This should no longer be relevant since the default C++ standard is
C++17.
Reviewed by: imp, asomers, emaste
Differential Revision: https://reviews.freebsd.org/D49787
The Secure RPC authenticator for telnet prompts the local user for the
username to use for authentication. Previously it was using sprintf()
into a buffer of 256 bytes, but the username received over the wire
can be up to 255 bytes long which would overflow the prompt buffer.
Fix this in two ways: First, use snprintf() and check for overflow.
If the prompt buffer overflows, fail authentication without prompting
the user. Second, add 10 bytes to the buffer size to account for the
overhead of the prompt so that a maximally sized username fits.
While here, replace a bare 255 in the subsequent telnet_gets call with
an expression using sizeof() the relevant buffer.
PR: 270263
Reported by: Robert Morris <rtm@lcs.mit.edu>
Tested on: CHERI
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D49832
UDP over IPv6 was not leaving space for link headers,
resulting in the ethernet header being placed in its own mbuf
at the front of the mbuf chain sent down to the NIC driver.
This is inefficient, in terms of allocating 2x as many
header mbufs as needed, and its also confusing for drivers
which may expect to find ether/ip/l4 headers together in the same
mbuf.
Reviewed by: glebius, rrs, tuexen
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D49840
This is a port of e6ccd70936, which was done by Robert
Watson in 2004 for IP4
libedit.so.8 needs libtinfow.so.9 too, starting in stable/14. so
add it here.
With this I have an image that boots the minimal 'echo success' test for
LinuxBoot on amd64... Though changes for that aren't upstreamed just
yet. They need to be cleaned up a little before I do that. Stay tuned.
Sponsored by: Netflix
add a new typedef in if_vlan_var.h to represent the lowest (1) and
highest (4095) valid VLAN IDs in a .1q tag.
change if_vlan to use DOT1Q_VID_MAX instead of a magic number.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D49837
ether_vlanid_t is a type to represent a VLAN ID, for example inside a
.1q tag. since this is specific to Ethernet, put it in net/ethernet.h.
change bridge to use the new type instead of uint{16,32}_t.
Reviewed by: adrian, kp
Differential Revision: https://reviews.freebsd.org/D49836
dt_oformat_drop() should only be called when in structured output mode.
Reviewed by: Domagoj Stolfa
Fixes: 93f27766a7 ("dtrace: Add the 'oformat' libdtrace option")
The net result of this change is the removal of a few comments from
config.h; it has no direct user-facing impact as DSA was already
disabled as of commit 0b707d5fe8 ("ssh: Disable support for DSA
keys").
Reviewed by: jlduran, philip
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49739
DSA is deprecated and upstream OpenSSH is in the process of removing it.
From OpenSSH-portable 10.0, cherry-pick the configure change so that we
can independently decide what to merge to stable branches.
This change has no direct user-facing impact, as the upstream configure
script is not used in the FreeBSD build process. It is worth noting as
part of OpenSSH's full removal of DSA support.
Reviewed by: jlduran, philip
Relnotes: Yes
Obtained from: OpenSSH-portable 6c9872faa1c2
Sponsored by: The FreeBSD Foundation
If the target is "." or ends in "/" or "/.", we always want to append
the source's basename, even in the Fflag case.
MFC after: never
Relnotes: yes
Sponsored by: Klara, Inc.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D49842
In kmem_unback(), take one small bit of code out of the region where
the write lock is held.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D49834
Just as for nat anchors we can't print counters for rule anchors. Remove the
incorrect print call.
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Rather than passing the mbuf pass the struct pf_pdesc pointer. This also
contains the mbuf, as well as other fields (e.g. af, naf) we can use rather than
having to pass them as an argument. We'll make that change in the next commit.
Sponsored by: Rubicon Communications, LLC ("Netgate")
Add a probe point in the REASON_SET macro. This can be halpful during debugging,
letting us figure out exactly where PF made a decision.
Sponsored by: Rubicon Communications, LLC ("Netgate")
pass a pointer to pf_test()'s reason to pf_test_rule instead of using a
local one. While we always intended to keep the logging in pf_test_rule
and pf_test so seperate that we don't end up with a wrong reason, this
is just too fragile and I can't even convince myself that it still is
right. pointed out by markus, ok bluhm benno
Obtained from: OpenBSD, henning <henning@openbsd.org>, f25274e4c5
Sponsored by: Rubicon Communications, LLC ("Netgate")
When printing a nat anchor we don't have rule information, or rule
counters. Do not attempt to print them. The information is nonsensical
anyway, and this can cause a crash converting the timestamp to a string,
as years in the very distant future use more digits, and we exceed the
30 byte buffer allocated for this.
MFC after: 2 weeks
Sponsored by: Orange Business Services
pkg-stage.sh (used by the disc1 build) does not currently support
METALOG output for NO_ROOT builds. Emit a warning for this case.
PR: 283387
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49785
so_unsplice() assumed that if SB_SPLICED is set in the receive buffer of
the first socket, then the splice is fully initialized. However, that's
not true, and it's possible for so_unsplice() to race ahead of
so_splice().
Modify so_unsplice() to simply bail if the splice state is embryonic.
Reported by: syzkaller
Reviewed by: gallatin
Fixes: a1da7dc1cd ("socket: Implement SO_SPLICE")
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D49814
When the file system does not support symbolic links (like in the case
of MSDOS), symlink() returns -1 and sets errno to EOPNOTSUPP.
Document this behavior.
Reviewed by: glebius, markj
MFC after: 3 days
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D49803
Start collecting rxrate information from the RX statistics which are
passed per packet. Store them in the lsta and upon printing statistics,
if no RX_BIRATE is provided copy them over from the lsta.
This allows us to see rate information in both directions on modern
iwlwifi chipsets, which are doing [tx]rate handling in firmware.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
We are using an mbuf tag to carry the ni reference in the TX path
from the TX function past the taskq along with the mbuf.
Contrary to initial assumptions we only need the ni and no other data
so attach the ni to m->m_pkthdr.PH_loc.ptr avoiding the extra allcation.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Increase the mbufq lengths we use in the RX and TX path to decouple
the lower and upper parts (currently using taskqs which likely need
to be replaced as well now -- was asked not to add more sophisticated
concepts 2-ish years ago).
The old values of IFQ_MAXLEN (50) are a tad too small so bump them
to 32 * NAPI_POLL_WEIGHT (32 * 64) which seems to be mostly enough
now not to drop mbufs anymore (by not overflowing the queues).
As a side effect TCP became a lot happier as well growing throughput
towards where UDP is already. There is more fish to fry but we
are also doing ~750 Mbits/sec TX and 400 Mbit/s RX TCP at VHT160 now.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
In case we fail to allocate the mbuf or mtag in the RX path or fail
for other reasons report it as ic_ierrors for better diagnostics
and more correct statistics.
Also do what the comment had indicated and mandate that mtag allocation
succeeds or otherwise drop the packet. There may be room for future
improvements in a follow-up commit here.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Rename lkpi_ic_raw_xmit() to lkpi_xmit() as we need a wrapper to add
an extra argument as (*ic_raw_xmit) and (*ic_transmit) have different
invariants. Based on the caller free the mbuf in the error case or
not to satisfy the requirements of the caller. For more information
see the comment in the code.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Now that we are doing VHT it is possible to overflow the mbufqs
we use in the TX and RX paths. Check the return code of mbufq_enqueue()
deal with any error accordingly and propagate it.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
setting ${svc}_svcj_ipaddrs to a list of IP addresses causes rc.subr to
set ip6.addr and/or ip4.addr when starting the jail, restricting it to
those IP addresses rather than inheriting all IP addresses.
for example:
inetd_enable=YES
inetd_svcj=YES
inetd_svcj_options="net_basic"
inetd_svcj_ipaddrs="::1 127.0.0.1 2001:db8::1"
if not specified, the default value is unchanged (inherit all addresses
if networking is enabled).
Reviewed by: netchild
This debugging code was added this log as part of an effort to diagnose
firmware crashes in an earlier version of the driver.
It hasn't been used for a while and I'm not sure how useful it is for
this compared to other methods.
While reorganisation move strings for print mappings into if_iwx_debug.c
to reduce their scope.
Suggested by: bz
Reviewed by: bz
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49783
iwx goes through a couple of steps to match devices to firmware. There
is a default match of pcie device and subdevices and then a secondary
pass to find a template configuration struct.
Previously we were looking up the device not the subdevice and that
led to ax210 cards in some devices (Framework 13) from being matched to
the correct firmware.
PR: 285905
Reviewed by: bz, adrian
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49759
Change vm_page_alloc_after() and vm_page_alloc_domain_after() to take
a page iterator argument, to allow for faster insertion into the radix
trie of pages. Where a caller of one of those functions doesn't
already have a page iterator to use, define one. Where vm_page_grab()
is invoked in a loop, invoke a new version with an iterator argument,
and pass the same iterator in each call. Make sure that
vm_page_alloc_after() and vm_page_alloc_domain_after() return with the
iterator in a valid state, even when the object lock was briefly lost
and regained.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D49688
Suppose an object O has two shadow objects S1, S2 mapped into processes
P1, P2. Suppose a page resident in O is mapped read-only into P1. Now
suppose that P1 writes to the page, triggering a COW fault: it allocates
a new page in S1 and copies the page, then marks it valid. If the page
in O was busy when initially looked up, P1 would have to release the map
lock and sleep first. Then, after handling COW, P1 must re-check the
map lookup because locks were dropped. Suppose the map indeed changed,
so P1 has to retry the fault.
At this point, the mapped page in O is shadowed by a valid page in S1.
If P2 exits, S2 will be deallocated, resulting in a collapse of O into
S1. In this case, because the mapped page is shadowed, P2 will free it,
but that is illegal; this triggers a "freeing mapped page" assertion in
invariants kernels.
Fix the problem by deferring the vm_page_valid() call which marks the
COW copy valid: only mark it once we know that the fault handler will
succeed. It's okay to leave an invalid page in the top-level object; it
will be freed when the fault is retried, and vm_object_collapse_scan()
will similarly free invalid pages in the shadow object.
Reviewed by: kib
MFC after: 1 month
Sponsored by: Innovate UK
Differential Revision: https://reviews.freebsd.org/D49758
In the case of DRM drivers, the passed device is a child of `vgapci`. We
want to start the lookup from `vgapci`, so the parent of the passed
`drmn`. We use the `isdrm` flag to determine if we are in this
situation.
This fixes an infinite loop with the amdgpu DRM driver that started to
use this function in Linux 6.8: `pci_upstream_bridge()` was returning
itself and the code in amdgpu was calling it again, hoping to get a
device with a vendor that is not "ATI".
Reviewed by: bz
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49388
The i915 DRM driver started to use it in Linux 6.8.
Reviewed by: bz
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49384
This function is used by the i915 DRM driver starting with Linux 6.8.
Reviewed by: bz, emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D49067
In a few places where the 80-character limit is violated, wrap lines
to restore proper style.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D49802
Until July 2024, dhclient kept track of time as seconds-since-epoch as
a time_t. This was a problem because (a) we wanted sub-second timeouts
and (b) timeouts didn't always do the right thing if the system clock
changed.
Switching to using CLOCK_MONOTONIC and struct timespec fixed those
issues but introduced a new problem: CLOCK_MONOTONIC values were being
intepreted as seconds-since-epoch and written to the dhclient.leases
file, causing confusion with DHCP leases expiring in early 1970.
Attempt to compromise between these by keeping track of both times;
any type within dhclient which is a time_t now refers to seconds past
the epoch, while any struct timespec value is a CLOCK_MONOTONIC time.
PR: 283256
Reviewed by: dch
Fixes: f0a38976b0 ("dhclient: Use clock_gettime() instead of time()")
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D49720
Let the hardware handle fragmentation itself and tell net80211 to
save itself from it. We already call the (*set_frag_threshold)
mac80211 function.
This should be a NOP for all currently enabled LinuxKPI based WiFi
drivers.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Move kfree() into slab.c as an implementation and hide the private
function linux_kfree_async() entirely.
Remove a ; at the end of a define and sort some defines into place.
Remove extern from function declarations and move the closer to where
they belong.
Sort the functions into "base allocator/free" functions--these have
an implementation in slab.c and are ensuring contiguous physical
memory allocations.
Followed by inline functions using these base allocators to implement
their functionality; vmalloc/kvalloc, and misc functions.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: dumbbell
Differential Revision: https://reviews.freebsd.org/D49572
Implement krealloc_array() using krealloc(). Implement krealloc()
doing the various size checks ourselves and use realloc() or kmalloc()
depending on old and new allocation sizes.
This way we can ensure that allocated memory stays physically contiguous.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Suggested by: jhb (see D46657)
Reviewed by: jhb, markj
Differential Revision: https://reviews.freebsd.org/D49571
Extend malloc_usable_size() for contigmalloc; it seems the only
outside consumer is LinuxKPI ksize() which by itself has little to
no consumer either.
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Suggested by: jhb (see D46657)
Reviewed by: jhb, markj
Fixes: 9e6544dd6e
Differential Revision: https://reviews.freebsd.org/D49571
With mallocarray() we cannot guarantee that any size larger than
PAGE_SIZE will be contiguous. Switch kmalloc_array() and
kmalloc_array_node() to use __kmalloc()/lkpi___kmalloc_node() as their
underlying implementation which now does provide that guarantee.
Likewise adjust kcalloc_node() to use kmalloc_array_node().
This means we only have two (plain + _node) underlying allocation
routines for the entire category of functions.
Also adjust kvmalloc() and kvmalloc_array() to be a "mirrored"
implementation to their non-v counterparts. These may return
non-contiguous memory so can use malloc().
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: jhb
Extra thanks to: jhb for helping sorting this out
Differential Revision: https://reviews.freebsd.org/D46657
Move the implementation of print_hex_dump() into linux_compat.c as
lkpi_hex_dump() taking an extra function pointer and argument.
Add two internal wrappers for printf and sbuf_printf to get a common
function definition (sbuf_printf takes the extra argument).
Use these to implement print_hex_dump() and the newly added
seq_hex_dump().
This allows us to re-use the same implementation of print_hex_dump()
for both functions without duplicating the code.
Initial implementation: D49381 by dumbbell
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Reviewed by: dumbbell
Differential Revision: https://reviews.freebsd.org/D49637
Try to help people in TW to get onto 11ac as well by adding the missing
entries to regdomain.xml. Use at your own risk.
regdomain.xml is unmaintanable in the modern world with too many tiny
difference between countries. We'll need a different way to generate
this or a different representation long term.
Sponsored by: The FreeBSD Foundation
Reported by: lwhsu
Tested by: lwhsu
MFC after: 3 days
Reviewed by: lwhsu, adrian
Differential Revision: https://reviews.freebsd.org/D49776