The untrusted certs directory was renamed a while ago and these
files were moved to the new location. Various upgrade paths cause
these files to be missed and prevent deletion of the directory.
OPENSSL_API_COMPAT can be used to specify the OpenSSL API version in
use for the purpose of hiding deprecated interfaces and enabling
the appropriate deprecation notices.
This change is a NFC while we're still using OpenSSL 1.1.1 but will
avoid deprecation warnings upon the switch to OpenSSL 3.0.
A future change should migrate to use the OpenSSL 3.0 APIs.
PR: 271615
Reviewed by: emaste
Event: Kitchener-Waterloo Hackathon 202305
Sponsored by: The FreeBSD Foundation
OPENSSL_API_COMPAT can be used to specify the OpenSSL API version in
use for the purpose of hiding deprecated interfaces and enabling
the appropriate deprecation notices.
This change is a NFC while we're still using OpenSSL 1.1.1 but will
avoid deprecation warnings upon the switch to OpenSSL 3.0.
A future change should migrate to use the OpenSSL 3.0 APIs, or just
remove libtelnet.
PR: 271615
Event: Kitchener-Waterloo Hackathon 202305
Sponsored by: The FreeBSD Foundation
vm.subr's default vm_extra_pre_umount removes /qemu and
/etc/resolv.conf. When vm_extra_pre_umount is overridden these steps
need to be performed in the cloud-specific conf file.
PR: 271602
Reviewed by: dch, lwhsu
Event: Kitchener-Waterloo Hackathon 202305
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40257
The intent is to set the value to UINT32_MAX, not to |= UINT32_MAX.
Happily the intent (ensure that we do not send further packets) is
achieved either way.
Reported by: markj
Sponsored by: Rubicon Communications, LLC ("Netgate")
When checking if the spinlock count is correct in a data abort we can
panic without printing the registers. These are useful to debug the
abort, e.g. by giving the fault address register.
Reviewed by: kib
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D40228
We don't print leading zeros for other registers, so do the same with
ESR_EL1.
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D40129
The default location for home directories is moving from /usr/home
to /home. Update the examples accordingly.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D40205
Hardware with more than 256 CPU cores is now available and will become
increasingly common. Bump CPU_MAXSIZE (used for userland cpuset_t
sizing) to 1024 to define the ABI for FreeBSD 14.
This change is reapplied after a change to decouple cpuset from bhyve:
commit e17eca3276 ("vmm: Avoid embedding cpuset_t ioctl ABIs").
PR: 269572, 271213 [exp-run]
Reviewed by: mjg, jhb
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39941
(cherry picked from commit 76887e84be)
This change is a name change only. TCP Request tracking can track sendfile and even non-sendfile requests. The
names however in the current code use http, and they should not. The feature is not http specific. Lets change the
name so they more properly reflect whats going on. This also fixes conflicts with http_req which caused application pain.
Reviewed by: tuexen
Sponsored by: Netflix Inc
Differential Revision:https://reviews.freebsd.org/D40229
We already do plenty to announce the different CPUs in dmesg. Follow the
ACPI CPU strategy of reporting the first CPU device, but quieting the
rest for non-verbose boot. This cuts down slightly on dmesg output.
Reviewed by: manu, jhb
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40243
These will be used by bhyve to manage the host VFP registers, e.g.
saving the host state before entering a guest.
Reviewed by: markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D40130
These will be used by bhyve
Reviewed by: markj
Sponsored by: Arm Ltd
Sponsored by: Innovate UK
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40128
Introduce macro for PHYS_TO_PTE, setting the groundwork for future
support of various Arm VMSA extensions.
For extensions such as 52-bit VA/PA (FEAT_LPA2), the representation of
an address between a PTE and PA are not equivalent. This macro will
allow converting between the different representations.
Currently PHYS_TO_PTE is a NOP. Replace all instances where we go from
PA to PTE with new PHYS_TO_PTE macro.
Reviewed by: markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D39828
Introduce macro for PTE_TO_PHYS, setting the groundwork for future
support of various Arm VMSA extensions.
For extensions such as 52-bit VA/PA (FEAT_LPA2), the representation of
an address between a PTE and PA are not equivalent. This macro will
allow converting between the different representations.
Currently going from PTE to PA is achieved by masking off the upper and
lower attributes. Retain this behaviour but replace all instances with
the new macro instead.
Reviewed by: alc, markj
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D39827
The structure consists of all current context - arguments,
open sockets, current family and so on.
Pass this structure as a first argument to most of the af_ menthods.
This allows to propagate and update shared data without using
global variables.
The diff is pretty large, but de-facto mechanical. All changes
except the structure setup in ifconfig[_netlink].c are one-line
mechanical changes.
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D40239
MFC after: 2 weeks
Cleanup compiler warnings in preparation to set Wextra and remove WARNS?=2
Differential Revision: https://reviews.freebsd.org/D40238
MFC after: 2 weeks
A wireless dirver is requesting release from the result of
init_utsname(). Populate the field on startup.
MFC after: 10 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D40248
Add function used by a wireless driver.
Sponsored by: The FreeBSD Foundation
MFC after: 10 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D40249
This structure isn't used for anything, and only counts a subset of
vmexit types. Moreover, it is not accurate since there is no
synchronization between vcpu threads. Simply remove it.
No functional change intended.
Reviewed by: jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40245
Commit 0bda8d3e9f ("vmm: permit some IPIs to be handled by userspace")
embedded cpuset_t into the vmm(4) ioctl ABI. This was a mistake since
we otherwise have some leeway to change the cpuset_t for the whole
system, but we want to keep the vmm ioctl ABI stable.
Rework IPI reporting to avoid this problem. Along the way, make VM_RUN
a bit more efficient:
- Split vmexit metadata out of the main VM_RUN structure. This data is
only written by the kernel.
- Have userspace pass a cpuset_t pointer and cpusetsize in the VM_RUN
structure, as is done for cpuset syscalls.
- Have the destination CPU mask for VM_EXITCODE_IPIs live outside the
vmexit info structure, and make VM_RUN copy it out separately. Zero
out any extra bytes in the CPU mask, like cpuset syscalls do.
- Modify the vmexit handler prototype to take a full VM_RUN structure.
PR: 271330
Reviewed by: corvink, jhb (previous versions)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D40113
Add -j <jail> flag to ifconfig to allow ifconfig to attach and run inside a
jail. This allow parent to configure network interfaces of its children
even if ifconfig is not available in child's tree (e.g. Linux Jails)
Reviewed by: emaste, khng, melifaro
Event: Kitchener-Waterloo Hackathon 202305
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D40213
Now that gcc >= 12 supports -ftrivial-auto-var-init, add it to
bsd.compiler.mk's "init-all" feature.
PR: 271047
Reviewed by: emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D40208
As of clang 16, the -ftrivial-auto-var-init=zero option no longer needs
-enable-trivial-auto-var-init-zero-knowing-it-will-be-removed-from-clang
to enable the option. Only add it for older clang versions.
PR: 271047
Reviewed by: emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D40208
For symmetry with rc.resume, give rc.suspend the ability to execute
rc-scripts. Use the suspend keyword for that.
Use-case is for setting a wake-up time, e.g. via efiwake.
Reviewed by: christos
Approved by: markj (mentor)
Differential Revision: https://reviews.freebsd.org/D39965
The zone is used solely to provide KVA for mapping BIOs so that we can
pass mapped buffers to VOP_READ and VOP_WRITE. Currently we preallocate
nswbuf/10 bufs for this purpose during boot.
The intent was to limit KVA usage on 32-bit systems, but the
preallocation means that we in fact consumed more KVA than needed unless
one has more than nswbuf/10 (typically 25) vnode-backed MD devices
in existence, which I would argue is the uncommon case.
Meanwhile, all I/O to an MD is handled by a dedicated thread, so we can
instead simply preallocate the KVA region at MD device creation time.
Event: BSDCan 2023
Reviewed by: kib
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D40215
Architectures that are not included in the #ifdef won't be able to
compile libdtrace. This was tested on an ARM64 build. If the ifdef is
removed, libdtrace can be compiled with no problems, otherwise it fails
at libdtrace.
Reviewed by: markj
Approved by: markj (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39948
By specifying the -d flag, libdtrace will dump the D script after it has
applied syntactical sugar transformations (e.g if/else). This is useful
for both understanding what dt_sugar does, as well as debugging it.
Reviewed by: markj
Approved by: markj (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38732
if_ovpn already notified userpsace when there was a risk of sequence
number re-use, but it trusted userspace to actually rotate the key.
Convert the internal sequence number counter to 64 bits so we can detect
overflows and then refuse to send packets.
Event: BSDCan 2023
Reviewed by: Leon Dang <ldang@netgate.com>
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D40187
The current implementation of KINST_TRAMP_INIT is working only on amd64,
where the breakpoint instruction is one byte long, which might not be
the case for other architectures (e.g in RISC-V it's either 2 or 4
bytes). This patch introduces two machine-dependent constants,
KINST_TRAMP_FILL_PATTERN and KINST_TRAMP_FILL_SIZE, which hold the fill
instruction and the size of that instruction in bytes respectively.
Reviewed by: markj
Approved by: markj (mentor)
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39504
