Track (and display) the interface that created a state, even if it's a
floating state (and thus uses virtual interface 'all').
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D30245
Migrate to using the new nvlist-based DIOCGETSTATESNV call to obtain the
states list.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D30244
On x86, the pmu_events table is the source of truth for finding
supported events. However, events not found there may still be present
in the kernel's static event tables. For example, the pmc.soft(3) events
will never be available from pmu-events.
Update pmc_allocate() to search the legacy event tables if
pmc_pmu_pmcallocate() fails to return a result. This allows both event
sources to be consulted before giving up, thus restoring pmc.soft(3) and
pmc.tsc(3) on x86.
Reviewed by: emaste
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30216
This logic was added for handling some of the complicated relationships
between events and x86 CPU models. Since that logic has been mostly
removed from libpmc(3) in favor of pmu-events, this no longer serves
much of a purpose. Mapping CPU types to event tables is already handled
by the switch statement in pmc_init().
Reviewed by: ray, emaste
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30196
All uses of this macro were removed in e92a1350b5. Remove
cpu_has_iaf_counters as well.
Reviewed by: ray, emaste
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D30195
librt implement the POSIX realtime extension library.
Move it to clibs instead of utilities as a number of ports uses it
so avoid a dependancy on FreeBSD-utilities.
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D30088
Document that LOG_PID is ignored and can not be disabled.
This change was made along with the move from RFC 3164 to RFC 5424 log messages.
PR: 255664
Reported by: des.gaufres@gmail.com
Reviewed by: gbe, jilles
Approved by: gbe (mentor, manpages), jilles
There are still references to timed(8) and timedc(8) in the base system,
which were removed in 2018.
PR: 255425
Reported by: Ceri Davies <ceri at submonkey dot net>
Reviewed by: ygy, gbe
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D30232
In commit 6bb140e3ca, vm_destroy() was replaced with free() to
preserve errno. However, it's possible that free() may change the errno
as well. Keep the free() call, but explicitly save and restore errno.
Noted by: jhb
Fixes: 6bb140e3ca
It reopens the passed file descriptor, checking the file backing vnode'
current access rights against open mode. In particular, this flag allows
to convert file descriptor opened with O_PATH, into operable file
descriptor, assuming permissions allow that.
Reviewed by: markj
Tested by: Andrew Walker <awalker@ixsystems.com>
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D30148
This allows us to kill states created from a rule with route-to/reply-to
set. This is particularly useful in multi-wan setups, where one of the
WAN links goes down.
Submitted by: Steven Brown
Obtained from: https://github.com/pfsense/FreeBSD-src/pull/11/
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D30058
Summary:
Fix FPU exception management for powerpcspe. Bits are in a different place from
the standard FPSCR, so we need to handle the shifting differences. Also,
there's no concept of a "software exception" raise, so we need to do exceptional
math to trigger the exception from software.
Reviewed By: alfredo
Differential Revision: https://reviews.freebsd.org/D22824
It writes the core of live stopped process to the file descriptor
provided as an argument.
Based on the initial version from https://reviews.freebsd.org/D29691,
submitted by Michał Górny <mgorny@gentoo.org>.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D29955
- Correct the type of the sysctl value.
- Initialize the oldsize parameter to cap_sysctlbyname()
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Teach poll(2) to support Linux-style POLLRDHUP events for sockets, if
requested. Triggered when the remote peer shuts down writing or closes
its end.
Reviewed by: kib
MFC after: 1 month
Differential Revision: https://reviews.freebsd.org/D29757
When parsing the nvlist for a struct pf_addr_wrap we unconditionally
tried to parse "ifname". This broke for PF_ADDR_TABLE when the table
name was longer than IFNAMSIZ. PF_TABLE_NAME_SIZE is longer than
IFNAMSIZ, so this is a valid configuration.
Only parse (or return) ifname or tblname for the corresponding
pf_addr_wrap type.
This manifested as a failure to set rules such as these, where the pfctl
optimiser generated an automatic table:
pass in proto tcp to 192.168.0.1 port ssh
pass in proto tcp to 192.168.0.2 port ssh
pass in proto tcp to 192.168.0.3 port ssh
pass in proto tcp to 192.168.0.4 port ssh
pass in proto tcp to 192.168.0.5 port ssh
pass in proto tcp to 192.168.0.6 port ssh
pass in proto tcp to 192.168.0.7 port ssh
Reported by: Florian Smeets
Tested by: Florian Smeets
Reviewed by: donner
X-MFC-With: 5c11c5a365
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29962
Allow up to 5 labels to be set on each rule.
This offers more flexibility in using labels. For example, it replaces
the customer 'schedule' keyword used by pfSense to terminate states
according to a schedule.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29936
Found in "Understanding and Detecting Disordered Error Handling with
Precise Function Pairing" by Qiushi Wu et al.
Reviewed by: imp, jhb
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29896
This was added in b2ca2e50b9, and serves to provide an initial value
to the PMC, eliminating the need for a second syscall via pmc_set(3).
Reviewed by: gnn, 0mp (manpages)
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29885
For some reason the ld128 log1pl() implementation is less accurate than
logl(), but does at least guarantee precision >= the ld80 implementation.
Mark log1p_accuracy_tests as XFAIL for ld128 and increase the log1p tolerance
to the ld80 equivalent in accuracy_tests to avoid losing test coverage for
the other functions.
PR: 253984
Reviewed By: ngie, dim
Differential Revision: https://reviews.freebsd.org/D29039
While most 64-bit architectures have an assembly implementation of this
file, RISC-V does not. As we now store 8 bytes instead of 4 it should speed
up RISC-V.
Reviewed By: kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29536
While most 64-bit architectures have an assembly implementation of this
file RISC-V does not. As we now copy 8 bytes instead of 4 it should speed
up RISC-V. Using intptr_t instead of int also allows using this file for
CHERI pure-capability code since trying to copy pointers using integer
loads/stores will invalidate pointers.
Reviewed By: kib
Obtained from: CheriBSD (partially)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29535
Usually rule counters are reset to zero on every update of the ruleset.
With keepcounters set pf will attempt to find matching rules between old
and new rulesets and preserve the rule counters.
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29780
This commit should not have introduced any functional changes, but
apparently it did. This appears to have broken LDAP setups.
Reverting for now. Will reland once I have fixed the breakage.
This reverts commit 5245bf7b92.
Reported By: Александр Недоцуков, brd
MFC after: immediately
It seems to be a nice idea to show how fork() is usually used in
practice. This may act as a guide to developers who want to quickly
recall how to use the fork() function.
Reviewed by: bcr, yuripv
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D27626
Use ${PICFLAG} rather than hard-adding -fPIC, which removes the
requirement for libnv to be built PIC.
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
This avoids build failures due to the clang 12 warning:
'#pragma FENV_ACCESS' is not supported on this target - ignored
Clang 12 currently emits this warning for all non-x86 architectures.
While this can result in incorrect code generation (e.g. on AArch64 some
exceptions are not raised as expected), this is a pre-existing issue and
we should not fail the build due to this warning.
Reviewed By: dim, emaste
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29743
if VREAD access is checked as allowed during open
Requested by: wulf
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D29323
by only keeping hold count on the vnode, instead of the use count.
Reviewed by: markj
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D29323
It is currently allowed to fchownat(2), fchmodat(2), fchflagsat(2),
utimensat(2), fstatat(2), and linkat(2).
For linkat(2), PRIV_VFS_FHOPEN privilege is required to exercise the flag.
It allows to link any open file.
Requested by: trasz
Tested by: pho, trasz
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 2 weeks
Differential revision: https://reviews.freebsd.org/D29111
After the migration to libpfctl for rule retrieval we accidentally lost
support for clearing the rules counters.
Introduce a get_clear variant of pfctl_get_rule() which allows rules
counters to be cleared.
MFC after: 4 weeks
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29727
During device destruction it is possible that open() succeed, but
fdevname() return NULL, that can't be assigned to string variable.
Fix that by adding explicit NULL check.
Also while there switch from fdevname() to fdevname_r().
Sponsored by: iXsystems, Inc.
MFC after: 2 weeks
MAP-E (RFC 7597) requires special care for selecting source ports
in NAT operation on the Customer Edge because a part of bits of the port
numbers are used by the Border Relay to distinguish another side of the
IPv4-over-IPv6 tunnel.
PR: 254577
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D29468
Introduce pfctl_pool to be able to extend the pool part of the pf rule
without breaking the ABI.
Reviewed by: kp
MFC after: 4 weeks
Differential Revision: https://reviews.freebsd.org/D29721
Trim leading spaces in variable names when the list is e.g.
pretty-formatted in /etc/login.conf or ~/.login_conf.
PR: 247947
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D25649
