Prefer libpfctl functions over direct access to the ioctl whenever
possible. This will allow subsequent removal of DIOCGETSTATUS (in 15) as
there already is an nvlist-based alternative.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D41647
(cherry picked from commit ddd08375c8)
The closing parenthesis was in the wrong location, so instead of assigning the return value to krbret and then comparing it to zero, we were assigning the result of the comparison to krbret and then comparing that to zero. This has no practical significance since the value is not used after the loop terminates.
PR: 229719
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D41299
(cherry picked from commit acc7cf8641)
pam_krb5: Rename a variable.
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D41300
(cherry picked from commit 9c2823bae9)
fbc445addf converted the parsing of arguments to strtonum but made
the accepted range for -R too restrictive. As documented in the man
page, it should accept negative numbers.
Added a test for this, which was provided by Jose Luis Duran.
Fixes: fbc445addf
MFC after: 1 week
Reviewed by: des, kevans
Differential Revision: https://reviews.freebsd.org/D41021
(cherry picked from commit 202adb2236)
xargs: disallow -R0 and -L0
Both cases were interpreted as these flags are unset. This meant that
-R0 got converted to -R5 and that -L0 didn't have any effect at all.
Since make at most 0 replacements isn't useful and since call utility
for every 0 lines read doesn't make sense, throw an error for these
two cases.
MFC after: 1 week
Reviewed by: des, kevans
Differential Revision: https://reviews.freebsd.org/D41022
(cherry picked from commit 1048a870e3)
xargs: Prevent overflow in linelen calculation if nargs is large.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D41023
(cherry picked from commit eab91d0081)
xargs: Fix test case count.
MFC after: 1 week
Sponsored by: Klara, Inc.
(cherry picked from commit c65845d0bb)
xargs: Install missing test output.
Fixes: eab91d0081
MFC after: 1 week
Reviewed by: des
Differential Revision: https://reviews.freebsd.org/D41033
(cherry picked from commit d234c8228c)
xargs tests: Disable the test added in commit eab91d0081
This test has been triggering OOM kills in CI runs since it triggers an
allocation of 16GB. Temporarily disable the test until the problem is
solved one way or another.
(cherry picked from commit 2682a15527)
SND_DECLARE_FILE originally added lines to the output of /dev/sndstat
listing the $FreeBSD$ strings for individual files, but only if the
value of hw.snd.verbose was raised to 3. With the switch to Git these
strings became meaningless as they were now all identical and no longer
contained the path (which was implicitly included previously via the
keyword expansion).
This commit removes all of the infrastructure to support file version
strings from /dev/sndstat, but preserves the KPI/KBI by turning the
SND_DECLARE_FILE macro into a nop and changing the backing sysinit
functions into null functions and is suitable for merging to
stable/13.
A future commit will remove SND_DECLARE_FILE entirely.
Reviewed by: kbowling, emaste
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D41498
(cherry picked from commit cbe53bd975)
Section 7.10.3 of the NVME 1.4b specification states that the IEEE OUI
in the identify controller structure is stored in little-endian format
(unlike the embedded OUI in EUI64 identifiers).
Reviewed by: corvink, chuck, imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D41487
(cherry picked from commit 18974bd616)
Per recent discussions on arch@ and at the BSDCan developer summit, we
are considering removing support for 32-bit platforms (in some form)
for 15.0 (at the earliest). A final decision on what will ship in
15.0 will be made closer to the release of 15.0. However, we should
communicate the potential deprecation in 14.0 to provide notice to
users.
This commit adds a warning during boot on 32-bit kernels that they are
deprecated and may be removed in 15.0. More details will be included
in a followup commit to RELNOTES.
Reviewed by: brooks, imp, emaste
Differential Revision: https://reviews.freebsd.org/D41163
(cherry picked from commit 41582f28dd)
Verify that the requested region of the mbuf chain is not beyond the
end of the chain before trimming it from the end. If it is out of
bounds, fail with an error (EPROTO).
While here, properly handle the case that the amount of data at the
end of the chain might span more than one mbuf by using m_adj to drop
the extra bytes rather than assuming m_len of the last mbuf can be
adjusted directly.
PR: 258504
Reported by: Robert Morris <rtm@lcs.mit.edu>
Co-authored-by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41229
(cherry picked from commit aca3d65fed)
ISO9660 permits specifying a logical block size that is any power of 2
greater than or equal to 512. The geom disk layer requires requests
to be aligned on sector boundaries of the provider. With a volume
that uses a logical block size smaller than the underlying disk sector
size (e.g. a logical block size of 512 or 1024 on a CD which uses 2048
byte sectors), the current cd9660 vfs can issue requests for partial
sectors, or on non-sector boundaries.
Fixing this properly would require wrapping all of the calls to
bread*/bwrite* in cd9660 vfs to roundup requests to be on sector
boundaries which can include both the length, but also the starting
sector number (and thus requiring use of an offset relative to b_data
in the resulting buf).
These images do not seem to be common however given that no one has
fixed this in cd9660's vfs in the past few decades, so just reject
them during mount with an error. If such images are found to be used
in the wild in practice, then the larger fix can be applied.
PR: 258063
Reported by: Robert Morris <rtm@lcs.mit.edu>
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41228
(cherry picked from commit 4af849d71f)
Previously a debug kernel would trigger an assertion failure if an I/O
request attempted to read off the end of a concat volume, but a
non-debug kernel would use an invalid sub-disk to try to complete the
request eventually resulting in some sort of fault in the kernel.
Instead, turn the assertions into explicit checks that fail requests
beyond the end of the volume with EIO. For requests which run over
the end of the volume, return a short request.
PR: 257838
Reported by: Robert Morris <rtm@lcs.mit.edu>
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41222
(cherry picked from commit 4c89c0127d)
- If the size is negative or if rounding it up to a multiple of
the block size overflows, fail the read request with ERANGE.
- While here, add a sanity check that the ICB length for the root
directory is at least as long as a minimum-sized file entry.
PR: 257768
Reported by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 1 week
Sponsored by: FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41220
(cherry picked from commit c70e615051)
If a debugger detaches from a process that has a new thread that has
not yet executed, the new thread will raise a SIGTRAP signal to report
it's thread birth event even after the detach. With the debugger
detached, this results in a SIGTRAP sent to the process and typically
a core dump. Fix this by clearing TDB_BORN from any new threads
during detach.
Bump __FreeBSD_version for debuggers to notice when the fix is
present.
Reported by: GDB's testsuite
Reviewed by: kib, markj (previous version)
Differential Revision: https://reviews.freebsd.org/D39856
(cherry picked from commit 653738e895)
GCC 9 on stable/12 reports a -Wmaybe-uninitialized error for the call
to free in _pfctl_clear_states.
Reviewed by: mjg
Differential Revision: https://reviews.freebsd.org/D39198
(cherry picked from commit 48c519be0e)
- Use atomic_store to set job->error. atomic_set does an or
operation, not assignment.
- Use refcount_* to manage job->nbio.
This ensures proper memory barriers are present so that the last bio
won't see a possibly stale value of job->error.
- Don't re-read job->error after reading it via atomic_load.
Reported by: markj (1)
Reviewed by: mjg, markj
Differential Revision: https://reviews.freebsd.org/D38611
(cherry picked from commit 98844e99d4)
Use atomic_fetchadd in place of separate atomic_subtract / atomic_load.
Reviewed by: markj
Sponsored by: HPE TidalScale
Differential Revision: https://reviews.freebsd.org/D38559
(cherry picked from commit 40734fc57e)
With lio_listio(2), the opcode is specified by userspace rather than
being hard-coded by the system call (e.g., aio_readv() -> LIO_READV).
kern_lio_listio() calls aio_aqueue() with an opcode of LIO_NOP, which
gets fixed up when the aiocb is copied in.
When copying in a job request for vectored I/O, we need to dynamically
allocate a uio to wrap an iovec. So aiocb_copyin() needs to get the
opcode from the aiocb and then decide whether an allocation is required.
We failed to do this in the COMPAT_FREEBSD32 case. Fix it.
Reported by: syzbot+27eab6f2c2162f2885ee@syzkaller.appspotmail.com
Reviewed by: kib, asomers
Fixes: f30a1ae8d5 ("lio_listio(2): Allow LIO_READV and LIO_WRITEV.")
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D31914
(cherry picked from commit 2884918c73)
Allow multiple vector IOs to be started with one system call.
aio_readv() and aio_writev() already used these opcodes under the
covers. This commit makes them available to user space.
Being non-standard extensions, they're only visible if __BSD_VISIBLE is
defined, like the functions.
Reviewed by: asomers, kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D31627
(cherry picked from commit f30a1ae8d5)
Prior to Conrad's changes to replace session integer IDs with a
pointer to the driver-specific state in commit 1b0909d51a, the
driver had to find the softc pointer from the adapter before it could
locate the ccr_session structure for a completed request. Since
Conrad's changes, the ccr_session pointer can now be obtained directly
from the crp. Add a backpoint from ccr_session back to ccr_softc and
use this in place of the ccr_softc member in cxgbe's struct adapter.
Sponsored by: Chelsio Communications
(cherry picked from commit 7063b9974f)
fgetln() returns a pointer to an array of characters that is 'len'
characters long, not 'len + 1'. While here, overwriting the contents
of the buffer returned by fgetln isn't really safe, so switch to using
getline() instead.
Note that these fixes are a subset of those applied to a
near-identical copy of this function in libc's resolv_test.c in commit
2afeaad315.
Reviewed by: ngie
Reported by: CHERI (buffer overflow)
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D37886
(cherry picked from commit d131218534)
* Wait for gnop devices to disappear after "gnop destroy".
Apparently that process is asynchronous now, or maybe it's just slower
than it used to be. Also, after removing a gnop wait for its pool to
be degraded. That isn't instant.
* The zfsd tests no longer require camcontrol.
This was a harmless oversight from
11ed0a95bf
* Fix the zfsd_degrade_001_pos test for recent zfs versions.
ZFS now rate limits checksum errors to about 20 per second. But
zfsd's threshold for degrading a disk is 50 per minute. So we must
alternately corrupt and scrub the pool to ensure that checksum errors
are generated in multiple 1-second windows, so that zfsd will see
enough of them.
* Fix the zfsd_fault_001_pos test in VMs
And, for that matter, when using NVME or SATA disks. As originally
written, the test used the da driver to inject errors. Rewrite it to
use gnop vdevs. gnop can also inject errors. It works on top of any
disk device, and it's also faster than using da.
Sponsored by: Axcient
Differential Revision: https://reviews.freebsd.org/D39437
(cherry picked from commit dba2e89ea7)
At some point the names of these devd events changed. Probably it
happened when importing OpenZFS. Before that, FreeBSD's sysevent_alloc
method didn't create a "class" nvpair in the event, which led to
log_sysevent using the event's ev_subclass field as its type.
Sponsored by: Axcient
Differential Revision: https://reviews.freebsd.org/D39437
(cherry picked from commit 92642bba4d)
Fix zfsd unittests after 92642bba4d
At the time we ensured that the more important functional tests were
working, but neglected to update the unit tests.
Sponsored by: Axcient
(cherry picked from commit 2a0c0aea42)
Previously, even if the FIONBIO or FIOASYNC ioctl failed, the file's
f_flags variable would still be changed. Now, kern_fcntl will restore
the original flags if the ioctl fails.
PR: 265736
Reported by: Yuval Pavel Zholkover <paulzhol@gmail.com>
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D40955
(cherry picked from commit 6c049996ec)
It only ever worked by accident.
* Actually set autoreplace=off as stated in the description
* Wait for the removed device to disappear from the pool before
proceeding.
* In the assertion, verify that the new disk does not get added, as
described in the description.
Sponsored by: Axcient
(cherry picked from commit be092bcde9)
If all of the mirror's children have the same rotation rate, report
that. But if they have mixed rotation rates, or if any child has an
unknown rotation rate, report "Unknown".
Sponsored by: Axcient
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D39458
(cherry picked from commit 9309a460b2)
Some SAS JBODs support zoning. This feature allows individual SAS
targets to be accessible by only some initiator ports. One application
would be connecting two servers to the same JBOD, but they wouldn't be
able to see each other's disks.
A zoned JBOD should also prohibit initiators from accessing SES elements
corresponding to inaccessible SAS targets. It reports that by setting
the element's status code to 0x8 (No Access Allowed).
The bug is that when doing "sesutil (fault|locate) all ...", sesutil
will attempt a ENCIOC_SETELMSTAT ioctl for every single element, even
the inaccessible ones. The enclosure will reject the command, the
kernel will return EINVAL, and sesutil will exit.
The solution is to check the element's status, and skip trying to set it
if the status is 0x8. But if the user actually supplied a ses ID, then
assume that he knows what he's doing and try to set it anyway.
PR: 270093
Sponsored by: Axcient
Reviewed by: mav, trasz
Differential Revision: https://reviews.freebsd.org/D39017
(cherry picked from commit 57dc6f5e20)
This vnet loader tunable is defined with SYSCTL_PROC, thus will not be
initialized by kernel on vnet creating and will always have the default
value TCP_FASTOPEN_CCACHE_BUCKET_LIMIT_DEFAULT.
Fix by fetching the value from the corresponding kernel environment during
vnet constructing.
PR: 273509
Reviewed by: #transport, tuexen
Fixes: c560df6f12 This is an implementation of the client side of TCP Fast Open (TFO) [RFC7413]
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D41691
(cherry picked from commit 224aec05e7)
(cherry picked from commit 144851777e)
For oubound traffic, the flag M_VLANTAG is set in mbuf packet header to
indicate the underlaying interface do hardware VLAN tag insertion if
capable, otherwise the net stack will do 802.1Q encapsulation instead.
Commit 868aabb470 introduced per-flow priority which set the priority ID
in the mbuf packet header. There's a corner case that when the driver is
disabled to do hardware VLAN tag insertion, and the net stack do 802.1Q
encapsulation, then it will result double tagged packets if the driver do
not check the enabled capability (hardware VLAN tag insertion).
Unfortunately some drivers, currently known cxgbe(4) re(4) ure(4) igc(4)
and vmx(4), have this issue. From a quick review for other interface
drivers I believe a lot more drivers have the same issue. It makes more
sense to fix in net stack than to try to change every single driver.
PR: 270736
Reviewed by: kp
Fixes: 868aabb470 Add IP(V6)_VLAN_PCP to set 802.1 priority per-flow
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D39499
(cherry picked from commit b22aae410b)
(cherry picked from commit 494de30b63)
The LVM label is stored on any of the first four sectors, and the
PV (physical volume) header is stored within the same sector following
the LVM label. The current implementation does not fully check the
offset of PV header, when attaching a bad formatted LVM PV the kernel
may crash due to out-of-bounds memory read.
PR: 266562
Reviewed by: jhb
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D36773
(cherry picked from commit c941b82e1c)
Make sure that it can be used to change the passphrase of both attached
and detached providers.
PR: 254966
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 2b7b09ac96)
Clear cached_passphrase before generating a new key, otherwise the
operation nonsensically tries to reuse the old passphrase.
PR: 254966
Pull Request: https://github.com/freebsd/freebsd-src/pull/780
MFC after: 1 week
(cherry picked from commit 88d13bf337)
This target produces a C file not an object file, so using ctfconvert on
it should not be attempted. This keeps it in sync with all other uses of
fw_stub.awk, squashes a warning seen during the build of TEGRA124 on
FreeBSD and avoids the same issue failing the build on non-FreeBSD (such
errors are #ifdef'ed into being warnings on FreeBSD in ctfconvert, which
should be revisited in the future).
Reviewed by: manu
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41542
(cherry picked from commit c9b2751d76)
The minigzip utility has been removed in FreeBSD 14 but still
exists in FreeBSD 13. The upstream revision e9d5486e removed
prototype definitions, rendering the code no longer compliant
with WARNS=5.
Add -j <jail> flag to netstat(1) to allow access to network information
from a jail.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41446
(cherry picked from commit 182e8ae26d)
The current dts for Raspberry 3B+ and 4B have 2 disabled fixed-clock
nodes which have no clock-frequency value. Such nodes are non-standard.
This results in about 150 messages during autoconfiguration:
clk_fixed2: <Fixed clock> disabled on ofwbus0
clk_fixed2: Cannot FDT parameters.
device_attach: clk_fixed2 attach returned 6
Defensively check for clock-frequency in the probe routine, and if
none, return an error with a more direct error message (1 line per
occurrence, 50 lines total):
clk_fixed2: clock-fixed has no clock-frequency
Based on a patch by manu.
Reviewed by: manu
Differential Revision: https://reviews.freebsd.org/D41594
(cherry picked from commit b4ef09b9eb)
It was introduced in 2d3614fb13 (bridge: Log MAC address port flapping).
Reviewed by: gbe (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D39465
(cherry picked from commit 3fdb40d1be)
