Explicitly hand off ownership of accepted sockets to the
portal::handle_connection method.
Reviewed by: asomers
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D51729
This is a prerequisite for adding NVMe over Fabrics support.
Convert portal_group, portal_group_port, and target into abstract
classes with virtual methods to support protocol-specific methods.
Add new iscsi_portal_group, iscsi_port, iscsi_portal and iscsi_target
subclasses in a new iscsi.cc file and move some iSCSI-specific logic
there. Rename ctld_connection to iscsi_connection and move it to a
new iscsi.hh header. Move iscsi_connection methods out of ctld.cc and
kernel.cc into iscsi.cc.
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D48772
Split out a private method to parse a listen address and optional
mask. This will avoid having to duplicate that code for NVMe
host addresses.
Rename the ag_names and ag_portals members to include "initiator"
to indicate they are iSCSI-specific.
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D51728
We load a fixed value into sctlr_el1 in enter_kernel_el so there is no
need to clear and set fields. Replace with a fixed list of fields that
are set when the MMU is off an when it is on.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D51011
In preparation for TBI to be enabled for processes from 15.0 we need
to clean up copying data between userspace and the kernel. These
functions will check the address is within the valid userspace range,
however as the userspace and kernel ranges may overlap when TBI is
enabled we need to mask off the top 8 bits.
Processes not using TBI are unaffected as the hardware will still
check all bits in the address, however this will happen at the first
load/store instruction.
Reviewed by: andrew
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D49119
In most of the places we used ADDR_IS_KERNEL to decide which address
space was being used it was to see if the address was for userspace.
To make the checks more descriptive add ADDR_IS_USER rather than
checking for not ADDR_IS_KERNEL.
Reviewed by: alc, kib, markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D51406
s/download/load/ to clarify the difference between these and fwget, our
utility to install firmware packages, in apropos results. Also, include
rtlbtfw, I missed that one last time.
MFC after: 3 days
Reviewed by: bz, pauamma
Fixes: 2c901189bb (terse descriptions)
Differential Revision: https://reviews.freebsd.org/D51333
This adds a function introduced in libusb 1.0.27 to parse
platform-specific USB descriptors, enabling access to vendor- or OS-specific information.
Approved by: lwhsu (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51242
The libusb_wrap_sys_device function can wrap an opened fd from the
system into a libusb handler. However, in FreeBSD's libusb implementation, a
USB device contains two fds: one for control transfers and another for
normal (bulk, interrupt, isochronous) transfers.
This design makes it impossible for FreeBSD to implement this function
without exposing a different structure in libusb.h to provide two fds.
Therefore, we return LIBUSB_ERROR_NOT_SUPPORTED to maintain API
compatibility.
Approved by: makrj (mentor), lwhsu (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51739
This function tells applications who maintain the pollfds themselves if
they should handle the timeout for each xfer themselves. In FreeBSD, the
timeout for each xfer is handled by kernel and doesn't need a special timer to
do so. Therefore, we return 1 to indicate that it is handled by libusb
internally.
Approved by: lwhsu (mentor), markj (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D51742
The data size check, as currently written, can be defeated by providing
a very large number that rounds up to 0, which will pass the check
(because zero plus the size of the header and name is smaller than the
size of the message) but cause a segfault later when used to index the
data array.
Rewrite the data size check to take rounding into account, and add a
cast to ensure the name size can't round up to zero.
MFC after: 1 week
PR: 266827
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D51615
Make syscall stubs generated by lib/libsys/Makefile.sys depend on it.
This will have some false positives, but generating and assembling them
is fast. Also add slightly dubious dependencies on compat.h and SYS.h.
While here, fix the comment documenting the assembly origin.
Reviewed by: kib, emaste
Differential Revision: https://reviews.freebsd.org/D51671
When we switched to an interposing table (commit 8495e8b1e9) for
cancelation points we stopped having concrete implementations of
__<syscall> and instead use __sys_<syscall> and __thr_<syscall>.
These entries of the form:
__weak_reference(__sys_<syscall>, __<syscall>);
seem to be intended to preserve these symbols, but they have no effect
as __sys_<syscall> isn't defined in the translation units in question.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D51668
Now if_epair(4) uses ether_gen_addr(9) to generate a stable MAC.
This feature was committed in 590493c141.
Approved by: kp
MFC after: never
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D51157
delivered_data is the number of bytes, which have newly been
delivered to the peer. This includes the number of bytes
cumulatively acknowledged and selectively acknowledged.
Reviewed by: rscheff
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D51718
When panicing, don't print the condition, which was violated,
but the condition which holds at the time of the panic.
Reviewed by: Nick Banks
MFC after: 1 week
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D51726
The previous scheme would inflate the CPU consumption of short-lived
processes. For containers (e.g., processes, jails), the total pcpu
usage was computed as a sum of the pcpu usage of all constituent
threads, which makes little sense for a decaying average.
Instead, aggregate wallclock time of all on-CPU threads and compute the
pcpu resource as a decaying average as the sum. This gives much more
reasonable and accurate values in various simple tests.
PR: 235556
Reviewed by: markj
MFC after: 1 month
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30878
Ever since the first GSoC contribution, fusefs has had a curious
behavior. If the daemon hasn't finished responding to FUSE_INIT,
fuse_vnop_getattr would reply to VOP_GETATTR requests for the mountpoint
by returning all zeros. I don't know why. It isn't necessary for
unmounting, even if the daemon is dead.
Delete that behavior. Now VOP_GETATTR for the mountpoint will wait for
the daemon to be ready, just like it will for any other vnode.
Reported by: Vassili Tchersky
Sponsored by: ConnectWise
Differential Revision: https://reviews.freebsd.org/D50800
Intersting/relevant changes since bmake-20250707
ChangeLog since bmake-20250707
2025-08-04 Simon J Gerraty <sjg@beast.crufty.net>
* VERSION (_MAKE_VERSION): 20250804
Merge with NetBSD make, pick up
o meta.c: allow printing only partial string to meta file
in jobs mode, otherwise we end up with duplicated output when
buffer does not end in newline.
Add a suitable unit test.
mk/ChangeLog since bmake-20250707
2025-07-24 Simon J Gerraty <sjg@beast.crufty.net>
* install-mk (MK_VERSION): 20250724
* meta2deps: Allow X record to have 3 or 4 args.
V4 filemon on Linux produces 3
V5 filemon on FreeBSD produces 4
2025-07-22 Simon J Gerraty <sjg@beast.crufty.net>
* install-mk (MK_VERSION): 20250721
* meta2deps.{py,sh}: detect corrupted filemon output (an issue on
Linux) by checking each record type has the correct number of
words. Throw an error if necessary so that gendirdeps.mk will not
update Makefile.depend
If we handle a fragment and are configured not to reassemble it the
pd->proto field will show the layer 4 protocol (i.e. UDP,TCP,SCTP,...) but
pd->virtual_proto will show we're a fragment.
In that case we also don't have the layer 4 checksum pointer. Have code that
cares about L4 (e.g. NAT) check virtual_proto so it doesn't try to dereference a
NULL pcksum field.
PR: 288549
Reported by: Danilo Egea Gondolfo <danilo@FreeBSD.org>
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D51722
Make a few tests less likely to intermittently fail by giving background server
processes a bit more time to finish starting.
Sponsored by: Rubicon Communications, LLC ("Netgate")
while here, rework the "set limit" section:
- use a simple list
- add some missing defaults and limit-item
mbuhl helped fill in some of the blanks
ok kn
Obtained from: OpenBSD, jmc <jmc@openbsd.org>, 4fbb390c4b
Sponsored by: Rubicon Communications, LLC ("Netgate")
Add a pool for the allocation of the pf_anchor struct.
It was possible to exhaust kernel memory by repeatedly calling
pfioctl DIOCXBEGIN with different anchor names.
OK bluhm@
Reported-by: syzbot+9dd98cbce69e26f0fc11@syzkaller.appspotmail.com
Obtained from: OpenBSD, mbuhl <mbuhl@openbsd.org>, fa90ac5c78
Obtained from: OpenBSD, mbuhl <mbuhl@openbsd.org>, c259202341
Sponsored by: Rubicon Communications, LLC ("Netgate")
According to some notes from sthen;
ok sthen
Obtained from: OpenBSD, jmc <jmc@openbsd.org>, 7f29e7e980
Sponsored by: Rubicon Communications, LLC ("Netgate")
Add up to 64 addresses at once. We are limited by the netlink socket buffer, so
we can only add a limited number at once.
Sponsored by: Rubicon Communications, LLC ("Netgate")
For the sunset of freebsd-update in 15.0R, remove a paragraph
claiming this utility should work even if using freebsd-update.
MFC: never
Reviewed by: 0mp, bcr
Differential Revision: https://reviews.freebsd.org/D51160
Add support for the creation of exFAT file systems, if invoked as
newfs_exfat.
Reviewed by: olce
Approved by: olce, mckusick
MFC after: 4 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D48727
The current syntax to add an interface to a filtering bridge requires
repeating the interface name up to three times:
ifconfig bridge0 addm ix0 untagged ix0 10 tagged ix0 100-199
Since at least one of these options nearly always needs to be set,
this results in excessively verbose configuration.
Extend "addm" to support optional arguments, and add two arguments,
"untagged" and "tagged", which infer the interface name from the
addm command. Now the interface only has to be given once:
ifconfig bridge0 addm ix0 untagged 10 tagged 100-199
To avoid confusion with the existing untagged and tagged commands,
rename those to ifuntagged and iftagged.
In future, this syntax will make it possible to add an interface and
set its vlan configuration atomically (once the API supports that),
but switching to the new syntax now means we don't need to change it
after 15.0.
Differential Revision: https://reviews.freebsd.org/D51707
When bridge(4) and vlan(4) are both configured on the same physical
interface, bridge handles incoming packets first and needs to shunt
some packets to vlan(4). Right now, that shunt is done if the packet
is destined for the Ethernet address of the member interface it was
received on, and has a vlan tag.
This is not ideal for two reasons:
* It leaks some of the "special" behaviour of member_ifaddrs=1 even
when member_ifaddrs is set to 0.
* It means the vlan interface only receives locally-destined traffic,
so anything that needs to receive other traffic won't work.
Change the behaviour so that if a member interface has a vlan trunk
configured, *all* tagged packets are unconditionally passed back to
ether_input, which will send them to vlan(4).
This somewhat changes the observable behaviour of vlan(4): since
bridge(4) places all member interfaces in promiscuous mode, the
vlan interface will now receive all traffic on that vlan. This
shouldn't break any real-world configurations because it's only
receiving more traffic; any traffic that was previously received
is still received.
Configuring both vlan(4) and bridge(4) on the same interface is
probably not something we want to support long term, but for now
this makes the code cleaner and the user-visible behaviour simpler
and more predictable.
Differential Revision: https://reviews.freebsd.org/D51677
Add a new per-interface option "ifvlanproto", which can be either
"802.1q" (the default) or "802.1ad". This controls what type of
tag we attach to outgoing packets on the interface.
Reviewed by: pauamma_gundo.com (manpages)
Differential Revision: https://reviews.freebsd.org/D51231
Allowing tag stacking by default can permit VLAN-hopping attacks in
certain configurations. To mitigate this, disallow sending Q-in-Q
frames by default unless the new "qinq" option is enabled on the
interface. The bridge flag "defqinq" can be used to restore the
previous behaviour of allowing Q-in-Q on all interfaces.
The bridge.4 changes from the differential are omitted here and
will be landed via D51185.
Reviewed by: kevans, pauamma_gundo.com (manpages)
Differential Revision: https://reviews.freebsd.org/D51227