The Kasan tests show the nfsrvd_cleancache() results
in a modify after free. I think this occurs because the
nfsrv_cleanup() function gets executed after nfs_cleanup()
which free's the nfsstatsv1_p.
This patch makes them use the same subsystem and sets
SI_ORDER_FIRST for nfs_cleanup(), so that it will be called
after nfsrv_cleanup() via VNET_SYSUNINIT().
The patch also sets nfsstatsv1_p NULL after free'ng it,
so that a crash will result if it is used after free'ng.
Tested by: markj
Reviewed by: markj
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D38750
ping -R (F_RROUTE) will loop at ping.c:1381 until it segfaults or
the unsigned int hlen happens to be less than the size of an IP header:
slippy$ ping -R 192.168.0.101
PING 192.168.0.101 (192.168.0.101): 56 data bytes
64 bytes from 192.168.0.101: icmp_seq=0 ttl=63 time=1.081 ms
RR: 192.168.0.1
192.168.0.101
192.168.0.101
10.1.1.254
10.1.1.91
unknown option bb
unknown option 32
unknown option 6
...
unknown option 96
unknown option 2d
Segmentation fault
The reason for this is while looping through loose source routing (LSRR)
and strict source routing (SSRR), hlen will become smaller than the IP
header. It may even become negative. This should terminate the loop.
However, when hlen is unsigned, an integer underflow occurs becoming a
large number causing the loop to continue virtually forever until hlen
is either by chance smaller than the lenghth of an IP header or it
segfaults.
Reviewed by: asomers
Fixes: 46d7b45a26
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D38744
Most options in kernel config files use "options<space><tab>OPTION".
This allows the option to be commented out without shifting columns.
A few options had two tabs, and some had spaces. Make them consistent.
Most options in kernel config files use "options<space><tab>OPTION".
This allows the option to be commented out without shifting columns.
A few options had two tabs, and some had spaces. Make them consistent.
Most options in kernel config files use "options<space><tab>OPTION".
This allows the option to be commented out without shifting columns.
A few options had two tabs, and some had spaces. Make them consistent.
Most options in kernel config files use "options<space><tab>OPTION".
This allows the option to be commented out without shifting columns.
A few options had two tabs, and some had spaces. Make them consistent.
Most options in kernel config files use "options<space><tab>OPTION".
This allows the option to be commented out without shifting columns.
A few options had two tabs, and some had spaces. Make them consistent.
Most options in kernel config files use "options<space><tab>OPTION".
This allows the option to be commented out without shifting columns.
A few options had two tabs, and some had spaces. Make them consistent.
Commit da88842029 ("config: error out on malformed env/hint lines")
added a reference to EINVAL. In some configurations the bootstrap tools
build fails for lack of errno definitions.
Fixes: da88842029 ("config: error out on malformed env/hint lines")
Reported by: syzbot+b1a5d112a737d9a2be9b@syzkaller.appspotmail.com
As the comment says it probably does not matter but use a local
variable to track state under lock so we can return the last known
good state of what we thought we were operating under after unlocking.
Likely no functional changes.
Sponsored by: The FreeBSD Foundation
MFC atfer: 3 days
Reviewed by: enweiwu, adrian
Differential Revision: https://reviews.freebsd.org/D38660
This drops function `getexecname()` redirection.
Historically `getexecname()` is a compatibility definition. Since
openzfs has its own implementation of function `getexecname()` in libspl
and has been merged into base, the compat header file stdlib.h is
no longer needed and should not be used.
Also without this fix libspl will end up an incompatible version of
`getprogname()` with libc. In particular, if zfs is enabled, programs
such as pgrep in /rescue can be wrongly statically linked with libspl
and will not function properly.
PR: 269738
Reviewed by: markj
Fixes: 9e5787d228 Merge OpenZFS support in to HEAD
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38733
* Make nhop_set_blackhole() set all necessary properties for the
nexthop
* Make nexthops blackhole/reject based on the rtm_type netlink
property instead of using rtflags.
Reported by: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>
MFC after: 3 days
Make sure that pcb_vfpsaved is always initialized.
Create a vfp_new_thread helper that is heavily based on the arm64 logic.
While here remove un unnecessary assigment and add an assertion
to make sure that it's been properly initialized before we return
from a VFP exception.
Reported by: Mark Millard <marklmi@yahoo.com>
Tested by: Mark Millard <marklmi@yahoo.com>
Differential Revision: https://reviews.freebsd.org/D38698
Contrary to arm64, on armv7 get_vfpcontext/set_vfpcontext can be called
from cpu_ptrace. This can be triggered when gdb hits a breakpoint
in a userspace program.
Relax td == currthread assertion to account for that situation.
While here update an outdated comment in vfp_discard.
Reported by: Mark Millard <marklmi@yahoo.com>
Tested by: Mark Millard <marklmi@yahoo.com>
Differential Revision: https://reviews.freebsd.org/D38696
There is rampant inconsistent formatting all around, make it mostly
style(9)-conformant.
While here:
- drop malloc casts
- rename a rw lock from mroute_mtx to mroute_lock
- replace NOTREACHED comment with __assert_unreachable
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D38652
When building WITH_BEARSSL=1 veriexec(4) failes to compile.
So update the function prototype so that veriexec(4)
compiles again.
Reported by: gbe
Reviewed by: mjg, gbe
Approved by: mjg
Pull Request: https://github.com/freebsd/freebsd-src/pull/657
Netlink should translate a FreeBSD interface name to a Linux
interface name.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D38715
MFC after: 3 days
We have some amount of interface names translation functions which are
differs by bugs implementation. Consolidates it in a one place.
Fixup loopback interface names translation and use ifnet methods and
accessors, where possible.
Reviewed by: melifaro
Differential Revision: https://reviews.freebsd.org/D38714
MFC after: 3 days
X-MFC with: 32fdc75fe7
Don't define ovpn_find_peer_by_ip() if INET is not set, and do the same
for ovpn_find_peer_by_ip6() and INET6.
Reported by: mjg
Sponsored by: Rubicon Communications, LLC ("Netgate")
In CURRENT for some time an overflowed unix/dgram socket would
return EAGAIN if it has O_NONBLOCK set. This proved to be
undesired. See 71e70c25c0 for details. Update tests to match
the "new" behavior, which actually is the historical behavior.
For the cases where the nfsd(8) daemon is already running or
has failed to start within a prison due to an incorrect prison
configuration, the failure message logged is:
Can't read stable storage file: operation not permitted
This patch replaces the above with more meaningful messages.
It depends on commit 10dff9da97 to differentiate between the
above two cases, however even without this commit, the messages
should be an improvement.
MFC after: 3 months
The nfsd(8) daemon generates an error message that does not
indicate that the nfsd daemon is already running when the nfssvc(2)
syscall fails for the NFSSVC_STABLERESTART. Also, the check for
running nfsd(8) in a vnet prison will return EPERM when it fails.
This patch replaces EPERM with ENXIO so that the nfsd(8) daemon
can generate more reasonable failure messages. The nfsd(8) daemon
will be patched in a future commit.
MFC after: 3 months
The actual overflow occured in the ReadAhead.readahead test.
Surprisingly it has never segfaulted or resulted in any bad behavior.
MFC after: 1 week
Sponsored by: Axcient
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D38718
We short-circuit lockmgr functions in the face of a kernel panic. Other
lock implementations do this with a SCHEDULER_STOPPED() check, which
covers the additional case where the debugger is active but the system
has not panicked. Update this code to match that behaviour.
Reviewed by: mjg, kib, markj
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D38655
tcp_trace was implemented in tcp_debug.c, which was removed recently.
Reviewed by: rscheff@, zlei@
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D38712
Summary:
Under QEMU on arm64 systems, the smbios table is above 4GB
requiring a 64-bit address to access.
Reviewers: manu
Subscribers: imp, bcran, dab
Differential Revision: https://reviews.freebsd.org/D38721
When jail.conf set the nopersist flag during startup, it was
incorrectly destroying the per-jail ZFS settings.
PR: 260160
Reported by: imp (previous version), mm (upstream), freqlabs (upstream)
MFC after: immediately
Sponsored by: Modirum MDPay
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D38662
Extend the BBLog RTO event to deal with all timers of the base
stack. Also provide information about starting, stopping, and
running off. The expiration of the retransmission timer is
reported as it was done before.
Reviewed by: rscheff@
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D38710
If there are multiple instances of mountd(8) (in different
prisons), there will be confusion if they manipulate the
exports of the same file system. This patch adds mnt_exjail
to "struct mount" so that the credentials (and, therefore,
the prison) that did the exports for that file system can
be recorded. If another prison has already exported the
file system, vfs_export() will fail with an error.
If mnt_exjail == NULL, the file system has not been exported.
mnt_exjail is checked by the NFS server, so that exports done
from within a different prison will not be used.
The patch also implements vfs_exjail_destroy(), which is
called from prison_cleanup() to release all the mnt_exjail
credential references, so that the prison can be removed.
Mainly to avoid doing a scan of the mountlist for the case
where there were no exports done from within the prison,
a count of how many file systems have been exported from
within the prison is kept in pr_exportcnt.
Reviewed by: markj
Discussed with: jamie
Differential Revision: https://reviews.freebsd.org/D38371
MFC after: 3 months
Rearrange the enum tt_which such that TT_REXMIT is 0. This allows
an extension of the BBLog event RTO in a backwards compatible way.
Remove tcptimers, which was only used in trpt, a utility removed
from the source tree recently.
Reviewed by: glebius@, guest-ccui@
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D38547
This API change led to unexpected consequences with Go runtime. The
Go runtime emulates blocking sockets over non-blocking sockets and
for that uses available event dispatcher on the target OS, which is
kevent(2) if availabe, with OS independent layer on top. It expects
that if whatever O_NONBLOCK socket returned ever EAGAIN, then it is
supposed to be reported as writable by the event dispatcher. kevent(2)
would never report a unix/dgram socket, since they never change their
state, they always are writeable. The expectations of Go are not
literally specified by SUS, however they are in its spirit. The SUS
specifies EAGAIN for send(2) as "The socket's file descriptor is marked
O_NONBLOCK and the requested operation would block" [1]. This doesn't
apply to FreeBSD unix/dgram socket, it never blocks on send(2).
Thus, changing API trying to mimic Linux was a mistake. But what about
the problem we tried to fix? Discussed that with Max Dounin of nginx,
and we agreed that the log bomb described shall be fixed on nginx side,
and it actually isn't specific to FreeBSD, may happen with nginx on any
non-Linux system with a certain configuration.
[1] https://pubs.opengroup.org/onlinepubs/9699919799/functions/send.html
This reverts commit 65572cade3.
