This is a compromise between POLA and practical reasoning. We don't
want to block the main server loop in an attempt to resolve. But we
need to keep the format of the logged message as is, for sake of
sshguard and other scripts. So let's print just the IP address twice,
this is what libwrap's refuse() would do if it failed to resolve.
Reviewed by: philip
PR: 269456
Differential revision: https://reviews.freebsd.org/D40069
sshd: remove unneeded initialization of libwrap logging severities
This part of ca573c9a177 proved to be unnecessary. As the removed
comment says, we set them merely for logging syntax errors, as we log
refusals ourselves. However, inside the libwrap the parser logs any
syntax errors with tcpd_warn() which has hardcoded LOG_WARNING inside.
Rick Macklem [Sun, 3 Dec 2023 23:31:01 +0000 (15:31 -0800)]
nfscl: Fix processing of a rare Rename reply case
When delegations are enabled (they are not by default in
the FreeBSD NFSv4 server), rename will check for and return
delegations. If the second of these DelegReturn operations
were to fail (they rarely do), then the code would not retry
the rename with returning delegations, as it is intended to do.
The patch fixes the problem, since the DelegReturn reply status
is the second iteration of the loop and not the first iteration.
As noted, this bug would have rarely manifested a problem, since
DelegReturn operations do not normally fail.
Kyle Evans [Sun, 26 Nov 2023 04:27:11 +0000 (22:27 -0600)]
lockf: switch to strtonum() for parsing timeout
Convert waitsec to a long long to be able to hold the full domain of
alarm(3) timeout on all platforms, and let strtonum(3) handle the input
validation. strtonum(3) also happens to provide a neater interface for
error handling, and it already includes our pre-existing empty input
check.
Alexander Melkov [Wed, 22 Nov 2023 04:46:28 +0000 (22:46 -0600)]
lockf: don't hold stdin/stdout/stderr open
None of these are essential in the lockf monitor (parent post-fork), so
close them to maintain the illusion that lockf hasn't been inserted into
the pipeline. This ensures that the correct effects happen on other
programs in the pipeline if the locked command closes or redirects these
elsewhere.
The original patch used -s to close stdout/stderr rather than closing
them unconditionally, but it's not clear that we really care that much.
kevans dropped that part when taking the patch, patch is otherwise by
listed author.
PR: 112379
Reviewed by: 0mp, allanjude (both earlier version), kevans
Feedback from: des
Sponsored by: Klara, Inc.
Kyle Evans [Wed, 22 Nov 2023 04:41:36 +0000 (22:41 -0600)]
lockf: hide unavailable error with -n -s
The error message is expected, allow -s to suppress just that one since
it would loosely fall under the definition of "failure to acquire the
lock" described in the manpage for the -s option.
Reviewed by: 0mp, allanjude
Feedback from: des
Sponsored by: Klara, Inc.
Kyle Evans [Thu, 23 Nov 2023 16:21:33 +0000 (10:21 -0600)]
arm64: lop off another 24MB of KVA for early device mappings
This grows the block enough to fit a 4K 32-bit depth framebuffer; some
firmware would present smaller GOP modes to be able to boot with a
smaller framebuffer on these devices, but the Windows Devkit firmware
is simply not that nice. Instead, it offers exactly one GOP mode that
matches the current resolution of the attached display, so with limited
control over resolution on most of my displays it'd be nice if we could
Just Work(TM) at 4K.
andrew notes that he has some ideas for removing PMAP_MAPDEV_EARLY_SIZE
entirely, so this limitation could end up removed altogether in the
future.
These won't be added elsewhere, so add a little bit of room to make
these messages a little easier to read. The existing set is a mixed
bag, there are somewhere in the ballpark of 45, 46 printfs to stderr and
19 of those had newlines.
POSIX defines a number of other control characters as well as
alternative aliases for some that should be provided in the default set,
so let's go ahead and add those.
Reviewed by: bapt, yuripv
Sponsored by: Klara, Inc.
Warner Losh [Thu, 7 Dec 2023 20:27:07 +0000 (13:27 -0700)]
sort: Only build FreeBSD-specific ALTMON_x stuff when ATLMON_1 is defined
On MacOS, we bootstrap sort. Since ALTMON_* are not defined there, the
build blows up. Since we don't need this feature for the FreeBSD build
process, and since we won't use it unless we actually install the NL
files that have this data in it, just #ifdef it out for now. In the
extremely unlikely event that the FreeBSD bootstrap/build process grows
this dependency, we can evaluate the best solution then (which most
likely is going to be not depend on the local's month names).
Many languages use different case endings depending on whether the month
is referenced as a standalone word (nominative case), or in date context
(genitive, partitive, etc.). sort(1)'s -M option currently sorts months
by testing input against only the abbrevation format, which is
essentially a substring of the full format. While this works fine for
languages like English, where there are no cases, for languages where
there is a different case ending between the abbreviation/full and
standalone formats, it is not sufficient.
For example, in Greek, "May" can take the following forms:
Kenneth D. Merry [Tue, 31 Oct 2023 19:20:36 +0000 (15:20 -0400)]
Add IBM TS1170 density codes and specs.
These were obtained from a drive, but they agree with the IBM
documentation.
The bpi/bpmm values are the same as TS1160, but the number of
tracks is much larger (18944 tracks vs 8704 for TS1160). The tapes
are also longer, 1337m total. (According to the MAM on a sample JF
tape. I don't have a JE tape handy to compare.) The end result
is a 50TB raw capacity (150TB compressed) for TS1170 with a JF
cartridge vs 20TB raw capacity (60TB compressed) for TS1160 with
a JE cartridge.
lib/libmt/mtlib.c:
Add the TS1170 density codes to the denstiy table in libmt.
usr.bin/mt/mt.1:
Add the TS1170 density codes and specs to the density table
in the mt(1) man page. As usual for TS drives, there is an
encrypted and non-encrypted density code (0x79 and 0x59
respectively).
Brooks Davis [Fri, 1 Dec 2023 20:48:29 +0000 (20:48 +0000)]
sysvipc: Fix 32-bit compat on !i386
The various time fields are time_t's which are only 32-bit on i386.
Fixing the old versions is probably of little use, but it's more correct
and in theory there could be powerpc binaries from 6.x.
PR: 240035
Fixes: fbb273bc05bef Properly support for FreeBSD 4 32bit System V shared memory.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D42870
Mark Johnston [Mon, 11 Dec 2023 14:19:09 +0000 (09:19 -0500)]
tty: Avoid a kernel memory discloure via kern.ttys
Four pad bytes at the end of each xtty structure were not being cleared
before being copied out. Fix this by clearing the whole structure
before populating fields.
Jessica Clarke [Wed, 6 Dec 2023 21:37:32 +0000 (21:37 +0000)]
bsdinstall: Encode dists to valid variable names in checksum script
Currently we just strip the .txz of the dist name (and add a status_
prefix) to get the shell variable name for its status, but this doesn't
give a valid result for dists like base-dbg, kernel-dbg and lib32-dbg,
or even kernel.KERNCONF (or, combining the two, kernel.KERNCONF-dbg). As
a result, four things go wrong for such dists:
1. If there is a dot and/or a dash in the name, writing to the variable
fails and spits an error out on stderr to the log
3. If there is a dot in the name before any dash, the syntax is always
invalid, reading the variable fails, spits an error out on stderr to
the log, the result is the empty string and that is interpreted as
being 0%
2. If there is a dash in the name before any dot, and there is a dist
whose name is the substring up to that first dash, and it has already
had its status written to, reading the variable instead reads that
dist's variable and so the status of that dist is displayed instead
3. If there is a dash in the name before any dot, and either there is
not a dist whose name is the substring up to that first dash or there
is such a dist but it has not already had its status written to,
reading the varaible instead results in the substring after the first
dash, including any additional string expansion syntax that follows
(i.e. ${status_kernel-dbg:--11}, the expression used to read the
variable, is interpreted as reading status_kernel with a default
value of "dbg:--11")
For example, in a default install with base, kernel, kernel-dbg and
lib32, the following sequence of displays happens:
1. base is In Progress, kernel is Pending, kernel-dbg is 0% (what shows
for the garbage input "dbg:--11") and lib32 is Pending
2. base is Passed, kernel is In Progress, kernel-dbg is In Progress
(since kernel has now had its status written to) and lib32 is
Pending
3. base is Passed, kernel is Passed, kernel-dbg is Passed (again, since
that is the status of kernel, despite that kernel-dbg is being
verified at this point) and lib32 is Pending
4. base is Passed, kernel is Passed, kernel-dbg is Passed and lib32 is
In Progress
Fix this with a crude encoding scheme. More special characters can
easily be added if needed in future.
Note that, prior to bsddialog being used (and thus for branches this is
MFC'ed to where dialog is still used), the same problem existed but
displayed slightly differently due to a combination of different default
values and different behaviour for unintended inputs.
Fixes: b70047d41362 ("Add generation of an installation manifest containing SHA256 checksums as ...")
MFC after: 1 week
The number of events we track can vary over time, but we only allocate
enough space for the exact number of events we are tracking when we
first begin, resulting in a trivially reproducable heap overflow. Fix
this by allocating enough space for the greatest possible number of
events (two per file) and clean up the code a bit.
Also add a test case which triggers the aforementioned heap overflow,
although we don't currently have a way to detect it.
Warner Losh [Sun, 19 Feb 2023 03:04:29 +0000 (20:04 -0700)]
tail: Retry kevent if the system call was interrupted
kevent returns EINTR when I suspend / resume. This causes tail -f
and tail -F to exit with interrupt system call. Ignore this error
and try kevent again.
Xin LI [Wed, 13 Jul 2022 04:14:25 +0000 (21:14 -0700)]
Improve usability of head(1) and tail(1):
- Consistently support -q (quiet) and -v (verbose)
- Allow specifying numbers with SI prefixes supported by expand_number(3)
- Remove 2^31 limit on lines for head(1)
Replace int with either size_t or ssize_t (depending on context) in
order to support bit strings up to SSIZE_MAX bits in length. Since
some of the arguments that need to change type are pointers, we must
resort to light preprocessor trickery to avoid breaking existing code.
* Interrupt the option loop as soon as we have an indication of which
protocol is intended.
* If we end up having to perform a DNS lookup, loop over the entire
result looking for either IPv4 or IPv6 addresses.
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Reviewed by: rscheff, kevans, allanjude
Differential Revision: https://reviews.freebsd.org/D42137
ping: Consistently use EX_NOHOST for DNS failures.
Traditionally, ping returned exit code EX_NOHOST if a DNS lookup failed.
That is still the case for the legacy code in the new merged ping, but
not for IPv6 targets, nor when a DNS lookup is performed in order to
determine which version of the tool to invoke.
While here, also make sure that the error message is consistent.
Sponsored by: NetApp, Inc.
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D42159
The daemon utility already does its own buffering and retransmits its
child's output line by line. There's no need for stdio to add its own
buffering on top of this.
Kyle Evans [Fri, 5 May 2023 15:12:13 +0000 (10:12 -0500)]
daemon: EINTR from kevent(2) is not a fatal error
Simply resume waiting for events rather than exiting if we took a signal
here.
This at least fixes running programs under daemon(8) in the face of
suspend/resume, which I suspect hits us with a spurious EINTR rather
than a signal anyways.
Reported and tested by: manu
Fixes: 8935a3993219b ("daemon: use kqueue for all events")
Refactor daemon to use kqueue/kevent instead of signals.
This changes allows to simplify the code in several ways:
- the execution flow is now linear, no async events.
- several variables became redundant and got removed.
- all event handling is now concentrated inside of the event loop, which
makes code reading and comprehension easier.
- new kqueuex(2) call is used for CLOEXEC, but maintained closing the
kq fd prior to execve() to ease later MFC
nss_tacplus: Provide dummy setpwent(), getpwent_r(), endpwent().
These aren't really needed, since TACACS+ does not support enumeration, but providing placeholders keeps nsdispatch() from complaining that they're missing.
libtacplus: Allow additional AV pairs to be configured.
* Replace hand-rolled input tokenizer with openpam_readlinev() which supports line continuations and has better quoting and escaping.
* Simplify string handling by merging struct clnt_str and struct srvr_str into just struct tac_str.
* Each server entry in the configuration file can now have up to 255 AV pairs which will be appended to the ones returned by the server in response to a successful authorization request.
This allows nss_tacplus(8) to be used with servers which do not provide identity information beyond confirming the existence of the user.
This adds a dependency on libpam, however libtacplus is currently only used by pam_tacplus(8) (which is already always used with libpam) and the very recently added nss_tacplus(8) (which is extremely niche). In the longer term it might be a good idea to split this out into a separate library.
Mark Johnston [Thu, 7 Dec 2023 16:20:11 +0000 (11:20 -0500)]
OpenZFS: Ensure that zfs_getattr() initializes the va_rdev field
Otherwise the field is left uninitialized, leading to a possible kernel
memory disclosure to userspace or to the network. Use the same
initialization value we use in zfsctl_common_getattr().
Reported-by: KMSAN Sponsored-by: The FreeBSD Foundation Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Ed Maste <emaste@FreeBSD.org> Signed-off-by: Mark Johnston <markj@FreeBSD.org>
(cherry picked from commit 11656234b560c401dec6a16e1bf048b20fd31aac)
Alexander Motin [Thu, 9 Nov 2023 18:07:46 +0000 (13:07 -0500)]
uma: Micro-optimize memory trashing
Use u_long for memory accesses instead of uint32_t. On my tests on
amd64 this by ~30% reduces time spent in those functions thanks to
bigger 64bit accesses. i386 still uses 32bit accesses.
Mitchell Horne [Mon, 4 Dec 2023 15:46:48 +0000 (11:46 -0400)]
busdma: emit a warning for use of filters
Filter functions are deprecated, and unused in the tree. If either of
the filter or filterarg arguments to bus_dma_tag_create() are non-NULL,
print a warning.
This is a direct commit to stable/13.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42897
Igor Ostapenko [Wed, 29 Nov 2023 12:35:41 +0000 (13:35 +0100)]
pf: fix mem leaks upon vnet destroy
Add missing cleanup actions:
- remove user defined anchor rulesets
- remove user defined ether anchor rulesets
- remove tables linked to user defined anchors
- deal with wildcard anchor peculiarities to get them removed correctly
Colin Percival [Sun, 3 Dec 2023 21:39:30 +0000 (13:39 -0800)]
release/Makefile.vm: Rework emulator-portinstall
The emulator-portinstall target now unconditionally ensures that qemu
is installed; but is only invoked if needed (aka. when cross building
VM images).
Colin Percival [Mon, 27 Nov 2023 21:29:05 +0000 (13:29 -0800)]
Makefile.vm: Fix duplicate rc.conf files
Two bugs in Makefile.vm resulted in disk images being "built" multiple
times, resulting in lines added to /etc/rc.conf being duplicated:
1. The vm-image target reused the same "staging tree" directory for all
of its builds (multiple disk image types and multiple filesystem types).
2. The cw-type-flavour-fs target depends on emulator-portinstall, which
did not have a 'touch ${.TARGET}' and thus re-ran every time -- and
caused the cw-type-flavour-fs target to be re-run. This was triggered
by release builds running `make cloudware-release` (creating the disk
images) followed by `make ec2amis` (which re-created the disk images
prior to uploading them).
Kristof Provost [Wed, 29 Nov 2023 18:06:31 +0000 (19:06 +0100)]
pf: remove incorrect fragmentation check
We do not need to check PFDESC_IP_REAS while tracking TCP state.
Moreover, this check incorrectly considers no-data packets (e.g. RST) to
be in-window when this flag is not set.
Loss of the trailing space in the multi-line format string has
resulted in column name being emitted as "FAILSLEEP", instead of
two columns "FAIL" and "SLEEP".
rmacklem [Tue, 28 Nov 2023 00:31:03 +0000 (16:31 -0800)]
OpenZFS: Fix ZFS so that snapshots under .zfs/snapshot are NFS visible
Call vfs_exjail_clone() for mounts created under .zfs/snapshot
to fill in the mnt_exjail field for the mount. If this is not
done, the snapshots under .zfs/snapshot with not be accessible
over NFS.
This version has the argument name in vfs.h fixed to match that
of the name in spl_vfs.c, although it really does not matter.
External-issue: https://reviews.freebsd.org/D42672 Reviewed-by: Alexander Motin <mav@FreeBSD.org> Signed-off-by: Rick Macklem <rmacklem@uoguelph.ca>
Closes #15563
pkgbase: set the prefix of debug files and macros to /usr/src
When the macro PACKAGE_BUILDING is set, then consider we are building package
for pkgbase, this has already been used in Makefile.inc1 and reuse the
PACKAGE_BUILDING macros already used for that purpose in the ports tree
In the future this should be tied to REPRODUCIBLE_BUILD
MFC After: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D42569
pkgbase: create package with SRCRELDATE not OSRELDATE as OSVERSION
In 188fe88ec50eac7c10e1d8350bf1180f8c16e463 OSVERSION has been set
to OSRELDATE which is the RELDATE of the building OS while we wanted
to use SRCRELDATE which is the RELDATE of the target system
This is used to the package annotation helping pkg to know about
backward compatibility is set to the version of the packages not
the version of the host building the packages
pkgbase: set a default set of kernel for when PACKAGE_BUILDING=1
PACKAGE_BUILDING is already known in the ports tree as a variable
use to defined when the packages is being actually built in an
automation process, reuse that variable to define the default set
of kernel we plan to build for the default pkgbase.
Eugene Grosbein [Sun, 28 Aug 2022 05:45:23 +0000 (12:45 +0700)]
rc.conf(5): add <service>_umask to run the service using this value
None of tools working with login classes change umask(1)
and we had no ways to specify non-default umask for a service
not touching its startup script. This change makes in possible.
Some file-sharing services that create new files may benefit from it.
Martin Matuska [Sat, 2 Dec 2023 00:11:25 +0000 (01:11 +0100)]
zfs: merge openzfs/zfs@d99134be8 (zfs-2.1-release) into stable/13
OpenZFS release 2.1.14
Notable upstream pull request merges:
#15395 1ca531971 Zpool can start allocating from metaslab before TRIMs
have completed
#15571 77b0c6f04 dnode_is_dirty: check dnode and its data for dirtiness