From owner-svn-src-stable-10@freebsd.org Mon Aug 20 05:32:43 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1F2D81084110; Mon, 20 Aug 2018 05:32:43 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C9B947BF49; Mon, 20 Aug 2018 05:32:42 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id AABC811184; Mon, 20 Aug 2018 05:32:42 +0000 (UTC) (envelope-from jamie@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7K5Wg32025127; Mon, 20 Aug 2018 05:32:42 GMT (envelope-from jamie@FreeBSD.org) Received: (from jamie@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7K5WgYj025126; Mon, 20 Aug 2018 05:32:42 GMT (envelope-from jamie@FreeBSD.org) Message-Id: <201808200532.w7K5WgYj025126@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: jamie set sender to jamie@FreeBSD.org using -f From: Jamie Gritton Date: Mon, 20 Aug 2018 05:32:42 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338091 - stable/10/usr.sbin/jail X-SVN-Group: stable-10 X-SVN-Commit-Author: jamie X-SVN-Commit-Paths: stable/10/usr.sbin/jail X-SVN-Commit-Revision: 338091 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Aug 2018 05:32:43 -0000 Author: jamie Date: Mon Aug 20 05:32:42 2018 New Revision: 338091 URL: https://svnweb.freebsd.org/changeset/base/338091 Log: MFC r337867: Don't let clobber jailparam values when checking for modification of init-only parameters. PR: 230487 Submitted by: Jason Mader Modified: stable/10/usr.sbin/jail/jail.c Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/jail/jail.c ============================================================================== --- stable/10/usr.sbin/jail/jail.c Mon Aug 20 05:32:40 2018 (r338090) +++ stable/10/usr.sbin/jail/jail.c Mon Aug 20 05:32:42 2018 (r338091) @@ -800,8 +800,10 @@ rdtun_params(struct cfjail *j, int dofail) exit(1); } for (jp = j->jp; jp < j->jp + j->njp; jp++) - if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) + if (JP_RDTUN(jp) && strcmp(jp->jp_name, "jid")) { *++rtjp = *jp; + rtjp->jp_value = NULL; + } rval = 0; if (jailparam_get(rtparams, nrt, bool_param(j->intparams[IP_ALLOW_DYING]) ? JAIL_DYING : 0) > 0) { @@ -812,8 +814,11 @@ rdtun_params(struct cfjail *j, int dofail) jp->jp_valuelen == 0 && *(int *)jp->jp_value) && !(rtjp->jp_valuelen == jp->jp_valuelen && - !memcmp(rtjp->jp_value, jp->jp_value, - jp->jp_valuelen))) { + !((jp->jp_ctltype & CTLTYPE) == + CTLTYPE_STRING ? strncmp(rtjp->jp_value, + jp->jp_value, jp->jp_valuelen) : + memcmp(rtjp->jp_value, jp->jp_value, + jp->jp_valuelen)))) { if (dofail) { jail_warnx(j, "%s cannot be " "changed after creation", From owner-svn-src-stable-10@freebsd.org Mon Aug 20 15:43:09 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BDAEE1072D48; Mon, 20 Aug 2018 15:43:09 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 736B373363; Mon, 20 Aug 2018 15:43:09 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5488317506; Mon, 20 Aug 2018 15:43:09 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7KFh97H053950; Mon, 20 Aug 2018 15:43:09 GMT (envelope-from kp@FreeBSD.org) Received: (from kp@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7KFh92l053949; Mon, 20 Aug 2018 15:43:09 GMT (envelope-from kp@FreeBSD.org) Message-Id: <201808201543.w7KFh92l053949@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kp set sender to kp@FreeBSD.org using -f From: Kristof Provost Date: Mon, 20 Aug 2018 15:43:09 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338106 - stable/10/sys/netpfil/pf X-SVN-Group: stable-10 X-SVN-Commit-Author: kp X-SVN-Commit-Paths: stable/10/sys/netpfil/pf X-SVN-Commit-Revision: 338106 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Aug 2018 15:43:09 -0000 Author: kp Date: Mon Aug 20 15:43:08 2018 New Revision: 338106 URL: https://svnweb.freebsd.org/changeset/base/338106 Log: MFC r337969: pf: Limit the maximum number of fragments per packet Similar to the network stack issue fixed in r337782 pf did not limit the number of fragments per packet, which could be exploited to generate high CPU loads with a crafted series of packets. Limit each packet to no more than 64 fragments. This should be sufficient on typical networks to allow maximum-sized IP frames. This addresses the issue for both IPv4 and IPv6. Security: CVE-2018-5391 Sponsored by: Klara Systems Modified: stable/10/sys/netpfil/pf/pf_norm.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/netpfil/pf/pf_norm.c ============================================================================== --- stable/10/sys/netpfil/pf/pf_norm.c Mon Aug 20 14:35:54 2018 (r338105) +++ stable/10/sys/netpfil/pf/pf_norm.c Mon Aug 20 15:43:08 2018 (r338106) @@ -95,8 +95,10 @@ struct pf_fragment { uint16_t fr_max; /* fragment data max */ uint32_t fr_timeout; uint16_t fr_maxlen; /* maximum length of single fragment */ + uint16_t fr_entries; /* Total number of pf_fragment entries */ TAILQ_HEAD(pf_fragq, pf_frent) fr_queue; }; +#define PF_MAX_FRENT_PER_FRAGMENT 64 struct pf_fragment_tag { uint16_t ft_hdrlen; /* header length of reassembled pkt */ @@ -436,6 +438,7 @@ pf_fillup_fragment(struct pf_fragment_cmp *key, struct frag->fr_flags = 0; frag->fr_timeout = time_uptime; frag->fr_maxlen = frent->fe_len; + frag->fr_entries = 0; TAILQ_INIT(&frag->fr_queue); RB_INSERT(pf_frag_tree, &V_pf_frag_tree, frag); @@ -447,6 +450,9 @@ pf_fillup_fragment(struct pf_fragment_cmp *key, struct return (frag); } + if (frag->fr_entries >= PF_MAX_FRENT_PER_FRAGMENT) + goto bad_fragment; + KASSERT(!TAILQ_EMPTY(&frag->fr_queue), ("!TAILQ_EMPTY()->fr_queue")); /* Remember maximum fragment len for refragmentation. */ @@ -518,6 +524,8 @@ pf_fillup_fragment(struct pf_fragment_cmp *key, struct TAILQ_INSERT_HEAD(&frag->fr_queue, frent, fr_next); else TAILQ_INSERT_AFTER(&frag->fr_queue, prev, frent, fr_next); + + frag->fr_entries++; return (frag); From owner-svn-src-stable-10@freebsd.org Tue Aug 21 00:37:50 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 2025810821B7; Tue, 21 Aug 2018 00:37:50 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id C80668A493; Tue, 21 Aug 2018 00:37:49 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id A87771CB67; Tue, 21 Aug 2018 00:37:49 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7L0bnLw036126; Tue, 21 Aug 2018 00:37:49 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7L0bnD8036125; Tue, 21 Aug 2018 00:37:49 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201808210037.w7L0bnD8036125@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Tue, 21 Aug 2018 00:37:49 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338123 - in stable: 10/sys/contrib/ipfilter/netinet 11/sys/contrib/ipfilter/netinet X-SVN-Group: stable-10 X-SVN-Commit-Author: cy X-SVN-Commit-Paths: in stable: 10/sys/contrib/ipfilter/netinet 11/sys/contrib/ipfilter/netinet X-SVN-Commit-Revision: 338123 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Aug 2018 00:37:50 -0000 Author: cy Date: Tue Aug 21 00:37:48 2018 New Revision: 338123 URL: https://svnweb.freebsd.org/changeset/base/338123 Log: MFC r337410: Remove redundant and incorrect default definition of AF_INET6. AF_INET6 is defined in sys/socket.h where it's defined as 28. A bit of trivia: On NetBSD AF_INET6 is defined as 24. On Solaris it is defined as 26. This is probably why Darren defaulted to 26, because ipfilter was originally written for SunOS 4 and Solaris many moons ago. Modified: stable/10/sys/contrib/ipfilter/netinet/ip_compat.h Directory Properties: stable/10/ (props changed) Changes in other areas also in this revision: Modified: stable/11/sys/contrib/ipfilter/netinet/ip_compat.h Directory Properties: stable/11/ (props changed) Modified: stable/10/sys/contrib/ipfilter/netinet/ip_compat.h ============================================================================== --- stable/10/sys/contrib/ipfilter/netinet/ip_compat.h Mon Aug 20 22:23:59 2018 (r338122) +++ stable/10/sys/contrib/ipfilter/netinet/ip_compat.h Tue Aug 21 00:37:48 2018 (r338123) @@ -1448,10 +1448,6 @@ typedef struct tcpiphdr tcpiphdr_t; # define DPRINT(x) #endif -#ifndef AF_INET6 -# define AF_INET6 26 -#endif - #ifdef DTRACE_PROBE # ifdef _KERNEL # define DT(_n) DTRACE_PROBE(_n) From owner-svn-src-stable-10@freebsd.org Tue Aug 21 11:17:26 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C1737106DB02; Tue, 21 Aug 2018 11:17:26 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 775847E70B; Tue, 21 Aug 2018 11:17:26 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5448623399; Tue, 21 Aug 2018 11:17:26 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7LBHQ91065018; Tue, 21 Aug 2018 11:17:26 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7LBHPPv065014; Tue, 21 Aug 2018 11:17:25 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201808211117.w7LBHPPv065014@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Tue, 21 Aug 2018 11:17:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338132 - in stable/10/sys/fs: nfs nfsserver X-SVN-Group: stable-10 X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: in stable/10/sys/fs: nfs nfsserver X-SVN-Commit-Revision: 338132 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Aug 2018 11:17:27 -0000 Author: rmacklem Date: Tue Aug 21 11:17:25 2018 New Revision: 338132 URL: https://svnweb.freebsd.org/changeset/base/338132 Log: MFC: r336839 Modify the NFSv4.1 server so that it allows ReclaimComplete as done by ESXi 6.7. I believe that a ReclaimComplete with rca_one_fs == TRUE is only to be used after a file system has been transferred to a different file server. However, RFC5661 is somewhat vague w.r.t. this and the ESXi 6.7 client does both a ReclaimComplete with rca_one_fs == TRUE and one with ReclaimComplete with rca_one_fs == FALSE. Therefore, just ignore the rca_one_fs == TRUE operation and return NFS_OK without doing anything instead of replying NFS4ERR_NOTSUPP. This allows the ESXi 6.7 NFSv4.1 client to do a mount. After discussion on the NFSv4 IETF working group mailing list, doing this along with setting a flag to note that a ReclaimComplete with rca_one_fs TRUE was an appropriate way to handle this. The flag that indicates that a ReclaimComplete with rca_one_fs == TRUE was done may be used to disable replies of NFS4ERR_GRACE for non-reclaim state operations in a future commit. This patch along with r332790, r334492 and r336357 allow ESXi 6.7 NFSv4.1 mounts work ok. ESX 6.5 NFSv4.1 mounts do not work well, due to what I believe are violations of RFC-5661 and should not be used. Modified: stable/10/sys/fs/nfs/nfs.h stable/10/sys/fs/nfs/nfs_var.h stable/10/sys/fs/nfsserver/nfs_nfsdserv.c stable/10/sys/fs/nfsserver/nfs_nfsdstate.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/fs/nfs/nfs.h ============================================================================== --- stable/10/sys/fs/nfs/nfs.h Tue Aug 21 11:10:49 2018 (r338131) +++ stable/10/sys/fs/nfs/nfs.h Tue Aug 21 11:17:25 2018 (r338132) @@ -289,6 +289,7 @@ struct nfsreferral { #define LCL_RECLAIMCOMPLETE 0x00010000 #define LCL_NFSV41 0x00020000 #define LCL_DONEBINDCONN 0x00040000 +#define LCL_RECLAIMONEFS 0x00080000 #define LCL_GSS LCL_KERBV /* Or of all mechs */ Modified: stable/10/sys/fs/nfs/nfs_var.h ============================================================================== --- stable/10/sys/fs/nfs/nfs_var.h Tue Aug 21 11:10:49 2018 (r338131) +++ stable/10/sys/fs/nfs/nfs_var.h Tue Aug 21 11:17:25 2018 (r338132) @@ -135,7 +135,7 @@ void nfsrv_nfsuserddelport(void); void nfsrv_throwawayallstate(NFSPROC_T *); int nfsrv_checksequence(struct nfsrv_descript *, uint32_t, uint32_t *, uint32_t *, int, uint32_t *, NFSPROC_T *); -int nfsrv_checkreclaimcomplete(struct nfsrv_descript *); +int nfsrv_checkreclaimcomplete(struct nfsrv_descript *, int); void nfsrv_cache_session(uint8_t *, uint32_t, int, struct mbuf **); void nfsrv_freeallbackchannel_xprts(void); Modified: stable/10/sys/fs/nfsserver/nfs_nfsdserv.c ============================================================================== --- stable/10/sys/fs/nfsserver/nfs_nfsdserv.c Tue Aug 21 11:10:49 2018 (r338131) +++ stable/10/sys/fs/nfsserver/nfs_nfsdserv.c Tue Aug 21 11:17:25 2018 (r338132) @@ -3985,17 +3985,26 @@ nfsrvd_reclaimcomplete(struct nfsrv_descript *nd, __un __unused vnode_t vp, __unused NFSPROC_T *p, __unused struct nfsexstuff *exp) { uint32_t *tl; - int error = 0; + int error = 0, onefs; if (nfs_rootfhset == 0 || nfsd_checkrootexp(nd) != 0) { nd->nd_repstat = NFSERR_WRONGSEC; goto nfsmout; } NFSM_DISSECT(tl, uint32_t *, NFSX_UNSIGNED); + /* + * I believe that a ReclaimComplete with rca_one_fs == TRUE is only + * to be used after a file system has been transferred to a different + * file server. However, RFC5661 is somewhat vague w.r.t. this and + * the ESXi 6.7 client does both a ReclaimComplete with rca_one_fs + * == TRUE and one with ReclaimComplete with rca_one_fs == FALSE. + * Therefore, just ignore the rca_one_fs == TRUE operation and return + * NFS_OK without doing anything. + */ + onefs = 0; if (*tl == newnfs_true) - nd->nd_repstat = NFSERR_NOTSUPP; - else - nd->nd_repstat = nfsrv_checkreclaimcomplete(nd); + onefs = 1; + nd->nd_repstat = nfsrv_checkreclaimcomplete(nd, onefs); nfsmout: NFSEXITCODE2(error, nd); return (error); Modified: stable/10/sys/fs/nfsserver/nfs_nfsdstate.c ============================================================================== --- stable/10/sys/fs/nfsserver/nfs_nfsdstate.c Tue Aug 21 11:10:49 2018 (r338131) +++ stable/10/sys/fs/nfsserver/nfs_nfsdstate.c Tue Aug 21 11:17:25 2018 (r338132) @@ -5938,7 +5938,7 @@ nfsrv_checksequence(struct nfsrv_descript *nd, uint32_ * Check/set reclaim complete for this session/clientid. */ int -nfsrv_checkreclaimcomplete(struct nfsrv_descript *nd) +nfsrv_checkreclaimcomplete(struct nfsrv_descript *nd, int onefs) { struct nfsdsession *sep; struct nfssessionhash *shp; @@ -5954,8 +5954,10 @@ nfsrv_checkreclaimcomplete(struct nfsrv_descript *nd) return (NFSERR_BADSESSION); } - /* Check to see if reclaim complete has already happened. */ - if ((sep->sess_clp->lc_flags & LCL_RECLAIMCOMPLETE) != 0) + if (onefs != 0) + sep->sess_clp->lc_flags |= LCL_RECLAIMONEFS; + /* Check to see if reclaim complete has already happened. */ + else if ((sep->sess_clp->lc_flags & LCL_RECLAIMCOMPLETE) != 0) error = NFSERR_COMPLETEALREADY; else { sep->sess_clp->lc_flags |= LCL_RECLAIMCOMPLETE; From owner-svn-src-stable-10@freebsd.org Wed Aug 22 01:04:53 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6DBDA10858BE; Wed, 22 Aug 2018 01:04:53 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1D73377AE6; Wed, 22 Aug 2018 01:04:53 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id EC7DD4051; Wed, 22 Aug 2018 01:04:52 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7M14qiD091872; Wed, 22 Aug 2018 01:04:52 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7M14qQk091871; Wed, 22 Aug 2018 01:04:52 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201808220104.w7M14qQk091871@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Wed, 22 Aug 2018 01:04:52 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338169 - in stable: 10/sys/contrib/ipfilter/netinet 11/sys/contrib/ipfilter/netinet X-SVN-Group: stable-10 X-SVN-Commit-Author: cy X-SVN-Commit-Paths: in stable: 10/sys/contrib/ipfilter/netinet 11/sys/contrib/ipfilter/netinet X-SVN-Commit-Revision: 338169 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Aug 2018 01:04:53 -0000 Author: cy Date: Wed Aug 22 01:04:52 2018 New Revision: 338169 URL: https://svnweb.freebsd.org/changeset/base/338169 Log: MFC r338045: Expose np (nat_t - an entry in the nat table structure) in the DTrace probe when nat fails (label badnat). This is useful in diagnosing failed NAT issues and was used in PR/208566. PR: 208566 Modified: stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Directory Properties: stable/10/ (props changed) Changes in other areas also in this revision: Modified: stable/11/sys/contrib/ipfilter/netinet/ip_nat.c Directory Properties: stable/11/ (props changed) Modified: stable/10/sys/contrib/ipfilter/netinet/ip_nat.c ============================================================================== --- stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Tue Aug 21 23:42:20 2018 (r338168) +++ stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Wed Aug 22 01:04:52 2018 (r338169) @@ -3264,7 +3264,7 @@ ipf_nat_add(fin, np, natsave, flags, direction) goto done; badnat: - DT2(ns_badnatnew, fr_info_t *, fin, nat_t *, nat); + DT3(ns_badnatnew, fr_info_t *, fin, nat_t *, nat, ipnat_t *, np); NBUMPSIDE(fin->fin_out, ns_badnatnew); if ((hm = nat->nat_hm) != NULL) ipf_nat_hostmapdel(softc, &hm); From owner-svn-src-stable-10@freebsd.org Wed Aug 22 01:23:13 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 348A91086315; Wed, 22 Aug 2018 01:23:13 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D887178723; Wed, 22 Aug 2018 01:23:12 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B68D84384; Wed, 22 Aug 2018 01:23:12 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7M1NCAC002425; Wed, 22 Aug 2018 01:23:12 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7M1NCJC002424; Wed, 22 Aug 2018 01:23:12 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201808220123.w7M1NCJC002424@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Wed, 22 Aug 2018 01:23:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338170 - in stable: 10/sys/contrib/ipfilter/netinet 11/sys/contrib/ipfilter/netinet X-SVN-Group: stable-10 X-SVN-Commit-Author: cy X-SVN-Commit-Paths: in stable: 10/sys/contrib/ipfilter/netinet 11/sys/contrib/ipfilter/netinet X-SVN-Commit-Revision: 338170 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Aug 2018 01:23:13 -0000 Author: cy Date: Wed Aug 22 01:23:11 2018 New Revision: 338170 URL: https://svnweb.freebsd.org/changeset/base/338170 Log: MFC r338046: Add handy DTrace probes useful in diagnosing NAT issues. DTrace probes are situated next to error counters and/or in one instance prior to the -1 return from various functions. This was useful in diagnosis of PR/208566 and will be handy in the future diagnosing NAT failures. PR: 208566 Modified: stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Directory Properties: stable/10/ (props changed) Changes in other areas also in this revision: Modified: stable/11/sys/contrib/ipfilter/netinet/ip_nat.c Directory Properties: stable/11/ (props changed) Modified: stable/10/sys/contrib/ipfilter/netinet/ip_nat.c ============================================================================== --- stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Wed Aug 22 01:04:52 2018 (r338169) +++ stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Wed Aug 22 01:23:11 2018 (r338170) @@ -2681,6 +2681,7 @@ ipf_nat_newmap(fin, nat, ni) if ((np->in_nsrcmsk == 0xffffffff) && (np->in_spnext == 0)) { if (l > 0) { NBUMPSIDEX(1, ns_exhausted, ns_exhausted_1); + DT4(ns_exhausted_1, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } } @@ -2698,6 +2699,7 @@ ipf_nat_newmap(fin, nat, ni) if ((l >= np->in_ppip) || ((l > 0) && !(flags & IPN_TCPUDP))) { NBUMPSIDEX(1, ns_exhausted, ns_exhausted_2); + DT4(ns_exhausted_2, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } /* @@ -2733,6 +2735,7 @@ ipf_nat_newmap(fin, nat, ni) ipf_ifpaddr(softc, 4, FRI_NORMAL, fin->fin_ifp, &in6, NULL) == -1) { NBUMPSIDEX(1, ns_new_ifpaddr, ns_new_ifpaddr_1); + DT4(ns_new_ifpaddr_1, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } in.s_addr = ntohl(in6.in4.s_addr); @@ -2743,6 +2746,7 @@ ipf_nat_newmap(fin, nat, ni) */ if (l > 0) { NBUMPSIDEX(1, ns_exhausted, ns_exhausted_3); + DT4(ns_exhausted_3, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } in.s_addr = ntohl(fin->fin_saddr); @@ -2838,6 +2842,7 @@ ipf_nat_newmap(fin, nat, ni) (np->in_spnext != 0) && (st_port == np->in_spnext) && (np->in_snip != 0) && (st_ip == np->in_snip)) { NBUMPSIDED(1, ns_wrap); + DT4(ns_wrap, fr_info_t *, fin, nat_t *, nat, natinfo_t *, ni, ipnat_t *, np); return -1; } l++; @@ -2973,6 +2978,7 @@ ipf_nat_newrdr(fin, nat, ni) if (ipf_ifpaddr(softc, 4, FRI_NORMAL, fin->fin_ifp, &in6, NULL) == -1) { NBUMPSIDEX(0, ns_new_ifpaddr, ns_new_ifpaddr_2); + DT3(ns_new_ifpaddr_2, fr_info_t *, fin, nat_t *, nat, natinfo_t, ni); return -1; } in.s_addr = ntohl(in6.in4.s_addr); @@ -3119,6 +3125,7 @@ ipf_nat_add(fin, np, natsave, flags, direction) if (nsp->ns_active >= softn->ipf_nat_table_max) { NBUMPSIDED(fin->fin_out, ns_table_max); + DT2(ns_table_max, nat_stat_t *, nsp, ipf_nat_softc_t *, softn); return NULL; } @@ -3133,6 +3140,7 @@ ipf_nat_add(fin, np, natsave, flags, direction) /* Give me a new nat */ KMALLOC(nat, nat_t *); if (nat == NULL) { + DT(ns_memfail); NBUMPSIDED(fin->fin_out, ns_memfail); /* * Try to automatically tune the max # of entries in the @@ -3228,6 +3236,7 @@ ipf_nat_add(fin, np, natsave, flags, direction) if ((np->in_apr != NULL) && ((nat->nat_flags & NAT_SLAVE) == 0)) { if (ipf_proxy_new(fin, nat) == -1) { NBUMPSIDED(fin->fin_out, ns_appr_fail); + DT3(ns_appr_fail, fr_info_t *, fin, nat_t *, nat, ipnat_t *, np); goto badnat; } } @@ -3385,6 +3394,7 @@ ipf_nat_finalise(fin, nat) } NBUMPSIDED(fin->fin_out, ns_unfinalised); + DT2(ns_unfinalised, fr_info_t *, fin, nat_t *, nat); /* * nat_insert failed, so cleanup time... */ @@ -7070,6 +7080,7 @@ ipf_nat_newrewrite(fin, nat, nai) do { changed = -1; /* TRACE (l, src_search, dst_search, np) */ + DT4(ipf_nat_rewrite_1, int, l, int, src_search, int, dst_search, ipnat_t *, np); if ((src_search == 0) && (np->in_spnext == 0) && (dst_search == 0) && (np->in_dpnext == 0)) { @@ -7134,6 +7145,7 @@ ipf_nat_newrewrite(fin, nat, nai) * Find a new destination address */ /* TRACE (fin, np, l, frnat) */ + DT4(ipf_nat_rewrite_2, frinfo_t *, fin, ipnat_t *, np, int, l, frinfo_t *, &frnat); if (ipf_nat_nextaddr(fin, &np->in_ndst, &frnat.fin_daddr, &frnat.fin_daddr) == -1) @@ -7184,6 +7196,7 @@ ipf_nat_newrewrite(fin, nat, nai) } /* TRACE (frnat) */ + DT1(ipf_nat_rewrite_3, frinfo_t *, &frnat); /* * Here we do a lookup of the connection as seen from @@ -7223,6 +7236,7 @@ ipf_nat_newrewrite(fin, nat, nai) } /* TRACE natl, in_stepnext, l */ + DT3(ipf_nat_rewrite_2, nat_t *, natl, ipnat_t *, np , int, l); if ((natl != NULL) && (l > 8)) /* XXX 8 is arbitrary */ return -1; @@ -7315,6 +7329,7 @@ ipf_nat_newdivert(fin, nat, nai) if (natl != NULL) { NBUMPSIDED(fin->fin_out, ns_divert_exist); + DT3(ns_divert_exist, fr_info_t *, fin, nat_t *, nat, natinfo_t, nai); return -1; } @@ -7567,6 +7582,7 @@ ipf_nat_nextaddr(fin, na, old, dst) case FRI_PEERADDR : case FRI_NETWORK : default : + DT4(ns_na_atype, fr_info_t *, fin, nat_addr_t *, na, u_32_t *, old, u_32_t *, new); return -1; } @@ -7578,6 +7594,7 @@ ipf_nat_nextaddr(fin, na, old, dst) NULL); } else { NBUMPSIDE(fin->fin_out, ns_badnextaddr); + DT4(ns_badnextaddr_1, fr_info_t *, fin, nat_addr_t *, na, u_32_t *, old, u_32_t *, new); } } else if (na->na_atype == IPLT_NONE) { @@ -7596,6 +7613,7 @@ ipf_nat_nextaddr(fin, na, old, dst) if (ipf_ifpaddr(softc, 4, na->na_atype, fin->fin_ifp, &newip, NULL) == -1) { NBUMPSIDED(fin->fin_out, ns_ifpaddrfail); + DT4(ns_ifpaddrfail, fr_info_t *, fin, nat_addr_t *, na, u_32_t *, old, u_32_t *, new); return -1; } new = newip.in4.s_addr; @@ -7607,6 +7625,7 @@ ipf_nat_nextaddr(fin, na, old, dst) } else { NBUMPSIDE(fin->fin_out, ns_badnextaddr); + DT4(ns_badnextaddr_2, fr_info_t *, fin, nat_addr_t *, na, u_32_t *, old, u_32_t *, new); } return error; From owner-svn-src-stable-10@freebsd.org Wed Aug 22 01:43:12 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8B7E11086887; Wed, 22 Aug 2018 01:43:12 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 407E67944A; Wed, 22 Aug 2018 01:43:12 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 21AB946BF; Wed, 22 Aug 2018 01:43:12 +0000 (UTC) (envelope-from cy@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7M1hCr6012109; Wed, 22 Aug 2018 01:43:12 GMT (envelope-from cy@FreeBSD.org) Received: (from cy@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7M1hCCJ012108; Wed, 22 Aug 2018 01:43:12 GMT (envelope-from cy@FreeBSD.org) Message-Id: <201808220143.w7M1hCCJ012108@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: cy set sender to cy@FreeBSD.org using -f From: Cy Schubert Date: Wed, 22 Aug 2018 01:43:12 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338171 - in stable: 10/sys/contrib/ipfilter/netinet 11/sys/contrib/ipfilter/netinet X-SVN-Group: stable-10 X-SVN-Commit-Author: cy X-SVN-Commit-Paths: in stable: 10/sys/contrib/ipfilter/netinet 11/sys/contrib/ipfilter/netinet X-SVN-Commit-Revision: 338171 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Aug 2018 01:43:12 -0000 Author: cy Date: Wed Aug 22 01:43:11 2018 New Revision: 338171 URL: https://svnweb.freebsd.org/changeset/base/338171 Log: MFC r338047: The bucket index is subtracted by one at lines 2304 and 2314. When 0 it becomes -1, except these are unsigned integers, so they become very large numbers. Thus are always larger than the maximum bucket; the hash table insertion fails causing NAT to fail. This commit ensures that if the index is already zero it is not reduced prior to insertion into the hash table. PR: 208566 Modified: stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Directory Properties: stable/10/ (props changed) Changes in other areas also in this revision: Modified: stable/11/sys/contrib/ipfilter/netinet/ip_nat.c Directory Properties: stable/11/ (props changed) Modified: stable/10/sys/contrib/ipfilter/netinet/ip_nat.c ============================================================================== --- stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Wed Aug 22 01:23:11 2018 (r338170) +++ stable/10/sys/contrib/ipfilter/netinet/ip_nat.c Wed Aug 22 01:43:11 2018 (r338171) @@ -2309,14 +2309,16 @@ ipf_nat_delete(softc, nat, logtype) bkt = nat->nat_hv[0] % softn->ipf_nat_table_sz; nss = &softn->ipf_nat_stats.ns_side[0]; - nss->ns_bucketlen[bkt]--; + if (nss->ns_bucketlen[bkt] > 0) + nss->ns_bucketlen[bkt]--; if (nss->ns_bucketlen[bkt] == 0) { nss->ns_inuse--; } bkt = nat->nat_hv[1] % softn->ipf_nat_table_sz; nss = &softn->ipf_nat_stats.ns_side[1]; - nss->ns_bucketlen[bkt]--; + if (nss->ns_bucketlen[bkt] > 0) + nss->ns_bucketlen[bkt]--; if (nss->ns_bucketlen[bkt] == 0) { nss->ns_inuse--; } From owner-svn-src-stable-10@freebsd.org Wed Aug 22 04:21:26 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EECE7108B539; Wed, 22 Aug 2018 04:21:25 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A5EC980168; Wed, 22 Aug 2018 04:21:25 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 86FC36091; Wed, 22 Aug 2018 04:21:25 +0000 (UTC) (envelope-from pfg@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7M4LPUJ091316; Wed, 22 Aug 2018 04:21:25 GMT (envelope-from pfg@FreeBSD.org) Received: (from pfg@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7M4LPv5091315; Wed, 22 Aug 2018 04:21:25 GMT (envelope-from pfg@FreeBSD.org) Message-Id: <201808220421.w7M4LPv5091315@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pfg set sender to pfg@FreeBSD.org using -f From: "Pedro F. Giffuni" Date: Wed, 22 Aug 2018 04:21:25 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338180 - stable/10/sys/fs/msdosfs X-SVN-Group: stable-10 X-SVN-Commit-Author: pfg X-SVN-Commit-Paths: stable/10/sys/fs/msdosfs X-SVN-Commit-Revision: 338180 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Aug 2018 04:21:26 -0000 Author: pfg Date: Wed Aug 22 04:21:25 2018 New Revision: 338180 URL: https://svnweb.freebsd.org/changeset/base/338180 Log: MFC r337456: msdosfs: fixes for Undefined Behavior. These were found by the Undefined Behaviour GsoC project at NetBSD: Do not change signedness bit with left shift. While there avoid signed integer overflow. Address both issues with using unsigned type. msdosfs_fat.c:512:42, left shift of 1 by 31 places cannot be represented in type 'int' msdosfs_fat.c:521:44, left shift of 1 by 31 places cannot be represented in type 'int' msdosfs_fat.c:744:14, left shift of 1 by 31 places cannot be represented in type 'int' msdosfs_fat.c:744:24, signed integer overflow: -2147483648 - 1 cannot be represented in type 'int [20]' msdosfs_fat.c:840:13, left shift of 1 by 31 places cannot be represented in type 'int' msdosfs_fat.c:840:36, signed integer overflow: -2147483648 - 1 cannot be represented in type 'int [20]' Detected with micro-UBSan in the user mode. Hinted from: NetBSD (CVS 1.33) Modified: stable/10/sys/fs/msdosfs/msdosfs_fat.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/fs/msdosfs/msdosfs_fat.c ============================================================================== --- stable/10/sys/fs/msdosfs/msdosfs_fat.c Wed Aug 22 04:20:20 2018 (r338179) +++ stable/10/sys/fs/msdosfs/msdosfs_fat.c Wed Aug 22 04:21:25 2018 (r338180) @@ -408,7 +408,7 @@ usemap_alloc(pmp, cn) KASSERT((pmp->pm_inusemap[cn / N_INUSEBITS] & (1 << (cn % N_INUSEBITS))) == 0, ("Allocating used sector %ld %ld %x", cn, cn % N_INUSEBITS, (unsigned)pmp->pm_inusemap[cn / N_INUSEBITS])); - pmp->pm_inusemap[cn / N_INUSEBITS] |= 1 << (cn % N_INUSEBITS); + pmp->pm_inusemap[cn / N_INUSEBITS] |= 1U << (cn % N_INUSEBITS); KASSERT(pmp->pm_freeclustercount > 0, ("usemap_alloc: too little")); pmp->pm_freeclustercount--; pmp->pm_flags |= MSDOSFS_FSIMOD; @@ -431,7 +431,7 @@ usemap_free(pmp, cn) KASSERT((pmp->pm_inusemap[cn / N_INUSEBITS] & (1 << (cn % N_INUSEBITS))) != 0, ("Freeing unused sector %ld %ld %x", cn, cn % N_INUSEBITS, (unsigned)pmp->pm_inusemap[cn / N_INUSEBITS])); - pmp->pm_inusemap[cn / N_INUSEBITS] &= ~(1 << (cn % N_INUSEBITS)); + pmp->pm_inusemap[cn / N_INUSEBITS] &= ~(1U << (cn % N_INUSEBITS)); } int @@ -813,7 +813,7 @@ clusteralloc1(struct msdosfsmount *pmp, u_long start, for (cn = newst; cn <= pmp->pm_maxcluster;) { idx = cn / N_INUSEBITS; map = pmp->pm_inusemap[idx]; - map |= (1 << (cn % N_INUSEBITS)) - 1; + map |= (1U << (cn % N_INUSEBITS)) - 1; if (map != FULL_RUN) { cn = idx * N_INUSEBITS + ffs(map ^ FULL_RUN) - 1; if ((l = chainlength(pmp, cn, count)) >= count) @@ -830,7 +830,7 @@ clusteralloc1(struct msdosfsmount *pmp, u_long start, for (cn = 0; cn < newst;) { idx = cn / N_INUSEBITS; map = pmp->pm_inusemap[idx]; - map |= (1 << (cn % N_INUSEBITS)) - 1; + map |= (1U << (cn % N_INUSEBITS)) - 1; if (map != FULL_RUN) { cn = idx * N_INUSEBITS + ffs(map ^ FULL_RUN) - 1; if ((l = chainlength(pmp, cn, count)) >= count) @@ -981,7 +981,7 @@ fillinusemap(pmp) for (cn = pmp->pm_maxcluster + 1; cn < (pmp->pm_maxcluster + N_INUSEBITS) / N_INUSEBITS; cn++) - pmp->pm_inusemap[cn / N_INUSEBITS] |= 1 << (cn % N_INUSEBITS); + pmp->pm_inusemap[cn / N_INUSEBITS] |= 1U << (cn % N_INUSEBITS); return (0); } From owner-svn-src-stable-10@freebsd.org Thu Aug 23 02:20:10 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A75C5109D7FC; Thu, 23 Aug 2018 02:20:10 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5D4F179829; Thu, 23 Aug 2018 02:20:10 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 3E7BE1BA91; Thu, 23 Aug 2018 02:20:10 +0000 (UTC) (envelope-from kevans@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7N2KA6H074850; Thu, 23 Aug 2018 02:20:10 GMT (envelope-from kevans@FreeBSD.org) Received: (from kevans@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7N2KAtu074849; Thu, 23 Aug 2018 02:20:10 GMT (envelope-from kevans@FreeBSD.org) Message-Id: <201808230220.w7N2KAtu074849@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: kevans set sender to kevans@FreeBSD.org using -f From: Kyle Evans Date: Thu, 23 Aug 2018 02:20:10 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338229 - stable/10/usr.sbin/config X-SVN-Group: stable-10 X-SVN-Commit-Author: kevans X-SVN-Commit-Paths: stable/10/usr.sbin/config X-SVN-Commit-Revision: 338229 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Aug 2018 02:20:10 -0000 Author: kevans Date: Thu Aug 23 02:20:09 2018 New Revision: 338229 URL: https://svnweb.freebsd.org/changeset/base/338229 Log: MFC r338120: config(8): Allow escape-quoted empty strings For use with things like BOOT_TAG=\"\" -- there are valid reasons to allow empty strings, especially as these are usually being passed through as options. The same argument could perhaps be made for the unquoted variant in things like MODULES_OVERRIDE="", but it's not immediately clear that this is an issue so I've left it untouched. Modified: stable/10/usr.sbin/config/lang.l Directory Properties: stable/10/ (props changed) Modified: stable/10/usr.sbin/config/lang.l ============================================================================== --- stable/10/usr.sbin/config/lang.l Thu Aug 23 02:19:42 2018 (r338228) +++ stable/10/usr.sbin/config/lang.l Thu Aug 23 02:20:09 2018 (r338229) @@ -115,7 +115,7 @@ PATH [./][-/.%^A-Za-z_0-9]+ } return i; } -\\\"[^"]+\\\" { +\\\"[^"]*\\\" { BEGIN 0; yytext[yyleng-2] = '"'; yytext[yyleng-1] = '\0'; From owner-svn-src-stable-10@freebsd.org Fri Aug 24 22:48:21 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BF3A310964E6; Fri, 24 Aug 2018 22:48:20 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 762D67ADC2; Fri, 24 Aug 2018 22:48:20 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5730717633; Fri, 24 Aug 2018 22:48:20 +0000 (UTC) (envelope-from rmacklem@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7OMmK4Z052935; Fri, 24 Aug 2018 22:48:20 GMT (envelope-from rmacklem@FreeBSD.org) Received: (from rmacklem@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7OMmKTk052934; Fri, 24 Aug 2018 22:48:20 GMT (envelope-from rmacklem@FreeBSD.org) Message-Id: <201808242248.w7OMmKTk052934@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rmacklem set sender to rmacklem@FreeBSD.org using -f From: Rick Macklem Date: Fri, 24 Aug 2018 22:48:20 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338308 - stable/10/sys/fs/nfs X-SVN-Group: stable-10 X-SVN-Commit-Author: rmacklem X-SVN-Commit-Paths: stable/10/sys/fs/nfs X-SVN-Commit-Revision: 338308 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Aug 2018 22:48:21 -0000 Author: rmacklem Date: Fri Aug 24 22:48:19 2018 New Revision: 338308 URL: https://svnweb.freebsd.org/changeset/base/338308 Log: MFC: r337438 Allow newnfs_request() to retry all callback RPCs with an NFSERR_DELAY reply. The code in newnfs_request() retries RPCs that get a reply of NFSERR_DELAY, but exempts certain NFSv4 operations. However, for callback RPCs, there should not be any exemptions at this time. The code would have erroneously exempted the CBRECALL callback, since it has the same operation number as the CLOSE operation. This patch fixes this by checking for a callback RPC (indicated by clp != NULL) and not checking for exempt operations for callbacks. This would have only affected the NFSv4 server when delegations are enabled (they are not enabled by default) and the client replies to CBRECALL with NFSERR_DELAY. This may never actually happen. Spotted during code inspection. Modified: stable/10/sys/fs/nfs/nfs_commonkrpc.c Directory Properties: stable/10/ (props changed) Modified: stable/10/sys/fs/nfs/nfs_commonkrpc.c ============================================================================== --- stable/10/sys/fs/nfs/nfs_commonkrpc.c Fri Aug 24 22:41:32 2018 (r338307) +++ stable/10/sys/fs/nfs/nfs_commonkrpc.c Fri Aug 24 22:48:19 2018 (r338308) @@ -964,10 +964,14 @@ tryagain: NFSCL_DEBUG(1, "Got err=%d\n", reterr); } } + /* + * When clp != NULL, it is a callback and all + * callback operations can be retried for NFSERR_DELAY. + */ if (((nd->nd_repstat == NFSERR_DELAY || nd->nd_repstat == NFSERR_GRACE) && - (nd->nd_flag & ND_NFSV4) && - nd->nd_procnum != NFSPROC_DELEGRETURN && + (nd->nd_flag & ND_NFSV4) && (clp != NULL || + (nd->nd_procnum != NFSPROC_DELEGRETURN && nd->nd_procnum != NFSPROC_SETATTR && nd->nd_procnum != NFSPROC_READ && nd->nd_procnum != NFSPROC_READDS && @@ -979,7 +983,7 @@ tryagain: nd->nd_procnum != NFSPROC_OPENDOWNGRADE && nd->nd_procnum != NFSPROC_CLOSE && nd->nd_procnum != NFSPROC_LOCK && - nd->nd_procnum != NFSPROC_LOCKU) || + nd->nd_procnum != NFSPROC_LOCKU))) || (nd->nd_repstat == NFSERR_DELAY && (nd->nd_flag & ND_NFSV4) == 0) || nd->nd_repstat == NFSERR_RESOURCE) { From owner-svn-src-stable-10@freebsd.org Sat Aug 25 10:42:45 2018 Return-Path: Delivered-To: svn-src-stable-10@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C47A51085E24; Sat, 25 Aug 2018 10:42:45 +0000 (UTC) (envelope-from eugen@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 6CA0992F8A; Sat, 25 Aug 2018 10:42:45 +0000 (UTC) (envelope-from eugen@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4D8591EE14; Sat, 25 Aug 2018 10:42:45 +0000 (UTC) (envelope-from eugen@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w7PAgjin027440; Sat, 25 Aug 2018 10:42:45 GMT (envelope-from eugen@FreeBSD.org) Received: (from eugen@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w7PAgiMB027437; Sat, 25 Aug 2018 10:42:44 GMT (envelope-from eugen@FreeBSD.org) Message-Id: <201808251042.w7PAgiMB027437@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: eugen set sender to eugen@FreeBSD.org using -f From: Eugene Grosbein Date: Sat, 25 Aug 2018 10:42:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org Subject: svn commit: r338311 - stable/10/contrib/bsnmp/snmp_mibII X-SVN-Group: stable-10 X-SVN-Commit-Author: eugen X-SVN-Commit-Paths: stable/10/contrib/bsnmp/snmp_mibII X-SVN-Commit-Revision: 338311 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-stable-10@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: SVN commit messages for only the 10-stable src tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Aug 2018 10:42:46 -0000 Author: eugen Date: Sat Aug 25 10:42:44 2018 New Revision: 338311 URL: https://svnweb.freebsd.org/changeset/base/338311 Log: MFC 338013: bsnmpd(8): fix and optimize interface description processing * correctly prepare a buffer to obtain interface description from a kernel and truncate long description instead of dropping it altogether and spamming logs; * skip calling strlen() for each description and each SNMP request for MIB-II/ifXTable's ifAlias. * teach bsnmpd to allocate memory dynamically for interface descriptions to decrease memory usage for common case and not to break if long description occurs; PR: 217763 Reviewed by: harti and others Differential Revision: https://reviews.freebsd.org/D16459 Modified: stable/10/contrib/bsnmp/snmp_mibII/mibII.c stable/10/contrib/bsnmp/snmp_mibII/mibII.h stable/10/contrib/bsnmp/snmp_mibII/mibII_interfaces.c stable/10/contrib/bsnmp/snmp_mibII/snmp_mibII.h Directory Properties: stable/10/ (props changed) Modified: stable/10/contrib/bsnmp/snmp_mibII/mibII.c ============================================================================== --- stable/10/contrib/bsnmp/snmp_mibII/mibII.c Sat Aug 25 09:48:17 2018 (r338310) +++ stable/10/contrib/bsnmp/snmp_mibII/mibII.c Sat Aug 25 10:42:44 2018 (r338311) @@ -439,11 +439,15 @@ mibif_restart_mibII_poll_timer(void) int mib_fetch_ifmib(struct mibif *ifp) { + static int kmib[2] = { -1, 0 }; /* for sysctl net.ifdescr_maxlen */ + int name[6]; + size_t kmiblen = nitems(kmib); size_t len; void *newmib; struct ifmibdata oldmib = ifp->mib; struct ifreq irr; + unsigned int alias_maxlen = MIBIF_ALIAS_SIZE_MAX; if (fetch_generic_mib(ifp, &oldmib) == -1) return (-1); @@ -515,18 +519,69 @@ mib_fetch_ifmib(struct mibif *ifp) } out: + + /* + * Find sysctl mib for net.ifdescr_maxlen (one time). + * kmib[0] == -1 at first call to mib_fetch_ifmib(). + * Then kmib[0] > 0 if we found sysctl mib for net.ifdescr_maxlen. + * Else, kmib[0] == 0 (unexpected error from a kernel). + */ + if (kmib[0] < 0 && + sysctlnametomib("net.ifdescr_maxlen", kmib, &kmiblen) < 0) { + kmib[0] = 0; + syslog(LOG_WARNING, "sysctlnametomib net.ifdescr_maxlen: %m"); + } + + /* + * Fetch net.ifdescr_maxlen value every time to catch up with changes. + */ + len = sizeof(alias_maxlen); + if (kmib[0] > 0 && sysctl(kmib, 2, &alias_maxlen, &len, NULL, 0) < 0) { + /* unexpected error from the kernel, use default value */ + alias_maxlen = MIBIF_ALIAS_SIZE_MAX; + syslog(LOG_WARNING, "sysctl net.ifdescr_maxlen: %m"); + } + + /* + * Kernel limit might be decreased after interfaces got + * their descriptions assigned. Try to obtain them anyway. + */ + if (alias_maxlen == 0) + alias_maxlen = MIBIF_ALIAS_SIZE_MAX; + + /* + * Allocate maximum memory for a buffer and later reallocate + * to free extra memory. + */ + if ((ifp->alias = malloc(alias_maxlen)) == NULL) { + syslog(LOG_WARNING, "malloc(%d) failed: %m", (int)alias_maxlen); + goto fin; + } + strlcpy(irr.ifr_name, ifp->name, sizeof(irr.ifr_name)); - irr.ifr_buffer.buffer = MIBIF_PRIV(ifp)->alias; - irr.ifr_buffer.length = sizeof(MIBIF_PRIV(ifp)->alias); + irr.ifr_buffer.buffer = ifp->alias; + irr.ifr_buffer.length = alias_maxlen; if (ioctl(mib_netsock, SIOCGIFDESCR, &irr) == -1) { - MIBIF_PRIV(ifp)->alias[0] = 0; + free(ifp->alias); + ifp->alias = NULL; if (errno != ENOMSG) syslog(LOG_WARNING, "SIOCGIFDESCR (%s): %m", ifp->name); } else if (irr.ifr_buffer.buffer == NULL) { - MIBIF_PRIV(ifp)->alias[0] = 0; + free(ifp->alias); + ifp->alias = NULL; syslog(LOG_WARNING, "SIOCGIFDESCR (%s): too long (%zu)", ifp->name, irr.ifr_buffer.length); + } else { + ifp->alias_size = strnlen(ifp->alias, alias_maxlen) + 1; + + if (ifp->alias_size > MIBIF_ALIAS_SIZE) + ifp->alias_size = MIBIF_ALIAS_SIZE; + + if (ifp->alias_size < alias_maxlen) + ifp->alias = realloc(ifp->alias, ifp->alias_size); } + +fin: ifp->mibtick = get_ticks(); return (0); } @@ -706,6 +761,10 @@ mibif_free(struct mibif *ifp) mibif_reset_hc_timer(); } + if (ifp->alias != NULL) { + free(ifp->alias); + ifp->alias = NULL; + } free(ifp->private); ifp->private = NULL; free(ifp->physaddr); Modified: stable/10/contrib/bsnmp/snmp_mibII/mibII.h ============================================================================== --- stable/10/contrib/bsnmp/snmp_mibII/mibII.h Sat Aug 25 09:48:17 2018 (r338310) +++ stable/10/contrib/bsnmp/snmp_mibII/mibII.h Sat Aug 25 10:42:44 2018 (r338311) @@ -57,8 +57,9 @@ #include "snmp_mibII.h" #include "mibII_tree.h" -/* maximum size of the interface alias */ +/* maximum size of the interface alias unless overridden with net.ifdescr_maxlen */ #define MIBIF_ALIAS_SIZE (64 + 1) +#define MIBIF_ALIAS_SIZE_MAX 1024 /* * Interface list and flags. @@ -81,8 +82,6 @@ struct mibif_private { uint64_t hc_imcasts; uint64_t hc_ipackets; - /* this should be made public */ - char alias[MIBIF_ALIAS_SIZE]; }; #define MIBIF_PRIV(IFP) ((struct mibif_private *)((IFP)->private)) Modified: stable/10/contrib/bsnmp/snmp_mibII/mibII_interfaces.c ============================================================================== --- stable/10/contrib/bsnmp/snmp_mibII/mibII_interfaces.c Sat Aug 25 09:48:17 2018 (r338310) +++ stable/10/contrib/bsnmp/snmp_mibII/mibII_interfaces.c Sat Aug 25 10:42:44 2018 (r338311) @@ -528,7 +528,7 @@ op_ifxtable(struct snmp_context *ctx, struct snmp_valu break; case LEAF_ifAlias: - ret = string_get(value, MIBIF_PRIV(ifp)->alias, -1); + ret = string_get(value, ifp->alias, ifp->alias_size - 1); break; case LEAF_ifCounterDiscontinuityTime: Modified: stable/10/contrib/bsnmp/snmp_mibII/snmp_mibII.h ============================================================================== --- stable/10/contrib/bsnmp/snmp_mibII/snmp_mibII.h Sat Aug 25 09:48:17 2018 (r338310) +++ stable/10/contrib/bsnmp/snmp_mibII/snmp_mibII.h Sat Aug 25 10:42:44 2018 (r338311) @@ -80,6 +80,9 @@ struct mibif { /* to be set by ifType specific modules. This is ifSpecific. */ struct asn_oid spec_oid; + char *alias; + size_t alias_size; + /* private data - don't touch */ void *private; };