* pipebuf is a size but is listed as a count
PR: 295623
MFC after: 1 week
Fixes: f54f41403d ("usr.bin/limits: support RLIMIT_PIPEBUF")
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D57456
Commit 4d80d4913e fixed a long standing bug in the recovery
code. However. glebius@ reported seeing multiple
recovery cycles with this patch during an NFSv4.1/4.2
server reboot.
This commit should minimize the risk of multiple
recovery cycles.
PR: 294925
Reported by: Jov <amutu@amutu.com>
MFC after: 2 weeks
Fixes: 4d80d4913e ("nfs: Fix argument typo to avoid a crash")
Some of our random write benchmarks on a fragmented pool show that
single-threaded portion of sync process (txg_sync_thread) can use
up to 45% of CPU time. Most of it is consumed by metaslab_sync()
and metaslab_sync_done(), during which time the pool is not doing
anything else.
While metaslab_sync() is not trivial to parallelize due to having
single spacemap log, metaslab_sync_done() is doing only per-metaslab
accounting and they can run in parallel. Even better, we can run
them while waiting for vdev label update and cache flush I/Os.
With this patch on my test system similar test randomly writing 12
100GB files with 4KB blocks shows IOPS increase from 176K to 220K.
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Alexander Motin <alexander.motin@TrueNAS.com>
Closes#18622
Add missing SSH cloud-config options from cloud-init spec:
- ssh_deletekeys: remove existing SSH host keys on first boot so
new ones are generated automatically by sshd(8).
Implemented as delete_ssh_host_keys() in nuage.lua using lfs.dir()
with a directory existence guard via lfs.attributes().
- disable_root: set PermitRootLogin to 'no' (or a custom value via
disable_root_opts) in /etc/ssh/sshd_config.
- disable_root_opts: optional string or array to override the
PermitRootLogin value used when disable_root is true. Only the
first array element is used.
Replace goto next/list pattern with proper elseif/else control
structure. The goto-based flow was fragile and hard to follow;
the elseif chain makes the validation logic explicit and linear.
Previously update_sshd_config() would assert-fail if sshd_config did
not exist. Now it creates a new file with the given key/value.
Also replace the fragile simultaneous r+ + temp file approach with
a cleaner read-then-write pattern: read all lines into memory, modify
as needed, then write to a temp file and rename. All assert() calls
replaced with proper error handling via warnmsg().
Add test case for missing file creation.
Replace check-then-create patterns with direct creation:
- addsshkey: check what exists before creation, use mkdir_p() for
.ssh directory, handle errors with warnmsg() instead of assert().
Apply chmod/chown only on newly created files/directories.
- adddoas: same pattern for doas.conf and the etc directory.
- addsudo: same pattern for the sudoers file and sudoers.d directory.
All three functions now use warnmsg() for error handling instead of
returning nil,err or using assert().
- f:close(cmd) -> f:close() in adduser() and exec_change_password():
the 'cmd' argument is not standard Lua and is silently ignored.
- Remove dead 'precmd' variable in adduser().
Validate hostnames before writing them:
- Reject empty hostnames
- Reject hostnames longer than 253 characters
- Reject hostnames with invalid characters
- Reject hostnames starting or ending with dot/hyphen
- Reject labels longer than 63 characters
- Reject labels starting or ending with hyphen
Expand the sethostname test to cover all rejection cases.
Update nuage.sh sethostname_body to ignore stderr (warnings).
The caller wants the parent vnode, which cannot be provided for emptypath
lookups.
Reported and reviewed by: markj
Fixes: 12c590a9ab ("bindat(2)/connectat(2): allow implicit EMPTYPATH for unix domain sockets")
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D57448
The main change is switching `unit-coverage` to run
scripts/coverage_report.pl, to get nice coverage summary output on the
commandline. The previous behaviour moves to `unit-coverage-html`.
Calls to lcov and genhtml are now silencing more warnings, and the
output file now gets branch coverage as well.
This should be compatible with both lcov 1.x and 2.x. It takes advantage
of the fact that 1.x is far more forgiving of both options it doesn't
understand, and of various kinds of "inconsistency" in the input data.
The rest is both simplifying and improving the rules. We keep the
coverage output around now, but still rebuild it if the binary changes.
The `clean` target now removes the coverage output too. And we use the
target name more often for building path names, as its far less noisy.
Sponsored-by: TrueNAS
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Rob Norris <rob.norris@truenas.com>
Closes#18619
Instead of performing multiple operations on the path name in
zfs_key_config_modify_session_counter() open the file once and
perform the fchown, fchmod, and openat on the open file handle.
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes#18618
This is useful for driving BE changes from the loader command prompt,
rather than having to use the menu. Note that the active carousel in
the boot environment carousel doesn't currently reflect a switch in
boot environments done this way- I'm considering this only a minor bug,
as you probably can't or won't go back to the menu if you're using these
commands.
Reviewed by: imp (previous version)
* Move settings duplicated in libarchive, bsdcat, bsdcpio, bsdtar, and
bsdunzip into libarchive's Makefile.inc.
* Drop some CFLAGS that merely duplicated some of the contents of our
platform configuration header.
MFC after: 1 week
Reviewed by: mm
Differential Revision: https://reviews.freebsd.org/D57307
style(9) still allows TAB after #define but this is a historical
artifact and by far the minority of uses cases. Going forward, we would
like to promote the use of a single space, as it allows alignment to
survive line prefixing (such as in diffs).
style(9) also has prescribed a single space between '#else' or '#endif'
and a comment recalling the guard since 2002.
So, commit 157c184689 ("assert.h: Remove leading tabs for whitespace
consistency") was good, and in line with rules about whitespace changes
(since the file was heavily modified by surrounding commits).
This commit is thus basically a revert of 439710cf00 ("assert.h:
Revert "Remove leading tabs for whitespace consistency"), which extended
replacing spaces with TABs in the code introduced in the meantime (after
commit 157c184689).
Reviewed by: fuz, imp
Fixes: 439710cf00 ("assert.h: Revert "Remove leading tabs for whitespace consistency")
MAC after: 3 days
Differential Revision: https://reviews.freebsd.org/D57391
Since IPv6-only setups are becoming more common, and IPv6
connectivity is often sufficient for tasks such as DNS
resolution and NTP time synchronization, update defaultroute
rc.d script to support IPv6-only environments.
Reviewed by: pouria, ae
Differential Revision: https://reviews.freebsd.org/D56797
Since IPv6-only setups are becoming more common, and IPv6
connectivity is often sufficient for tasks such as DNS
resolution and NTP time synchronization, update defaultroute
rc.d script to support IPv6-only environments.
Reviewed by: pouria, ae
Differential Revision: https://reviews.freebsd.org/D56797
Specifically on the RPi CM4, we currently don't set the controller up
right and it never moves into the ready state (we don't observe the link
active bit). Failure to cleanup here actually results in a panic not
long after, due to a use-after-free in the rman bits. Further down in
pci_host_generic, we have some rman stashed in the softc that are
initialized and placed onto the rman tailq, then the softc is later
freed without an rman_fini() to pull them off of the tailq properly.
Note that PCIe on this board won't come up at boot without something
plugged in, so it currently can't be booted with an empty slot with the
intent to hotplug a supported card. Some issues with controller startup
have been observed with Broadcom NICs in the wild, but no problems have
been observed with other NICs and a variety of different PCIe cards.
Shout-out to Vince <git@darkain.com> for the extensive debugging and
analysis to arrive at this conclusion.
Reviewed by: andrew, imp
Differential Revision: https://reviews.freebsd.org/D56897
If device_attach() fails, we're expected to actually cleanup after
ourselves because device_detach() will not be called. Factor out the
cleanup bits that don't rely on attach having actually succeeded so
that we can cleanup properly in bcm2838_pci.
Reviewed by: andrew, imp
Differential Revision: https://reviews.freebsd.org/D56896
For symmetry with ofw_bus_setup_iinfo, the next commits will use it to
properly cleanup on failure in bcm2838_pci.
Reviewed by: andrew
Differential Revision: https://reviews.freebsd.org/D56895
Without this patch, the NFSv4.1/4.2 pNFS server configuration
did not support striping. This was mainly because the Linux
client driver did not support it either. The Linux client
driver for Flexible File layout does now support striping.
(Linux kernel version 6.18 or newer)
As such, this patch adds striping support. The configuration
is currently just two new sysctls called
vfs.nfsd.pnfsstripeunit - Size (in bytes) of a stripe
vfs.nfsd.pnfsstripecnt - # of DSs to stripe across
A setting of 0 for the first sysctl and 1 for the second
disables striping. A patch that allows use of a different
striping configuration for each exported MDS file system
is planned for the future.
The pnfsdscopymr may be broken by this patch, but since
no one reported that they were actually using a pNFS server
configuration, I do not believe that will be a problem at
this time.
Until the FreeBSD NFSv4.1/4.2 client is patched to handle
striped flexible file layouts, mounts to a striped pNFS
configuration must be done without the "pnfs" mount option.
(Linux systems with a kernel version of 6.18 or newer
should be able to handle a striped pNFS configuration.)
Future patches that convert the pNFS server to a
"loosely coupled" configuration (which allows the use
of non-FreeBSD servers as DSs) are anticipated.
Include <linux/types.h> for `false`. This is needed by amdgpu somewhere
between Linux 6.12 and 6.15.
Reviewed by: Minsoo Choo <minsoo@minsoo.io>, bz
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57415
Cause a write error using a fifo and wait, rather than needing a sleep
to wait for something to terminate. This is faster and avoids a
potential test failure on a heavily loaded system.
Using /dev/full would be simpler, but it is not portable enough (it
tends not to be available in jails, even). Starting programs with stdout
not open or only open for read/execute/search may have unexpected side
effects.
Reviewed by: ngie, des
Differential Revision: https://reviews.freebsd.org/D57213
When zc->zc_cookie is set this indicates to zfs_ioc_set_prop() that
these are received properties and ZPROP_HAS_RECVD will be set on the
dataset. This is only done as part of a `zfs receive` so additionally
apply the zfs_secpolicy_recv() policy. Individual property checks
continue to be handled by zfs_check_settable().
Reviewed-by: Tony Hutter <hutter2@llnl.gov>
Reviewed-by: Alexander Motin <alexander.motin@TrueNAS.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes#18617
After git commit c8d40bf8ec, if fd 0 was
not open, it is left with CLOEXEC set and therefore fails. This is an
unlikely situation, but fixing it reduces the size of the code (by using
posix_spawn_file_actions_adddup2's special case if the two file
descriptor numbers are the same).
At the same time, check the error code from
posix_spawn_file_actions_adddup2.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D56910
The five link flags get lost in prose.
Reviewed by: ziaee
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57418
Since the File 4.1 layout is only supported by some
large configurations of Netapp Filers, switch the client
pNFS code to attempting to use Flexible File Format first.
File 4.1 Layout should still work for any servers that do
no support Flexible File Layout.
The problem is that THUNDERBOLT_DEBUG triggers the use of some
variables, but it is independent of INVARIANTS and the variables it uses
were tagged with '__diagused'.
Fix this by using '__maybe_unused' in those places.
Fixes: 1836330791 ("thunderbolt: make code -Wunused clean")
Fixes: 886164895f ("amd64: complete thunderbolt KERNCONF integration")
Sponsored by: The FreeBSD Foundation
Cannot strip the target if creating a link.
Reviewed by: des
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D57398