Allow carp(4) to use the VRRPv3 protocol (RFC 5798). We can distinguish carp and
VRRP based on the protocol version number (carp is 2, VRRPv3 is 3), and support
both from the carp(4) code.
Reviewed by: glebius
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D44774
Capsicum-sandboxed applications generally cannot use dlopen, as absolute
and cwd-relative paths cannot be accessed. Mention that fdlopen is
useful for sandboxed applications.
PR: 277169
Reviewed by: markj, oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45108
The CLOCK_* constants are "defined variable or preprocessor constants"
and so use .Dv.
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45106
The WITH_LLVM_TARGET_ENABLE_SPARC option was removed a long time ago,
but some ifdefs were still laying around, so clean them up.
PR: 276104
MFC after: 3 days
When checking for the destructor pointer belonging to some still
loaded dso, do not limit the possible dso to the one instantiated the
destructor. For instance, dso could set up the dtr pointer to a function
from libcxx.
PR: 278701
Reported by: vd
Reviewed by: dim, emaste, markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D45074
libnvmf provides APIs for transmitting and receiving Command and
Response capsules along with data associated with NVMe commands.
Capsules are represented by 'struct nvmf_capsule' objects.
Capsules are transmitted and received on queue pairs represented by
'struct nvmf_qpair' objects.
Queue pairs belong to an association represented by a 'struct
nvmf_association' object.
libnvmf provides additional helper APIs to assist with constructing
command capsules for a host, response capsules for a controller,
connecting queue pairs to a remote controller and optionally
offloading connected queues to an in-kernel host, accepting queue pair
connections from remote hosts and optionally offloading connected
queues to an in-kernel controller, constructing controller data
structures for local controllers, etc.
libnvmf also includes an internal transport abstraction as well as an
implementation of a userspace TCP transport.
libnvmf is primarily intended for ease of use and low-traffic use cases
such as establishing connections that are handed off to the kernel.
As such, it uses a simple API built on blocking I/O.
For a host, a consumer first populates an 'struct
nvmf_association_params' with a set of parameters shared by all queue
pairs for a single association such as whether or not to use SQ flow
control and header and data digests and creates a 'struct
nvmf_association' object. The consumer is responsible for
establishing a TCP socket for each queue pair. This socket is
included in the 'struct nvmf_qpair_params' passed to 'nvmf_connect' to
complete transport-specific negotiation, send a Fabrics Connect
command, and wait for the Connect reply. Upon success, a new 'struct
nvmf_qpair' object is returned. This queue pair can then be used to
send and receive capsules. A command capsule is allocated, populated
with an SQE and optional data buffer, and transmitted via
nvmf_host_transmit_command. The consumer can then wait for a reply
via nvmf_host_wait_for_response. The library also provides some
wrapper functions such as nvmf_read_property and nvmf_write_property
which send a command and wait for a response synchronously.
For a controller, a consumer uses a single association for a set of
incoming connections. A consumer can choose to use multiple
associations (e.g. a separate association for connections to a
discovery controller listening on a different port than I/O
controllers). The consumer is responsible for accepting TCP sockets
directly, but once a socket has been accepted it is passed to
nvmf_accept to perform transport-specific negotiation and wait for the
Connect command. Similar to nvmf_connect, nvmf_accept returns a newly
construct nvmf_qpair. However, in contrast to nvmf_connect,
nvmf_accept does not complete the Fabrics negotiation. The consumer
must explicitly send a response capsule before waiting for additional
command capsules to arrive. In particular, in the kernel offload
case, the Connect command and data are provided to the kernel
controller and the Connect response capsule is sent by the kernel once
it is ready to handle the new queue pair.
For userspace controller command handling, the consumer uses
nvmf_controller_receive_capsule to wait for a command capsule.
nvmf_receive_controller_data is used to retrieve any data from a
command (e.g. the data for a WRITE command). It can be called
multiple times to split the data transfer into smaller sizes.
nvmf_send_controller_data is used to send data to a remote host in
response to a command. It also sends a response capsule indicating
success, or an error if an internal error occurs. nvmf_send_response
is used to send a response without associated data. There are also
several convenience wrappers such as nvmf_send_success and
nvmf_send_generic_error.
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D44710
This has always been in libc and never exported directly. I accidently
included it along side some freebsd11_* symbols based on a tree where I
moved semctl(2).
Fixes: df1a09ba52 libsys: expose a few more symbols for libc's use
Introduce pfctl_get_status_h() because we need the pfctl_handle. In this variant
use netlink to obtain the information.
Sponsored by: Rubicon Communications, LLC ("Netgate")
pfctl_open() opens both /dev/pf and a netlink socket. Allow access to the /dev/
pf fd via pfctl_fd().
This means that libpfctl users no longer have to open /dev/pf themselves for any
calls that are not yet available in libpfctl.
Sponsored by: Rubicon Communications, LLC ("Netgate")
MFC after: 2 weeks
- A file descriptor obtained from accept(2), accept4(2) and openat(2)
is not always assigned all capability rights. Instead, it inherits
capability rights from the "parent" socket/dir file descriptor.
- getdents(2) and getdirentries(2) requires CAP_READ.
- openat(2) with O_WRONLY|O_TRUNC does not require CAP_SEEK.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1207
Move auditing runtime (auditd, etc.) into the new FreeBSD-audit package.
Also move the runtime OpenBSM manual pages from libbsm into auditd so
they get installed with the right package.
Add an UPDATING entry noting the new packages.
Reviewed by: imp, manu
Pull Request: https://github.com/freebsd/freebsd-src/pull/1197
As kib@ noted:
> Obviously gettimeofday(2) is not going to be removed
> even in the far future.
Reported by: kib
Fixes: 4395d3ced5 Document that gettimeofday() is obsolescent
MFC after: 3 days
As noted in bug 277096, when building a pkgbase repository using
WITHOUT_CROSS_COMPILER and WITHOUT_TOOLCHAIN (which sets WITHOUT_CLANG),
the following residual files are left over:
/usr/lib/clang/18/lib/freebsd/libclang_rt.asan-x86_64.so
/usr/lib/clang/18/share/asan_ignore_list.txt
/usr/lib/clang/18/share/cfi_ignore_list.txt
/usr/lib/clang/18/share/msan_ignore_list.txt
This is because the lib/libclang_rt directory is still descended into,
even if WITHOUT_CLANG is used. Fix it by not descending into the
libclang_rt directory in that case.
PR: 277096
Reported by: Siva Mahadevan <me@svmhdvn.name>
MFC after: 3 days
This was missed when read/write, etc were updated to return ssize_t.
Fixes: 2e83b28161 Fix a few syscall arguments to use size_t instead of u_int.
Reviewed by: imp, kib
Differential Revision: https://reviews.freebsd.org/D44930
A compiler clever enough to know that z is positive with a non-zero
biased exponent could, for example, optimize away the scalbnf(z,n) in
pow() because behavior for left shift of negative values is undefined.
`n` is negative when y*log2(|x|) < -0.5. i.e. |x^y| < sqrt(0.5)
The intended behavior for operator<< in this code is to shift the two's
complement representation of the first operand.
In the pow() functions, the result is added to the IEEE 754 exponent of
z = 2^y'. n may be negative enough to underflow the biased IEEE 754
exponent below zero, which is manifested in the sign bit of j
(which would correspond to the IEEE 754 sign bit).
The conversion from uint32_t to int32_t for out-of-int32_t-range values
is implementation defined. The assumed behavior of interpreting the
uint32_t value as a two's complement representation of a signed value
is already assumed in many parts of the code, such as uses of
GET_FLOAT_WORD() with signed integers.
This code passes all the current tests, and makes some out of tree
fuzzing tests pass again rather than hit UB (detailed in the commentary
of the pull request).
Signed-off-by: Karl Tomlinson <karlt+@karlt.net>
Reviewed by: imp, steve kargl, dim
Pull Request: https://github.com/freebsd/freebsd-src/pull/1137
This eliminates the use of non-thread-safe function in printf*() family,
and make the call locale-aware. Also, it stops obliterating the
strerror() static buffer, which aligns with the POSIX requirement that
implementations must behave as if no standard-mandated functions call
strerror().
PR: 278556
Reported by: Jonathan Gruber <jonathan.gruber.jg@gmail.com>
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D44916
xlocale.3: Comment out reference to atof_l(3), atoi_l(3), atol_l(3), atoll_l(3)
These manual page references do not exist.
lagg.4: Change the reference for /etc/rc.conf from a reference link
.Xr -> .Pa based on the context within the manual page it is used.
buf.9: Remove .Xr entries from the file
The buf.9 manual page contains a commented out .Xr reference.
The <filmmein> 9 entry is a placeholder and has been removed for
clarity.
Reviewed by: mhorne
Pull Request: https://github.com/freebsd/freebsd-src/pull/1114
This version of swab function simplifies the logic of swapping adjacent
bytes. Previous version of swab() used an arbitrary unrolling, which was
relevant back in the day but unnecessary for modern compilers, as if the
input size is known at compile time, they can do it automatically.
This version of swab() is inspired by musl.
A similar version can be found at: https://github.com/openbsd/src/blob/master/lib/libc/string/swab.c
Signed-off-by: rilysh <nightquick@proton.me>
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1086
- add const to the appropriate places in the libipsec public API and the
relevant internal functions needed to support that.
- replace caddr_t with c_caddr_t in ipsec_dump_policy()
- update the ipsec_dump_policy manpage to use c_caddr_t (this manpage
was already wrong as it had "char *" instead of caddr_t previously).
While here, update pfkeyv2.h to not cast away const in the PFKEY_*()
macros.
This should not cause any ABI changes as the actual types have not
changed.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1099
Following the pattern of other architectures, make __sys_vfork the main
symbol and _vfork and vfork weak aliases. This avoids the need to
special case vfork in the generated list of symbols.
Differential Revision: https://reviews.freebsd.org/D44330
Use __libc_interposing_slot() in favor of __libsys_interposing_slot() so
that the interposing interface is entierly between libc and libthr with
libsys only involved as an implementation detail.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44880
Otherwise bsd.own.mk overrides it, causing libcxxrt.so.1 to be
erroneously installed into /usr/lib.
Also add an ObsoleteFiles.inc entry, for removing the bad copy.
Reported by: Josef 'Jeff' Sipek <jeffpc@josefsipek.net>
Fixes: da77a1b4f0
