fticket_wait_answer would spin if it received an unhandled signal whose
default disposition is to terminate. The reason is because msleep(9) would
return EINTR even for a masked signal. One reason is when the thread is
stopped, which happens for example during sigexit(). Fix this bug by
returning immediately if fticket_wait_answer ever gets interrupted a second
time, for any reason.
Sponsored by: The FreeBSD Foundation
This affects the detection of 24-hour vs AM/PM mode... the ampm bit is in a
different location on 2127 and 2129 chips compared to other nxp rtc chips.
I noticed the 2127 case wasn't being handled correctly when I accidentally
misconfiged my system by claiming my PCF2129 was a 2127.
It is declared here and in rfc931.c and unused here so keep that copy
and discard this one.
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA, AFRL
libsecureboot can tell us if the most recent file opened was
verfied or not.
If it's state is VE_UNVERIFIED_OK, skip if variable
matches one of the restricted prefixes.
Reviewed by: stevek
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org//D20909
1) Don't explicitly not mask SIGKILL. kern_sigprocmask won't allow it to be
masked, anyway.
2) Fix an infinite loop bug. If a process received both a maskable signal
lower than 9 (like SIGINT) and then received SIGKILL,
fticket_wait_answer would spin. msleep would immediately return EINTR,
but cursig would return SIGINT, so the sleep would get retried. Fix it
by explicitly checking whether SIGKILL has been received.
3) Abandon the sig_isfatal optimization introduced by r346357. That
optimization would cause fticket_wait_answer to return immediately,
without waiting for a response from the server, if the process were going
to exit anyway. However, it's vulnerable to a race:
1) fatal signal is received while fticket_wait_answer is sleeping.
2) fticket_wait_answer sends the FUSE_INTERRUPT operation.
3) fticket_wait_answer determines that the signal was fatal and returns
without waiting for a response.
4) Another thread changes the signal to non-fatal.
5) The first thread returns to userspace. Instead of exiting, the
process continues.
6) The application receives EINTR, wrongly believes that the operation
was successfully interrupted, and restarts it. This could cause
problems for non-idempotent operations like FUSE_RENAME.
Reported by: kib (the race part)
Sponsored by: The FreeBSD Foundation
filesystems that have block pointers that are out-of-range for their
filesystem. These out-of-range block pointers are corrected by
fsck(8) so are only encountered when an unchecked filesystem is
mounted.
A new "untrusted" flag has been added to the generic mount interface
that can be set when mounting media of unknown provenance or integrity.
For example, a daemon that automounts a filesystem on a flash drive
when it is plugged into a system.
This commit adds a test to UFS/FFS that validates all block numbers
before using them. Because checking for out-of-range blocks adds
unnecessary overhead to normal operation, the tests are only done
when the filesystem is mounted as an "untrusted" filesystem.
Reported by: Christopher Krah, Thomas Barabosch, and Jan-Niclas Hilgert of Fraunhofer FKIE
Reported as: FS-14-UFS-3: Out of bounds read in write-2 (ffs_alloccg)
Reviewed by: kib
Sponsored by: Netflix
We can't use a u_int to compute the physical address in
pmap_early_vtophys(). Our int is 32-bit, but the physical address is
64-bit. This works fine if everything lives in below 0x100000000, but as
soon as it doesn't this breaks.
MFC after: 1 week
Sponsored by: Axiado
That change was intended to be cosmetic, but it inadvertenly caused
vnode_pager_setsize to discard cached indirect blocks and extended
attributes on UFS during truncation. The reason is because those blocks
have negative LBNs, which get sign-cast to positive VM indexes.
Reported by: kib
Sponsored by: The FreeBSD Foundation
The clang switchover happened long enough ago that we can
garbage-collect this note.
Reviewed by: emaste, imp
Differential Revision: https://reviews.freebsd.org/D20978
The intent is to provide a convenient location to document changes
that are relevant to users of binary FreeBSD distributions, in contrast
with UPDATING, which exists to document caveats for users who build
FreeBSD from source.
This complements the "Relnotes:" tag in commit messages by providing a
place to document the change in more detail, or in case a "Relnotes:"
tag was accidentally omitted. In particular, "Relnotes:" should be
used if you do not intend to document the change in RELNOTES for some
reason.
Changes to the file should not be MFCed. For now the file will exist
only in head, but may be updated via direct commits to stable branches
depending on how things go.
I took the liberty of pre-populating the file with some recent release
notes-worthy changes.
Reviewed by: ian (earlier version)
Discussed with: cy, gjb, imp, rgrimes
Differential Revision: https://reviews.freebsd.org/D20762
I accidentally broke the main point of r349248 when making stylistic changes
in r349391. Restore the original behavior, and also fix an additional
overflow that was possible when uio->uio_resid was nearly SSIZE_MAX.
Reported by: cem
Reviewed by: bde
MFC after: 2 weeks
MFC-With: 349248
Sponsored by: The FreeBSD Foundation
This ioctl is used when a breakpoint is encountered while disassembling
a symbol in the target process. Since only one DTrace consumer can
toggle or enumerate fasttrap probes from a given process at time, this
ioctl does not appear to be used in practice.
zone.tab is deprecated. Install zone1970.tab alongside it, and use it
for tzsetup(8). This is also useful for other applications that need
the modern better maintained file.
Reviewed by: philip
Approved by: allanjude (mentor)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D20646
with various laptops using hdaa(4) sound devices. We don't seem to know
the "correct" configurations for these devices and the defaults are far
superiour, e.g. they work if you don't nuke the default configs.
PR: 200526
Differential Revision: https://reviews.freebsd.org/D17772
Instead of skipping the NVMe Completion Queue update based on the
opcode, define a synthetic status value which indicates the completion
queue entry is invalid. This will also allow deferred completion queue
updates for other commands.
Also returns the correct status for unrecognized opcodes ("invalid
opcode").
Reviewed by: imp, jhb, araujo
Approved by: imp (mentor), jhb (maintainer)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D20945
filesystem full message is sent to the offending process or the
kernel log if the offending process cannot be identified.
To prevent an explotion of messages, the kernel ppsratecheck()
function is used to limit the messages to one per second. This
revision changes the variable that tracks the rate of these messages
from a systemwide limit to a per-filesystem limit by moving it from
a global variable to a variable in the ufsmount structure.
Suggested by: kib
Reviewed by: kib
Sponsored by: Netflix
This removes all of the architecture-specific functions from truss.
A per-ABI structure is still needed to map syscall numbers to names
and FreeBSD errno values to ABI error values as well as hold syscall
counters. However, the linker set of ABI structures is now replaced
with a simple table mapping ABI names to structures. This approach
permits sharing the same ABI structure among separate names such as
i386 a.out and ELF binaries as well as ELF v1 vs ELF v2 for powerpc64.
A few differences are visible due to using PT_GET_SC_RET to fetch the
error value of a system call. Note that ktrace/kdump have had the
"new" behaviors for a long time already:
- System calls that return with EJUSTRETURN or ERESTART will now be
noticed and logged as such. Previously sigreturn (which uses
EJUSTRETURN) would report whatever random value was in the register
holding errno from the previous system call for example. Now it
reports EJUSTRETURN.
- System calls that return errno as their error value such as
posix_fallocate() and posix_fadvise() now report non-zero return
values as errors instead of success with a non-zero return value.
Reviewed by: kib
MFC after: 1 month
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D20963
Neither the 1.3 or 1.4 standards say this number is 1's based, but adding 1
costs little and copes with those NVMe drives that report '0' in this field
cheaply. This is consistent with what the Linux driver does as well.
When O_CREAT is specified, the third, variadic argument is
required as the permission. If on is not passed, then depending
on the ABI, either the contents of the third argument register
or some arbitrary stuff on the stack will be used as the permission.
This has been merged to NetBSD.
Reviewed by: asomers, ngie
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D20972
ipfilter 5.1.2 into FreeBSD-10, the fix for, 2580062 from/to targets
should be able to use any interface name, moved frentry.fr_cksum to
prior to frentry.fr_func thereby making this code redundant. After
investigating whether this fix to move fr_cksum was correct and if it
broke anything, it has been determined that the fix is correct and this
code is redundant. We remove it here.
MFC after: 2 weeks
This changes the return code however the caller only tests for 0 and != 0.
One might ask then, why multiple return codes when the caller only tests
for 0 and != 0? From what I can tell, Darren probably passed various
return codes for sake of debugging. The debugging code is long gone
however we can still use the different return codes using DTrace FBT
traces. We can still determine why the compare failed by examining the
differences between the fr1 and fr2 frentry structs, which is a simple
test in DTrace. This allows reducing the number of tests, improving the
code while not affecting our ability to capture information for
diagnostic purposes.
MFC after: 1 week
When compiling RACK on platforms using gcc, a warning that tcp_outflags
is defined but not used is issued and terminates compilation on PPC64,
for example. So don't indicate that tcp_outflags is used.
Reviewed by: rrs@
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D20971
These are mostly compatible with Linux, with three exceptions.
1. We don't do metadata segment stuff. Our passthrough interface
doesn't cope. The code is there, but generates an error.
2. Linux lets you specify a namespace ID for the command. We current
do not: we get ours from the namespace device, or pass in a generic
one. Generally, this will lead to the same command, but FreeBSD's
is safer since you can't specify the wrong id.
3. --show-command outputs to stderr instead of stdout so you can both
see your command, and capture its output with a simple redirect.
Differential Revision: https://reviews.freebsd.org/D19296
Create a set of routines and structures to hold the data for the args
for a command. Use them to generate help and to parse args. Convert
all the current commands over to the new format. "comnd" is a hat-tip
to the TOPS-20 %COMND JSYS that (very) loosely inspired much of the
subsequent command line notions in the industry, but this is far
simpler (the %COMND man page is longer than this code) and not in the
kernel... Also, it implements today's de-facto
command [verb]+ [opts]* [args]*
format rather than the old, archaic TOPS-20 command format :)
This is a snapshot of a work in progress to get the nvme passthru
stuff committed. In time it will become a private library and used
by some other programs in the tree that conform to the above pattern.
Differential Revision: https://reviews.freebsd.org/D19296
This constant determines the number of rights libnv will attempt to
transmit in a given control message. In practice, the upper limit
defined by the kernel is machine-dependent and is smaller on 64-bit
kernels than on 32-bit kernels. To ensure that a 32-bit libnv works
as expected when run on a 64-bit kernel, use a limit that will work
on both 32-bit and 64-bit kernels.
PR: 238511
Discussed with: oshogbo
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D20942
In both cases, function pointer arguments were inconsistently declared
and the result worked because of C's odd rules around function pointer
(de)references. With a stricter compiler these fail to compile.
Reviewed by: cem
Obtained from: CheriBSD
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D20964
Add format capability to core file names to include signal
that generated the core. This can help various validation workflows
where all cores should not be considered equally (SIGQUIT is often
intentional and not an error unlike SIGSEGV or SIGBUS)
Submitted by: David Leimbach (leimy2k@gmail.com)
Reviewed by: markj
MFC after: 1 week
Relnotes: sysctl kern.corefile can now include the signal number
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D20970
r350004 added most of the machinery needed to support hardware DBM
management, but it did not intend to actually enable use of the hardware
DBM bit.
Reviewed by: andrew
MFC with: r350004
Sponsored by: The FreeBSD Foundation
