In commit c77bfaa750 uhid(4) gained support for ioctl from
USB_GET_DEVICEINFO. This is used in libraries like libfido2 to
retrieve information about a device.
This commit adds binary compatible version to hidraw(4).
PR: 264843
MFC after: 1 month
Requested by: grembo
Delete note that UFS/FFS filesystems running with journaled soft updates
cannot run background fsck as 344b5bf made it possible to do so.
MFC-with: 344b5bf
Sponsored-by: The FreeBSD Foundation
Previously dumpfs(8) exited when a cylinder group read failed (such
as a cylinder-group check-hash failure). Now an error message
indicating the cylinder group number and the type of failure is
printed and the output continues for the remaining cylinder groups.
MFC-after: 1 week
Sponsored-by: The FreeBSD Foundation
Previously the log message indicated only "(core dumped)" if a core was
successfully created, or nothing if it was not. This provides
insufficient information to faciliate debugging. Dtrace is no help as
coredump() is static and we cannot find the return value via fbt.
Expand the log message to include error return value information.
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39942
This splits out the certctl utility into a new certctl package and the
openssl libs into an openssl-lib package.
PR: 272816
Reviewed by: manu
Differential Revision: https://reviews.freebsd.org/D41321
OLD_FILES and OLD_LIBS implicitly include the libcompat variant, whereas
MOVED_LIBS exists specifically for files that have moved between /lib
and /usr/lib, and thus don't get a libcompat equivalent.
Reported by: des
Fixes: 5fd1da4d85 ("ObsoleteFiles.inc: Add an entry for libdtrace.so.2 in /usr/lib")
Rewrite the final loop in vm_phys_enqueue_contig as a new function,
vm_phys_enq_beg, to reduce amd64 code size.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D41289
Also use __func__ rather than hardcoding the function name. This code
now fits in 80 columns without splitting the log message.
Reviewed by: zlei
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39619
By not exporting _start, we get various warnings of the form:
ld: warning: cannot find entry symbol _start
Note that in practice these don't matter because we manually construct
our PE header and use objcopy -O binary, so the entry point is set to
whatever we put explicitly in the PE header, but we should still do the
right thing and silence these warnings.
This was found in CheriBSD, where bsd.prog.mk has similar logic to
bsd.lib.mk and sets -Wl,--(no-)fatal-warnings based on LD_FATAL_WARNINGS
(unlike FreeBSD which only does so in the latter).
Verify that the requested region of the mbuf chain is not beyond the
end of the chain before trimming it from the end. If it is out of
bounds, fail with an error (EPROTO).
While here, properly handle the case that the amount of data at the
end of the chain might span more than one mbuf by using m_adj to drop
the extra bytes rather than assuming m_len of the last mbuf can be
adjusted directly.
PR: 258504
Reported by: Robert Morris <rtm@lcs.mit.edu>
Co-authored-by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41229
ISO9660 permits specifying a logical block size that is any power of 2
greater than or equal to 512. The geom disk layer requires requests
to be aligned on sector boundaries of the provider. With a volume
that uses a logical block size smaller than the underlying disk sector
size (e.g. a logical block size of 512 or 1024 on a CD which uses 2048
byte sectors), the current cd9660 vfs can issue requests for partial
sectors, or on non-sector boundaries.
Fixing this properly would require wrapping all of the calls to
bread*/bwrite* in cd9660 vfs to roundup requests to be on sector
boundaries which can include both the length, but also the starting
sector number (and thus requiring use of an offset relative to b_data
in the resulting buf).
These images do not seem to be common however given that no one has
fixed this in cd9660's vfs in the past few decades, so just reject
them during mount with an error. If such images are found to be used
in the wild in practice, then the larger fix can be applied.
PR: 258063
Reported by: Robert Morris <rtm@lcs.mit.edu>
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41228
Previously a debug kernel would trigger an assertion failure if an I/O
request attempted to read off the end of a concat volume, but a
non-debug kernel would use an invalid sub-disk to try to complete the
request eventually resulting in some sort of fault in the kernel.
Instead, turn the assertions into explicit checks that fail requests
beyond the end of the volume with EIO. For requests which run over
the end of the volume, return a short request.
PR: 257838
Reported by: Robert Morris <rtm@lcs.mit.edu>
Reviewed by: emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41222
- If the size is negative or if rounding it up to a multiple of
the block size overflows, fail the read request with ERANGE.
- While here, add a sanity check that the ICB length for the root
directory is at least as long as a minimum-sized file entry.
PR: 257768
Reported by: Robert Morris <rtm@lcs.mit.edu>
MFC after: 1 week
Sponsored by: FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41220
Don't clear the counters for the socket snd buffer when
shutdown(..., SHUT_WR) or shutdown(..., SHUT_RDWR) is called.
This was causing the system to panic() when SCTP pf tests were
running.
Reported by: dchagin, kp
MFC after: 1 week
Do not assume that when vm_phys_enq_range is passed npages==0 that the
vm_page argument is valid in any way, much less that it has a
page-aligned address. Just don't look at it. Assert nothing about it.
Reported by: karels
Differential Revision: https://reviews.freebsd.org/D41317
The GICv2 can only send IPIs to 8 CPUs. Because of this it should only
be in machines with no more than 8 cores.
Create a new macro to hold this limit to reduce the size of the softc.
Reviewed by: emaste
Sponsored by: Arm Ltd
Differential Revision: https://reviews.freebsd.org/D41322
The HPN patch set was removed from base system SSH in January 2016, in
commit 60c59fad88. We retained the option parsing (using OpenSSH's
support for deprecated options) to avoid breaking existing installations
upon upgrade, but sufficient time has now passed that we can remove this
special case.
Approved by: des
Relnotes: Yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41291
Because KASAN shadows the kernel image itself (KMSAN currently does
not), a shadow mapping of the boot stack must be created very early
during boot. pmap_san_enter() reserves a fixed number of pages for the
purpose of creating and mapping this shadow region.
After commit 789df254cc ("amd64: Use a larger boot stack"), it could
happen that this reservation is insufficient; this happens when
bootstack crosses a PAGE_SHIFT + KASAN_SHADOW_SCALE_SHIFT boundary.
Update the calculation to take into account the new size of the boot
stack.
Fixes: 789df254cc ("amd64: Use a larger boot stack")
Sponsored by: The FreeBSD Foundation
The closing parenthesis was in the wrong location, so instead of assigning the return value to krbret and then comparing it to zero, we were assigning the result of the comparison to krbret and then comparing that to zero. This has no practical significance since the value is not used after the loop terminates.
PR: 229719
Reviewed by: cy
Differential Revision: https://reviews.freebsd.org/D41299
Send an ICMPv6 echo request packet with multiple IPv6 fragment headers.
Set rules to pass all packets, except for ICMPv6 echo requests.
pf ought to drop the echo request, but doesn't because it reassembles
the packet, and then doesn't handle the second fragment header. In other
words: it fails to detect the ICMPv6 echo header.
Reported by: Enrico Bassetti bassetti@di.uniroma1.it (NetSecurityLab @ Sapienza University of Rome)
MFC after: instant
Sponsored by: Rubicon Communications, LLC ("Netgate")
With 'scrub fragment reassemble' if a packet contains multiple IPv6
fragment headers we would reassemble the packet and immediately
continue processing it.
That is, we'd remove the first fragment header and expect the next
header to be a final header (i.e. TCP, UDP, ICMPv6, ...). However, if
it's another fragment header we'd not treat the packet correctly.
That is, we'd fail to recognise the payload and treat it as if it were
an IPv6 fragment rather than as its actual payload.
Fix this by restarting the normalisation on the reassembled packet.
If there are multiple fragment headers drop the packet.
Reported by: Enrico Bassetti bassetti@di.uniroma1.it (NetSecurityLab @ Sapienza University of Rome)
MFC after: instant
Sponsored by: Rubicon Communications, LLC ("Netgate")
On Linux these system calls have an effect only when used in conjuction
with an I/O scheduler that supports I/O priorities. If no I/O scheduler
has been set for a thread, then by defaut the I/O priority will follow
the CPU nice value. Due to FreeBSD lack of I/O scheduler facilities, the
default Linux behavior is implemented.
Ubuntu 23.04 debootstrap requires Linux ionice which depends on these
syscalls.
Differential Revision: https://reviews.freebsd.org/D41153
MFC after: 1 month
Unzip from FreeBSD has been ported to libarchive.
Change usr.bin/unzip to use bsdunzip from libarchive.
Differential Revision: https://reviews.freebsd.org/D41239
PR: 272845 (exp-run)
MFC after: 1 month
We create a static array of pointers to per-CPU data. Because the cpuid
space on arm64 is not sparse there is no need to add an extra level of
indirection. Move to use mallocarray to allocate the redistributors as
a single array.
Sponsored by: Arm Ltd
The function ibv_query_device_ex is static inline, it is not exported
from the dso. With lld 16, which is much more picky about versioning and
undefined symbols, this becomes an error.
The ibv_register_driver driver symbol is explicitly versioned in
sources, it is non-existent in un-versioned object files.
Sponsored by: NVidia networking
MFC after: 1 week
