Dimitry Andric [Mon, 29 May 2023 14:27:58 +0000 (16:27 +0200)]
Apply clang fixes for crashes compiling ARM/AArch64 CRC intrinsics
Merge commit 069ecd0c6e2c from llvm-project (by Fangrui Song):
[ARM] Check target feature support for __builtin_arm_crc*
`__builtin_arm_crc*` requires the target feature crc which is available on armv8
and above. Calling the fuctions for armv7 leads to a SelectionDAG crash.
```
% clang -c --target=armv7-unknown-linux-gnueabi -c a.c
fatal error: error in backend: Cannot select: intrinsic %llvm.arm.crc32b
PLEASE submit a bug report to ...
```
Add `TARGET_BUILTIN` and define required features for these builtins to
report an error in `CodeGenFunction::checkTargetFeatures`. The problem is quite widespread.
I will add `TARGET_BUILTIN` for more builtins later.
Merge commit b2d7a0dcf1ff from llvm-project (by Fangrui Song):
[AArch64] Check target feature support for __builtin_arm_crc*
This is the AArch64 counterpart of D134127.
Daniel Kiss will change more `BUILTIN` to `TARGET_BUILTIN`.
Fix #57802
Note that programs attempting to use ARM/AArch64 CRC intrinsics, when
they are not supported by the targeted CPU, will still receive a regular
compilation error (instead of a fatal backend error) similar to:
Clang 16 got new builtins that are equivalent to hand-written parts of
<type_traits>. When building world with the devel/llvm16 package
installed and CROSS_TOOLCHAIN=llvm16 set, this would lead to -Werror
warnings about those builtins being overridden.
MFC: listen(2): improve administrator control over logging
As documented in listen.2 manual page, the kernel emits a LOG_DEBUG
syslog message if a socket listen queue overflows. For some appliances,
it may be desirable to change the priority to some higher value
like LOG_INFO while keeping other debugging suppressed.
OTOH there are cases when such overflows are normal and expected.
Then it may be desirable to suppress overflow logging altogether,
so that dmesg buffer is not flooded over long run.
In addition to existing sysctl kern.ipc.sooverinterval,
introduce new sysctl kern.ipc.sooverprio that defaults to 7 (LOG_DEBUG)
to preserve current behavior. It may be changed to any value
in a range of 0..7 for corresponding priority or to -1 to suppress logging.
Document it in the listen.2 manual page.
Mark Johnston [Tue, 18 Apr 2023 18:32:04 +0000 (14:32 -0400)]
loader.efi: Fix some arm64 PE metadata
- Mark the file as an executable in the COFF header.
- Provide separate .text and .data sections.
- Provide sane file and section alignment values. These values are the
defaults defined in the PE specification.
- Set appropriate characteristics for each of .text and .data.
This is required for the MS devkit to load our UEFI image.
Kirk McKusick [Mon, 15 May 2023 19:56:27 +0000 (12:56 -0700)]
Fix size differences between architectures of the UFS/FFS CGSIZE macro value.
Reported-by: Tijl Coosemans Tested-by: Tijl Coosemans and Peter Holm Sponsored-by: The FreeBSD Foundation
(cherry picked from commit 0a6e34e950cd5889122a199c34519b67569be9cc)
Dimitry Andric [Tue, 23 May 2023 17:40:36 +0000 (19:40 +0200)]
Update -ftrivial-auto-var-init flags for clang >= 16
As of clang 16, the -ftrivial-auto-var-init=zero option no longer needs
-enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
to enable the option. Only add it for older clang versions.
Rick Macklem [Tue, 11 Apr 2023 19:17:09 +0000 (12:17 -0700)]
mount_nfs.8: Update man page for the "syskrb5" option
Commit 896516e54a8c added a new NFS mount option
used for Kerberized NFSv4.1/4.2 mounts. It specifies that
AUTH_SYS be used for state maintenance (also called system)
operations. This allows the mount to be done without the
"gssname" option or a valid Kerberos TGT being held by the
user doing the mount (so it can be specified in fstab(5) for
example).
Rick Macklem [Wed, 29 Mar 2023 00:08:45 +0000 (17:08 -0700)]
nfscl: Make coverity happy
Coverity does not like code that checks a function's
return value sometimes. Add "(void)" in front of the
function when the return value does not matter to try
and make it happy.
A recent commit deleted "(void)"s in front of nfsm_fhtom().
This commit puts them back in.
Rick Macklem [Thu, 16 Mar 2023 22:55:36 +0000 (15:55 -0700)]
nfscl: Add a new NFSv4.1/4.2 mount option for Kerberized mounts
Without this patch, a Kerberized NFSv4.1/4.2 mount must provide
a Kerberos credential for the client at mount time. This credential
is typically referred to as a "machine credential". It can be
created one of two ways:
- The user (usually root) has a valid TGT at the time the mount
is done and this becomes the machine credential.
There are two problems with this.
1 - The user doing the mount must have a valid TGT for a user
principal at mount time. As such, the mount cannot be put
in fstab(5) or similar.
2 - When the TGT expires, the mount breaks.
- The client machine has a service principal in its default keytab
file and this service principal (typically called a host-based
initiator credential) is used as the machine credential.
There are problems with this approach as well:
1 - There is a certain amount of administrative overhead creating
the service principal for the NFS client, creating a keytab
entry for this principal and then copying the keytab entry
into the client's default keytab file via some secure means.
2 - The NFS client must have a fixed, well known, DNS name, since
that FQDN is in the service principal name as the instance.
This patch uses a feature of NFSv4.1/4.2 called SP4_NONE, which
allows the state maintenance operations to be performed by any
authentication mechanism, to do these operations via AUTH_SYS
instead of RPCSEC_GSS (Kerberos). As such, neither of the above
mechanisms is needed.
It is hoped that this option will encourage adoption of Kerberized
NFS mounts using TLS, to provide a more secure NFS mount.
This new NFSv4.1/4.2 mount option, called "syskrb5" must be used
with "sec=krb5[ip]" to avoid the need for either of the above
Kerberos setups to be done by the client.
Note that all file access/modification operations still require
users on the NFS client to have a valid TGT recognized by the
NFSv4.1/4.2 server. As such, this option allows, at most, a
malicious client to do some sort of DOS attack.
Although not required, use of "tls" with this new option is
encouraged, since it provides on-the-wire encryption plus,
optionally, client identity verification via a X.509
certificate provided to the server during TLS handshake.
Alternately, "sec=krb5p" does provide on-the-wire
encryption of file data.
A mount_nfs(8) man page update will be done in a separate commit.
Kristof Provost [Thu, 18 May 2023 19:37:48 +0000 (21:37 +0200)]
pfsync tests: check for the correct IP address
When checking if the state synced over we should look for
198.51.100.254, not 198.51.100.2. The test worked because the incorrect
address is a substring of the correct one, but we should fix it anyway.
Reported by: Naman Sood <naman@freebsdfoundation.org>
MFC after: 1 week
Rick Macklem [Wed, 22 Feb 2023 22:09:15 +0000 (14:09 -0800)]
nfsd.c: Log a more meaningful failure message
For the cases where the nfsd(8) daemon is already running or
has failed to start within a prison due to an incorrect prison
configuration, the failure message logged is:
Can't read stable storage file: operation not permitted
This patch replaces the above with more meaningful messages.
It depends on commit 10dff9da9748 to differentiate between the
above two cases, however even without this commit, the messages
should be an improvement.
Rick Macklem [Wed, 22 Feb 2023 21:19:07 +0000 (13:19 -0800)]
nfsd: Return ENXIO instead of EPERM when nfsd(8) already running
The nfsd(8) daemon generates an error message that does not
indicate that the nfsd daemon is already running when the nfssvc(2)
syscall fails for the NFSSVC_STABLERESTART. Also, the check for
running nfsd(8) in a vnet prison will return EPERM when it fails.
This patch replaces EPERM with ENXIO so that the nfsd(8) daemon
can generate more reasonable failure messages. The nfsd(8) daemon
will be patched in a future commit.
Rick Macklem [Fri, 5 May 2023 22:43:55 +0000 (15:43 -0700)]
nfsd: Fix NFSv3 Readdir/ReaddirPlus reply for large i-node numbers
If the i-node number (d_fileno) for a file on the server did
not fit in 32bits, it would be truncated to the low order 32bits
for the NFSv3 Readdir and ReaddirPlus RPC replies.
This is no longer correct, given that ino_t is now 64bits.
This patch fixes this by sending the full 64bits of d_fileno
on the wire in the NFSv3 Readdir/ReaddirPlus RPC reply.
Rick Macklem [Sat, 17 Dec 2022 21:54:33 +0000 (13:54 -0800)]
jail.8: Update the man page for allow.nfsd
Commit bba7a2e89602 added "allow.nfsd" to optionally allow
mountd/nfsd to be run inside a vnet prison when the kernel
is built with "options VNET_NFSD".
Rick Macklem [Sun, 12 Mar 2023 21:34:25 +0000 (14:34 -0700)]
rc.d: Fix NFS server startup scripts to enable vnet prison use
Now that commit cbbb22031f9b is in main,
it is possible to run nfsd(8), nfsuserd(8), mountd(8),
gssd(8) and rpc.tlsservd(8) in an appropriately configured vnet
prison if the "allow.nfsd" option is specified in jail.conf.
This patch fixes the rc scripts for this.
Mostly just replaces the "nojail" KEYWORD with "nojailvnet",
but also avoids setting vfs.nfsd.srvmaxio in a prison, since it
must be set outside of the prisons and applies to all
nfsd(8) instances.
Rick Macklem [Thu, 2 Mar 2023 21:09:01 +0000 (13:09 -0800)]
vfs_mount.c: Allow mountd(8) to do exports in a vnet prison
To run mountd in a vnet prison, three checks in vfs_domount()
and vfs_domount_update() related to doing exports needed
to be changed, so that a file system visible within the
prison but mounted outside the prison can be exported.
I did all three in a minimal way, only changing the checks for
the specific case of a process (typically mountd) doing exports
within a vnet prison and not updating the mount point in other
ways. The changes are:
- Ignore the error return from vfs_suser(), since the file
system being mounted outside the prison will cause it to fail.
- Use the priv_check(PRIV_NFS_DAEMON) for this specific case
within a prison.
- Skip the call to VFS_MOUNT(), since it will return an error,
due to the "from" argument not being set correctly. VFS_MOUNT()
does not appear to do anything for the case of doing exports only.
Rick Macklem [Tue, 21 Feb 2023 21:00:42 +0000 (13:00 -0800)]
vfs_export: Add mnt_exjail to control exports done in prisons
If there are multiple instances of mountd(8) (in different
prisons), there will be confusion if they manipulate the
exports of the same file system. This patch adds mnt_exjail
to "struct mount" so that the credentials (and, therefore,
the prison) that did the exports for that file system can
be recorded. If another prison has already exported the
file system, vfs_export() will fail with an error.
If mnt_exjail == NULL, the file system has not been exported.
mnt_exjail is checked by the NFS server, so that exports done
from within a different prison will not be used.
The patch also implements vfs_exjail_destroy(), which is
called from prison_cleanup() to release all the mnt_exjail
credential references, so that the prison can be removed.
Mainly to avoid doing a scan of the mountlist for the case
where there were no exports done from within the prison,
a count of how many file systems have been exported from
within the prison is kept in pr_exportcnt.
Changing the new argument for vfs_export() to "int" and
moving the prototype for vfs_exjail_delete() to jail.h
were both necessary to allow libprocstat to build.
Rick Macklem [Thu, 2 Mar 2023 21:09:01 +0000 (13:09 -0800)]
vfs_mount.c: Allow mountd(8) to do exports in a vnet prison
To run mountd in a vnet prison, three checks in vfs_domount()
and vfs_domount_update() related to doing exports needed
to be changed, so that a file system visible within the
prison but mounted outside the prison can be exported.
I did all three in a minimal way, only changing the checks for
the specific case of a process (typically mountd) doing exports
within a vnet prison and not updating the mount point in other
ways. The changes are:
- Ignore the error return from vfs_suser(), since the file
system being mounted outside the prison will cause it to fail.
- Use the priv_check(PRIV_NFS_DAEMON) for this specific case
within a prison.
- Skip the call to VFS_MOUNT(), since it will return an error,
due to the "from" argument not being set correctly. VFS_MOUNT()
does not appear to do anything for the case of doing exports only.
Rick Macklem [Tue, 21 Feb 2023 21:00:42 +0000 (13:00 -0800)]
vfs_export: Add mnt_exjail to control exports done in prisons
If there are multiple instances of mountd(8) (in different
prisons), there will be confusion if they manipulate the
exports of the same file system. This patch adds mnt_exjail
to "struct mount" so that the credentials (and, therefore,
the prison) that did the exports for that file system can
be recorded. If another prison has already exported the
file system, vfs_export() will fail with an error.
If mnt_exjail == NULL, the file system has not been exported.
mnt_exjail is checked by the NFS server, so that exports done
from within a different prison will not be used.
The patch also implements vfs_exjail_destroy(), which is
called from prison_cleanup() to release all the mnt_exjail
credential references, so that the prison can be removed.
Mainly to avoid doing a scan of the mountlist for the case
where there were no exports done from within the prison,
a count of how many file systems have been exported from
within the prison is kept in pr_exportcnt.
mnt_exjail replaces mnt_pad0 and should not change the size
of "struct mount" nor change the offsets of the other fields
in "struct mount". As such, it should be safe to MFC.
OpenSSL 3.0 has deprecated the sha256 api, let's use libmd which has the
same API instead.
In order to avoid the collision in definitions (sha256.h cannot be
included in the same file as a file where openssl headers has been
included) let's move the sha256 related code in its own file
pbuff [Tue, 16 May 2023 03:05:30 +0000 (11:05 +0800)]
pw: The pw_checkname function has added ';' checking.
The pw_checkname function forgot to include a ';'
when checking usernames, causing shell commands
to be executed when a username with a ';' is deleted.
Michael Osipov [Thu, 4 May 2023 12:35:59 +0000 (14:35 +0200)]
periodic: Use locale-agnostic (ISO 8601) timestamp format
Instead of reyling on locale-sensitive output which can be mangled when e-mailed
use consistently ISO 8601 format which contains the same information as '-T'.
Daniel Kolesa [Mon, 20 Mar 2023 16:42:59 +0000 (17:42 +0100)]
sh(1): fix history file write checking
We cannot just compare histsizeval() against 0, since that returns
a string pointer, which is always non-zero (non-null). The logic
in sethistsize() initializes the history size to 100 with values
that are non-number, and an empty string counts as that. Therefore,
the only time we want to not write into history with HISTSIZE val
set is when it's explicitly 0.
Rick Macklem [Wed, 1 Mar 2023 23:29:25 +0000 (15:29 -0800)]
svc_rpcsec_gss.c: Separate out the non-vnet initialization
Without this patch, a single initialization function was
used to initialize both the vnet'd and non-vnet'd data.
This patch separates out the non-vnet'd initializations
into a separate function invoked by SYSINIT().
This avoids use of IS_DEFAULT_VNET() in the initialization
functions and also configures the non-vnet'd initialization
function to be called first, although ordering is not
currently needed.
Rick Macklem [Fri, 24 Feb 2023 15:36:28 +0000 (07:36 -0800)]
nfsd: Fix a use after free when vnet prisons are deleted
The Kasan tests show the nfsrvd_cleancache() results
in a modify after free. I think this occurs because the
nfsrv_cleanup() function gets executed after nfs_cleanup()
which free's the nfsstatsv1_p.
This patch makes them use the same subsystem and sets
SI_ORDER_FIRST for nfs_cleanup(), so that it will be called
after nfsrv_cleanup() via VNET_SYSUNINIT().
The patch also sets nfsstatsv1_p NULL after free'ng it,
so that a crash will result if it is used after free'ng.
Rick Macklem [Tue, 21 Feb 2023 03:43:37 +0000 (19:43 -0800)]
nfscommon: Use IS_DEFAULT_VNET() in the vnet initialization
Another oopsie. The vnet initialization function in
nfs_commonport.c for initializing prison0 by testing
curthread->td_ucred->cr_prison == &prison0. This is bogus
and always true. Replace it with IS_DEFAULT_VNET(curvnet).
Rick Macklem [Mon, 20 Feb 2023 21:11:22 +0000 (13:11 -0800)]
nfsd: Add VNET_SYSUNINIT() macros for vnet cleanup
Commit ed03776ca7f4 enabled the vnet front end macros.
As such, for kernels built with the VIMAGE option will malloc
data and initialize locks on a per-vnet basis, typically
via a VNET_SYSINIT().
This patch adds VNET_SYSUNINIT() macros to do the frees
of the per-vnet malloc'd data and destroys of per-vnet
locks. It also removes the mtx_lock/mtx_unlock calls
from nfsrvd_cleancache(), since they are not needed.
Rick Macklem [Sat, 18 Feb 2023 22:59:36 +0000 (14:59 -0800)]
nfsd: Enable the NFSD_VNET vnet front end macros
Several commits have added front end macros for the vnet
macros to the NFS server, krpc and kgssapi. These macros
are now null, but this patch changes them to front end
the vnet macros.
With this commit, many global variables in the code become
vnet'd, so that nfsd(8), nfsuserd(8), rpc.tlsservd(8) and
gssd(8) can run in a vnet prison, once enabled.
To run the NFS server in a vnet prison still requires a
couple of patches (in D37741 and D38371) that allow mountd(8)
to export file systems from within a vnet prison. Once
these are committed to main, a small patch to kern_jail.c
allowing "allow.nfsd" without VNET_NFSD defined will allow
the NFS server to run in a vnet prison.
One area that still needs to be settled is cleanup when a
prison is removed. Without this, everything should work
except there will be a leak of malloc'd data and mutex locks
when a vnet prison is removed.
Rick Macklem [Fri, 17 Feb 2023 01:44:19 +0000 (17:44 -0800)]
nfscommon: Revert use of nfsstatsv1_p in nfs_commonkrpc.c
Commit 9d329bbc9aea converted a lot of accesses to nfsstatsv1
to use nfsstatsv1_p instead. However, the accesses in
nfs_commonkrpc.c are for client side and should not be
converted. This patch puts them back in the correct
pre-commit 9d329bbc9aea form.
Rick Macklem [Tue, 21 Feb 2023 00:40:07 +0000 (16:40 -0800)]
nfscl: Add NFSD_CURVNET macros to nfsclient syscall
Although the nfsclient syscall is used for client side,
it does set up server side krpc for callbacks. As such,
it needs to have the vnet set. This patch does this.
Without this patch, the system would crash when the
nfscbd(8) daemon was killed.
Rick Macklem [Sun, 18 Dec 2022 20:40:48 +0000 (12:40 -0800)]
krpc: Allow mountd/nfsd to optionally run in a jail
This patch modifies the kernel RPC so that it will allow
mountd/nfsd to run inside of a vnet jail. Running mountd/nfsd
inside a vnet jail will be enabled via a new kernel build
option called VNET_NFSD, which will be implemented in future
commits.
Although I suspect cr_prison can be set from the credentials
of the current thread unconditionally, I #ifdef'd the code
VNET_NFSD and only did this for the jailed case mainly to
document that it is only needed for use in a jail.
The TLS support code has not yet been modified to work in
a jail. That is planned as future development after the
basic VNET_NFSD support is in the kernel.
This patch should not result in any semantics change until
VNET_NFSD is implemented and used in a kernel configuration.
Rick Macklem [Wed, 15 Feb 2023 23:18:46 +0000 (15:18 -0800)]
kgssapi: Add macros so that gssd(8) can run in vnet prison
Commit 7344856e3a6d added a lot of macros that will front end
vnet macros so that nfsd(8) can run in vnet prison.
This patch adds similar macros named KGSS_VNETxxx so that
the gssd(8) daemon can run in a vnet prison, once the
macros front end the vnet ones. For now, they are null macros.
This is the last commit that adds macros. The next step is
to change the macros to front end the vnet ones.
Rick Macklem [Wed, 15 Feb 2023 13:58:21 +0000 (05:58 -0800)]
krpc: Add macros so that rpc.tlsservd can run in vnet prison
Commit 7344856e3a6d added a lot of macros that will front end
vnet macros so that nfsd(8) can run in vnet prison.
This patch adds similar macros named KRPC_VNETxxx so that
the rpc.tlsservd(8) daemon can run in a vnet prison, once the
macros front end the vnet ones. For now, they are null macros.
Rick Macklem [Thu, 2 Feb 2023 00:02:20 +0000 (16:02 -0800)]
prison_check_nfsd: Add check for enforce_statfs != 0
Since mountd(8) will not be able to do exports
when running in a vnet prison if enforce_statfs is
set to 0, add a check for this to prison_check_nfsd().
Rick Macklem [Sat, 17 Dec 2022 21:43:49 +0000 (13:43 -0800)]
kern_jail.c: Allow mountd/nfsd to optionally run in a jail
This patch adds "allow.nfsd" to the jail code based on a
new kernel build option VNET_NFSD. This will not work
until future patches fix nmount(2) to allow mountd to
run in a vnet prison and the NFS server code is patched
so that global variables are in a vnet.
The jail(8) man page will be patched in a future commit.
As the flag M_WAITOK is passed to ip_encap_attach(), then the function
will never return NULL, and the following code within NULL check branch
will be unreachable.
As the flag M_WAITOK is passed to ip_encap_attach(), then the function
will never return NULL, and the following code within NULL check branch
will be unreachable.
Rick Macklem [Wed, 1 Mar 2023 23:25:35 +0000 (15:25 -0800)]
nfs_fha_new: Fix nfs_fha_new so that sysctls work in prisons
The sysctls were in "struct fha_params", making it impractical
to vnet them. This patch moves the sysctls out of "struct fha_params"
and vnet's them, so that they are available in vnet prisons
running nfsd(8). It also avoids the IS_DEFAULT_VNET() macros
in the VNET_SYSINIT() function.
Rick Macklem [Sat, 18 Feb 2023 15:45:38 +0000 (07:45 -0800)]
nfsd: Add NFSD_VNET() macros to nfs_fha_new.c
Although it is not 100% obvious if the affinity threads
lists need to be vnet'd when nfsd runs in a prison, I
think it is necessary for the unusual case where the
same file system is exported in multiple prisons.
For this case, the affinity code might try to assign
the RPC to a svc thread that runs in a different prison.
Also, it makes sense to vnet them, since there are
separate svc threads for each prison running nfsd(8).
This patch adds the macros for vnet'ng to nfs_fha_new.c.
The macros are still null, so the only semantics change
is malloc'ng the fha_param structure.
Rick Macklem [Fri, 17 Feb 2023 15:34:40 +0000 (07:34 -0800)]
nfsd: Get rid of useless "pool" field in nfs_fha_new.c
Since svcpool_create() is now called from an initialization function,
the pool field of fha_params is always non-NULL, so just get
rid of it and the useless check for it being NULL.
Colin Percival [Fri, 5 May 2023 03:00:58 +0000 (20:00 -0700)]
freebsd-update: Fix merging already-updated files
When performing an "upgrade" (moving between FreeBSD releases, as
opposed to "update" which merely applies security/errata updates
to the installed release) FreeBSD Update:
1. Generates a list of "files needing to be merged", namely those
files which don't match the version installed in the "old" release
and have paths matching the MergeChanges configuration directive
(by default, /boot/device.hints and everything under /etc/).
and later on,
2. Compares the currently-installed files to the versions in the
"new" release, removing index entries for files which "don't need
to be updated because they're not changing".
Unfortunately if a file falls into both of these categories -- that
is to say, if a file in /etc/ is the same as the version in the new
release and not the same as the version in the old release -- the
resulting "merge" step saw that the file was no longer listed as
being part of the new release, resulting in the file being deleted.
For the first 18 years of FreeBSD Update's existence, this never
happened, since $FreeBSD$ tags resulted in "new release" files
always being different from any files systems would already have
installed.
This commit fixes this behaviour by only placing a file into the
"files needing to be merged" list if it does not match the version
in the old release *or* the version in the new release.
Reported by: des
Reviewed by: delphij (earlier version), des, emaste
MFC after: 7 days
X-EN-Candidate: yes
Differential Revision: https://reviews.freebsd.org/D39973
Rick Macklem [Tue, 14 Feb 2023 21:33:35 +0000 (13:33 -0800)]
nfsd: Continue adding macros so nfsd can run in a vnet prison
Commit 7344856e3a6d added a lot of macros that will front end
vnet macros so that nfsd(8) can run in vnet prison.
This patch adds some more, to allow the nfsuserd(8) daemon to
run in vnet prison, once the macros map to vnet ones.
This is the last commit for NFSD_VNET_xxx macros, but there are
still some for KRPC_VNET_xxx and KGSS_VNET_xx to allow the
rpc.tlsservd(8) and gssd(8) daemons to run in a vnet prison.
Rick Macklem [Thu, 16 Feb 2023 01:39:07 +0000 (17:39 -0800)]
nfsd: Wrap nfsstatsv1_p in the NFSD_VNET() macro
Commit 7344856e3a6d added a lot of macros that will front end
vnet macros so that nfsd(8) can run in vnet prison.
The nfsstatsv1_p variable got missed. This patch wraps all
uses of nfsstatsv1_p with the NFSD_VNET() macro.
The NFSD_VNET() macro is still a null macro.
Rick Macklem [Mon, 13 Feb 2023 23:07:17 +0000 (15:07 -0800)]
nfsd: Continue adding macros so nfsd can run in a vnet prison
Commit 7344856e3a6d added a lot of macros that will front end
vnet macros so that nfsd(8) can run in vnet prison.
This patch adds some more of them and also a lot of uses of
nfsstatsv1_p instead of nfsstatsv1. nfsstatsv1_p points to
nfsstatsv1 for prison0, but will point to a malloc'd structure
for other prisons.
It also puts nfsstatsv1_p in nfscommon.ko instead of nfsd.ko.
New driver to ACPI generic event device, defined in ACPI spec.
Some ACPI power button may not work without this.
In qemu arm64 with "virt" machine, with ACPI firmware,
enable devd check devd message by
and invoke following command in qemu monitor
(qemu) system_powerdown
and make sure some power button input event appear.
(setting sysctl hw.acpi.power_button_state=S5 is not work,
because ACPI tree does not have \_S5 object.)
Oops, although the vneting macros do not do anything yet,
commit 7344856e3a6d did change where things are initialized
and one of the initialization functions was not being called
early enough. This patch moves nfsrvd_init(0) to the
function called via (VNET_)SYSINIT() to fix this.