This avoids reading past the end of the static strings. On a system
with bounds checking these tests fault.
Reviewed by: asomers
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21004
Allow ABI to be over ridden to allow (with other changes) programs to be
built targeting ABIs other than the default. This is used in CheriBSD.
Reviewed by: imp
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D21001
When sendmsg(2) sucessfully internalized one SCM_RIGHTS control
message, but failed to process some other control message later, both
file references and filedescent memory needs to be freed. This was not
done, only mbuf chain was freed.
Noted, test case written, reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D21000
entry, combining code currently in vm_map_unwire and
vm_map_wire_locked into a single function, called by each of them for
entries in transition.
Discussed with: kib, markj
Reviewed by: alc
Approved by: kib, markj (mentors, implicit)
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D20833
AMA replaced HPA in ACS-3 specification. It allows to limit size of the
disk alike to HPA, but declares inaccessible data as indeterminate. One
of its practical use cases is to under-provision SATA SSDs for better
reliability and performance.
While there, fix HPA Security detection/reporting.
MFC after: 2 weeks
Relnotes: yes
Sponsored by: iXsystems, Inc.
While we print failure messages on the console, sometimes logs are lost or
overwhelmed. Keeping a count of how many times we've failed retriable commands
helps get a magnitude of the problem.
Retried commands can indicate a performance degredation of an nvme drive. Keep
track of the number of retries and report it out via sysctl, just like number of
commands an interrupts.
We don't split the other man pages in their own package so do the same for runtime.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20962
Move the dpv related files from FreeBSD-runtime to a new package named
FreeBSD-dpv
The only consumer is bsdinstall which is already in it's own package.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20960
Move the bluetooth related files from FreeBSD-runtime to a new package named
FreeBSD-bluetooth
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and bluetooth isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20959
Move the hostapd related files from FreeBSD-runtime to a new package n
FreeBSD-hostapd
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and hostapd isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20958
Move the wpa related files from FreeBSD-runtime to a new package named
FreeBSD-wpa
The FreeBSD runtime is only intended to have everything for a working
FreeBSD installation and wpa isn't needed for that.
Reviewed by: bapt, gjb
Differential Revision: https://reviews.freebsd.org/D20957
Also convert it to a bool. While the rest of the driver isn't yet bool clean,
this will help.
Reviewed by: cem@
Differential Revision: https://reviews.freebsd.org/D20988
This reworks my last commit in r301285 to more closely match what was in
r241298 (but reverted in r294878).
This is addressing "missing .meta file" rebuilds but also ensuring that
files are always generated when needed in each case.
Note that this is not a complete rework of the problem areas identified
in r301285 as most are "good enough" right now as the new pattern
is too verbose. It's only worth making this current change where headers
may be generated in the INCS list; where missing .meta file rebuilds are
spotted.
--- Technical details follow ---
Several attempts to deal with this problem of multi-output targets, with and
without META MODE, were explained in r241298, r294878, and r301285.
The general problem is with multi-output targets such as:
foo.c foo.h:
touch foo.c foo.h
foo.c foo.h:
touch foo.c
touch foo.h
foo.c foo.h: foo.in
./generator ${.ALLSRC}
This pattern is problematic in jobs mode as both files end up being
built concurrently and leads to races. With META MODE it is worse
as both targets end up rebuilding if they lack a .meta file. So the
generator is force built twice even though it is only needed once.
There are also problems in that 'make foo.h' may be ran before 'make foo.c';
The order of make generating the targets is not guaranteed.
An older attempted workaround to this (discussed in r294878) was:
foo.h: foo.c
foo.c: foo.in
./generator ${.ALLSRC}
This appears fine except that if foo.h is missing and foo.c exists then
foo.h will never be regenerated. This pattern is close to the solution
in this commit though:
foo.h: foo.c .NOMETA
.if !exists(foo.h)
foo.c: .PHONY .META
.endif
foo.c: foo.in
./generator ${.ALLSRC}
There's 2 differences here:
1. foo.h will never expect to have a .meta file since the foo.c target
will generate both and own the .meta file.
2. If foo.h does not exist then it needs to force foo.c to be rebuilt
with .PHONY. That normally disables META MODE though so .META is
given to tell bmake we do really expect a .meta file.
This pattern cannot work with implicit suffix rules since the .c and .h files
may be generated at different times (buildincludes vs depend/all).
Sponsored by: Dell EMC
MFC after: 2 weeks
The nvme drive dumps only the most relevant details about a command when it
fails. However, there are times this is not sufficient (such as debugging weird
issues for a new drive with a vendor). Setting hw.nvme.verbose_cmd_dump=1
in loader.conf will enable more complete debugging information about each
command that fails.
Reviewed by: rpokala
Sponsored by: Netflix
Differential Version: https://reviews.freebsd.org/D20988
In some circumstances, setmode(3) may call umask(2) twice to retrieve
the current mode and then restore it. Between calls, the process will
have a umask of 0.
Reviewed by: markj
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D20982
These macros make places where we extract these easier to read. The shift and
mask stuff is also a bit tedious and error prone. Start with the CAP_LO and
CAP_HI registers since their scope is somewhat constrained. This is style
chagne only, no functional changes.
Reviewed by: chuck
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D20979
This affects the detection of 24-hour vs AM/PM mode... the ampm bit is in a
different location on 2127 and 2129 chips compared to other nxp rtc chips.
I noticed the 2127 case wasn't being handled correctly when I accidentally
misconfiged my system by claiming my PCF2129 was a 2127.
It is declared here and in rfc931.c and unused here so keep that copy
and discard this one.
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA, AFRL
libsecureboot can tell us if the most recent file opened was
verfied or not.
If it's state is VE_UNVERIFIED_OK, skip if variable
matches one of the restricted prefixes.
Reviewed by: stevek
MFC after: 1 week
Sponsored by: Juniper Networks
Differential Revision: https://reviews.freebsd.org//D20909
filesystems that have block pointers that are out-of-range for their
filesystem. These out-of-range block pointers are corrected by
fsck(8) so are only encountered when an unchecked filesystem is
mounted.
A new "untrusted" flag has been added to the generic mount interface
that can be set when mounting media of unknown provenance or integrity.
For example, a daemon that automounts a filesystem on a flash drive
when it is plugged into a system.
This commit adds a test to UFS/FFS that validates all block numbers
before using them. Because checking for out-of-range blocks adds
unnecessary overhead to normal operation, the tests are only done
when the filesystem is mounted as an "untrusted" filesystem.
Reported by: Christopher Krah, Thomas Barabosch, and Jan-Niclas Hilgert of Fraunhofer FKIE
Reported as: FS-14-UFS-3: Out of bounds read in write-2 (ffs_alloccg)
Reviewed by: kib
Sponsored by: Netflix
We can't use a u_int to compute the physical address in
pmap_early_vtophys(). Our int is 32-bit, but the physical address is
64-bit. This works fine if everything lives in below 0x100000000, but as
soon as it doesn't this breaks.
MFC after: 1 week
Sponsored by: Axiado
The clang switchover happened long enough ago that we can
garbage-collect this note.
Reviewed by: emaste, imp
Differential Revision: https://reviews.freebsd.org/D20978
The intent is to provide a convenient location to document changes
that are relevant to users of binary FreeBSD distributions, in contrast
with UPDATING, which exists to document caveats for users who build
FreeBSD from source.
This complements the "Relnotes:" tag in commit messages by providing a
place to document the change in more detail, or in case a "Relnotes:"
tag was accidentally omitted. In particular, "Relnotes:" should be
used if you do not intend to document the change in RELNOTES for some
reason.
Changes to the file should not be MFCed. For now the file will exist
only in head, but may be updated via direct commits to stable branches
depending on how things go.
I took the liberty of pre-populating the file with some recent release
notes-worthy changes.
Reviewed by: ian (earlier version)
Discussed with: cy, gjb, imp, rgrimes
Differential Revision: https://reviews.freebsd.org/D20762
I accidentally broke the main point of r349248 when making stylistic changes
in r349391. Restore the original behavior, and also fix an additional
overflow that was possible when uio->uio_resid was nearly SSIZE_MAX.
Reported by: cem
Reviewed by: bde
MFC after: 2 weeks
MFC-With: 349248
Sponsored by: The FreeBSD Foundation
This ioctl is used when a breakpoint is encountered while disassembling
a symbol in the target process. Since only one DTrace consumer can
toggle or enumerate fasttrap probes from a given process at time, this
ioctl does not appear to be used in practice.
