This hasn't been used in a long time, and since I am shuffling around
the net80211 crypto API a bunch, let's just delete it instead of
leaving it here and trying to figure out how to support it if it's
used by userland somehow.
Reviewed by: guest-seuros
Differential Revision: https://reviews.freebsd.org/D57312
The IEEE80211_KEYBUF_SIZE and IEEE80211_MICBUF_SIZE are sprinkled
throughout the net80211 stack, ioctl API and drivers. This makes it
challenging to (eventually) up IEEE80211_KEYBUF_SIZE to support 256 /
384 bit encryption as, well, it'll break every single driver and the
ioctl API in doing so.
So as part of this, let's start to separate out the current key/mic
buffer size from what drivers and the ioctl layer are using.
Drivers especially shouldn't be using these definitions as their
key sizes are hardware / firmware API limits, not net80211 limits.
Ideally drivers would define their own key buffer / mic buffer
sizes and only copy in keys up to that length (and fail keys
that are too large) but the current net80211 API isn't there yet.
This doesn't yet change what defines / buffer sizes are used in the
ioctl layer. I'm going to plan out some subsequent work to
separate out those defines and ioctl APIs so they maintain using
the 128 bit key/mic buffer sizes and will copy them in/out of any
larger net80211 key buffer size in the future.
Differential Revision: https://reviews.freebsd.org/D54593
libalias maintains a global list of all libalias handles. The list was
updated without any locking, but nothing prevents updates from running
concurrently.
MFC after: 1 week
After commit 069a67374e, ip6_input() quickly rejects packets with
plen == 0, before ip6_input_hbh() is called. So, there is no need to
check this condition again in the helper function.
Reviewed by: pouria, zlei, tuexen
Differential Revision: https://reviews.freebsd.org/D57342
Rewrite the main loop to use ppoll() instead of just blocking on read,
blocking the signals we care about when we aren't polling.
I didn't bother replacing alarm() with setitimer(); the alarm code
is dead anyway since there is no way for max_idletime to acquire a
non-zero value.
While here, avoid leaking the pid file and trigger descriptors to the
log child.
PR: 295840
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D57451
The Linux getsockopt did not check the size of the provided buffer when
copying out the value, leading to buffer overflows (e.g., for TCP_INFO).
Fix is to use the smaller of the option value size and the provided
buffer.
MFC after: 1 month
Relnotes: yes
Reviewed by: kib, markj
Differential Revision: https://reviews.freebsd.org/D55881
Currently, 'write_files' does not create parent directories, and
'runcmd' cannot be used here, since those scripts run after the files
have been written. The only workaround is to create the files in an
existing directory, such as '/root' or '/tmp', and then move those
files using 'runcmd', but this is cumbersome when there are many files,
even if they are small.
With this change, nuageinit now creates the parent directories for each
file using the path field, which mimics the same behavior as in
cloud-init.
Permissions and ownership can also be configured using 'runcmd'.
Reviewed by: bapt@
Approved by: bapt@
Differential Revision: https://reviews.freebsd.org/D57395
Discarding m_free's return value will result in an mbuf leak if the mbuf
was in a chain.
In general we should use m_freem if the mbuf may be in a chain, or
assert that the return was NULL. There will not be a chain here due to
m_megapullup, so add an assert.
Reviewed by: ae
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57479
The remote syscall is executed in the context where debugger owns a
p_lock hold on the target. Due to this, exit1() waiting for p_lock
going to zero, never happen.
Postpone the exit1() call to ast then, saving the provided rval and
signo in the struct proc. Mark the async-exiting proc with the new
p_flag P_ASYNC_EXIT.
While p_xexit can be reused, p_xsig can be only set by actual exit1(),
otherwise it breaks the ptrace mechanism. Allocate a dedicated p_asig
for it.
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57482
nlmsghdr::nlmsg_len and nl_buf::offset are u_int. Make msglen match.
Reviewed by: pouria, glebius
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57474
Althought non-compliant, there are binaries which have the phdrs placed
unaligned in the image. Since we have the code to allocate memory for
off-page phdrs, the same code path can be used to handle unaligned
phdrs.
Relax the requirement for both the activated image and interpreter.
PR: 295629
Reviewed by: emaste, markj, olce
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57498
Two bugs in the firewire bus layer that affect all consumers (
if_fwip, sbp):
watchdog_clock was a static local in firewire_watchdog(), shared across
all firewire_comm instances. With two controllers (e.g. built-in +
Thunderbolt Display), both advance the same counter, so the second
controller's 15-second boot-time timeout guard expires prematurely.
fw_tl2xfer() released tlabel_lock before returning the xfer pointer.
Reviewed by: zlei, adrian
Differential Revision: https://reviews.freebsd.org/D57496
If a name token contains trailing garbage, error out from
krb5_gss_import_name() instead of crashing the process with an
assertion failure.
Commit message details obtained from upstream commit.
Obtained from: upstream commit 07818f1fd
Reported by: Aisle Research (Ze Sheng, Dmitrijs Trizna,
Luigino Camastra, Guido Vranken) to krb5-bugs
MFC after: 3 days
krb5 1.22.1 erroneously removed a check from get_negTokenResp() for
successful decoding of the mechListMIC field. Restore the check to
prevent a null pointer dereference.
Commit message details obtained from upstream commit.
Obtained from: Upstream commit 4ae75cded
MFC after: 3 days
A PPTP client sending a specially crafted PPTP message with a length
smaller than the already processed fixed header can panic the system.
This resultes in a negative remaining length (a large unsigned 16-bit
number).
Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li,
and Ke Xu from Tsinghua University using GLM-5.1 from
Z.ai
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D57383
When we undefer a packet (when the peer acks the state) it's possible
that we don't find a corresponding pfsync_deferral. We panic here, but
that's actually something that can happen in normal operation:
- if we have too many deferred packets already (in pfsync_defer())
- if the deferral timed out (in pfsync_defer_tmo())
Remove this panic and document the scenarios where it might occur.
MFC after: 2 weeks
Sponsored by: Orange Business Services
We have to switch back to the previous rule once the temporary
build fix has been replaced with a permanent fix.
PR: 295823
See also: 4996ebdb72
Reported by: siva
MFC after: 1 week
Add C23 sized deallocation entry points as thin wrappers around free(3).
Implementations may ignore size and alignment hints, so behaviour stays
correct for existing allocations without validating caller metadata yet.
When jemalloc is updated to 5.3.1, rewire these to je_free_sized() and
je_free_aligned_sized() so deallocation can use the allocator's sized
deallocation (free_sized for fast paths and free_aligned_sized for
correct aligned hints.)
Please note this change satisfies the standard interface only. Both
functions should be delegated to jemalloc after the upgrade so callers
get the intended allocator behaviour; until then, hints are unused and
neither sized nor aligned-sized deallocation optimizations apply.
Signed-off-by: Faraz Vahedi <kfv@kfv.io>
Reviewed by: fuz
Pull Request: https://github.com/freebsd/freebsd-src/pull/2201
MFC after: 1 month
Paul Zimmermann (of Core-Math and MPFR fame) graciously tested
the recently committed rsqrt[fl]() functions. He identified 127
incorrectly rounded values for rsqrtf() in round-to-nearest mode.
This patch fixes the rounding in RN. Exhaustive testing now shows
that rsqrtf() is corrected rounded for RN. He also tested rsqrt()
and rsqrtl() in the interval [1,4). Both appear to be correctly
rounded. Finally, the patch includes small changes to comments.
A concise list of changes is
* lib/msun/src/s_rsqrt.c:
. Fix comments.
* lib/msun/src/s_rsqrtf.c
. Fix comments.
. Exhaustive testing by Paul Zimmermann found 127 incorrectly
rounded values in round-to-nearests. These gave have the
form 0x1.13e07pN with N an odd integer. With this patch, all
values are now correctly rounded in round-to-nearest.
* lib/msun/src/s_rsqrtl.c
. Fix comments.
. Move all variable declarations to top of function and sort.
PR: 295706
MFC after: 1 week
Fixes: 3085fc9d97
A bug was discovered in the riscv64 assembly implementation of
this function. Fall back to the generic implementation until a
fix can be developed.
PR: 295823
Reported by: siva
MFC after: 1 week
Correctly declare vfs.zfs.metaslab.condense_pct
The following sysctls have moved to metaslab.c:
vfs.zfs.metaslab.df_alloc_threshold
vfs.zfs.metaslab.df_free_pct
vfs.zfs.metaslab.sm_blksz_no_log
vfs.zfs.metaslab.sm_blksz_with_log
Reported by: dim@FreeBSD.org
Remove stale and misleading XXX comments throughout firewire.c.
Most were from the original 2002 codebase and either described
correct behavior or noted aspirational improvements that never
happended.
Two actionable items retained as TODO: config ROM CRC validation
and pending xfer cleanup on detach.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57466
Wrap the if_input() call in fwe_as_input() with NET_EPOCH_ENTER/EXIT.
The network stack requires epoch protection when delivering packets
via if_input, and fwe was missing it.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57459
Expose metaslab_df_alloc_threshold and metaslab_df_free_pct as module
parameters on Linux, matching their existing FreeBSD sysctls.
Reviewed-by: Alexander Motin <alexander.motin@TrueNAS.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Christos Longros <chris.longros@gmail.com>
Closes#18632
Occasionally in the CI this test will fail because the parallel import
took longer than half of the serial time (but still less than the full
serial time). Increase the cutoff to 3/4 of the serial time to preserve
the intent yet try and avoid these false positive failures.
Reviewed-by: Chris Longros <chris.longros@gmail.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes#18634
Support for swapping out kernel stacks was removed, so the PHOLD has no
purpose. (And even before that, it's not clear why a swapout here would
have been problematic.)
Reviewed by: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D57486
Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai
Reviewed by: markj, bz, kp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57476
If pkg is installed, for each old library found to still be present,
check if any installed packages either provide or require the library,
and inform the user.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D53977
Posts instance data (hostname, instance_id, public keys) to a URL
using fetch(1). Supports:
- url: target URL
- post: list of data items to send, or 'all'
- tries: number of retry attempts (default 1)
This resolves the following possible uninitialized variable warning
when building with --enable-code-coverage and gcc 8.5.0.
module/zfs/zil.c: In function ‘zil_parse’:
module/zfs/zil.c:549:47: warning: ‘end’ may be used uninitialized
in this function [-Wmaybe-uninitialized]
Reviewed-by: Alexander Motin <alexander.motin@TrueNAS.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes#18633