| d8f5d64 | Xin Li | 02 April 2013, 17:34:42 UTC | Fix OpenSSL multiple vulnerabilities. [13:03] Fix BIND remote denial of service. [13:04] Security: CVE-2013-0166, CVE-2013-0169 Security: FreeBSD-SA-13:03.openssl Security: CVE-2013-2266 Security: FreeBSD-SA-13:04.bind Approved by: so | 02 April 2013, 17:34:42 UTC |
| 3159847 | Bjoern A. Zeeb | 19 February 2013, 13:27:20 UTC | Fix Denial of Service vulnerability in named(8) with DNS64. [13:01] Fix Denial of Service vulnerability in libc's glob(3) functionality. [13:02] Security: CVE-2012-5688 Security: FreeBSD-SA-13:01.bind Security: CVE-2010-2632 Security: FreeBSD-SA-13:02.libc Approved by: so (simon, bz) | 19 February 2013, 13:27:20 UTC |
| d30b061 | Simon L. Nielsen | 22 November 2012, 22:52:15 UTC | Fix multiple Denial of Service vulnerabilities with named(8). Fix insufficient message length validation for EAP-TLS messages. Fix Linux compatibility layer input validation error. Security: FreeBSD-SA-12:06.bind Security: FreeBSD-SA-12:07.hostapd Security: FreeBSD-SA-12:08.linux Security: CVE-2012-4244, CVE-2012-5166, CVE-2012-4445, CVE-2012-4576 Approved by: re Approved by: security-officer | 22 November 2012, 22:52:15 UTC |
| be7c99e | Simon L. Nielsen | 06 August 2012, 21:33:11 UTC | Fix named(8) DNSSEC validation Denial of Service. Security: FreeBSD-SA-12:05.bind Security: CVE-2012-3817 Obtained from: ISC Approved by: so (simon) | 06 August 2012, 21:33:11 UTC |
| 4e4db0b | Bjoern A. Zeeb | 12 June 2012, 12:10:10 UTC | Fix a problem where zero-length RDATA fields can cause named(8) to crash. [12:03] Correct a privilege escalation when returning from kernel if running FreeBSD/amd64 on non-AMD processors. [12:04] Fix reference count errors in IPv6 code. [EN-12:02] Security: CVE-2012-1667 Security: FreeBSD-SA-12:03.bind Security: CVE-2012-0217 Security: FreeBSD-SA-12:04.sysret Security: FreeBSD-EN-12:02.ipv6refcount Approved by: so (simon, bz) | 12 June 2012, 12:10:10 UTC |
| a71039b | Bjoern A. Zeeb | 30 May 2012, 12:01:28 UTC | Update the previous openssl fix. [12:01] Fix a bug in crypt(3) ignoring characters of a passphrase. [12:02] Security: FreeBSD-SA-12:01.openssl (revised) Security: FreeBSD-SA-12:02.crypt Approved by: so (bz, simon) | 30 May 2012, 12:01:28 UTC |
| 52aa4d9 | Bjoern A. Zeeb | 03 May 2012, 15:25:11 UTC | Fix multiple OpenSSL vulnerabilities. Security: CVE-2011-4576, CVE-2011-4619, CVE-2011-4109 Security: CVE-2012-0884, CVE-2012-2110 Security: FreeBSD-SA-12:01.openssl Approved by: so (bz,simon) | 03 May 2012, 15:25:11 UTC |
| 5c65c87 | Ken Smith | 02 January 2012, 18:50:17 UTC | MFC r229304: > The portion of r225757 that added the packages-9.0-release directory > was supposed to be MFCed closer to the release but that got missed. > > Pointy hat: kensmith Approved by: re (implicit) | 02 January 2012, 18:50:17 UTC |
| c089bdb | Ken Smith | 02 January 2012, 14:45:30 UTC | Ready to start the 9.0-RELEASE builds. Approved by: re (implicit) | 02 January 2012, 14:45:30 UTC |
| 818cd7e | Ken Smith | 02 January 2012, 14:44:28 UTC | Guess when we'll be ready to announce 9.0-RELEASE. Approved by: re (implicit) | 02 January 2012, 14:44:28 UTC |
| d854196 | Ken Smith | 02 January 2012, 04:16:45 UTC | Update branch target for 'make update'. Approved by: re (implicit) | 02 January 2012, 04:16:45 UTC |
| 78b045c | Ken Smith | 02 January 2012, 04:11:22 UTC | MFC r229258: RELENG_9 exists now so updated commented out target branch. Approved by: re (implicit) | 02 January 2012, 04:11:22 UTC |
| ef46ca3 | Bjoern A. Zeeb | 31 December 2011, 13:44:10 UTC | MFC r229067 (by obrien): Happy 2012 and may 9.0-RELEASE be a good one. Approved by: re (kib) | 31 December 2011, 13:44:10 UTC |
| 94ba733 | Hiroki Sato | 30 December 2011, 22:50:16 UTC | Clean up release/doc for 9.0R. Content updates will follow in stable/9. Approved by: re (kensmith) | 30 December 2011, 22:50:16 UTC |
| af99a54 | Colin Percival | 23 December 2011, 15:00:37 UTC | Fix a problem whereby a corrupt DNS record can cause named to crash. [11:06] Add an API for alerting internal libc routines to the presence of "unsafe" paths post-chroot, and use it in ftpd. [11:07] Fix a buffer overflow in telnetd. [11:08] Make pam_ssh ignore unpassphrased keys unless the "nullok" option is specified. [11:09] Add sanity checking of service names in pam_start. [11:10] Approved by: so (cperciva) Approved by: re (bz) Security: FreeBSD-SA-11:06.bind Security: FreeBSD-SA-11:07.chroot Security: FreeBSD-SA-11:08.telnetd Security: FreeBSD-SA-11:09.pam_ssh Security: FreeBSD-SA-11:10.pam | 23 December 2011, 15:00:37 UTC |
| 759ea43 | Gleb Smirnoff | 19 December 2011, 13:14:57 UTC | Merge r228472. For the sake of POLA for the whole 9.x timeline add compatibility support for specifing IPv4 aliases in rc.conf without the "inet" keyword. Approved by: re (bz) | 19 December 2011, 13:14:57 UTC |
| e69f54c | Ruslan Ermilov | 19 December 2011, 12:51:12 UTC | MFC r228457: The "inet" keyword in the "ifconfig_IF_aliasN" is mandatory for IPv4 aliases to work since network.subr@197139. Approved by: re (bz) | 19 December 2011, 12:51:12 UTC |
| 2be5218 | Dag-Erling Smorgrav | 13 December 2011, 13:02:31 UTC | MFH r228384: validate the service name Approved by: re (kib) Security: some poorly thought out programs allow the user to specify the service name; this patch makes it harder to trick these programs into loading and executing arbitrary code. | 13 December 2011, 13:02:31 UTC |
| 2ca4b3b | Dag-Erling Smorgrav | 11 December 2011, 17:32:37 UTC | MFH r228410: check for null passphrases, since openssl doesn't Approved by: re (kib) Security: prevents users with unencrypted ssh keys (prohibited unless the nullok option is specified) from logging in by providing a bogus non-null passphrase. | 11 December 2011, 17:32:37 UTC |
| 40521b7 | Hiroki Sato | 03 December 2011, 22:16:36 UTC | MFC r226649, 226651, 226652, 226653: - Fix an issue that 127/8 is not configured when $ifconfig_DEFAULT is not empty. - Add description that IPv6 configuration will be ignored if $ifconfig_IF_ipv6 is empty. - Move a configuration example "inet6 accept_rtadv" to just after the manual GUA configuration. - Add an example of $ipv6_prefix_IF. - Add support for removing addresses added by ipv6_prefix_hostid_addr_up() upon rc.d/netif stop. Approved by: re (bz) | 03 December 2011, 22:16:36 UTC |
| dc6dd9a | Hiroki Sato | 03 December 2011, 22:15:42 UTC | MFC r226446: Fix a problem that an interface unexpectedly becomes IFF_UP by just doing "ifconfing inet6 -ifdisabled" when the interface has ND6_IFF_AUTO_LINKLOCAL flag and no link-local address. Approved by: re (bz) | 03 December 2011, 22:15:42 UTC |
| ee0cf65 | Nathan Whitehorn | 03 December 2011, 17:17:32 UTC | MFC r228194, MF9 r228240: Prevent user astonishment by providing the shell option at the end, after any installer-provided configuration files have been copied. This allows users to edit their fstab, if desired, and to see what the installer has placed in rc.conf. Requested by: phk Approved by: re (kensmith) | 03 December 2011, 17:17:32 UTC |
| 6dc0a6d | Ken Smith | 03 December 2011, 17:03:48 UTC | Ready for 9.0-RC3. Approved by: re (implicit) | 03 December 2011, 17:03:48 UTC |
| 4733a5c | Ken Smith | 03 December 2011, 17:02:51 UTC | MFC r228237: > Add a screen that asks if the user would like to enable crash dumps, > giving them a very brief description of the trade-offs. Whether the > user opts in or out add an entry to what will become /etc/rc.conf > explaining what dumpdev is and how to turn on/off crash dumps. The folks > who handle interacting with users submitting PRs have asked for this. > > Reviewed by: nwhitehorn Approved by: re (kib) | 03 December 2011, 17:02:51 UTC |
| 53124e2 | Doug Barton | 01 December 2011, 21:17:59 UTC | Upgrade to BIND 9.8.1-P1 to address the following DDOS bug: Recursive name servers are failing with an assertion: INSIST(! dns_rdataset_isassociated(sigrdataset)) At this time it is not thought that authoritative-only servers are affected, but information about this bug is evolving rapidly. Because it may be possible to trigger this bug even on networks that do not allow untrusted users to access the recursive name servers (perhaps via specially crafted e-mail messages, and/or malicious web sites) it is recommended that ALL operators of recursive name servers upgrade immediately. For more information see: https://www.isc.org/software/bind/advisories/cve-2011-4313 which will be updated as more information becomes available. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313 Approved by: re (kib) | 01 December 2011, 21:17:59 UTC |
| a3c5092 | John Baldwin | 01 December 2011, 20:39:18 UTC | MFC 227389: Remove some debugging printfs. Approved by: re (bz) | 01 December 2011, 20:39:18 UTC |
| 8255dab | Gleb Smirnoff | 01 December 2011, 15:20:36 UTC | MFhead r228150: Return value should be conditional on return value of pfsync_defer_ptr() PR: kern/162947 Submitted by: Matthieu Kraus <matthieu.kraus s2008.tu-chemnitz.de> Approved by: re (kib) | 01 December 2011, 15:20:36 UTC |
| 1a9ab41 | Gabor Kovesdan | 01 December 2011, 13:53:33 UTC | MFC 228093 - Fix behavior of --null to match GNU grep MFC 228097 - Call warnx() instead of errx() if a directory is not readable when using a recursive search. This is the expected behavior instead of aborting. Approved by: re (kib) | 01 December 2011, 13:53:33 UTC |
| b622192 | Doug Barton | 01 December 2011, 05:52:50 UTC | MFC r228122: If using DESTDIR we need to be sure to create a ${DESTDIR}/var/db/zoneinfo Approved by: re (kensmith) | 01 December 2011, 05:52:50 UTC |
| 9265780 | Doug Barton | 01 December 2011, 05:47:51 UTC | MFC r227482: The default setting, daily_accounting_compress="NO", was causing only 1 old file to be saved, so fix this. While I'm here, fix a very old off-by-one error causing 1 more file than specified in daily_accounting_save to be saved because acct.0 was not taken into account (pun intended). Change that, and use a more thorough method of finding old files to delete. Partly just because this is the right thing to do, but also to silently fix the extra log that would have been left behind forever with the previous method. Approved by: re (kensmith) | 01 December 2011, 05:47:51 UTC |
| 149b11a | Sergey Kandaurov | 29 November 2011, 18:23:08 UTC | Adjust branch tag. This is a direct commit. Approved by: re (kib) | 29 November 2011, 18:23:08 UTC |
| ca8b927 | Marius Strobl | 29 November 2011, 14:18:19 UTC | MFC: r228028 - Based on a report on sparc64@ move V245 to the list of known working machines. - Mention that V480 with broken centerplanes have a chance of working with the WAR in the upcoming 8.3-RELEASE and 9.0-RELEASE. Approved by: re (kib) | 29 November 2011, 14:18:19 UTC |
| 8761922 | Sergey Kandaurov | 29 November 2011, 12:41:44 UTC | MFC r225757,r225764: Update the default cvs tag for RELENG_9 by merging the following revisions: r225757 (by kensmith, partial): Shift head from 9.0-CURRENT to 10.0-CURRENT in preparation for releasing it from the 9.0-RELEASE release cycle code freeze. r225764 (by kensmith): Forgot to add "RELENG_8" to list of CVS tags. Reported by: Milan Obuch <freebsd-current at dino sk> (cvs tag) Approved by: re (kib) | 29 November 2011, 12:41:44 UTC |
| 8dc80f2 | Christian Brueffer | 29 November 2011, 11:25:00 UTC | MFC: r227666 Add sfxge(4) to the hardware notes. Approved by: re (bz) | 29 November 2011, 11:25:00 UTC |
| b27c5c8 | Marius Strobl | 29 November 2011, 09:59:55 UTC | MFC: r227960 Increase the CDMA sync timeout for Schizo bridges to 15 seconds as used by OpenSolaris. One second turned out to be not enough for certain loads while 10 seconds were sufficient. Reported by: Peter Jeremy Approved by: re (bz) | 29 November 2011, 09:59:55 UTC |
| 749f918 | Robert N. M. Watson | 28 November 2011, 22:30:19 UTC | Merge r228057 from head to releng/9.0: Change the Makefile in cddl/lib/drti to use bsd.lib.mk instead of bsd.prog.mk -- we need to compile PIC, which requires a library build. With this change, USDT (userspace DTrace probes) work from within shared libraries. PR: kern/159046 Submitted by: Alex Samorukov <samm at os2.kiev.ua> Comments by: Scott Lystig Fritchie <slfritchie at snookles.com> Approved by: re (bz) | 28 November 2011, 22:30:19 UTC |
| d39b4e2 | Robert N. M. Watson | 28 November 2011, 22:24:22 UTC | Merge r228040 from head to releng/9.0: Cross-reference capsicum.4 from cap_enter.2 and cap_new.2. Sponsored by: Google, Inc. Approved by: re (kib) | 28 November 2011, 22:24:22 UTC |
| 28c5372 | Robert N. M. Watson | 28 November 2011, 22:13:11 UTC | Merge r228039 from head to releng/9.0: Add an introductory Capsicum man page providing a high-level description of its mechanisms, pointing at other pertinent man pages, and cautioning about the experimental status of Capsicum in FreeBSD. Sponsored by: Google, Inc. Approved by: re (kib) | 28 November 2011, 22:13:11 UTC |
| bca5005 | Philip Paeps | 28 November 2011, 20:43:50 UTC | Add the sfxge(4) device driver, providing support for 10Gb Ethernet adapters based on Solarflare SFC9000 family controllers. The driver supports jumbo frames, transmit/receive checksum offload, TCP Segmentation Offload (TSO), Large Receive Offload (LRO), VLAN checksum offload, VLAN TSO, and Receive Side Scaling (RSS) using MSI-X interrupts. This work was sponsored by Solarflare Communications, Inc. My sincere thanks to Ben Hutchings for doing a lot of the hard work! Sponsored by: Solarflare Communications, Inc. Approved by: re (bz) | 28 November 2011, 20:43:50 UTC |
| ef87410 | Lawrence Stewart | 28 November 2011, 11:14:32 UTC | Fast track MFC r228016: Plug a TCP reassembly UMA zone leak introduced in r226228 by only using the backup stack queue entry when the zone is exhausted, otherwise we leak a zone allocation each time we plug a hole in the reassembly queue. Reported by: many on freebsd-stable@ (thread: "TCP Reassembly Issues") Tested by: many on freebsd-stable@ (thread: "TCP Reassembly Issues") Reviewed by: bz (very brief sanity check) Approved by: re (kib) | 28 November 2011, 11:14:32 UTC |
| 4388e80 | Gleb Smirnoff | 28 November 2011, 08:14:59 UTC | MFhead r227901: Fix parsing of redirect_addr argument. PR: kern/162739 Approved by: re (kib) | 28 November 2011, 08:14:59 UTC |
| 3a3517d | Marcel Moolenaar | 27 November 2011, 20:14:00 UTC | MFC rev. 227283, stable/9 rev. 228043: Add check-password.4th and screen.4th to the boot image. They are needed by the loader. Approved by: re (kib) | 27 November 2011, 20:14:00 UTC |
| 60ea0c5 | Marcel Moolenaar | 27 November 2011, 20:10:32 UTC | MFC rev. 227629, stable/9 rev 228041: Wire the kernel text RWX, rather than RX. We're not quite ready for having kernel text non-writable, because we still need to apply relocations. On top of that, the PBVM page table has all pages marked as RWX, so it's an inconsistency to begin with. Approved by: re (kib) | 27 November 2011, 20:10:32 UTC |
| bb117f2 | Michael Tuexen | 27 November 2011, 19:13:45 UTC | MFC r228031: Fix a warning reported by arundel@. Fix a bug where the parameter length of a supported address types parameter is set to a wrong value if the kernel is built with with either INET or INET6, but not both. Approved by: re@ | 27 November 2011, 19:13:45 UTC |
| 65e43b6 | Konstantin Belousov | 27 November 2011, 19:02:18 UTC | MFC r227952: Fix a race between getvnode() dereferencing half-constructed file and dupfdopen(). Approved by: re (bz) | 27 November 2011, 19:02:18 UTC |
| c022af4 | Konstantin Belousov | 27 November 2011, 19:00:52 UTC | MFC r227485: To limit amount of the kernel memory allocated, and to optimize the iteration over the fdsets, kern_select() limits the length of the fdsets copied in by the last valid file descriptor index. If any bit is set in a mask above the limit, current implementation ignores the filedescriptor, instead of returning EBADF. Fix the issue by scanning the tails of fdset before entering the select loop and returning EBADF if any bit above last valid filedescriptor index is set. The performance impact of the additional check is only imposed on the (somewhat) buggy applications that pass bad file descriptors to select(2) or pselect(2). PR: kern/155606, kern/162379 Approved by: re (bz) | 27 November 2011, 19:00:52 UTC |
| a4f0b0a | Warren Block | 26 November 2011, 14:19:08 UTC | MFC 225861: Fix a confusing sentence. Other wording tweaks. Approved by: gjb (mentor) Approved by: re@ (kostikbel) | 26 November 2011, 14:19:08 UTC |
| a23a8c9 | Konstantin Belousov | 26 November 2011, 08:23:25 UTC | MFC r227661: Free unused allocation on error. Approved by: re (bz) | 26 November 2011, 08:23:25 UTC |
| 646bc26 | Konstantin Belousov | 26 November 2011, 08:22:11 UTC | MFC r227660: Fix fd leak. Approved by: re (bz) | 26 November 2011, 08:22:11 UTC |
| d2e681d | Marius Strobl | 25 November 2011, 17:07:27 UTC | MFC: r227829, r227844 - Add a DEVMETHOD_END alias for KOBJMETHOD_END so that along with 'driver_t' and DEVMETHOD() we can fully hide the explicit mention of kobj(9) from device drivers. - Update the device driver examples to use DEVMETHOD_END. Submitted by: jhb Approved by: re (kib) | 25 November 2011, 17:07:27 UTC |
| 2fa0a63 | Ryan Stone | 25 November 2011, 12:43:34 UTC | MFC r227342. Note that the original commit message, reproduced below, has error. The final sentence should read "*without* CTF data". The in-kernel CTF parser caches the result of its first attempt to parse CTF data from a module. On subsequent attempts to retrieve CTF data for a module, return an error if there no CTF data. This fixes a panic if you try to enable fbt probes on a module with CTF data twice. Approved by: re (kib) | 25 November 2011, 12:43:34 UTC |
| 6ace4c2 | Bernhard Schmidt | 25 November 2011, 12:20:14 UTC | MFC r227805: The DC calibration result obtained during initialization can't be passed over to the runtime firmware on 6050 devices. Instead let the runtime firmware do the calibration itself. This fixes support for the 6050 series devices. Submitted by: kevlo Approved by: re (kib) Obtained from: OpenBSD Tested by: lx, Tz-Huan Huang(earlier version) | 25 November 2011, 12:20:14 UTC |
| 5982a8b | Michael Tuexen | 24 November 2011, 18:57:31 UTC | MFC r227930: Move up the address to the top of the sctp_paddrthlds structure like in all other structures. This avoids alignment problems. Approved by: re@ | 24 November 2011, 18:57:31 UTC |
| b593f06 | Ryan Stone | 24 November 2011, 18:44:14 UTC | MFC r227290 and r227291: r227290: Fix the DTrace pid return trap interrupt vector. Previously we were using 31, but that vector is reserved. Without this fix, running dtrace -p <pid> would either cause the target process to crash or the kernel to page fault r227291: Replace fasttrap_copyout() with uwrite(). FreeBSD copyout() is not able to write to the .text section of a process. Approved by: re (kib) | 24 November 2011, 18:44:14 UTC |
| f7ae761 | Michael Tuexen | 24 November 2011, 17:58:14 UTC | MFC r227540: Set the MTU of an path to an approriate value if the interface MTU can't be determined. Approved by: re@ | 24 November 2011, 17:58:14 UTC |
| 362e3e4 | Michael Tuexen | 24 November 2011, 17:25:43 UTC | MFC r227486: Don't copy uninitialized memory. Also simplify the comparison of interface names. Approved by: re@ | 24 November 2011, 17:25:43 UTC |
| cc7a19e | Pawel Jakub Dawidek | 24 November 2011, 07:39:01 UTC | MFC r227110,r227111: r227110: In zvol_open() if the spa_namespace_lock is already held, it means that ZFS is trying to open and taste ZVOL as its VDEV. This is not supported, so return an error instead of panicing on spa_namespace_lock recursion. Reported by: Robert Millan <rmh@debian.org> PR: kern/162008 r227111: Correct typo in comment. Reported by: Fabian Keil <fk@fabiankeil.de> Approved by: re (kib) | 24 November 2011, 07:39:01 UTC |
| d00c377 | Xin Li | 23 November 2011, 21:41:31 UTC | MFC r225849: Test if the interface is afif in dhcpif() and syncdhcpif(), as done in ipv6_autoconfif. This fixes a regression that causes e.g. ifconfig_DEFAULT="DHCP" to run on non-afif interfaces like pfsync0, which in turn would cause excessive delay on system startup. Sponsored by: iXsystems, Inc. Reviewed by: hrs (freebsd-rc@) Approved by: re (bz) | 23 November 2011, 21:41:31 UTC |
| 12922da | Bjoern A. Zeeb | 23 November 2011, 18:11:10 UTC | MFC r226938 (by kevlo): Add missing PF_UNLOCK in pf_test Approved by: re (kib) | 23 November 2011, 18:11:10 UTC |
| 01146b8 | Bjoern A. Zeeb | 23 November 2011, 18:04:53 UTC | MFC r227061 (by mlaier): Fix a use-after-free/redzone issue in the routing code. Approved by: re (kib) | 23 November 2011, 18:04:53 UTC |
| 6df6dfc | Bjoern A. Zeeb | 23 November 2011, 16:03:47 UTC | MFC r227547: The maximum TSO frame size should be: maximum IP datagram size (65535 bytes) + Ethernet header size (14 bytes) + 2 * VLAN tag size (4 bytes) [1]. [1] We need to multiply by 2 to account for the double VLAN tag provision added in IEEE 802.1ad. Submitted by: David Somayajulu (david.somayajulu qlogic.com) Approved by: re (kib) | 23 November 2011, 16:03:47 UTC |
| 6d2eac3 | Attilio Rao | 23 November 2011, 15:41:55 UTC | MFC r227058: Disable interrupt and preemption for smp_rendezvous() also in the UP/!SMP case. Sponsored by: Sandvine Incorporated Approved by: re (kib) | 23 November 2011, 15:41:55 UTC |
| 93d2203 | Bjoern A. Zeeb | 23 November 2011, 15:18:16 UTC | MFC r227481: Return the correct value for the IPV6_MULTICAST_HOPS getsockopt() call. Submitted by: rpaulo Approved by: re (kib) | 23 November 2011, 15:18:16 UTC |
| 7eaeba0 | Konstantin Belousov | 23 November 2011, 15:16:05 UTC | MFC r227657: Consistently use process spin lock for protection of the p->p_boundary_count. Race could cause the execve(2) from the threaded process to hung since thread boundary counter was incorrect and single-threading never finished. Approved by: re (bz) | 23 November 2011, 15:16:05 UTC |
| 4a71f4c | Glen Barber | 23 November 2011, 12:24:04 UTC | MFC r227769, 227770, 227771: - Add a note to src/Makefile that explains that 'rm' runs twice because thesecond invocation only needs to operate on files with the immutable flag set. - Fix the note in r227769 to be less specific to the immutable flag. - Replace 'chflags' with 'file flags' in a comment, since 'chflags'is a command, not a flag itself. Approved by: re (kib) | 23 November 2011, 12:24:04 UTC |
| 93dc9c9 | David Xu | 23 November 2011, 11:59:01 UTC | MFC r227604: Pass CVWAIT flags to kernel, this should handle Timeout correctly for pthread_cond_timedwait when it uses kernel-based condition variable. Approved by: re (kib) | 23 November 2011, 11:59:01 UTC |
| 930add5 | Christian Brueffer | 20 November 2011, 17:11:49 UTC | MFC: r227742 Add 2010 and 2011 copyrights. Approved by: re (kib) | 20 November 2011, 17:11:49 UTC |
| 1140b8d | Christian Brueffer | 20 November 2011, 17:09:13 UTC | MFC: r227466, r227480, r227516 Add mps(4) and mvs(4) to the hardware notes. Approved by: re (kib) | 20 November 2011, 17:09:13 UTC |
| 6b81416 | Christian Brueffer | 20 November 2011, 17:06:20 UTC | MFC: r227275 Add qlxgb(4) to the hardware notes. Approved by: re (kib) | 20 November 2011, 17:06:20 UTC |
| 37de5cd | Christian Brueffer | 19 November 2011, 16:59:23 UTC | MFC: r227465, r227515 - Grammar and mdoc cleanup. - Remove list nesting in the hardware notes section, thus making it compatible with the hardware notes generation script. Approved by: re (kib) | 19 November 2011, 16:59:23 UTC |
| 9c7696a | Marius Strobl | 19 November 2011, 13:33:22 UTC | MFC: r227578 Fix compilation with DEBUG defined. Approved by: re (kib) | 19 November 2011, 13:33:22 UTC |
| 64cb072 | Marius Strobl | 19 November 2011, 13:04:17 UTC | MFC: r227539 Define curthread as an inline function that loads the thread pointer directly from g7, the pcpu pointer. This guarantees correct behavior when the thread migrates to a different CPU. Commit message stolen from r205431. Additional testing by Peter Jeremy. Approved by: re (kib) | 19 November 2011, 13:04:17 UTC |
| d6ea26b | Marius Strobl | 19 November 2011, 12:55:34 UTC | MFC: r227537 As it turns out, r186347 actually is insufficient to avoid the use of the curthread-accessing part of mtx_{,un}lock(9) when using a r210623-style curthread implementation on sparc64, crashing the kernel in its early cycles as PCPU isn't set up, yet (and can't be set up as OFW is one of the things we need for that, which leads to a chicken-and-egg problem). What happens is that due to the fact that the idea of r210623 actually is to allow the compiler to cache invocations of curthread, it factors out obtaining curthread needed for both mtx_lock(9) and mtx_unlock(9) to before the branch based on kobj_mutex_inited when compiling the kernel without the debugging options. So change kobj_class_compile_static(9) to just never acquire kobj_mtx, effectively restricting it to its documented use, and add a kobj_init_static(9) for initializing objects using a class compiled with the former and that also avoids using mutex(9) (and malloc(9)). Also assert in both of these functions that they are used in their intended way only. While at it, inline kobj_register_method() and kobj_unregister_method() as there wasn't much point for factoring them out in the first place and so that a reader of the code has to figure out the locking for fewer functions missing a KOBJ_ASSERT. Tested on powerpc{,64} by andreast. Reviewed by: nwhitehorn (earlier version), jhb Approved by: re (kib) | 19 November 2011, 12:55:34 UTC |
| 978bc50 | Pawel Jakub Dawidek | 19 November 2011, 11:47:15 UTC | MFC r226549,r226550,r226551,r226552,r226553,r226554,r226568,r226569,r226611, r226612: r226549: Remove redundant size calculation. r226550: Initialize 'rc' properly before using it. This error could lead to infinite loop when data reconstruction was needed. r226551: Don't mark vdev as healthy too soon, so we won't try to use invalid vdevs. r226552: Never pass NULL block pointer when reading. This is neither expected nor handled by lower layers like vdev_raidz, which uses bp for checksum verification. This bug could lead to NULL pointer reference and resets during boot. r226553: Always pass data size for checksum verification function, as using physical block size declared in bp may not always be what we want. For example in case of gang block header physical block size declared in bp is much larger than SPA_GANGBLOCKSIZE (512 bytes) and checksum calculation failed. This bug could lead to accessing unallocated memory and resets/failures during boot. r226554: Fix missing return when LOADER_GPT_SUPPORT is defined, but LOADER_MBR_SUPPORT is not. r226568: - Correctly read gang header from raidz. - Decompress assembled gang block data if compressed. - Verify checksum of a gang header. - Verify checksum of assembled gang block data. - Verify checksum of uber block. Submitted by: avg r226569: With LOADER_MBR_SUPPORT defined and LOADER_GPT_SUPPORT undefined we would never call disk_openmbr(). Submitted by: avg r226611: - Allow to specify multiple files to check, eg. zfsboottest gpt/system0 gpt/system1 - /boot/kernel/kernel /boot/zfsloader - Instead of printing file's content calculate MD5 hash of the file, so it can be easly compared to the hash calculated via file system. - Some other minor improvements. r226612: Because ZFS boot code was very fragile in the past and real PITA to debug, introduce zfsboottest.sh script that will verify if it will be possible to boot from the given pool. # zfsboottest.sh system Where "system" is pool name of the pool we want to boot from. What is being verified by the script: - Does the pool exist? - Does it have bootfs property configured? - Is mountpoint property of the boot dataset set to 'legacy'? Dataset configured in bootfs property has to be mounted to perform more checks: - Does the /boot directory in boot dataset exist? - Is this dataset configured as root file system in /etc/fstab or set in vfs.root.mountfrom variable in /boot/loader.conf? By using zfsboottest tool the script will read all the files in /boot directory using ZFS boot code and calculate their checksums. Then, it will walk /boot directory using find(1) though regular file sytem and also read all the files in /boot directory and calculate their checksums. If any of the files cannot be looked up, read or checksum is invalid it will be reported and booting off of this pool is probably not possible. Some additional checks may be interesting as well. For example if the disks contain proper pmbr and gptzfsboot code or if all expected files in /boot/ are present. When upgrading FreeBSD, one should snapshot datasets that contain operating system, upgrade (install new world and kernel) and use zfsboottest.sh to verify if it will be possible to boot from new configuration. If all is good one should upgrade boot blocks, by eg.: # gpart -b /boot/pmbr -p /boot/gptzfsboot -i 1 ada1 If something is wrong, one should rollback datasets and report the problems. Approved by: re (kib) | 19 November 2011, 11:47:15 UTC |
| b3a7b5e | Pawel Jakub Dawidek | 19 November 2011, 11:44:20 UTC | MFC r226613,r226615,r226616: r226613: libzpool task_alloc: pass only valid flags to kmem_alloc tqflags may contain other flags besided those that are suitable for kmem_alloc == umem_alloc Submitted by: avg r226615: thr_create: new_thread_ID may be NULL Submitted by: avg r226616: zdb: access dp_free_bpobj only if pool version is >= SPA_VERSION_DEADLISTS Submitted by: avg Approved by: re (kib) | 19 November 2011, 11:44:20 UTC |
| b5e94ca | Pawel Jakub Dawidek | 19 November 2011, 11:43:18 UTC | MFC r226617: zfs vdev_file_io_start: validate vdev before using vdev_tsd vdev_tsd can be NULL for certain vdev states. At least in userland testing with ztest. Submitted by: avg Approved by: re (kib) | 19 November 2011, 11:43:18 UTC |
| 08b5e5e | Pawel Jakub Dawidek | 19 November 2011, 11:42:19 UTC | MFC r226620: Update per-thread I/O statistics collection in ZFS. This allows to see processes I/O activity in 'top -m io' output. PR kern/156218 Reported by: Marcus Reid <marcus@blazingdot.com> Patch by: avg Approved by: re (kib) | 19 November 2011, 11:42:19 UTC |
| df3e78d | Doug Barton | 18 November 2011, 21:12:05 UTC | MFC r227416: Document that flock can return ENOLCK Approved by: re (kib) | 18 November 2011, 21:12:05 UTC |
| f40c1e6 | Doug Barton | 18 November 2011, 20:51:31 UTC | MFC r226863: Fix svnversion for svn 1.7.x by not looking for .svn in ${SYSDIR} (since it no longer exists). Instead, run svnversion if we can find the binary and test that the output looks like a version string. Approved by: re (kib) | 18 November 2011, 20:51:31 UTC |
| b7385c4 | Fabien Thomas | 18 November 2011, 14:56:06 UTC | MFC r227391: Import gcc fix for -fstack-protector that produces segfaulting binaries on arm/armel. Related gcc bug: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=35965 Author kindly accepted that all of his patches can be use as GPLv2. PR: 161128 Approved by: re (kib) | 18 November 2011, 14:56:06 UTC |
| 83b9679 | Rick Macklem | 17 November 2011, 16:38:22 UTC | MFC: r227059 Both a crash reported on freebsd-current on Oct. 18 under the subject heading "mtx_lock() of destroyed mutex on NFS" and PR# 156168 appear to be caused by clnt_dg_destroy() closing down the socket prematurely. When to close down the socket is controlled by a reference count (cs_refs), but clnt_dg_create() checks for sb_upcall being non-NULL to decide if a new socket is needed. I believe the crashes were caused by the following race: clnt_dg_destroy() finds cs_refs == 0 and decides to delete socket clnt_dg_destroy() then loses race with clnt_dg_create() for acquisition of the SOCKBUF_LOCK() clnt_dg_create() finds sb_upcall != NULL and increments cs_refs to 1 clnt_dg_destroy() then acquires SOCKBUF_LOCK(), sets sb_upcall to NULL and destroys socket This patch fixes the above race by changing clnt_dg_destroy() so that it acquires SOCKBUF_LOCK() before testing cs_refs. Tested by: bz Reviewed by: dfr Approved by: re (kib) | 17 November 2011, 16:38:22 UTC |
| 6f4fd31 | Christian Brueffer | 17 November 2011, 12:28:00 UTC | MFC: r227448 Reword a sentence in the HARDWARE section a little to make it more suitable for automatic hardware notes generation. Approved by: re (kib) | 17 November 2011, 12:28:00 UTC |
| 4f208c4 | Christian Brueffer | 17 November 2011, 12:25:38 UTC | MFC: r227276 Add qlxgb(4). Approved by: re (kib) | 17 November 2011, 12:25:38 UTC |
| 562afb4 | Christian Brueffer | 17 November 2011, 12:23:24 UTC | MFC: r227271 Write QLogic consistently. Approved by: re (kib) | 17 November 2011, 12:23:24 UTC |
| 457fcd6 | Dimitry Andric | 17 November 2011, 08:12:12 UTC | MFC r227112: Whenever you boot with nfsv4_server_enable=NO (the default) in rc.conf, the /etc/rc.d/nfsd script sets vfs.nfsd.server_max_nfsvers to 3. Then, when you set nfsv4_server_enable=YES in rc.conf, and restart nfsd via the rc.d script, without rebooting, the sysctl does *not* get reset to max version 4, so NFSv4 still doesn't work. Fix this by explicitly setting vfs.nfsd.server_max_nfsvers to 4 when NFSv4 is requested. I also added resetting of the nfs_privport sysctls, since this has the same issue: nfs_reserved_port_only=YES in rc.conf sets the nfs_privport sysctl to 1, but in the other case, the sysctl doesn't get reset to 0. Reviewed by: rmacklem Silence from: rc@ Approved by: re (kib) | 17 November 2011, 08:12:12 UTC |
| 664bd0a | Bernhard Schmidt | 16 November 2011, 17:41:31 UTC | MFC r226679: Let net80211 also know about stopped BA sessions. This fixes some issues where the driver assumed that BA resources are still available due to net80211 saying so. PR: 161407, 159768 Tested by: cperciva, rene Approved by: re (kib) | 16 November 2011, 17:41:31 UTC |
| 909c1a6 | Eitan Adler | 16 November 2011, 16:29:05 UTC | MFC r226404: - add support for I-O DATA RSA-PCI2/R PR: kern/142999 Submitted by: Takefu Kenji <takefu@airport.fm> Approved by: jhb Approved by: re (kib) | 16 November 2011, 16:29:05 UTC |
| c477b0a | Andrey V. Elsukov | 16 November 2011, 15:37:13 UTC | MFC r227272: Add reference to gpart(8). MFC r227280: Initialize "acc" value inside the loop to reset failed attempts. PR: misc/162262 MFC r227292: Improve error reporting when MBR can not be written. Remove obsolete code which uses DIOCSMBR ioctl. When writing MBR first check that GEOM_MBR is available, if it is not available, then try write MBR directly to provider. If both are failed, then recommend to use gpart(8). MFC r227295: Fix multi-line comment formatting. Pointed by: jh Approved by: re (kib) | 16 November 2011, 15:37:13 UTC |
| 7eafdaf | Andrey V. Elsukov | 16 November 2011, 15:35:22 UTC | MFC rr227273: Add reference to gpart(8). Approved by: re (kib) | 16 November 2011, 15:35:22 UTC |
| fe1de10 | Andrey V. Elsukov | 16 November 2011, 15:32:52 UTC | MFC r227231: To be in sync with GEOM_PART_BSD limit the maximum number of supported partitions to 20. MFC r227248: bsdlabel(8) could automatically fill many of disklabel's deprecated fields, but user could specify some of those fields when edits disklabel with `bsdlabel -e`. But without -A flag these fields might be overwritten with default values from the virgin disklabel. So, don't overwrite such fields if they are not zero. Also add checks to prevent creating disklabel with less than DEFPARTITIONS and more than MAXPARTITIONS partitions. PR: bin/162332 Tested by: Eugene Grosbein MFC r227262: Remove unneeded checks. MFC r227270: Add recommendation to use gpart(8) when user tries write disklabel or bootcode to already opened provider. MFC r227296: Fix multi-line comment formatting. Approved by: re (kib) | 16 November 2011, 15:32:52 UTC |
| 5c07492 | Andrey V. Elsukov | 16 November 2011, 15:23:42 UTC | MFC r227274: Add reference to gpart(8). MFC r227298: Remove a note about disabling of GEOM protection mechanism. boot0cfg should work without such hack. Approved by: re (kib) | 16 November 2011, 15:23:42 UTC |
| aec5014 | Xin Li | 15 November 2011, 17:42:00 UTC | MFC r227409: Do a dummy read to flush the interrupt ACK that we just performed, ensuring that everything is really, truly consistent. This fixes certain cases where one will see various: mfi0: COMMAND 0xffffffXXXXXXXXXX TIMEOUT AFTER XX SECONDS Submitted by: scottl Ok'ed by: jhb Approved by: re (kib) | 15 November 2011, 17:42:00 UTC |
| dd4dbc8 | Mikolaj Golub | 11 November 2011, 15:24:17 UTC | MFS r227450 (MFC r227449): Fix false positive EADDRINUSE that could be returned by bind, due to the typo made in r227207. Reported by: kib Tested by: kib Approved by: re (kib) | 11 November 2011, 15:24:17 UTC |
| c793514 | Mikolaj Golub | 10 November 2011, 20:28:30 UTC | MFC r227204, 227206, 227207: r227204: Fix the typo made in r157474. r227206: Before dereferencing intotw() check for NULL, the same way as it is done for in_pcb (see r157474). r227207: Cache SO_REUSEPORT socket option in inpcb-layer in order to avoid inp_socket->so_options dereference when we may not acquire the lock on the inpcb. This fixes the crash due to NULL pointer dereference in in_pcbbind_setup() when inp_socket->so_options in a pcb returned by in_pcblookup_local() was checked. Reported by: dave jones <s.dave.jones@gmail.com>, Arnaud Lacombe <lacombar@gmail.com> Suggested by: rwatson Glanced by: rwatson Tested by: dave jones <s.dave.jones@gmail.com> Approved by: re (kib) | 10 November 2011, 20:28:30 UTC |
| 233d74c | Michael Tuexen | 10 November 2011, 19:54:00 UTC | MFC 227320: When loading addresses from INITs, always use the correct local address. Approved by: re@ | 10 November 2011, 19:54:00 UTC |
| 7cf2561 | Michael Tuexen | 10 November 2011, 19:36:19 UTC | MFC 227266: Initialize all components of the sent COOKIE. Approved by: re@ | 10 November 2011, 19:36:19 UTC |
| ccf783a | Andre Oppermann | 10 November 2011, 19:10:53 UTC | Back out r226299 (MFC of r226105) which caused a number of ports that depend on the incorrect IP length field. The fix stays in HEAD and ports should test for it. Requested by: glebius Approved by: re (kib) | 10 November 2011, 19:10:53 UTC |
| 195cb14 | Alan Cox | 10 November 2011, 16:50:36 UTC | MFC r226740 Speed up vm_page_cache() and vm_page_remove() by checking for a few common cases that can be handled in constant time. Approved by: re (kib) | 10 November 2011, 16:50:36 UTC |
| c577a7c | Peter Holm | 09 November 2011, 18:51:41 UTC | MFC r226971 Added missing cache purge of from argument. Approved by: re (kensmith) | 09 November 2011, 18:51:41 UTC |
| 4f3083e | John Baldwin | 09 November 2011, 18:26:19 UTC | MFC 226748: - Add a new header for the x86 boot code that defines various structures and constants related to the BIOS Enhanced Disk Drive Specification. - Use this header instead of magic numbers and various duplicate structure definitions for doing I/O. - Use an actual structure for the request to fetch drive parameters in drvsize() rather than a gross hack of a char array with some magic size. While here, change drvsize() to only pass the 1.1 version of the structure and not request device path information. If we want device path information you have to set the length of the device path information as an input (along with probably checking the actual EDD version to see which size one should use as the device path information is variable-length). This fixes data smashing problems from passing an EDD 3 structure to BIOSes supporting EDD 4. Approved by: re (kib) | 09 November 2011, 18:26:19 UTC |
