Merged
Conversation
Sponsored by: The FreeBSD Foundation MFC after: 3 days
Sponsored by: The FreeBSD Foundation MFC after: 3 days
The dbm(3) manpage explicitly states that O_WRONLY is not allowed in dbm_open, but a more recent comment in ` __hash_open` suggests otherwise. Furthermore, POSIX.1 allows O_WRONLY in dbm_open and states that the underlying file must be opened for both reading and writing. Fix this by correcting the O_WRONLY check and moving it further into the function to make sure that the original flags are stored in hashp. Sponsored by: Klara, Inc. Reviewed by: markj Differential Revision: https://reviews.freebsd.org/D51514
Rename ID_AA64MMFR0_ECV_CNTHCTL to ID_AA64MMFR0_ECV_POFF as this is the field value when FEAT_ECV_POFF is implemented. Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D51370
Sponsored by: Arm Ltd Differential Revision: https://reviews.freebsd.org/D51376
This reverts commit 55e0aef.
Reported by: fluffy PR: 288550
Co-authored-by: Emmanuel Vadot <manu@FreeBSD.org> Reviewed by: bapt, wulf Relnotes: Yes Sponsored by: Beckhoff Automation GmbH & Co. KG Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D45659
Sponsored by: Google, LLC (GSoC 2025) MFC after: 2 weeks Reviewed by: asomers Pull Request: #1770 Relnotes: yes
There is no reason to change the font in order to select a keymap or a font. This was done in the syscons(4) era to ensure that a font with the appropriate character set was used for kbdmap or vidfont's localized menu, but vt is always UTF-8 and this is no longer necessary. PR: 235565 Reviewed by: imp Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D51640
Use bool for isrmdir argument to ufs_dirremove()/softdep_setup_remove()/newdirrem(), where it is used as bool. Use u_int for isrmdir argument to ufs_dirrewrite()/softdep_setup_directory_change() where it is 0/1/ino. Without the change to unsigned, the if (isrmdir > 1) test is broken on volumes with many inodes. Use newparent instead of isrmdir for the argument name in this case. Reviewed by: markj, olce Tested by: pho Fixes: 610319c Fixes: 98eb6f0 Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D51617
Fixes: aa42e49 Reported and tested by: olivier Reviewed by: alc, markj Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D51636
This package has been newly split off during man page reorganization and should be considered part of the "base" component rather than being ignored. Update pkgbase release and bsdinstall scripts for this change. Reviewed by: ivy Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D51519
Add a test to verify swapon's behavior when attaching to media that's too small. This also adapts existing tests to accommodate kernel page sizes larger than the default 4KB. Approved by: kib, chs (previous version) Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D51641
Enabling and disabling LLVM assertions changes the ABI. There have been multiple reports on the freebsd-current@ mailing list of broken 'cc'. Out of caution, you may wish to do a clean build while crossing this commit after building the reverted commit if you do not set LLVM_ASSERTIONS in your src.conf. Discussed with: kevans, jrtc27 This reverts commit 9b3055d.
It is known that nvidia modules, like the drm modules that are already present, will panic if loaded in early boot rather than later. Pop them into our list to deny loading them if someone were to add, e.g., nvidia-modeset_load="YES", to their loader.conf. This doesn't prevent them from being loaded if one drops to the loader prompt, but it does prevent the standard user from easy foot-shooting if they find old or inaccurate information out in the wild. Reviewed by: imp, kbowling MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D51644
This is the (mostly) kernel side of de-conflating cr_gid and the supplemental groups. The pre-existing behavior for getgroups() and setgroups() is retained to keep the user <-> kernel boundary functionally the same while we audit use of these syscalls, but we can remove a lot of the internal special-casing just by reorganizing ucred like this. struct xucred has been altered because the cr_gid macro becomes problematic if ucred has a real cr_gid member but xucred does not. Most notably, they both also have cr_groups[] members, so the definition means that we could easily have situations where we end up using the first supplemental group as the egid in some places. We really can't change the ABI of xucred, so instead we alias the first member to the `cr_gid` name and maintain the status quo. This also fixes the Linux setgroups(2)/getgroups(2) implementation to more cleanly preserve the group set, now that we don't need to special case cr_groups[0]. __FreeBSD_version bumped for the `struct ucred` ABI break. For relnotes: downstreams and out-of-tree modules absolutely must fix any references to cr_groups[0] in their code. These are almost exclusively incorrect in the new world, and cr_gid should be used instead. There is a cr_gid macro available in earlier FreeBSD versions that can be used to avoid having version-dependant conditionals to refer to the effective group id. Surrounding code may need adjusted if it peels off the first element of cr_groups and uses the others as the supplemental groups, since the supplemental groups start at cr_groups[0] now if &cr_groups[0] != &cr_gid. Relnotes: yes (see last paragraph) Co-authored-by: olce Differential Revision: https://reviews.freebsd.org/D51489
I meant to review the diff again to make sure that __FreeBSD_version had not progressed in the interim, but failed to do so- belatedly bump it for a struct ucred ABI change. Fixes: be1f743 ("kern: start tracking cr_gid outside of [...]")
Failing to reset the cookie between messages can lead to an attempt to interpret a zeroed buffer as a struct nlattr, causing a length calculation to underflow, resulting in a memcpy() call where the length exceeds the actual size of the buffer. MFC after: 1 week PR: 283797 Reviewed by: glebius Differential Revision: https://reviews.freebsd.org/D51634
PR: 288564 Fixes: 4b02ad9 ("style.9: Add a C++ section") Sponsored by: The FreeBSD Foundation (commit)
tcp_tv_to_usectick(), tcp_tv_to_mssectick(), and tcp_tv_to_lusectick() are not related to ticks. Therefore remove the trailing 'tick'. No functional change intended. Reviewed by: tuexen MFC after: 1 week Sponsored by: Netflix, Inc.
Don't use ticks in variable names or constant when they don't have a relation to ticks. Use slots or usecs. No functional change intended. Reviewed by: tuexen MFC after: 1 week Sponsored by: Netflix, Inc.
Cleanup tcp_hpts.h by * move definition used only in tcp_hpts.c to that file * fix a typo * remove duplicate declarion of tcp_min_hptsi_time * rearange declarations for simpler reading Approved by: tuexen MFC after: 1 week Sponsored by: Netflix, Inc.
…atabase POSIX.1 states that `dbm_nextkey` must return an invalid key (i.e., `key.dptr == NULL`) after the end of the database was reached. The current implementation of `hash_seq` will incorrectly restart the key sequence after the end of the database is reached. Fix this by checking the "current bucket" index when R_NEXT is passed. Sponsored by: Klara, Inc. Differential Revision: https://reviews.freebsd.org/D51635 Reviewed by: markj
sys_aio_cancel() loops over pending jobs for the process, cancelling some of them. To cancel a job with a cancel callback, it must drop the job list mutex. It uses flags, KAIOCB_CANCELLING and KAIOCB_CANCELLED, to make sure that a job isn't double-cancelled. However, when iterating over the list it uses TAILQ_FOREACH_SAFE and thus assumes that the next job isn't going to be removed while the lock is dropped. Of course, this assumption is false. We could simply start search from the beginning after cancelling a job, but that might be quite expensive. Instead, introduce the notion of a marker job, used to keep track of one's position in the queue. Use it in sys_aio_cancel() to resume iteration after a job is cancelled. Reported by: syzkaller Reviewed by: kib, jhb MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D51626
acpi_check_dsm() and acpi_evaluate_dsm_typed() take a guid_t argument and not a char *. For in-tree Linux based drivers this leads to a compile error due to a warning. Fix the function argument type and cast internally. While this made the long statements in the wrapper functions for *_dsm_* even less readable split them up using a local variable. Sponsored by: The FreeBSD Foundation MFC after: 3 days Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D51649
In some blocks of #defines spacing, trailing \ and indentation of a second line differed. Some of them are currently fine on a single line but future additions may not fit in that scheme. Harmonize them into a #define X\t\t\t...\\n<4 spaces>Y scheme. No functional changes. Sponsored by: The FreeBSD Foundation MFC after: 3 days Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D51650
We have an explicit __sym_compat() entry for the legacy implementation. Fixes: 7381dcc Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D51701
This function has been an empty stub for years; now that we're bumping the library version, we can finally get rid of it. Fixes: 0c381b7 Reviewed by: kib, emaste Differential Revision: https://reviews.freebsd.org/D51704
This reverts commit d5ec971. The commit broke the build. Reported by: des
Include errors common to chroot and fchroot in a single list, followed by errors unique to each. Unprivileged chroot is permitted if the security.bsd.unprivileged_chroot sysctl is set to 1. Make note of this and update the EPERM description. Reported by: kevans Reviewed by: kevans, kib Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D51703
…PRIVS The flag is write-only, and if we raced with reading the action of setting the flag, we can as well get it under the lock. Reviewed by: emaste, kevans Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D51708
Reviewed by: emaste, kevans Sponsored by: The FreeBSD Foundation Differential revision: https://reviews.freebsd.org/D51708
* Add and document a -d option which enables rc script debugging. * Sort and document existing options correctly. MFC after: 1 week Reviewed by: imp, emaste Differential Revision: https://reviews.freebsd.org/D51700
Reformat if_eqos.c to make it easier to follow and closer to style(9). No functional changes. Reviewed by: fuz@ MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D51693
This fixes an early KASAN initialization panic in pmap_san_enter_early_alloc_4k, when a non-default value is specified for KSTACK_PAGES in the build config file. Sponsored by: Juniper Networks, Inc. MFC after: 7 days Reviewed by: des, markj Differential Revision: https://reviews.freebsd.org/D51709
The current incarnation of execvPe() is a bit messy, and it can be
rather difficult to reason about whether we're actually doing the right
thing with our errors. We have two cases in which we may enter the loop:
1.) We have a name that has no slashes in it, and we enter the loop
normally through our strsep() logic to process $PATH
2.) We have a name with at least one slash, in which case we jump into
the middle of the loop then bail after precisely the one iteration
if we failed
Both paths will exit the loop if we failed, either via jumping to the
`done` label to preserve an errno or into the path that clobbers errno.
Clobbering errno for case #2 above would seem to be wrong, as we did not
actually search -- this would seem to be what POSIX expects, as well,
based on expectations of the conformance test suite.
Simplify reasoning about the two paths by splitting out an execvPe_prog
that does the execve(2) call specifically, and returns based on whether
the error would be fatal in a PATH search or not. For the
relative/absolute case, we can just ignore the return value and keep
errno intact. The search case gets simplified to return early if
we hit a fatal error, or continue until the end and clobber errno if
we did not find a suitable candidate.
Another posix_spawnp() test is added to confirm that we didn't break our
EACCES behavior in the process.
Reviewed by: des, markj
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D51629
Highlights:
- Pull resolve_user() and resolve_group() out to make the main flow
a bit easier to read
- Fix some edge-cases in user/group resolution: you can have fully
numeric usernames, and they may or may not live within the valid
ID range. Switch to just trying to resolve every specified
group/user as a name, first, with a fallback to converting it to a
numeric type and trying to resolve it as an ID.
- Constify locals in main() that don't need to be mutable, re-sort
Reviewed by: emaste, olce
Differential Revision: https://reviews.freebsd.org/D51509
This is mostly for better readability when we need to resolve what opcode corresponds to specific number. Obtained from: Yandex LLC Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D51457
tablearg value is determined after making table lookup. When we applying rule action that uses dynamic state, such lookup was not done and thus rule action can not determine what table and what value should be used as tablearg. To prevent this add check for such rules and return error when they are added. Obtained from: Yandex LLC Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D51458
When parent rule of dynamic state is deleted and net.inet.ip.fw.dyn_keep_states is enabled, dynamic states are kept working and such states are called ORPHANED. Orphaned states still keep pointer to original parent rule. And in case when rule action is skipto this can lead to unpredictable consequences. To avoid this problem add special handling for skipto action when we have found ORPHANED state. Check that new rule has the same opcode and skipto number for O_SKIPTO rule action. Obtained from: Yandex LLC Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D51459
Fixes: 2e0caa7 ("libutil: Really fix expand_number(3)")
When we have enabled V_dyn_keep_states, states that become ORPHANED will keep pointer to original rule. Then this rule pointer is used to apply rule action after ipfw_dyn_lookup_state(). Some rule actions use IPFW_INC_RULE_COUNTER() directly to this rule pointer to increment rule counters, but other rule actions use chain->map[f_pos] instead. The last case leads to incrementing counters on the wrong rule, because ORPHANED states have not parent rule in chain->map[]. To solve this we add protected rule, that will be matched only by packets that are handled by ORPHANED states. This is `count' rule that is prior to the default rule: 65535 count ip from any to any not // orphaned dynamic states counter Obtained from: Yandex LLC Sponsored by: Yandex LLC Differential Revision: https://reviews.freebsd.org/D51460
Fixes: 287451f MFC after: 1 week Reviewed by: pauamma_gundo.com, emaste Differential Revision: https://reviews.freebsd.org/D51705
MFC after: 1 week Reviewed by: olce, imp, emaste Differential Revision: https://reviews.freebsd.org/D51706
It is easy to forget to configure DEBUG_VFS_LOCKS, and when one does, no vnode lock assertions are checked when INVARIANTS is configured, so bugs can arise. This has happened to me more than once, and the overhead over DEBUG_VFS_LOCKS does not appear to be high enough to prohibit folding it into INVARIANTS, so let's do that. The change makes vnode lock assertions useful in plain INVARIANTS kernels, and guards VOP debug routines on INVARIANTS rather than DEBUG_VFS_LOCKS. Further, invariants are now checked by plain assertions rather than having various sysctls to finely control what happens the checks fail. The extra complexity didn't seem particularly useful and is at odds with how we handle debugging most everywhere else. Reviewed by: kib MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D51402
All of these assertions can reasonably be checked when plain INVARIANTS is configured, there's no need to configure a separate option. Reviewed by: olce, imp, kib MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D51696
This assertion can reasonably be checked when plain INVARIANTS is configured, there's no need to configure a separate option. Reviewed by: kib MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D51697
We can assert that a vnode lock is held whenever INVARIANTS is configured. Reviewed by: kib MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D51698
This assertion can reasonably be checked when plain INVARIANTS is configured, there's no need to configure a separate option. Reviewed by: kib MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D51699
vlanfilter was originally a per-interface flag to allow more flexible configurations where some interfaces had VLAN filtering enabled and some didn't. In practice, this just makes the configuration more confusing without any real benefit, so remove it, and make vlanfilter a bridge flag instead. Add a new bridge option "defuntagged", which sets the automatically assigned PVID for new members. If set to 0 (the default) then no PVID is assigned, which matches the current behaviour. While here, add some more atf_checks to the bridge VLAN tests to make debugging easier. Differential Revision: https://reviews.freebsd.org/D51600
This trips the gcc build in kadm5/srv/svr_principal.c:
/home/ivy/src/bsd/gcc/crypto/krb5/src/lib/kadm5/srv/svr_principal.c: In function 'apply_keysalt_policy':
/home/ivy/src/bsd/gcc/crypto/krb5/src/lib/kadm5/srv/svr_principal.c:208:14: error: argument 1 range [2147483648, 4294967295] exceeds maximum object size 2147483647 [-Werror=alloc-size-larger-than=]
208 | subset = calloc(n_ks_tuple, sizeof(*subset));
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Differential Revision: https://reviews.freebsd.org/D51577
Now that rc.subr(8) no longer depends on sysrc(8), bsdconfig does not need to be part of -utilities. Move it to a -bsdconfig package. Differential Revision: https://reviews.freebsd.org/D51543
Otherwise, this breaks the clang build.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.