| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Else out-of-bound reads and undefined behaviour may happen.
The current code only checked for the presence of the first of four bytes.
Make sure the fields in question have the minium size required.
No functional change intended.
Reviewed by: rrs@
Sponsored by: NVIDIA Networking
(cherry picked from commit 3492caf512ae090816b4ffa275be43b2f5cfc460)
|
| |
|
|
| |
(cherry picked from commit ba94a95402f335c8e7aa8e28ebdad43361c65909)
|
| |
|
|
|
|
|
|
|
|
|
| |
PR: 217978
Reported by: Franco Fichtner <franco@opnsense.org>
Reviewed by: markj
Obtained from: OPNsense
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D31503
(cherry picked from commit 0a539a0f005e8acbe4974ede30aa928099c988b9)
|
| |
|
|
|
|
|
|
| |
Approved by: so
Security: SA-21:14.ggatec
Security: CVE-2021-29630
(cherry picked from commit 515216929c40169cc72b62466ff9238682661613)
|
| |
|
|
|
|
|
|
|
|
|
| |
Document the existing behavior, which is currently only available by
reading third party documentation or the source code itself.
PR: 254617
Submitted by: Oliver Kiddle
Differential Revision: https://reviews.freebsd.org/D30189
(cherry picked from commit c8250c5ada85fec8936e8eb8695d7cb80a3ce8ab)
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix some erronous lines in the example section.
PR: 248943
Submitted by: Jose Luis Duran
Reviewers: ae, manpages (gbe)
Differential Revision: https://reviews.freebsd.org/D30191
(cherry picked from commit 802637be06457c7593692bdf79f8466fa5f54d4a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ipfw -[tT] prints statistics of the last access. If the rule was never
used, the counter might be not exist. This happens unconditionally on
inserting a new rule. Avoid printing statistics in this case.
PR: 255491
Reported by: Haisheng Zhouz
Reviewed by: ae
Differential Revision: https://reviews.freebsd.org/D30046
(cherry picked from commit bf7cc0f9cb6603a6bdd6131c8d1939724ce6e62d)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Most of table types currently supported by ipfw have only one
algorithm implementation. When user creates such tables, allow
to omit algo name in arguments. E.g. now it is possible:
ipfw table T1 create type number
ipfw table T2 create type iface
ipfw table T3 create type flow
PR: 233072
Sponsored by: Yandex LLC
(cherry picked from commit 13ad237a19b7368124483d9d1dc3258c27880fef)
|
| |
|
|
|
|
|
|
|
|
| |
hastd(8) assumes it has no extra file descriptors opened
and aborts otherwise, so call closefrom() early.
PR: 227461
Notes:
svn path=/stable/11/; revision=368759
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Detection of VLAN interface type must happen before detection of
interface type by prefix. Else the following sequence of commands will
try to create a LAGG interface instead of a VLAN interface, which
accidentially works, because the data pointed to by the ifr_data
pointer is not parsed by the VLAN create ioctl(2).
How to reproduce:
# ifconfig lagg0 create
# ifconfig lagg0.256 create
Differential Revision: https://reviews.freebsd.org/D27521
Tested by: raul.munoz@custos.es
Sponsored by: Mellanox Technologies // NVIDIA Networking
Notes:
svn path=/stable/11/; revision=368504
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ensure consistent error messages from ifconfig(8).
If multiple threads are invoking "ifconfig XXX create" a race may occur
which can lead to two different error messages for the same error.
a) ifconfig: SIOCIFCREATE2: File exists
b) ifconfig: interface XXX already exists
This patch ensures ifconfig prints the same error code
for the same case.
Reviewed by: imp@ and kib@
Differential Revision: https://reviews.freebsd.org/D27380
Sponsored by: Mellanox Technologies // NVIDIA Networking
Notes:
svn path=/stable/11/; revision=368298
|
| |
|
|
|
|
|
|
|
|
| |
Fix a typo and remove Xr's to vn(4) and vnconfig(4)
"mandoc -Tlint" complained about the Xr to vnconfig, which was removed in
r238202. I am not sure but maybe it's time to do the same to vn(4).
Notes:
svn path=/stable/11/; revision=367870
|
| |
|
|
|
|
|
| |
Address a mandoc warning
Notes:
svn path=/stable/11/; revision=367634
|
| |
|
|
|
|
|
| |
Use Cm macros instead of Ar when referring to a specific memory disk type
Notes:
svn path=/stable/11/; revision=367519
|
| |
|
|
|
|
|
|
|
|
| |
Drop "All rights reserved" from my copyright statements.
Reviewed by: rgrimes
Differential Revision: https://reviews.freebsd.org/D19485
Notes:
svn path=/stable/11/; revision=367457
|
| |
|
|
|
|
|
| |
Remove Tn macros from ifconfig.8
Notes:
svn path=/stable/11/; revision=367319
|
| |
|
|
|
|
|
| |
ifconfig.8: Improve formatting of -f in synopsis
Notes:
svn path=/stable/11/; revision=367317
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
ifconfig.8: Remove spurious commas
Correct misuse of commas/parentheses in an enumeration that makes the
number of actual parameters more important than expected.
PR: 250526
Submitted by: Samy Mahmoudi <samy.mahmoudi__gmail_com>
Notes:
svn path=/stable/11/; revision=367247
|
| |
|
|
|
|
|
| |
overflow on 32-bit platforms
Notes:
svn path=/stable/11/; revision=366306
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a few features to rcorder:
o Enhance dependency loop logging: print full chain instead of the
last link competing the loop;
o Add -g option to generate dependency graph suitable for GraphViz
visualization, loops and other graph generation issues are highlighted
automatically;
o Add -p option that enables grouping items that can be processed in
parallel.
Submitted by: Boris Lytochkin <lytboris at gmail>
Differential Revision: https://reviews.freebsd.org/D25389
Notes:
svn path=/stable/11/; revision=365746
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove risky compatability with old kernels
The badsys() handler for SIGSYS was added as a transtion aid for kernels
lacking sysctl() in 1993. It is unsafe and unsound so remove it rather
than running the risk of a privilege-dropping system call being silently
omitted.
This partially reverts SCCSID 6.12 (Berkeley) 03/03/93 "add code to
change the system security level".
Reviewed by: mckusick, imp, kevans
Obtained from: CheriBSD
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D26289
Notes:
svn path=/stable/11/; revision=365534
|
| |
|
|
|
|
|
|
|
|
| |
Reported by: Shlomi Oberman, JSOF
Submitted by: delphij
Reviewed by: markj
Tested by: markj
Notes:
svn path=/stable/11/; revision=365011
|
| |
|
|
|
|
|
|
|
| |
- Remove an unnecessary macro
- Comment out TODO notes from bectl(8) manual page
Notes:
svn path=/stable/11/; revision=364385
|
| |
|
|
| |
Notes:
svn path=/stable/11/; revision=364266
|
| |
|
|
|
|
|
| |
Fix SIGSEGV in ipfw(8) when NAT64 prefix length is omitted.
Notes:
svn path=/stable/11/; revision=364160
|
| |
|
|
| |
Notes:
svn path=/stable/11/; revision=363317
|
| |
|
|
|
|
|
| |
them in sectors.
Notes:
svn path=/stable/11/; revision=363314
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Improve the rcorder manual page
- Fix formatting issues such as:
- Use Ql instead of Dq Li as Li is deprecated
- Address some mandoc warnings
- Add arguments missing from the list of options (i.e., document "-k keep"
instead of just "-k").
- Document that -k and -s can be specified multiple times
- Use sshd instead of named for the example in the BUGS section, as named
is not in the base system. Also, use Nm instead of Xr there as it is not
the sshd binary that is required to be running, but the service.
- Use Sy instead of Cm for KEYWORDS. Cm is reserved for command-line
modifiers of the CLI.
- Add an EXAMPLES section
- Cross-reference service(8).
Notes:
svn path=/stable/11/; revision=363135
|
| |
|
|
|
|
|
| |
Fix a typo in shutdown.8, use ',' instead of '.' when listing items.
Notes:
svn path=/stable/11/; revision=363120
|
| |
|
|
|
|
|
|
|
|
|
| |
Document that umount -A does not unmount /dev
Reported by: kaktus
Reviewed by: kaktus
Differential Revision: https://reviews.freebsd.org/D25351
Notes:
svn path=/stable/11/; revision=362695
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Decode the "LACP Fast Timeout" LAGG option flag
r286700 added the "lacp_fast_timeout" option to `ifconfig', but we forgot to
include the new option in the string used to decode the option bits. Add
"LACP_FAST_TIMO" to LAGG_OPT_BITS.
Also, s/LAGG_OPT_LACP_TIMEOUT/LAGG_OPT_LACP_FAST_TIMO/g , to be clearer that
the flag indicates "Fast Timeout" mode.
Notes:
svn path=/stable/11/; revision=362366
|
| |
|
|
| |
Notes:
svn path=/stable/11/; revision=362301
|
| |
|
|
| |
Notes:
svn path=/stable/11/; revision=361743
|
| |
|
|
| |
Notes:
svn path=/stable/11/; revision=361043
|
| |
|
|
|
|
|
|
|
| |
- Fix logic error in swapoff case: follow same handling of p and
linelen in the swapon case.
- Use strlcpy instead of strncpy.
Notes:
svn path=/stable/11/; revision=360893
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Assuming that the intent (from the white space) is that the fprintf()
be executed in the if() conditional. If its not supposed to be printed
inside the conditional, then the braces should be removed and the extra
tabs on the fprintf() should be removed.
Noted by cross compilation with gcc-mips.
Notes:
svn path=/stable/11/; revision=360674
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r348767, r348967,
r349047-r349048, r351204-r351205, r351502, r351623, r352364, r356249-r356250, r356313,
r356434, r356628-r356629, r356636, r356657, r357421, r357716, r360359, r360428:
r345839: Assert that q can't be NULL. 'empty' is always non-NULL when DIREMPTY
r345894: Restore the ability of checking and fixing next free
r345897: Restore lfcl when LOSTDIR's chain was corrupted and overwritten
r345900: Implement checking of `.' and `..' entries of subdirectory.
r345901: Fix build.
r345976: Write string constant differently to improve readability.
r346220: Don't cast result from malloc().
r348602: Don't increment cl after increment.
r348767: preen should work independently with alwaysyes and alwaysno.
r348967: Avoid out of boundary access when checking invalid long filenames.
r349047: Blankspace. No actual code change.
r349048: In ask(): override default option if any of alwaysyes/alwaysno/rdonly is
r351204: Remove redundant check and wrong fix: fat.c checks already take care
r351205: Use calloc().
r351502: Comment boot block checks and perform additional sanity checks:
r351623: Remove unneeded blank line. No functional change.
r352364: Avoid mixing cluster numbers and sector numbers. Makes code more readable.
r356249: Reduce memory footprint of fsck_msdosfs.
r356250: Revert r356249 for now as it broke GCC builds.
r356313: Reduce memory footprint of fsck_msdosfs.
r356434: fsck_msdosfs.8: document -M.
r356628: Require FAT to occupy at least one sector.
r356629: Apply typo fix from NetBSD, we have already applied all NetBSD changes so
r356636: Correct off-by-two issue when determining FAT type.
r356657: Tighten FAT checks and fix off-by-one error in corner case.
r357421: Diff reduction against NetBSD, no functional change.
r357716: Use humanize_number to format available and bad space sizes.
r360359: Fix a bug with dirty file system handling.
r360428: Do not overflow when calculating file system size.
Notes:
svn path=/stable/11/; revision=360490
|
| |
|
|
|
|
|
|
|
|
| |
Improve manual page formatting
- Use appropriate macros for command arguments.
- Increase option list indentation for better readability.
Notes:
svn path=/stable/11/; revision=360039
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
r359406, r359413-r359416, r359425, r359427, r359432-r359433, r359443,
r359675-r359677
Note: this is not necessarily a complete fix to get these programs to build
with -fno-common applied.
r359389:
config(8): fixes for -fno-common
Move this handful of definitions into main.c, properly declare these as
extern in config.h. This fixes the config(8) build with -fno-common.
Unexplained in my previous commit to gas, -fno-common will become the
default in GCC10 and LLVM11, so it's worth addressing these in advance.
r359394:
MFV r359393: tcsh: import 6974bc35a5cd
This removes an extra variable definition that causes the -fno-common build
to fail, which will be a new default in GCC10/LLVM11.
r359397:
zfs: fix -fno-common issues
A similar (or identical?) fix has already landed in OpenZFS.
-fno-common will become the default in GCC10/LLVM11.
r359398:
sh: remove duplicate el definition
el is declared extern in myhistedit.h and defined in histedit.c. Remove the
duplicate definition in input.c to appease the -fno-common build.
-fno-common will become the default in GCC10/LLVM11.
r359399:
telnet: remove some duplicate definitions, mark terminaltype extern
Most of these were already properly declared and defined elsewhere, this is
effectively just a minor cleanup that fixes the -fno-common build.
-fno-common will become the default in GCC10/LLVM11.
r359403:
Revert 359399: telnet -fno-common bits
There was a large misfire from my local diff that I need to investigate, and
this version committed did not build.
r359404:
Re-apply r359399: telnet -fno-common fix
line and auth_level's redefinitions are just extraneous
telnetd will #define extern and then include ext.h to allocate storage for
all of these extern'd vars; however, two of them are actually defined in
libtelnet instead. Instead of doing an #ifdef extern dance around those
function pointers, just add an EXTERN macro to make it easier to
differentiate by sight which ones will get allocated in globals.c and which
ones are defined elsewhere.
r359406:
telnet: kill off remaining duplicate definition
r359413:
ipfilter: remove duplicate definition of 'thishost'
thishost is already defined in lib/initparse.c; no need for this one. This
fixes the ipfilter build with -fno-common.
-fno-common will become the default in GCC10/LLVM11.
r359414:
iscontrol: move definition of vflag/iscsidev to iscontrol.c
Mark the declaration extern as these are used elsewhere; this fixes the
build with -fno-common.
r359415:
userboot: mark host_fsops as extern
This is already defined elsewhere; mark this declaration extern to the fix
the -fno-common build.
r359416:
systat: remove redundant definition of kd
kd is already properly declared in extern.h and defined in main.c, rendering
this definition useless. This fixes the -fno-common build.
r359425:
locate: fix -fno-common build
Just a single variable declaration to extern and define elsewhere here,
myctype.
-fno-common will become a default in GCC10/LLVM11.
r359427:
fsck_ffs/fsdb: fix -fno-common build
This one is also a small list:
- 3x duplicate definition (ufs2_zino, returntosingle, nflag)
- 5x 'needs extern', 3/5 of which are referenced in fsdb
-fno-common will become the default in GCC10/LLVM11.
r359432:
gdb: compile with -fcommon explicitly
As described in the comment, gdb relies on some of the linker magic that
happens with -fcommon. I suspect the life expectancy of gdb-in-base is low
enough that this isn't worth spending much time addressing, especially given
the vintage. Hit it with the -fcommon hammer so that it continues to just
work.
r359433:
bmake: fix -fno-common build
debug was declared extern, but debug_file was not; correct this and define
debug_file in main.c (as debug is) to fix the -fno-common build.
-fno-common will become the default with GCC10/LLVM11.
r359443:
MFV r359442: bmake: import -fno-common fix build back from upstream
sjg@ committed the local patch previously committed upstream; pull it in to
vendor/ to ease any potential stress of future imports.
r359675:
kqueue tests: fix -fno-common build
vnode_fd and kqfd are both shared among multiple CU; define them exactly
once.
In the case of vnode_fd, it was simply the declaration that needed
correction.
-fno-common will become the default in GCC10/LLVM11.
r359676:
ntpd: fix build with -fno-common
Only a small nit here: psl should be declared extern and defined exactly
once.
-fno-common will become the default in GCC10/LLVM11.
r359677:
yp*: fix -fno-common build
This is mostly two problems spread out far and wide:
- ypldap_process should be declared properly
- debug is defined differently in many programs
For the latter, just extern it and define it everywhere that actually needs
it. This mostly works out nicely for ^/libexec/ypxfr, which can remove the
assignment at the beginning of main in favor of defining it properly.
-fno-common will become the default in GCC10/LLVM11.
Notes:
svn path=/stable/11/; revision=359754
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
to libalias and ipfw.
In libalias, a new flag PKT_ALIAS_UNREGISTERED_RFC6598 is added.
This is like PKT_ALIAS_UNREGISTERED_ONLY, but also is RFC 6598 aware.
Also, we add a new NAT option to ipfw called unreg_cgn, which is like
unreg_only, but also is RFC 6598-aware. The reason for the new
flags/options is to avoid breaking existing networks, especially those
which rely on RFC 6598 as an external address.
Submitted by: Neel Chauhan <neel AT neelc DOT org>
Reviewed by: melifaro, rgrimes, Lutz Donnerhacke
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D22877
Differential Revision: https://reviews.freebsd.org/D23448
Notes:
svn path=/stable/11/; revision=359695
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use IP_FW_NAT44_DESTROY opcode for IP_FW3 socket option to destroy
NAT instance.
The NAT44 group of opcodes for IP_FW3 socket option is modern way
to control NAT instances and this method can be used in future to
switch from numeric to named NAT instances, like was done for ipfw
tables.
The IP_FW_NAT_DEL opcode is the last remnant of old ipfw_ctl control
plane that doesn't support versioned operations. This interface will
be retired soon.
Notes:
svn path=/stable/11/; revision=359649
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
pfctl: improve rule load times with thousands of interfaces
r343287 / D18759 introduced ifa_add_groups_to_map() which is now run by
ifa_load/ifa_lookup/host_if. When loading an anchor or ruleset via pfctl that
does NOT contain ifnames as hosts, host() still ends up iterating all
interfaces twice, grabbing SIOCGIFGROUP ioctl twice for each. This adds an
unnecessary amount of time on systems with thousands or tens of thousands of
interfaces.
Prioritize the IPv4/6 check over the interface name lookup, which skips loading
the iftab and iterating all interfaces when the configuration does not contain
interface names.
Submitted by: Nick Rogers
Sponsored by: RG Nets
Notes:
svn path=/stable/11/; revision=359573
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Merge r357864 from the clang1000-import branch:
Fix the following -Werror warning from clang 10.0.0 in sconfig:
sbin/sconfig/sconfig.c:909:5: error: misleading indentation; statement is not part of the previous 'else' [-Werror,-Wmisleading-indentation]
exit (-1);
^
sbin/sconfig/sconfig.c:907:6: note: previous statement is here
} else
^
The intent was to group the exit() call with the previous fprintf()
call.
Notes:
svn path=/stable/11/; revision=358078
|
| |
|
|
| |
Notes:
svn path=/stable/11/; revision=357667
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When creating a new FAT32 filesystem, use "unknown" (0xFFFFFFFF) for
FSI_Nxt_Free instead of providing a wrong value.
With this change, fsck_msdosfs would no longer complain about invalid
FSInfo information.
MFC r355317 (by delphij):
newfs_msdos: -A is incompatible with -r, not -o.
PR: 242314
Submitted by: Guy Yur <guyyur gmail com>
MFC r357227:
Merge r357225 from the clang1000-import branch:
Fix the following -Werror warning from clang 10.0.0 in newfs_msdos:
sbin/newfs_msdos/newfs_msdos.c:181:2: error: misleading indentation; statement is not part of the previous 'if' [-Werror,-Wmisleading-indentation]
if (o.align) {
^
sbin/newfs_msdos/newfs_msdos.c:179:5: note: previous statement is here
if (argc < 1 || argc > 2)
^
Notes:
svn path=/stable/11/; revision=357516
|
| |
|
|
|
|
|
|
|
|
|
| |
Fix a logic bug in error handling code. It is an error if p == NULL.
The linelen tests are only meaningful when p != NULL.
Reported by: Coverity
Coverity CID: 1368655
Notes:
svn path=/stable/11/; revision=357133
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Original commit log:
The new fsck recovery information to enable it to find backup
superblocks created in revision 322297 only works on disks
with sector sizes up to 4K. This update allows the recovery
information to be created by newfs and used by fsck on disks
with sector sizes up to 64K. Note that FFS currently limits
filesystem to be mounted from disks with up to 8K sectors.
Expanding this limitation will be the subject of another
commit.
For example, this allows newfs to work on GELI volumes with 8K sectors.
PR: 243413
Approved by: mckusick
Relnotes: Yes
Notes:
svn path=/stable/11/; revision=356905
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When removing a boot environment iterate over the dependents and process the
snapshots by grabbing any clones. Promote the clones we found and then
remove the target environment.
This fixes the ability to destroy a boot environment when it has been used
to spawn one or more other boot environments.
PR: 242592
Notes:
svn path=/stable/11/; revision=356593
|
| |
|
|
|
|
|
| |
Do not ask to use journal in fsck_ffs if journal is out of date
Notes:
svn path=/stable/11/; revision=356428
|
| |
|
|
|
|
|
|
| |
Due to off-by-one error in brackets counting it consumed the rest of the
string, preventing later variables expansions.
Notes:
svn path=/stable/11/; revision=356133
|
