- nvlist_append_nvlist_array() makes a copy of the input nvlist, so the
pattern of nvlist_append_nvlist_array(... cfline(...)) would leak
memory and descriptors. Pass the entire config nvlist to cfline()
instead since this is needed for a future change.
- In parse_action(), free the linked list returned by getaddrinfo().
- Remove some checks at the beginning of close_filed(). For some log
types we'll always have f->f_file == -1, in which case we wouldn't
release other resources, such as forwarding sockets.
- After converting a filed to an nvlist, free the filed resources.
Fixes: 2567168dc4 ("syslogd: Refresh configuration using libcasper")
Reviewed by: jfree
Differential Revision: https://reviews.freebsd.org/D48250
Add a virtual timer implementation based on SBI Time extension.
This is needed for Eswin EIC7700 SoC which does not include the newer SSTC
extension.
Timer interrupt pending bit (STIP) could not be cleared in the guest system,
so rework interrupts handling: add new "interrupts_pending" field. Use it
for timer interrupt only for now, but later we can extend to store all
pending interrupts (Timer, IPI and External).
With this I'm able to boot FreeBSD (SMP) guest on HiFive Premier P550,
which is the first real hardware with RISC-V 'H'-spec included.
Differential Revision: https://reviews.freebsd.org/D48133
Signature types need to be parsed out of the key/signature information
that we are presented with from the files we download. We use that to
understand whicher signer we need to dispatch to.
The ECC signer is more-or-less lifted from pkg(8), with some changes to
slim it down for pkg(7).
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D48108
This will be used to verify raw payloads, as if signed by pkg-key(8).
It will be used specifically in pkg(7) to verify .pubkeysig as published
by poudriere.
Amend verify_pubsignature() now to use it. For the RSA signer, we need
to verify using a sha256 of the data instead of the data itself.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D48109
We already have to do this for reading the pubkey, just pull it out for
other uses. The ECC signer will use this to verify the bootstrap if
the PUBKEY mechanism is used.
Reviewed by: bapt, emaste
Differential Revision: https://reviews.freebsd.org/D48107
This mirrors a change we made in pkg(8), and will be used to next add
another signer that does ECC.
Reviewed by: bapt, emaste
Differential Revision: https://reviews.freebsd.org/D48106
We'll eventually add a pkgsign abstraction over these similar to how we do
in pkg(8), but start by isolating these parts.
Reviewed by: bapt, emaste
Differential Revision: https://reviews.freebsd.org/D48105
Previously we could create cd9660 images with duplicate short (level 2)
names.
cd9660_level2_convert_filename used a 30-character limit (for files and
directories), not including the '.' separator. cd9660_rename_filename
used a 31-character limit, including the '.'. Directory names 31
characters or longer (without '.') were shortened to 30 characters, and
if a collision occurred cd9660_rename_filename uniquified them starting
with the 31st character. Unfortunately the directory record's name_len
was already set, so the unique part of the name was stripped off.
Directories are up to 31 d-characters (i.e., A-Z 0-9 and _); there is no
provision for a '.' in a directory name. Increase the name length limit
to 31 for directories, and exclude '.'s.
This name mapping and deduplication code is still fragile and convoluted
and would beenfit from a more holistic effort.
PR: 283238, 283112
Reviewed by: imp
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48251
For requests that handoff queues from userspace to the kernel as well
as the request to fetch reconnect parameters from the kernel, switch
from using flat structures to nvlists. In particular, this will
permit adding support for additional transports in the future without
breaking the ABI of the structures.
Note that this is an ABI break for the ioctls used by nvmf(4) and
nvmft(4). Since this is only present in main I did not bother
implementing compatability shims.
Inspired by: imp (suggestion on a different review)
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D48230
This sets the correct ownership values when building base.txz
PR: 283340
Reviewed by: allanjude
Pull request: https://github.com/freebsd/freebsd-src/pull/1550
Signed-off-by: Pat Maddox <pat@patmaddox.com>
This test is inside the else block for `if (*oldname == '.')`, so
*oldname cannot be '.' here.
Reviewed by: kevans
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48243
Commit 07cd69e272 adds a new "-a" mountd option,
which changes the behavior of mountd when file systems
are exported via -alldirs.
This patch updates the man page to reflect the actual
behavior when -alldirs is used when mountd is started
with/without -a. Prior to the above commit, exports(5)
documented that, when -alldirs was specified, the exports
line would fail unless the directory was a server file
system mount point. This behavior was only documented
in the Examples section and has not been implemented
since a change between FreeBSD 1 and FreeBSD 2 was done.
This is a contents change.
PR: 282995
Reviewed by: markj
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D48139
Commit 07cd69e272 adds a new "-a" mountd option.
This patch updates the man page for it.
This is a content change.
PR: 282995
Reviewed by: gbe (manpages)
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D48138
Bugzilla PR#282995 reported that, when a file system was
exported with the "-alldirs" flag, the export succeeded even
if the directory path was not a server file system mount point.
This behaviour for "-alldirs" was only documented in the
Example section of exports(5) and had not been enforced
since FreeBSD2. (A patch applied between FreeBSD1 and
FreeBSD2 broke the check for file system mount point.)
Since the behaviour of allowing the export has existed since
FreeBSD2, the concensus on a mailing list was that it would
be a POLA violation to change it now.
Therefore, this patch adds a new "-a" mountd command line
option to enforce a check for the exported directory being a
server file system mount point.
PR: 282995
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D48137
The maximum length is 30 characters for name and extension, two
separators (. and ;) and 5 characters for file version from 1 to 32767,
which is 37 characters. Add one for the null term as we treat these
buffers as C strings.
This is not an issue in practice, as the file version is always 1 in
makefs.
While here, drop `_WITH_PADDING` from the macro name and update the
previously-unused ISO_FILENAME_MAXLENGTH for the corrected length.
A 0x00 padding byte is used by ISO9660 when needed for alignment, which
can be the null byte at the end of the string.
Use sizeof where appropriate.
Reviewed by: kevans
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48193
This allows the default options (-O compress=lz4 -O atime=off) to be
overridden, before the ZFS boot pool is created. For example, to set the
compression algorithm to something different.
Reviewed by: jhb, dim
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D47478
The syslogd bsd/rfc3164 message format does not strictly conform to the
format recommended in RFC 3164 when syslog messages are forwarded from
remote hosts.
The new rfc3164-strict format generates messages that conform with the
RFC 3164 recommended format. The existing format is maintained for
backwards compatibility.
PR: 220246
Reviewed by: markj
MFC after: 3 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/1536
RFC 3164 and RFC 5424 syslog message format tests and minor refactor of
existing tests to reuse components in new tests.
Reviewed by: markj
MFC after: 3 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/1536
- Tests have been updated to use "jail" execution environment,
is_exclusive="true" is no longer required.
- tests/Makefile update to style.Makefile(5).
Reviewed by: markj
MFC after: 3 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/1536
Remove unneeded th_x2 initalization, use named constants
instead of magic numbers (fixing one oversight) and add
some line breaks. Expand one man page slightly.
No functional change intended.
Reviewed By: tuexen, cc
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D48065
Check if RISC-V SSTC is available and advertise to the guest.
This is needed for Eswin EIC7700 that does not include SSTC.
As we don't have a mechanism for reporting extension presence
from the kernel to userspace, then use vm_cap_type for now.
Reviewed by: mhorne, markj
Differential Revision: https://reviews.freebsd.org/D48058
NGROUPS_MAX is just the minimum maximum of the number of allowed
supplementary groups. The actual runtime value may be greater. Allow
more groups to be specified accordingly (now that, a few commits ago,
nmount(2) has been changed similarly).
To this end, we just allocate once and for all a static array called
'tmp_groups' big enough to hold {NGROUPS_MAX} + 1 groups (the maximum
number of supplementary groups plus the effective GID, which we store in
a variable named 'tngroups_max' to avoid confusion with the kernel
variable 'ngroups_max' holding only the maximum number of
*supplementary* groups) in main() and use this temporary space in
get_exportlist_one(), do_opt() and parsecred(). Doing so in passing
fixes a (benign) memory leak in case "-maproot" and/or "-mapall" were
specified multiple times and the first option comprised more than
SMALLNGROUPS.
parsecred() does not use 'cr_smallgrps' anymore, but we have kept
'cr_smallgrps'/SMALLNGROUPS as 'struct expcred' is also included in
'struct exportlist' and 'struct grouplist', and thus this preallocated
field still results in an optimization for the common case of small
number of groups (although its real impact is probably negligible and
arguably was not worth the trouble).
While here, in do_mount(), remove some unnecessary groups array
allocation and copying.
Reviewed by: rmacklem (older version)
Approved by: markj (mentor)
MFC after: 2 weeks
Relnotes: yes
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47016
'name' can never be NULL, as it is equal to 'names' and 'namelist',
which was passed by do_cred() only if the actual parameter wasn't NULL.
Reviewed by: rmacklem
Approved by: markj (mentor)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47014
In the 'uid:gid:gid:...' case (for '-maproot' or '-mapall'), if no GID
is specified at all (i.e., input is of the form 'uid:', with the colon
at the end), mountd(8) would pass credentials with an empty array of
groups to the kernel.
For security reasons, we have put in place a kernel fallback a while
ago, which is to use the single group GID_NOGROUP (see commits
cfbe7a62dc ("nfs, rpc: Ensure kernel credentials have at least one
group") and 5169d4307e ("nfs: Fallback to GID_NOGROUP on no groups")).
Here, as we are in userland, we first try to find the GID number
corresponding to "nogroup", and only then fall back to GID_NOGROUP, as
nfsuserd(8) does.
Approved by: markj (mentor)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47011
No functional change (intended).
This code dates back to 4.4BSD, became wrong after some getgrouplist()
(nssswitch-related) change in 2007, was fixed only in 2020 and since
then underwent cosmetic changes.
It is likely that in fact it never served any useful purpose in FreeBSD,
except perhaps at the very beginning. It's most probably not the case
today: NFS credentials are normally only used to check for file
accesses, whose group is checked against all groups of a credentials
indiscriminately (except for the real GID). Consequently, having
a single duplicate, which the code would actually remove only if in the
first supplementary group slot, doesn't change behavior. Moreover, we
are going to regain one slot in a subsequent commit.
Discussed with: rmacklem
Approved by: markj (mentor)
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D46920
- Only two of these tunables are used for RATELIMIT without
TCP_OFFLOAD.
- Mark t4_tmr_idx_ofld and t4_pktc_idx_ofld static.
- Move hw.cxgbe.cop_managed_offloading under hw.cxgbe.toe since it is
specific to TOE.
Reviewed by: np
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D47765
fstyp can misidentify a UFS file system as MS-DOS if the device was
repurposed from MS-DOS to UFS via newfs.
This happens for the following reasons:
- the header for MS-DOS begins at offset 0
- the superblock for UFS begins at offset 64k, 8k, 0k, or 256k
- newfs does not clear the area in front of UFS's superblock,
leaving the MS-DOS header intact.
- fstyp searches for file system headers alphabetically
To avoid this misidentification, have fstyp search for file system
headers with the largest offset first instead of alphabetically.
The implemented fix was suggested by reporter, Richard M. Kreuter.
PR: 252787
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D47855
Previous versions of pw(8) wouldn't chmod the home directory if it
already existed prior to user creation, rendering adduser(8) -M
ineffective in some cases. Add a test to cover that situation.
PR: 280099
Reviewed by: kevans
The adduser(8) prompt allows one to set the mode of a new home
directory, but pw(8) doesn't honor the -M mode if the home directory
already exists at creation time. It doesn't seem to make sense to
ignore the mode (which may lead to a security issue on the system being
configured) when we'll happily chown an existing directory, so fix the
inconsistency.
PR: 280099
Reviewed by: des, jlduran (previous version)
Differential Revision: https://reviews.freebsd.org/D46443
- When forwaring a message, don't assume that f->f_num_addr_fds > 0.
- Avoid calling free() on a stack-allocated object.
Fixes: 4ecbee2760 ("syslogd: Open forwarding socket descriptors")
Fixes: f4b4a10abb ("syslogd: Move selector parsing into its own function")
Reviewed by: jfree
Differential Revision: https://reviews.freebsd.org/D47844
Add support for the AE Flag in the TCP header to pf and ppp.
Commonalize to the use of "E"(ECE), "W"(CWR) and "e"(AE)
for the TCP header flags, in line with tcpdump.
Reviewers: kp, cc, tuexen, cy, #transport!
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D47106
Formally, there are 12 bits for TCP header flags.
Use the accessor functions in more (kernel) places.
No functional change.
Reviewed By: cc, #transport, cy, glebius, #iflib, kbowling
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D47063
The basic case previously tested if messages are correctly logged over
UNIX, INET, and INET6 transport. This single case can be split up into
three separate cases to decrease code complexity and offer more granular
results.
Both INET and INET6 cases will be skipped if the kernel does not
support the corresponding transport.
Reviewed by: zlei, markj
Differential Revision: https://reviews.freebsd.org/D47650
Test communication between hosts by setting up two syslogd instances,
each binded to their own addresses, and sending a message from one to
the other. The tests passes if the message was delivered and logged
successfully.
This required some tweaking to the syslogd start and stop routines so
they could handle launching multiple syslogd instances with different
runtime files.
Run the tests in jails with an isolated VNET so they don't fail due to
an address bind collision in the host's VNET.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D47649
