Because panic() does provide mechanism to have architecture specific
panic call, we can instruct it to print out stack trace too
(in hope we actually can print). While there, also implement simple
check to detect loop in trace.
illumos issue: https://www.illumos.org/issues/17887
We don't need any docs or examples in tree, as well
as any upstream-specific build infrastructure.
Differential Revision: https://reviews.freebsd.org/D55836
download.freebsd.org is backed by project mirrors and a CDN, which
should benefit most users.
Sponsored by: The FreeBSD Foundation
Reviewed by: delphij (releng)
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D54849
This is not a functional change, but it makes it more clear upon
inspection of the definition that the mapping property described is
preserved. Maybe more importantly, if one ends up getting an index
wrong or punching a hole in the name array unexpectedly, then it'll
hopefully manifest more clearly as a (null) or nullptr deref rather than
potentially just emitting the wrong namespace name.
It's noted that this almost certainly invalidates its use in C++, but
there aren't really any known C++ consumers of it- let's just cross
that bridge if we get there.
Reviewed by: kib, mckusick, rmacklem
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55323
We use -xattr in our openrsync tests for convenience, and it seems like
a good addition to FreeBSD. -xattr and -xattrname will both consult all
available namespaces by default, but -xattrname allows filtering by
namespace using a "user:" or "system:" prefix.
Inspired by: https://github.com/apple-oss-distributions/shell_cmds
Reviewed by: kib, rmacklem
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D55286
The 'simplification' commit referenced below actually broke one aspect
of MFD_HUGETLB: the caller isn't supposed to be required to specify a
size. MFD_HUGETLB by itself without a shift mask just requests a large
page, so we revert that part of memfd_create() back.
While we're here, fix up the related parts of the manpages a little bit,
since MFD_HUGETLB is actually supported. The manpage claims that we
would return ENOSYS if forced mappings weren't supported, but this was
actually not true. However, that seems like a very important
distinction to make between ENOSYS and EOPNOTSUPP, so fix the
implementation to match the docs.
Fixes: 8b8cf4ece6 ("memfd_create: simplify HUGETLB support [...]")
Reviewed by: kib, markj
Differential Revision: https://reviews.freebsd.org/D56114
This is purely a cosmetic change to make it a little easier on the eyes,
rather than jumping back to the else branch up top. Re-flow it to use
another loop on the outside and just inline the re-lock before we repeat
after awaking from fluxwait.
The !killkn path should maybe issue a wakeup if there's a thread in
KQ_SLEEP so that userland can observe the EOF, but this isn't a
practical problem today: pretty much every case of knlist_clear is tied
to a file descriptor and called in the close(2) path. As a consequence,
potentially affected knotes are almost always destroyed before we even
get to knlist_clear().
Reviewed by: kib, markj
Differential Revision: https://reviews.freebsd.org/D56226
Just copy over a timer and a write-filter, be sure that we can observe
both in the child. Maybe the timer should check for a minimum time
passed, but I don't know that we'd be likely to get that wrong.
This also adds a negative test with a kqueue that is *not* set for
CPONFORK being added to the first one, made readable, and confirming
that we don't see a knote for it in the child.
Some other improvements to the test noted in the review are planned in
the short term, but they're not particularly worth blocking adding this
as a basic sanity check.
Reviewed by: kib, markj
Differential Revision: https://reviews.freebsd.org/D56223
We'll subsequently just knote_free() since the knote is barely
constructed, but that bypasses any logic that might release references
on owned files/fops. Defer clearing those until the knote actually owns
them and update the comment to draw the line more clearly.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D56318
A new manpage and any associated links will be added in the next commit.
MFC after: 1 day (the security issues warrant a quick backport).
MFC with: 10a428653e
This change brings in version 3.5.6 of OpenSSL, which features
several security fixes (the highest of which is a MEDIUM severity
issue), as well as some miscellaneous feature updates.
Please see the release notes [1] for more details.
PS Apologies for the confusing merge commits -- I was testing out a
new automated update process and failed to catch the commit message
issues until after I pushed the change.
1. https://github.com/openssl/openssl/blob/openssl-3.5.6/NEWS.md
MFC after: 1 day (the security issues warrant a quick backport).
Merge commit 'ab5fc4ac933ff67bc800e774dffce15e2a541e90'
This is motivated by the following race in the ZFS zvol code.
When a zvol is created, we create a GEOM-backed zvol, which results in a
/dev/zvol/<zvol path> device file, created by GEOM::dev. If volmode=dev
is specified, zvol_set_volmode_impl() will wither the GEOM, then create
a device file with the same name. This sometimes fails because
g_wither_geom() is asynchronous, so we end up trying to create a device
file while the old one still exists. I want to fix this by adding a
g_waitidle() call to zvol_os_remove_minor().
g_waitidle() is not sufficient: GEOM::dev does not destroy the device
until g_dev_orphan() is called. (In fact the device destruction is
asynchronous too, but the delist_dev() call is sufficient to address
this race.) So, I propose modifying g_waitidle() to block until
orphaned providers are processed.
PR: 258766
Reviewed by: mav, imp, kib
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D55049
Add error numbers to the exit codes so that readers can decode them
without having to use a separate utility. Organize exits by error code.
Mark up the error constants with the error constant macro, even though
this is really not very helpful because people will search for the error
code, the macro is explicitly for the constants and not the codes.
While where, align and alphabetize the options list as well, fix
misaligned padding in an example, and a one-sentance-per-line error.
MFC after: 3 days
Reported by: Antranig Vartanian <antranigv@freebsd.am>
Differential Revision: https://reviews.freebsd.org/D48470
As soon as we need information from the hardware frame annotation to
make sure that checksums of the ingress frames were verified by the
DPAA2 HW, I've decided to make a preparation and extracted all of the
frame related routines into the separate dpaa2_frame.[h,c] along with
some clean up and improvements, e.g. no more dpaa2_fa, but dpaa2_swa
and dpaa2_hwa structures to describe software and hardware frame
annotations respectively, dpaa2_fa_get_swa/dpaa2_fa_get_hwa to obtain
those annotations from the frame descriptor. The next step is to
implement dpaa2_fa_get_hwa.
PR: 292006
Approved by: tuexen
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56315
* Use ourselves as test file instead of /COPYRIGHT, which may or may not
be present in the test environment.
* atf-check understands \n in strings, use it.
* Some file systems don't like creating small holes, so create large ones
instead. This means we need two variables: ps (page size) is the
minimum size of a data region and the alignment for a hole, while hs
(hole size) is the minimum size of the holes we create. This makes no
difference on FreeBSD but makes it easier to port the test to other
platforms.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D56304
We've compiled it since the LLVM 13 import in 2021, but for some reason
never exported it. A user of CheriBSD recently caused Morello LLVM to
emit a reference to it so finish the job and export it.
Reviewed by: dim, emaste
Fixes: 6e75b2fbf9 ("Merge llvm-project release/13.x llvmorg-13.0.0-rc1-97-g23ba3732246a")
MFC after: 1 week
Sponsored by: DARPA, AFRL
See also: https://github.com/CTSRD-CHERI/cheribsd/issues/2614
Differential Revision: https://reviews.freebsd.org/D56310
linprocfs_doauxv() allocates an automatic sbuf before validating
whether the requested read can be satisfied.
When the computed auxv read length exceeds IOSIZE_MAX, or when the
buffer length is too big, the function returns early without
releasing the sbuf.
Route these early exits through a shared cleanup path so the sbuf is
always deleted after sbuf_new_auto() succeeds.
Signed-off-by: Shunchao Hu <ankohuu@gmail.com>
Reviewed by: des, spmzt, zlei, aokblast
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/2118
This also adds the aarch64 symbols, exporting them.
Reported and tested by: fluffy
Reviewed by: emaste
Fixes: 3a01e1e1a5
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D56283
Add the tests/sys/arch directory for architecture-specific tests and
use it to add arm64 SVE tests. These test the kernel is managing the
SVE state in a way we expect.
These tests require SVE hardware support to run so will skip when they
can't detect it.
Reviewed by: markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D43311
- When allocating a page, we should only consider the PG_ZERO flag when
handling the top-level page.
- Unconditionally reset the flag when restarting the fault handler.
Previously, vm_fault_busy_sleep() would fail to reset it.
PR: 294039
Reviewed by: kib
Tested by: Peter Much <pmc@citylink.dinoex.sub.org>
MFC after: 3 days
Fixes: cff67bc43d ("vm_fault: only rely on PG_ZERO when the page was newly allocated")
Differential Revision: https://reviews.freebsd.org/D56234
Commit a223d6c489 made most of the ip6_mroute state per-VNET, but
failed to do this for a couple of counter structures. Make them
per-VNET too.
Reported by: zlei
Reviewed by: pouria, zlei
Fixes: a223d6c489 ("ip6_mroute: Start putting global variables into a structure")
Differential Revision: https://reviews.freebsd.org/D56253
In the sb == NULL case, we are computing the size of the note using a
dummy sbuf drain handler which counts bytes and discards the contents of
the buffer, so the fact that "structsize" is uninitialized doesn't
matter. But, the compiler may complain about this, so we might as well
just initialize it unconditionally to silence the warning, as other
handlers already do.
PR: 292811
MFC after: 1 week
The unit tests are patterned after those for memrchr().
This catches the issue found in 293915.
PR: 293915
Reviewed by: strajabot
Reported by: safonov.paul@gmail.com
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D56037
This allows something like the following local.lua to install a filter
to implement its own notion of hidden BEs using a naming convention of
a leading dot to hide them:
-- file: /boot/lua/local.lua
local core = require("core")
local function be_hide(be)
if core.isSingleUserBoot() then
-- All BEs are accepted for single-user
return true
end
local name = be:match("/([^/]+)$")
if not name then
-- Accept malformed BEs, for whatever reason
return true
end
return name:match("^%.") == nil
end
if core.bootenvFilter then
-- Just in case we need to be compatible with older versions of
-- core.lua without the filtering functionality.
core.bootenvFilter(be_hide)
end
-- EOF
Requested by: Marek Zarychta
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D55359
* The f_flag test may fail if a component of the full path to the
temporary directory is a symbolic link.
* The n_flag test had an empty head; give it a description.
* Use consistent quoting.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D56293
Enable macros and includes by default as this is breaking package
building on HEAD. libucl 0.9.3 by default changed the behavior of
includes and macros. These were previously enabled but it switched to
disabled which breaks the package building in HEAD. This is a temporary
workaround for now to fix the package building specially for
releng/15.0. This might be reverted post EOL of 15.0 in the coming
months.
Reported by: ivy
Fixes: abda442d92 ("contrib/libucl: Import libucl 0.9.3")
Tested by: ivy
Approved by: ivy, kevans
Differential Revision: https://reviews.freebsd.org/D56294
sizeof(*sc->sc_ipimasks) * mp_maxid + 1 is parsed as
(sizeof(*sc->sc_ipimasks) * mp_maxid) + 1, so the buffers were one byte
short of a full (mp_maxid + 1) element count. Multiply by (mp_maxid + 1)
for sc_ipimasks and sc_cpuids.
Signed-off-by: Weixie Cui <cuiweixie@gmail.com>
Reviewed-by: kevans, ngie
Pull-Request: https://github.com/freebsd/freebsd-src/pull/2112
This change adds OpenSSL 3.5.6 from upstream [1].
The 3.5.5 artifact was been verified via PGP key [2] and by SHA256 checksum [3].
This is a security release, but also contains several bugfixes.
More information about the release (from a high level) can be found in
the release notes [4].
1. openssl-3.5.6.tar.gz
2. openssl-3.5.6.tar.gz.asc
3. openssl-3.5.6.tar.gz.sha256
4. https://github.com/openssl/openssl/blob/openssl-3.5.6/NEWS.md
Move is_restricted_var() to libsa/environment.c so it can be leveraged
by boot_setenv called from subr_boot with not truted input.
Also, allow for local tuning via ENV_IS_RESTRICTED_ALLOWED_LIST and
ENV_IS_RESTRICTED_LIST
Sponsored by: Hewlett Packard Enterprise Development LP.
Reviewed by: kevans, imp
Differential Revision: https://reviews.freebsd.org/D56287
Commit 8b9775912c added support for an NFSv4 mounted
root file system, but only if the NFSv4 configuration
used id numbers in the strings.
This patch adds support for the case where the NFSv4
configuration uses name<-->id mappings via nfsuserd(8)
by priming the mapping cache with just enough entries
so that it works until the nfsuserd(8) is running.
They are listed in nfs_prime_userd[] in
sys/fs/nfs/nfs_commonsubs.c.
The entries in nfs_prime_userd[] are also wired into
the kernel's cache for name<-->id mappings when nfsuserd(8)
starts up. This is necessary, since an upcall to the
nfsuserd(8) daemon for a mapping when looking up the
path to the passwd/group database files (/etc) will
hang the system, due to a vnode lock being held on
the entry in the path which blocks nfsuserd(8) from
accessing files.
To enable this case, the following must be put in the
NFS root file system's /boot/loader.conf:
boot.nfsroot.options="nfsv4"
boot.nfsroot.user_domain="<user.domain>"
where <user.domain> must be the same as nfsuserd
uses (usually set via the -domain flag).
If boot.nfsroot.user_domain does not exist or is
the empty string, ids is strings is configured.
MFC after: 1 week
Requested by: Dan Shelton <dan.f.shelton@gmail.com>
Fixes: 8b9775912c ("nfs_diskless: Add support for an NFSv4 root fs")
I think this is cleaner than playing around with return values.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D56264
These still haven't been implemented by the original author, and there
doesn't seem to be much use for them anyway.
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D56239
This change adds the ability to examine the contents of multicast
routing tables for other FIBs without the need for executing
`netstat` with `setfib(1)`.
MFC after: 3 days
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D56205
Reviewed by: glebius, markj, zlei