Mike Karels [Wed, 27 Mar 2024 20:10:43 +0000 (15:10 -0500)]
bsdinstall: draw attention to new network config options
The network configuration options have changed in bsdinstall, with
an Auto option to proceed directly to DHCP and IPv6 autoconfig (which
is the default) as well as Manual (the old mode). For users like me
that were used to hitting return automatically to select an interface,
but want manual configuration, attempt to call out the difference:
Change the menu caption to say "Please select a network interface
and configuration mode:" and not just an interface.
Gleb Smirnoff [Wed, 27 Mar 2024 19:19:44 +0000 (12:19 -0700)]
sockets: define shutdown(2) constants in cpp namespace
There is software that uses SHUT_RD, SHUT_WR as preprocessor defines and
its build was broken by enum declaration. Keep the enum, but provide
defines to propagate the constants to cpp namespace.
Michael Tuexen [Wed, 27 Mar 2024 13:31:48 +0000 (14:31 +0100)]
tcp bblog: use correct length
The length of tldl_reason is TCP_LOG_REASON_LEN, not TCP_LOG_ID_LEN.
No functional change intended.
Reported by: Coverity Scan
CID: 1418074
CID: 1418276
Reviewed by: glebius, rscheff
MFC after: 3 days
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D44510
Note that VFS internally interprets a timestamp of -1 as “do not set”,
so this has no effect, but at least touch won't incorrectly reject the
given date / time (1969-12-31 23:59:59 UTC) as invalid.
* Mention that mktime() and timegm() set errno on failure.
* Correctly determining whether mktime() / timegm() succeeded with
arbitrary input (where -1 can be a valid result) is non-trivial.
Document the recommended procedure.
This adds support for two new diff algorithms, Myers diff and Patience
diff.
These algorithms perform a different form of search compared to the
classic Stone algorithm and support escapes when worst case scenarios
are encountered.
Add the -A flag to allow selection of the algorithm, but default to
using the new Myers diff implementation.
The libdiff implementation currently only supports a subset of input and
output options supported by diff. When these options are used, but the
algorithm is not selected, automatically fallback to the classic Stone
algorithm until support for these modes can be added.
Based on work originally done by thj@ with contributions from kevans@.
Sponsored by: Klara, Inc.
Reviewed by: thj
Differential Revision: https://reviews.freebsd.org/D44302
Tom Jones [Tue, 26 Mar 2024 09:52:07 +0000 (09:52 +0000)]
netmap: Address errors on memory free in netmap_generic
netmap_generic keeps a pool of mbufs for handling transfers, these mbufs
have an external buffer attached to them.
If some cases other parts of the network stack can chain these mbufs,
when this happens the normal pool destructor function can end up
free'ing the pool mbufs twice:
- A first time if a pool mbuf has been chained with another mbuf when
its chain is freed
- A second time when its entry in the pool is freed
Additionally, if other parts of the stack demote a pool mbuf its
interface reference will be cleared. In this case we deference a NULL
pointer when trying to free the mbuf through the destructor. Store a
reference to the adapter in ext_arg1 with the destructor callback so we
can find the correct adapter when free'ing a pool mbuf.
This change enables using netmap with epair interfaces.
Reviewed By: vmaffione
MFC after: 1 week
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D44371
Zhenlei Huang [Tue, 26 Mar 2024 08:47:02 +0000 (16:47 +0800)]
kern linker: Do not touch userrefs of the kernel file
A nonzero `userrefs` of a linker file indicates that the file, either
loaded from kldload(2) or preloaded, can be unloaded via kldunload(2).
As for the kernel file, it can be unloaded by the loader but should not
be after initialization.
This change fixes regression from d9ce8a41eac9 which incidentally
increases `userrefs` of the kernel file.
Zhenlei Huang [Tue, 26 Mar 2024 03:55:45 +0000 (11:55 +0800)]
kern linker: Do not unload a module if it has dependants
Despite the name, linker_file_unload() will drop a reference and return
success when the module file has dependants, i.e. it has more than one
reference. When user request to unload such modules then the kernel
should reject unambiguously and immediately.
amd64: initialize td_frame stack area for init(8) main thread
Unitialized td_frame mostly does not matter since all registers are
overwritten on exec to activate init(8). Except PSL_T bit from the
%rflags which might leak into fresh init as garbage, causing spurious
SIGTRAPs delivered to init until first syscall is executed.
Reviewed by: emaste, jhb, jhibbits
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D44498
Ed Maste [Tue, 23 Jan 2024 18:04:43 +0000 (13:04 -0500)]
bsdlabel: add deprecation notice
gpart is the preferred tool for managing partitions of all types,
including BSD disklabels.
Note that this is only about bsdlabel/disklabel, the tool -- there is no
current plan to remove support for MBR or BSD disk labels from the
kernel or from gpart.
Reviewed by: imp, olce
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D43563
Mark Peek [Mon, 25 Mar 2024 15:58:46 +0000 (16:58 +0100)]
certctl: Revert to symlinks.
Unfortunately tar will not be able to extract base.txz to a system where
/etc and /usr are not on the same filesystem if the certificates are
hard links.
* Add a dummy getopt(3) loop to handle `--`.
* Move interval parsing out into a separate function.
* Print a diagnostic for every invalid interval.
* Check for NaN and infinity.
* Improve bounds checks.
Manual page:
* Miscellaneous markup fixes.
* Reword DESCRIPTION section.
* Move text about GNU compatibility to STANDARDS section.
* Convert examples from csh to sh.
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D44471
Kristof Provost [Sun, 24 Mar 2024 08:46:31 +0000 (09:46 +0100)]
pfsync: fix use of invalidated stack variable
Calls to pfsync_send_plus() pass pointers to stack variables.
If pfsync_sendout() then fails it retains the pointer to these stack
variables, accesing them later.
Allocate a buffer and copy the data instead, so that we can retain the
pointer safely.
Kristof Provost [Sat, 23 Mar 2024 16:02:50 +0000 (17:02 +0100)]
pf: fix use-after-free
If we fragment the packet in pf_route() the first transmitted packet
will free the pf_mtag we have stored in pf_pdesc (pd). Ensure we
update that pointer for every packet to avoid using a freed pointer in
pf_dummynet_route().
Eliot Solomon [Sat, 18 Nov 2023 21:13:21 +0000 (15:13 -0600)]
arm64: fix free queue and reservation configuration for 16KB pages
Correctly configure the free page queues and the reservation size when
the base page size is 16KB. In particular, the reservation size was
less than the L2 Block size, making L2 promotions and mappings all but
impossible.
Gleb Smirnoff [Sun, 24 Mar 2024 16:13:23 +0000 (09:13 -0700)]
icmp6: bring rate limiting on a par with IPv4
Use counter_ratecheck() instead of racy and slow ppsratecheck. Use a
separate counter for every currently known type of ICMPv6. Provide logging
of ratelimit events. Provide jitter to counter open UDP port detection.
Gleb Smirnoff [Sun, 24 Mar 2024 16:13:23 +0000 (09:13 -0700)]
icmp6: move ICMPv6 related tunables to the files where they are used
Most of them can be declared as static after the move out of in6_proto.c.
Keeping sysctl(9) declarations with their text descriptions next to the
variable declaration create self-documenting code. There should be no
functional changes.
Gleb Smirnoff [Sun, 24 Mar 2024 16:13:23 +0000 (09:13 -0700)]
icmp: improve ICMP limit jitter
Instead of fixing up invalid values set by a user in badport_bandlim()
which is a fast path function, provide a sysctl handler
sysctl_icmplim_and_jitter(), that will check that jitter is less than the
limit.
Provide jitter initilization function icmplim_new_jitter() used at boot,
in the sysctl handler and when we actually hit the limit. This also fixes
no jitter on a fresh booted system until first limit hit.
Instead of CVE number provide link the the actual paper that explains what
and why we are doing here. The CVE number isn't very informative, it will
just tell you what RedHat version you need to upgrade to.
Gleb Smirnoff [Sun, 24 Mar 2024 16:13:23 +0000 (09:13 -0700)]
icmp: when logging ICMP ratelimiting message use correct jitter value
The limiting of the very last second has been done using certain jitter
value. We update the jitter for the next second. But the logging should
report the jitter before the change.
Gleb Smirnoff [Sun, 24 Mar 2024 16:13:23 +0000 (09:13 -0700)]
icmp: do not store per-VNET identical array of strings
We need per-VNET struct counter_rate, but we don't need per-VNET set of
const char *. Also, identical word "response" can go into the format
string instead of being stored 7 times.
Gordon Bergling [Sun, 24 Mar 2024 05:10:39 +0000 (06:10 +0100)]
mem.4: Correct the HISTORY section
The history section (added in CSRG) claimed both first appeared in v6.
Looking at the manuals in the TUHS archive, /dev/mem was in v1
and /dev/kmem was introduced in v5.
unionfs: implement VOP_UNP_* and remove special VSOCK vnode handling
unionfs has a bunch of clunky special-case code to avoid creating
unionfs wrapper vnodes for AF_UNIX sockets. This was added in 2008
to address PR 118346, but in the intervening years the VOP_UNP_*
operations have been added to provide a clean interface to allow
sockets to work in the presence of stacked filesystems.
Gleb Smirnoff [Sat, 23 Mar 2024 05:44:16 +0000 (22:44 -0700)]
tests/netgraph: start ng_ksocket(4) tests
The ng_ksocket(4) functionality is very fragile as it interfaces with
kernel socket code in unusual way. It definitely needs a test suite.
Start one with a test that tests UDP over IPv4.
Gleb Smirnoff [Sat, 23 Mar 2024 05:44:16 +0000 (22:44 -0700)]
tests/netinet: add UDP socket I/O tests
Start a file that would collect tests for I/O functionality of a UDP
socket, targeted on how a socket interacts with userland rather than with
wire side of the protocol.
First version tests that MSG_TRUNC and MSG_PEEK are working correctly.
Gleb Smirnoff [Sat, 23 Mar 2024 02:50:33 +0000 (19:50 -0700)]
tests/netgraph: mark all tests as required_user="root"
Any netgraph operation requires root priveleges. Some tests in the
directory already mark themselves with 'atf_tc_set_md_var(conf,
"require.user", "root");' which creates a lot of pasted code. Some tests
don't mark self. For this particular directory a blanket metadata setting
in the Makefile is acceptable, imho.
John Baldwin [Sat, 23 Mar 2024 00:25:07 +0000 (17:25 -0700)]
nvmecontrol: Display additional Fabrics-related fields for cdata
Some of these fields are specific to Fabrics controllers (such as the
size of capsules) while other fields are shared with PCI-e
controllers, but are more relevant for Fabrics controllers (such as
KeepAlive timer properties).
John Baldwin [Sat, 23 Mar 2024 00:23:09 +0000 (17:23 -0700)]
nvme: Add SGL structure and constants for use in NVMe commands
Fabrics capsules use an SGL structure instead of prp1/2 addresses to
describe the data buffer used for a command. The SGL structure is
added to a union with the existing prp1/2 fields.
Michael Tuexen [Fri, 22 Mar 2024 13:50:25 +0000 (14:50 +0100)]
rtld: fix check for endianess of elf hints file
Don't check if the elf hints file is in host byte order, but check
if it is in little endian by looking at the magic number.
This fixes rtld on big endian platforms.
Reviewed by: se, kib (prior version of the patch)
Fixes: 7b77d37a561b ("rtld-elf: support either byte-order of hints")
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D44472
build: add -Wswitch to clang for more consistency with gcc
gcc12 and gcc13 appear to include Wswitch with Wall, while
clang doesn't. For switch() statements on enum, this forces
the use of at least a default: clause, in adherance with style(9).
Reviewed By: emaste
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D44092
Kristof Provost [Thu, 21 Mar 2024 07:38:45 +0000 (08:38 +0100)]
if_ovpn tests: test large packets in IPv6 tunnel
There's a report of MTU issues over IPv6 DCO tunnels.
Extend the 4in6 test to send a series of pings with different sizes, as
well as transfer a large file.
No issues were found, but we may as well extend the test case.
Mark Johnston [Fri, 22 Mar 2024 06:11:03 +0000 (02:11 -0400)]
ddb: Fix format string errors in db_pprint.c
For some reason, db_expr_t is defined as "long" on 64-bit platforms and
"int" on others. When printing values of this type, simply cast them to
long to suppress compilation errors on 32-bit systems.
Bojan Novković [Fri, 22 Mar 2024 03:01:34 +0000 (04:01 +0100)]
ddb: Add CTF-based pretty printing
Add basic CTF support and a CTF-powered pretty-printer to ddb.
The db_ctf.* files expose a basic interface for fetching type
data for ELF symbols, interacting with the CTF string table,
and translating type identifiers to type data.
The db_pprint.c file uses those interfaces to implement
a pretty-printer for all kernel ELF symbols.
The pretty-printer works with symbol names and arbitrary addresses:
pprint struct thread 0xffffffff8194ad90
Pretty-printing currently only works after the root filesystem
gets mounted because the CTF info is not available during
early boot.
Dimitry Andric [Thu, 21 Mar 2024 20:44:46 +0000 (21:44 +0100)]
Slightly reorganize libclang_rt Makefile again
Make a separate .elif section for MACHINE_ARCH==powerpc, and subdivide
the MACHINE_CPUARCH values under it. If at some point more sanitizer
libraries become available for powerpc CPU architectures, they can be
added before the "nothing for other powerpc yet" case. Similar for the
MACHINE_ARCH==arm case.
Dimitry Andric [Thu, 21 Mar 2024 13:53:36 +0000 (14:53 +0100)]
Fix building of several libclang_rt libraries for powerpc64 and powerp64le
I reorganized the libclang_rt Makefile in e77a1bb27574 to make it more
readable and maintainable, but the check for 32-bit powerpc was wrong.
This caused almost no libclang_rt libraries to be built for powerpc64
and powerpc64le.
Stefan Eßer [Thu, 21 Mar 2024 15:31:49 +0000 (16:31 +0100)]
rtld-elf: add some debug print statements
The byte-order independent code has been reported to fail on powerpc64.
Add some more debug statements to help identify the parametrs used and
to verify the correct operation of the byte-swap macros used..
Mitchell Horne [Thu, 21 Mar 2024 15:21:41 +0000 (12:21 -0300)]
kassert.h: update MPASS definition commentary
We now have a detailed man page describing both MPASS and KASSERT. Give
a warning that careless use of MPASS can result in inadequate assertion
messages, and point to the MPASS(9) page which describes this.
While here add a comment above the KASSERT definitions pointing to the
man page.
Suggested by: bz
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D44438