As a consequence now ice_alloc_vsi_qmap() does not fail. Remove unneeded
error checks.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45852
As a consequence lkpi_ieee80211_ifalloc() now does not fail. Remove
unneeded NULL check.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45852
The return value of function 'mfi_dcmd_command' should always be checked for
the potential ioctl(2) failure.
PR: 281158
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1403
Current libxo output does not have a root element. Valid XML requires a single
root element. This commit adds this root element.
The libxo output version bumped accordingly.
PR: 254635
MFC after: 1 week
Pull Request: https://github.com/freebsd/freebsd-src/pull/1330
The associated commit has been reverted and DMAR is not enabled by
default any longer.
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46474
For years we display the time in seconds how long it takes to
run `make buildworld' (see PR 224433). Now we will display the
time for "installworld" and "installkernel" as well.
e.g.:
--------------------------------------------------------------
>>> Installing everything completed on Sun Jul 7 16:11:37 UTC 2024
>>> Install world completed in 110 seconds, ncpu: 2, make -j2
--------------------------------------------------------------
This is an improved version of commit e5a0202f96
PR: 280187
Differential Revision: https://reviews.freebsd.org/D45912
Currently these sections are not used but defined only for amd64 and
i386. Added them for all other platforms to keep all platforms in sync.
There should be no functional change.
This change is extracted from a bigger patch [1] of hselasky, with
additional fix for the order of .fini_array section.
1. https://reviews.freebsd.org/D40467
Obtained from: hselasky
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45214
These input sections can have decimal numbers as the priority suffix.
Clang emits the '%u' form, while SORT is an alias for SORT_BY_NAME,
hence will result in wrong order of constructors / destructors in
output sections. Fix by using the correct sorting command
SORT_BY_INIT_PRIORITY instead [1].
The functions referenced by section .fini_array is in the normal order,
but been executed in the reverse order. The order is same with
.init_array section.
Currently these sections are not used, there should be no functional
change.
Note: As for the .ctors and .dtors sections, both Clang and GCC emit
the priority suffix in the form of '%05u', so there is no semantic
difference between SORT_BY_NAME and SORT_BY_INIT_PRIORITY for those
sections [2].
This fix is extracted from a bigger patch [3] of hselasky, with
additional fix for .fini_array section.
1. https://sourceware.org/binutils/docs/ld/Input-Section-Wildcards.html
2. https://reviews.llvm.org/D91187
3. https://reviews.freebsd.org/D40467
Reviewed by: imp (previous version)
Obtained from: hselasky
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D45194
If pf_icmp_state_lookup() finds a state but rejects it for not matching the
expected direction we should unlock the state (and NULL out *state). This
simplifies life for callers, and also ensures there's no confusion about what a
non-NULL returned state means.
Previously it could have been left in there by the caller, resulting in callers
unlocking the same state twice.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Sloppy state tracking renders ICMP direction check useless
and harmful as we might see only half of the connection in
the asymmetric setups but ignore the state match. The bug
was reported and fix was verified by Insan Praja <insan ()
ims-solusi ! com>. Thanks! OK mcbride, henning
MFC after: 1 week
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 538596657140
Sponsored by: Rubicon Communications, LLC ("Netgate")
Following bluhm's advice this changes the way we setup state keys and
perform state lookups for ICMPv6 Neighbor Discovery packets:
- replace the NS-dst with ND target address;
- replace the NA-src with ND target address;
- replace the NA-dst with unspecified address if it is a multicast.
This allows pf to match Address Resolution, Neighbor Unreachability
Detection and Duplicate Address Detection packets to the corresponding
states without the need to create new ones or match unrelated ones.
As a side effect we're doing now one state table lookup for ND packets
instead of two.
Fixes a bug uncovered by one of the previous commits that virtually
breaks IPv6 connectivity after few minutes of use.
ok stsp henning, with and ok bluhm
PR: 280701
MFC after: 1 week
Obtained from: OpenBSD, mikeb <mikeb@openbsd.org>, 2633ae8c4c8a
Sponsored by: Rubicon Communications, LLC ("Netgate")
If *rulesp was initially unset, we'll allocate a new buffer and pass it
to sysctl_handle_string(), which copies the existing string out and then
copies in the new string. We need to make sure the buffer containing
the existing rules is initialized, otherwise we leak kernel memory to
userspace.
Fix some nearby style nits while here.
Reported by: KMSAN
Reviewed by: igoro, kp
Fixes: 8aaffd78c0 ("Add dummymbuf module for testing purposes")
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D46493
The conditions used to test whether a pullup is needed were inverted.
While here:
- Fix a bogus assignment to "iplen": it's already initialized to *offp.
- Use in_cksum_skip() instead of manually adjusting the data pointer.
Otherwise the mbuf is temporarily in an invalid state, since m_len
isn't updated to match.
Reported by: KMSAN
Reviewed by: kp
Sponsored by: Klara, Inc.
Fixes: 3711515467 ("carp: support VRRPv3")
Differential Revision: https://reviews.freebsd.org/D46492
This avoids creating windows where a device file is accessible but the
device-specific field is not set.
Now that vmmdev_mtx is a sleepable lock, avoid dropping it while
creating devices files. This makes it easier to handle races and
simplifies some code; for example, the VSC_LINKED flag is no longer
needed.
Suggested by: jhb
Reviewed by: imp, jhb
Differential Revision: https://reviews.freebsd.org/D46488
This will make it easier to atomically create the device file and set
its si_drv1 member.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46487
Rather than performing privilege checks after a specific VM's device
file is opened, do it once at the time the device file is opened. This
means that one can continue to access a VM via its device fd after
attaching to a jail which does not have vmm enabled, but this seems like
a reasonable semantic to have anyway.
Reviewed by: jhb
Differential Revision: https://reviews.freebsd.org/D46486
