svn commit: r247743 - in user/attilio/vmcontention: . bin/sh sbin/ipfw share/man/man4 sys/cddl/compat/opensolaris/sys sys/kern sys/modules/mqueue sys/sys tools/regression/bin/sh/builtins usr.bin/fi...
Attilio Rao
attilio at FreeBSD.org
Mon Mar 4 00:16:48 UTC 2013
Author: attilio
Date: Mon Mar 4 00:16:45 2013
New Revision: 247743
URL: http://svnweb.freebsd.org/changeset/base/247743
Log:
MFC
Added:
user/attilio/vmcontention/tools/regression/bin/sh/builtins/trap12.0
- copied unchanged from r247742, head/tools/regression/bin/sh/builtins/trap12.0
Modified:
user/attilio/vmcontention/MAINTAINERS (contents, props changed)
user/attilio/vmcontention/ObsoleteFiles.inc
user/attilio/vmcontention/bin/sh/trap.c
user/attilio/vmcontention/sbin/ipfw/ipfw2.c
user/attilio/vmcontention/sbin/ipfw/ipfw2.h
user/attilio/vmcontention/sbin/ipfw/ipv6.c
user/attilio/vmcontention/share/man/man4/mvs.4
user/attilio/vmcontention/sys/cddl/compat/opensolaris/sys/kcondvar.h
user/attilio/vmcontention/sys/kern/kern_descrip.c
user/attilio/vmcontention/sys/kern/kern_timeout.c
user/attilio/vmcontention/sys/kern/uipc_usrreq.c
user/attilio/vmcontention/sys/modules/mqueue/Makefile
user/attilio/vmcontention/sys/sys/filedesc.h
user/attilio/vmcontention/sys/sys/systm.h
user/attilio/vmcontention/usr.bin/find/extern.h
user/attilio/vmcontention/usr.bin/find/find.1
user/attilio/vmcontention/usr.bin/find/function.c
user/attilio/vmcontention/usr.bin/find/option.c
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions-bsdlabel.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions-disk.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions-extractimage.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions-installpackages.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions-mountdisk.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions-newfs.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions-packages.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions-parse.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/functions.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/backend/parseconfig.sh
user/attilio/vmcontention/usr.sbin/pc-sysinstall/conf/pc-sysinstall.conf
user/attilio/vmcontention/usr.sbin/pc-sysinstall/examples/README
Directory Properties:
user/attilio/vmcontention/ (props changed)
user/attilio/vmcontention/sbin/ (props changed)
user/attilio/vmcontention/sbin/ipfw/ (props changed)
user/attilio/vmcontention/share/man/man4/ (props changed)
user/attilio/vmcontention/sys/ (props changed)
Modified: user/attilio/vmcontention/MAINTAINERS
==============================================================================
--- user/attilio/vmcontention/MAINTAINERS Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/MAINTAINERS Mon Mar 4 00:16:45 2013 (r247743)
@@ -124,3 +124,6 @@ isci(4) jimharris Pre-commit review req
cmx daniel at roe.ch Pre-commit review preferred.
filemon obrien Pre-commit review preferred.
sysdoc trhodes Pre-commit review preferred.
+sh(1) jilles Pre-commit review requested. This also applies
+ to kill(1), printf(1) and test(1) which are
+ compiled in as builtins.
Modified: user/attilio/vmcontention/ObsoleteFiles.inc
==============================================================================
--- user/attilio/vmcontention/ObsoleteFiles.inc Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/ObsoleteFiles.inc Mon Mar 4 00:16:45 2013 (r247743)
@@ -39,6 +39,8 @@
# done
# 20130302: NTFS support removed
+OLD_FILES+=rescue/mount_ntfs
+OLD_FILES+=sbin/mount_ntfs
OLD_FILES+=usr/include/fs/ntfs/ntfs.h
OLD_FILES+=usr/include/fs/ntfs/ntfs_compr.h
OLD_FILES+=usr/include/fs/ntfs/ntfs_ihash.h
@@ -51,6 +53,7 @@ OLD_FILES+=usr/share/man/man8/mount_ntfs
# 20130302: PORTALFS support removed
OLD_FILES+=usr/include/fs/portalfs/portal.h
OLD_DIRS+=usr/include/fs/portalfs
+OLD_FILES+=usr/sbin/mount_portalfs
OLD_FILES+=usr/share/examples/portal/README
OLD_FILES+=usr/share/examples/portal/portal.conf
OLD_DIRS+=usr/share/examples/portal
@@ -79,9 +82,10 @@ OLD_DIRS+=var/remote
# 20121114: zpool-features manual page moved from section 5 to 7
OLD_FILES+=usr/share/man/man5/zpool-features.5.gz
# 20121022: remove harp, hfa and idt man page
-OLD_FILES+=share/man/man4/harp.4
-OLD_FILES+=share/man/man4/hfa.4
-OLD_FILES+=share/man/man4/idt.4
+OLD_FILES+=usr/share/man/man4/harp.4.gz
+OLD_FILES+=usr/share/man/man4/hfa.4.gz
+OLD_FILES+=usr/share/man/man4/idt.4.gz
+OLD_FILES+=usr/share/man/man4/if_idt.4.gz
# 20121022: VFS_LOCK_GIANT elimination
OLD_FILES+=usr/share/man/man9/VFS_LOCK_GIANT.9.gz
OLD_FILES+=usr/share/man/man9/VFS_UNLOCK_GIANT.9.gz
Modified: user/attilio/vmcontention/bin/sh/trap.c
==============================================================================
--- user/attilio/vmcontention/bin/sh/trap.c Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/bin/sh/trap.c Mon Mar 4 00:16:45 2013 (r247743)
@@ -455,7 +455,6 @@ dotrap(void)
last_trapsig = i;
savestatus = exitstatus;
evalstring(trap[i], 0);
- exitstatus = savestatus;
/*
* If such a command was not
@@ -464,9 +463,11 @@ dotrap(void)
* trap action to have an effect
* outside of it.
*/
- if (prev_evalskip != 0) {
+ if (evalskip == 0 ||
+ prev_evalskip != 0) {
evalskip = prev_evalskip;
skipcount = prev_skipcount;
+ exitstatus = savestatus;
}
if (i == SIGCHLD)
Modified: user/attilio/vmcontention/sbin/ipfw/ipfw2.c
==============================================================================
--- user/attilio/vmcontention/sbin/ipfw/ipfw2.c Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/sbin/ipfw/ipfw2.c Mon Mar 4 00:16:45 2013 (r247743)
@@ -64,6 +64,22 @@ int ipfw_socket = -1;
#define s6_addr32 __u6_addr.__u6_addr32
#endif
+#define CHECK_LENGTH(v, len) do { \
+ if ((v) < (len)) \
+ errx(EX_DATAERR, "Rule too long"); \
+ } while (0)
+/*
+ * Check if we have enough space in cmd buffer. Note that since
+ * first 8? u32 words are reserved by reserved header, full cmd
+ * buffer can't be used, so we need to protect from buffer overrun
+ * only. At the beginnig, cblen is less than actual buffer size by
+ * size of ipfw_insn_u32 instruction + 1 u32 work. This eliminates need
+ * for checking small instructions fitting in given range.
+ * We also (ab)use the fact that ipfw_insn is always the first field
+ * for any custom instruction.
+ */
+#define CHECK_CMDLEN CHECK_LENGTH(cblen, F_LEN((ipfw_insn *)cmd))
+
#define GET_UINT_ARG(arg, min, max, tok, s_x) do { \
if (!av[0]) \
errx(EX_USAGE, "%s: missing argument", match_value(s_x, tok)); \
@@ -653,7 +669,7 @@ strtoport(char *s, char **end, int base,
* Fill the body of the command with the list of port ranges.
*/
static int
-fill_newports(ipfw_insn_u16 *cmd, char *av, int proto)
+fill_newports(ipfw_insn_u16 *cmd, char *av, int proto, int cblen)
{
uint16_t a, b, *p = cmd->ports;
int i = 0;
@@ -664,6 +680,8 @@ fill_newports(ipfw_insn_u16 *cmd, char *
if (s == av) /* empty or invalid argument */
return (0);
+ CHECK_LENGTH(cblen, i + 2);
+
switch (*s) {
case '-': /* a range */
av = s + 1;
@@ -2068,7 +2086,7 @@ lookup_host (char *host, struct in_addr
* We can have multiple comma-separated address/mask entries.
*/
static void
-fill_ip(ipfw_insn_ip *cmd, char *av)
+fill_ip(ipfw_insn_ip *cmd, char *av, int cblen)
{
int len = 0;
uint32_t *d = ((ipfw_insn_u32 *)cmd)->d;
@@ -2108,6 +2126,8 @@ fill_ip(ipfw_insn_ip *cmd, char *av)
int masklen;
char md, nd = '\0';
+ CHECK_LENGTH(cblen, F_INSN_SIZE(ipfw_insn) + 2 + len);
+
if (p) {
md = *p;
*p++ = '\0';
@@ -2366,11 +2386,13 @@ ipfw_delete(char *av[])
* patterns which match interfaces.
*/
static void
-fill_iface(ipfw_insn_if *cmd, char *arg)
+fill_iface(ipfw_insn_if *cmd, char *arg, int cblen)
{
cmd->name[0] = '\0';
cmd->o.len |= F_INSN_SIZE(ipfw_insn_if);
+ CHECK_CMDLEN;
+
/* Parse the interface or address */
if (strcmp(arg, "any") == 0)
cmd->o.len = 0; /* effectively ignore this command */
@@ -2441,8 +2463,10 @@ get_mac_addr_mask(const char *p, uint8_t
* the new command in case it has been clobbered before.
*/
static ipfw_insn *
-next_cmd(ipfw_insn *cmd)
+next_cmd(ipfw_insn *cmd, int *len)
{
+ *len -= F_LEN(cmd);
+ CHECK_LENGTH(*len, 0);
cmd += F_LEN(cmd);
bzero(cmd, sizeof(*cmd));
return cmd;
@@ -2452,7 +2476,7 @@ next_cmd(ipfw_insn *cmd)
* Takes arguments and copies them into a comment
*/
static void
-fill_comment(ipfw_insn *cmd, char **av)
+fill_comment(ipfw_insn *cmd, char **av, int cblen)
{
int i, l;
char *p = (char *)(cmd + 1);
@@ -2470,6 +2494,8 @@ fill_comment(ipfw_insn *cmd, char **av)
"comment too long (max 80 chars)");
l = 1 + (l+3)/4;
cmd->len = (cmd->len & (F_NOT | F_OR)) | l;
+ CHECK_CMDLEN;
+
for (i = 0; av[i] != NULL; i++) {
strcpy(p, av[i]);
p += strlen(av[i]);
@@ -2495,7 +2521,7 @@ fill_cmd(ipfw_insn *cmd, enum ipfw_opcod
* two microinstructions, and returns the pointer to the last one.
*/
static ipfw_insn *
-add_mac(ipfw_insn *cmd, char *av[])
+add_mac(ipfw_insn *cmd, char *av[], int cblen)
{
ipfw_insn_mac *mac;
@@ -2504,6 +2530,7 @@ add_mac(ipfw_insn *cmd, char *av[])
cmd->opcode = O_MACADDR2;
cmd->len = (cmd->len & (F_NOT | F_OR)) | F_INSN_SIZE(ipfw_insn_mac);
+ CHECK_CMDLEN;
mac = (ipfw_insn_mac *)cmd;
get_mac_addr_mask(av[0], mac->addr, mac->mask); /* dst */
@@ -2513,12 +2540,13 @@ add_mac(ipfw_insn *cmd, char *av[])
}
static ipfw_insn *
-add_mactype(ipfw_insn *cmd, char *av)
+add_mactype(ipfw_insn *cmd, char *av, int cblen)
{
if (!av)
errx(EX_DATAERR, "missing MAC type");
if (strcmp(av, "any") != 0) { /* we have a non-null type */
- fill_newports((ipfw_insn_u16 *)cmd, av, IPPROTO_ETHERTYPE);
+ fill_newports((ipfw_insn_u16 *)cmd, av, IPPROTO_ETHERTYPE,
+ cblen);
cmd->opcode = O_MAC_TYPE;
return cmd;
} else
@@ -2587,9 +2615,9 @@ add_proto_compat(ipfw_insn *cmd, char *a
}
static ipfw_insn *
-add_srcip(ipfw_insn *cmd, char *av)
+add_srcip(ipfw_insn *cmd, char *av, int cblen)
{
- fill_ip((ipfw_insn_ip *)cmd, av);
+ fill_ip((ipfw_insn_ip *)cmd, av, cblen);
if (cmd->opcode == O_IP_DST_SET) /* set */
cmd->opcode = O_IP_SRC_SET;
else if (cmd->opcode == O_IP_DST_LOOKUP) /* table */
@@ -2604,9 +2632,9 @@ add_srcip(ipfw_insn *cmd, char *av)
}
static ipfw_insn *
-add_dstip(ipfw_insn *cmd, char *av)
+add_dstip(ipfw_insn *cmd, char *av, int cblen)
{
- fill_ip((ipfw_insn_ip *)cmd, av);
+ fill_ip((ipfw_insn_ip *)cmd, av, cblen);
if (cmd->opcode == O_IP_DST_SET) /* set */
;
else if (cmd->opcode == O_IP_DST_LOOKUP) /* table */
@@ -2621,12 +2649,12 @@ add_dstip(ipfw_insn *cmd, char *av)
}
static ipfw_insn *
-add_ports(ipfw_insn *cmd, char *av, u_char proto, int opcode)
+add_ports(ipfw_insn *cmd, char *av, u_char proto, int opcode, int cblen)
{
/* XXX "any" is trapped before. Perhaps "to" */
if (_substrcmp(av, "any") == 0) {
return NULL;
- } else if (fill_newports((ipfw_insn_u16 *)cmd, av, proto)) {
+ } else if (fill_newports((ipfw_insn_u16 *)cmd, av, proto, cblen)) {
/* XXX todo: check that we have a protocol with ports */
cmd->opcode = opcode;
return cmd;
@@ -2635,7 +2663,7 @@ add_ports(ipfw_insn *cmd, char *av, u_ch
}
static ipfw_insn *
-add_src(ipfw_insn *cmd, char *av, u_char proto)
+add_src(ipfw_insn *cmd, char *av, u_char proto, int cblen)
{
struct in6_addr a;
char *host, *ch;
@@ -2648,11 +2676,11 @@ add_src(ipfw_insn *cmd, char *av, u_char
if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
inet_pton(AF_INET6, host, &a) == 1)
- ret = add_srcip6(cmd, av);
+ ret = add_srcip6(cmd, av, cblen);
/* XXX: should check for IPv4, not !IPv6 */
if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
inet_pton(AF_INET6, host, &a) != 1))
- ret = add_srcip(cmd, av);
+ ret = add_srcip(cmd, av, cblen);
if (ret == NULL && strcmp(av, "any") != 0)
ret = cmd;
@@ -2661,7 +2689,7 @@ add_src(ipfw_insn *cmd, char *av, u_char
}
static ipfw_insn *
-add_dst(ipfw_insn *cmd, char *av, u_char proto)
+add_dst(ipfw_insn *cmd, char *av, u_char proto, int cblen)
{
struct in6_addr a;
char *host, *ch;
@@ -2674,11 +2702,11 @@ add_dst(ipfw_insn *cmd, char *av, u_char
if (proto == IPPROTO_IPV6 || strcmp(av, "me6") == 0 ||
inet_pton(AF_INET6, host, &a) == 1)
- ret = add_dstip6(cmd, av);
+ ret = add_dstip6(cmd, av, cblen);
/* XXX: should check for IPv4, not !IPv6 */
if (ret == NULL && (proto == IPPROTO_IP || strcmp(av, "me") == 0 ||
inet_pton(AF_INET6, host, &a) != 1))
- ret = add_dstip(cmd, av);
+ ret = add_dstip(cmd, av, cblen);
if (ret == NULL && strcmp(av, "any") != 0)
ret = cmd;
@@ -2708,6 +2736,7 @@ ipfw_add(char *av[])
* go into actbuf[].
*/
static uint32_t rulebuf[255], actbuf[255], cmdbuf[255];
+ int rblen, ablen, cblen;
ipfw_insn *src, *dst, *cmd, *action, *prev=NULL;
ipfw_insn *first_cmd; /* first match pattern */
@@ -2738,6 +2767,15 @@ ipfw_add(char *av[])
cmd = (ipfw_insn *)cmdbuf;
action = (ipfw_insn *)actbuf;
+ rblen = sizeof(rulebuf) / sizeof(rulebuf[0]);
+ rblen -= offsetof(struct ip_fw, cmd) / sizeof(rulebuf[0]);
+ ablen = sizeof(actbuf) / sizeof(actbuf[0]);
+ cblen = sizeof(cmdbuf) / sizeof(cmdbuf[0]);
+ cblen -= F_INSN_SIZE(ipfw_insn_u32) + 1;
+
+#define CHECK_RBUFLEN(len) { CHECK_LENGTH(rblen, len); rblen -= len; }
+#define CHECK_ACTLEN CHECK_LENGTH(ablen, action->len)
+
av++;
/* [rule N] -- Rule number optional */
@@ -2769,6 +2807,7 @@ ipfw_add(char *av[])
i = match_token(rule_actions, *av);
av++;
action->len = 1; /* default */
+ CHECK_ACTLEN;
switch(i) {
case TOK_CHECKSTATE:
have_state = action;
@@ -2820,6 +2859,7 @@ ipfw_add(char *av[])
case TOK_NAT:
action->opcode = O_NAT;
action->len = F_INSN_SIZE(ipfw_insn_nat);
+ CHECK_ACTLEN;
if (_substrcmp(*av, "global") == 0) {
action->arg1 = 0;
av++;
@@ -2936,6 +2976,7 @@ chkarg:
action->opcode = O_FORWARD_IP;
action->len = F_INSN_SIZE(ipfw_insn_sa);
+ CHECK_ACTLEN;
/*
* In the kernel we assume AF_INET and use only
@@ -2952,6 +2993,7 @@ chkarg:
action->opcode = O_FORWARD_IP6;
action->len = F_INSN_SIZE(ipfw_insn_sa6);
+ CHECK_ACTLEN;
p->sa.sin6_len = sizeof(struct sockaddr_in6);
p->sa.sin6_family = AF_INET6;
@@ -3005,7 +3047,7 @@ chkarg:
default:
errx(EX_DATAERR, "invalid action %s\n", av[-1]);
}
- action = next_cmd(action);
+ action = next_cmd(action, &ablen);
/*
* [altq queuename] -- altq tag, optional
@@ -3027,6 +3069,7 @@ chkarg:
"log cannot be specified more than once");
have_log = (ipfw_insn *)c;
cmd->len = F_INSN_SIZE(ipfw_insn_log);
+ CHECK_CMDLEN;
cmd->opcode = O_LOG;
if (av[0] && _substrcmp(*av, "logamount") == 0) {
av++;
@@ -3058,6 +3101,7 @@ chkarg:
"altq cannot be specified more than once");
have_altq = (ipfw_insn *)a;
cmd->len = F_INSN_SIZE(ipfw_insn_altq);
+ CHECK_CMDLEN;
cmd->opcode = O_ALTQ;
a->qid = altq_name_to_qid(*av);
av++;
@@ -3083,7 +3127,7 @@ chkarg:
default:
abort();
}
- cmd = next_cmd(cmd);
+ cmd = next_cmd(cmd, &cblen);
}
if (have_state) /* must be a check-state, we are done */
@@ -3168,7 +3212,7 @@ chkarg:
av++;
if (F_LEN(cmd) != 0) {
prev = cmd;
- cmd = next_cmd(cmd);
+ cmd = next_cmd(cmd, &cblen);
}
} else if (first_cmd != cmd) {
errx(EX_DATAERR, "invalid protocol ``%s''", *av);
@@ -3189,11 +3233,11 @@ chkarg:
OR_START(source_ip);
NOT_BLOCK; /* optional "not" */
NEED1("missing source address");
- if (add_src(cmd, *av, proto)) {
+ if (add_src(cmd, *av, proto, cblen)) {
av++;
if (F_LEN(cmd) != 0) { /* ! any */
prev = cmd;
- cmd = next_cmd(cmd);
+ cmd = next_cmd(cmd, &cblen);
}
} else
errx(EX_USAGE, "bad source address %s", *av);
@@ -3205,10 +3249,10 @@ chkarg:
NOT_BLOCK; /* optional "not" */
if ( av[0] != NULL ) {
if (_substrcmp(*av, "any") == 0 ||
- add_ports(cmd, *av, proto, O_IP_SRCPORT)) {
+ add_ports(cmd, *av, proto, O_IP_SRCPORT, cblen)) {
av++;
if (F_LEN(cmd) != 0)
- cmd = next_cmd(cmd);
+ cmd = next_cmd(cmd, &cblen);
}
}
@@ -3225,11 +3269,11 @@ chkarg:
OR_START(dest_ip);
NOT_BLOCK; /* optional "not" */
NEED1("missing dst address");
- if (add_dst(cmd, *av, proto)) {
+ if (add_dst(cmd, *av, proto, cblen)) {
av++;
if (F_LEN(cmd) != 0) { /* ! any */
prev = cmd;
- cmd = next_cmd(cmd);
+ cmd = next_cmd(cmd, &cblen);
}
} else
errx( EX_USAGE, "bad destination address %s", *av);
@@ -3241,10 +3285,10 @@ chkarg:
NOT_BLOCK; /* optional "not" */
if (av[0]) {
if (_substrcmp(*av, "any") == 0 ||
- add_ports(cmd, *av, proto, O_IP_DSTPORT)) {
+ add_ports(cmd, *av, proto, O_IP_DSTPORT, cblen)) {
av++;
if (F_LEN(cmd) != 0)
- cmd = next_cmd(cmd);
+ cmd = next_cmd(cmd, &cblen);
}
}
@@ -3332,7 +3376,7 @@ read_options:
case TOK_VIA:
NEED1("recv, xmit, via require interface name"
" or address");
- fill_iface((ipfw_insn_if *)cmd, av[0]);
+ fill_iface((ipfw_insn_if *)cmd, av[0], cblen);
av++;
if (F_LEN(cmd) == 0) /* not a valid address */
break;
@@ -3352,14 +3396,14 @@ read_options:
case TOK_ICMP6TYPES:
NEED1("icmptypes requires list of types");
- fill_icmp6types((ipfw_insn_icmp6 *)cmd, *av);
+ fill_icmp6types((ipfw_insn_icmp6 *)cmd, *av, cblen);
av++;
break;
case TOK_IPTTL:
NEED1("ipttl requires TTL");
if (strpbrk(*av, "-,")) {
- if (!add_ports(cmd, *av, 0, O_IPTTL))
+ if (!add_ports(cmd, *av, 0, O_IPTTL, cblen))
errx(EX_DATAERR, "invalid ipttl %s", *av);
} else
fill_cmd(cmd, O_IPTTL, 0, strtoul(*av, NULL, 0));
@@ -3369,7 +3413,7 @@ read_options:
case TOK_IPID:
NEED1("ipid requires id");
if (strpbrk(*av, "-,")) {
- if (!add_ports(cmd, *av, 0, O_IPID))
+ if (!add_ports(cmd, *av, 0, O_IPID, cblen))
errx(EX_DATAERR, "invalid ipid %s", *av);
} else
fill_cmd(cmd, O_IPID, 0, strtoul(*av, NULL, 0));
@@ -3379,7 +3423,7 @@ read_options:
case TOK_IPLEN:
NEED1("iplen requires length");
if (strpbrk(*av, "-,")) {
- if (!add_ports(cmd, *av, 0, O_IPLEN))
+ if (!add_ports(cmd, *av, 0, O_IPLEN, cblen))
errx(EX_DATAERR, "invalid ip len %s", *av);
} else
fill_cmd(cmd, O_IPLEN, 0, strtoul(*av, NULL, 0));
@@ -3475,7 +3519,7 @@ read_options:
case TOK_TCPDATALEN:
NEED1("tcpdatalen requires length");
if (strpbrk(*av, "-,")) {
- if (!add_ports(cmd, *av, 0, O_TCPDATALEN))
+ if (!add_ports(cmd, *av, 0, O_TCPDATALEN, cblen))
errx(EX_DATAERR, "invalid tcpdata len %s", *av);
} else
fill_cmd(cmd, O_TCPDATALEN, 0,
@@ -3501,7 +3545,7 @@ read_options:
case TOK_TCPWIN:
NEED1("tcpwin requires length");
if (strpbrk(*av, "-,")) {
- if (!add_ports(cmd, *av, 0, O_TCPWIN))
+ if (!add_ports(cmd, *av, 0, O_TCPWIN, cblen))
errx(EX_DATAERR, "invalid tcpwin len %s", *av);
} else
fill_cmd(cmd, O_TCPWIN, 0,
@@ -3540,6 +3584,7 @@ read_options:
have_state = cmd;
cmd->len = F_INSN_SIZE(ipfw_insn_limit);
+ CHECK_CMDLEN;
cmd->opcode = O_LIMIT;
c->limit_mask = c->conn_limit = 0;
@@ -3571,28 +3616,28 @@ read_options:
case TOK_SRCIP:
NEED1("missing source IP");
- if (add_srcip(cmd, *av)) {
+ if (add_srcip(cmd, *av, cblen)) {
av++;
}
break;
case TOK_DSTIP:
NEED1("missing destination IP");
- if (add_dstip(cmd, *av)) {
+ if (add_dstip(cmd, *av, cblen)) {
av++;
}
break;
case TOK_SRCIP6:
NEED1("missing source IP6");
- if (add_srcip6(cmd, *av)) {
+ if (add_srcip6(cmd, *av, cblen)) {
av++;
}
break;
case TOK_DSTIP6:
NEED1("missing destination IP6");
- if (add_dstip6(cmd, *av)) {
+ if (add_dstip6(cmd, *av, cblen)) {
av++;
}
break;
@@ -3600,7 +3645,7 @@ read_options:
case TOK_SRCPORT:
NEED1("missing source port");
if (_substrcmp(*av, "any") == 0 ||
- add_ports(cmd, *av, proto, O_IP_SRCPORT)) {
+ add_ports(cmd, *av, proto, O_IP_SRCPORT, cblen)) {
av++;
} else
errx(EX_DATAERR, "invalid source port %s", *av);
@@ -3609,7 +3654,7 @@ read_options:
case TOK_DSTPORT:
NEED1("missing destination port");
if (_substrcmp(*av, "any") == 0 ||
- add_ports(cmd, *av, proto, O_IP_DSTPORT)) {
+ add_ports(cmd, *av, proto, O_IP_DSTPORT, cblen)) {
av++;
} else
errx(EX_DATAERR, "invalid destination port %s",
@@ -3617,13 +3662,13 @@ read_options:
break;
case TOK_MAC:
- if (add_mac(cmd, av))
+ if (add_mac(cmd, av, cblen))
av += 2;
break;
case TOK_MACTYPE:
NEED1("missing mac type");
- if (!add_mactype(cmd, *av))
+ if (!add_mactype(cmd, *av, cblen))
errx(EX_DATAERR, "invalid mac type %s", *av);
av++;
break;
@@ -3661,18 +3706,18 @@ read_options:
if (proto != IPPROTO_IPV6 )
errx( EX_USAGE, "flow-id filter is active "
"only for ipv6 protocol\n");
- fill_flow6( (ipfw_insn_u32 *) cmd, *av );
+ fill_flow6( (ipfw_insn_u32 *) cmd, *av, cblen);
av++;
break;
case TOK_COMMENT:
- fill_comment(cmd, av);
+ fill_comment(cmd, av, cblen);
av[0]=NULL;
break;
case TOK_TAGGED:
if (av[0] && strpbrk(*av, "-,")) {
- if (!add_ports(cmd, *av, 0, O_TAGGED))
+ if (!add_ports(cmd, *av, 0, O_TAGGED, cblen))
errx(EX_DATAERR, "tagged: invalid tag"
" list: %s", *av);
}
@@ -3725,7 +3770,7 @@ read_options:
}
if (F_LEN(cmd) > 0) { /* prepare to advance */
prev = cmd;
- cmd = next_cmd(cmd);
+ cmd = next_cmd(cmd, &cblen);
}
}
@@ -3754,12 +3799,13 @@ done:
*/
if (have_state && have_state->opcode != O_CHECK_STATE) {
fill_cmd(dst, O_PROBE_STATE, 0, 0);
- dst = next_cmd(dst);
+ dst = next_cmd(dst, &rblen);
}
/* copy all commands but O_LOG, O_KEEP_STATE, O_LIMIT, O_ALTQ, O_TAG */
for (src = (ipfw_insn *)cmdbuf; src != cmd; src += i) {
i = F_LEN(src);
+ CHECK_RBUFLEN(i);
switch (src->opcode) {
case O_LOG:
@@ -3779,6 +3825,7 @@ done:
*/
if (have_state && have_state->opcode != O_CHECK_STATE) {
i = F_LEN(have_state);
+ CHECK_RBUFLEN(i);
bcopy(have_state, dst, i * sizeof(uint32_t));
dst += i;
}
@@ -3790,24 +3837,29 @@ done:
/* put back O_LOG, O_ALTQ, O_TAG if necessary */
if (have_log) {
i = F_LEN(have_log);
+ CHECK_RBUFLEN(i);
bcopy(have_log, dst, i * sizeof(uint32_t));
dst += i;
}
if (have_altq) {
i = F_LEN(have_altq);
+ CHECK_RBUFLEN(i);
bcopy(have_altq, dst, i * sizeof(uint32_t));
dst += i;
}
if (have_tag) {
i = F_LEN(have_tag);
+ CHECK_RBUFLEN(i);
bcopy(have_tag, dst, i * sizeof(uint32_t));
dst += i;
}
+
/*
* copy all other actions
*/
for (src = (ipfw_insn *)actbuf; src != action; src += i) {
i = F_LEN(src);
+ CHECK_RBUFLEN(i);
bcopy(src, dst, i * sizeof(uint32_t));
dst += i;
}
Modified: user/attilio/vmcontention/sbin/ipfw/ipfw2.h
==============================================================================
--- user/attilio/vmcontention/sbin/ipfw/ipfw2.h Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/sbin/ipfw/ipfw2.h Mon Mar 4 00:16:45 2013 (r247743)
@@ -283,10 +283,10 @@ void print_flow6id(struct _ipfw_insn_u32
void print_icmp6types(struct _ipfw_insn_u32 *cmd);
void print_ext6hdr(struct _ipfw_insn *cmd );
-struct _ipfw_insn *add_srcip6(struct _ipfw_insn *cmd, char *av);
-struct _ipfw_insn *add_dstip6(struct _ipfw_insn *cmd, char *av);
+struct _ipfw_insn *add_srcip6(struct _ipfw_insn *cmd, char *av, int cblen);
+struct _ipfw_insn *add_dstip6(struct _ipfw_insn *cmd, char *av, int cblen);
-void fill_flow6(struct _ipfw_insn_u32 *cmd, char *av );
+void fill_flow6(struct _ipfw_insn_u32 *cmd, char *av, int cblen);
void fill_unreach6_code(u_short *codep, char *str);
-void fill_icmp6types(struct _ipfw_insn_icmp6 *cmd, char *av);
+void fill_icmp6types(struct _ipfw_insn_icmp6 *cmd, char *av, int cblen);
int fill_ext6hdr(struct _ipfw_insn *cmd, char *av);
Modified: user/attilio/vmcontention/sbin/ipfw/ipv6.c
==============================================================================
--- user/attilio/vmcontention/sbin/ipfw/ipv6.c Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/sbin/ipfw/ipv6.c Mon Mar 4 00:16:45 2013 (r247743)
@@ -42,6 +42,11 @@
#include <netinet/ip_fw.h>
#include <arpa/inet.h>
+#define CHECK_LENGTH(v, len) do { \
+ if ((v) < (len)) \
+ errx(EX_DATAERR, "Rule too long"); \
+ } while (0)
+
static struct _s_x icmp6codes[] = {
{ "no-route", ICMP6_DST_UNREACH_NOROUTE },
{ "admin-prohib", ICMP6_DST_UNREACH_ADMIN },
@@ -131,10 +136,12 @@ print_ip6(ipfw_insn_ip6 *cmd, char const
}
void
-fill_icmp6types(ipfw_insn_icmp6 *cmd, char *av)
+fill_icmp6types(ipfw_insn_icmp6 *cmd, char *av, int cblen)
{
uint8_t type;
+ CHECK_LENGTH(cblen, F_INSN_SIZE(ipfw_insn_icmp6));
+
bzero(cmd, sizeof(*cmd));
while (*av) {
if (*av == ',')
@@ -327,7 +334,7 @@ lookup_host6 (char *host, struct in6_add
* Return 1 on success, 0 on failure.
*/
static int
-fill_ip6(ipfw_insn_ip6 *cmd, char *av)
+fill_ip6(ipfw_insn_ip6 *cmd, char *av, int cblen)
{
int len = 0;
struct in6_addr *d = &(cmd->addr6);
@@ -379,6 +386,8 @@ fill_ip6(ipfw_insn_ip6 *cmd, char *av)
int masklen;
char md = '\0';
+ CHECK_LENGTH(cblen, 1 + len + 2 * F_INSN_SIZE(struct in6_addr));
+
if ((p = strpbrk(av, "/,")) ) {
md = *p; /* save the separator */
*p = '\0'; /* terminate address string */
@@ -453,7 +462,7 @@ fill_ip6(ipfw_insn_ip6 *cmd, char *av)
* additional flow-id we want to filter, the basic is 1
*/
void
-fill_flow6( ipfw_insn_u32 *cmd, char *av )
+fill_flow6( ipfw_insn_u32 *cmd, char *av, int cblen)
{
u_int32_t type; /* Current flow number */
u_int16_t nflow = 0; /* Current flow index */
@@ -461,6 +470,8 @@ fill_flow6( ipfw_insn_u32 *cmd, char *av
cmd->d[0] = 0; /* Initializing the base number*/
while (s) {
+ CHECK_LENGTH(cblen, F_INSN_SIZE(ipfw_insn_u32) + nflow + 1);
+
av = strsep( &s, ",") ;
type = strtoul(av, &av, 0);
if (*av != ',' && *av != '\0')
@@ -481,10 +492,10 @@ fill_flow6( ipfw_insn_u32 *cmd, char *av
}
ipfw_insn *
-add_srcip6(ipfw_insn *cmd, char *av)
+add_srcip6(ipfw_insn *cmd, char *av, int cblen)
{
- fill_ip6((ipfw_insn_ip6 *)cmd, av);
+ fill_ip6((ipfw_insn_ip6 *)cmd, av, cblen);
if (cmd->opcode == O_IP_DST_SET) /* set */
cmd->opcode = O_IP_SRC_SET;
else if (cmd->opcode == O_IP_DST_LOOKUP) /* table */
@@ -503,10 +514,10 @@ add_srcip6(ipfw_insn *cmd, char *av)
}
ipfw_insn *
-add_dstip6(ipfw_insn *cmd, char *av)
+add_dstip6(ipfw_insn *cmd, char *av, int cblen)
{
- fill_ip6((ipfw_insn_ip6 *)cmd, av);
+ fill_ip6((ipfw_insn_ip6 *)cmd, av, cblen);
if (cmd->opcode == O_IP_DST_SET) /* set */
;
else if (cmd->opcode == O_IP_DST_LOOKUP) /* table */
Modified: user/attilio/vmcontention/share/man/man4/mvs.4
==============================================================================
--- user/attilio/vmcontention/share/man/man4/mvs.4 Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/share/man/man4/mvs.4 Mon Mar 4 00:16:45 2013 (r247743)
@@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd April 27, 2010
+.Dd March 3, 2013
.Dt MVS 4
.Os
.Sh NAME
@@ -62,7 +62,7 @@ command latency.
.It Va hint.mvs. Ns Ar X Ns Va .cccc
defines number of completed commands for CCC, which trigger interrupt without
waiting for specified coalescing timeout.
-.It Va hint.mvs. Ns Ar X Ns Va .pm_level
+.It Va hint.mvsch. Ns Ar X Ns Va .pm_level
controls SATA interface Power Management for the specified channel,
allowing some power to be saved at the cost of additional command
latency.
@@ -82,7 +82,7 @@ driver initiates SLUMBER PM state transi
Note that interface Power Management is not compatible with
device presence detection.
A manual bus reset is needed on device hot-plug.
-.It Va hint.mvs. Ns Ar X Ns Va .sata_rev
+.It Va hint.mvsch. Ns Ar X Ns Va .sata_rev
setting to nonzero value limits maximum SATA revision (speed).
Values 1, 2 and 3 are respectively 1.5, 3 and 6Gbps.
.El
Modified: user/attilio/vmcontention/sys/cddl/compat/opensolaris/sys/kcondvar.h
==============================================================================
--- user/attilio/vmcontention/sys/cddl/compat/opensolaris/sys/kcondvar.h Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/sys/cddl/compat/opensolaris/sys/kcondvar.h Mon Mar 4 00:16:45 2013 (r247743)
@@ -55,7 +55,7 @@ typedef enum {
_name = #cv; \
cv_init((cv), _name); \
} while (0)
-#define cv_init(cv, name, type, arg) zfs_cv_init((cv), (name), (type), (arg))
+#define cv_init(cv, name, type, arg) zfs_cv_init(cv, name, type, arg)
#endif /* _KERNEL */
Modified: user/attilio/vmcontention/sys/kern/kern_descrip.c
==============================================================================
--- user/attilio/vmcontention/sys/kern/kern_descrip.c Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/sys/kern/kern_descrip.c Mon Mar 4 00:16:45 2013 (r247743)
@@ -104,6 +104,7 @@ static MALLOC_DEFINE(M_FILEDESC, "filede
static MALLOC_DEFINE(M_FILEDESC_TO_LEADER, "filedesc_to_leader",
"file desc to leader structures");
static MALLOC_DEFINE(M_SIGIO, "sigio", "sigio structures");
+MALLOC_DEFINE(M_FILECAPS, "filecaps", "descriptor capabilities");
MALLOC_DECLARE(M_FADVISE);
@@ -1389,7 +1390,7 @@ filecaps_copy(const struct filecaps *src
("fc_ioctls != NULL, but fc_nioctls=%hd", src->fc_nioctls));
size = sizeof(src->fc_ioctls[0]) * src->fc_nioctls;
- dst->fc_ioctls = malloc(size, M_TEMP, M_WAITOK);
+ dst->fc_ioctls = malloc(size, M_FILECAPS, M_WAITOK);
bcopy(src->fc_ioctls, dst->fc_ioctls, size);
}
}
@@ -1397,7 +1398,7 @@ filecaps_copy(const struct filecaps *src
/*
* Move filecaps structure to the new place and clear the old place.
*/
-static void
+void
filecaps_move(struct filecaps *src, struct filecaps *dst)
{
@@ -1425,7 +1426,7 @@ void
filecaps_free(struct filecaps *fcaps)
{
- free(fcaps->fc_ioctls, M_TEMP);
+ free(fcaps->fc_ioctls, M_FILECAPS);
bzero(fcaps, sizeof(*fcaps));
}
Modified: user/attilio/vmcontention/sys/kern/kern_timeout.c
==============================================================================
--- user/attilio/vmcontention/sys/kern/kern_timeout.c Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/sys/kern/kern_timeout.c Mon Mar 4 00:16:45 2013 (r247743)
@@ -43,7 +43,6 @@ __FBSDID("$FreeBSD$");
#include <sys/systm.h>
#include <sys/bus.h>
#include <sys/callout.h>
-#include <sys/condvar.h>
#include <sys/interrupt.h>
#include <sys/kernel.h>
#include <sys/ktr.h>
@@ -84,7 +83,7 @@ SYSCTL_INT(_debug, OID_AUTO, to_avg_mpca
* TODO:
* allocate more timeout table slots when table overflows.
*/
-int callwheelsize, callwheelmask;
+u_int callwheelsize, callwheelmask;
/*
* The callout cpu migration entity represents informations necessary for
@@ -205,7 +204,7 @@ cc_cme_migrating(struct callout_cpu *cc)
}
/*
- * kern_timeout_callwheel_alloc() - kernel low level callwheel initialization
+ * kern_timeout_callwheel_alloc() - kernel low level callwheel initialization
*
* This code is called very early in the kernel initialization sequence,
* and may be called more then once.
@@ -704,7 +703,7 @@ softclock(void *arg)
* Initialize a handle so that using it with untimeout is benign.
*
* See AT&T BCI Driver Reference Manual for specification. This
- * implementation differs from that one in that although an
+ * implementation differs from that one in that although an
* identification value is returned from timeout, the original
* arguments to timeout as well as the identifier are used to
* identify entries for untimeout.
Modified: user/attilio/vmcontention/sys/kern/uipc_usrreq.c
==============================================================================
--- user/attilio/vmcontention/sys/kern/uipc_usrreq.c Mon Mar 4 00:07:23 2013 (r247742)
+++ user/attilio/vmcontention/sys/kern/uipc_usrreq.c Mon Mar 4 00:16:45 2013 (r247743)
@@ -102,6 +102,8 @@ __FBSDID("$FreeBSD$");
#include <vm/uma.h>
+MALLOC_DECLARE(M_FILECAPS);
+
/*
* Locking key:
* (l) Locked using list lock
@@ -282,7 +284,7 @@ static void unp_drop(struct unpcb *, int
static void unp_gc(__unused void *, int);
static void unp_scan(struct mbuf *, void (*)(struct file *));
static void unp_discard(struct file *);
-static void unp_freerights(struct filedescent *, int);
+static void unp_freerights(struct filedescent **, int);
static void unp_init(void);
static int unp_internalize(struct mbuf **, struct thread *);
static void unp_internalize_fp(struct file *);
@@ -1679,16 +1681,17 @@ unp_drop(struct unpcb *unp, int errno)
}
static void
-unp_freerights(struct filedescent *fde, int fdcount)
+unp_freerights(struct filedescent **fdep, int fdcount)
{
struct file *fp;
int i;
- for (i = 0; i < fdcount; i++, fde++) {
- fp = fde->fde_file;
- bzero(fde, sizeof(*fde));
+ for (i = 0; i < fdcount; i++) {
+ fp = fdep[i]->fde_file;
+ filecaps_free(&fdep[i]->fde_caps);
unp_discard(fp);
}
+ free(fdep[0], M_FILECAPS);
}
static int
@@ -1699,7 +1702,7 @@ unp_externalize(struct mbuf *control, st
int i;
int *fdp;
struct filedesc *fdesc = td->td_proc->p_fd;
- struct filedescent *fde, *fdep;
+ struct filedescent *fde, **fdep;
void *data;
socklen_t clen = control->m_len, datalen;
int error, newfds;
@@ -1755,16 +1758,18 @@ unp_externalize(struct mbuf *control, st
fdp = (int *)
CMSG_DATA(mtod(*controlp, struct cmsghdr *));
- for (i = 0; i < newfds; i++, fdep++, fdp++) {
+ for (i = 0; i < newfds; i++, fdp++) {
if (fdalloc(td, 0, &f))
panic("unp_externalize fdalloc failed");
fde = &fdesc->fd_ofiles[f];
- fde->fde_file = fdep->fde_file;
- filecaps_copy(&fdep->fde_caps, &fde->fde_caps);
+ fde->fde_file = fdep[0]->fde_file;
+ filecaps_move(&fdep[0]->fde_caps,
+ &fde->fde_caps);
unp_externalize_fp(fde->fde_file);
*fdp = f;
}
FILEDESC_XUNLOCK(fdesc);
+ free(fdep[0], M_FILECAPS);
} else {
/* We can just copy anything else across. */
if (error || controlp == NULL)
@@ -1839,7 +1844,7 @@ unp_internalize(struct mbuf **controlp,
struct bintime *bt;
struct cmsghdr *cm = mtod(control, struct cmsghdr *);
struct cmsgcred *cmcred;
- struct filedescent *fde, *fdep;
+ struct filedescent *fde, **fdep, *fdev;
struct file *fp;
struct timeval *tv;
int i, fd, *fdp;
@@ -1913,7 +1918,7 @@ unp_internalize(struct mbuf **controlp,
* Now replace the integer FDs with pointers to the
* file structure and capability rights.
*/
- newlen = oldfds * sizeof(*fdep);
+ newlen = oldfds * sizeof(fdep[0]);
*controlp = sbcreatecontrol(NULL, newlen,
SCM_RIGHTS, SOL_SOCKET);
if (*controlp == NULL) {
@@ -1922,13 +1927,17 @@ unp_internalize(struct mbuf **controlp,
goto out;
}
fdp = data;
- fdep = (struct filedescent *)
+ fdep = (struct filedescent **)
CMSG_DATA(mtod(*controlp, struct cmsghdr *));
- for (i = 0; i < oldfds; i++, fdep++, fdp++) {
+ fdev = malloc(sizeof(*fdev) * oldfds, M_FILECAPS,
+ M_WAITOK);
+ for (i = 0; i < oldfds; i++, fdev++, fdp++) {
fde = &fdesc->fd_ofiles[*fdp];
- fdep->fde_file = fde->fde_file;
- filecaps_copy(&fde->fde_caps, &fdep->fde_caps);
- unp_internalize_fp(fdep->fde_file);
+ fdep[i] = fdev;
+ fdep[i]->fde_file = fde->fde_file;
+ filecaps_copy(&fde->fde_caps,
+ &fdep[i]->fde_caps);
+ unp_internalize_fp(fdep[i]->fde_file);
}
FILEDESC_SUNLOCK(fdesc);
break;
@@ -2290,7 +2299,7 @@ static void
unp_scan(struct mbuf *m0, void (*op)(struct file *))
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-user
mailing list