#
356587 |
|
10-Jan-2020 |
mav |
MFC r356181: Fix GEOM_VIRSTOR orphanization.
Previous code closed and destroyed consumer even with I/O in progress. This patch postpones the destruction till the last close.
|
#
332640 |
|
17-Apr-2018 |
kevans |
MFC r332387: Annotate geom modules with MODULE_VERSION
GEOM ELI may double ask the password during boot. Once at loader time, and once at init time.
This happens due a module loading bug. By default GEOM ELI caches the password in the kernel, but without the MODULE_VERSION annotation, the kernel loads over the kernel module, even if the GEOM ELI was compiled into the kernel. In this case, the newly loaded module purges/invalidates/overwrites the GEOM ELI's password cache, which causes the double asking.
This MFC commit differs slightly from head, due to pc98 removal. These changes were trivial and should be obvious.
|
#
330726 |
|
10-Mar-2018 |
asomers |
MFC r323314, r323338, r328849
r323314: Audit userspace geom code for leaking memory to disk
Any geom class using g_metadata_store, as well as geom_virstor which duplicated g_metadata_store internally, would dump sectorsize - mdsize bytes of userspace memory following the metadata block stored. This is most or all geom classes (gcache, gconcat, geli, gjournal, glabel, gmirror, gmultipath, graid3, gshsec, gstripe, and geom_virstor).
PR: 222077 (comment #3) Reported by: Maxim Khitrov <max AT mxcrypt.com> Reviewed by: des Security: yes Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D12269
r323338: Fix information leak in geli(8) integrity mode
In integrity mode, a larger logical sector (e.g., 4096 bytes) spans several physical sectors (e.g., 512 bytes) on the backing device. Due to hash overhead, a 4096 byte logical sector takes 8.5625 512-byte physical sectors. This means that only 288 bytes (256 data + 32 hash) of the last 512 byte sector are used.
The memory allocation used to store the encrypted data to be written to the physical sectors comes from malloc(9) and does not use M_ZERO.
Previously, nothing initialized the final physical sector backing each logical sector, aside from the hash + encrypted data portion. So 224 bytes of kernel heap memory was leaked to every block :-(.
This patch addresses the issue by initializing the trailing portion of the physical sector in every logical sector to zeros before use. A much simpler but higher overhead fix would be to tag the entire allocation M_ZERO.
PR: 222077 Reported by: Maxim Khitrov <max AT mxcrypt.com> Reviewed by: emaste Security: yes Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D12272
r328849: geom: don't write stack garbage in disk labels
Most consumers of g_metadata_store were passing in partially unallocated memory, resulting in stack garbage being written to disk labels. Fix them by zeroing the memory first.
gvirstor repeated the same mistake, but in the kernel.
Also, glabel's label contained a fixed-size string that wasn't initialized to zero.
PR: 222077 Reported by: Maxim Khitrov <max@mxcrypt.com> Reviewed by: cem X-MFC-With: 323314 X-MFC-With: 323338 Differential Revision: https://reviews.freebsd.org/D14164
|
#
306764 |
|
06-Oct-2016 |
mav |
MFC r306279: Use g_wither_provider() where applicable.
It is just a helper function combining G_PF_WITHER setting with g_orphan_provider().
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
298848 |
|
30-Apr-2016 |
pfg |
sys: Make use of our rounddown() macro when sys/param.h is available.
No functional change.
|
#
298698 |
|
27-Apr-2016 |
pfg |
geom: unsign some types to match their definitions and avoid overflows.
In struct:gctl_req, nargs is unsigned.
In mirror: g_mirror_syncreqs is unsigned.
In raid: in struct:g_raid_volume, v_disks_count is unsigned.
In virstor: in struct:g_virstor_softc, n_components is unsigned.
MFC after: 2 weeks
|
#
267992 |
|
28-Jun-2014 |
hselasky |
Pull in r267961 and r267973 again. Fix for issues reported will follow.
|
#
267985 |
|
27-Jun-2014 |
gjb |
Revert r267961, r267973:
These changes prevent sysctl(8) from returning proper output, such as:
1) no output from sysctl(8) 2) erroneously returning ENOMEM with tools like truss(1) or uname(1) truss: can not get etype: Cannot allocate memory
|
#
267961 |
|
27-Jun-2014 |
hselasky |
Extend the meaning of the CTLFLAG_TUN flag to automatically check if there is an environment variable which shall initialize the SYSCTL during early boot. This works for all SYSCTL types both statically and dynamically created ones, except for the SYSCTL NODE type and SYSCTLs which belong to VNETs. A new flag, CTLFLAG_NOFETCH, has been added to be used in the case a tunable sysctl has a custom initialisation function allowing the sysctl to still be marked as a tunable. The kernel SYSCTL API is mostly the same, with a few exceptions for some special operations like iterating childrens of a static/extern SYSCTL node. This operation should probably be made into a factored out common macro, hence some device drivers use this. The reason for changing the SYSCTL API was the need for a SYSCTL parent OID pointer and not only the SYSCTL parent OID list pointer in order to quickly generate the sysctl path. The motivation behind this patch is to avoid parameter loading cludges inside the OFED driver subsystem. Instead of adding special code to the OFED driver subsystem to post-load tunables into dynamically created sysctls, we generalize this in the kernel.
Other changes: - Corrected a possibly incorrect sysctl name from "hw.cbb.intr_mask" to "hw.pcic.intr_mask". - Removed redundant TUNABLE statements throughout the kernel. - Some minor code rewrites in connection to removing not needed TUNABLE statements. - Added a missing SYSCTL_DECL(). - Wrapped two very long lines. - Avoid malloc()/free() inside sysctl string handling, in case it is called to initialize a sysctl from a tunable, hence malloc()/free() is not ready when sysctls from the sysctl dataset are registered. - Bumped FreeBSD version to indicate SYSCTL API change.
MFC after: 2 weeks Sponsored by: Mellanox Technologies
|
#
239021 |
|
03-Aug-2012 |
jimharris |
In virstor_ctl_stop(), check for a valid softc before trying to update metadata.
Sponsored by: Intel Reported and tested by: Marcelo Gondim <gondim at bsdinfo dot com dot br> PR: kern/170199 MFC after: 3 days
|
#
227309 |
|
07-Nov-2011 |
ed |
Mark all SYSCTL_NODEs static that have no corresponding SYSCTL_DECLs.
The SYSCTL_NODE macro defines a list that stores all child-elements of that node. If there's no SYSCTL_DECL macro anywhere else, there's no reason why it shouldn't be static.
|
#
223921 |
|
11-Jul-2011 |
ae |
Include sys/sbuf.h directly.
Reviewed by: pjd
|
#
221101 |
|
26-Apr-2011 |
mav |
Implement relaxed comparision for hardcoded provider names to make it ignore adX/adaY difference in both directions to simplify migration to the CAM-based ATA or back.
|
#
219029 |
|
25-Feb-2011 |
netchild |
Add some FEATURE macros for various GEOM classes.
No FreeBSD version bump, the userland application to query the features will be committed last and can serve as an indication of the availablility if needed.
Sponsored by: Google Summer of Code 2010 Submitted by: kibab Reviewed by: silence on geom@ during 2 weeks X-MFC after: to be determined in last commit with code from this project
|
#
213662 |
|
09-Oct-2010 |
ae |
Replace strlen(_PATH_DEV) with sizeof(_PATH_DEV) - 1.
Suggested by: kib Approved by: kib (mentor) MFC after: 5 days
|
#
203408 |
|
02-Feb-2010 |
delphij |
Prevent NULL deference by checking return value of gctl_get_asciiparam.
MFC after: 2 weeks
|
#
202987 |
|
25-Jan-2010 |
ivoras |
Go through with write_metadata() non-error-handling and make it return "void". This is mostly to avoid dead variable assignment warning by LLVM. No functional change.
Pointed out by: trasz Approved by: gnn (mentor)
|
#
180120 |
|
30-Jun-2008 |
delphij |
Avoid NULL deference.
Reviewed by: ivoras
|
#
172310 |
|
24-Sep-2007 |
pjd |
Forced commit to note, that the last commit fixed my bug, and was not because of differences between how tinderbox compile LINT - after this change I only compiled LINT on i386 and the bug shows up on 64bit platforms.
Requested by: des Approved by: re (implicitly)
|
#
172304 |
|
23-Sep-2007 |
pjd |
LINT compiled just fine for me, but it seems it breaks tinerbox way of compiling LINT.
Approved by: re (implicitly)
|
#
172302 |
|
23-Sep-2007 |
pjd |
Bring in the GEOM Virtualisation class, which allows to create huge GEOM providers with limited physical storage and add physical storage as needed.
Submitted by: Ivan Voras Sponsored by: Google Summer of Code 2006 Approved by: re (kensmith)
|