committer filter by committer.
@path/to/ filter by path in repository.
committer@path/to/ filter by committer AND path in repository.
abdef0123 filter by commit's SHA hash.
rNNN filter by SVN revision.
rNNN-rMMM filter by SVN revisions range (inclusive).
Multiple filters can be specified separated by spaces or comas in which case they'll be combined using OR operator.
|aa70361d||kp||Jan. 3, 2022, 9:12 a.m.||headers: make a few more headers self-contained
Sponsored by: Rubicon Communications, LLC ("Netgate")cgit
|9d406e08||kp||Jan. 3, 2022, 8:50 a.m.||dnctl: Support reading config from file like ipfw(8)|
|9e891d43||jah||Jan. 3, 2022, 3:52 a.m.||unionfs: implement VOP_SET_TEXT/VOP_UNSET_TEXT
The implementation simply passes the text ref to the appropriate underlying vnode. Without this, the default [un]set_text implementation will only manage the text ref on the unionfs vnode, causing it to be out of sync with the underlying filesystems and potentially allowing corruption of executable file contents. On INVARIANTS kernels, it also readily produces a panic on process termination because the VM object representing the executable mapping is backed by the underlying vnode, not the unionfs vnode. PR: 251342 Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D33611cgit
|d877dd57||jah||Jan. 3, 2022, 3:52 a.m.||unionfs: simplify writecount management
Use atomics to track the writecount granted to the underlying FS, and avoid holding the vnode interlock while calling the underling FS' VOP_ADD_WRITECOUNT(). This also fixes a WITNESS warning about nesting the same lock type. Also add comments explaining why we need to track the writecount on the unionfs vnode in the first place. Finally, simplify writecount management to only use the upper vnode and assert that we shouldn't have an active writecount on the lower vnode through unionfs. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D33611cgit
|ca573c9a||glebius||Jan. 3, 2022, 2:32 a.m.||sshd: update the libwrap patch to drop connections early
OpenSSH has dropped libwrap support in OpenSSH 6.7p in 2014 (f2719b7c in github.com/openssh/openssh-portable) and we maintain the patch ourselves since 2016 (a0ee8cc636cd). Over the years, the libwrap support has deteriotated and probably that was reason for removal upstream. Original idea of libwrap was to drop illegitimate connection as soon as possible, but over the years the code was pushed further down and down and ended in the forked client connection handler. The negative effects of late dropping is increasing attack surface for hosts that are to be dropped anyway. Apart from hypothetical future vulnerabilities in connection handling, today a malicious host listed in /etc/hosts.allow still can trigger sshd to enter connection throttling mode, which is enabled by default (see MaxStartups in sshd_config(5)), effectively casting DoS attack. Note that on OpenBSD this attack isn't possible, since they enable MaxStartups together with UseBlacklist. A only negative effect from early drop, that I can imagine, is that now main listener parses file in /etc, and if our root filesystems goes bad, it would get stuck. But unlikely you'd be able to login in that case anyway. Implementation details: - For brevity we reuse the same struct request_info. This isn't a documented feature of libwrap, but code review, viewing data in a debugger and real life testing shows that if we clear RQ_CLIENT_NAME and RQ_CLIENT_ADDR every time, it works as intended. - We set SO_LINGER on the socket to force immediate connection reset. - We log message exactly as libwrap's refuse() would do. Differential revision: https://reviews.freebsd.org/D33044cgit
|d9cacbf4||kib||Jan. 3, 2022, 2:31 a.m.||sched_get/setaffinity(): try to be more compatible with Linux
in handling the cpuset sizes different from sizeof(cpuset_t). For both cases, cpuset size shorter than sizeof(cpuset_t) results in EINVAL on Linux. For sched_getaffinity(), be more permissive and accept cpuset size larger than our cpuset_t, by clipping the syscall argument and zeroing the rest of the output buffer. For sched_setaffinity(), we should allow shorter cpusets than current ABI size, again zeroing the rest of the bits. With this change, python os.sched_get/setaffinity functions work. Reported by: se Sponsored by: The FreeBSD Foundation MFC after: 1 weekcgit
|90266521||delphij||Jan. 3, 2022, 2:05 a.m.||libmagic: Remove support for older FreeBSD where xlocale was not available.
The MINIMUM_SUPPORTED_OSREL is 1002501 (FreeBSD 10.3), and xlocale is supported there. While I'm there, explicitly use config.h generated with --disable-bzlib --disable-xzlib instead of deleting them manually. MFC after: 2 weekscgit
|f284bed2||asomers||Jan. 3, 2022, 1:01 a.m.||geom_gate: ensure readprov is null-terminated
With crafted input to the G_GATE_CMD_CREATE ioctl, geom_gate can be made to print kernel memory to the system console, potentially revealing sensitive data from whatever was previously in that memory page. But but but: this is a case of the sys admin misconfiguring, and you'd need root privileges to do this. Submitted By: Johannes Totz <email@example.com> MFC after: 2 weeks Reviewed By: asomers Differential Revision: https://reviews.freebsd.org/D31727cgit
|6226477a||asomers||Jan. 3, 2022, 12:53 a.m.||Various fixes for ggatec and ggated|
|7776d3cc||rwatson||Dec. 18, 2021, 10:53 p.m.||Add a -q flag to ministat to suppress headers in output, for use with -n.|
|1fbcaa13||mckusick||Jan. 2, 2022, 10:04 p.m.||When doing a read-only mount of a UFS filesystem using gjournal(8),
suppress error message about a missing gjournal provider. Submitted by: Andreas Longwitz MFC after: 2 weeks Sponsored by: Netflixcgit
|7c9948c2||rew||Jan. 2, 2022, 9:26 p.m.||skip test case nvlist_send_recv__send_many_fds__dgram
If I'm not mistaken, the underlying sendmsg() for nvlist_send() is failing with ENOBUFS. In turn, nvlist_recv() returns NULL because it didn't receive the expected number of file descriptors. Adjusting net.local.dgram.recvspace worked on my local machine, but on CI the test still fails consistently. PR: 260891cgit
|698727d6||cperciva||Jan. 2, 2022, 9:07 p.m.||Fix variable name: freq_khz -> freq
An earlier version of this code computed the TSC frequency in kHz. When the code was changed to compute the frequency more accurately, the variable name was not updated. Reviewed by: markj Fixes: 22875f88799e x86: Implement deferred TSC calibration MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D33696cgit
|9cb32882||cperciva||Jan. 2, 2022, 9:07 p.m.||Skip TSC calibration if exact value known|
|324150d6||jrtc27||Jan. 2, 2022, 8:55 p.m.||ufs: Avoid subobject overflow in snapshot expunge code
The code here tries to be smart and zeroes out both di_db and di_ib with a single bzero call, thereby overrunning the di_db subobject. This is fine on most architectures, if a little dodgy. However, on CHERI, the compiler can optionally restrict the bounds on pointers to subobjects to just that subobject, in order to mitigate intra-object buffer overflows, and this is enabled in CheriBSD's pure-capability kernels. Instead, use separate bzero calls for each array, and let the compiler optimise it as it sees fit; even if it's not generating inline zeroing code, Clang will happily optimise two consecutive bzero's to a single larger call. Reviewed by: mckusick Differential Revision: https://reviews.freebsd.org/D33651cgit