Warner Losh [Tue, 31 Oct 2023 20:55:58 +0000 (14:55 -0600)]
ino64: Remove 'forward compat' code for this
Forward compatibility code was added for running newer ino64 binaries on
older kernels as a transition aide. Now that ino64 has been in the tree
6 years, this code is no longer useful and should have been removed long
ago. Remove it now. Should be no user-visible changes at this point as
all the 'upgrade' scenarios it was intended for are long since past.
Also need to remove this stuff from rtld since the _foo versions
no longer exist.
siv0 [Tue, 31 Oct 2023 20:57:54 +0000 (21:57 +0100)]
Fix nfs_truncate_shares without /etc/exports.d
Calling nfs_reset_shares on Linux prints a warning:
`failed to lock /etc/exports.d/zfs.exports.lock: No such file or
directory`
when /etc/exports.d does not exist. The directory gets created, when a
filesystem is actually exported through nfs_toggle_share and
nfs_init_share. The truncation of /etc/exports.d/zfs.exports happens
unconditionally when calling `zfs mount -a` (via zfs_do_mount and
share_mount in `cmd/zfs/zfs_main.c`).
Fixing the issue only in the Linux part, since the exports file on
freebsd is in `/etc/zfs/`, which seems present on 2 FreeBSD systems I
have access to (through `/etc/zfs/compatibility.d/`), while a Debian
box does not have the directory even if `/usr/sbin/exportfs` is
present through the `nfs-kernel-server` package.
The code for exports_available is copied from nfs_available above.
Fixes: ede037cda73675f42b1452187e8dd3438fafc220
("Make zfs-share service resilient to stale exports")
Reviewed-by: Brian Atkinson <batkinson@lanl.gov> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
Closes #15369
Closes #15468
Warner Losh [Tue, 31 Oct 2023 20:03:32 +0000 (14:03 -0600)]
bhyve: ps2 implement command 0xf6
Implement PS2 Keyboard command 0xf6, which is "SET DEFAULTS". This is
the same as 0xf5 (DISABLE KEYBOARD), but without disabling the keyboard
(since that resets all the defaults as a side effect). Normally, we
clear the fifo when we re-enable the keyboard. However, since this
leaves the keyboard enabled, clear the fifo as part of this command and
send an ack.
Linux's keyboard driver sends this command on reboot. Other commands
enable / reset the kebyoard, so it doesn't matter too much this isn't
implemented for booting, eg ubuntu.
Martin Matuška [Tue, 31 Oct 2023 20:49:41 +0000 (21:49 +0100)]
Fix block cloning between unencrypted and encrypted datasets
Block cloning from an encrypted dataset into an unencrypted dataset
and vice versa is not possible. The current code did allow cloning
unencrypted files into an encrypted dataset causing a panic when
these were accessed. Block cloning between encrypted and encrypted
is currently supported on the same filesystem only.
Reviewed-by: Alexander Motin <mav@FreeBSD.org> Reviewed-by: Kay Pedersen <mail@mkwg.de> Reviewed-by: Rob N <robn@despairlabs.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Martin Matuska <mm@FreeBSD.org>
Closes #15464
Closes #15465
Kenneth D. Merry [Tue, 31 Oct 2023 19:20:36 +0000 (15:20 -0400)]
Add IBM TS1170 density codes and specs.
These were obtained from a drive, but they agree with the IBM
documentation.
The bpi/bpmm values are the same as TS1160, but the number of
tracks is much larger (18944 tracks vs 8704 for TS1160). The tapes
are also longer, 1337m total. (According to the MAM on a sample JF
tape. I don't have a JE tape handy to compare.) The end result
is a 50TB raw capacity (150TB compressed) for TS1170 with a JF
cartridge vs 20TB raw capacity (60TB compressed) for TS1160 with
a JE cartridge.
lib/libmt/mtlib.c:
Add the TS1170 density codes to the denstiy table in libmt.
usr.bin/mt/mt.1:
Add the TS1170 density codes and specs to the density table
in the mt(1) man page. As usual for TS drives, there is an
encrypted and non-encrypted density code (0x79 and 0x59
respectively).
Umer Saleem [Tue, 31 Oct 2023 16:51:54 +0000 (21:51 +0500)]
Add all read-only compatible zpool features to grub2 compatibility
GRUB opens the boot pool in read-only mode. All read-only
compatible features for zpool can be enabled and added to
grub2 compatibility, as GRUB does not open the boot-pool
for write.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Signed-off-by: Umer Saleem <usaleem@ixsystems.com>
Closes #15459
Ameer Hamza [Tue, 17 Oct 2023 19:19:58 +0000 (00:19 +0500)]
zvol: fix delayed update to block device ro entry
The change in the zvol readonly property does not update the block
device readonly entry until the first IO to the ZVOL. This patch
addresses the issue by updating the block device readonly property
from the set property IOCTL call.
Reviewed-by: Tony Hutter <hutter2@llnl.gov> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Signed-off-by: Ameer Hamza <ahamza@ixsystems.com>
Closes #15409
Ameer Hamza [Tue, 24 Oct 2023 21:53:27 +0000 (02:53 +0500)]
zvol: Implement zvol threading as a Property
Currently, zvol threading can be switched through the zvol_request_sync
module parameter system-wide. By making it a zvol property, zvol
threading can be switched per zvol.
Reviewed-by: Tony Hutter <hutter2@llnl.gov> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Signed-off-by: Ameer Hamza <ahamza@ixsystems.com>
Closes #15409
Ameer Hamza [Wed, 11 Oct 2023 22:31:11 +0000 (03:31 +0500)]
zvol: Cleanup set property
zvol_set_volmode() and zvol_set_snapdev() share a common code path.
Merge this shared code path into zvol_set_common().
Reviewed-by: Tony Hutter <hutter2@llnl.gov> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Signed-off-by: Ameer Hamza <ahamza@ixsystems.com>
Closes #15409
Kristof Provost [Fri, 27 Oct 2023 12:13:57 +0000 (14:13 +0200)]
libpfctl: be more tolerant of kernel extensions
Allow the kernel to supply more array elements than expected, but cut
off when we hit what we think the maximum is. This will improve forward
compatibility (i.e. old userspace with newer kernel).
Kristof Provost [Tue, 10 Oct 2023 09:56:15 +0000 (11:56 +0200)]
pf tests: ensure that we generate all permutations for SCTP multihome
The initial multihome implementation was a little simplistic, and failed
to create all of the required states. Given a client with IP 1 and 2 and
a server with IP 3 and 4 we end up creating states for 1 - 3 and 2 - 3,
as well as 3 - 1 and 4 - 1, but not for 2 - 4.
Kristof Provost [Tue, 17 Oct 2023 16:10:39 +0000 (18:10 +0200)]
pf: fix missing SCTP multihomed states
The existing code to create extra states when SCTP endpoints supplied
extra addresses missed a case. As a result we failed to generate all of
the required states.
Briefly, if host A has address 1 and 2 and host B has addres 3 and 4 we
generated 1 - 3 and 2 - 3, as well as 1 - 4, but not 2 - 4.
Store the list of endpoints supplied by each host and use those to
generate all of the connection permutations.
Alexander Motin [Mon, 30 Oct 2023 23:56:04 +0000 (19:56 -0400)]
Unify arc_prune_async() code
There is no sense to have separate implementations for FreeBSD and
Linux. Make Linux code shared as more functional and just register
FreeBSD-specific prune callback with arc_add_prune_callback() API.
Aside of code cleanup this should fix excessive pruning on FreeBSD:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274698
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Mark Johnston <markj@FreeBSD.org>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15456
Brooks Davis [Mon, 30 Oct 2023 23:33:14 +0000 (23:33 +0000)]
tzsetup: make UTC the first (default) region
Many sysadmins prefer to configure their systems to UTC and it's a
reasonable default when installing, making it easier to get a usable
system by just hitting <return> repeatidly.
Renumber UTC to 0 to preserve the finger memory of those selecting a
region by shortcut.
Alexander Motin [Mon, 30 Oct 2023 21:55:32 +0000 (17:55 -0400)]
Tune zio buffer caches and their alignments
We should not always use PAGESIZE alignment for caches bigger than
it and SPA_MINBLOCKSIZE otherwise. Doing that caches for 5, 6, 7,
10 and 14KB rounded up to 8, 12 and 16KB respectively make no sense.
Instead specify as alignment the biggest power-of-2 divisor. This
way 2KB and 6KB caches are both aligned to 2KB, while 4KB and 8KB
are aligned to 4KB.
Reduce number of caches to half-power of 2 instead of quarter-power
of 2. This removes caches difficult for underlying allocators to
fit into page-granular slabs, such as: 2.5, 3.5, 5, 7, 10KB, etc.
Since these caches are mostly used for transient allocations like
ZIOs and small DBUF cache it does not worth being too aggressive.
Due to the above alignment issue some of those caches were not
working properly any way. 6KB cache now finally has a chance to
work right, placing 2 buffers into 3 pages, that makes sense.
Remove explicit alignment in Linux user-space case. I don't think
it should be needed any more with the above fixes.
As result on FreeBSD instead of such numbers of pages per slab:
Reviewed-by: Allan Jude <allan@klarasystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15452
Alexander Motin [Mon, 30 Oct 2023 21:54:27 +0000 (17:54 -0400)]
RAIDZ: Use cache blocking during parity math
RAIDZ parity is calculated by adding data one column at a time. It
works OK for small blocks, but for large blocks results of previous
addition may already be evicted from CPU caches to main memory, and
in addition to extra memory write require extra read to get it back.
This patch splits large parity operations into 64KB chunks, that
should in most cases fit into CPU L2 caches from the last decade.
I haven't touched more complicated cases of data reconstruction to
not over complicate the code. Those should be relatively rare.
My tests on Xeon Gold 6242R CPU with 1MB of L2 cache per core show
up to 10/20% memory traffic reduction when writing to 4-wide RAIDZ/
RAIDZ2 blocks of ~4MB and up. Older CPUs with 256KB of L2 cache
should see the effect even on smaller blocks. Wider vdevs may need
bigger blocks to be affected.
Reviewed-by: Brian Atkinson <batkinson@lanl.gov> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15448
Alexander Motin [Mon, 30 Oct 2023 21:51:56 +0000 (17:51 -0400)]
ZIL: Cleanup sync and commit handling
ZVOL:
- Mark all ZVOL ZIL transactions as sync. Since ZVOLs have only
one object, it makes no sense to maintain async queue and on each
commit merge it into sync. Single sync queue is just cheaper, while
it changes nothing until actual commit request arrives.
- Remove zsd_sync_cnt and the zil_async_to_sync() calls since we
are no longer switching between sync and async queues.
ZFS:
- Mark write transactions as sync based only on number of sync
opens (z_sync_cnt). We can not randomly jump between sync and
async unless we want data corruptions due to writes reordering.
- When file first opened with O_SYNC (z_sync_cnt incremented to 1)
call zil_async_to_sync() for it to preserve correct ordering between
past and future writes.
- Drop zfs_fsyncer_key logic. Looks like it was an optimization
for workloads heavily intermixing async writes with tons of fsyncs.
But first it was broken 8 years ago due to Linux tsd implementation
not allowing data storage between syscalls, and second, I doubt it
is safe to switch from async to sync so often and without calling
zil_async_to_sync().
- Rename sync argument of *_log_write() into commit, now only
signalling caller's intent to call zil_commit() soon after. It
allows WR_COPIED optimizations without extra other meanings.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: George Wilson <george.wilson@delphix.com>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15366
Andrew Turner [Mon, 16 Oct 2023 14:34:19 +0000 (15:34 +0100)]
arm64: Add a BTI landing pad to .mcount
The .mcount function needs a BTI branch target. As we can't rely on
asm.h being included use the hint version of a "bti c" instruction.
This is a nop when BTI is not supported or not used.
Reviewed by: markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D42230
Andrew Turner [Thu, 12 Oct 2023 16:29:46 +0000 (17:29 +0100)]
rtld: Teach rtld about the BTI elf note
Add the Branch Target Identification (BTI) note to libc assembly
sources. As all obect files need the note for rtld to have it we need
to insert it in all asm files.
Andrew Turner [Thu, 12 Oct 2023 10:03:37 +0000 (11:03 +0100)]
csu: Teach csu about PAC and BTI
Add the Branch Target Identification (BTI) note to libc assembly
sources and Pointer Authentication Code (PAC) instructions to _init and
_fini.
_init and _fini may be called indirectly so need a BTI landing pad. As
they are non-leaf functions use the appropriate PAC instruction that
also guards against changing the link register.
As all object files need the note for any binary using these object files
we need to insert it in all asm files.
Reviewed by: markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D42227
The new STATIC_TLS_EXTRA variable provides a means for applications
to increases the size of the extra static TLS space allocated by
rtld beyond the default of '128'. This extra static TLS space is used
for objects loaded with dlopen.
The value specified in the variable must be no less than the default
value and no greater than the maximum allowed value for size_t type.
If an invalid value is specified, rtld will ignore it and just use
the default value.
The rtld(1) man page is updated to document this new option.
Obtained from: Juniper Networks, Inc.
Differential Revision: https://reviews.freebsd.org/D42025
Yishai Hadas [Sat, 28 Oct 2023 20:55:47 +0000 (16:55 -0400)]
mlx5ib: Fix RSS Toeplitz setup to be aligned with the HW specification
The specification for the Toeplitz function doesn't require to set the key
explicitly to be symmetric. In case a symmetric functionality is required
a symmetric key can be simply used.
Wrongly forcing the algorithm to symmetric causes the wrong packet
distribution and a performance degradation.
Warner Losh [Fri, 27 Oct 2023 21:23:47 +0000 (15:23 -0600)]
devd: Improve devmatch support
We know that calling devmatch will be futile if there's no plug and play
information for it to match on. Avoid this generically when we see
"? at +on"
which happens only when the location and pnpinfo aren't provided. Don't
call "service devmatch quietstart" here.
We also ignore ACPI devices with a _HID of none. These also will never
load a new driver, so avoid calling "service devmatch quietstart" here too.
Use the more compatct "$*" instead of "'?'$_" when calling "service
devmatch quietstart" since it will evaluate to the same thing.
On my laptop, this eliminates 45% of the calls to devmatch. While it
would be even better to integrate devmatch into devd (so we only parse
linker.hints once), that will have to wait for another day as it's a bit
more complex to arrange that avoiding easy to avoid calls.
Warner Losh [Fri, 27 Oct 2023 20:03:51 +0000 (14:03 -0600)]
otus: splnet isn't a thing, remove place holders
Even though it's if 0'd code, remove splnet/splx. This code can't
possibly run on FreeBSD, but having it here as a marker isn't especially
helpful. It causes a false positive on grepping otherwise.
Warner Losh [Fri, 27 Oct 2023 16:11:29 +0000 (10:11 -0600)]
strlcpy/strlcat: Remove references to snprintf
While strlcpy and snprintf are somewhat similar, there's big differences
between strlcat and snprintf which leads to confusion. Remove the
comparison, since it's ultimately not that useful: the snprintf man page
has similar language to strlcpy, so it doesn't provide a better
reference. The two implementations are otherwise unrelated.
Warner Losh [Fri, 27 Oct 2023 14:39:31 +0000 (08:39 -0600)]
netinet: The tailq_hash code doesn't reference tcpoutflags
Don't define TCPOUTFLAGS to get the static definition from tcp_fsm.h.
tailq_hash.c doesn't refernce tcpoutflag. Only files that reference this
should define TCPOUTFLAGS. clang is fine with it, but gcc12 complained.
Warner Losh [Fri, 27 Oct 2023 04:14:23 +0000 (22:14 -0600)]
UPDATING: Document branch creation
Document when stable/12, stable/13 and stable/14 were created. Once we
release 14.0, I'll trim the stable/11 branchpoint through stable/12
brnachpoint. Documenting all of these will make it easier in the future.
Warner Losh [Tue, 17 May 2022 16:47:50 +0000 (10:47 -0600)]
efibootmgr: -C isn't implemented
-C isn't implemented, so just errx out until it is. It's not listed in
the man page, but is parsed for compatibility with the Linux
efibootmgr(8) command.
Kyle Evans [Fri, 27 Oct 2023 03:55:17 +0000 (22:55 -0500)]
arm: prune imx5 support from the tree
The IMX5 configs were removed in advance of FreeBSD 14.0 in cdb0c2a73df ("arm: Remove IMX5 specific kernel configs"). This code
isn't built with GENERIC and doesn't actually build today as-is, so
let's remove it to avoid needless maintenance work to it that won't be
tested. As usual, revival is welcome with a committed user and work to
maintain it with upstream DTS and, ideally, in GENERIC.
I note that vt_early_fb is now effectively orphaned as nothing else will
use it, but I haven't yet removed it since I have not done anything to
ascertain if it could be integrated easily enough for other SoC. It is
among the files that doesn't actually build with today's clang, though.
Reviewed by: imp, manu
Differential Revision: https://reviews.freebsd.org/D41836
Warner Losh [Fri, 27 Oct 2023 03:10:36 +0000 (21:10 -0600)]
arm: Introduce MK_KERNEL_BIN to control generation of kernel.bin
It's sometimes desirable to generate kernel.bin and install it. While
the mainstream has moved on to UEFI booting on arm, some specialized
gear can't support it. For that gear, we unconditionally generate
kernel.bin. Add a knob so that WITH_KERNEL_BIN or WITHOUT_KERNEL_BIN
control its generation and installation. config files should add
'makeoptions WITH_KERNEL_BIN=t' to enable it. Since its use is
specialized, it is off by default now since the arm world has largely
moved on to UEFI.
It only affects arm and arm64 (since those are the only two that support
it).
shodanshok [Thu, 26 Oct 2023 16:40:21 +0000 (18:40 +0200)]
Read prefetched buffers from L2ARC
Prefetched buffers are currently read from L2ARC if, and only if,
l2arc_noprefetch is set to non-default value of 0. This means that
a streaming read which can be served from L2ARC will instead engage
the main pool.
For example, consider what happens when a file is sequentially read:
- application requests contiguous data, engaging the prefetcher;
- ARC buffers are initially marked as prefetched but, as the calling
application consumes data, the prefetch tag is cleared;
- these "normal" buffers become eligible for L2ARC and are copied to it;
- re-reading the same file will *not* engage L2ARC even if it contains
the required buffers;
- main pool has to suffer another sequential read load, which (due to
most NCQ-enabled HDDs preferring sequential loads) can dramatically
increase latency for uncached random reads.
In other words, current behavior is to write data to L2ARC (wearing it)
without using the very same cache when reading back the same data. This
was probably useful many years ago to preserve L2ARC read bandwidth but,
with current SSD speed/size/price, it is vastly sub-optimal.
Setting l2arc_noprefetch=1, while enabling L2ARC to serve these reads,
means that even prefetched but unused buffers will be copied into L2ARC,
further increasing wear and load for potentially not-useful data.
This patch enable prefetched buffer to be read from L2ARC even when
l2arc_noprefetch=1 (default), increasing sequential read speed and
reducing load on the main pool without polluting L2ARC with not-useful
(ie: unused) prefetched data. Moreover, it clear users confusion about
L2ARC size increasing but not serving any IO when doing sequential
reads.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Signed-off-by: Gionatan Danti <g.danti@assyoma.it>
Closes #15451
Add mutex_enter_interruptible() for interruptible sleeping IOCTLs
Many long-running ZFS ioctls lock the spa_namespace_lock, forcing
concurrent ioctls to sleep for the mutex. Previously, the only
option is to call mutex_enter() which sleeps uninterruptibly. This
is a usability issue for sysadmins, for example, if the admin runs
`zpool status` while a slow `zpool import` is ongoing, the admin's
shell will be locked in uninterruptible sleep for a long time.
This patch resolves this admin usability issue by introducing
mutex_enter_interruptible() which sleeps interruptibly while waiting
to acquire a lock. It is implemented for both Linux and FreeBSD.
The ZFS_IOC_POOL_CONFIGS ioctl, used by `zpool status`, is changed to
use this new macro so that the command can be interrupted if it is
issued during a concurrent `zpool import` (or other long-running
operation).
Reviewed-by: Tony Hutter <hutter2@llnl.gov> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Thomas Bertschinger <bertschinger@lanl.gov>
Closes #15360
Warner Losh [Thu, 26 Oct 2023 16:14:54 +0000 (10:14 -0600)]
gpart: Be less picky about GPT Tables in some cases
When we're recoverying a damangae GPT, or when we're restoring a backed
up partition tables, don't enforce the 4k alignment for start/end LBAs.
This is useful for 512e/4kn drives when we're creating a new partition
table or partition. However, when we're trying to fix / restore an old
partition, we shouldn't force this alignment, since in that case it's
more important to use the partition table as is than to optimize
performance by rounding (which isn't required by the standard).
ednadolski-ix [Thu, 26 Oct 2023 16:13:01 +0000 (10:13 -0600)]
arc_default_max on Linux should match FreeBSD
Commits 518b487 and 23bdb07 changed the default ARC size limit on
Linux systems to 1/2 of physical memory, which has become too
strict for modern systems with large amounts of RAM. This patch
changes the default limit to match that of FreeBSD, so ZFS may
have a unified value on both platforms.
Reviewed-by: George Melikov <mail@gmelikov.ru> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Edmund Nadolski <edmund.nadolski@ixsystems.com>
Closes #15437
Warner Losh [Thu, 26 Oct 2023 16:09:16 +0000 (10:09 -0600)]
ttys: Document insecure flag
Both the secure and insecure flag is documented in init(8). the secure
flag is documented here; however, the insecure flag is not. Nor is the
nuance that a line missing the 'secure' flag is also considered
insecure. Document both here.
Warner Losh [Thu, 26 Oct 2023 04:35:45 +0000 (22:35 -0600)]
devd: Restore WARNS=6
We compile correctly on all platforms with clang and WARNS=6. We build
on amd64 with gcc12 and WARNS.6. Restore WARNS=6. This reverts 3741a56c310d, since that's no longer relevant.
Don't drop fragmented packets when reassembly is disabled, they can be
matched by rules with "fragment" keyword. Ensure that presence of scrub
rules forces old behaviour.
Gleb Smirnoff [Thu, 26 Oct 2023 09:59:21 +0000 (02:59 -0700)]
bhyve: fix arguments to ioctl(VMIO_SIOCSIFFLAGS)
ioctl(2)'s with integer argument shall pass command argument by value,
not by pointer. The ioctl(2) manual page is not very clear about that.
See sys/kern/sys_generic.c:sys_ioctl() near IOC_VOID.
Kirk McKusick [Wed, 25 Oct 2023 22:36:45 +0000 (15:36 -0700)]
Delete snapshot after opening it when running fsck_ffs(9) in background.
When fsck_ffs(8) runs in background, it creates a snapshot named
fsck_snapshot in the filesystem's .snap directory. The fsck_snapshot
file was removed when the background fsck finished. If the system
crashed or the fsck exited unexpectedly, the fsck_snapshot file
would remain. The snapshot would consume ever more space as the
filesystem changed over time until it was removed by a system
administrator or a future run of background fsck removed it to
create a new snapshot file.
This commit unlinks the .snap/fsck_snapshot file immediately after
opening it so that it will be reclaimed when fsck closes it at the
conclusion of its run. After a system crash, it will be removed as
part of the filesystem cleanup because of its zero reference count.
As only a few milliseconds pass between its creation and unlinking,
there is far less opportunity for it to be accidentally left behind.
Alexander Motin [Wed, 25 Oct 2023 22:22:25 +0000 (18:22 -0400)]
ZIO: Remove READY pipeline stage from root ZIOs
zio_root() has no arguments for ready callback or parent ZIO. Except
one recent case in ZIL code if root ZIOs ever have a parent it is
also a root ZIO. It means we do not need READY pipeline stage for
them, which takes some time to process, but even more time to wait
for the children and be woken by them, and both for no good reason.
The most visible effect of this change is that it avoids one taskq
wakeup per ZIL block written, previously used to run zio_ready()
for lwb_root_zio and skipped now.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15398
Ed Maste [Tue, 24 Oct 2023 22:06:59 +0000 (18:06 -0400)]
Update ASLR stack sysctl description in security.7 and mitigations.7
In an earlier implementation the stack (gap) was randomized when the
enable sysctl was set and ASLR was also enabled (in general) for the
binary. In the current implementation the sysctl operates
independently.
Reviewed by: kib
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42357
user stack randomization: only enable by default for 64bit processes
All aslr knobs are disabled by default for 32bit processes, except
stack. This results in weird stack location, typically making around 1G
of user address space hard to use.
Reviewed by: emaste
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D42356
Tony Hutter [Mon, 23 Oct 2023 21:45:06 +0000 (14:45 -0700)]
zvol: Remove broken blk-mq optimization
This fix removes a dubious optimization in zfs_uiomove_bvec_rq()
that saved the iterator contents of a rq_for_each_segment(). This
optimization allowed restoring the "saved state" from a previous
rq_for_each_segment() call on the same uio so that you wouldn't
need to iterate though each bvec on every zfs_uiomove_bvec_rq() call.
However, if the kernel is manipulating the requests/bios/bvecs under
the covers between zfs_uiomove_bvec_rq() calls, then it could result
in corruption from using the "saved state". This optimization
results in an unbootable system after installing an OS on a zvol
with blk-mq enabled.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Tony Hutter <hutter2@llnl.gov>
Closes #15351
Alexander Motin [Tue, 24 Oct 2023 21:35:25 +0000 (17:35 -0400)]
ZIL: Detect single-threaded workloads
... by checking that previous block is fully written and flushed.
It allows to skip commit delays since we can give up on aggregation
in that case. This removes zil_min_commit_timeout parameter, since
for single-threaded workloads it is not needed at all, while on very
fast devices even some multi-threaded workloads may get detected as
single-threaded and still bypass the wait. To give multi-threaded
workloads more aggregation chances increase zfs_commit_timeout_pct
from 5 to 10%, as they should suffer less from additional latency.
Also single-threaded workloads detection allows in perspective better
prediction of the next block size.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Prakash Surya <prakash.surya@delphix.com>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15381
Alexander Motin [Tue, 24 Oct 2023 21:33:58 +0000 (17:33 -0400)]
ABD: Be more assertive in iterators
Once we verified the ABDs and asserted the sizes we should never
see premature ABDs ends. Assert that and remove extra branches
from production builds.
Reviewed-by: Brian Atkinson <batkinson@lanl.gov> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Alexander Motin <mav@FreeBSD.org>
Sponsored by: iXsystems, Inc.
Closes #15428
Ed Maste [Tue, 24 Oct 2023 18:55:56 +0000 (14:55 -0400)]
OpenSSL: update to 3.0.12
OpenSSL 3.0.12 addresses:
* Fix incorrect key and IV resizing issues when calling
EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2()
with OSSL_PARAM parameters that alter the key or IV length
([CVE-2023-5363]).
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Brian Behlendorf [Tue, 24 Oct 2023 18:00:07 +0000 (11:00 -0700)]
Add prefetch property
ZFS prefetch is currently governed by the zfs_prefetch_disable
tunable. However, this is a module-wide settings - if a specific
dataset benefits from prefetch, while others have issue with it,
an optimal solution does not exists.
This commit introduce the "prefetch" tri-state property, which enable
granular control (at dataset/volume level) for prefetching.
This patch does not remove the zfs_prefetch_disable, which remains
a system-wide switch for enable/disable prefetch. However, to avoid
duplication, it would be preferable to deprecate and then remove
the module tunable.
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Reviewed-by: Ameer Hamza <ahamza@ixsystems.com> Signed-off-by: Gionatan Danti <g.danti@assyoma.it> Co-authored-by: Gionatan Danti <g.danti@assyoma.it>
Closes #15237
Closes #15436
Ed Maste [Tue, 24 Oct 2023 17:45:46 +0000 (13:45 -0400)]
OpenSSL: Vendor import of OpenSSL 3.0.12
* Fix incorrect key and IV resizing issues when calling
EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2()
with OSSL_PARAM parameters that alter the key or IV length
([CVE-2023-5363]).
Kristof Provost [Mon, 23 Oct 2023 11:46:11 +0000 (13:46 +0200)]
libpfctl: fix Coverity issues
- handle snl_finalize_msg() returning NULL
- insert the correct data into the states list
- add missing nvlist_destroy()
- incorrect order for array bounds
Kristof Provost [Mon, 23 Oct 2023 11:43:52 +0000 (13:43 +0200)]
libpfctl: fix pfctl_do_ioctl()
pfctl_do_ioctl() copies the packed request data into the request buffer
and then frees it. However, it's possible for the buffer to be too small
for the reply, causing us to allocate a new buffer. We then copied from
the freed request, and freed it again.
Do not free the request buffer until we're all the way done.
Mariusz Zaborski [Mon, 23 Oct 2023 21:03:51 +0000 (23:03 +0200)]
cap_net: correct capability name from addr2name to name2addr
Previously, while checking name2addr capabilities, we mistakenly used
the addr2name set. This error could cause a process to inadvertently
reset its limitations.
This patch restores/fixes some of the behavior present in pre-netlink ndp(8).
1. Deleting a local address now correctly returns EPERM (instead of
ENOENT)
2. ndp -c no longer dumps the entire table while complaining about
local addresses
3. Return exit code when deleting entry (e.g. trying ndp -d on a local
address is an error)
Rick Macklem [Mon, 23 Oct 2023 20:21:14 +0000 (13:21 -0700)]
nfscl/kgssapi: Fix Kerberized NFS mounts to pNFS servers
During recent testing related to the IETF NFSv4 Bakeathon, it was
discovered that Kerberized NFSv4.1/4.2 mounts to pNFS servers
(sec=krb5[ip],pnfs mount options) was broken.
The FreeBSD client was using the "service principal" for
the MDS to try and establish a rpcsec_gss credential for a DS,
which is incorrect. (A "service principal" looks like
"nfs@<fqdn-of-server>" and the <fqdn-of-server> for the DS is not
the same as the MDS for most pNFS servers.)
To fix this, the rpcsec_gss code needs to be able to do a
reverse DNS lookup of the DS's IP address. A new kgssapi upcall
to the gssd(8) daemon is added by this patch to do the reverse DNS
along with a new rpcsec_gss function to generate the "service
principal".
A separate patch to the gssd(8) will be committed, so that this
patch will fix the problem. Without the gssd(8) patch, the new
upcall fails and current/incorrect behaviour remains.
This bug only affects the rare case of a Kerberized (sec=krb5[ip],pnfs)
mount using pNFS.
This patch changes the internal KAPI between the kgssapi and
nfscl modules, but since I did a version bump a few days ago,
I will not do one this time.