_t rxq = ctx->ifc_rxqs; if_softc_ctx_t scctx = &ctx->ifc_softc_ctx; + if_shared_ctx_t sctx = ctx->ifc_sctx; iflib_dma_info_t di; iflib_fl_t fl; int i, j; @@ -2408,13 +2408,14 @@ iflib_stop(if_ctx_t ctx) txq->ift_no_tx_dma_setup = txq->ift_txd_encap_efbig = txq->ift_map_failed = 0; txq->ift_pullups = 0; ifmp_ring_reset_stats(txq->ift_br); - for (j = 0, di = txq->ift_ifdi; j < ctx->ifc_nhwtxqs; j++, di++) + for (j = 0, di = txq->ift_ifdi; j < sctx->isc_ntxqs; j++, di++) bzero((void *)di->idi_vaddr, di->idi_size); } for (i = 0; i < scctx->isc_nrxqsets; i++, rxq++) { /* make sure all transmitters have completed before proceeding XXX */ - for (j = 0, di = rxq->ifr_ifdi; j < rxq->ifr_nfl; j++, di++) + rxq->ifr_cq_gen = rxq->ifr_cq_cidx = rxq->ifr_cq_pidx = 0; + for (j = 0, di = rxq->ifr_ifdi; j < sctx->isc_nrxqs; j++, di++) bzero((void *)di->idi_vaddr, di->idi_size); /* also resets the free lists pidx/cidx */ for (j = 0, fl = rxq->ifr_fl; j < rxq->ifr_nfl; j++, fl++) @@ -5516,11 +5517,12 @@ static void iflib_tx_structures_free(if_ctx_t ctx) { iflib_txq_t txq = ctx->ifc_txqs; + if_shared_ctx_t sctx = ctx->ifc_sctx; int i, j; for (i = 0; i < NTXQSETS(ctx); i++, txq++) { iflib_txq_destroy(txq); - for (j = 0; j < ctx->ifc_nhwtxqs; j++) + for (j = 0; j < sctx->isc_ntxqs; j++) iflib_dma_free(&txq->ift_ifdi[j]); } free(ctx->ifc_txqs, M_IFLIB); From owner-svn-src-releng@freebsd.org Tue Nov 20 00:43:15 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9A2B01131029; Tue, 20 Nov 2018 00:43:15 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3E7836D0A6; Tue, 20 Nov 2018 00:43:15 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 198F11934; Tue, 20 Nov 2018 00:43:15 +0000 (UTC) (envelope-from brooks@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAK0hEs2091430; Tue, 20 Nov 2018 00:43:14 GMT (envelope-from brooks@FreeBSD.org) Received: (from brooks@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAK0hErJ091429; Tue, 20 Nov 2018 00:43:14 GMT (envelope-from brooks@FreeBSD.org) Message-Id: <201811200043.wAK0hErJ091429@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brooks set sender to brooks@FreeBSD.org using -f From: Brooks Davis Date: Tue, 20 Nov 2018 00:43:14 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340657 - releng/12.0/sys/dev/pci X-SVN-Group: releng X-SVN-Commit-Author: brooks X-SVN-Commit-Paths: releng/12.0/sys/dev/pci X-SVN-Commit-Revision: 340657 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 3E7836D0A6 X-Spamd-Result: default: False [0.42 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.41)[0.405,0]; NEURAL_SPAM_MEDIUM(0.02)[0.018,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2018 00:43:15 -0000 Author: brooks Date: Tue Nov 20 00:43:14 2018 New Revision: 340657 URL: https://svnweb.freebsd.org/changeset/base/340657 Log: MFS r340643: MFC r340489-r340490 r340489: Fix freebsd32 support for PCIOCGETCONF. This fixes regresssions in pciconf -l and some ports as reported on freebsd-current: https://lists.freebsd.org/pipermail/freebsd-current/2018-November/072144.html Reported by: jbeich Reviewed by: kib (also proposed an idential patch) Tested by: jbeich Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D18011 r340490: Fix stray tab. Reported by: jbeich MFC with: r340489 Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D18011 Approved by: re (gjb) Modified: releng/12.0/sys/dev/pci/pci_user.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/dev/pci/pci_user.c ============================================================================== --- releng/12.0/sys/dev/pci/pci_user.c Tue Nov 20 00:08:33 2018 (r340656) +++ releng/12.0/sys/dev/pci/pci_user.c Tue Nov 20 00:43:14 2018 (r340657) @@ -945,6 +945,9 @@ pci_ioctl(struct cdev *dev, u_long cmd, caddr_t data, if (!(flag & FWRITE)) { switch (cmd) { case PCIOCGETCONF: +#ifdef COMPAT_FREEBSD32 + case PCIOCGETCONF32: +#endif #ifdef PRE7_COMPAT case PCIOCGETCONF_OLD: #ifdef COMPAT_FREEBSD32 @@ -962,6 +965,9 @@ pci_ioctl(struct cdev *dev, u_long cmd, caddr_t data, switch (cmd) { case PCIOCGETCONF: +#ifdef COMPAT_FREEBSD32 + case PCIOCGETCONF32: +#endif #ifdef PRE7_COMPAT case PCIOCGETCONF_OLD: #ifdef COMPAT_FREEBSD32 From owner-svn-src-releng@freebsd.org Tue Nov 20 17:43:25 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 285171137B5D; Tue, 20 Nov 2018 17:43:25 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BE498780FE; Tue, 20 Nov 2018 17:43:24 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9F6181496D; Tue, 20 Nov 2018 17:43:24 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAKHhOrw021014; Tue, 20 Nov 2018 17:43:24 GMT (envelope-from markj@FreeBSD.org) Received: (from markj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAKHhOBE021013; Tue, 20 Nov 2018 17:43:24 GMT (envelope-from markj@FreeBSD.org) Message-Id: <201811201743.wAKHhOBE021013@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: markj set sender to markj@FreeBSD.org using -f From: Mark Johnston Date: Tue, 20 Nov 2018 17:43:24 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340685 - releng/12.0/sys/arm64/arm64 X-SVN-Group: releng X-SVN-Commit-Author: markj X-SVN-Commit-Paths: releng/12.0/sys/arm64/arm64 X-SVN-Commit-Revision: 340685 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: BE498780FE X-Spamd-Result: default: False [0.55 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.40)[0.404,0]; NEURAL_SPAM_MEDIUM(0.14)[0.143,0]; NEURAL_SPAM_LONG(0.00)[0.001,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2018 17:43:25 -0000 Author: markj Date: Tue Nov 20 17:43:24 2018 New Revision: 340685 URL: https://svnweb.freebsd.org/changeset/base/340685 Log: MFstable/12 r340680: Handle kernel superpage mappings in pmap_remove_l2(). PR: 233088 Approved by: re (gjb) Modified: releng/12.0/sys/arm64/arm64/pmap.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/arm64/arm64/pmap.c ============================================================================== --- releng/12.0/sys/arm64/arm64/pmap.c Tue Nov 20 17:10:44 2018 (r340684) +++ releng/12.0/sys/arm64/arm64/pmap.c Tue Nov 20 17:43:24 2018 (r340685) @@ -2382,8 +2382,40 @@ pmap_pv_insert_l2(pmap_t pmap, vm_offset_t va, pd_entr return (true); } +static void +pmap_remove_kernel_l2(pmap_t pmap, pt_entry_t *l2, vm_offset_t va) +{ + pt_entry_t newl2, oldl2; + vm_page_t ml3; + vm_paddr_t ml3pa; + + KASSERT(!VIRT_IN_DMAP(va), ("removing direct mapping of %#lx", va)); + KASSERT(pmap == kernel_pmap, ("pmap %p is not kernel_pmap", pmap)); + PMAP_LOCK_ASSERT(pmap, MA_OWNED); + + ml3 = pmap_remove_pt_page(pmap, va); + if (ml3 == NULL) + panic("pmap_remove_kernel_l2: Missing pt page"); + + ml3pa = VM_PAGE_TO_PHYS(ml3); + newl2 = ml3pa | L2_TABLE; + + /* + * Initialize the page table page. + */ + pagezero((void *)PHYS_TO_DMAP(ml3pa)); + + /* + * Demote the mapping. The caller must have already invalidated the + * mapping (i.e., the "break" in break-before-make). + */ + oldl2 = pmap_load_store(l2, newl2); + KASSERT(oldl2 == 0, ("%s: found existing mapping at %p: %#lx", + __func__, l2, oldl2)); +} + /* - * pmap_remove_l2: do the things to unmap a level 2 superpage in a process + * pmap_remove_l2: Do the things to unmap a level 2 superpage. */ static int pmap_remove_l2(pmap_t pmap, pt_entry_t *l2, vm_offset_t sva, @@ -2419,16 +2451,18 @@ pmap_remove_l2(pmap_t pmap, pt_entry_t *l2, vm_offset_ vm_page_aflag_clear(m, PGA_WRITEABLE); } } - KASSERT(pmap != kernel_pmap, - ("Attempting to remove an l2 kernel page")); - ml3 = pmap_remove_pt_page(pmap, sva); - if (ml3 != NULL) { - pmap_resident_count_dec(pmap, 1); - KASSERT(ml3->wire_count == NL3PG, - ("pmap_remove_l2: l3 page wire count error")); - ml3->wire_count = 1; - vm_page_unwire_noq(ml3); - pmap_add_delayed_free_list(ml3, free, FALSE); + if (pmap == kernel_pmap) { + pmap_remove_kernel_l2(pmap, l2, sva); + } else { + ml3 = pmap_remove_pt_page(pmap, sva); + if (ml3 != NULL) { + pmap_resident_count_dec(pmap, 1); + KASSERT(ml3->wire_count == NL3PG, + ("pmap_remove_l2: l3 page wire count error")); + ml3->wire_count = 1; + vm_page_unwire_noq(ml3); + pmap_add_delayed_free_list(ml3, free, FALSE); + } } return (pmap_unuse_pt(pmap, sva, l1e, free)); } From owner-svn-src-releng@freebsd.org Tue Nov 20 18:14:35 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E89581138CA0; Tue, 20 Nov 2018 18:14:34 +0000 (UTC) (envelope-from mjg@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7F3497A4D5; Tue, 20 Nov 2018 18:14:34 +0000 (UTC) (envelope-from mjg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 831E814E60; Tue, 20 Nov 2018 18:14:31 +0000 (UTC) (envelope-from mjg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAKIEV3M038571; Tue, 20 Nov 2018 18:14:31 GMT (envelope-from mjg@FreeBSD.org) Received: (from mjg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAKIEUJe038566; Tue, 20 Nov 2018 18:14:30 GMT (envelope-from mjg@FreeBSD.org) Message-Id: <201811201814.wAKIEUJe038566@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mjg set sender to mjg@FreeBSD.org using -f From: Mateusz Guzik Date: Tue, 20 Nov 2018 18:14:30 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340688 - in releng/12.0: . lib/libc/amd64/string sys/amd64/amd64 X-SVN-Group: releng X-SVN-Commit-Author: mjg X-SVN-Commit-Paths: in releng/12.0: . lib/libc/amd64/string sys/amd64/amd64 X-SVN-Commit-Revision: 340688 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 7F3497A4D5 X-Spamd-Result: default: False [0.57 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_LONG(0.00)[0.004,0]; NEURAL_SPAM_SHORT(0.41)[0.410,0]; NEURAL_SPAM_MEDIUM(0.16)[0.160,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2018 18:14:35 -0000 Author: mjg Date: Tue Nov 20 18:14:30 2018 New Revision: 340688 URL: https://svnweb.freebsd.org/changeset/base/340688 Log: MFC r339531,r339579,r340252,r340463,r340464,340472,r340587 amd64: tidy up memset to have rax set earlier for small sizes amd64: finish the tail in memset with an overlapping store amd64: align memset buffers to 16 bytes before using rep stos amd64: convert libc bzero to a C func to avoid future bloat amd64: sync up libc memset with the kernel version amd64: handle small memset buffers with overlapping stores Fix -DNO_CLEAN amd64 build after r340463 Approved by: re (gjb) Added: releng/12.0/lib/libc/amd64/string/bzero.c - copied unchanged from r340684, stable/12/lib/libc/amd64/string/bzero.c Deleted: releng/12.0/lib/libc/amd64/string/bzero.S Modified: releng/12.0/Makefile.inc1 releng/12.0/lib/libc/amd64/string/Makefile.inc releng/12.0/lib/libc/amd64/string/memset.S releng/12.0/sys/amd64/amd64/support.S Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/Makefile.inc1 ============================================================================== --- releng/12.0/Makefile.inc1 Tue Nov 20 18:13:18 2018 (r340687) +++ releng/12.0/Makefile.inc1 Tue Nov 20 18:14:30 2018 (r340688) @@ -948,6 +948,13 @@ _cleanobj_fast_depend_hack: .PHONY ${LIBCOMPAT:D${LIBCOMPAT_OBJTOP}/lib/libc/.depend.${f}.*}; \ fi .endfor +# 20181115 r340463 bzero reimplemented as .c + @if [ -e "${OBJTOP}/lib/libc/.depend.bzero.o" ] && \ + egrep -qw 'bzero\.[sS]' ${OBJTOP}/lib/libc/.depend.bzero.o; then \ + echo "Removing stale dependencies for bzero"; \ + rm -f ${OBJTOP}/lib/libc/.depend.bzero.* \ + ${LIBCOMPAT:D${LIBCOMPAT_OBJTOP}/lib/libc/.depend.bzero.*}; \ + fi # 20181009 track migration from ntp's embedded libevent to updated one @if [ -e "${OBJTOP}/usr.sbin/ntp/libntpevent/.depend.bufferevent_openssl.o" ] && \ egrep -q 'contrib/ntp/sntp/libevent/bufferevent_openssl.c' \ Modified: releng/12.0/lib/libc/amd64/string/Makefile.inc ============================================================================== --- releng/12.0/lib/libc/amd64/string/Makefile.inc Tue Nov 20 18:13:18 2018 (r340687) +++ releng/12.0/lib/libc/amd64/string/Makefile.inc Tue Nov 20 18:14:30 2018 (r340688) @@ -2,7 +2,6 @@ MDSRCS+= \ bcmp.S \ - bzero.S \ memcmp.S \ memcpy.S \ memmove.S \ Copied: releng/12.0/lib/libc/amd64/string/bzero.c (from r340684, stable/12/lib/libc/amd64/string/bzero.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/12.0/lib/libc/amd64/string/bzero.c Tue Nov 20 18:14:30 2018 (r340688, copy of r340684, stable/12/lib/libc/amd64/string/bzero.c) @@ -0,0 +1,15 @@ +/*- + * Public domain. + */ + +#include +__FBSDID("$FreeBSD$"); + +#include + +void +bzero(void *b, size_t len) +{ + + memset(b, 0, len); +} Modified: releng/12.0/lib/libc/amd64/string/memset.S ============================================================================== --- releng/12.0/lib/libc/amd64/string/memset.S Tue Nov 20 18:13:18 2018 (r340687) +++ releng/12.0/lib/libc/amd64/string/memset.S Tue Nov 20 18:14:30 2018 (r340688) @@ -31,101 +31,112 @@ #include __FBSDID("$FreeBSD$"); -.macro MEMSET bzero erms -.if \bzero == 1 - movq %rsi,%rcx - movq %rsi,%rdx - xorl %eax,%eax -.else - movq %rdi,%r9 +#define ALIGN_TEXT .p2align 4,0x90 /* 16-byte alignment, nop filled */ + +.macro MEMSET erms + movq %rdi,%rax movq %rdx,%rcx movzbq %sil,%r8 - movabs $0x0101010101010101,%rax - imulq %r8,%rax -.endif + movabs $0x0101010101010101,%r10 + imulq %r8,%r10 cmpq $32,%rcx - jb 1016f + jbe 101632f cmpq $256,%rcx ja 1256f -1032: - movq %rax,(%rdi) - movq %rax,8(%rdi) - movq %rax,16(%rdi) - movq %rax,24(%rdi) +103200: + movq %r10,(%rdi) + movq %r10,8(%rdi) + movq %r10,16(%rdi) + movq %r10,24(%rdi) leaq 32(%rdi),%rdi subq $32,%rcx cmpq $32,%rcx - jae 1032b - cmpb $0,%cl - je 1000f -1016: + ja 103200b cmpb $16,%cl - jl 1008f - movq %rax,(%rdi) - movq %rax,8(%rdi) - subb $16,%cl - jz 1000f - leaq 16(%rdi),%rdi -1008: + ja 201632f + movq %r10,-16(%rdi,%rcx) + movq %r10,-8(%rdi,%rcx) + ret + ALIGN_TEXT +101632: + cmpb $16,%cl + jl 100816f +201632: + movq %r10,(%rdi) + movq %r10,8(%rdi) + movq %r10,-16(%rdi,%rcx) + movq %r10,-8(%rdi,%rcx) + ret + ALIGN_TEXT +100816: cmpb $8,%cl - jl 1004f - movq %rax,(%rdi) - subb $8,%cl - jz 1000f - leaq 8(%rdi),%rdi -1004: + jl 100408f + movq %r10,(%rdi) + movq %r10,-8(%rdi,%rcx) + ret + ALIGN_TEXT +100408: cmpb $4,%cl - jl 1002f - movl %eax,(%rdi) - subb $4,%cl - jz 1000f - leaq 4(%rdi),%rdi -1002: + jl 100204f + movl %r10d,(%rdi) + movl %r10d,-4(%rdi,%rcx) + ret + ALIGN_TEXT +100204: cmpb $2,%cl - jl 1001f - movw %ax,(%rdi) - subb $2,%cl - jz 1000f - leaq 2(%rdi),%rdi -1001: - cmpb $1,%cl - jl 1000f - movb %al,(%rdi) -1000: -.if \bzero == 0 - movq %r9,%rax -.endif + jl 100001f + movw %r10w,(%rdi) + movw %r10w,-2(%rdi,%rcx) ret - + ALIGN_TEXT +100001: + cmpb $0,%cl + je 100000f + movb %r10b,(%rdi) +100000: + ret + ALIGN_TEXT 1256: + movq %rdi,%r9 + movq %r10,%rax + testl $15,%edi + jnz 3f +1: .if \erms == 1 rep stosb + movq %r9,%rax .else + movq %rcx,%rdx shrq $3,%rcx rep stosq - movq %rdx,%rcx - andb $7,%cl - jne 1004b -.endif -.if \bzero == 0 movq %r9,%rax + andl $7,%edx + jnz 2f + ret +2: + movq %r10,-8(%rdi,%rdx) .endif ret + ALIGN_TEXT +3: + movq %r10,(%rdi) + movq %r10,8(%rdi) + movq %rdi,%r8 + andq $15,%r8 + leaq -16(%rcx,%r8),%rcx + neg %r8 + leaq 16(%rdi,%r8),%rdi + jmp 1b .endm -#ifndef BZERO + ENTRY(memset) - MEMSET bzero=0 erms=0 + MEMSET erms=0 END(memset) -#else -ENTRY(bzero) - MEMSET bzero=1 erms=0 -END(bzero) -#endif .section .note.GNU-stack,"",%progbits Modified: releng/12.0/sys/amd64/amd64/support.S ============================================================================== --- releng/12.0/sys/amd64/amd64/support.S Tue Nov 20 18:13:18 2018 (r340687) +++ releng/12.0/sys/amd64/amd64/support.S Tue Nov 20 18:14:30 2018 (r340688) @@ -452,82 +452,112 @@ END(memcpy_erms) */ .macro MEMSET erms PUSH_FRAME_POINTER - movq %rdi,%r9 + movq %rdi,%rax movq %rdx,%rcx movzbq %sil,%r8 - movabs $0x0101010101010101,%rax - imulq %r8,%rax + movabs $0x0101010101010101,%r10 + imulq %r8,%r10 cmpq $32,%rcx - jb 1016f + jbe 101632f cmpq $256,%rcx ja 1256f -1032: - movq %rax,(%rdi) - movq %rax,8(%rdi) - movq %rax,16(%rdi) - movq %rax,24(%rdi) +103200: + movq %r10,(%rdi) + movq %r10,8(%rdi) + movq %r10,16(%rdi) + movq %r10,24(%rdi) leaq 32(%rdi),%rdi subq $32,%rcx cmpq $32,%rcx - jae 1032b - cmpb $0,%cl - je 1000f -1016: + ja 103200b cmpb $16,%cl - jl 1008f - movq %rax,(%rdi) - movq %rax,8(%rdi) - subb $16,%cl - jz 1000f - leaq 16(%rdi),%rdi -1008: + ja 201632f + movq %r10,-16(%rdi,%rcx) + movq %r10,-8(%rdi,%rcx) + POP_FRAME_POINTER + ret + ALIGN_TEXT +101632: + cmpb $16,%cl + jl 100816f +201632: + movq %r10,(%rdi) + movq %r10,8(%rdi) + movq %r10,-16(%rdi,%rcx) + movq %r10,-8(%rdi,%rcx) + POP_FRAME_POINTER + ret + ALIGN_TEXT +100816: cmpb $8,%cl - jl 1004f - movq %rax,(%rdi) - subb $8,%cl - jz 1000f - leaq 8(%rdi),%rdi -1004: + jl 100408f + movq %r10,(%rdi) + movq %r10,-8(%rdi,%rcx) + POP_FRAME_POINTER + ret + ALIGN_TEXT +100408: cmpb $4,%cl - jl 1002f - movl %eax,(%rdi) - subb $4,%cl - jz 1000f - leaq 4(%rdi),%rdi -1002: + jl 100204f + movl %r10d,(%rdi) + movl %r10d,-4(%rdi,%rcx) + POP_FRAME_POINTER + ret + ALIGN_TEXT +100204: cmpb $2,%cl - jl 1001f - movw %ax,(%rdi) - subb $2,%cl - jz 1000f - leaq 2(%rdi),%rdi -1001: - cmpb $1,%cl - jl 1000f - movb %al,(%rdi) -1000: - movq %r9,%rax + jl 100001f + movw %r10w,(%rdi) + movw %r10w,-2(%rdi,%rcx) POP_FRAME_POINTER ret ALIGN_TEXT +100001: + cmpb $0,%cl + je 100000f + movb %r10b,(%rdi) +100000: + POP_FRAME_POINTER + ret + ALIGN_TEXT 1256: + movq %rdi,%r9 + movq %r10,%rax + testl $15,%edi + jnz 3f +1: .if \erms == 1 rep stosb + movq %r9,%rax .else + movq %rcx,%rdx shrq $3,%rcx rep stosq - movq %rdx,%rcx - andb $7,%cl - jne 1004b -.endif movq %r9,%rax + andl $7,%edx + jnz 2f POP_FRAME_POINTER ret +2: + movq %r10,-8(%rdi,%rdx) +.endif + POP_FRAME_POINTER + ret + ALIGN_TEXT +3: + movq %r10,(%rdi) + movq %r10,8(%rdi) + movq %rdi,%r8 + andq $15,%r8 + leaq -16(%rcx,%r8),%rcx + neg %r8 + leaq 16(%rdi,%r8),%rdi + jmp 1b .endm ENTRY(memset_std) From owner-svn-src-releng@freebsd.org Tue Nov 20 20:31:25 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9D18C113CEE9; Tue, 20 Nov 2018 20:31:25 +0000 (UTC) (envelope-from garga@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4106D81954; Tue, 20 Nov 2018 20:31:25 +0000 (UTC) (envelope-from garga@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CB8DC16502; Tue, 20 Nov 2018 20:31:23 +0000 (UTC) (envelope-from garga@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAKKVN9d011130; Tue, 20 Nov 2018 20:31:23 GMT (envelope-from garga@FreeBSD.org) Received: (from garga@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAKKVNFx011129; Tue, 20 Nov 2018 20:31:23 GMT (envelope-from garga@FreeBSD.org) Message-Id: <201811202031.wAKKVNFx011129@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: garga set sender to garga@FreeBSD.org using -f From: Renato Botelho Date: Tue, 20 Nov 2018 20:31:23 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340698 - releng/12.0/usr.sbin/ntp/ntpd X-SVN-Group: releng X-SVN-Commit-Author: garga X-SVN-Commit-Paths: releng/12.0/usr.sbin/ntp/ntpd X-SVN-Commit-Revision: 340698 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4106D81954 X-Spamd-Result: default: False [0.70 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_MEDIUM(0.13)[0.126,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_SPAM_SHORT(0.57)[0.574,0]; NEURAL_HAM_LONG(-0.00)[-0.003,0] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2018 20:31:25 -0000 Author: garga (ports committer) Date: Tue Nov 20 20:31:23 2018 New Revision: 340698 URL: https://svnweb.freebsd.org/changeset/base/340698 Log: MFC r340439,r340440 Fix /etc/ntp permissions. According to mtree it must be 0700 Approved by: re (gjb) Sponsored by: Rubicon Communications, LLC (Netgate) Modified: releng/12.0/usr.sbin/ntp/ntpd/Makefile Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/usr.sbin/ntp/ntpd/Makefile ============================================================================== --- releng/12.0/usr.sbin/ntp/ntpd/Makefile Tue Nov 20 20:16:03 2018 (r340697) +++ releng/12.0/usr.sbin/ntp/ntpd/Makefile Tue Nov 20 20:31:23 2018 (r340698) @@ -7,9 +7,12 @@ MAN= .PATH: ${SRCTOP}/contrib/ntp/ntpd \ ${.OBJDIR} +DIRS= ETC_NTP +ETC_NTP= /etc/ntp +ETC_NTP_MODE= 0700 CONFS= ntp.conf FILES= leap-seconds -FILESDIR= /etc/ntp +FILESDIR= ETC_NTP FILESMODE= 644 PROG= ntpd From owner-svn-src-releng@freebsd.org Tue Nov 20 23:07:56 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 92A0B114170E; Tue, 20 Nov 2018 23:07:55 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3D93D89396; Tue, 20 Nov 2018 23:07:55 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 1E20117EF6; Tue, 20 Nov 2018 23:07:55 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAKN7tHV092816; Tue, 20 Nov 2018 23:07:55 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAKN7kcv092769; Tue, 20 Nov 2018 23:07:46 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201811202307.wAKN7kcv092769@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Tue, 20 Nov 2018 23:07:46 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340711 - in releng/12.0: . crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/async/arch crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/c... X-SVN-Group: releng X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: in releng/12.0: . crypto/openssl crypto/openssl/apps crypto/openssl/crypto crypto/openssl/crypto/async/arch crypto/openssl/crypto/bio crypto/openssl/crypto/bn crypto/openssl/crypto/bn/asm crypto/opens... X-SVN-Commit-Revision: 340711 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 3D93D89396 X-Spamd-Result: default: False [0.13 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_SHORT(-0.08)[-0.080,0]; NEURAL_SPAM_LONG(0.01)[0.012,0]; NEURAL_SPAM_MEDIUM(0.19)[0.194,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 20 Nov 2018 23:07:56 -0000 Author: jkim Date: Tue Nov 20 23:07:45 2018 New Revision: 340711 URL: https://svnweb.freebsd.org/changeset/base/340711 Log: MFC: r340705, r340708 Merge OpenSSL 1.1.1a. Approved by: re (gjb) Added: releng/12.0/crypto/openssl/crypto/getenv.c - copied unchanged from r340705, stable/12/crypto/openssl/crypto/getenv.c releng/12.0/crypto/openssl/doc/man3/SSL_get_peer_tmp_key.pod - copied unchanged from r340705, stable/12/crypto/openssl/doc/man3/SSL_get_peer_tmp_key.pod releng/12.0/secure/lib/libcrypto/man/SSL_get_peer_tmp_key.3 - copied unchanged from r340705, stable/12/secure/lib/libcrypto/man/SSL_get_peer_tmp_key.3 Deleted: releng/12.0/crypto/openssl/doc/man3/SSL_CTX_set_client_CA_list.pod releng/12.0/crypto/openssl/doc/man3/SSL_get_client_CA_list.pod releng/12.0/crypto/openssl/doc/man3/SSL_get_server_tmp_key.pod releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_client_CA_list.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_client_CA_list.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_server_tmp_key.3 Modified: releng/12.0/ObsoleteFiles.inc releng/12.0/crypto/openssl/CHANGES releng/12.0/crypto/openssl/Configure releng/12.0/crypto/openssl/INSTALL releng/12.0/crypto/openssl/NEWS releng/12.0/crypto/openssl/README releng/12.0/crypto/openssl/apps/app_rand.c releng/12.0/crypto/openssl/apps/apps.c releng/12.0/crypto/openssl/apps/apps.h releng/12.0/crypto/openssl/apps/ca.c releng/12.0/crypto/openssl/apps/ocsp.c releng/12.0/crypto/openssl/apps/openssl.cnf releng/12.0/crypto/openssl/apps/opt.c releng/12.0/crypto/openssl/apps/rehash.c releng/12.0/crypto/openssl/apps/rsa.c releng/12.0/crypto/openssl/apps/s_cb.c releng/12.0/crypto/openssl/apps/s_server.c releng/12.0/crypto/openssl/apps/speed.c releng/12.0/crypto/openssl/apps/x509.c releng/12.0/crypto/openssl/crypto/LPdir_unix.c releng/12.0/crypto/openssl/crypto/async/arch/async_posix.h releng/12.0/crypto/openssl/crypto/bio/b_sock2.c releng/12.0/crypto/openssl/crypto/bio/bio_lib.c releng/12.0/crypto/openssl/crypto/bio/bss_log.c releng/12.0/crypto/openssl/crypto/bn/asm/x86_64-gcc.c releng/12.0/crypto/openssl/crypto/bn/bn_exp.c releng/12.0/crypto/openssl/crypto/bn/bn_lib.c releng/12.0/crypto/openssl/crypto/build.info releng/12.0/crypto/openssl/crypto/conf/conf_api.c releng/12.0/crypto/openssl/crypto/conf/conf_mod.c releng/12.0/crypto/openssl/crypto/cryptlib.c releng/12.0/crypto/openssl/crypto/ct/ct_log.c releng/12.0/crypto/openssl/crypto/dsa/dsa_gen.c releng/12.0/crypto/openssl/crypto/dsa/dsa_ossl.c releng/12.0/crypto/openssl/crypto/ec/ec_ameth.c releng/12.0/crypto/openssl/crypto/ec/ec_mult.c releng/12.0/crypto/openssl/crypto/ec/ec_pmeth.c releng/12.0/crypto/openssl/crypto/ec/ecdh_kdf.c releng/12.0/crypto/openssl/crypto/engine/eng_devcrypto.c releng/12.0/crypto/openssl/crypto/engine/eng_list.c releng/12.0/crypto/openssl/crypto/err/openssl.txt releng/12.0/crypto/openssl/crypto/evp/e_aes.c releng/12.0/crypto/openssl/crypto/evp/e_rc2.c releng/12.0/crypto/openssl/crypto/evp/pmeth_lib.c releng/12.0/crypto/openssl/crypto/include/internal/ec_int.h releng/12.0/crypto/openssl/crypto/include/internal/rand_int.h releng/12.0/crypto/openssl/crypto/kdf/hkdf.c releng/12.0/crypto/openssl/crypto/mem_sec.c releng/12.0/crypto/openssl/crypto/o_fopen.c releng/12.0/crypto/openssl/crypto/pkcs12/p12_mutl.c releng/12.0/crypto/openssl/crypto/poly1305/poly1305_ieee754.c releng/12.0/crypto/openssl/crypto/rand/drbg_ctr.c releng/12.0/crypto/openssl/crypto/rand/drbg_lib.c releng/12.0/crypto/openssl/crypto/rand/rand_err.c releng/12.0/crypto/openssl/crypto/rand/rand_lcl.h releng/12.0/crypto/openssl/crypto/rand/rand_lib.c releng/12.0/crypto/openssl/crypto/rand/rand_unix.c releng/12.0/crypto/openssl/crypto/rand/randfile.c releng/12.0/crypto/openssl/crypto/rsa/rsa_lib.c releng/12.0/crypto/openssl/crypto/rsa/rsa_meth.c releng/12.0/crypto/openssl/crypto/rsa/rsa_ossl.c releng/12.0/crypto/openssl/crypto/sha/asm/keccak1600-s390x.pl releng/12.0/crypto/openssl/crypto/sha/asm/sha512p8-ppc.pl releng/12.0/crypto/openssl/crypto/siphash/siphash.c releng/12.0/crypto/openssl/crypto/sm2/sm2_crypt.c releng/12.0/crypto/openssl/crypto/sm2/sm2_sign.c releng/12.0/crypto/openssl/crypto/ui/ui_openssl.c releng/12.0/crypto/openssl/crypto/x509/by_dir.c releng/12.0/crypto/openssl/crypto/x509/by_file.c releng/12.0/crypto/openssl/crypto/x509/x509_vfy.c releng/12.0/crypto/openssl/doc/man1/ca.pod releng/12.0/crypto/openssl/doc/man1/enc.pod releng/12.0/crypto/openssl/doc/man1/openssl.pod releng/12.0/crypto/openssl/doc/man1/req.pod releng/12.0/crypto/openssl/doc/man1/rsa.pod releng/12.0/crypto/openssl/doc/man1/s_server.pod releng/12.0/crypto/openssl/doc/man1/storeutl.pod releng/12.0/crypto/openssl/doc/man1/x509.pod releng/12.0/crypto/openssl/doc/man3/DES_random_key.pod releng/12.0/crypto/openssl/doc/man3/EVP_DigestInit.pod releng/12.0/crypto/openssl/doc/man3/EVP_PKEY_CTX_ctrl.pod releng/12.0/crypto/openssl/doc/man3/EVP_PKEY_CTX_set_hkdf_md.pod releng/12.0/crypto/openssl/doc/man3/EVP_PKEY_CTX_set_rsa_pss_keygen_md.pod releng/12.0/crypto/openssl/doc/man3/EVP_PKEY_set1_RSA.pod releng/12.0/crypto/openssl/doc/man3/EVP_aes.pod releng/12.0/crypto/openssl/doc/man3/EVP_aria.pod releng/12.0/crypto/openssl/doc/man3/EVP_bf_cbc.pod releng/12.0/crypto/openssl/doc/man3/EVP_camellia.pod releng/12.0/crypto/openssl/doc/man3/EVP_cast5_cbc.pod releng/12.0/crypto/openssl/doc/man3/EVP_des.pod releng/12.0/crypto/openssl/doc/man3/EVP_idea_cbc.pod releng/12.0/crypto/openssl/doc/man3/EVP_md5.pod releng/12.0/crypto/openssl/doc/man3/EVP_rc2_cbc.pod releng/12.0/crypto/openssl/doc/man3/EVP_rc5_32_12_16_cbc.pod releng/12.0/crypto/openssl/doc/man3/EVP_seed_cbc.pod releng/12.0/crypto/openssl/doc/man3/EVP_sm4_cbc.pod releng/12.0/crypto/openssl/doc/man3/OPENSSL_VERSION_NUMBER.pod releng/12.0/crypto/openssl/doc/man3/RSA_meth_new.pod releng/12.0/crypto/openssl/doc/man3/SSL_CTX_set0_CA_list.pod releng/12.0/crypto/openssl/doc/man3/SSL_CTX_set1_curves.pod releng/12.0/crypto/openssl/doc/man3/SSL_CTX_set_quiet_shutdown.pod releng/12.0/crypto/openssl/doc/man3/SSL_get_error.pod releng/12.0/crypto/openssl/doc/man3/SSL_get_peer_signature_nid.pod releng/12.0/crypto/openssl/doc/man3/SSL_set_bio.pod releng/12.0/crypto/openssl/doc/man3/SSL_set_shutdown.pod releng/12.0/crypto/openssl/doc/man3/SSL_shutdown.pod releng/12.0/crypto/openssl/doc/man7/RAND_DRBG.pod releng/12.0/crypto/openssl/e_os.h releng/12.0/crypto/openssl/include/internal/cryptlib.h releng/12.0/crypto/openssl/include/internal/tsan_assist.h releng/12.0/crypto/openssl/include/openssl/cryptoerr.h releng/12.0/crypto/openssl/include/openssl/ec.h releng/12.0/crypto/openssl/include/openssl/ocsp.h releng/12.0/crypto/openssl/include/openssl/opensslv.h releng/12.0/crypto/openssl/include/openssl/rand_drbg.h releng/12.0/crypto/openssl/include/openssl/randerr.h releng/12.0/crypto/openssl/include/openssl/rsa.h releng/12.0/crypto/openssl/include/openssl/ssl.h releng/12.0/crypto/openssl/include/openssl/symhacks.h releng/12.0/crypto/openssl/include/openssl/tls1.h releng/12.0/crypto/openssl/ssl/d1_lib.c releng/12.0/crypto/openssl/ssl/record/rec_layer_d1.c releng/12.0/crypto/openssl/ssl/record/record.h releng/12.0/crypto/openssl/ssl/record/record_locl.h releng/12.0/crypto/openssl/ssl/record/ssl3_record.c releng/12.0/crypto/openssl/ssl/s3_cbc.c releng/12.0/crypto/openssl/ssl/s3_enc.c releng/12.0/crypto/openssl/ssl/s3_lib.c releng/12.0/crypto/openssl/ssl/ssl_cert.c releng/12.0/crypto/openssl/ssl/ssl_ciph.c releng/12.0/crypto/openssl/ssl/ssl_lib.c releng/12.0/crypto/openssl/ssl/ssl_locl.h releng/12.0/crypto/openssl/ssl/statem/extensions.c releng/12.0/crypto/openssl/ssl/statem/extensions_clnt.c releng/12.0/crypto/openssl/ssl/statem/statem.c releng/12.0/crypto/openssl/ssl/statem/statem_clnt.c releng/12.0/crypto/openssl/ssl/statem/statem_lib.c releng/12.0/crypto/openssl/ssl/statem/statem_locl.h releng/12.0/crypto/openssl/ssl/statem/statem_srvr.c releng/12.0/crypto/openssl/ssl/t1_lib.c releng/12.0/crypto/openssl/ssl/tls13_enc.c releng/12.0/secure/lib/libcrypto/Makefile releng/12.0/secure/lib/libcrypto/Makefile.inc releng/12.0/secure/lib/libcrypto/Makefile.man releng/12.0/secure/lib/libcrypto/man/ADMISSIONS.3 releng/12.0/secure/lib/libcrypto/man/ASN1_INTEGER_get_int64.3 releng/12.0/secure/lib/libcrypto/man/ASN1_ITEM_lookup.3 releng/12.0/secure/lib/libcrypto/man/ASN1_OBJECT_new.3 releng/12.0/secure/lib/libcrypto/man/ASN1_STRING_TABLE_add.3 releng/12.0/secure/lib/libcrypto/man/ASN1_STRING_length.3 releng/12.0/secure/lib/libcrypto/man/ASN1_STRING_new.3 releng/12.0/secure/lib/libcrypto/man/ASN1_STRING_print_ex.3 releng/12.0/secure/lib/libcrypto/man/ASN1_TIME_set.3 releng/12.0/secure/lib/libcrypto/man/ASN1_TYPE_get.3 releng/12.0/secure/lib/libcrypto/man/ASN1_generate_nconf.3 releng/12.0/secure/lib/libcrypto/man/ASYNC_WAIT_CTX_new.3 releng/12.0/secure/lib/libcrypto/man/ASYNC_start_job.3 releng/12.0/secure/lib/libcrypto/man/BF_encrypt.3 releng/12.0/secure/lib/libcrypto/man/BIO_ADDR.3 releng/12.0/secure/lib/libcrypto/man/BIO_ADDRINFO.3 releng/12.0/secure/lib/libcrypto/man/BIO_connect.3 releng/12.0/secure/lib/libcrypto/man/BIO_ctrl.3 releng/12.0/secure/lib/libcrypto/man/BIO_f_base64.3 releng/12.0/secure/lib/libcrypto/man/BIO_f_buffer.3 releng/12.0/secure/lib/libcrypto/man/BIO_f_cipher.3 releng/12.0/secure/lib/libcrypto/man/BIO_f_md.3 releng/12.0/secure/lib/libcrypto/man/BIO_f_null.3 releng/12.0/secure/lib/libcrypto/man/BIO_f_ssl.3 releng/12.0/secure/lib/libcrypto/man/BIO_find_type.3 releng/12.0/secure/lib/libcrypto/man/BIO_get_data.3 releng/12.0/secure/lib/libcrypto/man/BIO_get_ex_new_index.3 releng/12.0/secure/lib/libcrypto/man/BIO_meth_new.3 releng/12.0/secure/lib/libcrypto/man/BIO_new.3 releng/12.0/secure/lib/libcrypto/man/BIO_new_CMS.3 releng/12.0/secure/lib/libcrypto/man/BIO_parse_hostserv.3 releng/12.0/secure/lib/libcrypto/man/BIO_printf.3 releng/12.0/secure/lib/libcrypto/man/BIO_push.3 releng/12.0/secure/lib/libcrypto/man/BIO_read.3 releng/12.0/secure/lib/libcrypto/man/BIO_s_accept.3 releng/12.0/secure/lib/libcrypto/man/BIO_s_bio.3 releng/12.0/secure/lib/libcrypto/man/BIO_s_connect.3 releng/12.0/secure/lib/libcrypto/man/BIO_s_fd.3 releng/12.0/secure/lib/libcrypto/man/BIO_s_file.3 releng/12.0/secure/lib/libcrypto/man/BIO_s_mem.3 releng/12.0/secure/lib/libcrypto/man/BIO_s_null.3 releng/12.0/secure/lib/libcrypto/man/BIO_s_socket.3 releng/12.0/secure/lib/libcrypto/man/BIO_set_callback.3 releng/12.0/secure/lib/libcrypto/man/BIO_should_retry.3 releng/12.0/secure/lib/libcrypto/man/BN_BLINDING_new.3 releng/12.0/secure/lib/libcrypto/man/BN_CTX_new.3 releng/12.0/secure/lib/libcrypto/man/BN_CTX_start.3 releng/12.0/secure/lib/libcrypto/man/BN_add.3 releng/12.0/secure/lib/libcrypto/man/BN_add_word.3 releng/12.0/secure/lib/libcrypto/man/BN_bn2bin.3 releng/12.0/secure/lib/libcrypto/man/BN_cmp.3 releng/12.0/secure/lib/libcrypto/man/BN_copy.3 releng/12.0/secure/lib/libcrypto/man/BN_generate_prime.3 releng/12.0/secure/lib/libcrypto/man/BN_mod_inverse.3 releng/12.0/secure/lib/libcrypto/man/BN_mod_mul_montgomery.3 releng/12.0/secure/lib/libcrypto/man/BN_mod_mul_reciprocal.3 releng/12.0/secure/lib/libcrypto/man/BN_new.3 releng/12.0/secure/lib/libcrypto/man/BN_num_bytes.3 releng/12.0/secure/lib/libcrypto/man/BN_rand.3 releng/12.0/secure/lib/libcrypto/man/BN_security_bits.3 releng/12.0/secure/lib/libcrypto/man/BN_set_bit.3 releng/12.0/secure/lib/libcrypto/man/BN_swap.3 releng/12.0/secure/lib/libcrypto/man/BN_zero.3 releng/12.0/secure/lib/libcrypto/man/BUF_MEM_new.3 releng/12.0/secure/lib/libcrypto/man/CMS_add0_cert.3 releng/12.0/secure/lib/libcrypto/man/CMS_add1_recipient_cert.3 releng/12.0/secure/lib/libcrypto/man/CMS_add1_signer.3 releng/12.0/secure/lib/libcrypto/man/CMS_compress.3 releng/12.0/secure/lib/libcrypto/man/CMS_decrypt.3 releng/12.0/secure/lib/libcrypto/man/CMS_encrypt.3 releng/12.0/secure/lib/libcrypto/man/CMS_final.3 releng/12.0/secure/lib/libcrypto/man/CMS_get0_RecipientInfos.3 releng/12.0/secure/lib/libcrypto/man/CMS_get0_SignerInfos.3 releng/12.0/secure/lib/libcrypto/man/CMS_get0_type.3 releng/12.0/secure/lib/libcrypto/man/CMS_get1_ReceiptRequest.3 releng/12.0/secure/lib/libcrypto/man/CMS_sign.3 releng/12.0/secure/lib/libcrypto/man/CMS_sign_receipt.3 releng/12.0/secure/lib/libcrypto/man/CMS_uncompress.3 releng/12.0/secure/lib/libcrypto/man/CMS_verify.3 releng/12.0/secure/lib/libcrypto/man/CMS_verify_receipt.3 releng/12.0/secure/lib/libcrypto/man/CONF_modules_free.3 releng/12.0/secure/lib/libcrypto/man/CONF_modules_load_file.3 releng/12.0/secure/lib/libcrypto/man/CRYPTO_THREAD_run_once.3 releng/12.0/secure/lib/libcrypto/man/CRYPTO_get_ex_new_index.3 releng/12.0/secure/lib/libcrypto/man/CTLOG_STORE_get0_log_by_id.3 releng/12.0/secure/lib/libcrypto/man/CTLOG_STORE_new.3 releng/12.0/secure/lib/libcrypto/man/CTLOG_new.3 releng/12.0/secure/lib/libcrypto/man/CT_POLICY_EVAL_CTX_new.3 releng/12.0/secure/lib/libcrypto/man/DEFINE_STACK_OF.3 releng/12.0/secure/lib/libcrypto/man/DES_random_key.3 releng/12.0/secure/lib/libcrypto/man/DH_generate_key.3 releng/12.0/secure/lib/libcrypto/man/DH_generate_parameters.3 releng/12.0/secure/lib/libcrypto/man/DH_get0_pqg.3 releng/12.0/secure/lib/libcrypto/man/DH_get_1024_160.3 releng/12.0/secure/lib/libcrypto/man/DH_meth_new.3 releng/12.0/secure/lib/libcrypto/man/DH_new.3 releng/12.0/secure/lib/libcrypto/man/DH_new_by_nid.3 releng/12.0/secure/lib/libcrypto/man/DH_set_method.3 releng/12.0/secure/lib/libcrypto/man/DH_size.3 releng/12.0/secure/lib/libcrypto/man/DSA_SIG_new.3 releng/12.0/secure/lib/libcrypto/man/DSA_do_sign.3 releng/12.0/secure/lib/libcrypto/man/DSA_dup_DH.3 releng/12.0/secure/lib/libcrypto/man/DSA_generate_key.3 releng/12.0/secure/lib/libcrypto/man/DSA_generate_parameters.3 releng/12.0/secure/lib/libcrypto/man/DSA_get0_pqg.3 releng/12.0/secure/lib/libcrypto/man/DSA_meth_new.3 releng/12.0/secure/lib/libcrypto/man/DSA_new.3 releng/12.0/secure/lib/libcrypto/man/DSA_set_method.3 releng/12.0/secure/lib/libcrypto/man/DSA_sign.3 releng/12.0/secure/lib/libcrypto/man/DSA_size.3 releng/12.0/secure/lib/libcrypto/man/DTLS_get_data_mtu.3 releng/12.0/secure/lib/libcrypto/man/DTLS_set_timer_cb.3 releng/12.0/secure/lib/libcrypto/man/DTLSv1_listen.3 releng/12.0/secure/lib/libcrypto/man/ECDSA_SIG_new.3 releng/12.0/secure/lib/libcrypto/man/ECPKParameters_print.3 releng/12.0/secure/lib/libcrypto/man/EC_GFp_simple_method.3 releng/12.0/secure/lib/libcrypto/man/EC_GROUP_copy.3 releng/12.0/secure/lib/libcrypto/man/EC_GROUP_new.3 releng/12.0/secure/lib/libcrypto/man/EC_KEY_get_enc_flags.3 releng/12.0/secure/lib/libcrypto/man/EC_KEY_new.3 releng/12.0/secure/lib/libcrypto/man/EC_POINT_add.3 releng/12.0/secure/lib/libcrypto/man/EC_POINT_new.3 releng/12.0/secure/lib/libcrypto/man/ENGINE_add.3 releng/12.0/secure/lib/libcrypto/man/ERR_GET_LIB.3 releng/12.0/secure/lib/libcrypto/man/ERR_clear_error.3 releng/12.0/secure/lib/libcrypto/man/ERR_error_string.3 releng/12.0/secure/lib/libcrypto/man/ERR_get_error.3 releng/12.0/secure/lib/libcrypto/man/ERR_load_crypto_strings.3 releng/12.0/secure/lib/libcrypto/man/ERR_load_strings.3 releng/12.0/secure/lib/libcrypto/man/ERR_print_errors.3 releng/12.0/secure/lib/libcrypto/man/ERR_put_error.3 releng/12.0/secure/lib/libcrypto/man/ERR_remove_state.3 releng/12.0/secure/lib/libcrypto/man/ERR_set_mark.3 releng/12.0/secure/lib/libcrypto/man/EVP_BytesToKey.3 releng/12.0/secure/lib/libcrypto/man/EVP_CIPHER_CTX_get_cipher_data.3 releng/12.0/secure/lib/libcrypto/man/EVP_CIPHER_meth_new.3 releng/12.0/secure/lib/libcrypto/man/EVP_DigestInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_DigestSignInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_DigestVerifyInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_EncodeInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_EncryptInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_MD_meth_new.3 releng/12.0/secure/lib/libcrypto/man/EVP_OpenInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_ASN1_METHOD.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_CTX_ctrl.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_CTX_new.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_CTX_set1_pbe_pass.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_CTX_set_hkdf_md.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_CTX_set_rsa_pss_keygen_md.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_CTX_set_scrypt_N.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_CTX_set_tls1_prf_md.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_asn1_get_count.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_cmp.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_decrypt.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_derive.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_encrypt.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_get_default_digest_nid.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_keygen.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_meth_get_count.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_meth_new.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_new.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_print_private.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_set1_RSA.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_sign.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_verify.3 releng/12.0/secure/lib/libcrypto/man/EVP_PKEY_verify_recover.3 releng/12.0/secure/lib/libcrypto/man/EVP_SealInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_SignInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_VerifyInit.3 releng/12.0/secure/lib/libcrypto/man/EVP_aes.3 releng/12.0/secure/lib/libcrypto/man/EVP_aria.3 releng/12.0/secure/lib/libcrypto/man/EVP_bf_cbc.3 releng/12.0/secure/lib/libcrypto/man/EVP_blake2b512.3 releng/12.0/secure/lib/libcrypto/man/EVP_camellia.3 releng/12.0/secure/lib/libcrypto/man/EVP_cast5_cbc.3 releng/12.0/secure/lib/libcrypto/man/EVP_chacha20.3 releng/12.0/secure/lib/libcrypto/man/EVP_des.3 releng/12.0/secure/lib/libcrypto/man/EVP_desx_cbc.3 releng/12.0/secure/lib/libcrypto/man/EVP_idea_cbc.3 releng/12.0/secure/lib/libcrypto/man/EVP_md2.3 releng/12.0/secure/lib/libcrypto/man/EVP_md4.3 releng/12.0/secure/lib/libcrypto/man/EVP_md5.3 releng/12.0/secure/lib/libcrypto/man/EVP_mdc2.3 releng/12.0/secure/lib/libcrypto/man/EVP_rc2_cbc.3 releng/12.0/secure/lib/libcrypto/man/EVP_rc4.3 releng/12.0/secure/lib/libcrypto/man/EVP_rc5_32_12_16_cbc.3 releng/12.0/secure/lib/libcrypto/man/EVP_ripemd160.3 releng/12.0/secure/lib/libcrypto/man/EVP_seed_cbc.3 releng/12.0/secure/lib/libcrypto/man/EVP_sha1.3 releng/12.0/secure/lib/libcrypto/man/EVP_sha224.3 releng/12.0/secure/lib/libcrypto/man/EVP_sha3_224.3 releng/12.0/secure/lib/libcrypto/man/EVP_sm3.3 releng/12.0/secure/lib/libcrypto/man/EVP_sm4_cbc.3 releng/12.0/secure/lib/libcrypto/man/EVP_whirlpool.3 releng/12.0/secure/lib/libcrypto/man/HMAC.3 releng/12.0/secure/lib/libcrypto/man/MD5.3 releng/12.0/secure/lib/libcrypto/man/MDC2_Init.3 releng/12.0/secure/lib/libcrypto/man/OBJ_nid2obj.3 releng/12.0/secure/lib/libcrypto/man/OCSP_REQUEST_new.3 releng/12.0/secure/lib/libcrypto/man/OCSP_cert_to_id.3 releng/12.0/secure/lib/libcrypto/man/OCSP_request_add1_nonce.3 releng/12.0/secure/lib/libcrypto/man/OCSP_resp_find_status.3 releng/12.0/secure/lib/libcrypto/man/OCSP_response_status.3 releng/12.0/secure/lib/libcrypto/man/OCSP_sendreq_new.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_Applink.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_LH_COMPFUNC.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_LH_stats.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_VERSION_NUMBER.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_config.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_fork_prepare.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_ia32cap.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_init_crypto.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_init_ssl.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_instrument_bus.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_load_builtin_modules.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_malloc.3 releng/12.0/secure/lib/libcrypto/man/OPENSSL_secure_malloc.3 releng/12.0/secure/lib/libcrypto/man/OSSL_STORE_INFO.3 releng/12.0/secure/lib/libcrypto/man/OSSL_STORE_LOADER.3 releng/12.0/secure/lib/libcrypto/man/OSSL_STORE_SEARCH.3 releng/12.0/secure/lib/libcrypto/man/OSSL_STORE_expect.3 releng/12.0/secure/lib/libcrypto/man/OSSL_STORE_open.3 releng/12.0/secure/lib/libcrypto/man/OpenSSL_add_all_algorithms.3 releng/12.0/secure/lib/libcrypto/man/PEM_bytes_read_bio.3 releng/12.0/secure/lib/libcrypto/man/PEM_read.3 releng/12.0/secure/lib/libcrypto/man/PEM_read_CMS.3 releng/12.0/secure/lib/libcrypto/man/PEM_read_bio_PrivateKey.3 releng/12.0/secure/lib/libcrypto/man/PEM_read_bio_ex.3 releng/12.0/secure/lib/libcrypto/man/PEM_write_bio_CMS_stream.3 releng/12.0/secure/lib/libcrypto/man/PEM_write_bio_PKCS7_stream.3 releng/12.0/secure/lib/libcrypto/man/PKCS12_create.3 releng/12.0/secure/lib/libcrypto/man/PKCS12_newpass.3 releng/12.0/secure/lib/libcrypto/man/PKCS12_parse.3 releng/12.0/secure/lib/libcrypto/man/PKCS5_PBKDF2_HMAC.3 releng/12.0/secure/lib/libcrypto/man/PKCS7_decrypt.3 releng/12.0/secure/lib/libcrypto/man/PKCS7_encrypt.3 releng/12.0/secure/lib/libcrypto/man/PKCS7_sign.3 releng/12.0/secure/lib/libcrypto/man/PKCS7_sign_add_signer.3 releng/12.0/secure/lib/libcrypto/man/PKCS7_verify.3 releng/12.0/secure/lib/libcrypto/man/RAND_DRBG_generate.3 releng/12.0/secure/lib/libcrypto/man/RAND_DRBG_get0_master.3 releng/12.0/secure/lib/libcrypto/man/RAND_DRBG_new.3 releng/12.0/secure/lib/libcrypto/man/RAND_DRBG_reseed.3 releng/12.0/secure/lib/libcrypto/man/RAND_DRBG_set_callbacks.3 releng/12.0/secure/lib/libcrypto/man/RAND_DRBG_set_ex_data.3 releng/12.0/secure/lib/libcrypto/man/RAND_add.3 releng/12.0/secure/lib/libcrypto/man/RAND_bytes.3 releng/12.0/secure/lib/libcrypto/man/RAND_cleanup.3 releng/12.0/secure/lib/libcrypto/man/RAND_egd.3 releng/12.0/secure/lib/libcrypto/man/RAND_load_file.3 releng/12.0/secure/lib/libcrypto/man/RAND_set_rand_method.3 releng/12.0/secure/lib/libcrypto/man/RC4_set_key.3 releng/12.0/secure/lib/libcrypto/man/RIPEMD160_Init.3 releng/12.0/secure/lib/libcrypto/man/RSA_blinding_on.3 releng/12.0/secure/lib/libcrypto/man/RSA_check_key.3 releng/12.0/secure/lib/libcrypto/man/RSA_generate_key.3 releng/12.0/secure/lib/libcrypto/man/RSA_get0_key.3 releng/12.0/secure/lib/libcrypto/man/RSA_meth_new.3 releng/12.0/secure/lib/libcrypto/man/RSA_new.3 releng/12.0/secure/lib/libcrypto/man/RSA_padding_add_PKCS1_type_1.3 releng/12.0/secure/lib/libcrypto/man/RSA_print.3 releng/12.0/secure/lib/libcrypto/man/RSA_private_encrypt.3 releng/12.0/secure/lib/libcrypto/man/RSA_public_encrypt.3 releng/12.0/secure/lib/libcrypto/man/RSA_set_method.3 releng/12.0/secure/lib/libcrypto/man/RSA_sign.3 releng/12.0/secure/lib/libcrypto/man/RSA_sign_ASN1_OCTET_STRING.3 releng/12.0/secure/lib/libcrypto/man/RSA_size.3 releng/12.0/secure/lib/libcrypto/man/SCT_new.3 releng/12.0/secure/lib/libcrypto/man/SCT_print.3 releng/12.0/secure/lib/libcrypto/man/SCT_validate.3 releng/12.0/secure/lib/libcrypto/man/SHA256_Init.3 releng/12.0/secure/lib/libcrypto/man/SMIME_read_CMS.3 releng/12.0/secure/lib/libcrypto/man/SMIME_read_PKCS7.3 releng/12.0/secure/lib/libcrypto/man/SMIME_write_CMS.3 releng/12.0/secure/lib/libcrypto/man/SMIME_write_PKCS7.3 releng/12.0/secure/lib/libcrypto/man/SSL_CIPHER_get_name.3 releng/12.0/secure/lib/libcrypto/man/SSL_COMP_add_compression_method.3 releng/12.0/secure/lib/libcrypto/man/SSL_CONF_CTX_new.3 releng/12.0/secure/lib/libcrypto/man/SSL_CONF_CTX_set1_prefix.3 releng/12.0/secure/lib/libcrypto/man/SSL_CONF_CTX_set_flags.3 releng/12.0/secure/lib/libcrypto/man/SSL_CONF_CTX_set_ssl_ctx.3 releng/12.0/secure/lib/libcrypto/man/SSL_CONF_cmd.3 releng/12.0/secure/lib/libcrypto/man/SSL_CONF_cmd_argv.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_add1_chain_cert.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_add_extra_chain_cert.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_add_session.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_config.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_ctrl.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_dane_enable.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_flush_sessions.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_free.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_get0_param.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_get_verify_mode.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_has_client_custom_ext.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_load_verify_locations.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_new.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_sess_number.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_sess_set_cache_size.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_sess_set_get_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_sessions.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set0_CA_list.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set1_curves.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set1_sigalgs.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set1_verify_cert_store.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_alpn_select_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_cert_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_cert_store.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_cert_verify_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_cipher_list.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_client_cert_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_client_hello_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_ct_validation_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_ctlog_list_file.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_default_passwd_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_ex_data.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_generate_session_id.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_info_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_keylog_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_max_cert_list.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_min_proto_version.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_mode.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_msg_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_num_tickets.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_options.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_psk_client_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_quiet_shutdown.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_read_ahead.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_record_padding_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_security_level.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_session_cache_mode.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_session_id_context.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_session_ticket_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_split_send_fragment.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_ssl_version.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_stateless_cookie_generate_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_timeout.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_tlsext_servername_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_tlsext_status_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_tlsext_ticket_key_cb.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_tlsext_use_srtp.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_tmp_dh_callback.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_set_verify.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_use_certificate.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_use_psk_identity_hint.3 releng/12.0/secure/lib/libcrypto/man/SSL_CTX_use_serverinfo.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_free.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_get0_cipher.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_get0_hostname.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_get0_id_context.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_get0_peer.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_get_compress_id.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_get_ex_data.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_get_protocol_version.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_get_time.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_has_ticket.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_is_resumable.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_print.3 releng/12.0/secure/lib/libcrypto/man/SSL_SESSION_set1_id.3 releng/12.0/secure/lib/libcrypto/man/SSL_accept.3 releng/12.0/secure/lib/libcrypto/man/SSL_alert_type_string.3 releng/12.0/secure/lib/libcrypto/man/SSL_alloc_buffers.3 releng/12.0/secure/lib/libcrypto/man/SSL_check_chain.3 releng/12.0/secure/lib/libcrypto/man/SSL_clear.3 releng/12.0/secure/lib/libcrypto/man/SSL_connect.3 releng/12.0/secure/lib/libcrypto/man/SSL_do_handshake.3 releng/12.0/secure/lib/libcrypto/man/SSL_export_keying_material.3 releng/12.0/secure/lib/libcrypto/man/SSL_extension_supported.3 releng/12.0/secure/lib/libcrypto/man/SSL_free.3 releng/12.0/secure/lib/libcrypto/man/SSL_get0_peer_scts.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_SSL_CTX.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_all_async_fds.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_ciphers.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_client_random.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_current_cipher.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_default_timeout.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_error.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_extms_support.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_fd.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_peer_cert_chain.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_peer_certificate.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_peer_signature_nid.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_psk_identity.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_rbio.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_session.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_shared_sigalgs.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_verify_result.3 releng/12.0/secure/lib/libcrypto/man/SSL_get_version.3 releng/12.0/secure/lib/libcrypto/man/SSL_in_init.3 releng/12.0/secure/lib/libcrypto/man/SSL_key_update.3 releng/12.0/secure/lib/libcrypto/man/SSL_library_init.3 releng/12.0/secure/lib/libcrypto/man/SSL_load_client_CA_file.3 releng/12.0/secure/lib/libcrypto/man/SSL_new.3 releng/12.0/secure/lib/libcrypto/man/SSL_pending.3 releng/12.0/secure/lib/libcrypto/man/SSL_read.3 releng/12.0/secure/lib/libcrypto/man/SSL_read_early_data.3 releng/12.0/secure/lib/libcrypto/man/SSL_rstate_string.3 releng/12.0/secure/lib/libcrypto/man/SSL_session_reused.3 releng/12.0/secure/lib/libcrypto/man/SSL_set1_host.3 releng/12.0/secure/lib/libcrypto/man/SSL_set_bio.3 releng/12.0/secure/lib/libcrypto/man/SSL_set_connect_state.3 releng/12.0/secure/lib/libcrypto/man/SSL_set_fd.3 releng/12.0/secure/lib/libcrypto/man/SSL_set_session.3 releng/12.0/secure/lib/libcrypto/man/SSL_set_shutdown.3 releng/12.0/secure/lib/libcrypto/man/SSL_set_verify_result.3 releng/12.0/secure/lib/libcrypto/man/SSL_shutdown.3 releng/12.0/secure/lib/libcrypto/man/SSL_state_string.3 releng/12.0/secure/lib/libcrypto/man/SSL_want.3 releng/12.0/secure/lib/libcrypto/man/SSL_write.3 releng/12.0/secure/lib/libcrypto/man/UI_STRING.3 releng/12.0/secure/lib/libcrypto/man/UI_UTIL_read_pw.3 releng/12.0/secure/lib/libcrypto/man/UI_create_method.3 releng/12.0/secure/lib/libcrypto/man/UI_new.3 releng/12.0/secure/lib/libcrypto/man/X509V3_get_d2i.3 releng/12.0/secure/lib/libcrypto/man/X509_ALGOR_dup.3 releng/12.0/secure/lib/libcrypto/man/X509_CRL_get0_by_serial.3 releng/12.0/secure/lib/libcrypto/man/X509_EXTENSION_set_object.3 releng/12.0/secure/lib/libcrypto/man/X509_LOOKUP_hash_dir.3 releng/12.0/secure/lib/libcrypto/man/X509_LOOKUP_meth_new.3 releng/12.0/secure/lib/libcrypto/man/X509_NAME_ENTRY_get_object.3 releng/12.0/secure/lib/libcrypto/man/X509_NAME_add_entry_by_txt.3 releng/12.0/secure/lib/libcrypto/man/X509_NAME_get0_der.3 releng/12.0/secure/lib/libcrypto/man/X509_NAME_get_index_by_NID.3 releng/12.0/secure/lib/libcrypto/man/X509_NAME_print_ex.3 releng/12.0/secure/lib/libcrypto/man/X509_PUBKEY_new.3 releng/12.0/secure/lib/libcrypto/man/X509_SIG_get0.3 releng/12.0/secure/lib/libcrypto/man/X509_STORE_CTX_get_error.3 releng/12.0/secure/lib/libcrypto/man/X509_STORE_CTX_new.3 releng/12.0/secure/lib/libcrypto/man/X509_STORE_CTX_set_verify_cb.3 releng/12.0/secure/lib/libcrypto/man/X509_STORE_add_cert.3 releng/12.0/secure/lib/libcrypto/man/X509_STORE_get0_param.3 releng/12.0/secure/lib/libcrypto/man/X509_STORE_new.3 releng/12.0/secure/lib/libcrypto/man/X509_STORE_set_verify_cb_func.3 releng/12.0/secure/lib/libcrypto/man/X509_VERIFY_PARAM_set_flags.3 releng/12.0/secure/lib/libcrypto/man/X509_check_ca.3 releng/12.0/secure/lib/libcrypto/man/X509_check_host.3 releng/12.0/secure/lib/libcrypto/man/X509_check_issued.3 releng/12.0/secure/lib/libcrypto/man/X509_check_private_key.3 releng/12.0/secure/lib/libcrypto/man/X509_cmp_time.3 releng/12.0/secure/lib/libcrypto/man/X509_digest.3 releng/12.0/secure/lib/libcrypto/man/X509_dup.3 releng/12.0/secure/lib/libcrypto/man/X509_get0_notBefore.3 releng/12.0/secure/lib/libcrypto/man/X509_get0_signature.3 releng/12.0/secure/lib/libcrypto/man/X509_get0_uids.3 releng/12.0/secure/lib/libcrypto/man/X509_get_extension_flags.3 releng/12.0/secure/lib/libcrypto/man/X509_get_pubkey.3 releng/12.0/secure/lib/libcrypto/man/X509_get_serialNumber.3 releng/12.0/secure/lib/libcrypto/man/X509_get_subject_name.3 releng/12.0/secure/lib/libcrypto/man/X509_get_version.3 releng/12.0/secure/lib/libcrypto/man/X509_new.3 releng/12.0/secure/lib/libcrypto/man/X509_sign.3 releng/12.0/secure/lib/libcrypto/man/X509_verify_cert.3 releng/12.0/secure/lib/libcrypto/man/X509v3_get_ext_by_NID.3 releng/12.0/secure/lib/libcrypto/man/d2i_DHparams.3 releng/12.0/secure/lib/libcrypto/man/d2i_PKCS8PrivateKey_bio.3 releng/12.0/secure/lib/libcrypto/man/d2i_PrivateKey.3 releng/12.0/secure/lib/libcrypto/man/d2i_SSL_SESSION.3 releng/12.0/secure/lib/libcrypto/man/d2i_X509.3 releng/12.0/secure/lib/libcrypto/man/i2d_CMS_bio_stream.3 releng/12.0/secure/lib/libcrypto/man/i2d_PKCS7_bio_stream.3 releng/12.0/secure/lib/libcrypto/man/i2d_re_X509_tbs.3 releng/12.0/secure/lib/libcrypto/man/o2i_SCT_LIST.3 releng/12.0/secure/lib/libssl/Version.map (contents, props changed) releng/12.0/secure/usr.bin/openssl/man/CA.pl.1 releng/12.0/secure/usr.bin/openssl/man/asn1parse.1 releng/12.0/secure/usr.bin/openssl/man/ca.1 releng/12.0/secure/usr.bin/openssl/man/ciphers.1 releng/12.0/secure/usr.bin/openssl/man/cms.1 releng/12.0/secure/usr.bin/openssl/man/crl.1 releng/12.0/secure/usr.bin/openssl/man/crl2pkcs7.1 releng/12.0/secure/usr.bin/openssl/man/dgst.1 releng/12.0/secure/usr.bin/openssl/man/dhparam.1 releng/12.0/secure/usr.bin/openssl/man/dsa.1 releng/12.0/secure/usr.bin/openssl/man/dsaparam.1 releng/12.0/secure/usr.bin/openssl/man/ec.1 releng/12.0/secure/usr.bin/openssl/man/ecparam.1 releng/12.0/secure/usr.bin/openssl/man/enc.1 releng/12.0/secure/usr.bin/openssl/man/engine.1 releng/12.0/secure/usr.bin/openssl/man/errstr.1 releng/12.0/secure/usr.bin/openssl/man/gendsa.1 releng/12.0/secure/usr.bin/openssl/man/genpkey.1 releng/12.0/secure/usr.bin/openssl/man/genrsa.1 releng/12.0/secure/usr.bin/openssl/man/list.1 releng/12.0/secure/usr.bin/openssl/man/nseq.1 releng/12.0/secure/usr.bin/openssl/man/ocsp.1 releng/12.0/secure/usr.bin/openssl/man/openssl.1 releng/12.0/secure/usr.bin/openssl/man/passwd.1 releng/12.0/secure/usr.bin/openssl/man/pkcs12.1 releng/12.0/secure/usr.bin/openssl/man/pkcs7.1 releng/12.0/secure/usr.bin/openssl/man/pkcs8.1 releng/12.0/secure/usr.bin/openssl/man/pkey.1 releng/12.0/secure/usr.bin/openssl/man/pkeyparam.1 releng/12.0/secure/usr.bin/openssl/man/pkeyutl.1 releng/12.0/secure/usr.bin/openssl/man/prime.1 releng/12.0/secure/usr.bin/openssl/man/rand.1 releng/12.0/secure/usr.bin/openssl/man/req.1 releng/12.0/secure/usr.bin/openssl/man/rsa.1 releng/12.0/secure/usr.bin/openssl/man/rsautl.1 releng/12.0/secure/usr.bin/openssl/man/s_client.1 releng/12.0/secure/usr.bin/openssl/man/s_server.1 releng/12.0/secure/usr.bin/openssl/man/s_time.1 releng/12.0/secure/usr.bin/openssl/man/sess_id.1 releng/12.0/secure/usr.bin/openssl/man/smime.1 releng/12.0/secure/usr.bin/openssl/man/speed.1 releng/12.0/secure/usr.bin/openssl/man/spkac.1 releng/12.0/secure/usr.bin/openssl/man/srp.1 releng/12.0/secure/usr.bin/openssl/man/storeutl.1 releng/12.0/secure/usr.bin/openssl/man/ts.1 releng/12.0/secure/usr.bin/openssl/man/tsget.1 releng/12.0/secure/usr.bin/openssl/man/verify.1 releng/12.0/secure/usr.bin/openssl/man/version.1 releng/12.0/secure/usr.bin/openssl/man/x509.1 Directory Properties: releng/12.0/ (props changed) releng/12.0/secure/lib/libcrypto/Version.map (props changed) Modified: releng/12.0/ObsoleteFiles.inc ============================================================================== --- releng/12.0/ObsoleteFiles.inc Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/ObsoleteFiles.inc Tue Nov 20 23:07:45 2018 (r340711) @@ -38,6 +38,14 @@ # xargs -n1 | sort | uniq -d; # done +# 20181120: OpenSSL 1.1.1a +OLD_FILES+=usr/share/openssl/man/man3/SSL_CTX_add_client_CA.3.gz +OLD_FILES+=usr/share/openssl/man/man3/SSL_CTX_get_client_CA_list.3.gz +OLD_FILES+=usr/share/openssl/man/man3/SSL_CTX_set_client_CA_list.3.gz +OLD_FILES+=usr/share/openssl/man/man3/SSL_add_client_CA.3.gz +OLD_FILES+=usr/share/openssl/man/man3/SSL_get_client_CA_list.3.gz +OLD_FILES+=usr/share/openssl/man/man3/SSL_get_server_tmp_key.3.gz +OLD_FILES+=usr/share/openssl/man/man3/SSL_set_client_CA_list.3.gz # 20181030: malloc_domain(9) KPI change OLD_FILES+=share/man/man9/malloc_domain.9.gz # 20181025: OpenSSL libraries version bump to avoid conflict with ports Modified: releng/12.0/crypto/openssl/CHANGES ============================================================================== --- releng/12.0/crypto/openssl/CHANGES Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/CHANGES Tue Nov 20 23:07:45 2018 (r340711) @@ -7,6 +7,42 @@ https://github.com/openssl/openssl/commits/ and pick the appropriate release branch. + Changes between 1.1.1 and 1.1.1a [20 Nov 2018] + + *) Timing vulnerability in DSA signature generation + + The OpenSSL DSA signature algorithm has been shown to be vulnerable to a + timing side channel attack. An attacker could use variations in the signing + algorithm to recover the private key. + + This issue was reported to OpenSSL on 16th October 2018 by Samuel Weiser. + (CVE-2018-0734) + [Paul Dale] + + *) Timing vulnerability in ECDSA signature generation + + The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a + timing side channel attack. An attacker could use variations in the signing + algorithm to recover the private key. + + This issue was reported to OpenSSL on 25th October 2018 by Samuel Weiser. + (CVE-2018-0735) + [Paul Dale] + + *) Added EVP_PKEY_ECDH_KDF_X9_63 and ecdh_KDF_X9_63() as replacements for + the EVP_PKEY_ECDH_KDF_X9_62 KDF type and ECDH_KDF_X9_62(). The old names + are retained for backwards compatibility. + [Antoine Salon] + + *) Fixed the issue that RAND_add()/RAND_seed() silently discards random input + if its length exceeds 4096 bytes. The limit has been raised to a buffer size + of two gigabytes and the error handling improved. + + This issue was reported to OpenSSL by Dr. Falko Strenzke. It has been + categorized as a normal bug, not a security issue, because the DRBG reseeds + automatically and is fully functional even without additional randomness + provided by the application. + Changes between 1.1.0i and 1.1.1 [11 Sep 2018] *) Add a new ClientHello callback. Provides a callback interface that gives @@ -13103,4 +13139,3 @@ des-cbc 3624.96k 5258.21k 5530.91k *) A minor bug in ssl/s3_clnt.c where there would always be 4 0 bytes sent in the client random. [Edward Bishop ] - Modified: releng/12.0/crypto/openssl/Configure ============================================================================== --- releng/12.0/crypto/openssl/Configure Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/Configure Tue Nov 20 23:07:45 2018 (r340711) @@ -1013,13 +1013,18 @@ if (scalar(@seed_sources) == 0) { if (scalar(grep { $_ eq 'none' } @seed_sources) > 0) { die "Cannot seed with none and anything else" if scalar(@seed_sources) > 1; warn <<_____ if scalar(@seed_sources) == 1; -You have selected the --with-rand-seed=none option, which effectively disables -automatic reseeding of the OpenSSL random generator. All operations depending -on the random generator such as creating keys will not work unless the random -generator is seeded manually by the application. -Please read the 'Note on random number generation' section in the INSTALL -instructions and the RAND_DRBG(7) manual page for more details. +============================== WARNING =============================== +You have selected the --with-rand-seed=none option, which effectively +disables automatic reseeding of the OpenSSL random generator. +All operations depending on the random generator such as creating keys +will not work unless the random generator is seeded manually by the +application. + +Please read the 'Note on random number generation' section in the +INSTALL instructions and the RAND_DRBG(7) manual page for more details. +============================== WARNING =============================== + _____ } push @{$config{openssl_other_defines}}, @@ -2174,6 +2179,16 @@ EOF # Massage the result + # If the user configured no-shared, we allow no shared sources + if ($disabled{shared}) { + foreach (keys %{$unified_info{shared_sources}}) { + foreach (keys %{$unified_info{shared_sources}->{$_}}) { + delete $unified_info{sources}->{$_}; + } + } + $unified_info{shared_sources} = {}; + } + # If we depend on a header file or a perl module, add an inclusion of # its directory to allow smoothe inclusion foreach my $dest (keys %{$unified_info{depends}}) { @@ -2198,8 +2213,8 @@ EOF next unless defined($unified_info{includes}->{$dest}->{$k}); my @incs = reverse @{$unified_info{includes}->{$dest}->{$k}}; foreach my $obj (grep /\.o$/, - (keys %{$unified_info{sources}->{$dest}}, - keys %{$unified_info{shared_sources}->{$dest}})) { + (keys %{$unified_info{sources}->{$dest} // {}}, + keys %{$unified_info{shared_sources}->{$dest} // {}})) { foreach my $inc (@incs) { unshift @{$unified_info{includes}->{$obj}->{$k}}, $inc unless grep { $_ eq $inc } @{$unified_info{includes}->{$obj}->{$k}}; @@ -2238,6 +2253,42 @@ EOF [ @{$unified_info{includes}->{$dest}->{source}} ]; } } + + # For convenience collect information regarding directories where + # files are generated, those generated files and the end product + # they end up in where applicable. Then, add build rules for those + # directories + my %loopinfo = ( "lib" => [ @{$unified_info{libraries}} ], + "dso" => [ @{$unified_info{engines}} ], + "bin" => [ @{$unified_info{programs}} ], + "script" => [ @{$unified_info{scripts}} ] ); + foreach my $type (keys %loopinfo) { + foreach my $product (@{$loopinfo{$type}}) { + my %dirs = (); + my $pd = dirname($product); + + foreach (@{$unified_info{sources}->{$product} // []}, + @{$unified_info{shared_sources}->{$product} // []}) { + my $d = dirname($_); + + # We don't want to create targets for source directories + # when building out of source + next if ($config{sourcedir} ne $config{builddir} + && $d =~ m|^\Q$config{sourcedir}\E|); + # We already have a "test" target, and the current directory + # is just silly to make a target for + next if $d eq "test" || $d eq "."; + + $dirs{$d} = 1; + push @{$unified_info{dirinfo}->{$d}->{deps}}, $_ + if $d ne $pd; + } + foreach (keys %dirs) { + push @{$unified_info{dirinfo}->{$_}->{products}->{$type}}, + $product; + } + } + } } # For the schemes that need it, we provide the old *_obj configs @@ -2712,10 +2763,16 @@ print <<"EOF"; ********************************************************************** *** *** -*** If you want to report a building issue, please include the *** -*** output from this command: *** +*** OpenSSL has been successfully configured *** *** *** -*** perl configdata.pm --dump *** +*** If you encounter a problem while building, please open an *** +*** issue on GitHub *** +*** and include the output from the following command: *** +*** *** +*** perl configdata.pm --dump *** +*** *** +*** (If you are new to OpenSSL, you might want to consult the *** +*** 'Troubleshooting' section in the INSTALL file first) *** *** *** ********************************************************************** EOF Modified: releng/12.0/crypto/openssl/INSTALL ============================================================================== --- releng/12.0/crypto/openssl/INSTALL Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/INSTALL Tue Nov 20 23:07:45 2018 (r340711) @@ -614,8 +614,8 @@ Windows, and as a comma separated list of libraries on VMS. RANLIB The library archive indexer. - RC The Windows resources manipulator. - RCFLAGS Flags for the Windows reources manipulator. + RC The Windows resource compiler. + RCFLAGS Flags for the Windows resource compiler. RM The command to remove files and directories. These cannot be mixed with compiling / linking flags given @@ -969,7 +969,7 @@ BUILDFILE Use a different build file name than the platform default - ("Makefile" on Unixly platforms, "makefile" on native Windows, + ("Makefile" on Unix-like platforms, "makefile" on native Windows, "descrip.mms" on OpenVMS). This requires that there is a corresponding build file template. See Configurations/README for further information. @@ -1171,7 +1171,7 @@ part of the file name, i.e. for OpenSSL 1.1.x, 1.1 is somehow part of the name. - On most POSIXly platforms, shared libraries are named libcrypto.so.1.1 + On most POSIX platforms, shared libraries are named libcrypto.so.1.1 and libssl.so.1.1. on Cygwin, shared libraries are named cygcrypto-1.1.dll and cygssl-1.1.dll @@ -1202,7 +1202,7 @@ The seeding method can be configured using the --with-rand-seed option, which can be used to specify a comma separated list of seed methods. However in most cases OpenSSL will choose a suitable default method, - so it is not necessary to explicitely provide this option. Note also + so it is not necessary to explicitly provide this option. Note also that not all methods are available on all platforms. I) On operating systems which provide a suitable randomness source (in Modified: releng/12.0/crypto/openssl/NEWS ============================================================================== --- releng/12.0/crypto/openssl/NEWS Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/NEWS Tue Nov 20 23:07:45 2018 (r340711) @@ -5,6 +5,11 @@ This file gives a brief overview of the major changes between each OpenSSL release. For more details please read the CHANGES file. + Major changes between OpenSSL 1.1.1 and OpenSSL 1.1.1a [20 Nov 2018] + + o Timing vulnerability in DSA signature generation (CVE-2018-0734) + o Timing vulnerability in ECDSA signature generation (CVE-2018-0735) + Major changes between OpenSSL 1.1.0i and OpenSSL 1.1.1 [11 Sep 2018] o Support for TLSv1.3 added (see https://wiki.openssl.org/index.php/TLS1.3 Modified: releng/12.0/crypto/openssl/README ============================================================================== --- releng/12.0/crypto/openssl/README Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/README Tue Nov 20 23:07:45 2018 (r340711) @@ -1,5 +1,5 @@ - OpenSSL 1.1.1 11 Sep 2018 + OpenSSL 1.1.1a 20 Nov 2018 Copyright (c) 1998-2018 The OpenSSL Project Copyright (c) 1995-1998 Eric A. Young, Tim J. Hudson Modified: releng/12.0/crypto/openssl/apps/app_rand.c ============================================================================== --- releng/12.0/crypto/openssl/apps/app_rand.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/app_rand.c Tue Nov 20 23:07:45 2018 (r340711) @@ -1,5 +1,5 @@ /* - * Copyright 1995-2017 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -26,7 +26,6 @@ void app_RAND_load_conf(CONF *c, const char *section) if (RAND_load_file(randfile, -1) < 0) { BIO_printf(bio_err, "Can't load %s into RNG\n", randfile); ERR_print_errors(bio_err); - return; } if (save_rand_file == NULL) save_rand_file = OPENSSL_strdup(randfile); Modified: releng/12.0/crypto/openssl/apps/apps.c ============================================================================== --- releng/12.0/crypto/openssl/apps/apps.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/apps.c Tue Nov 20 23:07:45 2018 (r340711) @@ -1831,6 +1831,12 @@ X509_NAME *parse_name(const char *cp, long chtype, int opt_getprog(), typestr); continue; } + if (*valstr == '\0') { + BIO_printf(bio_err, + "%s: No value provided for Subject Attribute %s, skipped\n", + opt_getprog(), typestr); + continue; + } if (!X509_NAME_add_entry_by_NID(n, nid, chtype, valstr, strlen((char *)valstr), -1, ismulti ? -1 : 0)) Modified: releng/12.0/crypto/openssl/apps/apps.h ============================================================================== --- releng/12.0/crypto/openssl/apps/apps.h Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/apps.h Tue Nov 20 23:07:45 2018 (r340711) @@ -369,7 +369,7 @@ typedef struct string_int_pair_st { # define OPT_FMT_SMIME (1L << 3) # define OPT_FMT_ENGINE (1L << 4) # define OPT_FMT_MSBLOB (1L << 5) -# define OPT_FMT_NETSCAPE (1L << 6) +/* (1L << 6) was OPT_FMT_NETSCAPE, but wasn't used */ # define OPT_FMT_NSS (1L << 7) # define OPT_FMT_TEXT (1L << 8) # define OPT_FMT_HTTP (1L << 9) @@ -378,8 +378,8 @@ typedef struct string_int_pair_st { # define OPT_FMT_PDS (OPT_FMT_PEMDER | OPT_FMT_SMIME) # define OPT_FMT_ANY ( \ OPT_FMT_PEMDER | OPT_FMT_PKCS12 | OPT_FMT_SMIME | \ - OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NETSCAPE | \ - OPT_FMT_NSS | OPT_FMT_TEXT | OPT_FMT_HTTP | OPT_FMT_PVK) + OPT_FMT_ENGINE | OPT_FMT_MSBLOB | OPT_FMT_NSS | \ + OPT_FMT_TEXT | OPT_FMT_HTTP | OPT_FMT_PVK) char *opt_progname(const char *argv0); char *opt_getprog(void); Modified: releng/12.0/crypto/openssl/apps/ca.c ============================================================================== --- releng/12.0/crypto/openssl/apps/ca.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/ca.c Tue Nov 20 23:07:45 2018 (r340711) @@ -605,7 +605,7 @@ end_of_options: /* * outdir is a directory spec, but access() for VMS demands a * filename. We could use the DEC C routine to convert the - * directory syntax to Unixly, and give that to app_isdir, + * directory syntax to Unix, and give that to app_isdir, * but for now the fopen will catch the error if it's not a * directory */ @@ -976,7 +976,7 @@ end_of_options: BIO_printf(bio_err, "Write out database with %d new entries\n", sk_X509_num(cert_sk)); - if (!rand_ser + if (serialfile != NULL && !save_serial(serialfile, "new", serial, NULL)) goto end; @@ -1044,7 +1044,8 @@ end_of_options: if (sk_X509_num(cert_sk)) { /* Rename the database and the serial file */ - if (!rotate_serial(serialfile, "new", "old")) + if (serialfile != NULL + && !rotate_serial(serialfile, "new", "old")) goto end; if (!rotate_index(dbfile, "new", "old")) @@ -1177,10 +1178,9 @@ end_of_options: } /* we have a CRL number that need updating */ - if (crlnumberfile != NULL) - if (!rand_ser - && !save_serial(crlnumberfile, "new", crlnumber, NULL)) - goto end; + if (crlnumberfile != NULL + && !save_serial(crlnumberfile, "new", crlnumber, NULL)) + goto end; BN_free(crlnumber); crlnumber = NULL; @@ -1195,9 +1195,10 @@ end_of_options: PEM_write_bio_X509_CRL(Sout, crl); - if (crlnumberfile != NULL) /* Rename the crlnumber file */ - if (!rotate_serial(crlnumberfile, "new", "old")) - goto end; + /* Rename the crlnumber file */ + if (crlnumberfile != NULL + && !rotate_serial(crlnumberfile, "new", "old")) + goto end; } /*****************************************************************/ Modified: releng/12.0/crypto/openssl/apps/ocsp.c ============================================================================== --- releng/12.0/crypto/openssl/apps/ocsp.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/ocsp.c Tue Nov 20 23:07:45 2018 (r340711) @@ -950,6 +950,7 @@ static void spawn_loop(void) sleep(30); break; case 0: /* child */ + OPENSSL_free(kidpids); signal(SIGINT, SIG_DFL); signal(SIGTERM, SIG_DFL); if (termsig) @@ -976,6 +977,7 @@ static void spawn_loop(void) } /* The loop above can only break on termsig */ + OPENSSL_free(kidpids); syslog(LOG_INFO, "terminating on signal: %d", termsig); killall(0, kidpids); } Modified: releng/12.0/crypto/openssl/apps/openssl.cnf ============================================================================== --- releng/12.0/crypto/openssl/apps/openssl.cnf Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/openssl.cnf Tue Nov 20 23:07:45 2018 (r340711) @@ -11,7 +11,6 @@ # This definition stops the following lines choking if HOME isn't # defined. HOME = . -RANDFILE = $ENV::HOME/.rnd # Extra OBJECT IDENTIFIER info: #oid_file = $ENV::HOME/.oid @@ -58,7 +57,6 @@ crlnumber = $dir/crlnumber # the current crl number # must be commented out to leave a V1 CRL crl = $dir/crl.pem # The current CRL private_key = $dir/private/cakey.pem# The private key -RANDFILE = $dir/private/.rand # private random number file x509_extensions = usr_cert # The extensions to add to the cert Modified: releng/12.0/crypto/openssl/apps/opt.c ============================================================================== --- releng/12.0/crypto/openssl/apps/opt.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/opt.c Tue Nov 20 23:07:45 2018 (r340711) @@ -168,7 +168,6 @@ static OPT_PAIR formats[] = { {"smime", OPT_FMT_SMIME}, {"engine", OPT_FMT_ENGINE}, {"msblob", OPT_FMT_MSBLOB}, - {"netscape", OPT_FMT_NETSCAPE}, {"nss", OPT_FMT_NSS}, {"text", OPT_FMT_TEXT}, {"http", OPT_FMT_HTTP}, Modified: releng/12.0/crypto/openssl/apps/rehash.c ============================================================================== --- releng/12.0/crypto/openssl/apps/rehash.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/rehash.c Tue Nov 20 23:07:45 2018 (r340711) @@ -1,6 +1,6 @@ /* * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. - * Copyright (c) 2013-2014 Timo Teräs + * Copyright (c) 2013-2014 Timo Teräs * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy Modified: releng/12.0/crypto/openssl/apps/rsa.c ============================================================================== --- releng/12.0/crypto/openssl/apps/rsa.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/rsa.c Tue Nov 20 23:07:45 2018 (r340711) @@ -38,8 +38,8 @@ typedef enum OPTION_choice { const OPTIONS rsa_options[] = { {"help", OPT_HELP, '-', "Display this summary"}, - {"inform", OPT_INFORM, 'f', "Input format, one of DER NET PEM"}, - {"outform", OPT_OUTFORM, 'f', "Output format, one of DER NET PEM PVK"}, + {"inform", OPT_INFORM, 'f', "Input format, one of DER PEM"}, + {"outform", OPT_OUTFORM, 'f', "Output format, one of DER PEM PVK"}, {"in", OPT_IN, 's', "Input file"}, {"out", OPT_OUT, '>', "Output file"}, {"pubin", OPT_PUBIN, '-', "Expect a public key in input file"}, @@ -269,6 +269,9 @@ int rsa_main(int argc, char **argv) } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { EVP_PKEY *pk; pk = EVP_PKEY_new(); + if (pk == NULL) + goto end; + EVP_PKEY_set1_RSA(pk, rsa); if (outformat == FORMAT_PVK) { if (pubin) { Modified: releng/12.0/crypto/openssl/apps/s_cb.c ============================================================================== --- releng/12.0/crypto/openssl/apps/s_cb.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/s_cb.c Tue Nov 20 23:07:45 2018 (r340711) @@ -394,7 +394,8 @@ int ssl_print_groups(BIO *out, SSL *s, int noshared) int ssl_print_tmp_key(BIO *out, SSL *s) { EVP_PKEY *key; - if (!SSL_get_server_tmp_key(s, &key)) + + if (!SSL_get_peer_tmp_key(s, &key)) return 1; BIO_puts(out, "Server Temp Key: "); switch (EVP_PKEY_id(key)) { Modified: releng/12.0/crypto/openssl/apps/s_server.c ============================================================================== --- releng/12.0/crypto/openssl/apps/s_server.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/s_server.c Tue Nov 20 23:07:45 2018 (r340711) @@ -193,9 +193,8 @@ static int psk_find_session_cb(SSL *ssl, const unsigne if (strlen(psk_identity) != identity_len || memcmp(psk_identity, identity, identity_len) != 0) { - BIO_printf(bio_s_out, - "PSK warning: client identity not what we expected" - " (got '%s' expected '%s')\n", identity, psk_identity); + *sess = NULL; + return 1; } if (psksess != NULL) { @@ -1622,6 +1621,11 @@ int s_server_main(int argc, char *argv[]) goto end; } #endif + if (early_data && (www > 0 || rev)) { + BIO_printf(bio_err, + "Can't use -early_data in combination with -www, -WWW, -HTTP, or -rev\n"); + goto end; + } #ifndef OPENSSL_NO_SCTP if (protocol == IPPROTO_SCTP) { Modified: releng/12.0/crypto/openssl/apps/speed.c ============================================================================== --- releng/12.0/crypto/openssl/apps/speed.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/speed.c Tue Nov 20 23:07:45 2018 (r340711) @@ -2896,7 +2896,7 @@ int speed_main(int argc, char **argv) if (rsa_count <= 1) { /* if longer than 10s, don't do any more */ - for (testnum++; testnum < EC_NUM; testnum++) + for (testnum++; testnum < ECDSA_NUM; testnum++) ecdsa_doit[testnum] = 0; } } Modified: releng/12.0/crypto/openssl/apps/x509.c ============================================================================== --- releng/12.0/crypto/openssl/apps/x509.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/apps/x509.c Tue Nov 20 23:07:45 2018 (r340711) @@ -67,10 +67,10 @@ typedef enum OPTION_choice { const OPTIONS x509_options[] = { {"help", OPT_HELP, '-', "Display this summary"}, {"inform", OPT_INFORM, 'f', - "Input format - default PEM (one of DER, NET or PEM)"}, + "Input format - default PEM (one of DER or PEM)"}, {"in", OPT_IN, '<', "Input file - default stdin"}, {"outform", OPT_OUTFORM, 'f', - "Output format - default PEM (one of DER, NET or PEM)"}, + "Output format - default PEM (one of DER or PEM)"}, {"out", OPT_OUT, '>', "Output file - default stdout"}, {"keyform", OPT_KEYFORM, 'F', "Private key format - default PEM"}, {"passin", OPT_PASSIN, 's', "Private key password/pass-phrase source"}, Modified: releng/12.0/crypto/openssl/crypto/LPdir_unix.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/LPdir_unix.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/LPdir_unix.c Tue Nov 20 23:07:45 2018 (r340711) @@ -51,7 +51,7 @@ #endif /* - * The POSIXly macro for the maximum number of characters in a file path is + * The POSIX macro for the maximum number of characters in a file path is * NAME_MAX. However, some operating systems use PATH_MAX instead. * Therefore, it seems natural to first check for PATH_MAX and use that, and * if it doesn't exist, use NAME_MAX. Modified: releng/12.0/crypto/openssl/crypto/async/arch/async_posix.h ============================================================================== --- releng/12.0/crypto/openssl/crypto/async/arch/async_posix.h Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/async/arch/async_posix.h Tue Nov 20 23:07:45 2018 (r340711) @@ -17,7 +17,8 @@ # include -# if _POSIX_VERSION >= 200112L +# if _POSIX_VERSION >= 200112L \ + && (_POSIX_VERSION < 200809L || defined(__GLIBC__)) # include Modified: releng/12.0/crypto/openssl/crypto/bio/b_sock2.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/bio/b_sock2.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/bio/b_sock2.c Tue Nov 20 23:07:45 2018 (r340711) @@ -133,7 +133,9 @@ int BIO_connect(int sock, const BIO_ADDR *addr, int op */ int BIO_bind(int sock, const BIO_ADDR *addr, int options) { +# ifndef OPENSSL_SYS_WINDOWS int on = 1; +# endif if (sock == -1) { BIOerr(BIO_F_BIO_BIND, BIO_R_INVALID_SOCKET); Modified: releng/12.0/crypto/openssl/crypto/bio/bio_lib.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/bio/bio_lib.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/bio/bio_lib.c Tue Nov 20 23:07:45 2018 (r340711) @@ -52,7 +52,7 @@ static long bio_call_callback(BIO *b, int oper, const argi = (int)len; } - if (inret && (oper & BIO_CB_RETURN) && bareoper != BIO_CB_CTRL) { + if (inret > 0 && (oper & BIO_CB_RETURN) && bareoper != BIO_CB_CTRL) { if (*processed > INT_MAX) return -1; inret = *processed; @@ -60,7 +60,7 @@ static long bio_call_callback(BIO *b, int oper, const ret = b->callback(b, oper, argp, argi, argl, inret); - if (ret >= 0 && (oper & BIO_CB_RETURN) && bareoper != BIO_CB_CTRL) { + if (ret > 0 && (oper & BIO_CB_RETURN) && bareoper != BIO_CB_CTRL) { *processed = (size_t)ret; ret = 1; } Modified: releng/12.0/crypto/openssl/crypto/bio/bss_log.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/bio/bss_log.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/bio/bss_log.c Tue Nov 20 23:07:45 2018 (r340711) @@ -408,4 +408,9 @@ static void xcloselog(BIO *bp) # endif /* Unix */ +#else /* NO_SYSLOG */ +const BIO_METHOD *BIO_s_log(void) +{ + return NULL; +} #endif /* NO_SYSLOG */ Modified: releng/12.0/crypto/openssl/crypto/bn/asm/x86_64-gcc.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/bn/asm/x86_64-gcc.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/bn/asm/x86_64-gcc.c Tue Nov 20 23:07:45 2018 (r340711) @@ -1,5 +1,5 @@ /* - * Copyright 2002-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2002-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -63,12 +63,6 @@ * very much like 64-bit code compiled with no-asm on the same * machine. */ - -# if defined(_WIN64) || !defined(__LP64__) -# define BN_ULONG unsigned long long -# else -# define BN_ULONG unsigned long -# endif # undef mul # undef mul_add Modified: releng/12.0/crypto/openssl/crypto/bn/bn_exp.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/bn/bn_exp.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/bn/bn_exp.c Tue Nov 20 23:07:45 2018 (r340711) @@ -1077,7 +1077,7 @@ int BN_mod_exp_mont_consttime(BIGNUM *rr, const BIGNUM * is not only slower but also makes each bit vulnerable to * EM (and likely other) side-channel attacks like One&Done * (for details see "One&Done: A Single-Decryption EM-Based - * Attack on OpenSSL’s Constant-Time Blinded RSA" by M. Alam, + * Attack on OpenSSL's Constant-Time Blinded RSA" by M. Alam, * H. Khan, M. Dey, N. Sinha, R. Callan, A. Zajic, and * M. Prvulovic, in USENIX Security'18) */ Modified: releng/12.0/crypto/openssl/crypto/bn/bn_lib.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/bn/bn_lib.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/bn/bn_lib.c Tue Nov 20 23:07:45 2018 (r340711) @@ -767,26 +767,30 @@ void BN_consttime_swap(BN_ULONG condition, BIGNUM *a, b->neg ^= t; /*- - * Idea behind BN_FLG_STATIC_DATA is actually to - * indicate that data may not be written to. - * Intention is actually to treat it as it's - * read-only data, and some (if not most) of it does - * reside in read-only segment. In other words - * observation of BN_FLG_STATIC_DATA in - * BN_consttime_swap should be treated as fatal - * condition. It would either cause SEGV or - * effectively cause data corruption. - * BN_FLG_MALLOCED refers to BN structure itself, - * and hence must be preserved. Remaining flags are - * BN_FLG_CONSTIME and BN_FLG_SECURE. Latter must be - * preserved, because it determines how x->d was - * allocated and hence how to free it. This leaves - * BN_FLG_CONSTTIME that one can do something about. - * To summarize it's sufficient to mask and swap - * BN_FLG_CONSTTIME alone. BN_FLG_STATIC_DATA should - * be treated as fatal. + * BN_FLG_STATIC_DATA: indicates that data may not be written to. Intention + * is actually to treat it as it's read-only data, and some (if not most) + * of it does reside in read-only segment. In other words observation of + * BN_FLG_STATIC_DATA in BN_consttime_swap should be treated as fatal + * condition. It would either cause SEGV or effectively cause data + * corruption. + * + * BN_FLG_MALLOCED: refers to BN structure itself, and hence must be + * preserved. + * + * BN_FLG_SECURE: must be preserved, because it determines how x->d was + * allocated and hence how to free it. + * + * BN_FLG_CONSTTIME: sufficient to mask and swap + * + * BN_FLG_FIXED_TOP: indicates that we haven't called bn_correct_top() on + * the data, so the d array may be padded with additional 0 values (i.e. + * top could be greater than the minimal value that it could be). We should + * be swapping it */ - t = ((a->flags ^ b->flags) & BN_FLG_CONSTTIME) & condition; + +#define BN_CONSTTIME_SWAP_FLAGS (BN_FLG_CONSTTIME | BN_FLG_FIXED_TOP) + + t = ((a->flags ^ b->flags) & BN_CONSTTIME_SWAP_FLAGS) & condition; a->flags ^= t; b->flags ^= t; Modified: releng/12.0/crypto/openssl/crypto/build.info ============================================================================== --- releng/12.0/crypto/openssl/crypto/build.info Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/build.info Tue Nov 20 23:07:45 2018 (r340711) @@ -2,7 +2,7 @@ LIBS=../libcrypto SOURCE[../libcrypto]=\ cryptlib.c mem.c mem_dbg.c cversion.c ex_data.c cpt_err.c \ ebcdic.c uid.c o_time.c o_str.c o_dir.c o_fopen.c ctype.c \ - threads_pthread.c threads_win.c threads_none.c \ + threads_pthread.c threads_win.c threads_none.c getenv.c \ o_init.c o_fips.c mem_sec.c init.c {- $target{cpuid_asm_src} -} \ {- $target{uplink_aux_src} -} EXTRA= ../ms/uplink-x86.pl ../ms/uplink.c ../ms/applink.c \ Modified: releng/12.0/crypto/openssl/crypto/conf/conf_api.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/conf/conf_api.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/conf/conf_api.c Tue Nov 20 23:07:45 2018 (r340711) @@ -10,6 +10,7 @@ /* Part of the code in here was originally in conf.c, which is now removed */ #include "e_os.h" +#include "internal/cryptlib.h" #include #include #include @@ -82,7 +83,7 @@ char *_CONF_get_string(const CONF *conf, const char *s if (v != NULL) return v->value; if (strcmp(section, "ENV") == 0) { - p = getenv(name); + p = ossl_safe_getenv(name); if (p != NULL) return p; } @@ -95,7 +96,7 @@ char *_CONF_get_string(const CONF *conf, const char *s else return NULL; } else - return getenv(name); + return ossl_safe_getenv(name); } static unsigned long conf_value_hash(const CONF_VALUE *v) Modified: releng/12.0/crypto/openssl/crypto/conf/conf_mod.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/conf/conf_mod.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/conf/conf_mod.c Tue Nov 20 23:07:45 2018 (r340711) @@ -480,11 +480,8 @@ char *CONF_get1_default_config_file(void) char *file, *sep = ""; int len; - if (!OPENSSL_issetugid()) { - file = getenv("OPENSSL_CONF"); - if (file) - return OPENSSL_strdup(file); - } + if ((file = ossl_safe_getenv("OPENSSL_CONF")) != NULL) + return OPENSSL_strdup(file); len = strlen(X509_get_default_cert_area()); #ifndef OPENSSL_SYS_VMS Modified: releng/12.0/crypto/openssl/crypto/cryptlib.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/cryptlib.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/cryptlib.c Tue Nov 20 23:07:45 2018 (r340711) @@ -204,7 +204,7 @@ int OPENSSL_isservice(void) if (_OPENSSL_isservice.p == NULL) { HANDLE mod = GetModuleHandle(NULL); - FARPROC f; + FARPROC f = NULL; if (mod != NULL) f = GetProcAddress(mod, "_OPENSSL_isservice"); Modified: releng/12.0/crypto/openssl/crypto/ct/ct_log.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/ct/ct_log.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/ct/ct_log.c Tue Nov 20 23:07:45 2018 (r340711) @@ -137,7 +137,7 @@ static int ctlog_new_from_conf(CTLOG **ct_log, const C int CTLOG_STORE_load_default_file(CTLOG_STORE *store) { - const char *fpath = getenv(CTLOG_FILE_EVP); + const char *fpath = ossl_safe_getenv(CTLOG_FILE_EVP); if (fpath == NULL) fpath = CTLOG_FILE; Modified: releng/12.0/crypto/openssl/crypto/dsa/dsa_gen.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/dsa/dsa_gen.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/dsa/dsa_gen.c Tue Nov 20 23:07:45 2018 (r340711) @@ -327,6 +327,12 @@ int dsa_builtin_paramgen2(DSA *ret, size_t L, size_t N if (mctx == NULL) goto err; + /* make sure L > N, otherwise we'll get trapped in an infinite loop */ + if (L <= N) { + DSAerr(DSA_F_DSA_BUILTIN_PARAMGEN2, DSA_R_INVALID_PARAMETERS); + goto err; + } + if (evpmd == NULL) { if (N == 160) evpmd = EVP_sha1(); Modified: releng/12.0/crypto/openssl/crypto/dsa/dsa_ossl.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/dsa/dsa_ossl.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/dsa/dsa_ossl.c Tue Nov 20 23:07:45 2018 (r340711) @@ -9,6 +9,7 @@ #include #include "internal/cryptlib.h" +#include "internal/bn_int.h" #include #include #include "dsa_locl.h" @@ -23,6 +24,8 @@ static int dsa_do_verify(const unsigned char *dgst, in DSA_SIG *sig, DSA *dsa); static int dsa_init(DSA *dsa); static int dsa_finish(DSA *dsa); +static BIGNUM *dsa_mod_inverse_fermat(const BIGNUM *k, const BIGNUM *q, + BN_CTX *ctx); static DSA_METHOD openssl_dsa_meth = { "OpenSSL DSA method", @@ -178,9 +181,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, { BN_CTX *ctx = NULL; BIGNUM *k, *kinv = NULL, *r = *rp; - BIGNUM *l, *m; + BIGNUM *l; int ret = 0; - int q_bits; + int q_bits, q_words; if (!dsa->p || !dsa->q || !dsa->g) { DSAerr(DSA_F_DSA_SIGN_SETUP, DSA_R_MISSING_PARAMETERS); @@ -189,8 +192,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, k = BN_new(); l = BN_new(); - m = BN_new(); - if (k == NULL || l == NULL || m == NULL) + if (k == NULL || l == NULL) goto err; if (ctx_in == NULL) { @@ -201,9 +203,9 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, /* Preallocate space */ q_bits = BN_num_bits(dsa->q); - if (!BN_set_bit(k, q_bits) - || !BN_set_bit(l, q_bits) - || !BN_set_bit(m, q_bits)) + q_words = bn_get_top(dsa->q); + if (!bn_wexpand(k, q_words + 2) + || !bn_wexpand(l, q_words + 2)) goto err; /* Get random k */ @@ -221,6 +223,7 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, } while (BN_is_zero(k)); BN_set_flags(k, BN_FLG_CONSTTIME); + BN_set_flags(l, BN_FLG_CONSTTIME); if (dsa->flags & DSA_FLAG_CACHE_MONT_P) { if (!BN_MONT_CTX_set_locked(&dsa->method_mont_p, @@ -238,14 +241,17 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, * small timing information leakage. We then choose the sum that is * one bit longer than the modulus. * - * TODO: revisit the BN_copy aiming for a memory access agnostic - * conditional copy. + * There are some concerns about the efficacy of doing this. More + * specificly refer to the discussion starting with: + * https://github.com/openssl/openssl/pull/7486#discussion_r228323705 + * The fix is to rework BN so these gymnastics aren't required. */ if (!BN_add(l, k, dsa->q) - || !BN_add(m, l, dsa->q) - || !BN_copy(k, BN_num_bits(l) > q_bits ? l : m)) + || !BN_add(k, l, dsa->q)) goto err; + BN_consttime_swap(BN_is_bit_set(l, q_bits), k, l, q_words + 2); + if ((dsa)->meth->bn_mod_exp != NULL) { if (!dsa->meth->bn_mod_exp(dsa, r, dsa->g, k, dsa->p, ctx, dsa->method_mont_p)) @@ -258,8 +264,8 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, if (!BN_mod(r, r, dsa->q, ctx)) goto err; - /* Compute part of 's = inv(k) (m + xr) mod q' */ - if ((kinv = BN_mod_inverse(NULL, k, dsa->q, ctx)) == NULL) + /* Compute part of 's = inv(k) (m + xr) mod q' */ + if ((kinv = dsa_mod_inverse_fermat(k, dsa->q, ctx)) == NULL) goto err; BN_clear_free(*kinvp); @@ -273,7 +279,6 @@ static int dsa_sign_setup(DSA *dsa, BN_CTX *ctx_in, BN_CTX_free(ctx); BN_clear_free(k); BN_clear_free(l); - BN_clear_free(m); return ret; } @@ -392,4 +397,32 @@ static int dsa_finish(DSA *dsa) { BN_MONT_CTX_free(dsa->method_mont_p); return 1; +} + +/* + * Compute the inverse of k modulo q. + * Since q is prime, Fermat's Little Theorem applies, which reduces this to + * mod-exp operation. Both the exponent and modulus are public information + * so a mod-exp that doesn't leak the base is sufficient. A newly allocated + * BIGNUM is returned which the caller must free. + */ +static BIGNUM *dsa_mod_inverse_fermat(const BIGNUM *k, const BIGNUM *q, + BN_CTX *ctx) +{ + BIGNUM *res = NULL; + BIGNUM *r, *e; + + if ((r = BN_new()) == NULL) + return NULL; + + BN_CTX_start(ctx); + if ((e = BN_CTX_get(ctx)) != NULL + && BN_set_word(r, 2) + && BN_sub(e, q, r) + && BN_mod_exp_mont(r, k, e, q, ctx, NULL)) + res = r; + else + BN_free(r); + BN_CTX_end(ctx); + return res; } Modified: releng/12.0/crypto/openssl/crypto/ec/ec_ameth.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/ec/ec_ameth.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/ec/ec_ameth.c Tue Nov 20 23:07:45 2018 (r340711) @@ -699,7 +699,7 @@ static int ecdh_cms_set_kdf_param(EVP_PKEY_CTX *pctx, if (EVP_PKEY_CTX_set_ecdh_cofactor_mode(pctx, cofactor) <= 0) return 0; - if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_62) <= 0) + if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, EVP_PKEY_ECDH_KDF_X9_63) <= 0) return 0; kdf_md = EVP_get_digestbynid(kdfmd_nid); @@ -864,7 +864,7 @@ static int ecdh_cms_encrypt(CMS_RecipientInfo *ri) ecdh_nid = NID_dh_cofactor_kdf; if (kdf_type == EVP_PKEY_ECDH_KDF_NONE) { - kdf_type = EVP_PKEY_ECDH_KDF_X9_62; + kdf_type = EVP_PKEY_ECDH_KDF_X9_63; if (EVP_PKEY_CTX_set_ecdh_kdf_type(pctx, kdf_type) <= 0) goto err; } else Modified: releng/12.0/crypto/openssl/crypto/ec/ec_mult.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/ec/ec_mult.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/ec/ec_mult.c Tue Nov 20 23:07:45 2018 (r340711) @@ -206,8 +206,8 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POI */ cardinality_bits = BN_num_bits(cardinality); group_top = bn_get_top(cardinality); - if ((bn_wexpand(k, group_top + 1) == NULL) - || (bn_wexpand(lambda, group_top + 1) == NULL)) { + if ((bn_wexpand(k, group_top + 2) == NULL) + || (bn_wexpand(lambda, group_top + 2) == NULL)) { ECerr(EC_F_EC_SCALAR_MUL_LADDER, ERR_R_BN_LIB); goto err; } @@ -244,7 +244,7 @@ int ec_scalar_mul_ladder(const EC_GROUP *group, EC_POI * k := scalar + 2*cardinality */ kbit = BN_is_bit_set(lambda, cardinality_bits); - BN_consttime_swap(kbit, k, lambda, group_top + 1); + BN_consttime_swap(kbit, k, lambda, group_top + 2); group_top = bn_get_top(group->field); if ((bn_wexpand(s->X, group_top) == NULL) Modified: releng/12.0/crypto/openssl/crypto/ec/ec_pmeth.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/ec/ec_pmeth.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/ec/ec_pmeth.c Tue Nov 20 23:07:45 2018 (r340711) @@ -209,7 +209,7 @@ static int pkey_ec_kdf_derive(EVP_PKEY_CTX *ctx, if (!pkey_ec_derive(ctx, ktmp, &ktmplen)) goto err; /* Do KDF stuff */ - if (!ECDH_KDF_X9_62(key, *keylen, ktmp, ktmplen, + if (!ecdh_KDF_X9_63(key, *keylen, ktmp, ktmplen, dctx->kdf_ukm, dctx->kdf_ukmlen, dctx->kdf_md)) goto err; rv = 1; @@ -281,7 +281,7 @@ static int pkey_ec_ctrl(EVP_PKEY_CTX *ctx, int type, i case EVP_PKEY_CTRL_EC_KDF_TYPE: if (p1 == -2) return dctx->kdf_type; - if (p1 != EVP_PKEY_ECDH_KDF_NONE && p1 != EVP_PKEY_ECDH_KDF_X9_62) + if (p1 != EVP_PKEY_ECDH_KDF_NONE && p1 != EVP_PKEY_ECDH_KDF_X9_63) return -2; dctx->kdf_type = p1; return 1; Modified: releng/12.0/crypto/openssl/crypto/ec/ecdh_kdf.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/ec/ecdh_kdf.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/ec/ecdh_kdf.c Tue Nov 20 23:07:45 2018 (r340711) @@ -1,5 +1,5 @@ /* - * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 2015-2018 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the OpenSSL license (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -10,12 +10,13 @@ #include #include #include +#include "ec_lcl.h" -/* Key derivation function from X9.62/SECG */ +/* Key derivation function from X9.63/SECG */ /* Way more than we will ever need */ #define ECDH_KDF_MAX (1 << 30) -int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, +int ecdh_KDF_X9_63(unsigned char *out, size_t outlen, const unsigned char *Z, size_t Zlen, const unsigned char *sinfo, size_t sinfolen, const EVP_MD *md) @@ -65,4 +66,16 @@ int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, err: EVP_MD_CTX_free(mctx); return rv; +} + +/*- + * The old name for ecdh_KDF_X9_63 + * Retained for ABI compatibility + */ +int ECDH_KDF_X9_62(unsigned char *out, size_t outlen, + const unsigned char *Z, size_t Zlen, + const unsigned char *sinfo, size_t sinfolen, + const EVP_MD *md) +{ + return ecdh_KDF_X9_63(out, outlen, Z, Zlen, sinfo, sinfolen, md); } Modified: releng/12.0/crypto/openssl/crypto/engine/eng_devcrypto.c ============================================================================== --- releng/12.0/crypto/openssl/crypto/engine/eng_devcrypto.c Tue Nov 20 23:05:09 2018 (r340710) +++ releng/12.0/crypto/openssl/crypto/engine/eng_devcrypto.c Tue Nov 20 23:07:45 2018 (r340711) @@ -28,6 +28,13 @@ # define CHECK_BSD_STYLE_MACROS #endif +/* + * ONE global file descriptor for all sessions. This allows operations + * such as digest session data copying (see digest_copy()), but is also + * saner... why re-open /dev/crypto for every session? + */ +static int cfd; + *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-releng@freebsd.org Wed Nov 21 00:16:44 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4668E114360A; Wed, 21 Nov 2018 00:16:44 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DBD918B968; Wed, 21 Nov 2018 00:16:43 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B858618A7F; Wed, 21 Nov 2018 00:16:43 +0000 (UTC) (envelope-from jkim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAL0Ghks028665; Wed, 21 Nov 2018 00:16:43 GMT (envelope-from jkim@FreeBSD.org) Received: (from jkim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAL0GhHb028664; Wed, 21 Nov 2018 00:16:43 GMT (envelope-from jkim@FreeBSD.org) Message-Id: <201811210016.wAL0GhHb028664@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jkim set sender to jkim@FreeBSD.org using -f From: Jung-uk Kim Date: Wed, 21 Nov 2018 00:16:43 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340715 - releng/12.0 X-SVN-Group: releng X-SVN-Commit-Author: jkim X-SVN-Commit-Paths: releng/12.0 X-SVN-Commit-Revision: 340715 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: DBD918B968 X-Spamd-Result: default: False [0.39 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.27)[0.271,0]; NEURAL_HAM_LONG(-0.00)[-0.003,0]; NEURAL_SPAM_MEDIUM(0.13)[0.126,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 00:16:44 -0000 Author: jkim Date: Wed Nov 21 00:16:43 2018 New Revision: 340715 URL: https://svnweb.freebsd.org/changeset/base/340715 Log: MFC: r340714 Revert r340708. Some files became symlinks and vice versa. Approved by: re (gjb) Modified: releng/12.0/ObsoleteFiles.inc Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/ObsoleteFiles.inc ============================================================================== --- releng/12.0/ObsoleteFiles.inc Wed Nov 21 00:04:38 2018 (r340714) +++ releng/12.0/ObsoleteFiles.inc Wed Nov 21 00:16:43 2018 (r340715) @@ -38,14 +38,6 @@ # xargs -n1 | sort | uniq -d; # done -# 20181120: OpenSSL 1.1.1a -OLD_FILES+=usr/share/openssl/man/man3/SSL_CTX_add_client_CA.3.gz -OLD_FILES+=usr/share/openssl/man/man3/SSL_CTX_get_client_CA_list.3.gz -OLD_FILES+=usr/share/openssl/man/man3/SSL_CTX_set_client_CA_list.3.gz -OLD_FILES+=usr/share/openssl/man/man3/SSL_add_client_CA.3.gz -OLD_FILES+=usr/share/openssl/man/man3/SSL_get_client_CA_list.3.gz -OLD_FILES+=usr/share/openssl/man/man3/SSL_get_server_tmp_key.3.gz -OLD_FILES+=usr/share/openssl/man/man3/SSL_set_client_CA_list.3.gz # 20181030: malloc_domain(9) KPI change OLD_FILES+=share/man/man9/malloc_domain.9.gz # 20181025: OpenSSL libraries version bump to avoid conflict with ports From owner-svn-src-releng@freebsd.org Wed Nov 21 03:22:38 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0A3C9110214D; Wed, 21 Nov 2018 03:22:38 +0000 (UTC) (envelope-from mjg@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B0C3A6BE2C; Wed, 21 Nov 2018 03:22:37 +0000 (UTC) (envelope-from mjg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 91AF81AA20; Wed, 21 Nov 2018 03:22:37 +0000 (UTC) (envelope-from mjg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAL3MbKg026627; Wed, 21 Nov 2018 03:22:37 GMT (envelope-from mjg@FreeBSD.org) Received: (from mjg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAL3Mbor026624; Wed, 21 Nov 2018 03:22:37 GMT (envelope-from mjg@FreeBSD.org) Message-Id: <201811210322.wAL3Mbor026624@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: mjg set sender to mjg@FreeBSD.org using -f From: Mateusz Guzik Date: Wed, 21 Nov 2018 03:22:37 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340719 - in releng/12.0: lib/libpmc lib/libpmc/pmu-events lib/libpmc/pmu-events/arch/x86/amdfam17h sys/dev/hwpmc X-SVN-Group: releng X-SVN-Commit-Author: mjg X-SVN-Commit-Paths: in releng/12.0: lib/libpmc lib/libpmc/pmu-events lib/libpmc/pmu-events/arch/x86/amdfam17h sys/dev/hwpmc X-SVN-Commit-Revision: 340719 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: B0C3A6BE2C X-Spamd-Result: default: False [0.57 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.36)[0.362,0]; NEURAL_SPAM_MEDIUM(0.19)[0.194,0]; NEURAL_SPAM_LONG(0.01)[0.012,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 03:22:38 -0000 Author: mjg Date: Wed Nov 21 03:22:37 2018 New Revision: 340719 URL: https://svnweb.freebsd.org/changeset/base/340719 Log: MFC r340108 and r340149 hwpmc: limit wait for user callchain collection to 1 tick Add aditional counter descriptions to AMD 0x17 Approved by: re (rgrimes) Added: releng/12.0/lib/libpmc/pmu-events/arch/x86/amdfam17h/data-fabric.json - copied unchanged from r340718, stable/12/lib/libpmc/pmu-events/arch/x86/amdfam17h/data-fabric.json releng/12.0/lib/libpmc/pmu-events/arch/x86/amdfam17h/l3cache.json - copied unchanged from r340718, stable/12/lib/libpmc/pmu-events/arch/x86/amdfam17h/l3cache.json Modified: releng/12.0/lib/libpmc/libpmc_pmu_util.c releng/12.0/lib/libpmc/pmu-events/jevents.c releng/12.0/sys/dev/hwpmc/hwpmc_amd.c releng/12.0/sys/dev/hwpmc/hwpmc_amd.h releng/12.0/sys/dev/hwpmc/hwpmc_mod.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/lib/libpmc/libpmc_pmu_util.c ============================================================================== --- releng/12.0/lib/libpmc/libpmc_pmu_util.c Wed Nov 21 01:24:27 2018 (r340718) +++ releng/12.0/lib/libpmc/libpmc_pmu_util.c Wed Nov 21 03:22:37 2018 (r340719) @@ -146,6 +146,8 @@ pmu_alias_get(const char *name) struct pmu_event_desc { uint64_t ped_period; uint64_t ped_offcore_rsp; + uint64_t ped_l3_thread; + uint64_t ped_l3_slice; uint32_t ped_event; uint32_t ped_frontend; uint32_t ped_ldlat; @@ -270,6 +272,10 @@ pmu_parse_event(struct pmu_event_desc *ped, const char ped->ped_ch_mask = strtol(value, NULL, 16); else if (strcmp(key, "config1") == 0) ped->ped_config1 = strtol(value, NULL, 16); + else if (strcmp(key, "l3_thread_mask") == 0) + ped->ped_l3_thread = strtol(value, NULL, 16); + else if (strcmp(key, "l3_slice_mask") == 0) + ped->ped_l3_slice = strtol(value, NULL, 16); else { debug = getenv("PMUDEBUG"); if (debug != NULL && strcmp(debug, "true") == 0 && value != NULL) @@ -407,33 +413,50 @@ pmc_pmu_print_counter_full(const char *ev) } static int -pmc_pmu_amd_pmcallocate(const char *event_name __unused, struct pmc_op_pmcallocate *pm, +pmc_pmu_amd_pmcallocate(const char *event_name, struct pmc_op_pmcallocate *pm, struct pmu_event_desc *ped) { struct pmc_md_amd_op_pmcallocate *amd; + const struct pmu_event *pe; + int idx = -1; amd = &pm->pm_md.pm_amd; - amd->pm_amd_config = AMD_PMC_TO_EVENTMASK(ped->ped_event); if (ped->ped_umask > 0) { pm->pm_caps |= PMC_CAP_QUALIFIER; amd->pm_amd_config |= AMD_PMC_TO_UNITMASK(ped->ped_umask); } pm->pm_class = PMC_CLASS_K8; + pe = pmu_event_get(NULL, event_name, &idx); - if ((pm->pm_caps & (PMC_CAP_USER|PMC_CAP_SYSTEM)) == 0 || - (pm->pm_caps & (PMC_CAP_USER|PMC_CAP_SYSTEM)) == - (PMC_CAP_USER|PMC_CAP_SYSTEM)) - amd->pm_amd_config |= (AMD_PMC_USR | AMD_PMC_OS); - else if (pm->pm_caps & PMC_CAP_USER) - amd->pm_amd_config |= AMD_PMC_USR; - else if (pm->pm_caps & PMC_CAP_SYSTEM) - amd->pm_amd_config |= AMD_PMC_OS; - if (ped->ped_edge) - amd->pm_amd_config |= AMD_PMC_EDGE; - if (ped->ped_inv) - amd->pm_amd_config |= AMD_PMC_EDGE; - if (pm->pm_caps & PMC_CAP_INTERRUPT) - amd->pm_amd_config |= AMD_PMC_INT; + if (strcmp("l3cache", pe->topic) == 0){ + amd->pm_amd_config |= AMD_PMC_TO_EVENTMASK(ped->ped_event); + amd->pm_amd_sub_class = PMC_AMD_SUB_CLASS_L3_CACHE; + amd->pm_amd_config |= AMD_PMC_TO_L3SLICE(ped->ped_l3_slice); + amd->pm_amd_config |= AMD_PMC_TO_L3CORE(ped->ped_l3_thread); + } + else if (strcmp("data fabric", pe->topic) == 0){ + + amd->pm_amd_config |= AMD_PMC_TO_EVENTMASK_DF(ped->ped_event); + amd->pm_amd_sub_class = PMC_AMD_SUB_CLASS_DATA_FABRIC; + } + else{ + amd->pm_amd_config |= AMD_PMC_TO_EVENTMASK(ped->ped_event); + amd->pm_amd_sub_class = PMC_AMD_SUB_CLASS_CORE; + if ((pm->pm_caps & (PMC_CAP_USER|PMC_CAP_SYSTEM)) == 0 || + (pm->pm_caps & (PMC_CAP_USER|PMC_CAP_SYSTEM)) == + (PMC_CAP_USER|PMC_CAP_SYSTEM)) + amd->pm_amd_config |= (AMD_PMC_USR | AMD_PMC_OS); + else if (pm->pm_caps & PMC_CAP_USER) + amd->pm_amd_config |= AMD_PMC_USR; + else if (pm->pm_caps & PMC_CAP_SYSTEM) + amd->pm_amd_config |= AMD_PMC_OS; + if (ped->ped_edge) + amd->pm_amd_config |= AMD_PMC_EDGE; + if (ped->ped_inv) + amd->pm_amd_config |= AMD_PMC_EDGE; + if (pm->pm_caps & PMC_CAP_INTERRUPT) + amd->pm_amd_config |= AMD_PMC_INT; + } return (0); } Copied: releng/12.0/lib/libpmc/pmu-events/arch/x86/amdfam17h/data-fabric.json (from r340718, stable/12/lib/libpmc/pmu-events/arch/x86/amdfam17h/data-fabric.json) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/12.0/lib/libpmc/pmu-events/arch/x86/amdfam17h/data-fabric.json Wed Nov 21 03:22:37 2018 (r340719, copy of r340718, stable/12/lib/libpmc/pmu-events/arch/x86/amdfam17h/data-fabric.json) @@ -0,0 +1,2668 @@ +[ + { + "EventName": "df_ccm_reqa.Node0.anydram", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Any DRAM transaction", + "UMask": "0x0F" + }, + { + "EventName": "df_ccm_reqa.Node1.anydram", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Any DRAM transaction", + "UMask": "0x2F" + }, + { + "EventName": "df_ccm_reqa.Node2.anydram", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Any DRAM transaction", + "UMask": "0x4F" + }, + { + "EventName": "df_ccm_reqa.Node3.anydram", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Any DRAM transaction", + "UMask": "0x6F" + }, + { + "EventName": "df_ccm_reqa.Node4.anydram", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Any DRAM transaction", + "UMask": "0x8F" + }, + { + "EventName": "df_ccm_reqa.Node5.anydram", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Any DRAM transaction", + "UMask": "0xAF" + }, + { + "EventName": "df_ccm_reqa.Node6.anydram", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Any DRAM transaction", + "UMask": "0xCF" + }, + { + "EventName": "df_ccm_reqa.Node7.anydram", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Any DRAM transaction", + "UMask": "0xEF" + }, + { + "EventName": "df_ccm_reqa.Node0.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered WrSizedFullZero", + "UMask": "0x0E" + }, + { + "EventName": "df_ccm_reqa.Node1.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered WrSizedFullZero", + "UMask": "0x2E" + }, + { + "EventName": "df_ccm_reqa.Node2.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered WrSizedFullZero", + "UMask": "0x4E" + }, + { + "EventName": "df_ccm_reqa.Node3.wrsizedfullzero", + "EventCode": "0x8E", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered WrSizedFullZero", + "UMask": "0x6E" + }, + { + "EventName": "df_ccm_reqa.Node4.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered WrSizedFullZero", + "UMask": "0x8E" + }, + { + "EventName": "df_ccm_reqa.Node5.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered WrSizedFullZero", + "UMask": "0xAE" + }, + { + "EventName": "df_ccm_reqa.Node6.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered WrSizedFullZero", + "UMask": "0xCE" + }, + { + "EventName": "df_ccm_reqa.Node7.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered WrSizedFullZero", + "UMask": "0xEE" + }, + { + "EventName": "df_ccm_reqa.Node0.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x0D" + }, + { + "EventName": "df_ccm_reqa.Node1.wrsizedfullnc", + "EventCode": "0x8A", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x2D" + }, + { + "EventName": "df_ccm_reqa.Node2.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x4D" + }, + { + "EventName": "df_ccm_reqa.Node3.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x6D" + }, + { + "EventName": "df_ccm_reqa.Node4.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x8D" + }, + { + "EventName": "df_ccm_reqa.Node5.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0xAD" + }, + { + "EventName": "df_ccm_reqa.Node6.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0xCD" + }, + { + "EventName": "df_ccm_reqa.Node7.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0xED" + }, + { + "EventName": "df_ccm_reqa.Node0.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x0C" + }, + { + "EventName": "df_ccm_reqa.Node1.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x2C" + }, + { + "EventName": "df_ccm_reqa.Node2.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x4C" + }, + { + "EventName": "df_ccm_reqa.Node3.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x6C" + }, + { + "EventName": "df_ccm_reqa.Node4.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x8C" + }, + { + "EventName": "df_ccm_reqa.Node5.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0xAC" + }, + { + "EventName": "df_ccm_reqa.Node6.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0xCC" + }, + { + "EventName": "df_ccm_reqa.Node7.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0xEC" + }, + { + "EventName": "df_ccm_reqa.Node0.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullzero", + "UMask": "0x0B" + }, + { + "EventName": "df_ccm_reqa.Node1.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullzero", + "UMask": "0x2B" + }, + { + "EventName": "df_ccm_reqa.Node2.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullzero", + "UMask": "0x4B" + }, + { + "EventName": "df_ccm_reqa.Node3.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullzero", + "UMask": "0x6B" + }, + { + "EventName": "df_ccm_reqa.Node4.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullzero", + "UMask": "0x8B" + }, + { + "EventName": "df_ccm_reqa.Node5.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullzero", + "UMask": "0xAB" + }, + { + "EventName": "df_ccm_reqa.Node6.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullzero", + "UMask": "0xCB" + }, + { + "EventName": "df_ccm_reqa.Node7.wrsizedfullzero", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullzero", + "UMask": "0xEB" + }, + { + "EventName": "df_ccm_reqa.Node0.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x0A" + }, + { + "EventName": "df_ccm_reqa.Node1.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x2A" + }, + { + "EventName": "df_ccm_reqa.Node2.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x4A" + }, + { + "EventName": "df_ccm_reqa.Node3.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x6A" + }, + { + "EventName": "df_ccm_reqa.Node4.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0x8A" + }, + { + "EventName": "df_ccm_reqa.Node5.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0xAA" + }, + { + "EventName": "df_ccm_reqa.Node6.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0xCA" + }, + { + "EventName": "df_ccm_reqa.Node7.wrsizedfullnc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsizedfullnc", + "UMask": "0xEA" + }, + { + "EventName": "df_ccm_reqa.Node0.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x09" + }, + { + "EventName": "df_ccm_reqa.Node1.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x29" + }, + { + "EventName": "df_ccm_reqa.Node2.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x49" + }, + { + "EventName": "df_ccm_reqa.Node3.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x69" + }, + { + "EventName": "df_ccm_reqa.Node4.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0x89" + }, + { + "EventName": "df_ccm_reqa.Node5.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0xA9" + }, + { + "EventName": "df_ccm_reqa.Node6.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0xC9" + }, + { + "EventName": "df_ccm_reqa.Node7.wrsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wrsized", + "UMask": "0xE9" + }, + { + "EventName": "df_ccm_reqa.Node0.rdsizednc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsizednc", + "UMask": "0x08" + }, + { + "EventName": "df_ccm_reqa.Node1.rdsizednc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsizednc", + "UMask": "0x28" + }, + { + "EventName": "df_ccm_reqa.Node2.rdsizednc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsizednc", + "UMask": "0x48" + }, + { + "EventName": "df_ccm_reqa.Node3.rdsizednc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsizednc", + "UMask": "0x68" + }, + { + "EventName": "df_ccm_reqa.Node4.rdsizednc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsizednc", + "UMask": "0x88" + }, + { + "EventName": "df_ccm_reqa.Node5.rdsizednc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsizednc", + "UMask": "0xA8" + }, + { + "EventName": "df_ccm_reqa.Node6.rdsizednc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsizednc", + "UMask": "0xC8" + }, + { + "EventName": "df_ccm_reqa.Node7.rdsizednc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsizednc", + "UMask": "0xE8" + }, + { + "EventName": "df_ccm_reqa.Node0.rdsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsized", + "UMask": "0x07" + }, + { + "EventName": "df_ccm_reqa.Node1.rdsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsized", + "UMask": "0x27" + }, + { + "EventName": "df_ccm_reqa.Node2.rdsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsized", + "UMask": "0x47" + }, + { + "EventName": "df_ccm_reqa.Node3.rdsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsized", + "UMask": "0x67" + }, + { + "EventName": "df_ccm_reqa.Node4.rdsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsized", + "UMask": "0x87" + }, + { + "EventName": "df_ccm_reqa.Node5.rdsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsized", + "UMask": "0xA7" + }, + { + "EventName": "df_ccm_reqa.Node6.rdsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsized", + "UMask": "0xC7" + }, + { + "EventName": "df_ccm_reqa.Node7.rdsized", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdsized", + "UMask": "0xE7" + }, + { + "EventName": "df_ccm_reqa.Node0.specdramrd", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered specdramrd", + "UMask": "0x06" + }, + { + "EventName": "df_ccm_reqa.Node1.specdramrd", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered specdramrd", + "UMask": "0x26" + }, + { + "EventName": "df_ccm_reqa.Node2.specdramrd", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered specdramrd", + "UMask": "0x46" + }, + { + "EventName": "df_ccm_reqa.Node3.specdramrd", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered specdramrd", + "UMask": "0x66" + }, + { + "EventName": "df_ccm_reqa.Node4.specdramrd", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered specdramrd", + "UMask": "0x86" + }, + { + "EventName": "df_ccm_reqa.Node5.specdramrd", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered specdramrd", + "UMask": "0xA6" + }, + { + "EventName": "df_ccm_reqa.Node6.specdramrd", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered specdramrd", + "UMask": "0xC6" + }, + { + "EventName": "df_ccm_reqa.Node7.specdramrd", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered specdramrd", + "UMask": "0xE6" + }, + { + "EventName": "df_ccm_reqa.Node0.anyrdblk", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered anyrdblk", + "UMask": "0x05" + }, + { + "EventName": "df_ccm_reqa.Node1.anyrdblk", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered anyrdblk", + "UMask": "0x25" + }, + { + "EventName": "df_ccm_reqa.Node2.anyrdblk", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered anyrdblk", + "UMask": "0x45" + }, + { + "EventName": "df_ccm_reqa.Node3.anyrdblk", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered anyrdblk", + "UMask": "0x65" + }, + { + "EventName": "df_ccm_reqa.Node4.anyrdblk", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered anyrdblk", + "UMask": "0x85" + }, + { + "EventName": "df_ccm_reqa.Node5.anyrdblk", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered anyrdblk", + "UMask": "0xA5" + }, + { + "EventName": "df_ccm_reqa.Node6.anyrdblk", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered anyrdblk", + "UMask": "0xC5" + }, + { + "EventName": "df_ccm_reqa.Node7.anyrdblk", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered anyrdblk", + "UMask": "0xE5" + }, + { + "EventName": "df_ccm_reqa.Node0.rdvlkc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkc", + "UMask": "0x04" + }, + { + "EventName": "df_ccm_reqa.Node1.rdvlkc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkc", + "UMask": "0x24" + }, + { + "EventName": "df_ccm_reqa.Node2.rdvlkc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkc", + "UMask": "0x44" + }, + { + "EventName": "df_ccm_reqa.Node3.rdvlkc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkc", + "UMask": "0x64" + }, + { + "EventName": "df_ccm_reqa.Node4.rdvlkc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkc", + "UMask": "0x84" + }, + { + "EventName": "df_ccm_reqa.Node5.rdvlkc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkc", + "UMask": "0xA4" + }, + { + "EventName": "df_ccm_reqa.Node6.rdvlkc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkc", + "UMask": "0xC4" + }, + { + "EventName": "df_ccm_reqa.Node7.rdvlkc", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkc", + "UMask": "0xE4" + }, + { + "EventName": "df_ccm_reqa.Node0.rdvlkx", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkx", + "UMask": "0x03" + }, + { + "EventName": "df_ccm_reqa.Node1.rdvlkx", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkx", + "UMask": "0x23" + }, + { + "EventName": "df_ccm_reqa.Node2.rdvlkx", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkx", + "UMask": "0x43" + }, + { + "EventName": "df_ccm_reqa.Node3.rdvlkx", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkx", + "UMask": "0x63" + }, + { + "EventName": "df_ccm_reqa.Node4.rdvlkx", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkx", + "UMask": "0x83" + }, + { + "EventName": "df_ccm_reqa.Node5.rdvlkx", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkx", + "UMask": "0xA3" + }, + { + "EventName": "df_ccm_reqa.Node6.rdvlkx", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkx", + "UMask": "0xC3" + }, + { + "EventName": "df_ccm_reqa.Node7.rdvlkx", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkx", + "UMask": "0xE3" + }, + { + "EventName": "df_ccm_reqa.Node0.rdvlks", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlks", + "UMask": "0x02" + }, + { + "EventName": "df_ccm_reqa.Node1.rdvlks", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlks", + "UMask": "0x22" + }, + { + "EventName": "df_ccm_reqa.Node2.rdvlks", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlks", + "UMask": "0x42" + }, + { + "EventName": "df_ccm_reqa.Node3.rdvlks", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlks", + "UMask": "0x62" + }, + { + "EventName": "df_ccm_reqa.Node4.rdvlks", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlks", + "UMask": "0x82" + }, + { + "EventName": "df_ccm_reqa.Node5.rdvlks", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlks", + "UMask": "0xA2" + }, + { + "EventName": "df_ccm_reqa.Node6.rdvlks", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlks", + "UMask": "0xC2" + }, + { + "EventName": "df_ccm_reqa.Node7.rdvlks", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlks", + "UMask": "0xE2" + }, + { + "EventName": "df_ccm_reqa.Node0.rdvlkl", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkl", + "UMask": "0x01" + }, + { + "EventName": "df_ccm_reqa.Node1.rdvlkl", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkl", + "UMask": "0x21" + }, + { + "EventName": "df_ccm_reqa.Node2.rdvlkl", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkl", + "UMask": "0x41" + }, + { + "EventName": "df_ccm_reqa.Node3.rdvlkl", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkl", + "UMask": "0x61" + }, + { + "EventName": "df_ccm_reqa.Node4.rdvlkl", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkl", + "UMask": "0x81" + }, + { + "EventName": "df_ccm_reqa.Node5.rdvlkl", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkl", + "UMask": "0xA1" + }, + { + "EventName": "df_ccm_reqa.Node6.rdvlkl", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkl", + "UMask": "0xC1" + }, + { + "EventName": "df_ccm_reqa.Node7.rdvlkl", + "EventCode": "0x8B", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered rdvlkl", + "UMask": "0xE1" + }, + { + "EventName": "df_ccm_reqb.Node0.chgtox", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered chgtox", + "UMask": "0x0E" + }, + { + "EventName": "df_ccm_reqb.Node1.chgtox", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered chgtox", + "UMask": "0x2E" + }, + { + "EventName": "df_ccm_reqb.Node2.chgtox", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered chgtox", + "UMask": "0x4E" + }, + { + "EventName": "df_ccm_reqb.Node3.chgtox", + "EventCode": "0x8E", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered chgtox", + "UMask": "0x6E" + }, + { + "EventName": "df_ccm_reqb.Node4.chgtox", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered chgtox", + "UMask": "0x8E" + }, + { + "EventName": "df_ccm_reqb.Node5.chgtox", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered chgtox", + "UMask": "0xAE" + }, + { + "EventName": "df_ccm_reqb.Node6.chgtox", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered chgtox", + "UMask": "0xCE" + }, + { + "EventName": "df_ccm_reqb.Node7.chgtox", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered chgtox", + "UMask": "0xEE" + }, + { + "EventName": "df_ccm_reqb.Node0.vicblkfull.", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfull.", + "UMask": "0x0D" + }, + { + "EventName": "df_ccm_reqb.Node1.vicblkfull.", + "EventCode": "0x8A", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfull.", + "UMask": "0x2D" + }, + { + "EventName": "df_ccm_reqb.Node2.vicblkfull.", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfull.", + "UMask": "0x4D" + }, + { + "EventName": "df_ccm_reqb.Node3.vicblkfull.", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfull.", + "UMask": "0x6D" + }, + { + "EventName": "df_ccm_reqb.Node4.vicblkfull.", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfull.", + "UMask": "0x8D" + }, + { + "EventName": "df_ccm_reqb.Node5.vicblkfull.", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfull.", + "UMask": "0xAD" + }, + { + "EventName": "df_ccm_reqb.Node6.vicblkfull.", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfull.", + "UMask": "0xCD" + }, + { + "EventName": "df_ccm_reqb.Node7.vicblkfull.", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfull.", + "UMask": "0xED" + }, + { + "EventName": "df_ccm_reqb.Node0.wbinvblkall", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wbinvblkall", + "UMask": "0x0C" + }, + { + "EventName": "df_ccm_reqb.Node1.wbinvblkall", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wbinvblkall", + "UMask": "0x2C" + }, + { + "EventName": "df_ccm_reqb.Node2.wbinvblkall", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wbinvblkall", + "UMask": "0x4C" + }, + { + "EventName": "df_ccm_reqb.Node3.wbinvblkall", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wbinvblkall", + "UMask": "0x6C" + }, + { + "EventName": "df_ccm_reqb.Node4.wbinvblkall", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wbinvblkall", + "UMask": "0x8C" + }, + { + "EventName": "df_ccm_reqb.Node5.wbinvblkall", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wbinvblkall", + "UMask": "0xAC" + }, + { + "EventName": "df_ccm_reqb.Node6.wbinvblkall", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wbinvblkall", + "UMask": "0xCC" + }, + { + "EventName": "df_ccm_reqb.Node7.wbinvblkall", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered wbinvblkall", + "UMask": "0xEC" + }, + { + "EventName": "df_ccm_reqb.Node0.vicblkfullzero", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfullzero", + "UMask": "0x0B" + }, + { + "EventName": "df_ccm_reqb.Node1.vicblkfullzero", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfullzero", + "UMask": "0x2B" + }, + { + "EventName": "df_ccm_reqb.Node2.vicblkfullzero", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfullzero", + "UMask": "0x4B" + }, + { + "EventName": "df_ccm_reqb.Node3.vicblkfullzero", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfullzero", + "UMask": "0x6B" + }, + { + "EventName": "df_ccm_reqb.Node4.vicblkfullzero", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfullzero", + "UMask": "0x8B" + }, + { + "EventName": "df_ccm_reqb.Node5.vicblkfullzero", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfullzero", + "UMask": "0xAB" + }, + { + "EventName": "df_ccm_reqb.Node6.vicblkfullzero", + "EventCode": "0x8c", + "BriefDescription": "Data Fabric CCM Performance Monitor Event DF CCM Request Ordered vicblkfullzero", + "UMask": "0xCB" + }, + { *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-releng@freebsd.org Wed Nov 21 17:22:32 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5112D113F4BD; Wed, 21 Nov 2018 17:22:32 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id ECBF16C40F; Wed, 21 Nov 2018 17:22:31 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id CDD75236E5; Wed, 21 Nov 2018 17:22:31 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wALHMV7F060505; Wed, 21 Nov 2018 17:22:31 GMT (envelope-from markj@FreeBSD.org) Received: (from markj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wALHMV6p060504; Wed, 21 Nov 2018 17:22:31 GMT (envelope-from markj@FreeBSD.org) Message-Id: <201811211722.wALHMV6p060504@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: markj set sender to markj@FreeBSD.org using -f From: Mark Johnston Date: Wed, 21 Nov 2018 17:22:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340732 - releng/12.0/sbin/dumpon X-SVN-Group: releng X-SVN-Commit-Author: markj X-SVN-Commit-Paths: releng/12.0/sbin/dumpon X-SVN-Commit-Revision: 340732 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: ECBF16C40F X-Spamd-Result: default: False [0.48 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.20)[0.197,0]; NEURAL_SPAM_MEDIUM(0.27)[0.274,0]; NEURAL_SPAM_LONG(0.00)[0.004,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 17:22:32 -0000 Author: markj Date: Wed Nov 21 17:22:31 2018 New Revision: 340732 URL: https://svnweb.freebsd.org/changeset/base/340732 Log: MFstable/12 r340727: dumpon.8: Significantly revamp page Approved by: re (gjb) Modified: releng/12.0/sbin/dumpon/dumpon.8 Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sbin/dumpon/dumpon.8 ============================================================================== --- releng/12.0/sbin/dumpon/dumpon.8 Wed Nov 21 17:19:08 2018 (r340731) +++ releng/12.0/sbin/dumpon/dumpon.8 Wed Nov 21 17:22:31 2018 (r340732) @@ -59,27 +59,120 @@ .Sh DESCRIPTION The .Nm -utility is used to specify a device where the kernel can save a crash -dump in the case of a panic. +utility is used to configure where the kernel can save a crash dump in the case +of a panic. .Pp -Calls to +System administrators should typically configure .Nm -normally occur from the system multi-user initialization file -.Pa /etc/rc , -controlled by the -.Dq dumpdev +in a persistent fashion using the +.Xr rc.conf 5 +variables +.Va dumpdev and -.Dq dumpon_flags -variables in the boot time configuration file -.Pa /etc/rc.conf . +.Va dumpon_flags . +For more information on this usage, see +.Xr rc.conf 5 . +.Ss General options +.Bl -tag -width _k_pubkey +.It Fl k Ar pubkey +Configure encrypted kernel dumps. .Pp +A random, one-time symmetric key is automatically generated for bulk kernel +dump encryption every time +.Nm +is used. +The provided +.Ar pubkey +is used to encrypt a copy of the symmetric key. +The encrypted dump contents consist of a standard dump header, the +pubkey-encrypted symmetric key contents, and the symmetric key encrypted core +dump contents. +.Pp +As a result, only someone with the corresponding private key can decrypt the symmetric key. +The symmetric key is necessary to decrypt the kernel core. +The goal of the mechanism is to provide confidentiality. +.Pp +The +.Va pubkey +file should be a PEM-formatted RSA key of at least 1024 bits. +.It Fl l +List the currently configured dump device, or /dev/null if no device is +configured. +.It Fl v +Enable verbose mode. +.It Fl Z +Enable compression (Zstandard). +.It Fl z +Enable compression (gzip). +Only one compression method may be enabled at a time, so +.Fl z +is incompatible with +.Fl Z . +.Pp +Zstandard provides superior compression ratio and performance. +.El +.Ss Netdump +.Nm +may also configure the kernel to dump to a remote +.Xr netdumpd 8 +server. +(The +.Xr netdumpd 8 +server is available in ports.) +.Xr netdump 4 +eliminates the need to reserve space for crash dumps. +It is especially useful in diskless environments. +When +.Nm +is used to configure netdump, the +.Ar device +(or +.Ar iface ) +parameter should specify a network interface (e.g., +.Va igb1 ) . +The specified NIC must be up (online) to configure netdump. +.Pp +.Xr netdump 4 +specific options include: +.Bl -tag -width _g_gateway +.It Fl c Ar client +The local IP address of the +.Xr netdump 4 +client. +.It Fl g Ar gateway +Optional. +If not specified, it is assumed that the +.Ar server +is on the same link as the +.Ar client . +.Pp +If specified, +.Ar gateway +is the address of the first-hop router between the +.Ar client +and the +.Ar server . +The special value +.Dv Dq default +indicates that the currently configured system default route should be used. +.It Fl s Ar server +The IP address of the +.Xr netdumpd 8 +server. +.El +.Pp +All of these options can be specified in the +.Xr rc.conf 5 +variable +.Va dumpon_flags . +.Ss Minidumps The default type of kernel crash dump is the mini crash dump. Mini crash dumps hold only memory pages in use by the kernel. Alternatively, full memory dumps can be enabled by setting the .Va debug.minidump .Xr sysctl 8 variable to 0. -.Pp +.Ss Full dumps For systems using full memory dumps, the size of the specified dump device must be at least the size of physical memory. Even though an additional 64 kB header is added to the dump, the BIOS for a @@ -93,155 +186,18 @@ total amount of physical memory as reported by the .Va hw.physmem .Xr sysctl 8 variable. -.Pp -.Nm -is used to configure a local storage device as the dump device. -With additional parameters, the kernel can instead be configured to -transmit a dump to a remote server using -.Xr netdump 4 . -This eliminates the need to reserve space for saving crash dumps and -is especially useful in diskless environments. -The -.Xr netdump 4 -server address is specified with -.Fl s Ar server , -and the local address is specified with -.Fl c Ar client . -The -.Fl g Ar gateway -parameter may be used to specify a first-hop router to the server, -or to specify that the currently configured default gateway is to -be used. -Note that the -.Xr netdump 4 -configuration is not automatically updated if any network configuration -(e.g., the default route) changes after the -.Nm -invocation. -The name of the interface to be used must be specified as -.Ar iface . -The interface must be up in order to configure -.Xr netdump 4 . -.Pp -The -.Fl k Ar pubkey -flag causes -.Nm -to generate a one-time key for kernel crash dump encryption. -The key will be replaced by a new one when the -.Nm -utility is run again. -The key is encrypted using -.Ar pubkey . -This process is sandboxed using -.Xr capsicum 4 . -Both plain and encrypted keys are sent to the kernel using -.Dv DIOCSKERNELDUMP -.Xr ioctl 2 . -A user can specify the -.Ar pubkey -in the -.Dq dumpon_flags -variable defined in -.Pa /etc/rc.conf -for use with the -.Pa /etc/rc.d/dumpon -.Xr rc 8 -script. -This flag requires a kernel compiled with the -.Dv EKCD -kernel option. -.Pp -The -.Fl z -and -.Fl Z -options configure the kernel to compress the dump before writing it to -the dump device. -This reduces the amount of space required for the dump and accelerates -recovery with -.Xr savecore 8 -since less data needs to be copied from the dump device. -When compression is enabled, the -.Nm -utility will not verify that the dump device is sufficiently large for a full -dump. -The -.Fl z -and -.Fl Z -options cause the dump to be written in -.Xr gzip 1 -and -.Xr zstd 1 -format, respectively. -These flags require a kernel compiled with the -.Dv GZIO -or -.Dv ZSTDIO -kernel options. -.Pp -The -.Fl l -flag causes -.Nm -to print the current dump device or _PATH_DEVNULL ("/dev/null") if no device is -configured. -.Pp -The -.Fl v -flag causes -.Nm -to be verbose about its activity. .Sh IMPLEMENTATION NOTES -Since a -.Xr panic 9 -condition may occur in a situation -where the kernel cannot trust its internal representation -of the state of any given file system, -one of the system swap devices, -and -.Em not -a device containing a file system, -should be used as the dump device. +Because the file system layer is already dead by the time a crash dump +is taken, it is not possible to send crash dumps directly to a file. .Pp The -.Nm -utility operates by opening -.Ar device -and making a -.Dv DIOCSKERNELDUMP -.Xr ioctl 2 -request on it to save kernel crash dumps. -If -.Ar device -is the text string: -.Dq Li off , -.Nm -performs a -.Dv DIOCSKERNELDUMP -.Xr ioctl 2 -on -.Pa /dev/null -and thus instructs the kernel not to save crash dumps. -.Pp -Since -.Nm -cannot be used during kernel initialization, the -.Va dumpdev -variable of .Xr loader 8 -must be used to enable dumps for system panics which occur -during kernel initialization. -.Sh FILES -.Bl -tag -width "/dev/{ada,da}?s?b" -compact -.It Pa /dev/{ada,da}?s?b -standard swap areas -.It Pa /etc/rc.conf -boot-time system configuration -.El +variable +.Va dumpdev +may be used to enable early kernel core dumps for system panics which occur +before userspace starts. .Sh EXAMPLES -In order to generate an RSA private key a user can use the +In order to generate an RSA private key, a user can use the .Xr genrsa 1 tool: .Pp @@ -253,7 +209,8 @@ tool: .Pp .Dl # openssl rsa -in private.pem -out public.pem -pubout .Pp -Once the RSA keys are created the private key should be moved to a safe place. +Once the RSA keys are created in a safe place, the public key may be moved to +the untrusted netdump client machine. Now .Pa public.pem can be used by @@ -278,21 +235,23 @@ reboot: .Pp After reboot .Xr savecore 8 -should be able to save the core dump in the core directory which is +should be able to save the core dump in the +.Va Dq dumpdir +directory, which is .Pa /var/crash by default: .Pp -.Dl # savecore /var/crash /dev/ada0s1b +.Dl # savecore /dev/ada0s1b .Pp Three files should be created in the core directory: .Pa info.# , .Pa key.# and .Pa vmcore_encrypted.# -where +(where .Dq # is the number of the last core dump saved by -.Xr savecore 8 . +.Xr savecore 8 ) . The .Pa vmcore_encrypted.# can be decrypted using the @@ -320,12 +279,15 @@ The core was decrypted properly if .Xr kgdb 1 does not print any errors. Note that the live kernel might be at a different path -which can be examined by looking at the kern.bootfile sysctl. +which can be examined by looking at the +.Va kern.bootfile +.Xr sysctl 8 . .Sh SEE ALSO .Xr gzip 1 , .Xr kgdb 1 , .Xr zstd 1 , .Xr ddb 4 , +.Xr netdump 4 , .Xr fstab 5 , .Xr rc.conf 5 , .Xr config 8 , @@ -341,10 +303,49 @@ The .Nm utility appeared in .Fx 2.0.5 . -.Sh BUGS -Because the file system layer is already dead by the time a crash dump -is taken, it is not possible to send crash dumps directly to a file. .Pp +Support for encrypted kernel core dumps and netdump was added in +.Fx 12.0 . +.Sh AUTHORS +The +.Nm +manual page was written by +.An Mark Johnston Aq Mt markj@FreeBSD.org , +.An Conrad Meyer Aq Mt cem@FreeBSD.org , +.An Konrad Witaszczyk Aq Mt def@FreeBSD.org , +and countless others. +.Sh CAVEATS +To configure encrypted kernel core dumps, the running kernel must have been +compiled with the +.Dv EKCD +option. +.Pp +Netdump does not automatically update the configured +.Ar gateway +if routing topology changes. +.Pp +The size of a compressed dump or a minidump is not a fixed function of RAM +size. +Therefore, when at least one of these options is enabled, the +.Nm +utility cannot verify that the +.Ar device +has sufficient space for a dump. +.Nm +is also unable to verify that a configured +.Xr netdumpd 8 +server has sufficient space for a dump. +.Pp +.Fl Z +requires a kernel compiled with the +.Dv ZSTDIO +kernel option. +Similarly, +.Fl z +requires the +.Dv GZIO +option. +.Sh BUGS It is currently not possible to configure both compression and encryption. The encrypted dump format assumes that the kernel dump size is a multiple of the cipher block size, which may not be true when the dump is compressed. From owner-svn-src-releng@freebsd.org Wed Nov 21 17:33:21 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E83CB113F99C; Wed, 21 Nov 2018 17:33:20 +0000 (UTC) (envelope-from shurd@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8A8946CD3D; Wed, 21 Nov 2018 17:33:20 +0000 (UTC) (envelope-from shurd@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 6767C2388A; Wed, 21 Nov 2018 17:33:20 +0000 (UTC) (envelope-from shurd@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wALHXKDW065666; Wed, 21 Nov 2018 17:33:20 GMT (envelope-from shurd@FreeBSD.org) Received: (from shurd@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wALHXKYi065665; Wed, 21 Nov 2018 17:33:20 GMT (envelope-from shurd@FreeBSD.org) Message-Id: <201811211733.wALHXKYi065665@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: shurd set sender to shurd@FreeBSD.org using -f From: Stephen Hurd Date: Wed, 21 Nov 2018 17:33:20 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340735 - releng/12.0/sys/net X-SVN-Group: releng X-SVN-Commit-Author: shurd X-SVN-Commit-Paths: releng/12.0/sys/net X-SVN-Commit-Revision: 340735 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 8A8946CD3D X-Spamd-Result: default: False [0.43 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.20)[0.199,0]; NEURAL_HAM_LONG(-0.00)[-0.003,0]; NEURAL_SPAM_MEDIUM(0.23)[0.231,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 17:33:21 -0000 Author: shurd Date: Wed Nov 21 17:33:19 2018 New Revision: 340735 URL: https://svnweb.freebsd.org/changeset/base/340735 Log: MFS r340729: Prevent POLA violation with TSO/CSUM offload Ensure that any time CSUM_IP_TSO or CSUM_IP6_TSO is set that the corresponding CSUM_IP6?_TCP / CSUM_IP flags are also set. Approved by: re (gjb) Sponsored by: Limelight Networks Modified: releng/12.0/sys/net/iflib.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/net/iflib.c ============================================================================== --- releng/12.0/sys/net/iflib.c Wed Nov 21 17:32:09 2018 (r340734) +++ releng/12.0/sys/net/iflib.c Wed Nov 21 17:33:19 2018 (r340735) @@ -2974,9 +2974,6 @@ iflib_parse_header(iflib_txq_t txq, if_pkt_info_t pi, pi->ipi_ipproto = ip->ip_p; pi->ipi_flags |= IPI_TX_IPV4; - if ((sctx->isc_flags & IFLIB_NEED_ZERO_CSUM) && (pi->ipi_csum_flags & CSUM_IP)) - ip->ip_sum = 0; - /* TCP checksum offload may require TCP header length */ if (IS_TX_OFFLOAD4(pi)) { if (__predict_true(pi->ipi_ipproto == IPPROTO_TCP)) { @@ -2993,6 +2990,10 @@ iflib_parse_header(iflib_txq_t txq, if_pkt_info_t pi, if (IS_TSO4(pi)) { if (__predict_false(ip->ip_p != IPPROTO_TCP)) return (ENXIO); + /* + * TSO always requires hardware checksum offload. + */ + pi->ipi_csum_flags |= (CSUM_IP_TCP | CSUM_IP); th->th_sum = in_pseudo(ip->ip_src.s_addr, ip->ip_dst.s_addr, htons(IPPROTO_TCP)); pi->ipi_tso_segsz = m->m_pkthdr.tso_segsz; @@ -3002,6 +3003,9 @@ iflib_parse_header(iflib_txq_t txq, if_pkt_info_t pi, } } } + if ((sctx->isc_flags & IFLIB_NEED_ZERO_CSUM) && (pi->ipi_csum_flags & CSUM_IP)) + ip->ip_sum = 0; + break; } #endif @@ -3039,9 +3043,7 @@ iflib_parse_header(iflib_txq_t txq, if_pkt_info_t pi, if (__predict_false(ip6->ip6_nxt != IPPROTO_TCP)) return (ENXIO); /* - * The corresponding flag is set by the stack in the IPv4 - * TSO case, but not in IPv6 (at least in FreeBSD 10.2). - * So, set it here because the rest of the flow requires it. + * TSO always requires hardware checksum offload. */ pi->ipi_csum_flags |= CSUM_IP6_TCP; th->th_sum = in6_cksum_pseudo(ip6, 0, IPPROTO_TCP, 0); From owner-svn-src-releng@freebsd.org Wed Nov 21 17:47:41 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 965C01140135; Wed, 21 Nov 2018 17:47:41 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 340596D69E; Wed, 21 Nov 2018 17:47:41 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 155C423A47; Wed, 21 Nov 2018 17:47:41 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wALHle1M070754; Wed, 21 Nov 2018 17:47:40 GMT (envelope-from markj@FreeBSD.org) Received: (from markj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wALHlek0070752; Wed, 21 Nov 2018 17:47:40 GMT (envelope-from markj@FreeBSD.org) Message-Id: <201811211747.wALHlek0070752@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: markj set sender to markj@FreeBSD.org using -f From: Mark Johnston Date: Wed, 21 Nov 2018 17:47:40 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340736 - releng/12.0/sbin/dumpon X-SVN-Group: releng X-SVN-Commit-Author: markj X-SVN-Commit-Paths: releng/12.0/sbin/dumpon X-SVN-Commit-Revision: 340736 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 340596D69E X-Spamd-Result: default: False [0.58 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_LONG(0.00)[0.001,0]; NEURAL_SPAM_SHORT(0.33)[0.327,0]; NEURAL_SPAM_MEDIUM(0.25)[0.253,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 17:47:41 -0000 Author: markj Date: Wed Nov 21 17:47:40 2018 New Revision: 340736 URL: https://svnweb.freebsd.org/changeset/base/340736 Log: MFstable/12 r340728: Change dumpon(8)'s handling of -g. Approved by: re (gjb) Modified: releng/12.0/sbin/dumpon/dumpon.8 releng/12.0/sbin/dumpon/dumpon.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sbin/dumpon/dumpon.8 ============================================================================== --- releng/12.0/sbin/dumpon/dumpon.8 Wed Nov 21 17:33:19 2018 (r340735) +++ releng/12.0/sbin/dumpon/dumpon.8 Wed Nov 21 17:47:40 2018 (r340736) @@ -28,7 +28,7 @@ .\" From: @(#)swapon.8 8.1 (Berkeley) 6/5/93 .\" $FreeBSD$ .\" -.Dd June 13, 2018 +.Dd November 17, 2018 .Dt DUMPON 8 .Os .Sh NAME @@ -46,7 +46,7 @@ .Op Fl k Ar pubkey .Op Fl Z .Op Fl z -.Op Fl g Ar gateway | Li default +.Op Fl g Ar gateway .Fl s Ar server .Fl c Ar client .Ar iface @@ -140,21 +140,22 @@ The local IP address of the .Xr netdump 4 client. .It Fl g Ar gateway -Optional. -If not specified, it is assumed that the -.Ar server -is on the same link as the -.Ar client . -.Pp -If specified, -.Ar gateway -is the address of the first-hop router between the +The first-hop router between .Ar client -and the +and .Ar server . -The special value -.Dv Dq default -indicates that the currently configured system default route should be used. +If the +.Fl g +option is not specified and the system has a default route, the default +router is used as the +.Xr netdump 4 +gateway. +If the +.Fl g +option is not specified and the system does not have a default route, +.Ar server +is assumed to be on the same link as +.Ar client . .It Fl s Ar server The IP address of the .Xr netdumpd 8 Modified: releng/12.0/sbin/dumpon/dumpon.c ============================================================================== --- releng/12.0/sbin/dumpon/dumpon.c Wed Nov 21 17:33:19 2018 (r340735) +++ releng/12.0/sbin/dumpon/dumpon.c Wed Nov 21 17:47:40 2018 (r340736) @@ -88,7 +88,7 @@ usage(void) fprintf(stderr, "usage: dumpon [-v] [-k ] [-Zz] \n" " dumpon [-v] [-k ] [-Zz]\n" - " [-g |default] -s -c \n" + " [-g ] -s -c \n" " dumpon [-v] off\n" " dumpon [-v] -l\n"); exit(EX_USAGE); @@ -109,8 +109,6 @@ find_gateway(const char *ifname) size_t sz; int error, i, ifindex, mib[7]; - ret = NULL; - /* First look up the interface index. */ if (getifaddrs(&ifap) != 0) err(EX_OSERR, "getifaddrs"); @@ -148,6 +146,7 @@ find_gateway(const char *ifname) free(buf); } + ret = NULL; for (next = buf; next < buf + sz; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)(void *)next; if (rtm->rtm_version != RTM_VERSION) @@ -452,12 +451,16 @@ main(int argc, char *argv[]) if (inet_aton(client, &ndconf.ndc_client) == 0) errx(EX_USAGE, "invalid client address '%s'", client); - if (gateway == NULL) - gateway = server; - else if (strcmp(gateway, "default") == 0 && - (gateway = find_gateway(argv[0])) == NULL) - errx(EX_NOHOST, - "failed to look up next-hop router for %s", server); + if (gateway == NULL) { + gateway = find_gateway(argv[0]); + if (gateway == NULL) { + if (verbose) + printf( + "failed to look up gateway for %s\n", + server); + gateway = server; + } + } if (inet_aton(gateway, &ndconf.ndc_gateway) == 0) errx(EX_USAGE, "invalid gateway address '%s'", gateway); From owner-svn-src-releng@freebsd.org Wed Nov 21 19:49:23 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 189B01143CAE; Wed, 21 Nov 2018 19:49:23 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AF3B772CC0; Wed, 21 Nov 2018 19:49:22 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 7723B24E99; Wed, 21 Nov 2018 19:49:22 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wALJnMqf033405; Wed, 21 Nov 2018 19:49:22 GMT (envelope-from marius@FreeBSD.org) Received: (from marius@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wALJnMxH033404; Wed, 21 Nov 2018 19:49:22 GMT (envelope-from marius@FreeBSD.org) Message-Id: <201811211949.wALJnMxH033404@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: marius set sender to marius@FreeBSD.org using -f From: Marius Strobl Date: Wed, 21 Nov 2018 19:49:22 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340743 - releng/12.0/sys/dev/mmc X-SVN-Group: releng X-SVN-Commit-Author: marius X-SVN-Commit-Paths: releng/12.0/sys/dev/mmc X-SVN-Commit-Revision: 340743 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: AF3B772CC0 X-Spamd-Result: default: False [0.77 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_LONG(0.00)[0.001,0]; NEURAL_SPAM_SHORT(0.51)[0.514,0]; NEURAL_SPAM_MEDIUM(0.25)[0.253,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Nov 2018 19:49:23 -0000 Author: marius Date: Wed Nov 21 19:49:21 2018 New Revision: 340743 URL: https://svnweb.freebsd.org/changeset/base/340743 Log: MFC: r340495, MF12: r340739 - Restore setting the clock for devices which support the default/legacy transfer mode only (lost with r321385). [1] - Similarly, don't try to set the power class on MMC devices that comply to version 4.0 of the system specification but are operated in default/ legacy transfer or 1-bit bus mode as no power class is specified for these cases. Trying to set a power class nevertheless resulted in an - albeit harmless - error message. PR: 231713 [1] Approved by: re (gjb) Modified: releng/12.0/sys/dev/mmc/mmc.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/dev/mmc/mmc.c ============================================================================== --- releng/12.0/sys/dev/mmc/mmc.c Wed Nov 21 18:56:15 2018 (r340742) +++ releng/12.0/sys/dev/mmc/mmc.c Wed Nov 21 19:49:21 2018 (r340743) @@ -830,9 +830,14 @@ mmc_set_power_class(struct mmc_softc *sc, struct mmc_i const uint8_t *ext_csd; uint32_t clock; uint8_t value; + enum mmc_bus_timing timing; + enum mmc_bus_width bus_width; dev = sc->dev; - if (mmcbr_get_mode(dev) != mode_mmc || ivar->csd.spec_vers < 4) + timing = mmcbr_get_timing(dev); + bus_width = ivar->bus_width; + if (mmcbr_get_mode(dev) != mode_mmc || ivar->csd.spec_vers < 4 || + timing == bus_timing_normal || bus_width == bus_width_1) return (MMC_ERR_NONE); value = 0; @@ -843,8 +848,8 @@ mmc_set_power_class(struct mmc_softc *sc, struct mmc_i if (clock <= MMC_TYPE_HS_26_MAX) value = ext_csd[EXT_CSD_PWR_CL_26_195]; else if (clock <= MMC_TYPE_HS_52_MAX) { - if (mmcbr_get_timing(dev) >= bus_timing_mmc_ddr52 && - ivar->bus_width >= bus_width_4) + if (timing >= bus_timing_mmc_ddr52 && + bus_width >= bus_width_4) value = ext_csd[EXT_CSD_PWR_CL_52_195_DDR]; else value = ext_csd[EXT_CSD_PWR_CL_52_195]; @@ -863,13 +868,13 @@ mmc_set_power_class(struct mmc_softc *sc, struct mmc_i if (clock <= MMC_TYPE_HS_26_MAX) value = ext_csd[EXT_CSD_PWR_CL_26_360]; else if (clock <= MMC_TYPE_HS_52_MAX) { - if (mmcbr_get_timing(dev) == bus_timing_mmc_ddr52 && - ivar->bus_width >= bus_width_4) + if (timing == bus_timing_mmc_ddr52 && + bus_width >= bus_width_4) value = ext_csd[EXT_CSD_PWR_CL_52_360_DDR]; else value = ext_csd[EXT_CSD_PWR_CL_52_360]; } else if (clock <= MMC_TYPE_HS200_HS400ES_MAX) { - if (ivar->bus_width == bus_width_8) + if (bus_width == bus_width_8) value = ext_csd[EXT_CSD_PWR_CL_200_360_DDR]; else value = ext_csd[EXT_CSD_PWR_CL_200_360]; @@ -881,7 +886,7 @@ mmc_set_power_class(struct mmc_softc *sc, struct mmc_i return (MMC_ERR_INVALID); } - if (ivar->bus_width == bus_width_8) + if (bus_width == bus_width_8) value = (value & EXT_CSD_POWER_CLASS_8BIT_MASK) >> EXT_CSD_POWER_CLASS_8BIT_SHIFT; else @@ -2164,7 +2169,7 @@ mmc_calculate_clock(struct mmc_softc *sc) for (i = 0; i < sc->child_count; i++) { ivar = device_get_ivars(sc->child_list[i]); if ((ivar->timings & ~(1 << bus_timing_normal)) == 0) - continue; + goto clock; rca = ivar->rca; if (mmc_select_card(sc, rca) != MMC_ERR_NONE) { @@ -2230,6 +2235,7 @@ mmc_calculate_clock(struct mmc_softc *sc) } } +clock: /* Set clock (must be done before initial tuning). */ mmcbr_set_clock(dev, max_dtr); mmcbr_update_ios(dev); From owner-svn-src-releng@freebsd.org Thu Nov 22 04:39:09 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 72A7611367ED; Thu, 22 Nov 2018 04:39:09 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 216A689972; Thu, 22 Nov 2018 04:39:09 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 023CB2BBE; Thu, 22 Nov 2018 04:39:09 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAM4d8PD008933; Thu, 22 Nov 2018 04:39:08 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAM4d7h9008922; Thu, 22 Nov 2018 04:39:07 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <201811220439.wAM4d7h9008922@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Thu, 22 Nov 2018 04:39:07 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340753 - in releng/12.0: etc/mtree lib/libbe sbin/bectl sbin/bectl/tests X-SVN-Group: releng X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: in releng/12.0: etc/mtree lib/libbe sbin/bectl sbin/bectl/tests X-SVN-Commit-Revision: 340753 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 216A689972 X-Spamd-Result: default: False [1.41 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_LONG(0.46)[0.458,0]; NEURAL_SPAM_MEDIUM(0.56)[0.561,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_SPAM_SHORT(0.39)[0.393,0] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Nov 2018 04:39:09 -0000 Author: kevans Date: Thu Nov 22 04:39:06 2018 New Revision: 340753 URL: https://svnweb.freebsd.org/changeset/base/340753 Log: MFC r340507-r340508, r340592-r340594, r340635-r340636: bectl(8) fixes r340507: libbe(3): rewrite init to support chroot usage libbe(3) currently uses zfs_be_root and locates which of its children is currently mounted at "/". This is reasonable, but not correct in the case of a chroot, for two reasons: - chroot root may be of a different zpool than zfs_be_root - chroot root will not show up as mounted at "/" Fix both of these by rewriting libbe_init to work from the rootfs down. zfs_path_to_zhandle on / will resolve to the dataset mounted at the new root, rather than the real root. From there, we can derive the BE root/pool and grab the bootfs off of the new pool. This does no harm in the average case, and opens up bectl to operating on different pools for scenarios where one may be, for instance, updating a pool that generally gets re-rooted into from a separate UFS root or zfs bootpool. While here, I've also: - Eliminated the check for /boot and / to be on the same partition. This leaves one open to a setup where /boot (and consequently, kernel/modules) are not included in the boot environment. This may very well be an intentional setup done by someone that knows what they're doing, we should not kill BE usage because of it. - Eliminated the validation bits of BEs and snapshots that enforced 'mountpoint' to be "/" -- this broke when trying to operate on an imported pool with an altroot, but we need not be this picky. Reported by: philip Reviewed by: philip, allanjude (previous version) Tested by: philip Differential Revision: https://reviews.freebsd.org/D18012 r340508: libbe(3): Rewrite be_unmount to stop mucking with getmntinfo(2) Go through the ZFS layer instead; given a BE, we can derive the dataset, zfs_open it, then zfs_unmount. ZFS takes care of the dirty details and likely gets it more correct than we did for more interesting setups. r340592: bectl(3)/libbe(3): Allow BE root to be specified Add an undocumented -r option preceding the bectl subcommand to specify a BE root to operate out of. This will remain undocumented for now, as some caveats apply: - BEs cannot be activated in the pool that doesn't contain the rootfs - bectl create cannot work out of the box without the -e option right now, since it defaults to the rootfs and cross-pool cloning doesn't work like that (IIRC) Plumb the BE root through to libbe(3) so that some things -can- be done to it, e.g. bectl -r tank/ROOT create -e default upgrade bectl -r tank/ROOT mount upgrade /mnt this aides in some upgrade setups where rootfs is not necessarily ZFS, and also makes it easier/possible to regression-test bectl when combined with a file-backed zpool. Differential Revision: https://reviews.freebsd.org/D18029 r340593: libbe(3): Properly account for altroot when creating new BEs Previously we would blindly copy the 'mountpoint' property, which includes the altroot. The altroot needs to be snipped off prior to setting it on the new BE, though, or you'll end up with a new BE and a mountpoint of /mnt with altroot=/mnt r340594: bectl(8): Add some regression tests These tests operate on a file-backed zpool that gets created in the kyua temp dir. root and ZFS support are both required for these tests. Current tests cover create, destroy, export/import, jail, list (kind of), mount, rename, and jail. List tests should later be extended to cover formatting and the different list flags, but for now only covers basic "are create/destroy actually reflected properly" r340635: libbe(3): Handle non-ZFS rootfs better If rootfs isn't ZFS, current version will emit an error claiming so and fail to initialize libbe. As a consumer, bectl -r (undocumented) can be specified to operate on a BE independently of whether on a UFS or ZFS root. Unbreak this for the UFS case by only erroring out the init if we can't determine a ZFS dataset for rootfs and no BE root was specified. Consumers of libbe should take care to ensure that rootfs is non-empty if they're trying to use it, because this could certainly be the case. Some check is needed before zfs_path_to_zhandle because it will unconditionally emit to stderr if the path isn't a ZFS filesystem, which is unhelpful for our purposes. This should also unbreak the bectl(8) tests on a UFS root, as is the case in Jenkins' -test runs. r340636: bectl(8) tests: attempt to load the ZFS module Observed in a CI test image, bectl_create test will run and be marked as skipped because the module is not loaded. The first zpool invocation will automagically load the module, but bectl_create is still skipped. Subsequent tests all pass as expected because the module is now loaded and everything is OK. Approved by: re (gjb) Added: releng/12.0/sbin/bectl/tests/ - copied from r340751, stable/12/sbin/bectl/tests/ Modified: releng/12.0/etc/mtree/BSD.tests.dist releng/12.0/lib/libbe/be.c releng/12.0/lib/libbe/be.h releng/12.0/lib/libbe/be_access.c releng/12.0/lib/libbe/be_impl.h releng/12.0/lib/libbe/be_info.c releng/12.0/lib/libbe/libbe.3 releng/12.0/sbin/bectl/Makefile releng/12.0/sbin/bectl/bectl.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/etc/mtree/BSD.tests.dist ============================================================================== --- releng/12.0/etc/mtree/BSD.tests.dist Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/etc/mtree/BSD.tests.dist Thu Nov 22 04:39:06 2018 (r340753) @@ -390,6 +390,8 @@ .. .. sbin + bectl + .. dhclient .. devd Modified: releng/12.0/lib/libbe/be.c ============================================================================== --- releng/12.0/lib/libbe/be.c Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/lib/libbe/be.c Thu Nov 22 04:39:06 2018 (r340753) @@ -29,11 +29,12 @@ #include __FBSDID("$FreeBSD$"); +#include +#include #include -#include +#include #include -#include #include #include #include @@ -55,23 +56,30 @@ static int be_create_child_cloned(libbe_handle_t *lbh, * zfs_be_root set by loader(8). data is expected to be a libbe_handle_t *. */ static int -be_locate_rootfs(zfs_handle_t *chkds, void *data) +be_locate_rootfs(libbe_handle_t *lbh) { - libbe_handle_t *lbh; - char *mntpoint; + struct statfs sfs; + struct extmnttab entry; + zfs_handle_t *zfs; - lbh = (libbe_handle_t *)data; - if (lbh == NULL) + /* + * Check first if root is ZFS; if not, we'll bail on rootfs capture. + * Unfortunately needed because zfs_path_to_zhandle will emit to + * stderr if / isn't actually a ZFS filesystem, which we'd like + * to avoid. + */ + if (statfs("/", &sfs) == 0) { + statfs2mnttab(&sfs, &entry); + if (strcmp(entry.mnt_fstype, MNTTYPE_ZFS) != 0) + return (1); + } else return (1); - - mntpoint = NULL; - if (zfs_is_mounted(chkds, &mntpoint) && strcmp(mntpoint, "/") == 0) { - strlcpy(lbh->rootfs, zfs_get_name(chkds), sizeof(lbh->rootfs)); - free(mntpoint); + zfs = zfs_path_to_zhandle(lbh->lzh, "/", ZFS_TYPE_FILESYSTEM); + if (zfs == NULL) return (1); - } else if(mntpoint != NULL) - free(mntpoint); + strlcpy(lbh->rootfs, zfs_get_name(zfs), sizeof(lbh->rootfs)); + zfs_close(zfs); return (0); } @@ -80,52 +88,40 @@ be_locate_rootfs(zfs_handle_t *chkds, void *data) * dataset, for example, zroot/ROOT. */ libbe_handle_t * -libbe_init(void) +libbe_init(const char *root) { - struct stat sb; - dev_t root_dev, boot_dev; libbe_handle_t *lbh; - zfs_handle_t *rootds; char *poolname, *pos; int pnamelen; lbh = NULL; poolname = pos = NULL; - rootds = NULL; - /* Verify that /boot and / are mounted on the same filesystem */ - /* TODO: use errno here?? */ - if (stat("/", &sb) != 0) - goto err; - - root_dev = sb.st_dev; - - if (stat("/boot", &sb) != 0) - goto err; - - boot_dev = sb.st_dev; - - if (root_dev != boot_dev) { - fprintf(stderr, "/ and /boot not on same device, quitting\n"); - goto err; - } - if ((lbh = calloc(1, sizeof(libbe_handle_t))) == NULL) goto err; if ((lbh->lzh = libzfs_init()) == NULL) goto err; - /* Obtain path to boot environment root */ - if ((kenv(KENV_GET, "zfs_be_root", lbh->root, - sizeof(lbh->root))) == -1) - goto err; + /* + * Grab rootfs, we'll work backwards from there if an optional BE root + * has not been passed in. + */ + if (be_locate_rootfs(lbh) != 0) { + if (root == NULL) + goto err; + *lbh->rootfs = '\0'; + } + if (root == NULL) { + /* Strip off the final slash from rootfs to get the be root */ + strlcpy(lbh->root, lbh->rootfs, sizeof(lbh->root)); + pos = strrchr(lbh->root, '/'); + if (pos == NULL) + goto err; + *pos = '\0'; + } else + strlcpy(lbh->root, root, sizeof(lbh->root)); - /* Remove leading 'zfs:' if present, otherwise use value as-is */ - if (strcmp(lbh->root, "zfs:") == 0) - strlcpy(lbh->root, strchr(lbh->root, ':') + sizeof(char), - sizeof(lbh->root)); - if ((pos = strchr(lbh->root, '/')) == NULL) goto err; @@ -144,17 +140,6 @@ libbe_init(void) sizeof(lbh->bootfs), NULL, true) != 0) goto err; - /* Obtain path to boot environment rootfs (currently booted) */ - /* XXX Get dataset mounted at / by kenv/GUID from mountroot? */ - if ((rootds = zfs_open(lbh->lzh, lbh->root, ZFS_TYPE_DATASET)) == NULL) - goto err; - - zfs_iter_filesystems(rootds, be_locate_rootfs, lbh); - zfs_close(rootds); - rootds = NULL; - if (*lbh->rootfs == '\0') - goto err; - return (lbh); err: if (lbh != NULL) { @@ -337,6 +322,7 @@ be_deep_clone_prop(int prop, void *cb) zprop_source_t src; char pval[BE_MAXPATHLEN]; char source[BE_MAXPATHLEN]; + char *val; dccb = cb; /* Skip some properties we don't want to touch */ @@ -356,7 +342,15 @@ be_deep_clone_prop(int prop, void *cb) if (src != ZPROP_SRC_LOCAL) return (ZPROP_CONT); - nvlist_add_string(dccb->props, zfs_prop_to_name(prop), (char *)pval); + /* Augment mountpoint with altroot, if needed */ + val = pval; + if (prop == ZFS_PROP_MOUNTPOINT && *dccb->altroot != '\0') { + if (pval[strlen(dccb->altroot)] == '\0') + strlcpy(pval, "/", sizeof(pval)); + else + val = pval + strlen(dccb->altroot); + } + nvlist_add_string(dccb->props, zfs_prop_to_name(prop), val); return (ZPROP_CONT); } @@ -399,6 +393,10 @@ be_deep_clone(zfs_handle_t *ds, void *data) dccb.zhp = ds; dccb.props = props; + if (zpool_get_prop(isdc->lbh->active_phandle, ZPOOL_PROP_ALTROOT, + dccb.altroot, sizeof(dccb.altroot), NULL, true) != 0 || + strcmp(dccb.altroot, "-") == 0) + *dccb.altroot = '\0'; if (zprop_iter(be_deep_clone_prop, &dccb, B_FALSE, B_FALSE, ZFS_TYPE_FILESYSTEM) == ZPROP_INVAL) return (-1); @@ -503,10 +501,6 @@ be_create_from_existing(libbe_handle_t *lbh, const cha int be_validate_snap(libbe_handle_t *lbh, const char *snap_name) { - zfs_handle_t *zfs_hdl; - char buf[BE_MAXPATHLEN]; - char *delim_pos; - int err = BE_ERR_SUCCESS; if (strlen(snap_name) >= BE_MAXPATHLEN) return (BE_ERR_PATHLEN); @@ -515,27 +509,7 @@ be_validate_snap(libbe_handle_t *lbh, const char *snap ZFS_TYPE_SNAPSHOT)) return (BE_ERR_NOENT); - strlcpy(buf, snap_name, sizeof(buf)); - - /* Find the base filesystem of the snapshot */ - if ((delim_pos = strchr(buf, '@')) == NULL) - return (BE_ERR_INVALIDNAME); - *delim_pos = '\0'; - - if ((zfs_hdl = - zfs_open(lbh->lzh, buf, ZFS_TYPE_DATASET)) == NULL) - return (BE_ERR_NOORIGIN); - - if ((err = zfs_prop_get(zfs_hdl, ZFS_PROP_MOUNTPOINT, buf, - sizeof(buf), NULL, NULL, 0, 1)) != 0) - err = BE_ERR_BADMOUNT; - - if ((err != 0) && (strncmp(buf, "/", sizeof(buf)) != 0)) - err = BE_ERR_BADMOUNT; - - zfs_close(zfs_hdl); - - return (err); + return (BE_ERR_SUCCESS); } Modified: releng/12.0/lib/libbe/be.h ============================================================================== --- releng/12.0/lib/libbe/be.h Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/lib/libbe/be.h Thu Nov 22 04:39:06 2018 (r340753) @@ -63,7 +63,7 @@ typedef enum be_error { /* Library handling functions: be.c */ -libbe_handle_t *libbe_init(void); +libbe_handle_t *libbe_init(const char *root); void libbe_close(libbe_handle_t *); /* Bootenv information functions: be_info.c */ Modified: releng/12.0/lib/libbe/be_access.c ============================================================================== --- releng/12.0/lib/libbe/be_access.c Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/lib/libbe/be_access.c Thu Nov 22 04:39:06 2018 (r340753) @@ -164,37 +164,18 @@ be_unmount(libbe_handle_t *lbh, char *bootenv, int fla { int err, mntflags; char be[BE_MAXPATHLEN]; - struct statfs *mntbuf; - int mntsize; - char *mntpath; + zfs_handle_t *root_hdl; if ((err = be_root_concat(lbh, bootenv, be)) != 0) return (set_error(lbh, err)); - if ((mntsize = getmntinfo(&mntbuf, MNT_NOWAIT)) == 0) { - if (errno == EIO) - return (set_error(lbh, BE_ERR_IO)); - return (set_error(lbh, BE_ERR_NOMOUNT)); - } + if ((root_hdl = zfs_open(lbh->lzh, be, ZFS_TYPE_FILESYSTEM)) == NULL) + return (set_error(lbh, BE_ERR_ZFSOPEN)); - mntpath = NULL; - for (int i = 0; i < mntsize; ++i) { - /* 0x000000de is the type number of zfs */ - if (mntbuf[i].f_type != 0x000000de) - continue; + mntflags = (flags & BE_MNT_FORCE) ? MS_FORCE : 0; - if (strcmp(mntbuf[i].f_mntfromname, be) == 0) { - mntpath = mntbuf[i].f_mntonname; - break; - } - } - - if (mntpath == NULL) - return (set_error(lbh, BE_ERR_NOMOUNT)); - - mntflags = (flags & BE_MNT_FORCE) ? MNT_FORCE : 0; - - if ((err = unmount(mntpath, mntflags)) != 0) { + if (zfs_unmount(root_hdl, NULL, mntflags) != 0) { + zfs_close(root_hdl); switch (errno) { case ENAMETOOLONG: return (set_error(lbh, BE_ERR_PATHLEN)); @@ -210,6 +191,7 @@ be_unmount(libbe_handle_t *lbh, char *bootenv, int fla return (set_error(lbh, BE_ERR_UNKNOWN)); } } + zfs_close(root_hdl); - return (set_error(lbh, BE_ERR_SUCCESS)); + return (BE_ERR_SUCCESS); } Modified: releng/12.0/lib/libbe/be_impl.h ============================================================================== --- releng/12.0/lib/libbe/be_impl.h Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/lib/libbe/be_impl.h Thu Nov 22 04:39:06 2018 (r340753) @@ -55,6 +55,7 @@ struct libbe_deep_clone { struct libbe_dccb { zfs_handle_t *zhp; nvlist_t *props; + char altroot[MAXPATHLEN]; }; typedef struct prop_data { Modified: releng/12.0/lib/libbe/be_info.c ============================================================================== --- releng/12.0/lib/libbe/be_info.c Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/lib/libbe/be_info.c Thu Nov 22 04:39:06 2018 (r340753) @@ -42,7 +42,10 @@ const char * be_active_name(libbe_handle_t *lbh) { - return (strrchr(lbh->rootfs, '/') + sizeof(char)); + if (*lbh->rootfs != '\0') + return (strrchr(lbh->rootfs, '/') + sizeof(char)); + else + return (lbh->rootfs); } @@ -63,7 +66,10 @@ const char * be_nextboot_name(libbe_handle_t *lbh) { - return (strrchr(lbh->bootfs, '/') + sizeof(char)); + if (*lbh->bootfs != '\0') + return (strrchr(lbh->bootfs, '/') + sizeof(char)); + else + return (lbh->bootfs); } @@ -289,30 +295,11 @@ int be_exists(libbe_handle_t *lbh, char *be) { char buf[BE_MAXPATHLEN]; - nvlist_t *dsprops; - char *mntpoint; - bool valid; be_root_concat(lbh, be, buf); if (!zfs_dataset_exists(lbh->lzh, buf, ZFS_TYPE_DATASET)) return (BE_ERR_NOENT); - /* Also check if it's mounted at / */ - if (be_prop_list_alloc(&dsprops) != 0) - return (BE_ERR_UNKNOWN); - - if (be_get_dataset_props(lbh, buf, dsprops) != 0) { - nvlist_free(dsprops); - return (BE_ERR_UNKNOWN); - } - - if (nvlist_lookup_string(dsprops, "mountpoint", &mntpoint) == 0) { - valid = (strcmp(mntpoint, "/") == 0); - nvlist_free(dsprops); - return (valid ? BE_ERR_SUCCESS : BE_ERR_BADMOUNT); - } - - nvlist_free(dsprops); - return (BE_ERR_BADMOUNT); + return (BE_ERR_SUCCESS); } Modified: releng/12.0/lib/libbe/libbe.3 ============================================================================== --- releng/12.0/lib/libbe/libbe.3 Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/lib/libbe/libbe.3 Thu Nov 22 04:39:06 2018 (r340753) @@ -28,7 +28,7 @@ .\" .\" $FreeBSD$ .\" -.Dd August 31, 2018 +.Dd November 17, 2018 .Dt LIBBE 3 .Os .Sh NAME @@ -39,7 +39,7 @@ .Sh SYNOPSIS .In be.h .Ft "libbe_handle_t *hdl" Ns -.Fn libbe_init void +.Fn libbe_init "const char *be_root" .Pp .Ft void .Fn libbe_close "libbe_handle_t *hdl" @@ -157,13 +157,16 @@ errno otherwise as described in .Pp The .Fn libbe_init -function initializes +function takes an optional BE root and initializes .Nm , returning a .Vt "libbe_handle_t *" on success, or .Dv NULL on error. +If a BE root is supplied, +.Nm +will only operate out of that pool and BE root. An error may occur if: .Bl -column .It /boot and / are not on the same filesystem and device, @@ -184,11 +187,15 @@ invalidating the handle in the process. .Pp The .Fn be_active_name -function returns the name of the currently booted boot environment, +function returns the name of the currently booted boot environment. +This boot environment may not belong to the same BE root as the root libbe +is operating on! .Pp The .Fn be_active_path function returns the full path of the currently booted boot environment. +This boot environment may not belong to the same BE root as the root libbe +is operating on! .Pp The .Fn be_nextboot_name Modified: releng/12.0/sbin/bectl/Makefile ============================================================================== --- releng/12.0/sbin/bectl/Makefile Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/sbin/bectl/Makefile Thu Nov 22 04:39:06 2018 (r340753) @@ -1,5 +1,7 @@ # $FreeBSD$ +.include + PROG= bectl MAN= bectl.8 @@ -15,5 +17,8 @@ CFLAGS+= -I${SRCTOP}/sys/cddl/compat/opensolaris CFLAGS+= -I${SRCTOP}/sys/cddl/contrib/opensolaris/uts/common CFLAGS+= -DNEED_SOLARIS_BOOLEAN + +HAS_TESTS= yes +SUBDIR.${MK_TESTS}+= tests .include Modified: releng/12.0/sbin/bectl/bectl.c ============================================================================== --- releng/12.0/sbin/bectl/bectl.c Thu Nov 22 03:04:13 2018 (r340752) +++ releng/12.0/sbin/bectl/bectl.c Thu Nov 22 04:39:06 2018 (r340753) @@ -489,12 +489,25 @@ int main(int argc, char *argv[]) { const char *command; + char *root; int command_index, rc; + root = NULL; if (argc < 2) return (usage(false)); - command = argv[1]; + if (strcmp(argv[1], "-r") == 0) { + if (argc < 4) + return (usage(false)); + root = strdup(argv[2]); + command = argv[3]; + argc -= 3; + argv += 3; + } else { + command = argv[1]; + argc -= 1; + argv += 1; + } /* Handle command aliases */ if (strcmp(command, "umount") == 0) @@ -512,13 +525,12 @@ main(int argc, char *argv[]) } - if ((be = libbe_init()) == NULL) + if ((be = libbe_init(root)) == NULL) return (-1); libbe_print_on_error(be, true); - /* XXX TODO: can be simplified if offset by 2 instead of one */ - rc = command_map[command_index].fn(argc-1, argv+1); + rc = command_map[command_index].fn(argc, argv); libbe_close(be); return (rc); From owner-svn-src-releng@freebsd.org Thu Nov 22 13:09:44 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C61571148458; Thu, 22 Nov 2018 13:09:43 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6D85875D8A; Thu, 22 Nov 2018 13:09:43 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4FA0F10429; Thu, 22 Nov 2018 13:09:43 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAMD9hjS072123; Thu, 22 Nov 2018 13:09:43 GMT (envelope-from tijl@FreeBSD.org) Received: (from tijl@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAMD9hU6072122; Thu, 22 Nov 2018 13:09:43 GMT (envelope-from tijl@FreeBSD.org) Message-Id: <201811221309.wAMD9hU6072122@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: tijl set sender to tijl@FreeBSD.org using -f From: Tijl Coosemans Date: Thu, 22 Nov 2018 13:09:43 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340761 - releng/12.0/sys/compat/linux X-SVN-Group: releng X-SVN-Commit-Author: tijl X-SVN-Commit-Paths: releng/12.0/sys/compat/linux X-SVN-Commit-Revision: 340761 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 6D85875D8A X-Spamd-Result: default: False [1.17 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.24)[0.241,0]; NEURAL_SPAM_MEDIUM(0.51)[0.514,0]; NEURAL_SPAM_LONG(0.42)[0.420,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Nov 2018 13:09:44 -0000 Author: tijl Date: Thu Nov 22 13:09:42 2018 New Revision: 340761 URL: https://svnweb.freebsd.org/changeset/base/340761 Log: MFS r340755: Do proper copyin of control message data in the Linux sendmsg syscall. Instead of calling m_append with a user address, allocate an mbuf cluster and copy data into it using copyin. For the SCM_CREDS case, instead of zeroing a stack variable and appending that to the mbuf, zero part of the mbuf cluster directly. One mbuf cluster is also the size limit used by the FreeBSD sendmsg syscall (uipc_syscalls.c:sockargs()). PR: 217901 Reviewed by: kib Approved by: re (marius) Modified: releng/12.0/sys/compat/linux/linux_socket.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/compat/linux/linux_socket.c ============================================================================== --- releng/12.0/sys/compat/linux/linux_socket.c Thu Nov 22 13:09:03 2018 (r340760) +++ releng/12.0/sys/compat/linux/linux_socket.c Thu Nov 22 13:09:42 2018 (r340761) @@ -1085,7 +1085,6 @@ linux_sendmsg_common(struct thread *td, l_int s, struc l_uint flags) { struct cmsghdr *cmsg; - struct cmsgcred cmcred; struct mbuf *control; struct msghdr msg; struct l_cmsghdr linux_cmsg; @@ -1096,6 +1095,7 @@ linux_sendmsg_common(struct thread *td, l_int s, struc struct sockaddr *sa; sa_family_t sa_family; void *data; + l_size_t len; int error; error = copyin(msghdr, &linux_msg, sizeof(linux_msg)); @@ -1126,7 +1126,6 @@ linux_sendmsg_common(struct thread *td, l_int s, struc return (error); control = NULL; - cmsg = NULL; if ((ptr_cmsg = LINUX_CMSG_FIRSTHDR(&linux_msg)) != NULL) { error = kern_getsockname(td, s, &sa, &datalen); @@ -1136,8 +1135,10 @@ linux_sendmsg_common(struct thread *td, l_int s, struc free(sa, M_SONAME); error = ENOBUFS; - cmsg = malloc(CMSG_HDRSZ, M_LINUX, M_WAITOK|M_ZERO); control = m_get(M_WAITOK, MT_CONTROL); + MCLGET(control, M_WAITOK); + data = mtod(control, void *); + datalen = 0; do { error = copyin(ptr_cmsg, &linux_cmsg, @@ -1149,10 +1150,14 @@ linux_sendmsg_common(struct thread *td, l_int s, struc if (linux_cmsg.cmsg_len < sizeof(struct l_cmsghdr)) goto bad; + if (datalen + CMSG_HDRSZ > MCLBYTES) + goto bad; + /* * Now we support only SCM_RIGHTS and SCM_CRED, * so return EINVAL in any other cmsg_type */ + cmsg = data; cmsg->cmsg_type = linux_to_bsd_cmsg_type(linux_cmsg.cmsg_type); cmsg->cmsg_level = @@ -1170,35 +1175,34 @@ linux_sendmsg_common(struct thread *td, l_int s, struc if (sa_family != AF_UNIX) continue; - data = LINUX_CMSG_DATA(ptr_cmsg); - datalen = linux_cmsg.cmsg_len - L_CMSG_HDRSZ; + if (cmsg->cmsg_type == SCM_CREDS) { + len = sizeof(struct cmsgcred); + if (datalen + CMSG_SPACE(len) > MCLBYTES) + goto bad; - switch (cmsg->cmsg_type) - { - case SCM_RIGHTS: - break; - - case SCM_CREDS: - data = &cmcred; - datalen = sizeof(cmcred); - /* * The lower levels will fill in the structure */ - bzero(data, datalen); - break; + memset(CMSG_DATA(data), 0, len); + } else { + len = linux_cmsg.cmsg_len - L_CMSG_HDRSZ; + if (datalen + CMSG_SPACE(len) < datalen || + datalen + CMSG_SPACE(len) > MCLBYTES) + goto bad; + + error = copyin(LINUX_CMSG_DATA(ptr_cmsg), + CMSG_DATA(data), len); + if (error != 0) + goto bad; } - cmsg->cmsg_len = CMSG_LEN(datalen); - - error = ENOBUFS; - if (!m_append(control, CMSG_HDRSZ, (c_caddr_t)cmsg)) - goto bad; - if (!m_append(control, datalen, (c_caddr_t)data)) - goto bad; + cmsg->cmsg_len = CMSG_LEN(len); + data = (char *)data + CMSG_SPACE(len); + datalen += CMSG_SPACE(len); } while ((ptr_cmsg = LINUX_CMSG_NXTHDR(&linux_msg, ptr_cmsg))); - if (m_length(control, NULL) == 0) { + control->m_len = datalen; + if (datalen == 0) { m_freem(control); control = NULL; } @@ -1212,8 +1216,6 @@ linux_sendmsg_common(struct thread *td, l_int s, struc bad: m_freem(control); free(iov, M_IOV); - if (cmsg) - free(cmsg, M_LINUX); return (error); } From owner-svn-src-releng@freebsd.org Thu Nov 22 13:12:18 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 43D861148627; Thu, 22 Nov 2018 13:12:18 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id DB3AE76160; Thu, 22 Nov 2018 13:12:17 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id BD5C1105A3; Thu, 22 Nov 2018 13:12:17 +0000 (UTC) (envelope-from tijl@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAMDCHkP073847; Thu, 22 Nov 2018 13:12:17 GMT (envelope-from tijl@FreeBSD.org) Received: (from tijl@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAMDCH0U073846; Thu, 22 Nov 2018 13:12:17 GMT (envelope-from tijl@FreeBSD.org) Message-Id: <201811221312.wAMDCH0U073846@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: tijl set sender to tijl@FreeBSD.org using -f From: Tijl Coosemans Date: Thu, 22 Nov 2018 13:12:17 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340762 - releng/12.0/sys/compat/linux X-SVN-Group: releng X-SVN-Commit-Author: tijl X-SVN-Commit-Paths: releng/12.0/sys/compat/linux X-SVN-Commit-Revision: 340762 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: DB3AE76160 X-Spamd-Result: default: False [1.17 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_LONG(0.42)[0.420,0]; NEURAL_SPAM_MEDIUM(0.51)[0.514,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; NEURAL_SPAM_SHORT(0.24)[0.241,0] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Nov 2018 13:12:18 -0000 Author: tijl Date: Thu Nov 22 13:12:17 2018 New Revision: 340762 URL: https://svnweb.freebsd.org/changeset/base/340762 Log: MFS r340757: Fix another user address dereference in linux_sendmsg syscall. This was hidden behind the LINUX_CMSG_NXTHDR macro which dereferences its second argument. Stop using the macro as well as LINUX_CMSG_FIRSTHDR. Use the size field of the kernel copy of the control message header to obtain the next control message. PR: 217901 Approved by: re (marius) Modified: releng/12.0/sys/compat/linux/linux_socket.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/compat/linux/linux_socket.c ============================================================================== --- releng/12.0/sys/compat/linux/linux_socket.c Thu Nov 22 13:09:42 2018 (r340761) +++ releng/12.0/sys/compat/linux/linux_socket.c Thu Nov 22 13:12:17 2018 (r340762) @@ -1096,6 +1096,7 @@ linux_sendmsg_common(struct thread *td, l_int s, struc sa_family_t sa_family; void *data; l_size_t len; + l_size_t clen; int error; error = copyin(msghdr, &linux_msg, sizeof(linux_msg)); @@ -1127,7 +1128,7 @@ linux_sendmsg_common(struct thread *td, l_int s, struc control = NULL; - if ((ptr_cmsg = LINUX_CMSG_FIRSTHDR(&linux_msg)) != NULL) { + if (linux_msg.msg_controllen >= sizeof(struct l_cmsghdr)) { error = kern_getsockname(td, s, &sa, &datalen); if (error != 0) goto bad; @@ -1140,6 +1141,8 @@ linux_sendmsg_common(struct thread *td, l_int s, struc data = mtod(control, void *); datalen = 0; + ptr_cmsg = PTRIN(linux_msg.msg_control); + clen = linux_msg.msg_controllen; do { error = copyin(ptr_cmsg, &linux_cmsg, sizeof(struct l_cmsghdr)); @@ -1147,7 +1150,8 @@ linux_sendmsg_common(struct thread *td, l_int s, struc goto bad; error = EINVAL; - if (linux_cmsg.cmsg_len < sizeof(struct l_cmsghdr)) + if (linux_cmsg.cmsg_len < sizeof(struct l_cmsghdr) || + linux_cmsg.cmsg_len > clen) goto bad; if (datalen + CMSG_HDRSZ > MCLBYTES) @@ -1199,7 +1203,14 @@ linux_sendmsg_common(struct thread *td, l_int s, struc cmsg->cmsg_len = CMSG_LEN(len); data = (char *)data + CMSG_SPACE(len); datalen += CMSG_SPACE(len); - } while ((ptr_cmsg = LINUX_CMSG_NXTHDR(&linux_msg, ptr_cmsg))); + + if (clen <= LINUX_CMSG_ALIGN(linux_cmsg.cmsg_len)) + break; + + clen -= LINUX_CMSG_ALIGN(linux_cmsg.cmsg_len); + ptr_cmsg = (struct l_cmsghdr *)((char *)ptr_cmsg + + LINUX_CMSG_ALIGN(linux_cmsg.cmsg_len)); + } while(clen >= sizeof(struct l_cmsghdr)); control->m_len = datalen; if (datalen == 0) { From owner-svn-src-releng@freebsd.org Thu Nov 22 16:27:31 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C2894114BB00; Thu, 22 Nov 2018 16:27:31 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 665C17C281; Thu, 22 Nov 2018 16:27:31 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3FC4712483; Thu, 22 Nov 2018 16:27:31 +0000 (UTC) (envelope-from marius@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAMGRVZS074339; Thu, 22 Nov 2018 16:27:31 GMT (envelope-from marius@FreeBSD.org) Received: (from marius@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAMGRV3G074338; Thu, 22 Nov 2018 16:27:31 GMT (envelope-from marius@FreeBSD.org) Message-Id: <201811221627.wAMGRV3G074338@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: marius set sender to marius@FreeBSD.org using -f From: Marius Strobl Date: Thu, 22 Nov 2018 16:27:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340768 - releng/12.0/sys/sparc64/sparc64 X-SVN-Group: releng X-SVN-Commit-Author: marius X-SVN-Commit-Paths: releng/12.0/sys/sparc64/sparc64 X-SVN-Commit-Revision: 340768 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 665C17C281 X-Spamd-Result: default: False [1.10 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.17)[0.169,0]; NEURAL_SPAM_MEDIUM(0.51)[0.514,0]; NEURAL_SPAM_LONG(0.42)[0.420,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Nov 2018 16:27:32 -0000 Author: marius Date: Thu Nov 22 16:27:30 2018 New Revision: 340768 URL: https://svnweb.freebsd.org/changeset/base/340768 Log: MFC: r340656, MF12: r340759 Given that the idea of D15374 was to "make memmove a first class citizen", provide a _MEMMOVE extension of _MEMCPY that deals with overlap based on the previous bcopy(9) implementation and use the former for bcopy(9) and memmove(9). This addresses my D15374 review comment, avoiding extra MOVs in case of memmove(9) and trashing the stack pointer. Approved by: re (kib) Modified: releng/12.0/sys/sparc64/sparc64/support.S Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/sparc64/sparc64/support.S ============================================================================== --- releng/12.0/sys/sparc64/sparc64/support.S Thu Nov 22 16:15:24 2018 (r340767) +++ releng/12.0/sys/sparc64/sparc64/support.S Thu Nov 22 16:27:30 2018 (r340768) @@ -207,6 +207,30 @@ __FBSDID("$FreeBSD$"); 6: /* + * Extension of _MEMCPY dealing with overlap, but unaware of ASIs. + * Used for bcopy() and memmove(). + */ +#define _MEMMOVE(dst, src, len) \ + /* Check for overlap, and copy backwards if so. */ \ + sub dst, src, %g1 ; \ + cmp %g1, len ; \ + bgeu,a,pt %xcc, 2f ; \ + nop ; \ + /* Copy backwards. */ \ + add src, len, src ; \ + add dst, len, dst ; \ +1: deccc 1, len ; \ + bl,pn %xcc, 3f ; \ + dec 1, src ; \ + ldub [src], %g1 ; \ + dec 1, dst ; \ + ba %xcc, 1b ; \ + stb %g1, [dst] ; \ +2: /* Do the fast version. */ \ + _MEMCPY(dst, src, len, EMPTY, EMPTY, EMPTY, EMPTY) ; \ +3: + +/* * void ascopy(u_long asi, vm_offset_t src, vm_offset_t dst, size_t len) */ ENTRY(ascopy) @@ -265,49 +289,14 @@ ENTRY(bcmp) END(bcmp) /* - * void *memmove(void *dst, const void *src, size_t len) * void bcopy(const void *src, void *dst, size_t len) */ -ENTRY(memmove) - /* - * Swap src/dst for memmove/bcopy differences - */ - mov %o0, %o6 - mov %o1, %o0 - mov %o6, %o1 -ALTENTRY(bcopy) - /* - * Check for overlap, and copy backwards if so. - */ - sub %o1, %o0, %g1 - cmp %g1, %o2 - bgeu,a,pt %xcc, 3f +ENTRY(bcopy) + _MEMMOVE(%o1, %o0, %o2) + retl nop +END(bcopy) - /* - * Copy backwards. - */ - add %o0, %o2, %o0 - add %o1, %o2, %o1 -1: deccc 1, %o2 - bl,a,pn %xcc, 2f - nop - dec 1, %o0 - ldub [%o0], %g1 - dec 1, %o1 - ba %xcc, 1b - stb %g1, [%o1] -2: retl - mov %o6, %o0 - - /* - * Do the fast version. - */ -3: _MEMCPY(%o1, %o0, %o2, EMPTY, EMPTY, EMPTY, EMPTY) - retl - mov %o6, %o0 -END(memmove) - /* * void bzero(void *b, size_t len) */ @@ -335,6 +324,16 @@ ENTRY(memcpy) retl nop END(memcpy) + +/* + * void *memmove(void *dst, const void *src, size_t len) + */ +ENTRY(memmove) + mov %o0, %o3 + _MEMMOVE(%o3, %o1, %o2) + retl + nop +END(memmove) /* * void *memset(void *b, int c, size_t len) From owner-svn-src-releng@freebsd.org Thu Nov 22 18:59:07 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 9B1711103EA7; Thu, 22 Nov 2018 18:59:07 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3FBF881301; Thu, 22 Nov 2018 18:59:07 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 17F2F13C6D; Thu, 22 Nov 2018 18:59:07 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAMIx6I9052352; Thu, 22 Nov 2018 18:59:06 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAMIx5E3052345; Thu, 22 Nov 2018 18:59:05 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201811221859.wAMIx5E3052345@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Thu, 22 Nov 2018 18:59:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340773 - in releng/12.0: . rescue/rescue share/mk tools/build/options X-SVN-Group: releng X-SVN-Commit-Author: emaste X-SVN-Commit-Paths: in releng/12.0: . rescue/rescue share/mk tools/build/options X-SVN-Commit-Revision: 340773 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 3FBF881301 X-Spamd-Result: default: False [1.09 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_LONG(0.42)[0.420,0]; NEURAL_SPAM_SHORT(0.16)[0.158,0]; NEURAL_SPAM_MEDIUM(0.51)[0.514,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Nov 2018 18:59:07 -0000 Author: emaste Date: Thu Nov 22 18:59:05 2018 New Revision: 340773 URL: https://svnweb.freebsd.org/changeset/base/340773 Log: MF12 r340697: Introduce src.conf knob to build userland with retpoline MFC r339511: Introduce src.conf knob to build userland with retpoline WITH_RETPOLINE enables -mretpoline vulnerability mitigation in userland for CVE-2017-5715. MFC r340099: libcompat: disable retpoline when building build tools These are built with the host toolchain which may not support retpoline. While here, move the MK_ overrides to a separate line and sort them alphabetically to support future changes. MFC r340650: Avoid retpolineplt with static linking Statically linked binaries linked with -zretpolineplt crash at startup as lld produces a broken PLT. MFC r340652: rescue: set NO_SHARED in Makefile The rescue binary is built statically via the Makefile generated by crunchgen, but that does not trigger other shared/static logic in bsd.prog.mk - in particular PR: 233336 Reported by: Peter Malcom (r339511), Charlie Li (r340652) Approved by: re (kib) Sponsored by: The FreeBSD Foundation Added: releng/12.0/tools/build/options/WITH_RETPOLINE - copied unchanged from r340697, stable/12/tools/build/options/WITH_RETPOLINE Modified: releng/12.0/Makefile.inc1 releng/12.0/Makefile.libcompat releng/12.0/rescue/rescue/Makefile releng/12.0/share/mk/bsd.lib.mk releng/12.0/share/mk/bsd.opts.mk releng/12.0/share/mk/bsd.prog.mk Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/Makefile.inc1 ============================================================================== --- releng/12.0/Makefile.inc1 Thu Nov 22 17:51:19 2018 (r340772) +++ releng/12.0/Makefile.inc1 Thu Nov 22 18:59:05 2018 (r340773) @@ -659,7 +659,7 @@ BSARGS= DESTDIR= \ -DNO_PIC MK_PROFILE=no -DNO_SHARED \ -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no \ MK_CLANG_EXTRAS=no MK_CLANG_FULL=no \ - MK_LLDB=no MK_TESTS=no \ + MK_LLDB=no MK_RETPOLINE=no MK_TESTS=no \ MK_INCLUDES=yes BMAKE= \ @@ -680,7 +680,7 @@ TMAKE= \ -DNO_LINT \ -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no \ MK_CLANG_EXTRAS=no MK_CLANG_FULL=no \ - MK_LLDB=no MK_TESTS=no + MK_LLDB=no MK_RETPOLINE=no MK_TESTS=no # cross-tools stage # TOOLS_PREFIX set in BMAKE @@ -703,7 +703,7 @@ KTMAKE= \ SSP_CFLAGS= \ MK_HTML=no -DNO_LINT MK_MAN=no \ -DNO_PIC MK_PROFILE=no -DNO_SHARED \ - -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no + -DNO_CPU_CFLAGS MK_RETPOLINE=no MK_WARNS=no MK_CTF=no # world stage WMAKEENV= ${CROSSENV} \ @@ -2390,6 +2390,7 @@ NXBMAKEARGS+= \ MK_OFED=no \ MK_OPENSSH=no \ MK_PROFILE=no \ + MK_RETPOLINE=no \ MK_SENDMAIL=no \ MK_SVNLITE=no \ MK_TESTS=no \ Modified: releng/12.0/Makefile.libcompat ============================================================================== --- releng/12.0/Makefile.libcompat Thu Nov 22 17:51:19 2018 (r340772) +++ releng/12.0/Makefile.libcompat Thu Nov 22 18:59:05 2018 (r340773) @@ -200,7 +200,8 @@ build${libcompat}: .PHONY OBJTOP=${LIBCOMPAT_OBJTOP} \ OBJROOT='$${OBJTOP}/' \ MAKEOBJDIRPREFIX= \ - DIRPRFX=${_dir}/ -DNO_LINT -DNO_CPU_CFLAGS MK_WARNS=no MK_CTF=no \ + DIRPRFX=${_dir}/ -DNO_LINT -DNO_CPU_CFLAGS \ + MK_CTF=no MK_RETPOLINE=no MK_WARNS=no \ ${_t} .endfor .endfor Modified: releng/12.0/rescue/rescue/Makefile ============================================================================== --- releng/12.0/rescue/rescue/Makefile Thu Nov 22 17:51:19 2018 (r340772) +++ releng/12.0/rescue/rescue/Makefile Thu Nov 22 18:59:05 2018 (r340773) @@ -6,6 +6,7 @@ PACKAGE=rescue MAN= MK_SSP= no +NO_SHARED= yes PROG= rescue BINDIR?=/rescue Modified: releng/12.0/share/mk/bsd.lib.mk ============================================================================== --- releng/12.0/share/mk/bsd.lib.mk Thu Nov 22 17:51:19 2018 (r340772) +++ releng/12.0/share/mk/bsd.lib.mk Thu Nov 22 18:59:05 2018 (r340773) @@ -69,6 +69,12 @@ TAGS+= package=${PACKAGE:Uruntime} TAG_ARGS= -T ${TAGS:[*]:S/ /,/g} .endif +.if ${MK_RETPOLINE} != "no" +CFLAGS+= -mretpoline +CXXFLAGS+= -mretpoline +LDFLAGS+= -Wl,-zretpolineplt +.endif + .if ${MK_DEBUG_FILES} != "no" && empty(DEBUG_FLAGS:M-g) && \ empty(DEBUG_FLAGS:M-gdwarf*) CFLAGS+= ${DEBUG_FILES_CFLAGS} Modified: releng/12.0/share/mk/bsd.opts.mk ============================================================================== --- releng/12.0/share/mk/bsd.opts.mk Thu Nov 22 17:51:19 2018 (r340772) +++ releng/12.0/share/mk/bsd.opts.mk Thu Nov 22 18:59:05 2018 (r340773) @@ -72,6 +72,7 @@ __DEFAULT_NO_OPTIONS = \ CCACHE_BUILD \ CTF \ INSTALL_AS_USER \ + RETPOLINE \ STALE_STAGED __DEFAULT_DEPENDENT_OPTIONS = \ Modified: releng/12.0/share/mk/bsd.prog.mk ============================================================================== --- releng/12.0/share/mk/bsd.prog.mk Thu Nov 22 17:51:19 2018 (r340772) +++ releng/12.0/share/mk/bsd.prog.mk Thu Nov 22 18:59:05 2018 (r340773) @@ -34,6 +34,15 @@ PROG= ${PROG_CXX} MK_DEBUG_FILES= no .endif +.if ${MK_RETPOLINE} != "no" +CFLAGS+= -mretpoline +CXXFLAGS+= -mretpoline +# retpolineplt is broken with static linking (PR 233336) +.if !defined(NO_SHARED) || ${NO_SHARED} == "no" || ${NO_SHARED} == "NO" +LDFLAGS+= -Wl,-zretpolineplt +.endif +.endif + .if defined(CRUNCH_CFLAGS) CFLAGS+=${CRUNCH_CFLAGS} .else Copied: releng/12.0/tools/build/options/WITH_RETPOLINE (from r340697, stable/12/tools/build/options/WITH_RETPOLINE) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ releng/12.0/tools/build/options/WITH_RETPOLINE Thu Nov 22 18:59:05 2018 (r340773, copy of r340697, stable/12/tools/build/options/WITH_RETPOLINE) @@ -0,0 +1,3 @@ +.\" $FreeBSD$ +Set to build the base system with the retpoline speculative execution +vulnerability mitigation for CVE-2017-5715. From owner-svn-src-releng@freebsd.org Fri Nov 23 01:07:13 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8CECA11360B2; Fri, 23 Nov 2018 01:07:13 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 2BE03700CA; Fri, 23 Nov 2018 01:07:13 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 0B659178F0; Fri, 23 Nov 2018 01:07:13 +0000 (UTC) (envelope-from markj@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wAN17C5V047260; Fri, 23 Nov 2018 01:07:12 GMT (envelope-from markj@FreeBSD.org) Received: (from markj@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wAN17CHu047259; Fri, 23 Nov 2018 01:07:12 GMT (envelope-from markj@FreeBSD.org) Message-Id: <201811230107.wAN17CHu047259@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: markj set sender to markj@FreeBSD.org using -f From: Mark Johnston Date: Fri, 23 Nov 2018 01:07:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340791 - releng/12.0/sys/kern X-SVN-Group: releng X-SVN-Commit-Author: markj X-SVN-Commit-Paths: releng/12.0/sys/kern X-SVN-Commit-Revision: 340791 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 2BE03700CA X-Spamd-Result: default: False [1.56 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.44)[0.436,0]; NEURAL_SPAM_MEDIUM(0.72)[0.721,0]; NEURAL_SPAM_LONG(0.40)[0.400,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Nov 2018 01:07:13 -0000 Author: markj Date: Fri Nov 23 01:07:12 2018 New Revision: 340791 URL: https://svnweb.freebsd.org/changeset/base/340791 Log: MFstable/12 r340788: Clear pad bytes in the struct exported by kern.ntp_pll.gettime. Approved by: re (gjb) Modified: releng/12.0/sys/kern/kern_ntptime.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/kern/kern_ntptime.c ============================================================================== --- releng/12.0/sys/kern/kern_ntptime.c Fri Nov 23 01:05:42 2018 (r340790) +++ releng/12.0/sys/kern/kern_ntptime.c Fri Nov 23 01:07:12 2018 (r340791) @@ -300,6 +300,8 @@ ntp_sysctl(SYSCTL_HANDLER_ARGS) { struct ntptimeval ntv; /* temporary structure */ + memset(&ntv, 0, sizeof(ntv)); + NTP_LOCK(); ntp_gettime1(&ntv); NTP_UNLOCK(); From owner-svn-src-releng@freebsd.org Fri Nov 23 16:32:28 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 219E2114B824; Fri, 23 Nov 2018 16:32:28 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id BE1AF6B490; Fri, 23 Nov 2018 16:32:27 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A0A1621310; Fri, 23 Nov 2018 16:32:27 +0000 (UTC) (envelope-from gjb@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wANGWRTJ030599; Fri, 23 Nov 2018 16:32:27 GMT (envelope-from gjb@FreeBSD.org) Received: (from gjb@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wANGWRQ1030598; Fri, 23 Nov 2018 16:32:27 GMT (envelope-from gjb@FreeBSD.org) Message-Id: <201811231632.wANGWRQ1030598@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: gjb set sender to gjb@FreeBSD.org using -f From: Glen Barber Date: Fri, 23 Nov 2018 16:32:27 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340839 - in releng/12.0: release/pkg_repos sys/conf X-SVN-Group: releng X-SVN-Commit-Author: gjb X-SVN-Commit-Paths: in releng/12.0: release/pkg_repos sys/conf X-SVN-Commit-Revision: 340839 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: BE1AF6B490 X-Spamd-Result: default: False [0.99 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_HAM_SHORT(-0.13)[-0.133,0]; NEURAL_SPAM_LONG(0.40)[0.400,0]; NEURAL_SPAM_MEDIUM(0.72)[0.721,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Nov 2018 16:32:28 -0000 Author: gjb Date: Fri Nov 23 16:32:27 2018 New Revision: 340839 URL: https://svnweb.freebsd.org/changeset/base/340839 Log: - Update releng/12.0 from RC1 to RC2 as part of the 12.0-RELEASE cycle. - Update the dvd1.iso pkg(8) configuration to use the release_0 package set to populate the dvd. Approved by: re (implicit) Sponsored by: The FreeBSD Foundation Modified: releng/12.0/release/pkg_repos/release-dvd.conf releng/12.0/sys/conf/newvers.sh Modified: releng/12.0/release/pkg_repos/release-dvd.conf ============================================================================== --- releng/12.0/release/pkg_repos/release-dvd.conf Fri Nov 23 16:18:36 2018 (r340838) +++ releng/12.0/release/pkg_repos/release-dvd.conf Fri Nov 23 16:32:27 2018 (r340839) @@ -1,6 +1,6 @@ # $FreeBSD$ release: { - url: "pkg+http://pkg.FreeBSD.org/${ABI}/quarterly", + url: "pkg+http://pkg.FreeBSD.org/${ABI}/release_0", mirror_type: "srv", signature_type: "fingerprints", fingerprints: "/usr/share/keys/pkg", Modified: releng/12.0/sys/conf/newvers.sh ============================================================================== --- releng/12.0/sys/conf/newvers.sh Fri Nov 23 16:18:36 2018 (r340838) +++ releng/12.0/sys/conf/newvers.sh Fri Nov 23 16:32:27 2018 (r340839) @@ -46,7 +46,7 @@ TYPE="FreeBSD" REVISION="12.0" -BRANCH="RC1" +BRANCH="RC2" if [ -n "${BRANCH_OVERRIDE}" ]; then BRANCH=${BRANCH_OVERRIDE} fi From owner-svn-src-releng@freebsd.org Fri Nov 23 21:08:12 2018 Return-Path: Delivered-To: svn-src-releng@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id AE1A41103F1D; Fri, 23 Nov 2018 21:08:12 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 516BB75190; Fri, 23 Nov 2018 21:08:12 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2DEC123F8F; Fri, 23 Nov 2018 21:08:12 +0000 (UTC) (envelope-from emaste@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wANL8C3K070321; Fri, 23 Nov 2018 21:08:12 GMT (envelope-from emaste@FreeBSD.org) Received: (from emaste@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wANL8BhU070318; Fri, 23 Nov 2018 21:08:11 GMT (envelope-from emaste@FreeBSD.org) Message-Id: <201811232108.wANL8BhU070318@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: emaste set sender to emaste@FreeBSD.org using -f From: Ed Maste Date: Fri, 23 Nov 2018 21:08:11 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-releng@freebsd.org Subject: svn commit: r340855 - in releng/12.0/sys/fs: nfs nfsserver X-SVN-Group: releng X-SVN-Commit-Author: emaste X-SVN-Commit-Paths: in releng/12.0/sys/fs: nfs nfsserver X-SVN-Commit-Revision: 340855 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 516BB75190 X-Spamd-Result: default: False [1.52 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.37)[0.368,0]; NEURAL_SPAM_MEDIUM(0.73)[0.730,0]; NEURAL_SPAM_LONG(0.42)[0.420,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-src-releng@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the release engineering / security commits to the src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Nov 2018 21:08:13 -0000 Author: emaste Date: Fri Nov 23 21:08:11 2018 New Revision: 340855 URL: https://svnweb.freebsd.org/changeset/base/340855 Log: MFS12 r340849, r340850, r340851: MFC r340661 (rmacklem): r304026 added code that started statistics gathering for an operation before the operation number (the variable called "op") was sanity checked. This patch moves the code down to below the range sanity check for "op". MFC r340662 (rmacklem): nfsm_advance() would panic() when the offs argument was negative. The code assumed that this would indicate a corrupted mbuf chain, but it could simply be caused by bogus RPC message data. This patch replaces the panic() with a printf() plus error return. MFC r340663 (rmacklem): Improve sanity checking for the dircount hint argument to NFSv3's ReaddirPlus and NFSv4's Readdir operations. The code checked for a zero argument, but did not check for a very large value. This patch clips dircount at the server's maximum data size. Approved by: re (kib) Modified: releng/12.0/sys/fs/nfs/nfs_commonsubs.c releng/12.0/sys/fs/nfsserver/nfs_nfsdport.c releng/12.0/sys/fs/nfsserver/nfs_nfsdsocket.c Directory Properties: releng/12.0/ (props changed) Modified: releng/12.0/sys/fs/nfs/nfs_commonsubs.c ============================================================================== --- releng/12.0/sys/fs/nfs/nfs_commonsubs.c Fri Nov 23 20:41:54 2018 (r340854) +++ releng/12.0/sys/fs/nfs/nfs_commonsubs.c Fri Nov 23 21:08:11 2018 (r340855) @@ -725,10 +725,14 @@ nfsm_advance(struct nfsrv_descript *nd, int offs, int if (offs == 0) goto out; /* - * A negative offs should be considered a serious problem. + * A negative offs might indicate a corrupted mbuf chain and, + * as such, a printf is logged. */ - if (offs < 0) - panic("nfsrv_advance"); + if (offs < 0) { + printf("nfsrv_advance: negative offs\n"); + error = EBADRPC; + goto out; + } /* * If left == -1, calculate it here. Modified: releng/12.0/sys/fs/nfsserver/nfs_nfsdport.c ============================================================================== --- releng/12.0/sys/fs/nfsserver/nfs_nfsdport.c Fri Nov 23 20:41:54 2018 (r340854) +++ releng/12.0/sys/fs/nfsserver/nfs_nfsdport.c Fri Nov 23 21:08:11 2018 (r340855) @@ -2107,9 +2107,15 @@ nfsrvd_readdirplus(struct nfsrv_descript *nd, int isdg * cookie) should be in the reply. At least one client "hints" 0, * so I set it to cnt for that case. I also round it up to the * next multiple of DIRBLKSIZ. + * Since the size of a Readdirplus directory entry reply will always + * be greater than a directory entry returned by VOP_READDIR(), it + * does not make sense to read more than NFS_SRVMAXDATA() via + * VOP_READDIR(). */ if (siz <= 0) siz = cnt; + else if (siz > NFS_SRVMAXDATA(nd)) + siz = NFS_SRVMAXDATA(nd); siz = ((siz + DIRBLKSIZ - 1) & ~(DIRBLKSIZ - 1)); if (nd->nd_flag & ND_NFSV4) { Modified: releng/12.0/sys/fs/nfsserver/nfs_nfsdsocket.c ============================================================================== --- releng/12.0/sys/fs/nfsserver/nfs_nfsdsocket.c Fri Nov 23 20:41:54 2018 (r340854) +++ releng/12.0/sys/fs/nfsserver/nfs_nfsdsocket.c Fri Nov 23 21:08:11 2018 (r340855) @@ -766,11 +766,6 @@ nfsrvd_compound(struct nfsrv_descript *nd, int isdgram *repp = *tl; op = fxdr_unsigned(int, *tl); NFSD_DEBUG(4, "op=%d\n", op); - - binuptime(&start_time); - nfsrvd_statstart(op, &start_time); - statsinprog = 1; - if (op < NFSV4OP_ACCESS || (op >= NFSV4OP_NOPS && (nd->nd_flag & ND_NFSV41) == 0) || (op >= NFSV41_NOPS && (nd->nd_flag & ND_NFSV41) != 0)) { @@ -782,6 +777,11 @@ nfsrvd_compound(struct nfsrv_descript *nd, int isdgram } else { repp++; } + + binuptime(&start_time); + nfsrvd_statstart(op, &start_time); + statsinprog = 1; + if (i == 0) op0 = op; if (i == numops - 1)