User misconfiguration may lead to routing loops where we try to send the tunnel
packet into the tunnel. This eventually leads to stack overflows and panics.
Avoid this using if_tunnel_check_nesting(), which will drop the packet if we're
looping or we hit three layers of nested tunnels.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
access(), eaccess() and faccessat() will always dereference
symbolic links.
So add a note in the manual page, that lstat(2) should be
used in the case of symbolic links.
PR: 262895
Reviewed by: gbe, pauamma_gundo.com
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D44890
In the future, we will Default to _FORTIFY_SOURCE=2 if SSP is enabled,
otherwise default to _FORTIFY_SOURCE=0. For now we default it to 0
unconditionally to ease bisect across older versions without the new
symbols, and we'll put out a call for testing.
include/*.h include their ssp/*.h equivalents as needed based on the
knob. Programs and users are allowed to override FORTIFY_SOURCE in their
Makefiles or src.conf/make.conf to force it off.
Reviewed by: des, markj
Relnotes: yes
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32308
Notably:
- libc needs to #undef some of the macros from ssp/* for underlying
implementations
- ssp/* wants a __RENAME() macro (snatched more or less from NetBSD)
There's some extra hinkiness included for read(), since libc spells it
as "_read" while the rest of the world spells it "read."
Reviewed by: imp, ngie
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32307
This is a mostly-unmodified copy of the various *_chk implementations
and headers from NetBSD, without yet modifying system headers to start
actually including them. A future commit will also apply the needed
bits to fix ssp/unistd.h.
Reviewed by: imp, pauamma_gundo.com (both previous versions), kib
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32306
When the page size is 16K, use ATTR_CONTIGUOUS to map the kernel code
and data sections using 2M pages. Previously, they were mapped using
16K pages.
Reviewed by: markj
Tested by: markj
Differential Revision: https://reviews.freebsd.org/D45162
ALL_DISTRIBUTIONS and VERIFY_MANIFEST_SIG
They are neither used in the script nor exported.
Not referenced anywhere in bsdinstall/*
Approved by: imp@
Differential Revision: https://reviews.freebsd.org/D42369
There's a race in these that I missed in my review that needs
to be resolved.
This reverts commit ee2e36686e.
This reverts commit 02f481a30b.
This reverts commit 099a81a417.
The cast to (long) is wrong on all the other 32-bit platforms. (long
long) is the correct type on all platforms. Also, use a z modifier for
size_t which also fails on 32-bit platforms.
Fixes: 02f481a30b
Sponsored by: Netflix
per allocated vm_object. Otherwise, since constructors are not
idempotent, we e.g. leak device reference in case of non-managed pager.
PR: 278826
Reported by: Austin Zhang <austin.zhang@dell.com>
Reviewed by: alc, markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D45113
Cast the time type to (long). This is correct on all architectures. On
i386, this promotes the int time_t to a long (which is also 32-bit). On
64-bit architectures, this promotes the 64-bit signed time_t to a 64-bit
signed int type.
Sponsored by: Netflix
Seperate usb quirks that target specific revisions from those that
dont. Alot of the quirks dont use lo_rev and hi_rev, so we can abstract
the 0x0000, 0xffff into a macro.
[[ This commit is a bit more churn than we like. I carefully reviewed
each one and they are all good. The end product is better -- imp ]]
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1153
In some cases, the USB_QUIRK_VP macro was being misused. Instead of
setting quirks to the intended value, the first two supplied quirks
would go into lo_rev and hi_rev. Replace it with USB_QUIRK_VO which only
takes the needed args. This also makes the Dummy products, which where
being used to correctly set vendor only quirks, not necessary.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1153
Consistently use the weird ssize_t type for things I know are unsigned,
but which none-the-less need to be compared to signed things to prevent
a bogus warning. Sigh, these aren't bugs, can't possibly be bugs and
a waste of time to fix.
Sponsored by: Netflix
This produces the same data as the Linux nvme-cli 'nvme telemetry-log'
command. It extracts the telemetry log from drive. This is a variable
length log, so we read the first page and find out how much of the log
to grab. There's 3 levels of details available, and we grab the level of
detail specified on the command line.
Sponsored by: Netflix
Add definition for page types 7 and 8 for host initiated telemetry and
controller initiated telemetry (they differ by one byte, but that byte
that's defined in the host version is reserved in the controller
version).
Sponsored by: Netflix
When the RACK stack wants to send a FIN, but still has outstanding
or unsent data, it sends a challenge ack. Don't do this when the
TCP endpoint is still in the front states, since it does not
make sense.
Reviewed by: rrs
MFC after: 3 days
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D45122
Define macros to perform pte to vm_page and vm_page to pte conversions
without composing two macros, and use the convenience macros wherever
possible.
Reviewed by: alc
Differential Revision: https://reviews.freebsd.org/D44699
Document that the only way to get the interrupt thread is to use
curthread->td_intr_frame, rather than the old-style of having a NULL
pointer for the interrupt thread. As of 38c35248fe, support for that
has been removed. I neglected to update that commit message with these
details.
Suggested by: mhorne
While otherwise a handy potential approach, getting the trap frame via
the argument isn't documented and isn't supposed to be used. With all
uses removed, now remove support to end the mixed calling conventions.
Differential Revision: https://reviews.freebsd.org/D37688
Reviewed by: imp, mhorne
Pull Request: https://github.com/freebsd/freebsd-src/pull/1225
GCC 13 complains that we might be writing too much to an on-stack buffer
when createing a filename.
In practice there is a check that filename isn't too long given the
time format and other static characters so GCC is incorrect, but GCC
isn't wrong that we're potentially trying to put a MAXPATHLEN length
string + some other characters into a MAXPATHLEN buffer (if you ignore
the check GCC can't realistically evaluate at compile time).
Switch to snprintf to populate filename to ensure that future logic
errors don't result in a stack overflow.
Shorten the questionably named yyyymmdd buffer enough to slience the
warning (checking the snprintf return value isn't sufficent) while
preserving maximum flexibility for admins who use the -F option.
MFC after: 3 days
Sponsored by: Klara, Inc.
Reviewed by: brooks
Differential Revision: https://reviews.freebsd.org/D45086
* Replace `random()` with `arc4random()`.
* Change some variable types.
* Drop some unused assignments.
MFC after: 3 days
Sponsored by: Klara, Inc.
Reviewed by: imp, markj
Differential Revision: https://reviews.freebsd.org/D45132
This went unnoticed due to namespace pollution in our headers.
MFC after: 3 days
Sponsored by: Klara, Inc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D45131
+ move Lua to alphabetize subsections
+ word manpages like other subsections
+ man PR's shouldn't bump document date
MFC after: (maybe MFC to BETA3 along w/ e7ff917057 ?)
This is mostly to reduce the diff with CheriBSD which adds additional
constants to enum uio_rw, but also matches the normal style used for
uio_segflg.
Reviewed by: kib, emaste
Obtained from: CheriBSD
Differential Revision: https://reviews.freebsd.org/D45142
While here, use bp->bio_cmd instead of auio.uio_rw to drive read vs
write behavior.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D45155
It turns out this wasn't in 4.4BSD. I had a false positive for gdc.c
(which is in 4.4BSD, but part of gated, not this). gdc.c comes from the
ncurses tests, so it shouldn't have this copyright. This version is
mostly Amos Shapir and John Lupien's code. It comes from ncurses test
directory. ncurses has made dozens of improvements to this file since
we imported it in 1997 (which pre-dates their online history), so it's
not clear if their new copyright applies (which doesn't mention Amos
or John) or if some other copyright applies. In any case, it wasn't
4.4BSD, so revert this.
This reverts commit 6ed7d0e3ac.
Sponsored by: Netflix
A test system provided by AMD panicked with "madt_parse_apics:
I/O APIC ID 255 too high". I/O APIC ID 255 is acceptable, so increase
the limit.
Reviewed by: jhb, kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45157
Instead of printing something like "MADT: Found CPU APIC ID 4294967295
ACPI ID 512: disabled" print the APIC ID as a singed int for a more
user-friendly -1.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D45158
Also ${XARGS_J} this allows use of non-BSD xargs when building
kernel modules.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D45146
This is leftover from an earlier iteration of the code where 'nt' was
not dynamically allocated but was the passed in 'ops' pointer so was
always alive.
Reported by: Coverity Scan
CID: 1545042
Sponsored by: Chelsio Communications