Date: Tue, 9 Sep 2008 17:32:22 GMT From: Ed Schouten <ed@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 149485 for review Message-ID: <200809091732.m89HWMjU001060@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=149485 Change 149485 by ed@ed_dull on 2008/09/09 17:32:04 IFC Peter's si(4) fixes. Affected files ... .. //depot/projects/mpsafetty/bin/cp/utils.c#3 integrate .. //depot/projects/mpsafetty/contrib/ntp/libparse/clk_rawdcf.c#3 integrate .. //depot/projects/mpsafetty/include/rpc/svc_auth.h#2 integrate .. //depot/projects/mpsafetty/lib/libarchive/archive_write_disk.c#6 integrate .. //depot/projects/mpsafetty/lib/libarchive/test/Makefile#3 integrate .. //depot/projects/mpsafetty/lib/libarchive/test/test_read_format_gtar_sparse.c#3 integrate .. //depot/projects/mpsafetty/lib/libarchive/test/test_write_disk_secure.c#3 integrate .. //depot/projects/mpsafetty/lib/libc/gen/arc4random.c#5 integrate .. //depot/projects/mpsafetty/lib/libc/rpc/svc.c#3 integrate .. //depot/projects/mpsafetty/lib/libc/rpc/svc_auth.c#3 integrate .. //depot/projects/mpsafetty/lib/libgeom/geom_util.c#2 integrate .. //depot/projects/mpsafetty/lib/libgeom/libgeom.3#2 integrate .. //depot/projects/mpsafetty/lib/libgeom/libgeom.h#2 integrate .. //depot/projects/mpsafetty/release/doc/en_US.ISO8859-1/relnotes/article.sgml#4 integrate .. //depot/projects/mpsafetty/sbin/fdisk/fdisk.c#3 integrate .. //depot/projects/mpsafetty/sbin/ipfw/ipfw2.c#2 integrate .. //depot/projects/mpsafetty/sbin/md5/md5.1#2 integrate .. //depot/projects/mpsafetty/sbin/natd/natd.c#2 integrate .. //depot/projects/mpsafetty/share/man/man4/if_bridge.4#3 integrate .. //depot/projects/mpsafetty/share/man/man4/tap.4#2 integrate .. //depot/projects/mpsafetty/share/man/man9/bus_dma.9#2 integrate .. //depot/projects/mpsafetty/sys/amd64/amd64/cpu_switch.S#4 integrate .. //depot/projects/mpsafetty/sys/amd64/amd64/genassym.c#3 integrate .. //depot/projects/mpsafetty/sys/amd64/amd64/machdep.c#4 integrate .. //depot/projects/mpsafetty/sys/amd64/amd64/mp_machdep.c#3 integrate .. //depot/projects/mpsafetty/sys/amd64/amd64/trap.c#2 integrate .. //depot/projects/mpsafetty/sys/amd64/include/pcb.h#3 integrate .. //depot/projects/mpsafetty/sys/amd64/include/pcpu.h#3 integrate .. //depot/projects/mpsafetty/sys/amd64/include/segments.h#2 integrate .. //depot/projects/mpsafetty/sys/amd64/linux32/linux32_genassym.c#2 integrate .. //depot/projects/mpsafetty/sys/amd64/linux32/linux32_locore.s#2 integrate .. //depot/projects/mpsafetty/sys/amd64/linux32/linux32_machdep.c#3 integrate .. //depot/projects/mpsafetty/sys/arm/conf/KB920X#5 integrate .. //depot/projects/mpsafetty/sys/arm/conf/NSLU#2 integrate .. //depot/projects/mpsafetty/sys/boot/sparc64/loader/main.c#6 integrate .. //depot/projects/mpsafetty/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c#3 integrate .. //depot/projects/mpsafetty/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_znode.c#3 integrate .. //depot/projects/mpsafetty/sys/compat/linux/linux_file.c#2 integrate .. //depot/projects/mpsafetty/sys/compat/linux/linux_socket.c#3 integrate .. //depot/projects/mpsafetty/sys/conf/NOTES#9 integrate .. //depot/projects/mpsafetty/sys/dev/acpi_support/acpi_fujitsu.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/asmc/asmc.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/asmc/asmcvar.h#2 integrate .. //depot/projects/mpsafetty/sys/dev/ath/if_athvar.h#2 integrate .. //depot/projects/mpsafetty/sys/dev/bge/if_bge.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/cxgb/cxgb_adapter.h#5 integrate .. //depot/projects/mpsafetty/sys/dev/cxgb/cxgb_main.c#7 integrate .. //depot/projects/mpsafetty/sys/dev/cxgb/cxgb_sge.c#6 integrate .. //depot/projects/mpsafetty/sys/dev/drm/ati_pcigart.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/drm/drm_bufs.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/drm/drm_pci.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/drm/i915_dma.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/drm/mach64_dma.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/esp/esp_sbus.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/esp/ncr53c9x.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/esp/ncr53c9xreg.h#2 integrate .. //depot/projects/mpsafetty/sys/dev/esp/ncr53c9xvar.h#3 integrate .. //depot/projects/mpsafetty/sys/dev/ic/i8251.h#2 integrate .. //depot/projects/mpsafetty/sys/dev/ic/i8255.h#1 branch .. //depot/projects/mpsafetty/sys/dev/iicbus/ds133x.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/iicbus/ds1672.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/jme/if_jme.c#4 integrate .. //depot/projects/mpsafetty/sys/dev/jme/if_jmereg.h#2 integrate .. //depot/projects/mpsafetty/sys/dev/le/if_le_ledma.c#2 integrate .. //depot/projects/mpsafetty/sys/dev/si/si.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/sound/pci/hda/hdac.c#3 integrate .. //depot/projects/mpsafetty/sys/dev/uart/uart_cpu_pc98.c#3 integrate .. //depot/projects/mpsafetty/sys/geom/geom_dev.c#2 integrate .. //depot/projects/mpsafetty/sys/i386/isa/isa.c#2 integrate .. //depot/projects/mpsafetty/sys/i386/linux/linux_genassym.c#2 integrate .. //depot/projects/mpsafetty/sys/i386/linux/linux_locore.s#2 integrate .. //depot/projects/mpsafetty/sys/kern/subr_sleepqueue.c#4 integrate .. //depot/projects/mpsafetty/sys/kern/subr_turnstile.c#2 integrate .. //depot/projects/mpsafetty/sys/kern/uipc_sockbuf.c#2 integrate .. //depot/projects/mpsafetty/sys/net/if_bridge.c#4 integrate .. //depot/projects/mpsafetty/sys/net/if_tap.c#2 integrate .. //depot/projects/mpsafetty/sys/net/if_tap.h#2 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211.h#3 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_ddb.c#3 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_freebsd.h#2 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_ht.c#3 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_ht.h#2 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_ioctl.c#3 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_ioctl.h#2 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_node.c#2 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_node.h#2 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_phy.c#2 integrate .. //depot/projects/mpsafetty/sys/net80211/ieee80211_sta.c#2 integrate .. //depot/projects/mpsafetty/sys/netinet/ip_fw.h#2 integrate .. //depot/projects/mpsafetty/sys/netinet/ip_fw2.c#7 integrate .. //depot/projects/mpsafetty/sys/netinet/tcp_debug.c#2 integrate .. //depot/projects/mpsafetty/sys/netinet/tcp_input.c#5 integrate .. //depot/projects/mpsafetty/sys/netinet/tcp_output.c#5 integrate .. //depot/projects/mpsafetty/sys/netinet/tcp_subr.c#4 integrate .. //depot/projects/mpsafetty/sys/netinet/tcp_var.h#3 integrate .. //depot/projects/mpsafetty/sys/pc98/cbus/sio.c#2 integrate .. //depot/projects/mpsafetty/sys/pc98/include/bus.h#2 integrate .. //depot/projects/mpsafetty/sys/pc98/pc98/busiosubr.c#2 integrate .. //depot/projects/mpsafetty/sys/sparc64/include/asi.h#3 integrate .. //depot/projects/mpsafetty/sys/sparc64/include/tlb.h#2 integrate .. //depot/projects/mpsafetty/sys/sparc64/sbus/dma_sbus.c#3 integrate .. //depot/projects/mpsafetty/sys/sparc64/sbus/lsi64854.c#2 integrate .. //depot/projects/mpsafetty/sys/sparc64/sbus/lsi64854var.h#2 integrate .. //depot/projects/mpsafetty/sys/sparc64/sparc64/cheetah.c#5 integrate .. //depot/projects/mpsafetty/sys/sparc64/sparc64/exception.S#6 integrate .. //depot/projects/mpsafetty/sys/sparc64/sparc64/genassym.c#4 integrate .. //depot/projects/mpsafetty/sys/sparc64/sparc64/mp_exception.S#3 integrate .. //depot/projects/mpsafetty/sys/sparc64/sparc64/pmap.c#4 integrate .. //depot/projects/mpsafetty/sys/sparc64/sparc64/support.S#3 integrate .. //depot/projects/mpsafetty/sys/sparc64/sparc64/swtch.S#3 integrate .. //depot/projects/mpsafetty/sys/sparc64/sparc64/tlb.c#3 integrate .. //depot/projects/mpsafetty/sys/sys/disk.h#2 integrate .. //depot/projects/mpsafetty/sys/sys/param.h#8 integrate .. //depot/projects/mpsafetty/sys/sys/termios.h#8 integrate .. //depot/projects/mpsafetty/tools/tools/nanobsd/nanobsd.sh#7 integrate .. //depot/projects/mpsafetty/usr.sbin/boot0cfg/boot0cfg.c#2 integrate .. //depot/projects/mpsafetty/usr.sbin/setfib/setfib.c#3 integrate Differences ... ==== //depot/projects/mpsafetty/bin/cp/utils.c#3 (text+ko) ==== @@ -33,7 +33,7 @@ #endif #endif /* not lint */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/bin/cp/utils.c,v 1.54 2008/08/07 07:29:26 trasz Exp $"); +__FBSDID("$FreeBSD: src/bin/cp/utils.c,v 1.55 2008/09/09 12:31:42 trasz Exp $"); #include <sys/types.h> #include <sys/acl.h> @@ -224,7 +224,6 @@ rval = 1; if (pflag && preserve_fd_acls(from_fd, to_fd) != 0) rval = 1; - (void)close(from_fd); if (close(to_fd)) { warn("%s", to.p_path); rval = 1; ==== //depot/projects/mpsafetty/contrib/ntp/libparse/clk_rawdcf.c#3 (text+ko) ==== @@ -229,7 +229,7 @@ unsigned char *c = dcfprm->zerobits; int i; - parseprintf(DD_RAWDCF,("parse: convert_rawdcf: \"%s\"\n", buffer)); + parseprintf(DD_RAWDCF,("parse: convert_rawdcf: \"%.*s\"\n", size, buffer)); if (size < 57) { @@ -320,7 +320,7 @@ * bad format - not for us */ #ifndef PARSEKERNEL - msyslog(LOG_ERR, "parse: convert_rawdcf: parity check FAILED for \"%s\"\n", buffer); + msyslog(LOG_ERR, "parse: convert_rawdcf: parity check FAILED for \"%.*s\"\n", size, buffer); #endif return CVT_FAIL|CVT_BADFMT; } ==== //depot/projects/mpsafetty/include/rpc/svc_auth.h#2 (text+ko) ==== @@ -30,7 +30,7 @@ * * from: @(#)svc_auth.h 1.6 86/07/16 SMI * @(#)svc_auth.h 2.1 88/07/29 4.0 RPCSRC - * $FreeBSD: src/include/rpc/svc_auth.h,v 1.14 2002/03/23 17:24:55 imp Exp $ + * $FreeBSD: src/include/rpc/svc_auth.h,v 1.15 2008/09/09 14:15:55 dfr Exp $ */ /* @@ -46,6 +46,8 @@ * Server side authenticator */ __BEGIN_DECLS +extern struct svc_auth_ops svc_auth_null_ops; + extern enum auth_stat _authenticate(struct svc_req *, struct rpc_msg *); extern int svc_auth_reg(int, enum auth_stat (*)(struct svc_req *, struct rpc_msg *)); ==== //depot/projects/mpsafetty/lib/libarchive/archive_write_disk.c#6 (text+ko) ==== @@ -25,7 +25,7 @@ */ #include "archive_platform.h" -__FBSDID("$FreeBSD: src/lib/libarchive/archive_write_disk.c,v 1.35 2008/09/05 06:13:11 kientzle Exp $"); +__FBSDID("$FreeBSD: src/lib/libarchive/archive_write_disk.c,v 1.36 2008/09/07 05:22:33 kientzle Exp $"); #ifdef HAVE_SYS_TYPES_H #include <sys/types.h> @@ -907,14 +907,26 @@ * We know something is in the way, but we don't know what; * we need to find out before we go any further. */ - if (lstat(a->name, &a->st) != 0) { + int r = 0; + /* + * The SECURE_SYMLINK logic has already removed a + * symlink to a dir if the client wants that. So + * follow the symlink if we're creating a dir. + */ + if (S_ISDIR(a->mode)) + r = stat(a->name, &a->st); + /* + * If it's not a dir (or it's a broken symlink), + * then don't follow it. + */ + if (r != 0 || !S_ISDIR(a->mode)) + r = lstat(a->name, &a->st); + if (r != 0) { archive_set_error(&a->archive, errno, "Can't stat existing object"); return (ARCHIVE_WARN); } - /* TODO: if it's a symlink... */ - /* * NO_OVERWRITE_NEWER doesn't apply to directories. */ ==== //depot/projects/mpsafetty/lib/libarchive/test/Makefile#3 (text+ko) ==== @@ -1,4 +1,4 @@ -# $FreeBSD: src/lib/libarchive/test/Makefile,v 1.24 2008/08/25 06:08:22 kientzle Exp $ +# $FreeBSD: src/lib/libarchive/test/Makefile,v 1.25 2008/09/08 00:58:12 kientzle Exp $ # Where to find the libarchive sources LA_SRCDIR=${.CURDIR}/.. @@ -89,7 +89,7 @@ # Uncomment to link against dmalloc #LDADD+= -L/usr/local/lib -ldmalloc #CFLAGS+= -I/usr/local/include -DUSE_DMALLOC -#WARNS=6 +WARNS=6 # Build libarchive_test and run it. check test: libarchive_test ==== //depot/projects/mpsafetty/lib/libarchive/test/test_read_format_gtar_sparse.c#3 (text+ko) ==== @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "test.h" -__FBSDID("$FreeBSD: src/lib/libarchive/test/test_read_format_gtar_sparse.c,v 1.9 2008/09/01 05:38:33 kientzle Exp $"); +__FBSDID("$FreeBSD: src/lib/libarchive/test/test_read_format_gtar_sparse.c,v 1.10 2008/09/08 00:58:12 kientzle Exp $"); struct contents { @@ -187,6 +187,7 @@ struct contents expect; /* data, size, offset of block read from archive. */ struct contents actual; + const void *p; struct archive *a; extract_reference_file(name); @@ -206,10 +207,10 @@ expect = *cts++; while (0 == (err = archive_read_data_block(a, - (const void **)&actual.d, - &actual.s, &actual.o))) { + &p, &actual.s, &actual.o))) { + actual.d = p; while (actual.s > 0) { - char c = *(const char *)actual.d; + char c = *actual.d; if(actual.o < expect.o) { /* * Any byte before the expected ==== //depot/projects/mpsafetty/lib/libarchive/test/test_write_disk_secure.c#3 (text+ko) ==== @@ -23,7 +23,7 @@ * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ #include "test.h" -__FBSDID("$FreeBSD: src/lib/libarchive/test/test_write_disk_secure.c,v 1.5 2008/09/01 05:38:33 kientzle Exp $"); +__FBSDID("$FreeBSD: src/lib/libarchive/test/test_write_disk_secure.c,v 1.8 2008/09/07 23:59:27 kientzle Exp $"); #define UMASK 022 @@ -105,6 +105,80 @@ archive_entry_free(ae); assert(0 == archive_write_finish_entry(a)); + /* + * Without security checks, extracting a dir over a link to a + * dir should follow the link. + */ + /* Create a symlink to a dir. */ + assert((ae = archive_entry_new()) != NULL); + archive_entry_copy_pathname(ae, "link_to_dir3"); + archive_entry_set_mode(ae, S_IFLNK | 0777); + archive_entry_set_symlink(ae, "dir"); + archive_write_disk_set_options(a, 0); + assert(0 == archive_write_header(a, ae)); + assert(0 == archive_write_finish_entry(a)); + /* Extract a dir whose name matches the symlink. */ + assert(archive_entry_clear(ae) != NULL); + archive_entry_copy_pathname(ae, "link_to_dir3"); + archive_entry_set_mode(ae, S_IFDIR | 0777); + assert(0 == archive_write_header(a, ae)); + assert(0 == archive_write_finish_entry(a)); + /* Verify link was followed. */ + assertEqualInt(0, lstat("link_to_dir3", &st)); + assert(S_ISLNK(st.st_mode)); + archive_entry_free(ae); + + /* + * As above, but a broken link, so the link should get replaced. + */ + /* Create a symlink to a dir. */ + assert((ae = archive_entry_new()) != NULL); + archive_entry_copy_pathname(ae, "link_to_dir4"); + archive_entry_set_mode(ae, S_IFLNK | 0777); + archive_entry_set_symlink(ae, "nonexistent_dir"); + archive_write_disk_set_options(a, 0); + assert(0 == archive_write_header(a, ae)); + assert(0 == archive_write_finish_entry(a)); + /* Extract a dir whose name matches the symlink. */ + assert(archive_entry_clear(ae) != NULL); + archive_entry_copy_pathname(ae, "link_to_dir4"); + archive_entry_set_mode(ae, S_IFDIR | 0777); + assert(0 == archive_write_header(a, ae)); + assert(0 == archive_write_finish_entry(a)); + /* Verify link was replaced. */ + assertEqualInt(0, lstat("link_to_dir4", &st)); + assert(S_ISDIR(st.st_mode)); + archive_entry_free(ae); + + /* + * As above, but a link to a non-dir, so the link should get replaced. + */ + /* Create a regular file and a symlink to it */ + assert((ae = archive_entry_new()) != NULL); + archive_entry_copy_pathname(ae, "non_dir"); + archive_entry_set_mode(ae, S_IFREG | 0777); + archive_write_disk_set_options(a, 0); + assert(0 == archive_write_header(a, ae)); + assert(0 == archive_write_finish_entry(a)); + /* Create symlink to the file. */ + archive_entry_copy_pathname(ae, "link_to_dir5"); + archive_entry_set_mode(ae, S_IFLNK | 0777); + archive_entry_set_symlink(ae, "non_dir"); + archive_write_disk_set_options(a, 0); + assert(0 == archive_write_header(a, ae)); + assert(0 == archive_write_finish_entry(a)); + /* Extract a dir whose name matches the symlink. */ + assert(archive_entry_clear(ae) != NULL); + archive_entry_copy_pathname(ae, "link_to_dir5"); + archive_entry_set_mode(ae, S_IFDIR | 0777); + assert(0 == archive_write_header(a, ae)); + assert(0 == archive_write_finish_entry(a)); + /* Verify link was replaced. */ + assertEqualInt(0, lstat("link_to_dir5", &st)); + assert(S_ISDIR(st.st_mode)); + archive_entry_free(ae); + + #if ARCHIVE_VERSION_NUMBER < 2000000 archive_write_finish(a); #else ==== //depot/projects/mpsafetty/lib/libc/gen/arc4random.c#5 (text+ko) ==== @@ -33,7 +33,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/lib/libc/gen/arc4random.c,v 1.24 2008/08/03 20:15:22 ache Exp $"); +__FBSDID("$FreeBSD: src/lib/libc/gen/arc4random.c,v 1.25 2008/09/09 09:46:36 ache Exp $"); #include "namespace.h" #include <sys/types.h> @@ -54,7 +54,7 @@ static pthread_mutex_t arc4random_mtx = PTHREAD_MUTEX_INITIALIZER; -#define RANDOMDEV "/dev/urandom" +#define RANDOMDEV "/dev/random" #define KEYSIZE 128 #define THREAD_LOCK() \ do { \ @@ -193,6 +193,7 @@ THREAD_LOCK(); arc4_check_init(); arc4_stir(); + rs_stired = 1; THREAD_UNLOCK(); } ==== //depot/projects/mpsafetty/lib/libc/rpc/svc.c#3 (text+ko) ==== @@ -34,7 +34,7 @@ static char *sccsid = "@(#)svc.c 2.4 88/08/11 4.0 RPCSRC"; #endif #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/lib/libc/rpc/svc.c,v 1.25 2008/08/06 14:02:05 dfr Exp $"); +__FBSDID("$FreeBSD: src/lib/libc/rpc/svc.c,v 1.26 2008/09/09 14:15:55 dfr Exp $"); /* * svc.c, Server-side remote procedure call interface. @@ -569,6 +569,7 @@ ext = mem_alloc(sizeof(SVCXPRT_EXT)); memset(ext, 0, sizeof(SVCXPRT_EXT)); xprt->xp_p3 = ext; + ext->xp_auth.svc_ah_ops = &svc_auth_null_ops; return (xprt); } ==== //depot/projects/mpsafetty/lib/libc/rpc/svc_auth.c#3 (text+ko) ==== @@ -37,7 +37,7 @@ static char sccsid[] = "@(#)svc_auth.c 1.26 89/02/07 Copyr 1984 Sun Micro"; #endif #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/lib/libc/rpc/svc_auth.c,v 1.14 2008/08/06 14:02:05 dfr Exp $"); +__FBSDID("$FreeBSD: src/lib/libc/rpc/svc_auth.c,v 1.15 2008/09/09 14:15:55 dfr Exp $"); /* * svc_auth.c, Server-side rpc authenticator interface. @@ -75,7 +75,7 @@ }; static struct authsvc *Auths = NULL; -static struct svc_auth_ops svc_auth_null_ops; +struct svc_auth_ops svc_auth_null_ops; /* * The call rpc message, msg has been obtained from the wire. The msg contains @@ -162,7 +162,7 @@ return (xdr_func(xdrs, xdr_ptr)); } -static struct svc_auth_ops svc_auth_null_ops = { +struct svc_auth_ops svc_auth_null_ops = { svcauth_null_wrap, svcauth_null_wrap, }; ==== //depot/projects/mpsafetty/lib/libgeom/geom_util.c#2 (text+ko) ==== @@ -25,7 +25,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/lib/libgeom/geom_util.c,v 1.2 2008/05/20 11:45:05 pjd Exp $"); +__FBSDID("$FreeBSD: src/lib/libgeom/geom_util.c,v 1.3 2008/09/07 13:54:57 lulf Exp $"); #include <sys/param.h> #include <sys/disk.h> @@ -42,29 +42,22 @@ #include <libgeom.h> +static char *g_device_path_open(const char *, int *, int); + /* * Open the given provider and at least check if this is a block device. */ int g_open(const char *name, int dowrite) { - char path[MAXPATHLEN]; + char *path; int fd; - if (name[0] == '/') - strlcpy(path, name, sizeof(path)); - else - snprintf(path, sizeof(path), "%s%s", _PATH_DEV, name); - - fd = open(path, dowrite ? O_RDWR : O_RDONLY); + path = g_device_path_open(name, &fd, dowrite); + if (path != NULL) + free(path); if (fd == -1) return (-1); - /* Let try to get sectorsize, which will prove it is a GEOM provider. */ - if (g_sectorsize(fd) == -1) { - close(fd); - errno = EFTYPE; - return (-1); - } return (fd); } @@ -121,6 +114,19 @@ } /* + * Return the correct provider name. + */ +char * +g_providername(int fd) +{ + char name[MAXPATHLEN]; + + if (g_ioctl_arg(fd, DIOCGPROVIDERNAME, name) == -1) + return (NULL); + return (strdup(name)); +} + +/* * Call BIO_FLUSH for the given provider. */ int @@ -234,3 +240,77 @@ } return (fd); } + +/* + * Return the device path device given a partial or full path to its node. + * A pointer can be provided, which will be set to an opened file descriptor of + * not NULL. + */ +static char * +g_device_path_open(const char *devpath, int *fdp, int dowrite) +{ + char *path; + int fd; + + /* Make sure that we can fail. */ + if (fdp != NULL) + *fdp = -1; + /* Use the device node if we're able to open it. */ + do { + fd = open(devpath, dowrite ? O_RDWR : O_RDONLY); + if (fd == -1) + break; + /* + * Let try to get sectorsize, which will prove it is a GEOM + * provider. + */ + if (g_sectorsize(fd) == -1) { + close(fd); + errno = EFTYPE; + return (NULL); + } + if ((path = strdup(devpath)) == NULL) { + close(fd); + return (NULL); + } + if (fdp != NULL) + *fdp = fd; + else + close(fd); + return (path); + } while (0); + + /* If we're not given an absolute path, assume /dev/ prefix. */ + if (*devpath != '/') { + asprintf(&path, "%s%s", _PATH_DEV, devpath); + if (path == NULL) + return (NULL); + fd = open(path, dowrite ? O_RDWR : O_RDONLY); + if (fd == -1) { + free(path); + return (NULL); + } + /* + * Let try to get sectorsize, which will prove it is a GEOM + * provider. + */ + if (g_sectorsize(fd) == -1) { + free(path); + close(fd); + errno = EFTYPE; + return (NULL); + } + if (fdp != NULL) + *fdp = fd; + else + close(fd); + return (path); + } + return (NULL); +} + +char * +g_device_path(const char *devpath) +{ + return (g_device_path_open(devpath, NULL, 0)); +} ==== //depot/projects/mpsafetty/lib/libgeom/libgeom.3#2 (text+ko) ==== @@ -26,9 +26,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $FreeBSD: src/lib/libgeom/libgeom.3,v 1.10 2008/06/13 21:49:21 thompsa Exp $ +.\" $FreeBSD: src/lib/libgeom/libgeom.3,v 1.11 2008/09/08 06:27:00 lulf Exp $ .\" -.Dd May 6, 2007 +.Dd September 8, 2008 .Dt LIBGEOM 3 .Os .Sh NAME @@ -52,9 +52,11 @@ .Nm g_sectorsize , .Nm g_flush , .Nm g_delete , +.Nm g_device_path , .Nm g_get_ident , .Nm g_get_name , -.Nm g_open_by_ident +.Nm g_open_by_ident , +.Nm g_providername .Nd userland API library for kernel GEOM subsystem .Sh LIBRARY .Lb libgeom @@ -103,12 +105,16 @@ .Fn g_flush "int fd" .Ft int .Fn g_delete "int fd" "off_t offset" "off_t length" +.Ft "char *" +.Fn g_device_path "const char *devpath" .Ft int .Fn g_get_ident "int fd" "char *ident" "size_t size" .Ft int .Fn g_get_name "const char *ident" "char *name" "size_t size" .Ft int .Fn g_open_by_ident "const char *ident" "int dowrite" "char *name" "size_t size" +.Ft "char *" +.Fn g_providername "int fd" .Sh DESCRIPTION The .Nm geom @@ -301,6 +307,13 @@ function tells the provider that the given data range is no longer used. .Pp The +.Fn g_device_path +function returns the full path to a provider given a partial or full path to the +device node. +If the device can not be found or is not a valid geom provider, NULL is +returned. +.Pp +The .Fn g_get_ident function returns provider's fixed and unique identifier. The @@ -326,7 +339,17 @@ .Dv NULL , the function will store provider's name there. .Pp -All functions return value greater than or equal to +The +.Fn g_providername +function returns the provider name of an open file descriptor. +If the file descriptor does not point to a valid geom provider, NULL is +returned. +.Pp +All functions except +.Fn g_providername +and +.Fn g_device_path +return a value greater than or equal to .Va 0 on success or .Va -1 ==== //depot/projects/mpsafetty/lib/libgeom/libgeom.h#2 (text+ko) ==== @@ -26,7 +26,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $FreeBSD: src/lib/libgeom/libgeom.h,v 1.12 2007/05/06 10:00:27 des Exp $ + * $FreeBSD: src/lib/libgeom/libgeom.h,v 1.13 2008/09/07 13:54:57 lulf Exp $ */ #ifndef _LIBGEOM_H_ #define _LIBGEOM_H_ @@ -154,6 +154,8 @@ int g_get_ident(int, char *, size_t); int g_get_name(const char *, char *, size_t); int g_open_by_ident(const char *, int, char *, size_t); +char *g_device_path(const char *); +char *g_providername(int); __END_DECLS ==== //depot/projects/mpsafetty/release/doc/en_US.ISO8859-1/relnotes/article.sgml#4 (text+ko) ==== @@ -17,7 +17,7 @@ <corpauthor>The &os; Project</corpauthor> - <pubdate>$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/article.sgml,v 1.1092 2008/07/29 04:23:18 bmah Exp $</pubdate> + <pubdate>$FreeBSD: src/release/doc/en_US.ISO8859-1/relnotes/article.sgml,v 1.1093 2008/09/08 17:13:18 gshapiro Exp $</pubdate> <copyright> <year>2000</year> @@ -449,7 +449,7 @@ Figwort release to the Hydrangea release.</para> <para role="merged"><application>sendmail</application> has been updated from - 8.14.1 to 8.14.2.</para> + 8.14.1 to 8.14.3.</para> <para role="merged">The timezone database has been updated from the <application>tzdata2007h</application> release to ==== //depot/projects/mpsafetty/sbin/fdisk/fdisk.c#3 (text+ko) ==== @@ -25,7 +25,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sbin/fdisk/fdisk.c,v 1.85 2008/07/31 00:55:29 obrien Exp $"); +__FBSDID("$FreeBSD: src/sbin/fdisk/fdisk.c,v 1.86 2008/09/07 13:58:35 lulf Exp $"); #include <sys/disk.h> #include <sys/disklabel.h> @@ -245,7 +245,6 @@ int main(int argc, char *argv[]) { - struct stat sb; int c, i; int partition = -1; struct dos_partition *partp; @@ -307,18 +306,9 @@ if (argc == 0) { disk = get_rootdisk(); } else { - if (stat(argv[0], &sb) == 0) { - /* OK, full pathname given */ - disk = argv[0]; - } else if (errno == ENOENT && argv[0][0] != '/') { - /* Try prepending "/dev" */ - asprintf(&disk, "%s%s", _PATH_DEV, argv[0]); - if (disk == NULL) - errx(1, "out of memory"); - } else { - /* other stat error, let it fail below */ - disk = argv[0]; - } + disk = g_device_path(argv[0]); + if (disk == NULL) + err(1, "unable to get correct path for %s\n", argv[0]); } if (open_disk(u_flag) < 0) err(1, "cannot open disk %s", disk); @@ -724,21 +714,14 @@ static int open_disk(int flag) { - struct stat st; int rwmode; - if (stat(disk, &st) == -1) { - if (errno == ENOENT) - return -2; - warnx("can't get file status of %s", disk); - return -1; - } - if ( !(st.st_mode & S_IFCHR) ) - warnx("device %s is not character special", disk); - rwmode = a_flag || I_flag || B_flag || flag ? O_RDWR : O_RDONLY; - fd = open(disk, rwmode); - if (fd == -1 && errno == EPERM && rwmode == O_RDWR) - fd = open(disk, O_RDONLY); + /* Write mode if one of these flags are set. */ + rwmode = (a_flag || I_flag || B_flag || flag); + fd = g_open(disk, rwmode); + /* If the mode fails, try read-only if we didn't. */ + if (fd == -1 && errno == EPERM && rwmode) + fd = g_open(disk, 0); if (fd == -1 && errno == ENXIO) return -2; if (fd == -1) { @@ -778,29 +761,30 @@ { int error; struct gctl_req *grq; - const char *q; - char fbuf[BUFSIZ]; + const char *errmsg; + char fbuf[BUFSIZ], *pname; int i, fdw; grq = gctl_get_handle(); gctl_ro_param(grq, "verb", -1, "write MBR"); gctl_ro_param(grq, "class", -1, "MBR"); - q = strrchr(disk, '/'); - if (q == NULL) - q = disk; - else - q++; - gctl_ro_param(grq, "geom", -1, q); + pname = g_providername(fd); + if (pname == NULL) { + warnx("Error getting providername for %s\n", disk); + return (-1); + } + gctl_ro_param(grq, "geom", -1, pname); gctl_ro_param(grq, "data", secsize, buf); - q = gctl_issue(grq); - if (q == NULL) { + errmsg = gctl_issue(grq); + free(pname); + if (errmsg == NULL) { gctl_free(grq); return(0); } if (!q_flag) /* GEOM errors are benign, not all devices supported */ - warnx("%s", q); + warnx("%s", errmsg); gctl_free(grq); - + error = pwrite(fd, buf, secsize, (sector * 512)); if (error == secsize) return (0); @@ -841,21 +825,18 @@ dos_cylsecs = cylsecs = heads * sectors; disksecs = cyls * heads * sectors; - error = ioctl(fd, DIOCGSECTORSIZE, &u); - if (error != 0 || u == 0) - u = 512; - else - secsize = u; + u = g_sectorsize(fd); + if (u <= 0) + return (-1); - error = ioctl(fd, DIOCGMEDIASIZE, &o); - if (error == 0) { - disksecs = o / u; - cyls = dos_cyls = o / (u * dos_heads * dos_sectors); - } + o = g_mediasize(fd); + if (o < 0) + return (-1); + disksecs = o / u; + cyls = dos_cyls = o / (u * dos_heads * dos_sectors); return (disksecs); } - static int read_s0() ==== //depot/projects/mpsafetty/sbin/ipfw/ipfw2.c#2 (text+ko) ==== @@ -17,7 +17,7 @@ * * NEW command line interface for IP firewall facility * - * $FreeBSD: src/sbin/ipfw/ipfw2.c,v 1.120 2008/05/10 15:02:56 julian Exp $ + * $FreeBSD: src/sbin/ipfw/ipfw2.c,v 1.121 2008/09/06 17:23:37 rik Exp $ */ #include <sys/param.h> @@ -2429,7 +2429,7 @@ rulenum = atoi(av[0]); new_set = atoi(av[2]); if (!isdigit(*(av[0])) || (cmd == 3 && rulenum > RESVD_SET) || - (cmd == 2 && rulenum == 65535) ) + (cmd == 2 && rulenum == IPFW_DEFAULT_RULE) ) errx(EX_DATAERR, "invalid source number %s\n", av[0]); if (!isdigit(*(av[2])) || new_set > RESVD_SET) errx(EX_DATAERR, "invalid dest. set %s\n", av[1]); @@ -2553,7 +2553,7 @@ * need to scan the list to count them. */ for (nstat = 1, r = data, lim = (char *)data + nbytes; - r->rulenum < 65535 && (char *)r < lim; + r->rulenum < IPFW_DEFAULT_RULE && (char *)r < lim; ++nstat, r = NEXT(r) ) ; /* nothing */ @@ -5045,7 +5045,8 @@ if (have_tag) errx(EX_USAGE, "tag and untag cannot be " "specified more than once"); - GET_UINT_ARG(tag, 1, 65534, i, rule_action_params); + GET_UINT_ARG(tag, 1, IPFW_DEFAULT_RULE - 1, i, + rule_action_params); have_tag = cmd; fill_cmd(cmd, O_TAG, (i == TOK_TAG) ? 0: F_NOT, tag); ac--; av++; @@ -5521,8 +5522,8 @@ if (c->limit_mask == 0) errx(EX_USAGE, "limit: missing limit mask"); - GET_UINT_ARG(c->conn_limit, 1, 65534, TOK_LIMIT, - rule_options); + GET_UINT_ARG(c->conn_limit, 1, IPFW_DEFAULT_RULE - 1, + TOK_LIMIT, rule_options); ac--; av++; break; @@ -5649,8 +5650,8 @@ else { uint16_t tag; - GET_UINT_ARG(tag, 1, 65534, TOK_TAGGED, - rule_options); + GET_UINT_ARG(tag, 1, IPFW_DEFAULT_RULE - 1, + TOK_TAGGED, rule_options); fill_cmd(cmd, O_TAGGED, 0, tag); } ac--; av++; @@ -5978,7 +5979,7 @@ size = 0; data = NULL; frule = 0; - lrule = 65535; /* max ipfw rule number */ + lrule = IPFW_DEFAULT_RULE; /* max ipfw rule number */ ac--; av++; /* Parse parameters. */ ==== //depot/projects/mpsafetty/sbin/md5/md5.1#2 (text+ko) ==== @@ -1,5 +1,5 @@ -.\" $FreeBSD: src/sbin/md5/md5.1,v 1.24 2005/03/10 09:56:39 cperciva Exp $ -.Dd June 6, 2004 +.\" $FreeBSD: src/sbin/md5/md5.1,v 1.25 2008/09/07 15:19:34 trhodes Exp $ +.Dd September 7, 2008 .Dt MD5 1 .Os .Sh NAME @@ -49,7 +49,7 @@ .Tn RSA . .Pp .Tn MD5 -has not yet (2001-09-03) been broken, but sufficient attacks have been +has not yet (2007-03-05) been broken, but sufficient attacks have been made that its security is in some doubt. The attacks on .Tn MD5 ==== //depot/projects/mpsafetty/sbin/natd/natd.c#2 (text+ko) ==== @@ -11,7 +11,7 @@ */ #include <sys/cdefs.h> -__FBSDID("$FreeBSD: src/sbin/natd/natd.c,v 1.53 2008/06/22 22:14:02 mav Exp $"); +__FBSDID("$FreeBSD: src/sbin/natd/natd.c,v 1.54 2008/09/06 17:26:52 rik Exp $"); #define SYSLOG_NAMES @@ -130,6 +130,7 @@ static void SetupSkinnyPort(const char *strValue); static void NewInstance(const char *name); static void DoGlobal (int fd); +static int CheckIpfwRulenum(unsigned int rnum); /* * Globals. @@ -1947,6 +1948,10 @@ if (sscanf(strValue, "%u:%u", &base, &num) != 2) errx(1, "punch_fw: basenumber:count parameter required"); + if (CheckIpfwRulenum(base + num - 1) == -1) + errx(1, "punch_fw: basenumber:count parameter should fit " + "the maximum allowed rule numbers"); + LibAliasSetFWBase(mla, base, num); (void)LibAliasSetMode(mla, PKT_ALIAS_PUNCH_FW, PKT_ALIAS_PUNCH_FW); } @@ -1991,3 +1996,22 @@ mla = ip->la; mip = ip; } + +static int +CheckIpfwRulenum(unsigned int rnum) +{ + unsigned int default_rule; + size_t len = sizeof(default_rule); + + if (sysctlbyname("net.inet.ip.fw.default_rule", &default_rule, &len, + NULL, 0) == -1) { + warn("Failed to get the default ipfw rule number, using " + "default historical value 65535. The reason was"); + default_rule = 65535; >>> TRUNCATED FOR MAIL (1000 lines) <<<
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200809091732.m89HWMjU001060>