From owner-svn-src-stable-8@FreeBSD.ORG Sun Jul 3 07:14:49 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 501F31065674; Sun, 3 Jul 2011 07:14:49 +0000 (UTC) (envelope-from jh@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 3F9208FC0C; Sun, 3 Jul 2011 07:14:49 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p637EnKP073848; Sun, 3 Jul 2011 07:14:49 GMT (envelope-from jh@svn.freebsd.org) Received: (from jh@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p637EnJJ073846; Sun, 3 Jul 2011 07:14:49 GMT (envelope-from jh@svn.freebsd.org) Message-Id: <201107030714.p637EnJJ073846@svn.freebsd.org> From: Jaakko Heinonen Date: Sun, 3 Jul 2011 07:14:49 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223733 - stable/8/libexec/comsat X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jul 2011 07:14:49 -0000 Author: jh Date: Sun Jul 3 07:14:48 2011 New Revision: 223733 URL: http://svn.freebsd.org/changeset/base/223733 Log: MFC r222825: Remove a gratuitous newline. PR: bin/153667 Modified: stable/8/libexec/comsat/comsat.c Directory Properties: stable/8/libexec/comsat/ (props changed) Modified: stable/8/libexec/comsat/comsat.c ============================================================================== --- stable/8/libexec/comsat/comsat.c Sat Jul 2 23:42:04 2011 (r223732) +++ stable/8/libexec/comsat/comsat.c Sun Jul 3 07:14:48 2011 (r223733) @@ -219,7 +219,7 @@ notify(struct utmp *utp, char file[], of dsyslog(LOG_DEBUG, "%s: wrong mode on %s", utp->ut_name, tty); return; } - dsyslog(LOG_DEBUG, "notify %s on %s\n", utp->ut_name, tty); + dsyslog(LOG_DEBUG, "notify %s on %s", utp->ut_name, tty); switch (fork()) { case -1: syslog(LOG_NOTICE, "fork failed (%m)"); From owner-svn-src-stable-8@FreeBSD.ORG Sun Jul 3 16:32:03 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6E6BA1065670; Sun, 3 Jul 2011 16:32:03 +0000 (UTC) (envelope-from jilles@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 5E1FC8FC0A; Sun, 3 Jul 2011 16:32:03 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p63GW3Xv025818; Sun, 3 Jul 2011 16:32:03 GMT (envelope-from jilles@svn.freebsd.org) Received: (from jilles@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p63GW3AS025816; Sun, 3 Jul 2011 16:32:03 GMT (envelope-from jilles@svn.freebsd.org) Message-Id: <201107031632.p63GW3AS025816@svn.freebsd.org> From: Jilles Tjoelker Date: Sun, 3 Jul 2011 16:32:03 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223742 - stable/8/etc X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jul 2011 16:32:03 -0000 Author: jilles Date: Sun Jul 3 16:32:03 2011 New Revision: 223742 URL: http://svn.freebsd.org/changeset/base/223742 Log: MFC r223227: rc.subr: Eliminate about 100 forks from the boot sequence. With the current sh, placing eval in a command substitution always results in a fork(), even if it is the only command and only executes a single simple command. Therefore, avoid it where it can be avoided easily. Side effect: values starting with a hyphen and all whitespace are preserved. The values are defaults and names for rc.conf variables and messages to be given about obsolete ones. The change in the _echoonce function is not included in this MFC because stable/8 does not have this function. Modified: stable/8/etc/rc.subr Directory Properties: stable/8/etc/ (props changed) Modified: stable/8/etc/rc.subr ============================================================================== --- stable/8/etc/rc.subr Sun Jul 3 16:08:38 2011 (r223741) +++ stable/8/etc/rc.subr Sun Jul 3 16:32:03 2011 (r223742) @@ -1066,7 +1066,7 @@ load_rc_config() # Set defaults if defined. for _var in $rcvar $rcvars; do - _defval=`eval echo "\\\$${_var}_defval"` + eval _defval=\$${_var}_defval if [ -n "$_defval" ]; then eval : \${$_var:=\$${_var}_defval} fi @@ -1074,9 +1074,9 @@ load_rc_config() # check obsolete rc.conf variables for _var in $rcvars_obsolete; do - _v=`eval echo \\$$_var` - _msg=`eval echo \\$${_var}_obsolete_msg` - _new=`eval echo \\$${_var}_newvar` + eval _v=\$$_var + eval _msg=\$${_var}_obsolete_msg + eval _new=\$${_var}_newvar case $_v in "") ;; From owner-svn-src-stable-8@FreeBSD.ORG Sun Jul 3 16:54:27 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E4991106564A; Sun, 3 Jul 2011 16:54:27 +0000 (UTC) (envelope-from trociny@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id D1B188FC0A; Sun, 3 Jul 2011 16:54:27 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p63GsR79026477; Sun, 3 Jul 2011 16:54:27 GMT (envelope-from trociny@svn.freebsd.org) Received: (from trociny@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p63GsRWS026471; Sun, 3 Jul 2011 16:54:27 GMT (envelope-from trociny@svn.freebsd.org) Message-Id: <201107031654.p63GsRWS026471@svn.freebsd.org> From: Mikolaj Golub Date: Sun, 3 Jul 2011 16:54:27 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223743 - in stable/8/sbin: hastctl hastd X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jul 2011 16:54:28 -0000 Author: trociny Date: Sun Jul 3 16:54:27 2011 New Revision: 223743 URL: http://svn.freebsd.org/changeset/base/223743 Log: MFC r219847, r221898, r221899, r222224, r223584, r223585: r219847 (pjd): When dropping privileges prefer capsicum over chroot+setgid+setuid. We can use capsicum for secondary worker processes and hastctl. When working as primary we drop privileges using chroot+setgid+setuid still as we need to send ioctl(2)s to ggate device, for which capsicum doesn't allow (yet). r221898 (pjd): When using capsicum to sanbox, still use other methods first, just in case one of them have some problems. r221899 (pjd): Currently we are unable to use capsicum for the primary worker process, because we need to do ioctl(2)s, which are not permitted in the capability mode. What we do now is to chroot(2) to /var/empty, which restricts access to file system name space and we drop privileges to hast user and hast group. This still allows to access to other name spaces, like list of processes, network and sysvipc. To address that, use jail(2) instead of chroot(2). Using jail(2) will restrict access to process table, network (we use ip-less jails) and sysvipc (if security.jail.sysvipc_allowed is turned off). This provides much better separation. r222224 (pjd): To handle BIO_FLUSH and BIO_DELETE requests in secondary worker we need to use ioctl(2). This is why we can't use capsicum for now to sandbox secondary. Capsicum is still used to sandbox hastctl. r223584 (pjd): Log a warning if we cannot sandbox using capsicum, but only under debug level 1. It would be too noisy to log it as a proper warning as CAPABILITIES are not compiled into GENERIC by default. r223585 (pjd): Compile capsicum support only if HAVE_CAPSICUM is defined. Approved by: pjd (mentor) Modified: stable/8/sbin/hastctl/hastctl.c stable/8/sbin/hastd/primary.c stable/8/sbin/hastd/secondary.c stable/8/sbin/hastd/subr.c stable/8/sbin/hastd/subr.h Directory Properties: stable/8/sbin/hastctl/ (props changed) stable/8/sbin/hastd/ (props changed) Modified: stable/8/sbin/hastctl/hastctl.c ============================================================================== --- stable/8/sbin/hastctl/hastctl.c Sun Jul 3 16:32:03 2011 (r223742) +++ stable/8/sbin/hastctl/hastctl.c Sun Jul 3 16:54:27 2011 (r223743) @@ -491,9 +491,8 @@ main(int argc, char *argv[]) cfg->hc_controladdr); } - if (drop_privs() != 0) + if (drop_privs(NULL) != 0) exit(EX_CONFIG); - pjdlog_debug(1, "Privileges successfully dropped."); /* Send the command to the server... */ if (hast_proto_send(NULL, controlconn, nv, NULL, 0) < 0) { Modified: stable/8/sbin/hastd/primary.c ============================================================================== --- stable/8/sbin/hastd/primary.c Sun Jul 3 16:32:03 2011 (r223742) +++ stable/8/sbin/hastd/primary.c Sun Jul 3 16:54:27 2011 (r223743) @@ -906,7 +906,7 @@ hastd_primary(struct hast_resource *res) init_ggate(res); init_environment(res); - if (drop_privs() != 0) { + if (drop_privs(res) != 0) { cleanup(res); exit(EX_CONFIG); } Modified: stable/8/sbin/hastd/secondary.c ============================================================================== --- stable/8/sbin/hastd/secondary.c Sun Jul 3 16:32:03 2011 (r223742) +++ stable/8/sbin/hastd/secondary.c Sun Jul 3 16:54:27 2011 (r223743) @@ -440,7 +440,7 @@ hastd_secondary(struct hast_resource *re init_local(res); init_environment(); - if (drop_privs() != 0) + if (drop_privs(res) != 0) exit(EX_CONFIG); pjdlog_info("Privileges successfully dropped."); Modified: stable/8/sbin/hastd/subr.c ============================================================================== --- stable/8/sbin/hastd/subr.c Sun Jul 3 16:32:03 2011 (r223742) +++ stable/8/sbin/hastd/subr.c Sun Jul 3 16:54:27 2011 (r223743) @@ -31,15 +31,20 @@ #include __FBSDID("$FreeBSD$"); -#include +#ifdef HAVE_CAPSICUM +#include +#endif +#include #include #include +#include #include #include #include #include #include +#include #include #include #include @@ -145,12 +150,15 @@ role2str(int role) } int -drop_privs(void) +drop_privs(struct hast_resource *res) { + char jailhost[sizeof(res->hr_name) * 2]; + struct jail jailst; struct passwd *pw; uid_t ruid, euid, suid; gid_t rgid, egid, sgid; gid_t gidset[1]; + bool capsicum, jailed; /* * According to getpwnam(3) we have to clear errno before calling the @@ -170,10 +178,34 @@ drop_privs(void) return (-1); } } - if (chroot(pw->pw_dir) == -1) { - KEEP_ERRNO(pjdlog_errno(LOG_ERR, - "Unable to change root directory to %s", pw->pw_dir)); - return (-1); + + bzero(&jailst, sizeof(jailst)); + jailst.version = JAIL_API_VERSION; + jailst.path = pw->pw_dir; + if (res == NULL) { + (void)snprintf(jailhost, sizeof(jailhost), "hastctl"); + } else { + (void)snprintf(jailhost, sizeof(jailhost), "hastd: %s (%s)", + res->hr_name, role2str(res->hr_role)); + } + jailst.hostname = jailhost; + jailst.jailname = NULL; + jailst.ip4s = 0; + jailst.ip4 = NULL; + jailst.ip6s = 0; + jailst.ip6 = NULL; + if (jail(&jailst) >= 0) { + jailed = true; + } else { + jailed = false; + pjdlog_errno(LOG_WARNING, + "Unable to jail to directory to %s", pw->pw_dir); + if (chroot(pw->pw_dir) == -1) { + KEEP_ERRNO(pjdlog_errno(LOG_ERR, + "Unable to change root directory to %s", + pw->pw_dir)); + return (-1); + } } PJDLOG_VERIFY(chdir("/") == 0); gidset[0] = pw->pw_gid; @@ -195,6 +227,23 @@ drop_privs(void) } /* + * Until capsicum doesn't allow ioctl(2) we cannot use it to sandbox + * primary and secondary worker processes, as primary uses GGATE + * ioctls and secondary uses ioctls to handle BIO_DELETE and BIO_FLUSH. + * For now capsicum is only used to sandbox hastctl. + */ +#ifdef HAVE_CAPSICUM + if (res == NULL) { + capsicum = (cap_enter() == 0); + if (!capsicum) { + pjdlog_common(LOG_DEBUG, 1, errno, + "Unable to sandbox using capsicum"); + } + } else +#endif + capsicum = false; + + /* * Better be sure that everything succeeded. */ PJDLOG_VERIFY(getresuid(&ruid, &euid, &suid) == 0); @@ -209,5 +258,9 @@ drop_privs(void) PJDLOG_VERIFY(getgroups(1, gidset) == 1); PJDLOG_VERIFY(gidset[0] == pw->pw_gid); + pjdlog_debug(1, + "Privileges successfully dropped using %s%s+setgid+setuid.", + capsicum ? "capsicum+" : "", jailed ? "jail" : "chroot"); + return (0); } Modified: stable/8/sbin/hastd/subr.h ============================================================================== --- stable/8/sbin/hastd/subr.h Sun Jul 3 16:32:03 2011 (r223742) +++ stable/8/sbin/hastd/subr.h Sun Jul 3 16:54:27 2011 (r223743) @@ -51,6 +51,6 @@ int snprlcat(char *str, size_t size, con int provinfo(struct hast_resource *res, bool dowrite); const char *role2str(int role); -int drop_privs(void); +int drop_privs(struct hast_resource *res); #endif /* !_SUBR_H_ */ From owner-svn-src-stable-8@FreeBSD.ORG Sun Jul 3 21:05:11 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1ECE81065670; Sun, 3 Jul 2011 21:05:11 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 0E1F38FC14; Sun, 3 Jul 2011 21:05:11 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p63L5AEY040280; Sun, 3 Jul 2011 21:05:10 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p63L5AI9040278; Sun, 3 Jul 2011 21:05:10 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201107032105.p63L5AI9040278@svn.freebsd.org> From: Gavin Atkinson Date: Sun, 3 Jul 2011 21:05:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223745 - stable/8/sys/dev/usb/wlan X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jul 2011 21:05:11 -0000 Author: gavin Date: Sun Jul 3 21:05:10 2011 New Revision: 223745 URL: http://svn.freebsd.org/changeset/base/223745 Log: Merge r223446 from head: Use USB_VENDOR_OVISLINK define rather than the vendor ID. PR: usb/158142 Submitted by: Robert Millan Modified: stable/8/sys/dev/usb/wlan/if_urtw.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/dev/usb/wlan/if_urtw.c ============================================================================== --- stable/8/sys/dev/usb/wlan/if_urtw.c Sun Jul 3 20:59:57 2011 (r223744) +++ stable/8/sys/dev/usb/wlan/if_urtw.c Sun Jul 3 21:05:10 2011 (r223745) @@ -115,7 +115,7 @@ static const STRUCT_USB_HOST_ID urtw_dev URTW_DEV_L(REALTEK, RTL8187), URTW_DEV_L(SITECOMEU, WL168V1), URTW_DEV_L(SURECOM, EP9001G2A), - { USB_VPI(0x1b75, 0x8187, URTW_REV_RTL8187L) }, + { USB_VPI(USB_VENDOR_OVISLINK, 0x8187, URTW_REV_RTL8187L) }, { USB_VPI(USB_VENDOR_DICKSMITH, 0x9401, URTW_REV_RTL8187L) }, { USB_VPI(USB_VENDOR_HP, 0xca02, URTW_REV_RTL8187L) }, { USB_VPI(USB_VENDOR_LOGITEC, 0x010c, URTW_REV_RTL8187L) }, From owner-svn-src-stable-8@FreeBSD.ORG Sun Jul 3 21:07:22 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0E906106566C; Sun, 3 Jul 2011 21:07:22 +0000 (UTC) (envelope-from gavin@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id AD9128FC15; Sun, 3 Jul 2011 21:07:21 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p63L7L9W040392; Sun, 3 Jul 2011 21:07:21 GMT (envelope-from gavin@svn.freebsd.org) Received: (from gavin@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p63L7LiJ040390; Sun, 3 Jul 2011 21:07:21 GMT (envelope-from gavin@svn.freebsd.org) Message-Id: <201107032107.p63L7LiJ040390@svn.freebsd.org> From: Gavin Atkinson Date: Sun, 3 Jul 2011 21:07:21 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223746 - stable/8/sbin/geom/class/part X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 03 Jul 2011 21:07:22 -0000 Author: gavin Date: Sun Jul 3 21:07:21 2011 New Revision: 223746 URL: http://svn.freebsd.org/changeset/base/223746 Log: Merge r222778 from head: Rework parts of this man page to improve grammar. PR: docs/157467 (partially) Submitted by: Ben Kaduk (partially) Modified: stable/8/sbin/geom/class/part/gpart.8 Directory Properties: stable/8/sbin/geom/class/part/ (props changed) Modified: stable/8/sbin/geom/class/part/gpart.8 ============================================================================== --- stable/8/sbin/geom/class/part/gpart.8 Sun Jul 3 21:05:10 2011 (r223745) +++ stable/8/sbin/geom/class/part/gpart.8 Sun Jul 3 21:07:21 2011 (r223746) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 12, 2011 +.Dd June 6, 2011 .Dt GPART 8 .Os .Sh NAME @@ -505,16 +505,17 @@ about its use. .El .\" .Sh PARTITION TYPES +Partition types are identified on disk by particular strings or magic +values. The .Nm -utility uses symbolic names for common partition types to avoid that the -user needs to know what the partitioning scheme in question is and what -the actual number or identification needs to be used for a particular -type. +utility uses symbolic names for common partition types to avoid the +user needing to know these values or other details of the partitioning +scheme in question. The .Nm utility also allows the user to specify scheme-specific partition types -for partition types that do not have symbol names. +for partition types that do not have symbolic names. The symbolic names currently understood are: .Bl -tag -width ".Cm freebsd-vinum" .It Cm bios-boot @@ -715,30 +716,30 @@ action or reverted with the .Cm undo action. .Sh RECOVERING -The GEOM class PART supports recovering of partition tables only for GPT. +The GEOM PART class supports recovering of partition tables only for GPT. The GUID partition table has a primary and secondary (backup) copy of -metadata for redundance. -They are stored in the begining and in the end of device respectively. -Therefore it is acceptable to have some corruptions in the metadata that -are not fatal to work with GPT. -When kernel detects corrupt metadata it marks this table as corrupt and -reports about corruption. -Any changes in corrupt table are prohibited except +metadata for redundance, these are stored at the begining and the end +of the device respectively. +As a result of having two copies, it is acceptable to have some corruption +within the metadata that is not fatal to the working of GPT. +When the kernel detects corrupt metadata it marks this table as corrupt and +reports the corruption. +Any operations on corrupt tables are prohibited except for .Cm destroy and .Cm recover . .Pp -In case when only first sector is corrupt kernel can not detect GPT even -if partition table is not corrupt. -You can write protective MBR with +If the first sector of a provider is corrupt, the kernel can not detect GPT +even if partition table itself is not corrupt. +You can rewrite the protective MBR using the .Xr dd 1 -command to restore ability of GPT detection. -The copy of protective MBR is usually located in the +command, to restore the ability to detect the GPT. +The copy of the protective MBR is usually located in the .Pa /boot/pmbr file. .Pp -In case when some of metadata is corrupt you will get to know about this -from kernel's messages like these: +If one GPT header appears to be corrupt but the other copy remains intact, +the kernel will log the following: .Bd -literal -offset indent GEOM: provider: the primary GPT table is corrupt or invalid. GEOM: provider: using the secondary instead -- recovery strongly advised. @@ -750,37 +751,35 @@ GEOM: provider: the secondary GPT table GEOM: provider: using the primary only -- recovery suggested. .Ed .Pp -Also -.Cm gpart -commands like -.Cm show , -.Cm status +Also +.Nm +commands such as +.Cm show , status and .Cm list -will report about corrupt table. +will report about corrupt tables. .Pp -In case when the size of device has changed (e.g. volume expansion) the -secondary GPT header will become located not in the last sector. +If the size of the device has changed (e.g.\& volume expansion) the +secondary GPT header will no longer be located in the last sector. This is not a metadata corruption, but it is dangerous because any -corruption of the primary GPT will lead to lost of partition table. -Kernel reports about this problem with message: +corruption of the primary GPT will lead to loss of partition table. +This problem is reported by the kernel with the message: .Bd -literal -offset indent GEOM: provider: the secondary GPT header is not in the last LBA. .Ed .Pp -A corrupt table can be recovered with -.Cm gpart recover +This situation can be recovered with the +.Cm recover command. -This command does reconstruction of corrupt metadata using -known valid metadata. -Also it can relocate secondary GPT to the end of device. -.Pp -.Pa NOTE : -The GEOM class PART can detect the same partition table on different GEOM -providers and some of them will be marked as corrupt. -Be careful when choosing a provider for recovering. +This command reconstructs the corrupt metadata using known valid +metadata and relocates the secondary GPT to the end of the device. +.Pp +.Em NOTE : +The GEOM PART class can detect the same partition table visible through +different GEOM providers, and some of them will be marked as corrupt. +Be careful when choosing a provider for recovery. If you choose incorrectly you can destroy the metadata of another GEOM class, -e.g. GEOM MIRROR or GEOM LABEL. +e.g.\& GEOM MIRROR or GEOM LABEL. .Sh EXIT STATUS Exit status is 0 on success, and 1 if the command fails. .Sh EXAMPLES From owner-svn-src-stable-8@FreeBSD.ORG Mon Jul 4 00:24:59 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E5C8E106566B; Mon, 4 Jul 2011 00:24:59 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id D2FAD8FC08; Mon, 4 Jul 2011 00:24:59 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p640OxxQ046348; Mon, 4 Jul 2011 00:24:59 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p640OxkV046337; Mon, 4 Jul 2011 00:24:59 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107040024.p640OxkV046337@svn.freebsd.org> From: Rick Macklem Date: Mon, 4 Jul 2011 00:24:59 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223748 - in stable/8/sys: fs/nfs fs/nfsclient fs/nfsserver kgssapi modules modules/kgssapi_krb5 nfsclient nfsserver rpc X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jul 2011 00:25:00 -0000 Author: rmacklem Date: Mon Jul 4 00:24:59 2011 New Revision: 223748 URL: http://svn.freebsd.org/changeset/base/223748 Log: MFC: r223309 Fix the kgssapi so that it can be loaded as a module. Currently the NFS subsystems use five of the rpcsec_gss/kgssapi entry points, but since it was not obvious which others might be useful, all nineteen were included. Basically the nineteen entry points are set in a structure called rpc_gss_entries and inline functions defined in sys/rpc/rpcsec_gss.h check for the entry points being non-NULL and then call them. A default value is returned otherwise. Modified: stable/8/sys/fs/nfs/nfs_commonkrpc.c stable/8/sys/fs/nfsclient/nfs_clkrpc.c stable/8/sys/fs/nfsserver/nfs_nfsdkrpc.c stable/8/sys/kgssapi/gss_impl.c stable/8/sys/modules/Makefile stable/8/sys/modules/kgssapi_krb5/Makefile stable/8/sys/nfsclient/nfs_krpc.c stable/8/sys/nfsserver/nfs_srvkrpc.c stable/8/sys/rpc/rpc_generic.c stable/8/sys/rpc/rpcsec_gss.h Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/fs/nfs/nfs_commonkrpc.c ============================================================================== --- stable/8/sys/fs/nfs/nfs_commonkrpc.c Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/fs/nfs/nfs_commonkrpc.c Mon Jul 4 00:24:59 2011 (r223748) @@ -300,9 +300,7 @@ newnfs_disconnect(struct nfssockreq *nrp client = nrp->nr_client; nrp->nr_client = NULL; mtx_unlock(&nrp->nr_mtx); -#ifdef KGSSAPI - rpc_gss_secpurge(client); -#endif + rpc_gss_secpurge_call(client); CLNT_CLOSE(client); CLNT_RELEASE(client); } else { @@ -314,21 +312,18 @@ static AUTH * nfs_getauth(struct nfssockreq *nrp, int secflavour, char *clnt_principal, char *srv_principal, gss_OID mech_oid, struct ucred *cred) { -#ifdef KGSSAPI rpc_gss_service_t svc; AUTH *auth; #ifdef notyet rpc_gss_options_req_t req_options; #endif -#endif switch (secflavour) { -#ifdef KGSSAPI case RPCSEC_GSS_KRB5: case RPCSEC_GSS_KRB5I: case RPCSEC_GSS_KRB5P: if (!mech_oid) { - if (!rpc_gss_mech_to_oid("kerberosv5", &mech_oid)) + if (!rpc_gss_mech_to_oid_call("kerberosv5", &mech_oid)) return (NULL); } if (secflavour == RPCSEC_GSS_KRB5) @@ -344,7 +339,7 @@ nfs_getauth(struct nfssockreq *nrp, int req_options.input_channel_bindings = NULL; req_options.enc_type = nfs_keytab_enctype; - auth = rpc_gss_secfind(nrp->nr_client, cred, + auth = rpc_gss_secfind_call(nrp->nr_client, cred, clnt_principal, srv_principal, mech_oid, svc, &req_options); #else @@ -354,7 +349,7 @@ nfs_getauth(struct nfssockreq *nrp, int * principals. As such, that case cannot yet be handled. */ if (clnt_principal == NULL) - auth = rpc_gss_secfind(nrp->nr_client, cred, + auth = rpc_gss_secfind_call(nrp->nr_client, cred, srv_principal, mech_oid, svc); else auth = NULL; @@ -362,7 +357,6 @@ nfs_getauth(struct nfssockreq *nrp, int if (auth != NULL) return (auth); /* fallthrough */ -#endif /* KGSSAPI */ case AUTH_SYS: default: return (authunix_create(cred)); Modified: stable/8/sys/fs/nfsclient/nfs_clkrpc.c ============================================================================== --- stable/8/sys/fs/nfsclient/nfs_clkrpc.c Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/fs/nfsclient/nfs_clkrpc.c Mon Jul 4 00:24:59 2011 (r223748) @@ -217,12 +217,9 @@ nfscbd_addsock(struct file *fp) int nfscbd_nfsd(struct thread *td, struct nfsd_nfscbd_args *args) { -#ifdef KGSSAPI char principal[128]; int error; -#endif -#ifdef KGSSAPI if (args != NULL) { error = copyinstr(args->principal, principal, sizeof(principal), NULL); @@ -231,7 +228,6 @@ nfscbd_nfsd(struct thread *td, struct nf } else { principal[0] = '\0'; } -#endif /* * Only the first nfsd actually does any work. The RPC code @@ -246,20 +242,16 @@ nfscbd_nfsd(struct thread *td, struct nf NFSD_UNLOCK(); -#ifdef KGSSAPI if (principal[0] != '\0') - rpc_gss_set_svc_name(principal, "kerberosv5", + rpc_gss_set_svc_name_call(principal, "kerberosv5", GSS_C_INDEFINITE, NFS_CALLBCKPROG, NFSV4_CBVERS); -#endif nfscbd_pool->sp_minthreads = 4; nfscbd_pool->sp_maxthreads = 4; svc_run(nfscbd_pool); -#ifdef KGSSAPI - rpc_gss_clear_svc_name(NFS_CALLBCKPROG, NFSV4_CBVERS); -#endif + rpc_gss_clear_svc_name_call(NFS_CALLBCKPROG, NFSV4_CBVERS); NFSD_LOCK(); nfs_numnfscbd--; Modified: stable/8/sys/fs/nfsserver/nfs_nfsdkrpc.c ============================================================================== --- stable/8/sys/fs/nfsserver/nfs_nfsdkrpc.c Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/fs/nfsserver/nfs_nfsdkrpc.c Mon Jul 4 00:24:59 2011 (r223748) @@ -386,18 +386,14 @@ nfsrvd_addsock(struct file *fp) int nfsrvd_nfsd(struct thread *td, struct nfsd_nfsd_args *args) { -#ifdef KGSSAPI char principal[MAXHOSTNAMELEN + 5]; int error; bool_t ret2, ret3, ret4; -#endif -#ifdef KGSSAPI error = copyinstr(args->principal, principal, sizeof (principal), NULL); if (error) return (error); -#endif /* * Only the first nfsd actually does any work. The RPC code @@ -412,38 +408,29 @@ nfsrvd_nfsd(struct thread *td, struct nf NFSD_UNLOCK(); -#ifdef KGSSAPI /* An empty string implies AUTH_SYS only. */ if (principal[0] != '\0') { - ret2 = rpc_gss_set_svc_name(principal, "kerberosv5", - GSS_C_INDEFINITE, NFS_PROG, NFS_VER2); - ret3 = rpc_gss_set_svc_name(principal, "kerberosv5", - GSS_C_INDEFINITE, NFS_PROG, NFS_VER3); - ret4 = rpc_gss_set_svc_name(principal, "kerberosv5", - GSS_C_INDEFINITE, NFS_PROG, NFS_VER4); - - if (!ret2 || !ret3 || !ret4) { - NFSD_LOCK(); - newnfs_numnfsd--; - nfsrvd_init(1); - NFSD_UNLOCK(); - return (EAUTH); - } + ret2 = rpc_gss_set_svc_name_call(principal, + "kerberosv5", GSS_C_INDEFINITE, NFS_PROG, NFS_VER2); + ret3 = rpc_gss_set_svc_name_call(principal, + "kerberosv5", GSS_C_INDEFINITE, NFS_PROG, NFS_VER3); + ret4 = rpc_gss_set_svc_name_call(principal, + "kerberosv5", GSS_C_INDEFINITE, NFS_PROG, NFS_VER4); + + if (!ret2 || !ret3 || !ret4) + printf("nfsd: can't register svc name\n"); } -#endif nfsrvd_pool->sp_minthreads = args->minthreads; nfsrvd_pool->sp_maxthreads = args->maxthreads; svc_run(nfsrvd_pool); -#ifdef KGSSAPI if (principal[0] != '\0') { - rpc_gss_clear_svc_name(NFS_PROG, NFS_VER2); - rpc_gss_clear_svc_name(NFS_PROG, NFS_VER3); - rpc_gss_clear_svc_name(NFS_PROG, NFS_VER4); + rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER2); + rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER3); + rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER4); } -#endif NFSD_LOCK(); newnfs_numnfsd--; Modified: stable/8/sys/kgssapi/gss_impl.c ============================================================================== --- stable/8/sys/kgssapi/gss_impl.c Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/kgssapi/gss_impl.c Mon Jul 4 00:24:59 2011 (r223748) @@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include "gssd.h" #include "kgss_if.h" @@ -253,8 +254,40 @@ kgss_copy_buffer(const gss_buffer_t from static int kgssapi_modevent(module_t mod, int type, void *data) { + int error = 0; - return (0); + switch (type) { + case MOD_LOAD: + rpc_gss_entries.rpc_gss_secfind = rpc_gss_secfind; + rpc_gss_entries.rpc_gss_secpurge = rpc_gss_secpurge; + rpc_gss_entries.rpc_gss_seccreate = rpc_gss_seccreate; + rpc_gss_entries.rpc_gss_set_defaults = rpc_gss_set_defaults; + rpc_gss_entries.rpc_gss_max_data_length = + rpc_gss_max_data_length; + rpc_gss_entries.rpc_gss_get_error = rpc_gss_get_error; + rpc_gss_entries.rpc_gss_mech_to_oid = rpc_gss_mech_to_oid; + rpc_gss_entries.rpc_gss_oid_to_mech = rpc_gss_oid_to_mech; + rpc_gss_entries.rpc_gss_qop_to_num = rpc_gss_qop_to_num; + rpc_gss_entries.rpc_gss_get_mechanisms = rpc_gss_get_mechanisms; + rpc_gss_entries.rpc_gss_get_versions = rpc_gss_get_versions; + rpc_gss_entries.rpc_gss_is_installed = rpc_gss_is_installed; + rpc_gss_entries.rpc_gss_set_svc_name = rpc_gss_set_svc_name; + rpc_gss_entries.rpc_gss_clear_svc_name = rpc_gss_clear_svc_name; + rpc_gss_entries.rpc_gss_getcred = rpc_gss_getcred; + rpc_gss_entries.rpc_gss_set_callback = rpc_gss_set_callback; + rpc_gss_entries.rpc_gss_clear_callback = rpc_gss_clear_callback; + rpc_gss_entries.rpc_gss_get_principal_name = + rpc_gss_get_principal_name; + rpc_gss_entries.rpc_gss_svc_max_data_length = + rpc_gss_svc_max_data_length; + break; + case MOD_UNLOAD: + /* Unloading of the kgssapi module isn't supported. */ + /* FALLTHROUGH */ + default: + error = EOPNOTSUPP; + }; + return (error); } static moduledata_t kgssapi_mod = { "kgssapi", Modified: stable/8/sys/modules/Makefile ============================================================================== --- stable/8/sys/modules/Makefile Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/modules/Makefile Mon Jul 4 00:24:59 2011 (r223748) @@ -152,6 +152,8 @@ SUBDIR= ${_3dfx} \ jme \ joy \ kbdmux \ + kgssapi \ + kgssapi_krb5 \ khelp \ krpc \ ksyms \ Modified: stable/8/sys/modules/kgssapi_krb5/Makefile ============================================================================== --- stable/8/sys/modules/kgssapi_krb5/Makefile Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/modules/kgssapi_krb5/Makefile Mon Jul 4 00:24:59 2011 (r223748) @@ -8,7 +8,8 @@ SRCS= krb5_mech.c \ kcrypto_des.c \ kcrypto_des3.c \ kcrypto_aes.c \ - kcrypto_arcfour.c + kcrypto_arcfour.c \ + opt_inet6.h SRCS+= kgss_if.h gssd.h MFILES= kgssapi/kgss_if.m Modified: stable/8/sys/nfsclient/nfs_krpc.c ============================================================================== --- stable/8/sys/nfsclient/nfs_krpc.c Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/nfsclient/nfs_krpc.c Mon Jul 4 00:24:59 2011 (r223748) @@ -306,9 +306,7 @@ nfs_disconnect(struct nfsmount *nmp) client = nmp->nm_client; nmp->nm_client = NULL; mtx_unlock(&nmp->nm_mtx); -#ifdef KGSSAPI - rpc_gss_secpurge(client); -#endif + rpc_gss_secpurge_call(client); CLNT_CLOSE(client); CLNT_RELEASE(client); } else @@ -325,18 +323,15 @@ nfs_safedisconnect(struct nfsmount *nmp) static AUTH * nfs_getauth(struct nfsmount *nmp, struct ucred *cred) { -#ifdef KGSSAPI rpc_gss_service_t svc; AUTH *auth; -#endif switch (nmp->nm_secflavor) { -#ifdef KGSSAPI case RPCSEC_GSS_KRB5: case RPCSEC_GSS_KRB5I: case RPCSEC_GSS_KRB5P: if (!nmp->nm_mech_oid) - if (!rpc_gss_mech_to_oid("kerberosv5", + if (!rpc_gss_mech_to_oid_call("kerberosv5", &nmp->nm_mech_oid)) return (NULL); if (nmp->nm_secflavor == RPCSEC_GSS_KRB5) @@ -345,12 +340,11 @@ nfs_getauth(struct nfsmount *nmp, struct svc = rpc_gss_svc_integrity; else svc = rpc_gss_svc_privacy; - auth = rpc_gss_secfind(nmp->nm_client, cred, + auth = rpc_gss_secfind_call(nmp->nm_client, cred, nmp->nm_principal, nmp->nm_mech_oid, svc); if (auth) return (auth); /* fallthrough */ -#endif case AUTH_SYS: default: return (authunix_create(cred)); Modified: stable/8/sys/nfsserver/nfs_srvkrpc.c ============================================================================== --- stable/8/sys/nfsserver/nfs_srvkrpc.c Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/nfsserver/nfs_srvkrpc.c Mon Jul 4 00:24:59 2011 (r223748) @@ -418,12 +418,9 @@ nfssvc_addsock(struct file *fp, struct t static int nfssvc_nfsd(struct thread *td, struct nfsd_nfsd_args *args) { -#ifdef KGSSAPI char principal[128]; int error; -#endif -#ifdef KGSSAPI if (args) { error = copyinstr(args->principal, principal, sizeof(principal), NULL); @@ -434,7 +431,6 @@ nfssvc_nfsd(struct thread *td, struct nf getcredhostname(td->td_ucred, principal + 4, sizeof(principal) - 4); } -#endif /* * Only the first nfsd actually does any work. The RPC code @@ -449,12 +445,10 @@ nfssvc_nfsd(struct thread *td, struct nf NFSD_UNLOCK(); -#ifdef KGSSAPI - rpc_gss_set_svc_name(principal, "kerberosv5", + rpc_gss_set_svc_name_call(principal, "kerberosv5", GSS_C_INDEFINITE, NFS_PROG, NFS_VER2); - rpc_gss_set_svc_name(principal, "kerberosv5", + rpc_gss_set_svc_name_call(principal, "kerberosv5", GSS_C_INDEFINITE, NFS_PROG, NFS_VER3); -#endif if (args) { nfsrv_pool->sp_minthreads = args->minthreads; @@ -466,10 +460,8 @@ nfssvc_nfsd(struct thread *td, struct nf svc_run(nfsrv_pool); -#ifdef KGSSAPI - rpc_gss_clear_svc_name(NFS_PROG, NFS_VER2); - rpc_gss_clear_svc_name(NFS_PROG, NFS_VER3); -#endif + rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER2); + rpc_gss_clear_svc_name_call(NFS_PROG, NFS_VER3); NFSD_LOCK(); nfsrv_numnfsd--; Modified: stable/8/sys/rpc/rpc_generic.c ============================================================================== --- stable/8/sys/rpc/rpc_generic.c Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/rpc/rpc_generic.c Mon Jul 4 00:24:59 2011 (r223748) @@ -60,6 +60,7 @@ __FBSDID("$FreeBSD$"); #include #include +#include #include @@ -69,6 +70,9 @@ extern u_long sb_max_adj; /* not defined #define strrchr rindex #endif +/* Provide an entry point hook for the rpcsec_gss module. */ +struct rpc_gss_entries rpc_gss_entries; + struct handle { NCONF_HANDLE *nhandle; int nflag; /* Whether NETPATH or NETCONFIG */ Modified: stable/8/sys/rpc/rpcsec_gss.h ============================================================================== --- stable/8/sys/rpc/rpcsec_gss.h Sun Jul 3 21:44:26 2011 (r223747) +++ stable/8/sys/rpc/rpcsec_gss.h Mon Jul 4 00:24:59 2011 (r223748) @@ -141,6 +141,271 @@ typedef struct { __BEGIN_DECLS #ifdef _KERNEL +/* + * Set up a structure of entry points for the kgssapi module and inline + * functions named rpc_gss_XXX_call() to use them, so that the kgssapi + * module doesn't need to be loaded for the NFS modules to work using + * AUTH_SYS. The kgssapi modules will be loaded by the gssd(8) daemon + * when it is started up and the entry points will then be filled in. + */ +typedef AUTH *rpc_gss_secfind_ftype(CLIENT *clnt, struct ucred *cred, + const char *principal, gss_OID mech_oid, + rpc_gss_service_t service); +typedef void rpc_gss_secpurge_ftype(CLIENT *clnt); +typedef AUTH *rpc_gss_seccreate_ftype(CLIENT *clnt, struct ucred *cred, + const char *principal, const char *mechanism, + rpc_gss_service_t service, const char *qop, + rpc_gss_options_req_t *options_req, + rpc_gss_options_ret_t *options_ret); +typedef bool_t rpc_gss_set_defaults_ftype(AUTH *auth, + rpc_gss_service_t service, const char *qop); +typedef int rpc_gss_max_data_length_ftype(AUTH *handle, + int max_tp_unit_len); +typedef void rpc_gss_get_error_ftype(rpc_gss_error_t *error); +typedef bool_t rpc_gss_mech_to_oid_ftype(const char *mech, gss_OID *oid_ret); +typedef bool_t rpc_gss_oid_to_mech_ftype(gss_OID oid, const char **mech_ret); +typedef bool_t rpc_gss_qop_to_num_ftype(const char *qop, const char *mech, + u_int *num_ret); +typedef const char **rpc_gss_get_mechanisms_ftype(void); +typedef bool_t rpc_gss_get_versions_ftype(u_int *vers_hi, u_int *vers_lo); +typedef bool_t rpc_gss_is_installed_ftype(const char *mech); +typedef bool_t rpc_gss_set_svc_name_ftype(const char *principal, + const char *mechanism, u_int req_time, u_int program, + u_int version); +typedef void rpc_gss_clear_svc_name_ftype(u_int program, u_int version); +typedef bool_t rpc_gss_getcred_ftype(struct svc_req *req, + rpc_gss_rawcred_t **rcred, + rpc_gss_ucred_t **ucred, void **cookie); +typedef bool_t rpc_gss_set_callback_ftype(rpc_gss_callback_t *cb); +typedef void rpc_gss_clear_callback_ftype(rpc_gss_callback_t *cb); +typedef bool_t rpc_gss_get_principal_name_ftype(rpc_gss_principal_t *principal, + const char *mech, const char *name, const char *node, + const char *domain); +typedef int rpc_gss_svc_max_data_length_ftype(struct svc_req *req, + int max_tp_unit_len); + +struct rpc_gss_entries { + rpc_gss_secfind_ftype *rpc_gss_secfind; + rpc_gss_secpurge_ftype *rpc_gss_secpurge; + rpc_gss_seccreate_ftype *rpc_gss_seccreate; + rpc_gss_set_defaults_ftype *rpc_gss_set_defaults; + rpc_gss_max_data_length_ftype *rpc_gss_max_data_length; + rpc_gss_get_error_ftype *rpc_gss_get_error; + rpc_gss_mech_to_oid_ftype *rpc_gss_mech_to_oid; + rpc_gss_oid_to_mech_ftype *rpc_gss_oid_to_mech; + rpc_gss_qop_to_num_ftype *rpc_gss_qop_to_num; + rpc_gss_get_mechanisms_ftype *rpc_gss_get_mechanisms; + rpc_gss_get_versions_ftype *rpc_gss_get_versions; + rpc_gss_is_installed_ftype *rpc_gss_is_installed; + rpc_gss_set_svc_name_ftype *rpc_gss_set_svc_name; + rpc_gss_clear_svc_name_ftype *rpc_gss_clear_svc_name; + rpc_gss_getcred_ftype *rpc_gss_getcred; + rpc_gss_set_callback_ftype *rpc_gss_set_callback; + rpc_gss_clear_callback_ftype *rpc_gss_clear_callback; + rpc_gss_get_principal_name_ftype *rpc_gss_get_principal_name; + rpc_gss_svc_max_data_length_ftype *rpc_gss_svc_max_data_length; +}; +extern struct rpc_gss_entries rpc_gss_entries; + +/* Functions to access the entry points. */ +static __inline AUTH * +rpc_gss_secfind_call(CLIENT *clnt, struct ucred *cred, const char *principal, + gss_OID mech_oid, rpc_gss_service_t service) +{ + AUTH *ret = NULL; + + if (rpc_gss_entries.rpc_gss_secfind != NULL) + ret = (*rpc_gss_entries.rpc_gss_secfind)(clnt, cred, principal, + mech_oid, service); + return (ret); +} + +static __inline void +rpc_gss_secpurge_call(CLIENT *clnt) +{ + + if (rpc_gss_entries.rpc_gss_secpurge != NULL) + (*rpc_gss_entries.rpc_gss_secpurge)(clnt); +} + +static __inline AUTH * +rpc_gss_seccreate_call(CLIENT *clnt, struct ucred *cred, const char *principal, + const char *mechanism, rpc_gss_service_t service, const char *qop, + rpc_gss_options_req_t *options_req, rpc_gss_options_ret_t *options_ret) +{ + AUTH *ret = NULL; + + if (rpc_gss_entries.rpc_gss_seccreate != NULL) + ret = (*rpc_gss_entries.rpc_gss_seccreate)(clnt, cred, + principal, mechanism, service, qop, options_req, + options_ret); + return (ret); +} + +static __inline bool_t +rpc_gss_set_defaults_call(AUTH *auth, rpc_gss_service_t service, + const char *qop) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_set_defaults != NULL) + ret = (*rpc_gss_entries.rpc_gss_set_defaults)(auth, service, + qop); + return (ret); +} + +static __inline int +rpc_gss_max_data_length_call(AUTH *handle, int max_tp_unit_len) +{ + int ret = 0; + + if (rpc_gss_entries.rpc_gss_max_data_length != NULL) + ret = (*rpc_gss_entries.rpc_gss_max_data_length)(handle, + max_tp_unit_len); + return (ret); +} + +static __inline void +rpc_gss_get_error_call(rpc_gss_error_t *error) +{ + + if (rpc_gss_entries.rpc_gss_get_error != NULL) + (*rpc_gss_entries.rpc_gss_get_error)(error); +} + +static __inline bool_t +rpc_gss_mech_to_oid_call(const char *mech, gss_OID *oid_ret) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_mech_to_oid != NULL) + ret = (*rpc_gss_entries.rpc_gss_mech_to_oid)(mech, oid_ret); + return (ret); +} + +static __inline bool_t +rpc_gss_oid_to_mech_call(gss_OID oid, const char **mech_ret) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_oid_to_mech != NULL) + ret = (*rpc_gss_entries.rpc_gss_oid_to_mech)(oid, mech_ret); + return (ret); +} + +static __inline bool_t +rpc_gss_qop_to_num_call(const char *qop, const char *mech, u_int *num_ret) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_qop_to_num != NULL) + ret = (*rpc_gss_entries.rpc_gss_qop_to_num)(qop, mech, num_ret); + return (ret); +} + +static __inline const char ** +rpc_gss_get_mechanisms_call(void) +{ + const char **ret = NULL; + + if (rpc_gss_entries.rpc_gss_get_mechanisms != NULL) + ret = (*rpc_gss_entries.rpc_gss_get_mechanisms)(); + return (ret); +} + +static __inline bool_t +rpc_gss_get_versions_call(u_int *vers_hi, u_int *vers_lo) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_get_versions != NULL) + ret = (*rpc_gss_entries.rpc_gss_get_versions)(vers_hi, vers_lo); + return (ret); +} + +static __inline bool_t +rpc_gss_is_installed_call(const char *mech) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_is_installed != NULL) + ret = (*rpc_gss_entries.rpc_gss_is_installed)(mech); + return (ret); +} + +static __inline bool_t +rpc_gss_set_svc_name_call(const char *principal, const char *mechanism, + u_int req_time, u_int program, u_int version) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_set_svc_name != NULL) + ret = (*rpc_gss_entries.rpc_gss_set_svc_name)(principal, + mechanism, req_time, program, version); + return (ret); +} + +static __inline void +rpc_gss_clear_svc_name_call(u_int program, u_int version) +{ + + if (rpc_gss_entries.rpc_gss_clear_svc_name != NULL) + (*rpc_gss_entries.rpc_gss_clear_svc_name)(program, version); +} + +static __inline bool_t +rpc_gss_getcred_call(struct svc_req *req, rpc_gss_rawcred_t **rcred, + rpc_gss_ucred_t **ucred, void **cookie) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_getcred != NULL) + ret = (*rpc_gss_entries.rpc_gss_getcred)(req, rcred, ucred, + cookie); + return (ret); +} + +static __inline bool_t +rpc_gss_set_callback_call(rpc_gss_callback_t *cb) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_set_callback != NULL) + ret = (*rpc_gss_entries.rpc_gss_set_callback)(cb); + return (ret); +} + +static __inline void +rpc_gss_clear_callback_call(rpc_gss_callback_t *cb) +{ + + if (rpc_gss_entries.rpc_gss_clear_callback != NULL) + (*rpc_gss_entries.rpc_gss_clear_callback)(cb); +} + +static __inline bool_t +rpc_gss_get_principal_name_call(rpc_gss_principal_t *principal, + const char *mech, const char *name, const char *node, const char *domain) +{ + bool_t ret = 1; + + if (rpc_gss_entries.rpc_gss_get_principal_name != NULL) + ret = (*rpc_gss_entries.rpc_gss_get_principal_name)(principal, + mech, name, node, domain); + return (ret); +} + +static __inline int +rpc_gss_svc_max_data_length_call(struct svc_req *req, int max_tp_unit_len) +{ + int ret = 0; + + if (rpc_gss_entries.rpc_gss_svc_max_data_length != NULL) + ret = (*rpc_gss_entries.rpc_gss_svc_max_data_length)(req, + max_tp_unit_len); + return (ret); +} + AUTH *rpc_gss_secfind(CLIENT *clnt, struct ucred *cred, const char *principal, gss_OID mech_oid, rpc_gss_service_t service); void rpc_gss_secpurge(CLIENT *clnt); From owner-svn-src-stable-8@FreeBSD.ORG Mon Jul 4 00:45:21 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CB102106566B; Mon, 4 Jul 2011 00:45:21 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id A1AAA8FC0C; Mon, 4 Jul 2011 00:45:21 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p640jLW9046968; Mon, 4 Jul 2011 00:45:21 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p640jLRo046966; Mon, 4 Jul 2011 00:45:21 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107040045.p640jLRo046966@svn.freebsd.org> From: Rick Macklem Date: Mon, 4 Jul 2011 00:45:21 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223749 - stable/8/sys/fs/nfsserver X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jul 2011 00:45:21 -0000 Author: rmacklem Date: Mon Jul 4 00:45:21 2011 New Revision: 223749 URL: http://svn.freebsd.org/changeset/base/223749 Log: MFC: r223312 Fix a number of places where the new NFS server did not lock the mutex when manipulating rc_flag in the DRC cache. This is believed to fix a hung server that was reported to the freebsd-fs@ list on June 9 under the subject heading "New NFS server stress test hang", where all the threads were waiting for the RC_LOCKED flag to clear. Modified: stable/8/sys/fs/nfsserver/nfs_nfsdcache.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/fs/nfsserver/nfs_nfsdcache.c ============================================================================== --- stable/8/sys/fs/nfsserver/nfs_nfsdcache.c Mon Jul 4 00:24:59 2011 (r223748) +++ stable/8/sys/fs/nfsserver/nfs_nfsdcache.c Mon Jul 4 00:45:21 2011 (r223749) @@ -405,6 +405,7 @@ nfsrvd_updatecache(struct nfsrv_descript { struct nfsrvcache *rp; struct nfsrvcache *retrp = NULL; + mbuf_t m; rp = nd->nd_rp; if (!rp) @@ -457,9 +458,9 @@ nfsrvd_updatecache(struct nfsrv_descript } if ((nd->nd_flag & ND_NFSV2) && nfsv2_repstat[newnfsv2_procid[nd->nd_procnum]]) { - NFSUNLOCKCACHE(); rp->rc_status = nd->nd_repstat; rp->rc_flag |= RC_REPSTATUS; + NFSUNLOCKCACHE(); } else { if (!(rp->rc_flag & RC_UDP)) { nfsrc_tcpsavedreplies++; @@ -469,9 +470,11 @@ nfsrvd_updatecache(struct nfsrv_descript nfsrc_tcpsavedreplies; } NFSUNLOCKCACHE(); - rp->rc_reply = m_copym(nd->nd_mreq, 0, M_COPYALL, - M_WAIT); + m = m_copym(nd->nd_mreq, 0, M_COPYALL, M_WAIT); + NFSLOCKCACHE(); + rp->rc_reply = m; rp->rc_flag |= RC_REPMBUF; + NFSUNLOCKCACHE(); } if (rp->rc_flag & RC_UDP) { rp->rc_timestamp = NFSD_MONOSEC + @@ -518,6 +521,7 @@ nfsrvd_delcache(struct nfsrvcache *rp) APPLESTATIC void nfsrvd_sentcache(struct nfsrvcache *rp, struct socket *so, int err) { + tcp_seq tmp_seq; if (!(rp->rc_flag & RC_LOCKED)) panic("nfsrvd_sentcache not locked"); @@ -526,8 +530,12 @@ nfsrvd_sentcache(struct nfsrvcache *rp, so->so_proto->pr_domain->dom_family != AF_INET6) || so->so_proto->pr_protocol != IPPROTO_TCP) panic("nfs sent cache"); - if (nfsrv_getsockseqnum(so, &rp->rc_tcpseq)) + if (nfsrv_getsockseqnum(so, &tmp_seq)) { + NFSLOCKCACHE(); + rp->rc_tcpseq = tmp_seq; rp->rc_flag |= RC_TCPSEQ; + NFSUNLOCKCACHE(); + } } nfsrc_unlock(rp); } @@ -687,8 +695,11 @@ nfsrc_lock(struct nfsrvcache *rp) static void nfsrc_unlock(struct nfsrvcache *rp) { + + NFSLOCKCACHE(); rp->rc_flag &= ~RC_LOCKED; nfsrc_wanted(rp); + NFSUNLOCKCACHE(); } /* From owner-svn-src-stable-8@FreeBSD.ORG Mon Jul 4 01:06:19 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C0F07106566C; Mon, 4 Jul 2011 01:06:19 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id B13F98FC0A; Mon, 4 Jul 2011 01:06:19 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p6416JqS047600; Mon, 4 Jul 2011 01:06:19 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p6416JEq047598; Mon, 4 Jul 2011 01:06:19 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107040106.p6416JEq047598@svn.freebsd.org> From: Rick Macklem Date: Mon, 4 Jul 2011 01:06:19 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223750 - stable/8/sys/fs/nfsserver X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jul 2011 01:06:19 -0000 Author: rmacklem Date: Mon Jul 4 01:06:19 2011 New Revision: 223750 URL: http://svn.freebsd.org/changeset/base/223750 Log: MFC: r223348 Fix the new NFSv4 server so that it allows Access and Readlink operations while traversing non-exported file systems. This is required for some non-FreeBSD clients to do NFSv4 mounts. Found during the recent NFSv4 interoperability Bakeathon. Modified: stable/8/sys/fs/nfsserver/nfs_nfsdsocket.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/fs/nfsserver/nfs_nfsdsocket.c ============================================================================== --- stable/8/sys/fs/nfsserver/nfs_nfsdsocket.c Mon Jul 4 00:45:21 2011 (r223749) +++ stable/8/sys/fs/nfsserver/nfs_nfsdsocket.c Mon Jul 4 01:06:19 2011 (r223750) @@ -786,6 +786,8 @@ nfsrvd_compound(struct nfsrv_descript *n op != NFSV4OP_LOOKUP && op != NFSV4OP_GETATTR && op != NFSV4OP_GETFH && + op != NFSV4OP_ACCESS && + op != NFSV4OP_READLINK && op != NFSV4OP_SECINFO) nd->nd_repstat = NFSERR_NOFILEHANDLE; else if (nfsvno_testexp(nd, &vpnes) && From owner-svn-src-stable-8@FreeBSD.ORG Mon Jul 4 01:27:42 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1ABB6106566B; Mon, 4 Jul 2011 01:27:42 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 0ABF48FC0C; Mon, 4 Jul 2011 01:27:42 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p641RfmX048265; Mon, 4 Jul 2011 01:27:41 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p641RfJ0048263; Mon, 4 Jul 2011 01:27:41 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107040127.p641RfJ0048263@svn.freebsd.org> From: Rick Macklem Date: Mon, 4 Jul 2011 01:27:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223751 - stable/8/sys/fs/nfsserver X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 04 Jul 2011 01:27:42 -0000 Author: rmacklem Date: Mon Jul 4 01:27:41 2011 New Revision: 223751 URL: http://svn.freebsd.org/changeset/base/223751 Log: MFC: r223349 Fix the new NFSv4 server so that it only allows Lookup of directories and symbolic links when traversing non-exported file systems. Found during the recent NFSv4 interoperability Bakeathon. Modified: stable/8/sys/fs/nfsserver/nfs_nfsdserv.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/fs/nfsserver/nfs_nfsdserv.c ============================================================================== --- stable/8/sys/fs/nfsserver/nfs_nfsdserv.c Mon Jul 4 01:06:19 2011 (r223750) +++ stable/8/sys/fs/nfsserver/nfs_nfsdserv.c Mon Jul 4 01:27:41 2011 (r223751) @@ -454,7 +454,7 @@ nfsmout: APPLESTATIC int nfsrvd_lookup(struct nfsrv_descript *nd, __unused int isdgram, vnode_t dp, vnode_t *vpp, fhandle_t *fhp, NFSPROC_T *p, - __unused struct nfsexstuff *exp) + struct nfsexstuff *exp) { struct nameidata named; vnode_t vp, dirp = NULL; @@ -508,7 +508,15 @@ nfsrvd_lookup(struct nfsrv_descript *nd, vrele(named.ni_startdir); nfsvno_relpathbuf(&named); vp = named.ni_vp; - nd->nd_repstat = nfsvno_getfh(vp, fhp, p); + if ((nd->nd_flag & ND_NFSV4) != 0 && !NFSVNO_EXPORTED(exp) && + vp->v_type != VDIR && vp->v_type != VLNK) + /* + * Only allow lookup of VDIR and VLNK for traversal of + * non-exported volumes during NFSv4 mounting. + */ + nd->nd_repstat = ENOENT; + if (nd->nd_repstat == 0) + nd->nd_repstat = nfsvno_getfh(vp, fhp, p); if (!(nd->nd_flag & ND_NFSV4) && !nd->nd_repstat) nd->nd_repstat = nfsvno_getattr(vp, &nva, nd->nd_cred, p, 1); if (vpp != NULL && nd->nd_repstat == 0) From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 01:58:09 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A1A37106564A; Tue, 5 Jul 2011 01:58:09 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 770C98FC13; Tue, 5 Jul 2011 01:58:09 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p651w9LH043182; Tue, 5 Jul 2011 01:58:09 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p651w9K1043180; Tue, 5 Jul 2011 01:58:09 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107050158.p651w9K1043180@svn.freebsd.org> From: Rick Macklem Date: Tue, 5 Jul 2011 01:58:09 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223775 - stable/8/sys/fs/nfsserver X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 01:58:09 -0000 Author: rmacklem Date: Tue Jul 5 01:58:09 2011 New Revision: 223775 URL: http://svn.freebsd.org/changeset/base/223775 Log: MFC: r223373 Fix the new NFSv4 server so that it checks for VREAD_ACL when a client does a Getattr for an ACL and not VREAD_ATTRIBUTES. This was found during the recent NFSv4 interoperability Bakeathon. Modified: stable/8/sys/fs/nfsserver/nfs_nfsdserv.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/fs/nfsserver/nfs_nfsdserv.c ============================================================================== --- stable/8/sys/fs/nfsserver/nfs_nfsdserv.c Mon Jul 4 23:32:09 2011 (r223774) +++ stable/8/sys/fs/nfsserver/nfs_nfsdserv.c Tue Jul 5 01:58:09 2011 (r223775) @@ -172,11 +172,12 @@ nfsrvd_getattr(struct nfsrv_descript *nd fhandle_t fh; int at_root = 0, error = 0, supports_nfsv4acls; struct nfsreferral *refp; - nfsattrbit_t attrbits; + nfsattrbit_t attrbits, tmpbits; struct mount *mp; struct vnode *tvp = NULL; struct vattr va; uint64_t mounted_on_fileno = 0; + accmode_t accmode; if (nd->nd_repstat) return (0); @@ -197,11 +198,20 @@ nfsrvd_getattr(struct nfsrv_descript *nd vput(vp); return (0); } - if (!nd->nd_repstat) - nd->nd_repstat = nfsvno_accchk(vp, - VREAD_ATTRIBUTES, - nd->nd_cred, exp, p, NFSACCCHK_NOOVERRIDE, - NFSACCCHK_VPISLOCKED, NULL); + if (nd->nd_repstat == 0) { + accmode = 0; + NFSSET_ATTRBIT(&tmpbits, &attrbits); + if (NFSISSET_ATTRBIT(&tmpbits, NFSATTRBIT_ACL)) { + NFSCLRBIT_ATTRBIT(&tmpbits, NFSATTRBIT_ACL); + accmode |= VREAD_ACL; + } + if (NFSNONZERO_ATTRBIT(&tmpbits)) + accmode |= VREAD_ATTRIBUTES; + if (accmode != 0) + nd->nd_repstat = nfsvno_accchk(vp, accmode, + nd->nd_cred, exp, p, NFSACCCHK_NOOVERRIDE, + NFSACCCHK_VPISLOCKED, NULL); + } } if (!nd->nd_repstat) nd->nd_repstat = nfsvno_getattr(vp, &nva, nd->nd_cred, p, 1); From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 02:15:43 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0D5CF106566B; Tue, 5 Jul 2011 02:15:43 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id D69C68FC18; Tue, 5 Jul 2011 02:15:42 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p652FgNH043731; Tue, 5 Jul 2011 02:15:42 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p652FggA043729; Tue, 5 Jul 2011 02:15:42 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107050215.p652FggA043729@svn.freebsd.org> From: Rick Macklem Date: Tue, 5 Jul 2011 02:15:42 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223776 - stable/8/usr.sbin/nfsuserd X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 02:15:43 -0000 Author: rmacklem Date: Tue Jul 5 02:15:42 2011 New Revision: 223776 URL: http://svn.freebsd.org/changeset/base/223776 Log: MFC: r223382 Change the NFSv4 nfsuserd daemon so that it doesn't preload the uid<->username mapping cache with an entry when another entry for that uid is already loaded. This fixes a case where the mapping of "toor" would replace "root" when the daemon was started, resulting in no mapping for "root" until the cache entry for "toor" timed out. The algorithm is inefficient, but since it is only done once when the daemon is started up, I don't think that's an issue. Modified: stable/8/usr.sbin/nfsuserd/nfsuserd.c Directory Properties: stable/8/usr.sbin/nfsuserd/ (props changed) Modified: stable/8/usr.sbin/nfsuserd/nfsuserd.c ============================================================================== --- stable/8/usr.sbin/nfsuserd/nfsuserd.c Tue Jul 5 01:58:09 2011 (r223775) +++ stable/8/usr.sbin/nfsuserd/nfsuserd.c Tue Jul 5 02:15:42 2011 (r223776) @@ -76,6 +76,8 @@ static bool_t xdr_retval(XDR *, caddr_t) #define MAXNAME 1024 #define MAXNFSUSERD 20 #define DEFNFSUSERD 4 +#define MAXUSERMAX 100000 +#define MINUSERMAX 10 #define DEFUSERMAX 200 #define DEFUSERTIMEOUT (1 * 60) struct info { @@ -96,8 +98,8 @@ pid_t slaves[MAXNFSUSERD]; int main(int argc, char *argv[]) { - int i; - int error, len, mustfreeai = 0; + int i, j; + int error, fnd_dup, len, mustfreeai = 0, start_uidpos; struct nfsd_idargs nid; struct passwd *pwd; struct group *grp; @@ -107,6 +109,7 @@ main(int argc, char *argv[]) sigset_t signew; char hostname[MAXHOSTNAMELEN + 1], *cp; struct addrinfo *aip, hints; + static uid_t check_dups[MAXUSERMAX]; if (modfind("nfscommon") < 0) { /* Not present in kernel, try loading it */ @@ -163,9 +166,10 @@ main(int argc, char *argv[]) argc--; argv++; i = atoi(*argv); - if (i < 10 || i > 100000) { + if (i < MINUSERMAX || i > MAXUSERMAX) { fprintf(stderr, - "usermax %d out of range 10<->100000\n", i); + "usermax %d out of range %d<->%d\n", i, + MINUSERMAX, MAXUSERMAX); usage(); } nid.nid_usermax = i; @@ -326,8 +330,25 @@ main(int argc, char *argv[]) /* * Loop around adding all users. */ + start_uidpos = i; setpwent(); while (i < nid.nid_usermax && (pwd = getpwent())) { + fnd_dup = 0; + /* + * Yes, this is inefficient, but it is only done once when + * the daemon is started and will run in a fraction of a second + * for nid_usermax at 10000. If nid_usermax is cranked up to + * 100000, it will take several seconds, depending on the CPU. + */ + for (j = 0; j < (i - start_uidpos); j++) + if (check_dups[j] == pwd->pw_uid) { + /* Found another entry for uid, so skip it */ + fnd_dup = 1; + break; + } + if (fnd_dup != 0) + continue; + check_dups[i - start_uidpos] = pwd->pw_uid; nid.nid_uid = pwd->pw_uid; nid.nid_name = pwd->pw_name; nid.nid_namelen = strlen(pwd->pw_name); From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 02:49:30 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5417E106564A; Tue, 5 Jul 2011 02:49:30 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 42CD28FC08; Tue, 5 Jul 2011 02:49:30 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p652nU0P044757; Tue, 5 Jul 2011 02:49:30 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p652nUZv044755; Tue, 5 Jul 2011 02:49:30 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201107050249.p652nUZv044755@svn.freebsd.org> From: Xin LI Date: Tue, 5 Jul 2011 02:49:30 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223777 - stable/8/usr.sbin/ndp X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 02:49:30 -0000 Author: delphij Date: Tue Jul 5 02:49:29 2011 New Revision: 223777 URL: http://svn.freebsd.org/changeset/base/223777 Log: MFC r217140: Use ether_ntoa instead of home-grown version. Noticed by: Boris Kochergin Modified: stable/8/usr.sbin/ndp/ndp.c Directory Properties: stable/8/usr.sbin/ndp/ (props changed) Modified: stable/8/usr.sbin/ndp/ndp.c ============================================================================== --- stable/8/usr.sbin/ndp/ndp.c Tue Jul 5 02:15:42 2011 (r223776) +++ stable/8/usr.sbin/ndp/ndp.c Tue Jul 5 02:49:29 2011 (r223777) @@ -153,7 +153,6 @@ static void getdefif(void); static void setdefif(char *); #endif static char *sec2str(time_t); -static char *ether_str(struct sockaddr_dl *); static void ts_print(const struct timeval *); #ifdef ICMPV6CTL_ND6_DRLIST @@ -820,17 +819,14 @@ getnbrinfo(addr, ifindex, warning) } static char * -ether_str(sdl) - struct sockaddr_dl *sdl; +ether_str(struct sockaddr_dl *sdl) { static char hbuf[NI_MAXHOST]; - u_char *cp; - if (sdl->sdl_alen) { - cp = (u_char *)LLADDR(sdl); - snprintf(hbuf, sizeof(hbuf), "%x:%x:%x:%x:%x:%x", - cp[0], cp[1], cp[2], cp[3], cp[4], cp[5]); - } else + if (sdl->sdl_alen > 0) + strlcpy(hbuf, ether_ntoa((struct ether_addr *)LLADDR(sdl)), + sizeof(hbuf)); + else snprintf(hbuf, sizeof(hbuf), "(incomplete)"); return(hbuf); From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 02:50:28 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 55932106566B; Tue, 5 Jul 2011 02:50:28 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 44AF38FC1B; Tue, 5 Jul 2011 02:50:28 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p652oSxb044834; Tue, 5 Jul 2011 02:50:28 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p652oSj8044832; Tue, 5 Jul 2011 02:50:28 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201107050250.p652oSj8044832@svn.freebsd.org> From: Xin LI Date: Tue, 5 Jul 2011 02:50:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223778 - stable/8/usr.bin/finger X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 02:50:28 -0000 Author: delphij Date: Tue Jul 5 02:50:27 2011 New Revision: 223778 URL: http://svn.freebsd.org/changeset/base/223778 Log: MFC r223374: Staticify cleanup() which is not referenced in other places. Modified: stable/8/usr.bin/finger/net.c Directory Properties: stable/8/usr.bin/finger/ (props changed) Modified: stable/8/usr.bin/finger/net.c ============================================================================== --- stable/8/usr.bin/finger/net.c Tue Jul 5 02:49:29 2011 (r223777) +++ stable/8/usr.bin/finger/net.c Tue Jul 5 02:50:27 2011 (r223778) @@ -230,7 +230,7 @@ trying(const struct addrinfo *ai) printf("Trying %s...\n", buf); } -void +static void cleanup(int sig __unused) { #define ERRSTR "Timed out.\n" From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 02:51:27 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 78549106575A; Tue, 5 Jul 2011 02:51:27 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 6724E8FC1D; Tue, 5 Jul 2011 02:51:27 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p652pRBo044921; Tue, 5 Jul 2011 02:51:27 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p652pRlP044918; Tue, 5 Jul 2011 02:51:27 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201107050251.p652pRlP044918@svn.freebsd.org> From: Xin LI Date: Tue, 5 Jul 2011 02:51:27 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223779 - stable/8/usr.bin/lastcomm X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 02:51:27 -0000 Author: delphij Date: Tue Jul 5 02:51:27 2011 New Revision: 223779 URL: http://svn.freebsd.org/changeset/base/223779 Log: MFC r223375: Remove unneeded headers. Modified: stable/8/usr.bin/lastcomm/lastcomm.c stable/8/usr.bin/lastcomm/readrec.c Directory Properties: stable/8/usr.bin/lastcomm/ (props changed) Modified: stable/8/usr.bin/lastcomm/lastcomm.c ============================================================================== --- stable/8/usr.bin/lastcomm/lastcomm.c Tue Jul 5 02:50:27 2011 (r223778) +++ stable/8/usr.bin/lastcomm/lastcomm.c Tue Jul 5 02:51:27 2011 (r223779) @@ -52,8 +52,6 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include -#include #include #include #include Modified: stable/8/usr.bin/lastcomm/readrec.c ============================================================================== --- stable/8/usr.bin/lastcomm/readrec.c Tue Jul 5 02:50:27 2011 (r223778) +++ stable/8/usr.bin/lastcomm/readrec.c Tue Jul 5 02:51:27 2011 (r223779) @@ -33,13 +33,9 @@ __FBSDID("$FreeBSD$"); #include #include -#include -#include #include -#include #include #include -#include #include int readrec_forward(FILE *f, struct acctv2 *av2); From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 07:05:18 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B6ABE1065670; Tue, 5 Jul 2011 07:05:18 +0000 (UTC) (envelope-from hselasky@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id A55FA8FC08; Tue, 5 Jul 2011 07:05:18 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p6575I6Y052638; Tue, 5 Jul 2011 07:05:18 GMT (envelope-from hselasky@svn.freebsd.org) Received: (from hselasky@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p6575I9v052636; Tue, 5 Jul 2011 07:05:18 GMT (envelope-from hselasky@svn.freebsd.org) Message-Id: <201107050705.p6575I9v052636@svn.freebsd.org> From: Hans Petter Selasky Date: Tue, 5 Jul 2011 07:05:18 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223781 - stable/8/sys/dev/usb/input X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 07:05:18 -0000 Author: hselasky Date: Tue Jul 5 07:05:18 2011 New Revision: 223781 URL: http://svn.freebsd.org/changeset/base/223781 Log: MFC r223728. Fix for missing nomatch event. Modified: stable/8/sys/dev/usb/input/uhid.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/dev/usb/input/uhid.c ============================================================================== --- stable/8/sys/dev/usb/input/uhid.c Tue Jul 5 06:12:28 2011 (r223780) +++ stable/8/sys/dev/usb/input/uhid.c Tue Jul 5 07:05:18 2011 (r223781) @@ -634,6 +634,18 @@ uhid_probe(device_t dev) if (usb_test_quirk(uaa, UQ_HID_IGNORE)) return (ENXIO); + /* + * Don't attach to mouse and keyboard devices, hence then no + * "nomatch" event is generated and then ums and ukbd won't + * attach properly when loaded. + */ + if ((uaa->info.bInterfaceClass == UICLASS_HID) && + (uaa->info.bInterfaceSubClass == UISUBCLASS_BOOT) && + ((uaa->info.bInterfaceProtocol == UIPROTO_BOOT_KEYBOARD) || + (uaa->info.bInterfaceProtocol == UIPROTO_MOUSE))) { + return (ENXIO); + } + return (BUS_PROBE_GENERIC); } From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 10:03:21 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D5665106564A; Tue, 5 Jul 2011 10:03:21 +0000 (UTC) (envelope-from pluknet@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id C4E1D8FC19; Tue, 5 Jul 2011 10:03:21 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p65A3L4O057935; Tue, 5 Jul 2011 10:03:21 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p65A3LmJ057933; Tue, 5 Jul 2011 10:03:21 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201107051003.p65A3LmJ057933@svn.freebsd.org> From: Sergey Kandaurov Date: Tue, 5 Jul 2011 10:03:21 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223782 - stable/8/sys/net X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 10:03:21 -0000 Author: pluknet Date: Tue Jul 5 10:03:21 2011 New Revision: 223782 URL: http://svn.freebsd.org/changeset/base/223782 Log: MFC r223625: Update ifc_len field of struct ifconf passed for the ioctl SIOCGIFCONF32. PR: kern/158369 Modified: stable/8/sys/net/if.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/net/if.c ============================================================================== --- stable/8/sys/net/if.c Tue Jul 5 07:05:18 2011 (r223781) +++ stable/8/sys/net/if.c Tue Jul 5 10:03:21 2011 (r223782) @@ -2527,6 +2527,8 @@ ifioctl(struct socket *so, u_long cmd, c error = ifconf(SIOCGIFCONF, (void *)&ifc); CURVNET_RESTORE(); + if (error == 0) + ifc32->ifc_len = ifc.ifc_len; return (error); } #endif From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 10:21:06 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E02B1106566C; Tue, 5 Jul 2011 10:21:06 +0000 (UTC) (envelope-from pluknet@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id CF9158FC08; Tue, 5 Jul 2011 10:21:06 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p65AL6tB058538; Tue, 5 Jul 2011 10:21:06 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p65AL6VI058536; Tue, 5 Jul 2011 10:21:06 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201107051021.p65AL6VI058536@svn.freebsd.org> From: Sergey Kandaurov Date: Tue, 5 Jul 2011 10:21:06 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223783 - stable/8/etc/rc.d X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 10:21:07 -0000 Author: pluknet Date: Tue Jul 5 10:21:06 2011 New Revision: 223783 URL: http://svn.freebsd.org/changeset/base/223783 Log: MFC r223644: Run load_rc_config early to fix quota knobs expansion. PR: conf/157687 Modified: stable/8/etc/rc.d/quota Directory Properties: stable/8/etc/ (props changed) Modified: stable/8/etc/rc.d/quota ============================================================================== --- stable/8/etc/rc.d/quota Tue Jul 5 10:03:21 2011 (r223782) +++ stable/8/etc/rc.d/quota Tue Jul 5 10:21:06 2011 (r223783) @@ -14,6 +14,7 @@ name="quota" rcvar=`set_rcvar` +load_rc_config $name start_cmd="quota_start" stop_cmd="/usr/sbin/quotaoff ${quotaoff_flags}" @@ -30,5 +31,4 @@ quota_start() echo ' done.' } -load_rc_config $name run_rc_command "$1" From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 14:54:33 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CAF6E106566B; Tue, 5 Jul 2011 14:54:33 +0000 (UTC) (envelope-from jonathan@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id BA8DC8FC0A; Tue, 5 Jul 2011 14:54:33 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p65EsXNY073839; Tue, 5 Jul 2011 14:54:33 GMT (envelope-from jonathan@svn.freebsd.org) Received: (from jonathan@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p65EsXgK073837; Tue, 5 Jul 2011 14:54:33 GMT (envelope-from jonathan@svn.freebsd.org) Message-Id: <201107051454.p65EsXgK073837@svn.freebsd.org> From: Jonathan Anderson Date: Tue, 5 Jul 2011 14:54:33 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223789 - stable/8/sys/kern X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 14:54:33 -0000 Author: jonathan Date: Tue Jul 5 14:54:33 2011 New Revision: 223789 URL: http://svn.freebsd.org/changeset/base/223789 Log: Merge r223505 from HEAD to stable/8: -- Tidy up a capabilities-related comment. This commit refers to an #ifdef that hasn't been merged [yet?]; remove it. Approved by: rwatson -- Modified: stable/8/sys/kern/vfs_subr.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/kern/vfs_subr.c ============================================================================== --- stable/8/sys/kern/vfs_subr.c Tue Jul 5 14:50:06 2011 (r223788) +++ stable/8/sys/kern/vfs_subr.c Tue Jul 5 14:54:33 2011 (r223789) @@ -3567,9 +3567,6 @@ vn_isdisk(struct vnode *vp, int *errp) * and optional call-by-reference privused argument allowing vaccess() * to indicate to the caller whether privilege was used to satisfy the * request (obsoleted). Returns 0 on success, or an errno on failure. - * - * The ifdef'd CAPABILITIES version is here for reference, but is not - * actually used. */ int vaccess(enum vtype type, mode_t file_mode, uid_t file_uid, gid_t file_gid, From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 23:17:27 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DC98F1065670; Tue, 5 Jul 2011 23:17:27 +0000 (UTC) (envelope-from yongari@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id B32548FC16; Tue, 5 Jul 2011 23:17:27 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p65NHRGH089528; Tue, 5 Jul 2011 23:17:27 GMT (envelope-from yongari@svn.freebsd.org) Received: (from yongari@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p65NHRJY089526; Tue, 5 Jul 2011 23:17:27 GMT (envelope-from yongari@svn.freebsd.org) Message-Id: <201107052317.p65NHRJY089526@svn.freebsd.org> From: Pyun YongHyeon Date: Tue, 5 Jul 2011 23:17:27 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223807 - stable/8/sys/dev/fxp X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 23:17:28 -0000 Author: yongari Date: Tue Jul 5 23:17:27 2011 New Revision: 223807 URL: http://svn.freebsd.org/changeset/base/223807 Log: MFC r223608: Disable microcode loading for 82550 and 82550C controllers. Loading the microcode caused SCB timeouts. Linux driver does not allow microcode loading for these controllers and jfv also confirmed that there is no need to do and it shouldn't. PR: kern/103332 Additional confirmation from: jfv Modified: stable/8/sys/dev/fxp/if_fxp.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/dev/fxp/if_fxp.c ============================================================================== --- stable/8/sys/dev/fxp/if_fxp.c Tue Jul 5 20:05:06 2011 (r223806) +++ stable/8/sys/dev/fxp/if_fxp.c Tue Jul 5 23:17:27 2011 (r223807) @@ -3014,8 +3014,10 @@ static uint32_t fxp_ucode_d101a[] = D101 static uint32_t fxp_ucode_d101b0[] = D101_B0_RCVBUNDLE_UCODE; static uint32_t fxp_ucode_d101ma[] = D101M_B_RCVBUNDLE_UCODE; static uint32_t fxp_ucode_d101s[] = D101S_RCVBUNDLE_UCODE; +#ifdef notyet static uint32_t fxp_ucode_d102[] = D102_B_RCVBUNDLE_UCODE; static uint32_t fxp_ucode_d102c[] = D102_C_RCVBUNDLE_UCODE; +#endif static uint32_t fxp_ucode_d102e[] = D102_E_RCVBUNDLE_UCODE; #define UCODE(x) x, sizeof(x)/sizeof(uint32_t) @@ -3033,10 +3035,12 @@ static const struct ucode { D101M_CPUSAVER_DWORD, D101M_CPUSAVER_BUNDLE_MAX_DWORD }, { FXP_REV_82559S_A, UCODE(fxp_ucode_d101s), D101S_CPUSAVER_DWORD, D101S_CPUSAVER_BUNDLE_MAX_DWORD }, +#ifdef notyet { FXP_REV_82550, UCODE(fxp_ucode_d102), D102_B_CPUSAVER_DWORD, D102_B_CPUSAVER_BUNDLE_MAX_DWORD }, { FXP_REV_82550_C, UCODE(fxp_ucode_d102c), D102_C_CPUSAVER_DWORD, D102_C_CPUSAVER_BUNDLE_MAX_DWORD }, +#endif { FXP_REV_82551_F, UCODE(fxp_ucode_d102e), D102_E_CPUSAVER_DWORD, D102_E_CPUSAVER_BUNDLE_MAX_DWORD }, { 0, NULL, 0, 0, 0 } From owner-svn-src-stable-8@FreeBSD.ORG Tue Jul 5 23:30:14 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9254A106564A; Tue, 5 Jul 2011 23:30:14 +0000 (UTC) (envelope-from yongari@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 823A68FC16; Tue, 5 Jul 2011 23:30:14 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p65NUEOY089994; Tue, 5 Jul 2011 23:30:14 GMT (envelope-from yongari@svn.freebsd.org) Received: (from yongari@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p65NUEiv089992; Tue, 5 Jul 2011 23:30:14 GMT (envelope-from yongari@svn.freebsd.org) Message-Id: <201107052330.p65NUEiv089992@svn.freebsd.org> From: Pyun YongHyeon Date: Tue, 5 Jul 2011 23:30:14 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223809 - stable/8/sys/dev/fxp X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2011 23:30:14 -0000 Author: yongari Date: Tue Jul 5 23:30:14 2011 New Revision: 223809 URL: http://svn.freebsd.org/changeset/base/223809 Log: MFC r223610: Enable CPUSaver D102 E-step microcode loading for 82551 revision 0x10. Modified: stable/8/sys/dev/fxp/if_fxp.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/dev/fxp/if_fxp.c ============================================================================== --- stable/8/sys/dev/fxp/if_fxp.c Tue Jul 5 23:18:28 2011 (r223808) +++ stable/8/sys/dev/fxp/if_fxp.c Tue Jul 5 23:30:14 2011 (r223809) @@ -3043,6 +3043,8 @@ static const struct ucode { #endif { FXP_REV_82551_F, UCODE(fxp_ucode_d102e), D102_E_CPUSAVER_DWORD, D102_E_CPUSAVER_BUNDLE_MAX_DWORD }, + { FXP_REV_82551_10, UCODE(fxp_ucode_d102e), + D102_E_CPUSAVER_DWORD, D102_E_CPUSAVER_BUNDLE_MAX_DWORD }, { 0, NULL, 0, 0, 0 } }; From owner-svn-src-stable-8@FreeBSD.ORG Wed Jul 6 00:49:35 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id ED0E0106564A; Wed, 6 Jul 2011 00:49:35 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id DC63E8FC12; Wed, 6 Jul 2011 00:49:35 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p660nZRm092481; Wed, 6 Jul 2011 00:49:35 GMT (envelope-from dougb@svn.freebsd.org) Received: (from dougb@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p660nZXo092479; Wed, 6 Jul 2011 00:49:35 GMT (envelope-from dougb@svn.freebsd.org) Message-Id: <201107060049.p660nZXo092479@svn.freebsd.org> From: Doug Barton Date: Wed, 6 Jul 2011 00:49:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223813 - stable/8/contrib/bind9/lib/isc/sparc64/include/isc X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2011 00:49:36 -0000 Author: dougb Date: Wed Jul 6 00:49:35 2011 New Revision: 223813 URL: http://svn.freebsd.org/changeset/base/223813 Log: Apply bug fixes Submitted by: marius Modified: stable/8/contrib/bind9/lib/isc/sparc64/include/isc/atomic.h Modified: stable/8/contrib/bind9/lib/isc/sparc64/include/isc/atomic.h ============================================================================== --- stable/8/contrib/bind9/lib/isc/sparc64/include/isc/atomic.h Wed Jul 6 00:48:31 2011 (r223812) +++ stable/8/contrib/bind9/lib/isc/sparc64/include/isc/atomic.h Wed Jul 6 00:49:35 2011 (r223813) @@ -72,9 +72,9 @@ isc_atomic_xadd(isc_int32_t *p, isc_int3 for (prev = *(volatile isc_int32_t *)p; ; prev = swapped) { swapped = prev + val; __asm__ volatile( - "casa [%1] %2, %3, %0" - : "+r"(swapped) - : "r"(p), "n"(ASI_P), "r"(prev)); + "casa [%2] %3, %4, %0" + : "+r"(swapped), "=m"(*p) + : "r"(p), "n"(ASI_P), "r"(prev), "m"(*p)); if (swapped == prev) break; } @@ -92,10 +92,9 @@ isc_atomic_store(isc_int32_t *p, isc_int for (prev = *(volatile isc_int32_t *)p; ; prev = swapped) { swapped = val; __asm__ volatile( - "casa [%1] %2, %3, %0" - : "+r"(swapped) - : "r"(p), "n"(ASI_P), "r"(prev) - : "memory"); + "casa [%2] %3, %4, %0" + : "+r"(swapped), "=m"(*p) + : "r"(p), "n"(ASI_P), "r"(prev), "m"(*p)); if (swapped == prev) break; } @@ -111,9 +110,9 @@ isc_atomic_cmpxchg(isc_int32_t *p, isc_i isc_int32_t temp = val; __asm__ volatile( - "casa [%1] %2, %3, %0" - : "+r"(temp) - : "r"(p), "n"(ASI_P), "r"(cmpval)); + "casa [%2] %3, %4, %0" + : "+r"(temp), "=m"(*p) + : "r"(p), "n"(ASI_P), "r"(cmpval), "m"(*p)); return (temp); } From owner-svn-src-stable-8@FreeBSD.ORG Wed Jul 6 00:50:28 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 48503106567C; Wed, 6 Jul 2011 00:50:28 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 1ED6D8FC08; Wed, 6 Jul 2011 00:50:28 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p660oS9h092548; Wed, 6 Jul 2011 00:50:28 GMT (envelope-from dougb@svn.freebsd.org) Received: (from dougb@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p660oSNw092546; Wed, 6 Jul 2011 00:50:28 GMT (envelope-from dougb@svn.freebsd.org) Message-Id: <201107060050.p660oSNw092546@svn.freebsd.org> From: Doug Barton Date: Wed, 6 Jul 2011 00:50:27 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223814 - stable/8/lib/bind X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2011 00:50:28 -0000 Author: dougb Date: Wed Jul 6 00:50:27 2011 New Revision: 223814 URL: http://svn.freebsd.org/changeset/base/223814 Log: Update relevant to the 9.6-ESV-R4-P3 release Modified: stable/8/lib/bind/config.h Modified: stable/8/lib/bind/config.h ============================================================================== --- stable/8/lib/bind/config.h Wed Jul 6 00:49:35 2011 (r223813) +++ stable/8/lib/bind/config.h Wed Jul 6 00:50:27 2011 (r223814) @@ -19,7 +19,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: acconfig.h,v 1.51.334.2 2009/02/16 23:47:15 tbox Exp $ */ +/* $Id: acconfig.h,v 1.51.334.2 2009-02-16 23:47:15 tbox Exp $ */ /*! \file */ @@ -147,9 +147,6 @@ int sigwait(const unsigned int *set, int /* Define if threads need PTHREAD_SCOPE_SYSTEM */ /* #undef NEED_PTHREAD_SCOPE_SYSTEM */ -/* Define if building universal (internal helper macro) */ -/* #undef AC_APPLE_UNIVERSAL_BUILD */ - /* Define if recvmsg() does not meet all of the BSD socket API specifications. */ /* #undef BROKEN_RECVMSG */ @@ -330,9 +327,6 @@ int sigwait(const unsigned int *set, int /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "" -/* Define to the home page for this package. */ -#define PACKAGE_URL "" - /* Define to the version of this package. */ #define PACKAGE_VERSION "" @@ -354,15 +348,11 @@ int sigwait(const unsigned int *set, int /* #undef WITH_IDN */ /* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most - significant byte first (like Motorola and SPARC, unlike Intel). */ -#if defined AC_APPLE_UNIVERSAL_BUILD -# if defined __BIG_ENDIAN__ -# define WORDS_BIGENDIAN 1 -# endif -#else -# ifndef WORDS_BIGENDIAN -/* # undef WORDS_BIGENDIAN */ -# endif + significant byte first (like Motorola and SPARC, unlike Intel and VAX). */ +#if defined __BIG_ENDIAN__ +# define WORDS_BIGENDIAN 1 +#elif ! defined __LITTLE_ENDIAN__ +/* # undef WORDS_BIGENDIAN */ #endif /* Define to empty if `const' does not conform to ANSI C. */ From owner-svn-src-stable-8@FreeBSD.ORG Wed Jul 6 00:50:55 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 74CC8106567A; Wed, 6 Jul 2011 00:50:55 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 62D118FC15; Wed, 6 Jul 2011 00:50:55 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p660ot0i092612; Wed, 6 Jul 2011 00:50:55 GMT (envelope-from dougb@svn.freebsd.org) Received: (from dougb@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p660otTN092598; Wed, 6 Jul 2011 00:50:55 GMT (envelope-from dougb@svn.freebsd.org) Message-Id: <201107060050.p660otTN092598@svn.freebsd.org> From: Doug Barton Date: Wed, 6 Jul 2011 00:50:55 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223815 - in stable/8/contrib/bind9: . bin/named lib/dns lib/dns/include/dns X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2011 00:50:55 -0000 Author: dougb Date: Wed Jul 6 00:50:54 2011 New Revision: 223815 URL: http://svn.freebsd.org/changeset/base/223815 Log: Update to version 9.6-ESV-R4-P3 ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY This update addresses the following vulnerability: CVE-2011-2464 ============= Severity: High Exploitable: Remotely Description: A defect in the affected BIND 9 versions allows an attacker to remotely cause the "named" process to exit using a specially crafted packet. This defect affects both recursive and authoritative servers. The code location of the defect makes it impossible to protect BIND using ACLs configured within named.conf or by disabling any features at compile-time or run-time. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464 https://www.isc.org/software/bind/advisories/cve-2011-2464 Modified: stable/8/contrib/bind9/CHANGES stable/8/contrib/bind9/bin/named/bind9.xsl.h stable/8/contrib/bind9/lib/dns/api stable/8/contrib/bind9/lib/dns/include/dns/masterdump.h stable/8/contrib/bind9/lib/dns/include/dns/rdataset.h stable/8/contrib/bind9/lib/dns/masterdump.c stable/8/contrib/bind9/lib/dns/message.c stable/8/contrib/bind9/lib/dns/ncache.c stable/8/contrib/bind9/lib/dns/rbtdb.c stable/8/contrib/bind9/lib/dns/rdataset.c stable/8/contrib/bind9/lib/dns/resolver.c stable/8/contrib/bind9/lib/dns/validator.c stable/8/contrib/bind9/version Directory Properties: stable/8/contrib/bind9/ (props changed) Modified: stable/8/contrib/bind9/CHANGES ============================================================================== --- stable/8/contrib/bind9/CHANGES Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/CHANGES Wed Jul 6 00:50:54 2011 (r223815) @@ -1,3 +1,16 @@ + --- 9.6-ESV-R4-P3 released --- + +3124. [bug] Use an rdataset attribute flag to indicate + negative-cache records rather than using rrtype 0; + this will prevent problems when that rrtype is + used in actual DNS packets. [RT #24777] + + --- 9.6-ESV-R4-P2 released (withdrawn) --- + +3123. [security] Change #2912 exposed a latent flaw in + dns_rdataset_totext() that could cause named to + crash with an assertion failure. [RT #24777] + --- 9.6-ESV-R4-P1 released --- 3121. [security] An authoritative name server sending a negative Modified: stable/8/contrib/bind9/bin/named/bind9.xsl.h ============================================================================== --- stable/8/contrib/bind9/bin/named/bind9.xsl.h Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/bin/named/bind9.xsl.h Wed Jul 6 00:50:54 2011 (r223815) @@ -1,6 +1,6 @@ /* - * Generated by convertxsl.pl 1.14 2008/07/17 23:43:26 jinmei Exp - * From bind9.xsl 1.19.82.2 2009/01/29 23:47:43 tbox Exp + * Generated by convertxsl.pl 1.14 2008-07-17 23:43:26 jinmei Exp + * From bind9.xsl 1.19.82.2 2009-01-29 23:47:43 tbox Exp */ static char xslmsg[] = "\n" @@ -20,7 +20,7 @@ static char xslmsg[] = " - PERFORMANCE OF THIS SOFTWARE.\n" "-->\n" "\n" - "\n" + "\n" "\n" "type == 0) { + if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { type = rdataset->covers; } else { type = rdataset->type; } - { - unsigned int type_start; - INDENT_TO(type_column); - type_start = target->used; - if (rdataset->type == 0) - RETERR(str_totext("\\-", target)); - result = dns_rdatatype_totext(type, target); - if (result != ISC_R_SUCCESS) - return (result); - column += (target->used - type_start); - } + INDENT_TO(type_column); + type_start = target->used; + if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) + RETERR(str_totext("\\-", target)); + result = dns_rdatatype_totext(type, target); + if (result != ISC_R_SUCCESS) + return (result); + column += (target->used - type_start); /* * Rdata. */ INDENT_TO(rdata_column); - if (rdataset->type == 0) { + if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { if (NXDOMAIN(rdataset)) RETERR(str_totext(";-$NXDOMAIN\n", target)); else @@ -814,7 +812,7 @@ dump_rdatasets_text(isc_mem_t *mctx, dns if (ctx->style.flags & DNS_STYLEFLAG_TRUST) { fprintf(f, "; %s\n", dns_trust_totext(rds->trust)); } - if (rds->type == 0 && + if (((rds->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) && (ctx->style.flags & DNS_STYLEFLAG_NCACHE) == 0) { /* Omit negative cache entries */ } else { @@ -979,7 +977,7 @@ dump_rdatasets_raw(isc_mem_t *mctx, dns_ dns_rdataset_init(&rdataset); dns_rdatasetiter_current(rdsiter, &rdataset); - if (rdataset.type == 0 && + if (((rdataset.attributes & DNS_RDATASETATTR_NEGATIVE) != 0) && (ctx->style.flags & DNS_STYLEFLAG_NCACHE) == 0) { /* Omit negative cache entries */ } else { Modified: stable/8/contrib/bind9/lib/dns/message.c ============================================================================== --- stable/8/contrib/bind9/lib/dns/message.c Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/lib/dns/message.c Wed Jul 6 00:50:54 2011 (r223815) @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: message.c,v 1.245.50.7 2010-06-03 05:29:03 marka Exp $ */ +/* $Id: message.c,v 1.245.50.7.6.3 2011-06-21 20:13:22 each Exp $ */ /*! \file */ @@ -2469,7 +2469,7 @@ dns_message_peekheader(isc_buffer_t *sou isc_result_t dns_message_reply(dns_message_t *msg, isc_boolean_t want_question_section) { - unsigned int first_section; + unsigned int clear_after; isc_result_t result; REQUIRE(DNS_MESSAGE_VALID(msg)); @@ -2481,15 +2481,15 @@ dns_message_reply(dns_message_t *msg, is msg->opcode != dns_opcode_notify) want_question_section = ISC_FALSE; if (msg->opcode == dns_opcode_update) - first_section = DNS_SECTION_ADDITIONAL; + clear_after = DNS_SECTION_PREREQUISITE; else if (want_question_section) { if (!msg->question_ok) return (DNS_R_FORMERR); - first_section = DNS_SECTION_ANSWER; + clear_after = DNS_SECTION_ANSWER; } else - first_section = DNS_SECTION_QUESTION; + clear_after = DNS_SECTION_QUESTION; msg->from_to_wire = DNS_MESSAGE_INTENTRENDER; - msgresetnames(msg, first_section); + msgresetnames(msg, clear_after); msgresetopt(msg); msgresetsigs(msg, ISC_TRUE); msginitprivate(msg); Modified: stable/8/contrib/bind9/lib/dns/ncache.c ============================================================================== --- stable/8/contrib/bind9/lib/dns/ncache.c Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/lib/dns/ncache.c Wed Jul 6 00:50:54 2011 (r223815) @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004, 2005, 2007, 2008, 2010 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004, 2005, 2007, 2008, 2010, 2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: ncache.c,v 1.43.48.7.6.1 2011-05-27 00:19:19 each Exp $ */ +/* $Id: ncache.c,v 1.43.48.7.6.3 2011-06-21 20:13:22 each Exp $ */ /*! \file */ @@ -294,6 +294,7 @@ dns_ncache_addoptout(dns_message_t *mess RUNTIME_CHECK(dns_rdatalist_tordataset(&ncrdatalist, &ncrdataset) == ISC_R_SUCCESS); ncrdataset.trust = trust; + ncrdataset.attributes |= DNS_RDATASETATTR_NEGATIVE; if (message->rcode == dns_rcode_nxdomain) ncrdataset.attributes |= DNS_RDATASETATTR_NXDOMAIN; if (optout) @@ -324,6 +325,7 @@ dns_ncache_towire(dns_rdataset_t *rdatas REQUIRE(rdataset != NULL); REQUIRE(rdataset->type == 0); + REQUIRE((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0); savedbuffer = *target; count = 0; @@ -552,6 +554,7 @@ dns_ncache_getrdataset(dns_rdataset_t *n REQUIRE(ncacherdataset != NULL); REQUIRE(ncacherdataset->type == 0); + REQUIRE((ncacherdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0); REQUIRE(name != NULL); REQUIRE(!dns_rdataset_isassociated(rdataset)); REQUIRE(type != dns_rdatatype_rrsig); @@ -628,6 +631,7 @@ dns_ncache_getsigrdataset(dns_rdataset_t REQUIRE(ncacherdataset != NULL); REQUIRE(ncacherdataset->type == 0); + REQUIRE((ncacherdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0); REQUIRE(name != NULL); REQUIRE(!dns_rdataset_isassociated(rdataset)); @@ -727,6 +731,7 @@ dns_ncache_current(dns_rdataset_t *ncach REQUIRE(ncacherdataset != NULL); REQUIRE(ncacherdataset->type == 0); + REQUIRE((ncacherdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0); REQUIRE(found != NULL); REQUIRE(!dns_rdataset_isassociated(rdataset)); Modified: stable/8/contrib/bind9/lib/dns/rbtdb.c ============================================================================== --- stable/8/contrib/bind9/lib/dns/rbtdb.c Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/lib/dns/rbtdb.c Wed Jul 6 00:50:54 2011 (r223815) @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rbtdb.c,v 1.270.12.26 2010-12-02 05:09:58 marka Exp $ */ +/* $Id: rbtdb.c,v 1.270.12.26.4.1 2011-06-21 20:13:23 each Exp $ */ /*! \file */ @@ -278,6 +278,7 @@ typedef ISC_LIST(dns_rbtnode_t) #define RDATASET_ATTR_RESIGN 0x0020 #define RDATASET_ATTR_STATCOUNT 0x0040 #define RDATASET_ATTR_OPTOUT 0x0080 +#define RDATASET_ATTR_NEGATIVE 0x0100 typedef struct acache_cbarg { dns_rdatasetadditional_t type; @@ -316,6 +317,8 @@ struct acachectl { (((header)->attributes & RDATASET_ATTR_RESIGN) != 0) #define OPTOUT(header) \ (((header)->attributes & RDATASET_ATTR_OPTOUT) != 0) +#define NEGATIVE(header) \ + (((header)->attributes & RDATASET_ATTR_NEGATIVE) != 0) #define DEFAULT_NODE_LOCK_COUNT 7 /*%< Should be prime. */ @@ -391,12 +394,15 @@ typedef ISC_LIST(rbtdb_version_t) typedef struct { /* Unlocked. */ dns_db_t common; + /* Locks the data in this struct */ #if DNS_RBTDB_USERWLOCK isc_rwlock_t lock; #else isc_mutex_t lock; #endif + /* Locks the tree structure (prevents nodes appearing/disappearing) */ isc_rwlock_t tree_lock; + /* Locks for individual tree nodes */ unsigned int node_lock_count; rbtdb_nodelock_t * node_locks; dns_rbtnode_t * origin_node; @@ -689,11 +695,13 @@ update_rrsetstats(dns_rbtdb_t *rbtdb, rd /* At the moment we count statistics only for cache DB */ INSIST(IS_CACHE(rbtdb)); - if (NXDOMAIN(header)) - statattributes = DNS_RDATASTATSTYPE_ATTR_NXDOMAIN; - else if (RBTDB_RDATATYPE_BASE(header->type) == 0) { - statattributes = DNS_RDATASTATSTYPE_ATTR_NXRRSET; - base = RBTDB_RDATATYPE_EXT(header->type); + if (NEGATIVE(header)) { + if (NXDOMAIN(header)) + statattributes = DNS_RDATASTATSTYPE_ATTR_NXDOMAIN; + else { + statattributes = DNS_RDATASTATSTYPE_ATTR_NXRRSET; + base = RBTDB_RDATATYPE_EXT(header->type); + } } else base = RBTDB_RDATATYPE_BASE(header->type); @@ -2727,6 +2735,8 @@ bind_rdataset(dns_rbtdb_t *rbtdb, dns_rb rdataset->covers = RBTDB_RDATATYPE_EXT(header->type); rdataset->ttl = header->rdh_ttl - now; rdataset->trust = header->trust; + if (NEGATIVE(header)) + rdataset->attributes |= DNS_RDATASETATTR_NEGATIVE; if (NXDOMAIN(header)) rdataset->attributes |= DNS_RDATASETATTR_NXDOMAIN; if (OPTOUT(header)) @@ -4636,7 +4646,7 @@ cache_find(dns_db_t *db, dns_name_t *nam *nodep = node; } - if (RBTDB_RDATATYPE_BASE(found->type) == 0) { + if (NEGATIVE(found)) { /* * We found a negative cache entry. */ @@ -5305,7 +5315,7 @@ cache_findrdataset(dns_db_t *db, dns_dbn if (found == NULL) return (ISC_R_NOTFOUND); - if (RBTDB_RDATATYPE_BASE(found->type) == 0) { + if (NEGATIVE(found)) { /* * We found a negative cache entry. */ @@ -5516,7 +5526,7 @@ add(dns_rbtdb_t *rbtdb, dns_rbtnode_t *r negtype = 0; if (rbtversion == NULL && !newheader_nx) { rdtype = RBTDB_RDATATYPE_BASE(newheader->type); - if (rdtype == 0) { + if (NEGATIVE(newheader)) { /* * We're adding a negative cache entry. */ @@ -6056,6 +6066,8 @@ addrdataset(dns_db_t *db, dns_dbnode_t * } else { newheader->serial = 1; newheader->resign = 0; + if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) + newheader->attributes |= RDATASET_ATTR_NEGATIVE; if ((rdataset->attributes & DNS_RDATASETATTR_NXDOMAIN) != 0) newheader->attributes |= RDATASET_ATTR_NXDOMAIN; if ((rdataset->attributes & DNS_RDATASETATTR_OPTOUT) != 0) @@ -6780,7 +6792,7 @@ getsigningtime(dns_db_t *db, dns_rdatase REQUIRE(VALID_RBTDB(rbtdb)); - RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_read); + RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_read); for (i = 0; i < rbtdb->node_lock_count; i++) { NODE_LOCK(&rbtdb->node_locks[i].lock, isc_rwlocktype_read); @@ -6816,7 +6828,7 @@ getsigningtime(dns_db_t *db, dns_rdatase result = ISC_R_SUCCESS; unlock: - RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_read); + RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_read); return (result); } @@ -6838,7 +6850,7 @@ resigned(dns_db_t *db, dns_rdataset_t *r header = rdataset->private3; header--; - RBTDB_LOCK(&rbtdb->lock, isc_rwlocktype_write); + RWLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); NODE_LOCK(&rbtdb->node_locks[node->locknum].lock, isc_rwlocktype_write); /* @@ -6852,7 +6864,7 @@ resigned(dns_db_t *db, dns_rdataset_t *r NODE_UNLOCK(&rbtdb->node_locks[node->locknum].lock, isc_rwlocktype_write); - RBTDB_UNLOCK(&rbtdb->lock, isc_rwlocktype_write); + RWUNLOCK(&rbtdb->tree_lock, isc_rwlocktype_write); } static dns_stats_t * @@ -7638,7 +7650,7 @@ rdatasetiter_next(dns_rdatasetiter_t *it type = header->type; rdtype = RBTDB_RDATATYPE_BASE(header->type); - if (rdtype == 0) { + if (NEGATIVE(header)) { covers = RBTDB_RDATATYPE_EXT(header->type); negtype = RBTDB_RDATATYPE_VALUE(covers, 0); } else Modified: stable/8/contrib/bind9/lib/dns/rdataset.c ============================================================================== --- stable/8/contrib/bind9/lib/dns/rdataset.c Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/lib/dns/rdataset.c Wed Jul 6 00:50:54 2011 (r223815) @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 1999-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: rdataset.c,v 1.82.50.4.6.1 2011-05-27 00:19:19 each Exp $ */ +/* $Id: rdataset.c,v 1.82.50.4.6.3 2011-06-21 20:13:23 each Exp $ */ /*! \file */ @@ -345,7 +345,7 @@ towiresorted(dns_rdataset_t *rdataset, c count = 1; result = dns_rdataset_first(rdataset); INSIST(result == ISC_R_NOMORE); - } else if (rdataset->type == 0) { + } else if ((rdataset->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) { /* * This is a negative caching rdataset. */ Modified: stable/8/contrib/bind9/lib/dns/resolver.c ============================================================================== --- stable/8/contrib/bind9/lib/dns/resolver.c Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/lib/dns/resolver.c Wed Jul 6 00:50:54 2011 (r223815) @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: resolver.c,v 1.384.14.30 2011-01-27 23:45:47 tbox Exp $ */ +/* $Id: resolver.c,v 1.384.14.30.4.1 2011-06-21 20:13:23 each Exp $ */ /*! \file */ @@ -424,6 +424,7 @@ struct dns_resolver { FCTX_ADDRINFO_TRIED) != 0) #define NXDOMAIN(r) (((r)->attributes & DNS_RDATASETATTR_NXDOMAIN) != 0) +#define NEGATIVE(r) (((r)->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) static void destroy(dns_resolver_t *res); static void empty_bucket(dns_resolver_t *res); @@ -1047,7 +1048,7 @@ fctx_sendevents(fetchctx_t *fctx, isc_re * Negative results must be indicated in event->result. */ if (dns_rdataset_isassociated(event->rdataset) && - event->rdataset->type == dns_rdatatype_none) { + NEGATIVE(event->rdataset)) { INSIST(event->result == DNS_R_NCACHENXDOMAIN || event->result == DNS_R_NCACHENXRRSET); } @@ -4177,7 +4178,7 @@ validated(isc_task_t *task, isc_event_t if (result != ISC_R_SUCCESS && result != DNS_R_UNCHANGED) goto noanswer_response; - if (ardataset != NULL && ardataset->type == 0) { + if (ardataset != NULL && NEGATIVE(ardataset)) { if (NXDOMAIN(ardataset)) eresult = DNS_R_NCACHENXDOMAIN; else @@ -4498,7 +4499,7 @@ cache_name(fetchctx_t *fctx, dns_name_t result = ISC_R_SUCCESS; if (!need_validation && ardataset != NULL && - ardataset->type == 0) { + NEGATIVE(ardataset)) { /* * The answer in the cache is * better than the answer we @@ -4628,7 +4629,7 @@ cache_name(fetchctx_t *fctx, dns_name_t if (result == DNS_R_UNCHANGED) { if (ANSWER(rdataset) && ardataset != NULL && - ardataset->type == 0) { + NEGATIVE(ardataset)) { /* * The answer in the cache is better * than the answer we found, and is @@ -4658,7 +4659,7 @@ cache_name(fetchctx_t *fctx, dns_name_t * Negative results must be indicated in event->result. */ if (dns_rdataset_isassociated(event->rdataset) && - event->rdataset->type == dns_rdatatype_none) { + NEGATIVE(event->rdataset)) { INSIST(eresult == DNS_R_NCACHENXDOMAIN || eresult == DNS_R_NCACHENXRRSET); } @@ -4738,7 +4739,7 @@ ncache_adderesult(dns_message_t *message * care about whether it is DNS_R_NCACHENXDOMAIN or * DNS_R_NCACHENXRRSET then extract it. */ - if (ardataset->type == 0) { + if (NEGATIVE(ardataset)) { /* * The cache data is a negative cache entry. */ Modified: stable/8/contrib/bind9/lib/dns/validator.c ============================================================================== --- stable/8/contrib/bind9/lib/dns/validator.c Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/lib/dns/validator.c Wed Jul 6 00:50:54 2011 (r223815) @@ -1,5 +1,5 @@ /* - * Copyright (C) 2004-2010 Internet Systems Consortium, Inc. ("ISC") + * Copyright (C) 2004-2011 Internet Systems Consortium, Inc. ("ISC") * Copyright (C) 2000-2003 Internet Software Consortium. * * Permission to use, copy, modify, and/or distribute this software for any @@ -15,7 +15,7 @@ * PERFORMANCE OF THIS SOFTWARE. */ -/* $Id: validator.c,v 1.164.12.23.4.1 2011-05-27 00:19:19 each Exp $ */ +/* $Id: validator.c,v 1.164.12.23.4.3 2011-06-21 20:13:23 each Exp $ */ #include @@ -129,6 +129,8 @@ #define SHUTDOWN(v) (((v)->attributes & VALATTR_SHUTDOWN) != 0) #define CANCELED(v) (((v)->attributes & VALATTR_CANCELED) != 0) +#define NEGATIVE(r) (((r)->attributes & DNS_RDATASETATTR_NEGATIVE) != 0) + static void destroy(dns_validator_t *val); @@ -733,7 +735,7 @@ dsvalidated(isc_task_t *task, isc_event_ name = dns_fixedname_name(&val->fname); if ((val->attributes & VALATTR_INSECURITY) != 0 && val->frdataset.covers == dns_rdatatype_ds && - val->frdataset.type == 0 && + NEGATIVE(&val->frdataset) && isdelegation(name, &val->frdataset, DNS_R_NCACHENXRRSET)) { if (val->mustbesecure) { validator_log(val, ISC_LOG_WARNING, @@ -3909,7 +3911,7 @@ validator_start(isc_task_t *task, isc_ev val->attributes |= VALATTR_NEEDNODATA; result = nsecvalidate(val, ISC_FALSE); } else if (val->event->rdataset != NULL && - val->event->rdataset->type == 0) + NEGATIVE(val->event->rdataset)) { /* * This is a nonexistence validation. Modified: stable/8/contrib/bind9/version ============================================================================== --- stable/8/contrib/bind9/version Wed Jul 6 00:50:27 2011 (r223814) +++ stable/8/contrib/bind9/version Wed Jul 6 00:50:54 2011 (r223815) @@ -1,4 +1,4 @@ -# $Id: version,v 1.43.12.11.2.2.2.1 2011-05-27 00:19:16 each Exp $ +# $Id: version,v 1.43.12.11.2.2.2.3 2011-06-21 20:35:59 each Exp $ # # This file must follow /bin/sh rules. It is imported directly via # configure. @@ -7,4 +7,4 @@ MAJORVER=9 MINORVER=6 PATCHVER= RELEASETYPE=-ESV -RELEASEVER=-R4-P1 +RELEASEVER=-R4-P3 From owner-svn-src-stable-8@FreeBSD.ORG Wed Jul 6 05:40:23 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 491AC1065673; Wed, 6 Jul 2011 05:40:23 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 2E19F8FC08; Wed, 6 Jul 2011 05:40:23 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p665eNrB001603; Wed, 6 Jul 2011 05:40:23 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p665eNpQ001601; Wed, 6 Jul 2011 05:40:23 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201107060540.p665eNpQ001601@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Wed, 6 Jul 2011 05:40:23 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223816 - stable/8/sys/geom/part X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2011 05:40:23 -0000 Author: ae Date: Wed Jul 6 05:40:22 2011 New Revision: 223816 URL: http://svn.freebsd.org/changeset/base/223816 Log: MFC r223660: Initialize elements of state array when creating the GPT table. This fixes the problem, when the secondary GPT header is not erased when partition table destroyed. Move equal operations from g_part_gpt_create and g_part_gpt_recover to the separate function g_gpt_set_defaults. Modified: stable/8/sys/geom/part/g_part_gpt.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/geom/part/g_part_gpt.c ============================================================================== --- stable/8/sys/geom/part/g_part_gpt.c Wed Jul 6 00:50:54 2011 (r223815) +++ stable/8/sys/geom/part/g_part_gpt.c Wed Jul 6 05:40:22 2011 (r223816) @@ -85,6 +85,7 @@ struct g_part_gpt_entry { static void g_gpt_printf_utf16(struct sbuf *, uint16_t *, size_t); static void g_gpt_utf8_to_utf16(const uint8_t *, uint16_t *, size_t); +static void g_gpt_set_defaults(struct g_part_table *, struct g_provider *); static int g_part_gpt_add(struct g_part_table *, struct g_part_entry *, struct g_part_parms *); @@ -490,12 +491,7 @@ g_part_gpt_create(struct g_part_table *b table->mbr[DOSPARTOFF + 6] = 0xff; /* esect */ table->mbr[DOSPARTOFF + 7] = 0xff; /* ecyl */ le32enc(table->mbr + DOSPARTOFF + 8, 1); /* start */ - le32enc(table->mbr + DOSPARTOFF + 12, MIN(last, 0xffffffffLL)); - - table->lba[GPT_ELT_PRIHDR] = 1; - table->lba[GPT_ELT_PRITBL] = 2; - table->lba[GPT_ELT_SECHDR] = last; - table->lba[GPT_ELT_SECTBL] = last - tblsz; + le32enc(table->mbr + DOSPARTOFF + 12, MIN(last, UINT32_MAX)); /* Allocate space for the header */ table->hdr = g_malloc(sizeof(struct gpt_hdr), M_WAITOK | M_ZERO); @@ -503,14 +499,11 @@ g_part_gpt_create(struct g_part_table *b bcopy(GPT_HDR_SIG, table->hdr->hdr_sig, sizeof(table->hdr->hdr_sig)); table->hdr->hdr_revision = GPT_HDR_REVISION; table->hdr->hdr_size = offsetof(struct gpt_hdr, padding); - table->hdr->hdr_lba_start = 2 + tblsz; - table->hdr->hdr_lba_end = last - tblsz - 1; kern_uuidgen(&table->hdr->hdr_uuid, 1); table->hdr->hdr_entries = basetable->gpt_entries; table->hdr->hdr_entsz = sizeof(struct gpt_ent); - basetable->gpt_first = table->hdr->hdr_lba_start; - basetable->gpt_last = table->hdr->hdr_lba_end; + g_gpt_set_defaults(basetable, pp); return (0); } @@ -812,32 +805,10 @@ g_part_gpt_read(struct g_part_table *bas static int g_part_gpt_recover(struct g_part_table *basetable) { - struct g_part_gpt_table *table; - struct g_provider *pp; - uint64_t last; - size_t tblsz; - - table = (struct g_part_gpt_table *)basetable; - pp = LIST_FIRST(&basetable->gpt_gp->consumer)->provider; - last = pp->mediasize / pp->sectorsize - 1; - tblsz = (table->hdr->hdr_entries * table->hdr->hdr_entsz + - pp->sectorsize - 1) / pp->sectorsize; - - table->lba[GPT_ELT_PRIHDR] = 1; - table->lba[GPT_ELT_PRITBL] = 2; - table->lba[GPT_ELT_SECHDR] = last; - table->lba[GPT_ELT_SECTBL] = last - tblsz; - table->state[GPT_ELT_PRIHDR] = GPT_STATE_OK; - table->state[GPT_ELT_PRITBL] = GPT_STATE_OK; - table->state[GPT_ELT_SECHDR] = GPT_STATE_OK; - table->state[GPT_ELT_SECTBL] = GPT_STATE_OK; - table->hdr->hdr_lba_start = 2 + tblsz; - table->hdr->hdr_lba_end = last - tblsz - 1; - basetable->gpt_first = table->hdr->hdr_lba_start; - basetable->gpt_last = table->hdr->hdr_lba_end; + g_gpt_set_defaults(basetable, + LIST_FIRST(&basetable->gpt_gp->consumer)->provider); basetable->gpt_corrupt = 0; - return (0); } @@ -1036,6 +1007,34 @@ g_part_gpt_write(struct g_part_table *ba } static void +g_gpt_set_defaults(struct g_part_table *basetable, struct g_provider *pp) +{ + struct g_part_gpt_table *table; + quad_t last; + size_t tblsz; + + table = (struct g_part_gpt_table *)basetable; + last = pp->mediasize / pp->sectorsize - 1; + tblsz = (basetable->gpt_entries * sizeof(struct gpt_ent) + + pp->sectorsize - 1) / pp->sectorsize; + + table->lba[GPT_ELT_PRIHDR] = 1; + table->lba[GPT_ELT_PRITBL] = 2; + table->lba[GPT_ELT_SECHDR] = last; + table->lba[GPT_ELT_SECTBL] = last - tblsz; + table->state[GPT_ELT_PRIHDR] = GPT_STATE_OK; + table->state[GPT_ELT_PRITBL] = GPT_STATE_OK; + table->state[GPT_ELT_SECHDR] = GPT_STATE_OK; + table->state[GPT_ELT_SECTBL] = GPT_STATE_OK; + + table->hdr->hdr_lba_start = 2 + tblsz; + table->hdr->hdr_lba_end = last - tblsz - 1; + + basetable->gpt_first = table->hdr->hdr_lba_start; + basetable->gpt_last = table->hdr->hdr_lba_end; +} + +static void g_gpt_printf_utf16(struct sbuf *sb, uint16_t *str, size_t len) { u_int bo; From owner-svn-src-stable-8@FreeBSD.ORG Wed Jul 6 05:42:53 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1DD51106564A; Wed, 6 Jul 2011 05:42:53 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 0C9CD8FC1D; Wed, 6 Jul 2011 05:42:53 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p665gqve001725; Wed, 6 Jul 2011 05:42:52 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p665gqhi001722; Wed, 6 Jul 2011 05:42:52 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201107060542.p665gqhi001722@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Wed, 6 Jul 2011 05:42:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223817 - stable/8/sys/netinet/ipfw X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2011 05:42:53 -0000 Author: ae Date: Wed Jul 6 05:42:52 2011 New Revision: 223817 URL: http://svn.freebsd.org/changeset/base/223817 Log: MFC r223358: Do not use SET_HOST_IPLEN() macro for IPv6 packets. PR: kern/157239 Modified: stable/8/sys/netinet/ipfw/ip_dn_io.c stable/8/sys/netinet/ipfw/ip_fw_pfil.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/netinet/ipfw/ip_dn_io.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_dn_io.c Wed Jul 6 05:40:22 2011 (r223816) +++ stable/8/sys/netinet/ipfw/ip_dn_io.c Wed Jul 6 05:42:52 2011 (r223817) @@ -664,7 +664,6 @@ dummynet_send(struct mbuf *m) break; case DIR_OUT | PROTO_IPV6: - SET_HOST_IPLEN(mtod(m, struct ip *)); ip6_output(m, NULL, NULL, IPV6_FORWARDING, NULL, NULL, NULL); break; #endif Modified: stable/8/sys/netinet/ipfw/ip_fw_pfil.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw_pfil.c Wed Jul 6 05:40:22 2011 (r223816) +++ stable/8/sys/netinet/ipfw/ip_fw_pfil.c Wed Jul 6 05:42:52 2011 (r223817) @@ -127,8 +127,9 @@ again: args.rule = *((struct ipfw_rule_ref *)(tag+1)); m_tag_delete(*m0, tag); if (args.rule.info & IPFW_ONEPASS) { - SET_HOST_IPLEN(mtod(*m0, struct ip *)); - return 0; + if (mtod(*m0, struct ip *)->ip_v == 4) + SET_HOST_IPLEN(mtod(*m0, struct ip *)); + return (0); } } From owner-svn-src-stable-8@FreeBSD.ORG Wed Jul 6 06:56:31 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id BBF9B106564A; Wed, 6 Jul 2011 06:56:31 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id AAA8C8FC14; Wed, 6 Jul 2011 06:56:31 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p666uVxH003914; Wed, 6 Jul 2011 06:56:31 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p666uVQd003912; Wed, 6 Jul 2011 06:56:31 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201107060656.p666uVQd003912@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Wed, 6 Jul 2011 06:56:31 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223819 - stable/8/sys/netinet/ipfw X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2011 06:56:31 -0000 Author: ae Date: Wed Jul 6 06:56:31 2011 New Revision: 223819 URL: http://svn.freebsd.org/changeset/base/223819 Log: MFC r222582: O_FORWARD_IP is only action which depends from the result of lookup of dynamic rules. We are doing forwarding in the following cases: o For the simple ipfw fwd rule, e.g. fwd 10.0.0.1 ip from any to any out xmit em0 fwd 127.0.0.1,3128 tcp from any to any 80 in recv em1 o For the dynamic fwd rule, e.g. fwd 192.168.0.1 tcp from any to 10.0.0.3 3333 setup keep-state When this rule triggers it creates a dynamic rule, but this dynamic rule should forward packets only in forward direction. o And the last case that does not work before - simple fwd rule which triggers when some dynamic rule is already executed. PR: kern/136695, kern/147720, kern/150798 Modified: stable/8/sys/netinet/ipfw/ip_fw2.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/netinet/ipfw/ip_fw2.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw2.c Wed Jul 6 06:34:08 2011 (r223818) +++ stable/8/sys/netinet/ipfw/ip_fw2.c Wed Jul 6 06:56:31 2011 (r223819) @@ -2070,7 +2070,8 @@ do { \ case O_FORWARD_IP: if (args->eh) /* not valid on layer2 pkts */ break; - if (!q || dyn_dir == MATCH_FORWARD) { + if (q == NULL || q->rule != f || + dyn_dir == MATCH_FORWARD) { struct sockaddr_in *sa; sa = &(((ipfw_insn_sa *)cmd)->sa); if (sa->sin_addr.s_addr == INADDR_ANY) { From owner-svn-src-stable-8@FreeBSD.ORG Wed Jul 6 07:13:29 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2C00B106566C; Wed, 6 Jul 2011 07:13:29 +0000 (UTC) (envelope-from hselasky@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 1AC0B8FC12; Wed, 6 Jul 2011 07:13:29 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p667DSAd004581; Wed, 6 Jul 2011 07:13:28 GMT (envelope-from hselasky@svn.freebsd.org) Received: (from hselasky@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p667DSgn004579; Wed, 6 Jul 2011 07:13:28 GMT (envelope-from hselasky@svn.freebsd.org) Message-Id: <201107060713.p667DSgn004579@svn.freebsd.org> From: Hans Petter Selasky Date: Wed, 6 Jul 2011 07:13:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223821 - stable/8/sys/dev/uart X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Jul 2011 07:13:29 -0000 Author: hselasky Date: Wed Jul 6 07:13:28 2011 New Revision: 223821 URL: http://svn.freebsd.org/changeset/base/223821 Log: MFC r223672: Add support for new UART PCI device. Modified: stable/8/sys/dev/uart/uart_bus_pci.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/dev/uart/uart_bus_pci.c ============================================================================== --- stable/8/sys/dev/uart/uart_bus_pci.c Wed Jul 6 06:57:07 2011 (r223820) +++ stable/8/sys/dev/uart/uart_bus_pci.c Wed Jul 6 07:13:28 2011 (r223821) @@ -112,6 +112,8 @@ static struct pci_id pci_ns8250_ids[] = { 0x151f, 0x0000, 0xffff, 0, "TOPIC Semiconductor TP560 56k modem", 0x10 }, { 0x9710, 0x9835, 0x1000, 1, "NetMos NM9835 Serial Port", 0x10 }, { 0x9710, 0x9865, 0xa000, 0x1000, "NetMos NM9865 Serial Port", 0x10 }, +{ 0x9710, 0x9900, 0xa000, 0x1000, + "MosChip MCS9900 PCIe to Peripheral Controller", 0x10 }, { 0x9710, 0x9901, 0xa000, 0x1000, "MosChip MCS9901 PCIe to Peripheral Controller", 0x10 }, { 0xdeaf, 0x9051, 0xffff, 0, "Middle Digital PC Weasel Serial Port", 0x10 }, From owner-svn-src-stable-8@FreeBSD.ORG Thu Jul 7 00:14:20 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 8E9CD1065769; Thu, 7 Jul 2011 00:14:20 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 7EB468FC14; Thu, 7 Jul 2011 00:14:20 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p670EKVI037504; Thu, 7 Jul 2011 00:14:20 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p670EKtk037502; Thu, 7 Jul 2011 00:14:20 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107070014.p670EKtk037502@svn.freebsd.org> From: Rick Macklem Date: Thu, 7 Jul 2011 00:14:20 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223829 - stable/8/sys/fs/nfs X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2011 00:14:20 -0000 Author: rmacklem Date: Thu Jul 7 00:14:20 2011 New Revision: 223829 URL: http://svn.freebsd.org/changeset/base/223829 Log: MFC: r223436 Fix the new NFSv4 client so that it uses the same uid as was used for doing a mount when performing system operations on AUTH_SYS mounts. This resolved an issue when mounting a Linux server. Found during testing at the recent NFSv4 interoperability Bakeathon. Modified: stable/8/sys/fs/nfs/nfs_commonkrpc.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/fs/nfs/nfs_commonkrpc.c ============================================================================== --- stable/8/sys/fs/nfs/nfs_commonkrpc.c Wed Jul 6 22:38:09 2011 (r223828) +++ stable/8/sys/fs/nfs/nfs_commonkrpc.c Thu Jul 7 00:14:20 2011 (r223829) @@ -503,6 +503,20 @@ newnfs_request(struct nfsrv_descript *nd else secflavour = RPCSEC_GSS_KRB5; srv_principal = NFSMNT_SRVKRBNAME(nmp); + } else if (nmp != NULL && !NFSHASKERB(nmp) && + nd->nd_procnum != NFSPROC_NULL && + (nd->nd_flag & ND_USEGSSNAME) != 0) { + /* + * Use the uid that did the mount when the RPC is doing + * NFSv4 system operations, as indicated by the + * ND_USEGSSNAME flag, for the AUTH_SYS case. + */ + saved_uid = cred->cr_uid; + if (nmp->nm_uid != (uid_t)-1) + cred->cr_uid = nmp->nm_uid; + else + cred->cr_uid = 0; + set_uid = 1; } if (nmp != NULL) { From owner-svn-src-stable-8@FreeBSD.ORG Thu Jul 7 00:30:35 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4F6BC1065676; Thu, 7 Jul 2011 00:30:35 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 3FE328FC19; Thu, 7 Jul 2011 00:30:35 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p670UZLF038068; Thu, 7 Jul 2011 00:30:35 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p670UZfL038066; Thu, 7 Jul 2011 00:30:35 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107070030.p670UZfL038066@svn.freebsd.org> From: Rick Macklem Date: Thu, 7 Jul 2011 00:30:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223830 - stable/8/sys/fs/nfs X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2011 00:30:35 -0000 Author: rmacklem Date: Thu Jul 7 00:30:34 2011 New Revision: 223830 URL: http://svn.freebsd.org/changeset/base/223830 Log: MFC: r223441 Plug an mbuf leak in the new NFS client that occurred when a server replied NFS3ERR_JUKEBOX/NFS4ERR_DELAY to an rpc. This affected both NFSv3 and NFSv4. Found during testing at the recent NFSv4 interoperability Bakeathon. Modified: stable/8/sys/fs/nfs/nfs_commonkrpc.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/fs/nfs/nfs_commonkrpc.c ============================================================================== --- stable/8/sys/fs/nfs/nfs_commonkrpc.c Thu Jul 7 00:14:20 2011 (r223829) +++ stable/8/sys/fs/nfs/nfs_commonkrpc.c Thu Jul 7 00:30:34 2011 (r223830) @@ -687,6 +687,8 @@ tryagain: while (NFSD_MONOSEC < waituntil) (void) nfs_catnap(PZERO, 0, "nfstry"); trylater_delay *= 2; + m_freem(nd->nd_mrep); + nd->nd_mrep = NULL; goto tryagain; } From owner-svn-src-stable-8@FreeBSD.ORG Thu Jul 7 08:33:58 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CA37B1065672; Thu, 7 Jul 2011 08:33:58 +0000 (UTC) (envelope-from mav@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id BA85B8FC17; Thu, 7 Jul 2011 08:33:58 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p678XwLl053820; Thu, 7 Jul 2011 08:33:58 GMT (envelope-from mav@svn.freebsd.org) Received: (from mav@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p678Xwe6053818; Thu, 7 Jul 2011 08:33:58 GMT (envelope-from mav@svn.freebsd.org) Message-Id: <201107070833.p678Xwe6053818@svn.freebsd.org> From: Alexander Motin Date: Thu, 7 Jul 2011 08:33:58 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223834 - stable/8/sys/dev/ahci X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2011 08:33:58 -0000 Author: mav Date: Thu Jul 7 08:33:58 2011 New Revision: 223834 URL: http://svn.freebsd.org/changeset/base/223834 Log: MFC r223699: Add ID for Marvell 88SE9125 SATA controller. PR: kern/157843 Modified: stable/8/sys/dev/ahci/ahci.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/dev/ahci/ahci.c ============================================================================== --- stable/8/sys/dev/ahci/ahci.c Thu Jul 7 05:07:25 2011 (r223833) +++ stable/8/sys/dev/ahci/ahci.c Thu Jul 7 08:33:58 2011 (r223834) @@ -195,6 +195,7 @@ static struct { {0x91201b4b, 0x00, "Marvell 88SE912x", AHCI_Q_EDGEIS|AHCI_Q_NOBSYRES}, {0x91231b4b, 0x11, "Marvell 88SE912x", AHCI_Q_NOBSYRES|AHCI_Q_ALTSIG}, {0x91231b4b, 0x00, "Marvell 88SE912x", AHCI_Q_EDGEIS|AHCI_Q_SATA2|AHCI_Q_NOBSYRES}, + {0x91251b4b, 0x00, "Marvell 88SE9125", AHCI_Q_NOBSYRES}, {0x91721b4b, 0x00, "Marvell 88SE9172", AHCI_Q_NOBSYRES}, {0x91821b4b, 0x00, "Marvell 88SE9182", AHCI_Q_NOBSYRES}, {0x06201103, 0x00, "HighPoint RocketRAID 620", AHCI_Q_NOBSYRES}, From owner-svn-src-stable-8@FreeBSD.ORG Thu Jul 7 09:29:12 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 368E6106566B; Thu, 7 Jul 2011 09:29:12 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 0D5FD8FC08; Thu, 7 Jul 2011 09:29:12 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p679TBqX055543; Thu, 7 Jul 2011 09:29:11 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p679TBRF055541; Thu, 7 Jul 2011 09:29:11 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201107070929.p679TBRF055541@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Thu, 7 Jul 2011 09:29:11 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223835 - stable/8/sys/netinet/ipfw X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2011 09:29:12 -0000 Author: ae Date: Thu Jul 7 09:29:11 2011 New Revision: 223835 URL: http://svn.freebsd.org/changeset/base/223835 Log: MFC r222806: Make a behaviour of the libalias based in-kernel NAT a bit closer to how natd(8) does work. natd(8) drops packets only when libalias returns PKT_ALIAS_IGNORED and "deny_incoming" option is set, but ipfw_nat always did drop packets that were not aliased, even if they should not be aliased and just are going through. PR: kern/122109, kern/129093, kern/157379 Submitted by: Alexander V. Chernikov (previous version) Modified: stable/8/sys/netinet/ipfw/ip_fw_nat.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/netinet/ipfw/ip_fw_nat.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw_nat.c Thu Jul 7 08:33:58 2011 (r223834) +++ stable/8/sys/netinet/ipfw/ip_fw_nat.c Thu Jul 7 09:29:11 2011 (r223835) @@ -263,17 +263,27 @@ ipfw_nat(struct ip_fw_args *args, struct else retval = LibAliasOut(t->lib, c, mcl->m_len + M_TRAILINGSPACE(mcl)); - if (retval == PKT_ALIAS_RESPOND) { - m->m_flags |= M_SKIP_FIREWALL; - retval = PKT_ALIAS_OK; - } - if (retval != PKT_ALIAS_OK && - retval != PKT_ALIAS_FOUND_HEADER_FRAGMENT) { + + /* + * We drop packet when: + * 1. libalias returns PKT_ALIAS_ERROR; + * 2. For incoming packets: + * a) for unresolved fragments; + * b) libalias returns PKT_ALIAS_IGNORED and + * PKT_ALIAS_DENY_INCOMING flag is set. + */ + if (retval == PKT_ALIAS_ERROR || + (args->oif == NULL && (retval == PKT_ALIAS_UNRESOLVED_FRAGMENT || + (retval == PKT_ALIAS_IGNORED && + (t->lib->packetAliasMode & PKT_ALIAS_DENY_INCOMING) != 0)))) { /* XXX - should i add some logging? */ m_free(mcl); args->m = NULL; return (IP_FW_DENY); } + + if (retval == PKT_ALIAS_RESPOND) + m->m_flags |= M_SKIP_FIREWALL; mcl->m_pkthdr.len = mcl->m_len = ntohs(ip->ip_len); /* From owner-svn-src-stable-8@FreeBSD.ORG Thu Jul 7 09:32:44 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3734C106566C; Thu, 7 Jul 2011 09:32:44 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 0E19C8FC0A; Thu, 7 Jul 2011 09:32:44 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p679WhOd055708; Thu, 7 Jul 2011 09:32:43 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p679Wh2G055706; Thu, 7 Jul 2011 09:32:43 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201107070932.p679Wh2G055706@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Thu, 7 Jul 2011 09:32:43 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223836 - stable/8/sys/netgraph X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2011 09:32:44 -0000 Author: ae Date: Thu Jul 7 09:32:43 2011 New Revision: 223836 URL: http://svn.freebsd.org/changeset/base/223836 Log: MFC r222808: Sync ng_nat with recent (r222806) ipfw_nat changes: Make a behaviour of the libalias based in-kernel NAT a bit closer to how natd(8) does work. natd(8) drops packets only when libalias returns PKT_ALIAS_IGNORED and "deny_incoming" option is set, but ipfw_nat always did drop packets that were not aliased, even if they should not be aliased and just are going through. Also add SCTP support: mark response packets to skip firewall processing. Modified: stable/8/sys/netgraph/ng_nat.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/netgraph/ng_nat.c ============================================================================== --- stable/8/sys/netgraph/ng_nat.c Thu Jul 7 09:29:11 2011 (r223835) +++ stable/8/sys/netgraph/ng_nat.c Thu Jul 7 09:32:43 2011 (r223836) @@ -43,6 +43,7 @@ #include #include +#include #include #include @@ -703,22 +704,35 @@ ng_nat_rcvdata(hook_p hook, item_p item KASSERT(m->m_pkthdr.len == ntohs(ip->ip_len), ("ng_nat: ip_len != m_pkthdr.len")); + /* + * We drop packet when: + * 1. libalias returns PKT_ALIAS_ERROR; + * 2. For incoming packets: + * a) for unresolved fragments; + * b) libalias returns PKT_ALIAS_IGNORED and + * PKT_ALIAS_DENY_INCOMING flag is set. + */ if (hook == priv->in) { rval = LibAliasIn(priv->lib, c, m->m_len + M_TRAILINGSPACE(m)); - if (rval != PKT_ALIAS_OK && - rval != PKT_ALIAS_FOUND_HEADER_FRAGMENT) { + if (rval == PKT_ALIAS_ERROR || + rval == PKT_ALIAS_UNRESOLVED_FRAGMENT || + (rval == PKT_ALIAS_IGNORED && + (priv->lib->packetAliasMode & + PKT_ALIAS_DENY_INCOMING) != 0)) { NG_FREE_ITEM(item); return (EINVAL); } } else if (hook == priv->out) { rval = LibAliasOut(priv->lib, c, m->m_len + M_TRAILINGSPACE(m)); - if (rval != PKT_ALIAS_OK) { + if (rval == PKT_ALIAS_ERROR) { NG_FREE_ITEM(item); return (EINVAL); } } else panic("ng_nat: unknown hook!\n"); + if (rval == PKT_ALIAS_RESPOND) + m->m_flags |= M_SKIP_FIREWALL; m->m_pkthdr.len = m->m_len = ntohs(ip->ip_len); if ((ip->ip_off & htons(IP_OFFMASK)) == 0 && From owner-svn-src-stable-8@FreeBSD.ORG Thu Jul 7 22:30:12 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F1C77106564A; Thu, 7 Jul 2011 22:30:12 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id E0F3C8FC0A; Thu, 7 Jul 2011 22:30:12 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p67MUCu0081334; Thu, 7 Jul 2011 22:30:12 GMT (envelope-from rmacklem@svn.freebsd.org) Received: (from rmacklem@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p67MUCTf081332; Thu, 7 Jul 2011 22:30:12 GMT (envelope-from rmacklem@svn.freebsd.org) Message-Id: <201107072230.p67MUCTf081332@svn.freebsd.org> From: Rick Macklem Date: Thu, 7 Jul 2011 22:30:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223848 - stable/8 X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2011 22:30:13 -0000 Author: rmacklem Date: Thu Jul 7 22:30:12 2011 New Revision: 223848 URL: http://svn.freebsd.org/changeset/base/223848 Log: MFC: r221333 Remove usr/include/nfs/krpc.h and usr/include/nfs/nfsdiskless.h from ObsoleteFiles.inc, since these files have been reincarnated in the new NFS implementation. Discussed with dim@. Modified: stable/8/ObsoleteFiles.inc (contents, props changed) Modified: stable/8/ObsoleteFiles.inc ============================================================================== --- stable/8/ObsoleteFiles.inc Thu Jul 7 20:59:42 2011 (r223847) +++ stable/8/ObsoleteFiles.inc Thu Jul 7 22:30:12 2011 (r223848) @@ -4647,9 +4647,7 @@ OLD_FILES+=usr/include/netns/spidp.h OLD_FILES+=usr/include/netns/spp_debug.h OLD_FILES+=usr/include/netns/spp_timer.h OLD_FILES+=usr/include/netns/spp_var.h -OLD_FILES+=usr/include/nfs/krpc.h OLD_FILES+=usr/include/nfs/nfs.h -OLD_FILES+=usr/include/nfs/nfsdiskless.h OLD_FILES+=usr/include/nfs/nfsm_subs.h OLD_FILES+=usr/include/nfs/nfsmount.h OLD_FILES+=usr/include/nfs/nfsnode.h From owner-svn-src-stable-8@FreeBSD.ORG Thu Jul 7 23:26:29 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3302F106566B; Thu, 7 Jul 2011 23:26:29 +0000 (UTC) (envelope-from delphij@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 18E9E8FC12; Thu, 7 Jul 2011 23:26:29 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p67NQSDn083124; Thu, 7 Jul 2011 23:26:28 GMT (envelope-from delphij@svn.freebsd.org) Received: (from delphij@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p67NQSF4083121; Thu, 7 Jul 2011 23:26:28 GMT (envelope-from delphij@svn.freebsd.org) Message-Id: <201107072326.p67NQSF4083121@svn.freebsd.org> From: Xin LI Date: Thu, 7 Jul 2011 23:26:28 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223850 - in stable/8: sbin/mount share/man/man5 X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2011 23:26:29 -0000 Author: delphij Date: Thu Jul 7 23:26:28 2011 New Revision: 223850 URL: http://svn.freebsd.org/changeset/base/223850 Log: MFC r222832: Add a special mount option "failok" to indicate that the administrator wants the system to proceed to boot without bailing out into single user mode, even when the file system can not be successfully mounted. This option is implemented in mount(8) and not passed into kernel. Modified: stable/8/sbin/mount/mount.c stable/8/share/man/man5/fstab.5 Directory Properties: stable/8/sbin/mount/ (props changed) stable/8/share/man/man5/ (props changed) Modified: stable/8/sbin/mount/mount.c ============================================================================== --- stable/8/sbin/mount/mount.c Thu Jul 7 23:17:56 2011 (r223849) +++ stable/8/sbin/mount/mount.c Thu Jul 7 23:26:28 2011 (r223850) @@ -243,7 +243,7 @@ main(int argc, char *argv[]) const char *mntfromname, **vfslist, *vfstype; struct fstab *fs; struct statfs *mntbuf; - int all, ch, i, init_flags, late, mntsize, rval, have_fstab, ro; + int all, ch, i, init_flags, late, failok, mntsize, rval, have_fstab, ro; char *cp, *ep, *options; all = init_flags = late = 0; @@ -328,6 +328,10 @@ main(int argc, char *argv[]) continue; if (hasopt(fs->fs_mntops, "late") && !late) continue; + if (hasopt(fs->fs_mntops, "failok")) + failok = 1; + else + failok = 0; if (!(init_flags & MNT_UPDATE) && ismounted(fs, mntbuf, mntsize)) continue; @@ -335,7 +339,7 @@ main(int argc, char *argv[]) mntbuf->f_flags); if (mountfs(fs->fs_vfstype, fs->fs_spec, fs->fs_file, init_flags, options, - fs->fs_mntops)) + fs->fs_mntops) && !failok) rval = 1; } } else if (fstab_style) { @@ -717,6 +721,14 @@ mangle(char *options, struct cpa *a) * before mountd starts. */ continue; + } else if (strcmp(p, "failok") == 0) { + /* + * "failok" is used to prevent certain file + * systems from being causing the system to + * drop into single user mode in the boot + * cycle, and is not a real mount option. + */ + continue; } else if (strncmp(p, "mountprog", 9) == 0) { /* * "mountprog" is used to force the use of Modified: stable/8/share/man/man5/fstab.5 ============================================================================== --- stable/8/share/man/man5/fstab.5 Thu Jul 7 23:17:56 2011 (r223849) +++ stable/8/share/man/man5/fstab.5 Thu Jul 7 23:26:28 2011 (r223850) @@ -32,7 +32,7 @@ .\" @(#)fstab.5 8.1 (Berkeley) 6/5/93 .\" $FreeBSD$ .\" -.Dd November 23, 2008 +.Dd June 7, 2011 .Dt FSTAB 5 .Os .Sh NAME @@ -147,6 +147,13 @@ this location can be specified as: userquota=/var/quotas/tmp.user .Ed .Pp +If the option ``failok'' is specified, +the system will ignore any error which happens during the mount of that filesystem, +which would otherwise cause the system to drop into single user mode. +This option is implemented by the +.Xr mount 8 +command and will not be passed to the kernel. +.Pp If the option ``noauto'' is specified, the file system will not be automatically mounted at system startup. Note that, for network file systems From owner-svn-src-stable-8@FreeBSD.ORG Thu Jul 7 23:32:44 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B27F3106566C; Thu, 7 Jul 2011 23:32:44 +0000 (UTC) (envelope-from obrien@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id A19388FC0C; Thu, 7 Jul 2011 23:32:44 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p67NWiEg083372; Thu, 7 Jul 2011 23:32:44 GMT (envelope-from obrien@svn.freebsd.org) Received: (from obrien@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p67NWiRK083370; Thu, 7 Jul 2011 23:32:44 GMT (envelope-from obrien@svn.freebsd.org) Message-Id: <201107072332.p67NWiRK083370@svn.freebsd.org> From: "David E. O'Brien" Date: Thu, 7 Jul 2011 23:32:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223851 - stable/8/contrib/pf/man X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2011 23:32:44 -0000 Author: obrien Date: Thu Jul 7 23:32:44 2011 New Revision: 223851 URL: http://svn.freebsd.org/changeset/base/223851 Log: MFC: r223849: note the PF version. Modified: stable/8/contrib/pf/man/pf.4 Directory Properties: stable/8/contrib/pf/ (props changed) Modified: stable/8/contrib/pf/man/pf.4 ============================================================================== --- stable/8/contrib/pf/man/pf.4 Thu Jul 7 23:26:28 2011 (r223850) +++ stable/8/contrib/pf/man/pf.4 Thu Jul 7 23:32:44 2011 (r223851) @@ -28,7 +28,7 @@ .\" .\" $FreeBSD$ .\" -.Dd February 7, 2005 +.Dd July 3 2007 .Dt PF 4 .Os .Sh NAME @@ -1140,4 +1140,9 @@ main(int argc, char *argv[]) The .Nm packet filtering mechanism first appeared in -.Ox 3.0 . +.Ox 3.0 +and then +.Fx 5.2 . +.Pp +This implementation matches +.Ox 4.1 . From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 06:28:36 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 115AC1065672; Fri, 8 Jul 2011 06:28:36 +0000 (UTC) (envelope-from jh@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 010048FC14; Fri, 8 Jul 2011 06:28:36 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p686SZYk096224; Fri, 8 Jul 2011 06:28:35 GMT (envelope-from jh@svn.freebsd.org) Received: (from jh@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p686SZvn096222; Fri, 8 Jul 2011 06:28:35 GMT (envelope-from jh@svn.freebsd.org) Message-Id: <201107080628.p686SZvn096222@svn.freebsd.org> From: Jaakko Heinonen Date: Fri, 8 Jul 2011 06:28:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223857 - stable/8/usr.bin/calendar X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 06:28:36 -0000 Author: jh Date: Fri Jul 8 06:28:35 2011 New Revision: 223857 URL: http://svn.freebsd.org/changeset/base/223857 Log: MFC r222755: Pass correct size to write(2). PR: bin/155915 Modified: stable/8/usr.bin/calendar/io.c Directory Properties: stable/8/usr.bin/calendar/ (props changed) Modified: stable/8/usr.bin/calendar/io.c ============================================================================== --- stable/8/usr.bin/calendar/io.c Fri Jul 8 03:21:28 2011 (r223856) +++ stable/8/usr.bin/calendar/io.c Fri Jul 8 06:28:35 2011 (r223857) @@ -346,7 +346,7 @@ closecal(FILE *fp) write(pdes[1], pw->pw_name, strlen(pw->pw_name)); write(pdes[1], ">\nTo: <", 7); write(pdes[1], pw->pw_name, strlen(pw->pw_name)); - write(pdes[1], ">\nSubject: ", 12); + write(pdes[1], ">\nSubject: ", 11); write(pdes[1], dayname, strlen(dayname)); write(pdes[1], "'s Calendar\nPrecedence: bulk\n\n", 30); From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 07:38:45 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D463E1065679; Fri, 8 Jul 2011 07:38:45 +0000 (UTC) (envelope-from pluknet@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id C3F418FC24; Fri, 8 Jul 2011 07:38:45 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p687cjTV098307; Fri, 8 Jul 2011 07:38:45 GMT (envelope-from pluknet@svn.freebsd.org) Received: (from pluknet@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p687cjf3098305; Fri, 8 Jul 2011 07:38:45 GMT (envelope-from pluknet@svn.freebsd.org) Message-Id: <201107080738.p687cjf3098305@svn.freebsd.org> From: Sergey Kandaurov Date: Fri, 8 Jul 2011 07:38:45 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223858 - stable/8/etc X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 07:38:45 -0000 Author: pluknet Date: Fri Jul 8 07:38:45 2011 New Revision: 223858 URL: http://svn.freebsd.org/changeset/base/223858 Log: MFC r223506: Add support for string values with white spaces for ifconfig(8) parameters accepting them (such as description, group). PR: conf/156675 Modified: stable/8/etc/network.subr Directory Properties: stable/8/etc/ (props changed) Modified: stable/8/etc/network.subr ============================================================================== --- stable/8/etc/network.subr Fri Jul 8 06:28:35 2011 (r223857) +++ stable/8/etc/network.subr Fri Jul 8 07:38:45 2011 (r223858) @@ -85,7 +85,7 @@ ifconfig_up() ifconfig_args=`ifconfig_getargs $1` if [ -n "${ifconfig_args}" ]; then - ifconfig $1 ${ifconfig_args} + eval ifconfig $1 ${ifconfig_args} ifconfig $1 up _cfg=0 fi From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 09:17:25 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id DF773106566B; Fri, 8 Jul 2011 09:17:25 +0000 (UTC) (envelope-from mm@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id CE8968FC12; Fri, 8 Jul 2011 09:17:25 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p689HPUr001386; Fri, 8 Jul 2011 09:17:25 GMT (envelope-from mm@svn.freebsd.org) Received: (from mm@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p689HP7Q001384; Fri, 8 Jul 2011 09:17:25 GMT (envelope-from mm@svn.freebsd.org) Message-Id: <201107080917.p689HP7Q001384@svn.freebsd.org> From: Martin Matuska Date: Fri, 8 Jul 2011 09:17:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223859 - stable/8/cddl/contrib/opensolaris/cmd/zfs X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 09:17:26 -0000 Author: mm Date: Fri Jul 8 09:17:25 2011 New Revision: 223859 URL: http://svn.freebsd.org/changeset/base/223859 Log: MFC r223620: Allow mountpoints as arguments for the 'zfs get' command. Illumos-gate revision: 13295 Obtained from: Illumos (Feature #510) Modified: stable/8/cddl/contrib/opensolaris/cmd/zfs/zfs_main.c Directory Properties: stable/8/cddl/contrib/opensolaris/ (props changed) Modified: stable/8/cddl/contrib/opensolaris/cmd/zfs/zfs_main.c ============================================================================== --- stable/8/cddl/contrib/opensolaris/cmd/zfs/zfs_main.c Fri Jul 8 07:38:45 2011 (r223858) +++ stable/8/cddl/contrib/opensolaris/cmd/zfs/zfs_main.c Fri Jul 8 09:17:25 2011 (r223859) @@ -21,7 +21,7 @@ /* * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. - * Copyright 2010 Nexenta Systems, Inc. All rights reserved. + * Copyright 2011 Nexenta Systems, Inc. All rights reserved. */ #include @@ -1292,7 +1292,7 @@ static int zfs_do_get(int argc, char **argv) { zprop_get_cbdata_t cb = { 0 }; - int i, c, flags = 0; + int i, c, flags = ZFS_ITER_ARGS_CAN_BE_PATHS; char *value, *fields; int ret; int limit = 0; From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 09:18:50 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C7E56106566C; Fri, 8 Jul 2011 09:18:50 +0000 (UTC) (envelope-from zec@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id B75D18FC21; Fri, 8 Jul 2011 09:18:50 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p689Io2j001476; Fri, 8 Jul 2011 09:18:50 GMT (envelope-from zec@svn.freebsd.org) Received: (from zec@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p689IofQ001473; Fri, 8 Jul 2011 09:18:50 GMT (envelope-from zec@svn.freebsd.org) Message-Id: <201107080918.p689IofQ001473@svn.freebsd.org> From: Marko Zec Date: Fri, 8 Jul 2011 09:18:50 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223860 - stable/8/sys/net X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 09:18:50 -0000 Author: zec Date: Fri Jul 8 09:18:50 2011 New Revision: 223860 URL: http://svn.freebsd.org/changeset/base/223860 Log: MFC r222834: Set curvnet context in a callout-trigerred code path. Modified: stable/8/sys/net/bridgestp.c stable/8/sys/net/bridgestp.h Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/net/bridgestp.c ============================================================================== --- stable/8/sys/net/bridgestp.c Fri Jul 8 09:17:25 2011 (r223859) +++ stable/8/sys/net/bridgestp.c Fri Jul 8 09:18:50 2011 (r223860) @@ -1860,6 +1860,8 @@ bstp_tick(void *arg) if (bs->bs_running == 0) return; + CURVNET_SET(bs->bs_vnet); + /* slow timer to catch missed link events */ if (bstp_timer_expired(&bs->bs_link_timer)) { LIST_FOREACH(bp, &bs->bs_bplist, bp_next) @@ -1893,6 +1895,8 @@ bstp_tick(void *arg) bp->bp_txcount--; } + CURVNET_RESTORE(); + callout_reset(&bs->bs_bstpcallout, hz, bstp_tick, bs); } @@ -2126,6 +2130,7 @@ bstp_attach(struct bstp_state *bs, struc bs->bs_protover = BSTP_PROTO_RSTP; bs->bs_state_cb = cb->bcb_state; bs->bs_rtage_cb = cb->bcb_rtage; + bs->bs_vnet = curvnet; getmicrotime(&bs->bs_last_tc_time); Modified: stable/8/sys/net/bridgestp.h ============================================================================== --- stable/8/sys/net/bridgestp.h Fri Jul 8 09:17:25 2011 (r223859) +++ stable/8/sys/net/bridgestp.h Fri Jul 8 09:18:50 2011 (r223860) @@ -358,6 +358,7 @@ struct bstp_state { LIST_HEAD(, bstp_port) bs_bplist; bstp_state_cb_t bs_state_cb; bstp_rtage_cb_t bs_rtage_cb; + struct vnet *bs_vnet; }; #define BSTP_LOCK_INIT(_bs) mtx_init(&(_bs)->bs_mtx, "bstp", NULL, MTX_DEF) From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 09:20:32 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B457F106566B; Fri, 8 Jul 2011 09:20:32 +0000 (UTC) (envelope-from mm@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id A35808FC1B; Fri, 8 Jul 2011 09:20:32 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p689KWrH001574; Fri, 8 Jul 2011 09:20:32 GMT (envelope-from mm@svn.freebsd.org) Received: (from mm@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p689KW0K001572; Fri, 8 Jul 2011 09:20:32 GMT (envelope-from mm@svn.freebsd.org) Message-Id: <201107080920.p689KW0K001572@svn.freebsd.org> From: Martin Matuska Date: Fri, 8 Jul 2011 09:20:32 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223861 - stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 09:20:32 -0000 Author: mm Date: Fri Jul 8 09:20:32 2011 New Revision: 223861 URL: http://svn.freebsd.org/changeset/base/223861 Log: MFC r223622: Disable vdev cache (readahead) by default. The vdev cache is very underutilized (hit ratio 30%-70%) and may consume excessive memory on systems with many vdevs. Illumos-gate revision: 13346 Obtained from: Illumos (Bug #175) Modified: stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_cache.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_cache.c ============================================================================== --- stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_cache.c Fri Jul 8 09:18:50 2011 (r223860) +++ stable/8/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_cache.c Fri Jul 8 09:20:32 2011 (r223861) @@ -71,9 +71,16 @@ * 1< Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F38DC106566C; Fri, 8 Jul 2011 12:50:35 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id C98498FC12; Fri, 8 Jul 2011 12:50:35 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p68CoZ0j018988; Fri, 8 Jul 2011 12:50:35 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p68CoZlW018986; Fri, 8 Jul 2011 12:50:35 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201107081250.p68CoZlW018986@svn.freebsd.org> From: Gleb Smirnoff Date: Fri, 8 Jul 2011 12:50:35 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223867 - stable/8/share/man/man9 X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 12:50:36 -0000 Author: glebius Date: Fri Jul 8 12:50:35 2011 New Revision: 223867 URL: http://svn.freebsd.org/changeset/base/223867 Log: Merge from head/ 220787: It is already seven years since mbuf allocator uses same M_WAITOK/M_NOWAIT flags as malloc(9). Update manual page. Submitted by: Vadim Goncharov Modified: stable/8/share/man/man9/mbuf.9 Directory Properties: stable/8/share/man/man9/ (props changed) Modified: stable/8/share/man/man9/mbuf.9 ============================================================================== --- stable/8/share/man/man9/mbuf.9 Fri Jul 8 12:19:25 2011 (r223866) +++ stable/8/share/man/man9/mbuf.9 Fri Jul 8 12:50:35 2011 (r223867) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd March 25, 2008 +.Dd April 18, 2011 .Dt MBUF 9 .Os .\" @@ -356,9 +356,9 @@ on failure. The .Fa how argument is to be set to -.Dv M_WAIT +.Dv M_WAITOK or -.Dv M_DONTWAIT . +.Dv M_NOWAIT . It specifies whether the caller is willing to block if necessary. A number of other functions and macros related to .Vt mbufs @@ -366,15 +366,16 @@ have the same argument because they may at some point need to allocate new .Vt mbufs . .Pp -Programmers should be careful not to confuse the +Historical .Vt mbuf -allocation flag -.Dv M_DONTWAIT -with the -.Xr malloc 9 -allocation flag, -.Dv M_NOWAIT . -They are not the same. +allocator (See +.Sx HISTORY +section) used allocation flags +.Dv M_WAIT +and +.Dv M_DONTWAIT . +These constants are kept for compatibility +and their use in new code is discouraged. .It Fn MGETHDR mbuf how type Allocate an .Vt mbuf @@ -912,9 +913,9 @@ Upon success, the original chain will be chain will be returned. .Fa how should be either -.Dv M_WAIT +.Dv M_WAITOK or -.Dv M_DONTWAIT , +.Dv M_NOWAIT , depending on the caller's preference. .Pp This function is especially useful in network drivers, where @@ -930,9 +931,9 @@ The original mbuf chain is always reclai count of any shared mbuf clusters is decremented. .Fa how should be either -.Dv M_WAIT +.Dv M_WAITOK or -.Dv M_DONTWAIT , +.Dv M_NOWAIT , depending on the caller's preference. As a side-effect of this process the returned mbuf chain may be compacted. From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 12:54:10 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 91469106566C; Fri, 8 Jul 2011 12:54:10 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 810A18FC08; Fri, 8 Jul 2011 12:54:10 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p68CsAug019133; Fri, 8 Jul 2011 12:54:10 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p68CsAeI019131; Fri, 8 Jul 2011 12:54:10 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201107081254.p68CsAeI019131@svn.freebsd.org> From: Gleb Smirnoff Date: Fri, 8 Jul 2011 12:54:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223868 - stable/8/sys/netinet/ipfw X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 12:54:10 -0000 Author: glebius Date: Fri Jul 8 12:54:10 2011 New Revision: 223868 URL: http://svn.freebsd.org/changeset/base/223868 Log: Merge from head/ 220796: Pullup up to TCP header length before matching against 'tcpopts'. PR: kern/156180 Reviewed by: luigi Modified: stable/8/sys/netinet/ipfw/ip_fw2.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/netinet/ipfw/ip_fw2.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw2.c Fri Jul 8 12:50:35 2011 (r223867) +++ stable/8/sys/netinet/ipfw/ip_fw2.c Fri Jul 8 12:54:10 2011 (r223868) @@ -913,9 +913,10 @@ ipfw_chk(struct ip_fw_args *args) * pointer might become stale after other pullups (but we never use it * this way). */ -#define PULLUP_TO(_len, p, T) \ +#define PULLUP_TO(_len, p, T) PULLUP_LEN(_len, p, sizeof(T)) +#define PULLUP_LEN(_len, p, T) \ do { \ - int x = (_len) + sizeof(T); \ + int x = (_len) + T; \ if ((m)->m_len < x) { \ args->m = m = m_pullup(m, x); \ if (m == NULL) \ @@ -1600,6 +1601,7 @@ do { \ break; case O_TCPOPTS: + PULLUP_LEN(hlen, ulp, (TCP(ulp)->th_off << 2)); match = (proto == IPPROTO_TCP && offset == 0 && tcpopts_match(TCP(ulp), cmd)); break; @@ -2208,6 +2210,7 @@ do { \ } } /* end of inner loop, scan opcodes */ +#undef PULLUP_LEN if (done) break; From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 13:04:48 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2A5931065670; Fri, 8 Jul 2011 13:04:48 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 088BD8FC0A; Fri, 8 Jul 2011 13:04:48 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p68D4m0N019504; Fri, 8 Jul 2011 13:04:48 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p68D4lUx019496; Fri, 8 Jul 2011 13:04:47 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201107081304.p68D4lUx019496@svn.freebsd.org> From: Gleb Smirnoff Date: Fri, 8 Jul 2011 13:04:47 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223869 - stable/8/sbin/ipfw X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 13:04:48 -0000 Author: glebius Date: Fri Jul 8 13:04:47 2011 New Revision: 223869 URL: http://svn.freebsd.org/changeset/base/223869 Log: Merge from head/ 220802, 220804: Whitespace fixes. Checked with: md5, diff -w Modified: stable/8/sbin/ipfw/altq.c stable/8/sbin/ipfw/dummynet.c stable/8/sbin/ipfw/ipfw2.c stable/8/sbin/ipfw/ipfw2.h stable/8/sbin/ipfw/ipv6.c stable/8/sbin/ipfw/main.c stable/8/sbin/ipfw/nat.c Directory Properties: stable/8/sbin/ipfw/ (props changed) Modified: stable/8/sbin/ipfw/altq.c ============================================================================== --- stable/8/sbin/ipfw/altq.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/altq.c Fri Jul 8 13:04:47 2011 (r223869) @@ -45,7 +45,7 @@ /* * Map between current altq queue id numbers and names. */ -static TAILQ_HEAD(, pf_altq) altq_entries = +static TAILQ_HEAD(, pf_altq) altq_entries = TAILQ_HEAD_INITIALIZER(altq_entries); void @@ -139,13 +139,13 @@ altq_qid_to_name(u_int32_t qid) void print_altq_cmd(ipfw_insn_altq *altqptr) { - if (altqptr) { - const char *qname; + if (altqptr) { + const char *qname; - qname = altq_qid_to_name(altqptr->qid); - if (qname == NULL) - printf(" altq ?<%u>", altqptr->qid); - else - printf(" altq %s", qname); - } + qname = altq_qid_to_name(altqptr->qid); + if (qname == NULL) + printf(" altq ?<%u>", altqptr->qid); + else + printf(" altq %s", qname); + } } Modified: stable/8/sbin/ipfw/dummynet.c ============================================================================== --- stable/8/sbin/ipfw/dummynet.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/dummynet.c Fri Jul 8 13:04:47 2011 (r223869) @@ -275,7 +275,7 @@ flush_buf(char *buf) printf("%s\n", buf); buf[0] = '\0'; } - + /* * generic list routine. We expect objects in a specific order, i.e. * PIPES AND SCHEDULERS: @@ -408,25 +408,25 @@ ipfw_delete_pipe(int do_pipe, int i) * We can model the additional delay with an empirical curve * that represents its distribution. * - * cumulative probability - * 1.0 ^ - * | - * L +-- loss-level x - * | ****** - * | * - * | ***** - * | * - * | ** - * | * - * +-------*-------------------> - * delay + * cumulative probability + * 1.0 ^ + * | + * L +-- loss-level x + * | ****** + * | * + * | ***** + * | * + * | ** + * | * + * +-------*-------------------> + * delay * * The empirical curve may have both vertical and horizontal lines. * Vertical lines represent constant delay for a range of * probabilities; horizontal lines correspond to a discontinuty * in the delay distribution: the link will use the largest delay * for a given probability. - * + * * To pass the curve to dummynet, we must store the parameters * in a file as described below, and issue the command * @@ -439,9 +439,9 @@ ipfw_delete_pipe(int do_pipe, int i) * the number of samples used in the internal * representation (2..1024; default 100); * - * loss-level L + * loss-level L * The probability above which packets are lost. - * (0.0 <= L <= 1.0, default 1.0 i.e. no loss); + * (0.0 <= L <= 1.0, default 1.0 i.e. no loss); * * name identifier * Optional a name (listed by "ipfw pipe show") @@ -462,18 +462,18 @@ ipfw_delete_pipe(int do_pipe, int i) * the curve as needed. * * Example of a profile file: - - name bla_bla_bla - samples 100 - loss-level 0.86 - prob delay - 0 200 # minimum overhead is 200ms - 0.5 200 - 0.5 300 - 0.8 1000 - 0.9 1300 - 1 1300 - + + name bla_bla_bla + samples 100 + loss-level 0.86 + prob delay + 0 200 # minimum overhead is 200ms + 0.5 200 + 0.5 300 + 0.8 1000 + 0.9 1300 + 1 1300 + * Internally, we will convert the curve to a fixed number of * samples, and when it is time to transmit a packet we will * model the extra delay as extra bits in the packet. @@ -603,7 +603,7 @@ load_extra_delays(const char *filename, if (f == NULL) err(EX_UNAVAILABLE, "fopen: %s", filename); - while (fgets(line, ED_MAX_LINE_LEN, f)) { /* read commands */ + while (fgets(line, ED_MAX_LINE_LEN, f)) { /* read commands */ char *s, *cur = line, *name = NULL, *arg = NULL; ++lineno; @@ -730,7 +730,7 @@ load_extra_delays(const char *filename, /* * configuration of pipes, schedulers, flowsets. * When we configure a new scheduler, an empty pipe is created, so: - * + * * do_pipe = 1 -> "pipe N config ..." only for backward compatibility * sched N+Delta type fifo sched_mask ... * pipe N+Delta @@ -945,7 +945,7 @@ ipfw_config_pipe(int ac, char **av) mask->addr_type = 6; pa6 = &mask->dst_ip6; break; - + case TOK_SRCIP6: mask->addr_type = 6; pa6 = &mask->src_ip6; Modified: stable/8/sbin/ipfw/ipfw2.c ============================================================================== --- stable/8/sbin/ipfw/ipfw2.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/ipfw2.c Fri Jul 8 13:04:47 2011 (r223869) @@ -210,7 +210,7 @@ static struct _s_x rule_actions[] = { { "unreach", TOK_UNREACH }, { "check-state", TOK_CHECKSTATE }, { "//", TOK_COMMENT }, - { "nat", TOK_NAT }, + { "nat", TOK_NAT }, { "reass", TOK_REASS }, { "setfib", TOK_SETFIB }, { NULL, 0 } /* terminator */ @@ -314,7 +314,7 @@ static struct _s_x rule_options[] = { { NULL, 0 } /* terminator */ }; -/* +/* * The following is used to generate a printable argument for * 64-bit numbers, irrespective of platform alignment and bit size. * Because all the printf in this program use %llu as a format, @@ -372,8 +372,8 @@ do_cmd(int optname, void *optval, uintpt if (optname == IP_FW_GET || optname == IP_DUMMYNET_GET || optname == IP_FW_ADD || optname == IP_FW_TABLE_LIST || - optname == IP_FW_TABLE_GETSIZE || - optname == IP_FW_NAT_GET_CONFIG || + optname == IP_FW_TABLE_GETSIZE || + optname == IP_FW_NAT_GET_CONFIG || optname < 0 || optname == IP_FW_NAT_GET_LOG) { if (optname < 0) @@ -427,7 +427,7 @@ match_value(struct _s_x *p, int value) int _substrcmp(const char *str1, const char* str2) { - + if (strncmp(str1, str2, strlen(str1)) != 0) return 1; @@ -455,7 +455,7 @@ _substrcmp(const char *str1, const char* int _substrcmp2(const char *str1, const char* str2, const char* str3) { - + if (strncmp(str1, str2, strlen(str2)) != 0) return 1; @@ -1019,7 +1019,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt /* * first print actions */ - for (l = rule->cmd_len - rule->act_ofs, cmd = ACTION_PTR(rule); + for (l = rule->cmd_len - rule->act_ofs, cmd = ACTION_PTR(rule); l > 0 ; l -= F_LEN(cmd), cmd += F_LEN(cmd)) { switch(cmd->opcode) { case O_CHECK_STATE: @@ -1114,7 +1114,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt case O_NAT: PRINT_UINT_ARG("nat ", cmd->arg1); break; - + case O_SETFIB: PRINT_UINT_ARG("setfib ", cmd->arg1); break; @@ -1122,7 +1122,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt case O_REASS: printf("reass"); break; - + default: printf("** unrecognized action %d len %d ", cmd->opcode, cmd->len); @@ -1149,7 +1149,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt /* * then print the body. */ - for (l = rule->act_ofs, cmd = rule->cmd ; + for (l = rule->act_ofs, cmd = rule->cmd ; l > 0 ; l -= F_LEN(cmd) , cmd += F_LEN(cmd)) { if ((cmd->len & F_OR) || (cmd->len & F_NOT)) continue; @@ -1159,7 +1159,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt } else if (cmd->opcode == O_IP6) { flags |= HAVE_PROTO6; break; - } + } } if (rule->_pad & 1) { /* empty rules before options */ if (!co.do_compact) { @@ -1173,7 +1173,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt if (co.comment_only) comment = "..."; - for (l = rule->act_ofs, cmd = rule->cmd ; + for (l = rule->act_ofs, cmd = rule->cmd ; l > 0 ; l -= F_LEN(cmd) , cmd += F_LEN(cmd)) { /* useful alias */ ipfw_insn_u32 *cmd32 = (ipfw_insn_u32 *)cmd; @@ -1557,7 +1557,7 @@ show_ipfw(struct ip_fw *rule, int pcwidt } } show_prerequisites(&flags, HAVE_PROTO | HAVE_SRCIP | HAVE_DSTIP - | HAVE_IP, 0); + | HAVE_IP, 0); if (comment) printf(" // %s", comment); printf("\n"); @@ -1611,7 +1611,7 @@ show_dyn_ipfw(ipfw_dyn_rule *d, int pcwi sizeof(buf)), d->id.dst_port); } else printf(" UNKNOWN <-> UNKNOWN\n"); - + printf("\n"); } @@ -2188,7 +2188,6 @@ n2mask(struct in6_addr *mask, int n) } return; } - /* * helper function to process a set of flags and set bits in the @@ -2219,9 +2218,9 @@ fill_flags(ipfw_insn *cmd, enum ipfw_opc *which |= (uint8_t)val; p = q; } - cmd->opcode = opcode; - cmd->len = (cmd->len & (F_NOT | F_OR)) | 1; - cmd->arg1 = (set & 0xff) | ( (clear & 0xff) << 8); + cmd->opcode = opcode; + cmd->len = (cmd->len & (F_NOT | F_OR)) | 1; + cmd->arg1 = (set & 0xff) | ( (clear & 0xff) << 8); } @@ -2279,7 +2278,7 @@ ipfw_delete(char *av[]) * fill the interface structure. We do not check the name as we can * create interfaces dynamically, so checking them at insert time * makes relatively little sense. - * Interface names containing '*', '?', or '[' are assumed to be shell + * Interface names containing '*', '?', or '[' are assumed to be shell * patterns which match interfaces. */ static void @@ -2753,7 +2752,7 @@ ipfw_add(char *av[]) goto chkarg; case TOK_TEE: action->opcode = O_TEE; -chkarg: +chkarg: if (!av[0]) errx(EX_USAGE, "missing argument for %s", *(av - 1)); if (isdigit(**av)) { @@ -2807,7 +2806,7 @@ chkarg: "illegal forwarding port ``%s''", s); p->sa.sin_port = (u_short)i; } - if (_substrcmp(*av, "tablearg") == 0) + if (_substrcmp(*av, "tablearg") == 0) p->sa.sin_addr.s_addr = INADDR_ANY; else lookup_host(*av, &(p->sa.sin_addr)); @@ -2826,25 +2825,25 @@ chkarg: size_t intsize = sizeof(int); action->opcode = O_SETFIB; - NEED1("missing fib number"); + NEED1("missing fib number"); if (_substrcmp(*av, "tablearg") == 0) { action->arg1 = IP_FW_TABLEARG; } else { - action->arg1 = strtoul(*av, NULL, 10); + action->arg1 = strtoul(*av, NULL, 10); if (sysctlbyname("net.fibs", &numfibs, &intsize, NULL, 0) == -1) errx(EX_DATAERR, "fibs not suported.\n"); if (action->arg1 >= numfibs) /* Temporary */ errx(EX_DATAERR, "fib too large.\n"); } - av++; - break; + av++; + break; } case TOK_REASS: action->opcode = O_REASS; break; - + default: errx(EX_DATAERR, "invalid action %s\n", av[-1]); } @@ -3139,7 +3138,7 @@ read_options: errx(EX_USAGE, "+missing \")\"\n"); open_par = 0; prev = NULL; - break; + break; case TOK_IN: fill_cmd(cmd, O_IN, 0, 0); @@ -3192,7 +3191,7 @@ read_options: fill_icmptypes((ipfw_insn_u32 *)cmd, *av); av++; break; - + case TOK_ICMP6TYPES: NEED1("icmptypes requires list of types"); fill_icmp6types((ipfw_insn_icmp6 *)cmd, *av); @@ -3428,7 +3427,7 @@ read_options: av++; } break; - + case TOK_DSTIP6: NEED1("missing destination IP6"); if (add_dstip6(cmd, *av)) { @@ -3821,10 +3820,10 @@ ipfw_table_handler(int ac, char *av[]) if (strchr(*av, (int)'.') == NULL && isdigit(**av)) { ent.value = strtoul(*av, NULL, 0); } else { - if (lookup_host(*av, (struct in_addr *)&tval) == 0) { + if (lookup_host(*av, (struct in_addr *)&tval) == 0) { /* The value must be stored in host order * * so that the values < 65k can be distinguished */ - ent.value = ntohl(tval); + ent.value = ntohl(tval); } else { errx(EX_NOHOST, "hostname ``%s'' unknown", *av); } @@ -3843,7 +3842,7 @@ ipfw_table_handler(int ac, char *av[]) if (do_cmd(IP_FW_TABLE_ADD, &ent, sizeof(ent)) < 0) err(EX_OSERR, - "setsockopt(IP_FW_TABLE_ADD)"); + "setsockopt(IP_FW_TABLE_ADD)"); } } } else if (_substrcmp(*av, "flush") == 0) { Modified: stable/8/sbin/ipfw/ipfw2.h ============================================================================== --- stable/8/sbin/ipfw/ipfw2.h Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/ipfw2.h Fri Jul 8 13:04:47 2011 (r223869) @@ -183,7 +183,7 @@ enum tokens { TOK_PROXY_ONLY, TOK_REDIR_ADDR, TOK_REDIR_PORT, - TOK_REDIR_PROTO, + TOK_REDIR_PROTO, TOK_IPV6, TOK_FLOWID, Modified: stable/8/sbin/ipfw/ipv6.c ============================================================================== --- stable/8/sbin/ipfw/ipv6.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/ipv6.c Fri Jul 8 13:04:47 2011 (r223869) @@ -76,7 +76,7 @@ print_unreach6_code(uint16_t code) printf("unreach6 %u", code); } -/* +/* * Print the ip address contained in a command. */ void @@ -90,43 +90,43 @@ print_ip6(ipfw_insn_ip6 *cmd, char const printf("%s%s ", cmd->o.len & F_NOT ? " not": "", s); if (cmd->o.opcode == O_IP6_SRC_ME || cmd->o.opcode == O_IP6_DST_ME) { - printf("me6"); - return; + printf("me6"); + return; } if (cmd->o.opcode == O_IP6) { - printf(" ip6"); - return; + printf(" ip6"); + return; } /* - * len == 4 indicates a single IP, whereas lists of 1 or more - * addr/mask pairs have len = (2n+1). We convert len to n so we - * use that to count the number of entries. - */ + * len == 4 indicates a single IP, whereas lists of 1 or more + * addr/mask pairs have len = (2n+1). We convert len to n so we + * use that to count the number of entries. + */ for (len = len / 4; len > 0; len -= 2, a += 2) { - int mb = /* mask length */ - (cmd->o.opcode == O_IP6_SRC || cmd->o.opcode == O_IP6_DST) ? - 128 : contigmask((uint8_t *)&(a[1]), 128); - - if (mb == 128 && co.do_resolv) - he = gethostbyaddr((char *)a, sizeof(*a), AF_INET6); - if (he != NULL) /* resolved to name */ - printf("%s", he->h_name); - else if (mb == 0) /* any */ - printf("any"); - else { /* numeric IP followed by some kind of mask */ - if (inet_ntop(AF_INET6, a, trad, sizeof( trad ) ) == NULL) - printf("Error ntop in print_ip6\n"); - printf("%s", trad ); - if (mb < 0) /* XXX not really legal... */ - printf(":%s", - inet_ntop(AF_INET6, &a[1], trad, sizeof(trad))); - else if (mb < 128) - printf("/%d", mb); - } - if (len > 2) - printf(","); + int mb = /* mask length */ + (cmd->o.opcode == O_IP6_SRC || cmd->o.opcode == O_IP6_DST) ? + 128 : contigmask((uint8_t *)&(a[1]), 128); + + if (mb == 128 && co.do_resolv) + he = gethostbyaddr((char *)a, sizeof(*a), AF_INET6); + if (he != NULL) /* resolved to name */ + printf("%s", he->h_name); + else if (mb == 0) /* any */ + printf("any"); + else { /* numeric IP followed by some kind of mask */ + if (inet_ntop(AF_INET6, a, trad, sizeof( trad ) ) == NULL) + printf("Error ntop in print_ip6\n"); + printf("%s", trad ); + if (mb < 0) /* XXX not really legal... */ + printf(":%s", + inet_ntop(AF_INET6, &a[1], trad, sizeof(trad))); + else if (mb < 128) + printf("/%d", mb); + } + if (len > 2) + printf(","); } } @@ -137,20 +137,20 @@ fill_icmp6types(ipfw_insn_icmp6 *cmd, ch bzero(cmd, sizeof(*cmd)); while (*av) { - if (*av == ',') - av++; - type = strtoul(av, &av, 0); - if (*av != ',' && *av != '\0') - errx(EX_DATAERR, "invalid ICMP6 type"); + if (*av == ',') + av++; + type = strtoul(av, &av, 0); + if (*av != ',' && *av != '\0') + errx(EX_DATAERR, "invalid ICMP6 type"); /* * XXX: shouldn't this be 0xFF? I can't see any reason why * we shouldn't be able to filter all possiable values * regardless of the ability of the rest of the kernel to do * anything useful with them. */ - if (type > ICMP6_MAXTYPE) - errx(EX_DATAERR, "ICMP6 type out of range"); - cmd->d[type / 32] |= ( 1 << (type % 32)); + if (type > ICMP6_MAXTYPE) + errx(EX_DATAERR, "ICMP6 type out of range"); + cmd->d[type / 32] |= ( 1 << (type % 32)); } cmd->o.opcode = O_ICMP6TYPE; cmd->o.len |= F_INSN_SIZE(ipfw_insn_icmp6); @@ -165,12 +165,12 @@ print_icmp6types(ipfw_insn_u32 *cmd) printf(" ip6 icmp6types"); for (i = 0; i < 7; i++) - for (j=0; j < 32; ++j) { - if ( (cmd->d[i] & (1 << (j))) == 0) - continue; - printf("%c%d", sep, (i*32 + j)); - sep = ','; - } + for (j=0; j < 32; ++j) { + if ( (cmd->d[i] & (1 << (j))) == 0) + continue; + printf("%c%d", sep, (i*32 + j)); + sep = ','; + } } void @@ -181,9 +181,9 @@ print_flow6id( ipfw_insn_u32 *cmd) printf(" flow-id "); for( i=0; i < limit; ++i) { - if (i == limit - 1) - sep = ' '; - printf("%d%c", cmd->d[i], sep); + if (i == limit - 1) + sep = ' '; + printf("%d%c", cmd->d[i], sep); } } @@ -193,11 +193,11 @@ static struct _s_x ext6hdrcodes[] = { { "hopopt", EXT_HOPOPTS }, { "route", EXT_ROUTING }, { "dstopt", EXT_DSTOPTS }, - { "ah", EXT_AH }, - { "esp", EXT_ESP }, + { "ah", EXT_AH }, + { "esp", EXT_ESP }, { "rthdr0", EXT_RTHDR0 }, { "rthdr2", EXT_RTHDR2 }, - { NULL, 0 } + { NULL, 0 } }; /* fills command for the extension header filtering */ @@ -210,48 +210,48 @@ fill_ext6hdr( ipfw_insn *cmd, char *av) cmd->arg1 = 0; while(s) { - av = strsep( &s, ",") ; - tok = match_token(ext6hdrcodes, av); - switch (tok) { - case EXT_FRAGMENT: - cmd->arg1 |= EXT_FRAGMENT; - break; - - case EXT_HOPOPTS: - cmd->arg1 |= EXT_HOPOPTS; - break; - - case EXT_ROUTING: - cmd->arg1 |= EXT_ROUTING; - break; - - case EXT_DSTOPTS: - cmd->arg1 |= EXT_DSTOPTS; - break; - - case EXT_AH: - cmd->arg1 |= EXT_AH; - break; - - case EXT_ESP: - cmd->arg1 |= EXT_ESP; - break; - - case EXT_RTHDR0: - cmd->arg1 |= EXT_RTHDR0; - break; - - case EXT_RTHDR2: - cmd->arg1 |= EXT_RTHDR2; - break; - - default: - errx( EX_DATAERR, "invalid option for ipv6 exten header" ); - break; - } + av = strsep( &s, ",") ; + tok = match_token(ext6hdrcodes, av); + switch (tok) { + case EXT_FRAGMENT: + cmd->arg1 |= EXT_FRAGMENT; + break; + + case EXT_HOPOPTS: + cmd->arg1 |= EXT_HOPOPTS; + break; + + case EXT_ROUTING: + cmd->arg1 |= EXT_ROUTING; + break; + + case EXT_DSTOPTS: + cmd->arg1 |= EXT_DSTOPTS; + break; + + case EXT_AH: + cmd->arg1 |= EXT_AH; + break; + + case EXT_ESP: + cmd->arg1 |= EXT_ESP; + break; + + case EXT_RTHDR0: + cmd->arg1 |= EXT_RTHDR0; + break; + + case EXT_RTHDR2: + cmd->arg1 |= EXT_RTHDR2; + break; + + default: + errx( EX_DATAERR, "invalid option for ipv6 exten header" ); + break; + } } if (cmd->arg1 == 0 ) - return 0; + return 0; cmd->opcode = O_EXT_HDR; cmd->len |= F_INSN_SIZE( ipfw_insn ); return 1; @@ -264,35 +264,35 @@ print_ext6hdr( ipfw_insn *cmd ) printf(" extension header:"); if (cmd->arg1 & EXT_FRAGMENT ) { - printf("%cfragmentation", sep); - sep = ','; + printf("%cfragmentation", sep); + sep = ','; } if (cmd->arg1 & EXT_HOPOPTS ) { - printf("%chop options", sep); - sep = ','; + printf("%chop options", sep); + sep = ','; } if (cmd->arg1 & EXT_ROUTING ) { - printf("%crouting options", sep); - sep = ','; + printf("%crouting options", sep); + sep = ','; } if (cmd->arg1 & EXT_RTHDR0 ) { - printf("%crthdr0", sep); - sep = ','; + printf("%crthdr0", sep); + sep = ','; } if (cmd->arg1 & EXT_RTHDR2 ) { - printf("%crthdr2", sep); - sep = ','; + printf("%crthdr2", sep); + sep = ','; } if (cmd->arg1 & EXT_DSTOPTS ) { - printf("%cdestination options", sep); - sep = ','; + printf("%cdestination options", sep); + sep = ','; } if (cmd->arg1 & EXT_AH ) { - printf("%cauthentication header", sep); - sep = ','; + printf("%cauthentication header", sep); + sep = ','; } if (cmd->arg1 & EXT_ESP ) { - printf("%cencapsulated security payload", sep); + printf("%cencapsulated security payload", sep); } } @@ -318,9 +318,9 @@ lookup_host6 (char *host, struct in6_add * any matches any IP6. Actually returns an empty instruction. * me returns O_IP6_*_ME * - * 03f1::234:123:0342 single IP6 addres - * 03f1::234:123:0342/24 address/mask - * 03f1::234:123:0342/24,03f1::234:123:0343/ List of address + * 03f1::234:123:0342 single IP6 addres + * 03f1::234:123:0342/24 address/mask + * 03f1::234:123:0342/24,03f1::234:123:0343/ List of address * * Set of address (as in ipv6) not supported because ipv6 address * are typically random past the initial prefix. Modified: stable/8/sbin/ipfw/main.c ============================================================================== --- stable/8/sbin/ipfw/main.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/main.c Fri Jul 8 13:04:47 2011 (r223869) @@ -358,7 +358,7 @@ ipfw_main(int oldac, char **oldav) co.do_pipe = 0; co.use_set = 0; if (!strncmp(*av, "nat", strlen(*av))) - co.do_nat = 1; + co.do_nat = 1; else if (!strncmp(*av, "pipe", strlen(*av))) co.do_pipe = 1; else if (_substrcmp(*av, "queue") == 0) @@ -427,7 +427,7 @@ ipfw_main(int oldac, char **oldav) else if (_substrcmp(*av, "resetlog") == 0) ipfw_zero(ac, av, 1 /* IP_FW_RESETLOG */); else if (_substrcmp(*av, "print") == 0 || - _substrcmp(*av, "list") == 0) + _substrcmp(*av, "list") == 0) ipfw_list(ac, av, do_acct); else if (_substrcmp(*av, "show") == 0) ipfw_list(ac, av, 1 /* show counters */); @@ -592,7 +592,7 @@ main(int ac, char *av[]) ret = WSAStartup(wVersionRequested, &wsaData); if (ret != 0) { /* Tell the user that we could not find a usable */ - /* Winsock DLL. */ + /* Winsock DLL. */ printf("WSAStartup failed with error: %d\n", ret); return 1; } Modified: stable/8/sbin/ipfw/nat.c ============================================================================== --- stable/8/sbin/ipfw/nat.c Fri Jul 8 12:54:10 2011 (r223868) +++ stable/8/sbin/ipfw/nat.c Fri Jul 8 13:04:47 2011 (r223869) @@ -47,15 +47,15 @@ #include static struct _s_x nat_params[] = { - { "ip", TOK_IP }, - { "if", TOK_IF }, - { "log", TOK_ALOG }, - { "deny_in", TOK_DENY_INC }, - { "same_ports", TOK_SAME_PORTS }, - { "unreg_only", TOK_UNREG_ONLY }, - { "reset", TOK_RESET_ADDR }, - { "reverse", TOK_ALIAS_REV }, - { "proxy_only", TOK_PROXY_ONLY }, + { "ip", TOK_IP }, + { "if", TOK_IF }, + { "log", TOK_ALOG }, + { "deny_in", TOK_DENY_INC }, + { "same_ports", TOK_SAME_PORTS }, + { "unreg_only", TOK_UNREG_ONLY }, + { "reset", TOK_RESET_ADDR }, + { "reverse", TOK_ALIAS_REV }, + { "proxy_only", TOK_PROXY_ONLY }, { "redirect_addr", TOK_REDIR_ADDR }, { "redirect_port", TOK_REDIR_PORT }, { "redirect_proto", TOK_REDIR_PROTO }, @@ -63,10 +63,10 @@ static struct _s_x nat_params[] = { }; -/* +/* * Search for interface with name "ifn", and fill n accordingly: * - * n->ip ip address of interface "ifn" + * n->ip ip address of interface "ifn" * n->if_name copy of interface name "ifn" */ static void @@ -84,9 +84,9 @@ set_addr_dynamic(const char *ifn, struct mib[0] = CTL_NET; mib[1] = PF_ROUTE; mib[2] = 0; - mib[3] = AF_INET; + mib[3] = AF_INET; mib[4] = NET_RT_IFLIST; - mib[5] = 0; + mib[5] = 0; /* * Get interface data. */ @@ -163,25 +163,25 @@ set_addr_dynamic(const char *ifn, struct free(buf); } -/* +/* * XXX - The following functions, macros and definitions come from natd.c: - * it would be better to move them outside natd.c, in a file - * (redirect_support.[ch]?) shared by ipfw and natd, but for now i can live + * it would be better to move them outside natd.c, in a file + * (redirect_support.[ch]?) shared by ipfw and natd, but for now i can live * with it. */ /* * Definition of a port range, and macros to deal with values. * FORMAT: HI 16-bits == first port in range, 0 == all ports. - * LO 16-bits == number of ports in range + * LO 16-bits == number of ports in range * NOTES: - Port values are not stored in network byte order. */ #define port_range u_long -#define GETLOPORT(x) ((x) >> 0x10) -#define GETNUMPORTS(x) ((x) & 0x0000ffff) -#define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x))) +#define GETLOPORT(x) ((x) >> 0x10) +#define GETNUMPORTS(x) ((x) & 0x0000ffff) +#define GETHIPORT(x) (GETLOPORT((x)) + GETNUMPORTS((x))) /* Set y to be the low-port value in port_range variable x. */ #define SETLOPORT(x,y) ((x) = ((x) & 0x0000ffff) | ((y) << 0x10)) @@ -189,7 +189,7 @@ set_addr_dynamic(const char *ifn, struct /* Set y to be the number of ports in port_range variable x. */ #define SETNUMPORTS(x,y) ((x) = ((x) & 0xffff0000) | (y)) -static void +static void StrToAddr (const char* str, struct in_addr* addr) { struct hostent* hp; @@ -204,30 +204,30 @@ StrToAddr (const char* str, struct in_ad memcpy (addr, hp->h_addr, sizeof (struct in_addr)); } -static int +static int StrToPortRange (const char* str, const char* proto, port_range *portRange) { - char* sep; + char* sep; struct servent* sp; char* end; - u_short loPort; - u_short hiPort; - + u_short loPort; + u_short hiPort; + /* First see if this is a service, return corresponding port if so. */ sp = getservbyname (str,proto); if (sp) { - SETLOPORT(*portRange, ntohs(sp->s_port)); + SETLOPORT(*portRange, ntohs(sp->s_port)); SETNUMPORTS(*portRange, 1); return 0; } - + /* Not a service, see if it's a single port or port range. */ sep = strchr (str, '-'); if (sep == NULL) { - SETLOPORT(*portRange, strtol(str, &end, 10)); + SETLOPORT(*portRange, strtol(str, &end, 10)); if (end != str) { - /* Single port. */ - SETNUMPORTS(*portRange, 1); + /* Single port. */ + SETNUMPORTS(*portRange, 1); return 0; } @@ -240,15 +240,15 @@ StrToPortRange (const char* str, const c SETLOPORT(*portRange, loPort); SETNUMPORTS(*portRange, 0); /* Error by default */ if (loPort <= hiPort) - SETNUMPORTS(*portRange, hiPort - loPort + 1); + SETNUMPORTS(*portRange, hiPort - loPort + 1); if (GETNUMPORTS(*portRange) == 0) - errx (EX_DATAERR, "invalid port range %s", str); + errx (EX_DATAERR, "invalid port range %s", str); return 0; } -static int +static int StrToProto (const char* str) { if (!strcmp (str, "tcp")) @@ -262,9 +262,9 @@ StrToProto (const char* str) errx (EX_DATAERR, "unknown protocol %s. Expected sctp, tcp or udp", str); } -static int -StrToAddrAndPortRange (const char* str, struct in_addr* addr, char* proto, - port_range *portRange) +static int +StrToAddrAndPortRange (const char* str, struct in_addr* addr, char* proto, + port_range *portRange) { char* ptr; @@ -281,53 +281,52 @@ StrToAddrAndPortRange (const char* str, /* End of stuff taken from natd.c. */ -#define INC_ARGCV() do { \ - (*_av)++; \ - (*_ac)--; \ - av = *_av; \ - ac = *_ac; \ +#define INC_ARGCV() do { \ + (*_av)++; \ + (*_ac)--; \ + av = *_av; \ + ac = *_ac; \ } while(0) -/* - * The next 3 functions add support for the addr, port and proto redirect and - * their logic is loosely based on SetupAddressRedirect(), SetupPortRedirect() +/* + * The next 3 functions add support for the addr, port and proto redirect and + * their logic is loosely based on SetupAddressRedirect(), SetupPortRedirect() * and SetupProtoRedirect() from natd.c. * - * Every setup_* function fills at least one redirect entry - * (struct cfg_redir) and zero or more server pool entry (struct cfg_spool) + * Every setup_* function fills at least one redirect entry + * (struct cfg_redir) and zero or more server pool entry (struct cfg_spool) * in buf. - * + * * The format of data in buf is: - * * - * cfg_nat cfg_redir cfg_spool ...... cfg_spool + * cfg_nat cfg_redir cfg_spool ...... cfg_spool * * ------------------------------------- ------------ * | | .....X ... | | | | ..... * ------------------------------------- ...... ------------ - * ^ + * ^ * spool_cnt n=0 ...... n=(X-1) * * len points to the amount of available space in buf * space counts the memory consumed by every function * - * XXX - Every function get all the argv params so it + * XXX - Every function get all the argv params so it * has to check, in optional parameters, that the next - * args is a valid option for the redir entry and not - * another token. Only redir_port and redir_proto are + * args is a valid option for the redir entry and not + * another token. Only redir_port and redir_proto are * affected by this. */ static int setup_redir_addr(char *spool_buf, unsigned int len, - int *_ac, char ***_av) + int *_ac, char ***_av) { char **av, *sep; /* Token separator. */ /* Temporary buffer used to hold server pool ip's. */ - char tmp_spool_buf[NAT_BUF_LEN]; + char tmp_spool_buf[NAT_BUF_LEN]; int ac, space, lsnat; - struct cfg_redir *r; - struct cfg_spool *tmp; + struct cfg_redir *r; + struct cfg_spool *tmp; av = *_av; ac = *_ac; @@ -339,11 +338,11 @@ setup_redir_addr(char *spool_buf, unsign spool_buf = &spool_buf[SOF_REDIR]; space = SOF_REDIR; *** DIFF OUTPUT TRUNCATED AT 1000 LINES *** From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 14:26:42 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9D7CC106566C; Fri, 8 Jul 2011 14:26:42 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 8B8128FC0C; Fri, 8 Jul 2011 14:26:42 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p68EQgTk023448; Fri, 8 Jul 2011 14:26:42 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p68EQgZs023446; Fri, 8 Jul 2011 14:26:42 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201107081426.p68EQgZs023446@svn.freebsd.org> From: Gleb Smirnoff Date: Fri, 8 Jul 2011 14:26:42 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223871 - stable/8/sbin/ipfw X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 14:26:42 -0000 Author: glebius Date: Fri Jul 8 14:26:42 2011 New Revision: 223871 URL: http://svn.freebsd.org/changeset/base/223871 Log: Merge from head/ 220835,220914,223079,223185,223416,223499: Rewrite NAT configuration parser, so that memory allocation size is calculated dynamically. PR: kern/143653 Modified: stable/8/sbin/ipfw/nat.c Directory Properties: stable/8/sbin/ipfw/ (props changed) Modified: stable/8/sbin/ipfw/nat.c ============================================================================== --- stable/8/sbin/ipfw/nat.c Fri Jul 8 13:45:53 2011 (r223870) +++ stable/8/sbin/ipfw/nat.c Fri Jul 8 14:26:42 2011 (r223871) @@ -281,13 +281,6 @@ StrToAddrAndPortRange (const char* str, /* End of stuff taken from natd.c. */ -#define INC_ARGCV() do { \ - (*_av)++; \ - (*_ac)--; \ - av = *_av; \ - ac = *_ac; \ -} while(0) - /* * The next 3 functions add support for the addr, port and proto redirect and * their logic is loosely based on SetupAddressRedirect(), SetupPortRedirect() @@ -318,121 +311,117 @@ StrToAddrAndPortRange (const char* str, */ static int -setup_redir_addr(char *spool_buf, unsigned int len, - int *_ac, char ***_av) +estimate_redir_addr(int *ac, char ***av) +{ + size_t space = sizeof(struct cfg_redir); + char *sep = **av; + u_int c = 0; + + while ((sep = strchr(sep, ',')) != NULL) { + c++; + sep++; + } + + if (c > 0) + c++; + + space += c * sizeof(struct cfg_spool); + + return (space); +} + +static int +setup_redir_addr(char *buf, int *ac, char ***av) { - char **av, *sep; /* Token separator. */ - /* Temporary buffer used to hold server pool ip's. */ - char tmp_spool_buf[NAT_BUF_LEN]; - int ac, space, lsnat; struct cfg_redir *r; - struct cfg_spool *tmp; + char *sep; + size_t space; - av = *_av; - ac = *_ac; - space = 0; - lsnat = 0; - if (len >= SOF_REDIR) { - r = (struct cfg_redir *)spool_buf; - /* Skip cfg_redir at beginning of buf. */ - spool_buf = &spool_buf[SOF_REDIR]; - space = SOF_REDIR; - len -= SOF_REDIR; - } else - goto nospace; + r = (struct cfg_redir *)buf; r->mode = REDIR_ADDR; - /* Extract local address. */ - if (ac == 0) - errx(EX_DATAERR, "redirect_addr: missing local address"); - sep = strchr(*av, ','); - if (sep) { /* LSNAT redirection syntax. */ - r->laddr.s_addr = INADDR_NONE; - /* Preserve av, copy spool servers to tmp_spool_buf. */ - strncpy(tmp_spool_buf, *av, strlen(*av)+1); - lsnat = 1; - } else - StrToAddr(*av, &r->laddr); - INC_ARGCV(); + /* Skip cfg_redir at beginning of buf. */ + buf = &buf[sizeof(struct cfg_redir)]; + space = sizeof(struct cfg_redir); - /* Extract public address. */ - if (ac == 0) - errx(EX_DATAERR, "redirect_addr: missing public address"); - StrToAddr(*av, &r->paddr); - INC_ARGCV(); + /* Extract local address. */ + if ((sep = strtok(**av, ",")) != NULL) { + struct cfg_spool *spool; - /* Setup LSNAT server pool. */ - if (sep) { - sep = strtok(tmp_spool_buf, ","); + /* Setup LSNAT server pool. */ + r->laddr.s_addr = INADDR_NONE; while (sep != NULL) { - tmp = (struct cfg_spool *)spool_buf; - if (len < SOF_SPOOL) - goto nospace; - len -= SOF_SPOOL; - space += SOF_SPOOL; - StrToAddr(sep, &tmp->addr); - tmp->port = ~0; + spool = (struct cfg_spool *)buf; + space += sizeof(struct cfg_spool); + StrToAddr(sep, &spool->addr); + spool->port = ~0; r->spool_cnt++; /* Point to the next possible cfg_spool. */ - spool_buf = &spool_buf[SOF_SPOOL]; + buf = &buf[sizeof(struct cfg_spool)]; sep = strtok(NULL, ","); } + } else + StrToAddr(**av, &r->laddr); + (*av)++; (*ac)--; + + /* Extract public address. */ + StrToAddr(**av, &r->paddr); + (*av)++; (*ac)--; + + return (space); +} + +static int +estimate_redir_port(int *ac, char ***av) +{ + size_t space = sizeof(struct cfg_redir); + char *sep = **av; + u_int c = 0; + + while ((sep = strchr(sep, ',')) != NULL) { + c++; + sep++; } - return(space); -nospace: - errx(EX_DATAERR, "redirect_addr: buf is too small\n"); + + if (c > 0) + c++; + + space += c * sizeof(struct cfg_spool); + + return (space); } static int -setup_redir_port(char *spool_buf, unsigned int len, - int *_ac, char ***_av) +setup_redir_port(char *buf, int *ac, char ***av) { - char **av, *sep, *protoName; - char tmp_spool_buf[NAT_BUF_LEN]; - int ac, space, lsnat; struct cfg_redir *r; - struct cfg_spool *tmp; + char *sep, *protoName, *lsnat = NULL; + size_t space; u_short numLocalPorts; port_range portRange; - av = *_av; - ac = *_ac; - space = 0; - lsnat = 0; numLocalPorts = 0; - if (len >= SOF_REDIR) { - r = (struct cfg_redir *)spool_buf; - /* Skip cfg_redir at beginning of buf. */ - spool_buf = &spool_buf[SOF_REDIR]; - space = SOF_REDIR; - len -= SOF_REDIR; - } else - goto nospace; + r = (struct cfg_redir *)buf; r->mode = REDIR_PORT; + /* Skip cfg_redir at beginning of buf. */ + buf = &buf[sizeof(struct cfg_redir)]; + space = sizeof(struct cfg_redir); + /* * Extract protocol. */ - if (ac == 0) - errx (EX_DATAERR, "redirect_port: missing protocol"); - r->proto = StrToProto(*av); - protoName = *av; - INC_ARGCV(); + r->proto = StrToProto(**av); + protoName = **av; + (*av)++; (*ac)--; /* * Extract local address. */ - if (ac == 0) - errx (EX_DATAERR, "redirect_port: missing local address"); - - sep = strchr(*av, ','); - /* LSNAT redirection syntax. */ - if (sep) { + if ((sep = strchr(**av, ',')) != NULL) { r->laddr.s_addr = INADDR_NONE; r->lport = ~0; numLocalPorts = 1; - /* Preserve av, copy spool servers to tmp_spool_buf. */ - strncpy(tmp_spool_buf, *av, strlen(*av)+1); - lsnat = 1; + lsnat = **av; } else { /* * The sctp nat does not allow the port numbers to be mapped to @@ -440,40 +429,36 @@ setup_redir_port(char *spool_buf, unsign * in the target port field. */ if (r->proto == IPPROTO_SCTP) { - if (strchr (*av, ':')) + if (strchr(**av, ':')) errx(EX_DATAERR, "redirect_port:" - "port numbers do not change in sctp, so do not " - "specify them as part of the target"); + "port numbers do not change in sctp, so do " + "not specify them as part of the target"); else - StrToAddr(*av, &r->laddr); + StrToAddr(**av, &r->laddr); } else { - if (StrToAddrAndPortRange (*av, &r->laddr, protoName, - &portRange) != 0) - errx(EX_DATAERR, "redirect_port:" + if (StrToAddrAndPortRange(**av, &r->laddr, protoName, + &portRange) != 0) + errx(EX_DATAERR, "redirect_port: " "invalid local port range"); r->lport = GETLOPORT(portRange); numLocalPorts = GETNUMPORTS(portRange); } } - INC_ARGCV(); + (*av)++; (*ac)--; /* * Extract public port and optionally address. */ - if (ac == 0) - errx (EX_DATAERR, "redirect_port: missing public port"); - - sep = strchr (*av, ':'); - if (sep) { - if (StrToAddrAndPortRange (*av, &r->paddr, protoName, + if ((sep = strchr(**av, ':')) != NULL) { + if (StrToAddrAndPortRange(**av, &r->paddr, protoName, &portRange) != 0) - errx(EX_DATAERR, "redirect_port:" + errx(EX_DATAERR, "redirect_port: " "invalid public port range"); } else { r->paddr.s_addr = INADDR_ANY; - if (StrToPortRange (*av, protoName, &portRange) != 0) - errx(EX_DATAERR, "redirect_port:" + if (StrToPortRange(**av, protoName, &portRange) != 0) + errx(EX_DATAERR, "redirect_port: " "invalid public port range"); } @@ -483,28 +468,27 @@ setup_redir_port(char *spool_buf, unsign r->lport = r->pport; } r->pport_cnt = GETNUMPORTS(portRange); - INC_ARGCV(); + (*av)++; (*ac)--; /* * Extract remote address and optionally port. */ /* - * NB: isalpha(**av) => we've to check that next parameter is really an + * NB: isdigit(**av) => we've to check that next parameter is really an * option for this redirect entry, else stop here processing arg[cv]. */ - if (ac != 0 && !isalpha(**av)) { - sep = strchr (*av, ':'); - if (sep) { - if (StrToAddrAndPortRange (*av, &r->raddr, protoName, + if (*ac != 0 && isdigit(***av)) { + if ((sep = strchr(**av, ':')) != NULL) { + if (StrToAddrAndPortRange(**av, &r->raddr, protoName, &portRange) != 0) - errx(EX_DATAERR, "redirect_port:" + errx(EX_DATAERR, "redirect_port: " "invalid remote port range"); } else { SETLOPORT(portRange, 0); SETNUMPORTS(portRange, 1); - StrToAddr (*av, &r->raddr); + StrToAddr(**av, &r->raddr); } - INC_ARGCV(); + (*av)++; (*ac)--; } else { SETLOPORT(portRange, 0); SETNUMPORTS(portRange, 1); @@ -517,7 +501,7 @@ setup_redir_port(char *spool_buf, unsign * Make sure port ranges match up, then add the redirect ports. */ if (numLocalPorts != r->pport_cnt) - errx(EX_DATAERR, "redirect_port:" + errx(EX_DATAERR, "redirect_port: " "port ranges must be equal in size"); /* Remote port range is allowed to be '0' which means all ports. */ @@ -526,20 +510,18 @@ setup_redir_port(char *spool_buf, unsign errx(EX_DATAERR, "redirect_port: remote port must" "be 0 or equal to local port range in size"); - /* - * Setup LSNAT server pool. - */ - if (lsnat) { - sep = strtok(tmp_spool_buf, ","); + /* Setup LSNAT server pool. */ + if (lsnat != NULL) { + struct cfg_spool *spool; + + sep = strtok(lsnat, ","); while (sep != NULL) { - tmp = (struct cfg_spool *)spool_buf; - if (len < SOF_SPOOL) - goto nospace; - len -= SOF_SPOOL; - space += SOF_SPOOL; + spool = (struct cfg_spool *)buf; + space += sizeof(struct cfg_spool); /* - * The sctp nat does not allow the port numbers to be mapped to new port numbers - * Therefore, no ports are to be specified in the target port field + * The sctp nat does not allow the port numbers to + * be mapped to new port numbers. Therefore, no ports + * are to be specified in the target port field. */ if (r->proto == IPPROTO_SCTP) { if (strchr (sep, ':')) { @@ -548,11 +530,11 @@ setup_redir_port(char *spool_buf, unsign "sctp, so do not specify them as " "part of the target"); } else { - StrToAddr(sep, &tmp->addr); - tmp->port = r->pport; + StrToAddr(sep, &spool->addr); + spool->port = r->pport; } } else { - if (StrToAddrAndPortRange(sep, &tmp->addr, + if (StrToAddrAndPortRange(sep, &spool->addr, protoName, &portRange) != 0) errx(EX_DATAERR, "redirect_port:" "invalid local port range"); @@ -560,88 +542,73 @@ setup_redir_port(char *spool_buf, unsign errx(EX_DATAERR, "redirect_port: " "local port must be single in " "this context"); - tmp->port = GETLOPORT(portRange); + spool->port = GETLOPORT(portRange); } r->spool_cnt++; /* Point to the next possible cfg_spool. */ - spool_buf = &spool_buf[SOF_SPOOL]; + buf = &buf[sizeof(struct cfg_spool)]; sep = strtok(NULL, ","); } } + return (space); -nospace: - errx(EX_DATAERR, "redirect_port: buf is too small\n"); } static int -setup_redir_proto(char *spool_buf, unsigned int len, - int *_ac, char ***_av) +setup_redir_proto(char *buf, int *ac, char ***av) { - char **av; - int ac, space; - struct protoent *protoent; struct cfg_redir *r; + struct protoent *protoent; + size_t space; - av = *_av; - ac = *_ac; - if (len >= SOF_REDIR) { - r = (struct cfg_redir *)spool_buf; - /* Skip cfg_redir at beginning of buf. */ - spool_buf = &spool_buf[SOF_REDIR]; - space = SOF_REDIR; - len -= SOF_REDIR; - } else - goto nospace; + r = (struct cfg_redir *)buf; r->mode = REDIR_PROTO; + /* Skip cfg_redir at beginning of buf. */ + buf = &buf[sizeof(struct cfg_redir)]; + space = sizeof(struct cfg_redir); + /* * Extract protocol. */ - if (ac == 0) - errx(EX_DATAERR, "redirect_proto: missing protocol"); - - protoent = getprotobyname(*av); + protoent = getprotobyname(**av); if (protoent == NULL) - errx(EX_DATAERR, "redirect_proto: unknown protocol %s", *av); + errx(EX_DATAERR, "redirect_proto: unknown protocol %s", **av); else r->proto = protoent->p_proto; - INC_ARGCV(); + (*av)++; (*ac)--; /* * Extract local address. */ - if (ac == 0) - errx(EX_DATAERR, "redirect_proto: missing local address"); - else - StrToAddr(*av, &r->laddr); + StrToAddr(**av, &r->laddr); - INC_ARGCV(); + (*av)++; (*ac)--; /* * Extract optional public address. */ - if (ac == 0) { + if (*ac == 0) { r->paddr.s_addr = INADDR_ANY; r->raddr.s_addr = INADDR_ANY; } else { /* see above in setup_redir_port() */ - if (!isalpha(**av)) { - StrToAddr(*av, &r->paddr); - INC_ARGCV(); + if (isdigit(***av)) { + StrToAddr(**av, &r->paddr); + (*av)++; (*ac)--; /* * Extract optional remote address. */ /* see above in setup_redir_port() */ - if (ac!=0 && !isalpha(**av)) { - StrToAddr(*av, &r->raddr); - INC_ARGCV(); + if (*ac != 0 && isdigit(***av)) { + StrToAddr(**av, &r->raddr); + (*av)++; (*ac)--; } } } + return (space); -nospace: - errx(EX_DATAERR, "redirect_proto: buf is too small\n"); } static void @@ -763,30 +730,103 @@ void ipfw_config_nat(int ac, char **av) { struct cfg_nat *n; /* Nat instance configuration. */ - int i, len, off, tok; - char *id, buf[NAT_BUF_LEN]; /* Buffer for serialized data. */ - - len = NAT_BUF_LEN; - /* Offset in buf: save space for n at the beginning. */ - off = sizeof(*n); - memset(buf, 0, sizeof(buf)); - n = (struct cfg_nat *)buf; + int i, off, tok, ac1; + char *id, *buf, **av1, *end; + size_t len; - av++; ac--; + av++; + ac--; /* Nat id. */ - if (ac && isdigit(**av)) { - id = *av; - i = atoi(*av); - ac--; av++; - n->id = i; - } else + if (ac == 0) errx(EX_DATAERR, "missing nat id"); + id = *av; + i = (int)strtol(id, &end, 0); + if (i <= 0 || *end != '\0') + errx(EX_DATAERR, "illegal nat id: %s", id); + av++; + ac--; if (ac == 0) errx(EX_DATAERR, "missing option"); + len = sizeof(struct cfg_nat); + ac1 = ac; + av1 = av; + while (ac1 > 0) { + tok = match_token(nat_params, *av1); + ac1--; + av1++; + switch (tok) { + case TOK_IP: + case TOK_IF: + ac1--; + av1++; + break; + case TOK_ALOG: + case TOK_DENY_INC: + case TOK_SAME_PORTS: + case TOK_UNREG_ONLY: + case TOK_RESET_ADDR: + case TOK_ALIAS_REV: + case TOK_PROXY_ONLY: + break; + case TOK_REDIR_ADDR: + if (ac1 < 2) + errx(EX_DATAERR, "redirect_addr: " + "not enough arguments"); + len += estimate_redir_addr(&ac1, &av1); + av1 += 2; + ac1 -= 2; + break; + case TOK_REDIR_PORT: + if (ac1 < 3) + errx(EX_DATAERR, "redirect_port: " + "not enough arguments"); + av1++; + ac1--; + len += estimate_redir_port(&ac1, &av1); + av1 += 2; + ac1 -= 2; + /* Skip optional remoteIP/port */ + if (ac1 != 0 && isdigit(**av1)) { + av1++; + ac1--; + } + break; + case TOK_REDIR_PROTO: + if (ac1 < 2) + errx(EX_DATAERR, "redirect_proto: " + "not enough arguments"); + len += sizeof(struct cfg_redir); + av1 += 2; + ac1 -= 2; + /* Skip optional remoteIP/port */ + if (ac1 != 0 && isdigit(**av1)) { + av1++; + ac1--; + } + if (ac1 != 0 && isdigit(**av1)) { + av1++; + ac1--; + } + break; + default: + errx(EX_DATAERR, "unrecognised option ``%s''", av1[-1]); + } + } + + if ((buf = malloc(len)) == NULL) + errx(EX_OSERR, "malloc failed"); + + /* Offset in buf: save space for n at the beginning. */ + off = sizeof(*n); + memset(buf, 0, len); + n = (struct cfg_nat *)buf; + n->id = i; + while (ac > 0) { tok = match_token(nat_params, *av); - ac--; av++; + ac--; + av++; switch (tok) { case TOK_IP: if (ac == 0) @@ -794,13 +834,15 @@ ipfw_config_nat(int ac, char **av) if (!inet_aton(av[0], &(n->ip))) errx(EX_DATAERR, "bad ip address ``%s''", av[0]); - ac--; av++; + ac--; + av++; break; case TOK_IF: if (ac == 0) errx(EX_DATAERR, "missing option"); set_addr_dynamic(av[0], n); - ac--; av++; + ac--; + av++; break; case TOK_ALOG: n->mode |= PKT_ALIAS_LOG; @@ -832,21 +874,18 @@ ipfw_config_nat(int ac, char **av) case TOK_REDIR_PROTO: switch (tok) { case TOK_REDIR_ADDR: - i = setup_redir_addr(&buf[off], len, &ac, &av); + i = setup_redir_addr(&buf[off], &ac, &av); break; case TOK_REDIR_PORT: - i = setup_redir_port(&buf[off], len, &ac, &av); + i = setup_redir_port(&buf[off], &ac, &av); break; case TOK_REDIR_PROTO: - i = setup_redir_proto(&buf[off], len, &ac, &av); + i = setup_redir_proto(&buf[off], &ac, &av); break; } n->redir_cnt++; off += i; - len -= i; break; - default: - errx(EX_DATAERR, "unrecognised option ``%s''", av[-1]); } } @@ -879,7 +918,8 @@ ipfw_show_nat(int ac, char **av) data = NULL; frule = 0; lrule = IPFW_DEFAULT_RULE; /* max ipfw rule number */ - ac--; av++; + ac--; + av++; if (co.test_only) return; From owner-svn-src-stable-8@FreeBSD.ORG Fri Jul 8 14:30:06 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id CAB581065674; Fri, 8 Jul 2011 14:30:06 +0000 (UTC) (envelope-from glebius@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id AEA4C8FC19; Fri, 8 Jul 2011 14:30:06 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p68EU62B023591; Fri, 8 Jul 2011 14:30:06 GMT (envelope-from glebius@svn.freebsd.org) Received: (from glebius@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p68EU6nb023586; Fri, 8 Jul 2011 14:30:06 GMT (envelope-from glebius@svn.freebsd.org) Message-Id: <201107081430.p68EU6nb023586@svn.freebsd.org> From: Gleb Smirnoff Date: Fri, 8 Jul 2011 14:30:06 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223872 - in stable/8/sys: netgraph netinet netinet/ipfw netinet/libalias X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Jul 2011 14:30:07 -0000 Author: glebius Date: Fri Jul 8 14:30:06 2011 New Revision: 223872 URL: http://svn.freebsd.org/changeset/base/223872 Log: Merge from head/ 220800,220837,220914: Log: LibAliasInit() should allocate memory with M_WAITOK flag. Modify it and its callers. Log: - Rewrite functions that copyin/out NAT configuration, so that they calculate required memory size dynamically. - Fix races on chain re-lock. - Introduce new field to ip_fw_chain - generation count. Now utilized only in the NAT configuration, but can be utilized wider in ipfw. - Get rid of NAT_BUF_LEN in ip_fw.h PR: kern/143653 Modified: stable/8/sys/netgraph/ng_nat.c stable/8/sys/netinet/ip_fw.h stable/8/sys/netinet/ipfw/ip_fw_nat.c stable/8/sys/netinet/ipfw/ip_fw_private.h stable/8/sys/netinet/libalias/alias_db.c Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/netgraph/ng_nat.c ============================================================================== --- stable/8/sys/netgraph/ng_nat.c Fri Jul 8 14:26:42 2011 (r223871) +++ stable/8/sys/netgraph/ng_nat.c Fri Jul 8 14:30:06 2011 (r223872) @@ -280,10 +280,6 @@ ng_nat_constructor(node_p node) /* Init aliasing engine. */ priv->lib = LibAliasInit(NULL); - if (priv->lib == NULL) { - free(priv, M_NETGRAPH); - return (ENOMEM); - } /* Set same ports on. */ (void )LibAliasSetMode(priv->lib, PKT_ALIAS_SAME_PORTS, Modified: stable/8/sys/netinet/ip_fw.h ============================================================================== --- stable/8/sys/netinet/ip_fw.h Fri Jul 8 14:26:42 2011 (r223871) +++ stable/8/sys/netinet/ip_fw.h Fri Jul 8 14:30:06 2011 (r223872) @@ -380,8 +380,6 @@ struct cfg_redir { }; #endif -#define NAT_BUF_LEN 1024 - #ifdef IPFW_INTERNAL /* Nat configuration data struct. */ struct cfg_nat { Modified: stable/8/sys/netinet/ipfw/ip_fw_nat.c ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw_nat.c Fri Jul 8 14:26:42 2011 (r223871) +++ stable/8/sys/netinet/ipfw/ip_fw_nat.c Fri Jul 8 14:30:06 2011 (r223872) @@ -138,7 +138,7 @@ del_redir_spool_cfg(struct cfg_nat *n, s } } -static int +static void add_redir_spool_cfg(char *buf, struct cfg_nat *ptr) { struct cfg_redir *r, *ser_r; @@ -199,7 +199,6 @@ add_redir_spool_cfg(char *buf, struct cf /* And finally hook this redir entry. */ LIST_INSERT_HEAD(&ptr->redir_chain, r, _next); } - return (1); } static int @@ -354,59 +353,57 @@ lookup_nat(struct nat_list *l, int nat_i static int ipfw_nat_cfg(struct sockopt *sopt) { - struct cfg_nat *ptr, *ser_n; + struct cfg_nat *cfg, *ptr; char *buf; struct ip_fw_chain *chain = &V_layer3_chain; + size_t len; + int gencnt, error = 0; - buf = malloc(NAT_BUF_LEN, M_IPFW, M_WAITOK | M_ZERO); - sooptcopyin(sopt, buf, NAT_BUF_LEN, sizeof(struct cfg_nat)); - ser_n = (struct cfg_nat *)buf; + len = sopt->sopt_valsize; + buf = malloc(len, M_TEMP, M_WAITOK | M_ZERO); + if ((error = sooptcopyin(sopt, buf, len, sizeof(struct cfg_nat))) != 0) + goto out; + + cfg = (struct cfg_nat *)buf; + if (cfg->id < 0) { + error = EINVAL; + goto out; + } - /* check valid parameter ser_n->id > 0 ? */ /* * Find/create nat rule. */ IPFW_WLOCK(chain); - ptr = lookup_nat(&chain->nat, ser_n->id); + gencnt = chain->gencnt; + ptr = lookup_nat(&chain->nat, cfg->id); if (ptr == NULL) { + IPFW_WUNLOCK(chain); /* New rule: allocate and init new instance. */ - ptr = malloc(sizeof(struct cfg_nat), - M_IPFW, M_NOWAIT | M_ZERO); - if (ptr == NULL) { - IPFW_WUNLOCK(chain); - free(buf, M_IPFW); - return (ENOSPC); - } + ptr = malloc(sizeof(struct cfg_nat), M_IPFW, M_WAITOK | M_ZERO); ptr->lib = LibAliasInit(NULL); - if (ptr->lib == NULL) { - IPFW_WUNLOCK(chain); - free(ptr, M_IPFW); - free(buf, M_IPFW); - return (EINVAL); - } LIST_INIT(&ptr->redir_chain); } else { - /* Entry already present: temporarly unhook it. */ + /* Entry already present: temporarily unhook it. */ LIST_REMOVE(ptr, _next); - flush_nat_ptrs(chain, ser_n->id); + flush_nat_ptrs(chain, cfg->id); + IPFW_WUNLOCK(chain); } - IPFW_WUNLOCK(chain); /* * Basic nat configuration. */ - ptr->id = ser_n->id; + ptr->id = cfg->id; /* * XXX - what if this rule doesn't nat any ip and just * redirect? * do we set aliasaddress to 0.0.0.0? */ - ptr->ip = ser_n->ip; - ptr->redir_cnt = ser_n->redir_cnt; - ptr->mode = ser_n->mode; - LibAliasSetMode(ptr->lib, ser_n->mode, ser_n->mode); + ptr->ip = cfg->ip; + ptr->redir_cnt = cfg->redir_cnt; + ptr->mode = cfg->mode; + LibAliasSetMode(ptr->lib, cfg->mode, cfg->mode); LibAliasSetAddress(ptr->lib, ptr->ip); - memcpy(ptr->if_name, ser_n->if_name, IF_NAMESIZE); + memcpy(ptr->if_name, cfg->if_name, IF_NAMESIZE); /* * Redir and LSNAT configuration. @@ -415,11 +412,19 @@ ipfw_nat_cfg(struct sockopt *sopt) del_redir_spool_cfg(ptr, &ptr->redir_chain); /* Add new entries. */ add_redir_spool_cfg(&buf[(sizeof(struct cfg_nat))], ptr); - free(buf, M_IPFW); + IPFW_WLOCK(chain); + /* Extra check to avoid race with another ipfw_nat_cfg() */ + if (gencnt != chain->gencnt && + ((cfg = lookup_nat(&chain->nat, ptr->id)) != NULL)) + LIST_REMOVE(cfg, _next); LIST_INSERT_HEAD(&chain->nat, ptr, _next); + chain->gencnt++; IPFW_WUNLOCK(chain); - return (0); + +out: + free(buf, M_TEMP); + return (error); } static int @@ -449,52 +454,61 @@ ipfw_nat_del(struct sockopt *sopt) static int ipfw_nat_get_cfg(struct sockopt *sopt) { - uint8_t *data; + struct ip_fw_chain *chain = &V_layer3_chain; struct cfg_nat *n; struct cfg_redir *r; struct cfg_spool *s; - int nat_cnt, off; - struct ip_fw_chain *chain; - int err = ENOSPC; + char *data; + int gencnt, nat_cnt, len, error; - chain = &V_layer3_chain; nat_cnt = 0; - off = sizeof(nat_cnt); + len = sizeof(nat_cnt); - data = malloc(NAT_BUF_LEN, M_IPFW, M_WAITOK | M_ZERO); IPFW_RLOCK(chain); - /* Serialize all the data. */ +retry: + gencnt = chain->gencnt; + /* Estimate memory amount */ LIST_FOREACH(n, &chain->nat, _next) { nat_cnt++; - if (off + SOF_NAT >= NAT_BUF_LEN) - goto nospace; - bcopy(n, &data[off], SOF_NAT); - off += SOF_NAT; + len += sizeof(struct cfg_nat); LIST_FOREACH(r, &n->redir_chain, _next) { - if (off + SOF_REDIR >= NAT_BUF_LEN) - goto nospace; - bcopy(r, &data[off], SOF_REDIR); - off += SOF_REDIR; + len += sizeof(struct cfg_redir); + LIST_FOREACH(s, &r->spool_chain, _next) + len += sizeof(struct cfg_spool); + } + } + IPFW_RUNLOCK(chain); + + data = malloc(len, M_TEMP, M_WAITOK | M_ZERO); + bcopy(&nat_cnt, data, sizeof(nat_cnt)); + + nat_cnt = 0; + len = sizeof(nat_cnt); + + IPFW_RLOCK(chain); + if (gencnt != chain->gencnt) { + free(data, M_TEMP); + goto retry; + } + /* Serialize all the data. */ + LIST_FOREACH(n, &chain->nat, _next) { + bcopy(n, &data[len], sizeof(struct cfg_nat)); + len += sizeof(struct cfg_nat); + LIST_FOREACH(r, &n->redir_chain, _next) { + bcopy(r, &data[len], sizeof(struct cfg_redir)); + len += sizeof(struct cfg_redir); LIST_FOREACH(s, &r->spool_chain, _next) { - if (off + SOF_SPOOL >= NAT_BUF_LEN) - goto nospace; - bcopy(s, &data[off], SOF_SPOOL); - off += SOF_SPOOL; + bcopy(s, &data[len], sizeof(struct cfg_spool)); + len += sizeof(struct cfg_spool); } } } - err = 0; /* all good */ -nospace: IPFW_RUNLOCK(chain); - if (err == 0) { - bcopy(&nat_cnt, data, sizeof(nat_cnt)); - sooptcopyout(sopt, data, NAT_BUF_LEN); - } else { - printf("serialized data buffer not big enough:" - "please increase NAT_BUF_LEN\n"); - } - free(data, M_IPFW); - return (err); + + error = sooptcopyout(sopt, data, len); + free(data, M_TEMP); + + return (error); } static int Modified: stable/8/sys/netinet/ipfw/ip_fw_private.h ============================================================================== --- stable/8/sys/netinet/ipfw/ip_fw_private.h Fri Jul 8 14:26:42 2011 (r223871) +++ stable/8/sys/netinet/ipfw/ip_fw_private.h Fri Jul 8 14:30:06 2011 (r223872) @@ -225,6 +225,7 @@ struct ip_fw_chain { struct rwlock uh_lock; /* lock for upper half */ #endif uint32_t id; /* ruleset id */ + uint32_t gencnt; /* generation count */ }; struct sockopt; /* used by tcp_var.h */ Modified: stable/8/sys/netinet/libalias/alias_db.c ============================================================================== --- stable/8/sys/netinet/libalias/alias_db.c Fri Jul 8 14:26:42 2011 (r223871) +++ stable/8/sys/netinet/libalias/alias_db.c Fri Jul 8 14:30:06 2011 (r223872) @@ -2492,9 +2492,14 @@ LibAliasInit(struct libalias *la) #endif if (la == NULL) { +#ifdef _KERNEL +#undef malloc /* XXX: ugly */ + la = malloc(sizeof *la, M_ALIAS, M_WAITOK | M_ZERO); +#else la = calloc(sizeof *la, 1); if (la == NULL) return (la); +#endif #ifndef _KERNEL /* kernel cleans up on module unload */ if (LIST_EMPTY(&instancehead)) From owner-svn-src-stable-8@FreeBSD.ORG Sat Jul 9 11:22:24 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F2A6D106566B; Sat, 9 Jul 2011 11:22:23 +0000 (UTC) (envelope-from hselasky@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id E0F448FC08; Sat, 9 Jul 2011 11:22:23 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p69BMNZd098219; Sat, 9 Jul 2011 11:22:23 GMT (envelope-from hselasky@svn.freebsd.org) Received: (from hselasky@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p69BMNkY098214; Sat, 9 Jul 2011 11:22:23 GMT (envelope-from hselasky@svn.freebsd.org) Message-Id: <201107091122.p69BMNkY098214@svn.freebsd.org> From: Hans Petter Selasky Date: Sat, 9 Jul 2011 11:22:23 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223879 - in stable/8/sys/dev: sound/usb usb usb/quirk X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Jul 2011 11:22:24 -0000 Author: hselasky Date: Sat Jul 9 11:22:23 2011 New Revision: 223879 URL: http://svn.freebsd.org/changeset/base/223879 Log: MFC r223727 and r223736: - Add quirk for non-compliant USB MIDI hardware. - Reduce MIDI TX buffer size to 512 bytes. Modified: stable/8/sys/dev/sound/usb/uaudio.c stable/8/sys/dev/usb/quirk/usb_quirk.c stable/8/sys/dev/usb/quirk/usb_quirk.h stable/8/sys/dev/usb/usbdevs Directory Properties: stable/8/sys/ (props changed) stable/8/sys/amd64/include/xen/ (props changed) stable/8/sys/cddl/contrib/opensolaris/ (props changed) stable/8/sys/contrib/dev/acpica/ (props changed) stable/8/sys/contrib/pf/ (props changed) Modified: stable/8/sys/dev/sound/usb/uaudio.c ============================================================================== --- stable/8/sys/dev/sound/usb/uaudio.c Sat Jul 9 08:42:23 2011 (r223878) +++ stable/8/sys/dev/sound/usb/uaudio.c Sat Jul 9 11:22:23 2011 (r223879) @@ -192,7 +192,8 @@ struct uaudio_chan { }; #define UMIDI_CABLES_MAX 16 /* units */ -#define UMIDI_BULK_SIZE 1024 /* bytes */ +#define UMIDI_TX_FRAMES 128 /* units */ +#define UMIDI_TX_BUFFER (UMIDI_TX_FRAMES * 4) /* bytes */ enum { UMIDI_TX_TRANSFER, @@ -235,6 +236,7 @@ struct umidi_chan { uint8_t curr_cable; uint8_t max_cable; uint8_t valid; + uint8_t single_command; }; struct uaudio_softc { @@ -497,8 +499,7 @@ static const struct usb_config .type = UE_BULK, .endpoint = UE_ADDR_ANY, .direction = UE_DIR_OUT, - .bufsize = UMIDI_BULK_SIZE, - .flags = {.pipe_bof = 1,.short_xfer_ok = 1,}, + .bufsize = UMIDI_TX_BUFFER, .callback = &umidi_bulk_write_callback, }, @@ -507,7 +508,7 @@ static const struct usb_config .endpoint = UE_ADDR_ANY, .direction = UE_DIR_IN, .bufsize = 4, /* bytes */ - .flags = {.pipe_bof = 1,.short_xfer_ok = 1,.proxy_buffer = 1,}, + .flags = {.short_xfer_ok = 1,.proxy_buffer = 1,}, .callback = &umidi_bulk_read_callback, }, }; @@ -3541,7 +3542,7 @@ umidi_bulk_write_callback(struct usb_xfe struct umidi_sub_chan *sub; struct usb_page_cache *pc; uint32_t actlen; - uint16_t total_length; + uint16_t nframes; uint8_t buf; uint8_t start_cable; uint8_t tr_any; @@ -3549,6 +3550,10 @@ umidi_bulk_write_callback(struct usb_xfe usbd_xfer_status(xfer, &len, NULL, NULL, NULL); + /* + * NOTE: Some MIDI devices only accept 4 bytes of data per + * short terminated USB transfer. + */ switch (USB_GET_STATE(xfer)) { case USB_ST_TRANSFERRED: DPRINTF("actlen=%d bytes\n", len); @@ -3557,7 +3562,7 @@ umidi_bulk_write_callback(struct usb_xfe tr_setup: DPRINTF("start\n"); - total_length = 0; /* reset */ + nframes = 0; /* reset */ start_cable = chan->curr_cable; tr_any = 0; pc = usbd_xfer_get_frame(xfer, 0); @@ -3569,51 +3574,50 @@ tr_setup: sub = &chan->sub[chan->curr_cable]; if (sub->write_open) { - usb_fifo_get_data(sub->fifo.fp[USB_FIFO_TX], - pc, total_length, 1, &actlen, 0); + usb_fifo_get_data_linear(sub->fifo.fp[USB_FIFO_TX], + &buf, 1, &actlen, 0); } else { actlen = 0; } if (actlen) { - usbd_copy_out(pc, total_length, &buf, 1); tr_any = 1; - DPRINTF("byte=0x%02x\n", buf); + DPRINTF("byte=0x%02x from FIFO %u\n", buf, + (unsigned int)chan->curr_cable); if (umidi_convert_to_usb(sub, chan->curr_cable, buf)) { - DPRINTF("sub= %02x %02x %02x %02x\n", + DPRINTF("sub=0x%02x 0x%02x 0x%02x 0x%02x\n", sub->temp_cmd[0], sub->temp_cmd[1], sub->temp_cmd[2], sub->temp_cmd[3]); - usbd_copy_in(pc, total_length, - sub->temp_cmd, 4); + usbd_copy_in(pc, nframes * 4, sub->temp_cmd, 4); - total_length += 4; + nframes++; - if (total_length >= UMIDI_BULK_SIZE) { + if ((nframes >= UMIDI_TX_FRAMES) || (chan->single_command != 0)) break; - } } else { continue; } } + chan->curr_cable++; - if (chan->curr_cable >= chan->max_cable) { + if (chan->curr_cable >= chan->max_cable) chan->curr_cable = 0; - } + if (chan->curr_cable == start_cable) { - if (tr_any == 0) { + if (tr_any == 0) break; - } tr_any = 0; } } - if (total_length) { - usbd_xfer_set_frame_len(xfer, 0, total_length); + if (nframes != 0) { + DPRINTF("Transferring %d frames\n", (int)nframes); + usbd_xfer_set_frame_len(xfer, 0, 4 * nframes); usbd_transfer_submit(xfer); } break; @@ -3785,6 +3789,9 @@ umidi_probe(device_t dev) int error; uint32_t n; + if (usb_test_quirk(uaa, UQ_SINGLE_CMD_MIDI)) + chan->single_command = 1; + if (usbd_set_alt_interface_index(sc->sc_udev, chan->iface_index, chan->iface_alt_index)) { DPRINTF("setting of alternate index failed!\n"); Modified: stable/8/sys/dev/usb/quirk/usb_quirk.c ============================================================================== --- stable/8/sys/dev/usb/quirk/usb_quirk.c Sat Jul 9 08:42:23 2011 (r223878) +++ stable/8/sys/dev/usb/quirk/usb_quirk.c Sat Jul 9 11:22:23 2011 (r223879) @@ -472,6 +472,7 @@ static struct usb_quirk_entry usb_quirks USB_QUIRK(ROLAND, SD20, 0x0000, 0xffff, UQ_AU_VENDOR_CLASS), USB_QUIRK(ROLAND, SD80, 0x0000, 0xffff, UQ_AU_VENDOR_CLASS), USB_QUIRK(ROLAND, UA700, 0x0000, 0xffff, UQ_AU_VENDOR_CLASS), + USB_QUIRK(MEDELI, DD305, 0x0000, 0xffff, UQ_SINGLE_CMD_MIDI, UQ_MATCH_VENDOR_ONLY), }; #undef USB_QUIRK_VP #undef USB_QUIRK @@ -538,6 +539,7 @@ static const char *usb_quirk_str[USB_QUI [UQ_MSC_EJECT_TCT] = "UQ_MSC_EJECT_TCT", [UQ_BAD_MIDI] = "UQ_BAD_MIDI", [UQ_AU_VENDOR_CLASS] = "UQ_AU_VENDOR_CLASS", + [UQ_SINGLE_CMD_MIDI] = "UQ_SINGLE_CMD_MIDI", }; /*------------------------------------------------------------------------* Modified: stable/8/sys/dev/usb/quirk/usb_quirk.h ============================================================================== --- stable/8/sys/dev/usb/quirk/usb_quirk.h Sat Jul 9 08:42:23 2011 (r223878) +++ stable/8/sys/dev/usb/quirk/usb_quirk.h Sat Jul 9 11:22:23 2011 (r223879) @@ -102,6 +102,7 @@ enum { UQ_BAD_MIDI, /* device claims MIDI class, but isn't */ UQ_AU_VENDOR_CLASS, /* audio device uses vendor and not audio class */ + UQ_SINGLE_CMD_MIDI, /* at most one command per USB packet */ USB_QUIRK_MAX }; Modified: stable/8/sys/dev/usb/usbdevs ============================================================================== --- stable/8/sys/dev/usb/usbdevs Sat Jul 9 08:42:23 2011 (r223878) +++ stable/8/sys/dev/usb/usbdevs Sat Jul 9 11:22:23 2011 (r223879) @@ -484,6 +484,7 @@ vendor SHANTOU 0x0a46 ShanTou vendor MEDIAGEAR 0x0a48 MediaGear vendor BROADCOM 0x0a5c Broadcom vendor GREENHOUSE 0x0a6b GREENHOUSE +vendor MEDELI 0x0a67 Medeli vendor GEOCAST 0x0a79 Geocast Network Systems vendor IDQUANTIQUE 0x0aba id Quantique vendor ZYDAS 0x0ace Zydas Technology Corporation @@ -2129,6 +2130,9 @@ product MCT DU_H3SP_USB232 0x0200 D-Link product MCT USB232 0x0210 USB-232 Interface product MCT SITECOM_USB232 0x0230 Sitecom USB-232 Products +/* Medeli */ +product MEDELI DD305 0x5011 DD305 Digital Drum Set + /* MediaTek, Inc. */ product MEDIATEK MTK3329 0x3329 MTK II GPS Receiver From owner-svn-src-stable-8@FreeBSD.ORG Sat Jul 9 12:02:41 2011 Return-Path: Delivered-To: svn-src-stable-8@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id F40F11065692; Sat, 9 Jul 2011 12:02:40 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id DE34D8FC0C; Sat, 9 Jul 2011 12:02:40 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p69C2eHA099439; Sat, 9 Jul 2011 12:02:40 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p69C2ewH099436; Sat, 9 Jul 2011 12:02:40 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201107091202.p69C2ewH099436@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Sat, 9 Jul 2011 12:02:40 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-8@freebsd.org X-SVN-Group: stable-8 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r223880 - stable/8/sbin/geom/class/part X-BeenThere: svn-src-stable-8@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for only the 8-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 09 Jul 2011 12:02:42 -0000 Author: ae Date: Sat Jul 9 12:02:40 2011 New Revision: 223880 URL: http://svn.freebsd.org/changeset/base/223880 Log: MFC r221363,221967,222263,222264,222630,222631,222819,223158,223355: r221363: Add "-a alignment" option to gpart(8). When it specified gpart(8) tries to align partition start offset and size to be multiple of alignment value. r221967: Some partitioning schemes want to have partitions that are aligned with geometry. And they do recalculation of user specified parameters. MBR, PC98, VTOC8, EBR schemes are doing that. For these schemes an auto alignment feature (ie. gpart add -a alignment) would not work. But it can work for GPT and BSD schemes. BSD scheme usualy is created inside MBR, so we can use knowledge about offset of MBR partition to calculate aligned values for BSD partitions. Use "offset" attribute of the parent provider for better alignment. r222263: Fix calculation of alignment for odd values. Also do not change value when it is already aligned. r222264: Simplify ALIGNDOWN macro. r222630: Use stripesize and stripeoffset in the automatic calculation of partition offsets. If user requests specific alignment and provider's stripesize is not zero, then use a least common multiple from the stripesize and user specified value. Also fix "gpart resize" implementation: do not try to align the partition size, because the start offset may be not aligned. Instead align the end offset and then calculate size. Also use stripesize and stripeoffset for "gpart resize" command. r222631: Always use LCM when stripesize > 0. r222819: Do not use LCM from stripesize and user specified alignment value. When user wants have specific alignment - do what user wants. Use stripesize as alignment value in case, when some of gpart's arguments are ommitted for automatic calculation. Suggested by: mav r223158: Add "alignment" param to the request before calling gpart_autofill(). r223355: The "size" param needs no adjusting to stripeoffset. Reported by: Kris Moore Modified: stable/8/sbin/geom/class/part/geom_part.c stable/8/sbin/geom/class/part/gpart.8 Directory Properties: stable/8/sbin/geom/class/part/ (props changed) Modified: stable/8/sbin/geom/class/part/geom_part.c ============================================================================== --- stable/8/sbin/geom/class/part/geom_part.c Sat Jul 9 11:22:23 2011 (r223879) +++ stable/8/sbin/geom/class/part/geom_part.c Sat Jul 9 12:02:40 2011 (r223880) @@ -94,6 +94,7 @@ static void gpart_restore(struct gctl_re struct g_command PUBSYM(class_commands)[] = { { "add", 0, gpart_issue, { + { 'a', "alignment", autofill, G_TYPE_STRING }, { 'b', "start", autofill, G_TYPE_STRING }, { 's', "size", autofill, G_TYPE_STRING }, { 't', "type", NULL, G_TYPE_STRING }, @@ -164,6 +165,7 @@ struct g_command PUBSYM(class_commands)[ "geom", NULL }, { "resize", 0, gpart_issue, { + { 'a', "alignment", autofill, G_TYPE_STRING }, { 's', "size", autofill, G_TYPE_STRING }, { 'i', index_param, NULL, G_TYPE_ASCNUM }, { 'f', "flags", flags, G_TYPE_STRING }, @@ -294,6 +296,9 @@ fmtattrib(struct gprovider *pp) return (buf); } +#define ALIGNDOWN(d, a) ((d) - (d) % (a)) +#define ALIGNUP(d, a) ((d) % (a) ? (d) - (d) % (a) + (a): (d)) + static int gpart_autofill_resize(struct gctl_req *req) { @@ -302,7 +307,7 @@ gpart_autofill_resize(struct gctl_req *r struct ggeom *gp; struct gprovider *pp; off_t last, size, start, new_size; - off_t lba, new_lba; + off_t lba, new_lba, alignment, offset; const char *s; char *val; int error, idx; @@ -331,6 +336,23 @@ gpart_autofill_resize(struct gctl_req *r if (pp == NULL) errx(EXIT_FAILURE, "Provider for geom %s not found.", s); + s = gctl_get_ascii(req, "alignment"); + alignment = 1; + if (*s != '*') { + error = g_parse_lba(s, pp->lg_sectorsize, &alignment); + if (error) + errc(EXIT_FAILURE, error, "Invalid alignment param"); + if (alignment == 0) + errx(EXIT_FAILURE, "Invalid alignment param"); + } else { + lba = pp->lg_stripesize / pp->lg_sectorsize; + if (lba > 0) + alignment = lba; + } + error = gctl_delete_param(req, "alignment"); + if (error) + errc(EXIT_FAILURE, error, "internal error"); + s = gctl_get_ascii(req, "size"); if (*s == '*') new_size = 0; @@ -339,9 +361,11 @@ gpart_autofill_resize(struct gctl_req *r if (error) errc(EXIT_FAILURE, error, "Invalid size param"); /* no autofill necessary. */ - goto done; + if (alignment == 1) + goto done; } + offset = pp->lg_stripeoffset / pp->lg_sectorsize; last = (off_t)strtoimax(find_geomcfg(gp, "last"), NULL, 0); LIST_FOREACH(pp, &gp->lg_provider, lg_provider) { s = find_provcfg(pp, "index"); @@ -362,20 +386,28 @@ gpart_autofill_resize(struct gctl_req *r s = find_provcfg(pp, "end"); if (s == NULL) { s = find_provcfg(pp, "length"); - lba = start + + lba = start - 1 + (off_t)strtoimax(s, NULL, 0) / pp->lg_sectorsize; } else - lba = (off_t)strtoimax(s, NULL, 0) + 1; + lba = (off_t)strtoimax(s, NULL, 0); + size = lba - start + 1; - if (lba > last) { - geom_deletetree(&mesh); - return (ENOSPC); + if (new_size > 0 && new_size <= size) { + /* The start offset may be not aligned, so we align the end + * offset and then calculate the size. + */ + new_size = ALIGNDOWN(start + offset + new_size, + alignment) - start - offset; + goto done; } - size = lba - start; - pp = find_provider(gp, lba); - if (pp == NULL) - new_size = last - start + 1; - else { + + pp = find_provider(gp, lba + 1); + if (pp == NULL) { + new_size = ALIGNDOWN(last + offset + 1, alignment) - + start - offset; + if (new_size < size) + return (ENOSPC); + } else { s = find_provcfg(pp, "start"); if (s == NULL) { s = find_provcfg(pp, "offset"); @@ -387,6 +419,7 @@ gpart_autofill_resize(struct gctl_req *r * Is there any free space between current and * next providers? */ + new_lba = ALIGNDOWN(new_lba + offset, alignment) - offset; if (new_lba > lba) new_size = new_lba - start; else { @@ -408,12 +441,12 @@ gpart_autofill(struct gctl_req *req) struct gclass *cp; struct ggeom *gp; struct gprovider *pp; - off_t first, last; - off_t size, start; - off_t lba, len; + off_t first, last, a_first; + off_t size, start, a_lba; + off_t lba, len, alignment, offset; uintmax_t grade; const char *s; - int error, has_size, has_start; + int error, has_size, has_start, has_alignment; s = gctl_get_ascii(req, "verb"); if (strcmp(s, "resize") == 0) @@ -440,6 +473,20 @@ gpart_autofill(struct gctl_req *req) if (pp == NULL) errx(EXIT_FAILURE, "Provider for geom %s not found.", s); + s = gctl_get_ascii(req, "alignment"); + has_alignment = (*s == '*') ? 0 : 1; + alignment = 1; + if (has_alignment) { + error = g_parse_lba(s, pp->lg_sectorsize, &alignment); + if (error) + errc(EXIT_FAILURE, error, "Invalid alignment param"); + if (alignment == 0) + errx(EXIT_FAILURE, "Invalid alignment param"); + } + error = gctl_delete_param(req, "alignment"); + if (error) + errc(EXIT_FAILURE, error, "internal error"); + s = gctl_get_ascii(req, "size"); has_size = (*s == '*') ? 0 : 1; size = 0; @@ -459,12 +506,24 @@ gpart_autofill(struct gctl_req *req) } /* No autofill necessary. */ - if (has_size && has_start) + if (has_size && has_start && !has_alignment) goto done; + len = pp->lg_stripesize / pp->lg_sectorsize; + if (len > 0 && !has_alignment) + alignment = len; + + /* Adjust parameters to stripeoffset */ + offset = pp->lg_stripeoffset / pp->lg_sectorsize; + start = ALIGNUP(start + offset, alignment); + if (size > alignment) + size = ALIGNDOWN(size, alignment); + first = (off_t)strtoimax(find_geomcfg(gp, "first"), NULL, 0); last = (off_t)strtoimax(find_geomcfg(gp, "last"), NULL, 0); grade = ~0ULL; + a_first = ALIGNUP(first + offset, alignment); + last = ALIGNDOWN(last + offset, alignment); while ((pp = find_provider(gp, first)) != NULL) { s = find_provcfg(pp, "start"); if (s == NULL) { @@ -473,23 +532,24 @@ gpart_autofill(struct gctl_req *req) } else lba = (off_t)strtoimax(s, NULL, 0); - if (first < lba) { + a_lba = ALIGNDOWN(lba + offset, alignment); + if (first < a_lba && a_first < a_lba) { /* Free space [first, lba> */ - len = lba - first; + len = a_lba - a_first; if (has_size) { if (len >= size && (uintmax_t)(len - size) < grade) { - start = first; + start = a_first; grade = len - size; } } else if (has_start) { - if (start >= first && start < lba) { - size = lba - start; - grade = start - first; + if (start >= a_first && start < a_lba) { + size = a_lba - start; + grade = start - a_first; } } else { if (grade == ~0ULL || len > size) { - start = first; + start = a_first; size = len; grade = 0; } @@ -503,35 +563,35 @@ gpart_autofill(struct gctl_req *req) (off_t)strtoimax(s, NULL, 0) / pp->lg_sectorsize; } else first = (off_t)strtoimax(s, NULL, 0) + 1; + a_first = ALIGNUP(first + offset, alignment); } - if (first <= last) { + if (a_first <= last) { /* Free space [first-last] */ - len = last - first + 1; + len = ALIGNDOWN(last - a_first + 1, alignment); if (has_size) { if (len >= size && (uintmax_t)(len - size) < grade) { - start = first; + start = a_first; grade = len - size; } } else if (has_start) { - if (start >= first && start <= last) { - size = last - start + 1; - grade = start - first; + if (start >= a_first && start <= last) { + size = ALIGNDOWN(last - start + 1, alignment); + grade = start - a_first; } } else { if (grade == ~0ULL || len > size) { - start = first; + start = a_first; size = len; grade = 0; } } } - if (grade == ~0ULL) { geom_deletetree(&mesh); return (ENOSPC); } - + start -= offset; /* Return back to real offset */ done: snprintf(ssize, sizeof(ssize), "%jd", (intmax_t)size); gctl_change_param(req, "size", -1, ssize); @@ -907,6 +967,7 @@ gpart_restore(struct gctl_req *req, unsi gctl_ro_param(r, "size", -1, argv[3]); if (rl != 0 && label != NULL) gctl_ro_param(r, "label", -1, argv[4]); + gctl_ro_param(r, "alignment", -1, autofill); gctl_ro_param(r, "geom", -1, s); error = gpart_autofill(r); if (error != 0) Modified: stable/8/sbin/geom/class/part/gpart.8 ============================================================================== --- stable/8/sbin/geom/class/part/gpart.8 Sat Jul 9 11:22:23 2011 (r223879) +++ stable/8/sbin/geom/class/part/gpart.8 Sat Jul 9 12:02:40 2011 (r223880) @@ -91,6 +91,7 @@ utility: .Nm .Cm add .Fl t Ar type +.Op Fl a Ar alignment .Op Fl b Ar start .Op Fl s Ar size .Op Fl i Ar index @@ -148,6 +149,7 @@ utility: .Nm .Cm resize .Fl i Ar index +.Op Fl a Ar alignment .Op Fl s Ar size .Op Fl f Ar flags .Ar geom @@ -209,7 +211,17 @@ Partition types are discussed below in t .Sx "PARTITION TYPES" . .Pp Additional options include: -.Bl -tag -width 10n +.Bl -tag -width 12n +.It Fl a Ar alignment +If specified, then +.Nm +utility tries to align +.Ar start +offset and partition +.Ar size +to be multiple of +.Ar alignment +value. .It Fl i Ar index The index in the partition table at which the new partition is to be placed. @@ -416,7 +428,15 @@ to maximum available from given geom .Ar geom . .Pp Additional options include: -.Bl -tag -width 10n +.Bl -tag -width 12n +.It Fl a Ar alignment +If specified, then +.Nm +utility tries to align partition +.Ar size +to be multiple of +.Ar alignment +value. .It Fl f Ar flags Additional operational flags. See the section entitled @@ -833,6 +853,13 @@ partition that would contain UFS where t /sbin/gpart add -s 512M -t freebsd-ufs da0 .Ed .Pp +Create a 15GB-sized +.Cm freebsd-ufs +partition that would contain UFS and aligned on 4KB boundaries: +.Bd -literal -offset indent +/sbin/gpart add -s 15G -t freebsd-ufs -a 4k da0 +.Ed +.Pp After having created all required partitions, embed bootstrap code into them. .Bd -literal -offset indent /sbin/gpart bootcode -p /boot/boot1 da0