Previously it would try to load linux.ko instead of linux64.ko
and fail. While here, don't try to match 'linuxaout'; even if
implemented, it's the same module as `linuxelf`.
Reviewed By: emaste
Sponsored By: EPSRC
Differential Revision: https://reviews.freebsd.org/D29288
During a recent NFSv4 testing event a test server was replying
NFSERR_OLDSTATEID for layout stateids presented to the server
for LayoutReturn operations. Upon rereading RFC5661, it was
apparent that the FreeBSD NFSv4.1/4.2 pNFS client did not
maintain the seqid field of the layout stateid correctly.
This patch is believed to correct the problem. Tested against
a FreeBSD pNFS server with diagnostics added to check the stateid's
seqid did not indicate problems. Unfortunately, testing aginst
this server will not happen in the near future, so the fix may
not be correct yet.
MFC after: 2 weeks
Document the workstation ACL ruleset, which uses stateful rules.
While here, add a note about where some of the undocumented variables
can be found. This is not a perfect solution for bug 127359, but it at
at least gives a place to go look, and can be used as a reference for
when bug 127359 gets fixed properly.
PR: 254358, 127359
Since we don't build and install the terminfo db anymore this is not
needed
This reverts commit b6a51d39e3a2e2f75d5b42a8c17a531063258a15.
This reverts commit e5e4845959ac60110677df302a68c220dff75abe.
This reverts commit 0af562d7e1850bbef230d30805c101b26588a3ed.
The global list has a marker with an invariant that free vnodes are
placed somewhere past that. A caller which performs filtering (like ZFS)
can move said marker all the way to the end, across free vnodes which
don't match. Then a caller which does not perform filtering will fail to
find them. This makes vn_alloc_hard sleep for 1 second instead of
reclaiming, resulting in significant stalls.
Fix the problem by requiring an explicit marker by callers which do
filtering.
As a temporary measure extend vnlru_free to restart if it fails to
reclaim anything.
Big thanks go to the reporter for testing several iterations of the
patch.
Reported by: Yamagi <lists yamagi.org>
Tested by: Yamagi <lists yamagi.org>
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D29324
Summary:
This change currently (partially) duplicates AC1 freqbands as AC2
as they are not fully overlapping.
It then adds the 11ac netband to the "etsi" domain including
"indoor" and "dfs" flags, which we can deal with, as well as
appropriate (round down) maxpower values.
Comments are left for the actual frequency bands as we do use the
centerfreq for the first/last (chansep sized) channel in the
freqband and their "id" name, which can be confusing.
Sponsored-by: Rubicon Communications, LLC ("Netgate")
Reviewed-by: philip, adrian
MFC-after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D25999
Factor out ieee80211_probereq_ie() and ieee80211_probereq_ie_len()
and make the length dynamic rather than static max. The latter is
needed as our current fixed length was longer than some "hw scan",
e.g. that of ath10k, will take. This way we can pass what we have.
Should this not be sufficient in the future we might have to deal
with filtering and much more error handling.
This also removes a duplicate calculation for ieee80211_ie_wpa [1].
Repoprted-by: Martin Husemann <martin NetBSD.org> [1]
Sponsored-by: Rubicon Communications, LLC ("Netgate")
Sponsored-by: The FreeBSD Foundation (update for alloc)
Reviewed-by: adrian, martin NetBSD.org (earlier version)
Reviewed-by: philip
MFC-after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D26545
Add support for crc32_le() as a wrapper around crc32_raw().
Sponsored-by: The FreeBSD Foundation
Obtained-from: bz_iwlwifi
MFC-after: 2 weeks
Reviewed-by: hselasky
Differential Revision: https://reviews.freebsd.org/D29187
A lot of small arm64 gadgets are using 1500000 as console speed.
While cu can perfectly deal with this some 3rd party software, e.g.,
comms/conserver-con add speeds based on B<n> being defined.
Having it defined here simplifies enhancing other software.
Obtained-from: NetBSD sys/sys/termios.h 1.36
MFC-after: 2 weeks
Reviewed-by: philip (,okayed by imp)
Differential Revision: https://reviews.freebsd.org/D29209
In preparation for the move of the database out of base, add one more
path to lookup
Now the default lookup path is
1. base
2. localbase
3. localbase special site for custom terminfo (for ports adding custom
terminfo and avoid potential collision with the general db)
4. termcap
The plan is to allow the terminfo-db to be installed by end users via
a package for people willing to have the support for features from
this database provides. And keep the fallback on termcap for people who
don't want to hear about the terminfo db or how to configure the terminal
if it uses by default the features proposed in the definitions
of the terminfo db.
the first look up path is a window open for a proposal made by glebius@
consisting on creating a tool where the user at install time will select
the feature it want for a given terminal and generate its configurations
based on that. I won't work on it, but it is now posssible and there is
a path where to store those definitions
TCP/IPv6 packets to be forwarded can be laid out with only the Ethernet
header in the first mbuf, and these packets are lost. There was a
previous hack to pullup ICMPv6 packets with such a layout for the
same reason. Generalize, and pullup any IPv6 packets with only the
Ethernet header in the first mbuf. Possibly this should also include
IPv4, but that situation has not been observed to fail.
PR: 254060
Reported by: denis at h3q.com
MFC after: 3 days
On FreeBSD/arm fill_fpregs, fill_dbregs are stubs that zero the reg
struct and return success. set_fpregs and set_dbregs do nothing and
return success.
Provide the same implementation for arm64 COMPAT_FREEBSD32.
Reviewed by: andrew
MFC after: 3 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29314
These are not stored in the trapframe so must be cleared explicitly.
This is similar to one of the MIPS changes in 822d2d6ac94f.
Reviewed by: andrew
Obtained from: CheriBSD
MFC after: 1 week
Sponsored by: DARPA
Differential Revision: https://reviews.freebsd.org/D28711
Test that pfsync works as expected with bulk updates. That is, create
some state before setting up the second firewall. Let that firewall
request a bulk update so it can catch up, and check that it got the
state which was created before it enable pfsync.
PR: 254236
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D29272
When we request a bulk sync we need to ensure we actually send out that
request, not just buffer it until we have enough data to send a full
packet.
PR: 254236
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D29271
Sync determining the git count with newvers.sh by adding the
--first-parent argument. This ensures uname(1) reflects the
file name for snapshots.
Reported by: Mark Millard
MFC after: 3 days
Sponsored by: Rubicon Communications, LLC ("Netgate")
In some cases like broken hardware nvme(4) may wait minutes for
controller response before timeout. Doing so in a tight spin loop
made whole system unresponsive.
Reviewed by: imp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29309
Sponsored by: iXsystems, Inc.
After length decisions, we've decided that the if_wg(4) driver and
related work is not yet ready to live in the tree. This driver has
larger security implications than many, and thus will be held to
more scrutiny than other drivers.
Please also see the related message sent to the freebsd-hackers@
and freebsd-arch@ lists by Kyle Evans <kevans@FreeBSD.org> on
2021/03/16, with the subject line "Removing WireGuard Support From Base"
for additional context.
Remove tmpfs size limitation, this breaks make installworld and installation of some packages
Format generated fstab using tabs to make it consistent and readable
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D29283
Latest version available from: https://w1.fi/security/2021-1/
Vulnerability
A vulnerability was discovered in how wpa_supplicant processes P2P
(Wi-Fi Direct) provision discovery requests. Under a corner case
condition, an invalid Provision Discovery Request frame could end up
reaching a state where the oldest peer entry needs to be removed. With
a suitably constructed invalid frame, this could result in use
(read+write) of freed memory. This can result in an attacker within
radio range of the device running P2P discovery being able to cause
unexpected behavior, including termination of the wpa_supplicant process
and potentially code execution.
Vulnerable versions/configurations
wpa_supplicant v1.0-v2.9 with CONFIG_P2P build option enabled
An attacker (or a system controlled by the attacker) needs to be within
radio range of the vulnerable system to send a set of suitably
constructed management frames that trigger the corner case to be reached
in the management of the P2P peer table.
Note: FreeBSD base does not enable P2P.
These ioctl commands aim to provide easier ways for user space
applications to enumerate existing audio devices and the node they can
potentially use.
The exchange of device lists between user space and kernel is done on
nv(9). Some ioctl commands are added to /dev/sndstat node:
- SNDSTAT_REFRESH_DEVS
- SNDSTAT_GET_DEVS
- SNDSTAT_ADD_USER_DEVS
- SNDSTAT_FLUSH_USER_DEVS
Bump __FreeBSD_version to reflect the addition of the ioctls.
Sponsored by: The FreeBSD Foundation
Reviewed by: hselasky
Approved by: philip (mentor)
Differential Revision: https://reviews.freebsd.org/D26884
This is the only in-tree driver for the asymmetric crypto support in
OCF that is already marked deprecated for 14.
MFC after: 3 days
Sponsored by: Chelsio Communications
These files are no longer used by the FreeBSD base system. They were being used by the amd port but that has also been deleted.
Reviewed by: rmacklem
Sponsored by: Google
Differential Revision: https://reviews.freebsd.org/D29180
c7e6cb9e08d6 introduced MK_MANSPLITPKG but it was not available for
building out-of-tree manual pages. For example, x11/nvidia-driver fails
with the following error:
===> doc (all)
make[3]: "/usr/share/mk/bsd.man.mk" line 53: Malformed conditional (${MK_MANSPLITPKG} == "no")
make[3]: Fatal errors encountered -- cannot continue
Move the definition from src.opts.mk to bsd.opts.mk to make it visible.
Definitions inside usr.sbin/bhyve/virtio.h are thrown away.
Definitions in sys/dev/virtio are used instead.
This reduces code duplication.
Sponsored by: The FreeBSD Foundation
Reviewed by: grehan
Approved by: philip (mentor)
Differential Revision: https://reviews.freebsd.org/D29084
stuct pf_pool and struct pf_kpool are different. We should not simply
bcopy() them.
Happily it turns out that their differences were all pointers, and the
userspace provided pointers were overwritten by the kernel, so this did
actually work correctly, but we should fix it anyway.
Reviewed by: glebius
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D29216
Man pages can be big in total, add an options to split man pages
in -man packages so we produce smaller packages.
This is useful for small jails or mfsroot produced of pkgbase.
The option is off by default.
Reviewed by: bapt, Mina Galić <me@igalic.co>
Differential Revision: https://reviews.freebsd.org/D29169
MFC after: 2 weeks
Now the .pc ends up in the correct package (-dev)
Reviewed by: bapt, emaste
Differential Revision: https://reviews.freebsd.org/D29172
MFC after: 2 weeks
That way the files are correctly taggued for pkgbase
Reviewed by: bapt, emaste (both earlier version)
Differential Revision: https://reviews.freebsd.org/D29171
MFC after: 2 weeks
We cannot easily used the TAG here and we don't yet have something to install
even .h from a diretory in bsd.prog.mk
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D29170
MFC after: 2 weeks
They aren't needed and produce wrong package comments :
We use to have "runtime-dev package" instead of
"FreeBSD Base System (Development Files)" for example
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D29168
MFC after: 2 weeks
headers could be installed as symlink to the source tree instead of copies.
Remove the possibility to do that.
This make the makefile easier to read and to maintain and also don't duplicate
code.
While here remove some directories from LSBUDIRS as we already install them using
the INCS stuff.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D29167
MFC after: 2 weeks
Now they are correctly taggued and put into the -dev package
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D29166
MFC after: 2 weeks
Now they are correctly taggued and put them into the libbsm package
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D29165
MFC after: 2 weeks
