For every state pf creates up to two source nodes: a limiting one
struct pf_kstate -> src_node and a NAT one struct pf_kstate -> nat_src_node.
The limiting source node is tracking information needed for limits using
max-src-states and max-src-nodes and the NAT source node is tracking NAT
rules only.
On closer inspection some issues emerge:
- For route-to rules the redirection decision is stored in the limiting source
node. Thus sticky-address and source limiting can't be used separately.
- Global source tracking, as promised in the man page, is totally absent from
the code. Pfctl is capable of setting flags PFRULE_SRCTRACK (enable source
tracking) and PFRULE_RULESRCTRACK (make source tracking per rule). The kernel
code checks PFRULE_SRCTRACK but ignores PFRULE_RULESRCTRACK. That makes
source tracking work per-rule only.
This patch is based on OpenBSD approach where source nodes have a type and each
state has an array of source node pointers indexed by source node type
instead of just two pointers. The conditions for limiting are applied
only to source nodes of PF_SN_LIMIT type. For global limit tracking
source nodes are attached to the default rule.
Reviewed by: kp
Approved by: kp (mentor)
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D39880
Clarify the RETURN VALUES section with improved structure,
the condition of the return value 0, and the setting of errno.
PR: 174581
Reviewed by: jhb, ziaee
Approved by: mhorne (mentor)
Differential Revision: https://reviews.freebsd.org/D48955
Support for the partition types is still retained so that tools can
display existing partitions.
Reviewed by: imp, emaste
Differential Revision: https://reviews.freebsd.org/D48535
- We should autoload vmm.ko when creating a VM with vm_openf(), to
preserve behaviour prior to commit 99127fd103.
- kldload(2) returns a non-zero value upon success, so the existing code
was wrong.
Reviewed by: jhb
Reported by: olivier
Fixes: 99127fd103 ("libvmmapi: Use the vmmctl device file to create and destroy VMs")
Differential Revision: https://reviews.freebsd.org/D48797
The SO_SETFIB option can be used to set a socket's FIB number, but there
is no way to retrieve it. Rename SO_SETFIB to SO_FIB and implement a
handler for it for getsockopt(2).
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D48834
Remove extra slashes that end up in the metalog. These double slashes
can produce an invalid specification file if there are subdirectories
down the hierarchy when sorted.
For example, consider the following metalog excerpt:
./base/aaa type=dir
./base//aaa/bbb type=dir
If sorted, would turn out:
./base//aaa/bbb type=dir
./base/aaa type=dir
Apparently missing the ./base/aaa directory in the specification.
Luckily here are no subdirectories.
Reviewed by: imp, emaste
Approved by: emaste (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D48779
Remove an extra slash that ends up in the metalog. This double slash
can produce an invalid specification file if there are subdirectories
down the hierarchy when sorted.
For example, consider the following metalog excerpt:
./base/aaa type=dir
./base//aaa/bbb type=dir
If sorted, would turn out:
./base//aaa/bbb type=dir
./base/aaa type=dir
Apparently missing the ./base/aaa directory in the specification.
Luckily here are no subdirectories.
Reviewed by: imp, emaste
Approved by: emaste (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D48778
The uncommented #ifdef _KERNEL originates from 1997 by wollman@ (see
57bf258e3d) with no clear original reason. Since these old times two
abusers of the header leak were created - libprocstat(3) and netstat(1).
These two already have a lot of _WANT_FOO hacks, so satisfy them with
_WANT_PROTOSW.
While here, cleanup and sort forward declaraions.
The rpc(3) itself was not designed with multithreading in mind, but we can
actually achieve some parallelism without modifying the library and the
framework. This transport will allow to process RPCs in threads, with
some hacks on the application side (documented in code). We make
reentrable only one method - SVC_REPLY(). Reading and parsing of incoming
calls is still done synchronously. But the actual processing of the calls
can be offloaded to a thread, and once finished the thread can safely
execute svc_sendreply() and the reply would be sent with the correct xid.
Differential Revision: https://reviews.freebsd.org/D48569
To be used by NFS related daemons that provide RPC services to the kernel.
Some implementation details inside the new svc_nl.c.
Reviewed by: rmacklem
Differential Revision: https://reviews.freebsd.org/D48550
This returns an nvlist indicating if a Fabrics host is connected and
the time of the most recent disconnection.
Reviewed by: imp
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D48219
UFS1 uses a signed 32-bit value for its times. Zero is
January 1, 1970 UTC. Negative values of 32-bit time predate
January 1, 1970 back to December 13, 1901. The maximum positive
value for 32-bit time is on January 19, 2038 (my 84th birthday).
On that date, time will go negative and start registering from
December 13, 1901. Note that this issue only affects UFS1 filesystems
since UFS2 has 64-bit times. This fix changes UFS1 times from
signed to unsigned 32-bit values. With this change it will no longer
be possible to represent time from before January 1, 1970, but it
will accurately track time until February 7, 2106. Hopefully there
will not be any FreeBSD systems using UFS1 still in existence by
that time (and by then I will have been dead long enough that no-one
will know at whom to yell :-).
It is possible that some existing UFS1 systems will have set times
predating January 1, 1970. With this commit they will appear as
later than the current time. This commit checks inode times when
they are read into memory and if they are greater than the current
time resets them to the current time. By default this reset happens
silently, but setting the sysctl vfs.ffs.prttimechgs=1 will cause
console messages to be printed whenever a future time is changed.
Reviewed-by: kib
Tested-by: Peter Holm
MFC-after: 1 week
Differential Revision: https://reviews.freebsd.org/D48472
These are similar to warnc() and errc() in that they take an explicit
error code instead of using the value of the errno global.
Reviewed by: mav, asomers
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D48648
Previously, a NULL pointer value was used to request the root0 device
at the top of the device tree. However, this meant that resource
ranges from a rman with a NULL device pointer were annotated as being
owned by root0 instead of being unowned. Switch to a different value
for root0's sentinel to avoid the clash.
Since this is an ABI change, bump the SHLIB_MAJOR for libdevinfo to 7.
Reported by: jrtc27
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D48675
For the hypothetic situation where crtbegin.o is not linked into the
binary, but crtend.o is, which results in the missing starting sentinel
in the ctors array, be careful to not iterate past the start of the
section.
Reviewed by: andrew, dim
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D48700
not relying only on the end section marker, but also checking for the
section size when iterating.
Reported by: kargl
Analyzed by: dim
Reviewed by: andrew, dim
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D48700
Each program that operates on UFS on-disk inodes defines its own
version of a dinode. They all (of necessity) define the same
layout but use different names. This change adds a definition of
a dinode (a union of a UFS1 on-disk inode and a UFS2 on-disk inode)
as well as a dinodep (a union of a pointer to a UFS1 on-disk inode
and a pointer to a UFS2 on-disk inode) in sys/ufs/ufs/dinode.h.
It then deletes the definitions of dinode and dinodep in all the
programs that operate on them and instead uses these standard
definitions.
No functional change intended.
MFC-after: 1 week
- Add fstatfs(), fchdir(), fchroot(), extattr_*_fd(), cap_*_get(),
cap_*_limit() to the list of syscalls that can take an O_PATH fd.
- Remove readlinkat() from the list, since it is already discussed
in the first few lines of the paragraph. It was originally added
to the list when readlinkat() adds support for non-dir fd with
an empty relative path (as if with AT_EMPTY_PATH), however,
such use case is also discussed in the next paragraph.
- Add funlinkat() to the list, since it accepts an extra fd
(of the file to be unlinked), which is worth extra mentioning.
- Fix a syntax issue which causes a bogus space to be rendered
before a closing parentheses.
Signed-off-by: CismonX <admin@cismon.net>
Reviewed by: markj, jhb
MFC after: 2 weeks
Pull Request: https://github.com/freebsd/freebsd-src/pull/1564
While here, use isxdigit(3) instead of a home-rolled version.
Reviewed by: mav, asomers
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D48593
Save more data associated with a new association including the network
address of the remote controller. This permits reconnecting an
association without providing the address or other details. To use
this new mode, provide only an existing device ID to nvmecontrol's
reconnect command. An address can still be provided to request a
different address or other different settings for the new association.
The saved data includes an entire Discovery Log page entry to aim to
be compatible with other transports in the future. When a remote
controller is connected to via a Discovery Log page entry (nvmecontrol
connect-all), the raw entry is used. When a remote controller is
connected to via an explicit address, an entry is synthesized from the
parameters.
Note that this is a pseudo-ABI break for the ioctls used by nvmf(4) in
that the nvlists for handoff and reconnect now use a slightly
different set of elements. Since this is only present in main I did
not bother implementing compatability shims.
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D48214
As suggested by henning.
Which unbreaks ie route-to after the recent pf changes.
With much help debugging and pointing out of missing bits from claudio@
ok claudio@ "looks good" henning@
Obtained from: OpenBSD, jsg <jsg@openbsd.org>, 7fa5c09028
Sponsored by: Rubicon Communications, LLC ("Netgate")
This uses DES and it's likely that nobody uses that in 2025.
If somebody uses this we help them by deprecating and removing this.
Reviewed by: bapt, emaste
Differential Revision: https://reviews.freebsd.org/D30683
gpg supports SHA384, SHA512 as well as SHA256 so allow for them.
Tweak Makefile.inc so we can build libsecureboot with only OpenPGP
trust anchors.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D48546
- Use GETENTROPY_MAX instead of hard-coding the value.
- Check for EINVAL instead of EIO
Fixes: 473681a1a5 ("libc: Fix getentropy POSIX 2024 conformance issues")
GETENTROPY_MAX should be defined in limits.h. EINVAL is the return
value for buflen > GETENTROPY_MAX.
PR: 282783
Reviewed by: markj, asomers, jhb
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47689
Commit bea89d038a added strlcat but also introduced a memchr wrapper
in the source tree rather than using the autogenerated one used for
AARCH64_STRING_FUNCS. Move memchr.S to MDSRS and add a cleanup rule for
the old wrapper.
Reviewed by: fuz
Sponsored by: The FreeBSD Foundation
Fixes: bea89d038a ("lib/libc/aarch64/string: add strlcat SIMD implementation")
Differential Revision: https://reviews.freebsd.org/D48502
POSIX used to specify that munmap shall fail with EINVAL if the addr
argument is not a multiple of the page size, but that was changed to
may fail. Note that we conform to contemporary POSIX and include a
brief note for portable programs.
Reviewed by: brooks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D48481
Try to fetch events from nlsysevent or devd to determine when
to scan the usb bus for devices addition or removal.
if none are available fallback on the regular timer based (4s)
scanner
if devd socket or netlink socket is closed or error fallback on the
timer based method.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D48300
Just as we did in the kernel in e9255dafa1
Suggested by: glebius
Reviewed by: glebius, melifaro
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D48460
Our SIMD-enhanced strlen() implementation for AArch64 uses
a floating-point comparison to compare a bit mask to zero.
This works fine under normal circumstances, but fails if
the FZ (flush-to-zero) flag is set in FPCR (the floating-point
control register) as then the CPU no longer distinguishes
denormals from zero.
This was not caught during testing; this flag is rarely set
and programs that do so rarely perform string manipulation.
Avoid this problem by using an integer comparison instead.
The performance impact seems to be small (about 0.5 %) on
the Windows 2023 Dev Kit, but seems to be more significant
(up to around 19%) on the RPi 5.
Reviewed by: getz
Fixes: 3863fec1ce
Differential Revision: https://reviews.freebsd.org/D48442
We previously claimed that non-page-aligned addresses would return
EINVAL, but the address is in fact rounded down to the page boundary.
Reported by: Harald Eilertsen <haraldei@anduin.net>
Reviewed by: brooks
Sponsored by: The FreeBSD Foundation
Fixes: dabee6fecc ("kern_descrip.c: add fdshare()/fdcopy()")
Differential Revision: https://reviews.freebsd.org/D48465
Use NULL instead of 0 for null pointer.
Use != 0 for non-bool, as in the rest of the function.
Remove unneeded ().
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Otherwise libthr::_get_curthread() returns a garbage kept there from
allocate_initial_tls(), until libthr initialization proceeds enough to
set initial pcb->pcb_thread. The garbage pcb_thread was dereferenced
as struct pthread and some memory read as TID. Since the read might not
be consistent between reads, thr_malloc_umtx unlock sometimes returned
EPERM instead of clearing the lock word.
Reported by: markj
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
There are more complex interactions between malloc and libthr
initialization that can happen if libthr functions are called from ELF
object' constructors, before libthr is initialized. Break the
dependencies loop by using the private allocator with controlled init.
Reported by: yuri
Reviewed by: markj, olce
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D48454
the return value is ignored.
Reviewed by: markj, olce
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D48454
