committer filter by committer.
@path/to/ filter by path in repository.
committer@path/to/ filter by committer AND path in repository.
abdef0123 filter by commit's SHA hash.
rNNN filter by SVN revision.
rNNN-rMMM filter by SVN revisions range (inclusive).
Multiple filters can be specified separated by spaces or comas in which case they'll be combined using OR operator.
|02af91c5||arichardson||Feb. 17, 2021, 9:54 a.m.||Fix crossbuild bootstrap tools build with Clang 12
Clang 12 no longer allows re-defining a weak symbol as non-weak. This happed here because we compile err.c with _err defined to err. To fix this, use the same approach as the libc namespace.hcgit
|8a439f32||kp||Feb. 17, 2021, 8:15 a.m.||pf: Remove unused return value from (de)hook_pf()
These functions always return 0, which is good, because the code calling them doesn't handle this error gracefully. As the functions always succeed remove their return value, and the code handling their errors (because it was never executed anyway). MFC after: 1 week Sponsored by: Rubicon Communications, LLC (“Netgate”’)cgit
|6b7e592c||jkim||Feb. 17, 2021, 7:22 a.m.||lex: Do not let input() return 0 when end-of-file is reached
Importing flex 2.6.4 has introduced a regression: input() now returns 0 instead of EOF to indicate that the end of input was reached, just like traditional AT&T and POSIX lex. Note the behavior contradicts flex(1). See "INCOMPATIBILITIES WITH LEX AND POSIX" section for information. This incompatibility traces back to the original version and documented in its manual page by the Vern Paxson. Apparently, it has been reported in a few places, e.g., https://github.com/westes/flex/issues/448 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911415 Unfortunately, this also breaks the scanner used by libdtrace and dtrace is unable to resolve some probe argument types as a result. See PR253440 for more information. Note the regression was introduced by the following upstream commit without any explanation or documentation change: https://github.com/westes/flex/commit/f863c9490e6912ffcaeb12965fb3a567a10745ff Now we restore the traditional flex behavior unless lex-compatibility mode is set with "-l" option because I believe the author originally wanted to make it more lex and POSIX compatible. PR: 253440 Reported by: markjcgit
|3396647c||jkim||Feb. 17, 2021, 5:35 a.m.||OpenSSL: Regen assembly files for OpenSSL 1.1.1j|
|b8408160||jkim||Feb. 17, 2021, 3:53 a.m.||OpenSSL: Remove obsolete include directory|
|294e62be||mav||Feb. 17, 2021, 2:15 a.m.||cxgbe(4): Save proper zone index on low memory in refill_fl().
When refill_fl() fails to allocate large (9/16KB) mbuf cluster, it falls back to safe (4KB) ones. But it still saved into sd->zidx the original fl->zidx instead of fl->safe_zidx. It caused problems with the later use of that cluster, including memory and/or data corruption. While there, make refill_fl() to use the safe zone for all following clusters for the call, since it is unlikely that large succeed. MFC after: 3 days Sponsored by: iXsystems, Inc. Reviewed by: np, jhb Differential Revision: https://reviews.freebsd.org/D28716cgit
|aa5fef60||markj||Feb. 16, 2021, 10:07 p.m.||linux: Update the i386/linux vdso deinitialization routine
This was missed in commit 0fc8a796722 ("linux: Unmap the VDSO page when unloading"). Reported by: Mark Millard MFC with: 0fc8a796722cgit
|e25db73f||jkim||Feb. 16, 2021, 10:05 p.m.||OpenSSL: Regen manual pages for OpenSSL 1.1.1j.|
|88e852c0||jkim||Feb. 16, 2021, 10 p.m.||OpenSSL: Merge OpenSSL 1.1.1j
Merge commit '4f55bd5321b72491d4eff396e4928e9ab0706735'cgit
|a4513bac||melifaro||Feb. 16, 2021, 9:49 p.m.||Fix NOINET6 build broken by 2fe5a79425c7.
Reported by: mjgcgit
|2fe5a794||melifaro||Feb. 16, 2021, 8:30 p.m.||Fix dst/netmask handling in routing socket code.
Traditionally routing socket code did almost zero checks on the input message except for the most basic size checks. This resulted in the unclear KPI boundary for the routing system code (`rtrequest*` and now `rib_action()`) w.r.t message validness. Multiple potential problems and nuances exists: * Host bits in RTAX_DST sockaddr. Existing applications do send prefixes with hostbits uncleared. Even `route(8)` does this, as they hope the kernel would do the job of fixing it. Code inside `rib_action()` needs to handle it on its own (see `rt_maskedcopy()` ugly hack). * There are multiple way of adding the host route: it can be DST without netmask or DST with /32(/128) netmask. Also, RTF_HOST has to be set correspondingly. Currently, these 2 options create 2 DIFFERENT routes in the kernel. * no sockaddr length/content checking for the "secondary" fields exists: nothing stops rtsock application to send sockaddr_in with length of 25 (instead of 16). Kernel will accept it, install to RIB as is and propagate to all rtsock consumers, potentially triggering bugs in their code. Same goes for sin_port, sin_zero, etc. The goal of this change is to make rtsock verify all sockaddr and prefix consistency. Said differently, `rib_action()` or internals should NOT require to change any of the sockaddrs supplied by `rt_addrinfo` structure due to incorrectness. To be more specific, this change implements the following: * sockaddr cleanup/validation check is added immediately after getting sockaddrs from rtm. * Per-family dst/netmask checks clears host bits in dst and zeros all dst/netmask "secondary" fields. * The same netmask checking code converts /32(/128) netmasks to "host" route case (NULL netmask, RTF_HOST), removing the dualism. * Instead of allowing ANY "known" sockaddr families (0<..<AF_MAX), allow only actually supported ones (inet, inet6, link). * Automatically convert `sockaddr_sdl` (AF_LINK) gateways to `sockaddr_sdl_short`. Reported by: Guy Yur <guyyur at gmail.com> Reviewed By: donner Differential Revision: https://reviews.freebsd.org/D28668 MFC after: 3 dayscgit
|600eade2||melifaro||Feb. 16, 2021, 8:14 p.m.||Add ifa_try_ref() to simplify ifa handling inside epoch.
More and more code migrates from lock-based protection to the NET_EPOCH umbrella. It requires some logic changes, including, notably, refcount handling. When we have an `ifa` pointer and we're running inside epoch we're guaranteed that this pointer will not be freed. However, the following case can still happen: * in thread 1 we drop to 0 refcount for ifa and schedule its deletion. * in thread 2 we use this ifa and reference it * destroy callout kicks in * unhappy user reports bug To address it, new `ifa_try_ref()` function is added, allowing to return failure when we try to reference `ifa` with 0 refcount. Additionally, existing `ifa_ref()` is enforced with `KASSERT` to provide cleaner error in such scenarious. Reviewed By: rstone, donner Differential Revision: https://reviews.freebsd.org/D28639 MFC after: 1 weekcgit
|9fdbf7ee||melifaro||Feb. 16, 2021, 8 p.m.||Make in_localip_more() fib-aware.|
|cc7b7306||jamie||Feb. 16, 2021, 7:19 p.m.||jail: Handle a possible race between jail_remove(2) and fork(2)
jail_remove(2) includes a loop that sends SIGKILL to all processes in a jail, but skips processes in PRS_NEW state. Thus it is possible the a process in mid-fork(2) during jail removal can survive the jail being removed. Add a prison flag PR_REMOVE, which is checked before the new process returns. If the jail is being removed, the process will then exit. Also check this flag in jail_attach(2) which has a similar issue. Reported by: trasz Approved by: kib MFC after: 3 dayscgit
|922cf8ac||allanjude||Feb. 16, 2021, 7:02 p.m.||Use iflib_if_init_locked() during media change instead of iflib_init_locked().
iflib_init_locked() assumes that iflib_stop() has been called, however, it is not called for media changes. iflib_if_init_locked() calls stop then init, so fixes the problem. PR: 253473 MFC after: 3 days Reviewed by: markj Sponsored by: Juniper Networks, Inc., Klara, Inc. Differential Revision: https://reviews.freebsd.org/D28667cgit