Python test scripts get processed (to add the `#! /usr/libexec/
atf_pytest_wrapper` shebang line), into a .xtmp file, and installed from
there. However, as there was no dependency of this .xtmp file on the
original file we kept reinstalling the .xtmp file, even if the original
had been edited already.
This could cause great confusion when debugging python test scripts.
Reviewed by: markj
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D43118
The tmpfs memory reserve defaulted to 4 MB, and other than that,
all of available memory + swap could be allocated to tmpfs files.
This was dangerous, as the page daemon attempts to keep some memory
free, using up swap, and then resulting in processes being killed.
Increase the reserve to a fraction of available memory + swap at
file system startup time. The limit is expressed as a percentage
of available memory + swap that can be used, and defaults to 95%.
The percentage can be changed via the vfs.tmpfs.memory_percent sysctl,
recomputing the reserve with the new percentage but the initial
available memory + swap. Note that the reserve can also be set
directly with an existing sysctl, ignoring the percentage. The
previous behavior can be specified by setting vfs.tmpfs.memory_percent
to 100.
Add sysctl for vfs.tmpfs.memory_percent and the pre-existing
vfs.tmpfs.memory_reserved to tmpfs(5).
PR: 275436
MFC after: 1 month
Reviewed by: rgrimes
Differential Revision: https://reviews.freebsd.org/D43011
tmpfs enforced the file system size limit on writes for file systems
with a specified size, but not when the size was the default. Add
enforcement when the size is default: do not allocate additional
pages if the available memory + swap falls to the reserve level.
Note, enforcement is also done when attempting to create a file,
both with and without an explicit file system size.
PR: 275436
MFC after: 1 month
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D43010
In preparation for annotating copyin() and related functions with
__result_use_check.
Reviewed by: bz, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43095
Implement ieee80211_handle_wake_tx_queue() and ieee80211_tx_dequeue_ni()
while looking at the code. They are needed by various wireless drivers.
Introduce an ltxq lock and protect the skbq by that.
This prevents panics due to a race between a driver upcall and
the net80211 tx downcall. While the former should be rcu protected we
cannot rely on that.
It remains questionable if we need to protect further fields there
(with a different lock?).
Also introduce a txq_mtx on the lhw which needs to be further deployed
but we need to come up with a good strategy to not end up with 7 different
locks.
Sponsored by: The FreeBSD Foundation
PR: 274178, 275710
Tested by: cc
MFC after: 3 days
Do not clear knotes from the TTY until it gets dealloc'ed, unless the
TTY is being revoked, in that case delete the knotes when closed is
called on the TTY.
When knotes are cleared from a knlist, those knotes become detached from
the knlist. And when an event is triggered on a detached knote there
isn't an associated knlist and therefore no lock will be taken when the
event is triggered.
This becomes a problem when a detached knote is triggered on a TTY since
the mutex for a TTY is also used as the lock for its knlists. This
scenario ends up calling the TTY event handlers without the TTY lock
being held and tripping on asserts in the event handlers.
PR: 272151
Reviewed by: kib, markj
Differential Revision: https://reviews.freebsd.org/D41605
struct nvme_hmb_desc contains a pad field which was not getting
initialized before being synced. This doesn't have much consequence but
triggers a report from KMSAN, which verifies that host-filled DMA memory
is initialized before it is made visible to the device. So, let's just
initialize it properly.
Reported by: KMSAN
Reviewed by: mav, imp
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D43090
Rename SYSTRAP() macro to _SYSCALL() and add _SYSCALL_BODY() which invokes
the syscall via _SYCALL() and then calls cerror as required. Use to
implement PSEUDO() and RSYSCALL() removing _SYSCALL_NOERROR().
Reviewed by: imp
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D43061
The last use was removed in 2018 as part of a reimplementation of brk()
and sbrk() in commit 9d9fd255d6.
Reviewed by: imp
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D43060
Add a _SYSCALL(name) which calls the SYS_name syscall. Use it to add a
_SYSCALL_BODY() macro which invokes the syscall and calls cerror as
required. Use the latter to implement PSEUDO() and RSYSCALL().
Reviewed by: imp, markj
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D43059
Add _SYSCALL_BODY() macro which invokes the syscall via _SYCALL() and
calls cerror as required. Use to implement PSEUDO() and RSYSCALL().
Reviewed by: imp, markj
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D43057
knlist_clear() does not free knotes and so does not call fdrop(), so
remove the bit of the function description which claims otherwise. (The
knote will be dropped by the next queue scan, and it is at that point
that the fd reference will be dropped.)
MFC after: 1 week
Report the entire path to the device, rather than the the bit after /dev/
for the --esp command. Nothing in the tree depends on the output
format: Only bsdinstall's bootconfig script calls efibootmgr, and it
doesn't use the --esp/-E flag.
Sponsored by: Netflix
-e env will include `env` in the boot loader. Document that the boot
loader appends the `env` to the BootXXXX variable, and will parse it as
a series of a=b values to set in the boot loader's environment. These
assignments are separated by spaces. The env arg needs to be quoted if
more than one env var is to be set (we parse only the next argument on
the command line).
Sponsored by: Netflix
This adds a protocol extension to improve the integrity of the SSH
transport protocol, particular in and around the initial key exchange
(KEX) phase.
Full details of the extension are in the PROTOCOL file.
OpenBSD-Commit-ID: 2a66ac962f0a630d7945fee54004ed9e9c439f14
Approved by: so (implicit)
Obtained from: https://anongit.mindrot.org/openssh.git/patch/?id=1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5
Security: CVE-2023-48795
We don't support it, so there's no need to tell readers what would
happen if we did. Also, don't remind the user that a certain field is
ignored by aio_read. Mentioning every ignored field would make the man
pages too verbose.
MFC after: 1 week
Sponsored by: Axcient
Reviewed by: Pau Amma <pauamma@gundo.com>
Differential Revision: https://reviews.freebsd.org/D42622
Include files that don't begin with a '/' are documented to search the
current directory, then /usr/share/calendar. This hasn't been accurate
for years, since e061f95e7b ("Rework calendar(1) parser") rewrote a
lot of this.
Stash off the cwd before we do any chdir()ing around and use that to
honor the same order we'll follow for the -f flag. This may result in
an extra lookup that will fail for the initial calendar file, but I
don't think it's worth the complexity to avoid it.
While we're here, fix the documentation to just reference the order
described in FILES so that we only need to keep it up to date in one
place.
Reviewed by: bapt
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D42278
Have a simple Gilbert-Elliott channel model in
dummynet to mimick correlated loss behavior of
realistic environments. This allows simpler testing
of burst-loss environments.
Reviewed By: tuexen, kp, pauamma_gundo.com, #manpages
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D42980
Since TCPHPTS is now included in the GENERIC kernel, remove the
documented dependency of it from the tcp_rack(4) and tcp_bbr(4)
manual pages.
Reviewed by: tuexen
Differential Revision: https://reviews.freebsd.org/D43084
If the ffs_write() operation specified to overwrite the whole buffer,
ffs tries to save the read by not validating allocated buffer. Then
uiommove() might fail with EFAULT, in which case pages are left zeroed
and marked valid but not read from the disk. Then vn_io_fault() logic
retries the write after holding the user pages to avoid EFAULTs. In
erronous case of really faulty buffer, or in contrived case of writing
from file to itself, we are left with zeroed buffer instead of valid
content written back to disk.
Handle the situation by releasing non-cached buffer on fault, instead
of clearing it. Note that buffers with alive dependencies cannot be
released, but also either they cannot have valid content on the disk
because dependency on data buffer means that it was not yet written, or
they were reallocated by fragment extension or ffs_reallocbks(), and are
already fully valid.
Reported by: kevans
Discussed with: mav
In collaboration with: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Allow the cloudware *_FLAVOURS and *_FSLIST values to be overridden
at the command line, to assist users who want to e.g. build only one
of the many EC2 AMIs available.
Alas, ARM declared xen_ulong_t to be 64-bits long, unlike i386 where
it matches the word size. As a result, compatibility wrappers are
needed for Xen atomic operations.
Reviewed by: royger
These are in fact GPLv2 when distributed with the Linux kernel, but the
license also allows MIT if distributed separately. Add the markers to
avoid interference by automated tools.
Differential Revision: https://reviews.freebsd.org/D32796
Reviewed by: royger
Notable upstream pull request merges:
#15643a9b937e06 For db_marker inherit the db pointer for AVL comparision
#15644e53e60c0b DMU: Fix lock leak on dbuf_hold() error
#1565386063d903 dbuf: Handle arcbuf assignment after block cloning
#1565686e115e21 dbuf: Set dr_data when unoverriding after clone
Obtained from: OpenZFS
OpenZFS commit: 86e115e21e
When we release a multicast address (e.g. on interface shutdown) we may
still have packets queued in inm_scq. We have to free those, or we'll
leak memory.
Reviewed by: glebius
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D43033
This reverts commit fa03d37432.
This commit caused us to not send IGMP leave messages if the inpcb went
away. In other words: we freed pending packets whenever the socket
closed rather than when the interface (or address) goes away.
Reviewed by: glebius
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D43032
In del_mfc() we try to find the forwarding entry, but that fails to find
the entry if mfc_stall_ring is not empty.
We should find the entry anyway, and destroy it (and any pending
messages) on delete.
Reviewed by: glebius
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D43031
Note that relbase is always 0 for DSOs so its omission for __KLD_SHARED
architectures was not a bug in practice.
Whilst here, also parenthesise the dest offset for where to avoid
transiently creating an out-of-bounds pointer, which is UB (though even
on CHERI architectures, where capability bounds compression can result
in that creating invalid capabilities that will trap on dereference,
optimisation will reassociate to the correct form in practice and thus
work just fine).
Most all of the memory used by the cards in the mpr(4) and mps(4)
drivers is required, according to the specs and Broadcom developers,
to be within a 4GB segment of memory.
This includes:
System Request Message Frames pool
Reply Free Queues pool
ReplyDescriptorPost Queues pool
Chain Segments pool
Sense Buffers pool
SystemReply message pool
We got a bug report from Dwight Engen, who ran into data corruption
in the BAE port of FreeBSD:
> We have a port of the FreeBSD mpr driver to our kernel and recently
> I found an issue under heavy load where a DMA may go to the wrong
> address. The test system is a Supermicro X10SRH-CLN4F with the
> onboard SAS3008 controller setup with 2 enterprise Micron SSDs in
> RAID 0 (striped). I have debugged the issue and narrowed down that
> the errant DMA is one that has a segment that crosses a 4GB
> physical boundary. There are more details I can provide if you'd
> like, but with the attached patch in place I can no longer
> re-create the issue.
> I'm not sure if this is a known limit of the card (have not found a
> datasheet/programming docs for the chip) or our system is just
> doing something a bit different. Any helpful info or insight would
> be welcome.
> Anyway, just thought this might be helpful info if you want to
> apply a similar fix to FreeBSD. You can ignore/discard the commit
> message as it is my internal commit (blkio is our own tool we use
> to write/read every block of a device with CRC verification which
> is how I found the problem).
The commit message was:
> [PATCH 8/9] mpr: fix memory corrupting DMA when sg segment crosses
> 4GB boundary
> Test case was two SSD's in RAID 0 (stripe). The logical disk was
> then partitioned into two partitions. One partition had lots of
> filesystem I/O and the other was initially filled using blkio with
> CRCable data and then read back with blkio CRC verify in a loop.
> Eventually blkio would report a bad CRC block because the physical
> page being read-ahead into didn't contain the right data. If the
> physical address in the arq/segs was for example 0x500003000 the
> data would actually be DMAed to 0x400003000.
The original patch was against mpr(4) before busdma templates were
introduced, and only affected the buffer pool (sc->buffer_dmat) in
the mpr(4) driver. After some discussion with Dwight and the
LSI/Broadcom developers and looking through the driver, it looks
like most of the queues in the driver are ok, because they limit
the memory used to memory below 4GB. The buffer queue and the chain
frames seem to be the exceptions.
This is pretty much the same between the mpr(4) and mps(4) drivers.
So, apply a 4GB boundary limitation for the buffer and chain frame pools
in the mpr(4) and mps(4) drivers.
Reported by: Dwight Engen <dwight.engen@gmail.com>
Reviewed by: imp
Obtained from: Dwight Engen <dwight.engen@gmail.com>
Differential Revision: <https://reviews.freebsd.org/D43008>
This accidentally got left out of 0f4467ce44.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans, allanjude
Differential Revision: https://reviews.freebsd.org/D43067