Althought non-compliant, there are binaries which have the phdrs placed
unaligned in the image. Since we have the code to allocate memory for
off-page phdrs, the same code path can be used to handle unaligned
phdrs.
Relax the requirement for both the activated image and interpreter.
PR: 295629
Reviewed by: emaste, markj, olce
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57498
Two bugs in the firewire bus layer that affect all consumers (
if_fwip, sbp):
watchdog_clock was a static local in firewire_watchdog(), shared across
all firewire_comm instances. With two controllers (e.g. built-in +
Thunderbolt Display), both advance the same counter, so the second
controller's 15-second boot-time timeout guard expires prematurely.
fw_tl2xfer() released tlabel_lock before returning the xfer pointer.
Reviewed by: zlei, adrian
Differential Revision: https://reviews.freebsd.org/D57496
If a name token contains trailing garbage, error out from
krb5_gss_import_name() instead of crashing the process with an
assertion failure.
Commit message details obtained from upstream commit.
Obtained from: upstream commit 07818f1fd
Reported by: Aisle Research (Ze Sheng, Dmitrijs Trizna,
Luigino Camastra, Guido Vranken) to krb5-bugs
MFC after: 3 days
krb5 1.22.1 erroneously removed a check from get_negTokenResp() for
successful decoding of the mechListMIC field. Restore the check to
prevent a null pointer dereference.
Commit message details obtained from upstream commit.
Obtained from: Upstream commit 4ae75cded
MFC after: 3 days
A PPTP client sending a specially crafted PPTP message with a length
smaller than the already processed fixed header can panic the system.
This resultes in a negative remaining length (a large unsigned 16-bit
number).
Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li,
and Ke Xu from Tsinghua University using GLM-5.1 from
Z.ai
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D57383
When we undefer a packet (when the peer acks the state) it's possible
that we don't find a corresponding pfsync_deferral. We panic here, but
that's actually something that can happen in normal operation:
- if we have too many deferred packets already (in pfsync_defer())
- if the deferral timed out (in pfsync_defer_tmo())
Remove this panic and document the scenarios where it might occur.
MFC after: 2 weeks
Sponsored by: Orange Business Services
We have to switch back to the previous rule once the temporary
build fix has been replaced with a permanent fix.
PR: 295823
See also: 4996ebdb72
Reported by: siva
MFC after: 1 week
Add C23 sized deallocation entry points as thin wrappers around free(3).
Implementations may ignore size and alignment hints, so behaviour stays
correct for existing allocations without validating caller metadata yet.
When jemalloc is updated to 5.3.1, rewire these to je_free_sized() and
je_free_aligned_sized() so deallocation can use the allocator's sized
deallocation (free_sized for fast paths and free_aligned_sized for
correct aligned hints.)
Please note this change satisfies the standard interface only. Both
functions should be delegated to jemalloc after the upgrade so callers
get the intended allocator behaviour; until then, hints are unused and
neither sized nor aligned-sized deallocation optimizations apply.
Signed-off-by: Faraz Vahedi <kfv@kfv.io>
Reviewed by: fuz
Pull Request: https://github.com/freebsd/freebsd-src/pull/2201
MFC after: 1 month
Paul Zimmermann (of Core-Math and MPFR fame) graciously tested
the recently committed rsqrt[fl]() functions. He identified 127
incorrectly rounded values for rsqrtf() in round-to-nearest mode.
This patch fixes the rounding in RN. Exhaustive testing now shows
that rsqrtf() is corrected rounded for RN. He also tested rsqrt()
and rsqrtl() in the interval [1,4). Both appear to be correctly
rounded. Finally, the patch includes small changes to comments.
A concise list of changes is
* lib/msun/src/s_rsqrt.c:
. Fix comments.
* lib/msun/src/s_rsqrtf.c
. Fix comments.
. Exhaustive testing by Paul Zimmermann found 127 incorrectly
rounded values in round-to-nearests. These gave have the
form 0x1.13e07pN with N an odd integer. With this patch, all
values are now correctly rounded in round-to-nearest.
* lib/msun/src/s_rsqrtl.c
. Fix comments.
. Move all variable declarations to top of function and sort.
PR: 295706
MFC after: 1 week
Fixes: 3085fc9d97
A bug was discovered in the riscv64 assembly implementation of
this function. Fall back to the generic implementation until a
fix can be developed.
PR: 295823
Reported by: siva
MFC after: 1 week
Correctly declare vfs.zfs.metaslab.condense_pct
The following sysctls have moved to metaslab.c:
vfs.zfs.metaslab.df_alloc_threshold
vfs.zfs.metaslab.df_free_pct
vfs.zfs.metaslab.sm_blksz_no_log
vfs.zfs.metaslab.sm_blksz_with_log
Reported by: dim@FreeBSD.org
Remove stale and misleading XXX comments throughout firewire.c.
Most were from the original 2002 codebase and either described
correct behavior or noted aspirational improvements that never
happended.
Two actionable items retained as TODO: config ROM CRC validation
and pending xfer cleanup on detach.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57466
Wrap the if_input() call in fwe_as_input() with NET_EPOCH_ENTER/EXIT.
The network stack requires epoch protection when delivering packets
via if_input, and fwe was missing it.
Reviewed by: adrian
Differential Revision: https://reviews.freebsd.org/D57459
Expose metaslab_df_alloc_threshold and metaslab_df_free_pct as module
parameters on Linux, matching their existing FreeBSD sysctls.
Reviewed-by: Alexander Motin <alexander.motin@TrueNAS.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Christos Longros <chris.longros@gmail.com>
Closes#18632
Occasionally in the CI this test will fail because the parallel import
took longer than half of the serial time (but still less than the full
serial time). Increase the cutoff to 3/4 of the serial time to preserve
the intent yet try and avoid these false positive failures.
Reviewed-by: Chris Longros <chris.longros@gmail.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes#18634
Support for swapping out kernel stacks was removed, so the PHOLD has no
purpose. (And even before that, it's not clear why a swapout here would
have been problematic.)
Reviewed by: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D57486
Reported by: Yuxiang Yang, Yizhou Zhao, Ao Wang, Xuewei Feng, Qi Li, and Ke Xu from Tsinghua University using GLM-5.1 from Z.ai
Reviewed by: markj, bz, kp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57476
If pkg is installed, for each old library found to still be present,
check if any installed packages either provide or require the library,
and inform the user.
MFC after: 1 week
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D53977
Posts instance data (hostname, instance_id, public keys) to a URL
using fetch(1). Supports:
- url: target URL
- post: list of data items to send, or 'all'
- tries: number of retry attempts (default 1)
This resolves the following possible uninitialized variable warning
when building with --enable-code-coverage and gcc 8.5.0.
module/zfs/zil.c: In function ‘zil_parse’:
module/zfs/zil.c:549:47: warning: ‘end’ may be used uninitialized
in this function [-Wmaybe-uninitialized]
Reviewed-by: Alexander Motin <alexander.motin@TrueNAS.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes#18633
Check for tdvp being vp_crossmp. This cannot happen for the normal
rename cases, but could if the target path specified by the syscall
points to the nullfs mount over the regular file. In this case namei()
cannot step over crossmp, and keep it in ni_dvp.
Since crossmp VOP_GETWRITEMOUNT() returns NULL mp, we retry the locking
dance since the belief is that NULL return is transient.
PR: 295826
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57453
The vn_start_write() call there is already interruptible. Check for
user signals before restarting due to ERELOOKUP, or after failed
vn_start_write(). Note that vn_start_write(V_XSLEEP | V_PCATCH)
does not check for signals if not sleeping.
PR: 295826
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57453
Prior to this commit, we'd compute the page tables and have the last
entries point to the staging area. We'd then add some more metadata to
the image and boot. This assumed the staging area didn't need to move
for this last bit of data.
However, if we go over the staging limit, when we copyin new data, we
grow the staging area, usually be moving it to a lower address. This
overage usually happens when we're loading modules and so things work
out nicely. Sometimes we're close to the limit, and we need to do this
growing inside bi_load, after we've computed the page table, making the
page table wrong, and the code we jump to random rather than the btext
routine we normally start at.
To fix this, move computation of the table (but not its allocation) to
after bi_load, but before we call the trampoline.
This problem was most observed when loading microcode for many peole,
but Gleb reproduced the error with a set of modules that didn't include
ucode.
This bug hunt was greatly assisted by Claude who looked at the crash
from the EFI boot loader and surmised that we weren't jumping to the
code we thought we were jumping to. After inspecting the code, I asked
claude how corruption could happen (I thought overwriting the page
table), but claude notice the possibility that staging might change
after we computed the page table, and this fix is the result. Claude
didn't suggest a diff, but did provide many helpful clues that lead me
to this fix.
PR: 294630
Reviewed by: kib (prior version)
Sponsored by: Netflix
MFC After: insta per re@ request
Differential Revision: https://reviews.freebsd.org/D57462
This change refactors fatal error delivery via APEI and prints more info:
- Makes the NMI handler call into the ge handler to establish a common
code flow, no matter how the error is delivered
- Adds the FRU to the panic string so as to provide more information than
just "APEI Fatal Hardware Error!" such as
"APEI Fatal Hardware Error: PcieError"
- Prints more details about fatal pcie errors. Note that we skip acquiring
Giant on fatal errors
- Hexdumps the full GED data on fatal errors, so as to facilitate
offline data analysis
Reviewed by: imp
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D57417
This reduces the size of a trigger entry from 24 bytes to 16 (or from
12 bytes to 8 on 32-bit) with no additional complexity.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans, emaste
Differential Revision: https://reviews.freebsd.org/D57464
It was previously not possible to poll() or select() on the trigger
device, which made implementing proper signal handling in auditd
difficult.
MFC after: 1 week
Sponsored by: Klara, Inc.
Reviewed by: kevans, markj
Differential Revision: https://reviews.freebsd.org/D57457
powerpc is still relevant for lib32. powerpcspe cannot use lib32 so
remains removed.
Reported by: Minsoo Choo <minsoo@minsoo.io>
Reviewed by: Minsoo Choo <minsoo@minsoo.io>
Sponsored by: The FreeBSD Foundation
Fixes: 2ea49bb595 ("arch.7: Remove 32-bit powerpc from tables")
Differential Revision: https://reviews.freebsd.org/D57473
Add ATF regression tests for previously-fixed fts(3) bugs:
- PR 45723: directory with read but no execute is traversed via
FTS_DONTCHDIR fallback, not silently skipped
(commit 1e03bff7f2)
- PR 196724: FTS_SLNONE must not be returned for a non-symlink;
time-bounded race test runs for 1 second with concurrent
file creation/deletion
(commit bf4374c54589)
- PR 262038: readdir(2) errors produce FTS_DNR with fts_errno
set, not silently treated as end-of-directory
(commit 0cff70ca66)
- SVN r246641: normal traversal works correctly with O_DIRECTORY
fix in fts_safe_changedir()
(commit f9928f1705ee)
- SVN r261589: no crash when tree modified during traversal;
time-bounded race test runs for 1 second with concurrent
file creation/deletion
(commit c6d38f088e5c)
Sponsored by: Google LLC (GSoC 2026)
Reviewed by: asomers
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/2257