This is a MAC policy module that grants scheduling privileges based on
group membership. Users or processes in the group realtime (gid 47) are
allowed to run threads and processes with realtime scheduling priority.
For timing-sensitive, low-latency software like audio/jack, running with
realtime priority helps to avoid stutter and gaps.
PR: 239125
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D33191
In addition to filtering by stack and state, allow filtering
by the congestion control module used. Choose the command line
options to be consistent with the ones of sockstat.
MFC after: 1 week
Sponsored by: Netflix, Inc.
NVMe conformance tests for the Format command failed if the
backing-storage for the bhyve device was a file instead of a Zvol. The
tests (and the specification) expect a Format to destroy all previously
written data. The bhyve NVMe emulation implements this by trimming /
deallocating all data from the backing-storage.
The blockif_candelete() function indicated the file did not support
deallocation (i.e. fpathconf(..., _PC_DEALLOC_PRESENT) returned FALSE)
even though the kernel supported file hole punching. This occurs on
builds with Capsicum enabled because blockif did not allow the
fpathconf(2) right.
Fix is to add CAP_FPATHCONF to the cap_rights_init(3) call.
PR: 260081
Reviewed by: allanjude, markj, jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D33203
Length of some string buffers was insufficient for cases of more that
99 targets per HBA or slots per enclosure. Some others are tuned just
for better alignment. While there also fix output formatting issues.
MFC after: 1 week
Sponsored by: iXsystems, Inc.
The inclusion of 0a0f748641 broke the build with the -DNO_ROOT option.
Specifically, that commit adds some relative paths (with `..`) to METALOG
that make other tools using that log, fail afterwards (tar, makefs...).
It's been argued[1] if this is really something mtree(8) should handle more
graciously. In the meantime, fix the breakage but changing the order in which
the links are created: first in the parent directory, then in the
architecture-specific one.
We keep the architecture-specific directories an the links to the parent
directories. This is something that we might want to change in the future.
This commit is based on a concept patch by avg@.
[1] https://lists.freebsd.org/archives/dev-commits-src-all/2021-November/index.html
Reported by: bapt@, emaste@
Approved by: avg@
Fixes: 0a0f748641
Differential Revision: https://reviews.freebsd.org/D33126
It's required to specify a default boot option in order to make
petitboot's autoboot feature work.
Tested on Raptor Blackbird
Reviewed by: imp, luporl
MFC after: 2 days
Sponsored by: Instituto de Pesquisas Eldorado (eldorado.org.br)
Differential Revision: https://reviews.freebsd.org/D32838
Reads of the MSI-X capabilites aren't emulated by passthru devices
yet. The guest will read the host MSI-X capabilites which could
cause issues.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D32686
Sponsored by: Beckhoff Automation GmbH & Co. KG
On startup all virtual BARs are registered.
Additionally, the encoding bit in the virtual cmd register is set.
After that, the passthru emulation overwrites the virtual cmd register with
the physical one.
This could lead to a mismatch between registered BARs and the encoding
bits in the cmd register.
Instead of writing the physical to the virtual cmd register,
write the virtual to the physical cmd register to solve this issue.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D32687
Sponsored by: Beckhoff Automation GmbH & Co. KG
OVMF always uses 0xC0000000 as base address for 32 bit PCI MMIO space.
For that reason, we should use that address too.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D31051
Sponsored by: Beckhoff Automation GmbH & Co. KG
OVMF will fail, if large 64 bit BARs are used. GCD-Map doesn't cover
64 bit addresses of BARs.
OVMF assumes that 64 bit addresses of BARS are located on next 32 GB
boundary behind Top of High RAM.
This patch moves 64 bit BARs on next 32 GB boundary behind Top of High
RAM to match OVMF assumptions.
Differential Revision: https://reviews.freebsd.org/D27970
Sponsored by: Beckhoff Automation GmbH & Co. KG
yocalebo_gmail.com submitted a patch for mountd.c that
fixes the case where a username starts with a digit.
Without this patch, the username that starts with a
digit is misinterpreted as a numeric uid.
With this patch, any string that does not entirely
convert to a decimal number via strtoul() is considered
a user/group name.
Submitted by: yocalebo_gmail.com
Reviewed by: rmacklem
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D32993
Allocating a BAR will call baraddr which maps the framebuffer. No need
to allocate it explicitly on init.
Reviewed by: grehan
Sponsored by: Beckhoff Autmation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D32596
Tell the guest whether a BAR uses prefetched memory or not for
passthru devices by using the same lobits as the physical device.
Reviewed by: grehan
Sponsored by: Beckhoff Autmation GmbH & Co. KG
Differential Revision: https://reviews.freebsd.org/D32685
This reverts commit 020f411255.
Because now ASLR is enabled by default for 64-bit architectures
and the purpose of the installation menu is to allow choosing
additional 'mitigation'/'hardening' options that are originally
disabled, remove the ASLR knob from bsdinstall.
Discussed with: emaste
Obtained from: Semihalf
Sponsored by: Stormshield
In accordance with a SHOULD in RFC 4861, rtsol and rtsold wait a
random time between zero and one (aka MAX_RTR_SOLICITATION_DELAY)
seconds before sending a Router Solicitation, in order to avoid
network congestion if many hosts come online at once. (The
question of how many hosts would be required to cause congestion
by each sending a single packet on a Gbps+ network is left to the
reader.)
The new option -i disables this wait and instructs rtsol and rtsold
to send the Router Solicitation immediately.
Reviewed by: bz, kp (earlier version)
MFC after: 1 week
Relnotes: yes
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D32956
This reverts commit a30e8044aa.
WITHOUT_OPENSSL build is a subset of WITHOUT_CRYPT build. It was
incorrect to label this patch as fixing WITHOUT_CRYPT when in fact
it fixes WITHOUT_OPENSSL. The build failure will be addressed in a
fix for WITHOUT_OPENSSL build.
MFC after: 1 week
Global options are defined in usr.sbin/wpa/Makefile.inc. Those in
usr.sbin/wpa/src/crypto/Makefile are duplicates of those found above.
Remove them.
MFC after: 1 week
This is a follow-up to 2697622687,
which fixed 2 out of 3 broken uses of the mirrorselect script.
Reviewed by: emaste
Approved by: emaste (src)
MFC after: 7 days
Differential Revision: https://reviews.freebsd.org/D32927
The exports file format allows export to a network using an explicit
mask or prefix length (CIDR). It also allows a network with just
a dotted address, in which case the historical mask was used.
Deprecate this usage, and warn when it is used. Document that this
is deprecated.
MFC after: 1 month
Reviewed by: rmacklem, bcr, #manpages
Differential Revision: https://reviews.freebsd.org/D32713
powerd_flags is mentioned in rc.conf(5) and can be set there and pass to
powerd.
PR: 258320
MFC after: 3 days
Reported by: Michael <michael.hmich@gmail.com>
It was a hack only needed for trpt, which can just define it locally.
This makes it possible to fix up systat which also includes the file.
Sponsored by: Rubicon Communications, LLC ("Netgate")
devinfo(8) manpage contains reference to pnpinfo(8) which existed at the
time. Remove it.
PR: 232587
MFC: 3 days
Reported by: Graham Perrin <grahamperrin@gmail.com>
PASN requires CRYPT and when built WITHOUT_CRYPT buildworld
fails. Only enable PASN when MK_CRYPT is enabled (default).
PR: 259517
Reported by: emaste
Fixes: c1d255d3ff
MFC after: 1 week
The limit of 384 maxusers for auto configuration was only imposed on
32-bit systems. Document that maxusers scales above 384 based on memory
for 64-bit systems.
PR: 204938
MFC after: 3 days
Reported by: David Höppner <0xffea@gmail.com>
I dropped the + 1 from the other two instances in each file but failed
to do so for this one, resulting in a more egregious buffer overread
than the one I was fixing (since the read character ended up in the
output if there was space).
Reported by: Jenkins
Fixes: 34fb1c133c ("Fix intra-object buffer overread for labeled msdosfs volumes")
Volume labels, like directory entries, are padded with spaces and so
have no NUL terminator. Whilst the MIN for the dsize argument to strlcpy
ensures that the copy does not overflow the destination, strlcpy is
defined to return the number of characters in the source string,
regardless of the provided dsize, and so keeps reading until it finds a
NUL, which likely exists somewhere within the following fields, but On
CHERI with the subobject bounds enabled in the compiler this buffer
overread will be detected and trap with a bounds violation.
Found by: CHERI
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D32579
r366466 (9c7bd4f198) fixed a subtle bug by stripping the trailing
'\n' appended to the output of popen("cd %s && pwd -P", p->srcdir).
Replace this cumbersome implementation with a single realpath(3) call
which avoids spawning a shell, reading from the stream with fgets(3),
and final strdup(3).
Reviewed by: arichardson, kevans
Approved by: imp
Differential Revision: https://reviews.freebsd.org/D26734
This key is Declarative and should always be sent even if the
initiator did not send it's own limit. This is similar to the fix in
fc79cf4fea but for the target side. However, unlike that fix,
failure to send the key simply results in reduced performance.
PR: 259439
Reviewed by: mav, emaste
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D32651