The functions g_eli_init_uma and g_eli_fini_uma are used to trace
the number of devices in GELI. There is an issue where the g_eli_create
function may fail before g_eli_init_uma is called, however
g_eli_fini_uma is still executed in the fail path. This can
incorrectly decrease the device count to zero, potentially leading to
the UMA pool being freed. Accessing the device after the pool has been
freed causes a system panic.
This commit resolves the issue by ensuring devices count is increassed
eariler.
PR: 278828
Reported by: Andre Albsmeier <mail@fbsd2.e4m.org>
Reviewed by: asomers
MFC after: 3 days
Approved by: re (cperciva)
Differential Revision: https://reviews.freebsd.org/D45225
(cherry picked from commit 4b3141f5d5373989598f9447ab5a9f87e2d1c9fb)
(cherry picked from commit ea5a708625)
Add option to send fragmented packets and to properly sniff them by
reassembling them by the sniffer itself.
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D42354
(cherry picked from commit d7c9de2d68ca81c557e069c2b431529cf597886c)
pf: Fix packet reassembly
Don't drop fragmented packets when reassembly is disabled, they can be
matched by rules with "fragment" keyword. Ensure that presence of scrub
rules forces old behaviour.
Reviewed by: kp
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D42355
(cherry picked from commit ede5d4ff5b39ccbc193c30fb6c093c7c4de9a464)
pf: Update documentation regarding matching, scrubbing and reassembly
Update pf documentation:
- default behaviour of fragment reassembly
- introduction of scrub option for filter rules
- disadvantages of using the old scrub ruleset
- options supported for match rules
- fix missing list block end
- remove duplicate description of match filter rule
- update example to modern syntax
Reviewed by: kp
Fragments obtained from: OpenBSD
Sponsored by: InnoGames GmbH
Differential Revision: https://reviews.freebsd.org/D42270
(cherry picked from commit 5ed470bdb9da6442d6030cf0a7a8493f759fbb43)
Reported by: Jenkins
Fixes: 43b4da44118e ("ptrace tests: Add a test using PROC_REAP_KILL to kill a traced debuggee")
(cherry picked from commit 77c3e564b4b65443a9d3298e0aec4c1387acd55e)
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D44599
(cherry picked from commit b1fd95c9e24791d44593e611406b41e57826a5b8)
tarfs: Ignore global extended headers.
Previously, we would error out if we encountered a global extended
header, because we don't know what it means. This doesn't really
matter though, and traditionally, tar implementations have either
ignored them or treated them as plain files, so just ignore them.
This allows tarfs to mount tar files created by `git archive`.
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D44600
(cherry picked from commit 584e1c355ae3c994331005b7196cc87a714e5317)
tarfs: Fix 32-bit build.
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D44613
(cherry picked from commit 0238d3711d9b888f678fce4274eccc9175168395)
Capability rights passed to cap_rights_* are not simple bitmaks and
cannot be ORed together in general (although it will work for certain
subsets of rights).
PR: 277057
Fixes: e5e1d9c7b7 ("path_test: Add a test case for...")
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 8d1348f55aed6873f34f54bc3b275b73ef0ff66d)
Add tests for adding a route using an interface only (without an IP
address).
Reviewed by: rcm
Approved by: kp (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D41436
(cherry picked from commit 1db64f89363c97858961c4df0b7d02f3223723cf)
* Reject hard or soft links with an empty target path. Currently, a
debugging kernel will hit an assertion in tarfs_lookup_path() while
a non-debugging kernel will happily create a link to the mount root.
* Use a temporary variable to store the result of the link target path,
and copy it to tnp->other only once we have found it to be valid.
Otherwise we error out after creating a reference to the target but
before incrementing the target's reference count, which results in a
use-after-free situation in the cleanup code.
* Correctly return ENOENT from tarfs_lookup_path() if the requested
path was not found and create_dirs is false. Luckily, existing
callers did not rely solely on the return value.
MFC after: 3 days
PR: 277360
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: sjg
Differential Revision: https://reviews.freebsd.org/D44161
(cherry picked from commit 38b3683592d4c20a74f52a6e8e29368e6fa61858)
tarfs: Improve validation of numeric fields.
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: sjg, allanjude
Differential Revision: https://reviews.freebsd.org/D44166
(cherry picked from commit 8427d94ce05682abb6c75e2a27c8c497962c0dc5)
tarfs: Avoid overflow in exthdr calculation.
MFC after: 3 days
PR: 277420
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D44202
(cherry picked from commit c291b7914e1db9469cc820abcb1f5dde7a6f7f28)
tarfs: Remove unnecessary hack and obsolete comment.
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D44203
(cherry picked from commit e212f0c0666e7d3a24dce03b8c88920d14b80e47)
tarfs: Fix checksum calculation.
The checksum code assumed that struct ustar_header filled an entire
block and calculcated the checksum based on the size of the structure.
The header is in fact only 500 bytes long while the checksum covers
the entire block (“logical record” in POSIX terms). Add padding and
an assertion, and clean up the checksum code.
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D44226
(cherry picked from commit 0118b0c8e58a438a931a5ce1bf8d7ae6208cc61b)
tarfs: Factor out common test code.
MFC after: 3 days
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: allanjude
Differential Revision: https://reviews.freebsd.org/D44227
(cherry picked from commit 32b8aac6f9b77a1c4326083472d634e5de427547)
tarfs: Fix checksum on 32-bit platforms.
MFC after: 3 days
Fixes: b56872332e47786afc09515a4daaf1388da4d73c
Sponsored by: Juniper Networks, Inc.
Sponsored by: Klara, Inc.
Reviewed by: bapt
Differential Revision: https://reviews.freebsd.org/D44261
(cherry picked from commit cbddb2f02c7687d1039abcffd931e94e481c11a5)
If a file system's on-disk format does not support st_birthtime, it
isn't clear what value it should return in stat(2). Neither our man
page nor the OpenGroup specifies. But our convention for UFS and
msdosfs is to return { .tv_sec = -1, .tv_nsec = 0 }. fusefs is
different. It returns { .tv_sec = -1, .tv_nsec = -1 }. It's done that
ever since the initial import in SVN r241519.
Most software apparently handles this just fine. It must, because we've
had no complaints. But the Rust standard library will panic when
reading such a timestamp during std::fs::metadata, even if the caller
doesn't care about that particular value. That's a separate bug, and
should be fixed.
Change our invalid value to match msdosfs and ufs, pacifying the Rust
standard library.
PR: 276602
Sponsored by: Axcient
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D43590
(cherry picked from commit 55b80e2ca52c4b27c4920d372a6e71ac9ab7da9e)
If a copy_file_range operation tries to read from a page that was
previously written via mmap, that page must be flushed first.
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D43451
(cherry picked from commit 1c909c300b92601f7690610097ac98126caff835)
Based on the test case submitted by Andreas Bock for PR 275286.
PR: 275286
MFC after: 2 weeks
(cherry picked from commit f5463265955b829775bbb32e1fd0bc11dafc36ce)
Otherwise we get spurious test failures when running tests in parallel.
The intent here was to name jails after the tests, but this was done
incorrectly in a couple of places.
MFC after: 1 week
(cherry picked from commit 001c48b4139ff6f07de70a16518161dcea5598b9)
This one has been commented out since the initial commit, but doesn't
appear to pose any problems.
MFC after: 1 week
(cherry picked from commit 3f73fbb0acd4131b08dba4f7590061826ab08df1)
This would previously return 1 if the slave side of the pts was closed
to force an application to read() from it and observe the EOF, but it's
not clear why and this is inconsistent both with how we handle devices
with similar mechanics (like pipes) and also with other kernels, such as
OpenBSD/NetBSD and Linux.
PR: 239604
Reviewed by: kib
(cherry picked from commit 30189156d325fbcc9d1997d791daedc9fa3bed20)
When this functionality was moved to libifconfig in 3dfbda3401,
the end of list calculation was modified for unknown reasons, practically
limiting the number of bridge member returned to (about) 102.
This patch changes the calculation back to what it was originally and
adds a unit test to verify it works as expected.
Reported by: Patrick M. Hausen (via ML)
Reviewed by: kp
Approved by: kp
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D43135
(cherry picked from commit 3d36053ca6d6a17d408c8f92c504e6135dc9d8df)
The bug isn't fusefs-specific, but this is the easiest way to reproduce
it.
PR: 276191
Differential Revision: https://reviews.freebsd.org/D43446
Reviewed by: kib
(cherry picked from commit 6b1c534927ad47e9b0dd8be1a39f56c3ea813d44)
If ZFS reports that a disk had at least 8 I/O operations over 60s that
were each delayed by at least 30s (implying a queue depth > 4 or I/O
aggregation, obviously), fault that disk. Disks that respond this
slowly can degrade the entire system's performance.
Sponsored by: Axcient
Reviewed by: delphij
Differential Revision: https://reviews.freebsd.org/D42825
(cherry picked from commit d565784a7ebaa59e26febdcfd4a60329786ea5f5)
I'm not sure exactly why, but these tests consistently fail when run in
parallel. Serialize them for now.
MFC after: 1 week
(cherry picked from commit 8b57b2a98b641794538980aed2cd16c94aedaf4d)
Building tests/sys/fs/fusefs with clang 18 results the following
warning:
tests/sys/fs/fusefs/cache.cc:145:14: error: variable length arrays in C++ are a Clang extension [-Werror,-Wvla-cxx-extension]
145 | uint8_t buf[bufsize];
| ^~~~~~~
Because we do not particularly care that this is a clang extension,
suppress the warning.
MFC after: 3 days
(cherry picked from commit dc0b4094abf6784bf1a9492c2fea3fb91116b014)
Replace int with either size_t or ssize_t (depending on context) in
order to support bit strings up to SSIZE_MAX bits in length. Since
some of the arguments that need to change type are pointers, we must
resort to light preprocessor trickery to avoid breaking existing code.
MFC after: 3 weeks
Sponsored by: Klara, Inc.
Reviewed by: kevans
Differential Revision: https://reviews.freebsd.org/D42698
(cherry picked from commit c56f45f2a9da7d989b79fd6c34b63100609ff9ae)
In my test suite runs I occasionally see shutdown(2) fail with
ECONNRESET rather than ENOTCONN. soshutdown(2) will return ENOTCONN if
the socket has been disconnected (synchronized by the socket lock), and
tcp_usr_shutdown() will return ECONNRESET if the inpcb has been dropped
(synchronized by the inpcb lock). I think it's possible to pass the
first check in soshutdown() but fail the second check in
tcp_usr_shutdown(), so modify the KTLS tests to permit this.
Reviewed by: jhb
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D42277
(cherry picked from commit b08a9b86f581edf09c5a2729d877a0204499685b)
When we create a new state for multihomed sctp connections (i.e.
based on INIT/INIT_ACK or ASCONF parameters) we cannot know what
interfaces we'll be seeing that traffic on. Make those states floating,
irrespective of state policy.
MFC after: 1 week
Sponsored by: Orange Business Services
(cherry picked from commit 0fe663b2a815dcb41431543940ec51408f418392)
Dummynet re-injects an mbuf with MTAG_IPFW_RULE added, and the same mtag
is used by divert(4) as parameters for packet diversion.
If according to pf rule set a packet should go through dummynet first
and through ipdivert after then mentioned mtag must be removed after
dummynet not to make ipdivert think that this is its input parameters.
At the very beginning ipfw consumes this mtag what means the same
behavior with tag clearing after dummynet.
And after fabf705f4b5a pf passes parameters to ipdivert using its
personal MTAG_PF_DIVERT mtag.
PR: 274850
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D42609
(cherry picked from commit fe3bb40b9e807d4010617de1ef040ba3aa623487)
Resolved conflict between ipfw and pf if both are used and pf wants to
do divert(4) by having separate mtags for pf and ipfw.
Also fix the incorrect 'rulenum' check, which caused the reported loop.
While here add a few test cases to ensure that divert-to works as
expected, even if ipfw is loaded.
divert(4)
PR: 272770
MFC after: 3 weeks
Reviewed by: kp
Differential Revision: https://reviews.freebsd.org/D42142
(cherry picked from commit fabf705f4b5aff2fa2dc997c2d0afd62a6927e68)
The initial multihome implementation was a little simplistic, and failed
to create all of the required states. Given a client with IP 1 and 2 and
a server with IP 3 and 4 we end up creating states for 1 - 3 and 2 - 3,
as well as 3 - 1 and 4 - 1, but not for 2 - 4.
Check for this.
MFC after: 1 week
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D42362
(cherry picked from commit 483d5c4075e06e52d5daa23aef2b4f4a2eb64443)
Fixes: d8735eb7acc0 ("socket tests: Add a regression test for ktrace+recv(MSG_TRUNC)")
Reported by: Jenkins
(cherry picked from commit 4bd1e19684945aa1fd3397b58613f5210fda9091)
This provides a regression test for commit abca3ae7734f.
Add it to the existing v4-mapped address test file, and rename
accordingly.
Reviewed by: tuexen, karels, rrs
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D39216
(cherry picked from commit ae5c3dfd3e75bb287984947359d4f958aea505ec)
- Fix style.
- Move test case-specific code out of the shared function and into the
individual test cases.
- Remove unneeded setting of SO_REUSEPORT.
- Avoid unnecessary copying.
- Use ATF_REQUIRE* instead of ATF_CHECK*. The former cause test
execution to stop after a failed assertion, which is what we want.
- Add a test case for AF_LOCAL/SOCK_SEQPACKET sockets.
MFC after: 1 week
(cherry picked from commit b5e7dbac756afb49c58315c7081737b34a1d2dfd)
If a request ends up growing beyong the initially allocated space the
netlink functions (such as snl_add_msg_attr_u32()) will allocate a
new buffer. This invalidates the header pointer we can have received
from snl_create_msg_request(). Always use the hdr returned by
snl_finalize_msg().
Reviewed by: melifaro
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D42223
(cherry picked from commit 4f8f43b06ed07e96a250855488cc531799d5b78f)
In the Mknod.parent_inode test case, the kernel sends an extra
FUSE_FORGET message. But because it gets sent asynchronously with the
failing syscall, it doesn't always get received before the test ends.
So we never setup an expectation for it. And 90+% of the time the test
would exit successfully.
Fix the intermittency by always waiting to receive the FUSE_FORGET
message.
Sponsored by: Axcient
(cherry picked from commit 86885b18689889e9b9142fd31d8c67f21334ba32)
Fix intermittency in the sys.fs.fusefs.symlink.main test
This change is identical to 86885b18689 but for symlink instead of
mknod. The kernel sends a FUSE_FORGET asynchronously with the final
syscall. The lack of an expectation caused this test to occasionally
fail.
Also, remove a sleep that accidentally snuck into a different test.
Sponsored by: Axcient
(cherry picked from commit 8399d764c929a4b2fa98dbfae0ca7359810e4668)
If VOP_READLINK returns a path that contains a NUL, it will trigger an
assertion in vfs_lookup. Sanitize such paths in fusefs, rejecting any
and warning the user about the misbehaving server.
PR: 274268
Sponsored by: Axcient
Reviewed by: mjg, markj
Differential Revision: https://reviews.freebsd.org/D42081
(cherry picked from commit 662ec2f781521c36b76af748d74bb0a3c2e27a76)
Client one is supposed to be assigend 198.51.100.2, but sometimes it
loses the race and the address ends up assigned to client two. When this
happened one would try to ping itself, which failed because the loopback
interface isn't up.
Ideally we'd generate static address assignments, but that would
complicate the test. Activate loopback interfaces so the test always
passes, and just try to ping both possible addresses.
MFC after: 1 week
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 956a46311462423f97b2410065f8caff2c630701)
If we're evaluating a pfsync'd state (and have different rules on both
ends) our state may point to the default rule, which does not have
rpool.cur set. As a result we can end up dereferencing a NULL pointer.
Explicitly check for this when we try to re-construct the route-to interface.
Also add a test case which can trigger this issue.
MFC after: 3 days
See also: https://redmine.pfsense.org/issues/14804
Sponsored by: Rubicon Communications, LLC ("Netgate")
(cherry picked from commit 74c2461386ea5eeb41e674df6b16a44b0509a882)
When using cached attributes, we must update a file's atime during
close, if it has been read since the last attribute refresh. But,
* Don't update atime if we lack write permissions to the file or if the
file system is readonly.
* If the daemon fails our atime update request for any reason, don't
report this as a failure for VOP_CLOSE.
PR: 270749
Reported by: Jamie Landeg-Jones <jamie@catflap.org>
Sponsored by: Axcient
Reviewed by: pfg
Differential Revision: https://reviews.freebsd.org/D41925
(cherry picked from commit fb619c94c679e939496fe0cf94b8d2cba95e6e63)
fusefs: fix unused variables from fb619c94c67
PR: 270749
Reported by: cy
Sponsored by: Axcient
(cherry picked from commit e5236d25f2c0709acf3547e6af45f4bb4eec4f02)
The test tries to trigger creation of a superpage mapping in an
mlock()ed region.
MFC after: 2 weeks
(cherry picked from commit 8f26ed01bd74aab21309ac04ae1d1368a6346c90)
pf can now mark shut down multihomed connections shutting down. Verify
that pf does the right thing.
MFC after: 3 weeks
Sponsored by: Orange Business Services
(cherry picked from commit 97340b68d18bbbdebf0f73ed900c5a33894061dd)
The SCTP server will announce multiple addresses. Block one of them with
pf, connect to the other have the client use the blocked address. pf
is expected to have created state for all of the addresses announced by
the server.
In a separate test case add the secondary (client) IP after the
connection has been established. The intent is to verify the
functionality of the ASCONF chunk parsing.
MFC after: 3 weeks
Sponsored by: Orange Business Services
Differential Revision: https://reviews.freebsd.org/D41638
(cherry picked from commit 1a28d5fea7edf200c37d14f7ed5865910664ec3d)
