From owner-svn-src-stable-8@FreeBSD.ORG Wed Apr 28 00:49:25 2010 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 98C1A1065670; Wed, 28 Apr 2010 00:49:25 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 885E28FC18; Wed, 28 Apr 2010 00:49:25 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.3/8.14.3) with ESMTP id o3S0nP6d071875; Wed, 28 Apr 2010 00:49:25 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.3/8.14.3/Submit) id o3S0nP3l071870; Wed, 28 Apr 2010 00:49:25 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201004280049.o3S0nP3l071870@svn.freebsd.org> From: Xin LI Date: Wed, 28 Apr 2010 00:49:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r207304 - in stable/8: sbin/ifconfig share/man/man4 sys/net X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2010 00:49:25 -0000 Author: delphij Date: Wed Apr 28 00:49:24 2010 New Revision: 207304 URL: http://svn.freebsd.org/changeset/base/207304 Log: MFC r206637: When an underlying ioctl(2) handler returns an error, our ioctl(2) interface considers that it hits a fatal error, and will not copyout the request structure back for _IOW and _IOWR ioctls, keeping them untouched. The previous implementation of the SIOCGIFDESCR ioctl intends to feed the buffer length back to userland. However, if we return an error, the feedback would be defeated and ifconfig(8) would trap into an infinite loop. This commit changes SIOCGIFDESCR to set buffer field to NULL to indicate the previous ENAMETOOLONG case. Reported by: bschmidt Modified: stable/8/sbin/ifconfig/ifconfig.c stable/8/share/man/man4/netintro.4 stable/8/sys/net/if.c Directory Properties: stable/8/sbin/ifconfig/ (props changed) stable/8/share/man/man4/ (props changed) stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) stable/8/sys/dev/xen/xenpci/ (props changed) stable/8/sys/geom/sched/ (props changed) Modified: stable/8/sbin/ifconfig/ifconfig.c ============================================================================== --- stable/8/sbin/ifconfig/ifconfig.c Tue Apr 27 23:48:50 2010 (r207303) +++ stable/8/sbin/ifconfig/ifconfig.c Wed Apr 28 00:49:24 2010 (r207304) @@ -906,19 +906,20 @@ status(const struct afswtch *afp, const ifr.ifr_buffer.buffer = descr; ifr.ifr_buffer.length = descrlen; if (ioctl(s, SIOCGIFDESCR, &ifr) == 0) { - if (strlen(descr) > 0) - printf("\tdescription: %s\n", descr); - break; - } else if (errno == ENAMETOOLONG) - descrlen = ifr.ifr_buffer.length; - else - break; - } else { + if (ifr.ifr_buffer.buffer == descr) { + if (strlen(descr) > 0) + printf("\tdescription: %s\n", + descr); + } else if (ifr.ifr_buffer.length > descrlen) { + descrlen = ifr.ifr_buffer.length; + continue; + } + } + } else warn("unable to allocate memory for interface" "description"); - break; - } - }; + break; + } if (ioctl(s, SIOCGIFCAP, (caddr_t)&ifr) == 0) { if (ifr.ifr_curcap != 0) { Modified: stable/8/share/man/man4/netintro.4 ============================================================================== --- stable/8/share/man/man4/netintro.4 Tue Apr 27 23:48:50 2010 (r207303) +++ stable/8/share/man/man4/netintro.4 Wed Apr 28 00:49:24 2010 (r207304) @@ -32,7 +32,7 @@ .\" @(#)netintro.4 8.2 (Berkeley) 11/30/93 .\" $FreeBSD$ .\" -.Dd January 26, 2010 +.Dd April 14, 2010 .Dt NETINTRO 4 .Os .Sh NAME @@ -292,8 +292,11 @@ field of struct passed in as parameter, and the length would include the terminating nul character. If there is not enough space to hold the interface length, -no copy would be done and an -error would be returned. +no copy would be done and the +.Va buffer +field of +.Va ifru_buffer +would be set to NULL. The kernel will store the buffer length in the .Va length field upon return, regardless whether the buffer itself is Modified: stable/8/sys/net/if.c ============================================================================== --- stable/8/sys/net/if.c Tue Apr 27 23:48:50 2010 (r207303) +++ stable/8/sys/net/if.c Wed Apr 28 00:49:24 2010 (r207304) @@ -2115,14 +2115,13 @@ ifhwioctl(u_long cmd, struct ifnet *ifp, case SIOCGIFDESCR: error = 0; sx_slock(&ifdescr_sx); - if (ifp->if_description == NULL) { - ifr->ifr_buffer.length = 0; + if (ifp->if_description == NULL) error = ENOMSG; - } else { + else { /* space for terminating nul */ descrlen = strlen(ifp->if_description) + 1; if (ifr->ifr_buffer.length < descrlen) - error = ENAMETOOLONG; + ifr->ifr_buffer.buffer = NULL; else error = copyout(ifp->if_description, ifr->ifr_buffer.buffer, descrlen);