Split the linux_ioctl_socket() function on two counterparts, where
the linux_ioctl_socket_ifreq() intended to use in a code path which
requires the struct ifreq manipulation, i.e., translating in/out
values of the struct, while the linux_ioctl_socket() function is left
as is, it calls sys_ioctl() without touching in/out values.
Due to structures ifreq, sockaddr difference between FreeBSD and Linux
the linux_ioctl_socket_ifreq() calls kern_ioctl() directly, converting
in and out values to FreeBSD and to Linux accordingly.
Finally, modify the ifname_linux_to_bsd() to return error code, not
an unstable reference to the interface.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D38794
For now we are using mixed names to access struct ifreq members, some
of Linux (ifr_name, ifr_ifindex), others of FreeBSD. To avoid conflicts
switch to use FreeBSD names.
Reviewed by: jhibbits
Differential Revision: https://reviews.freebsd.org/D38792
Enter the net epoch when traversing a list of interfaces. For that
split the ifname_linux_to_bsd() function on two counterparts, where
the ifname_linux_to_ifp() intended to use in epoch, while the
ifname_linux_to_bsd() intended to be a self-contained.
Until the linux_ioctl_coket() function is refactored, the
ifname_linux_to_bsd() temporarily returns interface outside
of the net epoch.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D38790
Migrate linux and linprocfs to use the IfAPI interfaces instead of
direct ifnet accesses.
The code initially writed by jhibbits@, and adapted by me to 3ab3c9c2.
Reviewed by: jhibbits
Differential Revision: https://reviews.freebsd.org/D38735
If there is no source filter entry => block if that's SSM ("exclude"
mode per RFC 3678 clause 3). If there is an entry => check its action &
block if the action is "exclude".
It would be nice if the test case in this PR were converted into an ATF
test case, but not blocking on that.
Reviewed by: imp, melifaro
Pull Request: https://github.com/freebsd/freebsd-src/pull/601
On some hardware, we can't clear HCR_EL2.E2H so accesses to the physical
timer hopelessly trap to EL2. Stash off the value of HCR_EL2 and use it
in has_hyp() to avoid this.
Reviewed by: andrew
Differential Revision: https://reviews.freebsd.org/D38884
With the deprecation of NgATM, ng_atmllc is the last vestage of ATM
support so deprecate it too.
MFC after: 3 days
Relnotes: yes
Reviewed by: manu, emaste
Differential Revision: https://reviews.freebsd.org/D38878
Support for ATM NICs was removed prior to FreeBSD 12. At the time it
was unclear if this code was still useful without it. Now the time has
come to finish removing support.
Add DREPRECATION NOTICEs to the manpages and gone_in(14, ...) warnings
in the constructors (or module init for ngatmbase).
MFC after: 3 days
Relnotes: yes
Reviewed by: manu, emaste
Differential Revision: https://reviews.freebsd.org/D38877
It's no longer possible to disable C++ so there's no need to comment
on it.
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D38883
Mostly sprinkle __unused. Also duplicate strings passed to addenv() so
that constant string literals can be passed. No functional change
intended.
Reviewed by: corvink, rew, jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38840
Avoid unaligned accesses in cpu_vendor_intel() and address a few other
nits. No functional change intended.
Reviewed by: corvink, rew, jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38839
ATM is an old technology, remove build of related programs by default
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38844
Reviewed by: brooks, imp, emaste
Now when supervsion mode has it's own variable there is really no
reason to set it separately from the rest of the variables. Move
initialization of supervise_enabled var to the argument processing
switch loop, where it belongs.
Reviewed by: kevans
Pull Request: https://github.com/freebsd/freebsd-src/pull/672
The 'restart' variable was responsible for enablement of restart
behavior and for restart delay. While it may seem convenient it
leads to cluttering the exit/restart logic
Reviewed by: kevans
Pull Request: https://github.com/freebsd/freebsd-src/pull/672
This is not a functional change.
- Clean up whitespace (spaces where there should be tabs)
- Break up lines that are longer than 80
Reviewed by: kevans
Pull Request: https://github.com/freebsd/freebsd-src/pull/672
As of macOS Ventura, Apple-signed binaries cannot be run if copied away from
their system location. This security feature doesn't really make sense for
boring things like sh(1), more so for applications with special entitlements,
but it's universally present, and results in the following error:
>>> Install check world
bmake[2]: "/Users/Jess/cheri/freebsd/Makefile.inc1" line 572: warning: "MAKEFLAGS= CPUTYPE=dummy /Users/Jess/cheri/build/freebsd-riscv64-build/bmake-install/bin/bmake -f /dev/null -m /Users/Jess/cheri/freebsd/share/mk MK_AUTO_OBJ=no -V CPUTYPE" exited on a signal
bmake[2]: "/Users/Jess/cheri/freebsd/Makefile.inc1" line 575: CPUTYPE global should be set with ?=.
As with host-symlinks, we don't actually need to copy the files on macOS, since
we're not updating the current machine, so copy its approach and just symlink
them instead.
MFC after: 1 week
This makes the detection of VMs common between platforms that
have SMBios.
Reviewed by: imp, kib
Differential Revision: https://reviews.freebsd.org/D38800
GNU egrep emits a warning that it is obsolescent and suggests grep -E
instead. Switch to grep -E in case we end up invoking GNU (e)grep (and
for consistency with other invocations in this file).
Reported by: Steffen Nurpmeso
Sponsored by: The FreeBSD Foundation
This code was removed as part of the NATM removal in 2017 and somehow
this option was missed.
MFC after: 3 days
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D38874
The consensus was that VNET_NFSD was not needed.
This patch removes it from kern_jail.c.
With this patch, support for the "allow.nfsd"
jail parameter is enabled in the kernel for
kernels built with "options VIMAGE".
Reviewed by: markj
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D38808
To run mountd in a vnet prison, three checks in vfs_domount()
and vfs_domount_update() related to doing exports needed
to be changed, so that a file system visible within the
prison but mounted outside the prison can be exported.
I did all three in a minimal way, only changing the checks for
the specific case of a process (typically mountd) doing exports
within a vnet prison and not updating the mount point in other
ways. The changes are:
- Ignore the error return from vfs_suser(), since the file
system being mounted outside the prison will cause it to fail.
- Use the priv_check(PRIV_NFS_DAEMON) for this specific case
within a prison.
- Skip the call to VFS_MOUNT(), since it will return an error,
due to the "from" argument not being set correctly. VFS_MOUNT()
does not appear to do anything for the case of doing exports only.
Reviewed by: markj
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D37741
The behavior is the same as in capability mode, it does not actually
return EINVAL for absolute lookups:
openat(AT_FDCWD,"/tmp/test",O_RDONLY|O_DIRECTORY,00) = 3 (0x3)
openat(3,"../../",O_RDONLY|0x800000,00) ERR#93 'Capabilities insufficient'
openat(3,"/etc/passwd",O_RDONLY|0x800000,00) ERR#93 'Capabilities insufficient'
Fixes: 1f305be43 ("Document {O,AT}_RESOLVE_BENEATH...")
Reviewed by: kib, pauamma (manpages), emaste
Sponsored by: https://www.patreon.com/valpackett
Pull Request: https://github.com/freebsd/freebsd-src/pull/680
Differential Revision: https://reviews.freebsd.org/D38675
In every mpr and mps ioctl that copies kernel data to userland, validate
that the requested length does not exceed the size of the kernel's
buffer.
Note that all of these ioctls already required root access.
MFC after: 2 weeks
Sponsored by: Axcient
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D38842
All drivers are already either in GENERIC or in the other arches LINT
so no need to build this one too.
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38851
All drivers are already either in GENERIC or in the other arches LINT
so no need to build this one too.
Sponsored by: Beckhoff Automation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D38850